MMCT TEAM
Server IP : 103.53.40.154  /  Your IP : 3.146.178.81
Web Server : Apache
System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
User : ppcad7no ( 715)
PHP Version : 8.2.25
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON
Directory (0750) :  /home2/ppcad7no/sssktrust.com/../fozan.in/../snackpoint.co.nz/

[  Home  ][  C0mmand  ][  Upload File  ]

Current File : /home2/ppcad7no/sssktrust.com/../fozan.in/../snackpoint.co.nz/contact.php
<?php
    include_once('admin/config.php');
    
    function isAllowedMessage($message) {
        $allowedChars = '/^[a-zA-Z0-9,@. ]*$/';
        return preg_match($allowedChars, $message);
    }
    
    if ($_SERVER["REQUEST_METHOD"] === "POST") {
        if (isset($_POST['submit'])) {
            $name = $_POST['name'];
            $phone = $_POST['phone'];
            $email = $_POST['email'];
            $message = $_POST['message'];
            $currentTime = date("Y-m-d H:i:s");
            $errors = array();
    
            // Validate input
            if (empty($name)) {
                $errors[] = "Name field is required.";
            } elseif (!preg_match('/^[a-zA-Z ]+$/', $name)) {
                $errors[] = "Name can only contain alphabets.";
            }
    
            if (empty($email)) {
                $errors[] = "Email field is required.";
            } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                $errors[] = "Invalid email format.";
            }
    
            if (empty($phone)) {
                $errors[] = "Phone field is required.";
            }
    
            // Sanitize input
            $name = filter_var($name, FILTER_SANITIZE_STRING);
            $phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT);
            $email = filter_var($email, FILTER_SANITIZE_EMAIL);
            $message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
    
            // Check for potentially malicious content in the message
            if (!isAllowedMessage($message)) {
                $errors[] = "Your message contains potentially malicious content or disallowed characters.";
            }
    
    if (empty($errors)) {
        // Your existing code for successful submission
        $query = "INSERT INTO `tbl_queries` (`name`, `phone`, `email`, `message`, `datetime`) VALUES (?, ?, ?, ?, ?)";
        $stmt = mysqli_prepare($db, $query);
    
        if ($stmt) {
            mysqli_stmt_bind_param($stmt, "sssss", $name, $phone, $email, $message, $currentTime);
            $result = mysqli_stmt_execute($stmt);
            mysqli_stmt_close($stmt);
            
            $sqlemail = "SELECT * FROM `tbl_general`";
            $runemail = mysqli_query($db,$sqlemail) or die("Query Not run");
            $dataemail = mysqli_fetch_assoc($runemail); 
            
            if ($result) {
                $to = $dataemail['email'];
                $subject = "New Query Submitted From Snack Point";
                $emailMessage = "A new query has been submitted:\n\n";
                $emailMessage .= "Name: $name\n";
                $emailMessage .= "Phone: $phone\n";
                $emailMessage .= "Email: $email\n";
                $emailMessage .= "Message: $message\n";
                
                $headers = "From: $email";
                
                if (mail($to, $subject, $emailMessage, $headers)) {
                echo "<script>
                window.alert('Successfully Sent! We will contact you soon');
                window.location.href = 'contact.html';
                </script>";
            } else {
               echo "Error sending email.";
                }
            } else {
                $errors[] = "Error in processing your request. Please try again later.";
            }
        } else {
            $errors[] = "Error in preparing the statement.";
        }
    } else {
        // Display validation errors in an alert
        echo "<script>
            var errorMessage = '";
        foreach ($errors as $error) {
            echo addslashes($error) . "\\n";
        }
        echo "';
            window.alert(errorMessage);
        </script>";
    }
        }
    }

    
?>
<!DOCTYPE html>
<html lang="en">

<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<?php include("top-links.php") ?>
    <title><?php echo $datacontact["site_pages_meta_title"];?></title>
    <meta name="description" content="<?php echo $datacontact["site_pages_meta_description"];?>">
</head>

<body>
    
    <?php include "header.php";?>

    <div class="pq-breadcrumb" style="background-image:url('images/blog/breadcrumb.jpg');">
	   	<div class="container">
		    <div class="row align-items-center">
		        <div class="col-lg-12">
		            <nav aria-label="breadcrumb">
		            	<div class="pq-breadcrumb-title">
		            		<h1>Contact Us</h1>
		            	</div>
		               <div class="pq-breadcrumb-container">
							<ol class="breadcrumb">
	                		 	<li class="breadcrumb-item">
	                		 		<a href="<?= $wspath;?>">
	                		 			<i class="fas fa-home me-2"></i>Home
	                		 		</a>
	                		 	</li> 
	                		    <li class="breadcrumb-item active">Contact Us</li>			               			
	                		</ol>
		               </div>
		            </nav>
		        </div>
		    </div>
	   	</div>
	</div>

    <section class="pq-contact-us">
		<div class="container">
			<div class="row justify-content-center">
				<div class="col-xl-4 col-lg-6 col-md-6">
					<div class="contact-container">
						<div class="contact-icon-box">
							<div class="contact-icon-box-icon">
								<span class="contact-icon">
									<i aria-hidden="true" class=" ti-location-pin"></i>
								</span>
							</div>
							<div class="contact-icon-box-content">
								<h4 class="contact-icon-box-title">
									<span>Our Location</span>
								</h4>
								<p class="contact-icon-box-description m-0"><?php echo $data1["address"] ?></p>
							</div>
						</div>
					</div>
				</div>
				<div class="col-xl-4 col-lg-6 col-md-6 mt-4 mt-md-0">
					<div class="contact-container">
						<div class="contact-icon-box">
							<div class="contact-icon-box-icon">
								<span class="contact-icon">
									<i aria-hidden="true" class=" ti-headphone-alt"></i>
								</span>
							</div>
							<div class="contact-icon-box-content">
								<h4 class="contact-icon-box-title">
									<span>Our Contact</span>
								</h4>
								<p class="contact-icon-box-description m-0"><a style="color:white;" href="tel:<?php echo $data1["phone"] ?>"> <?php echo $data1["phone"] ?></a></p>
							</div>
						</div>
					</div>
				</div>
				<div class="col-xl-4 col-lg-12 col-md-12 mt-4 mt-xl-0">
					<div class="contact-container">
						<div class="contact-icon-box">
							<div class="contact-icon-box-icon">
								<span class="contact-icon">
									<i aria-hidden="true" class="  ti-email"></i>
								</span>
							</div>
							<div class="contact-icon-box-content">
								<h4 class="contact-icon-box-title">
									<span>Mail Us</span>
								</h4>
								<p class="contact-icon-box-description m-0"><a style="color:white;" href="mailto:<?php echo $data1["email"] ?>"><?php echo $data1["email"] ?></a></p>
							</div>
						</div>
					</div>
				</div>
			</div>
		</div>
	</section>

    
	<section class="pq-bg-dark-color">
		<div class="container">
			<div class="row align-items-center">
				<div class="col-xl-6 col-lg-12">
					<div class="pq-contact-img">
						<img src="images/contact-us/1.jpg" alt="images" class="img-fluid">
					</div>
				</div>
				<div class="col-xl-6 col-lg-12 ps-xl-4 mt-4 mt-xl-0">
					<div class="pq-section-title-style-1 text-left">
						<span class="pq-section-sub-title">LET'S TALK</span>
						<h5 class="pq-section-title">Get In Touch</h5>
						<p class="pq-section-description">Contrary to popular belief, the use of filler text in design is not just a modern practice.</p>
					</div>
					<form class="pq-applyform" novalidate action="<?php $_PHP_SELF?>" method="POST">
						<div class="pq-reservation">
							<div class="row">
								<div class="col-lg-6">
									<input size="40" placeholder="Your Name" required name="name">
                                    <?php if (isset($errors) && in_array("Name field is required.", $errors)) { ?>
                                        <p class="error">Name field is required.</p>
                                    <?php } elseif (isset($errors) && in_array("Name can only contain alphabets.", $errors)) { ?>
                                        <p class="error">Name can only contain alphabets.</p>
                                    <?php } ?>
								</div>
								<div class="col-lg-6">
									<input size="40" name="phone" type="text" placeholder="Your Phone" minlength="6" maxlength="12" onkeypress="return isNumberKey(event)" pattern=".{6,12}" onpaste="return false;" required>
                                    <?php if (isset($errors) && in_array("Phone field is required.", $errors)) { ?>
                                        <p class="error">Phone field is required.</p>
                                    <?php } ?>
								</div>
								<div class="col-lg-12">
									<input type="email" name="email" size="40" placeholder="Email" required>
									<?php if (isset($errors) && in_array("Email field is required.", $errors)) { ?>
                                        <p class="error">Email field is required.</p>
                                    <?php } ?>
								</div>
								<div class="col-lg-12">
									<textarea cols="10" name="message" rows="3" placeholder="Message" required></textarea>
								</div>
								<div class="col-lg-12">
									<button type="submit" name="submit" class="pq-button">
										<span class="pq-button-text">Contact Us</span>
									</button>
								</div>
							</div>
						</div>
						<!--<div class="wpcf7-response-output" aria-hidden="true"></div>-->
					</form>
				</div>
			</div>
		</div>
	</section>

    <div class="pq-map">
        <iframe src="<?php echo $data1["map_link"] ?>" width="100%" height="450" style="border:0;" allowfullscreen="" loading="lazy" referrerpolicy="no-referrer-when-downgrade"></iframe>
	</div>

    <?php include "footer.php";?>

</body>

</html>

MMCT - 2023