<?php
  require('config.php');
  require('class.SimpleMail.php');
  
  $conn\; =\; mysql\_connect(SQL\_HOST,\; SQL\_USER,\; SQL\_PASS)\; or\; die(\text{'}Could\; not\; connect\; to\; MySQL\; database.\; \text{'}\; .\; mysql\_error());\; mysql\_select\_db(SQL\_DB,$conn);
  
  $headers\; =\; "From:\; "\; .\; ADMIN\_EMAIL\; .\; "\backslash r\backslash n";\; if\; (isset($_REQUEST['action'])) {
    switch ($\_REQUEST[\text{'}action\text{'}])\; \{\; case\; \text{'}Remove\text{'}:$sql = "SELECT user_id FROM ml_users " .
               "WHERE email='" . $\_POST[\text{'}email\text{'}]\; .\; "\text{'}";$result = mysql_query($sql,$conn);
  
        if (mysql_num_rows($result))\; \{$row = mysql_fetch_array($result);$user_id = $row[\text{'}user\_id\text{'}];$url = "http://" . $\_SERVER[\text{'}HTTP\_HOST\text{'}]\; .\; dirname($_SERVER['PHP_SELF']) .
                 "/remove.php?u=" . _POST['ml_id'];
          header("Location: $url");\; exit();\; \}$redirect = 'user.php';
        break;
  
      case 'Subscribe':
        $sql\; =\; "SELECT\; user\_id\; FROM\; ml\_users\; "\; .\; "WHERE\; email=\text{'}"\; .$_POST['email'] . "'";
        $result\; =\; mysql\_query($sql, $conn);\; if\; (!mysql\_num\_rows($result)) {
          $sql\; =\; "INSERT\; INTO\; ml\_users\; "\; .\; "(firstname,lastname,email)\; ".\; "VALUES\; (\text{'}"\; .$_POST['firstname'] . "'," .
                 "'" . $\_POST[\text{'}lastname\text{'}]\; .\; "\text{'},"\; .\; "\text{'}"\; .$_POST['email'] . "')";
          $result\; =\; mysql\_query($sql, $conn);$user_id = mysql_insert_id($conn);\; \}\; else\; \{$row = mysql_fetch_array($result);$user_id = $row[\text{'}user\_id\text{'}];\; \}$sql = "INSERT INTO ml_subscriptions (user_id,ml_id) " .
               "VALUES ('" . $user\_id\; .\; "\text{'},\text{'}"\; .$_POST['ml_id'] . "')";
        mysql_query($sql,$conn);
  
        $sql\; =\; "SELECT\; listname\; FROM\; ml\_lists\; "\; .\; "WHERE\; ml\_id="\; .$_POST['ml_id'];
        $result\; =\; mysql\_query($sql, $conn);$row = mysql_fetch_array($result);$listname = $row[\text{'}listname\text{'}];$url = "http://" . $\_SERVER[\text{'}HTTP\_HOST\text{'}]\; .\; dirname($_SERVER['PHP_SELF']) .
               "/user_transact.php?u=" . _POST['ml_id'] . "&action=confirm";
  
        $subject\; =\; \text{'}Mailing\; list\; confirmation\text{'};$body = "Hello " . $\_POST[\text{'}firstname\text{'}]\; .\; "\backslash n"\; .\; "Our\; records\; indicate\; that\; you\; have\; subscribed\; to\; "\; .\; "the\; "\; .$listname . " mailing list.\n\n" .
                "If you did not subscribe, please accept our " .
                "apologies. You will not be subscribed if you do " .
                "not visit the confirmation URL.\n\n" .
                "If you subscribed, please confirm this by visiting " .
                "the following URL:\n" . $url;$mailmsg = new SimpleMail();
        $mailmsg->send($_POST['email'],$subject,$body,$headers);$redirect = "thanks.php?u=" . _POST['ml_id'] . "&t=s";
        break;
  
      case 'confirm':
        if (isset($\_GET[\text{'}u\text{'}],$_GET['ml'])) {
          $sql\; =\; "UPDATE\; ml\_subscriptions\; SET\; pending=0\; "\; .\; "WHERE\; user\_id="\; .$_GET['u'] .
                 " AND ml_id=" . $\_GET[\text{'}ml\text{'}];\; mysql\_query($sql, $conn);$sql = "SELECT listname FROM ml_lists " .
                 "WHERE ml_id=" . $\_GET[\text{'}ml\text{'}];$result = mysql_query($sql,$conn);
  
          $row\; =\; mysql\_fetch\_array($result);
          $listname\; =$row['listname'];
  
          $sql\; =\; "SELECT\; *\; FROM\; ml\_users\; "\; .\; "WHERE\; user\_id=\text{'}"\; .$_GET['u'] . "'";
          $result\; =\; mysql\_query($sql, $conn);$row = mysql_fetch_array($result);$firstname = $row[\text{'}firstname\text{'}];$email = $row[\text{'}email\text{'}];$url = "http://" . $\_SERVER[\text{'}HTTP\_HOST\text{'}]\; .\; dirname($_SERVER['PHP_SELF']) .
                 "/remove.php?u=" . _GET['ml'];
  
          $subject\; =\; \text{'}Mailing\; List\; Subscription\; Confirmed\text{'};$body = "Hello " . $firstname\; .\; ",\backslash n"\; .\; "Thank\; you\; for\; subscribing\; to\; the\; "\; .$listname . " mailing list. Welcome!\n\n" .
                  "If you did not subscribe, please accept our " .
                  "apologies.\n".
                  "You can remove this subscription immediately by ".
                  "visiting the following URL:\n" . $url;$mailmsg = new SimpleMail();
          $mailmsg->send($email,$subject,$body,$headers);$redirect = "thanks.php?u=" . _GET['ml'] . "&t=s";
        } else {
          $redirect\; =\; \text{'}user.php\text{'};\; \}\; break;\; default:$redirect = 'user.php';
    }
  }
  
  header('Location: ' . $redirect);\; ?>$