POST '; print_r($_POST); echo ''; echo '
 COOKIE ';
  print_r($_COOKIE);
  echo 'SHA1 PHPSESSID: '.sha1($_SESSION['no_guests']);
  echo '
'; /* remove when done */ /* Change the following */ $site = 'jardindeamerica.com'; $receiver_email = 'infojardinspanishschool@gmail.com'; // $receiver_email = 'duncansprivateemail@gmail.com'; $mail_server = 'reservations@tropicaltravelassociation.com'; $subject = 'Desde la pagina \'Contact Us\' en www.'.$site; /* End changes */ $self = htmlentities($_SERVER['PHP_SELF'], ENT_QUOTES, 'UTF-8'); $case = ''; function attack($case) { $hack_subject = 'Hack attempt'; $hack_body = 'Hack from '.$_SERVER['REMOTE_ADDR']. $post = print_r($_POST, TRUE); $session = print_r($_SESSION, TRUE); $cookie = print_r($_COOKIE, TRUE); $server = print_r($_SERVER, TRUE); $hack_body = 'HACK: '.$case.' POST '.$post.' SESSION '.$session.' COOKIE '.$cookie.' SERVER '.$server; mail('duncansprivateemail@gmail.com', $hack_subject, $hack_body, 'From: '.$mail_server); unset($_POST); sleep(10); header('Location: http://www.google.com/'); } function generateRandomString($length = 40) { $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } if(isset($_POST['submit'])) { $_POST['count'] = $_POST['count'] + 1; foreach($_POST as $key => $value) { $clean[$key] = $_POST[$key]; $clean[$key] = trim($clean[$key]); $clean[$key] = htmlentities($clean[$key], ENT_QUOTES, 'UTF-8'); } } $num_1 = 10 * (rand(1, 9)); $num_2 = rand(1, 9); $result = $num_1 + $num_2; if(!isset($_POST['submit'])) { $no_guests = generateRandomString(); $_SESSION['no_guests'] = $no_guests; $submit = sha1($no_guests); $age = sha1(generateRandomString()); $date = sha1(generateRandomString()); $arrivial = sha1($_SESSION['no_guests']); $departure = sha1(generateRandomString()); $show_hide_form = 'show'; $message = 'If you would like to make a reservation please do so here: Reservations.
However if you have any questions, comments or whatever please fill out the following:'; } else { if($_SERVER['PHP_SELF'] != $self) { $case = 'Attempted javascript injection in URL, '.$case; } if($_POST['arrivial'] != sha1($_SESSION['no_guests'])) { $case = 'Server unique_id not equal to POST, '.$case; } if ($_POST['how_long'] != 'Four score and twenty years ago') { $case = 'Changed Four score and twenty years ago, '.$case; } if($_POST['password'] != '') { $case = 'Injection attempt to password, '.$case; } if($_POST['information'] != sha1($_SERVER['REMOTE_ADDR'])) { $case = 'Different IP, '.$case; } if($_POST['no_guests'] != sha1($_SESSION['no_guests'])) { $case = 'No match on random number hash, '.$case; } if($case != '') { attack($case); } else { if($_POST['result'] == $_POST['answer']) { $show_hide_form = 'hide'; $body = "Name: {$clean['name']}\n\nEmail: {$clean['email']}\n\nComments: {$clean['comments']}"; $body = wordwrap($body, 70); $to = $receiver_email; $headers = 'From: '.$mail_server.'\r\n'. 'reply-to: '.$receiver_email; mail($to,$subject,$body,$headers); $message = 'Thank you for contacting us. We will get back to you as soon as we can.'; unset($_POST); foreach($clean as $key => $value) { $clean[$key] = generateRandomString(); } } else { $message = 'Please double check your math.'; /* sleep(1); */ if($clean['count'] > 5) { foreach($clean as $key => $value) { $clean[$key] = generateRandomString(); } sleep(10); $case = 'Can\'t add - failed Captcha'; attack($case); } } } } ?> Atitlan Web Design - Your site shouldn't add to the chaos. - Panajachel, Guatemala
web design
web design 		Lake Atitlan, Guatemala in Central America

atitlan web design

duncan aitken

panajachel, guatemala

++502 5583 8328

contact mecontact atitlan designs

about meabout us

copyrightWe have a liberal copyright policy

linkslinks to sites I find particularly interesting

homeatitlan design
Please fill out the form below.

I will be asking more questions later, but first I want to hear what you think is important.

Name:
Email:
Phone:
Comments:
My prices start as low as $1000 for a basic site, plus expenses. Hosting (where the site is stored) is separate and costs $10 a month or $100.00 a year. I can help you reserve a domain name (eg. your-url.com) if needed.

If you already have a website please include the URL and give me an rough idea of who your clients are and what your business is.

I speak both English and Spanish and many of my sites are bilingual, some have even more languages. I have access to native speaking Germans, French, Italians, Portuguese, Russians, Dutch and more. If you need a multilingual site I can make you one at a reasonable price.

Making a website doesn't have to be difficult or expensive. Indeed sites that are difficult to make tend to be difficult to use – and that is precisely what we don't want.
contact me about me copyright links home
© Duncan Aitken
I have a liberal copyright policy. Click here to learn more.