%PDF- %PDF-
Direktori : /home/eirtvhdf/www/mail/ |
Current File : /home/eirtvhdf/www/mail/form.lib.php |
<?php namespace JF; /** Copyright 2018 JQueryForm.com License: http://www.jqueryform.com/license.php FormID: eirLogo-cform Date: 2018-10-23 15:23:57 Version: v2.1.4 Generated by http://www.jqueryform.com PHP 5.3+ is required. If mailgun is used AND the form has file upload field, PHP 5.5+ is required. */ require_once( __DIR__ . '/form.config.php' ); $dbFile = __DIR__ . '/form.db.php'; if( file_exists( $dbFile ) ){ require_once( $dbFile ); } use JF\Config; // -------------------------------------------------------------- class Form { public static function setDataDir( $dir ){ self::$dataDir = $dir ; } public static function getFormDataFile(){ return self::$dataDir . '/form-data.php' ; } public static function getEmailLogFile(){ return self::$dataDir . '/email-log.php' ; } public static function getSmsLogFile(){ return self::$dataDir . '/sms-log.php' ; } public static function validate( $post = array() ){ if( empty($post) ){ $post = $_POST; }; self::$post = $post; self::$values = array(); self::$attachments = array(); self::$invalid = array(); self::$columns = array( self::csvfield('RecordID'), self::csvfield('Date'), self::csvfield('IP') ); self::$csvValues = array( self::csvfield(self::getRecordID()), self::csvfield(date("Y-m-d H:i:s")), self::csvfield($_SERVER['REMOTE_ADDR']) ); self::$serverValidationFields = empty(self::$post['serverValidationFields']) ? array(): explode(',', self::$post['serverValidationFields']); // add preset tags self::presetTags(); if( self::hasField('page_break') ){ self::$serverValidationFields = array('skip-serverside-validation'); }; self::$style = 'font-family:Verdana, Arial, Helvetica, sans-serif; font-size : 13px; color:#474747;padding:6px;border:1px solid #cccccc;' ; self::$rows = array(); self::$sms = array(); $config = self::getConfig(); foreach( $config['fields'] as $f ){ switch ($f['field_type']) { case 'section_break': case 'page_navigation': case 'page_break': case 'submit': // are not data fields, ignore them, do nothing break; case 'recaptcha': $ok = self::validateReCaptcha( $post, $f['recaptcha']['secretKey'], $f['field_options']['hidden'] ); if( !$ok ) { self::reCaptchaInvalidHandler( $f ); }; break; // creditcard field contains extra fields, have to validate them one by one case 'creditcard': self::_validateCreditcardFields( $f ); break; case 'payment': self::_validatePaymentField( $f ); break; case 'address': self::_validateAddressField( $f ); break; default: self::_validateField( $f ); }; }; // foreach self::$values['dataTable'] = empty(self::$rows) ? '' : '<table cellspacing="0" cellpadding="0" border="1" bordercolor="#cccccc" style="border:1px solid #cccccc;"><tbody>' . join( "\n", self::$rows ). '</table>'; self::$values['dataText'] = join( "\n\n", self::$sms ); self::validateOneEntry(); // save form data to file if( self::isValid() ){ self::saveRecord(); }; self::$isValidated = true; // validation checked } public static function isMySite(){ return false !== stripos( $_SERVER['HTTP_HOST'],'jqueryform.com'); } private static function _validateCreditcardFields($field){ foreach ($field['subfields'] as $name => $f ) { // remove spaces that are created by javascript jquery.payment plugin self::$post[$name] = str_replace(' ', '', self::$post[$name]); self::_validateField( $f ); }; } private static function _validatePaymentField( $field ){ $paymentClasses = array( 'stripe' => '\JF\StripePayment', 'paypal' => '\JF\PaypalPayment', 'braintree' => '\JF\BraintreePayment', ); $method = $field['payments']['method']; $class = $paymentClasses[$method]; $include = __DIR__ . "/{$method}/validate.php"; if( !file_exists($include) ){ return false; }; require_once( $include ); $payment = new $class( $field ); $payment->validate( self::$post ); if( !$payment->isPaid() ){ self::$invalid[] = $field['id']; self::exitError( $payment->getErrMsg() ); }; } private static function _validateAddressField($field){ foreach ($field['subfields'] as $name => $f ) { if( ! $f['field_options']['enabled'] ){ continue; }; $f['id'] = $field['id'] . '_' . $name; self::_validateField( $f ); }; } private static function _validateField($f){ $key = $f['id']; $value = ""; switch ($f['field_type']) { case 'file': $value = self::handleUploadFile($f); break; case 'phone': $value = self::$post[$key]; $value = self::un_quotes( $value ); $dialCode = self::$post[$key . '_phonelib_dialcode']; if( !empty($dialCode) ){ $value = '+' . $dialCode . $value; }; break; default: if( !array_key_exists( $key, self::$post ) ){ self::$values[ $key ] = ''; continue; }; $value = self::$post[$key]; // checkboxes or select-multiple if( is_array($value) ){ $tmp = array(); foreach( $value as $v ){ $tmp[] = self::un_quotes($v); }; $value = join(" | \n", $tmp); // other input/textarea ... }else{ $value = self::un_quotes( $value ); }; break; }; // switch // sanitize input value $value = trim(self::stripTags($value)); if( !empty($f['field_options']['sender']) ){ switch (true){ case ( 'verify_sender' == $f['field_type'] && true == $f['field_options']['sender'] && stripos($value,'@') !== false ) : case ( 'email' == $f['field_type'] && true == $f['field_options']['sender'] ) : $f['field_options']['sender'] = 'email'; break; case ( 'verify_sender' == $f['field_type'] && true == $f['field_options']['sender'] && stripos($value,'@') === false ) : case ( 'phone' == $f['field_type'] && true == $f['field_options']['sender'] ) : $f['field_options']['sender'] = 'phone'; break; }; self::$values[ 'sender.' . $f['field_options']['sender'] ] = $value; }; if( self::isRequired($f) && "" == $value ){ if( empty(self::$serverValidationFields) || (!empty(self::$serverValidationFields) && in_array($key, self::$serverValidationFields)) ){ self::$invalid[] = $key; }; }; self::addColumnValue( $key, $f['label'], $value ); /* self::$columns[] = self::csvfield( $f['label'] ); self::$csvValues[] = self::csvfield( $value ); if( "" == $value ){ $config = self::getConfig(); if( !empty(self::$config['email']['skipEmptyFields']) ){ // skip adding field with empty value to {dataTable} and {dataText} return; }; // if }; // if self::$rows[] = "<tr> <td valign=top style='" . self::$style."font-weight:bold;width:25%;'>" . $f['label'] . " </td> <td valign=top style='" . self::$style.";'>" . nl2br($value) . " </td></tr>" ; self::$sms[] = strip_tags($f['label']) . ":\n" . strip_tags($value); */ } // _validateField // add field or its' sub fields label and value, for saving to csv file, to email, and to sms public static function addColumnValue( $key, $label, $value ){ self::$values[ $key ] = $value; self::$columns[] = self::csvfield( $label ); self::$csvValues[] = self::csvfield( $value ); if( "" == $value ){ $config = self::getConfig(); if( !empty(self::$config['email']['skipEmptyFields']) ){ // skip adding field with empty value to {dataTable} and {dataText} return; }; // if }; // if self::$rows[] = "<tr> <td valign=top style='" . self::$style."font-weight:bold;width:25%;'>" . $label . " </td> <td valign=top style='" . self::$style.";'>" . nl2br($value) . " </td></tr>" ; self::$sms[] = strip_tags($label) . ":\n" . strip_tags($value); } private static function validateReCaptcha( $post, $secretKey, $invisible = false ){ if( self::isMySite() ){ $secretKey = $invisible ? '6LeXoRkUAAAAALn90rgTb0L2vUBtQZH5uC6p_4LA' : '6LdopwYTAAAAAGJ8yZ6xM-dZkyXTj2SYbRtwCOcY' ; }; if( !empty($secretKey) && isset($post['g-recaptcha-response']) ){ $get = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $secretKey. '&response=' . $post['g-recaptcha-response']; $response = file_get_contents( $get ); //echo $get . "\n" . $response; $success = false; if( function_exists('json_decode') ){ $json = json_decode( $response, true ); //var_dump($json); $success = $json['success'] === true; }else{ $success = preg_match( '/success[\"\']*\\:\\s*(true|1|y)/i', $response ); }; return $success; }; return true; // recaptcha is not enabled } // $f : field config private static function reCaptchaInvalidHandler( $f ){ //self::$invalid[] = 'recaptcha'; if( !isset($_SESSION['recaptcha_fail_counter']) ){ $_SESSION['recaptcha_fail_counter'] = 0; }; $_SESSION['recaptcha_fail_counter'] ++; $maxFailed = intval($f['recaptcha']['maxFailed']) >= 0 ? $f['recaptcha']['maxFailed'] : 3; if( $maxFailed > 0 && $_SESSION['recaptcha_fail_counter'] <= $maxFailed ){ $errMsg = empty($f['recaptcha']['errMsg']) ? 'Google reCaptcha validation error. Please try again.' : $f['recaptcha']['errMsg']; self::exitError( $errMsg ); }; } private static function hasField( $type ){ $config = self::getConfig(); foreach( $config['fields'] as $field ){ if( $type == $field['field_type'] ){ return true; }; // if }; // foreach return false; } public static function exitError( $msg ){ $msg = self::replaceTags( $msg, self::$values ); echo $msg; exit; } private static function validateOneEntry(){ if( self::hasEntry() ){ $config = self::getConfig(); $msg = empty($config['admin']['limitActivity']['message']) ? 'Multiple submissions not accepted.' : $config['admin']['limitActivity']['message']; self::exitError( $msg ); }; } private static function hasEntry(){ $config = self::getConfig(); $la = $config['admin']['limitActivity']; if( $la['enabled'] !== true ){ return false; }; $dataFile = self::getFormDataFile(); if( !file_exists($dataFile) ){ return false; }; $found = false ; $query = $la['by'] == 'email' ? self::getSenderEmail() : $_SERVER['REMOTE_ADDR'] ; if( empty($query) ){ return false ; }; $query = '"'. strtolower( $query ) . '"'; $handle = fopen($dataFile,'r'); if (!$handle) { return false; }; while (!feof($handle)) { $entry = strtolower(fgets($handle, 4096)); if( strpos($entry,$query) !== false ){ $found = true ; break; }; }; fclose($handle); return $found ; } private static function presetTags(){ self::setValue( 'AutoID', self::getRecordID() ); self::setValue( 'HTTP_HOST', $_SERVER['HTTP_HOST'] ); self::setValue( 'IP', $_SERVER['REMOTE_ADDR'] ); self::setValue( 'Date', date("Y-m-d") ); self::setValue( 'Time', date("H:i:s") ); self::setValue( 'HTTP_REFERER', $_SERVER['HTTP_REFERER'] ); //self::setValue( 'FormURL', '' ); //self::setValue( 'AdminURL', '' ); // sender.email // sender.firstname // sender.lastname // sender.fullname } private static function un_quotes($str){ return str_replace( array('"', '''), array('"', "'"), $str ); } private static function handleUploadFile($field){ if( !isset($_FILES[ $field['id'] ]) ){ return ''; }; $dir = self::getDataDir(); $files = self::getUploadFileArray($field); $names = array(); // iOS image upload always use same name image.jpeg for all uploads, need to rename it with counter $counter = 1; $isMultiple = count($files) > 1; foreach( $files as $file ){ $prefix = $isMultiple ? $counter . '-' : ''; $fileName = $prefix . $file['name']; if( !is_uploaded_file($file['tmp_name']) ){ continue; }; // is_uploaded $safeName = $prefix . self::renameHarmfulFile($file['name']); $safeName = preg_replace( "/[^0-9a-zA-Z\.]+/", "-", $safeName ); $filePath = $dir . '/' . self::getRecordID() . '-' . $field['id'] . '-' . $safeName ; $ok = @move_uploaded_file( $file['tmp_name'], $filePath ); $link = false; if( $ok ) { $link = self::checkFile2Link( $field, $filePath ); if( !empty($link) ){ self::setValue( $field['id'] . '.name' . $prefix, $fileName ); $fileName = "<a href='{$link}' target='_blank'>{$fileName}</a>"; }; }; // if the file is not a link, then send it as attachment if( empty($link) ){ self::$attachments[] = array('path' => $ok ? $filePath : $file['tmp_name'], 'name' => $fileName ); }; $names[] = $fileName; $counter ++; }; // for each return join(", ",$names); } private static function getUploadFileArray($field){ $upload = $_FILES[ $field['id'] ]; $isMultiple = is_array( $upload['tmp_name'] ); if( !$isMultiple ) { return array( $upload ); }; $names = array(); foreach( $upload as $key => $values ){ for( $i = 0, $n = count($values); $i < $n; $i ++){ $names[$i][$key] = $values[$i]; }; } return $names; } private static function checkFile2Link($field, $filepath){ $kb = $field['field_options']['file']['fileToLinkSize']; if( empty($kb) ){ return false ; }; $filesize = filesize($filepath); if( $filesize >= $kb ){ $link = self::getFileLink( $filepath ); self::setValue( $field['id'] . '.link', $link ); return $link; }; return false; } private static function getFileLink($filepath){ $realpath = self::dir2unix( realpath($filepath) ); $link = self::getAdminUrl() . '?method=downloadAttachment&id=' . urlencode(basename($filepath)); return $link; } public static function dir2unix( $dir ){ return str_replace( array("\\", '//'), '/', $dir ); } // parse full admin url to view large size uploaded file online public static function getAdminUrl(){ $url = 'admin.php'; $http = 'http' . ( empty($_SERVER['HTTPS']) ? '' : 's' ) . '://' ; $http_host = $http . "{$_SERVER['HTTP_HOST']}"; switch( true ){ case (0 === strpos($url, $http )) : $url = $url; break; case ( '/' == substr($url,0,1) ) : $url = $http_host . $url ; break; default: $uri = self::requestUri(); $pos = strrpos( $uri, '/' ); $vdir = substr( $uri, 0, $pos ); $url = $http_host . $vdir . '/' . $url ; }; return $url; } public static function requestUri(){ $uri = getEnv('REQUEST_URI'); // apache has this if( false !== $uri && strlen($uri) > 0 ){ return $uri ; } else { $uri = ($uri = getEnv('SCRIPT_NAME')) !== false ? $uri : getEnv('PATH_INFO') ; $qs = getEnv('QUERY_STRING'); // IIS and Apache has this return $uri . ( empty($qs) ? '' : '?' . $qs ); }; return "" ; } public static function getAttachments(){ return self::$attachments; } public static function isValid(){ return empty(self::$invalid); } public static function isValidated(){ return self::$isValidated; } public static function getInvalidFields(){ return self::$invalid; } public static function getValue( $id ){ return array_key_exists( $id, self::$values ) ? self::$values[$id] : ''; } public static function getAdminUsers(){ $config = self::getConfig(); $default = array(); $admin = empty($config['admin']['users']) ? $default : $config['admin']; $users = array(); $parts = explode(',', $admin['users']); foreach( $parts as $part ){ $pos = strpos( $part, ':' ); if( false === $pos ){ continue; }; $user = trim(substr($part,0,$pos)); $pass = trim(substr($part,$pos+1)); $users[$user] = array('user' => $user, 'password' => $pass); }; return $users; } // avoid email header injection by removing line breaks for email headers private static function removeLineBreaks( $str ){ return trim(preg_replace('/[\r\n]+/', '', $str)); } // Email for mail header public static function getFromEmail( $forAutoResponse = false ){ $email = self::getSenderEmail(); if( $forAutoResponse || empty($email) ){ $email = self::$config['email']['to']; }; $sendmail_from = self::$config['email']['sendmail_from']; if( !empty($sendmail_from) ){ ini_set("sendmail_from", $sendmail_from); $email = $sendmail_from; }; return self::removeLineBreaks( $email ); } // Name for mail header public static function getFromName( $forAutoResponse = false ){ if( $forAutoResponse ){ $fromName = self::$config['email']['fromName']; return self::removeLineBreaks( self::renderContent($fromName) ); }; $fromName = self::getSenderName(); return self::removeLineBreaks( self::renderContent( $fromName ) ); } public static function getSenderEmail(){ $email = self::getValue('sender.email'); return self::removeLineBreaks( $email ); } public static function getFormOwnerPhone(){ $config = self::getConfig(); $phone = trim(self::$config['twilio']['toPhone']); return $phone; } public static function getSenderPhone(){ $phone = self::getValue('sender.phone'); return $phone; } public static function getSenderName(){ $fullname = self::getValue('sender.fullname'); $name = !empty($fullname) ? $fullname : trim(self::getValue('sender.firstname') . ' ' . self::getValue('sender.lastname')) ; return $name; } public static function getToEmail(){ self::getConfig(); return self::removeLineBreaks( self::renderContent(self::$config['email']['to']) ); } public static function getReplyToEmail(){ self::getConfig(); return self::removeLineBreaks( self::$config['autoResponse']['replyTo'] ); } public static function getReplyToName(){ self::getConfig(); return self::removeLineBreaks( self::renderContent( self::$config['autoResponse']['replyToName'] ) ); } public static function getId(){ return 'test-form-id'; } public static function getDataDelivery(){ $config = self::getConfig(); return self::$config['admin']['dataDelivery']; } public static function getValues(){ return self::$values; } public static function getMailSubject(){ return self::removeLineBreaks( self::renderContent( self::$config['email']['subject'] ) ); } public static function getMailBody(){ return self::getHtmlHeader() . self::renderContent( self::mailTemplate() ) . self::getHtmlFooter(); } public static function getAutoResponseMailSubject(){ return self::removeLineBreaks( self::renderContent( self::$config['autoResponse']['subject'] ) ); } public static function getAutoResponseMailBody(){ $body = self::autoResponseTemplate(); return empty($body) ? "" : self::getHtmlHeader() . self::renderContent( $body ) . self::getHtmlFooter(); } public static function setValue( $key, $value ){ self::$values[$key] = $value ; } public static function replaceTags( $content, $tags, $start='{', $end='}' ){ $attrs = array(); foreach ($tags as $tag => $value) { $attrs[$start.$tag.$end] = $value; }; $names = array_keys($attrs); $values = array_values($attrs); return str_replace( $names, $values, $content ); } public static function renderContent( $content ){ $content = self::replaceTags( $content, self::$values ); $content = preg_replace_callback( '/\\\u[a-zA-Z0-9]{4}/', array('Form', 'utf8codeToChar'), $content ); return $content; } public static function utf8codeToChar( $code ){ $json = json_decode( "\"{$code}\"" ); return $json ? $json : $code; } private static function getHtmlHeader(){ ob_start(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> </head> <body> <?php $output = ob_get_contents(); ob_end_clean(); return $output; } private static function getHtmlFooter(){ ob_start(); ?> </body> </html> <?php $output = ob_get_contents(); ob_end_clean(); return $output; } private static function mailTemplate(){ $default = "{dataTable}"; $config = self::getConfig(); $template = nl2br( trim(self::$config['email']['template']) ); return empty($template) ? $default : $template; } private static function autoResponseTemplate(){ $config = self::getConfig(); $template = nl2br( trim(self::$config['autoResponse']['template']) ); return $template; } private static function smsTemplate(){ $default = "{dataText}"; $config = self::getConfig(); $template = trim(self::$config['twilio']['toTemplate']); return empty($template) ? $default : $template; } private static function smsAutoResponseTemplate(){ $config = self::getConfig(); $template = trim(self::$config['twilio']['autoResponseTemplate']); return $template; } public static function getSmsBody(){ return self::renderContent( self::smsTemplate() ); } public static function getAutoResponseSmsBody(){ return self::renderContent( self::smsAutoResponseTemplate() ); } public static function getDataDir(){ $dir = dirname( self::getFormDataFile() ); if( !is_dir($dir) ){ @mkdir( $dir ); }; return $dir; } public static function canSaveData(){ // admin trun on save data for debug purpose during this browser session if( self::canSaveDataSession() ){ return true; } $method = self::getDataDelivery(); if( 'emailOnly' == $method ){ return false; }; $config = self::getConfig(); switch( self::$config['gdpr']['saveData'] ){ case 'always': return true; case 'consent': $fid = self::$config['gdpr']['consentFieldId']; $value = self::getValue( $fid ); $yes = preg_match( "/^(yes|true|agree|1)\$/i", trim($value) ); return $yes; default: case 'no': return false; } return false; } public static function canSaveDataSession(){ return isset($_SESSION['canSaveData']) ? $_SESSION['canSaveData'] : false; } private static function saveRecord(){ if( !self::canSaveData() ){ return; }; if( class_exists('\JF\Form2DB') ){ $form2db = new \JF\Form2DB(); $form2db->saveFormData( self::$values ); } // if there are any real data rather then only 3 columns: ID, Date, and IP if( count(self::$csvValues) <= 3 ){ return; }; $sep = chr(0x09); $recordCols = self::data2record( join($sep, self::$columns) ) . PHP_EOL; $record = self::data2record( join($sep, self::$csvValues) ) . PHP_EOL; self::getDataDir(); $dataFile = self::getFormDataFile(); if( !file_exists($dataFile) ){ self::secureFile( $dataFile ); file_put_contents($dataFile, $recordCols, FILE_APPEND ); }; file_put_contents($dataFile, $record, FILE_APPEND ); } public static function secureFile( $file ){ self::getDataDir(); if( !file_exists($file) ){ file_put_contents($file, "<?php exit(); /* For security reason. To avoid public user downloading below data! */?>" . PHP_EOL); }; } private static function getRecordID(){ if( !isset($GLOBALS['RecordID']) ){ $GLOBALS['RecordID'] = date("Ymd") . '-'. substr( md5(uniqid(rand(), true)), 0,4 ); }; return $GLOBALS['RecordID']; } private static function data2record( $s, $b=true ){ $from = array( "\r", "\n"); $to = array( "\\r", "\\n" ); return $b ? str_replace( $from, $to, $s ) : str_replace( $to, $from, $s ) ; } private static function csvfield( $str ){ $str = str_replace( '"', '""', $str ); return '"' . trim($str) . '"'; } private static function isRequired($field){ return true === $field['field_options']['validators']['required']['enabled']; } private static function renameHarmfulFile( $name ){ $ext = strrchr(strtolower($name), '.'); if( $ext !== false ){ $n = strpos( strtolower(self::$harmfulExts), $ext ); if( $n !== false ){ return $name . '.bak' ; }; }; return $name; } private static function stripTags( $str ){ return strip_tags( $str, self::$allowable_tags ); } private static $config; private static $post; private static $values; private static $invalid; private static $isValidated = false; private static $attachments; private static $dataDir = './data/'; // folder that stores form data file, email traffic log, and upload files private static $columns; private static $csvValues; private static $serverValidationFields; private static $style; private static $rows; private static $sms; private static $allowable_tags = "<a><b><blockquote><br><del><div><em><h1><h2><h3><h4><h5><h6><hr><i><img><label><li><ol><p><pre><small><span><strong><style><sub><sup><table><tbody><td><tfoot><th><thead><title><tr><u><ul>"; private static $harmfulExts = ".php, .php2, .php3, .php4, .php5, .php6, .php7, .html, .css, .js, .exe, .com, .bat, .vb, .vbs, scr, .inf, .reg, .lnk, .pif, .ade, .adp, .app, .bas, .chm, .cmd, .cpl, .crt, .csh, .fxp, .hlp, .hta, .ins, .isp, .jse, .ksh, .Lnk, .mda, .mdb, .mde, .mdt, .mdw, .mdz, .msc, .msi, .msp, .mst, .ops, .pcd, .prf, .prg, .pst, .scf, .scr, .sct, .shb, .shs, .url, .vbe, .wsc, .wsf, .wsh"; public static function getConfig( $decode = true ){ self::$config = Config::getConfig($decode); self::overwriteConfig( $decode ); return self::$config; } private static function overwriteConfig( $decode = true ){ if( !$decode ){ return; }; $file = __DIR__.'/myconfig.php'; if( !file_exists($file) ){ return; }; $config = include($file); if( !is_array($config) ){ return; }; foreach( $config as $sectionName => $var ){ if( is_array($var) ){ foreach( $var as $key => $val ){ if( !empty($val) ){ self::$config[$sectionName][$key] = $config[$sectionName][$key]; }; };// }else{ if( !empty($var) ){ self::$config[$sectionName] = $config[$sectionName]; }; }; // if }; // foreac } // overwriteConfig }// end of Form class // -------------------------------------------------------------- // -------------------------------------------------------------- class Mailer { private $config; private $mailer = 'local'; private $logs = array(); public $From; public $FromName; public $TO; public $Subject; public $Body; public $CC; public $BCC; public $ReplyTo; public $ReplyToName; private $isSent = false; private $sendError = ''; private $sentMIMEMessage = ''; private $includeAttachments = true; function __construct(){ $this->config = Form::getConfig(); } public function Send(){ $this->mailer = empty($this->config['mailer']) ? 'local' : $this->config['mailer']; switch ( $this->mailer ) { case 'local': case 'smtp': $this->SendByPHPMailer(); break; case 'mailgun': if ( function_exists('curl_init') ){ $this->SendByMailGun(); } else { $this->addLog( "CURL module is not avaiable. Can't use mailgun mailer, use normal sendmail mailer."); $this->SendByPHPMailer(); }; break; default: break; }; // switch $this->saveLogs(); } public function mail( $to , $subject , $message, $from = '', $fromName = '' ){ $this->TO = $to; $this->From = $from; $this->FromName = $fromName; $this->Subject = $subject; $this->Body = $message; return $this->Send(); } public function setIncludeAttachments( $yes ){ $this->includeAttachments = $yes; } public function validateForm( $post = array() ){ if( !Form::isValidated() ){ Form::validate($post); }; $this->From = Form::getFromEmail(); $this->FromName = Form::getFromName(); $this->Subject = Form::getMailSubject(); $this->Body = Form::getMailBody(); $email = $this->config['email']; $this->TO = Form::getToEmail(); $this->CC = empty($email['cc']) ? '' : $email['cc']; $this->BCC = empty($email['bcc']) ? '' : $email['bcc']; } private function SendByPHPMailer(){ $email = $this->config['email']; $mailer = new \PHPMailer(); $mailer->From = $this->From; $mailer->FromName = $this->FromName; $mailer->Subject = $this->Subject; $mailer->Body = $this->Body; $mailer->CharSet = 'UTF-8'; $mailer->msgHTML($mailer->Body); $mailer->IsHtml(true); $mailer->AddAddress($this->TO); if( empty($this->ReplyTo) ){ $senderEmail = Form::getSenderEmail(); $this->ReplyTo = empty($senderEmail) ? $this->From : $senderEmail; $this->ReplyToName = $this->FromName; }; $mailer->AddReplyTo($this->ReplyTo, $this->ReplyToName); if( !empty($this->CC) ){ $CCs = explode(',',$this->CC ); foreach($CCs as $c){ $mailer->AddCC( $c ); }; }; if( !empty($this->BCC) ){ $BCCs = explode(',',$this->BCC); foreach($BCCs as $b){ $mailer->AddBCC( $b ); }; }; $attachments = Form::getAttachments(); //$this->addLog($attachments); if( $this->includeAttachments && is_array($attachments) ){ foreach($attachments as $f){ $mailer->AddAttachment( $f['path'], basename($f['name']) ); }; }; $smtp = $this->config['smtp']; $isSMTP = $this->mailer == 'smtp' && !empty($smtp); if( $isSMTP ){ $mailer->IsSMTP(); $mailer->Host = $smtp['host']; $mailer->Username = $smtp['user']; $mailer->Password = $smtp['password']; $mailer->SMTPAuth = !empty($mailer->Password); $mailer->SMTPSecure = $smtp['security']; $mailer->Port = empty($smtp['port']) ? 25 : $smtp['port']; $mailer->SMTPDebug = empty($smtp['debug']) ? 0 : 2; }; if( $isSMTP && $mailer->SMTPDebug > 0 ){ ob_start(); }; $this->isSent = $mailer->Send(); if( $isSMTP && $mailer->SMTPDebug > 0 ){ $debug = ob_get_contents(); ob_end_clean(); $this->addLog($debug); }; if( !$sent ){ $this->sendError = $mailer->ErrorInfo; }; $this->sentMIMEMessage = $mailer->getSentMIMEMessage(); return $this->isSent; } private function SendByMailGun(){ $mg = $this->config['mailgun']; $api_key= $mg['apiKey']; /* Api Key got from https://mailgun.com/cp/my_account */ $domain = $mg['domain']; /* Domain Name you given to Mailgun*/ if( empty($this->ReplyTo) ){ $this->ReplyTo = $this->From; $this->ReplyToName = $this->FromName; }; $ch = curl_init(); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "api:".$api_key); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, CURLOPT_URL, "https://api.mailgun.net/v3/".$domain."/messages"); $fields = array( "from" => ( empty($this->FromName) ? $mg['fromName'] : $this->FromName ) . " <" . $mg['fromEmail'] . ">", "to" => $this->TO, "subject" => $this->Subject, "h:Reply-To" => $this->ReplyToName . " <" . $this->ReplyTo . ">", "html" => $this->Body ); // php 5.5+ if( class_exists("\\CURLFile") ){ // process inline images $result = $this->extractEmbededImages( $this->Body ); if( !empty($result['imgFiles']) ){ $fields['html'] = $result['message']; $inlines = $this->mailgunAddFiles( $result['imgFiles'], 'inline' ); $fields = array_merge( $fields, $inlines ); }; // process normal attachments if( $this->includeAttachments ){ $attachments = Form::getAttachments(); $fields = array_merge( $fields, $this->mailgunAddFiles($attachments,'attachment') ); } }; if( !empty($this->CC) ){ $fields['cc'] = $this->CC; }; if( !empty($this->BCC) ){ $fields['bcc'] = $this->BCC; }; curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); $result = curl_exec($ch); $this->isSent = $result ? true : false; $this->sentMIMEMessage = "CURL paramenters:\n" . var_export($fields,true) . "\n" . var_export($result,true); if( !$this->isSent ){ $this->sendError = curl_error($ch); } curl_close($ch); return $this->isSent; } private function mailgunAddFiles( $files, $type = 'attachment' ){ $fields = array(); if( is_array($files) ){ $n = count($files); for( $i = 0; $i < $n; $i ++ ) { $f = $files[$i]; //$key = "attachment" . ( $i == 0 ? '' : "[{$i}]" ); $key = $type . ( $i == 0 ? '' : "[{$i}]" ); $fields[$key] = new \CURLFile($f['path'], null, basename($f['name']) ); }; }; return $fields; } // for mailgun inline images, ported from phpmailer private function extractEmbededImages($message) { $imgFiles = array(); preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images); if (isset($images[2])) { $dir = Form::getDataDir(); foreach ($images[2] as $imgindex => $url) { // Convert data URIs into embedded images if (preg_match('#^data:(image[^;,]*)(;base64)?,#', $url, $match)) { $data = substr($url, strpos($url, ',')); if ($match[2]) { $data = base64_decode($data); } else { $data = rawurldecode($data); }; $type = basename($match[1]); $id = md5(uniqid(rand(), true)); $file = $dir . '/' . $id . '.' . $type; $ok = file_put_contents($file, $data); //$cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2 //$cid = md5( $file ) . '@mailgun.0'; // RFC2392 S 2 $cid = basename($file); $imgFiles[] = array( 'path' => $file, 'name' => $cid ); $message = str_replace( $images[0][$imgindex], $images[1][$imgindex] . '="cid:' . $cid . '"', $message ); } // if } // foreach }; // if return array( 'imgFiles' => $imgFiles, 'message' => $message ); } private function saveLogs(){ if( !Form::canSaveData() ){ return; } $line = str_repeat('--------', 8); $this->addLog( "\n\n" . $line ); $this->addLog( date("Y-m-d H:i:s") ); $this->addLog( "Email Sent: " . ( $this->isSent ? 'OK' : 'Failed (' . $this->sendError . ')' ) ); $this->addLog($this->sentMIMEMessage); $this->addLog( $line . "\n\n" ); $logFile = Form::getEmailLogFile(); Form::secureFile( $logFile ); file_put_contents($logFile, join("\n", $this->logs), FILE_APPEND); $this->logs = array(); // clear } private function addLog($msg){ $this->logs[] = is_string($msg) ? $msg : var_export($msg,true); } } // end of class Mailer // -------------------------------------------------------------- class Twilio { private $logs = array(); public function sendSms(){ if( !self::smsEnabled() ){ return; }; $this->addLog( "Sending text message to form owner's phone...\n\n" ); $this->sendSmsToFormOwner(); $this->addLog( "\n\nSending auto-response text message to form sender's phone...\n\n" ); $this->sendSmsToFormSender(); $this->saveLogs(); } public static function smsEnabled(){ $config = Form::getConfig(); $twilio = $config['twilio']; $accountSid = $twilio['accountSid']; $authToken = $twilio['authToken']; $phone = $twilio['phoneNumber']; // twilio verified number return !empty($accountSid) && !empty($authToken) && !empty($phone); } private function sendSmsToFormOwner(){ $phone = Form::getFormOwnerPhone(); $message = Form::getSmsBody(); return $this->sendMessage( $phone, $message ); } private function sendSmsToFormSender(){ $phone = Form::getSenderPhone(); $message = Form::getAutoResponseSmsBody(); return $this->sendMessage( $phone, $message ); } public function sendMessage( $toPhone, $message ){ if( empty($toPhone) || empty($message) ){ $this->addLog( "Phone: $toPhone\nMessage:$message\nEmpty phone or message, no text message to be sent.\n" ); return false; }; $config = Form::getConfig(); $twilio = $config['twilio']; $accountSid = $twilio['accountSid']; $authToken = $twilio['authToken']; $url = "https://api.twilio.com/2010-04-01/Accounts/$accountSid/Messages"; $from = $twilio['phoneNumber']; // twilio verified number $data = array ( 'From' => $from, 'To' => $toPhone, 'Body' => $message, ); $post = http_build_query($data); $ch = curl_init($url ); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$accountSid:$authToken"); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); $result = curl_exec($ch); curl_close($ch); $this->isSmsSent = $result ? true : false; $this->addLog( "twilioSendMessage paramenters:\n" . var_export($data,true) . "\nSend result:\n" . var_export($result,true) ); $this->saveLogs(); return $result; } private function saveLogs(){ if( !Form::canSaveData() ){ return; } $line = str_repeat('--------', 8); $str = "\n\n" . $line . "\n" . date("Y-m-d H:i:s"). "\n" . $line . "\n\n"; $logFile = Form::getSmsLogFile(); Form::secureFile( $logFile ); file_put_contents($logFile, $str . join("\n", $this->logs), FILE_APPEND); $this->logs = array(); // clear } private function addLog($msg){ $this->logs[] = is_string($msg) ? $msg : var_export($msg,true); } } # end of class Twilio class VerifcationCode { public static function send(){ Form::getConfig(); $vsSendTo = $_REQUEST['vsSendTo']; $code = self::generate( true ); if( empty($vsSendTo) || empty($code) ){ return; }; if( stripos( $vsSendTo, '@' ) !== false ){ self::sendByEmail( $vsSendTo, $code ); }else{ $vsSendTo = preg_replace( '/[^0-9]/', '', $vsSendTo ); self::sendBySms( $vsSendTo, $code ); }; echo "Sent verification code to " . $vsSendTo; // . ", code: " . $code; } public static function verify(){ $userInputCode = $_REQUEST['vsCode']; $vcode = self::generate( false ); if( empty($userInputCode) || empty($vcode) ){ return; }; $ok = $userInputCode == $vcode; echo ($ok ? "OK: code verified!" : "code failed to verify"); // .": .... session code = " . $vcode . ", userInput= " . $userInputCode; if( $ok ) self::generate( true ); // destory verified code } private static function sendByEmail( $to, $code ){ $field = self::getVerifySenderFieldConfig(); $from = Form::getFromEmail(false); $fromName = Form::getFromName(false); $subject = Form::replaceTags( $field['field_options']['mailSuject'], array('code' => $code) ); $message = nl2br(Form::replaceTags( $field['field_options']['mailTemplate'], array('code' => $code) )); $mailer = new Mailer(); $ok = $mailer->mail( $to , $subject, $message, $from , $fromName ); return $ok; } private static function sendBySms( $to, $code ){ $field = self::getVerifySenderFieldConfig(); if( !$field['field_options']['smsEnabled'] ){ return false; }; $phone = preg_replace( '/[^0-9]/', '', $to ); $message = Form::replaceTags( $field['field_options']['smsTemplate'], array('code' => $code) ); $sms = new Twilio(); $ok = $sms->sendMessage( $phone, $message ); return $ok; } private static function generate( $new = false ){ if( $new || empty($_SESSION['verification_code']) ){ $_SESSION['verification_code'] = rand(1000, 9999); $_SESSION['verification_code_created'] = time(); }; return $_SESSION['verification_code']; } private static function getVerifySenderFieldConfig(){ $config = Form::getConfig(); foreach( $config['fields'] as $f ){ if( 'verify_sender' == $f['field_type'] ){ return $f; }; }; return false; } } # end of class VerifcationCode class PaymentBase{ protected $config; protected $isPaid; protected $errmsg; function __construct( $paymentFieldConfig ) { $this->config = $paymentFieldConfig; } // $data is $_POST public function validate( $data ){ return false; } public function getAmount( $data ){ $payment = $this->config['payment']; $amount = $payment['amount']; $userAmount = 0; if( $payment['changeable'] ){ $userAmount = $data['payment_amount']; }; $amount = abs( empty($userAmount) ? $amount : $userAmount ); return $amount; } public function isPaid(){ return $this->isPaid; } public function getErrMsg(){ return $this->errmsg; } public function log( $s ){ $line = str_repeat('--------', 8); $str = "\n\n" . $line . "\n" . date("Y-m-d H:i:s"). "\n" . $line . "\n\n"; $logFile = Form::getDataDir() . '/payment-log.php'; Form::secureFile( $logFile ); $log = is_string($s) ? $s : var_export( $s, true ); file_put_contents($logFile, $str . $log, FILE_APPEND); } } # end of class PaymentBase