Project

General

Profile

« Previous | Next » 

Revision 935

Added by aldus over 16 years ago

Bugfix for #688 - remove "AND required = 1" inside the query in line 470 so all fields are cleaned

View differences:

view.php
110 110 
		return $submission_id;
111 111 
	}
112 112 
}
113 

  		




  113
  114
  
    
// Work-out if the form has been submitted or not


  		




  114
  115
  
    
if($_POST == array()) {


  		




  115
  116
  
    

  		




  ......




  117
  118
  
    
$_SESSION['form_submission_id'] = new_submission_id();


  		




  118
  119
  
    

  		




  119
  120
  
    
// Get settings


  		




  120
  
  
    
$query_settings = $database->query("SELECT header,field_loop,footer,use_captcha FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'");


  		




  
  121
  
    
$query_settings = $database->query("SELECT header,field_loop,footer,use_captcha,name,use_xhtml_strict FROM ".TABLE_PREFIX."mod_form_settings WHERE section_id = '$section_id'");


  		




  121
  122
  
    
if($query_settings->numRows() > 0) {


  		




  122
  123
  
    
	$fetch_settings = $query_settings->fetchRow();


  		




  123
  124
  
    
	$header = str_replace('{WB_URL}',WB_URL,$fetch_settings['header']);


  		




  124
  125
  
    
	$field_loop = $fetch_settings['field_loop'];


  		




  125
  126
  
    
	$footer = str_replace('{WB_URL}',WB_URL,$fetch_settings['footer']);


  		




  126
  127
  
    
	$use_captcha = $fetch_settings['use_captcha'];


  		




  
  128
  
    
	$form_name = $fetch_settings['name'];


  		




  
  129
  
    
	$use_xhtml_strict = ($fetch_settings['use_xhtml_strict'] == 1);


  		




  127
  130
  
    
} else {


  		




  128
  131
  
    
	$header = '';


  		




  129
  132
  
    
	$field_loop = '';


  		




  130
  133
  
    
	$footer = '';


  		




  
  134
  
    
	$form_name = 'form';


  		




  
  135
  
    
	$use_xhtml_strict = false;


  		




  131
  136
  
    
}


  		




  132
  137
  
    

  		




  133
  138
  
    
?>


  		




  134
  
  
    
<form name="form" action="<?php echo htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])); ?>" method="post">


  		




  135
  
  
    
<input type="hidden" name="submission_id" value="<?php echo $_SESSION['form_submission_id']; ?>" />


  		




  
  139
  
    
<form <?php echo ( ( (strlen($form_name) > 0) AND (false == $use_xhtml_strict) ) ? "name=\"".$form_name."\"" : ""); ?> action="<?php echo htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])); ?>" method="post">


  		




  
  140
  
    
<div><input type="hidden" name="submission_id" value="<?php echo $_SESSION['form_submission_id']; ?>" /></div>


  		




  136
  141
  
    
<?php


  		




  137
  142
  
    
if(ENABLED_ASP) { // first add some honeypot-fields


  		




  138
  143
  
    
?>


  		




  139
  
  
    
<input type="hidden" name="submitted_when" value="<?php $t=time(); echo $t; $_SESSION['submitted_when']=$t; ?>" />


  		




  
  144
  
    
<div><input type="hidden" name="submitted_when" value="<?php $t=time(); echo $t; $_SESSION['submitted_when']=$t; ?>" /></div>


  		




  140
  145
  
    
<p class="nixhier">


  		




  141
  146
  
    
email address:


  		




  142
  147
  
    
<label for="email">Leave this field email-address blank:</label>


  		




  ......




  192
  197
  
    
			$values[] = '<select name="field'.$field_id.'[]" id="field'.$field_id.'" size="'.$field['extra'][0].'" '.$field['extra'][1].' class="select">'.implode($options).'</select>';		


  		




  193
  198
  
    
		} elseif($field['type'] == 'heading') {


  		




  194
  199
  
    
			$vars[] = '{FIELD}';


  		




  195
  
  
    
			$values[] = '<input type="hidden" name="field'.$field_id.'" id="field'.$field_id.'" value="===['.$field['title'].']===" />';


  		




  
  200
  
    
			$str = '<input type="hidden" name="field'.$field_id.'" id="field'.$field_id.'" value="===['.$field['title'].']===" />';


  		




  
  201
  
    
			$values[] = ( true == $use_xhtml_strict) ? "<div>".$str."</div>" : $str;


  		




  196
  202
  
    
			$tmp_field_loop = $field_loop;		// temporarily modify the field loop template


  		




  197
  203
  
    
			$field_loop = $field['extra'];


  		




  198
  204
  
    
		} elseif($field['type'] == 'checkbox') {


  		




  ......




  461
  467
  
    
			}    


  		




  462
  468
  
    
		}


  		




  463
  469
  
    
		// clearing session on success


  		




  464
  
  
    
		$query_fields = $database->query("SELECT field_id FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id' AND required = 1");


  		




  
  470
  
    
		$query_fields = $database->query("SELECT field_id FROM ".TABLE_PREFIX."mod_form_fields WHERE section_id = '$section_id'");


  		




  465
  471
  
    
		while($field = $query_fields->fetchRow()) {


  		




  466
  472
  
    
			$field_id = $field[0];


  		




  467
  473
  
    
			if(isset($_SESSION['field'.$field_id])) unset($_SESSION['field'.$field_id]);


  		




  ......




  470
  476
  
    
		if(isset($success) AND $success == false) {


  		




  471
  477
  
    
			echo $TEXT['ERROR'];


  		




  472
  478
  
    
		}


  		




  473
  
  
    
	}	


  		




  
  479
  
    
	}


  		




  474
  480
  
    
}


  		




  475
  481
  
    

  		




  476
  482
  
    
?>


  		












Also available in:  Unified diff