Context Navigation

notification_by_mail.php @ 1571

Last change on this file since 1571 was 1571, checked in by rub, 18 years ago

Resolved Issue ID 0000356:

o Increase security on adviser mode

First modifications of n modifications.
All the others modifications will be done on BSF branch.

Merge branch-1_6 1568:1570 into BSF

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 21.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net \|
6	// \| Copyright (C) 2006 Ruben ARNAUD - team@phpwebgallery.net \|
7	// +-----------------------------------------------------------------------+
8	// \| branch : BSF (Best So Far)
9	// \| file : $RCSfile$
10	// \| last update : $Date: 2006-10-21 12:28:07 +0000 (Sat, 21 Oct 2006) $
11	// \| last modifier : $Author: rub $
12	// \| revision : $Revision: 1571 $
13	// +-----------------------------------------------------------------------+
14	// \| This program is free software; you can redistribute it and/or modify \|
15	// \| it under the terms of the GNU General Public License as published by \|
16	// \| the Free Software Foundation \|
17	// \| \|
18	// \| This program is distributed in the hope that it will be useful, but \|
19	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
20	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
21	// \| General Public License for more details. \|
22	// \| \|
23	// \| You should have received a copy of the GNU General Public License \|
24	// \| along with this program; if not, write to the Free Software \|
25	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
26	// \| USA. \|
27	// +-----------------------------------------------------------------------+
28
29	// +-----------------------------------------------------------------------+
30	// \| include \|
31	// +-----------------------------------------------------------------------+
32
33	if (!defined('PHPWG_ROOT_PATH'))
34	{
35	die ("Hacking attempt!");
36	}
37
38	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
39	include_once(PHPWG_ROOT_PATH.'admin/include/functions_notification_by_mail.inc.php');
40	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
41	include_once(PHPWG_ROOT_PATH.'include/functions_notification.inc.php');
42	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
43
44	// +-----------------------------------------------------------------------+
45	// \| Check Access and exit when user status is not ok \|
46	// +-----------------------------------------------------------------------+
47	check_status(ACCESS_ADMINISTRATOR);
48
49	// +-----------------------------------------------------------------------+
50	// \| Initialization \|
51	// +-----------------------------------------------------------------------+
52	$base_url = get_root_url().'admin.php';
53	$must_repost = false;
54
55	// +-----------------------------------------------------------------------+
56	// \| functions \|
57	// +-----------------------------------------------------------------------+
58
59	/*
60	* Do timeout treatment in order to finish to send mails
61	*
62	* @param $post_keyname: key of check_key post array
63	* @param check_key_treated: array of check_key treated
64	* @return none
65	*/
66	function do_timeout_treatment($post_keyname, $check_key_treated = array())
67	{
68	global $env_nbm, $base_url, $page, $must_repost;
69
70	if ($env_nbm['is_sendmail_timeout'])
71	{
72	if (isset($_POST[$post_keyname]))
73	{
74	$post_count = count($_POST[$post_keyname]);
75	$treated_count = count($check_key_treated);
76	if ($treated_count != 0)
77	{
78	$time_refresh = ceil((get_moment() - $env_nbm['start_time']) * $post_count / $treated_count);
79	}
80	else
81	{
82	$time_refresh = 0;
83	}
84	$_POST[$post_keyname] = array_diff($_POST[$post_keyname], $check_key_treated);
85
86	$must_repost = true;
87	array_push($page['errors'], sprintf(l10n('nbm_background_treatment_redirect'), $time_refresh));
88	}
89	}
90
91	}
92
93	/*
94	* Get the authorized_status for each tab
95	* return corresponding status
96	*/
97	function get_tab_status($mode)
98	{
99	$result = ACCESS_WEBMASTER;
100	switch ($mode)
101	{
102	case 'param':
103	case 'subscribe':
104	$result = ACCESS_WEBMASTER;
105	break;
106	case 'send':
107	$result = ACCESS_ADMINISTRATOR;
108	break;
109	default:
110	$result = ACCESS_WEBMASTER;
111	break;
112	}
113	return $result;
114	}
115
116	/*
117	* Inserting News users
118	*/
119	function insert_new_data_user_mail_notification()
120	{
121	global $conf, $page, $env_nbm;
122
123	// Set null mail_address empty
124	$query = '
125	update
126	'.USERS_TABLE.'
127	set
128	'.$conf['user_fields']['email'].' = null
129	where
130	trim('.$conf['user_fields']['email'].') = \'\';';
131	pwg_query($query);
132
133	// null mail_address are not selected in the list
134	$query = '
135	select
136	u.'.$conf['user_fields']['id'].' as user_id,
137	u.'.$conf['user_fields']['username'].' as username,
138	u.'.$conf['user_fields']['email'].' as mail_address
139	from
140	'.USERS_TABLE.' as u left join '.USER_MAIL_NOTIFICATION_TABLE.' as m on u.'.$conf['user_fields']['id'].' = m.user_id
141	where
142	u.'.$conf['user_fields']['email'].' is not null and
143	m.user_id is null
144	order by
145	user_id;';
146
147	$result = pwg_query($query);
148
149	if (mysql_num_rows($result) > 0)
150	{
151	$inserts = array();
152	$check_key_list = array();
153
154	while ($nbm_user = mysql_fetch_array($result))
155	{
156	// Calculate key
157	$nbm_user['check_key'] = find_available_check_key();
158
159	// Save key
160	array_push($check_key_list, $nbm_user['check_key']);
161
162	// Insert new nbm_users
163	array_push
164	(
165	$inserts,
166	array
167	(
168	'user_id' => $nbm_user['user_id'],
169	'check_key' => $nbm_user['check_key'],
170	'enabled' => 'false' // By default if false, set to true with specific functions
171	)
172	);
173
174	array_push
175	(
176	$page['infos'],
177	sprintf(
178	l10n('nbm_user_x_added'),
179	$nbm_user['username'],
180	get_email_address_as_display_text($nbm_user['mail_address'])
181	)
182	);
183	}
184
185	// Insert new nbm_users
186	mass_inserts(USER_MAIL_NOTIFICATION_TABLE, array('user_id', 'check_key', 'enabled'), $inserts);
187	// Update field enabled with specific function
188	$check_key_treated = do_subscribe_unsubcribe_notification_by_mail
189	(
190	true,
191	$conf['nbm_default_value_user_enabled'],
192	$check_key_list
193	);
194
195	// On timeout simulate like tabsheet send
196	if ($env_nbm['is_sendmail_timeout'])
197	{
198	$quoted_check_key_list = quote_check_key_list(array_diff($check_key_list, $check_key_treated));
199	if (count($quoted_check_key_list) != 0 )
200	{
201	$query = 'delete from '.USER_MAIL_NOTIFICATION_TABLE.' where check_key in ('.implode(",", $quoted_check_key_list).');';
202	$result = pwg_query($query);
203
204	redirect($base_url.get_query_string_diff(array()), l10n('nbm_redirect_msg'));
205	}
206	}
207	}
208	}
209
210	/*
211	* Send mail for notification to all users
212	* Return list of "selected" users for 'list_to_send'
213	* Return list of "treated" check_key for 'send'
214	*/
215	function do_action_send_mail_notification($action = 'list_to_send', $check_key_list = array(), $customize_mail_content = '')
216	{
217	global $conf, $page, $user, $lang_info, $lang, $env_nbm;
218	$return_list = array();
219
220	if (in_array($action, array('list_to_send', 'send')))
221	{
222	list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
223
224	$is_action_send = ($action == 'send');
225
226	if (!isset($customize_mail_content))
227	{
228	$customize_mail_content = $conf['nbm_complementary_mail_content'];
229	}
230
231	// disabled and null mail_address are not selected in the list
232	$data_users = get_user_notifications('send', $check_key_list);
233
234	// List all if it's define on options or on timeout
235	$is_list_all_without_test = ($env_nbm['is_sendmail_timeout'] or $conf['nbm_list_all_enabled_users_to_send']);
236
237	// Check if exist news to list user or send mails
238	if ((!$is_list_all_without_test) or ($is_action_send))
239	{
240	if (count($data_users) > 0)
241	{
242	$datas = array();
243
244	// Prepare message after change language
245	if ($is_action_send)
246	{
247	$msg_break_timeout = l10n('nbm_break_timeout_send_mail');
248	}
249	else
250	{
251	$msg_break_timeout = l10n('nbm_break_timeout_list_user');
252	}
253
254	// Begin nbm users environment
255	begin_users_env_nbm($is_action_send);
256
257	foreach ($data_users as $nbm_user)
258	{
259	if ((!$is_action_send) and check_sendmail_timeout())
260	{
261	// Stop fill list on 'list_to_send', if the quota is override
262	array_push($page['infos'], $msg_break_timeout);
263	break;
264	}
265	if (($is_action_send) and check_sendmail_timeout())
266	{
267	// Stop fill list on 'send', if the quota is override
268	array_push($page['errors'], $msg_break_timeout);
269	break;
270	}
271
272	// set env nbm user
273	set_user_id_on_env_nbm($nbm_user['user_id']);
274
275	if ($is_action_send)
276	{
277	// Fill return list of "treated" check_key for 'send'
278	array_push($return_list, $nbm_user['check_key']);
279	$message = '';
280
281	if ($conf['nbm_send_detailed_content'])
282	{
283	$news = news($nbm_user['last_send'], $dbnow);
284	$exist_data = count($news) > 0;
285	}
286	else
287	{
288	$exist_data = news_exists($nbm_user['last_send'], $dbnow);
289	}
290
291	if ($exist_data)
292	{
293	$subject = '['.$conf['gallery_title'].']: '.l10n('nbm_object_news');
294	$message .= sprintf(l10n('nbm_content_hello'), $nbm_user['username']).",\n\n";
295
296	if (!is_null($nbm_user['last_send']))
297	$message .= sprintf(l10n('nbm_content_new_elements_between'), $nbm_user['last_send'], $dbnow);
298	else
299	$message .= sprintf(l10n('nbm_content_new_elements'), $dbnow);
300
301	if ($conf['nbm_send_detailed_content'])
302	{
303	$message .= ":\n";
304
305	foreach ($news as $line)
306	{
307	$message .= ' o '.$line."\n";
308	}
309	$message .= "\n";
310	}
311	else
312	{
313	$message .= ".\n";
314	}
315
316	$message .= sprintf(l10n('nbm_content_goto'), $conf['gallery_title'], $conf['gallery_url'])."\n\n";
317	$message .= $customize_mail_content."\n\n";
318	$message .= l10n('nbm_content_byebye')."\n ".$env_nbm['send_as_name']."\n\n";
319
320	$message .= get_mail_content_subscribe_unsubcribe($nbm_user);
321
322	if (pwg_mail(format_email($nbm_user['username'], $nbm_user['mail_address']), $env_nbm['send_as_mail_formated'], $subject, $message))
323	{
324	inc_mail_sent_success($nbm_user);
325
326	$data = array('user_id' => $nbm_user['user_id'],
327	'last_send' => $dbnow);
328	array_push($datas, $data);
329	}
330	else
331	{
332	inc_mail_sent_failed($nbm_user);
333	}
334	}
335	}
336	else
337	{
338	if (news_exists($nbm_user['last_send'], $dbnow))
339	{
340	// Fill return list of "selected" users for 'list_to_send'
341	array_push($return_list, $nbm_user);
342	}
343	}
344	}
345
346	// Restore nbm environment
347	end_users_env_nbm();
348
349	if ($is_action_send)
350	{
351	mass_updates(
352	USER_MAIL_NOTIFICATION_TABLE,
353	array(
354	'primary' => array('user_id'),
355	'update' => array('last_send')
356	),
357	$datas
358	);
359
360	display_counter_info();
361	}
362	}
363	else
364	{
365	if ($is_action_send)
366	{
367	array_push($page['errors'], l10n('nbm_no_user_to send_notifications_by_mail'));
368	}
369	}
370	}
371	else
372	{
373	// Quick List, don't check news
374	// Fill return list of "selected" users for 'list_to_send'
375	$return_list = $data_users;
376	}
377	}
378
379	// Return list of "selected" users for 'list_to_send'
380	// Return list of "treated" check_key for 'send'
381	return $return_list;
382	}
383
384	// +-----------------------------------------------------------------------+
385	// \| Main \|
386	// +-----------------------------------------------------------------------+
387	if (!isset($_GET['mode']))
388	{
389	$page['mode'] = 'send';
390	}
391	else
392	{
393	$page['mode'] = $_GET['mode'];
394	}
395
396	// +-----------------------------------------------------------------------+
397	// \| Check Access and exit when user status is not ok \|
398	// +-----------------------------------------------------------------------+
399	check_status(get_tab_status($page['mode']));
400
401	// +-----------------------------------------------------------------------+
402	// \| Insert new users with mails \|
403	// +-----------------------------------------------------------------------+
404	if (!isset($_POST) or (count($_POST) ==0))
405	{
406	// No insert data in post mode
407	insert_new_data_user_mail_notification();
408	}
409
410	// +-----------------------------------------------------------------------+
411	// \| Treatment of tab post \|
412	// +-----------------------------------------------------------------------+
413	switch ($page['mode'])
414	{
415	case 'param' :
416	{
417	$updated_param_count = 0;
418	// Update param
419	$result = pwg_query('select param, value from '.CONFIG_TABLE.' where param like \'nbm\\_%\'');
420	while ($nbm_user = mysql_fetch_array($result))
421	{
422	if (isset($_POST['param_submit']) and !is_adviser())
423	{
424	if (isset($_POST[$nbm_user['param']]))
425	{
426	$value = $_POST[$nbm_user['param']];
427
428	$query = '
429	update
430	'.CONFIG_TABLE.'
431	set
432	value = \''. str_replace("\'", "''", $value).'\'
433	where
434	param = \''.$nbm_user['param'].'\';';
435	pwg_query($query);
436	$updated_param_count += 1;
437	}
438	}
439
440	$conf[$nbm_user['param']] = $nbm_user['value'];
441
442	// if the parameter is present in $_POST array (if a form is submited), we
443	// override it with the submited value
444	if (isset($_POST[$nbm_user['param']]) and !is_adviser())
445	{
446	$conf[$nbm_user['param']] = stripslashes($_POST[$nbm_user['param']]);
447	}
448
449	// If the field is true or false, the variable is transformed into a
450	// boolean value.
451	if ($conf[$nbm_user['param']] == 'true' or $conf[$nbm_user['param']] == 'false')
452	{
453	$conf[$nbm_user['param']] = get_boolean($conf[$nbm_user['param']]);
454	}
455	}
456
457	if ($updated_param_count != 0)
458	{
459	array_push($page['infos'], sprintf(l10n('nbm_updated_param_count'), $updated_param_count));
460	}
461	}
462	case 'subscribe' :
463	{
464	if (!is_adviser())
465	{
466	if (isset($_POST['falsify']) and isset($_POST['cat_true']))
467	{
468	$check_key_treated = unsubcribe_notification_by_mail(true, $_POST['cat_true']);
469	do_timeout_treatment('cat_true', $check_key_treated);
470	}
471	else
472	if (isset($_POST['trueify']) and isset($_POST['cat_false']))
473	{
474	$check_key_treated = subcribe_notification_by_mail(true, $_POST['cat_false']);
475	do_timeout_treatment('cat_false', $check_key_treated);
476	}
477	}
478	break;
479	}
480
481	case 'send' :
482	{
483	if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']) and !is_adviser())
484	{
485	$check_key_treated = do_action_send_mail_notification('send', $_POST['send_selection'], stripslashes($_POST['send_customize_mail_content']));
486	do_timeout_treatment('send_selection', $check_key_treated);
487	}
488	}
489	}
490
491	// +-----------------------------------------------------------------------+
492	// \| template initialization \|
493	// +-----------------------------------------------------------------------+
494	$template->set_filenames
495	(
496	array
497	(
498	'double_select' => 'admin/double_select.tpl',
499	'notification_by_mail'=>'admin/notification_by_mail.tpl'
500	)
501	);
502
503	$template->assign_vars
504	(
505	array
506	(
507	'U_TABSHEET_TITLE' => l10n('nbm_'.$page['mode'].'_mode'),
508	'U_HELP' => add_url_params(get_root_url().'popuphelp.php', array('page' => 'notification_by_mail')),
509	'F_ACTION'=> $base_url.get_query_string_diff(array())
510	)
511	);
512
513	if (is_autorize_status(ACCESS_WEBMASTER))
514	{
515	$template->assign_block_vars
516	(
517	'header_link',
518	array
519	(
520	'PARAM_MODE' => add_url_params($base_url.get_query_string_diff(array('mode', 'select')), array('mode' => 'param')),
521	'SUBSCRIBE_MODE' => add_url_params($base_url.get_query_string_diff(array('mode', 'select')), array('mode' => 'subscribe')),
522	'SEND_MODE' => add_url_params($base_url.get_query_string_diff(array('mode', 'select')), array('mode' => 'send'))
523	)
524	);
525	}
526
527	if ($must_repost)
528	{
529	// Get name of submit button
530	$repost_submit_name = '';
531	if (isset($_POST['falsify']))
532	{
533	$repost_submit_name = 'falsify';
534	}
535	elseif (isset($_POST['trueify']))
536	{
537	$repost_submit_name = 'trueify';
538	}
539	elseif (isset($_POST['send_submit']))
540	{
541	$repost_submit_name = 'send_submit';
542	}
543
544	$template->assign_block_vars
545	(
546	'repost',
547	array
548	(
549	'REPOST_SUBMIT_NAME' => $repost_submit_name
550	)
551	);
552	}
553
554	switch ($page['mode'])
555	{
556	case 'param' :
557	{
558	$template->assign_block_vars(
559	$page['mode'],
560	array(
561	'SEND_MAIL_AS' => $conf['nbm_send_mail_as'],
562	'SEND_DETAILED_CONTENT_YES' => ($conf['nbm_send_detailed_content'] ? 'checked="checked"' : ''),
563	'SEND_DETAILED_CONTENT_NO' => (!$conf['nbm_send_detailed_content'] ? 'checked="checked"' : ''),
564	'COMPLEMENTARY_MAIL_CONTENT' => $conf['nbm_complementary_mail_content']
565	));
566	break;
567	}
568
569	case 'subscribe' :
570	{
571	$template->assign_block_vars(
572	$page['mode'],
573	array(
574	));
575
576	$template->assign_vars(
577	array(
578	'L_CAT_OPTIONS_TRUE' => l10n('nbm_subscribe_col'),
579	'L_CAT_OPTIONS_FALSE' => l10n('nbm_unsubscribe_col')
580	)
581	);
582
583	$data_users = get_user_notifications('subscribe');
584	foreach ($data_users as $nbm_user)
585	{
586	$template->assign_block_vars(
587	(get_boolean($nbm_user['enabled']) ? 'category_option_true' : 'category_option_false'),
588	array('SELECTED' => ( // Keep selected user where enabled are not changed when change has been notify
589	get_boolean($nbm_user['enabled']) ? (isset($_POST['falsify']) and isset($_POST['cat_true']) and in_array($nbm_user['check_key'], $_POST['cat_true']))
590	: (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false']))
591	) ? 'selected="selected"' : '',
592	'VALUE' => $nbm_user['check_key'],
593	'OPTION' => $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'
594	));
595	}
596
597	break;
598	}
599
600	case 'send' :
601	{
602	$template->assign_block_vars($page['mode'], array());
603
604	$data_users = do_action_send_mail_notification('list_to_send');
605
606	if (count($data_users) == 0)
607	{
608	$template->assign_block_vars($page['mode'].'.send_empty', array());
609	}
610	else
611	{
612	$template->assign_block_vars(
613	$page['mode'].'.send_data',
614	array(
615	'CUSTOMIZE_MAIL_CONTENT' => isset($_POST['send_customize_mail_content']) ? stripslashes($_POST['send_customize_mail_content']) : $conf['nbm_complementary_mail_content']
616	));
617
618	foreach ($data_users as $num => $nbm_user)
619	{
620	if (
621	(!$must_repost) or // Not timeout, normal treatment
622	(($must_repost) and in_array($nbm_user['check_key'], $_POST['send_selection'])) // Must be repost, show only user to send
623	)
624	{
625	$template->assign_block_vars(
626	$page['mode'].'.send_data.user_send_mail',
627	array(
628	'CLASS' => ($num % 2 == 1) ? 'nbm_user2' : 'nbm_user1',
629	'ID' => $nbm_user['check_key'],
630	'CHECKED' => ( // not check if not selected, on init select<all
631	isset($_POST['send_selection']) and // not init
632	!in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected
633	) ? '' : 'checked="checked"',
634	'USERNAME'=> $nbm_user['username'],
635	'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']),
636	'LAST_SEND'=> $nbm_user['last_send']
637	));
638	}
639	}
640	}
641
642	break;
643	}
644	}
645
646	// +-----------------------------------------------------------------------+
647	// \| Sending html code \|
648	// +-----------------------------------------------------------------------+
649	$template->assign_var_from_handle('DOUBLE_SELECT', 'double_select');
650	$template->assign_var_from_handle('ADMIN_CONTENT', 'notification_by_mail');
651
652	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/admin/notification_by_mail.php @ 1571

Download in other formats: