function contact_form($loc = '')
{
global $LANG;
$form = '<div class="contact_form other_form">';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['contact_form' . $loc]) && \site\utils::check_csrf($_POST['contact_form' . $loc]['csrf'], 'contact_form' . $loc . '_csrf')) {
$pd = \site\utils::validate_user_data($_POST['contact_form' . $loc]);
try {
$id = $GLOBALS['me'] ? $GLOBALS['me']->ID : 0;
\user\main::send_contact($pd);
$form .= '<div class="success">' . $LANG['sendcontact_success'] . '</div>';
unset($pd);
} catch (Exception $e) {
$form .= '<div class="error">' . $e->getMessage() . '</div>';
}
}
$csrf = $_SESSION['contact_form' . $loc . '_csrf'] = \site\utils::str_random(12);
$form .= '<form method="POST" action="#widget_contact">
<div class="form_field"><label for="contact_form' . $loc . '[name]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="contact_form' . $loc . '[name]" id="contact_form' . $loc . '[name]" value="' . (isset($pd['name']) ? $pd['name'] : '') . '" required /></div></div>
<div class="form_field"><label for="contact_form' . $loc . '[email]">' . $LANG['form_email'] . ':</label> <div><input type="email" name="contact_form' . $loc . '[email]" id="contact_form' . $loc . '[email]" value="' . (isset($pd['email']) ? $pd['email'] : '') . '" required /></div></div>
<div class="form_field"><label for="contact_form' . $loc . '[message]">' . $LANG['form_message'] . ':</label> <div><textarea name="contact_form' . $loc . '[message]" id="contact_form' . $loc . '[message]">' . (isset($pd['message']) ? $pd['message'] : '') . '</textarea></div></div>
<input type="hidden" name="contact_form' . $loc . '[csrf]" value="' . $csrf . '" />
<button>' . $LANG['send'] . '</button>
</form>
</div>';
return $form;
}
