function mergeUser($userid) { $duplicate = Sql_Fetch_Array_Query("select * from {$GLOBALS["tables"]["user"]} where id = {$userid}"); printf('<br/>%s', $duplicate["email"]); if (preg_match("/^duplicate[^ ]* (.*)/", $duplicate["email"], $regs)) { print "-> " . $regs[1]; $email = $regs[1]; } elseif (preg_match("/^([^ ]+@[^ ]+) \\(\\d+\\)/", $duplicate["email"], $regs)) { print "-> " . $regs[1]; $email = $regs[1]; } else { $email = ""; } if ($email) { $orig = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS["tables"]["user"], $email)); if ($orig[0]) { print " " . $GLOBALS['I18N']->get("user found"); $umreq = Sql_Query("select * from {$GLOBALS["tables"]["usermessage"]} where userid = " . $duplicate["id"]); while ($um = Sql_Fetch_Array($umreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS["tables"]["usermessage"], $orig[0], $um["entered"], $duplicate["id"], $um["entered"])); } $bncreq = Sql_Query("select * from {$GLOBALS["tables"]["user_message_bounce"]} where user = "******"id"]); while ($bnc = Sql_Fetch_Array($bncreq)) { Sql_Query(sprintf('update %s set user = %d, time = "%s" where user = %d and time = "%s"', $GLOBALS["tables"]["user_message_bounce"], $orig[0], $bnc["time"], $duplicate["id"], $bnc["time"])); } Sql_Query("delete from {$GLOBALS["tables"]["listuser"]} where userid = " . $duplicate["id"]); } else { print " " . $GLOBALS['I18N']->get("no user found"); } flush(); } else { print "-> " . $GLOBALS['I18N']->get("unable to find original email"); } }
function groupName($id) { if (!$id) { return; } $data = Sql_Fetch_Array_Query("select * from groups where id = {$id}"); return $data["name"]; }
function mergeUser($userid) { $duplicate = Sql_Fetch_Array_Query("select * from {$GLOBALS['tables']['user']} where id = {$userid}"); printf('<br/>%s', $duplicate['email']); if (preg_match('/^duplicate[^ ]* (.*)/', $duplicate['email'], $regs)) { print '-> ' . $regs[1]; $email = $regs[1]; } elseif (preg_match("/^([^ ]+@[^ ]+) \\(\\d+\\)/", $duplicate['email'], $regs)) { print '-> ' . $regs[1]; $email = $regs[1]; } else { $email = ''; } if ($email) { $orig = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS['tables']['user'], $email)); if ($orig[0]) { print ' ' . $GLOBALS['I18N']->get('user found'); $umreq = Sql_Query("select * from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']); while ($um = Sql_Fetch_Array($umreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS['tables']['usermessage'], $orig[0], $um['entered'], $duplicate['id'], $um['entered']), 1); } $bncreq = Sql_Query("select * from {$GLOBALS['tables']['user_message_bounce']} where user = "******"%s" where user = %d and time = "%s"', $GLOBALS['tables']['user_message_bounce'], $orig[0], $bnc['time'], $duplicate['id'], $bnc['time']), 1); } Sql_Query("delete from {$GLOBALS['tables']['listuser']} where userid = " . $duplicate['id']); Sql_Query("delete from {$GLOBALS['tables']['user_message_bounce']} where user = "******"delete from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']); if (MERGE_DUPLICATES_DELETE_DUPLICATE) { deleteUser($duplicate['id']); } } else { print ' ' . $GLOBALS['I18N']->get('no user found'); # so it must be save to rename the original to the actual email Sql_Query(sprintf('update %s set email = "%s" where id = %d', $GLOBALS['tables']['user'], $email, $userid)); } flush(); } else { print '-> ' . $GLOBALS['I18N']->get('unable to find original email'); } }
function resendConfirm($id) { global $tables, $envelope, $prepend; $userdata = Sql_Fetch_Array_Query("select * from {$tables["user"]} where id = {$id}"); $lists_req = Sql_Query(sprintf('select %s.name from %s,%s where %s.listid = %s.id and %s.userid = %d', $tables["list"], $tables["list"], $tables["listuser"], $tables["listuser"], $tables["list"], $tables["listuser"], $id)); while ($row = Sql_Fetch_Row($lists_req)) { $lists .= ' * ' . $row[0] . "\n"; } if ($userdata["subscribepage"]) { $subscribemessage = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("subscribemessage:" . $userdata["subscribepage"], $id)); $subject = getConfig("subscribesubject:" . $userdata["subscribepage"]); } else { $subscribemessage = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("subscribemessage", $id)); $subject = getConfig("subscribesubject"); } logEvent("Resending confirmation request to " . $userdata["email"]); if (!TEST) { return sendMail($userdata["email"], $subject, $prepend . $subscribemessage, system_messageheaders($userdata["email"]), $envelope); } }
function repeatMessage($msgid) { # if (!USE_REPETITION && !USE_rss) return; $data = loadMessageData($msgid); ## do not repeat when it has already been done if ($data['repeatinterval'] == 0 || !empty($data['repeatedid'])) { return; } # calculate the future embargo, a multiple of repeatinterval minutes after the current embargo $msgdata = Sql_Fetch_Array_Query(sprintf('SELECT *, embargo + INTERVAL (FLOOR(TIMESTAMPDIFF(MINUTE, embargo, GREATEST(embargo, NOW())) / repeatinterval) + 1) * repeatinterval MINUTE AS newembargo FROM %s WHERE id = %d AND now() < repeatuntil', $GLOBALS['tables']['message'], $msgid)); if (!$msgdata) { logEvent("Message {$msgid} not repeated due to reaching the repeatuntil date"); return; } # check whether the new embargo is not on an exclusion if (isset($GLOBALS['repeat_exclude']) && is_array($GLOBALS['repeat_exclude'])) { $loopcnt = 0; while (excludedDateForRepetition($msgdata['newembargo'])) { if (++$loopcnt > 15) { logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}"); return; } $result = Sql_Fetch_Array_Query(sprintf("SELECT '%s' + INTERVAL repeatinterval MINUTE AS newembargo\n FROM %s\n WHERE id = %d", $msgdata['newembargo'], $GLOBALS['tables']['message'], $msgid)); $msgdata['newembargo'] = $result['newembargo']; } } # copy the new message Sql_Query(sprintf(' insert into %s (entered) values(now())', $GLOBALS['tables']['message'])); $newid = Sql_Insert_id(); require dirname(__FILE__) . '/structure.php'; if (!is_array($DBstruct['message'])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct['message'] as $column => $rec) { if ($column != 'id' && $column != 'entered' && $column != 'sendstart') { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS['tables']['message'], $column, addslashes($msgdata[$column]), $newid)); } } $req = Sql_Query(sprintf("SELECT *\n FROM %s\n WHERE id = %d AND name NOT IN ('id')", $GLOBALS['tables']['messagedata'], $msgid)); while ($row = Sql_Fetch_Array($req)) { setMessageData($newid, $row['name'], $row['data']); } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS['tables']['message'], $msgdata['newembargo'], $newid)); list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata['newembargo'], '%04d-%02d-%02d %02d:%02d:%02d'); unset($e['second']); setMessageData($newid, 'embargo', $e); foreach (array('processed', 'astext', 'ashtml', 'astextandhtml', 'aspdf', 'astextandpdf', 'viewed', 'bouncecount') as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS['tables']['message'], $item, $newid)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS['tables']['listmessage'], $newid, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'], $GLOBALS['tables']['message_attachment'], $msgid, $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row['remotefile'])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row['filename'] = ''; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS['tables']['attachment'], addslashes($row['filename']), addslashes($row['remotefile']), addslashes($row['mimetype']), addslashes($row['description']), $row['size'])); $attid = Sql_Insert_id(); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS['tables']['message_attachment'], $newid, $attid)); } logEvent("Message {$msgid} was successfully rescheduled as message {$newid}"); ## remember we duplicated, in order to avoid doing it again (eg when requeuing) setMessageData($msgid, 'repeatedid', $newid); if (getConfig('pqchoice') == 'phplistdotcom') { activateRemoteQueue(); } }
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>'; if (count($bounces)) { print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>'; } print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>'; print '</ul>'; print '<div id="messages">'; print $ls->display(); print '</div>'; print '<div id="bounces">'; print $bouncels->display(); print '</div>'; print '<div id="subscription">'; if (isBlackListed($user['email'])) { print '<h3>' . $GLOBALS['I18N']->get('subscriber is blacklisted since') . ' '; $blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist'], $user['email'])); print $blacklist_info['added'] . '</h3><br/>'; print ''; $isSpamReport = false; $ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info')); $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist_data'], $user['email'])); while ($row = Sql_Fetch_Array($req)) { $ls->addElement($row['name']); $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints'; $ls->addColumn($row['name'], $GLOBALS['I18N']->get('value'), stripslashes($row['data'])); } $ls->addElement('<!-- remove -->'); if (!$isSpamReport) { $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . '?\\n' . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user['id']}&id={$user['id']}", 'button', s('remove subscriber from blacklist')), s('remove subscriber from blacklist')); $ls->addRow('<!-- remove -->', s('remove'), $button->show()); } else {
} else { Sql_query(sprintf('update %s set clicked = clicked + 1, latestclick = now() where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid)); } if ($msgtype == 'H') { Sql_query(sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid)); $trackingcode = 'utm_source=phplist' . $messageid . '&utm_medium=email&utm_content=HTML&utm_campaign=' . urlencode($messagedata['subject']); } elseif ($msgtype == 'T') { Sql_query(sprintf('update %s set textclicked = textclicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid)); $trackingcode = 'utm_source=phplist' . $messageid . '&utm_medium=email&utm_content=text&utm_campaign=' . urlencode($messagedata['subject']); } $viewed = Sql_Fetch_Row_query(sprintf('select viewed from %s where messageid = %d and userid = %d', $GLOBALS['tables']['usermessage'], $messageid, $userid)); if (!$viewed[0]) { Sql_Query(sprintf('update %s set viewed = now() where messageid = %d and userid = %d', $GLOBALS['tables']['usermessage'], $messageid, $userid)); Sql_Query(sprintf('update %s set viewed = viewed + 1 where id = %d', $GLOBALS['tables']['message'], $messageid)); } $uml = Sql_Fetch_Array_Query(sprintf('select * from %s where messageid = %d and forwardid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $messageid, $fwdid, $userid)); if (empty($uml['firstclick'])) { Sql_query(sprintf('insert into %s set firstclick = now(), forwardid = %d, messageid = %d, userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid)); } Sql_query(sprintf('update %s set clicked = clicked + 1, latestclick = now() where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid)); if ($msgtype == 'H') { Sql_query(sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid)); } elseif ($msgtype == 'T') { Sql_query(sprintf('update %s set textclicked = textclicked + 1 where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid)); } $url = $linkdata['url']; if ($linkdata['personalise']) { $uid = Sql_Fetch_Row_Query(sprintf('select uniqid from %s where id = %d', $GLOBALS['tables']['user'], $userid)); if ($uid[0]) { if (strpos($url, '?')) { $url .= '&uid=' . $uid[0];
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>'; if (count($bounces)) { print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>'; } print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>'; print '</ul>'; print '<div id="messages">'; print $ls->display(); print '</div>'; print '<div id="bounces">'; print $bouncels->display(); print '</div>'; print '<div id="subscription">'; if (isBlackListed($user["email"])) { print "<h3>" . $GLOBALS['I18N']->get('subscriber is blacklisted since') . " "; $blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist"], $user["email"])); print $blacklist_info["added"] . "</h3><br/>"; print ''; $isSpamReport = false; $ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info')); $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist_data"], $user["email"])); while ($row = Sql_Fetch_Array($req)) { $ls->addElement($row["name"]); $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints'; $ls->addColumn($row["name"], $GLOBALS['I18N']->get('value'), stripslashes($row["data"])); } $ls->addElement('<!-- remove -->'); if (!$isSpamReport) { $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . "?\\n" . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user["id"]}&id={$user["id"]}", "button", s('remove subscriber from blacklist')), s('remove subscriber from blacklist')); $ls->addRow('<!-- remove -->', s('remove'), $button->show()); } else {
return; break; } $download = !empty($_GET['dl']); $downloadContent = ''; if ($download) { ob_end_clean(); # header("Content-type: text/plain"); header('Content-type: text/csv'); header('Content-disposition: attachment; filename="phpList click statistics.csv"'); ob_start(); } #$limit = ' limit 100'; $ls = new WebblerListing($GLOBALS['I18N']->get('Click statistics')); if ($fwdid) { $urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where id = %d', $GLOBALS['tables']['linktrack_forward'], $fwdid)); } if ($msgid) { # $messagedata = Sql_Fetch_Array_query("SELECT * FROM {$tables['message']} where id = $msgid $subselect"); $messagedata = loadMessageData($msgid); } if ($userid) { $userdata = Sql_Fetch_Array_query("SELECT * FROM {$tables['user']} where id = {$userid} {$subselect}"); } if ($fwdid && $msgid) { print '<h3>' . $GLOBALS['I18N']->get('Subscriber clicks for a URL in a campaign'); print ' ' . strtolower(PageLink2('uclicks&id=' . $fwdid, $urldata['url'])); print '</h3>'; $downloadContent = s('Subscribers who clicked on URL "%s" in the campaign with subject "%s", sent %s', $urldata['url'], $messagedata['subject'], $messagedata['sent']) . PHP_EOL; print '<table class="userclicksDetails">'; if ($messagedata['subject'] != $messagedata['campaigntitle']) {
$cline = parseCline(); reset($cline); if (!$cline || !is_array($cline) || !$cline["s"] || !$cline["l"]) { clineUsage("-s subject -l list [-f from] < message"); exit; } $listnames = explode(" ", $cline["l"]); $listids = array(); foreach ($listnames as $listname) { if (!is_numeric($listname)) { $listid = Sql_Fetch_Array_Query(sprintf('select * from %s where name = "%s"', $tables["list"], $listname)); if ($listid["id"]) { $listids[$listid["id"]] = $listname; } } else { $listid = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["list"], $listname)); if ($listid["id"]) { $listids[$listid["id"]] = $listid["name"]; } } } $_POST["targetlist"] = array(); foreach ($listids as $key => $val) { $_POST["targetlist"][$key] = "signup"; $lists .= '"' . $val . '"' . " "; } if ($cline["f"]) { $_POST["from"] = $cline["f"]; } else { $_POST["from"] = getConfig("message_from_name") . ' ' . getConfig("message_from_address"); }
print '</p>'; if ($_GET['type'] == 'dl') { ob_end_clean(); Header("Content-type: text/plain"); $filename = 'Bounces on ' . listName($listid); header("Content-disposition: attachment; filename=\"{$filename}\""); } $currentlist = 0; $ls = new WebblerListing(''); while ($row = Sql_Fetch_Array($req)) { if ($currentlist != $row['listid']) { if ($_GET['type'] != 'dl') { print $ls->display(); } $currentlist = $row['listid']; flush(); $ls = new WebblerListing(listName($row['listid'])); } $userdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['user'], $row['userid'])); if ($_GET['type'] == 'dl') { print $userdata['email'] . "\n"; } $ls->addElement($row['userid'], PageUrl2('user&id=' . $row['userid'])); $ls->addColumn($row['userid'], $GLOBALS['I18N']->get('email'), $userdata['email']); $ls->addColumn($row['userid'], $GLOBALS['I18N']->get('# bounces'), $row['numbounces']); } if ($_GET['type'] != 'dl') { print $ls->display(); } else { exit; }
} $find = $_SESSION["userlistfilter"]["find"]; $findby = $_SESSION["userlistfilter"]["findby"]; if (!$findby) { $findby = "email"; } # hmm interesting, if they select a findby but not a find, use the Sql wildcard: if ($findby && !$find) { # this is very slow, so instead erase the findby # $find = '%'; $findby = ''; } $system_findby = array("email", "foreignkey"); if ($findby && $find && !in_array($findby, $system_findby)) { $find_url = '&find=' . urlencode($find) . "&findby=" . urlencode($findby); $findatt = Sql_Fetch_Array_Query("select id,tablename,type,name from {$tables["attribute"]} where id = {$findby}"); switch ($findatt["type"]) { case "textline": case "hidden": $findtables = ',' . $tables["user_attribute"]; $findbyselect = sprintf(' %s.userid = %s.id and %s.attributeid = %d and %s.value like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $find); $findfield = $tables["user_attribute"] . ".value as display, " . $tables["user"] . ".bouncecount"; $findfieldname = $findatt["name"]; break; case "select": case "radio": $findtables = ',' . $tables["user_attribute"] . ',' . $table_prefix . 'listattr_' . $findatt["tablename"]; $findbyselect = sprintf(' %s.userid = %s.id and %s.attributeid = %d and %s.value = %s.id and %s.name like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $table_prefix . 'listattr_' . $findatt["tablename"], $table_prefix . 'listattr_' . $findatt["tablename"], $find);
while ($row = Sql_Fetch_Array($req)) { $alive = checkLock($process_id); if ($alive) { keepLock($process_id); } else { bounceProcessError($GLOBALS['I18N']->get("Process Killed by other process")); } # cl_output(memory_get_usage()); # outputProcessBounce('User '.$row['user']); $rule = matchBounceRules($row['header'] . "\n\n" . $row['data'], $bouncerules); # outputProcessBounce('Action '.$rule['action']); # outputProcessBounce('Rule'.$rule['id']); $userdata = array(); if ($rule && is_array($rule)) { if ($row['user']) { $userdata = Sql_Fetch_Array_Query("select * from {$tables["user"]} where id = " . $row['user']); } $report_linkroot = $GLOBALS['admin_scheme'] . '://' . $GLOBALS['website'] . $GLOBALS['adminpages']; Sql_Query(sprintf('update %s set count = count + 1 where id = %d', $GLOBALS['tables']['bounceregex'], $rule['id'])); Sql_Query(sprintf('insert ignore into %s (regex,bounce) values(%d,%d)', $GLOBALS['tables']['bounceregex_bounce'], $rule['id'], $row['bounce'])); switch ($rule['action']) { case 'deleteuser': logEvent('User ' . $userdata['email'] . ' deleted by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); $advanced_report .= 'User ' . $userdata['email'] . ' deleted by bounce rule ' . $rule['id'] . "\n"; $advanced_report .= 'User: '******'/?page=user&id=' . $userdata['id'] . "\n"; $advanced_report .= 'Rule: ' . $report_linkroot . '/?page=bouncerule&id=' . $rule['id'] . "\n"; deleteUser($row['user']); break; case 'unconfirmuser': logEvent('User ' . $userdata['email'] . ' unconfirmed by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id'])); Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $GLOBALS['tables']['user'], $row['user']));
$hash = ''; $id = 0; } if (isset($_POST['save']) && $_POST['save']) { Sql_Query(sprintf('update %s set regex = "%s",action="%s", comment="%s",status = "%s" where id= %d', $GLOBALS['tables']['bounceregex'], trim($_POST['regex']), sql_escape($_POST['action']), sql_escape($_POST['comment']), sql_escape($_POST['status']), $_GET['id']), 1); $num = Sql_Affected_Rows(); if ($num < 0) { print $GLOBALS['I18N']->get('Updating the regular expression of this rule caused an Sql conflict<br/>This is probably because there is already a rule like that. Do you want to delete this rule instead?'); print '<p>' . PageLink2('bouncerules&del=' . $id, $GLOBALS['I18N']->get('Yes')) . ' '; print PageLink2('bouncerules', $GLOBALS['I18N']->get('No')) . '</p>'; return; } Redirect('bouncerules' . $hash); } print '<p>' . PageLink2('bouncerules' . $hash, $GLOBALS['I18N']->get('back to list of bounce rules')) . '</p>'; $data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['bounceregex'], $id)); print '<form method=post>'; print '<table>'; printf('<tr><td>%s</td><td><input type=text name="regex" size=30 value="%s"></td></tr>', $GLOBALS['I18N']->get('Regular Expression'), htmlspecialchars($data['regex'])); printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get('Created By'), adminName($data['admin'])); printf('<tr><td>%s</td><td><select name="action">', $GLOBALS['I18N']->get('Action')); foreach ($GLOBALS['bounceruleactions'] as $action => $desc) { printf('<option value="%s" %s>%s</option>', $action, $data['action'] == $action ? 'selected' : '', $desc); } print '</select></td></tr>'; printf('<tr><td>%s</td><td><select name="status">', $GLOBALS['I18N']->get('Status')); printf('<option value="none">[%s]</option>', $GLOBALS['I18N']->get('Select Status')); foreach (array('active', 'candidate') as $type) { printf('<option value="%s" %s>%s</option>', $type, $data['status'] == $type ? 'selected' : '', $GLOBALS['I18N']->get($type)); } print '</select></td></tr>';
function loadUser($loginname = '') { if (!Sql_Table_exists('user')) { return; } initialiseUserSession(); if (!$loginname) { if ($_SESSION['userloggedin'] != '' && $_SESSION['username'] != '') { $loginname = $_SESSION['username']; } else { return ''; } } $att_req = Sql_Query(sprintf('select attribute.id, %s.name,%s.type, %s.value,%s.tablename from %s,%s,%s where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid', 'attribute', 'attribute', 'user_attribute', 'attribute', 'user', 'user_attribute', 'attribute', 'user_attribute', 'user', 'user', addslashes($loginname), 'attribute', 'user_attribute')); while ($att = Sql_fetch_array($att_req)) { # if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) { $_SESSION['userdata']['attribute' . $att['id']] = array('name' => $att['name'], 'value' => $att['value'], 'type' => $att['type'], 'attid' => $att['id'], 'displayvalue' => $att['value']); switch ($att['type']) { case 'textline': case 'hidden': $_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = $att['value']; break; case 'creditcardno': $_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = obscureCreditCard($att['value']); break; case 'select': $_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = AttributeValue($att['tablename'], $att['value']); break; case 'date': $_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = formatDate($att['value']); break; } # } } $d_req = Sql_Fetch_Array_Query("select * from user where email = \"{$loginname}\""); $_SESSION['userid'] = $d_req['id']; foreach (array('email', 'disabled', 'confirmed', 'htmlemail', 'uniqid', 'password', 'foreignkey') as $field) { # if (!defined($_SESSION["userdata"][$field])) { $_SESSION['userdata'][$field] = array('name' => $field, 'value' => $d_req[$field], 'type' => 'static', 'displayvalue' => $d_req[$field]); # } } $_SESSION['usergroups'] = userGroups($loginname); if (is_array($GLOBALS['config']['usergreeting'])) { $_SESSION['usergreeting'] = ''; foreach ($GLOBALS['config']['usergreeting'] as $att) { $_SESSION['usergreeting'] .= $_SESSION['userdata'][$att]['displayvalue'] . ' '; } $_SESSION['usergreeting'] = rtrim($_SESSION['usergreeting']); } dbg('done loading user'); return 1; }
$ls = new WebblerListing($GLOBALS['I18N']->get('URL Click Statistics')); $urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where linkid = %d', $GLOBALS['tables']['linktrack'], $id)); print '<h1>' . $GLOBALS['I18N']->get('Click Details for a URL') . ' <b>' . $urldata['url'] . '</b></h1>'; $req = Sql_Query(sprintf('select messageid,min(firstclick) as firstclick,date_format(max(latestclick), "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s where url = "%s" and clicked group by messageid ', $GLOBALS['tables']['linktrack'], $urldata['url'])); $summary = array(); while ($row = Sql_Fetch_Array($req)) { $msgsubj = Sql_Fetch_Row_query(sprintf('select subject from %s where id = %d', $GLOBALS['tables']['message'], $row['messageid'])); $element = $GLOBALS['I18N']->get('msg') . ' ' . $row['messageid'] . ': ' . substr($msgsubj[0], 0, 25); # $element = sprintf('<a href="%s" target="_blank" class="url" title="%s">%s</a>',$row['url'],$row['url'],substr(str_replace('http://','',$row['url']),0,50)); # $total = Sql_Verbose_Query(sprintf('select count(*) as total from %s where messageid = %d and url = "%s"', # $GLOBALS['tables']['linktrack'],$id,$row['url'])); $totalsent = Sql_Fetch_Array_Query(sprintf('select count(*) as total from %s where url = "%s"', $GLOBALS['tables']['linktrack'], $urldata['url'])); if (CLICKTRACK_SHOWDETAIL) { $uniqueclicks = Sql_Fetch_Array_Query(sprintf('select count(distinct userid) as users from %s where messageid = %d and url = "%s" and clicked', $GLOBALS['tables']['linktrack'], $row['messageid'], $urldata['url'])); } $ls->addElement($element, PageUrl2('mclicks&id=' . $row['messageid'])); $ls->addColumn($element, $GLOBALS['I18N']->get('firstclick'), formatDateTime($row['firstclick'], 1)); $ls->addColumn($element, $GLOBALS['I18N']->get('latestclick'), $row['latestclick']); $ls->addColumn($element, $GLOBALS['I18N']->get('clicks'), $row['numclicks']); # $ls->addColumn($element,$GLOBALS['I18N']->get('sent'),$total['total']); $perc = sprintf('%0.2f', $row['numclicks'] / $totalsent['total'] * 100); $ls->addColumn($element, $GLOBALS['I18N']->get('clickrate'), $perc . '%'); if (CLICKTRACK_SHOWDETAIL) { $ls->addColumn($element, $GLOBALS['I18N']->get('unique clicks'), $uniqueclicks['users']); $perc = sprintf('%0.2f', $uniqueclicks['users'] / $totalsent['total'] * 100); $ls->addColumn($element, $GLOBALS['I18N']->get('unique clickrate'), $perc . '%'); $summary['uniqueclicks'] += $uniqueclicks['users']; } $ls->addColumn($element, $GLOBALS['I18N']->get('who'), PageLink2('userclicks&msgid=' . $row['messageid'] . '&linkid=' . $id, $GLOBALS['I18N']->get('view users')));
function repeatMessage($msgid) { # if (!USE_REPETITION && !USE_RSS) return; # get the future embargo, either "repeat" minutes after the old embargo # or "repeat" after this very moment to make sure that we're not sending the # message every time running the queue when there's no embargo set. $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo, date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid)); if (!$msgdata["id"] || !$msgdata["repeatinterval"]) { return; } # copy the new message Sql_Query(sprintf(' insert into %s (entered) values(now())', $GLOBALS["tables"]["message"])); $id = Sql_Insert_id(); require dirname(__FILE__) . '/structure.php'; if (!is_array($DBstruct["message"])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct["message"] as $column => $rec) { if ($column != "id" && $column != "entered" && $column != "sendstart") { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id)); } } $req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid)); while ($row = Sql_Fetch_Array($req)) { Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $GLOBALS['tables']['messagedata'], $row['name'], $id, addslashes($row['data']))); } # check whether the new embargo is not on an exclusion if (is_array($GLOBALS["repeat_exclude"])) { $repeatinterval = $msgdata["repeatinterval"]; $loopcnt = 0; while (excludedDateForRepetition($msgdata["newembargo"])) { $repeatinterval += $msgdata["repeatinterval"]; $loopcnt++; $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo, date_add(now(),interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid)); if ($loopcnt > 15) { logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}"); return; } } } # correct some values if (!$msgdata["isfuture"]) { $msgdata["newembargo"] = $msgdata["newembargo2"]; } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id)); // bug 0009687: maybe add "ashtml","astextandhtml" and put them in ashtml? foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row["remotefile"])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row["filename"] = ""; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"])); $attid = Sql_Insert_id(); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid)); } logEvent("Message {$msgid} was successfully rescheduled as message {$id}"); }
function repeatMessage($msgid) { # if (!USE_REPETITION && !USE_rss) return; $data = loadMessageData($msgid); ## do not repeat when it has already been done if (!empty($data['repeatedid'])) { return; } # get the future embargo, either "repeat" minutes after the old embargo # or "repeat" after this very moment to make sure that we're not sending the # message every time running the queue when there's no embargo set. $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo, date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid)); if (!$msgdata["id"] || !$msgdata["repeatinterval"]) { return; } # copy the new message $query = ' insert into ' . $GLOBALS['tables']['message'] . ' (entered)' . ' values' . ' (current_timestamp)'; Sql_Query($query); $newid = Sql_Insert_Id($GLOBALS['tables']['message'], 'id'); require dirname(__FILE__) . '/structure.php'; if (!is_array($DBstruct["message"])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct["message"] as $column => $rec) { if ($column != "id" && $column != "entered" && $column != "sendstart") { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $newid)); } } $req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid)); while ($row = Sql_Fetch_Array($req)) { setMessageData($newid, $row['name'], $row['data']); } # check whether the new embargo is not on an exclusion if (isset($GLOBALS["repeat_exclude"]) && is_array($GLOBALS["repeat_exclude"])) { $repeatinterval = $msgdata["repeatinterval"]; $loopcnt = 0; while (excludedDateForRepetition($msgdata["newembargo"])) { $repeat += $msgdata["repeatinterval"]; $loopcnt++; $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo, date_add(current_timestamp,interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > current_timestamp as isfuture from %s where id = %d and repeatuntil > current_timestamp', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid)); if ($loopcnt > 15) { logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}"); return; } } } # correct some values if (!$msgdata["isfuture"]) { $msgdata["newembargo"] = $msgdata["newembargo2"]; } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $newid)); list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata["newembargo"], '%04d-%02d-%02d %02d:%02d:%02d'); unset($e['second']); setMessageData($newid, 'embargo', $e); foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $newid)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,current_timestamp)', $GLOBALS["tables"]["listmessage"], $newid, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row["remotefile"])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row["filename"] = ""; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"])); $attid = Sql_Insert_Id($GLOBALS['tables']['attachment'], 'id'); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $newid, $attid)); } logEvent("Message {$msgid} was successfully rescheduled as message {$newid}"); ## remember we duplicated, in order to avoid doing it again (eg when requeuing) setMessageData($msgid, 'repeatedid', $newid); }
$summary['totalsent'] = 0; $summary['totalclicks'] = 0; $summary['uniqueclicks'] = 0; while ($row = Sql_Fetch_Array($req)) { $msgsubj = Sql_Fetch_Row_query(sprintf('select subject from %s where id = %d', $GLOBALS['tables']['message'], $row['messageid'])); if (!$download) { $element = '<!-- ' . $row['messageid'] . '-->' . shortenTextDisplay($msgsubj[0], 30); } else { $element = '<!-- ' . $row['messageid'] . '-->' . $msgsubj[0]; } # $element = $GLOBALS['I18N']->get('msg').' '.$row['messageid'].': '.substr($msgsubj[0],0,25). '...'; # $element = sprintf('<a href="%s" target="_blank" class="url" title="%s">%s</a>',$row['url'],$row['url'],substr(str_replace('http://','',$row['url']),0,50)); # $total = Sql_Verbose_Query(sprintf('select count(*) as total from %s where messageid = %d and url = "%s"', # $GLOBALS['tables']['linktrack'],$id,$row['url'])); # if (CLICKTRACK_SHOWDETAIL) { $uniqueclicks = Sql_Fetch_Array_Query(sprintf('select count(distinct userid) as users from %s where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_uml_click'], $row['messageid'], $id)); # } $ls->addElement($element, PageUrl2('mclicks&id=' . $row['messageid'])); $ls->setClass($element, 'row1'); $ls->addColumn($element, $GLOBALS['I18N']->get('firstclick'), formatDateTime($row['firstclick'], 1)); $ls->addColumn($element, $GLOBALS['I18N']->get('latestclick'), $row['latestclick']); $ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('sent') . ': ' . $row['total'] . '</div>', ''); # $ls->addColumn($element,$GLOBALS['I18N']->get('clicks'),$row['clicked'].'<span class="viewusers"><a class="button" href="'.PageUrl2('userclicks&msgid='.$row['messageid'].'&fwdid='.$id.'" title="'.$GLOBALS['I18N']->get('view users').'"></a></span>')); # $perc = sprintf('%0.2f',($row['clicked'] / $row['total'] * 100)); # $ls->addColumn($element,$GLOBALS['I18N']->get('clickrate'),$perc.'%'); $summary['totalsent'] += $row['total']; # if (CLICKTRACK_SHOWDETAIL) { $ls->addColumn($element, $GLOBALS['I18N']->get('clicks'), $uniqueclicks['users'] . '<span class="viewusers"><a class="button" href="' . PageUrl2('userclicks&msgid=' . $row['messageid'] . '&fwdid=' . $id) . '" title="' . s('view subscribers who clicked') . '"></a></span>'); $perc = sprintf('%0.2f', $uniqueclicks['users'] / $row['total'] * 100); $ls->addColumn($element, $GLOBALS['I18N']->get('click rate'), $perc . '%'); $summary['uniqueclicks'] += $uniqueclicks['users'];
while ($row = Sql_Fetch_Array($req)) { print PageLink2('editelements&id=' . $row['form'] . '&option="edit_elements"&pi="formbuilder"', 'form ' . $row['form'] . '') . "<br/>\n"; } } } } elseif (isset($_POST['tagaction']['merge'])) { $first = array_shift($_POST['tag']); $firstdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['attribute'], $first)); $first = $firstdata['id']; if (!count($_POST['tag'])) { print Error(s('cannot merge just one attribute')); } else { $cbg_initiated = 0; foreach ($_POST['tag'] as $attid) { print s('Merging %s into %d', htmlspecialchars($attid), htmlspecialchars($first)) . '<br/>'; $attdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['attribute'], $attid)); if ($attdata['type'] != $firstdata['type']) { print Error($GLOBALS['I18N']->get('Can only merge attributes of the same type')); } else { # debugging: check values for every user. This is very memory demanding, so you'll need to # add loads of memory to actually use it. /* $before = array(); $second = array(); $after = array(); $req = Sql_Query(sprintf('select * from %s where attributeid = %d',$tables["user_attribute"],$first)); while ($row = Sql_Fetch_Array($req)) { $before[$row["userid"]] = $row["value"]; } $req = Sql_Query(sprintf('select * from %s where attributeid = %d',$tables["user_attribute"],$attid)); while ($row = Sql_Fetch_Array($req)) {
function getConfig($name) { # read a value from the general config to be retrieved at a later stage # parameters: name -> name of the variable # returns value if (isset($_SESSION['config'][$this->name . '-' . addslashes($name)])) { return $_SESSION['config'][$this->name . '-' . addslashes($name)]; } $req = Sql_Fetch_Array_Query(sprintf('select value from %s where item = "%s-%s"', $GLOBALS['tables']['config'], $this->name, addslashes($name))); $result = stripslashes($req[0]); if (!empty($result) && strpos('SER:', $result) == 1) { $result = substr($result, 4); $value = unserialize($result); } else { $value = $result; } $_SESSION['config'][$this->name . '-' . addslashes($name)] = $value; return $result; }
Sql_query(sprintf('replace into %s (attributeid,userid,value) values("%s","%s","%s")', $GLOBALS["tables"]["user_attribute"], $attribute["id"], $userid, $value)); if ($attribute["type"] != "hidden") { $datachange .= strip_tags($attribute["name"]) . " : "; if ($attribute["type"] == "checkbox") { $datachange .= $value ? $strYes : $strNo; } elseif ($attribute["type"] != "date" && $attribute["type"] != "textline" && $attribute["type"] != "textarea") { $datachange .= AttributeValue($attribute["tablename"], $value); } else { $datachange .= stripslashes($value); } $datachange .= "\n"; } } } } $current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS["tables"]["user"], $userid)); $current_data = array_merge($current_data, getUserAttributeValues('', $userid)); foreach ($current_data as $key => $val) { if (!is_numeric($key)) { if ($old_data[$key] != $val && $key != "password" && $key != "modified") { $information_changed = 1; $history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n"; } } } if (!$information_changed) { $history_entry .= "\nNo user system details changed"; } $history_entry .= "\n\nList Membership: \n{$lists}\n"; $message = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("updatemessage", $userid)); $message = ereg_replace('\\[USERDATA\\]', $datachange, $message);
} $findtables = ''; $findbyselect = ''; $findfield = ''; $findfieldname = ''; $find_url = ''; # hmm interesting, if they select a findby but not a find, use the Sql wildcard: if ($findby && !$find) { # this is very slow, so instead erase the findby. # $find = '%'; $findby = ''; } $system_findby = array('email', 'foreignkey', 'uniqid'); if ($findby && $find && !in_array($findby, $system_findby)) { $find_url = '&find=' . urlencode($find) . '&findby=' . urlencode($findby); $findatt = Sql_Fetch_Array_Query(sprintf('select id,tablename,type,name from %s where id = %d', $tables['attribute'], $findby)); switch ($findatt['type']) { case 'textline': case 'hidden': $findtables = ',' . $tables['user_attribute']; $findbyselect = sprintf(' %s.userid = %s.id and %s.attributeid = %d and %s.value like "%%%s%%"', $tables['user_attribute'], $tables['user'], $tables['user_attribute'], $findby, $tables['user_attribute'], sql_escape($find)); $findfield = $tables['user_attribute'] . '.value as display, ' . $tables['user'] . '.bouncecount'; $findfieldname = $findatt['name']; break; case 'select': case 'radio': $findtables = ',' . $tables['user_attribute'] . ',' . $table_prefix . 'listattr_' . $findatt['tablename']; $findbyselect = sprintf(' %s.userid = %s.id and %s.attributeid = %d and %s.value = %s.id and %s.name like "%%%s%%"', $tables['user_attribute'], $tables['user'], $tables['user_attribute'], $findby, $tables['user_attribute'], $table_prefix . 'listattr_' . $findatt['tablename'], $table_prefix . 'listattr_' . $findatt['tablename'], sql_escape($find));
function forwardPage($id) { global $tables, $envelope; $html = ''; $subtitle = ''; if (!isset($_GET["uid"]) || !$_GET['uid']) { FileNotFound(); } $forwardemail = ''; if (isset($_GET['email'])) { $forwardemail = $_GET['email']; } $mid = 0; if (isset($_GET['mid'])) { $mid = sprintf('%d', $_GET['mid']); $req = Sql_Query(sprintf('select * from %s where id = %d', $tables["message"], $mid)); $messagedata = Sql_Fetch_Array($req); $mid = $messagedata['id']; if ($mid) { $subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']); } } $req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_GET["uid"] . "\""); $userdata = Sql_Fetch_Array($req); $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user"], $forwardemail)); $forwarduserdata = Sql_Fetch_Array($req); if ($userdata["id"] && $mid) { if (!is_email($forwardemail)) { $info = $GLOBALS['strForwardEnterEmail']; $html .= '<form method="get">'; $html .= sprintf('<input type=hidden name="mid" value="%d">', $mid); $html .= sprintf('<input type=hidden name="id" value="%d">', $id); $html .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']); $html .= sprintf('<input type=hidden name="p" value="forward">'); $html .= sprintf('<input type=text name="email" value="%s" size=35 class="attributeinput">', $forwardemail); $html .= sprintf('<input type=submit value="%s"></form>', $GLOBALS['strContinue']); } else { # check whether the email to forward exists and whether they have received the message if ($forwarduserdata['id']) { $sent = Sql_Fetch_Row_Query(sprintf('select entered from %s where userid = %d and messageid = %d', $tables['usermessage'], $forwarduserdata['id'], $mid)); # however even if that's the case, we don't want to reveal this information } $done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $forwardemail, $mid)); if ($done['status'] === 'sent') { $info = $GLOBALS['strForwardAlreadyDone']; } else { if (!TEST) { # forward the message require 'admin/sendemaillib.php'; # sendEmail will take care of blacklisting if (sendEmail($mid, $forwardemail, 'forwarded', $userdata['htmlemail'], array(), $userdata)) { $info = $GLOBALS["strForwardSuccessInfo"]; sendAdminCopy("Message Forwarded", $userdata["email"] . " has forwarded a message {$mid} to {$forwardemail}"); Sql_Query(sprintf('insert into %s (user,message,forward,status,time) values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail)); } else { $info = $GLOBALS["strForwardFailInfo"]; sendAdminCopy("Message Forwarded", $userdata["email"] . " tried forwarding a message {$mid} to {$forwardemail} but failed"); Sql_Query(sprintf('insert into %s (user,message,forward,status,time) values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail)); } } } } } else { logEvent("Forward request from invalid user ID: " . substr($_GET["uid"], 0, 150)); $info = $GLOBALS["strForwardFailInfo"]; } $data = PageData($id); if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . $data['language_file'])) { @(include dirname(__FILE__) . '/texts/' . $data['language_file']); } $res = '<title>' . $GLOBALS["strForwardTitle"] . '</title>'; $res .= $data["header"]; $res .= '<h1>' . $subtitle . '</h1>'; $res .= '<h2>' . $info . '</h2>'; $res .= $html; $res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>'; $res .= $data["footer"]; return $res; }
function loadUser($loginname = "") { dbg("Loading User"); if (!Sql_Table_exists("user")) return; initialiseUserSession(); if (!$loginname) { if ($_SESSION["userloggedin"] != "" && $_SESSION["username"] != "") { $loginname = $_SESSION["username"]; } else { return ""; } } $att_req = Sql_Query(sprintf('select attribute.id, %s.name,%s.type, %s.value,%s.tablename from %s,%s,%s where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid', "attribute", "attribute", "user_attribute", "attribute", "user", "user_attribute", "attribute", "user_attribute", "user", "user", $loginname, "attribute", "user_attribute" )); while ($att = Sql_fetch_array($att_req)) { # if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) { $_SESSION["userdata"]["attribute".$att["id"]] = array( "name" => $att["name"], "value" => $att["value"], "type" => $att["type"], "attid" => $att["id"] ); switch ($att["type"]) { case "textline": case "hidden": $_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] = $att["value"]; break; case "creditcardno": $_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] = obscureCreditCard($att["value"]); break; case "select": $_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] = AttributeValue($att["tablename"],$att["value"]); break; } # } } $d_req = Sql_Fetch_Array_Query("select * from user where email = \"$loginname\""); $_SESSION["userid"] = $d_req["id"]; foreach (array("email","disabled","confirmed","htmlemail","uniqid") as $field) { # if (!defined($_SESSION["userdata"][$field])) { $_SESSION["userdata"][$field] = array( "name" => $field, "value" => $d_req[$field], "type" => "static", "displayvalue" => $d_req[$field] ); # } } dbg("done loading user"); $_SESSION["groups"] = userGroups($loginname); return 1; }
function forwardPage($id) { global $tables; $ok = true; $subtitle = ''; $info = ''; $html = ''; $form = ''; $personalNote = ''; ## Check requirements # message $mid = 0; if (isset($_REQUEST['mid'])) { $mid = sprintf('%d', $_REQUEST['mid']); $messagedata = loadMessageData($mid); $mid = $messagedata['id']; if ($mid) { $subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']); } } #mid set # user if (!isset($_REQUEST['uid']) || !$_REQUEST['uid']) { FileNotFound(); } ## get userdata $req = Sql_Query(sprintf('select * from %s where uniqid = "%s"', $tables['user'], sql_escape($_REQUEST['uid']))); $userdata = Sql_Fetch_Array($req); ## verify that this subscriber actually received this message to forward, otherwise they're not allowed $allowed = Sql_Fetch_Row_Query(sprintf('select userid from %s where userid = %d and messageid = %d', $GLOBALS['tables']['usermessage'], $userdata['id'], $mid)); if (empty($userdata['id']) || $allowed[0] != $userdata['id']) { ## when sending a test email as an admin, the entry isn't there yet if (empty($_SESSION['adminloggedin']) || $_SESSION['adminloggedin'] != $_SERVER['REMOTE_ADDR']) { FileNotFound('<br/><i>' . $GLOBALS['I18N']->get('When testing the phpList forward functionality, you need to be logged in as an administrator.') . '</i><br/>'); } } $firstpage = 1; ## is this the initial page or a followup # forward addresses $forwardemail = ''; if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) { $firstpage = 0; $forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id'])); $forwardemail = stripslashes($_REQUEST['email']); $emails = explode("\n", $forwardemail); $emails = trimArray($emails); $forwardemail = implode("\n", $emails); #0011860: forward to friend, multiple emails $emailCount = $forwardPeriodCount[0]; foreach ($emails as $index => $email) { $emails[$index] = trim($email); if (is_email($email)) { ++$emailCount; } else { $info .= sprintf('<br />' . $GLOBALS['strForwardInvalidEmail'], $email); $ok = false; } } if ($emailCount > FORWARD_EMAIL_COUNT) { $info .= '<br />' . $GLOBALS['strForwardCountReached']; $ok = false; } } else { $ok = false; } #0011996: forward to friend - personal message # text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) { if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) { $info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached']; $ok = false; } $personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote']))); $userdata['personalNote'] = $personalNote; } if ($userdata['id'] && $mid) { if ($ok && count($emails)) { ## All is well, send it require_once 'admin/sendemaillib.php'; #0013845 Lead Ref Scheme if (FORWARD_FRIEND_COUNT_ATTRIBUTE) { $iCountFriends = FORWARD_FRIEND_COUNT_ATTRIBUTE; } else { $iCountFriends = 0; } if ($iCountFriends) { $nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends)); } ## remember the lists for this message in order to notify only those admins ## that own them $messagelists = array(); $messagelistsreq = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $mid)); while ($row = Sql_Fetch_Row($messagelistsreq)) { array_push($messagelists, $row[0]); } foreach ($emails as $index => $email) { #0011860: forward to friend, multiple emails $done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid)); $info .= '<br />' . $email . ': '; if ($done['status'] === 'sent') { $info .= $GLOBALS['strForwardAlreadyDone']; } elseif (isBlackListed($email)) { $info .= $GLOBALS['strForwardBlacklistedEmail']; } else { if (!TEST) { # forward the message # sendEmail will take care of blacklisting ### CHECK $email vs $forwardemail if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) { $info .= $GLOBALS['strForwardSuccessInfo']; sendAdminCopy(s('Message Forwarded'), s('%s has forwarded message %d to %s', $userdata['email'], $mid, $email), $messagelists); Sql_Query(sprintf('insert into %s (user,message,forward,status,time) values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email)); if ($iCountFriends) { ++$nFriends; } } else { $info .= $GLOBALS['strForwardFailInfo']; sendAdminCopy(s('Message Forwarded'), s('%s tried forwarding message %d to %s but failed', $userdata['email'], $mid, $email), $messagelists); Sql_Query(sprintf('insert into %s (user,message,forward,status,time) values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email)); $ok = false; } } } } # foreach friend if ($iCountFriends) { saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends)); } } #ok & emails } else { # no valid sender logEvent(s('Forward request from invalid user ID: %s', substr($_REQUEST['uid'], 0, 150))); $info .= '<BR />' . $GLOBALS['strForwardFailInfo']; $ok = false; } /* $data = PageData($id); if (isset($data['language_file']) && is_file(dirname(__FILE__).'/texts/'.basename($data['language_file']))) { @include dirname(__FILE__).'/texts/'.basename($data['language_file']); } */ ## BAS Multiple Forward ## build response page $form = '<form method="post" action="">'; $form .= sprintf('<input type=hidden name="mid" value="%d">', $mid); $form .= sprintf('<input type=hidden name="id" value="%d">', $id); $form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']); $form .= sprintf('<input type=hidden name="p" value="forward">'); if (!$ok) { #0011860: forward to friend, multiple emails if (FORWARD_EMAIL_COUNT == 1) { $form .= '<br /><h2>' . $GLOBALS['strForwardEnterEmail'] . '</h2>'; $form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail); } else { $form .= '<br /><h2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</h2>'; $form .= sprintf('<textarea name="email" rows="10" cols="50" class="attributeinput">%s</textarea>', $forwardemail); } #0011996: forward to friend - personal message if (FORWARD_PERSONAL_NOTE_SIZE) { $form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</h2>', FORWARD_PERSONAL_NOTE_SIZE); $cols = 50; $rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40)); $form .= sprintf('<br/><textarea type="text" name="personalNote" rows="%d" cols="%d" class="attributeinput">%s</textarea>', $rows, $cols, $personalNote); } $form .= sprintf('<br /><input type="submit" value="%s"></form>', $GLOBALS['strContinue']); } ### END BAS ### Michiel, remote response page $remote_content = ''; if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) { if (isset($regs[1]) && strlen($regs[1])) { $url = $regs[1]; if (!preg_match('/^http/i', $url)) { $url = 'http://' . $url; } $remote_content = fetchUrl($url); } } if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) { if ($firstpage) { ## this is the initial page, not a follow up one. $remote_content = str_replace($regs[0], $info . $form, $remote_content); } else { $remote_content = str_replace($regs[0], $info, $remote_content); } $res = $remote_content; } else { $res = '<title>' . $GLOBALS['strForwardTitle'] . '</title>'; $res .= $GLOBALS['pagedata']['header']; $res .= '<h3>' . $subtitle . '</h3>'; if ($ok) { $res .= '<h4>' . $info . '</h4>'; } elseif (!empty($info)) { $res .= '<div class="error missing">' . $info . '</div>'; } $res .= $form; $res .= '<p>' . $GLOBALS['PoweredBy'] . '</p>'; $res .= $GLOBALS['pagedata']['footer']; } ### END MICHIEL return $res; }
} $access = accessLevel('userclicks'); switch ($access) { case 'owner': case 'all': $subselect = ''; break; case 'none': default: print $GLOBALS['I18N']->get('You do not have access to this page'); return; break; } $ls = new WebblerListing($GLOBALS['I18N']->get('User Click Statistics')); if ($linkid) { $urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where linkid = %d', $GLOBALS['tables']['linktrack'], $linkid)); } if ($msgid) { $messagedata = Sql_Fetch_Array_query("SELECT * FROM {$tables['message']} where id = {$msgid} {$subselect}"); } if ($userid) { $userdata = Sql_Fetch_Array_query("SELECT * FROM {$tables['user']} where id = {$userid} {$subselect}"); } if ($linkid && $msgid) { print '<h1>' . $GLOBALS['I18N']->get('User Click Details for a URL in a message'); print ' ' . PageLink2('uclicks&id=' . $linkid, $urldata['url']); print '</h1>'; print '<table> <tr><td>' . $GLOBALS['I18N']->get('Subject') . '<td><td>' . PageLink2('mclicks&id=' . $msgid, $messagedata['subject']) . '</td></tr> <tr><td>' . $GLOBALS['I18N']->get('Entered') . '<td><td>' . $messagedata['entered'] . '</td></tr> <tr><td>' . $GLOBALS['I18N']->get('Sent') . '<td><td>' . $messagedata['sent'] . '</td></tr>
++$additional_emails; } } else { ## mark blacklisted, just in case ##17288 Sql_Query(sprintf('update %s set blacklisted = 1 where id = %d', $tables['user'], $userid)); ++$foundBlacklisted; } $subscribemessage = str_replace('[LISTS]', $listoflists, getUserConfig('subscribemessage', $userid)); if (!TEST && $importdata['notify'] == 'yes' && $addition) { sendMail($email, getConfig('subscribesubject'), $subscribemessage, system_messageheaders(), $envelope); if ($throttle_import) { sleep($throttle_import); } } # history stuff $current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['user'], $userid)); $current_data = array_merge($current_data, getUserAttributeValues('', $userid)); foreach ($current_data as $key => $val) { if (!is_numeric($key)) { if (isset($old_data[$key]) && $old_data[$key] != $val && $key != 'modified') { $history_entry .= "{$key} = {$val}\nchanged from {$old_data[$key]}\n"; } } } if (!$history_entry) { $history_entry = "\n" . $GLOBALS['I18N']->get('No data changed'); } # check lists $listmembership = array(); $req = Sql_Query("select * from {$tables['listuser']} where userid = {$userid}"); while ($row = Sql_Fetch_Array($req)) {
} else { $ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('date') . ': ' . $GLOBALS['I18N']->get('in progress') . '</div>', ''); } $ls->addColumn($element, $GLOBALS['I18N']->get('sent'), $row['total']); # $ls->addColumn($element,$GLOBALS['I18N']->get('bounced'),$row['bounced']); $ls->addColumn($element, $GLOBALS['I18N']->get('views'), $row['views'], $row['views'] ? PageURL2('mviews&id=' . $row['messageid']) : ''); $openrate = sprintf('%0.2f', $row['views'] / $row['total'] * 100); $ls->addColumn($element, $GLOBALS['I18N']->get('rate'), $openrate . ' %'); /* $bouncerate = sprintf('%0.2f',($row['bounced'] / $row['total'] * 100)); $ls->addColumn($element,$GLOBALS['I18N']->get('bounce rate'),$bouncerate.' %'); */ } if ($addcomparison) { $total = Sql_Fetch_Array_Query(sprintf('select count(entered) as total from %s um where um.status = "sent"', $GLOBALS['tables']['usermessage'])); $viewed = Sql_Fetch_Array_Query(sprintf('select count(viewed) as viewed from %s um where um.status = "sent"', $GLOBALS['tables']['usermessage'])); $overall = $GLOBALS['I18N']->get('Comparison to other admins'); $ls->addElement($overall); $ls->addColumn($overall, $GLOBALS['I18N']->get('views'), $viewed['viewed']); $perc = sprintf('%0.2f', $viewed['viewed'] / $total['total'] * 100); $ls->addColumn($overall, $GLOBALS['I18N']->get('rate'), $perc . ' %'); } if ($download) { ob_end_clean(); print $ls->tabDelimited(); } print $ls->display(); return; } if ($download) { ob_end_clean();
<?php # view prepared message require_once dirname(__FILE__) . '/accesscheck.php'; ob_end_clean(); $id = sprintf('%d', $_GET['id']); if (!$id) { return ""; } $message = Sql_Fetch_Array_Query("select * from {$tables["message"]} where status = 'prepared' and id = " . $id); if ($message["htmlformatted"]) { $content = stripslashes($message["message"]); } else { $content = nl2br(stripslashes($message["message"])); } if ($message["template"]) { print previewTemplate($message["template"], $_SESSION["logindetails"]["id"], $content, $message["footer"]); } else { print nl2br($content . "\n\n" . $message["footer"]); } exit;