/**
* Disguise action
*
* Administrator is able to disguise (and login) as other users.
* This method will facilitate this functionalities.
*
* TODO better PHPDOC
*/
public function page_disguise()
{
// newUserID variable need to be passed in as a POST variable
$reqUserID = IEM::requestGetPOST('newUserID', 0, 'intval');
if (empty($reqUserID)) {
IEM::redirectTo('index');
return false;
}
// Attempt to login user with different ID
if (!IEM::userLogin($reqUserID, false)) {
IEM::redirectTo('index');
return false;
}
IEM::redirectTo('index');
return true;
}
/**
* PrintEditForm
* Prints a form to edit a user. If you pass in a userid, it will load up that user and print their information. If you pass in the details array, it will prefill the form with that information (eg if you tried to create a user with a duplicate username). Also checks whether you are allowed to edit this user. If you are not an admin, you are only allowed to edit your own account.
*
* @param Int $userid Userid to load up.
* @param Array $details Details to prefill the form with (in case there was a problem creating the user).
*
* @see User_API::Admin
* @see User_API::Status
* @see User_API::ListAdmin
* @see User_API::EditOwnSettings
* @see GetUser
*
* @return Void Returns nothing. If you don't have access to edit a particular user, it prints an error message and exits. Otherwise it prints the correct form (either edit-own or edit) and then exits.
*/
function PrintEditForm($userid = 0, $details = array())
{
$thisuser = IEM::getCurrentUser();
if (!$thisuser->UserAdmin()) {
if ($userid != $thisuser->userid) {
$this->DenyAccess();
}
if (!$thisuser->EditOwnSettings()) {
$this->DenyAccess();
}
}
$user = $this->GetApi('User');
$listapi = $this->GetApi('Lists');
$all_lists = $listapi->GetLists(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0);
$segmentapi = $this->GetApi('Segment');
$all_segments = $segmentapi->GetSegments(array('SortBy' => 'segmentname', 'Direction' => 'asc'), false, 0, 'all');
$templateapi = $this->GetApi('Templates');
$all_templates = $templateapi->GetTemplates(0, array('SortBy' => 'name', 'Direction' => 'asc'), false, 0, 0);
$all_groups = API_USERGROUPS::getRecords(false, false, 0, 0, 'groupname');
$GLOBALS['CustomSmtpServer_Display'] = '0';
$GLOBALS['XmlPath'] = SENDSTUDIO_APPLICATION_URL . '/xml.php';
if ($userid > 0) {
$user = GetUser($userid);
if ($user->Get('userid') <= 0) {
$GLOBALS['ErrorMessage'] = GetLang('UserDoesntExist');
$this->DenyAccess();
return;
}
$GLOBALS['UserID'] = $user->Get('userid');
$GLOBALS['UserName'] = htmlspecialchars($user->Get('username'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['FullName'] = htmlspecialchars($user->Get('fullname'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['EmailAddress'] = htmlspecialchars($user->Get('emailaddress'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$activity = $user->GetEventActivityType();
if (!is_array($activity)) {
$activity = array();
}
$GLOBALS['EventActivityType'] = implode("\n", $activity);
$GLOBALS['MaxLists'] = $user->group->limit_list;
$GLOBALS['MaxEmails'] = $user->group->limit_totalemailslimit;
$GLOBALS['PerMonth'] = $user->group->limit_emailspermonth;
$GLOBALS['PerHour'] = $user->group->limit_hourlyemailsrate;
$GLOBALS['DisplayMaxLists'] = '';
if ($user->Get('maxlists') == 0) {
$GLOBALS['LimitListsChecked'] = ' CHECKED';
$GLOBALS['DisplayMaxLists'] = 'none';
}
$GLOBALS['DisplayEmailsPerHour'] = '';
if ($user->Get('perhour') == 0) {
$GLOBALS['LimitPerHourChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsPerHour'] = 'none';
}
$GLOBALS['DisplayEmailsPerMonth'] = '';
if ($user->Get('permonth') == 0) {
$GLOBALS['LimitPerMonthChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsPerMonth'] = 'none';
}
$GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED';
$GLOBALS['DisplayEmailsMaxEmails'] = 'none';
if (!$user->hasUnlimitedCredit()) {
$GLOBALS['LimitMaximumEmailsChecked'] = '';
$GLOBALS['DisplayEmailsMaxEmails'] = '';
}
if ($user->Get('usewysiwyg')) {
$GLOBALS['UseWysiwyg'] = ' CHECKED';
$GLOBALS['UseXHTMLDisplay'] = ' style="display:block;"';
} else {
$GLOBALS['UseXHTMLDisplay'] = ' style="display:none;"';
}
if ($user->Get('enableactivitylog')) {
$GLOBALS['EnableActivityLog'] = ' CHECKED';
} else {
$GLOBALS['EnableActivityLog'] = '';
}
$GLOBALS['UseXHTMLCheckbox'] = $user->Get('usexhtml')? ' CHECKED' : '';
$GLOBALS['Xmlapi'] = $user->Get('xmlapi')? ' CHECKED' : '';
$GLOBALS['XMLTokenDisplay'] = ' style="display:none;"';
if ($user->Get('xmlapi')) {
$GLOBALS['XMLTokenDisplay'] = ' style="display:block;"';
}
$GLOBALS['XmlToken'] = htmlspecialchars($user->Get('xmltoken'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['TextFooter'] = $user->Get('textfooter');
$GLOBALS['HTMLFooter'] = $user->Get('htmlfooter');
$GLOBALS['SmtpServer'] = $user->Get('smtpserver');
$GLOBALS['SmtpUsername'] = $user->Get('smtpusername');
$GLOBALS['SmtpPassword'] = $user->Get('smtppassword');
$GLOBALS['SmtpPort'] = $user->Get('smtpport');
if ($GLOBALS['SmtpServer']) {
$GLOBALS['CustomSmtpServer_Display'] = '1';
}
$GLOBALS['googlecalendarusername'] = htmlspecialchars($user->Get('googlecalendarusername'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['googlecalendarpassword'] = htmlspecialchars($user->Get('googlecalendarpassword'), ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['FormAction'] = 'Action=Save&UserID=' . $user->userid;
if (!$thisuser->UserAdmin()) {
$smtp_access = $thisuser->HasAccess('User', 'SMTP');
$GLOBALS['ShowSMTPInfo'] = 'none';
$GLOBALS['DisplaySMTP'] = '0';
if ($smtp_access) {
$GLOBALS['ShowSMTPInfo'] = '';
}
if ($GLOBALS['SmtpServer']) {
$GLOBALS['CustomSmtpServer_Display'] = '1';
if ($smtp_access) {
$GLOBALS['DisplaySMTP'] = '1';
}
}
$this->ParseTemplate('User_Edit_Own');
return;
}
$GLOBALS['StatusChecked'] = ($user->Status()) ? ' CHECKED' : '';
$GLOBALS['ForceDoubleOptInChecked'] = ($user->Get('forcedoubleoptin')) ? ' CHECKED' : '';
$GLOBALS['ForceSpamCheckChecked'] = ($user->Get('forcespamcheck')) ? ' CHECKED' : '';
$GLOBALS['InfoTipsChecked'] = ($user->InfoTips()) ? ' CHECKED' : '';
$editown = '';
if ($user->UserAdmin()) {
$editown = ' CHECKED';
} else {
if ($user->EditOwnSettings()) {
$editown = ' CHECKED';
}
}
$GLOBALS['EditOwnSettingsChecked'] = $editown;
$timezone = $user->usertimezone;
$GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone);
$admintype = $user->AdminType();
$listadmintype = $user->ListAdminType();
$segmentadmintype = $user->SegmentAdminType();
$templateadmintype = $user->TemplateAdminType();
$admin = $user->Admin();
$listadmin = $user->ListAdmin();
$segmentadmin = $user->SegmentAdmin();
$templateadmin = $user->TemplateAdmin();
$permissions = $user->Get('permissions');
$area_access = $user->Get('access');
$GLOBALS['Heading'] = GetLang('EditUser');
$GLOBALS['Help_Heading'] = GetLang('Help_EditUser');
$GLOBALS['AdminNotifyEmailAddress'] = $user->Get('adminnotify_email');
if (empty($GLOBALS['AdminNotifyEmailAddress'])) {
$GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS');
}
$GLOBALS['AdminNotifications_Send_Email'] = $user->Get('adminnotify_send_emailtext');
if (empty($GLOBALS['AdminNotifications_Send_Email'])) {
$GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email');
}
$GLOBALS['AdminNotifications_Import_Email'] = $user->Get('adminnotify_import_emailtext');
if (empty($GLOBALS['AdminNotifications_Import_Email'])) {
$GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email');
}
$GLOBALS['SendLimit'] = $user->Get('adminnotify_send_threshold');
$GLOBALS['ImportLimit'] = $user->Get('adminnotify_import_threshold');
if (empty($GLOBALS['SendLimit'])) {
$GLOBALS['SendLimit'] = 1000;
}
if (empty($GLOBALS['ImportLimit'])) {
$GLOBALS['ImportLimit'] = 1000;
}
$admin_flag = $user->Get('adminnotify_send_flag');
if ($user->Get('adminnotify_send_flag') == 1) {
$GLOBALS['AdminNotificationsSend'] = 'CHECKED';
$GLOBALS['UseNotifySend'] = '';
} else {
$GLOBALS['UseNotifySend'] = "style=display:none;";
}
if ($user->Get('adminnotify_import_flag') == 1) {
$GLOBALS['AdminNotificationsImport'] = 'CHECKED';
$GLOBALS['UseNotifyImport'] = '';
} else {
$GLOBALS['UseNotifyImport'] = "style=display:none;";
}
$GLOBALS['SmtpPort'] = $user->Get('smtpport');
// Log this to "User Activity Log"
IEM::logUserActivity(IEM::urlFor('users', array('Action' => 'Edit', 'UserID' => $userid)), 'images/user.gif', $user->username);
} else {
$timezone = (isset($details['timezone'])) ? $details['timezone'] : SENDSTUDIO_SERVERTIMEZONE;
$GLOBALS['TimeZoneList'] = $this->TimeZoneList($timezone);
$activity = $thisuser->defaultEventActivityType;
if (!is_array($activity)) {
$activity = array();
}
$GLOBALS['EventActivityType'] = implode("\n", $activity);
$GLOBALS['FormAction'] = 'Action=Create';
if (!empty($details)) {
foreach ($details as $area => $val) {
$GLOBALS[$area] = $val;
}
}
$GLOBALS['Heading'] = GetLang('CreateUser');
$GLOBALS['Help_Heading'] = GetLang('Help_CreateUser');
$listadmintype = 'c';
$segmentadmintype = 'c';
$admintype = 'c';
$templateadmintype = 'c';
$GLOBALS['DisplayMaxLists'] = 'none';
$GLOBALS['DisplayEmailsPerHour'] = 'none';
$GLOBALS['DisplayEmailsPerMonth'] = 'none';
$GLOBALS['DisplayEmailsMaxEmails'] = 'none';
$GLOBALS['MaxLists'] = '0';
$GLOBALS['PerHour'] = '0';
$GLOBALS['PerMonth'] = '0';
$GLOBALS['MaxEmails'] = '0';
$GLOBALS['StatusChecked'] = ' CHECKED';
$GLOBALS['ForceDoubleOptInChecked'] = '';
$GLOBALS['ForceSpamCheckChecked'] = '';
$GLOBALS['InfoTipsChecked'] = ' CHECKED';
$GLOBALS['EditOwnSettingsChecked'] = ' CHECKED';
$GLOBALS['LimitListsChecked'] = ' CHECKED';
$GLOBALS['LimitPerHourChecked'] = ' CHECKED';
$GLOBALS['LimitPerMonthChecked'] = ' CHECKED';
$GLOBALS['LimitMaximumEmailsChecked'] = ' CHECKED';
$GLOBALS['UseWysiwyg'] = ' CHECKED';
$GLOBALS['EnableLastViewed'] = '';
$GLOBALS['UseXHTMLCheckbox'] = ' CHECKED';
$GLOBALS['HTMLFooter'] = GetLang('Default_Global_HTML_Footer');
$GLOBALS['TextFooter'] = GetLang('Default_Global_Text_Footer');
$GLOBALS['EnableActivityLog'] = ' CHECKED';
$GLOBALS['Xmlapi'] = '';
$GLOBALS['XMLTokenDisplay'] = ' style="display:none;"';
$admin = $listadmin = $segmentadmin = $templateadmin = false;
$permissions = array();
$area_access = array('lists' => array(), 'templates' => array(), 'segments' => array());
$GLOBALS['AdminNotifyEmailAddress'] = constant('SENDSTUDIO_EMAIL_ADDRESS');
$GLOBALS['UseNotifySend'] = "style=display:none;";
$GLOBALS['UseNotifyImport'] = "style=display:none;";
$GLOBALS['SendLimit'] = 1000;
$GLOBALS['ImportLimit'] = 1000;
$GLOBALS['AdminNotifications_Send_Email'] = GetLang('AdminNotifications_Send_Email');
$GLOBALS['AdminNotifications_Import_Email'] = GetLang('AdminNotifications_Import_Email');
}
$agencyid = defined('IEM_SYSTEM_LICENSE_AGENCY') ? IEM_SYSTEM_LICENSE_AGENCY : '';
$available_users = $user->AvailableUsers();
$template = GetTemplateSystem();
$template->Assign('UserID', $user->userid);
$template->Assign('groupid', $user->groupid);
$template->Assign('canChangeUserGroup', !$user->isLastAdmin());
$template->Assign('AgencyEdition', get_agency_license_variables());
$template->Assign('EditOwn', ($user->userid != 0 && $user->userid == $thisuser->userid));
$template->Assign('TrialUser', $user->trialuser);
$template->Assign('EditMode', !empty($user->userid));
$template->Assign('AvailableNormalUsers', isset($available_users['normal']) ? $available_users['normal'] : 0);
$template->Assign('AvailableTrialUsers', isset($available_users['trial']) ? $available_users['trial'] : 0);
$template->Assign('AvailableGroups', $all_groups);
$template->Assign('record_groupid', $user->groupid);
$template->Assign('DefaultIdTab', IEM::requestGetPOST('id_tab_num', 1, 'intval'));
$template->Assign('showSmtpInfo', (bool) $user->smtpserver);
$template->ParseTemplate('User_Form');
}
/**
* Process
* Works out what you're trying to do and takes appropriate action.
* Checks to make sure you have access to import subscribers before anything else.
*
* @param String $action Action to perform. This is usually 'step1', 'step2', 'step3' etc. This gets passed in by the Subscribers::Process function.
*
* @see Subscribers::Process
* @see GetUser
* @see User_API::HasAccess
* @see ChooseList
* @see ImportSubscribers_Step2
* @see FileGetLine
* @see ImportSubscriberLine
* @see PrintStatusReport
* @see LinkFields
*
* @return Void Prints out the step, doesn't return anything.
*/
function Process($action=null)
{
$user = GetUser();
$this->PrintHeader(false, false, false);
if (!is_null($action)) {
$action = strtolower($action);
}
switch ($action) {
case 'view_report':
$importresults = IEM::sessionGet('ImportResults');
$report_type = (isset($_GET['ReportType'])) ? strtolower($_GET['ReportType']) : null;
switch ($report_type) {
case 'duplicates':
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Duplicates_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Duplicates_Intro');
$email_list = '';
foreach ($importresults['duplicateemails'] as $p => $email) {
$email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n";
}
$GLOBALS['EmailList'] = $email_list;
break;
case 'unsubscribes':
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Unsubscribed_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Unsubscribed_Intro');
$email_list = '';
foreach ($importresults['unsubscribedemails'] as $p => $email) {
$email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n";
}
$GLOBALS['EmailList'] = $email_list;
break;
case 'bans':
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Banned_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Banned_Intro');
$email_list = '';
foreach ($importresults['bannedemails'] as $p => $email) {
$email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n";
}
$GLOBALS['EmailList'] = $email_list;
break;
case 'failures':
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Failures_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Failures_Intro');
$email_list = '';
foreach ($importresults['failedemails'] as $p => $email) {
$email_list .= htmlspecialchars(trim($email), ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n";
}
$GLOBALS['EmailList'] = $email_list;
break;
case 'bads':
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Bads_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Bads_Intro');
$email_list = '';
foreach ($importresults['baddata'] as $p => $badline) {
$email_list .= htmlspecialchars($badline, ENT_QUOTES, SENDSTUDIO_CHARSET) . "\n";
}
$GLOBALS['EmailList'] = $email_list;
break;
default:
$GLOBALS['Heading'] = GetLang('ImportResults_Report_Invalid_Heading');
$GLOBALS['Intro'] = GetLang('ImportResults_Report_Invalid_Intro');
$GLOBALS['EmailList'] = GetLang('InvalidReportURL');
break;
}
$this->ParseTemplate('Subscribers_Import_Results_View');
break;
case 'step2':
$listid = (isset($_POST['list'])) ? (int)$_POST['list'] : (int)$_GET['list'];
/**
* Check if user have access to the list
*/
$temp = $user->GetLists();
if (!array($temp) || empty($temp)) {
$this->DenyAccess();
return;
}
$temp = array_keys($temp);
if (!in_array($listid, $temp)) {
$this->DenyAccess();
return;
}
/**
* -----
*/
$importinfo = array();
$importinfo['List'] = $listid;
IEM::sessionSet('ImportInfo', $importinfo);
$importresults = array(
'duplicates' => 0,
'success' => 0,
'updates' => 0,
'failures' => 0,
'unsubscribes' => 0,
'bans' => 0,
'bads' => 0,
'duplicateemails' => array(),
'unsubscribedemails' => array(),
'failedemails' => array(),
'bannedemails' => array(),
'baddata' => array()
);
IEM::sessionSet('ImportResults', $importresults);
$this->ImportSubscribers_Step2();
break;
case 'step3':
if (empty($_POST)) {
$this->ImportSubscribers_Step2(GetLang('FileNotUploadedSuccessfully_TooBig'));
break;
}
$importinfo = IEM::sessionGet('ImportInfo');
$importinfo['Status'] = $_POST['status'];
$importinfo['Confirmed'] = $_POST['confirmed'];
$importinfo['Format'] = $_POST['format'];
$importinfo['Type'] = $_POST['importtype'];
$importinfo['Overwrite'] = (isset($_POST['overwrite'])) ? 1 : 0;
$importinfo['Autoresponder'] = (isset($_POST['autoresponder'])) ? 1 : 0;
$importinfo['Headers'] = (isset($_POST['headers'])) ? 1 : 0;
$importinfo['FieldEnclosed'] = (isset($_POST['fieldenclosed'])) ? $_POST['fieldenclosed'] : false;
$importinfo['FieldSeparator'] = $_POST['fieldseparator'];
IEM::sessionSet('ImportInfo', $importinfo);
$upload_status = false;
switch (strtolower($importinfo['Type'])) {
case 'file':
$upload_status = $this->HandleImportFile();
break;
}
if ($upload_status) {
$this->LinkFields();
}
break;
case 'step4':
$linkfields = IEM::requestGetPOST('LinkField', array());
if (!in_array('E', $linkfields)) {
$GLOBALS['Error'] = GetLang('EmailAddressNotLinked');
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->LinkFields();
break;
}
$importinfo = IEM::sessionGet('ImportInfo');
$requiredFieldNames = array();
if (isset($importinfo['RequiredFields']) && is_array($importinfo['RequiredFields'])) {
foreach ($importinfo['RequiredFields'] as $requiredFieldID => $requiredFieldName) {
if (!in_array($requiredFieldID, $linkfields)) {
$requiredFieldNames[] = $requiredFieldName;
break;
}
}
}
if (!empty($requiredFieldNames)) {
$GLOBALS['Error'] = sprintf(GetLang('RequireFieldNotLinked'), htmlspecialchars(implode(', ', $requiredFieldNames), ENT_QUOTES, SENDSTUDIO_CHARSET) );
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->LinkFields();
break;
}
$importinfo['LinkFields'] = $linkfields;
IEM::sessionSet('ImportInfo', $importinfo);
$GLOBALS['ImportTotalSubscribers'] = $importinfo['TotalSubscribers'];
$GLOBALS['ImportTotalSubscribersMessage'] = $this->PrintStatusReport(true);
$this->ParseTemplate('Subscribers_Import_Step4');
break;
case 'importiframe':
$this->PrintHeader(false, false, false);
$importresults = IEM::sessionGet('ImportResults');
$importinfo = IEM::sessionGet('ImportInfo');
$report = '';
foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $pos => $key) {
$amount = $importresults[$key];
if ($amount == 1) {
$report .= GetLang('ImportSubscribers_InProgress_' . $key . '_One');
} else {
$report .= sprintf(GetLang('ImportSubscribers_InProgress_' . $key . '_Many'), $this->FormatNumber($importresults[$key]));
}
$report .= '<br/>';
}
$GLOBALS['ProgressTitle'] = GetLang('ImportResults_InProgress');
$GLOBALS['ProgressMessage'] = sprintf(GetLang('ImportResults_InProgress_Message'), $this->FormatNumber($importinfo['TotalSubscribers']));
$GLOBALS['ProgressReport'] = $report;
$GLOBALS['ProgressURLAction'] = 'index.php?Page=Subscribers&Action=Import&SubAction=Import';
$this->ParseTemplate('ProgressReport_Popup');
$this->PrintFooter(true);
break;
case 'import':
$totalProcessed = null;
$percentProcessed = 0;
$importinfo = IEM::sessionGet('ImportInfo');
$subscriber_info = false;
switch (strtolower($importinfo['Type'])) {
case 'file':
$filename = array_shift($importinfo['FileList']);
$subscriber_info = $this->FileGetLine(IEM_STORAGE_PATH . '/import' . "/{$filename}", true);
if (is_file(IEM_STORAGE_PATH . '/import' . '/' . $filename)) {
unlink(IEM_STORAGE_PATH . '/import' . '/' . $filename);
}
break;
}
$db = IEM::getDatabase();
IEM::sessionSet('ImportInfo', $importinfo);
if ($subscriber_info) {
foreach ($subscriber_info as $pos => $details) {
$importresults = IEM::sessionGet('ImportResults');
// we don't want to import the headers!
if ($importinfo['Headers'] && $details == $importinfo['ImportList']) {
continue;
}
/*
* Checks to make sure there an equal amount of data columns to header columns.
* Erros are produced if not.
*/
if (sizeof($details) != sizeof($importinfo['ImportList'])) {
// to many
if (sizeof($details) > sizeof($importinfo['ImportList'])) {
$importresults['bads']++;
$importresults['baddata'][] = implode($importinfo['FieldSeparator'], $details) . GetLang('InvalidSubscriberImportLine_TooMany');
// too little
} else {
$importresults['bads']++;
$importresults['baddata'][] = implode($importinfo['FieldSeparator'], $details) . GetLang('InvalidSubscriberImportLine_NotEnough');
}
// actually set the errors
IEM::sessionSet('ImportResults', $importresults);
continue;
}
/*
* Do the importing of the details. This includes checking the validity
* of individual column data.
*/
$db->StartTransaction();
$this->ImportSubscriberLine($details);
$db->CommitTransaction();
// Calculate total records processed so far
if (is_null($totalProcessed)) {
$totalProcessed = 0;
foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $key) {
$totalProcessed += $importresults[$key];
}
} else {
++$totalProcessed;
}
// Caclulate the percentage completed
$percentProcessed = ceil(($totalProcessed / $importinfo['TotalSubscribers'])*100);
// Prepare report
$report = '<ul>';
foreach (array('success', 'updates', 'duplicates', 'failures', 'bans', 'unsubscribes', 'bads') as $pos => $key) {
$amount = $importresults[$key];
$report .= '<li>';
if ($amount == 1) {
$report .= GetLang('ImportSubscribers_InProgress_' . $key . '_One');
} else {
$report .= sprintf(GetLang('ImportSubscribers_InProgress_' . $key . '_Many'), $this->FormatNumber($importresults[$key]));
}
$report .= '</li>';
}
$report .= '</ul>';
// Update the status
echo "<script>\n";
echo sprintf("self.parent.UpdateStatusReport('%s');", $report);
echo sprintf("self.parent.UpdateStatus('%s', %d);", '', $percentProcessed);
echo "</script>\n";
flush();
}
?>
<script defer>
setTimeout('window.location="index.php?Page=Subscribers&Action=Import&SubAction=Import&x=<?php echo rand(1,50); ?>;"', 10);
</script>
<?php
exit();
}
?>
<script>
self.parent.parent.location = 'index.php?Page=Subscribers&Action=Import&SubAction=PrintReport';
</script>
<?php
exit();
break;
case 'printreport':
$this->PrintFinalReport();
break;
default:
$this->ChooseList('Import', 'Step2');
break;
}
}
/**
* saveResponseAction
* Save the actual save response action
*
* @return void
*
*/
public function Admin_Action_SaveResponse()
{
$surveyId = (int) IEM::requestGetPOST('formId');
// check permission here
$this->_checkSurveyAccess($surveyId);
$responseId = IEM::requestGetPOST('responseId');
$responseNumber = IEM::requestGetPOST('responseNumber');
$postWidgets = IEM::requestGetPOST('widget');
$errors = 0;
if ($postWidgets || $_FILES) {
// If there are files, take the values and place them in the $postWidgets array so they can
// get validated and entered into the response values in the same manner. Uploads will be
// handled separately.
if (isset($_FILES['widget'])) {
foreach ($_FILES['widget']['name'] as $widgetId => $widget) {
foreach ($widget as $fields) {
foreach ($fields as $fieldId => $field) {
if ($field['value']) {
$postWidgets[$widgetId]['field'][$fieldId]['value'] = 'file_' . $field['value'];
}
}
}
}
}
$survey_api = $this->getApi();
$survey_api->Load($surveyId);
$widgets = $survey_api->getWidgets();
$widgetErrors = array();
foreach ($widgets as $widget) {
if (!isset($widgetErrors[$widget['id']])) {
$widgetErrors[$widget['id']] = array();
}
// validate required fields
if ($widget['is_required']) {
// the widget is assumed blank until one of it's fields is found not blank
$isBlank = true;
$isOther = false;
// make sure the required widget was even posted
if (isset($postWidgets[$widget['id']])) {
foreach ($postWidgets[$widget['id']]['field'] as $field) {
if (isset($field['value'])) {
// get the value of an "other" field if it is one, otherwise just grab
// the normal value
if ($field['value'] == '__other__') {
$isOther = true;
$value = $field['other'];
} else {
$value = $field['value'];
}
// make sure the value isn't blank
if (!$this->_validateIsBlank($value)) {
$isBlank = false;
}
}
}
}
// if the widget is blank, flag an error
if ($isBlank) {
if ($isOther) {
$error = GetLang('Addon_Surveys_ErrorRequiredOther');
} else {
$error = GetLang('Addon_Surveys_ErrorRequired');
}
$widgetErrors[$widget['id']][] = $error;
$errors++;
}
}
// validate file types
if (isset($postWidgets[$widget['id']]) && $widget['allowed_file_types']) {
$typeArr = preg_split('/\\s*,\\s*/', strtolower($widget['allowed_file_types']));
$invalidType = false;
// foreach of the passed fields (most likely 1) check and see if they are valid file types
foreach ($postWidgets[$widget->id]['field'] as $field) {
$parts = explode('.', $field['value']);
$ext = strtolower(end($parts));
// only if the field has a value we will test its file type
if (trim($field['value']) != '' && !in_array($ext, $typeArr)) {
$invalidType = true;
}
}
// if the a file is not a valid file type, then the whole widget fails validation
if ($invalidType) {
$lastFileType = '<em>.' . array_pop($typeArr) . '</em>';
$firstFileTypes = '<em>.' . implode('</em>, <em>.', $typeArr) . '</em>';
$widgetErrors[$widget->id][] = sprintf(GetLang('errorInvalidFileType'), $firstFileTypes, $lastFileType);
$errors++;
}
}
}
// if there were errors, redirect back and display the errors
if ($errors) {
echo '<pre style="border: 1px solid red";><b style="color:RED;">YUDI_DEBUG:' . __FILE__ . ' ON LINE: ' . __LINE__ . '</b><br />';
print_r($widgetErrors);
echo '</pre>';
die;
// set the widget errors so we can retrieve them for the user
IEM::sessionSet('survey.addon.widgetErrors', $widgetErrors);
IEM::sessionSet('MessageText', GetLang('Addon_Surveys_saveResponseMessageError'));
IEM::sessionSet('MessageType', MSG_ERROR);
} else {
// isntantiate a new response object
$response_api = $this->getSpecificApi('responses');
$response_api->Load($responseId);
// delete the values in this response, since they will be added back in
$response_api->deleteValues();
// if the response was saved, then associate values to the response
if ($response_api->Save()) {
$responseValue = $this->getSpecificApi('responsesvalue');
// foreach of the posted widgets, check to see if it belongs in this form and save it if it does
foreach ($postWidgets as $postWidgetId => $postWidget) {
// iterate through each field and enter it in the feedback
foreach ($postWidget['field'] as $field) {
if (!isset($field['value'])) {
continue;
}
// foreign key for the response id
$responseValue->surveys_response_id = $responseId;
// set the widget id foreign key; widgets can have multiple field values and
// should be treated as such
$responseValue->surveys_widgets_id = $postWidgetId;
// set the value of the feedback; this should be a single value since widgets
// can have multiple feed back values
if ($field['value'] == '__other__') {
$responseValue->value = $field['other'];
$responseValue->is_othervalue = 1;
} else {
$responseValue->file_value = "";
if (substr($field['value'], 0, 5) == "file_") {
$value = str_replace("file_", "", $field['value']);
$responseValue->file_value = md5($value);
}
$responseValue->value = $field['value'];
}
// save it
$responseValue->Save();
}
}
// perform file uploading
if (isset($_FILES['widget']['name'])) {
$files = $_FILES['widget']['name'];
foreach ($files as $widgetId => $widget) {
foreach ($widget as $widgetKey => $fields) {
foreach ($fields as $fieldId => $field) {
// gather file information
$name = $_FILES['widget']['name'][$widgetId]['field'][$fieldId]['value'];
$type = $_FILES['widget']['type'][$widgetId]['field'][$fieldId]['value'];
$tmpName = $_FILES['widget']['tmp_name'][$widgetId]['field'][$fieldId]['value'];
$error = $_FILES['widget']['error'][$widgetId]['field'][$fieldId]['value'];
$size = $_FILES['widget']['size'][$widgetId]['field'][$fieldId]['value'];
// if the upload was successful to the temporary folder, move it
if ($error == UPLOAD_ERR_OK) {
$curDir = TEMP_DIRECTORY . DIRECTORY_SEPARATOR . 'surveys';
$upBaseDir = $curDir . DIRECTORY_SEPARATOR . $surveyId;
$upDir = $upBaseDir . DIRECTORY_SEPARATOR . $response_api->GetId();
// if the main survey folder is not yet created then create it
if (!is_dir($curDir)) {
mkdir($curDir, 0755);
}
// if the base upload directory doesn't exist create it
if (!is_dir($upBaseDir)) {
mkdir($upBaseDir, 0755);
}
// if the upload directory doesn't exist create it
if (!is_dir($upDir)) {
mkdir($upDir, 0755);
}
// upload the file
move_uploaded_file($tmpName, $upDir . DIRECTORY_SEPARATOR . $name);
}
}
}
}
}
IEM::sessionSet('MessageText', GetLang('Addon_Surveys_saveResponseMessageSuccess'));
IEM::sessionSet('MessageType', SS_FLASH_MSG_SUCCESS);
}
}
}
// if view is set, then go to the view page for this response
if (!$errors && IEM::requestGetPOST('view')) {
if (IEM::requestGetPost('viewNext')) {
$responseId = IEM::requestGetPost('viewNext');
}
header('Location: index.php?Page=Addons&Addon=surveys&Action=viewresponses&surveyId=' . $surveyId . '&responseId=' . $responseId);
exit;
}
// redirect back to the edit page
header('Location: index.php?Page=Addons&Addon=surveys&Action=editresponse&surveyId=' . $surveyId . '&responseId=' . $responseId);
exit;
}
/**
* Process
* Works out what you're trying to do and takes appropriate action. Validates data where needed.
*
* @param String $action Action to perform. This is usually 'step1', 'step2', 'step3' etc. This gets passed in by the Subscribers::Process function.
*
* @see Subscribers::Process
* @see GetApi
* @see Subscribers_API::IsSubscriberOnList
* @see Subscribers_API::AddToList
* @see Subscribers_API::SaveSubscriberCustomField
* @see Lists_API::GetCustomFields
* @see CustomFields_API::IsRequired
* @see CustomFields_API::ValidData
* @see CustomFields_API::GetFieldName
* @see AddSubscriber_Step2
*
* @return Void Prints out the step, doesn't return anything.
*/
function Process($action=null)
{
switch (strtolower($action)) {
case 'step2':
$listid = (isset($_POST['list'])) ? (int)$_POST['list'] : $_GET['list'];
$this->AddSubscriber_Step2($listid);
break;
case 'saveadd':
case 'save':
$user = GetUser();
$listid = (isset($_GET['list'])) ? (int)$_GET['list'] : 0;
if (!$user->HasAccess('Subscribers', 'Add')) {
$this->DenyAccess();
return;
}
$user_lists = $user->GetLists();
/**
* Check if user have access to the list
*/
if (!array($user_lists) || empty($user_lists)) {
$this->DenyAccess();
return;
}
$temp = array_keys($user_lists);
if (!in_array($listid, $temp)) {
$this->DenyAccess();
return;
}
/**
* -----
*/
$subscriber = $this->GetApi('Subscribers');
$email = IEM::requestGetPOST('emailaddress', '', 'trim');
if (empty($email) || !$subscriber->ValidEmail($email)) {
$GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_InvalidEmailAddress'), htmlspecialchars($email));
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->AddSubscriber_Step2($listid);
break;
}
$duplicate = $subscriber->IsSubscriberOnList($_POST['emailaddress'], $listid);
if ($duplicate) {
$unsubscribed_check = $subscriber->IsUnSubscriber(false, $listid, $duplicate);
if ($unsubscribed_check) {
$GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Unsubscribed'), $_POST['emailaddress']);
} else {
$GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Duplicate'), $_POST['emailaddress']);
}
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->AddSubscriber_Step2($listid);
break;
}
list($banned, $msg) = $subscriber->IsBannedSubscriber($_POST['emailaddress'], $listid, false);
if ($banned) {
$GLOBALS['Error'] = sprintf(GetLang('SubscriberAddFail_Banned'), $_POST['emailaddress']);
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->AddSubscriber_Step2($listid);
break;
}
$ListApi = $this->GetApi('Lists');
$ListApi->Load($listid);
$ListCustomFields = $ListApi->GetCustomFields($listid);
$customfield_errors = array();
foreach (array('emailaddress', 'format', 'confirmed') as $p => $area) {
$subscriber->Set($area, $_POST[$area]);
}
$CustomFieldsValid = true;
foreach ($ListCustomFields as $pos => $data) {
$CustomFieldApi = $this->GetApi('CustomFields');
$fieldid = $data['fieldid'];
$CustomFieldApi->Load($fieldid);
$postdata = (isset($_POST['CustomFields'][$fieldid])) ? $_POST['CustomFields'][$fieldid] : '';
if (!isset($_POST['CustomFields'][$fieldid]) && !$CustomFieldApi->IsRequired()) {
unset($CustomFieldApi);
continue;
}
if ($CustomFieldApi->IsRequired()) {
if (!$postdata) {
$ftype = $CustomFieldApi->Get('fieldtype');
switch ($ftype) {
case 'text':
case 'number':
$errormsg = 'SubscriberAddFail_EmptyData_EnterData';
break;
case 'dropdown':
case 'radiobutton':
case 'checkbox':
case 'date':
$errormsg = 'SubscriberAddFail_EmptyData_ChooseOption';
break;
}
$customfield_errors[] = sprintf(GetLang($errormsg), $CustomFieldApi->GetFieldName());
unset($CustomFieldApi);
continue;
}
}
if (!$CustomFieldApi->ValidData($postdata)) {
$customfield_errors[] = sprintf(GetLang('SubscriberAddFail_InvalidData'), $CustomFieldApi->GetFieldName());
unset($CustomFieldApi);
continue;
}
unset($CustomFieldApi);
}
if (!empty($customfield_errors)) {
$GLOBALS['Error'] = implode('<br/>', $customfield_errors);
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
$this->AddSubscriber_Step2($listid);
break;
}
$subscriberid = $subscriber->AddToList($_POST['emailaddress'], $listid);
$GLOBALS['Message'] = $this->PrintSuccess('SubscriberAddSuccessful');
$GLOBALS['list'] = $listid;
// go through each custom field and save the info.
foreach ($ListCustomFields as $pos => $data) {
$fieldid = $data['fieldid'];
$postdata = (isset($_POST['CustomFields'][$fieldid])) ? $_POST['CustomFields'][$fieldid] : '';
$subscriber->SaveSubscriberCustomField($subscriberid, $fieldid, $postdata);
}
if ($action == 'saveadd' || sizeof($user_lists) == 1) {
$this->AddSubscriber_Step2($listid, true);
} else {
IEM::sessionSet('AddSubscriberMessage', $ListApi->Get('name'));
?>
<script>
window.location = 'index.php?Page=Subscribers&Action=Add';
</script>
<?php
exit();
}
break;
default:
$user = GetUser();
$lists = $user->GetLists();
// If only one list available, go directly to step 2
if (count($lists) == 1) {
$listid = array_pop(array_keys($lists));
$this->AddSubscriber_Step2($listid);
} else {
$this->ChooseList('add', 'step2');
}
break;
}
}
/**
* Process
* Does all the work.
* Saves settings, Checks details, calls the API to save the actual settings and checks whether it worked or not.
*
* @see GetApi
* @see API::Set
* @see API::Save
* @see GetLang
* @see ParseTemplate
* @see SendStudio_Functions::Process
* @see SendTestPreview
* @see Settings_API::CheckCron
* @see Settings_API::UpdateCron
*
* @return Void Does all of the processing, doesn't return anything.
*/
function Process()
{
$action = (isset($_GET['Action'])) ? strtolower($_GET['Action']) : null;
$user = GetUser();
$access = $user->HasAccess('System', 'System');
$popup = (in_array($action, $this->PopupWindows)) ? true : false;
if (!$access) {
$this->DenyAccess();
return;
}
$LK = false;
switch ($action) {
case 'addons':
// we need a subaction & addon name.
if (!isset($_GET['SubAction'])) {
return $this->ShowSettingsPage();
}
if (!isset($_GET['Addon'])) {
return $this->ShowSettingsPage();
}
require_once(SENDSTUDIO_BASE_DIRECTORY . DIRECTORY_SEPARATOR . 'addons' . DIRECTORY_SEPARATOR . 'interspire_addons.php');
$post = array();
if (!empty($_POST)) {
$post = $_POST;
}
try {
$allowed_sub_action = array('install', 'uninstall', 'enable', 'disable', 'upgrade', 'configure', 'savesettings');
$subaction = $this->_getGETRequest('SubAction', '');
if (!in_array(strtolower($subaction), $allowed_sub_action)) {
FlashMessage(GetLang('Addon_Action_NotAllowed'), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6');
return;
}
$result = Interspire_Addons::Process($_GET['Addon'], $subaction, $post);
if ($result === true) {
FlashMessage(GetLang('Addon_Success_' . strtolower($_GET['SubAction'])), SS_FLASH_MSG_SUCCESS, 'index.php?Page=Settings&Tab=6');
return;
}
if ($result === false || $result == null) {
FlashMessage(GetLang('Addon_Failure_' . strtolower($_GET['SubAction'])), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6');
return;
}
echo $result;
} catch (Exception $e) {
$error = $e->GetMessage();
FlashMessage($error, SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab=6');
}
return;
break;
case 'viewdisabled':
$this->PrintHeader(true);
$reporttype = (isset($_GET['Report'])) ? $_GET['Report'] : null;
switch ($reporttype) {
case 'autoresponder':
$GLOBALS['Heading'] = GetLang('Autoresponders_Disabled_Heading');
$GLOBALS['Intro'] = GetLang('Autoresponders_Disabled_Heading_Intro');
$disabled_list = IEM::sessionGet('AutorespondersDisabled');
$disabled_report = '';
$var = GetLang('DisabledAutoresponder_Item');
foreach ($disabled_list as $p => $details) {
$disabled_report .= sprintf($var, $details['autorespondername'], $details['listname']) . "\n";
}
break;
case 'newsletter':
$GLOBALS['Heading'] = GetLang('Newsletters_Disabled_Heading');
$GLOBALS['Intro'] = GetLang('Newsletters_Disabled_Heading_Intro');
$disabled_list = IEM::sessionGet('NewslettersDisabled');
$disabled_report = '';
$var = GetLang('DisabledNewsletter_Item');
foreach ($disabled_list as $p => $details) {
$disabled_report .= sprintf($var, $details['newslettername']) . "\n";
}
break;
}
$GLOBALS['DisabledList'] = $disabled_report;
$this->ParseTemplate('Settings_Disabled_Report');
$this->PrintFooter(true);
break;
case 'systeminfo':
$this->PrintHeader();
$db = IEM::getDatabase();
$GLOBALS['DatabaseVersion'] = $db->FetchOne('SELECT version() AS version');
$GLOBALS['ProductVersion'] = GetLang('SENDSTUDIO_VERSION');
$GLOBALS['ShowProd'] = empty($GLOBALS['ProductEdition']) ? 'none' : '';
$charset = (isset($SENDSTUDIO_DEFAULTCHARSET)) ? $SENDSTUDIO_DEFAULTCHARSET : SENDSTUDIO_CHARSET;
$GLOBALS['DefaultCharset'] = $charset;
$GLOBALS['CharsetDescription'] = GetLang($charset);
$GLOBALS['ServerTimeZone'] = SENDSTUDIO_SERVERTIMEZONE;
$GLOBALS['ServerTimeZoneDescription'] = GetLang(SENDSTUDIO_SERVERTIMEZONE);
$GLOBALS['ServerTime'] = date('r');
$GLOBALS['PHPVersion'] = phpversion();
$GLOBALS['ServerSoftware'] = htmlspecialchars($_SERVER["SERVER_SOFTWARE"], ENT_QUOTES, SENDSTUDIO_CHARSET);
$GLOBALS['SafeModeEnabled'] = (SENDSTUDIO_SAFE_MODE) ? GetLang('Yes') : GetLang('No');
$GLOBALS['ImapSupportFound'] = (function_exists('imap_open')) ? GetLang('Yes') : GetLang('No');
$GLOBALS['CurlSupportFound'] = (function_exists('curl_init')) ? GetLang('Yes') : GetLang('No');
$php_mods = $this->ParsePHPModules();
$GLOBALS['GDVersion'] = GetLang('GD_NotDetected');
if (Settings_API::GDEnabled() && $php_mods !== false) {
$GLOBALS['GDVersion'] = $php_mods['gd']['GD Version'];
}
$GLOBALS['ModSecurity'] = GetLang('ModSecurity_Unknown');
if (!is_numeric(strpos(php_sapi_name(), 'cgi')) && $php_mods !== false) {
$apache_mods = $this->ParseApacheModules($php_mods);
if (in_array('mod_security', $apache_mods)) {
$GLOBALS['ModSecurity'] = GetLang('Yes');
} else {
$GLOBALS['ModSecurity'] = GetLang('No');
}
}
$this->ParseTemplate('Settings_SystemInfo');
$this->PrintFooter();
break;
case 'showinfo':
$this->PrintHeader(true);
phpinfo();
$this->PrintFooter(true);
break;
case 'sendpreviewdisplay':
$this->PrintHeader($popup);
$this->SendTestPreviewDisplay('index.php?Page=Settings&Action=SendPreview', 'self.parent.getPreviewParameters()');
$this->PrintFooter($popup);
break;
case 'sendsmtppreviewdisplay':
$this->PrintHeader($popup);
$this->SendTestPreviewDisplay('index.php?Page=Settings&Action=SendPreview', 'self.parent.getSMTPPreviewParameters()');
$this->PrintFooter($popup);
break;
case 'sendpreview':
$this->SendTestPreview();
break;
case 'testbouncedisplay':
$this->PrintHeader($popup);
$this->TestBounceSettingsDisplay();
$this->PrintFooter($popup);
break;
case 'testbouncesettings':
$this->TestBounceSettings();
break;
case 'save':
if (empty($_POST)) {
$this->ShowSettingsPage();
break;
}
$api = $this->GetApi();
$result = false;
$errors = array();
// Make sure that Contact email is filled in
if (!isset($_POST['email_address']) || trim($_POST['email_address']) == '') {
array_push($errors, GetLang('ErrorAlertMessage_BlankContactEmail'));
}
// Make sure that license key is filled in
if (!isset($_POST['licensekey']) || trim($_POST['licensekey']) == '') {
array_push($errors, GetLang('ErrorAlertMessage_BlankLicenseKey'));
}
// Make sure that application name is filled in
if (!isset($_POST['lng_applicationtitle']) || trim($_POST['lng_applicationtitle']) == '') {
array_push($errors, GetLang('ErrorAlertMessage_BlankApplicationName'));
}
$agencyId = get_agency_license_variables();
if(!empty($agencyId['agencyid'])) {
$temp = IEM::requestGetPOST('lng_accountupgrademessage', '', 'trim');
if (empty($temp)) {
array_push($errors, GetLang('ErrorAlertMessage_BlankAccountUpgradeMessage'));
}
$temp = IEM::requestGetPOST('lng_freetrial_expiry_login', '', 'trim');
if (empty($temp)) {
array_push($errors, GetLang('ErrorAlertMessage_BlankExpiredLogin'));
}
}
if ($api && count($errors) == 0) {
do {
$settings = array();
// fix up the database settings first.
$all_areas = $api->Areas;
$LK = (isset($_POST['licensekey'])) ? $_POST['licensekey'] : false;
if (defined('APPLICATION_SHOW_WHITELABEL_MENU') && constant('APPLICATION_SHOW_WHITELABEL_MENU')) {
foreach ($all_areas['whitelabel'] as $area) {
$val = IEM::requestGetPOST(strtolower($area), false);
$temp = strtolower($area);
switch ($temp) {
// Special case for handling logo image
case 'application_logo_image':
$val = IEM::requestGetPOST('existing_app_logo_image', false);
if (isset($_FILES['Application_Logo_Image']) && !empty($_FILES['Application_Logo_Image']['name'])) {
if ($_FILES['Application_Logo_Image']['error'] != 0 || !@is_uploaded_file($_FILES['Application_Logo_Image']['tmp_name'])) {
array_push($errors, GetLang('ErrorAlertMessage_ErrorApplicationLogoImage'));
break 3;
}
if (!$this->IsImageFile(strtolower($_FILES['Application_Logo_Image']['name']))){
array_push($errors, GetLang('ErrorAlertMessage_InvalidNameApplicationLogoImage'));
break 3;
}
$uploadedFile = strtolower(basename($_FILES['Application_Logo_Image']['name']));
$uploadedFile = preg_replace('/.*(\..*)$/', 'applicationlogo${1}', $uploadedFile);
if(move_uploaded_file($_FILES['Application_Logo_Image']['tmp_name'], (TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile))) {
@chmod(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, 0666);
$val = 'temp/' . $uploadedFile;
}
if (!$this->IsValidImageFile(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, $_FILES['Application_Logo_Image']['type'])){
@unlink(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile);
array_push($errors, GetLang('ErrorAlertMessage_InvalidFormatApplicationLogoImage'));
break 3;
}
}
break;
// Special case for handling favicon
case 'application_favicon':
$val = IEM::requestGetPOST('existing_app_favicon', false);
if (isset($_FILES['Application_Favicon']) && !empty($_FILES['Application_Favicon']['name'])) {
if ($_FILES['Application_Favicon']['error'] != 0 || !@is_uploaded_file($_FILES['Application_Favicon']['tmp_name'])) {
array_push($errors, GetLang('ErrorAlertMessage_ErrorApplicationFavicon'));
break 3;
}
if (!$this->IsIconFile(strtolower($_FILES['Application_Favicon']['name']))){
array_push($errors, GetLang('ErrorAlertMessage_InvalidNameApplicationFavicon'));
break 3;
}
$uploadedFile = 'favicon.ico';
if(move_uploaded_file($_FILES['Application_Favicon']['tmp_name'], (TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile))) {
@chmod(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, 0666);
$val = 'temp/' . $uploadedFile;
}
if (!$this->IsValidIconFile(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile, $_FILES['Application_Favicon']['type'])){
@unlink(TEMP_DIRECTORY . DIRECTORY_SEPARATOR . $uploadedFile);
array_push($errors, GetLang('ErrorAlertMessage_InvalidFormatApplicationFavicon'));
break 3;
}
}
break;
}
$settings[$area] = $val;
}
}
foreach ($all_areas['config'] as $area) {
if (isset($_POST[strtolower($area)])) {
$val = $_POST[strtolower($area)];
} else {
$val = false;
}
if ($area == 'DATABASE_USER') {
if (isset($_POST['database_u'])) {
$val = $_POST['database_u'];
}
}
if ($area == 'DATABASE_PASS') {
if (isset($_POST['database_p'])) {
$val = $_POST['database_p'];
}
}
if ($area == 'APPLICATION_URL') {
if (substr($val, -1) == '/') {
$val = substr($val, 0, -1);
}
}
$settings[$area] = $val;
}
unset($all_areas['config']);
unset($all_areas['whitelabel']);
// look after all of the other settings now.
foreach ($all_areas as $p => $area) {
if (isset($_POST[strtolower($area)])) {
$val = $_POST[strtolower($area)];
} else {
$val = false;
}
if ($area == 'BOUNCE_AGREEDELETE' && isset($_POST['bounce_process'])) {
$val = 1;
}
if ($area == 'TEXTFOOTER') {
$val = strip_tags($val);
}
if ($area == 'SMTP_USERNAME') {
if (isset($_POST['smtp_u'])) {
$val = $_POST['smtp_u'];
}
}
if ($area == 'SMTP_PASSWORD') {
if (isset($_POST['smtp_p'])) {
$val = $_POST['smtp_p'];
}
$val = base64_encode($val);
}
if ($area == 'BOUNCE_PASSWORD') {
if (isset($_POST['bounce_password'])) {
$val = $_POST['bounce_password'];
}
$val = base64_encode($val);
}
$settings[$area] = $val;
}
// ----- Settings that cannot be changed
$settings['DEFAULTCHARSET'] = SENDSTUDIO_DEFAULTCHARSET;
if (!empty($settings['DEFAULTCHARSET'])) {
$settings['DEFAULTCHARSET'] = 'UTF-8';
}
// -----
// ----- Security settings
$settings['SECURITY_WRONG_LOGIN_WAIT'] = intval($settings['SECURITY_WRONG_LOGIN_WAIT']);
$settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT'] = intval($settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT']);
$settings['SECURITY_WRONG_LOGIN_THRESHOLD_DURATION'] = intval($settings['SECURITY_WRONG_LOGIN_THRESHOLD_DURATION']) * 60;
$settings['SECURITY_BAN_DURATION'] = intval($settings['SECURITY_BAN_DURATION']) * 60;
if (!isset($_POST['security_wrong_login_wait_enable'])) {
$settings['SECURITY_WRONG_LOGIN_WAIT'] = 0;
}
if (!isset($_POST['security_wrong_login_threshold_enable'])) {
$settings['SECURITY_WRONG_LOGIN_THRESHOLD_COUNT'] = 0;
}
// -----
$api->Set('Settings', $settings);
$result = $api->Save();
// Save warnings
if ($result) {
$tempRequestWarningsEnabled = IEM::requestGetPOST('credit_percentage_warnings_enable', array());
$tempRequestWarningLevels = IEM::requestGetPOST('credit_percentage_warnings_level', array());
$tempRequestWarnigSubjects = IEM::requestGetPOST('credit_percentage_warnings_subject', array());
$tempRequestWarningEmails = IEM::requestGetPOST('credit_percentage_warnings_text', array());
if (!empty($tempRequestWarningsEnabled) && !empty($tempRequestWarningLevels) && !empty($tempRequestWarningEmails)) {
$tempRecords = array();
foreach ($tempRequestWarningLevels as $index => $level) {
$tempRecords[] = array(
'enabled' => in_array($index, $tempRequestWarningsEnabled),
'creditlevel' => $level,
'aspercentage' => '1', // FIXME at this stage, only monthly credits warnings are available
'emailsubject' => (isset($tempRequestWarnigSubjects[$index]) ? $tempRequestWarnigSubjects[$index] : ''),
'emailcontents' => (isset($tempRequestWarningEmails[$index]) ? $tempRequestWarningEmails[$index] : '')
);
}
$result = $api->SaveCreditWarnings($tempRecords);
} else {
$result = $api->SaveCreditWarnings(array());
}
unset($tempRequestWarningsEnabled);
unset($tempRequestWarningLevels);
unset($tempRequestWarningEmails);
}
} while(false);
}
$tabNum = ($_POST['tab_num'] && intval($_POST['tab_num'])) ? intval($_POST['tab_num']) : 1 ;
if ($result) {
FlashMessage(GetLang('SettingsSaved'), SS_FLASH_MSG_SUCCESS, 'index.php?Page=Settings&Tab='.$tabNum);
} else {
foreach ($errors as $error) {
FlashMessage($error, SS_FLASH_MSG_ERROR);
}
FlashMessage(GetLang('SettingsNotSaved'), SS_FLASH_MSG_ERROR, 'index.php?Page=Settings&Tab='.$tabNum);
}
break;
default:
$this->ShowSettingsPage();
break;
}
}
/**
* Process
* Lets a user manage their own account - to a certain extent.
* The API itself manages saving and updating, this just works out displaying of forms etc.
*
* @see PrintHeader
* @see ParseTemplate
* @see IEM::getDatabase()
* @see GetUser
* @see User_API::Set
* @see GetLang
* @see PrintEditForm
* @see PrintFooter
*
* @return Void Doesn't return anything, hands the processing off to the appropriate subarea and lets it do the work.
*/
function Process()
{
$action = (isset($_GET['Action'])) ? strtolower($_GET['Action']) : '';
if (!in_array($action, $this->PopupWindows)) {
$this->PrintHeader();
}
$user = IEM::getCurrentUser();
$db = IEM::getDatabase();
switch ($action) {
case 'save':
if (!$user->EditOwnSettings()) {
$this->DenyAccess();
}
$smtptype = 0;
if ($user->HasAccess('User', 'SMTP')) {
$smtptype = (isset($_POST['smtptype'])) ? $_POST['smtptype'] : 0;
}
// Make sure smtptype is eiter 0 or 1
if ($smtptype != 1) {
$smtptype = 0;
}
// ----- Activity type
$activity = IEM::requestGetPOST('eventactivitytype', '', 'trim');
if (!empty($activity)) {
$activity_array = explode("\n", $activity);
for ($i = 0, $j = count($activity_array); $i < $j; ++$i) {
$activity_array[$i] = trim($activity_array[$i]);
}
} else {
$activity_array = array();
}
$user->Set('eventactivitytype', $activity_array);
// -----
/**
* This was added, because User's API uses different names than of the HTML form names.
* HTML form names should stay the same to keep it consistant throught the application
*
* This will actually map HTML forms => User's API fields
*/
$areaMapping = array(
'fullname' => 'fullname',
'emailaddress' => 'emailaddress',
'usertimezone' => 'usertimezone',
'textfooter' => 'textfooter',
'htmlfooter' => 'htmlfooter',
'infotips' => 'infotips',
'usewysiwyg' => 'usewysiwyg',
'enableactivitylog' => 'enableactivitylog',
'usexhtml' => 'usexhtml',
'googlecalendarusername' => 'googlecalendarusername',
'googlecalendarpassword' => 'googlecalendarpassword'
);
if ($user->HasAccess('User', 'SMTP')) {
$areaMapping['smtp_server'] = 'smtpserver';
$areaMapping['smtp_u'] = 'smtpusername';
$areaMapping['smtp_p'] = 'smtppassword';
$areaMapping['smtp_port'] = 'smtpport';
}
foreach ($areaMapping as $p => $area) {
$val = (isset($_POST[$p])) ? $_POST[$p] : '';
$user->Set($area, $val);
}
/**
* -----
*/
if ($user->HasAccess('User', 'SMTP')) {
if ($smtptype == 0) {
$user->Set('smtpserver', '');
$user->Set('smtpusername', '');
$user->Set('smtppassword', '');
$user->Set('smtpport', 0);
}
}
$error = false;
$template = false;
if (!$error) {
if ($_POST['ss_p'] != '') {
if ($_POST['ss_p_confirm'] != '' && $_POST['ss_p_confirm'] == $_POST['ss_p']) {
$user->Set('password', $_POST['ss_p']);
} else {
$error = GetLang('PasswordsDontMatch');
}
}
}
if (!$error) {
$result = $user->Save();
if ($result) {
$GLOBALS['Message'] = $this->PrintSuccess('UserUpdated') . '<br/>';
} else {
$GLOBALS['Error'] = GetLang('UserNotUpdated');
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
}
} else {
$GLOBALS['Error'] = $error;
$GLOBALS['Message'] = $this->ParseTemplate('ErrorMsg', true, false);
}
$userid = $user->Get('userid');
$this->PrintEditForm($userid);
break;
case 'sendpreviewdisplay':
$this->PrintHeader(true);
$this->SendTestPreviewDisplay('index.php?Page=ManageAccount&Action=SendPreview', 'self.parent.getSMTPPreviewParameters()');
$this->PrintFooter(true);
break;
case 'sendpreview':
$this->SendTestPreview();
break;
case 'testgooglecalendar':
$status = array(
'status' => false,
'message' => ''
);
try {
$details = array(
'username' => $_REQUEST['gcusername'],
'password' => $_REQUEST['gcpassword']
);
$this->GoogleCalendarAdd($details, true);
$status['status'] = true;
$status['message'] = GetLang('GooglecalendarTestSuccess');
} catch (Exception $e) {
$status['message'] = GetLang('GooglecalendarTestFailure');
}
print GetJSON($status);
break;
default:
$userid = $user->userid;
$this->PrintEditForm($userid);
break;
}
if (!in_array($action, $this->PopupWindows)) {
$this->PrintFooter();
}
}
public function page_saveRecord()
{
$record = IEM::requestGetPOST('record', array());
$record['groupname'] = htmlspecialchars($record['groupname']);
$created = ((IEM::ifsetor($record['groupid'], 0, 'intval') == 0) ? true : false);
/*
* Transform the permission so that it will be recognized by the API
*/
$permissions = IEM::ifsetor($record['permissions'], array());
$new_permissions = array();
if (!is_array($permissions)) {
$permissions = array();
}
if (!empty($permissions)) {
foreach ($permissions as $each) {
$temp = explode('.', $each);
// This can only handle 2 level permissions,
// ie. autoresponders.create, autoresponders.delete, autoresponders.edit
// will become $permissions['autoresponders'] = array('create', 'delete', 'edit');
if (count($temp) != 2) {
continue;
}
if (!isset($new_permissions[$temp[0]])) {
$new_permissions[$temp[0]] = array();
}
$new_permissions[$temp[0]][] = $temp[1];
}
}
$record['permissions'] = $new_permissions;
if (empty($record)) {
return $this->page_createGroup($record);
}
// Check if "Request Token" matches
// This tries to prevent CSRF
$token = IEM::sessionGet('UsersGroups_Editor_RequestToken', false);
if (!$token || $token != IEM::requestGetPOST('requestToken', false)) {
return $this->page_createGroup($record);
}
$status = API_USERGROUPS::saveRecord($record);
if (!$status) {
FlashMessage(GetLang('UsersGroups_From_Error_CannotSave'), SS_FLASH_MSG_ERROR);
return $this->printEditor($record);
}
$messageVariable = 'UsersGroups_From_Success_Saved';
if ($created) {
$messageVariable = 'UsersGroups_From_Success_Created';
}
FlashMessage(GetLang($messageVariable), SS_FLASH_MSG_SUCCESS, IEM::urlFor('UsersGroups'));
}
private function _handleSubmitAction()
{
// don't escape
$template_dir = SENDSTUDIO_BASE_DIRECTORY . '/addons/surveys/templates';
$this->_template = GetTemplateSystem($template_dir);
$this->_template->DefaultHtmlEscape = false;
$formId = (int) IEM::requestGetGET('formId');
$postWidgets = IEM::requestGetPOST('widget');
// If there are files, take the values and place them in the $postWidgets array so they can
// get validated and entered into the response values in the same manner. Uploads will be
// handled separately.
if (isset($_FILES['widget'])) {
foreach ($_FILES['widget']['name'] as $widgetId => $widget) {
foreach ($widget as $fields) {
foreach ($fields as $fieldId => $field) {
$postWidgets[$widgetId]['field'][$fieldId]['value'] = 'file_' . $field['value'];
}
}
}
}
// If the form and widgets weren't posted in the format we require then redirect back
if (!$formId) {
$this->redirectToReferer();
}
$surveyApi = $this->getApi();
$surveyApi->Load($formId);
$surveyData = $surveyApi->GetData();
$errors = 0;
$widgets = $surveyApi->getWidgets($formId);
$widgetErrors = array();
/**** START OF ERROR VALIDATION ****/
// compile a list of widget ids so we can check the posted widgets against a list of
// valid widget ids
foreach ($widgets as $widgetKey => $widget) {
if (!isset($widgetErrors[$widget['id']])) {
$widgetErrors[$widget['id']] = array();
}
// validate required fields
if ($widget['is_required']) {
// the widget is assumed blank until one of it's fields is found not blank
$isBlank = true;
$isOther = false;
// make sure the required widget was even posted
if (isset($postWidgets[$widget['id']])) {
foreach ($postWidgets[$widget['id']]['field'] as $field) {
if (isset($field['value'])) {
$values = (array) $field['value'];
foreach ($values as $value) {
// get the value of an "other" field if it is one, otherwise just grab
// the normal value
if ($value == '__other__') {
$isOther = true;
$value = $field['other'];
}
// make sure the value isn't blank
if ($this->_validateIsBlank($value) !== true) {
$isBlank = false;
}
}
}
}
}
// if the widget is blank, flag an error
if ($isBlank) {
if ($isOther) {
$error = GetLang('Addon_Surveys_ErrorRequiredOther');
} else {
$error = GetLang('Addon_Surveys_ErrorRequired');
}
$widgetErrors[$widget['id']][] = $error;
$errors++;
}
if ($widget['type'] == 'file') {
foreach ($postWidgets[$widget['id']]['field'] as $fieldid) {
if (isset($fieldid['value'])) {$uploaded_file = $fieldid['value'];break;}
}
if (empty($uploaded_file) || $uploaded_file == "file_") {
$error = GetLang('Addon_Surveys_ErrorRequired');
$widgetErrors[$widget['id']][] = $error;
$errors++;
}
}
}
// validate file types
if ($widget['type'] == 'file') {
if (!empty($widget['allowed_file_types'])) {
$typeArr = preg_split('/\s*,\s*/', strtolower($widget['allowed_file_types']));
$invalidType = false;
// foreach of the passed fields (most likely 1) check and see if they are valid file types
foreach ($postWidgets[$widget['id']]['field'] as $field) {
$parts = explode('.', $field['value']);
$ext = strtolower(end($parts));
// only if the field has a value we will test its file type
if (trim($field['value']) != '' && !in_array($ext, $typeArr)) {
$invalidType = true;
}
}
// if the a file is not a valid file type, then the whole widget fails validation
if ($invalidType) {
$lastFileType = '<em>.' . array_pop($typeArr) . '</em>';
$firstFileTypes = '<em>.' . implode('</em>, <em>.', $typeArr) . '</em>';
$widgetErrors[$widget['id']][] = sprintf(GetLang('Addon_Surveys_ErrorInvalidFileType'), $lastFileType, $firstFileTypes);
$errors++;
}
}
}
if (isset($postWidgets[$widget['id']])) {
// add a value to the values array so it can be passed to the email feedback template
@$widgets[$widgetKey]['values'] = $postWidgets[$widget['id']]['field'];
}
}
// if there were errors, redirect back and display the errors
if ($errors) {
// set a global error message to alert the user to the specific errors
IEM::sessionSet('survey.addon.' . $formId . '.errorMessage', $surveyData['error_message']);
// set the widget errors so we can retrieve them for the user
IEM::sessionSet('survey.addon.' . $formId . '.widgetErrors', $widgetErrors);
$this->redirectToReferer();
}
/**** END OF ERROR VALIDATION ****/
// isntantiate a new response object
$response = $this->getSpecificApi('responses');
// associate the response to a particular form
$response->surveys_id = $formId;
// if the response was saved, then associate values to the response
if ($response->Save()) {
// foreach of the posted widgets, check to see if it belongs in this form and save it if it does
foreach ($postWidgets as $postWidgetId => $postWidget) {
// iterate through each field and enter it in the feedback
foreach ($postWidget['field'] as $field) {
// make sure it has a value first
if (isset($field['value'])) {
// since multiple values can be given, we treat them as an array
$values = (array) $field['value'];
foreach ($values as $value) {
$responseValue = $this->getSpecificApi('responsesvalue');
// foreign key for the response id
$responseValue->surveys_response_id = $response->GetId();
// set the widget id foreign key; widgets can have multiple field values and
// should be treated as such
$responseValue->surveys_widgets_id = $postWidgetId;
// set the value of the feedback; this should be a single value since widgets
// can have multiple feed back values
if ($value == '__other__') {
$responseValue->value = $field['other'];
$responseValue->is_othervalue = 1;
} else {
// if file value exist we need to save the md5 name of the file in the database
$responseValue->file_value = "";
if (substr($value, 0, 5) == "file_") {
$value = str_replace("file_", "", $value);
$responseValue->file_value = md5($value);
}
$responseValue->value = $value;
$responseValue->is_othervalue = 0;
}
// save it
$responseValue->Save();
}
}
}
}
// send an email if desired
/**
* Prepare for sending the email..
*/
$widget_api = $this->getSpecificApi('widgets');
if ($surveyData['email_feedback']) {
foreach ($widgets as &$widget) {
$widget_api->populateFormData($widget);
// set the values (normally 1, unless it's a list of checkboxes)
$widget['values'] = $widget_api->getResponseValues($response->id);
// get the other value
$other = $widget_api->getOtherField();
// add the full url to the file
if ($widget['type'] == 'file') {
$attachment_url = "admin/index.php?Page=Addons&Addon=surveys&Action=DownloadAttach&ajax=1&formId=" . $formId . "&responseId=" . $response->id . "&value=" . base64_encode($widget['values'][0]['value']);
$attachment_tag = SENDSTUDIO_APPLICATION_URL . "/" . $attachment_url;
// . "'>" . $widget['values'][0]['value'];
$widget['values'][0]['value'] = $attachment_tag;
}
if ($other) {
// the other value will be the last one
$otherValueIndex = count($widget['values']) - 1;
$widget['values'][$otherValueIndex]['value'] = $other['other_label_text'] . ' ' . $widget['values'][$otherValueIndex]['value'];
}
}
$viewUri = SENDSTUDIO_APPLICATION_URL
. '/admin/index.php?Page=Addons&Addon=surveys&Action=viewresponses&surveyId='
. $surveyApi->id
. '&responseId='
. $response->id;
$editUri = SENDSTUDIO_APPLICATION_URL
. '/admin/index.php?Page=Addons&Addon=surveys&Action=editresponse&surveyId='
. $surveyApi->id
. '&responseId='
. $response->id;
$this->_template->Assign('form', $surveyApi->GetData());
$this->_template->Assign('widgets', $widgets);
$this->_template->Assign('emailBodyStart', sprintf(GetLang('Addon_Surveys_emailBodyStart'), $surveyApi->Get('name')));
$this->_template->Assign('emailViewLink', sprintf(GetLang('Addon_Surveys_emailViewLink'), $viewUri));
$this->_template->Assign('emailEditLink', sprintf(GetLang('Addon_Surveys_emailEditLink'), $editUri));
// parse the email template for its content
$emailTemplate = $this->_template->ParseTemplate('email', true);
require_once(IEM_PATH . '/ext/interspire_email/email.php');
$emailapi = new Email_API();
$emailapi->SetSmtp(SENDSTUDIO_SMTP_SERVER, SENDSTUDIO_SMTP_USERNAME, @base64_decode(SENDSTUDIO_SMTP_PASSWORD), SENDSTUDIO_SMTP_PORT);
//if ($this->smtpserver) {
// $emailapi->SetSmtp($this->smtpserver, $this->smtpusername, $this->smtppassword, $this->smtpport);
//}
$emailapi->ClearRecipients();
$emailapi->ForgetEmail();
$emailapi->Set('forcechecks', false);
$to = ($surveyApi->Get('email'));
$emailapi->AddRecipient($to);
$emailapi->Set('FromAddress', (defined('SENDSTUDIO_EMAIL_ADDRESS') ? SENDSTUDIO_EMAIL_ADDRESS : $userobject->emailaddress));
$emailapi->Set('BounceAddress', SENDSTUDIO_EMAIL_ADDRESS);
$emailapi->Set('CharSet', SENDSTUDIO_CHARSET);
$subject = sprintf(GetLang('Addon_Surveys_emailSubject'), $surveyApi->Get('name'));
$emailapi->Set('Subject', $subject);
//email body
$emailapi->AddBody('text', $emailTemplate);
$status = $emailapi->Send();
if ($status['success'] != 1) {
trigger_error(__CLASS__ . '::' . __METHOD__ . ' -- Was not able to send email: ' . serialize($status['failed']), E_USER_NOTICE);
return false;
}
}
// perform file uploading
if (isset($_FILES['widget']['name'])) {
$files = $_FILES['widget']['name'];
foreach ($files as $widgetId => $widget) {
foreach ($widget as $widgetKey => $fields) {
foreach ($fields as $fieldId => $field) {
// gather file information
$name = $_FILES['widget']['name'][$widgetId]['field'][$fieldId]['value'];
$type = $_FILES['widget']['type'][$widgetId]['field'][$fieldId]['value'];
$tmpName = $_FILES['widget']['tmp_name'][$widgetId]['field'][$fieldId]['value'];
$error = $_FILES['widget']['error'][$widgetId]['field'][$fieldId]['value'];
$size = $_FILES['widget']['size'][$widgetId]['field'][$fieldId]['value'];
// if the upload was successful to the temporary folder, move it
if ($error == UPLOAD_ERR_OK) {
$tempdir = TEMP_DIRECTORY;
$upBaseDir = $tempdir . DIRECTORY_SEPARATOR . 'surveys';
$upSurveyDir = $upBaseDir . DIRECTORY_SEPARATOR . $formId;
$upDir = $upSurveyDir . DIRECTORY_SEPARATOR . $response->GetId();
// if the base upload directory doesn't exist create it
if (!is_dir($upBaseDir)) {
mkdir($upBaseDir, 0755);
}
if (!is_dir($upSurveyDir)) {
mkdir($upSurveyDir, 0755);
}
// if the upload directory doesn't exist create it
if (!is_dir($upDir)) {
mkdir($upDir, 0755);
}
// upload the file
move_uploaded_file($tmpName, $upDir . DIRECTORY_SEPARATOR . $name);
}
}
}
}
}
}
// if we are redirecting to a url, redirect them
switch ($surveyData['after_submit']) {
case 'show_uri':
header('Location: ' . $surveyApi->show_uri);
exit;
break;
case 'show_message':
IEM::sessionSet('survey.addon.' . $formId . '.successMessage', $surveyApi->show_message);
default:
// redirect back
$this->redirectToReferer();
}
}
/**
* ShowLoginForm
* This shows the login form.
* If there is a template to use in the data/templates folder it will use that as the login form.
* Otherwise it uses the default one below. If you pass in a message it will show that message above the login form.
*
* @param String $template Uses the template passed in for the message (eg success / error).
* @param String $msg Prints the message passed in above the login form (eg unsuccessful attempt).
*
* @see FetchTemplate
* @see PrintHeader
* @see PrintFooter
*
* @return Void Doesn't return anything, just prints the login form.
*/
function ShowLoginForm($template=false, $msg=false)
{
if (!IEM::getCurrentUser()) {
$this->GlobalAreas['InfoTips'] = '';
}
$this->PrintHeader(true);
$GLOBALS['Message'] = GetLang('Help_Login');
if ($template && $msg) {
switch ($template) {
case 'login_error':
$GLOBALS['Error'] = $msg;
break;
case 'login_success':
$this->GlobalAreas['Success'] = $msg;
break;
}
$GLOBALS['Message'] = $this->ParseTemplate($template,true);
}
$username = IEM::requestGetPOST('ss_username', false);
if ($username) {
$GLOBALS['ss_username'] = htmlspecialchars($username, ENT_QUOTES, SENDSTUDIO_CHARSET);
}
$GLOBALS['ss_takemeto'] = 'index.php';
$loginPreference = IEM::requestGetCookie('IEM_LoginPreference', array());
if (is_array($loginPreference) && isset($loginPreference['takemeto'])) {
$GLOBALS['ss_takemeto'] = $loginPreference['takemeto'];
}
$this->GlobalAreas['SubmitAction'] = 'Login';
$this->ParseTemplate('login');
$this->PrintFooter(true);
}
/**
* _save
* Save record (edit/create)
*
* @param Array $parameters Any parameters that need to be parsed to this function (OPTIONAL)
* @return String Returns response string that can be outputted to the browser
*
* @uses SendStudio_Functions::_getPOSTRequest()
* @uses SendStudio_Functions::GetApi()
* @uses TriggerEmails_API::Save()
* @uses TriggerEmails::_getEditor()
* @uses FlashMessage()
*/
private function _save($parameters = array())
{
if (IEM::requestGetPOST('ProcessThis', 0, 'intval') != 1) {
return $this->_manage($parameters);
}
$api = $this->GetApi();
$record = IEM::requestGetPOST('record', array());
if (empty($record['triggeremailsid'])) {
if (!$parameters['user']->HasAccess('triggeremails', 'create')) {
$this->DenyAccess();
exit();
}
} else {
if (!$parameters['user']->HasAccess('triggeremails', 'edit')) {
$this->DenyAccess();
exit();
}
if (!$parameters['user']->Admin() && !$api->IsOwner($record['triggeremailsid'], $parameters['user']->userid)) {
$this->DenyAccess();
exit();
}
}
// If triggeremailsid is specified, load the record from database,
// if error is encountered, flash error message, and return to the editor page
if (!empty($record['triggeremailsid'])) {
$status = $api->Load(intval($record['triggeremailsid']));
if (!$status) {
FlashMessage(GetLang('TriggerEmails_Cannot_Load_Record'), SS_FLASH_MSG_ERROR);
return $this->_getEditor($parameters, $record);
}
}
// Check permission for parameters entered in
if (!$this->_checkUserResourcePermission($record, $parameters['user'])) {
$GLOBALS['Error'] = GetLang('TriggerEmails_Form_Save_Failed_Permission');
$parameters['message'] .= $this->ParseTemplate('errormsg', true);
unset($GLOBALS['Error']);
return $this->_getEditor($parameters, $record);
}
// Overwrite bounce email if user can't specify their own
if (!$parameters['user']->HasAccess('Lists', 'BounceSettings') && isset($record['triggeractions']) && isset($record['triggeractions']['send']) && isset($record['triggeractions']['send']['enabled']) && $record['triggeractions']['send']['enabled']) {
$record['triggeractions']['send']['bounceemail'] = SENDSTUDIO_BOUNCE_ADDRESS;
}
// Populate the API
foreach ($record as $property => $value) {
if ($property != 'triggeremailsid') {
$api->{$property} = $value;
}
}
// Set up owner ID
$api->ownerid = $parameters['user']->userid;
// Save
$triggerid = $api->Save();
if ($triggerid === false) {
$GLOBALS['Error'] = GetLang('TriggerEmails_Form_Save_Failed');
$parameters['message'] .= $this->ParseTemplate('errormsg', true);
unset($GLOBALS['Error']);
return $this->_getEditor($parameters, $record);
} else {
FlashMessage(GetLang('TriggerEmails_Form_Save_Success'), SS_FLASH_MSG_SUCCESS, 'index.php?Page=TriggerEmails');
return $this->_manage($parameters);
}
}
$function_params = false;
// -----
// SimpleXML extensions needs to be loaded
if (!extension_loaded('SimpleXML')) {
SendResponse(false, 'The XML-API requires the SimpleXML extension to be loaded.');
}
if (defined('IEM_SYSTEM_ACTIVE') && !IEM_SYSTEM_ACTIVE) {
SendResponse(false, 'Error: Please contact your system admin!');
}
// ----- Get XML object
$tempXMLString = IEM::requestGetPOST('xml', '', 'trim');
// They do not parse the XML string into the POST parameter, so getting it from php://input stream
if (empty($tempXMLString)) {
$tempXMLString = file_get_contents('php://input');
}
$tempXMLString = trim($tempXMLString);
// Make sure XML request is NOT empty
if (empty($tempXMLString)) {
SendResponse(false, 'No data has been given to the XML-API.');
}
/**
* we can't use a try/catch and a 'new SimpleXMLObject' here because php4 throws a parse error when it hits the 'try' line.
