Captura los datos a continuación. Todos los campos son requeridos.
-diff --git a/page-contacto.php b/page-contacto.php index 146a4d7..816a651 100644 --- a/page-contacto.php +++ b/page-contacto.php @@ -1,6 +1,6 @@ $v) {${$k} = dax_contact_fix_gpc($v);} # Verificación de seguridad y validación de campos incorrectos o vacíos -$OKOK = !$is_captcha || (!empty($codigo) && $_SESSION['codigo_captcha'] === md5(strtolower($codigo))); -$IPOK = preg_replace('#[^a-z0-9\.\-:\[\]/]#', '', (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'].'/' : '') . $_SERVER['REMOTE_ADDR']); -$UAOK = dax_contact_fix_gpc($_SERVER['HTTP_USER_AGENT']); -$ref = empty($ref) ? '' : $ref; +$OKOK = !$is_captcha || (!empty($codigo) && isset($_SESSION['codigo_captcha']) && $_SESSION['codigo_captcha'] === md5(strtolower($codigo))); +$IPOK = preg_replace('#[^a-z0-9\.\-:\[\]/]#', '', (empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? '' : $_SERVER['HTTP_X_FORWARDED_FOR'].'/') . $_SERVER['REMOTE_ADDR']); +$UAOK = empty($_SERVER['HTTP_USER_AGENT']) ? '-' : dax_contact_fix_gpc($_SERVER['HTTP_USER_AGENT']); +$ref = empty($ref) ? (empty($_SERVER['HTTP_REFERER']) ? '' : htmlspecialchars(dax_contact_fix_gpc($_SERVER['HTTP_REFERER']))) : $ref; $mail = (!empty($mail) && preg_match('#^[a-z0-9\.\-\_]+@[a-z0-9\.\-\_]+\.[a-z]{2,12}$#i', $mail)) ? $mail : 0; $nombre = empty($nombre) ? 0 : preg_replace('#[^a-z0-9\-_ ]#i', '', $nombre); if(strlen($nombre) < 3) $nombre = 0; @@ -94,14 +94,14 @@