|
Server IP : 103.53.40.154 / Your IP : 18.222.182.249 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home2/ppcad7no/chandeshwarcontractors.com/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
function isAllowedMessage($message) {
$allowedChars = '/^[a-zA-Z0-9,@. ]*$/';
return preg_match($allowedChars, $message);
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (isset($_POST['submit'])) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$message = $_POST['message'];
date_default_timezone_set("Asia/Kolkata");
$currentTime = date("Y-m-d H:i:s");
$errors = array();
// Validate input
if (empty($name)) {
$errors[] = "Name field is required.";
} elseif (!preg_match('/^[a-zA-Z ]+$/', $name)) {
$errors[] = "Name can only contain alphabets.";
}
if (empty($email)) {
$errors[] = "Email field is required.";
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = "Invalid email format.";
}
if (empty($phone)) {
$errors[] = "Phone field is required.";
} elseif (!preg_match('/^\d{10}$/', $phone)) {
$errors[] = "Phone number should have exactly 10 digits.";
}
// Sanitize input
$name = filter_var($name, FILTER_SANITIZE_STRING);
$phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT);
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
// Check for potentially malicious content in the message
if (!isAllowedMessage($message)) {
$errors[] = "Your message contains potentially malicious content or disallowed characters.";
}
if (empty($errors)) {
// Your existing code for successful submission
$query = "INSERT INTO `tbl_queries` (`name`, `phone`, `email`, `message`, `datetime`) VALUES (?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($db, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "sssss", $name, $phone, $email, $message, $currentTime);
$result = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if ($result) {
$to = "digitalsaleem12@gmail.com";
// $to = "fastelevatorandescalator@gmail.com";
$subject = "New Query Submitted";
$emailMessage = "A new query has been submitted:\n\n";
$emailMessage .= "Name: $name\n";
$emailMessage .= "Phone: $phone\n";
$emailMessage .= "Email: $email\n";
$emailMessage .= "Message: $message\n";
$headers = "From: $email";
if (mail($to, $subject, $emailMessage, $headers)) {
echo "<script>
window.alert('Successfully Sent! We will contact you soon');
window.location.href = '$wspath';
</script>";
} else {
echo "Error sending email.";
}
} else {
$errors[] = "Error in processing your request. Please try again later.";
}
} else {
$errors[] = "Error in preparing the statement.";
}
} else {
// Display validation errors in an alert
echo "<script>
var errorMessage = '";
foreach ($errors as $error) {
echo addslashes($error) . "\\n";
}
echo "';
window.alert(errorMessage);
</script>";
}
}
}
?>
<section class="faq-rqa-section faq-style-one sec-pad pb0">
<div class="container">
<div class="row">
<div class="col-lg-7 col-md-8 col-sm-12 col-xs-12 pull-left">
<div class="sec-title">
<h3><?php echo $datal['site_name'];?> <span>FAQ</span></h3>
<p>You will find yourself working in a true partnership that results in an incredible experience, and an end product that is the best. </p>
</div><!-- /.sec-title -->
<div class="accrodion-grp" data-grp-name="faq-accrodion">
<div class="accrodion active">
<div class="accrodion-title">
<h4>What is piling drilling, and why might I need it?</h4>
</div>
<div class="accrodion-content">
<div class="inner">
<p>Piling drilling involves creating deep foundation support for various structures by drilling into the ground and filling the hole with materials like concrete. You might need piling drilling for constructing buildings, bridges, or other large structures where stable foundations are crucial.</p>
</div><!-- /.inner -->
</div>
</div>
<div class="accrodion ">
<div class="accrodion-title">
<h4> How does Chandeshwar Contractors ensure the quality of their piling drilling service?</h4>
</div>
<div class="accrodion-content">
<div class="inner">
<p>We maintain rigorous quality control measures throughout the piling drilling process. Our experienced team uses state-of-the-art equipment and follows industry best practices to ensure that each pile meets the required specifications and standards.</p>
</div><!-- /.inner -->
</div>
</div>
<div class="accrodion">
<div class="accrodion-title">
<h4>What types of projects does Chandeshwar Contractors typically undertake?</h4>
</div>
<div class="accrodion-content">
<div class="inner">
<p>Chandeshwar Contractor offers expert piling and drilling services, delivering quality and precision in every project undertaken.</p>
</div><!-- /.inner -->
</div>
</div>
</div>
<!--<a href="#" class="more-info">Get more informations <i class="fa fa-arrow-right"></i></a>-->
</div>
<div class="col-lg-4 col-md-4 col-sm-12 col-xs-12 pull-right">
<div class="rqa-box">
<h3>Request a <span>Quote</span></h3>
<p>Fill all information details to consult with us to get sevices from us</p>
<form action="<?php $_PHP_SELF?>" method="POST" class="rqa-form">
<input type="text" placeholder="Your name" name="name" required>
<?php if (isset($errors) && in_array("Name field is required.", $errors)) { ?>
<p class="error">Name field is required.</p>
<?php } elseif (isset($errors) && in_array("Name can only contain alphabets.", $errors)) { ?>
<p class="error">Name can only contain alphabets.</p>
<?php } ?>
<input type="text" placeholder="Your email" name="email" required>
<?php if (isset($errors) && in_array("Email field is required.", $errors)) { ?>
<p class="error">Email field is required.</p>
<?php } ?>
<input type="text" placeholder="Your Phone" name="phone" minlength="10" maxlength="10" onkeypress="return isNumberKey(event)" pattern=".{10,10}" onpaste="return false;" required>
<?php if (isset($errors) && in_array("Phone field is required.", $errors)) { ?>
<p class="error">Phone field is required.</p>
<?php } elseif (isset($errors) && in_array("Phone number should have exactly 10 digits.", $errors)) { ?>
<p class="error">Phone number should have exactly 10 digits.</p>
<?php } ?>
<textarea placeholder="Write Message..." name="message"></textarea>
<button type="submit" name="submit" class="hvr-sweep-to-right">Get a qoute <i class="fa fa-arrow-right"></i></button>
</form>
</div>
</div>
</div>
</div>
</section>