Comments (5)
@asdr45fsd35fdf So exit()
is not being called, but commenting it out makes your custom ajax subscription process work?
It sounds like exit()
must be called, but perhaps you are not detecting it. You could try logging an error (using trigger_error()
) every time it is called (assuming PHP errors are being logged and you can access that log). You could also try using xdebug() to step through the code, if your IDE supports this, e.g. add a break point to that line so you can pause execution and check what logical sequence led to that point.
@xh3n1 may also have ideas.
from phplist3.
$key = sprintf('%d', $key);
if (!empty($key)) {
The %d forces the key to be numerical. If that evaluates to 0, it meant the original key was not numerical, which means someone has tried to push some other kind of code in, ergo "hack attempt".
Check that your ajax code doesn't push the "lists" variable to the page, and if it does, make sure the keys of the key-value pairs are numerical.
The asubscribe parameter expects only an email address and will fetch the rest (including which lists to subscribe to) from the subscribe page definition.
@samtuke I guess it could be useful to document the asubscribe call for everyone. It is currently only documented in the hosted account pages.
from phplist3.
by the way @asdr45fsd35fdf we would be able to be more serious if your handle wasn't some keysmash.
from phplist3.
@samtuke correct! I don't understand why. I used
Fatal_Error('Some info plus var value'); exit;
Line by line in that area of the code. I could see in the ajax response what the values are for the vars and my custom text. The above mentioned if-statement always evaluates as true, in my case. I checked it multiple times. I might be crazy but that's what I see.
@michield it does push the list value and the key is numeric in the following way:
HTML part
<form method="post" name="subform" id="subform" enctype="multipart/form-data">
<input type=hidden name="htmlemail" value="1">
<input type="hidden" name="list[2]" value="signup"/>
<input type="hidden" name="subscribe" value="subscribe"/>
<input type="email" name="email" id="email" required>
<button class="btn" type="button" onclick="if (checkForm()) {submitForm();} return false;"></button>
<div class="alert alert-success" id="success" style="display:none"></div>
<div class="alert alert-danger" id="danger" style="display:none"></div>
</form>
JS part
function checkForm(){
re = /^(([^<>()[\]\.,;:\s@\"]+(\.[^<>()[\]\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
if (!(re.test(jQuery("#email").val()))) {
jQuery("#success").empty().hide();
jQuery("#danger").empty().append("Please enter a valid email.").show();
jQuery("#email").focus();
return false;
}
return true;
}
function submitForm() {
successMsg = 'Thank you for your registration.';
failMsg = 'Sorry, we were unable to register you.';
data = jQuery('#subform').serialize();
jQuery.ajax( {
type: 'POST',
data: data,
url: '/phplist/?p=asubscribe',
dataType: 'html',
success: function (data, status, request) {
if(data==='FAIL'){
jQuery("#success").empty().hide();
jQuery("#danger").empty().append(failMsg).show();
}else{
jQuery("#danger").empty().hide();
jQuery("#success").empty().append(successMsg).show();
jQuery('#email').val('');
}
},
error: function (request, status, error) {
jQuery("#success").empty().hide();
jQuery("#danger").empty().append(failMsg).show();
}
});
}
I borrowed and adapted this code from this thread https://discuss.phplist.org/t/ajax-subscribe-api/974/2
There they push the list the same way.
I will try not to push the list value as you suggested and see if it works better. Last thing I want to do is to modify phpList code in any way, complicating future updates.
@michield your wish is my command. I do keysmash for all my accounts so that I not only don't know the randomly generated password but the username cannot be tied to any other accounts that uses the same username. It is a habit that I recommend to anyone given the perpetual hacking that's going on. But I can see how it might go against GitHub policy or invoke prejudice.
*Update: trying to fix code formatting
from phplist3.
It seems that there are no updates on this issue for more than a year. For future questions/proposals, I would recommend the community forum or Mantis, the phpList bug tracker.
Closing this.
from phplist3.
Related Issues (20)
- Emoji in subject lines HOT 1
- list selection gets wiped unexpectedly
- hardcoded table names
- Difficulty to import emails HOT 3
- Cannot create new super admins HOT 1
- Private campain templates HOT 1
- Problem with definition of timestamp columns HOT 2
- feature request for the orgs i am with HOT 2
- Add a plugin homepage hook
- Add a hook to allow plugins to download attachments
- please add arm64 builds of docker images HOT 1
- Also process bounced unidentified message HOT 2
- Read this when opening an issue
- phpList 3.7 HOT 11
- User IDs get used up - int(11) limit reached HOT 2
- Fix obsolete references for Mantis
- Fix the Rate link (which appears while editing a campaign)'s tooltip HOT 7
- Fix certain PR checks that always fail HOT 7
- Mailgun API HOT 4
- max_queries_per_hour HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phplist3.