* @date: 28.04.2010 * @version: 1.0 * @author: Craig Barber */ //Displaying PHP errors /*ini_set('display_errors', 1); ini_set('log_errors', 1); ini_set('error_log', dirname(__FILE__) . '/error_log.txt'); error_reporting(E_ALL);*/ //look for submitted form if (isset($_POST['newslettersubmit'])) { require_once DOCROOT . 'include/config.php'; //collect users IP address $ip = $_SERVER['REMOTE_ADDR']; //cleanse the POST $dbFilter = new MysqlFilter(); $cPost = array(); foreach ($_POST as $key => $value) { $value = str_replace(",", "", $value); $cPost[$key] = $dbFilter->dbPrepare($value); } //set mandatory fields $newsletter_conf['mandatories'] = array("fname", "sname", "email-reg-news"); //set fields which must not contain numeric data $newsletter_conf['non_numeric'] = array("fname", "sname"); //First, lets make sure there are is no numeric data in the name fields $userValidate = UserDataValidator::getInstance($newsletter_conf['mandatories'], ''); if (!$userValidate->containsNumeric($cPost, $newsletter_conf['non_numeric'])) { //continue with processing //check mandatory information has been submitted if (FormValidator::checkMandatories($newsletter_conf['mandatories'], $cPost)) {
<?php include "/nfslocal/www/include/db/dbconnect.php"; require_once "/nfslocal/www/include/classes/security/mysqlfilter.class.php"; $campaign = nvl($_REQUEST['c'], "UB3004101809"); $uid = nvl($_REQUEST['u']); $email = nvl($_REQUEST['email']); $usConfirm = nvl($_REQUEST['us_confirm']); $dbFilter = new MysqlFilter(); $campaign = $dbFilter->dbPrepare($campaign); $uid = $dbFilter->dbPrepare($uid); $email = $dbFilter->dbPrepare($email); if ($usConfirm == "confirm") { $logTable = $campaign . "_log"; $usTable = "UB_unsubscribe"; $sql = "INSERT INTO {$logTable} (log_date, campaign, uid, action, details) VALUES (now(), '{$campaign}', '{$uid}', '3 - Unsubscribe Confirm', '3 - Unsubscribe Confirm')"; mysql_query($sql); $sql = "INSERT INTO {$usTable} (log_date, email, campaign, uid) VALUES (now(), '{$email}', '{$campaign}', '{$uid}')"; mysql_query($sql); } include "templates/newsletter_header.php"; include "templates/newsletter_us.php"; include "templates/newsletter_footer.php";