428 lines
17 KiB
PHP
428 lines
17 KiB
PHP
|
|
<script language="Javascript" src="js/jslib.js" type="text/javascript"></script>
|
|
|
|
<?php
|
|
if (!isset ($_SESSION["userlistfilter"]) || !$_SESSION["userlistfilter"]) {
|
|
$_SESSION["userlistfilter"] = array ();
|
|
}
|
|
if (isset ($_GET['sortby'])) {
|
|
$sortby = removeXss($_GET['sortby']);
|
|
} else {
|
|
$sortby = '';
|
|
}
|
|
|
|
if (isset($_GET["delete"])){
|
|
$delete = sprintf("%d", $_GET["delete"]);
|
|
}
|
|
else $delete = 0;
|
|
#print $_GET["delete"].' '.$delete .isSuperUser();exit;
|
|
|
|
if (isset($_GET["start"])){
|
|
$start = sprintf("%d", $_GET["start"]);
|
|
}
|
|
else $start = 0;
|
|
|
|
$searchdone = 1;
|
|
if (!empty ($_GET['start'])) {
|
|
$start = sprintf('%d', $_GET['start']);
|
|
} else {
|
|
$start = 0;
|
|
}
|
|
$unconfirmed = !empty ($_GET['unconfirmed']) ? sprintf('%d', $_GET['unconfirmed']) : 0;
|
|
$blacklisted = !empty ($_GET['blacklisted']) ? sprintf('%d', $_GET['blacklisted']) : 0;
|
|
if (isset ($_GET['sortorder'])) {
|
|
if ($_GET['sortorder'] == 'asc') {
|
|
$sortorder = 'asc';
|
|
} else {
|
|
$sortorder = 'desc';
|
|
}
|
|
} else {
|
|
$sortorder = 'desc';
|
|
}
|
|
if (isset ($_GET['listid'])) {
|
|
$listid = sprintf('%d', $_GET['listid']);
|
|
} else {
|
|
$listid = 0;
|
|
}
|
|
if (isset ($_GET["find"])) {
|
|
if (!isset ($_GET['findby'])) {
|
|
$_GET['findby'] = '';
|
|
}
|
|
|
|
if ($_GET["find"] == "NULL") {
|
|
$_SESSION["userlistfilter"]["find"] = "";
|
|
$_SESSION["userlistfilter"]["findby"] = "";
|
|
} else {
|
|
$_SESSION["userlistfilter"]["find"] = removeXss($_GET["find"]);
|
|
$_SESSION["userlistfilter"]["findby"] = removeXss($_GET["findby"]);
|
|
}
|
|
} else {
|
|
$_SESSION["userlistfilter"]["find"] = "";
|
|
$_SESSION["userlistfilter"]["findby"] = "";
|
|
}
|
|
|
|
$find = $_SESSION["userlistfilter"]["find"];
|
|
$findby = $_SESSION["userlistfilter"]["findby"];
|
|
if (!$findby) {
|
|
$findby = "email";
|
|
}
|
|
|
|
# hmm interesting, if they select a findby but not a find, use the Sql wildcard:
|
|
if ($findby && !$find)
|
|
# this is very slow, so instead erase the findby.
|
|
# $find = '%';
|
|
$findby = '';
|
|
|
|
$system_findby = array (
|
|
"email",
|
|
"foreignkey"
|
|
);
|
|
if ($findby && $find && !in_array($findby, $system_findby)) {
|
|
$find_url = '&find=' . urlencode($find) . "&findby=" . urlencode($findby);
|
|
$findatt = Sql_Fetch_Array_Query("select id,tablename,type,name from {$tables["attribute"]} where id = $findby");
|
|
switch ($findatt["type"]) {
|
|
case "textline" :
|
|
case "hidden" :
|
|
$findtables = ',' . $tables["user_attribute"];
|
|
$findbyselect = sprintf(' %s.userid = %s.id and
|
|
%s.attributeid = %d and %s.value like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $find);
|
|
$findfield = $tables["user_attribute"] . ".value as display, " . $tables["user"] . ".bouncecount";
|
|
$findfieldname = $findatt["name"];
|
|
break;
|
|
case "select" :
|
|
case "radio" :
|
|
$findtables = ',' . $tables["user_attribute"] . ',' . $table_prefix . 'listattr_' . $findatt["tablename"];
|
|
$findbyselect = sprintf(' %s.userid = %s.id and
|
|
%s.attributeid = %d and %s.value = %s.id and
|
|
%s.name like "%%%s%%"', $tables["user_attribute"], $tables["user"], $tables["user_attribute"], $findby, $tables["user_attribute"], $table_prefix .
|
|
'listattr_' . $findatt["tablename"], $table_prefix .
|
|
'listattr_' . $findatt["tablename"], $find);
|
|
$findfield = $table_prefix . 'listattr_' . $findatt["tablename"] . ".name as display, " . $tables["user"] . ".bouncecount";
|
|
$findfieldname = $findatt["name"];
|
|
break;
|
|
}
|
|
} else {
|
|
$findtables = '';
|
|
$findbyselect = sprintf(' %s like "%%%s%%"', $findby, $find);
|
|
;
|
|
$findfield = $tables["user"] . ".bouncecount," . $tables["user"] . ".rssfrequency," . $tables["user"] . ".foreignkey";
|
|
$findfieldname = "Email";
|
|
$find_url = '&find=' . urlencode($find);
|
|
}
|
|
|
|
if ($require_login && !isSuperUser()) {
|
|
$access = accessLevel("users");
|
|
switch ($access) {
|
|
case "owner" :
|
|
$table_list = $tables["user"] . ',' . $tables["listuser"] . ',' . $tables["list"] . $findtables;
|
|
$subselect = "{$tables["user"]}.id = {$tables["listuser"]}.userid and {$tables["listuser"]}.listid = {$tables["list"]}.id and {$tables["list"]}.owner = " . $_SESSION["logindetails"]["id"];
|
|
if ($find) {
|
|
$listquery = "select DISTINCT {$tables["user"]}.email,{$tables["user"]}.id,$findfield,confirmed from " . $table_list . " where $subselect and $findbyselect";
|
|
$count = Sql_query("SELECT count({$tables["user"]}.id) FROM " . $table_list . " where $subselect and $findbyselect");
|
|
$unconfirmedcount = Sql_query("SELECT count({$tables["user"]}.id) FROM " . $table_list . " where $subselect and !confirmed and $findbyselect");
|
|
} else {
|
|
$listquery = "SELECT DISTINCT {$tables["user"]}.email,{$tables["user"]}.id,$findfield,confirmed FROM " . $table_list . " WHERE $subselect";
|
|
$count = Sql_query("SELECT count({$tables["user"]}.id) FROM " . $table_list . " WHERE $subselect");
|
|
$unconfirmedcount = Sql_query("SELECT count({$tables["user"]}.id) FROM " . $table_list . " WHERE !confirmed and $subselect");
|
|
}
|
|
if ($unconfirmed)
|
|
$listquery .= ' and !confirmed ';
|
|
if ($blacklisted)
|
|
$listquery .= ' and blacklisted ';
|
|
break;
|
|
case "all" :
|
|
case "view" :
|
|
$table_list = $tables["user"] . $findtables;
|
|
if ($find) {
|
|
$listquery = "select DISTINCT {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from " . $table_list . " where $findbyselect";
|
|
$count = Sql_query("SELECT count(*) FROM " . $table_list . " where $findbyselect");
|
|
$unconfirmedcount = Sql_query("SELECT count(*) FROM " . $table_list . " where !confirmed && $findbyselect");
|
|
if ($unconfirmed)
|
|
$listquery .= ' and !confirmed ';
|
|
if ($blacklisted)
|
|
$listquery .= ' and blacklisted ';
|
|
} else {
|
|
$listquery = "select DISTINCT {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from " . $table_list;
|
|
$count = Sql_query("SELECT count(*) FROM " . $table_list);
|
|
$unconfirmedcount = Sql_query("SELECT count(*) FROM " . $table_list . " where !confirmed");
|
|
$searchdone = 0;
|
|
}
|
|
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />';
|
|
break;
|
|
case "none" :
|
|
default :
|
|
print Error($GLOBALS['I18N']->get('Your privileges for this page are insufficient'));
|
|
return;
|
|
}
|
|
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user from the list') . '<br />';
|
|
} else {
|
|
## is superuser
|
|
$table_list = $tables["user"] . $findtables;
|
|
if ($find) {
|
|
$listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from " . $table_list . " where $findbyselect";
|
|
$count = Sql_query("SELECT count(*) FROM " . $table_list . " where $findbyselect");
|
|
$unconfirmedcount = Sql_query("SELECT count(*) FROM " . $table_list . " where !confirmed and $findbyselect");
|
|
if ($unconfirmed)
|
|
$listquery .= ' and !confirmed ';
|
|
if ($blacklisted)
|
|
$listquery .= ' and blacklisted ';
|
|
} else {
|
|
$listquery = "select {$tables["user"]}.email,{$tables["user"]}.id,$findfield,{$tables["user"]}.confirmed from " . $table_list;
|
|
$count = Sql_query("SELECT count(*) FROM " . $table_list);
|
|
$unconfirmedcount = Sql_query("SELECT count(*) FROM " . $table_list . " where !confirmed");
|
|
|
|
if ($unconfirmed || $blacklisted) {
|
|
$listquery .= ' where ';
|
|
if ($unconfirmed && $blacklisted) {
|
|
$listquery .= ' !confirmed and blacklisted ';
|
|
}
|
|
elseif ($unconfirmed) {
|
|
$listquery .= ' !confirmed ';
|
|
} else {
|
|
$listquery .= ' blacklisted';
|
|
}
|
|
} else {
|
|
$searchdone = 0;
|
|
}
|
|
}
|
|
$delete_message = '<br />' . $GLOBALS['I18N']->get('Delete will delete user and all listmemberships') . '<br />';
|
|
}
|
|
|
|
$totalres = Sql_fetch_Row($unconfirmedcount);
|
|
$totalunconfirmed = $totalres[0];
|
|
$totalres = Sql_fetch_Row($count);
|
|
$total = $totalres[0];
|
|
|
|
if (!empty($delete) && isSuperUser()) {
|
|
# delete the index in delete
|
|
print $GLOBALS['I18N']->get('deleting') . " $delete ..\n";
|
|
deleteUser($delete);
|
|
|
|
print '..' . $GLOBALS['I18N']->get('Done') . '<br/><hr/><br/>';
|
|
Redirect("users&start=$start");
|
|
}
|
|
#ob_end_flush();
|
|
|
|
if (isset ($add)) {
|
|
if (isset ($new)) {
|
|
$query = "insert into " . $tables["user"] . " (email,entered) values(\"$new\",now())";
|
|
$result = Sql_query($query);
|
|
$userid = Sql_insert_id();
|
|
$query = "insert into " . $tables["listuser"] . " (userid,listid,entered) values($userid,$id,now())";
|
|
$result = Sql_query($query);
|
|
}
|
|
echo '<br/><p class="information">' . $GLOBALS['I18N']->get('User added') . "</p><br/>";
|
|
}
|
|
|
|
printf($GLOBALS['I18N']->get('%s users in total'), $total);
|
|
if ($find && !$findby && !$total) { # a search for an email has been done and not found
|
|
print "<hr/><h4>" . $GLOBALS['I18N']->get('Add this user') . "</h4>";
|
|
$req = Sql_Query(sprintf('select * from %s where active', $tables["subscribepage"]));
|
|
if (Sql_Affected_Rows()) {
|
|
print $GLOBALS['I18N']->get('Click on a link to use the corresponding public subscribe page to add this user:');
|
|
while ($row = Sql_Fetch_Array($req)) {
|
|
printf('<p><a href="%s&id=%d&email=%s">%s</a></p>', getConfig("subscribeurl"), $row["id"], $find, $row["title"]);
|
|
}
|
|
} else {
|
|
print $GLOBALS['I18N']->get('Click this link to use the public subscribe page to add this user:');
|
|
printf('<p><a href="%s&email=%s">%s</a></p>', getConfig("subscribeurl"), $find, $GLOBALS["strSubscribeTitle"]);
|
|
}
|
|
print '<hr/>';
|
|
}
|
|
|
|
print "<br/>" . $GLOBALS['I18N']->get('Users marked <span class="highlight">red</span> are unconfirmed') . " ($totalunconfirmed)<br/>";
|
|
|
|
$url = getenv("REQUEST_URI");
|
|
if ($unconfirmed) {
|
|
$unc = 'checked="checked"';
|
|
} else {
|
|
$unc = "";
|
|
}
|
|
if ($blacklisted) {
|
|
$bll = 'checked="checked"';
|
|
} else {
|
|
$bll = "";
|
|
}
|
|
if (!isset ($start)) {
|
|
$start = 0;
|
|
}
|
|
|
|
print '<table class="usersForm"><tr><td valign="top">';
|
|
printf('<form method="get" name="listcontrol" action="">
|
|
<input type="hidden" name="page" value="users" />
|
|
<input type="hidden" name="start" value="%d" />
|
|
<input type="hidden" name="find" value="%s" />
|
|
<input type="hidden" name="findby" value="%s" /><br/>%s:
|
|
<input type="checkbox" name="unconfirmed" value="1" %s /><br/>%s:
|
|
<input type="checkbox" name="blacklisted" value="1" %s />',
|
|
$start,
|
|
htmlspecialchars(stripslashes($find)),
|
|
htmlspecialchars(stripslashes($findby)),
|
|
$GLOBALS['I18N']->get('Show only unconfirmed users'),
|
|
$unc,
|
|
$GLOBALS['I18N']->get('Show only blacklisted users'),
|
|
$bll);
|
|
#print '</td><td valign="top">';
|
|
$select = '';
|
|
foreach (array (
|
|
"email",
|
|
"bouncecount",
|
|
"entered",
|
|
"modified",
|
|
"foreignkey"
|
|
) as $item) {
|
|
$select .= sprintf(' <option value="%s" %s>%s</option>', $item, $item == $sortby ? 'selected="selected"' : '', $GLOBALS['I18N']->get($item));
|
|
}
|
|
|
|
printf('
|
|
<br/>%s:
|
|
<select name="sortby" onchange="document.listcontrol.submit();">
|
|
<option value="0">-- default</option>
|
|
%s
|
|
</select>
|
|
%s: <input type="radio" name="sortorder" value="desc" %s onchange="document.listcontrol.submit();" />
|
|
%s: <input type="radio" name="sortorder" value="asc" %s onchange="document.listcontrol.submit();" />
|
|
<br/><input class="submit" type="submit" name="change" value="%s" />
|
|
',
|
|
$GLOBALS['I18N']->get('Sort by'), $select,
|
|
$GLOBALS['I18N']->get('desc'), $sortorder == "desc" ? 'checked="checked"' : '',
|
|
$GLOBALS['I18N']->get('asc'), $sortorder == "asc" ? 'checked="checked"' : '',
|
|
$GLOBALS['I18N']->get('Go'));
|
|
print '</td></tr></table>';
|
|
|
|
$order = '';
|
|
if ($sortby) {
|
|
$order = ' order by ' .$tables["user"].'.'. $sortby;
|
|
if ($sortorder == "asc") {
|
|
$order .= ' asc';
|
|
} else {
|
|
$order .= ' desc';
|
|
}
|
|
}
|
|
$find_url .= "&sortby=$sortby&sortorder=$sortorder&unconfirmed=$unconfirmed&blacklisted=$blacklisted";
|
|
|
|
$listing = '';
|
|
$dolist = 1;
|
|
if ($total > MAX_USER_PP) {
|
|
if (isset ($start) && $start) {
|
|
$listing = sprintf($GLOBALS['I18N']->get('Listing user %d to %d'), $start, $start +MAX_USER_PP);
|
|
$limit = "limit $start," . MAX_USER_PP;
|
|
} else {
|
|
if ($total < 1000 || $searchdone) {
|
|
$listing = sprintf($GLOBALS['I18N']->get('Listing user %d to %d'), 1, 50);
|
|
$limit = "limit 0,50";
|
|
$start = 0;
|
|
$dolist = 1;
|
|
} else {
|
|
$dolist = 0;
|
|
}
|
|
}
|
|
# if ($_GET["unconfirmed"])
|
|
# $find_url .= "&unconfirmed=".$_GET["unconfirmed"];
|
|
if ($dolist) {
|
|
printf('<p><table class="usersListing" border="1">
|
|
<tr><td colspan="4" align="center">%s</td></tr>
|
|
<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>
|
|
</table></p><hr/>', $listing,
|
|
PageLink2("users", "<<", 'start=0'. $find_url),
|
|
PageLink2("users", "<", sprintf('start=%d', max(0, $start -MAX_USER_PP)).$find_url),
|
|
PageLink2("users", ">", sprintf('start=%d', min($total-MAX_USER_PP, $start +MAX_USER_PP)).$find_url),
|
|
PageLink2("users", ">>", sprintf('start=%d', $total -MAX_USER_PP).$find_url));
|
|
$result = Sql_query("$listquery $order $limit");
|
|
} else {
|
|
print $GLOBALS['I18N']->get('too many users, use a search query to list some');
|
|
$result = 0;
|
|
}
|
|
} else {
|
|
$result = Sql_Query("$listquery $order");
|
|
}
|
|
|
|
?>
|
|
|
|
<table class="usersFind" border="0">
|
|
<tr><td colspan="4"><input type="hidden" name="id" value="<?php echo $listid?>" />
|
|
<?php echo $GLOBALS['I18N']->get('Find a user')?>:
|
|
<input type="text" name="find" value="<?php echo $find != '%' ? htmlspecialchars(stripslashes($find)) : ""?>" size="30" />
|
|
<select name="findby"><option value="email" <?php echo $findby == "email"? 'selected="selected"':''?>><?php echo $GLOBALS['I18N']->get('Email')?></option>
|
|
<option value="foreignkey" <?php echo $findby == "foreignkey"? 'selected="selected"':''?>><?php echo $GLOBALS['I18N']->get('Foreign Key')?></option>
|
|
<?php
|
|
$att_req = Sql_Query("select id,name from " . $tables["attribute"] . " where type = \"hidden\" or type = \"textline\" or type = \"select\"");
|
|
while ($row = Sql_Fetch_Array($att_req)) {
|
|
printf('<option value="%d" %s>%s</option>', $row["id"], $row["id"] == $findby ? 'selected="selected"' : '', substr($row["name"], 0, 20));
|
|
}
|
|
?></select><input class="submit" type="submit" value="Go" /> <a href="./?page=users&find=NULL"><?php echo $GLOBALS['I18N']->get('reset')?></a>
|
|
</form></td></tr>
|
|
<tr><td colspan="4">
|
|
<?php
|
|
|
|
#if (($require_login && isSuperUser()) || !$require_login)
|
|
print '<p class="button">' . PageLink2("dlusers", $GLOBALS['I18N']->get('Download all users as CSV file'), "nocache=" . uniqid("")) . '</p> <br/>';
|
|
print '<p class="button">' . PageLink2("user", $GLOBALS['I18N']->get('Add a User')) . '</p>';
|
|
?></td></tr>
|
|
</table>
|
|
|
|
<?php
|
|
|
|
$some = 0;
|
|
$ls = new WebblerListing("users");
|
|
if ($result)
|
|
while ($user = Sql_fetch_array($result)) {
|
|
$some = 1;
|
|
$ls->addElement($user["email"], PageURL2("user&start=$start&id=" . $user["id"] . $find_url));
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('confirmed'), $user["confirmed"] ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
|
|
if (in_array("blacklist", $columns)) {
|
|
$onblacklist = isBlackListed($user["email"]);
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('bl l'), $onblacklist ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
|
|
}
|
|
# $ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf('<a href="%s" onclick="return deleteRec(\'%s\');">del</a>',PageUrl2('users'.$find_url), PageURL2("users&start=$start&delete=" .$user["id"])));
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf('<a href="javascript:deleteRec(\'%s\');">del</a>', PageURL2("user&start=$start&delete=" .$user["id"])));
|
|
if (isset ($user['foreignkey'])) {
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('key'), $user["foreignkey"]);
|
|
}
|
|
if (isset ($user["display"])) {
|
|
$ls->addColumn($user["email"], " ", $user["display"]);
|
|
}
|
|
if (in_array("lists", $columns)) {
|
|
$lists = Sql_query("SELECT count(*) FROM " . $tables["listuser"] . "," . $tables["list"] . " where userid = " . $user["id"] . " and " . $tables["listuser"] . ".listid = " . $tables["list"] . ".id");
|
|
$membership = Sql_fetch_row($lists);
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('lists'), $membership[0]);
|
|
}
|
|
if (in_array("messages", $columns)) {
|
|
$msgs = Sql_query("SELECT count(*) FROM " . $tables["usermessage"] . " where userid = " . $user["id"]);
|
|
$nummsgs = Sql_fetch_row($msgs);
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('msgs'), $nummsgs[0]);
|
|
}
|
|
|
|
//obsolete, moved to rssmanager plugin
|
|
// if (ENABLE_RSS && in_array("rss", $columns)) {
|
|
// $rss = Sql_query("SELECT count(*) FROM " . $tables["rssitem_user"] . " where userid = " . $user["id"]);
|
|
// $nummsgs = Sql_fetch_row($rss);
|
|
// $ls->addColumn($user["email"], $GLOBALS['I18N']->get('rss'), $nummsgs[0]);
|
|
// if (isset ($user["rssfrequency"]))
|
|
// $ls->addColumn($user["email"], $GLOBALS['I18N']->get('rss freq'), $user["rssfrequency"]);
|
|
// $last = Sql_Fetch_Row_Query("select last from {$tables["user_rss"]} where userid = " . $user["id"]);
|
|
// if ($last[0])
|
|
// $ls->addColumn($user["email"], $GLOBALS['I18N']->get('last sent'), $last[0]);
|
|
// }
|
|
|
|
### allow plugins to add columns
|
|
if (isset($GLOBALS['plugins']) && is_array($GLOBALS['plugins'])) {
|
|
foreach ($GLOBALS['plugins'] as $plugin) {
|
|
if (method_exists($plugin,'displayUsers')) {
|
|
$plugin->displayUsers($user, $user['email'], $ls);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (in_array("bounces", $columns)) {
|
|
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('bncs'), $user["bouncecount"]);
|
|
}
|
|
}
|
|
print $ls->display();
|
|
if (!$some && !$total) {
|
|
print '<p class="information">' . $GLOBALS['I18N']->get('No users apply') . '</p>';
|
|
}
|
|
?>
|
|
|
|
|