--- formmail.orig.php 2005-12-04 16:15:40.000000000 -0500 +++ formmail.php 2008-12-15 19:01:59.000000000 -0500 @@ -42,9 +42,19 @@ $referers = array('www.example.com', 'example.com'); + // $recipient_array format is $recipient_array = array('sometext'=>'email@example.com','asdf'=>'email2@example.com'); + $recipient_array = array(); +// or better yet, get rid of those damn spammers by generating the key => values dynamically, just +// create a simple array of values like +// $recipient_dynamic_list = array('myaddy@example.com', 'another@example.com'); + +$recipient_dynamic_list = array(); + + + $valid_env = array('REMOTE_HOST', 'REMOTE_ADDR', 'REMOTE_USER', 'HTTP_USER_AGENT'); // +------------------------------------------------------------------------+ @@ -154,15 +164,29 @@ * Function added in 1.7.0 * ****************************************************************/ -function map_recipients($recipient_list) +function map_recipients_dynamic($recipient_list) +{ + return map_recipients($recipient_list, 'INCLUDEALL'); +} + +function map_recipients($recipient_list, $includeAllDynamic=0) { global $errors, $recipient_array; + + + $rcpts = getRecipientsArray($includeAllDynamic); + + if ($rcpts == NULL || !( is_array($rcpts) && count($rcpts))) + { + $rcpts = $recipient_array; + } + $recipients_ok = true; $recipient_list = explode(',',$recipient_list); while (list(,$val) = each($recipient_list)){ $val = trim($val); - if(isset($recipient_array[$val])) - $output[] = $recipient_array[$val]; + if(isset($rcpts[$val])) + $output[] = $rcpts[$val]; else $recipients_ok = false; } @@ -371,7 +395,8 @@ if (!isset($form['email'])) $form['email'] = 'email@example.com'; - switch ($form['mail_newline']) { + $formNewlineSetting = array_key_exists('mail_newline', $form) ? $form['mail_newline'] : 'NOTSET'; + switch ($formNewlineSetting) { case 2: $mail_newline = "\r"; break; case 3: $mail_newline = "\r\n"; @@ -400,7 +425,7 @@ while (list($key,$val) = each($form)) { if ((!in_array($key,$invis_array)) && ((isset($form['print_blank_fields'])) || ($val))) { - if(($form['alias_method'] == 'email') || ($form['alias_method'] == 'both')) + if((isset($form['alias_method']) && $form['alias_method'] == 'email') || (isset($form['alias_method']) && $form['alias_method'] == 'both')) $mailbody .= $fieldname_lookup[$key]; else $mailbody .= $key; @@ -424,7 +449,13 @@ // added to the headers of the e-mail. (SMTP Format // with newline char ending each line) - $mail_header = 'Return-Path: ' . eregi_replace($email_replace_array,'',$return_path) . $mail_newline; + $mail_header = ''; + + if (isset($return_path)) // no idea where this is supposed to come fro + { + $mail_header = 'Return-Path: ' . eregi_replace($email_replace_array,'',$return_path) . $mail_newline; + } + if (FROM != null) $mail_header .= 'From: ' . FROM . $mail_newline; $mail_header .= 'Reply-to: '; @@ -475,7 +506,7 @@ function output_html($body) { - global $form; + global $form, $useFormMailFunctionsOnly; $bgcolor = isset($form['bgcolor']) ? ('background-color: ' . htmlspecialchars($form['bgcolor']) . ';') : ('background-color: #FFF;'); $background = isset($form['background']) ? ('background-image: url(' . htmlspecialchars($form['background']) . ');') : NULL; @@ -515,6 +546,92 @@ } + +/// Begin psychogenic.com (Pat Deegan) mods to enable dynamic recipient key generation + +function generateRecipientKeyForTimestamp($aRecipient, $timestamp) +{ + return md5($timestamp . $aRecipient); +} +function generateTimeStampForTime($t) +{ + + $timeStampFormat = "Y-m-d:G"; + + $theDate = date($timeStampFormat, $t); + + return $theDate; +} + +function generateRecipientArray($clearRcptList, $includeAll=0) +{ + // set $minutesToComposeMessage to the maximum amount of time + // a person might spend writing a message. Note that they actually + // get up to 1 hour (if they start at minute 00:01)... this variable + // influences boundary conditions, i.e. when they begin writing their + // message at, say, 55:00 + $minutesToComposeMessage = 20; + + + $timeNow = time(); + $timesToConsider = array( generateTimeStampForTime($timeNow) => 1); + + if ($includeAll) + { + // timePast will be the same, or in the previous hour + $timePast = generateTimeStampForTime($timeNow - ($minutesToComposeMessage * 60)); + $timesToConsider[$timePast] = 1; + } + + + $rcptArray = array(); + foreach ($timesToConsider as $timestamp => $bogus) + { + foreach ($clearRcptList as $aRecipient) + { + // potential collision here... but the likelyhood is + // very small and in the very worst case the wrong person + // will get the email but it *will* still be delivered. + $keyVal = generateRecipientKeyForTimestamp($aRecipient, $timestamp); + $rcptArray[$keyVal] = $aRecipient; + } + } + + return $rcptArray; +} + +function generateDynamicKeyForRecipient($aRecipient, $t=0) +{ + if (! $t) + { + $t = time(); + } + + return generateRecipientKeyForTimestamp($aRecipient, generateTimeStampForTime($t)); +} + +function outputHiddenFieldForDynamicRecipient($aRecipient) +{ + $key = generateDynamicKeyForRecipient($aRecipient); +?> + + 0) { @@ -537,7 +654,9 @@ error_log('[PHPFormMail] HTTP_REFERER checking is turned off. Referer: ' . getenv('HTTP_REFERER') . '; Client IP: ' . getenv('REMOTE_ADDR') . ';', 0); // This is used for another variable function call - if ((count($recipient_array) > 0) == true) + if ((count($recipient_dynamic_list) > 0) == true) + $recipient_function = 'map_recipients_dynamic'; + else if ((count($recipient_array) > 0 ) == true) $recipient_function = 'map_recipients'; else $recipient_function = 'check_recipients'; @@ -594,8 +713,11 @@ } } } else { - $errors[] = '0|Nothing was sent by a form. (No data was sent by POST or GET method.) There is nothing to process here.'; - error_log('[PHPFormMail] No data sent by POST or GET method. (' . getenv('HTTP_REFERER') . ')', 0); + if (! (isset($useFormMailFunctionsOnly) && $useFormMailFunctionsOnly)) + { + $errors[] = '0|Nothing was sent by a form. (No data was sent by POST or GET method.) There is nothing to process here.'; + error_log('[PHPFormMail] No data sent by POST or GET method. (' . getenv('HTTP_REFERER') . ')', 0); + } } if (count($errors) > 0)