#122_umlaute_kontaktformular #123
@ -1,17 +1,35 @@
|
|||||||
<?php
|
<?php
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
function sanitize_text(string $name) {
|
function sanitize_text(string $name, string $type) {
|
||||||
$text = filter_var($_POST[$name], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
|
$filters = array(
|
||||||
|
'text' => FILTER_SANITIZE_SPECIAL_CHARS,
|
||||||
|
'email' => FILTER_SANITIZE_EMAIL,
|
||||||
|
);
|
||||||
$text = trim($text);
|
$text = trim($text);
|
||||||
|
$text = filter_var($_POST[$name], $filters[$type]);
|
||||||
$text = stripslashes($text);
|
$text = stripslashes($text);
|
||||||
$text = htmlspecialchars($text);
|
|
||||||
|
|
||||||
return $text;
|
return $text;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function prepare_message_body($message) {
|
||||||
|
// Replace HTML-Entities with actual carriage returns and line feeds
|
||||||
|
$message = str_replace(" ", "\r", $message);
|
||||||
|
$message = str_replace(" ", "\r", $message);
|
||||||
|
|
||||||
|
// Ensure line breaks via carriage return + line feed
|
||||||
|
$message = str_replace("\r\n", "\n", $message);
|
||||||
|
$message = str_replace("\n", "\r\n", $message);
|
||||||
|
|
||||||
|
$message = "Nachricht von: $name\r\n\r\n" . $message;
|
||||||
|
$message = base64_encode($message);
|
||||||
|
|
||||||
|
return $message;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sending email (Platzhalter)
|
* Sending email
|
||||||
*
|
*
|
||||||
* mail(): Braucht auf dem Server einen korrekt konfigurierten Mailserver
|
* mail(): Braucht auf dem Server einen korrekt konfigurierten Mailserver
|
||||||
* phpmailer: Bibliothek, der per Composer installiert wird. Tut ganz gut mit SMTP.
|
* phpmailer: Bibliothek, der per Composer installiert wird. Tut ganz gut mit SMTP.
|
||||||
@ -19,12 +37,14 @@ function sanitize_text(string $name) {
|
|||||||
function send_message_to_office($subject, $message, $name, $email) {
|
function send_message_to_office($subject, $message, $name, $email) {
|
||||||
return mail(
|
return mail(
|
||||||
getenv('WTF_CONTACT_TO'),
|
getenv('WTF_CONTACT_TO'),
|
||||||
$subject,
|
"=?UTF-8?B?" . base64_encode($subject) . "?=",
|
||||||
$name . "\r\n" . $message,
|
prepare_message_body($message),
|
||||||
$additional_headers = array(
|
$additional_headers = array(
|
||||||
"From" => getenv('WTF_CONTACT_FROM'),
|
"From" => getenv('WTF_CONTACT_FROM'),
|
||||||
"Reply-To" => $email,
|
"Reply-To" => $email,
|
||||||
"Return-Path" => getenv('WTF_RETURN_PATH'),
|
"Return-Path" => getenv('WTF_RETURN_PATH'),
|
||||||
|
"Content-Type" => "text/plain; charset=utf-8",
|
||||||
|
"Content-Transfer-Encoding" => "base64",
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -75,10 +95,10 @@ function prepare_response() {
|
|||||||
$response['errors'][] = 'Wir glauben Sie sind ein Bot.';
|
$response['errors'][] = 'Wir glauben Sie sind ein Bot.';
|
||||||
}
|
}
|
||||||
if (!array_key_exists('errors', $response)) {
|
if (!array_key_exists('errors', $response)) {
|
||||||
$subject = sanitize_text('subject');
|
$subject = sanitize_text('subject', 'text');
|
||||||
$message = sanitize_text('message');
|
$message = sanitize_text('message', 'text');
|
||||||
$name = sanitize_text('name');
|
$name = sanitize_text('name', 'text');
|
||||||
$email = sanitize_text('email');
|
$email = sanitize_text('email', 'email');
|
||||||
|
|
||||||
if (!send_message_to_office($subject, $message, $name, $email)) {
|
if (!send_message_to_office($subject, $message, $name, $email)) {
|
||||||
$response['errors'][] = 'Ihre Nachricht konnte nicht übermittelt werden.';
|
$response['errors'][] = 'Ihre Nachricht konnte nicht übermittelt werden.';
|
||||||
|
Loading…
Reference in New Issue
Block a user