public function external_hook($hook) { switch ($hook) { case 'l': // opening a tracked link. $send_id = isset($_REQUEST['a']) ? (int) $_REQUEST['s'] : 0; $link_id = isset($_REQUEST['l']) ? (int) $_REQUEST['l'] : 0; $newsletter_member_id = isset($_REQUEST['a']) ? (int) $_REQUEST['a'] : 0; $correct_hash = $this->link_to_link($send_id, $link_id, $newsletter_member_id, true); $provided_hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; if ($correct_hash == $provided_hash) { // we have a correct link from this member. // track that they opened thsi newsletter. $this->member_opened_newsletter($send_id, $newsletter_member_id, 'link', $link_id); } // redirect to this link even if the hash is incorrect. // todo - this is possible information disclosure. maybe we shouldn't do this? oh well. if ($link_id > 0) { $link = get_single('newsletter_link', 'link_id', $link_id); //print_r($link);exit; $url = $link['link_url']; if (strlen($url) < 3) { // bad link? echo 'Incorrect link, sorry'; } else { // todo - format link to full url's or check for common mistakes // like having www. and no http:// if ($correct_hash == $provided_hash && $newsletter_member_id) { // we append some bits to certain urls (eg: unsubscribe url etc..) if (strpos($url, _MEMBER_HASH_URL_REDIRECT_BITS) !== false) { // this url needs some member bits added to it! $url = str_replace(_MEMBER_HASH_URL_REDIRECT_BITS, _MEMBER_HASH_URL_REDIRECT_BITS . '&nm=' . $newsletter_member_id . '&s=' . $send_id . '&hash=' . self::newsletter_redirect_hash($newsletter_member_id, $send_id), $url); } } header("Location: " . $url); } } else { echo 'Bad Link'; } exit; break; case 'i': // viewing a tracked image. $send_id = isset($_REQUEST['a']) ? (int) $_REQUEST['s'] : 0; $image_id = isset($_REQUEST['i']) ? (int) $_REQUEST['i'] : 0; $newsletter_member_id = isset($_REQUEST['a']) ? (int) $_REQUEST['a'] : 0; $correct_hash = $this->link_to_image($send_id, $image_id, $newsletter_member_id, true); $provided_hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; if ($correct_hash == $provided_hash) { // we have a correct link from this member. // track that they opened thsi newsletter. $this->member_opened_newsletter($send_id, $newsletter_member_id, 'image', $image_id); } // redirect to this link even if the hash is incorrect. // todo - this is possible information disclosure. maybe we shouldn't do this? oh well. if ($image_id > 0) { $image = get_single('newsletter_image', 'image_id', $image_id); //print_r($image);exit; $url = $image['image_url']; if (strlen($url) < 3) { // bad link? echo 'Incorrect image link, sorry'; } else { // todo - format link to full url's or check for common mistakes // like having www. and no http:// header("Location: " . $url); } } else { echo 'Bad image Link'; } exit; break; case 'doubleoptin': // confirning their subscription via double opt in $email = isset($_REQUEST['e']) ? trim($_REQUEST['e']) : false; $real_hash = $this->double_optin_confirmation_link($email, true); $email2 = false; if (strpos($email, ' ') !== false) { $email2 = str_replace(' ', '+', $email); $real_hash2 = $this->double_optin_confirmation_link($email2, true); } if ($email && $_REQUEST['hash'] == $real_hash) { // we have a go! $this->subscribe_member_double_optin_done($email); } else { if ($email2 && $_REQUEST['hash'] == $real_hash2) { // we have a go! $this->subscribe_member_double_optin_done($email2); } else { echo _l('Sorry, link is incorrect. Please contact us to let us know about this problem.'); } } break; case 'unsubscribe': // user is viewing the unsubscribe form. include 'public/unsubscribe.php'; break; case 'vo': // viewing the specified newsletter online. $newsletter_id = isset($_REQUEST['n']) ? (int) $_REQUEST['n'] : 0; $send_id = isset($_REQUEST['s']) ? (int) $_REQUEST['s'] : 0; $voh = isset($_REQUEST['voh']) ? $_REQUEST['voh'] : false; // ifi no member id, eg: public viewing link. $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; // set if member id, eg: view link from a send. $newsletter_member_id = isset($_REQUEST['nm']) ? (int) $_REQUEST['nm'] : 0; if ($newsletter_id > 0) { if (!$voh && !$hash) { // echo 'Bad hash. Please report this error.'; exit; } else { if ($newsletter_id && $newsletter_member_id && $send_id && $hash) { if (isset($_REQUEST[_MEMBER_HASH_URL_REDIRECT_BITS])) { $correct_hash = self::newsletter_redirect_hash($newsletter_member_id, $send_id); } else { $correct_hash = self::view_online_url($newsletter_id, $newsletter_member_id, $send_id, true); } if ($correct_hash == $hash) { echo module_newsletter::render($newsletter_id, $send_id, $newsletter_member_id, 'view_online'); exit; } } } if ($voh) { // public view link $correct_voh = self::view_online_url($newsletter_id, false, false, true); if ($correct_voh == $voh) { echo module_newsletter::render($newsletter_id, $send_id, false, 'view_online'); exit; } else { echo 'Bad newsletter hash. Please report this error.'; exit; } } } echo 'Bad newsletter link. Please report this error.'; exit; break; case 'view_online': // todo - remove 'view_online' soon and go with 'vo' plus hash. helps prevent viewing past newsletters by changing id without hash. $newsletter_id = isset($_REQUEST['n']) ? (int) $_REQUEST['n'] : 0; if ($newsletter_id > 0) { $newsletter_member_id = isset($_REQUEST['nm']) ? (int) $_REQUEST['nm'] : 0; $send_id = isset($_REQUEST['s']) ? (int) $_REQUEST['s'] : 0; $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : 0; if ($newsletter_id && $newsletter_member_id && $send_id && $hash) { if (isset($_REQUEST[_MEMBER_HASH_URL_REDIRECT_BITS])) { $correct_hash = self::newsletter_redirect_hash($newsletter_member_id, $send_id); } else { $correct_hash = self::view_online_url($newsletter_id, $newsletter_member_id, $send_id, true); } if ($correct_hash == $hash) { echo module_newsletter::render($newsletter_id, $send_id, $newsletter_member_id, 'view_online'); exit; } } if ($newsletter_id) { echo module_newsletter::render($newsletter_id, $send_id, false, 'view_online'); } } exit; break; } }
$newsletter = module_newsletter::get_newsletter($newsletter_id); // great a new blank send table ready to go (only if user clicks confirm) $send_id = isset($_REQUEST['send_id']) ? (int) $_REQUEST['send_id'] : false; if (!$send_id) { set_error('Sorry no newsletter send id specified'); redirect_browser(module_newsletter::link_open($newsletter_id)); } $send = module_newsletter::get_send($send_id); if ($send['status'] != _NEWSLETTER_STATUS_SENT) { // hasnt sent yet, redirect to the pending watch page. redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id)); } $start_time = $send['start_time']; if (isset($_REQUEST['show'])) { // render the newsletter and display it on screen with nothing else. $content = module_newsletter::render($newsletter_id, $send_id, false, 'preview'); // do the link click overview here: ob_end_clean(); // grab all the links for this send $send_links = get_multiple('newsletter_link', array('send_id' => $send_id)); $links_to_process = array(); $old_links_by_url = array(); foreach ($send_links as $send_link) { // we have to do this because the link processing part puts a unique member id into these unsubscribe/view online links. $parsed_url = preg_replace('#\\&nm=\\d+#', '&nm=', $send_link['link_url']); $parsed_url = preg_replace('#\\&hash=\\w+#', '&nm=', $parsed_url); // how many opens did this one have? $sql = "SELECT COUNT(*) AS `open_count` FROM `" . _DB_PREFIX . "newsletter_link_open` no "; $sql .= " WHERE no.send_id = " . (int) $send_id . " AND no.link_id = " . (int) $send_link['link_id']; $res = qa1($sql); if (!isset($old_links_by_url[$parsed_url])) {
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $module->page_title = _l('Preview'); //print_heading('Newsletter Editor'); $newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false; if (!$newsletter_id) { redirect_browser(module_newsletter::link_list(false)); } //$newsletter = module_newsletter::get_newsletter($newsletter_id); if (isset($_REQUEST['show'])) { // render the newsletter and display it on screen with nothing else. echo module_newsletter::render($newsletter_id, false, false, 'preview'); exit; } ?> <table width="100%" cellpadding="5"> <tbody> <tr> <td width="50%" valign="top"> <?php print_heading(array('type' => 'h2', 'title' => 'Preview Newsletter', 'button' => array('url' => module_newsletter::link_open($newsletter_id), 'title' => 'Return to Editor'))); ?> <iframe src="<?php