Amy’s Kitchen, Natural and Organic Foods

decrease text size increase text size

webhost; $ecards_dir = 'http://'. $host .'/community/ecard-view/'; $clean = array(); // clean filtered input data $html = array(); // escaped html output /** * ------------------------------------------------- * handle the post * ------------------------------------------------- */ if ($_SERVER['REQUEST_METHOD'] == 'POST' and isset($_POST['Submit']) and $_POST['Submit'] == "Submit") { //Begin Error Checking $error = false; $html['error_message'] = "Please Fill In The Following:
\n"; // NAME if ($_POST['name'] == '') { //If the name field is blank $error = true; $html['error_message'] .= "-A Name
\n"; //Notice the (.=), this means that the following string is appended onto the existing string. } else { $clean['name'] = stripslashes($_POST['name']); } // FRIENDEMAIL if ($_POST['friendEmail'] == '') { $error = true; $html['error_message'] .= "-Your Friend's Email
\n"; } else if (! ereg ( "@..", $_POST['friendEmail'] )) { //Checks for the existance of an @ symbol and a . symbol, in that order. Notice the (!), which means NOT. $error = true; $html['error_message'] .= "-A Valid Friend's Email
\n"; } else { $clean['friendEmail'] = stripslashes($_POST['friendEmail']); } //----------------------- Add defaults $clean['name'] = (isset($_POST['name'])) ? strip_tags($_POST['name']) : "a Friend"; $clean['friendName'] = (isset($_POST['friendName'])) ? strip_tags($_POST['friendName']) : ""; $clean['email'] = (isset($_POST['email']) and (ereg ( "@..", $_POST['friendEmail'] ))) ? $_POST['email'] : "no-reply@amys.com"; $clean['type'] = (isset($_POST['type'])) ? $_POST['type'] : "thankyou"; $clean['message'] = (isset($_POST['message'])) ? strip_tags($_POST['message']) : ""; if ($error == false) { //Send Email If No Error //Create Unique Id for Link $chars = array(0=>"a",1=>"b",2=>"c",3=>"d",4=>"e",5=>"f",6=>"g",7=>"h",8=>"i",9=>"j",10=>"k",11=>"l",12=>"m",13=>"n",14=>"o",15=>"p",16=>"q",17=>"r",18=>"s",19=>"t",20=>"u",21=>"v",22=>"w",23=>"x",24=>"y",25=>"z"); $uniqueId = ""; $counter = 0; while ($counter < 15) { $rand = rand(0,2); if ($rand == 0) { $uniqueId .= $chars[rand(0,25)]; } else if ($rand == 1) { $uniqueId .= strtoupper($chars[rand(0,25)]); } else { $uniqueId .= rand(0,9); } $counter++; } //Put Info In Database $db = mysql_connect ( $config->database->params->host, $config->database->params->username, $config->database->params->password ) or die ( "Unable to connect to database." ); mysql_select_db ( $config->database->params->dbname ) or die ( "Unable to select database." ); $insertQuery = "INSERT INTO eCards (cardName,cardEmail,cardFriendName,cardFriendEmail,cardMessage,cardType,cardUniqueId,cardTimestamp) VALUES ('".mysql_escape_string($clean['name'])."','".mysql_escape_string($clean['email'])."','".mysql_escape_string($clean['friendName'])."','".mysql_escape_string($clean['friendEmail'])."','".mysql_escape_string($clean['message'])."','".mysql_escape_string($clean['type'])."','$uniqueId','".time()."')"; $insertResult = mysql_query($insertQuery, $db); $clean['emailMessage'] = "You have recieved an Amy's eCard from " . $clean['name'] . "!\n". "\n". "Click on the following link to view your card!\n". "$ecards_dir$uniqueId"; // SEND TO CUSTOMER CONFIRMATION $mail = new Zend_Mail ( ); $mail->setBodyText ( $clean['emailMessage'] ) ->setFrom ( $clean['email'], $clean['name'] ) ->addTo ( $clean['friendEmail'] ) ->setSubject ( "You have recieved an Amy's eCard from" . $clean['name'] ) ->send (); // DISPLAY THANK YOU echo "

Thank you! Your Email has been delivered.

"; exit; } else { // RETURN THE FORM WITH ERROR TEXT $html['name'] = (isset($clean['name'])) ? htmlentities($clean['name'], ENT_QUOTES, 'UTF-8') : ''; $html['email'] = (isset($clean['email'])) ? htmlentities($clean['email'], ENT_QUOTES, 'UTF-8') : ''; $html['message'] = (isset($clean['message'])) ? htmlentities($clean['message'], ENT_QUOTES, 'UTF-8') : ''; $html['friendEmail'] = (isset($clean['friendEmail'])) ? htmlentities($clean['friendEmail'], ENT_QUOTES, 'UTF-8') : ''; $html['friendName'] = (isset($clean['friendName'])) ? htmlentities($clean['friendName'], ENT_QUOTES, 'UTF-8') : ''; $html['type'] = $clean['type']; displayForm($html); exit; } } else { /** * ------------------------------------------------- * return the form * ------------------------------------------------- */ $html['name'] = ''; $html['email'] = ''; $html['message'] = ''; $html['friendName'] = ''; $html['friendEmail'] = ''; $html['error_message'] = ''; $clean['type'] = (isset($_POST['type'])) ? $_POST['type'] : "thankyou"; $html['type'] = $clean['type']; displayForm($html); exit; } /** * ------------------------------------------------- * general functions * ------------------------------------------------- */ function buildCardType($selvalue) { $cards = array( "0" => array("label" => "Birthday", "value" => "birthday"), "1" => array("label" => "Happy Birthday!", "value" => "birthday2"), "2" => array("label" => "Happy Valentine's Day", "value" => "valentine"), "3" => array("label" => "Congratulations", "value" => "congratulations"), "4" => array("label" => "Get Well Soon", "value" => "getwell"), "5" => array("label" => "Christmas", "value" => "xmas"), "6" => array("label" => "Spring!", "value" => "spring"), "7" => array("label" => "Thinking of You", "value" => "thinking_of_you"), "8" => array("label" => "Hug Attack", "value" => "hug_attack"), "9" => array("label" => "Thank You", "value" => "thankyou"), "10" => array("label" => "Friends", "value" => "friends") ); $options = ""; $count = count($cards); for($i=0; $i < $count; $i++) { $selected = ($cards[$i]['value'] == $selvalue) ? "selected" : ""; $options .= ' '; } return ''; } function displayForm($html) { $type = buildCardType($html['type']); $cardSRC = ($html['type'] == "") ? '/images/uploads/community/ecard_images/ecard_birthday.jpg' : '/images/uploads/community/ecard_images/ecard_'. $html['type'].'.jpg'; echo <<

{$html['error_message']}

eCard Information

Your Name

Your Email

Your Friend's Name

Your Friend's Email

eCard Type

$type

 

Your Message (optional)

 

 

 

END; } ?>

Print Page