'."\n"; include $_SERVER["ConfigFile"]; } elseif ($_ENV["CONFIG"] && is_file($_ENV["CONFIG"])) { print ''."\n"; include $_ENV["CONFIG"]; } elseif (is_file("config/config.php")) { print ''."\n"; include "config/config.php"; } else { print "Error, cannot find config file\n"; exit; } error_reporting($er); if ($require_login || ASKFORPASSWORD) { # we need session info if an admin subscribes a user session_start(); } if (!isset($_POST) && isset($HTTP_POST_VARS)) { require "admin/commonlib/lib/oldphp_vars.php"; } /* We request you retain the inclusion of pagetop below. This will add invisible additional information to your public pages. This not only gives respect to the large amount of time given freely by the developers but also helps build interest, traffic and use of PHPlist, which is beneficial to it's future development. Michiel Dethmers, Tincan Ltd 2003 */ include "admin/pagetop.php"; $id = sprintf('%d',$_GET["id"]); if ($_GET["uid"]) { $req = Sql_Fetch_Row_Query(sprintf('select subscribepage,id,password,email from %s where uniqid = "%s"', $tables["user"],$_GET["uid"])); $id = $req[0]; $userid = $req[1]; $passwordcheck = $req[2]; $emailcheck = $req[3]; } else { $userid = ""; $passwordcheck = ""; $emailcheck = ""; } # make sure the subscribe page still exists $req = Sql_fetch_row_query(sprintf('select id from %s where id = %d',$tables["subscribepage"],$id)); $id = $req[0]; if ($_POST["sendpersonallocation"]) { if ($_POST["email"]) { $uid = Sql_Fetch_Row_Query(sprintf('select uniqid,email,id from %s where email = "%s"', $tables["user"],$_POST["email"])); if ($uid[0]) { sendMail ($uid[1],getConfig("personallocation_subject"),getUserConfig("personallocation_message",$uid[2]),system_messageheaders(),$GLOBALS["envelope"]); $msg = $GLOBALS["strPersonalLocationSent"]; } else { $msg = $GLOBALS["strUserNotFound"]; } } } if (ASKFORPASSWORD) { $canlogin = 0; if ($_POST["login"]) { if (!$_POST["email"]) { $msg = $strEnterEmail; } elseif (!$_POST["password"]) { $msg = $strEnterPassword; } else { if (ENCRYPTPASSWORD) { $canlogin = md5($_POST["password"]) == $passwordcheck && $_POST["email"] == $emailcheck; } else { $canlogin = $_POST["password"] == $passwordcheck && $_POST["email"] == $emailcheck; } } if (!$canlogin) { $msg = $strInvalidPassword; } else { loadUser($emailcheck); } } elseif ($_POST["forgotpassword"]) { if ($_POST["email"] && $_POST["email"] == $emailcheck) { sendMail ($emailcheck,$GLOBALS["strPasswordRemindSubject"],$GLOBALS["strPasswordRemindMessage"]." ".$passwordcheck,system_messageheaders(),$GLOBALS["envelope"]); $msg = $GLOBALS["strPasswordSent"]; } else { $msg = $strPasswordRemindInfo; } } elseif ($_SESSION["userdata"]["email"]["value"] == $emailcheck) { $canlogin = 1; } } else { $canlogin = 1; } if (!$id) { # find the default one: $id = getConfig("defaultsubscribepage"); # fix the true/false issue if ($id == "true") $id = 1; if ($id == "false") $id = 0; if (!$id) { # pick a first $req = Sql_Fetch_row_Query(sprintf('select ID from %s where active',$tables["subscribepage"])); $id = $req[0]; } } if (preg_match("/(\w+)/",$_GET["p"],$regs)) { if ($id) { switch ($_GET["p"]) { case "subscribe": require "admin/subscribelib2.php"; print SubscribePage($id); break; case "preferences": if (!$_GET["id"]) $_GET["id"] = $id; require "admin/subscribelib2.php"; if (!$userid) { print sendPersonalLocationPage($id); } elseif (ASKFORPASSWORD && $passwordcheck && !$canlogin) { print LoginPage($id,$userid,$emailcheck); } else { print PreferencesPage($id,$userid); } break; case "confirm": print ConfirmPage($id); break; case "unsubscribe": if (ASKFORPASSWORD && UNSUBSCRIBE_REQUIRES_PASSWORD && $passwordcheck && !$canlogin) { print LoginPage($id,$userid,$emailcheck); } else { print UnsubscribePage($id); } break; default: FileNotFound(); } } else { FileNotFound(); } } else { if ($id) $data = PageData($id); print ''.$GLOBALS["strSubscribeTitle"].''; print $data["header"]; $req = Sql_Query(sprintf('select * from %s where active',$tables["subscribepage"])); if (Sql_Affected_Rows()) { while ($row = Sql_Fetch_Array($req)) { printf('

%s

',$row["id"],$row["title"]); } } else { printf('

%s

',$strSubscribeTitle); } printf('

%s

',$strUnsubscribeTitle); print $PoweredBy; print $data["footer"]; } function LoginPage($id,$userid,$email = "") { $data = PageData($id); list($attributes,$attributedata) = PageAttributes($data); $html = ''.$GLOBALS["strLoginTitle"].''; $html .= $data["header"]; $html .= ''.$GLOBALS["strLoginInfo"].'
'; $html .= $GLOBALS["msg"]; if ($_REQUEST["email"]) { $email = $_REQUEST["email"]; } $html .= formStart('name="loginform"'); $html .= ''; $html .= ''; $html .= ''; $html .= '
'.$GLOBALS["strEmail"].'
'.$GLOBALS["strPassword"].'
'; $html .= '

'; if (ENCRYPTPASSWORD) { $html .= sprintf('%s',getConfig("admin_address"),$GLOBALS["strForgotPassword"],$GLOBALS["strForgotPassword"]); } else { $html .= ''; } $html .= '

'.$GLOBALS["strUnsubscribe"].'

'; $html .= ''.$GLOBALS["PoweredBy"]; $html .= $data["footer"]; return $html; } function sendPersonalLocationPage($id) { $data = PageData($id); list($attributes,$attributedata) = PageAttributes($data); $html = ''.$GLOBALS["strPreferencesTitle"].''; $html .= $data["header"]; $html .= ''.$GLOBALS["strPreferencesTitle"].'
'; $html .= $GLOBALS["msg"]; if ($_REQUEST["email"]) { $email = $_REQUEST["email"]; } elseif ($_SESSION["userdata"]["email"]["value"]) { $email = $_SESSION["userdata"]["email"]["value"]; } $html .= $GLOBALS["strPersonalLocationInfo"]; $html .= formStart('name="form"'); $html .= ''; $html .= ''; $html .= '
'.$GLOBALS["strEmail"].'
'; $html .= '

'; $html .= '

'.$GLOBALS["strUnsubscribe"].'

'; $html .= ''.$GLOBALS["PoweredBy"]; $html .= $data["footer"]; return $html; } function preferencesPage($id,$userid) { $data = PageData($id); list($attributes,$attributedata) = PageAttributes($data); $selected_lists = explode(',',$data["lists"]); $html = ''.$GLOBALS["strPreferencesTitle"].''; $html .= $data["header"]; $html .= ''.$GLOBALS["strPreferencesInfo"].''; $html .= '
'.$GLOBALS["strRequired"].'
'.$GLOBALS["msg"].' '; $html .= formStart('name="subscribeform"'); $html .= ''; $html .= ListAttributes($attributes,$attributedata,$data["htmlchoice"],$userid); $html .= '
'; if (ENABLE_RSS) { $html .= RssOptions($data,$userid); } $html .= ListAvailableLists($userid,$data["lists"]); $html .= '



'.$GLOBALS["strUnsubscribe"].'

'.$GLOBALS["PoweredBy"]; $html .= $data["footer"]; return $html; } function subscribePage($id) { $data = PageData($id); list($attributes,$attributedata) = PageAttributes($data); $selected_lists = explode(',',$data["lists"]); $html = ''.$GLOBALS["strSubscribeTitle"].''; $html .= $data["header"]; $html .= $data["intro"]; $html .= '
'.$GLOBALS["strRequired"].'
'.$GLOBALS["msg"].' '; $html .= formStart('name="subscribeform"'); if ($_SESSION["adminloggedin"]) { $html .= '

You are logged in as '.$_SESSION["logindetails"]["adminname"].'

'; $html .= '

Please choose:
Make confirmed immediately
Send request for confirmation email

'; } $html .= ''; $html .= ListAttributes($attributes,$attributedata,$data["htmlchoice"]); $html .= '
'; if (ENABLE_RSS) { $html .= RssOptions($data); } $html .= ListAvailableLists("",$data["lists"]); $html .= '



'.$GLOBALS["strUnsubscribe"].'

'.$GLOBALS["PoweredBy"]; $html .= $data["footer"]; return $html; } function confirmPage($id) { global $tables,$envelope; if (!$_GET["uid"]) FileNotFound(); $req = Sql_Query("select * from {$tables["user"]} where uniqid = \"".$_GET["uid"]."\""); $userdata = Sql_Fetch_Array($req); if ($userdata["id"]) { $html = ''; addUserHistory($userdata["email"],"Confirmation","Lists: $lists"); $spage = $userdata["subscribepage"]; $confirmationmessage = ereg_replace('\[LISTS\]', $lists, getUserConfig("confirmationmessage:$spage",$userdata["id"])); if (!TEST) { sendMail($userdata["email"], getConfig("confirmationsubject:$spage"), $confirmationmessage,system_messageheaders(),$envelope); sendAdminCopy("List confirmation",$userdata["email"] . " has confirmed their subscription"); } $info = $GLOBALS["strConfirmInfo"]; } else { logEvent("Request for confirmation for invalid user ID: ".substr($_GET["uid"],0,150)); $html .= 'Error: '.$GLOBALS["strUserNotFound"]; $info = $GLOBALS["strConfirmFailInfo"]; } $data = PageData($id); $res = ''.$GLOBALS["strConfirmTitle"].''; $res .= $data["header"]; $res .= '

'.$info.'

'; $res .= $html; $res .= "

".$GLOBALS["PoweredBy"].'

'; $res .= $data["footer"]; return $res; } function unsubscribePage($id) { $pagedata = pageData($id); global $tables; $res = $pagedata["header"]; $res .= ''.$GLOBALS["strUnsubscribeTitle"].''; if ($_POST["unsubscribe"] && eregi(".+\@.+\..+",$_POST["email"]) && $_POST["list"]) { $email = trim($_POST["email"]); $result = Sql_query("SELECT * FROM $tables[list]"); while ($row = Sql_fetch_array($result)) { if ($row["active"]) $availlists[$row["id"]] = $row["name"]; } $query = Sql_Fetch_Row_Query("select id,email from {$tables["user"]} where email = \"$email\""); $userid = $query[0]; $email = $query[1]; if (!$userid) { $res .= 'Error: '.$GLOBALS["strUserNotFound"]; logEvent("Request to unsubscribe non-existent user: ".substr($_POST["email"],0,150)); } elseif ($_POST["list"] && !$_POST["list"]["none"]) { if ($_POST["list"]["all"]) { $result = Sql_query("delete from {$tables["listuser"]} where userid = \"$userid\""); $lists = " * $strAllMailinglists\n"; } else { while(list($key,$val)= each($_POST["list"])) { if ($val == "signoff") { $result = Sql_query("delete from $tables[listuser] where userid = \"$userid\" and listid = \"$key\""); $lists .= " * ".$availlists[$key] . "\n"; } } } addUserHistory($email,"Unsubscription","Unsubscribed from $lists"); $unsubscribemessage = ereg_replace("\[LISTS\]", $lists,getUserConfig("unsubscribemessage",$userid)); sendMail($email, getConfig("unsubscribesubject"), $unsubscribemessage, system_messageheaders($email)); sendAdminCopy("List unsubscription",$email . " has unsubscribed from\n $lists"); } if ($userid) $res .= '

'.$GLOBALS["strUnsubscribeDone"] ."

"; $res .= $GLOBALS["PoweredBy"].'

'; $res .= $pagedata["footer"]; return $res; } elseif ($_POST["unsubscribe"] && !$_POST["email"]) { $msg = ''.$GLOBALS["strEnterEmail"]."
"; } elseif ($_GET["uid"]) { $req = Sql_Query("select * from $tables[user] where uniqid = \"".$_GET["uid"]."\""); $userdata = Sql_Fetch_Array($req); $email = $userdata["email"]; } elseif ($_GET["email"]) { $email = trim($_GET["email"]); } else { $email = $_POST["email"]; } $res .= ''. $GLOBALS["strUnsubscribeInfo"].'
'. $msg.formStart(); $res .= '
'.$GLOBALS["strEnterEmail"].':
'; if (!$email) { $res .= "\n"; $res .= $GLOBALS["PoweredBy"]; $res .= $pagedata["footer"]; return $res; } $res .= $GLOBALS["strUnsubscribeSelect"].':'; $res .= '

'; } $res .= '

'.$GLOBALS["PoweredBy"].'

'; $res .= $pagedata["footer"]; return $res; } ?>