$body = trim($_POST['body']);
$alt_body = trim($_POST['alt_body']);
$name = trim($_POST['name']);
$email = trim($_POST['email']);
$cid = $_POST['category'];
$emailtemplate = $_POST['emailtemplate'];
phpsafe($name);
phpsafe($email);
phpsafe($per);
if ($_POST['ex_field'] != "0") {
$ex_field = trim($_POST['ex_field']);
phpsafe($ex_field);
$ext_condition = trim($_POST['ext_condition']);
//phpsafe($ext_condition);
$ext_text = trim($_POST['ext_text']);
phpsafe($ext_text);
} else {
$ex_field = "";
$ext_condition = "";
$ext_text = "";
}
if ($per == "" || $subject == "" || $body == "" || $name == "" || $email == "") {
header("Location:goback.php?action=goback");
exit(0);
}
if (!is_valid_email($email)) {
include "admin.header.inc.php";
echo "<br>The email you have entered is not valid.<br><br><a href=\"javascript:history.back(-1);\">Go Back</a> ";
include "admin.footer.inc.php";
exit(0);
}
exit(0);
}
}
include_once "admin.header.inc.php";
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center"><a href="category_addnew.php">Create new List</a> | <a href="category_viewall.php">Manage all Lists</a> | <a href="configurehtml.php">Subscribe HTML Code </a>| <a href="phpcodesub.php">Automatic Subscribtion PHP Code</a> </td>
</tr>
</table>
<br><br>
<?php
$cat = trim($_POST['category']);
phpSafe($cat);
$existingcatname = $_REQUEST['existingname'];
phpsafe($existingcatname);
if ($cat == "") {
echo "<span class=\"already\">List name cannot be blank. <a href=\"javascript:history.back(-1);\">Go Back</a></span><br><br>";
include_once "admin.footer.inc.php";
exit(0);
}
$id = $_POST['id'];
if ($id == "") {
$id = -1;
}
if (!isValidAccess($id, $CST_MLM_LIST, $table_prefix, $mysql)) {
if ($log_enabled == 1) {
$aid = getAdminId($mysql);
$adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}");
$entityname = $mysql->echo_one("select name from " . $table_prefix . "email_advt_category where id='{$id}'");
if ($entityname != "") {
if (!($inout_username == md5($username) && $inout_password == md5($password))) {
header("Location:index.php");
exit(0);
}
}
include "admin.header.inc.php";
if (isset($_COOKIE['inout_sub_admin'])) {
$aid = getAdminId($mysql);
$adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}");
mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to edit bmh rule','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')");
echo "<br><span class=\"already\">You don't have access to this page</span> <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>";
include_once "admin.footer.inc.php";
exit(0);
}
$id = $_GET['id'];
phpsafe($id);
$result = mysql_query("select * from " . $table_prefix . "bmh_rules where id='{$id}'");
$row = mysql_fetch_row($result);
if (!isset($_GET['type'])) {
$type = "editor";
} else {
$type = $_GET['type'];
}
?>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center"><br /> <a href="create-rule.php"> Add New Rule</a> | <a href="manage-rules.php">Manage Rules </a> </td>
</tr>
</table>
<form action="save-rule.php" method="post" enctype="multipart/form-data" name="form1" onsubmit="return checkNull();">
<input type="hidden" name="id" value="<?php
}
$k += 1;
}
//end of while
$emails .= ",";
} else {
if (isset($_POST['server'])) {
$emails = "" . $allmails . ",";
} else {
if (isset($_GET['val'])) {
$extension = " from ief file";
} else {
$extension = " manually";
}
$emails = trim($_POST['emails']);
phpsafe($emails);
if ($emails == "" && !isset($_POST['add'])) {
echo "Please fill in all mandatory fields.";
?>
<a href="javascript:history.back(-1);">Go Back</a><br>
<?php
include_once "admin.footer.inc.php";
exit(0);
}
$emails = " " . trim($_POST['emails']) . ",";
}
}
}
if (isset($_POST['add'])) {
$tmp = trim($_POST['email0']);
if ($tmp == "") {
