| 1 |
lars |
1 |
<?
|
|
|
2 |
// $Id: mail.php 25 2007-09-19 15:31:51Z tiefland $
|
|
|
3 |
|
|
|
4 |
//Variablen initialisieren
|
|
|
5 |
$headers = array();
|
|
|
6 |
$email = (isset($_POST["email"])) ? $_POST["email"] : "info@weban.de";
|
|
|
7 |
|
|
|
8 |
// Existiert ein Email Schutz?
|
|
|
9 |
if (eregi("[a-z0-9]{32}",$_POST["_to"])) {
|
|
|
10 |
// Ja, dann ueberpruefe ob Konfiguration existiert
|
|
|
11 |
if (file_exists('emailconfig.default.inc.php')) {
|
|
|
12 |
include('emailconfig.default.inc.php');
|
|
|
13 |
}
|
|
|
14 |
// Existiert auch diese Adresse
|
|
|
15 |
if ($GLOBALS['email_config'][$_POST["_from"]]) {
|
|
|
16 |
|
|
|
17 |
$_from = $GLOBALS['email_config'][$_POST["_from"]];
|
|
|
18 |
$_to = $GLOBALS['email_config'][$_POST["_to"]];
|
|
|
19 |
$recipient = $GLOBALS['email_config'][$_POST["recipient"]];
|
|
|
20 |
|
|
|
21 |
$_subject = "Anfrage ueber: " . $GLOBALS['email_config'][$_POST["_subject"]];
|
|
|
22 |
$subject = "Anfrage ueber: " . $GLOBALS['email_config'][$_POST["_subject"]];
|
|
|
23 |
|
|
|
24 |
} else {
|
|
|
25 |
die("Sie haben einen Fehlehaften Code uebergeben.<br>");
|
|
|
26 |
}
|
|
|
27 |
|
|
|
28 |
} else {
|
|
|
29 |
$_from = (isset($_POST["_from"])) ? $_POST["_from"] : $email;
|
|
|
30 |
$_to = (isset($_POST["_to"])) ? $_POST["_to"] : $email;
|
|
|
31 |
$recipient = (isset($_POST["recipient"])) ? $_POST["recipient"] : $email;
|
|
|
32 |
$_subject = (isset($_POST["_subject"])) ? $_POST["_subject"] : "";
|
|
|
33 |
$subject = (isset($_POST["subject"])) ? $_POST["subject"] : "";
|
|
|
34 |
}
|
|
|
35 |
|
|
|
36 |
$_target = (isset($_POST["_target"])) ? $_POST["_target"] : "";
|
|
|
37 |
$redirect = (isset($_POST["redirect"])) ? $_POST["redirect"] : "";
|
|
|
38 |
$submit = false;
|
|
|
39 |
$cc = false;
|
|
|
40 |
$bcc = false;
|
|
|
41 |
$sub = false;
|
|
|
42 |
$ref = $_SERVER["HTTP_REFERER"];
|
|
|
43 |
$start = strpos ($ref, "//");
|
|
|
44 |
|
|
|
45 |
// Referrer überprüfen
|
|
|
46 |
if ($start < 0)
|
|
|
47 |
{
|
|
|
48 |
$start = 0;
|
|
|
49 |
}
|
|
|
50 |
else
|
|
|
51 |
{
|
|
|
52 |
$start = $start + 2;
|
|
|
53 |
}
|
|
|
54 |
$stop = strpos ($ref, "/", $start);
|
|
|
55 |
|
|
|
56 |
// Variable $_POST auf "submit" als Array-Key überprüfen
|
|
|
57 |
// falls nicht gefunden ==> ENDE
|
|
|
58 |
|
|
|
59 |
/* foreach ($_POST as $key => $value)
|
|
|
60 |
{
|
|
|
61 |
if (strtolower($key)=="submit")
|
|
|
62 |
{
|
|
|
63 |
$submit=true;
|
|
|
64 |
}
|
|
|
65 |
}
|
|
|
66 |
|
|
|
67 |
if (substr ($ref, $start, $stop-$start) != $_SERVER["SERVER_NAME"]||!$submit) */
|
|
|
68 |
if (substr ($ref, $start, $stop-$start) != $_SERVER["SERVER_NAME"])
|
|
|
69 |
{
|
|
|
70 |
exit;
|
|
|
71 |
}
|
|
|
72 |
|
|
|
73 |
//Body zusammenbauen
|
|
|
74 |
foreach(array_keys($_POST) as $elem)
|
|
|
75 |
{
|
|
|
76 |
if ($elem[0] == "_")
|
|
|
77 |
{
|
|
|
78 |
unset($_POST[$elem]);
|
|
|
79 |
}
|
|
|
80 |
else
|
|
|
81 |
{
|
|
|
82 |
if (is_array($_POST[$elem]))
|
|
|
83 |
{
|
|
|
84 |
$_POST[$elem] = implode($_POST[$elem],", ");
|
|
|
85 |
}
|
|
|
86 |
$_POST[$elem] = $elem.": ".$_POST[$elem];
|
|
|
87 |
}
|
|
|
88 |
}
|
|
|
89 |
$body=implode($_POST,"\n");
|
|
|
90 |
|
|
|
91 |
// TO Adresse ermitteln
|
|
|
92 |
if (!$_to)
|
|
|
93 |
{
|
|
|
94 |
$_to = $recipient;
|
|
|
95 |
}
|
|
|
96 |
if (!$_subject)
|
|
|
97 |
{
|
|
|
98 |
$_subject = $subject;
|
|
|
99 |
}
|
|
|
100 |
|
|
|
101 |
// FROM Adresse ermitteln
|
|
|
102 |
if (!$_from)
|
|
|
103 |
{
|
|
|
104 |
if ($email)
|
|
|
105 |
{
|
|
|
106 |
$_from = $email;
|
|
|
107 |
}
|
|
|
108 |
else
|
|
|
109 |
{
|
|
|
110 |
$_from = $_to;
|
|
|
111 |
}
|
|
|
112 |
}
|
|
|
113 |
|
|
|
114 |
// Weiterleitungsziel ermitteln
|
|
|
115 |
if (!$_target)
|
|
|
116 |
{
|
|
|
117 |
if ($redirect)
|
|
|
118 |
{
|
|
|
119 |
$_target = $redirect;
|
|
|
120 |
}
|
|
|
121 |
else
|
|
|
122 |
{
|
|
|
123 |
$_target = "danke.htm?ref=".urlencode($ref);
|
|
|
124 |
}
|
|
|
125 |
}
|
|
|
126 |
else
|
|
|
127 |
{
|
|
|
128 |
$_target = dirname($ref)."/".$_target;
|
|
|
129 |
}
|
|
|
130 |
|
|
|
131 |
// Header überprüfen (muessen leer sein)
|
|
|
132 |
if(count($headers))
|
|
|
133 |
{
|
|
|
134 |
//Header wurde manipuliert!
|
|
|
135 |
$keys=array("cc","cC","Cc","CC");
|
|
|
136 |
foreach($keys as $key)
|
|
|
137 |
{
|
|
|
138 |
if (isset($headers[$key]))
|
|
|
139 |
{
|
|
|
140 |
unset($headers[$key]);
|
|
|
141 |
$cc=true;
|
|
|
142 |
}
|
|
|
143 |
if (isset($headers["b".$key]))
|
|
|
144 |
{
|
|
|
145 |
unset($headers["b".$key]);
|
|
|
146 |
$bcc=true;
|
|
|
147 |
}
|
|
|
148 |
if (isset($headers["B".$key]))
|
|
|
149 |
{
|
|
|
150 |
unset($headers["B".$key]);
|
|
|
151 |
$bcc=true;
|
|
|
152 |
}
|
|
|
153 |
}
|
|
|
154 |
}
|
|
|
155 |
|
|
|
156 |
// Verschiedene Variablen überprüfen, ob "TO: BCC: CC: oder FROM: Einträge vorkommen
|
|
|
157 |
$ereg1 = eregi("/(from\:)|(to\:)|(cc\:)|(bcc\:)/", $_to);
|
|
|
158 |
$ereg2 = eregi("/(from\:)|(to\:)|(cc\:)|(bcc\:)/", $body);
|
|
|
159 |
$ereg3 = eregi("/(from\:)|(to\:)|(cc\:)|(bcc\:)/", $_subject);
|
|
|
160 |
|
|
|
161 |
// Eventuell vorhandenes "SUBJECT"-Feld im Header löschen
|
|
|
162 |
foreach($headers as $header => $value)
|
|
|
163 |
{
|
|
|
164 |
if (strtolower($headers)=="subject")
|
|
|
165 |
{
|
|
|
166 |
unset($headers[$header]);
|
|
|
167 |
$sub=true;
|
|
|
168 |
}
|
|
|
169 |
}
|
|
|
170 |
|
|
|
171 |
//Body erweitern, falls manipulierte Werte gefunden wurden!
|
|
|
172 |
$body.=($ereg1)?"To enthielt zusaetzliche Angaben ('FROM:', 'TO:', 'CC:', 'BCC:')!\n":"";
|
|
|
173 |
$body.=($ereg2)?"Body enthielt zusaetzliche Angaben ('FROM:', 'TO:', 'CC:', 'BCC:')!\n":"";
|
|
|
174 |
$body.=($ereg3)?"Subject enthielt zusaetzliche Angaben ('FROM:', 'TO:', 'CC:', 'BCC:')!\n":"";
|
|
|
175 |
$body.=($sub)?"Header enthielt zusaetzliche Subject-Angabe!\n":"";
|
|
|
176 |
$body.=($bcc)?"Header enthielt BCC-Angabe!\n":"";
|
|
|
177 |
$body.=($cc)?"Header enthielt CC-Angabe!\n":"";
|
|
|
178 |
|
|
|
179 |
//Pr�fen, ob kein HTML in Nachricht vorkommt
|
|
|
180 |
$no_html=($body==strip_tags($body));
|
|
|
181 |
|
|
|
182 |
// Header-Array zusammenbauen
|
|
|
183 |
$headers["From"]=$_from;
|
|
|
184 |
$headers["Subject"]=$_subject;
|
|
|
185 |
|
|
|
186 |
// PEAR-Klasse "Mail" einbinden und "mail"-Objekt erstellen
|
|
|
187 |
require_once("Mail.php");
|
|
|
188 |
$mail=Mail::factory("mail");
|
|
|
189 |
|
|
|
190 |
// Pr�fen, ob kein Fehler aufgetreten ist
|
|
|
191 |
if(!PEAR::isError($mail))
|
|
|
192 |
{
|
|
|
193 |
// Wenn alles OK ist
|
|
|
194 |
if(!$ereg1 && !$ereg2 && !$ereg3 && !$bcc && !$cc && !$sub && $no_html)
|
|
|
195 |
{
|
|
|
196 |
//Mail verschicken
|
|
|
197 |
$mail->send($_to, $headers, $body);
|
|
|
198 |
}
|
|
|
199 |
|
|
|
200 |
// Nachricht erweitern
|
|
|
201 |
$body=implode("\n",$headers)."\n$_to\n$body";
|
|
|
202 |
|
|
|
203 |
// Nachrichtenkopie verschicken
|
|
|
204 |
$headers["Subject"]="Nachrichtenkopie auf $SERVER_NAME: ".$headers["Subject"];
|
|
|
205 |
|
|
|
206 |
//$mail->send("markus@weban.de", $headers, $body);
|
|
|
207 |
//$mail->send("niewerth@weban.de", $headers, $body);
|
|
|
208 |
//$mail->send("tiefland@weban.de", $headers, $body);
|
|
|
209 |
}
|
|
|
210 |
|
|
|
211 |
// Auf Danke-Seite weiterleiten
|
|
|
212 |
header("Location: $_target");
|
|
|
213 |
?>
|