API tools faq
paste
Advertisement
tjromano

Untitled

tjromano
Jul 22nd, 2013
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 10.68 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.     session_start();
  4.    
  5.     function getRealIp() {
  6.        if (!empty($_SERVER['HTTP_CLIENT_IP'])) {  //check ip from share internet
  7.          $ip=$_SERVER['HTTP_CLIENT_IP'];
  8.        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {  //to check ip is pass from proxy
  9.          $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
  10.        } else {
  11.          $ip=$_SERVER['REMOTE_ADDR'];
  12.        }
  13.        return $ip;
  14.     }
  15.  
  16.     function writeLog($where) {
  17.    
  18.         $ip = getRealIp(); // Get the IP from superglobal
  19.         $host = gethostbyaddr($ip);    // Try to locate the host of the attack
  20.         $date = date("d M Y");
  21.        
  22.         // create a logging message with php heredoc syntax
  23.         $logging = <<<LOG
  24.             \n
  25.             << Start of Message >>
  26.             There was a hacking attempt on your form. \n
  27.             Date of Attack: {$date}
  28.             IP-Adress: {$ip} \n
  29.             Host of Attacker: {$host}
  30.             Point of Attack: {$where}
  31.             << End of Message >>
  32. LOG;
  33. // Awkward but LOG must be flush left
  34.    
  35.             // open log file
  36.             if($handle = fopen('hacklog.log', 'a')) {
  37.            
  38.                 fputs($handle, $logging);  // write the Data to file
  39.                 fclose($handle);           // close the file
  40.                
  41.             } else {  // if first method is not working, for example because of wrong file permissions, email the data
  42.            
  43.                 $to = 'tromano@mbcinteractive.com';  
  44.                 $subject = 'HACK ATTEMPT';
  45.                 $header = 'From: tromano@mbcinteractive.com';
  46.                 if (mail($to, $subject, $logging, $header)) {
  47.                     echo "Sent notice to admin.";
  48.                 }
  49.    
  50.             }
  51.     }
  52.    
  53. // PREPARE THE BODY OF THE MESSAGE
  54.  
  55. $message = '<html><body>';
  56. $message .= '<h1>ICES Employment Application</h1>';
  57. $message .= '<table width="623" align="center" cellpadding="2" rules="all" style="border-color: #000; border="1">';
  58. $message .= '<tr align="center" bgcolor="#eee" ><td width="265"><strong><h2>Question</h2></strong></td><td width="304"><strong><h2>Answer</h2></strong></td></tr>';
  59. $message .= "<tr>
  60.  <td><strong>Name:</strong> </td>
  61.  <td>" . strip_tags($_POST['name']) . "</td></tr>";
  62.   $message .= "<tr>
  63.  <td><strong>Other Names:</strong> </td>
  64.  <td>" . htmlentities($_POST['otherNames']) . "</td></tr>";
  65. $message .= "<tr><td><strong>Address:</strong> </td><td>" . strip_tags($_POST['address']) . "</td></tr>";
  66. $message .= "<tr><td><strong>City/State/Zip:</strong> </td><td>" . htmlentities($_POST['citystatezip']) . "</td></tr>";
  67. $message .= "<tr><td><strong>Home Phone:</strong> </td><td>" . $_POST['homePhone'] . "</td></tr>";
  68. $message .= "<tr><td><strong>Cell Phone:</strong> </td><td>" . strip_tags($_POST['cellPhone']) . "</td></tr>";
  69. $message .= "<tr><td><strong>Email:</strong> </td><td>" . $_POST['email'] . "</td></tr>";
  70. $message .= "<tr><td><strong>1. Which ICES job are you applying for?</strong> </td><td>" . $_POST['which'] . "</td></tr>";
  71. $message .= "<tr><td><strong>2. Have you ever applied or provided services for ICES, Inc. at any other time?</strong> </td>
  72.  <td>" . htmlentities($_POST['have'] ). "</td></tr>";
  73. $message .= "<tr><td><strong>3. Do any of your relatives presently work for ICES, Inc.?</strong> </td><td>" . $_POST['do'] . "</td></tr>";
  74. $message .= "<tr><td><blockquote>
  75.  <p><strong>If so, List their name(s)</strong> </p>
  76. </blockquote></td>
  77.  <td>" . $_POST['ifSo'] . "</td></tr>";
  78. $message .= "<tr><td><strong>4. Have you ever been terminated from a position for abuse or neglect?</strong> </td><td>" . $_POST['term'] . "</td></tr>";
  79. $message .= "<tr><td><strong>5. Have you ever been convicted of a felony crime, imprisioned, or on probation for any violation of any law?</strong> </td><td>" . $_POST['convict'] . "</td></tr>";
  80. $message .= "<tr><td><blockquote>
  81.  <p><strong>If so, explain:</strong> </p>
  82. </blockquote></td>
  83.  <td>" . htmlentities($_POST['convict_ifSo']) . "</td></tr>";
  84. $message .= "<tr><td><strong>6. Do you hold a valid driver's license?</strong> </td><td>" . $_POST['dl'] . "</td></tr>";
  85. $message .= "<tr><td><strong>7. Do you have reliable transportation?</strong> </td><td>" . $_POST['trans'] . "</td></tr>";
  86. $message .= "<tr><td><strong>8. Do you have automobile insurance?</strong> </td><td>" . $_POST['autoIns'] . "</td></tr>";
  87. $message .= "<tr><td><blockquote>
  88.  <p><strong>Insurance Company Name:</strong> </p>
  89. </blockquote></td>
  90.  <td>" . $_POST['insCo'] . "</td></tr>";
  91. $message .= "<tr><td><blockquote>
  92.  <p><strong>Policy Number:</strong> </p>
  93. </blockquote></td>
  94.  <td>" . $_POST['polNum'] . "</td></tr>";
  95. $message .= "<tr><td><blockquote>
  96.  <p><strong>Expiration Date:</strong> </p>
  97. </blockquote></td>
  98.  <td>" . $_POST['expDate'] . "</td></tr>";
  99. $message .= "<tr><td><blockquote>
  100.  <p><strong>Insurance Phone Number:</strong> </p>
  101. </blockquote></td>
  102.  <td>" . $_POST['insPh'] . "</td></tr>";
  103. $message .= "<tr><td><strong>Elementary/High School:</strong> </td><td>" . $_POST['k12'] . "</td></tr>";
  104. $message .= "<tr><td><strong>College:</strong> </td><td>" . $_POST['college'] . "</td></tr>";
  105. $message .= "<tr><td><strong>Graduate School:</strong> </td><td>" . $_POST['gradSch'] . "</td></tr>";
  106. $message .= "<tr><td><strong>List, in reverse chronological order, Colleges/Universities/High Schools attened (i.e.) Name of School, Address, Years Completed, Major, Degree):</strong> </td>
  107.  <td>" .htmlentities( $_POST['listIn']) . "</td></tr>";
  108. $message .= "<tr><td><strong>Do you speak any languages besides English?</strong> </td><td>" . $_POST['land'] . "</td></tr>";
  109. $message .= "<tr><td><blockquote>
  110.  <p><strong>If so, please list:</strong> </p>
  111. </blockquote></td>
  112.  <td>" . $_POST['lang_ifSo'] . "</td></tr>";
  113. $message .= "<tr><td><strong>List any certifications, licenses, applicable courses, etc:</strong> </td><td>" . $_POST['listAny'] . "</td></tr>";
  114. $message .= "<tr><td><strong>Professional references (list name & phone number):</strong> </td><td>" . $_POST['profRef'] . "</td></tr>";
  115. $message .= "<tr><td><strong>1st Company:</strong> </td><td>" . $_POST['company1'] . "</td></tr>";
  116. $message .= "<tr><td><blockquote>
  117.  <p><strong>Address:</strong> </p>
  118. </blockquote></td>
  119.  <td>" . $_POST['co1Add'] . "</td></tr>";
  120. $message .= "<tr><td><blockquote>
  121.  <p><strong>Supervisor:</strong> </p>
  122. </blockquote></td>
  123.  <td>" . $_POST['co1Super'] . "</td></tr>";
  124. $message .= "<tr><td><blockquote>
  125.  <p><strong>Phone #:</strong> </p>
  126. </blockquote></td>
  127.  <td>" . $_POST['co1Ph'] . "</td></tr>";
  128. $message .= "<tr><td><blockquote>
  129.  <p><strong>Employed From:</strong> </p>
  130. </blockquote></td>
  131.  <td>" . $_POST['co1_empFrom'] . "</td></tr>";
  132. $message .= "<tr><td><blockquote>
  133.  <p><strong>To:</strong> </p>
  134. </blockquote></td>
  135.  <td>" . $_POST['co1_empTo'] . "</td></tr>";
  136. $message .= "<tr><td><blockquote>
  137.  <p><strong>Duties:</strong> </p>
  138. </blockquote></td>
  139.  <td>" . $_POST['co1Dut'] . "</td></tr>";
  140. $message .= "<tr><td><blockquote>
  141.  <p><strong>Reason for Leaving:</strong> </p>
  142. </blockquote></td>
  143.  <td>" . htmlentities($_POST['co1Reason']) . "</td></tr>";
  144. $message .= "<tr><td><strong>2nd Company:</strong> </td><td>" . $_POST['company2'] . "</td></tr>";
  145. $message .= "<tr><td><blockquote>
  146.  <p><strong>Address:</strong> </p>
  147. </blockquote></td>
  148.  <td>" . $_POST['co2Add'] . "</td></tr>";
  149. $message .= "<tr><td><blockquote>
  150.  <p><strong>Supervisor:</strong> </p>
  151. </blockquote></td>
  152.  <td>" . $_POST['co2Super'] . "</td></tr>";
  153. $message .= "<tr><td><blockquote>
  154.  <p><strong>Phone #:</strong> </p>
  155. </blockquote></td>
  156.  <td>" . $_POST['co2Ph'] . "</td></tr>";
  157. $message .= "<tr><td><blockquote>
  158.  <p><strong>Employed From:</strong> </p>
  159. </blockquote></td>
  160.  <td>" . $_POST['co2_empFrom'] . "</td></tr>";
  161. $message .= "<tr><td><blockquote>
  162.  <p><strong>To:</strong> </p>
  163. </blockquote></td>
  164.  <td>" . $_POST['co2_empTo'] . "</td></tr>";
  165. $message .= "<tr><td><blockquote>
  166.  <p><strong>Duties:</strong> </p>
  167. </blockquote></td>
  168.  <td>" . $_POST['co2Dut'] . "</td></tr>";
  169. $message .= "<tr><td><blockquote>
  170.  <p><strong>Reason for Leaving:</strong> </p>
  171. </blockquote></td>
  172.  <td>" . htmlentities($_POST['co2Reason']) . "</td></tr>";
  173. $message .= "<tr><td><strong>3rd Company:</strong> </td><td>" . $_POST['company3'] . "</td></tr>";
  174. $message .= "<tr><td><blockquote>
  175.  <p><strong>Address:</strong> </p>
  176. </blockquote></td>
  177.  <td>" . $_POST['co3Add'] . "</td></tr>";
  178. $message .= "<tr><td><blockquote>
  179.  <p><strong>Supervisor:</strong> </p>
  180. </blockquote></td>
  181.  <td>" . $_POST['co3Super'] . "</td></tr>";
  182. $message .= "<tr><td><blockquote>
  183.  <p><strong>Phone #:</strong> </p>
  184. </blockquote></td>
  185.  <td>" . $_POST['co3Ph'] . "</td></tr>";
  186. $message .= "<tr><td><blockquote>
  187.  <p><strong>Employed From:</strong> </p>
  188. </blockquote></td>
  189.  <td>" . $_POST['co3_empFrom'] . "</td></tr>";
  190. $message .= "<tr><td><blockquote>
  191.  <p><strong>To:</strong> </p>
  192. </blockquote></td>
  193.  <td>" . $_POST['co3_empTo'] . "</td></tr>";
  194. $message .= "<tr><td><blockquote>
  195.  <p><strong>Duties:</strong> </p>
  196. </blockquote></td>
  197.  <td>" . $_POST['co3Dut'] . "</td></tr>";
  198. $message .= "<tr><td><blockquote>
  199.  <p><strong>Reason for Leaving:</strong> </p>
  200. </blockquote></td>
  201.  <td>" .htmlentities( $_POST['co3Reason']) . "</td></tr>";
  202. $message .= "<tr><td><strong>What are your goals and how does this position fit in with your goals?</strong> </td><td>" . $_POST['whatAre'] . "</td></tr>";
  203. $message .= "<tr><td><strong>Signature:</strong> </td><td>" . $_POST['sign'] . "</td></tr>";
  204. $message .= "<tr><td><strong>Date:</strong> </td><td>" . $_POST['date'] . "</td></tr>";
  205. $message .= "</table>";
  206. $message .= "</body></html>";
  207.  
  208. //  MAKE SURE THE "FROM" EMAIL ADDRESS DOESN'T HAVE ANY NASTY STUFF IN IT
  209.            
  210.             $pattern = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i";
  211.             if (preg_match($pattern, trim(strip_tags($_POST['email'])))) {
  212.                 $cleanedFrom = trim(strip_tags($_POST['email']));
  213.             } else {
  214.                 return "The email address you entered was invalid. Please try again!";
  215.             }
  216.  
  217. //   CHANGE THE BELOW VARIABLES TO YOUR NEEDS
  218.              
  219.             ini_set('SMTP', '172.16.4.18');
  220.             ini_set('smtp_port', 25);
  221.            
  222.             $to = 'DPolletta@mbcinteractive.com' . ', ';
  223.             $to = 'tromano@mbcinteractive.com';
  224.            
  225.             $subject = 'ICES Employment Application';
  226.            
  227.             $headers = "From: " . $cleanedFrom . "\r\n";
  228.             $headers .= "Reply-To: ". strip_tags($_POST['req-email']) . "\r\n";
  229.             $headers .= "MIME-Version: 1.0\r\n";
  230.             $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
  231.  
  232.             if (mail($to, $subject, $message, $headers)) {
  233.               echo 'Your message has been sent.';
  234.             } else {
  235.               echo 'There was a problem sending the email.';
  236.  
  237.             }
  238.            
  239.             /* Redirects to thank you page*/
  240. header('Location: http://www.cthealthcarejobs.com/icesthankyou.html');
  241.  
  242.  
  243. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!