go ahead and confirm your e-mail address "; #CreateMailingListTables(0,$database); #CreateMailingListTables(1,$database); # Clean the user input of code foreach ($_GET as $key => $test){ $_GET[$key] = CLEANTXT($test); } foreach ($_POST as $key => $test){ $_POST[$key] = CLEANTXT($test); } function connect($database) { global $host,$user,$password; mysql_connect($host,$user,$password)or die("Unable to connect $host <- host".mysql_error()); @mysql_select_db($database) or die("Unable to select database $database".mysql_error()); } function MYSQLtfz($n,$database) { connect($database); $result = mysql_query($n)or die('Query failed: '.mysql_error()); mysql_close(); return $result; } function MYSQLsarray($n,$database) { connect($database); $result = mysql_query($n)or die('Query failed:' . mysql_error()); $output = mysql_fetch_array($result, MYSQL_ASSOC); mysql_free_result($result); return $output; } function MYSQLarray($n,$database) { connect($database); $output = array(); $result = mysql_query($n)or die('Query failed:' . mysql_error()); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { array_push($output,$row); } mysql_free_result($result); return $output; } function CLEANTXT($T){ $test = array("",""); $T = str_replace($test," BAD USER! ",$T); return $T; } function CreateMailingListTables($on,$database){ if ($on==1){ $nowdate = date("Y-m-d H:i:s"); $query = "CREATE TABLE MailingList (RefNo int NOT NULL auto_increment,"; $query .= "name varchar(125) NOT NULL,email varchar(125) NOT NULL,message blob NOT NULL,"; $query .= "confirmcode varchar(8) NOT NULL,confirmed tinyint(1) NOT NULL,"; $query .= "Date DATETIME NOT NULL, "; $query .= "PRIMARY KEY (RefNo))"; $Q = MYSQLtfz($query,$database); if ($Q == 1) { echo "
$query SUCCESS !!
"; } } if ($on==0){ echo "Dropping MailingList Tables!!"; MYSQLtfz("DROP TABLE MailingList",$database); } } function NewEmailAddress($name,$email,$fromname,$message,$database){ global $ToClientMessage,$ToClientSubject; $link = "http://".$_SERVER["SERVER_NAME"]."/".$_SERVER['PHP_SELF']."?Confirm="; $Code = ConfirmEmail($name,$email,$fromname,$ToClientSubject,$ToClientMessage,$link); $query = "INSERT INTO MailingList (name,email,confirmcode,message) VALUES ('$name','$email','$Code','$message')"; if (MYSQLtfz($query,$database)){echo "
Success sending confirmation e-mail."; } } function ConfirmEmail($name,$email,$from,$subject,$message,$link){ $boundary = "b".md5(uniqid(time())); $letters = "0123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ0123456789"; srand((double)microtime()*1000000); $rando=""; for ($i=0;$i<8;$i++) { $rando = $rando . substr ($letters, rand() % strlen($letters), 1); } $mime = "MIME-Version: 1.0 \n"; $mime .= "Content-Type: text/html; boundary=".$boundary." \n"; $mime .= "Content-Transfer-Encoding: 7bit \n"; $mime .= "From: $from \n"; $mime .= "Subject: $subject \n"; $mime .= "X-Mailer: Dragon Code Technologies Ltd \n"; $link = $link.$rando; $good = "


"; $good .= "$message

Click here to confirm this e-mail address works! "; $good .= ""; $yes = mail($email,$subject,$good,$mime); if ($yes==1){ echo "
Confirmation sent to $name @ $email !

Thank you !!


"; } return $rando; } if (isset($_POST['subscribe'])&&$_POST['email']!=""){ $mime = "MIME-Version: 1.0 \n"; $mime .= "Content-Type: text/html; boundary=".$boundary." \n"; $mime .= "Content-Transfer-Encoding: 7bit \n"; $mime .= "From: ".$_POST['email']." \n"; $mime .= "Subject: $RequestText \n"; $mime .= "X-Mailer: Dragon Code Technologies Ltd \n"; $good = "


"; $good .= "Add to mailing list : ".$_POST['email']."
"; $good .= ""; $yes = mail($requestaddress,$RequestText,$good,$mime); if ($yes==1){ echo "
Thank you
You are now subscribed to our mailing list!
";} }elseif(md5($_GET['passwd'])=="827ccb0eea8a706c4c34a16891f84e7b"){ $Check = MYSQLarray("SELECT * FROM MailingList ",$database); echo "
Listing all address on file...

"; foreach($Check as $C){ echo $C['name']." ".$C['email']."

"; } }else{ echo "

"; echo "
"; echo "
"; echo "  
"; } ?>