public function __construct($db) { parent::__construct('MessageStatistics'); $this->messageDAO = new MessageStatisticsPlugin_DAO_Message($db); $this->listDAO = new MessageStatisticsPlugin_DAO_List($db); $this->attributeDAO = new CommonPlugin_DAO_Attribute($db); $this->attributes = $this->attributeDAO->attributesById(); $this->access = accessLevel('mviews'); $this->owner = $this->access == 'owner' ? $_SESSION['logindetails']['id'] : ''; $this->verifySelectedAttributes(); }
function listPath($path) { global $config; $path = fixPath($path); $path = rtrim($path, '/'); if (accessLevel($path) < 1) { return array('type' => 'nope', 'path' => $path); } if (is_dir($config['files'] . $path)) { return listDir($path); } if (is_file($config['files'] . $path)) { return listFile($path); } return list404(); }
<?php # click stats per message require_once dirname(__FILE__) . '/accesscheck.php'; if (isset($_GET['id'])) { $id = sprintf('%d', $_GET['id']); } else { $id = 0; } if (isset($_GET['start'])) { $start = sprintf('%d', $_GET['start']); } else { $start = 0; } $addcomparison = 0; $access = accessLevel('mviews'); #print "Access level: $access"; switch ($access) { case 'owner': $subselect = ' and owner = ' . $_SESSION["logindetails"]["id"]; if ($id) { $allow = Sql_Fetch_Row_query(sprintf('select owner from %s where id = %d %s', $GLOBALS['tables']['message'], $id, $subselect)); if ($allow[0] != $_SESSION["logindetails"]["id"]) { print $GLOBALS['I18N']->get('You do not have access to this page'); return; } } $addcomparison = 1; break; case 'all': $subselect = '';
} if (isset($_GET['linkid'])) { $linkid = sprintf('%d', $_GET['linkid']); } else { $linkid = 0; } if (isset($_GET['userid'])) { $userid = sprintf('%d', $_GET['userid']); } else { $userid = 0; } if (!$msgid && !$linkid && !$userid) { print $GLOBALS['I18N']->get('Invalid Request'); return; } $access = accessLevel('userclicks'); switch ($access) { case 'owner': case 'all': $subselect = ''; break; case 'none': default: print $GLOBALS['I18N']->get('You do not have access to this page'); return; break; } $ls = new WebblerListing($GLOBALS['I18N']->get('User Click Statistics')); if ($linkid) { $urldata = Sql_Fetch_Array_Query(sprintf('select url from %s where linkid = %d', $GLOBALS['tables']['linktrack'], $linkid)); }
$findfield = $table_prefix . 'listattr_' . $findatt['tablename'] . '.name as display, ' . $tables['user'] . '.bouncecount'; $findfieldname = $findatt['name']; break; } } else { $findtables = ''; $findbyselect = sprintf(' %s like "%%%s%%"', $findby, sql_escape($find)); $findfield = $tables['user'] . '.bouncecount,' . $tables['user'] . '.foreignkey'; $findfieldname = 'Email'; $find_url = '&find=' . urlencode($find); } if (empty($findfield)) { $findfield = 'email'; } if ($require_login && !isSuperUser()) { $access = accessLevel('users'); switch ($access) { case 'owner': $table_list = $tables['user'] . ',' . $tables['listuser'] . ',' . $tables['list'] . $findtables; $subselect = "{$tables['user']}.id = {$tables['listuser']}.userid and {$tables['listuser']}.listid = {$tables['list']}.id and {$tables['list']}.owner = " . $_SESSION['logindetails']['id']; if ($unconfirmed) { $subselect .= ' and !confirmed '; } if ($blacklisted) { $subselect .= ' and blacklisted '; } if ($find && $findbyselect) { $listquery = "select DISTINCT {$tables['user']}.email,{$tables['user']}.id,{$findfield},confirmed from " . $table_list . " where {$subselect} and {$findbyselect}"; $count = Sql_query("SELECT count(distinct {$tables['user']}.id) FROM " . $table_list . " where {$subselect} and {$findbyselect}"); $unconfirmedcount = Sql_query("SELECT count(distinct {$tables['user']}.id) FROM " . $table_list . " where {$subselect} and !confirmed and {$findbyselect}"); } else {
document.folderlist.elements[i].checked = isset; } } </script> <?php require_once dirname(__FILE__) . '/accesscheck.php'; if (!ALLOW_IMPORT) { print '<p class="information">' . $GLOBALS['I18N']->get('import is not available') . '</p>'; return; } ob_end_flush(); print '<p class="button">' . $GLOBALS['I18N']->get('Import emails from IMAP folders') . '</p>'; $email_header_fields = array("to", "from", "cc", "bcc", "reply_to", "sender", "return_path"); if ($require_login && !isSuperUser()) { $access = accessLevel("import3"); if ($access == "owner") { $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; } elseif ($access == "all") { $subselect = ""; } elseif ($access == "none") { $subselect = " where id = 0"; } } $result = Sql_query("SELECT id,name FROM " . $tables["list"] . " {$subselect} ORDER BY listorder"); while ($row = Sql_fetch_array($result)) { $available_lists[$row["id"]] = $row["name"]; $some = 1; } if (!$some) { echo $GLOBALS['I18N']->get('No lists available') . ", " . PageLink2("editlist", $GLOBALS['I18N']->get('Add a list'));
<?php require_once dirname(__FILE__) . '/accesscheck.php'; $access = accessLevel("send"); switch ($access) { case "owner": $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; $ownership = ' and owner = ' . $_SESSION["logindetails"]["id"]; break; case "all": $subselect = ""; $ownership = ''; break; case "none": default: $subselect = " where id = 0"; $ownership = " and id = 0"; break; } $some = 0; # handle commandline if ($GLOBALS["commandline"]) { $cline = parseCline(); reset($cline); if (!$cline || !is_array($cline) || !$cline["s"] || !$cline["l"]) { clineUsage("-s subject -l list [-f from] < message"); exit; } $listnames = explode(" ", $cline["l"]); $listids = array(); foreach ($listnames as $listname) {
<?php # click stats per url require_once dirname(__FILE__) . '/accesscheck.php'; if (isset($_GET['id'])) { $id = sprintf('%d', $_GET['id']); } else { $id = 0; } $some = 0; $access = accessLevel('uclicks'); switch ($access) { case 'owner': $select_tables = $GLOBALS['tables']['linktrack_ml'] . ' as ml, ' . $GLOBALS['tables']['message'] . ' as message, ' . $GLOBALS['tables']['linktrack_forward'] . ' as forward '; $owner_and = ' and message.id = ml.messageid and message.owner = ' . $_SESSION['logindetails']['id']; break; case 'all': $select_tables = $GLOBALS['tables']['linktrack_ml'] . ' as ml, ' . $GLOBALS['tables']['linktrack_forward'] . ' as forward '; $owner_and = ''; break; break; case 'none': default: print $GLOBALS['I18N']->get('You do not have access to this page'); return; break; } $download = !empty($_GET['dl']); if ($download) { ob_end_clean(); # header("Content-type: text/plain");
function PageURL2($name, $desc = "", $url = "", $no_plugin = false) { if (empty($name)) { return ''; } if ($url) { $url = "&" . $url; } $access = accessLevel($name); if ($access == "owner" || $access == "all" || $access == "view") { if (!$no_plugin && !preg_match("/&pi=/i", $name) && $_GET["pi"] && is_object($GLOBALS["plugins"][$_GET["pi"]])) { $pi = '&pi=' . $_GET["pi"]; } else { $pi = ""; } return sprintf('./?page=%s%s%s%s', $name, $url, $pi, addCsrfGetToken()); } else { return ''; } }
} print '<div class="actions"> ' . PageLinkButton('send&new=1' . $toList, s('Send a campaign')) . PageLinkButton('importsimple', s('Import some more emails')) . '</div>'; } if (!empty($rejectReport['invalid'])) { $report .= "\n\n" . s('Rejected email addresses') . ":\n"; $report .= $rejectReport['invalid']; } sendMail(getConfig("admin_address"), s('phplist Import Results'), $report); foreach ($GLOBALS['plugins'] as $pluginname => $plugin) { $plugin->importReport($report); } return; } if ($GLOBALS["require_login"] && !isSuperUser()) { $access = accessLevel("import1"); switch ($access) { case "owner": $subselectimp = " where owner = " . $_SESSION["logindetails"]["id"]; break; case "all": $subselectimp = ""; break; case "none": default: $subselectimp = " where id = 0"; break; } } if (isset($_GET['list'])) { $id = sprintf('%d', $_GET['list']);
} } function moveUser($userid) { global $tables; $newlist = $_GET["list"]; Sql_Query(sprintf('delete from %s where userid = %d', $tables["listuser"], $userid)); Sql_Query(sprintf('insert into %s (userid,listid,entered) values(%d,%d,current_timestamp)', $tables["listuser"], $userid, $newlist)); } function addUniqID($userid) { Sql_query(sprintf('update %s set uniqid = "%s" where id = %d', $GLOBALS["tables"]["user"], getUniqID(), $userid)); } if ($require_login && !isSuperUser() || !$require_login || isSuperUser()) { $action_result = ''; $access = accessLevel("reconcileusers"); switch ($access) { case "all": if (isset($_GET["option"]) && $_GET["option"]) { set_time_limit(600); switch ($_GET["option"]) { case "markallconfirmed": $list = sprintf('%d', $_GET["list"]); if ($list == 0) { $action_result .= $GLOBALS['I18N']->get("Marking all subscribers confirmed"); Sql_Query("update {$tables["user"]} set confirmed = 1"); } else { $action_result .= sprintf($GLOBALS['I18N']->get("Marking all subscribers on list %s confirmed"), ListName($list)); Sql_Query(sprintf('UPDATE %s, %s SET confirmed =1 WHERE %s.id = %s.userid AND %s.listid= %d', $tables['user'], $tables['listuser'], $tables['user'], $tables['listuser'], $tables['listuser'], $list)); } $total = Sql_Affected_Rows();
# click stats per message require_once dirname(__FILE__) . '/accesscheck.php'; if (isset($_GET['id'])) { $id = sprintf('%d', $_GET['id']); } else { $id = 0; } $start = 0; $limit = ' limit 10'; if (isset($_GET['start'])) { $start = sprintf('%d', $_GET['start']); $limit = ' limit ' . $start . ', 10'; } $addcomparison = 0; $access = accessLevel('statsoverview'); $ownership = ''; $subselect = ''; $paging = ''; #print "Access Level: $access"; switch ($access) { case 'owner': $ownership = sprintf(' and owner = %d ', $_SESSION['logindetails']['id']); if ($id) { $query = sprintf('select owner from %s where id = ? and owner = ?', $GLOBALS['tables']['message']); $rs = Sql_Query_Params($query, array($id, $_SESSION['logindetails']['id'])); $allow = Sql_Fetch_Row($rs); if ($allow[0] != $_SESSION["logindetails"]["id"]) { print $GLOBALS['I18N']->get('You do not have access to this page'); return; }
function musicLookup($type, $itemid) { mp3act_connect(); switch ($type) { case 'browse': $output = "<div class=\"head\">"; $output .= "<h2>Browse the Music Database</h2></div>"; $output .= "<p>"; $output .= "<strong>By Artist Beginning With</strong><br/>" . letters() . "<br/></p>\n"; $output .= "<p><strong>By Genre</strong><br/>\n"; $output .= genreForm() . "<br/><br/>\n"; $output .= "<input type='button' value='Browse All Albums' onclick=\"updateBox('all','All'); return false;\" class='btn2' />\n"; $output .= "</p>\n"; break; case 'search': $output = "<div class=\"head\">"; $output .= "<h2>Search the Music Database</h2></div>"; $output .= "<form onsubmit='return searchMusic(this)' method='get' action=''>\n"; $output .= "<p>\n\t\t\t\t<strong>Keywords</strong><br/>\n\t\t\t\t<input type='text' onfocus='this.select()' name='searchbox' size='35' id='searchbox' value='[enter your search terms]' />\n \t\t<br/><br/>\n \t\t<strong>Narrow Your Search</strong>\n \t\t<br/>\n \t\t<select name='search_options' size='1'>\n \t\t\t<option value='all'>All Fields</option>\n \t\t\t<option value='artists'>Artists</option>\n \t\t\t<option value='albums'>Albums</option>\n \t\t\t<option value='songs'>Songs</option>\n \t\t</select><br/><br/>\n \t\t<input type='submit' value='submit search' class='btn' /></form>"; $output .= "</p>\n"; break; case 'letter': if ($itemid == "#") { $query = "SELECT * FROM mp3act_artists \n WHERE artist_name \n LIKE '0%' \n OR artist_name LIKE '1%' \n OR artist_name LIKE '2%' \n OR artist_name LIKE '3%' \n OR artist_name LIKE '4%' \n OR artist_name LIKE '5%' \n OR artist_name LIKE '6%' \n OR artist_name LIKE '7%' \n OR artist_name LIKE '8%'\n OR artist_name LIKE '9%'\n ORDER BY artist_name"; } else { $query = "SELECT * FROM mp3act_artists\n WHERE artist_name LIKE '{$itemid}%'\n ORDER BY artist_name"; } $result = mysql_query($query); $output = "<div class=\"head\">"; $output .= "<h2>Artists Beginning with '" . strtoupper($itemid) . "'</h2></div>"; $output .= "<p>\n\t\t\t\t<strong>Artist Listing</strong></p>\n\t\t\t\t<ul>"; $count = 1; while ($row = mysql_fetch_array($result)) { $alt = getAlt($count); $output .= "<li {$alt}><a href=\"#\" onclick=\"updateBox('artist',{$row['artist_id']}); return false;\" title=\"View Albums for {$row['prefix']} {$row['artist_name']}\">{$row['prefix']} {$row['artist_name']}</a></li>\n"; $count++; } $output .= "</ul>\n"; break; case 'all': $output = "<div class=\"head\">"; //$output .= "<div class=\"right\"><a href='#' onclick=\"updateBox('all',$itemid-30); return false;\">Prev Page</a> <a href='#' onclick=\"updateBox('all',$itemid+30); return false;\">Next Page</a> </div>"; $output .= "<h2>All Albums</h2></div> "; $output .= "<p>\n\t\t\t\t<strong>Album Listing</strong></p>"; // $start = $itemid; $query = "SELECT mp3act_artists.artist_name,mp3act_artists.prefix,mp3act_albums.* FROM mp3act_albums,mp3act_artists WHERE mp3act_albums.artist_id=mp3act_artists.artist_id ORDER BY artist_name,album_name"; /* LIMIT $start,30"; */ $output = buildAlbumList($output, $query); break; case 'album': $query = "SELECT mp3act_albums.*,mp3act_artists.artist_name,mp3act_artists.prefix,COUNT(mp3act_songs.song_id) as tracks,SEC_TO_TIME(SUM(mp3act_songs.length)) as time FROM mp3act_albums,mp3act_artists,mp3act_songs WHERE mp3act_albums.album_id={$itemid} AND mp3act_albums.artist_id=mp3act_artists.artist_id AND mp3act_songs.album_id={$itemid} GROUP BY mp3act_songs.album_id"; $result = mysql_query($query); $row = mysql_fetch_array($result); $album_art = ''; if ($row['album_art'] == "") { $row['album_art'] = art_insert($row['album_id'], $row['artist_name'], $row['album_name']); if ($row['album_art'] != '') { $album_art = "<img onmouseover=\"showAlbumArt('block'); return false;\" onmouseout=\"showAlbumArt('none'); return false;\" src=\"art/{$row['album_art']}\" />\n"; } } elseif ($row['album_art'] != "fail") { $album_art = "<img onmouseover=\"showAlbumArt('block'); return false;\" onmouseout=\"showAlbumArt('none'); return false;\" src=\"art/{$row['album_art']}\" />\n"; } $output = "<div class=\"head\">"; $output .= "<div class=\"right\"><a href=\"#\" onclick=\"play('album'," . $row['album_id'] . "); return false;\" title=\"Play this Album Now\">play</a> <a href=\"#\" onclick=\"pladd('album',{$row['album_id']}); return false;\" title=\"Add Album to Current Playlist\">add</a> " . (getSystemSetting("downloads") == 1 || getSystemSetting("downloads") == 2 && accessLevel(5) ? "<a href=\"#\" onclick=\"newWindow('download',{$row['album_id']}); return false;\" title=\"Download this Album Now\">download</a>" : "") . "</div>"; $output .= "<h2>" . $row['album_name'] . "</h2>" . $row['prefix'] . " " . $row['artist_name'] . "</div>"; $output .= "<p>{$album_art}\n"; $output .= "\t<strong>Tracks:</strong> {$row['tracks']}<br/>\n"; $output .= $row['album_year'] != 0 ? "<strong>Year:</strong> " . $row['album_year'] . "<br/>\n" : ""; $output .= "\t<strong>Genre:</strong> <a href=\"#\" onclick=\"updateBox('genre','{$row['album_genre']}'); return false;\" title=\"View Artists from {$row['album_genre']} Genre\">{$row['album_genre']}</a><br/>\n"; $output .= "\t<strong>Play Time:</strong> {$row['time']}\n"; $output .= "\t<br/><br/>\n"; $output .= "\t<strong>Album Tracks</strong></p>\n"; $output .= "<img id='bigart' src=\"art/{$row['album_art']}\" />\n"; $query = "SELECT *,SEC_TO_TIME(length) as length FROM mp3act_songs WHERE album_id={$itemid} ORDER BY track"; $output = buildSongList($output, mysql_query($query)); break; case 'genre': $query = "SELECT mp3act_artists.artist_id,mp3act_artists.artist_name,mp3act_artists.prefix FROM mp3act_artists,mp3act_albums WHERE mp3act_albums.album_genre='{$itemid}' AND mp3act_artists.artist_id=mp3act_albums.artist_id GROUP BY mp3act_artists.artist_id ORDER BY mp3act_artists.artist_name"; $result = mysql_query($query); $row = mysql_fetch_array($result); $output = "<div class=\"head\">"; $output .= "<h2>Artists for Genre '{$itemid}'</h2></div>"; $output .= "<p>\n\t\t\t\t<strong>Artist Listing</strong></p>\n\t\t\t\t<ul>"; $result = mysql_query($query); $count = 1; while ($row = mysql_fetch_array($result)) { $alt = getAlt($count); $output .= "<li {$alt}><a href=\"#\" onclick=\"updateBox('artist',{$row['artist_id']}); return false;\" title=\"View Albums for {$row['artist_name']}\">{$row['prefix']} {$row['artist_name']}</a></li>\n"; $count++; } $output .= "</ul>\n"; break; case 'artist': $query = "SELECT artist_id,artist_name,prefix FROM mp3act_artists WHERE artist_id={$itemid}"; $result = mysql_query($query); $row = mysql_fetch_array($result); $output = "<div class=\"head\">"; $output .= "<h2>{$row['prefix']} {$row['artist_name']}</h2></div>"; $output .= "<p>\n"; $output .= "<strong>Album Listing</strong></p>\n"; $query = "SELECT mp3act_albums.* FROM mp3act_albums WHERE mp3act_albums.artist_id={$itemid} ORDER BY mp3act_albums.album_name"; $output = buildAlbumList($output, $query); break; case 'admin': $output = "<div class=\"head\">"; $output .= "<h2>Administration Panel</h2></div>"; $output .= "<p>\n"; $output .= "<strong>System Settings</strong><br/>\n"; $output .= "<a href='#' onclick=\"editSettings(0); return false;\" title='Edit System Systems'>Edit System Settings</a><br/>\n"; $output .= "</p>\n"; $output .= "<p>\n"; $output .= "<strong>Database Functions</strong><br/>\n"; $output .= "<a href='#' onclick=\"newWindow('add',0); return false;\" title='Add Music to the Database'>Add New Music to the Database</a><br/>\n"; $output .= "<a href='#' onclick=\"clearDB(); return false;\" title='Clear out the Database'>Clear Out the Music Database and Play History</a><br/>\n"; $output .= "</p>"; $output .= "<p>\n"; $output .= "<strong>User Functions</strong><br/>\n"; $output .= "<a href='#' onclick=\"adminEditUsers(0,'',''); return false;\" title='Edit User Permissions'>Edit User Accounts</a><br/>\n"; $output .= "<a href='#' onclick=\"adminAddUser(0); return false;\" title='Add New User Account'>Add New User Account</a><br/>\n"; $output .= "</p>"; if (getSystemSetting("invite_mode") == 1) { $output .= "<form onsubmit='return sendInvite(this)' method='get' action=''>\n"; $output .= "<p id='invite'>"; $output .= "<br/><strong>Send an Invitation for Registration<br/>\n"; $output .= "<input type='text' onfocus='this.select()' name='email' id='email' value='Enter Email Address of Recipient' size='32' /><br/>\n"; $output .= "<br/><input type='submit' value='send invite' class='btn' /></form>"; $output .= "</p>"; } break; case 'prefs': $query = "SELECT DATE_FORMAT(mp3act_users.date_created,'%M %D, %Y') as date_created FROM mp3act_users WHERE mp3act_users.user_id={$_SESSION['sess_userid']}"; $query2 = "SELECT COUNT(play_id) as playcount FROM mp3act_playhistory WHERE user_id={$_SESSION['sess_userid']} GROUP BY user_id"; $result = mysql_query($query); $result2 = mysql_query($query2); $row = mysql_fetch_array($result); $row2 = mysql_fetch_array($result2); if (mysql_num_rows($result2) == 0) { $row2['playcount'] = 0; } $dayssince = (time() - strtotime($row['date_created'])) / (60 * 60 * 24); $output = "<div class=\"head\">"; $output .= "<h2>{$_SESSION['sess_firstname']} {$_SESSION['sess_lastname']}'s Account ({$_SESSION['sess_username']})</h2></div>"; $output .= "<p>\n"; $output .= "<strong>Date Joined:</strong> {$row['date_created']}<br/>\n"; $output .= "<strong>Songs Played:</strong> {$row2['playcount']}<br/>\n"; $output .= "<strong>Daily Average:</strong> " . round($row2['playcount'] / $dayssince, 2) . " songs/day<br/><br/>\n"; $output .= "<a href='#' onclick=\"editUser('info',0); return false;\" >Edit User Info</a><br/>"; $output .= "<a href='#' onclick=\"editUser('settings',0); return false;\" >Edit User Settings</a><br/>"; $output .= "<a href='#' onclick=\"editUser('pass',0); return false;\" >Change Password</a><br/>"; $output .= "</p>"; break; case 'random': $output = "<div class=\"head\">"; $output .= "<h2>Random Mix Maker</h2></div>"; $output .= "<form onsubmit='return randPlay(this)' method='get' action=''>\n<p>"; if ($_SESSION['sess_playmode'] == "streaming") { $output .= "<strong>Number of Songs</strong><br/>\n\n\t\t\t\t<select name='random_count'>\n\t\t\t\t<option value=10>10 </option>\n\t\t\t\t<option value=20>20 </option>\n\t\t\t\t<option value=30>30 </option>\n\t\t\t\t<option value=40>40 </option>\n\t\t\t\t<option value=50>50 </option>\n </select><br/>\n"; } $output .= "<strong>Random Type</strong><br/>\n\n\t\t\t\t<select name='random_type' onchange=\"getRandItems(this.options[selectedIndex].value); return false;\" >\n\t\t\t\t<option value='' >Choose Type...</option>\n\t\t\t\t<option value='artists' >Artists</option>\n\t\t\t\t<option value='genre' >Genre</option>\n\t\t\t\t<option value='albums' >Albums</option>\n\t\t\t\t<option value='all' >Everything</option>\n </select><br/>\n"; $output .= "<strong>Random Items</strong>\n<span id='rand_items'></span>\n\t\t\t<br/><br/>"; $output .= "<input type='submit' value='play mix' class='btn' />"; $output .= "</form></p>\n"; break; case 'playlists': $query = "SELECT *,SEC_TO_TIME(time) AS time2 FROM mp3act_saved_playlists WHERE private=0"; $result = mysql_query($query); $output = "<div class=\"head\">"; $output .= "<h2>Saved Playlists</h2></div>"; $output .= "<p><strong>Public Playlists</strong></p>\n"; $output .= "<ul>\n"; if (mysql_num_rows($result) == 0) { $output .= "Zero Saved Playlists"; } while ($row = mysql_fetch_array($result)) { $output .= "<li><a href=\"#\" onclick=\"pladd('playlist',{$row['playlist_id']}); return false;\" title='Load this Saved Playlist'><img src=\"img/add.gif\" /></a> <a onclick=\"updateBox('saved_pl',{$row['playlist_id']}); \" title='Click to View Playlist' href='#'>{$row['playlist_name']} - {$row['songcount']} Songs ({$row['time2']})</a></li>"; } $output .= "</ul>\n"; $output .= "<p><strong>Your Private Playlists</strong></p>\n"; $query = "SELECT *,SEC_TO_TIME(time) AS time2 FROM mp3act_saved_playlists WHERE private=1 AND user_id={$_SESSION['sess_userid']} ORDER BY playlist_id DESC"; $result = mysql_query($query); $output .= "<ul>\n"; if (mysql_num_rows($result) == 0) { $output .= "Zero Saved Playlists"; } while ($row = mysql_fetch_array($result)) { $output .= "<li><a href=\"#\" onclick=\"pladd('playlist',{$row['playlist_id']}); return false;\" title='Load this Saved Playlist'><img src=\"img/add.gif\" /></a> <a href=\"#\" onclick=\"deletePlaylist({$row['playlist_id']}); return false;\" title='DELETE this Saved Playlist'><img src=\"img/rem.gif\" /></a> <a onclick=\"updateBox('saved_pl',{$row['playlist_id']}); \" title='Click to View Playlist' href='#'>{$row['playlist_name']} - {$row['songcount']} Songs ({$row['time2']})</a></li>"; } $output .= "</ul>\n"; break; case 'saved_pl': $query = "SELECT *,SEC_TO_TIME(time) AS time2 FROM mp3act_saved_playlists WHERE playlist_id={$itemid}"; $result = mysql_query($query); $row = mysql_fetch_array($result); $output = "<div class=\"head\">"; $output .= "<div class=\"right\"><a href=\"#\" onclick=\"pladd('playlist',{$row['playlist_id']}); return false;\" title=\"Load Playlist\">load playlist</a></div>"; $output .= "<h2>View Saved Playlist</h2></div>"; $output .= "<p><strong>Playlist Info</strong><br/>{$row['songcount']} Songs<br/>{$row['time2']}</p>\n"; $output .= "<p><strong>Playlist Songs</strong></p>\n"; $output .= "<ul>\n"; $songs = explode(",", $row['playlist_songs']); $count = 0; foreach ($songs as $song) { $query = "SELECT mp3act_songs.*,SEC_TO_TIME(mp3act_songs.length) AS length,mp3act_artists.artist_name FROM mp3act_artists,mp3act_songs WHERE mp3act_songs.song_id={$song} AND mp3act_artists.artist_id=mp3act_songs.artist_id"; $result = mysql_query($query); $row = mysql_fetch_array($result); $alt = getAlt($count); $output .= "<li {$alt}>{$row['artist_name']} - {$row['name']}<p>{$row['numplays']} Plays<br/><em>{$row['length']}</em></p></li>"; $count++; } $output .= "</ul>\n"; break; case 'about': $output = "<div class=\"head\">"; $output .= "<h2>mp3act Music System - v" . getSystemSetting("version") . "</h2></div>"; $output .= "<p>\n"; $output .= "<strong>Date: </strong>May 31, 2005<br/>\n"; $output .= "<strong>Author: </strong><a href='http://www.jonbuda.com' target='_blank'>Jon Buda</a> | <a href='http://www.visiblebits.com' target='_blank'>A VisibleBits Production</a><br/>\n"; $output .= "<strong>Website: </strong><a href='http://www.mp3act.net' target='_blank'>http://www.mp3act.net</a><br/>\n"; $output .= "<strong>Support: </strong><a href='http://www.mp3act.net/support/' target='_blank'>http://www.mp3act.net/support/</a><br/>\n"; $output .= "<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\" target='_blank'>\n<input type=\"hidden\" name=\"cmd\" value=\"_s-xclick\">\n<input class='noborder' title='Donate to mp3act!' type=\"image\" src=\"img/paypal_donate.gif\" border=\"0\" name=\"submit\" alt=\"Make payments with PayPal - it's fast, free and secure!\">\n<input type=\"hidden\" name=\"encrypted\" value=\"-----BEGIN PKCS7-----MIIHFgYJKoZIhvcNAQcEoIIHBzCCBwMCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYA4veI6qAxD/af5tw+U4bCCL6Dq/VKfbP7vqm2pH+IMxxiKfpDL4lq0rwKY53oZPbg7piEkawKT3/KUuCfx+HxgySt8baF2ebbK3AyKOmvFd2/eDyNTxRiS/tF0pNmW0DzE2JCoQW2HJajxXM5Z+UyJN0Z9v5FhPETMb8feDYo41jELMAkGBSsOAwIaBQAwgZMGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIjWvBHPqz4jiAcI2IZ5qVE6XWPHK7Y7bjlbSFiYqwwEDPiBqQlrSZE/qVfm5Q8kNsdtWXycfr6zeEd9AtHRdPV4l0Vao/IUJDj3pwGKtHjGcPXJW2kA4FzgAH4e+8zbQTTPbg/hNyh93xt8VJJZd7JQsc93UKwPzs5AigggOHMIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFHTt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZoS1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0OBBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwYRiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmHMYIBmjCCAZYCAQEwgZQwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tAgEAMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wNTA0MTMxOTM3MDZaMCMGCSqGSIb3DQEJBDEWBBSEfLq1T8OGroO3jwycdLCxmwl7WTANBgkqhkiG9w0BAQEFAASBgLsYmppV3QgSoiPud2C7ZCh7NRBX/bPC4jgYT6Qf42vdh4mjAIptVJZn66HM8UQsKI9feP8x7+7g1S3/u+AoHVk5FQgaiRbGni2EKUO2il8YvjlwWLeRxJLuBPoTYeyMgGNFCTu/8TUSus0kpb8tpcFZWg1TGrhuX90XIbPjmisS-----END PKCS7-----\">\n</form>\n"; $output .= "</p>"; $output .= "<h3>Thanks to Contributors and Testers</h3>\n"; $output .= "<p>Ben Callam<br/>Joe Doss<br/>All of 708 Park St.</p>\n"; break; case 'stats': $query = "SELECT * FROM mp3act_stats"; $result = mysql_query($query); $row = mysql_fetch_array($result); $query = "SELECT COUNT(user_id) AS users FROM mp3act_users"; $result = mysql_query($query); $row2 = mysql_fetch_array($result); $query = "SELECT COUNT(play_id) AS songs FROM mp3act_playhistory"; $result = mysql_query($query); $row3 = mysql_fetch_array($result); $output = "<div class=\"head\">"; $output .= "<h2>Server Statistics</h2></div>"; $output .= "<p>\n"; $output .= "<a href='#' onclick=\"updateBox('recentadd',0); return false;\" >Recently Added Albums</a><br/>"; $output .= "<a href='#' onclick=\"updateBox('recentplay',0); return false;\" >Recently Played Songs</a><br/>"; $output .= "<a href='#' onclick=\"updateBox('topplay',0); return false;\" >Top Played Songs</a><br/>"; $output .= "</p>\n"; $output .= "<h3>Local Server Statistics</h3>\n"; $output .= "<p><strong>Songs:</strong> {$row['num_songs']}<br/>\n"; $output .= "<strong>Albums:</strong> {$row['num_albums']}<br/>\n"; $output .= "<strong>Artists:</strong> {$row['num_artists']}<br/>\n"; $output .= "<strong>Genres:</strong> {$row['num_genres']}<br/><br/>\n"; $output .= "<strong>Total Time:</strong> {$row['total_time']}<br/>\n"; $output .= "<strong>Total Size:</strong> {$row['total_size']}<br/><br/>\n"; $output .= "<strong>Registered Users:</strong> {$row2['users']}<br/>\n"; $output .= "<strong>Songs Played:</strong> {$row3['songs']}<br/></p>\n"; break; case 'recentadd': $query = "SELECT mp3act_albums.album_name,mp3act_albums.album_id,\n\t\t\tmp3act_artists.artist_name, \n\t\t\tDATE_FORMAT(mp3act_songs.date_entered,'%m.%d.%Y') as pubdate \n\t\t\tFROM mp3act_songs,mp3act_albums,mp3act_artists \n\t\t\tWHERE mp3act_songs.album_id=mp3act_albums.album_id \n\t\t\tAND mp3act_artists.artist_id=mp3act_songs.artist_id \n\t\t\tGROUP BY mp3act_songs.album_id ORDER BY mp3act_songs.date_entered DESC LIMIT 40"; $output = "<div class=\"head\">"; $output .= "<div class=\"right\"><a href=\"#\" onclick=\"switchPage('stats'); return false;\" title=\"Return to Statistics Page\">back</a></div>"; $output .= "<h2>Recently Added Albums</h2></div>"; $output = buildAlbumList($output, $query, 'pubdate'); break; case 'topplay': $query = "SELECT mp3act_albums.album_name, mp3act_songs.numplays, mp3act_songs.name, \n\t\t\tmp3act_artists.artist_name,mp3act_songs.song_id \n\t\t\tFROM mp3act_songs,mp3act_albums,mp3act_artists \n\t\t\tWHERE mp3act_songs.album_id=mp3act_albums.album_id \n\t\t\tAND mp3act_artists.artist_id=mp3act_songs.artist_id \n\t\t\tAND mp3act_songs.numplays > 0 \n\t\t\tORDER BY mp3act_songs.numplays DESC LIMIT 40"; $output = "<div class=\"head\">"; $output .= "<div class=\"right\"><a href=\"#\" onclick=\"switchPage('stats'); return false;\" title=\"Return to Statistics Page\">back</a></div>"; $output .= "<h2>Top Played Songs</h2></div>"; $output = buildSongList($output, mysql_query($query), 'numplays'); break; case 'recentplay': $query = "SELECT mp3act_songs.name, mp3act_songs.song_id, \n\t\t\tmp3act_artists.artist_name,\n\t\t\tDATE_FORMAT(mp3act_playhistory.date_played,'%m.%d.%Y') as playdate \n\t\t\tFROM mp3act_songs,mp3act_artists,mp3act_playhistory \n\t\t\tWHERE mp3act_songs.song_id=mp3act_playhistory.song_id\n\t\t\tAND mp3act_artists.artist_id=mp3act_songs.artist_id \n\t\t\tORDER BY mp3act_playhistory.play_id DESC LIMIT 40"; $output = "<div class=\"head\">"; $output .= "<div class=\"right\"><a href=\"#\" onclick=\"switchPage('stats'); return false;\" title=\"Return to Statistics Page\">back</a></div>"; $output .= "<h2>Recently Played Songs</h2></div>"; $output = buildSongList($output, mysql_query($query)); break; } return $output; }
$id = sprintf('%d', $_GET["id"]); } else { $id = 0; } if (isset($_GET['delete'])) { $delete = sprintf('%d', $_GET["delete"]); } else { $delete = 0; } $useremail = isset($_POST["useremail"]) ? $_POST["useremail"] : ''; if (!$id && !$delete) { Fatal_Error($GLOBALS['I18N']->get('NoRecord')); exit; } if ($GLOBALS["require_login"] && !isSuperUser()) { $access = accessLevel("bounce"); switch ($access) { case "all": $subselect = ""; break; case "none": default: $subselect = " and " . $tables["list"] . ".id = 0"; break; } } if (isset($start)) { echo "<br />" . PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList'), "start={$start}") . "\n"; } if (isset($_GET["doit"]) && ($GLOBALS["require_login"] && isSuperUser() || !$GLOBALS["require_login"])) { if ($useremail) {
<?php require_once dirname(__FILE__) . '/accesscheck.php'; if (!ALLOW_IMPORT) { print '<p>' . $GLOBALS['I18N']->get('import is not available') . '</p>'; return; } # import from a different PHPlist installation if ($require_login && !isSuperUser()) { $access = accessLevel("import4"); if ($access == "owner") { $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; } elseif ($access == "all") { $subselect = ""; } elseif ($access == "none") { $subselect = " where id = 0"; } } function connectLocal() { $database_connection = Sql_Connect($GLOBALS["database_host"], $GLOBALS["database_user"], $GLOBALS["database_password"], $GLOBALS["database_name"]); return $database_connection; } function connectRemote() { return Sql_Connect($_POST["remote_host"], $_POST["remote_user"], $_POST["remote_password"], $_POST["remote_database"]); } $result = Sql_query("SELECT id,name FROM " . $tables["list"] . " {$subselect} ORDER BY listorder"); while ($row = Sql_fetch_array($result)) { $available_lists[$row["id"]] = $row["name"]; $some = 1;
<?php verifyCsrfGetToken(); $access = accessLevel('export'); $list = $_SESSION['export']['list']; switch ($access) { case 'owner': if ($list) { $check = Sql_Fetch_Assoc_Query(sprintf('select id from %s where owner = %d and id = %d', $GLOBALS['tables']['list'], $_SESSION['logindetails']['id'], $list)); if (empty($check['id'])) { print Error(s('That is not your list')); return; } } $querytables = $GLOBALS['tables']['list'] . ' list INNER JOIN ' . $GLOBALS['tables']['listuser'] . ' listuser ON listuser.listid = list.id' . ' INNER JOIN ' . $GLOBALS['tables']['user'] . ' user ON listuser.userid = user.id'; $subselect = ' and list.owner = ' . $_SESSION['logindetails']['id']; $listselect_and = ' and owner = ' . $_SESSION['logindetails']['id']; break; case 'all': if ($list) { $querytables = $GLOBALS['tables']['user'] . ' user' . ' INNER JOIN ' . $GLOBALS['tables']['listuser'] . ' listuser ON user.id = listuser.userid'; $subselect = ''; } else { $querytables = $GLOBALS['tables']['user'] . ' user'; $subselect = ''; } $listselect_and = ''; break; case 'none': default: $querytables = $GLOBALS['tables']['user'] . ' user';
document.folderlist.elements[i].checked = isset; } } </script> <?php require_once dirname(__FILE__) . '/accesscheck.php'; if (!ALLOW_IMPORT) { print '<p class="information">' . $GLOBALS['I18N']->get('import is not available') . '</p>'; return; } ob_end_flush(); print '<p class="button">' . $GLOBALS['I18N']->get('Import emails from IMAP folders') . '</p>'; $email_header_fields = array('to', 'from', 'cc', 'bcc', 'reply_to', 'sender', 'return_path'); if ($require_login && !isSuperUser()) { $access = accessLevel('import3'); if ($access == 'owner') { $subselect = ' where owner = ' . $_SESSION['logindetails']['id']; } elseif ($access == 'all') { $subselect = ''; } elseif ($access == 'none') { $subselect = ' where id = 0'; } } $result = Sql_query('SELECT id,name FROM ' . $tables['list'] . " {$subselect} ORDER BY listorder"); while ($row = Sql_fetch_array($result)) { $available_lists[$row['id']] = $row['name']; $some = 1; } if (!$some) { echo $GLOBALS['I18N']->get('No lists available') . ', ' . PageLink2('editlist', $GLOBALS['I18N']->get('Add a list'));
<?php require_once dirname(__FILE__) . '/accesscheck.php'; echo '<hr/><p class="information">'; $access = accessLevel("sendprepared"); switch ($access) { case "owner": $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; break; case "all": $subselect = ""; break; case "none": default: $subselect = " where id = 0"; break; } if ($message && $list) { $msg_req = Sql_Query("select * from {$tables["message"]} where id = {$message}"); $msg = Sql_Fetch_Array($msg_req); $lists = array(); if (is_array($list)) { if ($list["all"]) { $res = Sql_query("select * from " . $tables["list"] . " {$subselect}"); while ($row = Sql_fetch_array($res)) { if ($row["active"]) { array_push($lists, $row["id"]); } } } else { while (list($key, $val) = each($list)) {
<?php require_once dirname(__FILE__) . '/accesscheck.php'; $access = accessLevel('list'); switch ($access) { case 'owner': $subselect = ' where owner = ' . $_SESSION['logindetails']['id']; break; case 'all': $subselect = ''; break; case 'none': default: $subselect = ' where id = 0'; break; } print formStart('name="categoryedit"'); if (!isset($_GET['show']) || $_GET['show'] != 'all') { if (!empty($subselect)) { $subselect .= ' and '; } else { $subselect .= ' where '; } $subselect .= '(category is null or category = "")'; } else { $subselect = 'where true '; } $categories = listCategories(); if (!count($categories)) { ## try to fetch them from existing lists $req = Sql_Query(sprintf('select distinct category from %s where category != "" ', $tables['list']));
<?php require_once dirname(__FILE__) . '/accesscheck.php'; if (isset($_POST["default"]) && $_POST['default']) { saveConfig("defaultsubscribepage", $_POST["default"]); } if (isset($_POST['active']) && is_array($_POST['active'])) { Sql_Query(sprintf('update %s set active = 0', $GLOBALS['tables']['subscribepage'])); foreach ($_POST['active'] as $sPageId => $active) { Sql_Query(sprintf('update %s set active = 1 where id = %d', $GLOBALS['tables']['subscribepage'], $sPageId)); } } $default = getConfig("defaultsubscribepage"); $subselect = ''; if ($GLOBALS["require_login"] && !isSuperUser()) { $access = accessLevel("list"); switch ($access) { case "owner": $subselect = " where owner = " . $_SESSION["logindetails"]["id"]; break; case "all": $subselect = ""; break; case "none": default: $subselect = " where id = 0"; break; } } if (isset($_REQUEST['delete'])) { $delete = sprintf('%d', $_REQUEST['delete']);
<?php require_once dirname(__FILE__) . '/accesscheck.php'; $subselect = $whereClause = ''; $action_result = ''; $access = accessLevel('messages'); $messageSortOptions = array('default' => s('Sort by'), 'subjectasc' => s('Subject') . ' - ' . s('Ascending'), 'subjectdesc' => s('Subject') . ' - ' . s('Descending'), 'enteredasc' => s('Entered') . ' - ' . s('Ascending'), 'entereddesc' => s('Entered') . ' - ' . s('Descending'), 'embargoasc' => s('Embargo') . ' - ' . s('Ascending'), 'embargodesc' => s('Embargo') . ' - ' . s('Descending'), 'sentasc' => s('Sent') . ' - ' . s('Ascending'), 'sentdesc' => s('Sent') . ' - ' . s('Descending')); if (!$GLOBALS['require_login'] || $_SESSION['logindetails']['superuser'] || $access == 'all') { $ownerselect_and = ''; $ownerselect_where = ''; } else { $ownerselect_where = ' where owner = ' . $_SESSION['logindetails']['id']; $ownerselect_and = ' and owner = ' . $_SESSION['logindetails']['id']; } if (isset($_GET['start'])) { $start = sprintf('%d', $_GET['start']); } else { unset($start); } if (!isset($_SESSION['messagefilter'])) { $_SESSION['messagefilter'] = ''; } if (!empty($_POST['clear'])) { $_SESSION['messagefilter'] = ''; $_SESSION['messagesortby'] = ''; $_SESSION['messagenumpp'] = MAX_MSG_PP; unset($_POST['filter']); unset($_POST['numPP']); unset($_POST['sortBy']); } if (isset($_POST['filter'])) {
<script language="Javascript" src="js/jslib.js" type="text/javascript"></script> <?php require_once dirname(__FILE__) . '/accesscheck.php'; print PageLink2("admins", $GLOBALS['I18N']->get('listofadministrators'), "start={$start}"); require dirname(__FILE__) . "/structure.php"; $struct = $DBstruct["admin"]; $id = $_REQUEST["id"]; echo "<hr /><br />"; $noaccess = 0; $accesslevel = accessLevel("admin"); switch ($accesslevel) { case "owner": $id = $_SESSION["logindetails"]["id"]; break; case "all": $subselect = ""; break; case "none": default: $noaccess = 1; } if ($noaccess) { print Error($GLOBALS['I18N']->get('No Access')); return; } if ($_POST["change"]) { if (!$_POST["id"]) { # new one Sql_Query(sprintf('insert into %s (namelc,created) values("%s",now())', $tables["admin"], strtolower(normalize($_POST["loginname"]))));
} ?> /><label for="active"><?php echo $GLOBALS['I18N']->get('Public list (listed on the frontend)'); ?> </label></div> <div class="label"><label for="listorder"><?php echo $GLOBALS['I18N']->get('Order for listing'); ?> </label></div> <div class="field"><input type="text" name="listorder" value="<?php echo $list["listorder"]; ?> " class="listorder" /></div> <?php if ($GLOBALS["require_login"] && (isSuperUser() || accessLevel("editlist") == "all")) { if (empty($list["owner"])) { $list["owner"] = $_SESSION["logindetails"]["id"]; } $admins = $GLOBALS["admin_auth"]->listAdmins(); if (sizeof($admins) > 1) { print '<div class="label"><label for="owner">' . $GLOBALS['I18N']->get('Owner') . '</label></div><div class="field"><select name="owner">'; foreach ($admins as $adminid => $adminname) { printf(' <option value="%d" %s>%s</option>', $adminid, $adminid == $list["owner"] ? 'selected="selected"' : '', $adminname); } print '</select></div>'; } else { print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />'; } } else { print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />';
<?php require_once dirname(__FILE__) . '/accesscheck.php'; print Help('preparemessage', 'What is prepare a message'); $access = accessLevel('preparemessage'); switch ($access) { case 'owner': $subselect = ' where owner = ' . $_SESSION['logindetails']['id']; $ownership = ' and owner = ' . $_SESSION['logindetails']['id']; break; case 'all': $subselect = ''; break; case 'none': default: $subselect = ' where id = 0'; $ownership = ' and id = 0'; break; } include 'send_core.php'; if (!$done) { print '<p class="submit"><input type="submit" name=prepare value="Add message"></p></form>'; }
function requireAccessLevel($page, $level) { $adminlevel = accessLevel($page); return $adminlevel == $level; }
} } function moveUser($userid) { global $tables; $newlist = $_GET['list']; Sql_Query(sprintf('delete from %s where userid = %d', $tables['listuser'], $userid)); Sql_Query(sprintf('insert into %s (userid,listid,entered) values(%d,%d,now())', $tables['listuser'], $userid, $newlist)); } function addUniqID($userid) { Sql_query(sprintf('update %s set uniqid = "%s" where id = %d', $GLOBALS['tables']['user'], getUniqID(), $userid)); } if ($require_login && !isSuperUser() || !$require_login || isSuperUser()) { $action_result = ''; $access = accessLevel('reconcileusers'); switch ($access) { case 'all': if (isset($_GET['option']) && $_GET['option']) { set_time_limit(600); switch ($_GET['option']) { case 'markallconfirmed': $list = sprintf('%d', $_GET['list']); if ($list == 0) { $action_result .= $GLOBALS['I18N']->get('Marking all subscribers confirmed'); Sql_Query("update {$tables['user']} set confirmed = 1"); } else { $action_result .= sprintf($GLOBALS['I18N']->get('Marking all subscribers on list %s confirmed'), ListName($list)); Sql_Query(sprintf('UPDATE %s, %s SET confirmed =1 WHERE %s.id = %s.userid AND %s.listid= %d', $tables['user'], $tables['listuser'], $tables['user'], $tables['listuser'], $tables['listuser'], $list)); } $total = Sql_Affected_Rows();
<script language="Javascript" src="js/jslib.js" type="text/javascript"></script> <?php require_once dirname(__FILE__) . '/accesscheck.php'; require_once dirname(__FILE__) . '/date.php'; #if (!$_GET["id"] && !$_GET["delete"]) { # Fatal_Error("No such user"); # return; #} $id = sprintf('%d', isset($_GET["id"]) ? $_GET['id'] : 0); $delete = sprintf('%d', isset($_GET['delete']) ? $_GET["delete"] : 0); $date = new Date(); $access = accessLevel("user"); switch ($access) { case "owner": $subselect = sprintf(' and %s.owner = %d', $tables["list"], $_SESSION["logindetails"]["id"]); $subselect_where = sprintf(' where %s.owner = %d', $tables["list"], $_SESSION["logindetails"]["id"]); break; case "all": $subselect = ""; break; case "view": $subselect = ""; if (sizeof($_POST)) { print Error("You only have privileges to view this page, not change any of the information"); return; } break; case "none": default:
function play($mode, $type, $id) { global $mpd; if ($mode == 'streaming') { mp3act_connect(); $tmp = ''; $query = ''; session_cache_limiter('nocache'); header("Content-Type: audio/mpegurl;"); header("Content-Disposition: inline; filename=\"playlist.m3u\""); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Pragma: nocache"); $tmp .= "#EXTM3U\n"; if ($type == 'song') { $query = "SELECT mp3act_songs.song_id,mp3act_artists.artist_name,mp3act_artists.prefix,mp3act_songs.name,mp3act_songs.length FROM mp3act_songs,mp3act_artists WHERE mp3act_songs.song_id={$id} AND mp3act_artists.artist_id=mp3act_songs.artist_id"; } elseif ($type == 'album') { $query = "SELECT mp3act_songs.song_id,mp3act_artists.artist_name,mp3act_songs.name,mp3act_artists.prefix,mp3act_songs.length FROM mp3act_songs,mp3act_artists WHERE mp3act_artists.artist_id=mp3act_songs.artist_id AND mp3act_songs.album_id={$id} ORDER BY mp3act_songs.track"; } elseif ($type == 'pl') { $query = "SELECT mp3act_songs.song_id,mp3act_artists.artist_name,mp3act_songs.name,mp3act_artists.prefix,mp3act_songs.length FROM mp3act_songs,mp3act_artists,mp3act_playlist WHERE mp3act_artists.artist_id=mp3act_songs.artist_id AND mp3act_songs.song_id=mp3act_playlist.song_id AND mp3act_playlist.user_id={$_SESSION['sess_userid']} AND mp3act_playlist.private=1 ORDER BY mp3act_playlist.pl_id"; } $result = mysql_query($query); while ($row = mysql_fetch_array($result)) { $length = $row['length']; if (getSystemSetting("sample_mode") == 1) { $length = floor($row['length'] / 4); } $tmp .= "#EXTINF:{$length},{$row['prefix']} {$row['artist_name']} - {$row['name']}\n"; $tmp .= "{$GLOBALS['http_url']}{$GLOBALS['uri_path']}/playstream.php?i={$row['song_id']}&u={$_SESSION['sess_usermd5']}&b={$_SESSION['sess_bitrate']}&s={$_SESSION['sess_stereo']}\n"; } return $tmp; exit; } else { if (accessLevel(7)) { // check for MPD mode if (inMpdMode()) { if (mpd_connect() == 0) { return; } // MPD jukebox switch ($type) { case 'stop': // stop MPD $mpd->Stop(); break; case 'prev': // mpd.prev $mpd->Previous(); break; case 'next': // mpd.next $mpd->Next(); break; case 'song': // stop mpd, clear the playlist, load this song then play $mpd->Stop(); $mpd->PLClear(); // $id is the song_id to load $song = mpdGetSongForId($id); $mpd->PLAdd($song['file']); // play $mpd->Play(); break; case 'album': // stop mpd, clear the playlist, load this album then play $mpd->Stop(); $mpd->PLClear(); list($artist, $album) = mpdGetArtistAlbumForAlbumId($id); // now do a "find album XXX" // then filter for our artist if (!is_null($ar = $mpd->Find(MPD_SEARCH_ALBUM, $album))) { // got results, iterate and filter for the right artist if (count($ar) > 0) { foreach ($ar as $track) { if ($track['Artist'] == $artist) { $localplaylist[] = $track; } } } } // let's do a bulk add if (count($localplaylist) > 0) { foreach ($localplaylist as $plentry) { $bulkadd[] = $plentry['file']; } } $mpd->PLAddBulk($bulkadd); // play $mpd->Play(); break; case 'pl': // play the playlist $mpd->Play(); break; } } else { // local jukebox mp3act_connect(); $tmp = ''; $query = ''; switch ($type) { case 'stop': //exec("killall -c ".basename(getSystemSetting("phpbin"))." > /dev/null 2>&1 &"); //exec("killall -c ".basename(getSystemSetting("mp3bin"))." > /dev/null 2>&1 &"); killCmd("play.php"); killCmd(basename(getSystemSetting("mp3bin"))); //submitScrobbler($_SESSION['sess_userid']); if (file_exists("/tmp/mp3act")) { unlink("/tmp/mp3act"); } $query = "UPDATE mp3act_songs SET random=0"; mysql_query($query); $query = "DELETE FROM mp3act_currentsong"; mysql_query($query); break; case 'prev': // PREV is not working... /*exec("killall ".getSystemSetting("phpbin")." > /dev/null 2>&1 &"); exec("killall ".getSystemSetting("mp3bin")." > /dev/null 2>&1 &"); $query = "DELETE FROM mp3act_currentsong"; mysql_query($query); exec(getSystemSetting("phpbin")." includes/play.php 3 $id > /dev/null 2>&1 &"); */ break; case 'next': //exec("killall -c ".basename(getSystemSetting("mp3bin"))." > /dev/null 2>&1 &"); killCmd(basename(getSystemSetting("mp3bin"))); break; case 'song': if (!file_exists("/tmp/mp3act")) { touch("/tmp/mp3act"); exec(getSystemSetting("phpbin") . " includes/play.php 1 {$_SESSION['sess_userid']} {$id} > /tmp/play.debug 2>&1 &"); } break; case 'album': if (!file_exists("/tmp/mp3act")) { touch("/tmp/mp3act"); exec(getSystemSetting("phpbin") . " includes/play.php 2 {$_SESSION['sess_userid']} {$id} > /tmp/play.debug 2>&1 &"); } break; case 'pl': if (!file_exists("/tmp/mp3act")) { touch("/tmp/mp3act"); exec(getSystemSetting("phpbin") . " includes/play.php 3 {$id} > /tmp/play.debug 2>&1 &"); } break; } // local jukebox } // END JUKEBOX MODE } } }
++$i; } // Do import } else { file_put_contents($newfile . '.data', serialize($_POST)); print '<h3>' . s('Importing %d subscribers to %d lists, please wait', count($email_list), count($import_lists)) . '</h3>'; print $GLOBALS['img_busy']; print '<div id="progresscount" style="width: 200; height: 50;">Progress</div>'; print '<br/> <iframe id="import1" src="./?page=pageaction&action=import1&ajaxed=true&file=' . urlencode(basename($newfile)) . addCsrfGetToken() . '" scrolling="no" height="50"></iframe>'; } // end else # print '<p class="button">'.PageLink2("import1",$GLOBALS['I18N']->get('Import some more emails')).'</p>'; } else { echo FormStart(' enctype="multipart/form-data" name="import"'); if ($GLOBALS['require_login'] && !isSuperUser()) { $access = accessLevel('import1'); switch ($access) { case 'owner': $subselect = ' where owner = ' . $_SESSION['logindetails']['id']; break; case 'all': $subselect = ''; break; case 'none': default: $subselect = ' where id = 0'; break; } } $result = Sql_query('SELECT id,name FROM ' . $tables['list'] . "{$subselect} ORDER BY listorder"); $c = 0;
function PageURL2($name, $desc = '', $url = '', $no_plugin = false) { if (empty($name)) { return ''; } if ($url) { $url = '&' . $url; } $access = accessLevel($name); if ($access == 'owner' || $access == 'all' || $access == 'view') { if (!$no_plugin && !preg_match('/&pi=/i', $name) && $_GET['pi'] && is_object($GLOBALS['plugins'][$_GET['pi']])) { $pi = '&pi=' . $_GET['pi']; } else { $pi = ''; } return sprintf('./?page=%s%s%s%s', $name, $url, $pi, addCsrfGetToken()); } else { return ''; } }