SiteWebAstrolabe/src/form/contact-form-handler.php

<?php
require("/usr/share/php/libphp-phpmailer/autoload.php");
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;

// Set header to return JSON
header('Content-Type: application/json');

$mail = new PHPMailer(true);

$errors = [];
$myEmail = getenv('ASTRO_SMTP_FROM');
$myEmailSplitted = explode('@', $myEmail);
$domainFromMyEmail = (
    empty($myEmailSplitted[1])
    || count($myEmailSplitted) != 2
) ? ''
: $myEmailSplitted[1];

$wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_SANITIZE_SPECIAL_CHARS);
$wantedContact = (
    empty($wantedContact)
    || strpos($wantedContact, '@') !== false
    || strpos($wantedContact, '&') !== false
    || empty($domainFromMyEmail)
) ? $myEmail : "$wantedContact@$domainFromMyEmail" ;

/* hCaptcha */
$hcaptchaSecret = getenv('HCAPTCHA_SECRET_KEY');
$hcaptchaVerifyUrl = "https://api.hcaptcha.com/siteverify";

if(empty($_POST['namezzz']) || empty($_POST['emailzzz']) || empty($_POST['message'])) {
    $errors[] = "Erreur : champs obligatoires manquants.";
}

if(!empty($_POST['name']) && !empty($_POST['email'])) {
    $errors[] = "Erreur : spam détecté.";
}

/* Captcha verification */
if(!empty($_POST['h-captcha-response'])) {
    $responseKey = $_POST['h-captcha-response'];
    $data = array(
        'secret' => $hcaptchaSecret,
        'response' => $responseKey
    );

    $checkRequest = curl_init();
    curl_setopt($checkRequest, CURLOPT_URL, $hcaptchaVerifyUrl);
    curl_setopt($checkRequest, CURLOPT_POST, 1);
    curl_setopt($checkRequest, CURLOPT_POSTFIELDS, http_build_query($data));
    curl_setopt($checkRequest, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($checkRequest);
    curl_close($checkRequest);

    $responseData = json_decode($response, true);

    if(!$responseData['success']) {
        $errors[] = "Erreur lors de la validation du captcha.";
    }
} else {
    $errors[] = "Erreur lors de la validation du captcha.";
}

$name = $_POST['namezzz'];
$emailAddress = $_POST['emailzzz'];
$select = $_POST['select'];
$message = $_POST['message'];
$subscribe = $_POST['subscribe'];

if (!filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
    $errors[] = "Erreur d'adresse e-mail invalide : $emailAddress";
}

if(empty($errors)) {
    try {
        $emailSubject = "[Formulaire Astrolabe] Nouveau message";

        switch ($select) {
            case "option 1":
                $purpose = "Demande de rendez-vous";
                break;
            case "option 2":
                $purpose = "Demande de précisions sur le statut d'entrepreneur salarié";
                break;
            case "option 3":
                $purpose = "Proposition de misson";
                break;
            case "option 4":
                $purpose = "Proposition de partenariat";
                break;
            default:
                $purpose = "Autre demande";
        }
        $emailSubject .= " : $purpose";

        $emailBody = "Vous avez reçu un nouveau message depuis le formulaire du site Astrolabe :".
        "\r\n\r\nNom: $name \r\nEmail: $emailAddress \r\nRaison: $purpose\r\nSubscribe: $subscribe\r\n\r\n$message";
        
        $emailBodyHTML = str_replace("\r\n", "<br>", $emailBody);
        
        $mail->isSMTP();
        $mail->Host       = getenv('ASTRO_SMTP_HOSTNAME');
        $mail->SMTPAuth   = true;
        $mail->Username   = getenv('ASTRO_SMTP_USERNAME');
        $mail->Password   = getenv('ASTRO_SMTP_PASSWORD');
        $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;
        $mail->Port       = 587;

        //Options
        $mail->CharSet    = 'UTF-8';
        $mail->WordWrap   = 70;
                
        //Recipients
        $mail->setFrom($myEmail);
        $mail->addAddress($wantedContact);
        $mail->addReplyTo($emailAddress, $name);
                
        // Content
        $mail->isHTML(true);
        $mail->Subject = $emailSubject;
        $mail->Body    = $emailBodyHTML;
        $mail->AltBody = $emailBody;
                
        $mail->send();

        // if subscribe add to mailing list
        if(!empty($subscribe)) {
            // process
            // enovoi mail add to mailing list
        }
        
        http_response_code(200);
        echo json_encode([
            'success' => true,
            'message' => 'Message envoyé avec succès'
        ]);
        
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode([
            'success' => false,
            'errors' => ["Erreur lors de l'envoi du message : " . $mail->ErrorInfo]
        ]);
    }
} else {
    http_response_code(400);
    echo json_encode([
        'success' => false,
        'errors' => $errors
    ]);
}
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`<?php`
			`require("/usr/share/php/libphp-phpmailer/autoload.php");`
			`use PHPMailer\PHPMailer\PHPMailer;`
			`use PHPMailer\PHPMailer\Exception;`

Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`// Set header to return JSON`
			`header('Content-Type: application/json');`

refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`$mail = new PHPMailer(true);`

Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors = [];`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`$myEmail = getenv('ASTRO_SMTP_FROM');`
feat(contact-handler.php): manager other e-mails from POST 2024-03-18 10:35:43 +01:00			`$myEmailSplitted = explode('@', $myEmail);`
			`$domainFromMyEmail = (`
			`empty($myEmailSplitted[1])`
			`\|\| count($myEmailSplitted) != 2`
			`) ? ''`
			`: $myEmailSplitted[1];`

fix(contact-form-handler-php): capture wantedContact and sanitize it rigthly 2024-03-20 12:48:36 +01:00			`$wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_SANITIZE_SPECIAL_CHARS);`
feat(contact-form): adapt to member 2024-03-18 15:14:03 +01:00			`$wantedContact = (`
feat(contact-handler.php): manager other e-mails from POST 2024-03-18 10:35:43 +01:00			`empty($wantedContact)`
fix(contact-form-handler-php): capture wantedContact and sanitize it rigthly 2024-03-20 12:48:36 +01:00			`\|\| strpos($wantedContact, '@') !== false`
			`\|\| strpos($wantedContact, '&') !== false`
feat(contact-handler.php): manager other e-mails from POST 2024-03-18 10:35:43 +01:00			`\|\| empty($domainFromMyEmail)`
feat(contact-form): adapt to member 2024-03-18 15:14:03 +01:00			`) ? $myEmail : "$wantedContact@$domainFromMyEmail" ;`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00
Fully working captcha for contact form 2025-02-06 11:12:47 +01:00			`/* hCaptcha */`
			`$hcaptchaSecret = getenv('HCAPTCHA_SECRET_KEY');`
			`$hcaptchaVerifyUrl = "https://api.hcaptcha.com/siteverify";`

refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`if(empty($_POST['namezzz']) \|\| empty($_POST['emailzzz']) \|\| empty($_POST['message'])) {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors[] = "Erreur : champs obligatoires manquants.";`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`}`

			`if(!empty($_POST['name']) && !empty($_POST['email'])) {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors[] = "Erreur : spam détecté.";`
Fully working captcha for contact form 2025-02-06 11:12:47 +01:00			`}`

			`/* Captcha verification */`
			`if(!empty($_POST['h-captcha-response'])) {`
			`$responseKey = $_POST['h-captcha-response'];`
			`$data = array(`
			`'secret' => $hcaptchaSecret,`
			`'response' => $responseKey`
			`);`

			`$checkRequest = curl_init();`
			`curl_setopt($checkRequest, CURLOPT_URL, $hcaptchaVerifyUrl);`
			`curl_setopt($checkRequest, CURLOPT_POST, 1);`
			`curl_setopt($checkRequest, CURLOPT_POSTFIELDS, http_build_query($data));`
			`curl_setopt($checkRequest, CURLOPT_RETURNTRANSFER, true);`
			`$response = curl_exec($checkRequest);`
			`curl_close($checkRequest);`

			`$responseData = json_decode($response, true);`

			`if(!$responseData['success']) {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors[] = "Erreur lors de la validation du captcha.";`
Fully working captcha for contact form 2025-02-06 11:12:47 +01:00			`}`
			`} else {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors[] = "Erreur lors de la validation du captcha.";`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`}`

			`$name = $_POST['namezzz'];`
			`$emailAddress = $_POST['emailzzz'];`
			`$select = $_POST['select'];`
			`$message = $_POST['message'];`
			`$subscribe = $_POST['subscribe'];`

			`if (!filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$errors[] = "Erreur d'adresse e-mail invalide : $emailAddress";`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`}`

			`if(empty($errors)) {`
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`try {`
			`$emailSubject = "[Formulaire Astrolabe] Nouveau message";`

			`switch ($select) {`
			`case "option 1":`
			`$purpose = "Demande de rendez-vous";`
			`break;`
			`case "option 2":`
			`$purpose = "Demande de précisions sur le statut d'entrepreneur salarié";`
			`break;`
			`case "option 3":`
			`$purpose = "Proposition de misson";`
			`break;`
			`case "option 4":`
			`$purpose = "Proposition de partenariat";`
			`break;`
			`default:`
			`$purpose = "Autre demande";`
			`}`
			`$emailSubject .= " : $purpose";`

			`$emailBody = "Vous avez reçu un nouveau message depuis le formulaire du site Astrolabe :".`
			`"\r\n\r\nNom: $name \r\nEmail: $emailAddress \r\nRaison: $purpose\r\nSubscribe: $subscribe\r\n\r\n$message";`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$emailBodyHTML = str_replace("\r\n", "<br>", $emailBody);`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`$mail->isSMTP();`
			`$mail->Host = getenv('ASTRO_SMTP_HOSTNAME');`
			`$mail->SMTPAuth = true;`
			`$mail->Username = getenv('ASTRO_SMTP_USERNAME');`
			`$mail->Password = getenv('ASTRO_SMTP_PASSWORD');`
			`$mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS;`
			`$mail->Port = 587;`

			`//Options`
			`$mail->CharSet = 'UTF-8';`
			`$mail->WordWrap = 70;`

			`//Recipients`
			`$mail->setFrom($myEmail);`
			`$mail->addAddress($wantedContact);`
			`$mail->addReplyTo($emailAddress, $name);`

			`// Content`
			`$mail->isHTML(true);`
			`$mail->Subject = $emailSubject;`
			`$mail->Body = $emailBodyHTML;`
			`$mail->AltBody = $emailBody;`

			`$mail->send();`

			`// if subscribe add to mailing list`
			`if(!empty($subscribe)) {`
			`// process`
			`// enovoi mail add to mailing list`
			`}`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00
Send contact form via an ajax call instead of directly redirecting to the php script 2025-04-01 10:32:54 +02:00			`http_response_code(200);`
			`echo json_encode([`
			`'success' => true,`
			`'message' => 'Message envoyé avec succès'`
			`]);`

			`} catch (Exception $e) {`
			`http_response_code(500);`
			`echo json_encode([`
			`'success' => false,`
			`'errors' => ["Erreur lors de l'envoi du message : " . $mail->ErrorInfo]`
			`]);`
			`}`
			`} else {`
			`http_response_code(400);`
			`echo json_encode([`
			`'success' => false,`
			`'errors' => $errors`
			`]);`
refactor(contact-handler.php): PSR2 autoformat 2024-03-18 10:34:55 +01:00			`}`