WizdomWeb/app/Controllers/ContactController.php

<?php
/**
 * ============================================
 * File: ContactController.php
 * Path: /app/Controllers/ContactController.php
 * Purpose: Handles form submissions from the Arsha contact form
 * Version: 1.0
 * Author: Wizdom Networks
 * Usage: Routed via Router to handle POST /contact
 * ============================================
 */

namespace WizdomNetworks\WizeWeb\Controllers;

use WizdomNetworks\WizeWeb\Utils\Logger;
use WizdomNetworks\WizeWeb\Utils\ErrorHandler;
use WizdomNetworks\WizeWeb\Core\View;
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;

class ContactController
{
    public function submit(): void
    {
        try {
            // Sanitize and validate input
            $firstName = trim($_POST['first_name'] ?? '');
            $lastName  = trim($_POST['last_name'] ?? '');
            $email     = trim($_POST['email'] ?? '');
            $phone     = trim($_POST['phone'] ?? '');
            $message   = trim($_POST['message'] ?? '');

            if (!$firstName || !$lastName || !$email || !$phone || !$message) {
                throw new \Exception("All fields except phone must be filled out.");
            }

            if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                throw new \Exception("Invalid email address.");
            }

            // Store in database
            $pdo = new \PDO($_ENV['DB_DSN'], $_ENV['DB_USER'], $_ENV['DB_PASS']);
            $stmt = $pdo->prepare("INSERT INTO contact_messages (first_name, last_name, email, phone, message, ip_address, user_agent)
                                   VALUES (?, ?, ?, ?, ?, ?, ?)");
            $stmt->execute([
                $firstName,
                $lastName,
                $email,
                $phone,
                $message,
                $_SERVER['REMOTE_ADDR'] ?? 'unknown',
                $_SERVER['HTTP_USER_AGENT'] ?? 'unknown'
            ]);

            Logger::info("Contact form submitted by $firstName $lastName <$email>");

            // Email notification
            $mail = new PHPMailer(true);
            $mail->isSMTP();
            $mail->Host       = $_ENV['SMTP_HOST'];
            $mail->Port       = $_ENV['SMTP_PORT'];
            $mail->SMTPAuth   = $_ENV['SMTP_AUTH'] === 'true';
            $mail->SMTPSecure = $_ENV['SMTP_ENCRYPTION'] !== 'none' ? $_ENV['SMTP_ENCRYPTION'] : '';
            $mail->Username   = $_ENV['SMTP_USERNAME'];
            $mail->Password   = $_ENV['SMTP_PASSWORD'];
            $mail->setFrom($_ENV['SMTP_FROM_EMAIL'], $_ENV['SMTP_FROM_NAME']);
            $mail->addAddress($_ENV['SALES_EMAILS'] ?? $_ENV['ADMIN_EMAILS']);

            $mail->Subject = "New Contact Message from $firstName $lastName";
            $mail->Body    = "You received a message from: \n\n"
                            . "Name: $firstName $lastName\n"
                            . "Email: $email\n"
                            . "Phone: $phone\n"
                            . "Message:\n$message\n";

            $mail->send();

            http_response_code(200);
            echo json_encode(['success' => true, 'message' => 'Thank you. We will be in touch.']);

        } catch (\Throwable $e) {
            Logger::error("Contact form error: " . $e->getMessage());
            ErrorHandler::handleException($e);
            http_response_code(400);
            echo json_encode(['success' => false, 'error' => $e->getMessage()]);
        }
    }
}