getMessage()); } $response = ['success' => false, 'error' => 'Invalid request']; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = trim($_POST['name'] ?? ''); $email = trim($_POST['email'] ?? ''); $message = trim($_POST['message'] ?? ''); if (empty($name) || empty($email) || empty($message)) { $response['error'] = 'Please fill in all fields.'; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $response['error'] = 'Invalid email format.'; } else { try { // 1. Save to database $pdo = db(); $stmt = $pdo->prepare("INSERT INTO contact_submissions (name, email, message) VALUES (?, ?, ?)"); $stmt->execute([$name, $email, $message]); // 2. Send email notification $mail_to = getenv('MAIL_TO') ?: 'owner@example.com'; // Fallback email $subject = 'New Contact Form Submission from ' . $name; $email_body = "You have a new message from your website contact form.\n\n" . "Name: {$name}\n" . "Email: {$email}\n" . "Message:\n{$message}"; MailService::sendMail($mail_to, $subject, nl2br(htmlspecialchars($email_body)), $email_body, ['reply_to' => $email]); $response['success'] = true; unset($response['error']); } catch (PDOException $e) { error_log('Database Error: ' . $e->getMessage()); $response['error'] = 'Could not save your message. Please try again later.'; } catch (Exception $e) { error_log('Mail Error: ' . $e->getMessage()); // The message was saved to DB, so we can consider this a partial success. // For the user, it's a full success, but we log the mail error. $response['success'] = true; unset($response['error']); } } } echo json_encode($response);