OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
old_sendy
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
06/17/2025 10:17:24 AM
rwxrwxr-x
📄
.htaccess
643 bytes
11/12/2024 09:44:50 AM
rw-r--r--
📄
_compatibility.php
3.83 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
_install.php
7.3 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
api
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
app.php
33.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-create.php
23.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-edit.php
28.89 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-emails.php
26.81 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-list.php
15.85 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-report.php
40.18 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders.php
77.28 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
blacklist-blocked-domains.php
13.39 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
blacklist-suppression.php
13.34 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
campaigns-rss.php
8.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
certs
-
11/12/2024 09:27:52 AM
rwxr-xr-x
📄
clear-queue.php
996 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
confirm.php
9.34 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
create-template.php
3.99 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
create.php
15.92 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
css
-
11/12/2024 09:28:41 AM
rwxr-xr-x
📄
custom-fields.php
8.5 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
delete-from-list.php
5.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
detect-table-conflicts.php
2.47 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-brand.php
57.32 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-list.php
20.97 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-template.php
4.65 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit.php
19.04 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
eula.txt
6.5 KB
11/12/2024 09:44:50 AM
rw-r--r--
📄
housekeeping-inactive.php
12.54 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
housekeeping-unconfirmed.php
14.01 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
img
-
11/12/2024 09:28:02 AM
rwxr-xr-x
📄
import-csv.php
18.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
includes
-
05/19/2025 10:07:16 AM
rwxr-xr-x
📄
index.php
18.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
js
-
11/12/2024 09:29:44 AM
rwxr-xr-x
📄
l.php
10.63 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
list.php
12.3 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
locale
-
11/12/2024 09:30:02 AM
rwxr-xr-x
📄
login.php
4.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
logout.php
133 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
new-brand.php
46.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
new-list.php
1.98 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
payment.php
7.41 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
phpinfo.php
1.39 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
r.php
11 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reconsent-success.php
3.91 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
remove-duplicates.php
2.94 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
report.php
48.79 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reports.php
10.7 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reset-cron.php
999 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
rules.php
37.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
scheduled.php
39.51 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-all-brands.php
7.07 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-all-lists.php
10.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-campaigns.php
30.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
segment.php
45.8 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
segments-list.php
6.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
send-to.php
57.72 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
sending.php
8.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
settings.php
41.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscribe.php
29.26 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscribers.php
44.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscription.php
9.01 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
t.php
4.22 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
template-preview.php
4.55 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
templates.php
7.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
two-factor.php
4.33 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe-from-list.php
5.33 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe-success.php
3.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe.php
16.19 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
update-list.php
13.88 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
update-segments.php
3.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
uploads
-
11/26/2024 05:30:00 AM
rwxr-xr-x
📄
verification-status.php
3.63 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
w.php
17.76 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
webhooks-log.php
4.28 KB
05/19/2025 10:07:16 AM
rw-r--r--
Editing: unsubscribe.php
Close
<?php ini_set('display_errors', 0); include('includes/config.php'); include('includes/helpers/locale.php'); include('includes/helpers/integrations/zapier/triggers/functions.php'); include('includes/helpers/integrations/rules.php'); include('includes/helpers/subscription.php'); include('includes/helpers/EmailAddressValidator.php'); //--------------------------------------------------------------// function dbConnect() { //Connect to database //--------------------------------------------------------------// // Access global variables global $mysqli; global $dbHost; global $dbUser; global $dbPass; global $dbName; global $dbPort; // Attempt to connect to database server if(isset($dbPort)) $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName, $dbPort); else $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName); // If connection failed... if ($mysqli->connect_error) { fail("<!DOCTYPE html><html><head><meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\"/><link rel=\"Shortcut Icon\" type=\"image/ico\" href=\"/img/favicon.png\"><title>"._('Can\'t connect to database')."</title></head><style type=\"text/css\">body{background: #ffffff;font-family: Helvetica, Arial;}#wrapper{background: #f2f2f2;width: 300px;height: 110px;margin: -140px 0 0 -150px;position: absolute;top: 50%;left: 50%;-webkit-border-radius: 5px;-moz-border-radius: 5px;border-radius: 5px;}p{text-align: center;line-height: 18px;font-size: 12px;padding: 0 30px;}h2{font-weight: normal;text-align: center;font-size: 20px;}a{color: #000;}a:hover{text-decoration: none;}</style><body><div id=\"wrapper\"><p><h2>"._('Can\'t connect to database')."</h2></p><p>"._('There is a problem connecting to the database. Please try again later.')."</p></div></body></html>"); } global $charset; mysqli_set_charset($mysqli, isset($charset) ? $charset : "utf8"); return $mysqli; } //--------------------------------------------------------------// function fail($errorMsg) { //Database connection fails //--------------------------------------------------------------// echo $errorMsg; exit; } // connect to database dbConnect(); ?> <?php include_once('includes/helpers/short.php'); include_once('includes/helpers/PHPMailerAutoload.php'); //vars $time = time(); $feedback = ''; //get variable if(isset($_GET['i'])) { $i_array = array(); $i_array = explode('/', $_GET['i']); //new campaign encrypted string if(count($i_array)==1) { $i_array = array(); $i_array = explode('/', decrypt_string($_GET['i'])); $email = mysqli_real_escape_string($mysqli, encrypt_val($i_array[0])); $list_id = is_numeric($i_array[1]) ? $i_array[1] : exit; $campaign_id = is_numeric($i_array[2]) ? $i_array[2] : exit; } //new AR encrypted string else if($i_array[1]=='a') { $i_array = array(); $i_array1 = array(); $i_array1 = explode('/', $_GET['i']); $i_array2 = $i_array1[0]; $i_array = explode('/', decrypt_string($i_array2)); $email = mysqli_real_escape_string($mysqli, encrypt_val(trim($i_array[0]))); $list_id = is_numeric($i_array[1]) ? $i_array[1] : exit; $campaign_id = is_numeric($i_array[2]) ? $i_array[2] : exit; $i_array[3] = 'a'; } //old encrypted string else { $email = mysqli_real_escape_string($mysqli, trim($i_array[0])); $email = str_replace(" ", "+", $email); $email = str_replace("%20", "+", $email); $list_id = decrypt_int($i_array[1]); $return_boolean = $i_array[2]; $campaign_id = $return_boolean!='' ? decrypt_int($return_boolean) : ''; } //Set language $q = 'SELECT login.language FROM lists, login WHERE lists.id = '.$list_id.' AND login.app = lists.app'; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) while($row = mysqli_fetch_array($r)) $language = $row['language']; set_locale($language); //check if email is passed in as an email address instead of encrypted string $validator = new EmailAddressValidator; if ($validator->check_email_address($email)) { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } else { $email = decrypt_string($email, true); //check if email is valid $validator = new EmailAddressValidator; if ($validator->check_email_address($email)) {} else { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } } } else if(isset($_POST['email'])) { //parameters $email = trim(mysqli_real_escape_string($mysqli, $_POST['email'])); //compulsory $list_id = decrypt_int($_POST['list']); //compulsory $return_boolean = mysqli_real_escape_string($mysqli, $_POST['boolean']); //compulsory //Set language $q = 'SELECT login.language FROM lists, login WHERE lists.id = '.$list_id.' AND login.app = lists.app'; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) while($row = mysqli_fetch_array($r)) $language = $row['language']; set_locale($language); //check if no data passed if($email=='' || $list_id=='') { if($return_boolean=='true') { echo 'Some fields are missing.'; exit; } else $feedback = _('Some fields are missing.'); } else { //check if email is valid $validator = new EmailAddressValidator; if ($validator->check_email_address($email)) {} else { if($return_boolean=='true') { echo 'Invalid email address.'; exit; } else $feedback = _('Email address is invalid.'); } } } else if($_GET['i']=='') { exit; } //Check if email exists in the list $q = 'SELECT id FROM subscribers WHERE email = "'.$email.'" AND list = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) == 0) { if($return_boolean=='true') { echo 'Email does not exist.'; exit; } else $feedback = _('Email does not exist.'); } //Get app id of this subscriber $q = 'SELECT app, name, custom_fields FROM lists WHERE id = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r) { while($row = mysqli_fetch_array($r)) { $app = $row['app']; $list_name = $row['name']; $custom_fields = $row['custom_fields']; } } //Check if user set "double opt-out" in the list settings $q = 'SELECT unsubscribe_confirm FROM lists WHERE id = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r) while($row = mysqli_fetch_array($r)) $unsubscribe_confirm = $row['unsubscribe_confirm']; //If user wants "double opt-out" , ask recipient to confirm unsubscription if($unsubscribe_confirm && $return_boolean!='true') $feedback = !isset($_GET['confirm']) ? _('Confirm unsubscribe?') : ''; //get from name and from email $q3 = 'SELECT from_name, from_email, reply_to, smtp_host, smtp_port, smtp_ssl, smtp_username, smtp_password, allocated_quota, custom_domain, custom_domain_protocol, custom_domain_enabled FROM apps WHERE id = '.$app; $r3 = mysqli_query($mysqli, $q3); if ($r3) { while($row = mysqli_fetch_array($r3)) { $from_name = $row['from_name']; $from_email = $row['from_email']; $reply_to = $row['reply_to']; $smtp_host = $row['smtp_host']; $smtp_port = $row['smtp_port']; $smtp_ssl = $row['smtp_ssl']; $smtp_username = $row['smtp_username']; $smtp_password = $row['smtp_password']; $allocated_quota = $row['allocated_quota']; $custom_domain = $row['custom_domain']; $custom_domain_protocol = $row['custom_domain_protocol']; $custom_domain_enabled = $row['custom_domain_enabled']; if($custom_domain!='' && $custom_domain_enabled) { $parse = parse_url(APP_PATH); $domain = $parse['host']; $protocol = $parse['scheme']; $app_path = str_replace($domain, $custom_domain, APP_PATH); $app_path = str_replace($protocol, $custom_domain_protocol, $app_path); } else $app_path = APP_PATH; } } if($feedback!=_('Some fields are missing.') && $feedback!=_('Email address is invalid.') && $feedback!=_('Email does not exist.') && $feedback!=_('Confirm unsubscribe?')) { //check if unsubscribe_all_list $q = 'SELECT userID, unsubscribe_all_list, unsubscribed_url, goodbye, goodbye_subject, goodbye_message FROM lists WHERE id = '.$list_id; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) { $userID = $row['userID']; $unsubscribe_all_list = $row['unsubscribe_all_list']; $unsubscribed_url = $row['unsubscribed_url']; $goodbye = $row['goodbye']; $goodbye_subject = stripslashes($row['goodbye_subject']); $goodbye_message = stripslashes($row['goodbye_message']); } } //get comma separated lists belonging to this app $q = 'SELECT id FROM lists WHERE app = '.$app; $r = mysqli_query($mysqli, $q); if ($r) { $all_lists = ''; while($row = mysqli_fetch_array($r)) $all_lists .= $row['id'].','; $all_lists = substr($all_lists, 0, -1); } if(empty($campaign_id) || $return_boolean=='true') { if($unsubscribe_all_list) //if user wants to unsubscribe email from ALL lists $q = 'UPDATE subscribers SET unsubscribed = 1, timestamp = '.$time.' WHERE email = "'.$email.'" AND list IN ('.$all_lists.')'; else $q = 'UPDATE subscribers SET unsubscribed = 1, timestamp = '.$time.' WHERE email = "'.$email.'" AND list = '.$list_id; } else { if($unsubscribe_all_list) //if user wants to unsubscribe email from ALL lists { //unsubscribe email from all lists $q = 'UPDATE subscribers SET unsubscribed = 1, timestamp = '.$time.' WHERE email = "'.$email.'" AND list IN ('.$all_lists.')'; //then update last_campaign for only the list user unsubscribed from (so that report will show unsubscribed number correctly) //if this is an autoresponder unsubscribe, if(count($i_array)==4 && $i_array[3]=='a') mysqli_query($mysqli, 'UPDATE subscribers SET last_ares = '.$campaign_id.' WHERE email = "'.$email.'" AND list = '.$list_id); else mysqli_query($mysqli, 'UPDATE subscribers SET last_campaign = '.$campaign_id.' WHERE email = "'.$email.'" AND list = '.$list_id); } else { //if this is an autoresponder unsubscribe, if(count($i_array)==4 && $i_array[3]=='a') $q = 'UPDATE subscribers SET unsubscribed = 1, timestamp = '.$time.', last_ares = '.$campaign_id.' WHERE email = "'.$email.'" AND list = '.$list_id; else $q = 'UPDATE subscribers SET unsubscribed = 1, timestamp = '.$time.', last_campaign = '.$campaign_id.' WHERE email = "'.$email.'" AND list = '.$list_id; } } $r = mysqli_query($mysqli, $q); if ($r){ $feedback = _('You\'re unsubscribed.'); //Retrieve subscriber's name $q = 'SELECT id, name, custom_fields FROM subscribers WHERE email = "'.$email.'" AND list = "'.$list_id.'"'; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) //if a record exists, then trigger Zapier below { while($row = mysqli_fetch_array($r)) { $name = $row['name']; $email_id = $row['id']; $custom_values = $row['custom_fields']; } //Zapier Trigger 'new_user_unsubscribed' event zapier_trigger_new_user_unsubscribed($name, $email, $list_id); //Run rules $rules_data = array( 'trigger' => 'unsubscribe', 'name' => $name, 'email' => $email, 'list_id' => encrypt_val($list_id), 'list_name' => $list_name, 'list_url' => $app_path.'/subscribers?i='.$app.'&l='.$list_id, 'gravatar' => get_gravatar($email, 88) ); //Populate custom fields (if available) if($custom_fields!='') { $custom_field_lines = ''; $custom_fields_array = explode('%s%', $custom_fields); $custom_fields_values_array = explode('%s%', $custom_values); for($c=0;$c<count($custom_fields_array);$c++) { $fields_array = explode(':', $custom_fields_array[$c]); $values_array = $fields_array[1]=='Date' ? strftime("%b %d, %Y", (int)$custom_fields_values_array[$c]) : $custom_fields_values_array[$c]; $rules_data[$fields_array[0]] = $values_array; } } //Run rules run_rule($rules_data); } } //get AWS creds $q = 'SELECT s3_key, s3_secret FROM login WHERE id = '.$userID; $r = mysqli_query($mysqli, $q); if ($r) { while($row = mysqli_fetch_array($r)) { $s3_key = $row['s3_key']; $s3_secret = $row['s3_secret']; } } if($goodbye) { //Convert personaliztion tags convert_tags($goodbye_subject, $email_id, 'goodbye', 'subject'); convert_tags($goodbye_message, $email_id, 'goodbye', 'message'); //Convert name tag $goodbye_message = str_replace('[Name]', $name, $goodbye_message); $goodbye_subject = str_replace('[Name]', $name, $goodbye_subject); //Convert email tag $goodbye_message = str_replace('[Email]', $email, $goodbye_message); $goodbye_subject = str_replace('[Email]', $email, $goodbye_subject); //Resubscribe tag $goodbye_message = str_replace('<resubscribe', '<a href="'.$app_path.'/subscribe/'.encrypt_val($email).'/'.encrypt_val($list_id).'" ', $goodbye_message); $goodbye_message = str_replace('</resubscribe>', '</a>', $goodbye_message); $goodbye_message = str_replace('[resubscribe]', $app_path.'/subscribe/'.encrypt_val($email).'/'.encrypt_val($list_id), $goodbye_message); //Send goodbye email send_email($goodbye_subject, $goodbye_message, $email, $name); } } if($return_boolean=='true'): echo true; else: //if user sets a redirection URL if($unsubscribed_url != ''): $unsubscribed_url = str_replace('%e', urlencode($email), $unsubscribed_url); $unsubscribed_url = str_replace('%l', encrypt_val($list_id), $unsubscribed_url); $unsubscribed_url = str_replace('%s', $app_path.'/subscribe/'.encrypt_val($email).'/'.encrypt_val($list_id), $unsubscribed_url); header("Location: ".$unsubscribed_url); else: ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="robots" content="noindex, nofollow"> <link rel="Shortcut Icon" type="image/ico" href="<?php echo $app_path;?>/img/favicon.png"> <title><?php echo $feedback==_('Confirm unsubscribe?') ? $feedback : _('Unsubscribed');?></title> </head> <style type="text/css"> body{ background: #f7f9fc; font-family: Helvetica, Arial; } #wrapper { background: #ffffff; -webkit-box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); -moz-box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); box-shadow: 0px 16px 46px -22px rgba(0,0,0,0.75); width: 300px; padding-bottom: 10px; margin: -170px 0 0 -150px; position: absolute; top: 50%; left: 50%; -webkit-border-radius: 5px; -moz-border-radius: 5px; border-radius: 5px; } p{ text-align: center; } h2{ font-weight: normal; text-align: center; } a{ color: #000; text-decoration: none; } a:hover{ text-decoration: underline; } #top-pattern{ margin-top: -8px; height: 8px; background: url("<?php echo $app_path; ?>/img/top-pattern2.gif") repeat-x 0 0; background-size: auto 8px; } </style> <body> <div id="top-pattern"></div> <div id="wrapper"> <h2><?php echo $feedback;?></h2> <?php echo $feedback==_('You\'re unsubscribed.') ? '<p><img src="'.$app_path.'/img/tick.jpg" height="92" /></p>' : '';?> <?php if($feedback!=_('Email address is invalid.') && $feedback!=_('Email does not exist.')):?> <?php if($feedback==_('Confirm unsubscribe?')):?> <?php if($campaign_id==''):?> <p><a href="<?php echo $app_path; ?>/unsubscribe/<?php echo encrypt_val($email);?>/<?php echo encrypt_val($list_id);?>&confirm" title=""><?php echo _('Yes. Unsubscribe me.');?></a></p> <?php else:?> <p><a href="<?php echo $app_path; ?>/unsubscribe/<?php echo encrypt_val($email);?>/<?php echo encrypt_val($list_id);?>/<?php echo encrypt_val($campaign_id);?>&confirm" title=""><?php echo _('Yes. Unsubscribe me.');?></a></p> <?php endif;?> <?php else:?> <p><a href="<?php echo $app_path; ?>/subscribe/<?php echo encrypt_val($email);?>/<?php echo encrypt_val($list_id);?>" title=""><?php echo _('Re-subscribe?');?></a></p> <?php endif;?> <?php endif;?> </div> </body> </html> <?php endif;?> <?php endif;?>