Formmail, may not be a formal term, takes the inputs in the html form and
email
the contents to some people.
Here is a quick sample I found on the Web....
<?php
/* PHP Form Mailer - easy, secure form mail:
phpFormMailer v2.6
last updated 2nd Dec 2009 - check back often for updates!
(easy to use and more secure than many cgi form mailers) FREE from:
www.TheDemoSite.co.uk
Should work fine on most Unix/Linux platforms
for a Windows version see: asp.thedemosite.co.uk
*/
// ------- three variables you MUST change below
-------------------------------------------------------
$replyemail="you@your--domain"; //change to your email address
$valid_ref1="http://thedemosite.co.uk/contact.html";; //chamge to your domain
name
$valid_ref2="http://www.thedemosite.co.uk/contact.html";; //chamge to your
domain name
// -------- No changes required below here
-------------------------------------------------------------
//
// email variable not set - load $valid_ref1 page
if (!isset($_POST['email']))
{
echo "<script language=\"JavaScript\"><!--\n ";
echo "top.location.href = \"$valid_ref1\"; \n// --></script>";
exit;
}
$ref_page=$_SERVER["HTTP_REFERER"];
$valid_referrer=0;
if($ref_page==$valid_ref1) $valid_referrer=1;
elseif($ref_page==$valid_ref2) $valid_referrer=1;
if((!$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//you can change this
but remember to change it in the contact form too
{
echo '<h2>ERROR - not sent.';
if (file_exists("debug.flag")) echo '<hr>"$valid_ref1" and "$valid_ref2" are
incorrect within the file:<br>
contact_process.php <br><br>On your
system these should be set to: <blockquote>
$valid_ref1="'.str_replace("www.","",$ref_page).'"; <br>
$valid_ref2="'.$ref_page.'";
</blockquote></h2>Copy and paste the two lines above
into
the file: contact_process.php <br> (replacing the existing variables and
settings)';
exit;
}
//check user input for possible header injection attempts!
function is_forbidden($str,$check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/mime-version/';
$patterns[2] = '/multipart/';
$patterns[3] = '/Content-Transfer-Encoding/';
$patterns[4] = '/to:/';
$patterns[5] = '/cc:/';
$patterns[6] = '/bcc:/';
$forbidden = 0;
for ($i=0; $i<count($patterns); $i++)
{
$forbidden = preg_match($patterns[$i], strtolower($str));
if ($forbidden) break;
}
//check for line breaks if checking all patterns
if ($check_all_patterns AND !$forbidden) $forbidden =
preg_match("/(%0a|%0d|\\n+|\\r+)/i", $str);
if ($forbidden)
{
echo "<font color=red><center><h3>STOP! Message not sent.</font></h3><br><b>
The text you entered is forbidden, it includes one or more of the
following:
<br><textarea rows=9 cols=25>";
foreach ($patterns as $key => $value) echo trim($value,"/")."\n";
echo "\\n\n\\r</textarea><br>Click back on your browser, remove the above
characters and try again.
</b><br><br><br><br>Thankfully protected by phpFormMailer freely
available from:
http://thedemosite.co.uk/phpformmailer/\";>http://thedemosite.co.uk/phpformmailer/";;
exit();
}
}
foreach ($_REQUEST as $key => $value) //check all input
{
if ($key == "themessage") is_forbidden($value, false); //check input except
for line breaks
else is_forbidden($value);//check all
}
$name = $_POST["name"];
$email = $_POST["email"];
$thesubject = $_POST["thesubject"];
$themessage = $_POST["themessage"];
$success_sent_msg='<p align="center"><strong> </strong></p>
<p align="center"><strong>Your message has been successfully
sent to us<br>
</strong> and we will reply as soon as possible.</p>
<p align="center">A copy of your query has been sent to
you.</p>
<p align="center">Thank you for contacting us.</p>';
$replymessage = "Hi $name
Thank you for your email.
We will endeavour to reply to you shortly.
Please DO NOT reply to this email.
Below is a copy of the message you submitted:
--------------------------------------------------
Subject: $thesubject
Query:
$themessage
--------------------------------------------------
Thank you";
$themessage = "name: $name \nQuery: $themessage";
mail("$replyemail",
"$thesubject",
"$themessage",
"From: $email\nReply-To: $email");
mail("$email",
"Receipt: $thesubject",
"$replymessage",
"From: $replyemail\nReply-To: $replyemail");
echo $success_sent_msg;
/*
PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi
form mailers)
FREE from:
www.TheDemoSite.co.uk */
?>
________________________________
From: Vincent Massol <[email protected]>
To: XWiki Users <[email protected]>
Sent: Fri, January 28, 2011 11:06:56 AM
Subject: Re: [xwiki-users] using PHP on Xwiki farm?
On Jan 28, 2011, at 12:57 PM, Weihsing Wang wrote:
> Hi, Vincent,
> Thanks for the answer.
> I am interested in formmail function using PHP, is there a proper and safe
> solution on XWiki already?
No idea what formmail does.
Thanks
-Vincent
> ________________________________
> From: Vincent Massol <[email protected]>
> To: XWiki Users <[email protected]>
> Sent: Fri, January 28, 2011 1:33:44 AM
> Subject: Re: [xwiki-users] using PHP on Xwiki farm?
>
> Hi Weihsing,
>
> On Jan 28, 2011, at 2:00 AM, Weihsing Wang wrote:
>
>> Hi, Vincent,
>> How to set up PHP on XWiki farm? Not my own server. Is it possible?
>> Wei-hsing Wang
>
> Since you asked for a wiki on myxwiki.org I guess the question is whether you
> can use it on that farm. The answer is no. The reason is that we're not
>allowing
>
> users to use script macros such as PHP, jython, ruby and groovy. Only the
> Velocity macro is made available. The reason is that those script macros are
> very powerful and anyone could easily break the security of the farm or do
> dangerous things (like wipe all data on the server's hard disk for example).
> Thus we've not giving programming rights to users on the myxwiki farm.
>
> In the future we'll be working on defining a way to be able to restrict what
>you
>
> can with programming languages so that only edit rights would be necessary to
> use them in a "sandbox mode" but we're not there yet.
>
> Right now the only way for you to use the PHP macro is by installing XWiki
> Enterprise or XWiki Enterprise Manager on your own machines (and thus have
> programming rights).
>
> Sorry about that.
>
> Thanks
> -Vincent
>
>> _______________________________
>> From: Vincent Massol <[email protected]>
>> To: XWiki Users <[email protected]>
>> Sent: Mon, January 24, 2011 1:26:51 PM
>> Subject: Re: [xwiki-users] using PHP on Xwiki farm?
>>
>> Hi,
>>
>> On Jan 24, 2011, at 5:34 PM, Weihsing Wang wrote:
>>
>>> The "php" macro is not in the list of registered macros.
>>> Verify the spelling or contact your administrator.
>>> How to use PHP on XWiki farm site?
>>
>> The PHP macro is not bundled by default.
>>
>> To use it see:
>> http://extensions.xwiki.org/xwiki/bin/view/Extension/PHP+Macro
>>
>> Thanks
>> -Vincent
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
