<?php

if ($_GET["email"] == "attempt"){
  $to='cmicek@gmail.com';
  $messageSubject='Message subject';
  $confirmationSubject='Confirmation message subject';
  $confirmationBody="Confirmation message body";
  $email='';
  $body='';
  $displayForm=true;
  $phone = $_POST['phone'];
 
 	
   if ($_POST){
    $email=stripslashes($_POST['email']);
    $body=stripslashes($_POST['body']);
    // validate e-mail address
    $valid=eregi('^([0-9a-z]+[-._+&])*[0-9a-z]+@([-0-9a-z]+[.])+[a-z]{2,6}$',$email);
    $crack=eregi("(\r|\n)(to:|from:|cc:|bcc:)",$body);
    
		
		if ($email && $body && $valid && !$crack){
      if (mail($to,$messageSubject,$body,'From: '.$email."\r\n")
          && mail($email,$confirmationSubject,$confirmationBody.$body,'From: '.$to."\r\n")){
       
?>

<?php header( 'Location: ?v=success' ) ; ?>
<?php
        echo '<p>'.htmlspecialchars($body).'</p>';
      }else{ // the messages could not be sent
?>
<?php header( 'Location: ?v=servererror' ) ; ?>
<?php
      }
    }else if ($crack){ // cracking attempt
?>
<?php header( 'Location: ?v=hacker' ) ; ?>
<?php
    }else{ // form not complete
?>
<?php header( 'Location: ?v=fail' ) ; ?>
<?php
    }
  }
   }
?>