Source code taken from cacert-20130129.tar.bz2
[cacert.git] / www / index.php
index 41b6d7a..35d22d7 100644 (file)
@@ -563,6 +563,13 @@ require_once('../includes/lib/l10n.php');
                $subject = stripslashes($_REQUEST['subject']);
                $message = stripslashes($_REQUEST['message']);
                $secrethash = $_REQUEST['secrethash2'];
+               
+               //check for spam via honeypot
+               if(!isset($_REQUEST['robotest']) || !empty($_REQUEST['robotest'])){ 
+                       echo _("Form could not be sent.");
+                       showfooter();
+                       exit;
+               }
 
                if($_SESSION['_config']['secrethash'] != $secrethash || $secrethash == "" || $_SESSION['_config']['secrethash'] == "")
                {
@@ -603,26 +610,23 @@ require_once('../includes/lib/l10n.php');
                }
        }
 
-       if($oldid == 11 && $process != "" && $_REQUEST['support'] != "yes")
-       {
-               $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
-               sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
-               showheader(_("Welcome to CAcert.org"));
-               echo _("Your message has been sent.");
-               showfooter();
-               exit;
-       }
-
-       if($oldid == 11 && $process != "" && $_REQUEST['support'] == "yes")
+       if($oldid == 11 && $process != "")
        {
                $message = "From: $who\nEmail: $email\nSubject: $subject\n\nMessage:\n".$message;
-
-               sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
-               showheader(_("Welcome to CAcert.org"));
-               echo _("Your message has been sent to the general support list.");
-               showfooter();
-               exit;
+               if (isset($process[0])){
+                       sendmail("cacert-support@lists.cacert.org", "[website form email]: ".$subject, $message, "website-form@cacert.org", "cacert-support@lists.cacert.org, $email", "", "CAcert-Website");
+                       showheader(_("Welcome to CAcert.org"));
+                       echo _("Your message has been sent to the general support list.");
+                       showfooter();
+                       exit;
+               }
+               if (isset($process[1])){
+                       sendmail("support@cacert.org", "[CAcert.org] ".$subject, $message, $email, "", "", "CAcert Support");
+                       showheader(_("Welcome to CAcert.org"));
+                       echo _("Your message has been sent.");
+                       showfooter();
+                       exit;
+               }
        }
 
        if(!array_key_exists('signup',$_SESSION) || $_SESSION['signup']['year'] < 1900)