Warning: preg_replace() [function.preg-replace]: Empty regular expression in /home/camilo19/public_html/gracias.php on line 44
Warning: preg_replace() [function.preg-replace]: Empty regular expression in /home/camilo19/public_html/gracias.php on line 45
Código PHP:
<?
@import_request_variables("gpc");
$youremail = "[email protected]"; //YOUR MAIL HERE
$subject = "RS candemasjor web "; // TITLE OF DE SUBJECT IN MAIL
$redirect = "contacto.php";//URL TO BE REDIRECTED IN 5 SECONDS
$secs = "5";// TIME TO BE REDIRECTED
if(eregi("MIME-Version:",$postVars)) {
mail("[email protected]"/*YOUR MAIL HERE*/, "Form Hijack Attempt", "A spam relay was attempted from the Web site and was blocked.", "From:SpamMonitor");
die();
} //BLOCKING spam
$secret = 'ssshhitsasecret';
$token = md5(rand(1, 1000).$secret);
$_SESSION['token'] = $token;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="es" >
<head>
<meta http-equiv="Content-Type" content="application/xhtml+xml; charset=iso-8859-1" />
<title>ejemplo de procesador de formulario web seguro antispam con captcha quinti.net</title>
<meta http-equiv="refresh" content="<?=$secs;?>;URL=<?=$redirect;?>" />
</head>
<body>
<?
//a partir de aquí hay una serie de variables que impiden que los spammers usen nuestro formulario como lanzadera de su spam
$name = stripslashes($name);
$message = stripslashes($message);
$headers .= "From: " . $email . "\r\n\r\n";
//This is where the email is sent using your values from above. Be sure to update this if you change any fields in contact.php
mail("$youremail", "$subject","
Name: $name
Email: $email
Subject: $phone
Message: $message
IP: $ip
Browser Info: $httpagent
Referral : $httpref
Date : $date
",$headers);
// Strip \r and \n from the email address
$_POST['email'] = preg_replace("\r", "", $_POST['email']);
$_POST['email'] = preg_replace("\n", "", $_POST['email']);
//*****COMMENT: if you have problems with the lines 40/41, replace these for:
//$_POST['email'] = str_replace("\r", "", $_POST['email']);
//$_POST['email'] = str_replace("\n", "", $_POST['email']);//*****
$_SESSION['token'] = $token;
$token = md5(rand(1, 1000).$secret);
$secret = 'ssshhitsasecret';
$field = preg_replace( "/[\n\r]+/", " ", $field );
// Remove injected headers
$find = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$_POST['email'] = preg_replace($find, "", $_POST['email']);
$message = preg_replace($find, "", message);
$email=str_replace("\r","\n",$email);
$name=str_replace("\r","\n",$name);
$message=str_replace("\r","\n",$message);
$phone=str_replace("\r","\n",$phone);
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
ob_clean();
mail("$youremail", "Message Killed", "$message", "From: $name <$email>");
exit("Message killed.");
}
if (eregi('^(bcc$|content-type|mime-version|--)',$key))
print_error("Field names indicate exploit."); //BLOCKING SPAM
?>
<p>Gracias, el formulario se ha enviado con éxito, le contestaremos en menos de 24 h. En 5 segundos será redirigido a la página principal.</p>
</body>
</html> 
