function fill($prefix, $listid) { global $server_name, $tables, $table_prefix; # check for not too many $domain = getConfig('domain'); $res = Sql_query("select count(*) from {$tables['user']}"); $row = Sql_fetch_row($res); if ($row[0] > 50000) { error('Hmm, I think 50 thousand users is quite enough for a test<br/>This machine does need to do other things you know.'); print '<script language="Javascript" type="text/javascript"> document.forms[0].output.value="Done. Now there are ' . $row[0] . ' users in the database";</script>' . "\n"; return 0; } # fill the database with "users" who have any combination of attribute values $attributes = array(); $res = Sql_query("select * from {$tables['attribute']} where type = \"select\" or type = \"checkbox\" or type=\"radio\""); $num_attributes = Sql_Affected_rows(); $total_attr = 0; $total_val = 0; while ($row = Sql_fetch_array($res)) { array_push($attributes, $row['id']); ++$total_attr; $values[$row['id']] = array(); $res2 = Sql_query("select * from {$table_prefix}" . 'listattr_' . $row['tablename']); while ($row2 = Sql_fetch_array($res2)) { array_push($values[$row['id']], $row2['id']); ++$total_val; } } $total = $total_attr * $total_val; if (!$total) { Fatal_Error('Can only do stress test when some attributes exist'); return 0; } for ($i = 0; $i < $total; ++$i) { $data = array(); reset($attributes); while (list($key, $val) = each($attributes)) { $data[$val] = current($values[$val]); if (!$data[$val]) { reset($values[$val]); $data[$val] = current($values[$val]); } next($values[$val]); } $query = sprintf('insert into %s (email,entered,confirmed) values("testuser%s",now(),1)', $tables['user'], $prefix . '-' . $i . '@' . $domain); $result = Sql_query($query, 0); $userid = Sql_insert_id(); if ($userid) { $result = Sql_query("replace into {$tables['listuser']} (userid,listid,entered) values({$userid},{$listid},now())"); reset($data); while (list($key, $val) = each($data)) { if ($key && $val) { Sql_query("replace into {$tables['user_attribute']} (attributeid,userid,value) values(" . $key . ",{$userid}," . $val . ')'); } } } } return 1; }
function Debug($variable, $description = 'Value', $nestingLevel = 0) { global $config; # if (!$config["debug"]) # $er = error_reporting(0); if (ini_get("safe_mode")) { return; } if (!$config["debug"]) { return; } if ($config["verbose"]) { smartDebug($variable, $description, $nestingLevel); } elseif ($config["debug_log"]) { $fp = @fopen($config["debug_log"], "a"); $line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n"; @fwrite($fp, $line); @fclose($fp); # $fp = fopen($config["sql_log"],"a"); # fwrite($fp,"$line"); # fclose($fp); } else { Fatal_Error("Debugging not configured properly"); } # error_reporting($er); }
return; } break; case "none": default: $subselect = " and " . $tables["list"] . ".id = 0"; break; } if (isset($_GET["unblacklist"])) { $unblacklist = sprintf('%d', $_GET["unblacklist"]); unBlackList($unblacklist); Redirect("userhistory&id=" . $unblacklist); } $result = Sql_query("SELECT * FROM {$tables["user"]} where id = {$id}"); if (!Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('no such User')); return; } $user = sql_fetch_array($result); print '<h3>' . $GLOBALS['I18N']->get('user') . ' ' . PageLink2("user&id=" . $user["id"], $user["email"]) . '</h3>'; print '<div class="actions">'; //printf('<a href="%s" class="button">%s</a>',getConfig("preferencesurl"). //'&uid='.$user["uniqid"],$GLOBALS['I18N']->get('update page')); //printf('<a href="%s" class="button">%s</a>',getConfig("unsubscribeurl").'&uid='.$user["uniqid"],$GLOBALS['I18N']->get('unsubscribe page')); print PageLinkButton("user&id={$id}", $GLOBALS['I18N']->get('Details')); if ($access != "view") { printf("<a class=\"delete button\" href=\"javascript:deleteRec('%s');\">" . $GLOBALS['I18N']->get('delete') . "</a>", PageURL2("user", "", "delete={$id}")); } print '</div>'; $bouncels = new WebblerListing($GLOBALS['I18N']->get('Bounces')); $bouncelist = "";
$numlists = Sql_Fetch_Row_query("select count(*) from {$GLOBALS['tables']['list']} {$subselect}"); if (!($numlists[0] < MAXLIST)) { Error($GLOBALS['I18N']->get('You cannot create a new list because you have reached maximum number of lists.')); return; } } break; case "all": $subselect = ""; $subselect_and = ""; break; case "none": default: $subselect_and = " and owner = -1"; if ($id) { Fatal_Error($GLOBALS['I18N']->get('You do not have enough privileges to view this page')); return; } $subselect = " where id = 0"; break; } } if ($id) { echo "<br />" . PageLinkButton("members", s('Members of this list'), "id={$id}"); } if (!empty($_POST["addnewlist"]) && !empty($_POST["listname"])) { if ($GLOBALS["require_login"] && !isSuperUser()) { $owner = $_SESSION["logindetails"]["id"]; } if (!isset($_POST["active"])) { $_POST["active"] = listUsedInSubscribePage($id);
if (isset($GLOBALS["require_login"]) && $GLOBALS["require_login"]) { if ($GLOBALS["admin_auth_module"] && is_file("auth/" . $GLOBALS["admin_auth_module"])) { require_once "auth/" . $GLOBALS["admin_auth_module"]; } elseif ($GLOBALS["admin_auth_module"] && is_file($GLOBALS["admin_auth_module"])) { require_once $GLOBALS["admin_auth_module"]; } else { if ($GLOBALS["admin_auth_module"]) { logEvent("Warning: unable to use " . $GLOBALS["admin_auth_module"] . " for admin authentication, reverting back to phplist authentication"); $GLOBALS["admin_auth_module"] = 'phplist_auth.inc'; } require_once 'auth/phplist_auth.inc'; } if (class_exists('admin_auth')) { $GLOBALS["admin_auth"] = new admin_auth(); } else { print Fatal_Error($GLOBALS['I18N']->get('Admin Authentication initialisation failure')); return; } if ((!isset($_SESSION["adminloggedin"]) || !$_SESSION["adminloggedin"]) && isset($_REQUEST["login"]) && isset($_REQUEST["password"]) && !empty($_REQUEST["password"])) { $loginresult = $GLOBALS["admin_auth"]->validateLogin($_REQUEST["login"], $_REQUEST["password"]); if (!$loginresult[0]) { $_SESSION["adminloggedin"] = ""; $_SESSION["logindetails"] = ""; $page = "login"; logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $_SERVER['REMOTE_ADDR'], $_REQUEST["login"])); $msg = $loginresult[1]; } else { $_SESSION["adminloggedin"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["logindetails"] = array("adminname" => $_REQUEST["login"], "id" => $loginresult[0], "superuser" => $admin_auth->isSuperUser($loginresult[0]), "passhash" => sha1($_REQUEST["password"])); ##16692 - make sure admin permissions apply at first login $GLOBALS["admin_auth"]->validateAccount($_SESSION["logindetails"]["id"]);
} else { $req = Sql_Fetch_Row_query("select * from {$tables["user"]} where email = \"".$_REQUEST["email"]."\""); $userid = $req[0]; } if (!$userid) Fatal_Error("Error, no such user"); # update the existing record, check whether the email has changed $req = Sql_Query("select * from {$tables["user"]} where id = $userid"); $data = Sql_fetch_array($req); # check whether they are changing to an email that already exists, should not be possible $req = Sql_Query("select uniqid from {$tables["user"]} where email = \"$email\""); if (Sql_Affected_Rows()) { $row = Sql_Fetch_Row($req); if ($row[0] != $_GET["uid"]) { Fatal_Error("Cannot change to that email address. <br/>This email already exists. <br/>Please use the preferences URL for this email to make updates. <br/>Click <a href=\"".getConfig("preferencesurl")."&email=$email\">here</a> to request your personal location"); exit; } } if (ASKFORPASSWORD && $_POST["password"]) { if (ENCRYPTPASSWORD) { $newpassword = sprintf('%s',md5($_POST["password"])); } else { $newpassword = sprintf('%s',$_POST["password"]); } # see whether is has changed $curpwd = Sql_Fetch_Row_Query("select password from {$tables["user"]} where id = $userid"); if ($_POST["password"] != $curpwd[0]) { $storepassword = '******'.$newpassword.'",';
$attributes[$entry] = $file; } } closedir($dir); if (is_array($selected)) { while(list($key,$val) = each($selected)) { $entry = readentry("data/$val"); list($name,$desc) = explode(":",$entry); print "<br/><br/>Loading $desc<br>\n"; $lc_name = str_replace(" ","", strtolower(str_replace(".txt","",$val))); $lc_name = ereg_replace("[^[:alnum:]]","",$lc_name); if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name"); Sql_Query("select * from {$tables['attribute']} where tablename = \"$lc_name\""); if (Sql_Affected_Rows()) Fatal_Error("Name is not unique enough"); $query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"],addslashes($name),"select",1,$lc_name); Sql_Query($query); $insertid = Sql_Insert_id(); $query = "create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)"; Sql_Query($query); $fp = fopen("data/$val","r"); $header = ""; while (!feof ($fp)) { $buffer = fgets($fp, 4096); if (!ereg("#",$buffer)) { if (!$header) $header = $buffer;
ob_end_flush(); if (isset($_POST["action"]) && $_POST["action"] == $GLOBALS['I18N']->get('SaveChanges')) { if (isset($_POST["name"])) { print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>'; } flush(); while (list($id, $val) = each($_POST["name"])) { if (!$id && isset($_POST["name"][0]) && $_POST["name"][0] != "") { # it is a new one $lc_name = substr(preg_replace("/\\W/", "", strtolower($_POST["name"][0])), 0, 10); if ($lc_name == "") { Fatal_Error($GLOBALS['I18N']->get('NameNotEmpty') . " {$lc_name}"); } Sql_Query("select * from {$tables['adminattribute']} where tablename = \"{$lc_name}\""); if (Sql_Num_Rows()) { Fatal_Error($GLOBALS['I18N']->get('NameNotUnique')); } $query = sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",%d,"%s",%d,"%s")', $tables["adminattribute"], addslashes($_POST["name"][0]), $_POST["type"][0], $_POST["listorder"][0], addslashes($_POST["default"][0]), $_POST["required"][0], $lc_name); Sql_Query($query); $insertid = Sql_Insert_id(); # text boxes and hidden fields do not have their own table if ($_POST["type"][$id] != "textline" && $_POST["type"]["id"] != "hidden") { $query = "create table {$table_prefix}" . "adminattr_{$lc_name}\r\n (id integer not null primary key auto_increment,\r\n name varchar(255) unique,listorder integer default 0)"; Sql_Query($query); } else { # and they cannot currently be required, changed 29/08/01, # insert javascript to require them, except for hidden ones :-) if ($_POST["type"]["id"] == "hidden") { Sql_Query("update {$tables['attribute']} set required = 0 where id = {$insertid}");
if ($adminlevel == "superuser") { $html .= menuLink("admins", "administrators"); $html .= menuLink("groups", "groups"); $html .= menuLink("users", "users"); $html .= menuLink("userattributes", "user attributes"); $req = Sql_Query('select * from attribute where type = "select" or type = "radio" or type = "checkboxgroup"'); while ($row = Sql_Fetch_Array($req)) { $html .= menuLink("editattributes&id=" . $row["id"], "> " . $row["name"]); } $html .= menuLink("branches", "branch fields", "option=branchfields"); $html .= menuLink("templates", "templates"); } return $html; } if (!$id) { Fatal_Error($GLOBALS['I18N']->get('NoAttr') . " {$id}"); return; } if (!isset($tables["attribute"])) { $tables["attribute"] = "attribute"; $tables["user_attribute"] = "user_attribute"; } if (!isset($table_prefix)) { $table_prefix = 'phplist_'; } $res = Sql_Query("select * from {$tables['attribute']} where id = {$id}"); $data = Sql_Fetch_array($res); $table = $table_prefix . "listattr_" . $data["tablename"]; switch ($data['type']) { case 'checkboxgroup': case 'select':
if ($require_login && !isSuperUser()) { $lists = Sql_query("SELECT listid FROM {$tables["listuser"]},{$tables["list"]} where userid = " . $delete . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} "); while ($lst = Sql_fetch_array($lists)) { Sql_query("delete from {$tables["listuser"]} where userid = {$delete} and listid = {$lst['0']}"); } } else { deleteUser($delete); } print '..' . $GLOBALS['I18N']->get('Done') . "<br /><hr><br />\n"; } $membership = ""; $subscribed = array(); if ($id) { $result = Sql_query("SELECT * FROM {$tables["user"]} where id = {$id}"); if (!Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('No such User') . ' ' . $id); return; } $user = sql_fetch_array($result); $lists = Sql_query("SELECT listid,name FROM {$tables["listuser"]},{$tables["list"]} where userid = " . $user["id"] . " and {$tables['listuser']}.listid = {$tables['list']}.id {$subselect} "); while ($lst = Sql_fetch_array($lists)) { $membership .= "<li>" . PageLink2("editlist", $lst["name"], "id=" . $lst["listid"]); array_push($subscribed, $lst["listid"]); } if (!$membership) { $membership = $GLOBALS['I18N']->get('No Lists'); } if ($access != "view") { printf("<br /><hr/>%s<li><a href=\"javascript:deleteRec('%s');\">delete</a> %s\n", $delete_message, PageURL2("user", "", "delete={$id}&{$returnurl}"), $user["email"]); } printf(' <a href="%s">%s</a>', getConfig("preferencesurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('update page'));
$emailindex = $i; } elseif (strtolower($attribute) == "password") { $passwordindex = $i; } elseif (strtolower($attribute) == "loginname") { $loginnameindex = $i; } else { $req = Sql_Query("select id from " . $tables["adminattribute"] . " where name = \"{$attribute}\""); if (!Sql_Affected_Rows()) { # it's a new one # oops, bad coding cut-n-paste $lc_name = substr(str_replace(" ", "", strtolower($attribute)), 0, 10); if ($lc_name == "") { Fatal_Error($GLOBALS['I18N']->get("Name cannot be empty") . ": " . $lc_name); } Sql_Query("select * from " . $tables["adminattribute"] . " where tablename = \"{$lc_name}\""); if (Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get("Name is not unique enough") . ": " . $attribute); } if (!$test_import) { Sql_Query(sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",0,"",0,"%s")', $tables["adminattribute"], addslashes($attribute), "textline", $lc_name)); $attid = Sql_Insert_id(); } else { $attid = 0; } } else { $d = Sql_Fetch_Row($req); $attid = $d[0]; } $import_attribute[$attribute] = array("index" => $i, "record" => $attid); } } if (!isset($emailindex)) {
function dbg($variable, $description = 'Value', $nestingLevel = 0) { // smartDebug($variable, $description, $nestingLevel); //TODO Fix before release! // return; global $config; # if (!$config["debug"]) # $er = error_reporting(0); if (ini_get("safe_mode") && ini_get("safe_mode") != "Off") { return; } if (!$config["debug"]) { return; } if ($config["verbose"]) { print "\n" . '<font class="debug">DBG: ' . $msg . '</font><br>' . "\n"; } elseif ($config["debug_log"]) { $fp = @fopen($config["debug_log"], "a"); $line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n"; @fwrite($fp, $line); @fclose($fp); # $fp = fopen($config["sql_log"],"a"); # fwrite($fp,"$line"); # fclose($fp); } else { Fatal_Error("Debugging not configured properly"); } # error_reporting($er); }
<?php require_once dirname(__FILE__) . '/accesscheck.php'; $id = !empty($_GET['id']) ? sprintf('%d', $_GET['id']) : 0; ob_end_flush(); if (!$id) { Fatal_Error($GLOBALS['I18N']->get('No such attribute:') . " {$id}"); return; } if (!isset($tables["attribute"])) { $tables["attribute"] = "attribute"; $tables["user_attribute"] = "user_attribute"; } if (!isset($table_prefix)) { $table_prefix = 'phplist_'; } $res = Sql_Query("select * from {$tables['attribute']} where id = {$id}"); $data = Sql_Fetch_array($res); $table = $table_prefix . "listattr_" . $data["tablename"]; switch ($data['type']) { case 'checkboxgroup': case 'select': case 'radio': break; default: print $GLOBALS['I18N']->get('This datatype does not have editable values'); return; } ?> <div class="panel"><div class="header"></div><!-- ENDOF .header --> <div class="content">
while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert ignore into %s (attributeid,userid) values(0,%d)', $tables["user_attribute"],$row[0])); } } elseif ($_POST["name"][$id] != "") { # it is a change # get the original type $req = Sql_Fetch_Row_Query("select type,tablename from {$tables['attribute']} where id = $id"); switch($req[0]) { case "textline":case "hidden": if ($type[$id] == "hidden" || $type[$id] == "textline") break; # we are turning a hidden or textline field into a radio,checkbox,checkboxgroup or select if ($type[$id] != "checkbox") { $lc_name = substr(preg_replace("/\W/","", strtolower($req[1])),0,10); if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name"); Sql_Query("create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)"); $attreq = Sql_Query("select distinct value from {$tables['user_attribute']} where attributeid = $id"); while ($row = Sql_Fetch_Row($attreq)) { $attindexreq = Sql_Query("select id from $table_prefix"."listattr_$lc_name where name = \"$row[0]\""); if (!Sql_Affected_Rows()) { Sql_Query("insert into $table_prefix"."listattr_$lc_name (name) values(\"$row[0]\")"); $attid = Sql_Insert_Id(); } else { $attindex = Sql_Fetch_Row($attindexreq); $attid = $attindex[0]; } Sql_Query("update {$tables['user_attribute']} set value = $attid where attributeid = $id and value = \"$row[0]\""); } } else { # in case of checkbox we just need to set the value to "on"
} } closedir($dir); if (is_array($selected)) { while (list($key, $val) = each($selected)) { $entry = readentry("data/{$val}"); list($name, $desc) = explode(":", $entry); print "<br/><br/>" . $GLOBALS['I18N']->get('loading') . " {$desc}<br>\n"; $lc_name = str_replace(" ", "", strtolower(str_replace(".txt", "", $val))); $lc_name = ereg_replace("[^[:alnum:]]", "", $lc_name); if ($lc_name == "") { Fatal_Error($GLOBALS['I18N']->get('name_empty') . " {$lc_name}"); } Sql_Query("select * from {$tables['attribute']} where tablename = \"{$lc_name}\""); if (Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('name_not_unique')); } $query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"], addslashes($name), "select", 1, $lc_name); Sql_Query($query); $insertid = Sql_Insert_id(); $query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)"; Sql_Query($query); $fp = fopen("data/{$val}", "r"); $header = ""; while (!feof($fp)) { $buffer = fgets($fp, 4096); if (!ereg("#", $buffer)) { if (!$header) { $header = $buffer; } else { if (trim($buffer) != "") {
Sql_query("delete from {$tables["bounce"]} where id = {$id}"); print $GLOBALS['I18N']->get('DoneAndLoading') . "<br /><hr><br />\n"; print PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList')); $next = Sql_Fetch_Row_query(sprintf('select id from %s where id > %d', $tables["bounce"], $id)); $id = $next[0]; if (!$id) { $next = Sql_Fetch_Row_query(sprintf('select id from %s order by id desc limit 0,5', $tables["bounce"], $id)); $id = $next[0]; } } } $guessedemail = ''; if ($id) { $result = Sql_query("SELECT * FROM {$tables["bounce"]} where id = {$id}"); if (!Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('NoSRecord')); } $bounce = sql_fetch_array($result); #printf( "<br /><li><a href=\"javascript:deleteRec('%s');\">Delete</a>\n",PageURL2("bounce","","delete=$id")); if (preg_match("#([\\d]+) bouncecount increased#", $bounce["comment"], $regs)) { $guessedid = $regs[1]; $emailreq = Sql_Fetch_Row_Query(sprintf('select email from %s where id = %d', $tables["user"], $guessedid)); $guessedemail = $emailreq[0]; } $newruleform = '<form method=post action="./?page=bouncerules">'; $newruleform .= '<table>'; $newruleform .= sprintf('<tr><td>%s</td><td><input type=text name="newrule" size=30></td></tr>', $GLOBALS['I18N']->get('Regular Expression')); $newruleform .= sprintf('<tr><td>%s</td><td><select name="action">', $GLOBALS['I18N']->get('Action')); foreach ($GLOBALS['bounceruleactions'] as $action => $desc) { $newruleform .= sprintf('<option value="%s" %s>%s</option>', $action, '', $desc); }
print '<p class="information">' . $GLOBALS['I18N']->get('Please identify the target of the following unknown columns') . '</p>'; print '<form name="importform" method="post">'; print $ls->display(); print '</form>'; /* print '<pre>'; var_dump($_SESSION['import_attribute']); print '</pre>'; */ return; } } ### show summary if (!empty($_SESSION["test_import"])) { if (!isset($_SESSION["systemindex"]["email"])) { Fatal_Error($GLOBALS['I18N']->get('Cannot find column with email, you need to map at least one column to "Email"'), 'http://resources.phplist.com/documentation/errors/importemailmapping'); return; } $ls = new WebblerListing($GLOBALS['I18N']->get('Summary')); foreach ($_SESSION["systemindex"] as $column => $columnid) { $ls->addElement($_SESSION['columnnames'][$columnid]); $ls->addColumn($_SESSION['columnnames'][$columnid], $GLOBALS['I18N']->get('maps to'), 'system: ' . $column); } foreach ($_SESSION["import_attribute"] as $column => $rec) { if (trim($column) != '') { $ls->addElement($column); if ($rec["record"] == "new") { $ls->addColumn($column, $GLOBALS['I18N']->get('maps to'), $GLOBALS['I18N']->get('Create new Attribute')); } elseif ($rec["record"] == "skip") { $ls->addColumn($column, $GLOBALS['I18N']->get('maps to'), $GLOBALS['I18N']->get('Skip Column')); } elseif (is_numeric($rec["record"])) {
function addUserForm($listid) { //nizar 'value' $html = formStart() . '<input type=hidden name=listid value="' . $listid . '"> ' . $GLOBALS['I18N']->get("Add a user") . ': <input type=text name=new value="" size=40><input type=submit name=add value="' . $GLOBALS['I18N']->get('Add') . '"> </form>'; return $html; } if (isset($id)) { print "<h3>" . $GLOBALS['I18N']->get("Members of") . " " . ListName($id) . "</h3>"; echo "<br />" . PageLink2("editlist", $GLOBALS['I18N']->get("back to this list"), "id={$id}"); echo "<br />" . PageLink2("export&list={$id}", $GLOBALS['I18N']->get("Download users on this list as a CSV file")); print addUserForm($id); } else { Fatal_Error($GLOBALS['I18N']->get("Please enter a listid")); } if (isset($_REQUEST["processtags"]) && $access != "view") { print $GLOBALS['I18N']->get("Processing") . " .... <br/>"; if ($_POST["tagaction"] && is_array($_POST["user"])) { switch ($_POST["tagaction"]) { case "move": $cnt = 0; foreach ($_POST["user"] as $key => $val) { Sql_query("delete from {$tables["listuser"]} where listid = {$id} and userid =\n {$key}"); Sql_query("replace into {$tables["listuser"]} (listid,userid)\n values({$_POST["movedestination"]},{$key})"); if (Sql_Affected_rows() == 1) { # 2 means they were already on the list $cnt++; } }
} closedir($dir); if (!empty($_POST['selected']) && is_array($_POST['selected'])) { $selected = $_POST['selected']; while (list($key, $val) = each($selected)) { $entry = readentry("data/{$val}"); list($name, $desc) = explode(":", $entry); print "<br/><br/>" . $GLOBALS['I18N']->get('Loading') . " {$desc}<br/>\n"; $lc_name = str_replace(" ", "", strtolower(str_replace(".txt", "", $val))); $lc_name = preg_replace("/[\\W]/", "", $lc_name); if ($lc_name == "") { Fatal_Error($GLOBALS['I18N']->get('Name cannot be empty:') . " {$lc_name}"); } Sql_Query("select * from {$tables['attribute']} where tablename = \"{$lc_name}\""); if (Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('Name is not unique enough')); } $query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"], addslashes($name), "select", 1, $lc_name); Sql_Query($query); $insertid = Sql_Insert_Id($tables['attribute'], 'id'); $query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)"; Sql_Query($query); $fp = fopen("data/{$val}", "r"); $header = ""; while (!feof($fp)) { $buffer = fgets($fp, 4096); if (strpos($buffer, "#") === false) { if (!$header) { $header = $buffer; } else { if (trim($buffer) != "") {
if (isset($GLOBALS["require_login"]) && $GLOBALS["require_login"]) { if ($GLOBALS["admin_auth_module"] && is_file("auth/" . $GLOBALS["admin_auth_module"])) { require_once "auth/" . $GLOBALS["admin_auth_module"]; } elseif ($GLOBALS["admin_auth_module"] && is_file($GLOBALS["admin_auth_module"])) { require_once $GLOBALS["admin_auth_module"]; } else { if ($GLOBALS["admin_auth_module"]) { logEvent("Warning: unable to use " . $GLOBALS["admin_auth_module"] . " for admin authentication, reverting back to phplist authentication"); $GLOBALS["admin_auth_module"] = 'phplist_auth.inc'; } require_once 'auth/phplist_auth.inc'; } if (class_exists('admin_auth')) { $GLOBALS["admin_auth"] = new admin_auth(); } else { print Fatal_Error($GLOBALS['I18N']->get('admininitfailure')); return; } if ((!isset($_SESSION["adminloggedin"]) || !$_SESSION["adminloggedin"]) && isset($_REQUEST["login"]) && isset($_REQUEST["password"])) { $loginresult = $GLOBALS["admin_auth"]->validateLogin($_REQUEST["login"], $_REQUEST["password"]); if (!$loginresult[0]) { $_SESSION["adminloggedin"] = ""; $_SESSION["logindetails"] = ""; $page = "login"; logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $_SERVER['REMOTE_ADDR'], $_REQUEST["login"])); $msg = $loginresult[1]; } else { $_SESSION["adminloggedin"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["logindetails"] = array("adminname" => $_REQUEST["login"], "id" => $loginresult[0], "superuser" => $admin_auth->isSuperUser($loginresult[0])); if ($_POST["page"] && $_POST["page"] != "") { $page = $_POST["page"];
# Info("Sorry, I don't know how to ".$_GET["option"]); # return; } $c = 1; @ob_end_flush(); if ($todo && $req) { while ($user = Sql_Fetch_Array($req)) { if ($c % 10 == 0) { print "<br/>{$c}/{$total}\n"; flush(); } set_time_limit(60); if (function_exists($todo)) { $todo($user['id']); } else { Fatal_Error($GLOBALS['I18N']->get("Don't know how to") . ' ' . $todo); return; } ++$c; } } if (!empty($total)) { print "{$total}/{$total}<br/>"; } } if (isset($_GET['option']) && $_GET['option'] == 'invalidemail') { #include dirname(__FILE__).'/actions/listinvalid.php'; print '<div id="listinvalid">LISTING</div>'; } elseif (isset($_GET['option']) && $_GET['option'] == 'fixinvalidemail') { Info($GLOBALS['I18N']->get('Trying to fix subscribers with an invalid email')); flush();
$import_record_delimiter = $_REQUEST['import_record_delimiter']; } else { $import_record_delimiter = "\n"; } // Change delimiter for new line. if (isset($import_record_delimiter) && $import_record_delimiter != "" && $import_record_delimiter != "\n") { $email_list = str_replace($import_record_delimiter, "\n", $email_list); } if (!isset($import_field_delimiter) || $import_field_delimiter == "" || $import_field_delimiter == "TAB") { $import_field_delimiter = "\t"; } // Check file for illegal characters $illegal_cha = array(",", ";", ":", "#", "\t"); for ($i = 0; $i < count($illegal_cha); $i++) { if ($illegal_cha[$i] != $import_field_delimiter && $illegal_cha[$i] != $import_record_delimiter && strpos($email_list, $illegal_cha[$i]) != false) { Fatal_Error($GLOBALS['I18N']->get('invalid_delimiter') . " {$import_field_delimiter}, {$import_record_delimiter}"); return; } } // Split file/emails into array $email_list = explode("\n", $email_list); // Parse the lines into records $hasinfo = 0; foreach ($email_list as $line) { $uservalues = explode($import_field_delimiter, $line); $email = trim(array_shift($uservalues)); $info = join(" ", $uservalues); $hasinfo = $hasinfo || $info != ""; $user_list[$email] = array("info" => $info); } if (sizeof($email_list) > 300 && !$test_import) {
$_SESSION["import_attribute"][$column] = array("index" => $i, "record" => 'skip', "column" => "{$column}"); array_push($used_systemattr, strtolower($column)); } else { if (isset($_SESSION["import_attribute"][$column]["record"]) && $_SESSION["import_attribute"][$column]["record"]) { # mapping has been defined } elseif (isset($_POST["column{$i}"])) { $_SESSION["import_attribute"][$column] = array("index" => $i, "record" => $_POST["column{$i}"], "column" => "{$column}"); } else { $existing = Sql_Fetch_Row_Query("select id from " . $tables["attribute"] . " where name = \"{$column}\""); $_SESSION["import_attribute"][$column] = array("index" => $i, "record" => $existing[0], "column" => $column); array_push($used_attributes, $existing[0]); } } } if (!isset($_SESSION["systemindex"]["email"])) { Fatal_Error($GLOBALS['I18N']->get('Cannot find column with email, please make sure the column is called "email" and not eg e-mail')); return; } $unused_systemattr = array_diff(array_keys($system_attributes), $used_systemattr); $unused_attributes = array_diff(array_keys($attributes), $used_attributes); $options = '<option value="new">-- ' . $GLOBALS['I18N']->get('Create new one') . '</option>'; $options .= '<option value="skip">-- ' . $GLOBALS['I18N']->get('Skip Column') . '</option>'; foreach ($unused_systemattr as $sysindex) { $options .= sprintf('<option value="%s">%s</option>', $sysindex, substr($system_attributes[$sysindex], 0, 25)); } foreach ($unused_attributes as $attindex) { $options .= sprintf('<option value="%s">%s</option>', $attindex, substr(stripslashes($attributes[$attindex]), 0, 25)); } $ls = new WebblerListing($GLOBALS['I18N']->get('Import Attributes')); $request_mapping = 0; foreach ($_SESSION["import_attribute"] as $column => $rec) {
function Debug($msg) { global $config; # if (!$config["debug"]) # $er = error_reporting(0); if (ini_get("safe_mode")) { return; } if (!$config["debug"]) { return; } if ($config["verbose"]) { print "\n" . '<font class="debug">DBG: ' . $msg . '</font><br>' . "\n"; } elseif ($config["debug_log"]) { $fp = @fopen($config["debug_log"], "a"); $line = "[" . date("d M Y, H:i:s") . "] " . getenv("REQUEST_URI") . '(' . $config["stats"]["number_of_queries"] . ") {$msg} \n"; @fwrite($fp, $line); @fclose($fp); # $fp = fopen($config["sql_log"],"a"); # fwrite($fp,"$line"); # fclose($fp); } else { Fatal_Error("Debugging not configured properly"); } # error_reporting($er); }
function getImapFolders($server, $user, $password) { #$port = "993/imap/ssl/novalidate-cert"; $port = "143/imap/notls"; $mbox = @imap_open("{" . $server . ":" . $port . "}", $user, $password, OP_HALFOPEN); if (!$mbox) { Fatal_Error($GLOBALS['I18N']->get("can't connect") . ": " . imap_last_error()); return 0; } $list = imap_getmailboxes($mbox, "{" . $server . "}", "*"); if (is_array($list)) { return $list; } else { Fatal_Error($GLOBALS['I18N']->get("imap_getmailboxes failed") . ": " . imap_last_error() . "\n"); return 0; } imap_close($mbox); }
} else { $allow = !empty($_POST['password']) && $data['password'] == $checkpassword || empty($_POST['password']); } if (!$allow) { # @@@ this check should be done above, so the error can be embedded in the template print $GLOBALS['strPasswordsNoMatch']; exit; } } # check whether they are changing to an email that already exists, should not be possible $req = Sql_Query("select uniqid from {$GLOBALS['tables']['user']} where email = \"{$email}\""); if (Sql_Affected_Rows()) { $row = Sql_Fetch_Row($req); if ($row[0] != $_GET['uid']) { Fatal_Error('Cannot change to that email address. <br/>This email already exists. <br/>Please use the preferences URL for this email to make updates. <br/>Click <a href="' . getConfig('preferencesurl') . "&email={$email}\">here</a> to request your personal location"); exit; } } # read the current values to compare changes $old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['user'], $userid)); $old_data = array_merge($old_data, getUserAttributeValues('', $userid)); $history_entry = ''; #'http://'.getConfig("website").$GLOBALS["adminpages"].'/?page=user&id='.$userid."\n\n"; if (ASKFORPASSWORD && $_POST['password']) { if (ENCRYPTPASSWORD) { $newpassword = encryptPass($_POST['password']); } else { $newpassword = sprintf('%s', $_POST['password']); }
$html .= menuLink("groups","groups"); $html .= menuLink("users","users"); $html .= menuLink("userattributes","user attributes"); $req = Sql_Query('select * from attribute where type = "select" or type = "radio" or type = "checkboxgroup"'); while ($row = Sql_Fetch_Array($req)) { $html .= menuLink("editattributes&id=".$row["id"],"> ".$row["name"]); } $html .= menuLink("branches","branch fields","option=branchfields"); $html .= menuLink("templates","templates"); } return $html; } if (!$id) Fatal_Error("No such attribute: $id"); if (!isset($tables["attribute"])) { $tables["attribute"] = "attribute"; $tables["user_attribute"] = "user_attribute"; } if (!isset($table_prefix )) { $table_prefix = 'phplist_'; } $res = Sql_Query("select * from $tables[attribute] where id = $id"); $data = Sql_Fetch_array($res); $table = $table_prefix ."listattr_".$data["tablename"]; ?> <script language="Javascript" src="js/jslib.js" type="text/javascript"></script>
include_once "structure.php"; print $GLOBALS['I18N']->get('Making connection with remote database') . "<br/>"; flush(); $remote = connectRemote(); if (!$remote) { Fatal_Error($GLOBALS['I18N']->get('cannot connect to remote database')); return; } $remote_tables = array("user" => $_POST["remote_userprefix"] . "user", "list" => $_POST["remote_prefix"] . "list", "listuser" => $_POST["remote_prefix"] . "listuser", "attribute" => $_POST["remote_userprefix"] . "attribute", "user_attribute" => $_POST["remote_userprefix"] . "user_attribute", "config" => $_POST["remote_prefix"] . "config"); print $GLOBALS['I18N']->get('Getting data from ') . htmlentities($_POST["remote_database"]) . "@" . htmlentities($_POST["remote_host"]) . "<br/>"; $version = Sql_Fetch_Row_Query("select value from {$remote_tables["config"]} where item = \"version\""); print $GLOBALS['I18N']->get('Remote version is') . " {$version['0']}<br/>\n"; $usercnt = Sql_Fetch_Row_Query("select count(*) from {$remote_tables["user"]}"); print $GLOBALS['I18N']->get('Remote version has') . " {$usercnt['0']} " . $GLOBALS['I18N']->get('users') . "<br/>"; if (!$usercnt[0]) { Fatal_Error($GLOBALS['I18N']->get('No users to copy, is the prefix correct?')); return; } $totalusers = $usercnt[0]; $listcnt = Sql_Fetch_Row_Query("select count(*) from {$remote_tables["list"]}"); print $GLOBALS['I18N']->get('Remote version has') . " {$listcnt['0']} " . $GLOBALS['I18N']->get('lists') . "<br/>"; flush(); print '<h3>' . $GLOBALS['I18N']->get('Copying lists') . '</h3>'; # first copy the lists across $listmap = array(); $remote_lists = array(); $lists_req = Sql_Query("select * from {$remote_tables["list"]}"); while ($row = Sql_Fetch_Array($lists_req)) { array_push($remote_lists, $row); } connectLocal();
if (isset($_POST['throttle_import'])) { $throttle_import = sprintf('%d', $_POST['throttle_import']); } else { $throttle_import = 0; } if ($_FILES['import_file'] && filesize($_FILES['import_file']['tmp_name']) > 10) { $newfile = $GLOBALS['tmpdir'] . '/import' . $GLOBALS['installation_name'] . time(); move_uploaded_file($_FILES['import_file']['tmp_name'], $newfile); if (!($fp = fopen($newfile, 'r'))) { Fatal_Error($GLOBALS['I18N']->get('Cannot read file. It is not readable !') . ' (' . $newfile . ')'); return; } $email_list = fread($fp, filesize($newfile)); fclose($fp); } elseif ($_FILES['import_file']) { Fatal_Error($GLOBALS['I18N']->get('Something went wrong while uploading the file. Empty file received. Maybe the file is too big, or you have no permissions to read it.')); return; } // Clean up email file $email_list = trim($email_list); $email_list = str_replace("\r", "\n", $email_list); $email_list = str_replace("\n\r", "\n", $email_list); $email_list = str_replace("\n\n", "\n", $email_list); if (isset($_REQUEST['import_record_delimiter'])) { $import_record_delimiter = $_REQUEST['import_record_delimiter']; } else { $import_record_delimiter = "\n"; } // Change delimiter for new line. if (isset($import_record_delimiter) && $import_record_delimiter != '' && $import_record_delimiter != "\n") { $email_list = str_replace($import_record_delimiter, "\n", $email_list);
if (strtolower($attribute) == 'email') { $emailindex = $i; } elseif (strtolower($attribute) == 'password') { $passwordindex = $i; } elseif (strtolower($attribute) == 'loginname') { $loginnameindex = $i; } else { $req = Sql_Query('select id from ' . $tables['adminattribute'] . " where name = \"{$attribute}\""); if (!Sql_Affected_Rows()) { $lc_name = substr(str_replace(' ', '', strtolower($attribute)), 0, 10); if ($lc_name == '') { Fatal_Error($GLOBALS['I18N']->get('Name cannot be empty') . ': ' . $lc_name); } Sql_Query('select * from ' . $tables['adminattribute'] . " where tablename = \"{$lc_name}\""); if (Sql_Affected_Rows()) { Fatal_Error($GLOBALS['I18N']->get('Name is not unique enough') . ': ' . $attribute); } if (!$test_import) { Sql_Query(sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",0,"",0,"%s")', $tables['adminattribute'], addslashes($attribute), 'textline', $lc_name)); $attid = Sql_Insert_id(); } else { $attid = 0; } } else { $d = Sql_Fetch_Row($req); $attid = $d[0]; } $import_attribute[$attribute] = array('index' => $i, 'record' => $attid); } } if (!isset($emailindex)) {