Query Sent Mail body<= "Sent (does not guarantee that the message didn't bounce)", 'F' => "Failed to send", }; my $remote = LJ::get_remote(); my %canview; $canview{'abuse'} = 1 if (LJ::check_priv($remote, "supportread", "abuse")); $canview{'support'} = 1 if (LJ::check_priv($remote, "supportread", "support")); # Grouping this check for now, but leaving it so # it could be split up in the future should a need # arise if (LJ::check_priv($remote, "supportread", "accounts")) { $canview{'accounts'} = 1; $canview{'coppa'} = 1; } unless ($canview{'abuse'} || $canview{'support'} || $canview{'accounts'}) { return " If you need to file an abuse request, please do so at: $LJ::SITEROOT/abuse/report.bml
If you need to file a support request, please do so at: $LJ::SITEROOT/support/submit.bml p?>"; } if ($GET{'mode'} eq "view") { my $dbr = LJ::get_db_reader(); my $qmailid = $dbr->quote($GET{'mailid'}); $sth = $dbr->prepare("SELECT mailid, userid, spid, status, timesent, mailto, " . "subject, message, type FROM abuse_mail " . "WHERE mailid=$qmailid"); $sth->execute; my $mail = $sth->fetchrow_hashref; if ($canview{$mail->{'type'}}) { $ret .= "{'mailid'} h1?>"; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; if ($mail->{'spid'} != 0) { $ret .= ""; } else { $ret .= ""; } $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= ""; my $message = $mail->{message}; $message = LJ::auto_linkify($message); $message =~ s/\r?\n/
\n/g; $ret .= ""; $ret .= "

Mail ID:	$mail->{'mailid'}
Status:	$status->{$mail->{'status'}}
Request #:	"; $ret .= "$mail->{'spid'}	N/A
Sent By:	" . LJ::ljuser(LJ::get_username($mail->{'userid'})) . "
From:	$mail->{'type'}\@$LJ::DOMAIN
Recipient:	$mail->{'mailto'}
Sent:	$mail->{'timesent'}
Subject:	$mail->{'subject'}
Message:	$message

"; $ret .= ""; $ret .= "<< View Results"; } else { $ret .= LJ::bad_input('You are not authorized to view this message'); } } else { $ret .= "\n"; $ret .= '

'; $ret .= ''; $ret .= ""; $ret .= ""; $ret .= ""; $ret .= "

Restrict:	"; my @type = ("", "All"); push @type, ('abuse' => "abuse\@$LJ::DOMAIN") if $canview{'abuse'}; push @type, ('accounts' => "accounts\@$LJ::DOMAIN") if $canview{'accounts'}; push @type, ('coppa' => "coppa\@$LJ::DOMAIN") if $canview{'coppa'}; push @type, ('support' => "support\@$LJ::DOMAIN") if $canview{'support'}; $ret .= LJ::html_select({ 'name' => 'restrict', 'selected' => $GET{'restrict'} }, @type); $ret .= "
Method:	"; $ret .= LJ::html_select({'name' => 'method', 'selected' => $GET{'method'}}, 'sender' => "Username of Sender", 'spid' => "Tied to Request #", 'mailto' => "Sent to address or user", ); $ret .= "
Value:	"; $ret .= LJ::html_text({ 'name' => 'value', 'value' => $GET{'value'}, 'size' => 30 }); $ret .= "

"; return $ret unless $GET{'mode'}; if ($GET{'mode'} eq "list") { my $dbr = LJ::get_db_reader(); $ret .= ""; # Default condition of nothing versus everything my $where = "WHERE 0"; if ($GET{'method'} eq "sender") { my $userid = LJ::get_userid($GET{'value'}); unless ($userid) { $ret .= " "; return $ret; } $where = "WHERE userid=$userid"; } elsif ($GET{'method'} eq "spid") { $where = "WHERE spid=" . $dbr->quote($GET{'value'}); } elsif ($GET{'method'} eq "mailto") { my $email; my $u = LJ::load_user($GET{'value'}); if ($u) { $email = $u->{'email'}; } else { # Assume we got an email address $email = $GET{'value'}; my @email_errors; LJ::check_email($email, \@email_errors); if (@email_errors) { $ret .= " "; return $ret; } } $where = "WHERE mailto=" . $dbr->quote($email); } # See if they are limiting the search and # make sure they are able to view that type if ($GET{'restrict'} ne '') { return LJ::bad_input('Not authorized to view that type') unless $canview{$GET{'restrict'}}; my $r = $dbr->quote($GET{'restrict'}); $where .= " AND type=$r"; } else { #Limit them to the types they can see $where .= " AND type IN(" . join(',', map { $dbr->quote($_) } keys %canview) . ')'; } $sth = $dbr->prepare("SELECT mailid, userid, spid, status, " . "timesent, mailto, subject, type " . "FROM abuse_mail $where"); $sth->execute; my $show_total = 50; my $row_ct = 0; my $row_show = 0; my $row_skip = 0; my $row_html; while (my $row = $sth->fetchrow_hashref) { $row_ct++; next if $GET{'skip'} && ++$row_skip <= $GET{'skip'}; if ($row_show < $show_total) { $row_show++; $row_html .= "(link)"; my $username = LJ::get_username($row->{'userid'}); $row_html .= "" . LJ::ljuser($username) . ""; if ($row->{'spid'} != 0) { $row_html .= "$row->{'spid'}"; } else { $row_html .= "N/A"; } $row_html .= "$row->{'status'}"; $row_html .= "$row->{'type'}"; $row_html .= "$row->{'timesent'}$row->{'mailto'}"; $row_html .= "$row->{'subject'}"; } } if ($row_ct eq 0) { $ret .= ""; return $ret; } $ret .= ""; $ret .= "DetailsSent ByRequest #"; $ret .= "StatusFromSentRecipientSubject"; $ret .= $row_html; my $slinks; if ($GET{'skip'}) { $slinks .= " $GET{'skip'} - $show_total}) . "\"><< Back "; } if ($row_show != $row_ct) { my $from = $GET{'skip'}+1; my $to = $row_show+$GET{'skip'}; $slinks .= "(Records $from-$to of $row_ct) "; } if ($GET{'skip'} + $row_show < $row_ct) { $slinks .= " $GET{'skip'} + $show_total}) . "\">Forward >> "; } $ret .= " p?>"; if ($slinks ne "") { $ret .= " "; } } else { $ret .= ""; } } return $ret; _code?> <=body page?>