/**
* Execute the SQL statement to perform a version upgrade.
* An empty SQL parameter will return success.
*
* @param string $version Version being upgraded to
* @param array $sql SQL statement to execute
* @return integer Zero on success, One on failure.
*/
function EXP_upgrade_sql($version = 'Undefined', $sql = '')
{
global $_TABLES, $_CONF_EXP;
// We control this, so it shouldn't happen, but just to be safe...
if ($version == 'Undefined') {
COM_errorLog("Error updating {$_CONF_EXP['pi_name']} - Undefined Version");
return 1;
}
// If no sql statements passed in, return success
if (!is_array($sql)) {
return 0;
}
// Execute SQL now to perform the upgrade
COM_errorLOG("--Updating External Pages to version {$version}");
for ($i = 1; $i <= count($sql); $i++) {
COM_errorLOG("External Pages Plugin {$version} update: Executing SQL => " . current($sql));
DB_query(current($sql), '1');
if (DB_error()) {
COM_errorLog("SQL Error during External Pages plugin update", 1);
return 1;
break;
}
next($sql);
}
return 0;
}
function plugin_upgrade_quiz()
{
global $_TABLES, $_CONF;
require_once $_CONF['path'] . 'plugins/quiz/sql/updates/mysql_0.5_to_0.7.php';
COM_errorLOG("Begin processing {$_CONF['path']}plugins/quiz/sql/updates/mysql_0.5_0.7.php\nRecord Count is:" . count($_SQL));
for ($i = 1; $i <= count($_SQL); $i++) {
$progress .= "executing " . current($_SQL) . "<br>\n";
COM_errorLOG("executing " . current($_SQL));
DB_query(current($_SQL));
next($_SQL);
}
return true;
}
/**
* Actually perform any sql updates.
*
* @param string $version Version being upgraded TO
* @param array $sql Array of SQL statement(s) to execute
*/
function LGLIB_do_upgrade_sql($version)
{
global $_TABLES, $_LGLIB_CONF, $_UPGRADE_SQL;
// If no sql statements passed in, return success
if (!isset($_UPGRADE_SQL[$version]) || !is_array($_UPGRADE_SQL[$version])) {
return 0;
}
// Execute SQL now to perform the upgrade
COM_errorLOG("--Updating lgLib to version {$version}");
foreach ($_UPGRADE_SQL[$version] as $q) {
COM_errorLOG("lgLib Plugin {$version} update: Executing SQL => {$q}");
DB_query($q, '1');
if (DB_error()) {
COM_errorLog("SQL Error during lgLib plugin update: {$q}", 1);
return 1;
break;
}
}
return 0;
}
$categorySelectHTML .= "{$title} *";
} else {
$categorySelectHTML .= "{$title}";
}
$categorySelectHTML .= "</option>\n";
$arr = $mytree->getChildTreeArray($cid);
foreach ($arr as $option) {
$option['prefix'] = str_replace(".", "--", $option['prefix']);
$catpath = $option['prefix'] . " " . $myts->makeTboxData4Show($option[2]);
$categorySelectHTML .= '<option value="' . $option[$mytree->id] . '">';
if (!SEC_inGroup($option[5])) {
$categorySelectHTML .= "{$catpath} *";
} else {
$categorySelectHTML .= "{$catpath}";
}
$categorySelectHTML .= "</option>\n";
}
}
$T->set_var(array('lang_submitnotice' => _MD_SUBMITONCE, 'lang_allpending' => _MD_ALLPENDING, 'lang_dontabuse' => _MD_DONTABUSE, 'lang_takedays' => _MD_TAKEDAYS, 'lang_required' => _MD_REQUIRED, 'lang_filetitle' => _MD_FILETITLE, 'lang_filename' => _MD_DLFILENAME, 'lang_category' => _MD_CATEGORY, 'lang_approve' => _MD_APPROVEREQ, 'lang_homepage' => _MD_HOMEPAGEC, 'lang_version' => _MD_VERSIONC, 'lang_desc' => _MD_DESCRIPTIONC, 'lang_screenshot' => _MD_SHOTIMAGE, 'lang_commentoption' => _MD_COMMENTOPTION, 'lang_no' => _MD_NO, 'lang_yes' => _MD_YES, 'lang_submit' => _MD_SUBMIT, 'lang_cancel' => _MD_CANCEL, 'token_name' => CSRF_TOKEN, 'security_token' => SEC_createToken(), 'cat_select_options' => $categorySelectHTML, 'uid' => $uid));
$display .= FM_siteHeader();
$display .= COM_startBlock("<b>" . _MD_UPLOADTITLE . "</b>");
$T->parse('output', 'page');
$display .= $T->finish($T->get_var('output'));
$display .= COM_endBlock();
$display .= FM_siteFooter();
echo $display;
}
} else {
COM_errorLOG("Submit.php => FileMgmt Plugin Access denied. Attempted user upload of a file, Remote address is:{$_SERVER['REMOTE_ADDR']}");
redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOUPLOAD);
}
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +--------------------------------------------------------------------------+
require_once '../lib-common.php';
include_once $_CONF['path'] . 'plugins/filemgmt/include/header.php';
include_once $_CONF['path'] . 'plugins/filemgmt/include/functions.php';
// Comment out the following security check if you want general filemgmt users access to this report
if (!SEC_hasRights("filemgmt.edit")) {
COM_errorLOG("Downloadhistory.php => Filemgmt Plugin Access denied. Attempted access for file ID:{$lid}, Remote address is:{$_SERVER['REMOTE_ADDR']}");
redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOADMIN);
exit;
}
$lid = COM_applyFilter($_GET['lid'], true);
$result = DB_query("SELECT title FROM {$_TABLES['filemgmt_filedetail']} WHERE lid='" . DB_escapeString($lid) . "'");
list($dtitle) = DB_fetchARRAY($result);
$result = DB_query("SELECT date,uid,remote_ip FROM {$_TABLES['filemgmt_history']} WHERE lid='" . DB_escapeString($lid) . "'");
$display = COM_siteHeader('none');
$display .= "<table width='100%' border='0' cellspacing='1' cellpadding='4' class='plugin'><tr>";
$display .= "<td colspan='3'><center><H2>" . $LANG_FILEMGMT['DownloadReport'] . "</H2></center></td></tr><tr>";
$display .= "<td colspan='3'><H4>File: " . $dtitle . "</H4></td></tr><tr>";
$display .= "<td bgcolor='#000000' width='20%'><b><center><font color='#ffffff' size='3'>Date</font></center></b></td>";
$display .= "<td bgcolor='#000000' width='20%'><b><center><font color='#ffffff' size='3'>User</font></center></b></td>";
$display .= "<td bgcolor='#000000' width='20%'><b><center><font color='#ffffff' size='3'>Remote IP</font></center></b></td>";
$display .= "</tr>";
$asql .= ')';
} else {
$asql .= ' OR statuscode = ' . STORY_ARCHIVE_ON_EXPIRE . ") AND tid != '" . DB_escapeString($archivetid) . "'";
}
$expiresql = DB_query($asql);
while (list($sid, $expiretopic, $title, $expire, $statuscode) = DB_fetchArray($expiresql)) {
if ($statuscode == STORY_ARCHIVE_ON_EXPIRE) {
if (!empty($archivetid)) {
COM_errorLOG("Archive Story: {$sid}, Topic: {$archivetid}, Title: {$title}, Expired: {$expire}");
DB_query("UPDATE {$_TABLES['stories']} SET tid = '" . DB_escapeString($archivetid) . "', frontpage = '0', featured = '0' WHERE sid='" . DB_escapeString($sid) . "'");
CACHE_remove_instance('story_' . $sid);
CACHE_remove_instance('whatsnew');
}
} else {
if ($statuscode == STORY_DELETE_ON_EXPIRE) {
COM_errorLOG("Delete Story and comments: {$sid}, Topic: {$expiretopic}, Title: {$title}, Expired: {$expire}");
STORY_deleteImages($sid);
DB_query("DELETE FROM {$_TABLES['comments']} WHERE sid='" . DB_escapeString($sid) . "' AND type = 'article'");
DB_query("DELETE FROM {$_TABLES['stories']} WHERE sid='" . DB_escapeString($sid) . "'");
CACHE_remove_instance('story_' . $sid);
CACHE_remove_instance('whatsnew');
}
}
}
}
$sql = " (date <= NOW()) AND (draft_flag = 0)";
if (empty($topic)) {
$sql .= COM_getLangSQL('tid', 'AND', 's');
}
// if a topic was provided only select those stories.
if (!empty($topic)) {
/**
* Actually perform any sql updates.
* Gets the sql statements from the $UPGRADE array defined (maybe)
* in the SQL installation file.
*
* @since version 0.4.0
* @param string $version Version being upgraded TO
* @param boolean $ignore_error True to ignore SQL errors.
* @param array $sql Array of SQL statement(s) to execute
*/
function PAYPAL_do_upgrade_sql($version, $ignore_error = false)
{
global $_TABLES, $_PP_CONF, $PP_UPGRADE;
// If no sql statements passed in, return success
if (!is_array($PP_UPGRADE[$version])) {
return true;
}
// Execute SQL now to perform the upgrade
COM_errorLog("--- Updating Paypal to version {$version}", 1);
foreach ($PP_UPGRADE[$version] as $sql) {
COM_errorLOG("Paypal Plugin {$version} update: Executing SQL => {$sql}");
DB_query($sql, '1');
if (DB_error()) {
COM_errorLog("SQL Error during Paypal Plugin update", 1);
if (!$ignore_error) {
return false;
}
}
}
COM_errorLog("--- Paypal plugin SQL update to version {$version} done", 1);
return true;
}
function MG_upgrade_170()
{
global $_TABLES, $_CONF, $_DB_table_prefix;
require_once $_CONF['path'] . 'plugins/mediagallery/install_defaults.php';
mediagallery_update_ConfValues_1_7_0();
$_SQL = array();
$name_src = $_DB_table_prefix . 'mg_postcard';
$_SQL[] = "DROP TABLE `{$name_src}`";
$name_src = $_DB_table_prefix . 'mg_config';
$_SQL[] = "DROP TABLE `{$name_src}`";
$name_src = $_DB_table_prefix . 'mg_albums';
$_SQL[] = "ALTER TABLE `{$name_src}` DROP `enable_shutterfly`";
$name_src = $_DB_table_prefix . 'mg_media_queue';
$name_dest = $_DB_table_prefix . 'mg_mediaqueue';
$_SQL[] = "ALTER TABLE `{$name_src}` RENAME TO `{$name_dest}`";
$name_src = $_DB_table_prefix . 'mg_batch_sessions';
$name_dest = $_DB_table_prefix . 'mg_sessions';
$_SQL[] = "ALTER TABLE `{$name_src}` RENAME TO `{$name_dest}`";
$name_src = $_DB_table_prefix . 'mg_batch_session_log';
$name_dest = $_DB_table_prefix . 'mg_session_log';
$_SQL[] = "ALTER TABLE `{$name_src}` RENAME TO `{$name_dest}`";
$name_src = $_DB_table_prefix . 'mg_batch_session_items';
$name_dest = $_DB_table_prefix . 'mg_session_items';
$_SQL[] = "ALTER TABLE `{$name_src}` RENAME TO `{$name_dest}`";
$name_src = $_DB_table_prefix . 'mg_batch_session_items2';
$_SQL[] = "DROP TABLE `{$name_src}`";
$skins = array('border', 'default', 'mgAlbum', 'mgShadow', 'new_border', 'new_shadow', 'none');
$sql = "SELECT * FROM {$_TABLES['mg_albums']}";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
$_SQL[] = "UPDATE {$_TABLES['mg_albums']} " . "SET skin='default' " . "WHERE album_id=" . $A['album_id'];
if (!in_array($A['image_skin'], $skins)) {
$_SQL[] = "UPDATE {$_TABLES['mg_albums']} " . "SET image_skin='default' " . "WHERE album_id=" . $A['album_id'];
}
if (!in_array($A['display_skin'], $skins)) {
$_SQL[] = "UPDATE {$_TABLES['mg_albums']} " . "SET display_skin='default' " . "WHERE album_id=" . $A['album_id'];
}
if (!in_array($A['album_skin'], $skins)) {
$_SQL[] = "UPDATE {$_TABLES['mg_albums']} " . "SET album_skin='default' " . "WHERE album_id=" . $A['album_id'];
}
}
/* Execute SQL now to perform the upgrade */
for ($i = 1; $i <= count($_SQL); $i++) {
COM_errorLOG("Media Gallery plugin 1.7.0 update: Executing SQL => " . current($_SQL));
DB_query(current($_SQL), 1);
if (DB_error()) {
COM_errorLog("SQL Error during Media Gallery plugin update", 1);
return 1;
}
next($_SQL);
}
return 0;
}
/**
* Actually perform any sql updates.
* Gets the sql statements from the $UPGRADE array defined (maybe)
* in the SQL installation file.
*
* @since version 1.3.4
* @param string $version Version being upgraded TO
*/
function EVLIST_do_upgrade_sql($version = '')
{
global $_TABLES, $_EV_CONF, $_EV_UPGRADE;
$error = 0;
// If no sql statements passed in, return success
if (!is_array($_EV_UPGRADE[$version])) {
return $error;
}
// Execute SQL now to perform the upgrade
COM_errorLOG("--Updating EvList to version {$version}");
foreach ($_EV_UPGRADE[$version] as $sql) {
COM_errorLOG("EvList Plugin {$version} update: Executing SQL => {$sql}");
DB_query($sql, '1');
if (DB_error()) {
COM_errorLog("SQL Error during EvList Plugin update", 1);
$error = 1;
break;
}
}
return $error;
}
function glfusion_117()
{
global $_TABLES, $_FM_TABLES, $_CONF;
$_SQL = array();
// new tables for ratings
$_SQL[] = "CREATE TABLE IF NOT EXISTS {$_TABLES['rating']} (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n `type` varchar(254) NOT NULL DEFAULT '',\n `item_id` varchar(40) NOT NULL,\n `votes` int(11) NOT NULL,\n `rating` decimal(4,2) NOT NULL,\n KEY `id` (`id`)\n ) ENGINE=MyISAM;";
$_SQL[] = "CREATE TABLE IF NOT EXISTS {$_TABLES['rating_votes']} (\n `id` int(11) unsigned NOT NULL AUTO_INCREMENT,\n `type` varchar(254) NOT NULL DEFAULT '',\n `item_id` varchar(40) NOT NULL,\n `uid` mediumint(8) NOT NULL,\n `ip_address` varchar(14) NOT NULL,\n `ratingdate` int(11) NOT NULL,\n PRIMARY KEY (`id`),\n KEY `uid` (`uid`),\n KEY `ip_address` (`ip_address`),\n KEY `type` (`type`)\n ) ENGINE=MyISAM;";
/* Execute SQL now to perform the upgrade */
for ($i = 1; $i <= count($_SQL); $i++) {
COM_errorLOG("glFusion 1.1.7 Development update: Executing SQL => " . current($_SQL));
DB_query(current($_SQL), 1);
next($_SQL);
}
DB_query("ALTER TABLE {$_TABLES['rating_votes']} ADD rating INT NOT NULL DEFAULT '0' AFTER item_id ", 1);
// new config options
require_once $_CONF['path_system'] . 'classes/config.class.php';
$c = config::get_instance();
$c->add('rating_enabled', 1, 'select', 1, 7, 24, 1237, TRUE);
// - new CAPTCHA settings
$c->add('publickey', '', 'text', 0, 0, 0, 42, true, 'captcha');
$c->add('privatekey', '', 'text', 0, 0, 0, 44, true, 'captcha');
$c->add('recaptcha_theme', 'white', 'select', 0, 0, 6, 46, true, 'captcha');
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version='3.2.4' WHERE pi_name='captcha'");
// -- *** NEED TO ADD RATING SPEED LIMIT ***
// - option to turn on rating in filemgmt
// new fields in story table to hold rating / votes
$_SQL = array();
$_SQL[] = "ALTER TABLE {$_TABLES['stories']} ADD `rating` float NOT NULL DEFAULT '0' AFTER hits";
$_SQL[] = "ALTER TABLE {$_TABLES['stories']} ADD `votes` int(11) NOT NULL DEFAULT '0' AFTER rating";
/* Execute SQL now to perform the upgrade */
for ($i = 1; $i <= count($_SQL); $i++) {
COM_errorLOG("glFusion 1.1.7 Development update: Executing SQL => " . current($_SQL));
DB_query(current($_SQL), 1);
next($_SQL);
}
// convert the existing filemgmt ratings to new rating system...
$fm_version = DB_getItem($_TABLES['plugins'], 'pi_version', 'pi_name="filemgmt"');
if ($fm_version != '1.7.5') {
DB_query("UPDATE {$_FM_TABLES['filemgmt_filedetail']} set rating = rating / 2", 1);
$result = DB_query("SELECT * FROM {$_FM_TABLES['filemgmt_filedetail']} WHERE votes > 0");
while ($F = DB_fetchArray($result)) {
$item_id = $F['lid'];
$votes = $F['votes'];
$rating = $F['rating'];
DB_query("INSERT INTO {$_TABLES['rating']} (type,item_id,votes,rating) VALUES ('filemgmt','" . $item_id . "',{$votes},{$rating});", 1);
}
$result = DB_query("SELECT * FROM {$_FM_TABLES['filemgmt_votedata']}");
while ($H = DB_fetchArray($result)) {
$item_id = $H['lid'];
$user_id = $H['ratinguser'];
$ip = $H['ratinghostname'];
$time = $H['ratingtimestamp'];
$rating = $H['rating'] / 2;
DB_query("INSERT INTO {$_TABLES['rating_votes']} (type,item_id,rating,uid,ip_address,ratingdate) VALUES ('filemgmt','" . $item_id . "',{$rating},{$user_id},'" . $ip . "',{$time});");
}
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version='1.7.5' WHERE pi_name='filemgmt'");
}
// convert the existing Media Gallery ratings to new rating system...
$mg_version = DB_getItem($_TABLES['plugins'], 'pi_version', 'pi_name="mediagallery"');
if ($fm_version != '1.6.8') {
DB_query("UPDATE {$_TABLES['mg_media']} set media_rating = media_rating / 2", 1);
$result = DB_query("SELECT * FROM {$_TABLES['mg_media']} WHERE media_votes > 0");
while ($F = DB_fetchArray($result)) {
$item_id = $F['media_id'];
$votes = $F['media_votes'];
$rating = $F['media_rating'];
DB_query("INSERT INTO {$_TABLES['rating']} (type,item_id,votes,rating) VALUES ('mediagallery','" . $item_id . "',{$votes},{$rating});", 1);
}
$result = DB_query("SELECT * FROM {$_TABLES['mg_rating']}");
while ($H = DB_fetchArray($result)) {
$item_id = $H['media_id'];
$user_id = $H['uid'];
$ip = $H['ip_address'];
$time = $H['ratingdate'];
DB_query("INSERT INTO {$_TABLES['rating_votes']} (type,item_id,uid,ip_address,ratingdate) VALUES ('mediagallery','" . $item_id . "',{$user_id},'" . $ip . "',{$time});");
}
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version='1.6.8' WHERE pi_name='mediagallery'");
}
DB_query("INSERT INTO {$_TABLES['vars']} SET value='1.1.7',name='glfusion'", 1);
DB_query("UPDATE {$_TABLES['vars']} SET value='1.1.7' WHERE name='glfusion'", 1);
}
/**
* Puts the datastructures for this plugin into the Geeklog database
*
* Note: Corresponding uninstall routine is in functions.inc
*
* @return boolean True if successful False otherwise
*
*/
function plugin_install_now()
{
global $pi_name, $pi_version, $gl_version, $pi_url, $NEWTABLE, $DEFVALUES, $NEWFEATURE;
global $_TABLES, $_CONF, $_ENV;
COM_errorLog("Attempting to install the {$pi_name} Plugin", 1);
$uninstall_plugin = 'plugin_uninstall_' . $pi_name;
// Create the Plugins Tables
require_once $_CONF['path'] . 'plugins/messenger/sql/messenger_install_1.0.php';
for ($i = 1; $i <= count($_SQL); $i++) {
$progress .= "executing " . current($_SQL) . "<br>\n";
COM_errorLOG("executing " . current($_SQL));
DB_query(current($_SQL));
if (DB_error()) {
COM_errorLog("Error Creating {$table} table", 1);
$uninstall_plugin('DeletePlugin');
return false;
exit;
}
next($_SQL);
}
COM_errorLog("Success - Created {$table} table", 1);
// Insert Default Data
foreach ($DEFVALUES as $table => $sql) {
COM_errorLog("Inserting default data into {$table} table", 1);
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("Error inserting default data into {$table} table", 1);
$uninstall_plugin();
return false;
exit;
}
COM_errorLog("Success - inserting data into {$table} table", 1);
}
// Create the plugin admin security group
COM_errorLog("Attempting to create {$pi_name} admin group", 1);
DB_query("INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr) " . "VALUES ('{$pi_name} Admin', 'Users in this group can administer the {$pi_name} plugin')", 1);
if (DB_error()) {
plugin_install_now();
return false;
exit;
}
COM_errorLog('...success', 1);
$group_id = DB_insertId();
// Save the grp id for later uninstall
COM_errorLog('About to save group_id to vars table for use during uninstall', 1);
DB_query("INSERT INTO {$_TABLES['vars']} VALUES ('{$pi_name}_admin', {$group_id})", 1);
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
COM_errorLog('...success', 1);
// Add plugin Features
foreach ($NEWFEATURE as $feature => $desc) {
COM_errorLog("Adding {$feature} feature", 1);
DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr) " . "VALUES ('{$feature}','{$desc}')", 1);
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature", 1);
$uninstall_plugin();
return false;
exit;
}
$feat_id = DB_insertId();
COM_errorLog("Success", 1);
COM_errorLog("Adding {$feature} feature to admin group", 1);
DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES ({$feat_id}, {$group_id})");
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature to admin group", 1);
$uninstall_plugin();
return false;
exit;
}
COM_errorLog("Success", 1);
}
// OK, now give Root users access to this plugin now! NOTE: Root group should always be 1
COM_errorLog("Attempting to give all users in Root group access to {$pi_name} admin group", 1);
DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES ({$group_id}, NULL, 1)");
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
// Register the plugin with Geeklog
COM_errorLog("Registering {$pi_name} plugin with Geeklog", 1);
DB_delete($_TABLES['plugins'], 'pi_name', 'messenger');
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) " . "VALUES ('{$pi_name}', '{$pi_version}', '{$gl_version}', '{$pi_url}', 1)");
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
DB_query("INSERT INTO {$_TABLES['vars']} VALUES ('{$pi_name}_status', 1)", 1);
/* DO NOT REMOVE OR CHANGE THE FOLLOWING CODE UNDER ANY CONDITION */
/* This Plugin requires a license to be installed and information collected is ONLY used to track that license */
/* Blaine Lang: glmessenger author */
$message = 'Completed plugin install: ' . date('m d Y', time()) . " AT " . date('H:i', time()) . "\n";
$message .= 'Site: ' . $_CONF['site_url'] . ' and Sitename: ' . $_CONF['site_name'] . "\n";
$message .= 'Admin: ' . $_CONF['site_mail'] . "\n";
$message .= 'Hostname: ' . $_ENV['HOSTNAME'] . ' and RemoteAddress: ' . $_ENV['REMOTE_ADDR'];
@mail('*****@*****.**', 'glMessenger Install successfull', $message);
COM_errorLog("Succesfully installed the {$pi_name} Plugin!", 1);
return true;
}
function MG_upgrade_160()
{
global $_TABLES, $_CONF, $_MG_CONF;
$_SQL = array();
if ($_DB_dbms == 'mssql') {
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `tnheight` SMALLINT NOT NULL DEFAULT '0'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `tnwidth` SMALLINT NOT NULL DEFAULT '0'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `usealternate` SMALLINT NOT NULL DEFAULT '0'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `skin` VARCHAR( 255 ) NOT NULL DEFAULT 'default'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `rsschildren` SMALLINT NOT NULL DEFAULT '0'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `mp3ribbon` SMALLINT NOT NULL DEFAULT '0'";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `artist` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `album` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `genre` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `artist` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `album` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `genre` VARCHAR(255) NULL";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_sort']} ADD `referer` VARCHAR(255) NOT NULL DEFAULT ''";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_sort']} ADD `keywords` VARCHAR(255) NOT NULL DEFAULT ''";
$_SQL[] = "CREATE TABLE [dbo].[{$_TABLES['mg_rating']}] (\n [id] [int] PRIMARY KEY CLUSTERED,\n [ip_address] [varchar] (14) NOT NULL DEFAULT ('0'),\n [uid] [int] NOT NULL DEFAULT ('0'),\n [media_id] [varchar] (40) NOT NULL DEFAULT ('0'),\n [ratingdate] [int] NOT NULL DEFAULT ('0'),\n [owner_id] [int] NOT NULL default ('2')\n ) ON [PRIMARY]\n ";
$_SQL[] = "CREATE NONCLUSTERED INDEX [IX_mg_rating_owner_id] ON [dbo].[{$_TABLES['mg_rating']}]\n (\n \t[owner_id] ASC\n ) ON [PRIMARY]\n ";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('random_skin','mgShadow')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_border','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_align','auto')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_width','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_height','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_src','tn')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_autoplay','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_enable_link','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_delay','5')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_showtitle','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('use_flowplayer','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_columns','3')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_rows','4')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_playback_type','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_enable_views','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_enable_rating','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_only','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('ad_tn_height','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('ad_tn_width','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_tn_height','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_tn_width','200')";
} else {
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `tnheight` INT NOT NULL DEFAULT '0' AFTER `tn_attached`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `tnwidth` INT NOT NULL DEFAULT '0' AFTER `tnheight`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `usealternate` TINYINT NOT NULL DEFAULT '0' AFTER `playback_type`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `skin` VARCHAR( 255 ) NOT NULL DEFAULT 'default' AFTER `album_order`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `rsschildren` TINYINT NOT NULL DEFAULT '0' AFTER `shopping_cart`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_albums']} ADD `mp3ribbon` TINYINT NOT NULL DEFAULT '0' AFTER `podcast`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `artist` VARCHAR(255) NULL AFTER `media_watermarked`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `album` VARCHAR(255) NULL AFTER `artist`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_media']} ADD `genre` VARCHAR(255) NULL AFTER `album`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `artist` VARCHAR(255) NULL AFTER `media_watermarked`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `album` VARCHAR(255) NULL AFTER `artist`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_mediaqueue']} ADD `genre` VARCHAR(255) NULL AFTER `album`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_sort']} ADD `referer` VARCHAR(255) NOT NULL DEFAULT '' AFTER `sort_datetime`";
$_SQL[] = "ALTER TABLE {$_TABLES['mg_sort']} ADD `keywords` VARCHAR(255) NOT NULL DEFAULT '' AFTER `referer`";
$_SQL[] = "CREATE TABLE {$_TABLES['mg_rating']} ( " . "`id` int(11) unsigned NOT NULL default '0', " . "`ip_address` varchar(14) NOT NULL, " . "`uid` mediumint(8) NOT NULL, " . "`media_id` varchar(40) NOT NULL, " . "`ratingdate` int(11) NOT NULL, " . "`owner_id` mediumint(8) NOT NULL default '2', " . "PRIMARY KEY (`id`), " . "KEY `owner_id` (`owner_id`));";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('random_skin','mgShadow')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_border','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_align','auto')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_width','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_height','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_src','tn')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_autoplay','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_enable_link','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_delay','5')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('at_showtitle','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('use_flowplayer','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_columns','3')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_rows','4')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_playback_type','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_enable_views','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('search_enable_rating','1')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_only','0')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('ad_tn_height','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('ad_tn_width','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_tn_height','200')";
$_SQL[] = "INSERT INTO {$_TABLES['mg_config']} VALUES ('gallery_tn_width','200')";
}
/* Execute SQL now to perform the upgrade */
for ($i = 1; $i <= count($_SQL); $i++) {
COM_errorLOG("Media Gallery plugin 1.6.0 update: Executing SQL => " . current($_SQL));
DB_query(current($_SQL), 1);
if (DB_error()) {
COM_errorLog("SQL Error during Media Gallery plugin update", 1);
return 1;
}
next($_SQL);
}
return 0;
}
/**
* Move blocks UP, Down and Switch Sides - Left and Right
*
*/
function BLOCK_move($bid, $where)
{
global $_CONF, $_TABLES, $LANG21;
$retval = '';
// if the block id exists
if (DB_count($_TABLES['blocks'], "bid", $bid) == 1) {
switch ($where) {
case "up":
$q = "UPDATE " . $_TABLES['blocks'] . " SET blockorder = blockorder-11 WHERE bid = '" . $bid . "'";
DB_query($q);
break;
case "dn":
$q = "UPDATE " . $_TABLES['blocks'] . " SET blockorder = blockorder+11 WHERE bid = '" . $bid . "'";
DB_query($q);
break;
case "0":
$q = "UPDATE " . $_TABLES['blocks'] . " SET onleft = '1', blockorder = blockorder-1 WHERE bid = '" . $bid . "'";
DB_query($q);
break;
case "1":
$q = "UPDATE " . $_TABLES['blocks'] . " SET onleft = '0',blockorder = blockorder-1 WHERE bid = '" . $bid . "'";
DB_query($q);
break;
}
} else {
COM_errorLOG("block admin error: Attempt to move an non existing block id: {$bid}");
}
echo COM_refresh($_CONF['site_admin_url'] . "/block.php");
return $retval;
}
/**
* Puts the datastructures for this plugin into the Geeklog database
*
* Note: Corresponding uninstall routine is in functions.inc
*
* @return boolean True if successful False otherwise
*
*/
function plugin_install_now()
{
global $pi_name, $pi_version, $gl_version, $pi_url, $NEWTABLE, $DEFVALUES, $NEWFEATURE;
global $_TABLES, $_CONF;
COM_errorLog("Attempting to install the {$pi_name} Plugin", 1);
$uninstall_plugin = 'plugin_uninstall_' . $pi_name;
// Create the Plugins Tables
require_once $_CONF['path'] . 'plugins/forum/sql/mysql_install_3.0.php';
for ($i = 1; $i <= count($_SQL); $i++) {
$progress .= "executing " . current($_SQL) . "<br>\n";
COM_errorLOG("executing " . current($_SQL));
DB_query(current($_SQL), '1');
if (DB_error()) {
COM_errorLog("Error Creating {$table} table", 1);
$uninstall_plugin('DeletePlugin');
return false;
exit;
}
next($_SQL);
}
COM_errorLog("Success - Created {$table} table", 1);
// Insert Default Data
foreach ($DEFVALUES as $table => $sql) {
COM_errorLog("Inserting default data into {$table} table", 1);
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("Error inserting default data into {$table} table", 1);
$uninstall_plugin();
return false;
exit;
}
COM_errorLog("Success - inserting data into {$table} table", 1);
}
// Create the plugin admin security group
COM_errorLog("Attempting to create {$pi_name} admin group", 1);
DB_query("INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr) " . "VALUES ('{$pi_name} Admin', 'Users in this group can administer the {$pi_name} plugin')", 1);
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
COM_errorLog('...success', 1);
$query = DB_query("SELECT max(grp_id) FROM {$_TABLES['groups']} ");
list($group_id) = DB_fetchArray($query);
// Save the grp id for later uninstall
COM_errorLog('About to save group_id to vars table for use during uninstall', 1);
DB_query("INSERT INTO {$_TABLES['vars']} VALUES ('{$pi_name}_admin', {$group_id})", 1);
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
COM_errorLog('...success', 1);
// Add plugin Features
foreach ($NEWFEATURE as $feature => $desc) {
COM_errorLog("Adding {$feature} feature", 1);
DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr) " . "VALUES ('{$feature}','{$desc}')", 1);
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature", 1);
$uninstall_plugin();
return false;
exit;
}
$query = DB_query("SELECT max(ft_id) FROM {$_TABLES['features']} ");
list($feat_id) = DB_fetchArray($query);
COM_errorLog("Success", 1);
COM_errorLog("Adding {$feature} feature to admin group", 1);
DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES ({$feat_id}, {$group_id})");
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature to admin group", 1);
$uninstall_plugin();
return false;
exit;
}
COM_errorLog("Success", 1);
}
// OK, now give Root users access to this plugin now! NOTE: Root group should always be 1
COM_errorLog("Attempting to give all users in Root group access to {$pi_name} admin group", 1);
DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES ({$group_id}, NULL, 1)");
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
// Register the plugin with Geeklog
COM_errorLog("Registering {$pi_name} plugin with Geeklog", 1);
DB_delete($_TABLES['plugins'], 'pi_name', $pi_name);
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) " . "VALUES ('{$pi_name}', '{$pi_version}', '{$gl_version}', '{$pi_url}', 1)");
if (DB_error()) {
$uninstall_plugin();
return false;
exit;
}
COM_errorLog("Succesfully installed the {$pi_name} Plugin!", 1);
return true;
}
function upgrade_30()
{
global $_TABLES;
$_SQL = array();
$_SQL[] = "CREATE TABLE IF NOT EXISTS {$_TABLES['ff_bookmarks']} (\n uid mediumint(8) NOT NULL,\n topic_id int(11) NOT NULL,\n pid int(11) NOT NULL default '0',\n KEY topic_id (`topic_id`),\n KEY pid (pid),\n KEY uid (uid)\n ) ENGINE=MyISAM ;";
$_SQL[] = "CREATE TABLE IF NOT EXISTS {$_TABLES['ff_attachments']} (\n id` int(11) NOT NULL auto_increment,\n topic_id int(11) NOT NULL,\n repository_id int(11) default NULL,\n filename varchar(255) NOT NULL,\n tempfile tinyint(1) NOT NULL default '0',\n show_inline tinyint(4) NOT NULL default '0',\n PRIMARY KEY (id),\n KEY topic_id (topic_id)\n ) ENGINE=MyISAM;";
// Set default access to use attachments to be the Root group
$_SQL[] = "ALTER TABLE {$_TABLES['ff_forums']} ADD use_attachment_grpid mediumint(8) DEFAULT '1' NOT NULL AFTER grp_id";
/* Execute SQL now to perform the upgrade */
for ($i = 1; $i <= count($_SQL); $i++) {
COM_errorLOG("Forum Plugin 3.0 update: Executing SQL => " . current($_SQL));
DB_query(current($_SQL), '1');
if (DB_error()) {
COM_errorLog("SQL Error during Forum plugin update", 1);
return 1;
break;
}
next($_SQL);
}
COM_errorLog("Success - Completed Forum plugin version 3.0 update", 1);
return 0;
}
function updateMenuRecord($mode)
{
global $_CONF, $CONF_NEXMENU, $_TABLES, $id, $idCurrent;
$parent = ppPrepareForDB($_POST['menu_parent']);
$order = ppPrepareForDB($_POST['menu_order']);
$label = addslashes(ppPrepareForDB(htmlspecialchars($_POST['menu_label'], ENT_QUOTES, $CONF_NEXMENU['charset'])));
$image = ppPrepareForDB($_POST['menu_image']);
$menutype = ppPrepareForDB($_POST['menutype']);
$menu_location = ppPrepareForDB($_POST['menu_location']);
$coremenutype = ppPrepareForDB($_POST['coremenutype']);
$phpfunction = ppPrepareForDB($_POST['phpfunction']);
$grp_access = ppPrepareForDB($_POST['grp_access']);
$is_enabled = isset($_POST['menu_status']) ? 1 : 0;
if ($label == '') {
$GLOBALS['statusmsg'] = 'Error adding or updating Record. Label can not be blank';
return;
}
switch ($menutype) {
case 1:
$url = $_POST['menu_url'];
break;
case 2:
$url = $_POST['menu_url'];
break;
case 3:
$url = '';
break;
case 4:
$url = $CONF_NEXMENU['coremenu'][$coremenutype];
break;
case 5:
$url = $phpfunction;
break;
}
if ($mode == 'add') {
if ($order < 1) {
$query = DB_query("SELECT MAX(menuorder) FROM {$_TABLES['nexmenu']} WHERE pid={$parent}");
list($order) = DB_fetchArray($query);
$order++;
}
$sql = "INSERT INTO {$_TABLES['nexmenu']} (pid,menutype,location,menuorder,label,url,grp_access,image,is_enabled) ";
$sql .= "VALUES ('{$parent}','{$menutype}','{$menu_location}','{$order}','{$label}','{$url}','{$grp_access}','{$image}','{$is_enabled}')";
DB_query($sql);
$GLOBALS['id'] = DB_insertID();
$GLOBALS['statusmsg'] = 'Record Added';
$idCurrent = DB_insertID();
// Make the new record the current record
foreach ($_POST['alternatelabel'] as $langid => $languagelabel) {
if (trim($languagelabel) != '') {
if (DB_count($_TABLES['nexmenu_language'], array('menuitem', 'language'), array($id, $langid))) {
DB_query("UPDATE {$_TABLES['nexmenu_language']} SET label = '{$languagelabel}' WHERE menuitem={$idCurrent} AND language={$langid} ");
} else {
DB_query("INSERT INTO {$_TABLES['nexmenu_language']} (menuitem,language,label) VALUES ({$idCurrent},{$langid},'{$languagelabel}')");
}
}
}
} elseif (DB_count($_TABLES['nexmenu'], "id", $id) == 1) {
if ($order < 1) {
$query = DB_query("SELECT MAX(menuorder) FROM {$_TABLES['nexmenu']} WHERE pid={$parent}");
list($order) = DB_fetchArray($query);
$order++;
}
/* Check if this is a menu and the location has changed (header or block location of menu */
$curLocation = DB_getItem($_TABLES['nexmenu'], "location", "id='{$id}'");
if ($menutype == 3 and $menu_location != '$curlocation') {
/* update any menuitems or submenus as well - need to move them all */
updateFolderLocation($id, $menu_location);
}
$sql = "UPDATE {$_TABLES['nexmenu']} SET pid='{$parent}',menutype='{$menutype}',location='{$menu_location}', image='{$image}', ";
$sql .= "menuorder='{$order}',label='{$label}', url='{$url}',grp_access='{$grp_access}',is_enabled='{$is_enabled}' WHERE id='{$id}'";
DB_query($sql);
foreach ($_POST['alternatelabel'] as $langid => $languagelabel) {
if (trim($languagelabel) != '') {
if (DB_count($_TABLES['nexmenu_language'], array('menuitem', 'language'), array($id, $langid))) {
DB_query("UPDATE {$_TABLES['nexmenu_language']} SET label = '{$languagelabel}' WHERE menuitem={$id} AND language={$langid} ");
} else {
DB_query("INSERT INTO {$_TABLES['nexmenu_language']} (menuitem,language,label) VALUES ({$id},{$langid},'{$languagelabel}')");
}
}
}
$GLOBALS['statusmsg'] = 'Record Updated';
} else {
COM_errorLOG("nexmenu Plugin: Admin Error updating Record");
$GLOBALS['statusmsg'] = 'Error adding or updating Record';
}
}
/**
* Creates an <option> list from a database list for use in forms
*
* Creates option list form field using given arguments
*
* @param string $mode modes are edit,read,options, or alist.
* 'edit' returns a HTML selectbox,
* 'read' just the value
* 'fread' just read the value, but take into account any functions
* 'options' returns the select options without the <select> </select> HTML
* 'alist' an array of values.
* @param string $varname Fieldname to use for the formated HTML
* @param string $listid ID of the nexlist List Definition to get data from
* @param string $fieldnum Fieldnum from the list to be used in for the selectbox options.
* @param string/array $selected Value(s) (from $selection) to set to SELECTED or default
* @param string $where Optional Value(s) to use in where clause.
* Format 'fieldnum:match,fieldnum:match' - can be 1 match or multiple
* @param integer $classname Option value used by Dynamic Selectbox Javascript to show a filtered list of options
$ @param boolean $noDefault If set true then don't add the <option value=0>Select Value</option>
* @return string Formated HTML of option values
*
* Examples: $mktgMgrUid = nexlistOptionList('read','',43, 2, '',"0:$division,1:$product");
* Read from list 43 - get list field 3 where field1 matches the division and field2 matches the product
* Returns a single value
*
*/
function nexlistOptionList($mode, $varname, $listid, $fieldnum = 0, $selected = '', $where = '', $classvalue = -1, $noDefault = false, $sortOrder = '')
{
global $_TABLES;
$retval = '';
$options = array();
//check to see if this field uses a function, and if so, which function
$used_lists = array();
//keep track of lists used to stop possible infinate loop
while (1) {
if (!in_array("{$listid},{$fieldnum}", $used_lists)) {
$used_lists[] = "{$listid},{$fieldnum}";
$res = DB_query("SELECT value_by_function FROM {$_TABLES['nexlistfields']} WHERE lid={$listid}");
$i = -1;
while ($i != $fieldnum and $R = DB_fetchArray($res)) {
$func = $R['value_by_function'];
$i++;
}
if (strpos($func, '[list:') !== false) {
$values = str_replace('[list:', '', $func);
$values = str_replace(']', '', $values);
$v_arr = explode(',', $values);
$listid = $v_arr[0];
$fieldnum = $v_arr[1];
} else {
break;
}
} else {
break;
}
}
// Check if where option is passed in and valid - ie has 2 parms
$whereoption = false;
$whereoptions = explode(',', $where);
if (count($whereoptions) > 0) {
$whereparms = array();
foreach ($whereoptions as $whereclause) {
if ($whereclause != '' and strpos($whereclause, ':') > 0) {
// Break out the two parms in where clause - List Field ID and Value
$parms = explode(':', $whereclause);
if (count($parms) == 2) {
$whereparms[$parms['0']] = $parms['1'];
$whereoption = true;
}
}
}
}
if ($CONF_LL['debug']) {
COM_errorLOG("nexlistOptionList -> mode:{$mode}, varname:{$varname},listid:{$listid},fieldnum:{$fieldnum}, selected:{$selected}");
}
// Get field id for the selected field
$q1 = DB_query("SELECT fieldname FROM {$_TABLES['nexlistfields']} WHERE lid='{$listid}' ORDER BY id");
if (DB_numRows($q1) == 0) {
return '';
}
$q2 = DB_query("SELECT id, value FROM {$_TABLES['nexlistitems']} WHERE lid='{$listid}' ORDER BY itemorder asc, id asc");
while (list($id, $values) = DB_fetchArray($q2)) {
$avalues = explode(',', $values);
if ($whereoption) {
$match = false;
// Cycle thru the Where fields and look for a match - Array key is the list Field ID
$match = 0;
foreach ($whereparms as $key => $matchvalue) {
if ($avalues[$key] == $matchvalue) {
$match++;
}
}
if ($match == count($whereparms)) {
if (function_exists($func) and $mode != 'read') {
$options[$id] = $func('view', '', $options[$id]);
} else {
$options[$id] = $avalues[$fieldnum];
}
}
} else {
if (function_exists($func) and $mode != 'read') {
$options[$id] = $func('view', '', $avalues[$fieldnum]);
} else {
$options[$id] = $avalues[$fieldnum];
}
}
}
//sort the array
if ($sortOrder == 'asc') {
asort($options);
} else {
if ($sortOrder == 'desc') {
arsort($options);
}
}
if ($mode == 'edit') {
$retval = '<select id="' . $varname . '" name="' . $varname . '">';
if (!$noDefault) {
$retval .= '<option value="0">Select Value</option>';
}
foreach ($options as $key => $label) {
if ($classvalue != -1) {
$A = explode(',', DB_getItem($_TABLES['nexlistitems'], 'value', "id={$key}"));
$class = "class=\"{$A[$classvalue]}\" ";
}
if ($key == $selected) {
$retval .= '<option ' . $class . 'value="' . $key . '" SELECTED>' . $label . '</option>';
} else {
$retval .= '<option ' . $class . 'value="' . $key . '">' . $label . '</option>';
}
}
$retval .= '</select>';
} elseif ($mode == 'options') {
if (!$noDefault) {
$retval .= '<option value="0">Select Value</option>';
}
foreach ($options as $key => $label) {
if ($classvalue != -1) {
$A = explode(',', DB_getItem($_TABLES['nexlistitems'], 'value', "id={$key}"));
$class = "class=\"{$A[$classvalue]}\" ";
}
$aselected = array();
if (!is_array($selected)) {
$aselected[] = $selected;
} else {
$aselected = $selected;
}
if (in_array($key, $aselected)) {
$retval .= '<option ' . $class . 'value="' . $key . '" SELECTED>' . $label . '</option>';
} else {
$retval .= '<option ' . $class . 'value="' . $key . '">' . $label . '</option>';
}
}
} elseif ($mode == 'alist') {
if ($classvalue != -1) {
$classOptions = array();
foreach ($options as $key => $label) {
$A = explode(',', DB_getItem($_TABLES['nexlistitems'], 'value', "id={$key}"));
$class = "class={$A[$classvalue]} ";
$classOptions[$key] = "{$label},{$class}";
}
return $classOptions;
} else {
return $options;
}
} else {
if ($selected != '' and count($options) > 1) {
return $options[$selected];
} else {
return current($options);
}
}
return $retval;
}
if (isset($_GET['tid'])) {
$lid = COM_applyFilter($_GET['tid'], true);
$tempFile = 1;
$status = ' status = 0';
}
if ($tempFile == 1 && !SEC_hasRights('filemgmt.edit')) {
exit;
}
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
$groupsql = filemgmt_buildAccessSql();
$sql = "SELECT COUNT(*) FROM {$_TABLES['filemgmt_filedetail']} a ";
$sql .= "LEFT JOIN {$_TABLES['filemgmt_cat']} b ON a.cid=b.cid ";
$sql .= "WHERE a.lid='" . DB_escapeString($lid) . "' {$groupsql}";
list($testaccess_cnt) = DB_fetchArray(DB_query($sql));
if ($testaccess_cnt == 0 or DB_count($_TABLES['filemgmt_filedetail'], "lid", DB_escapeString($lid)) == 0) {
COM_errorLOG("filemgmt visit.php ERROR: Invalid attempt to download a file. User:{$_USER['username']}, File ID:{$lid}");
echo COM_refresh($_CONF['site_url'] . '/filemgmt/index.php');
exit;
} else {
$result = DB_query("SELECT url,platform FROM {$_TABLES['filemgmt_filedetail']} WHERE lid='" . DB_escapeString($lid) . "' AND " . $status);
list($url, $tmpnames) = DB_fetchArray($result);
if ($tempFile == 1) {
$tmpfilenames = explode(";", $tmpnames);
$tempfilepath = $filemgmt_FileStore . 'tmp/' . $tmpfilenames[0];
} else {
DB_query("INSERT INTO {$_TABLES['filemgmt_history']} (uid, lid, remote_ip, date) VALUES ({$uid}, '" . DB_escapeString($lid) . "', '" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "', NOW())") or $eh->show("0013");
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET hits=hits+1 WHERE lid='" . DB_escapeString($lid) . "' AND status>0");
}
$allowed_protocols = array('http', 'https', 'ftp');
$found_it = false;
COM_accessLog("Visit.php => Download File:{$url}, User ID is:{$uid}");
function approve()
{
global $_TABLES, $_TABLES, $_CONF, $myts, $eh, $filemgmt_FileStore, $filemgmt_SnapStore, $filemgmt_Emailoption, $filemgmtFilePermissions;
$lid = (int) COM_applyFilter($_POST['lid'], true);
$title = $_POST['title'];
$cid = intval($_POST['cid']);
if (empty($cid)) {
$cid = 0;
}
$homepage = $_POST['homepage'];
$version = $_POST['version'];
$size = isset($_POST['size']) ? COM_applyFilter($_POST['size'], true) : 0;
$description = $_POST['description'];
if ($_POST['url'] || $_POST['url'] != '') {
$name = $myts->makeTboxData4Save($_POST['url']);
$url = rawurlencode($name);
}
if ($_POST['logourl'] || $_POST['logourl'] != '') {
$shotname = $myts->makeTboxData4Save($_POST['logourl']);
$logourl = $myts->makeTboxData4Save(rawurlencode($_POST['logourl']));
} else {
$logourl = '';
$shotname = '';
}
$result = DB_query("SELECT COUNT(*) FROM {$_TABLES['filemgmt_filedetail']} WHERE url='{$url}' and status=1");
list($numrows) = DB_fetchArray($result);
// Comment out this check if you want to allow duplicate filelistings for same file in the repository
// Check for duplicate files of the same filename (actual filename in repository)
if ($numrows > 0) {
$eh->show("1108");
}
$title = $myts->makeTboxData4Save($title);
$homepage = $myts->makeTboxData4Save($homepage);
$version = $myts->makeTboxData4Save($_POST['version']);
$size = $myts->makeTboxData4Save($size);
$description = $myts->makeTareaData4Save($description);
$commentoption = (int) COM_applyFilter($_POST["commentoption"], true);
// Move file from tmp directory under the document filestore to the main file directory
// Now to extract the temporary names for both the file and optional thumbnail. I've used th platform field which I'm not using now for anything.
$tmpnames = explode(";", DB_getItem($_TABLES['filemgmt_filedetail'], 'platform', "lid='{$lid}'"));
$tmpfilename = $tmpnames[0];
if (isset($tmpnames[1])) {
$tmpshotname = $tmpnames[1];
} else {
$tmpshotname = '';
}
$tmp = $filemgmt_FileStore . "tmp/" . $tmpfilename;
if (file_exists($tmp) && !is_dir($tmp)) {
// if this temporary file was really uploaded?
$newfile = $filemgmt_FileStore . $name;
COM_errorLOG("File move from " . $tmp . " to " . $newfile);
$rename = @rename($tmp, $newfile);
COM_errorLOG("Results of rename is: " . $rename);
$chown = @chmod($newfile, $filemgmtFilePermissions);
if (!file_exists($newfile)) {
COM_errorLOG("Filemgmt upload approve error: New file does not exist after move of tmp file: '" . $newfile . "'");
$AddNewFile = false;
// Set false again - in case it was set true above for actual file
$eh->show("1101");
} else {
$AddNewFile = true;
}
} else {
COM_errorLOG("Filemgmt upload approve error: Temporary file does not exist: '" . $tmp . "'");
$eh->show("1101");
}
if ($tmpshotname != "") {
$tmp = $filemgmt_SnapStore . "tmp/" . $tmpshotname;
if (file_exists($tmp) && !is_dir($tmp)) {
// if this temporary Thumbnail was really uploaded?
$newfile = $filemgmt_SnapStore . $shotname;
$rename = @rename($tmp, $newfile);
$chown = @chmod($newfile, $filemgmtFilePermissions);
if (!file_exists($newfile)) {
COM_errorLOG("Filemgmt upload approve error: New file does not exist after move of tmp file: '" . $newfile . "'");
$AddNewFile = false;
// Set false again - in case it was set true above for actual file
$eh->show("1101");
}
} else {
COM_errorLOG("Filemgmt upload approve error: Temporary file does not exist: '" . $tmp . "'");
$eh->show("1101");
}
}
if ($AddNewFile) {
DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', logourl='{$logourl}', status=1, date=" . time() . ", comments={$commentoption} where lid='{$lid}'");
DB_query("UPDATE {$_TABLES['filemgmt_filedesc']} SET description='{$description}' where lid='{$lid}'");
PLG_itemSaved($lid, 'filemgmt');
CACHE_remove_instance('whatsnew');
// Send a email to submitter notifying them that file was approved
if ($filemgmt_Emailoption) {
$result = DB_query("SELECT username, email FROM {$_TABLES['users']} a, {$_TABLES['filemgmt_filedetail']} b WHERE a.uid=b.submitter and b.lid='{$lid}'");
list($submitter_name, $emailaddress) = DB_fetchArray($result);
$mailtext = sprintf(_MD_HELLO, $submitter_name);
$mailtext .= ",\n\n" . _MD_WEAPPROVED . " " . $title . " \n" . _MD_THANKSSUBMIT . "\n\n";
$mailtext .= "{$_CONF["site_name"]}\n";
$mailtext .= "{$_CONF['site_url']}\n";
//COM_errorLOG("email: ".$emailaddress.", text: ".$mailtext);
$to = array();
$to = COM_formatEmailAddress($submitter_name, $emailaddress);
COM_mail($to, _MD_APPROVED, $mailtext);
}
}
CACHE_remove_instance('whatsnew');
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php?op=listNewDownloads", 2, _MD_NEWDLADDED);
exit;
}
/**
* nexform_showFormFields: Main function that generates the HTML for the fields
* Called from function nexform_showform()
*
* @param string $formid Required: form id to generate html for
* @param object $template Required: Passed by reference the template object being used
* @parm string $resultid Optional: Result Record ID if we need to show the posted results
* @param string $mode Optional: Valid values are 'view,edit','print'
* @param string $linked_formnum Optional: Used when multiple forms are linked
* Example: form 1 of 3, this function will be called 3 times, this parm will be 1 . 2 and then 3
* Used to not show multiple submit buttons but allow a subform to be called on it's own if need.
* $param boolean $dynamic Optional: Set to integer value to indicate dynamic form instance.
* @return mixed returns formatted HTML for all fields
*
**/
function nexform_showFormFields($formid, $form_action, &$template, $resultid = 0, $mode = 'view', $linked_formnum = 1, $dynamic = '')
{
global $_CONF, $_TABLES, $_STATES, $CONF_FE, $LANG_FEMSG;
$lines = 5;
$i = 1;
// Used to count the number of fields
$fields = 'id,formid,tfid,field_name,type,fieldorder,label,style,col_width,col_padding,label_padding,';
$fields .= 'is_vertical,is_newline,is_mandatory,is_searchfield,is_resultsfield,is_reverseorder,field_help,';
$fields .= 'field_attributes,field_values,value_by_function,validation,javascript,is_internaluse,hidelabel';
$fieldquery = DB_query("SELECT {$fields} FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}' ORDER BY fieldorder");
$prevnewline = false;
$is_lastfield = false;
$is_firstfield = true;
$cssid = 1;
$groupEditAccess = DB_getItem($_TABLES['nxform_definitions'], 'perms_edit', "id='{$formid}'");
if ($mode != 'print' and DB_getItem($_TABLES['nxform_definitions'], 'show_mandatory_note', "id='{$formid}'") == 1) {
$show_mandatory = true;
} else {
$show_mandatory = false;
}
/* Un-encode the fieldset definitions and display them as records if any exist */
$ofieldset = DB_getItem($_TABLES['nxform_definitions'], 'fieldsets', "id='{$formid}'");
if (trim($ofieldset != '')) {
$afieldsets = unserialize($ofieldset);
// Array of fieldset definitions
}
$fieldset_mode = false;
while (list($fieldID, $formID, $tfid, $field_name, $type, $fieldorder, $label, $style, $col_width, $col_padding, $label_padding, $is_vertical, $newline, $mandatory, $searchfield, $reportfield, $is_reverseorder, $field_help, $field_attributes, $field_value, $use_function, $validation, $javascript, $is_internaluse, $hidelabel) = DB_fetchArray($fieldquery)) {
if ($is_internaluse == 0 or $is_internaluse == 1 and SEC_inGroup($groupEditAccess)) {
$javascript = nexform_replaceFieldTags($formid, $dynamic, $javascript);
$label = stripslashes($label);
$field_attributes = stripslashes($field_attributes);
$nextfieldquery = DB_query("SELECT is_newline,type FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}' AND fieldorder > {$fieldorder} AND type NOT IN ('cancel','submit','hidden') ORDER BY fieldorder LIMIT 1");
if (DB_numRows($nextfieldquery) == 0) {
$is_lastfield = true;
}
list($nextfield_linetype, $nextfield_type) = DB_fetchArray($nextfieldquery);
//echo "<br>Field: $label, Order:$fieldorder => Current linetype:$newline and Next linetype:$nextfield_linetype";
//echo "<br>Fieldvalue: $field_value, ResultID:$resultid";
if ($newline and $nextfield_linetype or $parsedLastRecordline and $is_lastfield) {
$recStyle = 'recstyle1';
} else {
$recStyle = 'recstyle2';
}
$template->set_var("cssid", $cssid);
if ($is_firstfield) {
$parsedLastRecordline = true;
}
if (is_numeric($col_width)) {
$template->set_var('field_width', "width:{$col_width}%;");
} elseif (isset($CONF_FE['field_defaultspacing']) and $CONF_FE['fiel1_defaultspacing'] > 0) {
$template->set_var('field_width', "width:{{$CONF_FE['field_defaultspacing']}}%;");
} elseif ($type == 'textarea2') {
$template->set_var('field_width', 'width:99%;');
} else {
$template->set_var('field_width', '');
}
if (is_numeric($col_padding)) {
$template->set_var('cell_padding', $col_padding);
} else {
$template->set_var('cell_padding', $CONF_FE['field_defaultrightpadding']);
}
if (is_numeric($label_padding)) {
$template->set_var('label_padding', $label_padding);
} else {
$template->set_var('label_padding', $CONF_FE['field_defaultlabelpadding']);
}
if (trim($field_help) != '') {
$template->set_var('help_message', $field_help);
$template->parse('field_help', 'fieldhelp');
} else {
$template->set_var('field_help', '');
}
if ($is_lastfield or $is_firstfield and $nextfield_linetype) {
$parseRecord = 1;
$cssid = $cssid == 2 ? 1 : 2;
} elseif (!$newline and !$nextfield_linetype or $newline and !$nextfield_linetype) {
$parseRecord = 0;
} else {
$parseRecord = 1;
$cssid = $cssid == 2 ? 1 : 2;
}
// Check if this field is not part of a fieldset definition
if (!$fieldset_mode) {
//echo "<br>Field $tfid. Set fset template vars to blanks";
$template->set_var('fset_begin', '');
$template->set_var('fset_end', '');
}
if (is_array($afieldsets)) {
$lines += 1;
foreach ($afieldsets as $fset_id => $fieldset) {
$fset = explode('::', $afieldsets[$i]);
if ($mode != 'print') {
if ($tfid == $fieldset['begin']) {
$template->set_var('fset_label', $fieldset['label']);
$template->parse('fset_begin', 'fieldsetbegin');
$fieldset_mode = true;
}
if ($tfid == $fieldset['end']) {
$template->parse('fset_end', 'fieldsetend');
}
} else {
if ($tfid == $fieldset['begin']) {
$template->set_var('fset_label', $fieldset['label']);
$template->parse('fset_begin', 'printfieldsetbegin');
$fieldset_mode = true;
}
if ($tfid == $fieldset['end']) {
$template->parse('fset_end', 'printfieldsetend');
}
}
}
}
if ($is_vertical == 1) {
if ($recStyle == 'recstyle1') {
if ($is_reverseorder) {
$fieldStyle = 'fieldstyle2R';
} else {
$fieldStyle = 'fieldstyle2';
}
} else {
if ($is_reverseorder) {
$fieldStyle = 'fieldstyle3R';
} else {
$fieldStyle = 'fieldstyle3';
}
}
} else {
if ($is_reverseorder) {
$fieldStyle = 'fieldstyle1R';
} else {
$fieldStyle = 'fieldstyle1';
}
}
if ($type == 'mfile') {
//$fieldStyle = 'fieldstyle4';
if ($resultid == 0 or $mode == 'edit') {
$template->set_var('showfilectl', '');
} else {
$template->set_var('showfilectl', 'none');
}
} elseif ($type == 'mtxt') {
if ($is_vertical == 1) {
$fieldStyle = 'fieldstyle5R';
} else {
$fieldStyle = 'fieldstyle5';
}
if ($resultid == 0 or $mode == 'edit') {
$template->set_var('showfieldctl', '');
} else {
$template->set_var('showfieldctl', 'none');
}
}
//echo "<br>FormID: $formid, Field: $fieldID, Name:$field_name, Label: $label, Type:$type";
//echo "<br>value:$field_value, Next Fieldtype:$nextfield_type, parseRecord is: $parseRecord";
//echo "<br> Template ID:$tfid, Type:$type, fieldStyle:$fieldStyle, recStyle:$recStyle, ";
//echo " parseRecord is: $parseRecord, parsedLastRecord:$parsedLastRecordline, ReverseLabel:$is_reverseorder ";
//echo "<br> FieldID:$fieldID, FieldAttributes: $field_attributes,fieldset_mode:$fieldset_mode";
//echo "Labelclass:" . $CONF_FE['fieldstyles'][$style][1];
if ($type != 'hidden' and $type != 'heading') {
$template->set_var('hidelabel', '');
if ($mandatory) {
if (!$hidelabel) {
if ($show_mandatory) {
$template->set_var('label', "{$label}<span style=\"color:red;padding-left:5px;\">*</span>");
} else {
$template->set_var('label', "{$label}");
}
} else {
$template->set_var("label", '');
$template->set_var('hidelabel', 'none');
}
if ($type == 'radio' or $type == 'checkbox' or $type == 'multicheck') {
$validatetag = "required=\"1\" Realname=\"{$label}\"";
} elseif ($type == 'select') {
$validatetag = "required=\"1\" exclude=\"-1\" {$validation} minlength=\"1\" Realname=\"{$label}\"";
} elseif ($type == 'mfile') {
$validatetag = "required=\"1\" callback=\"validate_mfile_field\"";
} else {
$validatetag = "required=\"1\" {$validation} minlength=\"1\" Realname=\"{$label}\"";
}
} else {
$validatetag = '';
if (!$hidelabel) {
$template->set_var('label', "{$label}");
} else {
$template->set_var("label", '');
$template->set_var('hidelabel', 'none');
}
}
$fieldLableStyle = $CONF_FE['fieldstyles'][$style];
next($fieldLableStyle);
$template->set_var('labelclass', key($fieldLableStyle));
$field_attributes = str_replace(',', ' ', $field_attributes);
} else {
$template->set_var('labelclass', '');
$template->set_var('label', '');
}
if ($mode == 'print' and $CONF_FE['fieldstyles'][$style][1] == 'frm_label1') {
$template->set_var('cell_padding', '20');
}
if (DB_getItem($_TABLES['nxform_definitions'], 'post_method', "id='{$formid}'") == 'posturl') {
$customfieldmode = true;
} else {
$customfieldmode = false;
}
$field_html = '';
if ($type != 'hidden' and $resultid > 0) {
// Viewing detail of a previous posted form data - retrieve the field value
switch ($type) {
case 'textarea1':
case 'textarea2':
$field_value = DB_getItem($_TABLES['nxform_restext'], 'field_data', "result_id='{$resultid}' AND field_id='{$fieldID}'");
$field_value = stripslashes($field_value);
break;
case 'file':
// generate link to uploaded file
$field_value = DB_getItem($_TABLES['nxform_resdata'], 'field_data', "result_id='{$resultid}' AND field_id='{$fieldID}'");
$filename = explode(':', $field_value);
//echo "<br>fieldid:$fieldID, result id:$resultid, field_value:$field_value";
if (!empty($field_value)) {
$field_html = "<a href=\"{$CONF_FE['public_url']}/download.php?id={$fieldID}&rid={$resultid}\" target=\"_new\">{$filename[1]}</a>";
} else {
$field_html = 'N/A';
}
break;
case 'mfile':
// generate link to uploaded file
$mquery = DB_query("SELECT id,field_data FROM {$_TABLES['nxform_resdata']} WHERE result_id='{$resultid}' AND field_id='{$fieldID}'");
if ($CONF_FE['debug']) {
COM_errorLOG("Displaying form result:{$resultid} - field:{$fieldID}");
}
$usetable = false;
if (DB_numRows($mquery) > 0) {
if ($CONF_FE['debug']) {
COM_errorLog("Displaying form result:{$resultid} - found files");
}
$field_html = '<table border="0"><tr style="vertical-align:top;">';
$usetable = true;
$i = 0;
}
if (is_array($dynamic)) {
$inputfilename = "mfile_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$inputfilename = "{$field_name}";
} else {
$inputfilename = "mfile_frm{$formID}_{$fieldID}";
}
while (list($rec, $field_value) = DB_fetchArray($mquery)) {
$field_html .= '<td align="left">';
$filename = explode(':', $field_value);
if (!empty($field_value)) {
$field_html .= '<table border="0"><tr><td align="left"> ';
$field_html .= "<a href=\"{$CONF_FE['public_url']}/download.php?id={$rec}\" target=\"_new\">";
$field_html .= "<img src=\"{$CONF_FE['image_url']}/document_sm.gif\" border=\"0\">{$filename[1]}</a> ";
if ($mode == 'edit') {
$field_html .= "<a href=\"#\" onClick='ajaxDeleteFile({$fieldID},{$rec},\"{$inputfilename}\"); return false;'>";
$field_html .= "<img src=\"{$CONF_FE['image_url']}/delete.gif\" border=\"0\"></a> ";
}
$field_html .= "</td></tr></table>";
} else {
$field_html = 'N/A ';
}
$field_html .= '</td>';
$i++;
$field_html .= '</tr><tr style="vertical-align:top;">';
}
$mfile_count = $i;
if ($usetable) {
$field_html .= '</tr></table>';
}
break;
case 'submit':
case 'cancel':
break;
default:
// Check if custom field - if so then data is in text field table
if (array_key_exists($type, $CONF_FE['customfieldmap'])) {
$field_value = DB_getItem($_TABLES['nxform_restext'], 'field_data', "result_id='{$resultid}' AND field_id='{$fieldID}'");
} else {
$field_value = DB_getItem($_TABLES['nxform_resdata'], 'field_data', "result_id='{$resultid}' AND field_id='{$fieldID}'");
}
break;
}
// switch
}
/* Code to handle assigning a value to field by Function */
$function_datavalues = '';
$setresult = false;
if ($use_function) {
if ($resultid > 0) {
$fvalue = DB_getItem($_TABLES['nxform_fields'], "field_values", "id='{$fieldID}'");
// Check if autotag is being used for value
if (strpos($fvalue, '[' === FALSE)) {
$function = explode(':', $fvalue);
if (function_exists($function[0])) {
$function_datavalues = $function[0]($function[1], $fieldID);
}
} else {
// - Assume autotag is being used = if [ is in value like the autotag format
$function_datavalues = nexform_getAutotagValues($fvalue, $type, $field_value, $fieldID);
}
} else {
// Check if autotag is being used for value - assume so if [ is in value like the autotag format
if (strpos($field_value, '[') === FALSE) {
/* Not an autotag so assume a function has been defined with parms in ()
* Example: userprofile(name) // Show the user's name
* userprofile(location) // Show the user's location
* capitalreq(deptcodes) // Show a list of department billing codes
* Any number of parms can be in the definition - up to your function to sort out
*/
$function = explode('(', $field_value);
$function[1] = str_replace(')', '', $function[1]);
// Strip out trailing ) in the parms value
if (function_exists($function[0])) {
$function_datavalues = $function[0]($function[1], $fieldID);
}
} else {
// - Assume autotag is being used = if [ is in value like the autotag format
$function_datavalues = nexform_getAutotagValues($field_value, $type, '', $fieldID);
}
}
if (!is_array($function_datavalues)) {
$function_datavalues = stripslashes($function_datavalues);
}
}
$is_firstfield = false;
if ($mode == 'print') {
if (!is_array($dynamic)) {
$resultid = COM_applyFilter($_GET['result'], true);
}
//if not saved in database yet - show current values
if ($resultid == 0) {
switch ($type) {
case 'date1':
if ($_POST[$field_name] == '') {
$field_name = str_replace('da1_ftm', 'da1_frm', $field_name);
}
$field_value = $_POST[$field_name];
break;
case 'mtxt':
$field_value = implode('|', $_POST[$field_name]);
break;
case 'multicheck':
if (get_magic_quotes_gpc()) {
if (is_array($_POST[$field_name])) {
foreach ($_POST[$field_name] as $key => $value) {
$_POST[$field_name][$key] = stripslashes($_POST[$field_name][$key]);
}
}
}
break;
case 'file':
case 'mfile':
$tmpid = COM_applyFilter($_GET['rid'], true);
$resultid = $tmpid != 0 ? $tmpid : $resultid;
break;
default:
if (strpos($field_name, 'cust') !== false) {
foreach ($_POST as $var => $value) {
$parts = explode('_', $var);
$fieldtype = $parts[0];
$field_id = (int) $parts[2];
if (is_array($value) and $fieldtype == 'cust') {
$subfield = $parts[3];
foreach ($value as $subfield_value) {
$subfield_value = stripslashes($subfield_value);
$custom_fields[$field_id][$subfield][] = $subfield_value;
}
}
}
if (count($custom_fields) > 0) {
foreach ($custom_fields as $field_id => $value) {
$_POST[$field_name] = serialize($value);
}
}
} else {
$field_value = $_POST[$field_name];
}
break;
}
$field_value = stripslashes($field_value);
}
}
switch ($type) {
case 'hidden':
if (is_array($dynamic)) {
$fieldname = "hid_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "hid_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"hidden\" id=\"{$fieldname}\" name=\"{$fieldname}\" value=\"{$field_value}\" >";
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'date1':
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "da1_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "da1_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"text\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if ($resultid == 0 and $function_datavalues != '') {
$field_html .= "value=\"{$function_datavalues}\" ";
} else {
$field_html .= "value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['date1'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['date1']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
}
$field_html .= '>';
} else {
$field_html .= $field_value;
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'date2':
// Date Field with Popup DHTML Calendar
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "da2_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "da2_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"text\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if ($resultid == 0 and $function_datavalues != '') {
$field_html .= "value=\"{$function_datavalues}\" ";
} else {
$field_html .= "value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['date2'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['date2']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
$field_html .= '>';
} else {
$field_html .= "onMouseOver=\"setupCalendar('{$fieldname}', '%m/%d/%Y', false);\" >";
}
} else {
$field_html .= $field_value;
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'datetime':
// Date Field with Popup DHTML Calendar
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "time_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "time_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"text\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if ($resultid == 0 and $function_datavalues != '') {
$field_html .= "value=\"{$function_datavalues}\" ";
} else {
$field_html .= "value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['datetime'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['datetime']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
$field_html .= '>';
} else {
$field_html .= "onMouseOver=\"setupCalendar('{$fieldname}', '%m/%d/%Y %H:%M', true);\" >";
}
} else {
$field_html .= $field_value;
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'text':
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "txt_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "txt_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"text\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if ($function_datavalues != '') {
$function_datavalues = trim($function_datavalues);
$field_html .= "value=\"{$function_datavalues}\" ";
} else {
$field_html .= "value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['text'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['text']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
}
$field_html .= '>';
} else {
if ($function_datavalues != '' and $mode != 'print' and $resultid != 0) {
$field_value = $function_datavalues;
}
$field_html = $field_value;
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'mtxt':
$template->set_var('field_id', $fieldID);
// Extra variables for mtext field template
$template->set_var('sform_id', $formID);
$template->set_var('sfield_id', '0');
if (is_array($dynamic)) {
$fieldname = "mtxt_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}[]";
$mtxt_id = "mtxt_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
$template->set_var('field_id', $fieldID);
// Extra variables for mtext field template
$template->set_var('sform_id', $dynamic[0]);
$template->set_var('sfield_id', $dynamic[1]);
$template->set_var('mtxt_instance', $dynamic[2]);
} elseif ($customfieldmode and $field_name != '') {
$fieldname = "{$field_name}[]";
$mtxt_id = "{$field_name}";
} else {
$fieldname = "mtxt_frm{$formID}_{$fieldID}[]";
$mtxt_id = "mtxt_frm{$formID}_{$fieldID}";
}
// Need to create as many text fields as there are data elements in the varible text field value
$mtxt_values = explode('|', $field_value);
$field_html = '';
$i = 0;
$closetable = false;
foreach ($mtxt_values as $val) {
if ($i > 0) {
$field_html .= '<td width="120">';
}
$field_html .= "<input type=\"text\" id=\"{$mtxt_id}_{$i}\" name=\"{$fieldname}\" size=\"20\" ";
$field_html .= "value=\"{$val}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['mtxt'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['mtxt']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
}
$field_html .= '>';
if ($i > 0) {
$field_html .= '</td>';
}
if ($i % 4 == 3) {
$field_html .= '</tr><tr>';
$closetable = true;
}
$i++;
}
if ($closetable) {
$field_html .= '</tr>';
}
$template->set_var('mtxt_fieldname', $mtxt_id);
$template->set_var('mtxt_counter', $i);
$template->set_var('mtxt_counter_id', str_replace('_', '-', $mtxt_id));
$template->set_var('field_id', $fieldID);
// Extra variables for mtext field template
$template->set_var('form_id', $formID);
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'select':
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "sel_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "sel_frm{$formID}_{$fieldID}";
}
$field_html = "<select id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['select'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['select']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '>';
$field_html .= '<option value="-1">' . $LANG_FEMSG[1] . '</option>';
// Check if this field is using a function to generate the select options
// It could be a simple list or an array of options example [alist:xx]
if ($function_datavalues != '' and is_array($function_datavalues)) {
// Check and see if passed in array contains a key to indicate the selected item
if (array_key_exists('selected', $function_datavalues)) {
$field_value = $function_datavalues['selected'];
// Now remove this item from the array of results to use an select options
unset($function_datavalues['selected']);
$setresult = true;
} else {
$setresult = false;
}
// Jan 9/2006 (BL) Updated to now add the class=xxx for the dynamic select feature
$dynamicSelect = false;
// Cycle thru the array of values to set the dropdown options
foreach ($function_datavalues as $optval => $optitem) {
$optitem = explode(',', $optitem);
$field_html .= '<option value="' . $optval . '"';
if (isset($optitem[1])) {
$field_html .= ' ' . $optitem[1];
$dynamicSelect = true;
}
if (($resultid > 0 or $setresult) and $field_value == $optval) {
$field_html .= ' SELECTED ';
}
$field_html .= '>' . $optitem[0] . '</option>';
}
if ($dynamicSelect) {
$CONF_FE['dynamicSelect'] = true;
$template->parse('dynamic_select_function_calls', 'dselect_field', true);
}
} else {
// List of options separated by commas
if ($function_datavalues != '') {
$options = explode(',', $function_datavalues);
} else {
$default_value = DB_getItem($_TABLES['nxform_fields'], 'field_values', "id='{$fieldID}'");
$options = explode(',', $default_value);
}
foreach ($options as $option) {
if ($resultid > 0 and $field_value == $option) {
$field_html .= '<option value="' . $option . '" SELECTED>' . $option . '</option>';
} else {
$field_html .= '<option value="' . $option . '">' . $option . '</option>';
}
}
}
$field_html .= '</select>';
} elseif (trim($field_value) != '') {
if ($function_datavalues != '' and is_array($function_datavalues)) {
// Filter out class attribute in value if this is a dynamic select field
if (strpos($function_datavalues[$field_value], 'class=') > 0) {
$fieldDisplayValue = explode(',', $function_datavalues[$field_value]);
$field_html .= $fieldDisplayValue[0];
} else {
$field_html .= $function_datavalues[$field_value];
}
} else {
$field_html .= $field_value;
}
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'passwd':
if (is_array($dynamic)) {
$fieldname = "pwd_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "pwd_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"password\" id=\"{$fieldname}\" name=\"{$fieldname}\" value=\"{$field_value}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['passwd'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['passwd']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
}
$field_html .= '>';
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'file':
if ($resultid == 0) {
// Don't show hidden fields when viewing results
if (is_array($dynamic)) {
$fieldname = "file_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "file_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"file\" id=\"{$fieldname}\" name=\"{$fieldname}\" value=\"{$field_value}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['file'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['file']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript) . '>';
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'mfile':
if (is_array($dynamic)) {
$fieldname = "mfile_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}[]";
$file_id = "mfile_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = "{$field_name}[]";
$file_id = "{$field_name}";
} else {
$fieldname = "mfile_frm{$formID}_{$fieldID}[]";
$file_id = "mfile_frm{$formID}_{$fieldID}";
}
if ($resultid == 0) {
if ($function_datavalues != '') {
$field_html = $function_datavalues;
}
}
$file_input1 = "<input type=\"file\" name=\"";
$file_input2 = $fieldname;
$file_input3 = "\" id=\"{$file_id}\" value=\"{$field_value}\" ";
if (!empty($field_attributes)) {
$file_input3 .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['mfile'])) {
$file_input3 .= html_entity_decode(key($CONF_FE['defaultattributes']['mfile']));
}
$file_input3 .= " {$validatetag} ";
$file_input3 .= html_entity_decode($javascript) . '>';
$mfile_count = $mfile_count == '' ? 0 : $mfile_count;
$template->set_var('upload_field_name', str_replace('[]', '', $fieldname));
$template->set_var('file_input1', $file_input1);
$template->set_var('file_input2', $file_input2);
$template->set_var('file_input3', $file_input3);
$template->set_var('field_id', $fieldID);
$template->set_var('mfile_count', $mfile_count);
$template->set_var('mfile_count_name', str_replace('_', '-', $file_id));
$template->set_var('form_id', $formID);
$template->set_var('mfield_html', "{$field_html}");
if ($mode == 'print' or $mode == 'review') {
$template->set_var('show_addremove', 'none');
} else {
$template->set_var('show_addremove', '');
}
$template->parse('field', 'mfile_field');
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'checkbox':
if (is_array($dynamic)) {
$fieldname = "chk_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "chk_frm{$formID}_{$fieldID}";
}
//support pullform values
if ($function_datavalues != '') {
$field_value = $function_datavalues;
}
$default_value = DB_getItem($_TABLES['nxform_fields'], 'field_values', "id='{$fieldID}'");
if ($default_value == '') {
$default_value = 1;
}
$field_html = "<input type=\"checkbox\" id=\"{$fieldname}\" name=\"{$fieldname}\" value=\"1\"";
if ($field_value == '1' or $field_value == 'yes') {
$field_html .= ' CHECKED=CHECKED ';
}
$field_html .= " {$validatetag} ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['checkbox'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['checkbox']));
}
$field_html .= ' ' . html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '>';
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'multicheck':
if (is_array($dynamic)) {
$fieldname = "mchk_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}[]";
$mcheck_id = "mchk_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}_%s";
} elseif ($customfieldmode and $field_name != '') {
if (strpos('[]', $field_name) == 0) {
$fieldname = "{$field_name}[]";
$mcheck_id = "{$field_name}_%s";
} else {
$fieldname = $field_name;
$tmp_fieldname = str_replace('[]', '', $field_name);
$mcheck_id = "{$tmp_fieldname}_%s";
}
} else {
$fieldname = "mchk_frm{$formID}_{$fieldID}[]";
$mcheck_id = "mchk_frm{$formID}_{$fieldID}_%s";
}
$setresult = false;
if ($function_datavalues != '') {
if (is_array($function_datavalues)) {
// Tested with AIM [pullform] autotag functions
// Array of Options and selected Checkboxes
$setresult = true;
} else {
$default_values = explode(',', $function_datavalues);
}
} else {
$default_values = explode(',', DB_getItem($_TABLES['nxform_fields'], 'field_values', "id='{$fieldID}'"));
}
if ($resultid > 0) {
$result_values = explode(',', $field_value);
}
$field_html = '';
if ($setresult) {
$i = 0;
foreach ($function_datavalues as $chkoption => $seloption) {
$tmp_fieldname = sprintf($mcheck_id, $i);
$field_html .= "{$chkoption} <input type=\"checkbox\" id=\"{$tmp_fieldname}\" name=\"{$fieldname}\" value=\"{$chkoption}\" ";
if ($seloption == 1 or is_array($result_values) and in_array($chkoption, $result_values)) {
$field_html .= 'CHECKED=CHECKED ';
}
$field_html .= " {$validatetag} ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['multicheck'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['multicheck']));
}
$field_html .= ' ' . html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '> ';
$i++;
}
} else {
for ($a = 0; $a < count($default_values); $a++) {
$tmp_fieldname = sprintf($mcheck_id, $a);
$field_html .= "{$default_values[$a]} <input type=\"checkbox\" id=\"{$tmp_fieldname}\" name=\"{$fieldname}\" value=\"{$default_values[$a]}\" ";
if ($mode == 'print' and $resultid == 0) {
if ($seloption == 1 or is_array($_POST[$field_name]) and in_array($default_values[$a], $_POST[$field_name])) {
$field_html .= 'CHECKED=CHECKED ';
}
} else {
if ($resultid > 0 and in_array($default_values[$a], $result_values)) {
$field_html .= 'CHECKED=CHECKED ';
}
}
$field_html .= " {$validatetag} ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['multicheck'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['multicheck']));
}
$field_html .= ' ' . html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '> ';
}
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'radio':
if (is_array($dynamic)) {
$fieldname = "rad_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "rad_frm{$formID}_{$fieldID}";
}
if ($function_datavalues != '') {
if (is_array($function_datavalues)) {
// Tested with AIM [pullform] autotag functions
// Array of Options and selected Checkboxes
$setresult = true;
} else {
$default_values = explode(',', $function_datavalues);
}
} else {
$default_values = explode(',', DB_getItem($_TABLES['nxform_fields'], 'field_values', "id='{$fieldID}'"));
}
$field_html = '';
if ($setresult) {
$i = 0;
foreach ($function_datavalues as $chkoption => $seloption) {
$field_html .= "{$chkoption} <input type=\"radio\" id=\"{$fieldname}_{$i}\" name=\"{$fieldname}\" value=\"{$chkoption}\" ";
if ($seloption == 1 or is_array($result_values) and in_array($chkoption, $result_values)) {
$field_html .= 'CHECKED=CHECKED ';
}
$field_html .= " {$validatetag} ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['radio'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['radio']));
}
$field_html .= ' ' . html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '> ';
$i++;
}
} else {
for ($a = 0; $a < count($default_values); $a++) {
$dynValue = trim($default_values[$a]);
$dynValue = str_replace(array('<br>', ' '), array('', ''), $dynValue);
$field_html .= "<input type=\"radio\" id=\"{$fieldname}_{$a}\" name=\"{$fieldname}\" value=\"{$dynValue}\" ";
if ($resultid > 0 and $dynValue == trim($field_value)) {
$field_html .= ' CHECKED=CHECKED ';
}
$field_html .= " {$validatetag} ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['radio'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['radio']));
}
$field_html .= ' ' . html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' DISABLED';
}
$field_html .= '> ';
$field_html .= $default_values[$a];
}
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'textarea1':
if ($mode != 'print') {
if (is_array($dynamic)) {
$fieldname = "ta1_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "ta1_frm{$formID}_{$fieldID}";
}
$field_html = "<textarea id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['textarea1'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['textarea1']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript);
if ($mode == 'review') {
$field_html .= ' READONLY';
}
$field_html .= '>';
if ($function_datavalues != '') {
$field_html .= $function_datavalues . '</textarea>';
} else {
$field_html .= $field_value . '</textarea>';
}
} else {
$field_html = '<table style="border: solid #A5ACB2 1px;" bgcolor="#FFFFFF"><tr><td bgcolor="#FFFFFF" width=600 height=60 valign="top">';
$field_html .= $field_value;
$field_html .= '</td></tr></table>';
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'textarea2':
if ($mode != 'print' and $mode != 'review') {
if (is_array($dynamic)) {
$fieldname = "ta2_frm{$dynamic['0']}_{$dynamic['1']}_{$fieldID}_{$dynamic['2']}";
} elseif ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "ta2_frm{$formID}_{$fieldID}";
}
$field_html = "<textarea id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['textarea2'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['textarea2']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript) . '>';
if ($function_datavalues != '') {
$field_html .= $function_datavalues . '</textarea>';
} else {
$field_html .= $field_value . '</textarea>';
}
} elseif (trim($field_value) != '') {
$field_html = '<table style="border: solid #A5ACB2 1px;" bgcolor="#FFFFFF"><tr><td bgcolor="#FFFFFF" width=600 valign="top">';
$field_html .= $field_value;
$field_html .= '</td></tr></table>';
}
$template->set_var('field', "{$field_html}");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'captcha':
if ($resultid == 0 and DB_getItem($_TABLES['plugins'], 'pi_enabled', "pi_name='captcha'") == 1) {
// Don't show field when viewing results
$fieldname = "captcha";
// Assume only 1 CAPTCHA Field per form
$field_html = "<input type=\"text\" name=\"{$fieldname}\" ";
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} else {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['captcha']));
}
$field_html .= " {$validatetag} ";
$field_html .= html_entity_decode($javascript) . '>';
global $_CP_CONF;
$sessid = CAPTCHA_sid();
$time = time();
DB_save($_TABLES['cp_sessions'], "session_id,cptime,validation,counter", "'{$sessid}','{$time}','','0'");
$field_html .= '<input type="hidden" name="csid" value="' . $sessid . '">';
$captchaImage = '<img src="' . $_CONF['site_url'] . '/captcha/captcha.php?csid=' . $sessid . '&.' . $_CP_CONF['gfxFormat'] . '">';
$template->set_var('captcha_image', $captchaImage);
$template->set_var('verification_field', $field_html);
$template->parse('field', 'captchafield');
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
}
break;
case 'submit':
if ($mode != 'review' and $mode != 'print' and $linked_formnum == 1) {
if ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "sub_frm{$formID}_{$fieldID}";
}
$field_html = "<input type=\"submit\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
// Disable the enterkey
$field_html .= "onFocus=\"this.form.action=document.getElementById('submit_url').value; this.form.target='';\"";
if (empty($field_value) and !empty($label)) {
$field_html .= " value=\"{$label}\" ";
} else {
$field_html .= " value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['submit'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['submit']));
}
$field_html .= ' ' . html_entity_decode($javascript) . '>';
$template->set_var('submit_btn', "{$field_html}");
$template->parse('submit', 'submit_button', true);
}
break;
case 'cancel':
if ($mode != 'review' and $mode != 'print') {
if ($customfieldmode and $field_name != '') {
$fieldname = $field_name;
} else {
$fieldname = "btn_frm{$formID}_{$fieldID}";
}
if ($javascript == '') {
$javascript = 'onclick=\'javascript:history.go(-1)\'';
}
$field_html = "<input type=\"button\" id=\"{$fieldname}\" name=\"{$fieldname}\" ";
if (empty($field_value) and !empty($label)) {
$field_html .= " value=\"{$label}\" ";
} else {
$field_html .= " value=\"{$field_value}\" ";
}
if (!empty($field_attributes)) {
$field_html .= html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['cancel'])) {
$field_html .= html_entity_decode(key($CONF_FE['defaultattributes']['cancel']));
}
$field_html .= html_entity_decode($javascript) . '>';
$template->set_var('cancel', $field_html);
}
break;
case 'heading':
$heading = "<div";
if ($style > 0) {
$heading .= ' class="' . $CONF_FE['fieldstyles'][$style][1] . '"';
}
if (!empty($field_attributes)) {
$heading .= " " . html_entity_decode($field_attributes);
} elseif (!empty($CONF_FE['defaultattributes']['heading'])) {
$heading .= " " . html_entity_decode(key($CONF_FE['defaultattributes']['heading']));
}
$heading .= ">";
$heading_label = '';
$heading_label .= $field_value != '' ? $field_value : $label;
if ($heading_label == '') {
$heading_label = $function_datavalues;
}
$heading .= $heading_label;
$heading .= "</div>";
$template->set_var('label', "{$heading}");
$template->set_var('field', " ");
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
case 'dynamic':
if ($resultid == 0) {
$dynamicFormID = $field_value;
$template->set_var('field', nexform_dynamicFormHTML($formID, $fieldID, $dynamicFormID, $mode));
$instance = 1;
} else {
$dynamicFormResults = explode('|', $field_value);
// Determine which form is to be used - in form definition
$dynamicFormID = DB_getItem($_TABLES['nxform_fields'], 'field_values', "id='{$fieldID}'");
$instance = 0;
$resultCount = count($dynamicFormResults) - 1;
// Want to show the [add/remove] field after the last form instance
foreach ($dynamicFormResults as $dynamicResult) {
if ($instance == 0) {
$template->set_var('field', nexform_dynamicFormHTML($formID, $fieldID, $dynamicFormID, $mode, false, $instance, $dynamicResult));
} else {
$template->set_var('field', nexform_dynamicFormHTML($formID, $fieldID, $dynamicFormID, $mode, true, $instance, $dynamicResult), true);
}
$instance++;
}
}
$values = DB_getItem($_TABLES['nxform_fields'], 'field_values', "id={$fieldID}");
$v_arr = explode(',', $values);
$v2 = $v_arr[1];
if (($mode == 'edit' || $mode == 'view') && $v2 != 1) {
$tmp_template = new Template($_CONF['path_layout'] . 'nexform');
$tmp_template->set_file('dynamicform_end', 'dynamicform_end.thtml');
$tmp_template->set_var('form_id', $formID);
$tmp_template->set_var('dynamic_field_id', $fieldID);
$tmp_template->set_var('dynamicform_id', $dynamicFormID);
$tmp_template->set_var('last_id', $instance - 1);
$tmp_template->set_var('cell_padding', $template->get_var('cell_padding'));
$tmp_template->parse('output', 'dynamicform_end');
$dynamicform_end = $tmp_template->finish($tmp_template->get_var('output'));
$template->set_var('field', $dynamicform_end, true);
}
if (!$hidelabel) {
$template->set_var('label', "{$label}");
}
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
break;
default:
// Check for any custom field definition types using custom templates
if (array_key_exists($type, $CONF_FE['customfieldmap'])) {
$template->set_file('custom_field', 'custom/' . $CONF_FE['customfieldmap'][$type]['form']);
if ($mode == 'print') {
$printTemplateFiles = explode(',', $CONF_FE['customfieldmap'][$type]['print']);
if (count($printTemplateFiles) > 1) {
$template->set_file('custom_field', 'custom/' . $printTemplateFiles[0]);
$template->set_file('custom_field_rec', 'custom/' . $printTemplateFiles[1]);
} else {
$template->set_file('custom_field_rec', 'custom/' . $printTemplateFiles[0]);
}
} else {
$template->set_file('custom_field_rec', 'custom/' . $CONF_FE['customfieldmap'][$type]['record']);
}
$template->set_var('field_id', $fieldID);
$template->set_var('form_id', $formID);
if ($resultid > 0 or $mode == 'print') {
if ($mode == 'print' and $resultid == 0) {
$field_value = $_POST[$field_name];
}
$field_value = unserialize($field_value);
if ($mode == 'edit') {
$template->set_file('custom_js', 'custom/' . $CONF_FE['customfieldmap'][$type]['javascript']);
$template->parse('javascript_functions', 'custom_js');
} else {
$template->set_var('showcustomfieldctl', 'none');
}
$i = 0;
do {
$k = 1;
$template->set_var('row', $i);
if (is_array($field_value)) {
$printCustomRec = false;
foreach ($field_value as $custom_value) {
if ($mode == 'print') {
$custom_value[$i] = nl2br($custom_value[$i]);
}
$template->set_var("cust_value{$k}", $custom_value[$i]);
$k++;
}
}
if ($printCustomRec and $i == 0) {
$template->parse('custom_record', 'custom_field_rec');
} elseif ($printCustomRec) {
$template->parse('custom_record', 'custom_field_rec', true);
}
$i++;
} while (isset($custom_value[$i]));
} elseif ($function_datavalues != '') {
/* Form wants to use a function to format this field */
$template->set_file('custom_js', 'custom/' . $CONF_FE['customfieldmap'][$type]['javascript']);
$template->parse('javascript_functions', 'custom_js');
$template->set_var('custom_record', $function_datavalues);
} else {
$template->set_file("custom_field{$fieldID}", 'custom/' . $CONF_FE['customfieldmap'][$type]['form']);
$template->set_file("custom_field_rec{$fieldID}", 'custom/' . $CONF_FE['customfieldmap'][$type]['record']);
$template->set_file("custom_js{$fieldID}", 'custom/' . $CONF_FE['customfieldmap'][$type]['javascript']);
$template->parse('javascript_functions', "custom_js{$fieldID}", true);
$template->parse('custom_record', "custom_field_rec{$fieldID}");
}
$template->parse('field', "custom_field{$fieldID}");
if (!$hidelabel) {
$template->set_var('label', "{$label}");
}
if ($parsedLastRecordline) {
$template->parse('fields', $fieldStyle);
} else {
$template->parse('fields', $fieldStyle, true);
}
if ($parseRecord) {
$template->parse('form_records', $recStyle, true);
$parsedLastRecordline = true;
} else {
$parsedLastRecordline = false;
}
}
break;
}
// switch
$template->set_var('validatetag', $validatetag);
$i++;
if ($parsedLastRecordline) {
$fieldset_mode = false;
}
}
// Check for internal_use fields
}
// while
// Flush the last field form records if the template has not been parsed
if (!$parsedLastRecordline) {
$template->parse('form_records', $recStyle, true);
}
}
