On 01/28/2011 05:55 PM, Weihsing Wang wrote: > Formmail, may not be a formal term, takes the inputs in the html form and > email > the contents to some people. >
The same thing can be done inside XWiki using Velocity and the mailsender plugin. > > Here is a quick sample I found on the Web.... > > <?php > /* PHP Form Mailer - easy, secure form mail: > phpFormMailer v2.6 > > last updated 2nd Dec 2009 - check back often for updates! > (easy to use and more secure than many cgi form mailers) FREE from: > > www.TheDemoSite.co.uk > > Should work fine on most Unix/Linux platforms > for a Windows version see: asp.thedemosite.co.uk > */ > > // ------- three variables you MUST change below > ------------------------------------------------------- > > $replyemail="you@your--domain"; //change to your email address > $valid_ref1="http://thedemosite.co.uk/contact.html";; //chamge to your domain > name > > $valid_ref2="http://www.thedemosite.co.uk/contact.html";; //chamge to your > domain name > > > // -------- No changes required below here > ------------------------------------------------------------- > > // > // email variable not set - load $valid_ref1 page > if (!isset($_POST['email'])) > { > echo "<script language=\"JavaScript\"><!--\n "; > echo "top.location.href = \"$valid_ref1\"; \n// --></script>"; > exit; > } > $ref_page=$_SERVER["HTTP_REFERER"]; > $valid_referrer=0; > if($ref_page==$valid_ref1) $valid_referrer=1; > elseif($ref_page==$valid_ref2) $valid_referrer=1; > if((!$valid_referrer) OR ($_POST["block_spam_bots"]!=12))//you can change > this but remember to change it in the contact form too > > { > echo '<h2>ERROR - not sent.'; > if (file_exists("debug.flag")) echo '<hr>"$valid_ref1" and "$valid_ref2" > are incorrect within the file:<br> > > contact_process.php<br><br>On your > system these should be set to:<blockquote> > > > $valid_ref1="'.str_replace("www.","",$ref_page).'";<br> > > > $valid_ref2="'.$ref_page.'"; > > > </blockquote></h2>Copy and paste the two lines above > > > into the file: contact_process.php<br> (replacing the existing variables and > settings)'; > > exit; > } > > //check user input for possible header injection attempts! > function is_forbidden($str,$check_all_patterns = true) > { > $patterns[0] = '/content-type:/'; > $patterns[1] = '/mime-version/'; > $patterns[2] = '/multipart/'; > $patterns[3] = '/Content-Transfer-Encoding/'; > $patterns[4] = '/to:/'; > $patterns[5] = '/cc:/'; > $patterns[6] = '/bcc:/'; > $forbidden = 0; > for ($i=0; $i<count($patterns); $i++) > { > $forbidden = preg_match($patterns[$i], strtolower($str)); > if ($forbidden) break; > } > //check for line breaks if checking all patterns > if ($check_all_patterns AND !$forbidden) $forbidden = > preg_match("/(%0a|%0d|\\n+|\\r+)/i", $str); > > if ($forbidden) > { > echo "<font color=red><center><h3>STOP! Message not > sent.</font></h3><br><b> > The text you entered is forbidden, it includes one or more of the > following: > > <br><textarea rows=9 cols=25>"; > foreach ($patterns as $key => $value) echo trim($value,"/")."\n"; > echo "\\n\n\\r</textarea><br>Click back on your browser, remove the above > characters and try again. > > </b><br><br><br><br>Thankfully protected by phpFormMailer freely > available from: > > > http://thedemosite.co.uk/phpformmailer/\";>http://thedemosite.co.uk/phpformmailer/";; > > exit(); > } > } > > foreach ($_REQUEST as $key => $value) //check all input > { > if ($key == "themessage") is_forbidden($value, false); //check input except > for line breaks > > else is_forbidden($value);//check all > } > > $name = $_POST["name"]; > $email = $_POST["email"]; > $thesubject = $_POST["thesubject"]; > $themessage = $_POST["themessage"]; > > $success_sent_msg='<p align="center"><strong> </strong></p> > <p align="center"><strong>Your message has been > successfully sent to us<br> > > </strong> and we will reply as soon as possible.</p> > <p align="center">A copy of your query has been sent to > you.</p> > > <p align="center">Thank you for contacting us.</p>'; > > $replymessage = "Hi $name > > Thank you for your email. > > We will endeavour to reply to you shortly. > > Please DO NOT reply to this email. > > Below is a copy of the message you submitted: > -------------------------------------------------- > Subject: $thesubject > Query: > $themessage > -------------------------------------------------- > > Thank you"; > > $themessage = "name: $name \nQuery: $themessage"; > mail("$replyemail", > "$thesubject", > "$themessage", > "From: $email\nReply-To: $email"); > mail("$email", > "Receipt: $thesubject", > "$replymessage", > "From: $replyemail\nReply-To: $replyemail"); > echo $success_sent_msg; > /* > PHP Form Mailer - phpFormMailer (easy to use and more secure than many cgi > form mailers) > > FREE from: > > www.TheDemoSite.co.uk */ > ?> -- Sergiu Dumitriu http://purl.org/net/sergiu/ _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
