Contact Form

<?php
// contact-send.php
header('Content-Type: application/json');

// Basic hardening
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  http_response_code(405);
  echo json_encode(['error' => 'Method not allowed']);
  exit;
}

$raw = file_get_contents('php://input');
$data = json_decode($raw, true);

// CSRF check (replace with your framework/session token)
if (!isset($data['csrf_token']) || $data['csrf_token'] !== 'REPLACE_WITH_CSRF_TOKEN') {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid CSRF token']);
  exit;
}

// Honeypot
if (!empty($data['company'])) {
  http_response_code(400);
  echo json_encode(['error' => 'Spam detected']);
  exit;
}

// Validate
$name = trim($data['name'] ?? '');
$email = trim($data['email'] ?? '');
$subject = trim($data['subject'] ?? '');
$message = trim($data['message'] ?? '');

if ($name === '' || $email === '' || $subject === '' || strlen($message) < 10) {
  http_response_code(400);
  echo json_encode(['error' => 'Please complete all required fields.']);
  exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid email address.']);
  exit;
}

// Build email
$to = 'admin@duchesswood.org.uk';
$cleanSubject = 'Contact Form: ' . preg_replace('/[\r\n]+/', ' ', $subject);
$body = "Name: {$name}\nEmail: {$email}\nIP: " . $_SERVER['REMOTE_ADDR'] . "\n\nMessage:\n{$message}\n";
$headers = [];
$headers[] = 'From: no-reply@duchesswood.org.uk'; // use a domain you control
$headers[] = 'Reply-To: ' . $email;
$headers[] = 'Content-Type: text/plain; charset=UTF-8';

$ok = @mail($to, $cleanSubject, $body, implode("\r\n", $headers));

if ($ok) {
  echo json_encode(['ok' => true]);
} else {
  http_response_code(500);
  echo json_encode(['error' => 'Failed to send email.']);
}
<?php
// contact-send.php
header('Content-Type: application/json');

// Basic hardening
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  http_response_code(405);
  echo json_encode(['error' => 'Method not allowed']);
  exit;
}

$raw = file_get_contents('php://input');
$data = json_decode($raw, true);

// CSRF check (replace with your framework/session token)
if (!isset($data['csrf_token']) || $data['csrf_token'] !== 'REPLACE_WITH_CSRF_TOKEN') {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid CSRF token']);
  exit;
}

// Honeypot
if (!empty($data['company'])) {
  http_response_code(400);
  echo json_encode(['error' => 'Spam detected']);
  exit;
}

// Validate
$name = trim($data['name'] ?? '');
$email = trim($data['email'] ?? '');
$subject = trim($data['subject'] ?? '');
$message = trim($data['message'] ?? '');

if ($name === '' || $email === '' || $subject === '' || strlen($message) < 10) {
  http_response_code(400);
  echo json_encode(['error' => 'Please complete all required fields.']);
  exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid email address.']);
  exit;
}

// Build email
$to = 'admin@duchesswood.org.uk';
$cleanSubject = 'Contact Form: ' . preg_replace('/[\r\n]+/', ' ', $subject);
$body = "Name: {$name}\nEmail: {$email}\nIP: " . $_SERVER['REMOTE_ADDR'] . "\n\nMessage:\n{$message}\n";
$headers = [];
$headers[] = 'From: no-reply@duchesswood.org.uk'; // use a domain you control
$headers[] = 'Reply-To: ' . $email;
$headers[] = 'Content-Type: text/plain; charset=UTF-8';

$ok = @mail($to, $cleanSubject, $body, implode("\r\n", $headers));

if ($ok) {
  echo json_encode(['ok' => true]);
} else {
  http_response_code(500);
  echo json_encode(['error' => 'Failed to send email.']);
}
<?php
// contact-send.php
header('Content-Type: application/json');

// Basic hardening
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  http_response_code(405);
  echo json_encode(['error' => 'Method not allowed']);
  exit;
}

$raw = file_get_contents('php://input');
$data = json_decode($raw, true);

// CSRF check (replace with your framework/session token)
if (!isset($data['csrf_token']) || $data['csrf_token'] !== 'REPLACE_WITH_CSRF_TOKEN') {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid CSRF token']);
  exit;
}

// Honeypot
if (!empty($data['company'])) {
  http_response_code(400);
  echo json_encode(['error' => 'Spam detected']);
  exit;
}

// Validate
$name = trim($data['name'] ?? '');
$email = trim($data['email'] ?? '');
$subject = trim($data['subject'] ?? '');
$message = trim($data['message'] ?? '');

if ($name === '' || $email === '' || $subject === '' || strlen($message) < 10) {
  http_response_code(400);
  echo json_encode(['error' => 'Please complete all required fields.']);
  exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid email address.']);
  exit;
}

// Build email
$to = 'admin@duchesswood.org.uk';
$cleanSubject = 'Contact Form: ' . preg_replace('/[\r\n]+/', ' ', $subject);
$body = "Name: {$name}\nEmail: {$email}\nIP: " . $_SERVER['REMOTE_ADDR'] . "\n\nMessage:\n{$message}\n";
$headers = [];
$headers[] = 'From: no-reply@duchesswood.org.uk'; // use a domain you control
$headers[] = 'Reply-To: ' . $email;
$headers[] = 'Content-Type: text/plain; charset=UTF-8';

$ok = @mail($to, $cleanSubject, $body, implode("\r\n", $headers));

if ($ok) {
  echo json_encode(['ok' => true]);
} else {
  http_response_code(500);
  echo json_encode(['error' => 'Failed to send email.']);
}
<?php
// contact-send.php
header('Content-Type: application/json');

// Basic hardening
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
  http_response_code(405);
  echo json_encode(['error' => 'Method not allowed']);
  exit;
}

$raw = file_get_contents('php://input');
$data = json_decode($raw, true);

// CSRF check (replace with your framework/session token)
if (!isset($data['csrf_token']) || $data['csrf_token'] !== 'REPLACE_WITH_CSRF_TOKEN') {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid CSRF token']);
  exit;
}

// Honeypot
if (!empty($data['company'])) {
  http_response_code(400);
  echo json_encode(['error' => 'Spam detected']);
  exit;
}

// Validate
$name = trim($data['name'] ?? '');
$email = trim($data['email'] ?? '');
$subject = trim($data['subject'] ?? '');
$message = trim($data['message'] ?? '');

if ($name === '' || $email === '' || $subject === '' || strlen($message) < 10) {
  http_response_code(400);
  echo json_encode(['error' => 'Please complete all required fields.']);
  exit;
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  http_response_code(400);
  echo json_encode(['error' => 'Invalid email address.']);
  exit;
}

// Build email
$to = 'admin@duchesswood.org.uk';
$cleanSubject = 'Contact Form: ' . preg_replace('/[\r\n]+/', ' ', $subject);
$body = "Name: {$name}\nEmail: {$email}\nIP: " . $_SERVER['REMOTE_ADDR'] . "\n\nMessage:\n{$message}\n";
$headers = [];
$headers[] = 'From: no-reply@duchesswood.org.uk'; // use a domain you control
$headers[] = 'Reply-To: ' . $email;
$headers[] = 'Content-Type: text/plain; charset=UTF-8';

$ok = @mail($to, $cleanSubject, $body, implode("\r\n", $headers));

if ($ok) {
  echo json_encode(['ok' => true]);
} else {
  http_response_code(500);
  echo json_encode(['error' => 'Failed to send email.']);
}
v
Please enter your full name.
This field is required.
Provide your phone number if you prefer a call.
This field is required.
What is the subject of your message?
This field is required.
Please write your message here.
This field is required.
Preferred Contact Method
How would you like us to contact you?
I agree to the processing of my personal data in accordance with the privacy policy.
This field is required.
How did you hear about us?
Select how you found out about us.



Twitter
https://www.https://www.facebook.com/search/top?q=friendsofduchesswood