@(list($msgtype, $fwdid, $messageid, $userid) = explode('|', $track));
$userid = sprintf('%d', $userid);
$fwdid = sprintf('%d', $fwdid);
$messageid = sprintf('%d', $messageid);
$linkdata = Sql_Fetch_array_query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['linktrack_forward'], $fwdid));
if (!$fwdid || $linkdata['id'] != $fwdid || !$userid || !$messageid) {
## try the old table to avoid breaking links
$linkdata = Sql_Fetch_array_query(sprintf('select * from %s where linkid = %d and userid = %d and messageid = %d', $GLOBALS['tables']['linktrack'], $fwdid, $userid, $messageid));
if (!empty($linkdata['forward'])) {
## we're not recording clicks, but at least links in older newsletters won't break.
header('Location: ' . $linkdata['forward']);
exit;
}
# echo 'Invalid Request';
# maybe some logging?
FileNotFound();
exit;
}
## hmm a bit heavy to use here @@@optimise
$messagedata = loadMessageData($messageid);
$trackingcode = '';
#print "$track<br/>";
#print "User $userid, Mess $messageid, Link $linkid";
$ml = Sql_Fetch_Array_Query(sprintf('select * from %s where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $messageid, $fwdid));
if (empty($ml['firstclick'])) {
Sql_query(sprintf('update %s set firstclick = now(),latestclick = now(),clicked = clicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
} else {
Sql_query(sprintf('update %s set clicked = clicked + 1, latestclick = now() where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
}
if ($msgtype == 'H') {
Sql_query(sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
function forwardPage($id)
{
global $tables;
$ok = true;
$subtitle = '';
$info = '';
$html = '';
$form = '';
$personalNote = '';
## Check requirements
# message
$mid = 0;
if (isset($_REQUEST['mid'])) {
$mid = sprintf('%d', $_REQUEST['mid']);
$messagedata = loadMessageData($mid);
$mid = $messagedata['id'];
if ($mid) {
$subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
}
}
#mid set
# user
if (!isset($_REQUEST['uid']) || !$_REQUEST['uid']) {
FileNotFound();
}
## get userdata
$req = Sql_Query(sprintf('select * from %s where uniqid = "%s"', $tables['user'], sql_escape($_REQUEST['uid'])));
$userdata = Sql_Fetch_Array($req);
## verify that this subscriber actually received this message to forward, otherwise they're not allowed
$allowed = Sql_Fetch_Row_Query(sprintf('select userid from %s where userid = %d and messageid = %d', $GLOBALS['tables']['usermessage'], $userdata['id'], $mid));
if (empty($userdata['id']) || $allowed[0] != $userdata['id']) {
## when sending a test email as an admin, the entry isn't there yet
if (empty($_SESSION['adminloggedin']) || $_SESSION['adminloggedin'] != $_SERVER['REMOTE_ADDR']) {
FileNotFound('<br/><i>' . $GLOBALS['I18N']->get('When testing the phpList forward functionality, you need to be logged in as an administrator.') . '</i><br/>');
}
}
$firstpage = 1;
## is this the initial page or a followup
# forward addresses
$forwardemail = '';
if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) {
$firstpage = 0;
$forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id']));
$forwardemail = stripslashes($_REQUEST['email']);
$emails = explode("\n", $forwardemail);
$emails = trimArray($emails);
$forwardemail = implode("\n", $emails);
#0011860: forward to friend, multiple emails
$emailCount = $forwardPeriodCount[0];
foreach ($emails as $index => $email) {
$emails[$index] = trim($email);
if (is_email($email)) {
++$emailCount;
} else {
$info .= sprintf('<br />' . $GLOBALS['strForwardInvalidEmail'], $email);
$ok = false;
}
}
if ($emailCount > FORWARD_EMAIL_COUNT) {
$info .= '<br />' . $GLOBALS['strForwardCountReached'];
$ok = false;
}
} else {
$ok = false;
}
#0011996: forward to friend - personal message
# text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max
if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) {
if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) {
$info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached'];
$ok = false;
}
$personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote'])));
$userdata['personalNote'] = $personalNote;
}
if ($userdata['id'] && $mid) {
if ($ok && count($emails)) {
## All is well, send it
require_once 'admin/sendemaillib.php';
#0013845 Lead Ref Scheme
if (FORWARD_FRIEND_COUNT_ATTRIBUTE) {
$iCountFriends = FORWARD_FRIEND_COUNT_ATTRIBUTE;
} else {
$iCountFriends = 0;
}
if ($iCountFriends) {
$nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends));
}
## remember the lists for this message in order to notify only those admins
## that own them
$messagelists = array();
$messagelistsreq = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $mid));
while ($row = Sql_Fetch_Row($messagelistsreq)) {
array_push($messagelists, $row[0]);
}
foreach ($emails as $index => $email) {
#0011860: forward to friend, multiple emails
$done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid));
$info .= '<br />' . $email . ': ';
if ($done['status'] === 'sent') {
$info .= $GLOBALS['strForwardAlreadyDone'];
} elseif (isBlackListed($email)) {
$info .= $GLOBALS['strForwardBlacklistedEmail'];
} else {
if (!TEST) {
# forward the message
# sendEmail will take care of blacklisting
### CHECK $email vs $forwardemail
if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
$info .= $GLOBALS['strForwardSuccessInfo'];
sendAdminCopy(s('Message Forwarded'), s('%s has forwarded message %d to %s', $userdata['email'], $mid, $email), $messagelists);
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
if ($iCountFriends) {
++$nFriends;
}
} else {
$info .= $GLOBALS['strForwardFailInfo'];
sendAdminCopy(s('Message Forwarded'), s('%s tried forwarding message %d to %s but failed', $userdata['email'], $mid, $email), $messagelists);
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
$ok = false;
}
}
}
}
# foreach friend
if ($iCountFriends) {
saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends));
}
}
#ok & emails
} else {
# no valid sender
logEvent(s('Forward request from invalid user ID: %s', substr($_REQUEST['uid'], 0, 150)));
$info .= '<BR />' . $GLOBALS['strForwardFailInfo'];
$ok = false;
}
/*
$data = PageData($id);
if (isset($data['language_file']) && is_file(dirname(__FILE__).'/texts/'.basename($data['language_file']))) {
@include dirname(__FILE__).'/texts/'.basename($data['language_file']);
}
*/
## BAS Multiple Forward
## build response page
$form = '<form method="post" action="">';
$form .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
$form .= sprintf('<input type=hidden name="id" value="%d">', $id);
$form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
$form .= sprintf('<input type=hidden name="p" value="forward">');
if (!$ok) {
#0011860: forward to friend, multiple emails
if (FORWARD_EMAIL_COUNT == 1) {
$form .= '<br /><h2>' . $GLOBALS['strForwardEnterEmail'] . '</h2>';
$form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail);
} else {
$form .= '<br /><h2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</h2>';
$form .= sprintf('<textarea name="email" rows="10" cols="50" class="attributeinput">%s</textarea>', $forwardemail);
}
#0011996: forward to friend - personal message
if (FORWARD_PERSONAL_NOTE_SIZE) {
$form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</h2>', FORWARD_PERSONAL_NOTE_SIZE);
$cols = 50;
$rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40));
$form .= sprintf('<br/><textarea type="text" name="personalNote" rows="%d" cols="%d" class="attributeinput">%s</textarea>', $rows, $cols, $personalNote);
}
$form .= sprintf('<br /><input type="submit" value="%s"></form>', $GLOBALS['strContinue']);
}
### END BAS
### Michiel, remote response page
$remote_content = '';
if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) {
if (isset($regs[1]) && strlen($regs[1])) {
$url = $regs[1];
if (!preg_match('/^http/i', $url)) {
$url = 'http://' . $url;
}
$remote_content = fetchUrl($url);
}
}
if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) {
if ($firstpage) {
## this is the initial page, not a follow up one.
$remote_content = str_replace($regs[0], $info . $form, $remote_content);
} else {
$remote_content = str_replace($regs[0], $info, $remote_content);
}
$res = $remote_content;
} else {
$res = '<title>' . $GLOBALS['strForwardTitle'] . '</title>';
$res .= $GLOBALS['pagedata']['header'];
$res .= '<h3>' . $subtitle . '</h3>';
if ($ok) {
$res .= '<h4>' . $info . '</h4>';
} elseif (!empty($info)) {
$res .= '<div class="error missing">' . $info . '</div>';
}
$res .= $form;
$res .= '<p>' . $GLOBALS['PoweredBy'] . '</p>';
$res .= $GLOBALS['pagedata']['footer'];
}
### END MICHIEL
return $res;
}
function forwardPage($id)
{
global $tables, $envelope;
$html = '';
$subtitle = '';
if (!isset($_GET["uid"]) || !$_GET['uid']) {
FileNotFound();
}
$forwardemail = '';
if (isset($_GET['email'])) {
$forwardemail = $_GET['email'];
}
$mid = 0;
if (isset($_GET['mid'])) {
$mid = sprintf('%d', $_GET['mid']);
$req = Sql_Query(sprintf('select * from %s where id = %d', $tables["message"], $mid));
$messagedata = Sql_Fetch_Array($req);
$mid = $messagedata['id'];
if ($mid) {
$subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
}
}
$req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_GET["uid"] . "\"");
$userdata = Sql_Fetch_Array($req);
$req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user"], $forwardemail));
$forwarduserdata = Sql_Fetch_Array($req);
if ($userdata["id"] && $mid) {
if (!is_email($forwardemail)) {
$info = $GLOBALS['strForwardEnterEmail'];
$html .= '<form method="get">';
$html .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
$html .= sprintf('<input type=hidden name="id" value="%d">', $id);
$html .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
$html .= sprintf('<input type=hidden name="p" value="forward">');
$html .= sprintf('<input type=text name="email" value="%s" size=35 class="attributeinput">', $forwardemail);
$html .= sprintf('<input type=submit value="%s"></form>', $GLOBALS['strContinue']);
} else {
# check whether the email to forward exists and whether they have received the message
if ($forwarduserdata['id']) {
$sent = Sql_Fetch_Row_Query(sprintf('select entered from %s where userid = %d and messageid = %d', $tables['usermessage'], $forwarduserdata['id'], $mid));
# however even if that's the case, we don't want to reveal this information
}
$done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $forwardemail, $mid));
if ($done['status'] === 'sent') {
$info = $GLOBALS['strForwardAlreadyDone'];
} else {
if (!TEST) {
# forward the message
require 'admin/sendemaillib.php';
# sendEmail will take care of blacklisting
if (sendEmail($mid, $forwardemail, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
$info = $GLOBALS["strForwardSuccessInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " has forwarded a message {$mid} to {$forwardemail}");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail));
} else {
$info = $GLOBALS["strForwardFailInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " tried forwarding a message {$mid} to {$forwardemail} but failed");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail));
}
}
}
}
} else {
logEvent("Forward request from invalid user ID: " . substr($_GET["uid"], 0, 150));
$info = $GLOBALS["strForwardFailInfo"];
}
$data = PageData($id);
if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . $data['language_file'])) {
@(include dirname(__FILE__) . '/texts/' . $data['language_file']);
}
$res = '<title>' . $GLOBALS["strForwardTitle"] . '</title>';
$res .= $data["header"];
$res .= '<h1>' . $subtitle . '</h1>';
$res .= '<h2>' . $info . '</h2>';
$res .= $html;
$res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>';
$res .= $data["footer"];
return $res;
}
function PageData($id)
{
global $tables;
$req = Sql_Query(sprintf('select * from %s where id = %d', $tables["subscribepage_data"], $id));
if (!Sql_Affected_Rows()) {
FileNotFound();
exit;
}
while ($row = Sql_Fetch_Array($req)) {
$data[$row["name"]] = preg_replace('/<\\?=VERSION\\?>/i', VERSION, $row["data"]);
}
return $data;
}
function forwardPage($id)
{
global $data, $tables, $envelope;
$ok = true;
$subtitle = '';
$info = '';
$html = '';
$form = '';
## Check requirements
# user
if (!isset($_REQUEST["uid"]) || !$_REQUEST['uid']) {
FileNotFound();
}
$firstpage = 1;
## is this the initial page or a followup
# forward addresses
$forwardemail = '';
if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) {
$firstpage = 0;
$forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id']));
$forwardemail = stripslashes($_REQUEST['email']);
$emails = explode("\n", $forwardemail);
$emails = trimArray($emails);
$forwardemail = implode("\n", $emails);
#0011860: forward to friend, multiple emails
$emailCount = $forwardPeriodCount[0];
foreach ($emails as $index => $email) {
$emails[$index] = trim($email);
if (is_email($email)) {
$emailCount++;
} else {
$info .= sprintf('<BR />' . $GLOBALS['strForwardInvalidEmail'], $email);
$ok = false;
}
}
if ($emailCount > FORWARD_EMAIL_COUNT) {
$info .= '<BR />' . $GLOBALS["strForwardCountReached"];
$ok = false;
}
} else {
$ok = false;
}
# message
$mid = 0;
if (isset($_REQUEST['mid'])) {
$mid = sprintf('%d', $_REQUEST['mid']);
$req = Sql_Query(sprintf('select * from %s where id = %d', $tables["message"], $mid));
$messagedata = Sql_Fetch_Array($req);
$mid = $messagedata['id'];
if ($mid) {
$subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
}
}
#mid set
## get userdata
$req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_REQUEST["uid"] . "\"");
$userdata = Sql_Fetch_Array($req);
$req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user"], $forwardemail));
$forwarduserdata = Sql_Fetch_Array($req);
#0011996: forward to friend - personal message
# text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max
if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) {
if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) {
$info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached'];
$ok = false;
}
$personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote'])));
$userdata['personalNote'] = $personalNote;
}
if ($userdata["id"] && $mid) {
if ($ok && count($emails)) {
## All is well, send it
require 'admin/sendemaillib.php';
#0013845 Lead Ref Scheme
if (FORWARD_FRIEND_COUNT_ATTRIBUTE) {
$iCountFriends = getAttributeIDbyName(FORWARD_FRIEND_COUNT_ATTRIBUTE);
} else {
$iCountFriends = 0;
}
if ($iCountFriends) {
$nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends));
}
#0011860: forward to friend, multiple emails
foreach ($emails as $index => $email) {
#0011860: forward to friend, multiple emails
$done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid));
$info .= '<BR />' . $email . ': ';
if ($done['status'] === 'sent') {
$info .= $GLOBALS['strForwardAlreadyDone'];
} elseif (isBlackListed($email)) {
$info .= $GLOBALS['strForwardBlacklistedEmail'];
} else {
if (!TEST) {
# forward the message
# sendEmail will take care of blacklisting
if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
$info .= $GLOBALS["strForwardSuccessInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " has forwarded a message {$mid} to {$email}");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
if ($iCountFriends) {
$nFriends++;
}
} else {
$info .= $GLOBALS["strForwardFailInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " tried forwarding a message {$mid} to {$email} but failed");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
$ok = false;
}
}
}
}
# foreach friend
if ($iCountFriends) {
saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends));
}
}
#ok & emails
} else {
# no valid sender
logEvent("Forward request from invalid user ID: " . substr($_REQUEST["uid"], 0, 150));
$info .= '<BR />' . $GLOBALS["strForwardFailInfo"];
$ok = false;
}
$data = PageData($id);
if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . basename($data['language_file']))) {
@(include dirname(__FILE__) . '/texts/' . basename($data['language_file']));
}
## BAS Multiple Forward
## build response page
$form = '<form method="post" action="">';
$form .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
$form .= sprintf('<input type=hidden name="id" value="%d">', $id);
$form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
$form .= sprintf('<input type=hidden name="p" value="forward">');
if (!$ok) {
#0011860: forward to friend, multiple emails
if (FORWARD_EMAIL_COUNT == 1) {
$form .= '<BR /><H2>' . $GLOBALS['strForwardEnterEmail'] . '</H2>';
$form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail);
} else {
$form .= '<BR /><H2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</H2>';
$form .= sprintf('<textarea name="email" rows=10 cols=50 class="attributeinput">%s</textarea>', $forwardemail);
}
#0011996: forward to friend - personal message
if (FORWARD_PERSONAL_NOTE_SIZE) {
$form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</H2>', FORWARD_PERSONAL_NOTE_SIZE);
$cols = 50;
$rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40));
$form .= sprintf('<BR/><textarea type=text name="personalNote" rows=%d cols=%d class="attributeinput">%s</textarea>', $rows, $cols, $personalNote);
}
$form .= sprintf('<br /><input type=submit value="%s"></form>', $GLOBALS['strContinue']);
}
### END BAS
### Michiel, remote response page
$remote_content = '';
if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) {
if (isset($regs[1]) && strlen($regs[1])) {
$url = $regs[1];
if (!preg_match('/^http/i', $url)) {
$url = 'http://' . $url;
}
$remote_content = fetchUrl($url);
}
}
if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) {
if ($firstpage) {
## this is the initial page, not a follow up one.
$remote_content = str_replace($regs[0], $info . $form, $remote_content);
} else {
$remote_content = str_replace($regs[0], $info, $remote_content);
}
$res = $remote_content;
} else {
$res = '<title>' . $GLOBALS["strForwardTitle"] . '</title>';
$res .= $data["header"];
$res .= '<h1>' . $subtitle . '</h1>';
if ($ok) {
$res .= '<h2>' . $info . '</h2>';
} else {
$res .= '<div class="missing">' . $info . '</div>';
}
$res .= $form;
$res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>';
$res .= $data["footer"];
}
### END MICHIEL
return $res;
}
function confirmPage($id) {
global $tables,$envelope;
if (!$_GET["uid"])
FileNotFound();
$req = Sql_Query("select * from {$tables["user"]} where uniqid = \"".$_GET["uid"]."\"");
$userdata = Sql_Fetch_Array($req);
if ($userdata["id"]) {
$html = '<ul>';
Sql_Query("update {$tables["user"]} set confirmed = 1 where id = ".$userdata["id"]);
$req = Sql_Query("select name,description from $tables[list],$tables[listuser] where $tables[listuser].userid = ".$userdata["id"] ." and $tables[listuser].listid = $tables[list].id");
if (!Sql_Affected_Rows()) {
$lists = "\n * ".$GLOBALS["strNoLists"];
$html .= '<li>'.$GLOBALS["strNoLists"];
}
while ($row = Sql_fetch_array($req)) {
$lists .= "\n *".$row["name"];
$html .= '<li class="list">'.$row["name"].'<div class="listdescription">'.stripslashes($row["description"]).'</div></li>';
}
$html .= '</ul>';
$spage = $userdata["subscribepage"];
$confirmationmessage = ereg_replace('\[LISTS\]', $lists, getUserConfig("confirmationmessage:$spage",$userdata["id"]));
if (!TEST) {
sendMail($userdata["email"], getConfig("confirmationsubject:$spage"), $confirmationmessage,system_messageheaders(),$envelope);
sendAdminCopy("List confirmation",$userdata["email"] . " has confirmed their subscription");
}
$info = $GLOBALS["strConfirmInfo"];
} else {
$html .= 'Error: '.$GLOBALS["strUserNotFound"];
$info = $GLOBALS["strConfirmFailInfo"];
}
$data = PageData($id);
$res = '<title>'.$GLOBALS["strConfirmTitle"].'</title>';
$res .= $data["header"];
$res .= '<h1>'.$info.'</h1>';
$res .= $html;
$res .= "<P>".$GLOBALS["PoweredBy"].'</p>';
$res .= $data["footer"];
return $res;
}
