secure form

<?php

/**

 * Pearson Consulting Group - "Chess Not Checkers" Download Form

 * Features: Honeypot, Time-Trap, WP Nonce, and Professional Styling.

 */

function pcg_render_chess_form() {

    // Process the form if submitted

    $message = '';

    if (isset($_POST['pcg_submit_book_request'])) {

        $message = pcg_handle_form_submission();

    }

    // Generate a nonce for security

    $nonce_field = wp_nonce_field('pcg_download_book_action', 'pcg_download_book_nonce', true, false);

    // Time-trap: Current time encrypted slightly to prevent simple manipulation

    $time_trap = base64_encode(time());

    ob_start();

    ?>

    <style>

        /* --- CSS VARIABLES: Adjust these to match your exact site vibe --- */

        :root {

            --pcg-primary: #003366; /* Professional Navy Blue */

            --pcg-accent: #d4af37;  /* Subtle Gold/Bronze for CTA */

            --pcg-text: #333333;

            --pcg-bg: #f9f9f9;

            --pcg-input-border: #cccccc;

            --pcg-radius: 4px;

        }

        /* --- FORM CONTAINER --- */

        .pcg-book-form {

            background: var(--pcg-bg);

            border: 1px solid #e0e0e0;

            border-left: 5px solid var(--pcg-primary);

            padding: 40px;

            border-radius: var(--pcg-radius);

            max-width: 600px;

            margin: 40px auto;

            font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif;

            box-shadow: 0 4px 12px rgba(0,0,0,0.05);

        }

        .pcg-book-form h3 {

            color: var(--pcg-primary);

            margin-top: 0;

            font-size: 24px;

            font-weight: 700;

        }

        .pcg-book-form p {

            color: var(--pcg-text);

            line-height: 1.6;

            margin-bottom: 25px;

            font-size: 15px;

        }

        /* --- FORM GRID --- */

        .pcg-form-row {

            display: flex;

            gap: 15px;

            margin-bottom: 15px;

        }

        .pcg-field-group {

            flex: 1;

            display: flex;

            flex-direction: column;

        }

        /* Mobile Responsive */

        @media (max-width: 480px) {

            .pcg-form-row { flex-direction: column; gap: 0; }

            .pcg-field-group { margin-bottom: 15px; }

        }

        .pcg-book-form label {

            font-size: 13px;

            font-weight: 600;

            color: #555;

            margin-bottom: 5px;

            text-transform: uppercase;

            letter-spacing: 0.5px;

        }

        .pcg-book-form input[type="text"],

        .pcg-book-form input[type="email"],

        .pcg-book-form input[type="tel"] {

            width: 100%;

            padding: 12px;

            border: 1px solid var(--pcg-input-border);

            border-radius: var(--pcg-radius);

            font-size: 15px;

            transition: border-color 0.3s ease;

            box-sizing: border-box; /* Fix padding issues */

        }

        .pcg-book-form input:focus {

            border-color: var(--pcg-primary);

            outline: none;

            box-shadow: 0 0 0 3px rgba(0, 51, 102, 0.1);

        }

        /* --- HONEYPOT (The Trap) --- */

        .pcg-business-url-field {

            display: none !important;

            visibility: hidden;

            opacity: 0;

        }

        /* --- SUBMIT BUTTON --- */

        .pcg-submit-btn {

            background-color: var(--pcg-primary);

            color: white;

            border: none;

            padding: 15px 30px;

            font-size: 16px;

            font-weight: 600;

            border-radius: var(--pcg-radius);

            cursor: pointer;

            width: 100%;

            transition: background 0.3s ease;

            margin-top: 10px;

        }

        .pcg-submit-btn:hover {

            background-color: #002244; /* Darker Navy */

        }

        /* --- MESSAGES --- */

        .pcg-message {

            padding: 15px;

            margin-bottom: 20px;

            border-radius: var(--pcg-radius);

            font-size: 14px;

        }

        .pcg-success { background-color: #d4edda; color: #155724; border: 1px solid #c3e6cb; }

        .pcg-error { background-color: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }

    </style>

    <div class="pcg-book-form">

        <?php if ($message) echo $message; ?>

        <h3>Download "Chess Not Checkers"</h3>

        <p>Make the right move for your business. Discover how to choose the perfect AI provider to enhance your operations. Enter your details below to receive your free copy immediately.</p>

        <form method="post" action="">

            <?php echo $nonce_field; ?>

            <!-- Time Trap -->

            <input type="hidden" name="pcg_time_trap" value="<?php echo $time_trap; ?>">

            <!-- Honeypot (Hidden from humans) -->

            <div class="pcg-business-url-field">

                <label>If you are human, leave this field blank.</label>

                <input type="text" name="pcg_business_url" tabindex="-1" autocomplete="off">

            </div>

            <div class="pcg-form-row">

                <div class="pcg-field-group">

                    <label for="pcg-fname">First Name *</label>

                    <input type="text" id="pcg-fname" name="pcg_fname" required>

                </div>

                <div class="pcg-field-group">

                    <label for="pcg-lname">Last Name *</label>

                    <input type="text" id="pcg-lname" name="pcg_lname" required>

                </div>

            </div>

            <div class="pcg-field-group" style="margin-bottom: 15px;">

                <label for="pcg-company">Company</label>

                <input type="text" id="pcg-company" name="pcg_company">

            </div>

            <div class="pcg-form-row">

                <div class="pcg-field-group">

                    <label for="pcg-email">Email Address *</label>

                    <input type="email" id="pcg-email" name="pcg_email" required>

                </div>

                <div class="pcg-field-group">

                    <label for="pcg-phone">Phone</label>

                    <input type="tel" id="pcg-phone" name="pcg_phone">

                </div>

            </div>

            <button type="submit" name="pcg_submit_book_request" class="pcg-submit-btn">Get the Book</button>

        </form>

    </div>

    <?php

    return ob_get_clean();

}

add_shortcode('chess_not_checkers_form', 'pcg_render_chess_form');

/**

 * Handler Logic for Form Submission

 */

function pcg_handle_form_submission() {

    // 1. SECURITY CHECK: Verify Nonce

    if (!isset($_POST['pcg_download_book_nonce']) || !wp_verify_nonce($_POST['pcg_download_book_nonce'], 'pcg_download_book_action')) {

        return '<div class="pcg-message pcg-error">Security check failed. Please refresh and try again.</div>';

    }

    // 2. SECURITY CHECK: Honeypot

    // If the hidden 'pcg_business_url' field contains ANY text, it's a bot.

    if (!empty($_POST['pcg_business_url'])) {

        // Pretend it worked so the bot leaves us alone

        return '<div class="pcg-message pcg-success">Thanks! Check your email.</div>';

    }

    // 3. SECURITY CHECK: Time Trap

    // Check if form was submitted too fast (less than 3 seconds)

    $submitted_time = base64_decode($_POST['pcg_time_trap']);

    if ((time() - intval($submitted_time)) < 3) {

         return '<div class="pcg-message pcg-error">You were too fast! Please take a moment to fill out the form correctly.</div>';

    }

    // 4. Sanitize and Validate Inputs

    $fname = sanitize_text_field($_POST['pcg_fname']);

    $lname = sanitize_text_field($_POST['pcg_lname']);

    $company = sanitize_text_field($_POST['pcg_company']);

    $email = sanitize_email($_POST['pcg_email']);

    $phone = sanitize_text_field($_POST['pcg_phone']);

    if (!is_email($email)) {

        return '<div class="pcg-message pcg-error">Please enter a valid email address.</div>';

    }

    // 5. SUCCESS: Send Email or Redirect to PDF

    // --- OPTION A: Direct Redirect to PDF (Uncomment below and add URL) ---

    /*

    $file_url = 'https://pearson-consulting-group.com/wp-content/uploads/2023/10/Chess-Not-Checkers.pdf';

    if (!headers_sent()) {

        wp_redirect($file_url);

        exit;

    } else {

        return '<script>window.location.href="' . $file_url . '";</script>';

    }

    */

    // --- OPTION B: Send Email with Link (Safer/More Professional) ---

    $to = $email;

    $subject = "Your copy of Chess Not Checkers";

    $headers = array('Content-Type: text/html; charset=UTF-8');

    // EDIT THIS URL TO YOUR ACTUAL PDF LOCATION

    $pdf_link = "https://pearson-consulting-group.com/wp-content/uploads/Chess-Not-Checkers.pdf";

    $message_body = "

        Hi $fname,<br><br>

        Thank you for requesting a copy of <strong>Chess Not Checkers</strong>.<br>

        <br>

        This guide will help you make the strategic moves required to select the right AI provider for your business.<br><br>

        <a href='$pdf_link' style='background:#003366;color:#fff;padding:10px 20px;text-decoration:none;border-radius:5px;'>Download PDF Now</a>

        <br><br>

        Best regards,<br>

        Pearson Consulting Group

    ";

    wp_mail($to, $subject, $message_body, $headers);

    // Optional: Send yourself a notification that someone downloaded it

    $admin_email = get_option('admin_email');

    wp_mail($admin_email, "New Book Download: $fname $lname", "Details:\nName: $fname $lname\nCompany: $company\nEmail: $email\nPhone: $phone");

    return '<div class="pcg-message pcg-success">Success! We have sent the download link to <strong>' . esc_html($email) . '</strong>. Please check your inbox.</div>';

}