okay my problem is quite complicated.
first off let me say i am editing a already working script and just trying to add some stuff to it.
<?php
/**
* nl_ShowCats - shows all newsletters
*
* @author Nicolas De Rycke <nderycke@c4ifr.com>
*/
function nl_ShowCats() {
global $PHP_SELF, $user, $login_switch, $table_prefix;
$star = "<span style=\"color:red;font-weight:bold\">*</span>";
$access = nl_UserAccess();
$r = mysql_query("SELECT lid, name, access, enabled FROM " . $table_prefix . "mod_newsletter_list
WHERE access<='$access' ORDER BY news_order;");
$entries = mysql_num_rows($r);
$box_title = "Newsletters";
$box_content = "<p>You can see here the newsletters available on this site.</p>";
if (!$user) {
$box_content .= "Since we are going to use 'Players/Parents' to reach everyone in the Region, please register for this one first.<BR><BR><p>From here you can <b>Subscribe</b> and <b>Unsubscribe</b> to the newsletters
or simply view the archived messages. To view the archives click on the newsletter's name.</p>";
if ($login_switch == 1) {
$box_content .= "<p><i><b>Note:</b> If you were a <a href=\"user.php\">registered user</a>,
you could see which newsletters you have already subscribed to.</i></p>";
}
} else {
$box_content .= "<p><i><b>Note:</b> You have already subscribed to
the newsletters surrounded by asterisks ($star).</i></p>";
}
if ($entries > 0) {
$box_content .= "<table cellpadding=\"2\" cellspacing=\"1\" width=\"100%\">\n
<tr><td style=\"font-weight:bold;text-transform:uppercase\" colspan=\"2\">Name</td></tr>\n";
$i = 0;
while ($row = mysql_fetch_object($r)) {
$bg = ($i++ % 2)?'#f0f0f0':'#ffffff';
// test if user is in list
$active = nl_UserActive($row->lid) & $row->enabled;
$box_content .= "<tr bgcolor=\"$bg\" valign=\"top\"><td >"
."<a href=\"./mod.php?mod=newsletter&op=archive&lid=$row->lid\">"
.(($active) ? $star : "")."$row->name" .(($active) ? $star : "")."</a>";
if ($row->enabled == 0) {
$box_content .= "</td><td><small>This newsletter is closed</small></td></tr>";
} else {
$box_content .= "</td>\n <td nowrap>[ \n";
if ($user) {
$box_content .= "<a href=\"./mod.php?mod=newsletter&op="
. (($active)?"remove":"add") . "&lid=$row->lid\">"
. (($active)?"Unsubscribe":"Subscribe") . "</a> ]";
} else {
$box_content .= "<a href=\"./mod.php?mod=newsletter&op=select&lid=$row->lid\">Subscribe / Unsubscribe</a> ]";
}
$box_content .= "</td></tr>\n";
}
}
$box_content .= "</table>";
} else {
$box_content .= "Unfortunately, there aren't any newsletters available yet.";
}
themesidebox($box_title, $box_content);
}
/**
* nl_SelectUser - get email address of unreg. user
*
* @author Nicolas De Rycke <nderycke@c4ifr.com>
* @param int lid: The list ID
* @param string email: The mail address, if not first call
*/
function nl_SelectUser($lid, $email) {
global $PHP_SELF, $table_prefix;
if ((int) $lid == 0) nl_Error("Invalid Newsletter LID!");
$r = mysql_query("SELECT name FROM " . $table_prefix . "mod_newsletter_list WHERE lid='$lid';");
list($name) = mysql_fetch_row($r);
$box_title = "Subscribe or Unsubscribe to the newsletter: $name";
// a little bit tricky
if ($email != "") {
$box_content = "Invalid email address format, please correct.";
}
// make form
$box_content = "
<form action=\"$PHP_SELF\" method=\"post\">
<input type=\"hidden\" name=\"mod\" value=\"newsletter\" />
<input type=\"hidden\" name=\"op\" value=\"select2\" />
<input type=\"hidden\" name=\"lid\" value=\"$lid\" />
<p>Please enter your email address:
<input type=\"text\" name=\"email\" value=\"$email\" /><br />
<input type=\"submit\" value=\"Send\" /></p></form>";
themesidebox($box_title, $box_content);
nl_GoBack();
}
/**
* nl_SendCode - send validation code to unreg. user
*
* @author Nicolas De Rycke <nderycke@c4ifr.com>
* @param int lid: The list ID
* @param string email: The mail address
*/
function nl_SendCode($lid, $email) {
global $PHP_SELF, $nuke_url, $REMOTE_ADDR, $adminmail, $sitename, $table_prefix;
if ((int) $lid == 0) die("Invalid Newsletter LID!");
// so we do need some access control now :)
$access = nl_UserAccess();
$r = mysql_query ("SELECT access FROM " . $table_prefix . "mod_newsletter_list WHERE lid='$lid';");
list ($db_access) = mysql_fetch_row($r);
if ($access < $db_access) {
$box_title = "No Access";
$box_content = "You don't have authorization to access this newsletter.";
themesidebox($box_title, $box_content);
nl_GoBack();
exit;
}
$r = mysql_query ("SELECT name FROM " . $table_prefix . "mod_newsletter_list WHERE lid='$lid';");
list($name) = mysql_fetch_row($r);
$r = mysql_query ("SELECT code FROM " . $table_prefix . "mod_newsletter_".$lid."_user WHERE email='$email';");
if ($r && (mysql_num_rows($r) == 1)) {
// use the old code
list($code) = mysql_fetch_row($r);
nl_SendValiCode($email, $name, $lid, $code);
} else {
// need a new one
$code = md5(uniqid(rand()));
mysql_query ("INSERT INTO " . $table_prefix . "mod_newsletter_".$lid."_user (email, code, date, enabled) "
."VALUES ('$email', '$code', SYSDATE(), '0');");
if (mysql_errno() == 0) {
nl_SendValiCode($email, $name, $lid, $code);
}
}
// Starts output
$box_title = "Subscription to the Newsletter: $name";
$box_content = "You will shortly receive an email with an URL.
You must point your browser to that URL in order to confirm your subscription.";
themesidebox ($box_title, $box_content);
nl_GoBack();
}
/**
* nl_Select2User -in between step to verify syntax of email address
*
* @author Nicolas De Rycke <nderycke@c4ifr.com>
* @param int lid: The list ID
* @param string email: The mail address
*/
function nl_Select2User($lid, $email) {
global $PHP_SELF, $login_switch, $table_prefix;
if ((int) $lid == 0) nl_Error("Invalid Newsletter LID!");
// wrong email, tricky
if ((!$email) || ($email=="") ||
(!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$",$email))) {
nl_GoBack("./mod.php?mod=newsletter&op=select&lid=$lid&email=$email","Invalid Email - Go Back to Correct");
exit;
}
// fetch name
$r = mysql_query ("SELECT name FROM " . $table_prefix . "mod_newsletter_list WHERE lid='$lid';");
list ($name) = mysql_fetch_row($r);
// test if user is listed
$r = mysql_query("SELECT enabled FROM " . $table_prefix . "mod_newsletter_".$lid."_user WHERE email='$email';");
if ($r && (mysql_num_rows($r) == 1)) {
list($enabled) = mysql_fetch_row($r);
$in_list = true;
} else
$in_list = false;
// start output
$box_title = "Subscribe or Unsubscribe to $name";
$box_content = "<p>Your email address: $email</p>";
if ($in_list) {
if ($enabled == 1) {
$box_content .= "<p>You are currently a subscriber to the newsletter.
If you want to unsubscribe, click the button below to receive an
email with instructions on unsubscribing. The email will contain
a URL to browse to confirm your wish to unsubscribe from the newsletter.</p>";
$oper = "delextern";
$submit = "Remove Me";
} else {
$box_content .= "<p>You have not subscribed to the newsletter yet, but we
already sent you an e-mail. You should have received an e-mail with
a URL. You must surf to that URL in order to confirm your
subscription to the newsletter. If you did not receive that email,
please click the button below to receive the code again.</p>";
$oper = "sendcode";
$submit = "Mail Me The Code Again";
}
} else {
$box_content .= "<p>You have not subscribed to the newsletter yet.
If you want to subscribe, please click the button below. You will
receive an email with instructions and a URL to browse to confirm
your email address. Once you've done that, you will be subscribed.</p>";
$oper = "addextern";
$submit = "Send Me The Code";
}
if ($login_switch == 1) {
$box_content .= "<p><i><b>Note:</b> The subscription and unsubscription process
to the newsletter are substantially simpler,
if you are <a href=\"user.php\">registered user</a>.</i></p>";
}
$box_content .= "
<form action=\"$PHP_SELF\" method=\"post\">
<input type=\"hidden\" name=\"mod\" value=\"newsletter\" />
<input type=\"hidden\" name=\"op\" value=\"$oper\" />
<input type=\"hidden\" name=\"lid\" value=\"$lid\" />
<input type=\"hidden\" name=\"email\" value=\"$email\" />
<input type=\"submit\" value=\"$submit\" /></form>";
themesidebox($box_title, $box_content);
nl_GoBack();
}
