/** * RunUpgrade * Runs the populate_user_unique_token upgrade * * @return Boolean Returns TRUE if successful, FALSE otherwise */ function RunUpgrade() { $result = $this->Db->Query('SELECT username, password FROM ' . SENDSTUDIO_TABLEPREFIX . 'users'); if ($result === false) { return false; } while ($row = $this->Db->Fetch($result)) { $new_token = API_USERS::generateUniqueToken($row['username']); $new_password = md5(md5($new_token) . $row['password']); $query = 'UPDATE ' . SENDSTUDIO_TABLEPREFIX . 'users '; $query .= " SET unique_token='" . $this->Db->Quote($new_token) . "'"; $query .= ", password='******'"; $query .= " WHERE username='******'username']) . "'"; $status = $this->Db->Query($query); if ($status === false) { return false; } } return true; }
/** * Install * Performs an installation based on the request in $xml * * @return Void Returns nothing, exits on error */ function Install() { $install = &$this->xml->install; // Required variables: $required = array( 'licenseKey','installPath', 'user' => array( 'email', 'username', 'password' ), 'database' => array( 'dbUser','dbPass','dbDatabase','dbServer' // ,'dbType' ) ); $errors = array(); foreach ($required as $node_name => $node) { if (is_array($node)) { foreach ($node as $variable) { if (!isset($install->$node_name->$variable)) { $errors[] = array('code' => 'missing' . ucfirst($node_name) . ucfirst($variable), 'message' => 'The ' . $node_name . ' ' . $variable . ' value was not supplied.'); } } } else { if (!isset($install->$node)) { $errors[] = array('code' => 'missing' . ucfirst($node), 'message' => 'The ' . $node . ' value was not supplied.'); } } } if (count($errors)) { $this->Error('Please fill out all mandatory fields to complete the installation.',$errors); } // Check if config file is writable $config_file = SENDSTUDIO_INCLUDES_DIRECTORY . "/config.php"; if (!is_writable($config_file)) { $this->Error('Before you can install Interspire Email Marketer make sure the following files are writable.',array(array('code' => 'filePermissions', 'message' => $config_file . ' is not writable.'))); } if (!is_writable(TEMP_DIRECTORY)) { $this->Error('Before you can install Interspire Email Marketer make sure the following files are writable.',array(array('code' => 'filePermissions', 'message' => TEMP_DIRECTORY . ' is not writable.'))); } $license_key = (string)$install->licenseKey; list($error, $msg) = sesion_start($license_key); if ($error) { $this->Error('A valid license key was not supplied.',array(array('code' => 'badLicenseKey','message' => $msg))); } /** * Connect to the database */ /** * Due to a problem with Plesk only mysql installations can be done * if ($install->database->dbType == 'postgresql') { require(dirname(__FILE__) . "/lib/database/pgsql.php"); $db_type = 'PGSQLDb'; $db_type_name = 'pgsql'; } elseif ($install->database->dbType == 'mysql') { */ require_once IEM_PATH . '/ext/database/mysql.php'; $db_type = 'MySQLDb'; $db_type_name = 'mysql'; defined('SENDSTUDIO_DATABASE_TYPE') or define('SENDSTUDIO_DATABASE_TYPE', $db_type_name); /** } else { $this->Error('The installer was not able to connect to the database.',array(array('code' => 'dbConnectError', 'message' => 'Unknown database type ' . $install->database->dbType))); } */ $db = new $db_type($install->database->dbServer, $install->database->dbUser, $install->database->dbPass, $install->database->dbDatabase); $db->TablePrefix = $install->database->tablePrefix; $db->ErrorCallback = array(&$this,'DatabaseError'); IEM::getDatabase($db); if (!$db->connection) { $this->Error('The installer was not able to connect to the database.', array(array('code' => 'dbConnectError', 'message' => "Unable to connect to the database: " . $db->GetError()))); } /** * Load the database schema file and create the database tables */ require_once(IEM_PATH . "/install/schema." . $db_type_name . ".php"); $tableprefix = ''; if (isset($install->database->tablePrefix)) { $tableprefix = (string)$install->database->tablePrefix; } foreach ($queries as $query) { $query = str_replace('%%TABLEPREFIX%%', $tableprefix, $query); $db->Query($query); } /** * Find the server timezone and write the configuration file */ $this->LoadLanguageFile('Timezones'); $timezone = date('O'); $timezone = preg_replace('/([+-])0/', '$1', $timezone); if ($timezone == '+000') { $timezone = 'GMT'; } $timez = 'GMT'; foreach ($GLOBALS['SendStudioTimeZones'] as $k => $tz) { // if we're using date('O') it doesn't include "GMT" or the ":" // see if we can match it up. $tz_trim = str_replace(array('GMT', ':'), '', $tz); if ($tz_trim == $timezone) { $timez = $tz; break; } } if (!defined('SENDSTUDIO_SERVERTIMEZONE')) { define('SENDSTUDIO_SERVERTIMEZONE', $timez); } define('SENDSTUDIO_TABLEPREFIX', $tableprefix); ob_start(); $settings_api = $this->GetApi('Settings'); $settings_details = array(); $settings_details['DATABASE_UTF8PATCH'] = '1'; $settings_details['DATABASE_TYPE'] = $db_type_name; $settings_details['DATABASE_USER'] = (string)$install->database->dbUser; $settings_details['DATABASE_PASS'] = (string)$install->database->dbPass; $settings_details['DATABASE_HOST'] = (string)$install->database->dbServer; $settings_details['DATABASE_NAME'] = (string)$install->database->dbDatabase; $settings_details['TABLEPREFIX'] = $tableprefix; $settings_details['LICENSEKEY'] = (string)$install->licenseKey; $settings_details['APPLICATION_URL'] = (string)$install->installPath; $settings_details['SERVERTIMEZONE'] = $timez; $settings_details['DEFAULTCHARSET'] = 'UTF-8'; $settings_details['EMAIL_ADDRESS'] = (string)$install->user->email; // now for the default settings. $settings_details['SMTP_PORT'] = '25'; $settings_details['IPTRACKING'] = '1'; $settings_details['MAX_IMAGEWIDTH'] = 700; $settings_details['MAX_IMAGEHEIGHT'] = 400; $settings_details['BOUNCE_IMAP'] = '0'; $settings_details['ALLOW_EMBEDIMAGES'] = '1'; $settings_details['ATTACHMENT_SIZE'] = '2048'; $settings_details['CRON_SEND'] = '5'; $settings_details['CRON_AUTORESPONDER'] = '10'; $settings_details['CRON_BOUNCE'] = '60'; $settings_details['EMAILSIZE_WARNING'] = '500'; $settings_details['EMAILSIZE_MAXIMUM'] = '2048'; $settings_details['RESEND_MAXIMUM'] = '3'; $settings_api->Set('Settings', $settings_details); $settings_api->Db = &$db; $settings_api->Save(); // ----- Update the default user account $username = $install->user->username; $unique_token = API_USERS::generateUniqueToken($username); $new_password = API_USERS::generatePasswordHash($install->user->password, $unique_token); $tempServerTimeZone = $db->Quote($settings_details['SERVERTIMEZONE']); $tempEmailAddress = $db->Quote(strval($install->user->email)); $tempUniqueToken = $db->Quote($unique_token); $tempUsername = $db->Quote($username); $tempPassword = $db->Quote($new_password); $tempHTMLFooter = $db->Quote(GetLang('Default_Global_HTML_Footer', '')); $tempTEXTFooter = $db->Quote(GetLang('Default_Global_Text_Footer', '')); $query = " UPDATE {$tableprefix}users SET unique_token = '{$tempUniqueToken}', usertimezone = '{$tempServerTimeZone}', emailaddress ='{$tempEmailAddress}', textfooter ='{$tempTEXTFooter}', htmlfooter ='{$tempHTMLFooter}', username = '******', password ='******' WHERE userid = 1 "; $db->Query($query); unset($tempTEXTFooter); unset($tempHTMLFooter); unset($tempPassword); unset($tempUniqueToken); unset($tempEmailAddress); unset($tempServerTimeZone); unset($new_password); unset($unique_token); // ----- ob_end_clean(); /** * Installation is finished */ $this->PrintHeader(); ?> <status>OK</status> <installPath><?php echo $install->installPath; ?></installPath> <user> <username>admin</username> <password><?php echo $install->user->password; ?></password> </user> <?php $this->PrintFooter(); return; }
/** * Create * This function creates a user based on the current class vars and then save permissions once it has a new userid from the database. * * @return False|Int Returns false if it couldn't create a user, otherwise returns the new userid. */ function Create() { if (!ss9024kwehbehb($this)) { return -1; } $this->FilterData(); if (!$this->Validate('create')) { return false; } $processed_unique_token = API_USERS::generateUniqueToken(SENDSTUDIO_LICENSEKEY . $this->username); $processed_password = API_USERS::generatePasswordHash($this->password, $processed_unique_token); if (!is_array($this->eventactivitytype)) { $this->eventactivitytype = array(); } if ($this->trialuser == '1') { $agency_variables = get_agency_license_variables(); $this->admintype = 'c'; } $query = " INSERT INTO [|PREFIX|]users ( groupid, username, password, unique_token, status, emailaddress, fullname, trialuser, admintype, listadmintype, templateadmintype, segmentadmintype, editownsettings, usertimezone, textfooter, htmlfooter, infotips, smtpserver, smtpusername, smtppassword, smtpport, createdate, lastloggedin, enableactivitylog, usewysiwyg, xmlapi, xmltoken, gettingstarted, googlecalendarusername, googlecalendarpassword, eventactivitytype, adminnotify_email, adminnotify_send_flag, adminnotify_send_threshold, adminnotify_send_emailtext, adminnotify_import_flag, adminnotify_import_threshold, adminnotify_import_emailtext ) VALUES ( " . intval($this->groupid) . ", '" . $this->Db->Quote($this->username) . "', '" . $this->Db->Quote($processed_password) . "', '" . $this->Db->Quote($processed_unique_token) . "', '" . intval($this->status) . "', '" . $this->Db->Quote($this->emailaddress) . "', '" . $this->Db->Quote($this->fullname) . "', '" . ($this->trialuser == '1' ? '1' : '0') . "', '" . $this->Db->Quote($this->admintype) . "', '" . $this->Db->Quote($this->listadmintype) . "', '" . $this->Db->Quote($this->templateadmintype) . "', '" . $this->Db->Quote($this->segmentadmintype) . "', '" . intval($this->editownsettings) . "', '" . $this->Db->Quote($this->usertimezone) . "', '" . $this->Db->Quote($this->textfooter) . "', '" . $this->Db->Quote($this->htmlfooter) . "', '" . intval($this->infotips) . "', '" . $this->Db->Quote($this->smtpserver) . "', '" . $this->Db->Quote($this->smtpusername) . "', '" . $this->Db->Quote(base64_encode($this->smtppassword)) . "', " . intval($this->smtpport) . ", " . time() . ", 0, '" . intval($this->enableactivitylog) . "', '" . intval($this->usewysiwyg) . "', '" . intval($this->xmlapi) . "', '" . $this->Db->Quote($this->xmltoken) . "' ," . intval($this->gettingstarted) . ", '" . $this->Db->Quote($this->googlecalendarusername) . "', '" . $this->Db->Quote($this->googlecalendarpassword) . "', '" . serialize($this->eventactivitytype) . "', '" . $this->Db->Quote($this->adminnotify_email) . "', '" . intval($this->adminnotify_send_flag) . "', '" . intval($this->adminnotify_send_threshold) . "', '" . $this->Db->Quote($this->adminnotify_send_emailtext) . "', '" . intval($this->adminnotify_import_flag) . "', '" . intval($this->adminnotify_import_threshold) . "', '" . $this->Db->Quote($this->adminnotify_import_emailtext) . "' ) "; // We want to get the userid once it is created. if (SENDSTUDIO_DATABASE_TYPE == 'pgsql') { $query .= ' RETURNING userid'; } $this->Db->StartTransaction(); $result = $this->Db->Query($query); if (!$result) { $this->Db->CommitTransaction(); return false; } if (SENDSTUDIO_DATABASE_TYPE == 'pgsql') { $userid = $this->Db->FetchOne($result, 'userid'); } else { $userid = $this->Db->LastId(SENDSTUDIO_TABLEPREFIX . 'users_sequence'); } $this->userid = $userid; $status = (create_user_dir($userid) === true); if (!$status) { $this->Db->RollbackTransaction(); return false; } $this->Db->CommitTransaction(); $this->_cacheUserTypeCount = false; return $userid; }
/** * SaveDefaultSettings * Saves the default settings into the database. * Note that the database and required system settings must be set up before this is called. * * @return Array The first element is an error code indicating success (0) or failure (> 0). The second element is an error string. */ public function SaveDefaultSettings() { if (!$this->CheckRequiredFields()) { return array(self::SETTINGS_MISSING, 'All required settings must be loaded first.'); } if (!$this->_db) { return array(self::DB_MISSING, 'Database connection must be established first.'); } require_once SENDSTUDIO_API_DIRECTORY . '/settings.php'; $settings_api = new Settings_API(false); $settings = $this->_settings; $settings['DATABASE_UTF8PATCH'] = '1'; $settings['SERVERTIMEZONE'] = self::GetTimezone(); $settings['DEFAULTCHARSET'] = 'UTF-8'; $settings['SMTP_PORT'] = '25'; $settings['IPTRACKING'] = '1'; $settings['MAXHOURLYRATE'] = '0'; $settings['ALLOW_ATTACHMENTS'] = '1'; $settings['USEMULTIPLEUNSUBSCRIBE'] = '0'; $settings['CONTACTCANMODIFYEMAIL'] = '0'; $settings['FORCE_UNSUBLINK'] = '0'; $settings['MAXOVERSIZE'] = '0'; $settings['MAX_IMAGEWIDTH'] = '700'; $settings['MAX_IMAGEHEIGHT'] = '400'; $settings['BOUNCE_IMAP'] = '0'; $settings['ALLOW_EMBEDIMAGES'] = '1'; $settings['ATTACHMENT_SIZE'] = '2048'; $settings['CRON_ENABLED'] = '0'; $settings['CRON_SEND'] = '5'; $settings['CRON_AUTORESPONDER'] = '10'; $settings['CRON_BOUNCE'] = '60'; $settings['EMAILSIZE_WARNING'] = '500'; $settings['EMAILSIZE_MAXIMUM'] = '2048'; $settings['RESEND_MAXIMUM'] = '3'; $settings['CREDIT_INCLUDE_AUTORESPONDERS'] = '1'; $settings['CREDIT_INCLUDE_TRIGGERS'] = '1'; $settings['CREDIT_WARNINGS'] = '0'; $settings_api->Set('Settings', $settings); // set the table prefix constant for the API to work define('SENDSTUDIO_TABLEPREFIX', $this->_db->TablePrefix); $settings_api->Db =& $this->_db; $settings_api->Save(); $username = $_POST['admin_username']; $usernameToken = API_USERS::generateUniqueToken($username); $password = API_USERS::generatePasswordHash($_POST['admin_password'], $usernameToken); // Set the admin user's settings $query = 'UPDATE [|PREFIX|]users SET '; $query .= " usertimezone='" . $this->_db->Quote($settings['SERVERTIMEZONE']) . "', "; $query .= " emailaddress='" . $this->_db->Quote($settings['EMAIL_ADDRESS']) . "', "; $query .= " textfooter='" . $this->_db->Quote(GetLang('Default_Global_Text_Footer')) . "', "; $query .= " htmlfooter='" . $this->_db->Quote(GetLang('Default_Global_HTML_Footer')) . "', "; $query .= " unique_token='" . $this->_db->Quote($usernameToken) . "', "; $query .= " username='******', "; $query .= " password='******' "; $query .= ' WHERE userid=1'; $result = $this->_db->Query($query); if (!$result) { return array(self::DB_QUERY_ERROR, $this->_db->GetErrorMsg()); } return array(self::SUCCESS, null); }