TheWatcher/gist:a6cc1cf3acbed343bda5

## gistfile1.pl
    if($subscription -> {"id"}) {
        # Note: herein lies a problem. At this point, we have a pre-existing subscription, that
        # may or may not be a user's. If it is a user's, it may be active, or have an inactive
        # alternate email associated with it - potentially sharing an email with an email-only
        # subscription. Consider the following:
        #
        #  Anonymous User sets up subscription s0 to f0, f1 using email e0, system sends auth
        #  code to e0, user activates it to prove ownership.
        #  Anonymous user later gets an account, but it is set up to use email e1. User logs in,
        #  and creates subscription s1 to f1 and f2 using alternate email e0, system sends auth
        #  code to e0 (ie: s1 is inactive, note s0 is unaffected at this point). Now one of two
        #  things can happen:
        #
        #  - user activates s1 using authcode sent to e0. This will automatically merge s0 into
        #    s1 as the system detects the common e0 and gives priority to s1.
        #  - user does not activate s1, but returns later to modfy s1 to remove e0. This
        #    will automatically activate s1 sending emails to e1, but it will NOT merge the
        #    existing s0 into s1 as there is now no common email. This means that now the user
        #    is getting f0,f1 sent to e0, and f1,f2 sent to e1.
        #
        #  If the subscription is both not activated and activated, how tall is Imhotep?
        #
        # The user has two options - they can either add e0 back into s1, activate, and thus get
        # s0 merged into s1; alternatively each message sent to e0 for s0 will contain an unsub
        # link that should let the user delete s0.
        #
        # An alternative, more dangerous option is to uncomment the following:
        #
        # $self -> _merge_subscriptions($subscription -> {"id"}, $subscription -> {"user_id"}, $subscription -> {"email"})
        #     if($subscription -> {"user_id"} && $subscription -> {"email"});
        #
        # that will merge any email only subscriptions for a user, even if they haven't activated
        # the subscription. Butit opens the door for subscription hijacking and deletion.

        # In theory, this should only ever run when userid is not undef - if it is, the email
        # will always match the subscription email, otherwise _get_subscription_header() couldn't
        # have found it to begin with.
        $self -> _set_subscription_email($subscription -> {"id"}, $email)
            or return undef;
	if($subscription -> {"id"}) {
	# Note: herein lies a problem. At this point, we have a pre-existing subscription, that
	# may or may not be a user's. If it is a user's, it may be active, or have an inactive
	# alternate email associated with it - potentially sharing an email with an email-only
	# subscription. Consider the following:
	#
	# Anonymous User sets up subscription s0 to f0, f1 using email e0, system sends auth
	# code to e0, user activates it to prove ownership.
	# Anonymous user later gets an account, but it is set up to use email e1. User logs in,
	# and creates subscription s1 to f1 and f2 using alternate email e0, system sends auth
	# code to e0 (ie: s1 is inactive, note s0 is unaffected at this point). Now one of two
	# things can happen:
	#
	# - user activates s1 using authcode sent to e0. This will automatically merge s0 into
	# s1 as the system detects the common e0 and gives priority to s1.
	# - user does not activate s1, but returns later to modfy s1 to remove e0. This
	# will automatically activate s1 sending emails to e1, but it will NOT merge the
	# existing s0 into s1 as there is now no common email. This means that now the user
	# is getting f0,f1 sent to e0, and f1,f2 sent to e1.
	#
	# If the subscription is both not activated and activated, how tall is Imhotep?
	#
	# The user has two options - they can either add e0 back into s1, activate, and thus get
	# s0 merged into s1; alternatively each message sent to e0 for s0 will contain an unsub
	# link that should let the user delete s0.
	#
	# An alternative, more dangerous option is to uncomment the following:
	#
	# $self -> _merge_subscriptions($subscription -> {"id"}, $subscription -> {"user_id"}, $subscription -> {"email"})
	# if($subscription -> {"user_id"} && $subscription -> {"email"});
	#
	# that will merge any email only subscriptions for a user, even if they haven't activated
	# the subscription. Butit opens the door for subscription hijacking and deletion.

	# In theory, this should only ever run when userid is not undef - if it is, the email
	# will always match the subscription email, otherwise _get_subscription_header() couldn't
	# have found it to begin with.
	$self -> _set_subscription_email($subscription -> {"id"}, $email)
	or return undef;