<?php
# This file is part of contact.php.

# contact.php is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.

# contact.php is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with contact.php.  If not, see <https://www.gnu.org/licenses/>.

# Copyright © 2020 Ludovic Pouzenc <ludovic@pouzenc.fr>

$config['from_email'] = 'www-data@intarnet.fr';
$config['from_user']  = 'No Reply';
$config['contact_to'] = 'intarnet@framalistes.org';
$config['subject_prefix'] = '[contact] ';


# Utility fonction to wrap PHP mail() function, with some UTF-8 considerations
function mail_utf8($to, $subject, $message, $from_email, $from_user, $original_email='', $original_user='')
{
    $from_user64     = (iconv('UTF-8', 'ASCII//IGNORE', $from_user    )===$from_user    )?$from_user    :"=?UTF-8?B?".base64_encode($from_user    )."?=";
    $original_user64 = (iconv('UTF-8', 'ASCII//IGNORE', $original_user)===$original_user)?$original_user:"=?UTF-8?B?".base64_encode($original_user)."?=";
    $subject64       = (iconv('UTF-8', 'ASCII//IGNORE', $subject      )===$subject      )?$subject      :"=?UTF-8?B?".base64_encode($subject      )."?=";
    $message70       = wordwrap($message, 70, "\n");
    $additional_headers =
        "From: $from_user64 <$from_email>\r\n".
        ((strlen($original_email)>0)?"Reply-To: $original_user64 <$original_email>\r\n":"").
        "MIME-Version: 1.0" . "\r\n" .
        "Content-type: text/plain; charset=UTF-8" . "\r\n";
    return mail($to, $subject64, $message70, $additional_headers);
}

# Query parameter checking (assuming form encoding is UTF-8)
$name = filter_var($_POST['name'], FILTER_SANITIZE_STRING);
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
$message = filter_var($_POST['message'], FILTER_SANITIZE_STRING);
$valid_parameters = (strlen($name)>0) && (strlen($email)>0) && (strlen($message)>0) && (strlen($name)<100) && (strlen($email)<100) && (strlen($message)<100000);
if ($valid_parameters !== TRUE) {
    echo "Invalid parameters\n";
    exit();
}

# Try to actually send an email
if ( !mail_utf8($config['contact_to'], $config['subject_prefix'] . $name, $message, $config['from_email'], $config['from_user'], $email, $name) ) {
    echo "Error sending mail\n";
    exit();
}

# If we are here, mail has been sent (or queued) successfully
header('Location: /');