0.9

public/api/contact.php

@@ -1,68 +1,52 @@
 <?php
-require_once __DIR__ . '/vendor/autoload.php';
-
-use Dotenv\Dotenv;
-use PHPMailer\PHPMailer\PHPMailer;
-use PHPMailer\PHPMailer\Exception;
-
-// Load environment variables
-$dotenv = Dotenv::createImmutable(__DIR__);
-$dotenv->load();
-
 header('Content-Type: application/json');
 header('Access-Control-Allow-Origin: *');
 header('Access-Control-Allow-Methods: POST');
 header('Access-Control-Allow-Headers: Content-Type');
 
-if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $data = json_decode(file_get_contents('php://input'), true);
-    
-    // Check honeypot
-    if (!empty($data['website']) || !empty($data['phone_check'])) {
-        http_response_code(200);
-        echo json_encode(['success' => true]);
-        exit;
-    }
-    
-    // Validate and sanitize
-    $name = htmlspecialchars($data['name']);
-    $email = filter_var($data['email'], FILTER_SANITIZE_EMAIL);
-    $company = htmlspecialchars($data['company']);
-    $type = htmlspecialchars($data['type']);
-    $message = htmlspecialchars($data['message']);
-    
-    try {
-        $mail = new PHPMailer(true);
-        
-        // SMTP Configuration
-        $mail->isSMTP();
-        $mail->Host = $_ENV['SMTP_HOST'];
-        $mail->SMTPAuth = true;
-        $mail->Username = $_ENV['SMTP_USERNAME'];
-        $mail->Password = $_ENV['SMTP_PASSWORD'];
-        $mail->SMTPSecure = $_ENV['SMTP_ENCRYPTION'];
-        $mail->Port = $_ENV['SMTP_PORT'];
-        
-        // Recipients
-        $mail->setFrom($_ENV['SMTP_FROM_EMAIL'], $_ENV['SMTP_FROM_NAME']);
-        $mail->addAddress($_ENV['CONTACT_EMAIL']);
-        $mail->addReplyTo($email, $name);
-        
-        // Content
-        $mail->isHTML(false);
-        $mail->Subject = 'New Contact Form: ' . $type;
-        $mail->Body = "Name: $name\nEmail: $email\nCompany: $company\nType: $type\n\nMessage:\n$message";
-        
-        $mail->send();
-        
-        http_response_code(200);
-        echo json_encode(['success' => true]);
-    } catch (Exception $e) {
-        http_response_code(500);
-        echo json_encode(['success' => false, 'error' => $mail->ErrorInfo]);
-    }
-} else {
+if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
     http_response_code(405);
     echo json_encode(['error' => 'Method not allowed']);
+    exit;
 }
-?>
+
+$data = json_decode(file_get_contents('php://input'), true);
+
+// Check honeypot
+if (!empty($data['website']) || !empty($data['phone_check'])) {
+    http_response_code(200);
+    echo json_encode(['success' => true]);
+    exit;
+}
+
+// Validate and sanitize
+$name    = htmlspecialchars($data['name'] ?? '');
+$email   = filter_var($data['email'] ?? '', FILTER_SANITIZE_EMAIL);
+$company = htmlspecialchars($data['company'] ?? '');
+$type    = htmlspecialchars($data['type'] ?? '');
+$message = htmlspecialchars($data['message'] ?? '');
+
+if (!$name || !$email || !$message || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
+    http_response_code(422);
+    echo json_encode(['success' => false, 'error' => 'Invalid input']);
+    exit;
+}
+
+$to      = 'contact@ahojsvet.eu'; // TODO: replace with your actual address
+$subject = 'New Contact Form: ' . $type;
+$body    = "Name: $name\nEmail: $email\nCompany: $company\nType: $type\n\nMessage:\n$message";
+$headers = implode("\r\n", [
+    'From: noreply@ahojsvet.eu',
+    'Reply-To: ' . $name . ' <' . $email . '>',
+    'X-Mailer: PHP/' . phpversion(),
+    'Content-Type: text/plain; charset=UTF-8',
+]);
+
+if (mail($to, $subject, $body, $headers)) {
+    http_response_code(200);
+    echo json_encode(['success' => true]);
+} else {
+    http_response_code(500);
+    echo json_encode(['success' => false, 'error' => 'mail() failed']);
+}
+?>