# We are done updating if ($limit !== false && $limit <= 0) { break; } } mysqli_free_result($partition_results); # Returning our values PostParser::send($content); /* --- Connection closed wit PostParser::send --- Below this point things need to be tracked and cleaned up --- */ # Updating our partition row counts $size_changed = false; $update_queries = ['SET @table_size_delta=0']; foreach ($partitions_affected as $id => $partition) { # Getting our new table size $query = "\tSELECT\n\t\t\t\t\t `DATA_LENGTH` + `INDEX_LENGTH` AS `size`\n\t\t\t\tFROM\n\t\t\t\t\t`INFORMATION_SCHEMA`.`TABLES`\n\t\t\t\tWHERE\n\t\t\t\t\t`TABLE_SCHEMA`\t='" . mysqli_escape_string($partition->dblink, $partition->database) . "' AND\n\t\t\t\t\t`TABLE_NAME`\t='" . mysqli_escape_string($partition->dblink, $partition->data['table_name']) . "'"; $size_data = mysqli_single_result_query($partition->dblink, $query); # Done with partitions database link mysqli_shared_close($partition->dblink, $G_SHARED_DBLINKS); # We have a different size $this_size_changed = false; if ((int) $partition->data['size'] != (int) $size_data['size']) { # Flag size changed $size_changed = true; $this_size_changed = true; # Storing the currently saved size $update_queries[] = "\tSET @size_delta = \t(\n\t\t\t\t\t\t\t\t\t\tSELECT \n\t\t\t\t\t\t\t\t\t\t" . (int) $size_data['size'] . "- CONVERT(`size`,SIGNED)\n\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t\t`id`=" . (int) $id . "\n\t\t\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t\t\t)"; # Updating our size change $update_queries[] = "\tSET @table_size_delta = @table_size_delta + @size_delta"; } # Updating the partitions size $update_queries[] = "\tUPDATE\n\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t" . ($this_size_changed ? "`size` = `size` + @size_delta," : "") . "\n\t\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t\t=" . (int) $id . "\n\t\t\t\t\tLIMIT 1";
$names = array($file['name']); $tmp_names = array($file['tmp_name']); $file_types = array($file['type']); } # Looping through our files for ($i = 0, $ncount = count($names); $i < $ncount; $i++) { # Saving our filename $filename = isset($_CGET['name']) ? $_CGET['name'] : $names[$i]; $tmpname = $tmp_names[$i]; # Getting our metadata $created = date('Y-m-d H:i:s'); $version = 1; $file_id = 0; # Adding to the datatbase $query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`environment`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "' AND\n\t\t\t\t\t\t`directory_id`\t=" . (int) $G_DIRECTORY_DATA['id'] . " AND\n\t\t\t\t\t\t`name`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $filename) . "'\n\t\t\t\t\tLIMIT 1"; $current_file_data = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query); # If we already have a if (isset($current_file_data['id'])) { # Moving our file $query = "\tINSERT INTO\n\t\t\t\t\t\t\t" . NQ_FILE_VERSION_TABLE . "\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t*\n\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t\t\t\t)"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Deleting our file $query = "\tDELETE FROM\n\t\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t\t\tLIMIT 1"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Saving our file id $file_id = $current_file_data['file_id']; $created = $current_file_data['created']; # Increasing our version $version = (int) $current_file_data['version'] + 1; } # Adding to the datatbase
<?php /* summary.php */ # Our endpoints $tables = ['database', 'images', 'files', 'emails', 'tokens']; # Looping through each set of tables foreach ($tables as $table) { # Updating our database tracking $date = strtotime(date('Y-m-d 00:00:00', strtotime('-1 day'))); while (true) { # Checking to see if there are still items to be added $query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tLIMIT 1"; $check = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); if (empty($check)) { break; } # Getting our general count data $query = "\tSELECT\n\t\t\t\t\t\tCOUNT(*) AS `count`,\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`environment`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`>='" . date('Y-m-d 00:00:00', $date) . "' AND\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tGROUP BY\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`environment`"; $result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query); while ($count_data = mysqli_fetch_array($result)) { # Adding our count into the database $query = "\tINSERT IGNORE INTO\n\t\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "_summary`\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`app_id`\t=" . $count_data['app_id'] . ",\n\t\t\t\t\t\t\t`environment`\t='" . $count_data['environment'] . "',\n\t\t\t\t\t\t\t`transactions`\t=" . $count_data['count'] . ",\n\t\t\t\t\t\t\t`created`\t='" . date('Y-m-d', $date) . "'"; mysqli_sub_query($G_CONTROLLER_DBLINK, $query); } # Getting our general count data $query = "\tSELECT\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t`environment`,\n\t\t\t\t\t\tCOUNT(*) AS `count`,\n\t\t\t\t\t\tMIN(`size`) AS `min_size`,\n\t\t\t\t\t\tAVG(`size`) AS `avg_size`,\n\t\t\t\t\t\tMAX(`size`) AS `max_size`,\n\t\t\t\t\t\tMIN(`time`) AS `min_time`,\n\t\t\t\t\t\tAVG(`time`) AS `avg_time`,\n\t\t\t\t\t\tMAX(`time`) AS `max_time`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_TRACKING_DATABASE . ".`api_calls_" . $table . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`created`>='" . date('Y-m-d 00:00:00', $date) . "' AND\n\t\t\t\t\t\t`created`<='" . date('Y-m-d 23:59:59', $date) . "'\n\t\t\t\t\tGROUP BY\n\t\t\t\t\t\t`app_id`,\n\t\t\t\t\t\t`type`,\n\t\t\t\t\t\t`environment`"; $result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query); while ($count_data = mysqli_fetch_array($result)) { # Adding our count into the database
function queue_email($controller_dblink, $to, $from, $subject, $email_data, $constants, $variables, $app_id, $send_date, $bcc_available = true) { # Reply to $reply_to = $from; # Separating for validation $p = explode('@', $to, 2); # Bailing if not someone@someplace.com format if (count($p) < 2) { return false; } # Checking if the email is blocked $query = "\tSELECT\n\t\t\t\t\t\t`email`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . " AND\n\t\t\t\t\t\t`email`\t='" . mysqli_escape_string($controller_dblink, $to) . "'\n\t\t\t\t\tLIMIT 1"; $blocked_data = mysqli_single_result_query($controller_dblink, $query); # This user has blocked the app from sending emails if (isset($blocked_data)) { # Adding our analytics $query = "\tINSERT INTO\n\t\t\t\t\t\t\t" . NQ_ANALYTICS_BLOCKED_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`app_id`\t\t=" . (int) $app_id . ",\n\t\t\t\t\t\t\t`template_id`\t=" . (int) $email_data['id'] . ",\n\t\t\t\t\t\t\t`sender`\t\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t\t`created`\t\t=NOW()"; mysqli_sub_query($controller_dblink, $query); # Blocked return -1; } else { # Applying our constants and variables $attachments_list = []; $body = TemplateParser::parse($email_data['body'], $constants, $variables, $app_id, $attachments_list); # Applying our unsubscribe if ($email_data['requires_unsubscribe'] == 1 && strpos($body, '%unsubscribe%') === false) { $body .= ' <div style="margin-top:10px;">%unsubscribe% from ' . $G_APP_DATA['name'] . '</div>'; } # If we are going to track $mail_body = $body; $bcc_body = $body; # Adding our analytics $query = "\tINSERT INTO\n\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`app_id`\t\t=" . (int) $app_id . ",\n\t\t\t\t\t\t`template_id`\t\t=" . (int) $email_data['id'] . ",\n\t\t\t\t\t\t`sender`\t\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t`recipient`\t\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t`created`\t\t=NOW(),\n\t\t\t\t\t\t`requested_date`\t=NOW()"; mysqli_sub_query($controller_dblink, $query); $analytics_id = mysqli_insert_id($controller_dblink); # If we are going to track $mail_body = $body; $bcc_body = $body; if ($email_data['track'] == 1) { # Our ids $hash_id = hash('sha256', $analytics_id . $to); # Updating the hash id $query = "\tUPDATE\n\t\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`hash_id`\t='" . $hash_id . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`\t\t=" . (int) $analytics_id . "\n\t\t\t\t\t\tLIMIT 1"; mysqli_sub_query($controller_dblink, $query); # Customizing the body $mail_body .= '<img style="display:none;" src="' . NQ_DOMAIN_ROOT . '/' . $app_id . '/track?ref=' . $hash_id . '" width="1" height="1" />'; } # Inserting our unsubscribe link $keys = ['/%unsubscribe%/']; $values = ['<a href="' . NQ_DOMAIN_ROOT . '/' . $app_id . '/unsubscribe?ref=' . $hash_id . '&email=' . urlencode($to) . '" style="color:inherit;text-decoration:inherit;"> Unsubscribe </a>']; $mail_body = preg_replace($keys, $values, $mail_body); # Adding to the queue $query = "\tINSERT INTO\n\t\t\t\t\t\t" . NQ_QUEUE_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . ",\n\t\t\t\t\t\t`analytics_id`\t=" . (int) $analytics_id . ",\n\t\t\t\t\t\t`sender`\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, $to) . "',\n\t\t\t\t\t\t`subject`\t='" . mysqli_escape_string($controller_dblink, $subject) . "',\n\t\t\t\t\t\t`raw`\t\t='" . mysqli_escape_string($controller_dblink, build_raw_email($to, $from, $reply_to, $subject, $mail_body, $attachments_list, $app_id)) . "',\n\t\t\t\t\t\t`send_date`\t='" . date('Y-m-d H:i:s', $send_date) . "',\n\t\t\t\t\t\t`priority`\t=1"; mysqli_sub_query($controller_dblink, $query); # Sending the bcc if ($bcc_available) { # Modifying to add our bcc header $bcc_body = trim('<div style="padding:10px;border-bottom:solid #E9E9E9 1px;margin-bottom:1px;line-height:2.0;"> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;"></div><b>BCC Email</b><br /> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">sent to:</div>' . $to . '<br /> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">from:</div>' . htmlentities($from) . '<br /> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">date:</div>' . date('r') . '<br /> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">send date:</div>' . date('r', $send_date) . '<br /> <div style="width:75px;color:#999;display:inline-block;text-align:right;padding-right:10px;">tracking:</div>' . ($email_data['track'] == 1 ? 'Yes' : 'No') . '<br /> </div> ' . $bcc_body); # Sending bcc emails foreach (explode(',', $email_data['bcc']) as $bcc) { # Adding to the queue if (trim($bcc) != '') { $query = "\tINSERT INTO\n\t\t\t\t\t\t\t\t\t" . NQ_QUEUE_TABLE . "\n\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t`app_id`\t=" . (int) $app_id . ",\n\t\t\t\t\t\t\t\t\t`sender`\t='" . mysqli_escape_string($controller_dblink, $from) . "',\n\t\t\t\t\t\t\t\t\t`recipient`\t='" . mysqli_escape_string($controller_dblink, trim($bcc)) . "',\n\t\t\t\t\t\t\t\t\t`subject`\t='" . mysqli_escape_string($controller_dblink, $subject) . "',\n\t\t\t\t\t\t\t\t\t`raw`\t\t='" . mysqli_escape_string($controller_dblink, build_raw_email(trim($bcc), $from, $reply_to, $subject, $bcc_body, $attachments_list, $app_id)) . "',\n\t\t\t\t\t\t\t\t\t`send_date`\t=NOW(),\n\t\t\t\t\t\t\t\t\t`priority`\t=255"; mysqli_sub_query($controller_dblink, $query); } } } # Sent return 1; } }
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ # Including our configuration and validate app require_once __DIR__ . '/_includes/config.php'; require_once __DIR__ . '/_includes/validate-app.php'; # Handling our global json parsing $_JPOST = PostParser::decode(); # Validating we have the constant $query = "\tSELECT\n\t\t\t\t`id`\n\t\t\tFROM\n\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`environment` \tIN ('*','" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "') AND\n\t\t\t\t`tag`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->tag) . "'\n\t\t\t\tLIMIT 1"; $constant_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); # Bailing if we have a bad constant if (!isset($constant_data['id'])) { exit_fail(NQ_ERROR_INVALID_VALUE, LANG_INVALID_CONSTANT); } # Archiving the constant $query = "\tINSERT INTO\n\t\t\t\t" . NQ_CONSTANT_ARCHIVE_TABLE . "\n\t\t\t\t(\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t=" . (int) $constant_data['id'] . "\n\t\t\t\t)"; mysqli_sub_query($G_CONTROLLER_DBLINK, $query); # Deleting the constant $query = "\tDELETE FROM\n\t\t\t\t" . NQ_CONSTANT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`\t=" . (int) $constant_data['id'] . "\n\t\t\tLIMIT 1"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # The content to be returned $content = new stdClass(); $content->success = true; $content->deleted = mysqli_affected_rows($G_CONTROLLER_DBLINK) == 1; # Sending our content
foreach ($_JPOST->actions as $action => $value) { switch ($action) { case 'flip': $img->flip($value); break; } } # Moving our file version $query = "\tINSERT INTO\n\t\t\t\t" . NQ_FILE_VERSION_TABLE . "\n\t\t\t\t(\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\t\t)"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Deleting our file $query = "\tDELETE FROM\n\t\t\t\t" . NQ_FILE_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`=" . (int) $current_file_data['id'] . "\n\t\t\tLIMIT 1"; mysqli_sub_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Getting our server where we are going to store the images $query = "\tSELECT\n\t\t\t\t*\n\t\t\tFROM\n\t\t\t\t" . NQ_SERVERS_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`server_type`\t='image' AND\n\t\t\t\t`environment`\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "'\n\t\t\tORDER BY\n\t\t\t\t`tier` ASC,\n\t\t\t\t`available_space` DESC\n\t\t\tLIMIT 1"; $G_SERVER_DATA = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); # Combining our host properties into our path $G_SERVER_HOST = NQ_FILE_STORAGE_PROTOCOL . $G_SERVER_DATA['username'] . NQ_FILE_STORAGE_CRED_SEPARATOR . $G_SERVER_DATA['password'] . NQ_FILE_STORAGE_HOST_SEPARATOR . $G_SERVER_DATA['host'] . $G_SERVER_DATA['path']; # Saving our file id and updating the version $file_id = $current_file_data['file_id']; $version = (int) $current_file_data['version'] + 1; # Where we are going to save our file to $save_path = $G_APP_DATA['id'] . '/'; if (!is_dir($savepath)) { mkdir($G_SERVER_HOST . $save_path); } $ext = explode('.', $current_file_data['filepath']); $ext = array_splice($ext, -1); $ext = $ext[0]; $filepath = $save_path . $file_id . '-' . $version . '.' . $ext; # Saving the new version of the image
define('PUBLIC_ENDPOINT', false); // Can anyone can access this endpoint # Including our configuration require_once __DIR__ . '/_includes/config.php'; require_once __DIR__ . '/_includes/validate-app.php'; # Endpoint Specific define('SHOW_DIRECTORIES', !isset($_CGET['nodirectories']) || !boolval_ext($_CGET['nodirectories'])); define('SHOW_FILES', !isset($_CGET['nofiles']) || !boolval_ext($_CGET['nofiles'])); # Our return class $content = new stdClass(); $content_results = array(); # Setting up our path $G_PATH_DATA = parse_path($_CGET['dir'], $_ENDPOINT, $G_TOKEN_SESSION_DATA); # Getting our directory $query = "\tSELECT\n\t\t\t\t`id`,\n\t\t\t\t`path`,\n\t\t\t\t`name`,\n\t\t\t\t`directories`,\n\t\t\t\t`files`,\n\t\t\t\t`filesize`,\n\t\t\t\t`children_filesize`,\n\t\t\t\t`created`,\n\t\t\t\t`modified`\n\t\t\tFROM \n\t\t\t\t" . NQ_DIRECTORY_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`environment`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_APP_ENVIRONMENT) . "' AND\n\t\t\t\t`path`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_PATH_DATA->dir) . "' AND\n\t\t\t\t`name`\t\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $G_PATH_DATA->name) . "'\n\t\t\tLIMIT 1"; $directory_data = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query); $total_count = (SHOW_DIRECTORIES ? $directory_data['directories'] : 0) + (SHOW_FILES ? $directory_data['files'] : 0); # Handling our pages $per_page = isset($_CGET['limit']) ? min((int) $_CGET['limit'], $G_APP_DATA['results_limit']) : $G_APP_DATA['results_limit']; $page = isset($_CGET['page']) ? abs((int) $_CGET['page']) : 0; $pages = floor(($total_count - 1) / $per_page); $pageXPer = $page * $per_page; # Filtering our directories $directories_start = 0; $directories_limit = 0; $directories_shown = 0; if (SHOW_DIRECTORIES) { $directories_start = $pageXPer > $directory_data['directories'] - $per_page ? $pageXPer : 0; $directories_limit = max(0, $directory_data['directories'] - $directories_start); $directories_shown = $directory_data['directories']; }
function directory_parent_ids($dblink, $parent_id) { # No parent id, exiting function if ($parent_id == 0) { return []; } # Array of parent id's starting with the requested $parent_ids = [$parent_id]; # Continuing till we reach the top while ($parent_id != 0) { # Getting the parent id $query = "\tSELECT\n\t\t\t\t\t\t`parent_id`\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_DIRECTORY_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`=" . (int) $parent_id . "\n\t\t\t\t\tLIMIT 1"; $parent_data = mysqli_single_result_query($dblink, $query); # Saving the parent id $parent_id = (int) $parent_data['parent_id']; $parent_ids[] = $parent_id; } # Sorting top to bottom array_reverse($parent_ids); # Returning the parent ids return $parent_ids; }
$content->blocked = 0; $content->sent = 0; # Sending our email $email->personal = $email->personal == '' ? $G_APP_DATA['name'] : $email->personal; $headers = 'From: ' . $email->personal . '<' . $email->mailbox . '@' . $email->host . '>' . "\n" . 'MIME-Version: 1.0' . "\n" . 'Content-type:text/html;charset=iso-8859-1' . "\n" . 'Reply-To: ' . $_JPOST->sender_email . "\n"; # Sending our emails foreach (is_array($_JPOST->recipients) ? $_JPOST->recipients : explode(',', $_JPOST->recipients) as $email) { # Separating for validation $p = explode('@', $email, 2); # Bailing if not someone@someplace.com format if (count($p) < 2) { continue; } # Checking if the email is blocked $query = "\tSELECT\n\t\t\t\t\t`email`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t`email`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $email) . "'\n\t\t\t\tLIMIT 1"; $blocked_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); # This user has blocked the app from sending emails if (isset($blocked_data['permanent']) && $blocked_data['permanent']) { $content->blocked++; } elseif (!isset($blocked_data['requested_unblock']) || $blocked_data['requested_unblock'] != 1) { # Our ids $track_id = mysqli_insert_id($G_CONTROLLER_DBLINK); $hash_id = hash('sha256', $track_id . $email); # Updating the hash id $query = "\tUPDATE\n\t\t\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\t\t\tSET\n\t\t\t\t\t\t`hash_id`\t='" . $hash_id . "'\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`id`\t\t=" . (int) $track_id . "\n\t\t\t\t\tLIMIT 1"; mysqli_sub_query($G_CONTROLLER_DBLINK, $query); # Customizing the body $mail_body = $body . '<img style="display:none;" src="http://email.v1.0.nuquery.com/' . $G_APP_DATA['id'] . '/track?ref=' . $hash_id . '" width="1" height="1" />'; # Inserting our unsubscribe link if ($has_unsubscribe) { $mail_body = str_replace('<const:unsubscribe>', '<a href="http://email.v1.0.nuquery.com/' . $G_APP_DATA['id'] . '/unsubscribe?ref=' . $hash_id . '&email=' . urlencode($email) . '" style="color:inherit;text-decoration:inherit;"> Unsubscribe </a>', $mail_body);
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ # Including our configuration require_once dirname(__FILE__) . '/_includes/config.php'; # Handling our global json parsing $_JPOST = PostParser::decode(); # Validating our app if (hash('sha256', $G_APP_DATA['secret']) != $_JPOST->app_secret) { exit_fail(NQ_ERROR_SERVICE_UNAVAILABLE, 'Service unavailable.'); } # Setting our token data $query = "\tSELECT\n\t\t\t\t`session_id`\n\t\t\tFROM\n\t\t\t\t" . NQ_ACCESS_TOKEN_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`hash_id`='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $_JPOST->token) . "'\n\t\t\tLIMIT 1"; $token_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); # Updating our data $query = "\tSELECT\n\t\t\t\t`details`\n\t\t\tFROM\n\t\t\t\t" . NQ_ACCESS_SESSION_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`id`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $token_data['session_id']) . "'\n\t\t\tLIMIT 1"; $session_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); # Creating our token string $strlen = PostParser::send(json_decode($session_data['details'])); /* --- Connection closed wit PostParser::send --- Below this point things need to be tracked and cleaned up --- */ # Opening our tracking dblink $G_TRACKING_DBLINK = mysqli_shared_connect(NQ_TRACKING_HOST, NQ_TRACKING_USERNAME, NQ_TRACKING_PASSWORD, $G_SHARED_DBLINKS); # Closing the controller dblink mysqli_shared_close($G_CONTROLLER_DBLINK, $G_SHARED_DBLINKS); # Adding our usage track_endpoint($G_SHARED_DBLINKS, $G_APP_DATA['id'], $G_APP_ENVIRONMENT, $_ENDPOINT, $strlen);
function get_whitelist_columns($dblink, $app_id, $table_id, $token_id) { # Getting our columns from the database $query = "\tSELECT\n\t\t\t\t\tGROUP_CONCAT(`column_name`) AS `columns`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_WHITELIST_COLUMNS_TABLE . "\n\t\t\t\tWHERE\n\t\t\t\t\t`app_id`\t=" . (int) $app_id . " AND\n\t\t\t\t\t`table_id`\t=" . (int) $table_id . " AND\n\t\t\t\t\t`token_id`\t=" . (int) $token_id; $data = mysqli_single_result_query($dblink, $query); # Returning the columns return $data['columns'] == '' ? [] : explode(',', $data['columns']); }
while ($token_data = mysqli_fetch_assoc($token_result)) { # Creating our new token $token = new stdClass(); $token->id = $token_data['id']; $token->api_key = $token_data['api_key']; $token->notes = $token_data['notes']; $token->privileges = new stdClass(); $token->column_comments = new stdClass(); # Adding column comments mysqli_data_seek($result, 0); while ($column_data = mysqli_fetch_assoc($result)) { $token->comments->{$column_data['Field']} = $column_data['Comment']; } # If the table is blacklisted $query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_BLACKLIST_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`token_id`\t=" . (int) $token_data['id'] . " AND\n\t\t\t\t\t\t`table_id`\t=" . (int) $G_TABLE_DETAILS['id']; $blacklist_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $query); $token->blacklisted = isset($blacklist_data['app_id']); # Getting the whitelisted columns $query = "\tSELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\t" . NQ_WHITELIST_COLUMNS_TABLE . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t\t\t`token_id`\t=" . (int) $token_data['id'] . " AND\n\t\t\t\t\t\t`table_id`\t=" . (int) $G_TABLE_DETAILS['id']; $whitelist_result = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query); # If we are all whitelisted $token->allWhitelisted = NQ_WHITELIST_EXISTENTIAL && mysqli_num_rows($whitelist_result) == 0; $token->allWhitelisted = $token->allWhitelisted || mysqli_num_rows($result) == mysqli_num_rows($whitelist_result); # If we want to whitelist everything if (NQ_WHITELIST_EXISTENTIAL && mysqli_num_rows($whitelist_result) == 0) { mysqli_data_seek($result, 0); while ($column_data = mysqli_fetch_assoc($result)) { $token->privileges->{$column_data['Field']} = 2; } } else { # Listing all of our columns
$table_settings = $G_TABLE_SETTINGS[$G_TABLE_INDEX++]; $attached_bitmask = $G_PARTITION_BITSIZE[$table_settings['partition_size']]; # What kind of attached link is it? switch ($attached['type']) { # One to one case 'single': $partitions = new stdClass(); foreach ($content as $key => $val) { # Calculating the ids we have $attached_id = (int) $val[$attached['column']]; $partition_number = $attached_id >> $attached_bitmask[0]; # New partition to track if (!isset($partitions->{$partition_number})) { # Loading our server details $server_query = "\tSELECT\n\t\t\t\t\t\t\t\t\t\t`p`.`id`,\n\t\t\t\t\t\t\t\t\t\t`p`.`table_name`,\n\t\t\t\t\t\t\t\t\t\t`s`.`host`,\n\t\t\t\t\t\t\t\t\t\t`s`.`username`,\n\t\t\t\t\t\t\t\t\t\t`s`.`password`,\n\t\t\t\t\t\t\t\t\t\t`s`.`database`\n\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\t\t\t\t\t\tLEFT JOIN\n\t\t\t\t\t\t\t\t\t\t" . NQ_SERVERS_TABLE . " `s`\n\t\t\t\t\t\t\t\t\t\tON\n\t\t\t\t\t\t\t\t\t\t\t`s`.`id`=`p`.`host_id`\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t`table_id`=" . (int) $table_settings['id'] . " AND\n\t\t\t\t\t\t\t\t\t\t`number` = " . (int) $partition_number . "\n\t\t\t\t\t\t\t\t\tLIMIT 1"; $server_data = mysqli_single_result_query($G_CONTROLLER_DBLINK, $server_query); $partitions->{$partition_number} = (object) ['server_data' => $server_data, 'ids' => [], 'keys' => new stdClass()]; # Adding our tracking $G_READ_PARTITION_IDS[] = $server_data['id']; } # Updating the current patition $current_partition = $partitions->{$partition_number}; if (!in_array($attached_id, $current_partition->ids)) { $current_partition->ids[] = $attached_id; } $current_partition->keys->{$attached_id}[] = $key; } # Retrieving the partitions $query = false; foreach ($partitions as $number => $partition) { # Local variables
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ # Including our configuration and validate app require_once __DIR__ . '/_includes/config.php'; require_once __DIR__ . '/_includes/validate-app.php'; # Handling our global json parsing $_JPOST = PostParser::decode(); # Getting the domain to confim $query = "\tSELECT\n\t\t\t\t*\t\n\t\t\tFROM\n\t\t\t\t" . NQ_DOMAIN_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . " AND\n\t\t\t\t`domain`\t='" . mysqli_escape_string($G_STORAGE_CONTROLLER_DBLINK, $_JPOST->domain) . "' AND\n\t\t\t\t`confirmed`\t=b'0'"; $G_RECORD_DATA = mysqli_single_result_query($G_STORAGE_CONTROLLER_DBLINK, $query); # Validating our dns record $records = array_merge(dns_get_record('*.' . $_JPOST->domain, DNS_TXT), dns_get_record($_JPOST->domain, DNS_TXT)); $spf_valid = false; $txt_value = false; foreach ($records as $record) { # We are checking for spf if (!$spf_valid && substr($record['txt'], 0, 5) == 'v=spf') { # Breaking apart our txt record $parts = explode(' ', trim(substr($record['txt'], 5))); # Looping over each part foreach ($parts as $part) { # Getting our block and address $block = strpos($part, ':') !== false ? substr($part, 0, strpos($part, ':')) : $last_block; $address = trim(substr($part, strpos($part, ':'))); $address = strpos($address, '/') !== false ? substr($address, 0, strpos($address, '/')) : $address;
while ($table_data = mysqli_fetch_assoc($result)) { # Selecting the partitions for the table $query = "\tSELECT\n\t\t\t\t\t`p`.`table_name`,\n\t\t\t\t\t`s`.`host`,\n\t\t\t\t\t`s`.`username`,\n\t\t\t\t\t`s`.`password`,\n\t\t\t\t\t`s`.`database`\n\t\t\t\tFROM\n\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\tLEFT JOIN\n\t\t\t\t\t" . NQ_SERVER_DATABASE_TABLE . " `s`\n\t\t\t\t\tON\n\t\t\t\t\t\t`p`.`host_id`=`s`.`id`\n\t\t\t\tWHERE\n\t\t\t\t\t`p`.`table_id`=" . (int) $table_data['id']; $partition_results = mysqli_multi_result_query($G_CONTROLLER_DBLINK, $query); while ($partition_data = mysqli_fetch_assoc($partition_results)) { # Establishing our database connection $dblink = mysqli_shared_connect($partition_data['host'], $partition_data['username'], $partition_data['password'], $G_SHARED_DBLINKS); # Creating our delete query $query = "\tDELETE FROM\n\t\t\t\t\t\t`" . $partition_data['database'] . "`.`" . $partition_data['table_name'] . "`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`timestamp`<'" . date('Y-m-d H:i:s', strtotime('-' . (int) $table_data['row_timeout'] . ' minutes')) . "'"; mysqli_sub_query($dblink, $query); $affected_rows = mysqli_affected_rows($dblink); # We had a change if ($affected_rows > 0) { # Getting our new table size $query = "\tSELECT\n\t\t\t\t\t\t\tSUM( `DATA_LENGTH` + `INDEX_LENGTH` ) AS `size`\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t`INFORMATION_SCHEMA`.`TABLES`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`TABLE_SCHEMA`\t='" . mysqli_escape_string($dblink, $partition_data['database']) . "' AND\n\t\t\t\t\t\t\t`TABLE_NAME`\t='" . mysqli_escape_string($dblink, $partition_data['table_name']) . "'"; $size_data = mysqli_single_result_query($dblink, $query); # Updating the table $query = "\tUPDATE\n\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . "\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t`rows`\t\t=`rows`-" . (int) $affected_rows . ",\n\t\t\t\t\t\t\t`size`\t\t=" . (int) $size_data['size'] . ",\n\t\t\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id`\t\t=" . (int) $table_data['id'] . "\n\t\t\t\t\t\tLIMIT 1"; mysqli_sub_query($G_CONTROLLER_DBLINK, $query); # Saving our data to process later $G_UPDATED_TABLES[] = (int) $table_data['id']; $G_UPDATED_APPS[] = (int) $table_data['app_id']; $partitions_updated_count++; } } } # Updating the tables $G_UPDATED_TABLES = array_unique($G_UPDATED_TABLES, SORT_NUMERIC); if (count($G_UPDATED_TABLES) > 0) { $query = "\tUPDATE\n\t\t\t\t\t" . NQ_TABLE_SETTINGS_TABLE . " `s`\n\t\t\t\tSET\n\t\t\t\t\t`rows`\t\t=`rows`-" . (int) $affected_rows . ",\n\t\t\t\t\t`size`\t\t=(\n\t\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t\tSUM(`size`)\n\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t" . NQ_TABLE_PARTITIONS_TABLE . " `p`\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t`p`.`table_id`= `s`.`id`\n\t\t\t\t\t\t\t\t),\n\t\t\t\t\t`modified`\t=NOW(),\n\t\t\t\t\t`accessed`\t=NOW()\n\t\t\t\tWHERE\n\t\t\t\t\t`id`\t\t\tIN (" . implode(',', $G_UPDATED_TABLES) . ")\n\t\t\t\tLIMIT " . count($G_UPDATED_TABLES); mysqli_sub_query($G_CONTROLLER_DBLINK, $query);
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ # This page is public define('PUBLIC_ENDPOINT', true); define('CONNECT_TO_TRACKING', true); # Including our config require_once __DIR__ . '/_includes/config.php'; require_once __DIR__ . '/_includes/validate-app.php'; # Checking to see if our has it valid $query = "\tSELECT\n\t\t\t\t*\n\t\t\tFROM\n\t\t\t\t" . NQ_ANALYTICS_SENT_TABLE . "\n\t\t\tWHERE\n\t\t\t\t`hash_id`='" . mysqli_escape_string($G_TRACKING_DBLINK, $_CGET['ref']) . "'\n\t\t\tLIMIT 1"; $sent_data = mysqli_single_result_query($G_TRACKING_DBLINK, $query); # We can unsubscribe if (isset($sent_data['recipient']) && $_CGET['email'] == $sent_data['recipient']) { # Adding to blocked emails $query = "\tINSERT IGNORE INTO\n\t\t\t\t\t" . NQ_BLOCKED_EMAILS_TABLE . "\n\t\t\t\tSET\n\t\t\t\t\t`app_id`\t=" . (int) $G_APP_DATA['id'] . ",\n\t\t\t\t\t`email`\t\t='" . mysqli_escape_string($G_CONTROLLER_DBLINK, $sent_data['recipient']) . "',\n\t\t\t\t\t`created`\t=NOW()"; mysqli_sub_query($G_CONTROLLER_DBLINK, $query); # Displaying echo ' <!doctype html> <html> <head> <title>Unsubscribe</title> </head> <body style="font-family:Arial;font-size:14px;"> <div style="position:fixed;top:50%;margin-top:-250px;left:50%;margin-left:-200px;width:400px;text-align:center;"> <img src="http://img.v1.0.nuquery.com/2/thumbnail/width=400&height=400&scale=contain/apps/', $G_APP_DATA['id'], '/icon.png" style="width:200px;height:200px;border-radius:100%;" /> <br />