MOON
Server: Apache
System: Linux server1.primemusicproductions.com 4.18.0-477.27.2.el8_8.x86_64 #1 SMP Fri Sep 29 08:21:01 EDT 2023 x86_64
User: primrwxj (1001)
PHP: 8.3.3
Disabled: NONE
$ pwd: /home/primrwxj/iomac.tv/
Upload Files
File: //home/primrwxj/iomac.tv/contact.php
<?php
$to = "OnaolapoAdeyemi@gmail.com";
$subject_prefix = "IOMAC.tv Inquiry: ";

function clean_input($data) {
    return trim(strip_tags($data));
}

function fail($message = "Your inquiry could not be submitted.") {
    header("Location: /?status=error&message=" . urlencode($message) . "#inquiry");
    exit;
}

if ($_SERVER["REQUEST_METHOD"] !== "POST") {
    fail("Invalid request.");
}

if (!empty($_POST["company_website"])) {
    fail("Submission blocked.");
}

$form_started_at = isset($_POST["form_started_at"]) ? (int)$_POST["form_started_at"] : 0;
if ($form_started_at < 1 || ((round(microtime(true) * 1000) - $form_started_at) < 5000)) {
    fail("Please take a few seconds before submitting.");
}

$name = clean_input($_POST["name"] ?? "");
$email = clean_input($_POST["email"] ?? "");
$company = clean_input($_POST["company"] ?? "");
$budget = clean_input($_POST["budget"] ?? "");
$message = trim($_POST["message"] ?? "");

if (strlen($name) < 3) fail("Please enter your full name.");
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) fail("Please enter a valid email.");
if (empty($budget)) fail("Please select your budget range.");
if (strlen($message) < 35) fail("Please provide more detail in your message.");

$blocked_domains = [
    "mailinator.com", "tempmail.com", "10minutemail.com", "guerrillamail.com",
    "yopmail.com", "sharklasers.com", "discard.email", "fakeinbox.com"
];

$email_domain = strtolower(substr(strrchr($email, "@"), 1));
if (in_array($email_domain, $blocked_domains, true)) {
    fail("Please use a business or primary email.");
}

$combined = strtolower($name . " " . $email . " " . $company . " " . $message);
$suspicious_terms = [
    "whatsapp", "telegram", "gift card", "western union", "moneygram",
    "paypal friends", "crypto", "dear friend", "urgent", "kindly"
];

foreach ($suspicious_terms as $term) {
    if (strpos($combined, $term) !== false) {
        fail("Your message was flagged. Please send a clear business inquiry.");
    }
}

$subject = $subject_prefix . ($company ? $company : $name);

$body = "New inquiry for iomac.tv\n\n";
$body .= "Full Name: " . $name . "\n";
$body .= "Business Email: " . $email . "\n";
$body .= "Company / Brand: " . ($company ?: "Not provided") . "\n";
$body .= "Budget Range: " . $budget . "\n\n";
$body .= "Message:\n" . $message . "\n\n";
$body .= "-------------------------\n";
$body .= "Submitted from: " . ($_SERVER["REMOTE_ADDR"] ?? "Unknown IP") . "\n";
$body .= "User Agent: " . ($_SERVER["HTTP_USER_AGENT"] ?? "Unknown Agent") . "\n";
$body .= "Referrer: " . ($_SERVER["HTTP_REFERER"] ?? "Direct") . "\n";

$headers = [];
$headers[] = "From: IOMAC.tv Website <no-reply@iomac.tv>";
$headers[] = "Reply-To: " . $email;
$headers[] = "X-Mailer: PHP/" . phpversion();

$success = mail($to, $subject, $body, implode("\r\n", $headers));

if ($success) {
    header("Location: /?status=success#inquiry");
    exit;
} else {
    fail("Mail delivery failed. Please try again later.");
}
?>
@ Telegram