Subject = stripslashes($subject);
$mail->From = $mailfrom;
$mail->FromName = $mailfrom;
$mailto_array = explode(",", $mailto);
for ($i = 0; $i < count($mailto_array); $i++)
{
if(trim($mailto_array[$i]) != "")
{
$mail->AddAddress($mailto_array[$i], "");
}
}
if (!validateEmail($mailfrom))
{
$error .= "The specified email address (" . $mailfrom . ") is invalid!\n
";
throw new Exception($error);
}
$mail->AddReplyTo($mailfrom);
$message .= $eol;
$message .= "IP Address : ";
$message .= $_SERVER['REMOTE_ADDR'];
$message .= $eol;
foreach ($_POST as $key => $value)
{
if (!in_array(strtolower($key), $internalfields))
{
if (is_array($value))
{
$message .= ucwords(str_replace("_", " ", $key)) . " : " . implode(",", $value) . $eol;
}
else
{
$message .= ucwords(str_replace("_", " ", $key)) . " : " . $value . $eol;
}
}
}
$mail->CharSet = 'UTF-8';
if (!empty($_FILES))
{
foreach ($_FILES as $key => $value)
{
if (is_array($_FILES[$key]['name']))
{
$count = count($_FILES[$key]['name']);
for ($file = 0; $file < $count; $file++)
{
if ($_FILES[$key]['error'][$file] == 0)
{
$mail->AddAttachment($_FILES[$key]['tmp_name'][$file], $_FILES[$key]['name'][$file]);
}
}
}
else
{
if ($_FILES[$key]['error'] == 0)
{
$mail->AddAttachment($_FILES[$key]['tmp_name'], $_FILES[$key]['name']);
}
}
}
}
$mail->WordWrap = 80;
$mail->Body = $message;
$mail->Send();
$search = array("ä", "Ä", "ö", "Ö", "ü", "Ü", "ß", "!", "§", "$", "%", "&", "/", "\x00", "^", "°", "\x1a", "-", "\"", " ", "\\", "\0", "\x0B", "\t", "\n", "\r", "(", ")", "=", "?", "`", "*", "'", ":", ";", ">", "<", "{", "}", "[", "]", "~", "²", "³", "~", "µ", "@", "|", "<", "+", "#", ".", "´", "+", ",");
$replace = array("ae", "Ae", "oe", "Oe", "ue", "Ue", "ss");
foreach($_POST as $name=>$value)
{
$name = str_replace($search, $replace, $name);
$name = strtoupper($name);
if (is_array($value))
{
$form_data[$name] = implode(",", $value);
}
else
{
$form_data[$name] = $value;
}
}
$db = mysqli_connect($mysql_server, $mysql_username, $mysql_password) or die('Failed to connect to database server!
'.mysqli_error($db));
mysqli_query($db, "CREATE DATABASE IF NOT EXISTS $mysql_database");
mysqli_select_db($db, $mysql_database) or die('Failed to select database
'.mysqli_error($db));
mysqli_query($db, "CREATE TABLE IF NOT EXISTS $mysql_table (ID int(9) NOT NULL auto_increment, PRIMARY KEY (id))");
addColumnIfNotExists($db, $mysql_table, 'DATESTAMP', 'DATE');
addColumnIfNotExists($db, $mysql_table, 'TIME', 'VARCHAR(8)');
addColumnIfNotExists($db, $mysql_table, 'IP', 'VARCHAR(15)');
addColumnIfNotExists($db, $mysql_table, 'BROWSER', 'VARCHAR(255)');
foreach($form_data as $name=>$value)
{
addColumnIfNotExists($db, $mysql_table, $name, 'VARCHAR(255)');
}
$stmt = mysqli_prepare($db, "INSERT INTO $mysql_table (`DATESTAMP`, `TIME`, `IP`, `BROWSER`) VALUES (?, ?, ?, ?)");
$datestamp = date("Y-m-d");
$time = date("G:i:s");
$ip = $_SERVER['REMOTE_ADDR'];
$browser = $_SERVER['HTTP_USER_AGENT'];
mysqli_stmt_bind_param($stmt, "ssss", $datestamp, $time, $ip, $browser);
mysqli_stmt_execute($stmt) or die('Failed to insert data into table!
'.mysqli_error($db));
$id = mysqli_insert_id($db);
foreach($form_data as $name=>$value)
{
mysqli_query($db, "UPDATE $mysql_table SET $name='".mysqli_real_escape_string($db, $value)."' WHERE ID=$id") or die('Failed to update table!
'.mysqli_error($db));
}
mysqli_close($db);
header('Location: '.$success_url);
}
catch (Exception $e)
{
$errorcode = file_get_contents($error_url);
$replace = "##error##";
$errorcode = str_replace($replace, $e->getMessage(), $errorcode);
echo $errorcode;
}
exit;
}
?>