public function runtest() { if (empty($this->userdata['email'])) { print $GLOBALS['I18N']->get('Test email not set '); return 0; } ## insert an HTML page as a message Sql_Query(sprintf('insert into %s (subject,fromfield,message,footer,entered,status,sendformat) values("phplist test sendpage","test","[URL:http://www.phplist.com]","Unsubscribe link: [UNSUBSCRIBE]",now(),"test","text and HTML")', $GLOBALS['tables']['message'])); require_once dirname(__FILE__) . '/../sendemaillib2.php'; $testmsg = Sql_Insert_id(); print $GLOBALS['I18N']->get('Sending HTML version to ') . $this->userdata['email']; $suc6 = 0; $suc6 = sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 1); if ($suc6) { print ' ... ' . $GLOBALS['I18N']->get('OK'); } else { print ' ... ' . $GLOBALS['I18N']->get('Failed'); } print '<br/>'; print $GLOBALS['I18N']->get('Sending Text version to ') . $this->userdata['email']; $suc6 = $suc6 && sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 0); if ($suc6) { print ' ... ' . $GLOBALS['I18N']->get('OK'); } else { print ' ... ' . $GLOBALS['I18N']->get('Failed'); } print '<br/>'; if (CLICKTRACK) { print $GLOBALS['I18N']->get('Note: Links in emails will not work, because this is a test message, which is deleted after sending') . '<br/>'; } print $GLOBALS['I18N']->get('Check your INBOX to see if all worked ok') . '<br/>'; #deleteMessage($testmsg); print "Message ID: {$testmsg}<br/>"; return $suc6; }
if ($dbversion > "1.4.1") break; ignore_user_abort(); set_time_limit(500); reset($DBstruct); while (list($table,$value) = each ($DBstruct)) { set_time_limit(500); if ($table_prefix) Sql_Query("alter table $table rename $tables[$table]",1); print "<br>Upgrading $table<br />"; if ($table == "user" && Sql_Table_Column_Exists($tables["user"],"name")) { $c = 1; foreach (array("name","address1","address2","postcode","town") as $item) { Sql_Verbose_Query(sprintf('insert into %s (name,type,listorder,required) values("%s","textline",%d,0)',$tables["attribute"],$item,$c)); $c++; $attribute_id = Sql_Insert_id(); print "<P>Now copying user data to new table<br>"; $req = Sql_Query("select id,$item from ".$tables["user"]); while ($user = Sql_Fetch_Row($req)) Sql_Query(sprintf('insert into %s values(%d,%d,"%s")',$tables["user_attribute"],$attribute_id,$user[0],addslashes($user[1]))); Sql_Verbose_Query("alter table {$tables["user"]} drop column $item"); flush(); } } $success = $success && upgradeTable($tables[$table],$DBstruct[$table]); flush(); } Sql_Verbose_Query("update {$tables["user"]} set confirmed = 1"); $req = Sql_Query("select tablename from ".$tables["attribute"]); while ($row = Sql_Fetch_Row($req)) { set_time_limit(500);
if (is_array($selected)) { while(list($key,$val) = each($selected)) { $entry = readentry("data/$val"); list($name,$desc) = explode(":",$entry); print "<br/><br/>Loading $desc<br>\n"; $lc_name = str_replace(" ","", strtolower(str_replace(".txt","",$val))); $lc_name = ereg_replace("[^[:alnum:]]","",$lc_name); if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name"); Sql_Query("select * from {$tables['attribute']} where tablename = \"$lc_name\""); if (Sql_Affected_Rows()) Fatal_Error("Name is not unique enough"); $query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")', $tables["attribute"],addslashes($name),"select",1,$lc_name); Sql_Query($query); $insertid = Sql_Insert_id(); $query = "create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)"; Sql_Query($query); $fp = fopen("data/$val","r"); $header = ""; while (!feof ($fp)) { $buffer = fgets($fp, 4096); if (!ereg("#",$buffer)) { if (!$header) $header = $buffer; else if (trim($buffer) != "") Sql_Query(sprintf('insert into %slistattr_%s (name) values("%s")',$table_prefix,$lc_name,trim($buffer))); } } fclose ($fp);
} Sql_Query(sprintf('update %s set value = %d where attributeid = %d', $tables['user_attribute'], $val_index, $attid)); } Sql_Query(sprintf('update %s set attributeid = %d where attributeid = %d', $tables['user_attribute'], $first, $attid), 1); Sql_Query(sprintf('drop table %s', $table_prefix . 'listattr_' . $attdata['tablename']), 1); Sql_Query(sprintf('delete from %s where id = %d', $tables['attribute'], $attid)); # mark forms to use the merged attribute if ($formtable_exists) { Sql_Query(sprintf('update formfield set attribute = %d where attribute = %d', $first, $attid), 1); } break; case 'checkbox': $exists = Sql_Fetch_row_Query(sprintf('select id from %s where name = "%s"', $valuestable, $attdata['name'])); if (!$exists[0]) { Sql_Query(sprintf('insert into %s (name) values("%s")', $valuestable, $attdata['name'])); $val_index = Sql_Insert_id(); } else { $val_index = $exists[0]; } Sql_Query(sprintf('update %s set value = concat(value,",","%s") where attributeid = %d and (value != 0 or value != "off") ', $tables['user_attribute'], $val_index, $first)); Sql_Query(sprintf('delete from %s where id = %d', $tables['attribute'], $attid)); # mark forms to use the merged attribute if ($formtable_exists) { Sql_Query(sprintf('update formfield set attribute = %d where attribute = %d', $first, $attid), 1); } break; case 'checkboxgroup': # hmm, this is a tricky one. print Error($GLOBALS['I18N']->get('Sorry, merging of checkbox groups is not implemented yet')); break; }
if (!$valueid[0]) { Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $att["displayvalue"])); $att["value"] = Sql_Insert_id(); } else { $att["value"] = $valueid[0]; } break; case "checkboxgroup": $vals = explode(",", $att["displayvalue"]); array_pop($vals); $att["value"] = ""; foreach ($vals as $val) { $valueid = Sql_Fetch_Row_Query(sprintf('select id from %slistattr_%s where name = "%s"', $table_prefix, $tname[0], $val)); if (!$valueid[0]) { Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $val)); $att["value"] .= Sql_Insert_id() . ','; } else { $att["value"] .= $valueid[0] . ","; } } $att["value"] = substr($att["value"], 0, -1); break; } if ($att["value"]) { Sql_Query(sprintf('replace into %s set attributeid = %d, userid = %d, value = "%s"', $tables["user_attribute"], $localattid, $userid, addslashes($att["value"]))); } } } } if (is_array($userlists)) {
function repeatMessage($msgid) { if (!USE_REPETITION) { return; } $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeat minute) as newembargo, date_add(now(),interval repeat minute) as newembargo2, date_add(embargo,interval repeat minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid)); if (!$msgdata["id"] || !$msgdata["repeat"]) { return; } # copy the new message Sql_Query(sprintf(' insert into %s (entered) values(now())', $GLOBALS["tables"]["message"])); $id = Sql_Insert_id(); require $GLOBALS["coderoot"] . "structure.php"; if (!is_array($DBstruct["message"])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct["message"] as $column => $rec) { if ($column != "id" && $column != "entered") { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id)); } } # correct some values if (!$msgdata["isfuture"]) { $msgdata["newembargo"] = $msgdata["newembargo2"]; } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id)); foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row["remotefile"])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row["filename"] = ""; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"])); $attid = Sql_Insert_id(); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid)); } logEvent("Message {$msgid} was successfully rescheduled"); }
function saveUserAttribute($userid,$attid,$data) { if ($data["nodbsave"]) { dbg("Not saving $attid"); return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { dbg("Not saving $attid"); return; } if (!$data["type"]) $data["type"] = "textline"; if ($data["type"] == "static" || $data["type"] == "password") { Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid,$data["value"],$userid)); return 1; } $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from attribute where id = %d',$attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from attribute where name = "%s"',$data["name"])); if (!$attid_req[0]) { if ($GLOBALS["config"]["autocreate_attributes"]) { Dbg("Creating new Attribute: ".$data["name"]); sendError("creating new attribute ".$data["name"]); $atttable= getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into attribute (name,type,tablename) values("%s","%s","%s")',$data["name"],$data["type"],$atttable)); $attid = Sql_Insert_Id(); } else { dbg("Not creating new Attribute: ".$data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } if (!$atttable) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update attribute set tablename ="%s" where id = %d', $atttable,$attid)); # sendError("Attribute without Tablename $attid"); } switch ($data["type"]) { case "static": case "password": Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid,$data["value"],$userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s where name = "%s"',$atttable,$data["displayvalue"]),1); if (!$curval[0]) { Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")',$atttable, $data["displayvalue"])); sendError("Added ".$data["displayvalue"]." to $atttable"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value) values(%d,%d,"%s")',$userid,$attid,$valid)); break; default: Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value) values(%d,%d,"%s")',$userid,$attid,$data["value"])); break; } return 1; }
$firstname_att_id = Sql_Insert_id(); } else { $firstname_att_id = $_POST['attributeone']; } if ($_POST['attributetwo'] == 'create') { $req = Sql_Query(sprintf('insert into %s (name,type) values("Last Name","textline")', $tables['attribute'])); $lastname_att_id = Sql_Insert_id(); } else { $lastname_att_id = $_POST['attributetwo']; } } else { if ($_POST['attributeone'] == 'create') { $req = Sql_Query(sprintf('insert into %s (name,type) values("Name","textline")', $tables['attribute'])); $name_att_id = Sql_Insert_id(); } else { $name_att_id = $_POST['attributeone']; } } $x = 0; $count_email_add = 0; $count_exist = 0; $count_list_add = 0; foreach ($all_emails as $key => $versions) { set_time_limit(60); $importuser = getBestVersion($versions); # print $importuser["personal"]." <".$importuser["email"]."><br/>"; printf('<input type="hidden" name="importemail[%s] value="%s">', $importuser['email'], $importuser['personal']); # split personal in first and last name list($importuser['firstname'], $importuser['lastname']) = explode(' ', $importuser['personal'], 2);
function repeatMessage($msgid) { # if (!USE_REPETITION && !USE_RSS) return; # get the future embargo, either "repeat" minutes after the old embargo # or "repeat" after this very moment to make sure that we're not sending the # message every time running the queue when there's no embargo set. $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo, date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid)); if (!$msgdata["id"] || !$msgdata["repeatinterval"]) { return; } # copy the new message Sql_Query(sprintf(' insert into %s (entered) values(now())', $GLOBALS["tables"]["message"])); $id = Sql_Insert_id(); require dirname(__FILE__) . '/structure.php'; if (!is_array($DBstruct["message"])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct["message"] as $column => $rec) { if ($column != "id" && $column != "entered" && $column != "sendstart") { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id)); } } $req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid)); while ($row = Sql_Fetch_Array($req)) { Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $GLOBALS['tables']['messagedata'], $row['name'], $id, addslashes($row['data']))); } # check whether the new embargo is not on an exclusion if (is_array($GLOBALS["repeat_exclude"])) { $repeatinterval = $msgdata["repeatinterval"]; $loopcnt = 0; while (excludedDateForRepetition($msgdata["newembargo"])) { $repeatinterval += $msgdata["repeatinterval"]; $loopcnt++; $msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo, date_add(now(),interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > now() as isfuture from %s where id = %d and repeatuntil > now()', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid)); if ($loopcnt > 15) { logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}"); return; } } } # correct some values if (!$msgdata["isfuture"]) { $msgdata["newembargo"] = $msgdata["newembargo2"]; } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id)); // bug 0009687: maybe add "ashtml","astextandhtml" and put them in ashtml? foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row["remotefile"])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row["filename"] = ""; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"])); $attid = Sql_Insert_id(); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid)); } logEvent("Message {$msgid} was successfully rescheduled as message {$id}"); }
function clickTrackLinkId($messageid, $userid, $url, $link) { global $cached; if (!isset($cached['linktrack']) || !is_array($cached['linktrack'])) { $cached['linktrack'] = array(); } if (!isset($cached['linktracksent']) || !is_array($cached['linktracksent'])) { $cached['linktracksent'] = array(); } if (!isset($cached['linktrack'][$link])) { /* * we cannot handle URLs longer than 255 characters. * to handle that, take out the substr below and change the DB: * * alter table phplist_linktrack_forward drop index urlunique; * alter table phplist_linktrack_forward drop index urlindex; * alter table phplist_linktrack_forward change url url text; * alter table phplist_linktrack_forward add index urlunique (url(300)); * alter table phplist_linktrack_forward add index urlindex (url (300)); * * with 300 being the new limit. Then also change the substr-255 to substr-300 * * or to change back again: * * alter table phplist_linktrack_forward drop index urlunique; * alter table phplist_linktrack_forward drop index urlindex; * alter table phplist_linktrack_forward change url url varchar(255); * alter table phplist_linktrack_forward add index urlunique (url); * alter table phplist_linktrack_forward add index (url); * */ $exists = Sql_Fetch_Row_Query(sprintf('select id from %s where url = "%s"', $GLOBALS['tables']['linktrack_forward'], sql_escape(substr($url, 0, 255)))); if (!$exists[0]) { $personalise = preg_match('/uid=/', $link); Sql_Query(sprintf('insert into %s set url = "%s", personalise = %d', $GLOBALS['tables']['linktrack_forward'], sql_escape($url), $personalise)); $fwdid = Sql_Insert_id(); } else { $fwdid = $exists[0]; } $cached['linktrack'][$link] = $fwdid; } else { $fwdid = $cached['linktrack'][$link]; } if (!isset($cached['linktracksent'][$messageid]) || !is_array($cached['linktracksent'][$messageid])) { $cached['linktracksent'][$messageid] = array(); } if (!isset($cached['linktracksent'][$messageid][$fwdid])) { $tot = Sql_Fetch_Row_Query(sprintf('select total from %s where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $messageid, $fwdid)); if (!Sql_Affected_Rows()) { ## first time for this link/message Sql_Query(sprintf('replace into %s set total = %d,messageid = %d,forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $tot[0] + 1, $messageid, $fwdid)); } else { Sql_Query(sprintf('update %s set total = %d where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $tot[0] + 1, $messageid, $fwdid)); } $cached['linktracksent'][$messageid][$fwdid] = $tot[0] + 1; } else { ++$cached['linktracksent'][$messageid][$fwdid]; ## write every so often, to make sure it's saved when interrupted if ($cached['linktracksent'][$messageid][$fwdid] % 100 == 0) { Sql_Query(sprintf('update %s set total = %d where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $cached['linktracksent'][$messageid][$fwdid], $messageid, $fwdid)); } } /* $req = Sql_Query(sprintf('insert ignore into %s (messageid,userid,forwardid) values(%d,%d,"%s","%s")',$GLOBALS['tables']['linktrack'],$messageid,$userdata['id'],$url,addslashes($link))); $req = Sql_Fetch_Row_Query(sprintf('select linkid from %s where messageid = %s and userid = %d and forwardid = %d ',$GLOBALS['tables']['linktrack'],$messageid,$userid,$fwdid));*/ return $fwdid; }
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!empty($tables["attribute"])) { $att_table = $usertable_prefix . $tables["attribute"]; $user_att_table = $usertable_prefix . $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if ($data["nodbsave"]) { dbg("Not saving {$attid}"); return; } if (strtolower($data) == 'invalid attribute index') { return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { dbg("Not saving {$attid}"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid)); } return 1; } $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if ($GLOBALS["config"]["autocreate_attributes"]) { Dbg("Creating new Attribute: " . $data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { dbg("Not creating new Attribute: " . $data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } if (!$atttable) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($data["type"]) { case "static": case "password": Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; case 'avatar': if (is_array($_FILES)) { ## only avatars are files $formfield = 'attribute' . $attid . '_file'; ## the name of the fileupload element if (!empty($_FILES[$formfield]['name'])) { $tmpnam = $_FILES[$formfield]['tmp_name']; move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg'); if (function_exists('resizeImageFile')) { resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1); } $size = filesize('/tmp/avatar' . $userid . '.jpg'); # dbg('New size: '.$size); if ($size < MAX_AVATAR_SIZE) { $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg'); Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar))); unlink('/tmp/avatar' . $userid . '.jpg'); } } } break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }
$total = Sql_Affected_Rows(); if ($total) { output(s('converting data') . '<br/>'); } while ($row = Sql_Fetch_Array($req)) { if (checkLock($process_id)) { keepLock($process_id); } else { output(s('processing cancelled')); break; } $exists = Sql_Fetch_Row_Query(sprintf('select id from %s where url = "%s"', $GLOBALS['tables']['linktrack_forward'], $row['url'])); if (!$exists[0]) { $personalise = preg_match('/uid=/', $row['forward']); Sql_Query(sprintf('insert into %s (url,personalise) values("%s",%d)', $GLOBALS['tables']['linktrack_forward'], $row['url'], $personalise)); $fwdid = Sql_Insert_id(); } else { $fwdid = $exists[0]; } set_time_limit(600); $messageid = $row['messageid']; $userid = $row['userid']; Sql_query(sprintf('insert into %s set total = 1, forwardid = %d, messageid = %d ON DUPLICATE KEY UPDATE total = total + 1', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid)); if (!empty($row['firstclick'])) { $result = Sql_Query(sprintf('select data, count(*) as count from %s where name = "Message Type" and linkid = %d group by data', $GLOBALS['tables']['linktrack_userclick'], $row['linkid'])); while ($ucRow = Sql_Fetch_Array($result)) {
function processBounce ($link,$num,$header) { global $tables; $headerinfo = imap_headerinfo($link,$num); $body= imap_body ($link,$num); $msgid = 0;$user = 0; preg_match ("/X-MessageId: (.*)/i",$body,$match); if (is_array($match) && isset($match[1])) $msgid= trim($match[1]); if (!$msgid) { # older versions use X-Message preg_match ("/X-Message: (.*)/i",$body,$match); if (is_array($match) && isset($match[1])) $msgid= trim($match[1]); } preg_match ("/X-ListMember: (.*)/i",$body,$match); if (is_array($match) && isset($match[1])) $user = trim($match[1]); if (!$user) { # older version use X-User preg_match ("/X-User: (.*)/i",$body,$match); if (is_array($match) && isset($match[1])) $user = trim($match[1]); } # some versions used the email to identify the users, some the userid and others the uniqid # use backward compatible way to find user if (preg_match ("/.*@.*/i",$user,$match)) { $userid_req = Sql_Fetch_Row_Query("select id from {$tables["user"]} where email = \"$user\""); if (VERBOSE) output("UID".$userid_req[0]." MSGID".$msgid); $userid = $userid_req[0]; } elseif (preg_match("/^\d$/",$user)) { $userid = $user; if (VERBOSE) output( "UID".$userid." MSGID".$msgid); } elseif ($user) { $userid_req = Sql_Fetch_Row_Query("select id from {$tables["user"]} where uniqid = \"$user\""); if (VERBOSE) output( "UID".$userid_req[0]." MSGID".$msgid); $userid = $userid_req[0]; } else { $userid = ''; } Sql_Query(sprintf('insert into %s (date,header,data) values("%s","%s","%s")', $tables["bounce"], date("Y-m-d H:i",strtotime($headerinfo->Date)), addslashes($header), addslashes($body))); $bounceid = Sql_Insert_id(); if ($msgid == "systemmessage" && $userid) { Sql_Query(sprintf('update %s set status = "bounced system message", comment = "%s marked unconfirmed" where id = %d', $tables["bounce"], $userid,$bounceid)); logEvent("$userid system message bounced, user marked unconfirmed"); Sql_Query(sprintf('update %s set confirmed = 0 where id = %d', $tables["user"], $userid)); } elseif ($msgid && $userid) { Sql_Query(sprintf('update %s set status = "bounced list message %d", comment = "%s bouncecount increased" where id = %d', $tables["bounce"], $msgid, $userid,$bounceid)); Sql_Query(sprintf('update %s set bouncecount = bouncecount + 1 where id = %d', $tables["message"], $msgid)); Sql_Query(sprintf('update %s set bouncecount = bouncecount + 1 where id = %d', $tables["user"], $userid)); Sql_Query(sprintf('insert into %s set user = %d, message = %d, bounce = %d', $tables["user_message_bounce"], $userid,$msgid,$bounceid)); } elseif ($userid) { Sql_Query(sprintf('update %s set status = "bounced unidentified message", comment = "%s bouncecount increased" where id = %d', $tables["bounce"], $userid,$bounceid)); Sql_Query(sprintf('update %s set bouncecount = bouncecount + 1 where id = %d', $tables["user"], $userid)); } else { Sql_Query(sprintf('update %s set status = "unidentified bounce", comment = "not processed" where id = %d', $tables["bounce"], $bounceid)); return false; } return true; }
function repeatMessage($msgid) { # if (!USE_REPETITION && !USE_rss) return; $data = loadMessageData($msgid); ## do not repeat when it has already been done if ($data['repeatinterval'] == 0 || !empty($data['repeatedid'])) { return; } # calculate the future embargo, a multiple of repeatinterval minutes after the current embargo $msgdata = Sql_Fetch_Array_Query(sprintf('SELECT *, embargo + INTERVAL (FLOOR(TIMESTAMPDIFF(MINUTE, embargo, GREATEST(embargo, NOW())) / repeatinterval) + 1) * repeatinterval MINUTE AS newembargo FROM %s WHERE id = %d AND now() < repeatuntil', $GLOBALS['tables']['message'], $msgid)); if (!$msgdata) { logEvent("Message {$msgid} not repeated due to reaching the repeatuntil date"); return; } # check whether the new embargo is not on an exclusion if (isset($GLOBALS['repeat_exclude']) && is_array($GLOBALS['repeat_exclude'])) { $loopcnt = 0; while (excludedDateForRepetition($msgdata['newembargo'])) { if (++$loopcnt > 15) { logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}"); return; } $result = Sql_Fetch_Array_Query(sprintf("SELECT '%s' + INTERVAL repeatinterval MINUTE AS newembargo\n FROM %s\n WHERE id = %d", $msgdata['newembargo'], $GLOBALS['tables']['message'], $msgid)); $msgdata['newembargo'] = $result['newembargo']; } } # copy the new message Sql_Query(sprintf(' insert into %s (entered) values(now())', $GLOBALS['tables']['message'])); $newid = Sql_Insert_id(); require dirname(__FILE__) . '/structure.php'; if (!is_array($DBstruct['message'])) { logEvent("Error including structure when trying to duplicate message {$msgid}"); return; } foreach ($DBstruct['message'] as $column => $rec) { if ($column != 'id' && $column != 'entered' && $column != 'sendstart') { Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS['tables']['message'], $column, addslashes($msgdata[$column]), $newid)); } } $req = Sql_Query(sprintf("SELECT *\n FROM %s\n WHERE id = %d AND name NOT IN ('id')", $GLOBALS['tables']['messagedata'], $msgid)); while ($row = Sql_Fetch_Array($req)) { setMessageData($newid, $row['name'], $row['data']); } Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS['tables']['message'], $msgdata['newembargo'], $newid)); list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata['newembargo'], '%04d-%02d-%02d %02d:%02d:%02d'); unset($e['second']); setMessageData($newid, 'embargo', $e); foreach (array('processed', 'astext', 'ashtml', 'astextandhtml', 'aspdf', 'astextandpdf', 'viewed', 'bouncecount') as $item) { Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS['tables']['message'], $item, $newid)); } # lists $req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $msgid)); while ($row = Sql_Fetch_Row($req)) { Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS['tables']['listmessage'], $newid, $row[0])); } # attachments $req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'], $GLOBALS['tables']['message_attachment'], $msgid, $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'])); while ($row = Sql_Fetch_Array($req)) { if (is_file($row['remotefile'])) { # if the "remote file" is actually local, we want to refresh the attachment, so we set # filename to nothing $row['filename'] = ''; } Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)', $GLOBALS['tables']['attachment'], addslashes($row['filename']), addslashes($row['remotefile']), addslashes($row['mimetype']), addslashes($row['description']), $row['size'])); $attid = Sql_Insert_id(); Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS['tables']['message_attachment'], $newid, $attid)); } logEvent("Message {$msgid} was successfully rescheduled as message {$newid}"); ## remember we duplicated, in order to avoid doing it again (eg when requeuing) setMessageData($msgid, 'repeatedid', $newid); if (getConfig('pqchoice') == 'phplistdotcom') { activateRemoteQueue(); } }
} else { $html .= $attributes[$item["record"]]; } $html .= " -> " . $user[$item["index"]] . "<br>"; } } if ($html) { print '<blockquote>' . $html . '</blockquote>'; } } else { # do import # create new attributes foreach ($_SESSION["import_attribute"] as $column => $item) { if ($item["record"] == "new") { Sql_Query(sprintf('insert into %s (name,type) values("%s","textline")', $tables["attribute"], addslashes($column))); $attid = Sql_Insert_id(); Sql_Query(sprintf('update %s set tablename = "attr%d" where id = %d', $tables["attribute"], $attid, $attid)); Sql_Query("create table " . $GLOBALS["table_prefix"] . "listattr_attr" . $attid . "\n (id integer not null primary key auto_increment, name varchar(255) unique,\n listorder integer default 0)"); $_SESSION["import_attribute"][$column]["record"] = $attid; } } $new = 0; $cnt++; if ($cnt % 25 == 0) { print "<br/>\n{$cnt}/{$total}"; flush(); } if ($user["systemvalues"]["foreign key"]) { $result = Sql_query(sprintf('select id,uniqid from %s where foreignkey = "%s"', $tables["user"], $user["systemvalues"]["foreign key"])); # print "<br/>Using foreign key for matching: ".$user["systemvalues"]["foreign key"]; $count["fkeymatch"]++;
} if (isset($_GET['id'])) { $id = sprintf('%d', $_GET['id']); } else { $id = 0; } if (isset($_POST["save"]) || isset($_POST["activate"]) || isset($_POST["deactivate"])) { $owner = $_POST["owner"]; if (!$owner) { $owner = $_SESSION['logindetails']['id']; } if ($id) { Sql_Query(sprintf('update %s set title = "%s",owner = %d where id = %d', $tables["subscribepage"], $title, $owner, $id)); } else { Sql_Query(sprintf('insert into %s (title,owner) values("%s",%d)', $tables["subscribepage"], $title, $owner)); $id = Sql_Insert_id(); } Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage_data"], $id)); foreach (array("title", "intro", "header", "footer", "thankyoupage", "button", "htmlchoice", "emaildoubleentry") as $item) { Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $tables["subscribepage_data"], $item, $id, $_POST[$item])); } foreach (array("subscribesubject", "subscribemessage", "confirmationsubject", "confirmationmessage") as $item) { SaveConfig("{$item}:{$id}", stripslashes($_POST[$item]), 0); } Sql_Query(sprintf('delete from %s where id = %d and name like "attribute___"', $tables["subscribepage_data"], $id)); if (is_array($attr_use)) { $cnt = 0; $attributes = ""; while (list($att, $val) = each($attr_use)) { $default = $attr_default[$att]; $order = $attr_listorder[$att];
if (!$valueid[0]) { Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $att['displayvalue'])); $att['value'] = Sql_Insert_id(); } else { $att['value'] = $valueid[0]; } break; case 'checkboxgroup': $vals = explode(',', $att['displayvalue']); array_pop($vals); $att['value'] = ''; foreach ($vals as $val) { $valueid = Sql_Fetch_Row_Query(sprintf('select id from %slistattr_%s where name = "%s"', $table_prefix, $tname[0], $val)); if (!$valueid[0]) { Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $val)); $att['value'] .= Sql_Insert_id() . ','; } else { $att['value'] .= $valueid[0] . ','; } } $att['value'] = substr($att['value'], 0, -1); break; } if ($att['value']) { Sql_Query(sprintf('replace into %s set attributeid = %d, userid = %d, value = "%s"', $tables['user_attribute'], $localattid, $userid, addslashes($att['value']))); } } } } if (is_array($userlists)) {
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $table_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!isset($table_prefix)) { $table_prefix = 'phplist_'; } if (!empty($tables["attribute"])) { $att_table = $usertable_prefix . $tables["attribute"]; $user_att_table = $usertable_prefix . $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if (!is_array($data)) { $tmp = $data; $data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid)); $data['value'] = $tmp; $data['displayvalue'] = $tmp; } # dbg($data,'$data to store for '.$userid.' '.$attid); if ($data["nodbsave"]) { # dbg($attid, "Not saving, nodbsave"); return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { # dbg($attid, "Not saving, emailcheck/passwordcheck"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); dbg('Saving', $data['value'], DBG_TRACE); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid)); } return 1; } $attributetype = $data['type']; $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) { # Dbg("Creating new Attribute: ".$data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { # dbg("Not creating new Attribute: ".$data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; if (empty($attributetype)) { $attributetype = $attid_req[1]; } $atttable = $attid_req[2]; } if (!$atttable && !empty($data['name'])) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($attributetype) { case "static": case "password": # dbg('SAVING STATIC OR PASSWORD'); if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') { $data["value"] = 'not authoritative'; } Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; case 'avatar': if (is_array($_FILES)) { ## only avatars are files, for now if (!defined('MAX_AVATAR_SIZE')) { define('MAX_AVATAR_SIZE', 100000); } $formfield = 'attribute' . $attid . '_file'; ## the name of the fileupload element if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) { $tmpnam = $_FILES[$formfield]['tmp_name']; move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg'); $size = filesize('/tmp/avatar' . $userid . '.jpg'); # dbg('New size: '.$size); if ($size < MAX_AVATAR_SIZE) { $avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg'); Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar))); unlink('/tmp/avatar' . $userid . '.jpg'); } } } break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }
$type = $_SESSION['grouptype']; } $type = sprintf('%d', $type); ## verify the type is set if (!in_array($type, array_keys($GLOBALS['config']['usergroup_types']))) { Warn('Invalid group membership type' . $type); dbg($type, 'Type not found'); } $columnGroups = explode(',', $value); foreach ($columnGroups as $sGroup) { $sGroup = trim($sGroup); $groupIdReq = Sql_Fetch_Row_Query(sprintf('select id from groups where name = "%s"', $sGroup)); if (empty($groupIdReq[0])) { Sql_Query(sprintf('insert into groups (name) values("%s")', $sGroup)); Warn("Group {$sGroup} added"); $groupIdReq[0] = Sql_Insert_id(); } dbg('Adding to group ' . $sGroup . ' with type ' . $GLOBALS['config']['usergroup_types'][$type]); ## @@ this may cause problems on not-upgraded DBs Sql_Query(sprintf('replace into user_group (userid,groupid,type) values(%d,%d,%d)', $userid, $groupIdReq[0], $type)); } } else { $query .= sprintf('%s = "%s",', $column, $value); } } } if ($query) { $query = substr($query, 0, -1); # this may cause a duplicate error on email, so add ignore Sql_Query("update ignore {$tables["user"]} set {$query} where id = {$userid}"); }
if (is_file($tmpfile)) { unlink($tmpfile); } # do a final check if (filesize($GLOBALS['attachment_repository'] . '/' . $newfile)) { print Info(s('Attachment %d succesfully added', $att_cnt)); } else { print Info(s('Adding attachment %d failed', $att_cnt)); } } else { print Warn($GLOBALS['I18N']->get('Uploaded file not properly received, empty file')); } } elseif (!empty($_POST['localattachment' . $att_cnt])) { $type = findMime(basename($_POST['localattachment' . $att_cnt])); Sql_query(sprintf('insert into %s (remotefile,mimetype,description,size) values("%s","%s","%s",%d)', $tables['attachment'], $_POST['localattachment' . $att_cnt], $type, $description, filesize($_POST['localattachment' . $att_cnt]))); $attachmentid = Sql_Insert_id(); Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $tables['message_attachment'], $id, $attachmentid)); print Info(s('Adding attachment') . ' ' . $att_cnt . " mime: {$type}"); } } } ## when followupto is set, go there if (!empty($_POST['followupto']) && isValidRedirect($_POST['followupto'])) { Header('Location: ' . $_POST['followupto']); exit; } if (!empty($id) && !$send) { if ($savedraft) { $_SESSION['action_result'] = s('Campaign saved as draft'); Header('Location: ./?page=messages&tab=draft'); exit;
function saveUserAttribute($userid, $attid, $data) { global $usertable_prefix, $tables; # workaround for integration webbler/phplist if (!isset($usertable_prefix)) { $usertable_prefix = ''; } if (!empty($tables["attribute"])) { $att_table = $tables["attribute"]; $user_att_table = $tables["user_attribute"]; } else { $att_table = $usertable_prefix . "attribute"; $user_att_table = $usertable_prefix . "user_attribute"; } if ($data["nodbsave"]) { dbg("Not saving {$attid}"); return; } if (strtolower($data) == 'invalid attribute index') { return; } if ($attid == "emailcheck" || $attid == "passwordcheck") { dbg("Not saving {$attid}"); return; } if (!$data["type"]) { $data["type"] = "textline"; } if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') { Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); if ($data["type"] == "password") { Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid)); } return 1; } $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where id = %d', $att_table, $attid)); if (!$attid_req[0]) { $attid_req = Sql_Fetch_Row_Query(sprintf(' select id,type,tablename from %s where name = "%s"', $att_table, $data["name"])); if (!$attid_req[0]) { if ($GLOBALS["config"]["autocreate_attributes"]) { Dbg("Creating new Attribute: " . $data["name"]); sendError("creating new attribute " . $data["name"]); $atttable = getNewAttributeTablename($data["name"]); Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable)); $attid = Sql_Insert_Id(); } else { dbg("Not creating new Attribute: " . $data["name"]); # sendError("Not creating new attribute ".$data["name"]); } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } } else { $attid = $attid_req[0]; $atttable = $attid_req[2]; } if (!$atttable) { $atttable = getNewAttributeTablename($data["name"]); # fix attribute without tablename Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid)); # sendError("Attribute without Tablename $attid"); } switch ($data["type"]) { case "static": case "password": Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid)); break; case "select": $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s where name = "%s"', $atttable, $data["displayvalue"]), 1); if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') { Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"])); sendError("Added " . $data["displayvalue"] . " to {$atttable}"); $valid = Sql_Insert_id(); } else { $valid = $curval[0]; } Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid)); break; default: Sql_Query(sprintf('replace into %s (userid,attributeid,value) values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"])); break; } return 1; }