bug 792:layout in forms, code in www/account.php
authorINOPIAE <inopiae@cacert.org>
Tue, 11 Dec 2012 23:29:01 +0000 (00:29 +0100)
committerINOPIAE <inopiae@cacert.org>
Tue, 11 Dec 2012 23:29:01 +0000 (00:29 +0100)
pages/account/40.php
pages/index/11.php
www/account.php
www/index.php

index 04d628e..ad78697 100644 (file)
@@ -27,7 +27,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
 <p><?=_("General questions about CAcert should be sent to the general support list, please send all emails in ENGLISH only, this list has many more volunteers then those directly involved with the running of the website, everyone on the mailing list understands english, even if this isn't their native language this will increase your chance at a competent reply. While it's best if you sign up to the mailing list to get replied to, you don't have to, but please make sure you note this in your email, otherwise it might seem like you didn't get a reply to your question.")?></p>
 <p><a href="https://lists.cacert.org/wws/info/cacert-support"><?=_("Click here to go to the Support List")?></a></p>
 <p><?=_("You can alternatively use the form below, however joining the list is the prefered option to support your queries")?></p>
-<form method="post" action="index.php" name="form1">
+<form method="post" action="account.php" name="form1">
   <input type="hidden" name="oldid" value="<?=$id?>">
 <!--   <input type="hidden" name="support" value="yes"> --> 
   <input type="hidden" name="secrethash2" value="">
@@ -42,8 +42,8 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
     <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
 
     <tr>
-      <td colspan="2" width="200"><font color="#ff0000"><?=_("Warning: Please do not use send to mailing list when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
-      <td colspan="2" width="200"><?=_("For confidential data use send to support.")?></font></td>
+      <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use send to mailing list when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+      <td colspan="2"><?=_("For confidential data use send to support.")?></font></td>
     </tr>
     <tr>
       <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
index 95488b7..8a52c10 100644 (file)
@@ -42,8 +42,8 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s
     <tr><td width="100" valign="top"><?=_("Message")?>:</td><td colspan="3"><textarea name="message" cols="70" rows="10"></textarea></td></tr>
 
     <tr>
-      <td colspan="2" width="200"><font color="#ff0000"><?=_("Warning: Please do not use send to mailing list when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
-      <td colspan="2" width="200"><?=_("For confidential data use send to support.")?></font></td>
+      <td colspan="2"><font color="#ff0000"><?=_("Warning: Please do not use send to mailing list when you entered confidential data. The request is being sent to a public mailinglist.")?></font></td>
+      <td colspan="2"><?=_("For confidential data use send to support.")?></font></td>
     </tr>
     <tr>
       <td colspan="2"><input type="submit" name="process[0]" value="<?=_("Send to mailing list")?>"></td>
index 0b32c2c..3f115e0 100644 (file)
        } else if($id == 19) {
                include_once("../pages/account/19.php");
                exit;
-       } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] != "yes") {
-               $who = stripslashes($_REQUEST['who']);
-               $email = stripslashes($_REQUEST['email']);
-               $subject = stripslashes($_REQUEST['subject']);
-               $message = stripslashes($_REQUEST['message']);
-
-                $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
-               sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, $email, "", "CAcert Website");
-                showheader(_("Welcome to CAcert.org"));
-                echo _("Your message has been sent.");
-                showfooter();
-                exit;
-       } else if($oldid == 40 && $_REQUEST['process'] != "" && $_POST['support'] == "yes") {
+       } else if($oldid == 40 && $_REQUEST['process'] != "") {
                $who = stripslashes($_REQUEST['who']);
                $email = stripslashes($_REQUEST['email']);
                $subject = stripslashes($_REQUEST['subject']);
                $message = stripslashes($_REQUEST['message']);
 
+               //check for spam via honeypot
+               if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){ 
+                       echo _("Form could not be send.");
+                       showfooter();
+                       exit;
+               }
 
-                $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+               $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
+               if (isset($process[0])){
+                       sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+                       showheader(_("Welcome to CAcert.org"));
+                       echo _("Your message has been sent to the general support list.");
+                       showfooter();
+                       exit;
+               }
+               if (isset($process[1])){
+                       sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+                       showheader(_("Welcome to CAcert.org"));
+                       echo _("Your message has been sent.");
+                       showfooter();
+                       exit;
+               }
 
-                sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert Website");
-               
-                showheader(_("Welcome to CAcert.org"));
-                echo _("Your message has been sent to the general support list.");
-                showfooter();
-                exit;
        } else if($id == 51 && $_GET['img'] == "show") {
                $query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0";
                $res = mysql_query($query);
index f203d61..3cddb47 100644 (file)
@@ -614,7 +614,6 @@ require_once('../includes/lib/l10n.php');
        {
                $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
                if (isset($process[0])){
-                       $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
                        sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
                        showheader(_("Welcome to CAcert.org"));
                        echo _("Your message has been sent to the general support list.");