1727 |
1727 |
1728 echo '</form>'; |
1728 echo '</form>'; |
1729 |
1729 |
1730 } |
1730 } |
1731 |
1731 |
|
1732 function page_Admin_MassEmail() |
|
1733 { |
|
1734 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1735 global $lang; |
|
1736 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
|
1737 { |
|
1738 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1739 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1740 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
|
1741 return; |
|
1742 } |
|
1743 |
|
1744 global $enano_config; |
|
1745 if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') ) |
|
1746 { |
|
1747 $use_smtp = getConfig('smtp_enabled') == '1'; |
|
1748 |
|
1749 // |
|
1750 // Let's do some checking to make sure that mass mail functions |
|
1751 // are working in win32 versions of php. (copied from phpBB) |
|
1752 // |
|
1753 if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$use_smtp) |
|
1754 { |
|
1755 $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; |
|
1756 |
|
1757 // We are running on windows, force delivery to use our smtp functions |
|
1758 // since php's are broken by default |
|
1759 $use_smtp = true; |
|
1760 $enano_config['smtp_server'] = @$ini_val('SMTP'); |
|
1761 } |
|
1762 |
|
1763 $mail = new emailer( !empty($use_smtp) ); |
|
1764 |
|
1765 // Validate subject/message body |
|
1766 $subject = stripslashes(trim($_POST['subject'])); |
|
1767 $message = stripslashes(trim($_POST['message'])); |
|
1768 |
|
1769 if ( empty($subject) ) |
|
1770 $errors[] = $lang->get('acpmm_err_need_subject'); |
|
1771 if ( empty($message) ) |
|
1772 $errors[] = $lang->get('acpmm_err_need_message'); |
|
1773 |
|
1774 // Get list of members |
|
1775 if ( !empty($_POST['userlist']) ) |
|
1776 { |
|
1777 $userlist = str_replace(', ', ',', $_POST['userlist']); |
|
1778 $userlist = explode(',', $userlist); |
|
1779 foreach ( $userlist as $k => $u ) |
|
1780 { |
|
1781 if ( $u == $session->username ) |
|
1782 { |
|
1783 // Message is automatically sent to the sender |
|
1784 unset($userlist[$k]); |
|
1785 } |
|
1786 else |
|
1787 { |
|
1788 $userlist[$k] = $db->escape($u); |
|
1789 } |
|
1790 } |
|
1791 $userlist = 'WHERE username=\'' . implode('\' OR username=\'', $userlist) . '\''; |
|
1792 |
|
1793 $q = $db->sql_query('SELECT email FROM '.table_prefix.'users ' . $userlist . ';'); |
|
1794 if ( !$q ) |
|
1795 $db->_die(); |
|
1796 |
|
1797 if ( $row = $db->fetchrow() ) |
|
1798 { |
|
1799 do { |
|
1800 $mail->cc($row['email']); |
|
1801 } while ( $row = $db->fetchrow() ); |
|
1802 } |
|
1803 |
|
1804 $db->free_result(); |
|
1805 |
|
1806 } |
|
1807 else |
|
1808 { |
|
1809 // Sending to a usergroup |
|
1810 |
|
1811 $group_id = intval($_POST['group_id']); |
|
1812 if ( $group_id < 1 ) |
|
1813 { |
|
1814 $errors[] = 'Invalid group ID'; |
|
1815 } |
|
1816 else |
|
1817 { |
|
1818 $q = $db->sql_query('SELECT u.email FROM '.table_prefix.'group_members AS g |
|
1819 LEFT JOIN '.table_prefix.'users AS u |
|
1820 ON (u.user_id=g.user_id) |
|
1821 WHERE g.group_id=' . $group_id . ';'); |
|
1822 if ( !$q ) |
|
1823 $db->_die(); |
|
1824 |
|
1825 if ( $row = $db->fetchrow() ) |
|
1826 { |
|
1827 do { |
|
1828 $mail->cc($row['email']); |
|
1829 } while ( $row = $db->fetchrow() ); |
|
1830 } |
|
1831 |
|
1832 $db->free_result(); |
|
1833 } |
|
1834 } |
|
1835 |
|
1836 if ( sizeof($errors) < 1 ) |
|
1837 { |
|
1838 |
|
1839 $mail->from(getConfig('contact_email')); |
|
1840 $mail->replyto(getConfig('contact_email')); |
|
1841 $mail->set_subject($subject); |
|
1842 $mail->email_address(getConfig('contact_email')); |
|
1843 |
|
1844 // Copied/modified from phpBB |
|
1845 $email_headers = 'X-AntiAbuse: Website server name - ' . $_SERVER['SERVER_NAME'] . "\n"; |
|
1846 $email_headers .= 'X-AntiAbuse: User_id - ' . $session->user_id . "\n"; |
|
1847 $email_headers .= 'X-AntiAbuse: Username - ' . $session->username . "\n"; |
|
1848 $email_headers .= 'X-AntiAbuse: User IP - ' . $_SERVER['REMOTE_ADDR'] . "\n"; |
|
1849 |
|
1850 $mail->extra_headers($email_headers); |
|
1851 |
|
1852 // FIXME: how to handle l10n with this? |
|
1853 $tpl = 'The following message was mass-mailed by {SENDER}, one of the administrators from {SITE_NAME}. If this message contains spam or any comments which you find abusive or offensive, please contact the administration team at: |
|
1854 |
|
1855 {CONTACT_EMAIL} |
|
1856 |
|
1857 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
1858 {MESSAGE} |
|
1859 '; |
|
1860 |
|
1861 $mail->use_template($tpl); |
|
1862 |
|
1863 $mail->assign_vars(array( |
|
1864 'SENDER' => $session->username, |
|
1865 'SITE_NAME' => getConfig('site_name'), |
|
1866 'CONTACT_EMAIL' => getConfig('contact_email'), |
|
1867 'MESSAGE' => $message |
|
1868 )); |
|
1869 |
|
1870 //echo '<pre>'.print_r($mail,true).'</pre>'; |
|
1871 |
|
1872 // All done |
|
1873 $mail->send(); |
|
1874 $mail->reset(); |
|
1875 |
|
1876 echo '<div class="info-box">' . $lang->get('acpmm_msg_send_success') . '</div>'; |
|
1877 |
|
1878 } |
|
1879 else |
|
1880 { |
|
1881 echo '<div class="warning-box">' . $lang->get('acpmm_err_send_fail') . '<ul><li>' . implode('</li><li>', $errors) . '</li></ul></div>'; |
|
1882 } |
|
1883 |
|
1884 } |
|
1885 else if ( isset($_POST['do_send']) && defined('ENANO_DEMO_MODE') ) |
|
1886 { |
|
1887 echo '<div class="error-box">' . $lang->get('acpmm_err_demo') . '</div>'; |
|
1888 } |
|
1889 echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post">'; |
|
1890 ?> |
|
1891 <div class="tblholder"> |
|
1892 <table border="0" cellspacing="1" cellpadding="4"> |
|
1893 <tr> |
|
1894 <th colspan="2"><?php echo $lang->get('acpmm_heading_main'); ?></th> |
|
1895 </tr> |
|
1896 <tr> |
|
1897 <td class="row2" rowspan="2" style="width: 30%; min-width: 200px;"> |
|
1898 <?php echo $lang->get('acpmm_field_group_to'); ?><br /> |
|
1899 <small> |
|
1900 <?php echo $lang->get('acpmm_field_group_to_hint'); ?> |
|
1901 </small> |
|
1902 </td> |
|
1903 <td class="row1"> |
|
1904 <select name="group_id"> |
|
1905 <?php |
|
1906 $q = $db->sql_query('SELECT group_name,group_id FROM '.table_prefix.'groups ORDER BY group_name ASC;'); |
|
1907 if ( !$q ) |
|
1908 $db->_die(); |
|
1909 while ( $row = $db->fetchrow() ) |
|
1910 { |
|
1911 list($g_name) = array_values($row); |
|
1912 $g_name_langstr = 'groupcp_grp_' . strtolower($g_name); |
|
1913 if ( ($g_langstr = $lang->get($g_name_langstr)) != $g_name_langstr ) |
|
1914 { |
|
1915 $g_name = $g_langstr; |
|
1916 } |
|
1917 echo '<option value="' . $row['group_id'] . '">' . htmlspecialchars($g_name) . '</option>'; |
|
1918 } |
|
1919 ?> |
|
1920 </select> |
|
1921 </td> |
|
1922 </tr> |
|
1923 <tr> |
|
1924 <td class="row1"> |
|
1925 <?php echo $lang->get('acpmm_field_username'); ?> <input type="text" name="userlist" size="50" /> |
|
1926 </td> |
|
1927 </tr> |
|
1928 <tr> |
|
1929 <td class="row2" style="width: 30%; min-width: 200px;"> |
|
1930 <?php echo $lang->get('acpmm_field_subject'); ?> |
|
1931 </td> |
|
1932 <td class="row1"> |
|
1933 <input name="subject" type="text" size="50" /> |
|
1934 </td> |
|
1935 </tr> |
|
1936 <tr> |
|
1937 <td class="row2" style="width: 30%; min-width: 200px;"> |
|
1938 <?php echo $lang->get('acpmm_field_message'); ?> |
|
1939 </td> |
|
1940 <td class="row1"> |
|
1941 <textarea name="message" rows="30" cols="60" style="width: 100%;"></textarea> |
|
1942 </td> |
|
1943 </tr> |
|
1944 <tr> |
|
1945 <th class="subhead" colspan="2" style="text-align: left;" valign="middle"> |
|
1946 <div style="float: right;"><input type="submit" name="do_send" value="<?php echo $lang->get('acpmm_btn_send'); ?>" /></div> |
|
1947 <small style="font-weight: normal;"><?php echo $lang->get('acpmm_msg_send_takeawhile'); ?></small> |
|
1948 </th> |
|
1949 </tr> |
|
1950 |
|
1951 </table> |
|
1952 </div> |
|
1953 <?php |
|
1954 echo '</form>'; |
|
1955 } |
|
1956 |
1732 function page_Admin_BanControl() |
1957 function page_Admin_BanControl() |
1733 { |
1958 { |
1734 global $db, $session, $paths, $template, $plugins; // Common objects |
1959 global $db, $session, $paths, $template, $plugins; // Common objects |
1735 global $lang; |
1960 global $lang; |
1736 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1961 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
1835 Rule: <input type="text" name="value" size="30" /><br /> |
2060 Rule: <input type="text" name="value" size="30" /><br /> |
1836 <small>You can ban multiple IP addresses, users, or e-mail addresses by separating entries with a single comma (User1,User2). Do not put a space after the comma. For IP addresses, you may specify ranges like 172|192.168.4-30|90-167.1-90, which will turn into 172 and 192 . 168 . 4-30 and 90-167 . 1 - 90, which matches 18,899 IP addresses.</small><br /> |
2061 <small>You can ban multiple IP addresses, users, or e-mail addresses by separating entries with a single comma (User1,User2). Do not put a space after the comma. For IP addresses, you may specify ranges like 172|192.168.4-30|90-167.1-90, which will turn into 172 and 192 . 168 . 4-30 and 90-167 . 1 - 90, which matches 18,899 IP addresses.</small><br /> |
1837 Reason to show to the banned user: <textarea name="reason" rows="7" cols="40"></textarea><br /> |
2062 Reason to show to the banned user: <textarea name="reason" rows="7" cols="40"></textarea><br /> |
1838 <input type="checkbox" name="regex" id="regex" /> <label for="regex">This rule is a regular expression</label> (advanced users only)<br /> |
2063 <input type="checkbox" name="regex" id="regex" /> <label for="regex">This rule is a regular expression</label> (advanced users only)<br /> |
1839 <input type="submit" style="font-weight: bold;" name="create" value="Create new ban rule" /> |
2064 <input type="submit" style="font-weight: bold;" name="create" value="Create new ban rule" /> |
1840 <?php |
|
1841 echo '</form>'; |
|
1842 } |
|
1843 |
|
1844 function page_Admin_MassEmail() |
|
1845 { |
|
1846 global $db, $session, $paths, $template, $plugins; // Common objects |
|
1847 global $lang; |
|
1848 if ( $session->auth_level < USER_LEVEL_ADMIN || $session->user_level < USER_LEVEL_ADMIN ) |
|
1849 { |
|
1850 $login_link = makeUrlNS('Special', 'Login/' . $paths->nslist['Special'] . 'Administration', 'level=' . USER_LEVEL_ADMIN, true); |
|
1851 echo '<h3>' . $lang->get('adm_err_not_auth_title') . '</h3>'; |
|
1852 echo '<p>' . $lang->get('adm_err_not_auth_body', array( 'login_link' => $login_link )) . '</p>'; |
|
1853 return; |
|
1854 } |
|
1855 |
|
1856 global $enano_config; |
|
1857 if ( isset($_POST['do_send']) && !defined('ENANO_DEMO_MODE') ) |
|
1858 { |
|
1859 $use_smtp = getConfig('smtp_enabled') == '1'; |
|
1860 |
|
1861 // |
|
1862 // Let's do some checking to make sure that mass mail functions |
|
1863 // are working in win32 versions of php. (copied from phpBB) |
|
1864 // |
|
1865 if ( preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$use_smtp) |
|
1866 { |
|
1867 $ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var'; |
|
1868 |
|
1869 // We are running on windows, force delivery to use our smtp functions |
|
1870 // since php's are broken by default |
|
1871 $use_smtp = true; |
|
1872 $enano_config['smtp_server'] = @$ini_val('SMTP'); |
|
1873 } |
|
1874 |
|
1875 $mail = new emailer( !empty($use_smtp) ); |
|
1876 |
|
1877 // Validate subject/message body |
|
1878 $subject = stripslashes(trim($_POST['subject'])); |
|
1879 $message = stripslashes(trim($_POST['message'])); |
|
1880 |
|
1881 if ( empty($subject) ) |
|
1882 $errors[] = 'Please enter a subject.'; |
|
1883 if ( empty($message) ) |
|
1884 $errors[] = 'Please enter a message.'; |
|
1885 |
|
1886 // Get list of members |
|
1887 if ( !empty($_POST['userlist']) ) |
|
1888 { |
|
1889 $userlist = str_replace(', ', ',', $_POST['userlist']); |
|
1890 $userlist = explode(',', $userlist); |
|
1891 foreach ( $userlist as $k => $u ) |
|
1892 { |
|
1893 if ( $u == $session->username ) |
|
1894 { |
|
1895 // Message is automatically sent to the sender |
|
1896 unset($userlist[$k]); |
|
1897 } |
|
1898 else |
|
1899 { |
|
1900 $userlist[$k] = $db->escape($u); |
|
1901 } |
|
1902 } |
|
1903 $userlist = 'WHERE username=\'' . implode('\' OR username=\'', $userlist) . '\''; |
|
1904 |
|
1905 $q = $db->sql_query('SELECT email FROM '.table_prefix.'users ' . $userlist . ';'); |
|
1906 if ( !$q ) |
|
1907 $db->_die(); |
|
1908 |
|
1909 if ( $row = $db->fetchrow() ) |
|
1910 { |
|
1911 do { |
|
1912 $mail->cc($row['email']); |
|
1913 } while ( $row = $db->fetchrow() ); |
|
1914 } |
|
1915 |
|
1916 $db->free_result(); |
|
1917 |
|
1918 } |
|
1919 else |
|
1920 { |
|
1921 // Sending to a usergroup |
|
1922 |
|
1923 $group_id = intval($_POST['group_id']); |
|
1924 if ( $group_id < 1 ) |
|
1925 { |
|
1926 $errors[] = 'Invalid group ID'; |
|
1927 } |
|
1928 else |
|
1929 { |
|
1930 $q = $db->sql_query('SELECT u.email FROM '.table_prefix.'group_members AS g |
|
1931 LEFT JOIN '.table_prefix.'users AS u |
|
1932 ON (u.user_id=g.user_id) |
|
1933 WHERE g.group_id=' . $group_id . ';'); |
|
1934 if ( !$q ) |
|
1935 $db->_die(); |
|
1936 |
|
1937 if ( $row = $db->fetchrow() ) |
|
1938 { |
|
1939 do { |
|
1940 $mail->cc($row['email']); |
|
1941 } while ( $row = $db->fetchrow() ); |
|
1942 } |
|
1943 |
|
1944 $db->free_result(); |
|
1945 } |
|
1946 } |
|
1947 |
|
1948 if ( sizeof($errors) < 1 ) |
|
1949 { |
|
1950 |
|
1951 $mail->from(getConfig('contact_email')); |
|
1952 $mail->replyto(getConfig('contact_email')); |
|
1953 $mail->set_subject($subject); |
|
1954 $mail->email_address(getConfig('contact_email')); |
|
1955 |
|
1956 // Copied/modified from phpBB |
|
1957 $email_headers = 'X-AntiAbuse: Website server name - ' . $_SERVER['SERVER_NAME'] . "\n"; |
|
1958 $email_headers .= 'X-AntiAbuse: User_id - ' . $session->user_id . "\n"; |
|
1959 $email_headers .= 'X-AntiAbuse: Username - ' . $session->username . "\n"; |
|
1960 $email_headers .= 'X-AntiAbuse: User IP - ' . $_SERVER['REMOTE_ADDR'] . "\n"; |
|
1961 |
|
1962 $mail->extra_headers($email_headers); |
|
1963 |
|
1964 $tpl = 'The following message was mass-mailed by {SENDER}, one of the administrators from {SITE_NAME}. If this message contains spam or any comments which you find abusive or offensive, please contact the administration team at: |
|
1965 |
|
1966 {CONTACT_EMAIL} |
|
1967 |
|
1968 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
1969 {MESSAGE} |
|
1970 '; |
|
1971 |
|
1972 $mail->use_template($tpl); |
|
1973 |
|
1974 $mail->assign_vars(array( |
|
1975 'SENDER' => $session->username, |
|
1976 'SITE_NAME' => getConfig('site_name'), |
|
1977 'CONTACT_EMAIL' => getConfig('contact_email'), |
|
1978 'MESSAGE' => $message |
|
1979 )); |
|
1980 |
|
1981 //echo '<pre>'.print_r($mail,true).'</pre>'; |
|
1982 |
|
1983 // All done |
|
1984 $mail->send(); |
|
1985 $mail->reset(); |
|
1986 |
|
1987 echo '<div class="info-box">Your message has been sent.</div>'; |
|
1988 |
|
1989 } |
|
1990 else |
|
1991 { |
|
1992 echo '<div class="warning-box">Could not send message for the following reason(s):<ul><li>' . implode('</li><li>', $errors) . '</li></ul></div>'; |
|
1993 } |
|
1994 |
|
1995 } |
|
1996 else if ( isset($_POST['do_send']) && defined('ENANO_DEMO_MODE') ) |
|
1997 { |
|
1998 echo '<div class="error-box">This function is disabled in the demo. You think demo@enanocms.org likes getting "test" mass e-mails?</div>'; |
|
1999 } |
|
2000 echo '<form action="'.makeUrl($paths->nslist['Special'].'Administration', 'module='.$paths->cpage['module']).'" method="post">'; |
|
2001 ?> |
|
2002 <div class="tblholder"> |
|
2003 <table border="0" cellspacing="1" cellpadding="4"> |
|
2004 <tr> |
|
2005 <th colspan="2">Send mass e-mail</th> |
|
2006 </tr> |
|
2007 <tr> |
|
2008 <td class="row2" rowspan="2" style="width: 30%; min-width: 200px;"> |
|
2009 Send message to:<br /> |
|
2010 <small> |
|
2011 By default, this message will be sent to the group selected here. You may instead send the message to a specific |
|
2012 list of users by entering them in the second row, with usernames separated by a single comma (no space). |
|
2013 </small> |
|
2014 </td> |
|
2015 <td class="row1"> |
|
2016 <select name="group_id"> |
|
2017 <?php |
|
2018 $q = $db->sql_query('SELECT group_name,group_id FROM '.table_prefix.'groups ORDER BY group_name ASC;'); |
|
2019 if ( !$q ) |
|
2020 $db->_die(); |
|
2021 while ( $row = $db->fetchrow() ) |
|
2022 { |
|
2023 echo '<option value="' . $row['group_id'] . '">' . $row['group_name'] . '</option>'; |
|
2024 } |
|
2025 ?> |
|
2026 </select> |
|
2027 </td> |
|
2028 </tr> |
|
2029 <tr> |
|
2030 <td class="row1"> |
|
2031 Usernames: <input type="text" name="userlist" size="50" /> |
|
2032 </td> |
|
2033 </tr> |
|
2034 <tr> |
|
2035 <td class="row2" style="width: 30%; min-width: 200px;"> |
|
2036 Subject: |
|
2037 </td> |
|
2038 <td class="row1"> |
|
2039 <input name="subject" type="text" size="50" /> |
|
2040 </td> |
|
2041 </tr> |
|
2042 <tr> |
|
2043 <td class="row2" style="width: 30%; min-width: 200px;"> |
|
2044 Message: |
|
2045 </td> |
|
2046 <td class="row1"> |
|
2047 <textarea name="message" rows="30" cols="60" style="width: 100%;"></textarea> |
|
2048 </td> |
|
2049 </tr> |
|
2050 <tr> |
|
2051 <th class="subhead" colspan="2" style="text-align: left;" valign="middle"> |
|
2052 <div style="float: right;"><input type="submit" name="do_send" value="Send message" /></div> |
|
2053 <small style="font-weight: normal;">Please be warned: it may take a LONG time to send this message. <b>Please do not stop the script until the process is finished.</b></small> |
|
2054 </th> |
|
2055 </tr> |
|
2056 |
|
2057 </table> |
|
2058 </div> |
|
2059 <?php |
2065 <?php |
2060 echo '</form>'; |
2066 echo '</form>'; |
2061 } |
2067 } |
2062 |
2068 |
2063 function page_Admin_AdminLogout() |
2069 function page_Admin_AdminLogout() |