contest_name = 'april2009_contest'; $this->subject = "See what we are giving away this month!"; $this->form ='
Please enter your information below
Fields denoted with a * are required
First Name:*

Last Name:*

Email:*

Confirm Email:*:

Phone:* Use (xxx-xxx-xxxx) format

Zip Code:*

Age Range:*

'; // Start Thank you page $this->response = "

Thank you!

Your entry in the Fushion Magazine

Fushion Magazine - See what we are giving away this month!

has been accepted.

Good luck!

"; // End Thank you page //Check to see if submitter has already entered contest $this->response_dup = "

Error: This email address has already entered this contest. Please use a different one.

"; //Reply receipt email to visitor $this->replymessage = 'Hi %1$s, Thank you for your entry in the Fushion Magazine - See what we are giving away this month! contest. Your entry has been accepted. Sincerely, Fushion Magazine http://www.fushionmag.com Below is a copy of the message you submitted: -------------------------------------------------- Name: %1$s Email: %2$s Phone: %3$s -------------------------------------------------- '; //Reply email $this->adminmessage = "A visitor to the site has submitted an entry for the Fushion Magazine - See what we are giving away this month! contest. Their information is as follows: -------------------------------------------------- Name: %1s Email: %2s Phone: %3s -------------------------------------------------- "; // start action $this->msg = ''; if ( ! isset( $_POST['contest_register'] ) ) return; $name = $_POST["user_name"]; $firstname = $this->clean_input_4email($_POST["firstname"]); $lastname = $this->clean_input_4email($_POST["lastname"]); $email = $this->clean_input_4email($_POST["email"]); $phone = $this->clean_input_4email($_POST["phone"]); $zipcode = $this->clean_input_4email($_POST["zipcode"]); $agerange = $this->clean_input_4email($_POST["agerange"]); $prize1 = $this->clean_input_4email($_POST["prize1"]); $prize2 = $this->clean_input_4email($_POST["prize2"]); $prize3 = $this->clean_input_4email($_POST["prize3"]); $prize4 = $this->clean_input_4email($_POST["prize4"]); $contest_type = $this->clean_input_4email($_POST["contest_type"]); if ( $this->user_exists($email, $this->contest_name ) ) : $this->msg .= $this->response_dup; $this->form = ''; else : $this->insert_user($firstname, $lastname, $email , $phone, $zipcode, $agerange, $prize1, $prize2, $prize3, $prize4, $this->contest_name ); $this->msg .= $this->response; $this->send_mail( $firstname, $lastname, $email); $this->form = ''; endif; } // end constructor function clean_input_4email($value, $check_all_patterns = true) { //clean input in case of header injection attempts! $patterns[0] = '/content-type:/'; $patterns[1] = '/to:/'; $patterns[2] = '/cc:/'; $patterns[3] = '/bcc:/'; if ($check_all_patterns) { $patterns[4] = '/\r/'; $patterns[5] = '/\n/'; $patterns[6] = '/%0a/'; $patterns[7] = '/%0d/'; } // NOTE: can use str_ireplace as this is case insensitive but only available on PHP version 5.0. return preg_replace($patterns, "", strtolower($value)); } // Check to see if submitter is already entered into the contest function user_exists($email = '', $contest = '') { global $wpdb; $result = $wpdb->get_var("SELECT ID FROM {$wpdb->prefix}contest_april2009 WHERE email = '$email' AND contest_name = '$contest'"); if ( $result ) return true; else return false; } // Insert submitter into contest table function insert_user($firstname = '', $lastname = '', $email = '', $phone = '', $zipcode = '', $agerange = '', $prize1 = '', $prize2 = '', $prize3 = '', $prize4 = '', $contest = '') { global $wpdb; // Get the submitter's date // $date_entered = time(); $cdate = date("Y-m-d H:i:s"); $wpdb->query("INSERT INTO {$wpdb->prefix}contest_april2009 (firstname,lastname,email,phone,zipcode,agerange,prize1, prize2,prize3,prize4,contest_name,cdate) VALUES ('$firstname','$lastname','$email','$phone','$zipcode','$agerange','$prize1','$prize2','$prize3','$prize4','$contest','$cdate')"); // Insert submitter into subscriber table $result = mysql_query("SELECT * FROM lm_users WHERE email_address = '$email'") or die(mysql_error()); $num_rows = mysql_num_rows($result); if ($num_rows == 0) { mysql_query("INSERT INTO lm_users VALUES('','1','NOW()','$firstname','$lastname','$email')"); } } // end function insert_user function send_mail( $name = '', $email = '', $phone = '' ) { $admin = get_option('admin_email'); $headers = "MIME-Version: 1.0\n" . "From: $admin\n" . "Reply-To: Fushion Magazine $admin \n" . "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n"; $replymessage = sprintf( $this->replymessage, $name, $email, $phone); $adminmessage = sprintf( $this->adminmessage, $name, $email, $phone); // to registree wp_mail($email, $this->subject, $replymessage, $headers); // to admin wp_mail($admin, 'Receipt: ' . $this->subject, $adminmessage, $headers); } } // end class bn_contest $bn_contest = new bn_contest(); ?>