boe.pres.k12.wv.us

home *** CD-ROM | disk | FTP | other *** search

/ boe.pres.k12.wv.us / boe.pres.k12.wv.us.zip / boe.pres.k12.wv.us / Utilities / More Files / form-to-email_compmaintenance.php < prev next >

Wrap

PHP Script | 2013-07-17 | 2KB | 79 lines

<?php if(!isset($_POST['submit'])) { //This page should not be accessed directly. Need to submit the form. echo "error; you need to submit the form!"; } $copy_email = $_POST['CopyEmail']; $school = $_POST['School']; $room_number = $_POST['LocationRoom']; $requested = $_POST['Requested']; $problem = $_POST['Problem']; $contact = $_POST['Contact']; $date = date("F j, Y, g:i a"); //Validate first if(empty($contact)||empty($copy_email)) { echo "Name and email are mandatory!"; exit; } if(IsInjected($copy_email)) { echo "Bad email value!"; exit; } $email_subject = "Maintenance Work Order - $school"; $email_body = "The following work order was entered on $date \r\n SCHOOL: $school LOCATION-ROOM: $room_number REQUESTED: $requested CONTACT: $contact PROBLEM: $problem \r\n"; $email_to = "psines@access.k12.wv.us,rmarshal@access.k12.wv.us,mlmurray@access.k12.wv.us"; $headers = "From: $copy_email\r\n"; $headers .= "CC: $copy_email\r\n"; //Send the email! if (mail($email_to,$email_subject,$email_body,$headers)){ //done. redirect to thank-you page. header('Location: thank-youworkmaintenance.html'); } else{ header('Location: problem.html'); } // Function to validate against any email injection attempts function IsInjected($str) { $injections = array('(\n+)', '(\r+)', '(\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)' ); $inject = join('|', $injections); $inject = "/$inject/i"; if(preg_match($inject,$str)) { return true; } else { return false; } } ?>