/**
* PrintEditForm
* Prints a form to edit a user. If you pass in a userid, it will load up that user and print their information. If you pass in the details array, it will prefill the form with that information (eg if you tried to create a user with a duplicate username). Also checks whether you are allowed to edit this user. If you are not an admin, you are only allowed to edit your own account.
*
* @param Int $userid Userid to load up.
* @param Array $details Details to prefill the form with (in case there was a problem creating the user).
*
* @see User_API::Admin
* @see User_API::Status
* @see User_API::ListAdmin
* @see User_API::EditOwnSettings
* @see GetUser
*
* @return Void Returns nothing. If you don't have access to edit a particular user, it prints an error message and exits. Otherwise it prints the correct form (either edit-own or edit) and then exits.
*/
function PrintEditForm($userid = 0, $details = array())
{
$thisuser = IEM::getCurrentUser();
if (!$thisuser->UserAdmin()) {
if ($userid != $thisuser->userid) {
$this->DenyAccess();
}
if (!$thisuser->EditOwnSettings()) {
$this->DenyAccess();
}
}
$user = $this->GetApi('User');
$listapi = $this->GetApi('Lists');
$all_lists = $listapi->GetLists(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0);
$segmentapi = $this->GetApi('Segment');
$all_segments = $segmentapi->GetSegments(array('SortBy' => 'segmentname', 'Direction' => 'asc'), false, 0, 'all');
$templateapi = $this->GetApi('Templates');
$all_templates = $templateapi->GetTemplates(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0);
$all_groups = API_USERGROUPS::getRecords(false, false, 0, 0, 'groupname');
$GLOBALS['CustomSmtpServer_Display'] = '0';
$GLOBALS['XmlPath'] = SENDSTUDIO_APPLICATION_URL . '/xml.php';
if ($userid > 0) {
$user = GetUser($userid);
if ($user->Get('userid') <= 0) {
$GLOBALS['ErrorMessage'] = GetLang('UserDoesntExist');
$this->DenyAccess();
return;
}
$GLOBALS['UserID'] = $user->Get('userid');
$GLOBALS['UserName'] = htmlspecialchars($user->Get('username'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['FullName'] = htmlspecialchars($user->Get('fullname'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['EmailAddress'] = htmlspecialchars($user->Get('emailaddress'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$activity = $user->GetEventActivityType();
if (!is_array($activity)) {
$activity = array();
}
$GLOBALS['EventActivityType'] = implode("\n", $activity);
$GLOBALS['MaxLists'] = $user->group->limit_list;
$GLOBALS['MaxEmails'] = $user->group->limit_totalemailslimit;
$GLOBALS['PerMonth'] = $user->group->limit_emailspermonth;
$GLOBALS['PerHour'] = $user->group->limit_hourlyemailsrate;
$GLOBALS['DisplayMaxLists'] = '';
if ($user->Get('maxlists') == 0) {
$GLOBALS['LimitListsChecked'] = ' CHECKED';
$GLOBALS['DisplayMaxLists'] = 'none';
}
$GLOBALS['DisplayEmailsPerHour'] = '';
if ($user->Get('perhour') == 0) {
$GLOBALS['LimitPerHourChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsPerHour'] = 'none';
}
$GLOBALS['DisplayEmailsPerMonth'] = '';
if ($user->Get('permonth') == 0) {
$GLOBALS['LimitPerMonthChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsPerMonth'] = 'none';
}
$GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsMaxEmails'] = 'none';
if (!$user->hasUnlimitedCredit()) {
$GLOBALS['LimitMaximumEmailsChecked'] = '';
$GLOBALS['DisplayEmailsMaxEmails'] = '';
}
if ($user->Get('usewysiwyg')) {
$GLOBALS['UseWysiwyg'] = ' CHECKED';
$GLOBALS['UseXHTMLDisplay'] = ' style="display:block;"';
} else {
$GLOBALS['UseXHTMLDisplay'] = ' style="display:none;"';
}
if ($user->Get('enableactivitylog')) {
$GLOBALS['EnableActivityLog'] = ' CHECKED';
} else {
$GLOBALS['EnableActivityLog'] = '';
}
$GLOBALS['UseXHTMLCheckbox'] = $user->Get('usexhtml')? ' CHECKED' : '';
$GLOBALS['Xmlapi'] = $user->Get('xmlapi')? ' CHECKED' : '';
$GLOBALS['XMLTokenDisplay'] = ' style="display:none;"';
if ($user->Get('xmlapi')) {
$GLOBALS['XMLTokenDisplay'] = ' style="display:block;"';
}
$GLOBALS['XmlToken'] = htmlspecialchars($user->Get('xmltoken'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['TextFooter'] = $user->Get('textfooter');
$GLOBALS['HTMLFooter'] = $user->Get('htmlfooter');
$GLOBALS['SmtpServer'] = $user->Get('smtpserver');
$GLOBALS['SmtpUsername'] = $user->Get('smtpusername');
$GLOBALS['SmtpPassword'] = $user->Get('smtppassword');
$GLOBALS['SmtpPort'] = $user->Get('smtpport');
if ($GLOBALS['SmtpServer']) {
$GLOBALS['CustomSmtpServer_Display'] = '1';
}
$GLOBALS['googlecalendarusername'] = htmlspecialchars($user->Get('googlecalendarusername'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['googlecalendarpassword'] = htmlspecialchars($user->Get('googlecalendarpassword'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['FormAction'] = 'Action=Save&UserID=' . $user->userid;
if (!$thisuser->UserAdmin()) {
$smtp_access = $thisuser->HasAccess('User', 'SMTP');
$GLOBALS['ShowSMTPInfo'] = 'none';
$GLOBALS['DisplaySMTP'] = '0';
if ($smtp_access) {
$GLOBALS['ShowSMTPInfo'] = '';
}
if ($GLOBALS['SmtpServer']) {
$GLOBALS['CustomSmtpServer_Display'] = '1';
if ($smtp_access) {
$GLOBALS['DisplaySMTP'] = '1';
}
}
$this->ParseTemplate('User_Edit_Own');
return;
}
$GLOBALS['StatusChecked'] = ($user->Status()) ? ' CHECKED' : '';
$GLOBALS['ForceDoubleOptInChecked'] = ($user->Get('forcedoubleoptin')) ? ' CHECKED' : '';
$GLOBALS['ForceSpamCheckChecked'] = ($user->Get('forcespamcheck')) ? ' CHECKED' : '';
$GLOBALS['InfoTipsChecked'] = ($user->InfoTips()) ? ' CHECKED' : '';
$editown = '';
if ($user->UserAdmin()) {
$editown = ' CHECKED';
} else {
if ($user->EditOwnSettings()) {
$editown = ' CHECKED';
}
}
$GLOBALS['EditOwnSettingsChecked'] = $editown;
$timezone = $user->usertimezone;
$GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone);
$admintype = $user->AdminType();
$listadmintype = $user->ListAdminType();
$segmentadmintype = $user->SegmentAdminType();
$templateadmintype = $user->TemplateAdminType();
$admin = $user->Admin();
$listadmin = $user->ListAdmin();
$segmentadmin = $user->SegmentAdmin();
$templateadmin = $user->TemplateAdmin();
$permissions = $user->Get('permissions');
$area_access = $user->Get('access');
$GLOBALS['Heading'] = GetLang('EditUser');
$GLOBALS['Help_Heading'] = GetLang('Help_EditUser');
$GLOBALS['AdminNotifyEmailAddress'] = $user->Get('adminnotify_email');
if (empty($GLOBALS['AdminNotifyEmailAddress'])) {
$GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS');
}
$GLOBALS['AdminNotifications_Send_Email'] = $user->Get('adminnotify_send_emailtext');
if (empty($GLOBALS['AdminNotifications_Send_Email'])) {
$GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email');
}
$GLOBALS['AdminNotifications_Import_Email'] = $user->Get('adminnotify_import_emailtext');
if (empty($GLOBALS['AdminNotifications_Import_Email'])) {
$GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email');
}
$GLOBALS['SendLimit'] = $user->Get('adminnotify_send_threshold');
$GLOBALS['ImportLimit'] = $user->Get('adminnotify_import_threshold');
if (empty($GLOBALS['SendLimit'])) {
$GLOBALS['SendLimit'] = 1000;
}
if (empty($GLOBALS['ImportLimit'])) {
$GLOBALS['ImportLimit'] = 1000;
}
$admin_flag = $user->Get('adminnotify_send_flag');
if ($user->Get('adminnotify_send_flag') == 1) {
$GLOBALS['AdminNotificationsSend'] = 'CHECKED';
$GLOBALS['UseNotifySend'] = '';
} else {
$GLOBALS['UseNotifySend'] = "style=display:none;";
}
if ($user->Get('adminnotify_import_flag') == 1) {
$GLOBALS['AdminNotificationsImport'] = 'CHECKED';
$GLOBALS['UseNotifyImport'] = '';
} else {
$GLOBALS['UseNotifyImport'] = "style=display:none;";
}
$GLOBALS['SmtpPort'] = $user->Get('smtpport');
// Log this to "User Activity Log"
IEM::logUserActivity(IEM::urlFor('users', array('Action' => 'Edit', 'UserID' => $userid)), 'images/user.gif', $user->username);
} else {
$timezone = (isset($details['timezone'])) ? $details['timezone'] : SENDSTUDIO_SERVERTIMEZONE;
$GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone);
$activity = $thisuser->defaultEventActivityType;
if (!is_array($activity)) {
$activity = array();
}
$GLOBALS['EventActivityType'] = implode("\n", $activity);
$GLOBALS['FormAction'] = 'Action=Create';
if (!empty($details)) {
foreach ($details as $area => $val) {
$GLOBALS[$area] = $val;
}
}
$GLOBALS['Heading'] = GetLang('CreateUser');
$GLOBALS['Help_Heading'] = GetLang('Help_CreateUser');
$listadmintype = 'c';
$segmentadmintype = 'c';
$admintype = 'c';
$templateadmintype = 'c';
$GLOBALS['DisplayMaxLists'] = 'none';
$GLOBALS['DisplayEmailsPerHour'] = 'none';
$GLOBALS['DisplayEmailsPerMonth'] = 'none';
$GLOBALS['DisplayEmailsMaxEmails'] = 'none';
$GLOBALS['MaxLists'] = '0';
$GLOBALS['PerHour'] = '0';
$GLOBALS['PerMonth'] = '0';
$GLOBALS['MaxEmails'] = '0';
$GLOBALS['StatusChecked'] = ' CHECKED';
$GLOBALS['ForceDoubleOptInChecked'] = '';
$GLOBALS['ForceSpamCheckChecked'] = '';
$GLOBALS['InfoTipsChecked'] = ' CHECKED';
$GLOBALS['EditOwnSettingsChecked'] = ' CHECKED';
$GLOBALS['LimitListsChecked'] = ' CHECKED';
$GLOBALS['LimitPerHourChecked'] = ' CHECKED';
$GLOBALS['LimitPerMonthChecked'] = ' CHECKED';
$GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED';
$GLOBALS['UseWysiwyg'] = ' CHECKED';
$GLOBALS['EnableLastViewed'] = '';
$GLOBALS['UseXHTMLCheckbox'] = ' CHECKED';
$GLOBALS['HTMLFooter'] = GetLang('Default_Global_HTML_Footer');
$GLOBALS['TextFooter'] = GetLang('Default_Global_Text_Footer');
$GLOBALS['EnableActivityLog'] = ' CHECKED';
$GLOBALS['Xmlapi'] = '';
$GLOBALS['XMLTokenDisplay'] = ' style="display:none;"';
$admin = $listadmin = $segmentadmin = $templateadmin = false;
$permissions = array();
$area_access = array('lists' => array(), 'templates' => array(), 'segments' => array());
$GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS');
$GLOBALS['UseNotifySend'] = "style=display:none;";
$GLOBALS['UseNotifyImport'] = "style=display:none;";
$GLOBALS['SendLimit'] = 1000;
$GLOBALS['ImportLimit'] = 1000;
$GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email');
$GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email');
}
$agencyid = defined('IEM_SYSTEM_LICENSE_AGENCY') ? IEM_SYSTEM_LICENSE_AGENCY : '';
$available_users = $user->AvailableUsers();
$template = GetTemplateSystem();
$template->Assign('UserID', $user->userid);
$template->Assign('groupid', $user->groupid);
$template->Assign('canChangeUserGroup', !$user->isLastAdmin());
$template->Assign('AgencyEdition', get_agency_license_variables());
$template->Assign('EditOwn', ($user->userid != 0 && $user->userid == $thisuser->userid));
$template->Assign('TrialUser', $user->trialuser);
$template->Assign('EditMode', !empty($user->userid));
$template->Assign('AvailableNormalUsers', isset($available_users['normal']) ? $available_users['normal'] : 0);
$template->Assign('AvailableTrialUsers', isset($available_users['trial']) ? $available_users['trial'] : 0);
$template->Assign('AvailableGroups', $all_groups);
$template->Assign('record_groupid', $user->groupid);
$template->Assign('DefaultIdTab', IEM::requestGetPOST('id_tab_num', 1, 'intval'));
$template->Assign('showSmtpInfo', (bool) $user->smtpserver);
$template->ParseTemplate('User_Form');
}
public function page_saveRecord()
{
$record = IEM::requestGetPOST('record', array());
$record['groupname'] = htmlspecialchars($record['groupname']);
$created = ((IEM::ifsetor($record['groupid'], 0, 'intval') == 0) ? true : false);
/*
* Transform the permission so that it will be recognized by the API
*/
$permissions = IEM::ifsetor($record['permissions'], array());
$new_permissions = array();
if (!is_array($permissions)) {
$permissions = array();
}
if (!empty($permissions)) {
foreach ($permissions as $each) {
$temp = explode('.', $each);
// This can only handle 2 level permissions,
// ie. autoresponders.create, autoresponders.delete, autoresponders.edit
// will become $permissions['autoresponders'] = array('create', 'delete', 'edit');
if (count($temp) != 2) {
continue;
}
if (!isset($new_permissions[$temp[0]])) {
$new_permissions[$temp[0]] = array();
}
$new_permissions[$temp[0]][] = $temp[1];
}
}
$record['permissions'] = $new_permissions;
if (empty($record)) {
return $this->page_createGroup($record);
}
// Check if "Request Token" matches
// This tries to prevent CSRF
$token = IEM::sessionGet('UsersGroups_Editor_RequestToken', false);
if (!$token || $token != IEM::requestGetPOST('requestToken', false)) {
return $this->page_createGroup($record);
}
$status = API_USERGROUPS::saveRecord($record);
if (!$status) {
FlashMessage(GetLang('UsersGroups_From_Error_CannotSave'), SS_FLASH_MSG_ERROR);
return $this->printEditor($record);
}
$messageVariable = 'UsersGroups_From_Success_Saved';
if ($created) {
$messageVariable = 'UsersGroups_From_Success_Created';
}
FlashMessage(GetLang($messageVariable), SS_FLASH_MSG_SUCCESS, IEM::urlFor('UsersGroups'));
}
/**
* Automates relationship property setting.
*
* Automatically loads a relationship based on which property is accessed.
* If the db class was better we could automate this process for one-to-one
* one-to-many, many-to-one and many-to-many relationships.
*
* @param string $name The name of the variable to get.
*
* @return mixed;
*/
public function __get($name) {
switch ($name) {
case 'group':
if (!isset($this->group)) {
$this->group = (object) API_USERGROUPS::getRecordById($this->groupid);
}
return $this->group;
break;
}
}
/**
* Returns the group associated to the current user.
*
* @return record_UserGroups
*/
public function getGroup()
{
return API_USERGROUPS::getRecordById($this->groupid);
}
/**
* Evaluate credit warning conditions
*
* This method will evaluate credit warnings for a particular user.
* It will dispatch warning emails accrodingly.
*
* @param record_Users|integer $user User record object or user ID
* @return boolean Returns TRUE if successful, FALSE otherwise
*
* @todo fixed credits does not have warnings yet
*/
public static function creditEvaluateWarnings($user)
{
$userobject = null;
$warnings = null;
$this_month = mktime(0, 0, 0, date('n'), 1, date('Y'));
$credit_left = null;
// ----- PRE
if ($user instanceof record_Users) {
$userobject = $user;
} else {
$userobject = self::getRecordByID($user);
}
if (empty($userobject)) {
trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- User is not specified', E_USER_NOTICE);
return false;
}
// -----
// Credit warnings are not enabled
if (!SENDSTUDIO_CREDIT_WARNINGS) {
return true;
}
require_once IEM_PUBLIC_PATH . '/functions/api/settings.php';
$tempSettingsAPI = new Settings_API();
$warnings = $tempSettingsAPI->GetCreditWarningsSettings();
// Does not hany any warnings setup? Well... we can't continue then.
if (empty($warnings)) {
return true;
}
$credit_left = self::creditAvailableTotal($userobject);
//unlimited credit
if ($credit_left === true) {
return true;
}
$whichlevel = self::creditWhichWarning($userobject, $credit_left, $warnings);
// If $whichlevel contains FALSE, that means there was something wrong
// when trying to figure out which warning level it should send out.
if ($whichlevel === false) {
return true;
}
$userGroup = API_USERGROUPS::getRecordById($userobject->groupid);
if (!isset($userGroup['limit_emailspermonth'])) {
return false;
}
$userobject_permonth = (int) $userGroup['limit_emailspermonth'];
$fixed = self::creditAvailableFixed($userobject);
$monthly = self::creditAvailableThisMonth($userobject);
if ($fixed === true) {
$userobject_permonth = $monthly;
} elseif ($monthly === true) {
$userobject_permonth = $fixed;
}
if (!empty($whichlevel)) {
$tempNames = explode(' ', $userobject->fullname);
$tempLastName = array_pop($tempNames);
$tempFirstName = implode(' ', $tempNames);
$available_custom_fields_key = array('%%user_fullname%%', '%%user_firstname%%', '%%user_lastname%%', '%%credit_total%%', '%%credit_remains%%', '%%credit_remains_precentage%%', '%%credit_used%%', '%%credit_used_percentage%%');
$available_custom_fields_value = array($userobject->fullname, $tempFirstName, $tempLastName, $userobject_permonth, intval($userobject_permonth * ($credit_left / 100)), intval($credit_left), intval($userobject_permonth * ((100 - $credit_left) / 100)), intval(100 - $credit_left));
$email_contents = str_replace($available_custom_fields_key, $available_custom_fields_value, $whichlevel['emailcontents']);
$email_subject = str_replace($available_custom_fields_key, $available_custom_fields_value, $whichlevel['emailsubject']);
// ----- We found which warnings it is that we want to send out
require_once IEM_PATH . '/ext/interspire_email/email.php';
$emailapi = new Email_API();
$emailapi->SetSmtp(SENDSTUDIO_SMTP_SERVER, SENDSTUDIO_SMTP_USERNAME, @base64_decode(SENDSTUDIO_SMTP_PASSWORD), SENDSTUDIO_SMTP_PORT);
if ($userobject->smtpserver) {
$emailapi->SetSmtp($userobject->smtpserver, $userobject->smtpusername, $userobject->smtppassword, $userobject->smtpport);
}
$emailapi->ClearRecipients();
$emailapi->ForgetEmail();
$emailapi->Set('forcechecks', false);
$emailapi->AddRecipient($userobject->emailaddress, $userobject->fullname, 't');
$emailapi->Set('FromName', false);
$emailapi->Set('FromAddress', defined('SENDSTUDIO_EMAIL_ADDRESS') ? SENDSTUDIO_EMAIL_ADDRESS : $userobject->emailaddress);
$emailapi->Set('BounceAddress', SENDSTUDIO_EMAIL_ADDRESS);
$emailapi->Set('CharSet', SENDSTUDIO_CHARSET);
$emailapi->Set('Subject', $email_subject);
$emailapi->AddBody('text', $email_contents);
$status = $emailapi->Send();
if ($status['success'] != 1) {
trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Was not able to send email: ' . serialize($status['failed']), E_USER_NOTICE);
return false;
}
// -----
// ----- Update user record
$db = IEM::getDatabase();
$status = $db->Query("UPDATE [|PREFIX|]users SET credit_warning_time = {$this_month}, credit_warning_percentage = {$whichlevel['creditlevel']} WHERE userid = {$userobject->userid}");
// Update user object in session
// FIXME, we really need to make a special getter/setter for this
$current_user = IEM::getCurrentUser();
if ($current_user && $current_user->userid == $userobject->userid) {
$current_user->credit_warning_time = $this_month;
$current_user->credit_warning_percentage = $whichlevel['creditlevel'];
}
// -----
}
return true;
}
