public function __construct()
{
$this->coderoot = dirname(__FILE__) . '/' . __CLASS__ . '/';
parent::__construct();
if (!Sql_Table_exists($GLOBALS['table_prefix'] . 'restapi_request_log')) {
saveConfig(md5('plugin-restapi-initialised'), false, 0);
$this->initialise();
}
}
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
if (!defined('PHPLISTINIT')) {
exit;
}
$types = array('textline', 'checkbox', 'checkboxgroup', 'radio', 'select', 'hidden', 'textarea', 'date');
if (defined('IN_WEBBLER') && IN_WEBBLER || defined('WEBBLER') && WEBBLER) {
$types[] = 'avatar';
}
$formtable_exists = Sql_Table_exists('formfield');
#ob_end_flush();
#foreach ($_POST as $key => $val) {
# print "$key = ".print_r($val)."<br/>";
#}
#return;
print '<div class="panel"><div class="header"></div><div class="content">';
if (isset($_POST['action'])) {
if (isset($_POST['name'])) {
while (list($id, $val) = each($_POST['name'])) {
if (!$id && isset($_POST['name'][0]) && $_POST['name'][0] != '') {
# it is a new one
$lc_name = getNewAttributeTablename($_POST['name'][0]);
if ($lc_name == 'email') {
print Warn(s('Email is a system attribute'));
}
#print "New attribute: ".$lc_name."<br/>";
if (empty($_POST['required'][0])) {
$nRequired = 0;
} else {
$nRequired = $_POST['required'][0];
function initialise()
{
global $config;
foreach ($this->DBstructure as $table => $val) {
if (!Sql_Table_exists($table)) {
# print "creating $table <br>\n";
Sql_Create_Table($this->tables[$table], $this->DBstructure[$table]);
}
}
}
preg_match("/([\\w_]+)/", $page, $regs);
$page = $regs[1];
if (!is_file($page . '.php') && !isset($_GET['pi'])) {
$page = 'home';
}
if (!$GLOBALS["admin_auth_module"]) {
# stop login system when no admins exist
if (!Sql_Table_Exists($tables["admin"])) {
$GLOBALS["require_login"] = 0;
} else {
$num = Sql_Query("select * from {$tables["admin"]}");
if (!Sql_Affected_Rows()) {
$GLOBALS["require_login"] = 0;
}
}
} elseif (!Sql_Table_exists($GLOBALS['tables']['config'])) {
$GLOBALS['require_login'] = 0;
}
$page_title = NAME;
@(include_once dirname(__FILE__) . "/lan/" . $_SESSION['adminlanguage']['iso'] . "/pagetitles.php");
print '<script language="javascript" type="text/javascript" src="js/select_style.js"></script>';
print '<meta http-equiv="Cache-Control" content="no-cache, must-revalidate">';
// HTTP/1.1
print '<meta http-equiv="Pragma" content="no-cache">';
// HTTP/1.1
print "<title>" . NAME . " :: ";
if (isset($GLOBALS["installation_name"])) {
print $GLOBALS["installation_name"] . ' :: ';
}
print "{$page_title}</title>";
if (isset($GLOBALS["require_login"]) && $GLOBALS["require_login"]) {
function loadUser($loginname = '')
{
if (!Sql_Table_exists('user')) {
return;
}
initialiseUserSession();
if (!$loginname) {
if ($_SESSION['userloggedin'] != '' && $_SESSION['username'] != '') {
$loginname = $_SESSION['username'];
} else {
return '';
}
}
$att_req = Sql_Query(sprintf('select attribute.id,
%s.name,%s.type,
%s.value,%s.tablename from %s,%s,%s
where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid', 'attribute', 'attribute', 'user_attribute', 'attribute', 'user', 'user_attribute', 'attribute', 'user_attribute', 'user', 'user', addslashes($loginname), 'attribute', 'user_attribute'));
while ($att = Sql_fetch_array($att_req)) {
# if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) {
$_SESSION['userdata']['attribute' . $att['id']] = array('name' => $att['name'], 'value' => $att['value'], 'type' => $att['type'], 'attid' => $att['id'], 'displayvalue' => $att['value']);
switch ($att['type']) {
case 'textline':
case 'hidden':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = $att['value'];
break;
case 'creditcardno':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = obscureCreditCard($att['value']);
break;
case 'select':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = AttributeValue($att['tablename'], $att['value']);
break;
case 'date':
$_SESSION['userdata']['attribute' . $att['id']]['displayvalue'] = formatDate($att['value']);
break;
}
# }
}
$d_req = Sql_Fetch_Array_Query("select * from user where email = \"{$loginname}\"");
$_SESSION['userid'] = $d_req['id'];
foreach (array('email', 'disabled', 'confirmed', 'htmlemail', 'uniqid', 'password', 'foreignkey') as $field) {
# if (!defined($_SESSION["userdata"][$field])) {
$_SESSION['userdata'][$field] = array('name' => $field, 'value' => $d_req[$field], 'type' => 'static', 'displayvalue' => $d_req[$field]);
# }
}
$_SESSION['usergroups'] = userGroups($loginname);
if (is_array($GLOBALS['config']['usergreeting'])) {
$_SESSION['usergreeting'] = '';
foreach ($GLOBALS['config']['usergreeting'] as $att) {
$_SESSION['usergreeting'] .= $_SESSION['userdata'][$att]['displayvalue'] . ' ';
}
$_SESSION['usergreeting'] = rtrim($_SESSION['usergreeting']);
}
dbg('done loading user');
return 1;
}
print Error($GLOBALS['I18N']->get('You only have privileges to view this page, not change any of the information'));
return;
}
break;
case "none":
default:
$subselect = " and " . $tables["list"] . ".id = 0";
$subselect_where = " where " . $tables["list"] . ".owner = 0";
break;
}
if ($access != "all") {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user from the list') . '<br />';
} else {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />';
}
$usegroups = Sql_Table_exists("groups") && Sql_Table_exists('user_group');
if ($_POST["change"] && ($access == "owner" || $access == "all")) {
if (!verifyToken()) {
print Error($GLOBALS['I18N']->get('No Access'));
return;
}
if (!$id) {
$id = addNewUser($_POST['email']);
$newuser = 1;
}
if (!$id) {
print $GLOBALS['I18N']->get('Error adding user, please check that the user exists');
return;
}
# read the current values to compare changes
$old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["user"], $id));
function initialise()
{
/* Make sure database is up to date */
global $table_prefix;
$imgtbl = $this->tables['image'];
$msgtbl = $this->tables['msg'];
if (Sql_Table_exists($imgtbl) && !Sql_Table_Column_Exists($imgtbl, "cksum") || Sql_Table_exists($msgtbl) && !Sql_Table_Column_Exists($msgtbl, "original")) {
// Have old database tables?
// Drop the old tables
Sql_Drop_Table($imgtbl);
Sql_Drop_Table($msgtbl);
// Flag the plugin as not intialized so that the parent will create the new tables
$entry = md5('plugin-inlineImagePlugin-initialised');
$query = sprintf("delete from %s where item='%s'", $GLOBALS["tables"]["config"], $entry);
Sql_Query($query);
// Force reloading of config arrays, so that our parent sees the plugin
// as not initialized.
unset($_SESSION['config']);
unset($GLOBALS['config']);
unset($_SESSION["dbtables"]);
// Empty the cache that still contains our table names
}
parent::initialise();
}
$dbversion = "Older than 1.4.1";
}
print '<p>Your database version: ' . $dbversion . '</p>';
if ($dbversion == VERSION) {
print "Your database is already the correct version, there is no need to upgrade";
} else {
if ($_GET["doit"] == 'yes') {
$success = 1;
# once we are off, this should not be interrupted
ignore_user_abort(1);
# rename tables if we are using the prefix
include $GLOBALS["coderoot"] . "structure.php";
while (list($table, $value) = each($DBstruct)) {
set_time_limit(500);
if (isset($table_prefix)) {
if (Sql_Table_exists($table) && !Sql_Table_Exists($tables[$table])) {
Sql_Verbose_Query("alter table {$table} rename {$tables[$table]}", 1);
}
}
}
ob_end_flush();
print '<script language="Javascript" src="js/progressbar.js" type="text/javascript"></script>';
print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>';
# upgrade depending on old version
# $dbversion = ereg_replace("-dev","",$dbversion);
# output some stuff to make sure it's not buffered in the browser
for ($i = 0; $i < 10000; $i++) {
print ' ' . "\n";
}
print '<p>' . $GLOBALS['I18N']->get('Please wait, upgrading your database, do not interrupt') . '</p>';
for ($i = 0; $i < 10000; $i++) {
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
ob_end_flush();
$upgrade_required = 0;
$canUpgrade = checkAccess("upgrade");
if (Sql_Table_exists($tables["config"], 1)) {
$dbversion = getConfig("version");
if ($dbversion != VERSION && $canUpgrade) {
Error($GLOBALS['I18N']->get('Your database is out of date, please make sure to upgrade') . '<br/>' . $GLOBALS['I18N']->get('Your version') . ' : ' . $dbversion . '<br/>' . $GLOBALS['I18N']->get('phplist version') . ' : ' . VERSION . '<br/>' . PageLink2("upgrade", $GLOBALS['I18N']->get('Upgrade')));
$upgrade_required = 1;
}
} else {
Info($GLOBALS['I18N']->get('Database has not been initialised') . '. ' . $GLOBALS['I18N']->get('go to') . ' ' . PageLink2("initialise&firstinstall=1", $GLOBALS['I18N']->get('Initialise Database')) . ' ' . $GLOBALS['I18N']->get('to continue'), 1);
$GLOBALS["firsttime"] = 1;
$_SESSION["firstinstall"] = 1;
return;
}
## trigger this somewhere else?
refreshTlds();
# check for latest version
$checkinterval = sprintf('%d', getConfig("check_new_version"));
if (!isset($checkinterval)) {
$checkinterval = 7;
}
$showUpdateAvail = !empty($_GET['showupdate']);
## just to check the design
$thisversion = VERSION;
$thisversion = preg_replace("/[^\\.\\d]/", "", $thisversion);
$latestversion = getConfig('updateavailable');
$showUpdateAvail = $showUpdateAvail || !empty($latestversion) && !versionCompare($thisversion, $latestversion);
print $message . "\n";
flushbuffer();
flush();
}
flush();
}
function flushbuffer()
{
for ($i = 0; $i < 10000; ++$i) {
print " \n";
}
flush();
}
include dirname(__FILE__) . '/structure.php';
set_time_limit(60000);
if (!Sql_Table_exists($GLOBALS['tables']['linktrack_forward']) || !Sql_Table_exists($GLOBALS['tables']['linktrack_ml']) || !Sql_Table_exists($GLOBALS['tables']['linktrack_uml_click'])) {
output('creating tables');
Sql_Query('drop table ' . $GLOBALS['tables']['linktrack_forward']);
Sql_Query('drop table ' . $GLOBALS['tables']['linktrack_ml']);
Sql_Query('drop table ' . $GLOBALS['tables']['linktrack_uml_click']);
Sql_Create_Table($GLOBALS['tables']['linktrack_ml'], $DBstruct['linktrack_ml']);
Sql_Create_Table($GLOBALS['tables']['linktrack_forward'], $DBstruct['linktrack_forward']);
Sql_Create_Table($GLOBALS['tables']['linktrack_uml_click'], $DBstruct['linktrack_uml_click']);
output(s('creating tables done'));
}
$process_id = getPageLock();
if (empty($process_id)) {
return;
}
## only convert up to a week ago.
$lastweek = date('Y-m-d', time() - 24 * 7 * 3600);
# try to set the configuration
if (empty($GLOBALS["SessionTableName"])) {
return;
}
# only necessary on main pages, not in lt/dl etc
if (basename($_SERVER['SCRIPT_NAME']) != 'index.php') {
return;
}
@ini_set("session.save_handler", "user");
$SessionTableName = $GLOBALS["SessionTableName"];
if (ini_get("session.save_handler") == "user") {
session_set_save_handler('mysql_session_open', 'mysql_session_close', 'mysql_session_read', 'mysql_session_write', 'mysql_session_destroy', 'mysql_session_gc');
} else {
# @ini_set("session.save_handler","files");
}
if (!Sql_Table_exists($GLOBALS["SessionTableName"])) {
Sql_Create_Table($GLOBALS["SessionTableName"], array("sessionid" => array("CHAR(32) NOT NULL PRIMARY KEY", ""), "lastactive" => array("INTEGER NOT NULL", ""), "data" => array("LONGTEXT", "")));
}
function mysql_session_open($save_path, $session_name)
{
return true;
}
function mysql_session_close()
{
return true;
}
function mysql_session_read($SessionID)
{
# dbg("Reading session info for $SessionID");
$SessionTableName = $GLOBALS["SessionTableName"];
$SessionID = addslashes($SessionID);
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
## fetch updated translation
#var_dump($LANGUAGES);
if (!Sql_Table_exists($GLOBALS['tables']['i18n'])) {
include dirname(__FILE__) . '/structure.php';
Sql_Create_Table($GLOBALS['tables']['i18n'], $DBstruct['i18n']);
}
if (isset($_GET['lan'])) {
## Non-JS version
include 'actions/updatetranslation.php';
}
$force = !empty($_GET['force']);
$LU = getTranslationUpdates();
if (!$LU || !is_object($LU)) {
print Error(s('Unable to fetch list of languages, please check your network or try again later'));
return;
}
#var_dump($LU);
print '<ul>';
foreach ($LU->translation as $lan) {
# var_dump($lan);
$lastupdated = getConfig('lastlanguageupdate-' . $lan->iso);
if (!empty($LANGUAGES[(string) $lan->iso])) {
$lan_name = $LANGUAGES[(string) $lan->iso][0];
} else {
$lan_name = $lan->name;
}
if ($force || $lan->iso == $_SESSION['adminlanguage']['iso'] && $lan->lastmodified > $lastupdated) {
$updateLink = pageLinkAjax('updatetranslation&lan=' . $lan->iso, $lan_name);
if ($minor < 9 || $minor == 9 && $sub < 5) {
Sql_Create_Table($tables["user_message_forward"], $DBstruct["user_message_forward"]);
Sql_Query("alter table {$tables["user_attribute"]} add index userattid (attributeid,userid)");
Sql_Query("alter table {$tables["user_attribute"]} add index attuserid (userid,attributeid)");
Sql_Query("alter table {$tables["message"]} change column status status varchar(255)");
Sql_Create_Table($tables["userstats"], $DBstruct["userstats"]);
Sql_Create_Table($tables["bounceregex"], $DBstruct["bounceregex"]);
Sql_Create_Table($tables["bounceregex_bounce"], $DBstruct["bounceregex_bounce"]);
}
if ($minor < 10 || $minor == 10 && $sub < 13) {
Sql_Create_Table($tables["admintoken"], $DBstruct["admintoken"]);
}
break;
}
## make sure the token table exists
if (!Sql_Table_exists($tables["admintoken"], 1)) {
Sql_Create_Table($tables["admintoken"], $DBstruct["admintoken"]);
}
## add index on bounces, but ignore the error
Sql_Query("create index statusindex on {$tables["user_attribute"]} (status(10))", 1);
Sql_Query("create index message_lookup using btree on {$tables["user_message_bounce"]} (message)", 1);
## mantis issue 9001, make sure that the "repeat" column in the messages table is renamed to repeatinterval
# to avoid a name clash with Mysql 5.
# problem is that this statement will fail if the DB is already running Mysql 5
if (Sql_Table_Column_Exists($GLOBALS['tables']['message'], 'repeat')) {
Sql_Query(sprintf('alter ignore table %s change column repeat repeatinterval integer default 0', $GLOBALS['tables']['message']));
}
# check whether it worked and otherwise throw an error to say it needs to be done manually
if (Sql_Table_Column_Exists($GLOBALS['tables']['message'], 'repeat')) {
print 'Error, unable to rename column "repeat" in the table ' . $GLOBALS['tables']['message'] . ' to be "repeatinterval"<br/>
Please do this manually, refer to http://mantis.phplist.com/view.php?id=9001 for more information';
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
ob_end_flush();
$upgrade_required = 0;
$canUpgrade = checkAccess('upgrade');
if (Sql_Table_exists($tables['config'], 1)) {
$dbversion = getConfig('version');
if ($dbversion != VERSION && $canUpgrade) {
Error($GLOBALS['I18N']->get('Your database is out of date, please make sure to upgrade') . '<br/>' . $GLOBALS['I18N']->get('Your version') . ' : ' . $dbversion . '<br/>' . $GLOBALS['I18N']->get('phplist version') . ' : ' . VERSION . '<br/>' . PageLink2('upgrade', $GLOBALS['I18N']->get('Upgrade')));
$upgrade_required = 1;
}
} else {
Info($GLOBALS['I18N']->get('Database has not been initialised') . '. ' . $GLOBALS['I18N']->get('go to') . ' ' . PageLink2('initialise&firstinstall=1', $GLOBALS['I18N']->get('Initialise Database')) . ' ' . $GLOBALS['I18N']->get('to continue'), 1);
$GLOBALS['firsttime'] = 1;
$_SESSION['firstinstall'] = 1;
return;
}
## trigger this somewhere else?
refreshTlds();
# check for latest version
$checkinterval = sprintf('%d', getConfig('check_new_version'));
if (!isset($checkinterval)) {
$checkinterval = 7;
}
$showUpdateAvail = !empty($_GET['showupdate']);
## just to check the design
$thisversion = VERSION;
$thisversion = preg_replace("/[^\\.\\d]/", '', $thisversion);
$latestversion = getConfig('updateavailable');
$showUpdateAvail = $showUpdateAvail || !empty($latestversion) && !versionCompare($thisversion, $latestversion);
# try to set the configuration
if (empty($GLOBALS['SessionTableName'])) {
return;
}
# only necessary on main pages, not in lt/dl etc
if (basename($_SERVER['SCRIPT_NAME']) != 'index.php') {
return;
}
@ini_set('session.save_handler', 'user');
$SessionTableName = $GLOBALS['SessionTableName'];
if (ini_get('session.save_handler') == 'user') {
session_set_save_handler('mysql_session_open', 'mysql_session_close', 'mysql_session_read', 'mysql_session_write', 'mysql_session_destroy', 'mysql_session_gc');
} else {
# @ini_set("session.save_handler","files");
}
if (!Sql_Table_exists($GLOBALS['SessionTableName'])) {
Sql_Create_Table($GLOBALS['SessionTableName'], array('sessionid' => array('CHAR(32) NOT NULL PRIMARY KEY', ''), 'lastactive' => array('INTEGER NOT NULL', ''), 'data' => array('LONGTEXT', '')));
}
function mysql_session_open($save_path, $session_name)
{
return true;
}
function mysql_session_close()
{
return true;
}
function mysql_session_read($SessionID)
{
# dbg("Reading session info for $SessionID");
$SessionTableName = $GLOBALS['SessionTableName'];
$SessionID = addslashes($SessionID);
function initialise()
{
global $table_prefix;
$me = new ReflectionObject($this);
$plugin_initialised = getConfig(md5('plugin-' . $me->getName() . '-initialised'));
if (empty($plugin_initialised)) {
foreach ($this->DBstruct as $table => $structure) {
if (!Sql_Table_exists($table_prefix . $me->getName() . '_' . $table)) {
# print s('Creating table').' '.$table . '<br/>';
Sql_Create_Table($table_prefix . $me->getName() . '_' . $table, $structure);
}
}
saveConfig(md5('plugin-' . $me->getName() . '-initialised'), time(), 0);
}
}
}
if (version_compare(PHP_VERSION, '5.1.2', '<') && WARN_ABOUT_PHP_SETTINGS) {
Error($GLOBALS['I18N']->get('phpList requires PHP version 5.1.2 or higher'));
}
if (defined("ENABLE_RSS") && ENABLE_RSS && !function_exists("xml_parse") && WARN_ABOUT_PHP_SETTINGS) {
Warn($GLOBALS['I18N']->get('You are trying to use RSS, but XML is not included in your PHP'));
}
if (ALLOW_ATTACHMENTS && WARN_ABOUT_PHP_SETTINGS && (!is_dir($GLOBALS["attachment_repository"]) || !is_writable($GLOBALS["attachment_repository"]))) {
if (ini_get("open_basedir")) {
Warn($GLOBALS['I18N']->get('open_basedir restrictions are in effect, which may be the cause of the next warning'));
}
Warn($GLOBALS['I18N']->get('The attachment repository does not exist or is not writable'));
}
if (MANUALLY_PROCESS_QUEUE && isSuperUser() && empty($_GET['pi']) && (!isset($_GET['page']) || $_GET['page'] != 'processqueue' && $_GET['page'] != 'messages' && $_GET['page'] != 'upgrade')) {
## avoid error on uninitialised DB
if (Sql_Table_exists($tables['message'])) {
$queued_count = Sql_Fetch_Row_Query(sprintf('select count(id) from %s where status in ("submitted","inprocess") and embargo < now()', $tables['message']));
if ($queued_count[0]) {
$link = PageLinkButton('processqueue', s('Process the queue'));
$link2 = PageLinkButton('messages&tab=active', s('View the queue'));
if ($link || $link2) {
print Info(sprintf(s('You have %s message(s) waiting to be sent'), $queued_count[0]) . '<br/>' . $link . ' ' . $link2);
}
}
}
}
}
# always allow access to the about page
if (isset($_GET['page']) && $_GET['page'] == 'about') {
$page = 'about';
$include = 'about.php';
<?php
$types = array('textline', 'checkbox', 'checkboxgroup', 'radio', 'select', "hidden", "textarea", "date");
$formtable_exists = Sql_Table_exists("formfield");
ob_end_flush();
#foreach ($_POST as $key => $val) {
# print "$key = ".print_r($val)."<br/>";
#}
#return;
print '<script language="Javascript" src="js/progressbar.js" type="text/javascript"></script>';
if (isset($_POST["action"])) {
if (isset($_POST["name"])) {
print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>';
flush();
while (list($id, $val) = each($_POST["name"])) {
if (!$id && isset($_POST["name"][0]) && $_POST["name"][0] != "") {
# it is a new one
$lc_name = getNewAttributeTablename($_POST["name"][0]);
if ($lc_name == "email") {
print Warn($GLOBALS['I18N']->get('warnemailattribute'));
}
#print "New attribute: ".$_POST["name"][0]."<br/>";
$query = sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",%d,"%s",%d,"%s")', $tables["attribute"], addslashes($_POST["name"][0]), $_POST["type"][0], $_POST["listorder"][0], addslashes($_POST["default"][0]), $_POST["required"][0], $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
# text boxes and hidden fields do not have their own table
if ($_POST["type"][$id] != "textline" && $_POST["type"]["id"] != "hidden") {
$query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
} else {
# and they cannot currently be required, changed 29/08/01, insert javascript to require them, except for hidden ones :-)
function loadUser($loginname = "") {
dbg("Loading User");
if (!Sql_Table_exists("user")) return;
initialiseUserSession();
if (!$loginname) {
if ($_SESSION["userloggedin"] != "" && $_SESSION["username"] != "") {
$loginname = $_SESSION["username"];
} else {
return "";
}
}
$att_req = Sql_Query(sprintf('select attribute.id,
%s.name,%s.type,
%s.value,%s.tablename from %s,%s,%s
where %s.userid = %s.id and %s.email = "%s" and %s.id = %s.attributeid',
"attribute",
"attribute",
"user_attribute",
"attribute",
"user",
"user_attribute",
"attribute",
"user_attribute",
"user",
"user",
$loginname,
"attribute",
"user_attribute"
));
while ($att = Sql_fetch_array($att_req)) {
# if (!defined($_SESSION["userdata"]["attribute".$att["id"]])) {
$_SESSION["userdata"]["attribute".$att["id"]] = array(
"name" => $att["name"],
"value" => $att["value"],
"type" => $att["type"],
"attid" => $att["id"]
);
switch ($att["type"]) {
case "textline":
case "hidden":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
$att["value"];
break;
case "creditcardno":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
obscureCreditCard($att["value"]);
break;
case "select":
$_SESSION["userdata"]["attribute".$att["id"]]["displayvalue"] =
AttributeValue($att["tablename"],$att["value"]);
break;
}
# }
}
$d_req = Sql_Fetch_Array_Query("select * from user where email = \"$loginname\"");
$_SESSION["userid"] = $d_req["id"];
foreach (array("email","disabled","confirmed","htmlemail","uniqid") as $field) {
# if (!defined($_SESSION["userdata"][$field])) {
$_SESSION["userdata"][$field] = array(
"name" => $field,
"value" => $d_req[$field],
"type" => "static",
"displayvalue" => $d_req[$field]
);
# }
}
dbg("done loading user");
$_SESSION["groups"] = userGroups($loginname);
return 1;
}
print Error($GLOBALS['I18N']->get('You only have privileges to view this page, not change any of the information'));
return;
}
break;
case "none":
default:
$subselect = " and " . $tables["list"] . ".id = 0";
$subselect_where = " where " . $tables["list"] . ".owner = 0";
break;
}
if ($access != "all") {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user from the list') . '<br />';
} else {
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />';
}
$usegroups = Sql_Table_exists("groups");
if ($_POST["change"] && ($access == "owner" || $access == "all")) {
if (!$id) {
$id = addNewUser($_POST['email']);
$newuser = 1;
}
if (!$id) {
print $GLOBALS['I18N']->get('Error adding user, please check that the user exists');
return;
}
# read the current values to compare changes
$old_data = Sql_Fetch_Array_Query(sprintf('select * from %s where id = %d', $tables["user"], $id));
$old_data = array_merge($old_data, getUserAttributeValues('', $id));
# and membership of lists
$req = Sql_Query("select * from {$tables["listuser"]} where userid = {$id}");
while ($row = Sql_Fetch_Array($req)) {
