Gents....GGGAAAAAHHHHRRRGHHHHHHHH 
Trying to get my php contact form set up using recaptcha. I feel I'm very close but for some reason, it's not submitting to the db or emailing (although it's emailed me once, but then I made a change).
Can anyone cast an eye to see if I'm doing anything super dumb?
Trying to get my php contact form set up using recaptcha. I feel I'm very close but for some reason, it's not submitting to the db or emailing (although it's emailed me once, but then I made a change).
Can anyone cast an eye to see if I'm doing anything super dumb?
PHP:
<?php
session_start();
require_once('includes/config.php');
$showform = true;
if (isset($_POST['ContactMessage'])){
if (!isset($_POST['submit']) || $_SERVER['REQUEST_METHOD'] != "POST") {
exit("<p>This page should not be accessed directly</p>");
} else {
require_once('includes/classes/autoload.php');
$recaptcha = new \ReCaptcha\ReCaptcha($recaptcha_secret);
$resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
if (!$resp->isSuccess()) {
$error = 'It appears you have failed the human test please try again';
} else {
$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
$profanity = "//i";
$spamwords = "//i";
$bots = "//i";
if (preg_match($bots, $_SERVER['HTTP_USER_AGENT'])) {
$error = "Known spam bots are not allowed.";
}
$error = false;
$required = array('email', 'name', 'enquiry');
foreach ($_POST as $key => $value) {
$value = trim($value);
if (in_array($key, $required) && empty($value)) {
$error = "Opps. The form cannot be blank. Please return and fill in the fields";
} elseif (preg_match($exploits, $value)) {
$error = "Exploits/malicious scripting attributes aren't allowed.";
} elseif (preg_match($profanity, $value) || preg_match($spamwords, $value)) {
$error = "That kind of language is not allowed through our form.";
}
$_POST[$key] = stripslashes(strip_tags($value));
}
//allow email validation to be handled by php itself
if (!filter_var($_POST['ContactEmail'], FILTER_VALIDATE_EMAIL)) {
$error = "This is not a valid email address. Please press back and amend the form.";
}
if (!ereg("^[_a-z0-9-]+(.[_a-z0-9-]+)*@[a-z0-9-]+(.[a-z0-9-]+)*(.[a-z]{2,6})$", strtolower($_POST['ContactEmail']))) {
$error = "This is not a valid email address. Please press back and amend the form.";
}
}
if (!$error){
$recipient = "[email protected]";
$subject = "Contact From UAV";
$message = "You've received an enquiry from: \n";
$message .= "Name: {$_POST['ContactName']} \n";
$message .= "E-mail: {$_POST['ContactEmail']} \n";
$message .= "Telephone: {$_POST['ContactPhone']} \n";
$message .= "Enquiry: {$_POST['ContactMessage']} \n";
$headers = "From: UAV <$recipient> \n";
$headers .= "Reply-To: <{$_POST['ContactEmail']}>";
if (mail($recipient, $subject, $message, $headers)) {
$showform = false;
} else {
$showform = true;
$error = "There was an error sending the contact form email";
}
$contactName = $_POST['ContactName'];
$contactEmail = $_POST['ContactEmail'];
$contactPhone = $_POST['ContactPhone'];
$contactMessage = $_POST['ContactMessage'];
//escaping the string for safety reasons.
$query = sprintf("INSERT INTO contacts VALUES ('%s', '%s', '%s', '%s', NOW())",
mysql_real_escape_string($contactName),
mysql_real_escape_string($contactEmail),
mysql_real_escape_string($contactPhone),
mysql_real_escape_string($contactMessage));
mysql_query($query);
mysql_close();
}
}
}?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Head -->
<!-- Stylesheets -->
<link rel="stylesheet" type="text/css" href="_assets/_css/style.css">
<!-- Title -->
<title>Contact | UAV</title>
</head>
<body>
<p style="margin-bottom:30px;">
We aim to respond to enquires as quickly as possible, so please bear with us if we do
not get back to you straight away. In all cases, you can always <script type="text/javascript">
//<![CDATA[
<!--
var x="function f(x){var i,o=\"\",ol=x.length,l=ol;while(x.charCodeAt(l/13)!" +
"=116){try{x+=x;l+=l;}catch(e){}}for(i=l-1;i>=0;i--){o+=x.charAt(i);}return " +
"o.substr(0,ol);}f(\")501,\\\"V\\\\\\\\PCKV600\\\\IY720\\\\620\\\\Br\\\\t\\\\"+
">38by600\\\\wvyx'55r\\\"\\\\9':m)&%*h\\\"\\\\0b1,;alQQ530\\\\S}230\\\\jt\\\\"+
"W\\\\\\\\ZE^010\\\\400\\\\xIW771\\\\T:suu~R.aez`$vc430\\\\710\\\\720\\\\030" +
"\\\\6N500\\\\410\\\\010\\\\100\\\\310\\\\220\\\\620\\\\\\\\\\\\n\\\\*s4:y#2" +
"$$:*!,&\\\"\\\\-]}T^DAV]520\\\\B_ENDN300\\\\C }|e}3p3/#gk`wh410\\\\310\\\\T" +
"410\\\\030\\\\120\\\\730\\\\500\\\\r\\\\300\\\\610\\\\\\\"(f};o nruter};))+" +
"+y(^)i(tAedoCrahc.x(edoCrahCmorf.gnirtS=+o;721=%y;++y)501<i(fi{)++i;l<i;0=i" +
"(rof;htgnel.x=l,\\\"\\\"=o,i rav{)y,x(f noitcnuf\")" ;
while(x=eval(x));
//-->
//]]>
</script>
or complete the form below.</p>
<? if ($showform):?>
<form id="" class="" action="testform.php" method="post">
<? if ($error):?>
<div class="error">
<p><?=$error?></p>
</div>
<? endif;?>
<input type="text" id="Contactname" name="ContactName" required class="ignore" tabindex="1" placeholder="Name or Company" />
<br />
<input type="text" id="ContactEmail" name="ContactEmail" required tabindex="1" placeholder="Email" />
<br />
<input type="text" id="ContactPhone" name="ContactPhone" tabindex="1" placeholder="Phone" />
<br />
<textarea name="ContactMessage" class="ignore" style="min-height:120px;" required tabindex="1" placeholder="Your query in as much detail as possible…"></textarea>
<br />
<div class="g-recaptcha" data-sitekey="6LeggAsTAAAAACiPC5WDF248U1sFK6AkfvPRdchj"></div>
<input type="reset" class="left" id="reset" value="Start Again!" />
<input type="submit" class="right dark" name="submit" id="submit_ticket" value="Submit Enquiry" tabindex="1" />
</form>
<? else: ?>
<p><h4>Thank you for your submission, we will be in touch shortly</h4></p>
<?endif;?>
<script type="text/javascript">
$(document).ready(function(){
$('#enquiryform').submit(function(e){
valid = true;
valid = $('#email').validateEmail();
valid = $('#name').validateNotBlank();
valid = $('#enquiry').validateNotBlank();
if (valid){
$(this).submit();
} else {
e.preventDefault();
}
});
});
</script>
</body>
<script src='https://www.google.com/recaptcha/api.js'></script>
</html>