/** * Update settings and write them to the database * * @global object $objDatabase * @global object $objTemplate * @global array $_ARRAYLANG */ function updateSettings() { global $objDatabase, $objTemplate, $_ARRAYLANG, $_CONFIG; if (!isset($_POST['frmSettings_Submit'])) { return; } \Cx\Core\Setting\Controller\Setting::init('Config', 'cache', 'Yaml'); \Cx\Core\Setting\Controller\Setting::set('cacheEnabled', $_POST['cachingStatus']); \Cx\Core\Setting\Controller\Setting::set('cacheExpiration', intval($_POST['cachingExpiration'])); \Cx\Core\Setting\Controller\Setting::set('cacheUserCache', contrexx_input2db($_POST['usercache'])); \Cx\Core\Setting\Controller\Setting::set('cacheOPCache', contrexx_input2db($_POST['opcache'])); \Cx\Core\Setting\Controller\Setting::set('cacheOpStatus', contrexx_input2db($_POST['cacheOpStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheOpStatus', contrexx_input2db($_POST['cacheOpStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheDbStatus', contrexx_input2db($_POST['cacheDbStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheVarnishStatus', contrexx_input2db($_POST['cacheVarnishStatus'])); if (!empty($_POST['memcacheSettingIp']) || !empty($_POST['memcacheSettingPort'])) { $settings = json_encode(array('ip' => !empty($_POST['memcacheSettingIp']) ? contrexx_input2raw($_POST['memcacheSettingIp']) : '127.0.0.1', 'port' => !empty($_POST['memcacheSettingPort']) ? intval($_POST['memcacheSettingPort']) : '11211')); \Cx\Core\Setting\Controller\Setting::set('cacheUserCacheMemcacheConfig', $settings); } if (!empty($_POST['varnishCachingIp']) || !empty($_POST['varnishCachingPort'])) { $settings = json_encode(array('ip' => !empty($_POST['varnishCachingIp']) ? contrexx_input2raw($_POST['varnishCachingIp']) : '127.0.0.1', 'port' => !empty($_POST['varnishCachingPort']) ? intval($_POST['varnishCachingPort']) : '8080')); \Cx\Core\Setting\Controller\Setting::set('cacheProxyCacheVarnishConfig', $settings); } \Cx\Core\Setting\Controller\Setting::updateAll(); $this->arrSettings = $this->getSettings(); $this->initUserCaching(); // reinit user caches (especially memcache) $this->initOPCaching(); // reinit opcaches $this->getActivatedCacheEngines(); $this->clearCache($this->getOpCacheEngine()); if (!count($this->objSettings->strErrMessage)) { $objTemplate->SetVariable('CONTENT_OK_MESSAGE', $_ARRAYLANG['TXT_SETTINGS_UPDATED']); } else { $objTemplate->SetVariable('CONTENT_STATUS_MESSAGE', implode("<br />\n", $this->objSettings->strErrMessage)); } }
/** * Get safe BBCode * * @param string $bbcode the unsafe BBCode * @param bool $html return as html code * @return string */ public static function prepareBBCodeForDb($bbcode, $html = false) { $bbcode = strip_tags($bbcode); if ($html) { $bbcode = self::prepareBBCodeForOutput($bbcode); } return contrexx_input2db($bbcode); }
function auth($user = '', $pass = '') { if ($this->isAuth) { return true; } if (empty($user)) { if (!empty($_SESSION['contrexx_update']['username']) && !empty($_SESSION['contrexx_update']['password'])) { $user = $_SESSION['contrexx_update']['username']; $pass = $_SESSION['contrexx_update']['password']; } else { return false; } } // check if usernames are in use $whereField = "`username`"; try { include_once UPDATE_LIB . '/FRAMEWORK/Validator.class.php'; $arrTables = $this->objDatabase->MetaTables('TABLES'); if (in_array(DBPREFIX . 'access_settings', $arrTables)) { $objUseUsernameSetting = $this->objDatabase->SelectLimit("SELECT `status` FROM `" . DBPREFIX . "access_settings` WHERE `key` = 'use_usernames'", 1, -1); if ($objUseUsernameSetting !== false && $objUseUsernameSetting->RecordCount() > 0 && !$objUseUsernameSetting->fields['status'] || \Update\FWValidator::isEmail(contrexx_input2db($user))) { $whereField = "`email`"; } } } catch (Exception $e) { } $objAuth = $this->objDatabase->SelectLimit("SELECT `id`, `email` FROM `" . DBPREFIX . "access_users` WHERE " . $whereField . " = '" . contrexx_input2db($user) . "' AND `password` = '" . contrexx_input2db($pass) . "' AND `is_admin` = 1 AND `active` = 1", 1, -1); if ($objAuth !== false && $objAuth->RecordCount() == 1) { global $sessionObj; $newSystemMail = '*****@*****.**'; if ($user == 'system' && preg_match('/@(comvation|contrexx)\\.com$/', $objAuth->fields['email']) && $objAuth->fields['email'] != $newSystemMail) { // cloudrexx is updating the system user // update the email address to system@comvation.com $this->objDatabase->Execute("UPDATE `" . DBPREFIX . "access_users` SET `email` = ? WHERE `id` = ?", array($newSystemMail, $objAuth->fields['id'])); } $this->isAuth = true; // update the session, otherwise the user is not logged in at the end and // and the update from version 3.x cannot update the license correct // see: update.php - License->update(); $sessionObj->cmsSessionUserUpdate($objAuth->fields['id']); return $objAuth->fields['id']; } return false; }
/** * Shows the image settings page * * @access public * * @param $arrData * * @throws \Exception * @return boolean true on success, false otherwise */ public function image($arrData) { \JS::registerCSS(substr(ASCMS_CORE_MODULE_FOLDER . '/MediaBrowser/View/Style/mediabrowser.css', 1)); global $objDatabase, $objTemplate, $_ARRAYLANG; $this->strPageTitle = $_ARRAYLANG['TXT_SETTINGS_IMAGE']; $objTemplate->addBlockfile('ADMIN_CONTENT', 'settings_image', 'settings_image.html'); \ContrexxJavascript::getInstance()->setVariable(array('publicTempPath' => Cx::instanciate()->getWebsitePublicTempWebPath()), 'config/image'); // Saves the settings if (isset($arrData['submit'])) { $arrSettings['image_cut_width'] = contrexx_input2db(intval($arrData['image_cut_width'])); $arrSettings['image_cut_height'] = contrexx_input2db(intval($arrData['image_cut_height'])); //$arrSettings['image_scale_width'] = contrexx_input2db(intval($arrData['image_scale_width'])); //$arrSettings['image_scale_height'] = contrexx_input2db(intval($arrData['image_scale_height'])); $arrSettings['image_compression'] = contrexx_input2db(intval($arrData['image_compression'])); foreach ($arrSettings as $name => $value) { $query = ' UPDATE `' . DBPREFIX . 'settings_image` SET `value` = "' . $value . '" WHERE `name` = "' . $name . '" '; $objResult = $objDatabase->Execute($query); if ($objResult === false) { throw new \Exception('Could not update the settings'); } } $this->strOkMessage = $_ARRAYLANG['TXT_SETTINGS_UPDATED']; } /** * @var $cx \Cx\Core\Core\Controller\Cx */ $cx = \Env::get('cx'); $pdo = $cx->getDb()->getPdoConnection(); $sth = $pdo->query('SELECT id, name, size FROM `' . DBPREFIX . 'settings_thumbnail`'); $thumbnails = $sth->fetchAll(); $newThumbnailTemplate = new \Cx\Core\Html\Sigma($cx->getCodeBasePath()); $newThumbnailTemplate->loadTemplateFile($cx->getCodeBaseCorePath() . '/Config/View/Template/Backend/settings_image_edit.html'); $newThumbnailTemplate->removeUnknownVariables = false; $newThumbnailTemplate->setVariable(array('TXT_IMAGE_TITLE' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_TITLE'], 'TXT_IMAGE_CSRF' => \Cx\Core\Csrf\Controller\Csrf::param(), 'TXT_IMAGE_THUMBNAILS_DELETE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_DELETE'], 'TXT_IMAGE_CUT_WIDTH' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_CUT_WIDTH'], 'TXT_IMAGE_CUT_HEIGHT' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_CUT_HEIGHT'], 'TXT_IMAGE_THUMBNAILS' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS'], 'TXT_IMAGE_COMPRESSION' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_COMPRESSION'], 'TXT_SAVE' => $_ARRAYLANG['TXT_SAVE'], 'TXT_IMAGE_THUMBNAILS_ID' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_ID'], 'TXT_IMAGE_THUMBNAILS_NAME' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_NAME'], 'TXT_IMAGE_THUMBNAILS_SIZE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_SIZE'], 'TXT_SETTINGS_FUNCTIONS' => $_ARRAYLANG['TXT_SETTINGS_FUNCTIONS'], 'TXT_IMAGE_THUMBNAILS_RELOAD' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_RELOAD'], 'TXT_IMAGE_THUMBNAILS_NEW' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_NEW'], 'TXT_IMAGE_THUMBNAILS_MAX_SIZE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_MAX_SIZE'], 'SETTINGS_IMAGE_CUT_WIDTH' => !empty($arrSettings['image_cut_width']) ? $arrSettings['image_cut_width'] : 0, 'SETTINGS_IMAGE_CUT_HEIGHT' => !empty($arrSettings['image_cut_height']) ? $arrSettings['image_cut_height'] : 0)); $objTemplate->setVariable('CONFIG_THUMBNAIL_NEW_TEMPLATE', implode(' ', explode("\n", str_replace("'", "\"", $newThumbnailTemplate->get())))); foreach ($thumbnails as $thumbnail) { $objTemplate->setVariable(array('IMAGE_THUMBNAIL_ID' => $thumbnail['id'], 'IMAGE_THUMBNAIL_NAME' => $thumbnail['name'], 'IMAGE_THUMBNAIL_SIZE' => $thumbnail['size'], 'TXT_IMAGE_THUMBNAILS_MAXIMUM' => sprintf($_ARRAYLANG['TXT_IMAGE_THUMBNAILS_MAXIMUM'], $thumbnail['size'] . 'px'))); $objTemplate->parse('settings_image_thumbnails_list'); } // Gets the settings $query = ' SELECT `name`, `value` FROM `' . DBPREFIX . 'settings_image` '; $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $arrSettings = array(); while (!$objResult->EOF) { // Creates the settings array $arrSettings[$objResult->fields['name']] = $objResult->fields['value']; $objResult->MoveNext(); } } else { throw new \Exception('Could not query the settings.'); } // Defines the compression values $arrCompressionOptions = array(); for ($i = 1; $i <= 20; $i++) { $arrCompressionOptions[] = $i * 5; } // Parses the compression options $imageCompression = !empty($arrSettings['image_compression']) ? intval($arrSettings['image_compression']) : 95; foreach ($arrCompressionOptions as $compression) { $objTemplate->setVariable(array('IMAGE_COMPRESSION_VALUE' => $compression, 'IMAGE_COMPRESSION_NAME' => $compression, 'OPTION_SELECTED' => $compression == $imageCompression ? 'selected="selected"' : '')); $objTemplate->parse('settings_image_compression_options'); } // Parses the settings $objTemplate->setVariable(array('TXT_IMAGE_TITLE' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_TITLE'], 'TXT_IMAGE_CSRF' => \Cx\Core\Csrf\Controller\Csrf::param(), 'TXT_IMAGE_THUMBNAILS_DELETE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_DELETE'], 'TXT_IMAGE_CUT_WIDTH' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_CUT_WIDTH'], 'TXT_IMAGE_CUT_HEIGHT' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_CUT_HEIGHT'], 'TXT_IMAGE_THUMBNAILS' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS'], 'TXT_IMAGE_COMPRESSION' => $_ARRAYLANG['TXT_SETTINGS_IMAGE_COMPRESSION'], 'TXT_SAVE' => $_ARRAYLANG['TXT_SAVE'], 'TXT_IMAGE_THUMBNAILS_ID' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_ID'], 'TXT_IMAGE_THUMBNAILS_NAME' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_NAME'], 'TXT_IMAGE_THUMBNAILS_SIZE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_SIZE'], 'TXT_SETTINGS_FUNCTIONS' => $_ARRAYLANG['TXT_SETTINGS_FUNCTIONS'], 'TXT_IMAGE_THUMBNAILS_RELOAD' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_RELOAD'], 'TXT_IMAGE_THUMBNAILS_NEW' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_NEW'], 'TXT_IMAGE_THUMBNAILS_MAX_SIZE' => $_ARRAYLANG['TXT_IMAGE_THUMBNAILS_MAX_SIZE'], 'SETTINGS_IMAGE_CUT_WIDTH' => !empty($arrSettings['image_cut_width']) ? $arrSettings['image_cut_width'] : 0, 'SETTINGS_IMAGE_CUT_HEIGHT' => !empty($arrSettings['image_cut_height']) ? $arrSettings['image_cut_height'] : 0)); $objTemplate->parse('settings_image'); \Cx\Core\Csrf\Controller\Csrf::add_placeholder($objTemplate); return true; }
function _editUser() { global $objDatabase, $_ARRAYLANG, $_CORELANG; $activeFrontendlang = \FWLanguage::getActiveFrontendLanguages(); $copy = isset($_REQUEST['copy']) && $_REQUEST['copy'] == 1; $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $recipientEmail = ''; $recipientUri = ''; $recipientSex = ''; $recipientSalutation = 0; $recipientTitle = ''; $recipientPosition = ''; $recipientIndustrySector = ''; $recipientPhoneMobile = ''; $recipientPhonePrivate = ''; $recipientFax = ''; $recipientNotes = ''; $recipientLastname = ''; $recipientFirstname = ''; $recipientCompany = ''; $recipientAddress = ''; $recipientZip = ''; $recipientCity = ''; $recipientCountry = ''; $recipientPhoneOffice = ''; $recipientBirthday = ''; $recipientLanguage = count($activeFrontendlang) == 1 ? key($activeFrontendlang) : ''; $recipientStatus = isset($_POST['newsletter_recipient_status']) ? 1 : (empty($_POST) ? 1 : 0); $arrAssociatedLists = array(); $recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0; $recipientSendMailDisplay = false; if (isset($_POST['newsletter_recipient_email'])) { $recipientEmail = $_POST['newsletter_recipient_email']; } if (isset($_POST['newsletter_recipient_uri'])) { $recipientUri = $_POST['newsletter_recipient_uri']; } if (isset($_POST['newsletter_recipient_sex'])) { $recipientSex = in_array($_POST['newsletter_recipient_sex'], array('f', 'm')) ? $_POST['newsletter_recipient_sex'] : ''; } if (isset($_POST['newsletter_recipient_salutation'])) { // TODO: use FWUSER $arrRecipientSalutation = $this->_getRecipientTitles(); $recipientSalutation = in_array($_POST['newsletter_recipient_salutation'], array_keys($arrRecipientSalutation)) ? intval($_POST['newsletter_recipient_salutation']) : 0; } if (isset($_POST['newsletter_recipient_lastname'])) { $recipientLastname = $_POST['newsletter_recipient_lastname']; } if (isset($_POST['newsletter_recipient_firstname'])) { $recipientFirstname = $_POST['newsletter_recipient_firstname']; } if (isset($_POST['newsletter_recipient_company'])) { $recipientCompany = $_POST['newsletter_recipient_company']; } if (isset($_POST['newsletter_recipient_address'])) { $recipientAddress = $_POST['newsletter_recipient_address']; } if (isset($_POST['newsletter_recipient_zip'])) { $recipientZip = $_POST['newsletter_recipient_zip']; } if (isset($_POST['newsletter_recipient_city'])) { $recipientCity = $_POST['newsletter_recipient_city']; } if (isset($_POST['newsletter_country_id'])) { $recipientCountry = $_POST['newsletter_country_id']; } if (isset($_POST['newsletter_recipient_phone_office'])) { $recipientPhoneOffice = $_POST['newsletter_recipient_phone_office']; } if (isset($_POST['newsletter_recipient_notes'])) { $recipientNotes = $_POST['newsletter_recipient_notes']; } if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) { $recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']); } if (isset($_POST['newsletter_recipient_title'])) { $recipientTitle = $_POST['newsletter_recipient_title']; } if (isset($_POST['newsletter_recipient_position'])) { $recipientPosition = $_POST['newsletter_recipient_position']; } if (isset($_POST['newsletter_recipient_industry_sector'])) { $recipientIndustrySector = $_POST['newsletter_recipient_industry_sector']; } if (isset($_POST['newsletter_recipient_phone_mobile'])) { $recipientPhoneMobile = $_POST['newsletter_recipient_phone_mobile']; } if (isset($_POST['newsletter_recipient_phone_private'])) { $recipientPhonePrivate = $_POST['newsletter_recipient_phone_private']; } if (isset($_POST['newsletter_recipient_fax'])) { $recipientFax = $_POST['newsletter_recipient_fax']; } if (isset($_POST['language'])) { $recipientLanguage = $_POST['language']; } if (isset($_POST['newsletter_recipient_associated_list'])) { foreach ($_POST['newsletter_recipient_associated_list'] as $listId => $status) { if (intval($status) == 1) { array_push($arrAssociatedLists, intval($listId)); } } } // Get interface settings $objInterface = $objDatabase->Execute('SELECT `setvalue` FROM `' . DBPREFIX . 'module_newsletter_settings` WHERE `setname` = "recipient_attribute_status"'); $recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true); if (isset($_POST['newsletter_recipient_save'])) { $objValidator = new \FWValidator(); if ($objValidator->isEmail($recipientEmail)) { if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) { if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId, $copy)) { //reset the $recipientId on copy function $recipientId = $copy ? 0 : $recipientId; if ($recipientId > 0) { if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) { self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_UPDATED_SUCCESSFULLY']; return $this->_userList(); } else { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_UPDATE_RECIPIENT']; } } else { if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) { if (!empty($recipientSendEmailId)) { $objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1); $recipientId = $objRecipient->fields['id']; $this->insertTmpEmail($recipientSendEmailId, $recipientEmail, self::USER_TYPE_NEWSLETTER); // setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere. if ($this->SendEmail($recipientId, $recipientSendEmailId, $recipientEmail, 1, self::USER_TYPE_NEWSLETTER) == false) { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR']; } else { $objRecipientCount = $objDatabase->execute('SELECT subject FROM ' . DBPREFIX . 'module_newsletter WHERE id=' . intval($recipientSendEmailId)); $newsTitle = $objRecipientCount->fields['subject']; // TODO: Unused // $objUpdateCount = $objDatabase->execute(' UPDATE ' . DBPREFIX . 'module_newsletter SET recipient_count = recipient_count+1 WHERE id=' . intval($recipientSendEmailId)); self::$strOkMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MAIL_SEND_SUCCESSFULLY'] . '<br />', '<strong>' . $newsTitle . '</strong>'); } } self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_SAVED_SUCCESSFULLY']; return $this->_userList(); } else { // fall back to old recipient id, if any error occurs on copy $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_SAVE_RECIPIENT']; } } } elseif (empty($recipientId)) { $objRecipient = $objDatabase->SelectLimit("SELECT id, language, status, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1); $recipientId = $objRecipient->fields['id']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $recipientNotes : $recipientNotes; $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND id!=" . ($copy ? 0 : $recipientId), 1); self::$strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS'], '<a href="index.php?cmd=Newsletter&act=users&tpl=edit&id=' . $objResult->fields['id'] . '" target="_blank">' . $_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS_CLICK_HERE'] . '</a>'); } } else { self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']; } } else { self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_INVALIDE_EMAIL_ADDRESS']; } } elseif ($recipientId > 0) { $objRecipient = $objDatabase->SelectLimit("SELECT email, uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1); if ($objRecipient !== false && $objRecipient->RecordCount() == 1) { $recipientEmail = $objRecipient->fields['email']; $recipientUri = $objRecipient->fields['uri']; $recipientSex = $objRecipient->fields['sex']; $recipientSalutation = $objRecipient->fields['salutation']; $recipientTitle = $objRecipient->fields['title']; $recipientLastname = $objRecipient->fields['lastname']; $recipientFirstname = $objRecipient->fields['firstname']; $recipientPosition = $objRecipient->fields['position']; $recipientCompany = $objRecipient->fields['company']; $recipientIndustrySector = $objRecipient->fields['industry_sector']; $recipientAddress = $objRecipient->fields['address']; $recipientZip = $objRecipient->fields['zip']; $recipientCity = $objRecipient->fields['city']; $recipientCountry = $objRecipient->fields['country_id']; $recipientPhoneOffice = $objRecipient->fields['phone_office']; $recipientPhonePrivate = $objRecipient->fields['phone_private']; $recipientPhoneMobile = $objRecipient->fields['phone_mobile']; $recipientFax = $objRecipient->fields['fax']; $recipientBirthday = $objRecipient->fields['birthday']; $recipientLanguage = $objRecipient->fields['language']; $recipientStatus = $objRecipient->fields['status']; $recipientNotes = $objRecipient->fields['notes']; $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"checked"' : '')); $this->_objTpl->parse('newsletter_mail_associated_list_' . $column); $listNr++; } if (count($activeFrontendlang) > 1) { foreach ($activeFrontendlang as $lang) { $selected = $lang['id'] == $recipientLanguage ? 'selected="selected"' : ''; $this->_objTpl->setVariable(array('NEWSLETTER_LANGUAGE_ID' => contrexx_raw2xhtml($lang['id']), 'NEWSLETTER_LANGUAGE_NAME' => contrexx_raw2xhtml($lang['name']), 'NEWSLETTER_LANGUAGES_SELECTED' => $selected)); $this->_objTpl->parse('languages'); } $languageOptionDisplay = true; } else { $this->_objTpl->hideBlock('languageOption'); } if (empty($recipientId) || $copy) { $objNewsletterMails = $objDatabase->Execute('SELECT id, subject FROM ' . DBPREFIX . 'module_newsletter ORDER BY status, id DESC'); while (!$objNewsletterMails->EOF) { $selected = $recipientSendEmailId == $objNewsletterMails->fields['id'] ? 'selected="selected"' : ''; $this->_objTpl->setVariable(array('NEWSLETTER_EMAIL_ID' => contrexx_raw2xhtml($objNewsletterMails->fields['id']), 'NEWSLETTER_EMAIL_NAME' => contrexx_raw2xhtml($objNewsletterMails->fields['subject']), 'NEWSLETTER_EMAIL_SELECTED' => $selected)); $this->_objTpl->parse('allMails'); $objNewsletterMails->MoveNext(); } $recipientSendMailDisplay = true; } else { $this->_objTpl->hideBlock('sendEmail'); } // Display settings recipient general attributes $sendMailRowClass = $languageOptionDisplay ? 'row2' : 'row1'; if ($languageOptionDisplay && $recipientSendMailDisplay) { $associatedListRowClass = 'row1'; } elseif ($languageOptionDisplay || $recipientSendMailDisplay) { $associatedListRowClass = 'row2'; } else { $associatedListRowClass = 'row1'; } $recipientNotesRowClass = $associatedListRowClass == 'row1' ? 'row2' : 'row1'; $this->_objTpl->setVariable(array('NEWSLETTER_SEND_EMAIL_ROWCLASS' => $sendMailRowClass, 'NEWSLETTER_ASSOCIATED_LISTS_ROWCLASS' => $associatedListRowClass, 'NEWSLETTER_NOTES_ROWCLASS' => $recipientNotesRowClass)); //display settings recipient profile detials $recipientAttributeDisplay = false; foreach ($recipientAttributeStatus as $value) { if ($value['active']) { $recipientAttributeDisplay = true; break; } } $profileRowCount = 0; $recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website'); if ($recipientAttributeDisplay) { foreach ($recipientAttributesArray as $attribute) { if ($recipientAttributeStatus[$attribute]['active'] && $this->_objTpl->blockExists($attribute)) { $this->_objTpl->touchBlock($attribute); $this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_ROW_CLASS' => $profileRowCount % 2 == 0 ? 'row2' : 'row1', 'NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : '')); $profileRowCount++; } else { $this->_objTpl->hideBlock($attribute); } } } else { $this->_objTpl->hideBlock('recipientProfileAttributes'); } $filterParams = (!empty($_GET['newsletterListId']) ? '&newsletterListId=' . contrexx_input2raw($_GET['newsletterListId']) : '') . (!empty($_GET['filterkeyword']) ? '&filterkeyword=' . contrexx_input2raw($_GET['filterkeyword']) : '') . (!empty($_GET['filterattribute']) ? '&filterattribute=' . contrexx_input2raw($_GET['filterattribute']) : '') . (!empty($_GET['filterStatus']) ? '&filterStatus=' . contrexx_input2raw($_GET['filterStatus']) : ''); $this->_objTpl->setVariable(array('NEWSLETTER_RECIPIENT_ID' => $recipientId, 'NEWSLETTER_RECIPIENT_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'TXT_NEWSLETTER_STATUS' => $_ARRAYLANG['TXT_NEWSLETTER_STATUS'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'TXT_NEWSLETTER_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_ASSOCIATED_LISTS'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_PROFILE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'NEWSLETTER_RECIPIENT_STATUS' => $recipientStatus == '1' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_URI' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FEMALE' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_MALE' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="newsletter_recipient_salutation" style="width:296px" size="1"'), 'NEWSLETTER_RECIPIENT_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_RECIPIENT_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_BIRTHDAY' => htmlentities($recipientBirthday, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COPY' => $copy ? 1 : 0, 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_CANCEL' => $_CORELANG['TXT_CANCEL'], 'TXT_NEWSLETTER_DO_NOT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_DO_NOT_SEND_EMAIL'], 'TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR'], 'NEWSLETTER_FILTER_PARAMS' => $filterParams)); $this->_objTpl->parse('module_newsletter_user_edit'); return true; }
/** * Update settings and write them to the database * * @global object $objDatabase * @global object $objTemplate * @global array $_ARRAYLANG */ function updateSettings() { global $objDatabase, $objTemplate, $_ARRAYLANG, $_CONFIG; if (!isset($_POST['frmSettings_Submit'])) { return; } \Cx\Core\Setting\Controller\Setting::init('Config', 'cache', 'Yaml'); \Cx\Core\Setting\Controller\Setting::set('cacheEnabled', $_POST['cachingStatus']); \Cx\Core\Setting\Controller\Setting::set('cacheExpiration', intval($_POST['cachingExpiration'])); \Cx\Core\Setting\Controller\Setting::set('cacheUserCache', contrexx_input2db($_POST['usercache'])); \Cx\Core\Setting\Controller\Setting::set('cacheOPCache', contrexx_input2db($_POST['opcache'])); \Cx\Core\Setting\Controller\Setting::set('cacheOpStatus', contrexx_input2db($_POST['cacheOpStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheOpStatus', contrexx_input2db($_POST['cacheOpStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheDbStatus', contrexx_input2db($_POST['cacheDbStatus'])); \Cx\Core\Setting\Controller\Setting::set('cacheReverseProxy', contrexx_input2db($_POST['cacheReverseProxy'])); \Cx\Core\Setting\Controller\Setting::set('internalSsiCache', contrexx_input2db($_POST['internalSsiCache'])); $oldSsiValue = $_CONFIG['cacheSsiOutput']; \Cx\Core\Setting\Controller\Setting::set('cacheSsiOutput', contrexx_input2db($_POST['cacheSsiOutput'])); \Cx\Core\Setting\Controller\Setting::set('cacheSsiType', contrexx_input2db($_POST['cacheSsiType'])); foreach (array('cacheUserCacheMemcacheConfig' => array('key' => 'memcacheSetting', 'defaultPort' => 11211), 'cacheProxyCacheConfig' => array('key' => 'reverseProxy', 'defaultPort' => 8080), 'cacheSsiProcessorConfig' => array('key' => 'ssiProcessor', 'defaultPort' => 8080)) as $settingName => $settings) { $hostnamePortSetting = $settings['key']; if (!empty($_POST[$hostnamePortSetting . 'Ip']) || !empty($_POST[$hostnamePortSetting . 'Port'])) { $settings = json_encode(array('ip' => !empty($_POST[$hostnamePortSetting . 'Ip']) ? contrexx_input2raw($_POST[$hostnamePortSetting . 'Ip']) : '127.0.0.1', 'port' => !empty($_POST[$hostnamePortSetting . 'Port']) ? intval($_POST[$hostnamePortSetting . 'Port']) : $defaultPort)); \Cx\Core\Setting\Controller\Setting::set($settingName, $settings); } } \Cx\Core\Setting\Controller\Setting::updateAll(); $this->arrSettings = $this->getSettings(); $this->initUserCaching(); // reinit user caches (especially memcache) $this->initOPCaching(); // reinit opcaches $this->getActivatedCacheEngines(); $this->clearCache($this->getOpCacheEngine()); if ($oldSsiValue != contrexx_input2db($_POST['cacheSsiOutput'])) { $this->_deleteAllFiles('cxPages'); } if (!count($this->objSettings->strErrMessage)) { $objTemplate->SetVariable('CONTENT_OK_MESSAGE', $_ARRAYLANG['TXT_SETTINGS_UPDATED']); } else { $objTemplate->SetVariable('CONTENT_STATUS_MESSAGE', implode("<br />\n", $this->objSettings->strErrMessage)); } }
/** * Save the registration * * @param array $data posted data from the form * * @return boolean true if the registration saved, false otherwise */ function save($data) { global $objDatabase, $objInit, $_LANGID; /* foreach ($this->form->inputfields as $key => $arrInputfield) { if($arrInputfield['type'] == 'selectBillingAddress') { $affiliationStatus = $data['registrationField'][$arrInputfield['id']]; } } */ foreach ($this->form->inputfields as $key => $arrInputfield) { /* if($affiliationStatus == 'sameAsContact') { if($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']]) && $arrInputfield['affiliation'] != 'billing') { return false; } if($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail' && $arrInputfield['affiliation'] != 'billing') { $objValidator = new FWValidator(); if(!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) { return false; } } } else { */ if ($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']])) { return false; } if ($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail') { $objValidator = new \FWValidator(); if (!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) { return false; } } /* } */ } $regId = intval($data['regid']); $eventId = intval($data['id']); $formId = intval($data['form']); $eventDate = intval($data['date']); $userId = intval($data['userid']); $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId); if ($objEvent->seriesStatus && $objEvent->independentSeries) { $eventDate = isset($data['registrationEventDate']) ? contrexx_input2int($data['registrationEventDate']) : $eventDate; $endDate = new \DateTime(); $endDate->modify('+10 years'); $eventManager = new CalendarEventManager(null, $endDate); $eventManager->getEvent($objEvent, $eventDate, true); $objEvent = $eventManager->eventList[0]; if (empty($objEvent)) { return false; } } $query = ' SELECT `id` FROM `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field` WHERE `form` = ' . $formId . ' AND `type` = "seating" LIMIT 1 '; $objResult = $objDatabase->Execute($query); $numSeating = intval($data['registrationField'][$objResult->fields['id']]); $type = empty($regId) && intval($objEvent->getFreePlaces() - $numSeating) < 0 ? 2 : (isset($data['registrationType']) ? intval($data['registrationType']) : 1); $this->saveIn = intval($type); $paymentMethod = intval($data['paymentMethod']); $paid = intval($data['paid']); $hostName = 0; $ipAddress = 0; $key = $this->generateKey(); if ($regId == 0) { $submissionDate = $this->getDbDateTimeFromIntern($this->getInternDateTimeFromUser()); $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration SET `event_id` = ' . $eventId . ', `submission_date` = "' . $submissionDate->format('Y-m-d H:i:s') . '", `date` = ' . $eventDate . ', `host_name` = "' . $hostName . '", `ip_address` = "' . $ipAddress . '", `type` = ' . $type . ', `key` = "' . $key . '", `user_id` = ' . $userId . ', `lang_id` = ' . $_LANGID . ', `export` = 0, `payment_method` = ' . $paymentMethod . ', `paid` = ' . $paid . ' '; $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $this->id = $objDatabase->Insert_ID(); } else { return false; } } else { $query = 'UPDATE `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration` SET `event_id` = ' . $eventId . ', `date` = ' . $eventDate . ', `host_name` = ' . $hostName . ', `ip_address` = ' . $ipAddress . ', `key` = "' . $key . '", `user_id` = ' . $userId . ', `type` = ' . $type . ', `lang_id` = ' . $_LANGID . ', `payment_method` = ' . $paymentMethod . ', `paid` = ' . $paid . ' WHERE `id` = ' . $regId; $objResult = $objDatabase->Execute($query); if ($objResult === false) { return false; } } if ($regId != 0) { $this->id = $regId; $deleteQuery = 'DELETE FROM ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value WHERE `reg_id` = ' . $this->id; $objDeleteResult = $objDatabase->Execute($deleteQuery); if ($objDeleteResult === false) { return false; } } foreach ($this->form->inputfields as $key => $arrInputfield) { $value = $data['registrationField'][$arrInputfield['id']]; $id = $arrInputfield['id']; if (is_array($value)) { $subvalue = array(); foreach ($value as $key => $element) { if (!empty($data['registrationFieldAdditional'][$id][$element - 1])) { $subvalue[] = $element . '[[' . $data['registrationFieldAdditional'][$id][$element - 1] . ']]'; } else { $subvalue[] = $element; } } $value = join(",", $subvalue); } else { if (isset($data['registrationFieldAdditional'][$id][$value - 1])) { $value = $value . "[[" . $data['registrationFieldAdditional'][$id][$value - 1] . "]]"; } } $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value (`reg_id`, `field_id`, `value`) VALUES (' . $this->id . ', ' . $id . ', "' . contrexx_input2db($value) . '")'; $objResult = $objDatabase->Execute($query); if ($objResult === false) { return false; } } if ($objInit->mode == 'frontend') { $objMailManager = new \Cx\Modules\Calendar\Controller\CalendarMailManager(); $templateId = $objEvent->emailTemplate[FRONTEND_LANG_ID]; $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_CONFIRM_REG, $this->id, $templateId); $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_ALERT_REG, $this->id); } return true; }
/** * store the email address * * @global array $_ARRAYLANG * @access public * @author Adrian Berger <*****@*****.**> * @return void */ function storeEMail() { global $objDatabase; $objDatabase->Execute("INSERT INTO `" . DBPREFIX . "module_crm_customer_contact_emails`\n SET `email` = '" . contrexx_input2db($this->email) . "',\n `email_type` = 1, `is_primary` = '1', contact_id = {$this->id}"); }
/** * Save the data into crm * * @global array $_ARRAYLANG * * @return Save the data into crm */ function saveCsvData() { global $objDatabase, $_ARRAYLANG, $_LANGID; $json = array(); $csvSeprator = isset($_POST['csv_delimiter']) && in_array($_POST['csv_delimiter'], array_keys($this->_delimiter)) ? $this->_delimiter[$_POST['csv_delimiter']]['value'] : $this->_delimiter[0]['value']; $csvDelimiter = isset($_POST['csv_enclosure']) && in_array($_POST['csv_enclosure'], array_keys($this->_enclosure)) ? $this->_enclosure[$_POST['csv_enclosure']]['value'] : $this->_enclosure[0]['value']; $csvIgnoreFirst = isset($_POST['ignore_first']) && (int) $_POST['ignore_first']; $duplicate = isset($_POST['on_duplicate']) ? (int) $_POST['on_duplicate'] : 2; $fileName = isset($_POST['fileUri']) ? $_POST['fileUri'] : ''; $objFWUser = \FWUser::getFWUserObject(); $_SESSION[$fileName] = array(); foreach ($_POST['crm_contact_option_base'] as $colId => $value) { if (!empty($value)) { ${$value} = $colId; } } if (isset($firstname) || isset($lastname) || isset($company)) { $this->contact = new \Cx\Modules\Crm\Model\Entity\CrmContact(); $objCsv = new CrmCsv($this->_mediaPath . '/' . $fileName, $csvSeprator, $csvDelimiter); $line = $objCsv->NextLine(); $first = true; $totalLines = 0; $importedLines = 0; $skipedLines = 0; while ($line) { session_start(); $_SESSION[$fileName]['totalRows'] = $totalLines; if (!$first || !$csvIgnoreFirst) { $this->contact->clean(); $this->contact->contactType = !empty($line[$firstname]) || !empty($line[$lastname]) ? 2 : (!empty($line[$company]) ? 1 : 0); if (!empty($this->contact->contactType)) { $this->contact->datasource = 3; $this->contact->family_name = $this->contact->contactType == 2 ? isset($line[$lastname]) ? contrexx_input2raw($line[$lastname]) : '' : ''; $this->contact->contact_role = $this->contact->contactType == 2 ? isset($line[$role]) ? contrexx_input2raw($line[$role]) : '' : ''; $this->contact->contact_language = $this->contact->contactType == 2 ? isset($line[$language]) ? $this->getLanguageIdByName($line[$language]) : $_LANGID : ''; $this->contact->contact_customer = $this->contact->contactType == 2 ? isset($line[$company]) ? $this->getCustomerIdByName($line[$company]) : 0 : 0; $this->contact->contact_gender = $this->contact->contactType == 2 ? isset($line[$gender]) ? (int) ($line[$gender] == 'Female') ? '1' : ($line[$gender] == 'Male' ? '2' : 0) : 0 : 0; $this->contact->customerName = $this->contact->contactType == 2 ? isset($line[$firstname]) ? contrexx_input2raw($line[$firstname]) : '' : (isset($line[$company]) ? contrexx_input2raw($line[$company]) : ''); $this->contact->customerId = isset($line[$customerId]) ? contrexx_input2raw($line[$customerId]) : ''; $this->contact->customerType = isset($line[$customertype]) ? $this->getCustomerTypeIdByName($line[$customertype]) : 0; $this->contact->addedUser = $objFWUser->objUser->getId(); $this->contact->currency = isset($line[$currency]) ? $this->getCurrencyIdByName($line[$currency]) : 0; $this->contact->notes = isset($line[$description]) ? contrexx_input2raw($line[$description]) : ''; $this->contact->industryType = isset($line[$industrytype]) ? $this->getIndustryTypeIdByName($line[$industrytype]) : 0; // unset customer type, customerId the contact have customer if ($this->contact->contactType == 2 && $this->contact->contact_customer != 0) { $this->contact->customerType = 0; $this->contact->currency = 0; $this->contact->customerId = ''; } if (in_array($duplicate, array(0, 1))) { $emails = array(); foreach ($this->emailOptions as $key => $emailValue) { if (isset(${"customer_email_{$key}"})) { if (!empty($line[${"customer_email_{$key}"}]) && filter_var($line[${"customer_email_{$key}"}], FILTER_VALIDATE_EMAIL)) { $emails[] = $line[${"customer_email_{$key}"}]; } } } $existingUser = $this->checkContactExists($this->contact->customerName, $this->contact->family_name, $emails, $this->contact->contactType); } $skip = false; switch ($duplicate) { case 0: if (empty($existingUser)) { $this->contact->save(); } else { $skip = true; } break; case 1: if (!empty($existingUser)) { $this->contact->id = $existingUser; } case 2: $this->contact->save(); break; } if (!$skip) { $importedLines++; $_SESSION[$fileName]['importedRows'] = $importedLines; //insert customer groups if (isset($customerGroups) && !empty($line[$customerGroups])) { $groupIds = array(); $groupNames = explode(', ', $line[$customerGroups]); $query = 'SELECT `membership`.`id` FROM `' . DBPREFIX . 'module_' . $this->moduleNameLC . '_memberships` AS membership LEFT JOIN `' . DBPREFIX . 'module_' . $this->moduleNameLC . '_membership_local` AS memberLoc ON `membership`.`id` = `memberLoc`.`entry_id` WHERE `memberLoc`.`value` IN ("' . implode('" , "', contrexx_input2db($groupNames)) . '") '; $objResult = $objDatabase->Execute($query); if ($objResult && $objResult->RecordCount() > 0) { while (!$objResult->EOF) { $groupIds[] = $objResult->fields['id']; $objResult->MoveNext(); } } if ($groupIds) { $this->updateCustomerMemberships($groupIds, $this->contact->id); } } // insert Emails $first = true; foreach ($this->emailOptions as $key => $emailValue) { if (isset(${"customer_email_{$key}"})) { if (!empty($line[${"customer_email_{$key}"}]) && filter_var($line[${"customer_email_{$key}"}], FILTER_VALIDATE_EMAIL)) { $tableName = "module_{$this->moduleNameLC}_customer_contact_emails"; $fields = array('email' => contrexx_input2db($line[${"customer_email_{$key}"}]), 'email_type' => $key, 'is_primary' => $first ? '1' : '0', 'contact_id' => $this->contact->id); $first = false; $values = array('email_type', $key, $this->contact->id); $this->checkRecordStoreTODB($tableName, $values, $fields); } } } // insert Phone $first = true; foreach ($this->phoneOptions as $key => $phoneValue) { if (isset(${"customer_phone_{$key}"})) { if (!empty($line[${"customer_phone_{$key}"}])) { $tableName = "module_{$this->moduleNameLC}_customer_contact_phone"; $fields = array('phone' => contrexx_input2db($line[${"customer_phone_{$key}"}]), 'phone_type' => $key, 'is_primary' => $first ? '1' : '0', 'contact_id' => $this->contact->id); $first = false; $values = array('phone_type', $key, $this->contact->id); $this->checkRecordStoreTODB($tableName, $values, $fields); } } } // insert Website $first = true; $custWeb = array('3', '4', '5'); $conWeb = array('0', '1', '2'); foreach ($this->websiteProfileOptions as $websiteKey => $webValues) { $proceed = $this->contact->contactType == 2 && in_array($websiteKey, $conWeb) ? true : ($this->contact->contactType != 2 && in_array($websiteKey, $custWeb) ? true : false); if (!empty($line[${"customer_website_{$websiteKey}"}]) && $proceed) { $tableName = "module_{$this->moduleNameLC}_customer_contact_websites"; $fields = array('url' => contrexx_input2raw($line[${"customer_website_{$websiteKey}"}]), 'url_profile' => $websiteKey, 'is_primary' => $first ? '1' : '0', 'contact_id' => $this->contact->id); $first = false; $values = array('url_profile', $websiteKey, $this->contact->id); $this->checkRecordStoreTODB($tableName, $values, $fields); } } // insert Social Network $first = true; foreach ($this->socialProfileOptions as $websiteKey => $webValues) { if (!empty($line[${"customer_social_{$websiteKey}"}])) { $tableName = "module_{$this->moduleNameLC}_customer_contact_social_network"; $fields = array('url' => contrexx_input2raw($line[${"customer_social_{$websiteKey}"}]), 'url_profile' => $websiteKey, 'is_primary' => $first ? '1' : '0', 'contact_id' => $this->contact->id); $first = false; $values = array('url_profile', $websiteKey, $this->contact->id); $this->checkRecordStoreTODB($tableName, $values, $fields); } } // insert address $first = true; foreach ($this->addressTypes as $addTypeKey => $addTypeValue) { $fields = array(); $insert = false; foreach ($this->addressValues as $addressKey => $addressValue) { if (!empty($line[${"customer_address_{$addTypeKey}" . "_{$addressKey}"}])) { if (!empty($addressValue) && $addressValue != 'type') { $insert = true; $fields[$addressValue['label']] = contrexx_input2raw($line[${"customer_address_{$addTypeKey}" . "_{$addressKey}"}]); } } } if ($insert) { $tableName = "module_{$this->moduleNameLC}_customer_contact_address"; $fields['Address_Type'] = $addTypeKey; $fields['is_primary'] = $first ? '1' : '0'; $fields['contact_id'] = $this->contact->id; $first = false; $values = array('Address_Type', $addTypeKey, $this->contact->id); $this->checkRecordStoreTODB($tableName, $values, $fields); } } } else { $skipedLines++; $_SESSION[$fileName]['skippedRows'] = $skipedLines; } } } $totalLines++; $first = false; $line = $objCsv->NextLine(); session_write_close(); echo ' '; } if (!$line) { echo $json['success'] = 'Record Imported Successfully.'; } } else { echo $json['error'] = $_ARRAYLANG['TXT_CRM_CHOOSE_NAME_ERROR']; } exit; }
function showLogs() { global $objDatabase, $_ARRAYLANG, $_CONFIG, $objTemplate; $objTemplate->addBlockfile('ADMIN_CONTENT', 'log', 'log.html'); $objTemplate->setVariable(array('TXT_SYSTEM_LOGS' => $_ARRAYLANG['TXT_SYSTEM_LOGS'], 'TXT_CONFIRM_DELETE_DATA' => $_ARRAYLANG['TXT_CONFIRM_DELETE_DATA'], 'TXT_ACTION_IS_IRREVERSIBLE' => $_ARRAYLANG['TXT_ACTION_IS_IRREVERSIBLE'], 'TXT_HOSTNAME' => $_ARRAYLANG['TXT_HOSTNAME'], 'TXT_IP_ADDRESS' => $_ARRAYLANG['TXT_IP_ADDRESS'], 'TXT_USER_NAME' => $_ARRAYLANG['TXT_USERNAME'], 'TXT_LOGTIME' => $_ARRAYLANG['TXT_LOGTIME'], 'TXT_USERAGENT' => $_ARRAYLANG['TXT_USERAGENT'], 'TXT_BROWSERLANGUAGE' => $_ARRAYLANG['TXT_BROWSERLANGUAGE'], 'TXT_ACTION' => $_ARRAYLANG['TXT_ACTION'], 'TXT_SEARCH' => $_ARRAYLANG['TXT_SEARCH'])); $objFWUser = \FWUser::getFWUserObject(); $user = isset($_GET['user']) ? intval($_GET['user']) : 0; $term = isset($_POST['term']) ? contrexx_input2db($_POST['term']) : ''; $objTemplate->setVariable('LOG_SEARCHTERM', $term); $q_search = ''; if (!empty($term)) { $q_search = "WHERE log.id LIKE '%{$term}%'\n OR log.userid LIKE '%{$term}%'\n OR log.useragent LIKE '%{$term}%'\n OR log.userlanguage LIKE '%{$term}%'\n OR log.remote_addr LIKE '%{$term}%'\n OR log.remote_host LIKE '%{$term}%'\n OR log.http_via LIKE '%{$term}%'\n OR log.http_client_ip LIKE '%{$term}%'\n OR log.http_x_forwarded_for LIKE '%{$term}%'\n OR log.referer LIKE '%{$term}%'"; if ($objUser = $objFWUser->objUser->getUsers(array('username' => "%{$term}%"))) { while (!$objUser->EOF) { $q_search .= ' OR log.userid=' . $objUser->getId(); $objUser->next(); } } } else { if (!empty($user)) { $q_search = 'WHERE log.userid = ' . $user; } } $q = "SELECT log.id AS id,\n log.userid AS userid,\n log.datetime AS datetime,\n log.useragent AS useragent,\n log.userlanguage AS userlanguage,\n log.remote_addr AS remote_addr,\n log.remote_host AS remote_host,\n log.http_via AS http_via,\n log.http_client_ip AS http_client_ip,\n log.http_x_forwarded_for AS http_x_forwarded_for,\n log.referer AS referer\n FROM " . DBPREFIX . "log AS log\n {$q_search} \n ORDER BY log.id DESC\n "; $objResult = $objDatabase->Execute($q); if ($objResult === false) { $this->errorHandling(); return false; } $pos = intval($_GET[pos]); $count = $objResult->RecordCount(); if (!empty($term)) { $paging = getPaging($count, $pos, "&cmd=SystemLog&term={$term}", "<b>" . $_ARRAYLANG['TXT_LOG_ENTRIES'] . "</b>", true); } else { $paging = getPaging($count, $pos, "&cmd=SystemLog", "<b>" . $_ARRAYLANG['TXT_LOG_ENTRIES'] . "</b>", true); } $objResult = $objDatabase->SelectLimit($q, $_CONFIG['corePagingLimit'], $pos); if ($objResult === false) { $this->errorHandling(); return false; } $objTemplate->setVariable(array('LOG_PAGING' => $paging, 'LOG_TOTAL' => $count)); while (!$objResult->EOF) { $objUser = $objFWUser->objUser->getUser($objResult->fields['userid']); if ($i % 2 == 0) { $class = "row1"; } else { $class = "row2"; } $objTemplate->setVariable(array('LOG_ROWCLASS' => $class, 'LOG_ID' => $objResult->fields['id'], 'LOG_USERID' => $objUser ? $objUser->getId() : 0, 'LOG_USERNAME' => $objUser ? htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) : '', 'LOG_TIME' => $objResult->fields['datetime'], 'LOG_USERAGENT' => $objResult->fields['useragent'], 'LOG_USERLANGUAGE' => $objResult->fields['userlanguage'], 'LOG_REMOTE_ADDR' => $objResult->fields['remote_addr'], 'LOG_REMOTE_HOST' => $objResult->fields['remote_host'], 'LOG_HTTP_VIA' => $objResult->fields['http_via'], 'LOG_CLIENT_IP' => $objResult->fields['http_client_ip'], 'LOG_X_FORWARDED_FOR' => $objResult->fields['http_x_forwarded_for'], 'LOG_REFERER' => $objResult->fields['referer'])); $objTemplate->parse("logRow"); $i++; $objResult->MoveNext(); } }
/** * save the form input fields * * @param array $data * * @return boolean true on success false otherwise */ function saveInputfields($data) { global $objDatabase, $_LANGID; $this->getFrontendLanguages(); $query = ' DELETE fn.*, ff.* FROM `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_name` AS fn, `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field` AS ff WHERE fn.`form_id` = ' . contrexx_input2int($this->id) . ' AND ff.`form` =' . contrexx_input2int($this->id) . ' '; $objResult = $objDatabase->Execute($query); if (!$objResult) { return false; } foreach ($data['inputfield'] as $intFieldId => $arrField) { $query = ' INSERT INTO `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field` SET `id` = ' . contrexx_input2int($intFieldId) . ', `form` = ' . contrexx_input2int($this->id) . ', `type` = "' . contrexx_input2db($arrField['type']) . '", `required` = ' . (isset($arrField['required']) ? 1 : 0) . ', `order` = ' . contrexx_input2int($arrField['order']) . ', `affiliation` = "' . (isset($arrField['affiliation']) ? contrexx_input2db($arrField['affiliation']) : '') . '" '; $objResult = $objDatabase->Execute($query); if ($objResult === false) { continue; } foreach ($this->arrFrontendLanguages as $key => $arrLang) { if (empty($arrField['name'][0])) { $arrField['name'][0] = ''; } $strFieldName = $arrField['name'][$arrLang['id']]; $strFieldDefaultValue = $arrField['default_value'][$arrLang['id']]; if ($arrLang['id'] == $_LANGID) { if ($this->inputfields[$intFieldId]['name'][0] == $strFieldName && $this->inputfields[$intFieldId]['name'][$arrLang['id']] != $strFieldName) { $strFieldName = $arrField['name'][$_LANGID]; } if ($this->inputfields[$intFieldId]['default_value'][0] == $strFieldDefaultValue && $this->inputfields[$intFieldId]['default_value'][$arrLang['id']] != $strFieldDefaultValue) { $strFieldDefaultValue = $arrField['default_value'][$_LANGID]; } if ($this->inputfields[$intFieldId]['name'][0] != $arrField['name'][0] && $this->inputfields[$intFieldId]['name'][$arrLang['id']] == $strFieldName || $this->inputfields[$intFieldId]['name'][0] != $arrField['name'][0] && $this->inputfields[$intFieldId]['name'][$arrLang['id']] != $strFieldName || $this->inputfields[$intFieldId]['name'][0] == $arrField['name'][0] && $this->inputfields[$intFieldId]['name'][$arrLang['id']] == $strFieldName) { $strFieldName = $arrField['name'][0]; } if ($this->inputfields[$intFieldId]['default_value'][0] != $arrField['default_value'][0] && $this->inputfields[$intFieldId]['default_value'][$arrLang['id']] == $strFieldDefaultValue || $this->inputfields[$intFieldId]['default_value'][0] != $arrField['default_value'][0] && $this->inputfields[$intFieldId]['default_value'][$arrLang['id']] != $strFieldDefaultValue || $this->inputfields[$intFieldId]['default_value'][0] == $arrField['default_value'][0] && $this->inputfields[$intFieldId]['default_value'][$arrLang['id']] == $strFieldDefaultValue) { $strFieldDefaultValue = $arrField['default_value'][0]; } } if (empty($strFieldName)) { $strFieldName = $arrField['name'][0]; } if (empty($strFieldDefaultValue)) { $strFieldDefaultValue = $arrField['default_value'][0]; } $query = ' INSERT INTO `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_name` SET `field_id` = ' . contrexx_input2int($intFieldId) . ', `form_id` = ' . contrexx_input2int($this->id) . ', `lang_id` = ' . contrexx_input2int($arrLang['id']) . ', `name` = "' . contrexx_input2db($strFieldName) . '", `default` = "' . contrexx_input2db($strFieldDefaultValue) . '"'; $objResult = $objDatabase->Execute($query); } } return true; }
function addQuestions() { global $_CORELANG, $_ARRAYLANG, $objDatabase; \JS::activate('greybox'); $this->_pageTitle = $_ARRAYLANG['TXT_SURVEY_ADDQUESTION_TXT']; $this->_objTpl->loadTemplateFile('module_add_survey.html'); // Parsing javascript function to the place holder. $this->_objTpl->setVariable(array('CREATE_SURVEY_JAVASCRIPT' => $this->getCreateSurveyJavascript(), 'SELECT_COMMENTABLE_NO' => "checked", 'SURVEY_IMAGE_PATH' => ASCMS_PATH_OFFSET . ASCMS_MODULE_FOLDER . '/Survey/View/Media', 'WELCOME_MSD' => $_ARRAYLANG['TXT_WELCOME_MSG'], 'TXT_ADD_QUESTION' => $_ARRAYLANG['TXT_SURVEY_CREATEQUESTION_TXT'], 'TXT_SELECT_QUESTION' => $_ARRAYLANG['TXT_SELECT_QUESTION'], 'TXT_QUESTION_TYPE' => $_ARRAYLANG['TXT_QUESTION_TYPE'], 'TXT_MULTIPLE_CHOICE_ONE_ANSWER' => $_ARRAYLANG['TXT_MULTIPLE_CHOICE_ONE_ANSWER'], 'TXT_MULTIPLE_CHOICE_MULTIPLE_ANSWER' => $_ARRAYLANG['TXT_MULTIPLE_CHOICE_MULTIPLE_ANSWER'], 'TXT_MATRIX_CHOICE_ONE_ANSWER_PER_ROW' => $_ARRAYLANG['TXT_MATRIX_CHOICE_ONE_ANSWER_PER_ROW'], 'TXT_MATRIX_CHOICE_MULTIPLE_ANSWER_PER_ROW' => $_ARRAYLANG['TXT_MATRIX_CHOICE_MULTIPLE_ANSWER_PER_ROW'], 'TXT_SINGLE_TEXTBOX' => $_ARRAYLANG['TXT_SINGLE_TEXTBOX'], 'TXT_QUESTION_TEXT' => $_ARRAYLANG['TXT_QUESTION_TEXT'], 'TXT_ANSWER_CHOICE' => $_ARRAYLANG['TXT_ANSWER_CHOICE'], 'TXT_ADD_COMMENT' => $_ARRAYLANG['TXT_ADD_COMMENT'], 'TXT_YES' => $_ARRAYLANG['TXT_YES'], 'TXT_NO' => $_ARRAYLANG['TXT_NO'], 'TXT_HELP_TXT' => $_ARRAYLANG['TXT_HELP_TXT'], 'TXT_HELP_IMAGE_TXT' => $_ARRAYLANG['TXT_HELP_IMAGE_TXT'], 'TXT_SAVE_TXT' => $_ARRAYLANG['TXT_SAVE_TXT'], 'TXT_COLUMN_CHOICE' => $_ARRAYLANG['TXT_COLUMN_CHOICE'], 'TXT_MULTIPLE_TEXTBOX' => $_ARRAYLANG['TXT_MULTIPLE_TEXTBOX'], 'TXT_TEXT_ROW' => $_ARRAYLANG['TXT_TEXT_ROW'], 'TXT_HELPONE_SEL' => 'none', 'TXT_HELPTWO_SEL' => 'none', 'TXT_HELPTHREE_SEL' => 'none', 'TXT_HELPFOUR_SEL' => 'none', 'TXT_HELPFIVE_SEL' => 'none', 'TXT_HELPSIX_SEL' => 'none', 'TXT_COLHIDE' => 'display:none', 'TXT_RTEXTHIDE' => 'none', 'TXT_HELPSEVEN_SEL' => 'none')); if (isset($_POST['surveyQuestions_submit'])) { $surveyId = contrexx_input2raw($_REQUEST['surveyId']); $questionType = contrexx_input2raw($_POST['questionType']); $columnChoices = contrexx_input2raw($_POST['ColumnChoices']); $questionAnswers = contrexx_input2raw($_POST['QuestionAnswers']); $vote = 0; $Question = $questionType != 7 ? contrexx_input2db($_POST['Question']) : contrexx_input2db($_POST['QuestionRow']); if ($questionType == 3 || $questionType == 4) { $options = explode("\n", $columnChoices); $ColChoices = explode("\n", $questionAnswers); $colChoic = implode($ColChoices, ";"); $vote = array(); foreach ($ColChoices as $key => $value) { $vote[$key] = 0; } $vote = json_encode($vote); } else { $options = explode("\n", $questionAnswers); $ColChoices = explode("\n", $columnChoices); $colChoic = ""; } if ($questionType == 5) { $options[0] = "Answer"; } $commentable = contrexx_input2db($_POST['Iscomment']); if ($questionType == 7) { $options[0] = "Answer"; $commentable = contrexx_input2db($_POST['Iscomment']); } $sorting_id = 0; $objResult = $objDatabase->Execute('SELECT MAX(`pos`) as `pos` FROM `' . DBPREFIX . 'module_survey_surveyQuestions` WHERE `survey_id` =' . $surveyId); $sorting_id = $objResult->fields['pos'] + 1; // Insert Query for Inserting the Fields Posted $insertSurvey = 'INSERT INTO `' . DBPREFIX . 'module_survey_surveyQuestions` SET `survey_id` = "' . contrexx_raw2db($surveyId) . '", `isCommentable` = "' . $commentable . '", `QuestionType` = "' . contrexx_raw2db($questionType) . '", `Question` = "' . $Question . '", `pos` = ' . $sorting_id . ', `column_choice` = "' . contrexx_raw2db($colChoic) . '" '; $objDatabase->Execute($insertSurvey); $lastId = mysql_insert_id(); for ($i = 0; $i < count($options); $i++) { if (trim($options[$i]) != "") { $insertSurvey = 'INSERT INTO `' . DBPREFIX . 'module_survey_surveyAnswers` SET `question_id` = "' . $lastId . '", `answer` = "' . contrexx_raw2db($options[$i]) . '", `votes` = "' . contrexx_raw2db($vote) . '"'; $objDatabase->Execute($insertSurvey); } } // loop for inserting the column choices for ($i = 0; $i < count($ColChoices); $i++) { if ($ColChoices[$i] != "") { $insertSurvey = 'INSERT INTO `' . DBPREFIX . 'module_survey_columnChoices` SET `question_id` = "' . $lastId . '", `choice` = "' . contrexx_raw2db($ColChoices[$i]) . '"'; $objDatabase->Execute($insertSurvey); } } $this->_strOkMessage = $_ARRAYLANG['TXT_SURVEY_ADDED_SUC_TXT']; if (isset($_REQUEST['linkId']) && $_REQUEST['linkId'] != "") { $ids = contrexx_input2raw($_REQUEST['linkId']); $link = "index.php?cmd=Survey&act=editQuestionsOverview&id=" . $ids . "&linkId=" . $ids . "&" . \Cx\Core\Csrf\Controller\Csrf::param(); $this->_objTpl->setVariable(array('ADD_QUESTION_HERE' => '<a href="index.php?cmd=Survey&act=addQuestions&surveyId=' . $surveyId . '" title="' . $_ARRAYLANG['TXT_SURVEY_ADDQUESTION_TXT'] . '"> ' . $_ARRAYLANG['TXT_SURVEY_ADDQUESTION_ANOTHER_TXT'] . '</a>', 'TXT_DONE' => '<input type="button" name="Done" value="' . $_ARRAYLANG['TXT_SURVEY_DONE_TXT'] . '" onclick= "window.location=\'' . $link . '\'" />', 'TXT_PREVIEW' => '<input type="button" name="Preview" value="' . $_ARRAYLANG['TXT_SURVEY_PREVIEW_TXT'] . '" onClick="window.open(' . "'" . '../index.php?section=Survey&cmd=surveypreview&id=' . $surveyId . "'" . ')">')); } else { $link = 'index.php?cmd=Survey&act=editQuestionsOverview&id=' . $surveyId . '&linkId=' . $surveyId . '&' . \Cx\Core\Csrf\Controller\Csrf::param(); $this->_objTpl->setVariable(array('ADD_QUESTION_HERE' => '<a href="index.php?cmd=Survey&act=addQuestions&surveyId=' . $surveyId . '" title="' . $_ARRAYLANG['TXT_SURVEY_ADDQUESTION_TXT'] . '"> ' . $_ARRAYLANG['TXT_SURVEY_ADDQUESTION_ANOTHER_TXT'] . '</a>', 'TXT_DONE' => '<input type="button" name="Done" value="' . $_ARRAYLANG['TXT_SURVEY_DONE_TXT'] . '" onclick= "window.location=\'' . $link . '\'" />', 'TXT_PREVIEW' => '<input type="button" name="Preview" value="' . $_ARRAYLANG['TXT_SURVEY_PREVIEW_TXT'] . '" onClick="window.open(' . "'" . '../index.php?section=Survey&cmd=surveypreview&id=' . $surveyId . "'" . ')">')); } } }
/** * Settings page * @global array $_ARRAYLANG */ private function settings() { global $_ARRAYLANG, $_LANGID; \Permission::checkAccess(142, 'static'); $this->_pageTitle = $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS']; $this->objTemplate->loadTemplateFile('module_downloads_settings.html'); if (isset($_POST['downloads_settings_save'])) { $this->arrConfig['overview_cols_count'] = !empty($_POST['downloads_settings_col_count']) ? intval($_POST['downloads_settings_col_count']) : $this->arrConfig['overview_cols_count']; $this->arrConfig['overview_max_subcats'] = !empty($_POST['downloads_settings_subcat_count']) ? intval($_POST['downloads_settings_subcat_count']) : $this->arrConfig['overview_max_subcats']; $this->arrConfig['use_attr_metakeys'] = !empty($_POST['downloads_settings_attribute_metakeys']) ? intval($_POST['downloads_settings_attribute_metakeys']) : 0; $this->arrConfig['use_attr_size'] = !empty($_POST['downloads_settings_attribute_size']) ? intval($_POST['downloads_settings_attribute_size']) : 0; $this->arrConfig['use_attr_license'] = !empty($_POST['downloads_settings_attribute_license']) ? intval($_POST['downloads_settings_attribute_license']) : 0; $this->arrConfig['use_attr_version'] = !empty($_POST['downloads_settings_attribute_version']) ? intval($_POST['downloads_settings_attribute_version']) : 0; $this->arrConfig['use_attr_author'] = !empty($_POST['downloads_settings_attribute_author']) ? intval($_POST['downloads_settings_attribute_author']) : 0; $this->arrConfig['use_attr_website'] = !empty($_POST['downloads_settings_attribute_website']) ? intval($_POST['downloads_settings_attribute_website']) : 0; $this->arrConfig['most_viewed_file_count'] = !empty($_POST['downloads_settings_most_viewed_file_count']) ? intval($_POST['downloads_settings_most_viewed_file_count']) : $this->arrConfig['most_viewed_file_count']; $this->arrConfig['most_downloaded_file_count'] = !empty($_POST['downloads_settings_most_downloaded_file_count']) ? intval($_POST['downloads_settings_most_downloaded_file_count']) : $this->arrConfig['most_downloaded_file_count']; $this->arrConfig['most_popular_file_count'] = !empty($_POST['downloads_settings_most_popular_file_count']) ? intval($_POST['downloads_settings_most_popular_file_count']) : $this->arrConfig['most_popular_file_count']; $this->arrConfig['newest_file_count'] = !empty($_POST['downloads_settings_newest_file_count']) ? intval($_POST['downloads_settings_newest_file_count']) : $this->arrConfig['newest_file_count']; $this->arrConfig['updated_file_count'] = !empty($_POST['downloads_settings_updated_file_count']) ? intval($_POST['downloads_settings_updated_file_count']) : $this->arrConfig['updated_file_count']; $this->arrConfig['new_file_time_limit'] = !empty($_POST['downloads_settings_new_file_time_limit']) ? intval($_POST['downloads_settings_new_file_time_limit']) : $this->arrConfig['new_file_time_limit']; $this->arrConfig['updated_file_time_limit'] = !empty($_POST['downloads_settings_updated_file_time_limit']) ? intval($_POST['downloads_settings_updated_file_time_limit']) : $this->arrConfig['updated_file_time_limit']; $this->arrConfig['associate_user_to_groups'] = !empty($_POST['downloads_settings_associate_user_to_groups_associated_groups']) ? implode(',', array_map('intval', $_POST['downloads_settings_associate_user_to_groups_associated_groups'])) : $this->arrConfig['associate_user_to_groups']; $this->arrConfig['downloads_sorting_order'] = !empty($_POST['downloads_settings_sorting_downloads']) && array_key_exists($_POST['downloads_settings_sorting_downloads'], $this->downloadsSortingOptions) ? contrexx_input2db($_POST['downloads_settings_sorting_downloads']) : $this->arrConfig['downloads_sorting_order']; $this->arrConfig['categories_sorting_order'] = !empty($_POST['downloads_settings_sorting_categories']) && array_key_exists($_POST['downloads_settings_sorting_categories'], $this->categoriesSortingOptions) ? contrexx_input2db($_POST['downloads_settings_sorting_categories']) : $this->arrConfig['categories_sorting_order']; $this->updateSettings(); } $objFWUser = \FWUser::getFWUserObject(); $objGroup = $objFWUser->objGroup->getGroups(); $arrGroups = explode(',', $this->arrConfig['associate_user_to_groups']); $associatedGroups = ''; $notAssociatedGroups = ''; while (!$objGroup->EOF) { $option = '<option value="' . $objGroup->getId() . '">' . htmlentities($objGroup->getName($_LANGID), ENT_QUOTES, CONTREXX_CHARSET) . ' [' . $objGroup->getType() . ']</option>'; if (in_array($objGroup->getId(), $arrGroups)) { $associatedGroups .= $option; } else { $notAssociatedGroups .= $option; } $objGroup->next(); } //Parse the option 'Downloads' and 'Categories' dropdown in the 'Sorting' section $this->parseSettingsDropDown($this->objTemplate, $this->downloadsSortingOptions, $this->arrConfig['downloads_sorting_order'], 'downloads'); $this->parseSettingsDropDown($this->objTemplate, $this->categoriesSortingOptions, $this->arrConfig['categories_sorting_order'], 'categories'); $this->objTemplate->setVariable(array('TXT_DOWNLOADS_SETTINGS_LISTING' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_LISTING'], 'TXT_DOWNLOADS_OVERVIEW_PAGE' => $_ARRAYLANG['TXT_DOWNLOADS_OVERVIEW_PAGE'], 'TXT_DOWNLOADS_COL_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_COL_COUNT'], 'TXT_DOWNLOADS_COL_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_COL_COUNT_DESC'], 'TXT_DOWNLOADS_SUBCAT_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_SUBCAT_COUNT'], 'TXT_DOWNLOADS_SUBCAT_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_SUBCAT_COUNT_DESC'], 'TXT_DOWNLOADS_BLOCKS' => $_ARRAYLANG['TXT_DOWNLOADS_BLOCKS'], 'TXT_DOWNLOADS_MOST_VIEWED_FILE_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_VIEWED_FILE_COUNT'], 'TXT_DOWNLOADS_MOST_VIEWED_FILE_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_VIEWED_FILE_COUNT_DESC'], 'TXT_DOWNLOADS_MOST_DOWNLOADED_FILE_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_DOWNLOADED_FILE_COUNT'], 'TXT_DOWNLOADS_MOST_DOWNLOADED_FILE_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_DOWNLOADED_FILE_COUNT_DESC'], 'TXT_DOWNLOADS_MOST_POPULAR_FILE_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_POPULAR_FILE_COUNT'], 'TXT_DOWNLOADS_MOST_POPULAR_FILE_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_MOST_POPULAR_FILE_COUNT_DESC'], 'TXT_DOWNLOADS_NEWEST_FILE_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_NEWEST_FILE_COUNT'], 'TXT_DOWNLOADS_NEWEST_FILE_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_NEWEST_FILE_COUNT_DESC'], 'TXT_DOWNLOADS_UPDATE_FILE_COUNT' => $_ARRAYLANG['TXT_DOWNLOADS_UPDATE_FILE_COUNT'], 'TXT_DOWNLOADS_UPDATE_FILE_COUNT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_UPDATE_FILE_COUNT_DESC'], 'TXT_DOWNLOADS_SETTINGS_STATISTICS' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_STATISTICS'], 'TXT_DOWNLOADS_NEW_FILE_TIME_LIMIT' => $_ARRAYLANG['TXT_DOWNLOADS_NEW_FILE_TIME_LIMIT'], 'TXT_DOWNLOADS_NEW_FILE_TIME_LIMIT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_NEW_FILE_TIME_LIMIT_DESC'], 'TXT_DOWNLOADS_UPDATED_FILE_TIME_LIMIT' => $_ARRAYLANG['TXT_DOWNLOADS_UPDATED_FILE_TIME_LIMIT'], 'TXT_DOWNLOADS_UPDATED_FILE_TIME_LIMIT_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_UPDATED_FILE_TIME_LIMIT_DESC'], 'TXT_DOWNLOADS_SECONDS_COMB_EXAMPLES' => $_ARRAYLANG['TXT_DOWNLOADS_SECONDS_COMB_EXAMPLES'], 'TXT_DOWNLOADS_SETTINGS_ATTRIBUTES' => $_ARRAYLANG['TXT_DOWNLOADS_ATTRIBUTES'], 'TXT_DOWNLOADS_ATTRIBUTES_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_ATTRIBUTES_DESC'], 'TXT_DOWNLOADS_METAKEYS' => $_ARRAYLANG['TXT_DOWNLOADS_METAKEYS'], 'TXT_DOWNLOADS_SIZE' => $_ARRAYLANG['TXT_DOWNLOADS_SIZE'], 'TXT_DOWNLOADS_LICENSE' => $_ARRAYLANG['TXT_DOWNLOADS_LICENSE'], 'TXT_DOWNLOADS_VERSION' => $_ARRAYLANG['TXT_DOWNLOADS_VERSION'], 'TXT_DOWNLOADS_AUTHOR' => $_ARRAYLANG['TXT_DOWNLOADS_AUTHOR'], 'TXT_DOWNLOADS_WEBSITE' => $_ARRAYLANG['TXT_DOWNLOADS_WEBSITE'], 'TXT_DOWNLOADS_SAVE' => $_ARRAYLANG['TXT_DOWNLOADS_SAVE'], 'TXT_DOWNLOADS_UNCHECK_ALL' => $_ARRAYLANG['TXT_DOWNLOADS_UNCHECK_ALL'], 'TXT_DOWNLOADS_CHECK_ALL' => $_ARRAYLANG['TXT_DOWNLOADS_CHECK_ALL'], 'TXT_DOWNLOADS_GENERAL' => $_ARRAYLANG['TXT_DOWNLOADS_GENERAL'], 'TXT_DOWNLOADS_INTERFACES' => $_ARRAYLANG['TXT_DOWNLOADS_INTERFACES'], 'TXT_DOWNLOADS_USER_ADMIN' => $_ARRAYLANG['TXT_DOWNLOADS_USER_ADMIN'], 'TXT_DOWNLOADS_AUTOMATIC_CATEGORY_CREATION' => $_ARRAYLANG['TXT_DOWNLOADS_AUTOMATIC_CATEGORY_CREATION'], 'TXT_DOWNLOADS_AUTOMATIC_CATEGORY_CREATION_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_AUTOMATIC_CATEGORY_CREATION_DESC'], 'TXT_DOWNLOADS_AVAILABLE_USER_GROUPS' => $_ARRAYLANG['TXT_DOWNLOADS_AVAILABLE_USER_GROUPS'], 'TXT_DOWNLOADS_ASSIGNED_USER_GROUPS' => $_ARRAYLANG['TXT_DOWNLOADS_ASSIGNED_USER_GROUPS'], 'TXT_DOWNLOADS_SETTINGS_SORTING' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_SORTING'], 'TXT_DOWNLOADS_SETTINGS_OPTION_DOWNLOADS' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_OPTION_DOWNLOADS'], 'TXT_DOWNLOADS_SETTINGS_OPTION_CATEGORIES' => $_ARRAYLANG['TXT_DOWNLOADS_CATEGORIES'], 'TXT_DOWNLOADS_SETTINGS_OPTION_SORTING_DESC' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_OPTION_SORTING_DESC'], 'TXT_DOWNLOADS_SETTINGS_CUSTOM_LABEL' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_CUSTOM_LABEL'], 'TXT_DOWNLOADS_SETTINGS_ALPHABETIC_LABEL' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_ALPHABETIC_LABEL'], 'TXT_DOWNLOADS_SETTINGS_NEWEST_TO_OLDEST_LABEL' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_NEWEST_TO_OLDEST_LABEL'], 'TXT_DOWNLOADS_SETTINGS_OLDEST_TO_NEWEST_LABEL' => $_ARRAYLANG['TXT_DOWNLOADS_SETTINGS_OLDEST_TO_NEWEST_LABEL'], 'DOWNLOADS_SETTINGS_COL_COUNT' => $this->arrConfig['overview_cols_count'], 'DOWNLOADS_SETTINGS_SUBCAT_COUNT' => $this->arrConfig['overview_max_subcats'], 'DOWNLOADS_SETTINGS_ATTRIBUTE_METAKEYS_CHECKED' => $this->arrConfig['use_attr_metakeys'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_ATTRIBUTE_SIZE_CHECKED' => $this->arrConfig['use_attr_size'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_ATTRIBUTE_LICENSE_CHECKED' => $this->arrConfig['use_attr_license'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_ATTRIBUTE_VERSION_CHECKED' => $this->arrConfig['use_attr_version'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_ATTRIBUTE_AUTHOR_CHECKED' => $this->arrConfig['use_attr_author'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_ATTRIBUTE_WEBSITE_CHECKED' => $this->arrConfig['use_attr_website'] ? 'checked="checked"' : '', 'DOWNLOADS_SETTINGS_MOST_VIEWED_FILE_COUNT' => $this->arrConfig['most_viewed_file_count'], 'DOWNLOADS_SETTINGS_MOST_DOWNLOADED_FILE_COUNT' => $this->arrConfig['most_downloaded_file_count'], 'DOWNLOADS_SETTINGS_MOST_POPULAR_FILE_COUNT' => $this->arrConfig['most_popular_file_count'], 'DOWNLOADS_SETTINGS_NEWEST_FILE_COUNT' => $this->arrConfig['newest_file_count'], 'DOWNLOADS_SETTINGS_UPDATED_FILE_COUNT' => $this->arrConfig['updated_file_count'], 'DOWNLOADS_SETTINGS_NEW_FILE_TIME_LIMIT' => $this->arrConfig['new_file_time_limit'], 'DOWNLOADS_SETTINGS_UPDATEDED_FILE_TIME_LIMIT' => $this->arrConfig['updated_file_time_limit'], 'DOWNLOADS_SETTINGS_NOT_ASSOCIATED_GROUPS' => $notAssociatedGroups, 'DOWNLOADS_SETTINGS_ASSOCIATED_GROUPS' => $associatedGroups)); }
/** * Save the order of categories * * Is called through ajax */ function saveCategoryOrder() { global $objDatabase; if ($_POST['categories']) { $categories = contrexx_input2db($_POST['categories']); foreach ($categories as $sort => $value) { $sort++; $id = explode('_', $value); $query = "UPDATE " . DBPREFIX . "module_data_categories\n SET `sort` = " . $sort . "\n WHERE `category_id` = " . $id[1]; $objDatabase->Execute($query); } } else { header("HTTP/1.0 500 Internal Server Error"); return; } }
function saveInputfields($arrData) { global $_ARRAYLANG, $_CORELANG, $objDatabase, $_LANGID; $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_inputfields WHERE form='" . $this->intFormId . "'"); $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_inputfield_names WHERE form_id='" . $this->intFormId . "'"); $inputfieldId = isset($arrData['inputfieldId']) ? $arrData['inputfieldId'] : array(); foreach ($inputfieldId as $intKey => $intFieldId) { $intFieldId = intval($intFieldId); $intFieldOrder = intval($arrData['inputfieldOrder'][$intFieldId]); $arrFieldNames = contrexx_input2raw($arrData['inputfieldName'][$intFieldId]); $intFieldType = intval($arrData['inputfieldType'][$intFieldId]); $intFieldShowIn = intval($arrData['inputfieldShow'][$intFieldId]); $arrFieldDefaultValues = contrexx_input2raw($arrData['inputfieldDefaultvalue'][$intFieldId]); $arrFieldInfos = isset($arrData['inputfieldInfo'][$intFieldId]) ? contrexx_input2raw($arrData['inputfieldInfo'][$intFieldId]) : array(); $intFieldVerification = intval($arrData['inputfieldVerification'][$intFieldId]); $intFieldMustfield = isset($arrData['inputfieldMustfield'][$intFieldId]) ? contrexx_input2int($arrData['inputfieldMustfield'][$intFieldId]) : 0; $intFieldExpSearch = isset($arrData['inputfieldExpSearch'][$intFieldId]) ? contrexx_input2int($arrData['inputfieldExpSearch'][$intFieldId]) : 0; $fieldContextType = contrexx_input2db($arrData['inputfieldContext'][$intFieldId]); //add inputfield $objSaveInputfield = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_inputfields\n SET\n `id` = '" . $intFieldId . "',\n `form` = '" . $this->intFormId . "',\n `order` = '" . $intFieldOrder . "',\n `type` = '" . $intFieldType . "',\n `show_in` = '" . $intFieldShowIn . "',\n `verification` = '" . $intFieldVerification . "',\n `required` = '" . $intFieldMustfield . "',\n `search` = '" . $intFieldExpSearch . "',\n `context_type` = '" . $fieldContextType . "'\n\n "); if ($objSaveInputfield === false) { return false; } //add inputfield names and default values $saveInputFieldName = $this->updateInputFields($intFieldId, $arrFieldNames, $arrFieldDefaultValues, $arrFieldInfos); if (!$saveInputFieldName) { return false; } } $selectorOrder = $selectorOrder2 = $selectorExpSearch = $selectorExpSearch2 = 0; if (isset($arrData['selectorOrder'])) { $selectorOrder = isset($arrData['selectorOrder'][1]) ? $arrData['selectorOrder'][1] : 0; $selectorOrder2 = isset($arrData['selectorOrder'][2]) ? $arrData['selectorOrder'][2] : 0; } if (isset($arrData['selectorExpSearch'])) { $selectorExpSearch = isset($arrData['selectorExpSearch'][1]) ? $arrData['selectorExpSearch'][1] : 0; $selectorExpSearch2 = isset($arrData['selectorExpSearch'][2]) ? $arrData['selectorExpSearch'][2] : 0; } $objCategorySelector = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_order_rel_forms_selectors SET `selector_order`='" . contrexx_input2int($selectorOrder) . "', `exp_search`='" . intval($selectorExpSearch) . "' WHERE `selector_id`='9' AND `form_id`='" . $this->intFormId . "'"); $objLevelSelector = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_order_rel_forms_selectors SET `selector_order`='" . contrexx_input2int($selectorOrder2) . "', `exp_search`='" . intval($selectorExpSearch2) . "' WHERE `selector_id`='10' AND `form_id`='" . $this->intFormId . "'"); if ($objCategorySelector === false || $objLevelSelector === false) { return false; } return true; }
function searchEntries($arrData) { global $_ARRAYLANG, $_CORELANG, $objDatabase, $_LANGID, $objInit; $arrSelect = array(); $arrFrom = array(); $arrWhere = array(); $arrOrder = array(); $arrJoins = array(); $arrFoundIds = array(); $arrFoundLevelsCategories = array(); $arrFoundCountries = array(); $intCmdFormId = null; $strTerm = ''; //build search term query $arrData['term'] = trim($arrData['term']); if (isset($_GET['cmd']) && $_GET['cmd'] != 'search') { $objForms = new MediaDirectoryForm(null, $this->moduleName); foreach ($objForms->arrForms as $intFormId => $arrForm) { if (!empty($arrForm['formCmd']) && $arrForm['formCmd'] == $_GET['cmd']) { $intCmdFormId = intval($intFormId); } } //extract cid and lid from cmd if (empty($intCmdFormId)) { $arrLevelCategoryId = explode('-', $_GET['cmd']); if (count($arrLevelCategoryId) == 1) { if (empty($this->arrSettings['settingsShowLevels']) && empty($arrData['cid'])) { $arrData['cid'] = $arrLevelCategoryId[0]; } elseif (!empty($this->arrSettings['settingsShowLevels']) && empty($arrData['lid'])) { $arrData['lid'] = $arrLevelCategoryId[0]; } } elseif (count($arrLevelCategoryId) == 2) { if (empty($this->arrSettings['settingsShowLevels'])) { $arrData['cid'] = empty($arrData['cid']) ? $arrLevelCategoryId[0] : $arrData['cid']; } elseif (!empty($this->arrSettings['settingsShowLevels'])) { $arrData['lid'] = empty($arrData['cid']) ? $arrLevelCategoryId[0] : $arrData['lid']; $arrData['cid'] = empty($arrData['cid']) ? $arrLevelCategoryId[1] : $arrData['cid']; } } } } $arrFinalFrom = array(); //build level search query if (!empty($arrData['lid'])) { array_push($this->arrSearchLevels, intval($arrData['lid'])); $this->getSearchLevelIds(intval($arrData['lid'])); $arrWhere[] = '(rel_level.level_id IN (' . join(',', $this->arrSearchLevels) . ') AND rel_level.entry_id=rel_inputfield.entry_id)'; $levelFilterWhere = '(rel_level.level_id IN (' . join(',', $this->arrSearchLevels) . ') AND rel_level.entry_id=rel_inputfield_final.entry_id)'; $levelFrom = DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_levels AS rel_level'; $arrFrom[] = $levelFrom; $arrFinalFrom[] = $levelFrom; } //build category search query if (!empty($arrData['cid'])) { array_push($this->arrSearchCategories, intval($arrData['cid'])); $this->getSearchCategoryIds(intval($arrData['cid'])); $arrWhere[] = '(rel_category.category_id IN (' . join(',', $this->arrSearchCategories) . ') AND rel_category.entry_id=rel_inputfield.entry_id)'; $categoryFilterWhere = '(rel_category.category_id IN (' . join(',', $this->arrSearchCategories) . ') AND rel_category.entry_id=rel_inputfield_final.entry_id)'; $categoryFrom = DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_categories AS rel_category'; $arrFrom[] = $categoryFrom; $arrFinalFrom[] = $categoryFrom; } $arrFrom[] = DBPREFIX . 'module_' . $this->moduleNameLC . '_entries AS entry'; $arrWhere[] = '(entry.`id` = rel_inputfield.`entry_id` AND entry.`confirmed` = 1 AND entry.`active` = 1)'; if (!empty($arrData['term'])) { $strTerm = contrexx_addslashes(trim($arrData['term'])); $arrSelect[] = 'rel_inputfield.`entry_id` AS `entry_id`'; $arrSelect[] = 'MATCH (rel_inputfield.`value`) AGAINST ("%' . $strTerm . '%") AS score'; $arrFrom[] = DBPREFIX . 'module_' . $this->moduleNameLC . '_rel_entry_inputfields AS rel_inputfield'; $arrFrom[] = DBPREFIX . 'module_' . $this->moduleNameLC . '_inputfields AS inputfield'; $strReplace = '%" AND rel_inputfield.`value` LIKE "%'; $strReplace = preg_replace('/\\s+/', $strReplace, $strTerm); $arrWhere[] = 'rel_inputfield.`entry_id` != 0'; $arrWhere[] = '(rel_inputfield.`value` LIKE "%' . $strReplace . '%" AND (rel_inputfield.`field_id` = inputfield.`id` AND inputfield.`type` NOT IN (7,8,15,16,21)))'; $arrOrder[] = 'score DESC, rel_inputfield.`value` ASC'; } else { $arrSelect[] = 'rel_inputfield.`entry_id` AS `entry_id`'; $arrFrom[] = DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_inputfields AS rel_inputfield'; $arrWhere[] = 'rel_inputfield.`entry_id` != 0'; $arrOrder[] = 'rel_inputfield.`value` ASC'; } //search levels and categorie names if (empty($arrData['cid']) && $arrData['type'] == 'exp') { $arrFoundLevelsCategories = $this->searchLevelsCategories(1, $strTerm, $intCmdFormId); } $arrFoundIds = array_merge($arrFoundIds, $arrFoundLevelsCategories); //search countries $arrFoundCountries = $this->searchCountries($strTerm, $intCmdFormId); $arrFoundIds = array_merge($arrFoundIds, $arrFoundCountries); if ($intCmdFormId != 0) { $arrWhere[] = "rel_inputfield.`form_id` = '" . $intCmdFormId . "'"; } if ($objInit->mode == 'frontend') { $intToday = time(); $arrWhere[] = "(`duration_type` = 1 OR (`duration_type` = 2 AND (`duration_start` < '{$intToday}' AND `duration_end` > '{$intToday}')))"; } if (!empty($arrSelect) && !empty($arrFrom) && !empty($arrWhere) && !empty($arrOrder)) { $query = ' SELECT ' . join(',', $arrSelect) . ' FROM ' . join(',', $arrFrom) . ' ' . join(',', $arrJoins) . ' WHERE ' . join(' AND ', $arrWhere) . ' GROUP BY rel_inputfield.`entry_id` ORDER BY ' . join(',', $arrOrder) . ' '; if ($arrData['type'] == 'exp') { //build expanded search query $arrExternals = array('__cap', 'section', 'type', 'cmd', 'term', 'lid', 'cid', 'search', 'pos', 'scid', 'langId', 'csrf'); foreach ($arrData as $intInputfieldId => $strExpTerm) { if (!in_array($intInputfieldId, $arrExternals) && $strExpTerm != null) { $objInputfields = new MediaDirectoryInputfield(null, true, null, $this->moduleName); $intInputfieldType = $objInputfields->arrInputfields[$intInputfieldId]['type']; $strExpTerm = is_array($strExpTerm) ? contrexx_input2db(array_map('trim', $strExpTerm)) : contrexx_addslashes(trim($strExpTerm)); $strTableName = 'rel_inputfield_' . intval($intInputfieldId); $arrExpJoin[] = 'INNER JOIN ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_inputfields AS ' . $strTableName . ' ON rel_inputfield_final.`entry_id` = ' . $strTableName . '.`entry_id`'; if ($intInputfieldType == '11') { switch ($this->arrSettings['settingsClassificationSearch']) { case 1: $strSearchOperator = '>='; break; case 2: $strSearchOperator = '<='; break; case 3: $strSearchOperator = '='; break; } $arrExpWhere[] = '(' . $strTableName . '.`field_id` = ' . intval($intInputfieldId) . ' AND ' . $strTableName . '.`value` ' . $strSearchOperator . ' "' . $strExpTerm . '")'; } else { if ($intInputfieldType == '3' || $intInputfieldType == '25') { $arrExpWhere[] = '(' . $strTableName . '.`field_id` = ' . $intInputfieldId . ' AND ' . $strTableName . '.`value` = "' . $strExpTerm . '")'; } elseif ($intInputfieldType == '5') { $checkboxSearch = array(); foreach ($strExpTerm as $value) { $checkboxSearch[] = ' FIND_IN_SET("' . $value . '",' . $strTableName . '.`value`) <> 0'; } $arrExpWhere[] = '(' . $strTableName . '.`field_id` = ' . intval($intInputfieldId) . ' AND (' . implode(' AND ', $checkboxSearch) . '))'; } else { $arrExpWhere[] = '(' . $strTableName . '.`field_id` = ' . intval($intInputfieldId) . ' AND ' . $strTableName . '.`value` LIKE "%' . $strExpTerm . '%")'; } } } } if (!empty($arrExpJoin) && !empty($arrExpWhere)) { if (!empty($levelFilterWhere)) { $arrExpWhere[] = $levelFilterWhere; } if (!empty($categoryFilterWhere)) { $arrExpWhere[] = $categoryFilterWhere; } $finalFrom = !empty($arrFinalFrom) ? join(',', $arrFinalFrom) . ',' : ''; $expJoin = join(' ', $arrExpJoin); $expWhere = join(' AND ', $arrExpWhere); if (!empty($arrData['term'])) { $query = ' SELECT rel_inputfield_final.`entry_id` AS `entry_id` FROM ' . $finalFrom . ' ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_inputfields AS rel_inputfield_final INNER JOIN (' . $query . ') AS rel_inputfield ON rel_inputfield_final.`entry_id` = rel_inputfield.`entry_id` ' . $expJoin . ' WHERE ' . $expWhere . ' '; } else { $query = ' SELECT rel_inputfield_final.`entry_id` AS `entry_id` FROM ' . $finalFrom . ' ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_rel_entry_inputfields AS rel_inputfield_final ' . $expJoin . ' WHERE ' . $expWhere . ' '; } } } $objRsSearchEntries = $objDatabase->Execute($query); if ($objRsSearchEntries !== false) { while (!$objRsSearchEntries->EOF) { if (!in_array(intval($objRsSearchEntries->fields['entry_id']), $this->arrFoundIds)) { $this->arrFoundIds[] = intval($objRsSearchEntries->fields['entry_id']); } $objRsSearchEntries->MoveNext(); } } } }
/** * Add a new currency * * If the posted data is incomplete sets a message, and returns null. * Returns false on database errors only. * @return boolean Null if nothing was added, * boolean true upon adding the currency * successfully, or false otherwise * @static */ static function add() { global $objDatabase, $_ARRAYLANG; if (empty($_POST['currency_add'])) { return null; } if (empty($_POST['currencyNameNew']) || empty($_POST['currencyCodeNew']) || empty($_POST['currencySymbolNew']) || empty($_POST['currencyRateNew']) || empty($_POST['currencyIncrementNew'])) { \Message::error($_ARRAYLANG['TXT_SHOP_CURRENCY_INCOMPLETE']); return false; } $code = contrexx_input2raw($_POST['currencyCodeNew']); foreach (self::$arrCurrency as $currency) { if ($code == $currency['code']) { \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_CURRENCY_EXISTS'], $code)); return null; } } $active = empty($_POST['currencyActiveNew']) ? 0 : 1; $default = empty($_POST['currencyDefaultNew']) ? 0 : 1; $query = "\n INSERT INTO `" . DBPREFIX . "module_shop" . MODULE_INDEX . "_currencies` (\n `code`, `symbol`, `rate`, `increment`, `active`\n ) VALUES (\n '" . contrexx_raw2db($code) . "',\n '" . contrexx_input2db($_POST['currencySymbolNew']) . "',\n " . floatval($_POST['currencyRateNew']) . ",\n " . floatval($_POST['currencyIncrementNew']) . ",\n {$active}\n )"; $objResult = $objDatabase->Execute($query); if (!$objResult) { return false; } $currency_id = $objDatabase->Insert_Id(); if (!\Text::replace($currency_id, FRONTEND_LANG_ID, 'Shop', self::TEXT_NAME, contrexx_input2raw($_POST['currencyNameNew']))) { return false; } if ($default) { return self::setDefault($currency_id); } return true; }
/** * Save the news settings * @access private * @global ADONewConnection * @global array * @global array * @see createRSS() */ function _saveSettings() { global $objDatabase, $_CONFIG, $_ARRAYLANG; // Store settings if (isset($_GET['act']) && $_GET['act'] == 'settings' && isset($_POST['store'])) { // save multilanguage news_feed_title and news_feed_description $this->storeFeedLocales('news_feed_title', $_POST['newsFeedTitle']); $this->storeFeedLocales('news_feed_description', $_POST['newsFeedDescription']); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings\n SET value='" . intval($_POST['newsFeedStatus']) . "'\n WHERE name = 'news_feed_status'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings\n SET value='" . contrexx_input2db($_POST['newsFeedImage']) . "'\n WHERE name='news_feed_image'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings\n SET value='" . intval($_POST['headlinesLimit']) . "'\n WHERE name = 'news_headlines_limit'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . intval($_POST['recentNewsMessageLimit']) . "' WHERE name = 'recent_news_message_limit'"); // Notify-user. 0 = disabled. $this->_store_settings_item('news_notify_user', intval($_POST['newsNotifySelectedUser'])); // Notify-Group. 0 = disabled. $this->_store_settings_item('news_notify_group', intval($_POST['newsNotifySelectedGroup'])); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='1' WHERE name = 'news_settings_activated'"); $submitNews = isset($_POST['newsSubmitNews']) ? intval($_POST['newsSubmitNews']) : 0; $submitNewsCommunity = isset($_POST['newsSubmitOnlyCommunity']) ? intval($_POST['newsSubmitOnlyCommunity']) : 0; $activateSubmittedNews = isset($_POST['newsActivateSubmittedNews']) ? intval($_POST['newsActivateSubmittedNews']) : 0; $newsCommentsAllow = isset($_POST['newsCommentsAllow']) ? intval($_POST['newsCommentsAllow']) : 0; $newsCommentsAllowAnonymous = isset($_POST['newsCommentsAllowAnonymous']) ? intval($_POST['newsCommentsAllowAnonymous']) : 0; $newsCommentsAutoActivate = isset($_POST['newsCommentsAutoActivate']) ? intval($_POST['newsCommentsAutoActivate']) : 0; $newsCommentsNotification = isset($_POST['newsCommentsNotification']) ? intval($_POST['newsCommentsNotification']) : 0; $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $submitNews . "' WHERE name='news_submit_news'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $submitNewsCommunity . "' WHERE name='news_submit_only_community'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $activateSubmittedNews . "' WHERE name='news_activate_submitted_news'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsMessageProtection']) . "' WHERE name='news_message_protection'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsMessageProtectionRestricted']) . "' WHERE name='news_message_protection_restricted'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $newsCommentsAllow . "' WHERE name='news_comments_activated'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $newsCommentsAllowAnonymous . "' WHERE name='news_comments_anonymous'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $newsCommentsAutoActivate . "' WHERE name='news_comments_autoactivate'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $newsCommentsNotification . "' WHERE name='news_comments_notification'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . (!empty($_POST['newsCommentsTimeout']) ? abs(intval($_POST['newsCommentsTimeout'])) : 30) . "' WHERE name='news_comments_timeout'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsUseTop']) . "' WHERE name='news_use_top'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsUseTeaserText']) . "' WHERE name = 'news_use_teaser_text'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsUseTags']) . "' WHERE name = 'news_use_tags'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['useRelatedNews']) . "' WHERE name = 'use_related_news'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsUseTypes']) . "' WHERE name = 'news_use_types'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . !empty($_POST['newsUseTop']) . "' WHERE name='news_use_top'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . (!empty($_POST['newsTopDays']) ? intval($_POST['newsTopDays']) : 10) . "' WHERE name = 'news_top_days'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . (!empty($_POST['newsTopLimit']) ? intval($_POST['newsTopLimit']) : 10) . "' WHERE name = 'news_top_limit'"); $newsFilterPublisher = isset($_POST['newsFilterPublisher']) ? intval($_POST['newsFilterPublisher']) : 0; $newsFilterAuthor = isset($_POST['newsFilterAuthor']) ? intval($_POST['newsFilterAuthor']) : 0; $assignedPublisherGroups = isset($_POST['newsAssignedPublisherGroups']) && $newsFilterPublisher ? implode(',', contrexx_input2db($_POST['newsAssignedPublisherGroups'])) : 0; $assignedAuthorGroups = isset($_POST['newsAssignedAuthorGroups']) && $newsFilterAuthor ? implode(',', contrexx_input2db($_POST['newsAssignedAuthorGroups'])) : 0; $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $assignedPublisherGroups . "' WHERE name = 'news_assigned_publisher_groups'"); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . $assignedAuthorGroups . "' WHERE name = 'news_assigned_author_groups'"); // save default teasers $defaultTeasers = array(); if (isset($_POST['newsDefaultTeaserSelected'])) { foreach ($_POST['newsDefaultTeaserSelected'] as $key => $value) { if (!empty($value)) { $defaultTeasers[] = intval($key); } } } $objDatabase->Execute("UPDATE " . DBPREFIX . "module_news_settings SET value='" . implode(";", $defaultTeasers) . "' WHERE name='news_default_teasers'"); \Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml'); $newsUseTeasers = isset($_POST['newsUseTeasers']) ? intval($_POST['newsUseTeasers']) : 0; if (!\Cx\Core\Setting\Controller\Setting::isDefined('newsTeasersStatus')) { \Cx\Core\Setting\Controller\Setting::add('newsTeasersStatus', $newsUseTeasers, 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component'); } else { \Cx\Core\Setting\Controller\Setting::set('newsTeasersStatus', $newsUseTeasers); \Cx\Core\Setting\Controller\Setting::update('newsTeasersStatus'); } $this->strOkMessage = $_ARRAYLANG['TXT_NEWS_SETTINGS_SAVED']; $this->getSettings(); $this->createRSS(); } }
/** * Checks if the passed session exists. * * @access private * @param string $session * @return boolean */ private function sessionExists($sessionId) { $objResult = $this->_objDb->Execute('SELECT 1 FROM `' . DBPREFIX . 'sessions` WHERE `sessionid` = "' . contrexx_input2db($sessionId) . '"'); if ($objResult && $objResult->RecordCount() > 0) { return true; } else { return false; } }
function _profile() { global $_ARRAYLANG, $objDatabase; $this->_objTpl->setTemplate($this->pageContent); $showForm = true; $arrStatusMessage = array('ok' => array(), 'error' => array()); $isNewsletterRecipient = false; $isAccessRecipient = false; $recipientId = 0; $recipientEmail = ''; $recipientUri = ''; $recipientSex = ''; $recipientSalutation = 0; $recipientTitle = ''; $recipientPosition = ''; $recipientIndustrySector = ''; $recipientPhoneMobile = ''; $recipientPhonePrivate = ''; $recipientFax = ''; $recipientNotes = ''; $recipientLastname = ''; $recipientFirstname = ''; $recipientCompany = ''; $recipientAddress = ''; $recipientZip = ''; $recipientCity = ''; $recipientCountry = ''; $recipientPhoneOffice = ''; $recipientBirthday = ''; $recipientLanguage = ''; $recipientStatus = 0; $requestedMail = isset($_GET['mail']) ? contrexx_input2raw(urldecode($_GET['mail'])) : (isset($_POST['mail']) ? contrexx_input2raw($_POST['mail']) : ''); $arrAssociatedLists = array(); $arrPreAssociatedInactiveLists = array(); $code = isset($_REQUEST['code']) ? contrexx_addslashes($_REQUEST['code']) : ''; if (!empty($code) && !empty($requestedMail)) { $objRecipient = $objDatabase->SelectLimit("SELECT accessUserID\n FROM " . DBPREFIX . "module_newsletter_access_user AS nu\n INNER JOIN " . DBPREFIX . "access_users AS au ON au.id=nu.accessUserID\n WHERE nu.code='" . $code . "'\n AND email='" . contrexx_raw2db($requestedMail) . "'", 1); if ($objRecipient && $objRecipient->RecordCount() == 1) { $objUser = \FWUser::getFWUserObject()->objUser->getUser($objRecipient->fields['accessUserID']); if ($objUser) { $recipientId = $objUser->getId(); $isAccessRecipient = true; //$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs(); $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs(); } } else { $objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE status=1 AND code='" . $code . "' AND email='" . contrexx_raw2db($requestedMail) . "'", 1); if ($objRecipient && $objRecipient->RecordCount() == 1) { $recipientId = $objRecipient->fields['id']; $isNewsletterRecipient = true; } } } else { if (\FWUser::getFWUserObject()->objUser->login()) { $objUser = \FWUser::getFWUserObject()->objUser; $recipientId = $objUser->getId(); $isAccessRecipient = true; //$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs(); $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs(); } } // Get interface settings $objInterface = $objDatabase->Execute('SELECT `setvalue` FROM `' . DBPREFIX . 'module_newsletter_settings` WHERE `setname` = "recipient_attribute_status"'); $recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true); if (isset($_POST['recipient_save'])) { if (isset($_POST['email'])) { $recipientEmail = $_POST['email']; } if (isset($_POST['website'])) { $recipientUri = $_POST['website']; } if (isset($_POST['sex'])) { $recipientSex = in_array($_POST['sex'], array('f', 'm')) ? $_POST['sex'] : ''; } if (isset($_POST['salutation'])) { // TODO: use FWUSER $arrRecipientTitles = $this->_getRecipientTitles(); $recipientSalutation = in_array($_POST['salutation'], array_keys($arrRecipientTitles)) ? intval($_POST['salutation']) : 0; } if (isset($_POST['title'])) { $recipientTitle = $_POST['title']; } if (isset($_POST['lastname'])) { $recipientLastname = $_POST['lastname']; } if (isset($_POST['firstname'])) { $recipientFirstname = $_POST['firstname']; } if (isset($_POST['position'])) { $recipientPosition = $_POST['position']; } if (isset($_POST['company'])) { $recipientCompany = $_POST['company']; } if (isset($_POST['industry_sector'])) { $recipientIndustrySector = $_POST['industry_sector']; } if (isset($_POST['address'])) { $recipientAddress = $_POST['address']; } if (isset($_POST['zip'])) { $recipientZip = $_POST['zip']; } if (isset($_POST['city'])) { $recipientCity = $_POST['city']; } if (isset($_POST['newsletter_country_id'])) { $recipientCountry = $_POST['newsletter_country_id']; } if (isset($_POST['phone_office'])) { $recipientPhoneOffice = $_POST['phone_office']; } if (isset($_POST['phone_private'])) { $recipientPhonePrivate = $_POST['phone_private']; } if (isset($_POST['phone_mobile'])) { $recipientPhoneMobile = $_POST['phone_mobile']; } if (isset($_POST['fax'])) { $recipientFax = $_POST['fax']; } if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) { $recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']); } if (isset($_POST['language'])) { $recipientLanguage = $_POST['language']; } if (isset($_POST['notes'])) { $recipientNotes = $_POST['notes']; } if (isset($_POST['list'])) { foreach ($_POST['list'] as $listId => $status) { if (intval($status) == 1) { array_push($arrAssociatedLists, intval($listId)); } } } elseif (!$recipientId) { // Signup request where no recipient list had been selected // check if the user didn't select any list or if there is non or just 1 recipient list visible and was therefore not visible for the user to select // only show newsletter-lists that are visible for new users (not yet registered ones) $excludeDisabledLists = 1; $arrLists = self::getLists($excludeDisabledLists); switch (count($arrLists)) { case 0: // no active lists > ok break; case 1: // only 1 list is active, therefore no list was visible for selection -> let's signup the new recipient to this very list $arrAssociatedLists = array_keys($arrLists); break; default: // more than one list is active, therefore the user would have been able to select his preferred lists. // however, the fact that we landed in this case is that the user didn't make any selection at all. // so lets be it like that > the user won't be subscribed to any list break; } } if (!$isAccessRecipient) { // add or update existing newsletter recipient (for access user see ELSE case) $arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false); $arrAssociatedInactiveLists = array_intersect($arrPreAssociatedInactiveLists, $arrAssociatedLists); $objValidator = new \FWValidator(); if ($objValidator->isEmail($recipientEmail)) { // Let's check if a user account with the provided email address is already present // Important: we must check only for active accounts (active => 1), otherwise we'll send a notification e-mail // to a user that won't be able to active himself due to his account's inactive state. // TODO: implement feature $objUser = null; //FWUser::getFWUserObject()->objUser->getUsers(array('email' => $recipientEmail, 'active' => 1)); if (false && $objUser) { // there is already a user account present by the same email address as the one submitted by the user // TODO: send notification e-mail about existing e-mail account // Important: We must output the same status message as if the user has been newly added! // This shall prevent email-address-crawling-bots from detecting existing e-mail accounts. array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']); $showForm = false; } else { if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) { if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId)) { if (!empty($arrAssociatedInactiveLists) || !empty($arrAssociatedLists) && ($objList = $objDatabase->SelectLimit('SELECT id FROM ' . DBPREFIX . 'module_newsletter_category WHERE status=1 AND (id=' . implode(' OR id=', $arrAssociatedLists) . ')', 1)) && $objList->RecordCount() > 0) { if ($recipientId > 0) { if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, 1, $arrAssociatedLists, $recipientLanguage)) { array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']); $showForm = false; } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_UPDATE_YOUR_DATA']); } } else { if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) { if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) { array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']); $showForm = false; } else { $objDatabase->Execute("DELETE tblU, tblR FROM " . DBPREFIX . "module_newsletter_user AS tblU, " . DBPREFIX . "module_newsletter_rel_user_cat AS tblR WHERE tblU.email='" . contrexx_addslashes($recipientEmail) . "' AND tblR.user = tblU.id"); array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']); } } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']); } } } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MUST_SELECT_LIST']); } } elseif (empty($recipientId)) { // We must send a new confirmation e-mail here // otherwise someone could reactivate someone else's e-mail address // It could be that a user who has unsubscribed himself from the newsletter system (recipient = deactivated) would like to subscribe the newsletter again. // Therefore, lets see if we can find a recipient by the specified e-mail address that has been deactivated (status=0) $objRecipient = $objDatabase->SelectLimit("SELECT id, language, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND status=0", 1); if ($objRecipient && !$objRecipient->EOF) { $recipientId = $objRecipient->fields['id']; $recipientLanguage = $objRecipient->fields['language']; // Important: We intentionally do not load existing recipient list associations, due to the fact that the user most likely had // himself been unsubscribed from the newsletter system some time in the past. Therefore the user most likey does not want // to be subscribed to any lists more than to those he just selected $arrAssociatedLists = array_unique($arrAssociatedLists); $this->_setRecipientLists($recipientId, $arrAssociatedLists); // Important: We do not update the recipient's profile data here by the reason that we can't verify the recipient's identity at this point! if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) { // Important: We must output the same status message as if the user has been newly added! // This shall prevent email-address-crawling-bots from detecting existing e-mail accounts. array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']); $showForm = false; } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']); array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']); } } } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBER_ALREADY_INSERTED']); } } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']); } } } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NOT_VALID_EMAIL']); } } else { // update subscribed lists of access user $arrAssociatedLists = array_unique($arrAssociatedLists); $objUser->setSubscribedNewsletterListIDs($arrAssociatedLists); if ($objUser->store()) { array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']); $showForm = false; } else { $arrStatusMessage['error'] = array_merge($arrStatusMessage['error'], $objUser->getErrorMsg()); } } } elseif ($isNewsletterRecipient) { $objRecipient = $objDatabase->SelectLimit("SELECT uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1); if ($objRecipient !== false && $objRecipient->RecordCount() == 1) { $recipientEmail = urldecode($_REQUEST['mail']); $recipientUri = $objRecipient->fields['uri']; $recipientSex = $objRecipient->fields['sex']; $recipientSalutation = $objRecipient->fields['salutation']; $recipientTitle = $objRecipient->fields['title']; $recipientLastname = $objRecipient->fields['lastname']; $recipientFirstname = $objRecipient->fields['firstname']; $recipientPosition = $objRecipient->fields['position']; $recipientCompany = $objRecipient->fields['company']; $recipientIndustrySector = $objRecipient->fields['industry_sector']; $recipientAddress = $objRecipient->fields['address']; $recipientZip = $objRecipient->fields['zip']; $recipientCity = $objRecipient->fields['city']; $recipientCountry = $objRecipient->fields['country_id']; $recipientPhoneOffice = $objRecipient->fields['phone_office']; $recipientPhonePrivate = $objRecipient->fields['phone_private']; $recipientPhoneMobile = $objRecipient->fields['phone_mobile']; $recipientFax = $objRecipient->fields['fax']; $recipientBirthday = $objRecipient->fields['birthday']; $recipientLanguage = $objRecipient->fields['language']; $recipientNotes = $objRecipient->fields['notes']; $arrAssociatedLists = $this->_getAssociatedListsOfRecipient($recipientId, false); $arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false); } else { array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_AUTHENTICATION_FAILED']); $showForm = false; } } elseif ($isAccessRecipient) { $objUser = \FWUser::getFWUserObject()->objUser->getUser($recipientId); if ($objUser) { $arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs(); $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs(); } } $this->_createDatesDropdown($recipientBirthday); if (count($arrStatusMessage['ok']) > 0) { $this->_objTpl->setVariable('NEWSLETTER_OK_MESSAGE', implode('<br />', $arrStatusMessage['ok'])); $this->_objTpl->parse('newsletter_ok_message'); } else { $this->_objTpl->hideBlock('newsletter_ok_message'); } if (count($arrStatusMessage['error']) > 0) { $this->_objTpl->setVariable('NEWSLETTER_ERROR_MESSAGE', implode('<br />', $arrStatusMessage['error'])); $this->_objTpl->parse('newsletter_error_message'); } else { $this->_objTpl->hideBlock('newsletter_error_message'); } $languages = '<select name="language" class="selectLanguage" id="language" >'; $objLanguage = $objDatabase->Execute("SELECT id, name FROM " . DBPREFIX . "languages WHERE frontend = 1 ORDER BY name"); $languages .= '<option value="0">' . $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE_PLEASE_CHOSE'] . '</option>'; while (!$objLanguage->EOF) { $selected = $objLanguage->fields['id'] == $recipientLanguage ? 'selected' : ''; $languages .= '<option value="' . $objLanguage->fields['id'] . '" ' . $selected . '>' . contrexx_raw2xhtml($objLanguage->fields['name']) . '</option>'; $objLanguage->MoveNext(); } $languages .= '</select>'; if ($showForm) { if ($isAccessRecipient) { if ($this->_objTpl->blockExists('recipient_profile')) { $this->_objTpl->hideBlock('recipient_profile'); } } else { //display settings recipient profile detials $recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website'); foreach ($recipientAttributesArray as $attribute) { if ($this->_objTpl->blockExists($attribute)) { if ($recipientAttributeStatus[$attribute]['active']) { $this->_objTpl->touchBlock($attribute); $this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : '')); } else { $this->_objTpl->hideBlock($attribute); } } } $this->_objTpl->setVariable(array('NEWSLETTER_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_WEBSITE' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_SEX_F' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_SEX_M' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="salutation" size="1"'), 'NEWSLETTER_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LANGUAGE' => $languages)); $this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR'])); if ($this->_objTpl->blockExists('recipient_profile')) { $this->_objTpl->parse('recipient_profile'); } } // only show newsletter-lists that are visible for new users (not yet registered ones) $excludeDisabledLists = $recipientId == 0; $arrLists = self::getLists($excludeDisabledLists); if ($this->_objTpl->blockExists('newsletter_lists')) { switch (count($arrLists)) { case 0: // no lists are active, therefore we shall not try to parse any non existing list // no lists are active, therefore we shall not try to parse any non existing list case 1: // only one list is active, therefore we will not parse any list and will automatically subscribe the user to this very list if (!$isAccessRecipient) { $this->_objTpl->hideBlock('newsletter_lists'); break; } default: foreach ($arrLists as $listId => $arrList) { if ($arrList['status'] || in_array($listId, $arrPreAssociatedInactiveLists)) { $this->_objTpl->setVariable(array('NEWSLETTER_LIST_ID' => $listId, 'NEWSLETTER_LIST_NAME' => contrexx_raw2xhtml($arrList['name']), 'NEWSLETTER_LIST_SELECTED' => in_array($listId, $arrAssociatedLists) ? 'checked="checked"' : '')); $this->_objTpl->parse('newsletter_list'); } } $this->_objTpl->setVariable(array('TXT_NEWSLETTER_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_LISTS'])); $this->_objTpl->parse('newsletter_lists'); break; } } $this->_objTpl->setVariable(array('NEWSLETTER_PROFILE_MAIL' => contrexx_raw2xhtml($requestedMail), 'NEWSLETTER_USER_CODE' => $code, 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'])); $this->_objTpl->parse('newsletterForm'); } else { $this->_objTpl->hideBlock('newsletterForm'); } }
/** * Save the block content * * @param array $params all given params from http request * @throws NoPermissionException * @throws NotEnoughArgumentsException * @throws BlockCouldNotBeSavedException * @return boolean true if everything finished with success */ public function saveBlockContent($params) { global $_CORELANG, $objDatabase; // security check if (!\FWUser::getFWUserObject()->objUser->login() || !\Permission::checkAccess(76, 'static', true)) { throw new NoPermissionException($_CORELANG['TXT_ACCESS_DENIED_DESCRIPTION']); } // check arguments if (empty($params['get']['block']) || empty($params['get']['lang'])) { throw new NotEnoughArgumentsException('not enough arguments'); } // get language and block id $id = intval($params['get']['block']); $lang = \FWLanguage::getLanguageIdByCode($params['get']['lang']); if (!$lang) { $lang = FRONTEND_LANG_ID; } $content = $params['post']['content']; // query to update content in database $query = "UPDATE `" . DBPREFIX . "module_block_rel_lang_content`\n SET content = '" . \contrexx_input2db($content) . "'\n WHERE\n block_id = " . $id . " AND lang_id = " . $lang; $result = $objDatabase->Execute($query); // error handling if ($result === false) { throw new BlockCouldNotBeSavedException('block could not be saved'); } \LinkGenerator::parseTemplate($content); $ls = new \LinkSanitizer(ASCMS_PATH_OFFSET . \Env::get('virtualLanguageDirectory') . '/', $content); $this->messages[] = $_CORELANG['TXT_CORE_SAVED_BLOCK']; return array('content' => $ls->replace()); }
/** * Remove the session key and sub keys by given offset and parent id * Callable from RecursiveArrayAccess class on offsetUnset * * @param string $offset session key name * @param integer $parentId parent id of the given session offset */ public static function removeFromSession($offset, $parentId) { $query = "SELECT \n `id`\n FROM \n `" . DBPREFIX . "session_variable` \n WHERE \n `sessionid` = '{$_SESSION->sessionid}' \n AND \n `parent_id` = '" . intval($parentId) . "'\n AND \n `key` = '" . contrexx_input2db($offset) . "'"; $objResult = \Env::get('db')->Execute($query); if ($objResult && $objResult->RecordCount() > 0) { while (!$objResult->EOF) { self::removeKeyFromDb($objResult->fields['id']); $objResult->MoveNext(); } } }
/** * Insert new locales after submit news from frontend * One copy for all languages * @global ADONewConnection * @param Integer $newsId * @param String $title * @param String $text * @param String $teaser_text * @return Boolean */ function submitLocales($newsId, $title, $text, $teaser_text) { global $objDatabase; if (empty($newsId)) { return false; } $status = true; $objResult = $objDatabase->Execute("SELECT id FROM " . DBPREFIX . "languages"); if ($objResult !== false) { while (!$objResult->EOF) { if ($objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_news_locale (`lang_id`, `news_id`, `title`, `text`, `teaser_text`)\n VALUES (" . intval($objResult->fields['id']) . ", " . intval($newsId) . ", '" . contrexx_input2db($title) . "', '" . $this->filterBodyTag(contrexx_input2db($text)) . "', '" . contrexx_input2db($teaser_text) . "')")) { $status = false; } $objResult->MoveNext(); } } return $status; }
/** * settings general * * @global <type> $objDatabase * @global <type> $_ARRAYLANG * @return true */ public function showGeneralSettings() { global $objDatabase, $_ARRAYLANG, $_CORELANG; $this->_objTpl->addBlockfile('CRM_SETTINGS_FILE', 'settings_block', 'module_' . $this->moduleNameLC . '_settings_general.html'); $this->_pageTitle = $_ARRAYLANG['TXT_CRM_SETTINGS']; $objTpl = $this->_objTpl; $objTpl->hideBlock('insufficient-warning'); if (isset($_POST['save'])) { $settings = array('allow_pm' => !$this->isPmInstalled ? 0 : (isset($_POST['allowPm']) ? 1 : 0), 'create_user_account' => isset($_POST['create_user_account']) ? 1 : 0, 'customer_default_language_backend' => isset($_POST['default_language_backend']) ? (int) $_POST['default_language_backend'] : 0, 'customer_default_language_frontend' => isset($_POST['default_language_frontend']) ? (int) $_POST['default_language_frontend'] : 0, 'default_user_group' => isset($_POST['default_user_group']) ? (int) $_POST['default_user_group'] : 0, 'user_account_mantatory' => isset($_POST['user_account_mantatory']) ? 1 : 0, 'emp_default_user_group' => isset($_POST['emp_default_user_group']) ? (int) $_POST['emp_default_user_group'] : 0, 'default_country_value' => isset($_POST['default_country_value']) ? (int) $_POST['default_country_value'] : 0, 'user_profile_attribute_industry_type' => isset($_POST['user_profile_attribute_industry_type']) ? $_POST['user_profile_attribute_industry_type'] : 0, 'user_profile_attribute_company_size' => isset($_POST['user_profile_attribute_company_size']) ? $_POST['user_profile_attribute_company_size'] : 0, 'user_profile_attribute_customer_type' => isset($_POST['user_profile_attribute_customer_type']) ? $_POST['user_profile_attribute_customer_type'] : 0); \Cx\Core\Setting\Controller\Setting::init('Crm', 'config'); // save industry_typ and company_size user profil attribut id \Cx\Core\Setting\Controller\Setting::set('user_profile_attribute_industry_type', $settings['user_profile_attribute_industry_type']); \Cx\Core\Setting\Controller\Setting::set('user_profile_attribute_company_size', $settings['user_profile_attribute_company_size']); \Cx\Core\Setting\Controller\Setting::set('user_profile_attribute_customer_type', $settings['user_profile_attribute_customer_type']); \Cx\Core\Setting\Controller\Setting::updateAll(); foreach ($settings as $settings_var => $settings_val) { $updateAllowPm = 'UPDATE ' . DBPREFIX . 'module_' . $this->moduleNameLC . '_settings SET `setvalue` = "' . contrexx_input2db($settings_val) . '" WHERE setname = "' . $settings_var . '"'; $objDatabase->Execute($updateAllowPm); } $_SESSION['strOkMessage'] = $_ARRAYLANG['TXT_CRM_CHANGES_UPDATED_SUCCESSFULLY']; } $settings = $this->getSettings(); if (isset($settings['emp_default_user_group']) && !empty($settings['emp_default_user_group'])) { $groupId = array(); $groupValidation = $objDatabase->Execute("SELECT group_id FROM " . DBPREFIX . "access_group_static_ids WHERE access_id = {$this->customerAccessId}"); if ($groupValidation && $groupValidation->RecordCount() > 0) { while (!$groupValidation->EOF) { array_push($groupId, (int) $groupValidation->fields['group_id']); $groupValidation->MoveNext(); } } if (!in_array($settings['emp_default_user_group'], $groupId)) { $objTpl->setVariable('CRM_INSUFFICIENT_WARNING', $_ARRAYLANG['TXT_CRM_SETTINGS_EMPLOYEE_ACCESS_ERROR']); $objTpl->touchBlock('insufficient-warning'); } } if ($settings['create_user_account'] == 1) { $this->createProfilAttributes(); } $objLanguages = $objDatabase->Execute("SELECT `id`, `name`, `frontend`, `backend` FROM " . DBPREFIX . "languages WHERE frontend = 1 OR backend =1"); if ($objLanguages) { $objTpl->setVariable(array('CRM_LANG_NAME' => $_ARRAYLANG['TXT_CRM_STANDARD'], 'CRM_LANG_VALUE' => 0, 'CRM_LANG_SELECTED' => $settings['customer_default_language_frontend'] == 0 ? "selected='selected'" : '')); $objTpl->parse("langFrontend"); $objTpl->setVariable(array('CRM_LANG_NAME' => $_ARRAYLANG['TXT_CRM_STANDARD'], 'CRM_LANG_VALUE' => 0, 'CRM_LANG_SELECTED' => $settings['customer_default_language_backend'] == 0 ? "selected='selected'" : '')); $objTpl->parse("langBackend"); while (!$objLanguages->EOF) { if ($objLanguages->fields['frontend']) { $objTpl->setVariable(array('CRM_LANG_NAME' => contrexx_raw2xhtml($objLanguages->fields['name']), 'CRM_LANG_VALUE' => (int) $objLanguages->fields['id'], 'CRM_LANG_SELECTED' => $settings['customer_default_language_frontend'] == $objLanguages->fields['id'] ? "selected='selected'" : '')); $objTpl->parse("langFrontend"); } if ($objLanguages->fields['backend']) { $objTpl->setVariable(array('CRM_LANG_NAME' => contrexx_raw2xhtml($objLanguages->fields['name']), 'CRM_LANG_VALUE' => (int) $objLanguages->fields['id'], 'CRM_LANG_SELECTED' => $settings['customer_default_language_backend'] == $objLanguages->fields['id'] ? "selected='selected'" : '')); $objTpl->parse("langBackend"); } $objLanguages->MoveNext(); } } $objFWUser = \FWUser::getFWUserObject(); $objGroupIds = $objFWUser->objGroup->getGroups($filter = array('is_active' => true)); if ($objGroupIds) { while (!$objGroupIds->EOF) { $objTpl->setVariable(array('CRM_GROUP_NAME' => contrexx_raw2xhtml($objGroupIds->getName()), 'CRM_GROUP_VALUE' => (int) $objGroupIds->getId(), 'CRM_USER_GROUP_SELECTED' => $settings['default_user_group'] == $objGroupIds->getId() ? "selected='selected'" : '')); $objTpl->parse("userGroup"); $objGroupIds->next(); } } //show backend groups $objBackendGroupIds = $objFWUser->objGroup->getGroups($filter = array('is_active' => true, 'type' => 'backend')); if ($objBackendGroupIds) { while (!$objBackendGroupIds->EOF) { $objTpl->setVariable(array('CRM_GROUP_NAME' => contrexx_raw2xhtml($objBackendGroupIds->getName()), 'CRM_GROUP_VALUE' => (int) $objBackendGroupIds->getId(), 'CRM_USER_GROUP_SELECTED' => $settings['emp_default_user_group'] == $objBackendGroupIds->getId() ? "selected='selected'" : '')); $objTpl->parse("empUserGroup"); $objBackendGroupIds->next(); } } $countries = $this->getCountry(); foreach ($countries as $key => $value) { if ($settings['default_country_value'] == $value['id']) { $selected = "selected='selected'"; } else { $selected = ''; } $objTpl->setVariable(array('CRM_DEFAULT_COUNTRY_ID' => (int) $value['id'], 'CRM_DEFAULT_COUNTRY_NAME' => contrexx_raw2xhtml($value['name']), 'CRM_DEFAULT_COUNTRY_SELECTED' => $selected)); $objTpl->parse("default_country"); } $objTpl->setVariable(array('CRM_ALLOW_PM' => $settings['allow_pm'] ? "checked='checked'" : '', 'CRM_CREATE_ACCOUNT_USER' => $settings['create_user_account'] ? "checked='checked'" : '', 'CRM_ACCOUNT_MANTATORY' => $settings['user_account_mantatory'] ? "checked='checked'" : '')); $objTpl->setVariable(array('TXT_CRM_ALLOW_PM' => $_ARRAYLANG["TXT_CRM_ALLOW_PM"], 'TXT_CRM_DEFAULT_COUNTRY' => $_ARRAYLANG["TXT_CRM_DEFAULT_COUNTRY"], 'TXT_CRM_SELECT_COUNTRY' => $_ARRAYLANG["TXT_CRM_SELECT_COUNTRY"], 'TXT_CRM_CUSTOMERS' => $_ARRAYLANG['TXT_CRM_CUSTOMERS'], 'TXT_CRM_LANGUAGE' => $_ARRAYLANG['TXT_CRM_TITLE_LANGUAGE'], 'TXT_CRM_BACKEND' => $_ARRAYLANG['TXT_CRM_BACKEND'], 'TXT_CRM_FRONTEND' => $_ARRAYLANG['TXT_CRM_FRONTEND'], 'TXT_CRM_ALLOW_PM_EXPLANATION' => $_ARRAYLANG["TXT_CRM_ALLOW_PM_EXPLANATION"], 'TXT_CRM_SAVE' => $_ARRAYLANG['TXT_CRM_SAVE'], 'TXT_CRM_DEFAULT_LANGUAGE' => $_ARRAYLANG['TXT_CRM_DEFAULT_LANGUAGE'], 'TXT_CRM_DEFAULT_USER_GROUP' => $_ARRAYLANG['TXT_CRM_DEFAULT_USER_GROUP'], 'TXT_CRM_CREATE_ACCOUNT_USER' => $_ARRAYLANG['TXT_CRM_CREATE_ACCOUNT_USER'], 'TXT_CRM_CREATE_ACCOUNT_USER_TIP' => $_ARRAYLANG['TXT_CRM_CREATE_ACCOUNT_USER_TIP'], 'TXT_CRM_PROFILE_ATTRIBUT_INDUSTRY_TYPE' => $_ARRAYLANG['TXT_CRM_PROFILE_ATTRIBUT_INDUSTRY_TYPE'], 'TXT_CRM_PROFILE_ATTRIBUT_COMPANY_SIZE' => $_ARRAYLANG['TXT_CRM_PROFILE_ATTRIBUT_COMPANY_SIZE'], 'TXT_CRM_PROFILE_ATTRIBUT_CUSTOMER_TYPE' => $_ARRAYLANG['TXT_CRM_PROFILE_ATTRIBUT_CUSTOMER_TYPE'], 'MODULE_NAME' => $this->moduleName, 'TXT_CRM_NOTES' => $_ARRAYLANG['TXT_CRM_NOTES'], 'TXT_CRM_GENERAL' => $_ARRAYLANG['TXT_CRM_GENERAL'], 'TXT_CRM_CURRENCY' => $_ARRAYLANG['TXT_CRM_CURRENCY'], 'TXT_CRM_CUSTOMER_TYPES' => $_ARRAYLANG['TXT_CRM_CUSTOMER_TYPES'], 'TXT_CRM_EMPLOYEE' => $_ARRAYLANG['TXT_CRM_SETTINGS_EMPLOYEE'], 'TXT_CRM_EMP_DEFAULT_USER_GROUP' => $_ARRAYLANG['TXT_CRM_EMP_DEFAULT_USER_GROUP'], 'TXT_CRM_SETTINGS_EMP_TOOLTIP' => $_ARRAYLANG['TXT_CRM_SETTINGS_EMPLOYEE_TOOLTIP'], 'TXT_CRM_ACCOUNT_ARE_MANTATORY' => $_ARRAYLANG['TXT_CRM_ACCOUNT_ARE_MANTATORY'], 'CRM_PROFILE_ATTRIBUT_INDUSTRY_TYPE_DROPDOWN' => \Html::getSelect('user_profile_attribute_industry_type', \User_Profile_Attribute::getCustomAttributeNameArray(), \Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_industry_type', 'Crm'), '', '', 'tabindex="0" style="width: 270px;"'), 'CRM_PROFILE_ATTRIBUT_COMPANY_SIZE_DROPDOWN' => \Html::getSelect('user_profile_attribute_company_size', \User_Profile_Attribute::getCustomAttributeNameArray(), \Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_company_size', 'Crm'), '', '', 'tabindex="0" style="width: 270px;"'), 'CRM_PROFILE_ATTRIBUT_CUSTOMER_TYPE_DROPDOWN' => \Html::getSelect('user_profile_attribute_customer_type', \User_Profile_Attribute::getCustomAttributeNameArray(), \Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_customer_type', 'Crm'), '', '', 'tabindex="0" style="width: 270px;"'))); if (!$this->isPmInstalled) { $objTpl->hideBlock('allowPmModule'); } }
/** * Check if the current user has already written a comment within * the definied timeout-time set by news_comments_timeout. * * @param integer News message-ID * @global object * @return boolean TRUE, if the user hast just written a comment before. */ private function checkForCommentFlooding($newsMessageId) { global $objDatabase; //Check cookie first if (!empty($_SESSION['news']['comments'][$newsMessageId])) { $intLastCommentTime = intval($_SESSION['news']['comments'][$newsMessageId]); if (time() < $intLastCommentTime + intval($this->arrSettings['news_comments_timeout'])) { //The current system-time is smaller than the time in the session plus timeout-time, so the user just submitted a comment return true; } } //Now check database (make sure the user didn't delete the cookie $objResult = $objDatabase->SelectLimit("SELECT 1 FROM `" . DBPREFIX . "module_news_comments`\n WHERE `ip_address` = '" . contrexx_input2db($_SERVER['REMOTE_ADDR']) . "'\n AND `date` > " . (time() - intval($this->arrSettings['news_comments_timeout']))); if ($objResult && !$objResult->EOF) { return true; } //Nothing found, i guess the user didn't comment within the timeout-period. return false; }
/** * Add a new form * * @author Cloudrexx AG <*****@*****.**> * @author Stefan Heinemann <*****@*****.**> * @param string $emails * @param bool $showForm * @param bool $useCaptcha * @param bool $useCustomStyle * @param bool $sendCopy */ function addForm($emails, $showForm, $useCaptcha, $useCustomStyle, $sendCopy, $useEmailOfSender, $sendHtmlMail, $sendAttachment, $saveDataInCrm, $crmCustomerGroups) { global $objDatabase, $_FRONTEND_LANGID; $entity = $this->getFormEntity(0, $emails, $showForm, $useCaptcha, $useCustomStyle, $sendCopy, $useEmailOfSender, $sendHtmlMail, $sendAttachment, $saveDataInCrm, $crmCustomerGroups); \Env::get('cx')->getEvents()->triggerEvent('model/prePersist', array(new \Doctrine\ORM\Event\LifecycleEventArgs($entity, \Env::get('em')))); $query = "\n INSERT INTO\n " . DBPREFIX . "module_contact_form\n (\n `mails`,\n `showForm`,\n `use_captcha`,\n `use_custom_style`,\n `send_copy`,\n `use_email_of_sender`,\n `html_mail`,\n `send_attachment`,\n `save_data_in_crm`,\n `crm_customer_groups`\n )\n VALUES\n (\n '" . addslashes($emails) . "',\n " . $showForm . ",\n " . $useCaptcha . ",\n " . $useCustomStyle . ",\n " . $sendCopy . ",\n " . $useEmailOfSender . ",\n " . $sendHtmlMail . ",\n " . $sendAttachment . ",\n " . $saveDataInCrm . ",\n \"" . contrexx_input2db(serialize($crmCustomerGroups)) . "\"\n )"; if ($objDatabase->Execute($query) !== false) { $formId = $objDatabase->Insert_ID(); \Env::get('cx')->getEvents()->triggerEvent('model/postPersist', array(new \Doctrine\ORM\Event\LifecycleEventArgs($entity, \Env::get('em')))); /* foreach ($arrFields as $fieldId => $arrField) { $this->_addFormField($formId, $arrField['name'], $arrField['type'], $arrField['attributes'], $arrField['order_id'], $arrField['is_required'], $arrField['check_type']); } */ } $_REQUEST['formId'] = $formId; $this->initContactForms(); return $formId; }
/** * Save the event to the database * * @param array $data * * @return boolean true if saved successfully, false otherwise */ function save($data) { global $objDatabase, $_LANGID, $_CONFIG, $objInit; parent::getSettings(); if (empty($data['startDate']) || empty($data['endDate']) || empty($data['category']) || $data['seriesStatus'] == 1 && $data['seriesType'] == 2 && empty($data['seriesWeeklyDays'])) { return false; } foreach ($_POST['showIn'] as $key => $langId) { if (empty($_POST['title'][$langId]) && empty($_POST['title'][$_LANGID])) { return false; } } list($startDate, $strStartTime) = explode(' ', $data['startDate']); list($startHour, $startMin) = explode(':', $strStartTime); list($endDate, $strEndTime) = explode(' ', $data['endDate']); list($endHour, $endMin) = explode(':', $strEndTime); if ($data['all_day']) { list($startHour, $startMin) = array(0, 0); list($endHour, $endMin) = array(23, 59); } //event data $id = isset($data['copy']) && !empty($data['copy']) ? 0 : (isset($data['id']) ? intval($data['id']) : 0); $type = isset($data['type']) ? intval($data['type']) : 0; $startDate = date("Y-m-d H:i:s", parent::getDateTimestamp($startDate, intval($startHour), intval($startMin))); $endDate = date("Y-m-d H:i:s", parent::getDateTimestamp($endDate, intval($endHour), intval($endMin))); $google = isset($data['map'][$_LANGID]) ? intval($data['map'][$_LANGID]) : 0; $allDay = isset($data['all_day']) ? 1 : 0; $convertBBCode = $objInit->mode == 'frontend' && empty($id); $useCustomDateDisplay = isset($data['showDateSettings']) ? 1 : 0; $showStartDateList = isset($data['showStartDateList']) ? $data['showStartDateList'] : 0; $showEndDateList = isset($data['showEndDateList']) ? $data['showEndDateList'] : 0; if ($objInit->mode == 'backend') { // reset time values if "no time" is selected if ($data['showTimeTypeList'] == 0) { $showStartTimeList = 0; $showEndTimeList = 0; } else { $showStartTimeList = isset($data['showStartTimeList']) ? $data['showStartTimeList'] : ''; $showEndTimeList = isset($data['showEndTimeList']) ? $data['showEndTimeList'] : ''; } $showTimeTypeList = isset($data['showTimeTypeList']) ? $data['showTimeTypeList'] : ''; $showStartDateDetail = isset($data['showStartDateDetail']) ? $data['showStartDateDetail'] : ''; $showEndDateDetail = isset($data['showEndDateDetail']) ? $data['showEndDateDetail'] : ''; // reset time values if "no time" is selected if ($data['showTimeTypeDetail'] == 0) { $showStartTimeDetail = 0; $showEndTimeDetail = 0; } else { $showStartTimeDetail = isset($data['showStartTimeDetail']) ? $data['showStartTimeDetail'] : ''; $showEndTimeDetail = isset($data['showEndTimeDetail']) ? $data['showEndTimeDetail'] : ''; } $showTimeTypeDetail = isset($data['showTimeTypeDetail']) ? $data['showTimeTypeDetail'] : ''; } else { $showStartDateList = $this->arrSettings['showStartDateList'] == 1 ? 1 : 0; $showEndDateList = $this->arrSettings['showEndDateList'] == 1 ? 1 : 0; $showStartTimeList = $this->arrSettings['showStartTimeList'] == 1 ? 1 : 0; $showEndTimeList = $this->arrSettings['showEndTimeList'] == 1 ? 1 : 0; // reset time values if "no time" is selected if ($showStartTimeList == 1 || $showEndTimeList == 1) { $showTimeTypeList = 1; } else { $showStartTimeList = 0; $showEndTimeList = 0; $showTimeTypeList = 0; } $showStartDateDetail = $this->arrSettings['showStartDateDetail'] == 1 ? 1 : 0; $showEndDateDetail = $this->arrSettings['showEndDateDetail'] == 1 ? 1 : 0; $showStartTimeDetail = $this->arrSettings['showStartTimeDetail'] == 1 ? 1 : 0; $showEndTimeDetail = $this->arrSettings['showEndTimeDetail'] == 1 ? 1 : 0; // reset time values if "no time" is selected if ($showStartTimeDetail == 1 || $showEndTimeDetail == 1) { $showTimeTypeDetail = 1; } else { $showStartTimeDetail = 0; $showEndTimeDetail = 0; $showTimeTypeDetail = 0; } } $access = isset($data['access']) ? intval($data['access']) : 0; $priority = isset($data['priority']) ? intval($data['priority']) : 0; $placeMediadir = isset($data['placeMediadir']) ? intval($data['placeMediadir']) : 0; $hostMediadir = isset($data['hostMediadir']) ? intval($data['hostMediadir']) : 0; $price = isset($data['price']) ? contrexx_addslashes(contrexx_strip_tags($data['price'])) : 0; $link = isset($data['link']) ? contrexx_addslashes(contrexx_strip_tags($data['link'])) : ''; $pic = isset($data['picture']) ? contrexx_addslashes(contrexx_strip_tags($data['picture'])) : ''; $attach = isset($data['attachment']) ? contrexx_addslashes(contrexx_strip_tags($data['attachment'])) : ''; $catId = isset($data['category']) ? intval($data['category']) : ''; $showIn = isset($data['showIn']) ? contrexx_addslashes(contrexx_strip_tags(join(",", $data['showIn']))) : ''; $invited_groups = isset($data['selectedGroups']) ? join(',', $data['selectedGroups']) : ''; $invited_mails = isset($data['invitedMails']) ? contrexx_addslashes(contrexx_strip_tags($data['invitedMails'])) : ''; $send_invitation = isset($data['sendInvitation']) ? intval($data['sendInvitation']) : 0; $invitationTemplate = isset($data['invitationEmailTemplate']) ? contrexx_input2db($data['invitationEmailTemplate']) : 0; $registration = isset($data['registration']) ? intval($data['registration']) : 0; $registration_form = isset($data['registrationForm']) ? intval($data['registrationForm']) : 0; $registration_num = isset($data['numSubscriber']) ? intval($data['numSubscriber']) : 0; $registration_notification = isset($data['notificationTo']) ? contrexx_addslashes(contrexx_strip_tags($data['notificationTo'])) : ''; $email_template = isset($data['emailTemplate']) ? contrexx_input2db($data['emailTemplate']) : 0; $ticket_sales = isset($data['ticketSales']) ? intval($data['ticketSales']) : 0; $num_seating = isset($data['numSeating']) ? json_encode(explode(',', $data['numSeating'])) : ''; $related_hosts = isset($data['selectedHosts']) ? $data['selectedHosts'] : ''; $locationType = isset($data['eventLocationType']) ? (int) $data['eventLocationType'] : $this->arrSettings['placeData']; $hostType = isset($data['eventHostType']) ? (int) $data['eventHostType'] : $this->arrSettings['placeDataHost']; $place = isset($data['place']) ? contrexx_input2db(contrexx_strip_tags($data['place'])) : ''; $street = isset($data['street']) ? contrexx_input2db(contrexx_strip_tags($data['street'])) : ''; $zip = isset($data['zip']) ? contrexx_input2db(contrexx_strip_tags($data['zip'])) : ''; $city = isset($data['city']) ? contrexx_input2db(contrexx_strip_tags($data['city'])) : ''; $country = isset($data['country']) ? contrexx_input2db(contrexx_strip_tags($data['country'])) : ''; $placeLink = isset($data['placeLink']) ? contrexx_input2db($data['placeLink']) : ''; $placeMap = isset($data['placeMap']) ? contrexx_input2db($data['placeMap']) : ''; $update_invitation_sent = $send_invitation == 1; if (!empty($placeLink)) { if (!preg_match('%^(?:ftp|http|https):\\/\\/%', $placeLink)) { $placeLink = "http://" . $placeLink; } } if ($objInit->mode == 'frontend') { $unique_id = intval($_REQUEST[self::MAP_FIELD_KEY]); if (!empty($unique_id)) { $picture = $this->_handleUpload('mapUpload', $unique_id); if (!empty($picture)) { $placeMap = $picture; } } } $orgName = isset($data['organizerName']) ? contrexx_input2db($data['organizerName']) : ''; $orgStreet = isset($data['organizerStreet']) ? contrexx_input2db($data['organizerStreet']) : ''; $orgZip = isset($data['organizerZip']) ? contrexx_input2db($data['organizerZip']) : ''; $orgCity = isset($data['organizerCity']) ? contrexx_input2db($data['organizerCity']) : ''; $orgCountry = isset($data['organizerCountry']) ? contrexx_input2db($data['organizerCountry']) : ''; $orgLink = isset($data['organizerLink']) ? contrexx_input2db($data['organizerLink']) : ''; $orgEmail = isset($data['organizerEmail']) ? contrexx_input2db($data['organizerEmail']) : ''; if (!empty($orgLink)) { if (!preg_match('%^(?:ftp|http|https):\\/\\/%', $orgLink)) { $orgLink = "http://" . $orgLink; } } // create thumb if not exists if (!file_exists(\Env::get('cx')->getWebsitePath() . "{$placeMap}.thumb")) { $objImage = new \ImageManager(); $objImage->_createThumb(dirname(\Env::get('cx')->getWebsitePath() . "{$placeMap}") . "/", '', basename($placeMap), 180); } //frontend picture upload & thumbnail creation if ($objInit->mode == 'frontend') { $unique_id = intval($_REQUEST[self::PICTURE_FIELD_KEY]); $attachmentUniqueId = intval($_REQUEST[self::ATTACHMENT_FIELD_KEY]); if (!empty($unique_id)) { $picture = $this->_handleUpload('pictureUpload', $unique_id); if (!empty($picture)) { //delete thumb if (file_exists("{$this->uploadImgPath}{$pic}.thumb")) { \Cx\Lib\FileSystem\FileSystem::delete_file($this->uploadImgPath . "/.{$pic}.thumb"); } //delete image if (file_exists("{$this->uploadImgPath}{$pic}")) { \Cx\Lib\FileSystem\FileSystem::delete_file($this->uploadImgPath . "/.{$pic}"); } $pic = $picture; } } if (!empty($attachmentUniqueId)) { $attachment = $this->_handleUpload('attachmentUpload', $attachmentUniqueId); if ($attachment) { //delete file if (file_exists("{$this->uploadImgPath}{$attach}")) { \Cx\Lib\FileSystem\FileSystem::delete_file($this->uploadImgPath . "/.{$attach}"); } $attach = $attachment; } } } else { // create thumb if not exists if (!file_exists(\Env::get('cx')->getWebsitePath() . "{$pic}.thumb")) { $objImage = new \ImageManager(); $objImage->_createThumb(dirname(\Env::get('cx')->getWebsitePath() . "{$pic}") . "/", '', basename($pic), 180); } } $seriesStatus = isset($data['seriesStatus']) ? intval($data['seriesStatus']) : 0; //series pattern $seriesStatus = isset($data['seriesStatus']) ? intval($data['seriesStatus']) : 0; $seriesType = isset($data['seriesType']) ? intval($data['seriesType']) : 0; $seriesPatternCount = 0; $seriesPatternWeekday = 0; $seriesPatternDay = 0; $seriesPatternWeek = 0; $seriesPatternMonth = 0; $seriesPatternType = 0; $seriesPatternDouranceType = 0; $seriesPatternEnd = 0; $seriesExeptions = ''; $seriesPatternEndDate = 0; if ($seriesStatus == 1) { if (!empty($data['seriesExeptions'])) { $exeptions = array(); foreach ($data['seriesExeptions'] as $key => $exeptionDate) { $exeptions[] = date("Y-m-d", parent::getDateTimestamp($exeptionDate, 23, 59)); } sort($exeptions); $seriesExeptions = join(",", $exeptions); } switch ($seriesType) { case 1: if ($seriesStatus == 1) { $seriesPatternType = isset($data['seriesDaily']) ? intval($data['seriesDaily']) : 0; if ($seriesPatternType == 1) { $seriesPatternWeekday = 0; $seriesPatternDay = isset($data['seriesDailyDays']) ? intval($data['seriesDailyDays']) : 0; } else { $seriesPatternWeekday = "1111100"; $seriesPatternDay = 0; } $seriesPatternWeek = 0; $seriesPatternMonth = 0; $seriesPatternCount = 0; } break; case 2: if ($seriesStatus == 1) { $seriesPatternWeek = isset($data['seriesWeeklyWeeks']) ? intval($data['seriesWeeklyWeeks']) : 0; for ($i = 1; $i <= 7; $i++) { if (isset($data['seriesWeeklyDays'][$i])) { $weekdayPattern .= "1"; } else { $weekdayPattern .= "0"; } } $seriesPatternWeekday = $weekdayPattern; $seriesPatternCount = 0; $seriesPatternDay = 0; $seriesPatternMonth = 0; $seriesPatternType = 0; } break; case 3: if ($seriesStatus == 1) { $seriesPatternType = isset($data['seriesMonthly']) ? intval($data['seriesMonthly']) : 0; if ($seriesPatternType == 1) { $seriesPatternMonth = isset($data['seriesMonthlyMonth_1']) ? intval($data['seriesMonthlyMonth_1']) : 0; $seriesPatternDay = isset($data['seriesMonthlyDay']) ? intval($data['seriesMonthlyDay']) : 0; $seriesPatternWeekday = 0; } else { $seriesPatternCount = isset($data['seriesMonthlyDayCount']) ? intval($data['seriesMonthlyDayCount']) : 0; $seriesPatternMonth = isset($data['seriesMonthlyMonth_2']) ? intval($data['seriesMonthlyMonth_2']) : 0; if ($seriesPatternMonth < 1) { // the increment must be at least once a month, otherwise we will end up in a endless loop in the presence $seriesPatternMonth = 1; } $seriesPatternWeekday = isset($data['seriesMonthlyWeekday']) ? $data['seriesMonthlyWeekday'] : ''; $seriesPatternDay = 0; } $seriesPatternWeek = 0; } break; } $seriesPatternDouranceType = isset($data['seriesDouranceType']) ? intval($data['seriesDouranceType']) : 0; switch ($seriesPatternDouranceType) { case 1: $seriesPatternEnd = 0; break; case 2: $seriesPatternEnd = isset($data['seriesDouranceEvents']) ? intval($data['seriesDouranceEvents']) : 0; break; case 3: $seriesPatternEndDate = date("Y-m-d H:i:s", parent::getDateTimestamp($data['seriesDouranceDate'], 23, 59)); break; } } $formData = array('type' => $type, 'startdate' => $startDate, 'enddate' => $endDate, 'use_custom_date_display' => $useCustomDateDisplay, 'showStartDateList' => $showStartDateList, 'showEndDateList' => $showEndDateList, 'showStartTimeList' => $showStartTimeList, 'showEndTimeList' => $showEndTimeList, 'showTimeTypeList' => $showTimeTypeList, 'showStartDateDetail' => $showStartDateDetail, 'showEndDateDetail' => $showEndDateDetail, 'showStartTimeDetail' => $showStartTimeDetail, 'showEndTimeDetail' => $showEndTimeDetail, 'showTimeTypeDetail' => $showTimeTypeDetail, 'google' => $google, 'access' => $access, 'priority' => $priority, 'price' => $price, 'link' => $link, 'pic' => $pic, 'catid' => $catId, 'attach' => $attach, 'place_mediadir_id' => $placeMediadir, 'host_mediadir_id' => $hostMediadir, 'show_in' => $showIn, 'invited_groups' => $invited_groups, 'invited_mails' => $invited_mails, 'invitation_email_template' => json_encode($invitationTemplate), 'registration' => $registration, 'registration_form' => $registration_form, 'registration_num' => $registration_num, 'registration_notification' => $registration_notification, 'email_template' => json_encode($email_template), 'ticket_sales' => $ticket_sales, 'num_seating' => $num_seating, 'series_status' => $seriesStatus, 'series_type' => $seriesType, 'series_pattern_count' => $seriesPatternCount, 'series_pattern_weekday' => $seriesPatternWeekday, 'series_pattern_day' => $seriesPatternDay, 'series_pattern_week' => $seriesPatternWeek, 'series_pattern_month' => $seriesPatternMonth, 'series_pattern_type' => $seriesPatternType, 'series_pattern_dourance_type' => $seriesPatternDouranceType, 'series_pattern_end' => $seriesPatternEnd, 'series_pattern_end_date' => $seriesPatternEndDate, 'series_pattern_exceptions' => $seriesExeptions, 'all_day' => $allDay, 'location_type' => $locationType, 'host_type' => $hostType, 'place' => $place, 'place_id' => 0, 'place_street' => $street, 'place_zip' => $zip, 'place_city' => $city, 'place_country' => $country, 'place_link' => $placeLink, 'place_map' => $placeMap, 'org_name' => $orgName, 'org_street' => $orgStreet, 'org_zip' => $orgZip, 'org_city' => $orgCity, 'org_country' => $orgCountry, 'org_link' => $orgLink, 'org_email' => $orgEmail, 'invitation_sent' => $update_invitation_sent ? 1 : 0); if ($id != 0) { $query = \SQL::update("module_{$this->moduleTablePrefix}_event", $formData) . " WHERE id = '{$id}'"; $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $this->id = $id; $query = "DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_event_field\n WHERE event_id = '" . $id . "'"; $objResult = $objDatabase->Execute($query); $query = "DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_rel_event_host\n WHERE event_id = '" . $id . "'"; $objResult = $objDatabase->Execute($query); } else { return false; } } else { $objFWUser = \FWUser::getFWUserObject(); $objUser = $objFWUser->objUser; if ($objInit->mode == 'frontend') { $status = 1; $confirmed = $this->arrSettings['confirmFrontendEvents'] == 1 ? 0 : 1; $author = $objUser->login() ? intval($objUser->getId()) : 0; } else { $status = 0; $confirmed = 1; $author = intval($objUser->getId()); } $formData['status'] = $status; $formData['confirmed'] = $confirmed; $formData['author'] = $author; $query = \SQL::insert("module_{$this->moduleTablePrefix}_event", $formData); $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $id = intval($objDatabase->Insert_ID()); $this->id = $id; } else { return false; } } if ($id != 0) { foreach ($data['showIn'] as $key => $langId) { $title = contrexx_addslashes(contrexx_strip_tags($data['title'][$langId])); $description = contrexx_addslashes($data['description'][$langId]); if ($convertBBCode) { $description = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForDb($data['description'][$langId], true); } $redirect = contrexx_addslashes($data['calendar-redirect'][$langId]); if ($type == 0) { $redirect = ''; } else { $description = ''; } $query = "INSERT INTO " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_event_field\n (`event_id`,`lang_id`,`title`, `description`,`redirect`)\n VALUES\n ('" . intval($id) . "','" . intval($langId) . "','" . $title . "','" . $description . "','" . $redirect . "')"; $objResult = $objDatabase->Execute($query); if ($objResult === false) { return false; } } if (!empty($related_hosts)) { foreach ($related_hosts as $key => $hostId) { $query = "INSERT INTO " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_rel_event_host\n (`host_id`,`event_id`) \n VALUES ('" . intval($hostId) . "','" . intval($id) . "')"; $objResult = $objDatabase->Execute($query); } } } if ($send_invitation == 1) { $objMailManager = new \Cx\Modules\Calendar\Controller\CalendarMailManager(); foreach ($invitationTemplate as $templateId) { $objMailManager->sendMail(intval($id), \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_INVITATION, null, $templateId); } } return true; }
private function saveSettings() { global $objDatabase; /** * save mailtemplates */ foreach ($_POST["filesharingMail"] as $lang => $inputs) { $objMailTemplate = $objDatabase->Execute("SELECT `subject`, `content` FROM " . DBPREFIX . "module_filesharing_mail_template WHERE `lang_id` = " . intval($lang)); $content = str_replace(array('{', '}'), array('[[', ']]'), contrexx_input2db($inputs["content"])); if ($objMailTemplate === false or $objMailTemplate->RecordCount() == 0) { $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_filesharing_mail_template (`subject`, `content`, `lang_id`) VALUES ('" . contrexx_input2db($inputs["subject"]) . "', '" . contrexx_raw2db($content) . "', '" . contrexx_raw2db($lang) . "')"); } else { $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing_mail_template SET `subject` = '" . contrexx_input2db($inputs["subject"]) . "', `content` = '" . contrexx_raw2db($content) . "' WHERE `lang_id` = '" . contrexx_raw2db($lang) . "'"); } } /** * save permissions */ \Cx\Core\Setting\Controller\Setting::init('FileSharing', 'config'); $oldFilesharingSetting = \Cx\Core\Setting\Controller\Setting::getValue('permission', 'FileSharing'); $newFilesharingSetting = $_POST['filesharingSettingsPermission']; if (!is_numeric($newFilesharingSetting)) { if (is_numeric($oldFilesharingSetting)) { // remove AccessId \Permission::removeAccess($oldFilesharingSetting, 'dynamic'); } } else { $accessGroups = ''; if (isset($_POST['filesharing_access_associated_groups'])) { $accessGroups = $_POST['filesharing_access_associated_groups']; } // get groups \Permission::removeAccess($oldFilesharingSetting, 'dynamic'); if (isset($_POST['filesharing_access_associated_groups'])) { $accessGroups = $_POST['filesharing_access_associated_groups']; } // add AccessID $newFilesharingSetting = \Permission::createNewDynamicAccessId(); // save AccessID if (count($accessGroups)) { \Permission::setAccess($newFilesharingSetting, 'dynamic', $accessGroups); } } // save new setting \Cx\Core\Setting\Controller\Setting::set('permission', $newFilesharingSetting); \Cx\Core\Setting\Controller\Setting::updateAll(); }
/** * Adding Crm Contact and link it with crm company if possible * * @param Array $arrFormData form data's * @param int $userAccountId * @param int $frontendLanguage * @global <object> $objDatabase * @global int $_LANGID * */ function setContactPersonProfile($arrFormData = array(), $userAccountId = 0, $frontendLanguage) { global $objDatabase, $_LANGID; $this->contact = new \Cx\Modules\Crm\Model\Entity\CrmContact(); if (!empty($userAccountId)) { $userExists = $objDatabase->Execute("SELECT id FROM `" . DBPREFIX . "module_{$this->moduleNameLC}_contacts` WHERE user_account = {$userAccountId}"); if ($userExists && $userExists->RecordCount()) { $id = (int) $userExists->fields['id']; $this->contact->load($id); $this->contact->customerName = !empty($arrFormData['firstname'][0]) ? contrexx_input2raw($arrFormData['firstname'][0]) : ''; $this->contact->family_name = !empty($arrFormData['lastname'][0]) ? contrexx_input2raw($arrFormData['lastname'][0]) : ''; $this->contact->contact_language = !empty($frontendLanguage) ? (int) $frontendLanguage : $_LANGID; $this->contact->contact_gender = !empty($arrFormData['gender'][0]) ? $arrFormData['gender'][0] == 'gender_female' ? 1 : ($arrFormData['gender'][0] == 'gender_male' ? 2 : '') : ''; $this->contact->contactType = 2; $this->contact->datasource = 2; $this->contact->account_id = $userAccountId; //set profile picture if (!empty($arrFormData['picture'][0])) { $picture = $arrFormData['picture'][0]; $cx = \Cx\Core\Core\Controller\Cx::instanciate(); if (!file_exists($cx->getWebsiteImagesCrmProfilePath() . '/' . $picture)) { $file = $cx->getWebsiteImagesAccessProfilePath() . '/'; $newFile = $cx->getWebsiteImagesCrmProfilePath() . '/'; if (copy($file . $picture, $newFile . $picture)) { if ($this->createThumbnailOfPicture($picture)) { $this->contact->profile_picture = $picture; } } } } else { $this->contact->profile_picture = 'profile_person_big.png'; } // save current setting values, so we can switch back to them after we got our used settings out of database $prevSection = \Cx\Core\Setting\Controller\Setting::getCurrentSection(); $prevGroup = \Cx\Core\Setting\Controller\Setting::getCurrentGroup(); $prevEngine = \Cx\Core\Setting\Controller\Setting::getCurrentEngine(); \Cx\Core\Setting\Controller\Setting::init('Crm', 'config'); if ($arrFormData["company"][0] != "") { $crmCompany = new \Cx\Modules\Crm\Model\Entity\CrmContact(); if ($this->contact->contact_customer != 0) { $crmCompany->load($this->contact->contact_customer); } $crmCompany->customerName = $arrFormData["company"][0]; $crmCompany->contactType = 1; $customerType = $arrFormData[\Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_customer_type', 'Crm')][0]; if ($customerType !== false) { $crmCompany->customerType = $customerType; } $companySize = $arrFormData[\Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_company_size', 'Crm')][0]; if ($companySize !== false) { $crmCompany->companySize = $companySize; } $industryType = $arrFormData[\Cx\Core\Setting\Controller\Setting::getValue('user_profile_attribute_industry_type', 'Crm')][0]; if ($industryType !== false) { $crmCompany->industryType = $industryType; } if (isset($arrFormData["phone_office"])) { $crmCompany->phone = $arrFormData["phone_office"]; } // store/update the company profile $crmCompany->save(); // setting & storing the primary email address must be done after // the company has been saved for the case where the company is // being added as a new object without having an ID yet if (empty($crmCompany->email)) { $crmCompany->email = $this->contact->email; $crmCompany->storeEMail(); } $this->contact->contact_customer = $crmCompany->id; } if ($this->contact->save()) { // insert website if (!empty($arrFormData['website'][0])) { $webExists = $objDatabase->SelectLimit("SELECT 1 FROM `" . DBPREFIX . "module_{$this->moduleNameLC}_customer_contact_websites` WHERE is_primary = '1' AND contact_id = '{$this->contact->id}'"); $fields = array('url' => $arrFormData['website'][0], 'url_profile' => '1', 'is_primary' => '1', 'contact_id' => $this->contact->id); if ($webExists) { $query = \SQL::update("module_{$this->moduleNameLC}_customer_contact_websites", $fields, array('escape' => true)) . " WHERE is_primary = '1' AND `contact_id` = {$this->contact->id}"; } else { $query = \SQL::insert("module_{$this->moduleNameLC}_customer_contact_websites", $fields, array('escape' => true)); } $db = $objDatabase->Execute($query); } //insert address if (!empty($arrFormData['address'][0]) || !empty($arrFormData['city'][0]) || !empty($arrFormData['zip'][0]) || !empty($arrFormData['country'][0])) { $addressExists = $objDatabase->SelectLimit("SELECT 1 FROM `" . DBPREFIX . "module_{$this->moduleNameLC}_customer_contact_address` WHERE is_primary = '1' AND contact_id = '{$this->contact->id}'"); $country = \Cx\Core\Country\Controller\Country::getById($arrFormData['country'][0]); if ($addressExists && $addressExists->RecordCount()) { $query = "UPDATE `" . DBPREFIX . "module_{$this->moduleNameLC}_customer_contact_address` SET\n address = '" . contrexx_input2db($arrFormData['address'][0]) . "',\n city = '" . contrexx_input2db($arrFormData['city'][0]) . "',\n zip = '" . contrexx_input2db($arrFormData['zip'][0]) . "',\n country = '" . $country['name'] . "',\n Address_Type = '2'\n WHERE is_primary = '1' AND contact_id = '{$this->contact->id}'"; } else { $query = "INSERT INTO `" . DBPREFIX . "module_{$this->moduleNameLC}_customer_contact_address` SET\n address = '" . contrexx_input2db($arrFormData['address'][0]) . "',\n city = '" . contrexx_input2db($arrFormData['city'][0]) . "',\n state = '" . contrexx_input2db($arrFormData['city'][0]) . "',\n zip = '" . contrexx_input2db($arrFormData['zip'][0]) . "',\n country = '" . $country['name'] . "',\n Address_Type = '2',\n is_primary = '1',\n contact_id = '{$this->contact->id}'"; } $objDatabase->Execute($query); } // insert Phone $contactPhone = array(); if (!empty($arrFormData['phone_office'][0])) { $phoneExists = $objDatabase->SelectLimit("SELECT 1 FROM `" . DBPREFIX . "module_{$this->moduleNameLC}_customer_contact_phone` WHERE is_primary = '1' AND contact_id = '{$this->contact->id}'"); $fields = array('phone' => $arrFormData['phone_office'][0], 'phone_type' => '1', 'is_primary' => '1', 'contact_id' => $this->contact->id); if ($phoneExists && $phoneExists->RecordCount()) { $query = \SQL::update("module_{$this->moduleNameLC}_customer_contact_phone", $fields, array('escape' => true)) . " WHERE is_primary = '1' AND `contact_id` = {$this->contact->id}"; } else { $query = \SQL::insert("module_{$this->moduleNameLC}_customer_contact_phone", $fields, array('escape' => true)); } $objDatabase->Execute($query); } } \Cx\Core\Setting\Controller\Setting::init($prevSection, $prevGroup, $prevEngine); } } }
/** * Stores the Order * * Takes all values as found in the POST array * @global array $_ARRAYLANG Language array * @global ADONewConnection $objDatabase Database connection object * @return boolean True on success, false otherwise * @static */ static function storeFromPost() { global $objDatabase, $_ARRAYLANG; $order_id = isset($_POST['order_id']) ? intval($_POST['order_id']) : null; if (empty($order_id)) { return null; } // calculate the total order sum in the selected currency of the customer $totalOrderSum = floatval($_POST['shippingPrice']) + floatval($_POST['paymentPrice']); // the tax amount will be set, even if it's included in the price already. // thus, we have to check the setting. if (!Vat::isIncluded()) { $totalOrderSum += floatval($_POST['taxPrice']); } // store the product details and add the price of each product // to the total order sum $totalOrderSum $order = self::getById($order_id); $orderOptions = $order->getOptionArray(); foreach ($_REQUEST['product_list'] as $orderItemId => $product_id) { if ($orderItemId != 0 && $product_id == 0) { // delete the product from the list $query = "\n DELETE FROM " . DBPREFIX . "module_shop" . MODULE_INDEX . "_order_items\n WHERE id={$orderItemId}"; $objResult = $objDatabase->Execute($query); if (!$objResult) { return self::errorHandler(); } $query = "\n DELETE FROM " . DBPREFIX . "module_shop" . MODULE_INDEX . "_order_attributes\n WHERE id={$orderItemId}"; $objResult = $objDatabase->Execute($query); if (!$objResult) { return self::errorHandler(); } } elseif ($product_id != 0) { $objProduct = Product::getById($product_id); if (!$objProduct) { \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_PRODUCT_NOT_FOUND'], $product_id)); continue; } $product_name = $objProduct->name(); $productPrice = $price = $_REQUEST['productPrice'][$orderItemId]; if (isset($orderOptions[$orderItemId])) { foreach ($orderOptions[$orderItemId] as $optionValues) { foreach ($optionValues as $value) { $price += $value['price']; } } } $price = Currency::formatPrice($price); $productPrice = Currency::formatPrice($productPrice); $quantity = max(1, intval($_REQUEST['productQuantity'][$orderItemId])); $totalOrderSum += $price * $quantity; $vat_rate = Vat::format($_REQUEST['productTaxPercent'][$orderItemId]); $weight = Weight::getWeight($_REQUEST['productWeight'][$orderItemId]); if ($orderItemId == 0) { // Add a new product to the list if (!self::insertItem($order_id, $product_id, $product_name, $productPrice, $quantity, $vat_rate, $weight, array())) { return false; } } else { // Update the order item if (!self::updateItem($orderItemId, $product_id, $product_name, $productPrice, $quantity, $vat_rate, $weight, array())) { return false; } } } } $objUser = \FWUser::getFWUserObject()->objUser; // Store the order details // TODO: Should add verification for POSTed fields and ignore unset values! $query = "\n UPDATE " . DBPREFIX . "module_shop" . MODULE_INDEX . "_orders\n SET `sum`=" . floatval($totalOrderSum) . ",\n `shipment_amount`=" . floatval($_POST['shippingPrice']) . ",\n `payment_amount`=" . floatval($_POST['paymentPrice']) . ",\n `status`='" . intval($_POST['order_status']) . "',\n `billing_gender`='" . contrexx_input2db($_POST['billing_gender']) . "',\n `billing_company`='" . contrexx_input2db($_POST['billing_company']) . "',\n `billing_firstname`='" . contrexx_input2db($_POST['billing_firstname']) . "',\n `billing_lastname`='" . contrexx_input2db($_POST['billing_lastname']) . "',\n `billing_address`='" . contrexx_input2db($_POST['billing_address']) . "',\n `billing_city`='" . contrexx_input2db($_POST['billing_city']) . "',\n `billing_zip`='" . contrexx_input2db($_POST['billing_zip']) . "',\n `billing_country_id`='" . intval($_POST['billing_country_id']) . "',\n `billing_phone`='" . contrexx_input2db($_POST['billing_phone']) . "',\n `billing_fax`='" . contrexx_input2db($_POST['billing_fax']) . "',\n `billing_email`='" . contrexx_input2db($_POST['billing_email']) . "',\n `gender`='" . contrexx_input2db($_POST['shipPrefix']) . "',\n `company`='" . contrexx_input2db($_POST['shipCompany']) . "',\n `firstname`='" . contrexx_input2db($_POST['shipFirstname']) . "',\n `lastname`='" . contrexx_input2db($_POST['shipLastname']) . "',\n `address`='" . contrexx_input2db($_POST['shipAddress']) . "',\n `city`='" . contrexx_input2db($_POST['shipCity']) . "',\n `zip`='" . contrexx_input2db($_POST['shipZip']) . "',\n `country_id`=" . intval($_POST['shipCountry']) . ",\n `phone`='" . contrexx_input2db($_POST['shipPhone']) . "',\n `vat_amount`=" . floatval($_POST['taxPrice']) . ",\n `shipment_id`=" . intval($_POST['shipperId']) . ",\n `modified_by`='" . $objUser->getUsername() . "',\n `modified_on`='" . date('Y-m-d H:i:s') . "'\n WHERE `id`={$order_id}"; // should not be changed, see above // ", payment_id = ".intval($_POST['paymentId']). if (!$objDatabase->Execute($query)) { \Message::error($_ARRAYLANG['TXT_SHOP_ORDER_ERROR_STORING']); return self::errorHandler(); } \Message::ok($_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL']); // Send an email to the customer, if requested if (!empty($_POST['sendMail'])) { $result = ShopLibrary::sendConfirmationMail($order_id); if (!$result) { return \Message::error($_ARRAYLANG['TXT_MESSAGE_SEND_ERROR']); } \Message::ok(sprintf($_ARRAYLANG['TXT_EMAIL_SEND_SUCCESSFULLY'], $result)); } return true; }