function update_favicon(){
Loader::library('file/importer');
if ($this->token->validate("update_favicon")) {
if(intval($this->post('remove_favicon'))==1){
Config::save('FAVICON_FID',0);
$this->redirect('/dashboard/system/basics/icons/', 'favicon_removed');
} else {
$fi = new FileImporter();
$resp = $fi->import($_FILES['favicon_file']['tmp_name'], $_FILES['favicon_file']['name'], $fr);
if (!($resp instanceof FileVersion)) {
switch($resp) {
case FileImporter::E_FILE_INVALID_EXTENSION:
$this->error->add(t('Invalid file extension.'));
break;
case FileImporter::E_FILE_INVALID:
$this->error->add(t('Invalid file.'));
break;
}
} else {
Config::save('FAVICON_FID', $resp->getFileID());
$filepath=$resp->getPath();
//@copy($filepath, DIR_BASE.'/favicon.ico');
$this->redirect('/dashboard/system/basics/icons/', 'favicon_saved');
}
}
}else{
$this->set('error', array($this->token->getErrorMessage()));
}
}
public function import_files()
{
if (is_dir($this->getPackagePath() . '/files')) {
Loader::library('file/importer');
$fh = new FileImporter();
$contents = Loader::helper('file')->getDirectoryContents($this->getPackagePath() . '/files');
foreach ($contents as $filename) {
$f = $fh->import($this->getPackagePath() . '/files/' . $filename, $filename);
}
}
}
public function addFile($file)
{
Loader::library("file/importer");
Loader::library("mootools/plugin_parser", FRONTEND_DEVELOPER_PACKAGE_HANDLE);
$fi = new FileImporter();
$fv = $fi->import($file, basename($file), $this->getExistFile(basename($file)));
if (!$fv instanceof FileVersion) {
$message = FileImporter::getErrorMessage($result);
return $message;
}
$parser = new MootoolsPluginParser();
$meta = $parser->parse($file);
$requireValues = array();
if (is_array($meta["requires"])) {
$requires = $meta["requires"];
foreach ($requires as $module) {
$option = SelectAttributeTypeOption::getByValue($module);
if (empty($option)) {
$ak = FileAttributeKey::getByHandle(MOOTOOLS_PLUGIN_DEPENDENCES);
$type = SelectAttributeTypeOption::add($ak, $module, true);
$value = $type->getSelectAttributeOptionValue();
} else {
$value = $option->getSelectAttributeOptionValue();
}
$requireValues[$value] = $value;
}
}
$namespaces = explode('.', $meta['name']);
$packageName = array_shift($namespaces);
$moduleName = str_replace('.js', '', basename($file));
$componentName = $packageName . '/' . $moduleName;
$authors = is_array($meta["authors"]) ? join(",", $meta["authors"]) : $meta["authors"];
$license = is_array($meta["license"]) ? join(",", $meta["license"]) : $meta["license"];
$fv->setAttribute(MOOTOOLS_PLUGIN, true);
$fv->setAttribute(MOOTOOLS_COMPONENT_NAME, $componentName);
$fv->setAttribute(MOOTOOLS_PLUGIN_LICENSE, $license);
$fv->setAttribute(MOOTOOLS_PLUGIN_AUTHORS, $authors);
$fv->setAttribute(MOOTOOLS_PLUGIN_DEPENDENCES, $requireValues);
$fv->setAttribute(MOOTOOLS_PLUGIN_DISPLAY_ORDER, 0);
$fv->updateDescription($meta["description"]);
$fv->updateTags("mootools\nplugin");
$this->_fileset->addFileToSet($fv);
return $fv;
}
$diffW = abs($pWidth - $widthR) / 2;
$diffH = abs($pHeight - $heightR) / 2;
$_POST["imageX"] = $pWidth > $widthR ? $_POST["imageX"] - $diffW : $_POST["imageX"] + $diffW;
$_POST["imageY"] = $pHeight > $heightR ? $_POST["imageY"] - $diffH : $_POST["imageY"] + $diffH;
}
$dst_x = $src_x = $dst_y = $src_y = 0;
if ($_POST["imageX"] > 0) {
$dst_x = abs($_POST["imageX"]);
} else {
$src_x = abs($_POST["imageX"]);
}
if ($_POST["imageY"] > 0) {
$dst_y = abs($_POST["imageY"]);
} else {
$src_y = abs($_POST["imageY"]);
}
$viewport = imagecreatetruecolor($_POST["viewPortW"], $_POST["viewPortH"]);
$imp->setTransparency($image_p, $viewport, $ext);
imagecopy($viewport, $image_p, $dst_x, $dst_y, $src_x, $src_y, $pWidth, $pHeight);
imagedestroy($image_p);
$selector = imagecreatetruecolor($_POST["selectorW"], $_POST["selectorH"]);
$imp->setTransparency($viewport, $selector, $ext);
imagecopy($selector, $viewport, 0, 0, $selectorX, $selectorY, $_POST["viewPortW"], $_POST["viewPortH"]);
$file = Loader::helper('file')->getTemporaryDirectory() . '/' . time() . "." . $ext;
$imp->parseImage($ext, $selector, $file);
imagedestroy($viewport);
$fi = new FileImporter();
$resp = $fi->import($file, $f->getFileName(), $f);
}
}
}
$fr = File::getByID($_REQUEST['fID']);
$frp = new Permissions($fr);
if (!$frp->canEditFileContents()) {
$error->add(t('You do not have permission to modify this file.'));
}
} else {
$fr = false;
}
$r = new FileEditResponse();
if ($valt->validate('upload') && !$error->has()) {
if (isset($_FILES['Filedata']) && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
if (!$fp->canAddFileType($cf->getExtension($_FILES['Filedata']['name']))) {
$resp = FileImporter::E_FILE_INVALID_EXTENSION;
} else {
$fi = new FileImporter();
$resp = $fi->import($_FILES['Filedata']['tmp_name'], $_FILES['Filedata']['name'], $fr);
$r->setMessage(t('File uploaded successfully.'));
if (is_object($fr)) {
$r->setMessage(t('File replaced successfully.'));
}
}
if (!$resp instanceof \Concrete\Core\File\Version) {
$errorCode = $resp;
} else {
if (!is_object($fr)) {
// we check $fr because we don't want to set it if we are replacing an existing file
$respf = $resp->getFile();
$respf->setOriginalPage($_POST['ocID']);
} else {
$respf = $fr;
}
function action_submit_form()
{
$ip = Loader::helper('validation/ip');
Loader::library("file/importer");
if (!$ip->check()) {
$this->set('invalidIP', $ip->getErrorMessage());
return;
}
$txt = Loader::helper('text');
$db = Loader::db();
//question set id
$qsID = intval($_POST['qsID']);
if ($qsID == 0) {
throw new Exception(t("Oops, something is wrong with the form you posted (it doesn't have a question set id)."));
}
//get all questions for this question set
$rows = $db->GetArray("SELECT * FROM {$this->btQuestionsTablename} WHERE questionSetId=? AND bID=? order by position asc, msqID", array($qsID, intval($this->bID)));
// check captcha if activated
if ($this->displayCaptcha) {
$captcha = Loader::helper('validation/captcha');
if (!$captcha->check()) {
$errors['captcha'] = t("Incorrect captcha code");
$_REQUEST['ccmCaptchaCode'] = '';
}
}
//checked required fields
foreach ($rows as $row) {
if ($row['inputType'] == 'datetime') {
if (!isset($datetime)) {
$datetime = Loader::helper("form/date_time");
}
$translated = $datetime->translate('Question' . $row['msqID']);
if ($translated) {
$_POST['Question' . $row['msqID']] = $translated;
}
}
if (intval($row['required']) == 1) {
$notCompleted = 0;
if ($row['inputType'] == 'email') {
if (!Loader::helper('validation/strings')->email($_POST['Question' . $row['msqID']])) {
$errors['emails'] = t('You must enter a valid email address.');
}
}
if ($row['inputType'] == 'checkboxlist') {
$answerFound = 0;
foreach ($_POST as $key => $val) {
if (strstr($key, 'Question' . $row['msqID'] . '_') && strlen($val)) {
$answerFound = 1;
}
}
if (!$answerFound) {
$notCompleted = 1;
}
} elseif ($row['inputType'] == 'fileupload') {
if (!isset($_FILES['Question' . $row['msqID']]) || !is_uploaded_file($_FILES['Question' . $row['msqID']]['tmp_name'])) {
$notCompleted = 1;
}
} elseif (!strlen(trim($_POST['Question' . $row['msqID']]))) {
$notCompleted = 1;
}
if ($notCompleted) {
$errors['CompleteRequired'] = t("Complete required fields *");
}
}
}
//try importing the file if everything else went ok
$tmpFileIds = array();
if (!count($errors)) {
foreach ($rows as $row) {
if ($row['inputType'] != 'fileupload') {
continue;
}
$questionName = 'Question' . $row['msqID'];
if (!intval($row['required']) && (!isset($_FILES[$questionName]['tmp_name']) || !is_uploaded_file($_FILES[$questionName]['tmp_name']))) {
continue;
}
$fi = new FileImporter();
$resp = $fi->import($_FILES[$questionName]['tmp_name'], $_FILES[$questionName]['name']);
if (!$resp instanceof FileVersion) {
switch ($resp) {
case FileImporter::E_FILE_INVALID_EXTENSION:
$errors['fileupload'] = t('Invalid file extension.');
break;
case FileImporter::E_FILE_INVALID:
$errors['fileupload'] = t('Invalid file.');
break;
}
} else {
$tmpFileIds[intval($row['msqID'])] = $resp->getFileID();
if (intval($this->addFilesToSet)) {
Loader::model('file_set');
$fs = new FileSet();
$fs = $fs->getByID($this->addFilesToSet);
if ($fs->getFileSetID()) {
$fs->addFileToSet($resp);
}
}
}
}
}
if (count($errors)) {
$this->set('formResponse', t('Please correct the following errors:'));
$this->set('errors', $errors);
} else {
//no form errors
//save main survey record
$u = new User();
$uID = 0;
if ($u->isRegistered()) {
$uID = $u->getUserID();
}
$q = "insert into {$this->btAnswerSetTablename} (questionSetId, uID) values (?,?)";
$db->query($q, array($qsID, $uID));
$answerSetID = $db->Insert_ID();
$this->lastAnswerSetId = $answerSetID;
$questionAnswerPairs = array();
if (strlen(FORM_BLOCK_SENDER_EMAIL) > 1 && strstr(FORM_BLOCK_SENDER_EMAIL, '@')) {
$formFormEmailAddress = FORM_BLOCK_SENDER_EMAIL;
} else {
$adminUserInfo = UserInfo::getByID(USER_SUPER_ID);
$formFormEmailAddress = $adminUserInfo->getUserEmail();
}
$replyToEmailAddress = $formFormEmailAddress;
//loop through each question and get the answers
foreach ($rows as $row) {
//save each answer
$answerDisplay = '';
if ($row['inputType'] == 'checkboxlist') {
$answer = array();
$answerLong = "";
$keys = array_keys($_POST);
foreach ($keys as $key) {
if (strpos($key, 'Question' . $row['msqID'] . '_') === 0) {
$answer[] = $txt->sanitize($_POST[$key]);
}
}
} elseif ($row['inputType'] == 'text') {
$answerLong = $txt->sanitize($_POST['Question' . $row['msqID']]);
$answer = '';
} elseif ($row['inputType'] == 'fileupload') {
$answerLong = "";
$answer = intval($tmpFileIds[intval($row['msqID'])]);
if ($answer > 0) {
$answerDisplay = File::getByID($answer)->getVersion()->getDownloadURL();
} else {
$answerDisplay = t('No file specified');
}
} elseif ($row['inputType'] == 'url') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
} elseif ($row['inputType'] == 'email') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
if (!empty($row['options'])) {
$settings = unserialize($row['options']);
if (is_array($settings) && array_key_exists('send_notification_from', $settings) && $settings['send_notification_from'] == 1) {
$email = $txt->email($answer);
if (!empty($email)) {
$replyToEmailAddress = $email;
}
}
}
} elseif ($row['inputType'] == 'telephone') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
} else {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
}
if (is_array($answer)) {
$answer = join(',', $answer);
}
$questionAnswerPairs[$row['msqID']]['question'] = $row['question'];
$questionAnswerPairs[$row['msqID']]['answer'] = $txt->sanitize($answer . $answerLong);
$questionAnswerPairs[$row['msqID']]['answerDisplay'] = strlen($answerDisplay) ? $answerDisplay : $questionAnswerPairs[$row['msqID']]['answer'];
$v = array($row['msqID'], $answerSetID, $answer, $answerLong);
$q = "insert into {$this->btAnswersTablename} (msqID,asID,answer,answerLong) values (?,?,?,?)";
$db->query($q, $v);
}
$foundSpam = false;
$submittedData = '';
foreach ($questionAnswerPairs as $questionAnswerPair) {
$submittedData .= $questionAnswerPair['question'] . "\r\n" . $questionAnswerPair['answer'] . "\r\n" . "\r\n";
}
$antispam = Loader::helper('validation/antispam');
if (!$antispam->check($submittedData, 'form_block')) {
// found to be spam. We remove it
$foundSpam = true;
$q = "delete from {$this->btAnswerSetTablename} where asID = ?";
$v = array($this->lastAnswerSetId);
$db->Execute($q, $v);
$db->Execute("delete from {$this->btAnswersTablename} where asID = ?", array($this->lastAnswerSetId));
}
if (intval($this->notifyMeOnSubmission) > 0 && !$foundSpam) {
if (strlen(FORM_BLOCK_SENDER_EMAIL) > 1 && strstr(FORM_BLOCK_SENDER_EMAIL, '@')) {
$formFormEmailAddress = FORM_BLOCK_SENDER_EMAIL;
} else {
$adminUserInfo = UserInfo::getByID(USER_SUPER_ID);
$formFormEmailAddress = $adminUserInfo->getUserEmail();
}
$mh = Loader::helper('mail');
$mh->to($this->recipientEmail);
$mh->from($formFormEmailAddress);
$mh->replyto($replyToEmailAddress);
$mh->addParameter('formName', $this->surveyName);
$mh->addParameter('questionSetId', $this->questionSetId);
$mh->addParameter('questionAnswerPairs', $questionAnswerPairs);
$mh->load('block_form_submission');
$mh->setSubject(t('%s Form Submission', $this->surveyName));
//echo $mh->body.'<br>';
@$mh->sendMail();
}
if (!$this->noSubmitFormRedirect) {
if ($this->redirectCID > 0) {
$pg = Page::getByID($this->redirectCID);
if (is_object($pg) && $pg->cID) {
$this->redirect($pg->getCollectionPath());
}
}
$c = Page::getCurrentPage();
header("Location: " . Loader::helper('navigation')->getLinkToCollection($c, true) . "?surveySuccess=1&qsid=" . $this->questionSetId . "#" . $this->questionSetId);
exit;
}
}
}
function save($data) {
Loader::library("file/importer");
if (file_exists($data['file'])) {
$fi = new FileImporter();
$resp = $fi->import($data['file'], $data['name']);
$lbc = new LibraryFileBlockController();
return $lbc->getFile($resp->getFileID());
}
}
/**
* Users submits the completed survey.
*
* @param int $bID
*/
public function action_submit_form($bID = false)
{
if ($this->enableSpamHoneypot) {
if (!empty($_POST['message1'])) {
// It's possible that an auto-fill helper or someone using a screenreader filled out this field,
// so let them know that it should be left blank.
$this->set('formResponse', t('Please correct the following errors:'));
$this->set('errors', array(t('Error: It looks like you might be a spammer because you filled out the "Leave Blank" field. If you\'re not a spammer, please leave that field blank and try submitting again. Thanks!')));
return;
} else {
if (empty($_POST['message2']) || $_POST['message2'] != '1') {
// It's fairly impossible that this form field got altered by accident (because it's an <input type="hidden">),
// so don't even bother saying that there's a problem.
$errorResponse = '<span class="confirmation">Thank you.</span>';
$this->set('formResponse', t('Thank you.'));
$this->set('errors', array());
return;
}
}
}
if ($this->bID != $bID) {
return false;
}
$ip = Core::make('helper/validation/ip');
$this->view();
if ($ip->isBanned()) {
$this->set('invalidIP', $ip->getErrorMessage());
return;
}
$txt = Core::make('helper/text');
$db = Database::connection();
//question set id
$qsID = intval($_POST['qsID']);
if ($qsID == 0) {
throw new Exception(t("Oops, something is wrong with the form you posted (it doesn't have a question set id)."));
}
//get all questions for this question set
$rows = $db->GetArray("SELECT * FROM {$this->btQuestionsTablename} WHERE questionSetId=? AND bID=? order by position asc, msqID", array($qsID, intval($this->bID)));
$errorDetails = array();
// check captcha if activated
if ($this->displayCaptcha) {
$captcha = Core::make('helper/validation/captcha');
if (!$captcha->check()) {
$errors['captcha'] = t("Incorrect captcha code");
$_REQUEST['ccmCaptchaCode'] = '';
}
}
//checked required fields
foreach ($rows as $row) {
if ($row['inputType'] == 'datetime') {
if (!isset($datetime)) {
$datetime = Core::make('helper/form/date_time');
}
$translated = $datetime->translate('Question' . $row['msqID']);
if ($translated) {
$_POST['Question' . $row['msqID']] = $translated;
}
}
if (intval($row['required']) == 1) {
$notCompleted = 0;
if ($row['inputType'] == 'email') {
if (!Core::make('helper/validation/strings')->email($_POST['Question' . $row['msqID']])) {
$errors['emails'] = t('You must enter a valid email address.');
$errorDetails[$row['msqID']]['emails'] = $errors['emails'];
}
}
if ($row['inputType'] == 'checkboxlist') {
$answerFound = 0;
foreach ($_POST as $key => $val) {
if (strstr($key, 'Question' . $row['msqID'] . '_') && strlen($val)) {
$answerFound = 1;
}
}
if (!$answerFound) {
$notCompleted = 1;
}
} elseif ($row['inputType'] == 'fileupload') {
if (!isset($_FILES['Question' . $row['msqID']]) || !is_uploaded_file($_FILES['Question' . $row['msqID']]['tmp_name'])) {
$notCompleted = 1;
}
} elseif (!strlen(trim($_POST['Question' . $row['msqID']]))) {
$notCompleted = 1;
}
if ($notCompleted) {
$errors['CompleteRequired'] = t("Complete required fields *");
$errorDetails[$row['msqID']]['CompleteRequired'] = $errors['CompleteRequired'];
}
}
}
//try importing the file if everything else went ok
$tmpFileIds = array();
if (!count($errors)) {
foreach ($rows as $row) {
if ($row['inputType'] != 'fileupload') {
continue;
}
$questionName = 'Question' . $row['msqID'];
if (!intval($row['required']) && (!isset($_FILES[$questionName]['tmp_name']) || !is_uploaded_file($_FILES[$questionName]['tmp_name']))) {
continue;
}
$fi = new FileImporter();
$resp = $fi->import($_FILES[$questionName]['tmp_name'], $_FILES[$questionName]['name']);
if (!$resp instanceof Version) {
switch ($resp) {
case FileImporter::E_FILE_INVALID_EXTENSION:
$errors['fileupload'] = t('Invalid file extension.');
$errorDetails[$row['msqID']]['fileupload'] = $errors['fileupload'];
break;
case FileImporter::E_FILE_INVALID:
$errors['fileupload'] = t('Invalid file.');
$errorDetails[$row['msqID']]['fileupload'] = $errors['fileupload'];
break;
}
} else {
$tmpFileIds[intval($row['msqID'])] = $resp->getFileID();
if (intval($this->addFilesToSet)) {
$fs = new FileSet();
$fs = $fs->getByID($this->addFilesToSet);
if ($fs->getFileSetID()) {
$fs->addFileToSet($resp);
}
}
}
}
}
if (count($errors)) {
$this->set('formResponse', t('Please correct the following errors:'));
$this->set('errors', $errors);
$this->set('errorDetails', $errorDetails);
} else {
//no form errors
//save main survey record
$u = new User();
$uID = 0;
if ($u->isRegistered()) {
$uID = $u->getUserID();
}
$q = "insert into {$this->btAnswerSetTablename} (questionSetId, uID) values (?,?)";
$db->query($q, array($qsID, $uID));
$answerSetID = $db->Insert_ID();
$this->lastAnswerSetId = $answerSetID;
$questionAnswerPairs = array();
if (Config::get('concrete.email.form_block.address') && strstr(Config::get('concrete.email.form_block.address'), '@')) {
$formFormEmailAddress = Config::get('concrete.email.form_block.address');
} else {
$adminUserInfo = UserInfo::getByID(USER_SUPER_ID);
$formFormEmailAddress = $adminUserInfo->getUserEmail();
}
$replyToEmailAddress = $formFormEmailAddress;
//loop through each question and get the answers
foreach ($rows as $row) {
//save each answer
$answerDisplay = '';
if ($row['inputType'] == 'checkboxlist') {
$answer = array();
$answerLong = "";
$keys = array_keys($_POST);
foreach ($keys as $key) {
if (strpos($key, 'Question' . $row['msqID'] . '_') === 0) {
$answer[] = $txt->sanitize($_POST[$key]);
}
}
} elseif ($row['inputType'] == 'text') {
$answerLong = $txt->sanitize($_POST['Question' . $row['msqID']]);
$answer = '';
} elseif ($row['inputType'] == 'fileupload') {
$answerLong = "";
$answer = intval($tmpFileIds[intval($row['msqID'])]);
if ($answer > 0) {
$answerDisplay = File::getByID($answer)->getVersion()->getDownloadURL();
} else {
$answerDisplay = t('No file specified');
}
} elseif ($row['inputType'] == 'url') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
} elseif ($row['inputType'] == 'email') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
if (!empty($row['options'])) {
$settings = unserialize($row['options']);
if (is_array($settings) && array_key_exists('send_notification_from', $settings) && $settings['send_notification_from'] == 1) {
$email = $txt->email($answer);
if (!empty($email)) {
$replyToEmailAddress = $email;
}
}
}
} elseif ($row['inputType'] == 'telephone') {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
} else {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
}
if (is_array($answer)) {
$answer = implode(',', $answer);
}
$questionAnswerPairs[$row['msqID']]['question'] = $row['question'];
$questionAnswerPairs[$row['msqID']]['answer'] = $txt->sanitize($answer . $answerLong);
$questionAnswerPairs[$row['msqID']]['answerDisplay'] = strlen($answerDisplay) ? $answerDisplay : $questionAnswerPairs[$row['msqID']]['answer'];
$v = array($row['msqID'], $answerSetID, $answer, $answerLong);
$q = "insert into {$this->btAnswersTablename} (msqID,asID,answer,answerLong) values (?,?,?,?)";
$db->query($q, $v);
}
// endforeach;
// include pageURL in submission
if (isset($_POST['pageURL'])) {
$questionAnswerPairs['pageURL']['question'] = 'Page URL';
$questionAnswerPairs['pageURL']['answer'] = $_POST['pageURL'];
$questionAnswerPairs['pageURL']['answerDisplay'] = $_POST['pageURL'];
}
$foundSpam = false;
$submittedData = '';
foreach ($questionAnswerPairs as $questionAnswerPair) {
$submittedData .= $questionAnswerPair['question'] . "\r\n" . $questionAnswerPair['answer'] . "\r\n" . "\r\n";
}
$antispam = Core::make('helper/validation/antispam');
if (!$antispam->check($submittedData, 'form_block')) {
// found to be spam. We remove it
$foundSpam = true;
$q = "delete from {$this->btAnswerSetTablename} where asID = ?";
$v = array($this->lastAnswerSetId);
$db->Execute($q, $v);
$db->Execute("delete from {$this->btAnswersTablename} where asID = ?", array($this->lastAnswerSetId));
}
if (intval($this->notifyMeOnSubmission) > 0 && !$foundSpam) {
if (Config::get('concrete.email.form_block.address') && strstr(Config::get('concrete.email.form_block.address'), '@')) {
$formFormEmailAddress = Config::get('concrete.email.form_block.address');
} else {
$adminUserInfo = UserInfo::getByID(USER_SUPER_ID);
$formFormEmailAddress = $adminUserInfo->getUserEmail();
}
$mh = Core::make('helper/mail');
// fixes a bug where multiple recipient emails were interpreted as one
$recipientEmails = explode(',', $this->recipientEmail);
foreach ($recipientEmails as $recipientEmail) {
$recipientEmail = str_replace(' ', '', $recipientEmail);
$mh->to($recipientEmail);
}
$mh->from($formFormEmailAddress);
$mh->replyto($replyToEmailAddress);
$mh->addParameter('formName', $this->surveyName);
$mh->addParameter('questionSetId', $this->questionSetId);
$mh->addParameter('questionAnswerPairs', $questionAnswerPairs);
$mh->load('block_form_submission');
$mh->setSubject(t('%s Form Submission', $this->surveyName));
//echo $mh->body.'<br>';
@$mh->sendMail();
}
if (!$this->noSubmitFormRedirect) {
if ($this->redirectCID > 0) {
$pg = Page::getByID($this->redirectCID);
if (is_object($pg) && $pg->cID) {
$this->redirect($pg->getCollectionPath());
}
}
$c = Page::getCurrentPage();
header("Location: " . Core::make('helper/navigation')->getLinkToCollection($c, true) . "?surveySuccess=1&qsid=" . $this->questionSetId . "#formblock" . $this->bID);
exit;
}
}
}
private function importUploadedFiles()
{
foreach ($this->field_defs as $name => $field_def) {
if (!empty($field_def['fileset'])) {
if (!empty($this->field_values[$name])) {
//Okay! Now that we've established that this field is a file upload
// and that something was uploaded, we want to do some sanity checks
// and if all is well, import the uploaded file to the file manager,
// add it to the desired file set, and then put the file ID into this object's
// values array (so the file ID is what gets saved to the database record).
$file_info = $this->field_values[$name];
$this->field_values[$name] = null;
//do this now in case one of our sanity checks below fails
if (!is_array($file_info) || empty($file_info['tmp_name']) || empty($file_info['name'])) {
continue;
}
$fs = FileSet::getByName($field_def['fileset']);
if (empty($fs)) {
continue;
}
$fi = new FileImporter();
$f = $fi->import($file_info['tmp_name'], $file_info['name']);
if (!$f instanceof FileVersion) {
continue;
}
$fs->addFileToSet($f);
$this->field_values[$name] = $f->getFileID();
}
}
}
}
}
if (!$validExtension) {
$error[] = t('Invalid File Extension');
}
}
if (count($error) > 0) {
// send in the errors
$errorStr = implode(', ', $error);
$file->error = $errorStr . '.';
echo Loader::helper('json')->encode($file);
exit;
}
// -- end intitial validation -- //
// begin file import
$fi = new FileImporter();
$fv = $fi->import($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
if (!$fv instanceof \Concrete\Core\Entity\File\Version) {
$file->error = $fi->getErrorMessage($fv);
$file->timestamp = $_POST['timestamp'];
} else {
$file_set = Config::get('conversations.attachments_pending_file_set');
$fs = FileSet::getByName($file_set);
if (!is_object($fs)) {
$fs = FileSet::createAndGetSet($file_set, FileSet::TYPE_PUBLIC, USER_SUPER_ID);
}
$fs->addFileToSet($fv);
$file->id = $fv->getFileID();
$file->tag = $_POST['tag'];
$file->timestamp = $_POST['timestamp'];
}
echo Loader::helper('json')->encode($file);
<?php
defined("C5_EXECUTE") or die("Access Denied.");
$fID = isset($_REQUEST['fID']) ? intval($_REQUEST['fID']) : 0;
if ($fID < 1) {
die('{"error":1,"code":401,"message":"Invalid File"}');
}
$f = File::getByID($fID);
$fp = new Permissions($f);
if (!$fp->canWrite()) {
die('{"error":1,"code":401,"message":"Access Denied"}');
}
$imgData = isset($_REQUEST['imgData']) ? $_REQUEST['imgData'] : false;
if (!$imgData) {
die('{"error":1,"code":400,"message":"No Data"}');
}
$fh = Loader::helper('file');
$tmpName = tempnam($fh->getTemporaryDirectory(), 'img');
$fh->append($tmpName, base64_decode(str_replace('data:image/png;base64,', '', $imgData)));
$fi = new FileImporter();
$fi->import($tmpName, $f->getFileName(), $f);
unlink($tmpName);
die('{"error":0}');
// we are replacing a file
$fr = File::getByID($_REQUEST['fID']);
} else {
$fr = false;
}
$searchInstance = $_POST['searchInstance'];
$files = array();
if ($valt->validate('import_incoming')) {
if (!empty($_POST)) {
$fi = new FileImporter();
foreach ($_POST as $k => $name) {
if (preg_match("#^send_file#", $k)) {
if (!$fp->canAddFileType($cf->getExtension($name))) {
$resp = FileImporter::E_FILE_INVALID_EXTENSION;
} else {
$resp = $fi->import(DIR_FILES_INCOMING . '/' . $name, $name, $fr);
}
if (!$resp instanceof FileVersion) {
$error .= $name . ': ' . FileImporter::getErrorMessage($resp) . "\n";
} else {
$files[] = $resp;
if ($_POST['removeFilesAfterPost'] == 1) {
unlink(DIR_FILES_INCOMING . '/' . $name);
}
if (!is_object($fr)) {
// we check $fr because we don't want to set it if we are replacing an existing file
$respf = $resp->getFile();
$respf->setOriginalPage($_POST['ocID']);
}
}
}
function action_submit_form()
{
$ip = Loader::helper('validation/ip');
Loader::library("file/importer");
if (!$ip->check()) {
$this->set('invalidIP', $ip->getErrorMessage());
return;
}
$txt = Loader::helper('text');
$db = Loader::db();
//question set id
$qsID = intval($_POST['qsID']);
if ($qsID == 0) {
throw new Exception(t("Oops, something is wrong with the form you posted (it doesn't have a question set id)."));
}
//get all questions for this question set
$rows = $db->GetArray("SELECT * FROM {$this->btQuestionsTablename} WHERE questionSetId=? AND bID=? order by position asc", array($qsID, intval($this->bID)));
// check captcha if activated
if ($this->displayCaptcha) {
$captcha = Loader::helper('validation/captcha');
if (!$captcha->check()) {
$errors['captcha'] = t("Incorrect captcha code");
$_REQUEST['ccmCaptchaCode'] = '';
}
}
//checked required fields
foreach ($rows as $row) {
if (intval($row['required']) == 1) {
$notCompleted = 0;
if ($row['inputType'] == 'checkboxlist') {
$answerFound = 0;
foreach ($_POST as $key => $val) {
if (strstr($key, 'Question' . $row['msqID'] . '_') && strlen($val)) {
$answerFound = 1;
}
}
if (!$answerFound) {
$notCompleted = 1;
}
} elseif ($row['inputType'] == 'fileupload') {
if (!isset($_FILES['Question' . $row['msqID']]) || !is_uploaded_file($_FILES['Question' . $row['msqID']]['tmp_name'])) {
$notCompleted = 1;
}
} elseif (!strlen(trim($_POST['Question' . $row['msqID']]))) {
$notCompleted = 1;
}
if ($notCompleted) {
$errors['CompleteRequired'] = t("Complete required fields *");
}
}
}
//try importing the file if everything else went ok
$tmpFileIds = array();
if (!count($errors)) {
foreach ($rows as $row) {
if ($row['inputType'] != 'fileupload') {
continue;
}
$questionName = 'Question' . $row['msqID'];
if (!intval($row['required']) && (!isset($_FILES[$questionName]['tmp_name']) || !is_uploaded_file($_FILES[$questionName]['tmp_name']))) {
continue;
}
$fi = new FileImporter();
$resp = $fi->import($_FILES[$questionName]['tmp_name'], $_FILES[$questionName]['name']);
if (!$resp instanceof FileVersion) {
switch ($resp) {
case FileImporter::E_FILE_INVALID_EXTENSION:
$errors['fileupload'] = t('Invalid file extension.');
break;
case FileImporter::E_FILE_INVALID:
$errors['fileupload'] = t('Invalid file.');
break;
}
} else {
$tmpFileIds[intval($row['msqID'])] = $resp->getFileID();
}
}
}
if (count($errors)) {
$this->set('formResponse', t('Please correct the following errors:'));
$this->set('errors', $errors);
$this->set('Entry', $E);
} else {
//no form errors
//save main survey record
$u = new User();
$uID = 0;
if ($u->isRegistered()) {
$uID = $u->getUserID();
}
$q = "insert into {$this->btAnswerSetTablename} (questionSetId, uID) values (?,?)";
$db->query($q, array($qsID, $uID));
$answerSetID = $db->Insert_ID();
$this->lastAnswerSetId = $answerSetID;
$questionAnswerPairs = array();
//loop through each question and get the answers
foreach ($rows as $row) {
//save each answer
if ($row['inputType'] == 'checkboxlist') {
$answer = array();
$answerLong = "";
$keys = array_keys($_POST);
foreach ($keys as $key) {
if (strpos($key, 'Question' . $row['msqID'] . '_') === 0) {
$answer[] = $txt->sanitize($_POST[$key]);
}
}
} elseif ($row['inputType'] == 'text') {
$answerLong = $txt->sanitize($_POST['Question' . $row['msqID']]);
$answer = '';
} elseif ($row['inputType'] == 'fileupload') {
$answer = intval($tmpFileIds[intval($row['msqID'])]);
} else {
$answerLong = "";
$answer = $txt->sanitize($_POST['Question' . $row['msqID']]);
}
if (is_array($answer)) {
$answer = join(',', $answer);
}
$questionAnswerPairs[$row['msqID']]['question'] = $row['question'];
$questionAnswerPairs[$row['msqID']]['answer'] = $txt->sanitize($answer . $answerLong);
$v = array($row['msqID'], $answerSetID, $answer, $answerLong);
$q = "insert into {$this->btAnswersTablename} (msqID,asID,answer,answerLong) values (?,?,?,?)";
$db->query($q, $v);
}
$refer_uri = $_POST['pURI'];
if (!strstr($refer_uri, '?')) {
$refer_uri .= '?';
}
if (intval($this->notifyMeOnSubmission) > 0) {
if (strlen(FORM_BLOCK_SENDER_EMAIL) > 1 && strstr(FORM_BLOCK_SENDER_EMAIL, '@')) {
$formFormEmailAddress = FORM_BLOCK_SENDER_EMAIL;
} else {
$adminUserInfo = UserInfo::getByID(USER_SUPER_ID);
$formFormEmailAddress = $adminUserInfo->getUserEmail();
}
$mh = Loader::helper('mail');
$mh->to($this->recipientEmail);
$mh->from($formFormEmailAddress);
$mh->addParameter('formName', $this->surveyName);
$mh->addParameter('questionSetId', $this->questionSetId);
$mh->addParameter('questionAnswerPairs', $questionAnswerPairs);
$mh->load('block_form_submission');
$mh->setSubject(t('%s Form Submission', $this->surveyName));
//echo $mh->body.'<br>';
@$mh->sendMail();
}
//$_REQUEST=array();
if ($this->redirectCID > 0) {
$pg = Page::getByID($this->redirectCID);
if (is_object($pg)) {
$this->redirect($pg->getCollectionPath());
} else {
// page didn't exist, we'll just do the default action
header("Location: " . $refer_uri . "&surveySuccess=1&qsid=" . $this->questionSetId . "#" . $this->questionSetId);
exit;
}
}
if (!$this->noSubmitFormRedirect) {
// not sure if this is used, but someone must be depending on it??
header("Location: " . $refer_uri . "&surveySuccess=1&qsid=" . $this->questionSetId . "#" . $this->questionSetId);
die;
}
}
}
if (is_numeric($_REQUEST['fID'])) {
$path = File::getRelativePathFromID($_REQUEST['fID']);
echo $json->encode($path);
exit;
}
} elseif (isset($_POST['thumbnail']) && strlen($_POST['thumbnail'])) {
$thumb = base64_decode($_POST['thumbnail']);
$file_path = Config::get('concrete.cache.directory') . "/composer_" . $id->getString() . ".jpg";
$fp = fopen($file_path, "w");
if ($fp) {
fwrite($fp, base64_decode($_POST['thumbnail']));
fclose($fp);
$fi = new FileImporter();
// if we're working with an existing image, grab the name from it for the new one
if (is_numeric($_REQUEST['fID']) && $_REQUEST['fID'] > 0) {
$f = File::getByID($_REQUEST['fID']);
$fv = $f->getVersion();
$fileName = $fv->getFileName();
$fileName = $cf->replaceExtension($fileName, "jpg");
} else {
$fileName = false;
}
$resp = $fi->import($file_path, $fileName);
unlink($file_path);
$obj = new stdClass();
$obj->fID = $resp->getFileID();
$obj->bID = $_REQUEST['bID'];
echo Loader::helper('json')->encode($obj);
exit;
}
}
} while (file_exists($fpath . '/' . $fname));
}
}
}
//else {
// if we can't get the filename from the file itself OR from the mime-type I'm not sure there's much else we can do
//}
if (strlen($fname)) {
// write the downloaded file to a temporary location on disk
$handle = fopen($fpath . '/' . $fname, "w");
fwrite($handle, $response->getBody());
fclose($handle);
// import the file into concrete
if ($fp->canAddFileType($cf->getExtension($fname))) {
$fi = new FileImporter();
$resp = $fi->import($fpath . '/' . $fname, $fname, $fr);
} else {
$resp = FileImporter::E_FILE_INVALID_EXTENSION;
}
if (!$resp instanceof FileVersion) {
$errors[] .= $fname . ': ' . FileImporter::getErrorMessage($resp) . "\n";
} else {
$import_responses[] = $resp;
if (!is_object($fr)) {
// we check $fr because we don't want to set it if we are replacing an existing file
$respf = $resp->getFile();
$respf->setOriginalPage($_POST['ocID']);
}
}
// clean up the file
unlink($fpath . '/' . $fname);
function importFile($fileUrl)
{
$u = new User();
$cf = Loader::helper('file');
$fp = FilePermissions::getGlobal();
if (!$fp->canAddFiles()) {
die(t("Unable to add files."));
}
//$valt = Loader::helper('validation/token');
Loader::library("file/importer");
Loader::library('3rdparty/Zend/Http/Client');
Loader::library('3rdparty/Zend/Uri/Http');
$file = Loader::helper('file');
Loader::helper('mime');
$error = array();
// load all the incoming fields into an array
$this_url = $fileUrl;
// validate URL
if (Zend_Uri_Http::check($this_url)) {
// URL appears to be good... add it
$incoming_urls[] = $this_url;
} else {
$errors[] = '"' . $this_url . '"' . t(' is not a valid URL.');
}
//}
//if (!$valt->validate('import_remote')) {
// $errors[] = $valt->getErrorMessage();
//}
if (count($incoming_urls) < 1) {
$errors[] = t('You must specify at least one valid URL.');
}
$import_responses = array();
// if we haven't gotten any errors yet then try to process the form
if (count($errors) < 1) {
// itterate over each incoming URL adding if relevant
foreach ($incoming_urls as $this_url) {
// try to D/L the provided file
// This all sets up the CURL actions to check the page
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this_url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
//follow up to 10 redirections - avoids loops
$data = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
// Get the HTTP Code
// Get final redirected URL, will be the same if URL is not redirected
$new_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
curl_close($ch);
// Array of HTTP status codes. Trim down if you would like to.
$codes = array(0 => 'Domain Not Found', 100 => 'Continue', 101 => 'Switching Protocols', 200 => 'OK', 201 => 'Created', 202 => 'Accepted', 203 => 'Non-Authoritative Information', 204 => 'No Content', 205 => 'Reset Content', 206 => 'Partial Content', 300 => 'Multiple Choices', 301 => 'Moved Permanently', 302 => 'Found', 303 => 'See Other', 304 => 'Not Modified', 305 => 'Use Proxy', 307 => 'Temporary Redirect', 400 => 'Bad Request', 401 => 'Unauthorized', 402 => 'Payment Required', 403 => 'Forbidden', 404 => 'Not Found', 405 => 'Method Not Allowed', 406 => 'Not Acceptable', 407 => 'Proxy Authentication Required', 408 => 'Request Timeout', 409 => 'Conflict', 410 => 'Gone', 411 => 'Length Required', 412 => 'Precondition Failed', 413 => 'Request Entity Too Large', 414 => 'Request-URI Too Long', 415 => 'Unsupported Media Type', 416 => 'Requested Range Not Satisfiable', 417 => 'Expectation Failed', 500 => 'Internal Server Error', 501 => 'Not Implemented', 502 => 'Bad Gateway', 503 => 'Service Unavailable', 504 => 'Gateway Timeout', 505 => 'HTTP Version Not Supported');
if (isset($codes[$http_code])) {
if ($codes[$http_code] == "OK") {
$client = new Zend_Http_Client($this_url);
$response = $client->request();
if ($response->isSuccessful()) {
$uri = Zend_Uri_Http::fromString($this_url);
$fname = '';
$fpath = $file->getTemporaryDirectory();
// figure out a filename based on filename, mimetype, ???
if (preg_match('/^.+?[\\/]([-\\w%]+\\.[-\\w%]+)$/', $uri->getPath(), $matches)) {
// got a filename (with extension)... use it
$fname = $matches[1];
} else {
if (!is_null($response->getHeader('Content-Type'))) {
// use mimetype from http response
$fextension = MimeHelper::mimeToExtension($response->getHeader('Content-Type'));
if ($fextension === false) {
$errors[] = t('Unknown mime-type: ') . $response->getHeader('Content-Type');
} else {
// make sure we're coming up with a unique filename
do {
// make up a filename based on the current date/time, a random int, and the extension from the mime-type
$fname = date('d-m-Y_H:i_') . mt_rand(100, 999) . '.' . $fextension;
} while (file_exists($fpath . '/' . $fname));
}
}
}
//else {
// if we can't get the filename from the file itself OR from the mime-type I'm not sure there's much else we can do
//}
if (strlen($fname)) {
// write the downloaded file to a temporary location on disk
$handle = fopen($fpath . '/' . $fname, "w");
fwrite($handle, $response->getBody());
fclose($handle);
// import the file into concrete
if ($fp->canAddFileType($cf->getExtension($fname))) {
$fi = new FileImporter();
$resp = $fi->import($fpath . '/' . $fname, $fname, $fr);
} else {
$resp = FileImporter::E_FILE_INVALID_EXTENSION;
}
if (!$resp instanceof FileVersion) {
$errors[] .= $fname . ': ' . FileImporter::getErrorMessage($resp) . "\n";
} else {
$import_responses[] = $resp;
}
// clean up the file
unlink($fpath . '/' . $fname);
} else {
// could not figure out a file name
$errors[] = t('Could not determine the name of the file at ') . $this_url;
}
} else {
// warn that we couldn't download the file
$errors[] = t('There was an error downloading ') . $this_url;
}
}
} else {
$errors[] = t("Error connecting to file's server, file skipped");
}
}
}
//print_r($errors);
if ($resp instanceof FileVersion) {
return $resp;
}
}
public function swapContent($options)
{
if ($this->validateClearSiteContents($options)) {
Loader::model("page_list");
Loader::model("file_list");
Loader::model("stack/list");
$pl = new PageList();
$pages = $pl->get();
foreach ($pages as $c) {
$c->delete();
}
$fl = new FileList();
$files = $fl->get();
foreach ($files as $f) {
$f->delete();
}
// clear stacks
$sl = new StackList();
foreach ($sl->get() as $c) {
$c->delete();
}
$home = Page::getByID(HOME_CID);
$blocks = $home->getBlocks();
foreach ($blocks as $b) {
$b->deleteBlock();
}
$pageTypes = CollectionType::getList();
foreach ($pageTypes as $ct) {
$ct->delete();
}
// now we add in any files that this package has
if (is_dir($this->getPackagePath() . '/content_files')) {
Loader::library('file/importer');
$fh = new FileImporter();
$contents = Loader::helper('file')->getDirectoryContents($this->getPackagePath() . '/content_files');
foreach ($contents as $filename) {
$f = $fh->import($this->getPackagePath() . '/content_files/' . $filename, $filename);
}
}
// now we parse the content.xml if it exists.
Loader::library('content/importer');
$ci = new ContentImporter();
$ci->importContentFile($this->getPackagePath() . '/content.xml');
}
}
} else {
if (!validate_dimensions()) {
$error = t('Invalid width, height, or crop selection');
} else {
if (!is_object($f) || $f->isError()) {
$error = t('Invalid file.');
} else {
if (!$fp->canAddFileType($f->getExtension())) {
$error = t('You do not have permission to perform this action.');
} else {
//Save the new copy with a suffix that differentiates it from the original (e.g. myphoto.jpg -> myphoto_400x200.jpg)
$suffix = "_{$_POST['crop_w']}x{$_POST['crop_h']}";
$extension_with_dot = '.' . $f->getExtension();
$new_file_name = basename($f->getPath(), $extension_with_dot) . $suffix . $extension_with_dot;
$overwrite_file_object = $is_overwrite ? $f : false;
$new_fv = $fi->import($f->getPath(), $new_file_name, $overwrite_file_object);
}
}
}
}
if (empty($error) && !$new_fv instanceof FileVersion) {
$error = FileImporter::getErrorMessage($new_fv);
} else {
//TODO: If no crop is selected and original image size is unchanged, set_ocid() fails when $fileVersion->getFile() is called [Fatal error: Call to a member function getFile() on a non-object]
set_ocid($new_fv, $is_overwrite);
$ich->edit($new_fv->getPath(), $_POST['crop_x'], $_POST['crop_y'], $_POST['crop_w'], $_POST['crop_h'], $_POST['target_w'], $_POST['target_h']);
$new_fv->refreshAttributes();
if ($is_overwrite) {
$f->refreshCache();
}
}