]> git.p6c8.net - form-email.git/blob - form-email/mailer.php
"cursor: hand" ist nicht W3C-Standard
[form-email.git] / form-email / mailer.php
1 <?php
2
3 #
4 # Form E-Mail 3.5
5 #
6 # Versenden einer E-Mail, die ueber ein Kontaktformular
7 # geschrieben wurde.
8 #
9 # Autor: Patrick Canterino <patrick@patshaping.de>
10 # Letzte Aenderung: 05.02.2012
11 #
12 # Copyright (C) 2002-2012 Patrick Canterino
13 #
14 # Diese Datei kann unter den Bedingungen der "Artistic License 2.0"
15 # weitergegeben und / oder veraendert werden.
16 # Siehe:
17 # http://www.opensource.org/licenses/artistic-license-2.0
18 #
19
20 # ===========
21 # Hauptteil
22 # ===========
23
24 $VERSION = '3.5-dev';
25
26 require('config.php');
27 require('functions.php');
28 require('class.Template.php');
29
30 if($_SERVER['REQUEST_METHOD'] != 'POST') show_fatal($err_only_post);
31
32 # Wenn Captchas aktiviert sind, Session starten
33
34 if($captcha_enable) {
35 session_start();
36
37 # Pruefen, ob die zulaessige Zahl der Falscheingaben bei Captchas ueberschritten wurde
38
39 if($captcha_max && isset($_SESSION['captcha_failed']) && $_SESSION['captcha_failed'] >= $captcha_max) {
40 show_fatal($err_captcha_max);
41 }
42 }
43
44 # Bestimmte Werte in Integers umwandeln
45
46 $name_min = intval($name_min);
47 $subject_min = intval($subject_min);
48 $text_min = intval($text_min);
49 $name_max = intval($name_max);
50 $subject_max = intval($subject_max);
51 $text_max = intval($text_max);
52 $line_break = intval($line_break);
53
54 # Formulardaten auslesen
55
56 $email = formdata('email');
57 $name = formdata('name');
58 $recipient = formdata('recipient');
59 $subject = formdata('subject');
60 $text = formdata('text');
61
62 # Pruefen, ob ueberhaupt was ausgefuellt wurde
63
64 if(!$name && !$email && !$text) show_user_error($err_nothing);
65
66 # Pruefen, ob alle wichtigen Formular-Felder ausgefuellt wurden
67
68 if(!$name) show_user_error($err_no_name);
69 if(!$email) show_user_error($err_no_email);
70 if(!$text) show_user_error($err_no_text);
71
72 if(!$subject) $subject = $default_subject; # Standard-Betreff
73
74 # Pruefen, ob Name, Betreff und Text lang genug sind
75
76 if($name_min && strlen($name) < $name_min) show_user_error($err_name_short);
77 if($subject_min && strlen($subject) < $subject_min) show_user_error($err_subject_short);
78 if($text_min && strlen($text) < $text_min) show_user_error($err_text_short);
79
80 # Pruefen, ob Name, Betreff und Text nicht zu lang sind
81
82 if($name_max && strlen($name) > $name_max) show_user_error($err_name_long);
83 if($subject_max && strlen($subject) > $subject_max) show_user_error($err_subject_long);
84 if($text_max && strlen($text) > $text_max) show_user_error($err_text_long);
85
86 # Pruefen, ob eingegebene E-Mail-Adresse gueltig ist
87
88 if(!filter_var($email,FILTER_VALIDATE_EMAIL)) show_user_error($err_invalid_email);
89
90 # Individuelle Felder einlesen
91
92 $prepared_user_fields = array();
93
94 while(list($user_field,$user_field_data) = each($user_fields)) {
95 $user_field_content = formdata($user_field);
96
97 # Pruefung, ob es ein Pflichtfeld ist
98
99 if(!$user_field_content) {
100 if(isset($user_field_data['required']) && $user_field_data['required']) {
101 if(isset($user_field_data['errors']['not_set'])) {
102 show_user_error($user_field_data['errors']['not_set']);
103 }
104 else {
105 show_fatal($err_indiv_errmsg_miss,array('ERRMSG' => 'not_set', 'INDIVIDUAL' => $user_field));
106 }
107 }
108 else {
109 # Wenn das Feld optional ist und nicht gesetzt wurde, brechen wir hier ab
110 # und machen mit dem naechsten Feld weiter
111
112 $prepared_user_fields[$user_field_data['tpl_var']] = '';
113 continue;
114 }
115 }
116
117 # Laengen-Pruefung
118
119 if(isset($user_field_data['min']) && $user_field_data['min']) {
120 if(strlen($user_field_content) < $user_field_data['min']) {
121 if(isset($user_field_data['errors']['too_short'])) {
122 show_user_error($user_field_data['errors']['too_short']);
123 }
124 else {
125 show_fatal($err_indiv_errmsg_miss,array('ERRMSG' => 'too_short', 'INDIVIDUAL' => $user_field));
126 }
127 }
128 }
129
130 if(isset($user_field_data['min']) && $user_field_data['max']) {
131 if(strlen($user_field_content) > $user_field_data['max']) {
132 if(isset($user_field_data['errors']['too_long'])) {
133 show_user_error($user_field_data['errors']['too_long']);
134 }
135 else {
136 show_fatal($err_indiv_errmsg_miss,array('ERRMSG' => 'too_long', 'INDIVIDUAL' => $user_field));
137 }
138 }
139 }
140
141 # Pruefung gegen frei definierbare Pruef-Funktion
142
143 if(isset($user_field_data['check']) && $user_field_data['check'] != '') {
144 if(function_exists($user_field_data['check']) && call_user_func($user_field_data['check'],$user_field_content) === false) {
145 if(isset($user_field_data['errors']['check_fail'])) {
146 show_user_error($user_field_data['errors']['check_fail']);
147 }
148 else {
149 show_fatal($err_indiv_errmsg_miss,array('ERRMSG' => 'check_fail', 'INDIVIDUAL' => $user_field));
150 }
151 }
152 }
153
154 # Pruefung gegen frei definierbaren regulaeren Ausdruck
155
156 if(isset($user_field_data['regex']) && $user_field_data['regex'] != '') {
157 if(!preg_match($user_field_data['regex'],$user_field_content)) {
158 if(isset($user_field_data['errors']['match_fail'])) {
159 show_user_error($user_field_data['errors']['match_fail']);
160 }
161 else {
162 show_fatal($err_indiv_errmsg_miss,array('ERRMSG' => 'match_fail', 'INDIVIDUAL' => $user_field));
163 }
164 }
165 }
166
167 # Formularfeld durch frei definierbare Funktion bearbeiten
168
169 if(isset($user_field_data['prepare']) && $user_field_data['prepare'] != '') {
170 if(function_exists($user_field_data['check'])) {
171 $user_field_content = call_user_func($user_field_data['prepare'],$user_field_content);
172 }
173 }
174
175 # Name der Template-Variable ermitteln
176
177 if(isset($user_field_data['tpl_var']) && $user_field_data['tpl_var'] != '') {
178 $tpl_var = $user_field_data['tpl_var'];
179 }
180 else {
181 $tpl_var = 'USER_'.$user_field;
182 }
183
184 # Fertige Formulardaten wegkopieren und fuer spaeter zur Verfuegung stellen
185
186 $prepared_user_fields[$tpl_var] = $user_field_content;
187 }
188
189 # Captcha ueberpruefen
190
191 if($captcha_enable) {
192 $captcha_input = formdata('captcha');
193 $captcha_incorrect = false;
194
195 if(isset($_SESSION) && isset($_SESSION['captcha'])) {
196 if($captcha_case) {
197 if(!$captcha_input || empty($captcha_input) || $captcha_input != $_SESSION['captcha']) $captcha_incorrect = true;
198 }
199 else {
200 if(!$captcha_input || empty($captcha_input) || strtolower($captcha_input) != strtolower($_SESSION['captcha'])) $captcha_incorrect = true;
201 }
202
203 if($captcha_incorrect) {
204 if($captcha_max) {
205 if(isset($_SESSION['captcha_failed']) && $_SESSION['captcha_failed']) {
206 $_SESSION['captcha_failed']++;
207 }
208 else {
209 $_SESSION['captcha_failed'] = 1;
210 }
211 }
212
213 if($captcha_max && isset($_SESSION['captcha_failed']) && $_SESSION['captcha_failed'] >= $captcha_max) {
214 show_fatal($err_captcha_max);
215 }
216 else {
217 show_user_error($err_captcha_incorrect);
218 }
219 }
220 }
221 else {
222 show_fatal($err_captcha_session_failure);
223 }
224 }
225
226 # Referer ueberpruefen
227
228 if($check_referer) {
229 $referer_ok = semicolon_split($referer_ok);
230
231 $referer_parts = parse_url($_SERVER['HTTP_REFERER']);
232 $referer_host = $referer_parts['host'];
233
234 if(in_array($referer_host,$referer_ok) === false) show_fatal($err_referer_not_ok);
235 }
236
237 # Zeilenumbrueche in Namen und Betreff durch Leerzeichen ersetzen
238
239 $name = preg_replace("/\015\012|\012|\015/",' ',$name);
240 $subject = preg_replace("/\015\012|\012|\015/",' ',$subject);
241
242 # Uhrzeit formatieren
243
244 $timestamp = time();
245
246 date_default_timezone_set($timezone);
247 $time = strftime($timeformat,$timestamp);
248
249 # Header der Mail
250
251 $header = '';
252
253 if($friendly_sender) {
254 if($friendly_sender == 2) {
255 if(preg_match("/[\200-\377]/",$name)) {
256 # Absendernamen mit Base64 codieren
257
258 $encoded_name = base64_encode($name);
259 $encoded_name = wordwrap($encoded_name,56,"\015\012",1);
260 $encoded_name = "=?$charset?B?$encoded_name?=";
261 $encoded_name = str_replace("\015\012","?=\015\012 =?$charset?B?",$encoded_name);
262 }
263 else {
264 # Bestimmte Zeichen im Absendernamen codieren
265
266 $encoded_name = str_replace('"','\"',$name);
267 $encoded_name = str_replace('(','\\(',$encoded_name);
268 $encoded_name = str_replace(')','\\)',$encoded_name);
269 $encoded_name = '"'.$encoded_name.'"';
270 }
271
272 $header = "From: $encoded_name <$email>\n";
273 }
274 else $header = "From: $email\n";
275 }
276
277 if($add_header) {
278 if(!$friendly_sender) $header .= "Reply-To: $email\n";
279 $header .= 'Content-Type: text/plain; charset="'.$charset.'"'."\n";
280 $header .= 'Content-Transfer-Encoding: 8bit'."\n";
281 $header .= 'MIME-Version: 1.0'."\n";
282 $header .= 'X-Mailer: Form E-Mail '.$VERSION."\n";
283 $header .= 'X-Sender-IP: ['.$_SERVER['REMOTE_ADDR'].']';
284 }
285 else $header .= "Reply-To: $email";
286
287 $header = preg_replace("/\015\012|\012|\015/","\n",$header);
288
289 # Betreff mit Base64 codieren, wenn er Zeichen enthaelt,
290 # die nicht aus dem ASCII-Zeichensatz stammen
291
292 if(preg_match("/[\200-\377]/",$subject)) {
293 $encoded_subject = base64_encode($subject);
294 $encoded_subject = wordwrap($encoded_subject,56,"\015\012",1);
295 $encoded_subject = "=?$charset?B?$encoded_subject?=";
296 $encoded_subject = str_replace("\015\012","?=\015\012 =?$charset?B?",$encoded_subject);
297 }
298 else $encoded_subject = $subject;
299
300 # Mailtext formatieren...
301
302 $mtpl = new Template;
303 $mtpl->read_file($tpl_mail);
304
305 $mtpl->set_var('EMAIL', $email);
306 $mtpl->set_var('NAME', $name);
307 $mtpl->set_var('SUBJECT',$subject);
308 $mtpl->set_var('TIME', $time);
309
310 # ... Umgebungsvariablen einfuegen...
311
312 if(isset($allowed_envs) && is_array($allowed_envs)) {
313 foreach($allowed_envs as $allowed_env) {
314 if(isset($_SERVER[$allowed_env])) {
315 $mtpl->set_var('ENV_'.$allowed_env,$_SERVER[$allowed_env]);
316 }
317 else {
318 $mtpl->set_var('ENV_'.$allowed_env,'');
319 }
320 }
321 }
322
323 # ... eigene Felder einfuegen
324
325 while(list($tpl_var,$user_field_content) = each($prepared_user_fields)) {
326 $mtpl->set_var($tpl_var,$user_field_content);
327 }
328
329 $mtpl->set_var('TEXT',$text);
330
331 $mtpl->parse();
332
333 $mailtext = $mtpl->get_template();
334
335 if($line_break) $mailtext = wordwrap($mailtext,$line_break);
336
337 $mailtext = preg_replace("/\015\012|\012|\015/","\n",$mailtext);
338
339 # ... und die Mail abschicken (bei einem Fehler erscheint eine Meldung)
340
341 if($recipient && is_array($aliases) && $aliases[$recipient]) {
342 # Empfaenger mit Alias-Namen
343
344 $mailto = $aliases[$recipient];
345 }
346
347 $mailto = semicolon_split($mailto);
348
349 for($x=0;$x<count($mailto);$x++) {
350 mail($mailto[$x],$encoded_subject,$mailtext,$header) or show_fatal($err_send_error);
351 }
352
353 # Mails auf Festplatte speichern
354
355 if(isset($store_mails) && $store_mails) {
356 # Standard-Werte fuer einige Variablen
357
358 if(!isset($store_mails_dir) || $store_mails_dir == '') $store_mails_dir = 'stored_mails';
359 if(!isset($store_mails_prefix) || $store_mails_prefix == '') $store_mails_prefix = 'feml_';
360
361 # Verzeichnis ggf. anlegen
362
363 if(!is_dir($store_mails_dir)) mkdir($store_mails_dir);
364
365 # Betreff saeubern
366
367 $clean_subject = str_replace(' ','_',$subject);
368 $clean_subject = preg_replace('/[^a-z0-9\-_]/i','',$clean_subject);
369
370 # Eindeutigen Dateinamen der Mail zusammensetzen
371
372 $file_name = $store_mails_dir.'/'.uniqid($store_mails_prefix.$email.'_'.$clean_subject.'_'.strftime('%d%m%Y-%H%M%S',$timestamp));
373
374 # Daten in Datei schreiben
375
376 file_put_contents($file_name,$mailtext) or show_fatal($err_store_error);
377
378 # Alte Dateien loeschen
379
380 if(isset($store_mails_max) && $store_mails_max > 0) {
381 $dp = opendir($store_mails_dir);
382
383 while($stored_mail_file = readdir($dp)) {
384 if($stored_mail_file != '.' && $stored_mail_file != '..' && substr($stored_mail_file,0,strlen($store_mails_prefix)) == $store_mails_prefix) {
385 $stored_mail_files[$store_mails_dir.'/'.$stored_mail_file] = filemtime($store_mails_dir.'/'.$stored_mail_file);
386 }
387 }
388
389 closedir($dp);
390
391 arsort($stored_mail_files);
392
393 $x = 0;
394
395 foreach(array_keys($stored_mail_files) as $stored_mail_filename) {
396 $x++;
397
398 if($x > $store_mails_max) {
399 unlink($stored_mail_filename);
400 }
401 }
402 }
403 }
404
405 if($captcha_enable) session_destroy();
406
407 # Mail wurde erfolgreich versendet, also wird die Dankesseite angezeigt
408
409 if($return_url) {
410 # Per Redirect auf Seite umleiten
411
412 if(strpos($return_url,'://') === false) {
413 # URL vervollstaendigen
414
415 $http_host = ($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
416 $protocol = '';
417 $port = '';
418 $path = '';
419
420 if(isset($_SERVER['HTTPS'])) {
421 # SSL-verschluesseltes HTTP
422
423 $protocol = 'https://';
424 if($_SERVER['SERVER_PORT'] != 443) $port = ':'.$_SERVER['SERVER_PORT'];
425 }
426 else {
427 # Normales HTTP
428
429 $protocol = 'http://';
430 if($_SERVER['SERVER_PORT'] != 80) $port = ':'.$_SERVER['SERVER_PORT'];
431 }
432
433 if(substr($return_url,0,1) == '/') {
434 $return_url = $protocol.$http_host.$port.$return_url;
435 }
436 else {
437 if(substr($_SERVER['SCRIPT_NAME'],-1,1) == '/') {
438 $path = substr($_SERVER['SCRIPT_NAME'],0,-1);
439 }
440 else {
441 $path = $_SERVER['SCRIPT_NAME'];
442 }
443
444 $path = substr($path,0,strrpos($path,'/')+1);
445 if(substr($path,0,1) != '/') $path = '/'.$path;
446
447 $return_url = $protocol.$http_host.$port.$path.$return_url;
448 }
449 }
450
451 header('Status: 303 See Other');
452 header('Location: '.$return_url);
453 }
454 else {
455 # Mit Template formatierte Seite anzeigen
456
457 $stpl = new Template;
458 $stpl->read_file($tpl_sent);
459
460 $stpl->set_var('EMAIL', plain($email));
461 $stpl->set_var('MAIL', plain($mailtext));
462 $stpl->set_var('NAME', plain($name));
463 $stpl->set_var('SUBJECT',plain($subject));
464 $stpl->set_var('TEXT', plain($text));
465 $stpl->set_var('TIME', plain($time));
466
467 reset($user_fields);
468
469 while(list($user_field,$user_field_data) = each($user_fields)) {
470 if(isset($user_field_data['tpl_var']) && $user_field_data['tpl_var'] != '') {
471 $tpl_var = $user_field_data['tpl_var'];
472 }
473 else {
474 $tpl_var = 'USER_'.$user_field;
475 }
476
477 $stpl->set_var($tpl_var,htmlspecialchars(formdata($user_field)));
478 }
479
480 $stpl->parse();
481
482 print $stpl->get_template();
483 }
484
485 #
486 ### Ende ###
487
488 ?>

patrick-canterino.de