function _getFeUserLoginStatus() { $login_key = session_id(); if (empty($login_key)) { return false; // user is not logged in } elseif (empty($_SESSION[$login_key])) { return false; // this is the false session and/or false user } elseif (isset($_GET[$login_key])) { return false; // hm, somebody is trying to inject by GET in case register_globals ON } elseif (isset($_POST[$login_key])) { return false; // hm, somebody is trying to inject by POST in case register_globals ON } headerAvoidPageCaching(); return true; }
if (!empty($data[0]['address_url1'])) { headerRedirect($data[0]['address_url1']); } if (!($page = file_get_contents(PHPWCMS_TEMPLATE . 'inc_default/subscribe.tmpl'))) { $page = "The email address <strong>{EMAIL}</strong> was verified."; } break; case 'unsubscribe': $sql = 'DELETE FROM ' . DB_PREPEND . 'phpwcms_address '; $sql .= "WHERE address_key='" . aporeplace($hash) . "'"; $result = _dbQuery($sql, 'DELETE'); if (!empty($data[0]['address_url2'])) { headerRedirect($data[0]['address_url2']); } if (!($page = file_get_contents(PHPWCMS_TEMPLATE . 'inc_default/unsubscribe.tmpl'))) { $page = "All Subscriptions for <strong>{EMAIL}</strong> canceled."; } break; } } else { headerRedirect(PHPWCMS_URL); } } else { headerRedirect(PHPWCMS_URL); } // some replacements $page = replaceGlobalRT($page); $page = str_replace('{EMAIL}', $email, $page); // send non caching page header headerAvoidPageCaching(); echo $page;
function phpwcms_empty_gif($cache = false) { if (!$cache) { headerAvoidPageCaching(); } header('Content-Type: image/gif'); echo base64_decode('R0lGODlhAQABAJAAAP8AAAAAACH5BAUQAAAALAAAAAABAAEAAAICBAEAOw=='); exit; }