WordPress Form with Attachment Php Code

<?php
    
    if(isset($_POST['submit']) && isset($_POST['secret_key']) && $_POST['secret_key'] === 'xx1485DD') {
    	
    		    // Block URLs in message field https http www and domains
        $messageText = $_POST['message'];
        if (preg_match('/\b(?!https?:\/\/|www\.)\w+\.\w+/i', $messageText)) {
            die('Sorry, we do not allow URLS in the form.');
        }
    
        $to = '[email protected]';  	// Replace with your email
        $subject = $_POST['subject'];    
        $message = "Name: " . $_POST['name'] . "<br><br>";
        $message .= "Email: " . $_POST['email'] . "<br><br>";    
        $message .= "Message: " . $_POST['message'] . "<br><br>";   
        $headers = array('Content-Type: text/html; charset=UTF-8', 'Reply-To: ' . $_POST['email']); // with Reply to the sender
    
       // Allow just png and jpg maximum file size 2mb (adjust this depending your needs)
        if ($_FILES['image']['error'] == UPLOAD_ERR_OK) {       
           
            $maxFileSize = 2000000;        
            $fileSize = $_FILES['image']['size'];
            
            if ($fileSize > $maxFileSize) {           
                die('File too large! Maximum file size is 2mb.');
    
            }           
            
           $allowedExtensions = array('png', 'jpg');    
           $fileExtension = pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION);
           
            if (!in_array($fileExtension, $allowedExtensions)) {           
               die('Invalid file extension. Just png and jpg extensions are allowed! ');                 
            }     
        }     
         
    	 $attachments = array();
    	 
    // Handle the uploaded file
    	 if ($_FILES['image']['error'] == UPLOAD_ERR_OK) {
            $tmp_name = $_FILES['image']['tmp_name'];
            $filename = basename($_FILES['image']['name']);
            $destination = sys_get_temp_dir() . '/' . $filename; // Use system temp directory
    
            // Move the file to the temporary directory
            if (move_uploaded_file($tmp_name, $destination)) {
                $attachments = array($destination);
            }
        } 
    
    // Send email with attachments, Reply to the sender and redirect to thank you page
    if (wp_mail($to, $subject, $message, $headers, $attachments)) {
            foreach($attachments as $file) {
                unlink($file); // Remove file from temp directory after sending
            }
    		// Redirect thank you page
            wp_redirect('/thank-you-contact-form-sent'); // Replace with the slug of your thank-you page
            exit();
        } else {
            foreach($attachments as $file) {
                unlink($file); // Remove file from temp directoryI
    
            }
            wp_redirect('/sorry-contact-form-not-sent'); // Replace with the slug of your sorry page
            exit();
        }
    }
    // Send reply email outside the conditional statement for message email
    $replyTo = $_POST['email'];
    $replySubject = $_POST['subject'];
    $replyMessage = $_POST['message'];
    $replyHeaders = array('Content-Type: text/html; charset=UTF-8', 'From: your site <[email protected]>'); 	// Replace with your email
    // Send reply email
    wp_mail($replyTo, $replySubject, $replyMessage, $replyHeaders);
    
    
    // Spam securities:
    
    // Check for honeypot value hidden filled in by bots
        if (!empty($_POST['honeypot'])) {
            die('Sorry, your submission was rejected due to suspected spam.');
        }

?>