<?php
function clean($data) {
$data = trim(stripslashes(strip_tags($data)));
return $data;
}
$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload)/i";
foreach ($_POST as $key => $val) {
$c[$key] = clean($val);
if (preg_match($exploits, $val)) {
exit("<p>No exploits, please!</p>");
}
}
$show_form = true;
$error_msg = NULL;
if (isset($c['submit'])) {
if (empty($c['name']) || empty($c['company']) || empty($c['addr1']) || empty($c['city']) || empty($c['state']) || empty($c['zip']) || empty($c['phone']) || empty($c['email']) || empty($c['id']) || empty($c['features'])) {
$error_msg .= "Your message cannot be sent without including the basic contact information. Please use your browser's back button to return and fill out the form completely. \n";
} elseif (strlen($c['name']) > 40) {
$error_msg .= "The name field is limited at 15 characters. Your first name or nickname will do! \n";
} elseif (!ereg("^[A-Za-z' -]", $c['name'])) {
$error_msg .= "The name field must not contain special characters. \n";
} elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($c['email']))) {
$error_msg .= "That is not a valid e-mail address. \n";
}
if ($error_msg == NULL) {
$show_form = false;
$subject = " YOUR_SUBJECT HERE";
$message = "This Message was sent from the Customize Part Form:\r\n\r\n";
$message = "-----------------------Custom Part Request---------------\r\n";
$message .= " Name: ". $name ."\n";
$message .= " Company: ". $company ."\n";
$message .= " Address1: ". $addr1 ."\n";
$message .= " Address2: ". $addr2 ."\n";
$message .= " City: ". $city ."\n";
$message .= " State: ". $state ."\n";
$message .= " Zip: ". $zip ."\n";
$message .= " Phone: ". $phone ."\n";
$message .= " E-mail: ". $email ."\n";
$message .= " Fax: ". $fax ."\r\n";
$message .= "----------------------Switch Configuration--------------\r\n";
$message .= " Part Num: ". $id ."\n";
$message .= " Qty: ". $qty ."\n";
$message .= " Features: ". $features ."\r\n";
$message .= "----------------------User Agent Details-----------------\r\n";
$message .= " IP Address: {$_SERVER['REMOTE_ADDR']} \n";
$message .= " Browser: {$_SERVER['HTTP_USER_AGENT']} \n";
$message .= "---------------------------------------------------------\r\n";
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
$headers = "From: YOUREMAIL@DOMAIN.COM \n";
$headers .= "Reply-To: {$c['email']}";
} else {
$headers = "From: www.YOURWEBSITEHERE.COM <YOUREMAIL@DOMAIN.COM> \n";
$headers .= "Reply-To: {$c['email']}";
}
$sendto = "YOUREMAIL@DOMAIN.COM";
if (mail($sendto,$subject,$message,$headers)) {
echo ' <table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td><p class="bodytext">Thank You! </p>
<p class="bodytext">Your message has been sent. We will review your requirements
for your part and return your message as soon as possible. Thank you for
your time and have a great day! </p>
<p class="bodytext"><a href="../index.htm">Back to home page </a></p></td>
</tr>
</table>';
} else {
echo "<p>Your mail could not be sent this time.</p>";
}
}
}
if (!isset($c['submit']) || $show_form == true) {
function get_data($var) {
global $c;
if (isset($c[$var])) {
echo $c[$var];
}
}
if ($error_msg != NULL) {
echo "<p><strong style='color: red;'>ERROR:</strong><br />";
echo nl2br($error_msg) . "</p>";
}
?>
<br><p class="bodytext" align="center">Customize Your Part </p>
<form action="customizer.php" method="post"><p>
<table border="0" cellpadding="2" cellspacing="0" width="100%" align="center">
<tr>
<td width="30%" valign="top"><p class="bodytext" align="right"> Part Number: </p></td>
<td width="70%" valign="top"><p class="bodytext">
<?
print ($_GET['id']);
?>
</p></td>
</tr>
<tr>
<td width="30%" valign="top"><p class="bodytext" align="right"> Required Features: </p></td>
<td width="70%" valign="top"><textarea name="features" cols="40" rows="7" id="features"><?php get_data("features"); ?> </textarea>
</td>
</tr>
<tr>
<td width="30%"><p class="bodytext" align="right"> Approx. Quantity: </p></td>
<td width="70%" valign="top"><input type="text" name="qty" size="15" id="qty" value="<?php get_data("qty"); ?>" class="input">
</td>
</tr>
<tr>
<td colspan="2" valign="top"><p class="bodytext" align="center"> <br>
Please fill out the contact information below as completely as possible. <br>
Doing so enables us to contact you about your specific needs on a product <br>
and allows us to better serve you, the customer. <br>
<font color="#FF0000">*</font> Fields are required. </p></td>
</tr>
<tr>
<td colspan="2" align="center"><img src="../images/hrule.gif" width="450"> </td>
</tr>
<tr>
<td colspan="2" align="center"><table border="0" align="center">
<tr>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>Contact:</p></td>
<td width="25%"><input type="text" name="name" size="15" id="name" value="<?php get_data("name"); ?>" class="input"></td>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>Company:</p></td>
<td width="25%"><input type="text" name="company" size="15" id="company" value="<?php get_data("company"); ?>" class="input"></td>
</tr>
<tr>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>Addr1:</p></td>
<td width="25%"><input type="text" name="addr1" size="15" id="addr1" value="<?php get_data("addr1"); ?>" class="input"></td>
<td width="25%" align="right"><p class="bodytext">Addr2:</p></td>
<td width="25%"><input type="text" name="addr2" size="15" id="addr2" value="<?php get_data("addr2"); ?>" class="input"></td>
</tr>
<tr>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>City:</p></td>
<td width="25%"><input type="text" name="city" size="15" id="city" value="<?php get_data("city"); ?>" class="input"></td>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>State:</p></td>
<td width="25%"><input type="text" name="state" size="15" id="state" value="<?php get_data("state"); ?>" class="input"></td>
</tr>
<tr>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>Zip:</b></p></td>
<td width="25%"><input type="text" name="zip" size="15" id="zip" value="<?php get_data("zip"); ?>" class="input"></td>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>Phone:</p></td>
<td width="25%"><input type="text" name="phone" size="15" id="phone" value="<?php get_data("phone"); ?>" class="input"></td>
</tr>
<tr>
<td width="25%" align="right"><p class="bodytext"><font color="#FF0000">*</font>EMail:</b></p></td>
<td width="25%"><input type="text" name="email" size="15" id="email" value="<?php get_data("email"); ?>" class="input"></td>
<td width="25%" align="right"><p class="bodytext">Fax:</p></td>
<td width="25%"><input type="text" name="fax" size="15" id="fax" value="<?php get_data("fax"); ?>" class="input"></td>
</tr>
<tr>
<td colspan="4" align="center"><? print '<input type="hidden" name="id" value="' .$id. '"> '; ?>
<input class="input" type="submit" name="submit" value="Submit">
</td>
</tr>
</table></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</p></form>
<?php
}
?>