May we suggest double checking your request was entered correctly?
Try the search box on the right to perform a sitewide seach for your request.
You may find what you're looking for from the following site content:
0)
{
//******************************* function for header injection security*****************************
function check_mail_var($value, $mailfield) {
$pattern=array();
$invalid=0;
$debug=0;
// function checkmail_var(x,y)
// -- this function validates values passed to the mail() function
// -- if invalid data is encountered php will not send e-mail and
// -- an error will be returned
// x:
// the data you want to check
// y:
// the mail() field type you want to validate, should be one of
// o to
// the 'to' verification here rejects:
// - newlines
// - spurious header values
// - spaces
// - commas
// o subject
// per the php manual for mail(), subject must not contain newline characters
// o header
// should not contain a value passed from a form. this should contain static information
// so as to prevent mail injection exploits.
// the 'header' verification here rejects:
// - to:
// - cc:
// - bcc:
// - content-type:
// - hex-encoded new line characters
// this function must be placed just prior to the mail() function to validate fields
// before they are passed to mail().
// function mail() syntax is: mail(to, subject, message, headers)
//
switch ($mailfield) {
case "to" :
$pattern[0]= '\r';
$pattern[1]= '\n';
$pattern[2]= '%0a';
$pattern[3]= '%0d';
$pattern[4]= 'cc:';
$pattern[5]= 'bcc:';
$pattern[6]= 'content-type:';
$pattern[7]= ',';
$pattern[8]= ' ';
break;
case "subject":
$pattern[0]= '\r';
$pattern[1]= '\n';
$pattern[2]= '%0a';
$pattern[3]= '%0d';
break;
case "header":
$pattern[0]= 'to:';
$pattern[1]= 'cc:';
$pattern[2]= 'bcc:';
$pattern[3]= 'content-type:';
$pattern[4]= '%0a';
$pattern[5]= '%0d';
break;
default:
die("ERROR: Invalid function value check_mail_var():
".__FILE__.":".__LINE__);
}
foreach ($pattern as $key) {
if ( strpos(strtolower($value), $key) > 0) {
$invalid=1;
}
}
if ($invalid==1) {
if ($debug==1) {
echo "field: ".$mailfield."
";
echo "value: ".$value."
";
}
die("ERROR: Invalid characters detected. Please go back and
re-submit.");
}
}
//*********************************************************************************************
ini_set('sendmail_from', 'sample@secureserver.net'); // Set only on Windows
ini_set('SMTP', 'relay-hosting.secureserver.net');
$admin = "Drkez@kezmed.com, kezmed1963@kezmed.com";
$to = $_POST['EmailAddress'];
$FullName = $_POST['FullName'];
$PhoneNumber = $_POST['PhoneNumber'];
$ReferralSource = $_POST['ReferralSource'];
$subject = 'Thank you for contacting KezMed Medical PC';
$subject1 = 'Appointment List KezMed Medical PC';
$HTML = "";
$HTML = $HTML."";
$HTML = $HTML."
Full Name: ".$FullName." |
Email Address: ".$to." |
Phone Number: ".$PhoneNumber." |
Referral Source: ".$ReferralSource." |
You have just received a email from ".$_SERVER["HTTP_HOST"]." |
May we suggest double checking your request was entered correctly?
Try the search box on the right to perform a sitewide seach for your request.
You may find what you're looking for from the following site content: