forked from slackero/phpwcms
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathverify.php
105 lines (70 loc) · 2.57 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<?php
/**
* phpwcms content management system
*
* @author Oliver Georgi <[email protected]>
* @copyright Copyright (c) 2002-2014, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// redirect verify to correct newsletter action
$phpwcms = array();
require_once ('config/phpwcms/conf.inc.php');
require_once ('include/inc_lib/default.inc.php');
$type = '';
$email = 'n.a.';
if(!empty($_GET['s']) || !empty($_GET['u'])) {
require_once (PHPWCMS_ROOT.'/include/inc_lib/dbcon.inc.php');
require_once (PHPWCMS_ROOT.'/include/inc_lib/general.inc.php');
require_once (PHPWCMS_ROOT.'/include/inc_lib/backend.functions.inc.php');
if(isset($_GET['s'])) {
$hash = clean_slweg($_GET['s']);
$type = 'subscribe';
} else {
$hash = clean_slweg($_GET['u']);
$type = 'unsubscribe';
}
$data = _dbQuery('SELECT * FROM '.DB_PREPEND."phpwcms_address WHERE address_key='".aporeplace($hash)."' LIMIT 1");
if(isset($data[0])) {
// fix old hash where containing "+" char might result in an invalid hash key
$hash = str_replace(' ', '+', $hash);
$email = $data[0]['address_email'];
switch($type) {
case 'subscribe': $sql = 'UPDATE '.DB_PREPEND.'phpwcms_address ';
$sql .= 'SET address_verified=1 ';
$sql .= "WHERE address_key='".aporeplace($hash)."'";
if(empty($data[0]['address_verified'])) {
$result = _dbQuery($sql, 'UPDATE');
}
if(!empty($data[0]['address_url1'])) {
headerRedirect($data[0]['address_url1']);
}
if(!($page = file_get_contents(PHPWCMS_TEMPLATE.'inc_default/subscribe.tmpl'))) {
$page = "The email address <strong>{EMAIL}</strong> was verified.";
}
break;
case 'unsubscribe': $sql = 'DELETE FROM '.DB_PREPEND.'phpwcms_address ';
$sql .= "WHERE address_key='".aporeplace($hash)."'";
$result = _dbQuery($sql, 'DELETE');
if(!empty($data[0]['address_url2'])) {
headerRedirect($data[0]['address_url2']);
}
if(!($page = file_get_contents(PHPWCMS_TEMPLATE.'inc_default/unsubscribe.tmpl'))) {
$page = "All Subscriptions for <strong>{EMAIL}</strong> canceled.";
}
break;
}
} else {
headerRedirect(PHPWCMS_URL);
}
} else {
headerRedirect(PHPWCMS_URL);
}
// some replacements
$page = replaceGlobalRT($page);
$page = str_replace('{EMAIL}', $email, $page);
// send non caching page header
headerAvoidPageCaching();
echo $page;
?>