KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.4.62
System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64
User : www ( 80)
PHP Version : 8.3.8
Disable Function : NONE
Directory :  /domains/thr33cd/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /domains/thr33cd/contact-process.php
<?php
session_start();
 $token = $_SESSION['email_token'];
 unset($_SESSION['email_token']);
 if ($token && $_POST['token']==$token) {
   // delete the record
 } 
 else 
 {
   // dead session, potential CSRF attack, etc..
   die('Your session has expired.');
 }
// some custom code in below replaced by phpmailer class and HTML purifier class 1/16
//$destination = "[email protected]";
$destination = "[email protected]";
// $destination = "[email protected]";
$from_addr = "[email protected]";

// new check email code 1/16
function check_email_address($formpost) {
	$email = filter_var($formpost['addy'], FILTER_SANITIZE_EMAIL);
	if (filter_var($email, FILTER_VALIDATE_EMAIL)) 
	{
	  return true;
	} 
	else 
	{
	  return false;
	}
}

//check the simple captcha
function check_captcha($formpost)
{
	if ($formpost['sum'] == $formpost['a'] + $formpost['b'])
		return TRUE;
	else
		return FALSE;
}

//check the file type
function check_filetype() {	
	// print_r($_FILES);
	// die();
	if (!empty($_FILES['attachment']['name'])) {	
		$attachment = $_FILES['attachment']['tmp_name'];
		$attachment_name = $_FILES['attachment']['name']; 
		$attachment_size = $_FILES["attachment"]["size"];
		$attachment_type = $_FILES["attachment"]["type"];
		// $x = substr($attachment_name, strpos($attachment_name, '.') + 1);
		// echo $x . " xxx <br />";
		// print_r($_FILES);
	    // die();
	
		if (	/*$mime_type == "application/pdf" &&*/
			substr($attachment_name, strrpos($attachment_name, '.') + 1) == "pdf" &&
			$attachment_type == "application/pdf" && // added back 1/16
			$attachment_size < 3145728 /*3mb*/ ) 
		{	
		    $name_of_uploaded_file = $_FILES['attachment']['name']; 
			//copy the temp. uploaded file to uploads folder
			$path_of_uploaded_file = './tmp/' . $name_of_uploaded_file;
			$tmp_path = $_FILES["attachment"]["tmp_name"];
			if(is_uploaded_file($tmp_path))
			{
				@unlink($path_of_uploaded_file);
  				if(!copy($tmp_path,$path_of_uploaded_file))
  				{
					echo 'fail copy'; die();
    				return false;
				}
				else
				{
					return true;
				}
			}
			else
			{
				echo 'fail is_uploaded'; die();
				return false;
			}
		}
		else		
		{
			return false;
		}
	}
	else
	{
		// echo 'fail checks'; die();
		return "no file";
	}
};

// Get the user IP for tracking
function get_ip() {
	if ( isset($_SERVER) ) {
		if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'])) {
			$ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
		} elseif ( isset( $_SERVER['HTTP_CLIENT_IP'])) {
			$ip_address = $_SERVER['HTTP_CLIENT_IP'];
		} else {
			$ip_address = $_SERVER['REMOTE_ADDR'];
		}
	} else {
		if ( getenv('HTTP_X_FORWARDED_FOR') ) {
			$ip_address = getenv('HTTP_X_FORWARDED_FOR');
		} elseif ( getenv('HTTP_CLIENT_IP') ) {
			$ip_address = getenv('HTTP_CLIENT_IP');
		} else {
			$ip_address = getenv('REMOTE_ADDR');
		}
	}
	// Return the IP address
	return $ip_address;
}

if (isset($_POST))			
{	
	$_SESSION['formpost'] = $_POST;	
	$formpost = array();
	$formpost = $_POST;
	$formpost['sub'] = filter_var($formpost['sub'], FILTER_SANITIZE_STRING);
	$formpost['msg'] = filter_var($formpost['msg'], FILTER_SANITIZE_STRING);
	$formpost['sum'] = filter_var($formpost['sum'], FILTER_SANITIZE_NUMBER_INT);
	$formpost['a'] = filter_var($formpost['a'], FILTER_SANITIZE_NUMBER_INT);
	$formpost['b'] = filter_var($formpost['b'], FILTER_SANITIZE_NUMBER_INT);
	include './lib/class.phpmailer.php';
	$mail = new PHPMailer;
	
	$error_body = '';	
	
	$x = check_filetype();
	if ($x == false)
	{
		$error_body .= "Invalid attachment. Only PDFs less than 3M in size are accepted.<br />";
		unset($_FILES['attachment']);
	}
	elseif ($x == true)
	{
		$mail->addAttachment('./tmp/' . $_FILES['attachment']['name']);
	}
		
	if (!check_email_address($formpost))
	{
		$error_body .= "Invalid email address.<br />";
	}	
	
	if (!$formpost['sub'] || !$formpost['msg'])
	{
		$error_body .= "Both a subject and message are required";
	}
	
	if (!check_captcha($formpost))
	{
		$error_body .= "Incorrect captcha sum.<br />";
	}
	
	if ($error_body > '')
	{
		$_SESSION['error_msg']= "<div><h2  style='color: #F00;'>Form Submission Error</h2>
			<div id=\"form_output\">
				<p  style='color: #F00;'>" . $error_body . "<br /></p></div></div>";
		header('Location: contact.php#contactform');		
	}
	else
	{
		// this is using the phpmailer class 1/16			
		$mail->From = $from_addr;
		$mail->FromName = "3CD Careers";
		$mail->addAddress($destination);
		$mail->addReplyTo($formpost['addy'], "Reply");	
		$mail->addCC($formpost['addy']);
		$mail->Subject = "[3CD.com Contact]: ".$formpost['sub'];
		$mail->isHTML(false);
		$mail->Body = $formpost['msg'];
		// file already attached above
		if(!$mail->send()) 
		{
    		$error_body = "Mailer Error: " . $mail->ErrorInfo;
		} 
		else 
		{
    		$error_body = "Message has been sent successfully. A representative from 3CD will contact you shortly.";
			if (!empty($_FILES['attachment']['name'])) 
			{
				$y = './tmp/' . $_FILES['attachment']['name'];
				@unlink($y);
			}
			unset($_FILES['attachment']);
			unset($_POST);
			unset($_SESSION['error_msg']);
			unset($_SESSION['formpost']);			
		}
		$_SESSION['error_msg']= "<div><h2 style='color: #15bdce;'>Form Success</h2>
			<div id=\"form_output\">
				<p>" . $error_body . "<br /></p></div></div>";
		header('Location: contact.php#contactform');			
	}
}			

?>

Anon7 - 2021