Created
May 29, 2023 17:56
-
-
Save emyabdel/2f8d87e6950f147e2ce63499e53891cc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(isset($_POST['submit']) && isset($_POST['secret_key']) && $_POST['secret_key'] === 'xx1485DD') { | |
| // Block URLs in message field https http www and domains | |
| $messageText = $_POST['message']; | |
| if (preg_match('/\b(?!https?:\/\/|www\.)\w+\.\w+/i', $messageText)) { | |
| die('Sorry, we do not allow URLS in the form.'); | |
| } | |
| $to = 'contact@mail.com'; // Replace with your email | |
| $subject = $_POST['subject']; | |
| $message = "Name: " . $_POST['name'] . "<br><br>"; | |
| $message .= "Email: " . $_POST['email'] . "<br><br>"; | |
| $message .= "Message: " . $_POST['message'] . "<br><br>"; | |
| $headers = array('Content-Type: text/html; charset=UTF-8', 'Reply-To: ' . $_POST['email']); // with Reply to the sender | |
| // Allow just png and jpg maximum file size 2mb (adjust this depending your needs) | |
| if ($_FILES['image']['error'] == UPLOAD_ERR_OK) { | |
| $maxFileSize = 2000000; | |
| $fileSize = $_FILES['image']['size']; | |
| if ($fileSize > $maxFileSize) { | |
| die('File too large! Maximum file size is 2mb.'); | |
| } | |
| $allowedExtensions = array('png', 'jpg'); | |
| $fileExtension = pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); | |
| if (!in_array($fileExtension, $allowedExtensions)) { | |
| die('Invalid file extension. Just png and jpg extensions are allowed! '); | |
| } | |
| } | |
| $attachments = array(); | |
| // Handle the uploaded file | |
| if ($_FILES['image']['error'] == UPLOAD_ERR_OK) { | |
| $tmp_name = $_FILES['image']['tmp_name']; | |
| $filename = basename($_FILES['image']['name']); | |
| $destination = sys_get_temp_dir() . '/' . $filename; // Use system temp directory | |
| // Move the file to the temporary directory | |
| if (move_uploaded_file($tmp_name, $destination)) { | |
| $attachments = array($destination); | |
| } | |
| } | |
| // Send email with attachments, Reply to the sender and redirect to thank you page | |
| if (wp_mail($to, $subject, $message, $headers, $attachments)) { | |
| foreach($attachments as $file) { | |
| unlink($file); // Remove file from temp directory after sending | |
| } | |
| // Redirect thank you page | |
| wp_redirect('/thank-you-contact-form-sent'); // Replace with the slug of your thank-you page | |
| exit(); | |
| } else { | |
| foreach($attachments as $file) { | |
| unlink($file); // Remove file from temp directoryI | |
| } | |
| wp_redirect('/sorry-contact-form-not-sent'); // Replace with the slug of your sorry page | |
| exit(); | |
| } | |
| } | |
| // Send reply email outside the conditional statement for message email | |
| $replyTo = $_POST['email']; | |
| $replySubject = $_POST['subject']; | |
| $replyMessage = $_POST['message']; | |
| $replyHeaders = array('Content-Type: text/html; charset=UTF-8', 'From: your site <contact@mail.com>'); // Replace with your email | |
| // Send reply email | |
| wp_mail($replyTo, $replySubject, $replyMessage, $replyHeaders); | |
| // Spam securities: | |
| // Check for honeypot value hidden filled in by bots | |
| if (!empty($_POST['honeypot'])) { | |
| die('Sorry, your submission was rejected due to suspected spam.'); | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment