From 30a3a504d9cfbb5d9159749608bdcdbac5243bbf Mon Sep 17 00:00:00 2001 From: Natasha Moongrave Date: Wed, 1 Apr 2026 13:05:33 +0200 Subject: Modified the submission system for commissions to save to a json isntead of sending emaik --- src/Pages/commissions/commissions.php | 41 ++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 18 deletions(-) (limited to 'src/Pages') diff --git a/src/Pages/commissions/commissions.php b/src/Pages/commissions/commissions.php index 77e1d4c..bb607e0 100644 --- a/src/Pages/commissions/commissions.php +++ b/src/Pages/commissions/commissions.php @@ -353,10 +353,10 @@ // Bot detected, silently ignore $success = true; } else { - $name = htmlspecialchars(trim($_POST['name'] ?? ''), ENT_QUOTES, 'UTF-8'); + $name = trim($_POST['name'] ?? ''); $email = filter_var(trim($_POST['email'] ?? ''), FILTER_SANITIZE_EMAIL); - $description = htmlspecialchars(trim($_POST['description'] ?? ''), ENT_QUOTES, 'UTF-8'); - $budget = htmlspecialchars(trim($_POST['budget'] ?? ''), ENT_QUOTES, 'UTF-8'); + $description = trim($_POST['description'] ?? ''); + $budget = trim($_POST['budget'] ?? ''); // Validation if (empty($name) || empty($email) || empty($description)) { @@ -366,23 +366,28 @@ } elseif (strlen($description) > 5000) { $error = 'Description is too long (max 5000 characters).'; } else { - // Compose email - $to = 'commission@256phi.eu'; - $subject = "Commission Request from $name"; - $body = "New commission request:\n\n"; - $body .= "Name: $name\n"; - $body .= "Email: $email\n"; - $body .= "Budget: $budget\n\n"; - $body .= "Description:\n$description\n"; - - $headers = "From: noreply@256phi.eu\r\n"; - $headers .= "Reply-To: $email\r\n"; - $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; - - if (mail($to, $subject, $body, $headers)) { + // Save to JSON file + $submissionsFile = __DIR__ . '/submissions.json'; + $submissions = []; + + if (file_exists($submissionsFile)) { + $submissions = json_decode(file_get_contents($submissionsFile), true) ?? []; + } + + $submissions[] = [ + 'id' => uniqid(), + 'date' => date('Y-m-d H:i:s'), + 'name' => $name, + 'email' => $email, + 'budget' => $budget, + 'description' => $description, + 'status' => 'new' + ]; + + if (file_put_contents($submissionsFile, json_encode($submissions, JSON_PRETTY_PRINT))) { $success = true; } else { - $error = 'Failed to send message. Please try emailing directly.'; + $error = 'Failed to save request. Please email me directly.'; } } } -- cgit v1.2.3 From 6caad3280121866fd2102798b53e0fd60068c66a Mon Sep 17 00:00:00 2001 From: Natasha Moongrave Date: Wed, 1 Apr 2026 13:27:57 +0200 Subject: Add debug to commission hoenypot --- src/Pages/commissions/commissions.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'src/Pages') diff --git a/src/Pages/commissions/commissions.php b/src/Pages/commissions/commissions.php index bb607e0..4884369 100644 --- a/src/Pages/commissions/commissions.php +++ b/src/Pages/commissions/commissions.php @@ -1,3 +1,8 @@ + @@ -347,10 +352,18 @@ $success = false; $error = ''; + // DEBUG - remove after testing + if ($_SERVER['REQUEST_METHOD'] === 'POST') { + echo "
DEBUG POST:\n";
+                print_r($_POST);
+                echo "
"; + } + if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Honeypot check if (!empty($_POST['website'])) { // Bot detected, silently ignore + echo "

DEBUG: Honeypot triggered!

"; $success = true; } else { $name = trim($_POST['name'] ?? ''); -- cgit v1.2.3