· 6 years ago · Mar 29, 2019, 06:20 PM
1<?php
2
3include "lib/site.php";
4require_once "lib/argos_functions.php";
5require_once ("$serverRoot/lib/mailer.php");
6require_once ("$serverRoot/lib/FormKey.php");
7
8use GuzzleHttp\Client;
9
10$formkey = new formKey();
11
12$js = array("https://www.google.com/recaptcha/api.js");
13$css = array();
14$title = "Submit Request";
15$errors = array();
16$submitted = false;
17
18$file = isset($_FILES['file']) ? $_FILES['file'] : '';
19$file_name = isset($_FILES['file']['name']) ? $_FILES['file']['name'] : '';
20$file_tmp = isset($_FILES['file']['tmp_name']) ? $_FILES['file']['tmp_name'] : '';
21$file_size = isset($_FILES['file']['size']) ? $_FILES['file']['size'] : '';
22$file_error = isset($_FILES['file']['error']) ? $_FILES['file']['error'] : '';
23
24
25$sitekey = get_config_value("recaptcha", "sitekey");
26
27
28
29//Form, File Check
30function error_check() {
31
32 $file_error = '';
33 $errors = array();
34
35 /* First we check for file upload
36 * if the file error is equal to the function
37 * error it out. If not then proceed
38 * to checking other file attributes
39 */
40
41 if($_FILES['file']['error'] == UPLOAD_ERR_NO_FILE){
42 array_push($errors, "You did not attached a file.");
43 } else {
44 // Create array to hold extenstions
45 // Pass the pathinfo to ext variable
46
47 $allowed_exts = array('doc', 'docx');
48 $ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
49
50 // Check if NOT in array if it's not then error out
51
52 if (! in_array($ext, $allowed_exts)) {
53 array_push($errors, "This file format is not allowed.");
54 }
55
56 // Check file if over 6mbg then error it out
57
58 if($_FILES['file']['size'] > 6000000) {
59 array_push($errors, "Your file exceeds 6 mgb. Please reduce.");
60 }
61 }
62
63 return $errors;
64}
65
66
67//Form Submitted, Email with Attachment
68
69if(isset($_POST['submit'])) {
70 $submitted = true;
71 $errors = error_check();
72
73 $sitekey = get_config_value("recaptcha", "sitekey");
74
75
76 if($formkey->validate()) {
77
78 $converted_success = ($recaptcha_success) ? 'true' : 'false';
79 error_log("Form key validated. Recaptcha success? " . $converted_success);
80
81 //If no errors
82
83 if($count == 0 && $recaptcha_success) {
84
85 //Generate Random String
86
87 $generated = generate_random_string(5);
88
89
90 // Do a last check and save to a directory
91
92 $count = count($errors);
93
94
95 //var_dump($_FILES);
96
97 // Split the filename into two parts.
98 $new_filename = explode('.', $file_name);
99
100 // Directory to upload
101 $upload_dir = realpath($serverRoot . '/' . '/doc/uploaded-docs/');
102
103 // Then we will create a new filename with random string.
104 $new_generated_filename = $new_filename[0] . "-".$generated.".".$new_filename[1];
105
106 // Get the extension (doc or docx, again)
107 $ext = pathinfo($new_generated_filename, PATHINFO_EXTENSION);
108
109 // TODO: SHould do something safer to normalize paths. Possibly:
110 // https://packagist.org/packages/webmozart/path-util
111 $destination_path = $upload_dir . '/' . $new_generated_filename;
112
113 error_log("FT: " . $file_tmp);
114 error_log("DP: " . $destination_path);
115
116 // Move File to directory
117 move_uploaded_file($file_tmp, $destination_path);
118
119 // Parse our configuration file
120 $to_addresses = get_config_value("global", "to_address");
121 $from_email = get_config_value("global", "from_address");
122 $from_name = get_config_value("global", "from_name");
123 $debug = get_config_value("global", "debug");
124
125 // Extract the recipients from the configuration file.
126 $iniArray = parse_ini_file("$serverRoot/conf/config.ini", true);
127 $bcc = get_config_value("global", "bcc_address");
128 $contact_addresses = get_config_value("global", "contact_email");
129
130 $body = file_get_contents("$serverRoot/conf/notification.tt");
131
132 fill_template($body, array());
133
134 //Assemble Email
135 try {
136 $subject = "ARGOS Website Submission";
137 $to_list = $to_addresses;
138 $cc_list = array();
139 $bcc_list = array($bcc);
140 $from_list = array($from_email => $from_name);
141
142 $attachment_name = "submission." . get_timestamp() . '.' . $ext;
143
144 $attachment_map = array($attachment_name => $destination_path);
145
146 send_mail_with_uploaded_attachments($to_list, $from_list, $cc_list,
147 $bcc_list, $subject, $body, $attachment_map);
148 } catch(Exception $e) {
149 echo $e->getMessage();
150 }
151 }
152 }
153}
154
155
156
157
158function get_recaptcha_success() {
159 $secretkey = get_config_value("recaptcha", "secretkey");
160
161 $recaptcha_success = false;
162
163 $recaptcha_response = $_POST["g-recaptcha-response"];
164
165 try {
166 $client = new Client();
167
168 $post_data = array(
169 "secret" => $secretkey,
170 "response" => $recaptcha_response
171 );
172
173 $url = 'https://www.google.com/recaptcha/api/siteverify';
174 $response = $client->post($url, [ 'form_params' => $post_data,
175 'timeout' => 5.0
176 ]);
177 $json = json_decode($response->getBody()->getContents(), true);
178
179 $recaptcha_success = $json['success'];
180 } catch (Exception $e) {
181 error_log($e);
182 }
183
184 return $recaptcha_success;
185}
186
187
188
189
190
191
192
193$smarty = get_smarty();
194
195$smarty->assign('css', $css);
196$smarty->assign('js', $js);
197$smarty->assign('title', $title);
198$smarty->assign('file', $file);
199$smarty->assign('file_name', $file_name);
200$smarty->assign('file_tmp', $file_tmp);
201$smarty->assign('file_size', $file_size);
202$smarty->assign('file_error', $file_error);
203$smarty->assign('errors', $errors);
204$smarty->assign('submitted', $submitted);
205$smarty->assign('sitekey', $sitekey);
206$smarty->display("submit_request.tpl");
207
208
209
210?>