if (!empty($cnt_form["fields"][$key]['placeholder'])) {
$form_field .= ' placeholder="' . html_specialchars($cnt_form["fields"][$key]['placeholder']) . '"';
}
if ($cnt_form["fields"][$key]['required']) {
$form_field .= ' required="required"';
}
$form_field .= ' />';
break;
case 'captcha':
/*
* Captcha
*/
if ($POST_DO && isset($_POST[$POST_name])) {
$POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name]));
include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php';
$spaf_obj = new SPAF_FormValidator();
if ($spaf_obj->validRequest($POST_val[$POST_name])) {
$spaf_obj->destroy();
} else {
$POST_ERR[$key] = empty($cnt_form["fields"][$key]['error']) ? 'Captcha error' : $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
}
$cnt_form["fields"][$key]['value'] = '';
}
//
$form_field .= '<input type="text" name="' . $form_name . '" id="' . $form_name . '" value=""';
if ($cnt_form["fields"][$key]['size']) {
$form_field .= ' size="' . $cnt_form["fields"][$key]['size'] . '"';
}
if ($cnt_form["fields"][$key]['max']) {
$form_field .= ' maxlength="' . $cnt_form["fields"][$key]['max'] . '"';
$req_key = explode(",", trim($_POST["required"]));
if (count($req_key)) {
$err_num = 0;
foreach ($req_key as $value) {
$required_val[$value] = 1;
if (!isset($_POST[$value])) {
$form_error[400 + $err_num] = str_replace("###value###", strtoupper($value), $translate[$lang]["error400"]);
$err_num += 10;
}
}
}
unset($_POST["required"]);
}
if (isset($_POST["Captcha_Validation"])) {
include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php';
$spaf_obj = new SPAF_FormValidator();
if ($spaf_obj->validRequest($_POST["Captcha_Validation"])) {
$spaf_obj->destroy();
unset($_POST["Captcha_Validation"]);
} else {
$form_error[350] = $translate[$lang]["error350"];
}
}
//getting the label fields list
if (isset($_POST["label"])) {
$label = explode(',', trim($_POST["label"]));
if ($label) {
foreach ($label as $value) {
list($field_name, $field_label) = explode('|', $value);
$form_label[$field_name] = $field_label;
}
}
mysql_free_result($guestbook['result']);
}
}
}
// Captcha check
if (empty($guestbook['captcha'])) {
$guestbook['form'] = replace_tmpl_section('CAPTCHA', $guestbook['form']);
} else {
$guestbook['captcha_maxchar'] = empty($guestbook['captcha_maxchar']) ? 5 : $guestbook['captcha_maxchar'];
$guestbook['form'] = str_replace('{CAPTCHA}', '<img src="img/captcha.php?regen=y&length=' . $guestbook['captcha_maxchar'] . '&' . time() . '" alt="Captcha" id="gbCaptchaImage" />', $guestbook['form']);
}
if (isset($_POST['guestbook_email']) && !empty($guestbook['captcha'])) {
include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php';
// instantiate the object
$spaf_obj = new SPAF_FormValidator();
$guestbook['post']['captcha'] = isset($_POST['guestbook_captcha']) ? clean_slweg($_POST['guestbook_captcha']) : '';
if ($spaf_obj->validRequest($guestbook['post']['captcha'])) {
// destroy successful code
$spaf_obj->destroy();
} else {
$guestbook['error']['captcha'] = 'Fill in the correct captcha code. Proof it twice!';
}
}
if (isset($_POST['guestbook_email']) && !$guestbook['flooding']) {
// make global spam check
if (!checkFormTrackingValue()) {
$guestbook['flooding'] = 1;
$guestbook['readform'] = 1;
$guestbook['spamalert'] = '<div class="spamFormAlert">Your IP ' . getRemoteIP() . ' is not allowed to send form!</div>';
}
<?php
$phpwcms = array();
require_once '../include/config/conf.inc.php';
require_once '../include/inc_lib/default.inc.php';
include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php';
$spaf_obj = new SPAF_FormValidator();
// custom settings for phpwcms
$spaf_obj->setLibDir(PHPWCMS_TEMPLATE . 'inc_captcha/');
$spaf_obj->work_dir = PHPWCMS_ROOT . '/content/tmp/';
$spaf_obj->tag_ttl = 5;
$spaf_char_num = empty($_GET['length']) ? false : intval($_GET['length']);
if ($spaf_char_num) {
$spaf_obj->char_num = $spaf_char_num > 15 ? 15 : $spaf_char_num;
}
$spaf_obj->streamImage();
