79 lines
2.5 KiB
PHP
79 lines
2.5 KiB
PHP
<?php
|
|
session_start();
|
|
$log_dir = "/tmp/contact_auth/";
|
|
if (!is_dir($log_dir)) mkdir($log_dir, 0700);
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
// --- CONFIGURATION ---
|
|
$to_admin = "votre-email@abonnel.fr";
|
|
$from_server = "webmaster@abonnel.fr";
|
|
|
|
$step = $_POST['step'] ?? '';
|
|
|
|
// --- ACTION 1 : GÉNÉRATION ET ENVOI DU CODE ---
|
|
if ($step === 'send_code') {
|
|
$email = filter_var($_POST['email'] ?? '', FILTER_VALIDATE_EMAIL);
|
|
$message = trim($_POST['message'] ?? '');
|
|
|
|
if (!$email || strlen($message) < 10) {
|
|
echo json_encode(["status" => "error", "message" => "Données invalides."]);
|
|
exit;
|
|
}
|
|
|
|
// Génération du code
|
|
$code = rand(100000, 999999);
|
|
$token = md5($email . time());
|
|
|
|
// Stockage temporaire (Valide 1h)
|
|
$auth_data = [
|
|
'code' => $code,
|
|
'email' => $email,
|
|
'message' => $message,
|
|
'expires' => time() + 3600
|
|
];
|
|
file_put_contents($log_dir . $token, json_encode($auth_data));
|
|
|
|
// Envoi du code à l'utilisateur
|
|
$subject = "Votre code de vérification - abonnel.fr";
|
|
$body = "Votre code de validation est : $code\nCe code expire dans 1 heure.";
|
|
|
|
if (mail($email, $subject, $body, "From: $from_server")) {
|
|
echo json_encode(["status" => "success", "token" => $token]);
|
|
} else {
|
|
echo json_encode(["status" => "error", "message" => "Erreur d'envoi du code."]);
|
|
}
|
|
}
|
|
|
|
// --- ACTION 2 : VÉRIFICATION ET ENVOI FINAL ---
|
|
if ($step === 'verify_code') {
|
|
$token = $_POST['token'] ?? '';
|
|
$user_code = $_POST['code'] ?? '';
|
|
$file = $log_dir . $token;
|
|
|
|
if (!file_exists($file)) {
|
|
echo json_encode(["status" => "error", "message" => "Session expirée."]);
|
|
exit;
|
|
}
|
|
|
|
$data = json_decode(file_get_contents($file), true);
|
|
|
|
if (time() > $data['expires']) {
|
|
unlink($file);
|
|
echo json_encode(["status" => "error", "message" => "Code expiré."]);
|
|
exit;
|
|
}
|
|
|
|
if ($user_code == $data['code']) {
|
|
// Envoi final à VOUS
|
|
$final_subject = "[Validé] Contact de " . $data['email'];
|
|
$final_body = "Message de : " . $data['email'] . "\n\n" . $data['message'];
|
|
|
|
mail($to_admin, $final_subject, $final_body, "From: $from_server\r\nReply-To: " . $data['email']);
|
|
|
|
unlink($file); // Supprime le ticket après succès
|
|
echo json_encode(["status" => "success", "message" => "Message envoyé avec succès !"]);
|
|
} else {
|
|
echo json_encode(["status" => "error", "message" => "Code incorrect."]);
|
|
}
|
|
} |