/** * Create a link to the subscription page. * @param addr The adress, which is to be used * @param code The Code, if available. If not it will be retrieved from the db. * @return the Adress. */ function post_notification_get_mailurl($addr, $code = '') { global $wpdb; if (strlen($code) != 32) { $t_emails = $wpdb->prefix . 'post_notification_emails'; $query = $wpdb->get_results("SELECT id, act_code FROM {$t_emails} WHERE email_addr = '" . $wpdb->escape($addr) . "'"); $query = $query[0]; //Get Activation Code if ($query->id == '' || strlen($query->act_code) != 32) { //Reuse the code mt_srand((double) microtime() * 1000000); $code = md5(mt_rand(100000, 99999999) . time()); if ($query->id == '') { $ip = sprintf('%u', ip2long($_SERVER['REMOTE_ADDR'])); if ($ip < 0 || $ip === false) { $ip = 0; } //This has changed with php 5 $wpdb->query("INSERT INTO {$t_emails} (email_addr,date_subscribed, act_code, subscribe_ip) " . "VALUES ('" . $wpdb->escape($addr) . "','" . post_notification_date2mysql() . "', '{$code}', {$ip} )"); } else { $wpdb->query("UPDATE {$t_emails} SET act_code = '{$code}' WHERE email_addr = '" . $wpdb->escape($addr) . "'"); } } else { $code = $query->act_code; } } //Adjust the URL $confurl = post_notification_get_link(); if (strpos($confurl, '/?') || strpos($confurl, 'index.php?')) { $confurl .= '&'; } else { $confurl .= '?'; } $confurl .= "code={$code}&addr=" . urlencode($addr) . "&"; return $confurl; }
function post_notification_add($post_ID) { global $wpdb; $post = get_post($post_ID); $t_posts = $wpdb->prefix . 'post_notification_posts'; $notify = $_POST['post_notification_notify']; //The post came in some other way. Set to def. if ($notify == '') { $notify = 'def'; } //Todo, userlevels $status = $wpdb->get_var("SELECT notification_sent FROM {$t_posts} WHERE post_ID = '{$post_ID}'"); if ($notify == 'def' && !isset($status)) { //default is not to change if (get_option('db_version') < 4772) { if ($post->post_status == 'post') { $notify = get_option('post_notification_send_default'); } if ($post->post_status == 'private') { $notify = get_option('post_notification_send_default'); } if ($post->post_status == 'static') { $notify = get_option('post_notification_send_page'); } } else { if ($post->post_type == 'post') { $notify = get_option('post_notification_send_default'); } if ($post->post_type == 'post' && $post->post_status == 'private') { $notify = get_option('post_notification_send_default'); } if ($post->post_type == 'page') { $notify = get_option('post_notification_send_page'); } } } if ($notify == 'yes') { if (isset($status)) { $wpdb->query("UPDATE {$t_posts} SET notification_sent = 0 WHERE post_id = " . $post_ID); } else { $wpdb->query("INSERT INTO {$t_posts} (post_ID, notification_sent) VALUES ('{$post_ID}', 0)"); } } else { if ($notify == 'no') { if ($status != -1) { //Mails are sent - no reason to change this if (isset($status)) { $wpdb->query("UPDATE {$t_posts} SET notification_sent = -2 WHERE post_id = " . $post_ID); } else { $wpdb->query("INSERT INTO {$t_posts} (post_ID, notification_sent) VALUES ('{$post_ID}', -2)"); } } } } // We should have an entry now, so lets write the time. $wpdb->query("UPDATE {$t_posts} SET date_saved = '" . post_notification_date2mysql() . "' WHERE post_id = " . $post_ID); post_notification_set_next_send(); }
function post_notification_admin_sub() { echo '<h3>' . __('Manage addresses', 'post_notification') . '</h3>'; if (!$_POST['manage']) { ?> <p> <?php _e('The Emails may be seprated by newline, space, comma, semi colon, tabs, [, ], < or >.', 'post_notification'); ?> <br /> <b><?php _e('Watch out! There is only simple checking whether the email address is valid.', 'post_notification'); ?> </b></p> <!-- The data encoding type, enctype, MUST be specified as below --> <form enctype="multipart/form-data" action="admin.php?page=post_notification/admin.php&action=manage" method="POST"> <?php _e('Load LDIF-File:', 'post_notification'); ?> <input name="ldif_file" type="file" /> <input type="submit" value="<?php _e('Load', 'post_notification'); ?> " name="ldif_import" /> </form> <form name="import" action="admin.php?page=post_notification/admin.php&action=manage" method="post"> <b><?php _e('Emails', 'post_notification'); ?> :</b> <br /> <textarea name="imp_emails" cols="60" rows="10" class="commentBox"><?php if ($_POST['ldif_import']) { echo ldif2addresses($_FILES['ldif_file']['tmp_name']); } ?> </textarea> <br /><br /> <?php _e('What should be done?', 'post_notification'); ?> <br/> <input type="radio" name="logic" value="add" checked="checked" ><?php _e('Add selected categories', 'post_notification'); ?> </input><br /> <input type="radio" name="logic" value="rem"><?php _e('Remove selected categories', 'post_notification'); ?> </input><br /> <input type="radio" name="logic" value="repl"><?php _e('Replace with selected categories', 'post_notification'); ?> </input><br /> <input type="radio" name="logic" value="del"><?php _e('Delete the listed emails', 'post_notification'); ?> </input><br /> <?php $selected_cats = explode(',', get_option('post_notification_selected_cats')); echo post_notification_get_catselect('', $selected_cats); ?> <input type="submit" name="manage" value="<?php _e('Manage', 'post_notification'); ?> " class="commentButton" /> <input type="reset" name="Reset" value="<?php _e('Reset', 'post_notification'); ?> " class="commentButton" /><br/><br/><br/> </form> <?php } else { global $wpdb; $t_emails = $wpdb->prefix . 'post_notification_emails'; $t_cats = $wpdb->prefix . 'post_notification_cats'; $import_array = preg_split('/[\\s\\n\\[\\]<>\\t,;]+/', $_POST['imp_emails'], -1, PREG_SPLIT_NO_EMPTY); foreach ($import_array as $addr) { // Set Variables // $gets_mail = 1; $now = post_notification_date2mysql(); // Basic checking if (!is_email($addr)) { if (!$addr == "") { echo '<div class="error">' . __('Email is not valid:', 'post_notification') . " {$addr}</div>"; } continue; } //*************************************/ //* Check database for duplicates */ //*************************************/ $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); if ($_POST['logic'] == 'del') { if ($mid != '') { $wpdb->query("DELETE FROM {$t_emails} WHERE id = {$mid}"); $wpdb->query("DELETE FROM {$t_cats} WHERE id = {$mid}"); echo "<div>" . __('Removed email:', 'post_notification') . " {$email_addr}</div>"; } else { echo '<div class="error">' . __('Email is not in DB:', 'post_notification') . " {$addr}</div>"; } continue; } //Let's create an entry if (!$mid) { $wpdb->query("INSERT " . $t_emails . " (email_addr, gets_mail, last_modified, date_subscribed) " . " VALUES ('{$addr}', '{$gets_mail}', '{$now}', '{$now}')"); echo "<div>" . __('Added Email:', 'post_notification') . " {$addr}</div>"; $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); } if ($mid == '') { echo '<div>' . __('Something went wrong with the Email:', 'post_notification') . $addr . '</div>'; continue; } if ($_POST['logic'] == 'repl') { $wpdb->query("DELETE FROM {$t_cats} WHERE id = {$mid}"); } $pn_cats = $_POST['pn_cats']; if (!is_array($pn_cats)) { $pn_cats = array(); } //Just to make sure it doesn't crash //Let's see what cats we have foreach ($pn_cats as $cat) { if (is_numeric($cat)) { //Security if ($_POST['logic'] == 'rem') { $wpdb->query("DELETE FROM {$t_cats} WHERE id = {$mid} AND cat_id = {$cat}"); } else { if (!$wpdb->get_var("SELECT id FROM {$t_cats} WHERE id = {$mid} AND cat_id = {$cat}")) { $wpdb->query("INSERT INTO {$t_cats} (id, cat_id) VALUES({$mid}, {$cat})"); } } } } echo '<div>' . __('Updated Email:', 'post_notification') . " {$addr}</div>"; } //end foreach } }
/** * This creates the content */ function post_notification_page_content() { global $post_notification_page_content_glob, $wpdb; if ($post_notification_page_content_glob) { return $post_notification_page_content_glob; } //It doesn't matter where this goes: $content =& $post_notification_page_content_glob; $content = array(); $content['header'] = ''; $content['body'] = ''; // ******************************************************** // // GET VARIABLES FROM URL // ******************************************************** // $action = $_GET['action']; $addr = $wpdb->escape($_GET['addr']); $code = $wpdb->escape($_GET['code']); if ($_POST['addr'] != '') { $action = $_POST['action']; $addr = $wpdb->escape($_POST['addr']); $code = $wpdb->escape($_POST['code']); $pn_cats = $_POST['pn_cats']; //Security is handled in the function. } $msg =& $content['body']; // ******************************************************** // // DEFINE OTHER VARS NEEDED // ******************************************************** // require post_notification_get_profile_dir() . '/strings.php'; $t_emails = $wpdb->prefix . 'post_notification_emails'; $t_cats = $wpdb->prefix . 'post_notification_cats'; $from_email = get_option('post_notification_from_email'); $pnurl = post_notification_get_link(); if (get_option('post_notification_hdr_nl') == "rn") { $hdr_nl = "\r\n"; } else { $hdr_nl = "\n"; } $blogname = get_option('blogname'); // ******************************************************** // // Code Check // ******************************************************** // //This code is not very nice in performance, but I wanted to keep it as easy to understand as possible. It's not called that often. if ($code != '' && $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}' AND act_code = '" . $code . "'")) { // ******************************************************** // // WITH AUTH // ******************************************************** // if (1 != $wpdb->get_var("SELECT gets_mail FROM {$t_emails} WHERE email_addr = '{$addr}'")) { //The user just subscribed, so let's set him up $now = post_notification_date2mysql(); $wpdb->query("UPDATE {$t_emails} SET gets_mail = 1, date_subscribed = '{$now}' WHERE email_addr = '{$addr}'"); $mailid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); $selected_cats = explode(',', get_option('post_notification_selected_cats')); $queryCats = ''; if (!empty($selected_cats)) { $queryCats = ""; foreach ($selected_cats as $category) { if (is_numeric($category)) { $queryCats .= ", ({$mailid}, {$category})"; } } if (strlen($queryCats) > 0) { $wpdb->query("INSERT INTO {$t_cats} (id, cat_id) VALUES" . substr($queryCats, 1)); } } if (isset($post_notification_strings['welcome'])) { $msg = '<h3>' . str_replace('@@blogname', get_option(blogname), $post_notification_strings['welcome']) . '</h3>'; } else { $msg = '<h3>' . $post_notification_strings['saved'] . '</h3>'; } } // ******************************************************** // // Select Cats // ******************************************************** // if ($action == "subscribe") { $wpdb->query("UPDATE {$t_emails} SET gets_mail = 1 WHERE email_addr = '{$addr}'"); $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); if (get_option('post_notification_show_cats') == 'yes') { //Delete all entries $wpdb->query("DELETE FROM {$t_cats} WHERE id = {$mid}"); if (!is_array($pn_cats)) { $pn_cats = array(); } //Just to make shure it doesn't crash //Let's see what cats we have $queryCats = ''; foreach ($pn_cats as $cat) { if (is_numeric($cat)) { $queryCats .= ", ({$mid}, {$cat})"; } //Security } if (strlen($queryCats) > 0) { $wpdb->query("INSERT INTO {$t_cats} (id, cat_id) VALUES" . substr($queryCats, 1)); } } $msg .= '<h3>' . $post_notification_strings['saved'] . '</h3>'; } // ******************************************************** // // UNSUBSCRIBE // ******************************************************** // if ($action == "unsubscribe" and is_email($addr)) { $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); if ($mid != '') { $wpdb->query("DELETE FROM {$t_emails} WHERE id = {$mid}"); $wpdb->query("DELETE FROM {$t_cats} WHERE id = {$mid}"); } $content['header'] = $post_notification_strings['deaktivated']; $msg = str_replace(array('@@addr', '@@blogname'), array($addr, $blogname), $post_notification_strings['no_longer_activated']); return $content; } // ********************************************************// // Subscribe-page // ********************************************************// $content['header'] = get_option('post_notification_page_name'); $id = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); if (get_option('post_notification_show_cats') == 'yes') { $subcats_db = $wpdb->get_results("SELECT cat_id FROM {$t_cats} WHERE id = {$id}"); $subcats = array(); if (isset($subcats_db)) { foreach ($subcats_db as $subcat) { $subcats[] = $subcat->cat_id; } } // Get cats listing $cats_str = post_notification_get_catselect($post_notification_strings['all'], $subcats); } else { $cats_str = ''; } $vars = '<input type="hidden" name="code" value="' . $code . '" /><input type="hidden" name="addr" value="' . $addr . '" />'; if ($action == "subscribe" && get_option('post_notification_saved_tmpl') == 'yes') { $msg = post_notification_ldfile('saved.tmpl'); } else { $msg .= post_notification_ldfile('select.tmpl'); } $msg = str_replace('@@action', post_notification_get_link(), $msg); $msg = str_replace('@@addr', $addr, $msg); $msg = str_replace('@@cats', $cats_str, $msg); $msg = str_replace('@@vars', $vars, $msg); } else { // ******************************************************** // // WITHOUT AUTH // ******************************************************** // $code = ''; if (is_email($addr) && post_notification_check_captcha()) { // ******************************************************** // // SUBSCRIBE // ******************************************************** // if ($action == "subscribe" || $action == '') { $conf_url = post_notification_get_mailurl($addr); // Build mail $mailmsg = post_notification_ldfile('confirm.tmpl'); $mailmsg = str_replace('@@addr', $addr, $mailmsg); $mailmsg = str_replace('@@conf_url', $conf_url, $mailmsg); wp_mail($addr, "{$blogname} - " . get_option('post_notification_page_name'), $mailmsg, post_notification_header()); //Output Page $content['header'] = $post_notification_strings['registration_successful']; $msg = post_notification_ldfile('reg_success.tmpl'); return $content; //here it ends - We don't want to show the selection screen. } // ******************************************************** // // UNSUBSCRIBE // ******************************************************** // if ($action == "unsubscribe") { if ($wpdb->get_var("SELECT email_addr FROM {$t_emails} WHERE email_addr = '{$addr}'")) { //There is a mail in the db $conf_url = post_notification_get_mailurl($addr); $conf_url .= "action=unsubscribe"; $mailmsg = post_notification_ldfile('unsubscribe.tmpl'); $mailmsg = str_replace(array('@@addr', '@@conf_url'), array($addr, $conf_url), $mailmsg); wp_mail($addr, "{$blogname} - " . $post_notification_strings['deaktivated'], $mailmsg, post_notification_header()); } $content['header'] = $post_notification_strings['deaktivated']; $msg = str_replace(array('@@addr', '@@blogname'), array($addr, $blogname), $post_notification_strings['unsubscribe_mail']); return $content; //here it ends - We don't want to show the selection screen. } } if ($addr != '') { if (!is_email($addr)) { $msg .= '<p class="error">' . $post_notification_strings['check_email'] . '</p>'; } if (!post_notification_check_captcha() && action != '') { $msg .= '<p class="error">' . $post_notification_strings['wrong_captcha'] . '</p>'; } } //Try to get the email addr if ($addr == '') { $addr = post_notification_get_addr(); } $content['header'] = get_option('post_notification_page_name'); $msg .= post_notification_ldfile('subscribe.tmpl'); $msg = str_replace('@@action', post_notification_get_link($addr), $msg); $msg = str_replace('@@addr', $addr, $msg); $msg = str_replace('@@cats', '', $msg); $msg = str_replace('@@vars', $vars, $msg); //Do Captcha-Stuff if (get_option('post_notification_captcha') == 0) { $msg = preg_replace('/<!--capt-->(.*?)<!--cha-->/is', '', $msg); //remove captcha } else { require_once POST_NOTIFICATION_PATH . 'class.captcha.php'; $captcha_code = md5(round(rand(0, 40000))); $my_captcha = new captcha($captcha_code, POST_NOTIFICATION_PATH . '_temp'); $captchaimg = POST_NOTIFICATION_PATH_URL . '_temp/cap_' . $my_captcha->get_pic(get_option('post_notification_captcha')) . '.jpg'; $msg = str_replace('@@captchaimg', $captchaimg, $msg); $msg = str_replace('@@captchacode', $captcha_code, $msg); } } return $content; }
function post_notification_register($user_id) { global $wpdb; if ($user_id == 0) { $user_id = get_userdatabylogin($_POST['user_login']); } $auto_subscribe = get_option('post_notification_auto_subscribe'); if ($auto_subscribe == "no") { return; } if (0 == $user_id) { $user_id = (int) func_get_arg(0); } if (0 == $user_id) { return; } $t_emails = $wpdb->prefix . 'post_notification_emails'; $t_cats = $wpdb->prefix . 'post_notification_cats'; $user = get_userdata($user_id); $addr = $user->user_email; $gets_mail = 1; $now = post_notification_date2mysql(); $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); if (!$mid) { $wpdb->query("INSERT " . $t_emails . " (email_addr, gets_mail, last_modified, date_subscribed) " . " VALUES ('{$addr}', '{$gets_mail}', '{$now}', '{$now}')"); $mid = $wpdb->get_var("SELECT id FROM {$t_emails} WHERE email_addr = '{$addr}'"); } $selected_cats = explode(',', get_option('post_notification_selected_cats')); foreach ($selected_cats as $cat) { if (is_numeric($cat)) { //Security if (!$wpdb->get_var("SELECT id FROM {$t_cats} WHERE id = {$mid} AND cat_id = {$cat}")) { $wpdb->query("INSERT INTO {$t_cats} (id, cat_id) VALUES({$mid}, {$cat})"); } } } }