65 lines
2.0 KiB
PHP
65 lines
2.0 KiB
PHP
<?php
|
|
// inspired by https://www.mailgun.com/blog/email/double-opt-in-with-php-mailgun/
|
|
|
|
$webroot = $_SERVER['DOCUMENT_ROOT'];
|
|
require($webroot . '/functions.php');
|
|
|
|
$successURL = '/newsletter/danke.html';
|
|
$errorURL = '/error.html';
|
|
$err = 'Bestätigung fehlgeschlagen';
|
|
|
|
// contents of notification email
|
|
$mailContents = [
|
|
'subject' => 'Neuer Newsletter-Abonnent',
|
|
'bodyText' => "Jemand hat seine Emailadresse für den Empfang des Newsletters bestätigt:\n\n%Placeholder%",
|
|
'fromAddress' => '***REMOVED***', // 'newsletter@tobias-radloff.de'
|
|
'fromName' => 'Tobias Radloff'
|
|
];
|
|
|
|
// Adds new subscriber to database. Returns an error message on failure, TRUE on success.
|
|
function AddSubscriberToDB($subscriberAddress, $subscriberName = NULL) {
|
|
$pdo = getPDO();
|
|
|
|
// check if record exists
|
|
$check = NotYetSubscribed($subscriberAddress, $pdo);
|
|
if ( gettype($check) == 'string' ) {
|
|
return $check;
|
|
}
|
|
|
|
// create record
|
|
global $general;
|
|
$query = $pdo->prepare($general['sql']['create_record']);
|
|
if ( ( ! $query->execute([':e' => $subscriberAddress, ':n' => $subscriberName]) ) or ( $query->fetch() ) ) {
|
|
return 'Fehler beim Eintragen in die Datenbank';
|
|
}
|
|
return TRUE;
|
|
}
|
|
|
|
|
|
// check if hash and email parameters are both set
|
|
if ( ! (isset($_GET['c']) and isset($_GET['e'])) ) {
|
|
GracefulExit($errorURL, "{$err}: Fehlende Emailadresse oder Hash");
|
|
}
|
|
|
|
// check if hash is correct
|
|
$c = filter_var($_GET['c'], FILTER_SANITIZE_STRING);
|
|
$e = filter_var($_GET['e'], FILTER_SANITIZE_STRING);
|
|
if ( GetConfirmationHash($e) != $c ) {
|
|
GracefulExit($errorURL, "{$err}: Fehlerhafter Hash");
|
|
}
|
|
|
|
// add email to database
|
|
try {
|
|
$result = AddSubscriberToDB($e);
|
|
if ( gettype($result) == 'string' ) {
|
|
GracefulExit($errorURL, "{$err}: {$result}");
|
|
}
|
|
} catch(\PDOException $e) {
|
|
GracefulExit($errorURL, "{$err}: {$e->getMessage()}");
|
|
}
|
|
|
|
// success
|
|
$mailContents['bodyText'] = str_replace('%Placeholder%', $e, $mailContents['bodyText']);
|
|
SendEmail($general['notificationAddress'], $mailContents);
|
|
GracefulExit($successURL);
|
|
?>
|