*/ # Including our configuration and validate app require_once __DIR__ . '/_includes/config.php'; require_once __DIR__ . '/_includes/validate-app.php'; # Handling our global json parsing $_JPOST = PostParser::decode(); # Getting our template $query = "\tSELECT\n\t\t\t\t`id`\n\t\t\tFROM\n\t\t\t\t" . NQ_TEMPLATE_TABLE . "\n\t\t\tFORCE\n\t\t\t\tINDEX (`PRIMARY`)\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`environment` \tIN ('*','" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "') AND\n\t\t\t\t`tag`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->tag) . "'\n\t\t\tLIMIT 1"; $email_data = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Invalid template if (!isset($email_data['id'])) { exit_fail(NQ_ERROR_INVALID_VALUE, LANG_INVALID_TEMPLATE); } # Invalid template code $invalid_tags = []; if (!TemplateParser::validate($_JPOST->body, $invalid_tags)) { exit_fail(NQ_ERROR_INVALID_VALUE, 'Validation Error'); } # If we have any invalid tags if (count($invalid_tags) > 0) { $error = []; foreach ($invalid_tags as $tag => $count) { $error[] = $tag . ' (' . $count . ')'; } exit_fail(NQ_ERROR_INVALID_VALUE, 'Your template contains the following restricted HTML tags: ' . implode(', ', $error)); } # Updating our template $query = "\tUPDATE\n\t\t\t\t" . NQ_TEMPLATE_TABLE . "\n\t\t\tSET\n\t\t\t\t`subject`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->subject) . "',\n\t\t\t\t`body`\t\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->body) . "',\n\t\t\t\t`bcc`\t\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->bcc) . "',\n\t\t\t\t`locked`\t\t=b'" . (boolval_ext($_JPOST->locked) ? '1' : '0') . "',\n\t\t\t\t`requires_unsubscribe`\t=b'" . (boolval_ext($_JPOST->requires_unsubscribe) ? '1' : '0') . "'\n\t\t\tWHERE\n\t\t\t\t`id`\t\t\t=" . (int) $email_data['id'] . "\n\t\t\tLIMIT 1"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # We successfully updated $content = new stdClass();