function AddCustomFields() { global $Email_Address, $Responder_ID; global $FirstName, $LastName, $DB_LinkID, $table_prefix; $infrespcustomfields = $table_prefix . 'InfResp_customfields'; $CustomFieldsArray = GetFieldNames($infrespcustomfields); $CustomFieldsExist = FALSE; foreach ($CustomFieldsArray as $key => $value) { $blah = "cf_" . $value; $reqblah = trim($_REQUEST[$blah]); if (!empty($reqblah)) { $CustomFieldsArray[$value] = MakeSafe($reqblah); $CustomFieldsExist = TRUE; } } # Any custom fields? if ($CustomFieldsExist == TRUE) { #------------- Mandatory fields checking ------------------ # if (empty($CustomFieldsArray['blah'])) { die('Error Message'); } #---------------------------------------------------------- # --- Custom code --- $Fullname = "{$FirstName} {$LastName}"; $CustomFieldsArray['full_name'] = $Fullname; # ------------------- # Set static data $CustomFieldsArray['email_attached'] = $Email_Address; $CustomFieldsArray['resp_attached'] = $Responder_ID; unset($CustomFieldsArray['fieldID']); unset($CustomFieldsArray['user_attached']); # Delete any old data $query = "SELECT * FROM " . $infrespcustomfields . " WHERE email_attached = '{$Email_Address}' AND resp_attached = '{$Responder_ID}'"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); if (mysql_num_rows($result) > 0) { $query = "DELETE FROM " . $infrespcustomfields . " WHERE email_attached = '{$Email_Address}' AND resp_attached = '{$Responder_ID}'"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); } # Insert new data DB_Insert_Array($infrespcustomfields, $CustomFieldsArray); } }
$mail_body = imap_fetchbody($conn, $i, 0); $subject = MakeSafe($mailHeader->subject); $date = MakeSafe($mailHeader->date); $mail_body = MakeSafe($mail_body); $from = $mailHeader->from; foreach ($from as $id => $object) { $fromname = $object->personal; $fromaddress = $object->mailbox . "@" . $object->host; $fromhost = $object->host; } $fromname = preg_replace("/\\{.*\\}/i", "", $fromname); $fromname = preg_replace("/\\(.*\\)/i", "", $fromname); $fromname = preg_replace("/\\[.*\\]/i", "", $fromname); $fromname = preg_replace("/<.*>/i", "", $fromname); $fromname = MakeSafe($fromname); $Email_Address = MakeSafe($fromaddress); $IsEmail = eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)+\$", $fromname); if ($IsEmail == 1) { $FirstName = $fromname; $LastName = ''; } else { $Comma_List = explode(',', trim($fromname)); $Comma_MaxIndex = sizeof($Comma_List); if ($Comma_MaxIndex > 1) { $FirstName = ''; $LastName = $Comma_List[0]; for ($j = 1; $j <= $Comma_MaxIndex - 1; $j++) { $FirstName .= ' '; $FirstName .= $Comma_List[$j]; } if ($DB_ConcatMid != 1) {
$action = strtolower(MakeSafe($_REQUEST['action'])); # Not logged in? // if (!($Is_Auth = User_Auth())) {admin_redirect();} # MOD now capability check if (!current_user_can('manage_options')) { admin_redirect(); } # Top template $help_section = "blacklist"; include 'templates/open.page.php'; // include('templates/controlpanel.php'); echo '<table width="550">'; echo '<tr bgcolor="#1EABDF" height="54"><td align="center"><font color="#FFFFFF" style="font-size:18px;">Blacklist Controls</font></td></tr>'; echo '<tr><td>'; # Set address $address = MakeSafe($_REQUEST['address']); # Process actions if ($action == "add" && isEmail($address)) { $query = "SELECT * FROM " . $infrespblacklist . " WHERE EmailAddress = '{$address}'"; $DB_result = mysql_query($query) or die("Invalid query: " . mysql_error()); if (mysql_num_rows($DB_result) > 0) { print "<br /><center><strong>That address is already in the blacklist!</strong></center><br />\n"; inf_resp_message_box('That address is already in the blacklist!'); } else { $query = "INSERT INTO " . $infrespblacklist . " (EmailAddress) VALUES ('{$address}')"; $DB_result = mysql_query($query) or die("Invalid query: " . mysql_error()); // print "<br /><center><strong>Address added!</strong></center><br />\n"; inf_resp_message_box('Address blacklisted!'); # Remove from subscriber and custom fields tables $query = "DELETE FROM " . $infrespsubscribers . " WHERE EmailAddress = '{$address}'"; $DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
if (preg_match("/" . $pattern . "/ims", $mail_body) == TRUE) { $matched = TRUE; } } if ($matched == TRUE) { # Got a match, grab the email address. if (preg_match("/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z0-9.-]+\$/i", $mail_body, $matches)) { $bounced_address = $matches[0]; $bounced_address = str_replace('(', "", $bounced_address); $bounced_address = str_replace(')', "", $bounced_address); $bounced_address = str_replace('<', "", $bounced_address); $bounced_address = str_replace('>', "", $bounced_address); # Add the email address into the array if it's not there. if (!IsInArray($bounced_addy_array, $bounced_address)) { # echo "bounced: $bounced_address <br>\n"; $bounced_addy_array[] = MakeSafe($bounced_address); } } # Delete just bounces? if ($bouncer['DeleteLevel'] == "1") { @imap_delete($conn, $i); } } # Delete all? if ($bouncer['DeleteLevel'] == "2") { @imap_delete($conn, $i); } } # Expunge and close. @imap_expunge($conn); @imap_close($conn);
$query = "SELECT * FROM " . $infrespbounceregs . " WHERE RegX = '{$regexp}'"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); if (mysql_num_rows($result) > 0) { # Print msg inf_resp_message_box("That RegExp already exists."); // print "<p class=\"big_header\">That Regexp Already Exists!</p>\n"; } else { $query = "INSERT INTO " . $infrespbounceregs . " (RegX) VALUES ('{$regexp}')"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); $regx_id = mysql_insert_id(); # Print msg inf_resp_message_box("RegExp added."); // print "<p class=\"big_header\">Regexp Added!</p>\n"; } } elseif ($action == "remove") { $regexp_id = MakeSafe($_REQUEST['regx']); if (regexp_exists($regexp_id)) { # Delete from the regexp table $query = "DELETE FROM " . $infrespbounceregs . " WHERE BounceRegexpID = '{$regexp_id}'"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); # Print msg inf_resp_message_box("Bouncer RegExp deleted."); // print "<p class=\"big_header\">Bouncer Regexp Deleted!</p>\n"; } else { # Print msg inf_resp_message_box("That RegExp wasn't found."); // print "<p class=\"big_header\">That Regexp Wasn't Found!</p>\n"; } } print "<p class=\"big_header\">- Bouncer RegExps -</p>\n"; $query = "SELECT * FROM " . $infrespbounceregs;
admin_redirect(); } $ResponderInfo = GetResponderInfo($Responder_ID); $user = MakeSafe($_REQUEST['pop3_user']); $pass = MakeSafe($_REQUEST['pop3_pw']); $Mbox = MakeSafe($_REQUEST['pop3_box']); $host = MakeSafe($_REQUEST['pop3_host']); $port = MakeSafe($_REQUEST['pop3_port']); $spam = MakeSafe($_REQUEST['pop3_spam']); $cmid = MakeSafe($_REQUEST['pop3_cmid']); $type = strtolower(MakeSafe($_REQUEST['pop3_type'])); $POP3_ID = MakeSafe($_REQUEST['pop3_ID']); # $HandleHTML, $deletemsgs, $confirmjoin, $enabled $deletemsgs = MakeSafe($_REQUEST['pop3_deletemsgs']); $confirmjoin = MakeSafe($_REQUEST['pop3_confirmjoin']); $enabled = MakeSafe($_REQUEST['pop3_enabled']); if ($deletemsgs == 1) { } else { $deletemsgs = 0; } if ($confirmjoin == 1) { } else { $confirmjoin = 0; } if ($enabled == 1) { } else { $enabled = 0; } if ($cmid != 1) { $cmid = 0; }
$abs_directory = $abs_directory . "/" . $abs_directory_array[$i]; } $max_i = sizeof($abs_directory_array) - 1; $abs_file = $abs_directory_array[$max_i]; } # Top template include 'templates/open.page.php'; # Save data? print "<br>\n"; if ($_REQUEST['action'] == "save") { # Clean the data $config_fields = get_db_fields($infrespconfig); foreach ($_REQUEST as $name => $value) { $name = strtolower($name); if ($config_fields['hash'][$name] == TRUE) { $form[$name] = MakeSafe($value); } } if (!is_numeric($form['add_sub_size'])) { $form['add_sub_size'] = 5; } if (!is_numeric($form['subs_per_page'])) { $form['subs_per_page'] = 25; } if (!is_numeric($form['last_activity_trim'])) { $form['last_activity_trim'] = 6; } if ($form['last_activity_trim'] > 120) { $form['last_activity_trim'] = 0; } # Save the data
} else { echo "<font color=#ee0000;><b>Warning:</b></font> Image file not found:<br><i>" . $thisfile . "</i><br>"; } } else { echo "<font color=#ee0000;><b>Warning:</b></font> External image URL:<br><i>" . $image . "</i><br>"; } } } $P_months = MakeSafe($_REQUEST['months']); $P_weeks = MakeSafe($_REQUEST['weeks']); $P_days = MakeSafe($_REQUEST['days']); $P_hours = MakeSafe($_REQUEST['hours']); $P_min = MakeSafe($_REQUEST['min']); $P_absday = MakeSafe($_REQUEST['abs_day']); $P_abshours = MakeSafe($_REQUEST['abs_hours']); $P_absmin = MakeSafe($_REQUEST['abs_min']); if (!is_numeric($P_months)) { $P_months = 0; } if (!is_numeric($P_weeks)) { $P_weeks = 0; } if (!is_numeric($P_days)) { $P_days = 0; } if (!is_numeric($P_hours)) { $P_hours = 0; } if (!is_numeric($P_min)) { $P_min = 0; }
$Space_MaxIndex = sizeof($Space_List); if (empty($passed['LAST'])) { $passed['LAST'] = $Space_List[$Space_MaxIndex - 1]; } if (empty($passed['FIRST'])) { $passed['FIRST'] = ''; for ($k = 0; $k <= $Space_MaxIndex - 2; $k++) { $passed['FIRST'] = $passed['FIRST'] . ' ' . $Space_List[$k]; } $passed['FIRST'] = trim($passed['FIRST']); } } } # Create the safe data array foreach ($passed as $key => $value) { $safe[$key] = MakeSafe($value); } if (!isInBlacklist($safe['EMAIL'])) { # Get old responder info $got_custom_fields = FALSE; $user_data = array(); $custom_fields = array(); $resp_list = ""; foreach ($responder_list as $idx => $resp_num) { $resp_list = $resp_list . "'" . $resp_num . "',"; } $resp_list = trim($resp_list, ","); $query = "SELECT * FROM " . $infrespsubscribers . " WHERE (EmailAddress = '" . $safe['EMAIL'] . "') AND ResponderID IN (" . $resp_list . ")"; # echo $query . "<br>\n"; $result = mysql_query($query) or die("Invalid query: " . mysql_error()); if (mysql_num_rows($result) > 0) {
# Modified 07/15/2013 by Plugin Review Network # ------------------------------------------------ # Modified by Infinity Responder development team: 2009-06-04 # License and copyright: # See license.txt for license information. # ------------------------------------------------ if (!function_exists('add_action')) { die; } include 'config.php'; # MOD new tables include WP prefix global $table_prefix; $infresponders = $table_prefix . 'InfResp_responders'; include 'templates/open.page.php'; $Responder_ID = MakeSafe($_REQUEST['r_ID']); $action = MakeSafe($_REQUEST['action']); # ---------------------------------------------------------------------------------- # Anti-spam phrase. It's added to the end of all email addressed to make it more # difficult for spammers to harvest the addresses. # $antispam = ""; # To disable anti-spam. # $antispam = "@nospam"; # # ---------------------------------------------------------------------------------- if ($action == "subscribe") { # -------------------------------------------------------------------------------- print "<br><font color=\"#666666\">\n"; print "<center>\n"; print "<table cellspacing=\"10\" bgcolor=\"#CCCCCC\" style=\"border: 1px solid #000000;\"><tr><td>\n"; // MOD ACTION print "<form action=\"{$siteURL}/?infresp=s\" method=GET>\n";
} } $display_it = TRUE; include 'templates/customedit.admin.php'; # Back button print "<br> \n"; $return_action = "sub_edit"; include 'templates/back_button.admin.php'; } elseif ($action == "custom_edit_do") { # Get the fields $CustomFieldsArray = GetFieldNames($infrespcustomfields); foreach ($CustomFieldsArray as $key => $value) { $blah = "cf_" . $value; $reqblah = trim($_REQUEST[$blah]); if (!empty($reqblah)) { $DBarray[$value] = MakeSafe($reqblah); } } # Set static info $DBarray['user_attached'] = $Subscriber_ID; $DBarray['resp_attached'] = $Responder_ID; $DBarray['email_attached'] = $Search_EmailAddress; # Update the data if (is_numeric($Subscriber_ID)) { $where = "user_attached = '{$Subscriber_ID}'"; } else { $where = "resp_attached = '{$Responder_ID}' AND email_attached = '{$Search_EmailAddress}'"; } DB_Update_Array($infrespcustomfields, $DBarray, $where); # MOD set message $_SESSION['inf_resp'] = "Custom Fields Updated.";
# foreach ($this_msg as $key => $value) { # echo $key . " - " . $value . "<br>\n"; # } # Show the template include 'templates/edit.mailbursts.php'; } elseif ($action == "do_edit" && mail_msg_exists($mail_id)) { # Sanitize the input $P_subj = MakeSemiSafe($_REQUEST['subj']); # MOD removed MakeSemiSafe filter - ruining mails! $P_bodytext = trim($_REQUEST['bodytext']); $P_bodyhtml = trim($_REQUEST['bodyhtml']); $send_month = strtolower(MakeSafe($_REQUEST['send_month'])); $send_day = MakeSafe($_REQUEST['send_day']); $send_year = MakeSafe($_REQUEST['send_year']); $send_hour = MakeSafe($_REQUEST['send_hour']); $send_min = MakeSafe($_REQUEST['send_min']); if (!is_numeric($send_day)) { $send_day = date('d', time()); } if (!is_numeric($send_year)) { $send_year = date('Y', time()); } if (!is_numeric($send_hour)) { $send_hour = date('h', time()); } if (!is_numeric($send_min)) { $send_min = date('i', time()); } if ($send_month != 'january' && $send_month != 'february' && $send_month != 'march' && $send_month != 'april' && $send_month != 'may' && $send_month != 'june' && $send_month != 'july' && $send_month != 'august' && $send_month != 'september' && $send_month != 'october' && $send_month != 'november' && $send_month != 'december') { $send_month = strtolower(date('F', time())); }