Created
September 10, 2018 13:10
-
-
Save mattcovarr/8b8ea127a0fb01501fff929a831694a9 to your computer and use it in GitHub Desktop.
Feedbackform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
global $errorStrings; | |
global $errors; | |
// CONFIG | |
// Redirect pages | |
$successPage = "patient-survey-submitted.html"; // Relative path for page to redirect to on success | |
$errorPage = "patient-survey-submitted.html"; // Relative path for page to redirect to on error, error numbers will be in a GET variable | |
$recipient = "info@medicalforumtheatre.co.za"; // Address to deliver form to | |
$subject = "Patient Survey from www.medicalforumtheatre.co.za"; // Subject of the E-Mail | |
$from = "info@medicalforumtheatre.co.za"; // From address if server requires it or if E-Mail address is optional | |
$name = "Medical fourm theatre"; // The name of the sender, if required | |
$useRecipientList = "0"; // Should the recipient be matched against options? | |
$recipientList = array( | |
); | |
// Server | |
$allowsOtherDomains = TRUE; | |
// Variables | |
$input_vars = array( | |
'Procedure' => array( | |
'title' => 'Procedure', | |
'required' => '0' | |
), | |
'Age_category' => array( | |
'title' => 'Age_category', | |
'required' => '0' | |
), | |
'Gender' => array( | |
'title' => 'Gender', | |
'required' => '0' | |
), | |
'Nursing_staff_courtesy' => array( | |
'title' => 'Nursing_staff_courtesy', | |
'required' => '0' | |
), | |
'Pre_procedure_information' => array( | |
'title' => 'Pre_procedure_information', | |
'required' => '0' | |
), | |
'Admissions_process' => array( | |
'title' => 'Admissions_process', | |
'required' => '0' | |
), | |
'Patient_privacy' => array( | |
'title' => 'Patient_privacy', | |
'required' => '0' | |
), | |
'Nursing_staff_responsiveness' => array( | |
'title' => 'Nursing_staff_responsiveness', | |
'required' => '0' | |
), | |
'Admin_staff_responsiveness' => array( | |
'title' => 'Admin_staff_responsiveness', | |
'required' => '0' | |
), | |
'Waiting_time_in_waiting_area' => array( | |
'title' => 'Waiting_time_in_waiting_area', | |
'required' => '0' | |
), | |
'Waiting_time_in_ward' => array( | |
'title' => 'Waiting_time_in_ward', | |
'required' => '0' | |
), | |
'Level_of_cleanliness_wards' => array( | |
'title' => 'Level_of_cleanliness_wards', | |
'required' => '0' | |
), | |
'comments' => array( | |
'title' => 'comments', | |
'required' => '0' | |
), | |
'Name' => array( | |
'title' => 'Name', | |
'required' => '0' | |
), | |
'Surname' => array( | |
'title' => 'Surname', | |
'required' => '0' | |
), | |
'Level_of_cleanliness_waiting_area' => array( | |
'title' => 'Level_of_cleanliness_waiting_area', | |
'required' => '0' | |
), | |
'Noise_level_and_comfort' => array( | |
'title' => 'Noise_level_and_comfort', | |
'required' => '0' | |
), | |
'Pain_controlled' => array( | |
'title' => 'Pain_controlled', | |
'required' => '0' | |
), | |
'Medication_explained' => array( | |
'title' => 'Medication_explained', | |
'required' => '0' | |
), | |
'Recommendation' => array( | |
'title' => 'Recommendation', | |
'required' => '0' | |
) | |
); | |
// Error strings | |
$errorStrings = array( | |
0 => 'Undefined error', | |
1 => 'No form submitted', | |
2 => 'Invalid E-Mail address', | |
3 => 'E-Mail could not be delivered', | |
4 => 'sendForm22846', // No real error message for this | |
); | |
// FUNCTIONS | |
// void appendError(int $errorNum [, string $errorString]) | |
// Append error for processing at the end | |
function appendError($errorNum, $errorString = NULL) | |
{ | |
global $errorStrings; | |
global $errors; | |
global $customErrorNum; | |
if (!$errors) | |
$errors = array(); | |
if (!$customErrorNum) | |
$customErrorNum = 0; | |
if ($errorNum > 0 && array_key_exists($errorNum, $errorStrings)) | |
$message = $errorStrings[$errorNum]; | |
elseif ($errorString) | |
$message = $errorString; | |
else | |
$message = $errorStrings[0]; | |
if ($errorNum == 0) | |
{ | |
$errors["c$customErrorNum"] = $message; | |
$customErrorNum++; | |
} | |
else | |
{ | |
$errors[$errorNum] = $message; | |
} | |
} | |
// PROCESSING | |
// Input | |
// Determine if a form has been submitted and whether it was via POST or GET | |
$input_type = INPUT_POST; | |
if ($_SERVER['REQUEST_METHOD'] === 'POST') | |
$input_type = INPUT_POST; | |
elseif ($_SERVER['REQUEST_METHOD'] === 'GET') | |
$input_type = INPUT_GET; | |
else | |
appendError(1); | |
// Are we in safe mode? | |
$safeMode = ini_get('safe_mode'); | |
// safe_mode can be 'On' or true | |
$safeMode = ($safeMode == 'On' || $safeMode == true); | |
$recipientId = 0; | |
// Before we go anywhere, was the form submitted by a human? | |
if (($input_type == INPUT_POST && !empty($_POST['sendForm22846']) || | |
($input_type == INPUT_GET && !empty($_GET['sendForm22846'])))) | |
{ | |
// Probably not | |
appendError(4); | |
} | |
if (!$errors) | |
{ | |
$firstName = false; | |
$surname = false; | |
$parameters = ""; | |
// A form has been submitted, iterate over the expected fields to | |
// produce a message body | |
$emailBody = ''; | |
foreach($input_vars as $key => $var) | |
{ | |
$field = NULL; | |
if (filter_has_var($input_type, $key) && ($input_type == INPUT_POST ? !empty($_POST[$key]) : !empty($_GET[$key]))) | |
{ | |
// If the field exists and isn't empty, sanitize the contents for security | |
if (array_key_exists('filter', $var)) | |
{ | |
switch ($var['filter']) | |
{ | |
case 'email': | |
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_EMAIL); | |
if (filter_input($input_type, $key, FILTER_VALIDATE_EMAIL)) | |
{ | |
$field = $sanitized; | |
if ($var['type'] == 'recipient') | |
{ | |
$recipient = $field; | |
$field = ''; | |
} | |
elseif ($var['type'] == 'from' && $allowsOtherDomains) | |
$from = $field; | |
} | |
else | |
appendError(2); | |
break; | |
case 'integer': | |
$sanitized = filter_input($input_type, $key, FILTER_SANITIZE_NUMBER_INT); | |
if (!empty($sanitized)) | |
{ | |
if ($var['type'] == 'recipient') | |
$recipientId = $sanitized; | |
else | |
$field = $sanitized; | |
} | |
break; | |
default: | |
$field = filter_input($input_type, $key, FILTER_SANITIZE_MAGIC_QUOTES); | |
} | |
} | |
else | |
{ | |
$group = filter_input(INPUT_POST, $key, FILTER_SANITIZE_MAGIC_QUOTES, FILTER_REQUIRE_ARRAY); | |
if(is_Array($group)) | |
{ | |
for($i = 0; $i < count($group); $i++) | |
{ | |
$field .= "$group[$i]"; | |
if($group[$i+1]) | |
$field .= ", "; | |
} | |
if(count($group) > 1) | |
$field = "[$field]"; | |
} | |
else | |
$field = filter_input($input_type, "$key", FILTER_SANITIZE_MAGIC_QUOTES); | |
} | |
if ($field && array_key_exists('type', $var)) | |
{ | |
if ($var['type'] == 'firstName') | |
{ | |
$firstName = $field; | |
} | |
elseif ($var['type'] == 'surname') | |
{ | |
$surname = $field; | |
} | |
elseif ($var['type'] == 'subject') | |
{ | |
$subject = $field; | |
continue; | |
} | |
} | |
} | |
elseif (array_key_exists('required', $var) && $var['required']) | |
{ | |
// The field doesn't exist or is empty but is required | |
appendError(0, "$key is a required field"); | |
} | |
if ($field) | |
{ | |
// Add the field to the message body | |
$emailBody .= $var['title'] . ": $field\n"; | |
} | |
} | |
} | |
// Sending | |
if (!$errors) | |
{ | |
// If we haven't had any errors up to this point, try to send the E-Mail | |
if ($firstName || $surname) | |
{ | |
if ($firstName && $surname) | |
$name = $firstName . " " . $surname; | |
elseif ($firstName) | |
$name = $firstName; | |
else | |
$name = $surname; | |
} | |
if ($useRecipientList && isset($recipientList)) | |
if (count($recipientList) > $recipientId && $recipientId >= 0) | |
$recipient = $recipientList[$recipientId]; | |
$headers = 'MIME-Version: 1.0' . "\r\n" . 'Content-type: text/plain; charset=UTF-8' . "\r\n"; | |
if ($name) | |
$fromHeader = "From: \"$name\" <$from>\r\n"; | |
else | |
$fromHeader = "From: $from\r\n"; | |
if (!$allowsOtherDomains) | |
$parameters = "-f$from"; | |
if ($safeMode) | |
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader); | |
else | |
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters); | |
if (!$mailSuccess) | |
{ | |
// Attempt to send from an address of the same domain as the server | |
if ($name) | |
$fromHeader = "From: \"$name\" <no-reply@" . $_SERVER['HTTP_HOST'] . ">\r\n"; | |
else | |
$fromHeader = "From: no-reply@" . $_SERVER['HTTP_HOST'] . "\r\n"; | |
if ($safeMode) | |
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader); | |
else | |
$mailSuccess = mail($recipient, $subject, "$emailBody", $headers . $fromHeader, $parameters); | |
if(!$mailSuccess) | |
appendError(3); | |
} | |
} | |
// Finishing up | |
$host = $_SERVER['HTTP_HOST']; | |
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); | |
if ((substr($errorPage, 0, 7) != 'http://') && (substr($errorPage, 0, 8) != 'https://')) | |
{ | |
if (strpos($errorPage, "/") === 0) | |
$errorPage = "http://$host$errorPage"; | |
else | |
$errorPage = "http://$host$uri/$errorPage"; | |
} | |
if ((substr($successPage, 0, 7) != 'http://') && (substr($successPage, 0, 8) != 'https://')) | |
{ | |
if (strpos($successPage, "/") === 0) | |
$successPage = "http://$host$successPage"; | |
else | |
$successPage = "http://$host$uri/$successPage"; | |
} | |
// If we have errors but the spam trap error is present, we pretend that we succeeded | |
if ($errors && !array_key_exists(4, $errors)) | |
{ | |
// We encountered errors so the E-Mail must not have been sent | |
$errorsUrlString = urlencode(implode(",", $errors)); | |
header("Location: $errorPage?$errorsUrlString"); | |
} | |
else | |
{ | |
// E-Mail has been successfully accepted for delivery. This doesn't mean it will reach the | |
// destination but that is out of our control now so all we can do is hope for the best | |
header("Location: $successPage"); | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment