Beispiel #1
0
function deleteOldTokens()
{
    #  echo "<script>alert('".PASSWORD_CHANGE_TIMEFRAME."');</script>";
    //DELETE FROM phplist_admin_password_request WHERE date_add( date, INTERVAL 1 year ) < now( )
    $SQLquery = sprintf('delete from %s where date_add( date, INTERVAL %s) < now( )', $GLOBALS['tables']['admin_password_request'], PASSWORD_CHANGE_TIMEFRAME);
    $query = Sql_Query($SQLquery);
}
Beispiel #2
0
function rssUserHasContent($userid,$messageid,$frequency) {
	global $tables;
  switch ($frequency) {
    case "weekly":
      $interval = 'interval 7 day';break;
    case "monthly":
      $interval = 'interval 1 month';break;
    case "daily":
    default:
      $interval = 'interval 1 day';break;
  }
  
	$cansend_req = Sql_Query(sprintf('select date_add(last,%s) < now() from %s where userid = %d',
      $interval,$tables["user_rss"],$userid));
	$exists = Sql_Affected_Rows();
	$cansend = Sql_Fetch_Row($cansend_req);
  if (!$exists || $cansend[0]) {
  	# we can send this user as far as the frequency is concerned
    # now check whether there is actually some content

    # check what lists to use. This is the intersection of the lists for the
    # user and the lists for the message
    $lists = array();
    $listsreq = Sql_Query(sprintf('
    	select %s.listid from %s,%s where %s.listid = %s.listid and %s.userid = %d and
      %s.messageid = %d',
      $tables["listuser"],$tables["listuser"],$tables["listmessage"],
			$tables["listuser"],$tables["listmessage"],
      $tables["listuser"],$userid,$tables["listmessage"],$messageid));
   	while ($row = Sql_Fetch_Row($listsreq)) {
    	array_push($lists,$row[0]);
    }
    if (!sizeof($lists))
    	return 0;
    $liststosend = join(",",$lists);
    # request the rss items that match these lists and that have not been sent to this user
    $itemstosend = array();
		$max = sprintf('%d',getConfig("rssmax"));
		if (!$max) {
			$max = 30;
		}

    $itemreq = Sql_Query("select {$tables["rssitem"]}.*
	    from {$tables["rssitem"]} where {$tables["rssitem"]}.list in ($liststosend) order by added desc, list,title limit $max");
    while ($item = Sql_Fetch_Array($itemreq)) {
    	Sql_Query("select * from {$tables["rssitem_user"]} where itemid = {$item["id"]} and userid = $userid");
      if (!Sql_Affected_Rows()) {
				array_push($itemstosend,$item["id"]);
      }
    }
  #  print "<br/>Items to send for user $userid: ".sizeof($itemstosend);
    # if it is less than the treshold return nothing
    $treshold = getConfig("rsstheshold");
    if (sizeof($itemstosend) >= $treshold)
     	return $itemstosend;
    else
      return array();
  }
 	return array();
}
Beispiel #3
0
function moveUser($userid)
{
    global $tables;
    $newlist = $_GET["list"];
    Sql_Query(sprintf('delete from %s where userid = %d', $tables["listuser"], $userid));
    Sql_Query(sprintf('insert into %s (userid,listid) values(%d,%d)', $tables["listuser"], $userid, $newlist));
}
Beispiel #4
0
 public function runtest()
 {
     $this->userdata = Sql_Fetch_Assoc_Query(sprintf('select * from %s where email = "%s"', $GLOBALS['tables']['user'], $GLOBALS['developer_email']));
     if (!$this->userdata['id']) {
         Sql_Query(sprintf('insert into %s (email) values("%s")', $GLOBALS['tables']['user'], $GLOBALS['developer_email']));
         print 'Bounce user created: ' . $GLOBALS['developer_email'] . '<br/>';
     }
     $GLOBALS['message_envelope'] = $GLOBALS['developer_email'];
     return 1;
 }
 function processSubscribePageEdit($id)
 {
     if (!empty($_POST['disposable_mailblocker_enable'])) {
         $enabled = 1;
     } else {
         $enabled = 1;
     }
     Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"disposable_mailblocker_enable","%s")', $GLOBALS['tables']["subscribepage_data"], $id, sql_escape($enabled)));
     Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"disposable_mailblocker_text","%s")', $GLOBALS['tables']["subscribepage_data"], $id, sql_escape($_POST['disposable_mailblocker_text'])));
 }
Beispiel #6
0
/**
 * Create the html to show the number of list members in up to three totals.
 * Confirmed - subscriber is confirmed and not blacklisted
 * Not confirmed - subscriber is not confirmed and not blacklisted
 * Blacklisted - subscriber is blacklisted. 
 *
 * @param   int  $listId the list id, or 0 for all subscribers
 * @return  string
 */
function listMemberCounts($listId)
{
    global $tables;
    if ($listId) {
        $join = "JOIN {$tables['listuser']} lu ON u.id = lu.userid\n        WHERE lu.listid = {$listId}";
    } else {
        $join = '';
    }
    $req = Sql_Query("SELECT\n        SUM(1) AS total,\n        SUM(IF(u.confirmed = 1 && u.blacklisted = 0, 1, 0)) AS confirmed,\n        SUM(IF(u.confirmed = 0 && u.blacklisted = 0, 1, 0)) AS notconfirmed,\n        SUM(IF(u.blacklisted = 1, 1, 0)) AS blacklisted\n        FROM {$tables['user']} u\n        {$join}");
    $counts = Sql_Fetch_Assoc($req);
    $membersDisplay = sprintf('<span class="memberCount" title="%s">%s</span>' . ' (' . '<span class="unconfirmedCount" title="%s">%s</span>, ' . ' ' . '<span class="blacklistedCount" title="%s">%s</span>' . ')', s('Confirmed members'), number_format($counts['confirmed']), s('Unconfirmed members'), number_format($counts['notconfirmed']), s('Blacklisted members'), number_format($counts['blacklisted']));
    return $membersDisplay;
}
 function Retreive_And_Unserialize()
 {
     $retrieve_serialized_query = sprintf("select value from %s", $this->AttributeChangerData['attribute_changer_tablename']);
     $retrieve_s_return = Sql_Query($retrieve_serialized_query);
     if (!$retrieve_s_return) {
         print "ERROR NO STORED SESSION";
         die;
     }
     $returned_result = Sql_Fetch_Assoc($retrieve_s_return);
     if (!isset($returned_result['value'])) {
         print "ERROR Improperly stored value data";
         die;
     }
     //print_r($returned_result);
     $serialized_session = $returned_result['value'];
     //print($serialized_session);
     $this->Current_Session = unserialize(base64_decode($serialized_session));
 }
function accessLevel($page)
{
    global $tables, $access_levels;
    if (!$GLOBALS["require_login"] || isSuperUser()) {
        return "all";
    }
    if (!isset($_SESSION["adminloggedin"])) {
        return 0;
    }
    if (!is_array($_SESSION["logindetails"])) {
        return 0;
    }
    # check whether it is a page to protect
    Sql_Query("select id from {$tables["task"]} where page = \"{$page}\"");
    if (!Sql_Affected_Rows()) {
        return "all";
    }
    $req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"]));
    $row = Sql_Fetch_Row($req);
    return $access_levels[$row[0]];
}
Beispiel #9
0
 public function runtest()
 {
     if (empty($this->userdata['email'])) {
         print $GLOBALS['I18N']->get('Test email not set ');
         return 0;
     }
     ## insert an HTML page as a message
     Sql_Query(sprintf('insert into %s
   (subject,fromfield,message,footer,entered,status,sendformat)
   values("phplist test sendpage","test","[URL:http://www.phplist.com]","Unsubscribe link: [UNSUBSCRIBE]",now(),"test","text and HTML")', $GLOBALS['tables']['message']));
     require_once dirname(__FILE__) . '/../sendemaillib2.php';
     $testmsg = Sql_Insert_id();
     print $GLOBALS['I18N']->get('Sending HTML version to ') . $this->userdata['email'];
     $suc6 = 0;
     $suc6 = sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 1);
     if ($suc6) {
         print ' ... ' . $GLOBALS['I18N']->get('OK');
     } else {
         print ' ... ' . $GLOBALS['I18N']->get('Failed');
     }
     print '<br/>';
     print $GLOBALS['I18N']->get('Sending Text version to ') . $this->userdata['email'];
     $suc6 = $suc6 && sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 0);
     if ($suc6) {
         print ' ... ' . $GLOBALS['I18N']->get('OK');
     } else {
         print ' ... ' . $GLOBALS['I18N']->get('Failed');
     }
     print '<br/>';
     if (CLICKTRACK) {
         print $GLOBALS['I18N']->get('Note: Links in emails will not work, because this is a test message, which is deleted after sending') . '<br/>';
     }
     print $GLOBALS['I18N']->get('Check your INBOX to see if all worked ok') . '<br/>';
     #deleteMessage($testmsg);
     print "Message ID: {$testmsg}<br/>";
     return $suc6;
 }
Beispiel #10
0
function mergeUsers($original, $duplicate)
{
    set_time_limit(60);
    print '<br/>Merging ' . $duplicate . ' into ' . $original;
    $umreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate));
    while ($um = Sql_Fetch_Array($umreq)) {
        Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS["tables"]["usermessage"], $original, $um["entered"], $duplicate, $um["entered"]), 1);
    }
    $bncreq = Sql_Query(sprintf('select * from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate));
    while ($bnc = Sql_Fetch_Array($bncreq)) {
        Sql_Query(sprintf('update %s set user = %d, time = "%s" where user = %d and time = "%s"', $GLOBALS["tables"]["user_message_bounce"], $original, $bnc["time"], $duplicate, $bnc["time"]), 1);
    }
    $listreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate));
    while ($list = Sql_Fetch_Array($listreq)) {
        Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s" and listid = %d', $GLOBALS["tables"]["listuser"], $original, $list["entered"], $duplicate, $list["entered"], $list['listid']), 1);
    }
    Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate));
    Sql_Query(sprintf('delete from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate));
    Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate));
    #  if (MERGE_DUPLICATES_DELETE_DUPLICATE) {
    deleteUser($duplicate);
    #  }
    flush();
}
Beispiel #11
0
         }
         $htmlcnt = Sql_Fetch_Row_Query(sprintf('select count(distinct userid) from %s listuser,%s user where user.htmlemail and user.id = listuser.userid and listuser.listid in (%s) %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user'], implode(',', array_keys($lists)), $exclude), 1);
         $textcnt = Sql_Fetch_Row_Query(sprintf('select count(distinct userid) from %s listuser,%s user where !user.htmlemail and user.id = listuser.userid and listuser.listid in (%s) %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user'], implode(',', array_keys($lists)), $exclude), 1);
         if ($htmlcnt[0] || $textcnt[0]) {
             if (!isset($messagedata['textsize'])) {
                 $messagedata['textsize'] = 0;
             }
             if (!isset($messagedata['htmlsize'])) {
                 $messagedata['htmlsize'] = 0;
             }
             $send_content .= $GLOBALS['I18N']->get('Estimated size of mailout') . ': ' . formatBytes($htmlcnt[0] * $messagedata['htmlsize'] + $textcnt[0] * $messagedata['textsize']) . '<br/>';
             ## remember this to see how well the estimate was
             Sql_Query(sprintf('replace into %s set name = "estimatedsize",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $htmlcnt[0] * $messagedata['htmlsize'] + $textcnt[0] * $messagedata['textsize']));
             $send_content .= sprintf($GLOBALS['I18N']->get('About %d users to receive HTML and %s users to receive text version of email'), $htmlcnt[0], $textcnt[0]) . '<br/>';
             Sql_Query(sprintf('replace into %s set name = "estimatedhtmlusers",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $htmlcnt[0]));
             Sql_Query(sprintf('replace into %s set name = "estimatedtextusers",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $textcnt[0]));
         }
     }
 }
 $send_content .= '</div>';
 ## the button to actually send the campagin
 $send_content .= $placeinqueue;
 print '<div class="sendtabs_container">';
 $tabs->setListClass('sendcampaign');
 $tabs->setId('sendtabs');
 #  $tabs->addPrevNext();
 $tabs->addTabNo();
 print $tabs->display();
 #print '<div id="tabcontent"></div>';
 $panelcontent = '';
 switch ($_GET['tab']) {
Beispiel #12
0
    while ($row = Sql_Fetch_Array($req)) {
        $ls->addElement($row["name"]);
        $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints';
        $ls->addColumn($row["name"], $GLOBALS['I18N']->get('value'), stripslashes($row["data"]));
    }
    $ls->addElement('<!-- remove -->');
    if (!$isSpamReport) {
        $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . "?\\n" . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user["id"]}&id={$user["id"]}", "button", s('remove subscriber from blacklist')), s('remove subscriber from blacklist'));
        $ls->addRow('<!-- remove -->', s('remove'), $button->show());
    } else {
        $ls->addRow('<!-- remove -->', s('remove'), s('For this subscriber to be removed from the blacklist, you need to ask them to re-subscribe using the phpList subscribe page'));
    }
    print $ls->display();
}
$ls = new WebblerListing($GLOBALS['I18N']->get('Subscription History'));
$req = Sql_Query(sprintf('select * from %s where userid = %d order by date desc', $tables["user_history"], $user["id"]));
if (!Sql_Affected_Rows()) {
    print $GLOBALS['I18N']->get('no details found');
}
while ($row = Sql_Fetch_Array($req)) {
    $ls->addElement($row["id"]);
    $ls->setClass($row["id"], 'row1');
    $ls->addColumn($row["id"], $GLOBALS['I18N']->get('ip'), $row["ip"]);
    $ls->addColumn($row["id"], $GLOBALS['I18N']->get('date'), $row["date"]);
    $ls->addColumn($row["id"], $GLOBALS['I18N']->get('summary'), $row["summary"]);
    $ls->addRow($row["id"], "<div class='gray'>" . $GLOBALS['I18N']->get('detail') . ": </div>", "<div class='tleft'>" . nl2br(htmlspecialchars($row["detail"])) . "</div>");
    $ls->addRow($row["id"], "<div class='gray'>" . $GLOBALS['I18N']->get('info') . ": </div>", "<div class='tleft'>" . nl2br($row["systeminfo"]) . "</div>");
}
print $ls->display();
print '</div>';
print '</div>';
Beispiel #13
0
function saveUserAttribute($userid,$attid,$data) {
	if ($data["nodbsave"]) {
  	dbg("Not saving $attid");
  	return;
 	}
  if ($attid == "emailcheck" || $attid == "passwordcheck") {
  	dbg("Not saving $attid");
  	return;
	}

	if (!$data["type"])
  	$data["type"] = "textline";

  if ($data["type"] == "static" || $data["type"] == "password") {
   	Sql_Query(sprintf('update user set %s = "%s" where id = %d',
    	$attid,$data["value"],$userid));
    return 1;
  }

  $attid_req = Sql_Fetch_Row_Query(sprintf('
    select id,type,tablename from attribute where id = %d',$attid));
  if (!$attid_req[0]) {
    $attid_req = Sql_Fetch_Row_Query(sprintf('
      select id,type,tablename from attribute where name = "%s"',$data["name"]));
    if (!$attid_req[0]) {
    	if ($GLOBALS["config"]["autocreate_attributes"]) {
        Dbg("Creating new Attribute: ".$data["name"]);
        sendError("creating new attribute ".$data["name"]);
        $atttable= getNewAttributeTablename($data["name"]);
        Sql_Query(sprintf('insert into attribute (name,type,tablename) values("%s","%s","%s")',$data["name"],$data["type"],$atttable));
        $attid = Sql_Insert_Id();
      } else {
        dbg("Not creating new Attribute: ".$data["name"]);
       # sendError("Not creating new attribute ".$data["name"]);
			}
    } else {
      $attid = $attid_req[0];
      $atttable = $attid_req[2];
  	}
	} else {
    $attid = $attid_req[0];
    $atttable = $attid_req[2];
  }

  if (!$atttable) {
  	$atttable = getNewAttributeTablename($data["name"]);
  	# fix attribute without tablename
    Sql_Query(sprintf('update attribute set tablename ="%s" where id = %d',
    	$atttable,$attid));
#  	sendError("Attribute without Tablename $attid");
  }

  switch ($data["type"]) {
  	case "static":
    case "password":
    	Sql_Query(sprintf('update user set %s = "%s" where id = %d',
      	$attid,$data["value"],$userid));
			break;
    case "select":
    	$curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
      	where name = "%s"',$atttable,$data["displayvalue"]),1);
      if (!$curval[0]) {
      	Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")',$atttable,
        	$data["displayvalue"]));
        sendError("Added ".$data["displayvalue"]." to $atttable");
        $valid = Sql_Insert_id();
      } else {
      	$valid = $curval[0];
      }
    	Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value)
		  	values(%d,%d,"%s")',$userid,$attid,$valid));

			break;
   	default:
    	Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value)
		  	values(%d,%d,"%s")',$userid,$attid,$data["value"]));
     	break;
 	}
  return 1;
}
Beispiel #14
0
    $html .= $GLOBALS['img_cross'];
}
$html .= '</td></tr>';
$html .= '<tr><td>' . s('Create public lists') . '</td>
<td>' . PageLink2('list', s('Go there')) . '</td><td>';
$req = Sql_Query(sprintf('select id from %s where active <> 0', $tables['list']));
if (Sql_Affected_Rows()) {
    $html .= $GLOBALS['img_tick'];
} else {
    $alldone = 0;
    $html .= $GLOBALS['img_cross'];
}
$html .= '</td></tr>';
$html .= '<tr><td>' . s('Create a subscribe page') . '</td>
<td>' . PageLink2('spage', s('Go there')) . '</td><td>';
$req = Sql_Query("select * from {$tables['subscribepage']}");
if (Sql_Affected_Rows()) {
    $html .= $GLOBALS['img_tick'];
} else {
    $alldone = 0;
    $html .= $GLOBALS['img_cross'];
}
$html .= '</td></tr>';
$html .= '<tr><td>' . s('Add some subscribers') . '</td>
<td>' . PageLink2('import', s('Go there')) . '</td><td>';
$req = Sql_Fetch_Row_Query("select count(*) from {$tables['user']}");
if ($req[0] > 2) {
    $html .= $GLOBALS['img_tick'];
} else {
    $alldone = 0;
    $html .= $GLOBALS['img_cross'];
Beispiel #15
0
                break;
        }
        # fix the new powered by image for the templates
        Sql_Query(sprintf('update %s set data = "%s",width=70,height=30 where filename = "powerphplist.png"', $tables["templateimage"], $newpoweredimage));
        print '<script language="Javascript" type="text/javascript"> finish(); </script>';
        # update the system pages
        while (list($type, $pages) = each($system_pages)) {
            foreach ($pages as $page) {
                Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables["task"], $page, $type));
            }
        }
        # mark the database to be our current version
        if ($success) {
            SaveConfig("version", VERSION, 0);
            # mark now to be the last time we checked for an update
            Sql_Query(sprintf('replace into %s (item,value,editable) values("updatelastcheck",now(),0)', $tables["config"]));
            Info("Success");
        } else {
            Error("An error occurred while upgrading your database");
        }
    } else {
        ?>
<p>Your database requires upgrading, please make sure to create a backup of your database first.</p>

<p>When you're ready click <?php 
        echo PageLink2("upgrade", "Here", "doit=yes");
        ?>
. Depending on the size of your database, this may take quite a while. Please make sure not to interrupt the process, once you've started it.</p>
<?php 
    }
}
Beispiel #16
0
   if ($x % 25 == 0) {
       print $x . "/{$num} " . $GLOBALS['I18N']->get('done') . "<br/>";
       flush();
   }
   # check for full email
   if ($_POST["onlyfull"] != "yes" || $_POST["onlyfull"] == "yes" && strpos($importuser["personal"], "@") === false && strlen($importuser["email"]) > 4) {
       $new = 0;
       $result = Sql_query(sprintf('SELECT id,uniqid FROM %s
 WHERE email = "%s"', $tables["user"], $importuser["email"]));
       if (Sql_affected_rows()) {
           // Email exist, remember some values to add them to the lists
           $count_exist++;
           $user = Sql_fetch_array($result);
           $userid = $user["id"];
           $uniqid = $user["uniqid"];
           Sql_Query(sprintf('update %s set htmlemail = %d where id = %d', $tables["user"], $_POST["markhtml"] ? "1" : "0", $userid));
       } else {
           // Email does not exist
           $new = 1;
           // Create unique number
           mt_srand((double) microtime() * 1000000);
           $randval = mt_rand();
           $uniqid = getUniqid();
           $query = sprintf('INSERT INTO %s (email,entered,confirmed,uniqid,htmlemail)
    values("%s",current_timestamp,%d,"%s",%d)', $tables["user"], $importuser["email"], $_POST["notify"] != "yes", $uniqid, $_POST["markhtml"] ? "1" : "0");
           $result = Sql_query($query);
           $userid = Sql_Insert_Id($tables['user'], 'id');
           $count_email_add++;
           $some = 1;
       }
       if ($_POST["overwrite"] == "yes") {
Beispiel #17
0
<?php

require_once dirname(__FILE__) . '/accesscheck.php';
$req = Sql_Query(sprintf('select * from %s where date_add(from_unixtime(unixdate),interval 12 month) > now() order by unixdate', $GLOBALS['tables']['userstats']));
$ls = new WebblerListing($GLOBALS['I18N']->get('Statistics'));
while ($row = Sql_Fetch_Array($req)) {
    $element = $GLOBALS['I18N']->get($row['item']);
    $ls->addElement($element);
    switch (STATS_INTERVAL) {
        case 'monthly':
            $date = date('M y', $row['unixdate']);
            break;
    }
    $ls->addColumn($element, $date, $row['value']);
}
print $ls->display();
Beispiel #18
0
function deleteItem($table, $attributeid, $delete)
{
    global $tables, $replace;
    # delete the index in delete
    $valreq = Sql_Fetch_Row_query("select name from {$table} where id = {$delete}");
    $val = $valreq[0];
    # check dependencies
    $dependencies = array();
    $result = Sql_query("select distinct userid from {$tables['user_attribute']} where\n  attributeid = {$attributeid} and value = {$delete}");
    while ($row = Sql_fetch_array($result)) {
        array_push($dependencies, $row["userid"]);
    }
    if (sizeof($dependencies) == 0) {
        $result = Sql_query("delete from {$table} where id = {$delete}");
    } else {
        if ($replace) {
            $result = Sql_Query("update {$tables['user_attribute']} set value = {$replace} where value = {$delete}");
            $result = Sql_query("delete from {$table} where id = {$delete}");
        } else {
            ?>
    Cannot delete <b><?php 
            echo $val;
            ?>
</b><br />
    The Following record(s) are dependent on this value<br />
    Update the record(s) to not use this attribute value and try again<p>
    <?php 
            for ($i = 0; $i < sizeof($dependencies); $i++) {
                print PageLink2("user", "User " . $dependencies[$i], "id={$dependencies[$i]}") . "<br />\n";
                if ($i > 10) {
                    print "* Too many to list, total dependencies:\n " . sizeof($dependencies) . "<br /><br />";
                    giveAlternative($table, $delete, $attributeid);
                    return 0;
                }
            }
            print "</p><br />";
            giveAlternative($table, $delete, $attributeid);
        }
    }
    return 1;
}
Beispiel #19
0
if (!defined('PHPLISTINIT')) {
    exit;
}
print '<h3>' . s('Database structure check') . '</h3>';
unset($_SESSION["dbtables"]);
$pass = true;
$ls = new WebblerListing(s('Database structure'));
while (list($table, $tablename) = each($GLOBALS["tables"])) {
    $createlink = '';
    $indexes = $uniques = $engine = $category = '';
    $ls->addElement($table);
    if ($table != $tablename) {
        $ls->addColumn($table, "real name", $tablename);
    }
    if (Sql_Table_Exists($tablename)) {
        $req = Sql_Query("show columns from {$tablename}", 0);
        $columns = array();
        if (!Sql_Affected_Rows()) {
            $ls->addColumn($table, "exist", $GLOBALS["img_cross"]);
        }
        while ($row = Sql_Fetch_Array($req)) {
            $columns[strtolower($row["Field"])] = $row["Type"];
        }
        $tls = new WebblerListing($table);
        if (isset($DBstruct[$table])) {
            $struct = $DBstruct[$table];
        } else {
            $struct = '';
        }
        $haserror = 0;
        if (is_array($struct)) {
Beispiel #20
0
<input type="hidden" name="id" value="' . $listid . '" />';
$filterpanel .= '<label for="find">' . $GLOBALS['I18N']->get('Find a user') . '</label>';
$filterpanel .= '<input type="text" name="find" value="';
$filterpanel .= $find != '%' ? htmlspecialchars(stripslashes($find)) : '';
$filterpanel .= '" size="30" />';
$filterpanel .= '<select name="findby">';
$filterpanel .= '<option value="email" ';
$filterpanel .= $findby == 'email' ? 'selected="selected"' : '';
$filterpanel .= '>' . $GLOBALS['I18N']->get('Email') . '</option>';
$filterpanel .= '<option value="foreignkey" ';
$filterpanel .= $findby == 'foreignkey' ? 'selected="selected"' : '';
$filterpanel .= '>' . $GLOBALS['I18N']->get('Foreign Key') . '</option>';
$filterpanel .= '<option value="uniqid" ';
$filterpanel .= $findby == 'uniqid' ? 'selected="selected"' : '';
$filterpanel .= '>' . $GLOBALS['I18N']->get('Unique ID') . '</option>';
$att_req = Sql_Query('select id,name from ' . $tables['attribute'] . ' where type = "hidden" or type = "textline" or type = "select"');
while ($row = Sql_Fetch_Array($att_req)) {
    $filterpanel .= sprintf('<option value="%d" %s>%s</option>', $row['id'], $row['id'] == $findby ? 'selected="selected"' : '', substr($row['name'], 0, 20));
}
$filterpanel .= '</select><input class="submit" type="submit" value="' . s('Go') . '" />&nbsp;&nbsp;<a href="./?page=users&amp;find=NULL" class="reset">' . s('reset') . '</a>';
$filterpanel .= '</form></div>';
//$filterpanel .= '<tr><td colspan="4"></td></tr>
//</table>';
print Info($countpanel);
$panel = new UIPanel($GLOBALS['I18N']->get('Find subscribers'), $filterpanel);
print $panel->display();
#if (($require_login && isSuperUser()) || !$require_login)
print '<div class="actions">';
print '<div id="add-csv-button">' . PageLinkButton('dlusers', $GLOBALS['I18N']->get('Download all users as CSV file'), 'nocache=' . uniqid('')) . '</div>';
print '<div id="add-user-button">' . PageLinkButton('adduser', $GLOBALS['I18N']->get('Add a User')) . '</div>';
print '</div>';
Beispiel #21
0
} elseif (is_file('config/config.php')) {
    include 'config/config.php';
} else {
    print "Error, cannot find config file\n";
    exit;
}
require_once dirname(__FILE__) . '/admin/init.php';
$GLOBALS['database_module'] = basename($GLOBALS['database_module']);
$GLOBALS['language_module'] = basename($GLOBALS['language_module']);
require_once dirname(__FILE__) . '/admin/' . $GLOBALS['database_module'];
# load default english and language
include_once dirname(__FILE__) . '/texts/english.inc';
# Allow customisation per installation
if (is_file($_SERVER['DOCUMENT_ROOT'] . '/' . $GLOBALS['language_module'])) {
    include_once $_SERVER['DOCUMENT_ROOT'] . '/' . $GLOBALS['language_module'];
}
include_once dirname(__FILE__) . '/admin/languages.php';
require_once dirname(__FILE__) . '/admin/defaultconfig.php';
require_once dirname(__FILE__) . '/admin/connect.php';
include_once dirname(__FILE__) . '/admin/lib.php';
if (!empty($_GET['u']) && !empty($_GET['m'])) {
    $_GET['u'] = preg_replace('/\\W/', '', $_GET['u']);
    $userid = Sql_Fetch_Row_Query(sprintf('select id from %s where uniqid = "%s"', $GLOBALS['tables']['user'], $_GET['u']));
    if ($userid[0]) {
        Sql_Query(sprintf('update %s set viewed = now() where messageid = %d and userid = %d and viewed is null', $GLOBALS['tables']['usermessage'], $_GET['m'], $userid[0]));
        Sql_Query(sprintf('update %s set viewed = viewed + 1 where id = %d', $GLOBALS['tables']['message'], $_GET['m']));
    }
}
@ob_end_clean();
header('Content-Type: image/png');
print base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAABGdBTUEAALGPC/xhBQAAAAZQTFRF////AAAAVcLTfgAAAAF0Uk5TAEDm2GYAAAABYktHRACIBR1IAAAACXBIWXMAAAsSAAALEgHS3X78AAAAB3RJTUUH0gQCEx05cqKA8gAAAApJREFUeJxjYAAAAAIAAUivpHEAAAAASUVORK5CYII=');
Beispiel #22
0
function matchedBounceRule($text, $activeonly = 0)
{
    if ($activeonly) {
        $status = ' where status = "active"';
    } else {
        $status = '';
    }
    $req = Sql_Query(sprintf('select * from %s %s order by listorder', $GLOBALS['tables']['bounceregex'], $status));
    while ($row = Sql_Fetch_Array($req)) {
        $pattern = str_replace(' ', '\\s+', $row['regex']);
        #   print "Trying to match ".$pattern;
        #print ' with '.$text;
        #   print '<br/>';
        if (@preg_match('/' . preg_quote($pattern) . '/iUm', $text)) {
            return $row['id'];
        } elseif (@preg_match('/' . $pattern . '/iUm', $text)) {
            return $row['id'];
        }
    }
    return '';
}
Beispiel #23
0
    }
    ## allow plugins to save their fields
    foreach ($GLOBALS['plugins'] as $plugin) {
        $result = $result && $plugin->processEditList($id);
    }
    print '<div class="actionresult">' . $_SESSION['action_result'] . '</div>';
    if ($_GET['page'] == 'editlist') {
        print '<div class="actions">' . PageLinkButton('importsimple&amp;list=' . $id, s('Add some subscribers')) . ' ' . PageLinkButton('editlist', s('Add another list')) . '</div>';
    }
    unset($_SESSION['action_result']);
    return;
    ## doing this, the action result disappears, which we don't want
    Redirect('list');
}
if (!empty($id)) {
    $result = Sql_Query("SELECT * FROM " . $GLOBALS['tables']['list'] . " where id = {$id}");
    $list = Sql_Fetch_Array($result);
} else {
    $list = array('name' => '', 'active' => 0, 'listorder' => 0, 'description' => '');
}
if (empty($list['category'])) {
    $list['category'] = '';
}
@ob_end_flush();
?>

<?php 
echo formStart(' class="editlistSave" ');
?>
<input type="hidden" name="id" value="<?php 
echo $id;
Beispiel #24
0
<?php

require_once dirname(__FILE__) . '/accesscheck.php';
# convert the database to add the prefix
# dangerous, should not be used, particularly not if the prefix already exists
if (!$GLOBALS["table_prefix"]) {
    print "No prefix defined, nothing to do";
    return;
}
include "structure.php";
while (list($table, $value) = each($DBstruct)) {
    if ($table != $tables[$table]) {
        Sql_Drop_Table($tables[$table]);
        Sql_Verbose_Query("alter table {$table} rename {$tables[$table]}", 0);
    }
}
$req = Sql_Verbose_Query("select tablename from " . $tables["attribute"]);
while ($row = Sql_Fetch_Row($req)) {
    set_time_limit(500);
    if (Sql_Table_Exists("listattr_" . $row[0]) && $table_prefix) {
        Sql_Verbose_Query("alter table listattr_{$row['0']} rename {$table_prefix}" . "listattr_" . $row[0]);
    }
    if (Sql_Table_Exists($table_prefix . "listattr_" . $row[0])) {
        Sql_Query("alter table {$table_prefix}" . "listattr_" . $row[0] . " add column listorder integer default 0", 0);
    }
}
flush();
Beispiel #25
0
    var div1 = findEl("criteria_values_select");
    var div2 = findEl("criteria_values_text");
    var div3 = findEl(value_divs[choice]);
    div1.style.visibility = "hidden";
    div2.style.visibility = "hidden";
    div3.style.visibility = "visible";

  }
  </script>

  ';
        $att_drop = '<select name="criteria_attribute" onChange="changeDropDowns()" class="criteria_element" >';
        $att_drop .= '<option value="">[' . $GLOBALS['I18N']->get('selectattribute') . ']</option>';
        $att_names = '';
        # to remember them later
        $attreq = Sql_Query(sprintf('select * from %s where type in ("select","radio","date","checkboxgroup","checkbox") %s', $tables["attribute"], $already_used));
        while ($att = Sql_Fetch_array($attreq)) {
            $att_drop .= sprintf('<option value="%d" %s>%s</option>', $att["id"], "", substr(stripslashes($att["name"]), 0, 30) . ' (' . $GLOBALS['I18N']->get($att["type"]) . ')');
            $att_names .= sprintf('<input type=hidden name="attribute_names[%d]" value="%s">', $att["id"], stripslashes($att["name"]));
        }
        $att_drop .= '</select>' . $att_names;
        $operator_drop = '
    <select name="criteria_operator" class="criteria_element" >
    <option value="is">' . $GLOBALS['I18N']->get('is') . '</option>
    <option value="isnot">' . $GLOBALS['I18N']->get('isnot') . '</option>
    <option value="isbefore">' . $GLOBALS['I18N']->get('isbefore') . '</option>
    <option value="isafter">' . $GLOBALS['I18N']->get('isafter') . '</option>
  </select>
  ';
        $values_drop = '
  <style type="text/css">
Beispiel #26
0
<?php

if (empty($_SESSION['last_addemail'])) {
    $_SESSION['last_addemail'] = 0;
}
if (!empty($_GET['email'])) {
    $delay = time() - $_SESSION['last_addemail'];
    if ($delay > ADD_EMAIL_THROTTLE) {
        $_SESSION['last_addemail'] = time();
        Sql_Query(sprintf('insert into %s (email,uniqid,htmlemail,entered) values("%s","%s",1,now())', $GLOBALS['tables']['user'], sql_escape($_GET['email']), getUniqid()), 1);
        addUserHistory($_GET['email'], 'Added by ' . adminName(), '');
        $status = $GLOBALS['I18N']->get('Email address added');
    } else {
        # pluginsCall('processError','Error adding email address, throttled');
        foreach ($GLOBALS['plugins'] as $plname => $plugin) {
            $plugin->processError('Add email throttled ' . $delay);
        }
        $status = $GLOBALS['I18N']->get('Adding email address failed');
    }
}
    "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s as linktrack, %s as user where linktrack.userid = user.id 
    and linktrack.url = "%s" and linktrack.clicked group by linktrack.userid', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $urldata['url']));
} elseif ($msgid) {
    print '<h1>' . $GLOBALS['I18N']->get('User Click Details for a Message') . '</h1>';
    print '<table>
  <tr><td>' . $GLOBALS['I18N']->get('Subject') . '<td><td>' . $messagedata['subject'] . '</td></tr>
  <tr><td>' . $GLOBALS['I18N']->get('Entered') . '<td><td>' . $messagedata['entered'] . '</td></tr>
  <tr><td>' . $GLOBALS['I18N']->get('Sent') . '<td><td>' . $messagedata['sent'] . '</td></tr>
  </table><hr/>';
    $req = Sql_Query(sprintf('select user.email,user.id as userid,firstclick,date_format(latestclick,
    "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s as linktrack, %s as user where linktrack.userid = user.id 
    and linktrack.messageid = %d and linktrack.clicked group by linktrack.userid', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $msgid));
} elseif ($userid) {
    print '<h1>' . $GLOBALS['I18N']->get('User Click Details') . '</h1>';
    $req = Sql_Query(sprintf('select user.email,user.id as userid,firstclick,date_format(latestclick,
    "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks,messageid,linkid,url from %s as linktrack, %s as user where linktrack.userid = user.id 
    and linktrack.userid = %d and linktrack.clicked group by linktrack.url', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $userid));
}
#ob_end_flush();
#flush();
$summary = array();
while ($row = Sql_Fetch_Array($req)) {
    #  print $row['email'] . "<br/>";
    if (!$userid) {
        $element = $row['email'];
        $ls->addElement($element, PageUrl2('userhistory&id=' . $row['userid']));
    } else {
        $element = $row['url'];
        $ls->addElement($element, PageUrl2('uclicks&id=' . $row['linkid']));
        $ls->addColumn($element, $GLOBALS['I18N']->get('message'), PageLink2('mclicks&id=' . $row['messageid'], $row['messageid']));
    }
Beispiel #28
0
function saveUserAttribute($userid, $attid, $data)
{
    global $usertable_prefix, $table_prefix, $tables;
    # workaround for integration webbler/phplist
    if (!isset($usertable_prefix)) {
        $usertable_prefix = '';
    }
    if (!isset($table_prefix)) {
        $table_prefix = 'phplist_';
    }
    if (!empty($tables["attribute"])) {
        $att_table = $usertable_prefix . $tables["attribute"];
        $user_att_table = $usertable_prefix . $tables["user_attribute"];
    } else {
        $att_table = $usertable_prefix . "attribute";
        $user_att_table = $usertable_prefix . "user_attribute";
    }
    if (!is_array($data)) {
        $tmp = $data;
        $data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid));
        $data['value'] = $tmp;
        $data['displayvalue'] = $tmp;
    }
    # dbg($data,'$data to store for '.$userid.' '.$attid);
    if ($data["nodbsave"]) {
        #   dbg($attid, "Not saving, nodbsave");
        return;
    }
    if ($attid == "emailcheck" || $attid == "passwordcheck") {
        #   dbg($attid, "Not saving, emailcheck/passwordcheck");
        return;
    }
    if (!$data["type"]) {
        $data["type"] = "textline";
    }
    if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
        if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
            $data["value"] = 'not authoritative';
        }
        Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
        dbg('Saving', $data['value'], DBG_TRACE);
        if ($data["type"] == "password") {
            Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid));
        }
        return 1;
    }
    $attributetype = $data['type'];
    $attid_req = Sql_Fetch_Row_Query(sprintf('
    select id,type,tablename from %s where id = %d', $att_table, $attid));
    if (!$attid_req[0]) {
        $attid_req = Sql_Fetch_Row_Query(sprintf('
      select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
        if (!$attid_req[0]) {
            if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) {
                #      Dbg("Creating new Attribute: ".$data["name"]);
                sendError("creating new attribute " . $data["name"]);
                $atttable = getNewAttributeTablename($data["name"]);
                Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
                $attid = Sql_Insert_Id();
            } else {
                #     dbg("Not creating new Attribute: ".$data["name"]);
                # sendError("Not creating new attribute ".$data["name"]);
            }
        } else {
            $attid = $attid_req[0];
            if (empty($attributetype)) {
                $attributetype = $attid_req[1];
            }
            $atttable = $attid_req[2];
        }
    } else {
        $attid = $attid_req[0];
        if (empty($attributetype)) {
            $attributetype = $attid_req[1];
        }
        $atttable = $attid_req[2];
    }
    if (!$atttable && !empty($data['name'])) {
        $atttable = getNewAttributeTablename($data["name"]);
        # fix attribute without tablename
        Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
        #   sendError("Attribute without Tablename $attid");
    }
    switch ($attributetype) {
        case "static":
        case "password":
            #  dbg('SAVING STATIC OR  PASSWORD');
            if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
                $data["value"] = 'not authoritative';
            }
            Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
            break;
        case "select":
            $curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s
        where name = "%s"', $atttable, $data["displayvalue"]), 1);
            if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
                Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
                sendError("Added " . $data["displayvalue"] . " to {$atttable}");
                $valid = Sql_Insert_id();
            } else {
                $valid = $curval[0];
            }
            Sql_Query(sprintf('replace into %s (userid,attributeid,value)
        values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
            break;
        case 'avatar':
            if (is_array($_FILES)) {
                ## only avatars are files, for now
                if (!defined('MAX_AVATAR_SIZE')) {
                    define('MAX_AVATAR_SIZE', 100000);
                }
                $formfield = 'attribute' . $attid . '_file';
                ## the name of the fileupload element
                if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) {
                    $tmpnam = $_FILES[$formfield]['tmp_name'];
                    move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg');
                    $size = filesize('/tmp/avatar' . $userid . '.jpg');
                    #          dbg('New size: '.$size);
                    if ($size < MAX_AVATAR_SIZE) {
                        $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg');
                        Sql_Query(sprintf('replace into %s (userid,attributeid,value)
              values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar)));
                        unlink('/tmp/avatar' . $userid . '.jpg');
                    }
                }
            }
            break;
        default:
            Sql_Query(sprintf('replace into %s (userid,attributeid,value)
        values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
            break;
    }
    return 1;
}
Beispiel #29
0
## would be best to not have a limit, but putting one to avoid that
if ($download) {
    $limit = ' limit 100000';
}
if ($id) {
    $url_keep = '&amp;id=' . $id;
} else {
    $url_keep = '';
}
if ($total) {
    $paging = simplePaging("mviews{$url_keep}", $start, $total, MAX_USER_PP, $GLOBALS['I18N']->get("Entries"));
    $ls->usePanel($paging);
}
$req = Sql_Query(sprintf('select userid,email,um.entered as sent,min(um.viewed) as firstview,
    max(um.viewed) as lastview, count(um.viewed) as viewcount,
    abs(unix_timestamp(um.entered) - unix_timestamp(um.viewed)) as responsetime
    from %s um, %s user, %s msg where um.messageid = %d and um.messageid = msg.id and um.userid = user.id and um.status = "sent" and um.viewed is not null %s
    group by userid %s', $GLOBALS['tables']['usermessage'], $GLOBALS['tables']['user'], $GLOBALS['tables']['message'], $id, $subselect, $limit));
$summary = array();
while ($row = Sql_Fetch_Array($req)) {
    if ($download) {
        ## with download, the 50 per page limit is not there.
        set_time_limit(60);
        $element = $row['email'];
    } else {
        $element = shortenTextDisplay($row['email'], 15);
    }
    $ls->addElement($element, PageUrl2('userhistory&amp;id=' . $row['userid']));
    $ls->setClass($element, 'row1');
    $ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('sent') . ': ' . formatDateTime($row['sent'], 1) . '</div>', '');
    if ($row['viewcount'] > 1) {
    print $ls->display();
    return;
}
$req = Sql_Query(sprintf('select listid,userid,count(bounce) as numbounces from %s listuser, %s umb where listuser.userid = umb.user and listuser.listid = %d and date_add(time,interval 6 month) > now() group by umb.user order by listuser.listid', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user_message_bounce'], $listid));
$total = Sql_Affected_Rows();
$limit = '';
$numpp = 150;
$s = empty($_GET['s']) ? 0 : sprintf('%d', $_GET['s']);
if ($total > 500 && $_GET['type'] != 'dl') {
    #  print Paging2('listbounces&id='.$listid,$total,$numpp,'Page');
    $listing = sprintf($GLOBALS['I18N']->get("Listing %s to %s"), $s, $s + $numpp);
    $limit = "limit {$s}," . $numpp;
    print $total . " " . $GLOBALS['I18N']->get(" Total") . "</p>";
    printf('<table border=1><tr><td colspan=4 align=center>%s</td></tr><tr><td>%s</td><td>%s</td><td>
          %s</td><td>%s</td></tr></table><p><hr>', $listing, PageLink2('listbounces&id=' . $listid, "&lt;&lt;", "s=0"), PageLink2('listbounces&id=' . $listid, "&lt;", sprintf('s=%d', max(0, $s - $numpp))), PageLink2('listbounces&id=' . $listid, "&gt;", sprintf('s=%d', min($total, $s + $numpp))), PageLink2('listbounces&id=' . $listid, "&gt;&gt;", sprintf('s=%d', $total - $numpp)));
    $req = Sql_Query(sprintf('select listid,userid,count(bounce) as numbounces from %s listuser, %s umb where listuser.userid = umb.user and listuser.listid = %d  and date_add(time,interval 6 month) > now() group by umb.user order by listuser.listid %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user_message_bounce'], $listid, $limit));
}
print '<p>' . PageLink2('listbounces', 'Select another list');
print '&nbsp;' . PageLink2('listbounces&type=dl&&amp;id=' . $listid, 'Download emails');
print '</p>';
if ($_GET['type'] == 'dl') {
    ob_end_clean();
    Header("Content-type: text/plain");
    $filename = 'Bounces on ' . listName($listid);
    header("Content-disposition:  attachment; filename=\"{$filename}\"");
}
$currentlist = 0;
$ls = new WebblerListing('');
while ($row = Sql_Fetch_Array($req)) {
    if ($currentlist != $row['listid']) {
        if ($_GET['type'] != 'dl') {