Example #1
0
     $userid = Sql_Insert_Id($tables['user'], 'id');
     ++$count_email_add;
     $some = 1;
     $history_entry = $GLOBALS['I18N']->get('Import of new subscriber');
     # add the attributes for this user
     foreach ($attributes as $attr => $value) {
         if (is_array($value)) {
             $value = implode(',', $value);
         }
         Sql_query(sprintf('replace into %s (attributeid,userid,value) values("%s","%s","%s")', $tables['user_attribute'], $attr, $userid, addslashes($value)));
     }
 }
 #add this user to the lists identified, execpt when found in the blacklist
 $addition = 0;
 $listoflists = '';
 $isBlackListed = isBlackListed($email);
 if (!$isBlackListed) {
     foreach ($importdata['importlists'] as $key => $listid) {
         $query = 'replace INTO ' . $tables['listuser'] . " (userid,listid,entered) values({$userid},{$listid},now())";
         $result = Sql_query($query);
         # if the affected rows is 2, the user was already subscribed
         $addition = $addition || Sql_Affected_Rows() == 1;
         if (!empty($importdata['listname'][$key])) {
             $listoflists .= '  * ' . $importdata['listname'][$key] . "\n";
         }
     }
     if ($addition) {
         ++$additional_emails;
     }
 } else {
     ## mark blacklisted, just in case ##17288
Example #2
0
}
##$subselect .= ' limit 500'; // just to test the progress meter
if ($list) {
    $result = Sql_query(sprintf('select * from
    %s where user.id = listuser.userid and listuser.listid = %d and %s >= "%s 00:00:00" and %s  <= "%s 23:59:59" %s
    ', $querytables, $list, $column, $fromdate, $column, $todate, $subselect));
} else {
    $result = Sql_query(sprintf('
    select * from %s where %s >= "%s 00:00:00" and %s  <= "%s 23:59:59" %s', $querytables, $column, $fromdate, $column, $todate, $subselect));
}
$todo = Sql_Affected_Rows();
$done = 0;
fwrite($exportfile, $GLOBALS['I18N']->get('List Membership') . $row_delim);
while ($user = Sql_fetch_array($result)) {
    ## re-verify the blacklist status
    if (empty($user['blacklisted']) && isBlackListed($user['email'])) {
        $user['blacklisted'] = 1;
        Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS['tables']['user'], $user['email']));
    }
    set_time_limit(500);
    if ($done % 50 == 0) {
        print '<script type="text/javascript">
    var parentJQuery = window.parent.jQuery;
    parentJQuery("#progressbar").updateProgress("' . $done . ',' . $todo . '");
    </script>';
        flush();
    }
    ++$done;
    reset($_SESSION['export']['cols']);
    while (list($key, $val) = each($_SESSION['export']['cols'])) {
        fwrite($exportfile, strtr($user[$val], $col_delim, ',') . $col_delim);
Example #3
0
$email = $date = $uid = '';
if (isset($cline['e'])) {
    $email = $cline['e'];
}
if (isset($cline['u'])) {
    $uid = $cline['u'];
}
if (isset($cline['d'])) {
    $date = $cline['d'];
}
$emailQ = Sql_Fetch_Row_Query(sprintf('select email from %s where uniqid = "%s" or email = "%s"  order by email desc', $GLOBALS['tables']['user'], sql_escape($uid), sql_escape($email)));
$emailDB = $emailQ[0];
if (empty($emailDB) && empty($email)) {
    cl_output('FAIL');
    exit;
}
if (isBlackListed($emailDB)) {
    ## do this anyway, just to be sure
    Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS['tables']['user'], $emailDB));
    cl_output('OK');
    exit;
}
if (!empty($emailDB)) {
    ## do this immediately
    Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS['tables']['user'], $emailDB));
    addEmailToBlackList($emailDB, 'blacklisted due to spam complaints', $date);
} else {
    addEmailToBlackList($email, 'blacklisted due to spam complaints', $date);
}
cl_output('OK ' . $emailDB);
exit;
Example #4
0
function forwardPage($id)
{
    global $tables;
    $ok = true;
    $subtitle = '';
    $info = '';
    $html = '';
    $form = '';
    $personalNote = '';
    ## Check requirements
    # message
    $mid = 0;
    if (isset($_REQUEST['mid'])) {
        $mid = sprintf('%d', $_REQUEST['mid']);
        $messagedata = loadMessageData($mid);
        $mid = $messagedata['id'];
        if ($mid) {
            $subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
        }
    }
    #mid set
    # user
    if (!isset($_REQUEST['uid']) || !$_REQUEST['uid']) {
        FileNotFound();
    }
    ## get userdata
    $req = Sql_Query(sprintf('select * from %s where uniqid = "%s"', $tables['user'], sql_escape($_REQUEST['uid'])));
    $userdata = Sql_Fetch_Array($req);
    ## verify that this subscriber actually received this message to forward, otherwise they're not allowed
    $allowed = Sql_Fetch_Row_Query(sprintf('select userid from %s where userid = %d and messageid = %d', $GLOBALS['tables']['usermessage'], $userdata['id'], $mid));
    if (empty($userdata['id']) || $allowed[0] != $userdata['id']) {
        ## when sending a test email as an admin, the entry isn't there yet
        if (empty($_SESSION['adminloggedin']) || $_SESSION['adminloggedin'] != $_SERVER['REMOTE_ADDR']) {
            FileNotFound('<br/><i>' . $GLOBALS['I18N']->get('When testing the phpList forward functionality, you need to be logged in as an administrator.') . '</i><br/>');
        }
    }
    $firstpage = 1;
    ## is this the initial page or a followup
    # forward addresses
    $forwardemail = '';
    if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) {
        $firstpage = 0;
        $forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id']));
        $forwardemail = stripslashes($_REQUEST['email']);
        $emails = explode("\n", $forwardemail);
        $emails = trimArray($emails);
        $forwardemail = implode("\n", $emails);
        #0011860: forward to friend, multiple emails
        $emailCount = $forwardPeriodCount[0];
        foreach ($emails as $index => $email) {
            $emails[$index] = trim($email);
            if (is_email($email)) {
                ++$emailCount;
            } else {
                $info .= sprintf('<br />' . $GLOBALS['strForwardInvalidEmail'], $email);
                $ok = false;
            }
        }
        if ($emailCount > FORWARD_EMAIL_COUNT) {
            $info .= '<br />' . $GLOBALS['strForwardCountReached'];
            $ok = false;
        }
    } else {
        $ok = false;
    }
    #0011996: forward to friend - personal message
    # text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max
    if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) {
        if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) {
            $info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached'];
            $ok = false;
        }
        $personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote'])));
        $userdata['personalNote'] = $personalNote;
    }
    if ($userdata['id'] && $mid) {
        if ($ok && count($emails)) {
            ## All is well, send it
            require_once 'admin/sendemaillib.php';
            #0013845 Lead Ref Scheme
            if (FORWARD_FRIEND_COUNT_ATTRIBUTE) {
                $iCountFriends = FORWARD_FRIEND_COUNT_ATTRIBUTE;
            } else {
                $iCountFriends = 0;
            }
            if ($iCountFriends) {
                $nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends));
            }
            ## remember the lists for this message in order to notify only those admins
            ## that own them
            $messagelists = array();
            $messagelistsreq = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $mid));
            while ($row = Sql_Fetch_Row($messagelistsreq)) {
                array_push($messagelists, $row[0]);
            }
            foreach ($emails as $index => $email) {
                #0011860: forward to friend, multiple emails
                $done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid));
                $info .= '<br />' . $email . ': ';
                if ($done['status'] === 'sent') {
                    $info .= $GLOBALS['strForwardAlreadyDone'];
                } elseif (isBlackListed($email)) {
                    $info .= $GLOBALS['strForwardBlacklistedEmail'];
                } else {
                    if (!TEST) {
                        # forward the message
                        # sendEmail will take care of blacklisting
                        ### CHECK $email vs $forwardemail
                        if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
                            $info .= $GLOBALS['strForwardSuccessInfo'];
                            sendAdminCopy(s('Message Forwarded'), s('%s has forwarded message %d to %s', $userdata['email'], $mid, $email), $messagelists);
                            Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
                 values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
                            if ($iCountFriends) {
                                ++$nFriends;
                            }
                        } else {
                            $info .= $GLOBALS['strForwardFailInfo'];
                            sendAdminCopy(s('Message Forwarded'), s('%s tried forwarding message %d to %s but failed', $userdata['email'], $mid, $email), $messagelists);
                            Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
                values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
                            $ok = false;
                        }
                    }
                }
            }
            # foreach friend
            if ($iCountFriends) {
                saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends));
            }
        }
        #ok & emails
    } else {
        # no valid sender
        logEvent(s('Forward request from invalid user ID: %s', substr($_REQUEST['uid'], 0, 150)));
        $info .= '<BR />' . $GLOBALS['strForwardFailInfo'];
        $ok = false;
    }
    /*
      $data = PageData($id);
      if (isset($data['language_file']) && is_file(dirname(__FILE__).'/texts/'.basename($data['language_file']))) {
        @include dirname(__FILE__).'/texts/'.basename($data['language_file']);
      }
    */
    ## BAS Multiple Forward
    ## build response page
    $form = '<form method="post" action="">';
    $form .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
    $form .= sprintf('<input type=hidden name="id" value="%d">', $id);
    $form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
    $form .= sprintf('<input type=hidden name="p" value="forward">');
    if (!$ok) {
        #0011860: forward to friend, multiple emails
        if (FORWARD_EMAIL_COUNT == 1) {
            $form .= '<br /><h2>' . $GLOBALS['strForwardEnterEmail'] . '</h2>';
            $form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail);
        } else {
            $form .= '<br /><h2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</h2>';
            $form .= sprintf('<textarea name="email" rows="10" cols="50" class="attributeinput">%s</textarea>', $forwardemail);
        }
        #0011996: forward to friend - personal message
        if (FORWARD_PERSONAL_NOTE_SIZE) {
            $form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</h2>', FORWARD_PERSONAL_NOTE_SIZE);
            $cols = 50;
            $rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40));
            $form .= sprintf('<br/><textarea type="text" name="personalNote" rows="%d" cols="%d" class="attributeinput">%s</textarea>', $rows, $cols, $personalNote);
        }
        $form .= sprintf('<br /><input type="submit" value="%s"></form>', $GLOBALS['strContinue']);
    }
    ### END BAS
    ### Michiel, remote response page
    $remote_content = '';
    if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) {
        if (isset($regs[1]) && strlen($regs[1])) {
            $url = $regs[1];
            if (!preg_match('/^http/i', $url)) {
                $url = 'http://' . $url;
            }
            $remote_content = fetchUrl($url);
        }
    }
    if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) {
        if ($firstpage) {
            ## this is the initial page, not a follow up one.
            $remote_content = str_replace($regs[0], $info . $form, $remote_content);
        } else {
            $remote_content = str_replace($regs[0], $info, $remote_content);
        }
        $res = $remote_content;
    } else {
        $res = '<title>' . $GLOBALS['strForwardTitle'] . '</title>';
        $res .= $GLOBALS['pagedata']['header'];
        $res .= '<h3>' . $subtitle . '</h3>';
        if ($ok) {
            $res .= '<h4>' . $info . '</h4>';
        } elseif (!empty($info)) {
            $res .= '<div class="error missing">' . $info . '</div>';
        }
        $res .= $form;
        $res .= '<p>' . $GLOBALS['PoweredBy'] . '</p>';
        $res .= $GLOBALS['pagedata']['footer'];
    }
    ### END MICHIEL
    return $res;
}
Example #5
0
     $information_changed = 0;
     foreach ($current_data as $key => $val) {
         if (!is_numeric($key)) {
             if (isset($old_data[$key]) && $old_data[$key] != $val && $old_data[$key] && $key != 'password' && $key != 'modified') {
                 $information_changed = 1;
                 $history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n";
             }
         }
     }
     if (!$information_changed) {
         $history_entry .= "\nNo user details changed";
     }
     addUserHistory($user['systemvalues']['email'], 'Import by ' . adminName(), $history_entry);
 }
 #add this user to the lists identified, except when they are blacklisted
 $isBlackListed = isBlackListed($user['systemvalues']['email']);
 if (!$isBlackListed && is_array($_SESSION['lists'])) {
     reset($_SESSION['lists']);
     $addition = 0;
     $listoflists = '';
     while (list($key, $listid) = each($_SESSION['lists'])) {
         $query = 'replace INTO ' . $tables['listuser'] . " (userid,listid,entered) values({$userid},{$listid},now())";
         $result = Sql_query($query, 1);
         # if the affected rows is 2, the user was already subscribed
         $addition = $addition || Sql_Affected_Rows() == 1;
         $listoflists .= '  * ' . listName($key) . "\n";
         # $_SESSION["listname"][$key] . "\n";
     }
     if ($addition) {
         ++$count['list_add'];
     }
Example #6
0
 if (eregi("\\[email\\]", $thankyoupage, $regs)) {
     $thankyoupage = eregi_replace("\\[email\\]", $email, $thankyoupage);
 }
 $user_att = getUserAttributeValues($email);
 while (list($att_name, $att_value) = each($user_att)) {
     if (eregi("\\[" . $att_name . "\\]", $thankyoupage, $regs)) {
         $thankyoupage = eregi_replace("\\[" . $att_name . "\\]", $att_value, $thankyoupage);
     }
 }
 if (is_array($GLOBALS["plugins"])) {
     reset($GLOBALS["plugins"]);
     foreach ($GLOBALS["plugins"] as $name => $plugin) {
         $thankyoupage = $plugin->parseThankyou($id, $userid, $thankyoupage);
     }
 }
 $blacklisted = isBlackListed($email);
 if ($blacklisted) {
     $thankyoupage .= '<p>' . $GLOBALS["strYouAreBlacklisted"] . '</p>';
     return 1;
 }
 if ($sendrequest && $listsok) {
     #is_array($_POST["list"])) {
     if (sendMail($email, getConfig("subscribesubject:{$id}"), $subscribemessage, system_messageheaders($email), '', 1)) {
         sendAdminCopy("Lists subscription", "\n" . $email . " has subscribed\n\n{$history_entry}");
         addUserHistory($email, $history_subject, $history_entry);
         print $thankyoupage;
     } else {
         print '<h3>' . $strEmailFailed . '</h3>';
         if ($blacklisted) {
             print '<p>' . $GLOBALS["strYouAreBlacklisted"] . '</p>';
         }
Example #7
0
 function sendMail($to, $subject, $message, $header = "", $parameters = "")
 {
     #    mail($to,$subject,$message);
     dbg("mail {$to} {$subject}");
     if (!$to) {
         logEvent("Error: empty To: in message with subject {$subject} to send");
         return 0;
     } elseif (!$subject) {
         logEvent("Error: empty Subject: in message to send to {$to}");
         return 0;
     }
     if (isBlackListed($to)) {
         logEvent("Error, {$to} is blacklisted, not sending");
         Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $this->tables["user"], $to));
         addUserHistory($to, "Marked Blacklisted", "Found user in blacklist while trying to send an email, marked black listed");
         return 0;
     }
     $v = phpversion();
     $v = preg_replace("/\\-.*\$/", "", $v);
     $header .= "X-Mailer: webbler/phplist v" . VERSION . ' (http://www.phplist.com)' . "\n";
     $from_address = $this->getConfig("message_from_address");
     $from_name = $this->getConfig("message_from_name");
     if ($from_name) {
         $header .= "From: \"{$from_name}\" <{$from_address}>\n";
     } else {
         $header .= "From: {$from_address}\n";
     }
     $message_replyto_address = $this->getConfig("message_replyto_address");
     if ($message_replyto_address) {
         $header .= "Reply-To: {$message_replyto_address}\n";
     } else {
         $header .= "Reply-To: {$from_address}\n";
     }
     $v = VERSION;
     $v = ereg_replace("-dev", "", $v);
     $header .= "X-MessageID: systemmessage\n";
     if ($useremail) {
         $header .= "X-User: "******"\n";
     }
     if ($this->message_envelope) {
         $header = rtrim($header);
         if ($header) {
             $header .= "\n";
         }
         $header .= "Errors-To: " . $this->message_envelope;
         if (!$parameters || !ereg("-f" . $this->message_envelope)) {
             $parameters = '-f' . $this->message_envelope;
         }
     }
     if (!ereg("dev", VERSION)) {
         if (mail($to, $subject, $message, $header, $parameters)) {
             return 1;
         } else {
             return mail($to, $subject, $message, $header);
         }
     } else {
         # send mails to one place when running a test version
         $message = "To: {$to}\n" . $message;
         if ($this->developer_email) {
             return mail($this->developer_email, $subject, $message, $header, $parameters);
         } else {
             print "Error: Running CVS version, but developer_email not set";
         }
     }
 }
Example #8
0
print '<div id="add-user-button">' . PageLinkButton('adduser', $GLOBALS['I18N']->get('Add a User')) . '</div>';
print '</div>';
$some = 0;
$ls = new WebblerListing(s('users'));
$ls->usePanel($paging);
if ($result) {
    while ($user = Sql_fetch_array($result)) {
        $some = 1;
        $ls->addElement($user['email'], PageURL2("user&amp;start={$start}&amp;id=" . $user['id'] . $find_url));
        $ls->setClass($user['email'], 'row1');
        ## we make one column with the subscriber status being "on" or "off"
        ## two columns are too confusing and really unnecessary
        # ON = confirmed &&  !blacklisted
        #    $ls->addColumn($user["email"], $GLOBALS['I18N']->get('confirmed'), $user["confirmed"] ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
        #   if (in_array("blacklist", $columns)) {
        $onblacklist = isBlackListed($user['email']);
        #    $ls->addColumn($user["email"], $GLOBALS['I18N']->get('bl l'), $onblacklist ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
        #  }
        if ($user['confirmed'] && !$onblacklist) {
            $ls_confirmed = $GLOBALS['img_tick'];
        } else {
            $ls_confirmed = $GLOBALS['img_cross'];
        }
        $ls_del = '';
        #    $ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf('<a href="%s" onclick="return deleteRec(\'%s\');">del</a>',PageUrl2('users'.$find_url), PageURL2("users&start=$start&delete=" .$user["id"])));
        if (isSuperUser()) {
            $ls_del = sprintf('<a href="javascript:deleteRec(\'%s\');" class="del">del</a>', PageURL2("users&start={$start}&find={$find}&findby={$findby}&delete=" . $user['id']));
        }
        /*    if (isset ($user['foreignkey'])) {
                    $ls->addColumn($user["email"], $GLOBALS['I18N']->get('key'), $user["foreignkey"]);
                  }
Example #9
0
print '<div class="tabbed">';
print '<ul>';
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>';
if (count($bounces)) {
    print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>';
}
print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>';
print '</ul>';
print '<div id="messages">';
print $ls->display();
print '</div>';
print '<div id="bounces">';
print $bouncels->display();
print '</div>';
print '<div id="subscription">';
if (isBlackListed($user['email'])) {
    print '<h3>' . $GLOBALS['I18N']->get('subscriber is blacklisted since') . ' ';
    $blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist'], $user['email']));
    print $blacklist_info['added'] . '</h3><br/>';
    print '';
    $isSpamReport = false;
    $ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info'));
    $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables['user_blacklist_data'], $user['email']));
    while ($row = Sql_Fetch_Array($req)) {
        $ls->addElement($row['name']);
        $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints';
        $ls->addColumn($row['name'], $GLOBALS['I18N']->get('value'), stripslashes($row['data']));
    }
    $ls->addElement('<!-- remove -->');
    if (!$isSpamReport) {
        $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . '?\\n' . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user['id']}&id={$user['id']}", 'button', s('remove subscriber from blacklist')), s('remove subscriber from blacklist'));
Example #10
0
     $information_changed = 0;
     foreach ($current_data as $key => $val) {
         if (!is_numeric($key)) {
             if (isset($old_data[$key]) && $old_data[$key] != $val && $old_data[$key] && $key != "password" && $key != "modified") {
                 $information_changed = 1;
                 $history_entry .= "{$key} = {$val}\n*changed* from {$old_data[$key]}\n";
             }
         }
     }
     if (!$information_changed) {
         $history_entry .= "\nNo user details changed";
     }
     addUserHistory($user["systemvalues"]["email"], "Import by " . adminName(), $history_entry);
 }
 #add this user to the lists identified, except when they are blacklisted
 $isBlackListed = isBlackListed($user["systemvalues"]["email"]);
 if (!$isBlackListed && is_array($_SESSION["lists"])) {
     reset($_SESSION["lists"]);
     $addition = 0;
     $listoflists = "";
     while (list($key, $listid) = each($_SESSION["lists"])) {
         $query = "replace INTO " . $tables["listuser"] . " (userid,listid,entered) values({$userid},{$listid},now())";
         $result = Sql_query($query, 1);
         # if the affected rows is 2, the user was already subscribed
         $addition = $addition || Sql_Affected_Rows() == 1;
         $listoflists .= "  * " . listName($key) . "\n";
         # $_SESSION["listname"][$key] . "\n";
     }
     if ($addition) {
         $count["list_add"]++;
     }
<?php

ob_end_clean();
## blacklist an email from commandline
if (!function_exists('cl_output')) {
    function cl_output($message)
    {
        @ob_end_clean();
        print strip_tags($message) . "\n";
        $infostring = '';
        ob_start();
    }
}
$email = $cline['e'];
$uid = $cline['u'];
if (!empty($uid) && empty($email)) {
    $emailreq = Sql_Fetch_Row_Query(sprintf('select email from %s where uniqid = "%s"', $GLOBALS['tables']['user'], $uid));
    $email = $emailreq[0];
}
if (empty($email)) {
    cl_output('No email');
    exit;
}
if (isBlackListed($email)) {
    cl_output('Already blacklisted');
    exit;
}
addEmailToBlackList($email, 'blacklisted due to spam complaints');
cl_output($email . ' blacklisted');
exit;
Example #12
0
 function sendMail($to, $subject, $message, $header = "", $parameters = "")
 {
     mail($to, $subject, $message);
     dbg("mail {$to} {$subject}");
     if (TEST) {
         return 1;
     }
     if (!$to) {
         logEvent("Error: empty To: in message with subject {$subject} to send");
         return 0;
     } elseif (!$subject) {
         logEvent("Error: empty Subject: in message to send to {$to}");
         return 0;
     }
     if (isBlackListed($to)) {
         logEvent("Error, {$to} is blacklisted, not sending");
         Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS["tables"]["user"], $to));
         addUserHistory($to, "Marked Blacklisted", "Found user in blacklist while trying to send an email, marked black listed");
         return 0;
     }
     $v = phpversion();
     $v = preg_replace("/\\-.*\$/", "", $v);
     if ($GLOBALS["message_envelope"]) {
         $header = rtrim($header);
         if ($header) {
             $header .= "\n";
         }
         $header .= "Errors-To: " . $GLOBALS["message_envelope"];
         if (!$parameters || !ereg("-f" . $GLOBALS["message_envelope"], $parameters)) {
             $parameters = '-f' . $GLOBALS["message_envelope"];
         }
     }
     $header .= "X-Mailer: PHPlist v" . VERSION . ' (http://www.phplist.com)' . "\n";
     if (WORKAROUND_OUTLOOK_BUG) {
         $header = rtrim($header);
         if ($header) {
             $header .= "\n";
         }
         $header .= "X-Outlookbug-fixed: Yes";
         $message = preg_replace("/\r?\n/", "\r\n", $message);
     }
     if (!ereg("dev", VERSION)) {
         if ($v > "4.0.5" && !ini_get("safe_mode")) {
             if (mail($to, $subject, $message, $header, $parameters)) {
                 return 1;
             } else {
                 return mail($to, $subject, $message, $header);
             }
         } else {
             return mail($to, $subject, $message, $header);
         }
     } else {
         # send mails to one place when running a test version
         $message = "To: {$to}\n" . $message;
         if ($GLOBALS["developer_email"]) {
             return mail($GLOBALS["developer_email"], $subject, $message, $header, $parameters);
         } else {
             print "Error: Running CVS version, but developer_email not set";
         }
     }
 }
function confirmPage($id)
{
    global $tables, $envelope;
    if (!$_GET["uid"]) {
        FileNotFound();
    }
    $req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_GET["uid"] . "\"");
    $userdata = Sql_Fetch_Array($req);
    if ($userdata["id"]) {
        $blacklisted = isBlackListed($userdata["email"]);
        $html = '<ul>';
        $lists = '';
        Sql_Query("update {$tables["user"]} set confirmed = 1,blacklisted = 0 where id = " . $userdata["id"]);
        $req = Sql_Query(sprintf('select name,description from %s list, %s listuser where listuser.userid = %d and listuser.listid = list.id and list.active', $tables['list'], $tables['listuser'], $userdata['id']));
        if (!Sql_Affected_Rows()) {
            $lists = "\n * " . $GLOBALS["strNoLists"];
            $html .= '<li>' . $GLOBALS["strNoLists"] . '</li>';
        }
        while ($row = Sql_fetch_array($req)) {
            $lists .= "\n *" . stripslashes($row["name"]);
            $html .= '<li class="list">' . stripslashes($row["name"]) . '<div class="listdescription">' . stripslashes($row["description"]) . '</div></li>';
        }
        $html .= '</ul>';
        if ($blacklisted) {
            unBlackList($userdata['id']);
            addUserHistory($userdata["email"], "Confirmation", "User removed from Blacklist for manual confirmation of subscription");
        }
        addUserHistory($userdata["email"], "Confirmation", "Lists: {$lists}");
        $spage = $userdata["subscribepage"];
        $confirmationmessage = ereg_replace('\\[LISTS\\]', $lists, getUserConfig("confirmationmessage:{$spage}", $userdata["id"]));
        if (!TEST) {
            sendMail($userdata["email"], getConfig("confirmationsubject:{$spage}"), $confirmationmessage, system_messageheaders(), $envelope);
            $adminmessage = $userdata["email"] . " has confirmed their subscription";
            if ($blacklisted) {
                $adminmessage .= "\nUser has been removed from blacklist";
            }
            sendAdminCopy("List confirmation", $adminmessage);
            addSubscriberStatistics('confirmation', 1);
        }
        $info = $GLOBALS["strConfirmInfo"];
    } else {
        logEvent("Request for confirmation for invalid user ID: " . substr($_GET["uid"], 0, 150));
        $html .= 'Error: ' . $GLOBALS["strUserNotFound"];
        $info = $GLOBALS["strConfirmFailInfo"];
    }
    $data = PageData($id);
    if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . $data['language_file'])) {
        @(include dirname(__FILE__) . '/texts/' . $data['language_file']);
    }
    $res = '<title>' . $GLOBALS["strConfirmTitle"] . '</title>';
    $res .= $data["header"];
    $res .= '<h1>' . $info . '</h1>';
    $res .= $html;
    $res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>';
    $res .= $data["footer"];
    return $res;
}
Example #14
0
function isBlackListedID($userid = 0)
{
    if (!$userid) {
        return 0;
    }
    $email = Sql_Fetch_Row_Query("select email from {$GLOBALS["tables"]["user"]} where id = {$userid}");
    return isBlackListed($email[0]);
}
Example #15
0
         values("%s",now(),1,1,"%s")', $tables["user"], $line, $uniqid);
     $result = Sql_query($query, 1);
     $userid = Sql_insert_id();
     if (empty($userid)) {
         $count['duplicate']++;
         ## mark the subscriber confirmed, don't touch blacklisted
         ## hmm, maybe not, can be done on the reconcile page
         #   Sql_Query(sprintf('update %s set confirmed = 1 where email = "%s"', $tables["user"], $line));
         $idreq = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $tables["user"], $line));
         $userid = $idreq[0];
     } else {
         $count['imported']++;
         addUserHistory($line, $GLOBALS['I18N']->get('import_by') . ' ' . adminName(), '');
     }
     ## do not add them to the list(s) when blacklisted
     $isBlackListed = isBlackListed($line);
     if (!$isBlackListed) {
         $count['addedtolist']++;
         foreach ($selected_lists as $k => $listid) {
             $query = "replace into " . $tables["listuser"] . " (userid,listid,entered) values({$userid},{$listid},now())";
             $result = Sql_query($query);
         }
     } else {
         $count['foundonblacklist']++;
     }
 } else {
     $count['invalid']++;
     $rejectReport['invalid'] .= "\n" . $line;
     ## @TODO hmm, this can blow up
 }
 $count['processed']++;
Example #16
0
function sendMail($to, $subject, $message, $header = "", $parameters = "", $skipblacklistcheck = 0)
{
    if (TEST) {
        return 1;
    }
    # do a quick check on mail injection attempt, @@@ needs more work
    if (preg_match("/\n/", $to)) {
        logEvent("Error: invalid recipient, containing newlines, email blocked");
        return 0;
    }
    if (preg_match("/\n/", $subject)) {
        logEvent("Error: invalid subject, containing newlines, email blocked");
        return 0;
    }
    if (!$to) {
        logEvent("Error: empty To: in message with subject {$subject} to send");
        return 0;
    } elseif (!$subject) {
        logEvent("Error: empty Subject: in message to send to {$to}");
        return 0;
    }
    if (!$skipblacklistcheck && isBlackListed($to)) {
        logEvent("Error, {$to} is blacklisted, not sending");
        Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS["tables"]["user"], $to));
        addUserHistory($to, "Marked Blacklisted", "Found user in blacklist while trying to send an email, marked black listed");
        return 0;
    }
    if ($GLOBALS['usephpmailer']) {
        return sendMailPhpMailer($to, $subject, $message);
    } else {
        return sendMailOriginal($to, $subject, $message, $header, $parameters);
    }
    return 0;
}
Example #17
0
print '<p>' . PageLink2("dlusers", $GLOBALS['I18N']->get('Download all users as CSV file'), "nocache=" . uniqid("")) . '&nbsp;<br/>';
print PageLink2("user", $GLOBALS['I18N']->get('Add a User')) . '</p>';
?>
</td></tr>
</table>

<?php 
$some = 0;
$ls = new WebblerListing("users");
if ($result) {
    while ($user = Sql_fetch_array($result)) {
        $some = 1;
        $ls->addElement($user["email"], PageURL2("user&start={$start}&id=" . $user["id"] . $find_url));
        $ls->addColumn($user["email"], $GLOBALS['I18N']->get('confirmed'), $user["confirmed"] ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
        if (in_array("blacklist", $columns)) {
            $onblacklist = isBlackListed($user["email"]);
            $ls->addColumn($user["email"], $GLOBALS['I18N']->get('bl l'), $onblacklist ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
        }
        $ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf("<a href=\"javascript:deleteRec('%s');\">del</a>", PageURL2("users", "delete", "start={$start}&delete=" . $user["id"])));
        if (isset($user['foreignkey'])) {
            $ls->addColumn($user["email"], $GLOBALS['I18N']->get('key'), $user["foreignkey"]);
        }
        if (isset($user["display"])) {
            $ls->addColumn($user["email"], "&nbsp;", $user["display"]);
        }
        if (in_array("lists", $columns)) {
            $lists = Sql_query("SELECT count(*) FROM " . $tables["listuser"] . "," . $tables["list"] . " where userid = " . $user["id"] . " and " . $tables["listuser"] . ".listid = " . $tables["list"] . ".id");
            $membership = Sql_fetch_row($lists);
            $ls->addColumn($user["email"], $GLOBALS['I18N']->get('lists'), $membership[0]);
        }
        if (in_array("messages", $columns)) {
Example #18
0
print '<div class="tabbed">';
print '<ul>';
print '<li><a href="#messages">' . ucfirst($GLOBALS['I18N']->get('Campaigns')) . '</a></li>';
if (count($bounces)) {
    print '<li><a href="#bounces">' . ucfirst($GLOBALS['I18N']->get('Bounces')) . '</a></li>';
}
print '<li><a href="#subscription">' . ucfirst($GLOBALS['I18N']->get('Subscription')) . '</a></li>';
print '</ul>';
print '<div id="messages">';
print $ls->display();
print '</div>';
print '<div id="bounces">';
print $bouncels->display();
print '</div>';
print '<div id="subscription">';
if (isBlackListed($user["email"])) {
    print "<h3>" . $GLOBALS['I18N']->get('subscriber is blacklisted since') . " ";
    $blacklist_info = Sql_Fetch_Array_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist"], $user["email"]));
    print $blacklist_info["added"] . "</h3><br/>";
    print '';
    $isSpamReport = false;
    $ls = new WebblerListing($GLOBALS['I18N']->get('Blacklist info'));
    $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user_blacklist_data"], $user["email"]));
    while ($row = Sql_Fetch_Array($req)) {
        $ls->addElement($row["name"]);
        $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints';
        $ls->addColumn($row["name"], $GLOBALS['I18N']->get('value'), stripslashes($row["data"]));
    }
    $ls->addElement('<!-- remove -->');
    if (!$isSpamReport) {
        $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . "?\\n" . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user["id"]}&id={$user["id"]}", "button", s('remove subscriber from blacklist')), s('remove subscriber from blacklist'));
function forwardPage($id)
{
    global $data, $tables, $envelope;
    $ok = true;
    $subtitle = '';
    $info = '';
    $html = '';
    $form = '';
    ## Check requirements
    # user
    if (!isset($_REQUEST["uid"]) || !$_REQUEST['uid']) {
        FileNotFound();
    }
    $firstpage = 1;
    ## is this the initial page or a followup
    # forward addresses
    $forwardemail = '';
    if (isset($_REQUEST['email']) && !empty($_REQUEST['email'])) {
        $firstpage = 0;
        $forwardPeriodCount = Sql_Fetch_Array_Query(sprintf('select count(user) from %s where date_add(time,interval %s) >= now() and user = %d and status ="sent" ', $tables['user_message_forward'], FORWARD_EMAIL_PERIOD, $userdata['id']));
        $forwardemail = stripslashes($_REQUEST['email']);
        $emails = explode("\n", $forwardemail);
        $emails = trimArray($emails);
        $forwardemail = implode("\n", $emails);
        #0011860: forward to friend, multiple emails
        $emailCount = $forwardPeriodCount[0];
        foreach ($emails as $index => $email) {
            $emails[$index] = trim($email);
            if (is_email($email)) {
                $emailCount++;
            } else {
                $info .= sprintf('<BR />' . $GLOBALS['strForwardInvalidEmail'], $email);
                $ok = false;
            }
        }
        if ($emailCount > FORWARD_EMAIL_COUNT) {
            $info .= '<BR />' . $GLOBALS["strForwardCountReached"];
            $ok = false;
        }
    } else {
        $ok = false;
    }
    # message
    $mid = 0;
    if (isset($_REQUEST['mid'])) {
        $mid = sprintf('%d', $_REQUEST['mid']);
        $req = Sql_Query(sprintf('select * from %s where id = %d', $tables["message"], $mid));
        $messagedata = Sql_Fetch_Array($req);
        $mid = $messagedata['id'];
        if ($mid) {
            $subtitle = $GLOBALS['strForwardSubtitle'] . ' ' . stripslashes($messagedata['subject']);
        }
    }
    #mid set
    ## get userdata
    $req = Sql_Query("select * from {$tables["user"]} where uniqid = \"" . $_REQUEST["uid"] . "\"");
    $userdata = Sql_Fetch_Array($req);
    $req = Sql_Query(sprintf('select * from %s where email = "%s"', $tables["user"], $forwardemail));
    $forwarduserdata = Sql_Fetch_Array($req);
    #0011996: forward to friend - personal message
    # text cannot be longer than max, to prevent very long text with only linefeeds total cannot be longer than twice max
    if (FORWARD_PERSONAL_NOTE_SIZE && isset($_REQUEST['personalNote'])) {
        if (strlen(strip_newlines($_REQUEST['personalNote'])) > FORWARD_PERSONAL_NOTE_SIZE || strlen($_REQUEST['personalNote']) > FORWARD_PERSONAL_NOTE_SIZE * 2) {
            $info .= '<BR />' . $GLOBALS['strForwardNoteLimitReached'];
            $ok = false;
        }
        $personalNote = strip_tags(htmlspecialchars_decode(stripslashes($_REQUEST['personalNote'])));
        $userdata['personalNote'] = $personalNote;
    }
    if ($userdata["id"] && $mid) {
        if ($ok && count($emails)) {
            ## All is well, send it
            require 'admin/sendemaillib.php';
            #0013845 Lead Ref Scheme
            if (FORWARD_FRIEND_COUNT_ATTRIBUTE) {
                $iCountFriends = getAttributeIDbyName(FORWARD_FRIEND_COUNT_ATTRIBUTE);
            } else {
                $iCountFriends = 0;
            }
            if ($iCountFriends) {
                $nFriends = intval(UserAttributeValue($userdata['id'], $iCountFriends));
            }
            #0011860: forward to friend, multiple emails
            foreach ($emails as $index => $email) {
                #0011860: forward to friend, multiple emails
                $done = Sql_Fetch_Array_Query(sprintf('select user,status,time from %s where forward = "%s" and message = %d', $tables['user_message_forward'], $email, $mid));
                $info .= '<BR />' . $email . ': ';
                if ($done['status'] === 'sent') {
                    $info .= $GLOBALS['strForwardAlreadyDone'];
                } elseif (isBlackListed($email)) {
                    $info .= $GLOBALS['strForwardBlacklistedEmail'];
                } else {
                    if (!TEST) {
                        # forward the message
                        # sendEmail will take care of blacklisting
                        if (sendEmail($mid, $email, 'forwarded', $userdata['htmlemail'], array(), $userdata)) {
                            $info .= $GLOBALS["strForwardSuccessInfo"];
                            sendAdminCopy("Message Forwarded", $userdata["email"] . " has forwarded a message {$mid} to {$email}");
                            Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
                 values(%d,%d,"%s","sent",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
                            if ($iCountFriends) {
                                $nFriends++;
                            }
                        } else {
                            $info .= $GLOBALS["strForwardFailInfo"];
                            sendAdminCopy("Message Forwarded", $userdata["email"] . " tried forwarding a message {$mid} to {$email} but failed");
                            Sql_Query(sprintf('insert into %s (user,message,forward,status,time)
                values(%d,%d,"%s","failed",now())', $tables['user_message_forward'], $userdata['id'], $mid, $email));
                            $ok = false;
                        }
                    }
                }
            }
            # foreach friend
            if ($iCountFriends) {
                saveUserAttribute($userdata['id'], $iCountFriends, array('name' => FORWARD_FRIEND_COUNT_ATTRIBUTE, 'value' => $nFriends));
            }
        }
        #ok & emails
    } else {
        # no valid sender
        logEvent("Forward request from invalid user ID: " . substr($_REQUEST["uid"], 0, 150));
        $info .= '<BR />' . $GLOBALS["strForwardFailInfo"];
        $ok = false;
    }
    $data = PageData($id);
    if (isset($data['language_file']) && is_file(dirname(__FILE__) . '/texts/' . basename($data['language_file']))) {
        @(include dirname(__FILE__) . '/texts/' . basename($data['language_file']));
    }
    ## BAS Multiple Forward
    ## build response page
    $form = '<form method="post" action="">';
    $form .= sprintf('<input type=hidden name="mid" value="%d">', $mid);
    $form .= sprintf('<input type=hidden name="id" value="%d">', $id);
    $form .= sprintf('<input type=hidden name="uid" value="%s">', $userdata['uniqid']);
    $form .= sprintf('<input type=hidden name="p" value="forward">');
    if (!$ok) {
        #0011860: forward to friend, multiple emails
        if (FORWARD_EMAIL_COUNT == 1) {
            $form .= '<BR /><H2>' . $GLOBALS['strForwardEnterEmail'] . '</H2>';
            $form .= sprintf('<input type=text name="email" value="%s" size=50 class="attributeinput">', $forwardemail);
        } else {
            $form .= '<BR /><H2>' . sprintf($GLOBALS['strForwardEnterEmails'], FORWARD_EMAIL_COUNT) . '</H2>';
            $form .= sprintf('<textarea name="email" rows=10 cols=50 class="attributeinput">%s</textarea>', $forwardemail);
        }
        #0011996: forward to friend - personal message
        if (FORWARD_PERSONAL_NOTE_SIZE) {
            $form .= sprintf('<h2>' . $GLOBALS['strForwardPersonalNote'] . '</H2>', FORWARD_PERSONAL_NOTE_SIZE);
            $cols = 50;
            $rows = min(10, ceil(FORWARD_PERSONAL_NOTE_SIZE / 40));
            $form .= sprintf('<BR/><textarea type=text name="personalNote" rows=%d cols=%d class="attributeinput">%s</textarea>', $rows, $cols, $personalNote);
        }
        $form .= sprintf('<br /><input type=submit value="%s"></form>', $GLOBALS['strContinue']);
    }
    ### END BAS
    ### Michiel, remote response page
    $remote_content = '';
    if (preg_match("/\\[URL:([^\\s]+)\\]/i", $messagedata['message'], $regs)) {
        if (isset($regs[1]) && strlen($regs[1])) {
            $url = $regs[1];
            if (!preg_match('/^http/i', $url)) {
                $url = 'http://' . $url;
            }
            $remote_content = fetchUrl($url);
        }
    }
    if (!empty($remote_content) && preg_match('/\\[FORWARDFORM\\]/', $remote_content, $regs)) {
        if ($firstpage) {
            ## this is the initial page, not a follow up one.
            $remote_content = str_replace($regs[0], $info . $form, $remote_content);
        } else {
            $remote_content = str_replace($regs[0], $info, $remote_content);
        }
        $res = $remote_content;
    } else {
        $res = '<title>' . $GLOBALS["strForwardTitle"] . '</title>';
        $res .= $data["header"];
        $res .= '<h1>' . $subtitle . '</h1>';
        if ($ok) {
            $res .= '<h2>' . $info . '</h2>';
        } else {
            $res .= '<div class="missing">' . $info . '</div>';
        }
        $res .= $form;
        $res .= "<P>" . $GLOBALS["PoweredBy"] . '</p>';
        $res .= $data["footer"];
    }
    ### END MICHIEL
    return $res;
}