function deleteOldTokens() { # echo "<script>alert('".PASSWORD_CHANGE_TIMEFRAME."');</script>"; //DELETE FROM phplist_admin_password_request WHERE date_add( date, INTERVAL 1 year ) < now( ) $SQLquery = sprintf('delete from %s where date_add( date, INTERVAL %s) < now( )', $GLOBALS['tables']['admin_password_request'], PASSWORD_CHANGE_TIMEFRAME); $query = Sql_Query($SQLquery); }
function rssUserHasContent($userid,$messageid,$frequency) { global $tables; switch ($frequency) { case "weekly": $interval = 'interval 7 day';break; case "monthly": $interval = 'interval 1 month';break; case "daily": default: $interval = 'interval 1 day';break; } $cansend_req = Sql_Query(sprintf('select date_add(last,%s) < now() from %s where userid = %d', $interval,$tables["user_rss"],$userid)); $exists = Sql_Affected_Rows(); $cansend = Sql_Fetch_Row($cansend_req); if (!$exists || $cansend[0]) { # we can send this user as far as the frequency is concerned # now check whether there is actually some content # check what lists to use. This is the intersection of the lists for the # user and the lists for the message $lists = array(); $listsreq = Sql_Query(sprintf(' select %s.listid from %s,%s where %s.listid = %s.listid and %s.userid = %d and %s.messageid = %d', $tables["listuser"],$tables["listuser"],$tables["listmessage"], $tables["listuser"],$tables["listmessage"], $tables["listuser"],$userid,$tables["listmessage"],$messageid)); while ($row = Sql_Fetch_Row($listsreq)) { array_push($lists,$row[0]); } if (!sizeof($lists)) return 0; $liststosend = join(",",$lists); # request the rss items that match these lists and that have not been sent to this user $itemstosend = array(); $max = sprintf('%d',getConfig("rssmax")); if (!$max) { $max = 30; } $itemreq = Sql_Query("select {$tables["rssitem"]}.* from {$tables["rssitem"]} where {$tables["rssitem"]}.list in ($liststosend) order by added desc, list,title limit $max"); while ($item = Sql_Fetch_Array($itemreq)) { Sql_Query("select * from {$tables["rssitem_user"]} where itemid = {$item["id"]} and userid = $userid"); if (!Sql_Affected_Rows()) { array_push($itemstosend,$item["id"]); } } # print "<br/>Items to send for user $userid: ".sizeof($itemstosend); # if it is less than the treshold return nothing $treshold = getConfig("rsstheshold"); if (sizeof($itemstosend) >= $treshold) return $itemstosend; else return array(); } return array(); }
function moveUser($userid) { global $tables; $newlist = $_GET["list"]; Sql_Query(sprintf('delete from %s where userid = %d', $tables["listuser"], $userid)); Sql_Query(sprintf('insert into %s (userid,listid) values(%d,%d)', $tables["listuser"], $userid, $newlist)); }
public function runtest() { $this->userdata = Sql_Fetch_Assoc_Query(sprintf('select * from %s where email = "%s"', $GLOBALS['tables']['user'], $GLOBALS['developer_email'])); if (!$this->userdata['id']) { Sql_Query(sprintf('insert into %s (email) values("%s")', $GLOBALS['tables']['user'], $GLOBALS['developer_email'])); print 'Bounce user created: ' . $GLOBALS['developer_email'] . '<br/>'; } $GLOBALS['message_envelope'] = $GLOBALS['developer_email']; return 1; }
function processSubscribePageEdit($id) { if (!empty($_POST['disposable_mailblocker_enable'])) { $enabled = 1; } else { $enabled = 1; } Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"disposable_mailblocker_enable","%s")', $GLOBALS['tables']["subscribepage_data"], $id, sql_escape($enabled))); Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"disposable_mailblocker_text","%s")', $GLOBALS['tables']["subscribepage_data"], $id, sql_escape($_POST['disposable_mailblocker_text']))); }
/** * Create the html to show the number of list members in up to three totals. * Confirmed - subscriber is confirmed and not blacklisted * Not confirmed - subscriber is not confirmed and not blacklisted * Blacklisted - subscriber is blacklisted. * * @param int $listId the list id, or 0 for all subscribers * @return string */ function listMemberCounts($listId) { global $tables; if ($listId) { $join = "JOIN {$tables['listuser']} lu ON u.id = lu.userid\n WHERE lu.listid = {$listId}"; } else { $join = ''; } $req = Sql_Query("SELECT\n SUM(1) AS total,\n SUM(IF(u.confirmed = 1 && u.blacklisted = 0, 1, 0)) AS confirmed,\n SUM(IF(u.confirmed = 0 && u.blacklisted = 0, 1, 0)) AS notconfirmed,\n SUM(IF(u.blacklisted = 1, 1, 0)) AS blacklisted\n FROM {$tables['user']} u\n {$join}"); $counts = Sql_Fetch_Assoc($req); $membersDisplay = sprintf('<span class="memberCount" title="%s">%s</span>' . ' (' . '<span class="unconfirmedCount" title="%s">%s</span>, ' . ' ' . '<span class="blacklistedCount" title="%s">%s</span>' . ')', s('Confirmed members'), number_format($counts['confirmed']), s('Unconfirmed members'), number_format($counts['notconfirmed']), s('Blacklisted members'), number_format($counts['blacklisted'])); return $membersDisplay; }
function Retreive_And_Unserialize() { $retrieve_serialized_query = sprintf("select value from %s", $this->AttributeChangerData['attribute_changer_tablename']); $retrieve_s_return = Sql_Query($retrieve_serialized_query); if (!$retrieve_s_return) { print "ERROR NO STORED SESSION"; die; } $returned_result = Sql_Fetch_Assoc($retrieve_s_return); if (!isset($returned_result['value'])) { print "ERROR Improperly stored value data"; die; } //print_r($returned_result); $serialized_session = $returned_result['value']; //print($serialized_session); $this->Current_Session = unserialize(base64_decode($serialized_session)); }
function accessLevel($page) { global $tables, $access_levels; if (!$GLOBALS["require_login"] || isSuperUser()) { return "all"; } if (!isset($_SESSION["adminloggedin"])) { return 0; } if (!is_array($_SESSION["logindetails"])) { return 0; } # check whether it is a page to protect Sql_Query("select id from {$tables["task"]} where page = \"{$page}\""); if (!Sql_Affected_Rows()) { return "all"; } $req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"])); $row = Sql_Fetch_Row($req); return $access_levels[$row[0]]; }
public function runtest() { if (empty($this->userdata['email'])) { print $GLOBALS['I18N']->get('Test email not set '); return 0; } ## insert an HTML page as a message Sql_Query(sprintf('insert into %s (subject,fromfield,message,footer,entered,status,sendformat) values("phplist test sendpage","test","[URL:http://www.phplist.com]","Unsubscribe link: [UNSUBSCRIBE]",now(),"test","text and HTML")', $GLOBALS['tables']['message'])); require_once dirname(__FILE__) . '/../sendemaillib2.php'; $testmsg = Sql_Insert_id(); print $GLOBALS['I18N']->get('Sending HTML version to ') . $this->userdata['email']; $suc6 = 0; $suc6 = sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 1); if ($suc6) { print ' ... ' . $GLOBALS['I18N']->get('OK'); } else { print ' ... ' . $GLOBALS['I18N']->get('Failed'); } print '<br/>'; print $GLOBALS['I18N']->get('Sending Text version to ') . $this->userdata['email']; $suc6 = $suc6 && sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 0); if ($suc6) { print ' ... ' . $GLOBALS['I18N']->get('OK'); } else { print ' ... ' . $GLOBALS['I18N']->get('Failed'); } print '<br/>'; if (CLICKTRACK) { print $GLOBALS['I18N']->get('Note: Links in emails will not work, because this is a test message, which is deleted after sending') . '<br/>'; } print $GLOBALS['I18N']->get('Check your INBOX to see if all worked ok') . '<br/>'; #deleteMessage($testmsg); print "Message ID: {$testmsg}<br/>"; return $suc6; }
function mergeUsers($original, $duplicate) { set_time_limit(60); print '<br/>Merging ' . $duplicate . ' into ' . $original; $umreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate)); while ($um = Sql_Fetch_Array($umreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s"', $GLOBALS["tables"]["usermessage"], $original, $um["entered"], $duplicate, $um["entered"]), 1); } $bncreq = Sql_Query(sprintf('select * from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate)); while ($bnc = Sql_Fetch_Array($bncreq)) { Sql_Query(sprintf('update %s set user = %d, time = "%s" where user = %d and time = "%s"', $GLOBALS["tables"]["user_message_bounce"], $original, $bnc["time"], $duplicate, $bnc["time"]), 1); } $listreq = Sql_Query(sprintf('select * from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate)); while ($list = Sql_Fetch_Array($listreq)) { Sql_Query(sprintf('update %s set userid = %d, entered = "%s" where userid = %d and entered = "%s" and listid = %d', $GLOBALS["tables"]["listuser"], $original, $list["entered"], $duplicate, $list["entered"], $list['listid']), 1); } Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["listuser"], $duplicate)); Sql_Query(sprintf('delete from %s where user = %d', $GLOBALS["tables"]["user_message_bounce"], $duplicate)); Sql_Query(sprintf('delete from %s where userid = %d', $GLOBALS["tables"]["usermessage"], $duplicate)); # if (MERGE_DUPLICATES_DELETE_DUPLICATE) { deleteUser($duplicate); # } flush(); }
} $htmlcnt = Sql_Fetch_Row_Query(sprintf('select count(distinct userid) from %s listuser,%s user where user.htmlemail and user.id = listuser.userid and listuser.listid in (%s) %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user'], implode(',', array_keys($lists)), $exclude), 1); $textcnt = Sql_Fetch_Row_Query(sprintf('select count(distinct userid) from %s listuser,%s user where !user.htmlemail and user.id = listuser.userid and listuser.listid in (%s) %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user'], implode(',', array_keys($lists)), $exclude), 1); if ($htmlcnt[0] || $textcnt[0]) { if (!isset($messagedata['textsize'])) { $messagedata['textsize'] = 0; } if (!isset($messagedata['htmlsize'])) { $messagedata['htmlsize'] = 0; } $send_content .= $GLOBALS['I18N']->get('Estimated size of mailout') . ': ' . formatBytes($htmlcnt[0] * $messagedata['htmlsize'] + $textcnt[0] * $messagedata['textsize']) . '<br/>'; ## remember this to see how well the estimate was Sql_Query(sprintf('replace into %s set name = "estimatedsize",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $htmlcnt[0] * $messagedata['htmlsize'] + $textcnt[0] * $messagedata['textsize'])); $send_content .= sprintf($GLOBALS['I18N']->get('About %d users to receive HTML and %s users to receive text version of email'), $htmlcnt[0], $textcnt[0]) . '<br/>'; Sql_Query(sprintf('replace into %s set name = "estimatedhtmlusers",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $htmlcnt[0])); Sql_Query(sprintf('replace into %s set name = "estimatedtextusers",id=%d,data = "%s"', $GLOBALS['tables']['messagedata'], $id, $textcnt[0])); } } } $send_content .= '</div>'; ## the button to actually send the campagin $send_content .= $placeinqueue; print '<div class="sendtabs_container">'; $tabs->setListClass('sendcampaign'); $tabs->setId('sendtabs'); # $tabs->addPrevNext(); $tabs->addTabNo(); print $tabs->display(); #print '<div id="tabcontent"></div>'; $panelcontent = ''; switch ($_GET['tab']) {
while ($row = Sql_Fetch_Array($req)) { $ls->addElement($row["name"]); $isSpamReport = $isSpamReport || $row['data'] == 'blacklisted due to spam complaints'; $ls->addColumn($row["name"], $GLOBALS['I18N']->get('value'), stripslashes($row["data"])); } $ls->addElement('<!-- remove -->'); if (!$isSpamReport) { $button = new ConfirmButton(htmlspecialchars($GLOBALS['I18N']->get('are you sure you want to delete this subscriber from the blacklist')) . "?\\n" . htmlspecialchars($GLOBALS['I18N']->get('it should only be done with explicit permission from this subscriber')), PageURL2("userhistory&unblacklist={$user["id"]}&id={$user["id"]}", "button", s('remove subscriber from blacklist')), s('remove subscriber from blacklist')); $ls->addRow('<!-- remove -->', s('remove'), $button->show()); } else { $ls->addRow('<!-- remove -->', s('remove'), s('For this subscriber to be removed from the blacklist, you need to ask them to re-subscribe using the phpList subscribe page')); } print $ls->display(); } $ls = new WebblerListing($GLOBALS['I18N']->get('Subscription History')); $req = Sql_Query(sprintf('select * from %s where userid = %d order by date desc', $tables["user_history"], $user["id"])); if (!Sql_Affected_Rows()) { print $GLOBALS['I18N']->get('no details found'); } while ($row = Sql_Fetch_Array($req)) { $ls->addElement($row["id"]); $ls->setClass($row["id"], 'row1'); $ls->addColumn($row["id"], $GLOBALS['I18N']->get('ip'), $row["ip"]); $ls->addColumn($row["id"], $GLOBALS['I18N']->get('date'), $row["date"]); $ls->addColumn($row["id"], $GLOBALS['I18N']->get('summary'), $row["summary"]); $ls->addRow($row["id"], "<div class='gray'>" . $GLOBALS['I18N']->get('detail') . ": </div>", "<div class='tleft'>" . nl2br(htmlspecialchars($row["detail"])) . "</div>"); $ls->addRow($row["id"], "<div class='gray'>" . $GLOBALS['I18N']->get('info') . ": </div>", "<div class='tleft'>" . nl2br($row["systeminfo"]) . "</div>"); } print $ls->display(); print '</div>'; print '</div>';
function saveUserAttribute($userid,$attid,$data) { if ($data["nodbsave"]) { dbg("Not saving $attid"); return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { dbg("Not saving $attid"); return; } if (!$data["type"]) $data["type"] = "textline"; if ($data["type"] == "static" || $data["type"] == "password") { Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid,$data["value"],$userid)); return 1; } $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from attribute where id = %d',$attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from attribute where name = "%s"',$data["name"])); if (!$attid_req[0]) { if ($GLOBALS["config"]["autocreate_attributes"]) { Dbg("Creating new Attribute: ".$data["name"]); sendError("creating new attribute ".$data["name"]); $atttable= getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into attribute (name,type,tablename) values("%s","%s","%s")',$data["name"],$data["type"],$atttable)); $attid = Sql_Insert_Id(); } else { dbg("Not creating new Attribute: ".$data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } if (!$atttable) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update attribute set tablename ="%s" where id = %d', $atttable,$attid)); # sendError("Attribute without Tablename $attid"); } switch ($data["type"]) { case "static": case "password": Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid,$data["value"],$userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s where name = "%s"',$atttable,$data["displayvalue"]),1); if (!$curval[0]) { Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")',$atttable, $data["displayvalue"])); sendError("Added ".$data["displayvalue"]." to $atttable"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value) values(%d,%d,"%s")',$userid,$attid,$valid)); break; default: Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value) values(%d,%d,"%s")',$userid,$attid,$data["value"])); break; } return 1; }
$html .= $GLOBALS['img_cross']; } $html .= '</td></tr>'; $html .= '<tr><td>' . s('Create public lists') . '</td> <td>' . PageLink2('list', s('Go there')) . '</td><td>'; $req = Sql_Query(sprintf('select id from %s where active <> 0', $tables['list'])); if (Sql_Affected_Rows()) { $html .= $GLOBALS['img_tick']; } else { $alldone = 0; $html .= $GLOBALS['img_cross']; } $html .= '</td></tr>'; $html .= '<tr><td>' . s('Create a subscribe page') . '</td> <td>' . PageLink2('spage', s('Go there')) . '</td><td>'; $req = Sql_Query("select * from {$tables['subscribepage']}"); if (Sql_Affected_Rows()) { $html .= $GLOBALS['img_tick']; } else { $alldone = 0; $html .= $GLOBALS['img_cross']; } $html .= '</td></tr>'; $html .= '<tr><td>' . s('Add some subscribers') . '</td> <td>' . PageLink2('import', s('Go there')) . '</td><td>'; $req = Sql_Fetch_Row_Query("select count(*) from {$tables['user']}"); if ($req[0] > 2) { $html .= $GLOBALS['img_tick']; } else { $alldone = 0; $html .= $GLOBALS['img_cross'];
break; } # fix the new powered by image for the templates Sql_Query(sprintf('update %s set data = "%s",width=70,height=30 where filename = "powerphplist.png"', $tables["templateimage"], $newpoweredimage)); print '<script language="Javascript" type="text/javascript"> finish(); </script>'; # update the system pages while (list($type, $pages) = each($system_pages)) { foreach ($pages as $page) { Sql_Query(sprintf('replace into %s (page,type) values("%s","%s")', $tables["task"], $page, $type)); } } # mark the database to be our current version if ($success) { SaveConfig("version", VERSION, 0); # mark now to be the last time we checked for an update Sql_Query(sprintf('replace into %s (item,value,editable) values("updatelastcheck",now(),0)', $tables["config"])); Info("Success"); } else { Error("An error occurred while upgrading your database"); } } else { ?> <p>Your database requires upgrading, please make sure to create a backup of your database first.</p> <p>When you're ready click <?php echo PageLink2("upgrade", "Here", "doit=yes"); ?> . Depending on the size of your database, this may take quite a while. Please make sure not to interrupt the process, once you've started it.</p> <?php } }
if ($x % 25 == 0) { print $x . "/{$num} " . $GLOBALS['I18N']->get('done') . "<br/>"; flush(); } # check for full email if ($_POST["onlyfull"] != "yes" || $_POST["onlyfull"] == "yes" && strpos($importuser["personal"], "@") === false && strlen($importuser["email"]) > 4) { $new = 0; $result = Sql_query(sprintf('SELECT id,uniqid FROM %s WHERE email = "%s"', $tables["user"], $importuser["email"])); if (Sql_affected_rows()) { // Email exist, remember some values to add them to the lists $count_exist++; $user = Sql_fetch_array($result); $userid = $user["id"]; $uniqid = $user["uniqid"]; Sql_Query(sprintf('update %s set htmlemail = %d where id = %d', $tables["user"], $_POST["markhtml"] ? "1" : "0", $userid)); } else { // Email does not exist $new = 1; // Create unique number mt_srand((double) microtime() * 1000000); $randval = mt_rand(); $uniqid = getUniqid(); $query = sprintf('INSERT INTO %s (email,entered,confirmed,uniqid,htmlemail) values("%s",current_timestamp,%d,"%s",%d)', $tables["user"], $importuser["email"], $_POST["notify"] != "yes", $uniqid, $_POST["markhtml"] ? "1" : "0"); $result = Sql_query($query); $userid = Sql_Insert_Id($tables['user'], 'id'); $count_email_add++; $some = 1; } if ($_POST["overwrite"] == "yes") {
<?php require_once dirname(__FILE__) . '/accesscheck.php'; $req = Sql_Query(sprintf('select * from %s where date_add(from_unixtime(unixdate),interval 12 month) > now() order by unixdate', $GLOBALS['tables']['userstats'])); $ls = new WebblerListing($GLOBALS['I18N']->get('Statistics')); while ($row = Sql_Fetch_Array($req)) { $element = $GLOBALS['I18N']->get($row['item']); $ls->addElement($element); switch (STATS_INTERVAL) { case 'monthly': $date = date('M y', $row['unixdate']); break; } $ls->addColumn($element, $date, $row['value']); } print $ls->display();
function deleteItem($table, $attributeid, $delete) { global $tables, $replace; # delete the index in delete $valreq = Sql_Fetch_Row_query("select name from {$table} where id = {$delete}"); $val = $valreq[0]; # check dependencies $dependencies = array(); $result = Sql_query("select distinct userid from {$tables['user_attribute']} where\n attributeid = {$attributeid} and value = {$delete}"); while ($row = Sql_fetch_array($result)) { array_push($dependencies, $row["userid"]); } if (sizeof($dependencies) == 0) { $result = Sql_query("delete from {$table} where id = {$delete}"); } else { if ($replace) { $result = Sql_Query("update {$tables['user_attribute']} set value = {$replace} where value = {$delete}"); $result = Sql_query("delete from {$table} where id = {$delete}"); } else { ?> Cannot delete <b><?php echo $val; ?> </b><br /> The Following record(s) are dependent on this value<br /> Update the record(s) to not use this attribute value and try again<p> <?php for ($i = 0; $i < sizeof($dependencies); $i++) { print PageLink2("user", "User " . $dependencies[$i], "id={$dependencies[$i]}") . "<br />\n"; if ($i > 10) { print "* Too many to list, total dependencies:\n " . sizeof($dependencies) . "<br /><br />"; giveAlternative($table, $delete, $attributeid); return 0; } } print "</p><br />"; giveAlternative($table, $delete, $attributeid); } } return 1; }
if (!defined('PHPLISTINIT')) { exit; } print '<h3>' . s('Database structure check') . '</h3>'; unset($_SESSION["dbtables"]); $pass = true; $ls = new WebblerListing(s('Database structure')); while (list($table, $tablename) = each($GLOBALS["tables"])) { $createlink = ''; $indexes = $uniques = $engine = $category = ''; $ls->addElement($table); if ($table != $tablename) { $ls->addColumn($table, "real name", $tablename); } if (Sql_Table_Exists($tablename)) { $req = Sql_Query("show columns from {$tablename}", 0); $columns = array(); if (!Sql_Affected_Rows()) { $ls->addColumn($table, "exist", $GLOBALS["img_cross"]); } while ($row = Sql_Fetch_Array($req)) { $columns[strtolower($row["Field"])] = $row["Type"]; } $tls = new WebblerListing($table); if (isset($DBstruct[$table])) { $struct = $DBstruct[$table]; } else { $struct = ''; } $haserror = 0; if (is_array($struct)) {
<input type="hidden" name="id" value="' . $listid . '" />'; $filterpanel .= '<label for="find">' . $GLOBALS['I18N']->get('Find a user') . '</label>'; $filterpanel .= '<input type="text" name="find" value="'; $filterpanel .= $find != '%' ? htmlspecialchars(stripslashes($find)) : ''; $filterpanel .= '" size="30" />'; $filterpanel .= '<select name="findby">'; $filterpanel .= '<option value="email" '; $filterpanel .= $findby == 'email' ? 'selected="selected"' : ''; $filterpanel .= '>' . $GLOBALS['I18N']->get('Email') . '</option>'; $filterpanel .= '<option value="foreignkey" '; $filterpanel .= $findby == 'foreignkey' ? 'selected="selected"' : ''; $filterpanel .= '>' . $GLOBALS['I18N']->get('Foreign Key') . '</option>'; $filterpanel .= '<option value="uniqid" '; $filterpanel .= $findby == 'uniqid' ? 'selected="selected"' : ''; $filterpanel .= '>' . $GLOBALS['I18N']->get('Unique ID') . '</option>'; $att_req = Sql_Query('select id,name from ' . $tables['attribute'] . ' where type = "hidden" or type = "textline" or type = "select"'); while ($row = Sql_Fetch_Array($att_req)) { $filterpanel .= sprintf('<option value="%d" %s>%s</option>', $row['id'], $row['id'] == $findby ? 'selected="selected"' : '', substr($row['name'], 0, 20)); } $filterpanel .= '</select><input class="submit" type="submit" value="' . s('Go') . '" /> <a href="./?page=users&find=NULL" class="reset">' . s('reset') . '</a>'; $filterpanel .= '</form></div>'; //$filterpanel .= '<tr><td colspan="4"></td></tr> //</table>'; print Info($countpanel); $panel = new UIPanel($GLOBALS['I18N']->get('Find subscribers'), $filterpanel); print $panel->display(); #if (($require_login && isSuperUser()) || !$require_login) print '<div class="actions">'; print '<div id="add-csv-button">' . PageLinkButton('dlusers', $GLOBALS['I18N']->get('Download all users as CSV file'), 'nocache=' . uniqid('')) . '</div>'; print '<div id="add-user-button">' . PageLinkButton('adduser', $GLOBALS['I18N']->get('Add a User')) . '</div>'; print '</div>';
} elseif (is_file('config/config.php')) { include 'config/config.php'; } else { print "Error, cannot find config file\n"; exit; } require_once dirname(__FILE__) . '/admin/init.php'; $GLOBALS['database_module'] = basename($GLOBALS['database_module']); $GLOBALS['language_module'] = basename($GLOBALS['language_module']); require_once dirname(__FILE__) . '/admin/' . $GLOBALS['database_module']; # load default english and language include_once dirname(__FILE__) . '/texts/english.inc'; # Allow customisation per installation if (is_file($_SERVER['DOCUMENT_ROOT'] . '/' . $GLOBALS['language_module'])) { include_once $_SERVER['DOCUMENT_ROOT'] . '/' . $GLOBALS['language_module']; } include_once dirname(__FILE__) . '/admin/languages.php'; require_once dirname(__FILE__) . '/admin/defaultconfig.php'; require_once dirname(__FILE__) . '/admin/connect.php'; include_once dirname(__FILE__) . '/admin/lib.php'; if (!empty($_GET['u']) && !empty($_GET['m'])) { $_GET['u'] = preg_replace('/\\W/', '', $_GET['u']); $userid = Sql_Fetch_Row_Query(sprintf('select id from %s where uniqid = "%s"', $GLOBALS['tables']['user'], $_GET['u'])); if ($userid[0]) { Sql_Query(sprintf('update %s set viewed = now() where messageid = %d and userid = %d and viewed is null', $GLOBALS['tables']['usermessage'], $_GET['m'], $userid[0])); Sql_Query(sprintf('update %s set viewed = viewed + 1 where id = %d', $GLOBALS['tables']['message'], $_GET['m'])); } } @ob_end_clean(); header('Content-Type: image/png'); print base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAEAAAABAQMAAAAl21bKAAAABGdBTUEAALGPC/xhBQAAAAZQTFRF////AAAAVcLTfgAAAAF0Uk5TAEDm2GYAAAABYktHRACIBR1IAAAACXBIWXMAAAsSAAALEgHS3X78AAAAB3RJTUUH0gQCEx05cqKA8gAAAApJREFUeJxjYAAAAAIAAUivpHEAAAAASUVORK5CYII=');
function matchedBounceRule($text, $activeonly = 0) { if ($activeonly) { $status = ' where status = "active"'; } else { $status = ''; } $req = Sql_Query(sprintf('select * from %s %s order by listorder', $GLOBALS['tables']['bounceregex'], $status)); while ($row = Sql_Fetch_Array($req)) { $pattern = str_replace(' ', '\\s+', $row['regex']); # print "Trying to match ".$pattern; #print ' with '.$text; # print '<br/>'; if (@preg_match('/' . preg_quote($pattern) . '/iUm', $text)) { return $row['id']; } elseif (@preg_match('/' . $pattern . '/iUm', $text)) { return $row['id']; } } return ''; }
} ## allow plugins to save their fields foreach ($GLOBALS['plugins'] as $plugin) { $result = $result && $plugin->processEditList($id); } print '<div class="actionresult">' . $_SESSION['action_result'] . '</div>'; if ($_GET['page'] == 'editlist') { print '<div class="actions">' . PageLinkButton('importsimple&list=' . $id, s('Add some subscribers')) . ' ' . PageLinkButton('editlist', s('Add another list')) . '</div>'; } unset($_SESSION['action_result']); return; ## doing this, the action result disappears, which we don't want Redirect('list'); } if (!empty($id)) { $result = Sql_Query("SELECT * FROM " . $GLOBALS['tables']['list'] . " where id = {$id}"); $list = Sql_Fetch_Array($result); } else { $list = array('name' => '', 'active' => 0, 'listorder' => 0, 'description' => ''); } if (empty($list['category'])) { $list['category'] = ''; } @ob_end_flush(); ?> <?php echo formStart(' class="editlistSave" '); ?> <input type="hidden" name="id" value="<?php echo $id;
<?php require_once dirname(__FILE__) . '/accesscheck.php'; # convert the database to add the prefix # dangerous, should not be used, particularly not if the prefix already exists if (!$GLOBALS["table_prefix"]) { print "No prefix defined, nothing to do"; return; } include "structure.php"; while (list($table, $value) = each($DBstruct)) { if ($table != $tables[$table]) { Sql_Drop_Table($tables[$table]); Sql_Verbose_Query("alter table {$table} rename {$tables[$table]}", 0); } } $req = Sql_Verbose_Query("select tablename from " . $tables["attribute"]); while ($row = Sql_Fetch_Row($req)) { set_time_limit(500); if (Sql_Table_Exists("listattr_" . $row[0]) && $table_prefix) { Sql_Verbose_Query("alter table listattr_{$row['0']} rename {$table_prefix}" . "listattr_" . $row[0]); } if (Sql_Table_Exists($table_prefix . "listattr_" . $row[0])) { Sql_Query("alter table {$table_prefix}" . "listattr_" . $row[0] . " add column listorder integer default 0", 0); } } flush();
var div1 = findEl("criteria_values_select"); var div2 = findEl("criteria_values_text"); var div3 = findEl(value_divs[choice]); div1.style.visibility = "hidden"; div2.style.visibility = "hidden"; div3.style.visibility = "visible"; } </script> '; $att_drop = '<select name="criteria_attribute" onChange="changeDropDowns()" class="criteria_element" >'; $att_drop .= '<option value="">[' . $GLOBALS['I18N']->get('selectattribute') . ']</option>'; $att_names = ''; # to remember them later $attreq = Sql_Query(sprintf('select * from %s where type in ("select","radio","date","checkboxgroup","checkbox") %s', $tables["attribute"], $already_used)); while ($att = Sql_Fetch_array($attreq)) { $att_drop .= sprintf('<option value="%d" %s>%s</option>', $att["id"], "", substr(stripslashes($att["name"]), 0, 30) . ' (' . $GLOBALS['I18N']->get($att["type"]) . ')'); $att_names .= sprintf('<input type=hidden name="attribute_names[%d]" value="%s">', $att["id"], stripslashes($att["name"])); } $att_drop .= '</select>' . $att_names; $operator_drop = ' <select name="criteria_operator" class="criteria_element" > <option value="is">' . $GLOBALS['I18N']->get('is') . '</option> <option value="isnot">' . $GLOBALS['I18N']->get('isnot') . '</option> <option value="isbefore">' . $GLOBALS['I18N']->get('isbefore') . '</option> <option value="isafter">' . $GLOBALS['I18N']->get('isafter') . '</option> </select> '; $values_drop = ' <style type="text/css">
<?php if (empty($_SESSION['last_addemail'])) { $_SESSION['last_addemail'] = 0; } if (!empty($_GET['email'])) { $delay = time() - $_SESSION['last_addemail']; if ($delay > ADD_EMAIL_THROTTLE) { $_SESSION['last_addemail'] = time(); Sql_Query(sprintf('insert into %s (email,uniqid,htmlemail,entered) values("%s","%s",1,now())', $GLOBALS['tables']['user'], sql_escape($_GET['email']), getUniqid()), 1); addUserHistory($_GET['email'], 'Added by ' . adminName(), ''); $status = $GLOBALS['I18N']->get('Email address added'); } else { # pluginsCall('processError','Error adding email address, throttled'); foreach ($GLOBALS['plugins'] as $plname => $plugin) { $plugin->processError('Add email throttled ' . $delay); } $status = $GLOBALS['I18N']->get('Adding email address failed'); } }
"%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s as linktrack, %s as user where linktrack.userid = user.id and linktrack.url = "%s" and linktrack.clicked group by linktrack.userid', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $urldata['url'])); } elseif ($msgid) { print '<h1>' . $GLOBALS['I18N']->get('User Click Details for a Message') . '</h1>'; print '<table> <tr><td>' . $GLOBALS['I18N']->get('Subject') . '<td><td>' . $messagedata['subject'] . '</td></tr> <tr><td>' . $GLOBALS['I18N']->get('Entered') . '<td><td>' . $messagedata['entered'] . '</td></tr> <tr><td>' . $GLOBALS['I18N']->get('Sent') . '<td><td>' . $messagedata['sent'] . '</td></tr> </table><hr/>'; $req = Sql_Query(sprintf('select user.email,user.id as userid,firstclick,date_format(latestclick, "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks from %s as linktrack, %s as user where linktrack.userid = user.id and linktrack.messageid = %d and linktrack.clicked group by linktrack.userid', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $msgid)); } elseif ($userid) { print '<h1>' . $GLOBALS['I18N']->get('User Click Details') . '</h1>'; $req = Sql_Query(sprintf('select user.email,user.id as userid,firstclick,date_format(latestclick, "%%e %%b %%Y %%H:%%i") as latestclick,sum(clicked) as numclicks,messageid,linkid,url from %s as linktrack, %s as user where linktrack.userid = user.id and linktrack.userid = %d and linktrack.clicked group by linktrack.url', $GLOBALS['tables']['linktrack'], $GLOBALS['tables']['user'], $userid)); } #ob_end_flush(); #flush(); $summary = array(); while ($row = Sql_Fetch_Array($req)) { # print $row['email'] . "<br/>"; if (!$userid) { $element = $row['email']; $ls->addElement($element, PageUrl2('userhistory&id=' . $row['userid'])); } else { $element = $row['url']; $ls->addElement($element, PageUrl2('uclicks&id=' . $row['linkid'])); $ls->addColumn($element, $GLOBALS['I18N']->get('message'), PageLink2('mclicks&id=' . $row['messageid'], $row['messageid'])); }
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $table_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!isset($table_prefix)) { $table_prefix = 'phplist_'; } if (!empty($tables["attribute"])) { $att_table = $usertable_prefix . $tables["attribute"]; $user_att_table = $usertable_prefix . $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if (!is_array($data)) { $tmp = $data; $data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid)); $data['value'] = $tmp; $data['displayvalue'] = $tmp; } # dbg($data,'$data to store for '.$userid.' '.$attid); if ($data["nodbsave"]) { # dbg($attid, "Not saving, nodbsave"); return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { # dbg($attid, "Not saving, emailcheck/passwordcheck"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); dbg('Saving', $data['value'], DBG_TRACE); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid)); } return 1; } $attributetype = $data['type']; $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) { # Dbg("Creating new Attribute: ".$data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { # dbg("Not creating new Attribute: ".$data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } if (!$atttable && !empty($data['name'])) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($attributetype) { case "static": case "password": # dbg('SAVING STATIC OR PASSWORD'); if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; case 'avatar': if (is_array($_FILES)) { ## only avatars are files, for now if (!defined('MAX_AVATAR_SIZE')) { define('MAX_AVATAR_SIZE', 100000); } $formfield = 'attribute' . $attid . '_file'; ## the name of the fileupload element if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) { $tmpnam = $_FILES[$formfield]['tmp_name']; move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg'); $size = filesize('/tmp/avatar' . $userid . '.jpg'); # dbg('New size: '.$size); if ($size < MAX_AVATAR_SIZE) { $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg'); Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar))); unlink('/tmp/avatar' . $userid . '.jpg'); } } } break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }
## would be best to not have a limit, but putting one to avoid that if ($download) { $limit = ' limit 100000'; } if ($id) { $url_keep = '&id=' . $id; } else { $url_keep = ''; } if ($total) { $paging = simplePaging("mviews{$url_keep}", $start, $total, MAX_USER_PP, $GLOBALS['I18N']->get("Entries")); $ls->usePanel($paging); } $req = Sql_Query(sprintf('select userid,email,um.entered as sent,min(um.viewed) as firstview, max(um.viewed) as lastview, count(um.viewed) as viewcount, abs(unix_timestamp(um.entered) - unix_timestamp(um.viewed)) as responsetime from %s um, %s user, %s msg where um.messageid = %d and um.messageid = msg.id and um.userid = user.id and um.status = "sent" and um.viewed is not null %s group by userid %s', $GLOBALS['tables']['usermessage'], $GLOBALS['tables']['user'], $GLOBALS['tables']['message'], $id, $subselect, $limit)); $summary = array(); while ($row = Sql_Fetch_Array($req)) { if ($download) { ## with download, the 50 per page limit is not there. set_time_limit(60); $element = $row['email']; } else { $element = shortenTextDisplay($row['email'], 15); } $ls->addElement($element, PageUrl2('userhistory&id=' . $row['userid'])); $ls->setClass($element, 'row1'); $ls->addRow($element, '<div class="listingsmall gray">' . $GLOBALS['I18N']->get('sent') . ': ' . formatDateTime($row['sent'], 1) . '</div>', ''); if ($row['viewcount'] > 1) {
print $ls->display(); return; } $req = Sql_Query(sprintf('select listid,userid,count(bounce) as numbounces from %s listuser, %s umb where listuser.userid = umb.user and listuser.listid = %d and date_add(time,interval 6 month) > now() group by umb.user order by listuser.listid', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user_message_bounce'], $listid)); $total = Sql_Affected_Rows(); $limit = ''; $numpp = 150; $s = empty($_GET['s']) ? 0 : sprintf('%d', $_GET['s']); if ($total > 500 && $_GET['type'] != 'dl') { # print Paging2('listbounces&id='.$listid,$total,$numpp,'Page'); $listing = sprintf($GLOBALS['I18N']->get("Listing %s to %s"), $s, $s + $numpp); $limit = "limit {$s}," . $numpp; print $total . " " . $GLOBALS['I18N']->get(" Total") . "</p>"; printf('<table border=1><tr><td colspan=4 align=center>%s</td></tr><tr><td>%s</td><td>%s</td><td> %s</td><td>%s</td></tr></table><p><hr>', $listing, PageLink2('listbounces&id=' . $listid, "<<", "s=0"), PageLink2('listbounces&id=' . $listid, "<", sprintf('s=%d', max(0, $s - $numpp))), PageLink2('listbounces&id=' . $listid, ">", sprintf('s=%d', min($total, $s + $numpp))), PageLink2('listbounces&id=' . $listid, ">>", sprintf('s=%d', $total - $numpp))); $req = Sql_Query(sprintf('select listid,userid,count(bounce) as numbounces from %s listuser, %s umb where listuser.userid = umb.user and listuser.listid = %d and date_add(time,interval 6 month) > now() group by umb.user order by listuser.listid %s', $GLOBALS['tables']['listuser'], $GLOBALS['tables']['user_message_bounce'], $listid, $limit)); } print '<p>' . PageLink2('listbounces', 'Select another list'); print ' ' . PageLink2('listbounces&type=dl&&id=' . $listid, 'Download emails'); print '</p>'; if ($_GET['type'] == 'dl') { ob_end_clean(); Header("Content-type: text/plain"); $filename = 'Bounces on ' . listName($listid); header("Content-disposition: attachment; filename=\"{$filename}\""); } $currentlist = 0; $ls = new WebblerListing(''); while ($row = Sql_Fetch_Array($req)) { if ($currentlist != $row['listid']) { if ($_GET['type'] != 'dl') {