function mergeUser($userid)
{
$duplicate = Sql_Fetch_Array_Query("select * from {$GLOBALS["tables"]["user"]} where id = {$userid}");
printf('<br/>%s', $duplicate["email"]);
if (preg_match("/^duplicate[^ ]* (.*)/", $duplicate["email"], $regs)) {
print "-> " . $regs[1];
$email = $regs[1];
} elseif (preg_match("/^([^ ]+@[^ ]+) \\(\\d+\\)/", $duplicate["email"], $regs)) {
print "-> " . $regs[1];
$email = $regs[1];
} else {
$email = "";
}
if ($email) {
$orig = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS["tables"]["user"], $email));
if ($orig[0]) {
print " " . $GLOBALS['I18N']->get("user found");
$umreq = Sql_Query("select * from {$GLOBALS["tables"]["usermessage"]} where userid = " . $duplicate["id"]);
while ($um = Sql_Fetch_Array($umreq)) {
Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS["tables"]["usermessage"], $orig[0], $um["entered"], $duplicate["id"], $um["entered"]));
}
$bncreq = Sql_Query("select * from {$GLOBALS["tables"]["user_message_bounce"]} where user = "******"id"]);
while ($bnc = Sql_Fetch_Array($bncreq)) {
Sql_Query(sprintf('update %s set user = %d, time = "%s" where user = %d and time = "%s"', $GLOBALS["tables"]["user_message_bounce"], $orig[0], $bnc["time"], $duplicate["id"], $bnc["time"]));
}
Sql_Query("delete from {$GLOBALS["tables"]["listuser"]} where userid = " . $duplicate["id"]);
} else {
print " " . $GLOBALS['I18N']->get("no user found");
}
flush();
} else {
print "-> " . $GLOBALS['I18N']->get("unable to find original email");
}
}
function groupName($id)
{
if (!$id) {
return;
}
$data = Sql_Fetch_Array_Query("select * from groups where id = {$id}");
return $data["name"];
}
function mergeUser($userid)
{
$duplicate = Sql_Fetch_Array_Query("select * from {$GLOBALS['tables']['user']} where id = {$userid}");
printf('<br/>%s', $duplicate['email']);
if (preg_match('/^duplicate[^ ]* (.*)/', $duplicate['email'], $regs)) {
print '-> ' . $regs[1];
$email = $regs[1];
} elseif (preg_match("/^([^ ]+@[^ ]+) \\(\\d+\\)/", $duplicate['email'], $regs)) {
print '-> ' . $regs[1];
$email = $regs[1];
} else {
$email = '';
}
if ($email) {
$orig = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS['tables']['user'], $email));
if ($orig[0]) {
print ' ' . $GLOBALS['I18N']->get('user found');
$umreq = Sql_Query("select * from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']);
while ($um = Sql_Fetch_Array($umreq)) {
Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS['tables']['usermessage'], $orig[0], $um['entered'], $duplicate['id'], $um['entered']), 1);
}
$bncreq = Sql_Query("select * from {$GLOBALS['tables']['user_message_bounce']} where user = "******"%s" where user = %d and time = "%s"', $GLOBALS['tables']['user_message_bounce'], $orig[0], $bnc['time'], $duplicate['id'], $bnc['time']), 1);
}
Sql_Query("delete from {$GLOBALS['tables']['listuser']} where userid = " . $duplicate['id']);
Sql_Query("delete from {$GLOBALS['tables']['user_message_bounce']} where user = "******"delete from {$GLOBALS['tables']['usermessage']} where userid = " . $duplicate['id']);
if (MERGE_DUPLICATES_DELETE_DUPLICATE) {
deleteUser($duplicate['id']);
}
} else {
print ' ' . $GLOBALS['I18N']->get('no user found');
# so it must be save to rename the original to the actual email
Sql_Query(sprintf('update %s set email = "%s" where id = %d', $GLOBALS['tables']['user'], $email, $userid));
}
flush();
} else {
print '-> ' . $GLOBALS['I18N']->get('unable to find original email');
}
}
function resendConfirm($id)
{
global $tables, $envelope, $prepend;
$userdata = Sql_Fetch_Array_Query("select * from {$tables["user"]} where id = {$id}");
$lists_req = Sql_Query(sprintf('select %s.name from %s,%s where
%s.listid = %s.id and %s.userid = %d', $tables["list"], $tables["list"], $tables["listuser"], $tables["listuser"], $tables["list"], $tables["listuser"], $id));
while ($row = Sql_Fetch_Row($lists_req)) {
$lists .= ' * ' . $row[0] . "\n";
}
if ($userdata["subscribepage"]) {
$subscribemessage = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("subscribemessage:" . $userdata["subscribepage"], $id));
$subject = getConfig("subscribesubject:" . $userdata["subscribepage"]);
} else {
$subscribemessage = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("subscribemessage", $id));
$subject = getConfig("subscribesubject");
}
logEvent("Resending confirmation request to " . $userdata["email"]);
if (!TEST) {
return sendMail($userdata["email"], $subject, $prepend . $subscribemessage, system_messageheaders($userdata["email"]), $envelope);
}
}
function repeatMessage($msgid)
{
# if (!USE_REPETITION && !USE_rss) return;
$data = loadMessageData($msgid);
## do not repeat when it has already been done
if ($data['repeatinterval'] == 0 || !empty($data['repeatedid'])) {
return;
}
# calculate the future embargo, a multiple of repeatinterval minutes after the current embargo
$msgdata = Sql_Fetch_Array_Query(sprintf('SELECT *,
embargo +
INTERVAL (FLOOR(TIMESTAMPDIFF(MINUTE, embargo, GREATEST(embargo, NOW())) / repeatinterval) + 1) * repeatinterval MINUTE AS newembargo
FROM %s
WHERE id = %d AND now() < repeatuntil', $GLOBALS['tables']['message'], $msgid));
if (!$msgdata) {
logEvent("Message {$msgid} not repeated due to reaching the repeatuntil date");
return;
}
# check whether the new embargo is not on an exclusion
if (isset($GLOBALS['repeat_exclude']) && is_array($GLOBALS['repeat_exclude'])) {
$loopcnt = 0;
while (excludedDateForRepetition($msgdata['newembargo'])) {
if (++$loopcnt > 15) {
logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}");
return;
}
$result = Sql_Fetch_Array_Query(sprintf("SELECT '%s' + INTERVAL repeatinterval MINUTE AS newembargo\n FROM %s\n WHERE id = %d", $msgdata['newembargo'], $GLOBALS['tables']['message'], $msgid));
$msgdata['newembargo'] = $result['newembargo'];
}
}
# copy the new message
Sql_Query(sprintf('
insert into %s (entered) values(now())', $GLOBALS['tables']['message']));
$newid = Sql_Insert_id();
require dirname(__FILE__) . '/structure.php';
if (!is_array($DBstruct['message'])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct['message'] as $column => $rec) {
if ($column != 'id' && $column != 'entered' && $column != 'sendstart') {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS['tables']['message'], $column, addslashes($msgdata[$column]), $newid));
}
}
$req = Sql_Query(sprintf("SELECT *\n FROM %s\n WHERE id = %d AND name NOT IN ('id')", $GLOBALS['tables']['messagedata'], $msgid));
while ($row = Sql_Fetch_Array($req)) {
setMessageData($newid, $row['name'], $row['data']);
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS['tables']['message'], $msgdata['newembargo'], $newid));
list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata['newembargo'], '%04d-%02d-%02d %02d:%02d:%02d');
unset($e['second']);
setMessageData($newid, 'embargo', $e);
foreach (array('processed', 'astext', 'ashtml', 'astextandhtml', 'aspdf', 'astextandpdf', 'viewed', 'bouncecount') as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS['tables']['message'], $item, $newid));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS['tables']['listmessage'], $newid, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'], $GLOBALS['tables']['message_attachment'], $msgid, $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment']));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row['remotefile'])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row['filename'] = '';
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS['tables']['attachment'], addslashes($row['filename']), addslashes($row['remotefile']), addslashes($row['mimetype']), addslashes($row['description']), $row['size']));
$attid = Sql_Insert_id();
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS['tables']['message_attachment'], $newid, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled as message {$newid}");
## remember we duplicated, in order to avoid doing it again (eg when requeuing)
setMessageData($msgid, 'repeatedid', $newid);
if (getConfig('pqchoice') == 'phplistdotcom') {
activateRemoteQueue();
}
}
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>';
if (count($bounces)) {
print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>';
}
print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>';
print '</ul>';
print '<div id="messages">';
print $ls->display();
print '</div>';
print '<div id="bounces">';
print $bouncels->display();
print '</div>';
print '<div id="subscription">';
if (isBlackListed($user['email'])) {
print '<h3>' . $GLOBALS['I18N']->get('subscriber is blacklisted since') . ' ';
$blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist'], $user['email']));
print $blacklist_info['added'] . '</h3><br/>';
print '';
$isSpamReport = false;
$ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info'));
$req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist_data'], $user['email']));
while ($row = Sql_Fetch_Array($req)) {
$ls->addElement($row['name']);
$isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints';
$ls->addColumn($row['name'], $GLOBALS['I18N']->get('value'), stripslashes($row['data']));
}
$ls->addElement('<!-- remove -->');
if (!$isSpamReport) {
$button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . '?\\n' . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user['id']}&id={$user['id']}", 'button', s('remove subscriber from blacklist')), s('remove subscriber from blacklist'));
$ls->addRow('<!-- remove -->', s('remove'), $button->show());
} else {
} else {
Sql_query(sprintf('update %s set clicked = clicked + 1, latestclick = now() where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
}
if ($msgtype == 'H') {
Sql_query(sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
$trackingcode = 'utm_source=phplist' . $messageid . '&utm_medium=email&utm_content=HTML&utm_campaign=' . urlencode($messagedata['subject']);
} elseif ($msgtype == 'T') {
Sql_query(sprintf('update %s set textclicked = textclicked + 1 where forwardid = %d and messageid = %d', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
$trackingcode = 'utm_source=phplist' . $messageid . '&utm_medium=email&utm_content=text&utm_campaign=' . urlencode($messagedata['subject']);
}
$viewed = Sql_Fetch_Row_query(sprintf('select viewed from %s where messageid = %d and userid = %d', $GLOBALS['tables']['usermessage'], $messageid, $userid));
if (!$viewed[0]) {
Sql_Query(sprintf('update %s set viewed = now() where messageid = %d and userid = %d', $GLOBALS['tables']['usermessage'], $messageid, $userid));
Sql_Query(sprintf('update %s set viewed = viewed + 1 where id = %d', $GLOBALS['tables']['message'], $messageid));
}
$uml = Sql_Fetch_Array_Query(sprintf('select * from %s where messageid = %d and forwardid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $messageid, $fwdid, $userid));
if (empty($uml['firstclick'])) {
Sql_query(sprintf('insert into %s set firstclick = now(), forwardid = %d, messageid = %d, userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid));
}
Sql_query(sprintf('update %s set clicked = clicked + 1, latestclick = now() where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid));
if ($msgtype == 'H') {
Sql_query(sprintf('update %s set htmlclicked = htmlclicked + 1 where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid));
} elseif ($msgtype == 'T') {
Sql_query(sprintf('update %s set textclicked = textclicked + 1 where forwardid = %d and messageid = %d and userid = %d', $GLOBALS['tables']['linktrack_uml_click'], $fwdid, $messageid, $userid));
}
$url = $linkdata['url'];
if ($linkdata['personalise']) {
$uid = Sql_Fetch_Row_Query(sprintf('select uniqid from %s where id = %d', $GLOBALS['tables']['user'], $userid));
if ($uid[0]) {
if (strpos($url, '?')) {
$url .= '&uid=' . $uid[0];
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>';
if (count($bounces)) {
print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>';
}
print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>';
print '</ul>';
print '<div id="messages">';
print $ls->display();
print '</div>';
print '<div id="bounces">';
print $bouncels->display();
print '</div>';
print '<div id="subscription">';
if (isBlackListed($user["email"])) {
print "<h3>" . $GLOBALS['I18N']->get('subscriber is blacklisted since') . " ";
$blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist"], $user["email"]));
print $blacklist_info["added"] . "</h3><br/>";
print '';
$isSpamReport = false;
$ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info'));
$req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist_data"], $user["email"]));
while ($row = Sql_Fetch_Array($req)) {
$ls->addElement($row["name"]);
$isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints';
$ls->addColumn($row["name"], $GLOBALS['I18N']->get('value'), stripslashes($row["data"]));
}
$ls->addElement('<!-- remove -->');
if (!$isSpamReport) {
$button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . "?\\n" . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user["id"]}&id={$user["id"]}", "button", s('remove subscriber from blacklist')), s('remove subscriber from blacklist'));
$ls->addRow('<!-- remove -->', s('remove'), $button->show());
} else {
return;
break;
}
$download = !empty($_GET['dl']);
$downloadContent = '';
if ($download) {
ob_end_clean();
# header("Content-type: text/plain");
header('Content-type: text/csv');
header('Content-disposition: attachment; filename="phpList click statistics.csv"');
ob_start();
}
#$limit = ' limit 100';
$ls = new WebblerListing($GLOBALS['I18N']->get('Click statistics'));
if ($fwdid) {
$urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where id = %d', $GLOBALS['tables']['linktrack_forward'], $fwdid));
}
if ($msgid) {
# $messagedata = Sql_Fetch_Array_query("SELECT * FROM {$tables['message']} where id = $msgid $subselect");
$messagedata = loadMessageData($msgid);
}
if ($userid) {
$userdata = Sql_Fetch_Array_query("SELECT * FROM {$tables['user']} where id = {$userid} {$subselect}");
}
if ($fwdid && $msgid) {
print '<h3>' . $GLOBALS['I18N']->get('Subscriber clicks for a URL in a campaign');
print ' ' . strtolower(PageLink2('uclicks&id=' . $fwdid, $urldata['url']));
print '</h3>';
$downloadContent = s('Subscribers who clicked on URL "%s" in the campaign with subject "%s", sent %s', $urldata['url'], $messagedata['subject'], $messagedata['sent']) . PHP_EOL;
print '<table class="userclicksDetails">';
if ($messagedata['subject'] != $messagedata['campaigntitle']) {
$cline = parseCline();
reset($cline);
if (!$cline || !is_array($cline) || !$cline["s"] || !$cline["l"]) {
clineUsage("-s subject -l list [-f from] < message");
exit;
}
$listnames = explode(" ", $cline["l"]);
$listids = array();
foreach ($listnames as $listname) {
if (!is_numeric($listname)) {
$listid = Sql_Fetch_Array_Query(sprintf('select * from %s where name = "%s"', $tables["list"], $listname));
if ($listid["id"]) {
$listids[$listid["id"]] = $listname;
}
} else {
$listid = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["list"], $listname));
if ($listid["id"]) {
$listids[$listid["id"]] = $listid["name"];
}
}
}
$_POST["targetlist"] = array();
foreach ($listids as $key => $val) {
$_POST["targetlist"][$key] = "signup";
$lists .= '"' . $val . '"' . " ";
}
if ($cline["f"]) {
$_POST["from"] = $cline["f"];
} else {
$_POST["from"] = getConfig("message_from_name") . ' ' . getConfig("message_from_address");
}
print '</p>';
if ($_GET['type'] == 'dl') {
ob_end_clean();
Header("Content-type: text/plain");
$filename = 'Bounces on ' . listName($listid);
header("Content-disposition: attachment; filename=\"{$filename}\"");
}
$currentlist = 0;
$ls = new WebblerListing('');
while ($row = Sql_Fetch_Array($req)) {
if ($currentlist != $row['listid']) {
if ($_GET['type'] != 'dl') {
print $ls->display();
}
$currentlist = $row['listid'];
flush();
$ls = new WebblerListing(listName($row['listid']));
}
$userdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['user'], $row['userid']));
if ($_GET['type'] == 'dl') {
print $userdata['email'] . "\n";
}
$ls->addElement($row['userid'], PageUrl2('user&id=' . $row['userid']));
$ls->addColumn($row['userid'], $GLOBALS['I18N']->get('email'), $userdata['email']);
$ls->addColumn($row['userid'], $GLOBALS['I18N']->get('# bounces'), $row['numbounces']);
}
if ($_GET['type'] != 'dl') {
print $ls->display();
} else {
exit;
}
}
$find = $_SESSION["userlistfilter"]["find"];
$findby = $_SESSION["userlistfilter"]["findby"];
if (!$findby) {
$findby = "email";
}
# hmm interesting, if they select a findby but not a find, use the Sql wildcard:
if ($findby && !$find) {
# this is very slow, so instead erase the findby
# $find = '%';
$findby = '';
}
$system_findby = array("email", "foreignkey");
if ($findby && $find && !in_array($findby, $system_findby)) {
$find_url = '&find=' . urlencode($find) . "&findby=" . urlencode($findby);
$findatt = Sql_Fetch_Array_Query("select id,tablename,type,name from {$tables["attribute"]} where id = {$findby}");
switch ($findatt["type"]) {
case "textline":
case "hidden":
$findtables = ',' . $tables["user_attribute"];
$findbyselect = sprintf(' %s.userid = %s.id and
%s.attributeid = %d and %s.value like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $find);
$findfield = $tables["user_attribute"] . ".value as display, " . $tables["user"] . ".bouncecount";
$findfieldname = $findatt["name"];
break;
case "select":
case "radio":
$findtables = ',' . $tables["user_attribute"] . ',' . $table_prefix . 'listattr_' . $findatt["tablename"];
$findbyselect = sprintf(' %s.userid = %s.id and
%s.attributeid = %d and %s.value = %s.id and
%s.name like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $table_prefix . 'listattr_' . $findatt["tablename"], $table_prefix . 'listattr_' . $findatt["tablename"], $find);
while ($row = Sql_Fetch_Array($req)) {
$alive = checkLock($process_id);
if ($alive) {
keepLock($process_id);
} else {
bounceProcessError($GLOBALS['I18N']->get("Process Killed by other process"));
}
# cl_output(memory_get_usage());
# outputProcessBounce('User '.$row['user']);
$rule = matchBounceRules($row['header'] . "\n\n" . $row['data'], $bouncerules);
# outputProcessBounce('Action '.$rule['action']);
# outputProcessBounce('Rule'.$rule['id']);
$userdata = array();
if ($rule && is_array($rule)) {
if ($row['user']) {
$userdata = Sql_Fetch_Array_Query("select * from {$tables["user"]} where id = " . $row['user']);
}
$report_linkroot = $GLOBALS['admin_scheme'] . '://' . $GLOBALS['website'] . $GLOBALS['adminpages'];
Sql_Query(sprintf('update %s set count = count + 1 where id = %d', $GLOBALS['tables']['bounceregex'], $rule['id']));
Sql_Query(sprintf('insert ignore into %s (regex,bounce) values(%d,%d)', $GLOBALS['tables']['bounceregex_bounce'], $rule['id'], $row['bounce']));
switch ($rule['action']) {
case 'deleteuser':
logEvent('User ' . $userdata['email'] . ' deleted by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id']));
$advanced_report .= 'User ' . $userdata['email'] . ' deleted by bounce rule ' . $rule['id'] . "\n";
$advanced_report .= 'User: '******'/?page=user&id=' . $userdata['id'] . "\n";
$advanced_report .= 'Rule: ' . $report_linkroot . '/?page=bouncerule&id=' . $rule['id'] . "\n";
deleteUser($row['user']);
break;
case 'unconfirmuser':
logEvent('User ' . $userdata['email'] . ' unconfirmed by bounce rule ' . PageLink2('bouncerule&id=' . $rule['id'], $rule['id']));
Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $GLOBALS['tables']['user'], $row['user']));
$hash = '';
$id = 0;
}
if (isset($_POST['save']) && $_POST['save']) {
Sql_Query(sprintf('update %s set regex = "%s",action="%s", comment="%s",status = "%s" where id= %d', $GLOBALS['tables']['bounceregex'], trim($_POST['regex']), sql_escape($_POST['action']), sql_escape($_POST['comment']), sql_escape($_POST['status']), $_GET['id']), 1);
$num = Sql_Affected_Rows();
if ($num < 0) {
print $GLOBALS['I18N']->get('Updating the regular expression of this rule caused an Sql conflict<br/>This is probably because there is already a rule like that. Do you want to delete this rule instead?');
print '<p>' . PageLink2('bouncerules&del=' . $id, $GLOBALS['I18N']->get('Yes')) . ' ';
print PageLink2('bouncerules', $GLOBALS['I18N']->get('No')) . '</p>';
return;
}
Redirect('bouncerules' . $hash);
}
print '<p>' . PageLink2('bouncerules' . $hash, $GLOBALS['I18N']->get('back to list of bounce rules')) . '</p>';
$data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['bounceregex'], $id));
print '<form method=post>';
print '<table>';
printf('<tr><td>%s</td><td><input type=text name="regex" size=30 value="%s"></td></tr>', $GLOBALS['I18N']->get('Regular Expression'), htmlspecialchars($data['regex']));
printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get('Created By'), adminName($data['admin']));
printf('<tr><td>%s</td><td><select name="action">', $GLOBALS['I18N']->get('Action'));
foreach ($GLOBALS['bounceruleactions'] as $action => $desc) {
printf('<option value="%s" %s>%s</option>', $action, $data['action'] == $action ? 'selected' : '', $desc);
}
print '</select></td></tr>';
printf('<tr><td>%s</td><td><select name="status">', $GLOBALS['I18N']->get('Status'));
printf('<option value="none">[%s]</option>', $GLOBALS['I18N']->get('Select Status'));
foreach (array('active', 'candidate') as $type) {
printf('<option value="%s" %s>%s</option>', $type, $data['status'] == $type ? 'selected' : '', $GLOBALS['I18N']->get($type));
}
print '</select></td></tr>';
function loadUser($loginname = '')
{
if (!Sql_Table_exists('user')) {
return;
}
initialiseUserSession();
if (!$loginname) {
if ($_SESSION['userloggedin'] != '' && $_SESSION['username'] != '') {
$loginname = $_SESSION['username'];
} else {
return '';
}
}
$att_req = Sql_Query(sprintf('select attribute.id,
%s.name,%s.type,
%s.value,%s.tablename from %s,%s,%s
where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid', 'attribute', 'attribute', 'user_attribute', 'attribute', 'user', 'user_attribute', 'attribute', 'user_attribute', 'user', 'user', addslashes($loginname), 'attribute', 'user_attribute'));
while ($att = Sql_fetch_array($att_req)) {
# if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) {
$_SESSION['userdata']['attribute' . $att['id']] = array('name' => $att['name'], 'value' => $att['value'], 'type' => $att['type'], 'attid' => $att['id'], 'displayvalue' => $att['value']);
switch ($att['type']) {
case 'textline':
case 'hidden':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = $att['value'];
break;
case 'creditcardno':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = obscureCreditCard($att['value']);
break;
case 'select':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = AttributeValue($att['tablename'], $att['value']);
break;
case 'date':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = formatDate($att['value']);
break;
}
# }
}
$d_req = Sql_Fetch_Array_Query("select * from user where email = \"{$loginname}\"");
$_SESSION['userid'] = $d_req['id'];
foreach (array('email', 'disabled', 'confirmed', 'htmlemail', 'uniqid', 'password', 'foreignkey') as $field) {
# if (!defined($_SESSION["userdata"][$field])) {
$_SESSION['userdata'][$field] = array('name' => $field, 'value' => $d_req[$field], 'type' => 'static', 'displayvalue' => $d_req[$field]);
# }
}
$_SESSION['usergroups'] = userGroups($loginname);
if (is_array($GLOBALS['config']['usergreeting'])) {
$_SESSION['usergreeting'] = '';
foreach ($GLOBALS['config']['usergreeting'] as $att) {
$_SESSION['usergreeting'] .= $_SESSION['userdata'][$att]['displayvalue'] . ' ';
}
$_SESSION['usergreeting'] = rtrim($_SESSION['usergreeting']);
}
dbg('done loading user');
return 1;
}
$ls = new WebblerListing($GLOBALS['I18N']->get('URL Click Statistics'));
$urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where linkid = %d', $GLOBALS['tables']['linktrack'], $id));
print '<h1>' . $GLOBALS['I18N']->get('Click Details for a URL') . ' <b>' . $urldata['url'] . '</b></h1>';
$req = Sql_Query(sprintf('select messageid,min(firstclick) as firstclick,date_format(max(latestclick),
"%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s where url = "%s" and clicked group by messageid
', $GLOBALS['tables']['linktrack'], $urldata['url']));
$summary = array();
while ($row = Sql_Fetch_Array($req)) {
$msgsubj = Sql_Fetch_Row_query(sprintf('select subject from %s where id = %d', $GLOBALS['tables']['message'], $row['messageid']));
$element = $GLOBALS['I18N']->get('msg') . ' ' . $row['messageid'] . ': ' . substr($msgsubj[0], 0, 25);
# $element = sprintf('<a href="%s" target="_blank" class="url" title="%s">%s</a>',$row['url'],$row['url'],substr(str_replace('http://','',$row['url']),0,50));
# $total = Sql_Verbose_Query(sprintf('select count(*) as total from %s where messageid = %d and url = "%s"',
# $GLOBALS['tables']['linktrack'],$id,$row['url']));
$totalsent = Sql_Fetch_Array_Query(sprintf('select count(*) as total from %s where url = "%s"', $GLOBALS['tables']['linktrack'], $urldata['url']));
if (CLICKTRACK_SHOWDETAIL) {
$uniqueclicks = Sql_Fetch_Array_Query(sprintf('select count(distinct userid) as users from %s
where messageid = %d and url = "%s" and clicked', $GLOBALS['tables']['linktrack'], $row['messageid'], $urldata['url']));
}
$ls->addElement($element, PageUrl2('mclicks&id=' . $row['messageid']));
$ls->addColumn($element, $GLOBALS['I18N']->get('firstclick'), formatDateTime($row['firstclick'], 1));
$ls->addColumn($element, $GLOBALS['I18N']->get('latestclick'), $row['latestclick']);
$ls->addColumn($element, $GLOBALS['I18N']->get('clicks'), $row['numclicks']);
# $ls->addColumn($element,$GLOBALS['I18N']->get('sent'),$total['total']);
$perc = sprintf('%0.2f', $row['numclicks'] / $totalsent['total'] * 100);
$ls->addColumn($element, $GLOBALS['I18N']->get('clickrate'), $perc . '%');
if (CLICKTRACK_SHOWDETAIL) {
$ls->addColumn($element, $GLOBALS['I18N']->get('unique clicks'), $uniqueclicks['users']);
$perc = sprintf('%0.2f', $uniqueclicks['users'] / $totalsent['total'] * 100);
$ls->addColumn($element, $GLOBALS['I18N']->get('unique clickrate'), $perc . '%');
$summary['uniqueclicks'] += $uniqueclicks['users'];
}
$ls->addColumn($element, $GLOBALS['I18N']->get('who'), PageLink2('userclicks&msgid=' . $row['messageid'] . '&linkid=' . $id, $GLOBALS['I18N']->get('view users')));
function repeatMessage($msgid)
{
# if (!USE_REPETITION && !USE_RSS) return;
# get the future embargo, either "repeat" minutes after the old embargo
# or "repeat" after this very moment to make sure that we're not sending the
# message every time running the queue when there's no embargo set.
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo,
date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid));
if (!$msgdata["id"] || !$msgdata["repeatinterval"]) {
return;
}
# copy the new message
Sql_Query(sprintf('
insert into %s (entered) values(now())', $GLOBALS["tables"]["message"]));
$id = Sql_Insert_id();
require dirname(__FILE__) . '/structure.php';
if (!is_array($DBstruct["message"])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct["message"] as $column => $rec) {
if ($column != "id" && $column != "entered" && $column != "sendstart") {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id));
}
}
$req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid));
while ($row = Sql_Fetch_Array($req)) {
Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $GLOBALS['tables']['messagedata'], $row['name'], $id, addslashes($row['data'])));
}
# check whether the new embargo is not on an exclusion
if (is_array($GLOBALS["repeat_exclude"])) {
$repeatinterval = $msgdata["repeatinterval"];
$loopcnt = 0;
while (excludedDateForRepetition($msgdata["newembargo"])) {
$repeatinterval += $msgdata["repeatinterval"];
$loopcnt++;
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo,
date_add(now(),interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid));
if ($loopcnt > 15) {
logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}");
return;
}
}
}
# correct some values
if (!$msgdata["isfuture"]) {
$msgdata["newembargo"] = $msgdata["newembargo2"];
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id));
// bug 0009687: maybe add "ashtml","astextandhtml" and put them in ashtml?
foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"]));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row["remotefile"])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row["filename"] = "";
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"]));
$attid = Sql_Insert_id();
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled as message {$id}");
}
function repeatMessage($msgid)
{
# if (!USE_REPETITION && !USE_rss) return;
$data = loadMessageData($msgid);
## do not repeat when it has already been done
if (!empty($data['repeatedid'])) {
return;
}
# get the future embargo, either "repeat" minutes after the old embargo
# or "repeat" after this very moment to make sure that we're not sending the
# message every time running the queue when there's no embargo set.
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo,
date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid));
if (!$msgdata["id"] || !$msgdata["repeatinterval"]) {
return;
}
# copy the new message
$query = ' insert into ' . $GLOBALS['tables']['message'] . ' (entered)' . ' values' . ' (current_timestamp)';
Sql_Query($query);
$newid = Sql_Insert_Id($GLOBALS['tables']['message'], 'id');
require dirname(__FILE__) . '/structure.php';
if (!is_array($DBstruct["message"])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct["message"] as $column => $rec) {
if ($column != "id" && $column != "entered" && $column != "sendstart") {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $newid));
}
}
$req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid));
while ($row = Sql_Fetch_Array($req)) {
setMessageData($newid, $row['name'], $row['data']);
}
# check whether the new embargo is not on an exclusion
if (isset($GLOBALS["repeat_exclude"]) && is_array($GLOBALS["repeat_exclude"])) {
$repeatinterval = $msgdata["repeatinterval"];
$loopcnt = 0;
while (excludedDateForRepetition($msgdata["newembargo"])) {
$repeat += $msgdata["repeatinterval"];
$loopcnt++;
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo,
date_add(current_timestamp,interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > current_timestamp as isfuture
from %s where id = %d and repeatuntil > current_timestamp', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid));
if ($loopcnt > 15) {
logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}");
return;
}
}
}
# correct some values
if (!$msgdata["isfuture"]) {
$msgdata["newembargo"] = $msgdata["newembargo2"];
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $newid));
list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata["newembargo"], '%04d-%02d-%02d %02d:%02d:%02d');
unset($e['second']);
setMessageData($newid, 'embargo', $e);
foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $newid));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,current_timestamp)', $GLOBALS["tables"]["listmessage"], $newid, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"]));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row["remotefile"])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row["filename"] = "";
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"]));
$attid = Sql_Insert_Id($GLOBALS['tables']['attachment'], 'id');
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $newid, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled as message {$newid}");
## remember we duplicated, in order to avoid doing it again (eg when requeuing)
setMessageData($msgid, 'repeatedid', $newid);
}
$summary['totalsent'] = 0;
$summary['totalclicks'] = 0;
$summary['uniqueclicks'] = 0;
while ($row = Sql_Fetch_Array($req)) {
$msgsubj = Sql_Fetch_Row_query(sprintf('select subject from %s where id = %d', $GLOBALS['tables']['message'], $row['messageid']));
if (!$download) {
$element = '<!-- ' . $row['messageid'] . '-->' . shortenTextDisplay($msgsubj[0], 30);
} else {
$element = '<!-- ' . $row['messageid'] . '-->' . $msgsubj[0];
}
# $element = $GLOBALS['I18N']->get('msg').' '.$row['messageid'].': '.substr($msgsubj[0],0,25). '...';
# $element = sprintf('<a href="%s" target="_blank" class="url" title="%s">%s</a>',$row['url'],$row['url'],substr(str_replace('http://','',$row['url']),0,50));
# $total = Sql_Verbose_Query(sprintf('select count(*) as total from %s where messageid = %d and url = "%s"',
# $GLOBALS['tables']['linktrack'],$id,$row['url']));
# if (CLICKTRACK_SHOWDETAIL) {
$uniqueclicks = Sql_Fetch_Array_Query(sprintf('select count(distinct userid) as users from %s
where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_uml_click'], $row['messageid'], $id));
# }
$ls->addElement($element, PageUrl2('mclicks&id=' . $row['messageid']));
$ls->setClass($element, 'row1');
$ls->addColumn($element, $GLOBALS['I18N']->get('firstclick'), formatDateTime($row['firstclick'], 1));
$ls->addColumn($element, $GLOBALS['I18N']->get('latestclick'), $row['latestclick']);
$ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('sent') . ': ' . $row['total'] . '</div>', '');
# $ls->addColumn($element,$GLOBALS['I18N']->get('clicks'),$row['clicked'].'<span class="viewusers"><a class="button" href="'.PageUrl2('userclicks&msgid='.$row['messageid'].'&fwdid='.$id.'" title="'.$GLOBALS['I18N']->get('view users').'"></a></span>'));
# $perc = sprintf('%0.2f',($row['clicked'] / $row['total'] * 100));
# $ls->addColumn($element,$GLOBALS['I18N']->get('clickrate'),$perc.'%');
$summary['totalsent'] += $row['total'];
# if (CLICKTRACK_SHOWDETAIL) {
$ls->addColumn($element, $GLOBALS['I18N']->get('clicks'), $uniqueclicks['users'] . '<span class="viewusers"><a class="button" href="' . PageUrl2('userclicks&msgid=' . $row['messageid'] . '&fwdid=' . $id) . '" title="' . s('view subscribers who clicked') . '"></a></span>');
$perc = sprintf('%0.2f', $uniqueclicks['users'] / $row['total'] * 100);
$ls->addColumn($element, $GLOBALS['I18N']->get('click rate'), $perc . '%');
$summary['uniqueclicks'] += $uniqueclicks['users'];
while ($row = Sql_Fetch_Array($req)) {
print PageLink2('editelements&id=' . $row['form'] . '&option="edit_elements"&pi="formbuilder"', 'form ' . $row['form'] . '') . "<br/>\n";
}
}
}
} elseif (isset($_POST['tagaction']['merge'])) {
$first = array_shift($_POST['tag']);
$firstdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['attribute'], $first));
$first = $firstdata['id'];
if (!count($_POST['tag'])) {
print Error(s('cannot merge just one attribute'));
} else {
$cbg_initiated = 0;
foreach ($_POST['tag'] as $attid) {
print s('Merging %s into %d', htmlspecialchars($attid), htmlspecialchars($first)) . '<br/>';
$attdata = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['attribute'], $attid));
if ($attdata['type'] != $firstdata['type']) {
print Error($GLOBALS['I18N']->get('Can only merge attributes of the same type'));
} else {
# debugging: check values for every user. This is very memory demanding, so you'll need to
# add loads of memory to actually use it.
/*
$before = array();
$second = array();
$after = array();
$req = Sql_Query(sprintf('select * from %s where attributeid = %d',$tables["user_attribute"],$first));
while ($row = Sql_Fetch_Array($req)) {
$before[$row["userid"]] = $row["value"];
}
$req = Sql_Query(sprintf('select * from %s where attributeid = %d',$tables["user_attribute"],$attid));
while ($row = Sql_Fetch_Array($req)) {
function getConfig($name)
{
# read a value from the general config to be retrieved at a later stage
# parameters: name -> name of the variable
# returns value
if (isset($_SESSION['config'][$this->name . '-' . addslashes($name)])) {
return $_SESSION['config'][$this->name . '-' . addslashes($name)];
}
$req = Sql_Fetch_Array_Query(sprintf('select value from %s where item = "%s-%s"', $GLOBALS['tables']['config'], $this->name, addslashes($name)));
$result = stripslashes($req[0]);
if (!empty($result) && strpos('SER:', $result) == 1) {
$result = substr($result, 4);
$value = unserialize($result);
} else {
$value = $result;
}
$_SESSION['config'][$this->name . '-' . addslashes($name)] = $value;
return $result;
}
Sql_query(sprintf('replace into %s (attributeid,userid,value) values("%s","%s","%s")', $GLOBALS["tables"]["user_attribute"], $attribute["id"], $userid, $value));
if ($attribute["type"] != "hidden") {
$datachange .= strip_tags($attribute["name"]) . " : ";
if ($attribute["type"] == "checkbox") {
$datachange .= $value ? $strYes : $strNo;
} elseif ($attribute["type"] != "date" && $attribute["type"] != "textline" && $attribute["type"] != "textarea") {
$datachange .= AttributeValue($attribute["tablename"], $value);
} else {
$datachange .= stripslashes($value);
}
$datachange .= "\n";
}
}
}
}
$current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS["tables"]["user"], $userid));
$current_data = array_merge($current_data, getUserAttributeValues('', $userid));
foreach ($current_data as $key => $val) {
if (!is_numeric($key)) {
if ($old_data[$key] != $val && $key != "password" && $key != "modified") {
$information_changed = 1;
$history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n";
}
}
}
if (!$information_changed) {
$history_entry .= "\nNo user system details changed";
}
$history_entry .= "\n\nList Membership: \n{$lists}\n";
$message = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("updatemessage", $userid));
$message = ereg_replace('\\[USERDATA\\]', $datachange, $message);
}
$findtables = '';
$findbyselect = '';
$findfield = '';
$findfieldname = '';
$find_url = '';
# hmm interesting, if they select a findby but not a find, use the Sql wildcard:
if ($findby && !$find) {
# this is very slow, so instead erase the findby.
# $find = '%';
$findby = '';
}
$system_findby = array('email', 'foreignkey', 'uniqid');
if ($findby && $find && !in_array($findby, $system_findby)) {
$find_url = '&find=' . urlencode($find) . '&findby=' . urlencode($findby);
$findatt = Sql_Fetch_Array_Query(sprintf('select id,tablename,type,name from %s where id = %d', $tables['attribute'], $findby));
switch ($findatt['type']) {
case 'textline':
case 'hidden':
$findtables = ',' . $tables['user_attribute'];
$findbyselect = sprintf(' %s.userid = %s.id and
%s.attributeid = %d and %s.value like "%%%s%%"', $tables['user_attribute'], $tables['user'], $tables['user_attribute'], $findby, $tables['user_attribute'], sql_escape($find));
$findfield = $tables['user_attribute'] . '.value as display, ' . $tables['user'] . '.bouncecount';
$findfieldname = $findatt['name'];
break;
case 'select':
case 'radio':
$findtables = ',' . $tables['user_attribute'] . ',' . $table_prefix . 'listattr_' . $findatt['tablename'];
$findbyselect = sprintf(' %s.userid = %s.id and
%s.attributeid = %d and %s.value = %s.id and
%s.name like "%%%s%%"', $tables['user_attribute'], $tables['user'], $tables['user_attribute'], $findby, $tables['user_attribute'], $table_prefix . 'listattr_' . $findatt['tablename'], $table_prefix . 'listattr_' . $findatt['tablename'], sql_escape($find));
function forwardPage($id)
{
global $tables, $envelope;
$html = '';
$subtitle = '';
if (!isset($_GET["uid"]) || !$_GET['uid']) {
FileNotFound();
}
$forwardemail = '';
if (isset($_GET['email'])) {
$forwardemail = $_GET['email'];
}
$mid = 0;
if (isset($_GET['mid'])) {
$mid = sprintf('%d', $_GET['mid']);
$req = Sql_Query(sprintf('select * from %s where id = %d', $tables["message"], $mid));
$messagedata = Sql_Fetch_Array($req);
$mid = $messagedata['id'];
if ($mid) {
$subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
}
}
$req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_GET["uid"] . "\"");
$userdata = Sql_Fetch_Array($req);
$req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user"], $forwardemail));
$forwarduserdata = Sql_Fetch_Array($req);
if ($userdata["id"] && $mid) {
if (!is_email($forwardemail)) {
$info = $GLOBALS['strForwardEnterEmail'];
$html .= '<form method="get">';
$html .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
$html .= sprintf('<input type=hidden name="id" value="%d">', $id);
$html .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
$html .= sprintf('<input type=hidden name="p" value="forward">');
$html .= sprintf('<input type=text name="email" value="%s" size=35 class="attributeinput">', $forwardemail);
$html .= sprintf('<input type=submit value="%s"></form>', $GLOBALS['strContinue']);
} else {
# check whether the email to forward exists and whether they have received the message
if ($forwarduserdata['id']) {
$sent = Sql_Fetch_Row_Query(sprintf('select entered from %s where userid = %d and messageid = %d', $tables['usermessage'], $forwarduserdata['id'], $mid));
# however even if that's the case, we don't want to reveal this information
}
$done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $forwardemail, $mid));
if ($done['status'] === 'sent') {
$info = $GLOBALS['strForwardAlreadyDone'];
} else {
if (!TEST) {
# forward the message
require 'admin/sendemaillib.php';
# sendEmail will take care of blacklisting
if (sendEmail($mid, $forwardemail, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
$info = $GLOBALS["strForwardSuccessInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " has forwarded a message {$mid} to {$forwardemail}");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail));
} else {
$info = $GLOBALS["strForwardFailInfo"];
sendAdminCopy("Message Forwarded", $userdata["email"] . " tried forwarding a message {$mid} to {$forwardemail} but failed");
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $forwardemail));
}
}
}
}
} else {
logEvent("Forward request from invalid user ID: " . substr($_GET["uid"], 0, 150));
$info = $GLOBALS["strForwardFailInfo"];
}
$data = PageData($id);
if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . $data['language_file'])) {
@(include dirname(__FILE__) . '/texts/' . $data['language_file']);
}
$res = '<title>' . $GLOBALS["strForwardTitle"] . '</title>';
$res .= $data["header"];
$res .= '<h1>' . $subtitle . '</h1>';
$res .= '<h2>' . $info . '</h2>';
$res .= $html;
$res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>';
$res .= $data["footer"];
return $res;
}
function loadUser($loginname = "") {
dbg("Loading User");
if (!Sql_Table_exists("user")) return;
initialiseUserSession();
if (!$loginname) {
if ($_SESSION["userloggedin"] != "" && $_SESSION["username"] != "") {
$loginname = $_SESSION["username"];
} else {
return "";
}
}
$att_req = Sql_Query(sprintf('select attribute.id,
%s.name,%s.type,
%s.value,%s.tablename from %s,%s,%s
where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid',
"attribute",
"attribute",
"user_attribute",
"attribute",
"user",
"user_attribute",
"attribute",
"user_attribute",
"user",
"user",
$loginname,
"attribute",
"user_attribute"
));
while ($att = Sql_fetch_array($att_req)) {
# if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) {
$_SESSION["userdata"]["attribute".$att["id"]] = array(
"name" => $att["name"],
"value" => $att["value"],
"type" => $att["type"],
"attid" => $att["id"]
);
switch ($att["type"]) {
case "textline":
case "hidden":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
$att["value"];
break;
case "creditcardno":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
obscureCreditCard($att["value"]);
break;
case "select":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
AttributeValue($att["tablename"],$att["value"]);
break;
}
# }
}
$d_req = Sql_Fetch_Array_Query("select * from user where email = \"$loginname\"");
$_SESSION["userid"] = $d_req["id"];
foreach (array("email","disabled","confirmed","htmlemail","uniqid") as $field) {
# if (!defined($_SESSION["userdata"][$field])) {
$_SESSION["userdata"][$field] = array(
"name" => $field,
"value" => $d_req[$field],
"type" => "static",
"displayvalue" => $d_req[$field]
);
# }
}
dbg("done loading user");
$_SESSION["groups"] = userGroups($loginname);
return 1;
}
function forwardPage($id)
{
global $tables;
$ok = true;
$subtitle = '';
$info = '';
$html = '';
$form = '';
$personalNote = '';
## Check requirements
# message
$mid = 0;
if (isset($_REQUEST['mid'])) {
$mid = sprintf('%d', $_REQUEST['mid']);
$messagedata = loadMessageData($mid);
$mid = $messagedata['id'];
if ($mid) {
$subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
}
}
#mid set
# user
if (!isset($_REQUEST['uid']) || !$_REQUEST['uid']) {
FileNotFound();
}
## get userdata
$req = Sql_Query(sprintf('select * from %s where uniqid = "%s"', $tables['user'], sql_escape($_REQUEST['uid'])));
$userdata = Sql_Fetch_Array($req);
## verify that this subscriber actually received this message to forward, otherwise they're not allowed
$allowed = Sql_Fetch_Row_Query(sprintf('select userid from %s where userid = %d and messageid = %d', $GLOBALS['tables']['usermessage'], $userdata['id'], $mid));
if (empty($userdata['id']) || $allowed[0] != $userdata['id']) {
## when sending a test email as an admin, the entry isn't there yet
if (empty($_SESSION['adminloggedin']) || $_SESSION['adminloggedin'] != $_SERVER['REMOTE_ADDR']) {
FileNotFound('<br/><i>' . $GLOBALS['I18N']->get('When testing the phpList forward functionality, you need to be logged in as an administrator.') . '</i><br/>');
}
}
$firstpage = 1;
## is this the initial page or a followup
# forward addresses
$forwardemail = '';
if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) {
$firstpage = 0;
$forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id']));
$forwardemail = stripslashes($_REQUEST['email']);
$emails = explode("\n", $forwardemail);
$emails = trimArray($emails);
$forwardemail = implode("\n", $emails);
#0011860: forward to friend, multiple emails
$emailCount = $forwardPeriodCount[0];
foreach ($emails as $index => $email) {
$emails[$index] = trim($email);
if (is_email($email)) {
++$emailCount;
} else {
$info .= sprintf('<br />' . $GLOBALS['strForwardInvalidEmail'], $email);
$ok = false;
}
}
if ($emailCount > FORWARD_EMAIL_COUNT) {
$info .= '<br />' . $GLOBALS['strForwardCountReached'];
$ok = false;
}
} else {
$ok = false;
}
#0011996: forward to friend - personal message
# text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max
if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) {
if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) {
$info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached'];
$ok = false;
}
$personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote'])));
$userdata['personalNote'] = $personalNote;
}
if ($userdata['id'] && $mid) {
if ($ok && count($emails)) {
## All is well, send it
require_once 'admin/sendemaillib.php';
#0013845 Lead Ref Scheme
if (FORWARD_FRIEND_COUNT_ATTRIBUTE) {
$iCountFriends = FORWARD_FRIEND_COUNT_ATTRIBUTE;
} else {
$iCountFriends = 0;
}
if ($iCountFriends) {
$nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends));
}
## remember the lists for this message in order to notify only those admins
## that own them
$messagelists = array();
$messagelistsreq = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $mid));
while ($row = Sql_Fetch_Row($messagelistsreq)) {
array_push($messagelists, $row[0]);
}
foreach ($emails as $index => $email) {
#0011860: forward to friend, multiple emails
$done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid));
$info .= '<br />' . $email . ': ';
if ($done['status'] === 'sent') {
$info .= $GLOBALS['strForwardAlreadyDone'];
} elseif (isBlackListed($email)) {
$info .= $GLOBALS['strForwardBlacklistedEmail'];
} else {
if (!TEST) {
# forward the message
# sendEmail will take care of blacklisting
### CHECK $email vs $forwardemail
if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
$info .= $GLOBALS['strForwardSuccessInfo'];
sendAdminCopy(s('Message Forwarded'), s('%s has forwarded message %d to %s', $userdata['email'], $mid, $email), $messagelists);
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
if ($iCountFriends) {
++$nFriends;
}
} else {
$info .= $GLOBALS['strForwardFailInfo'];
sendAdminCopy(s('Message Forwarded'), s('%s tried forwarding message %d to %s but failed', $userdata['email'], $mid, $email), $messagelists);
Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
$ok = false;
}
}
}
}
# foreach friend
if ($iCountFriends) {
saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends));
}
}
#ok & emails
} else {
# no valid sender
logEvent(s('Forward request from invalid user ID: %s', substr($_REQUEST['uid'], 0, 150)));
$info .= '<BR />' . $GLOBALS['strForwardFailInfo'];
$ok = false;
}
/*
$data = PageData($id);
if (isset($data['language_file']) && is_file(dirname(__FILE__).'/texts/'.basename($data['language_file']))) {
@include dirname(__FILE__).'/texts/'.basename($data['language_file']);
}
*/
## BAS Multiple Forward
## build response page
$form = '<form method="post" action="">';
$form .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
$form .= sprintf('<input type=hidden name="id" value="%d">', $id);
$form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
$form .= sprintf('<input type=hidden name="p" value="forward">');
if (!$ok) {
#0011860: forward to friend, multiple emails
if (FORWARD_EMAIL_COUNT == 1) {
$form .= '<br /><h2>' . $GLOBALS['strForwardEnterEmail'] . '</h2>';
$form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail);
} else {
$form .= '<br /><h2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</h2>';
$form .= sprintf('<textarea name="email" rows="10" cols="50" class="attributeinput">%s</textarea>', $forwardemail);
}
#0011996: forward to friend - personal message
if (FORWARD_PERSONAL_NOTE_SIZE) {
$form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</h2>', FORWARD_PERSONAL_NOTE_SIZE);
$cols = 50;
$rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40));
$form .= sprintf('<br/><textarea type="text" name="personalNote" rows="%d" cols="%d" class="attributeinput">%s</textarea>', $rows, $cols, $personalNote);
}
$form .= sprintf('<br /><input type="submit" value="%s"></form>', $GLOBALS['strContinue']);
}
### END BAS
### Michiel, remote response page
$remote_content = '';
if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) {
if (isset($regs[1]) && strlen($regs[1])) {
$url = $regs[1];
if (!preg_match('/^http/i', $url)) {
$url = 'http://' . $url;
}
$remote_content = fetchUrl($url);
}
}
if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) {
if ($firstpage) {
## this is the initial page, not a follow up one.
$remote_content = str_replace($regs[0], $info . $form, $remote_content);
} else {
$remote_content = str_replace($regs[0], $info, $remote_content);
}
$res = $remote_content;
} else {
$res = '<title>' . $GLOBALS['strForwardTitle'] . '</title>';
$res .= $GLOBALS['pagedata']['header'];
$res .= '<h3>' . $subtitle . '</h3>';
if ($ok) {
$res .= '<h4>' . $info . '</h4>';
} elseif (!empty($info)) {
$res .= '<div class="error missing">' . $info . '</div>';
}
$res .= $form;
$res .= '<p>' . $GLOBALS['PoweredBy'] . '</p>';
$res .= $GLOBALS['pagedata']['footer'];
}
### END MICHIEL
return $res;
}
}
$access = accessLevel('userclicks');
switch ($access) {
case 'owner':
case 'all':
$subselect = '';
break;
case 'none':
default:
print $GLOBALS['I18N']->get('You do not have access to this page');
return;
break;
}
$ls = new WebblerListing($GLOBALS['I18N']->get('User Click Statistics'));
if ($linkid) {
$urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where linkid = %d', $GLOBALS['tables']['linktrack'], $linkid));
}
if ($msgid) {
$messagedata = Sql_Fetch_Array_query("SELECT * FROM {$tables['message']} where id = {$msgid} {$subselect}");
}
if ($userid) {
$userdata = Sql_Fetch_Array_query("SELECT * FROM {$tables['user']} where id = {$userid} {$subselect}");
}
if ($linkid && $msgid) {
print '<h1>' . $GLOBALS['I18N']->get('User Click Details for a URL in a message');
print ' ' . PageLink2('uclicks&id=' . $linkid, $urldata['url']);
print '</h1>';
print '<table>
<tr><td>' . $GLOBALS['I18N']->get('Subject') . '<td><td>' . PageLink2('mclicks&id=' . $msgid, $messagedata['subject']) . '</td></tr>
<tr><td>' . $GLOBALS['I18N']->get('Entered') . '<td><td>' . $messagedata['entered'] . '</td></tr>
<tr><td>' . $GLOBALS['I18N']->get('Sent') . '<td><td>' . $messagedata['sent'] . '</td></tr>
++$additional_emails;
}
} else {
## mark blacklisted, just in case ##17288
Sql_Query(sprintf('update %s set blacklisted = 1 where id = %d', $tables['user'], $userid));
++$foundBlacklisted;
}
$subscribemessage = str_replace('[LISTS]', $listoflists, getUserConfig('subscribemessage', $userid));
if (!TEST && $importdata['notify'] == 'yes' && $addition) {
sendMail($email, getConfig('subscribesubject'), $subscribemessage, system_messageheaders(), $envelope);
if ($throttle_import) {
sleep($throttle_import);
}
}
# history stuff
$current_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables['user'], $userid));
$current_data = array_merge($current_data, getUserAttributeValues('', $userid));
foreach ($current_data as $key => $val) {
if (!is_numeric($key)) {
if (isset($old_data[$key]) && $old_data[$key] != $val && $key != 'modified') {
$history_entry .= "{$key} = {$val}\nchanged from {$old_data[$key]}\n";
}
}
}
if (!$history_entry) {
$history_entry = "\n" . $GLOBALS['I18N']->get('No data changed');
}
# check lists
$listmembership = array();
$req = Sql_Query("select * from {$tables['listuser']} where userid = {$userid}");
while ($row = Sql_Fetch_Array($req)) {
} else {
$ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('date') . ': ' . $GLOBALS['I18N']->get('in progress') . '</div>', '');
}
$ls->addColumn($element, $GLOBALS['I18N']->get('sent'), $row['total']);
# $ls->addColumn($element,$GLOBALS['I18N']->get('bounced'),$row['bounced']);
$ls->addColumn($element, $GLOBALS['I18N']->get('views'), $row['views'], $row['views'] ? PageURL2('mviews&id=' . $row['messageid']) : '');
$openrate = sprintf('%0.2f', $row['views'] / $row['total'] * 100);
$ls->addColumn($element, $GLOBALS['I18N']->get('rate'), $openrate . ' %');
/*
$bouncerate = sprintf('%0.2f',($row['bounced'] / $row['total'] * 100));
$ls->addColumn($element,$GLOBALS['I18N']->get('bounce rate'),$bouncerate.' %');
*/
}
if ($addcomparison) {
$total = Sql_Fetch_Array_Query(sprintf('select count(entered) as total from %s um where um.status = "sent"', $GLOBALS['tables']['usermessage']));
$viewed = Sql_Fetch_Array_Query(sprintf('select count(viewed) as viewed from %s um where um.status = "sent"', $GLOBALS['tables']['usermessage']));
$overall = $GLOBALS['I18N']->get('Comparison to other admins');
$ls->addElement($overall);
$ls->addColumn($overall, $GLOBALS['I18N']->get('views'), $viewed['viewed']);
$perc = sprintf('%0.2f', $viewed['viewed'] / $total['total'] * 100);
$ls->addColumn($overall, $GLOBALS['I18N']->get('rate'), $perc . ' %');
}
if ($download) {
ob_end_clean();
print $ls->tabDelimited();
}
print $ls->display();
return;
}
if ($download) {
ob_end_clean();
<?php
# view prepared message
require_once dirname(__FILE__) . '/accesscheck.php';
ob_end_clean();
$id = sprintf('%d', $_GET['id']);
if (!$id) {
return "";
}
$message = Sql_Fetch_Array_Query("select * from {$tables["message"]} where status = 'prepared' and id = " . $id);
if ($message["htmlformatted"]) {
$content = stripslashes($message["message"]);
} else {
$content = nl2br(stripslashes($message["message"]));
}
if ($message["template"]) {
print previewTemplate($message["template"], $_SESSION["logindetails"]["id"], $content, $message["footer"]);
} else {
print nl2br($content . "\n\n" . $message["footer"]);
}
exit;
