backoffice/html/mailing/lt.php

99 lines
3.8 KiB
PHP
Raw Permalink Normal View History

2011-06-21 15:28:10 +02:00
<?php
ob_start();
$er = error_reporting(0); # some ppl have warnings on
require_once dirname(__FILE__) .'/admin/commonlib/lib/unregister_globals.php';
require_once dirname(__FILE__) .'/admin/commonlib/lib/magic_quotes.php';
require_once dirname(__FILE__).'/admin/init.php';
## none of our parameters can contain html for now
$_GET = removeXss($_GET);
$_POST = removeXss($_POST);
$_REQUEST = removeXss($_REQUEST);
if ($_SERVER["ConfigFile"] && is_file($_SERVER["ConfigFile"])) {
include $_SERVER["ConfigFile"];
} elseif ($_ENV["CONFIG"] && is_file($_ENV["CONFIG"])) {
include $_ENV["CONFIG"];
} elseif (is_file("config/config.php")) {
include "config/config.php";
}
#error_reporting($er);
require_once dirname(__FILE__).'/admin/'.$GLOBALS["database_module"];
require_once dirname(__FILE__)."/texts/english.inc";
include_once dirname(__FILE__)."/texts/".$GLOBALS["language_module"];
require_once dirname(__FILE__)."/admin/defaultconfig.inc";
require_once dirname(__FILE__).'/admin/connect.php';
include_once dirname(__FILE__)."/admin/languages.php";
$id = sprintf('%s',$_GET['id']);
if ($id != $_GET['id']) {
print "Invalid Request";
exit;
}
$track = base64_decode($id);
$track = $track ^ XORmask;
@list($msgtype,$linkid,$messageid,$userid) = explode('|',$track);
$userid = sprintf('%d',$userid);
$linkid = sprintf('%d',$linkid);
$messageid = sprintf('%d',$messageid);
$linkdata = Sql_Fetch_array_query(sprintf('select * from %s where linkid = %d and userid = %d and messageid = %d',
$GLOBALS['tables']['linktrack'],$linkid,$userid,$messageid));
if (!$linkid || $linkdata['linkid'] != $linkid || !$userid || !$messageid) {
FileNotFound();
# echo 'Invalid Request';
# maybe some logging?
exit;
}
#print "$track<br/>";
#print "User $userid, Mess $messageid, Link $linkid";
if (!isset($linkdata['firstclick'])) {
Sql_query(sprintf('update %s set firstclick = now() where linkid = %d and userid = %d and messageid = %d',
$GLOBALS['tables']['linktrack'],$linkid,$userid,$messageid));
}
Sql_query(sprintf('update %s set clicked = clicked + 1 where linkid = %d and userid = %d and messageid = %d',
$GLOBALS['tables']['linktrack'],$linkid,$userid,$messageid));
$viewed = Sql_Fetch_Row_query(sprintf('SELECT viewed FROM %s WHERE messageid = %d AND userid = %d',
$GLOBALS['tables']['usermessage'], $messageid, $userid));
if (!$viewed[0]) {
Sql_Query(sprintf('update %s set viewed = now() where messageid = %d and userid = %d',
$GLOBALS['tables']['usermessage'], $messageid, $userid));
Sql_Query(sprintf('update %s set viewed = (viewed + 1) where id = %d',
$GLOBALS['tables']['message'], $messageid));
}
switch ($msgtype) {
case 'H':
Sql_Query(sprintf('insert into %s (linkid,userid,messageid,name,data,date)
values(%d,%d,%d,"Message Type","HTML",now())',
$GLOBALS['tables']['linktrack_userclick'],$linkid,$userid,$messageid));
break;
case 'T':
Sql_Query(sprintf('insert into %s (linkid,userid,messageid,name,data,date)
values(%d,%d,%d,"Message Type","Text",now())',
$GLOBALS['tables']['linktrack_userclick'],$linkid,$userid,$messageid));
break;
default:
Sql_Query(sprintf('insert into %s (linkid,userid,messageid,name,data,date)
values(%d,%d,%d,"Message Type","Unknown",now())',
$GLOBALS['tables']['linktrack_userclick'],$linkid,$userid,$messageid));
break;
}
$sysarrays = array_merge($_ENV,$_SERVER);
if (is_array($GLOBALS["userhistory_systeminfo"])) {
foreach ($GLOBALS["userhistory_systeminfo"] as $key) {
if (!empty($sysarrays[$key])) {
Sql_Query(sprintf('insert into %s (linkid,userid,messageid,name,data,date)
values(%d,%d,%d,"%s","%s",now())',
$GLOBALS['tables']['linktrack_userclick'],$linkid,$userid,$messageid,$key,addslashes($sysarrays[$key])));
}
}
}
header("Location: " . $linkdata['forward']);
exit;
?>