|
Server IP : 103.53.40.154 / Your IP : 18.226.17.251 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home2/ppcad7no/greenenvirofoundation.com/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include_once('admin/config.php');
function isAllowedMessage($message) {
$allowedChars = '/^[a-zA-Z0-9,@. ]*$/';
return preg_match($allowedChars, $message);
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (isset($_POST['submit'])) {
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$message = $_POST['message'];
date_default_timezone_set("Asia/Kolkata");
$currentTime = date("Y-m-d H:i:s");
$errors = array();
// Validate input
if (empty($name)) {
$errors[] = "Name field is required.";
} elseif (!preg_match('/^[a-zA-Z ]+$/', $name)) {
$errors[] = "Name can only contain alphabets.";
}
if (empty($email)) {
$errors[] = "Email field is required.";
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = "Invalid email format.";
}
if (empty($phone)) {
$errors[] = "Phone field is required.";
} elseif (!preg_match('/^\d{10}$/', $phone)) {
$errors[] = "Phone number should have exactly 10 digits.";
}
// Sanitize input
$name = filter_var($name, FILTER_SANITIZE_STRING);
$phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT);
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
// Check for potentially malicious content in the message
if (!isAllowedMessage($message)) {
$errors[] = "Your message contains potentially malicious content or disallowed characters.";
}
if (empty($errors)) {
// Your existing code for successful submission
$query = "INSERT INTO `tbl_queries` (`name`, `phone`, `email`, `message`, `datetime`) VALUES (?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($db, $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "sssss", $name, $phone, $email, $message, $currentTime);
$result = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if ($result) {
// $to = "digitalsaleem12@gmail.com";
$to = "info@greenenvirofoundation.com";
$subject = "New Query Submitted From Green Enviro Foundation";
$emailMessage = "A new query has been submitted From Green Enviro Foundation:\n\n";
$emailMessage .= "Name: $name\n";
$emailMessage .= "Phone: $phone\n";
$emailMessage .= "Email: $email\n";
$emailMessage .= "Message: $message\n";
$headers = "From: $email";
if (mail($to, $subject, $emailMessage, $headers)) {
echo "<script>
window.alert('Successfully Sent! We will contact you soon');
window.location.href = '$wspath' + 'contact.php';
</script>";
} else {
echo "Error sending email.";
}
} else {
$errors[] = "Error in processing your request. Please try again later.";
}
} else {
$errors[] = "Error in preparing the statement.";
}
} else {
// Display validation errors in an alert
echo "<script>
var errorMessage = '";
foreach ($errors as $error) {
echo addslashes($error) . "\\n";
}
echo "';
window.alert(errorMessage);
</script>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<?php include'top-links.php'?>
<title>Contact Us</title>
</head>
<body>
<?php include 'header.php'?>
<main>
<section class="page-banner bg-image pt-130 pb-130" style="background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5)), url(assets/img/enviro-cnt.jpg);">
<div class="container">
<h2 class="wow fadeInUp" data-wow-duration="1.2s" data-wow-delay=".2s">Contact Us</h2>
<div class="breadcrumb-list wow fadeInUp" data-wow-duration="1.4s" data-wow-delay=".4s">
<a href="index.html">Home </a>
<span class="primary-color">Contact Us</span>
</div>
</div>
</section>
<!-- Contact form area start here -->
<section class="contact pt-60 pb-60">
<div class="container">
<div class="row g-4">
<div class="col-lg-6">
<div class="content bg-image" style=" background-image: linear-gradient(rgba(0, 0, 0, 0.5), rgba(0, 0, 0, 0.5)),url(assets/img/green-blk.jpg);">
<h2>Have something in mind? <br>
Let's talk.</h2>
<div class="arry"><img src="assets/images/icon/arry.png" alt=""></div>
<ul>
<li>
<i class="fa-solid fa-location-dot"></i> <?php echo $datac["address"]; ?>
</a>
</li>
<li><a href="tel: <?php echo $datac["phone"]; ?>"><i class="fa-solid fa-phone-volume"></i> <?php echo $datac["phone"]; ?>
</a>
</li>
<li><a href="mailto: <?php echo $datac["email"]; ?>"><i
class="fa-solid fa-envelope"></i> <?php echo $datac["email"]; ?>
</a></li>
<?php if($datac["alt_email"] !=''){
echo '<li><a href="mailto: '.$datac["alt_email"].' "><i class="fa-solid fa-envelope "></i>
'.$datac["alt_email"].' </a>
</li> ';
}
?>
</ul>
</div>
</div>
<div class="col-lg-6">
<div class="form-area">
<form method="post">
<input type="text" name="name" placeholder="Name">
<?php if (isset($errors) && in_array("Name field is required.", $errors)) { ?>
<p class="error">Name field is required.</p>
<?php } elseif (isset($errors) && in_array("Name can only contain alphabets.", $errors)) { ?>
<p class="error">Name can only contain alphabets.</p>
<?php } ?>
<input type="tel" name="phone" placeholder="Phone">
<?php if (isset($errors) && in_array("Phone field is required.", $errors)) { ?>
<p class="error">Phone field is required.</p>
<?php } elseif (isset($errors) && in_array("Phone number should have exactly 10 digits.", $errors)) { ?>
<p class="error">Phone number should have exactly 10 digits.</p>
<?php } ?>
<input type="email" name="email" placeholder="email">
<?php if (isset($errors) && in_array("Email field is required.", $errors)) { ?>
<p class="error">Email field is required.</p>
<?php } ?>
<textarea name="message" id="massage" placeholder="Message..."></textarea>
<button name="submit" class="mt-40">Submit Now <i class="fa-solid fa-arrow-right-long"></i></button>
</form>
</div>
</div>
</div>
</div>
</section>
<div class="google-map">
<iframe src=" <?php echo $datac["map_link"]; ?>" width="100%" height="450" style="border:0;" allowfullscreen="" loading="lazy" referrerpolicy="no-referrer-when-downgrade"></iframe>
</div>
</main>
<?php include 'footer.php'?>
</body>
</html>