resume/includes/config.php

<?php

//Buffers PHP messages
ob_start();

$sType = isset($_REQUEST['t'])?$_REQUEST['t']:'';
$sSerial = isset($_GET['s'])?$_GET['s']:'';
$sName = isset($_POST['name'])?$_POST['name']:'';
$sEmail = isset($_POST['email'])?$_POST['email']:'';
$sSubject = isset($_POST['subject'])?$_POST['subject']:'';
$sMsg = isset($_POST['message'])?$_POST['message']:'';
$sResult = '';

$oCv = new cv();
switch($sType)
{
	case 'javascript':
		$sResult = $oCv->getJavascript();
		break;
	case 'pic':
		$sResult = $oCv->getPic($sSerial);
		break;
	case 'mail':
		$sResult = $oCv->sendEmail($sName, $sEmail, $sSubject, $sMsg);
		break;
}

ob_end_clean();
echo $sResult;

class cv {
	const LOG_FILE = 'log';
	const PIC_PATH = '../images/pic.png';
	const PUBLIC_KEY_LENGTH = 13;
	const MAX_REQUEST_TIME = 10;
	
	private $iLoadTime;

	public function __construct()
	{
		$this->setLoadTime();
	}
	
	private function setLoadTime()
	{
		$this->iLoadTime = time();
	}
	
	private function getLoadTime()
	{
		return $this->iLoadTime;
	}
	
	public function getJavascript()
	{
		//Build picture key
		$sPublicKey = uniqid();
		$sSecretKey = $this->getLoadTime();
		list($iWidth, $iHeight) = getimagesize(self::PIC_PATH);
		file_put_contents(self::LOG_FILE, $sPublicKey.$sSecretKey."\n", FILE_APPEND);
		
		//Display javascript functions
		$asResult = array();
		$asResult[] = "var cConfigPage = '".$this->getAppPath().basename(__FILE__)."'";
		$asResult[] = "var a = '$sPublicKey';";
		$asResult[] = "var iPicWidth = $iWidth;";
		$asResult[] = "var iPicHeight = $iHeight;";
		$asResult[] = file_get_contents('../jquery/jquery.functions'.(file_exists('../jquery/jquery.functions.js')?'':'.min').'.js');
		return implode("\n", $asResult);
	}
	
	public function getPic($sSerial)
	{
		if($this->checkSerial($sSerial))
		{
			header('Content-Type: image/jpeg');
			return file_get_contents(self::PIC_PATH);
		}
		else
		{
			header('HTTP/1.1 403 Forbidden');
		}
	}
	
	public function sendEmail($sName, $sEmail, $sSubject, $sMsg)
	{
		$sResult = '';
		if($sName!='' && $sEmail!='' && $sSubject!='' && $sMsg!='')
		{
			//Message
			$sHtmlMessage = 'From: '.$sName."<br />".
							'Email: '.$sEmail."<br /><br />".
							'Subject: '.$sSubject."<br />".
							'Message: <br /><br />'.str_replace("\n", '<br />', $sMsg);
			$sPlainMessage = strip_tags(str_replace('<br />', "\n", $sHtmlMessage));
			
			//Email
			$iBoundary = uniqid("HTMLEMAIL");
			$sHeaders = 'From: Contact CV <www-data@lutran.fr>'."\r\n".
						'Reply-To: Contact CV <www-data@lutran.fr>'."\r\n".
						'Cc: Julien Lutran <julien@lutran.fr>'."\r\n".
						'MIME-Version: 1.0'."\r\n".
						'Content-Type: multipart/alternative;'.
						'boundary = '.$iBoundary."\r\n\r\n".
						'MIME encoded Message'.
						'--'.$iBoundary."\r\n".
						'Content-Type: text/plain; charset=UTF-8'."\r\n".
						'Content-Transfer-Encoding: base64'."\r\n\r\n".
						chunk_split(base64_encode($sPlainMessage)).
						'--'.$iBoundary."\r\n".
						'Content-Type: text/html; charset=UTF-8'."\r\n".
						'Content-Transfer-Encoding: base64'."\r\n\r\n".
						chunk_split(base64_encode($sHtmlMessage));
			
			//Store in case email fails
			@file_put_contents('log.html', '<br />----<br /><br />'.$sHtmlMessage, FILE_APPEND);
			
			//Send
			if(mail('julien.lutran@gmail.com', 'julien.lutran.fr - Contact Me Message', '', $sHeaders))
			{
				$sResult = 'ok';
			}
			else
			{
				$sResult = 'An unknown error occured.';
			}
		}
		else
		{
			$sResult = 'An error occured: Some fields were empty.';
		}
		return $sResult;
	}
	
	private function checkSerial($sSerial)
	{
		$bResult = false;
		if(strlen($sSerial)==self::PUBLIC_KEY_LENGTH && strpos($this->getAppPath(), $_SERVER['HTTP_REFERER'])===0)
		{
			$sFileContent = file_get_contents(self::LOG_FILE);
			$asKeys = array_filter(explode("\n", $sFileContent));
			foreach($asKeys as $sKey)
			{
				$iOffset = $this->getLoadTime() - substr($sKey, self::PUBLIC_KEY_LENGTH);
				if($sSerial == substr($sKey, 0, self::PUBLIC_KEY_LENGTH) && $iOffset < self::MAX_REQUEST_TIME)
				{
					$bResult = true;
					file_put_contents(self::LOG_FILE, str_replace($sKey."\n", '', $sFileContent));
					break;
				}
			}
		}
		return $bResult;
	}
	
	private static function getAppPath()
	{
		$sAppPath = 'http://'.str_replace(array('http://', 'https://'), '', $_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']));
		$sAppPath = $sAppPath.(substr($sAppPath, -1)!='/'?'/':'');
		return $sAppPath;
	}
}
?>