/wp-content/plugins/mailz/lists/admin/users.php
PHP | 326 lines | 296 code | 24 blank | 6 comment | 69 complexity | bd43a5a8386069da9f220b52ac5e46ae MD5 | raw file
- <?php
- ####################################################################
- # This file is a placeholder. Functionality is passed to commonlib #
- ####################################################################
- require_once dirname(__FILE__).'/accesscheck.php';
- $columns = array("messages","lists","bounces","rss","blacklist");
- include dirname(__FILE__).'/commonlib/pages/users.php';
- return;
- if (!$_SESSION["userlistfilter"]) {
- $_SESSION["userlistfilter"] = array();
- }
- if (isset($_GET["find"])) {
- if ($_GET["find"] == "NULL") {
- $_SESSION["userlistfilter"]["find"] = "";
- $_SESSION["userlistfilter"]["findby"] = "";
- } else {
- $_SESSION["userlistfilter"]["find"] = $_GET["find"];
- $_SESSION["userlistfilter"]["findby"] = $_GET["findby"];
- }
- }
- $find = $_SESSION["userlistfilter"]["find"];
- $findby = $_SESSION["userlistfilter"]["findby"];
- if (!$findby) {
- $findby = "email";
- }
- # hmm interesting, if they select a findby but not a find, use the Sql wildcard:
- if ($findby && !$find)
- $find = '%';
- $system_findby = array("email","foreignkey");
- if ($findby && $find && !in_array($findby,$system_findby) ) {
- $find_url = '&find='.urlencode($find)."&findby=".urlencode($findby);
- $findatt = Sql_Fetch_Array_Query("select id,tablename,type,name from {$tables["attribute"]} where id = $findby");
- switch ($findatt["type"]) {
- case "textline":
- case "hidden":
- $findtables = ','.$tables["user_attribute"];
- $findbyselect = sprintf(' %s.userid = %s.id and
- %s.attributeid = %d and %s.value like "%%%s%%"',
- $tables["user_attribute"],
- $tables["user"],
- $tables["user_attribute"],
- $findby,
- $tables["user_attribute"],
- $find
- );
- $findfield = $tables["user_attribute"].".value as display, ".$tables["user"].".bouncecount";
- $findfieldname = $findatt["name"];
- break;
- case "select":
- case "radio":
- $findtables = ','.$tables["user_attribute"].','.$table_prefix.'listattr_'.$findatt["tablename"];
- $findbyselect = sprintf(' %s.userid = %s.id and
- %s.attributeid = %d and %s.value = %s.id and
- %s.name like "%%%s%%"',
- $tables["user_attribute"],
- $tables["user"],
- $tables["user_attribute"],
- $findby,
- $tables["user_attribute"],
- $table_prefix.'listattr_'.$findatt["tablename"],
- $table_prefix.'listattr_'.$findatt["tablename"],
- $find);
- $findfield = $table_prefix.'listattr_'.$findatt["tablename"].".name as display, ".$tables["user"].".bouncecount";
- $findfieldname = $findatt["name"];
- break;
- }
- } else {
- $findtables = '';
- $findbyselect = sprintf(' %s like "%%%s%%"',$findby,$find);;
- $findfield = $tables["user"].".bouncecount,".$tables["user"].".rssfrequency,".$tables["user"].".foreignkey";
- $findfieldname = "Email";
- $find_url = '&find='.urlencode($find);
- }
- if ($require_login && !isSuperUser()) {
- $access = accessLevel("users");
- switch ($access) {
- case "owner":
- $table_list = $tables["user"].','.$tables["listuser"].','.$tables["list"].$findtables;
- $subselect = "{$tables["user"]}.id = {$tables["listuser"]}.userid and {$tables["listuser"]}.listid = {$tables["list"]}.id and {$tables["list"]}.owner = ".$_SESSION["logindetails"]["id"];
- if ($find) {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,confirmed from ".$table_list." where $subselect and $findbyselect";
- $count = Sql_query("SELECT count({$tables["user"]}.id) FROM ".$table_list ." where $subselect and $findbyselect");
- $unconfirmedcount = Sql_query("SELECT count({$tables["user"]}.id) FROM ".$table_list ." where $subselect and !confirmed and $findbyselect");
- } else {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,confirmed from ".$table_list." where $subselect";
- $count = Sql_query("SELECT count({$tables["user"]}.id) FROM ".$table_list ." where $subselect");
- $unconfirmedcount = Sql_query("SELECT count({$tables["user"]}.id) FROM ".$table_list ." where !confirmed and $subselect");
- }
- if ($_GET["unconfirmed"])
- $listquery .= ' and !confirmed ';
- if ($_GET["blacklisted"])
- $listquery .= ' and blacklisted ';
- break;
- case "all":
- case "view":
- $table_list = $tables["user"].$findtables;
- if ($find) {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from ".$table_list." where $findbyselect";
- $count = Sql_query("SELECT count(*) FROM ".$table_list ." where $findbyselect");
- $unconfirmedcount = Sql_query("SELECT count(*) FROM ".$table_list ." where !confirmed && $findbyselect");
- if ($_GET["unconfirmed"])
- $listquery .= ' and !confirmed ';
- if ($_GET["blacklisted"])
- $listquery .= ' and blacklisted ';
- } else {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from ".$table_list;
- $count = Sql_query("SELECT count(*) FROM ".$table_list);
- $unconfirmedcount = Sql_query("SELECT count(*) FROM ".$table_list." where !confirmed");
- }
- $delete_message = '<br />Delete will delete user and all listmemberships<br />';
- break;
- case "none":
- default:
- print Error("Your privileges for this page are insufficient");
- return;
- }
- $delete_message = '<br />Delete will delete user from the list<br />';
- } else {
- $table_list = $tables["user"].$findtables;
- if ($find) {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from ".$table_list." where $findbyselect";
- $count = Sql_query("SELECT count(*) FROM ".$table_list ." where $findbyselect");
- $unconfirmedcount = Sql_query("SELECT count(*) FROM ".$table_list ." where !confirmed and $findbyselect");
- if ($_GET["unconfirmed"])
- $listquery .= ' and !confirmed ';
- if ($_GET["blacklisted"])
- $listquery .= ' and blacklisted ';
- } else {
- $listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from ".$table_list;
- $count = Sql_query("SELECT count(*) FROM ".$table_list);
- $unconfirmedcount = Sql_query("SELECT count(*) FROM ".$table_list." where !confirmed");
- if ($_GET["unconfirmed"])
- $listquery .= ' where !confirmed';
- if ($_GET["blacklisted"])
- $listquery .= ' and blacklisted ';
- }
- $delete_message = '<br />Delete will delete user and all listmemberships<br />';
- }
- $totalres = Sql_fetch_Row($unconfirmedcount);
- $totalunconfirmed = $totalres[0];
- $totalres = Sql_fetch_Row($count);
- $total = $totalres[0];
- if (isset($delete)) {
- # delete the index in delete
- print "deleting $delete ..\n";
- deleteUser($delete);
- print "..Done<br><hr><br>\n";
- Redirect("users&start=$start");
- }
- ob_end_flush();
- if (isset($add)) {
- if (isset($new)) {
- $query = "insert into ".$tables["user"]." (email,entered) values(\"$new\",now())";
- $result = Sql_query($query);
- $userid = Sql_insert_id();
- $query = "insert into ".$tables["listuser"]." (userid,listid,entered) values($userid,$id,now())";
- $result = Sql_query($query);
- }
- echo "<br><font color=red size=+2>User added</font><br>";
- }
- print "$total Users";
- print $find ? " found": "";
- if ($find && !$findby && !$total) { # a search for an email has been done and not found
- print "<hr><h2>Add this user</h2>";
- $req = Sql_Query(sprintf('select * from %s where active',$tables["subscribepage"]));
- if (Sql_Affected_Rows()) {
- print "Click on a link to use the corresponding public subscribe page to add this user:";
- while ($row = Sql_Fetch_Array($req)) {
- printf('<p><a href="%s&id=%d&email=%s">%s</a></p>',getConfig("subscribeurl"),$row["id"],$find,$row["title"]);
- }
- } else {
- print "Click this link to use the public subscribe page to add this user:";
- printf('<p><a href="%s&email=%s">%s</a></p>',getConfig("subscribeurl"),$find,$GLOBALS["strSubscribeTitle"]);
- }
- print '<hr>';
- }
- print "<br/>Users marked <font color=red>red</font> are unconfirmed ($totalunconfirmed)<br/>";
- $url = getenv("REQUEST_URI");
- if ($_GET["unconfirmed"]) {
- $unc = "checked";
- } else {
- $unc = "unchecked";
- }
- if ($_GET["blacklisted"]) {
- $bll = "checked";
- } else {
- $bll = "unchecked";
- }
- print '<table><tr><td valign=top>';
- printf ('<form method="get" name="listcontrol">
- <input type=hidden name="page" value="users">
- <input type=hidden name="start" value="%s">
- <input type=hidden name="find" value="%s">
- <input type=hidden name="findby" value="%s"><br/>Show only unconfirmed users:
- <input type="checkbox" name="unconfirmed" value="on" %s><br/>Show only blacklisted users:
- <input type="checkbox" name="blacklisted" value="on" %s>',
- $start,$find,$findby,$unc,$bll);
- print '</td><td valign=top>';
- foreach (array("email","bouncecount","entered","modified","foreignkey") as $item) {
- $select .= sprintf('<option value="%s" %s>%s</option>',
- $item,$item == $sortby ? "selected":"",$item);
- }
- printf ('
- <br/>Sort by:
- <select name="sortby" onChange="document.listcontrol.submit();">
- <option value="0">-- default</option>
- %s
- </select>
- D: <input type=radio name="sortorder" value="desc" %s>
- A: <input type=radio name="sortorder" value="asc" %s>
- <input type=submit name="change" value="Go">
- ',
- $select,$sortorder == "desc"? "checked":"",$sortorder == "asc"? "checked":"");
- print '</td></tr></table>';
- if ($sortby) {
- $order = ' order by '.$sortby;
- if ($sortorder == "asc") {
- $order .= ' asc';
- } else {
- $order .= ' desc';
- }
- $find_url .= "&sortby=$sortby&sortorder=$sortorder&unconfirmed=$unconfirmed";
- }
- if ($total > MAX_USER_PP) {
- if (isset($start) && $start) {
- $listing = "Listing user $start to " . ($start + MAX_USER_PP);
- $limit = "limit $start,".MAX_USER_PP;
- } else {
- $listing = "Listing user 1 to 50";
- $limit = "limit 0,50";
- $start = 0;
- }
- if ($_GET["unconfirmed"])
- $find_url .= "&unconfirmed=".$_GET["unconfirmed"];
- printf ('<table border=1><tr><td colspan=4 align=center>%s</td></tr><tr><td>%s</td><td>%s</td><td>
- %s</td><td>%s</td></tr></table><p><hr>',
- $listing,
- PageLink2("users","<<","start=0".$find_url),
- PageLink2("users","<",sprintf('start=%d',max(0,$start-MAX_USER_PP)).$find_url),
- PageLink2("users",">",sprintf('start=%d',min($total,$start+MAX_USER_PP)).$find_url),
- PageLink2("users",">>",sprintf('start=%d',$total-MAX_USER_PP).$find_url));
- $result = Sql_query("$listquery $order $limit");
- } else {
- $result = Sql_Query("$listquery $order");
- }
- ?>
- <table border=0>
- <tr><td colspan=4><input type=hidden name=id value="<?php echo $listid?>">
- Find a user: <input type=text name=find value="<?php echo $find != '%' ? $find : ""?>" size=30>
- <select name="findby"><option value="email" <?php echo $findby == "email"? "selected":""?>>Email</option>
- <option value="foreignkey" <?php echo $findby == "foreignkey"? "selected":""?>>Foreign Key</option>
- <?php
- $att_req = Sql_Query("select id,name from ".$tables["attribute"]." where type = \"hidden\" or type = \"textline\" or type = \"select\"");
- while ($row = Sql_Fetch_Array($att_req)) {
- printf('<option value="%d" %s>%s</option>',$row["id"],$row["id"] == $findby ? "selected":"",substr($row["name"],0,20));
- }
- ?></select><input type=submit value="Go"> <a href="./?page=users&find=NULL">reset</a>
- </form></td></tr>
- <tr><td colspan=4>
- <?php
- #if (($require_login && isSuperUser()) || !$require_login)
- print PageLink2("dlusers","Download all users as CSV file","nocache=".uniqid(""));
- ?></td></tr>
- </table>
- <?php
- $some = 0;
- $ls = new WebblerListing("users");
- while ($user = Sql_fetch_array($result)) {
- $some = 1;
- $lists = Sql_query("SELECT count(*) FROM ".$tables["listuser"].",".$tables["list"]." where userid = ".$user["id"]." and ".$tables["listuser"].".listid = ".$tables["list"].".id");
- $membership = Sql_fetch_row($lists);
- $msgs = Sql_query("SELECT count(*) FROM ".$tables["usermessage"]." where userid = ".$user["id"]);
- $nummsgs = Sql_fetch_row($msgs);
- $onblacklist = isBlackListed($user["email"]);
- $ls->addElement($user["email"],PageURL2("user&start=$start&id=".$user["id"].$find_url));
- $ls->addColumn($user["email"],"confirmed",
- $user["confirmed"]?$GLOBALS["img_tick"]:$GLOBALS["img_cross"]);
- $ls->addColumn($user["email"],"bl l",
- $onblacklist?$GLOBALS["img_tick"]:$GLOBALS["img_cross"]);
- $ls->addColumn($user["email"],"del",sprintf("<a href=\"javascript:deleteRec('%s');\">del</a>",
- PageURL2("users","delete","start=$start&delete=".$user["id"])));
- $ls->addColumn($user["email"],"key",$user["foreignkey"]);
- $ls->addColumn($user["email"]," ",$user["display"]);
- $ls->addColumn($user["email"],"lists",$membership[0]);
- $ls->addColumn($user["email"],"msgs",$nummsgs[0]);
- if (ENABLE_RSS) {
- $rss = Sql_query("SELECT count(*) FROM ".$tables["rssitem_user"]." where userid = ".$user["id"]);
- $nummsgs = Sql_fetch_row($rss);
- $ls->addColumn($user["email"],"rss",$nummsgs[0]);
- if ($user["rssfrequency"])
- $ls->addColumn($user["email"],"rss freq",$user["rssfrequency"]);
- $last = Sql_Fetch_Row_Query("select last from {$tables["user_rss"]} where userid = ".$user["id"]);
- if ($last[0])
- $ls->addColumn($user["email"],"last sent",$last[0]);
- }
- $ls->addColumn($user["email"],"bncs",$user["bouncecount"]);
- }
- print $ls->display();
- if (!$some) {
- print "<p>No users apply</p>";
- }
- ?>