////////////////////////////////////////////////////////////////////////////////////////
//This has been modified from the original to show the use of each line
//You can delete all lines that start with "//", but DO NOT delete any with $
//Comments explain what is in the line BELOW each comment
///////////////////////////////////////////////////////////////////////////////////////

//// create a form submit button named submit, with value=submit, method=post and action=formmailer.php
/// fill out this next section, save this text file as "formmailer.php", and place in the same directory as your form (usually the /html/ folder)

<?php
// these options usually work just fine
	$check_referrer="no";
	$referring_domains="";
// this is overridden by the thanks_page and error_page at the bottom of the list
// I usually ignore these 4 lines
	$error_page_title="Error - Missed Fields";
	$error_page_text="Please use your browser's back button to return to the form and complete the required fields.";
	$thanks_page_title="Message Sent";
	$thanks_page_text="Thank you for your inquiry";

// options to use if hidden field "config" has a value of 0
//
	$charset[0]="iso-8859-1";
// enter the email, cc or bcc for the form to go to, just like sending email
	$tomail[0]="YOUR_EMAIL@YOUR_DOMAIN";
	$cc_tomail[0]="";
	$bcc_tomail[0]="";
// you can use any subject you like
	$subject[0]="Email from YOUR_WEBSITE_NAME";
	$reply_to_field[0]="Email";
	$reply_to_name[0]="Name";
// you can make any fields in your form required
// if these are not completed, the user will get the error page below if you 
// choose one, or the error message above if you do not
	$required_fields[0]="Name,Message";
// required email fields are different, must have xxx@xxxxx.xxx format
// only put the field in your form that asks for an email address on this line
	$required_email_fields[0]="Email";
// if your form has any attachment fields, list them here
	$attachment_fields[0]="";
	$return_ip[0]="";
// this text gets put above the main email - put anything you want here
	$mail_intro[0]="Email from YOURSITE.com";
// this should be a list of all the field names in your form
	$mail_fields[0]="Name,Email,City,Phone,Message";
	$mail_type[0]="text";
	$mail_priority[0]="1";
// send an auto-responder back to the sender
	$send_copy[0]="yes";
	$send_copy_format[0]="vert_table";
// choose which fields get sent in the auto-responder
	$send_copy_fields[0]="Name,Email,City,Phone,Message";
// if you want attachment fields sent back to the sender, put the fields here
	$send_copy_attachment_fields[0]="";
// the subject of the auto-responder email
	$copy_subject[0]="NEW SITE email confirmation";
// this text gets put above the main auto-responder email
// you can format this via html tags, since we are sending as vert_table above, which uses html
	$copy_intro[0]="Thank you for contacting NEW SITE.<br>Your email (below) has been sent.<br><br>Someone will respond shortly.<br><br>If you require immediate assistance, please call xxx-PHONE-PHONE.<br><br>***************************************<br>This is an automated confirmation message.<br>";
// the email address that the auto-responder will show as sent from
	$copy_from[0]="mail@NEWSITE.com";
// the field from the form to send the auto-responder to, usually Email or email
	$copy_tomail_field[0]="Email";
// sorry, I dont use the header/footer, you will have to ask dbmasters
	$header[0]="";
	$footer[0]="";
// designate a page to show an error message if required fields are not completed
	$error_page[0]="formerror.html";
// designate a page to send user to after sending form is completed
	$thanks_page[0]="formthanks.html";

// THAT IS THE END 
// for another form, use hidden field named config with value of 1, and fill out all the same lines below
// you can copy, paste and change the 1 to 2, 3, etc for as many forms as you like, with one formmailer

////////////////////////////////////////////////////////////////////////////////////////

// options to use if hidden field "config" has a value of 1
	$charset[1]="iso-8859-1";
	$tomail[1]="mail@NEWSITE.com	";
	$cc_tomail[1]="";
	$bcc_tomail[1]="";
	$subject[1]="Email from NEWSITE.com";
	$reply_to_field[1]="Email";
	$reply_to_name[1]="Name";
	$required_fields[1]="Name,Message";
	$required_email_fields[1]="Email";
	$attachment_fields[1]="";
	$return_ip[1]="";
	$mail_intro[1]="Email from NEWSITE.com";
	$mail_fields[1]="Name,Email,City,Phone,Message";
	$mail_type[1]="text";
	$mail_priority[1]="1";
	$send_copy[1]="yes";
	$send_copy_format[1]="vert_table";
	$send_copy_fields[1]="Name,Email,City,Phone,Message";
	$send_copy_attachment_fields[1]="";
	$copy_subject[1]="NEW SITE email confirmation";
	$copy_intro[1]="Thank you for contacting NEW SITE.<br>Your email (below) has been sent.<br><br>Someone will respond shortly.<br><br>If you require immediate assistance, please call 435-PHONE-PHONE.<br><br>***************************************<br>This is an automated confirmation message.<br>";
	$copy_from[1]="mail@NEWSITE.com";
	$copy_tomail_field[1]="Email";
	$header[1]="";
	$footer[1]="";
	$error_page[1]="formerror.html";
	$thanks_page[1]="formthanks.html";

////////////////////////////////////////////////////////////////////////////////////////

// options to use if hidden field "config" has a value of 2
	$charset[2]="iso-8859-1";
	$tomail[2]="mail@NEWSITE.com	";
	$cc_tomail[2]="";
	$bcc_tomail[2]="";
	$subject[2]="Email from NEWSITE.com";
	$reply_to_field[2]="Email";
	$reply_to_name[2]="Name";
	$required_fields[2]="Name,Message";
	$required_email_fields[2]="Email";
	$attachment_fields[2]="";
	$return_ip[2]="";
	$mail_intro[2]="Email from NEWSITE.com";
	$mail_fields[2]="Name,Email,City,Phone,Message";
	$mail_type[2]="text";
	$mail_priority[2]="1";
	$send_copy[2]="yes";
	$send_copy_format[2]="vert_table";
	$send_copy_fields[2]="Name,Email,City,Phone,Message";
	$send_copy_attachment_fields[2]="";
	$copy_subject[2]="NEW SITE email confirmation";
	$copy_intro[2]="Thank you for contacting NEW SITE.<br>Your email (below) has been sent.<br><br>Someone will respond shortly.<br><br>If you require immediate assistance, please call 435-PHONE-PHONE.<br><br>***************************************<br>This is an automated confirmation message.<br>";
	$copy_from[2]="mail@NEWSITE.com";
	$copy_tomail_field[2]="Email";
	$header[2]="";
	$footer[2]="";
	$error_page[2]="formerror.html";
	$thanks_page[2]="formthanks.html";

/////////////////////////////////////////////////////////////////////////
// Don't muck around past this line unless you know what you are doing //
/////////////////////////////////////////////////////////////////////////

ob_start();
$config=$_POST["config"];
$reply_to_field=$reply_to_field[$config];
$reply_to_name=$reply_to_name[$config];
$copy_tomail_field=$copy_tomail_field[$config];

if($header[$config]!="")
	include($header[$config]);

if($_POST["submit"] || $_POST["Submit"] || $_POST["submit_x"] || $_POST["Submit_x"])
{

////////////////////////////
// begin global functions //
////////////////////////////
// get visitor IP
	function getIP()
	{
		if(getenv(HTTP_X_FORWARDED_FOR))
			$user_ip=getenv("HTTP_X_FORWARDED_FOR");
		else
			$user_ip=getenv("REMOTE_ADDR");
		return $user_ip;
	}
// get value of given key
	function parseArray($key)
	{
		$array_value=$_POST[$key];
		$count=1;
		extract($array_value); 
		foreach($array_value as $part_value) 
		{
			if($count > 1){$value.=", ";}
			$value.=$part_value;
			$count=$count+1;
		}
		return $value;
	}
// stripslashes and autolink url's
	function parseValue($value)
	{
		$value=preg_replace("/(http:\/\/+.[^\s]+)/i",'<a href="\\1">\\1</a>', $value);
		return $value;
	}
// html header if used
	function htmlHeader()
	{
		$htmlHeader="<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">\n<html>\n<head><meta http-equiv=\"Content-Type\" content=\"text/html; charset=".$charset[$config]."\"></head>\n<body>\n<table cellpadding=\"2\" cellspacing=\"0\" border=\"0\" width=\"600\">\n";
		return $htmlHeader;
	}
// html footer if used
	function htmlFooter()
	{
		$htmlFooter="</table>\n</body>\n</html>\n";
		return $htmlFooter;
	}
// build verticle table format
	function buildVertTable($fields, $intro, $to, $send_ip)
	{
		$message=htmlHeader();
		if($intro != "")
			$message.="<tr>\n<td align=\"left\" valign=\"top\" colspan=\"2\">".$intro."</td>\n</tr>\n";
		$fields_check=preg_split('/,/',$fields);
		$run=sizeof($fields_check);
		for($i=0;$i<$run;$i++)
		{
			$cur_key=$fields_check[$i];
			$cur_value=$_POST[$cur_key];
			if(is_array($cur_value))
			{
				$cur_value=parseArray($cur_key);
			}
			$cur_value=parseValue($cur_value);
			$message.="<tr>\n<td align=\"left\" valign=\"top\" style=\"white-space:nowrap;\"><b>".$cur_key."</b></td>\n<td align=\"left\" valign=\"top\" width=\"100%\">".nl2br($cur_value)."</td>\n</tr>\n";
		}
		if($send_ip=="yes" && $to=="recipient")
		{
			$user_ip=getIP();
			$message.="<tr>\n<td align=\"left\" valign=\"top\" style=\"white-space:nowrap;\"><b>Sender IP</b></td>\n<td align=\"left\" valign=\"top\" width=\"100%\">".$user_ip."</td>\n</tr>\n";
		}	
		$message.=htmlFooter();
		return $message;
	}
// build horizontal table format
	function buildHorzTable($fields, $intro, $to, $send_ip)
	{
		$message=htmlHeader();
		$fields_check=preg_split('/,/',$fields);
		$run=sizeof($fields_check);
		if($intro != "")
			$message.="<tr>\n<td align=\"left\" valign=\"top\" colspan=\"".$run."\">".$intro."</td>\n</tr>\n";
		$message.="<tr>\n";
		for($i=0;$i<$run;$i++)
		{
			$cur_key=$fields_check[$i];
			$message.="<td align=\"left\" valign=\"top\" style=\"white-space:nowrap;\"><b>".$cur_key."</b></td>\n";
		}
		if($send_ip=="yes" && $to=="recipient")
			$message.="<td align=\"left\" valign=\"top\" style=\"white-space:nowrap;\"><b>Sender IP</b></td>\n";
		$message.="</tr>\n";
		$message.="<tr>\n";
		for($i=0;$i<$run;$i++)
		{
			$cur_key=$fields_check[$i];
			$cur_value=$_POST[$cur_key];
			if(is_array($cur_value))
			{
				$cur_value=parseArray($cur_key);
			}
			$cur_value=parseValue($cur_value);
			$message.="<td align=\"left\" valign=\"top\">".nl2br($cur_value)."</td>\n";
		}
		$message.="</tr>\n";
		$message.="<tr>\n";
		if($send_ip=="yes" && $to=="recipient")
		{
			$user_ip=getIP();
			$message.="<td align=\"left\" valign=\"top\">".$user_ip."</td>\n";
		}
		$message.="</tr>\n";
		$message.=htmlFooter();
		return $message;
	}
// build plain text format
	function buildTextTable($fields, $intro, $to, $send_ip)
	{
		$message="";
		if($intro != "")
			$message.=$intro."\n\n";
		$fields_check=preg_split('/,/',$fields);
		$run=sizeof($fields_check);
		for($i=0;$i<$run;$i++)
		{
			$cur_key=$fields_check[$i];
			$cur_value=$_POST[$cur_key];
			if(is_array($cur_value))
			{
				$cur_value=parseArray($cur_key);
			}
			$cur_value=parseValue($cur_value);
			$message.="".$cur_key.": ".$cur_value."\n\n";
		}
		if($send_ip=="yes" && $to=="recipient")
		{
			$user_ip=getIP();
			$message.="Sender IP: ".$user_ip."\n";
		}
		return $message;
	}
// get the proper build fonction
	function buildTable($format, $fields, $intro, $to, $send_ip)
	{
		if($format=="vert_table")
			$message=buildVertTable($fields, $intro, $to, $send_ip);
		else if($format=="horz_table")
			$message=buildHorzTable($fields, $intro, $to, $send_ip);
		else
			$message=buildTextTable($fields, $intro, $to, $send_ip);
		return $message;
	}
// referrer checking security option
	function checkReferer()
	{
		if($check_referrer=="yes")
		{
			$ref_check=preg_split('/,/',$referring_domains);
			$ref_run=sizeof($ref_check);
			$referer=$_SERVER['HTTP_REFERER'];
			$domain_chk="no";
			for($i=0;$i<$ref_run;$i++)
			{
				$cur_domain=$ref_check[$i];
				if(stristr($referer,$cur_domain)){$domain_chk="yes";}
			}
		}
		else
		{
			$domain_chk="yes";
		}
		return $domain_chk;
	}
// checking required fields and email fields
	function checkFields($text_fields, $email_fields)
	{
		$error_message="";
		if($text_fields != "")
		{
			$req_check=preg_split('/,/',$text_fields);
			$req_run=sizeof($req_check);
			for($i=0;$i<$req_run;$i++)
			{
				$cur_field_name=$req_check[$i];
				$cur_field=$_POST[$cur_field_name];
				if($cur_field=="")
				{
					$error_message.="<li>You are missing the <b>".$req_check[$i]."</b> field</li>\n";
				}
			}
		}
		if($email_fields != "")
		{
			$email_check=preg_split('/,/',$email_fields);
			$email_run=sizeof($email_check);
			for($i=0;$i<$email_run;$i++)
			{
				$cur_email_name=$email_check[$i];
				$cur_email=$_POST[$cur_email_name];
				if($cur_email=="" || !eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,6}$",$cur_email))
				{
					$error_message.="<li>You are missing the <b>".$email_check[$i]."</b> field or it is not a valid email address.</li>\n";
				}
			}
		}
		return $error_message;
	}
// attachment function
	function getAttachments($attachment_fields, $message, $content_type, $border)
	{
		$att_message="This is a multi-part message in MIME format.\n\n";
		$att_message.="--{$border}\n";
		$att_message.=$content_type."\n";
		$att_message.="Content-Transfer-Encoding: 7bit\n\n";
		$att_message.=$message."\n\n";
		
		$att_check=preg_split('/,/',$attachment_fields);
		$att_run=sizeof($att_check);
		for($i=0;$i<$att_run;$i++)
		{
			$fileatt=$_FILES[$att_check[$i]]['tmp_name'];
			$fileatt_name=$_FILES[$att_check[$i]]['name'];
			$fileatt_type=$_FILES[$att_check[$i]]['type'];
			if (is_uploaded_file($fileatt))
			{ 
				$file=fopen($fileatt,'rb');
				$data=fread($file,filesize($fileatt)); 
				fclose($file);
				$data=chunk_split(base64_encode($data));
				$att_message.="--{$border}\n";
				$att_message.="Content-Type: {$fileatt_type}; name=\"{$fileatt_name}\"\n";
				$att_message.="Content-Disposition: attachment; filename=\"{$fileatt_name}\"\n";
				$att_message.="Content-Transfer-Encoding: base64\n\n".$data."\n\n"; 
			}
		}
		$att_message.="--{$border}--\n";
		return $att_message;
	}
// function to set content type
	function contentType($charset, $format)
	{
		if($format=="vert_table")
			$content_type="Content-type: text/html; charset=\"".$charset."\"\n";
		else if($format=="horz_table")
			$content_type="Content-type: text/html; charset=\"".$charset."\"\n";
		else
			$content_type="Content-type: text/plain; charset=\"".$charset."\"\n";
		return $content_type;
	}
//////////////////////////
// end global functions //
//////////////////////////

////////////////////////////////
// begin procedural scripting //
////////////////////////////////
	$domain_chk=checkReferer();
	if($domain_chk=="yes")
	{
		$error_message=checkFields($required_fields[$config], $required_email_fields[$config]);
		if($error_message=="")
		{
// build appropriate message format for recipient
			$content_type=contentType($charset[$config], $mail_type[$config]);
			$message=buildTable($mail_type[$config], $mail_fields[$config], $mail_intro[$config], "recipient", $return_ip[$config]);
// build header data for recipient message
			if($_POST[$reply_to_name]!="")
				$extra="From: ".$_POST[$reply_to_name]." <".$_POST[$reply_to_field].">\n";
			else
				$extra="From: ".$_POST[$reply_to_field]."\n";
			if($cc_tomail[$config]!="")
				$extra.="Cc: ".$cc_tomail[$config]."\n";
			if($bcc_tomail[$config]!="")
				$extra.="Bcc: ".$bcc_tomail[$config]."\n";
			$extra.="X-Priority: ".$mail_priority[$config]."\n";
// get attachments if necessary
			if($attachment_fields[$config]!="")
			{
				$semi_rand=md5(time());
				$border="==Multipart_Boundary_x{$semi_rand}x";
				$extra.="MIME-Version: 1.0\n";
				$extra.="Content-Type: multipart/mixed; boundary=\"{$border}\"";
				$message=getAttachments($attachment_fields[$config], $message, $content_type, $border);
			}
			else
			{
				$extra.="MIME-Version: 1.0\n".$content_type;
			}
// send recipient email
			mail("".$tomail[$config]."", "".stripslashes($subject[$config])."", "".stripslashes($message)."", "$extra");
// autoresponse email if necessary
			if($send_copy[$config]=="yes")
			{
// build appropriate message format for autoresponse
				$content_type=contentType($charset[$config], $send_copy_format[$config]);
				$message=buildTable($send_copy_format[$config], $send_copy_fields[$config], $copy_intro[$config], "autoresponder", $return_ip[$config]);
// build header data for autoresponse
				$copy_tomail=$_POST[$copy_tomail_field];
				$copy_extra="From: ".$copy_from[$config]."\n";
// get autoresponse  attachments if necessary
				if($send_copy_attachment_fields[$config]!="")
				{
					$semi_rand=md5(time());
					$border="==Multipart_Boundary_x{$semi_rand}x";
					$copy_extra.="MIME-Version: 1.0\n";
					$copy_extra.="Content-Type: multipart/mixed; boundary=\"{$border}\"";
					$message=getAttachments($send_copy_attachment_fields[$config], $message, $content_type, $border);
				}
				else
				{
					$copy_extra.="MIME-Version: 1.0\n".$content_type;
				}
// send autoresponse email
				mail("$copy_tomail", "".$copy_subject[$config]."", "$message", "$copy_extra");
			}
// showing thanks pages from a successful submission
			if($thanks_page[$config]=="")
			{
				echo "<p>$thanks_page_title</p>\n";
				echo "<p>$thanks_page_text</p>\n";
			}
			else
			{
				header("Location: ".$thanks_page[$config]);
			}
		}
		else
		{
// entering error page options from missing required fields
			if($error_page[$config]=="")
			{
				echo "<p>$error_page_title</p>\n";
				echo "<ul>\n";
				echo $error_message;
				echo "</ul>\n";
				echo "<p>$error_page_text</p>\n";
			}
			else
			{
				header("Location: ".$error_page[$config]);
			}
		}
	}
	else
	{
// message if unauthorized domain trigger from referer checking option
		echo "<p>Sorry, mailing request came from an unauthorized domain.</p>\n";
	}
//////////////////////////////
// end procedural scripting //
//////////////////////////////

}
else
{
	echo "<p>Error</p>";
	echo "<p>No form data has been sent to the script</p>\n";
}
if($footer[$config]!="")
	include($footer[$config]);
ob_end_flush();
?>