From e81723229382aea3a21e0e931dedc7134d6b3665 Mon Sep 17 00:00:00 2001 From: TechEmporium Date: Fri, 11 Jan 2019 13:57:40 -0500 Subject: [PATCH] First site 2.0 copy --- signup.lib.php | 6780 ++++++++++++++++++++++++------------------------ 1 file changed, 3390 insertions(+), 3390 deletions(-) diff --git a/signup.lib.php b/signup.lib.php index 265e0db..8b34446 100644 --- a/signup.lib.php +++ b/signup.lib.php @@ -1,3390 +1,3390 @@ -unauthorized domain." ); - -define( 'PHPFMG_ONE_ENTRY' , '' ); -define( 'PHPFMG_ONE_ENTRY_METHOD' , '' ); - -phpfmg_init(); -# ----------------------------------------------------------------------------- - - - - - - - - - -function phpfmg_thankyou(){ - phpfmg_redirect_js(); -?> - - -
- - Your form has been sent. Thank you! -

- - - - - - "field_0", "text" => "Contact Name:", "type" => "sender's name", "instruction" => "", "required" => "Required" ) ; -$GLOBALS['form_mail']['field_1'] = array( "name" => "field_1", "text" => "Desired Username:", "type" => "text", "instruction" => "", "required" => "Required" ) ; -$GLOBALS['form_mail']['field_2'] = array( "name" => "field_2", "text" => "Email Address:", "type" => "sender's email", "instruction" => "", "required" => "Required" ) ; -$GLOBALS['form_mail']['field_3'] = array( "name" => "field_3", "text" => "What interests you about thunix?", "type" => "textarea", "instruction" => "", "required" => "Required" ) ; -$GLOBALS['form_mail']['field_4'] = array( "name" => "field_4", "text" => "Desired Public SSH Key :", "type" => "textarea", "instruction" => "", "required" => "Required" ) ; - - -/** - * GNU Library or Lesser General Public License version 2.0 (LGPLv2) -*/ - -function phpfmg_init(){ - - error_reporting( E_ERROR ); - ini_set('magic_quotes_runtime', 0); - ini_set( 'max_execution_time', 0 ); - ini_set( 'max_input_time', 36000 ); - - session_start(); - - if( !isset($_SESSION['HTTP_REFERER']) ) - $_SESSION['HTTP_REFERER'] = $_SERVER['HTTP_REFERER'] ; - phpfmg_check_referers(); - - if ( get_magic_quotes_gpc() && isset($_POST) ) { - phpfmg_stripslashes( $_POST ); - }; - -} - - -function phpfmg_stripslashes(&$var){ - if(!is_array($var)) { - $var = stripslashes($var); - } else { - array_walk($var,'phpfmg_stripslashes'); - }; -} - - -function phpfmg_display_form( $title="", $keywords="", $description="" ){ - @header( 'Content-Type: text/html; charset=' . PHPFMG_CHARSET ); - $phpfmg_send = phpfmg_sendmail( $GLOBALS['form_mail'] ) ; - $isHideForm = isset($phpfmg_send['isHideForm']) ? $phpfmg_send['isHideForm'] : false; - $sErr = isset($phpfmg_send['error']) ? $phpfmg_send['error'] : ''; - - # FormMail main() - phpfmg_header( $title, $keywords, $description ); - if( !$isHideForm ){ - phpfmg_form($sErr); - }else{ - phpfmg_thankyou(); - }; - phpfmg_footer(); - - return; -} - -function phpfmg_linebreak(){ - $os = strtolower(PHP_OS); - switch( true ){ - case ("\\" == DIRECTORY_SEPARATOR) : // windows - return "\x0d\x0a" ; - case ( strpos($os, 'darwin') !== false ) : // Mac - return "\x0d" ; - default : - return "\x0a" ; // *nix - }; -} - -function phpfmg_sendmail( &$form_mail ) { - if( !isset($_POST["formmail_submit"]) ) return ; - - $isHideForm = false ; - $sErr = checkPass($form_mail); - - $err_captcha = phpfmg_check_captcha(); - if( $err_captcha != '' ){ - $sErr['fields'][] = 'phpfmg_captcha'; - $sErr['errors'][] = ERR_CAPTCHA; - }; - - if( empty($sErr['fields']) && phpfmg_has_entry() ){ - $sErr['fields'][] = 'phpfmg_found_entry'; - $sErr['errors'][] = 'Found entry already!'; - }; - if( empty($sErr['fields']) ){ - - sendFormMail( $form_mail, PHPFMG_SAVE_FILE ) ; - $isHideForm = true; - // move the redirect to phpfmg_thankyou() to get around the redirection within an iframe problem - /* - $redirect = PHPFMG_REDIRECT; - if( strlen(trim($redirect)) ): - header( "Location: $redirect" ); - exit; - endif; - */ - }; - - return array( - 'isHideForm' => $isHideForm, - 'error' => $sErr , - ); -} - - -function phpfmg_has_entry(){ - if( !file_exists(PHPFMG_SAVE_FILE) ){ - return false; // has nothing to check - }; - - $found = false ; - if( defined('PHPFMG_ONE_ENTRY') && 'Y' == PHPFMG_ONE_ENTRY ){ - $query = defined('PHPFMG_ONE_ENTRY_METHOD') && PHPFMG_ONE_ENTRY_METHOD == 'email' && isset($GLOBALS['sender_email']) ? $GLOBALS['sender_email'] : $_SERVER['REMOTE_ADDR'] ; - if( empty($query) ) - return false ; - - $GLOBALS['OneEntry'] = $query; - $query = '"'. strtolower($query) . '"'; - $handle = fopen(PHPFMG_SAVE_FILE,'r'); - if ($handle) { - while (!feof($handle)) { - $entry = strtolower(fgets($handle, 4096)); - if( strpos($entry,$query) !== false ){ - $found = true ; - break; - }; - }; - fclose($handle); - }; - }; - return $found ; - -} - -function sendFormMail( $form_mail, $sFileName = "" ) -{ - $to = filterEmail(PHPFMG_TO) ; - $cc = filterEmail(PHPFMG_CC) ; - $bcc = filterEmail(PHPFMG_BCC) ; - - // simply chop email address to avoid my website being abused - if( false !== strpos( strtolower($_SERVER['HTTP_HOST']),'formmail-maker.com') ){ - $cc = substr($cc, 0, 50); - $bcc = substr($bcc,0, 50); - }; - - - $subject = PHPFMG_SUBJECT ; - $from = $to ; - $fromName = ""; - $titleOfSender = ''; - $firstName = ""; - $lastName = ""; - - $strip = get_magic_quotes_gpc() ; - $content = '' ; - $style = 'font-family:Verdana, Arial, Helvetica, sans-serif; font-size : 13px; color:#474747;padding:6px;border-bottom:1px solid #cccccc;' ; - $tr = array() ; // html table - $csvValues = array(); - $cols = array(); - $replace = array(); - $RecordID = phpfmg_getRecordID(); - $isWritable = is_writable( dirname(PHPFMG_SAVE_ATTACHMENTS_DIR) ); - - foreach( $form_mail as $field ){ - $field_type = strtolower($field[ "type" ]); - if( 'sectionbreak' == $field_type ){ - continue; - }; - - $field[ "text" ] = stripslashes( $field[ "text" ] ); - //$value = trim( $_POST[ $field[ "name" ] ] ); - $value = phpfmg_field_value( $field[ "name" ] ); - $value = $strip ? stripslashes($value) : $value ; - if( 'attachment' == $field_type ){ - $value = $isWritable ? phpfmg_file2value( $RecordID, $_FILES[ $field[ "name" ] ] ) : $_FILES[ $field[ "name" ] ]['name']; - //$value = $_FILES[ $field[ "name" ] ]['name']; - }; - - $content .= $field[ "text" ] . " \t : " . $value .PHPFMG_LNCR; - $tr[] = " " . $field[ "text" ] . "  " . nl2br($value) . " " ; - $csvValues[] = csvfield( $value ); - $cols[] = csvfield( $field[ "text" ] ); - $replace["%".$field[ "name" ]."%"] = $value; - - switch( $field_type ){ - case "sender's email" : - $from = filterEmail($value) ; - break; - case "sender's name" : - $fromName = filterEmail($value) ; - break; - case "titleofsender" : - $titleOfSender = $value ; - break; - case "senderfirstname" : - $firstName = filterEmail($value) ; - break; - case "senderlastname" : - $lastName = filterEmail($value) ; - break; - default : - // nothing - }; - - }; // for - - $isHtml = 'html' == PHPFMG_MAIL_TYPE ; - - if( $isHtml ) { - $content = "" . PHPFMG_LNCR . join( PHPFMG_LNCR, $tr ) . PHPFMG_LNCR . "
" ; - }; - - - if( !empty($firstName) && !empty($lastName) ){ - $fromName = $firstName . ' ' . $lastName; - }; - $fromHeader = filterEmail( ('' != $fromName ? "\"$fromName\"" : '' ) . " <{$from}>",array(",", ";")) ; // no multiple emails are allowed. - $GLOBALS['ReplyTo'] = $fromHeader; - - $_fields = array( - '%NameOfSender%' => $fromName, - '%FirstNameOfSender%' => $firstName, - '%LastNameOfSender%' => $lastName, - '%EmailOfSender%' => $from, - '%TitleOfSender%' => $titleOfSender, - '%DataOfForm%' => $content, - '%IP%' => $_SERVER['REMOTE_ADDR'], - '%Date%' => date("Y-m-d"), - '%Time%' => date("H:i:s"), - '%HTTP_HOST%' => $_SERVER['HTTP_HOST'], - '%FormPageLink%' => phpfmg_request_uri(), - '%HTTP_REFERER%' => $_SESSION['HTTP_REFERER'], - '%AutoID%' => $RecordID, - '%FormAdminURL%' => phpfmg_admin_url() - ); - $fields = array_merge( $_fields, $replace ); - - $esh_mail_template = trim(phpfmg_mail_template()); - if( !empty($esh_mail_template) ){ - $esh_mail_template = phpfmg_adjust_template($esh_mail_template); - $content = phpfmg_parse_mail_body( $esh_mail_template, $fields ); - }; - $subject = phpfmg_parse_mail_body( $subject, $fields ); - - if( $isHtml ) { - $content = phpfmg_getHtmlContent( $content ); - }; - - $oldMask = umask(0); - //$sep = ','; //chr(0x09); - $sep = chr(0x09); - $recordCols = phpfmg_data2record( csvfield('RecordID') . $sep . csvfield('Date') . $sep . csvfield('IP') . $sep . join($sep,$cols) ); - $record = phpfmg_data2record( csvfield($RecordID) . $sep . csvfield(date("Y-m-d H:i:s")) . $sep . csvfield($_SERVER['REMOTE_ADDR']) .$sep . join($sep,$csvValues) ); - - - /* - Some hosting companies (like Yahoo and GoDaddy) REQUIRED a registered email address to send out all emails! - The mailer HAS to use the REGISTERED email address as the sender's email address. This is called the sendmail_from. - */ - $sendmail_from = $from; - $sender_email = $from; - $force_sender = defined('PHPFMG_SENDMAIL_FROM') && '' != PHPFMG_SENDMAIL_FROM ; - if( $force_sender ){ - ini_set("sendmail_from", PHPFMG_SENDMAIL_FROM); - $sendmail_from = PHPFMG_SENDMAIL_FROM; - }; - if( defined('PHPFMG_SMTP') && '' != PHPFMG_SMTP ){ - ini_set("SMTP", PHPFMG_SMTP); - }; - - - - switch( strtolower(PHPFMG_ACTION) ){ - case 'fileonly' : - appendToFile( $sFileName, $record, $recordCols ); - break; - case 'mailonly' : - mailAttachments( $to , $subject , $content, $sendmail_from, $fromName, $fromHeader, $cc , $bcc, PHPFMG_CHARSET ) ; - break; - case 'mailandfile' : - default: - mailAttachments( $to , $subject , $content, $sendmail_from, $fromName, $fromHeader, $cc , $bcc, PHPFMG_CHARSET ) ; - appendToFile( $sFileName, $record, $recordCols ); - }; // switch - - mailAutoResponse( $sender_email, $force_sender ? $sendmail_from : $to, $fields ) ; - umask($oldMask); - - session_destroy(); - session_regenerate_id(true); -} - - - - - -function phpfmg_file2value( $recordID, $file ){ - $tmp = $file[ "tmp_name" ] ; - $name = phpfmg_rename_harmful(trim($file[ "name" ])) ; - if( !defined('PHPFMG_FILE2LINK_SIZE') ){ - return $name; - }; - - if( is_uploaded_file( $tmp ) ) { - $size = trim(PHPFMG_FILE2LINK_SIZE) ; - switch( $size ){ - case '' : - return $name; - default: - $isHtml = 'html' == PHPFMG_MAIL_TYPE; - $filelink = base64_encode($recordID . '-' . $name); - $url = phpfmg_admin_url() . "?mod=filman&func=download&filelink=" . urlencode($filelink) ; - $isLarger = (filesize($tmp)/1024) > $size ; - $link = $isHtml ? "$name" : $name . " ( {$url} )"; - return $isLarger ? $link : $name ; // email download link when size is larger defined size, otherwise send as attachment - };// switch - }; // if - - return $name; -} - - -function phpfmg_dir2unix( $dir ){ - return str_replace( array("\\", '//'), '/', $dir ); -} - - - -function phpfmg_request_uri(){ - $uri = getEnv('REQUEST_URI'); // apache has this - if( false !== $uri && strlen($uri) > 0 ){ - return $uri ; - } else { - - $uri = ($uri = getEnv('SCRIPT_NAME')) !== false - ? $uri - : getEnv('PATH_INFO') ; - $qs = getEnv('QUERY_STRING'); // IIS and Apache has this - return $uri . ( empty($qs) ? '' : '?' . $qs ); - - }; - return "" ; -} - - - - -// parse full admin url to view large size uploaded file online -function phpfmg_admin_url(){ - $http_host = "http://{$_SERVER['HTTP_HOST']}"; - switch( true ){ - case (0 === strpos(PHPFMG_ADMIN_URL, 'http://' )) : - $url = PHPFMG_ADMIN_URL; - break; - case ( '/' == substr(PHPFMG_ADMIN_URL,0,1) ) : - $url = $http_host . PHPFMG_ADMIN_URL ; - break; - default: - $uri = phpfmg_request_uri(); - $pos = strrpos( $uri, '/' ); - $vdir = substr( $uri, 0, $pos ); - $url = $http_host . $vdir . '/' . PHPFMG_ADMIN_URL ; - }; - return $url; -} - - - -function phpfmg_ispost(){ - return 'POST' == strtoupper($_SERVER["REQUEST_METHOD"]) || 'POST' == strtoupper(getEnv('REQUEST_METHOD')) ; -} - - -function phpfmg_is_mysite(){ - return false !== strpos( strtolower($_SERVER['HTTP_HOST']),'formmail-maker.com'); // accessing form at mysite -} - -// don't allow hotlink form to my website. To avoid people create phishing form. -function phpfmg_hotlinking_mysite(){ - $yes = phpfmg_is_mysite() - && ( empty($_SERVER['HTTP_REFERER']) || false === strpos( strtolower($_SERVER['HTTP_REFERER']),'formmail-maker.com') ) ; // doesn't have referer of mysite - - if( $yes ){ - die( "Access Denied. -

- You are visiting a form hotlinkink from formmail-maker.com which is not allowed. - Please read the FAQ. - " ); - }; -} - - - -function phpfmg_check_referers(){ - - phpfmg_hotlinking_mysite(); // anti phishing - - $debugs = array(); - $debugs[] = "Your IP: " . $_SERVER['REMOTE_ADDR']; - $debugs[] = "Referer link: " . $_SERVER['HTTP_REFERER']; - $debugs[] = "Host of referer: $referer"; - - $check = defined('PHPFMG_ANTI_HOTLINKING') && 'Y' == PHPFMG_ANTI_HOTLINKING; - if( !$check ) { - $debugs[] = "Referer is empty. No need to check hot linking."; - //echo "
" . join("\n",$debugs) . "
\n"; - //appendToFile( PHPFMG_EMAILS_LOGFILE, date("Y-m-d H:i:s") . "\t" . $_SERVER['REMOTE_ADDR'] . " \n" . join("\n",$debugs) ) ; - return true; - }; - - // maybe post from local file - if( !isset($_SERVER['HTTP_REFERER']) && phpfmg_ispost() ){ - appendToFile( PHPFMG_EMAILS_LOGFILE, date("Y-m-d H:i:s") . "\t" . $_SERVER['REMOTE_ADDR'] . " \n phpfmg_ispost " . join("\n",$debugs) ) ; - die( PHPFMG_REFERERS_DENIED_MSG ); - }; - - - $url = parse_url($_SERVER['HTTP_REFERER']); - $referer = str_replace( 'www.', '', strtolower($url['host']) ); - if( empty($referer) ) { - return true; - }; - - $hosts = explode(',',PHPFMG_REFERERS_ALLOW); - $http_host = strtolower($_SERVER['HTTP_HOST']); - $referer = $http_host ; - $hosts[] = str_replace('www.', '', $http_host ); - - $debugs[] = "Hosts Allow: " . PHPFMG_REFERERS_ALLOW; - - $allow = false ; - foreach( $hosts as $host ){ - $host = strtolower(trim($host)); - $debugs[] = "check host: $host " ; - if( false !== strpos($referer, $host) || false !== strpos($referer, 'www.'.$host) ){ - $allow = true; - $debugs[] = " -> allow (quick exit)"; - break; - }else{ - $debugs[] = " -> deny"; - }; - }; - - //echo "
" . join("\n",$debugs) . "
\n"; - //appendToFile( PHPFMG_EMAILS_LOGFILE, date("Y-m-d H:i:s") . "\t" . $_SERVER['REMOTE_ADDR'] . " \n" . join("\n",$debugs) ) ; - - if( !$allow ){ - die( PHPFMG_REFERERS_DENIED_MSG ); - }; -} - - - -function phpfmg_getRecordID(){ - if( !isset($GLOBALS['RecordID']) ){ - $GLOBALS['RecordID'] = date("Ymd") . '-'. substr( md5(uniqid(rand(), true)), 0,4 ); - }; - return $GLOBALS['RecordID']; -} - - - -function phpfmg_data2record( $s, $b=true ){ - $from = array( "\r", "\n"); - $to = array( "\\r", "\\n" ); - return $b ? str_replace( $from, $to, $s ) : str_replace( $to, $from, $s ) ; -} - - - -function csvfield( $str ){ - $str = str_replace( '"', '""', $str ); - return '"' . trim($str) . '"'; -} - - - -function mailAttachments( $to = "" , $subject = "" , $message = "" , $from="", $fromName = "" , $fromHeader ="", $cc = "" , $bcc = "", $charset = "UTF-8", $type = 'FormMail' ){ - - if( ! strlen( trim( $to ) ) ) return "Missing \"To\" Field." ; - - $isAutoResponse = $type == 'AutoResponseEmail' ; - // added PHPMailer SMTP support at Mar 12, 2011 - $isSMTP = defined('PHPFMG_USE_SMTP') && 'Y' == PHPFMG_USE_SMTP && defined('PHPFMG_SMTP_HOST') && '' != PHPFMG_SMTP_HOST; - - // due to security issues, in most case, the smtp will fail on my website. It only works on user's own server - // so just disable the smtp here - if( phpfmg_is_mysite() ){ - $isSMTP = false ; - }; - - $attachments = array(); - $noAutoAttachements = $isAutoResponse && defined('PHPFMG_RETURN_NO_ATTACHMENT') && 'Y' == PHPFMG_RETURN_NO_ATTACHMENT ; - $use_phpmailer = defined('PHPFMG_USE_PHPMAILER') && 'Y' == PHPFMG_USE_PHPMAILER ; - - - $boundary = "====_My_PHP_Form_Generator_" . md5( uniqid( srand( time() ) ) ) . "===="; - $content_type = 'html' == PHPFMG_MAIL_TYPE ? "text/html" : "text/plain" ; - - // setup mail header infomation - $headers = 'Y' == PHPFMG_NO_FROM_HEADER ? '' : "From: {$fromHeader}" .PHPFMG_LNCR; - $headers .= "Reply-To: {$GLOBALS['ReplyTo']}" .PHPFMG_LNCR; - if ($cc) $headers .= "CC: $cc".PHPFMG_LNCR; - if ($bcc) $headers .= "BCC: $bcc".PHPFMG_LNCR; - //$headers .= "Content-type: {$content_type}; charset={$charset}" .PHPFMG_LNCR ; - - $plainHeaders = $headers ; // for no attachments header - $plainHeaders .= 'MIME-Version: 1.0' . PHPFMG_LNCR; - $plainHeaders .= "Content-type: {$content_type}; charset={$charset}" ; - - //create mulitipart attachments boundary - $sError = "" ; - $nFound = 0; - - - if( false && isset($GLOBALS['phpfmg_files_content']) && '' != $GLOBALS['phpfmg_files_content'] ){ - - // use previous encoded content - $sEncodeBody = $GLOBALS['phpfmg_files_content'] ; - $nFound = $GLOBALS['phpfmg_nFound'] ; - - }else{ - - $file2link_size = trim(PHPFMG_FILE2LINK_SIZE) ; - $isSave = ('' != $file2link_size || defined('PHPFMG_SAVE_ATTACHMENTS') && 'Y' == PHPFMG_SAVE_ATTACHMENTS); - if( $isSave ){ - if( defined('PHPFMG_SAVE_ATTACHMENTS_DIR') ){ - if( !is_dir(PHPFMG_SAVE_ATTACHMENTS_DIR) ){ - $ok = @mkdir( PHPFMG_SAVE_ATTACHMENTS_DIR, 0777 ); - if( !$ok ) $isSave = false; - }; - }; - }; - - $isWritable = is_writable( dirname(PHPFMG_SAVE_ATTACHMENTS_DIR) ); - // parse attachments content - foreach( $_FILES as $aFile ){ - $sFileName = $aFile[ "tmp_name" ] ; - $sFileRealName = phpfmg_rename_harmful($aFile[ "name" ]) ; - if( is_uploaded_file( $sFileName ) ): - - $isSkip = '' != $file2link_size && ( (filesize($sFileName)/1024) > $file2link_size ); - // save uploaded file - if( $isWritable && $isSave ){ - $tofile = PHPFMG_SAVE_ATTACHMENTS_DIR . phpfmg_getRecordID() . '-' . basename($sFileRealName); - if( @copy( $sFileName, $tofile) ) { - $sFileName = $tofile; // to fix problem : in some windows php, the uploaded temp file might not be mailed as attachment - chmod($tofile,0777); - }; - }; - - if( $isSkip ) - continue; // mail file as link - - $attachments[] = array('file' => $sFileName, 'name' => $aFile[ "name" ] ); - - if( !$use_phpmailer && !$isSMTP && ($fp = @fopen( $sFileName, "rb" )) ) : - $sContent = fread( $fp, filesize( $sFileName ) ); - fclose($fp); - $sFName = basename( $sFileRealName ) ; - $sMIME = getMIMEType( $sFName ) ; - - $bPlainText = ( $sMIME == "text/plain" ) ; - if( $bPlainText ) : - $encoding = "" ; - else: - $encoding = "Content-Transfer-Encoding: base64".PHPFMG_LNCR; - $sContent = chunk_split( base64_encode( $sContent ) ); - endif; - - $sEncodeBody .= PHPFMG_LNCR."--$boundary" .PHPFMG_LNCR. - "Content-Type: $sMIME;" . PHPFMG_LNCR. - "\tname=\"$sFName\"" . PHPFMG_LNCR. - $encoding . - "Content-Disposition: attachment;" . PHPFMG_LNCR. - "\tfilename=\"$sFName\"" . PHPFMG_LNCR. PHPFMG_LNCR. - $sContent . PHPFMG_LNCR ; - $nFound ++; - else: - $sError .= "
Failed to open file $sFileName.\n" ; - endif; // if( $fp = fopen( $sFileName, "rb" ) ) : - - else: - $sError .= "
File $sFileName doesn't exist.\n" ; - endif; //if( file_exists( $sFileName ) ): - }; // end foreach - - $sEncodeBody .= PHPFMG_LNCR.PHPFMG_LNCR."--$boundary--" ; - - $GLOBALS['phpfmg_files_content'] = $sEncodeBody ; - $GLOBALS['phpfmg_nFound'] = $nFound ; - - }; // if - - $headers .= "MIME-Version: 1.0".PHPFMG_LNCR."Content-type: multipart/mixed;".PHPFMG_LNCR."\tboundary=\"$boundary\""; - $txtMsg = PHPFMG_LNCR."This is a multi-part message in MIME format." .PHPFMG_LNCR . - PHPFMG_LNCR."--$boundary" .PHPFMG_LNCR . - "Content-Type: {$content_type};".PHPFMG_LNCR. - "\tcharset=\"$charset\"" .PHPFMG_LNCR.PHPFMG_LNCR . - $message . PHPFMG_LNCR; - - - if( $noAutoAttachements ) $sEncodeBody = '' ; - - $body = $nFound ? $txtMsg . $sEncodeBody : $message ; - $headers = $nFound ? $headers : $plainHeaders ; - - - $errmsg = ""; - if( $isSMTP || $use_phpmailer ){ - if( $noAutoAttachements ) $attachments = false ; - $errmsg = phpfmg_phpmailer( $to, $subject, $body, $from, $fromName, $cc , $bcc , $charset, $attachments ); - - }else{ - - if ( !mail( $to, $subject, $body, $headers ) ) - $errmsg = "Failed to send mail"; - }; - - $ok = $errmsg == "" ; - $status = $ok ? "\n[Email sent]" : "\n[{$errmsg}]" ; - phpfmg_log_mail( $to, $subject, ($ok ? 'Email sent' : 'Failed to send mail') . "\n" . ($nFound ? $headers . $txtMsg : $headers . $message), '', $type . $status ); // no log for attachments - - return $sError ; -} - - -function phpfmg_phpmailer( $to, $subject, $message, $from, $fromName, $cc = "" , $bcc = "", $charset = "UTF-8",$attachments = false ){ - - $mail = new PHPMailer(); - $mail->Host = PHPFMG_SMTP_HOST; // SMTP server - $mail->Username = PHPFMG_SMTP_USER; - $mail->Password = PHPFMG_SMTP_PLAIN_PASSWORD != '' ? PHPFMG_SMTP_PLAIN_PASSWORD : base64_decode(PHPFMG_SMTP_PASSWORD); - $mail->SMTPAuth = PHPFMG_SMTP_PASSWORD != ""; - $mail->SMTPSecure = PHPFMG_SMTP_SECURE; - $mail->Port = PHPFMG_SMTP_PORT == "" ? 25 : PHPFMG_SMTP_PORT; - if( defined('PHPFMG_SMTP_DEBUG_LEVEL') && PHPFMG_SMTP_DEBUG_LEVEL != "" ){ - $mail->SMTPDebug = (int)PHPFMG_SMTP_DEBUG_LEVEL ; - }; - - if( isset($GLOBALS['ReplyTo']) ) $mail->AddReplyTo($GLOBALS['ReplyTo']); - $mail->From = $from; - $mail->FromName = $fromName; - $mail->Subject = $subject; - $mail->Body = $message; - $mail->CharSet = $charset; - - if( !phpfmg_is_mysite() && (defined('PHPFMG_USE_SMTP') && 'Y' == PHPFMG_USE_SMTP) ){ - $mail->IsSMTP(); - }; - - $mail->IsHTML('html' == PHPFMG_MAIL_TYPE); - - $mail->AddAddress($to); - - if( ''!= $cc ){ - $CCs = explode(',',$cc); - foreach($CCs as $c){ - $mail->AddCC( $c ); - }; - }; - - if( ''!= $bcc ){ - $BCCs = explode(',',$bcc); - foreach($BCCs as $b){ - $mail->AddBCC( $b ); - }; - }; - - - if( is_array($attachments) ){ - foreach($attachments as $f){ - $mail->AddAttachment( $f['file'], basename($f['name']) ); - }; - }; - - return $mail->Send() ? "" : $mail->ErrorInfo; - -} - - - -function mailAutoResponse( $to, $from, $fields = false ){ - if( !formIsEMail($to) ) return ERR_EMAIL ; // one more check for spam robot - $enable = defined('PHPFMG_RETURN_ENABLE') && PHPFMG_RETURN_ENABLE === 'Y'; - $body = trim(phpfmg_auto_response_message()); - if( !$enable || empty($body) ){ - return false ; - }; - - $subject = PHPFMG_RETURN_SUBJECT; - $isHtml = 'html' == PHPFMG_MAIL_TYPE ; - $body = phpfmg_adjust_template($body); - $body = phpfmg_parse_mail_body($body,$fields); - $subject = phpfmg_parse_mail_body( $subject, $fields ); - if( $isHtml ) { - $body = phpfmg_getHtmlContent( $body ); - }; - $body = str_replace( "0x0d", '', $body ); - $body = str_replace( "0x0a", PHPFMG_LNCR, $body ); - - if( defined('PHPFMG_RETURN_EMAIL') && formIsEMail(PHPFMG_RETURN_EMAIL) ){ - $from = PHPFMG_RETURN_EMAIL; - }; - $fromHeader = ( PHPFMG_YOUR_NAME == "" ? "" : "\"".PHPFMG_YOUR_NAME . "\"" ) . " <{$from}>"; - return mailAttachments( $to , $subject , $body, filterEmail($from), PHPFMG_YOUR_NAME, $fromHeader, '' , '', PHPFMG_CHARSET, 'AutoResponseEmail' ); - -} - - -function phpfmg_log_mail( $to='', $subject='', $body='', $headers = '', $type='' ){ - $sep = PHPFMG_LNCR . str_repeat('----',20) . PHPFMG_LNCR ; - appendToFile( PHPFMG_EMAILS_LOGFILE, date("Y-m-d H:i:s") . "\t" . $_SERVER['REMOTE_ADDR'] . "\t{$type}" . $sep . "To: {$to}\r\nSubject: {$subject}\r\n" . $headers . $body . "
" . PHPFMG_LNCR . $sep . PHPFMG_LNCR ) ; -} - - - -function phpfmg_getHtmlContent( $body ){ - $html = "Your Form Mail Content | htttp://phpfmg.sourceforge.net" - . $body .""; - return $html ; -} - - - -function phpfmg_adjust_template( $body ){ - $isHtml = 'html' == PHPFMG_MAIL_TYPE ; - if( $isHtml ){ - $body = preg_match( "/<[^<>]+>/", $body ) ? $body : nl2br($body); - }; - return $body; -} - - - -function phpfmg_parse_mail_body( $body, $fields = false ){ - if( !is_array($fields) ) - return $body ; - - $yes = function_exists( 'str_ireplace' ); - foreach( $fields as $name => $value ){ - $body = $yes ? str_ireplace( $name, $value ,$body ) - : str_replace ( $name, $value ,$body ); - }; - return trim($body); -} - - - -# filter line breaks to avoid emails injecting -function filterEmail($email, $chars = ''){ - $email = trim(str_replace( array("\r","\n"), '', $email )); - if( is_array($chars) ) $email = str_replace( $chars, '', $email ); - $email = preg_replace( '/(cc\s*\:|bcc\s*\:)/i', '', $email ); - return $email; -} - - - -function mailReport( $content = "", $file = '' ){ - $content = " -Dear Sir or Madam, - -Your online form at " . HOST_NAME . PHP_SELF . " failed to save data to file. Please make sure the web user has permission to write to file \"{$file}\". If you don't know how to fix it, please forward this email to technical support team of your web hosting company or your Administrator. - -PHPFMG -- PHP FormMail Generator -"; - mail(PHPFMG_TO, "Error@" . HOST_NAME . PHP_SELF, $content ); -} - - - -function remove_newline( $str = "" ){ - return str_replace( array("\r\n", "\r", "\n"), array('\r\n', '\r', '\n'), $str ); -} - - - -function checkPass( $form_mail = array() ) -{ - - $names = array(); - $labels = array(); - - foreach( $form_mail as $field ){ - $type = strtolower( $field[ "type" ] ); - //$value = trim( $_POST[ $field[ "name" ] ] ); - $value = phpfmg_field_value( $field[ "name" ] ); - $required = strtolower($field[ "required" ]) ; - $text = stripslashes( $field[ "text" ] ); - - // simple check the field has something keyed in. - if( !strlen($value) && ( $required == "required" ) && $type != "attachment" ){ - $names[] = $field[ "name" ]; - $labels[] = $text; - //return ERR_MISSING . $text ; - continue; - }; - - // verify the special case - if( - ( strlen($value) || $type == "attachment" ) - && $required == "required" - ): - - switch( $type ){ - case strtolower("Sender's Name") : - break; - case strtolower("Generic email"): - case strtolower("Sender's email"): - if( ! formIsEMail($value) ) { - $names[] = $field[ "name" ]; - $labels[] = $text . ERR_EMAIL; - //return ERR_EMAIL . $text ; - }; - // for checking entry limitation - if( $type == "sender's email" ){ - $GLOBALS['sender_email'] = $value; - }; - break; - case "text" : - break; - case "textarea" : - break; - case "checkbox" : - case "radio" : - break; - case "select" : - break; - case "attachment" : - $upload_file = $_FILES[ $field["name"] ][ "tmp_name" ] ; - if( ! is_uploaded_file($upload_file) ){ - $names[] = $field[ "name" ]; - $labels[] = $text; - //return ERR_SELECT_UPLOAD . $text; - }; - break; - case strtolower("Date(MM-DD-YYYY)"): - break; - case strtolower("Date(MM-YYYY)"): - break; - case strtolower("CreditCard(MM-YYYY)"): - if( $value < date("Y-m") ) { - $names[] = $field[ "name" ]; - $labels[] = $text; - //return ERR_CREDIT_CARD_EXPIRED . $text; - }; - break; - case strtolower("CreditCard#"): - if( !formIsCreditNumber( $value ) ) { - $names[] = $field[ "name" ]; - $labels[] = $text; - //return ERR_CREDIT_CARD_NUMBER . $text ; - }; - break; - case strtolower("Time(HH:MM:SS)"): - break; - case strtolower("Time(HH:MM)"): - break; - default : - //return $sErrRequired . $form_mail[ $i ][ "text" ]; - }; // switch - endif; - }; // for - - return array( - 'fields' => $names, - 'errors' => $labels, - ); -} - - - -function formSelected( $var, $val ) -{ - echo ( $var == $val ) ? "selected" : ""; -} - - - -function formChecked( $var, $val ) -{ - echo ( $var == $val ) ? "checked" : ""; -} - - - -function formIsEMail( $email ){ - return preg_match( "/^(.+)@(.+)\\.(.+)$/", $email ); -} - - - -function selectList( $name, $selectedValue, $start, $end, $prompt = "-Select-", $style = "" ) -{ - $tab = "\t" ; - print "\n\n" ; -} - - - -# something like CreditCard.pm in perl CPAN -function formIsCreditNumber( $number ) { - - $tmp = $number; - $number = preg_replace( "/[^0-9]/", "", $tmp ); - - if ( preg_match( "/[^\d\s]/", $number ) ) return 0; - if ( strlen($number) < 13 && 0+$number ) return 0; - - for ($i = 0; $i < strlen($number) - 1; $i++) { - $weight = substr($number, -1 * ($i + 2), 1) * (2 - ($i % 2)); - $sum += (($weight < 10) ? $weight : ($weight - 9)); - } - - if ( substr($number, -1) == (10 - $sum % 10) % 10 ) return $number; - return $number; -} - - -/* --------------------------------------------------------------------------------------------------- - Parameters: $sFileName - Return : - 1. "" : no extendsion name, or sFileName is empty - 2. string: MIME Type name of array aMimeType's definition. - ---------------------------------------------------------------------------------------------------*/ -function getMIMEType( $sFileName = "" ) { - $sFileName = strtolower( trim( $sFileName ) ); - if( ! strlen( $sFileName ) ) return ""; - - $aMimeType = array( - "txt" => "text/plain" , - "pdf" => "application/pdf" , - "zip" => "application/x-compressed" , - - "html" => "text/html" , - "htm" => "text/html" , - - "avi" => "video/avi" , - "mpg" => "video/mpeg " , - "wav" => "audio/wav" , - - "jpg" => "image/jpeg " , - "gif" => "image/gif" , - "tif" => "image/tiff " , - "png" => "image/x-png" , - "bmp" => "image/bmp" - ); - $aFile = explode( "\.", basename( $sFileName ) ) ; - $nDiminson = count( $aFile ) ; - $sExt = $aFile[ $nDiminson - 1 ] ; // get last part: like ".tar.zip", return "zip" - - return ( $nDiminson > 1 ) ? $aMimeType[ $sExt ] : ""; -} - - - -function appendToFile( $sFileName = "", $line = "", $dataColumnsLine = '' ){ - $obey = defined('PHPFMG_GDPR') && 'Y' == PHPFMG_GDPR; // obey General Data Protection Regulation (GDPR)? - if( $obey ) return 0; - - if( !$sFileName || !$line ) return 0; - - $isExists = file_exists( $sFileName ); - $hFile = @fopen( "$sFileName", "a+w" ); - $nBytes = 0; - if( $hFile ){ - if( !$isExists && false !== strpos(strtolower(basename($sFileName)), '.php') ){ - fputs( $hFile, "\r\n"); - if( !empty($dataColumnsLine) ){ - fputs($hFile,$dataColumnsLine."\r\n"); - }; - }; - $nBytes = fputs( $hFile , trim($line)."\r\n" ); - fclose( $hFile ); - }; - return $nBytes ; -} - -function phpfmg_get_csv_header(){ - $csvValues = array(); - foreach( $GLOBALS['form_mail'] as $field ){ - $csvValues[] = csvfield( $field[ "text" ] ); - }; - return join(chr(0x09),/*","*/$csvValues) ; -} - -/* -function phpfmg_field_instruction($name, $show = true ){ - global $form_mail, $sErr; - $isError = in_array($name,$sErr['fields']); - $class = $isError ? 'instruction_error' : 'instruction' ; - if( $show || $isError ) echo "
". htmlspecialchars_decode($form_mail[ $name ]['instruction']) . "
"; -} -*/ - -function phpfmg_rand( $len = 4 ){ - $md5 = md5( uniqid(rand()) ); - return $len > 0 ? substr($md5,0,$len) : $md5 ; -} - - - -// use a random name for stopping spam bot bypass the form.php, and post raw data directly -function phpfmg_captcha_name(){ - if( !isset($_SESSION['captcha_name']) ){ - $_SESSION['captcha_name'] = phpfmg_rand(8); //PHPFMG_ID.'fmgCaptchCode'; - }; - return $_SESSION['captcha_name']; -} - - -function phpfmg_check_recaptcha(){ - $errmsg = ERR_CAPTCHA; - if( isset($_POST['g-recaptcha-response']) ){ - $get = 'https://www.google.com/recaptcha/api/siteverify?secret=' . phpfmg_reCAPTCHA_key('secret_key'). '&response=' . $_POST['g-recaptcha-response']; - $response = file_get_contents($get); - echo $response; - $success = false; - if( function_exists('json_decode') ){ - $json = json_decode( $response, true ); - var_dump($json); - $success = $json['success'] === true; - }else{ - $success = preg_match( '/success[\"\']*\\:\\s*(true|1|y)/i', $response ); - }; - return $success ? '' : $errmsg; - } - return $errmsg; -} - -function phpfmg_check_captcha(){ - $errmsg = ''; - if( phpfmg_is_reCAPTCHA() ){ - $errmsg = phpfmg_check_recaptcha(); - }else{ - - $name = phpfmg_captcha_name(); - if( (defined('PHPFMG_SIMPLE_CAPTCHA_NAME') && PHPFMG_SIMPLE_CAPTCHA_NAME != '') && - ( !isset( $_POST[$name] ) || // maybe sutmited by spam bot - strtoupper($_POST[$name]) != strtoupper($_SESSION[$name]) // or user didn't type correct code - ) - ){ - $errmsg = ERR_CAPTCHA ; - }; - - }; - - return $errmsg ; -} - -function phpfmg_reCAPTCHA_key( $type ){ - $isSitekey = $type == 'site_key'; - // this keys are for formmail-maker.com domain only - $phpfmgSiteKey = '6LcQuv8SAAAAAKSvNHfF5gQuW9WIpcualeEYllCn'; - $phpfmgSecretKey = '6LcQuv8SAAAAABczBmLx85TQfdlkeMkjhz4Hzv5D'; - if( $isSitekey ){ - return phpfmg_is_mysite() ? $phpfmgSiteKey : RECAP_SITE_KEY; - }else{ - return phpfmg_is_mysite() ? $phpfmgSecretKey : RECAP_SECRET_KEY; - } - -} - - -function phpfmg_is_reCAPTCHA(){ - return (defined('RECAP_SITE_KEY') && '' != RECAP_SITE_KEY && defined('RECAP_SECRET_KEY') && '' != RECAP_SECRET_KEY) || (phpfmg_is_mysite() && defined('RECAP_SITE_KEY') ) ; -} - -function phpfmg_get_reCAPTCHA_html(){ - return - " -
"; - -} - -function phpfmg_show_captcha(){ - if( phpfmg_is_reCAPTCHA() ){ - echo phpfmg_get_reCAPTCHA_html(); - return ; - }; - $url = PHPFMG_ADMIN_URL . '?mod=captcha&func=get&tid=' ; - $onclick= "onclick=\"document.getElementById('phpfmg_captcha_image').src='{$url}'+Math.random();return false;\" " ; - echo "\"Click\n"; - echo "Reload Verification Image
\n"; - echo "\n"; -} - - - -function phpfmg_hsc($field, $default = false){ - echo isset($_POST[ $field ]) - ? HtmlSpecialChars( $_POST[ $field ] ) - : $default; -} - -function phpfmg_dropdown( $name, $options, $showInputbox = false, $isMultiple = false, $extra = '', $isReturn = false, $class = 'text_select' ){ - //$showInputbox = true; - $displayLast = 'none' ; - $onchange = $showInputbox ? " onchange=\"toggleOtherInputBox('{$name}','select','{$name}');\" " : "" ; - $sMultiple = $isMultiple ? 'multiple="multiple"' : '' ; - $other = "{$name}_other" ; - - $dropdown = array(); - $list = explode( '|', $options ); - $dropdown[] = "\n"; - - if( $showInputbox ){ - $dropdown[] = "" ; - $dropdown[] = "
" ; - }; - - $s = join("\t\n",$dropdown); - - if( $isReturn ) - return $s; - else - echo $s ; -} - - -function phpfmg_date_dropdown( $cfgDate, $showSep = true ){ - $sep = $showSep ? $cfgDate['separator'] . " " : ""; - $field_name = $cfgDate['field_name']; - if( !isset($cfgDate['yyyy']) ){ - $startYear = $cfgDate['startYear']; - $endYear = $cfgDate['endYear']; - $year = range( $startYear, $endYear ); - $cfgDate['yyyy'] = $cfgDate['yearPrompt'] . '=,|' . join("|",$year); - }; - - switch( $cfgDate['format'] ){ - case 'mm/dd/yyyy' : - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' ); - break; - case 'dd/mm/yyyy' : - phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' ); - break; - case 'yyyy/mm/dd' : - phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' ); - break; - case 'mm/yyyy' : - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' ); - break; - case 'yyyy/mm' : - phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - break; - case 'mm/dd' : - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' ); - break; - case 'dd/mm' : - phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' ); - break; - }; - echo "\n\n"; - echo "\n"; - -} - - -function phpfmg_date_dropdown_require( $field_name ){ - if( !isset($_POST) ) - return ; - - $month = $_POST[$field_name.'_month']; - $day = $_POST[$field_name.'_day']; - $yyyy = $_POST[$field_name.'_yyyy']; - $format = $_POST[$field_name.'_format']; - $sep = isset($_POST[$field_name.'_separator']) ? $_POST[$field_name.'_separator'] : '/'; - - // make up $_POST[$field_name] value - $_POST[$field_name] = ''; - switch( $format ){ - case 'mm/dd/yyyy' : - if( !empty($month) && !empty($day) && !empty($yyyy) ) - $_POST[$field_name] = $month . $sep . $day . $sep . $yyyy; - break; - case 'dd/mm/yyyy' : - if( !empty($month) && !empty($day) && !empty($yyyy) ) - $_POST[$field_name] = $day . $sep . $month . $sep . $yyyy; - break; - case 'yyyy/mm/dd' : - if( !empty($month) && !empty($day) && !empty($yyyy) ) - $_POST[$field_name] = $yyyy . $sep . $month . $sep . $day; - break; - case 'mm/yyyy' : - if( !empty($month) && !empty($yyyy) ) - $_POST[$field_name] = $month . $sep . $yyyy; - break; - case 'yyyy/mm' : - if( !empty($month) && !empty($yyyy) ) - $_POST[$field_name] = $month . $sep . $yyyy; - break; - case 'mm/dd' : - if( !empty($month) && !empty($day) ) - $_POST[$field_name] = $month . $sep . $day; - break; - case 'dd/mm' : - if( !empty($month) && !empty($day) ) - $_POST[$field_name] = $day . $sep . $month; - break; - }; - -} - -function phpfmg_time_dropdown( $cfgTime ){ - $field_name = $cfgTime['field_name']; - $sep =": "; - switch( $cfgTime['hourOpt'] ){ - case 'h12' : - phpfmg_dropdown( $field_name.'_hour', $cfgTime['hour'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_minute', $cfgTime['minute'], false, false, '', false, '' ); - phpfmg_dropdown( $field_name.'_amfm', $cfgTime['amfm'], false, false, '', false, '' ); - break; - case 'h24' : - phpfmg_dropdown( $field_name.'_hour', $cfgTime['hour'], false, false, '', false, '' ); - echo $sep; - phpfmg_dropdown( $field_name.'_minute', $cfgTime['minute'], false, false, '', false, '' ); - break; - }; - echo "\n\n"; -} - - -function phpfmg_time_dropdown_require( $field_name ){ - if( !isset($_POST) ) - return ; - - $hour = $_POST[$field_name.'_hour']; - $minute = $_POST[$field_name.'_minute']; - $amfm = $_POST[$field_name.'_amfm']; - $format = $_POST[$field_name.'_format']; - $sep = ':'; - - // make up $_POST[$field_name] value - $_POST[$field_name] = ""; - switch( $format ){ - case 'h12' : - if( !empty($hour) && !empty($minute) && !empty($amfm) ) - $_POST[$field_name] = $hour . $sep . $minute . ' ' . $amfm; - break; - case 'h24' : - if( !empty($hour) && !empty($minute) ) - $_POST[$field_name] = $hour . $sep . $minute; - break; - }; - -} - - - -function phpfmg_dependent_dropdown( $field_name ){ - $field = phpfmg_dependent_dropdown_get_field( $field_name ); - $dd = new DependantDropdown(); - $dd->parseFmgField($field); - $html = $dd->getHtml(); - echo $html; -} - -function phpfmg_dependent_dropdown_dynamic_require( $field_name ){ - $field = phpfmg_dependent_dropdown_get_field( $field_name ); - $dd = new DependantDropdown(); - $dd->parseFmgField($field); - $dd->dynamicRequired(); -} - -function phpfmg_dependent_dropdown_get_field( $field_name ){ - if( !isset($_SESSION[PHPFMG_ID]) ){ - $_SESSION[PHPFMG_ID] = array(); - }; - if( !isset($_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name]) ){ - $base64 = phpfmg_dependent_dropdown_data(); - $data = @unserialize( base64_decode($base64) ); - $_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name] = $data; - }else{ - $data = $_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name]; - }; - - if( !is_array($data) ){ - return ; - }; - - foreach( $data as $field ){ - if( $field['name'] == $field_name ){ - return $field; - }; - }; -} - - -# ------------------------------------------------------ -class DependantDropdown -{ - var $data = ''; - var $sheet = array(); - var $fields = array(); - var $fieldInfo = array( 'label', 'instruction', 'required', 'prompt' ); // describe field information from the first N rows of data - var $prefix = 'dd'; // in case there is no name for dropdown, it will name the dropdown like dd_0, dd_1, ... - - var $fmgField = false; - var $newliner = "" ; // replace \r\n with $newliner ; - var $newtaber = "" ; // replace \t with $newtaber ; - - function __construct(){ - } - - function DependantDropdown(){ - } - - - function lookupFieldColumn( $field, $column, $lookup, $contentType='text/plain', $charset='utf-8' ){ - $this->parseFmgField( $field ); - $this->nocache_headers( $contentType, $charset ); - return join( "\n", $this->getColumn( $column, $lookup ) ); - } - - function parseFmgField( $field ){ - if( !isset($_SESSION[PHPFMG_ID]) ){ - $_SESSION[PHPFMG_ID] = array(); - }; - $this->fmgField = $field; - $value = $this->newline_back($field['value']); - $this->data = explode("\r\n",$value); - if( !isset($_SESSION[PHPFMG_ID][ "DD_".$field['name'] ]) ){ - $this->parseData($field); - $_SESSION[PHPFMG_ID][ "DD_".$field['name'] ] = $this->fields; - }else{ - $this->fields = $_SESSION[PHPFMG_ID][ "DD_".$field['name'] ]; - }; - $this->makeupFieldsName(); - } - - function newline_back( $str = "" ){ - return str_replace( array($this->newtaber, $this->newliner), array("\t","\r\n"), $str ); - } - - function nocache_headers($contentType='text/plain', $charset='utf-8'){ - header("Expires: Mon, 01 Jan 1970 00:00:01 GMT"); - header("Cache-Control: max-age=0, no-store, no-cache, must-revalidate"); - header("Cache-Control: post-check=0, pre-check=0", false); - header("Pragma: no-cache"); - header( "Content-Type: {$contentType}; charset={$charset}" ); - } - - - function setData( $s ){ - $this->data = $s ; - } - - function setPrefix( $s ){ - $this->prefix = $s; - } - - function parseData(){ - $tab = chr(0x09); - $nFieldInfoRows = count( $this->fieldInfo ); - for( $i = 0, $n = count($this->data); $i < $n; $i ++ ){ - $line = str_replace('"', '', $this->data[$i] ); - //$line = stripslashes( $line ); - $cols = explode( $tab, $line ); - - if( is_array($cols) && count($cols) > 1 ){ - - if( $i < $nFieldInfoRows ){ - $trims = array(); - foreach( $cols as $col ){ - $trims[] = trim($col); - }; - $this->fields[ $this->fieldInfo[$i] ] = $trims; - } - else - $this->fields['data'][] = $cols; - - }; // if - - //if ( $i > 1000 ) break; - }; // for - - } - - // $quickTest : to see whether a column contains data - function getColumn( $n, $lookup = array(), $quickTest = false ){ - $count = count($lookup); - if( $n > 0 && empty($count) ){ - return array(); // can not get column without search query - }; - - $col = array(); - $lastValue = $lookup[ $count - 1 ]; - $flatLookup = join( '|', $lookup ); - // when using ajax GET method, use utf8 to encoude the lookup query. otherwise, some special chars like France characters might not work - if( !$this->isPost() ){ - $lastValue = utf8_encode( $lastValue ); - $flatLookup = utf8_encode( $flatLookup ); - }; - - foreach( $this->fields['data'] as $r ){ - - if( !isset($r[$n]) ) - continue; - - $value = trim($r[$n]); - if( $value == '' ) - continue; - - if( $n == 0 ){ - $col[] = $value; - - }else{ - - //if( trim($r[$n-1]) == $lastValue ){ // quick check to improve performance - if( $r[$n-1] == $lastValue ){ // quick check the last value to improve performance - $leftCols = array_slice( $r, 0, $n ); - $flatLeftValues = join( '|', $leftCols ); - if( $flatLeftValues == $flatLookup ){ // show value only by lookuping by joining all its parents' values - $col[] = $value; - }; - }; // if - - }; // if $n == 0 - - if( $quickTest && count($col) > 0 ) break; - - }; // foreach - - return array_unique($col); - } - - function getColumnOptions( $n, $lookup = array(), $default = '' ){ - $opts = array(); - foreach( $this->getColumn($n, $lookup) as $v ){ - $selected = $default == $v ? 'selected' : '' ; - $opts[] = ""; - }; - return join("\n",$opts); - } - - function hsc($s){ - return str_replace ( array ( '&', '"', "'", '<', '>' ), array ( '&' , '"', ''' , '<' , '>' ), $s ); - } - - function isPost(){ - return isset($_POST[ $this->fields['name'][0] ]); - } - - function getHtml(){ - $html = array(); - - $field_name = $this->fmgField['name']; - $this->prefix = $field_name; - $count = count($this->fields['label']); - - // prepare for getting column options after form submitted - $lookup = array(); - $isPost = $this->isPost(); // isset($_POST[ $this->fields['name'][0] ]); - if( $isPost ){ - for( $i = 0; $i < $count; $i++ ){ - $label = $this->fields['label'][$i]; - if( empty($label) ) - continue; - - $lookup[] = $_POST[ $this->fields['name'][$i] ]; - }; - }; - - for( $i = 0; $i < $count; $i++ ){ - $label = stripslashes( $this->fields['label'][$i] ); - if( empty($label) ) - continue; - - $name = $this->fields['name'][$i]; - $instruction = $this->fields['instruction'][$i]; - $prompt = $this->fields['prompt'][$i]; - $required = $this->fields['required'][$i]; - $promptOption = empty($prompt) ? "" : ""; - if( $isPost ) - $options = $this->getColumnOptions( $i, array_slice($lookup,0,$i), $_POST[$name] ); - else - $options = $this->getColumnOptions( $i, array(), '' ); - - $select = ""; - $sRequired = "" ; -$li = " -
  • -
    - {$sRequired} -
    -
    - {$select} -
    {$instruction}
    -
    -
    • -"; - $html[] = $li; - }; - - echo join("\n\n",$html); - - } - - - function dynamicRequired(){ - if( !isset($_POST) ){ - return ; - }; - - $field_name = $this->fmgField['name']; - $this->prefix = $field_name; - $count = count($this->fields['label']); - - $lookup = array(); - $isPost = isset($_POST[ $this->fields['name'][0] ]); - if( $isPost ){ - for( $i = 0; $i < $count; $i++ ){ - $label = $this->fields['label'][$i]; - if( empty($label) ) - continue; - - $lookup[] = $_POST[ $this->fields['name'][$i] ]; - }; - }; - - for( $i = 0; $i < $count; $i++ ){ - $label = $this->fields['label'][$i]; - if( empty($label) ) - continue; - - $name = $this->fields['name'][$i]; - $required = $this->fields['required'][$i]; - if( strtolower($required) == 'required' ){ - $rows = $this->getColumn( $i, array_slice($lookup,0,$i), true ); - if( empty($rows) ) { - $GLOBALS['form_mail'][ $name ]['required'] = '' ; // - }; - }else{ - $GLOBALS['form_mail'][ $name ]['required'] = '' ; - }; - }; - - } - - - function getFormMailArrayCode(){ - $code = array(); - for( $i = 0, $n = count($this->fields['label']); $i < $n; $i++ ){ - $label = $this->fields['label'][$i]; - if( empty($label) ) - continue; - $name = $this->fields['name'][$i]; - $instruction = $this->fields['instruction'][$i]; - $prompt = $this->fields['prompt'][$i]; - $required = $this->fields['required'][$i]; - $code[] = "\$GLOBALS['form_mail']['{$name}'] = array( \"name\" => \"$name\", \"text\" => \"" . addslashes( $label ) . "\", \"type\" => \"select\", \"instruction\" => \"$instruction\", \"required\" => \"$required\" ) ;" ; - }; - return join("\n",$code); - } - - function makeupFieldsName($default='field_99'){ - $field_name = isset($this->fmgField['name']) ? $this->fmgField['name'] : $default; - $this->prefix = $field_name; - for( $i = 0, $n = count($this->fields['label']); $i < $n; $i++ ){ - $this->fields['name'][$i] = $this->prefix . '_' . $i; - }; - } - -} - - - -function phpfmg_parse_option( $opt ){ - $opt = $opt; - $a = array( - 'text' => $opt, - 'value' => $opt, - 'default' => false, - ); - $pos = strrpos( $opt, '=' ); - if( false !== $pos ){ - $a['text'] = substr($opt,0,$pos); - $part = substr($opt,$pos+1); - $nv = strrpos( $part, ',' ); - if( false !== $nv ){ - $a['value'] = substr($part,0,$nv); - $a['default'] = 'default' == strtolower(substr($part,$nv+1)); - }else{ - $a['value'] = $part; - }; - }; - $a['text'] = trim($a['text']); - $a['value'] = trim($a['value']); - return $a ; -} - - - -function phpfmg_field_value( $name ){ - $value = "" ; - if( isset($GLOBALS[$name."_value"]) ) - return $GLOBALS[$name."_value"] ; - - $field = $GLOBALS['form_mail'][$name]; - $checkOther = isset( $_POST[$name.'_other_check'] ) && 1 == $_POST[$name.'_other_check'] ; - $otherInputValue = $checkOther ? $_POST[$name.'_other'] : '' ; - - switch( $field['type'] ){ - case 'select' : - if( $checkOther && $otherInputValue == "" ){ - return $value; - }; - - if( is_array($_POST[$name]) ){ - //array_pop( $_POST[$name] ); // pop the last "other" element - $value = join(PHPFMG_LNCR,$_POST[$name]) . PHPFMG_LNCR. $otherInputValue ; - $value = str_replace( PHPFMG_LNCR . "other", "", $value ); - }else{ - $value = $checkOther ? $otherInputValue : $_POST[ $name ]; - }; - break; - - case 'radio' : - if( $checkOther ){ - $value = $otherInputValue == '' ? '' : $otherInputValue; - }else{ - $value = $_POST[ $name ]; - }; - break; - - case 'checkbox' : - if( $checkOther && $otherInputValue == "" ){ - return $value; - }; - - $length = isset($_POST[$name.'_length']) ? $_POST[$name.'_length'] : 100; - $values = array(); - for( $i = 1; $i <= $length; $i ++){ - $newName = 'Checkbox' . ($i<10 ? '0' .$i : $i ) . "_" . $name; - if( $_POST[ $newName ] != "" && $_POST[ $newName ] != 'other' ) - $values[] = $_POST[ $newName ]; - }; - $value = ( empty($values) ? "" : join( PHPFMG_LNCR, $values ) ) . ( $otherInputValue != "" ? PHPFMG_LNCR . $otherInputValue : "" ); - break; - - default: - $value = $_POST[ $name ]; - break; - }; - $value = phpfmg_stripTags( $value ); - $GLOBALS[$name."_value"] = $value ; - return $value; -} - -function phpfmg_stripTags($str){ - $allowable_tags = "

    • "
+            . $body ."";
+    return $html ;
+}
+
+
+
+function phpfmg_adjust_template( $body ){
+	$isHtml = 'html' == PHPFMG_MAIL_TYPE ;
+    if( $isHtml ){
+        $body = preg_match( "/<[^<>]+>/", $body ) ? $body : nl2br($body);
+    };
+    return $body;
+}
+
+
+
+function phpfmg_parse_mail_body( $body, $fields = false ){
+    if( !is_array($fields) )
+        return $body ;
+
+    $yes = function_exists( 'str_ireplace' );
+    foreach( $fields as $name => $value ){
+        $body = $yes ? str_ireplace( $name, $value ,$body )
+                     : str_replace ( $name, $value ,$body );
+    };
+    return trim($body);
+}
+
+
+
+# filter line breaks to avoid emails injecting
+function filterEmail($email, $chars = ''){
+    $email = trim(str_replace( array("\r","\n"), '', $email ));
+    if( is_array($chars) ) $email = str_replace( $chars, '', $email );
+    $email = preg_replace( '/(cc\s*\:|bcc\s*\:)/i', '', $email );
+    return $email;
+}
+
+
+
+function mailReport( $content = "", $file = '' ){
+	$content = "
+Dear Sir or Madam,
+
+Your online form at " . HOST_NAME . PHP_SELF . " failed to save data to file. Please make sure the web user has permission to write to file \"{$file}\". If you don't know how to fix it, please forward this email to technical support team of your web hosting company or your Administrator.
+
+PHPFMG
+- PHP FormMail Generator
+";
+    mail(PHPFMG_TO, "Error@" . HOST_NAME . PHP_SELF, $content );
+}
+
+
+
+function	remove_newline( $str = "" ){
+    return str_replace( array("\r\n", "\r", "\n"), array('\r\n', '\r', '\n'), $str );
+}
+
+
+
+function	checkPass( $form_mail = array() )
+{
+
+    $names = array();
+    $labels = array();
+
+    foreach( $form_mail as $field ){
+		$type     = strtolower( $field[ "type" ]  );
+		//$value    = trim( $_POST[ $field[ "name" ] ] );
+        $value = phpfmg_field_value( $field[ "name" ] );
+		$required = strtolower($field[ "required" ]) ;
+		$text     = stripslashes( $field[ "text" ] );
+
+		// simple check the field has something keyed in.
+		if( !strlen($value) && (  $required == "required" ) && $type != "attachment" ){
+		    $names[] = $field[ "name" ];
+		    $labels[]  = $text;
+			//return ERR_MISSING . $text  ;
+			continue;
+        };
+
+		// verify the special case
+		if(
+			( strlen($value) || $type == "attachment" )
+			&&  $required == "required"
+		):
+
+			switch( $type ){
+				case 	strtolower("Sender's Name") :
+						  break;
+				case 	strtolower("Generic email"):
+				case 	strtolower("Sender's email"):
+						   if( ! formIsEMail($value) )	 {
+                    		    $names[] = $field[ "name" ];
+                    		    $labels[]  = $text . ERR_EMAIL;
+                            //return ERR_EMAIL . $text ;
+                           };
+                		    // for checking entry limitation
+                            if( $type == "sender's email" ){
+                		      $GLOBALS['sender_email'] = $value;
+                            };
+						   break;
+				case	"text" :
+							break;
+				case 	"textarea" :
+							break;
+				case	"checkbox" :
+				case 	"radio" :
+							break;
+				case 	"select" :
+							break;
+				case 	"attachment" :
+							$upload_file = $_FILES[ $field["name"] ][ "tmp_name" ] ;
+							if( ! is_uploaded_file($upload_file)  ){
+                    		    $names[] = $field[ "name" ];
+                    		    $labels[]  = $text;
+								//return  ERR_SELECT_UPLOAD . $text;
+							};
+							break;
+				case strtolower("Date(MM-DD-YYYY)"):
+							break;
+				case strtolower("Date(MM-YYYY)"):
+							break;
+				case strtolower("CreditCard(MM-YYYY)"):
+							if( $value < date("Y-m") ) {
+                    		    $names[] = $field[ "name" ];
+                    		    $labels[]  = $text;
+                                //return ERR_CREDIT_CARD_EXPIRED  . $text;
+                            };
+							break;
+				case strtolower("CreditCard#"):
+							if( !formIsCreditNumber( $value )  ) {
+                    		    $names[] = $field[ "name" ];
+                    		    $labels[]  = $text;
+                                //return ERR_CREDIT_CARD_NUMBER  . $text ;
+                            };
+							break;
+				case strtolower("Time(HH:MM:SS)"):
+							break;
+				case strtolower("Time(HH:MM)"):
+							break;
+				default :
+					//return $sErrRequired . $form_mail[ $i ][ "text" ];
+			}; // switch
+		endif;
+	}; // for
+
+	return array(
+	   'fields' => $names,
+       'errors' => $labels,
+    );
+}
+
+
+
+function formSelected( $var, $val )
+{
+    echo ( $var == $val ) ? "selected" : "";
+}
+
+
+
+function formChecked( $var, $val )
+{
+    echo ( $var == $val ) ? "checked" : "";
+}
+
+
+
+function    formIsEMail( $email ){
+	return preg_match( "/^(.+)@(.+)\\.(.+)$/", $email );
+}
+
+
+
+function    selectList( $name, $selectedValue, $start, $end, $prompt = "-Select-", $style = "" )
+{
+    $tab = "\t" ;
+    print "\n\n" ;
+}
+
+
+
+# something like CreditCard.pm in perl CPAN
+function formIsCreditNumber( $number ) {
+
+    $tmp = $number;
+    $number = preg_replace( "/[^0-9]/", "", $tmp );
+
+    if ( preg_match(  "/[^\d\s]/", $number ) )  return 0;
+    if ( strlen($number) < 13  && 0+$number ) return 0;
+
+    for ($i = 0; $i < strlen($number) - 1; $i++) {
+        $weight = substr($number, -1 * ($i + 2), 1) * (2 - ($i % 2));
+        $sum += (($weight < 10) ? $weight : ($weight - 9));
+    }
+
+    if ( substr($number, -1) == (10 - $sum % 10) % 10  )  return $number;
+    return $number;
+}
+
+
+/* ---------------------------------------------------------------------------------------------------
+    Parameters: $sFileName
+    Return :
+        1. "" :  no extendsion name, or sFileName is empty
+        2. string: MIME Type name of array aMimeType's definition.
+   ---------------------------------------------------------------------------------------------------*/
+function    getMIMEType( $sFileName = "" ) {
+    $sFileName = strtolower( trim( $sFileName ) );
+    if( ! strlen( $sFileName  ) ) return "";
+
+    $aMimeType = array(
+        "txt" => "text/plain" ,
+        "pdf" => "application/pdf" ,
+        "zip" => "application/x-compressed" ,
+
+        "html" => "text/html" ,
+        "htm" => "text/html" ,
+
+        "avi" => "video/avi" ,
+        "mpg" => "video/mpeg " ,
+        "wav" => "audio/wav" ,
+
+        "jpg" => "image/jpeg " ,
+        "gif" => "image/gif" ,
+        "tif" => "image/tiff " ,
+        "png" => "image/x-png" ,
+        "bmp" => "image/bmp"
+    );
+    $aFile = explode( "\.", basename( $sFileName ) ) ;
+    $nDiminson = count( $aFile ) ;
+    $sExt = $aFile[ $nDiminson - 1 ] ; // get last part: like ".tar.zip", return "zip"
+
+    return ( $nDiminson > 1 ) ? $aMimeType[ $sExt ] : "";
+}
+
+
+
+function    appendToFile( $sFileName = "", $line = "", $dataColumnsLine = '' ){
+	$obey = defined('PHPFMG_GDPR') && 'Y' == PHPFMG_GDPR; // obey General Data Protection Regulation (GDPR)?
+	if( $obey ) return 0;
+
+    if( !$sFileName || !$line ) return 0;
+
+    $isExists = file_exists( $sFileName );
+    $hFile = @fopen( "$sFileName", "a+w" );
+    $nBytes = 0;
+    if( $hFile ){
+        if( !$isExists && false !== strpos(strtolower(basename($sFileName)), '.php') ){
+            fputs( $hFile, "\r\n");
+            if( !empty($dataColumnsLine) ){
+                fputs($hFile,$dataColumnsLine."\r\n");
+            };
+        };
+        $nBytes = fputs( $hFile , trim($line)."\r\n" );
+        fclose( $hFile );
+    };
+    return $nBytes ;
+}
+
+function phpfmg_get_csv_header(){
+    $csvValues = array();
+    foreach( $GLOBALS['form_mail'] as $field ){
+        $csvValues[] = csvfield( $field[ "text" ] );
+    };
+    return join(chr(0x09),/*","*/$csvValues) ;
+}
+
+/*
+function phpfmg_field_instruction($name, $show = true ){
+    global $form_mail, $sErr;
+    $isError = in_array($name,$sErr['fields']);
+    $class = $isError ? 'instruction_error' : 'instruction' ;
+    if( $show || $isError ) echo "
      ". htmlspecialchars_decode($form_mail[ $name ]['instruction']) . "
      ";
+}
+*/
+
+function phpfmg_rand( $len = 4 ){
+    $md5 = md5( uniqid(rand()) );
+    return $len > 0 ? substr($md5,0,$len) : $md5 ;
+}
+
+
+
+// use a random name for stopping spam bot bypass the form.php, and post raw data directly
+function phpfmg_captcha_name(){
+    if( !isset($_SESSION['captcha_name']) ){
+        $_SESSION['captcha_name'] = phpfmg_rand(8); //PHPFMG_ID.'fmgCaptchCode';
+    };
+    return $_SESSION['captcha_name'];
+}
+
+
+function phpfmg_check_recaptcha(){
+    $errmsg = ERR_CAPTCHA;
+    if( isset($_POST['g-recaptcha-response']) ){
+        $get = 'https://www.google.com/recaptcha/api/siteverify?secret=' . phpfmg_reCAPTCHA_key('secret_key'). '&response=' . $_POST['g-recaptcha-response'];
+        $response = file_get_contents($get);
+        echo $response;
+        $success = false;
+        if( function_exists('json_decode') ){
+            $json = json_decode( $response, true );
+            var_dump($json);
+            $success = $json['success'] === true;
+        }else{
+            $success = preg_match( '/success[\"\']*\\:\\s*(true|1|y)/i', $response );
+        };
+        return $success ? '' : $errmsg;
+    }
+    return $errmsg;
+}
+
+function phpfmg_check_captcha(){
+    $errmsg = '';
+    if( phpfmg_is_reCAPTCHA() ){
+        $errmsg = phpfmg_check_recaptcha();
+    }else{
+
+        $name = phpfmg_captcha_name();
+        if( (defined('PHPFMG_SIMPLE_CAPTCHA_NAME') && PHPFMG_SIMPLE_CAPTCHA_NAME != '') &&
+            ( !isset( $_POST[$name] ) || // maybe sutmited by spam bot
+              strtoupper($_POST[$name]) != strtoupper($_SESSION[$name]) // or user didn't type correct code
+            )
+           ){
+            $errmsg = ERR_CAPTCHA ;
+        };
+
+    };
+
+    return $errmsg ;
+}
+
+function phpfmg_reCAPTCHA_key( $type ){
+    $isSitekey = $type == 'site_key';
+    // this keys are for formmail-maker.com domain only
+    $phpfmgSiteKey   = '6LcQuv8SAAAAAKSvNHfF5gQuW9WIpcualeEYllCn';
+    $phpfmgSecretKey = '6LcQuv8SAAAAABczBmLx85TQfdlkeMkjhz4Hzv5D';
+    if( $isSitekey ){
+        return phpfmg_is_mysite() ? $phpfmgSiteKey   : RECAP_SITE_KEY;
+    }else{
+        return phpfmg_is_mysite() ? $phpfmgSecretKey : RECAP_SECRET_KEY;
+    }
+    
+}
+
+
+function phpfmg_is_reCAPTCHA(){
+   return (defined('RECAP_SITE_KEY') && '' != RECAP_SITE_KEY && defined('RECAP_SECRET_KEY')  && '' != RECAP_SECRET_KEY) || (phpfmg_is_mysite() && defined('RECAP_SITE_KEY') ) ;
+}
+
+function phpfmg_get_reCAPTCHA_html(){
+    return
+        "
+         
      ";
+
+}
+
+function phpfmg_show_captcha(){
+    if( phpfmg_is_reCAPTCHA() ){
+        echo phpfmg_get_reCAPTCHA_html();
+        return ;
+    };
+    $url = PHPFMG_ADMIN_URL . '?mod=captcha&func=get&tid=' ;
+    $onclick= "onclick=\"document.getElementById('phpfmg_captcha_image').src='{$url}'+Math.random();return false;\" " ;
+    echo "      \"Click\n";
+    echo "Reload Verification Image
      \n";
+    echo "\n";
+}
+
+
+
+function phpfmg_hsc($field, $default = false){
+    echo isset($_POST[ $field ])
+         ? HtmlSpecialChars( $_POST[ $field ] )
+         : $default;
+}
+
+function phpfmg_dropdown( $name, $options, $showInputbox = false, $isMultiple = false, $extra = '', $isReturn = false, $class = 'text_select' ){
+    //$showInputbox = true;
+    $displayLast  = 'none' ;
+    $onchange = $showInputbox ? " onchange=\"toggleOtherInputBox('{$name}','select','{$name}');\" " : "" ;
+    $sMultiple = $isMultiple ? 'multiple="multiple"' : '' ;
+    $other = "{$name}_other" ;
+
+    $dropdown = array();
+    $list = explode( '|', $options );
+    $dropdown[] = "\n";
+
+    if( $showInputbox ){
+        $dropdown[] = "" ;
+        $dropdown[] = "
      " ;
+    };
+
+    $s = join("\t\n",$dropdown);
+
+    if( $isReturn )
+        return $s;
+    else
+        echo $s ;
+}
+
+
+function phpfmg_date_dropdown( $cfgDate, $showSep = true ){
+    $sep = $showSep ? $cfgDate['separator'] . " " : "";
+    $field_name = $cfgDate['field_name'];
+    if( !isset($cfgDate['yyyy']) ){
+        $startYear = $cfgDate['startYear'];
+        $endYear = $cfgDate['endYear'];
+        $year = range( $startYear, $endYear );
+        $cfgDate['yyyy'] = $cfgDate['yearPrompt'] . '=,|' . join("|",$year);
+    };
+
+    switch( $cfgDate['format'] ){
+        case 'mm/dd/yyyy' :
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' );
+            break;
+        case 'dd/mm/yyyy' :
+            phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' );
+            break;
+        case 'yyyy/mm/dd' :
+            phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' );
+            break;
+        case 'mm/yyyy' :
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' );
+            break;
+        case 'yyyy/mm' :
+            phpfmg_dropdown( $field_name.'_yyyy', $cfgDate['yyyy'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            break;
+        case 'mm/dd' :
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' );
+            break;
+        case 'dd/mm' :
+            phpfmg_dropdown( $field_name.'_day', $cfgDate['day'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_month', $cfgDate['month'], false, false, '', false, '' );
+            break;
+    };
+    echo "\n\n";
+    echo "\n";
+
+}
+
+
+function phpfmg_date_dropdown_require( $field_name ){
+    if( !isset($_POST) )
+        return ;
+
+    $month   = $_POST[$field_name.'_month'];
+    $day     = $_POST[$field_name.'_day'];
+    $yyyy    = $_POST[$field_name.'_yyyy'];
+    $format  = $_POST[$field_name.'_format'];
+    $sep     = isset($_POST[$field_name.'_separator']) ? $_POST[$field_name.'_separator'] : '/';
+
+    // make up $_POST[$field_name] value
+    $_POST[$field_name] = '';
+    switch( $format ){
+        case 'mm/dd/yyyy' :
+            if( !empty($month) && !empty($day) && !empty($yyyy) )
+                $_POST[$field_name] = $month . $sep . $day . $sep . $yyyy;
+            break;
+        case 'dd/mm/yyyy' :
+            if( !empty($month) && !empty($day) && !empty($yyyy) )
+                $_POST[$field_name] = $day . $sep . $month . $sep . $yyyy;
+            break;
+        case 'yyyy/mm/dd' :
+            if( !empty($month) && !empty($day) && !empty($yyyy) )
+                $_POST[$field_name] = $yyyy . $sep . $month . $sep . $day;
+            break;
+        case 'mm/yyyy' :
+            if( !empty($month) && !empty($yyyy) )
+                $_POST[$field_name] = $month . $sep . $yyyy;
+            break;
+        case 'yyyy/mm' :
+            if( !empty($month) && !empty($yyyy) )
+                $_POST[$field_name] = $month . $sep . $yyyy;
+            break;
+        case 'mm/dd' :
+            if( !empty($month) && !empty($day) )
+                $_POST[$field_name] = $month . $sep . $day;
+            break;
+        case 'dd/mm' :
+            if( !empty($month) && !empty($day) )
+                $_POST[$field_name] = $day . $sep . $month;
+            break;
+    };
+
+}
+
+function phpfmg_time_dropdown( $cfgTime ){
+    $field_name = $cfgTime['field_name'];
+    $sep =": ";
+    switch( $cfgTime['hourOpt'] ){
+        case 'h12' :
+            phpfmg_dropdown( $field_name.'_hour', $cfgTime['hour'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_minute', $cfgTime['minute'], false, false, '', false, '' );
+            phpfmg_dropdown( $field_name.'_amfm', $cfgTime['amfm'], false, false, '', false, '' );
+            break;
+        case 'h24' :
+            phpfmg_dropdown( $field_name.'_hour', $cfgTime['hour'], false, false, '', false, '' );
+            echo $sep;
+            phpfmg_dropdown( $field_name.'_minute', $cfgTime['minute'], false, false, '', false, '' );
+            break;
+    };
+    echo "\n\n";
+}
+
+
+function phpfmg_time_dropdown_require( $field_name ){
+    if( !isset($_POST) )
+        return ;
+
+    $hour   = $_POST[$field_name.'_hour'];
+    $minute = $_POST[$field_name.'_minute'];
+    $amfm   = $_POST[$field_name.'_amfm'];
+    $format = $_POST[$field_name.'_format'];
+    $sep    = ':';
+
+    // make up $_POST[$field_name] value
+    $_POST[$field_name] = "";
+    switch( $format ){
+        case 'h12' :
+            if( !empty($hour) && !empty($minute) && !empty($amfm) )
+                $_POST[$field_name] = $hour . $sep . $minute . ' ' . $amfm;
+            break;
+        case 'h24' :
+            if( !empty($hour) && !empty($minute) )
+                $_POST[$field_name] = $hour . $sep . $minute;
+            break;
+    };
+
+}
+
+
+
+function phpfmg_dependent_dropdown( $field_name ){
+    $field = phpfmg_dependent_dropdown_get_field( $field_name );
+    $dd = new DependantDropdown();
+    $dd->parseFmgField($field);
+    $html = $dd->getHtml();
+    echo $html;
+}
+
+function phpfmg_dependent_dropdown_dynamic_require( $field_name ){
+    $field = phpfmg_dependent_dropdown_get_field( $field_name );
+    $dd = new DependantDropdown();
+    $dd->parseFmgField($field);
+    $dd->dynamicRequired();
+}
+
+function phpfmg_dependent_dropdown_get_field( $field_name ){
+    if( !isset($_SESSION[PHPFMG_ID]) ){
+        $_SESSION[PHPFMG_ID] = array();
+    };
+    if( !isset($_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name]) ){
+        $base64 = phpfmg_dependent_dropdown_data();
+        $data = @unserialize( base64_decode($base64) );
+        $_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name] = $data;
+    }else{
+        $data = $_SESSION[PHPFMG_ID]['DD_DATA_' . $field_name];
+    };
+
+    if( !is_array($data) ){
+        return ;
+    };
+
+    foreach( $data as $field ){
+        if( $field['name'] == $field_name ){
+            return $field;
+        };
+    };
+}
+
+
+# ------------------------------------------------------
+class DependantDropdown
+{
+    var $data = '';
+    var $sheet = array();
+    var $fields = array();
+    var $fieldInfo = array( 'label', 'instruction', 'required', 'prompt' ); // describe field information from the first N rows of data
+    var $prefix = 'dd'; // in case there is no name for dropdown, it will name the dropdown like dd_0, dd_1, ...
+
+    var $fmgField = false;
+    var $newliner = "" ; // replace \r\n with $newliner ;
+	var $newtaber = "" ; // replace \t with $newtaber ;
+
+    function __construct(){
+    }
+    
+    function DependantDropdown(){
+    }
+
+
+    function lookupFieldColumn( $field, $column, $lookup, $contentType='text/plain', $charset='utf-8' ){
+        $this->parseFmgField( $field );
+        $this->nocache_headers( $contentType, $charset );
+        return join( "\n", $this->getColumn( $column, $lookup ) );
+    }
+
+    function parseFmgField( $field ){
+        if( !isset($_SESSION[PHPFMG_ID]) ){
+            $_SESSION[PHPFMG_ID] = array();
+        };
+        $this->fmgField = $field;
+        $value = $this->newline_back($field['value']);
+        $this->data = explode("\r\n",$value);
+        if( !isset($_SESSION[PHPFMG_ID][ "DD_".$field['name'] ]) ){
+            $this->parseData($field);
+            $_SESSION[PHPFMG_ID][ "DD_".$field['name'] ] = $this->fields;
+        }else{
+            $this->fields = $_SESSION[PHPFMG_ID][ "DD_".$field['name'] ];
+        };
+        $this->makeupFieldsName();
+    }
+
+	function	newline_back( $str = "" ){
+		return str_replace( array($this->newtaber, $this->newliner),  array("\t","\r\n"), $str );
+	}
+
+    function nocache_headers($contentType='text/plain', $charset='utf-8'){
+        header("Expires: Mon, 01 Jan 1970 00:00:01 GMT");
+        header("Cache-Control: max-age=0, no-store, no-cache, must-revalidate");
+        header("Cache-Control: post-check=0, pre-check=0", false);
+        header("Pragma: no-cache");
+        header( "Content-Type: {$contentType}; charset={$charset}" );
+    }
+
+
+    function setData( $s ){
+        $this->data = $s ;
+    }
+
+    function setPrefix( $s ){
+        $this->prefix = $s;
+    }
+
+    function parseData(){
+        $tab = chr(0x09);
+        $nFieldInfoRows = count( $this->fieldInfo );
+        for( $i = 0, $n = count($this->data); $i < $n; $i ++ ){
+            $line = str_replace('"', '', $this->data[$i] );
+            //$line = stripslashes( $line );
+            $cols = explode( $tab, $line );
+
+            if( is_array($cols) && count($cols) > 1 ){
+
+                if( $i < $nFieldInfoRows ){
+                    $trims = array();
+                    foreach( $cols as $col ){
+                        $trims[] = trim($col);
+                    };
+                    $this->fields[ $this->fieldInfo[$i] ] = $trims;
+                }
+                else
+                    $this->fields['data'][] = $cols;
+
+            }; // if
+
+            //if ( $i > 1000 ) break;
+        }; // for
+
+    }
+
+    // $quickTest : to see whether a column contains data
+    function getColumn( $n, $lookup = array(), $quickTest = false ){
+        $count = count($lookup);
+        if( $n > 0 && empty($count) ){
+            return array(); // can not get column without search query
+        };
+
+        $col        = array();
+        $lastValue  = $lookup[ $count - 1 ];
+        $flatLookup = join( '|', $lookup );
+        // when using ajax GET method, use utf8 to encoude the lookup query. otherwise, some special chars like France characters might not work
+        if( !$this->isPost() ){
+            $lastValue  = utf8_encode( $lastValue );
+            $flatLookup = utf8_encode( $flatLookup );
+        };
+
+        foreach( $this->fields['data'] as $r ){
+
+            if( !isset($r[$n]) )
+                continue;
+
+            $value = trim($r[$n]);
+            if( $value == '' )
+                continue;
+
+            if( $n == 0 ){
+                $col[] = $value;
+
+            }else{
+
+                //if( trim($r[$n-1]) == $lastValue ){ // quick check to improve performance
+                if( $r[$n-1] == $lastValue ){ // quick check the last value to improve performance
+                    $leftCols       = array_slice( $r, 0, $n );
+                    $flatLeftValues = join( '|', $leftCols );
+                    if( $flatLeftValues == $flatLookup ){ // show value only by lookuping by joining all its parents' values
+                        $col[] = $value;
+                    };
+                }; // if
+
+            }; // if $n == 0
+
+            if( $quickTest && count($col) > 0 ) break;
+
+        }; // foreach
+
+        return array_unique($col);
+    }
+
+    function getColumnOptions( $n, $lookup = array(), $default = '' ){
+        $opts = array();
+        foreach( $this->getColumn($n, $lookup) as $v ){
+            $selected = $default == $v ? 'selected' : '' ;
+            $opts[] = "";
+        };
+        return join("\n",$opts);
+    }
+
+    function hsc($s){
+        return str_replace ( array ( '&', '"', "'", '<', '>' ), array ( '&' , '"', ''' , '<' , '>' ), $s );
+    }
+
+    function isPost(){
+        return isset($_POST[ $this->fields['name'][0] ]);
+    }
+
+    function getHtml(){
+        $html = array();
+
+        $field_name = $this->fmgField['name'];
+        $this->prefix = $field_name;
+        $count = count($this->fields['label']);
+
+        // prepare for getting column options after form submitted
+        $lookup = array();
+        $isPost = $this->isPost(); // isset($_POST[ $this->fields['name'][0] ]);
+        if( $isPost ){
+            for( $i = 0; $i < $count; $i++  ){
+                $label        = $this->fields['label'][$i];
+                if( empty($label) )
+                    continue;
+
+                $lookup[] = $_POST[ $this->fields['name'][$i] ];
+            };
+        };
+
+        for( $i = 0; $i < $count; $i++  ){
+            $label        = stripslashes( $this->fields['label'][$i] );
+            if( empty($label) )
+                continue;
+
+            $name         = $this->fields['name'][$i];
+            $instruction  = $this->fields['instruction'][$i];
+            $prompt       = $this->fields['prompt'][$i];
+            $required     = $this->fields['required'][$i];
+            $promptOption = empty($prompt) ? "" : "";
+            if( $isPost )
+                $options = $this->getColumnOptions( $i, array_slice($lookup,0,$i), $_POST[$name] );
+            else
+                $options = $this->getColumnOptions( $i, array(), '' );
+
+            $select = "";
+            $sRequired = "" ;
+$li = "
+
    1. 
+    
      
+	   {$sRequired}
+    
      
+	
      
+    	{$select}
+    	
      {$instruction}
      
+	
      
+
      2. 
+";
+            $html[] = $li;
+        };
+
+        echo join("\n\n",$html);
+
+    }
+
+
+    function dynamicRequired(){
+        if( !isset($_POST) ){
+            return ;
+        };
+
+        $field_name = $this->fmgField['name'];
+        $this->prefix = $field_name;
+        $count = count($this->fields['label']);
+
+        $lookup = array();
+        $isPost = isset($_POST[ $this->fields['name'][0] ]);
+        if( $isPost ){
+            for( $i = 0; $i < $count; $i++  ){
+                $label        = $this->fields['label'][$i];
+                if( empty($label) )
+                    continue;
+
+                $lookup[] = $_POST[ $this->fields['name'][$i] ];
+            };
+        };
+
+        for( $i = 0; $i < $count; $i++  ){
+            $label        = $this->fields['label'][$i];
+            if( empty($label) )
+                continue;
+
+            $name = $this->fields['name'][$i];
+            $required = $this->fields['required'][$i];
+            if( strtolower($required) == 'required' ){
+                $rows = $this->getColumn( $i, array_slice($lookup,0,$i), true );
+                if( empty($rows) ) {
+                    $GLOBALS['form_mail'][ $name ]['required'] = '' ; //
+                };
+            }else{
+                $GLOBALS['form_mail'][ $name ]['required'] = '' ;
+            };
+        };
+
+    }
+
+
+    function getFormMailArrayCode(){
+        $code = array();
+        for( $i = 0, $n = count($this->fields['label']); $i < $n; $i++  ){
+            $label        = $this->fields['label'][$i];
+            if( empty($label) )
+                continue;
+            $name         = $this->fields['name'][$i];
+            $instruction  = $this->fields['instruction'][$i];
+            $prompt       = $this->fields['prompt'][$i];
+            $required     = $this->fields['required'][$i];
+			$code[] = "\$GLOBALS['form_mail']['{$name}'] = array( \"name\" => \"$name\", \"text\" => \"" . addslashes( $label ) . "\",  \"type\" => \"select\", \"instruction\" => \"$instruction\", \"required\" => \"$required\" ) ;" ;
+        };
+        return join("\n",$code);
+    }
+
+    function makeupFieldsName($default='field_99'){
+        $field_name = isset($this->fmgField['name']) ? $this->fmgField['name'] : $default;
+        $this->prefix = $field_name;
+        for( $i = 0, $n = count($this->fields['label']); $i < $n; $i++  ){
+            $this->fields['name'][$i] = $this->prefix . '_' . $i;
+        };
+    }
+
+}
+
+
+
+function phpfmg_parse_option( $opt ){
+    $opt = $opt;
+    $a = array(
+        'text' => $opt,
+        'value' => $opt,
+        'default' => false,
+    );
+    $pos = strrpos( $opt, '=' );
+    if( false !== $pos ){
+        $a['text'] = substr($opt,0,$pos);
+        $part = substr($opt,$pos+1);
+        $nv = strrpos( $part, ',' );
+        if( false !== $nv ){
+            $a['value'] = substr($part,0,$nv);
+            $a['default'] = 'default' == strtolower(substr($part,$nv+1));
+        }else{
+            $a['value'] = $part;
+        };
+    };
+    $a['text'] = trim($a['text']);
+    $a['value'] = trim($a['value']);
+    return $a ;
+}
+
+
+
+function phpfmg_field_value( $name ){
+    $value = "" ;
+    if( isset($GLOBALS[$name."_value"]) )
+        return $GLOBALS[$name."_value"] ;
+
+    $field = $GLOBALS['form_mail'][$name];
+    $checkOther = isset( $_POST[$name.'_other_check'] ) && 1 == $_POST[$name.'_other_check'] ;
+    $otherInputValue = $checkOther ? $_POST[$name.'_other'] : '' ;
+
+    switch( $field['type'] ){
+        case 'select' :
+            if( $checkOther && $otherInputValue == "" ){
+                return $value;
+            };
+
+            if( is_array($_POST[$name]) ){
+                //array_pop( $_POST[$name] ); // pop the last "other" element
+                $value = join(PHPFMG_LNCR,$_POST[$name]) . PHPFMG_LNCR. $otherInputValue ;
+                $value = str_replace( PHPFMG_LNCR . "other", "", $value );
+            }else{
+                $value = $checkOther ? $otherInputValue : $_POST[ $name ];
+            };
+            break;
+
+        case 'radio' :
+            if( $checkOther ){
+                $value = $otherInputValue == '' ? '' : $otherInputValue;
+            }else{
+                $value = $_POST[ $name ];
+            };
+            break;
+
+        case 'checkbox' :
+            if( $checkOther && $otherInputValue == "" ){
+                return $value;
+            };
+
+            $length = isset($_POST[$name.'_length']) ? $_POST[$name.'_length'] : 100;
+            $values = array();
+            for( $i = 1; $i <= $length; $i ++){
+                $newName = 'Checkbox' . ($i<10 ? '0' .$i : $i ) . "_" . $name;
+                if( $_POST[ $newName ] != "" && $_POST[ $newName ] != 'other' )
+                    $values[] = $_POST[ $newName ];
+            };
+            $value = ( empty($values) ? "" : join( PHPFMG_LNCR, $values ) ) . ( $otherInputValue != "" ? PHPFMG_LNCR . $otherInputValue : "" );
+            break;
+
+        default:
+            $value = $_POST[ $name ];
+            break;
+    };
+    $value = phpfmg_stripTags( $value );
+    $GLOBALS[$name."_value"] = $value ;
+    return $value;
+}
+
+function phpfmg_stripTags($str){
+    $allowable_tags = "