#122_umlaute_kontaktformular #123
@ -1,11 +1,14 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
function sanitize_text(string $name) {
|
||||
$text = filter_var($_POST[$name], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
|
||||
function sanitize_text(string $name, string $type) {
|
||||
$filters = array(
|
||||
'text' => FILTER_SANITIZE_SPECIAL_CHARS,
|
||||
'email' => FILTER_SANITIZE_EMAIL,
|
||||
);
|
||||
$text = trim($text);
|
||||
$text = filter_var($_POST[$name], $filters[$type]);
|
||||
$text = stripslashes($text);
|
||||
$text = htmlspecialchars($text);
|
||||
|
||||
return $text;
|
||||
}
|
||||
@ -75,10 +78,10 @@ function prepare_response() {
|
||||
$response['errors'][] = 'Wir glauben Sie sind ein Bot.';
|
||||
}
|
||||
if (!array_key_exists('errors', $response)) {
|
||||
$subject = sanitize_text('subject');
|
||||
$message = sanitize_text('message');
|
||||
$name = sanitize_text('name');
|
||||
$email = sanitize_text('email');
|
||||
$subject = sanitize_text('subject', 'text');
|
||||
$message = sanitize_text('message', 'text');
|
||||
$name = sanitize_text('name', 'text');
|
||||
$email = sanitize_text('email', 'email');
|
||||
|
||||
if (!send_message_to_office($subject, $message, $name, $email)) {
|
||||
$response['errors'][] = 'Ihre Nachricht konnte nicht übermittelt werden.';
|
||||
|
Loading…
Reference in New Issue
Block a user