Startseite Erkunden Hilfe
Registrieren Anmelden
benjamin.harris
/
soil-report-ai
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Branch: master
Branches Tags
soil-report-ai
/
controllers
/
contactSubmit.php

contactSubmit.php 3.3 KB
Permalink Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * controllers/contactSubmit.php
    4. 

  4.  *
    5. 

  5.  * Handles the homepage contact form submission.
    6. 

  6.  * Validates input, sends an email via PHPMailer, redirects back with status.
    7. 

  7.  */
    8. 

  8. 

  9. require_once __DIR__ . '/../vendor/autoload.php';
    10. 

  10. require_once __DIR__ . '/../config/mail.php';
    11. 

  11. require_once __DIR__ . '/../lib/csrf.php';
    12. 

  12. 

  13. use PHPMailer\PHPMailer\PHPMailer;
    14. 

  14. use PHPMailer\PHPMailer\SMTP;
    15. 

  15. use PHPMailer\PHPMailer\Exception;
    16. 

  16. 

  17. if (session_status() === PHP_SESSION_NONE) {
    18. 

  18.     session_start();
    19. 

  19. }
    20. 

  20. 

  21. // Only accept POST
    22. 

  22. if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    23. 

  23.     header('Location: /#contact');
    24. 

  24.     exit;
    25. 

  25. }
    26. 

  26. 

  27. // CSRF check
    28. 

  28. if (!verifyCsrfToken($_POST['csrf_token'] ?? '')) {
    29. 

  29.     $_SESSION['contact_error'] = 'Invalid form submission. Please try again.';
    30. 

  30.     header('Location: /#contact');
    31. 

  31.     exit;
    32. 

  32. }
    33. 

  33. 

  34. // Collect + sanitise fields
    35. 

  35. $firstName = trim(htmlspecialchars($_POST['first_name'] ?? '', ENT_QUOTES, 'UTF-8'));
    36. 

  36. $lastName  = trim(htmlspecialchars($_POST['last_name']  ?? '', ENT_QUOTES, 'UTF-8'));
    37. 

  37. $email     = trim(filter_var($_POST['email'] ?? '', FILTER_SANITIZE_EMAIL));
    38. 

  38. $farmType  = trim(htmlspecialchars($_POST['farm_type'] ?? '', ENT_QUOTES, 'UTF-8'));
    39. 

  39. $message   = trim(htmlspecialchars($_POST['message']   ?? '', ENT_QUOTES, 'UTF-8'));
    40. 

  40. 

  41. // Basic validation
    42. 

  42. if (!$firstName || !$lastName) {
    43. 

  43.     $_SESSION['contact_error'] = 'Please enter your full name.';
    44. 

  44.     header('Location: /#contact');
    45. 

  45.     exit;
    46. 

  46. }
    47. 

  47. 

  48. if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    49. 

  49.     $_SESSION['contact_error'] = 'Please enter a valid email address.';
    50. 

  50.     header('Location: /#contact');
    51. 

  51.     exit;
    52. 

  52. }
    53. 

  53. 

  54. if (!$message) {
    55. 

  55.     $_SESSION['contact_error'] = 'Please enter a message.';
    56. 

  56.     header('Location: /#contact');
    57. 

  57.     exit;
    58. 

  58. }
    59. 

  59. 

  60. // Build email body
    61. 

  61. $fullName   = $firstName . ' ' . $lastName;
    62. 

  62. $farmLabel  = $farmType ?: 'Not specified';
    63. 

  63. $bodyHtml   = "
    64. 

  64. <h2>New Contact Form Submission</h2>
    65. 

  65. <table cellpadding='6' style='font-family:sans-serif;font-size:14px;'>
    66. 

  66.   <tr><td><strong>Name</strong></td><td>" . $fullName . "</td></tr>
    67. 

  67.   <tr><td><strong>Email</strong></td><td>" . $email . "</td></tr>
    68. 

  68.   <tr><td><strong>Farm Type</strong></td><td>" . $farmLabel . "</td></tr>
    69. 

  69.   <tr><td><strong>Message</strong></td><td>" . nl2br($message) . "</td></tr>
    70. 

  70. </table>
    71. 

  71. ";
    72. 

  72. $bodyText = "Name: {$fullName}\nEmail: {$email}\nFarm Type: {$farmLabel}\n\nMessage:\n{$message}";
    73. 

  73. 

  74. // Send via PHPMailer
    75. 

  75. $mail = new PHPMailer(true);
    76. 

  76. 

  77. try {
    78. 

  78.     $mail->isSMTP();
    79. 

  79.     $mail->Host       = MAIL_HOST;
    80. 

  80.     $mail->SMTPAuth   = true;
    81. 

  81.     $mail->Username   = MAIL_USERNAME;
    82. 

  82.     $mail->Password   = MAIL_PASSWORD;
    83. 

  83.     $mail->SMTPSecure = MAIL_ENCRYPTION === 'ssl' ? PHPMailer::ENCRYPTION_SMTPS : PHPMailer::ENCRYPTION_STARTTLS;
    84. 

  84.     $mail->Port       = MAIL_PORT;
    85. 

  85. 

  86.     $mail->setFrom(MAIL_FROM, MAIL_FROM_NAME);
    87. 

  87.     $mail->addAddress(MAIL_TO);
    88. 

  88.     $mail->addReplyTo($email, $fullName);
    89. 

  89. 

  90.     $mail->isHTML(true);
    91. 

  91.     $mail->Subject = 'Contact Form: ' . $fullName . ' (' . $farmLabel . ')';
    92. 

  92.     $mail->Body    = $bodyHtml;
    93. 

  93.     $mail->AltBody = $bodyText;
    94. 

  94. 

  95.     $mail->send();
    96. 

  96. 

  97.     $_SESSION['contact_success'] = 'Thank you, ' . $firstName . '. We\'ll be in touch soon.';
    98. 

  98. 

  99. } catch (Exception $e) {
    100. 

  100.     error_log('Contact form mailer error: ' . $mail->ErrorInfo);
    101. 

  101.     $_SESSION['contact_error'] = 'Sorry, we couldn\'t send your message. Please try again later.';
    102. 

  102. }
    103. 

  103. 

  104. header('Location: /#contact');
    105. 

  105. exit;
    106.