Server IP : 103.53.40.154 / Your IP : 3.133.146.94 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0750) : /home2/ppcad7no/www/../nshomeapplianceservices.com/ |
[ Home ] | [ C0mmand ] | [ Upload File ] |
---|
<?php include_once('admin/config.php'); function isAllowedMessage($message) { $allowedChars = '/^[a-zA-Z0-9,@. ]*$/'; return preg_match($allowedChars, $message); } if ($_SERVER["REQUEST_METHOD"] === "POST") { if (isset($_POST['submit'])) { $name = $_POST['name']; $phone = $_POST['phone']; $email = $_POST['email']; $message = $_POST['message']; $subject = $_POST['subject']; date_default_timezone_set("Asia/Kolkata"); $currentTime = date("Y-m-d H:i:s"); $errors = array(); // Validate input if (empty($name)) { $errors[] = "Name field is required."; } elseif (!preg_match('/^[a-zA-Z ]+$/', $name)) { $errors[] = "Name can only contain alphabets."; } if (empty($email)) { $errors[] = "Email field is required."; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = "Invalid email format."; } if (empty($phone)) { $errors[] = "Phone field is required."; } elseif (!preg_match('/^\d{10}$/', $phone)) { $errors[] = "Phone number should have exactly 10 digits."; } // Sanitize input $name = filter_var($name, FILTER_SANITIZE_STRING); $phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT); $email = filter_var($email, FILTER_SANITIZE_EMAIL); $message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8'); $subject = htmlspecialchars($subject, ENT_QUOTES, 'UTF-8'); // Check for potentially malicious content in the message if (!isAllowedMessage($message)) { $errors[] = "Your message contains potentially malicious content or disallowed characters."; } if (empty($errors)) { // Your existing code for successful submission $query = "INSERT INTO `tbl_queries` (`name`, `phone`, `email`, `subject`,`message`, `datetime`) VALUES (?, ?, ?, ?, ?, ?)"; $stmt = mysqli_prepare($db, $query); if ($stmt) { mysqli_stmt_bind_param($stmt, "ssssss", $name, $phone, $email, $subject, $message, $currentTime); $result = mysqli_stmt_execute($stmt); mysqli_stmt_close($stmt); if ($result) { // $to = "gudoogulzar@gmail.com"; $to = "mrshadab8439@gmail.com"; $subjects = "New Query Submitted From N S Rental"; $emailMessage = "A new query has been submitted From N S Rental:\n\n"; $emailMessage .= "Name: $name\n"; $emailMessage .= "Phone: $phone\n"; $emailMessage .= "Email: $email\n"; $emailMessage .= "Subject: $subject\n"; $emailMessage .= "Message: $message\n"; $headers = "From: $email"; if (mail($to, $subjects, $emailMessage, $headers)) { echo "<script> window.alert('Successfully Sent! We will contact you soon'); window.location.href = '$wspath' + 'contact.html'; </script>"; } else { echo "Error sending email."; } } else { $errors[] = "Error in processing your request. Please try again later."; } } else { $errors[] = "Error in preparing the statement."; } } else { // Display validation errors in an alert echo "<script> var errorMessage = '"; foreach ($errors as $error) { echo addslashes($error) . "\\n"; } echo "'; window.alert(errorMessage); </script>"; } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Contact Us | N.S Home Appliance Services</title> <?php include "top-links.php" ?> <style> @media only screen and (max-width: 768px) { .logo img{ width:100px !important; } } .hvr-sweep-to-right{ background-color:#FE5A12 !important; } </style> </head> <body class=""> <div class="page-wrapper"> <?php include "top-header.php" ?> <?php include "header.php" ?> <div class="inner-banner"> <div class="container"> <h1>Contact Us</h1> <ul class="breadcumb"> <li><a href="<?php echo $wspath?>">Home</a></li> <li><span class="sep"><i class="fa fa-angle-right"></i></span></li> <li><span>Contact Us</span></li> </ul> </div> </div> <section class="contact-page sec-pad"> <div class="container"> <div class="sec-title text-center"> <h3>Get in <span>touch</span></h3> <p>You will find yourself working in a true partnership that results in an incredible <br /> experience, and an end product that is the best. </p> </div> <div class="row"> <div class="col-md-6 col-sm-12"> <form action="<?php $_PHP_SELF?>" method="POST" class="form-contact"> <h3>Send Mail</h3> <input type="text" placeholder="Your name" name="name" required> <?php if (isset($errors) && in_array("Name field is required.", $errors)) { ?> <p class="error">Name field is required.</p> <?php } elseif (isset($errors) && in_array("Name can only contain alphabets.", $errors)) { ?> <p class="error">Name can only contain alphabets.</p> <?php } ?> <input type="text" placeholder="Your email" name="email" required> <?php if (isset($errors) && in_array("Email field is required.", $errors)) { ?> <p class="error">Email field is required.</p> <?php } ?> <input type="text" placeholder="Your Phone" name="phone" minlength="10" maxlength="10" onkeypress="return isNumberKey(event)" pattern=".{10,10}" onpaste="return false;" required> <?php if (isset($errors) && in_array("Phone field is required.", $errors)) { ?> <p class="error">Phone field is required.</p> <?php } elseif (isset($errors) && in_array("Phone number should have exactly 10 digits.", $errors)) { ?> <p class="error">Phone number should have exactly 10 digits.</p> <?php } ?> <input type="text" placeholder="Subject" name="subject" required> <textarea placeholder="Write Message..." name="message"></textarea> <!--<button type="submit" class="hvr-sweep-to-right" name="submit">Send</button>--> <input type="submit" class="hvr-sweep-to-right" name="submit" value="Send"> </form> </div> <div class="col-md-6 col-sm-12"> <div class="cont-detail-sec" style="text-align:center;"> <h3>Contact Now</h3> <div class="row"> <div class="col-lg-12 col-sm-12"> <div class="info-box"> <i class="fa fa-light fa-location-dot"></i><h4><?php echo $datac["address"]; ?></h4> </div> </div> </div> <div class="row"> <div class="col-lg-12 col-sm-12"> <div class="info-box"> <i class="fa fa-envelope"></i><h4> <a href="mailto:<?php echo $datac["email"]; ?>"> <?php echo $datac["email"]; ?></a></h4> </div> </div> </div> <div class="row"> <div class="col-lg-12 col-sm-12"> <div class="info-box"> <i class="fa fa-phone"></i><h4> <a href="tel:<?php echo $datac["phone"]; ?>"> <?php echo $datac["phone"]; ?></a></h4> </div> </div> </div> <!--<div class="row">--> <!-- <div class="col-lg-12 col-sm-12">--> <!-- <div class="info-box">--> <!-- <i class="fa fa-phone"></i><h4> <a href="tel:<?php echo $datac["alt_phone"]; ?>"> <?php echo $datac["alt_phone"]; ?></a></h4>--> <!-- </div>--> <!-- </div>--> <!--</div>--> </div> </div> </div> </div> </section> <section> <div class="container"> <div class="row"> <div class="sec-title text-center"> <h3>Were <span>we are?</span></h3> <p>You will find yourself working in a true partnership that results in an incredible <br /> experience, and an end product that is the best. </p> </div><!-- /.sec-title text-center --> <div class="col-lg-12"> <iframe src="<?php echo $datac["map_link"]; ?>" width="100%" height="auto" style="border:0;" allowfullscreen="" loading="lazy" referrerpolicy="no-referrer-when-downgrade"></iframe> </div> </div> </div> </section> <?php include "contact-footer-banner.php" ?> </div> <?php include "footer.php" ?> </body> </html>