diff options
Diffstat (limited to 'contact.php')
-rw-r--r-- | contact.php | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/contact.php b/contact.php new file mode 100644 index 0000000..7bfe852 --- /dev/null +++ b/contact.php @@ -0,0 +1,57 @@ +<?php +# This file is part of contact.php. + +# contact.php is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# contact.php is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with contact.php. If not, see <https://www.gnu.org/licenses/>. + +# Copyright © 2020 Ludovic Pouzenc <ludovic@pouzenc.fr> + +$config['from_email'] = 'www-data@intarnet.fr'; +$config['from_user'] = 'No Reply'; +$config['contact_to'] = 'intarnet@framalistes.org'; +$config['subject_prefix'] = '[contact] '; + + +# Utility fonction to wrap PHP mail() function, with some UTF-8 considerations +function mail_utf8($to, $subject, $message, $from_email, $from_user, $original_email='', $original_user='') +{ + $from_user64 = (iconv('UTF-8', 'ASCII//IGNORE', $from_user )===$from_user )?$from_user :"=?UTF-8?B?".base64_encode($from_user )."?="; + $original_user64 = (iconv('UTF-8', 'ASCII//IGNORE', $original_user)===$original_user)?$original_user:"=?UTF-8?B?".base64_encode($original_user)."?="; + $subject64 = (iconv('UTF-8', 'ASCII//IGNORE', $subject )===$subject )?$subject :"=?UTF-8?B?".base64_encode($subject )."?="; + $message70 = wordwrap($message, 70, "\n"); + $additional_headers = + "From: $from_user64 <$from_email>\r\n". + ((strlen($original_email)>0)?"Reply-To: $original_user64 <$original_email>\r\n":""). + "MIME-Version: 1.0" . "\r\n" . + "Content-type: text/plain; charset=UTF-8" . "\r\n"; + return mail($to, $subject64, $message70, $additional_headers); +} + +# Query parameter checking (assuming form encoding is UTF-8) +$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING); +$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); +$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING); +$valid_parameters = (strlen($name)>0) && (strlen($email)>0) && (strlen($message)>0) && (strlen($name)<100) && (strlen($email)<100) && (strlen($message)<100000); +if ($valid_parameters !== TRUE) { + echo "Invalid parameters\n"; + exit(); +} + +# Try to actually send an email +if ( !mail_utf8($config['contact_to'], $config['subject_prefix'] . $name, $message, $config['from_email'], $config['from_user'], $email, $name) ) { + echo "Error sending mail\n"; + exit(); +} + +# If we are here, mail has been sent (or queued) successfully +header('Location: /'); |