Filters Selected:"; $query = "select * from ".NEWTITLES_DB." "; if (sizeof($arr)==1) { $query .= " where $arr[0]"; $rss_feed .= "$urlarr[0]"; $url_rep .= "$urlarr[0]"; } else if (sizeof($arr)>1) { $query .= " where ".implode(" $st ", $arr); $urr = implode("&",$urlarr); $rss_feed .= $urr; $url_rep .= $urr; } if (isset($_GET['order'])) { $order = " order by ".$_GET['order']; if ($_GET['order']=="catdate") { $order .= " DESC"; } } else { $order = " order by title"; } $query .= $order; ?> <? echo "Princeton University Library | ".$title?> addElement('header', null, 'Comments or Suggestions'); $form->addElement('text', 'name', 'Enter your fullname:', array('size' => 40, 'maxlength' => 255)); $form->addElement('text', 'email', 'Enter your complete email address:', array('size' => 40, 'maxlength' => 255)); #Captcha if (ereg("128\.112\.[0-9]+\.[0-9]+",getip())||ereg("140\.180\.[0-9]+\.[0-9]+",getip())) { $nonpu = false; } else { $nonpu = true; $form->addElement('static','s1','',""); $form->addElement('text','phrase',"Enter the text from the image above"); } #End Captcha $form->addElement('textarea','comments','Comment',array('rows'=>5,'cols'=>30)); $form->addElement('hidden','act','comment'); $form->addElement('hidden','queryrequested',$url_rep); $form->addElement('submit', null, 'Send'); // Define filters and validation rules $form->applyFilter('name', 'trim'); $form->addRule('name', 'Please enter your name.', 'required', null, 'server'); $form->addRule('email', 'Please enter your complete valid email address.', 'required'); $form->addRule('email', 'Please enter your complete valid email address.', 'email'); $form->addRule('comments', 'Please enter a comment.', 'required'); #Captcha Rules if ($nonpu) { $form->addRule('phrase','Please enter the phrase from the image.','required'); } # End Captcha Rules if ($form->validate()) { $email = htmlspecialchars($form->exportValue('email')); $name = htmlspecialchars($form->exportValue('name')); $qreq = $form->exportValue('queryrequested'); $comments = nl2br(htmlspecialchars($form->exportValue('comments'))); # Validate Captcha if (isset($_POST['phrase']) && isset($_SESSION['phrase']) && strlen($_POST['phrase']) > 0 && strlen($_SESSION['phrase']) > 0 && $_POST['phrase'] == $_SESSION['phrase']) { $msg = 'OK!'; $ok = true; unset($_SESSION['phrase']); } else { $msg = 'Please try again!'; } #End Captcha Validate $headers = "Content-type: text/html; charset=iso-8859-1 \r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "X-Mailer: PHP\n"; $headers .= "X-Priority: 3\n"; $headers .= "From: $email\n"; $headers .= "Reply-to: $email\n"; $omsg .= "Comment From: $name - $email

\n"; $omsg .= "
\nQuery: ".$qreq."
\n"; $omsg .= "Comment: $comments
\n"; # Send Email if Captcha Successful if ($nonpu) { if($ok) { #mail('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment '.$sub, $omsg, $headers); send_mail('keslami@princeton.edu, abarrera@princeton.edu', $email, 'New Title List Comment '.$sub, $omsg); unlink("dynimages/".md5(session_id()) . '.png'); echo "

Thank You, $name

Your comments have been successfully submitted. Thank you for contacting the Princeton University Library.

"; } else { echo "

The phrase submitted was incorrect, please press back to try again.

"; spam_attempts('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment: '.$sub, $omsg, $email, $headers); $fp = fopen("logging/comments.log", "a"); fwrite($fp, "========\n"); fwrite($fp,date("m/d/Y H:m")."\n"); fwrite($fp,"$_SERVER[HTTP_REFERER]==$_SERVER[REQUEST_URI]\n"); fwrite($fp,"Subject: $subject\n"); fwrite($fp,"Message: $omsg\n"); fwrite($fp,"Headers: $headers\n"); fwrite($fp,"IP: ".$_SERVER["REMOTE_ADDR"]."\n"); $sql = "SELECT DISTINCT Count(`captured_spam`.`ip_address`) AS `countofattempts`, `captured_spam`.`ip_address` FROM `captured_spam` where ip_address='$_SERVER[REMOTE_ADDR]' GROUP BY `captured_spam`.`ip_address` order by `countofattempts` DESC"; $res = db_query($sql); $infoip = db_returnrow($res); if ($infoip[0] >= 20) { fwrite($fp,"BLOCKED\n"); } else { #mail('abarrera@princeton.edu',"New Title List Comment Spam: ".$sub, $omsg, $headers); send_mail('abarrera@princeton.edu', $email, 'New Title List Comment Spam:'.$sub, $omsg); } fclose($fp); } } else { #mail('keslami@princeton.edu, abarrera@princeton.edu','New Title List Comment '.$sub, $omsg, $headers); send_mail('keslami@princeton.edu, abarrera@princeton.edu', $email, 'New Title List Comment '.$sub, $omsg); echo "

Comment submitted.

Thank you for using this service of the Princeton University Library.

"; } } else { ?>

Required fields are marked with an asterisk (*).

\n\t\t{header}\n\t"; $form_tpl = "\n\n\n{content}\n
\n"; $renderer->setFormTemplate($form_tpl); $renderer->setHeaderTemplate($head_tpl); $renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
\n\t", "s1"); $renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
\n\t", "s2"); $renderer->setElementTemplate("\n\t\n\t\t\n\t\t{element}
\n\t", "s3"); $form->accept($renderer); echo $renderer->toHtml(); #$form->display(); } } display_search_choices($info); $qquery = "select timeStamp from ".NEWTITLES_DB." order by timeStamp DESC limit 0,1"; $res = db_query($qquery); $info = db_returnrow($res); echo "

Last Updated: ".date("m/d/Y",strtotime($info["timeStamp"]))."

"; if (isset($query)&&$query!="select * from ".NEWTITLES_DB." order by title") { echo "

Add the Web Feed to your News Reader:

"; echo "

$rss_feed

"; echo "

What is a Web Feed?

"; echo $filter; display_newtitles($query); } ?>