* modified 2008-06-27, Dominik Ziegler, add security fix
*
* $Id$:
* }}
*
*/
if (!defined('CON_FRAMEWORK')) {
die('Illegal call');
}
$plugin_name = 'newsletter';
##################################
# Initialization
##################################
$oPage = new cPage();
$oUser = new cApiUser($auth->auth["uid"]);
$oClientLang = new cApiClientLanguage(false, $client, $lang);
// Get idCatArt to check, if we may send a test newsletter
$lIDCatArt = (int) $oClientLang->getProperty("newsletter", "idcatart");
// Specify fields for search, sort and validation. Design makes enhancements
// using plugins possible (currently not implemented). If you are changing things here,
// remember to update include.newsletter_left_top.php, also.
// field: Field name in the db
// caption: Shown field name (-> user)
// base: Elements from core code (other type may be: "plugin")
// sort: Element can be used to be sorted by
// search: Element can be used to search in
$aFields = array();
$aFields["name"] = array("field" => "name", "caption" => i18n("Name", $plugin_name), "type" => "base,sort,search");
##################################
# Store settings/Get basic data
##################################
/**
* If newsletter is HTML newsletter and necessary data available
* returns final HTML message
* @return string HTML message
*/
public function getHTMLMessage()
{
global $lang, $client, $cfgClient, $contenido;
if ($this->get("type") == "html" && $this->get("idart") > 0 && $this->htmlArticleExists()) {
// Article ID
$iIDArt = $this->get("idart");
// Category ID
$oClientLang = new cApiClientLanguage(false, $client, $lang);
$iIDCat = $oClientLang->getProperty("newsletter", "html_newsletter_idcat");
unset($oClientLang);
// Get http username and password, if frontend is protected
$oClient = new cApiClient($client);
$sHTTPUserName = $oClient->getProperty("newsletter", "html_username");
$sHTTPPassword = $oClient->getProperty("newsletter", "html_password");
unset($oClient);
// Get HTML
if ($iIDArt > 0 && $iIDCat > 0) {
// Check, if newsletter is online and set temporarely online, otherwise
$bSetOffline = false;
$oArticles = new cApiArticleLanguageCollection();
$oArticles->setWhere("idlang", $this->get("idlang"));
$oArticles->setWhere("idart", $this->get("idart"));
$oArticles->query();
if ($oArticle = $oArticles->next()) {
if ($oArticle->get("online") == 0) {
$bSetOffline = true;
$oArticle->set("online", 1);
$oArticle->store();
}
unset($oArticle);
}
unset($oArticles);
$sFile = "front_content.php?client={$client}&lang={$lang}&idcat={$iIDCat}&idart={$iIDArt}&noex=1&send=1";
$aURL = parse_url($cfgClient[$client]['path']['htmlpath']);
// TODO: Other schemes than http should be tested before use!
if ($aURL["scheme"] == "https") {
$iPort = 443;
$sTarget = "ssl://" . $aURL["host"];
} else {
$iPort = 80;
$sTarget = $aURL["host"];
}
if ($aURL["port"]) {
$iPort = $aURL["port"];
}
$iErrorNo = 0;
$sErrorMsg = "";
if ($iHandler = fsockopen($sTarget, $iPort, $iErrorNo, $sErrorMsg, 30)) {
// If you use HTTP 1.1 you may get chunked data... you could solve
// this easily by using HTTP 1.0, but then you get a problem with
// virtual servers, as HTTP 1.0 doesn't use the host information...
fputs($iHandler, "GET " . $aURL["path"] . $sFile . " HTTP/1.1\r\n");
fputs($iHandler, "Host: " . $aURL["host"] . "\r\n");
// Maybe the website has been protected using .htaccess, then login
if ($sHTTPUserName != "" && $sHTTPPassword != "") {
fputs($iHandler, "Authorization: Basic " . base64_encode("{$sHTTPUserName}:{$sHTTPPassword}") . "\r\n");
}
fputs($iHandler, "Referer: http://" . $aURL["host"] . "\r\n");
fputs($iHandler, "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)\r\n");
fputs($iHandler, "Connection: close\r\n\r\n");
// Get the HTTP header and body separately
$sHTML = "";
$sHeader = "";
$bBody = false;
while (!feof($iHandler)) {
// $sLine = fgets($iHandler, 4096);
$sLine = fgets($iHandler, 1024);
if ($bBody) {
$sHTML .= $sLine;
} else {
if ($sLine == "\r\n") {
$bBody = true;
} else {
$sHeader .= $sLine;
}
}
}
fclose($iHandler);
$sHTML = $this->_deChunkHTTPBody($sHeader, $sHTML);
// Remove base tag
$sHTML = preg_replace('/<base href=(.*?)>/is', '', $sHTML, 1);
// Make URLs absolute
$sHTML = preg_replace_callback('/(url)\\((\'|\\")?(http:\\/\\/|https:\\/\\/|ftp:\\/\\/)?([A-Za-z0-9#\\.?\\-=_&\\/]*)[\'|\\"]?\\)/', array($this, "_callbackReplaceUrl"), $sHTML);
$sHTML = preg_replace_callback('/\\b(src|href|ftp)[ ]*=[ ]*"(http:\\/\\/|https:\\/\\/|ftp:\\/\\/)?([A-Za-z0-9#\\.?\\-=_&\\/]*)"/', array($this, "_callbackReplaceUrl"), $sHTML);
// Now replace anchor tags to the newsletter article itself just by the anchor
$sHTML = preg_replace("/(href|src)\\=(\"|\\')" . str_replace('/', '\\/', $cfgClient[$client]['path']['htmlpath']) . "front_content.php?idart=" . $iIDArt . "(.*)#(.*)(\"|\\')/", "\$1=" . "\$2" . "#" . "\$4" . "\$5", $sHTML);
// Now correct mailto tags
$sHTML = str_replace($cfgClient[$client]['path']['htmlpath'] . 'mailto:', 'mailto:', $sHTML);
$sReturn = $sHTML;
} else {
if ($contenido) {
// Use i18n only in backend
$sErrorText = i18n("There was a problem getting the newsletter article using http. Error: %s (%s)", $plugin_name);
} else {
$sErrorText = "There was a problem getting the newsletter article using http. Error: %s (%s)";
}
$this->_sError = sprintf($sErrorText, $sErrorMsg, $iErrorNo);
$sReturn = false;
}
// Set previously offline article back to offline
if ($bSetOffline) {
$oArticles = new cApiArticleLanguageCollection();
$oArticles->setWhere("idlang", $this->get("idlang"));
$oArticles->setWhere("idart", $this->get("idart"));
$oArticles->query();
if ($oArticle = $oArticles->next()) {
$oArticle->set("online", 0);
$oArticle->store();
}
unset($oArticle);
unset($oArticles);
}
return $sReturn;
} else {
return false;
}
} else {
return false;
}
}
die('Illegal call');
}
$plugin_name = 'newsletter';
######################################
# Initialization
######################################
if (!is_object($oTpl)) {
$oTpl = new Template();
}
if (!is_object($oDB)) {
$oDB = new DB_Contenido();
// We have really to send a special SQL statement - we need a DB object
}
$oUser = new cApiUser($auth->auth["uid"]);
$oClient = new cApiClient($client);
$oClientLang = new cApiClientLanguage(false, $client, $lang);
######################################
# 0. BUTTONS
######################################
// Newsletter
$sId = 'img_newsletter';
$oTpl->set('s', 'INEWSLETTER', $sId);
if ($perm->have_perm_area_action('news')) {
$sButtonRow = '<a style="margin-right:5px;" href="javascript://" onclick="toggleContainer(\'' . $sId . '\');reloadLeftBottomAndTransportFormVars(document.newsletter_listoptionsform);">';
$sButtonRow .= '<img onmouseover="hoverEffect(\'' . $sId . '\', \'in\')" onmouseout="hoverEffect(\'' . $sId . '\', \'out\')" alt="' . i18n("Newsletter", $plugin_name) . '" title="' . i18n("Newsletter", $plugin_name) . '" name="' . $sId . '" id="' . $sId . '" src="' . $cfg["path"]["images"] . 'newsletter_on.gif"/>';
$sButtonRow .= '</a>';
}
// Job dispatch
$sId = 'img_dispatch';
$oTpl->set('s', 'IDISPATCH', $sId);
if ($perm->have_perm_area_action('news_jobs')) {
* created 2007-01-01, Björn Behrens (HerrB)
* modified 2008-06-27, Dominik Ziegler, add security fix
*
* $Id$:
* }}
*
*/
if (!defined('CON_FRAMEWORK')) {
die('Illegal call');
}
$plugin_name = 'newsletter';
cInclude("includes", "functions.con.php");
// For conDeleteArt and conCopyArt
// Initialization
$oPage = new cPage();
$oClientLang = new cApiClientLanguage(false, $client, $lang);
// Include plugins
if (is_array($cfg['plugins']['newsletters'])) {
foreach ($cfg['plugins']['newsletters'] as $plugin) {
plugin_include("newsletters", $plugin . "/" . $plugin . ".php");
}
}
// Exec actions
$oNewsletter = new Newsletter();
$oNewsletter->loadByPrimaryKey($idnewsletter);
if ($oNewsletter->virgin == false && $oNewsletter->get("idclient") == $client && $oNewsletter->get("idlang") == $lang) {
// Check and set values
if (!is_numeric($_REQUEST["selTemplate"])) {
$_REQUEST["selTemplate"] = 0;
}
// Saving message changes; note, that if a user doesn't have the right to save the
