X-Git-Url: https://git.p6c8.net/form-email.git/blobdiff_plain/d30a679aaebd16d4bef1f883f0ab63fbf1c2ecb2..cecad9c666f3f19827ee52ad1032e7fa91b7137e:/form-email/functions.php

diff --git a/form-email/functions.php b/form-email/functions.php
index 9f5937d..9e68c64 100644
--- a/form-email/functions.php
+++ b/form-email/functions.php
@@ -1,19 +1,20 @@
 <?php
 
 #
-# Form E-Mail 3.4.1 - functions.php
+# Form E-Mail 3.5
 #
-# Verschiedene gemeinsam genutze Funktionen
+# Versenden einer E-Mail, die ueber ein Kontaktformular
+# geschrieben wurde.
 #
 # Autor:            Patrick Canterino <patrick@patshaping.de>
-# Letzte Aenderung: 11.1.2009
+# Letzte Aenderung: 17.12.2011
 #
 # Copyright (C) 2002-2011 Patrick Canterino
 #
-# Diese Datei kann unter den Bedingungen der "Artistic License 1.0"
+# Diese Datei kann unter den Bedingungen der "Artistic License 2.0"
 # weitergegeben und / oder veraendert werden.
 # Siehe:
-# http://www.opensource.org/licenses/artistic-license-1.0.php
+# http://www.opensource.org/licenses/artistic-license-2.0
 #
 
 # formdata()
@@ -28,36 +29,31 @@
 #                wird nichts zurueckgegeben.
 #              - Codierende Backslashes werden automatisch entfernt
 
-function formdata($param)
-{
- switch($_SERVER['REQUEST_METHOD'])
- {
-  case 'GET':
-   if(isset($_GET[$param]))
-   {
-    $value = $_GET[$param];
-    break;
-   }
-   else return null;
-
-  case 'POST':
-   if(isset($_POST[$param]))
-   {
-    $value = $_POST[$param];
-    break;
-   }
-   else return null;
-
-  default:
-   return null;
- }
-
- if(get_magic_quotes_gpc())
- {
-  if(is_array($value)) return array_map('stripslashes',$value);
-  else return stripslashes($value);
- }
- else return $value;
+function formdata($param) {
+    switch($_SERVER['REQUEST_METHOD']) {
+        case 'GET':
+            if(isset($_GET[$param])) {
+                $value = $_GET[$param];
+                break;
+            }
+            else return null;
+
+        case 'POST':
+            if(isset($_POST[$param])) {
+                $value = $_POST[$param];
+                break;
+            }
+            else return null;
+
+        default:
+            return null;
+    }
+
+    if(get_magic_quotes_gpc()) {
+        if(is_array($value)) return array_map('stripslashes',$value);
+        else return stripslashes($value);
+    }
+    else return $value;
 }
 
 # plain()
@@ -70,20 +66,18 @@ function formdata($param)
 #
 # Rueckgabe: Bearbeiteter Text (String)
 
-function &plain(&$text,$linebreak='<br>')
-{
- $htmltext = htmlentities($text);
- $htmltext = preg_replace("/\015\012|\012|\015/",$linebreak,$htmltext);
+function plain($text,$linebreak='<br>') {
+    $htmltext = htmlspecialchars($text);
+    $htmltext = preg_replace("/\015\012|\012|\015/",$linebreak,$htmltext);
 
- for($x=0;$x<strlen($htmltext);$x++)
- {
-  if($htmltext[$x] == ' ' && $htmltext[$x+1] == ' ') $htmltext[$x] = "\240";
- }
+    for($x=0;$x<strlen($htmltext);$x++) {
+        if($htmltext[$x] == ' ' && $htmltext[$x+1] == ' ') $htmltext[$x] = "\240";
+    }
 
- $htmltext = str_replace("\240",'&nbsp;',$htmltext);
- $htmltext = str_replace($linebreak.' ',$linebreak.'&nbsp;',$htmltext);
+    $htmltext = str_replace("\240",'&nbsp;',$htmltext);
+    $htmltext = str_replace($linebreak.' ',$linebreak.'&nbsp;',$htmltext);
 
- return $htmltext;
+    return $htmltext;
 }
 
 # semicolon_split()
@@ -95,12 +89,11 @@ function &plain(&$text,$linebreak='<br>')
 #
 # Rueckgabe: Aufgeteilte Zeichenkette (Array)
 
-function semicolon_split($string)
-{
- $parts = explode(';',$string);
- $parts = array_map('trim',$parts);
+function semicolon_split($string) {
+    $parts = explode(';',$string);
+    $parts = array_map('trim',$parts);
 
- return $parts;
+    return $parts;
 }
 
 # show_fatal()
@@ -110,17 +103,24 @@ function semicolon_split($string)
 #
 # Parameter: Fehlermeldung
 
-function show_fatal(&$errmsg)
-{
- global $tpl_fatal;
+function show_fatal($errmsg,$vars=array()) {
+    global $tpl_fatal;
 
- $tpl = new Template;
- $tpl->read_file($tpl_fatal);
+    $tpl = new Template;
+    $tpl->read_file($tpl_fatal);
 
- $tpl->fillin('ERROR',$errmsg);
+    if(sizeof($vars) > 0) {
+        while(list($var,$content) = each($vars)) {
+            $errmsg = str_replace('{'.$var.'}',htmlspecialchars($content),$errmsg);
+        }
+    }
 
- print $tpl->get_template();
- exit;
+    $tpl->set_var('ERROR',$errmsg);
+
+    $tpl->parse();
+
+    print $tpl->get_template();
+    exit;
 }
 
 # show_user_error()
@@ -130,25 +130,37 @@ function show_fatal(&$errmsg)
 #
 # Parameter: Fehlermeldung
 
-function show_user_error(&$errmsg)
-{
- global $captcha_enable, $email, $name, $subject, $text, $tpl_user_error;
+function show_user_error($errmsg) {
+    global $captcha_enable, $email, $name, $subject, $text, $user_fields, $tpl_user_error;
+
+    $tpl = new Template;
+    $tpl->read_file($tpl_user_error);
+
+    $tpl->parse_if_block('CAPTCHA',$captcha_enable);
+
+    $tpl->set_var('EMAIL',  htmlspecialchars($email));
+    $tpl->set_var('ERROR',  $errmsg);
+    $tpl->set_var('NAME',   htmlspecialchars($name));
+    $tpl->set_var('SUBJECT',htmlspecialchars($subject));
+    $tpl->set_var('TEXT',   htmlspecialchars($text));
+
+    reset($user_fields);
 
- $tpl = new Template;
- $tpl->read_file($tpl_user_error);
+    while(list($user_field,$user_field_data) = each($user_fields)) {
+        if(isset($user_field_data['tpl_var']) && $user_field_data['tpl_var'] != '') {
+            $tpl_var = $user_field_data['tpl_var'];
+        }
+        else {
+            $tpl_var = 'USER_'.$user_field;
+        }
 
- $tpl->parse_if_block('CAPTCHA',$captcha_enable);
- 
- $tpl->set_var('EMAIL',  htmlentities($email));
- $tpl->set_var('ERROR',  $errmsg);
- $tpl->set_var('NAME',   htmlentities($name));
- $tpl->set_var('SUBJECT',htmlentities($subject));
- $tpl->set_var('TEXT',   htmlentities($text));
+        $tpl->set_var($tpl_var,htmlspecialchars(formdata($user_field)));
+    }
 
- $tpl->parse();
+    $tpl->parse();
 
- print $tpl->get_template();
- exit;
+    print $tpl->get_template();
+    exit;
 }
 
 #