function mf_is_payment_has_value($dbh, $form_id, $entry_id) { $payment_has_value = false; $props = array('payment_enable_merchant', 'payment_merchant_type', 'payment_price_amount', 'payment_price_type', 'payment_delay_notifications', 'form_review', 'form_page_total'); $form_properties = mf_get_form_properties($dbh, $form_id, $props); if ($form_properties['payment_enable_merchant'] == 1 && $form_properties['payment_merchant_type'] == 'stripe') { if ($form_properties['payment_price_type'] == 'variable') { $total_payment_amount = (double) mf_get_payment_total($dbh, $form_id, $entry_id, 0, 'live'); if (!empty($total_payment_amount)) { $payment_has_value = true; } } else { if ($form_properties['payment_price_type'] == 'fixed') { $total_payment_amount = (double) $form_properties['payment_price_amount']; if (!empty($total_payment_amount)) { $payment_has_value = true; } } } } return $payment_has_value; }
die("Invalid form ID."); } $dbh = mf_connect_db(); $mf_settings = mf_get_settings($dbh); //check permission, is the user allowed to access this page? if (empty($_SESSION['mf_user_privileges']['priv_administer'])) { $user_perms = mf_get_user_permissions($dbh, $form_id, $_SESSION['mf_user_id']); //this page need edit_entries or view_entries permission if (empty($user_perms['edit_entries']) && empty($user_perms['view_entries'])) { $_SESSION['MF_DENIED'] = "You don't have permission to access this page."; $ssl_suffix = mf_get_ssl_suffix(); header("Location: http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . mf_get_dirname($_SERVER['PHP_SELF']) . "/restricted.php"); exit; } } $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_enable_merchant')); //prepare filename for the export $query = "select \r\n\t\t\t\t\tA.form_name,\r\n\t\t\t\t\tifnull(B.entries_sort_by,'id-desc') entries_sort_by,\r\n\t\t\t\t\tifnull(B.entries_filter_type,'all') entries_filter_type,\r\n\t\t\t\t\tifnull(B.entries_enable_filter,0) entries_enable_filter\t\t\t \r\n\t\t\t\tfrom \r\n\t\t\t\t\t" . MF_TABLE_PREFIX . "forms A left join " . MF_TABLE_PREFIX . "entries_preferences B \r\n\t\t\t\t on \r\n\t\t\t\t \tA.form_id=B.form_id and B.user_id=? \r\n\t\t\t where \r\n\t\t\t \t\tA.form_id = ?"; $params = array($_SESSION['mf_user_id'], $form_id); $sth = mf_do_query($query, $params, $dbh); $row = mf_do_fetch_result($sth); if (!empty($row)) { $form_name = $row['form_name']; $clean_form_name = preg_replace("/[^A-Za-z0-9_-]/", "", $form_name); $filter_type = $row['entries_filter_type']; $entries_enable_filter = $row['entries_enable_filter']; $sort_by = $row['entries_sort_by']; } $exploded = explode('-', $sort_by); $sort_element = $exploded[0]; //the element name, e.g. element_2
if (is_writable($mf_settings['upload_dir'])) { file_put_contents($log_file_path, ' '); $log_error = true; } } else { $log_error = true; } if ($log_error) { ini_set('log_errors', true); ini_set('error_log', $log_file_path); } $temp_exploded = explode('_', $_POST['custom']); //the "custom" variable from PayPal format: xx_yy_zzzzzzzz (xx: form_id, yy: entry_id, zzz: unix_timestamp of the date_created field) $form_id = (int) $temp_exploded[0]; if (!empty($form_id)) { $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_paypal_enable_test_mode')); } //start the listener $listener = new IpnListener(); if (function_exists('curl_init')) { $listener->use_curl = true; } else { $listener->use_curl = false; } if (!empty($form_properties['payment_paypal_enable_test_mode'])) { $listener->use_sandbox = true; } else { $listener->use_sandbox = false; } try { $listener->requirePostMethod();
} } //update or insert to ap_form_payments table $query = "select count(afp_id) record_exist from " . MF_TABLE_PREFIX . "form_payments where form_id = ? and record_id = ? and `status` = 1"; $params = array($form_id, $entry_id); $sth = mf_do_query($query, $params, $dbh); $row = mf_do_fetch_result($sth); if (!empty($row['record_exist'])) { //do update to ap_form_payments table $query = "update " . MF_TABLE_PREFIX . "form_payments set payment_status = ? where form_id = ? and record_id = ? and `status` = 1"; $params = array($payment_status, $form_id, $entry_id); mf_do_query($query, $params, $dbh); } else { //do insert to ap_form_payments table //calculate the payment amount and currencies $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_merchant_type', 'payment_price_type', 'payment_price_amount', 'payment_currency')); $payment_price_amount = (double) $form_properties['payment_price_amount']; $payment_merchant_type = $form_properties['payment_merchant_type']; $payment_price_type = $form_properties['payment_price_type']; $payment_currency = strtolower($form_properties['payment_currency']); if ($payment_price_type == 'variable') { $payment_amount = (double) mf_get_payment_total($dbh, $form_id, $entry_id, 0, 'live'); } else { if ($payment_price_type == 'fixed') { $payment_amount = $payment_price_amount; } } $query = "insert into " . MF_TABLE_PREFIX . "form_payments(\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tform_id,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\trecord_id,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tpayment_status,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tpayment_merchant_type,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tpayment_amount,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tpayment_currency) \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tvalues(?,?,?,?,?,?)"; $params = array($form_id, $entry_id, $payment_status, $payment_merchant_type, $payment_amount, $payment_currency); mf_do_query($query, $params, $dbh); }
function mf_display_entries_table($dbh, $form_id, $options) { $form_id = (int) $form_id; $max_data_length = 80; //maximum length of column content $pageno = $options['page_number']; $rows_per_page = $options['rows_per_page']; $sort_element = $options['sort_element']; $sort_order = $options['sort_order']; $filter_data = $options['filter_data']; $filter_type = $options['filter_type']; $user_id = $options['column_preferences_user_id']; if (empty($sort_element)) { //set the default sorting order $sort_element = 'id'; $sort_order = 'desc'; } $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_currency', 'payment_enable_merchant')); $payment_currency = strtoupper($form_properties['payment_currency']); /******************************************************************************************/ //prepare column header names lookup //get form element options first (checkboxes, choices, dropdown) $query = "select \r\n\t\t\t\t\t\telement_id,\r\n\t\t\t\t\t\toption_id,\r\n\t\t\t\t\t\t`option`\r\n\t\t\t\t\tfrom \r\n\t\t\t\t\t\t" . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t where \r\n\t\t\t\t \t\tform_id=? and live=1 \r\n\t\t\t\torder by \r\n\t\t\t\t\t\telement_id,position asc"; $params = array($form_id); $sth = mf_do_query($query, $params, $dbh); while ($row = mf_do_fetch_result($sth)) { $element_id = $row['element_id']; $option_id = $row['option_id']; $element_option_lookup[$element_id][$option_id] = htmlspecialchars(strip_tags($row['option']), ENT_QUOTES); } //get element options for matrix fields $query = "select \r\n\t\t\t\t\t\tA.element_id,\r\n\t\t\t\t\t\tA.option_id,\r\n\t\t\t\t\t\t(select if(B.element_matrix_parent_id=0,A.option,\r\n\t\t\t\t\t\t\t(select \r\n\t\t\t\t\t\t\t\t\tC.`option` \r\n\t\t\t\t\t\t\t from \r\n\t\t\t\t\t\t\t \t\t" . MF_TABLE_PREFIX . "element_options C \r\n\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t \t\tC.element_id=B.element_matrix_parent_id and \r\n\t\t\t\t\t\t\t \t\tC.form_id=A.form_id and \r\n\t\t\t\t\t\t\t \t\tC.live=1 and \r\n\t\t\t\t\t\t\t \t\tC.option_id=A.option_id))\r\n\t\t\t\t\t\t) 'option_label'\r\n\t\t\t\t\tfrom \r\n\t\t\t\t\t\t" . MF_TABLE_PREFIX . "element_options A left join " . MF_TABLE_PREFIX . "form_elements B on (A.element_id=B.element_id and A.form_id=B.form_id)\r\n\t\t\t\t where \r\n\t\t\t\t \t\tA.form_id=? and A.live=1 and B.element_type='matrix' and B.element_status=1\r\n\t\t\t\torder by \r\n\t\t\t\t\t\tA.element_id,A.option_id asc"; $params = array($form_id); $sth = mf_do_query($query, $params, $dbh); while ($row = mf_do_fetch_result($sth)) { $element_id = $row['element_id']; $option_id = $row['option_id']; $matrix_element_option_lookup[$element_id][$option_id] = htmlspecialchars(strip_tags($row['option_label']), ENT_QUOTES); } //get 'multiselect' status of matrix fields $query = "select \r\n\t\t\t\t\t\t A.element_id,\r\n\t\t\t\t\t\t A.element_matrix_parent_id,\r\n\t\t\t\t\t\t A.element_matrix_allow_multiselect,\r\n\t\t\t\t\t\t (select if(A.element_matrix_parent_id=0,A.element_matrix_allow_multiselect,\r\n\t\t\t\t\t\t \t\t\t (select B.element_matrix_allow_multiselect from " . MF_TABLE_PREFIX . "form_elements B where B.form_id=A.form_id and B.element_id=A.element_matrix_parent_id)\r\n\t\t\t\t\t\t \t\t\t)\r\n\t\t\t\t\t\t ) 'multiselect' \r\n\t\t\t\t\t from \r\n\t\t\t\t\t \t " . MF_TABLE_PREFIX . "form_elements A\r\n\t\t\t\t\t where \r\n\t\t\t\t\t \t A.form_id=? and A.element_status=1 and A.element_type='matrix'"; $params = array($form_id); $sth = mf_do_query($query, $params, $dbh); while ($row = mf_do_fetch_result($sth)) { $matrix_multiselect_status[$row['element_id']] = $row['multiselect']; } /******************************************************************************************/ //set column properties for basic fields $column_name_lookup['date_created'] = 'Date Created'; $column_name_lookup['date_updated'] = 'Date Updated'; $column_name_lookup['ip_address'] = 'IP Address'; $column_type_lookup['id'] = 'number'; $column_type_lookup['row_num'] = 'number'; $column_type_lookup['date_created'] = 'date'; $column_type_lookup['date_updated'] = 'date'; $column_type_lookup['ip_address'] = 'text'; if ($form_properties['payment_enable_merchant'] == 1) { $column_name_lookup['payment_amount'] = 'Payment Amount'; $column_name_lookup['payment_status'] = 'Payment Status'; $column_name_lookup['payment_id'] = 'Payment ID'; $column_type_lookup['payment_amount'] = 'money'; $column_type_lookup['payment_status'] = 'payment_status'; $column_type_lookup['payment_id'] = 'text'; } //get column properties for other fields $query = "select \r\n\t\t\t\t\t\t element_id,\r\n\t\t\t\t\t\t element_title,\r\n\t\t\t\t\t\t element_type,\r\n\t\t\t\t\t\t element_constraint,\r\n\t\t\t\t\t\t element_choice_has_other,\r\n\t\t\t\t\t\t element_choice_other_label,\r\n\t\t\t\t\t\t element_time_showsecond,\r\n\t\t\t\t\t\t element_time_24hour,\r\n\t\t\t\t\t\t element_matrix_allow_multiselect \r\n\t\t\t\t from \r\n\t\t\t\t `" . MF_TABLE_PREFIX . "form_elements` \r\n\t\t\t\t where \r\n\t\t\t\t \t form_id=? and element_status=1 and element_type not in('section','page_break')\r\n\t\t\t\t order by \r\n\t\t\t\t \t\t element_position asc"; $params = array($form_id); $sth = mf_do_query($query, $params, $dbh); $element_radio_has_other = array(); while ($row = mf_do_fetch_result($sth)) { $element_type = $row['element_type']; $element_constraint = $row['element_constraint']; //get 'other' field label for checkboxes and radio button if ($element_type == 'checkbox' || $element_type == 'radio') { if (!empty($row['element_choice_has_other'])) { $element_option_lookup[$row['element_id']]['other'] = htmlspecialchars(strip_tags($row['element_choice_other_label']), ENT_QUOTES); if ($element_type == 'radio') { $element_radio_has_other['element_' . $row['element_id']] = true; } } } $row['element_title'] = htmlspecialchars(strip_tags($row['element_title']), ENT_QUOTES); if ('address' == $element_type) { //address has 6 fields $column_name_lookup['element_' . $row['element_id'] . '_1'] = $row['element_title'] . ' - Street Address'; $column_name_lookup['element_' . $row['element_id'] . '_2'] = 'Address Line 2'; $column_name_lookup['element_' . $row['element_id'] . '_3'] = 'City'; $column_name_lookup['element_' . $row['element_id'] . '_4'] = 'State/Province/Region'; $column_name_lookup['element_' . $row['element_id'] . '_5'] = 'Zip/Postal Code'; $column_name_lookup['element_' . $row['element_id'] . '_6'] = 'Country'; $column_type_lookup['element_' . $row['element_id'] . '_1'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_2'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_3'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_4'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_5'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_6'] = $row['element_type']; } elseif ('simple_name' == $element_type) { //simple name has 2 fields $column_name_lookup['element_' . $row['element_id'] . '_1'] = $row['element_title'] . ' - First'; $column_name_lookup['element_' . $row['element_id'] . '_2'] = $row['element_title'] . ' - Last'; $column_type_lookup['element_' . $row['element_id'] . '_1'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_2'] = $row['element_type']; } elseif ('simple_name_wmiddle' == $element_type) { //simple name with middle has 3 fields $column_name_lookup['element_' . $row['element_id'] . '_1'] = $row['element_title'] . ' - First'; $column_name_lookup['element_' . $row['element_id'] . '_2'] = $row['element_title'] . ' - Middle'; $column_name_lookup['element_' . $row['element_id'] . '_3'] = $row['element_title'] . ' - Last'; $column_type_lookup['element_' . $row['element_id'] . '_1'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_2'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_3'] = $row['element_type']; } elseif ('name' == $element_type) { //name has 4 fields $column_name_lookup['element_' . $row['element_id'] . '_1'] = $row['element_title'] . ' - Title'; $column_name_lookup['element_' . $row['element_id'] . '_2'] = $row['element_title'] . ' - First'; $column_name_lookup['element_' . $row['element_id'] . '_3'] = $row['element_title'] . ' - Last'; $column_name_lookup['element_' . $row['element_id'] . '_4'] = $row['element_title'] . ' - Suffix'; $column_type_lookup['element_' . $row['element_id'] . '_1'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_2'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_3'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_4'] = $row['element_type']; } elseif ('name_wmiddle' == $element_type) { //name with middle has 5 fields $column_name_lookup['element_' . $row['element_id'] . '_1'] = $row['element_title'] . ' - Title'; $column_name_lookup['element_' . $row['element_id'] . '_2'] = $row['element_title'] . ' - First'; $column_name_lookup['element_' . $row['element_id'] . '_3'] = $row['element_title'] . ' - Middle'; $column_name_lookup['element_' . $row['element_id'] . '_4'] = $row['element_title'] . ' - Last'; $column_name_lookup['element_' . $row['element_id'] . '_5'] = $row['element_title'] . ' - Suffix'; $column_type_lookup['element_' . $row['element_id'] . '_1'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_2'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_3'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_4'] = $row['element_type']; $column_type_lookup['element_' . $row['element_id'] . '_5'] = $row['element_type']; } elseif ('money' == $element_type) { //money format $column_name_lookup['element_' . $row['element_id']] = $row['element_title']; if (!empty($element_constraint)) { $column_type_lookup['element_' . $row['element_id']] = 'money_' . $element_constraint; //euro, pound, yen,etc } else { $column_type_lookup['element_' . $row['element_id']] = 'money_dollar'; //default is dollar } } elseif ('checkbox' == $element_type) { //checkboxes, get childs elements $this_checkbox_options = $element_option_lookup[$row['element_id']]; foreach ($this_checkbox_options as $option_id => $option) { $column_name_lookup['element_' . $row['element_id'] . '_' . $option_id] = $option; $column_type_lookup['element_' . $row['element_id'] . '_' . $option_id] = $row['element_type']; } } elseif ('time' == $element_type) { if (!empty($row['element_time_showsecond']) && !empty($row['element_time_24hour'])) { $column_type_lookup['element_' . $row['element_id']] = 'time_24hour'; } else { if (!empty($row['element_time_showsecond'])) { $column_type_lookup['element_' . $row['element_id']] = 'time'; } else { if (!empty($row['element_time_24hour'])) { $column_type_lookup['element_' . $row['element_id']] = 'time_24hour_noseconds'; } else { $column_type_lookup['element_' . $row['element_id']] = 'time_noseconds'; } } } $column_name_lookup['element_' . $row['element_id']] = $row['element_title']; } else { if ('matrix' == $element_type) { if (empty($matrix_multiselect_status[$row['element_id']])) { $column_name_lookup['element_' . $row['element_id']] = $row['element_title']; $column_type_lookup['element_' . $row['element_id']] = 'matrix_radio'; } else { $this_checkbox_options = $matrix_element_option_lookup[$row['element_id']]; foreach ($this_checkbox_options as $option_id => $option) { $option = $option . ' - ' . $row['element_title']; $column_name_lookup['element_' . $row['element_id'] . '_' . $option_id] = $option; $column_type_lookup['element_' . $row['element_id'] . '_' . $option_id] = 'matrix_checkbox'; } } } else { if ('signature' == $element_type) { //don't display signature field continue; } else { //for other elements with only 1 field $column_name_lookup['element_' . $row['element_id']] = $row['element_title']; $column_type_lookup['element_' . $row['element_id']] = $row['element_type']; } } } } /******************************************************************************************/ //get column preferences and store it into array $query = "select element_name from " . MF_TABLE_PREFIX . "column_preferences where form_id=? and user_id=? order by position asc"; $params = array($form_id, $user_id); $sth = mf_do_query($query, $params, $dbh); while ($row = mf_do_fetch_result($sth)) { if ($row['element_name'] == 'id') { continue; } $column_prefs[] = $row['element_name']; } //if there is no column preferences, display the first 6 fields if (empty($column_prefs)) { $temp_slice = array_slice($column_name_lookup, 0, 8); unset($temp_slice['date_updated']); unset($temp_slice['ip_address']); $column_prefs = array_keys($temp_slice); } //determine column labels //the first 2 columns are always id and row_num $column_labels = array(); $column_labels[] = 'mf_id'; $column_labels[] = 'mf_row_num'; foreach ($column_prefs as $column_name) { $column_labels[] = $column_name_lookup[$column_name]; } //get the entries from ap_form_x table and store it into array //but first we need to check if there is any column preferences from ap_form_payments table $payment_table_columns = array('payment_amount', 'payment_status', 'payment_id'); $payment_columns_prefs = array_intersect($payment_table_columns, $column_prefs); if (!empty($payment_columns_prefs)) { //there is one or more column from ap_form_payments //don't include this column into $column_prefs_joined variable $column_prefs_temp = array(); foreach ($column_prefs as $value) { if (in_array($value, $payment_table_columns)) { continue; } $column_prefs_temp[] = $value; } $column_prefs_joined = '`' . implode("`,`", $column_prefs_temp) . '`'; //build the query to ap_form_payments table $payment_table_query = ''; foreach ($payment_columns_prefs as $column_name) { if ($column_name == 'payment_status') { $payment_table_query .= ",ifnull((select \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`{$column_name}` \r\n\t\t\t\t\t\t\t\t\t\t\t\t from " . MF_TABLE_PREFIX . "form_payments \r\n\t\t\t\t\t\t\t\t\t\t\t\twhere \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t form_id='{$form_id}' and record_id=A.id \r\n\t\t\t\t\t\t\t\t\t\t\t order by \r\n\t\t\t\t\t\t\t\t\t\t\t \t\t afp_id desc limit 1),'unpaid') {$column_name}"; } else { $payment_table_query .= ",(select \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`{$column_name}` \r\n\t\t\t\t\t\t\t\t\t\t\t\t from " . MF_TABLE_PREFIX . "form_payments \r\n\t\t\t\t\t\t\t\t\t\t\t\twhere \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t form_id='{$form_id}' and record_id=A.id \r\n\t\t\t\t\t\t\t\t\t\t\t order by \r\n\t\t\t\t\t\t\t\t\t\t\t \t\t afp_id desc limit 1) {$column_name}"; } } } else { //there is no column from ap_form_payments $column_prefs_joined = '`' . implode("`,`", $column_prefs) . '`'; } //if there is any radio fields which has 'other', we need to query that field as well if (!empty($element_radio_has_other)) { $radio_has_other_array = array(); foreach ($element_radio_has_other as $element_name => $value) { $radio_has_other_array[] = $element_name . '_other'; } $radio_has_other_joined = '`' . implode("`,`", $radio_has_other_array) . '`'; $column_prefs_joined = $column_prefs_joined . ',' . $radio_has_other_joined; } //check for filter data and build the filter query if (!empty($filter_data)) { if ($filter_type == 'all') { $condition_type = ' AND '; } else { $condition_type = ' OR '; } $where_clause_array = array(); foreach ($filter_data as $value) { $element_name = $value['element_name']; $filter_condition = $value['filter_condition']; $filter_keyword = addslashes($value['filter_keyword']); $filter_element_type = $column_type_lookup[$element_name]; $temp = explode('_', $element_name); $element_id = $temp[1]; //if the filter is a column from ap_form_payments table //we need to replace $element_name with the subquery to ap_form_payments table if (!empty($payment_columns_prefs) && in_array($element_name, $payment_table_columns)) { if ($element_name == 'payment_status') { $element_name = "ifnull((select \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`{$element_name}` \r\n\t\t\t\t\t\t\t\t\t\t\t\t from " . MF_TABLE_PREFIX . "form_payments \r\n\t\t\t\t\t\t\t\t\t\t\t\twhere \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t form_id='{$form_id}' and record_id=A.id \r\n\t\t\t\t\t\t\t\t\t\t\t order by \r\n\t\t\t\t\t\t\t\t\t\t\t \t\t afp_id desc limit 1),'unpaid')"; } else { $element_name = "(select \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`{$element_name}` \r\n\t\t\t\t\t\t\t\t\t\t\t\t from " . MF_TABLE_PREFIX . "form_payments \r\n\t\t\t\t\t\t\t\t\t\t\t\twhere \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t form_id='{$form_id}' and record_id=A.id \r\n\t\t\t\t\t\t\t\t\t\t\t order by \r\n\t\t\t\t\t\t\t\t\t\t\t \t\t afp_id desc limit 1)"; } } if (in_array($filter_element_type, array('radio', 'select', 'matrix_radio'))) { //these types need special steps to filter //we need to look into the ap_element_options first and do the filter there if ($filter_condition == 'is') { $where_operand = '='; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'is_not') { $where_operand = '<>'; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'begins_with') { $where_operand = 'LIKE'; $where_keyword = "'{$filter_keyword}%'"; } else { if ($filter_condition == 'ends_with') { $where_operand = 'LIKE'; $where_keyword = "'%{$filter_keyword}'"; } else { if ($filter_condition == 'contains') { $where_operand = 'LIKE'; $where_keyword = "'%{$filter_keyword}%'"; } else { if ($filter_condition == 'not_contain') { $where_operand = 'NOT LIKE'; $where_keyword = "'%{$filter_keyword}%'"; } } } } } } //do a query to ap_element_options table $query = "select \r\n\t\t\t\t\t\t\t\t\toption_id \r\n\t\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t \t\tform_id=? and\r\n\t\t\t\t\t\t\t \t\telement_id=? and\r\n\t\t\t\t\t\t\t \t\tlive=1 and \r\n\t\t\t\t\t\t\t \t\t`option` {$where_operand} {$where_keyword}"; $params = array($form_id, $element_id); $filtered_option_id_array = array(); $sth = mf_do_query($query, $params, $dbh); while ($row = mf_do_fetch_result($sth)) { $filtered_option_id_array[] = $row['option_id']; } $filtered_option_id = implode("','", $filtered_option_id_array); if ($filter_element_type == 'radio' && !empty($radio_has_other_array)) { if (in_array($element_name . '_other', $radio_has_other_array)) { $filter_radio_has_other = true; } else { $filter_radio_has_other = false; } } if ($filter_radio_has_other) { //if the filter is radio button field with 'other' if (!empty($filtered_option_id_array)) { $where_clause_array[] = "({$element_name} IN('{$filtered_option_id}') OR {$element_name}_other {$where_operand} {$where_keyword})"; } else { $where_clause_array[] = "{$element_name}_other {$where_operand} {$where_keyword}"; } } else { //otherwise, for the rest of the field types if (!empty($filtered_option_id_array)) { $where_clause_array[] = "{$element_name} IN('{$filtered_option_id}')"; } } } else { if (in_array($filter_element_type, array('date', 'europe_date'))) { $date_exploded = array(); $date_exploded = explode('/', $filter_keyword); //the filter_keyword has format mm/dd/yyyy $filter_keyword = $date_exploded[2] . '-' . $date_exploded[0] . '-' . $date_exploded[1]; if ($filter_condition == 'is') { $where_operand = '='; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'is_before') { $where_operand = '<'; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'is_after') { $where_operand = '>'; $where_keyword = "'{$filter_keyword}'"; } } } $where_clause_array[] = "date({$element_name}) {$where_operand} {$where_keyword}"; } else { if ($filter_condition == 'is') { $where_operand = '='; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'is_not') { $where_operand = '<>'; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'begins_with') { $where_operand = 'LIKE'; $where_keyword = "'{$filter_keyword}%'"; } else { if ($filter_condition == 'ends_with') { $where_operand = 'LIKE'; $where_keyword = "'%{$filter_keyword}'"; } else { if ($filter_condition == 'contains') { $where_operand = 'LIKE'; $where_keyword = "'%{$filter_keyword}%'"; } else { if ($filter_condition == 'not_contain') { $where_operand = 'NOT LIKE'; $where_keyword = "'%{$filter_keyword}%'"; } else { if ($filter_condition == 'less_than' || $filter_condition == 'is_before') { $where_operand = '<'; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'greater_than' || $filter_condition == 'is_after') { $where_operand = '>'; $where_keyword = "'{$filter_keyword}'"; } else { if ($filter_condition == 'is_one') { $where_operand = '='; $where_keyword = "'1'"; } else { if ($filter_condition == 'is_zero') { $where_operand = '='; $where_keyword = "'0'"; } } } } } } } } } } $where_clause_array[] = "{$element_name} {$where_operand} {$where_keyword}"; } } } $where_clause = implode($condition_type, $where_clause_array); if (empty($where_clause)) { $where_clause = "WHERE `status`=1"; } else { $where_clause = "WHERE ({$where_clause}) AND `status`=1"; } } else { $where_clause = "WHERE `status`=1"; } //check the sorting element //if the element type is radio, select or matrix_radio, we need to add a sub query to the main query //so that the fields can be sorted properly (the sub query need to get values from ap_element_options table) $sort_element_type = $column_type_lookup[$sort_element]; if (in_array($sort_element_type, array('radio', 'select', 'matrix_radio'))) { if ($sort_element_type == 'radio' && !empty($radio_has_other_array)) { if (in_array($sort_element . '_other', $radio_has_other_array)) { $sort_radio_has_other = true; } } $temp = explode('_', $sort_element); $sort_element_id = $temp[1]; if ($sort_radio_has_other) { //if this is radio button field with 'other' enabled $sorting_query = ",(\t\r\n\t\t\t\t\t\t\t\t\t\tselect if(A.{$sort_element}=0,A.{$sort_element}_other,\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t(select \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`option` \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tfrom " . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t \t\tform_id='{$form_id}' and \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t \t\telement_id='{$sort_element_id}' and \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t \t\toption_id=A.{$sort_element} and \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t \t\tlive=1)\r\n\t\t\t\t\t\t\t\t\t \t)\r\n\t\t\t\t\t\t\t\t ) {$sort_element}_key"; } else { $sorting_query = ",(\r\n\t\t\t\t\t\t\t\t\tselect \r\n\t\t\t\t\t\t\t\t\t\t\t`option` \r\n\t\t\t\t\t\t\t\t\t\tfrom " . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t \t\tform_id='{$form_id}' and \r\n\t\t\t\t\t\t\t\t\t \t\telement_id='{$sort_element_id}' and \r\n\t\t\t\t\t\t\t\t\t \t\toption_id=A.{$sort_element} and \r\n\t\t\t\t\t\t\t\t\t \t\tlive=1\r\n\t\t\t\t\t\t\t\t ) {$sort_element}_key"; } //override the $sort_element $sort_element .= '_key'; } /** pagination **/ //identify how many database rows are available $query = "select count(*) total_row from (select \r\n\t\t\t\t\t\t`id`,\r\n\t\t\t\t\t\t`id` as `row_num`,\r\n\t\t\t\t\t\t{$column_prefs_joined} \r\n\t\t\t\t\t\t{$sorting_query} \r\n\t\t\t\t\t\t{$payment_table_query} \r\n\t\t\t\t from \r\n\t\t\t\t \t" . MF_TABLE_PREFIX . "form_{$form_id} A \r\n\t\t\t\t \t{$where_clause} ) B "; $params = array(); $sth = mf_do_query($query, $params, $dbh); $row = mf_do_fetch_result($sth); $numrows = $row['total_row']; $lastpage = ceil($numrows / $rows_per_page); //ensure that $pageno is within range //this code checks that the value of $pageno is an integer between 1 and $lastpage $pageno = (int) $pageno; if ($pageno < 1) { $pageno = 1; } elseif ($pageno > $lastpage) { $pageno = $lastpage; } //construct the LIMIT clause for the sql SELECT statement if (!empty($numrows)) { $limit = 'LIMIT ' . ($pageno - 1) * $rows_per_page . ',' . $rows_per_page; } /** end pagination **/ $query = "select \r\n\t\t\t\t\t\t`id`,\r\n\t\t\t\t\t\t`id` as `row_num`,\r\n\t\t\t\t\t\t{$column_prefs_joined} \r\n\t\t\t\t\t\t{$sorting_query} \r\n\t\t\t\t\t\t{$payment_table_query} \r\n\t\t\t\t from \r\n\t\t\t\t \t" . MF_TABLE_PREFIX . "form_{$form_id} A \r\n\t\t\t\t \t{$where_clause} \r\n\t\t\t\torder by \r\n\t\t\t\t\t\t{$sort_element} {$sort_order}\r\n\t\t\t\t\t\t{$limit}"; $params = array(); $sth = mf_do_query($query, $params, $dbh); $i = 0; //prepend "id" and "row_num" into the column preferences array_unshift($column_prefs, "id", "row_num"); while ($row = mf_do_fetch_result($sth)) { $j = 0; foreach ($column_prefs as $column_name) { $form_data[$i][$j] = ''; //limit the data length, unless for file element if ($column_type_lookup[$column_name] != 'file') { if (strlen($row[$column_name]) > $max_data_length) { $row[$column_name] = substr($row[$column_name], 0, $max_data_length) . '...'; } } if ($column_type_lookup[$column_name] == 'time') { if (!empty($row[$column_name])) { $form_data[$i][$j] = date("h:i:s A", strtotime($row[$column_name])); } else { $form_data[$i][$j] = ''; } } elseif ($column_type_lookup[$column_name] == 'time_noseconds') { if (!empty($row[$column_name])) { $form_data[$i][$j] = date("h:i A", strtotime($row[$column_name])); } else { $form_data[$i][$j] = ''; } } elseif ($column_type_lookup[$column_name] == 'time_24hour_noseconds') { if (!empty($row[$column_name])) { $form_data[$i][$j] = date("H:i", strtotime($row[$column_name])); } else { $form_data[$i][$j] = ''; } } elseif ($column_type_lookup[$column_name] == 'time_24hour') { if (!empty($row[$column_name])) { $form_data[$i][$j] = date("H:i:s", strtotime($row[$column_name])); } else { $form_data[$i][$j] = ''; } } elseif (substr($column_type_lookup[$column_name], 0, 5) == 'money') { //set column formatting for money fields $column_type_temp = explode('_', $column_type_lookup[$column_name]); $column_type = $column_type_temp[1]; switch ($column_type) { case 'dollar': $currency = '$'; break; case 'pound': $currency = '£'; break; case 'euro': $currency = '€'; break; case 'yen': $currency = '¥'; break; case 'baht': $currency = '฿'; break; case 'forint': $currency = 'Ft'; break; case 'franc': $currency = 'CHF'; break; case 'koruna': $currency = 'Kč'; break; case 'krona': $currency = 'kr'; break; case 'pesos': $currency = '$'; break; case 'rand': $currency = 'R'; break; case 'ringgit': $currency = 'RM'; break; case 'rupees': $currency = 'Rs'; break; case 'zloty': $currency = 'zł'; break; case 'riyals': $currency = '﷼'; break; } //if the column name is "payment_amount", this column is coming from ap_form_payments table //in this case, we need to use the currency setting from the ap_forms table if ($column_name == 'payment_amount') { switch ($payment_currency) { case 'USD': $currency = '$'; break; case 'EUR': $currency = '€'; break; case 'GBP': $currency = '£'; break; case 'AUD': $currency = '$'; break; case 'CAD': $currency = '$'; break; case 'JPY': $currency = '¥'; break; case 'THB': $currency = '฿'; break; case 'HUF': $currency = 'Ft'; break; case 'CHF': $currency = 'CHF'; break; case 'CZK': $currency = 'Kč'; break; case 'SEK': $currency = 'kr'; break; case 'DKK': $currency = 'kr'; break; case 'NOK': $currency = 'kr'; break; case 'PHP': $currency = '$'; break; case 'MYR': $currency = 'RM'; break; case 'PLN': $currency = 'zł'; break; case 'BRL': $currency = 'R$'; break; case 'HKD': $currency = '$'; break; case 'MXN': $currency = 'Mex$'; break; case 'TWD': $currency = 'NT$'; break; case 'TRY': $currency = 'TL'; break; case 'NZD': $currency = '$'; break; case 'SGD': $currency = '$'; break; default: $currency_symbol = ''; break; } if ($row[$column_name] == '0.00') { $row[$column_name] = ''; //don't display zero payments } } if (!empty($row[$column_name])) { $form_data[$i][$j] = '<div class="me_right_div">' . $currency . $row[$column_name] . '</div>'; } else { $form_data[$i][$j] = ''; } } elseif ($column_type_lookup[$column_name] == 'date') { //date with format MM/DD/YYYY if (!empty($row[$column_name]) && $row[$column_name] != '0000-00-00') { $form_data[$i][$j] = date('M d, Y', strtotime($row[$column_name])); } if ($column_name == 'date_created' || $column_name == 'date_updated') { $form_data[$i][$j] = mf_short_relative_date($row[$column_name]); } } elseif ($column_type_lookup[$column_name] == 'europe_date') { //date with format DD/MM/YYYY if (!empty($row[$column_name]) && $row[$column_name] != '0000-00-00') { $form_data[$i][$j] = date('d M Y', strtotime($row[$column_name])); } } elseif ($column_type_lookup[$column_name] == 'number') { $form_data[$i][$j] = $row[$column_name]; } elseif (in_array($column_type_lookup[$column_name], array('radio', 'select'))) { //multiple choice or dropdown $exploded = array(); $exploded = explode('_', $column_name); $this_element_id = $exploded[1]; $this_option_id = $row[$column_name]; $form_data[$i][$j] = $element_option_lookup[$this_element_id][$this_option_id]; if ($column_type_lookup[$column_name] == 'radio') { if ($element_radio_has_other['element_' . $this_element_id] === true && empty($form_data[$i][$j])) { $form_data[$i][$j] = $row['element_' . $this_element_id . '_other']; } } } elseif (substr($column_type_lookup[$column_name], 0, 6) == 'matrix') { $exploded = array(); $exploded = explode('_', $column_type_lookup[$column_name]); $matrix_type = $exploded[1]; if ($matrix_type == 'radio') { $exploded = array(); $exploded = explode('_', $column_name); $this_element_id = $exploded[1]; $this_option_id = $row[$column_name]; $form_data[$i][$j] = $matrix_element_option_lookup[$this_element_id][$this_option_id]; } else { if ($matrix_type == 'checkbox') { if (!empty($row[$column_name])) { $form_data[$i][$j] = '<div class="me_center_div"><img src="images/icons/62_blue_16.png" align="absmiddle" /></div>'; } else { $form_data[$i][$j] = ''; } } } } elseif ($column_type_lookup[$column_name] == 'checkbox') { if (!empty($row[$column_name])) { if (substr($column_name, -5) == "other") { //if this is an 'other' field, display the actual value $form_data[$i][$j] = htmlspecialchars($row[$column_name], ENT_QUOTES); } else { $form_data[$i][$j] = '<div class="me_center_div"><img src="images/icons/62_blue_16.png" align="absmiddle" /></div>'; } } else { $form_data[$i][$j] = ''; } } elseif (in_array($column_type_lookup[$column_name], array('phone', 'simple_phone'))) { if (!empty($row[$column_name])) { if ($column_type_lookup[$column_name] == 'phone') { $form_data[$i][$j] = '(' . substr($row[$column_name], 0, 3) . ') ' . substr($row[$column_name], 3, 3) . '-' . substr($row[$column_name], 6, 4); } else { $form_data[$i][$j] = $row[$column_name]; } } } elseif ($column_type_lookup[$column_name] == 'file') { if (!empty($row[$column_name])) { $raw_files = array(); $raw_files = explode('|', $row[$column_name]); $clean_filenames = array(); foreach ($raw_files as $hashed_filename) { $file_1 = substr($hashed_filename, strpos($hashed_filename, '-') + 1); $filename_value = substr($file_1, strpos($file_1, '-') + 1); $clean_filenames[] = htmlspecialchars($filename_value); } $clean_filenames_joined = implode(', ', $clean_filenames); $form_data[$i][$j] = '<div class="me_file_div">' . $clean_filenames_joined . '</div>'; } } elseif ($column_type_lookup[$column_name] == 'payment_status') { if ($row[$column_name] == 'paid') { $payment_status_color = 'style="color: green;font-weight: bold"'; $payment_status_label = strtoupper($row[$column_name]); } else { $payment_status_color = ''; $payment_status_label = ucfirst(strtolower($row[$column_name])); } $form_data[$i][$j] = '<span ' . $payment_status_color . '>' . $payment_status_label . '</span>'; } else { $form_data[$i][$j] = htmlspecialchars(str_replace("\r", "", str_replace("\n", " ", $row[$column_name])), ENT_QUOTES); } $j++; } $i++; } //generate table markup for the entries $table_header_markup = '<thead><tr>' . "\n"; foreach ($column_labels as $label_name) { if ($label_name == 'mf_id') { $table_header_markup .= '<th class="me_action" scope="col"><input type="checkbox" value="1" name="col_select" id="col_select" /></th>' . "\n"; } else { if ($label_name == 'mf_row_num') { $table_header_markup .= '<th class="me_number" scope="col">#</th>' . "\n"; } else { $table_header_markup .= '<th scope="col"><div title="' . $label_name . '">' . $label_name . '</div></th>' . "\n"; } } } $table_header_markup .= '</tr></thead>' . "\n"; $table_body_markup = '<tbody>' . "\n"; $toggle = false; $first_row_number = ($pageno - 1) * $rows_per_page + 1; $last_row_number = $first_row_number; if (!empty($form_data)) { foreach ($form_data as $row_data) { if ($toggle) { $toggle = false; $row_style = 'class="alt"'; } else { $toggle = true; $row_style = ''; } $table_body_markup .= "<tr id=\"row_{$row_data[0]}\" {$row_style}>"; foreach ($row_data as $key => $column_data) { if ($key == 0) { //this is "id" column $table_body_markup .= '<td class="me_action"><input type="checkbox" id="entry_' . $column_data . '" name="entry_' . $column_data . '" value="1" /></td>' . "\n"; } elseif ($key == 1) { //this is "row_num" column $table_body_markup .= '<td class="me_number">' . $column_data . '</td>' . "\n"; } else { $table_body_markup .= '<td><div>' . $column_data . '</div></td>' . "\n"; } } $table_body_markup .= "</tr>" . "\n"; $last_row_number++; } } else { $table_body_markup .= "<tr><td colspan=\"" . count($column_labels) . "\"> <div id=\"filter_no_results\"><h3>Your search returned no results.</h3></div></td></tr>"; } $last_row_number--; $table_body_markup .= '</tbody>' . "\n"; $table_markup = '<table width="100%" cellspacing="0" cellpadding="0" border="0" id="entries_table">' . "\n"; $table_markup .= $table_header_markup . $table_body_markup; $table_markup .= '</table>' . "\n"; $entries_markup = '<div id="entries_container">'; $entries_markup .= $table_markup; $entries_markup .= '</div>'; $pagination_markup = ''; if (!empty($lastpage) && $numrows > $rows_per_page) { if ($pageno != 1) { if ($lastpage > 13 && $pageno > 7) { $pagination_markup .= "<li class=\"page\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno=1'>⇤ First</a></li>"; } $prevpage = $pageno - 1; } //middle navigation if ($pageno == 1) { $i = 1; while ($i <= 13 && $i <= $lastpage) { if ($i != 1) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$i}'>{$i}</a></li>"; $i++; } if ($lastpage > $i) { $pagination_markup .= "<li class=\"page_more\">...</li>"; } } elseif ($pageno == $lastpage) { if ($lastpage - 13 > 1) { $pagination_markup .= "<li class=\"page_more\">...</li>"; $i = 1; $j = $lastpage - 12; while ($i <= 13) { if ($j != $lastpage) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$j}'>{$j}</a></li>"; $i++; $j++; } } else { $i = 1; while ($i <= 13 && $i <= $lastpage) { if ($i != $lastpage) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$i}'>{$i}</a></li>"; $i++; } } } else { $next_pages = false; $prev_pages = false; if ($lastpage - ($pageno + 6) >= 1) { $next_pages = true; } if ($pageno - 6 > 1) { $prev_pages = true; } if ($prev_pages) { //if there are previous pages $pagination_markup .= "<li class=\"page_more\">...</li>"; if ($next_pages) { //if there are next pages $i = 1; $j = $pageno - 6; while ($i <= 13) { if ($j != $pageno) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$j}'>{$j}</a></li>"; $i++; $j++; } $pagination_markup .= "<li class=\"page_more\">...</li>"; } else { $i = 1; $j = $pageno - 9; while ($i <= 13 && $j <= $lastpage) { if ($j != $pageno) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$j}'>{$j}</a></li>"; $i++; $j++; } } } else { //if there aren't previous pages $i = 1; while ($i <= 13 && $i <= $lastpage) { if ($i != $pageno) { $active_style = ''; } else { $active_style = 'current_page'; } $pagination_markup .= "<li class=\"page {$active_style}\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$i}'>{$i}</a></li>"; $i++; } if ($next_pages) { $pagination_markup .= "<li class=\"page_more\">...</li>"; } } } if ($pageno != $lastpage) { $nextpage = $pageno + 1; if ($lastpage > 13) { $pagination_markup .= "<li class=\"page\"><a href='{$_SERVER['PHP_SELF']}?id={$form_id}&pageno={$lastpage}'>Last ⇥</a></li>"; } } $pagination_markup = '<ul class="pages bluesoft small" id="me_pagination">' . $pagination_markup . '</ul>'; $pagination_markup .= "<div id=\"me_pagination_label\">Displaying <strong>{$first_row_number}-{$last_row_number}</strong> of <strong id=\"me_entries_total\">{$numrows}</strong> entries</div>"; } else { $pagination_markup = '<div style="width: 100%; height: 20px;"></div>'; } $entries_markup .= $pagination_markup; return $entries_markup; }
require 'includes/db-core.php'; require 'includes/helper-functions.php'; require 'includes/language.php'; require 'includes/common-validator.php'; require 'includes/view-functions.php'; require 'includes/theme-functions.php'; require 'includes/post-functions.php'; require 'includes/entry-functions.php'; require 'lib/swift-mailer/swift_required.php'; require 'hooks/custom_hooks.php'; $dbh = mf_connect_db(); $form_id = (int) trim($_REQUEST['id']); $paid_form_id = (int) trim($_POST['form_id_redirect']); if (!empty($paid_form_id) && $_SESSION['mf_payment_completed'][$paid_form_id] === true) { //when payment succeeded, $paid_form_id should contain the form id number $form_properties = mf_get_form_properties($dbh, $paid_form_id, array('form_redirect_enable', 'form_redirect', 'form_review', 'form_page_total', 'payment_delay_notifications')); //process any delayed notifications if (!empty($form_properties['payment_delay_notifications'])) { mf_process_delayed_notifications($dbh, $paid_form_id, $_SESSION['mf_payment_record_id'][$paid_form_id]); } //redirect to the default success page or the custom redirect URL being set on form properties if (!empty($form_properties['form_redirect_enable']) && !empty($form_properties['form_redirect'])) { echo "<script type=\"text/javascript\">top.location.replace('{$form_properties['form_redirect']}')</script>"; exit; } else { $ssl_suffix = mf_get_ssl_suffix(); header("Location: http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . mf_get_dirname($_SERVER['PHP_SELF']) . "/view.php?id={$paid_form_id}&done=1"); exit; } } else { //display payment form
require 'includes/common-validator.php'; require 'includes/view-functions.php'; require 'includes/theme-functions.php'; require 'includes/post-functions.php'; require 'includes/entry-functions.php'; require 'lib/swift-mailer/swift_required.php'; require 'hooks/custom_hooks.php'; //get data from database $dbh = mf_connect_db(); $form_id = (int) trim($_REQUEST['id']); if (!empty($_POST['review_submit']) || !empty($_POST['review_submit_x'])) { //if form submitted //commit data from review table to actual table //however, we need to check if this form has payment enabled or not //if the form doesn't have any payment enabled, continue with commit and redirect to success page $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_enable_merchant', 'payment_delay_notifications', 'payment_merchant_type')); if ($form_properties['payment_enable_merchant'] != 1) { $record_id = $_SESSION['review_id']; $commit_result = mf_commit_form_review($dbh, $form_id, $record_id); unset($_SESSION['review_id']); if (empty($commit_result['form_redirect'])) { $ssl_suffix = mf_get_ssl_suffix(); header("Location: http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?id={$form_id}&done=1"); exit; } else { echo "<script type=\"text/javascript\">top.location.replace('{$commit_result['form_redirect']}')</script>"; exit; } } else { //if the form has payment enabled, continue commit and redirect to payment page $record_id = $_SESSION['review_id'];
function display_machform($config) { $form_id = $config['form_id']; $show_border = $config['show_border']; $machform_path = $config['base_path']; $machform_data_path = ''; if ($show_border === true) { $integration_method = ''; } else { $integration_method = 'php'; } //start session if there isn't any if (session_id() == "") { @session_start(); } $dbh = mf_connect_db(); if (mf_is_form_submitted()) { //if form submitted $input_array = mf_sanitize($_POST); $input_array['machform_data_path'] = $machform_data_path; $input_array['machform_base_path'] = $machform_path; $submit_result = mf_process_form($dbh, $input_array); if (!isset($input_array['password'])) { //if normal form submitted if ($submit_result['status'] === true) { if (!empty($submit_result['form_resume_url'])) { //the user saving a form, display success page with the resume URL $_SESSION['mf_form_resume_url'][$input_array['form_id']] = $submit_result['form_resume_url']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>"; } exit; } else { if ($submit_result['logic_page_enable'] === true) { //the page has skip logic enable and a custom destination page has been set $target_page_id = $submit_result['target_page_id']; if (is_numeric($target_page_id)) { if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?mf_page={$target_page_id}'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&mf_page={$target_page_id}'</script>"; } exit; } else { if ($target_page_id == 'payment') { //allow access to payment page $_SESSION['mf_form_payment_access'][$input_array['form_id']] = true; $_SESSION['mf_payment_record_id'][$input_array['form_id']] = $submit_result['entry_id']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>"; } exit; } else { if ($target_page_id == 'review') { if (!empty($submit_result['origin_page_number'])) { $page_num_params = '&mf_page_from=' . $submit_result['origin_page_number']; } $_SESSION['review_id'] = $submit_result['review_id']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_review=1{$page_num_params}'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_review=1{$page_num_params}'</script>"; } exit; } else { if ($target_page_id == 'success') { //redirect to success page if (empty($submit_result['form_redirect'])) { if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>"; } exit; } else { echo "<script type=\"text/javascript\">top.location = '{$submit_result['form_redirect']}'</script>"; exit; } } } } } } else { if (!empty($submit_result['review_id'])) { //redirect to review page if (!empty($submit_result['origin_page_number'])) { $page_num_params = '&mf_page_from=' . $submit_result['origin_page_number']; } $_SESSION['review_id'] = $submit_result['review_id']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_review=1{$page_num_params}'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_review=1{$page_num_params}'</script>"; } exit; } else { $ssl_suffix = mf_get_ssl_suffix(); if (!empty($submit_result['next_page_number'])) { //redirect to the next page number $_SESSION['mf_form_access'][$input_array['form_id']][$submit_result['next_page_number']] = true; echo "<script type=\"text/javascript\">top.location = 'http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?id={$input_array['form_id']}&mf_page={$submit_result['next_page_number']}'</script>"; exit; } else { //otherwise display success message or redirect to the custom redirect URL or payment page if (mf_is_payment_has_value($dbh, $input_array['form_id'], $submit_result['entry_id'])) { //redirect to credit card payment page, if the merchant is being enabled and the amount is not zero //allow access to payment page $_SESSION['mf_form_payment_access'][$input_array['form_id']] = true; $_SESSION['mf_payment_record_id'][$input_array['form_id']] = $submit_result['entry_id']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>"; } exit; } else { if (empty($submit_result['form_redirect'])) { if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>"; } exit; } else { echo "<script type=\"text/javascript\">top.location = '{$submit_result['form_redirect']}'</script>"; exit; } } } } } } } else { if ($submit_result['status'] === false) { //there are errors, display the form again with the errors $old_values = $submit_result['old_values']; $custom_error = @$submit_result['custom_error']; $error_elements = $submit_result['error_elements']; $form_params = array(); $form_params['page_number'] = $input_array['page_number']; $form_params['populated_values'] = $old_values; $form_params['error_elements'] = $error_elements; $form_params['custom_error'] = $custom_error; $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form($dbh, $input_array['form_id'], $form_params); } } } else { //if password form submitted if ($submit_result['status'] === true) { //on success, display the form $form_params = array(); $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form($dbh, $input_array['form_id'], $form_params); } else { $custom_error = $submit_result['custom_error']; //error, display the pasword form again $form_params = array(); $form_params['custom_error'] = $custom_error; $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form($dbh, $input_array['form_id'], $form_params); } } } else { if (!empty($_POST['review_submit']) || !empty($_POST['review_submit_x'])) { //if form review being submitted //commit data from review table to actual table //however, we need to check if this form has payment enabled or not //if the form doesn't have any payment enabled, continue with commit and redirect to success page $form_properties = mf_get_form_properties($dbh, $form_id, array('payment_enable_merchant', 'payment_delay_notifications', 'payment_merchant_type')); $ssl_suffix = mf_get_ssl_suffix(); $record_id = $_SESSION['review_id']; if ($form_properties['payment_enable_merchant'] != 1) { $commit_options = array(); $commit_options['machform_path'] = $machform_path; $commit_options['machform_data_path'] = $machform_data_path; $commit_result = mf_commit_form_review($dbh, $form_id, $record_id, $commit_options); unset($_SESSION['review_id']); if (empty($commit_result['form_redirect'])) { if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>"; } exit; } else { echo "<script type=\"text/javascript\">top.location = '{$commit_result['form_redirect']}'</script>"; exit; } } else { //if the form has payment enabled, continue commit and redirect to payment page $commit_options = array(); //delay notifications only available on stripe if (!empty($form_properties['payment_delay_notifications']) && $form_properties['payment_merchant_type'] == 'stripe') { $commit_options['send_notification'] = false; } $commit_result = mf_commit_form_review($dbh, $form_id, $record_id, $commit_options); unset($_SESSION['review_id']); //allow access to payment page $_SESSION['mf_form_payment_access'][$form_id] = true; $_SESSION['mf_payment_record_id'][$form_id] = $commit_result['record_insert_id']; if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>"; } exit; } } else { if (!empty($_POST['review_back']) || !empty($_POST['review_back_x'])) { //go back to form from review page $origin_page_num = (int) $_POST['mf_page_from']; $ssl_suffix = mf_get_ssl_suffix(); echo "<script type=\"text/javascript\">top.location = 'http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?id={$form_id}&mf_page={$origin_page_num}'</script>"; exit; } else { if (!empty($_POST['form_id_redirect'])) { //form payment being submitted $paid_form_id = (int) trim($_POST['form_id_redirect']); if ($_SESSION['mf_payment_completed'][$paid_form_id] === true) { //when payment succeeded, $paid_form_id should contain the form id number $form_properties = mf_get_form_properties($dbh, $paid_form_id, array('form_redirect_enable', 'form_redirect', 'form_review', 'form_page_total', 'payment_delay_notifications')); //process any delayed notifications if (!empty($form_properties['payment_delay_notifications'])) { mf_process_delayed_notifications($dbh, $paid_form_id, $_SESSION['mf_payment_record_id'][$paid_form_id]); } //redirect to the default success page or the custom redirect URL being set on form properties if (!empty($form_properties['form_redirect_enable']) && !empty($form_properties['form_redirect'])) { echo "<script type=\"text/javascript\">top.location = '{$form_properties['form_redirect']}'</script>"; exit; } else { if (strpos($_SERVER['REQUEST_URI'], '?') === false) { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>"; } else { echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>"; } exit; } } else { $markup = 'You are not authorized to access this page.'; } } else { if (!empty($_GET['show_review'])) { //show review page if (empty($_SESSION['review_id'])) { die("Your session has been expired. Please start again."); } else { $record_id = $_SESSION['review_id']; } $from_page_num = (int) $_GET['mf_page_from']; if (empty($from_page_num)) { $form_page_num = 1; } $form_params = array(); $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form_review($dbh, $form_id, $record_id, $from_page_num, $form_params); } else { if (!empty($_GET['show_payment'])) { //show payment page $record_id = $_SESSION['mf_payment_record_id'][$form_id]; $form_params = array(); $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form_payment($dbh, $form_id, $record_id, $form_params); } else { $form_id = $form_id; $page_number = (int) trim($_GET['mf_page']); $page_number = mf_verify_page_access($form_id, $page_number); $resume_key = trim($_GET['mf_resume']); if (!empty($resume_key)) { $_SESSION['mf_form_resume_key'][$form_id] = $resume_key; } if (!empty($_GET['done']) && (!empty($_SESSION['mf_form_completed'][$form_id]) || !empty($_SESSION['mf_form_resume_url'][$form_id]))) { $form_params = array(); $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $markup = mf_display_success($dbh, $form_id, $form_params); } else { $form_params = array(); $form_params['page_number'] = $page_number; $form_params['integration_method'] = $integration_method; $form_params['machform_path'] = $machform_path; $form_params['machform_data_path'] = $machform_data_path; $markup = mf_display_form($dbh, $form_id, $form_params); } } } } } } } echo $markup; }