Context Navigation

source: trunk/admin/notification_by_mail.php @ 4304

Last change on this file since 4304 was 4304, checked in by Eric, 14 years ago

Escape all login and username characters in database
Display correctly usernames

(I hope not to have made mistakes)

Property svn:eol-style set to LF

File size: 23.7 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	// +-----------------------------------------------------------------------+
25	// \| include \|
26	// +-----------------------------------------------------------------------+
27
28	if (!defined('PHPWG_ROOT_PATH'))
29	{
30	die ("Hacking attempt!");
31	}
32
33	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
34	include_once(PHPWG_ROOT_PATH.'admin/include/functions_notification_by_mail.inc.php');
35	include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
36	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
37	include_once(PHPWG_ROOT_PATH.'include/functions_notification.inc.php');
38	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
39
40	// +-----------------------------------------------------------------------+
41	// \| Check Access and exit when user status is not ok \|
42	// +-----------------------------------------------------------------------+
43	check_status(ACCESS_ADMINISTRATOR);
44
45	// +-----------------------------------------------------------------------+
46	// \| Initialization \|
47	// +-----------------------------------------------------------------------+
48	$base_url = get_root_url().'admin.php';
49	$must_repost = false;
50
51	// +-----------------------------------------------------------------------+
52	// \| functions \|
53	// +-----------------------------------------------------------------------+
54
55	/*
56	* Do timeout treatment in order to finish to send mails
57	*
58	* @param $post_keyname: key of check_key post array
59	* @param check_key_treated: array of check_key treated
60	* @return none
61	*/
62	function do_timeout_treatment($post_keyname, $check_key_treated = array())
63	{
64	global $env_nbm, $base_url, $page, $must_repost;
65
66	if ($env_nbm['is_sendmail_timeout'])
67	{
68	if (isset($_POST[$post_keyname]))
69	{
70	$post_count = count($_POST[$post_keyname]);
71	$treated_count = count($check_key_treated);
72	if ($treated_count != 0)
73	{
74	$time_refresh = ceil((get_moment() - $env_nbm['start_time']) * $post_count / $treated_count);
75	}
76	else
77	{
78	$time_refresh = 0;
79	}
80	$_POST[$post_keyname] = array_diff($_POST[$post_keyname], $check_key_treated);
81
82	$must_repost = true;
83	array_push($page['errors'],
84	l10n_dec('nbm_background_treatment_redirect_second',
85	'nbm_background_treatment_redirect_seconds',
86	$time_refresh));
87	}
88	}
89
90	}
91
92	/*
93	* Get the authorized_status for each tab
94	* return corresponding status
95	*/
96	function get_tab_status($mode)
97	{
98	$result = ACCESS_WEBMASTER;
99	switch ($mode)
100	{
101	case 'param':
102	case 'subscribe':
103	$result = ACCESS_WEBMASTER;
104	break;
105	case 'send':
106	$result = ACCESS_ADMINISTRATOR;
107	break;
108	default:
109	$result = ACCESS_WEBMASTER;
110	break;
111	}
112	return $result;
113	}
114
115	/*
116	* Inserting News users
117	*/
118	function insert_new_data_user_mail_notification()
119	{
120	global $conf, $page, $env_nbm;
121
122	// Set null mail_address empty
123	$query = '
124	update
125	'.USERS_TABLE.'
126	set
127	'.$conf['user_fields']['email'].' = null
128	where
129	trim('.$conf['user_fields']['email'].') = \'\';';
130	pwg_query($query);
131
132	// null mail_address are not selected in the list
133	$query = '
134	select
135	u.'.$conf['user_fields']['id'].' as user_id,
136	u.'.$conf['user_fields']['username'].' as username,
137	u.'.$conf['user_fields']['email'].' as mail_address
138	from
139	'.USERS_TABLE.' as u left join '.USER_MAIL_NOTIFICATION_TABLE.' as m on u.'.$conf['user_fields']['id'].' = m.user_id
140	where
141	u.'.$conf['user_fields']['email'].' is not null and
142	m.user_id is null
143	order by
144	user_id;';
145
146	$result = pwg_query($query);
147
148	if (mysql_num_rows($result) > 0)
149	{
150	$inserts = array();
151	$check_key_list = array();
152
153	while ($nbm_user = mysql_fetch_assoc($result))
154	{
155	// Calculate key
156	$nbm_user['check_key'] = find_available_check_key();
157
158	// Save key
159	array_push($check_key_list, $nbm_user['check_key']);
160
161	// Insert new nbm_users
162	array_push
163	(
164	$inserts,
165	array
166	(
167	'user_id' => $nbm_user['user_id'],
168	'check_key' => $nbm_user['check_key'],
169	'enabled' => 'false' // By default if false, set to true with specific functions
170	)
171	);
172
173	array_push
174	(
175	$page['infos'],
176	sprintf(
177	l10n('nbm_user_x_added'),
178	stripslashes($nbm_user['username']),
179	get_email_address_as_display_text($nbm_user['mail_address'])
180	)
181	);
182	}
183
184	// Insert new nbm_users
185	mass_inserts(USER_MAIL_NOTIFICATION_TABLE, array('user_id', 'check_key', 'enabled'), $inserts);
186	// Update field enabled with specific function
187	$check_key_treated = do_subscribe_unsubscribe_notification_by_mail
188	(
189	true,
190	$conf['nbm_default_value_user_enabled'],
191	$check_key_list
192	);
193
194	// On timeout simulate like tabsheet send
195	if ($env_nbm['is_sendmail_timeout'])
196	{
197	$quoted_check_key_list = quote_check_key_list(array_diff($check_key_list, $check_key_treated));
198	if (count($quoted_check_key_list) != 0 )
199	{
200	$query = 'delete from '.USER_MAIL_NOTIFICATION_TABLE.' where check_key in ('.implode(",", $quoted_check_key_list).');';
201	$result = pwg_query($query);
202
203	redirect($base_url.get_query_string_diff(array(), false), l10n('nbm_redirect_msg'));
204	}
205	}
206	}
207	}
208
209	/*
210	* Apply global functions to mail content
211	* return customize mail content rendered
212	*/
213	function render_global_customize_mail_content($customize_mail_content)
214	{
215	global $conf;
216
217	if ($conf['nbm_send_html_mail'] and !(strpos($customize_mail_content, '<') === 0))
218	{
219	// On HTML mail, detects if the content are HTML format.
220	// If it's plain text format, convert content to readable HTML
221	return nl2br(htmlspecialchars($customize_mail_content));
222	}
223	else
224	{
225	return $customize_mail_content;
226	}
227	}
228
229	/*
230	* Send mail for notification to all users
231	* Return list of "selected" users for 'list_to_send'
232	* Return list of "treated" check_key for 'send'
233	*/
234	function do_action_send_mail_notification($action = 'list_to_send', $check_key_list = array(), $customize_mail_content = '')
235	{
236	global $conf, $page, $user, $lang_info, $lang, $env_nbm;
237	$return_list = array();
238
239	if (in_array($action, array('list_to_send', 'send')))
240	{
241	list($dbnow) = mysql_fetch_row(pwg_query('SELECT NOW();'));
242
243	$is_action_send = ($action == 'send');
244
245	// disabled and null mail_address are not selected in the list
246	$data_users = get_user_notifications('send', $check_key_list);
247
248	// List all if it's define on options or on timeout
249	$is_list_all_without_test = ($env_nbm['is_sendmail_timeout'] or $conf['nbm_list_all_enabled_users_to_send']);
250
251	// Check if exist news to list user or send mails
252	if ((!$is_list_all_without_test) or ($is_action_send))
253	{
254	if (count($data_users) > 0)
255	{
256	$datas = array();
257
258	if (!isset($customize_mail_content))
259	{
260	$customize_mail_content = $conf['nbm_complementary_mail_content'];
261	}
262
263	$customize_mail_content =
264	trigger_event('nbm_render_global_customize_mail_content', $customize_mail_content);
265
266
267	// Prepare message after change language
268	if ($is_action_send)
269	{
270	$msg_break_timeout = l10n('nbm_break_timeout_send_mail');
271	}
272	else
273	{
274	$msg_break_timeout = l10n('nbm_break_timeout_list_user');
275	}
276
277	// Begin nbm users environment
278	begin_users_env_nbm($is_action_send);
279
280	foreach ($data_users as $nbm_user)
281	{
282	if ((!$is_action_send) and check_sendmail_timeout())
283	{
284	// Stop fill list on 'list_to_send', if the quota is override
285	array_push($page['infos'], $msg_break_timeout);
286	break;
287	}
288	if (($is_action_send) and check_sendmail_timeout())
289	{
290	// Stop fill list on 'send', if the quota is override
291	array_push($page['errors'], $msg_break_timeout);
292	break;
293	}
294
295	// set env nbm user
296	set_user_on_env_nbm($nbm_user, $is_action_send);
297
298	if ($is_action_send)
299	{
300	set_make_full_url();
301	// Fill return list of "treated" check_key for 'send'
302	array_push($return_list, $nbm_user['check_key']);
303
304	if ($conf['nbm_send_detailed_content'])
305	{
306	$news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail']);
307	$exist_data = count($news) > 0;
308	}
309	else
310	{
311	$exist_data = news_exists($nbm_user['last_send'], $dbnow);
312	}
313
314	if ($exist_data)
315	{
316	$subject = '['.$conf['gallery_title'].']: '.l10n('nbm_object_news');
317
318	// Assign current var for nbm mail
319	assign_vars_nbm_mail_content($nbm_user);
320
321	if (!is_null($nbm_user['last_send']))
322	{
323	$env_nbm['mail_template']->assign
324	(
325	'content_new_elements_between',
326	array
327	(
328	'DATE_BETWEEN_1' => $nbm_user['last_send'],
329	'DATE_BETWEEN_2' => $dbnow,
330	)
331	);
332	}
333	else
334	{
335	$env_nbm['mail_template']->assign
336	(
337	'content_new_elements_single',
338	array
339	(
340	'DATE_SINGLE' => $dbnow,
341	)
342	);
343	}
344
345	if ($conf['nbm_send_detailed_content'])
346	{
347	$env_nbm['mail_template']->assign('global_new_lines', $news);
348	}
349
350	$nbm_user_customize_mail_content =
351	trigger_event('nbm_render_user_customize_mail_content',
352	$customize_mail_content, $nbm_user);
353	if (!empty($nbm_user_customize_mail_content))
354	{
355	$env_nbm['mail_template']->assign
356	(
357	'custom_mail_content', $nbm_user_customize_mail_content
358	);
359	}
360
361	if ($conf['nbm_send_html_mail'] and $conf['nbm_send_recent_post_dates'])
362	{
363	$recent_post_dates = get_recent_post_dates_array(
364	$conf['recent_post_dates']['NBM']);
365	foreach ($recent_post_dates as $date_detail)
366	{
367	$env_nbm['mail_template']->append
368	(
369	'recent_posts',
370	array
371	(
372	'TITLE' => get_title_recent_post_date($date_detail),
373	'HTML_DATA' => get_html_description_recent_post_date($date_detail)
374	)
375	);
376	}
377	}
378
379	$env_nbm['mail_template']->assign
380	(
381	array
382	(
383	'GOTO_GALLERY_TITLE' => $conf['gallery_title'],
384	'GOTO_GALLERY_URL' => $conf['gallery_url'],
385	'SEND_AS_NAME' => $env_nbm['send_as_name'],
386	)
387	);
388
389	if (pwg_mail
390	(
391	format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']),
392	array
393	(
394	'from' => $env_nbm['send_as_mail_formated'],
395	'subject' => $subject,
396	'email_format' => $env_nbm['email_format'],
397	'content' => $env_nbm['mail_template']->parse('notification_by_mail', true),
398	'content_format' => $env_nbm['email_format'],
399	'template' => $nbm_user['template'],
400	'theme' => $nbm_user['theme']
401	)
402	))
403	{
404	inc_mail_sent_success($nbm_user);
405
406	$data = array('user_id' => $nbm_user['user_id'],
407	'last_send' => $dbnow);
408	array_push($datas, $data);
409	}
410	else
411	{
412	inc_mail_sent_failed($nbm_user);
413	}
414
415	unset_make_full_url();
416	}
417	}
418	else
419	{
420	if (news_exists($nbm_user['last_send'], $dbnow))
421	{
422	// Fill return list of "selected" users for 'list_to_send'
423	array_push($return_list, $nbm_user);
424	}
425	}
426
427	// unset env nbm user
428	unset_user_on_env_nbm();
429	}
430
431	// Restore nbm environment
432	end_users_env_nbm();
433
434	if ($is_action_send)
435	{
436	mass_updates(
437	USER_MAIL_NOTIFICATION_TABLE,
438	array(
439	'primary' => array('user_id'),
440	'update' => array('last_send')
441	),
442	$datas
443	);
444
445	display_counter_info();
446	}
447	}
448	else
449	{
450	if ($is_action_send)
451	{
452	array_push($page['errors'], l10n('nbm_no_user_to send_notifications_by_mail'));
453	}
454	}
455	}
456	else
457	{
458	// Quick List, don't check news
459	// Fill return list of "selected" users for 'list_to_send'
460	$return_list = $data_users;
461	}
462	}
463
464	// Return list of "selected" users for 'list_to_send'
465	// Return list of "treated" check_key for 'send'
466	return $return_list;
467	}
468
469	// +-----------------------------------------------------------------------+
470	// \| Main \|
471	// +-----------------------------------------------------------------------+
472	if (!isset($_GET['mode']))
473	{
474	$page['mode'] = 'send';
475	}
476	else
477	{
478	$page['mode'] = $_GET['mode'];
479	}
480
481	// +-----------------------------------------------------------------------+
482	// \| Check Access and exit when user status is not ok \|
483	// +-----------------------------------------------------------------------+
484	check_status(get_tab_status($page['mode']));
485
486
487	// +-----------------------------------------------------------------------+
488	// \| Add event handler \|
489	// +-----------------------------------------------------------------------+
490	add_event_handler('nbm_render_global_customize_mail_content', 'render_global_customize_mail_content');
491	trigger_action('nbm_event_handler_added');
492
493
494	// +-----------------------------------------------------------------------+
495	// \| Insert new users with mails \|
496	// +-----------------------------------------------------------------------+
497	if (!isset($_POST) or (count($_POST) ==0))
498	{
499	// No insert data in post mode
500	insert_new_data_user_mail_notification();
501	}
502
503	// +-----------------------------------------------------------------------+
504	// \| Treatment of tab post \|
505	// +-----------------------------------------------------------------------+
506	switch ($page['mode'])
507	{
508	case 'param' :
509	{
510	if (isset($_POST['param_submit']) and !is_adviser())
511	{
512	$updated_param_count = 0;
513	// Update param
514	$result = pwg_query('select param, value from '.CONFIG_TABLE.' where param like \'nbm\\_%\'');
515	while ($nbm_user = mysql_fetch_assoc($result))
516	{
517	if (isset($_POST[$nbm_user['param']]))
518	{
519	$value = $_POST[$nbm_user['param']];
520
521	$query = '
522	update
523	'.CONFIG_TABLE.'
524	set
525	value = \''. str_replace("\'", "''", $value).'\'
526	where
527	param = \''.$nbm_user['param'].'\';';
528	pwg_query($query);
529	$updated_param_count += 1;
530	}
531	}
532
533	array_push($page['infos'],
534	l10n_dec('nbm_updated_param_count', 'nbm_updated_params_count',
535	$updated_param_count));
536
537	// Reload conf with new values
538	load_conf_from_db('param like \'nbm\\_%\'');
539	}
540	}
541	case 'subscribe' :
542	{
543	if (!is_adviser())
544	{
545	if (isset($_POST['falsify']) and isset($_POST['cat_true']))
546	{
547	$check_key_treated = unsubscribe_notification_by_mail(true, $_POST['cat_true']);
548	do_timeout_treatment('cat_true', $check_key_treated);
549	}
550	else
551	if (isset($_POST['trueify']) and isset($_POST['cat_false']))
552	{
553	$check_key_treated = subscribe_notification_by_mail(true, $_POST['cat_false']);
554	do_timeout_treatment('cat_false', $check_key_treated);
555	}
556	}
557	break;
558	}
559
560	case 'send' :
561	{
562	if (isset($_POST['send_submit']) and isset($_POST['send_selection']) and isset($_POST['send_customize_mail_content']) and !is_adviser())
563	{
564	$check_key_treated = do_action_send_mail_notification('send', $_POST['send_selection'], stripslashes($_POST['send_customize_mail_content']));
565	do_timeout_treatment('send_selection', $check_key_treated);
566	}
567	}
568	}
569
570	// +-----------------------------------------------------------------------+
571	// \| template initialization \|
572	// +-----------------------------------------------------------------------+
573	$template->set_filenames
574	(
575	array
576	(
577	'double_select' => 'double_select.tpl',
578	'notification_by_mail'=>'notification_by_mail.tpl'
579	)
580	);
581
582	$template->assign
583	(
584	array
585	(
586	'U_HELP' => add_url_params(get_root_url().'popuphelp.php', array('page' => 'notification_by_mail')),
587	'F_ACTION'=> $base_url.get_query_string_diff(array())
588	)
589	);
590
591	if (is_autorize_status(ACCESS_WEBMASTER))
592	{
593	// TabSheet
594	$tabsheet = new tabsheet();
595	// TabSheet initialization
596	$tabsheet->add('param', l10n('nbm_param_mode'),
597	add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
598	array('mode' => 'param')));
599	$tabsheet->add('subscribe', l10n('nbm_subscribe_mode'),
600	add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
601	array('mode' => 'subscribe')));
602	$tabsheet->add('send', l10n('nbm_send_mode'),
603	add_url_params($base_url.get_query_string_diff(array('mode', 'select')),
604	array('mode' => 'send')));
605	// TabSheet selection
606	$tabsheet->select($page['mode']);
607	// Assign tabsheet to template
608	$tabsheet->assign();
609	}
610
611	if ($must_repost)
612	{
613	// Get name of submit button
614	$repost_submit_name = '';
615	if (isset($_POST['falsify']))
616	{
617	$repost_submit_name = 'falsify';
618	}
619	elseif (isset($_POST['trueify']))
620	{
621	$repost_submit_name = 'trueify';
622	}
623	elseif (isset($_POST['send_submit']))
624	{
625	$repost_submit_name = 'send_submit';
626	}
627
628	$template->assign('REPOST_SUBMIT_NAME', $repost_submit_name);
629	}
630
631	switch ($page['mode'])
632	{
633	case 'param' :
634	{
635	$template->assign(
636	$page['mode'],
637	array(
638	'SEND_HTML_MAIL' => $conf['nbm_send_html_mail'],
639	'SEND_MAIL_AS' => $conf['nbm_send_mail_as'],
640	'SEND_DETAILED_CONTENT' => $conf['nbm_send_detailed_content'],
641	'COMPLEMENTARY_MAIL_CONTENT' => $conf['nbm_complementary_mail_content'],
642	'SEND_RECENT_POST_DATES' => $conf['nbm_send_recent_post_dates'],
643	));
644	break;
645	}
646
647	case 'subscribe' :
648	{
649	$template->assign( $page['mode'], true );
650
651	$template->assign(
652	array(
653	'L_CAT_OPTIONS_TRUE' => l10n('nbm_subscribe_col'),
654	'L_CAT_OPTIONS_FALSE' => l10n('nbm_unsubscribe_col')
655	)
656	);
657
658	$data_users = get_user_notifications('subscribe');
659
660	$opt_true = array();
661	$opt_true_selected = array();
662	$opt_false = array();
663	$opt_false_selected = array();
664	foreach ($data_users as $nbm_user)
665	{
666	if (get_boolean($nbm_user['enabled']))
667	{
668	$opt_true[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']';
669	if ((isset($_POST['falsify']) and isset($_POST['cat_true']) and in_array($nbm_user['check_key'], $_POST['cat_true'])))
670	{
671	$opt_true_selected[] = $nbm_user['check_key'];
672	}
673	}
674	else
675	{
676	$opt_false[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']';
677	if (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false']))
678	{
679	$opt_false_selected[] = $nbm_user['check_key'];
680	}
681	}
682	}
683	$template->assign( array(
684	'category_option_true' => $opt_true,
685	'category_option_true_selected' => $opt_true_selected,
686	'category_option_false' => $opt_false,
687	'category_option_false_selected' => $opt_false_selected,
688	)
689	);
690	$template->assign_var_from_handle('DOUBLE_SELECT', 'double_select');
691	break;
692	}
693
694	case 'send' :
695	{
696	$tpl_var = array('users'=> array() );
697
698	$data_users = do_action_send_mail_notification('list_to_send');
699
700	$tpl_var['CUSTOMIZE_MAIL_CONTENT'] =
701	isset($_POST['send_customize_mail_content'])
702	? stripslashes($_POST['send_customize_mail_content'])
703	: $conf['nbm_complementary_mail_content'];
704
705	if (count($data_users))
706	{
707	foreach ($data_users as $nbm_user)
708	{
709	if (
710	(!$must_repost) or // Not timeout, normal treatment
711	(($must_repost) and in_array($nbm_user['check_key'], $_POST['send_selection'])) // Must be repost, show only user to send
712	)
713	{
714	$tpl_var['users'][] =
715	array(
716	'ID' => $nbm_user['check_key'],
717	'CHECKED' => ( // not check if not selected, on init select<all
718	isset($_POST['send_selection']) and // not init
719	!in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected
720	) ? '' : 'checked="checked"',
721	'USERNAME'=> stripslashes($nbm_user['username']),
722	'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']),
723	'LAST_SEND'=> $nbm_user['last_send']
724	);
725	}
726	}
727	}
728	$template->assign($page['mode'], $tpl_var);
729	break;
730	}
731	}
732
733	// +-----------------------------------------------------------------------+
734	// \| Sending html code \|
735	// +-----------------------------------------------------------------------+
736	$template->assign_var_from_handle('ADMIN_CONTENT', 'notification_by_mail');
737
738	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: