/** * Intercept the request parameters which drive the subscription and unsubscription * process. */ function newsletter_init() { global $newsletter_step, $wpdb, $newsletter_subscriber; global $hyper_cache_stop; // "na" always is the action to be performed - stands for "newsletter action" $action = $_REQUEST['na']; if (!$action) { return; } $hyper_cache_stop = true; if (defined('NEWSLETTER_EXTRAS')) { newsletter_extra_init($action); } $options = get_option('newsletter'); // Subscription request from a subscription form (in page or widget), can be // a direct subscription with no confirmation if ($action == 's') { if (!newsletter_is_email($_REQUEST['ne'])) { die(newsletter_label('error_email')); } // If not set, the subscription form is not requesting the name, so we do not // raise errors. if (isset($_REQUEST['nn'])) { if (trim($_REQUEST['nn']) == '') { die(newsletter_label('error_name')); } } else { $_REQUEST['nn'] = ''; } $profile1 = $_REQUEST['np']; if (!isset($profile1) || !is_array($profile1)) { $profile1 = array(); } // keys starting with "_" are removed because used internally $profile = array(); foreach ($profile1 as $k => $v) { if ($k[0] == '_') { continue; } $profile[$k] = $v; } $profile['_ip'] = $_SERVER['REMOTE_ADDR']; $profile['_referrer'] = $_SERVER['HTTP_REFERER']; // Check if the group is good newsletter_subscribe($_REQUEST['ne'], $_REQUEST['nn'], $profile); if (isset($options['noconfirmation'])) { $newsletter_step = 'confirmed'; } else { $newsletter_step = 'subscribed'; } return; } // A request to confirm a subscription if ($action == 'c') { $id = $_REQUEST['ni']; newsletter_confirm($id, $_REQUEST['nt']); header('Location: ' . newsletter_add_qs($options['url'], 'na=cs&ni=' . $id . '&nt=' . $_REQUEST['nt'], false)); die; } // Show the confirmed message after a redirection (to avoid mutiple email sending). // Redirect is sent by action "c". if ($action == 'cs') { $newsletter_subscriber = newsletter_get_subscriber($_REQUEST['ni']); if ($newsletter_subscriber->token != $_REQUEST['nt']) { die('Ivalid token'); } $newsletter_step = 'confirmed'; } // Unsubscription process has 2 options: if email and token are specified the user // will only be asked to confirm. If there is no infos of who remove (when // mass mail mode is used) the user will be asked to type the emailto be removed. if ($action == 'u') { $newsletter_step = 'unsubscription'; } // User confirmed he want to unsubscribe clicking the link on unsubscription // page if ($action == 'uc') { newsletter_unsubscribe($_REQUEST['ni'], $_REQUEST['nt']); $newsletter_step = 'unsubscribed'; } }
if ($action == 'import') { @set_time_limit(100000); $csv = stripslashes($_POST['csv']); $lines = explode("\n", $csv); $errors = array(); foreach ($lines as $line) { $line = trim($line); if ($line == '') { continue; } if ($line[0] == '#') { continue; } $data = explode(';', $line); $email = newsletter_normalize_email($data[0]); if (!newsletter_is_email($email)) { $errors[] = $line; continue; } $name = newsletter_normalize_name($data[1]); $token = md5(rand()); $r = $wpdb->query("insert into " . $wpdb->prefix . "newsletter (status, email, name, token) values ('C', '" . $wpdb->escape($email) . "','" . $wpdb->escape($name) . "','" . $token . "')"); // Zero or false mean no row inserted if (!$r) { $errors[] = $line; } } } $nc = new NewsletterControls(); ?>