kohjhjhصثقصثقصثقgdfgdg

<?php // Include database connection include("admin/config.php"); // Disable error display (but keep logging) error_reporting(0); ini_set('display_errors', 0); // Ensure the form was submitted via POST if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Sanitize and validate inputs $name = trim($_POST['name'] ?? ''); $email = trim($_POST['email'] ?? ''); $contact = trim($_POST['contact'] ?? ''); $msg = trim($_POST['msg'] ?? ''); // Validate required fields if (empty($name) || empty($email) || empty($contact) || empty($msg)) { echo "<p class='text-danger'>All required fields must be filled.</p>"; exit; } // Validate email if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo "<p class='text-danger'>Invalid email address.</p>"; exit; } // Use prepared statement to insert into the simplified `contact` table $stmt = $db->prepare("INSERT INTO `contact` (`name`, `email`, `contact`, `message`) VALUES (?, ?, ?, ?)"); $stmt->bind_param("ssss", $name, $email, $contact, $msg); if ($stmt->execute()) { // Email details $to = "inddigmedia615@gmail.com"; $subject = "New Inquiry from Shivyaa Superspeciality Hospital"; $email_body = " <h2>New Contact Form Submission</h2> <p><strong>Name:</strong> {$name}</p> <p><strong>Email:</strong> {$email}</p> <p><strong>Contact:</strong> {$contact}</p> <p><strong>Message:</strong><br>{$msg}</p>"; $headers = "From: {$email}\r\n"; $headers .= "Reply-To: {$email}\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=UTF-8\r\n"; // $mailSent = mail($to, $subject, $email_body, $headers); if (true) { echo ("<script LANGUAGE='JavaScript'>window.location.href='thank-you-page.php';</script>"); } else { echo "<p class='text-warning'>Message saved, but email could not be sent.</p>"; } } else { echo "<p class='text-danger'>Database error. Please try again later.</p>"; } $stmt->close(); } else { echo "<p class='text-danger'>Invalid request method.</p>"; } ?>