79 lines
3.7 KiB
PHP
79 lines
3.7 KiB
PHP
<?php
|
|
require_once __DIR__ . '/includes/db.php';
|
|
require_once __DIR__ . '/includes/csrf.php';
|
|
require_once __DIR__ . '/includes/mailer.php';
|
|
require_once __DIR__ . '/includes/servicios-data.php';
|
|
|
|
session_start();
|
|
|
|
// Only POST
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
// CSRF check
|
|
if (!csrfValidate()) {
|
|
die('Token de seguridad inválido. Por favor regrese e intente de nuevo.');
|
|
}
|
|
|
|
// Sanitize common fields
|
|
$nombre = trim(htmlspecialchars($_POST['nombre'] ?? '', ENT_QUOTES, 'UTF-8'));
|
|
$telefono = trim(htmlspecialchars($_POST['telefono'] ?? '', ENT_QUOTES, 'UTF-8'));
|
|
$email = trim(filter_var($_POST['email'] ?? '', FILTER_SANITIZE_EMAIL));
|
|
$servicio = trim($_POST['servicio'] ?? '');
|
|
|
|
if (!$nombre || !$telefono || !isset($SERVICIOS[$servicio])) {
|
|
die('Datos incompletos. Por favor regrese y llene todos los campos requeridos.');
|
|
}
|
|
|
|
// Collect service-specific fields
|
|
$datosExtra = [];
|
|
foreach ($SERVICIOS[$servicio]['campos_formulario'] as $campo) {
|
|
$val = trim($_POST[$campo['name']] ?? '');
|
|
if ($campo['required'] && !$val) {
|
|
die('Por favor llene el campo: ' . htmlspecialchars($campo['label']));
|
|
}
|
|
$datosExtra[$campo['label']] = $val;
|
|
}
|
|
|
|
// Insert into DB
|
|
$db = getDB();
|
|
$stmt = $db->prepare('INSERT INTO solicitudes (nombre, telefono, email, servicio, datos_formulario, estado) VALUES (?, ?, ?, ?, ?, "nueva")');
|
|
$stmt->execute([$nombre, $telefono, $email, $servicio, json_encode($datosExtra, JSON_UNESCAPED_UNICODE)]);
|
|
|
|
// Send email notification
|
|
$servicioNombre = $SERVICIOS[$servicio]['nombre'];
|
|
$emailBody = "<div style='font-family:Arial,sans-serif;max-width:600px;margin:0 auto;'>";
|
|
$emailBody .= "<div style='background:#1B3A5C;color:white;padding:20px;text-align:center;'>";
|
|
$emailBody .= "<h1 style='margin:0;'>Nueva Solicitud</h1></div>";
|
|
$emailBody .= "<div style='padding:20px;border:1px solid #ddd;'>";
|
|
$emailBody .= "<h2 style='color:#1B3A5C;'>{$servicioNombre}</h2>";
|
|
$emailBody .= "<table style='width:100%;border-collapse:collapse;'>";
|
|
$emailBody .= "<tr><td style='padding:8px;border-bottom:1px solid #eee;font-weight:bold;width:40%;'>Nombre:</td><td style='padding:8px;border-bottom:1px solid #eee;'>" . htmlspecialchars($nombre) . "</td></tr>";
|
|
$emailBody .= "<tr><td style='padding:8px;border-bottom:1px solid #eee;font-weight:bold;'>Teléfono:</td><td style='padding:8px;border-bottom:1px solid #eee;'>" . htmlspecialchars($telefono) . "</td></tr>";
|
|
$emailBody .= "<tr><td style='padding:8px;border-bottom:1px solid #eee;font-weight:bold;'>Email:</td><td style='padding:8px;border-bottom:1px solid #eee;'>" . htmlspecialchars($email ?: 'No proporcionado') . "</td></tr>";
|
|
$emailBody .= "</table>";
|
|
$emailBody .= "<h3 style='color:#1B3A5C;margin-top:20px;'>Datos del trámite</h3>";
|
|
$emailBody .= "<table style='width:100%;border-collapse:collapse;'>";
|
|
foreach ($datosExtra as $label => $val) {
|
|
$emailBody .= "<tr><td style='padding:8px;border-bottom:1px solid #eee;font-weight:bold;width:40%;'>" . htmlspecialchars($label) . ":</td><td style='padding:8px;border-bottom:1px solid #eee;'>" . htmlspecialchars($val ?: 'N/A') . "</td></tr>";
|
|
}
|
|
$emailBody .= "</table>";
|
|
$emailBody .= "<p style='color:#888;font-size:12px;margin-top:20px;'>Recibido el " . date('d/m/Y \a \l\a\s H:i') . "</p>";
|
|
$emailBody .= "</div></div>";
|
|
|
|
sendEmail("Nueva solicitud: {$servicioNombre} - {$nombre}", $emailBody);
|
|
|
|
// Build WhatsApp link and store in session
|
|
$whatsappLink = buildWhatsAppLink($servicioNombre, $nombre, $telefono);
|
|
$_SESSION['whatsapp_link'] = $whatsappLink;
|
|
$_SESSION['confirmacion_nombre'] = $nombre;
|
|
$_SESSION['confirmacion_servicio'] = $servicioNombre;
|
|
|
|
// Regenerate CSRF token
|
|
unset($_SESSION['csrf_token']);
|
|
|
|
header('Location: confirmacion.php');
|
|
exit;
|