169 lines
5.2 KiB
PHP
169 lines
5.2 KiB
PHP
<?php
|
|
// import PHPMailer classes into the global namespace
|
|
use PHPMailer\PHPMailer\PHPMailer;
|
|
use PHPMailer\PHPMailer\SMTP;
|
|
use PHPMailer\PHPMailer\Exception;
|
|
|
|
$dname = dirname(__FILE__);
|
|
require $dname . '/../Exception.php';
|
|
require $dname . '/../PHPMailer.php';
|
|
require $dname . '/../SMTP.php';
|
|
|
|
// general constants
|
|
$general = [
|
|
// site domain (used for building confirmation links)
|
|
/* 'domain' => 'tobias-radloff.de', */
|
|
'domain' => 'localhost',
|
|
// string concatenated with email address to create a non-recreatable md5 hash
|
|
'uniqueKey' => '***REMOVED***', // works like password salt
|
|
// file name of confirm script
|
|
'confirmScript' => '/newsletter/confirm.php',
|
|
// status code to be used when redirection to success or error page
|
|
'statusCode' => 'HTTP/1.1 303 See Other',
|
|
// array of SQL statements used
|
|
'sql' => [
|
|
'create_table' => 'CREATE TABLE IF NOT EXISTS subscribers (id INTEGER PRIMARY KEY, email TEXT NOT NULL UNIQUE, name TEXT);',
|
|
'create_record' => 'INSERT INTO subscribers(email, name) VALUES(:e, :n);',
|
|
'read_record' => 'SELECT 1 FROM subscribers WHERE email = :e;',
|
|
'update_record' => '',
|
|
'delete_record' => 'DELETE FROM subscribers WHERE email = :e;'
|
|
]
|
|
];
|
|
// complete site URL
|
|
$general['siteURL'] = 'https://' . $general['domain'];
|
|
|
|
// SMTP server information
|
|
$smtp = [
|
|
'host' => '***REMOVED***
|
|
'port' => 587,
|
|
'username' => 'tobias',
|
|
'password' => '***REMOVED***',
|
|
'auth' => TRUE,
|
|
'fromAddress' => '***REMOVED***', // 'newsletter@tobias-radloff.de'
|
|
'fromName' => 'Tobias Radloffs Newsletter',
|
|
];
|
|
|
|
// body of confirmation email
|
|
$bodyConfirmation = [
|
|
'Hallo!',
|
|
'Bitte bestätige die Anmeldung für meinen Newsletter, indem du auf den folgenden Link klickst:',
|
|
'%Placeholder%',
|
|
'Bis bald und viele Grüße, Tobias'
|
|
];
|
|
|
|
// contents of confirmation email
|
|
$mailConfirmation = [
|
|
'subject' => 'Newsletter-Anmeldung bestaetigen',
|
|
'bodyHTML' => '<p>' . implode('</p><p>', $bodyConfirmation) . '</p>',
|
|
'bodyText' => implode("\n\n", $bodyConfirmation)
|
|
];
|
|
|
|
// database information
|
|
$db = [
|
|
'sqlite' => [
|
|
'dsn' => 'sqlite:../../newsletter.sqlite',
|
|
],
|
|
'mysql' => [
|
|
'dsn' => '',
|
|
'host' => '',
|
|
'port' => '',
|
|
'username' => '',
|
|
'password' => ''
|
|
]
|
|
];
|
|
|
|
function GetConfirmationHash($confEmail) {
|
|
global $general;
|
|
return md5($confEmail . $general['uniqueKey']);
|
|
}
|
|
|
|
// connects to database and returns PDO object
|
|
function getPDO($dbType = 'sqlite') {
|
|
global $db;
|
|
return new \PDO($db[$dbType]['dsn']);
|
|
}
|
|
|
|
// Sends an email to single recipient with subject and body specified in an array
|
|
function SendEmail($recipientAddress, $mailContents, $link = NULL) {
|
|
global $general, $smtp;
|
|
$mail = new PHPMailer(true);
|
|
|
|
//Server settings
|
|
// $mail->SMTPDebug = SMTP::DEBUG_SERVER; //Enable verbose debug output
|
|
$mail->isSMTP();
|
|
$mail->Host = $smtp["host"];
|
|
$mail->SMTPAuth = $smtp["auth"];
|
|
$mail->Username = $smtp["username"];
|
|
$mail->Password = $smtp["password"];
|
|
//$mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; //Enable implicit TLS encryption
|
|
$mail->Port = $smtp["port"]; //TCP port to connect to; use 587 if you have set `SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS`
|
|
|
|
//Recipients
|
|
$mail->setFrom($smtp["fromAddress"], $smtp["fromName"]);
|
|
$mail->addAddress($recipientAddress); //Add a recipient
|
|
|
|
//Content
|
|
if (isset($link)) {
|
|
$mailContents["bodyHTML"] = str_replace("%Placeholder%", $link, $mailContents["bodyHTML"]);
|
|
$mailContents["bodyText"] = str_replace("%Placeholder%", $link, $mailContents["bodyText"]);
|
|
}
|
|
$mail->CharSet = "UTF-8";
|
|
$mail->isHTML(true);
|
|
$mail->Subject = $mailContents["subject"];
|
|
$mail->Body = $mailContents["bodyHTML"];
|
|
$mail->AltBody = $mailContents["bodyText"];
|
|
|
|
$mail->send();
|
|
}
|
|
|
|
|
|
function MakeSureTableExists($pdo) {
|
|
global $general;
|
|
$query = $pdo->prepare($general['sql']['create_table']);
|
|
if ( ! $query->execute() ) {
|
|
// error_log('Unbekannter Datenbankfehler beim Prüfen/Erzeugen der Tabelle.');
|
|
return "Unbekannter Datenbankfehler";
|
|
}
|
|
return TRUE;
|
|
}
|
|
|
|
// returns true if record does not yet exist in database; error string otherwise
|
|
function NotAlreadySubscribed($email, $pdo = NULL) {
|
|
if (!isset($pdo)) {
|
|
$pdo = getPDO();
|
|
}
|
|
|
|
$result = MakeSureTableExists($pdo);
|
|
if ( gettype($result) == "string" ) {
|
|
// error_log("Datenbankfehler beim Adresscheck: {$result}");
|
|
return $result;
|
|
}
|
|
|
|
global $general;
|
|
$query = $pdo->prepare($general['sql']['read_record']);
|
|
if ( ! $query->execute([':e' => $email]) ) {
|
|
// error_log("Datenbankfehler: Adresscheck für Emailadresse {$email} ergab einen Fehler.");
|
|
return "Fehler beim Zugriff auf Datenbank";
|
|
}
|
|
|
|
if ( $query->fetch() ) {
|
|
// error_log("Adresscheck: Emailadresse {$email} ist bereits eingetragen.");
|
|
return "Emailadresse {$email} ist bereits eingetragen";
|
|
}
|
|
|
|
// success
|
|
return TRUE;
|
|
}
|
|
|
|
// redirects to specified URL via GET request and conveys an optional message; then exits
|
|
function GracefulExit($location, $message = NULL) {
|
|
global $general;
|
|
header($general['statusCode']);
|
|
if (isset($message)) {
|
|
$location .= "?" . http_build_query(['msg' => $message]);
|
|
error_log($location);
|
|
}
|
|
header("Location: {$location}");
|
|
exit;
|
|
}
|
|
?>
|