// Start the XML
$xml = "";
// Check and see if we're sending a message
if (isset($_POST["message"])) {
$name = stripslashes($_POST["name"]);
$email = stripslashes($_POST["email"]);
$message = stripslashes($_POST["message"]);
// Send mail
// Don't allow user-submitted data in headers
// [ffortes 9/15 -- you had a spammable script!]
$res = mail("neema@moraveji.org",
"Web post from $name ($email)",
$message
. "\r\n\r\n\r\nMeta Info:\r\n "
. " IP Address: $REMOTE_ADDR\r\n "
. " Browser: $HTTP_USER_AGENT\r\n "
. " Referer: $HTTP_REFERER\r\n ",
"From: no@one.com");
if ($res) {
$xml .= " Thanks for your message. ";
$xml .= "Your Name: " . htmlspecialchars($name) .
" ";
$xml .= "Your Email: " . htmlspecialchars($email) .
" ";
$xml .= "Your Message: " . htmlspecialchars($message) .
" ";
}
else {
$xml .= "Something is wrong, your message was not sent. Sorry. ";
}
}
// Display form to send a message
else {
$xml .= "";
}
// Transform!
echo $xml;
?>
|