diff options
Diffstat (limited to 'contact.php')
| -rw-r--r-- | contact.php | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/contact.php b/contact.php new file mode 100644 index 0000000..320a801 --- /dev/null +++ b/contact.php @@ -0,0 +1,60 @@ +<?php +use PHPMailer\PHPMailer\PHPMailer; +use PHPMailer\PHPMailer\Exception; + +require 'vendor/autoload.php'; + +if ($_SERVER["REQUEST_METHOD"] === "POST") { + // Sanitize input + $name = htmlspecialchars(strip_tags(trim($_POST["name"] ?? ''))); + $email = htmlspecialchars(strip_tags(trim($_POST["email"] ?? ''))); + $message = htmlspecialchars(strip_tags(trim($_POST["message"] ?? ''))); + $recaptchaResponse = $_POST['g-recaptcha-response'] ?? ''; + + // Validate input + if (empty($name) || empty($email) || empty($message) || empty($recaptchaResponse)) { + die("All fields are required, including reCAPTCHA."); + } + + if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { + die("Invalid email format."); + } + + // Verify reCAPTCHA + $secretKey = getenv("RECAPTCHA_SECRET_KEY"); // Use environment variable for security + $recaptchaURL = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$recaptchaResponse"; + $response = file_get_contents($recaptchaURL); + $responseKeys = json_decode($response, true); + + if (!$responseKeys["success"]) { + die("reCAPTCHA verification failed. Please try again."); + } + + // Send email via PHPMailer + $mail = new PHPMailer(true); + + try { + // SMTP Configuration (Use Environment Variables for Security) + $mail->isSMTP(); + $mail->Host = 'smtp.gmail.com'; + $mail->SMTPAuth = true; + $mail->Username = getenv("SMTP_EMAIL"); // Get email from environment variable + $mail->Password = getenv("SMTP_PASSWORD"); // Get password from environment variable + $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; + $mail->Port = 587; + + // Set email details + $mail->setFrom($email, $name); + $mail->addAddress(getenv("RECEIVER_EMAIL")); // Receiver's email + + $mail->Subject = "New Contact Form Submission from $name"; + $mail->Body = "From: $name <$email>\n\n$message"; + + // Send email + $mail->send(); + echo "Message sent successfully!"; + } catch (Exception $e) { + echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"; + } +} +?> |