-
Notifications
You must be signed in to change notification settings - Fork 0
/
contact.php
253 lines (201 loc) · 7.03 KB
/
contact.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
<?php
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
require_once("helpers.php");
require_once("vendor/autoload.php");
// PHP Code for Contact Page
// Import PHP Mailer
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
// Define global contants
define("name_regex", "/^[A-Za-z\s]+$/");
define("email_regex", "/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/");
define("expected_json_params", ["name", "email", "subject", "message"]);
function main()
{
// Grab JSON from the user
$user_json = get_json_request();
// Validate and sanitize JSON data
$validated_and_sanitized_json_data = validate_and_sanitize_json_data($user_json);
// Check if an error happened
if (array_key_exists("error", $validated_and_sanitized_json_data))
{
// Return an erroneous JSON message with 400
send_json_error_response(json_encode($validated_and_sanitized_json_data), 400);
exit();
}
// Otherwise, build the email template
$json_response = build_email_templates($validated_and_sanitized_json_data);
// If an error happened, send a json_error_response
if (array_key_exists("error", $json_response))
{
send_json_error_response(json_encode($json_response), 400);
exit();
}
// Otherwise send successful json response
else
{
send_json_response(json_encode($json_response));
}
}
function build_email_templates($email_data)
{
/* Build two email templates: One for the website admin and the other for the user*/
// Grab content from Admin HTML template and User HTML Template
$admin_html_template = file_get_contents(EMAIL_ADMIN_TEMPLATE);
$user_html_template = file_get_contents(EMAIL_USER_TEMPLATE);
// Assoc that represents the JSON response to send to the front-end
$json_response = [];
// Grab name, email, and message to inject to admin template
$admin_html_template = str_replace("{{name}}", $email_data["name"], $admin_html_template);
$admin_html_template = str_replace("{{email}}", $email_data["email"], $admin_html_template);
$admin_html_template = str_replace("{{message}}", $email_data["message"], $admin_html_template);
// Grab name to inject in user template
$user_html_template = str_replace("{{name}}", $email_data["name"], $user_html_template);
// Send HTML email to admin
$was_admin_email_successful = send_html_email($admin_html_template, $email_data, true);
// Send HTML email to user
$was_user_email_successful = send_html_email($user_html_template, $email_data);
// Only send error message when email could not be sent to the admin
if (!$was_user_email_successful)
{
$json_response["error"] = "Email could not be sent";
}
else
{
$json_response["success"] = "Email could be sent";
}
return $json_response;
}
function send_html_email($html_template, $email_data, $is_admin = false)
{
/* Send an html email */
// Generate a new PHP Mailer instance
$mailer = new PHPMailer(true);
try
{
$mailer->SMTPDebug = 0;
$mailer-> isSMTP();
$mailer->Host = SMTP_EMAIL_SERVER;
$mailer->SMTPAuth = true;
$mailer->Username = SMTP_EMAIL;
$mailer->Password = SMTP_PASS;
$mailer->Port = 587;
// Set the email of the sender as the SMTP email
$mailer->setFrom(SMTP_EMAIL, "No Reply Adriana Morales Email Automatic Sender");
$recipient = "";
$subject = "";
// Set the address of the recipient depending on who will receive this email
if ($is_admin)
{
$recipient = EMAIL_ADMIN;
$subject = $email_data["name"] . " sent a message - " . $email_data["subject"];
}
else
{
$recipient = $email_data["email"];
$subject = "Thank you, " . $email_data["name"] . " for contacting me";
}
$mailer->addAddress($recipient);
// Add email content
$mailer->isHTML(true);
$mailer->Subject = $subject;
$mailer->Body = $html_template;
// Send the email
$mailer->send();
}
catch (Exception $e)
{
return false;
}
return true;
}
function has_exact_keys($assoc_arr, $expected_keys)
{
// Return true if the assoc array has the expected arrays
// Get the keys of the array
$array_keys = array_keys($assoc_arr);
// Sort both arrays to ensure order doesn't matter
sort($array_keys);
sort($expected_keys);
// Compare the sorted arrays
return $array_keys === $expected_keys;
}
function check_valid_json_param($json_param_type, $json_param)
{
$assoc_to_return = [
"json_param" => ""
];
if ($json_param_type == "email")
{
if (isset($json_param) && preg_match(email_regex, $json_param))
{
$json_param = filter_var($json_param, FILTER_SANITIZE_EMAIL);
$assoc_to_return["json_param"] = $json_param;
}
}
else if ($json_param_type == "name")
{
if (isset($json_param) && preg_match(name_regex, $json_param))
{
$json_param = filter_var($json_param, FILTER_SANITIZE_STRING);
$assoc_to_return["json_param"] = $json_param;
}
}
else
{
if (isset($json_param) && !empty($json_param))
{
$json_param = filter_var($json_param, FILTER_SANITIZE_STRING);
$assoc_to_return["json_param"] = $json_param;
}
}
return $assoc_to_return;
}
function validate_and_sanitize_json_data($json_data_as_assoc_arr)
{
/* Validate and sanitize JSON data */
$error_free = true;
$final_data = null;
// Make sure JSON has exactly the same keys
if (!has_exact_keys($json_data_as_assoc_arr, expected_json_params))
{
$error_free = false;
}
// Grab values for each field
$name = $json_data_as_assoc_arr["name"];
$email = $json_data_as_assoc_arr["email"];
$subject = $json_data_as_assoc_arr["subject"];
$message = $json_data_as_assoc_arr["message"];
// Grab validateed and sanitized values for each field
$name = check_valid_json_param("name", $name)["json_param"];
$email = check_valid_json_param("email", $email)["json_param"];
$subject = check_valid_json_param("subject", $subject)["json_param"];
$message = check_valid_json_param("message", $message)["json_param"];
// If any of the sanitized parameters is empty, then return false for error free
if (empty($name) || empty($email) || empty($subject) || empty($message))
{
$error_free = false;
}
// Return final data depending if we're error free or not
if ($error_free)
{
$final_data = [
"name" => $name,
"email" => $email,
"subject" => $subject,
"message" => $message
];
}
else
{
$final_data = [
"error" => "The JSON data the client sent is malformed"
];
}
// Return data required to build the email
return $final_data;
}
main();
?>