Copyright (C) 2004-2007, Ryan Djurovich Website Baker is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. Website Baker is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Website Baker; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ /* The Website Baker Project would like to thank Rudolph Lartey for his contributions to this module - adding extra field types */ // Must include code to stop this file being access directly if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); } // Function for generating an optionsfor a select field function make_option(&$n) { // start option group if it exists if (substr($n,0,2) == '[=') { $n = ''; } elseif ($n == ']') { $n = ''; } else { $n = ''; } } // Function for generating a checkbox function make_checkbox(&$n, $idx, $params) { $field_id = $params[0]; $seperator = $params[1]; //$n = ''.''.$n.''.$seperator; $n = ''.''.$n.''.$seperator; } // Function for generating a radio button function make_radio(&$n, $idx, $params) { $field_id = $params[0]; $group = $params[1]; $seperator = $params[2]; $n = ''.''.$n.''.$seperator; } // Generate temp submission id function new_submission_id() { $submission_id = ''; $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $submission_id = $submission_id . $tmp; $i++; } return $submission_id; } // Work-out if the form has been submitted or not if($_POST == array()) { // Set new submission ID in session $_SESSION['form_submission_id'] = new_submission_id(); ?> query("SELECT header,field_loop,footer,use_captcha FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); if($query_settings->numRows() > 0) { $fetch_settings = $query_settings->fetchRow(); $header = str_replace('{WB_URL}',WB_URL,$fetch_settings['header']); $field_loop = $fetch_settings['field_loop']; $footer = str_replace('{WB_URL}',WB_URL,$fetch_settings['footer']); $use_captcha = $fetch_settings['use_captcha']; } else { $header = ''; $field_loop = ''; $footer = ''; } // Add form starter code ?>
query("SELECT * FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id' ORDER BY position ASC"); if($query_fields->numRows() > 0) { while($field = $query_fields->fetchRow()) { // Set field values $field_id = $field['field_id']; $value = $field['value']; // Print field_loop after replacing vars with values $vars = array('{TITLE}', '{REQUIRED}'); $values = array($field['title']); if($field['required'] == 1) { $values[] = '*'; } else { $values[] = ''; } if($field['type'] == 'textfield') { $vars[] = '{FIELD}'; $values[] = ''; } elseif($field['type'] == 'textarea') { $vars[] = '{FIELD}'; $values[] = ''; } elseif($field['type'] == 'select') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_option'); $field['extra'] = explode(',',$field['extra']); $values[] = ''; } elseif($field['type'] == 'heading') { $vars[] = '{FIELD}'; $values[] = ''; $tmp_field_loop = $field_loop; // temporarily modify the field loop template $field_loop = $field['extra']; } elseif($field['type'] == 'checkbox') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_checkbox',array($field_id,$field['extra'])); $values[] = implode($options); } elseif($field['type'] == 'radio') { $vars[] = '{FIELD}'; $options = explode(',', $value); array_walk($options, 'make_radio',array($field_id,$field['title'],$field['extra'])); $values[] = implode($options); } elseif($field['type'] == 'email') { $vars[] = '{FIELD}'; $values[] = ''; } if($field['type'] != '') { echo str_replace($vars, $values, $field_loop); } if (isset($tmp_field_loop)) $field_loop = $tmp_field_loop; } } // Captcha if($use_captcha) { $_SESSION['captcha'] = ''; for($i = 0; $i < 5; $i++) { $_SESSION['captcha'] .= rand(0,9); } ?>:
Captcha
query("SELECT email_to,email_from,email_subject,success_message,max_submissions,stored_submissions,use_captcha FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'"); if($query_settings->numRows() > 0) { $fetch_settings = $query_settings->fetchRow(); $email_to = $fetch_settings['email_to']; $email_from = $fetch_settings['email_from']; if(substr($email_from, 0, 5) == 'field') { // Set the email from field to what the user entered in the specified field $email_from = $wb->add_slashes($_POST[$email_from]); } $email_subject = $fetch_settings['email_subject']; $success_message = $fetch_settings['success_message']; $max_submissions = $fetch_settings['max_submissions']; $stored_submissions = $fetch_settings['stored_submissions']; $use_captcha = $fetch_settings['use_captcha']; } else { exit($TEXT['UNDER_CONSTRUCTION']); } $email_body = ''; // Create blank "required" array $required = array(); // Loop through fields and add to message body // Get list of fields $query_fields = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id' ORDER BY position ASC"); if($query_fields->numRows() > 0) { while($field = $query_fields->fetchRow()) { // Add to message body if($field['type'] != '') { if(!empty($_POST['field'.$field['field_id']])) { if($field['type'] == 'email' AND $admin->validate_email($_POST['field'.$field['field_id']]) == false) { $email_error = $MESSAGE['USERS']['INVALID_EMAIL']; } if($field['type'] == 'heading') { $email_body .= $_POST['field'.$field['field_id']]."\n\n"; } elseif (!is_array($_POST['field'.$field['field_id']])) { $email_body .= $field['title'].': '.$_POST['field'.$field['field_id']]."\n\n"; } else { $email_body .= $field['title'].": \n"; foreach ($_POST['field'.$field['field_id']] as $k=>$v) { $email_body .= $v."\n"; } $email_body .= "\n"; } } elseif($field['required'] == 1) { $required[] = $field['title']; } } } } // Captcha if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) { /* Make's sure GD library is installed */ if($use_captcha) { if(isset($_POST['captcha']) AND $_POST['captcha'] != ''){ // Check for a mismatch if(!isset($_POST['captcha']) OR !isset($_SESSION['captcha']) OR $_POST['captcha'] != $_SESSION['captcha']) { $captcha_error = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA']; } } else { $captcha_error = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA']; } } } if(isset($_SESSION['captcha'])) { unset($_SESSION['captcha']); } // Addslashes to email body - proposed by Icheb in topic=1170.0 // $email_body = $wb->add_slashes($email_body); // Check if the user forgot to enter values into all the required fields if($required != array()) { if(!isset($MESSAGE['MOD_FORM']['REQUIRED_FIELDS'])) { echo 'You must enter details for the following fields'; } else { echo $MESSAGE['MOD_FORM']['REQUIRED_FIELDS']; } echo ':
'.$TEXT['BACK'].''; } else { if(isset($email_error)) { echo '
'.$TEXT['BACK'].''; } elseif(isset($captcha_error)) { echo '
'.$TEXT['BACK'].''; } else { // Check how many times form has been submitted in last hour $last_hour = time()-3600; $query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions WHERE submitted_when >= '$last_hour'"); if($query_submissions->numRows() > $max_submissions) { // Too many submissions so far this hour echo $MESSAGE['MOD_FORM']['EXCESS_SUBMISSIONS']; $success = false; } else { // Now send the email if($email_to != '') { if($email_from != '') { if($wb->mail($email_from,$email_to,$email_subject,$email_body)) { $success = true; } } } // Write submission to database if(isset($admin) AND $admin->get_user_id() > 0) { $admin->get_user_id(); } else { $submitted_by = 0; } $email_body = $wb->add_slashes($email_body); $database->query("INSERT INTO ".TABLE_PREFIX."mod_form_submissions (page_id,section_id,submitted_when,submitted_by,body) VALUES ('".PAGE_ID."','$section_id','".mktime()."','$submitted_by','$email_body')"); // Make sure submissions table isn't too full $query_submissions = $database->query("SELECT submission_id FROM ".TABLE_PREFIX."mod_form_submissions ORDER BY submitted_when"); $num_submissions = $query_submissions->numRows(); if($num_submissions > $stored_submissions) { // Remove excess submission $num_to_remove = $num_submissions-$stored_submissions; while($submission = $query_submissions->fetchRow()) { if($num_to_remove > 0) { $submission_id = $submission['submission_id']; $database->query("DELETE FROM ".TABLE_PREFIX."mod_form_submissions WHERE submission_id = '$submission_id'"); $num_to_remove = $num_to_remove-1; } } } if(!$database->is_error()) { $success = true; } } } } } // Now check if the email was sent successfully if(isset($success) AND $success == true) { echo $success_message; } else { if(isset($success) AND $success == false) { echo $TEXT['ERROR']; } } } ?>