diff --git a/content/images/sonstiges/cover-aventurischer-bote-1.webp b/content/images/sonstiges/cover-aventurischer-bote-1.webp
new file mode 100644
index 0000000..6313c06
Binary files /dev/null and b/content/images/sonstiges/cover-aventurischer-bote-1.webp differ
diff --git a/content/pages/error.md b/content/pages/error.md
index 71306ee..978c878 100644
--- a/content/pages/error.md
+++ b/content/pages/error.md
@@ -15,6 +15,8 @@ featured_image:
Verflixt, es ist ein Fehler bei der Newsletter-Verwaltung aufgetreten. Vielleicht hilft dir die Fehlermeldung weiter?
+`suche Fehlermeldung`{: #error-msg}
+
[← zur Startseite](/)
diff --git a/content/pages/index.md b/content/pages/index.md
index 11f1ad6..b93ea4a 100644
--- a/content/pages/index.md
+++ b/content/pages/index.md
@@ -3,7 +3,7 @@ title: Index
date: 2025-02-25
template: index
index_cards:
- - pic: images/kurzprosa/mockup-aw-phantastische-geschichten-2.png
+ - pic: images/kurzprosa/cover-aw-phantastische-geschichten-2.jpg
link: werke/
alt: Phantastik, Belletristik, Lyrik & mehr
- pic: images/tr/live-microphone-2.jpg
diff --git a/content/php/unsubscribe.php b/content/php/unsubscribe.php
index 1aa2090..ef636c0 100644
--- a/content/php/unsubscribe.php
+++ b/content/php/unsubscribe.php
@@ -35,16 +35,37 @@ function RemoveSubscriberFromDB($subscriberAddress) {
return TRUE;
}
-// check if hash and email parameters are both set
-if ( ! (isset($_GET['c']) and isset($_GET['e'])) ) {
- GracefulExit($errorURL, "{$err}: Fehlende Emailadresse oder Hash");
-}
-// check if hash is correct
-$c = filter_var($_GET['c'], FILTER_SANITIZE_STRING);
-$e = filter_var($_GET['e'], FILTER_SANITIZE_STRING);
-if ( ! GetConfirmationHash($e) === $c ) {
- GracefulExit($errorURL, "{$err}: Fehlerhafter Hash");
+// check request method – unsubscribe forms use POST but links use GET
+$method = $_SERVER['REQUEST_METHOD'];
+
+// check and sanitize email address
+if ( $method == 'GET' ) {
+ if ( ! isset($_GET['e']) ) {
+ GracefulExit($errorURL, "{$err}: Fehlende Emailadresse");
+ } else {
+ $e = filter_var($_GET['e'], FILTER_SANITIZE_STRING);
+ }
+} elseif ( $method == 'POST' ) {
+ if ( ! isset($_POST['e']) ) {
+ GracefulExit($errorURL, "{$err}: Fehlende Emailadresse");
+ } else {
+ $e = filter_var($_POST['e'], FILTER_SANITIZE_STRING);
+ }
+} else {
+ GracefulExit($errorURL, "{$err}: Fehlerhafter HTTP-Request");
+}
+
+// check, sanitize and validate hash (only required for GET requests)
+if ($method == 'GET') {
+ if ( ! isset($_GET['c']) ) {
+ GracefulExit($errorURL, "{$err}: Fehlende Emailadresse oder Hash");
+ } else {
+ $c = filter_var($_GET['c'], FILTER_SANITIZE_STRING);
+ if ( ! GetConfirmationHash($e) === $c ) {
+ GracefulExit($errorURL, "{$err}: Fehlerhafter Hash");
+ }
+ }
}
// remove email from database
diff --git a/theme/static/css/custom.css b/theme/static/css/custom.css
index f3820db..6dc8ea8 100644
--- a/theme/static/css/custom.css
+++ b/theme/static/css/custom.css
@@ -287,16 +287,10 @@ a {
text-align: center;
}
-pre {
- width: 80%;
- min-width: var(--tr-smallest-width);
- margin-left: auto;
- margin-right: auto;
-}
-
.featured-image {
text-align: center;
}
+
figcaption {
text-align: center;
font-size: 0.8em;
diff --git a/theme/templates/includes/unsubscribe.html b/theme/templates/includes/unsubscribe.html
index 9c1bdf9..d20324e 100644
--- a/theme/templates/includes/unsubscribe.html
+++ b/theme/templates/includes/unsubscribe.html
@@ -2,7 +2,7 @@
Newsletter-Abmeldung
Komm gerne wieder, irgendwann.
-