/** * Process * Works out what you're trying to do and takes appropriate action. * Checks to make sure you have access to manage subscribers before anything else. * * @param String $action Action to perform. This is usually 'step1', 'step2', 'step3' etc. This gets passed in by the Subscribers::Process function. * * @see Subscribers::Process * @see GetUser * @see User_API::HasAccess * @see ChooseList * @see DeleteSubscribers * @see ChangeFormat * @see ManageSubscribers_Step2 * @see ManageSubscribers_Step3 * * @return Void Prints out the step, doesn't return anything. */ function Process($action=null) { $user = GetUser(); $subscribersapi = $this->GetApi('subscribers'); $this->PrintHeader(false, false, false); if (!is_null($action)) { $action = strtolower($action); } if ($action == 'processpaging') { $this->SetPerPage($_GET['PerPageDisplay']); $action = 'step3'; } switch ($action) { case 'change': $subaction = strtolower($_POST['ChangeType']); $subscriberlist = $_POST['subscribers']; if (!$subscribersapi->CheckPermission($user->userid, $subscriberlist)) { $this->DenyAccess(); return; } switch ($subaction) { case 'delete': $access = $user->HasAccess('Subscribers', 'Delete'); if ($access) { $this->DeleteSubscribers($subscriberlist); } else { $this->DenyAccess(); } break; case 'changeformat_text': $this->ChangeFormat('Text', $subscriberlist); break; case 'changeformat_html': $this->ChangeFormat('HTML', $subscriberlist); break; case 'changestatus_confirm': $this->ChangeConfirm('Confirm', $subscriberlist); break; case 'changestatus_unconfirm': $this->ChangeConfirm('Unconfirm', $subscriberlist); break; } $this->ManageSubscribers_Step3(true); break; case 'delete': $access = $user->HasAccess('Subscribers', 'Delete'); if ($access) { $subscriberids = array(); if (isset($_GET['id'])) { $subscriberids[] = $_GET['id']; } $adminAccess = false; // If this user is an admin/list admin/list admintype == a then give permission if ($user->Admin() || $user->ListAdminType() == 'a' || $user->ListAdmin()) { $adminAccess = true; } if (!$subscribersapi->CheckPermission($user->userid, $subscriberids)) { $this->DenyAccess(); return; } $this->DeleteSubscribers($subscriberids); $this->ManageSubscribers_Step3(true); } else { $this->DenyAccess(); } break; case 'step3': if (isset($_POST['ShowFilteringOptions'])) { $show_filtering_options = $_POST['ShowFilteringOptions']; $user->SetSettings('ShowFilteringOptions', $show_filtering_options); } $this->ManageSubscribers_Step3(); break; case 'step2': IEM::sessionset('visiblefields',''); $listid = 0; if (isset($_POST['lists'])) { $listid = $_POST['lists']; } elseif (isset($_GET['lists'])) { $listid = $_GET['lists']; } elseif (isset($_POST['list'])) { $listid = $_POST['list']; } elseif (isset($_GET['list'])) { $listid = $_GET['list']; } $this->ManageSubscribers_Step2($listid); break; case 'advancedsearch': IEM::sessionset('visiblefields',''); $this->ChooseList('Manage', 'Step2'); break; case 'simplesearch': default: IEM::sessionset('visiblefields',''); $this->ManageSubscribers_Step3(); break; } }