dereklseitz/dlseitz.dev-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Derek L. Seitz
2025-08-26 03:08:35 -05:00
parent 0b00a63ce6
commit 161dd3dd46
2 changed files with 52 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
controllers/contactController.js
View File

@@ -1,14 +1,49 @@
// contactController.js
module.exports = (pool, transporter) => { module.exports = (pool, transporter) => {
const submitForm = async (req, res) => { const submitForm = async (req, res) => {
const { firstName, lastName, organization, email, phone, contactMethod, message, privacyAccepted } = req.body; const {
firstName,
lastName,
organization,
email,
phone,
contactMethod,
message,
privacyAccepted
} = req.body;
if (
!firstName || !lastName || !email || !message ||
typeof contactMethod === 'undefined' ||
typeof privacyAccepted === 'undefined'
) {
console.error('Missing required fields in submission:', req.body);
return res.status(400).json({ message: 'Missing required form fields.' });
}
try { try {
const result = await pool.query( const result = await pool.query(
`INSERT INTO submissions(first_name, last_name, organization, email, phone, contact_method, message, privacy_accepted, time_submitted) `INSERT INTO submissions(
VALUES($1, $2, $3, $4, $5, $6, $7, $8, NOW()) RETURNING *`, first_name,
[firstName, lastName, organization, email, phone, contactMethod, message, privacyAccepted] last_name,
organization,
email,
phone,
contact_method,
message,
privacy_accepted,
time_submitted
) VALUES($1, $2, $3, $4, $5, $6, $7, $8, NOW())
RETURNING *`,
[
firstName,
lastName,
organization,
email,
phone,
contactMethod,
message,
privacyAccepted
]
); );
console.log('Successfully saved submission to the database:', result.rows[0]); console.log('Successfully saved submission to the database:', result.rows[0]);
@@ -43,10 +78,10 @@ module.exports = (pool, transporter) => {
}); });
} catch (err) { } catch (err) {
console.error('An error occurred during form submission:', err.stack); console.error('Error occurred during form submission:', err.stack || err);
res.status(500).json({ res.status(500).json({
message: 'An error occurred. Please try again.', message: 'An error occurred while submitting the form.',
error: err.message error: err.message || 'Unknown error'
}); });
} }
}; };

12
routes/contactRoutes.js
View File

@@ -1,11 +1,10 @@
// contactRoutes.js
module.exports = (contactController, securityMw) => { module.exports = (contactController, securityMw) => {
const express = require('express'); const express = require('express');
const router = express.Router(); const router = express.Router();
const rateLimit = require('express-rate-limit'); const rateLimit = require('express-rate-limit');
const { body, validationResult } = require('express-validator'); const { body, validationResult } = require('express-validator');
// Configure rate limiting to prevent spam // Rate limiter to prevent spam
const apiLimiter = rateLimit({ const apiLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes windowMs: 15 * 60 * 1000, // 15 minutes
max: 5, max: 5,
@@ -16,20 +15,23 @@ module.exports = (contactController, securityMw) => {
apiLimiter, apiLimiter,
securityMw.formSecurityCheck, securityMw.formSecurityCheck,
[ [
// Sanitize and validate form data
body('firstName').trim().escape(), body('firstName').trim().escape(),
body('lastName').trim().escape(), body('lastName').trim().escape(),
body('email').isEmail().normalizeEmail(), body('email').isEmail().normalizeEmail(),
body('organization').trim().escape(), body('organization').trim().escape(),
body('phone').trim(), body('phone').trim(),
body('message').trim().escape(), body('message').trim().escape(),
body('contactMethod')
.notEmpty().withMessage('Contact method is required.')
.isIn(['email', 'phone']).withMessage('Contact method must be email or phone.'),
body('privacyAccepted')
.isBoolean().withMessage('Privacy acceptance must be true or false.'),
], ],
// Handle validation results
(req, res, next) => { (req, res, next) => {
const errors = validationResult(req); const errors = validationResult(req);
if (!errors.isEmpty()) { if (!errors.isEmpty()) {
console.error('Validation failed:', errors.array()); console.error('Validation failed:', errors.array());
return res.status(400).json({ success: false, message: 'Invalid form data.' }); return res.status(400).json({ success: false, message: 'Invalid form data.', errors: errors.array() });
} }
next(); next();
}, },