Revision 1801
Added by Dietmar almost 12 years ago
| branches/2.8.x/CHANGELOG | ||
|---|---|---|
| 13 | 13 |
|
| 14 | 14 |
|
| 15 | 15 |
|
| 16 |
31 Oct-2012 Build 1801 Dietmar Woellbrink (Luisehahne) |
|
| 17 |
! upgrade-script: update if filesRemove or remove dirs failed |
|
| 18 |
! update methode StripCodeFromText, add remove <?php ... ?>, |
|
| 19 |
! security fixes in form modul with StripCodeFromText |
|
| 16 | 20 |
29 Oct-2012 Build 1800 Dietmar Woellbrink (Luisehahne) |
| 17 | 21 |
# add missing lang var in account/languages/EN.PHP |
| 18 | 22 |
29 Oct-2012 Build 1799 Dietmar Woellbrink (Luisehahne) |
| branches/2.8.x/wb/upgrade-script.php | ||
|---|---|---|
| 66 | 66 |
'[ADMIN]/themes/', |
| 67 | 67 |
); |
| 68 | 68 |
|
| 69 |
if(version_compare(WB_REVISION, '1791', '<'))
|
|
| 69 |
if(version_compare(WB_REVISION, VERSION, '<='))
|
|
| 70 | 70 |
{
|
| 71 | 71 |
$filesRemove['0'] = array( |
| 72 | 72 |
|
| ... | ... | |
| 857 | 857 |
// try to unlink file |
| 858 | 858 |
if(!unlink(WB_PATH.$file)) {
|
| 859 | 859 |
// save in err-list, if failed |
| 860 |
$msg .= $file.'<br />'; |
|
| 861 |
} else {
|
|
| 862 |
$msg .= $file.'<br />'; |
|
| 863 |
} |
|
| 860 |
} |
|
| 864 | 861 |
} |
| 862 |
if( is_readable(WB_PATH.'/'.$file) ) {
|
|
| 863 |
$msg .= $file.'<br />'; |
|
| 864 |
} |
|
| 865 | 865 |
} |
| 866 | 866 |
|
| 867 | 867 |
if($msg != '') |
| ... | ... | |
| 911 | 911 |
// try to delete dir |
| 912 | 912 |
if(!is_writable( $dir ) || !rm_full_dir($dir)) {
|
| 913 | 913 |
// save in err-list, if failed |
| 914 |
$msg .= str_replace(WB_PATH,'',$dir).'<br />'; |
|
| 914 |
if( is_readable(WB_PATH.'/'.$file) ) {
|
|
| 915 |
$msg .= str_replace(WB_PATH,'',$dir).'<br />'; |
|
| 916 |
} |
|
| 915 | 917 |
} |
| 916 | 918 |
} |
| 917 | 919 |
} |
| ... | ... | |
| 939 | 941 |
* upgrade modules if newer version is available |
| 940 | 942 |
* $aModuleList list of proofed modules |
| 941 | 943 |
*/ |
| 942 |
$sModuleList = 'news,wysiwyg,form,any';
|
|
| 944 |
$sModuleList = 'news,wysiwyg,form'; |
|
| 943 | 945 |
$aModuleList = explode(',', (defined('MODULES_UPGRADE_LIST') ? MODULES_UPGRADE_LIST : $sModuleList));
|
| 944 | 946 |
echo '<h3>Step '.(++$stepID).': Upgrade proofed modules</h3>'; |
| 945 | 947 |
// $aModuleList = array('news');
|
| branches/2.8.x/wb/admin/interface/version.php | ||
|---|---|---|
| 51 | 51 |
|
| 52 | 52 |
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled) |
| 53 | 53 |
if(!defined('VERSION')) define('VERSION', '2.8.3');
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1800');
|
|
| 54 |
if(!defined('REVISION')) define('REVISION', '1801');
|
|
| 55 | 55 |
if(!defined('SP')) define('SP', '');
|
| branches/2.8.x/wb/framework/class.wb.php | ||
|---|---|---|
| 664 | 664 |
|
| 665 | 665 |
/** |
| 666 | 666 |
* |
| 667 |
* remove [[text]], link, script, scriptblock and styleblock from a given string |
|
| 667 |
* remove <?php code ?>, [[text]], link, script, scriptblock and styleblock from a given string
|
|
| 668 | 668 |
* and return the cleaned string |
| 669 | 669 |
* |
| 670 | 670 |
* @param string $sValue |
| ... | ... | |
| 672 | 672 |
* false: if @param is not a string |
| 673 | 673 |
* string: cleaned string |
| 674 | 674 |
*/ |
| 675 |
public function StripCodeFromText($sValue){
|
|
| 675 |
public function StripCodeFromText($sValue, $bPhpCode=false){
|
|
| 676 | 676 |
if(!is_string($sValue)) { return false; }
|
| 677 |
$sValue = ( ($bPhpCode==true) ? preg_replace ('/\[\[.*?\]\]\s*?|<\?php\s+.*\?>\s*?/isU', '', $sValue ) : $sValue );
|
|
| 677 | 678 |
$sPattern = '/\[\[.*?\]\]\s*?|<!--\s+.*?-->\s*?|<(script|link|style)[^>]*\/>\s*?|<(script|link|style)[^>]*?>.*?<\/\2>\s*?|\s*$/isU'; |
| 678 | 679 |
return (preg_replace ($sPattern, '', $sValue)); |
| 679 | 680 |
} |
| branches/2.8.x/wb/modules/form/modify_settings.php | ||
|---|---|---|
| 160 | 160 |
<tr> |
| 161 | 161 |
<td class="frm-setting_name"><?php echo $TEXT['DISPLAY_NAME']; ?>:</td> |
| 162 | 162 |
<td class="frm-setting_value"> |
| 163 |
<input type="text" name="email_fromname" id="email_fromname" style="width: 98%; ?>;" maxlength="255" value="<?php echo $setting['success_email_fromname']; ?>" />
|
|
| 163 |
<input type="text" name="email_fromname" id="email_fromname" style="width: 98%; ?>;" maxlength="255" value="<?php echo $setting['email_fromname']; ?>" /> |
|
| 164 | 164 |
</td> |
| 165 | 165 |
</tr> |
| 166 | 166 |
<tr> |
| branches/2.8.x/wb/modules/form/view.php | ||
|---|---|---|
| 62 | 62 |
function make_option(&$n, $k, $values) {
|
| 63 | 63 |
// start option group if it exists |
| 64 | 64 |
if (substr($n,0,2) == '[=') {
|
| 65 |
$n = '<optgroup label="'.substr($n,2,strlen($n)).'">'.PHP_EOL;
|
|
| 65 |
$n = '<optgroup label="'.substr($n,2,strlen($n)).'">'; |
|
| 66 | 66 |
} elseif ($n == ']') {
|
| 67 |
$n = '</optgroup>'.PHP_EOL;
|
|
| 67 |
$n = '</optgroup>'."\n";
|
|
| 68 | 68 |
} else {
|
| 69 | 69 |
if(in_array($n, $values)) {
|
| 70 |
$n = '<option selected="selected" value="'.$n.'">'.$n.'</option>'.PHP_EOL;
|
|
| 70 |
$n = '<option selected="selected" value="'.$n.'">'.$n.'</option>'."\n";
|
|
| 71 | 71 |
} else {
|
| 72 |
$n = '<option value="'.$n.'">'.$n.'</option>'.PHP_EOL;
|
|
| 72 |
$n = '<option value="'.$n.'">'.$n.'</option>'."\n";
|
|
| 73 | 73 |
} |
| 74 | 74 |
} |
| 75 | 75 |
} |
| ... | ... | |
| 82 | 82 |
|
| 83 | 83 |
$label_id = 'wb_'.preg_replace('/[^a-z0-9]/i', '_', $key).$field_id;
|
| 84 | 84 |
if(in_array($key, $params[1])) {
|
| 85 |
$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</lable>'.$seperator.PHP_EOL;
|
|
| 85 |
$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</lable>'.$seperator; |
|
| 86 | 86 |
} else {
|
| 87 |
$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</label>'.$seperator.PHP_EOL;
|
|
| 87 |
$key = '<input class="frm-field_checkbox" type="checkbox" id="'.$label_id.'" name="field'.$field_id.'['.$idx.']" value="'.$key.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$key.'</label>'.$seperator; |
|
| 88 | 88 |
} |
| 89 | 89 |
} |
| 90 | 90 |
} |
| ... | ... | |
| 96 | 96 |
$seperator = $params[2]; |
| 97 | 97 |
$label_id = 'wb_'.preg_replace('/[^a-z0-9]/i', '_', $n).$field_id;
|
| 98 | 98 |
if($n == $params[3]) {
|
| 99 |
$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" checked="checked" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator.PHP_EOL;
|
|
| 99 |
$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" checked="checked" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator; |
|
| 100 | 100 |
} else {
|
| 101 |
$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator.PHP_EOL;
|
|
| 101 |
$n = '<input class="frm-field_checkbox" type="radio" id="'.$label_id.'" name="field'.$field_id.'" value="'.$n.'" />'.'<label for="'.$label_id.'" class="frm-checkbox_label">'.$n.'</label>'.$seperator; |
|
| 102 | 102 |
} |
| 103 | 103 |
} |
| 104 | 104 |
} |
| ... | ... | |
| 202 | 202 |
if (($field['type'] == "radio") || ($field['type'] == "checkbox")) {
|
| 203 | 203 |
$field_title = $field['title']; |
| 204 | 204 |
} else {
|
| 205 |
$field_title = '<label for="field'.$field_id.'">'.$field['title'].'</label>'.PHP_EOL;
|
|
| 205 |
$field_title = '<label for="field'.$field_id.'">'.$field['title'].'</label>'; |
|
| 206 | 206 |
} |
| 207 | 207 |
$values = array($field_title); |
| 208 | 208 |
if ($field['required'] == 1) {
|
| 209 |
$values[] = '<span class="frm-required">*</span>'."\n";
|
|
| 209 |
$values[] = '<span class="frm-required">*</span>'; |
|
| 210 | 210 |
} else {
|
| 211 | 211 |
$values[] = ''; |
| 212 | 212 |
} |
| 213 | 213 |
if($field['type'] == 'textfield') {
|
| 214 | 214 |
$vars[] = '{FIELD}';
|
| 215 | 215 |
$max_lenght_para = (intval($field['extra']) ? ' maxlength="'.intval($field['extra']).'"' : ''); |
| 216 |
$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'"'.$max_lenght_para.' value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'" class="frm-textfield" />'.PHP_EOL;
|
|
| 216 |
$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'"'.$max_lenght_para.' value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'" class="frm-textfield" />'; |
|
| 217 | 217 |
} elseif($field['type'] == 'textarea') {
|
| 218 | 218 |
$vars[] = '{FIELD}';
|
| 219 |
$values[] = '<textarea name="field'.$field_id.'" id="field'.$field_id.'" class="frm-textarea" cols="30" rows="8">'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'</textarea>'.PHP_EOL;
|
|
| 219 |
$values[] = '<textarea name="field'.$field_id.'" id="field'.$field_id.'" class="frm-textarea" cols="30" rows="8">'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:$value).'</textarea>'; |
|
| 220 | 220 |
} elseif($field['type'] == 'select') {
|
| 221 | 221 |
$vars[] = '{FIELD}';
|
| 222 | 222 |
$options = explode(',', $value);
|
| 223 | 223 |
array_walk($options, 'make_option', (isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:array())); |
| 224 | 224 |
$field['extra'] = explode(',',$field['extra']);
|
| 225 | 225 |
$field['extra'][1] = ($field['extra'][1]=='multiple') ? $field['extra'][1].'="'.$field['extra'][1].'"' : ''; |
| 226 |
$values[] = '<select name="field'.$field_id.'[]" id="field'.$field_id.'" size="'.$field['extra'][0].'" '.$field['extra'][1].' class="frm-select">'.implode($options).'</select>'.PHP_EOL;
|
|
| 226 |
$values[] = '<select name="field'.$field_id.'[]" id="field'.$field_id.'" size="'.$field['extra'][0].'" '.$field['extra'][1].' class="frm-select">'.implode($options).'</select>'."\n";
|
|
| 227 | 227 |
} elseif($field['type'] == 'heading') {
|
| 228 | 228 |
$vars[] = '{FIELD}';
|
| 229 | 229 |
$str = '<input type="hidden" name="field'.$field_id.'" id="field'.$field_id.'" value="===['.$field['title'].']===" />'; |
| ... | ... | |
| 247 | 247 |
} elseif($field['type'] == 'email') {
|
| 248 | 248 |
$vars[] = '{FIELD}';
|
| 249 | 249 |
$max_lenght_para = (intval($field['extra']) ? ' maxlength="'.intval($field['extra']).'"' : ''); |
| 250 |
$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'" value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:'').'"'.$max_lenght_para.' class="frm-email" />'.PHP_EOL;
|
|
| 250 |
$values[] = '<input type="text" name="field'.$field_id.'" id="field'.$field_id.'" value="'.(isset($_SESSION['field'.$field_id])?$_SESSION['field'.$field_id]:'').'"'.$max_lenght_para.' class="frm-email" />'; |
|
| 251 | 251 |
} |
| 252 | 252 |
if(isset($_SESSION['field'.$field_id])) unset($_SESSION['field'.$field_id]); |
| 253 | 253 |
if($field['type'] != '') {
|
| ... | ... | |
| 381 | 381 |
} |
| 382 | 382 |
if(isset($_SESSION['captcha'])) { unset($_SESSION['captcha']); }
|
| 383 | 383 |
|
| 384 |
/* for StripCodeFromText test only |
|
| 385 |
[[loginbox]] |
|
| 386 |
|
|
| 387 |
<script type="text/javascript"> |
|
| 388 |
var WB_URL = '{WB_URL}';
|
|
| 389 |
var THEME_URL = '{THEME_URL}';
|
|
| 390 |
var ADMIN_URL = '{ADMIN_URL}';
|
|
| 391 |
var LANGUAGE = '{LANGUAGE}';
|
|
| 392 |
</script> |
|
| 393 |
|
|
| 394 |
Hier testen wir Module und stellen Tutorials zur Verfügung |
|
| 395 |
|
|
| 396 |
<?php |
|
| 397 |
function confirm_link(message, url) {
|
|
| 398 |
if(confirm(message)) location.href = url; |
|
| 399 |
} |
|
| 400 |
?> |
|
| 401 |
*/ |
|
| 402 |
// |
|
| 403 |
|
|
| 384 | 404 |
// Loop through fields and add to message body |
| 385 | 405 |
// Get list of fields |
| 386 | 406 |
$sql = 'SELECT * FROM `'.TABLE_PREFIX.'mod_form_fields` '; |
| ... | ... | |
| 393 | 413 |
if($field['type'] != '') {
|
| 394 | 414 |
if(!empty($_POST['field'.$field['field_id']])) |
| 395 | 415 |
{
|
| 396 |
// do not allow droplets in user input! |
|
| 397 |
if (is_array($_POST['field'.$field['field_id']])) {
|
|
| 398 |
$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("[[", "]]"), $wb->strip_slashes($_POST['field'.$field['field_id']]));
|
|
| 416 |
$sPostVar = ''; |
|
| 417 |
$aPostVar['field'.$field['field_id']] = array(); |
|
| 418 |
// do not allow code in user input! |
|
| 419 |
if (is_array($_POST['field'.$field['field_id']])) {
|
|
| 420 |
|
|
| 421 |
foreach ($_POST['field'.$field['field_id']] as $key=>$val) {
|
|
| 422 |
$aPostVar['field'.$field['field_id']][$key] = $wb->strip_slashes($wb->StripCodeFromText($val),true); |
|
| 423 |
} |
|
| 424 |
$_SESSION['field'.$field['field_id']] = $aPostVar['field'.$field['field_id']]; |
|
| 399 | 425 |
} else {
|
| 400 |
$_SESSION['field'.$field['field_id']] = str_replace(array("[[", "]]"), array("[[", "]]"), htmlspecialchars($wb->strip_slashes($_POST['field'.$field['field_id']])));
|
|
| 426 |
$sPostVar = $wb->strip_slashes($wb->StripCodeFromText($wb->get_post('field'.$field['field_id']),true));
|
|
| 427 |
$_SESSION['field'.$field['field_id']] = $sPostVar; |
|
| 401 | 428 |
} |
| 402 | 429 |
|
| 403 |
if($field['type'] == 'email' AND $wb->validate_email($_POST['field'.$field['field_id']]) == false) {
|
|
| 430 |
if($field['type'] == 'email' AND $wb->validate_email($sPostVar) == false) {
|
|
| 404 | 431 |
$email_error = $MESSAGE['USERS_INVALID_EMAIL']; |
| 405 | 432 |
$required[]= ''; |
| 406 | 433 |
} |
| 407 | 434 |
if($field['type'] == 'heading') {
|
| 408 |
$email_body .= $_POST['field'.$field['field_id']]."\n\n"; |
|
| 409 |
} elseif (!is_array($_POST['field'.$field['field_id']])) {
|
|
| 410 |
$email_body .= $field['title'].': '.$_POST['field'.$field['field_id']]."\n\n"; |
|
| 411 |
} else {
|
|
| 412 |
$email_body .= $field['title'].": \n"; |
|
| 413 |
foreach ($_POST['field'.$field['field_id']] as $k=>$v) {
|
|
| 414 |
$email_body .= $v."\n"; |
|
| 435 |
$email_body .= $sPostVar."\n\n"; |
|
| 436 |
|
|
| 437 |
} elseif (($sPostVar!='')) {
|
|
| 438 |
$email_body .= $field['title'].": ".$sPostVar."\n\n"; |
|
| 439 |
} elseif(sizeof($aPostVar['field'.$field['field_id']] > 0) ) {
|
|
| 440 |
$email_body .= $field['title'].": "; |
|
| 441 |
foreach ($aPostVar['field'.$field['field_id']] as $key=>$val) {
|
|
| 442 |
$email_body .= $val."\n"; |
|
| 415 | 443 |
} |
| 416 | 444 |
$email_body .= "\n"; |
| 417 | 445 |
} |
| ... | ... | |
| 561 | 589 |
} // email_error |
| 562 | 590 |
} else {
|
| 563 | 591 |
|
| 564 |
echo '<p> </p>'.PHP_EOL.'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'.PHP_EOL;
|
|
| 592 |
echo '<p> </p>'."\n".'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'."\n";
|
|
| 565 | 593 |
} |
| 566 | 594 |
|
| 567 | 595 |
$success_page = ( (isset($success_page) ) ? $success_page : $page_id); |
| ... | ... | |
| 647 | 675 |
} else {
|
| 648 | 676 |
if(isset($success) && $success == false) {
|
| 649 | 677 |
echo '<br />'.$MOD_FORM['ERROR']; |
| 650 |
echo '<p> </p>'.PHP_EOL.'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'.PHP_EOL;
|
|
| 678 |
echo '<p> </p>'."\n".'<p><a href="'.htmlspecialchars(strip_tags($_SERVER['SCRIPT_NAME'])).'">'.$TEXT['BACK'].'</a></p>'."\n";
|
|
| 651 | 679 |
} |
| 652 | 680 |
} |
| 653 | 681 |
|
| branches/2.8.x/wb/modules/form/save_settings.php | ||
|---|---|---|
| 48 | 48 |
// load module language file |
| 49 | 49 |
$lang = (dirname(__FILE__)) . '/languages/' . LANGUAGE . '.php'; |
| 50 | 50 |
require_once(!file_exists($lang) ? (dirname(__FILE__)) . '/languages/EN.php' : $lang ); |
| 51 |
// later in upgrade.php |
|
| 51 |
// later in upgrade.php (add pagination)
|
|
| 52 | 52 |
$table_name = TABLE_PREFIX.'mod_form_settings'; |
| 53 | 53 |
$field_name = 'perpage_submissions'; |
| 54 | 54 |
$description = "INT NOT NULL DEFAULT '10' AFTER `max_submissions`"; |
| 55 |
if(!$database->field_exists($table_name,$field_name)) {
|
|
| 56 |
$database->field_add($table_name, $field_name, $description); |
|
| 57 |
} |
|
| 55 |
$database->field_add($table_name, $field_name, $description); |
|
| 58 | 56 |
|
| 59 |
|
|
| 60 | 57 |
// This code removes any <?php tags and adds slashes |
| 61 | 58 |
$friendly = array('<', '>', '?php');
|
| 62 | 59 |
$raw = array('<', '>', '');
|
| 63 |
$header = $admin->add_slashes($_POST['header']); |
|
| 64 |
$field_loop = $admin->add_slashes($_POST['field_loop']); |
|
| 65 |
$footer = $admin->add_slashes($_POST['footer']); |
|
| 66 |
$email_to = $admin->add_slashes($_POST['email_to']); |
|
| 60 |
|
|
| 61 |
//$header = CleanInput('header');
|
|
| 62 |
$header = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('header'),true));
|
|
| 63 |
//$field_loop = CleanInput('field_loop');
|
|
| 64 |
$field_loop = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('field_loop'),true));
|
|
| 65 |
//$footer = CleanInput('footer');
|
|
| 66 |
$footer = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('footer'),true));
|
|
| 67 |
//$email_to = CleanInput('email_to');
|
|
| 68 |
$email_to = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_to'),true));
|
|
| 67 | 69 |
$email_to = ($email_to != '' ? $email_to : emailAdmin()); |
| 68 | 70 |
$email_from = $admin->add_slashes(SERVER_EMAIL); |
| 69 |
$use_captcha = $admin->add_slashes($_POST['use_captcha']); |
|
| 70 |
/* |
|
| 71 |
if( isset($_POST['email_from_field']) && ($_POST['email_from_field'] != '')) {
|
|
| 72 |
$email_from = $admin->add_slashes($_POST['email_from_field']); |
|
| 73 |
} else {
|
|
| 74 |
$email_from = $admin->add_slashes($_POST['email_from']); |
|
| 75 |
} |
|
| 76 |
*/ |
|
| 71 |
//$use_captcha =CleanInput('use_captcha');
|
|
| 72 |
$use_captcha = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('use_captcha'),true));
|
|
| 73 |
|
|
| 77 | 74 |
if( isset($_POST['email_fromname_field']) && ($_POST['email_fromname_field'] != '')) {
|
| 78 |
$email_fromname = $admin->add_slashes($_POST['email_fromname_field']);
|
|
| 75 |
$email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_fromname_field'),true));
|
|
| 79 | 76 |
} else {
|
| 80 |
$email_fromname = $admin->add_slashes($_POST['email_fromname']);
|
|
| 77 |
$email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_fromname'),true));
|
|
| 81 | 78 |
} |
| 82 | 79 |
|
| 83 |
$email_subject = $admin->add_slashes($_POST['email_subject']);
|
|
| 84 |
$email_subject = (($email_subject != '') ? $email_subject : '');
|
|
| 85 |
$success_page = $admin->add_slashes($_POST['success_page']);
|
|
| 86 |
$success_email_to = $admin->add_slashes($_POST['success_email_to']);
|
|
| 80 |
$email_fromname = ($email_fromname != '' ? $email_fromname : WBMAILER_DEFAULT_SENDERNAME);
|
|
| 81 |
$email_subject = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('email_subject'),true));
|
|
| 82 |
$success_page = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_page'),true));
|
|
| 83 |
$success_email_to = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_to'),true));
|
|
| 87 | 84 |
$success_email_from = $admin->add_slashes(SERVER_EMAIL); |
| 88 |
$success_email_fromname = $admin->add_slashes($_POST['success_email_fromname']);
|
|
| 89 |
$success_email_fromname = ($success_email_fromname != '' ? $success_email_fromname : WBMAILER_DEFAULT_SENDERNAME);
|
|
| 90 |
$success_email_text = $admin->add_slashes($_POST['success_email_text']);
|
|
| 85 |
$success_email_fromname = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_fromname'),true));
|
|
| 86 |
$success_email_fromname = ($success_email_fromname != '' ? $success_email_fromname : $email_fromname);
|
|
| 87 |
$success_email_text = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_text'),true));
|
|
| 91 | 88 |
$success_email_text = (($success_email_text != '') ? $success_email_text : ''); |
| 92 |
$success_email_subject = $admin->add_slashes($_POST['success_email_subject']);
|
|
| 89 |
$success_email_subject = $admin->add_slashes($admin->StripCodeFromText($admin->get_post('success_email_subject'),true));
|
|
| 93 | 90 |
$success_email_subject = (($success_email_subject != '') ? $success_email_subject : ''); |
| 94 | 91 |
|
| 95 |
//print '<pre style="text-align: left;"><strong>function '.__FUNCTION__.'( '.''.' );</strong> basename: '.basename(__FILE__).' line: '.__LINE__.' -> <br />'; |
|
| 96 |
//print_r( $_POST ); print '</pre>'; |
|
| 97 |
|
|
| 98 | 92 |
if(!is_numeric($_POST['max_submissions'])) {
|
| 99 | 93 |
$max_submissions = 50; |
| 100 | 94 |
} else {
|
| 101 |
$max_submissions = $_POST['max_submissions'];
|
|
| 95 |
$max_submissions = intval($_POST['max_submissions']);
|
|
| 102 | 96 |
} |
| 103 | 97 |
if(!is_numeric($_POST['stored_submissions'])) {
|
| 104 | 98 |
$stored_submissions = 100; |
| 105 | 99 |
} else {
|
| 106 |
$stored_submissions = $_POST['stored_submissions'];
|
|
| 100 |
$stored_submissions = intval($_POST['stored_submissions']);
|
|
| 107 | 101 |
} |
| 108 | 102 |
if(!is_numeric($_POST['perpage_submissions'])) {
|
| 109 | 103 |
$perpage_submissions = 10; |
| 110 | 104 |
} else {
|
| 111 |
$perpage_submissions = $_POST['perpage_submissions'];
|
|
| 105 |
$perpage_submissions = intval($_POST['perpage_submissions']);
|
|
| 112 | 106 |
} |
| 107 |
|
|
| 113 | 108 |
// Make sure max submissions is not greater than stored submissions if stored_submissions <>0 |
| 114 | 109 |
if($max_submissions > $stored_submissions) {
|
| 115 | 110 |
$max_submissions = $stored_submissions; |
| branches/2.8.x/wb/modules/form/languages/NL.php | ||
|---|---|---|
| 55 | 55 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 56 | 56 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 57 | 57 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 58 | 59 |
|
| 59 | 60 |
$TEXT['GUEST'] = 'Guest'; |
| 60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/NO.php | ||
|---|---|---|
| 55 | 55 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 56 | 56 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 57 | 57 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 58 | 59 |
|
| 59 | 60 |
$TEXT['GUEST'] = 'Guest'; |
| 60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/EN.php | ||
|---|---|---|
| 55 | 55 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 56 | 56 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 57 | 57 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 58 | 59 |
|
| 59 | 60 |
$TEXT['GUEST'] = 'Guest'; |
| 60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/DA.php | ||
|---|---|---|
| 55 | 55 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 56 | 56 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 57 | 57 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 58 | 59 |
|
| 59 | 60 |
$TEXT['GUEST'] = 'Guest'; |
| 60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/RU.php | ||
|---|---|---|
| 54 | 54 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 55 | 55 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 56 | 56 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 57 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 57 | 58 |
|
| 58 | 59 |
$TEXT['GUEST'] = 'Guest'; |
| 59 | 60 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/FR.php | ||
|---|---|---|
| 55 | 55 |
$MOD_FORM['REQUIRED_FIELDS'] = 'You must enter details for the following fields'; |
| 56 | 56 |
$MOD_FORM['RECIPIENT'] = 'E-mail confirmation occurs only to valid e-mail address of the user announced in each case! Dispatch to unchecked addresses is not possible!'; |
| 57 | 57 |
$MOD_FORM['ERROR'] = 'E-Mail could not send!!'; |
| 58 |
$MOD_FORM['SPAM'] = 'Caution! Answering an unchecked email can be perceived as spamming and entail the risk of receiving a cease-and-desist letter! '; |
|
| 58 | 59 |
|
| 59 | 60 |
$TEXT['GUEST'] = 'Guest'; |
| 60 | 61 |
$TEXT['PRINT_PAGE'] = 'Print page'; |
| branches/2.8.x/wb/modules/form/languages/DE.php | ||
|---|---|---|
| 48 | 48 |
$MOD_FORM['TO'] = 'Empfänger'; |
| 49 | 49 |
|
| 50 | 50 |
$MOD_FORM['EXCESS_SUBMISSIONS'] = 'Dieses Formular wurde zu oft aufgerufen. Bitte versuchen Sie es in einer Stunde noch einmal.'; |
| 51 |
$MOD_FORM['ERROR'] = 'E-Mail konnte nicht gesendet werden!!'; |
|
| 52 | 51 |
$MOD_FORM['INCORRECT_CAPTCHA'] = 'Die eingegebene Prüfziffer stimmt nicht überein. Wenn Sie Probleme mit dem Lesen der Prüfziffer haben, bitte schreiben Sie eine E-Mail an den <a href="mailto:{{webmaster_email}}">Webmaster</a>';
|
| 53 | 52 |
|
| 54 | 53 |
$MOD_FORM['PRINT'] = 'E-Mail Bestätigung erfolgt nur an die gültige E-Mail Adresse eines jeweils angemeldeten Benutzers! Versand an ungeprüfte Adressen ist nicht möglich! '; |
| ... | ... | |
| 56 | 55 |
|
| 57 | 56 |
$MOD_FORM['REQUIRED_FIELDS'] = 'Bitte folgende Angaben ergänzen'; |
| 58 | 57 |
$MOD_FORM['RECIPIENT'] = 'E-Mail Bestätigung erfolgt nur an die gültige E-Mail Adresse des jeweils angemeldeten Benutzers! Versand an ungeprüfte Adressen ist nicht möglich!'; |
| 58 |
$MOD_FORM['ERROR'] = 'E-Mail konnte nicht gesendet werden!!'; |
|
| 59 | 59 |
$MOD_FORM['SPAM'] = 'ACHTUNG! Beantworten einer ungeprüften E-Mail kann als Spam abgemahnt werden! '; |
| 60 | 60 |
|
| 61 | 61 |
$TEXT['GUEST'] = 'Gast'; |
Also available in: Unified diff
! upgrade-script: update if filesRemove or remove dirs failed
! update methode StripCodeFromText, add remove ,
! security fixes in form modul with StripCodeFromText