function subscribeToList($emails, $mysql, $table_prefix, $CST_MLM_SUBSCRIPTION, $log_enabled, $defaultname, $confirm_subscription, $dirpath, $cid) { global $admin_general_notification_email, $already_added_list, $newly_added_list; $catlist = ""; $sendmail = 0; $confirm = $confirm_subscription; // get value from configuration file. if ($emails != "" && is_valid_email($emails)) { if ($mysql->total("" . $table_prefix . "email_advt", "email='{$emails}'") == 0) { $ti = time(); mysql_query("INSERT INTO `" . $table_prefix . "email_advt` ( `id` , `email` , `unsubstatus` , `time` )VALUES ('', '{$emails}', '{$confirm}', '" . $ti . "');"); $roww = $mysql->select_last_row("" . $table_prefix . "email_advt", "id"); $id = $roww[0]; if ($confirm == 1) { //sendConfirmationMail ($defaultname,$id,$emails,$dirpath,$ti,$cid); $sendmail = 1; } $roww = $mysql->select_last_row("" . $table_prefix . "email_advt", "id"); $id = $roww[0]; if (isset($_POST['name'])) { $var = trim($_POST['name']); if ($var != "") { mysql_query("insert into " . $table_prefix . "ea_extraparam values('','{$id}','name','{$var}');"); } } $extrafields = mysql_query("select * from " . $table_prefix . "extra_personal_info order by id "); while ($fielddetails = mysql_fetch_row($extrafields)) { $reqParamName = "extra_personal_info" . $fielddetails[0]; if (isset($_POST[$reqParamName])) { $var = trim($_POST[$reqParamName]); phpSafe($var); if ($var != "") { mysql_query("insert into " . $table_prefix . "ea_extraparam values('','{$id}','{$fielddetails['1']}','{$var}');"); } } } } else { //check whether unsubscribed; if so make status subscribed $id = $mysql->echo_one("select id from`" . $table_prefix . "email_advt` where email='{$emails}'"); //$ti=$mysql->echo_one("select time from`".$table_prefix."email_advt` where email='$emails'"); $ti = time(); if ($mysql->total("" . $table_prefix . "email_advt", "id='{$id}' and unsubstatus='1'") != 0) { if ($confirm != 1) { mysql_query("update `" . $table_prefix . "email_advt` set unsubstatus='0',time='{$ti}' where id='{$id}'"); } else { mysql_query("update `" . $table_prefix . "email_advt` set time='{$ti}' where id='{$id}'"); //sendConfirmationMail ($defaultname,$id,$emails,$dirpath,$ti,$cid); $sendmail = 1; } } if (isset($_POST['name'])) { $var = trim($_POST['name']); if (str_replace(" ", "", $var) == "") { mysql_query("delete from " . $table_prefix . "ea_extraparam where eid='{$id}' and name='name'"); } else { if ($mysql->total("" . $table_prefix . "ea_extraparam", "eid='{$id}' AND name='name'") == 0) { mysql_query("insert into " . $table_prefix . "ea_extraparam values('','{$id}','name','{$var}');"); } else { mysql_query("update `" . $table_prefix . "ea_extraparam` set value='{$var}' where eid='{$id}' AND name='name'"); } } } $extrafields = mysql_query("select * from " . $table_prefix . "extra_personal_info order by id "); while ($fielddetails = mysql_fetch_row($extrafields)) { $reqParamName = "extra_personal_info" . $fielddetails[0]; if (isset($_POST[$reqParamName])) { $var = trim($_POST[$reqParamName]); phpSafe($var); if (str_replace(" ", "", $var) == "") { mysql_query("delete from " . $table_prefix . "ea_extraparam where eid='{$id}' and name='{$fielddetails['1']}'"); } else { if ($mysql->total("" . $table_prefix . "ea_extraparam", "eid='{$id}' and name='{$fielddetails['1']}'") == 0) { mysql_query("insert into " . $table_prefix . "ea_extraparam values('','{$id}','{$fielddetails['1']}','{$var}')"); } else { mysql_query("update " . $table_prefix . "ea_extraparam set value ='{$var}' where eid='{$id}' and name='{$fielddetails['1']}' "); } } } } } // $catId = $_GET['cid']; $catId = $cid; $catIdArr = explode(",", $catId); $cnt = count($catIdArr); for ($i = 0; $i < $cnt; $i++) { $curr_stat_res = mysql_query("select id,unsubstatus from " . $table_prefix . "ea_em_n_cat where cid='{$catIdArr[$i]}' and eid='{$id}'"); if (mysql_num_rows($curr_stat_res) > 0) { $curr_stat_row = mysql_fetch_row($curr_stat_res); } //print_r($curr_stat_row);die; if (mysql_num_rows($curr_stat_res) == 0) { //echo "1";die; $catlist .= " " . $mysql->echo_one("select name from `" . $table_prefix . "email_advt_category` where id='{$catIdArr[$i]}'") . ","; mysql_query("insert into " . $table_prefix . "ea_em_n_cat values('','{$id}','{$catIdArr[$i]}',{$confirm},{$ti})"); if ($confirm == 1) { $sendmail = 1; } } elseif ($curr_stat_row[1] == 1) { //echo "2";die; $catlist .= " " . $mysql->echo_one("select name from `" . $table_prefix . "email_advt_category` where id='{$catIdArr[$i]}'") . ","; if ($confirm != 1) { mysql_query("update `" . $table_prefix . "ea_em_n_cat` set unsubstatus='0',time='{$ti}' where eid='{$id}' and cid={$catIdArr[$i]}"); } else { mysql_query("update `" . $table_prefix . "ea_em_n_cat` set time='{$ti}' where eid='{$id}' and cid={$catIdArr[$i]}"); $sendmail = 1; } } else { $already_added_list .= " " . $mysql->echo_one("select name from `" . $table_prefix . "email_advt_category` where id='{$catIdArr[$i]}'") . ","; } } if ($already_added_list != "") { $already_added_list = trim(substr($already_added_list, 0, strrpos($already_added_list, ","))); } if ($catlist != "") { $catlist = trim(substr($catlist, 0, strrpos($catlist, ","))); $newly_added_list = $catlist; if ($log_enabled == 1) { mysql_query("insert into " . $table_prefix . "admin_log_info values('','-1','{$emails} subscribed(html) to {$catlist}','" . time() . "','{$CST_MLM_SUBSCRIPTION}')"); } echo mysql_error(); if ($confirm != 1) { $msg = "\n\t\nHello,\n\nThe following user has subscribed to the list(s) \"{$catlist}\".\n\nEmail\t\t \t: {$emails}\n\nLogin to the admin area to see his details.\n\nRegards,\nInout Mailing List Manager"; $headers = ""; $headers .= "From: {$admin_general_notification_email}\n"; $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-Type: text/plain; charset=\"UTF-8\"\n"; $headers .= "Content-Transfer-Encoding: 8bit\n"; if (trim($admin_general_notification_email) != "") { global $smtpmailer; global $smtp_host; global $smtp_port; global $smtp_auth; global $smtp_user; global $smtp_pass; global $smtp_secure; global $flag_var; if ($smtpmailer == 1 && $flag_var == 1) { $mail = new PHPMailer(true); //$mail->SMTPDebug = 2; // enables SMTP debug information (for testing) $mail->IsSMTP(); // set mailer to use SMTP $mail->Host = $smtp_host; // specify SMTP mail server $mail->Port = $smtp_port; // specify SMTP Port $mail->SMTPAuth = $smtp_auth; // turn on SMTP authentication $mail->Username = $smtp_user; //Full SMTP username $mail->Password = $smtp_pass; //SMTP password //if($smtp_secure ) $mail->SMTPSecure = $smtp_secure; // sets the prefix to the servier $mail->From = "{$smtp_user}"; $mail->FromName = ""; //$mail->Sender =$error_ret_mail; $mail->AddAddress($admin_general_notification_email); $mail->AddReplyTo($mail->From, $mail->FromName); //$mail->WordWrap = 50; //optional, you can delete this line //$mail->IsHTML(true); //set email format to HTML $mail->Subject = "New subscription"; $mail->Body = $msg; //html body //$mail->AltBody = $content; //plain text body $send_res = $mail->Send(); } else { mail($admin_general_notification_email, "New subscription", $msg, $headers); } } } } if ($sendmail == 1) { sendConfirmationMail($defaultname, $id, $emails, $dirpath, $ti, $cid); } } }
$entityname = $mysql->echo_one("select cname from " . $table_prefix . "email_advt_curr_run where id={$id}"); if ($entityname != "") { mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to edit the campaign {$entityname}(id:" . $id . ")','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')"); } } include_once "admin.header.inc.php"; ?> <br><span class="already"> You dont have access to this campaign. <a href="javascript:history.back(-1);">Go Back</a></span><br><br> <?php include_once "admin.footer.inc.php"; exit(0); } $cname = ""; if (isset($_POST['cname'])) { $cname = $_POST['cname']; phpSafe($cname); } //echo $cname; //phpSafe($subject); if (!get_magic_quotes_gpc()) { $subject = mysql_real_escape_string($subject); } if (!get_magic_quotes_gpc()) { $body = mysql_real_escape_string($body); $alt_body = mysql_real_escape_string($alt_body); } $existingcname = $_REQUEST['existingname']; if (mysql_query("UPDATE `" . $table_prefix . "email_advt_curr_run` set total={$total}, emailsperrun={$per}, sendername='{$name}', senderemail='{$email}', subject='{$subject}', body='{$body}', html={$_POST['html']}, cname='{$cname}',extra_field ='{$ex_field}',ex_condition='{$ext_condition}' ,ex_value='{$ext_text}',email_template='{$emailtemplate}',alt_body='{$alt_body}' where id={$id}")) { if ($cid != 0) { //echo "update ".$table_prefix."ea_cnc set catid=$cid where campid=$id"; $updated_rows = mysql_query("update " . $table_prefix . "ea_cnc set catid={$cid} where campid={$id}");
if (!($inout_username == md5($username) && $inout_password == md5($password))) { header("Location:index.php"); exit(0); } } include "admin.header.inc.php"; if (isset($_COOKIE['inout_sub_admin'])) { $aid = getAdminId($mysql); $adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}"); mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to modify sub-admin details','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')"); echo "<br><span class=\"already\">You don't have access to this page</span> <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $id = $_REQUEST['id']; phpSafe($id); $email = $mysql->echo_one("select email from {$table_prefix}" . "subadmin_details where id ='{$id}'"); if ("" == $email) { echo "<br><span class=\"already\">Please select an administrator.<a href=\"javascript:history.back(-1);\">Go Back</a></span><br><br>"; include "admin.footer.inc.php"; exit(0); } ?> <style type="text/css"> <!-- .style1 {color: #FF0000} .style2 { font-size: 18px; color: #333333; } -->
$adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}"); mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to edit extra parameter','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')"); echo "<br><span class=\"already\">You don't have access to this page</span> <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } ?> <style type="text/css"> <!-- .style4 {color: #FF0000} --> </style> <?php $msg = ""; $fieldname = trim($_POST['info']); phpSafe($fieldname); $type = $_POST['select']; if ($type == 1 || $type == 2) { $defaultvalue = trim($_POST['value']); } else { $defaultvalue = ""; } if ($type == 3) { $dvalue = trim($_POST['values']); } else { $dvalue = ""; } if ($type == 3 && $dvalue == "") { ?> <span class="already"><br><br> Please fill all mandatory fields !</span> <?php
include_once "admin.header.inc.php"; if (isset($_COOKIE['inout_sub_admin'])) { $aid = getAdminId($mysql); $adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}"); mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to add extra parameter','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')"); echo "<br><span class=\"already\">You don't have access to this page</span> <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $info = trim($_POST['info']); $value = trim($_POST['value']); $type = $_POST['select']; $dvalue = trim($_POST['values']); phpSafe($info); phpSafe($value); phpSafe($dvalue); if ($type == 3 && $dvalue == "") { ?> <span class="already"><br><br> Please fill all mandatory fields !</span> <?php echo "<a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $information = "{" . str_replace(" ", "", strtoupper($info)) . "}"; if ($info == "") { ?> <br><span class="already">Go back and fill all mandatory fields</span> <?php echo " <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; } else {
} else { if (!($inout_username == md5($username) && $inout_password == md5($password))) { header("Location:index.php"); exit(0); } } include_once "admin.header.inc.php"; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center"><a href="category_addnew.php">Create new List</a> | <a href="category_viewall.php">Manage all Lists</a> | <a href="configurehtml.php">Subscribe HTML Code </a>| <a href="phpcodesub.php">Automatic Subscribtion PHP Code</a> </td> </tr> </table> <?php $cat = trim($_POST['category']); phpSafe($cat); if ($cat !== "") { if ($mysql->total("" . $table_prefix . "email_advt_category", "name='{$cat}'") == 0) { mysql_query("insert into " . $table_prefix . "email_advt_category values('','{$cat}','" . time() . "')"); $aid = 0; if (isset($_COOKIE['inout_sub_admin'])) { $aid = getAdminId($mysql); $id = $mysql->echo_one("select id from " . $table_prefix . "email_advt_category where name='{$cat}'"); $uid = getAdminId($mysql); mysql_query("insert into " . $table_prefix . "admin_access_control values('','{$uid}','{$id}')"); } if ($log_enabled == 1) { mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','List created:" . $cat . "','" . time() . "','{$CST_MLM_LIST}')"); } echo " <br><br> <span class=\"inserted\">New email list '{$cat}' has been added successfully.</span><br><br>"; include_once "admin.footer.inc.php";
$extension = "from db"; $server = trim($_POST['server']); $user = trim($_POST['user']); $pass = trim($_POST['pass']); $db = trim($_POST['db']); $table = trim($_POST['table']); $fldem = trim($_POST['fldem']); $fldname = ""; $secname = ""; if (isset($_POST['fldname'])) { $fldname = trim($_POST['fldname']); phpSafe($fldname); } if (isset($_POST['secname'])) { $secname = trim($_POST['secname']); phpSafe($secname); } if ($server == "" || $user == "" || $db == "" || $table == "" || $fldem == "") { echo "Please complete the database info."; ?> <a href="javascript:history.back(-1);">Go Back</a><br><br> <?php include_once "admin.footer.inc.php"; exit(0); } $extrafields = mysql_query("select * from " . $table_prefix . "extra_personal_info order by id "); $fieldnames = ""; $arrfielddetails[] = array(); $loopvar = 0; while ($fielddetails = mysql_fetch_row($extrafields)) { $arrfielddetails[$loopvar] = trim($_POST["extra_personal_info" . $fielddetails[0]]);
exit(0); } } include_once "admin.header.inc.php"; ?> <link href="style.css" rel="stylesheet" type="text/css"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center"><a href="category_addnew.php">Create new List</a> | <a href="category_viewall.php">Manage all Lists</a> | <a href="configurehtml.php">Subscribe HTML Code </a>| <a href="phpcodesub.php">Automatic Subscribtion PHP Code</a> </td> </tr> </table> <?php $email = trim($_POST['email']); $name = trim($_POST['name']); phpSafe($email); phpSafe($name); $resultstring = ""; $result = mysql_query("select * from " . $table_prefix . "email_advt_category order by name"); if (isset($_COOKIE['inout_sub_admin'])) { $subAdminId = getAdminId($mysql); $result = mysql_query("SELECT a.*\tFROM " . $table_prefix . "email_advt_category a inner join \n\t\t( SELECT eid FROM " . $table_prefix . "admin_access_control where aid={$subAdminId} ) b\n\t\ton a.id=b.eid order by a.name"); } $i = 0; while ($row = mysql_fetch_row($result)) { if (isset($_POST["List" . $i])) { $id = $row[0]; $resultstring .= $id . ","; } $i += 1; } if ($resultstring == "" || $email == "") {
--> </style> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center"><a href="create_new_sub_admin.php" >Create New Administrator</a> | <a href="manage_sub_admins.php" >Manage Administrators</a></td> </tr> </table> <?php $username = trim($_POST['username']); $password = trim($_POST['password']); $password1 = trim($_POST['password1']); $email = trim($_POST['email']); phpSafe($username); phpSafe($password); phpSafe($password1); phpSafe($email); if ($username == "" || $password == "" || $password1 == "" || $email == "") { echo "<br><span class=\"already\">Please go back and check whether you fill all manadatory fields!</span><a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } if ($password1 != $password) { echo "<br><span class=\"already\">Password and confirm password don't match!</span><a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $valid = is_valid_email($email); if ($valid == false) { echo "<br><span class=\"already\">Please enter valid email!</span><a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0);