validacion formulario de contacto

1. <?php
2. /**
3.  * Contact form functionality
4.  * Used within the loop
5.  * @link https://developer.wordpress.org/reference/functions/wp_nonce_field/
6.  * @link https://codex.wordpress.org/Class_Reference/WP_Error
7.  */
8.  
9. if ( ! defined( 'ABSPATH' ) ) exit;
10.  
11. global $reg_errors;
12. $reg_errors = new WP_error;
13.  
14. $response = "";
15.  
16. //response messages
17. //$not_human       = "Human verification incorrect.";
18. $email_invalid   = "Email Address Invalid.";
19. $name_required   = "Name Required.";
20. $email_required  = "Email Address Required.";
21. $phone_required  = "Phone Required.";
22. $text_required   = "Message Text Required.";
23. $missing_content = "Please supply all information.";
24. $message_unsent  = "Message was not sent. Try Again.";
25. $message_sent    = "Thanks! Your message has been sent.";
26. $recaptcha_required = "Are you robot?";
27.  
28.  
29. //user posted variables
30. $name = isset ($_POST['message_name'])? esc_sql(sanitize_text_field($_POST['message_name'])):"";
31. $email = isset($_POST['message_email'])? esc_sql(sanitize_text_field(sanitize_email($_POST['message_email']))):"";
32. $phone = isset($_POST['message_phone'])? esc_sql(sanitize_text_field($_POST['message_phone'])):"";
33. $message = isset($_POST['message_text'])? esc_sql(sanitize_text_field($_POST['message_text'])):"";
34.  
35. //$human = $_POST['message_human'];
36.  
37. //php mailer variables
38. function my_contact_form(){
39. if (isset($_POST['gymclub_nonce_field']) && wp_verify_nonce( $_POST['gymclub_nonce_field'], 'custom_action_nonce')){
40.        
41.          $to = get_option('gym_contact_admin_email');
42.          $name     = sanitize_text_field($_POST['message_name']);
43.          $email    = sanitize_email($_POST['message_email']);
44.          $phone    = sanitize_text_field($_POST['message_phone']);
45.          $message    = wp_kses_data($_POST['message_text']);
46.          $subject = "Someone sent a message from " . get_bloginfo('name');
47.  
48.          $headers = 'From: '. $name . ' <' . $email . '>' .
49.          $sent = wp_mail( $to, $subject, $message, $headers );
50.            
51.            if ($sent){
52.          
53.             $r = array(
54.                   'name'  => $name,
55.                   'email' => $email,
56.                   'phone' => $phone,
57.                   'message' => $message,
58.                   'time' => current_time( 'mysql' )
59.             );
60.              wp_send_json_success($r);
61.            } else {
62.             $r = array('message' => 'Mail Error');
63.             wp_send_json_error($r);
64.            }  
65.        
66.     }
67.        $r = array('message' => 'Validate Error' );
68.            wp_send_json_error($r);
69.    
70.    }
71.  
72. // WordPress Ajax
73. add_action( 'wp_ajax_my_contact', 'my_contact_form' );
74. add_action( 'wp_ajax_nopriv_my_contact', 'my_contact_form' );
75.  
76.  
77.  
78. // On send - works but prob not best practice https://codex.wordpress.org/Plugin_API/Action_Reference/admin_post_(action)
79.  if (isset($_POST['submit']) && isset($_POST['g-recaptcha-response'])) {
80.  
81.   // Recaptcha fail
82.   if ( empty($_POST['g-recaptcha-response']) ) {
83.     $reg_errors->add("error", $recaptcha_required);
84.      }
85.  
86.   if (empty($_POST['message_name'])) {
87.     $reg_errors->add("error", $name_required);
88.   }
89.  
90.   if (empty($_POST['message_email'])) {
91.     $reg_errors->add("error", $email_required);
92.   }
93.  
94.   if (empty($_POST['message_phone'])) {
95.     $reg_errors->add("error", $phone_required);
96.   }
97.  
98.   if (empty($_POST['message_text'])) {
99.     $reg_errors->add("error", $text_required);
100.   }
101.  
102.   //We check that the field Email is valid
103.   if(!is_email($_POST['message_email'])) {
104.    $reg_errors->add("error", $email_invalid);
105.    }
106.  
107.   //validate presence of name and message
108.  
109.   if (count($reg_errors->get_error_messages()) == 0) {
110.  
111.       $sent = wp_mail($to, $subject, $message, $headers);
112.  
113.         gym_contact_create_entry($name, $email, $phone, $message );
114.  
115.         if($sent) {
116.           unset($name);
117.           unset($email);
118.           unset($phone);
119.           unset($message);?>
120.           <div class="alert alert-danger" role="alert">
121.                <?php echo $message_sent; ?>
122.           </div>
123.            
124.         <?php }else { ?>
125.           <div class="alert alert-success" role="alert">
126.              <?php echo $message_unsent; ?>
127.          </div>
128.         <?php }
129.      
130.    }
131.  
132.  }
133.  
134.  
135. function gym_contact_create_entry($name, $email, $phone, $message ) {
136.   global $wpdb;
137.   $table_name = $wpdb->prefix . 'contact';
138.  
139.   $wpdb->insert(
140.         $table_name,
141.         array(
142.             'name' => $name,
143.             'email' => $email,
144.             'phone' => $phone,
145.             'message' => $message,
146.             'time' => current_time( 'mysql' )
147.         )
148.     );
149. }
150.  
151.  ?>
152.  
153.  
154.  <?php get_header(); ?>
155.  
156.         <?php if ( have_posts() ) : the_post(); ?>
157.  
158.             <?php include_once( 'page_contact.php' ); ?>
159.  
160.         <?php endif; ?>
161.  
162. <?php get_footer(); ?>
163.  
164.