From c98ddbd9cb6c63f7effd45829e1ca9ff78a3a6b2 Mon Sep 17 00:00:00 2001
From: filippo.bertilotti <filippobertilotti@gmail.com>
Date: Fri, 03 May 2024 10:47:19 +0200
Subject: [PATCH] aggiunta specifica restituzione tipi alle functions

---
 htdocs/contact.php |   45 ++++++++++++++++++++++++++++-----------------
 1 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/htdocs/contact.php b/htdocs/contact.php
index 0c0a7bd..1f5505c 100644
--- a/htdocs/contact.php
+++ b/htdocs/contact.php
@@ -13,8 +13,10 @@
     $email = $_POST['email'] ?? '';
     $msg = '';
 
-
-    function insertDataOnTable(mysqli $mysql, string $email, string $number) { 
+    /**
+     *  Inserisce i dati trasmessi dal form ($email e $number) nella tabella
+     */
+    function insertDataOnTable(mysqli $mysql, string $email, string $number): bool { 
         $esitoInserimento = false;
         $query = "INSERT INTO Contact (email, telefono) VALUES ('$email', '$number');";
         try {
@@ -26,7 +28,11 @@
         return $esitoInserimento;
     }
 
-    function controlloErrori(string $email, string $number, array &$errorMsgs) {
+
+    /**
+     *  controlla se ci sono errori sulla digitazione dei dati messi nel form
+     */
+    function controlloErrori(string $email, string $number, array &$errorMsgs): bool {
         if(!is_numeric($number) || strlen($number) != 10) {
             $errorMsgs['number'] = 'Numero di telefono non corretto';
         }else {
@@ -44,24 +50,23 @@
         return $validazioneOk;
     }
 
-
-    function controlloSpamEmail(mysqli $connection, string $email) {
-        $esitoSpamEmail = false;
-        $query = "SELECT email, dtm_richiesta FROM Contact WHERE email = '$email' AND dtm_richiesta BETWEEN CURDATE() AND DATE_SUB(CURDATE(), INTERVAL 1 DAY);";
+    /**
+     *  controlla se nelle 24 ore prima non sia stata messa nel campo email la stessa mail per evitarne lo spam
+     */
+    function controlloSpamEmail(mysqli $connection, string $email): bool {
+        $spam = false;
+        $query = "SELECT email, dtm_richiesta FROM Contact WHERE email = '$email' AND dtm_richiesta BETWEEN DATE_SUB(NOW(), INTERVAL 1 DAY) AND NOW();";
         
-
+        
         $result = $connection->query($query);
         
-        while ($row = $result->fetch_assoc()) {
-            echo $row['email']."<br />\n";
+        $rowcount=mysqli_num_rows($result);
+        
+        if ($rowcount > 0) {
+            $spam = true;
         }
-        
-        
-        
 
-
-
-        return $esitoSpamEmail;
+        return $spam;
     }
     
 
@@ -75,8 +80,14 @@
             } catch (Exception $e) {
                 die($e->getMessage());
             }
-            controlloSpamEmail($conn, $email);
+
+            if(controlloSpamEmail($conn, $email)) {
+                $smarty->display('avviso.tpl');
+                exit;
+            }
+            
             $esitoInserimento = insertDataOnTable($conn, $email, $number);
+            
 
             if($esitoInserimento == true) {
                 $smarty->display('conferma.tpl');

--
Gitblit v1.8.0