OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
sendy
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
06/17/2025 10:17:24 AM
rwxrwxr-x
📄
.htaccess
643 bytes
11/27/2024 05:19:36 AM
rw-r--r--
📄
_compatibility.php
3.83 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
_install.php
7.3 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
api
-
05/19/2025 10:07:15 AM
rwxr-xr-x
📄
app.php
33.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-create.php
23.29 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-edit.php
28.89 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-emails.php
26.81 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
autoresponders-list.php
15.85 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders-report.php
40.18 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
autoresponders.php
77.28 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
blacklist-blocked-domains.php
13.39 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
blacklist-suppression.php
13.34 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
campaigns-rss.php
8.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
certs
-
11/27/2024 05:20:18 AM
rwxr-xr-x
📄
clear-queue.php
996 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
confirm.php
9.34 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
create-template.php
3.99 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
create.php
15.92 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
css
-
11/27/2024 05:21:35 AM
rwxr-xr-x
📄
custom-fields.php
8.5 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
delete-from-list.php
5.29 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
detect-table-conflicts.php
2.47 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
edit-brand.php
57.32 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
edit-list.php
20.97 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit-template.php
4.65 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
edit.php
19.04 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
eula.txt
6.5 KB
11/27/2024 05:19:44 AM
rw-r--r--
📄
housekeeping-inactive.php
12.54 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
housekeeping-unconfirmed.php
14.01 KB
05/19/2025 10:07:15 AM
rw-r--r--
📁
img
-
11/27/2024 05:20:27 AM
rwxr-xr-x
📄
import-csv.php
18.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
includes
-
05/27/2025 10:27:13 AM
rwxr-xr-x
📄
index.php
18.77 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
js
-
11/27/2024 05:22:39 AM
rwxr-xr-x
📄
l.php
10.63 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
list.php
12.3 KB
05/19/2025 10:07:15 AM
rw-r--r--
📁
locale
-
11/27/2024 05:22:57 AM
rwxr-xr-x
📄
login.php
4.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
logout.php
133 bytes
05/19/2025 10:07:15 AM
rw-r--r--
📄
new-brand.php
46.35 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
new-list.php
1.98 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
payment.php
7.41 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
phpinfo.php
1.39 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
r.php
11 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
reconsent-success.php
3.91 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
remove-duplicates.php
2.94 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
report.php
48.79 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
reports.php
10.7 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
reset-cron.php
999 bytes
05/19/2025 10:07:16 AM
rw-r--r--
📄
rules.php
37.35 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
scheduled.php
39.51 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
search-all-brands.php
7.07 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-all-lists.php
10.68 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
search-campaigns.php
30.29 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
segment.php
45.8 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
segments-list.php
6.84 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
send-to.php
57.72 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
sending.php
8.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
settings.php
41.29 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
subscribe.php
29.26 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
subscribers.php
44.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
subscription.php
9.01 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
t.php
4.22 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
template-preview.php
4.55 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
templates.php
7.35 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
two-factor.php
4.33 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe-from-list.php
5.33 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
unsubscribe-success.php
3.9 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
unsubscribe.php
16.19 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
update-list.php
13.88 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
update-segments.php
3.09 KB
05/19/2025 10:07:16 AM
rw-r--r--
📁
uploads
-
05/27/2025 12:24:46 PM
rwxrwxrwx
📄
verification-status.php
3.63 KB
05/19/2025 10:07:16 AM
rw-r--r--
📄
w.php
17.76 KB
05/19/2025 10:07:15 AM
rw-r--r--
📄
webhooks-log.php
4.28 KB
05/19/2025 10:07:15 AM
rw-r--r--
Editing: subscription.php
Close
<?php ini_set('display_errors', 0);?> <?php include('includes/config.php'); //--------------------------------------------------------------// function dbConnect() { //Connect to database //--------------------------------------------------------------// // Access global variables global $mysqli; global $dbHost; global $dbUser; global $dbPass; global $dbName; global $dbPort; // Attempt to connect to database server if(isset($dbPort)) $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName, $dbPort); else $mysqli = new mysqli($dbHost, $dbUser, $dbPass, $dbName); // If connection failed... if ($mysqli->connect_error) { fail(); } global $charset; mysqli_set_charset($mysqli, isset($charset) ? $charset : "utf8"); return $mysqli; } //--------------------------------------------------------------// function fail() { //Database connection fails //--------------------------------------------------------------// print 'Database error'; exit; } // connect to database dbConnect(); include('includes/helpers/short.php'); include('includes/helpers/locale.php'); ?> <?php if(isset($_GET['f'])) { $f = mysqli_real_escape_string($mysqli, decrypt_string($_GET['f'])); $data = json_decode(stripslashes($f)); $brand = $data->{'brand'}; $lid = $data->{'list'}; } else { $brand = isset($_GET['i']) && is_numeric($_GET['i']) ? mysqli_real_escape_string($mysqli, $_GET['i']) : exit; $lid = isset($_GET['l']) ? mysqli_real_escape_string($mysqli, str_replace(' ', '', trim($_GET['l']))) : exit; } //Check if brand id and list id is valid and matching $q = 'SELECT * FROM lists WHERE app = '.$brand.' AND id = '.decrypt_int($lid); $r = mysqli_query($mysqli, $q); if (mysqli_num_rows($r) == 0) { echo 'Subscription form does not exist.'; exit; } //Get brand logo $q = "SELECT app_name, from_email, brand_logo_filename, recaptcha_sitekey, recaptcha_secretkey, custom_domain, custom_domain_protocol, custom_domain_enabled FROM apps WHERE id = '$brand'"; $r = mysqli_query($mysqli, $q); if ($r && mysqli_num_rows($r) > 0) { while($row = mysqli_fetch_array($r)) { $app_name = $row['app_name']; $from_email_full = $row['from_email']; $from_email = explode('@', $from_email_full); $get_domain = $from_email[1]; $brand_logo_filename = $row['brand_logo_filename']; $recaptcha_sitekey = $row['recaptcha_sitekey']; $recaptcha_secretkey = $row['recaptcha_secretkey']; $recaptcha_enabled = $recaptcha_sitekey!='' && $recaptcha_secretkey!='' ? true : false; $custom_domain = $row['custom_domain']; $custom_domain_protocol = $row['custom_domain_protocol']; $custom_domain_enabled = $row['custom_domain_enabled']; if($custom_domain!='' && $custom_domain_enabled) { $parse = parse_url(APP_PATH); $domain = $parse['host']; $protocol = $parse['scheme']; $app_path = str_replace($domain, $custom_domain, APP_PATH); $app_path = str_replace($protocol, $custom_domain_protocol, $app_path); } else $app_path = APP_PATH; //Brand logo if($brand_logo_filename=='') $logo_image = 'https://www.google.com/s2/favicons?domain='.$get_domain; else $logo_image = $app_path.'/uploads/logos/'.$brand_logo_filename; } } //Set language $q_l = 'SELECT login.language FROM lists, login WHERE lists.id = '.decrypt_int($lid).' AND login.app = lists.app'; $r_l = mysqli_query($mysqli, $q_l); if ($r_l && mysqli_num_rows($r_l) > 0) while($row = mysqli_fetch_array($r_l)) $language = $row['language']; set_locale($language); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="robots" content="noindex, nofollow"> <link rel="Shortcut Icon" type="image/ico" href="<?php echo $app_path;?>/img/favicon.png"> <link rel="stylesheet" type="text/css" href="<?php echo $app_path;?>/css/subscription.css?8" /> <script type="text/javascript" src="<?php echo $app_path;?>/js/jquery-3.5.1.min.js"></script> <script type="text/javascript" src="<?php echo $app_path;?>/js/pickaday/pikaday.js"></script> <script type="text/javascript" src="<?php echo $app_path;?>/js/pickaday/pikaday.jquery.js"></script> <link rel="stylesheet" type="text/css" href="<?php echo $app_path;?>/css/pikaday.css" /> <link href='https://fonts.googleapis.com/css?family=Roboto:400,400italic,700,700italic' rel='stylesheet' type='text/css'> <link href="https://fonts.googleapis.com/css?family=Questrial" rel="stylesheet"> <?php if($recaptcha_enabled):?> <script src='https://www.google.com/recaptcha/api.js'></script> <?php endif;?> <title><?php echo _('Join our mailing list');?></title> <script type="text/javascript"> $(document).ready(function() { $("#name").focus(); }); </script> </head> <body> <div class="separator"></div> <div id="wrapper"> <h2><img src="<?php echo $logo_image;?>" title=""/> <?php echo _('Join our mailing list');?></h2> <p> <form action="<?php echo $app_path;?>/subscribe" method="POST" accept-charset="utf-8" id="subscribe-form"> <div> <label for="name"><?php echo _('Name');?></label> <input type="text" name="name" id="name"/> </div> <div> <label for="email"><?php echo _('Email');?></label> <input type="email" name="email" id="email"/> </div> <div id="hp"> <label for="hp">HP</label> <input type="text" name="hp" id="hp"/> </div> <?php $q = 'SELECT custom_fields, gdpr_enabled, marketing_permission, what_to_expect FROM lists WHERE id = '.decrypt_int($lid); $r = mysqli_query($mysqli, $q); if ($r) { while($row = mysqli_fetch_array($r)) { $custom_fields = $row['custom_fields']; $gdpr_enabled = $row['gdpr_enabled']; $marketing_permission = $row['marketing_permission']; $what_to_expect = $row['what_to_expect']; } if($custom_fields!='') { $custom_fields_array = explode('%s%', $custom_fields); foreach($custom_fields_array as $cf) { $cf_array = explode(':', $cf); $cm_type = $cf_array[1]; $cm_name = str_replace(' ', '', $cf_array[0]); echo '<div><label for="'.str_replace(' ', '', $cf_array[0]).'">'.$cf_array[0].'</label>'; //If custom field type is 'Date', show date picker if($cm_type=='Date') { $the_date = strftime("%a %b %d %Y", time()); echo ' <input type="text" name="'.$cm_name.'" id="'.$cm_name.'" value="'.$the_date.'" readonly class="uneditable"/> <script type="text/javascript"> $("#'.$cm_name.'").pikaday({ firstDay: 1 }); $("#date-icon, #'.$cm_name.'").css("cursor", "pointer"); $("#date-icon").click(function(){ $("#'.$cm_name.'").click(); }); </script> '; } else //Is 'Text' based custom field { echo '<input type="text" name="'.$cm_name.'" id="'.$cm_name.'"/>'; } echo '</div>'; } } } ?> <input type="hidden" name="list" value="<?php echo $lid;?>"/> <input type="hidden" name="subform" value="yes"/> <?php if($gdpr_enabled):?> <div id="gdpr"> <input type="checkbox" name="gdpr" id="gdpr"> <span><strong><?php echo _('Marketing permission');?></strong>: <?php if($marketing_permission==''):?>I give my consent to <?php echo $app_name;?> to be in touch with me via email using the information I have provided in this form for the purpose of news, updates and marketing.<?php else: echo $marketing_permission; endif;?></span> <br/><br/> <span><strong><?php echo _('What to expect');?></strong>: <?php if($what_to_expect==''):?>If you wish to withdraw your consent and stop hearing from us, simply click the unsubscribe link at the bottom of every email we send or contact us at <?php echo $from_email_full;?>. We value and respect your personal data and privacy. To view our privacy policy, please visit our website. By submitting this form, you agree that we may process your information in accordance with these terms.<?php else: echo $what_to_expect; endif;?></span> </div> <?php endif;?> <?php if($recaptcha_enabled):?> <div class="g-recaptcha" data-sitekey="<?php echo $recaptcha_sitekey?>" style="margin: 10px 0 0 16px;"></div> <?php endif;?> <a href="javascript:void(0)" title="" id="submit"><?php echo _('Subscribe to list');?></a> </form> <script type="text/javascript"> $("#subscribe-form").keypress(function(e) { if(e.keyCode == 13) { e.preventDefault(); $("#subscribe-form").submit(); } }); $("#submit").click(function(e){ e.preventDefault(); $("#subscribe-form").submit(); }); </script> </p> </div> </body> </html>