function slashStrip($input)
{
if (is_array($input)) {
foreach ($input as $key => $value) {
$input[$key] = Pommo_Helper::slashStrip($value);
}
return $input;
} else {
return stripslashes($input);
}
}
function check_notifyMails($value, $empty, &$params, &$formvars)
{
$mails = Pommo_Helper::trimArray(explode(',', $value));
$ret = true;
foreach ($mails as $mail) {
if (!empty($mail) && !Pommo_Helper::isEmail($mail)) {
$ret = false;
}
}
return $ret;
}
function Pommo_Template()
{
// set theme -- TODO; extend this to the theme selector
$this->_pommoTheme = 'default';
// set directories
$this->_themeDir = Pommo::$_baseDir . 'themes/';
$this->template_dir = $this->_themeDir . $this->_pommoTheme;
$this->config_dir = $this->template_dir . '/inc/config';
// set base/core variables available to all template
$this->assign('url', array('theme' => array('shared' => Pommo::$_baseUrl . 'themes/shared/', 'this' => Pommo::$_baseUrl . 'themes/' . $this->_pommoTheme . '/'), 'base' => Pommo::$_baseUrl, 'http' => Pommo::$_http));
$this->assign('config', @array('app' => array('path' => Pommo::$_baseDir, 'weblink' => '<a href="http://github.com/soonick/poMMo">' . Pommo::_T('poMMo Website') . '</a>', 'dateformat' => Pommo_Helper::timeGetFormat()), 'site_name' => Pommo::$_config['site_name'], 'site_url' => Pommo::$_config['site_url'], 'list_name' => Pommo::$_config['list_name'], 'admin_email' => Pommo::$_config['admin_email'], 'demo_mode' => Pommo::$_config['demo_mode']));
// set gettext overload functions (see block.t.php...)
$this->_gettext_func = array('Pommo', '_T');
// calls Pommo::_T($str)
$this->_gettext_plural_func = array('Pommo', '_TP');
// assign page title
$this->assign('title', '. ..poMMo.. .');
// assign section (used for sidebar template)
$this->assign('section', Pommo::$_section);
}
}
// check for dupe
$lookupID = current(Pommo_Subscribers::getIDByEmail($subscriber['email'], array(1, 2)));
if ($lookupID && $lookupID != $subscriber['id']) {
$json->fail(Pommo::_T('Email address already exists. Duplicates are not allowed.'));
}
if (!Pommo_Validate::subscriberData($subscriber['data'], $validateOptions) && !isset($_REQUEST['force'])) {
$json->addErr(Pommo::_T('Fields failed validation') . " >>> ");
$json->addErr($logger->getAll());
$json->fail(Pommo::_T('Error updating subscriber.'));
}
if (!Pommo_Subscribers::update($subscriber, 'REPLACE_ALL')) {
$json->fail(Pommo::_T('Error updating subscriber.'));
}
// subscriber updated successfully, build output
$out = array('email' => $subscriber['email'], 'id' => $subscriber['id']);
// return human readable date formatting
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$dateFields = Pommo_Fields::getByType('date');
foreach ($subscriber['data'] as $k => $val) {
$out['d' . $k] = in_array($k, $dateFields) ? Pommo_Helper::timeToStr($val) : htmlspecialchars($val);
}
$json->add('callbackFunction', 'editSubscriber');
$json->add('callbackParams', $out);
$json->addMsg(Pommo::_T('Subscriber Updated'));
break;
default:
die('invalid request passed to ' . __FILE__);
break;
}
$json->success();
require_once Pommo::$_baseDir . 'classes/Pommo_Template.php';
$smarty = new Pommo_Template();
$group = current(Pommo_Groups::get(array('id' => $state['group'])));
if (empty($group)) {
die('invalid input');
}
if ($_REQUEST['ruleType'] == 'field') {
$field = current(Pommo_Fields::get(array('id' => $_REQUEST['fieldID'])));
$logic = isset($_REQUEST['logic']) && $_REQUEST['logic'] != "0" ? $_REQUEST['logic'] : false;
$type = $_REQUEST['type'] == 'or' ? 'or' : 'and';
$values = array();
// check to see if we're editing [logic is passed *only* when edit button is clicked]
if ($logic) {
foreach ($group['rules'] as $rule) {
if ($rule['logic'] == $logic && $rule['field_id'] == $_REQUEST['fieldID']) {
$values[] = $field['type'] == 'date' ? Pommo_Helper::timeFromStr($rule['value']) : $rule['value'];
}
}
}
$firstVal = empty($values) ? false : array_shift($values);
$logic = $logic ? Pommo_Rules::getEnglish(array($logic)) : Pommo_Rules::getEnglish(end(Pommo_Rules::getLegal($group, array($field))));
$smarty->assign('type', $type);
$smarty->assign('field', $field);
$smarty->assign('logic', $logic);
$smarty->assign('values', $values);
$smarty->assign('firstVal', $firstVal);
$smarty->display('ajax/rule.field.tpl');
Pommo::kill();
} elseif ($_REQUEST['ruleType'] == 'group') {
$match = Pommo_Groups::getNames($_REQUEST['fieldID']);
$key = key($match);
function subscriberData(&$in, $p = array())
{
$defaults = array('prune' => true, 'active' => true, 'log' => true, 'ignore' => false, 'ignoreInactive' => true, 'skipReq' => false);
$p = Pommo_Api::getParams($defaults, $p);
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$logger = Pommo::$_logger;
$fields = Pommo_Fields::get(array('active' => $p['active']));
$valid = true;
foreach ($fields as $id => $field) {
$inactive = $field['active'] == 'on' ? false : true;
if (!isset($in[$id]) && $p['skipReq']) {
continue;
}
$in[$id] = @trim($in[$id]);
if (empty($in[$id])) {
unset($in[$id]);
// don't include blank values
if ($field['required'] == 'on') {
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('%s is a required field.'), $field['prompt']));
}
$valid = false;
}
continue;
}
// shorten
$in[$id] = substr($in[$id], 0, 255);
switch ($field['type']) {
case "checkbox":
if (strtolower($in[$id]) == 'true') {
$in[$id] = 'on';
}
if (strtolower($in[$id]) == 'false') {
$in[$id] = '';
}
if ($in[$id] != 'on' && $in[$id] != '') {
if ($p['ignore'] || $inactive && $p['ignoreInactive']) {
unset($in[$id]);
break;
}
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt']));
}
$valid = false;
}
break;
case "multiple":
if (is_array($in[$id])) {
foreach ($in[$id] as $key => $val) {
if (!in_array($val, $field['array'])) {
if ($p['ignore'] || $inactive && $p['ignoreInactive']) {
unset($in[$id]);
break;
}
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt']));
}
$valid = false;
}
}
} elseif (!in_array($in[$id], $field['array'])) {
if ($p['ignore'] || $inactive && $p['ignoreInactive']) {
unset($in[$id]);
break;
}
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('Illegal input for field %s.'), $field['prompt']));
}
$valid = false;
}
break;
case "date":
// convert date to timestamp [float; using adodb time library]
if (is_numeric($in[$id])) {
$in[$id] = Pommo_Helper::timeToStr($in[$id]);
}
$in[$id] = Pommo_Helper::timeFromStr($in[$id]);
if (!$in[$id]) {
if ($p['ignore'] || $inactive && $p['ignoreInactive']) {
unset($in[$id]);
break;
}
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('Field (%s) must be a date (' . Pommo_Helper::timeGetFormat() . ').'), $field['prompt']));
}
$valid = false;
}
break;
case "number":
if (!is_numeric($in[$id])) {
if ($p['ignore'] || $inactive && $p['ignoreInactive']) {
unset($in[$id]);
break;
}
if ($p['log']) {
$logger->addErr(sprintf(Pommo::_T('Field (%s) must be a number.'), $field['prompt']));
}
$valid = false;
}
break;
}
}
// prune
if ($p['prune']) {
$in = Pommo_Helper::arrayIntersect($in, $fields);
}
return $valid;
}
if ($logger->isErr() || !Pommo_Validate::subscriberData($subscriber['data'], array('active' => FALSE))) {
$smarty->assign('back', TRUE);
$smarty->display('user/process.tpl');
Pommo::kill();
}
$comments = isset($_POST['comments']) ? substr($_POST['comments'], 0, 255) : false;
/**********************************
ADD SUBSCRIBER
*********************************/
$config = Pommo_Api::configGet(array('site_success', 'site_confirm', 'list_confirm', 'notices'));
$notices = unserialize($config['notices']);
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
if ($config['list_confirm'] == 'on') {
// email confirmation required.
// add user as "pending"
$subscriber['pending_code'] = Pommo_Helper::makeCode();
$subscriber['pending_type'] = 'add';
$subscriber['status'] = 2;
$id = Pommo_Subscribers::add($subscriber);
if (!$id) {
$logger->addErr('Error adding subscriber! Please contact the administrator.');
$smarty->assign('back', TRUE);
} else {
$logger->addMsg(Pommo::_T('Subscription request received.'));
// send confirmation message.
if (Pommo_Helper_Messages::sendMessage(array('to' => $subscriber['email'], 'code' => $subscriber['pending_code'], 'type' => 'confirm'))) {
$subscriber['registered'] = date("F j, Y, g:i a", $subscriber['registered']);
if ($comments || isset($notices['pending']) && $notices['pending'] == 'on') {
Pommo_Helper_Messages::notify($notices, $subscriber, 'pending', $comments);
}
if ($config['site_confirm']) {
static function &stateInit($name = 'default', $defaults = array(), $source = array())
{
if (empty(Pommo::$_session['state'][$name])) {
Pommo::$_session['state'][$name] =& $defaults;
}
$state =& Pommo::$_session['state'][$name];
if (empty($defaults)) {
return $state;
}
//Add support for passing multi select options
if (is_array($source)) {
foreach ($source as $k => $v) {
if (is_array($source[$k])) {
$source[$k] = implode(',', $source[$k]);
}
}
}
foreach (array_keys($state) as $key) {
if (array_key_exists($key, $source)) {
$state[$key] = $source[$key];
}
}
// normalize the page state
if (count($state) > count($defaults)) {
$state = Pommo_Helper::arrayIntersect($state, $defaults);
}
return $state;
}
function optionAdd(&$field, $value)
{
$dbo =& Pommo::$_dbo;
$logger =& Pommo::$_logger;
$value = Pommo_Helper::trimArray(explode(',', $value));
// add value to the array
$field['array'] = array_unique(array_merge($field['array'], $value));
$o = serialize($field['array']);
$query = "\n UPDATE " . $dbo->table['fields'] . "\n SET field_array='%s'\n WHERE field_id=%i";
$query = $dbo->prepare($query, array($o, $field['id']));
return $dbo->affected($query) > 0 ? $field['array'] : FALSE;
}
function addFieldRule(&$group, &$field, &$logic, &$values, $type = 0)
{
global $pommo;
$dbo =& Pommo::$_dbo;
$type = $type == 'or' ? 1 : 0;
// remove previous filters
Pommo_Rules::deleteRule($group, $field, $logic);
// get the field
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$field = current(Pommo_Fields::get(array('id' => $field)));
foreach ($values as $value) {
// if this is a date type field, convert the values from human readable date
// strings to timestamps appropriate for matching
if ($field['type'] == 'date') {
$value = Pommo_Helper::timeFromStr($value);
}
$v[] = $dbo->prepare("(%i,%i,'%s','%s',%i)", array($group, $field['id'], $logic, $value, $type));
}
$query = "\n\t\t\tINSERT INTO " . $dbo->table['group_rules'] . "\n\t\t\t(group_id, field_id, logic, value, type)\n\t\t\tVALUES " . implode(',', $v);
return $dbo->affected($query);
}
function notify(&$notices, &$sub, $type, $comments = false)
{
global $pommo;
require_once Pommo::$_baseDir . 'classes/Pommo_Mailer.php';
$mails = Pommo_Helper::trimArray(explode(',', $notices['email']));
if (empty($mails[0])) {
$mails = array(Pommo::$_config['admin_email']);
}
$subject = $notices['subject'] . ' ';
$body = sprintf(Pommo::_T('poMMo %s Notice'), $type);
$body .= " [" . date("F j, Y, g:i a") . "]\n\n";
$body .= "EMAIL: " . $sub['email'] . "\n";
$body .= "IP: " . $sub['ip'] . "\n";
$body .= "REGISTERED: " . $sub['registered'] . "\n\n";
if ($comments) {
$body .= "COMMENTS: {$comments} \n\n";
}
$body .= "DATA:\n";
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$fields = Pommo_Fields::getNames();
foreach ($sub['data'] as $fid => $v) {
$body .= "\t" . $fields[$fid] . ": {$v}\n";
}
switch ($type) {
case 'subscribe':
$subject .= Pommo::_T('new subscriber!');
break;
case 'unsubscribe':
$subject .= Pommo::_T('user unsubscribed.');
break;
case 'pending':
$subject .= Pommo::_T('new pending!');
break;
case 'update':
$subject .= Pommo::_T('subscriber updated.');
break;
}
$mail = new Pommo_Mailer();
// allow mail to be sent, even if demo mode is on
$mail->toggleDemoMode("off");
// send the confirmation mail
$mail->prepareMail($subject, $body);
foreach ($mails as $to) {
$mail->bmSendmail($to);
}
// reset demo mode to default
$mail->toggleDemoMode();
return;
}
function add(&$in)
{
$dbo = Pommo::$_dbo;
// set the start time if not provided
if (empty($in['start'])) {
$in['start'] = time();
}
if (empty($in['sent'])) {
$in['sent'] = 0;
}
if (!Pommo_Mailing::validate($in)) {
return false;
}
// Add image to track views
if (1 == $in['track']) {
$in['body'] .= '<img src="http://' . $_SERVER['SERVER_NAME'] . Pommo::$_baseUrl . 'track-[[!mailing_id]]-[[!subscriber_id]]' . '.png">';
}
$query = "INSERT INTO " . $dbo->table['mailings'] . "\n SET\n [fromname='%S',]\n [fromemail='%S',]\n [frombounce='%S',]\n [subject='%S',]\n [body='%S',]\n [altbody='%S',]\n [ishtml='%S',]\n [mailgroup='%S',]\n [subscriberCount=%I,]\n [finished=FROM_UNIXTIME(%I),]\n [sent=%I,]\n [charset='%S',]\n [status=%I,]\n [track=%I,]\n started=FROM_UNIXTIME(%i)";
$query = $dbo->prepare($query, @array($in['fromname'], $in['fromemail'], $in['frombounce'], $in['subject'], $in['body'], $in['altbody'], $in['ishtml'], $in['group'], $in['tally'], $in['end'], $in['sent'], $in['charset'], $in['status'], $in['track'], $in['start']));
// fetch new mailing_id
$id = $dbo->lastId($query);
if (!$id) {
return false;
}
// Save the attachments
if ($in['attachments']) {
$attach = explode(',', $in['attachments']);
foreach ($attach as $key => $attachment) {
$query = "INSERT INTO " . $dbo->table['mailings_attachments'] . "\n SET\n [mailing_id='%I',]\n [file_id='%I']";
$query = $dbo->prepare($query, @array($id, $attachment));
$dbo->query($query);
}
}
// insert current if applicable
if (!empty($in['status']) && $in['status'] == 1) {
if (empty($in['code'])) {
$in['code'] = Pommo_Helper::makeCode();
}
$query = "INSERT INTO " . $dbo->table['mailing_current'] . "\n SET\n [command='%S',]\n [serial=%I,]\n [securityCode='%S',]\n [current_status='%S',]\n current_id=%i";
$query = $dbo->prepare($query, @array($in['command'], $in['serial'], $in['code'], $in['current_status'], $id));
if (!$dbo->query($query)) {
return false;
}
return $in['code'];
}
return $id;
}
foreach ($row as $key => $col) {
$fid =& $_POST['f'][$key];
if (is_numeric($fid)) {
$subscriber['data'][$fid] = $col;
} elseif ($fid == 'email' && Pommo_Helper::isEmail($col)) {
$subscriber['email'] = $col;
} elseif ($fid == 'registered') {
$subscriber['registered'] = Pommo_Helper::timeFromStr($col);
} elseif ($fid == 'ip') {
$subscriber['ip'] = $col;
}
}
if ($subscriber['email']) {
// check for dupe
// TODO -- DO THIS IN BATCH ??
if (Pommo_Helper::isDupe($subscriber['email'], $includeUnsubscribed)) {
$dupes++;
$dupe_emails[] = $subscriber['email'];
continue;
}
// validate/fix data
if (!Pommo_Validate::subscriberData($subscriber['data'], array('log' => false, 'ignore' => true, 'active' => false))) {
$subscriber['flag'] = 9;
}
// add subscriber
if (Pommo_Subscribers::add($subscriber)) {
$tally++;
if (isset($subscriber['flag'])) {
$flagged++;
}
}
}
$config = Pommo_Api::configGet(array('notices'));
$notices = unserialize($config['notices']);
if (!isset($_POST['d'])) {
$view->assign('d', $subscriber['data']);
}
// check for an update + validate new subscriber info (also converts dates to ints)
if (!empty($_POST['update']) && Pommo_Validate::subscriberData($_POST['d'])) {
$newsub = array('id' => $subscriber['id'], 'email' => $subscriber['email'], 'data' => $_POST['d']);
if (!empty($_POST['newemail'])) {
// if change in email, validate and send confirmation of update
if ($_POST['newemail'] != $_POST['newemail2']) {
$logger->addErr(Pommo::_T('Emails must match.'));
} elseif (!Pommo_Helper::isEmail($_POST['newemail'])) {
$logger->addErr(Pommo::_T('Invalid Email Address'));
} elseif (Pommo_Helper::isDupe($_POST['newemail'])) {
$logger->addMsg(Pommo::_T('Email address already exists. Duplicates are not allowed.'));
} else {
$newsub['email'] = $_POST['newemail'];
$code = Pommo_Pending::add($newsub, 'change');
if (!$code) {
die('Failed to Generate Pending Subscriber Code');
}
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
Pommo_Helper_Messages::sendMessage(array('to' => $newsub['email'], 'code' => $code, 'type' => 'update'));
if (isset($notices['update']) && $notices['update'] == 'on') {
Pommo_Helper_Messages::notify($notices, $newsub, 'update');
}
}
} elseif (!Pommo_Subscribers::update($newsub, 'REPLACE_ACTIVE')) {
$logger->addErr('Error updating subscriber.');
public static function get($p = array(), $search = array('field' => null, 'string' => null))
{
$defaults = array('status' => 'all', 'email' => null, 'sort' => null, 'order' => null, 'limit' => null, 'offset' => null, 'id' => null);
$p = Pommo_Api::getParams($defaults, $p);
$dbo = Pommo::$_dbo;
if ($p['status'] == 'all') {
$p['status'] = null;
}
if (is_numeric($p['limit']) && !is_numeric($p['offset'])) {
$p['offset'] = 0;
}
$o = array();
$query = "\n SELECT\n s.subscriber_id,\n s.email,\n s.time_touched,\n s.time_registered,\n s.flag,\n INET_NTOA(s.ip) ip,\n s.status,\n p.pending_code,\n p.pending_array,\n p.pending_type" . (is_numeric($p['sort']) ? ", d.value" : '') . (is_numeric($search['field']) ? ", search.value" : '') . " FROM " . $dbo->table['subscribers'] . " s\n LEFT JOIN " . $dbo->table['subscriber_pending'] . " p ON (s.subscriber_id = p.subscriber_id) " . (is_numeric($p['sort']) ? "LEFT JOIN (SELECT * FROM " . $dbo->table['subscriber_data'] . " WHERE field_id = " . (int) $p['sort'] . " ) AS d" . " ON (s.subscriber_id = d.subscriber_id)" : '') . (is_numeric($search['field']) ? "LEFT JOIN (SELECT value FROM " . $dbo->table['subscriber_data'] . " WHERE field_id = " . (int) $search['field'] . " ) AS search" . " ON (s.subscriber_id = search.subscriber_id)" : '') . " WHERE\n 1\n [AND s.subscriber_id IN(%C)]\n [AND s.status=%I]\n [AND s.email IN (%Q)]\n [AND %S LIKE '%%S%']\n [ORDER BY %S] [%S]\n [LIMIT %I, %I]";
// Check if we're sorting against a field.
// If so, sort against the "value" column select.
// If it's a numeric field, cast the value (string) as an Integer by the DBE for proper sorting.
if (is_numeric($p['sort'])) {
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$numericFields = Pommo_Fields::getByType(array('date', 'number'));
$p['sort'] = in_array($p['sort'], $numericFields) ? 'CAST(value as SIGNED)' : 'value';
}
// If we're searching/filtering, generate the proper SQL
$searchSQL = NULL;
if (!empty($search['field']) && !empty($search['string'])) {
// make MySQL LIKE() compliant
$search['string'] = addcslashes($search['string'], '%_');
$search['field'] = is_numeric($search['field']) ? 'search.value' : 's.' . $search['field'];
}
$query = $dbo->prepare($query, array($p['id'], $p['status'], $p['email'], $search['field'], $search['string'], $p['sort'], $p['order'], $p['offset'], $p['limit']));
while ($row = $dbo->getRows($query)) {
$o[$row['subscriber_id']] = empty($row['pending_code']) ? Pommo_Subscribers::makeDB($row) : Pommo_Subscribers::makeDB($row, TRUE);
}
// fetch data
if (!empty($o)) {
// get any date fields for conversion. We can't use the MySQL 4.1/5
// engine, as it doesn't support negative timestamps... !!!
require_once Pommo::$_baseDir . 'classes/Pommo_Fields.php';
$dates = Pommo_Fields::getByType('date');
$query = "\n SELECT\n field_id,\n value,\n subscriber_id\n FROM\n " . $dbo->table['subscriber_data'] . "\n WHERE\n subscriber_id IN(%c)";
$query = $dbo->prepare($query, array(array_keys($o)));
while ($row = $dbo->getRows($query)) {
$o[$row['subscriber_id']]['data'][$row['field_id']] = in_array($row['field_id'], $dates) ? Pommo_Helper::timeToStr($row['value']) : $row['value'];
}
}
return $o;
}
public static function preInit($baseDir)
{
// Remove quotes added by magic_quotes
if (get_magic_quotes_gpc()) {
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {
unset($process[$key][$k]);
if (is_array($v)) {
$process[$key][stripslashes($k)] = $v;
$process[] =& $process[$key][stripslashes($k)];
} else {
$process[$key][stripslashes($k)] = stripslashes($v);
}
}
}
unset($process);
}
self::$_baseDir = $baseDir;
self::$_config = array();
self::$_auth = null;
self::$_escaping = false;
require_once self::$_baseDir . 'classes/Pommo_Log.php';
require_once self::$_baseDir . 'lib/SafeSQL.class.php';
require_once self::$_baseDir . 'classes/Pommo_Db.php';
require_once self::$_baseDir . 'classes/Pommo_Auth.php';
// initialize logger
// Check where this config variable comes from
self::$_logger = new Pommo_Log();
self::$_workDir = empty($config['workDir']) ? self::$_baseDir . 'cache' : $config['workDir'];
self::$_debug = strtolower($config['debug']) != 'on' ? false : true;
self::$_default_subscriber_sort = empty($config['default_subscriber_sort']) ? 'email' : $config['default_subscriber_sort'];
self::$_verbosity = empty($config['verbosity']) ? 3 : $config['verbosity'];
self::$_logger->_verbosity = self::$_verbosity;
self::$_dateformat = $config['date_format'] >= 1 && $cofig['date_format'] <= 3 ? intval($config['date_format']) : 1;
// set base URL (e.g. http://mysite.com/news/pommo => 'news/pommo/')
if (isset($config['baseURL'])) {
self::$_baseUrl = $config['baseURL'];
} else {
// If we're called from an embedded script, read baseURL from
// "last known good". Else, set it based off of REQUEST.
if (defined('_poMMo_embed')) {
require_once self::$_baseDir . 'classes/Pommo_Helper_Maintenance.php';
self::$_baseUrl = Pommo_Helper_Maintenance::rememberBaseURL();
} else {
$regex = '@/(ajax|inc|setup|user|install|support(/tests|/util)?|' . 'admin(/subscribers|/user|/mailings|/setup)?' . '(/ajax|/mailing|/config)?)$@i';
// This is to fix backslashes on windows systems
$dirname = str_replace('\\', '/', dirname($_SERVER['PHP_SELF']));
$baseUrl = preg_replace($regex, '', $dirname);
self::$_baseUrl = $baseUrl == '/' ? $baseUrl : $baseUrl . '/';
}
}
// read in config.php (configured by user)
$config = Pommo_Helper::parseConfig(self::$_baseDir . 'config.php');
// check to see if config.php was "properly" loaded
if (count($config) < 5) {
self::$_hasConfigFile = false;
return self::$_hasConfigFile;
}
self::$_hasConfigFile = true;
// the regex strips port info from hostname
self::$_hostname = empty($config['hostname']) ? preg_replace('/:\\d+$/i', '', $_SERVER['HTTP_HOST']) : $config['hostname'];
self::$_hostport = empty($config['hostport']) ? $_SERVER['SERVER_PORT'] : $config['hostport'];
self::$_ssl = !isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on' ? false : true;
self::$_http = (self::$_ssl ? 'https://' : 'http://') . self::$_hostname;
if (self::$_hostport != 80 && self::$_hostport != 443) {
self::$_http .= ':' . self::$_hostport;
}
self::$_language = empty($config['lang']) ? 'en' : strtolower($config['lang']);
self::$_slanguage = defined('_poMMo_lang') ? _poMMo_lang : false;
// include translation (l10n) methods if language is not English
self::$_l10n = FALSE;
if (self::$_language != 'en') {
self::$_l10n = TRUE;
require_once self::$_baseDir . 'classes/Pommo_Helper_L10n.php';
Pommo_Helper_L10n::init(self::$_language, self::$_baseDir);
}
// set the current "section" -- should be "user" for /user/* files,
// "mailings" for /admin/mailings/* files, etc. etc.
self::$_section = preg_replace('@^admin/?@i', '', str_replace(self::$_baseUrl, '', dirname($_SERVER['PHP_SELF'])));
$db_conn_compress = strtolower($config['db_conn_compress']) != 'on' ? 0 : MYSQL_CLIENT_COMPRESS;
$db_conn_secure = strtolower($config['db_conn_secure']) != 'on' ? 0 : MYSQL_CLIENT_SSL;
// initialize database link
self::$_dbo = @new Pommo_Db($config['db_username'], $config['db_password'], $config['db_database'], $config['db_hostname'], $config['db_prefix'], $db_conn_compress, $db_conn_secure);
// turn off debugging if in user area
if (self::$_section == 'user') {
self::$_debug = false;
self::$_dbo->debug(FALSE);
}
// if debugging is set in config.php, enable debugging on the database.
if (self::$_debug) {
// don't enable debugging in ajax requests unless verbosity is < 3
if (Pommo_Helper::isAjax() && self::$_verbosity > 2) {
self::$_debug = false;
} else {
self::$_dbo->debug(TRUE);
}
}
return true;
}
function perform(&$in)
{
global $pommo;
$dbo =& Pommo::$_dbo;
$logger =& Pommo::$_logger;
if (!is_numeric($in['id']) || !is_numeric($in['subscriber_id'])) {
$logger->addErr('Pommo_Pending::perform() -> invalid pending object sent.');
return false;
}
switch ($in['type']) {
case 'add':
// subscribe
$query = "\n\t\t\t\t\tUPDATE " . $dbo->table['subscribers'] . "\n\t\t\t\t\tSET status=1\n\t\t\t\t\tWHERE subscriber_id=%i";
$query = $dbo->prepare($query, array($in['subscriber_id']));
if (!$dbo->query($query)) {
$logger->addErr('Pommo_Pending::perform() -> Error updating subscriber.');
return false;
}
break;
case 'change':
// update
require_once Pommo::$_baseDir . 'classes/Pommo_Subscribers.php';
$subscriber =& $in['array'];
if (!Pommo_Subscribers::update($subscriber, 'REPLACE_ACTIVE')) {
$logger->addErr('Pommo_Pending::perform() -> Error updating subscriber.');
return false;
}
break;
case 'password':
// change (admin) password
require_once Pommo::$_baseDir . 'classes/Pommo_Subscribers.php';
$password = Pommo_Helper::makePassword();
$config = Pommo_Api::configGet(array('admin_username', 'admin_email'));
if (!Pommo_Api::configUpdate(array('admin_password' => md5($password)), TRUE)) {
$logger->addMsg('Error updating password.');
return false;
}
$logger->addErr(sprintf(Pommo::_T('You may now %1$s login %2$s with username: %3$s and password: %4$s '), '<a href="' . Pommo::$_baseUrl . 'index.php">', '</a>', '<span style="font-size: 130%">' . $config['admin_username'] . '</span>', '<span style="font-size: 130%">' . $password . '</span>'));
break;
}
$query = "\n\t\t\tDELETE FROM " . $dbo->table['subscriber_pending'] . "\n\t\t\tWHERE pending_id=%i";
$query = $dbo->prepare($query, array($in['id']));
if (!$dbo->query($query)) {
$logger->addErr('Pommo_Pending::perform() -> Error removing pending entry.');
return false;
}
return true;
}
SmartyValidate::register_validator('email', 'Email', 'isEmail', false, false, 'trim');
$formError = array();
$formError['email'] = Pommo::_T('Invalid email address');
$smarty->assign('formError', $formError);
// Assign email to form if pre-provided
if (isset($_REQUEST['Email'])) {
$smarty->assign('Email', $_REQUEST['Email']);
} elseif (isset($_REQUEST['email'])) {
$smarty->assign('Email', $_REQUEST['email']);
}
} else {
// ___ USER HAS SENT FORM ___
SmartyValidate::connect($smarty);
if (SmartyValidate::is_valid($_POST)) {
// __ FORM IS VALID __
if (Pommo_Helper::isDupe($_POST['Email'])) {
if (Pommo_Pending::isEmailPending($_POST['Email'])) {
$input = urlencode(serialize(array('Email' => $_POST['Email'])));
SmartyValidate::disconnect();
Pommo::redirect('pending.php?input=' . $input);
} else {
// __ EMAIL IN SUBSCRIBERS TABLE, REDIRECT
SmartyValidate::disconnect();
Pommo::redirect('activate.php?email=' . $_POST['Email']);
}
} else {
// __ REPORT STATUS
$logger->addMsg(Pommo::_T('Email address not found! Please try again.'));
$logger->addMsg(sprintf(Pommo::_T('To subscribe, %sclick here%s'), '<a href="' . Pommo::$_baseUrl . 'subscribe.php?Email=' . $_POST['Email'] . '">', '</a>'));
}
}
$table = $dbo->table[$key];
$sql = 'DROP TABLE IF EXISTS ' . $table;
$dbo->query($sql);
}
if (isset($_REQUEST['debugInstall'])) {
$dbo->debug(TRUE);
}
$install = Pommo_Install::parseSQL();
if ($install) {
// installation of DB went OK, set configuration values to user supplied ones
$pass = $_POST['admin_password'];
// install configuration
$_POST['admin_password'] = md5($_POST['admin_password']);
Pommo_Api::configUpdate($_POST);
// generate key to uniquely identify this installation
$key = Pommo_Helper::makeCode(6);
Pommo_Api::configUpdate(array('key' => $key), TRUE);
Pommo::reloadConfig();
// load configuration [depricated?], set message defaults, load templates
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
Pommo_Helper_Messages::resetDefault('all');
// install templates
$file = Pommo::$_baseDir . 'sql/sql.templates.php';
if (!Pommo_Install::parseSQL(false, $file)) {
$logger->addErr('Error Loading Default Mailing Templates.');
}
$logger->addMsg(Pommo::_T('Installation Complete! You may now login and setup poMMo.'));
$logger->addMsg(Pommo::_T('Login Username: '******'admin');
$logger->addMsg(Pommo::_T('Login Password: '******'installed', TRUE);
} else {
<td><?php
echo $this->logicNames[$logic_id];
?>
</td>
<td>
<ul>
<?php
$first = true;
foreach ($values as $v) {
if ($v) {
if (!$first) {
echo '<br />(' . _('or') . ')';
}
if ('date' == $this->fields[$field_id]['type']) {
echo Pommo_Helper::timeToStr($v);
} else {
echo $v;
}
}
$first = false;
}
?>
</ul>
</td>
<td>
<select onChange="poMMo.callback.updateRule({fieldID:'<?php
echo $this->escape($field_id);
?>
',logic:'<?php
function validate()
{
if (empty($this->_fromname)) {
$this->logger->addMsg("Name cannot be blank.");
return false;
}
if (!Pommo_Helper::isEmail($this->_fromemail)) {
$this->logger->addMsg("From email must be a valid email address.");
return false;
}
if (!Pommo_Helper::isEmail($this->_frombounce)) {
$this->logger->addMsg("Bounce email must be a valid email address.");
return false;
}
if (empty($this->_subject)) {
$this->logger->addMsg("Subject cannot be blank.");
return false;
}
if (empty($this->_body)) {
$this->logger->addMsg("Message content cannot be blank.");
return false;
}
return true;
}
if (!move_uploaded_file($_FILES[$fname]['tmp_name'], Pommo::$_workDir . '/import.csv')) {
Pommo::kill('Could not write to temp CSV file (' . Pommo::$_workDir . '/import.csv)');
}
}
Pommo::set(array('preview' => $a));
Pommo::redirect('import_csv.php' . (isset($_REQUEST['excludeUnsubscribed']) ? '?excludeUnsubscribed=true' : ''));
} else {
// Saves all parsed E-mails in an array
$a = array();
while (($data = fgetcsv($fp, 2048, ',', '"')) !== false) {
foreach ($data as $email) {
if (Pommo_Helper::isEmail($email)) {
$email = strtolower($email);
$a[$email] = $email;
}
}
}
// Removes from the array E-mails that are already on the database
$includeUnsubscribed = isset($_REQUEST['excludeUnsubscribed']) ? false : true;
$dupes = Pommo_Helper::isDupe($a, $includeUnsubscribed);
if (!$dupes) {
$dupes = array();
}
$emails = array_diff($a, $dupes);
// Saves emails in session and redirects to confirmation page
Pommo::set(array('emails' => $emails, 'dupes' => count($dupes)));
Pommo::redirect('import_txt.php');
}
}
}
$view->display('admin/subscribers/subscribers_import');
public static function preInit($baseDir)
{
self::$_baseDir = $baseDir;
self::$_config = array();
self::$_auth = null;
self::$_escaping = false;
require_once self::$_baseDir . 'classes/Pommo_Log.php';
require_once self::$_baseDir . 'lib/SafeSQL.class.php';
require_once self::$_baseDir . 'classes/Pommo_Db.php';
require_once self::$_baseDir . 'classes/Pommo_Auth.php';
// initialize logger
// Check where this config variable comes from
self::$_logger = new Pommo_Log();
self::$_workDir = empty($config['workDir']) ? self::$_baseDir . 'cache' : $config['workDir'];
self::$_debug = strtolower($config['debug']) != 'on' ? false : true;
self::$_default_subscriber_sort = empty($config['default_subscriber_sort']) ? 'email' : $config['default_subscriber_sort'];
self::$_verbosity = empty($config['verbosity']) ? 3 : $config['verbosity'];
self::$_logger->_verbosity = self::$_verbosity;
self::$_dateformat = $config['date_format'] >= 1 && $cofig['date_format'] <= 3 ? intval($config['date_format']) : 1;
// set base URL (e.g. http://mysite.com/news/pommo => 'news/pommo/')
if (isset($config['baseURL'])) {
self::$_baseUrl = $config['baseURL'];
} else {
// If we're called from an embedded script, read baseURL from
// "last known good". Else, set it based off of REQUEST.
if (defined('_poMMo_embed')) {
require_once self::$_baseDir . 'classes/Pommo_Helper_Maintenance.php';
self::$_baseUrl = Pommo_Helper_Maintenance::rememberBaseURL();
} else {
$regex = '@/(ajax|inc|setup|user|install|support(/tests|/util)?|' . 'admin(/subscribers|/user|/mailings|/setup)?' . '(/ajax|/mailing|/config)?)$@i';
$baseUrl = preg_replace($regex, '', dirname($_SERVER['PHP_SELF']));
self::$_baseUrl = $baseUrl == '/' ? $baseUrl : $baseUrl . '/';
}
}
// read in config.php (configured by user)
$config = Pommo_Helper::parseConfig(self::$_baseDir . 'config.php');
// check to see if config.php was "properly" loaded
if (count($config) < 5) {
self::$_hasConfigFile = false;
return self::$_hasConfigFile;
}
self::$_hasConfigFile = true;
// the regex strips port info from hostname
self::$_hostname = empty($config['hostname']) ? preg_replace('/:\\d+$/i', '', $_SERVER['HTTP_HOST']) : $config['hostname'];
self::$_hostport = empty($config['hostport']) ? $_SERVER['SERVER_PORT'] : $config['hostport'];
self::$_ssl = !isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) != 'on' ? false : true;
self::$_http = (self::$_ssl ? 'https://' : 'http://') . self::$_hostname;
if (self::$_hostport != 80 && self::$_hostport != 443) {
self::$_http .= ':' . self::$_hostport;
}
self::$_language = empty($config['lang']) ? 'en' : strtolower($config['lang']);
self::$_slanguage = defined('_poMMo_lang') ? _poMMo_lang : false;
// include translation (l10n) methods if language is not English
self::$_l10n = FALSE;
if (self::$_language != 'en') {
self::$_l10n = TRUE;
require_once self::$_baseDir . 'classes/Pommo_Helper_L10n.php';
Pommo_Helper_L10n::init(self::$_language, self::$_baseDir);
}
// make sure workDir is writable
if (!is_dir(self::$_workDir . '/pommo/smarty')) {
$wd = self::$_workDir;
self::$_workDir = null;
if (!is_dir($wd)) {
Pommo::kill(sprintf(Pommo::_T('Work Directory (%s) not found!
Make sure it exists and the webserver can write to it.
You can change its location from the config.php file.'), $wd));
}
if (!is_writable($wd)) {
Pommo::kill(sprintf(Pommo::_T('Cannot write to Work Directory
(%s). Make sure it has the proper permissions.'), $wd));
}
if ('1' == ini_get('safe_mode')) {
Pommo::kill(sprintf(Pommo::_T('Working Directory (%s) cannot be
created under PHP SAFE MODE. See Documentation, or
disable SAFE MODE.'), $wd));
}
if (!is_dir($wd . '/pommo')) {
if (!mkdir($wd . '/pommo')) {
Pommo::kill(Pommo::_T('Could not create directory') . ' ' . $wd . '/pommo');
}
}
if (!mkdir($wd . '/pommo/smarty')) {
Pommo::kill(Pommo::_T('Could not create directory') . ' ' . $wd . '/pommo/smarty');
}
self::$_workdir = $wd;
}
// set the current "section" -- should be "user" for /user/* files,
// "mailings" for /admin/mailings/* files, etc. etc.
self::$_section = preg_replace('@^admin/?@i', '', str_replace(self::$_baseUrl, '', dirname($_SERVER['PHP_SELF'])));
// initialize database link
self::$_dbo = @new Pommo_Db($config['db_username'], $config['db_password'], $config['db_database'], $config['db_hostname'], $config['db_prefix']);
// turn off debugging if in user area
if (self::$_section == 'user') {
self::$_debug = false;
self::$_dbo->debug(FALSE);
}
// if debugging is set in config.php, enable debugging on the database.
if (self::$_debug) {
// don't enable debugging in ajax requests unless verbosity is < 3
if (Pommo_Helper::isAjax() && self::$_verbosity > 2) {
self::$_debug = false;
} else {
self::$_dbo->debug(TRUE);
}
}
return true;
}
function smarty_modifier_pommoDateFormat($int)
{
return Pommo_Helper::timeToStr($int);
}
flush();
sleep(5);
if (!is_file(Pommo::$_workDir . '/mailing.test.php')) {
// make sure we can write to the file
if (!($handle = fopen(Pommo::$_workDir . '/mailing.test.php', 'w'))) {
Pommo::kill('Unable to write to test file!');
}
fclose($handle);
unlink(Pommo::$_workDir . '/mailing.test.php');
Pommo::kill('Initial Spawn Failed (test file not written to)! Test the mail processor.');
}
$die = false;
$time = 0;
while (!$die) {
sleep(10);
$o = Pommo_Helper::parseConfig(Pommo::$_workDir . '/mailing.test.php');
if (!isset($o['code']) || $o['code'] != $code) {
unlink(Pommo::$_workDir . '/mailing.test.php');
Pommo::kill('Spawning Failed. Codes did not match.');
}
if (!isset($o['time']) || $time >= $o['time'] || $o['time'] == 90) {
$die = true;
}
$time = $o['time'];
echo "{$time} seconds <br />";
ob_flush();
flush();
}
unlink(Pommo::$_workDir . '/mailing.test.php');
if ($time == 90) {
Pommo::kill('SUCCESS');
$logger->addErr('Unable to Add Subscriber');
} else {
// temp subscriber created
$state['tally'] = 1;
$state['group'] = Pommo::_T('Test Mailing');
if ($state['ishtml'] == 'off') {
$state['body'] = $state['altbody'];
$state['altbody'] = '';
}
// create mailing
$mailing = Pommo_Mailing::make(array(), TRUE);
$state['status'] = 1;
$state['current_status'] = 'stopped';
$state['command'] = 'restart';
$state['charset'] = $state['list_charset'];
$mailing = Pommo_Helper::arrayIntersect($state, $mailing);
$code = Pommo_Mailing::add($mailing);
// populate queue
$queue = array($key);
if (!Pommo_Mail_Ctl::queueMake($queue)) {
$logger->addErr('Unable to Populate Queue');
} else {
if (!Pommo_Mail_Ctl::spawn(Pommo::$_baseUrl . 'ajax/mailings_send4.php?test=TRUE&code=' . $code)) {
$logger->addErr('Unable to spawn background mailer');
} else {
$smarty->assign('sent', $_POST['email']);
}
}
}
} elseif ($current) {
$logger->addMsg(Pommo::_T('A mailing is currently taking place. Please try again later.'));
function rememberBaseURL()
{
$config = Pommo_Helper::parseConfig(Pommo::$_workDir . '/maintenance.php');
return $config['baseURL'];
}
function add(&$in)
{
$dbo =& Pommo::$_dbo;
// set the start time if not provided
if (empty($in['start'])) {
$in['start'] = time();
}
if (empty($in['sent'])) {
$in['sent'] = 0;
}
if (!Pommo_Mailing::validate($in)) {
return false;
}
$query = "\n\t\t\tINSERT INTO " . $dbo->table['mailings'] . "\n\t\t\tSET\n\t\t\t[fromname='%S',]\n\t\t\t[fromemail='%S',]\n\t\t\t[frombounce='%S',]\n\t\t\t[subject='%S',]\n\t\t\t[body='%S',]\n\t\t\t[altbody='%S',]\n\t\t\t[ishtml='%S',]\n\t\t\t[mailgroup='%S',]\n\t\t\t[subscriberCount=%I,]\n\t\t\t[finished=FROM_UNIXTIME(%I),]\n\t\t\t[sent=%I,]\n\t\t\t[charset='%S',]\n\t\t\t[status=%I,]\n\t\t\tstarted=FROM_UNIXTIME(%i)";
$query = $dbo->prepare($query, @array($in['fromname'], $in['fromemail'], $in['frombounce'], $in['subject'], $in['body'], $in['altbody'], $in['ishtml'], $in['group'], $in['tally'], $in['end'], $in['sent'], $in['charset'], $in['status'], $in['start']));
// fetch new subscriber's ID
$id = $dbo->lastId($query);
if (!$id) {
return false;
}
// insert current if applicable
if (!empty($in['status']) && $in['status'] == 1) {
if (empty($in['code'])) {
$in['code'] = Pommo_Helper::makeCode();
}
$query = "\n\t\t\tINSERT INTO " . $dbo->table['mailing_current'] . "\n\t\t\tSET\n\t\t\t[command='%S',]\n\t\t\t[serial=%I,]\n\t\t\t[securityCode='%S',]\n\t\t\t[current_status='%S',]\n\t\t\tcurrent_id=%i";
$query = $dbo->prepare($query, @array($in['command'], $in['serial'], $in['code'], $in['current_status'], $id));
if (!$dbo->query($query)) {
return false;
}
return $in['code'];
}
return $id;
}
