-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcrowdsource_feedback_submit.php
70 lines (57 loc) · 2.62 KB
/
crowdsource_feedback_submit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
# @name: crowdsource_feedback_submit.php
# @version: 0.1
# @creation_date: 2019-08-13
# @license: The MIT License <https://opensource.org/licenses/MIT>
# @author: Simon Bowie <[email protected]>
# @purpose: A prototype of a web application to crowdsource cataloguing for SOAS' bibliographic records
# @description: Submit data to an email address from crowdsource_feedback.php
?>
<?php
require __DIR__ . '/vendor/autoload.php';
// Retrieve configuration variables from the config.env file
$dotenv = Dotenv\Dotenv::create(__DIR__, 'config.env');
$dotenv->load();
// This function 'cleans up' inputted data by removing extraneous whitespaces or special characters
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
// Verify the reCAPTCHA response
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['recaptcha_response'])){
// Build POST request to verify reCAPTCHA response via Google's API
$recaptcha_url = 'https://www.google.com/recaptcha/api/siteverify';
$recaptcha_secret = $_ENV['recaptcha_secret'];
$recaptcha_response = $_POST['recaptcha_response'];
// Send and decode POST request
$recaptcha = file_get_contents($recaptcha_url . '?secret=' . $recaptcha_secret . '&response=' . $recaptcha_response);
$recaptcha = json_decode($recaptcha);
// Take action based on the score returned
if ($recaptcha->score >= 0.5) {
// Verified
// Define variables and set to empty values
$name = $from_email = $comment = "";
// Set variables to values from form POST
$name = test_input($_POST["name"]);
$from_email = test_input($_POST["email"]);
$comment = test_input($_POST["comment"]);
// Send an email to the email address
$to = $_ENV['email']; // this is your email address
$from = $from_email; // this is the sender's email address
$subject = "Feedback from crowdsourced cataloguing application";
$message = "Feedback from " . $name . " follows:" . "<br /><br />" . $comment;
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= "From:" . $from;
mail($to,$subject,$message,$headers);
// Redirect user to crowdsource_thanks.php. This prevents them from refreshing the submit page to make multiple requests.
header('Location: crowdsource_thanks.php');
} else {
// Not verified
// Redirect user to crowdsource_error.php to display error message
header('Location: crowdsource_error.php');
}
}
?>