-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcontact.php
More file actions
62 lines (52 loc) · 1.96 KB
/
contact.php
File metadata and controls
62 lines (52 loc) · 1.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
$errors = [];
$errorMessage = '';
if (!empty($_POST)) {
// Sanitize all input to prevent XSS
$name = isset($_POST['name']) ? htmlspecialchars(trim($_POST['name']), ENT_QUOTES, 'UTF-8') : '';
$email = isset($_POST['email']) ? filter_var(trim($_POST['email']), FILTER_SANITIZE_EMAIL) : '';
$message = isset($_POST['message']) ? htmlspecialchars(trim($_POST['message']), ENT_QUOTES, 'UTF-8') : '';
$phone = isset($_POST['phone']) ? htmlspecialchars(trim($_POST['phone']), ENT_QUOTES, 'UTF-8') : '';
if (empty($name)) {
$errors[] = 'Name is required';
}
if (empty($email)) {
$errors[] = 'Email is required';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Please enter a valid email address';
}
if (empty($message)) {
$errors[] = 'Message is required';
}
if (empty($errors)) {
$toEmail = 'greentropikal@outlook.com';
$emailSubject = 'New email from your contact form';
// Use a safe From header to prevent email header injection
$headers = [
'From' => 'noreply@' . $_SERVER['HTTP_HOST'],
'Reply-To' => $email,
'Content-type' => 'text/plain; charset=UTF-8',
'X-Mailer' => 'PHP/' . phpversion()
];
$bodyParagraphs = [
"Name: {$name}",
"Phone: {$phone}",
"Email: {$email}",
"",
"Message:",
$message
];
$body = implode(PHP_EOL, $bodyParagraphs);
if (mail($toEmail, $emailSubject, $body, $headers)) {
header('Location: thank-you.html');
exit;
} else {
$errorMessage = '<p style="color: red;">Oops, something went wrong. Please try again later.</p>';
}
} else {
// Errors are already sanitized, safe to display
$allErrors = implode('<br>', $errors);
$errorMessage = '<p style="color: red;">' . $allErrors . '</p>';
}
}
?>