kcrwfrd/submit.php

## submit.php
<?php
/**
 * FormTools Spam Honeypot
 *
 * Use in conjunction with a form field like
 * <input type="text" id="url_2" name="url_2" />
 * And then hide the field using CSS. If the field gets filled out,
 * then it was a spam bot that did it, and we can ignore the submission.
 * Otherwise, we use cURL to send the submission on to our FormTools application
 * at http://forms.epraxa2.com
 *
 * At the same time, we can optionally do some server-side validation
 */
	$processor_url = 'http://forms.epxhost.com/process.php';
	$hasErrors = false;
	$errors = array();


	// Check if name, email and message are filled out.
	if(empty($_POST) || !isset($_POST)){
		$hasErrors	= true;
		$errors[]	= 'No Post Made';
	} else {
		foreach($_POST as $key => $field) {
			if($key == 'email' && !(filter_var($field, FILTER_VALIDATE_EMAIL))){
				$hasErrors = true;
				$errors[] = 'Please enter a valid email address.';
			}
		}
	}

	if(!empty($errors)){
		foreach($errors as $error){
			echo '<p style="text-align:center; background:#900; color:#fff; padding:20px; margin:50px 100px;">'.$error.'</p>';
		}
		echo '<p style="text-align:center;"><a href="../" style="color:#900;">&laquo; Back to Form</a></p>';
		die();
	} else {
		$hasErrors = false;
	}


	// url_2 is a HIDDEN dummy field
	// If this is filled out, it's spam, proceed if it's empty...
	if(empty($_POST["url_2"]) && $hasErrors == false)
	{
		// Traverse POST Data array and/or nested arrays
		foreach($_POST as $key => $value){
			if (is_array($value)){
				$value = implode(", ", $value);
			}
			$post_items[] = $key . "=" . $value;
		}
		// And turn it into a string
		$post_string = implode("&", $post_items);

		// Initiate cURL
		$c = curl_init($processor_url);

		//curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30); // 30 second timeout
		curl_setopt($c, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");
		curl_setopt($c, CURLOPT_HEADER, true); // Include header in the output
		curl_setopt($c, CURLOPT_RETURNTRANSFER, true); // Return output of request instead of displaying it
		//curl_setopt($c, CURLOPT_NOBODY, true); // Exclude body from the output
		curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false); // No SSL
		curl_setopt($c, CURLOPT_POST, true); // Set to http POST

		// Set data to be posted
		curl_setopt($c, CURLOPT_POSTFIELDS, $post_string);

		// Post it & close connection
		$result = curl_exec($c);
		$info = curl_getinfo($c);
		curl_close($c);

		if($info['http_code'] == 302) // Redirect
		{
			$protocol = (strpos($result, 'http://') !== false) ? 'http://' : 'https://';

			$redirect = explode(" ", substr($result, strpos($result, $protocol)));
			$redirect = explode("\r\n", $redirect[0]);
			$redirect = $redirect[0];

			header("Location: $redirect");

		} else // No redirect
		{
			echo "Submission received.";
		}
	} else
	{
		// Spam!
	}

?>
	<?php
	/**
	* FormTools Spam Honeypot
	*
	* Use in conjunction with a form field like
	* <input type="text" id="url_2" name="url_2" />
	* And then hide the field using CSS. If the field gets filled out,
	* then it was a spam bot that did it, and we can ignore the submission.
	* Otherwise, we use cURL to send the submission on to our FormTools application
	* at http://forms.epraxa2.com
	*
	* At the same time, we can optionally do some server-side validation
	*/
	$processor_url = 'http://forms.epxhost.com/process.php';
	$hasErrors = false;
	$errors = array();


	// Check if name, email and message are filled out.
	if(empty($_POST) \|\| !isset($_POST)){
	$hasErrors = true;
	$errors[] = 'No Post Made';
	} else {
	foreach($_POST as $key => $field) {
	if($key == 'email' && !(filter_var($field, FILTER_VALIDATE_EMAIL))){
	$hasErrors = true;
	$errors[] = 'Please enter a valid email address.';
	}
	}
	}

	if(!empty($errors)){
	foreach($errors as $error){
	echo '<p style="text-align:center; background:#900; color:#fff; padding:20px; margin:50px 100px;">'.$error.'</p>';
	}
	echo '<p style="text-align:center;"><a href="../" style="color:#900;">« Back to Form</a></p>';
	die();
	} else {
	$hasErrors = false;
	}


	// url_2 is a HIDDEN dummy field
	// If this is filled out, it's spam, proceed if it's empty...
	if(empty($_POST["url_2"]) && $hasErrors == false)
	{
	// Traverse POST Data array and/or nested arrays
	foreach($_POST as $key => $value){
	if (is_array($value)){
	$value = implode(", ", $value);
	}
	$post_items[] = $key . "=" . $value;
	}
	// And turn it into a string
	$post_string = implode("&", $post_items);

	// Initiate cURL
	$c = curl_init($processor_url);

	//curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 30); // 30 second timeout
	curl_setopt($c, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20100101 Firefox/6.0.2");
	curl_setopt($c, CURLOPT_HEADER, true); // Include header in the output
	curl_setopt($c, CURLOPT_RETURNTRANSFER, true); // Return output of request instead of displaying it
	//curl_setopt($c, CURLOPT_NOBODY, true); // Exclude body from the output
	curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false); // No SSL
	curl_setopt($c, CURLOPT_POST, true); // Set to http POST

	// Set data to be posted
	curl_setopt($c, CURLOPT_POSTFIELDS, $post_string);

	// Post it & close connection
	$result = curl_exec($c);
	$info = curl_getinfo($c);
	curl_close($c);

	if($info['http_code'] == 302) // Redirect
	{
	$protocol = (strpos($result, 'http://') !== false) ? 'http://' : 'https://';

	$redirect = explode(" ", substr($result, strpos($result, $protocol)));
	$redirect = explode("\r\n", $redirect[0]);
	$redirect = $redirect[0];

	header("Location: $redirect");

	} else // No redirect
	{
	echo "Submission received.";
	}
	} else
	{
	// Spam!
	}

	?>