# We are done updating
if ($limit !== false && $limit <= 0) {
break;
}
}
mysqli_free_result($partition_results);
# Returning our values
PostParser::send($content);
/* --- Connection closed wit PostParser::send --- Below this point things need to be tracked and cleaned up --- */
# Updating our partition row counts
$size_changed = false;
$update_queries = ['SET @table_size_delta=0'];
foreach ($partitions_affected as $id => $partition) {
# Getting our new table size
$query = "\tSELECT\n\t\t\t\t\t `DATA_LENGTH` + `INDEX_LENGTH` AS `size`\n\t\t\t\tFROM\n\t\t\t\t\t`INFORMATION_SCHEMA`.`TABLES`\n\t\t\t\tWHERE\n\t\t\t\t\t`TABLE_SCHEMA`\t='" . mysqli_escape_string($partition->dblink, $partition->database) . "' AND\n\t\t\t\t\t`TABLE_NAME`\t='" . mysqli_escape_string($partition->dblink, $partition->data['table_name']) . "'";
$size_data = mysqli_single_result_query($partition->dblink, $query);
# Done with partitions database link
mysqli_shared_close($partition->dblink, $G_SHARED_DBLINKS);
# We have a different size
$this_size_changed = false;
if ((int) $partition->data['size'] != (int) $size_data['size']) {
# Flag size changed
$size_changed = true;
$this_size_changed = true;
# Storing the currently saved size
$update_queries[] = "\tSET @size_delta = \t(\n\t\t\t\t\t\t\t\t\t\tSELECT \n\t\t\t\t\t\t\t\t\t\t" . (int) $size_data['size'] . "- CONVERT(`size`,SIGNED)\n\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t\t`id`=" . (int) $id . "\n\t\t\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t\t\t)";
# Updating our size change
$update_queries[] = "\tSET @table_size_delta = @table_size_delta + @size_delta";
}
# Updating the partitions size
$update_queries[] = "\tUPDATE\n\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t" . ($this_size_changed ? "`size` = `size` + @size_delta," : "") . "\n\t\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t\t=" . (int) $id . "\n\t\t\t\t\tLIMIT 1";
$names = array($file['name']);
$tmp_names = array($file['tmp_name']);
$file_types = array($file['type']);
}
# Looping through our files
for ($i = 0, $ncount = count($names); $i < $ncount; $i++) {
# Saving our filename
$filename = isset($_CGET['name']) ? $_CGET['name'] : $names[$i];
$tmpname = $tmp_names[$i];
# Getting our metadata
$created = date('Y-m-d H:i:s');
$version = 1;
$file_id = 0;
# Adding to the datatbase
$query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`environment`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "' AND\n\t\t\t\t\t\t`directory_id`\t=" . (int) $G_DIRECTORY_DATA['id'] . " AND\n\t\t\t\t\t\t`name`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $filename) . "'\n\t\t\t\t\tLIMIT 1";
$current_file_data = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# If we already have a
if (isset($current_file_data['id'])) {
# Moving our file
$query = "\tINSERT INTO\n\t\t\t\t\t\t\t" . NQ_FILE_VERSION_TABLE . "\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t*\n\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t\t\t\t)";
mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# Deleting our file
$query = "\tDELETE FROM\n\t\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t\t\tLIMIT 1";
mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# Saving our file id
$file_id = $current_file_data['file_id'];
$created = $current_file_data['created'];
# Increasing our version
$version = (int) $current_file_data['version'] + 1;
}
# Adding to the datatbase
<?php
/*
summary.php
*/
# Our endpoints
$tables = ['database', 'images', 'files', 'emails', 'tokens'];
# Looping through each set of tables
foreach ($tables as $table) {
# Updating our database tracking
$date = strtotime(date('Y-m-d 00:00:00', strtotime('-1 day')));
while (true) {
# Checking to see if there are still items to be added
$query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tLIMIT 1";
$check = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
if (empty($check)) {
break;
}
# Getting our general count data
$query = "\tSELECT\n\t\t\t\t\t\tCOUNT(*) AS `count`,\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`environment`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`>='" . date('Y-m-d 00:00:00', $date) . "' AND\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tGROUP BY\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`environment`";
$result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query);
while ($count_data = mysqli_fetch_array($result)) {
# Adding our count into the database
$query = "\tINSERT IGNORE INTO\n\t\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "_summary`\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`app_id`\t=" . $count_data['app_id'] . ",\n\t\t\t\t\t\t\t`environment`\t='" . $count_data['environment'] . "',\n\t\t\t\t\t\t\t`transactions`\t=" . $count_data['count'] . ",\n\t\t\t\t\t\t\t`created`\t='" . date('Y-m-d', $date) . "'";
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
}
# Getting our general count data
$query = "\tSELECT\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t`environment`,\n\t\t\t\t\t\tCOUNT(*) AS `count`,\n\t\t\t\t\t\tMIN(`size`) AS `min_size`,\n\t\t\t\t\t\tAVG(`size`) AS `avg_size`,\n\t\t\t\t\t\tMAX(`size`) AS `max_size`,\n\t\t\t\t\t\tMIN(`time`) AS `min_time`,\n\t\t\t\t\t\tAVG(`time`) AS `avg_time`,\n\t\t\t\t\t\tMAX(`time`) AS `max_time`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`>='" . date('Y-m-d 00:00:00', $date) . "' AND\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tGROUP BY\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t`environment`";
$result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query);
while ($count_data = mysqli_fetch_array($result)) {
# Adding our count into the database
function queue_email($controller_dblink, $to, $from, $subject, $email_data, $constants, $variables, $app_id, $send_date, $bcc_available = true)
{
# Reply to
$reply_to = $from;
# Separating for validation
$p = explode('@', $to, 2);
# Bailing if not someone@someplace.com format
if (count($p) < 2) {
return false;
}
# Checking if the email is blocked
$query = "\tSELECT\n\t\t\t\t\t\t`email`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . " AND\n\t\t\t\t\t\t`email`\t='" . mysqli_escape_string($controller_dblink, $to) . "'\n\t\t\t\t\tLIMIT 1";
$blocked_data = mysqli_single_result_query($controller_dblink, $query);
# This user has blocked the app from sending emails
if (isset($blocked_data)) {
# Adding our analytics
$query = "\tINSERT INTO\n\t\t\t\t\t\t\t" . NQ_ANALYTICS_BLOCKED_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`app_id`\t\t=" . (int) $app_id . ",\n\t\t\t\t\t\t\t`template_id`\t=" . (int) $email_data['id'] . ",\n\t\t\t\t\t\t\t`sender`\t\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t\t`created`\t\t=NOW()";
mysqli_sub_query($controller_dblink, $query);
# Blocked
return -1;
} else {
# Applying our constants and variables
$attachments_list = [];
$body = TemplateParser::parse($email_data['body'], $constants, $variables, $app_id, $attachments_list);
# Applying our unsubscribe
if ($email_data['requires_unsubscribe'] == 1 && strpos($body, '%unsubscribe%') === false) {
$body .= ' <div style="margin-top:10px;">%unsubscribe% from ' . $G_APP_DATA['name'] . '</div>';
}
# If we are going to track
$mail_body = $body;
$bcc_body = $body;
# Adding our analytics
$query = "\tINSERT INTO\n\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`app_id`\t\t=" . (int) $app_id . ",\n\t\t\t\t\t\t`template_id`\t\t=" . (int) $email_data['id'] . ",\n\t\t\t\t\t\t`sender`\t\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t`recipient`\t\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t`created`\t\t=NOW(),\n\t\t\t\t\t\t`requested_date`\t=NOW()";
mysqli_sub_query($controller_dblink, $query);
$analytics_id = mysqli_insert_id($controller_dblink);
# If we are going to track
$mail_body = $body;
$bcc_body = $body;
if ($email_data['track'] == 1) {
# Our ids
$hash_id = hash('sha256', $analytics_id . $to);
# Updating the hash id
$query = "\tUPDATE\n\t\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`hash_id`\t='" . $hash_id . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`\t\t=" . (int) $analytics_id . "\n\t\t\t\t\t\tLIMIT 1";
mysqli_sub_query($controller_dblink, $query);
# Customizing the body
$mail_body .= '<img style="display:none;" src="' . NQ_DOMAIN_ROOT . '/' . $app_id . '/track?ref=' . $hash_id . '" width="1" height="1" />';
}
# Inserting our unsubscribe link
$keys = ['/%unsubscribe%/'];
$values = ['<a href="' . NQ_DOMAIN_ROOT . '/' . $app_id . '/unsubscribe?ref=' . $hash_id . '&email=' . urlencode($to) . '" style="color:inherit;text-decoration:inherit;"> Unsubscribe </a>'];
$mail_body = preg_replace($keys, $values, $mail_body);
# Adding to the queue
$query = "\tINSERT INTO\n\t\t\t\t\t\t" . NQ_QUEUE_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . ",\n\t\t\t\t\t\t`analytics_id`\t=" . (int) $analytics_id . ",\n\t\t\t\t\t\t`sender`\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t`subject`\t='" . mysqli_escape_string($controller_dblink, $subject) . "',\n\t\t\t\t\t\t`raw`\t\t='" . mysqli_escape_string($controller_dblink, build_raw_email($to, $from, $reply_to, $subject, $mail_body, $attachments_list, $app_id)) . "',\n\t\t\t\t\t\t`send_date`\t='" . date('Y-m-d H:i:s', $send_date) . "',\n\t\t\t\t\t\t`priority`\t=1";
mysqli_sub_query($controller_dblink, $query);
# Sending the bcc
if ($bcc_available) {
# Modifying to add our bcc header
$bcc_body = trim('<div style="padding:10px;border-bottom:solid #E9E9E9 1px;margin-bottom:1px;line-height:2.0;">
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;"></div><b>BCC Email</b><br />
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">sent to:</div>' . $to . '<br />
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">from:</div>' . htmlentities($from) . '<br />
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">date:</div>' . date('r') . '<br />
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">send date:</div>' . date('r', $send_date) . '<br />
<div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">tracking:</div>' . ($email_data['track'] == 1 ? 'Yes' : 'No') . '<br />
</div>
' . $bcc_body);
# Sending bcc emails
foreach (explode(',', $email_data['bcc']) as $bcc) {
# Adding to the queue
if (trim($bcc) != '') {
$query = "\tINSERT INTO\n\t\t\t\t\t\t\t\t\t" . NQ_QUEUE_TABLE . "\n\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . ",\n\t\t\t\t\t\t\t\t\t`sender`\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, trim($bcc)) . "',\n\t\t\t\t\t\t\t\t\t`subject`\t='" . mysqli_escape_string($controller_dblink, $subject) . "',\n\t\t\t\t\t\t\t\t\t`raw`\t\t='" . mysqli_escape_string($controller_dblink, build_raw_email(trim($bcc), $from, $reply_to, $subject, $bcc_body, $attachments_list, $app_id)) . "',\n\t\t\t\t\t\t\t\t\t`send_date`\t=NOW(),\n\t\t\t\t\t\t\t\t\t`priority`\t=255";
mysqli_sub_query($controller_dblink, $query);
}
}
}
# Sent
return 1;
}
}
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
# Including our configuration and validate app
require_once __DIR__ . '/_includes/config.php';
require_once __DIR__ . '/_includes/validate-app.php';
# Handling our global json parsing
$_JPOST = PostParser::decode();
# Validating we have the constant
$query = "\tSELECT\n\t\t\t\t`id`\n\t\t\tFROM\n\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`environment` \tIN ('*','" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "') AND\n\t\t\t\t`tag`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->tag) . "'\n\t\t\t\tLIMIT 1";
$constant_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# Bailing if we have a bad constant
if (!isset($constant_data['id'])) {
exit_fail(NQ_ERROR_INVALID_VALUE, LANG_INVALID_CONSTANT);
}
# Archiving the constant
$query = "\tINSERT INTO\n\t\t\t\t" . NQ_CONSTANT_ARCHIVE_TABLE . "\n\t\t\t\t(\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t=" . (int) $constant_data['id'] . "\n\t\t\t\t)";
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
# Deleting the constant
$query = "\tDELETE FROM\n\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`\t=" . (int) $constant_data['id'] . "\n\t\t\tLIMIT 1";
mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# The content to be returned
$content = new stdClass();
$content->success = true;
$content->deleted = mysqli_affected_rows($G_CONTROLLER_DBLINK) == 1;
# Sending our content
foreach ($_JPOST->actions as $action => $value) {
switch ($action) {
case 'flip':
$img->flip($value);
break;
}
}
# Moving our file version
$query = "\tINSERT INTO\n\t\t\t\t" . NQ_FILE_VERSION_TABLE . "\n\t\t\t\t(\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t)";
mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# Deleting our file
$query = "\tDELETE FROM\n\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\tLIMIT 1";
mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# Getting our server where we are going to store the images
$query = "\tSELECT\n\t\t\t\t*\n\t\t\tFROM\n\t\t\t\t" . NQ_SERVERS_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`server_type`\t='image' AND\n\t\t\t\t`environment`\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "'\n\t\t\tORDER BY\n\t\t\t\t`tier` ASC,\n\t\t\t\t`available_space` DESC\n\t\t\tLIMIT 1";
$G_SERVER_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# Combining our host properties into our path
$G_SERVER_HOST = NQ_FILE_STORAGE_PROTOCOL . $G_SERVER_DATA['username'] . NQ_FILE_STORAGE_CRED_SEPARATOR . $G_SERVER_DATA['password'] . NQ_FILE_STORAGE_HOST_SEPARATOR . $G_SERVER_DATA['host'] . $G_SERVER_DATA['path'];
# Saving our file id and updating the version
$file_id = $current_file_data['file_id'];
$version = (int) $current_file_data['version'] + 1;
# Where we are going to save our file to
$save_path = $G_APP_DATA['id'] . '/';
if (!is_dir($savepath)) {
mkdir($G_SERVER_HOST . $save_path);
}
$ext = explode('.', $current_file_data['filepath']);
$ext = array_splice($ext, -1);
$ext = $ext[0];
$filepath = $save_path . $file_id . '-' . $version . '.' . $ext;
# Saving the new version of the image
define('PUBLIC_ENDPOINT', false);
// Can anyone can access this endpoint
# Including our configuration
require_once __DIR__ . '/_includes/config.php';
require_once __DIR__ . '/_includes/validate-app.php';
# Endpoint Specific
define('SHOW_DIRECTORIES', !isset($_CGET['nodirectories']) || !boolval_ext($_CGET['nodirectories']));
define('SHOW_FILES', !isset($_CGET['nofiles']) || !boolval_ext($_CGET['nofiles']));
# Our return class
$content = new stdClass();
$content_results = array();
# Setting up our path
$G_PATH_DATA = parse_path($_CGET['dir'], $_ENDPOINT, $G_TOKEN_SESSION_DATA);
# Getting our directory
$query = "\tSELECT\n\t\t\t\t`id`,\n\t\t\t\t`path`,\n\t\t\t\t`name`,\n\t\t\t\t`directories`,\n\t\t\t\t`files`,\n\t\t\t\t`filesize`,\n\t\t\t\t`children_filesize`,\n\t\t\t\t`created`,\n\t\t\t\t`modified`\n\t\t\tFROM \n\t\t\t\t" . NQ_DIRECTORY_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`environment`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "' AND\n\t\t\t\t`path`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_PATH_DATA->dir) . "' AND\n\t\t\t\t`name`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_PATH_DATA->name) . "'\n\t\t\tLIMIT 1";
$directory_data = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query);
$total_count = (SHOW_DIRECTORIES ? $directory_data['directories'] : 0) + (SHOW_FILES ? $directory_data['files'] : 0);
# Handling our pages
$per_page = isset($_CGET['limit']) ? min((int) $_CGET['limit'], $G_APP_DATA['results_limit']) : $G_APP_DATA['results_limit'];
$page = isset($_CGET['page']) ? abs((int) $_CGET['page']) : 0;
$pages = floor(($total_count - 1) / $per_page);
$pageXPer = $page * $per_page;
# Filtering our directories
$directories_start = 0;
$directories_limit = 0;
$directories_shown = 0;
if (SHOW_DIRECTORIES) {
$directories_start = $pageXPer > $directory_data['directories'] - $per_page ? $pageXPer : 0;
$directories_limit = max(0, $directory_data['directories'] - $directories_start);
$directories_shown = $directory_data['directories'];
}
function directory_parent_ids($dblink, $parent_id)
{
# No parent id, exiting function
if ($parent_id == 0) {
return [];
}
# Array of parent id's starting with the requested
$parent_ids = [$parent_id];
# Continuing till we reach the top
while ($parent_id != 0) {
# Getting the parent id
$query = "\tSELECT\n\t\t\t\t\t\t`parent_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_DIRECTORY_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`=" . (int) $parent_id . "\n\t\t\t\t\tLIMIT 1";
$parent_data = mysqli_single_result_query($dblink, $query);
# Saving the parent id
$parent_id = (int) $parent_data['parent_id'];
$parent_ids[] = $parent_id;
}
# Sorting top to bottom
array_reverse($parent_ids);
# Returning the parent ids
return $parent_ids;
}
$content->blocked = 0;
$content->sent = 0;
# Sending our email
$email->personal = $email->personal == '' ? $G_APP_DATA['name'] : $email->personal;
$headers = 'From: ' . $email->personal . '<' . $email->mailbox . '@' . $email->host . '>' . "\n" . 'MIME-Version: 1.0' . "\n" . 'Content-type:text/html;charset=iso-8859-1' . "\n" . 'Reply-To: ' . $_JPOST->sender_email . "\n";
# Sending our emails
foreach (is_array($_JPOST->recipients) ? $_JPOST->recipients : explode(',', $_JPOST->recipients) as $email) {
# Separating for validation
$p = explode('@', $email, 2);
# Bailing if not someone@someplace.com format
if (count($p) < 2) {
continue;
}
# Checking if the email is blocked
$query = "\tSELECT\n\t\t\t\t\t`email`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t`email`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $email) . "'\n\t\t\t\tLIMIT 1";
$blocked_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# This user has blocked the app from sending emails
if (isset($blocked_data['permanent']) && $blocked_data['permanent']) {
$content->blocked++;
} elseif (!isset($blocked_data['requested_unblock']) || $blocked_data['requested_unblock'] != 1) {
# Our ids
$track_id = mysqli_insert_id($G_CONTROLLER_DBLINK);
$hash_id = hash('sha256', $track_id . $email);
# Updating the hash id
$query = "\tUPDATE\n\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`hash_id`\t='" . $hash_id . "'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t\t=" . (int) $track_id . "\n\t\t\t\t\tLIMIT 1";
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
# Customizing the body
$mail_body = $body . '<img style="display:none;" src="http://email.v1.0.nuquery.com/' . $G_APP_DATA['id'] . '/track?ref=' . $hash_id . '" width="1" height="1" />';
# Inserting our unsubscribe link
if ($has_unsubscribe) {
$mail_body = str_replace('<const:unsubscribe>', '<a href="http://email.v1.0.nuquery.com/' . $G_APP_DATA['id'] . '/unsubscribe?ref=' . $hash_id . '&email=' . urlencode($email) . '" style="color:inherit;text-decoration:inherit;"> Unsubscribe </a>', $mail_body);
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
# Including our configuration
require_once dirname(__FILE__) . '/_includes/config.php';
# Handling our global json parsing
$_JPOST = PostParser::decode();
# Validating our app
if (hash('sha256', $G_APP_DATA['secret']) != $_JPOST->app_secret) {
exit_fail(NQ_ERROR_SERVICE_UNAVAILABLE, 'Service unavailable.');
}
# Setting our token data
$query = "\tSELECT\n\t\t\t\t`session_id`\n\t\t\tFROM\n\t\t\t\t" . NQ_ACCESS_TOKEN_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`hash_id`='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $_JPOST->token) . "'\n\t\t\tLIMIT 1";
$token_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# Updating our data
$query = "\tSELECT\n\t\t\t\t`details`\n\t\t\tFROM\n\t\t\t\t" . NQ_ACCESS_SESSION_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $token_data['session_id']) . "'\n\t\t\tLIMIT 1";
$session_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
# Creating our token string
$strlen = PostParser::send(json_decode($session_data['details']));
/* --- Connection closed wit PostParser::send --- Below this point things need to be tracked and cleaned up --- */
# Opening our tracking dblink
$G_TRACKING_DBLINK = mysqli_shared_connect(NQ_TRACKING_HOST, NQ_TRACKING_USERNAME, NQ_TRACKING_PASSWORD, $G_SHARED_DBLINKS);
# Closing the controller dblink
mysqli_shared_close($G_CONTROLLER_DBLINK, $G_SHARED_DBLINKS);
# Adding our usage
track_endpoint($G_SHARED_DBLINKS, $G_APP_DATA['id'], $G_APP_ENVIRONMENT, $_ENDPOINT, $strlen);
function get_whitelist_columns($dblink, $app_id, $table_id, $token_id)
{
# Getting our columns from the database
$query = "\tSELECT\n\t\t\t\t\tGROUP_CONCAT(`column_name`) AS `columns`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_WHITELIST_COLUMNS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`app_id`\t=" . (int) $app_id . " AND\n\t\t\t\t\t`table_id`\t=" . (int) $table_id . " AND\n\t\t\t\t\t`token_id`\t=" . (int) $token_id;
$data = mysqli_single_result_query($dblink, $query);
# Returning the columns
return $data['columns'] == '' ? [] : explode(',', $data['columns']);
}
while ($token_data = mysqli_fetch_assoc($token_result)) {
# Creating our new token
$token = new stdClass();
$token->id = $token_data['id'];
$token->api_key = $token_data['api_key'];
$token->notes = $token_data['notes'];
$token->privileges = new stdClass();
$token->column_comments = new stdClass();
# Adding column comments
mysqli_data_seek($result, 0);
while ($column_data = mysqli_fetch_assoc($result)) {
$token->comments->{$column_data['Field']} = $column_data['Comment'];
}
# If the table is blacklisted
$query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_BLACKLIST_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`token_id`\t=" . (int) $token_data['id'] . " AND\n\t\t\t\t\t\t`table_id`\t=" . (int) $G_TABLE_DETAILS['id'];
$blacklist_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query);
$token->blacklisted = isset($blacklist_data['app_id']);
# Getting the whitelisted columns
$query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_WHITELIST_COLUMNS_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`token_id`\t=" . (int) $token_data['id'] . " AND\n\t\t\t\t\t\t`table_id`\t=" . (int) $G_TABLE_DETAILS['id'];
$whitelist_result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query);
# If we are all whitelisted
$token->allWhitelisted = NQ_WHITELIST_EXISTENTIAL && mysqli_num_rows($whitelist_result) == 0;
$token->allWhitelisted = $token->allWhitelisted || mysqli_num_rows($result) == mysqli_num_rows($whitelist_result);
# If we want to whitelist everything
if (NQ_WHITELIST_EXISTENTIAL && mysqli_num_rows($whitelist_result) == 0) {
mysqli_data_seek($result, 0);
while ($column_data = mysqli_fetch_assoc($result)) {
$token->privileges->{$column_data['Field']} = 2;
}
} else {
# Listing all of our columns
$table_settings = $G_TABLE_SETTINGS[$G_TABLE_INDEX++];
$attached_bitmask = $G_PARTITION_BITSIZE[$table_settings['partition_size']];
# What kind of attached link is it?
switch ($attached['type']) {
# One to one
case 'single':
$partitions = new stdClass();
foreach ($content as $key => $val) {
# Calculating the ids we have
$attached_id = (int) $val[$attached['column']];
$partition_number = $attached_id >> $attached_bitmask[0];
# New partition to track
if (!isset($partitions->{$partition_number})) {
# Loading our server details
$server_query = "\tSELECT\n\t\t\t\t\t\t\t\t\t\t`p`.`id`,\n\t\t\t\t\t\t\t\t\t\t`p`.`table_name`,\n\t\t\t\t\t\t\t\t\t\t`s`.`host`,\n\t\t\t\t\t\t\t\t\t\t`s`.`username`,\n\t\t\t\t\t\t\t\t\t\t`s`.`password`,\n\t\t\t\t\t\t\t\t\t\t`s`.`database`\n\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t" . NQ_SERVERS_TABLE . " `s`\n\t\t\t\t\t\t\t\t\t\tON\n\t\t\t\t\t\t\t\t\t\t\t`s`.`id`=`p`.`host_id`\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t`table_id`=" . (int) $table_settings['id'] . " AND\n\t\t\t\t\t\t\t\t\t\t`number` = " . (int) $partition_number . "\n\t\t\t\t\t\t\t\t\tLIMIT 1";
$server_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $server_query);
$partitions->{$partition_number} = (object) ['server_data' => $server_data, 'ids' => [], 'keys' => new stdClass()];
# Adding our tracking
$G_READ_PARTITION_IDS[] = $server_data['id'];
}
# Updating the current patition
$current_partition = $partitions->{$partition_number};
if (!in_array($attached_id, $current_partition->ids)) {
$current_partition->ids[] = $attached_id;
}
$current_partition->keys->{$attached_id}[] = $key;
}
# Retrieving the partitions
$query = false;
foreach ($partitions as $number => $partition) {
# Local variables
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
# Including our configuration and validate app
require_once __DIR__ . '/_includes/config.php';
require_once __DIR__ . '/_includes/validate-app.php';
# Handling our global json parsing
$_JPOST = PostParser::decode();
# Getting the domain to confim
$query = "\tSELECT\n\t\t\t\t*\t\n\t\t\tFROM\n\t\t\t\t" . NQ_DOMAIN_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`domain`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->domain) . "' AND\n\t\t\t\t`confirmed`\t=b'0'";
$G_RECORD_DATA = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query);
# Validating our dns record
$records = array_merge(dns_get_record('*.' . $_JPOST->domain, DNS_TXT), dns_get_record($_JPOST->domain, DNS_TXT));
$spf_valid = false;
$txt_value = false;
foreach ($records as $record) {
# We are checking for spf
if (!$spf_valid && substr($record['txt'], 0, 5) == 'v=spf') {
# Breaking apart our txt record
$parts = explode(' ', trim(substr($record['txt'], 5)));
# Looping over each part
foreach ($parts as $part) {
# Getting our block and address
$block = strpos($part, ':') !== false ? substr($part, 0, strpos($part, ':')) : $last_block;
$address = trim(substr($part, strpos($part, ':')));
$address = strpos($address, '/') !== false ? substr($address, 0, strpos($address, '/')) : $address;
while ($table_data = mysqli_fetch_assoc($result)) {
# Selecting the partitions for the table
$query = "\tSELECT\n\t\t\t\t\t`p`.`table_name`,\n\t\t\t\t\t`s`.`host`,\n\t\t\t\t\t`s`.`username`,\n\t\t\t\t\t`s`.`password`,\n\t\t\t\t\t`s`.`database`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\tLEFT JOIN\n\t\t\t\t\t" . NQ_SERVER_DATABASE_TABLE . " `s`\n\t\t\t\t\tON\n\t\t\t\t\t\t`p`.`host_id`=`s`.`id`\n\t\t\t\tWHERE\n\t\t\t\t\t`p`.`table_id`=" . (int) $table_data['id'];
$partition_results = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query);
while ($partition_data = mysqli_fetch_assoc($partition_results)) {
# Establishing our database connection
$dblink = mysqli_shared_connect($partition_data['host'], $partition_data['username'], $partition_data['password'], $G_SHARED_DBLINKS);
# Creating our delete query
$query = "\tDELETE FROM\n\t\t\t\t\t\t`" . $partition_data['database'] . "`.`" . $partition_data['table_name'] . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`timestamp`<'" . date('Y-m-d H:i:s', strtotime('-' . (int) $table_data['row_timeout'] . ' minutes')) . "'";
mysqli_sub_query($dblink, $query);
$affected_rows = mysqli_affected_rows($dblink);
# We had a change
if ($affected_rows > 0) {
# Getting our new table size
$query = "\tSELECT\n\t\t\t\t\t\t\tSUM( `DATA_LENGTH` + `INDEX_LENGTH` ) AS `size`\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t`INFORMATION_SCHEMA`.`TABLES`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`TABLE_SCHEMA`\t='" . mysqli_escape_string($dblink, $partition_data['database']) . "' AND\n\t\t\t\t\t\t\t`TABLE_NAME`\t='" . mysqli_escape_string($dblink, $partition_data['table_name']) . "'";
$size_data = mysqli_single_result_query($dblink, $query);
# Updating the table
$query = "\tUPDATE\n\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`rows`\t\t=`rows`-" . (int) $affected_rows . ",\n\t\t\t\t\t\t\t`size`\t\t=" . (int) $size_data['size'] . ",\n\t\t\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`\t\t=" . (int) $table_data['id'] . "\n\t\t\t\t\t\tLIMIT 1";
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
# Saving our data to process later
$G_UPDATED_TABLES[] = (int) $table_data['id'];
$G_UPDATED_APPS[] = (int) $table_data['app_id'];
$partitions_updated_count++;
}
}
}
# Updating the tables
$G_UPDATED_TABLES = array_unique($G_UPDATED_TABLES, SORT_NUMERIC);
if (count($G_UPDATED_TABLES) > 0) {
$query = "\tUPDATE\n\t\t\t\t\t" . NQ_TABLE_SETTINGS_TABLE . " `s`\n\t\t\t\tSET\n\t\t\t\t\t`rows`\t\t=`rows`-" . (int) $affected_rows . ",\n\t\t\t\t\t`size`\t\t=(\n\t\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t\tSUM(`size`)\n\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t`p`.`table_id`= `s`.`id`\n\t\t\t\t\t\t\t\t),\n\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\tWHERE\n\t\t\t\t\t`id`\t\t\tIN (" . implode(',', $G_UPDATED_TABLES) . ")\n\t\t\t\tLIMIT " . count($G_UPDATED_TABLES);
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
# This page is public
define('PUBLIC_ENDPOINT', true);
define('CONNECT_TO_TRACKING', true);
# Including our config
require_once __DIR__ . '/_includes/config.php';
require_once __DIR__ . '/_includes/validate-app.php';
# Checking to see if our has it valid
$query = "\tSELECT\n\t\t\t\t*\n\t\t\tFROM\n\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`hash_id`='" . mysqli_escape_string($G_TRACKING_DBLINK, $_CGET['ref']) . "'\n\t\t\tLIMIT 1";
$sent_data = mysqli_single_result_query($G_TRACKING_DBLINK, $query);
# We can unsubscribe
if (isset($sent_data['recipient']) && $_CGET['email'] == $sent_data['recipient']) {
# Adding to blocked emails
$query = "\tINSERT IGNORE INTO\n\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\tSET\n\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . ",\n\t\t\t\t\t`email`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $sent_data['recipient']) . "',\n\t\t\t\t\t`created`\t=NOW()";
mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
# Displaying
echo ' <!doctype html>
<html>
<head>
<title>Unsubscribe</title>
</head>
<body style="font-family:Arial;font-size:14px;">
<div style="position:fixed;top:50%;margin-top:-250px;left:50%;margin-left:-200px;width:400px;text-align:center;">
<img src="http://img.v1.0.nuquery.com/2/thumbnail/width=400&height=400&scale=contain/apps/', $G_APP_DATA['id'], '/icon.png" style="width:200px;height:200px;border-radius:100%;" />
<br />
