How to isolate Campaign Templates to each Admin?

Burndog · September 15, 2017, 10:30pm

It’s great how each Admin have have their own set of Subscribers. But it seems all the Templates are available rather than have a separate set of Templates for each Admin.

Does anyone have any pointers on how to hack the code to assign a value to Templates so only those created (or assigned) to a specific Administrator show as an option?

######## FINAL SOLUTION

If anyone needs this functionality the addition of a new Column to the templates table which is used to assign an Admin to a template is required.

Next add the following code to send_core.php and templates.php where current $req Sql_Query exists:

if (isset($_SESSION['logindetails']['superuser']) && ($_SESSION['logindetails']['superuser'])== '1') {
    $req = Sql_Query("select * from {$tables['template']} order by listorder");
} else {
    $target = $_SESSION['logindetails']['id'];
    $req = Sql_Query("select * from {$tables['template']} where assignedAdmins = $target order by listorder");
}

The end result is being able to assign and isolate Templates to Admins while retaining full access to Super Users.

Burndog · September 16, 2017, 1:02am

Ok, now I’m confused…

My queries work fine, Session array variables properly target the logged in Admin but the results of the query still show both of the existing templates…

select * from phplist_template where assignedAdmins = 2 order by listorder

Changed code of templates.php where we establish a $target variable based on the logged in “id”:

<?php

require_once dirname(__FILE__).'/accesscheck.php';
echo 'Super User: '.$_SESSION['logindetails']['superuser'];
echo '<br>UserID: '. $target = $_SESSION['logindetails']['id'];
if (isset($_GET['delete'])) {
    // delete the index in delete
    $delete = sprintf('%d', $_GET['delete']);
    echo $GLOBALS['I18N']->get('Deleting')." $delete ...\n";
    $result = Sql_query('delete from '.$tables['template']." where id = $delete");
    $result = Sql_query('delete from '.$tables['templateimage']." where template = $delete");
    echo '... '.$GLOBALS['I18N']->get('Done')."<br /><hr /><br />\n";
}
if (isset($_POST['defaulttemplate'])) {
    saveConfig('defaultmessagetemplate', sprintf('%d', $_POST['defaulttemplate']));
}
if (isset($_POST['systemtemplate'])) {
    saveConfig('systemmessagetemplate', sprintf('%d', $_POST['systemtemplate']));
}
if (isset($_SESSION['logindetails']['superuser']) == '1') {
    $req = Sql_Query("select * from {$tables['template']} order by listorder");
} else {
    $req = Sql_Query("select * from {$tables['template']} where assignedAdmins = $target order by listorder");
}

SteveS · September 16, 2017, 9:05pm

Looks like you have a syntax error on this line:

if (isset($_SESSION['logindetails']['superuser']) == '1') {

Burndog · September 16, 2017, 9:07pm

I see… It’s a problem expecting concatenated conditions (isset and == 1)
Suggested change works perfectly screening templates not assigned to the logged in Admin.

Gracias!

SteveS · September 16, 2017, 9:14pm

Here is the error:

Parse error: syntax error, unexpected T_IF, expecting ',' or ';' in xxx

I would use:

if (isset($_SESSION['logindetails']['superuser']) && ($_SESSION['logindetails']['superuser']) == '1') {