/
lt.php
166 lines (142 loc) · 6.53 KB
/
lt.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
<?php
ob_start();
$er = error_reporting(0);
require_once dirname(__FILE__) .'/admin/commonlib/lib/unregister_globals.php';
require_once dirname(__FILE__) .'/admin/commonlib/lib/magic_quotes.php';
## none of our parameters can contain html for now
$_GET = removeXss($_GET);
$_POST = removeXss($_POST);
$_REQUEST = removeXss($_REQUEST);
if (isset($_SERVER["ConfigFile"]) && is_file($_SERVER["ConfigFile"])) {
include $_SERVER["ConfigFile"];
} elseif (is_file("config/config.php")) {
include 'config/config.php';
} else {
print "Error, cannot find config file\n";
exit;
}
require_once dirname(__FILE__).'/admin/init.php';
$GLOBALS["database_module"] = basename($GLOBALS["database_module"]);
$GLOBALS["language_module"] = basename($GLOBALS["language_module"]);
require_once dirname(__FILE__).'/admin/'.$GLOBALS["database_module"];
# load default english and language
include_once dirname(__FILE__)."/texts/english.inc";
# Allow customisation per installation
if (is_file($_SERVER['DOCUMENT_ROOT'].'/'.$GLOBALS["language_module"])) {
include_once $_SERVER['DOCUMENT_ROOT'].'/'.$GLOBALS["language_module"];
}
include_once dirname(__FILE__)."/admin/languages.php";
require_once dirname(__FILE__)."/admin/defaultconfig.php";
require_once dirname(__FILE__).'/admin/connect.php';
include_once dirname(__FILE__)."/admin/lib.php";
$id = sprintf('%s',$_GET['id']);
if ($id != $_GET['id']) {
print "Invalid Request";
exit;
}
$track = base64_decode($id);
$track = $track ^ XORmask;
@list($msgtype,$fwdid,$messageid,$userid) = explode('|',$track);
$userid = sprintf('%d',$userid);
$fwdid = sprintf('%d',$fwdid);
$messageid = sprintf('%d',$messageid);
$query = sprintf('select * from %s where id = ?', $GLOBALS['tables']['linktrack_forward']);
$rs = Sql_Query_Params($query, array($fwdid));
$linkdata = Sql_Fetch_array($rs);
if (!$fwdid || $linkdata['id'] != $fwdid || !$userid || !$messageid) {
## try the old table to avoid breaking links
$linkdata = Sql_Fetch_array_query(sprintf('select * from %s where linkid = %d and userid = %d and messageid = %d',
$GLOBALS['tables']['linktrack'],$fwdid,$userid,$messageid));
if (!empty($linkdata['forward'])) {
## we're not recording clicks, but at least links in older newsletters won't break.
header("Location: " . $linkdata['forward']);
exit;
}
# echo 'Invalid Request';
# maybe some logging?
FileNotFound();
exit;
}
## hmm a bit heavy to use here @@@optimise
$messagedata = loadMessageData($messageid);
$trackingcode = '';
#print "$track<br/>";
#print "User $userid, Mess $messageid, Link $linkid";
$query = sprintf('select * from %s where messageid = ? and forwardid = ?', $GLOBALS['tables']['linktrack_ml']);
$rs = Sql_Query_Params($query, array($messageid, $fwdid));
$ml = Sql_Fetch_Array($rs);
if (empty($ml['firstclick'])) {
$query = sprintf('update %s set firstclick = current_timestamp, latestclick = current_timestamp, clicked = clicked + 1 where forwardid = ? and messageid = ?', $GLOBALS['tables']['linktrack_ml']);
Sql_Query_Params($query, array($fwdid, $messageid));
} else {
$query = sprintf('update %s set clicked = clicked + 1, latestclick = current_timestamp where forwardid = ? and messageid = ?', $GLOBALS['tables']['linktrack_ml']);
Sql_Query_Params($query, array($fwdid, $messageid));
}
if ($msgtype == 'H') {
$query = sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = ? and messageid = ?', $GLOBALS['tables']['linktrack_ml']);
Sql_Query_Params($query, array($fwdid, $messageid));
$trackingcode = 'utm_source=emailcampaign'.$messageid.'&utm_medium=phpList&utm_content=HTMLemail&utm_campaign='.urlencode($messagedata["subject"]);
} elseif ($msgtype == 'T') {
$query = sprintf('update %s set textclicked = textclicked + 1 where forwardid = ? and messageid = ?', $GLOBALS['tables']['linktrack_ml']);
Sql_Query_Params($query, array($fwdid, $messageid));
$trackingcode = 'utm_source=emailcampaign'.$messageid.'&utm_medium=phpList&utm_content=textemail&utm_campaign='.urlencode($messagedata["subject"]);
}
$query = sprintf('select viewed from %s where messageid = ? and userid = ?', $GLOBALS['tables']['usermessage']);
$rs = Sql_Query_Params($query, array($messageid, $userid));
$viewed = Sql_Fetch_Row($rs);
if (!$viewed[0]) {
$query = sprintf('update %s set viewed = current_timestamp where messageid = ? and userid = ?', $GLOBALS['tables']['usermessage']);
Sql_Query_Params($query, array($messageid, $userid));
$query = sprintf('update %s set viewed = viewed + 1 where id = ?', $GLOBALS['tables']['message']);
Sql_Query_Params($query, array($messageid));
}
$query = sprintf('select * from %s where messageid = ? and forwardid = ? and userid = ?', $GLOBALS['tables']['linktrack_uml_click']);
$rs = Sql_Query_Params($query, array($messageid, $fwdid, $userid));
$uml = Sql_Fetch_Array($rs);
if (empty($uml['firstclick'])) {
$query
= ' insert into ' . $GLOBALS['tables']['linktrack_uml_click']
. ' (firstclick, forwardid, messageid, userid)'
. ' values'
. ' (current_timestamp, ?, ?, ?)';
Sql_Query_Params($query, array($fwdid, $messageid, $userid));
}
$query = sprintf('update %s set clicked = clicked + 1, latestclick = current_timestamp where forwardid = ? and messageid = ? and userid = ?', $GLOBALS['tables']['linktrack_uml_click']);
Sql_Query_Params($query, array($fwdid, $messageid, $userid));
if ($msgtype == 'H') {
$query = sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = ? and messageid = ? and userid = ?', $GLOBALS['tables']['linktrack_uml_click']);
Sql_Query_Params($query, array($fwdid, $messageid, $userid));
} elseif ($msgtype == 'T') {
$query = sprintf('update %s set textclicked = textclicked + 1 where forwardid = ? and messageid = ? and userid = ?', $GLOBALS['tables']['linktrack_uml_click']);
Sql_Query_Params($query, array($fwdid, $messageid, $userid));
}
$url = $linkdata['url'];
if ($linkdata['personalise']) {
$query = sprintf('select uniqid from %s where id = ?', $GLOBALS['tables']['user']);
$rs = Sql_Query_Params($query, array($userid));
$uid = Sql_Fetch_Row($rs);
if ($uid[0]) {
if (strpos($url,'?')) {
$url .= '&uid='.$uid[0];
} else {
$url .= '?uid='.$uid[0];
}
}
}
#print "$url<br/>";
if (!isset($_SESSION['entrypoint'])) {
$_SESSION['entrypoint'] = $url;
}
if (!empty($messagedata['google_track'])) {
## take off existing tracking code, if found
if (strpos($url,'utm_medium') !== false) {
$url = preg_replace('/utm_(\w+)\=[^&]+/','',$url);
}
if (strpos($url,'?')) {
$url = $url.'&'.$trackingcode;
} else {
$url = $url.'?'.$trackingcode;
}
}
header("Location: " . $url);
exit;