diff --git a/en/newsletter.php b/en/newsletter.php index 229a40e..a31976a 100644 --- a/en/newsletter.php +++ b/en/newsletter.php @@ -45,43 +45,45 @@ $filename = "/tmp/list-code-" . $email; - if (!empty($_GET['code'])) { - if (file_get_contents($filename) == $_GET['code']) { - if ($_GET['action'] == "sub") { - file_put_contents("/var/spool/list", $email . PHP_EOL, FILE_APPEND); - } else { - $contents = file_get_contents("/var/spool/list"); - $contents = preg_replace("/^" . preg_quote($email) . "$/", '', $contents); - $contents = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $contents); - file_put_contents("/var/spool/list", $contents); - } - unlink($filename); + if (empty($err)) { + if (!empty($_GET['code'])) { + if (file_get_contents($filename) == $_GET['code']) { + if ($_GET['action'] == "sub") { + file_put_contents("/var/spool/list", $email . PHP_EOL, FILE_APPEND); + } else { + $contents = file_get_contents("/var/spool/list"); + $contents = preg_replace("/^" . preg_quote($email) . "$/", '', $contents); + $contents = preg_replace("/(^[\r\n]*|[\r\n]+)[\s\t]*[\r\n]+/", "\n", $contents); + file_put_contents("/var/spool/list", $contents); + } + unlink($filename); - $subject = ($_GET['action'] == "sub" ? "S" : "Uns") . "ubscription confirmed"; + $subject = ($_GET['action'] == "sub" ? "S" : "Uns") . "ubscription confirmed"; + $headers = "From: announcements@vern.cc\n"; + $headers .= "MIME-Version: 1.0\n"; + $headers .= "Content-type: text/plain\n"; + $message = "You have been " . ($_GET['action'] == "sub" ? "added to" : "removed from") . " the ~vern announcement mailing list"; + + mail($email, $subject, $message, $headers); + $confirmed = true; + } else { + $code_err = 'Incorrect code'; + } + } else { + $code = substr(md5(rand()), 0, 8); + $handle = fopen($filename, "w+"); + chmod($filename, 0600); + fwrite($handle, $code); + fclose($handle); + + $subject = "Your confirmation code"; $headers = "From: announcements@vern.cc\n"; $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-type: text/plain\n"; - $message = "You have been " . ($_GET['action'] == "sub" ? "added to" : "removed from") . " the ~vern announcement mailing list"; + $message = "Your confirmation code is $code. Do not share it with anyone.\n\nIf you did not initiate this, you can safely ignore this message."; mail($email, $subject, $message, $headers); - $confirmed = true; - } else { - $code_err = 'Incorrect code'; } - } else { - $code = substr(md5(rand()), 0, 8); - $handle = fopen($filename, "w+"); - chmod($filename, 0600); - fwrite($handle, $code); - fclose($handle); - - $subject = "Your confirmation code"; - $headers = "From: announcements@vern.cc\n"; - $headers .= "MIME-Version: 1.0\n"; - $headers .= "Content-type: text/plain\n"; - $message = "Your confirmation code is $code. Do not share it with anyone.\n\nIf you did not initiate this, you can safely ignore this message."; - - mail($email, $subject, $message, $headers); } if ((($_GET['action'] != "sub" && $_GET['action'] != "unsub")) || (!empty($err) && !empty($code_err))) {