function fill($prefix, $listid)
{
global $server_name, $tables, $table_prefix;
# check for not too many
$domain = getConfig('domain');
$res = Sql_query("select count(*) from {$tables['user']}");
$row = Sql_fetch_row($res);
if ($row[0] > 50000) {
error('Hmm, I think 50 thousand users is quite enough for a test<br/>This machine does need to do other things you know.');
print '<script language="Javascript" type="text/javascript"> document.forms[0].output.value="Done. Now there are ' . $row[0] . ' users in the database";</script>' . "\n";
return 0;
}
# fill the database with "users" who have any combination of attribute values
$attributes = array();
$res = Sql_query("select * from {$tables['attribute']} where type = \"select\" or type = \"checkbox\" or type=\"radio\"");
$num_attributes = Sql_Affected_rows();
$total_attr = 0;
$total_val = 0;
while ($row = Sql_fetch_array($res)) {
array_push($attributes, $row['id']);
++$total_attr;
$values[$row['id']] = array();
$res2 = Sql_query("select * from {$table_prefix}" . 'listattr_' . $row['tablename']);
while ($row2 = Sql_fetch_array($res2)) {
array_push($values[$row['id']], $row2['id']);
++$total_val;
}
}
$total = $total_attr * $total_val;
if (!$total) {
Fatal_Error('Can only do stress test when some attributes exist');
return 0;
}
for ($i = 0; $i < $total; ++$i) {
$data = array();
reset($attributes);
while (list($key, $val) = each($attributes)) {
$data[$val] = current($values[$val]);
if (!$data[$val]) {
reset($values[$val]);
$data[$val] = current($values[$val]);
}
next($values[$val]);
}
$query = sprintf('insert into %s (email,entered,confirmed) values("testuser%s",now(),1)', $tables['user'], $prefix . '-' . $i . '@' . $domain);
$result = Sql_query($query, 0);
$userid = Sql_insert_id();
if ($userid) {
$result = Sql_query("replace into {$tables['listuser']} (userid,listid,entered) values({$userid},{$listid},now())");
reset($data);
while (list($key, $val) = each($data)) {
if ($key && $val) {
Sql_query("replace into {$tables['user_attribute']} (attributeid,userid,value) values(" . $key . ",{$userid}," . $val . ')');
}
}
}
}
return 1;
}
function Debug($variable, $description = 'Value', $nestingLevel = 0)
{
global $config;
# if (!$config["debug"])
# $er = error_reporting(0);
if (ini_get("safe_mode")) {
return;
}
if (!$config["debug"]) {
return;
}
if ($config["verbose"]) {
smartDebug($variable, $description, $nestingLevel);
} elseif ($config["debug_log"]) {
$fp = @fopen($config["debug_log"], "a");
$line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n";
@fwrite($fp, $line);
@fclose($fp);
# $fp = fopen($config["sql_log"],"a");
# fwrite($fp,"$line");
# fclose($fp);
} else {
Fatal_Error("Debugging not configured properly");
}
# error_reporting($er);
}
return;
}
break;
case "none":
default:
$subselect = " and " . $tables["list"] . ".id = 0";
break;
}
if (isset($_GET["unblacklist"])) {
$unblacklist = sprintf('%d', $_GET["unblacklist"]);
unBlackList($unblacklist);
Redirect("userhistory&id=" . $unblacklist);
}
$result = Sql_query("SELECT * FROM {$tables["user"]} where id = {$id}");
if (!Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('no such User'));
return;
}
$user = sql_fetch_array($result);
print '<h3>' . $GLOBALS['I18N']->get('user') . ' ' . PageLink2("user&id=" . $user["id"], $user["email"]) . '</h3>';
print '<div class="actions">';
//printf('<a href="%s" class="button">%s</a>',getConfig("preferencesurl").
//'&uid='.$user["uniqid"],$GLOBALS['I18N']->get('update page'));
//printf('<a href="%s" class="button">%s</a>',getConfig("unsubscribeurl").'&uid='.$user["uniqid"],$GLOBALS['I18N']->get('unsubscribe page'));
print PageLinkButton("user&id={$id}", $GLOBALS['I18N']->get('Details'));
if ($access != "view") {
printf("<a class=\"delete button\" href=\"javascript:deleteRec('%s');\">" . $GLOBALS['I18N']->get('delete') . "</a>", PageURL2("user", "", "delete={$id}"));
}
print '</div>';
$bouncels = new WebblerListing($GLOBALS['I18N']->get('Bounces'));
$bouncelist = "";
$numlists = Sql_Fetch_Row_query("select count(*) from {$GLOBALS['tables']['list']} {$subselect}");
if (!($numlists[0] < MAXLIST)) {
Error($GLOBALS['I18N']->get('You cannot create a new list because you have reached maximum number of lists.'));
return;
}
}
break;
case "all":
$subselect = "";
$subselect_and = "";
break;
case "none":
default:
$subselect_and = " and owner = -1";
if ($id) {
Fatal_Error($GLOBALS['I18N']->get('You do not have enough privileges to view this page'));
return;
}
$subselect = " where id = 0";
break;
}
}
if ($id) {
echo "<br />" . PageLinkButton("members", s('Members of this list'), "id={$id}");
}
if (!empty($_POST["addnewlist"]) && !empty($_POST["listname"])) {
if ($GLOBALS["require_login"] && !isSuperUser()) {
$owner = $_SESSION["logindetails"]["id"];
}
if (!isset($_POST["active"])) {
$_POST["active"] = listUsedInSubscribePage($id);
if (isset($GLOBALS["require_login"]) && $GLOBALS["require_login"]) {
if ($GLOBALS["admin_auth_module"] && is_file("auth/" . $GLOBALS["admin_auth_module"])) {
require_once "auth/" . $GLOBALS["admin_auth_module"];
} elseif ($GLOBALS["admin_auth_module"] && is_file($GLOBALS["admin_auth_module"])) {
require_once $GLOBALS["admin_auth_module"];
} else {
if ($GLOBALS["admin_auth_module"]) {
logEvent("Warning: unable to use " . $GLOBALS["admin_auth_module"] . " for admin authentication, reverting back to phplist authentication");
$GLOBALS["admin_auth_module"] = 'phplist_auth.inc';
}
require_once 'auth/phplist_auth.inc';
}
if (class_exists('admin_auth')) {
$GLOBALS["admin_auth"] = new admin_auth();
} else {
print Fatal_Error($GLOBALS['I18N']->get('Admin Authentication initialisation failure'));
return;
}
if ((!isset($_SESSION["adminloggedin"]) || !$_SESSION["adminloggedin"]) && isset($_REQUEST["login"]) && isset($_REQUEST["password"]) && !empty($_REQUEST["password"])) {
$loginresult = $GLOBALS["admin_auth"]->validateLogin($_REQUEST["login"], $_REQUEST["password"]);
if (!$loginresult[0]) {
$_SESSION["adminloggedin"] = "";
$_SESSION["logindetails"] = "";
$page = "login";
logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $_SERVER['REMOTE_ADDR'], $_REQUEST["login"]));
$msg = $loginresult[1];
} else {
$_SESSION["adminloggedin"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["logindetails"] = array("adminname" => $_REQUEST["login"], "id" => $loginresult[0], "superuser" => $admin_auth->isSuperUser($loginresult[0]), "passhash" => sha1($_REQUEST["password"]));
##16692 - make sure admin permissions apply at first login
$GLOBALS["admin_auth"]->validateAccount($_SESSION["logindetails"]["id"]);
} else {
$req = Sql_Fetch_Row_query("select * from {$tables["user"]} where email = \"".$_REQUEST["email"]."\"");
$userid = $req[0];
}
if (!$userid)
Fatal_Error("Error, no such user");
# update the existing record, check whether the email has changed
$req = Sql_Query("select * from {$tables["user"]} where id = $userid");
$data = Sql_fetch_array($req);
# check whether they are changing to an email that already exists, should not be possible
$req = Sql_Query("select uniqid from {$tables["user"]} where email = \"$email\"");
if (Sql_Affected_Rows()) {
$row = Sql_Fetch_Row($req);
if ($row[0] != $_GET["uid"]) {
Fatal_Error("Cannot change to that email address.
<br/>This email already exists.
<br/>Please use the preferences URL for this email to make updates.
<br/>Click <a href=\"".getConfig("preferencesurl")."&email=$email\">here</a> to request your personal location");
exit;
}
}
if (ASKFORPASSWORD && $_POST["password"]) {
if (ENCRYPTPASSWORD) {
$newpassword = sprintf('%s',md5($_POST["password"]));
} else {
$newpassword = sprintf('%s',$_POST["password"]);
}
# see whether is has changed
$curpwd = Sql_Fetch_Row_Query("select password from {$tables["user"]} where id = $userid");
if ($_POST["password"] != $curpwd[0]) {
$storepassword = '******'.$newpassword.'",';
$attributes[$entry] = $file;
}
}
closedir($dir);
if (is_array($selected)) {
while(list($key,$val) = each($selected)) {
$entry = readentry("data/$val");
list($name,$desc) = explode(":",$entry);
print "<br/><br/>Loading $desc<br>\n";
$lc_name = str_replace(" ","", strtolower(str_replace(".txt","",$val)));
$lc_name = ereg_replace("[^[:alnum:]]","",$lc_name);
if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name");
Sql_Query("select * from {$tables['attribute']} where tablename = \"$lc_name\"");
if (Sql_Affected_Rows()) Fatal_Error("Name is not unique enough");
$query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")',
$tables["attribute"],addslashes($name),"select",1,$lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
$query = "create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
$fp = fopen("data/$val","r");
$header = "";
while (!feof ($fp)) {
$buffer = fgets($fp, 4096);
if (!ereg("#",$buffer)) {
if (!$header)
$header = $buffer;
ob_end_flush();
if (isset($_POST["action"]) && $_POST["action"] == $GLOBALS['I18N']->get('SaveChanges')) {
if (isset($_POST["name"])) {
print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>';
}
flush();
while (list($id, $val) = each($_POST["name"])) {
if (!$id && isset($_POST["name"][0]) && $_POST["name"][0] != "") {
# it is a new one
$lc_name = substr(preg_replace("/\\W/", "", strtolower($_POST["name"][0])), 0, 10);
if ($lc_name == "") {
Fatal_Error($GLOBALS['I18N']->get('NameNotEmpty') . " {$lc_name}");
}
Sql_Query("select * from {$tables['adminattribute']} where tablename = \"{$lc_name}\"");
if (Sql_Num_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('NameNotUnique'));
}
$query = sprintf('insert into %s
(name,type,listorder,default_value,required,tablename)
values("%s","%s",%d,"%s",%d,"%s")', $tables["adminattribute"], addslashes($_POST["name"][0]), $_POST["type"][0], $_POST["listorder"][0], addslashes($_POST["default"][0]), $_POST["required"][0], $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
# text boxes and hidden fields do not have their own table
if ($_POST["type"][$id] != "textline" && $_POST["type"]["id"] != "hidden") {
$query = "create table {$table_prefix}" . "adminattr_{$lc_name}\r\n (id integer not null primary key auto_increment,\r\n name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
} else {
# and they cannot currently be required, changed 29/08/01,
# insert javascript to require them, except for hidden ones :-)
if ($_POST["type"]["id"] == "hidden") {
Sql_Query("update {$tables['attribute']} set required = 0 where id = {$insertid}");
if ($adminlevel == "superuser") {
$html .= menuLink("admins", "administrators");
$html .= menuLink("groups", "groups");
$html .= menuLink("users", "users");
$html .= menuLink("userattributes", "user attributes");
$req = Sql_Query('select * from attribute where type = "select" or type = "radio" or type = "checkboxgroup"');
while ($row = Sql_Fetch_Array($req)) {
$html .= menuLink("editattributes&id=" . $row["id"], "> " . $row["name"]);
}
$html .= menuLink("branches", "branch fields", "option=branchfields");
$html .= menuLink("templates", "templates");
}
return $html;
}
if (!$id) {
Fatal_Error($GLOBALS['I18N']->get('NoAttr') . " {$id}");
return;
}
if (!isset($tables["attribute"])) {
$tables["attribute"] = "attribute";
$tables["user_attribute"] = "user_attribute";
}
if (!isset($table_prefix)) {
$table_prefix = 'phplist_';
}
$res = Sql_Query("select * from {$tables['attribute']} where id = {$id}");
$data = Sql_Fetch_array($res);
$table = $table_prefix . "listattr_" . $data["tablename"];
switch ($data['type']) {
case 'checkboxgroup':
case 'select':
if ($require_login && !isSuperUser()) {
$lists = Sql_query("SELECT listid FROM {$tables["listuser"]},{$tables["list"]} where userid = " . $delete . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} ");
while ($lst = Sql_fetch_array($lists)) {
Sql_query("delete from {$tables["listuser"]} where userid = {$delete} and listid = {$lst['0']}");
}
} else {
deleteUser($delete);
}
print '..' . $GLOBALS['I18N']->get('Done') . "<br /><hr><br />\n";
}
$membership = "";
$subscribed = array();
if ($id) {
$result = Sql_query("SELECT * FROM {$tables["user"]} where id = {$id}");
if (!Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('No such User') . ' ' . $id);
return;
}
$user = sql_fetch_array($result);
$lists = Sql_query("SELECT listid,name FROM {$tables["listuser"]},{$tables["list"]} where userid = " . $user["id"] . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} ");
while ($lst = Sql_fetch_array($lists)) {
$membership .= "<li>" . PageLink2("editlist", $lst["name"], "id=" . $lst["listid"]);
array_push($subscribed, $lst["listid"]);
}
if (!$membership) {
$membership = $GLOBALS['I18N']->get('No Lists');
}
if ($access != "view") {
printf("<br /><hr/>%s<li><a href=\"javascript:deleteRec('%s');\">delete</a> %s\n", $delete_message, PageURL2("user", "", "delete={$id}&{$returnurl}"), $user["email"]);
}
printf(' <a href="%s">%s</a>', getConfig("preferencesurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('update page'));
$emailindex = $i;
} elseif (strtolower($attribute) == "password") {
$passwordindex = $i;
} elseif (strtolower($attribute) == "loginname") {
$loginnameindex = $i;
} else {
$req = Sql_Query("select id from " . $tables["adminattribute"] . " where name = \"{$attribute}\"");
if (!Sql_Affected_Rows()) {
# it's a new one # oops, bad coding cut-n-paste
$lc_name = substr(str_replace(" ", "", strtolower($attribute)), 0, 10);
if ($lc_name == "") {
Fatal_Error($GLOBALS['I18N']->get("Name cannot be empty") . ": " . $lc_name);
}
Sql_Query("select * from " . $tables["adminattribute"] . " where tablename = \"{$lc_name}\"");
if (Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get("Name is not unique enough") . ": " . $attribute);
}
if (!$test_import) {
Sql_Query(sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",0,"",0,"%s")', $tables["adminattribute"], addslashes($attribute), "textline", $lc_name));
$attid = Sql_Insert_id();
} else {
$attid = 0;
}
} else {
$d = Sql_Fetch_Row($req);
$attid = $d[0];
}
$import_attribute[$attribute] = array("index" => $i, "record" => $attid);
}
}
if (!isset($emailindex)) {
function dbg($variable, $description = 'Value', $nestingLevel = 0)
{
// smartDebug($variable, $description, $nestingLevel); //TODO Fix before release!
// return;
global $config;
# if (!$config["debug"])
# $er = error_reporting(0);
if (ini_get("safe_mode") && ini_get("safe_mode") != "Off") {
return;
}
if (!$config["debug"]) {
return;
}
if ($config["verbose"]) {
print "\n" . '<font class="debug">DBG: ' . $msg . '</font><br>' . "\n";
} elseif ($config["debug_log"]) {
$fp = @fopen($config["debug_log"], "a");
$line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n";
@fwrite($fp, $line);
@fclose($fp);
# $fp = fopen($config["sql_log"],"a");
# fwrite($fp,"$line");
# fclose($fp);
} else {
Fatal_Error("Debugging not configured properly");
}
# error_reporting($er);
}
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
$id = !empty($_GET['id']) ? sprintf('%d', $_GET['id']) : 0;
ob_end_flush();
if (!$id) {
Fatal_Error($GLOBALS['I18N']->get('No such attribute:') . " {$id}");
return;
}
if (!isset($tables["attribute"])) {
$tables["attribute"] = "attribute";
$tables["user_attribute"] = "user_attribute";
}
if (!isset($table_prefix)) {
$table_prefix = 'phplist_';
}
$res = Sql_Query("select * from {$tables['attribute']} where id = {$id}");
$data = Sql_Fetch_array($res);
$table = $table_prefix . "listattr_" . $data["tablename"];
switch ($data['type']) {
case 'checkboxgroup':
case 'select':
case 'radio':
break;
default:
print $GLOBALS['I18N']->get('This datatype does not have editable values');
return;
}
?>
<div class="panel"><div class="header"></div><!-- ENDOF .header -->
<div class="content">
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert ignore into %s (attributeid,userid) values(0,%d)',
$tables["user_attribute"],$row[0]));
}
} elseif ($_POST["name"][$id] != "") {
# it is a change
# get the original type
$req = Sql_Fetch_Row_Query("select type,tablename from {$tables['attribute']} where id = $id");
switch($req[0]) {
case "textline":case "hidden":
if ($type[$id] == "hidden" || $type[$id] == "textline") break;
# we are turning a hidden or textline field into a radio,checkbox,checkboxgroup or select
if ($type[$id] != "checkbox") {
$lc_name = substr(preg_replace("/\W/","", strtolower($req[1])),0,10);
if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name");
Sql_Query("create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)");
$attreq = Sql_Query("select distinct value from {$tables['user_attribute']} where attributeid = $id");
while ($row = Sql_Fetch_Row($attreq)) {
$attindexreq = Sql_Query("select id from $table_prefix"."listattr_$lc_name where name = \"$row[0]\"");
if (!Sql_Affected_Rows()) {
Sql_Query("insert into $table_prefix"."listattr_$lc_name (name) values(\"$row[0]\")");
$attid = Sql_Insert_Id();
} else {
$attindex = Sql_Fetch_Row($attindexreq);
$attid = $attindex[0];
}
Sql_Query("update {$tables['user_attribute']} set value = $attid where attributeid = $id and value = \"$row[0]\"");
}
} else {
# in case of checkbox we just need to set the value to "on"
}
}
closedir($dir);
if (is_array($selected)) {
while (list($key, $val) = each($selected)) {
$entry = readentry("data/{$val}");
list($name, $desc) = explode(":", $entry);
print "<br/><br/>" . $GLOBALS['I18N']->get('loading') . " {$desc}<br>\n";
$lc_name = str_replace(" ", "", strtolower(str_replace(".txt", "", $val)));
$lc_name = ereg_replace("[^[:alnum:]]", "", $lc_name);
if ($lc_name == "") {
Fatal_Error($GLOBALS['I18N']->get('name_empty') . " {$lc_name}");
}
Sql_Query("select * from {$tables['attribute']} where tablename = \"{$lc_name}\"");
if (Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('name_not_unique'));
}
$query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"], addslashes($name), "select", 1, $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
$query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
$fp = fopen("data/{$val}", "r");
$header = "";
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
if (!ereg("#", $buffer)) {
if (!$header) {
$header = $buffer;
} else {
if (trim($buffer) != "") {
Sql_query("delete from {$tables["bounce"]} where id = {$id}");
print $GLOBALS['I18N']->get('DoneAndLoading') . "<br /><hr><br />\n";
print PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList'));
$next = Sql_Fetch_Row_query(sprintf('select id from %s where id > %d', $tables["bounce"], $id));
$id = $next[0];
if (!$id) {
$next = Sql_Fetch_Row_query(sprintf('select id from %s order by id desc limit 0,5', $tables["bounce"], $id));
$id = $next[0];
}
}
}
$guessedemail = '';
if ($id) {
$result = Sql_query("SELECT * FROM {$tables["bounce"]} where id = {$id}");
if (!Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('NoSRecord'));
}
$bounce = sql_fetch_array($result);
#printf( "<br /><li><a href=\"javascript:deleteRec('%s');\">Delete</a>\n",PageURL2("bounce","","delete=$id"));
if (preg_match("#([\\d]+) bouncecount increased#", $bounce["comment"], $regs)) {
$guessedid = $regs[1];
$emailreq = Sql_Fetch_Row_Query(sprintf('select email from %s where id = %d', $tables["user"], $guessedid));
$guessedemail = $emailreq[0];
}
$newruleform = '<form method=post action="./?page=bouncerules">';
$newruleform .= '<table>';
$newruleform .= sprintf('<tr><td>%s</td><td><input type=text name="newrule" size=30></td></tr>', $GLOBALS['I18N']->get('Regular Expression'));
$newruleform .= sprintf('<tr><td>%s</td><td><select name="action">', $GLOBALS['I18N']->get('Action'));
foreach ($GLOBALS['bounceruleactions'] as $action => $desc) {
$newruleform .= sprintf('<option value="%s" %s>%s</option>', $action, '', $desc);
}
print '<p class="information">' . $GLOBALS['I18N']->get('Please identify the target of the following unknown columns') . '</p>';
print '<form name="importform" method="post">';
print $ls->display();
print '</form>';
/*
print '<pre>';
var_dump($_SESSION['import_attribute']);
print '</pre>';
*/
return;
}
}
### show summary
if (!empty($_SESSION["test_import"])) {
if (!isset($_SESSION["systemindex"]["email"])) {
Fatal_Error($GLOBALS['I18N']->get('Cannot find column with email, you need to map at least one column to "Email"'), 'http://resources.phplist.com/documentation/errors/importemailmapping');
return;
}
$ls = new WebblerListing($GLOBALS['I18N']->get('Summary'));
foreach ($_SESSION["systemindex"] as $column => $columnid) {
$ls->addElement($_SESSION['columnnames'][$columnid]);
$ls->addColumn($_SESSION['columnnames'][$columnid], $GLOBALS['I18N']->get('maps to'), 'system: ' . $column);
}
foreach ($_SESSION["import_attribute"] as $column => $rec) {
if (trim($column) != '') {
$ls->addElement($column);
if ($rec["record"] == "new") {
$ls->addColumn($column, $GLOBALS['I18N']->get('maps to'), $GLOBALS['I18N']->get('Create new Attribute'));
} elseif ($rec["record"] == "skip") {
$ls->addColumn($column, $GLOBALS['I18N']->get('maps to'), $GLOBALS['I18N']->get('Skip Column'));
} elseif (is_numeric($rec["record"])) {
function addUserForm($listid)
{
//nizar 'value'
$html = formStart() . '<input type=hidden name=listid value="' . $listid . '">
' . $GLOBALS['I18N']->get("Add a user") . ': <input type=text name=new value="" size=40><input type=submit
name=add value="' . $GLOBALS['I18N']->get('Add') . '">
</form>';
return $html;
}
if (isset($id)) {
print "<h3>" . $GLOBALS['I18N']->get("Members of") . " " . ListName($id) . "</h3>";
echo "<br />" . PageLink2("editlist", $GLOBALS['I18N']->get("back to this list"), "id={$id}");
echo "<br />" . PageLink2("export&list={$id}", $GLOBALS['I18N']->get("Download users on this list as a CSV file"));
print addUserForm($id);
} else {
Fatal_Error($GLOBALS['I18N']->get("Please enter a listid"));
}
if (isset($_REQUEST["processtags"]) && $access != "view") {
print $GLOBALS['I18N']->get("Processing") . " .... <br/>";
if ($_POST["tagaction"] && is_array($_POST["user"])) {
switch ($_POST["tagaction"]) {
case "move":
$cnt = 0;
foreach ($_POST["user"] as $key => $val) {
Sql_query("delete from {$tables["listuser"]} where listid = {$id} and userid =\n {$key}");
Sql_query("replace into {$tables["listuser"]} (listid,userid)\n values({$_POST["movedestination"]},{$key})");
if (Sql_Affected_rows() == 1) {
# 2 means they were already on the list
$cnt++;
}
}
}
closedir($dir);
if (!empty($_POST['selected']) && is_array($_POST['selected'])) {
$selected = $_POST['selected'];
while (list($key, $val) = each($selected)) {
$entry = readentry("data/{$val}");
list($name, $desc) = explode(":", $entry);
print "<br/><br/>" . $GLOBALS['I18N']->get('Loading') . " {$desc}<br/>\n";
$lc_name = str_replace(" ", "", strtolower(str_replace(".txt", "", $val)));
$lc_name = preg_replace("/[\\W]/", "", $lc_name);
if ($lc_name == "") {
Fatal_Error($GLOBALS['I18N']->get('Name cannot be empty:') . " {$lc_name}");
}
Sql_Query("select * from {$tables['attribute']} where tablename = \"{$lc_name}\"");
if (Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('Name is not unique enough'));
}
$query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"], addslashes($name), "select", 1, $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_Id($tables['attribute'], 'id');
$query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
$fp = fopen("data/{$val}", "r");
$header = "";
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
if (strpos($buffer, "#") === false) {
if (!$header) {
$header = $buffer;
} else {
if (trim($buffer) != "") {
if (isset($GLOBALS["require_login"]) && $GLOBALS["require_login"]) {
if ($GLOBALS["admin_auth_module"] && is_file("auth/" . $GLOBALS["admin_auth_module"])) {
require_once "auth/" . $GLOBALS["admin_auth_module"];
} elseif ($GLOBALS["admin_auth_module"] && is_file($GLOBALS["admin_auth_module"])) {
require_once $GLOBALS["admin_auth_module"];
} else {
if ($GLOBALS["admin_auth_module"]) {
logEvent("Warning: unable to use " . $GLOBALS["admin_auth_module"] . " for admin authentication, reverting back to phplist authentication");
$GLOBALS["admin_auth_module"] = 'phplist_auth.inc';
}
require_once 'auth/phplist_auth.inc';
}
if (class_exists('admin_auth')) {
$GLOBALS["admin_auth"] = new admin_auth();
} else {
print Fatal_Error($GLOBALS['I18N']->get('admininitfailure'));
return;
}
if ((!isset($_SESSION["adminloggedin"]) || !$_SESSION["adminloggedin"]) && isset($_REQUEST["login"]) && isset($_REQUEST["password"])) {
$loginresult = $GLOBALS["admin_auth"]->validateLogin($_REQUEST["login"], $_REQUEST["password"]);
if (!$loginresult[0]) {
$_SESSION["adminloggedin"] = "";
$_SESSION["logindetails"] = "";
$page = "login";
logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $_SERVER['REMOTE_ADDR'], $_REQUEST["login"]));
$msg = $loginresult[1];
} else {
$_SESSION["adminloggedin"] = $_SERVER["REMOTE_ADDR"];
$_SESSION["logindetails"] = array("adminname" => $_REQUEST["login"], "id" => $loginresult[0], "superuser" => $admin_auth->isSuperUser($loginresult[0]));
if ($_POST["page"] && $_POST["page"] != "") {
$page = $_POST["page"];
# Info("Sorry, I don't know how to ".$_GET["option"]);
# return;
}
$c = 1;
@ob_end_flush();
if ($todo && $req) {
while ($user = Sql_Fetch_Array($req)) {
if ($c % 10 == 0) {
print "<br/>{$c}/{$total}\n";
flush();
}
set_time_limit(60);
if (function_exists($todo)) {
$todo($user['id']);
} else {
Fatal_Error($GLOBALS['I18N']->get("Don't know how to") . ' ' . $todo);
return;
}
++$c;
}
}
if (!empty($total)) {
print "{$total}/{$total}<br/>";
}
}
if (isset($_GET['option']) && $_GET['option'] == 'invalidemail') {
#include dirname(__FILE__).'/actions/listinvalid.php';
print '<div id="listinvalid">LISTING</div>';
} elseif (isset($_GET['option']) && $_GET['option'] == 'fixinvalidemail') {
Info($GLOBALS['I18N']->get('Trying to fix subscribers with an invalid email'));
flush();
$import_record_delimiter = $_REQUEST['import_record_delimiter'];
} else {
$import_record_delimiter = "\n";
}
// Change delimiter for new line.
if (isset($import_record_delimiter) && $import_record_delimiter != "" && $import_record_delimiter != "\n") {
$email_list = str_replace($import_record_delimiter, "\n", $email_list);
}
if (!isset($import_field_delimiter) || $import_field_delimiter == "" || $import_field_delimiter == "TAB") {
$import_field_delimiter = "\t";
}
// Check file for illegal characters
$illegal_cha = array(",", ";", ":", "#", "\t");
for ($i = 0; $i < count($illegal_cha); $i++) {
if ($illegal_cha[$i] != $import_field_delimiter && $illegal_cha[$i] != $import_record_delimiter && strpos($email_list, $illegal_cha[$i]) != false) {
Fatal_Error($GLOBALS['I18N']->get('invalid_delimiter') . " {$import_field_delimiter}, {$import_record_delimiter}");
return;
}
}
// Split file/emails into array
$email_list = explode("\n", $email_list);
// Parse the lines into records
$hasinfo = 0;
foreach ($email_list as $line) {
$uservalues = explode($import_field_delimiter, $line);
$email = trim(array_shift($uservalues));
$info = join(" ", $uservalues);
$hasinfo = $hasinfo || $info != "";
$user_list[$email] = array("info" => $info);
}
if (sizeof($email_list) > 300 && !$test_import) {
$_SESSION["import_attribute"][$column] = array("index" => $i, "record" => 'skip', "column" => "{$column}");
array_push($used_systemattr, strtolower($column));
} else {
if (isset($_SESSION["import_attribute"][$column]["record"]) && $_SESSION["import_attribute"][$column]["record"]) {
# mapping has been defined
} elseif (isset($_POST["column{$i}"])) {
$_SESSION["import_attribute"][$column] = array("index" => $i, "record" => $_POST["column{$i}"], "column" => "{$column}");
} else {
$existing = Sql_Fetch_Row_Query("select id from " . $tables["attribute"] . " where name = \"{$column}\"");
$_SESSION["import_attribute"][$column] = array("index" => $i, "record" => $existing[0], "column" => $column);
array_push($used_attributes, $existing[0]);
}
}
}
if (!isset($_SESSION["systemindex"]["email"])) {
Fatal_Error($GLOBALS['I18N']->get('Cannot find column with email, please make sure the column is called "email" and not eg e-mail'));
return;
}
$unused_systemattr = array_diff(array_keys($system_attributes), $used_systemattr);
$unused_attributes = array_diff(array_keys($attributes), $used_attributes);
$options = '<option value="new">-- ' . $GLOBALS['I18N']->get('Create new one') . '</option>';
$options .= '<option value="skip">-- ' . $GLOBALS['I18N']->get('Skip Column') . '</option>';
foreach ($unused_systemattr as $sysindex) {
$options .= sprintf('<option value="%s">%s</option>', $sysindex, substr($system_attributes[$sysindex], 0, 25));
}
foreach ($unused_attributes as $attindex) {
$options .= sprintf('<option value="%s">%s</option>', $attindex, substr(stripslashes($attributes[$attindex]), 0, 25));
}
$ls = new WebblerListing($GLOBALS['I18N']->get('Import Attributes'));
$request_mapping = 0;
foreach ($_SESSION["import_attribute"] as $column => $rec) {
function Debug($msg)
{
global $config;
# if (!$config["debug"])
# $er = error_reporting(0);
if (ini_get("safe_mode")) {
return;
}
if (!$config["debug"]) {
return;
}
if ($config["verbose"]) {
print "\n" . '<font class="debug">DBG: ' . $msg . '</font><br>' . "\n";
} elseif ($config["debug_log"]) {
$fp = @fopen($config["debug_log"], "a");
$line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n";
@fwrite($fp, $line);
@fclose($fp);
# $fp = fopen($config["sql_log"],"a");
# fwrite($fp,"$line");
# fclose($fp);
} else {
Fatal_Error("Debugging not configured properly");
}
# error_reporting($er);
}
function getImapFolders($server, $user, $password)
{
#$port = "993/imap/ssl/novalidate-cert";
$port = "143/imap/notls";
$mbox = @imap_open("{" . $server . ":" . $port . "}", $user, $password, OP_HALFOPEN);
if (!$mbox) {
Fatal_Error($GLOBALS['I18N']->get("can't connect") . ": " . imap_last_error());
return 0;
}
$list = imap_getmailboxes($mbox, "{" . $server . "}", "*");
if (is_array($list)) {
return $list;
} else {
Fatal_Error($GLOBALS['I18N']->get("imap_getmailboxes failed") . ": " . imap_last_error() . "\n");
return 0;
}
imap_close($mbox);
}
} else {
$allow = !empty($_POST['password']) && $data['password'] == $checkpassword || empty($_POST['password']);
}
if (!$allow) {
# @@@ this check should be done above, so the error can be embedded in the template
print $GLOBALS['strPasswordsNoMatch'];
exit;
}
}
# check whether they are changing to an email that already exists, should not be possible
$req = Sql_Query("select uniqid from {$GLOBALS['tables']['user']} where email = \"{$email}\"");
if (Sql_Affected_Rows()) {
$row = Sql_Fetch_Row($req);
if ($row[0] != $_GET['uid']) {
Fatal_Error('Cannot change to that email address.
<br/>This email already exists.
<br/>Please use the preferences URL for this email to make updates.
<br/>Click <a href="' . getConfig('preferencesurl') . "&email={$email}\">here</a> to request your personal location");
exit;
}
}
# read the current values to compare changes
$old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['user'], $userid));
$old_data = array_merge($old_data, getUserAttributeValues('', $userid));
$history_entry = '';
#'http://'.getConfig("website").$GLOBALS["adminpages"].'/?page=user&id='.$userid."\n\n";
if (ASKFORPASSWORD && $_POST['password']) {
if (ENCRYPTPASSWORD) {
$newpassword = encryptPass($_POST['password']);
} else {
$newpassword = sprintf('%s', $_POST['password']);
}
$html .= menuLink("groups","groups");
$html .= menuLink("users","users");
$html .= menuLink("userattributes","user attributes");
$req = Sql_Query('select * from attribute where type = "select" or type = "radio" or type = "checkboxgroup"');
while ($row = Sql_Fetch_Array($req)) {
$html .= menuLink("editattributes&id=".$row["id"],"> ".$row["name"]);
}
$html .= menuLink("branches","branch fields","option=branchfields");
$html .= menuLink("templates","templates");
}
return $html;
}
if (!$id)
Fatal_Error("No such attribute: $id");
if (!isset($tables["attribute"])) {
$tables["attribute"] = "attribute";
$tables["user_attribute"] = "user_attribute";
}
if (!isset($table_prefix )) {
$table_prefix = 'phplist_';
}
$res = Sql_Query("select * from $tables[attribute] where id = $id");
$data = Sql_Fetch_array($res);
$table = $table_prefix ."listattr_".$data["tablename"];
?>
<script language="Javascript" src="js/jslib.js" type="text/javascript"></script>
include_once "structure.php";
print $GLOBALS['I18N']->get('Making connection with remote database') . "<br/>";
flush();
$remote = connectRemote();
if (!$remote) {
Fatal_Error($GLOBALS['I18N']->get('cannot connect to remote database'));
return;
}
$remote_tables = array("user" => $_POST["remote_userprefix"] . "user", "list" => $_POST["remote_prefix"] . "list", "listuser" => $_POST["remote_prefix"] . "listuser", "attribute" => $_POST["remote_userprefix"] . "attribute", "user_attribute" => $_POST["remote_userprefix"] . "user_attribute", "config" => $_POST["remote_prefix"] . "config");
print $GLOBALS['I18N']->get('Getting data from ') . htmlentities($_POST["remote_database"]) . "@" . htmlentities($_POST["remote_host"]) . "<br/>";
$version = Sql_Fetch_Row_Query("select value from {$remote_tables["config"]} where item = \"version\"");
print $GLOBALS['I18N']->get('Remote version is') . " {$version['0']}<br/>\n";
$usercnt = Sql_Fetch_Row_Query("select count(*) from {$remote_tables["user"]}");
print $GLOBALS['I18N']->get('Remote version has') . " {$usercnt['0']} " . $GLOBALS['I18N']->get('users') . "<br/>";
if (!$usercnt[0]) {
Fatal_Error($GLOBALS['I18N']->get('No users to copy, is the prefix correct?'));
return;
}
$totalusers = $usercnt[0];
$listcnt = Sql_Fetch_Row_Query("select count(*) from {$remote_tables["list"]}");
print $GLOBALS['I18N']->get('Remote version has') . " {$listcnt['0']} " . $GLOBALS['I18N']->get('lists') . "<br/>";
flush();
print '<h3>' . $GLOBALS['I18N']->get('Copying lists') . '</h3>';
# first copy the lists across
$listmap = array();
$remote_lists = array();
$lists_req = Sql_Query("select * from {$remote_tables["list"]}");
while ($row = Sql_Fetch_Array($lists_req)) {
array_push($remote_lists, $row);
}
connectLocal();
if (isset($_POST['throttle_import'])) {
$throttle_import = sprintf('%d', $_POST['throttle_import']);
} else {
$throttle_import = 0;
}
if ($_FILES['import_file'] && filesize($_FILES['import_file']['tmp_name']) > 10) {
$newfile = $GLOBALS['tmpdir'] . '/import' . $GLOBALS['installation_name'] . time();
move_uploaded_file($_FILES['import_file']['tmp_name'], $newfile);
if (!($fp = fopen($newfile, 'r'))) {
Fatal_Error($GLOBALS['I18N']->get('Cannot read file. It is not readable !') . ' (' . $newfile . ')');
return;
}
$email_list = fread($fp, filesize($newfile));
fclose($fp);
} elseif ($_FILES['import_file']) {
Fatal_Error($GLOBALS['I18N']->get('Something went wrong while uploading the file. Empty file received. Maybe the file is too big, or you have no permissions to read it.'));
return;
}
// Clean up email file
$email_list = trim($email_list);
$email_list = str_replace("\r", "\n", $email_list);
$email_list = str_replace("\n\r", "\n", $email_list);
$email_list = str_replace("\n\n", "\n", $email_list);
if (isset($_REQUEST['import_record_delimiter'])) {
$import_record_delimiter = $_REQUEST['import_record_delimiter'];
} else {
$import_record_delimiter = "\n";
}
// Change delimiter for new line.
if (isset($import_record_delimiter) && $import_record_delimiter != '' && $import_record_delimiter != "\n") {
$email_list = str_replace($import_record_delimiter, "\n", $email_list);
if (strtolower($attribute) == 'email') {
$emailindex = $i;
} elseif (strtolower($attribute) == 'password') {
$passwordindex = $i;
} elseif (strtolower($attribute) == 'loginname') {
$loginnameindex = $i;
} else {
$req = Sql_Query('select id from ' . $tables['adminattribute'] . " where name = \"{$attribute}\"");
if (!Sql_Affected_Rows()) {
$lc_name = substr(str_replace(' ', '', strtolower($attribute)), 0, 10);
if ($lc_name == '') {
Fatal_Error($GLOBALS['I18N']->get('Name cannot be empty') . ': ' . $lc_name);
}
Sql_Query('select * from ' . $tables['adminattribute'] . " where tablename = \"{$lc_name}\"");
if (Sql_Affected_Rows()) {
Fatal_Error($GLOBALS['I18N']->get('Name is not unique enough') . ': ' . $attribute);
}
if (!$test_import) {
Sql_Query(sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",0,"",0,"%s")', $tables['adminattribute'], addslashes($attribute), 'textline', $lc_name));
$attid = Sql_Insert_id();
} else {
$attid = 0;
}
} else {
$d = Sql_Fetch_Row($req);
$attid = $d[0];
}
$import_attribute[$attribute] = array('index' => $i, 'record' => $attid);
}
}
if (!isset($emailindex)) {
