Search
Search titles only
By:
Search titles only
By:
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Forums
New posts
All threads
Latest threads
New posts
Trending threads
Trending
Search forums
What's new
New posts
New ads
New profile posts
Latest activity
Free Ads
Latest reviews
Search ads
Members
Current visitors
New profile posts
Search profile posts
Contact us
Latest ads
Pure VPN - Up to 27 Months
vgp
Updated:
Friday at 8:10 AM
එක පැකේජ් එකයි මාසෙටම Unlimited Internet. තාමත් DATA CARD දාන්න සල්ලි වියදම් කරනවද? අඩුම මිලට අපෙන්.
sayuru bandara
Updated:
Jun 2, 2026
Ad icon
ඉන්ටර්නෙට් එකෙන් හරියටම සල්ලි හොයන්න සහ Success වෙන්න කැමතිද? 🚀 (E-Money & Success Stories)
siri sumana
Updated:
May 30, 2026
Gemini AI PRO 18 months Offer
Hawaka
Updated:
May 27, 2026
Ad icon
koko account
DasunEranga
Updated:
May 27, 2026
Electronics
Vehicles
Property
Search
Reply to thread
Forums
General
ElaKiri Talk!
machanla help php
Get the App
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="sudu hawa" data-source="post: 12019612" data-attributes="member: 382989"><p>machanla mata me code eka piliwelata hadala onne mata one message eka vitharai anithe awa wadak na</p><p></p><p>$to = 'info@gmail.com'; </p><p> $subject = 'HACK ATTEMPT';</p><p> $header = 'From: <a href="mailto:cinamapark@gmail.com">info@gmail.com</a>';</p><p> if (mail($to, $subject, $logging, $header)) {</p><p> echo "Sent notice to admin.";</p><p> }</p><p> </p><p> }</p><p></p><p> function verifyFormToken($form) {</p><p> </p><p> // check if a session is started and a token is transmitted, if not return an error</p><p> if(!isset($_SESSION[$form.'_token'])) { </p><p> return false;</p><p> }</p><p> </p><p> // check if the form is sent with token in it</p><p> if(!isset($_POST['token'])) {</p><p> return false;</p><p> }</p><p> </p><p> // compare the tokens against each other if they are still the same</p><p> if ($_SESSION[$form.'_token'] !== $_POST['token']) {</p><p> return false;</p><p> }</p><p> </p><p> return true;</p><p> }</p><p> </p><p> function generateFormToken($form) {</p><p> </p><p> // generate a token from an unique value, took from microtime, you can also use salt-values, other crypting methods...</p><p> $token = md5(uniqid(microtime(), true)); </p><p> </p><p> // Write the generated token to the session variable to check it against the hidden field when the form is sent</p><p> $_SESSION[$form.'_token'] = $token; </p><p> </p><p> return $token;</p><p> }</p><p> </p><p> // VERIFY LEGITIMACY OF TOKEN</p><p> if (verifyFormToken('form1')) {</p><p> </p><p> // CHECK TO SEE IF THIS IS A MAIL POST</p><p> if (isset($_POST['URL-main'])) {</p><p> </p><p> // Building a whitelist array with keys which will send through the form, no others would be accepted later on</p><p> $whitelist = array('token','req-name','req-email','typeOfChange','urgency','URL-main','addURLS', 'curText', 'newText', 'save-stuff', 'mult');</p><p> </p><p> // Building an array with the $_POST-superglobal </p><p> foreach ($_POST as $key=>$item) {</p><p> </p><p> // Check if the value $key (fieldname from $_POST) can be found in the whitelisting array, if not, die with a short message to the hacker</p><p> if (!in_array($key, $whitelist)) {</p><p> </p><p> writeLog('Unknown form fields');</p><p> die("Hack-Attempt detected. Please use only the fields in the form");</p><p> </p><p> }</p><p> </p><p> // PREPARE THE BODY OF THE MESSAGE</p><p></p><p> $message = '<html><body>';</p><p> $message .= '<img src="http://css-tricks.com/examples/WebsiteChangeRequestForm/images/wcrf-header.png" alt="Website Change Request" />';</p><p> $message .= '<table rules="all" style="border-color: #666;" cellpadding="10">';</p><p> $message .= "<tr style='background: #eee;'><td><strong>Name:</strong> </td><td>" . strip_tags($_POST['txtna']) . "</td></tr>";</p><p> $message .= "<tr><td><strong>Email:</strong> </td><td>" . strip_tags($_POST['req-email']) . "</td></tr>";</p><p> $message .= "<tr><td><strong>Type of Change:</strong> </td><td>" . strip_tags($_POST['typeOfChange']) . "</td></tr>";</p><p> $message .= "<tr><td><strong>Urgency:</strong> </td><td>" . strip_tags($_POST['urgency']) . "</td></tr>";</p><p> $message .= "<tr><td><strong>URL To Change (main):</strong> </td><td>" . $_POST['URL-main'] . "</td></tr>";</p><p> $addURLS = $_POST['addURLS'];</p><p> if (($addURLS) != '') {</p><p> $message .= "<tr><td><strong>URL To Change (additional):</strong> </td><td>" . strip_tags($addURLS) . "</td></tr>";</p><p> }</p><p> $curText = htmlentities($_POST['curText']); </p><p> if (($curText) != '') {</p><p> $message .= "<tr><td><strong>CURRENT Content:</strong> </td><td>" . $curText . "</td></tr>";</p><p> }</p><p> $message .= "<tr><td><strong>NEW Content:</strong> </td><td>" . htmlentities($_POST['newText']) . "</td></tr>";</p><p> $message .= "</table>";</p><p> $message .= "</body></html>";</p><p> </p><p> </p><p> </p><p> </p><p> // MAKE SURE THE "FROM" EMAIL ADDRESS DOESN'T HAVE ANY NASTY STUFF IN IT</p><p> </p><p> $pattern = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i"; </p><p> if (preg_match($pattern, trim(strip_tags($_POST['req-email'])))) { </p><p> $cleanedFrom = trim(strip_tags($_POST['req-email'])); </p><p> } else { </p><p> return "The email address you entered was invalid. Please try again!"; </p><p> } </p><p> </p><p> </p><p> </p><p> </p><p> // CHANGE THE BELOW VARIABLES TO YOUR NEEDS</p><p> </p><p> $to = 'info@gmail.com';</p><p> </p><p> $subject = 'Website Change Reqest';</p><p> </p><p> $headers = "From: " . $cleanedFrom . "\r\n";</p><p> $headers .= "Reply-To: ". strip_tags($_POST['req-email']) . "\r\n";</p><p> $headers .= "MIME-Version: 1.0\r\n";</p><p> $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";</p><p></p><p> if (mail($to, $subject, $message, $headers)) {</p><p> echo 'Your message has been sent.';</p><p> } else {</p><p> echo 'There was a problem sending the email.';</p><p> }</p><p> </p><p> // DON'T BOTHER CONTINUING TO THE HTML...</p><p> die();</p><p> </p><p> }</p><p> } else {</p><p> </p><p> if (!isset($_SESSION[$form.'_token'])) {</p><p> </p><p> } else {</p><p> echo "Hack-Attempt detected. Got ya!.";</p><p> writeLog('Formtoken');</p><p> }</p><p> </p><p> }</p><p>?></p></blockquote><p></p>
[QUOTE="sudu hawa, post: 12019612, member: 382989"] machanla mata me code eka piliwelata hadala onne mata one message eka vitharai anithe awa wadak na $to = 'info@gmail.com'; $subject = 'HACK ATTEMPT'; $header = 'From: [EMAIL="cinamapark@gmail.com"]info@gmail.com[/EMAIL]'; if (mail($to, $subject, $logging, $header)) { echo "Sent notice to admin."; } } function verifyFormToken($form) { // check if a session is started and a token is transmitted, if not return an error if(!isset($_SESSION[$form.'_token'])) { return false; } // check if the form is sent with token in it if(!isset($_POST['token'])) { return false; } // compare the tokens against each other if they are still the same if ($_SESSION[$form.'_token'] !== $_POST['token']) { return false; } return true; } function generateFormToken($form) { // generate a token from an unique value, took from microtime, you can also use salt-values, other crypting methods... $token = md5(uniqid(microtime(), true)); // Write the generated token to the session variable to check it against the hidden field when the form is sent $_SESSION[$form.'_token'] = $token; return $token; } // VERIFY LEGITIMACY OF TOKEN if (verifyFormToken('form1')) { // CHECK TO SEE IF THIS IS A MAIL POST if (isset($_POST['URL-main'])) { // Building a whitelist array with keys which will send through the form, no others would be accepted later on $whitelist = array('token','req-name','req-email','typeOfChange','urgency','URL-main','addURLS', 'curText', 'newText', 'save-stuff', 'mult'); // Building an array with the $_POST-superglobal foreach ($_POST as $key=>$item) { // Check if the value $key (fieldname from $_POST) can be found in the whitelisting array, if not, die with a short message to the hacker if (!in_array($key, $whitelist)) { writeLog('Unknown form fields'); die("Hack-Attempt detected. Please use only the fields in the form"); } // PREPARE THE BODY OF THE MESSAGE $message = '<html><body>'; $message .= '<img src="http://css-tricks.com/examples/WebsiteChangeRequestForm/images/wcrf-header.png" alt="Website Change Request" />'; $message .= '<table rules="all" style="border-color: #666;" cellpadding="10">'; $message .= "<tr style='background: #eee;'><td><strong>Name:</strong> </td><td>" . strip_tags($_POST['txtna']) . "</td></tr>"; $message .= "<tr><td><strong>Email:</strong> </td><td>" . strip_tags($_POST['req-email']) . "</td></tr>"; $message .= "<tr><td><strong>Type of Change:</strong> </td><td>" . strip_tags($_POST['typeOfChange']) . "</td></tr>"; $message .= "<tr><td><strong>Urgency:</strong> </td><td>" . strip_tags($_POST['urgency']) . "</td></tr>"; $message .= "<tr><td><strong>URL To Change (main):</strong> </td><td>" . $_POST['URL-main'] . "</td></tr>"; $addURLS = $_POST['addURLS']; if (($addURLS) != '') { $message .= "<tr><td><strong>URL To Change (additional):</strong> </td><td>" . strip_tags($addURLS) . "</td></tr>"; } $curText = htmlentities($_POST['curText']); if (($curText) != '') { $message .= "<tr><td><strong>CURRENT Content:</strong> </td><td>" . $curText . "</td></tr>"; } $message .= "<tr><td><strong>NEW Content:</strong> </td><td>" . htmlentities($_POST['newText']) . "</td></tr>"; $message .= "</table>"; $message .= "</body></html>"; // MAKE SURE THE "FROM" EMAIL ADDRESS DOESN'T HAVE ANY NASTY STUFF IN IT $pattern = "/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/i"; if (preg_match($pattern, trim(strip_tags($_POST['req-email'])))) { $cleanedFrom = trim(strip_tags($_POST['req-email'])); } else { return "The email address you entered was invalid. Please try again!"; } // CHANGE THE BELOW VARIABLES TO YOUR NEEDS $to = 'info@gmail.com'; $subject = 'Website Change Reqest'; $headers = "From: " . $cleanedFrom . "\r\n"; $headers .= "Reply-To: ". strip_tags($_POST['req-email']) . "\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; if (mail($to, $subject, $message, $headers)) { echo 'Your message has been sent.'; } else { echo 'There was a problem sending the email.'; } // DON'T BOTHER CONTINUING TO THE HTML... die(); } } else { if (!isset($_SESSION[$form.'_token'])) { } else { echo "Hack-Attempt detected. Got ya!."; writeLog('Formtoken'); } } ?> [/QUOTE]
Insert quotes…
Verification
Dahaya deken beduwama keeyada?
Post reply
Top
Bottom
Pure VPN - Up to 27 Months
Gemini AI PRO 18 months Offer
