35032-vm/contact.php

<?php
header('Content-Type: application/json');

require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/mail/MailService.php';

// Basic validation
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['message'])) {
    echo json_encode(['success' => false, 'error' => 'Please fill out all fields.']);
    exit;
}

if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
    echo json_encode(['success' => false, 'error' => 'Invalid email format.']);
    exit;
}

$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];

try {
    // 1. Save to database
    $pdo = db();
    $stmt = $pdo->prepare("INSERT INTO contact_submissions (name, email, message) VALUES (?, ?, ?)");
    $stmt->execute([$name, $email, $message]);

    // 2. Send email notification
    // The recipient can be configured via the MAIL_TO environment variable.
    $mailResult = MailService::sendContactMessage($name, $email, $message, null, 'New Miralok Africa Inquiry');

    if ($mailResult['success']) {
        echo json_encode(['success' => true]);
    } else {
        // Log error, but don't expose it to the client for security.
        error_log('MailService Error: ' . ($mailResult['error'] ?? 'Unknown error'));
        // Still return success to the user as the main action (saving the submission) was successful.
        echo json_encode(['success' => true, 'warning' => 'Could not send email notification.']);
    }

} catch (PDOException $e) {
    error_log('Database Error: ' . $e->getMessage());
    echo json_encode(['success' => false, 'error' => 'A server error occurred. Please try again later.']);
} catch (Exception $e) {
    error_log('General Error: ' . $e->getMessage());
    echo json_encode(['success' => false, 'error' => 'A server error occurred. Please try again later.']);
}