Add address and sqft fields, fix altcha web component render

src/api/contact.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Floor It Hardwood Floors — contact form handler.
+ * Floor It Hardwood Floors: contact form handler.
  *
  * Pipeline:
  *   1. Read JSON body (32KB cap)
@@ -8,10 +8,10 @@
  *   3. Honeypot + time-on-page checks
  *   4. Altcha server-side verify
  *   5. Sliding-window per-IP rate limit (file-backed in /var/www/html/src/api/data/rate-limits/)
- *   6. POST to Resend → email to contact address
+ *   6. POST to Resend, email to contact address
  *   7. JSON response
  *
- * Configuration is read entirely from environment variables — set these in
+ * Configuration is read entirely from environment variables. Set these in
  * .env or the runtime environment. No hardcoded keys in this file.
  */
 
@@ -115,19 +115,23 @@ if (!rate_limit_check($ip, $RATE_LIMIT, 600)) {
 }
 
 // ─── Field extraction + validation ──────────────────────────────────
-$name           = trim((string)($body['name']  ?? ''));
-$email          = trim((string)($body['email'] ?? ''));
-$phone          = trim((string)($body['phone'] ?? ''));
+$name           = trim((string)($body['name']    ?? ''));
+$email          = trim((string)($body['email']   ?? ''));
+$phone          = trim((string)($body['phone']   ?? ''));
+$address        = trim((string)($body['address'] ?? ''));
+$sqft           = trim((string)($body['sqft']    ?? ''));
 $message        = trim((string)($body['message'] ?? ''));
 $website        = trim((string)($body['website'] ?? ''));         // honeypot
 $form_loaded_at = trim((string)($body['form_loaded_at'] ?? ''));
-$altcha_payload = trim((string)($body['altcha'] ?? ''));
+$altcha_payload = trim((string)($body['altcha']  ?? ''));
 
 $errors = [];
-if (mb_strlen($name) < 2 || mb_strlen($name) > 80)  $errors[] = 'name';
-if (!filter_var($email, FILTER_VALIDATE_EMAIL))     $errors[] = 'email';
-if (mb_strlen($phone) > 20)                          $errors[] = 'phone';
-if (mb_strlen($message) > 2000)                      $errors[] = 'message';
+if (mb_strlen($name) < 2 || mb_strlen($name) > 80)    $errors[] = 'name';
+if (!filter_var($email, FILTER_VALIDATE_EMAIL))        $errors[] = 'email';
+if (mb_strlen($phone) > 20)                            $errors[] = 'phone';
+if (mb_strlen($address) < 5 || mb_strlen($address) > 200) $errors[] = 'address';
+if ($sqft !== '' && (!ctype_digit($sqft) || (int)$sqft > 99999)) $errors[] = 'sqft';
+if (mb_strlen($message) > 2000)                        $errors[] = 'message';
 
 if ($errors) {
     error_log("[floorit.form] validation_error request_id=$request_id fields=" . implode(',', $errors));
@@ -162,7 +166,9 @@ $text_body =
     "A new estimate request came in through floorithardwoods.com.\n\n" .
     "Name: {$name}\n" .
     "Email: {$email}\n" .
-    "Phone: " . ($phone ?: 'not provided') . "\n\n" .
+    "Phone: " . ($phone ?: 'not provided') . "\n" .
+    "Address: {$address}\n" .
+    "Sq Ft: " . ($sqft ?: 'not provided') . "\n\n" .
     "Message:\n" . ($message ?: '(no message)') . "\n\n" .
     "Submitted at: " . gmdate('Y-m-d\TH:i:s\Z') . "\n" .
     "Request id: {$request_id}\n";