I have made a fix if anyone is interested.
I basically created a template of my site - view source - save as - remove anything not required etc.
Then at the top of the HTML I put the following PHP which is the guts of that manage.php page except I am storing the HTML or any error message in a string and then outputting in the relevant place.
Really (if I could have been bothered) I would have done it as a class but it was a quick fix using "global" variables - which WordPress use anyway for some reason so I am just following their bad coding practise :)
The code is here up to the DOCTYPE of the HTML
<?php
$request = $_GET['wpr-manage'];
// we either get some nice HTML to display to the user or an error message
$errmsg = "";
$html = "";
if (empty($request))
{
$errmsg = error("We're unable to identify your subscription to help you manage it. Please copy the full URL and paste it in the browser.");
}
else
{
$plainstring = base64_decode($request);
$parts = explode("%$%",$plainstring);
$sid = $parts[0];
$nid = $parts[1];
$hash = $parts[2];
if (isset($_POST['confirmed']) && $_POST['confirmed'] == "true")
{
global $errmsg;
//delete autoresponders
$email = wpr_manage_sanitize($_POST['email']);
if (empty($email))
{
$errmsg = error("No email address was specified.");
}
if (is_array($_POST['newsletter']))
{
foreach ($_POST['newsletter'] as $nid)
{
$nid = (int) $nid;
if ($nid == 0)
{
continue;
}
global $wpdb;
$query = "SELECT id from ".$wpdb->prefix."wpr_subscribers where nid=$nid and email='$email'";
$sub = $wpdb->get_results($query);
if (count($sub) == 0)
continue;
$sid = $sub[0]->id;
//delete follow ups.
$query = "DELETE FROM ".$wpdb->prefix."wpr_followup_subscriptions where sid='$sid'";
$wpdb->query($query);
//delete blog subscriptions
$query = "DELETE FROM ".$wpdb->prefix."wpr_blog_subscription where sid='$sid'";
$wpdb->query($query);
//delete custom field values.
$query = "DELETE FROM ".$wpdb->prefix."wpr_custom_fields_values where sid='$sid'";
$wpdb->query($query);
//unsubscribe
$query = "UPDATE ".$wpdb->prefix."wpr_subscribers set active=0 WHERE id='$sid'";
$wpdb->query($query);
}
show_unsubscribed();
}
else
{
$errmsg = error("No newsletter was mentiond to unsubscribe");
}
}
else
{
$html = confirm_unsubscription($nid,$sid,$hash);
}
}
function confirm_unsubscription($nid,$sid,$hash)
{
global $wpdb;
$html="";
$query = "SELECT * FROM ".$wpdb->prefix."wpr_subscribers where id='$sid' and hash='$hash' and active=1 and confirmed=1;";
$subscriber = $wpdb->get_results($query);
if (count($subscriber) > 0)
{
$newsletter = _wpr_newsletter_get($nid);
$subscriber = _wpr_subscriber_get($sid);
$query = "select b.* from ".$wpdb->prefix."wpr_subscribers a, ".$wpdb->prefix."wpr_newsletters b where b.id=a.nid and a.email='".$subscriber->email."' and a.active=1 and a.confirmed=1;";
$newsletters = $wpdb->get_results($query);
$html .= "<div style=\"font-family:Verdana, Geneva, sans-serif; font-size:12px; padding:20px; margin-left: auto; margin-right: auto; width:300px; background-color:#fff; border: 1px solid #0A5700;\"><form action=\"" . $_SERVER['REQUEST_URI'] . "\" method=\"post\"><input type=\"hidden\" name=\"confirmed\" value=\"true\">You are about to unsubscribe from:<br /><br /><input type=\"hidden\" name=\"email\" value=\"" . $subscriber->email . "\" />";
foreach ($newsletters as $newsletter)
{
$html .= "<div class=\"newsletter\"><input type=\"checkbox\" name=\"newsletter[]\" checked=\"checked\" value=\"" . $newsletter->id . "\" id=\"nl_" . $newsletter->id . "\" /><label for=\"nl_" . $newsletter->id . "\">" . $newsletter->name . " Newsletter<br />
<blockquote>";
//get blog subscriptions
$query = "select * from ".$wpdb->prefix."wpr_blog_subscription where type='cat' sid=$sid";
$bsubs = $wpdb->get_results($query);
foreach ($bsubs as $sub)
{
$cat = get_category($sub->eid);
$html .= "<p>You will stop receiving posts from the " . $cat->name . " category.</p>";
}
$query = "select * from ".$wpdb->prefix."wpr_blog_subscription where type='all' sid='$sid'";
$bsubs = $wpdb->get_results($query);
if (count($bsubs) >0)
{
$html .= "<p>New articles posted on the blog will not be delivered.</p>";
}
//get post series
$query = "SELECT b.* FROM ".$wpdb->prefix."wpr_followup_subscriptions a, wpr_post_series b where type='postseries' and sid='$sid' and b.id=a.eid;";
$pssubs = $wpdb->get_results($query);
if (count($pssubs) >0)
{
}
foreach ($pssubs as $sub)
{
$html .= "<p>You will stop receiving ".$sub->name." post series.</p>";
}
$html .= "</blockquote></label><br>";
$html .= $newsletter->description . "</div>";
}
$html .= "<p>Are you sure you want to unsubscribe from the above newsletter(s)?</p><br /><br />
<div align=\"center\">
<input type=\"submit\" class=\"greenbutton\" value=\"Unsubscribe\"> <input class=\"greenbutton\" type=\"button\" onclick=\"window.location='/'\" value=\"Cancel\"></div>
</form></div>";
}
else // who? what?
{
header("HTTP/1.0 404 Not Found");
exit;
}
return $html;
}
function show_unsubscribed()
{
require "templates/unsubscribed.html";
}
function error($error)
{
$content = "<p class=\"errormessage\">". $error . "</p><p><a href=\"javascript:window.history.go(-1);\">Click Here To Go Back</a>.</p>";
return $content;
}
function wpr_manage_sanitize($string)
{
$string = strip_tags($string);
$string = trim($string);
if (get_magic_quotes_gpc())
{
return $string;
}
else
{
return addslashes($string);
}
}
?>
<!DOCTYPE htmlI have no idea why they have a pointless statment in the code that checks for post series eg
//get post series
$query = "SELECT b.* FROM ".$wpdb->prefix."wpr_followup_subscriptions a, wpr_post_series b where type='postseries' and sid='$sid' and b.id=a.eid;";
$pssubs = $wpdb->get_results($query);
if (count($pssubs) >0)
{
}But anyway it works for me and I then just output the html / error message in the HTML e.g
<div class="entry">
<h1 class="title">Unsubscribe from Newsletter</h1>
<?php
if(!empty($html)){
echo $html;
}else if(!empty($errmsg)){
echo $errmsg;
}else{
echo "<p>Sorry there seems to have been an error please go back to your email and try again.</p>";
}
?>
</div> <!-- end .entry -->So that has fixed that but I would still like to know where the code is that:
a) handles the initial subscription form as if the user doesn't put an email/name in it goes to a horrible similarly badly formatted html page. I quickly got round this by using HTML 5 and the new required="required" and type="email" attributes and a fallback to a JS version but it still needs to be sorted serverside for older browsers with no JS on.
b) where the code that handles the sending of emails is located etc
Thanks for your help