$value) $result = preg_replace("/<\/tpl>/", $value, $result); $result = preg_replace("/<\/tpl>/", '', $result); return $result; } function gen_alnum($digits){ $alphabet = '0123456789abcdefghijklmnopqrstuvwxyz'; $ret = ''; for ($digits; $digits > 0; $digits--) { $ret .= substr($alphabet, rand(0,35), 1); } return $ret; } function relay_donation($orderID) { $name = $_POST['name']; $email = $_POST['email']; $amount100 = $_POST['donate'] * 100; $language = $_POST['language']; $lang = substr($language, 0, 2); $PSPID = "40F00871"; $TP = "https://fsfe.org/donate/tmpl-concardis.$lang.html"; $acceptURL = "https://fsfe.org/donate/thankyou.$lang.html"; $cancelURL = "https://fsfe.org/donate/cancel.$lang.html"; $salt = "Only4TestingPurposes"; $shasum = strtoupper(sha1( "ACCEPTURL=$acceptURL$salt". "AMOUNT=$amount100$salt". "CANCELURL=$cancelURL$salt". //"CN=$name$salt". //"COM=Donation$salt". "CURRENCY=EUR$salt". "EMAIL=$email$salt". "LANGUAGE=$language$salt". "ORDERID=$orderID$salt". "PMLISTTYPE=2$salt". "PSPID=$PSPID$salt". "TP=$TP$salt" )); echo eval_xml_template('concardis_relay.en.html', array( 'PSPID' => '', 'orderID' => '', 'amount' => '', //'currency' => '', 'language' => '', //'CN' => '', 'EMAIL' => '', 'TP' => '', //'PMListType' => '', 'accepturl' => '', 'cancelurl' => '', 'SHASign' => '' )); } function send_mail ( $to, $from, $subject, $message, $bcc = NULL, $att = NULL, $att_type = NULL, $att_name = NULL ) { $headers = "From: $from\r\n"; if ( isset( $bcc )) { $headers .= "Bcc: $bcc" . "\r\n"; } $message = nl2br( $message ); if ( $att ) { $eol = PHP_EOL; $separator = md5( time()); $att_f = chunk_split( base64_encode( $att )); $headers .= "MIME-Version: 1.0".$eol; $headers .= "Content-Type: multipart/mixed; boundary=\"".$separator."\"".$eol.$eol; $headers .= "Content-Transfer-Encoding: 7bit".$eol; $headers .= "This is a MIME encoded message.".$eol.$eol; // message $headers .= "--".$separator.$eol; $headers .= "Content-Type: text/html; charset=\"UTF-8\"".$eol; $headers .= "Content-Transfer-Encoding: 8bit".$eol.$eol; $headers .= $message.$eol.$eol; // attachment $headers .= "--".$separator.$eol; $headers .= "Content-Type: $att_type; name=\"$att_name\"".$eol; $headers .= "Content-Transfer-Encoding: base64".$eol; $headers .= "Content-Disposition: attachment".$eol.$eol; $headers .= $att_f.$eol.$eol; $headers .= "--".$separator."--"; } else { $headers .= "Content-Type: text/html; charset=UTF-8\r\n"; } return mail( $to, $subject, $message, $headers ); } $lang = $_POST['language']; # Sanity checks (*very* sloppy input validation) if (empty($_POST['lastname']) || empty($_POST['email']) || empty($_POST['street']) || empty($_POST['city']) || empty($_POST['country']) || empty($_POST['specifics']) || !empty($_POST['url']) ) { header("Location: http://fsfe.org/order/orderpromo-error.$lang.html"); exit(); } $reference = "order.".date("%Y-%m-%d").".".(date("%U") % 100000); $subject = "[promo order] $reference {$_POST['firstname']} {$_POST['lastname']}"; $msg = "Hey, someone ordered promotional material:\n". "First Name: {$_POST['firstname']}\n". "Last Name: {$_POST['lastname']}\n". "EMail: {$_POST['email']}\n". "\n". "Address:\n". "{$_POST['street']}\n". "{$_POST['city']}\n". "{$_POST['country']}\n". "\n". "Specifics of the Order:\n". "{$_POST['specifics']}\n". "\n". "The material is going to be used for:\n". "{$_POST['usage']}\n". "\n". "Comments:\n". "{$_POST['comment']}\n". "\n". "Preferred language was: {$_POST['language']}\n"; if (isset($_POST['donate']) && ($_POST['donate'] > 0)) { $_POST['donationID'] = "DAFSPCK".gen_alnum(5); $msg .= "\n\nThe orderer choose to make a Donation of {$_POST['donate']} Euro.\n". "Please do not assume that this donation has been made until you receive\n". "confirmation from Concardis for the order: {$_POST['donationID']}"; } $test = send_mail ( "assist@fsfe.org", $_POST['email'], $subject, $msg ); if (isset($_POST['donate']) && ($_POST['donate'] > 0)) { relay_donation($_POST['donationID']); } else { header("Location: http://fsfe.org/order/orderpromo-thanks.$lang.html"); } ?>