input; /** * Display captcha image */ if ($params->get(“captcha”, “”, “string”) == “1”) { Captcha::getCaptcha(); JFactory::getApplication()->close(); } /** * Validate token / Anti-XSS / Prevents user created form from submitting */ if (!JSession::checkToken()) { header(“Location: ” . JURI::root() . “index.php/contact-us”); JFactory::getApplication()->close(); } /** * Get Form Handler Instance */ $form = FormHandler::Instance(); /** * Valid inputs for select/option or drop down */ $customer_options = array(“Yes”, “No”); $subject_options = array(“Inquiry”, “Compliment”, “Feedback”); $topic_options = array(“Auto Loan”, “Credit Card”, “Deposit”, “Electronic Banking”, “Foreclosed Properties”, “Home Loan”, “Investment”, “Life Insurance”, “Non-Life Insurance”, “Remittance”, “Trust”, “Branch Service”, “Others”); /** * Declare user input and rules */ $customer = $form->addInput(‘customer’, Validator::REQUIRED | Validator::OPTION, $customer_options); $subject = $form->addInput(‘subject’, Validator::REQUIRED | Validator::OPTION, $subject_options); $topic = $form->addInput(‘topic’, Validator::REQUIRED | Validator::OPTION, $topic_options); $other = $form->addInput(‘other’); $fname = $form->addInput(‘fname’, Validator::REQUIRED); $mname = $form->addInput(‘mname’, Validator::REQUIRED); $lname = $form->addInput(‘lname’, Validator::REQUIRED); $email = $form->addInput(’email’, Validator::REQUIRED | Validator::EMAIL); $tel = $form->addInput(‘tel’, Validator::TELE); $mobile = $form->addInput(‘mobile’, Validator::MOBILE); $message = $form->addInput(‘message’, Validator::REQUIRED); $captcha = $form->addInput(‘captcha’, Validator::REQUIRED | Validator::OPTION, ($session->get(“CAPTCHA”)) ? array($session->get(“CAPTCHA”)) : array(“foobar”)); $captcha->setErrorMessage(Validator::REQUIRED, “Kindly input the characters displayed in the captcha image.”); $captcha->setErrorMessage(Validator::OPTION, “Kindly input correct captcha characters.”); /** * String messages for errors */ $customer->setErrorMessage(Validator::REQUIRED, “Kindly specify if you are an existing PNB customer or not.”); $customer->setErrorMessage(Validator::OPTION, “Kindly specify if you are an existing PNB customer or not.”); $subject->setErrorMessage(Validator::REQUIRED, “Kindly select a subject or type of your message.”); $subject->setErrorMessage(Validator::OPTION, “Kindly select a subject or type of your message.”); $topic->setErrorMessage(Validator::REQUIRED, “Kindly select a product or service that you would like to discuss.”); $topic->setErrorMessage(Validator::OPTION, “Kindly select a product or service that you would like to discuss.”); $fname->setErrorMessage(Validator::REQUIRED, “Kindly tell us your name.”); $mname->setErrorMessage(Validator::REQUIRED, “Kindly tell us your middle name.”); $lname->setErrorMessage(Validator::REQUIRED, “Kindly tell us your last name.”); $email->setErrorMessage(Validator::REQUIRED, “Kindly tell us your email address.”); $email->setErrorMessage(Validator::EMAIL, “Kindly input correct email format”); $tel->setErrorMessage(Validator::TELE, “Kindly input correct telephone number.”); $mobile->setErrorMessage(Validator::MOBILE, “Kindly input correct mobile number.”); $message->setErrorMessage(Validator::REQUIRED, “Kindly write your message”); /** * Encode user input in JSON format */ $userData = array(); $userData[‘customer’] = (string) $customer; $userData[‘subject’] = (string) $subject; $userData[‘topic’] = (string) $topic; $userData[‘other’] = (string) $other; $userData[‘fname’] = (string) $fname; $userData[‘mname’] = (string) $mname; $userData[‘lname’] = (string) $lname; $userData[’email’] = (string) $email; $userData[‘tel’] = (string) $tel; $userData[‘mobile’] = (string) $mobile; $userData[‘message’] = (string) $message; $userDataJSON = json_encode($userData); /** * Run form validation */ if ($form->validate()) { $sent = sendEmail($userData); logEntry($userDataJSON, $sent ? “Sent” : “Not Sent”); if ($sent) { $hash = “#success”; $session->set(“FORM_SUCCESS”, “true”); } } else { $hash = “#feedback”; $session->set(“FORM_ERRORS”, json_encode( $form->getErrors() )); $session->set(“FORM_DATA”, $userDataJSON); $session->clear(“FORM_SUCCESS”); } if ($_DEBUG_MODE) { $document =& JFactory::getDocument(); $document->setMimeEncoding(‘application/json’); header(“Content-Type: application/json”); echo json_encode($userData); echo “\n\n—————–\n\n”; echo json_encode($_POST); } else { header(“Location: ” . JURI::root() . “index.php/contact-us” . $hash); } JFactory::getApplication()->close(); /** * Helper Function * Database Query / For Logging */ function logEntry ($details=””, $status=””) { $db = JFactory::getDbo(); $query = $db->getQuery(); $table_feedbacks = $db->quoteName(“#__feedbacks”); $col_details = $db->quoteName(“details”); $col_status = $db->quoteName(“status”); $val_details = $db->quote($details); $val_status = $db->quote($status); $sql = “INSERT INTO {$table_feedbacks} ({$col_details}, {$col_status}) VALUES ({$val_details}, {$val_status})”; try { $db->setQuery($sql); $db->execute($sql); } catch (Exception $e){ if ($_DEBUG_MODE) echo $e->getMessage(); // JFactory::getApplication()->close(); } } /** * Helper Function * Compose and send email */ function sendEmail ($userData) { $email_to = “customercare@pnb.com.ph”; switch ( $userData[‘topic’] ) { case “Auto Loan”: { $email_to = “garciaMAS@pnb.com.ph, cetronrjs@pnb.com.ph”; } break; case “Credit Card”: { $email_to = “pnbcreditcards@pnb.com.ph”; } break; case “Foreclosed Properties”: { $email_to = “properties@pnb.com.ph”; } break; case “Home Loan”: { $email_to = “centenorbb@pnb.com.ph, santosmrv@pnb.com.ph”; } break; case “Life Insurance”: { $email_to = “customercare@pnb.com.ph”; } break; case “Non-Life Insurance”: { $email_to = “pnbgencustomerservice@pnb.com.ph”; } break; case “Trust”: { $email_to = “unassc@pnb.com.ph, senecagr@pnb.com.ph, SalvadorDL@pnb.com.ph”; } break; } $email_from = trim($userData[’email’]); //$email_to = ($userData[‘topic’] == “Credit Card”) ? “pnbcreditcards@pnb.com.ph” : “customercare@pnb.com.ph”; // $email_to = ($userData[‘topic’] == “Credit Card”) ? “pnbcreditcards@pnb.com.ph” : “hernandezog@pnb.com.ph”; $email_headers = “”; $email_headers .= ‘From: “PNB Web Form” <' . $email_from . '>‘ . “\r\n”; $email_headers .= ‘Reply-To: ‘ . $email_from . “\r\n”; $email_headers .= ‘X-Mailer: PNB Website/2015’ . “\r\n”; $email_headers .= ‘Content-Type: text/plain; charset=utf-8’ . “\r\n”; // $email_headers .= ‘MIME-Version: 1.0’ . “\r\n”; // $email_headers .= ‘Content-type: text/html; charset=utf-8’ . “\r\n”; $email_subject =”Webform + ” . $userData[‘subject’] . ” + ” . (trim($userData[‘other’])? $userData[‘other’] : $userData[‘topic’]) . ” + ” . $userData[‘lname’] . “, “. $userData[‘fname’]; $email_message = “”; $email_message .= “Customer : ” . $userData[‘customer’] . “\r\n”; $email_message .= “Subject : ” . $userData[‘subject’] . “\r\n”; $email_message .= “Product/Service: ” . $userData[‘topic’] . “\r\n”; if (trim($userData[‘other’])) $email_message .= “Other : ” . $userData[‘other’] . “\r\n”; $email_message .= “Last Name : ” . $userData[‘lname’] . “\r\n”; $email_message .= “First Name : ” . $userData[‘fname’] . “\r\n”; $email_message .= “Middle Name : ” . $userData[‘mname’] . “\r\n”; $email_message .= “Email : ” . $userData[’email’] . “\r\n”; if (trim($userData[‘tel’])) $email_message .= “Telephone : ” . $userData[‘tel’] . “\r\n”; if (trim($userData[‘mobile’])) $email_message .= “Mobile : ” . $userData[‘mobile’] . “\r\n”; $email_message .= “Message : ” . “\r\n”; $email_message .= $userData[‘message’]; // $email_message = htmlspecialchars($message); // $email_message = nl2br($email_message); $email_message = wordwrap($email_message, 70, “\r\n”); return mail($email_to, $email_subject, $email_message, $email_headers); } /** * Singleton Form Handler class * */ final class FormHandler { private $inputList = array(); private $errors = array(); public function addInput ($name, $rules=0, $options = array()) { $this->inputList[$name] = new Input($name, $rules, $options); return $this->inputList[$name]; } public function getInput ($name) { if (array_key_exists($name, $this->inputList)) { return $this->inputList($name); } return FALSE; } public function validate () { $ret = FALSE; foreach ($this->inputList as $v) { $v->isValid(); } foreach ($this->inputList as $v) { if ($v->isValid()) $ret = TRUE; else return FALSE; } return $ret; } public function getErrors () { $this->errors = array(); foreach ($this->inputList as $i) { //$this->errors = array_merge($this->errors, $v->getErrors()); $inputErrors = $i->getErrors(); foreach ($inputErrors as $e) { array_push($this->errors, $e); } } return $this->errors; } /** * Call this method to get singleton * * @return FormHandler */ public static function Instance() { static $inst = null; if ($inst === null) { $inst = new FormHandler(); } return $inst; } /** * Private ctor so nobody else can instance it * */ private function __construct() { } } class Input { private $name = “”; private $value = “”; private $rules = 0; private $options = array(); private $errors = array(); private $errorMessages = array(); public function __construct($name, $rules=0, $options = array()) { $params = JFactory::getApplication()->input; $this->name = $name; $this->value = $params->get($name, “”, “string”); $this->rules = $rules; $this->options = $options; } public function __toString () { return $this->value; } public function getName () { return $this->name; } public function getValue () { return $this->value; } public function setErrorMessage ($error, $message) { $this->errorMessages[$error] = $message; } public function getErrorMessage ($error) { if (array_key_exists($error, $this->errorMessages)) { return $this->errorMessages[$error]; } else { return Validator::getErrorMessage($error, $this->name); } } public function getErrors () { return $this->errors; } public function isValid () { $this->errors = array(); $ret = FALSE; if ($this->rules == 0) return TRUE; if (empty($this->value) && !($this->rules & Validator::REQUIRED)) return TRUE; if ($this->rules & Validator::REQUIRED) { if ( ! Validator::isEmpty($this->value) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::REQUIRED)); return FALSE; } } if ($this->rules & Validator::OPTION) { if ( Validator::isValidOption($this->value, $this->options) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::OPTION)); return FALSE; } } if ($this->rules & Validator::EMAIL) { if ( Validator::isValidEmail($this->value) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::EMAIL)); return FALSE; } } if ($this->rules & Validator::TELE) { if ( Validator::isValidPhoneNumber($this->value) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::TELE)); return FALSE; } } if ($this->rules & Validator::MOBILE) { if ( Validator::isValidMobileNumber($this->value) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::MOBILE)); return FALSE; } } if ($this->rules & Validator::TEXT) { if ( Validator::isValidMessage($this->value) ) $ret = TRUE; else { array_push($this->errors, $this->getErrorMessage(Validator::EMAIL)); return FALSE; } } return $ret; } } class Validator { const EMAIL = 2; const TELE = 4; const MOBILE = 8; const TEXT = 16; const REQUIRED = 32; const OPTION = 64; const CAPTCHA = 128; function getErrorMessage ($error, $field=””) { $default_error = array( Validator::EMAIL => “contains invalid email format”, Validator::TELE => “contains invalid telephone number format”, Validator::MOBILE => “contains invalid mobile number format”, Validator::TEXT => “contains invalid text”, Validator::REQUIRED => “is required”, Validator::OPTION => “contains invalid option” ); if (array_key_exists($error, $default_error)) { return $field . ” field ” . $default_error[$error]; } } function isValidOption ($val, $options = array()) { if (is_array($options)) return in_array($val, $options, TRUE); if (is_string($options)) return $val == $options; } function isValidEmail ($email) { return filter_var($email, FILTER_VALIDATE_EMAIL); } function isValidPhoneNumber ($tel) { $tel = str_replace(“-“, “”, $tel); $tel = str_replace(” “, “”, $tel); if (ctype_digit($tel) && strlen($tel)>=7 && strlen($tel)<=12) return true; return false; } function isValidMobileNumber ($mobile) { $mobile = str_replace("-", "", $mobile); $mobile = str_replace(" ", "", $mobile); if (ctype_digit($mobile) && strlen($mobile)==11 && substr($mobile, 0, 2) == "09") return true; return false; } function isValidMessage ($message) { if (strlen($message) <= 2000) { return true; } return false; } function isEmpty ($str) { if (strlen($str) <= 0) { return true; } return false; } } class Captcha { function getCaptcha () { $session = JFactory::getSession(); header ("Content-type: image/png"); $string = ""; $nstring = 8; $alphanum = "ABCDEFGHIJKLMNPQRSTUVWXYZ123456789"; for ($i=0; $i<$nstring; $i++) { $string .= substr($alphanum, rand(0, strlen($alphanum)), 1); } $session->set(“CAPTCHA”, $string); $charImages = array(); $font = 5; $width = ImageFontWidth($font) * strlen($string); $height = ImageFontHeight($font); $width = 100; $height = 36; $im = @imagecreate ($width,$height); //$background_color = imagecolorallocate ($im, rand(0, 255), rand(0, 255), rand(0, 255)); //white background //$background_color = imagecolorallocate ($im, rand(0, 128), rand(0, 128), rand(0, 128)); $background_color = imagecolorallocate ($im, 34, 0, 144); //$background_color = imagecolorallocate ($im, 48, 205, 215); //$background_color = imagecolorallocate ($im, 255, 255, 255); imagestring ($im, $font, 0, 0, $string, $text_color); for ($i=0; $i<25; $i++) { $line_color = imagecolorallocate ($im, rand(128, 255), rand(128, 255), rand(128, 255)); $line_color = imagecolorallocate ($im, rand(64, 255), rand(64, 255), rand(64, 255)); $line_color = imagecolorallocate ($im, rand(0, 170), rand(0, 170), rand(0, 170)); imageline($im, rand(0, $width), rand(0, $height), rand(0, $width), rand(0, $height), $line_color); } for ($i=0; $i