webfarben/Benno
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Migration zu PHPMailer: Sicherer E-Mail-Versand mit externen Credentials

Browse Source
This commit is contained in:
webfarben
2026-02-03 19:40:24 +01:00
parent ff7de4f628
commit 1168ae8f8e
10 changed files with 7852 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
forms/config.php.example Normal file
View File

@@ -0,0 +1,21 @@
<?php
/**
* SMTP Configuration Example
*
* Kopieren Sie diese Datei zu config.php und tragen Sie Ihre SMTP-Zugangsdaten ein.
* Die config.php wird von Git ignoriert und enthält sensible Daten.
*/
return [
'smtp_host' => 'mail.webfarben.net',
'smtp_username' => 'ihre-email@domain.de',
'smtp_password' => 'ihr-passwort',
'smtp_port' => 587,
'smtp_encryption' => 'tls', // 'tls' oder 'ssl'
'from_email' => 'ihre-email@domain.de',
'from_name' => 'Buckenleib Finanzen',
'to_email' => 'info@buckenleib-finanzen.de',
'to_name' => 'Benno Buckenleib',
];

159
forms/contact.php
View File

@@ -1,41 +1,134 @@
<?php
/**
* Requires the "PHP Email Form" library
* The "PHP Email Form" library is available only in the pro version of the template
* The library should be uploaded to: vendor/php-email-form/php-email-form.php
* For more info and help: https://bootstrapmade.com/php-email-form/
*/
/**
* Kontaktformular mit PHPMailer
* Sicherer und moderner E-Mail-Versand
*/
// Replace contact@example.com with your real receiving email address
$receiving_email_address = 'info@buckenleib-finanzen.de';
// Nur POST-Requests erlauben
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
die('Methode nicht erlaubt');
}
if( file_exists($php_email_form = '../assets/vendor/php-email-form/php-email-form.php' )) {
include( $php_email_form );
} else {
die( 'Unable to load the "PHP Email Form" Library!');
}
// CSRF-Schutz durch Ajax-Anforderung
if (!isset($_SERVER['HTTP_X_REQUESTED_WITH']) ||
strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest') {
http_response_code(403);
die('Nur Ajax-Anfragen erlaubt');
}
$contact = new PHP_Email_Form;
$contact->ajax = true;
$contact->to = $receiving_email_address;
$contact->from_name = $_POST['name'];
$contact->from_email = $_POST['email'];
$contact->subject = $_POST['subject'];
// Konfiguration laden
if (!file_exists(__DIR__ . '/config.php')) {
http_response_code(500);
die('Konfigurationsdatei nicht gefunden');
}
$config = require __DIR__ . '/config.php';
// Uncomment below code if you want to use SMTP to send emails. You need to enter your correct SMTP credentials
$contact->smtp = array(
'host' => 'mail.webfarben.net',
'username' => 'benno@traidendorf.de',
'password' => 'b9ojR8*1',
'port' => '587'
);
// PHPMailer laden
require_once __DIR__ . '/../assets/vendor/phpmailer/PHPMailer.php';
require_once __DIR__ . '/../assets/vendor/phpmailer/SMTP.php';
require_once __DIR__ . '/../assets/vendor/phpmailer/Exception.php';
$contact->add_message( $_POST['name'], 'From');
$contact->add_message( $_POST['email'], 'Email');
$contact->add_message( $_POST['message'], 'Message', 10);
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
echo $contact->send();
// Eingaben validieren und säubern
$name = filter_var($_POST['name'] ?? '', FILTER_SANITIZE_STRING);
$email = filter_var($_POST['email'] ?? '', FILTER_SANITIZE_EMAIL);
$subject = filter_var($_POST['subject'] ?? '', FILTER_SANITIZE_STRING);
$message = filter_var($_POST['message'] ?? '', FILTER_SANITIZE_STRING);
// Validierung
if (empty($name) || strlen($name) < 2) {
die('Bitte geben Sie Ihren Namen ein');
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
die('Bitte geben Sie eine gültige E-Mail-Adresse ein');
}
if (empty($subject) || strlen($subject) < 3) {
die('Bitte geben Sie ein Thema ein');
}
if (empty($message) || strlen($message) < 10) {
die('Ihre Nachricht ist zu kurz (mindestens 10 Zeichen)');
}
try {
$mail = new PHPMailer(true);
// Server-Einstellungen
$mail->isSMTP();
$mail->Host = $config['smtp_host'];
$mail->SMTPAuth = true;
$mail->Username = $config['smtp_username'];
$mail->Password = $config['smtp_password'];
$mail->SMTPSecure = $config['smtp_encryption'];
$mail->Port = $config['smtp_port'];
$mail->CharSet = 'UTF-8';
// Absender
$mail->setFrom($config['from_email'], $config['from_name']);
$mail->addReplyTo($email, $name);
// Empfänger
$mail->addAddress($config['to_email'], $config['to_name']);
// Inhalt
$mail->isHTML(true);
$mail->Subject = 'Kontaktformular: ' . $subject;
$htmlMessage = "
<html>
<head>
<style>
body { font-family: Arial, sans-serif; line-height: 1.6; color: #333; }
.container { max-width: 600px; margin: 0 auto; padding: 20px; }
.header { background: #37517e; color: white; padding: 15px; border-radius: 5px 5px 0 0; }
.content { background: #f8f9fa; padding: 20px; border-radius: 0 0 5px 5px; }
.field { margin-bottom: 15px; }
.label { font-weight: bold; color: #37517e; }
</style>
</head>
<body>
<div class='container'>
<div class='header'>
<h2>Neue Kontaktanfrage</h2>
</div>
<div class='content'>
<div class='field'>
<div class='label'>Name:</div>
<div>" . htmlspecialchars($name) . "</div>
</div>
<div class='field'>
<div class='label'>E-Mail:</div>
<div>" . htmlspecialchars($email) . "</div>
</div>
<div class='field'>
<div class='label'>Thema:</div>
<div>" . htmlspecialchars($subject) . "</div>
</div>
<div class='field'>
<div class='label'>Nachricht:</div>
<div>" . nl2br(htmlspecialchars($message)) . "</div>
</div>
</div>
</div>
</body>
</html>
";
$mail->Body = $htmlMessage;
$mail->AltBody = "Name: $name\nE-Mail: $email\nThema: $subject\n\nNachricht:\n$message";
// E-Mail senden
$mail->send();
echo 'OK';
} catch (Exception $e) {
error_log('PHPMailer Error: ' . $mail->ErrorInfo);
http_response_code(500);
die('Fehler beim Senden der Nachricht. Bitte versuchen Sie es später erneut.');
}
?>