<?php 
session_start();
error_reporting(0);
include("admin/config.php");

$fname = $_POST['fname'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$address = $_POST['address'];
$edate = $_POST['edate'];
$message = $_POST['message'];
$flag = $_REQUEST['flag'];
$id = $_POST['id'];
$captcha_input = $_POST['captcha']; // Get user-entered CAPTCHA

// Check if CAPTCHA is correct
if (!isset($_SESSION['captcha']) || $captcha_input != $_SESSION['captcha']) {
    header("Location: index.php?flag=captcha_error");
    exit;
}

// Clear the CAPTCHA after verification to prevent reuse
unset($_SESSION['captcha']);

if ($id == "") { 
    $query = sprintf("INSERT INTO enquiry SET 
        name='%s', emailid='%s', contact='%s', address='%s', msg='%s', edate='%s'", 
        $fname, $email, $mobile, $address, $message, $edate);
    
    $conn->query($query);
    
    header("Location: index.php?flag=send");
    exit;
}
?>
