removed credentials from PHP souce code; refined handling of error/success message; added more images

.gitignore

@@ -5,3 +5,4 @@ utils/.caldav_pass
 content/pages/termine.md
 lighttpd.conf
 newsletter.sqlite
+config.ini

content/js/Message.js

@@ -1,8 +1,8 @@
 let query = new URLSearchParams(location.search);
-let msg = 'keine Fehlermeldung gefunden';
+let msg = 'keine Statusmeldung gefunden';
 if (query.has('msg')) {
   msg = query.get('msg');
 }
-if ( document.getElementById('error-msg').firstChild != null ) {
-  document.getElementById('error-msg').firstChild.nodeValue = msg;
+if ( document.getElementById('msg').firstChild != null ) {
+  document.getElementById('msg').firstChild.nodeValue = msg;
 }

content/pages/danke.md

@@ -1,11 +1,16 @@
 ---
-title: Kleines Dankeschön
+title: Du bist Abonnent!
 date: 2025-02-04 10:20
 author: Tobias Radloff
 summary: Danke für deine Nachricht.
 lang: de
 slug: danke
 save_as: newsletter/danke.html
+featured_image:
+  - pic: ../images/tr/motif-fireworks.jpg
+    alt: prächtige Feuerwerksraketen explodieren am Nachthimmel über einem See
+    credit: Ray Hennessy | unsplash.com
+    credit_link: https://unsplash.com/@rayhennessy
 ---
 
 Klasse, dass du dich für meinen Newsletter angemeldet hast. Als kleines Dankeschön und um die Wartezeit auf die nächste Ausgabe zu verkürzen, ist hier ein bislang unveröffentlichtes Gedicht von mir. Viel Spaß :-)

content/pages/error.md

@@ -13,9 +13,9 @@ featured_image:
     credit_link: https://unsplash.com/@elisa_ventur
 ---
 
-Verflixt, es ist ein Fehler bei der Newsletter-Verwaltung aufgetreten. Vielleicht hilft dir die Fehlermeldung weiter? 
+Verflixt, es ist ein Fehler bei der Newsletter-Verwaltung aufgetreten. Vielleicht hilft dir die Statusmeldung weiter? 
 
-`suche Fehlermeldung`{: #error-msg}
+`suche Statusmeldung`{: #msg}
 
 <script src="{static}/js/Message.js"></script>
 

content/pages/success.md

@@ -13,6 +13,8 @@ featured_image:
     credit_link: https://unsplash.com/@ianstauffer
 ---
 
+<p id="msg">Erfolg auf der ganzen Linie.</p>
+
 <script src="{static}/js/Message.js"></script>
 
 [&larr; zur Startseite](/)

content/pages/termine.md.metadata

@@ -8,7 +8,7 @@ slug: termine
 url: termine/
 save_as: termine/index.html
 featured_image:
-  - pic: ../images/tr/motif-termine-towfiqu-barbhuiya-unsplash.jpg
+  - pic: ../images/tr/motif-termine.jpg
     alt: in einem Kalender stecken rote Reißzwecken und ein Tag ist rot eingekringelt
     credit: Towfiqu barbhuiya | unsplash.com
     credit_link: https://unsplash.com/@towfiqu999999 

content/php/confirm.php

@@ -1,7 +1,7 @@
 <?php
 // inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
 
-require(dirname(__FILE__) . '/../settings.php');
+require(dirname(__FILE__) . '/../functions.php');
 
 $successURL = '/newsletter/danke.html';
 $errorURL = '/error.html';

content/php/contact.php

@@ -7,7 +7,7 @@ if ( $_POST['address'] != '' ) {
   exit;
 }
 
-require(dirname(__FILE__) . '/../settings.php');
+require(dirname(__FILE__) . '/../functions.php');
 
 $successURL = '/success.html';
 $errorURL = '/error.html';

content/php/functions.php

@@ -9,13 +9,17 @@ require $dname . '/Exception.php';
 require $dname . '/PHPMailer.php';
 require $dname . '/SMTP.php';
 
+// read ini file
+$ini_file = '../../config.ini';
+$ini = parse_ini_file($ini_file, TRUE);
+
 // general constants
 $general = [
   // site domain (used for building confirmation links)
 /*  'domain' => 'tobias-radloff.de', */
   'domain' => 'localhost',
   // string concatenated with email address to create a non-recreatable md5 hash 
-  'uniqueKey' => '***REMOVED***', // works like password salt  
+  'uniqueKey' => $ini['hash']['uniqueKey'], // works like password salt  
   // file name of confirm script
   'confirmScript' => '/newsletter/confirm.php',
   // status code to be used when redirection to success or error page 
@@ -33,28 +37,8 @@ $general = [
 // complete site URL
 $general['siteURL'] = 'https://' . $general['domain']; 
 
-// SMTP server information
-$smtp = [
-  'host' => '***REMOVED***
-  'port' => 587,
-  'username' => 'tobias',
-  'password' => '***REMOVED***',
-  'auth' => TRUE,
-];
-
-// database information
-$db = [
-  'sqlite' => [
-    'dsn' => 'sqlite:../../newsletter.sqlite',
-  ],
-  'mysql' => [
-    'dsn' => '',
-    'host' => '',
-    'port' => '',
-    'username' => '',
-    'password' => ''
-  ]
-];
+$smtp = $ini['smtp'];
+$db = $ini['db'];
 
 function GetConfirmationHash($confEmail) {
   global $general;
@@ -68,7 +52,7 @@ function getPDO($dbType = 'sqlite') {
 }
 
 // Sends an email to single recipient with subject, body and sender info specified in an array
-function SendEmail($recipientAddress, $mailContents) {
+function SendEmail($toAddress, $mailContents) {
   global $general, $smtp;
   $mail = new PHPMailer(true);
 
@@ -76,14 +60,14 @@ function SendEmail($recipientAddress, $mailContents) {
   //$mail->SMTPDebug = SMTP::DEBUG_SERVER;                      //Enable verbose debug output
   $mail->isSMTP();
   $mail->Host       = $smtp['host'];
+  $mail->Port       = $smtp['port'];   //TCP port to connect to; use 587 if you have set `SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS`
   $mail->SMTPAuth   = $smtp['auth'];
   $mail->Username   = $smtp['username'];
   $mail->Password   = $smtp['password'];
   //$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS;            //Enable implicit TLS encryption
-  $mail->Port       = $smtp['port'];   //TCP port to connect to; use 587 if you have set `SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS`
 
   // recipient
-  $mail->addAddress($recipientAddress);     //Add a recipient
+  $mail->addAddress($toAddress); 
 
   // content
   $mail->CharSet = 'UTF-8';

content/php/subscribe.php

@@ -1,7 +1,7 @@
 <?php
 // inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
 
-require(dirname(__FILE__) . '/../settings.php');
+require(dirname(__FILE__) . '/../functions.php');
 
 $successURL = '/success.html';
 $errorURL = '/error.html';
@@ -59,5 +59,7 @@ try {
 }
 
 // success
+$mailContents['subject'] = 'Jemand will den Newsletter abonnieren und hat eine Kopie dieser Mail bekommen';
+SendEmail($general['notificationAddress'], $mailContents);
 GracefulExit($successURL, "Anmeldung erfolgreich: Email mit Bestätigungslink wurde an {$email} versandt.");
 ?>

content/php/unsubscribe.php

@@ -1,6 +1,6 @@
 <?php
 
-require(dirname(__FILE__) . '/../settings.php');
+require(dirname(__FILE__) . '/../functions.php');
 
 $successURL = '/success.html';
 $errorURL = '/error.html';

pelicanconf.py

@@ -28,7 +28,7 @@ IGNORE_FILES = ['**/.*', '__pycache__', 'favicon-from-svg.sh', '*.metadata']
 
 EXTRA_PATH_METADATA = {
     'favicon/favicon.ico': {'path': 'favicon.ico'},
-    'php/settings.php': {'path': 'settings.php'}, 
+    'php/functions.php': {'path': 'functions.php'}, 
     'php/subscribe.php': {'path': 'newsletter/subscribe.php'}, 
     'php/confirm.php': {'path': 'newsletter/confirm.php'}, 
     'php/unsubscribe.php': {'path': 'newsletter/unsubscribe.php'}, 

theme/static/css/custom.css

@@ -323,6 +323,8 @@ figcaption {
   .index-link::after {
     content: "\00a0\02192"; /* arrow to the right */
   }
+
+  a { color: var(--pico-h1-color);}
 }