OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
old_sendy
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
06/17/2025 10:17:24 AM
rwxrwxr-x
📄
.htaccess
643 bytes
11/12/2024 09:44:50 AM
rw-r--r--
📄
_compatibility.php
3.83 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
_install.php
7.3 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
api
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
app.php
33.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-create.php
23.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-edit.php
28.89 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-emails.php
26.81 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-list.php
15.85 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-report.php
40.18 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders.php
77.28 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
blacklist-blocked-domains.php
13.39 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
blacklist-suppression.php
13.34 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
campaigns-rss.php
8.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
certs
-
11/12/2024 09:27:52 AM
rwxr-xr-x
📄
clear-queue.php
996 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
confirm.php
9.34 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
create-template.php
3.99 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
create.php
15.92 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
css
-
11/12/2024 09:28:41 AM
rwxr-xr-x
📄
custom-fields.php
8.5 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
delete-from-list.php
5.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
detect-table-conflicts.php
2.47 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-brand.php
57.32 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-list.php
20.97 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-template.php
4.65 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit.php
19.04 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
eula.txt
6.5 KB
11/12/2024 09:44:50 AM
rw-r--r--
📄
housekeeping-inactive.php
12.54 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
housekeeping-unconfirmed.php
14.01 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
img
-
11/12/2024 09:28:02 AM
rwxr-xr-x
📄
import-csv.php
18.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
includes
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
index.php
18.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
js
-
11/12/2024 09:29:44 AM
rwxr-xr-x
📄
l.php
10.63 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
list.php
12.3 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
locale
-
11/12/2024 09:30:02 AM
rwxr-xr-x
📄
login.php
4.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
logout.php
133 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
new-brand.php
46.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
new-list.php
1.98 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
payment.php
7.41 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
phpinfo.php
1.39 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
r.php
11 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reconsent-success.php
3.91 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
remove-duplicates.php
2.94 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
report.php
48.79 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reports.php
10.7 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reset-cron.php
999 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
rules.php
37.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
scheduled.php
39.51 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-all-brands.php
7.07 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-all-lists.php
10.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-campaigns.php
30.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
segment.php
45.8 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
segments-list.php
6.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
send-to.php
57.72 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
sending.php
8.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
settings.php
41.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscribe.php
29.26 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscribers.php
44.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscription.php
9.01 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
t.php
4.22 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
template-preview.php
4.55 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
templates.php
7.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
two-factor.php
4.33 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe-from-list.php
5.33 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe-success.php
3.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe.php
16.19 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
update-list.php
13.88 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
update-segments.php
3.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
uploads
-
11/26/2024 05:30:00 AM
rwxr-xr-x
📄
verification-status.php
3.63 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
w.php
17.76 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
webhooks-log.php
4.28 KB
05/19/2025 10:07:16 AM
rw-r--r--
Editing: subscribe.php
Close
<?php ini_set('display_errors', 0); include('includes/config.php'); include('includes/helpers/locale.php'); include('includes/helpers/integrations/zapier/triggers/functions.php'); include('includes/helpers/integrations/rules.php'); include('includes/helpers/subscription.php'); include('includes/helpers/EmailAddressValidator.php'); //--------------------------------------------------------------// function dbConnect() { //Connect to database //--------------------------------------------------------------// // Access global variables global $mysqli; global $dbHost; global $dbUser; global $dbPass; global $dbName; global $dbPort; // Attempt to connect to database server if(isset($dbPort)) $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName, $dbPort); else $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName); // If connection failed... if ($mysqli->connect_error) { fail("<!DOCTYPE html><html><head><meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\"/><link rel=\"Shortcut Icon\" type=\"image/ico\" href=\"/img/favicon.png\"><title>"._('Can\'t connect to database')."</title></head><style type=\"text/css\">body{background: #ffffff;font-family: Helvetica, Arial;}#wrapper{background: #f2f2f2;width: 300px;height: 110px;margin: -140px 0 0 -150px;position: absolute;top: 50%;left: 50%;-webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;}p{text-align: center;line-height: 18px;font-size: 12px;padding: 0 30px;}h2{font-weight: normal;text-align: center;font-size: 20px;}a{color: #000;}a:hover{text-decoration: none;}</style><body><div id=\"wrapper\"><p><h2>"._('Can\'t connect to database')."</h2></p><p>"._('There is a problem connecting to the database. Please try again later.')."</p></div></body></html>"); } global $charset; mysqli_set_charset($mysqli, isset($charset) ? $charset : "utf8"); return $mysqli; } //--------------------------------------------------------------// function fail($errorMsg) { //Database connection fails //--------------------------------------------------------------// echo $errorMsg; exit; } // connect to database dbConnect(); ?> <?php include_once('includes/helpers/short.php'); include_once('includes/helpers/PHPMailerAutoload.php'); require 'includes/helpers/geo/geolite2/vendor/autoload.php'; use GeoIp2\Database\Reader; //vars $time = time(); $join_date = round(time()/60)*60; $already_subscribed = false; $feedback = ''; $subform = isset($_POST['subform']) && mysqli_real_escape_string($mysqli, $_POST['subform'])=='yes' ? true : false; $ip1 = $ip2 = $country1 = $country2 = $referrer1 = $referrer2 = $gdpr1 = $gdpr2 = $gdpr3 = $notes1 = $notes2 = ''; $last_activity = ''; $opt_in_throttle = 3600; //get variable if(isset($_GET['i'])) { $i = mysqli_real_escape_string($mysqli, $_GET['i']); $i_array = array(); $i_array = explode('/', $i); if(count($i_array)==1) { $i_array = array(); $i_array = explode('/', decrypt_string($i)); $email = encrypt_val(trim($i_array[0])); $list_id = (int)$i_array[1]; if(array_key_exists(2, $i_array)) $name = $i_array[2]; if(array_key_exists(3, $i_array)) $return_boolean = $i_array[3]; else $return_boolean = ''; } else { $email = trim($i_array[0]); $email = str_replace(" ", "+", $email); $email = str_replace("%20", "+", $email); $list_id = decrypt_int($i_array[1]); if(array_key_exists(2, $i_array)) $name = $i_array[2]; if(array_key_exists(3, $i_array)) $return_boolean = $i_array[3]; else $return_boolean = ''; } //Set language $q = 'SELECT login.language FROM lists, login WHERE lists.id = '.$list_id.' AND login.app = lists.app'; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) while($row = mysqli_fetch_array($r)) $language = $row['language']; set_locale($language); //check if email needs to be decrypted $validator = new EmailAddressValidator; if ($validator->check_email_address($email)) { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } else { $email = decrypt_string($email); //check if email is valid $validator = new EmailAddressValidator; if ($validator->check_email_address($email)) {} else { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } } } else if(isset($_POST['email']))//email posted from subscribe form or API { //parameters $email = mysqli_real_escape_string($mysqli, trim($_POST['email'])); //compulsory $name = strip_tags(mysqli_real_escape_string($mysqli, $_POST['name'])); //optional $list_id = strip_tags(decrypt_int(mysqli_real_escape_string($mysqli, $_POST['list']))); //compulsory $return_boolean = isset($_POST['boolean']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['boolean'])) : ''; //compulsory $hp = isset($_POST['hp']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['hp'])) : ''; //honeypot $ipaddress = isset($_POST['ipaddress']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['ipaddress'])) : ''; //optional $country = isset($_POST['country']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['country'])) : ''; //optional $referrer = isset($_POST['referrer']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['referrer'])) : ''; //optional $notes = isset($_POST['notes']) ? strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])) : ''; //optional if($ipaddress != '') { //Check if it's a valid IP if(filter_var($ipaddress, FILTER_VALIDATE_IP) === false) { if($return_boolean=='true') { echo 'IP address is invalid.'; exit; } else $feedback = _('IP address is invalid.'); } $ip1 = ', ip'; $ip2 = ', "'.$ipaddress.'"'; } if($country != '') { //Check country code is valid if(country_code_exist($country)) { if($return_boolean=='true') { echo 'Country must be a valid 2 letter country code'; exit; } else $feedback = _('Country must be a valid 2 letter country code'); } $country1 = ', country'; $country2 = ', "'.$country.'"'; } if($referrer != '') { //Check if referrer is a valid URL if (filter_var($referrer, FILTER_VALIDATE_URL) === FALSE) { if($return_boolean=='true') { echo 'Referrer is not a valid URL'; exit; } else $feedback = _('Referrer is not a valid URL'); } $referrer1 = ', referrer'; $referrer2 = ', "'.$referrer.'"'; } if($notes != '') { $notes1 = ', notes'; $notes2 = ', "'.$notes.'"'; } $added_via = 2; //1 = Sendy app, 2 = API, 3 = Sendy's subscribe form //Set language $q = 'SELECT login.language, login.timezone, lists.gdpr_enabled as gdpr_enabled FROM lists, login WHERE lists.id = '.$list_id.' AND login.app = lists.app'; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) { $language = $row['language']; $timezone = $row['timezone']; $gdpr_enabled = $row['gdpr_enabled']; } //Set timezone if($timezone=='') date_default_timezone_set(date_default_timezone_get()); else date_default_timezone_set($timezone); //Set language set_locale($language); } else { echo 'Invalid list ID.'; exit; } if(!$subform) { if($_POST['gdpr']=='true') $gdpr = 1; else if($_POST['gdpr']=='false') $gdpr = 0; else $gdpr = 0; if($gdpr!='') { $gdpr1 = ', gdpr = '.$gdpr; $gdpr2 = ', gdpr'; $gdpr3 = ', '.$gdpr; } } //check if no data passed if($email=='' || $list_id=='') { if($return_boolean=='true') { echo 'Some fields are missing.'; exit; } else $feedback = _('Some fields are missing.'); } else { //check if email is valid $validator = new EmailAddressValidator; if (!$validator->check_email_address($email) || $hp!='') { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } } //Check if email is bounced anywhere in the database $q = 'SELECT id FROM subscribers WHERE email = "'.$email.'" AND bounced = 1'; $r = mysqli_query($mysqli, $q); if (mysqli_num_rows($r) > 0) { //email is bounced, don't add it to the list if($return_boolean=='true') { echo 'Bounced email address.'; exit; } else { $feedback = _('Email address is bounced.'); } } } else if($_GET['i']=='') { exit; } //get app id and list name $q = 'SELECT userID, app, name, opt_in, subscribed_url, thankyou, thankyou_subject, thankyou_message, confirmation_subject, confirmation_email, custom_fields, no_consent_url, already_subscribed_url FROM lists WHERE id = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) { $userID = $row['userID']; $app = $row['app']; $list_name = $row['name']; $opt_in = isset($_POST['silent']) && $_POST['silent']=='true' ? 0 : $row['opt_in']; $subscribed_url = $row['subscribed_url']; $thankyou = $row['thankyou']; $thankyou_subject = stripslashes($row['thankyou_subject']); $thankyou_message = stripslashes($row['thankyou_message']); $custom_fields = $row['custom_fields']; $confirmation_subject = stripslashes($row['confirmation_subject']); $confirmation_email = stripslashes($row['confirmation_email']); $no_consent_url = $row['no_consent_url']; $already_subscribed_url = $row['already_subscribed_url']; } } //get IAM keys $q = 'SELECT s3_key, s3_secret, api_key FROM login WHERE id = '.$userID; $r = mysqli_query($mysqli, $q); if ($r) { while($row = mysqli_fetch_array($r)) { $s3_key = $row['s3_key']; $s3_secret = $row['s3_secret']; $user_api_key = $row['api_key']; } } //get data from apps $q = 'SELECT from_name, from_email, reply_to, smtp_host, smtp_port, smtp_ssl, smtp_username, smtp_password, allocated_quota, recaptcha_secretkey, custom_domain, custom_domain_protocol, custom_domain_enabled FROM apps WHERE id = '.$app; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) { $from_name = $row['from_name']; $from_email = $row['from_email']; $reply_to = $row['reply_to']; $smtp_host = $row['smtp_host']; $smtp_port = $row['smtp_port']; $smtp_ssl = $row['smtp_ssl']; $smtp_username = $row['smtp_username']; $smtp_password = $row['smtp_password']; $allocated_quota = $row['allocated_quota']; $recaptcha_secretkey = $row['recaptcha_secretkey']; $custom_domain = $row['custom_domain']; $custom_domain_protocol = $row['custom_domain_protocol']; $custom_domain_enabled = $row['custom_domain_enabled']; if($custom_domain!='' && $custom_domain_enabled) { $parse = parse_url(APP_PATH); $domain = $parse['host']; $protocol = $parse['scheme']; $app_path = str_replace($domain, $custom_domain, APP_PATH); $app_path = str_replace($protocol, $custom_domain_protocol, $app_path); } else $app_path = APP_PATH; } } //get email's domain $email_explode = explode('@', $email); $email_domain = $email_explode[1]; //If user subscribes using Sendy's subscription form or HTML code, store user's IP address and country code if($subform) { //IP $ipaddress = ipaddress(); $ip1 = ', ip'; $ip2 = ', "'.$ipaddress.'"'; if($recaptcha_secretkey!='') { //reCAPTCHA verification $captcha=$_POST['g-recaptcha-response']; $secretkey = $recaptcha_secretkey; $response=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=".$secretkey."&response=".$captcha."&remoteip=".$ipaddress); $responseKeys = json_decode($response,true); if(intval($responseKeys["success"]) !== 1) { if($return_boolean=='true') { echo 'Failed reCAPTCHA test.'; exit; } else $feedback = _('Failed reCAPTCHA test.'); } } //Get country code if(version_compare(PHP_VERSION, '5.4')==-1) { include_once('includes/helpers/geo/geolite/geoip.inc'); $gi = geoip_open("includes/helpers/geo/geolite/GeoIP.dat",GEOIP_STANDARD); $country = geoip_country_code_by_addr($gi, $ipaddress); geoip_close($gi); } else { $reader = new Reader('includes/helpers/geo/geolite2/vendor/geoip2/geoip2/maxmind-db/GeoLite2-Country.mmdb'); try { $record = $reader->country($ipaddress); $country = $record->country->isoCode; } catch (Exception $e) { $country = ''; } } $country1 = ', country'; $country2 = ', "'.$country.'"'; //Referrer $referrer = isset($_SERVER['HTTP_REFERER']) ? mysqli_real_escape_string($mysqli, $_SERVER['HTTP_REFERER']) : ''; $referrer1 = ', referrer'; $referrer2 = ', "'.$referrer.'"'; //Added via $added_via = 3; //1 = Sendy app, 2 = API, 3 = Sendy's subscribe form //Check the GDPR checkbox if($gdpr_enabled) { if(isset($_POST['gdpr'])) $gdpr = 1; else { if($return_boolean=='true') { echo 'Consent not given.'; exit; } else { if($no_consent_url=='') $feedback = _('Consent not given.'); else { header("Location: $no_consent_url"); exit; } } } } else $gdpr = 0; $gdpr1 = ', gdpr = '.$gdpr; $gdpr2 = ', gdpr'; $gdpr3 = ', '.$gdpr; } else { //Using API, api_key is required $api_key = mysqli_real_escape_string($mysqli, trim($_POST['api_key'])); //compulsory if(isset($_POST['email']) && !isset($_POST['api_key'])) // No api_key was passed { if($return_boolean=='true') { echo 'API key not passed'; exit; } else $feedback = _('API key not passed'); } else // api_key was passed { // but incorrect if(isset($_POST['email']) && $api_key != $user_api_key) { if($return_boolean=='true') { echo 'Invalid API key'; exit; } else $feedback = _('Invalid API key'); } } } if($feedback!=_('Some fields are missing.') && $feedback!=_('Email address is invalid.') && $feedback!=_('Email address is bounced.') && $feedback!=_('Consent not given.') && $feedback!=_('Failed reCAPTCHA test.') && $feedback!=_('Invalid secret key.') && $feedback != _('API key not passed') && $feedback != _('Invalid API key')) { //get custom fields list and format it for db insert $cf_vals = ''; $custom_fields_array = explode('%s%', $custom_fields); foreach($custom_fields_array as $cf) { $cf_array = explode(':', $cf); foreach ($_POST as $key => $value) { //if custom field matches POST data but IS NOT name, email, list or submit if(str_replace(' ', '', $cf_array[0])==$key && ($key!='name' && $key!='email' && $key!='list' && $key!='submit')) { //if custom field format is Date if($cf_array[1]=='Date') { $date_value1 = strtotime($value); $date_value2 = strftime("%b %d, %Y 12am", $date_value1); $value = strtotime($date_value2); $cf_vals .= $value; } //else if custom field format is Text else $cf_vals .= addslashes($value); } } $cf_vals .= '%s%'; } //check if user is in this list $q = 'SELECT id, userID, custom_fields, unsubscribed, confirmed, bounced, complaint, timestamp FROM subscribers WHERE email = "'.$email.'" AND list = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) //if so, update subscriber { while($row = mysqli_fetch_array($r)) { $subscriber_id = $row['id']; $userID = $row['userID']; $custom_values = $row['custom_fields']; $unsubscribed = $row['unsubscribed']; $confirmed = $row['confirmed']; $bounced = $row['bounced']; $complaint = $row['complaint']; $timestamp = $row['timestamp']; $last_activity = $time - $timestamp; } //get custom fields values $j = 0; $cf_value = ''; $custom_values_array = explode('%s%', $custom_values); foreach($custom_fields_array as $cf_fields) { $k = 0; $cf_fields_array = explode(':', $cf_fields); foreach ($_POST as $key => $value) { //if custom field matches POST data but IS NOT name, email, list or submit if(str_replace(' ', '', $cf_fields_array[0])==$key && ($key!='name' && $key!='email' && $key!='list' && $key!='submit')) { //if user left field empty if($value=='') { $cf_value .= ''; } else { //if custom field format is Date if($cf_fields_array[1]=='Date') { $date_value1 = strtotime($value); $date_value2 = strftime("%b %d, %Y 12am", $date_value1); $value = strtotime($date_value2); $cf_value .= $value; } //else if custom field format is Text else $cf_value .= strip_tags($value); } } else { $k++; } } if(count($_POST)==$k) $cf_value .= $custom_values_array[$j]; $cf_value .= '%s%'; $j++; } if($opt_in) { $confirmed = $unsubscribed && $confirmed ? 0 : $confirmed; $name_line = !isset($_POST['name']) ? '' : 'name = "'.$name.'",'; $q = 'UPDATE subscribers SET unsubscribed = 0, last_campaign = NULL, timestamp = '.$time.', confirmed = '.$confirmed.', '.$name_line.' custom_fields = "'.substr($cf_value, 0, -3).'" '.$gdpr1.', notes = "'.$notes.'" WHERE email = "'.$email.'" AND list = '.$list_id; } else { $name_line = !isset($_POST['name']) ? '' : ', name = "'.$name.'"'; $q = 'UPDATE subscribers SET unsubscribed = 0, last_campaign = NULL, timestamp = '.$time.', confirmed = 1 '.$name_line.', custom_fields = "'.substr($cf_value, 0, -3).'" '.$gdpr1.', notes = "'.$notes.'" WHERE email = "'.$email.'" AND list = '.$list_id; } $r = mysqli_query($mysqli, $q); if ($r) { if(!$unsubscribed && $confirmed) $already_subscribed = true; if(!$already_subscribed) { if($opt_in && $confirmed!=1) { if($last_activity > $opt_in_throttle || $unsubscribed) $feedback = '<span style="font-size: 20px;padding:10px;float:left;margin-top:-18px;">'._('Thank you, a confirmation email has been sent to you.').'</span>'; else $feedback = '<span style="font-size: 20px;padding:10px;float:left;margin-top:-18px;">'._('A confirmation email had already been sent to you.').'</span>'; } else $feedback = _('You\'re subscribed!'); } else { if($return_boolean=='true') { echo 'Already subscribed.'; exit; } else { if($confirmed==0) $feedback = '<span style="font-size: 20px;padding:10px;float:left;margin-top:-18px;">'._('A confirmation email had already been sent to you.').'</span>'; else { if($already_subscribed_url=='') $feedback = _('You\'re already subscribed!'); else { header("Location: $already_subscribed_url"); exit; } } } } } } //if user does not exist in list, insert subscriber into database else { $q = 'SELECT userID FROM lists WHERE id = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) $userID = $row['userID']; $q2 = '(SELECT id FROM suppression_list WHERE email = "'.$email.'" AND app = '.$app.') UNION (SELECT id FROM blocked_domains WHERE domain = "'.$email_domain.'" AND app = '.$app.')'; $r2 = mysqli_query($mysqli, $q2); if (mysqli_num_rows($r2) == 0) { //if not, insert user into list if($opt_in) //if double opt in, $q = 'INSERT INTO subscribers (userID, email, name, custom_fields, list, timestamp, confirmed, method, added_via '.$ip1.' '.$country1.' '.$referrer1.' '.$gdpr2.' '.$notes1.') VALUES ('.$userID.', "'.$email.'", "'.$name.'", "'.substr($cf_vals, 0, -3).'", '.$list_id.', '.$time.', 0, 2, '.$added_via.' '.$ip2.' '.$country2.' '.$referrer2.' '.$gdpr3.' '.$notes2.')'; else $q = 'INSERT INTO subscribers (userID, email, name, custom_fields, list, timestamp, join_date, method, added_via '.$ip1.' '.$country1.' '.$referrer1.' '.$gdpr2.' '.$notes1.') VALUES ('.$userID.', "'.$email.'", "'.$name.'", "'.substr($cf_vals, 0, -3).'", '.$list_id.', '.$time.', '.$join_date.', 1, '.$added_via.' '.$ip2.' '.$country2.' '.$referrer2.' '.$gdpr3.' '.$notes2.')'; $r = mysqli_query($mysqli, $q); if ($r){ $subscriber_id = mysqli_insert_id($mysqli); if($opt_in) $feedback = '<span style="font-size: 20px;padding:10px;float:left;margin-top:-18px;">'._('Thank you, a confirmation email has been sent to you.').'</span>'; else { $feedback = _('You\'re subscribed!'); //Zapier Trigger 'new_user_subscribed' event zapier_trigger_new_user_subscribed($name, $email, $list_id); //Run rules $rules_data = array( 'trigger' => 'subscribe', 'name' => $name, 'email' => $email, 'list_id' => encrypt_val($list_id), 'list_name' => $list_name, 'list_url' => $app_path.'/subscribers?i='.$app.'&l='.$list_id, 'gravatar' => get_gravatar($email, 88) ); //Populate custom fields (if available) if($custom_fields!='') { $custom_field_lines = ''; $custom_fields_values_array = explode('%s%', substr($cf_vals, 0, -3)); for($c=0;$c<count($custom_fields_array);$c++) { $fields_array = explode(':', $custom_fields_array[$c]); $values_array = $fields_array[1]=='Date' ? strftime("%b %d, %Y", (int)$custom_fields_values_array[$c]) : $custom_fields_values_array[$c]; $rules_data[$fields_array[0]] = $values_array; } } //Run rules run_rule($rules_data); //Update segments update_segments($app_path, $list_id); } } } else { //Update block attempts count $q = 'UPDATE suppression_list SET block_attempts = block_attempts+1, timestamp = "'.$time.'" WHERE email = "'.$email.'" AND app = '.$app; $q2 = 'UPDATE blocked_domains SET block_attempts = block_attempts+1, timestamp = "'.$time.'" WHERE domain = "'.$email_domain.'" AND app = '.$app; mysqli_query($mysqli, $q); mysqli_query($mysqli, $q2); if($return_boolean=='true') { echo 'Email is suppressed.'; exit; } else $feedback = _('Email is suppressed.'); } } else { echo 'Invalid list ID.'; exit; } } if(!$already_subscribed) { //send confirmation email if list is double opt in if($opt_in && $confirmed!=1 && $bounced!=1 && $complaint!=1 && $feedback!=_('Email is suppressed.')) { if(isset($_GET['i'])) $confirmation_link = $app_path.'/confirm?e='.encrypt_val($subscriber_id).'&l='.$i_array[1]; else $confirmation_link = $app_path.'/confirm?e='.encrypt_val($subscriber_id).'&l='.encrypt_val($list_id); if($confirmation_subject=='') $confirmation_subject = _('Confirm your subscription to').' '.$from_name; if(strlen(trim(preg_replace('/\xc2\xa0/',' ', $confirmation_email))) == 0 || trim($confirmation_email)=='<p><br></p>' || $output = trim(str_replace(array("\r\n", "\r", "\n", " "), '', $confirmation_email))=="<html><head><title></title></head><body></body></html>") $confirmation_email = "<html> <head> <title></title> </head> <body> <div style=\"margin: -10px -10px; padding:50px 30px 50px 30px; height:100%;\"> <div style=\"margin:0 auto; max-width:660px;\"> <div style=\"float: left; background-color: #FFFFFF; padding:10px 30px 10px 30px; border: 1px solid #f6f6f6;\"> <div style=\"float: left; max-width:470px;\"> <p style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px;\"> <strong style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 18px;\">"._('Confirm your subscription')."</strong> </p> <div style=\"line-height: 21px; min-height: 100px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px;\"> <p style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px;\">"._('Thanks for subscribing to our email list.')."</p> <p style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px;\">"._('Please confirm your subscription by clicking the link below').":</p> <p style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px; margin-bottom: 25px; background-color:#f7f9fc; padding: 15px;\"> <strong>"._('Confirm').": </strong><a style=\"color:#4371AB; text-decoration:none;\" href=\"$confirmation_link\">$confirmation_link</a> </p> <p style=\"line-height: 21px; font-family: Helvetica, Verdana, Arial, sans-serif; font-size: 12px;\">"._('Thank you').",<br/>$from_name</p> </div> </div> </div> </div> </div> </body> </html> "; else $confirmation_email = str_replace('[confirmation_link]', $confirmation_link, $confirmation_email); //Convert personaliztion tags convert_tags($confirmation_subject, $subscriber_id, 'confirm', 'subject'); convert_tags($confirmation_email, $subscriber_id, 'confirm', 'message'); //Convert name tag $confirmation_email = str_replace('[Name]', $name, $confirmation_email); $confirmation_subject = str_replace('[Name]', $name, $confirmation_subject); //Convert email tag $confirmation_email = str_replace('[Email]', $email, $confirmation_email); $confirmation_subject = str_replace('[Email]', $email, $confirmation_subject); //Send double opt-in confirmation email if($last_activity=='' || $last_activity > $opt_in_throttle || $unsubscribed) send_email($confirmation_subject, $confirmation_email, $email, $name); } else //if single opt in, check if we need to send a thank you email { if($thankyou && $confirmed!=1 && $feedback!=_('Email is suppressed.')) { //Convert personaliztion tags convert_tags($thankyou_subject, $subscriber_id, 'thankyou', 'subject'); convert_tags($thankyou_message, $subscriber_id, 'thankyou', 'message'); //Convert name tag $thankyou_message = str_replace('[Name]', $name, $thankyou_message); $thankyou_subject = str_replace('[Name]', $name, $thankyou_subject); //Convert email tag $thankyou_message = str_replace('[Email]', $email, $thankyou_message); $thankyou_subject = str_replace('[Email]', $email, $thankyou_subject); //Unsubscribe tag $thankyou_message = str_replace('<unsubscribe', '<a href="'.$app_path.'/unsubscribe/'.encrypt_val($email).'/'.encrypt_val($list_id).'" ', $thankyou_message); $thankyou_message = str_replace('</unsubscribe>', '</a>', $thankyou_message); $thankyou_message = str_replace('[unsubscribe]', $app_path.'/unsubscribe/'.encrypt_val($email).'/'.encrypt_val($list_id), $thankyou_message); //Send thank you email send_email($thankyou_subject, $thankyou_message, $email, $name); } } } } if($return_boolean=='true'): echo true; exit; else: //if user sets a redirection URL if($subscribed_url != '' && !$already_subscribed && $feedback!=_('Some fields are missing.') && $feedback!=_('Email address is invalid.') && $feedback!=_('Email address is bounced.') && $feedback!=_('Consent not given.') && $feedback!=_('Failed reCAPTCHA test.') && $feedback!=_('Invalid secret key.') && $feedback!=_('API key not passed') && $feedback != _('Invalid API key')): $subscribed_url = str_replace('%n', urlencode($name), $subscribed_url); $subscribed_url = str_replace('%e', urlencode($email), $subscribed_url); $subscribed_url = str_replace('%l', encrypt_val($list_id), $subscribed_url); header("Location: ".$subscribed_url); else: ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="robots" content="noindex, nofollow"> <link rel="Shortcut Icon" type="image/ico" href="<?php echo $app_path;?>/img/favicon.png"> <title><?php echo strip_tags($feedback);?></title> </head> <style type="text/css"> body{ background: #f7f9fc; font-family: Helvetica, Arial; } #wrapper { background: #ffffff; -webkit-box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); -moz-box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); width: 300px; padding-bottom: 10px; margin: -170px 0 0 -150px; position: absolute; top: 50%; left: 50%; -webkit-border-radius: 5px; -moz-border-radius: 5px; border-radius: 5px; } p{ text-align: center; } h2{ font-weight: normal; text-align: center; } a{ color: #000; text-decoration: none; } a:hover{ text-decoration: underline; } #top-pattern{ margin-top: -8px; height: 8px; background: url("<?php echo $app_path; ?>/img/top-pattern2.gif") repeat-x 0 0; background-size: auto 8px; } </style> <body> <div id="top-pattern"></div> <div id="wrapper"> <h2><?php echo $feedback;?></h2> <?php echo $feedback==_('You\'re subscribed!') ? '<p><img src="'.$app_path.'/img/tick.jpg" height="92" /></p>' : '';?> <p style="font-size: 14px;"><a href="javascript:window.history.go(-1)">← Back</a></p> </div> </body> </html> <?php endif;?> <?php endif;?>