$name) { if ($_FILES['attachments']['error'][$key] == UPLOAD_ERR_OK) { $tmp_name = $_FILES['attachments']['tmp_name'][$key]; // Sanitize filename $safe_name = preg_replace('/[^A-Za-z0-9_\-\.]/', '_', basename($name)); $destination = $upload_dir . uniqid() . '-' . $safe_name; if (move_uploaded_file($tmp_name, $destination)) { $attachments_list[] = $destination; } } } } if ($from && $subject && $message) { try { $pdo = db(); $stmt = $pdo->prepare('INSERT INTO manual_emails (sender, subject, message, attachments) VALUES (?, ?, ?, ?)'); $stmt->execute([$from, $subject, $message, json_encode($attachments_list)]); $success_message = t('email_saved_successfully'); // Clear fields after successful save $from = ''; $subject = ''; $message = ''; } catch (PDOException $e) { $success_message = 'Error saving email: ' . $e->getMessage(); } } } // Fetch all saved emails $saved_emails = []; try { $pdo = db(); $stmt = $pdo->query('SELECT sender, subject, message, attachments, created_at FROM manual_emails ORDER BY created_at DESC'); $saved_emails = $stmt->fetchAll(); } catch (PDOException $e) { $db_error = 'Error fetching emails: ' . $e->getMessage(); } ?> <?php echo t('manual_entry'); ?>