MMCT TEAM
Server IP : 103.53.40.154  /  Your IP : 18.219.176.215
Web Server : Apache
System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : ppcad7no ( 715)
PHP Version : 8.2.25
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0750) :  /home2/ppcad7no/bittootour.in/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home2/ppcad7no/bittootour.in/contact.php
<?php
    include_once('admin/config.php');
    include_once('site-main-query.php');
    
    function isAllowedMessage($message) {
        $allowedChars = '/^[a-zA-Z0-9,@. ]*$/';
        return preg_match($allowedChars, $message);
    }
    
    if ($_SERVER["REQUEST_METHOD"] === "POST") {
        if (isset($_POST['submit'])) {
            $name = $_POST['name'];
            $phone = $_POST['phone'];
            $email = $_POST['email'];
            $message = $_POST['message'];
            date_default_timezone_set("Asia/Kolkata");
            $currentTime = date("Y-m-d H:i:s");
            $errors = array();
    
            // Validate input
            if (empty($name)) {
                $errors[] = "Name field is required.";
            } elseif (!preg_match('/^[a-zA-Z ]+$/', $name)) {
                $errors[] = "Name can only contain alphabets.";
            }
    
            if (empty($email)) {
                $errors[] = "Email field is required.";
            } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                $errors[] = "Invalid email format.";
            }
    
            if (empty($phone)) {
                $errors[] = "Phone field is required.";
            } elseif (!preg_match('/^\d{10}$/', $phone)) {
                $errors[] = "Phone number should have exactly 10 digits.";
            }
    
            // Sanitize input
            $name = filter_var($name, FILTER_SANITIZE_STRING);
            $phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT);
            $email = filter_var($email, FILTER_SANITIZE_EMAIL);
            $message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
    
            // Check for potentially malicious content in the message
            if (!isAllowedMessage($message)) {
                $errors[] = "Your message contains potentially malicious content or disallowed characters.";
            }
    
    if (empty($errors)) {
        // Your existing code for successful submission
        $query = "INSERT INTO `tbl_queries` (`name`, `phone`, `email`, `message`, `datetime`) VALUES (?, ?, ?, ?, ?)";
        $stmt = mysqli_prepare($db, $query);
    
        if ($stmt) {
            mysqli_stmt_bind_param($stmt, "sssss", $name, $phone, $email, $message, $currentTime);
            $result = mysqli_stmt_execute($stmt);
            mysqli_stmt_close($stmt);
    
            if ($result) {
                $sendmail=$data1["email"];
                // $to = "digitalsaleem12@gmail.com";
                $to = $sendmail;
                $subject = "New Query Submitted From $site_name Contact Page";
                $emailMessage = "A new query has been submitted:\n\n";
                $emailMessage .= "Name: $name\n";
                $emailMessage .= "Phone: $phone\n";
                $emailMessage .= "Email: $email\n";
                $emailMessage .= "Message: $message\n";
                
                $headers = "From: $email";
                
                if (mail($to, $subject, $emailMessage, $headers)) {
                echo "<script>
                window.alert('Successfully Sent! We will contact you soon');
                window.location.href = '$wspath' + 'contact.html';
                </script>";
            } else {
               echo "Error sending email.";
                }
            } else {
                $errors[] = "Error in processing your request. Please try again later.";
            }
        } else {
            $errors[] = "Error in preparing the statement.";
        }
    } else {
        // Display validation errors in an alert
        echo "<script>
            var errorMessage = '";
        foreach ($errors as $error) {
            echo addslashes($error) . "\\n";
        }
        echo "';
            window.alert(errorMessage);
        </script>";
    }
        }
    }
?>
<!DOCTYPE html>
<html lang="en">
    
<head>
    
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />

<?php include 'top-link.php';?>
 
<title><?=$datacontact['site_pages_meta_title'];?></title>
<meta name="description" content="<?=$datacontact['site_pages_meta_description'];?>">

</head>
<body>
<?php include 'header.php';?>

<div class="site-breadcrumb" style="background: url(<?php echo $wsapth?>assets/img/breadcrumb/01.jpg)">
    <div class="container">
        <h2 class="breadcrumb-title">Contact Us</h2>
        <ul class="breadcrumb-menu">
            <li><a href="<?php echo $wspath?>">Home</a></li>
            <li class="active">Contact Us</li>
        </ul>
    </div>
</div>


<div class="contact-area py-120">
    <div class="container">
        <div class="contact-content">
            <div class="row">
                <div class="col-md-3">
                    <div class="contact-info">
                        <div class="contact-info-icon">
                            <i class="fal fa-map-location-dot"></i>
                        </div>
                        <div class="contact-info-content">
                            <h5>Office Address</h5>
                            <p>
                               <?php echo $data1["address"] ?>
                            </p>
                        </div>
                    </div>
                </div>
                <div class="col-md-3">
                    <div class="contact-info">
                        <div class="contact-info-icon">
                            <i class="fal fa-phone-volume"></i>
                        </div>
                        <div class="contact-info-content">
                            <h5>Call Us</h5>
                            <a href="tel:<?php echo $data1["phone"] ?>"><?php echo $data1["phone"] ?></a>
                            <a href="tel:<?php echo $data1["alt_phone"] ?>"><?php echo $data1["alt_phone"] ?></a>
                        </div>
                    </div>
                </div>
                <div class="col-md-3">
                    <div class="contact-info">
                        <div class="contact-info-icon">
                            <i class="fal fa-envelopes"></i>
                        </div>
                        <div class="contact-info-content">
                            <h5>Email Us</h5>
                            <a href="mailto:<?php echo $data1["email"] ?>" ><?php echo $data1["email"] ?></a>
                        </div>
                    </div>
                </div>
                <div class="col-md-3">
                    <div class="contact-info">
                        <div class="contact-info-icon">
                            <i class="fal fa-alarm-clock"></i>
                        </div>
                        <div class="contact-info-content">
                            <h5>Open Time</h5>
                            <p>24 X 7 Hours</p>
                        </div>
                    </div>
                </div>
            </div>
        </div>
        <div class="contact-wrapper">
            <div class="row">
                <div class="col-lg-6 align-self-center">
                    <div class="contact-img">
                        <img src="<?php echo $wsapth?>assets/img/contact/01.jpg" alt>
                    </div>
                </div>
                <div class="col-lg-6 align-self-center">
                    <div class="contact-form">
                        <div class="contact-form-header">
                            <h2>Get In Touch</h2>
                            <p>It is a long established fact that a reader will be distracted by the readable
                                content of a page randomised words slightly when looking at its layout. </p>
                        </div>
                        <form method="post" 
                            id="contact-form">
                            <div class="row">
                                <div class="col-md-6">
                                    <div class="form-group">
                                        <input type="text" class="form-control" name="name" placeholder="Your Name"
                                            required>
                                    </div>
                                </div>
                                <div class="col-md-6">
                                    <div class="form-group">
                                        <input type="email" class="form-control" name="email" placeholder="Your Email"
                                            required>
                                    </div>
                                </div>
                            </div>
                            <div class="form-group">
                                <input type="tel" class="form-control" name="phone" placeholder="Your Phone No"
                                    required>
                            </div>
                            <div class="form-group">
                                <textarea name="message" cols="30" rows="5" class="form-control"
                                    placeholder="Write Your Message"></textarea>
                            </div>
                            <button type="submit" class="theme-btn" name="submit">Send
                                Message <i class="far fa-paper-plane"></i></button>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </div>
</div>

<div class="contact-map">
    <iframe src="<?php echo $data1["map_link"] ?>" width="100%" height="360" style="border:0;" allowfullscreen="" loading="lazy" referrerpolicy="no-referrer-when-downgrade"></iframe>
</div>

<?php include 'footer.php';?>


</body>

</html>

MMCT - 2023