"; // RECAPTCH RESPONSE $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "$url"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "secret=$key&response=$captcha"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $output = curl_exec($ch); curl_close($ch); //echo $output; $data = json_decode($output); //print_r($data); if(isset($data->success) && $data->success === false) { echo('reCaptcha Invalid'); exit; } } //echo "Form Debug: I am here after checking reCaptcha"; //exit; ////////////////////////////////// EOF reCaptcha /////////////////////////////////////////////////////// ///////////////// Host must be www.hdtvsupply.com ///////////////////////// // if($_SERVER['HTTP_HOST'] != "p11.secure.hostingprod.com" ) // { // die("Not Valid HOST "); // exit; // } ///////////////// Method must be post ///////////////////////// // if($_SERVER['HTTP_REFERER'] != "https://www.hdtvsupply.com/contactus.html" ) // { // die("Referer NOT correct."); // exit; // } ///////////////// Method must be post ///////////////////////// if($_SERVER['REQUEST_METHOD'] != "POST" ) { die("The request method is not POST."); exit; } ///////////// So a missing HTTP_USER_AGENT value almost always indicates a spammer bot. //////////// if(empty($_SERVER['HTTP_USER_AGENT'])) { die("The request is not valid as user agent."); exit; } ///////////////// My code value must be the same ///////////////////////// if($_POST['mycode'] != md5('contactus_hdtvsupply.com')) { die("My code is wrong."); exit; } /**************************************************************************************/ //////////////////// BOF Stop Bad Form Requests ////////////////////////////////////// /**************************************************************************************/ //////////////////////////////////////// BOF MX Record /////////////////////////// /* checkdnsrr($domain_name, "MX OR A") * http://php.net/manual/en/function.checkdnsrr.php * checkdnsrr — Check DNS records corresponding to a given domain name (host name) or IP address * host may either be the IP address in dotted-quad notation or the host name. * type may be any one of: A, MX, NS, SOA, PTR, CNAME, AAAA, A6, SRV, NAPTR, TXT or ANY. * Returns TRUE if any records are found; returns FALSE if no records were found or if an error occurred. /*------------------------ GET DOMAIN NAME FROM EMAIl ---------------------------------*/ ///////////////// Check MX Record ///////////////////////// $hdmi = $_POST["hdmi"]; $cat6 = $_POST["cat6"]; $dvi = $_POST["dvi"]; $vga = $_POST["vga"]; $sdi = $_POST["sdi"]; $fiber = $_POST["fiber"]; $component = $_POST["component"]; $composite = $_POST["composite"]; $rlaudio = $_POST["rlaudio"]; $hdmioutputs = $_POST["hdmioutputs"]; $cat6outputs = $_POST["cat6outputs"]; $dvioutputs = $_POST["dvioutputs"]; $vgaoutputs = $_POST["vgaoutputs"]; $sdioutputs = $_POST["sdioutputs"]; $fiberoutputs = $_POST["fiberoutputs"]; $componentoutputs = $_POST["componentoutputs"]; $compositeoutputs = $_POST["compositeoutputs"]; $rlaudiooutputs = $_POST["rlaudiooutputs"]; $res1080p = $_POST["res1080p"]; $res4k30 = $_POST["res4k30"]; $res4k60 = $_POST["res4k60"]; $vw2x2 = isset($_POST["vw2x2"]) ? "Yes" : ""; $vw3x3 = isset($_POST["vw3x3"]) ? "Yes" : ""; $vwother = $_POST["vwother"]; $iosapp = isset($_POST["iosapp"]) ? "Yes" : ""; $androidapp = isset($_POST["androidapp"]) ? "Yes" : ""; $webgui = isset($_POST["webgui"]) ? "Yes" : ""; $pcsoftwarectrl = isset($_POST["pcsoftwarectrl"]) ? "Yes" : ""; $frontpanelbuttons = isset($_POST["frontpanelbuttons"]) ? "Yes" : ""; $frontpaneltouchscreen = isset($_POST["frontpaneltouchscreen"]) ? "Yes" : ""; $remotecontrol = isset($_POST["remotecontrol"]) ? "Yes" : ""; $rs232 = isset($_POST["rs232"]) ? "Yes" : ""; $tcpip = isset($_POST["tcpip"]) ? "Yes" : ""; $control4 = isset($_POST["control4"]) ? "Yes" : ""; $creston = isset($_POST["creston"]) ? "Yes" : ""; $elan = isset($_POST["elan"]) ? "Yes" : ""; $rti = isset($_POST["rti"]) ? "Yes" : ""; $sportsbarsoftware = isset($_POST["sportsbarsoftware"]) ? "Yes" : ""; $c3rparty = isset($_POST["c3rparty"]) ? "Yes" : ""; $name = $_POST["name"]; $phone = $_POST["phone"]; $orderdate = $_POST["orderdate"]; $installdate = $_POST["installdate"]; $budgetrange = $_POST["budgetrange"]; $email = $_POST["email"]; $ienone = $_POST["ienone"]; $iesome = $_POST["iesome"]; $iealot = $_POST["iealot"]; $inputlabellength = $_POST["inputlabellength"]; $outputlabellength = $_POST["outputlabellength"]; $st2sec = $_POST["st2sec"]; $st100ms = $_POST["st100ms"]; $comments = $_POST["comments"]; $message = "

Build Your Own Product Form Submission:

\r\n"; $message .= "Name: $name

\r\n"; $message .= "Phone: $phone

\r\n"; $message .= "Order Date: $orderdate

\r\n"; $message .= "Install Date: $installdate

\r\n"; $message .= "Budget: $budgetrange

\r\n"; $message .= "Email: $email

\r\n"; $message .= "

Qty Of Inputs:

\r\n"; $message .= "HDMI: $hdmi

\r\n"; $message .= "HDBaseT (Cat6): $cat6

\r\n"; $message .= "DVI: $dvi

\r\n"; $message .= "VGA: $vga

\r\n"; $message .= "SDI: $sdi

\r\n"; $message .= "Fiber: $fiber

\r\n"; $message .= "Component: $component

\r\n"; $message .= "Composite: $composite

\r\n"; $message .= "rlaudio: $rlaudio

\r\n"; $message .= "Input Label Length: $inputlabellength

\r\n"; $message .= "

Qty Of Outputs:

\r\n"; $message .= "HDMI: $hdmioutputs

\r\n"; $message .= "HDBaseT (Cat6): $cat6outputs

\r\n"; $message .= "DVI: $dvioutputs

\r\n"; $message .= "VGA: $vgaoutputs

\r\n"; $message .= "SDI: $sdioutputs

\r\n"; $message .= "Fiber: $fiberoutputs

\r\n"; $message .= "Component: $componentoutputs

\r\n"; $message .= "Composite: $compositeoutputs

\r\n"; $message .= "rlaudio: $rlaudiooutputs

\r\n"; $message .= "Output Label Length: $outputlabellength

\r\n"; $message .= "

Resolution:

\r\n"; $message .= "1080p: $res1080p

\r\n"; $message .= "4K 30: $res4k30

\r\n"; $message .= "4K 60 ($): $res4k60

\r\n"; $message .= "

Video Walls:

\r\n"; $message .= "2x2: $vw2x2

\r\n"; $message .= "3x3: $vw3x3

\r\n"; $message .= "Other: $vwother

\r\n"; $message .= "

Control:

\r\n"; $message .= "iOS App: $iosapp

\r\n"; $message .= "Android App: $androidapp

\r\n"; $message .= "WEB GUI: $webgui

\r\n"; $message .= "PC Software: $pcsoftwarectrl

\r\n"; $message .= "Front Panel Buttons: $frontpanelbuttons

\r\n"; $message .= "Front Panel Touchscreen: $frontpaneltouchscreen

\r\n"; $message .= "Remote Control: $remotecontrol

\r\n"; $message .= "RS232: $rs232

\r\n"; $message .= "TCPIP: $tcpip

\r\n"; $message .= "Control4: $control4

\r\n"; $message .= "Creston: $creston

\r\n"; $message .= "Elan: $elan

\r\n"; $message .= "RTI: $rti

\r\n"; $message .= "Sports Bar Software: $sportsbarsoftware

\r\n"; $message .= "3rd Party: $c3rparty

\r\n"; $message .= "

Install Experience:

\r\n"; $message .= "None: $ienone

\r\n"; $message .= "Moderate: $iesome

\r\n"; $message .= "Experienced: $iealot

\r\n"; $message .= "

Switch Time:

\r\n"; $message .= "~2 Sec: $st2sec

\r\n"; $message .= "100ms ($): $st100ms

\r\n"; $message .= "Comments: $comments

\r\n"; //$headers = "Content-Type: text/html; charset=UTF-8\r\n"; //$r = @mail("support@hdtvsupply.com", "Build Your Own Product Form Submission", $message, $headers); //$r = @mail("sj@samyakonline.net", "Build Your Own Product Form Submission", $message, $headers); //$r = @mail("kostyai@gmail.com", "Build Your Own Product Form Submission", $message, $headers); $mail = $_POST['email']; $domain = strstr($mail, '@'); $domain_name = substr($domain, 1); if (!checkdnsrr($domain_name, "MX")) { echo "Not valid MX Record"; exit; } //////////////////////////////////////// EOF MX Record //////////////////////////// ///////////////// Token does not work due to common form ///////////////////////// /*if(($_SESSION['token'] != $_POST['token'])) { die("The token is wrong."); exit; } */ ///////////////// Trick to prevent bot: If this field is with value then bot has sent it ///////////////////////// if(isset($_POST['bot_kiiler']) && trim($_POST['bot_kiiler']) != '') { die("The request is not valid."); exit; } //echo "success"; //exit; /**************************************************************************************/ //////////////////// EOF Stop Bad Form Requests ////////////////////////////////////// /**************************************************************************************/ /**************************************************************************************/ //////////////////// BOF Input Filtering //////////////////////////////////////////// /**************************************************************************************/ //////////////////////////////////// BOF Form Processing ///////////////////////////////////////////////// define('ONLINE', true); date_default_timezone_set('America/Los_Angeles'); require 'phpmailer/PHPMailerAutoload.php'; if(ONLINE) { //define('DOMAIN', 'https://p11.secure.hostingprod.com/@site.hdtvsupply.com/ssl/hdtvsupplycp'); define('DOMAIN', 'https://forms.hdtvsupply.com/myforms'); } else { define('DOMAIN', 'http://192.168.1.21/hdtvsupply/ssl/hdtvsupplycp/quote'); } //Returns the names and values of all the constants currently defined. //This includes those created by extensions as well as those created with the define() function. $myconst = get_defined_constants(); // {$myconst['DOMAIN']} function cleanUserData($user_data) { $clean_data = trim(strip_tags($user_data)); return $clean_data; } $name = ucwords(cleanUserData($_POST['name'])); $email = cleanUserData($_POST['email']); $comments = cleanUserData($_POST['comments']); $response_data = array(); /*------------------------ check name ---------------------------------*/ $reg_name = "/^[a-zA-Z\s\.]+$/"; $nm = "/^[1-9][0-9]*$/"; if(empty($name)) { $response_data['name'] = 'Name is required.'; //echo $response_data['name']; } if(!preg_match($reg_name, $name)) { $response_data['fname'] = 'The name can only contain alphabets.'; //echo $response_data['name']; } /*------------------------ check mobile ---------------------------------*/ //if(empty($mobile)) //{ // $response_data['mobile'] = 'Contact number is required.'; //echo $response_data['name']; //} /*------------------------ check email ---------------------------------*/ if(empty($email)) { $response_data['email'] = 'Email is required.'; //echo $response_data['name']; } if (!filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)) { $response_data['email'] = 'E-Mail is not valid'; } /*------------------------ Check comments ---------------------------------*/ if(empty($comments)) { $response_data['url'] = 'Required field.'; //echo $response_data['name']; } /**************************************************************************************/ //////////////////// EOF Input Filtering //////////////////////////////////////////// /**************************************************************************************/ $count = count($response_data); //echo $count; //print_r($response_data); if( $count > 0) { foreach ($response_data as $key => $value) { echo "$key: $value"; echo "$value"; echo "
"; } echo 'Back'; exit; } else { /*------------------------ send email ---------------------------------*/ //$name = $fname.' '.$lname; //echo $phone; //echo $problem; //exit; // setup variables $HostAddress = gethostbyaddr($_SERVER['REMOTE_ADDR']); $ip = $_SERVER['REMOTE_ADDR']; $sMailBody =<<<"EOT"

Live Tech Support: 833-WOLFPACK (833-965-3722)

{$message}

Subimiited via IP Address : {$ip}

We will reply back to you shortly.

Thanks and Regards,
HDTVSupply Team

HDTV Supply, Inc.
E-mail: rachel@hdtvsupply.com
Live Tech Support: 833-WOLFPACK (833-965-3722)
Web: https://www.hdtvsupply.com

EOT; //echo $sMailBody; //exit; /////////////////////////////////////////////////////////////////////////////////////////////////////// $mail = new PHPMailer(true); // the true param means it will throw exceptions on errors, which we need to catch //================================ BOF SMTP ===================================// //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ BOF ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~// //$mail->SMTPDebug = 3; // Enable verbose debug output $mail->isSMTP(); // Set mailer to use SMTP $mail->Host = 'smtp.mail.yahoo.com'; // Specify main and backup SMTP servers $mail->SMTPAuth = true; // Enable SMTP authentication $mail->Username = 'rachel@hdtvsupply.com'; // SMTP username $mail->Password = 'sichpincnldbcbnh'; // SMTP password //$mail->Username = 'sjain@hdtvsupply.com'; // SMTP username //$mail->Password = 'oiextpcphwcwfqjp'; // SMTP password $mail->SMTPSecure = 'tls'; $mail->Port = 587; // Enable TLS encryption, `ssl` also accepted //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ EOF ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~// $mail->SetFrom('rachel@hdtvsupply.com', 'HDTVSupply'); $mail->AddAddress($email, $name); //$mail->AddAddress('support@hdtvsupply.com', 'HDTVSupply'); $mail->AddAddress('customerservice@hdtvsupply.com', 'Customer Service'); //$mail->AddAddress('tickets@hdtv-supply.p.tawk.email', 'Customer Service'); $mail->AddAddress('tickets@hdtv-supply-wojiuj.p.tawk.email', 'Customer Service'); $mail->AddAddress('rachel@hdtvsupply.com', 'Rachel'); //$mail->AddReplyTo($email, $name); NOT WROKING ON YAHOO SERVER //$mail->AddCc('support@hdtvsupply.com', 'HDTVSupply'); NOT WROKING ON YAHOO SERVER //$mail->AddBcc('info@samyakonline.net', 'HDTVSupply'); $mail->isHTML(true); $mail->Subject = 'Build Your Own / HDTVSupply.com'; $mail->AltBody = 'To view the message, please use an HTML compatible email viewer!'; // optional - MsgHTML will create an alternate automatically $mail->MsgHTML($sMailBody); $mail->Send(); //echo $sMailBody; //================================================ //header("location:https://www.hdtvsupply.com/thanks.html"); //echo '

Thanks for submission.

'; //echo '

We will respond very soon.

'; echo ""; exit; } /**************************************************************************************/ //////////////////// EOF SEND EMAIL ///////////////////////////////////////////////// /**************************************************************************************/ //////////////////////////////////// EOF Form Processing ///////////////////////////////////////////////// ?>