Your IP : 216.73.216.97
<?php
verifyCsrfGetToken();
$access = accessLevel('export');
$list = $_SESSION['export']['list'];
#https://owasp.org/www-community/attacks/CSV_Injection
function cleanForExport($text) {
$text = preg_replace('/^=/','\' =',$text);
$text = preg_replace('/^\+/','\' +',$text);
$text = preg_replace('/^\-/','\' -',$text);
$text = preg_replace('/^@/','\' @',$text);
return $text;
}
switch ($access) {
case 'owner':
if ($list) {
$check = Sql_Fetch_Assoc_Query(sprintf('select id from %s where owner = %d and id = %d',
$GLOBALS['tables']['list'], $_SESSION['logindetails']['id'], $list));
if (empty($check['id'])) {
echo Error(s('That is not your list'));
return;
}
}
$querytables = $GLOBALS['tables']['list'].' list INNER JOIN '.$GLOBALS['tables']['listuser'].' listuser ON listuser.listid = list.id'.
' INNER JOIN '.$GLOBALS['tables']['user'].' user ON listuser.userid = user.id';
$subselect = ' and list.owner = '.$_SESSION['logindetails']['id'];
$listselect_and = ' and owner = '.$_SESSION['logindetails']['id'];
break;
case 'all':
if ($list) {
$querytables = $GLOBALS['tables']['user'].' user'.' INNER JOIN '.$GLOBALS['tables']['listuser'].' listuser ON user.id = listuser.userid';
$subselect = '';
} else {
$querytables = $GLOBALS['tables']['user'].' user';
$subselect = '';
}
$listselect_and = '';
break;
case 'none':
default:
$querytables = $GLOBALS['tables']['user'].' user';
$subselect = ' and user.id = 0';
$listselect_and = ' and owner = 0';
break;
}
if ($_SESSION['export']['column'] == 'nodate') {
//# fetch dates as min and max from user table
if ($list) {
$dates = Sql_Fetch_Row_Query(sprintf('select date(min(user.modified)),date(max(user.modified)) from %s where listid = %d %s',
$querytables, $list, $subselect));
} else {
//# this takes begin and end of all users, regardless of whether they are on the list of this admin @TODO
$dates = Sql_Fetch_Row_Query(sprintf('select date(min(user.modified)),date(max(user.modified)) from %s ',
$querytables));
}
$fromdate = $dates[0];
$todate = $dates[1];
} else {
$fromdate = $_SESSION['export']['fromdate'];
$todate = $_SESSION['export']['todate'];
}
ob_end_clean();
if ($list) {
$filename = s('phpList Export on %s from %s to %s (%s).csv', ListName($list), $fromdate, $todate, date('Y-M-d'));
} else {
$filename = s('phpList Export from %s to %s (%s).csv', $fromdate, $todate, date('Y-M-d'));
}
$filename = trim(strip_tags($filename));
if (!empty($_SESSION['export']['fileready']) && is_file($_SESSION['export']['fileready'])) {
header('Content-type: '.$GLOBALS['export_mimetype'].'; charset=UTF-8');
header("Content-disposition: attachment; filename=\"$filename\"");
$fp = fopen($_SESSION['export']['fileready'], 'r');
while (!feof($fp)) {
echo fgets($fp);
}
fclose($fp);
unlink($_SESSION['export']['fileready']);
unset($_SESSION['export']);
exit;
}
$exportfileName = tempnam($GLOBALS['tmpdir'], $GLOBALS['installation_name'].'-export'.time());
$exportfile = fopen($exportfileName, 'w');
$col_delim = "\t";
if (EXPORT_EXCEL) {
$col_delim = ',';
}
$row_delim = "\n";
if ($GLOBALS['commandline'] && VERBOSE) {
cl_output(s(' * exporting to %s',$exportfileName));
}
if (is_array($_SESSION['export']['cols'])) {
foreach ($DBstruct['user'] as $key => $val) {
if (in_array($key, $_SESSION['export']['cols'])) {
if (strpos($val[1], 'sys') === false) {
fwrite($exportfile, cleanForExport($val[1]).$col_delim);
} elseif (preg_match('/sysexp:(.*)/', $val[1], $regs)) {
if ($regs[1] == 'ID') { // avoid freak Excel bug: http://mantis.phplist.com/view.php?id=15526
$regs[1] = 'id';
}
fwrite($exportfile, cleanForExport($regs[1]).$col_delim);
}
}
}
}
$attributes = array();
if (is_array($_SESSION['export']['attrs'])) {
$res = Sql_Query("select id,name,type from {$tables['attribute']}");
while ($row = Sql_fetch_array($res)) {
if (in_array($row['id'], $_SESSION['export']['attrs'])) {
fwrite($exportfile, trim(stripslashes($row['name'])).$col_delim);
array_push($attributes, array('id' => $row['id'], 'type' => $row['type']));
}
}
}
$exporthistory = 0;
if ($_SESSION['export']['column'] == 'listentered') {
$column = 'listuser.entered';
} elseif ($_SESSION['export']['column'] == 'historyentry') {
$column = 'user_history.date';
$querytables .= ', '.$GLOBALS['tables']['user_history'].' user_history ';
$subselect .= ' and user_history.userid = user.id and user_history.summary = "Profile edit"';
fwrite($exportfile, 'IP'.$col_delim);
fwrite($exportfile, 'Change Summary'.$col_delim);
fwrite($exportfile, 'Change Detail'.$col_delim);
$exporthistory = 1;
} else {
switch ($_SESSION['export']['column']) {
case 'entered':
$column = 'user.entered';
break;
default:
$column = 'user.modified';
break;
}
}
//#$subselect .= ' limit 500'; // just to test the progress meter
if ($list) {
$query = sprintf('select * from
%s where user.id = listuser.userid and listuser.listid = %d and %s >= "%s 00:00:00" and %s <= "%s 23:59:59" %s
', $querytables, $list, $column, $fromdate, $column, $todate, $subselect)
;
} else {
$query = sprintf('
select * from %s where %s >= "%s 00:00:00" and %s <= "%s 23:59:59" %s',
$querytables, $column, $fromdate, $column, $todate, $subselect);
}
if (VERBOSE) {
cl_output(' SQL '.$query);
}
$result = Sql_query($query);
$todo = Sql_Affected_Rows();
$done = 0;
fwrite($exportfile, s('List Membership').$row_delim);
while ($user = Sql_fetch_assoc($result)) {
//# re-verify the blacklist status
if (empty($user['blacklisted']) && isBlackListed($user['email'])) {
$user['blacklisted'] = 1;
Sql_Query(sprintf('update %s set blacklisted = 1 where email = "%s"', $GLOBALS['tables']['user'],
$user['email']));
}
set_time_limit(500);
if ($done % 50 == 0) {
if (!$GLOBALS['commandline']) {
echo '<script type="text/javascript">
var parentJQuery = window.parent.jQuery;
parentJQuery("#progressbar").updateProgress("' .$done.','.$todo.'");
</script>';
flush();
} else {
cl_progress($done.' out of '.$todo);
}
}
++$done;
reset($_SESSION['export']['cols']);
foreach ($_SESSION['export']['cols'] as $key => $val) {
if (VERBOSE) {
cl_output($key.' '.$val.' '.$user[$val].' '.strtr($user[$val], $col_delim, ',').$col_delim);
}
fwrite($exportfile, strtr(cleanForExport($user[$val]), $col_delim, ',').$col_delim);
}
reset($attributes);
foreach ($attributes as $key => $val) {
$value = UserAttributeValue($user['id'], $val['id']);
if (VERBOSE) {
cl_output($key.' '.$val.' '.quoteEnclosed($value, $col_delim, $row_delim).$col_delim);
}
fwrite($exportfile, quoteEnclosed(cleanForExport($value), $col_delim, $row_delim).$col_delim);
}
if ($exporthistory) {
fwrite($exportfile, quoteEnclosed($user['ip'], $col_delim, $row_delim).$col_delim);
fwrite($exportfile, quoteEnclosed($user['summary'], $col_delim, $row_delim).$col_delim);
fwrite($exportfile, quoteEnclosed($user['detail'], $col_delim, $row_delim).$col_delim);
}
$lists = Sql_query("select listid,name from
{$tables['listuser']},{$tables['list']} where userid = ".$user['id']." and
{$tables['listuser']}.listid = {$tables['list']}.id $listselect_and");
if (!Sql_Affected_rows($lists)) {
fwrite($exportfile, 'No Lists');
}
while ($list = Sql_fetch_array($lists)) {
fwrite($exportfile, stripslashes($list['name']).'; ');
}
fwrite($exportfile, $row_delim);
}
if (!$GLOBALS['commandline']) {
echo '<script type="text/javascript">
var parentJQuery = window.parent.jQuery;
parentJQuery("#busyimage").show();
parentJQuery("#progressbar").updateProgress("' .$todo.','.$todo.'");
parentJQuery("#busyimage").hide();
parentJQuery("#progresscount").html("' .s('All done').'");
</script>';
flush();
$_SESSION['export']['fileready'] = $exportfileName;
echo '<script type="text/javascript">
document.location = document.location;
</script>';
} else {
rename($exportfileName,$GLOBALS['tmpdir'].'/'.$filename);
cl_output(s('File available as "%s"',$GLOBALS['tmpdir'].'/'.$filename));
}