<?php

// Author: Inaki Ecenarro / WeblogsSL

require_once 'classes/PostGenericAction.php';

class ContactForm extends PostGenericAction {

    var $default_context = LP_CONTEXT_STATIC; 
    
    var $description = 'Displays a contact form on a static page. Use the {PLUGIN_CONTACTFORM} template tag to show it in a page.';
    
    var $constructor_args = array(
        'email_to'          => 'Email address to send the form to',
        'mail_subject'      => 'Subject to use for the contact email',
        // 'captcha'           =>  'Do you want to use a captcha to avoid spam?',
        );

    // options
    var $email_to = 'emailto@domain.com';
    var $mail_subject = 'mail from contact';
    var $captcha = 1;
    
    var $active = true;
    
    var $hooks = array('parse_post');
    
    var $_actions = array('send_comment', 'notify_post');

    function ContactForm(&$frontend, $args, $dummy_run=false) {
        $this->PostGenericAction($frontend, $args, $dummy_run);
    }
    
    function run($hook, &$post) {
        
        $tpl =& $this->_frontend->tpl;
        $action =& $this->_action;
        
        if (isset($_GET['sent']) && $_GET['sent'] == 1 ) {
            
            $tpl->setFile('PLUGIN_CONTACTFORM', 'plugins/contact_form_sent.xml');
            $tpl->parse('PLUGIN_CONTACTFORM', 'PLUGIN_CONTACTFORM');
            
        } else {
            
            $messages =& $this->_frontend->messages;
            $options =& $this->_frontend->options;
            
            $this->_bootstrap($post, $messages['comment_form_message']);   // **IE** what is this?
            
            $message =& $this->_message;
            $message_class =& $this->_message_class;
            $user_data =& $this->_user_data;
            $labels =& $this->_labels;
            // check user IP
            $ip = $_SERVER['REMOTE_ADDR'];

            $rbls = array(
                'bl.blbl.org', // blacklist Wordpress
                'bsb.spamlookup.net', // blacklist MT
                'opm.blitzed.org', // blacklist open proxies
            );

            $found = false;

            if (preg_match('/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/', $ip, $matches)) {
                foreach ($rbls as $rbl) {
                    $rblhost = $matches[4] . '.' . $matches[3] . '.' . $matches[2] . '.' . $matches[1] . '.' . $rbl.'.';
                    $resolved = gethostbyname($rblhost);
                    if ($resolved != $rblhost) {
                        die;
                    }
                }
            }
            
            // check user submitted data
            $empty_fields = array();
            foreach (array('name', 'email', 'text' ) as $key) {
                if (empty($user_data["ud_$key"]))
                    $empty_fields[] = $key;
            }

	        // before we go ahead, lets do some checking for email injection
	        // we are just dying here, that's not very pretty, but a right punishment
            $sender_name = urldecode($this->_user_data['ud_name']);
	        if (!empty($sender_name) && eregi("\r",$sender_name)){
	            die();
	        }

            $sender_email = urldecode($this->_user_data['ud_email']);
            if (!empty($sender_email) && !eregi("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$",$sender_email)) {
	            die();
	        }

            // basic email regexp check
            if (!empty($user_data['ud_email']) && !preg_match('/[^@]+@[^.]+\.[^.]+/', $user_data['ud_email']))
                $empty_fields[] = 'email';
            
            if (count($empty_fields) == 0) {
                // no errors, let's send message
                $mh =& $this->_frontend->getMailHelper();
                $shortname = $mh->htent2qp($options['shortname']);
                $shortname_hdr = $mh->encoded2hdr($options['shortname']);
                $tpl->setVar(array(
                    'contact_name'          => $mh->htent2qp($user_data['ud_name']),
                    'contact_email'         => $mh->htent2qp($user_data['ud_email']),
                    'contact_message'       => $mh->htent2qp(wordwrap(strip_tags($user_data['ud_text']), 75, "\r\n")),
                    'contact_date'          => date( "d-m-Y H:i:s" ),
                    'contact_ip'            => $_SERVER['REMOTE_ADDR']
                    )); 
                $headers = array(
                    'Content-Type: text/plain; charset="' . $options['charset'] . '"',
                    'MIME-Version: 1.0',
                    'Content-Transfer-Encoding: quoted-printable',
                    'From: "' . $mh->encoded2hdr($user_data['ud_name'], $options['charset']) . '" <' . $user_data['ud_email'] . '>');
                $tpl->setFile('PLUGIN_CONTACTFORM', 'plugins/contact_form.txt');
                $mh->send_mail(
                    $this->email_to,
                    "[$shortname_hdr] " . $mh->encoded2hdr($this->mail_subject),
                    $tpl->parse('PLUGIN_CONTACTFORM', 'PLUGIN_CONTACTFORM'),
                    implode("\r\n", $headers));
                if (isset($_SERVER['HTTPS'])) {
                    $location = "https://{$_SERVER['HTTP_HOST']}";
                    $port = '443';
                } else {
                    $location = "http://{$_SERVER['HTTP_HOST']}";
                    $port = 80;
                }
                if ($_SERVER['SERVER_PORT'] != $port)
                    $location .= ":{$_SERVER['SERVER_PORT']}";
                header("Location: $location{$_SERVER['REQUEST_URI']}?sent=1" );
            } else {
                if ($action == 'send_comment') {
                    // we have errors, let's set warnings and hide comment stuff
                    foreach ($empty_fields as $empty_field)
                        $user_data["ud_label_$empty_field"] = "warning";
                    $message_class = 'comment_form_warning';
                }
                $tpl->setVar($user_data);
                $tpl->setVar(array(
                    'comment_form_message'          => $message,
                    'comment_form_message_class'    => $message_class));
                $tpl->setFile('PLUGIN_CONTACTFORM', 'plugins/contact_form.xml');
                $tpl->parse('PLUGIN_CONTACTFORM', 'PLUGIN_CONTACTFORM');
            }
        }
    }
}

?>