print '<p>' . PageLink2("adminimport", $GLOBALS['I18N']->get("Import some more emails"));
} else {
echo formStart('enctype="multipart/form-data" name="import"');
if ($GLOBALS["require_login"] && !isSuperUser()) {
$access = accessLevel("importadmin");
if ($access == "owner") {
$subselect = " where owner = " . $_SESSION["logindetails"]["id"];
} elseif ($access == "all") {
$subselect = "";
} elseif ($access == "none") {
$subselect = " where id = 0";
}
}
$req = Sql_Query("select * from {$tables["admin_task"]} where adminid = 0");
if (!Sql_Affected_Rows()) {
Warn($GLOBALS['I18N']->get("No default permissions have been defined, please create default permissions first, by creating one dummy admin and assigning the default permissions to this admin"));
}
?>
</ul>
<table border="1">
<tr><td colspan=2><?php
echo $GLOBALS['I18N']->get('importadmininfo');
?>
</td></tr>
<tr><td><?php
echo $GLOBALS['I18N']->get('File containing emails');
?>
:</td><td><input type="file" name="import_file"></td></tr>
<tr><td><?php
echo $GLOBALS['I18N']->get('Field Delimiter');
if (USEFCK) {
$imgdir = getenv("DOCUMENT_ROOT").$GLOBALS["pageroot"].'/'.FCKIMAGES_DIR.'/';
if (!is_dir($imgdir) || !is_writeable ($imgdir)) {
Warn("The FCK image directory does not exist, or is not writable");
}
}
*/
if (defined("USE_PDF") && USE_PDF && !defined('FPDF_VERSION')) {
Warn($GLOBALS['I18N']->get('nofpdf'));
}
$this_doc = getenv("REQUEST_URI");
if (preg_match("#(.*?)/admin#i", $this_doc, $regs)) {
$check_pageroot = $pageroot;
$check_pageroot = preg_replace('#/$#', '', $check_pageroot);
if ($check_pageroot != $regs[1] && WARN_ABOUT_PHP_SETTINGS) {
Warn($GLOBALS['I18N']->get('warnpageroot'));
}
}
clearstatcache();
if (checkAccess($page, "") || $page == 'about') {
if (!$_GET['pi'] && (is_file($include) || is_link($include))) {
# check whether there is a language file to include
if (is_file("lan/" . $_SESSION['adminlanguage']['iso'] . "/" . $include)) {
include "lan/" . $_SESSION['adminlanguage']['iso'] . "/" . $include;
}
# print "Including $include<br/>";
# hmm, pre-parsing and capturing the error would be nice
#$parses_ok = eval(@file_get_contents($include));
$parses_ok = 1;
if (!$parses_ok) {
print Error("cannot parse {$include}");
$ls->addColumn($row['id'], $GLOBALS['I18N']->get('size'), formatBytes($row['size']));
$totalSize += $row['size'];
$phys_file = $GLOBALS['attachment_repository'] . '/' . $row['filename'];
if (is_file($phys_file) && filesize($phys_file)) {
$ls->addColumn($row['id'], $GLOBALS['I18N']->get('file'), $GLOBALS['img_tick']);
} else {
$ls->addColumn($row['id'], $GLOBALS['I18N']->get('file'), $GLOBALS['img_cross']);
}
$ls->addColumn($row['id'], $GLOBALS['I18N']->get('del'), sprintf('<input type="checkbox" name="deleteattachments[]" value="%s"/>', $row['linkid']));
}
$ls->addButton(s('Delete checked'), 'javascript:document.sendmessageform.submit()');
$att_content .= '<div>' . $ls->display() . '</div>';
}
if (defined('MAX_MAILSIZE') && 3 * $totalSize > MAX_MAILSIZE) {
## the 3 is roughly the size increase to encode the string
$att_content .= Warn(s('The total size of attachments is very large. Sending this campaign may fail due to resource limits.'));
}
for ($att_cnt = 1; $att_cnt <= NUMATTACHMENTS; ++$att_cnt) {
$att_content .= sprintf('<div>%s</div><div><input type="file" name="attachment%d"/> <input class="submit" type="submit" name="save" value="%s"/></div>', $GLOBALS['I18N']->get('New Attachment'), $att_cnt, $GLOBALS['I18N']->get('Add (and save)'));
if (FILESYSTEM_ATTACHMENTS) {
$att_content .= sprintf('<div><b>%s</b> %s:</div><div><input type="text" name="localattachment%d" size="50"/></div>', $GLOBALS['I18N']->get('or'), $GLOBALS['I18N']->get('Path to file on server'), $att_cnt, $att_cnt);
}
$att_content .= sprintf('<div>%s:</div>
<div><textarea name="attachment%d_description" cols="65" rows="3" wrap="virtual"></textarea></div>', $GLOBALS['I18N']->get('Description of attachment'), $att_cnt);
}
$att_content .= '</div>';
# $shader = new WebblerShader("Attachments");
# $shader->addContent($att_content);
# $shader->initialstate = 'closed';
# print $shader->display();
}
<?=formStart('enctype="multipart/form-data" name="import"')?>
<?php
if ($GLOBALS["require_login"] && !isSuperUser()) {
$access = accessLevel("import2");
if ($access == "owner")
$subselect = " where owner = ".$_SESSION["logindetails"]["id"];
elseif ($access == "all")
$subselect = "";
elseif ($access == "none")
$subselect = " where id = 0";
}
$req = Sql_Query("select * from {$tables["admin_task"]} where adminid = 0");
if (!Sql_Affected_Rows())
Warn("No default permissions have been defined, please create default permissions first, by creating one dummy admin and assigning the default permissions to this admin");
?>
</ul>
<table border="1">
<tr><td colspan=2>The file you upload will need to contain the administrators
you want to add to the system. The columns need to have the following headers: <b>email</b>, <b>loginname</b>, <b>password</b>. Any other columns will be added as admin attributes.
<b>Warning</b>: the file needs to be plain text. Do not upload binary files like a Word Document.</td></tr>
<tr><td>File containing emails:</td><td><input type="file" name="import_file"></td></tr>
<tr><td>Field Delimiter:</td><td><input type="text" name="import_field_delimiter" size=5> (default is TAB)</td></tr>
<tr><td>Record Delimiter:</td><td><input type="text" name="import_record_delimiter" size=5> (default is line break)</td></tr>
<tr><td colspan=2>If you check "Test Output", you will get the list of parsed emails on screen, and the database will not be filled with the information. This is useful to find out whether the format of your file is correct. It will only show the first 50 records.</td></tr>
<tr><td>Test output:</td><td><input type="checkbox" name="import_test" value="yes"></td></tr>
<tr><td colspan=2>Check this box to create a list for each administrator, named after their loginname <input type=checkbox name="createlist" value="yes" checked></td></tr>
<tr><td><input type="submit" name="import" value="Import"></td><td> </td></tr>
</table>
$values = explode($_SESSION["import_field_delimiter"], $line);
$system_values = array();
foreach ($system_attribute_mapping as $column => $index) {
# print '<br/>'.$column . ' = '. $values[$index];
if (!empty($values[$index])) {
$system_values[$column] = $values[$index];
} else {
$system_values[$column] = '';
}
}
## Check completeness
$index = clean($system_values["email"]);
$invalid = 0;
if (!$index) {
if ($_SESSION["show_warnings"]) {
Warn($GLOBALS['I18N']->get('Record has no email') . ": {$c} -> {$line}");
}
$index = $GLOBALS['I18N']->get('Invalid Email') . " {$c}";
$system_values["email"] = $_SESSION["assign_invalid"];
$invalid = 1;
$count["invalid_email"]++;
}
//if (sizeof($values) != (sizeof($_SESSION["import_attribute"]) + sizeof($system_attributes) - sizeof($unused_systemattr)) && !empty($_SESSION['test_import']) && !empty($_SESSION["show_warnings"]))
//Warn("Record has more values than header indicated (" .
//sizeof($values) . "!=" .
//(sizeof($_SESSION["import_attribute"]) + sizeof($system_attributes) - sizeof($unused_systemattr)) .
//"), this may cause trouble: $index");
if (!$invalid || $invalid && $_SESSION["omit_invalid"] != "yes") {
$user["systemvalues"] = $system_values;
reset($_SESSION["import_attribute"]);
$replace = array();
if (USEFCK) {
$imgdir = getenv("DOCUMENT_ROOT").$GLOBALS["pageroot"].'/'.FCKIMAGES_DIR.'/';
if (!is_dir($imgdir) || !is_writeable ($imgdir)) {
Warn("The FCK image directory does not exist, or is not writable");
}
}
*/
if (defined("USE_PDF") && USE_PDF && !defined('FPDF_VERSION')) {
Warn($GLOBALS['I18N']->get('You are trying to use PDF support without having FPDF loaded'));
}
$this_doc = getenv("REQUEST_URI");
if (preg_match("#(.*?)/admin?\$#i", $this_doc, $regs)) {
$check_pageroot = $pageroot;
$check_pageroot = preg_replace('#/$#', '', $check_pageroot);
if ($check_pageroot != $regs[1] && WARN_ABOUT_PHP_SETTINGS) {
Warn($GLOBALS['I18N']->get('The pageroot in your config does not match the current locationCheck your config file.'));
}
}
clearstatcache();
if (checkAccess($page, "") || $page == 'about') {
if (empty($_GET['pi']) && (is_file($include) || is_link($include))) {
# check whether there is a language file to include
if (is_file("lan/" . $_SESSION['adminlanguage']['iso'] . "/" . $include)) {
include "lan/" . $_SESSION['adminlanguage']['iso'] . "/" . $include;
}
if (is_file('ui/' . $GLOBALS['ui'] . '/pages/' . $include)) {
$include = 'ui/' . $GLOBALS['ui'] . '/pages/' . $include;
}
# print "Including $include<br/>";
# hmm, pre-parsing and capturing the error would be nice
#$parses_ok = eval(@file_get_contents($include));
}
}
## Check completeness
$index = clean($system_values["email"]);
$invalid = 0;
if (!$index) {
if ($_SESSION["show_warnings"]) {
Warn($GLOBALS['I18N']->get('Record has no email') . ": {$c} -> {$line}");
}
$index = $GLOBALS['I18N']->get('Invalid Email') . " {$c}";
$system_values["email"] = $_SESSION["assign_invalid"];
$invalid = 1;
$count["invalid_email"]++;
}
if (sizeof($values) != sizeof($_SESSION["import_attribute"]) + sizeof($system_attributes) - sizeof($unused_systemattr) && !empty($_SESSION['test_import']) && !empty($_SESSION["show_warnings"])) {
Warn("Record has more values than header indicated (" . sizeof($values) . "!=" . (sizeof($_SESSION["import_attribute"]) + sizeof($system_attributes) - sizeof($unused_systemattr)) . "), this may cause trouble: {$index}");
}
if (!$invalid || $invalid && $_SESSION["omit_invalid"] != "yes") {
$user["systemvalues"] = $system_values;
reset($_SESSION["import_attribute"]);
$replace = array();
while (list($key, $val) = each($_SESSION["import_attribute"])) {
if (!empty($values[$val["index"]])) {
$user[$val["index"]] = addslashes($values[$val["index"]]);
$replace[$key] = addslashes($values[$val["index"]]);
}
}
} else {
# Warn("Omitting invalid one: $email");
}
$user["systemvalues"]["email"] = parsePlaceHolders($system_values["email"], array_merge($replace, $system_values, array("number" => $c)));
# output some stuff to make sure it's not buffered in the browser, hmm, would be nice to find a better way for this
for ($i = 0; $i < 10000; ++$i) {
print ' ' . "\n";
}
flush();
@ob_end_flush();
}
flush();
}
$dbversion = getConfig('version');
if (!$dbversion) {
$dbversion = 'Older than 1.4.1';
}
output('<p class="information">' . $GLOBALS['I18N']->get('Your database version') . ': ' . $dbversion . '</p>');
if ($GLOBALS['database_module'] == 'mysql.inc') {
print Warn(s('Please edit your config file and change "mysql.inc" to "mysqli.inc" to avoid future PHP incompatibility') . resourceLink('http://resources.phplist.com/system/mysql-mysqli-update'));
}
if ($dbversion == VERSION) {
output($GLOBALS['I18N']->get('Your database is already the correct version, there is no need to upgrade'));
print '<p>' . PageLinkAjax('upgrade&update=tlds', s('update Top Level Domains'), '', 'button') . '</p>';
print subscribeToAnnouncementsForm();
} elseif (isset($_GET['doit']) && $_GET['doit'] == 'yes') {
$success = 1;
# once we are off, this should not be interrupted
ignore_user_abort(1);
# rename tables if we are using the prefix
include dirname(__FILE__) . '/structure.php';
while (list($table, $value) = each($DBstruct)) {
set_time_limit(500);
if (isset($table_prefix)) {
if (Sql_Table_exists($table) && !Sql_Table_Exists($tables[$table])) {
function soa_editor($soa = NULL, $error_message = NULL)
{
global $soa_use_active, $soa_use_recursive, $soa_use_xfer, $soa_use_update_acl, $soa_use_also_notify;
global $rr_table_name, $soa_active_types, $soa_recursive_types;
global $default_refresh, $default_retry, $default_expire, $default_minimum_ttl, $default_ttl;
global $default_ns, $default_mbox, $auto_defaults;
global $soa_bgcolor, $zonenotify;
$delete_confirm = 0;
if ($soa) {
/* Editing SOA record */
$update_button = formbutton("Update SOA", "Click this button to save any changes made to the fields above.", $soa_bgcolor);
if ($zonenotify != "") {
$notify_button = formbutton("Notify Slaves", "Click this button to notify slaves that the zone has changed", $soa_bgcolor);
} else {
$notify_button = "";
}
switch (strtolower(postvar('action'))) {
case "delete zone":
if (($rrct = zone_numrecs($soa['id'])) == 0) {
soa_delete();
}
$delete_confirm = 1;
$delete_button = formbutton("Really delete zone", "Click this button to confirm deletion of this zone and all" . " related resource records.", $soa_bgcolor);
break;
default:
$delete_button = formbutton("Delete zone", "Click this button to delete this zone and all related resource records.", $soa_bgcolor);
break;
}
$buttons = "{$update_button} {$delete_button} {$notify_button}";
$new_soa = 0;
$values = isset($_POST['origin']) ? $_POST : $soa;
} else {
/* Adding new SOA */
$create_button = formbutton("Add new SOA", "Click this button to add a SOA record for the fields specified above.", $soa_bgcolor);
$buttons = "{$create_button}";
/* Set default values for new SOA */
if (isset($_POST['done']) && $_POST['done'] != "1") {
if ($soa_use_active) {
$soa['active'] = $soa_active_types[1];
}
if ($soa_use_recursive) {
$soa['recursive'] = $soa_recursive_types[0];
}
if (($soa['serial'] = auto_next_serial(1)) == 1) {
date_default_timezone_set('UTC');
}
$soa['serial'] = date("Ymd01", time());
/* Use RFC1912 by default */
$soa['refresh'] = $default_refresh;
$soa['retry'] = $default_retry;
$soa['expire'] = $default_expire;
$soa['minimum'] = $default_minimum_ttl;
$soa['ttl'] = $default_ttl;
$soa['ns'] = trim($default_ns);
$soa['mbox'] = trim($default_mbox);
$values = $soa;
} else {
$soa = $values = $_POST;
}
$new_soa = 1;
if ($auto_defaults == 1) {
date_default_timezone_set('UTC');
$soa['serial'] = date("Ymd01", time());
$soa['refresh'] = $default_refresh;
$soa['retry'] = $default_retry;
$soa['expire'] = $default_expire;
$soa['minimum'] = $default_minimum_ttl;
$soa['ttl'] = $default_ttl;
$soa['ns'] = trim($default_ns);
$soa['mbox'] = trim($default_mbox);
$values = $soa;
}
}
/* Set 'values' vars to avoid 'undefined' errors */
foreach (array('origin', 'ttl', 'ns', 'mbox', 'serial', 'refresh', 'retry', 'expire', 'minimum') as $n) {
if (!isset($values[$n])) {
$values[$n] = '';
}
}
?>
<!-- BEGIN SOA editor -->
<FORM method=POST action="<?php
echo $_SERVER['PHP_SELF'];
?>
" name="soaform">
<DIV>
<?php
if ($new_soa) {
echo "<INPUT type=hidden name=\"done\" value=\"1\">\n";
} else {
echo "<INPUT type=hidden name=\"zone\" value=\"" . (isset($_POST['zone']) ? $_POST['zone'] : $soa['id']) . "\">\n";
}
$query = getpostvar('query');
if (strlen($query)) {
echo "<INPUT type=hidden name=\"query\" value=\"" . ent($query) . "\">\n";
}
$page = getpostvar('page');
if (strlen($page)) {
echo "<INPUT type=hidden name=\"page\" value=\"{$page}\">\n";
}
?>
</DIV>
<DIV align=center>
<?php
// Ensure that we notice INACTIVE zones
if ($soa_use_active) {
if (isset($values['active']) && getbool($values['active'])) {
echo "<TABLE class=soaBox>";
} else {
echo "<TABLE class=inactivesoaBox>";
}
}
?>
<!---TABLE class=soaBox--->
<TR><TD class=soaFirstRow nowrap>
<?php
if ($soa_use_active) {
echo "<INPUT class=activeBox type=checkbox name=\"active\" value=\"";
echo $soa_active_types[1] . "\"";
if (isset($values['active']) && getbool($values['active'])) {
echo " checked=\"checked\"";
}
echo " title=\"Uncheck this box to deactivate this zone.\"> ";
}
?>
<INPUT class=mono type=text name="origin" value="<?php
echo ent($values['origin']);
?>
" maxlength=78 size=30
title="The name of this zone.">
<INPUT class=mono type=text name="ttl" value="<?php
echo ent($values['ttl']);
?>
" maxlength=15 size=6
title="The cache expiration time (TTL) for this zone.">
<TT>IN SOA</TT>
<INPUT class=mono type=text name="ns" value="<?php
echo ent($values['ns']);
?>
" maxlength=255 size=30
title="The primary authoritative name server for this zone.">
<INPUT class=mono type=text name="mbox" value="<?php
echo ent($values['mbox']);
?>
" maxlength=255 size=35
title="The email address of the person responsible for this zone, with the '@' replaced by a dot.">
<TT><B>(</B></TT>
<TABLE class=soaFields>
<TR title="The serial number for this zone.">
<TD class="soaFields"><INPUT class=mono type=text name="serial" value="<?php
echo ent($values['serial']);
?>
" size=20>
<TD>
<TD nowrap><TT>; <B>Serial</B> (next is <?php
echo next_serial(isset($soa['serial']) ? $soa['serial'] : '');
?>
)</TT>
<TD><input name="updateserial" class=formButton style="border-color: #FFFF99; color: #FFFF99;" type="button" value="Update Serial" onclick="javascript:document.soaform.serial.value
=<?php
echo next_serial(isset($soa['serial']) ? $soa['serial'] : '');
?>
">
<TR title="The number of seconds slave nameservers will wait before updating their zone data for this zone.">
<TD class=soaFields><INPUT class=mono type=text name="refresh" value="<?php
echo ent($values['refresh']);
?>
" size=10>
<TD>
<TD nowrap><TT>; <B>Refresh</B> (currently <?php
echo duration(isset($soa['refresh']) ? $soa['refresh'] : '');
?>
)</TT>
<TD>
<TR title="The number of seconds slave nameservers will wait before retrying a zone transfer if the last one failed.">
<TD class=soaFields><INPUT class=mono type=text name="retry" value="<?php
echo ent($values['retry']);
?>
" size=10>
<TD>
<TD nowrap><TT>; <B>Retry</B> (currently <?php
echo duration(isset($soa['retry']) ? $soa['retry'] : '');
?>
)</TT>
<TD>
<TR title="The number of seconds after which slave nameservers will give up trying to transfer authoritative data if the master server cannot be reached.">
<TD class=soaFields><INPUT class=mono type=text name="expire" value="<?php
echo ent($values['expire']);
?>
" size=10>
<TD>
<TD nowrap><TT>; <B>Expire</B> (currently <?php
echo duration(isset($soa['expire']) ? $soa['expire'] : 0);
?>
)</TT>
<TD>
<TR title="The minimum TTL (cache timeout) value to list for any resource records in this zone.">
<TD class=soaFields><INPUT class=mono type=text name="minimum" value="<?php
echo ent($values['minimum']);
?>
" size=10>
<TD><TT><B>)</B></TT>
<TD nowrap><TT>; <B>Minimum TTL</B> (currently <?php
echo duration(isset($soa['minimum']) ? $soa['minimum'] : '');
?>
)</TT>
<TD align=right width="100%" valign=bottom><?php
echo $buttons;
?>
<?php
if ($soa_use_recursive) {
echo "<TR title=\"Record is a recursive marker only.\"><TD class=soaFields nowrap>";
echo "<INPUT class=recursiveBox type=checkbox name=\"recursive\" value=\"";
if (isset($values['recursive']) && getbool($values['recursive'])) {
echo $soa_recursive_types[1] . "\"";
echo " checked";
} else {
echo $soa_recursive_types[0] . "\"";
}
echo " title=\"Check this box to make the zone recursive only.\"> ";
echo "<TD nowrap><TT> <B>Recurse for real data</B></TT>";
}
?>
</TABLE>
</TABLE>
</DIV>
</FORM>
<!-- END SOA editor -->
<?php
/* Output error message, if any */
if ($error_message) {
ErrBox($error_message);
}
/* If there's an 'xfer' column in the soa table, allow it */
if ($soa_use_xfer && !$new_soa) {
?>
<FORM method=POST action="<?php
echo $_SERVER['PHP_SELF'];
?>
">
<INPUT type=hidden name="zone" value="<?php
echo ent($values['id']);
?>
">
<DIV align=center>
<TABLE class=xferBox>
<TR title="Comma-separated list of IP addresses allowed to transfer this zone via AXFR. Wildcards are OK.">
<TD><B>Zone transfer access list:</B>
<TD>
<TD><INPUT class=mono type=text name="xfer" value="<?php
echo ent($values['xfer']);
?>
" size=60>
<TD>
<TD><?php
echo formbutton("Update list", "Click this button to save changes to the zone transfer access list.", $soa_bgcolor);
?>
</TABLE>
</DIV>
</FORM>
<?php
}
/* If there's an 'update_acl' column in the soa table, allow it */
if ($soa_use_update_acl && !$new_soa) {
?>
<FORM method=POST action="<?php
echo $_SERVER['PHP_SELF'];
?>
">
<INPUT type=hidden name="zone" value="<?php
echo ent($values['id']);
?>
">
<DIV align=center>
<TABLE class=updateAclBox>
<TR title="Comma-separated list of IP addresses allowed to update this zone. Wildcards are OK.">
<TD><B>Update access list:</B>
<TD>
<TD><INPUT class=mono type=text name="update_acl" value="<?php
echo ent($values['update_acl']);
?>
" size=60>
<TD>
<TD><?php
echo formbutton("Update ACL for updates", "Click this button to save changes to the update access list.", $soa_bgcolor);
?>
</TABLE>
</DIV>
</FORM>
<?php
}
/* If there's an 'also_notify' column in the soa table, allow it */
if ($soa_use_also_notify && !$new_soa) {
?>
<FORM method=POST action="<?php
echo $_SERVER['PHP_SELF'];
?>
">
<INPUT type=hidden name="zone" value="<?php
echo ent($values['id']);
?>
">
<DIV align=center>
<TABLE class=alsoNotifyBox>
<TR title="Comma-separated list of IP addresses to be notified in addition to listed NS records. '*' indicates just NS entries">
<TD><B>Also notify list:</B>
<TD>
<TD><INPUT class=mono type=text name="also_notify" value="<?php
echo ent($values['also_notify']);
?>
" size=60>
<TD>
<TD><?php
echo formbutton("Update Also Notify", "Click this button to save changes to the also notify list.", $soa_bgcolor);
?>
</TABLE>
</DIV>
</FORM>
<?php
}
/* If the user's trying to delete a zone, let them know that everything'll be deleted */
if ($delete_confirm) {
Warn("<B>Deleting this zone will also delete " . nf($rrct) . " resource record" . S($rrct) . " associated with this zone.</B>\n" . "<P>" . "To confirm deletion of this zone, click the <B>Really delete zone</B> button above.");
}
}
foreach ($import_attribute as $item) {
if (!empty($data['values'][$item["index"]])) {
$attribute_index = $item["record"];
$value = $data['values'][$item["index"]];
# check whether this is a textline or a selectable item
$att = Sql_Fetch_Row_Query("select type,tablename,name from " . $tables["adminattribute"] . " where id = {$attribute_index}");
switch ($att[0]) {
case "select":
case "radio":
$query = "select id from {$table_prefix}adminattr_{$att['1']} where name = ?";
$val = Sql_Query_Params($query, array($value));
# if we don't have this value add it '
if (!Sql_Num_Rows($val)) {
$tn = $table_prefix . 'adminattr_' . $att[1];
Sql_Query_Params("insert into {$tn} (name) values (?)", array($value));
Warn($GLOBALS['I18N']->get("Value") . " {$value} " . $GLOBALS['I18N']->get("added to attribute") . " {$att['2']}");
$att_value = Sql_Insert_Id($tn, 'id');
} else {
$d = Sql_Fetch_Row($val);
$att_value = $d[0];
}
break;
case "checkbox":
if ($value) {
$val = Sql_Fetch_Row_Query("select id from {$table_prefix}" . "adminattr_{$att['1']} where name = \"Checked\"");
} else {
$val = Sql_Fetch_Row_Query("select id from {$table_prefix}" . "adminattr_{$att['1']} where name = \"Unchecked\"");
}
$att_value = $val[0];
break;
default:
function sendMail($to, $subject, $message, $header = "", $parameters = "")
{
# global function to capture sending emails, to avoid trouble with
# older (and newer!) php versions
if (TEST) {
return 1;
}
if (!$to) {
logEvent("Error: empty To: in message with subject {$subject} to send");
return 0;
} elseif (!$subject) {
logEvent("Error: empty Subject: in message to send to {$to}");
return 0;
}
$v = phpversion();
$v = preg_replace("/\\-.*\$/", "", $v);
if ($GLOBALS["message_envelope"]) {
$header = rtrim($header);
if ($header) {
$header .= "\n";
}
$header .= "Errors-To: " . $GLOBALS["message_envelope"];
if (!$parameters || !ereg("-f" . $GLOBALS["message_envelope"], $parameters)) {
$parameters = '-f' . $GLOBALS["message_envelope"];
}
}
if (WORKAROUND_OUTLOOK_BUG) {
$header = rtrim($header);
if ($header) {
$header .= "\n";
}
$header .= "X-Outlookbug-fixed: Yes";
$message = preg_replace("/\r?\n/", "\r\n", $message);
}
# version 4.2.3 (and presumably up) does not allow the fifth parameter in safe mode
# make sure not to send out loads of test emails to ppl when developing
if (!ereg("dev", VERSION)) {
if ($v > "4.0.5" && !ini_get("safe_mode")) {
if (mail($to, $subject, $message, $header, $parameters)) {
return 1;
} else {
return mail($to, $subject, $message, $header);
}
} else {
return mail($to, $subject, $message, $header);
}
} else {
# send mails to one place when running a test version
$message = "To: {$to}\n" . $message;
if ($GLOBALS["developer_email"]) {
return mail($GLOBALS["developer_email"], $subject, $message, $header, $parameters);
} else {
print Warn("Running CVS version, but developer_email not set");
}
}
}
ob_end_flush();
#foreach ($_POST as $key => $val) {
# print "$key = ".print_r($val)."<br/>";
#}
#return;
print '<script language="Javascript" src="js/progressbar.js" type="text/javascript"></script>';
if (isset($_POST["action"])) {
if (isset($_POST["name"])) {
print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>';flush();
while (list($id,$val) = each ($_POST["name"])) {
if (!$id && isset($_POST["name"][0]) && $_POST["name"][0] != "") {
# it is a new one
$lc_name = getNewAttributeTablename($_POST["name"][0]);
if ($lc_name == "email") { print Warn($GLOBALS['I18N']->get('warnemailattribute')); }
#print "New attribute: ".$_POST["name"][0]."<br/>";
$query = sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",%d,"%s",%d,"%s")',
$tables["attribute"],addslashes($_POST["name"][0]),$_POST["type"][0],$_POST["listorder"][0],addslashes($_POST["default"][0]),$_POST["required"][0],$lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
# text boxes and hidden fields do not have their own table
if ($_POST["type"][$id] != "textline" && $_POST["type"]["id"] != "hidden") {
$query = "create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
} else {
# and they cannot currently be required, changed 29/08/01, insert javascript to require them, except for hidden ones :-)
if ($_POST["type"]["id"] == "hidden")
Sql_Query("update {$tables['attribute']} set required = 0 where id = $insertid");
}
if (defined("ENABLE_RSS") && ENABLE_RSS && !function_exists("xml_parse") && WARN_ABOUT_PHP_SETTINGS) {
Warn("XML is not supported");
}
if (ALLOW_ATTACHMENTS && (!is_dir($GLOBALS["attachment_repository"]) || !is_writeable($GLOBALS["attachment_repository"]))) {
Warn("The attachment repository doesn't seem writable");
}
if (defined("USE_PDF") && USE_PDF && !defined('FPDF_VERSION')) {
Warn("You are trying to use PDF support without having FPDF loaded");
}
$this_doc = getenv("REQUEST_URI");
if (preg_match("#(.*?)/admin#i", $this_doc, $regs)) {
$check_pageroot = $pageroot;
$check_pageroot = preg_replace('#/$#', '', $check_pageroot);
if ($check_pageroot != $regs[1] && WARN_ABOUT_PHP_SETTINGS) {
Warn("The pageroot in your config doesn't seem to match the current location<br/>Check your config file");
}
}
clearstatcache();
if (checkAccess($page, "")) {
if (is_file($include) || is_link($include)) {
# check whether there is a language file to include
if (is_file("lan/" . $adminlanguage["iso"] . "/" . $include)) {
include "lan/" . $adminlanguage["iso"] . "/" . $include;
}
# print "Including $include<br/>";
if (!@(include "{$include}")) {
#print "Error including $include";
}
# print "End of inclusion<br/>";
} elseif ($_GET["pi"] && is_object($GLOBALS["plugins"][$_GET["pi"]])) {
ignore_user_abort();
set_time_limit(500);
ob_end_flush();
?>
<p>
<?php
if (!isset($GLOBALS["tmpdir"])) {
$GLOBALS["tmpdir"] = ini_get("upload_tmp_dir");
}
if (!is_dir($GLOBALS["tmpdir"]) || !is_writable($GLOBALS["tmpdir"])) {
$GLOBALS["tmpdir"] = ini_get("upload_tmp_dir");
}
#if (ini_get("open_basedir")) {
if (!is_dir($GLOBALS["tmpdir"]) || !is_writable($GLOBALS["tmpdir"])) {
Warn($GLOBALS['I18N']->get('temp_dir_not_writeable') . " (" . $GLOBALS["tmpdir"] . ")");
}
if (isset($_REQUEST['import'])) {
$test_import = isset($_POST["import_test"]) && $_POST["import_test"] == "yes";
/*
if (!is_array($_POST["lists"]) && !$test_import) {
Fatal_Error($GLOBALS['I18N']->get('select_list'));
return;
}
*/
if (empty($_FILES["import_file"])) {
Fatal_Error($GLOBALS['I18N']->get('none_specified'));
return;
}
if (!$_FILES["import_file"]) {
Fatal_Error($GLOBALS['I18N']->get('too_large_inexistant'));
}
reset($import_attribute);
foreach ($import_attribute as $item) {
if (!empty($data['values'][$item['index']])) {
$attribute_index = $item['record'];
$value = $data['values'][$item['index']];
# check whether this is a textline or a selectable item
$att = Sql_Fetch_Row_Query('select type,tablename,name from ' . $tables['adminattribute'] . " where id = {$attribute_index}");
switch ($att[0]) {
case 'select':
case 'radio':
$val = Sql_Query("select id from {$table_prefix}" . "adminattr_{$att['1']} where name = \"{$value}\"");
# if we don't have this value add it
if (!Sql_Affected_Rows()) {
Sql_Query("insert into {$table_prefix}" . "adminattr_{$att['1']} (name) values(\"{$value}\")");
Warn($GLOBALS['I18N']->get('Value') . " {$value} " . $GLOBALS['I18N']->get('added to attribute') . " {$att['2']}");
$att_value = Sql_Insert_Id();
} else {
$d = Sql_Fetch_Row($val);
$att_value = $d[0];
}
break;
case 'checkbox':
if ($value) {
$val = Sql_Fetch_Row_Query("select id from {$table_prefix}" . "adminattr_{$att['1']} where name = \"Checked\"");
} else {
$val = Sql_Fetch_Row_Query("select id from {$table_prefix}" . "adminattr_{$att['1']} where name = \"Unchecked\"");
}
$att_value = $val[0];
break;
default:
Sql_Query("update ignore {$tables["user"]} set {$query} where id = {$userid}");
}
foreach ($_SESSION["import_attribute"] as $item) {
if (isset($user[$item["index"]]) && $item['record'] != 'skip') {
$attribute_index = $item["record"];
$uservalue = $user[$item["index"]];
# check whether this is a textline or a selectable item
$att = Sql_Fetch_Row_Query("select type,tablename,name from " . $tables["attribute"] . " where id = {$attribute_index}");
switch ($att[0]) {
case "select":
case "radio":
$val = Sql_Query("select id from {$table_prefix}" . "listattr_{$att['1']} where name = \"{$uservalue}\"");
# if we do not have this value add it
if (!Sql_Affected_Rows()) {
Sql_Query("insert into {$table_prefix}" . "listattr_{$att['1']} (name) values(\"{$uservalue}\")");
Warn("Value {$uservalue} added to attribute {$att['2']}");
$user_att_value = Sql_Insert_Id();
} else {
$d = Sql_Fetch_Row($val);
$user_att_value = $d[0];
}
break;
case "checkbox":
if ($uservalue && $uservalue != "off") {
$user_att_value = "on";
} else {
$user_att_value = "off";
}
break;
case "date":
$user_att_value = parseDate($uservalue);
fclose( $fd );
Sql_query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)',
$tables["attachment"],
basename($newfile),$remotename,$type,$description,$file_size)
);
$attachmentid = Sql_Insert_id();
Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)',
$tables["message_attachment"],$messageid,$attachmentid));
# do a final check
if (filesize($GLOBALS["attachment_repository"]."/".$newfile))
print Info("Added attachment ".$att_cnt . " .. ok");
else
print Info("Adding attachment ".$att_cnt." .. failed");
} else {
print Warn("Uploaded file $att_cnt not properly received, empty file");
}
} elseif ($_POST["localattachment".$att_cnt]) {
$type = findMime(basename($_POST["localattachment".$att_cnt]));
Sql_query(sprintf('insert into %s (remotefile,mimetype,description,size) values("%s","%s","%s",%d)',
$tables["attachment"],
$_POST["localattachment".$att_cnt],$type,$description,filesize($_POST["localattachment".$att_cnt]))
);
$attachmentid = Sql_Insert_id();
Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)',
$tables["message_attachment"],$messageid,$attachmentid));
print Info("Added attachment ".$att_cnt. " mime: $type");
}
}
}
Warn("Value {$uservalue} added to attribute {$att['2']}");
$user_att_value = Sql_Insert_Id();
} else {
$d = Sql_Fetch_Row($val);
$user_att_value = $d[0];
}
break;
case "checkboxgroup":
$values = explode(',', $uservalue);
$valueIds = array();
foreach ($values as $importValue) {
$val = Sql_Query("select id from {$table_prefix}" . "listattr_{$att['1']} where name = \"{$importValue}\"");
# if we do not have this value add it
if (!Sql_Affected_Rows()) {
Sql_Query("insert into {$table_prefix}" . "listattr_{$att['1']} (name) values(\"{$importValue}\")");
Warn("Value {$importValue} added to attribute {$att['2']}");
$valueIds[] = Sql_Insert_Id();
} else {
$d = Sql_Fetch_Row($val);
$valueIds[] = $d[0];
}
}
$user_att_value = join(',', $valueIds);
break;
case "checkbox":
$uservalue = trim($uservalue);
#print $uservalue;exit;
if (!empty($uservalue) && $uservalue != "off") {
$user_att_value = "on";
} else {
$user_att_value = "";
ignore_user_abort();
set_time_limit(500);
ob_end_flush();
?>
<p class="information">
<?php
if (!isset($GLOBALS["tmpdir"])) {
$GLOBALS["tmpdir"] = ini_get("upload_tmp_dir");
}
if (!is_dir($GLOBALS["tmpdir"]) || !is_writable($GLOBALS["tmpdir"])) {
$GLOBALS["tmpdir"] = ini_get("upload_tmp_dir");
}
#if (ini_get("open_basedir")) {
if (!is_dir($GLOBALS["tmpdir"]) || !is_writable($GLOBALS["tmpdir"])) {
Warn($GLOBALS['I18N']->get('The temporary directory for uploading is not writable, so import will fail') . " (" . $GLOBALS["tmpdir"] . ")");
}
$import_lists = getSelectedLists('importlists');
$_POST['importlists'] = $import_lists;
//var_dump($_POST);
//var_dump($import_lists);
//exit;
if (isset($_REQUEST['import'])) {
if (!verifyToken()) {
print Error(s('Invalid security token, please reload the page and try again'));
return;
}
$test_import = isset($_POST["import_test"]) && $_POST["import_test"] == "yes";
if (empty($_FILES["import_file"])) {
Fatal_Error($GLOBALS['I18N']->get('No file was specified. Maybe the file is too big?'));
return;
}
$formtable_exists = Sql_Table_exists('formfield');
#ob_end_flush();
#foreach ($_POST as $key => $val) {
# print "$key = ".print_r($val)."<br/>";
#}
#return;
print '<div class="panel"><div class="header"></div><div class="content">';
if (isset($_POST['action'])) {
if (isset($_POST['name'])) {
while (list($id, $val) = each($_POST['name'])) {
if (!$id && isset($_POST['name'][0]) && $_POST['name'][0] != '') {
# it is a new one
$lc_name = getNewAttributeTablename($_POST['name'][0]);
if ($lc_name == 'email') {
print Warn(s('Email is a system attribute'));
}
#print "New attribute: ".$lc_name."<br/>";
if (empty($_POST['required'][0])) {
$nRequired = 0;
} else {
$nRequired = $_POST['required'][0];
}
$query = sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",%d,"%s",%d,"%s")', $tables['attribute'], sql_escape(strip_tags($_POST['name'][0])), sql_escape($_POST['type'][0]), $_POST['listorder'][0], sql_escape($_POST['default'][0]), $nRequired, $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
# text boxes and hidden fields do not have their own table
if ($_POST['type'][$id] != 'textline' && $_POST['type'][$id] != 'hidden') {
$query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
} else {
ob_end_flush();
#foreach ($_POST as $key => $val) {
# print "$key = ".print_r($val)."<br/>";
#}
#return;
print '<script language="Javascript" src="js/progressbar.js" type="text/javascript"></script>';
if (isset($_POST["action"])) {
if (isset($_POST["name"])) {
print '<script language="Javascript" type="text/javascript"> document.write(progressmeter); start();</script>';
flush();
while (list($id, $val) = each($_POST["name"])) {
if (!$id && isset($_POST["name"][0]) && $_POST["name"][0] != "") {
# it is a new one
$lc_name = getNewAttributeTablename($_POST["name"][0]);
if ($lc_name == "email") {
print Warn($GLOBALS['I18N']->get('warnemailattribute'));
}
#print "New attribute: ".$_POST["name"][0]."<br/>";
$query = sprintf('insert into %s (name,type,listorder,default_value,required,tablename) values("%s","%s",%d,"%s",%d,"%s")', $tables["attribute"], addslashes($_POST["name"][0]), $_POST["type"][0], $_POST["listorder"][0], addslashes($_POST["default"][0]), $_POST["required"][0], $lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
# text boxes and hidden fields do not have their own table
if ($_POST["type"][$id] != "textline" && $_POST["type"]["id"] != "hidden") {
$query = "create table {$table_prefix}" . "listattr_{$lc_name} (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
} else {
# and they cannot currently be required, changed 29/08/01, insert javascript to require them, except for hidden ones :-)
if ($_POST["type"]["id"] == "hidden") {
Sql_Query("update {$tables['attribute']} set required = 0 where id = {$insertid}");
}
}
fwrite($fd, $contents);
fclose($fd);
Sql_query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $tables["attachment"], basename($newfile), $remotename, $type, $description, $file_size));
$attachmentid = Sql_Insert_id();
Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $tables["message_attachment"], $messageid, $attachmentid));
if (is_file($tmpfile)) {
unlink($tmpfile);
}
# do a final check
if (filesize($GLOBALS["attachment_repository"] . "/" . $newfile)) {
print Info($GLOBALS['I18N']->get("addingattachment") . " " . $att_cnt . " .. ok");
} else {
print Info($GLOBALS['I18N']->get("addingattachment") . " " . $att_cnt . " .. failed");
}
} else {
print Warn($GLOBALS['I18N']->get("uploadfailed"));
}
} elseif ($_POST["localattachment" . $att_cnt]) {
$type = findMime(basename($_POST["localattachment" . $att_cnt]));
Sql_query(sprintf('insert into %s (remotefile,mimetype,description,size) values("%s","%s","%s",%d)', $tables["attachment"], $_POST["localattachment" . $att_cnt], $type, $description, filesize($_POST["localattachment" . $att_cnt])));
$attachmentid = Sql_Insert_id();
Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $tables["message_attachment"], $messageid, $attachmentid));
print Info($GLOBALS['I18N']->get("addingattachment") . " " . $att_cnt . " mime: {$type}");
}
}
}
if ($_POST["id"]) {
print "<h3>" . $GLOBALS['I18N']->get("saved") . "</H3><br/>";
} else {
$id = $messageid;
// New ID - need to set it for later use (test email).
if (!$GLOBALS["commandline"]) {
$id = 0;
if (!empty($_GET['id'])) {
$id = sprintf('%d', $_GET['id']);
}
}
if (!$id) {
return;
}
if (isset($_REQUEST['sendmethod']) && $_REQUEST['sendmethod'] == 'inputhere') {
$_REQUEST['sendurl'] = '';
}
if (!empty($_REQUEST['sendurl'])) {
if (!$GLOBALS["can_fetchUrl"]) {
print Warn($GLOBALS['I18N']->get('You are trying to send a remote URL, but PEAR::HTTP_Request is not available, so this will fail'));
} else {
## hard overwrite the message content, wipe all that was there.
## check there's a protocol
## @@@ do we want to allow other than http and https? Can't imagine, ppl would want to use ftp or something
if ($_REQUEST['sendurl'] == 'e.g. http://www.phplist.com/testcampaign.html') {
$_REQUEST['sendurl'] = '';
} else {
if (!preg_match('/^https?:\\/\\//i', $_REQUEST['sendurl']) && !preg_match('/testcampaign/i', $_REQUEST['sendurl'])) {
$_REQUEST['sendurl'] = 'http://' . $_REQUEST['sendurl'];
}
$_REQUEST["message"] = '[URL:' . $_REQUEST['sendurl'] . ']';
}
}
}
## checkboxes cannot be detected when unchecked, so they need registering in the "cb" array
if (!ALLOW_IMPORT) {
print '<p class="information">' . $GLOBALS['I18N']->get('import is not available') . '</p>';
return;
}
ignore_user_abort();
set_time_limit(500);
ob_end_flush();
if (!isset($GLOBALS['tmpdir'])) {
$GLOBALS['tmpdir'] = ini_get('upload_tmp_dir');
}
if (!is_dir($GLOBALS['tmpdir']) || !is_writable($GLOBALS['tmpdir'])) {
$GLOBALS['tmpdir'] = ini_get('upload_tmp_dir');
}
#if (ini_get("open_basedir")) {
if (!is_dir($GLOBALS['tmpdir']) || !is_writable($GLOBALS['tmpdir'])) {
Warn($GLOBALS['I18N']->get('The temporary directory for uploading is not writable, so import will fail') . ' (' . $GLOBALS['tmpdir'] . ')');
}
$import_lists = getSelectedLists('importlists');
$_POST['importlists'] = $import_lists;
if (isset($_REQUEST['import'])) {
if (!verifyToken()) {
print Error(s('Invalid security token, please reload the page and try again'));
return;
}
$test_import = isset($_POST['import_test']) && $_POST['import_test'] == 'yes';
if (empty($_FILES['import_file'])) {
Fatal_Error($GLOBALS['I18N']->get('No file was specified. Maybe the file is too big?'));
return;
}
if (!$_FILES['import_file']) {
Fatal_Error($GLOBALS['I18N']->get('File is either too large or does not exist.'));
exit;
}
} else {
# $id = $messageid; // New ID - need to set it for later use (test email).
print "<h3>" . $GLOBALS['I18N']->get("Campaign added") . "</h3><br/>";
}
// var_dump($messagedata);
// If we're sending the message, just return now to the calling script
# we only need to check that everything is there, once we actually want to send
if ($send && !empty($messagedata['subject']) && !empty($messagedata['fromfield']) && !empty($messagedata['message']) && empty($duplicate_atribute) && sizeof($messagedata["targetlist"])) {
if ($messagedata['status'] == "submitted") {
##16615, check that "send until" is in after the embargo and warn if it isn't
$finishSending = mktime($messagedata['finishsending']['hour'], $messagedata['finishsending']['minute'], 0, $messagedata['finishsending']['month'], $messagedata['finishsending']['day'], $messagedata['finishsending']['year']);
$embargoTime = mktime($messagedata['embargo']['hour'], $messagedata['embargo']['minute'], 0, $messagedata['embargo']['month'], $messagedata['embargo']['day'], $messagedata['embargo']['year']);
if ($finishSending < $embargoTime) {
print Warn(s('This campaign is scheduled to stop sending before the embargo time. No mails will be sent.'));
print PageLinkButton('send&id=' . $messagedata['id'] . '&tab=Scheduling', s('Review Scheduling'));
}
print "<h3>" . $GLOBALS['I18N']->get("Campaign queued") . "</h3>";
foreach ($GLOBALS['plugins'] as $pluginname => $plugin) {
$plugin->messageQueued($id);
}
if (MANUALLY_PROCESS_QUEUE) {
print '<p>' . PageLinkButton("processqueue", $GLOBALS['I18N']->get("processqueue")) . '</p>';
} else {
print '<p>' . PageLinkButton("messages&tab=active", $GLOBALS['I18N']->get("view progress")) . '</p>';
}
}
$done = 1;
return;
} elseif ($send || $sendtest) {
