window.axvartContactForm = %s;' . "\n",
esc_attr($handle),
wp_json_encode(array(
'ajaxUrl' => admin_url('admin-ajax.php'),
'nonce' => wp_create_nonce('axvart_contact_form_nonce')
))
);
// Add the inline script before the main script tag
$tag = $inline_script . $tag;
}
return $tag;
}
/**
* Create database table for storing contact form submissions
*/
public function create_database_table() {
global $wpdb;
$table_name = $wpdb->prefix . 'axvart_contact_submissions';
$charset_collate = $wpdb->get_charset_collate();
// Check if table exists
if ($wpdb->get_var("SHOW TABLES LIKE '$table_name'") != $table_name) {
$sql = "CREATE TABLE $table_name (
id bigint(20) UNSIGNED NOT NULL AUTO_INCREMENT,
name varchar(255) NOT NULL,
email varchar(255) NOT NULL,
phone varchar(50) DEFAULT NULL,
subject varchar(500) DEFAULT NULL,
message text NOT NULL,
recipient_email varchar(255) DEFAULT NULL,
ip_address varchar(45) DEFAULT NULL,
user_agent text DEFAULT NULL,
submitted_at datetime DEFAULT CURRENT_TIMESTAMP,
status varchar(20) DEFAULT 'unread',
PRIMARY KEY (id),
KEY status (status),
KEY submitted_at (submitted_at)
) $charset_collate;";
require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
dbDelta($sql);
}
}
/**
* Handle form submission via AJAX
*/
public function handle_form_submission() {
// Verify nonce
if (!isset($_POST['nonce']) || !wp_verify_nonce($_POST['nonce'], 'axvart_contact_form_nonce')) {
wp_send_json_error(array(
'message' => __('Security check failed. Please refresh the page and try again.', 'axvart')
));
}
// Honeypot check (spam protection)
if (!empty($_POST['contact_website'])) {
// This is likely spam, silently reject
wp_send_json_success(array(
'message' => __('Thank you! Your message has been sent successfully.', 'axvart')
));
}
// Sanitize and validate input
$name = isset($_POST['contact_name']) ? sanitize_text_field($_POST['contact_name']) : '';
$email = isset($_POST['contact_email']) ? sanitize_email($_POST['contact_email']) : '';
$phone = isset($_POST['contact_phone']) ? sanitize_text_field($_POST['contact_phone']) : '';
$subject = isset($_POST['contact_subject']) ? sanitize_text_field($_POST['contact_subject']) : '';
$message = isset($_POST['contact_message']) ? sanitize_textarea_field($_POST['contact_message']) : '';
$recipient_email = isset($_POST['recipient_email']) ? sanitize_email($_POST['recipient_email']) : get_option('admin_email');
// Validation
$errors = array();
if (empty($name)) {
$errors[] = __('Name is required.', 'axvart');
}
if (empty($email) || !is_email($email)) {
$errors[] = __('Valid email is required.', 'axvart');
}
if (empty($message)) {
$errors[] = __('Message is required.', 'axvart');
}
if (!empty($errors)) {
wp_send_json_error(array(
'message' => implode(' ', $errors)
));
}
// Save to database
global $wpdb;
$table_name = $wpdb->prefix . 'axvart_contact_submissions';
$inserted = $wpdb->insert(
$table_name,
array(
'name' => $name,
'email' => $email,
'phone' => $phone,
'subject' => $subject,
'message' => $message,
'recipient_email' => $recipient_email,
'ip_address' => $this->get_client_ip(),
'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? sanitize_text_field($_SERVER['HTTP_USER_AGENT']) : '',
'submitted_at' => current_time('mysql'),
'status' => 'unread'
),
array('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')
);
if ($inserted === false) {
wp_send_json_error(array(
'message' => __('Failed to save your message. Please try again.', 'axvart')
));
}
// Send email notification
$this->send_email_notification($name, $email, $phone, $subject, $message, $recipient_email);
// Return success response
wp_send_json_success(array(
'message' => __('Thank you! Your message has been sent successfully.', 'axvart')
));
}
/**
* Send email notification
*/
private function send_email_notification($name, $email, $phone, $subject, $message, $recipient_email) {
$email_subject = sprintf(__('[%s] New Contact Form Submission', 'axvart'), get_bloginfo('name'));
if (!empty($subject)) {
$email_subject .= ' - ' . $subject;
}
$email_body = sprintf(
__("You have received a new message from your website contact form.\n\n", 'axvart') .
__("Name: %s\n", 'axvart') .
__("Email: %s\n", 'axvart') .
($phone ? __("Phone: %s\n", 'axvart') : '') .
($subject ? __("Subject: %s\n", 'axvart') : '') .
__("\nMessage:\n%s\n\n", 'axvart') .
__("---\n", 'axvart') .
__("This message was sent from: %s", 'axvart'),
$name,
$email,
$phone,
$subject,
$message,
home_url()
);
$headers = array(
'Content-Type: text/plain; charset=UTF-8',
'Reply-To: ' . $name . ' <' . $email . '>'
);
wp_mail($recipient_email, $email_subject, $email_body, $headers);
}
/**
* Get client IP address
*/
private function get_client_ip() {
$ip_keys = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR');
foreach ($ip_keys as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP) !== false) {
return $ip;
}
}
}
}
return '';
}
/**
* Add admin menu
*/
public function add_admin_menu() {
add_theme_page(
__('Contact Submissions', 'axvart'),
__('Contact Forms', 'axvart'),
'manage_options',
'axvart-contact-submissions',
array($this, 'render_admin_page')
);
}
/**
* Render admin page
*/
public function render_admin_page() {
global $wpdb;
$table_name = $wpdb->prefix . 'axvart_contact_submissions';
// Handle actions
if (isset($_GET['action']) && isset($_GET['id']) && check_admin_referer('axvart_contact_action')) {
$id = intval($_GET['id']);
if ($_GET['action'] === 'delete') {
$wpdb->delete($table_name, array('id' => $id), array('%d'));
echo '' . __('Submission deleted successfully.', 'axvart') . '
' . __('Marked as read.', 'axvart') . '
' . __('Marked as unread.', 'axvart') . '
|
|
|
|
|
|
|
|
| id); ?> |
name); ?> |
email); ?> |
subject ?: '—'); ?> |
message, 15)); ?> |
submitted_at))); ?> |
|
status === 'unread'): ?>
|
|
name); ?>
email); ?>
phone): ?>
phone); ?>
subject): ?>
subject); ?>
message)); ?>
submitted_at))); ?>
ip_address); ?>
user_agent); ?>
|