Copyright (C) 2004-2005, Ryan Djurovich Website Baker is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. Website Baker is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Website Baker; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* The Website Baker Project would like to thank Rudolph Lartey for his contributions to this module - adding extra field types */ // Must include code to stop this file being access directly if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); } // Function for generating an optionsfor a select field function make_option(&$n) { // start option group if it exists if (substr($n,0,2) == '[=') { $n = ''; } elseif ($n == ']') { $n = ''; } else { $n = ''; } } // Function for generating a checkbox function make_checkbox(&$n, $idx, $params) { $field_id = $params[0]; $seperator = $params[1]; //$n = ''.''.$n.''.$seperator; $n = ''.''.$n.''.$seperator; } // Function for generating a radio button function make_radio(&$n, $idx, $params) { $field_id = $params[0]; $group = $params[1]; $seperator = $params[2]; $n = ''.''.$n.''.$seperator; } // Work-out if the form has been submitted or not if($_POST == array()) { ?> query("SELECT header,field_loop,footer FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); if($query_settings->numRows() > 0) { $fetch_settings = $query_settings->fetchRow(); $header = str_replace('{WB_URL}',WB_URL,$fetch_settings['header']); $field_loop = $fetch_settings['field_loop']; $footer = str_replace('{WB_URL}',WB_URL,$fetch_settings['footer']); } else { $header = ''; $field_loop = ''; $footer = ''; } // Add form starter code ?>
query("SELECT * FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id' ORDER BY position ASC"); if($query_fields->numRows() > 0) { while($field = $query_fields->fetchRow()) { // Set field values $field_id = $field['field_id']; $value = $field['value']; // Print field_loop after replacing vars with values $vars = array('{TITLE}', '{REQUIRED}'); $values = array($field['title']); if($field['required'] == 1) { $values[] = '*'; } else { $values[] = ''; } if($field['type'] == 'textfield') { $vars[] = '{FIELD}'; $values[] = ''; } elseif($field['type'] == 'textarea') { $vars[] = '{FIELD}'; $values[] = ''; } elseif($field['type'] == 'select') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_option'); $field['extra'] = explode(',',$field['extra']); $values[] = ''; } elseif($field['type'] == 'heading') { $vars[] = '{FIELD}'; $values[] = ''; $tmp_field_loop = $field_loop; // temporarily modify the field loop template $field_loop = $field['extra']; } elseif($field['type'] == 'checkbox') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_checkbox',array($field_id,$field['extra'])); $values[] = implode($options); } elseif($field['type'] == 'radio') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_radio',array($field_id,$field['title'],$field['extra'])); $values[] = implode($options); } elseif($field['type'] == 'email') { $vars[] = '{FIELD}'; $values[] = ''; } if($field['type'] != '') { echo str_replace($vars, $values, $field_loop); } if (isset($tmp_field_loop)) $field_loop = $tmp_field_loop; } } // Print footer echo $footer; // Add form end code ?>
query("SELECT email_to,email_from,email_subject,success_message,max_submissions,stored_submissions FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); if($query_settings->numRows() > 0) { $fetch_settings = $query_settings->fetchRow(); $email_to = $fetch_settings['email_to']; $email_from = $fetch_settings['email_from']; if(substr($email_from, 0, 5) == 'field') { // Set the email from field to what the user entered in the specified field $email_from = $wb->add_slashes($_POST[$email_from]); } $email_subject = $fetch_settings['email_subject']; $success_message = $fetch_settings['success_message']; $max_submissions = $fetch_settings['max_submissions']; $stored_submissions = $fetch_settings['stored_submissions']; } else { exit($TEXT['UNDER_CONSTRUCTION']); } $email_body = ''; // Create blank "required" array $required = array(); // Loop through fields and add to message body // Get list of fields $query_fields = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id' ORDER BY position ASC"); if($query_fields->numRows() > 0) { while($field = $query_fields->fetchRow()) { // Add to message body if($field['type'] != '') { if(!empty($_POST['field'.$field['field_id']])) { if($field['type'] == 'heading') { $email_body .= ' '.$_POST['field'.$field['field_id']]; } elseif (!is_array($_POST['field'.$field['field_id']])) { $email_body .= ' '.$field['title'].': '.$_POST['field'.$field['field_id']]."\n"; } else { $email_body .= ' '.$field['title'].": \n"; foreach ($_POST['field'.$field['field_id']] as $k=>$v) { $email_body .= ' '.$v; } } } elseif($field['required'] == 1) { $required[] = $field['title']; } } } } // Captcha if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) { /* Make's sure GD library is installed */ if(isset($_POST['captcha']) AND is_numeric($_POST['captcha']) AND strlen($_POST['captcha']) == 5) { // User-supplied captcha $user_captcha = $_POST['captcha']; // Computer generated if(isset($_SESSION['captcha'])) { $system_captcha = $_SESSION['captcha']; } // Check for a mismatch if($user_captcha != $system_captcha) { exit('Captcha mismatch'); } else { unset($_SESSION['captcha']); } } } // Addslashes to email body - proposed by Icheb in topic=1170.0 // $email_body = $wb->add_slashes($email_body); // Check if the user forgot to enter values into all the required fields if($required != array()) { if(!isset($MESSAGE['MOD_FORM']['REQUIRED_FIELDS'])) { echo 'You must enter details for the following fields'; } else { echo $MESSAGE['MOD_FORM']['REQUIRED_FIELDS']; } echo ':
'.$TEXT['BACK'].''; } else { // Check how many times form has been submitted in last hour $query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions WHERE submitted_when >= '3600'"); if($query_submissions->numRows() > $max_submissions) { // Too many submissions so far this hour echo $MESSAGE['MOD_FORM']['EXCESS_SUBMISSIONS']; $success = false; } else { // Now send the email if($email_to != '') { if($email_from != '') { if(mail($email_to,$email_subject,str_replace('\n', '', $email_body),"From: ".$email_from)) { $success = true; } } else { if(mail($email_to,$email_subject,str_replace('\n', '', $email_body))) { $success = true; } } } // Write submission to database if(isset($admin) AND $admin->get_user_id() > 0) { $admin->get_user_id(); } else { $submitted_by = 0; } $email_body = $wb->add_slashes($email_body); $database->query("INSERT INTO ".TABLE_PREFIX."mod_form_submissions (page_id,section_id,submitted_when,submitted_by,body) VALUES ('".PAGE_ID."','$section_id','".mktime()."','$submitted_by','$email_body')"); // Make sure submissions table isn't too full $query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions ORDER BY submitted_when"); $num_submissions = $query_submissions->numRows(); if($num_submissions > $stored_submissions) { // Remove excess submission $num_to_remove = $num_submissions-$stored_submissions; while($submission = $query_submissions->fetchRow()) { if($num_to_remove > 0) { $submission_id = $submission['submission_id']; $database->query("DELETE FROM ".TABLE_PREFIX."mod_form_submissions WHERE submission_id = '$submission_id'"); $num_to_remove = $num_to_remove-1; } } } if(!$database->is_error()) { $success = true; } } // Now check if the email was sent successfully if(isset($success) AND $success == true) { echo $success_message; } else { echo $TEXT['ERROR']; } } } ?>