function slashStrip($input) { if (is_array($input)) { foreach ($input as $key => $value) { $input[$key] = Pommo_Helper::slashStrip($value); } return $input; } else { return stripslashes($input); } }
function check_notifyMails($value, $empty, &$params, &$formvars) { $mails = Pommo_Helper::trimArray(explode(',', $value)); $ret = true; foreach ($mails as $mail) { if (!empty($mail) && !Pommo_Helper::isEmail($mail)) { $ret = false; } } return $ret; }
function Pommo_Template() { // set theme -- TODO; extend this to the theme selector $this->_pommoTheme = 'default'; // set directories $this->_themeDir = Pommo::$_baseDir . 'themes/'; $this->template_dir = $this->_themeDir . $this->_pommoTheme; $this->config_dir = $this->template_dir . '/inc/config'; // set base/core variables available to all template $this->assign('url', array('theme' => array('shared' => Pommo::$_baseUrl . 'themes/shared/', 'this' => Pommo::$_baseUrl . 'themes/' . $this->_pommoTheme . '/'), 'base' => Pommo::$_baseUrl, 'http' => Pommo::$_http)); $this->assign('config', @array('app' => array('path' => Pommo::$_baseDir, 'weblink' => '<a href="http://github.com/soonick/poMMo">' . Pommo::_T('poMMo Website') . '</a>', 'dateformat' => Pommo_Helper::timeGetFormat()), 'site_name' => Pommo::$_config['site_name'], 'site_url' => Pommo::$_config['site_url'], 'list_name' => Pommo::$_config['list_name'], 'admin_email' => Pommo::$_config['admin_email'], 'demo_mode' => Pommo::$_config['demo_mode'])); // set gettext overload functions (see block.t.php...) $this->_gettext_func = array('Pommo', '_T'); // calls Pommo::_T($str) $this->_gettext_plural_func = array('Pommo', '_TP'); // assign page title $this->assign('title', '. ..poMMo.. .'); // assign section (used for sidebar template) $this->assign('section', Pommo::$_section); }
} // check for dupe $lookupID = current(Pommo_Subscribers::getIDByEmail($subscriber['email'], array(1, 2))); if ($lookupID && $lookupID != $subscriber['id']) { $json->fail(Pommo::_T('Email address already exists. Duplicates are not allowed.')); } if (!Pommo_Validate::subscriberData($subscriber['data'], $validateOptions) && !isset($_REQUEST['force'])) { $json->addErr(Pommo::_T('Fields failed validation') . " >>> "); $json->addErr($logger->getAll()); $json->fail(Pommo::_T('Error updating subscriber.')); } if (!Pommo_Subscribers::update($subscriber, 'REPLACE_ALL')) { $json->fail(Pommo::_T('Error updating subscriber.')); } // subscriber updated successfully, build output $out = array('email' => $subscriber['email'], 'id' => $subscriber['id']); // return human readable date formatting require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $dateFields = Pommo_Fields::getByType('date'); foreach ($subscriber['data'] as $k => $val) { $out['d' . $k] = in_array($k, $dateFields) ? Pommo_Helper::timeToStr($val) : htmlspecialchars($val); } $json->add('callbackFunction', 'editSubscriber'); $json->add('callbackParams', $out); $json->addMsg(Pommo::_T('Subscriber Updated')); break; default: die('invalid request passed to ' . __FILE__); break; } $json->success();
require_once Pommo::$_baseDir . 'classes/Pommo_Template.php'; $smarty = new Pommo_Template(); $group = current(Pommo_Groups::get(array('id' => $state['group']))); if (empty($group)) { die('invalid input'); } if ($_REQUEST['ruleType'] == 'field') { $field = current(Pommo_Fields::get(array('id' => $_REQUEST['fieldID']))); $logic = isset($_REQUEST['logic']) && $_REQUEST['logic'] != "0" ? $_REQUEST['logic'] : false; $type = $_REQUEST['type'] == 'or' ? 'or' : 'and'; $values = array(); // check to see if we're editing [logic is passed *only* when edit button is clicked] if ($logic) { foreach ($group['rules'] as $rule) { if ($rule['logic'] == $logic && $rule['field_id'] == $_REQUEST['fieldID']) { $values[] = $field['type'] == 'date' ? Pommo_Helper::timeFromStr($rule['value']) : $rule['value']; } } } $firstVal = empty($values) ? false : array_shift($values); $logic = $logic ? Pommo_Rules::getEnglish(array($logic)) : Pommo_Rules::getEnglish(end(Pommo_Rules::getLegal($group, array($field)))); $smarty->assign('type', $type); $smarty->assign('field', $field); $smarty->assign('logic', $logic); $smarty->assign('values', $values); $smarty->assign('firstVal', $firstVal); $smarty->display('ajax/rule.field.tpl'); Pommo::kill(); } elseif ($_REQUEST['ruleType'] == 'group') { $match = Pommo_Groups::getNames($_REQUEST['fieldID']); $key = key($match);
function subscriberData(&$in, $p = array()) { $defaults = array('prune' => true, 'active' => true, 'log' => true, 'ignore' => false, 'ignoreInactive' => true, 'skipReq' => false); $p = Pommo_Api::getParams($defaults, $p); require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $logger = Pommo::$_logger; $fields = Pommo_Fields::get(array('active' => $p['active'])); $valid = true; foreach ($fields as $id => $field) { $inactive = $field['active'] == 'on' ? false : true; if (!isset($in[$id]) && $p['skipReq']) { continue; } $in[$id] = @trim($in[$id]); if (empty($in[$id])) { unset($in[$id]); // don't include blank values if ($field['required'] == 'on') { if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('%s is a required field.'), $field['prompt'])); } $valid = false; } continue; } // shorten $in[$id] = substr($in[$id], 0, 255); switch ($field['type']) { case "checkbox": if (strtolower($in[$id]) == 'true') { $in[$id] = 'on'; } if (strtolower($in[$id]) == 'false') { $in[$id] = ''; } if ($in[$id] != 'on' && $in[$id] != '') { if ($p['ignore'] || $inactive && $p['ignoreInactive']) { unset($in[$id]); break; } if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt'])); } $valid = false; } break; case "multiple": if (is_array($in[$id])) { foreach ($in[$id] as $key => $val) { if (!in_array($val, $field['array'])) { if ($p['ignore'] || $inactive && $p['ignoreInactive']) { unset($in[$id]); break; } if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt'])); } $valid = false; } } } elseif (!in_array($in[$id], $field['array'])) { if ($p['ignore'] || $inactive && $p['ignoreInactive']) { unset($in[$id]); break; } if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt'])); } $valid = false; } break; case "date": // convert date to timestamp [float; using adodb time library] if (is_numeric($in[$id])) { $in[$id] = Pommo_Helper::timeToStr($in[$id]); } $in[$id] = Pommo_Helper::timeFromStr($in[$id]); if (!$in[$id]) { if ($p['ignore'] || $inactive && $p['ignoreInactive']) { unset($in[$id]); break; } if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('Field (%s) must be a date (' . Pommo_Helper::timeGetFormat() . ').'), $field['prompt'])); } $valid = false; } break; case "number": if (!is_numeric($in[$id])) { if ($p['ignore'] || $inactive && $p['ignoreInactive']) { unset($in[$id]); break; } if ($p['log']) { $logger->addErr(sprintf(Pommo::_T('Field (%s) must be a number.'), $field['prompt'])); } $valid = false; } break; } } // prune if ($p['prune']) { $in = Pommo_Helper::arrayIntersect($in, $fields); } return $valid; }
if ($logger->isErr() || !Pommo_Validate::subscriberData($subscriber['data'], array('active' => FALSE))) { $smarty->assign('back', TRUE); $smarty->display('user/process.tpl'); Pommo::kill(); } $comments = isset($_POST['comments']) ? substr($_POST['comments'], 0, 255) : false; /********************************** ADD SUBSCRIBER *********************************/ $config = Pommo_Api::configGet(array('site_success', 'site_confirm', 'list_confirm', 'notices')); $notices = unserialize($config['notices']); require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php'; if ($config['list_confirm'] == 'on') { // email confirmation required. // add user as "pending" $subscriber['pending_code'] = Pommo_Helper::makeCode(); $subscriber['pending_type'] = 'add'; $subscriber['status'] = 2; $id = Pommo_Subscribers::add($subscriber); if (!$id) { $logger->addErr('Error adding subscriber! Please contact the administrator.'); $smarty->assign('back', TRUE); } else { $logger->addMsg(Pommo::_T('Subscription request received.')); // send confirmation message. if (Pommo_Helper_Messages::sendMessage(array('to' => $subscriber['email'], 'code' => $subscriber['pending_code'], 'type' => 'confirm'))) { $subscriber['registered'] = date("F j, Y, g:i a", $subscriber['registered']); if ($comments || isset($notices['pending']) && $notices['pending'] == 'on') { Pommo_Helper_Messages::notify($notices, $subscriber, 'pending', $comments); } if ($config['site_confirm']) {
static function &stateInit($name = 'default', $defaults = array(), $source = array()) { if (empty(Pommo::$_session['state'][$name])) { Pommo::$_session['state'][$name] =& $defaults; } $state =& Pommo::$_session['state'][$name]; if (empty($defaults)) { return $state; } //Add support for passing multi select options if (is_array($source)) { foreach ($source as $k => $v) { if (is_array($source[$k])) { $source[$k] = implode(',', $source[$k]); } } } foreach (array_keys($state) as $key) { if (array_key_exists($key, $source)) { $state[$key] = $source[$key]; } } // normalize the page state if (count($state) > count($defaults)) { $state = Pommo_Helper::arrayIntersect($state, $defaults); } return $state; }
function optionAdd(&$field, $value) { $dbo =& Pommo::$_dbo; $logger =& Pommo::$_logger; $value = Pommo_Helper::trimArray(explode(',', $value)); // add value to the array $field['array'] = array_unique(array_merge($field['array'], $value)); $o = serialize($field['array']); $query = "\n UPDATE " . $dbo->table['fields'] . "\n SET field_array='%s'\n WHERE field_id=%i"; $query = $dbo->prepare($query, array($o, $field['id'])); return $dbo->affected($query) > 0 ? $field['array'] : FALSE; }
function addFieldRule(&$group, &$field, &$logic, &$values, $type = 0) { global $pommo; $dbo =& Pommo::$_dbo; $type = $type == 'or' ? 1 : 0; // remove previous filters Pommo_Rules::deleteRule($group, $field, $logic); // get the field require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $field = current(Pommo_Fields::get(array('id' => $field))); foreach ($values as $value) { // if this is a date type field, convert the values from human readable date // strings to timestamps appropriate for matching if ($field['type'] == 'date') { $value = Pommo_Helper::timeFromStr($value); } $v[] = $dbo->prepare("(%i,%i,'%s','%s',%i)", array($group, $field['id'], $logic, $value, $type)); } $query = "\n\t\t\tINSERT INTO " . $dbo->table['group_rules'] . "\n\t\t\t(group_id, field_id, logic, value, type)\n\t\t\tVALUES " . implode(',', $v); return $dbo->affected($query); }
function notify(&$notices, &$sub, $type, $comments = false) { global $pommo; require_once Pommo::$_baseDir . 'classes/Pommo_Mailer.php'; $mails = Pommo_Helper::trimArray(explode(',', $notices['email'])); if (empty($mails[0])) { $mails = array(Pommo::$_config['admin_email']); } $subject = $notices['subject'] . ' '; $body = sprintf(Pommo::_T('poMMo %s Notice'), $type); $body .= " [" . date("F j, Y, g:i a") . "]\n\n"; $body .= "EMAIL: " . $sub['email'] . "\n"; $body .= "IP: " . $sub['ip'] . "\n"; $body .= "REGISTERED: " . $sub['registered'] . "\n\n"; if ($comments) { $body .= "COMMENTS: {$comments} \n\n"; } $body .= "DATA:\n"; require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $fields = Pommo_Fields::getNames(); foreach ($sub['data'] as $fid => $v) { $body .= "\t" . $fields[$fid] . ": {$v}\n"; } switch ($type) { case 'subscribe': $subject .= Pommo::_T('new subscriber!'); break; case 'unsubscribe': $subject .= Pommo::_T('user unsubscribed.'); break; case 'pending': $subject .= Pommo::_T('new pending!'); break; case 'update': $subject .= Pommo::_T('subscriber updated.'); break; } $mail = new Pommo_Mailer(); // allow mail to be sent, even if demo mode is on $mail->toggleDemoMode("off"); // send the confirmation mail $mail->prepareMail($subject, $body); foreach ($mails as $to) { $mail->bmSendmail($to); } // reset demo mode to default $mail->toggleDemoMode(); return; }
function add(&$in) { $dbo = Pommo::$_dbo; // set the start time if not provided if (empty($in['start'])) { $in['start'] = time(); } if (empty($in['sent'])) { $in['sent'] = 0; } if (!Pommo_Mailing::validate($in)) { return false; } // Add image to track views if (1 == $in['track']) { $in['body'] .= '<img src="http://' . $_SERVER['SERVER_NAME'] . Pommo::$_baseUrl . 'track-[[!mailing_id]]-[[!subscriber_id]]' . '.png">'; } $query = "INSERT INTO " . $dbo->table['mailings'] . "\n SET\n [fromname='%S',]\n [fromemail='%S',]\n [frombounce='%S',]\n [subject='%S',]\n [body='%S',]\n [altbody='%S',]\n [ishtml='%S',]\n [mailgroup='%S',]\n [subscriberCount=%I,]\n [finished=FROM_UNIXTIME(%I),]\n [sent=%I,]\n [charset='%S',]\n [status=%I,]\n [track=%I,]\n started=FROM_UNIXTIME(%i)"; $query = $dbo->prepare($query, @array($in['fromname'], $in['fromemail'], $in['frombounce'], $in['subject'], $in['body'], $in['altbody'], $in['ishtml'], $in['group'], $in['tally'], $in['end'], $in['sent'], $in['charset'], $in['status'], $in['track'], $in['start'])); // fetch new mailing_id $id = $dbo->lastId($query); if (!$id) { return false; } // Save the attachments if ($in['attachments']) { $attach = explode(',', $in['attachments']); foreach ($attach as $key => $attachment) { $query = "INSERT INTO " . $dbo->table['mailings_attachments'] . "\n SET\n [mailing_id='%I',]\n [file_id='%I']"; $query = $dbo->prepare($query, @array($id, $attachment)); $dbo->query($query); } } // insert current if applicable if (!empty($in['status']) && $in['status'] == 1) { if (empty($in['code'])) { $in['code'] = Pommo_Helper::makeCode(); } $query = "INSERT INTO " . $dbo->table['mailing_current'] . "\n SET\n [command='%S',]\n [serial=%I,]\n [securityCode='%S',]\n [current_status='%S',]\n current_id=%i"; $query = $dbo->prepare($query, @array($in['command'], $in['serial'], $in['code'], $in['current_status'], $id)); if (!$dbo->query($query)) { return false; } return $in['code']; } return $id; }
foreach ($row as $key => $col) { $fid =& $_POST['f'][$key]; if (is_numeric($fid)) { $subscriber['data'][$fid] = $col; } elseif ($fid == 'email' && Pommo_Helper::isEmail($col)) { $subscriber['email'] = $col; } elseif ($fid == 'registered') { $subscriber['registered'] = Pommo_Helper::timeFromStr($col); } elseif ($fid == 'ip') { $subscriber['ip'] = $col; } } if ($subscriber['email']) { // check for dupe // TODO -- DO THIS IN BATCH ?? if (Pommo_Helper::isDupe($subscriber['email'], $includeUnsubscribed)) { $dupes++; $dupe_emails[] = $subscriber['email']; continue; } // validate/fix data if (!Pommo_Validate::subscriberData($subscriber['data'], array('log' => false, 'ignore' => true, 'active' => false))) { $subscriber['flag'] = 9; } // add subscriber if (Pommo_Subscribers::add($subscriber)) { $tally++; if (isset($subscriber['flag'])) { $flagged++; } }
} $config = Pommo_Api::configGet(array('notices')); $notices = unserialize($config['notices']); if (!isset($_POST['d'])) { $view->assign('d', $subscriber['data']); } // check for an update + validate new subscriber info (also converts dates to ints) if (!empty($_POST['update']) && Pommo_Validate::subscriberData($_POST['d'])) { $newsub = array('id' => $subscriber['id'], 'email' => $subscriber['email'], 'data' => $_POST['d']); if (!empty($_POST['newemail'])) { // if change in email, validate and send confirmation of update if ($_POST['newemail'] != $_POST['newemail2']) { $logger->addErr(Pommo::_T('Emails must match.')); } elseif (!Pommo_Helper::isEmail($_POST['newemail'])) { $logger->addErr(Pommo::_T('Invalid Email Address')); } elseif (Pommo_Helper::isDupe($_POST['newemail'])) { $logger->addMsg(Pommo::_T('Email address already exists. Duplicates are not allowed.')); } else { $newsub['email'] = $_POST['newemail']; $code = Pommo_Pending::add($newsub, 'change'); if (!$code) { die('Failed to Generate Pending Subscriber Code'); } require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php'; Pommo_Helper_Messages::sendMessage(array('to' => $newsub['email'], 'code' => $code, 'type' => 'update')); if (isset($notices['update']) && $notices['update'] == 'on') { Pommo_Helper_Messages::notify($notices, $newsub, 'update'); } } } elseif (!Pommo_Subscribers::update($newsub, 'REPLACE_ACTIVE')) { $logger->addErr('Error updating subscriber.');
public static function get($p = array(), $search = array('field' => null, 'string' => null)) { $defaults = array('status' => 'all', 'email' => null, 'sort' => null, 'order' => null, 'limit' => null, 'offset' => null, 'id' => null); $p = Pommo_Api::getParams($defaults, $p); $dbo = Pommo::$_dbo; if ($p['status'] == 'all') { $p['status'] = null; } if (is_numeric($p['limit']) && !is_numeric($p['offset'])) { $p['offset'] = 0; } $o = array(); $query = "\n SELECT\n s.subscriber_id,\n s.email,\n s.time_touched,\n s.time_registered,\n s.flag,\n INET_NTOA(s.ip) ip,\n s.status,\n p.pending_code,\n p.pending_array,\n p.pending_type" . (is_numeric($p['sort']) ? ", d.value" : '') . (is_numeric($search['field']) ? ", search.value" : '') . " FROM " . $dbo->table['subscribers'] . " s\n LEFT JOIN " . $dbo->table['subscriber_pending'] . " p ON (s.subscriber_id = p.subscriber_id) " . (is_numeric($p['sort']) ? "LEFT JOIN (SELECT * FROM " . $dbo->table['subscriber_data'] . " WHERE field_id = " . (int) $p['sort'] . " ) AS d" . " ON (s.subscriber_id = d.subscriber_id)" : '') . (is_numeric($search['field']) ? "LEFT JOIN (SELECT value FROM " . $dbo->table['subscriber_data'] . " WHERE field_id = " . (int) $search['field'] . " ) AS search" . " ON (s.subscriber_id = search.subscriber_id)" : '') . " WHERE\n 1\n [AND s.subscriber_id IN(%C)]\n [AND s.status=%I]\n [AND s.email IN (%Q)]\n [AND %S LIKE '%%S%']\n [ORDER BY %S] [%S]\n [LIMIT %I, %I]"; // Check if we're sorting against a field. // If so, sort against the "value" column select. // If it's a numeric field, cast the value (string) as an Integer by the DBE for proper sorting. if (is_numeric($p['sort'])) { require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $numericFields = Pommo_Fields::getByType(array('date', 'number')); $p['sort'] = in_array($p['sort'], $numericFields) ? 'CAST(value as SIGNED)' : 'value'; } // If we're searching/filtering, generate the proper SQL $searchSQL = NULL; if (!empty($search['field']) && !empty($search['string'])) { // make MySQL LIKE() compliant $search['string'] = addcslashes($search['string'], '%_'); $search['field'] = is_numeric($search['field']) ? 'search.value' : 's.' . $search['field']; } $query = $dbo->prepare($query, array($p['id'], $p['status'], $p['email'], $search['field'], $search['string'], $p['sort'], $p['order'], $p['offset'], $p['limit'])); while ($row = $dbo->getRows($query)) { $o[$row['subscriber_id']] = empty($row['pending_code']) ? Pommo_Subscribers::makeDB($row) : Pommo_Subscribers::makeDB($row, TRUE); } // fetch data if (!empty($o)) { // get any date fields for conversion. We can't use the MySQL 4.1/5 // engine, as it doesn't support negative timestamps... !!! require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php'; $dates = Pommo_Fields::getByType('date'); $query = "\n SELECT\n field_id,\n value,\n subscriber_id\n FROM\n " . $dbo->table['subscriber_data'] . "\n WHERE\n subscriber_id IN(%c)"; $query = $dbo->prepare($query, array(array_keys($o))); while ($row = $dbo->getRows($query)) { $o[$row['subscriber_id']]['data'][$row['field_id']] = in_array($row['field_id'], $dates) ? Pommo_Helper::timeToStr($row['value']) : $row['value']; } } return $o; }
public static function preInit($baseDir) { // Remove quotes added by magic_quotes if (get_magic_quotes_gpc()) { $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST); while (list($key, $val) = each($process)) { foreach ($val as $k => $v) { unset($process[$key][$k]); if (is_array($v)) { $process[$key][stripslashes($k)] = $v; $process[] =& $process[$key][stripslashes($k)]; } else { $process[$key][stripslashes($k)] = stripslashes($v); } } } unset($process); } self::$_baseDir = $baseDir; self::$_config = array(); self::$_auth = null; self::$_escaping = false; require_once self::$_baseDir . 'classes/Pommo_Log.php'; require_once self::$_baseDir . 'lib/SafeSQL.class.php'; require_once self::$_baseDir . 'classes/Pommo_Db.php'; require_once self::$_baseDir . 'classes/Pommo_Auth.php'; // initialize logger // Check where this config variable comes from self::$_logger = new Pommo_Log(); self::$_workDir = empty($config['workDir']) ? self::$_baseDir . 'cache' : $config['workDir']; self::$_debug = strtolower($config['debug']) != 'on' ? false : true; self::$_default_subscriber_sort = empty($config['default_subscriber_sort']) ? 'email' : $config['default_subscriber_sort']; self::$_verbosity = empty($config['verbosity']) ? 3 : $config['verbosity']; self::$_logger->_verbosity = self::$_verbosity; self::$_dateformat = $config['date_format'] >= 1 && $cofig['date_format'] <= 3 ? intval($config['date_format']) : 1; // set base URL (e.g. http://mysite.com/news/pommo => 'news/pommo/') if (isset($config['baseURL'])) { self::$_baseUrl = $config['baseURL']; } else { // If we're called from an embedded script, read baseURL from // "last known good". Else, set it based off of REQUEST. if (defined('_poMMo_embed')) { require_once self::$_baseDir . 'classes/Pommo_Helper_Maintenance.php'; self::$_baseUrl = Pommo_Helper_Maintenance::rememberBaseURL(); } else { $regex = '@/(ajax|inc|setup|user|install|support(/tests|/util)?|' . 'admin(/subscribers|/user|/mailings|/setup)?' . '(/ajax|/mailing|/config)?)$@i'; // This is to fix backslashes on windows systems $dirname = str_replace('\\', '/', dirname($_SERVER['PHP_SELF'])); $baseUrl = preg_replace($regex, '', $dirname); self::$_baseUrl = $baseUrl == '/' ? $baseUrl : $baseUrl . '/'; } } // read in config.php (configured by user) $config = Pommo_Helper::parseConfig(self::$_baseDir . 'config.php'); // check to see if config.php was "properly" loaded if (count($config) < 5) { self::$_hasConfigFile = false; return self::$_hasConfigFile; } self::$_hasConfigFile = true; // the regex strips port info from hostname self::$_hostname = empty($config['hostname']) ? preg_replace('/:\\d+$/i', '', $_SERVER['HTTP_HOST']) : $config['hostname']; self::$_hostport = empty($config['hostport']) ? $_SERVER['SERVER_PORT'] : $config['hostport']; self::$_ssl = !isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on' ? false : true; self::$_http = (self::$_ssl ? 'https://' : 'http://') . self::$_hostname; if (self::$_hostport != 80 && self::$_hostport != 443) { self::$_http .= ':' . self::$_hostport; } self::$_language = empty($config['lang']) ? 'en' : strtolower($config['lang']); self::$_slanguage = defined('_poMMo_lang') ? _poMMo_lang : false; // include translation (l10n) methods if language is not English self::$_l10n = FALSE; if (self::$_language != 'en') { self::$_l10n = TRUE; require_once self::$_baseDir . 'classes/Pommo_Helper_L10n.php'; Pommo_Helper_L10n::init(self::$_language, self::$_baseDir); } // set the current "section" -- should be "user" for /user/* files, // "mailings" for /admin/mailings/* files, etc. etc. self::$_section = preg_replace('@^admin/?@i', '', str_replace(self::$_baseUrl, '', dirname($_SERVER['PHP_SELF']))); $db_conn_compress = strtolower($config['db_conn_compress']) != 'on' ? 0 : MYSQL_CLIENT_COMPRESS; $db_conn_secure = strtolower($config['db_conn_secure']) != 'on' ? 0 : MYSQL_CLIENT_SSL; // initialize database link self::$_dbo = @new Pommo_Db($config['db_username'], $config['db_password'], $config['db_database'], $config['db_hostname'], $config['db_prefix'], $db_conn_compress, $db_conn_secure); // turn off debugging if in user area if (self::$_section == 'user') { self::$_debug = false; self::$_dbo->debug(FALSE); } // if debugging is set in config.php, enable debugging on the database. if (self::$_debug) { // don't enable debugging in ajax requests unless verbosity is < 3 if (Pommo_Helper::isAjax() && self::$_verbosity > 2) { self::$_debug = false; } else { self::$_dbo->debug(TRUE); } } return true; }
function perform(&$in) { global $pommo; $dbo =& Pommo::$_dbo; $logger =& Pommo::$_logger; if (!is_numeric($in['id']) || !is_numeric($in['subscriber_id'])) { $logger->addErr('Pommo_Pending::perform() -> invalid pending object sent.'); return false; } switch ($in['type']) { case 'add': // subscribe $query = "\n\t\t\t\t\tUPDATE " . $dbo->table['subscribers'] . "\n\t\t\t\t\tSET status=1\n\t\t\t\t\tWHERE subscriber_id=%i"; $query = $dbo->prepare($query, array($in['subscriber_id'])); if (!$dbo->query($query)) { $logger->addErr('Pommo_Pending::perform() -> Error updating subscriber.'); return false; } break; case 'change': // update require_once Pommo::$_baseDir . 'classes/Pommo_Subscribers.php'; $subscriber =& $in['array']; if (!Pommo_Subscribers::update($subscriber, 'REPLACE_ACTIVE')) { $logger->addErr('Pommo_Pending::perform() -> Error updating subscriber.'); return false; } break; case 'password': // change (admin) password require_once Pommo::$_baseDir . 'classes/Pommo_Subscribers.php'; $password = Pommo_Helper::makePassword(); $config = Pommo_Api::configGet(array('admin_username', 'admin_email')); if (!Pommo_Api::configUpdate(array('admin_password' => md5($password)), TRUE)) { $logger->addMsg('Error updating password.'); return false; } $logger->addErr(sprintf(Pommo::_T('You may now %1$s login %2$s with username: %3$s and password: %4$s '), '<a href="' . Pommo::$_baseUrl . 'index.php">', '</a>', '<span style="font-size: 130%">' . $config['admin_username'] . '</span>', '<span style="font-size: 130%">' . $password . '</span>')); break; } $query = "\n\t\t\tDELETE FROM " . $dbo->table['subscriber_pending'] . "\n\t\t\tWHERE pending_id=%i"; $query = $dbo->prepare($query, array($in['id'])); if (!$dbo->query($query)) { $logger->addErr('Pommo_Pending::perform() -> Error removing pending entry.'); return false; } return true; }
SmartyValidate::register_validator('email', 'Email', 'isEmail', false, false, 'trim'); $formError = array(); $formError['email'] = Pommo::_T('Invalid email address'); $smarty->assign('formError', $formError); // Assign email to form if pre-provided if (isset($_REQUEST['Email'])) { $smarty->assign('Email', $_REQUEST['Email']); } elseif (isset($_REQUEST['email'])) { $smarty->assign('Email', $_REQUEST['email']); } } else { // ___ USER HAS SENT FORM ___ SmartyValidate::connect($smarty); if (SmartyValidate::is_valid($_POST)) { // __ FORM IS VALID __ if (Pommo_Helper::isDupe($_POST['Email'])) { if (Pommo_Pending::isEmailPending($_POST['Email'])) { $input = urlencode(serialize(array('Email' => $_POST['Email']))); SmartyValidate::disconnect(); Pommo::redirect('pending.php?input=' . $input); } else { // __ EMAIL IN SUBSCRIBERS TABLE, REDIRECT SmartyValidate::disconnect(); Pommo::redirect('activate.php?email=' . $_POST['Email']); } } else { // __ REPORT STATUS $logger->addMsg(Pommo::_T('Email address not found! Please try again.')); $logger->addMsg(sprintf(Pommo::_T('To subscribe, %sclick here%s'), '<a href="' . Pommo::$_baseUrl . 'subscribe.php?Email=' . $_POST['Email'] . '">', '</a>')); } }
$table = $dbo->table[$key]; $sql = 'DROP TABLE IF EXISTS ' . $table; $dbo->query($sql); } if (isset($_REQUEST['debugInstall'])) { $dbo->debug(TRUE); } $install = Pommo_Install::parseSQL(); if ($install) { // installation of DB went OK, set configuration values to user supplied ones $pass = $_POST['admin_password']; // install configuration $_POST['admin_password'] = md5($_POST['admin_password']); Pommo_Api::configUpdate($_POST); // generate key to uniquely identify this installation $key = Pommo_Helper::makeCode(6); Pommo_Api::configUpdate(array('key' => $key), TRUE); Pommo::reloadConfig(); // load configuration [depricated?], set message defaults, load templates require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php'; Pommo_Helper_Messages::resetDefault('all'); // install templates $file = Pommo::$_baseDir . 'sql/sql.templates.php'; if (!Pommo_Install::parseSQL(false, $file)) { $logger->addErr('Error Loading Default Mailing Templates.'); } $logger->addMsg(Pommo::_T('Installation Complete! You may now login and setup poMMo.')); $logger->addMsg(Pommo::_T('Login Username: '******'admin'); $logger->addMsg(Pommo::_T('Login Password: '******'installed', TRUE); } else {
<td><?php echo $this->logicNames[$logic_id]; ?> </td> <td> <ul> <?php $first = true; foreach ($values as $v) { if ($v) { if (!$first) { echo '<br />(' . _('or') . ')'; } if ('date' == $this->fields[$field_id]['type']) { echo Pommo_Helper::timeToStr($v); } else { echo $v; } } $first = false; } ?> </ul> </td> <td> <select onChange="poMMo.callback.updateRule({fieldID:'<?php echo $this->escape($field_id); ?> ',logic:'<?php
function validate() { if (empty($this->_fromname)) { $this->logger->addMsg("Name cannot be blank."); return false; } if (!Pommo_Helper::isEmail($this->_fromemail)) { $this->logger->addMsg("From email must be a valid email address."); return false; } if (!Pommo_Helper::isEmail($this->_frombounce)) { $this->logger->addMsg("Bounce email must be a valid email address."); return false; } if (empty($this->_subject)) { $this->logger->addMsg("Subject cannot be blank."); return false; } if (empty($this->_body)) { $this->logger->addMsg("Message content cannot be blank."); return false; } return true; }
if (!move_uploaded_file($_FILES[$fname]['tmp_name'], Pommo::$_workDir . '/import.csv')) { Pommo::kill('Could not write to temp CSV file (' . Pommo::$_workDir . '/import.csv)'); } } Pommo::set(array('preview' => $a)); Pommo::redirect('import_csv.php' . (isset($_REQUEST['excludeUnsubscribed']) ? '?excludeUnsubscribed=true' : '')); } else { // Saves all parsed E-mails in an array $a = array(); while (($data = fgetcsv($fp, 2048, ',', '"')) !== false) { foreach ($data as $email) { if (Pommo_Helper::isEmail($email)) { $email = strtolower($email); $a[$email] = $email; } } } // Removes from the array E-mails that are already on the database $includeUnsubscribed = isset($_REQUEST['excludeUnsubscribed']) ? false : true; $dupes = Pommo_Helper::isDupe($a, $includeUnsubscribed); if (!$dupes) { $dupes = array(); } $emails = array_diff($a, $dupes); // Saves emails in session and redirects to confirmation page Pommo::set(array('emails' => $emails, 'dupes' => count($dupes))); Pommo::redirect('import_txt.php'); } } } $view->display('admin/subscribers/subscribers_import');
public static function preInit($baseDir) { self::$_baseDir = $baseDir; self::$_config = array(); self::$_auth = null; self::$_escaping = false; require_once self::$_baseDir . 'classes/Pommo_Log.php'; require_once self::$_baseDir . 'lib/SafeSQL.class.php'; require_once self::$_baseDir . 'classes/Pommo_Db.php'; require_once self::$_baseDir . 'classes/Pommo_Auth.php'; // initialize logger // Check where this config variable comes from self::$_logger = new Pommo_Log(); self::$_workDir = empty($config['workDir']) ? self::$_baseDir . 'cache' : $config['workDir']; self::$_debug = strtolower($config['debug']) != 'on' ? false : true; self::$_default_subscriber_sort = empty($config['default_subscriber_sort']) ? 'email' : $config['default_subscriber_sort']; self::$_verbosity = empty($config['verbosity']) ? 3 : $config['verbosity']; self::$_logger->_verbosity = self::$_verbosity; self::$_dateformat = $config['date_format'] >= 1 && $cofig['date_format'] <= 3 ? intval($config['date_format']) : 1; // set base URL (e.g. http://mysite.com/news/pommo => 'news/pommo/') if (isset($config['baseURL'])) { self::$_baseUrl = $config['baseURL']; } else { // If we're called from an embedded script, read baseURL from // "last known good". Else, set it based off of REQUEST. if (defined('_poMMo_embed')) { require_once self::$_baseDir . 'classes/Pommo_Helper_Maintenance.php'; self::$_baseUrl = Pommo_Helper_Maintenance::rememberBaseURL(); } else { $regex = '@/(ajax|inc|setup|user|install|support(/tests|/util)?|' . 'admin(/subscribers|/user|/mailings|/setup)?' . '(/ajax|/mailing|/config)?)$@i'; $baseUrl = preg_replace($regex, '', dirname($_SERVER['PHP_SELF'])); self::$_baseUrl = $baseUrl == '/' ? $baseUrl : $baseUrl . '/'; } } // read in config.php (configured by user) $config = Pommo_Helper::parseConfig(self::$_baseDir . 'config.php'); // check to see if config.php was "properly" loaded if (count($config) < 5) { self::$_hasConfigFile = false; return self::$_hasConfigFile; } self::$_hasConfigFile = true; // the regex strips port info from hostname self::$_hostname = empty($config['hostname']) ? preg_replace('/:\\d+$/i', '', $_SERVER['HTTP_HOST']) : $config['hostname']; self::$_hostport = empty($config['hostport']) ? $_SERVER['SERVER_PORT'] : $config['hostport']; self::$_ssl = !isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on' ? false : true; self::$_http = (self::$_ssl ? 'https://' : 'http://') . self::$_hostname; if (self::$_hostport != 80 && self::$_hostport != 443) { self::$_http .= ':' . self::$_hostport; } self::$_language = empty($config['lang']) ? 'en' : strtolower($config['lang']); self::$_slanguage = defined('_poMMo_lang') ? _poMMo_lang : false; // include translation (l10n) methods if language is not English self::$_l10n = FALSE; if (self::$_language != 'en') { self::$_l10n = TRUE; require_once self::$_baseDir . 'classes/Pommo_Helper_L10n.php'; Pommo_Helper_L10n::init(self::$_language, self::$_baseDir); } // make sure workDir is writable if (!is_dir(self::$_workDir . '/pommo/smarty')) { $wd = self::$_workDir; self::$_workDir = null; if (!is_dir($wd)) { Pommo::kill(sprintf(Pommo::_T('Work Directory (%s) not found! Make sure it exists and the webserver can write to it. You can change its location from the config.php file.'), $wd)); } if (!is_writable($wd)) { Pommo::kill(sprintf(Pommo::_T('Cannot write to Work Directory (%s). Make sure it has the proper permissions.'), $wd)); } if ('1' == ini_get('safe_mode')) { Pommo::kill(sprintf(Pommo::_T('Working Directory (%s) cannot be created under PHP SAFE MODE. See Documentation, or disable SAFE MODE.'), $wd)); } if (!is_dir($wd . '/pommo')) { if (!mkdir($wd . '/pommo')) { Pommo::kill(Pommo::_T('Could not create directory') . ' ' . $wd . '/pommo'); } } if (!mkdir($wd . '/pommo/smarty')) { Pommo::kill(Pommo::_T('Could not create directory') . ' ' . $wd . '/pommo/smarty'); } self::$_workdir = $wd; } // set the current "section" -- should be "user" for /user/* files, // "mailings" for /admin/mailings/* files, etc. etc. self::$_section = preg_replace('@^admin/?@i', '', str_replace(self::$_baseUrl, '', dirname($_SERVER['PHP_SELF']))); // initialize database link self::$_dbo = @new Pommo_Db($config['db_username'], $config['db_password'], $config['db_database'], $config['db_hostname'], $config['db_prefix']); // turn off debugging if in user area if (self::$_section == 'user') { self::$_debug = false; self::$_dbo->debug(FALSE); } // if debugging is set in config.php, enable debugging on the database. if (self::$_debug) { // don't enable debugging in ajax requests unless verbosity is < 3 if (Pommo_Helper::isAjax() && self::$_verbosity > 2) { self::$_debug = false; } else { self::$_dbo->debug(TRUE); } } return true; }
function smarty_modifier_pommoDateFormat($int) { return Pommo_Helper::timeToStr($int); }
flush(); sleep(5); if (!is_file(Pommo::$_workDir . '/mailing.test.php')) { // make sure we can write to the file if (!($handle = fopen(Pommo::$_workDir . '/mailing.test.php', 'w'))) { Pommo::kill('Unable to write to test file!'); } fclose($handle); unlink(Pommo::$_workDir . '/mailing.test.php'); Pommo::kill('Initial Spawn Failed (test file not written to)! Test the mail processor.'); } $die = false; $time = 0; while (!$die) { sleep(10); $o = Pommo_Helper::parseConfig(Pommo::$_workDir . '/mailing.test.php'); if (!isset($o['code']) || $o['code'] != $code) { unlink(Pommo::$_workDir . '/mailing.test.php'); Pommo::kill('Spawning Failed. Codes did not match.'); } if (!isset($o['time']) || $time >= $o['time'] || $o['time'] == 90) { $die = true; } $time = $o['time']; echo "{$time} seconds <br />"; ob_flush(); flush(); } unlink(Pommo::$_workDir . '/mailing.test.php'); if ($time == 90) { Pommo::kill('SUCCESS');
$logger->addErr('Unable to Add Subscriber'); } else { // temp subscriber created $state['tally'] = 1; $state['group'] = Pommo::_T('Test Mailing'); if ($state['ishtml'] == 'off') { $state['body'] = $state['altbody']; $state['altbody'] = ''; } // create mailing $mailing = Pommo_Mailing::make(array(), TRUE); $state['status'] = 1; $state['current_status'] = 'stopped'; $state['command'] = 'restart'; $state['charset'] = $state['list_charset']; $mailing = Pommo_Helper::arrayIntersect($state, $mailing); $code = Pommo_Mailing::add($mailing); // populate queue $queue = array($key); if (!Pommo_Mail_Ctl::queueMake($queue)) { $logger->addErr('Unable to Populate Queue'); } else { if (!Pommo_Mail_Ctl::spawn(Pommo::$_baseUrl . 'ajax/mailings_send4.php?test=TRUE&code=' . $code)) { $logger->addErr('Unable to spawn background mailer'); } else { $smarty->assign('sent', $_POST['email']); } } } } elseif ($current) { $logger->addMsg(Pommo::_T('A mailing is currently taking place. Please try again later.'));
function rememberBaseURL() { $config = Pommo_Helper::parseConfig(Pommo::$_workDir . '/maintenance.php'); return $config['baseURL']; }
function add(&$in) { $dbo =& Pommo::$_dbo; // set the start time if not provided if (empty($in['start'])) { $in['start'] = time(); } if (empty($in['sent'])) { $in['sent'] = 0; } if (!Pommo_Mailing::validate($in)) { return false; } $query = "\n\t\t\tINSERT INTO " . $dbo->table['mailings'] . "\n\t\t\tSET\n\t\t\t[fromname='%S',]\n\t\t\t[fromemail='%S',]\n\t\t\t[frombounce='%S',]\n\t\t\t[subject='%S',]\n\t\t\t[body='%S',]\n\t\t\t[altbody='%S',]\n\t\t\t[ishtml='%S',]\n\t\t\t[mailgroup='%S',]\n\t\t\t[subscriberCount=%I,]\n\t\t\t[finished=FROM_UNIXTIME(%I),]\n\t\t\t[sent=%I,]\n\t\t\t[charset='%S',]\n\t\t\t[status=%I,]\n\t\t\tstarted=FROM_UNIXTIME(%i)"; $query = $dbo->prepare($query, @array($in['fromname'], $in['fromemail'], $in['frombounce'], $in['subject'], $in['body'], $in['altbody'], $in['ishtml'], $in['group'], $in['tally'], $in['end'], $in['sent'], $in['charset'], $in['status'], $in['start'])); // fetch new subscriber's ID $id = $dbo->lastId($query); if (!$id) { return false; } // insert current if applicable if (!empty($in['status']) && $in['status'] == 1) { if (empty($in['code'])) { $in['code'] = Pommo_Helper::makeCode(); } $query = "\n\t\t\tINSERT INTO " . $dbo->table['mailing_current'] . "\n\t\t\tSET\n\t\t\t[command='%S',]\n\t\t\t[serial=%I,]\n\t\t\t[securityCode='%S',]\n\t\t\t[current_status='%S',]\n\t\t\tcurrent_id=%i"; $query = $dbo->prepare($query, @array($in['command'], $in['serial'], $in['code'], $in['current_status'], $id)); if (!$dbo->query($query)) { return false; } return $in['code']; } return $id; }