load(); header('Content-Type: application/json'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST'); header('Access-Control-Allow-Headers: Content-Type'); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $data = json_decode(file_get_contents('php://input'), true); // Check honeypot if (!empty($data['website']) || !empty($data['phone_check'])) { http_response_code(200); echo json_encode(['success' => true]); exit; } // Validate and sanitize $name = htmlspecialchars($data['name']); $email = filter_var($data['email'], FILTER_SANITIZE_EMAIL); $company = htmlspecialchars($data['company']); $type = htmlspecialchars($data['type']); $message = htmlspecialchars($data['message']); try { $mail = new PHPMailer(true); // SMTP Configuration $mail->isSMTP(); $mail->Host = $_ENV['SMTP_HOST']; $mail->SMTPAuth = true; $mail->Username = $_ENV['SMTP_USERNAME']; $mail->Password = $_ENV['SMTP_PASSWORD']; $mail->SMTPSecure = $_ENV['SMTP_ENCRYPTION']; $mail->Port = $_ENV['SMTP_PORT']; // Recipients $mail->setFrom($_ENV['SMTP_FROM_EMAIL'], $_ENV['SMTP_FROM_NAME']); $mail->addAddress($_ENV['CONTACT_EMAIL']); $mail->addReplyTo($email, $name); // Content $mail->isHTML(false); $mail->Subject = 'New Contact Form: ' . $type; $mail->Body = "Name: $name\nEmail: $email\nCompany: $company\nType: $type\n\nMessage:\n$message"; $mail->send(); http_response_code(200); echo json_encode(['success' => true]); } catch (Exception $e) { http_response_code(500); echo json_encode(['success' => false, 'error' => $mail->ErrorInfo]); } } else { http_response_code(405); echo json_encode(['error' => 'Method not allowed']); } ?>