/**
* GetSegmentByUserID
* This method will return a list of segments that are accessible by the specified user.
* If the parameter $userID is omitted, all segments will be returned
*
* The returned array will contains associated array,
* whereby the array index is the segment id
*
* @param Int $userID User ID (OPTIONAL, default NULL)
* @param Array $sortinfo An array of sorting information - what to sort by and what direction (OPTIONAL)
* @param Boolean $countonly Whether to only get a count of segments, rather than the information.
* @param Int $start Where to start in the list. This is used in conjunction with perpage for paging.
* @param Mixed $perpage How many results to return (Integer or String) (max).
*
* @return Mixed Returns false if it couldn't retrieve segment information. Otherwise returns the count (if specified), or an array of segments.
*
* @uses SENDSTUDIO_TABLEPREFIX
* @uses API::_subQueryCapable()
* @uses Segment_API::_fieldDefaultSort
* @uses Segment_API::_FieldSortable
* @uses Db::AddLimit()
* @uses Db::Query()
* @uses Db::GetError()
* @uses Db::Fetch()
* @uses Db::FreeResult()
*/
function GetSegmentByUserID($userID = null, $sortinfo = array(), $countonly = false, $start=0, $perpage=10)
{
$query = 'SELECT '
. ($countonly? 'COUNT(1) AS count' : '*')
. ' FROM '
. SENDSTUDIO_TABLEPREFIX
. 'segments';
// Constraint by user's permission if user ID is specified
if (!is_null($userID)) {
$userID = intval($userID);
$user = API_USERS::getRecordById($userID);
$query .= ' WHERE ownerid = ' . $userID;
$subQuery = 'SELECT resourceid FROM '
. SENDSTUDIO_TABLEPREFIX
. "usergroups_access WHERE resourcetype='segments' AND "
. "groupid="
. $user->groupid;
if ($this->_subqueryCapable()) {
$query .= ' OR segmentid IN (' . $subQuery . ')';
} else {
$tempResult = $this->Db->Query($subQuery);
if (!$tempResult) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
$tempRow = array();
while (($row = $this->Db->Fetch($tempResult))) {
array_push($tempRow, $row['resourceid']);
}
$this->Db->FreeResult($tempResult);
if (count($tempRow) > 0) {
$query .= ' OR segmentid IN (' . implode(',', $tempRow) . ')';
}
}
}
if (!$countonly) {
// Add sorting to the query
$sortField = $this->_fieldDefaultSort;
$sortDirection = 'asc';
if (isset($sortinfo['SortBy']) && in_array($sortinfo['SortBy'], $this->_fieldSortable)) {
$sortField = strtolower($sortinfo['SortBy']);
}
if ($sortField == 'segmentname') {
$sortField = 'LOWER(segmentname)';
}
if (isset($sortinfo['Direction'])) {
$sortDirection = strtolower(trim($sortinfo['Direction']));
}
$sortDirection = ($sortDirection == 'up' || $sortDirection == 'asc')? ' ASC' : ' DESC';
$query .= ' ORDER BY ' . $sortField . $sortDirection;
// Add limit to the query
if ($perpage != 'all' && ($start || $perpage)) {
$query .= $this->Db->AddLimit($start, $perpage);
}
// Query the database
$lists = array();
$result = $this->Db->Query($query);
if (!$result) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
while (($row = $this->Db->Fetch($result))) {
$row['searchinfo'] = unserialize($row['searchinfo']);
$lists[$row['segmentid']] = $row;
}
$this->Db->FreeResult($result);
return $lists;
} else {
$result = $this->Db->Query($query);
if (!$result) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
$row = $this->Db->Fetch($result);
$count = $row['count'];
$this->Db->FreeResult($result);
return $count;
}
}
/**
* IEM_Menu
* This builds both the nav menu (with the dropdown items) and the text menu links at the top
* It gets the main nav items from SendStudio_Functions::GenerateMenuLinks
* It gets the text menu items from SendStudio_Functions::GenerateTextMenuLinks
*
* It will also see if test-mode is enabled (and display an appropriate message)
* and also generate the right headers at the top (user is logged in as 'X', the current time is 'Y' etc).
*
* <b>Do *not* put any "ParseTemplate" calls inside IEM_Menu as you will cause an infinite loop.</b>
* "ParseTemplate" calls "IEM_Menu" via IEM_DefaultVariables
* Since the header menu has not yet finished building (ie the $menu variable is still null),
* calling IEM_Menu at this stage will then call ParseTemplate (which then calls IEM_Menu).
*
* It returns an array:
* - the first item is the main nav menu (contact lists, contacts, email campaigns etc)
* - the second item is the text menu links at the top of the page (templates, users/manage account, logout etc)
*
* @uses SendStudio_Functions::GenerateMenuLinks
* @uses SendStudio_Functions::GenerateTextMenuLinks
*
* @return Array Returns an array containing the main nav menu (the first item of the array) and the text menu items (the second item of the array).
*/
private function IEM_Menu()
{
static $menu = null;
// we've already built the menu? just return it.
if ($menu !== null) {
return $menu;
}
// see if there is an upgrade required or problem with the lk.
if (!isset($_GET['Page']) || strtolower($_GET['Page']) != 'upgradenx') {
if (IEM::sessionGet('LicenseError')) {
if (!isset($_GET['Page']) || strtolower($_GET['Page']) != 'settings') {
header('Location: index.php?Page=Settings');
exit;
}
}
}
$user = IEM::getCurrentUser();
// we're not logged in? we don't have a menu so just return empty items.
if (!$user) {
$menu = array('', '');
return $menu;
}
$textlinks = SendStudio_Functions::GenerateTextMenuLinks();
$nav_menus = '';
if (!IEM::sessionGet('LicenseError')) {
$nav_menus = SendStudio_Functions::GenerateMenuLinks();
}
$GLOBALS['UsingWYSIWYG'] = '0';
if ($user->Get('usewysiwyg') == 1) {
$GLOBALS['UsingWYSIWYG'] = '1';
}
$adjustedtime = AdjustTime();
$GLOBALS['SystemDateTime'] = sprintf(GetLang('UserDateHeader'), AdjustTime($adjustedtime, false, GetLang('UserDateFormat'), true), $user->Get('usertimezone'));
$name = $user->Get('username');
$fullname = $user->Get('fullname');
if ($fullname != '') {
$name = $fullname;
}
$GLOBALS['UserLoggedInAs'] = sprintf(GetLang('LoggedInAs'), htmlentities($name, ENT_QUOTES, SENDSTUDIO_CHARSET));
$unlimited_total_emails = $user->hasUnlimitedTotalCredit();
if (!$unlimited_total_emails) {
$creditUsed = API_USERS::getRecordById($user->userid)->getUsedCredit();
$creditLeft = (int) $user->group->limit_totalemailslimit - (int) $creditUsed;
$GLOBALS['TotalEmailCredits'] = sprintf(GetLang('User_Total_CreditsLeft'), SendStudio_Functions::FormatNumber($creditLeft));
}
$GLOBALS['MonthlyEmailCredits'] = '';
$unlimited_monthly_emails = $user->hasUnlimitedMonthlyCredit();
if (!$unlimited_monthly_emails) {
$creditUsed = API_USERS::getRecordById($user->userid)->getUsedMonthlyCredit();
$creditLeft = (int) $user->group->limit_emailspermonth - (int) $creditUsed;
$GLOBALS['MonthlyEmailCredits'] = sprintf(GetLang('User_Monthly_CreditsLeft'), SendStudio_Functions::FormatNumber($creditLeft), SendStudio_Functions::FormatNumber($user->group->limit_emailspermonth));
if (!$unlimited_total_emails) {
$GLOBALS['MonthlyEmailCredits'] .= ' |';
}
}
$menu = array($nav_menus, $textlinks);
return $menu;
}
/**
* CheckPermission
* Check if user have access to subscribers
*
* @param Integer $userid User ID that we want to check the permission against
* @param Mixed $subscribers Subscribers ID that needed to be checked against subscriber's permission
* @return Boolean Returns TRUE if user have access, FALSE otherwise
*/
function CheckPermission($userid, $subscribers)
{
$userid = intval($userid);
$user = API_USERS::getRecordById($userid);
$checkedUser = &GetUser($userid);
if ($checkedUser->Admin() || $checkedUser->ListAdmin() || $checkedUser->ListAdminType() == 'a') {
return true;
}
$tablePrefix = SENDSTUDIO_TABLEPREFIX;
if (!is_array($subscribers)) {
$subscribers = array($subscribers);
}
$subscribers = $this->CheckIntVars($subscribers);
$subscribers = array_unique($subscribers);
if (empty($subscribers)) {
return false;
}
$implodedSubscribers = implode(',', $subscribers);
$query = trim("
SELECT
l.ownerid AS ownerid, ac.groupid AS groupid
FROM
{$tablePrefix}list_subscribers AS ls
JOIN {$tablePrefix}lists AS l
ON (
ls.listid = l.listid
AND ls.subscriberid IN ({$implodedSubscribers})
)
LEFT JOIN {$tablePrefix}usergroups_access AS ac
ON (
l.listid = ac.resourceid AND
ac.groupid = {$user->groupid}
)
");
$result = $this->Db->Query($query);
if (!$result) {
list($msg, $errno) = $this->Db->GetError();
trigger_error($msg, $errno);
return false;
}
$row_count = 0;
while ($row = $this->Db->Fetch($result)) {
if ($row['ownerid'] != $userid && $row['groupid'] != $user->groupid) {
$row_count = 0;
break;
}
++$row_count;
}
$this->Db->FreeResult($result);
return ($row_count >= count($subscribers));
}
/**
* GetListByUserID
* Get available lists for a particular user.
* The function will caches it's result in the $GLOBAL variable, which will be refreshed for each request.
* The cache should also be cleared when a list has been saved/created/deleted
*
* The cache is stored in $GLOBALS['Lists_API::GetListByUserID[listCache]']
*
* The following functions in this class will delete the cache in $GLOBALS
* - Create()
* - Copy()
* - Delete()
* - Save()
* - MergeList()
* - DeleteAllSubscribers()
*
* @see Lists_API::Create()
* @see Lists_API::Copy()
* @see Lists_API::Delete()
* @see Lists_API::Save()
* @see Lists_API::DeleteAllSubscribers()
* @see Lists_API::MergeLists()
*
* @param Integer $userid User ID, If user ID is not supplied, it will return all lists (OPTIONAL)
* @param Boolean $getUnconfirmedCount Get unconfirmed count along with the query (OPTIONAL)
* @param Boolean $getAutoresponderCount Get autoresponder count (OPTIONAL)
*
* @return Mixed Returns an array - list of listid's this user has created (or if the user is an admin/listadmin, returns everything), FALSE otherwise.
*/
function GetListByUserID($userid = 0, $getUnconfirmedCount = false, $getAutoresponderCount = true)
{
$userid = intval($userid);
$user = API_USERS::getRecordById($userid);
$key = '_' . $userid . '_' . ($getUnconfirmedCount? '1' : '0');
if (!array_key_exists('Lists_API::GetListByUserID[listCache]', $GLOBALS)) {
$GLOBALS['Lists_API::GetListByUserID[listCache]'] = array();
}
if (!array_key_exists($key, $GLOBALS['Lists_API::GetListByUserID[listCache]'])) {
$tempSelects = array();
$tempTables = array();
$tempWhere = array();
// Add in "list" table
$tempSelects[] = 'list.*';
$tempTables['list'] = "[|PREFIX|]lists AS list";
if ($userid != 0) {
$tempTables['list'] .= "
LEFT JOIN [|PREFIX|]usergroups_access AS access
ON (
list.listid=access.resourceid
AND access.resourcetype = 'lists'
AND access.groupid = {$user->groupid}
)
";
$tempWhere[] = "(list.ownerid = {$userid} OR access.groupid = {$user->groupid})";
}
// Add "autoresponder" table
if ($getAutoresponderCount) {
$tempSelects[] = 'autoresponder.autorespondercount';
$tempTables['list'] .= "
LEFT JOIN (
SELECT a.listid, COUNT(a.listid) AS autorespondercount
FROM [|PREFIX|]autoresponders AS a
GROUP BY a.listid
) AS autoresponder
ON list.listid = autoresponder.listid
";
}
// If we need to get unconfirmed subscriber count, we also need to
// join with list_subscribers table
if ($getUnconfirmedCount) {
$tempSelects[] = 'subscribers.unconfirmedsubscribercount';
$tempTables['list'] .= "
LEFT JOIN (
SELECT listid, COUNT(1) AS unconfirmedsubscribercount
FROM [|PREFIX|]list_subscribers
WHERE
confirmed <> '1'
AND bounced = 0
AND unsubscribeconfirmed <> '1'
GROUP BY listid
) AS subscribers
ON list.listid = subscribers.listid
";
}
$tempQuery = 'SELECT ' . implode(', ', $tempSelects);
$tempQuery .= ' FROM ' . implode(', ', $tempTables);
if (!empty($tempWhere)) {
$tempQuery .= ' WHERE ' . implode(' AND ', $tempWhere);
}
$tempQuery .= ' ORDER BY LOWER(list.name) ASC';
$tempResult = $this->Db->Query($tempQuery);
if (!$tempResult) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
$tempLists = array();
while ($tempRow = $this->Db->Fetch($tempResult)) {
$tempLists[$tempRow['listid']] = $tempRow;
}
$this->Db->FreeResult($tempResult);
// Put list into cache (this will cache the list for the duration of this request)
$GLOBALS['Lists_API::GetListByUserID[listCache]'][$key] = $tempLists;
}
return $GLOBALS['Lists_API::GetListByUserID[listCache]'][$key];
}
/**
* GetRecordsByUserID
* This method will return a list of trigger emails that are accessible by the specified user.
* If the parameter $userID is omitted, all records will be returned
*
* The returned array will contains associated array,
* whereby the array index is the triggeremails id
*
* @param Int $userID User ID (OPTIONAL, default NULL)
* @param Array $sortinfo An array of sorting information - what to sort by and what direction (OPTIONAL)
* @param Boolean $countonly Whether only to return the number of records available, rather than the whole records.
* @param Int $start Where to start in the list. This is used in conjunction with perpage for paging.
* @param Mixed $perpage How many results to return (Integer or String) (max).
*
* @return Mixed Returns false if it couldn't retrieve trigger emails information. Otherwise returns the count (if specified), or an array of trigger emails record.
*
* @uses SENDSTUDIO_TABLEPREFIX
* @uses TriggerEmails_API::_fieldDefaultSort
* @uses TriggerEmails_API::_fieldSortable
* @uses Db::AddLimit()
* @uses Db::Query()
* @uses Db::GetError()
* @uses Db::Fetch()
* @uses Db::FreeResult()
*/
public function GetRecordsByUserID($userID = null, $sortinfo = array(), $countonly=false, $start=0, $perpage=10)
{
$query = 'SELECT ' . ($countonly? 'COUNT(1) AS count' : 't.*')
. ' FROM [|PREFIX|]triggeremails AS t';
// Constraint by user's permission if user ID is specified
if (!empty($userID)) {
$userID = intval($userID);
$user = API_USERS::getRecordById($userID);
$query .= "
WHERE t.ownerid = {$userID}
OR t.triggeremailsid IN (
SELECT resourceid
FROM [|PREFIX|]usergroups_access
WHERE
resourcetype = 'triggeremails' AND
groupid = {$user->groupid}
)
";
}
if (!$countonly) {
// add sorting to the query
$sortField = $this->_fieldDefaultSort;
$sortDirection = 'asc';
if (isset($sortinfo['SortBy']) && in_array($sortinfo['SortBy'], $this->_fieldSortable)) {
$sortField = strtolower($sortinfo['SortBy']);
}
switch ($sortField) {
case 'name':
$sortField = 'LOWER(t.name)';
break;
default:
$sortField = 't.' . $sortField;
break;
}
if (isset($sortinfo['Direction'])) {
$sortDirection = strtolower(trim($sortinfo['Direction']));
}
$sortDirection = ($sortDirection == 'up' || $sortDirection == 'asc')? ' ASC' : ' DESC';
$query .= ' ORDER BY ' . $sortField . $sortDirection;
// Add limit to the query
if ($perpage != 'all' && ($start || $perpage)) {
$query .= $this->Db->AddLimit($start, $perpage);
}
// Query the database
$lists = array();
$result = $this->Db->Query($query);
if (!$result) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
while (($row = $this->Db->Fetch($result))) {
$this->_processRecord($row);
$lists[$row['triggeremailsid']] = $row;
}
$this->Db->FreeResult($result);
return $lists;
} else {
$result = $this->Db->Query($query);
if (!$result) {
list($error, $level) = $this->Db->GetError();
trigger_error($error, $level);
return false;
}
$row = $this->Db->Fetch($result);
$count = $row['count'];
$this->Db->FreeResult($result);
return $count;
}
}
private static function _deleteUser($userid)
{
$user = API_USERS::getRecordById($userid);
$status = array('status' => false, 'data' => array('segments' => false, 'templates' => false, 'usergroups_access' => false, 'usergroups_permissions' => false, 'user_activitylog' => false, 'autoresponders' => false, 'customfields' => false, 'folders' => false, 'triggers' => false, 'jobs_and_queues' => false, 'forms' => false, 'splittests' => false, 'newsletters' => false, 'lists' => false, 'stats' => false, 'users' => false));
// Delete "easy" data (ie. data that can be deleted without processing anything else)
if (($temp = self::_deleteFromSimpleTable('segments', 'ownerid', $userid)) === false) {
return $status;
} else {
$status['data']['segments'] = $temp;
}
if (($temp = self::_deleteFromSimpleTable('templates', 'ownerid', $userid)) === false) {
return $status;
} else {
$status['data']['templates'] = $temp;
}
if (($temp = self::_deleteFromSimpleTable('user_activitylog', 'userid', $userid)) === false) {
return $status;
} else {
$status['data']['user_activitylog'] = $temp;
}
// delete complex data
if (($temp = self::_deleteComplexAutoresponder($userid)) === false) {
return $status;
} else {
$status['data']['autoresponders'] = $temp;
}
if (($temp = self::_deleteComplexCustomFields($userid)) === false) {
return $status;
} else {
$status['data']['customfields'] = $temp;
}
if (($temp = self::_deleteComplexFolders($userid)) === false) {
return $status;
} else {
$status['data']['folders'] = $temp;
}
if (($temp = self::_deleteComplexTriggers($userid)) === false) {
return $status;
} else {
$status['data']['triggers'] = $temp;
}
if (($temp = self::_deleteComplexJobsQueues($userid)) === false) {
return $status;
} else {
$status['data']['jobs_and_queues'] = $temp;
}
if (($temp = self::_deleteComplexForms($userid)) === false) {
return $status;
} else {
$status['data']['forms'] = $temp;
}
if (($temp = self::_deleteComplexSplittests($userid)) === false) {
return $status;
} else {
$status['data']['splittests'] = $temp;
}
if (($temp = self::_deleteComplexNewsletters($userid)) === false) {
return $status;
} else {
$status['data']['newsletters'] = $temp;
}
if (($temp = self::_deleteComplexLists($userid)) === false) {
return $status;
} else {
$status['data']['lists'] = $temp;
}
if (($temp = self::_deleteComplexStats($userid)) === false) {
return $status;
} else {
$status['data']['stats'] = $temp;
}
if (($temp = self::_deleteComplexUsers($userid)) === false) {
return $status;
} else {
$status['data']['users'] = $temp;
}
$status['status'] = true;
return $status;
}