3 // Set the e-mail address that submission should be sent to.
4 $address = 'danix@danix.xyz';
6 // Set the e-mail subject prefix.
7 $prefix = 'Website feedback';
9 // DO NOT EDIT ANYTHING BELOW UNLESS YOU KNOW WHAT YOU ARE DOING.
14 // Check that the submission address is valid.
15 if ((bool) filter_var(trim($address), FILTER_VALIDATE_EMAIL
)) {
16 // Also set sender/return path header to this address to avoid SPF errors.
17 $to = $sender = trim($address);
23 // Check that referer is local server.
24 if (!isset($_SERVER['HTTP_REFERER']) ||
(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST
) != $_SERVER['SERVER_NAME'])) {
25 exit('Direct access not permitted');
28 // Check that this is a post request.
29 if ($_SERVER['REQUEST_METHOD'] != 'POST' ||
empty($_POST)) {
33 // Check if fake url field is filled in, i.e. spam bot.
34 if (!empty($_POST['url'])) {
38 // Check that e-mail address is valid.
39 if ((bool) filter_var(trim($_POST['email']), FILTER_VALIDATE_EMAIL
)) {
40 $email = trim($_POST['email']);
47 // Construct the mail with headers.
48 $name = _contact_clean_str($_POST['name'], ENT_QUOTES
, true, true);
49 $prefix = _contact_clean_str($prefix, ENT_NOQUOTES
, true, true);
50 $subject = _contact_clean_str($_POST['subject'], ENT_NOQUOTES
, true, true);
51 $subject = "[$prefix] $subject";
52 $message = _contact_clean_str($_POST['message'], ENT_NOQUOTES
);
53 $lines = explode("\n", $message);
54 array_walk($lines, '_contact_ff_wrap');
55 $message = implode("\n", $lines);
57 'From' => "$name <$email>",
59 'Return-Path' => $sender,
60 'MIME-Version' => '1.0',
61 'Content-Type' => 'text/plain; charset=UTF-8; format=flowed; delsp=yes',
62 'Content-Transfer-Encoding' => '8Bit',
63 'X-Mailer' => 'Hugo - Zen',
66 foreach ($headers as $key => $value) {
67 $mime_headers[] = "$key: $value";
69 $mail_headers = join("\n", $mime_headers);
71 // Send the mail, suppressing errors and setting Return-Path with the "-f" option.
72 $success = @mail
($to, $subject, $message, $mail_headers, '-f' . $sender);
75 $status = $success ?
'submitted' : 'error';
76 $contact_form_url = strtok($_SERVER['HTTP_REFERER'], '?');
78 // Redirect back to contact form with status.
79 header('Location: ' . $contact_form_url . '?' . $status, TRUE, 302);
82 function _contact_ff_wrap(&$line) {
83 $line = wordwrap($line, 72, " \n");
86 function _contact_clean_str($str, $quotes, $strip = false, $encode = false) {
88 $str = strip_tags($str);
91 $str = htmlspecialchars(trim($str), $quotes, 'UTF-8');
93 if ($encode && preg_match('/[^\x20-\x7E]/', $str)) {
94 $str = '=?UTF-8?B?' . base64_encode($str) . '?=';