INDUS Institute of Management & Technology

success): // echo "aa"; //contact form submission code $id = $_POST['id']; $actiontype = $_POST['process']; $email=$_POST['email']; $name=$_POST['name']; $contact=$_POST['contact']; $enquiry=$_POST['enquiry']; $cur_date=date('Y-m-d'); $ip_address=$_SERVER['REMOTE_ADDR']; $sql_check_session = "SELECT ip_address,cur_date from contact where ip_address = '".$ip_address."' and DATE_FORMAT(cur_date, '%Y-%m-%d') = '".$cur_date."'"; $result_check_session = mysql_query($sql_check_session); $rs_check_session = mysql_fetch_array($result_check_session); //echo $sql_check_session; $badWords = array('select','delete','insert','update','alter','truncate','drop','create','analyze','audit','grant','purge','rename','rehope','explain','href','script','javascript','server','localhost','mysql','database','sql','query','123456','1=1','hack','hacked','laguna','Laguna'); foreach ($badWords as $badWord) { if (preg_match("/\b$badWord\b/", $email) || preg_match("/\b$badWord\b/", $name) || preg_match("/\b$badWord\b/", $contact) || preg_match("/\b$badWord\b/", $city) || preg_match("/\b$badWord\b/", $enquiry)) { $noBadWordsFound = 1; //echo "abc"; break; } else { $noBadWordsFound = 0; //echo "efd"; } } if($noBadWordsFound == '1' || ($rs_check_session!="" || ($email != strip_tags($email) || $name != strip_tags($name) || $contact != strip_tags($contact) || $enquiry != strip_tags($enquiry))) || !preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { header("location:http://iitmkanpur.ac.in/"); //echo "same session"; } else { if($email!="") { if($actiontype="Add") { $sql="insert into contact(name,email,contact,enquiry,ip_address,cur_date) values('$name','$email','$contact','$enquiry','$ip_address','$cur_date') "; $result=mysql_query($sql) or die("error" .mysql_error()); $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= "From: feedback@iitmkanpur.ac.in\r\n"; $headers .= "Reply-To: $email \r\n"; $headers .= "X-Mailer: PHP/" . phpversion() . "\n"; $headers .= "X-Priority: 1"; $message= "Name: $name
Email Address: $email
Contact: $contact
Enquiry: $enquiry"; // echo $message; mail("info@wtllp.co.in", "Enquiry Through iitmkanpur.ac.in", $message,$headers ); mail("info@iitmkanpur.ac.in", "Enquiry Through iitmkanpur.ac.in", $message,$headers );// for testing spam header( "Location:thanks.php" ); } } } $succMsg = 'Your contact request have submitted successfully.'; else: $errMsg = 'Robot verification failed, please try again.'; endif; else: $errMsg = 'Please click on the reCAPTCHA box.'; endif; else: $errMsg = ''; $succMsg = ''; endif; ?> INDUS Institute of Management & Technology