src/Controller/EnquiryDefaultController.php line 41

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\Enquiry;
  6. use App\Entity\EnquiryCV;
  7. use App\Form\EnquiryType;
  8. use App\Form\EnquiryCVType;
  9. use App\Annotation\CmsComponent;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Google\Cloud\RecaptchaEnterprise\V1\Event;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Routing\Annotation\Route;
  15. use Google\Cloud\RecaptchaEnterprise\V1\Assessment;
  16. use Google\Cloud\RecaptchaEnterprise\V1\CreateAssessmentRequest;
  17. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  18. use Google\Cloud\RecaptchaEnterprise\V1\TokenProperties\InvalidReason;
  19. use Google\Cloud\RecaptchaEnterprise\V1\Client\RecaptchaEnterpriseServiceClient;
  22. class EnquiryDefaultController extends AbstractController
  23. {
  24. private ?RecaptchaEnterpriseServiceClient $client = null;
  25. private string $errorMessage = '';
  27. public function __construct(
  28. private EntityManagerInterface $em,
  29. private \Swift_Mailer $mailer,
  30. private string $email_noreply,
  31. private string $email_primary,
  32. private readonly string $recaptcha_key,
  33. private readonly string $recaptcha_project_id,
  34. private readonly string $projectRoot
  35. ) { }
  37. /**
  38. * @CmsComponent("Embed Enquiry Form", active=true, routeName="embed_enquiry")
  39. */
  40. #[Route(path: '/cms-enquiry', name: 'embed_enquiry')]
  41. public function embedEnquiry(Request $request, ): Response
  42. {
  43. $enquiry = new Enquiry();
  44. $enquiry->setSubject('New Website Enquiry');
  46. $form = $this->createForm(EnquiryType::class, $enquiry);
  47. $form->handleRequest($request);
  49. $error = false;
  50. $success = false;
  51. $errorMessage = '';
  53. if ($form->isSubmitted()) {
  54. if ($this->spamChecksPass($request)) {
  55. if ($form->isValid()) {
  56. $this->em->persist($enquiry);
  57. $this->em->flush();
  58. $success = true;
  59. $this->sendEmail($enquiry);
  60. } else {
  61. $error = true;
  62. $errorMessage = 'Error - Check the form for errors';
  63. }
  64. } else {
  65. $error = true;
  66. $errorMessage = $this->errorMessage;
  67. }
  68. }
  70. return $this->render('@theme/enquiry/enquiry.html.twig', [
  71. 'enquiry' => $enquiry,
  72. 'error' => $error,
  73. 'success' => $success,
  74. 'errorMessage' => $errorMessage,
  75. 'form' => $form->createView(),
  76. ]);
  77. }
  79. /**
  80. * @CmsComponent("Embed Enquiry Form & Map", active=true, routeName="embed_enquiry_map")
  81. */
  82. #[Route(path: '/cms-enquiry-map', name: 'embed_enquiry_map')]
  83. public function embedEnquiryMap(Request $request, ): Response
  84. {
  85. $enquiry = new Enquiry();
  86. $enquiry->setSubject('New Website Enquiry');
  88. $form = $this->createForm(EnquiryType::class, $enquiry);
  89. $form->handleRequest($request);
  91. $error = false;
  92. $success = false;
  93. $errorMessage = '';
  95. if ($form->isSubmitted()) {
  96. if ($this->spamChecksPass($request)) {
  97. if ($form->isValid()) {
  98. $this->em->persist($enquiry);
  99. $this->em->flush();
  100. $success = true;
  101. $this->sendEmail($enquiry);
  102. } else {
  103. $error = true;
  104. $errorMessage = 'Error - Check the form for errors';
  105. }
  106. } else {
  107. $error = true;
  108. $errorMessage = 'Error - Captcha Invalid';
  109. }
  110. }
  112. return $this->render('@theme/enquiry/enquiry_map.html.twig', [
  113. 'enquiry' => $enquiry,
  114. 'error' => $error,
  115. 'success' => $success,
  116. 'errorMessage' => $errorMessage,
  117. 'form' => $form->createView(),
  118. ]);
  119. }
  121. /**
  122. * @CmsComponent("Embed CV form", active=true, routeName="embed_enquiry_cv")
  123. */
  124. #[Route(path: '/cms-enquiry-cv', name: 'embed_enquiry_cv')]
  125. public function embedEnquiryCv(Request $request): Response
  126. {
  127. $enquiry = new EnquiryCV();
  129. $form = $this->createForm(EnquiryCVType::class, $enquiry);
  130. $form->handleRequest($request);
  132. $error = false;
  133. $success = false;
  134. $errorMessage = '';
  136. if ($form->isSubmitted()) {
  137. if ($this->spamChecksPass($request)) {
  138. if ($form->isValid()) {
  139. $enquiry->uploadFile();
  140. $this->em->persist($enquiry);
  141. $this->em->flush();
  142. $success = true;
  143. $this->sendCVEmail($enquiry);
  144. } else {
  145. $error = true;
  146. $errorMessage = 'Error - Check the form for errors';
  147. }
  148. } else {
  149. $error = true;
  150. $errorMessage = 'Error - Captcha Invalid';
  151. }
  152. }
  154. return $this->render('@theme/enquiry/enquiry_cv.html.twig', [
  155. 'enquiry' => $enquiry,
  156. 'error' => $error,
  157. 'success' => $success,
  158. 'errorMessage' => $errorMessage,
  159. 'form' => $form->createView(),
  160. ]);
  161. }
  163. #[Route(path: '/email-test', name: 'email_test')]
  164. public function emailTest(): Response
  165. {
  166. return $this->render('@theme/emails/enquiry-confirmed.html.twig');
  167. }
  169. private function sendEmail(Enquiry $enquiry): void
  170. {
  171. $message_to_client = (new \Swift_Message())
  172. ->setSubject('Enquiry Received via '.$this->getParameter('sitename').' website')
  173. ->setFrom($this->email_noreply)
  174. ->setTo($this->email_primary)
  175. ->setBody(
  176. $this->renderView('@theme/emails/enquiry-to-client.html.twig', ['enquiry' => $enquiry]),
  177. 'text/html'
  178. )
  179. ;
  180. try {
  181. $this->mailer->send($message_to_client);
  182. } catch (\Throwable $th) {
  183. // ignore
  184. }
  186. $this->sendConfirmationEmail($enquiry);
  187. }
  189. private function sendCVEmail(EnquiryCV $enquiry): void
  190. {
  191. $message_to_client = (new \Swift_Message())
  192. ->setSubject('Enquiry Received via '.$this->getParameter('sitename').' website')
  193. ->setFrom($this->email_noreply)
  194. ->setTo($this->email_primary)
  195. ->setBody(
  196. $this->renderView('@theme/emails/enquiry-to-client-cv.html.twig', ['enquiry' => $enquiry]),
  197. 'text/html'
  198. )
  199. ;
  200. try {
  201. $this->mailer->send($message_to_client);
  202. } catch (\Throwable $th) {
  203. // ignore
  204. }
  206. $this->sendConfirmationEmail($enquiry);
  207. }
  209. private function sendConfirmationEmail($enquiry): void
  210. {
  211. $message_to_user = (new \Swift_Message())
  212. ->setSubject('Enquiry sent to '.$this->getParameter('sitename').' confirmed')
  213. ->setFrom($this->email_noreply)
  214. ->setTo($enquiry->getEmail())
  215. ->setBody(
  216. $this->renderView(
  217. '@theme/emails/enquiry-confirmed.html.twig',
  218. ['enquiry' => $enquiry]
  219. ),
  220. 'text/html'
  221. )
  222. ;
  224. // try {
  225. $this->mailer->send($message_to_user);
  226. // } catch (\Throwable $th) {
  227. // ignore
  228. // }
  229. }
  231. private function spamChecksPass(Request $request): bool
  232. {
  233. // also test form execution time
  234. try {
  235. $posted = $request->request->All();
  237. // check for captcha response
  238. $recaptcha = $posted['g-recaptcha-response'] ?? null;
  240. if (empty($recaptcha)) {
  241. return false;
  242. }
  244. // check for form execution time
  245. $loadedAt = (int) $posted['enquiry']['_loaded_at'] ?? 0;
  247. if ($loadedAt && (time() - $loadedAt) < 3) {
  248. return false;
  249. }
  251. // check for $honeypot field
  252. $honeypot = $posted['enquiry']['website'] ?? null;
  254. if (!empty($honeypot)) {
  255. return false;
  256. }
  258. return $this->verifyRecaptcha($recaptcha);
  259. } catch (\Throwable $th) {
  260. return false;
  261. }
  262. }
  264. private function verifyRecaptcha($token): bool
  265. {
  266. $this->errorMessage = '';
  268. if (! $this->client) {
  269. $this->client = new RecaptchaEnterpriseServiceClient([
  270. 'credentials' => $this->projectRoot . '/kasscaffolding-850ee80a9abf.json',
  271. ]);
  273. $projectName = $this->client->projectName($this->recaptcha_project_id);
  274. }
  276. // Set the properties of the event to be tracked.
  277. $event = (new Event())
  278. ->setSiteKey($this->recaptcha_key)
  279. ->setToken($token);
  281. $assessment = (new Assessment())
  282. ->setEvent($event);
  284. $request = (new CreateAssessmentRequest())
  285. ->setParent($projectName)
  286. ->setAssessment($assessment);
  288. try {
  289. $response = $this->client->createAssessment($request);
  291. if ($response->getTokenProperties()->getValid() == false) {
  292. $this->errorMessage = InvalidReason::name($response->getTokenProperties()->getInvalidReason());
  294. return false;
  295. }
  297. $score = $response->getRiskAnalysis()->getScore();
  299. if ($score < 0.5) {
  300. $this->errorMessage = 'Low score: ' . $score;
  302. return false;
  303. }
  304. } catch (\Exception $e) {
  305. return false;
  306. }
  308. return true;
  309. }
  310. }