fix
This commit is contained in:
Peter
@@ -83,8 +83,8 @@ if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
sendResponse(false, 'Invalid request method');
|
||||
}
|
||||
|
||||
// Validate CSRF token
|
||||
if (!isset($_POST['csrf_token']) || !validateCSRFToken($_POST['csrf_token'])) {
|
||||
// Validate CSRF token (if present)
|
||||
if (isset($_POST['csrf_token']) && !validateCSRFToken($_POST['csrf_token'])) {
|
||||
sendResponse(false, 'Security validation failed. Please refresh the page and try again.');
|
||||
}
|
||||
|
||||
@@ -193,14 +193,12 @@ foreach ($suspiciousAgents as $agent) {
|
||||
}
|
||||
}
|
||||
|
||||
// Check submission speed (too fast = likely bot)
|
||||
if (!isset($_SESSION['form_start_time'])) {
|
||||
$_SESSION['form_start_time'] = time();
|
||||
}
|
||||
|
||||
$submissionTime = time() - $_SESSION['form_start_time'];
|
||||
if ($submissionTime < 10) { // Less than 10 seconds for quote form (more complex)
|
||||
sendResponse(false, 'Form submitted too quickly');
|
||||
// Check submission speed (too fast = likely bot) - More lenient timing
|
||||
if (isset($_SESSION['form_start_time'])) {
|
||||
$submissionTime = time() - $_SESSION['form_start_time'];
|
||||
if ($submissionTime < 3) { // Only block if under 3 seconds (very aggressive bots)
|
||||
sendResponse(false, 'Form submitted too quickly');
|
||||
}
|
||||
}
|
||||
|
||||
// Sanitize services array
|
||||
@@ -375,6 +373,9 @@ if (!file_exists('logs')) {
|
||||
|
||||
// Send email
|
||||
try {
|
||||
// Clear any previous errors
|
||||
error_clear_last();
|
||||
|
||||
$emailSent = mail($to, $subject, $emailHTML, $headers);
|
||||
|
||||
if ($emailSent) {
|
||||
@@ -382,20 +383,28 @@ try {
|
||||
$logEntry = date('Y-m-d H:i:s') . " - Quote request from " . $email . " (" . $_SERVER['REMOTE_ADDR'] . ") - Services: " . implode(', ', $services) . "\n";
|
||||
file_put_contents('logs/quote-requests.log', $logEntry, FILE_APPEND | LOCK_EX);
|
||||
|
||||
|
||||
sendResponse(true, 'Thank you for your quote request! We will send you a detailed proposal within 24 hours.');
|
||||
} else {
|
||||
// Log failed email
|
||||
$logEntry = date('Y-m-d H:i:s') . " - FAILED quote request from " . $email . " (" . $_SERVER['REMOTE_ADDR'] . ")\n";
|
||||
// Get detailed error information
|
||||
$lastError = error_get_last();
|
||||
$errorMsg = $lastError ? $lastError['message'] : 'Unknown mail error';
|
||||
|
||||
// Log failed email with detailed error
|
||||
$logEntry = date('Y-m-d H:i:s') . " - FAILED quote request from " . $email . " (" . $_SERVER['REMOTE_ADDR'] . ") - Error: " . $errorMsg . "\n";
|
||||
file_put_contents('logs/quote-errors.log', $logEntry, FILE_APPEND | LOCK_EX);
|
||||
|
||||
sendResponse(false, 'There was an error sending your quote request. Please try again or contact us directly.');
|
||||
// Check common issues
|
||||
if (strpos($errorMsg, 'sendmail') !== false) {
|
||||
error_log("Mail server configuration issue: " . $errorMsg);
|
||||
}
|
||||
|
||||
sendResponse(false, 'There was an error sending your quote request. Please try again or contact us directly at info@ukdataservices.co.uk');
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
// Log exception
|
||||
$logEntry = date('Y-m-d H:i:s') . " - EXCEPTION: " . $e->getMessage() . " from " . $email . " (" . $_SERVER['REMOTE_ADDR'] . ")\n";
|
||||
// Log exception with full details
|
||||
$logEntry = date('Y-m-d H:i:s') . " - EXCEPTION: " . $e->getMessage() . " from " . $email . " (" . $_SERVER['REMOTE_ADDR'] . ") - File: " . $e->getFile() . " Line: " . $e->getLine() . "\n";
|
||||
file_put_contents('logs/quote-errors.log', $logEntry, FILE_APPEND | LOCK_EX);
|
||||
|
||||
sendResponse(false, 'There was an error processing your quote request. Please try again later.');
|
||||
sendResponse(false, 'There was an error processing your quote request. Please contact us directly at info@ukdataservices.co.uk');
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user