dereklseitz/dlseitz.dev-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Derek L. Seitz
2025-08-26 03:08:35 -05:00
parent 0b00a63ce6
commit 161dd3dd46
2 changed files with 52 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
controllers/contactController.js
View File

@@ -1,14 +1,49 @@
// contactController.js
module.exports = (pool, transporter) => {
const submitForm = async (req, res) => {
const { firstName, lastName, organization, email, phone, contactMethod, message, privacyAccepted } = req.body;
const {
firstName,
lastName,
organization,
email,
phone,
contactMethod,
message,
privacyAccepted
} = req.body;
if (
!firstName || !lastName || !email || !message ||
typeof contactMethod === 'undefined' ||
typeof privacyAccepted === 'undefined'
) {
console.error('Missing required fields in submission:', req.body);
return res.status(400).json({ message: 'Missing required form fields.' });
}
try {
const result = await pool.query(
`INSERT INTO submissions(first_name, last_name, organization, email, phone, contact_method, message, privacy_accepted, time_submitted)
VALUES($1, $2, $3, $4, $5, $6, $7, $8, NOW()) RETURNING *`,
[firstName, lastName, organization, email, phone, contactMethod, message, privacyAccepted]
`INSERT INTO submissions(
first_name,
last_name,
organization,
email,
phone,
contact_method,
message,
privacy_accepted,
time_submitted
) VALUES($1, $2, $3, $4, $5, $6, $7, $8, NOW())
RETURNING *`,
[
firstName,
lastName,
organization,
email,
phone,
contactMethod,
message,
privacyAccepted
]
);
console.log('Successfully saved submission to the database:', result.rows[0]);
@@ -43,10 +78,10 @@ module.exports = (pool, transporter) => {
});
} catch (err) {
console.error('An error occurred during form submission:', err.stack);
console.error('Error occurred during form submission:', err.stack || err);
res.status(500).json({
message: 'An error occurred. Please try again.',
error: err.message
message: 'An error occurred while submitting the form.',
error: err.message || 'Unknown error'
});
}
};
@@ -54,4 +89,4 @@ module.exports = (pool, transporter) => {
return {
submitForm,
};
};
};

12
routes/contactRoutes.js
View File

@@ -1,11 +1,10 @@
// contactRoutes.js
module.exports = (contactController, securityMw) => {
const express = require('express');
const router = express.Router();
const rateLimit = require('express-rate-limit');
const { body, validationResult } = require('express-validator');
// Configure rate limiting to prevent spam
// Rate limiter to prevent spam
const apiLimiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 5,
@@ -16,20 +15,23 @@ module.exports = (contactController, securityMw) => {
apiLimiter,
securityMw.formSecurityCheck,
[
// Sanitize and validate form data
body('firstName').trim().escape(),
body('lastName').trim().escape(),
body('email').isEmail().normalizeEmail(),
body('organization').trim().escape(),
body('phone').trim(),
body('message').trim().escape(),
body('contactMethod')
.notEmpty().withMessage('Contact method is required.')
.isIn(['email', 'phone']).withMessage('Contact method must be email or phone.'),
body('privacyAccepted')
.isBoolean().withMessage('Privacy acceptance must be true or false.'),
],
// Handle validation results
(req, res, next) => {
const errors = validationResult(req);
if (!errors.isEmpty()) {
console.error('Validation failed:', errors.array());
return res.status(400).json({ success: false, message: 'Invalid form data.' });
return res.status(400).json({ success: false, message: 'Invalid form data.', errors: errors.array() });
}
next();
},