Revision 106
Added by stefan about 19 years ago
view.php | ||
---|---|---|
113 | 113 |
$query_settings = $database->query("SELECT header,field_loop,footer FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); |
114 | 114 |
if($query_settings->numRows() > 0) { |
115 | 115 |
$fetch_settings = $query_settings->fetchRow(); |
116 |
$header = $this->strip_slashes_dummy($fetch_settings['header']);
|
|
117 |
$field_loop = $this->strip_slashes_dummy($fetch_settings['field_loop']);
|
|
118 |
$footer = $this->strip_slashes_dummy($fetch_settings['footer']);
|
|
116 |
$header = $fetch_settings['header'];
|
|
117 |
$field_loop = $fetch_settings['field_loop'];
|
|
118 |
$footer = $fetch_settings['footer'];
|
|
119 | 119 |
} else { |
120 | 120 |
$header = ''; |
121 | 121 |
$field_loop = ''; |
... | ... | |
136 | 136 |
while($field = $query_fields->fetchRow()) { |
137 | 137 |
// Set field values |
138 | 138 |
$field_id = $field['field_id']; |
139 |
$value = $this->strip_slashes_dummy($field['value']);
|
|
139 |
$value = $field['value'];
|
|
140 | 140 |
// Print field_loop after replacing vars with values |
141 | 141 |
$vars = array('{TITLE}', '{REQUIRED}'); |
142 | 142 |
$values = array($field['title']); |
... | ... | |
198 | 198 |
$query_settings = $database->query("SELECT email_to,email_from,email_subject,success_message,max_submissions,stored_submissions FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); |
199 | 199 |
if($query_settings->numRows() > 0) { |
200 | 200 |
$fetch_settings = $query_settings->fetchRow(); |
201 |
$email_to = $this->strip_slashes_dummy($fetch_settings['email_to']);
|
|
202 |
$email_from = $this->strip_slashes_dummy($fetch_settings['email_from']);
|
|
201 |
$email_to = $fetch_settings['email_to'];
|
|
202 |
$email_from = $fetch_settings['email_from'];
|
|
203 | 203 |
if(substr($email_from, 0, 5) == 'field') { |
204 | 204 |
// Set the email from field to what the user entered in the specified field |
205 |
$email_from = $this->add_slashes($_POST[$email_from]);
|
|
205 |
$email_from = $wb->add_slashes($_POST[$email_from]);
|
|
206 | 206 |
} |
207 |
$email_subject = $this->strip_slashes_dummy($fetch_settings['email_subject']);
|
|
208 |
$success_message = $this->strip_slashes_dummy($fetch_settings['success_message']);
|
|
209 |
$max_submissions = $this->strip_slashes_dummy($fetch_settings['max_submissions']);
|
|
210 |
$stored_submissions = $this->strip_slashes_dummy($fetch_settings['stored_submissions']);
|
|
207 |
$email_subject = $fetch_settings['email_subject'];
|
|
208 |
$success_message = $fetch_settings['success_message'];
|
|
209 |
$max_submissions = $fetch_settings['max_submissions'];
|
|
210 |
$stored_submissions = $fetch_settings['stored_submissions'];
|
|
211 | 211 |
} else { |
212 | 212 |
exit($TEXT['UNDER_CONSTRUCTION']); |
213 | 213 |
} |
... | ... | |
231 | 231 |
} elseif (!is_array($_POST['field'.$field['field_id']])) { |
232 | 232 |
$email_body .= ' |
233 | 233 |
|
234 |
'.$this->strip_slashes_dummy($field['title']).': '.$_POST['field'.$field['field_id']]."\n";
|
|
234 |
'.$field['title'].': '.$_POST['field'.$field['field_id']]."\n";
|
|
235 | 235 |
} else { |
236 | 236 |
$email_body .= ' |
237 | 237 |
|
238 |
'.$this->strip_slashes_dummy($field['title']).": \n";
|
|
238 |
'.$field['title'].": \n";
|
|
239 | 239 |
foreach ($_POST['field'.$field['field_id']] as $k=>$v) { |
240 | 240 |
$email_body .= ' |
241 | 241 |
|
... | ... | |
243 | 243 |
} |
244 | 244 |
} |
245 | 245 |
} elseif($field['required'] == 1) { |
246 |
$required[] = $this->strip_slashes_dummy($field['title']);
|
|
246 |
$required[] = $field['title'];
|
|
247 | 247 |
} |
248 | 248 |
} |
249 | 249 |
} |
250 | 250 |
} |
251 | 251 |
|
252 | 252 |
// Addslashes to email body - proposed by Icheb in topic=1170.0 |
253 |
// $email_body = $this->add_slashes($email_body);
|
|
253 |
// $email_body = $wb->add_slashes($email_body);
|
|
254 | 254 |
|
255 | 255 |
// Check if the user forgot to enter values into all the required fields |
256 | 256 |
if($required != array()) { |
... | ... | |
288 | 288 |
} else { |
289 | 289 |
$submitted_by = 0; |
290 | 290 |
} |
291 |
$email_body = $this->add_slashes($email_body);
|
|
291 |
$email_body = $wb->add_slashes($email_body);
|
|
292 | 292 |
$database->query("INSERT INTO ".TABLE_PREFIX."mod_form_submissions (page_id,section_id,submitted_when,submitted_by,body) VALUES ('".PAGE_ID."','$section_id','".mktime()."','$submitted_by','$email_body')"); |
293 | 293 |
// Make sure submissions table isn't too full |
294 | 294 |
$query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions ORDER BY submitted_when"); |
Also available in: Unified diff
Renamed compatibility.php to frontend.functions.php.
Moved frontend functions from class frontend to frontend.functions.php.
Removed instances of strip_slashes_dummy. Replaced $this by $wb in a couple of places.
Created file initialize.php, where all initializations now take place (moved from class wb constructor).