|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/abtechsci/mmc15/HDWRegistrationAndLogin/ |
Upload File : |
<?php
// ********************************************************************
// MAIN CODE
// ********************************************************************
require_once('./config.php');
require_once('./common.php');
if (!isset($_GET)) $_GET = $HTTP_GET_VARS; if (!isset($_POST)) $_POST = $HTTP_POST_VARS; if (!isset($_FILES)) $_FILES = $HTTP_POST_FILES;
define ("HDW_F2M_UPLOADFOLDER", "hdwuploadfolder");
define ("HDW_F2M_OK", "hdwok");
define ("HDW_F2M_NO_OK", "hdwnook");
define ("HDW_F2M_TABLENAME", "hdwtablename");
define ("HDW_F2M_EMAIL", "hdwemail");
define("SEND_EMAIL_COPY", ($_POST["hdwemail"]||$_GET["hdwemail"]) );
foreach ($_FILES as $item => $value) //extension valid
if (!isValidExt($value['name']))
{
echo '<script type="text/javascript">document.location="'.getHDWForm2MailParam(HDW_F2M_NO_OK).'";</script>';
exit;
}
function isValidExt($value)
{
global $file_ext;
if ($value!="")
{
$pos = strrpos($value,".");
$ext = substr($value,$pos+1);
//echo $ext;
if(in_array($ext, $file_ext))
{
return true;
}
else
{
return false;
}
}
return true;
}
function getHDWRegistrationAndLoginParam($field)
{
global $_POST, $_GET; if ($_POST[$field] != "")
return $_POST[$field];
else
return $_GET[$field];
}
function IPAddress2IPNumber($dotted)
{
$dotted = preg_split( "/[.]+/", $dotted);
$ip = (double) ($dotted[0] * 16777216) + ($dotted[1] * 65536) + ($dotted[2] * 256) + ($dotted[3]);
return $ip;
}
function ckbrowser($user_agent)
{
if((ereg("Netscape", $user_agent))) $browser = "Netscape";
elseif(ereg("Firefox", $user_agent)) $browser = "Firefox";
elseif(ereg("Safari", $user_agent)) $browser = "Safari";
elseif(ereg("SAFARI", $user_agent)) $browser = "SAFARI";
elseif(ereg("MSIE", $user_agent)) $browser = "MSIE";
elseif(ereg("Lynx", $user_agent)) $browser = "Lynx";
elseif(ereg("Opera", $user_agent)) $browser = "Opera";
elseif(ereg("Gecko", $user_agent)) $browser = "Mozilla";
elseif(ereg("WebTV", $user_agent)) $browser = "WebTV";
elseif(ereg("Konqueror", $user_agent)) $browser = "Konqueror";
else $browser = "bot";
return($browser);
}
function findfilename($path, $name)
{
$pos = strrpos($name,".");
$nameOnly = substr($name,0,$pos);
$ExtOnly = substr($name,$pos);
$i=0;
while (file_exists($path.$name))
{
$name = $nameOnly . "(".$i.")".$ExtOnly;
$i++;
}
$path = str_replace("\\","/",$path);
return $path.$name;
}
$atable = HDW_FRL_LocateTable(getHDWForm2MailParam(HDW_F2M_TABLENAME));
define(HDW_TABLENAME, $atable["name"]);
if (SAVE_DATABASE_FILE)
{
# To Upload Folder
$uploadfolder= HDW_TABLENAME."_".substr(md5($_SERVER["SERVER_NAME"]),0,4);
define('FIXED',6);
define('DATA_UPLOAD_MAIN',HDW_DC_ROOT.$uploadfolder."/");
define('DATA_UPLOAD',HDW_DC_ROOT.$uploadfolder."/uploads/");
define('DATA_FILE',HDW_DC_ROOT.$uploadfolder."/data.csv");
if (!file_exists(DATA_UPLOAD_MAIN))
if (!(mkdir(DATA_UPLOAD_MAIN)))
{
echo "Please, set write permissions to the folder <b>".HDW_FOLDER_NAME."</b>.";
exit;
}
if (!file_exists(DATA_UPLOAD))
{
if (!(mkdir(DATA_UPLOAD)))
{
echo "Please, set write permissions to the folder <b>".HDW_FOLDER_NAME."</b> and items inside.";
exit;
}
}
if (!HDW_MYSQL && !file_exists(HDW_FLAT_DBNAME_FULL))
{
if (!(mkdir(HDW_FLAT_DBNAME_FULL)))
{
echo "Please, set write permissions to the folder <b>".HDW_FOLDER_NAME."</b> and items inside.";
exit;
}
}
$formfields = array();
foreach ($_GET as $item => $value)
if (substr($item,0,3) != 'hdw' && $item != HDW_F2M_OK && $item != HDW_F2M_UPLOADFOLDER && $item != HDW_FOLDER_NAME && $item != HDW_F2M_EMAIL && $item != HDW_F2M_NO_OK && $item != HDW_F2M_TABLENAME)
$formfields[$item] = $value;
foreach ($_POST as $item => $value)
if (substr($item,0,3) != 'hdw' && $item != HDW_F2M_OK && $item != HDW_F2M_UPLOADFOLDER && $item != HDW_FOLDER_NAME && $item != HDW_F2M_EMAIL && $item != HDW_F2M_NO_OK && $item != HDW_F2M_TABLENAME)
$formfields[$item] = $value;
$attachments = Array();
foreach ($_FILES as $item => $value)
{
if ($value['name']!="")
{
$value["filePath"] = findfilename(DATA_UPLOAD, $value['name']);
move_uploaded_file($value['tmp_name'], $value["filePath"]);
$formfields[$item] = "http://".$_SERVER["HTTP_HOST"] ."/".HDW_FOLDER_NAME."/$uploadfolder/uploads/". basename($value["filePath"]);
$attachments[] = Array("file"=>$value['filePath'], "name"=>$value['name'],"content_type"=>$value['type']);
}
}
if ($atable["activation_url"])
$active = "0";
else
$active = "1";
include_once "db/txt-db-api.php";
HDW_FRL_openDatabaseConnection();
if (HDW_MYSQL)
{
mysql_select_db(HDW_DATABASE) or die("Could not select database");
$result = mysql_query("SHOW TABLES FROM `".HDW_DATABASE."`") or die("Query failed");
$found = false;
while ($line = mysql_fetch_array($result)) {
if (strtolower($line[0]) == strtolower(HDW_TABLENAME))
$found = true;
}
if (!$found)
{
mysql_query("CREATE TABLE `".HDW_TABLENAME."` (`hdw_id` int(10) unsigned NOT NULL auto_increment,PRIMARY KEY (`hdw_id`)) TYPE=MyISAM;") or die("Query Create failed");
mysql_query('ALTER TABLE `'.HDW_TABLENAME.'` ADD `hdw_active` TINYINT UNSIGNED DEFAULT "1" NOT NULL') or die("Query Alter failed");
if (INCLUDE_EXTRA_INFO)
{
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `hdw_IP` TEXT") or die("Query Alter failed");
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `hdw_Referer` TEXT") or die("Query Alter failed");
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `hdw_ServerTime` TEXT") or die("Query Alter failed");
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `hdw_Browser` TEXT") or die("Query Alter failed");
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `hdw_UserAgent` TEXT") or die("Query Alter failed");
}
}
$result = mysql_query("SHOW FIELDS FROM `".HDW_TABLENAME."`") or die("Query failed");
$fields_table = array();
while ($line = mysql_fetch_array($result)) {
$fields_table[$line[0]] = 1;
}
foreach ($formfields as $item => $value)
{
if ($fields_table[$item]!=1)
mysql_query("ALTER TABLE `".HDW_TABLENAME."` ADD `".$item."` TEXT") or die("Query Alter failed");
$head .= '`'.str_replace('"','\"',$item).'`'.',';
$values .= '"'.str_replace('"','\"',$value).'"'.',';
}
if (INCLUDE_EXTRA_INFO)
{
$head .= "`hdw_active`,`hdw_IP`,`hdw_Referer`,`hdw_ServerTime`,`hdw_Browser`,`hdw_UserAgent`,`";
$values .= $active.",\"".$_SERVER['REMOTE_ADDR']."\",\"".$_SERVER["HTTP_REFERER"]."\",\"".date("Y-m-d H:i:s")."\",\"".ckbrowser($_SERVER['HTTP_USER_AGENT'])."\",\"".$_SERVER['HTTP_USER_AGENT']."\",\"";
}
else
{
$head .= "`hdw_active`,`";
$values .= $active.",\"";
}
$head = substr($head,0,(strlen($head)-2))."\n";
$values = substr($values,0,(strlen($values)-2))."\n";
mysql_query("insert into `".HDW_TABLENAME."`(".$head.") values(".$values.")") or die("Insert failed");
mysql_free_result($result);
}
else
{
$db = $database;
if (!file_exists(HDW_FRL_DATA_DB. HDW_FLAT_DBNAME."/". HDW_TABLENAME.".txt" ))
{
if (INCLUDE_EXTRA_INFO)
$db->executeQuery("CREATE TABLE ".HDW_TABLENAME." (hdw_id inc, hdw_active int, hdw_IP str,hdw_Referer str,hdw_ServerTime str,hdw_Browser str,hdw_UserAgent str)");
else
$db->executeQuery("CREATE TABLE ".HDW_TABLENAME." (hdw_id inc, hdw_active int)");
}
//$db->executeQuery("INSERT INTO ".HDW_TABLENAME."(surname, familyname, street, plz, city, phone) VALUES ('Paul', 'Mustermann', 'Stoneway 15', '2434', 'Stonehenge', '+35 243 454234')");
$result = $db->executeQuery("SELECT * FROM ".HDW_TABLENAME);
$rows = array();
while ($result->next())
$rows[] = $result->getCurrentValuesAsHash();
$fields = $result->colNames;
$create_sql = "CREATE TABLE ".HDW_TABLENAME." (hdw_id inc";
$insert_sql = "insert into ".HDW_TABLENAME."(hdw_id";
$fields_table = array();
for ($i=0;$i<count($fields);$i++)
{
$fields_table[$fields[$i]] = 1;
if ($fields[$i] !="hdw_id")
{
$create_sql .= ", ".$fields[$i]." str";
$insert_sql .= ",".$fields[$i];
}
}
$str = "";
foreach ($formfields as $item => $value)
{
if ($fields_table[$item]!=1)
$str .= ", ".$item." str";
$head .= ''.str_replace('"','\"',$item).''.',';
$values .= '"'.str_replace('"','\"',$value).'"'.',';
}
if ($str!="")
{
$create_sql .=$str . ")";
$db->executeQuery("drop table ".HDW_TABLENAME);
$db->executeQuery($create_sql);
for ($i=0;$i<count($rows);$i++)
{
$query_insert = $insert_sql.") values(".$rows[$i]["hdw_id"];
for ($j=0;$j<count($fields);$j++)
if ($fields[$j] !="hdw_id")
$query_insert .= ','.'"'.str_replace('"','\"',$rows[$i][$fields[$j]]).'"';
$query_insert .= ")";
$db->executeQuery($query_insert);
}
}
if (INCLUDE_EXTRA_INFO)
{
$head .= "hdw_active,hdw_IP,hdw_Referer,hdw_ServerTime,hdw_Browser,hdw_UserAgent,";
$values .= $active.",\"".$_SERVER['REMOTE_ADDR']."\",\"".$_SERVER["HTTP_REFERER"]."\",\"".date("Y-m-d H:i:s")."\",\"".ckbrowser($_SERVER['HTTP_USER_AGENT'])."\",\"".$_SERVER['HTTP_USER_AGENT']."\",\"";
}
else
{
$head .= "hdw_active,";
$values .= $active.",\"";
}
$head = substr($head,0,(strlen($head)-1))."\n";
$values = substr($values,0,(strlen($values)-2))."\n";
$db->executeQuery("insert into ".HDW_TABLENAME."(".$head.") values(".$values.")");
}
HDW_FRL_closeDatabaseConnection();
}
if (!$active)
sendTMail("ActivationMail.txt");
else
sendTMail("WelcomeMail.txt");
function sendTMail($source)
{
global $atable;
$mail = new PHPMailer();
$mail->FromName = $atable["from"];
$mail->From = $atable["from"];
$mail->AddAddress( getHDWForm2MailParam($atable["emailfield"]) );
$mail->WordWrap = 80; // set word wrap
$mail->IsHTML(false); // send as HTML
$t_mail = HDW_FRL_processMail($source,array(
"URL"=>$_SERVER["HTTP_HOST"],
"USERNAME"=>getHDWForm2MailParam(getHDWForm2MailParam("hdwusername")),
"PASSWORD"=>getHDWForm2MailParam(getHDWForm2MailParam("hdwpassword")),
"ACTIVATION_URL"=>"http://".$_SERVER["HTTP_HOST"].HDW_VIRTUAL_PATH."activate.php?id=".base64_encode(getHDWForm2MailParam(getHDWForm2MailParam("hdwusername")))."&tb=".getHDWForm2MailParam(HDW_F2M_TABLENAME)
));
$mail->Subject = $t_mail["subject"];
$mail->Body = $t_mail["body"];
$result = $mail->Send();
if (!$result)
{
$tmp = $mail->Mailer;
$mail->Mailer = "smtp";
$result = $mail->Send();
$mail->Mailer = $tmp;
}
if (!$result)
{
$tmp = $mail->Mailer;
$mail->Mailer = "sendmail";
$result = $mail->Send();
$mail->Mailer = $tmp;
}
return $result;
}
if (!SEND_EMAIL_COPY) // if no email copy required then finished here
{
header( "HTTP/1.1 302" );
header ("Location: ".getHDWForm2MailParam(HDW_F2M_OK));
exit;
}
//START MAIL CODE
function send_mail($emailaddress, $fromaddress, $emailsubject, $body, $attachments=false)
{
global $atable;
$mail = new PHPMailer();
$mail->FromName = $atable["from"];
$mail->From = $atable["from"];
$mail->AddAddress($emailaddress);
$mail->WordWrap = 80; // set word wrap
if ($attachments != false && SEND_EMAIL_ATTACHMENTS)
{
for($i=0; $i < count($attachments); $i++)
{
if ($attachments[$i]["file"] != '')
{
$file_name = $attachments[$i]["name"];
$mail->AddAttachment($attachments[$i]["file"], $file_name);
}
}
}
$mail->IsHTML(true); // send as HTML
$mail->Subject = $emailsubject;
$mail->Body = $body;
$mail->AltBody = strip_tags(str_replace("<br />", "\n",str_replace("<br>", "\n", $body)));
$result = $mail->Send();
if (!$result)
{
$mail->Mailer = "smtp";
$result = $mail->Send();
}
if (!$result)
{
$mail->Mailer = "sendmail";
$result = $mail->Send();
}
return $result;
}
function getHDWForm2MailParam($field)
{
if ($_POST[$field] != "")
return $_POST[$field];
else
return $_GET[$field];
}
# To Email Address
$emailaddress= getHDWForm2MailParam(HDW_F2M_EMAIL);
$emailaddress = str_replace("+","@", $emailaddress);
# From Email Address
$fromaddress = $emailaddress;
# Message Subject
$emailsubject= "Form sent from ".$_SERVER["HTTP_HOST"];
# Use relative paths to the attachments
if (!SAVE_DATABASE_FILE)
{
$attachments = Array();
foreach ($_FILES as $item => $value)
$attachments[] = Array("file"=>$value['tmp_name'], "name"=>$value['name'],"content_type"=>$value['type']);
}
# Message Body
$body ="<strong>SUBMITTED INFORMATION</strong><br />"
."<strong>***************************</strong><br />";
foreach ($_GET as $item => $value)
if (substr($item,0,3) != 'hdw' && $item != HDW_F2M_OK && $item != HDW_F2M_UPLOADFOLDER && $item != HDW_FOLDER_NAME && $item != HDW_F2M_EMAIL && $item != HDW_F2M_NO_OK && $item != HDW_F2M_TABLENAME)
if ($separator_field[$item])
$body .= $separator_item."<br /><br />";
else
$body .="<strong>".$item.":</strong> ".(is_array($value)?htmlentities(implode(", ",$value)):htmlentities($value))."<br /><br />";
foreach ($_POST as $item => $value)
if (substr($item,0,3) != 'hdw' && $item != HDW_F2M_OK && $item != HDW_F2M_UPLOADFOLDER && $item != HDW_FOLDER_NAME && $item != HDW_F2M_EMAIL && $item != HDW_F2M_NO_OK && $item != HDW_F2M_TABLENAME)
if ($separator_field[$item])
$body .= $separator_item."<br /><br />";
else
$body .="<strong>".$item.":</strong> ".(is_array($value)?htmlentities(implode(", ",$value)):htmlentities($value))."<br /><br />";
foreach ($_FILES as $item => $value)
$body .="<strong>".$item.":</strong> ".$value['name']."<br /><br />";
$body .="<strong>SUPPORT INFORMATION</strong><br />"
."<strong>***************************</strong><br />"
."<strong>IP:</strong> ".$_SERVER['REMOTE_ADDR']."<br />"
."<strong>Referer:</strong> ".$_SERVER["HTTP_REFERER"]."<br />"
."<strong>Server Time:</strong> ".date("Y-m-d H:i:s")."<br />"
."<strong>Browser:</strong> ".ckbrowser($_SERVER['HTTP_USER_AGENT'])."<br />"
."<strong>User Agent:</strong> ".$_SERVER['HTTP_USER_AGENT']."<br /><br />"
."<hr />Delivered by HotDreamweaver FormToDatabase Script";
// first copy
if (EMAIL_COPY1 != '')
send_mail(EMAIL_COPY1, $fromaddress, $emailsubject, $body, $attachments);
// second copy
if (EMAIL_COPY2 != '')
send_mail(EMAIL_COPY2, $fromaddress, $emailsubject, $body, $attachments);
// main email
if (send_mail($emailaddress, $fromaddress, $emailsubject, $body, $attachments))
{
echo '<script type="text/javascript">document.location="'.getHDWForm2MailParam(HDW_F2M_OK).'";</script>';
}
else
{
echo '<script type="text/javascript">document.location="'.getHDWForm2MailParam(HDW_F2M_NO_OK).'";</script>';
}
exit;
?>