/** * Disguise action * * Administrator is able to disguise (and login) as other users. * This method will facilitate this functionalities. * * TODO better PHPDOC */ public function page_disguise() { // newUserID variable need to be passed in as a POST variable $reqUserID = IEM::requestGetPOST('newUserID', 0, 'intval'); if (empty($reqUserID)) { IEM::redirectTo('index'); return false; } // Attempt to login user with different ID if (!IEM::userLogin($reqUserID, false)) { IEM::redirectTo('index'); return false; } IEM::redirectTo('index'); return true; }
/** * PrintEditForm * Prints a form to edit a user. If you pass in a userid, it will load up that user and print their information. If you pass in the details array, it will prefill the form with that information (eg if you tried to create a user with a duplicate username). Also checks whether you are allowed to edit this user. If you are not an admin, you are only allowed to edit your own account. * * @param Int $userid Userid to load up. * @param Array $details Details to prefill the form with (in case there was a problem creating the user). * * @see User_API::Admin * @see User_API::Status * @see User_API::ListAdmin * @see User_API::EditOwnSettings * @see GetUser * * @return Void Returns nothing. If you don't have access to edit a particular user, it prints an error message and exits. Otherwise it prints the correct form (either edit-own or edit) and then exits. */ function PrintEditForm($userid = 0, $details = array()) { $thisuser = IEM::getCurrentUser(); if (!$thisuser->UserAdmin()) { if ($userid != $thisuser->userid) { $this->DenyAccess(); } if (!$thisuser->EditOwnSettings()) { $this->DenyAccess(); } } $user = $this->GetApi('User'); $listapi = $this->GetApi('Lists'); $all_lists = $listapi->GetLists(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0); $segmentapi = $this->GetApi('Segment'); $all_segments = $segmentapi->GetSegments(array('SortBy' => 'segmentname', 'Direction' => 'asc'), false, 0, 'all'); $templateapi = $this->GetApi('Templates'); $all_templates = $templateapi->GetTemplates(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0); $all_groups = API_USERGROUPS::getRecords(false, false, 0, 0, 'groupname'); $GLOBALS['CustomSmtpServer_Display'] = '0'; $GLOBALS['XmlPath'] = SENDSTUDIO_APPLICATION_URL . '/xml.php'; if ($userid > 0) { $user = GetUser($userid); if ($user->Get('userid') <= 0) { $GLOBALS['ErrorMessage'] = GetLang('UserDoesntExist'); $this->DenyAccess(); return; } $GLOBALS['UserID'] = $user->Get('userid'); $GLOBALS['UserName'] = htmlspecialchars($user->Get('username'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['FullName'] = htmlspecialchars($user->Get('fullname'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['EmailAddress'] = htmlspecialchars($user->Get('emailaddress'), ENT_QUOTES, SENDSTUDIO_CHARSET); $activity = $user->GetEventActivityType(); if (!is_array($activity)) { $activity = array(); } $GLOBALS['EventActivityType'] = implode("\n", $activity); $GLOBALS['MaxLists'] = $user->group->limit_list; $GLOBALS['MaxEmails'] = $user->group->limit_totalemailslimit; $GLOBALS['PerMonth'] = $user->group->limit_emailspermonth; $GLOBALS['PerHour'] = $user->group->limit_hourlyemailsrate; $GLOBALS['DisplayMaxLists'] = ''; if ($user->Get('maxlists') == 0) { $GLOBALS['LimitListsChecked'] = ' CHECKED'; $GLOBALS['DisplayMaxLists'] = 'none'; } $GLOBALS['DisplayEmailsPerHour'] = ''; if ($user->Get('perhour') == 0) { $GLOBALS['LimitPerHourChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsPerHour'] = 'none'; } $GLOBALS['DisplayEmailsPerMonth'] = ''; if ($user->Get('permonth') == 0) { $GLOBALS['LimitPerMonthChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsPerMonth'] = 'none'; } $GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsMaxEmails'] = 'none'; if (!$user->hasUnlimitedCredit()) { $GLOBALS['LimitMaximumEmailsChecked'] = ''; $GLOBALS['DisplayEmailsMaxEmails'] = ''; } if ($user->Get('usewysiwyg')) { $GLOBALS['UseWysiwyg'] = ' CHECKED'; $GLOBALS['UseXHTMLDisplay'] = ' style="display:block;"'; } else { $GLOBALS['UseXHTMLDisplay'] = ' style="display:none;"'; } if ($user->Get('enableactivitylog')) { $GLOBALS['EnableActivityLog'] = ' CHECKED'; } else { $GLOBALS['EnableActivityLog'] = ''; } $GLOBALS['UseXHTMLCheckbox'] = $user->Get('usexhtml')? ' CHECKED' : ''; $GLOBALS['Xmlapi'] = $user->Get('xmlapi')? ' CHECKED' : ''; $GLOBALS['XMLTokenDisplay'] = ' style="display:none;"'; if ($user->Get('xmlapi')) { $GLOBALS['XMLTokenDisplay'] = ' style="display:block;"'; } $GLOBALS['XmlToken'] = htmlspecialchars($user->Get('xmltoken'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['TextFooter'] = $user->Get('textfooter'); $GLOBALS['HTMLFooter'] = $user->Get('htmlfooter'); $GLOBALS['SmtpServer'] = $user->Get('smtpserver'); $GLOBALS['SmtpUsername'] = $user->Get('smtpusername'); $GLOBALS['SmtpPassword'] = $user->Get('smtppassword'); $GLOBALS['SmtpPort'] = $user->Get('smtpport'); if ($GLOBALS['SmtpServer']) { $GLOBALS['CustomSmtpServer_Display'] = '1'; } $GLOBALS['googlecalendarusername'] = htmlspecialchars($user->Get('googlecalendarusername'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['googlecalendarpassword'] = htmlspecialchars($user->Get('googlecalendarpassword'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['FormAction'] = 'Action=Save&UserID=' . $user->userid; if (!$thisuser->UserAdmin()) { $smtp_access = $thisuser->HasAccess('User', 'SMTP'); $GLOBALS['ShowSMTPInfo'] = 'none'; $GLOBALS['DisplaySMTP'] = '0'; if ($smtp_access) { $GLOBALS['ShowSMTPInfo'] = ''; } if ($GLOBALS['SmtpServer']) { $GLOBALS['CustomSmtpServer_Display'] = '1'; if ($smtp_access) { $GLOBALS['DisplaySMTP'] = '1'; } } $this->ParseTemplate('User_Edit_Own'); return; } $GLOBALS['StatusChecked'] = ($user->Status()) ? ' CHECKED' : ''; $GLOBALS['ForceDoubleOptInChecked'] = ($user->Get('forcedoubleoptin')) ? ' CHECKED' : ''; $GLOBALS['ForceSpamCheckChecked'] = ($user->Get('forcespamcheck')) ? ' CHECKED' : ''; $GLOBALS['InfoTipsChecked'] = ($user->InfoTips()) ? ' CHECKED' : ''; $editown = ''; if ($user->UserAdmin()) { $editown = ' CHECKED'; } else { if ($user->EditOwnSettings()) { $editown = ' CHECKED'; } } $GLOBALS['EditOwnSettingsChecked'] = $editown; $timezone = $user->usertimezone; $GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone); $admintype = $user->AdminType(); $listadmintype = $user->ListAdminType(); $segmentadmintype = $user->SegmentAdminType(); $templateadmintype = $user->TemplateAdminType(); $admin = $user->Admin(); $listadmin = $user->ListAdmin(); $segmentadmin = $user->SegmentAdmin(); $templateadmin = $user->TemplateAdmin(); $permissions = $user->Get('permissions'); $area_access = $user->Get('access'); $GLOBALS['Heading'] = GetLang('EditUser'); $GLOBALS['Help_Heading'] = GetLang('Help_EditUser'); $GLOBALS['AdminNotifyEmailAddress'] = $user->Get('adminnotify_email'); if (empty($GLOBALS['AdminNotifyEmailAddress'])) { $GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS'); } $GLOBALS['AdminNotifications_Send_Email'] = $user->Get('adminnotify_send_emailtext'); if (empty($GLOBALS['AdminNotifications_Send_Email'])) { $GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email'); } $GLOBALS['AdminNotifications_Import_Email'] = $user->Get('adminnotify_import_emailtext'); if (empty($GLOBALS['AdminNotifications_Import_Email'])) { $GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email'); } $GLOBALS['SendLimit'] = $user->Get('adminnotify_send_threshold'); $GLOBALS['ImportLimit'] = $user->Get('adminnotify_import_threshold'); if (empty($GLOBALS['SendLimit'])) { $GLOBALS['SendLimit'] = 1000; } if (empty($GLOBALS['ImportLimit'])) { $GLOBALS['ImportLimit'] = 1000; } $admin_flag = $user->Get('adminnotify_send_flag'); if ($user->Get('adminnotify_send_flag') == 1) { $GLOBALS['AdminNotificationsSend'] = 'CHECKED'; $GLOBALS['UseNotifySend'] = ''; } else { $GLOBALS['UseNotifySend'] = "style=display:none;"; } if ($user->Get('adminnotify_import_flag') == 1) { $GLOBALS['AdminNotificationsImport'] = 'CHECKED'; $GLOBALS['UseNotifyImport'] = ''; } else { $GLOBALS['UseNotifyImport'] = "style=display:none;"; } $GLOBALS['SmtpPort'] = $user->Get('smtpport'); // Log this to "User Activity Log" IEM::logUserActivity(IEM::urlFor('users', array('Action' => 'Edit', 'UserID' => $userid)), 'images/user.gif', $user->username); } else { $timezone = (isset($details['timezone'])) ? $details['timezone'] : SENDSTUDIO_SERVERTIMEZONE; $GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone); $activity = $thisuser->defaultEventActivityType; if (!is_array($activity)) { $activity = array(); } $GLOBALS['EventActivityType'] = implode("\n", $activity); $GLOBALS['FormAction'] = 'Action=Create'; if (!empty($details)) { foreach ($details as $area => $val) { $GLOBALS[$area] = $val; } } $GLOBALS['Heading'] = GetLang('CreateUser'); $GLOBALS['Help_Heading'] = GetLang('Help_CreateUser'); $listadmintype = 'c'; $segmentadmintype = 'c'; $admintype = 'c'; $templateadmintype = 'c'; $GLOBALS['DisplayMaxLists'] = 'none'; $GLOBALS['DisplayEmailsPerHour'] = 'none'; $GLOBALS['DisplayEmailsPerMonth'] = 'none'; $GLOBALS['DisplayEmailsMaxEmails'] = 'none'; $GLOBALS['MaxLists'] = '0'; $GLOBALS['PerHour'] = '0'; $GLOBALS['PerMonth'] = '0'; $GLOBALS['MaxEmails'] = '0'; $GLOBALS['StatusChecked'] = ' CHECKED'; $GLOBALS['ForceDoubleOptInChecked'] = ''; $GLOBALS['ForceSpamCheckChecked'] = ''; $GLOBALS['InfoTipsChecked'] = ' CHECKED'; $GLOBALS['EditOwnSettingsChecked'] = ' CHECKED'; $GLOBALS['LimitListsChecked'] = ' CHECKED'; $GLOBALS['LimitPerHourChecked'] = ' CHECKED'; $GLOBALS['LimitPerMonthChecked'] = ' CHECKED'; $GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED'; $GLOBALS['UseWysiwyg'] = ' CHECKED'; $GLOBALS['EnableLastViewed'] = ''; $GLOBALS['UseXHTMLCheckbox'] = ' CHECKED'; $GLOBALS['HTMLFooter'] = GetLang('Default_Global_HTML_Footer'); $GLOBALS['TextFooter'] = GetLang('Default_Global_Text_Footer'); $GLOBALS['EnableActivityLog'] = ' CHECKED'; $GLOBALS['Xmlapi'] = ''; $GLOBALS['XMLTokenDisplay'] = ' style="display:none;"'; $admin = $listadmin = $segmentadmin = $templateadmin = false; $permissions = array(); $area_access = array('lists' => array(), 'templates' => array(), 'segments' => array()); $GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS'); $GLOBALS['UseNotifySend'] = "style=display:none;"; $GLOBALS['UseNotifyImport'] = "style=display:none;"; $GLOBALS['SendLimit'] = 1000; $GLOBALS['ImportLimit'] = 1000; $GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email'); $GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email'); } $agencyid = defined('IEM_SYSTEM_LICENSE_AGENCY') ? IEM_SYSTEM_LICENSE_AGENCY : ''; $available_users = $user->AvailableUsers(); $template = GetTemplateSystem(); $template->Assign('UserID', $user->userid); $template->Assign('groupid', $user->groupid); $template->Assign('canChangeUserGroup', !$user->isLastAdmin()); $template->Assign('AgencyEdition', get_agency_license_variables()); $template->Assign('EditOwn', ($user->userid != 0 && $user->userid == $thisuser->userid)); $template->Assign('TrialUser', $user->trialuser); $template->Assign('EditMode', !empty($user->userid)); $template->Assign('AvailableNormalUsers', isset($available_users['normal']) ? $available_users['normal'] : 0); $template->Assign('AvailableTrialUsers', isset($available_users['trial']) ? $available_users['trial'] : 0); $template->Assign('AvailableGroups', $all_groups); $template->Assign('record_groupid', $user->groupid); $template->Assign('DefaultIdTab', IEM::requestGetPOST('id_tab_num', 1, 'intval')); $template->Assign('showSmtpInfo', (bool) $user->smtpserver); $template->ParseTemplate('User_Form'); }
/** * Process * Works out what you're trying to do and takes appropriate action. * Checks to make sure you have access to import subscribers before anything else. * * @param String $action Action to perform. This is usually 'step1', 'step2', 'step3' etc. This gets passed in by the Subscribers::Process function. * * @see Subscribers::Process * @see GetUser * @see User_API::HasAccess * @see ChooseList * @see ImportSubscribers_Step2 * @see FileGetLine * @see ImportSubscriberLine * @see PrintStatusReport * @see LinkFields * * @return Void Prints out the step, doesn't return anything. */ function Process($action=null) { $user = GetUser(); $this->PrintHeader(false, false, false); if (!is_null($action)) { $action = strtolower($action); } switch ($action) { case 'view_report': $importresults = IEM::sessionGet('ImportResults'); $report_type = (isset($_GET['ReportType'])) ? strtolower($_GET['ReportType']) : null; switch ($report_type) { case 'duplicates': $GLOBALS['Heading'] = GetLang('ImportResults_Report_Duplicates_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Duplicates_Intro'); $email_list = ''; foreach ($importresults['duplicateemails'] as $p => $email) { $email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n"; } $GLOBALS['EmailList'] = $email_list; break; case 'unsubscribes': $GLOBALS['Heading'] = GetLang('ImportResults_Report_Unsubscribed_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Unsubscribed_Intro'); $email_list = ''; foreach ($importresults['unsubscribedemails'] as $p => $email) { $email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n"; } $GLOBALS['EmailList'] = $email_list; break; case 'bans': $GLOBALS['Heading'] = GetLang('ImportResults_Report_Banned_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Banned_Intro'); $email_list = ''; foreach ($importresults['bannedemails'] as $p => $email) { $email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n"; } $GLOBALS['EmailList'] = $email_list; break; case 'failures': $GLOBALS['Heading'] = GetLang('ImportResults_Report_Failures_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Failures_Intro'); $email_list = ''; foreach ($importresults['failedemails'] as $p => $email) { $email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n"; } $GLOBALS['EmailList'] = $email_list; break; case 'bads': $GLOBALS['Heading'] = GetLang('ImportResults_Report_Bads_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Bads_Intro'); $email_list = ''; foreach ($importresults['baddata'] as $p => $badline) { $email_list .= htmlspecialchars($badline, ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n"; } $GLOBALS['EmailList'] = $email_list; break; default: $GLOBALS['Heading'] = GetLang('ImportResults_Report_Invalid_Heading'); $GLOBALS['Intro'] = GetLang('ImportResults_Report_Invalid_Intro'); $GLOBALS['EmailList'] = GetLang('InvalidReportURL'); break; } $this->ParseTemplate('Subscribers_Import_Results_View'); break; case 'step2': $listid = (isset($_POST['list'])) ? (int)$_POST['list'] : (int)$_GET['list']; /** * Check if user have access to the list */ $temp = $user->GetLists(); if (!array($temp) || empty($temp)) { $this->DenyAccess(); return; } $temp = array_keys($temp); if (!in_array($listid, $temp)) { $this->DenyAccess(); return; } /** * ----- */ $importinfo = array(); $importinfo['List'] = $listid; IEM::sessionSet('ImportInfo', $importinfo); $importresults = array( 'duplicates' => 0, 'success' => 0, 'updates' => 0, 'failures' => 0, 'unsubscribes' => 0, 'bans' => 0, 'bads' => 0, 'duplicateemails' => array(), 'unsubscribedemails' => array(), 'failedemails' => array(), 'bannedemails' => array(), 'baddata' => array() ); IEM::sessionSet('ImportResults', $importresults); $this->ImportSubscribers_Step2(); break; case 'step3': if (empty($_POST)) { $this->ImportSubscribers_Step2(GetLang('FileNotUploadedSuccessfully_TooBig')); break; } $importinfo = IEM::sessionGet('ImportInfo'); $importinfo['Status'] = $_POST['status']; $importinfo['Confirmed'] = $_POST['confirmed']; $importinfo['Format'] = $_POST['format']; $importinfo['Type'] = $_POST['importtype']; $importinfo['Overwrite'] = (isset($_POST['overwrite'])) ? 1 : 0; $importinfo['Autoresponder'] = (isset($_POST['autoresponder'])) ? 1 : 0; $importinfo['Headers'] = (isset($_POST['headers'])) ? 1 : 0; $importinfo['FieldEnclosed'] = (isset($_POST['fieldenclosed'])) ? $_POST['fieldenclosed'] : false; $importinfo['FieldSeparator'] = $_POST['fieldseparator']; IEM::sessionSet('ImportInfo', $importinfo); $upload_status = false; switch (strtolower($importinfo['Type'])) { case 'file': $upload_status = $this->HandleImportFile(); break; } if ($upload_status) { $this->LinkFields(); } break; case 'step4': $linkfields = IEM::requestGetPOST('LinkField', array()); if (!in_array('E', $linkfields)) { $GLOBALS['Error'] = GetLang('EmailAddressNotLinked'); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->LinkFields(); break; } $importinfo = IEM::sessionGet('ImportInfo'); $requiredFieldNames = array(); if (isset($importinfo['RequiredFields']) && is_array($importinfo['RequiredFields'])) { foreach ($importinfo['RequiredFields'] as $requiredFieldID => $requiredFieldName) { if (!in_array($requiredFieldID, $linkfields)) { $requiredFieldNames[] = $requiredFieldName; break; } } } if (!empty($requiredFieldNames)) { $GLOBALS['Error'] = sprintf(GetLang('RequireFieldNotLinked'), htmlspecialchars(implode(', ', $requiredFieldNames), ENT_QUOTES, SENDSTUDIO_CHARSET) ); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->LinkFields(); break; } $importinfo['LinkFields'] = $linkfields; IEM::sessionSet('ImportInfo', $importinfo); $GLOBALS['ImportTotalSubscribers'] = $importinfo['TotalSubscribers']; $GLOBALS['ImportTotalSubscribersMessage'] = $this->PrintStatusReport(true); $this->ParseTemplate('Subscribers_Import_Step4'); break; case 'importiframe': $this->PrintHeader(false, false, false); $importresults = IEM::sessionGet('ImportResults'); $importinfo = IEM::sessionGet('ImportInfo'); $report = ''; foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $pos => $key) { $amount = $importresults[$key]; if ($amount == 1) { $report .= GetLang('ImportSubscribers_InProgress_' . $key . '_One'); } else { $report .= sprintf(GetLang('ImportSubscribers_InProgress_' . $key . '_Many'), $this->FormatNumber($importresults[$key])); } $report .= '<br/>'; } $GLOBALS['ProgressTitle'] = GetLang('ImportResults_InProgress'); $GLOBALS['ProgressMessage'] = sprintf(GetLang('ImportResults_InProgress_Message'), $this->FormatNumber($importinfo['TotalSubscribers'])); $GLOBALS['ProgressReport'] = $report; $GLOBALS['ProgressURLAction'] = 'index.php?Page=Subscribers&Action=Import&SubAction=Import'; $this->ParseTemplate('ProgressReport_Popup'); $this->PrintFooter(true); break; case 'import': $totalProcessed = null; $percentProcessed = 0; $importinfo = IEM::sessionGet('ImportInfo'); $subscriber_info = false; switch (strtolower($importinfo['Type'])) { case 'file': $filename = array_shift($importinfo['FileList']); $subscriber_info = $this->FileGetLine(IEM_STORAGE_PATH . '/import' . "/{$filename}", true); if (is_file(IEM_STORAGE_PATH . '/import' . '/' . $filename)) { unlink(IEM_STORAGE_PATH . '/import' . '/' . $filename); } break; } $db = IEM::getDatabase(); IEM::sessionSet('ImportInfo', $importinfo); if ($subscriber_info) { foreach ($subscriber_info as $pos => $details) { $importresults = IEM::sessionGet('ImportResults'); // we don't want to import the headers! if ($importinfo['Headers'] && $details == $importinfo['ImportList']) { continue; } /* * Checks to make sure there an equal amount of data columns to header columns. * Erros are produced if not. */ if (sizeof($details) != sizeof($importinfo['ImportList'])) { // to many if (sizeof($details) > sizeof($importinfo['ImportList'])) { $importresults['bads']++; $importresults['baddata'][] = implode($importinfo['FieldSeparator'], $details) . GetLang('InvalidSubscriberImportLine_TooMany'); // too little } else { $importresults['bads']++; $importresults['baddata'][] = implode($importinfo['FieldSeparator'], $details) . GetLang('InvalidSubscriberImportLine_NotEnough'); } // actually set the errors IEM::sessionSet('ImportResults', $importresults); continue; } /* * Do the importing of the details. This includes checking the validity * of individual column data. */ $db->StartTransaction(); $this->ImportSubscriberLine($details); $db->CommitTransaction(); // Calculate total records processed so far if (is_null($totalProcessed)) { $totalProcessed = 0; foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $key) { $totalProcessed += $importresults[$key]; } } else { ++$totalProcessed; } // Caclulate the percentage completed $percentProcessed = ceil(($totalProcessed / $importinfo['TotalSubscribers'])*100); // Prepare report $report = '<ul>'; foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $pos => $key) { $amount = $importresults[$key]; $report .= '<li>'; if ($amount == 1) { $report .= GetLang('ImportSubscribers_InProgress_' . $key . '_One'); } else { $report .= sprintf(GetLang('ImportSubscribers_InProgress_' . $key . '_Many'), $this->FormatNumber($importresults[$key])); } $report .= '</li>'; } $report .= '</ul>'; // Update the status echo "<script>\n"; echo sprintf("self.parent.UpdateStatusReport('%s');", $report); echo sprintf("self.parent.UpdateStatus('%s', %d);", '', $percentProcessed); echo "</script>\n"; flush(); } ?> <script defer> setTimeout('window.location="index.php?Page=Subscribers&Action=Import&SubAction=Import&x=<?php echo rand(1,50); ?>;"', 10); </script> <?php exit(); } ?> <script> self.parent.parent.location = 'index.php?Page=Subscribers&Action=Import&SubAction=PrintReport'; </script> <?php exit(); break; case 'printreport': $this->PrintFinalReport(); break; default: $this->ChooseList('Import', 'Step2'); break; } }
/** * saveResponseAction * Save the actual save response action * * @return void * */ public function Admin_Action_SaveResponse() { $surveyId = (int) IEM::requestGetPOST('formId'); // check permission here $this->_checkSurveyAccess($surveyId); $responseId = IEM::requestGetPOST('responseId'); $responseNumber = IEM::requestGetPOST('responseNumber'); $postWidgets = IEM::requestGetPOST('widget'); $errors = 0; if ($postWidgets || $_FILES) { // If there are files, take the values and place them in the $postWidgets array so they can // get validated and entered into the response values in the same manner. Uploads will be // handled separately. if (isset($_FILES['widget'])) { foreach ($_FILES['widget']['name'] as $widgetId => $widget) { foreach ($widget as $fields) { foreach ($fields as $fieldId => $field) { if ($field['value']) { $postWidgets[$widgetId]['field'][$fieldId]['value'] = 'file_' . $field['value']; } } } } } $survey_api = $this->getApi(); $survey_api->Load($surveyId); $widgets = $survey_api->getWidgets(); $widgetErrors = array(); foreach ($widgets as $widget) { if (!isset($widgetErrors[$widget['id']])) { $widgetErrors[$widget['id']] = array(); } // validate required fields if ($widget['is_required']) { // the widget is assumed blank until one of it's fields is found not blank $isBlank = true; $isOther = false; // make sure the required widget was even posted if (isset($postWidgets[$widget['id']])) { foreach ($postWidgets[$widget['id']]['field'] as $field) { if (isset($field['value'])) { // get the value of an "other" field if it is one, otherwise just grab // the normal value if ($field['value'] == '__other__') { $isOther = true; $value = $field['other']; } else { $value = $field['value']; } // make sure the value isn't blank if (!$this->_validateIsBlank($value)) { $isBlank = false; } } } } // if the widget is blank, flag an error if ($isBlank) { if ($isOther) { $error = GetLang('Addon_Surveys_ErrorRequiredOther'); } else { $error = GetLang('Addon_Surveys_ErrorRequired'); } $widgetErrors[$widget['id']][] = $error; $errors++; } } // validate file types if (isset($postWidgets[$widget['id']]) && $widget['allowed_file_types']) { $typeArr = preg_split('/\\s*,\\s*/', strtolower($widget['allowed_file_types'])); $invalidType = false; // foreach of the passed fields (most likely 1) check and see if they are valid file types foreach ($postWidgets[$widget->id]['field'] as $field) { $parts = explode('.', $field['value']); $ext = strtolower(end($parts)); // only if the field has a value we will test its file type if (trim($field['value']) != '' && !in_array($ext, $typeArr)) { $invalidType = true; } } // if the a file is not a valid file type, then the whole widget fails validation if ($invalidType) { $lastFileType = '<em>.' . array_pop($typeArr) . '</em>'; $firstFileTypes = '<em>.' . implode('</em>, <em>.', $typeArr) . '</em>'; $widgetErrors[$widget->id][] = sprintf(GetLang('errorInvalidFileType'), $firstFileTypes, $lastFileType); $errors++; } } } // if there were errors, redirect back and display the errors if ($errors) { echo '<pre style="border: 1px solid red";><b style="color:RED;">YUDI_DEBUG:' . __FILE__ . ' ON LINE: ' . __LINE__ . '</b><br />'; print_r($widgetErrors); echo '</pre>'; die; // set the widget errors so we can retrieve them for the user IEM::sessionSet('survey.addon.widgetErrors', $widgetErrors); IEM::sessionSet('MessageText', GetLang('Addon_Surveys_saveResponseMessageError')); IEM::sessionSet('MessageType', MSG_ERROR); } else { // isntantiate a new response object $response_api = $this->getSpecificApi('responses'); $response_api->Load($responseId); // delete the values in this response, since they will be added back in $response_api->deleteValues(); // if the response was saved, then associate values to the response if ($response_api->Save()) { $responseValue = $this->getSpecificApi('responsesvalue'); // foreach of the posted widgets, check to see if it belongs in this form and save it if it does foreach ($postWidgets as $postWidgetId => $postWidget) { // iterate through each field and enter it in the feedback foreach ($postWidget['field'] as $field) { if (!isset($field['value'])) { continue; } // foreign key for the response id $responseValue->surveys_response_id = $responseId; // set the widget id foreign key; widgets can have multiple field values and // should be treated as such $responseValue->surveys_widgets_id = $postWidgetId; // set the value of the feedback; this should be a single value since widgets // can have multiple feed back values if ($field['value'] == '__other__') { $responseValue->value = $field['other']; $responseValue->is_othervalue = 1; } else { $responseValue->file_value = ""; if (substr($field['value'], 0, 5) == "file_") { $value = str_replace("file_", "", $field['value']); $responseValue->file_value = md5($value); } $responseValue->value = $field['value']; } // save it $responseValue->Save(); } } // perform file uploading if (isset($_FILES['widget']['name'])) { $files = $_FILES['widget']['name']; foreach ($files as $widgetId => $widget) { foreach ($widget as $widgetKey => $fields) { foreach ($fields as $fieldId => $field) { // gather file information $name = $_FILES['widget']['name'][$widgetId]['field'][$fieldId]['value']; $type = $_FILES['widget']['type'][$widgetId]['field'][$fieldId]['value']; $tmpName = $_FILES['widget']['tmp_name'][$widgetId]['field'][$fieldId]['value']; $error = $_FILES['widget']['error'][$widgetId]['field'][$fieldId]['value']; $size = $_FILES['widget']['size'][$widgetId]['field'][$fieldId]['value']; // if the upload was successful to the temporary folder, move it if ($error == UPLOAD_ERR_OK) { $curDir = TEMP_DIRECTORY . DIRECTORY_SEPARATOR . 'surveys'; $upBaseDir = $curDir . DIRECTORY_SEPARATOR . $surveyId; $upDir = $upBaseDir . DIRECTORY_SEPARATOR . $response_api->GetId(); // if the main survey folder is not yet created then create it if (!is_dir($curDir)) { mkdir($curDir, 0755); } // if the base upload directory doesn't exist create it if (!is_dir($upBaseDir)) { mkdir($upBaseDir, 0755); } // if the upload directory doesn't exist create it if (!is_dir($upDir)) { mkdir($upDir, 0755); } // upload the file move_uploaded_file($tmpName, $upDir . DIRECTORY_SEPARATOR . $name); } } } } } IEM::sessionSet('MessageText', GetLang('Addon_Surveys_saveResponseMessageSuccess')); IEM::sessionSet('MessageType', SS_FLASH_MSG_SUCCESS); } } } // if view is set, then go to the view page for this response if (!$errors && IEM::requestGetPOST('view')) { if (IEM::requestGetPost('viewNext')) { $responseId = IEM::requestGetPost('viewNext'); } header('Location: index.php?Page=Addons&Addon=surveys&Action=viewresponses&surveyId=' . $surveyId . '&responseId=' . $responseId); exit; } // redirect back to the edit page header('Location: index.php?Page=Addons&Addon=surveys&Action=editresponse&surveyId=' . $surveyId . '&responseId=' . $responseId); exit; }
/** * Process * Works out what you're trying to do and takes appropriate action. Validates data where needed. * * @param String $action Action to perform. This is usually 'step1', 'step2', 'step3' etc. This gets passed in by the Subscribers::Process function. * * @see Subscribers::Process * @see GetApi * @see Subscribers_API::IsSubscriberOnList * @see Subscribers_API::AddToList * @see Subscribers_API::SaveSubscriberCustomField * @see Lists_API::GetCustomFields * @see CustomFields_API::IsRequired * @see CustomFields_API::ValidData * @see CustomFields_API::GetFieldName * @see AddSubscriber_Step2 * * @return Void Prints out the step, doesn't return anything. */ function Process($action=null) { switch (strtolower($action)) { case 'step2': $listid = (isset($_POST['list'])) ? (int)$_POST['list'] : $_GET['list']; $this->AddSubscriber_Step2($listid); break; case 'saveadd': case 'save': $user = GetUser(); $listid = (isset($_GET['list'])) ? (int)$_GET['list'] : 0; if (!$user->HasAccess('Subscribers', 'Add')) { $this->DenyAccess(); return; } $user_lists = $user->GetLists(); /** * Check if user have access to the list */ if (!array($user_lists) || empty($user_lists)) { $this->DenyAccess(); return; } $temp = array_keys($user_lists); if (!in_array($listid, $temp)) { $this->DenyAccess(); return; } /** * ----- */ $subscriber = $this->GetApi('Subscribers'); $email = IEM::requestGetPOST('emailaddress', '', 'trim'); if (empty($email) || !$subscriber->ValidEmail($email)) { $GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_InvalidEmailAddress'), htmlspecialchars($email)); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->AddSubscriber_Step2($listid); break; } $duplicate = $subscriber->IsSubscriberOnList($_POST['emailaddress'], $listid); if ($duplicate) { $unsubscribed_check = $subscriber->IsUnSubscriber(false, $listid, $duplicate); if ($unsubscribed_check) { $GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Unsubscribed'), $_POST['emailaddress']); } else { $GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Duplicate'), $_POST['emailaddress']); } $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->AddSubscriber_Step2($listid); break; } list($banned, $msg) = $subscriber->IsBannedSubscriber($_POST['emailaddress'], $listid, false); if ($banned) { $GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Banned'), $_POST['emailaddress']); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->AddSubscriber_Step2($listid); break; } $ListApi = $this->GetApi('Lists'); $ListApi->Load($listid); $ListCustomFields = $ListApi->GetCustomFields($listid); $customfield_errors = array(); foreach (array('emailaddress', 'format', 'confirmed') as $p => $area) { $subscriber->Set($area, $_POST[$area]); } $CustomFieldsValid = true; foreach ($ListCustomFields as $pos => $data) { $CustomFieldApi = $this->GetApi('CustomFields'); $fieldid = $data['fieldid']; $CustomFieldApi->Load($fieldid); $postdata = (isset($_POST['CustomFields'][$fieldid])) ? $_POST['CustomFields'][$fieldid] : ''; if (!isset($_POST['CustomFields'][$fieldid]) && !$CustomFieldApi->IsRequired()) { unset($CustomFieldApi); continue; } if ($CustomFieldApi->IsRequired()) { if (!$postdata) { $ftype = $CustomFieldApi->Get('fieldtype'); switch ($ftype) { case 'text': case 'number': $errormsg = 'SubscriberAddFail_EmptyData_EnterData'; break; case 'dropdown': case 'radiobutton': case 'checkbox': case 'date': $errormsg = 'SubscriberAddFail_EmptyData_ChooseOption'; break; } $customfield_errors[] = sprintf(GetLang($errormsg), $CustomFieldApi->GetFieldName()); unset($CustomFieldApi); continue; } } if (!$CustomFieldApi->ValidData($postdata)) { $customfield_errors[] = sprintf(GetLang('SubscriberAddFail_InvalidData'), $CustomFieldApi->GetFieldName()); unset($CustomFieldApi); continue; } unset($CustomFieldApi); } if (!empty($customfield_errors)) { $GLOBALS['Error'] = implode('<br/>', $customfield_errors); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); $this->AddSubscriber_Step2($listid); break; } $subscriberid = $subscriber->AddToList($_POST['emailaddress'], $listid); $GLOBALS['Message'] = $this->PrintSuccess('SubscriberAddSuccessful'); $GLOBALS['list'] = $listid; // go through each custom field and save the info. foreach ($ListCustomFields as $pos => $data) { $fieldid = $data['fieldid']; $postdata = (isset($_POST['CustomFields'][$fieldid])) ? $_POST['CustomFields'][$fieldid] : ''; $subscriber->SaveSubscriberCustomField($subscriberid, $fieldid, $postdata); } if ($action == 'saveadd' || sizeof($user_lists) == 1) { $this->AddSubscriber_Step2($listid, true); } else { IEM::sessionSet('AddSubscriberMessage', $ListApi->Get('name')); ?> <script> window.location = 'index.php?Page=Subscribers&Action=Add'; </script> <?php exit(); } break; default: $user = GetUser(); $lists = $user->GetLists(); // If only one list available, go directly to step 2 if (count($lists) == 1) { $listid = array_pop(array_keys($lists)); $this->AddSubscriber_Step2($listid); } else { $this->ChooseList('add', 'step2'); } break; } }
/** * Process * Does all the work. * Saves settings, Checks details, calls the API to save the actual settings and checks whether it worked or not. * * @see GetApi * @see API::Set * @see API::Save * @see GetLang * @see ParseTemplate * @see SendStudio_Functions::Process * @see SendTestPreview * @see Settings_API::CheckCron * @see Settings_API::UpdateCron * * @return Void Does all of the processing, doesn't return anything. */ function Process() { $action = (isset($_GET['Action'])) ? strtolower($_GET['Action']) : null; $user = GetUser(); $access = $user->HasAccess('System', 'System'); $popup = (in_array($action, $this->PopupWindows)) ? true : false; if (!$access) { $this->DenyAccess(); return; } $LK = false; switch ($action) { case 'addons': // we need a subaction & addon name. if (!isset($_GET['SubAction'])) { return $this->ShowSettingsPage(); } if (!isset($_GET['Addon'])) { return $this->ShowSettingsPage(); } require_once(SENDSTUDIO_BASE_DIRECTORY . DIRECTORY_SEPARATOR . 'addons' . DIRECTORY_SEPARATOR . 'interspire_addons.php'); $post = array(); if (!empty($_POST)) { $post = $_POST; } try { $allowed_sub_action = array('install', 'uninstall', 'enable', 'disable', 'upgrade', 'configure', 'savesettings'); $subaction = $this->_getGETRequest('SubAction', ''); if (!in_array(strtolower($subaction), $allowed_sub_action)) { FlashMessage(GetLang('Addon_Action_NotAllowed'), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6'); return; } $result = Interspire_Addons::Process($_GET['Addon'], $subaction, $post); if ($result === true) { FlashMessage(GetLang('Addon_Success_' . strtolower($_GET['SubAction'])), SS_FLASH_MSG_SUCCESS, 'index.php?Page=Settings&Tab=6'); return; } if ($result === false || $result == null) { FlashMessage(GetLang('Addon_Failure_' . strtolower($_GET['SubAction'])), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6'); return; } echo $result; } catch (Exception $e) { $error = $e->GetMessage(); FlashMessage($error, SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6'); } return; break; case 'viewdisabled': $this->PrintHeader(true); $reporttype = (isset($_GET['Report'])) ? $_GET['Report'] : null; switch ($reporttype) { case 'autoresponder': $GLOBALS['Heading'] = GetLang('Autoresponders_Disabled_Heading'); $GLOBALS['Intro'] = GetLang('Autoresponders_Disabled_Heading_Intro'); $disabled_list = IEM::sessionGet('AutorespondersDisabled'); $disabled_report = ''; $var = GetLang('DisabledAutoresponder_Item'); foreach ($disabled_list as $p => $details) { $disabled_report .= sprintf($var, $details['autorespondername'], $details['listname']) . "\n"; } break; case 'newsletter': $GLOBALS['Heading'] = GetLang('Newsletters_Disabled_Heading'); $GLOBALS['Intro'] = GetLang('Newsletters_Disabled_Heading_Intro'); $disabled_list = IEM::sessionGet('NewslettersDisabled'); $disabled_report = ''; $var = GetLang('DisabledNewsletter_Item'); foreach ($disabled_list as $p => $details) { $disabled_report .= sprintf($var, $details['newslettername']) . "\n"; } break; } $GLOBALS['DisabledList'] = $disabled_report; $this->ParseTemplate('Settings_Disabled_Report'); $this->PrintFooter(true); break; case 'systeminfo': $this->PrintHeader(); $db = IEM::getDatabase(); $GLOBALS['DatabaseVersion'] = $db->FetchOne('SELECT version() AS version'); $GLOBALS['ProductVersion'] = GetLang('SENDSTUDIO_VERSION'); $GLOBALS['ShowProd'] = empty($GLOBALS['ProductEdition']) ? 'none' : ''; $charset = (isset($SENDSTUDIO_DEFAULTCHARSET)) ? $SENDSTUDIO_DEFAULTCHARSET : SENDSTUDIO_CHARSET; $GLOBALS['DefaultCharset'] = $charset; $GLOBALS['CharsetDescription'] = GetLang($charset); $GLOBALS['ServerTimeZone'] = SENDSTUDIO_SERVERTIMEZONE; $GLOBALS['ServerTimeZoneDescription'] = GetLang(SENDSTUDIO_SERVERTIMEZONE); $GLOBALS['ServerTime'] = date('r'); $GLOBALS['PHPVersion'] = phpversion(); $GLOBALS['ServerSoftware'] = htmlspecialchars($_SERVER["SERVER_SOFTWARE"], ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['SafeModeEnabled'] = (SENDSTUDIO_SAFE_MODE) ? GetLang('Yes') : GetLang('No'); $GLOBALS['ImapSupportFound'] = (function_exists('imap_open')) ? GetLang('Yes') : GetLang('No'); $GLOBALS['CurlSupportFound'] = (function_exists('curl_init')) ? GetLang('Yes') : GetLang('No'); $php_mods = $this->ParsePHPModules(); $GLOBALS['GDVersion'] = GetLang('GD_NotDetected'); if (Settings_API::GDEnabled() && $php_mods !== false) { $GLOBALS['GDVersion'] = $php_mods['gd']['GD Version']; } $GLOBALS['ModSecurity'] = GetLang('ModSecurity_Unknown'); if (!is_numeric(strpos(php_sapi_name(), 'cgi')) && $php_mods !== false) { $apache_mods = $this->ParseApacheModules($php_mods); if (in_array('mod_security', $apache_mods)) { $GLOBALS['ModSecurity'] = GetLang('Yes'); } else { $GLOBALS['ModSecurity'] = GetLang('No'); } } $this->ParseTemplate('Settings_SystemInfo'); $this->PrintFooter(); break; case 'showinfo': $this->PrintHeader(true); phpinfo(); $this->PrintFooter(true); break; case 'sendpreviewdisplay': $this->PrintHeader($popup); $this->SendTestPreviewDisplay('index.php?Page=Settings&Action=SendPreview', 'self.parent.getPreviewParameters()'); $this->PrintFooter($popup); break; case 'sendsmtppreviewdisplay': $this->PrintHeader($popup); $this->SendTestPreviewDisplay('index.php?Page=Settings&Action=SendPreview', 'self.parent.getSMTPPreviewParameters()'); $this->PrintFooter($popup); break; case 'sendpreview': $this->SendTestPreview(); break; case 'testbouncedisplay': $this->PrintHeader($popup); $this->TestBounceSettingsDisplay(); $this->PrintFooter($popup); break; case 'testbouncesettings': $this->TestBounceSettings(); break; case 'save': if (empty($_POST)) { $this->ShowSettingsPage(); break; } $api = $this->GetApi(); $result = false; $errors = array(); // Make sure that Contact email is filled in if (!isset($_POST['email_address']) || trim($_POST['email_address']) == '') { array_push($errors, GetLang('ErrorAlertMessage_BlankContactEmail')); } // Make sure that license key is filled in if (!isset($_POST['licensekey']) || trim($_POST['licensekey']) == '') { array_push($errors, GetLang('ErrorAlertMessage_BlankLicenseKey')); } // Make sure that application name is filled in if (!isset($_POST['lng_applicationtitle']) || trim($_POST['lng_applicationtitle']) == '') { array_push($errors, GetLang('ErrorAlertMessage_BlankApplicationName')); } $agencyId = get_agency_license_variables(); if(!empty($agencyId['agencyid'])) { $temp = IEM::requestGetPOST('lng_accountupgrademessage', '', 'trim'); if (empty($temp)) { array_push($errors, GetLang('ErrorAlertMessage_BlankAccountUpgradeMessage')); } $temp = IEM::requestGetPOST('lng_freetrial_expiry_login', '', 'trim'); if (empty($temp)) { array_push($errors, GetLang('ErrorAlertMessage_BlankExpiredLogin')); } } if ($api && count($errors) == 0) { do { $settings = array(); // fix up the database settings first. $all_areas = $api->Areas; $LK = (isset($_POST['licensekey'])) ? $_POST['licensekey'] : false; if (defined('APPLICATION_SHOW_WHITELABEL_MENU') && constant('APPLICATION_SHOW_WHITELABEL_MENU')) { foreach ($all_areas['whitelabel'] as $area) { $val = IEM::requestGetPOST(strtolower($area), false); $temp = strtolower($area); switch ($temp) { // Special case for handling logo image case 'application_logo_image': $val = IEM::requestGetPOST('existing_app_logo_image', false); if (isset($_FILES['Application_Logo_Image']) && !empty($_FILES['Application_Logo_Image']['name'])) { if ($_FILES['Application_Logo_Image']['error'] != 0 || !@is_uploaded_file($_FILES['Application_Logo_Image']['tmp_name'])) { array_push($errors, GetLang('ErrorAlertMessage_ErrorApplicationLogoImage')); break 3; } if (!$this->IsImageFile(strtolower($_FILES['Application_Logo_Image']['name']))){ array_push($errors, GetLang('ErrorAlertMessage_InvalidNameApplicationLogoImage')); break 3; } $uploadedFile = strtolower(basename($_FILES['Application_Logo_Image']['name'])); $uploadedFile = preg_replace('/.*(\..*)$/', 'applicationlogo${1}', $uploadedFile); if(move_uploaded_file($_FILES['Application_Logo_Image']['tmp_name'], (TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile))) { @chmod(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, 0666); $val = 'temp/' . $uploadedFile; } if (!$this->IsValidImageFile(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, $_FILES['Application_Logo_Image']['type'])){ @unlink(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile); array_push($errors, GetLang('ErrorAlertMessage_InvalidFormatApplicationLogoImage')); break 3; } } break; // Special case for handling favicon case 'application_favicon': $val = IEM::requestGetPOST('existing_app_favicon', false); if (isset($_FILES['Application_Favicon']) && !empty($_FILES['Application_Favicon']['name'])) { if ($_FILES['Application_Favicon']['error'] != 0 || !@is_uploaded_file($_FILES['Application_Favicon']['tmp_name'])) { array_push($errors, GetLang('ErrorAlertMessage_ErrorApplicationFavicon')); break 3; } if (!$this->IsIconFile(strtolower($_FILES['Application_Favicon']['name']))){ array_push($errors, GetLang('ErrorAlertMessage_InvalidNameApplicationFavicon')); break 3; } $uploadedFile = 'favicon.ico'; if(move_uploaded_file($_FILES['Application_Favicon']['tmp_name'], (TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile))) { @chmod(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, 0666); $val = 'temp/' . $uploadedFile; } if (!$this->IsValidIconFile(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, $_FILES['Application_Favicon']['type'])){ @unlink(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile); array_push($errors, GetLang('ErrorAlertMessage_InvalidFormatApplicationFavicon')); break 3; } } break; } $settings[$area] = $val; } } foreach ($all_areas['config'] as $area) { if (isset($_POST[strtolower($area)])) { $val = $_POST[strtolower($area)]; } else { $val = false; } if ($area == 'DATABASE_USER') { if (isset($_POST['database_u'])) { $val = $_POST['database_u']; } } if ($area == 'DATABASE_PASS') { if (isset($_POST['database_p'])) { $val = $_POST['database_p']; } } if ($area == 'APPLICATION_URL') { if (substr($val, -1) == '/') { $val = substr($val, 0, -1); } } $settings[$area] = $val; } unset($all_areas['config']); unset($all_areas['whitelabel']); // look after all of the other settings now. foreach ($all_areas as $p => $area) { if (isset($_POST[strtolower($area)])) { $val = $_POST[strtolower($area)]; } else { $val = false; } if ($area == 'BOUNCE_AGREEDELETE' && isset($_POST['bounce_process'])) { $val = 1; } if ($area == 'TEXTFOOTER') { $val = strip_tags($val); } if ($area == 'SMTP_USERNAME') { if (isset($_POST['smtp_u'])) { $val = $_POST['smtp_u']; } } if ($area == 'SMTP_PASSWORD') { if (isset($_POST['smtp_p'])) { $val = $_POST['smtp_p']; } $val = base64_encode($val); } if ($area == 'BOUNCE_PASSWORD') { if (isset($_POST['bounce_password'])) { $val = $_POST['bounce_password']; } $val = base64_encode($val); } $settings[$area] = $val; } // ----- Settings that cannot be changed $settings['DEFAULTCHARSET'] = SENDSTUDIO_DEFAULTCHARSET; if (!empty($settings['DEFAULTCHARSET'])) { $settings['DEFAULTCHARSET'] = 'UTF-8'; } // ----- // ----- Security settings $settings['SECURITY_WRONG_LOGIN_WAIT'] = intval($settings['SECURITY_WRONG_LOGIN_WAIT']); $settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT'] = intval($settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT']); $settings['SECURITY_WRONG_LOGIN_THRESHOLD_DURATION'] = intval($settings['SECURITY_WRONG_LOGIN_THRESHOLD_DURATION']) * 60; $settings['SECURITY_BAN_DURATION'] = intval($settings['SECURITY_BAN_DURATION']) * 60; if (!isset($_POST['security_wrong_login_wait_enable'])) { $settings['SECURITY_WRONG_LOGIN_WAIT'] = 0; } if (!isset($_POST['security_wrong_login_threshold_enable'])) { $settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT'] = 0; } // ----- $api->Set('Settings', $settings); $result = $api->Save(); // Save warnings if ($result) { $tempRequestWarningsEnabled = IEM::requestGetPOST('credit_percentage_warnings_enable', array()); $tempRequestWarningLevels = IEM::requestGetPOST('credit_percentage_warnings_level', array()); $tempRequestWarnigSubjects = IEM::requestGetPOST('credit_percentage_warnings_subject', array()); $tempRequestWarningEmails = IEM::requestGetPOST('credit_percentage_warnings_text', array()); if (!empty($tempRequestWarningsEnabled) && !empty($tempRequestWarningLevels) && !empty($tempRequestWarningEmails)) { $tempRecords = array(); foreach ($tempRequestWarningLevels as $index => $level) { $tempRecords[] = array( 'enabled' => in_array($index, $tempRequestWarningsEnabled), 'creditlevel' => $level, 'aspercentage' => '1', // FIXME at this stage, only monthly credits warnings are available 'emailsubject' => (isset($tempRequestWarnigSubjects[$index]) ? $tempRequestWarnigSubjects[$index] : ''), 'emailcontents' => (isset($tempRequestWarningEmails[$index]) ? $tempRequestWarningEmails[$index] : '') ); } $result = $api->SaveCreditWarnings($tempRecords); } else { $result = $api->SaveCreditWarnings(array()); } unset($tempRequestWarningsEnabled); unset($tempRequestWarningLevels); unset($tempRequestWarningEmails); } } while(false); } $tabNum = ($_POST['tab_num'] && intval($_POST['tab_num'])) ? intval($_POST['tab_num']) : 1 ; if ($result) { FlashMessage(GetLang('SettingsSaved'), SS_FLASH_MSG_SUCCESS, 'index.php?Page=Settings&Tab='.$tabNum); } else { foreach ($errors as $error) { FlashMessage($error, SS_FLASH_MSG_ERROR); } FlashMessage(GetLang('SettingsNotSaved'), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab='.$tabNum); } break; default: $this->ShowSettingsPage(); break; } }
/** * Process * Lets a user manage their own account - to a certain extent. * The API itself manages saving and updating, this just works out displaying of forms etc. * * @see PrintHeader * @see ParseTemplate * @see IEM::getDatabase() * @see GetUser * @see User_API::Set * @see GetLang * @see PrintEditForm * @see PrintFooter * * @return Void Doesn't return anything, hands the processing off to the appropriate subarea and lets it do the work. */ function Process() { $action = (isset($_GET['Action'])) ? strtolower($_GET['Action']) : ''; if (!in_array($action, $this->PopupWindows)) { $this->PrintHeader(); } $user = IEM::getCurrentUser(); $db = IEM::getDatabase(); switch ($action) { case 'save': if (!$user->EditOwnSettings()) { $this->DenyAccess(); } $smtptype = 0; if ($user->HasAccess('User', 'SMTP')) { $smtptype = (isset($_POST['smtptype'])) ? $_POST['smtptype'] : 0; } // Make sure smtptype is eiter 0 or 1 if ($smtptype != 1) { $smtptype = 0; } // ----- Activity type $activity = IEM::requestGetPOST('eventactivitytype', '', 'trim'); if (!empty($activity)) { $activity_array = explode("\n", $activity); for ($i = 0, $j = count($activity_array); $i < $j; ++$i) { $activity_array[$i] = trim($activity_array[$i]); } } else { $activity_array = array(); } $user->Set('eventactivitytype', $activity_array); // ----- /** * This was added, because User's API uses different names than of the HTML form names. * HTML form names should stay the same to keep it consistant throught the application * * This will actually map HTML forms => User's API fields */ $areaMapping = array( 'fullname' => 'fullname', 'emailaddress' => 'emailaddress', 'usertimezone' => 'usertimezone', 'textfooter' => 'textfooter', 'htmlfooter' => 'htmlfooter', 'infotips' => 'infotips', 'usewysiwyg' => 'usewysiwyg', 'enableactivitylog' => 'enableactivitylog', 'usexhtml' => 'usexhtml', 'googlecalendarusername' => 'googlecalendarusername', 'googlecalendarpassword' => 'googlecalendarpassword' ); if ($user->HasAccess('User', 'SMTP')) { $areaMapping['smtp_server'] = 'smtpserver'; $areaMapping['smtp_u'] = 'smtpusername'; $areaMapping['smtp_p'] = 'smtppassword'; $areaMapping['smtp_port'] = 'smtpport'; } foreach ($areaMapping as $p => $area) { $val = (isset($_POST[$p])) ? $_POST[$p] : ''; $user->Set($area, $val); } /** * ----- */ if ($user->HasAccess('User', 'SMTP')) { if ($smtptype == 0) { $user->Set('smtpserver', ''); $user->Set('smtpusername', ''); $user->Set('smtppassword', ''); $user->Set('smtpport', 0); } } $error = false; $template = false; if (!$error) { if ($_POST['ss_p'] != '') { if ($_POST['ss_p_confirm'] != '' && $_POST['ss_p_confirm'] == $_POST['ss_p']) { $user->Set('password', $_POST['ss_p']); } else { $error = GetLang('PasswordsDontMatch'); } } } if (!$error) { $result = $user->Save(); if ($result) { $GLOBALS['Message'] = $this->PrintSuccess('UserUpdated') . '<br/>'; } else { $GLOBALS['Error'] = GetLang('UserNotUpdated'); $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); } } else { $GLOBALS['Error'] = $error; $GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false); } $userid = $user->Get('userid'); $this->PrintEditForm($userid); break; case 'sendpreviewdisplay': $this->PrintHeader(true); $this->SendTestPreviewDisplay('index.php?Page=ManageAccount&Action=SendPreview', 'self.parent.getSMTPPreviewParameters()'); $this->PrintFooter(true); break; case 'sendpreview': $this->SendTestPreview(); break; case 'testgooglecalendar': $status = array( 'status' => false, 'message' => '' ); try { $details = array( 'username' => $_REQUEST['gcusername'], 'password' => $_REQUEST['gcpassword'] ); $this->GoogleCalendarAdd($details, true); $status['status'] = true; $status['message'] = GetLang('GooglecalendarTestSuccess'); } catch (Exception $e) { $status['message'] = GetLang('GooglecalendarTestFailure'); } print GetJSON($status); break; default: $userid = $user->userid; $this->PrintEditForm($userid); break; } if (!in_array($action, $this->PopupWindows)) { $this->PrintFooter(); } }
public function page_saveRecord() { $record = IEM::requestGetPOST('record', array()); $record['groupname'] = htmlspecialchars($record['groupname']); $created = ((IEM::ifsetor($record['groupid'], 0, 'intval') == 0) ? true : false); /* * Transform the permission so that it will be recognized by the API */ $permissions = IEM::ifsetor($record['permissions'], array()); $new_permissions = array(); if (!is_array($permissions)) { $permissions = array(); } if (!empty($permissions)) { foreach ($permissions as $each) { $temp = explode('.', $each); // This can only handle 2 level permissions, // ie. autoresponders.create, autoresponders.delete, autoresponders.edit // will become $permissions['autoresponders'] = array('create', 'delete', 'edit'); if (count($temp) != 2) { continue; } if (!isset($new_permissions[$temp[0]])) { $new_permissions[$temp[0]] = array(); } $new_permissions[$temp[0]][] = $temp[1]; } } $record['permissions'] = $new_permissions; if (empty($record)) { return $this->page_createGroup($record); } // Check if "Request Token" matches // This tries to prevent CSRF $token = IEM::sessionGet('UsersGroups_Editor_RequestToken', false); if (!$token || $token != IEM::requestGetPOST('requestToken', false)) { return $this->page_createGroup($record); } $status = API_USERGROUPS::saveRecord($record); if (!$status) { FlashMessage(GetLang('UsersGroups_From_Error_CannotSave'), SS_FLASH_MSG_ERROR); return $this->printEditor($record); } $messageVariable = 'UsersGroups_From_Success_Saved'; if ($created) { $messageVariable = 'UsersGroups_From_Success_Created'; } FlashMessage(GetLang($messageVariable), SS_FLASH_MSG_SUCCESS, IEM::urlFor('UsersGroups')); }
private function _handleSubmitAction() { // don't escape $template_dir = SENDSTUDIO_BASE_DIRECTORY . '/addons/surveys/templates'; $this->_template = GetTemplateSystem($template_dir); $this->_template->DefaultHtmlEscape = false; $formId = (int) IEM::requestGetGET('formId'); $postWidgets = IEM::requestGetPOST('widget'); // If there are files, take the values and place them in the $postWidgets array so they can // get validated and entered into the response values in the same manner. Uploads will be // handled separately. if (isset($_FILES['widget'])) { foreach ($_FILES['widget']['name'] as $widgetId => $widget) { foreach ($widget as $fields) { foreach ($fields as $fieldId => $field) { $postWidgets[$widgetId]['field'][$fieldId]['value'] = 'file_' . $field['value']; } } } } // If the form and widgets weren't posted in the format we require then redirect back if (!$formId) { $this->redirectToReferer(); } $surveyApi = $this->getApi(); $surveyApi->Load($formId); $surveyData = $surveyApi->GetData(); $errors = 0; $widgets = $surveyApi->getWidgets($formId); $widgetErrors = array(); /**** START OF ERROR VALIDATION ****/ // compile a list of widget ids so we can check the posted widgets against a list of // valid widget ids foreach ($widgets as $widgetKey => $widget) { if (!isset($widgetErrors[$widget['id']])) { $widgetErrors[$widget['id']] = array(); } // validate required fields if ($widget['is_required']) { // the widget is assumed blank until one of it's fields is found not blank $isBlank = true; $isOther = false; // make sure the required widget was even posted if (isset($postWidgets[$widget['id']])) { foreach ($postWidgets[$widget['id']]['field'] as $field) { if (isset($field['value'])) { $values = (array) $field['value']; foreach ($values as $value) { // get the value of an "other" field if it is one, otherwise just grab // the normal value if ($value == '__other__') { $isOther = true; $value = $field['other']; } // make sure the value isn't blank if ($this->_validateIsBlank($value) !== true) { $isBlank = false; } } } } } // if the widget is blank, flag an error if ($isBlank) { if ($isOther) { $error = GetLang('Addon_Surveys_ErrorRequiredOther'); } else { $error = GetLang('Addon_Surveys_ErrorRequired'); } $widgetErrors[$widget['id']][] = $error; $errors++; } if ($widget['type'] == 'file') { foreach ($postWidgets[$widget['id']]['field'] as $fieldid) { if (isset($fieldid['value'])) {$uploaded_file = $fieldid['value'];break;} } if (empty($uploaded_file) || $uploaded_file == "file_") { $error = GetLang('Addon_Surveys_ErrorRequired'); $widgetErrors[$widget['id']][] = $error; $errors++; } } } // validate file types if ($widget['type'] == 'file') { if (!empty($widget['allowed_file_types'])) { $typeArr = preg_split('/\s*,\s*/', strtolower($widget['allowed_file_types'])); $invalidType = false; // foreach of the passed fields (most likely 1) check and see if they are valid file types foreach ($postWidgets[$widget['id']]['field'] as $field) { $parts = explode('.', $field['value']); $ext = strtolower(end($parts)); // only if the field has a value we will test its file type if (trim($field['value']) != '' && !in_array($ext, $typeArr)) { $invalidType = true; } } // if the a file is not a valid file type, then the whole widget fails validation if ($invalidType) { $lastFileType = '<em>.' . array_pop($typeArr) . '</em>'; $firstFileTypes = '<em>.' . implode('</em>, <em>.', $typeArr) . '</em>'; $widgetErrors[$widget['id']][] = sprintf(GetLang('Addon_Surveys_ErrorInvalidFileType'), $lastFileType, $firstFileTypes); $errors++; } } } if (isset($postWidgets[$widget['id']])) { // add a value to the values array so it can be passed to the email feedback template @$widgets[$widgetKey]['values'] = $postWidgets[$widget['id']]['field']; } } // if there were errors, redirect back and display the errors if ($errors) { // set a global error message to alert the user to the specific errors IEM::sessionSet('survey.addon.' . $formId . '.errorMessage', $surveyData['error_message']); // set the widget errors so we can retrieve them for the user IEM::sessionSet('survey.addon.' . $formId . '.widgetErrors', $widgetErrors); $this->redirectToReferer(); } /**** END OF ERROR VALIDATION ****/ // isntantiate a new response object $response = $this->getSpecificApi('responses'); // associate the response to a particular form $response->surveys_id = $formId; // if the response was saved, then associate values to the response if ($response->Save()) { // foreach of the posted widgets, check to see if it belongs in this form and save it if it does foreach ($postWidgets as $postWidgetId => $postWidget) { // iterate through each field and enter it in the feedback foreach ($postWidget['field'] as $field) { // make sure it has a value first if (isset($field['value'])) { // since multiple values can be given, we treat them as an array $values = (array) $field['value']; foreach ($values as $value) { $responseValue = $this->getSpecificApi('responsesvalue'); // foreign key for the response id $responseValue->surveys_response_id = $response->GetId(); // set the widget id foreign key; widgets can have multiple field values and // should be treated as such $responseValue->surveys_widgets_id = $postWidgetId; // set the value of the feedback; this should be a single value since widgets // can have multiple feed back values if ($value == '__other__') { $responseValue->value = $field['other']; $responseValue->is_othervalue = 1; } else { // if file value exist we need to save the md5 name of the file in the database $responseValue->file_value = ""; if (substr($value, 0, 5) == "file_") { $value = str_replace("file_", "", $value); $responseValue->file_value = md5($value); } $responseValue->value = $value; $responseValue->is_othervalue = 0; } // save it $responseValue->Save(); } } } } // send an email if desired /** * Prepare for sending the email.. */ $widget_api = $this->getSpecificApi('widgets'); if ($surveyData['email_feedback']) { foreach ($widgets as &$widget) { $widget_api->populateFormData($widget); // set the values (normally 1, unless it's a list of checkboxes) $widget['values'] = $widget_api->getResponseValues($response->id); // get the other value $other = $widget_api->getOtherField(); // add the full url to the file if ($widget['type'] == 'file') { $attachment_url = "admin/index.php?Page=Addons&Addon=surveys&Action=DownloadAttach&ajax=1&formId=" . $formId . "&responseId=" . $response->id . "&value=" . base64_encode($widget['values'][0]['value']); $attachment_tag = SENDSTUDIO_APPLICATION_URL . "/" . $attachment_url; // . "'>" . $widget['values'][0]['value']; $widget['values'][0]['value'] = $attachment_tag; } if ($other) { // the other value will be the last one $otherValueIndex = count($widget['values']) - 1; $widget['values'][$otherValueIndex]['value'] = $other['other_label_text'] . ' ' . $widget['values'][$otherValueIndex]['value']; } } $viewUri = SENDSTUDIO_APPLICATION_URL . '/admin/index.php?Page=Addons&Addon=surveys&Action=viewresponses&surveyId=' . $surveyApi->id . '&responseId=' . $response->id; $editUri = SENDSTUDIO_APPLICATION_URL . '/admin/index.php?Page=Addons&Addon=surveys&Action=editresponse&surveyId=' . $surveyApi->id . '&responseId=' . $response->id; $this->_template->Assign('form', $surveyApi->GetData()); $this->_template->Assign('widgets', $widgets); $this->_template->Assign('emailBodyStart', sprintf(GetLang('Addon_Surveys_emailBodyStart'), $surveyApi->Get('name'))); $this->_template->Assign('emailViewLink', sprintf(GetLang('Addon_Surveys_emailViewLink'), $viewUri)); $this->_template->Assign('emailEditLink', sprintf(GetLang('Addon_Surveys_emailEditLink'), $editUri)); // parse the email template for its content $emailTemplate = $this->_template->ParseTemplate('email', true); require_once(IEM_PATH . '/ext/interspire_email/email.php'); $emailapi = new Email_API(); $emailapi->SetSmtp(SENDSTUDIO_SMTP_SERVER, SENDSTUDIO_SMTP_USERNAME, @base64_decode(SENDSTUDIO_SMTP_PASSWORD), SENDSTUDIO_SMTP_PORT); //if ($this->smtpserver) { // $emailapi->SetSmtp($this->smtpserver, $this->smtpusername, $this->smtppassword, $this->smtpport); //} $emailapi->ClearRecipients(); $emailapi->ForgetEmail(); $emailapi->Set('forcechecks', false); $to = ($surveyApi->Get('email')); $emailapi->AddRecipient($to); $emailapi->Set('FromAddress', (defined('SENDSTUDIO_EMAIL_ADDRESS') ? SENDSTUDIO_EMAIL_ADDRESS : $userobject->emailaddress)); $emailapi->Set('BounceAddress', SENDSTUDIO_EMAIL_ADDRESS); $emailapi->Set('CharSet', SENDSTUDIO_CHARSET); $subject = sprintf(GetLang('Addon_Surveys_emailSubject'), $surveyApi->Get('name')); $emailapi->Set('Subject', $subject); //email body $emailapi->AddBody('text', $emailTemplate); $status = $emailapi->Send(); if ($status['success'] != 1) { trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Was not able to send email: ' . serialize($status['failed']), E_USER_NOTICE); return false; } } // perform file uploading if (isset($_FILES['widget']['name'])) { $files = $_FILES['widget']['name']; foreach ($files as $widgetId => $widget) { foreach ($widget as $widgetKey => $fields) { foreach ($fields as $fieldId => $field) { // gather file information $name = $_FILES['widget']['name'][$widgetId]['field'][$fieldId]['value']; $type = $_FILES['widget']['type'][$widgetId]['field'][$fieldId]['value']; $tmpName = $_FILES['widget']['tmp_name'][$widgetId]['field'][$fieldId]['value']; $error = $_FILES['widget']['error'][$widgetId]['field'][$fieldId]['value']; $size = $_FILES['widget']['size'][$widgetId]['field'][$fieldId]['value']; // if the upload was successful to the temporary folder, move it if ($error == UPLOAD_ERR_OK) { $tempdir = TEMP_DIRECTORY; $upBaseDir = $tempdir . DIRECTORY_SEPARATOR . 'surveys'; $upSurveyDir = $upBaseDir . DIRECTORY_SEPARATOR . $formId; $upDir = $upSurveyDir . DIRECTORY_SEPARATOR . $response->GetId(); // if the base upload directory doesn't exist create it if (!is_dir($upBaseDir)) { mkdir($upBaseDir, 0755); } if (!is_dir($upSurveyDir)) { mkdir($upSurveyDir, 0755); } // if the upload directory doesn't exist create it if (!is_dir($upDir)) { mkdir($upDir, 0755); } // upload the file move_uploaded_file($tmpName, $upDir . DIRECTORY_SEPARATOR . $name); } } } } } } // if we are redirecting to a url, redirect them switch ($surveyData['after_submit']) { case 'show_uri': header('Location: ' . $surveyApi->show_uri); exit; break; case 'show_message': IEM::sessionSet('survey.addon.' . $formId . '.successMessage', $surveyApi->show_message); default: // redirect back $this->redirectToReferer(); } }
/** * ShowLoginForm * This shows the login form. * If there is a template to use in the data/templates folder it will use that as the login form. * Otherwise it uses the default one below. If you pass in a message it will show that message above the login form. * * @param String $template Uses the template passed in for the message (eg success / error). * @param String $msg Prints the message passed in above the login form (eg unsuccessful attempt). * * @see FetchTemplate * @see PrintHeader * @see PrintFooter * * @return Void Doesn't return anything, just prints the login form. */ function ShowLoginForm($template=false, $msg=false) { if (!IEM::getCurrentUser()) { $this->GlobalAreas['InfoTips'] = ''; } $this->PrintHeader(true); $GLOBALS['Message'] = GetLang('Help_Login'); if ($template && $msg) { switch ($template) { case 'login_error': $GLOBALS['Error'] = $msg; break; case 'login_success': $this->GlobalAreas['Success'] = $msg; break; } $GLOBALS['Message'] = $this->ParseTemplate($template,true); } $username = IEM::requestGetPOST('ss_username', false); if ($username) { $GLOBALS['ss_username'] = htmlspecialchars($username, ENT_QUOTES, SENDSTUDIO_CHARSET); } $GLOBALS['ss_takemeto'] = 'index.php'; $loginPreference = IEM::requestGetCookie('IEM_LoginPreference', array()); if (is_array($loginPreference) && isset($loginPreference['takemeto'])) { $GLOBALS['ss_takemeto'] = $loginPreference['takemeto']; } $this->GlobalAreas['SubmitAction'] = 'Login'; $this->ParseTemplate('login'); $this->PrintFooter(true); }
/** * _save * Save record (edit/create) * * @param Array $parameters Any parameters that need to be parsed to this function (OPTIONAL) * @return String Returns response string that can be outputted to the browser * * @uses SendStudio_Functions::_getPOSTRequest() * @uses SendStudio_Functions::GetApi() * @uses TriggerEmails_API::Save() * @uses TriggerEmails::_getEditor() * @uses FlashMessage() */ private function _save($parameters = array()) { if (IEM::requestGetPOST('ProcessThis', 0, 'intval') != 1) { return $this->_manage($parameters); } $api = $this->GetApi(); $record = IEM::requestGetPOST('record', array()); if (empty($record['triggeremailsid'])) { if (!$parameters['user']->HasAccess('triggeremails', 'create')) { $this->DenyAccess(); exit(); } } else { if (!$parameters['user']->HasAccess('triggeremails', 'edit')) { $this->DenyAccess(); exit(); } if (!$parameters['user']->Admin() && !$api->IsOwner($record['triggeremailsid'], $parameters['user']->userid)) { $this->DenyAccess(); exit(); } } // If triggeremailsid is specified, load the record from database, // if error is encountered, flash error message, and return to the editor page if (!empty($record['triggeremailsid'])) { $status = $api->Load(intval($record['triggeremailsid'])); if (!$status) { FlashMessage(GetLang('TriggerEmails_Cannot_Load_Record'), SS_FLASH_MSG_ERROR); return $this->_getEditor($parameters, $record); } } // Check permission for parameters entered in if (!$this->_checkUserResourcePermission($record, $parameters['user'])) { $GLOBALS['Error'] = GetLang('TriggerEmails_Form_Save_Failed_Permission'); $parameters['message'] .= $this->ParseTemplate('errormsg', true); unset($GLOBALS['Error']); return $this->_getEditor($parameters, $record); } // Overwrite bounce email if user can't specify their own if (!$parameters['user']->HasAccess('Lists', 'BounceSettings') && isset($record['triggeractions']) && isset($record['triggeractions']['send']) && isset($record['triggeractions']['send']['enabled']) && $record['triggeractions']['send']['enabled']) { $record['triggeractions']['send']['bounceemail'] = SENDSTUDIO_BOUNCE_ADDRESS; } // Populate the API foreach ($record as $property => $value) { if ($property != 'triggeremailsid') { $api->{$property} = $value; } } // Set up owner ID $api->ownerid = $parameters['user']->userid; // Save $triggerid = $api->Save(); if ($triggerid === false) { $GLOBALS['Error'] = GetLang('TriggerEmails_Form_Save_Failed'); $parameters['message'] .= $this->ParseTemplate('errormsg', true); unset($GLOBALS['Error']); return $this->_getEditor($parameters, $record); } else { FlashMessage(GetLang('TriggerEmails_Form_Save_Success'), SS_FLASH_MSG_SUCCESS, 'index.php?Page=TriggerEmails'); return $this->_manage($parameters); } }
$function_params = false; // ----- // SimpleXML extensions needs to be loaded if (!extension_loaded('SimpleXML')) { SendResponse(false, 'The XML-API requires the SimpleXML extension to be loaded.'); } if (defined('IEM_SYSTEM_ACTIVE') && !IEM_SYSTEM_ACTIVE) { SendResponse(false, 'Error: Please contact your system admin!'); } // ----- Get XML object $tempXMLString = IEM::requestGetPOST('xml', '', 'trim'); // They do not parse the XML string into the POST parameter, so getting it from php://input stream if (empty($tempXMLString)) { $tempXMLString = file_get_contents('php://input'); } $tempXMLString = trim($tempXMLString); // Make sure XML request is NOT empty if (empty($tempXMLString)) { SendResponse(false, 'No data has been given to the XML-API.'); } /** * we can't use a try/catch and a 'new SimpleXMLObject' here because php4 throws a parse error when it hits the 'try' line.