jukka/cuitunet.fi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2e58865f6663484d79d9e5acee3bc6fa1e9b85b7
cuitunet.fi/send.php

103 lines
3.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
header('Content-Type: application/json; charset=utf-8');
// Vain POST-pyynnöt
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Virheellinen pyyntö']);
exit;
}
// Rate limiting (yksinkertainen, IP-pohjainen)
$rateLimitDir = __DIR__ . '/data';
if (!is_dir($rateLimitDir)) {
mkdir($rateLimitDir, 0755, true);
}
$ip = $_SERVER['REMOTE_ADDR'] ?? 'unknown';
$rateLimitFile = $rateLimitDir . '/ratelimit_' . md5($ip) . '.txt';
$now = time();
if (file_exists($rateLimitFile)) {
$lastSent = (int) file_get_contents($rateLimitFile);
if ($now - $lastSent < 60) {
http_response_code(429);
echo json_encode(['success' => false, 'error' => 'Odota hetki ennen uutta lähetystä']);
exit;
}
}
// Honeypot-kenttä (botisuoja)
if (!empty($_POST['website'])) {
http_response_code(200);
echo json_encode(['success' => true]);
exit;
}
// Kentät
$company = trim($_POST['company'] ?? '');
$email = trim($_POST['email'] ?? '');
$address = trim($_POST['address'] ?? '');
$city = trim($_POST['city'] ?? '');
$message = trim($_POST['message'] ?? '');
// Validointi
if (empty($company) || empty($email) || empty($address) || empty($city)) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Täytä kaikki pakolliset kentät']);
exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Tarkista sähköpostiosoite']);
exit;
}
// Sanitointi
$company = htmlspecialchars($company, ENT_QUOTES, 'UTF-8');
$email = htmlspecialchars($email, ENT_QUOTES, 'UTF-8');
$address = htmlspecialchars($address, ENT_QUOTES, 'UTF-8');
$city = htmlspecialchars($city, ENT_QUOTES, 'UTF-8');
$message = htmlspecialchars($message, ENT_QUOTES, 'UTF-8');
// Sähköpostin sisältö
$to = 'asiakaspalvelu@cuitunet.fi';
$subject = "Saatavuuskysely: $company $address, $city";
$body = "Uusi saatavuuskysely cuitunet.fi-sivustolta\n";
$body .= "=========================================\n\n";
$body .= "Yritys: $company\n";
$body .= "Sähköposti: $email\n";
$body .= "Osoite: $address\n";
$body .= "Kaupunki: $city\n";
if (!empty($message)) {
$body .= "Lisätiedot: $message\n";
}
$body .= "\n-----------------------------------------\n";
$body .= "Lähetetty: " . date('d.m.Y H:i') . "\n";
$body .= "IP: $ip\n";
$headers = "From: sivusto@cuitunet.fi\r\n";
$headers .= "Reply-To: $email\r\n";
$headers .= "Content-Type: text/plain; charset=UTF-8\r\n";
$headers .= "X-Mailer: Cuitunet-Web\r\n";
// Lähetys
error_log("cuitunet.fi send.php: Lähetetään posti osoitteeseen $to, aihe: $subject");
$sent = @mail($to, $subject, $body, $headers);
error_log("cuitunet.fi send.php: mail() palautti: " . ($sent ? 'true' : 'false') . ", error: " . error_get_last()['message'] ?? 'none');
if ($sent) {
// Tallenna rate limit
file_put_contents($rateLimitFile, $now);
// Tallenna kopio kyselyistä
$logFile = $rateLimitDir . '/kyselyt.log';
$logEntry = date('Y-m-d H:i:s') . " | $company | $email | $address, $city | $message\n";
file_put_contents($logFile, $logEntry, FILE_APPEND | LOCK_EX);
echo json_encode(['success' => true]);
} else {
http_response_code(500);
echo json_encode(['success' => false, 'error' => 'Viestin lähetys epäonnistui. Yritä myöhemmin uudelleen.']);
}
Reference in New Issue View Git Blame Copy Permalink