hjkhghopjkertteerterterterertertrtoirh
bnmbertsurhetertertertertertertertpdf'tdfg
/
home
/
u313348419
/
domains
/
etsbay.com
/
public_html
/
Upload FileeE
HOME
<?php session_start(); require 'PHPMailer/class.phpmailer.php'; require 'PHPMailer/class.smtp.php'; require 'PHPMailer/PHPMailerAutoload.php'; // Include your database connection include 'admin/config/conn.php'; // Ensure this file connects to your database // Define an array to hold error messages $errors = []; // Honeypot field $honeypot = $_POST['honeypot'] ?? ''; if ($_SERVER["REQUEST_METHOD"] == "POST") { $name = $_POST['name'] ?? ''; $email = $_POST['email'] ?? ''; $phone = $_POST['phone'] ?? ''; $subject = $_POST['sub'] ?? ''; $message = $_POST['message'] ?? ''; $validationResult = validateForm($name, $phone, $email, $subject, $message); // If no errors, proceed to send the email if ($validationResult === true) { $message2 = ' <html> <head></head> <body> <div> <h3>Quick Enquiry</h3> <div class="row"> <div class="col-6">Name:<span>' . htmlspecialchars($name) . '</span></div> <div class="col-6">Email:<span>' . htmlspecialchars($email) . '</span></div> <div class="col-6">Mobile No:<span>' . htmlspecialchars($phone) . '</span></div> <div class="col-6">Subject:<span>' . htmlspecialchars($subject) . '</span></div> <div class="col-6">Message:<span>' . htmlspecialchars($message) . '</span></div> </div> </div> </body> </html>'; // Set up PHPMailer $mail = new PHPMailer(); $mail->IsSMTP(); $mail->SMTPDebug = 0; $mail->SMTPAuth = true; $mail->Host = 'smtp.hostinger.com'; $mail->Username = 'info@etsbay.com'; $mail->Password = 'Password@2121@'; $mail->SMTPSecure = 'ssl'; $mail->Port = 465; $mail->setFrom("info@etsbay.com", "etsbay"); $mail->addAddress("gentlemanwatchebay@gmail.com"); $mail->IsHTML(true); $mail->Subject = "Inquiry"; $mail->Body = $message2; if ($mail->send()) { // Insert data into database $stmt = $conn->prepare("INSERT INTO `contact_ajax`(`name`, `email`, `mobile`, `subject`, `message`, `date`) VALUES (?, ?, ?, ?, ?, NOW())"); $stmt->bind_param("sssss", $name, $email, $phone, $subject, $message); if ($stmt->execute()) { echo '<script> alert("Thank you for reaching out to us! Our team will get back to you shortly. We appreciate your patience!"); window.location.href = "https://etsbay.com/contact.php"; </script>'; exit; } else { echo "Database Error: " . $stmt->error; } } else { echo "Mailer Error: " . $mail->ErrorInfo; } } else { // Return errors as JSON echo json_encode($errors); } } else { // Output errors foreach ($validationResult as $error) { echo "<div style='color: red;'>$error</div>"; } } // Main function to validate the input fields function validateForm($name, $phone, $email, $subject, $message) { global $errors, $honeypot; // Check honeypot to catch bots if (!empty($honeypot)) { $errors[] = "Spam detected."; return false; } // Verify User Agent to detect robots if (!isset($_SERVER['HTTP_USER_AGENT']) || empty($_SERVER['HTTP_USER_AGENT'])) { $errors[] = "Invalid submission: User-Agent missing."; return false; } // Trim all inputs to remove unnecessary whitespace $name = trim($name); $phone = trim($phone); $email = trim($email); $subject = trim($subject); $message = trim($message); // Call individual validation functions validateNotEmpty($name, 'name'); validateNotEmpty($phone, 'phone'); validateNotEmpty($email, 'email'); validateNotEmpty($subject, 'sub'); validateNotEmpty($message, 'message'); validateEmail($email); validateContactNumber($phone); checkForURLs([$name, $phone, $email, $subject, $message]); checkBlacklistContent($message); checkForbiddenWords([$name, $phone, $email, $subject, $message], ['spam', 'malicious', 'phishing']); // Return true if there are no errors, otherwise return the errors array return empty($errors) ? true : $errors; } // Validate fields function validateNotEmpty($field, $fieldName) { global $errors; if (empty($field)) { $errors[] = "$fieldName cannot be empty."; } } function validateEmail($email) { global $errors; $pattern = '/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/'; if (!preg_match($pattern, $email)) { $errors[] = "Invalid email format."; } } function validateContactNumber($phone) { global $errors; if (!preg_match('/^\d{10,}$/', $phone)) { $errors[] = "Contact number must contain only digits and be at least 10 digits long."; } } function checkForURLs($fields) { global $errors; $urlPattern = '/(https?:\/\/[^\s]+)/i'; foreach ($fields as $field) { if (preg_match($urlPattern, $field)) { $errors[] = "Fields contain prohibited URLs or links."; break; } } } function checkBlacklistContent($message) { global $errors; $blacklist = ['spam', 'malicious', 'phishing']; foreach ($blacklist as $word) { if (stripos($message, $word) !== false) { $errors[] = "Message contains inappropriate content."; break; } } } function checkForbiddenWords($fields, $forbiddenWords) { global $errors; foreach ($fields as $field) { foreach ($forbiddenWords as $word) { if (stripos($field, $word) !== false) { $errors[] = "Fields contain forbidden words like '$word'."; break 2; } } } } ?>