HEX
Server: Apache
System: Linux vps8051.dx3webs.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: paiskincare (10000)
PHP: 5.6.40-52+ubuntu20.04.1+deb.sury.org+1
Disabled: opcache_get_status
$ pwd: /var/www/vhosts/paiskincare.com/httpdocs2/sisterweek/
Upload Files
File: /var/www/vhosts/paiskincare.com/httpdocs2/sisterweek/index.php
<?php
header('Content-Type: text/html;charset=utf-8');
/*
error_reporting(E_ALL); ini_set( 'display_errors', '1');
*/
session_start();
function FilterCChars($TheString)
{
 return preg_replace('/[\x00-\x1F]/', '', $TheString);
}

function validEmail($email)
{
   $isValid = true;
   $atIndex = strrpos($email, "@");
   if (is_bool($atIndex) && !$atIndex)
   {
      $isValid = false;
   }
   else
   {
      $domain = substr($email, $atIndex+1);
      $local = substr($email, 0, $atIndex);
      $localLen = strlen($local);
      $domainLen = strlen($domain);
      if ($localLen < 1 || $localLen > 64)
      {
         // local part length exceeded
         $isValid = false;
      }
      else if ($domainLen < 1 || $domainLen > 255)
      {
         // domain part length exceeded
         $isValid = false;
      }
      else if ($local[0] == '.' || $local[$localLen-1] == '.')
      {
         // local part starts or ends with '.'
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $local))
      {
         // local part has two consecutive dots
         $isValid = false;
      }
      else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain))
      {
         // character not valid in domain part
         $isValid = false;
      }
      else if (preg_match('/\\.\\./', $domain))
      {
         // domain part has two consecutive dots
         $isValid = false;
      }
      else if
(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',
                 str_replace("\\\\","",$local)))
      {
         // character not valid in local part unless 
         // local part is quoted
         if (!preg_match('/^"(\\\\"|[^"])+"$/',
             str_replace("\\\\","",$local)))
         {
            $isValid = false;
         }
      }
      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A")))
      {
         // domain not found in DNS
         $isValid = false;
      }
   }
   return $isValid;
}

include_once 'securimage/securimage.php';

$securimage = new Securimage();
$success=false;

if ($_SERVER['REQUEST_METHOD']=='POST') {
	$errors=array();
	if ($securimage->check($_POST['captcha_code']) == false) {
	  // the code was incorrect
	  // handle the error accordingly with your other error checking
	
	  // or you can do something really basic like this
	  $errors['captcha_code'][]='The code you entered was incorrect. Please try again.';
	  
	}

	$keys=array('' => 'GGSJ9Y4L','f1' => 'SISTER82651');
	$names=array();
	$emails=array();
	foreach ($keys as $key => $code) {
		$name=trim(FilterCChars($_POST['name'.$key]));
		$email=trim(FilterCChars($_POST['email'.$key]));

		if (strlen($name)==0) {
			$errors['name'.$key][]='Please enter a name';
		} else if (strlen($name)>50) {
			$errors['name'.$key][]='Please enter a shorter name';
		}
		 
		if (strlen($email)==0) {
			$errors['email'.$key][]='Please enter an email address';
		} else {
			$names[$key]=$name;
			$emails[$key]=$email;
	
			$loweremails=array_map('strtolower', $emails);
			if (count(array_unique($loweremails))!=count($emails)) {
				$errors['email'.$key][]='Please enter different addresses';
				array_pop($emails);
			}

			if (strlen($email)>100) {
				$errors['email'.$key][]='Please enter a shorter email address';
			} else if (!validEmail($email)) {
				$errors['email'.$key][]='This email address is not valid';
			}
		}
	}

	  if (count($errors)==0) {
	  	$success=true;
	  }
	  
	 if ($success) {
			$sendername=$names[''];

		  $messagehtml=FilterCChars(nl2br(htmlspecialchars(trim($_POST['message']))));
		  $messagetext=str_replace('<br />','',$messagehtml);

		// send message

		require_once 'emailfunctions.php';
		require_once "Mail.php";

	//	$host = "auth.smtp.1and1.co.uk";
	//	$username = "info@paiskincare.com";
	//	$password = "sunshin3";
		
		$host = "smtp.mandrillapp.com";
		$username = "paiskincare";
		$password = "mFDJmL28FMfJZUjM1s0ycw";
		
		$smtp = Mail::factory('smtp',
		  array ('host' => $host,
		    'auth' => true,
		    'username' => $username,
		    'password' => $password));

		foreach ($keys as $key => $vouchercode) {
			$recipientname=$names[$key];
			$issender=($key=='');

			ob_start();
			require('message/text.php');
			$text=ob_get_contents();
			ob_end_clean();

			ob_start();
			require('message/index.php');
			$html=ob_get_contents();
			ob_end_clean();

		
			$subject=$issender ? 'Your_10=25_Pai_Gift_Code' : ($sendername.'_has_sent_you_a_10=25_Pai_Gift_Code');
		
			$error=sendemail($smtp,array($emails[$key]),'=?UTF-8?Q?'.$subject.'?=',$text,$html,array(),'support@paiskincare.com');
		
			if ($error) {
				$success=false;
				$errors['email'.$key][]='Error: '.$error;
			}
		}
	}
}

function showerror($name) {
	global $errors;
	
	if (count($errors[$name])) {
		foreach ($errors[$name] as $error) {
			echo '<br><span class="error">'.htmlspecialchars( $error).'</span>';
		}
	}
}


      
?><html>
<head>
<title>Pai Skincare</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<?php if ($success) { ?>
<meta http-equiv="refresh" content="10;url=http://www.paiskincare.com/" />
<?php } ?>
</head>
<body>

<div class="messageouter2">
<div class="messageouter1">
<div class="message">
<img src="images/logo.png" width="186" height="83" alt="Pai logo" class="logo" />
<img src="http://www.paiskincare.com/sisterweek/images/sisters.jpg" width="160" height="287" alt="Bottles" class="photo"/>

<?php if ($success) { ?>
<div class="copy">
<div class="heading blue">Thank you</div>

<p>Thank you for referring your sister.</p>

<p>She will be receiving a 10% voucher shortly.</p>

<p>Please check your email for your 10% voucher.</p>

<p>This page will redirect to the Pai homepage in 10 seconds.</p>
</div>

<?php } else { ?>

<div class="copy">
<div class="heading">10% off Pai Skincare </div>
<div class="subhead">for you and your sister</div>
<p>Let your sister in on your best kept skin care secret&hellip;</p>
<p>&hellip;simply enter your name and your sister's name, 
and we will send both of you  a 10% voucher 
to spend at Pai.
</p>
<div class="smallprint">We won't keep any  details for use in future marketing - we'll use them just once to send the voucher and then securely delete them. Voucher cannot be used to purchase Pai Gift vouchers. Voucher cannot be used in conjunction with other cash or % discount vouchers.</div>
</div>
<?php } ?>

</div>
</div>
</div>
<h2>Sorry, this promotion has now ended.</h2>

<script type="text/javascript">
<!--
if(!gaJsHost) {
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
}
//-->
</script>
<script type="text/javascript">
<!--
if(!pageTracker) {
var pageTracker = _gat._getTracker('UA-3304027-1');
pageTracker._initData();
pageTracker._trackPageview();
<?php if ($success) { ?>
pageTracker._trackPageview('/offer/success');
<?php } ?>
}
//-->
</script>
<script src="https://www.dwin1.com/2753.js" type="text/javascript" defer="defer"></script>
</body>
</html>
@ Telegram