/** * PrintEditForm * Prints a form to edit a user. If you pass in a userid, it will load up that user and print their information. If you pass in the details array, it will prefill the form with that information (eg if you tried to create a user with a duplicate username). Also checks whether you are allowed to edit this user. If you are not an admin, you are only allowed to edit your own account. * * @param Int $userid Userid to load up. * @param Array $details Details to prefill the form with (in case there was a problem creating the user). * * @see User_API::Admin * @see User_API::Status * @see User_API::ListAdmin * @see User_API::EditOwnSettings * @see GetUser * * @return Void Returns nothing. If you don't have access to edit a particular user, it prints an error message and exits. Otherwise it prints the correct form (either edit-own or edit) and then exits. */ function PrintEditForm($userid = 0, $details = array()) { $thisuser = IEM::getCurrentUser(); if (!$thisuser->UserAdmin()) { if ($userid != $thisuser->userid) { $this->DenyAccess(); } if (!$thisuser->EditOwnSettings()) { $this->DenyAccess(); } } $user = $this->GetApi('User'); $listapi = $this->GetApi('Lists'); $all_lists = $listapi->GetLists(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0); $segmentapi = $this->GetApi('Segment'); $all_segments = $segmentapi->GetSegments(array('SortBy' => 'segmentname', 'Direction' => 'asc'), false, 0, 'all'); $templateapi = $this->GetApi('Templates'); $all_templates = $templateapi->GetTemplates(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0); $all_groups = API_USERGROUPS::getRecords(false, false, 0, 0, 'groupname'); $GLOBALS['CustomSmtpServer_Display'] = '0'; $GLOBALS['XmlPath'] = SENDSTUDIO_APPLICATION_URL . '/xml.php'; if ($userid > 0) { $user = GetUser($userid); if ($user->Get('userid') <= 0) { $GLOBALS['ErrorMessage'] = GetLang('UserDoesntExist'); $this->DenyAccess(); return; } $GLOBALS['UserID'] = $user->Get('userid'); $GLOBALS['UserName'] = htmlspecialchars($user->Get('username'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['FullName'] = htmlspecialchars($user->Get('fullname'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['EmailAddress'] = htmlspecialchars($user->Get('emailaddress'), ENT_QUOTES, SENDSTUDIO_CHARSET); $activity = $user->GetEventActivityType(); if (!is_array($activity)) { $activity = array(); } $GLOBALS['EventActivityType'] = implode("\n", $activity); $GLOBALS['MaxLists'] = $user->group->limit_list; $GLOBALS['MaxEmails'] = $user->group->limit_totalemailslimit; $GLOBALS['PerMonth'] = $user->group->limit_emailspermonth; $GLOBALS['PerHour'] = $user->group->limit_hourlyemailsrate; $GLOBALS['DisplayMaxLists'] = ''; if ($user->Get('maxlists') == 0) { $GLOBALS['LimitListsChecked'] = ' CHECKED'; $GLOBALS['DisplayMaxLists'] = 'none'; } $GLOBALS['DisplayEmailsPerHour'] = ''; if ($user->Get('perhour') == 0) { $GLOBALS['LimitPerHourChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsPerHour'] = 'none'; } $GLOBALS['DisplayEmailsPerMonth'] = ''; if ($user->Get('permonth') == 0) { $GLOBALS['LimitPerMonthChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsPerMonth'] = 'none'; } $GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED'; $GLOBALS['DisplayEmailsMaxEmails'] = 'none'; if (!$user->hasUnlimitedCredit()) { $GLOBALS['LimitMaximumEmailsChecked'] = ''; $GLOBALS['DisplayEmailsMaxEmails'] = ''; } if ($user->Get('usewysiwyg')) { $GLOBALS['UseWysiwyg'] = ' CHECKED'; $GLOBALS['UseXHTMLDisplay'] = ' style="display:block;"'; } else { $GLOBALS['UseXHTMLDisplay'] = ' style="display:none;"'; } if ($user->Get('enableactivitylog')) { $GLOBALS['EnableActivityLog'] = ' CHECKED'; } else { $GLOBALS['EnableActivityLog'] = ''; } $GLOBALS['UseXHTMLCheckbox'] = $user->Get('usexhtml')? ' CHECKED' : ''; $GLOBALS['Xmlapi'] = $user->Get('xmlapi')? ' CHECKED' : ''; $GLOBALS['XMLTokenDisplay'] = ' style="display:none;"'; if ($user->Get('xmlapi')) { $GLOBALS['XMLTokenDisplay'] = ' style="display:block;"'; } $GLOBALS['XmlToken'] = htmlspecialchars($user->Get('xmltoken'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['TextFooter'] = $user->Get('textfooter'); $GLOBALS['HTMLFooter'] = $user->Get('htmlfooter'); $GLOBALS['SmtpServer'] = $user->Get('smtpserver'); $GLOBALS['SmtpUsername'] = $user->Get('smtpusername'); $GLOBALS['SmtpPassword'] = $user->Get('smtppassword'); $GLOBALS['SmtpPort'] = $user->Get('smtpport'); if ($GLOBALS['SmtpServer']) { $GLOBALS['CustomSmtpServer_Display'] = '1'; } $GLOBALS['googlecalendarusername'] = htmlspecialchars($user->Get('googlecalendarusername'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['googlecalendarpassword'] = htmlspecialchars($user->Get('googlecalendarpassword'), ENT_QUOTES, SENDSTUDIO_CHARSET); $GLOBALS['FormAction'] = 'Action=Save&UserID=' . $user->userid; if (!$thisuser->UserAdmin()) { $smtp_access = $thisuser->HasAccess('User', 'SMTP'); $GLOBALS['ShowSMTPInfo'] = 'none'; $GLOBALS['DisplaySMTP'] = '0'; if ($smtp_access) { $GLOBALS['ShowSMTPInfo'] = ''; } if ($GLOBALS['SmtpServer']) { $GLOBALS['CustomSmtpServer_Display'] = '1'; if ($smtp_access) { $GLOBALS['DisplaySMTP'] = '1'; } } $this->ParseTemplate('User_Edit_Own'); return; } $GLOBALS['StatusChecked'] = ($user->Status()) ? ' CHECKED' : ''; $GLOBALS['ForceDoubleOptInChecked'] = ($user->Get('forcedoubleoptin')) ? ' CHECKED' : ''; $GLOBALS['ForceSpamCheckChecked'] = ($user->Get('forcespamcheck')) ? ' CHECKED' : ''; $GLOBALS['InfoTipsChecked'] = ($user->InfoTips()) ? ' CHECKED' : ''; $editown = ''; if ($user->UserAdmin()) { $editown = ' CHECKED'; } else { if ($user->EditOwnSettings()) { $editown = ' CHECKED'; } } $GLOBALS['EditOwnSettingsChecked'] = $editown; $timezone = $user->usertimezone; $GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone); $admintype = $user->AdminType(); $listadmintype = $user->ListAdminType(); $segmentadmintype = $user->SegmentAdminType(); $templateadmintype = $user->TemplateAdminType(); $admin = $user->Admin(); $listadmin = $user->ListAdmin(); $segmentadmin = $user->SegmentAdmin(); $templateadmin = $user->TemplateAdmin(); $permissions = $user->Get('permissions'); $area_access = $user->Get('access'); $GLOBALS['Heading'] = GetLang('EditUser'); $GLOBALS['Help_Heading'] = GetLang('Help_EditUser'); $GLOBALS['AdminNotifyEmailAddress'] = $user->Get('adminnotify_email'); if (empty($GLOBALS['AdminNotifyEmailAddress'])) { $GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS'); } $GLOBALS['AdminNotifications_Send_Email'] = $user->Get('adminnotify_send_emailtext'); if (empty($GLOBALS['AdminNotifications_Send_Email'])) { $GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email'); } $GLOBALS['AdminNotifications_Import_Email'] = $user->Get('adminnotify_import_emailtext'); if (empty($GLOBALS['AdminNotifications_Import_Email'])) { $GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email'); } $GLOBALS['SendLimit'] = $user->Get('adminnotify_send_threshold'); $GLOBALS['ImportLimit'] = $user->Get('adminnotify_import_threshold'); if (empty($GLOBALS['SendLimit'])) { $GLOBALS['SendLimit'] = 1000; } if (empty($GLOBALS['ImportLimit'])) { $GLOBALS['ImportLimit'] = 1000; } $admin_flag = $user->Get('adminnotify_send_flag'); if ($user->Get('adminnotify_send_flag') == 1) { $GLOBALS['AdminNotificationsSend'] = 'CHECKED'; $GLOBALS['UseNotifySend'] = ''; } else { $GLOBALS['UseNotifySend'] = "style=display:none;"; } if ($user->Get('adminnotify_import_flag') == 1) { $GLOBALS['AdminNotificationsImport'] = 'CHECKED'; $GLOBALS['UseNotifyImport'] = ''; } else { $GLOBALS['UseNotifyImport'] = "style=display:none;"; } $GLOBALS['SmtpPort'] = $user->Get('smtpport'); // Log this to "User Activity Log" IEM::logUserActivity(IEM::urlFor('users', array('Action' => 'Edit', 'UserID' => $userid)), 'images/user.gif', $user->username); } else { $timezone = (isset($details['timezone'])) ? $details['timezone'] : SENDSTUDIO_SERVERTIMEZONE; $GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone); $activity = $thisuser->defaultEventActivityType; if (!is_array($activity)) { $activity = array(); } $GLOBALS['EventActivityType'] = implode("\n", $activity); $GLOBALS['FormAction'] = 'Action=Create'; if (!empty($details)) { foreach ($details as $area => $val) { $GLOBALS[$area] = $val; } } $GLOBALS['Heading'] = GetLang('CreateUser'); $GLOBALS['Help_Heading'] = GetLang('Help_CreateUser'); $listadmintype = 'c'; $segmentadmintype = 'c'; $admintype = 'c'; $templateadmintype = 'c'; $GLOBALS['DisplayMaxLists'] = 'none'; $GLOBALS['DisplayEmailsPerHour'] = 'none'; $GLOBALS['DisplayEmailsPerMonth'] = 'none'; $GLOBALS['DisplayEmailsMaxEmails'] = 'none'; $GLOBALS['MaxLists'] = '0'; $GLOBALS['PerHour'] = '0'; $GLOBALS['PerMonth'] = '0'; $GLOBALS['MaxEmails'] = '0'; $GLOBALS['StatusChecked'] = ' CHECKED'; $GLOBALS['ForceDoubleOptInChecked'] = ''; $GLOBALS['ForceSpamCheckChecked'] = ''; $GLOBALS['InfoTipsChecked'] = ' CHECKED'; $GLOBALS['EditOwnSettingsChecked'] = ' CHECKED'; $GLOBALS['LimitListsChecked'] = ' CHECKED'; $GLOBALS['LimitPerHourChecked'] = ' CHECKED'; $GLOBALS['LimitPerMonthChecked'] = ' CHECKED'; $GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED'; $GLOBALS['UseWysiwyg'] = ' CHECKED'; $GLOBALS['EnableLastViewed'] = ''; $GLOBALS['UseXHTMLCheckbox'] = ' CHECKED'; $GLOBALS['HTMLFooter'] = GetLang('Default_Global_HTML_Footer'); $GLOBALS['TextFooter'] = GetLang('Default_Global_Text_Footer'); $GLOBALS['EnableActivityLog'] = ' CHECKED'; $GLOBALS['Xmlapi'] = ''; $GLOBALS['XMLTokenDisplay'] = ' style="display:none;"'; $admin = $listadmin = $segmentadmin = $templateadmin = false; $permissions = array(); $area_access = array('lists' => array(), 'templates' => array(), 'segments' => array()); $GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS'); $GLOBALS['UseNotifySend'] = "style=display:none;"; $GLOBALS['UseNotifyImport'] = "style=display:none;"; $GLOBALS['SendLimit'] = 1000; $GLOBALS['ImportLimit'] = 1000; $GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email'); $GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email'); } $agencyid = defined('IEM_SYSTEM_LICENSE_AGENCY') ? IEM_SYSTEM_LICENSE_AGENCY : ''; $available_users = $user->AvailableUsers(); $template = GetTemplateSystem(); $template->Assign('UserID', $user->userid); $template->Assign('groupid', $user->groupid); $template->Assign('canChangeUserGroup', !$user->isLastAdmin()); $template->Assign('AgencyEdition', get_agency_license_variables()); $template->Assign('EditOwn', ($user->userid != 0 && $user->userid == $thisuser->userid)); $template->Assign('TrialUser', $user->trialuser); $template->Assign('EditMode', !empty($user->userid)); $template->Assign('AvailableNormalUsers', isset($available_users['normal']) ? $available_users['normal'] : 0); $template->Assign('AvailableTrialUsers', isset($available_users['trial']) ? $available_users['trial'] : 0); $template->Assign('AvailableGroups', $all_groups); $template->Assign('record_groupid', $user->groupid); $template->Assign('DefaultIdTab', IEM::requestGetPOST('id_tab_num', 1, 'intval')); $template->Assign('showSmtpInfo', (bool) $user->smtpserver); $template->ParseTemplate('User_Form'); }
public function page_saveRecord() { $record = IEM::requestGetPOST('record', array()); $record['groupname'] = htmlspecialchars($record['groupname']); $created = ((IEM::ifsetor($record['groupid'], 0, 'intval') == 0) ? true : false); /* * Transform the permission so that it will be recognized by the API */ $permissions = IEM::ifsetor($record['permissions'], array()); $new_permissions = array(); if (!is_array($permissions)) { $permissions = array(); } if (!empty($permissions)) { foreach ($permissions as $each) { $temp = explode('.', $each); // This can only handle 2 level permissions, // ie. autoresponders.create, autoresponders.delete, autoresponders.edit // will become $permissions['autoresponders'] = array('create', 'delete', 'edit'); if (count($temp) != 2) { continue; } if (!isset($new_permissions[$temp[0]])) { $new_permissions[$temp[0]] = array(); } $new_permissions[$temp[0]][] = $temp[1]; } } $record['permissions'] = $new_permissions; if (empty($record)) { return $this->page_createGroup($record); } // Check if "Request Token" matches // This tries to prevent CSRF $token = IEM::sessionGet('UsersGroups_Editor_RequestToken', false); if (!$token || $token != IEM::requestGetPOST('requestToken', false)) { return $this->page_createGroup($record); } $status = API_USERGROUPS::saveRecord($record); if (!$status) { FlashMessage(GetLang('UsersGroups_From_Error_CannotSave'), SS_FLASH_MSG_ERROR); return $this->printEditor($record); } $messageVariable = 'UsersGroups_From_Success_Saved'; if ($created) { $messageVariable = 'UsersGroups_From_Success_Created'; } FlashMessage(GetLang($messageVariable), SS_FLASH_MSG_SUCCESS, IEM::urlFor('UsersGroups')); }
/** * Automates relationship property setting. * * Automatically loads a relationship based on which property is accessed. * If the db class was better we could automate this process for one-to-one * one-to-many, many-to-one and many-to-many relationships. * * @param string $name The name of the variable to get. * * @return mixed; */ public function __get($name) { switch ($name) { case 'group': if (!isset($this->group)) { $this->group = (object) API_USERGROUPS::getRecordById($this->groupid); } return $this->group; break; } }
/** * Returns the group associated to the current user. * * @return record_UserGroups */ public function getGroup() { return API_USERGROUPS::getRecordById($this->groupid); }
/** * Evaluate credit warning conditions * * This method will evaluate credit warnings for a particular user. * It will dispatch warning emails accrodingly. * * @param record_Users|integer $user User record object or user ID * @return boolean Returns TRUE if successful, FALSE otherwise * * @todo fixed credits does not have warnings yet */ public static function creditEvaluateWarnings($user) { $userobject = null; $warnings = null; $this_month = mktime(0, 0, 0, date('n'), 1, date('Y')); $credit_left = null; // ----- PRE if ($user instanceof record_Users) { $userobject = $user; } else { $userobject = self::getRecordByID($user); } if (empty($userobject)) { trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- User is not specified', E_USER_NOTICE); return false; } // ----- // Credit warnings are not enabled if (!SENDSTUDIO_CREDIT_WARNINGS) { return true; } require_once IEM_PUBLIC_PATH . '/functions/api/settings.php'; $tempSettingsAPI = new Settings_API(); $warnings = $tempSettingsAPI->GetCreditWarningsSettings(); // Does not hany any warnings setup? Well... we can't continue then. if (empty($warnings)) { return true; } $credit_left = self::creditAvailableTotal($userobject); //unlimited credit if ($credit_left === true) { return true; } $whichlevel = self::creditWhichWarning($userobject, $credit_left, $warnings); // If $whichlevel contains FALSE, that means there was something wrong // when trying to figure out which warning level it should send out. if ($whichlevel === false) { return true; } $userGroup = API_USERGROUPS::getRecordById($userobject->groupid); if (!isset($userGroup['limit_emailspermonth'])) { return false; } $userobject_permonth = (int) $userGroup['limit_emailspermonth']; $fixed = self::creditAvailableFixed($userobject); $monthly = self::creditAvailableThisMonth($userobject); if ($fixed === true) { $userobject_permonth = $monthly; } elseif ($monthly === true) { $userobject_permonth = $fixed; } if (!empty($whichlevel)) { $tempNames = explode(' ', $userobject->fullname); $tempLastName = array_pop($tempNames); $tempFirstName = implode(' ', $tempNames); $available_custom_fields_key = array('%%user_fullname%%', '%%user_firstname%%', '%%user_lastname%%', '%%credit_total%%', '%%credit_remains%%', '%%credit_remains_precentage%%', '%%credit_used%%', '%%credit_used_percentage%%'); $available_custom_fields_value = array($userobject->fullname, $tempFirstName, $tempLastName, $userobject_permonth, intval($userobject_permonth * ($credit_left / 100)), intval($credit_left), intval($userobject_permonth * ((100 - $credit_left) / 100)), intval(100 - $credit_left)); $email_contents = str_replace($available_custom_fields_key, $available_custom_fields_value, $whichlevel['emailcontents']); $email_subject = str_replace($available_custom_fields_key, $available_custom_fields_value, $whichlevel['emailsubject']); // ----- We found which warnings it is that we want to send out require_once IEM_PATH . '/ext/interspire_email/email.php'; $emailapi = new Email_API(); $emailapi->SetSmtp(SENDSTUDIO_SMTP_SERVER, SENDSTUDIO_SMTP_USERNAME, @base64_decode(SENDSTUDIO_SMTP_PASSWORD), SENDSTUDIO_SMTP_PORT); if ($userobject->smtpserver) { $emailapi->SetSmtp($userobject->smtpserver, $userobject->smtpusername, $userobject->smtppassword, $userobject->smtpport); } $emailapi->ClearRecipients(); $emailapi->ForgetEmail(); $emailapi->Set('forcechecks', false); $emailapi->AddRecipient($userobject->emailaddress, $userobject->fullname, 't'); $emailapi->Set('FromName', false); $emailapi->Set('FromAddress', defined('SENDSTUDIO_EMAIL_ADDRESS') ? SENDSTUDIO_EMAIL_ADDRESS : $userobject->emailaddress); $emailapi->Set('BounceAddress', SENDSTUDIO_EMAIL_ADDRESS); $emailapi->Set('CharSet', SENDSTUDIO_CHARSET); $emailapi->Set('Subject', $email_subject); $emailapi->AddBody('text', $email_contents); $status = $emailapi->Send(); if ($status['success'] != 1) { trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Was not able to send email: ' . serialize($status['failed']), E_USER_NOTICE); return false; } // ----- // ----- Update user record $db = IEM::getDatabase(); $status = $db->Query("UPDATE [|PREFIX|]users SET credit_warning_time = {$this_month}, credit_warning_percentage = {$whichlevel['creditlevel']} WHERE userid = {$userobject->userid}"); // Update user object in session // FIXME, we really need to make a special getter/setter for this $current_user = IEM::getCurrentUser(); if ($current_user && $current_user->userid == $userobject->userid) { $current_user->credit_warning_time = $this_month; $current_user->credit_warning_percentage = $whichlevel['creditlevel']; } // ----- } return true; }