} $current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["user"], $userid)); $current_data = array_merge($current_data, getUserAttributeValues('', $userid)); $information_changed = 0; foreach ($current_data as $key => $val) { if (!is_numeric($key)) { if (isset($old_data[$key]) && $old_data[$key] != $val && $old_data[$key] && $key != "password" && $key != "modified") { $information_changed = 1; $history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n"; } } } if (!$information_changed) { $history_entry .= "\nNo user details changed"; } addUserHistory($user["systemvalues"]["email"], "Import by " . adminName(), $history_entry); } #add this user to the lists identified, except when they are blacklisted $isBlackListed = isBlackListed($user["systemvalues"]["email"]); if (!$isBlackListed && is_array($_SESSION["lists"])) { reset($_SESSION["lists"]); $addition = 0; $listoflists = ""; while (list($key, $listid) = each($_SESSION["lists"])) { $query = "replace INTO " . $tables["listuser"] . " (userid,listid,entered) values({$userid},{$listid},now())"; $result = Sql_query($query, 1); # if the affected rows is 2, the user was already subscribed $addition = $addition || Sql_Affected_Rows() == 1; $listoflists .= " * " . listName($key) . "\n"; # $_SESSION["listname"][$key] . "\n"; }
} if (ENCRYPT_ADMIN_PASSWORDS && !empty($_POST['updatepassword'])) { //Send token email. print sendAdminPasswordToken($id) . '<br/>'; ## check for password changes } elseif (isset($_POST['password'])) { # Sql_Query("update {$tables["admin"]} set password = \"".sql_escape($_POST['password'])."\" where id = $id"); } if (isset($_POST["attribute"]) && is_array($_POST["attribute"])) { while (list($key, $val) = each($_POST["attribute"])) { Sql_Query(sprintf('replace into %s (adminid,adminattributeid,value) values(%d,%d,"%s")', $tables["admin_attribute"], $id, $key, addslashes($val))); } } $privs = array('subscribers' => !empty($_POST['subscribers']), 'campaigns' => !empty($_POST['campaigns']), 'statistics' => !empty($_POST['statistics']), 'settings' => !empty($_POST['settings'])); Sql_Query(sprintf('update %s set modified=now(), modifiedby = "%s", privileges = "%s" where id = %d', $GLOBALS['tables']["admin"], adminName($_SESSION["logindetails"]["id"]), sql_escape(serialize($privs)), $id)); print $GLOBALS['I18N']->get('Changes saved'); print '</div>'; } else { Error($GLOBALS['I18N']->get('Error adding new admin, login name and/or email not inserted, email not valid or admin already exists')); } } if (!empty($_GET["delete"])) { $delete = sprintf('%d', $_GET['delete']); # delete the index in delete print $GLOBALS['I18N']->get('Deleting') . " {$delete} ..\n"; if ($delete != $_SESSION["logindetails"]["id"]) { Sql_query(sprintf('delete from %s where id = %d', $GLOBALS["tables"]["admin"], $delete)); Sql_query(sprintf('delete from %s where adminid = %d', $GLOBALS["tables"]["admin_attribute"], $delete)); Sql_query(sprintf('delete from %s where adminid = %d', $GLOBALS["tables"]["admin_task"], $delete)); print '..' . $GLOBALS['I18N']->get('Done');
<?php if (empty($_SESSION['last_addemail'])) { $_SESSION['last_addemail'] = 0; } if (!defined('PHPLISTINIT')) { die; } verifyCsrfGetToken(); if (!empty($_GET['email'])) { $delay = time() - $_SESSION['last_addemail']; if (!validateEmail($_GET['email'])) { $status = s('That is not a valid email address'); } elseif ($delay > ADD_EMAIL_THROTTLE) { $_SESSION['last_addemail'] = time(); Sql_Query(sprintf('insert into %s (email,uniqid,htmlemail,entered) values("%s","%s",1,now())', $GLOBALS['tables']['user'], sql_escape($_GET['email']), getUniqid()), 1); addUserHistory($_GET['email'], s('Added by %s', adminName()), s('Added with add-email on test')); $status = s('Email address added'); } else { # pluginsCall('processError','Error adding email address, throttled'); foreach ($GLOBALS['plugins'] as $plname => $plugin) { $plugin->processError('Add email throttled ' . $delay); } $status = s('Adding email address failed, try again later'); } }
} print '<p class="leaftitle">' . NAME . ' - ' . strtolower($page_title) . '</p>'; if ($GLOBALS["require_login"] && $page != "login") { if ($page == 'logout') { $greeting = $GLOBALS['I18N']->get('goodbye'); } else { $hr = date("G"); if ($hr > 0 && $hr < 12) { $greeting = $GLOBALS['I18N']->get('goodmorning'); } elseif ($hr <= 18) { $greeting = $GLOBALS['I18N']->get('goodafternoon'); } else { $greeting = $GLOBALS['I18N']->get('goodevening'); } } print '<div><font style="font-size : 12px;font-family : Arial, Helvetica, sans-serif; font-weight : bold;"> ' . $greeting . " " . adminName($_SESSION["logindetails"]["id"]) . "</font></div>"; if ($page != "logout") { print '<div align="right">' . PageLink2("logout", $GLOBALS['I18N']->get('logout')); } print '</div>'; } if (LANGUAGE_SWITCH) { $ls = '<div align="right" id="languageswitch"><br/><form name="languageswitch" method="post" style="margin: 0; padding: 0">'; $ls .= '<select name="setlanguage" onChange="document.languageswitch.submit()" style="width: 100px; font-size: 10px; color: #666666">'; $lancount = 0; foreach ($GLOBALS['LANGUAGES'] as $iso => $rec) { if (is_dir(dirname(__FILE__) . '/lan/' . $iso)) { $ls .= sprintf('<option value="%s" %s>%s</option>', $iso, $_SESSION['adminlanguage']['iso'] == $iso ? 'selected' : '', $rec[0]); $lancount++; } }
$listmembership = array(); $req = Sql_Query("select * from {$tables['listuser']} where userid = {$userid}"); while ($row = Sql_Fetch_Array($req)) { $listmembership[$row['listid']] = listName($row['listid']); } $history_entry .= "\n" . $GLOBALS['I18N']->get('List subscriptions:') . "\n"; foreach ($old_listmembership as $key => $val) { $history_entry .= $GLOBALS['I18N']->get('Was subscribed to:') . " {$val}\n"; } foreach ($listmembership as $key => $val) { $history_entry .= $GLOBALS['I18N']->get('Is now subscribed to:') . " {$val}\n"; } if (!count($listmembership)) { $history_entry .= $GLOBALS['I18N']->get('Not subscribed to any lists') . "\n"; } addUserHistory($email, $GLOBALS['I18N']->get('Import by ') . adminName(), $history_entry); } // end if } // end while # lets be gramatically correct :-) $displists = $num_lists == 1 ? $GLOBALS['I18N']->get('list') : $GLOBALS['I18N']->get('lists'); $dispemail = $count_email_add == 1 ? $GLOBALS['I18N']->get('new email was') : $GLOBALS['I18N']->get('new emails were'); $dispemail2 = $additional_emails == 1 ? $GLOBALS['I18N']->get('email was') : $GLOBALS['I18N']->get('emails were'); if ($count_email_exist) { $report .= '<br/> ' . s('%d emails already existed in the database', $count_email_exist); } if (!$some && !$additional_emails) { $report .= '<br/>' . s('All the emails already exist in the database.'); } else { $report .= "<br/>{$count_email_add} {$dispemail} " . s('succesfully imported to the database and added to') . " {$num_lists} {$displists}.<br/>{$additional_emails} {$dispemail2} " . $GLOBALS['I18N']->get('subscribed to the') . " {$displists}";
$old_data[$key] = s('(no data)'); } $history_entry .= "{$key} = {$val}\n" . s('changed from') . " {$old_data[$key]}\n"; } } } if (!$history_entry) { $history_entry = "\n" . s('No data changed') . "\n"; } foreach ($subscribed_to as $key => $desc) { $history_entry .= s('Subscribed to %s', $desc) . "\n"; } foreach ($unsubscribed_from as $key => $desc) { $history_entry .= s('Unsubscribed from %s', $desc) . "\n"; } addUserHistory($email, s('Update by %s', adminName($_SESSION['logindetails']['id'])), $history_entry); if (empty($newuser)) { $_SESSION['action_result'] = s('Changes saved') . $feedback; } Redirect("user&id={$id}"); exit; } /************ END <whitout_error IF block> (start in line 71) **********************/ } if (isset($delete) && $delete && $access != 'view') { verifyCsrfGetToken(); # delete the index in delete $_SESSION['action_result'] = s('Deleting') . " {$delete} ..\n"; if ($require_login && !isSuperUser()) { $lists = Sql_query("SELECT listid FROM {$tables['listuser']},{$tables['list']} where userid = " . $delete . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} "); while ($lst = Sql_fetch_array($lists)) {
if ($row['rssfeed']) { $feed = $row['rssfeed']; # reformat string, so it wraps if it's very long $feed = ereg_replace("/", "/ ", $feed); $feed = ereg_replace("&", "& ", $feed); $desc = sprintf('%s: <a href="%s" target="_blank">%s</a><br /> ', $GLOBALS['I18N']->get('RSS source'), $row['rssfeed'], $feed) . PageLink2("viewrss&id=" . $row["id"], $GLOBALS['I18N']->get('(View Items)')) . '<br />' . $desc; } $html .= sprintf(' <tr> <td valign="top">%d</td><td valign="top"><b>%s</b><br/>%d %s</td> <td valign="top"><input type="text" name="listorder[%d]" value="%d" size="5"></td> <td valign="top">%s | %s | <a href="javascript:deleteRec(\'%s\');">%s</a></td> <td valign="top"><input type="checkbox" name="active[%d]" value="1" %s></td> <td valign="top">%s</td></tr><tr><td> </td> <td colspan="5">%s</td></tr><tr><td colspan="6"><hr width="50%%" size="4"></td> </tr>', $row["id"], stripslashes($row['name']), $count[0], $GLOBALS['I18N']->get('members'), $row['id'], $row['listorder'], PageLink2("editlist", $GLOBALS['I18N']->get('edit'), "id=" . $row["id"]), PageLink2("members", $GLOBALS['I18N']->get('view members'), "id=" . $row["id"]), PageURL2("list", "", "delete=" . $row["id"]), $GLOBALS['I18N']->get('delete'), $row["id"], $row["active"] ? 'checked' : '', $GLOBALS['require_login'] ? adminName($row['owner']) : $GLOBALS['I18N']->get('n/a'), $desc); $some = 1; } if (!$some) { echo $GLOBALS['I18N']->get('No lists available, use Add to add one'); } else { echo '<table border="0"> <tr> <td>' . $GLOBALS['I18N']->get('No') . '</td> <td>' . $GLOBALS['I18N']->get('Name') . '</td> <td>' . $GLOBALS['I18N']->get('Order') . '</td> <td>' . $GLOBALS['I18N']->get('Functions') . '</td> <td>' . $GLOBALS['I18N']->get('Active') . '</td> <td>' . $GLOBALS['I18N']->get('Owner') . '</td> <td>' . $html . ' <tr>
if ($delete) { Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage"], $delete)); Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage_data"], $delete)); Info($GLOBALS['I18N']->get('Deleted') . " {$delete}"); } print formStart('name="pagelist" class="spageEdit" '); print '<input type="hidden" name="active[-1]" value="1" />'; ## to force the active array to exist $ls = new WebblerListing($GLOBALS['I18N']->get('subscribe pages')); $req = Sql_Query(sprintf('select * from %s %s order by title', $tables["subscribepage"], $subselect)); while ($p = Sql_Fetch_Array($req)) { $ls->addElement($p["id"]); $ls->setClass($p["id"], 'row1'); $ls->addColumn($p["id"], $GLOBALS['I18N']->get('title'), stripslashes($p["title"])); if ($require_login && isSuperUser() || !$require_login) { $ls->addColumn($p["id"], $GLOBALS['I18N']->get('owner'), adminName($p["owner"])); if ($p["id"] == $default) { $checked = 'checked="checked"'; } else { $checked = ""; } $ls->addColumn($p["id"], $GLOBALS['I18N']->get('default'), sprintf('<input type="radio" name="default" value="%d" %s onchange="document.pagelist.submit()" />', $p["id"], $checked)); } else { $adminname = ""; $isdefault = ""; } $ls->addColumn($p["id"], s('active'), sprintf('<input type="checkbox" name="active[%d]" value="1" %s onchange="document.pagelist.submit()" />', $p["id"], $p["active"] ? 'checked="checked"' : '')); $ls->addRow($p["id"], $p["active"] ? '<span class="yes" title="' . $GLOBALS['I18N']->get('active') . '"></span>' : '<span class="no" title="' . $GLOBALS['I18N']->get('not active') . '"></span>', sprintf('<span class="edit"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('edit') . '">%s</a></span>', PageURL2("spageedit", ""), $p["id"], $GLOBALS['I18N']->get('edit')) . sprintf('<span class="delete"><a class="button" href="javascript:deleteRec(\'%s\');" title="' . $GLOBALS['I18N']->get('delete') . '">%s</a></span>', PageURL2("spage", "", "delete=" . $p["id"]), $GLOBALS['I18N']->get('del')) . sprintf('<span class="view"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('view') . '">%s</a></span>', getConfig("subscribeurl"), $p["id"], $GLOBALS['I18N']->get('view'))); } print $ls->display(); print '<p class="button">' . PageLink2("spageedit", s('Add a new subscribe page')) . '</p>';
$tables["subscribepage_data"],$delete)); Info("deleted $delete"); } print formStart('name="pagelist"'); $ls = new WebblerListing("Subscribe Pages"); $req = Sql_Query(sprintf('select * from %s %s order by title',$tables["subscribepage"],$subselect)); while ($p = Sql_Fetch_Array($req)) { $ls->addElement($p["id"]); $ls->addColumn($p["id"],"title",$p["title"]); $ls->addColumn($p["id"],"edit",sprintf('<a href="%s&id=%d">edit</a>',PageURL2("spageedit",""),$p["id"])); $ls->addColumn($p["id"],"del",sprintf('<a href="javascript:deleteRec(\'%s\');">del</a>',PageURL2("spage","","delete=".$p["id"]))); $ls->addColumn($p["id"],"view",sprintf('<a href="%s&id=%d">view</a>',getConfig("subscribeurl"),$p["id"])); $ls->addColumn($p["id"],"status",$p["active"]? "Active":"Not Active"); if (($require_login && isSuperUser()) || !$require_login) { $ls->addColumn($p["id"],"owner",adminName($p["owner"])); if ($p["id"] == $default) { $checked = "checked"; } else { $checked = ""; } $ls->addColumn($p["id"],"default",sprintf('<input type="radio" name="default" value="%d" %s onChange="document.pagelist.submit()">',$p["id"],$checked)); } else { $adminname = ""; $isdefault = ""; } } print $ls->display(); print '<p>'.PageLink2("spageedit","Add a new one").'</p>'; ?> </form>
// Annoying hack => Much too time consuming. Solution => Set email in users to UNIQUE() $result = Sql_query("SELECT id FROM " . $tables["admin"] . " WHERE email = '{$email}'"); if (Sql_affected_rows()) { // Email exists, remember some values to add them to the lists $user = Sql_fetch_array($result); $adminid = $admin["id"]; } else { // Email does not exist $loginname = $data["loginname"]; if (!$loginname && $email) { $loginname = $email; Warn($GLOBALS['I18N']->get("Empty loginname, using email:") . " " . $email); } $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,password,superuser,disabled) values("%s","%s","%s",now(),"%s","%s",0,0)', $tables["admin"], $email, $loginname, normalize($loginname), adminName($_SESSION["logindetails"]["id"]), $data["password"]); $result = Sql_query($query); $adminid = Sql_insert_id(); $count_email_add++; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if ($data[$item["index"]]) { $attribute_index = $item["record"]; $value = $data[$item["index"]]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query("select type,tablename,name from " . $tables["adminattribute"] . " where id = {$attribute_index}"); switch ($att[0]) { case "select": case "radio":
$query = sprintf('update %s set email = "%s", loginname = "%s", namelc = "%s", modifiedby = "%s", passwordchanged = now(), password = "******", superuser = 0, disabled = 0, privileges = "%s" where id = %d', $tables['admin'], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION['logindetails']['id']), encryptPass($data['password']), sql_escape(serialize($privs)), $adminid); $result = Sql_query($query); } else { $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,passwordchanged,password,superuser,disabled,privileges) values("%s","%s","%s",now(),"%s",now(),"%s",0,0,"%s")', $tables['admin'], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION['logindetails']['id']), encryptPass($data['password']), sql_escape(serialize($privs))); $result = Sql_query($query); $adminid = Sql_insert_id(); ++$count_email_add; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if (!empty($data['values'][$item['index']])) { $attribute_index = $item['record']; $value = $data['values'][$item['index']]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query('select type,tablename,name from ' . $tables['adminattribute'] . " where id = {$attribute_index}"); switch ($att[0]) { case 'select': case 'radio':
} $current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['user'], $userid)); $current_data = array_merge($current_data, getUserAttributeValues('', $userid)); $information_changed = 0; foreach ($current_data as $key => $val) { if (!is_numeric($key)) { if (isset($old_data[$key]) && $old_data[$key] != $val && $old_data[$key] && $key != 'password' && $key != 'modified') { $information_changed = 1; $history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n"; } } } if (!$information_changed) { $history_entry .= "\nNo user details changed"; } addUserHistory($user['systemvalues']['email'], 'Import by ' . adminName(), $history_entry); } #add this user to the lists identified, except when they are blacklisted $isBlackListed = isBlackListed($user['systemvalues']['email']); if (!$isBlackListed && is_array($_SESSION['lists'])) { reset($_SESSION['lists']); $addition = 0; $listoflists = ''; while (list($key, $listid) = each($_SESSION['lists'])) { $query = 'replace INTO ' . $tables['listuser'] . " (userid,listid,entered) values({$userid},{$listid},now())"; $result = Sql_query($query, 1); # if the affected rows is 2, the user was already subscribed $addition = $addition || Sql_Affected_Rows() == 1; $listoflists .= ' * ' . listName($key) . "\n"; # $_SESSION["listname"][$key] . "\n"; }
$query = sprintf('update %s set email = "%s", loginname = "%s", namelc = "%s", modifiedby = "%s", passwordchanged = current_timestamp, password = "******", superuser = 0, disabled = 0, privileges = "%s" where id = %d', $tables["admin"], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION["logindetails"]["id"]), encryptPass($data["password"]), sql_escape(serialize($privs)), $adminid); $result = Sql_query($query); } else { $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,passwordchanged,password,superuser,disabled,privileges) values("%s","%s","%s",current_timestamp,"%s",current_timestamp,"%s",0,0,"%s")', $tables["admin"], sql_escape($email), sql_escape($loginname), normalize($loginname), adminName($_SESSION["logindetails"]["id"]), encryptPass($data["password"]), sql_escape(serialize($privs))); $result = Sql_query($query); $adminid = Sql_Insert_Id($tables['admin'], 'id'); $count_email_add++; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if (!empty($data['values'][$item["index"]])) { $attribute_index = $item["record"]; $value = $data['values'][$item["index"]]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query("select type,tablename,name from " . $tables["adminattribute"] . " where id = {$attribute_index}"); switch ($att[0]) { case "select": case "radio":
$result = Sql_query("SELECT * FROM {$tables['list']} {$subselect} order by listorder"); while ($row = Sql_fetch_array($result)) { $count = Sql_Fetch_Row_Query("select count(*) from {$tables["listuser"]} where listid = {$row["id"]} "); $desc = stripslashes($row["description"]); if ($row["rssfeed"]) { $feed = $row["rssfeed"]; # reformat string, so it wraps if it's very long $feed = ereg_replace("/", "/ ", $feed); $feed = ereg_replace("&", "& ", $feed); $desc = sprintf('RSS source: <a href="%s" target="_blank">%s</a><br/> ', $row["rssfeed"], $feed) . PageLink2("viewrss&id=" . $row["id"], "(View Items)") . '<br/>' . $desc; } $html .= sprintf('<tr><td valign=top>%d</td><td valign=top><b> %s</b><br/>%d members</td><td valign=top><input type=text name="listorder[%d]" value="%d" size=5></td> <td valign=top>%s | %s | <a href="javascript:deleteRec(\'%s\');">delete</a></td> <td valign=top><input type=checkbox name="active[%d]" value="1" %s></td> <td valign=top>%s</td></tr><tr><td> </td><td colspan=5>%s</td></tr><tr><td colspan=6><hr width=50%% size=4></td></tr>', $row["id"], $row["name"], $count[0], $row["id"], $row["listorder"], PageLink2("editlist", "edit", "id=" . $row["id"]), PageLink2("members", "view members", "id=" . $row["id"]), PageURL2("list", "", "delete=" . $row["id"]), $row["id"], $row["active"] ? "checked" : "", $GLOBALS["require_login"] ? adminName($row["owner"]) : "n/a", $desc); $some = 1; } if (!$some) { echo "No lists available, use Add to add one"; } else { echo '<table border=0><tr><td>No</td><td>Name</td><td>Order</td><td>Functions</td><td> Active</td><td>Owner</td><td>' . $html . '<tr><td colspan=6 align=center><input type=submit name="update" value="Save Changes"></td></tr></table>'; } ?> </ul> </form> <p><? if ($GLOBALS["require_login"] && !isSuperUser()) {
if ($delete) { Sql_Query(sprintf('delete from %s where id = %d', $tables['subscribepage'], $delete)); Sql_Query(sprintf('delete from %s where id = %d', $tables['subscribepage_data'], $delete)); Info($GLOBALS['I18N']->get('Deleted') . " {$delete}"); } print formStart('name="pagelist" class="spageEdit" '); print '<input type="hidden" name="active[-1]" value="1" />'; ## to force the active array to exist $ls = new WebblerListing($GLOBALS['I18N']->get('subscribe pages')); $req = Sql_Query(sprintf('select * from %s %s order by title', $tables['subscribepage'], $subselect)); while ($p = Sql_Fetch_Array($req)) { $ls->addElement($p['id']); $ls->setClass($p['id'], 'row1'); $ls->addColumn($p['id'], $GLOBALS['I18N']->get('title'), stripslashes($p['title'])); if ($require_login && isSuperUser() || !$require_login) { $ls->addColumn($p['id'], $GLOBALS['I18N']->get('owner'), adminName($p['owner'])); if ($p['id'] == $default) { $checked = 'checked="checked"'; } else { $checked = ''; } $ls->addColumn($p['id'], $GLOBALS['I18N']->get('default'), sprintf('<input type="radio" name="default" value="%d" %s onchange="document.pagelist.submit()" />', $p['id'], $checked)); } else { $adminname = ''; $isdefault = ''; } $ls->addColumn($p['id'], s('active'), sprintf('<input type="checkbox" name="active[%d]" value="1" %s onchange="document.pagelist.submit()" />', $p['id'], $p['active'] ? 'checked="checked"' : '')); $ls->addRow($p['id'], $p['active'] ? '<span class="yes" title="' . $GLOBALS['I18N']->get('active') . '"></span>' : '<span class="no" title="' . $GLOBALS['I18N']->get('not active') . '"></span>', sprintf('<span class="edit"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('edit') . '">%s</a></span>', PageURL2('spageedit', ''), $p['id'], $GLOBALS['I18N']->get('edit')) . sprintf('<span class="delete"><a class="button" href="javascript:deleteRec(\'%s\');" title="' . $GLOBALS['I18N']->get('delete') . '">%s</a></span>', PageURL2('spage', '', 'delete=' . $p['id']), $GLOBALS['I18N']->get('del')) . sprintf('<span class="view"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('view') . '">%s</a></span>', getConfig('subscribeurl'), $p['id'], $GLOBALS['I18N']->get('view'))); } print $ls->display(); print '<p class="button">' . PageLink2('spageedit', s('Add a new subscribe page')) . '</p>';
if ($isValid) { ## I guess everyone will import all their users wanting to receive HTML .... $query = sprintf('insert into %s (email,entered,htmlemail,confirmed,uniqid) values("%s",now(),1,1,"%s")', $tables["user"], $line, $uniqid); $result = Sql_query($query, 1); $userid = Sql_insert_id(); if (empty($userid)) { $count['duplicate']++; ## mark the subscriber confirmed, don't touch blacklisted ## hmm, maybe not, can be done on the reconcile page # Sql_Query(sprintf('update %s set confirmed = 1 where email = "%s"', $tables["user"], $line)); $idreq = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $tables["user"], $line)); $userid = $idreq[0]; } else { $count['imported']++; addUserHistory($line, $GLOBALS['I18N']->get('import_by') . ' ' . adminName(), ''); } ## do not add them to the list(s) when blacklisted $isBlackListed = isBlackListed($line); if (!$isBlackListed) { $count['addedtolist']++; foreach ($selected_lists as $k => $listid) { $query = "replace into " . $tables["listuser"] . " (userid,listid,entered) values({$userid},{$listid},now())"; $result = Sql_query($query); } } else { $count['foundonblacklist']++; } } else { $count['invalid']++; $rejectReport['invalid'] .= "\n" . $line;
foreach ($unsubscribed_to as $key => $desc) { $history_entry .= "Unsubscribed from {$desc}\n"; } } else { $history_entry .= "\nList subscriptions:\n"; foreach ($old_listmembership as $key => $val) { $history_entry .= "Was subscribed to: {$val}\n"; } foreach ($listmembership as $key => $val) { $history_entry .= "Is now subscribed to: {$val}\n"; } if (!sizeof($listmembership)) { $history_entry .= "Not subscribed to any lists\n"; } } addUserHistory($email, "Update by " . adminName($_SESSION["logindetails"]["id"]), $history_entry); if ($newuser) { Redirect("user&id={$id}"); exit; } Info($GLOBALS['I18N']->get('Changes saved')); } if (isset($delete) && $delete && $access != "view") { # delete the index in delete print $GLOBALS['I18N']->get('Deleting') . " {$delete} ..\n"; if ($require_login && !isSuperUser()) { $lists = Sql_query("SELECT listid FROM {$tables["listuser"]},{$tables["list"]} where userid = " . $delete . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} "); while ($lst = Sql_fetch_array($lists)) { Sql_query("delete from {$tables["listuser"]} where userid = {$delete} and listid = {$lst['0']}"); } } else {
} if ($id) { reset($struct); while (list($key, $val) = each($struct)) { list($a, $b) = explode(":", $val[1]); if ($a != "sys" && $val[1]) { Sql_Query("update {$tables["admin"]} set {$key} = \"" . $_POST[$key] . "\" where id = {$id}"); } } if (is_array($_POST["attribute"])) { while (list($key, $val) = each($_POST["attribute"])) { Sql_Query(sprintf('replace into %s (adminid,adminattributeid,value) values(%d,%d,"%s")', $tables["admin_attribute"], $id, $key, $val)); } } Sql_Query(sprintf('update %s set modifiedby = "%s" where id = %d', $tables["admin"], adminName($_SESSION["logindetails"]["id"]), $id)); if ($accesslevel == "all" && is_array($_POST["access"])) { Sql_Query("delete from {$tables["admin_task"]} where adminid = {$id}"); if (is_array($_POST["access"])) { while (list($key, $val) = each($_POST["access"])) { Sql_Query("replace into {$tables["admin_task"]} (adminid,taskid,level) values({$id},{$key},{$val})"); } } } Info($GLOBALS['I18N']->get('Changes saved')); } else { Info($GLOBALS['I18N']->get('Error adding new admin')); } } if ($_POST["setdefault"]) { Sql_Query("delete from {$tables["admin_task"]} where adminid = 0");
Sql_Query(sprintf('update %s set regex = "%s",action="%s", comment="%s",status = "%s" where id= %d', $GLOBALS['tables']['bounceregex'], trim($_POST['regex']), sql_escape($_POST['action']), sql_escape($_POST['comment']), sql_escape($_POST['status']), $_GET['id']), 1); $num = Sql_Affected_Rows(); if ($num < 0) { print $GLOBALS['I18N']->get('Updating the regular expression of this rule caused an Sql conflict<br/>This is probably because there is already a rule like that. Do you want to delete this rule instead?'); print '<p>' . PageLink2('bouncerules&del=' . $id, $GLOBALS['I18N']->get('Yes')) . ' '; print PageLink2('bouncerules', $GLOBALS['I18N']->get('No')) . '</p>'; return; } Redirect('bouncerules' . $hash); } print '<p>' . PageLink2('bouncerules' . $hash, $GLOBALS['I18N']->get('back to list of bounce rules')) . '</p>'; $data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['bounceregex'], $id)); print '<form method=post>'; print '<table>'; printf('<tr><td>%s</td><td><input type=text name="regex" size=30 value="%s"></td></tr>', $GLOBALS['I18N']->get('Regular Expression'), htmlspecialchars($data['regex'])); printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get('Created By'), adminName($data['admin'])); printf('<tr><td>%s</td><td><select name="action">', $GLOBALS['I18N']->get('Action')); foreach ($GLOBALS['bounceruleactions'] as $action => $desc) { printf('<option value="%s" %s>%s</option>', $action, $data['action'] == $action ? 'selected' : '', $desc); } print '</select></td></tr>'; printf('<tr><td>%s</td><td><select name="status">', $GLOBALS['I18N']->get('Status')); printf('<option value="none">[%s]</option>', $GLOBALS['I18N']->get('Select Status')); foreach (array('active', 'candidate') as $type) { printf('<option value="%s" %s>%s</option>', $type, $data['status'] == $type ? 'selected' : '', $GLOBALS['I18N']->get($type)); } print '</select></td></tr>'; printf('<tr><td colspan=2>%s</td></tr><tr><td colspan=2> <textarea name="comment" rows=10 cols=65>%s</textarea></td></tr>', $GLOBALS['I18N']->get('Memo for this rule'), htmlspecialchars($data['comment'])); print '<tr><td colspan=2><input type=submit name="save" value="' . $GLOBALS['I18N']->get('Save Changes') . '"></td></tr>'; print '</table></form>';
<?php if (empty($_SESSION['last_addemail'])) { $_SESSION['last_addemail'] = 0; } if (!empty($_GET['email'])) { $delay = time() - $_SESSION['last_addemail']; if ($delay > ADD_EMAIL_THROTTLE) { $_SESSION['last_addemail'] = time(); Sql_Query(sprintf('insert into %s (email,uniqid,htmlemail,entered) values("%s","%s",1,now())', $GLOBALS['tables']['user'], sql_escape($_GET['email']), getUniqid()), 1); addUserHistory($_GET['email'], 'Added by ' . adminName(), ''); $status = $GLOBALS['I18N']->get('Email address added'); } else { # pluginsCall('processError','Error adding email address, throttled'); foreach ($GLOBALS['plugins'] as $plname => $plugin) { $plugin->processError('Add email throttled ' . $delay); } $status = $GLOBALS['I18N']->get('Adding email address failed'); } }
if (Sql_affected_rows()) { // Email exist, remember some values to add them to the lists $user = Sql_fetch_array($result); $adminid = $admin["id"]; } else { // Email does not exist $loginname = $data["loginname"]; if (!$loginname && $email) { $loginname = $email; Warn("Empty loginname, using email: $email"); } $query = sprintf('INSERT INTO %s (email,loginname,namelc,created,modifiedby,password,superuser,disabled) values("%s","%s","%s",now(),"%s","%s",0,0)', $tables["admin"],$email,$loginname,normalize($loginname),adminName($_SESSION["logindetails"]["id"]),$data["password"]); $result = Sql_query($query); $adminid = Sql_insert_id(); $count_email_add++; $some = 1; } reset($import_attribute); foreach ($import_attribute as $item) { if ($data[$item["index"]]) { $attribute_index = $item["record"]; $value = $data[$item["index"]]; # check whether this is a textline or a selectable item $att = Sql_Fetch_Row_Query("select type,tablename,name from ".$tables["adminattribute"]." where id = $attribute_index"); switch ($att[0]) { case "select":