tobias/t-r.de
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lots of work around the newsletter subscription process

Browse Source
This commit is contained in:
eclipse 2025-02-28 21:05:57 +01:00
parent b9e3bee4b0
commit 2ce0699142
5 changed files with 127 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
content/php/confirm.php
View File

@ -1,25 +1,38 @@
<?php <?php
// inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/ // inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
$statusCode = "HTTP/1.1 303 See Other";
$successURL = '/newsletter/confirmed.html';
$errorURL = '/newsletter/confirm-error.html';
// return TRUE when successful, message string on failure
// e.g. Adresse schon vorhanden, Datenbank-Fehler, was noch?
function AddMemberToDB($recipientAddress) { function AddMemberToDB($recipientAddress) {
/* global $mailingList, $mgClient; global $db;
$result = $mgClient->post("lists/$mailingList/members", array( echo "ah jup";
'address' => $recipientAddress, return TRUE;
'name' => $recipientName,
'description' => 'Form Opt In',
'subscribed' => true
)); */
} }
require("settings.php"); require(dirname(__FILE__) . "/settings.php");
$c = isset($_GET['c']) ? SanitizeInputs($_GET['c']) : NULL; $c = isset($_GET['c']) ? SanitizeInputs($_GET['c']) : NULL;
$e = isset($_GET['e']) ? SanitizeInputs($_GET['e']) : NULL; $e = isset($_GET['e']) ? SanitizeInputs($_GET['e']) : NULL;
if (isset($c) && isset($e) && CheckConfirmationHash($e, $c) && AddMemberToDB($e)) { if (! (isset($c) && isset($e) && CheckConfirmationHash($e, $c)) ) {
header('Location: /newsletter/confirmed.html'); header($statusCode);
header("Location: " . $errorURL . "?" . http_build_query(["msg" => SanitizeInputs("Ungültiger Link")]));
} else { } else {
header('Location: /newsletter/confirm-error.html') $result = AddMemberToDB($e);
if ($result == TRUE) {
header($statusCode);
header("Location: " . $successURL);
} elseif (gettype($result == "string")) {
header($statusCode);
header("Location: " . $errorURL . "?" . http_build_query(["msg" => SanitizeInputs($result)]));
} else {
header($statusCode);
header("Location: " . $errorURL . "?" . http_build_query(["msg" => SanitizeInputs("Unbekannter Fehler")]));
}
} }
?> ?>

50
content/php/settings.php
View File

@ -1,13 +1,50 @@
<?php <?php
// inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/ // inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
$domain = 'tobias-radloff.de'; // general constants
$fromAddress = 'newsletter@tobias-radloff.de'; $general = array(
$siteURL = 'https://tobias-radloff.de'; // "domain" => 'tobias-radloff.de',
$uniqueKey = '***REMOVED***'; // works like password salt "domain" => 'localhost',
"uniqueKey" => '***REMOVED***', // works like password salt
"confirmScript" => "/confirm.php"
);
$general["siteURL"] = "https://" . $general["domain"];
// smtp info
$smtp = array(
"host" => '***REMOVED***
"port" => 587,
"username" => 'tobias',
"password" => '***REMOVED***',
"auth" => TRUE,
"fromAddress" => "***REMOVED***", // 'newsletter@tobias-radloff.de'
"fromName" => "Tobias Radloffs Newsletter",
);
$body = array(
"Hallo!",
"Bitte bestätige die Anmeldung für meinen Newsletter, indem du auf den folgenden Link klickst:",
"%confirmURL%", // placeholder
"Bis bald und viele Grüße, Tobias"
);
// mail contents
$mail = array(
"subject" => 'Newsletter-Anmeldung bestaetigen',
"bodyHTML" => "<p>" . implode("</p><p>", $body) . "</p>",
"bodyText" => implode("\n\n", $body)
);
// DB constants
$db = array(
"host" => "",
"port" => "",
"username" => "",
"password" => ""
);
function SanitizeInputs($var) { function SanitizeInputs($var) {
return = htmlspecialchars($var, ENT_QUOTES); return htmlspecialchars($var, ENT_QUOTES);
} }
function SanitizeEmail ($var) { function SanitizeEmail ($var) {
@ -19,6 +56,7 @@ function SanitizeEmail ($var) {
} }
function CheckConfirmationHash($confEmail, $confCode) { function CheckConfirmationHash($confEmail, $confCode) {
return (md5($confEmail . $uniqueKey) === $confCode); global $general;
return (md5($confEmail . $general["uniqueKey"]) === $confCode);
} }
?> ?>

66
content/php/subscribe.php
View File

@ -1,37 +1,73 @@
<?php <?php
// inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/ // inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
// import PHPMailer classes into the global namespace
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;
$dname = dirname(__FILE__);
require $dname . '/Exception.php';
require $dname . '/PHPMailer.php';
require $dname . '/SMTP.php';
function MakeConfirmationHash($confEmail, $confCode) { function MakeConfirmationHash($confEmail, $confCode) {
return md5($confEmail . $confCode); return md5($confEmail . $confCode);
} }
function SendConfirmationEmail($recipientAddress) { function SendConfirmationEmail($recipientAddress) {
global $domain, $fromAddress, $siteURL, $uniqueKey; global $general, $smtp, $mail;
$hashedUnique = MakeConfirmationHash($recipientAddress, $uniqueKey); $hashedUnique = MakeConfirmationHash($recipientAddress, $general["uniqueKey"]);
$confirmURL = $siteURL . '/confirm.php?c=' . $hashedUnique . '&e=' . $recipientAddress $confirmQuery = http_build_query(["c" => $hashedUnique, "e" => $recipientAddress]);
$confirmURL = $general["siteURL"] . $general["confirmScript"] . "?" . $confirmQuery;
// FIXME // create PHPMailer instance
// use PHPMailer? $mailer = new PHPMailer(true);
$to = $recipientAddress;
$subject = 'Newsletter-Anmeldung bestaetigen'; try {
$body = '<p>Hallo! Bitte bestätige die Anmeldung für meinen Newsletter, indem du auf <a href="' . $confirmURL . '">diesen Link</a> klickst. Viel Spaß mit dem Gedicht!</p><p>Bis bald und viele Grüße<br>Tobias'; //Server settings
$headers = 'From: newsletter@' . $domain; // $mailer->SMTPDebug = SMTP::DEBUG_SERVER; //Enable verbose debug output
$result = mail($to, $subject, $body, $headers); $mailer->isSMTP();
return $result; $mailer->Host = $smtp["host"];
$mailer->SMTPAuth = $smtp["auth"];
$mailer->Username = $smtp["username"];
$mailer->Password = $smtp["password"];
//$mailer->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; //Enable implicit TLS encryption
$mailer->Port = $smtp["port"]; //TCP port to connect to; use 587 if you have set `SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS`
//Recipients
$mailer->setFrom($smtp["fromAddress"], $smtp["fromName"]);
$mailer->addAddress($recipientAddress); //Add a recipient
//Content
$mailer->CharSet = "UTF-8";
$mailer->isHTML(true);
$mailer->Subject = $mail["subject"];
$mailer->Body = str_replace("%confirmURL%", $confirmURL, $mail["bodyHTML"]);
$mailer->AltBody = str_replace("%confirmURL%", $confirmURL, $mail["bodyText"]);
$mailer->send();
return TRUE;
} catch (Exception $e) {
error_log("Message error: " . $e);
return FALSE;
}
} }
require("settings.php"); require($dname . "/settings.php");
if (isset($_POST['email'])) { if (isset($_POST['email'])) {
$email = SanitizeEmail(trim($_POST['email'])); $email = SanitizeEmail(trim($_POST['email']));
echo $email; //DEBUG // error_log("Received subscription request for address " . $email . " ..."); //DEBUG
$result = SendConfirmationEmail($email); $result = SendConfirmationEmail($email);
if $result == TRUE ) { if ( $result == TRUE ) {
header('Location: /newsletter/subscribed.html'); header('Location: /newsletter/subscribed.html');
error_log("Message to " . $email . " has been sent.");
} else { } else {
header('Location: /newsletter/subscribe-error.html') header('Location: /newsletter/subscribe-error.html');
error_log("Message to " . $email . " could not be sent.");
} }
} }
?> ?>

12
content/php/unsubscribe.php
View File

@ -1,18 +1,18 @@
<?php <?php
function RemoveMemberfromDB($subscriberAddress) { function RemoveSubscriberfromDB($subscriberAddress) {
//FIXME error_log("removing subscriber " . $subscriberAddress . " from DB ...");
} }
require("settings.php"); require(dirname(__FILE__) . "/settings.php");
$email = isset($_GET['email']) ? SanitizeInputs($_GET['email']) : NULL; $email = isset($_GET['e']) ? SanitizeInputs($_GET['e']) : NULL;
if (isset($email)) { if (isset($email)) {
$r = RemoveMemberfromDB($email); $r = RemoveSubscriberfromDB($email);
if ($r) { if ($r) {
header('Location: /newsletter/unsubscribed.html'); header('Location: /newsletter/unsubscribed.html');
} else { } else {
header('Location: /newsletter/unsubscribe-error.html') header('Location: /newsletter/unsubscribe-error.html');
} }
} }
?> ?>

4
theme/templates/includes/unsubscribe.html
View File

@ -3,6 +3,6 @@
<p>Komm gerne wieder, irgendwann.</p> <p>Komm gerne wieder, irgendwann.</p>
</hgroup> </hgroup>
<form class="newsletter-form" method="get" action="{{ SITEURL }}/unsubscribe.php"> <form class="newsletter-form" method="get" action="{{ SITEURL }}/unsubscribe.php">
<input class="newsletter-email" type="email" name="email" placeholder="Emailadresse" autocomplete="email" aria-label="Emailadresse" required/> <input class="newsletter-email" type="email" name="e" placeholder="Emailadresse" autocomplete="email" aria-label="Emailadresse" required/>
<input class="newsletter-submit" type="submit" value="Abonnieren" /> <input class="newsletter-submit" type="submit" value="Abmelden" />
</form> </form>