Viewing file:  backend.php (8.77 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
include('../admin/app/core.php');
// IP Addresses to assist in getting remote IP address
$proxy_int_ip = "10.10.0.254";
$proxy_ext_ip = "66.76.188.188";
$server_ip = "10.10.0.4";
$target_email = "website@trisud.com"; // website group
$noreply = "noreply@trisud.com"; // no reply address
$company = "Tri Special Utility District"; // business name
// debug logging
$logForm = "message";
$base_log_path = "/var/www/app/logs/"; // <== Note path must be correct!
//logThis($logForm, "backend.php", "Got here", false);
// actual program like stuff!
$remoteip = get_client_ip();
// GET variables for ajax request handlers
$send = $_REQUEST["send"];
$footer = $_REQUEST['footer'];
$nav = $_REQUEST['nav'];
$modal = $_REQUEST['modal'];
$status = $_REQUEST['status'];
if($status) {
$st = status_read();
echo $st['light'];
}
//FORMS
// ajax to send a contact msg from MAIN contact form
if($send == "contact")
{
$name = $_REQUEST["name"];
$phone = $_REQUEST["phone"];
$email = $_REQUEST["email"];
$msg = $_REQUEST["message"];
//echo varDumpToString ($_REQUEST);
//die();
//contact msg only
if(empty($name) || empty($phone) || empty($email) || empty($msg))
{
echo "Unable to send email, form is not completed!<br>";
exit();
}
else
{
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo "Please provide a valid email address!<br>";
exit();
}
if(strlen($phone) < 10)
{
echo "Please provide a valid phone number (10 numbers)!<br>";
exit();
}
$to = $target_email; // Olympic website group
//$to = 'stephenb@net-techs.com'; // testing
$subjectline = 'Message from website contact form';
$body = "From: ".$name."<br> E-Mail: ".$email."<br> Phone: ".$phone."<br> Message: ".$msg."<br> Sent by IP Address: ".$remoteip;
$headers = array(
'From: "'.$company.' Website Main Contact Form" <'.$noreply.'>' ,
'Reply-To: "'.$name.'" <'.$email.'>' ,
'X-Mailer: PHP/' . phpversion() ,
'MIME-Version: 1.0' ,
'Content-type: text/html; charset=iso-8859-1' ,
);
$headers = implode( "\r\n" , $headers );
$send_test1 = mail($to, $subjectline, $body, $headers);
logThis($logForm, "contact-backend.php", "\r\n".str_replace("<br>", "\r\n", $body)."\r\n", false);
}
if($send_test1)
{
$check = "Your contact message was successfully sent!";
}
else
{
$check = "Something went horribly wrong! Please try again...";
}
echo $check;
}
// ajax to send a contact msg from QUOTE contact form
if($send == "quote")
{
//logThis($logForm, "backend.php", $_REQUEST, true);
$name = $_REQUEST["name"];
$phone = $_REQUEST["phone"];
$email = $_REQUEST["email"];
$jobaddress = $_REQUEST["jobaddress"];
$incity = $_REQUEST["incity"];
$msg = $_REQUEST["message"];
//contact msg only
if(empty($name) || empty($email) || empty($phone) || empty($jobaddress))
{
echo "Unable to send email, form is not completed!<br>";
exit();
}
else
{
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo "Please provide a valid email address!<br>";
exit();
}
if(strlen($phone) < 10)
{
echo "Please provide a valid phone number!<br>";
exit();
}
$to = $target_email; // Olympic website group
//$to = 'stephenb@net-techs.com'; // testing
$subjectline = 'Message from website contact form';
$body = "From: ".$name."<br> E-Mail: ".$email."<br> Phone: ".$phone."<br> Jobsite Address: ".$jobaddress."<br> City Limits: ".$incity."<br> Job Details: ".$msg."<br> Sent by IP Address: ".$remoteip;
$headers = array(
'From: "'.$company.' Website Main Contact Form" <'.$noreply.'>' ,
'Reply-To: "'.$name.'" <'.$email.'>' ,
'X-Mailer: PHP/' . phpversion() ,
'MIME-Version: 1.0' ,
'Content-type: text/html; charset=iso-8859-1' ,
);
$headers = implode( "\r\n" , $headers );
$send_test1 = mail($to, $subjectline, $body, $headers);
logThis($logForm, "quote-backend.php", "\r\n".str_replace("<br>", "\r\n", $body)."\r\n", false);
}
if($send_test1)
{
$check = "Your message was successfully sent!";
}
else
{
$check = "Something went horribly wrong! Please try again...";
}
echo $check;
}
// ajax to send a contact msg from MINI form
if($send == "mini")
{
$name = $_REQUEST["name"];
$email = $_REQUEST["email"];
$msg = $_REQUEST["message"];
//contact msg only
if(empty($name) || empty($email) || empty($msg))
{
echo "Form is not completed!<br>";
exit();
}
else
{
if(!filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo "Invalid email address!<br>";
exit();
}
$to = $target_email; // Olympic website group
//$to = 'stephenb@net-techs.com'; // testing
$subjectline = 'Message from website mini contact form';
$body = "From: ".$name."<br> E-Mail: ".$email."<br> Message: ".$msg."<br> Sent by IP Address: ".$remoteip;
$headers = array(
'From: "'.$company.' Website Mini Contact Form" <'.$noreply.'>' ,
'Reply-To: "'.$name.'" <'.$email.'>' ,
'X-Mailer: PHP/' . phpversion() ,
'MIME-Version: 1.0' ,
'Content-type: text/html; charset=iso-8859-1' ,
);
$headers = implode( "\r\n" , $headers );
$send_test1 = mail($to, $subjectline, $body, $headers);
logThis($logForm, "mini-backend.php", "\r\n".str_replace("<br>", "\r\n", $body)."\r\n", false);
}
if($send_test1)
{
$check = "Sent email successfully!";
}
else
{
$check = "Please try again...";
}
echo $check;
}
// echo footer
if($footer)
{
$footer = file_get_contents("footer.ssi");
echo $footer;
}
// echo navigation
if($nav)
{
$nav = file_get_contents("nav.ssi");
echo $nav;
}
// echo modal for privacy policy
if($modal)
{
$privacy = file_get_contents("../privacy/privacy.ssi");
echo $privacy;
}
//FUNCTIONS
// tries to get valid client IP
function get_client_ip()
{
global $proxy_int_ip;
global $proxy_ext_ip;
global $server_ip;
// Nothing to do without any reliable information
if (!isset ($_SERVER['REMOTE_ADDR']))
{
return NULL;
}
// Header that is used by the trusted proxy to refer to
// the original IP
$proxy_header = "HTTP_X_FORWARDED_FOR";
// List of all the proxies that are known to handle 'proxy_header'
// in known, safe manner
$trusted_proxies = array($proxy_int_ip, $proxy_ext_ip, $server_ip);
if (in_array ($_SERVER['REMOTE_ADDR'], $trusted_proxies))
{
// Get the IP address of the client behind trusted proxy
if (array_key_exists ($proxy_header, $_SERVER))
{
// Header can contain multiple IP-s of proxies that are passed through.
// Only the IP added by the last proxy (last IP in the list) can be trusted.
$proxy_list = explode (",", $_SERVER[$proxy_header]);
$client_ip = trim (end ($proxy_list));
// Validate just in case
if (filter_var ($client_ip, FILTER_VALIDATE_IP))
{
return $client_ip;
}
else
{
// Validation failed - beat the guy who configured the proxy or
// the guy who created the trusted proxy list?
// TODO: some error handling to notify about the need of punishment
}
}
}
// In all other cases, REMOTE_ADDR is the ONLY IP we can trust.
return $_SERVER['REMOTE_ADDR'];
}
//writes to appropriate log file
function logThis($form, $var, $value, $varArray = false)
{
global $base_log_path;
$logFile = $base_log_path.$form."_log_".date("Y-m-d").".log";
if($varArray)
{
$output = "(".date("H:i:s").") ".$var.": ".varDumpToString($value);
}
else
{
$output = "(".date("H:i:s").") ".$var.": ".$value;
}
file_put_contents($logFile, $output."\n", FILE_APPEND);
}
// var_dump for logs
function varDumpToString ($var){
ob_start();
var_dump($var);
$result = ob_get_clean();
return $result;
}
date_default_timezone_set('America/Chicago');
session_start();
////////////////////////////////////////////
// GENERAL FUNCTIONS
////////////////////////////////////////////
// db_connect function initiates a connection to the mysql database using the Global variables defined above
?>
|