-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathform-process.php
84 lines (68 loc) · 2.55 KB
/
form-process.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php
session_start();
// Options
$timestamp = date('d-m-Y H:i:s');
$logFile = 'logs/investment-message.csv';
$admin_email = 'ico@betterbetting.org';
$recaptcha_secret = '6LfCnjkUAAAAADXMBH-Kx92G9RVirugcwl8yX52u'; // Keep Secret!
$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
// Data Sanitation
$first_name = filter_var($_POST['first_name'], FILTER_SANITIZE_STRING, FILTER_SANITIZE_SPECIAL_CHARS);
$last_name = filter_var($_POST['last_name'], FILTER_SANITIZE_STRING, FILTER_SANITIZE_SPECIAL_CHARS);
$email = $_POST['email'];
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING, FILTER_SANITIZE_SPECIAL_CHARS);
$recaptcha_response = $_POST['g-recaptcha-response'];
unset($error, $success);
// Data Validation
if (strlen($email) < 1) {
$error[] = 'Please fill in your e-mail address.';
} else if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Please use a valid e-mail address.';
}
//// Check reCaptcha
if (!empty($recaptcha_response)) {
$curl_vars = "secret={$recaptcha_secret}&response={$recaptcha_response}";
$ch = curl_init($recaptcha_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $curl_vars);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$curl_response = json_decode(curl_exec($ch), true);
if (!$curl_response['success']) {
$error[] = 'ReCaptcha error: ' . $curl_response['error-codes'][0];
}
} else {
$error[] = 'Please tick the reCaptcha box below to prove that you are not a robot.';
}
if (!empty($error)) {
$_SESSION['notify']['error'] = $error;
header("Location: {$_POST['source']}?notify=error");
exit;
}
// Log message
$log = "{$timestamp},{$email},{$first_name},{$last_name},\"{$message}\"\n";
if (!file_put_contents($logFile, $log, FILE_APPEND))
$error[] = 'Message failed to log.';
// Format data for mail
$mail_error = empty($error) ? '' : 'Server messages: \n' . serialize($error);
$mail_message = "
Message received from: {$email} ({$first_name} {$last_name})\n
\n
Body:\n
{$message}\n
\n
{$mail_error}
";
$mail_headers = "From: {$email}";
// Send mail
if (mail($admin_email, "A form submission has occured by {$email} ({$first_name} {$last_name})", $mail_message, $mail_headers)) {
$success[] = 'Message has been sent successfully!';
} else {
$error[] = 'Message failed to send. Please try again.';
}
if (!empty($error))
$_SESSION['notify']['error'] = $error;
if (!empty($success))
$_SESSION['notify']['success'] = $success;
$notify = empty($error) ? 'success' : 'error';
header("Location: {$_POST['source']}?notify={$notify}");