$body = trim($_POST['body']); $alt_body = trim($_POST['alt_body']); $name = trim($_POST['name']); $email = trim($_POST['email']); $cid = $_POST['category']; $emailtemplate = $_POST['emailtemplate']; phpsafe($name); phpsafe($email); phpsafe($per); if ($_POST['ex_field'] != "0") { $ex_field = trim($_POST['ex_field']); phpsafe($ex_field); $ext_condition = trim($_POST['ext_condition']); //phpsafe($ext_condition); $ext_text = trim($_POST['ext_text']); phpsafe($ext_text); } else { $ex_field = ""; $ext_condition = ""; $ext_text = ""; } if ($per == "" || $subject == "" || $body == "" || $name == "" || $email == "") { header("Location:goback.php?action=goback"); exit(0); } if (!is_valid_email($email)) { include "admin.header.inc.php"; echo "<br>The email you have entered is not valid.<br><br><a href=\"javascript:history.back(-1);\">Go Back</a> "; include "admin.footer.inc.php"; exit(0); }
exit(0); } } include_once "admin.header.inc.php"; ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center"><a href="category_addnew.php">Create new List</a> | <a href="category_viewall.php">Manage all Lists</a> | <a href="configurehtml.php">Subscribe HTML Code </a>| <a href="phpcodesub.php">Automatic Subscribtion PHP Code</a> </td> </tr> </table> <br><br> <?php $cat = trim($_POST['category']); phpSafe($cat); $existingcatname = $_REQUEST['existingname']; phpsafe($existingcatname); if ($cat == "") { echo "<span class=\"already\">List name cannot be blank. <a href=\"javascript:history.back(-1);\">Go Back</a></span><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $id = $_POST['id']; if ($id == "") { $id = -1; } if (!isValidAccess($id, $CST_MLM_LIST, $table_prefix, $mysql)) { if ($log_enabled == 1) { $aid = getAdminId($mysql); $adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}"); $entityname = $mysql->echo_one("select name from " . $table_prefix . "email_advt_category where id='{$id}'"); if ($entityname != "") {
if (!($inout_username == md5($username) && $inout_password == md5($password))) { header("Location:index.php"); exit(0); } } include "admin.header.inc.php"; if (isset($_COOKIE['inout_sub_admin'])) { $aid = getAdminId($mysql); $adminname = $mysql->echo_one("select username from " . $table_prefix . "subadmin_details where id={$aid}"); mysql_query("insert into " . $table_prefix . "admin_log_info values('','{$aid}','{$adminname} attempted unauthorized access to edit bmh rule','" . time() . "','{$CST_MLM_ADMIN_MANAGEMENT}')"); echo "<br><span class=\"already\">You don't have access to this page</span> <a href=\"javascript:history.back(-1);\">Go Back</a><br><br>"; include_once "admin.footer.inc.php"; exit(0); } $id = $_GET['id']; phpsafe($id); $result = mysql_query("select * from " . $table_prefix . "bmh_rules where id='{$id}'"); $row = mysql_fetch_row($result); if (!isset($_GET['type'])) { $type = "editor"; } else { $type = $_GET['type']; } ?> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td align="center"><br /> <a href="create-rule.php"> Add New Rule</a> | <a href="manage-rules.php">Manage Rules </a> </td> </tr> </table> <form action="save-rule.php" method="post" enctype="multipart/form-data" name="form1" onsubmit="return checkNull();"> <input type="hidden" name="id" value="<?php
} $k += 1; } //end of while $emails .= ","; } else { if (isset($_POST['server'])) { $emails = "" . $allmails . ","; } else { if (isset($_GET['val'])) { $extension = " from ief file"; } else { $extension = " manually"; } $emails = trim($_POST['emails']); phpsafe($emails); if ($emails == "" && !isset($_POST['add'])) { echo "Please fill in all mandatory fields."; ?> <a href="javascript:history.back(-1);">Go Back</a><br> <?php include_once "admin.footer.inc.php"; exit(0); } $emails = " " . trim($_POST['emails']) . ","; } } } if (isset($_POST['add'])) { $tmp = trim($_POST['email0']); if ($tmp == "") {