function plugin_form_process() { extract(tep_load('defs', 'database', 'validator', 'message_stack')); $cStrings =& $this->strings; // self-check if (!tep_check_submit($this->form_box)) { return false; } $this->newsletter_subscribe(); return true; $email = isset($_POST['email']) ? $db->prepare_input($_POST['email']) : ''; if (empty($email)) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL); return true; } // Get the validated parameters only $params = $cValidator->convert_to_get(); if (isset($_POST['remove'])) { $check_query = $db->query("select customers_id, customers_email from " . TABLE_CUSTOMERS . " where newsletter is not null and customers_email = '" . $db->input($email) . "'"); if (!$db->num_rows($check_query)) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL); return true; } $check_array = $db->fetch_array($check_query); $sql_data_array = array('newsletter' => 'null'); $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id='" . (int) $check_array['customers_id'] . "'"); $msg->add_session(sprintf($cStrings->SUCCESS_PLUGIN_EMAIL_REMOVED, $check_array['customers_email']), 'success'); } else { $check_query = $db->query("select customers_id, newsletter from " . TABLE_CUSTOMERS . " where customers_email = '" . $db->input($email) . "'"); if (!$db->num_rows($check_query)) { if (!tep_validate_email($email)) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL); return true; } $sql_data_array = array('customers_name' => $email, 'customers_email' => $email, 'newsletter' => serialize(array())); $msg->add_session($cStrings->SUCCESS_PLUGIN_EMAIL_SUBSCRIBED); $db->perform(TABLE_CUSTOMERS, $sql_data_array); } else { $check_array = $db->fetch_array($check_query); if (!empty($check_array['newsletter'])) { $msg->add($cStrings->ERROR_PLUGIN_EXISTING_EMAIL); return true; } $sql_data_array = array('newsletter' => serialize(array())); $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id='" . (int) $check_array['customers_id'] . "'"); } } tep_redirect(tep_href_link($cDefs->script, $params)); }
function plugin_form_process() { extract(tep_load('defs', 'http_validator', 'database', 'validator', 'message_stack')); $cStrings =& $this->strings; // self-check if (!tep_check_submit($this->form_box)) { return false; } $result_array = $cValidator->post_validate(array('rating' => array('max' => $this->options['box_steps'], 'min' => 1, 'type' => 'range'))); // Get the validated parameters only $params = $cValidator->convert_to_get(); $type_id = 0; if ($cDefs->gtext_id && $this->options['text_pages']) { $type_id = 1; $id = $cDefs->gtext_id; } elseif ($cDefs->abstract_id) { $result = $this->check_collection(); if ($result !== false) { $type_id = 2; $id = $cDefs->abstract_id; } } if (!$type_id) { $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_PAGE); tep_redirect(tep_href_link($cDefs->script, $params)); } if (!isset($_POST['rating']) || $_POST['rating'] > $this->options['box_steps']) { $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_RATING); tep_redirect(tep_href_link($cDefs->script, $params)); } if ($this->check_reentry($id, $type_id)) { $msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_SUBMITTED); tep_redirect(tep_href_link($cDefs->script, $params)); } $sql_data_array = array('votes_id' => (int) $id, 'votes_type' => (int) $type_id, 'ip_address' => $db->prepare_input($http->ip_string), 'rating' => (int) $_POST['rating'], 'resolution' => (int) $this->options['box_steps'], 'date_added' => 'now()'); $db->perform(TABLE_VOTES, $sql_data_array); $msg->add_session($cStrings->SUCCESS_PLUGIN_VOTE_ACCEPTED, 'success'); tep_redirect(tep_href_link($cDefs->script, $params)); return false; }
function plugin_form_process() { extract(tep_load('defs', 'database', 'sessions')); $down_id = isset($_GET['down_id']) ? (int) $_GET['down_id'] : 0; if (empty($down_id)) { return false; } if (!tep_check_submit($this->form_name . '_' . $down_id)) { return false; } $check_query = $db->query("select filename from " . TABLE_DOWNLOAD . " where auto_id = '" . (int) $down_id . "' and status_id='1'"); if (!$db->num_rows($check_query)) { return false; } $check_array = $db->fetch_array($check_query); $filename = $check_array['filename']; if (!empty($filename) && is_file($filename)) { header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . $filename); readfile($filename); } $cSessions->close(); return true; }
function plugin_form_process() { extract(tep_load('defs', 'http_validator', 'database', 'sessions', 'validator', 'message_stack')); if (empty($this->entry_result)) { return false; } $cStrings =& $this->strings; $this->storage =& $cSessions->register($this->key, $this->storage); $buttons_array = array(); if ($this->options['anti_bot']) { $buttons_array = $this->storage['css_buttons']; unset($buttons_array['visible_button']); $buttons_array = array_values($buttons_array); } // anti-bot verification check if (!$this->storage['process'] || !tep_check_submit($this->storage['visible_button'], $buttons_array)) { return false; } if ($this->options['display_rating']) { $min_rating = 1; } else { $_POST['rating'] = 0; $min_rating = 0; } $result_array = $cValidator->post_validate(array('email' => array('max' => 100, 'min' => 7), 'rating' => array('max' => $this->options['rating_steps'], 'min' => $min_rating, 'type' => 'range'), 'name' => array('max' => 64, 'min' => 3), 'comment' => array('max' => 10000, 'min' => 6), 'url' => array('max' => 250, 'min' => 0))); // Get the validated parameters only $params = $cValidator->convert_to_get(); $idx_array = $this->get_content_indices(); if (empty($idx_array)) { $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_PAGE); tep_redirect(tep_href_link($cDefs->script, $params)); } $error = false; if (!empty($result_array['rating'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_RATING); $error = true; } if (!empty($result_array['name'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_NAME); $error = true; } if (!empty($result_array['comment'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_COMMENT); $error = true; } if (!empty($result_array['url'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_URL); $error = true; } if (!empty($result_array['email'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL); $error = true; } if ($error) { return true; } $error = false; $body = $db->prepare_input($_POST['comment'], false); $body_key = md5($body); if ($this->check_reentry($body_key)) { $msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_SUBMITTED); tep_redirect(tep_href_link($cDefs->script, $params)); } if (!tep_validate_email($_POST['email'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL); $error = true; } $url = $db->prepare_input($_POST['url']); if (!tep_validate_url($url)) { if (!empty($_POST['url'])) { $msg->add($cStrings->ERROR_PLUGIN_INVALID_URL); $error = true; } $url = ''; } if (!empty($url) && substr($url, 0, 7) != 'http://') { $url = 'http://' . $url; } if ($error) { return true; } $body = $db->prepare_input($_POST['comment'], false); $sql_data_array = array('comments_id' => (int) $idx_array['id'], 'content_type' => (int) $idx_array['type_id'], 'comments_author' => $db->prepare_input($_POST['name']), 'comments_email' => $db->prepare_input($_POST['email']), 'comments_url' => $url, 'comments_body' => $body, 'comments_key' => $body_key, 'ip_address' => $db->prepare_input($http->ip_string), 'comments_rating' => (int) $_POST['rating'], 'resolution' => (int) $this->options['rating_steps'], 'date_added' => 'now()', 'status_id' => (int) $this->options['auto_display']); $db->perform(TABLE_COMMENTS, $sql_data_array); $msg->add_session($cStrings->SUCCESS_PLUGIN_COMMENT_ACCEPTED, 'success'); $cSessions->unregister($this->key); tep_redirect(tep_href_link($cDefs->script, $params)); return false; }