public function post($params)
{
$adm = $this->app->user_manager->is_admin();
if (defined("MW_API_CALL")) {
// $validate_token = $this->app->user_manager->csrf_validate($params);
// if (!$adm) {
// if ($validate_token == false) {
// return array('error' => 'Invalid token!');
// }
// }
}
$before_process = $this->app->event_manager->trigger('mw.forms_manager.before_post', $params);
if (is_array($before_process) and !empty($before_process)) {
foreach ($before_process as $before_process_item) {
if ($before_process_item === false) {
return;
}
}
}
$table = MW_DB_TABLE_FORMS_DATA;
mw_var('FORCE_SAVE', $table);
if (isset($params['id'])) {
if ($adm == false) {
return array('error' => 'Error: Only admin can edit forms!');
}
}
$for = 'module';
if (isset($params['for'])) {
$for = $params['for'];
}
if (isset($params['for_id'])) {
$for_id = $params['for_id'];
} else {
if (isset($params['data-id'])) {
$for_id = $params['data-id'];
} else {
if (isset($params['id'])) {
$for_id = $params['id'];
}
}
}
if (isset($params['rel_id'])) {
$for_id = $params['rel_id'];
}
if (!isset($for_id)) {
return array('error' => 'Please provide for_id parameter with module id');
}
$dis_cap = $this->app->option_manager->get('disable_captcha', $for_id) == 'y';
if ($dis_cap == false) {
if (!isset($params['captcha'])) {
return array('error' => 'Please enter the captcha answer!');
} else {
if ($for_id != false) {
$validate_captcha = mw()->captcha->validate($params['captcha'], $for_id);
} else {
$validate_captcha = mw()->captcha->validate($params['captcha']);
}
if (!$validate_captcha) {
if ($adm == false) {
return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
}
}
}
}
// if ($for=='module'){
$list_id = $this->app->option_manager->get('list_id', $for_id);
// }
$email_to = $this->app->option_manager->get('email_to', $for_id);
$email_bcc = $this->app->option_manager->get('email_bcc', $for_id);
$email_autorespond = $this->app->option_manager->get('email_autorespond', $for_id);
$email_autorespond_subject = $this->app->option_manager->get('email_autorespond_subject', $for_id);
if (!isset($list_id) or $list_id == false) {
$list_id = 0;
}
$to_save = array();
$fields_data = array();
$get_fields = array();
$get_fields['rel_type'] = $for;
$get_fields['rel_id'] = $for_id;
$get_fields['return_full'] = true;
$more = $this->app->fields_manager->get($get_fields);
$cf_to_save = array();
if (!empty($more)) {
foreach ($more as $item) {
if (isset($item['name'])) {
$cfn = $item['name'];
$cfn2 = str_replace(' ', '_', $cfn);
if (isset($params[$cfn2]) and $params[$cfn2] != false) {
$fields_data[$cfn2] = $params[$cfn2];
$item['value'] = $params[$cfn2];
$cf_to_save[$cfn] = $item;
} elseif (isset($params[$cfn]) and $params[$cfn] != false) {
$fields_data[$cfn] = $params[$cfn];
$item['value'] = $params[$cfn2];
$cf_to_save[$cfn] = $item;
}
}
}
} else {
$cf_to_save = $params;
}
$to_save['list_id'] = $list_id;
$to_save['rel_id'] = $for_id;
$to_save['rel_type'] = $for;
$to_save['user_ip'] = MW_USER_IP;
if (isset($params['module_name'])) {
$to_save['module_name'] = $params['module_name'];
}
if (!empty($fields_data)) {
$to_save['form_values'] = json_encode($fields_data);
} else {
$to_save['form_values'] = json_encode($params);
}
$save = $this->app->database_manager->save($table, $to_save);
$event_params = $params;
$event_params['saved_form_entry_id'] = $save;
$this->app->event_manager->trigger('mw.forms_manager.after_post', $event_params);
if (isset($params['module_name'])) {
$pp_arr = $params;
$pp_arr['ip'] = MW_USER_IP;
unset($pp_arr['module_name']);
if (isset($pp_arr['rel_type'])) {
unset($pp_arr['rel_type']);
}
if (isset($pp_arr['rel_id'])) {
unset($pp_arr['rel_id']);
}
if (isset($pp_arr['list_id'])) {
unset($pp_arr['list_id']);
}
if (isset($pp_arr['for'])) {
unset($pp_arr['for']);
}
if (isset($pp_arr['for_id'])) {
unset($pp_arr['for_id']);
}
$notif = array();
$notif['module'] = $params['module_name'];
$notif['rel_type'] = 'forms_lists';
$notif['rel_id'] = $list_id;
$notif['title'] = "New form entry";
$notif['description'] = "You have new form entry";
$notif['content'] = "You have new form entry from " . $this->app->url_manager->current(1) . '<br />' . $this->app->format->array_to_ul($pp_arr);
$this->app->notifications_manager->save($notif);
if ($email_to == false) {
$email_to = $this->app->option_manager->get('email_from', 'email');
}
$admin_user_mails = array();
if ($email_to == false) {
$admins = $this->app->user_manager->get_all('is_admin=1');
if (is_array($admins) and !empty($admins)) {
foreach ($admins as $admin) {
if (isset($admin['email']) and filter_var($admin['email'], FILTER_VALIDATE_EMAIL)) {
$admin_user_mails[] = $admin['email'];
$email_to = $admin['email'];
}
}
}
}
if ($email_to != false) {
$mail_sj = "Thank you!";
$mail_autoresp = "Thank you for your request!";
if ($email_autorespond_subject != false) {
$mail_sj = $email_autorespond_subject;
}
if ($email_autorespond != false) {
$mail_autoresp = $email_autorespond;
}
$mail_autoresp = $mail_autoresp . $this->app->format->array_to_ul($pp_arr);
$user_mails = array();
if (isset($admin_user_mails) and !empty($admin_user_mails)) {
$user_mails = $admin_user_mails;
}
$user_mails[] = $email_to;
if (isset($email_bcc) and filter_var($email_bcc, FILTER_VALIDATE_EMAIL)) {
$user_mails[] = $email_bcc;
}
$email_from = false;
if (isset($cf_to_save) and !empty($cf_to_save)) {
foreach ($cf_to_save as $value) {
if (is_array($value) and isset($value['value'])) {
$to = $value['value'];
} else {
$to = $value;
}
if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
$user_mails[] = $to;
$email_from = $to;
}
}
} else {
}
if (!empty($user_mails)) {
array_unique($user_mails);
foreach ($user_mails as $value) {
$sender = new \Microweber\Utils\MailSender();
$sender->send($value, $mail_sj, $mail_autoresp);
}
}
}
}
return $save;
}
public function confirm_email_send($order_id, $to = false, $no_cache = false, $skip_enabled_check = false)
{
$ord_data = $this->get_order_by_id($order_id);
if (is_array($ord_data)) {
if ($skip_enabled_check == false) {
$order_email_enabled = $this->app->option_manager->get('order_email_enabled', 'orders');
} else {
$order_email_enabled = $skip_enabled_check;
}
if ($order_email_enabled == true) {
$order_email_subject = $this->app->option_manager->get('order_email_subject', 'orders');
$order_email_content = $this->app->option_manager->get('order_email_content', 'orders');
$order_email_cc = $this->app->option_manager->get('order_email_cc', 'orders');
$order_email_send_when = $this->app->option_manager->get('order_email_send_when', 'orders');
if ($order_email_send_when == 'order_paid') {
if (isset($ord_data['is_paid']) and $ord_data['is_paid'] == false) {
return;
}
}
if ($order_email_subject == false or trim($order_email_subject) == '') {
$order_email_subject = "Thank you for your order!";
}
if ($to == false) {
$to = $ord_data['email'];
}
if ($order_email_content != false and trim($order_email_subject) != '') {
if (!empty($ord_data)) {
$cart_items = $this->get_cart('fields=title,qty,price,custom_fields_data&order_id=' . $ord_data['id'] . '&no_session_id=' . mw()->user_manager->session_id());
// $cart_items = $this->order_items($ord_data['id']);
$order_items_html = $this->app->format->array_to_ul($cart_items);
// dd($order_items_html);
$order_email_content = str_replace('{cart_items}', $order_items_html, $order_email_content);
foreach ($ord_data as $key => $value) {
if (!is_array($value) and is_string($key)) {
if (strtolower($key) == 'amount') {
$value = number_format($value, 2);
}
$order_email_content = str_ireplace('{' . $key . '}', $value, $order_email_content);
}
}
}
//
if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
$sender = new \Microweber\Utils\MailSender();
$sender->send($to, $order_email_subject, $order_email_content);
$cc = false;
if (isset($order_email_cc) and filter_var($order_email_cc, FILTER_VALIDATE_EMAIL)) {
$cc = $order_email_cc;
$sender->send($cc, $order_email_subject, $order_email_content);
}
return true;
}
}
}
}
}
public function confirm_email_send($order_id, $to = false, $no_cache = false, $skip_enabled_check = false)
{
$ord_data = $this->get_order_by_id($order_id);
if (is_array($ord_data)) {
if ($skip_enabled_check == false) {
$order_email_enabled = $this->app->option_manager->get('order_email_enabled', 'orders');
} else {
$order_email_enabled = $skip_enabled_check;
}
if ($order_email_enabled == true) {
$order_email_subject = $this->app->option_manager->get('order_email_subject', 'orders');
$order_email_content = $this->app->option_manager->get('order_email_content', 'orders');
$order_email_cc = $this->app->option_manager->get('order_email_cc', 'orders');
$order_email_send_when = $this->app->option_manager->get('order_email_send_when', 'orders');
if ($order_email_send_when == 'order_paid' and !$skip_enabled_check) {
if (isset($ord_data['is_paid']) and $ord_data['is_paid'] == false) {
return;
}
}
if ($order_email_subject == false or trim($order_email_subject) == '') {
$order_email_subject = "Thank you for your order!";
}
if ($to == false) {
$to = $ord_data['email'];
}
if ($order_email_content != false and trim($order_email_subject) != '') {
$cart_items = array();
if (!empty($ord_data)) {
$cart_items = $this->get_cart('order_id=' . $ord_data['id'] . '&no_session_id=' . mw()->user_manager->session_id());
// $cart_items = $this->order_items($ord_data['id']);
$order_items_html = $this->app->format->array_to_ul($cart_items);
$order_email_content = str_replace('{cart_items}', $order_items_html, $order_email_content);
$order_email_content = str_replace('{date}', date("F jS, Y", strtotime($ord_data['created_at'])), $order_email_content);
foreach ($ord_data as $key => $value) {
if (!is_array($value) and is_string($key)) {
if (strtolower($key) == 'amount') {
$value = number_format($value, 2);
}
$order_email_content = str_ireplace('{' . $key . '}', $value, $order_email_content);
}
}
}
$twig = new \Twig_Environment(new \Twig_Loader_String());
$order_email_content = $twig->render($order_email_content, array("cart" => $cart_items, "order" => $ord_data));
if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
$sender = new \Microweber\Utils\MailSender();
$sender->send($to, $order_email_subject, $order_email_content);
$cc = false;
if (isset($order_email_cc) and filter_var($order_email_cc, FILTER_VALIDATE_EMAIL)) {
$cc = $order_email_cc;
$sender->send($cc, $order_email_subject, $order_email_content, false, $no_cache);
}
return true;
}
}
}
}
}
public function send_forgot_password($params)
{
if (!isset($params['captcha'])) {
return array('error' => 'Please enter the captcha answer!');
} else {
$validate_captcha = $this->app->captcha->validate($params['captcha']);
if ($validate_captcha == false) {
return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
}
}
if (isset($params['email'])) {
//return array('error' => 'Enter username or email!');
} else {
if (!isset($params['username']) or trim($params['username']) == '') {
return array('error' => 'Enter username or email!');
}
}
$data_res = false;
$data = false;
if (isset($params) and !empty($params)) {
$user = isset($params['username']) ? $params['username'] : false;
$email = isset($params['email']) ? $params['email'] : false;
$data = array();
if (trim($user != '')) {
$data1 = array();
$data1['username'] = $user;
$data = array();
if (trim($user != '')) {
$data = $this->get_all($data1);
if ($data == false) {
$data1 = array();
$data1['email'] = $user;
$data = $this->get_all($data1);
}
}
} elseif (trim($email != '')) {
$data1 = array();
$data1['email'] = $email;
$data = array();
if (trim($email != '')) {
$data = $this->get_all($data1);
}
}
if (isset($data[0])) {
$data_res = $data[0];
}
if (!is_array($data_res)) {
return array('error' => 'Enter right username or email!');
} else {
$to = $data_res['email'];
if (isset($to) and filter_var($to, FILTER_VALIDATE_EMAIL)) {
$subject = "Password reset!";
$content = "Hello, {$data_res['username']} <br> ";
$content .= "You have requested a password reset link from IP address: " . MW_USER_IP . "<br><br> ";
$security = array();
$security['ip'] = MW_USER_IP;
// $security['hash'] = $this->app->format->array_to_base64($data_res);
$function_cache_id = md5(rand()) . uniqid() . rand() . str_random(40);
if (isset($data_res['id'])) {
$data_to_save = array();
$data_to_save['id'] = $data_res['id'];
$data_to_save['password_reset_hash'] = $function_cache_id;
$table = $this->tables['users'];
mw_var('FORCE_SAVE', $table);
$save = $this->app->database_manager->save($table, $data_to_save);
}
$base_link = $this->app->url_manager->current(1);
$cur_template = template_dir();
$cur_template_file = normalize_path($cur_template . 'login.php', false);
$cur_template_file2 = normalize_path($cur_template . 'forgot_password.php', false);
if (is_file($cur_template_file)) {
$base_link = site_url('login');
} elseif (is_file($cur_template_file2)) {
$base_link = site_url('forgot_password');
}
$pass_reset_link = $base_link . '?reset_password_link=' . $function_cache_id;
$notif = array();
$notif['module'] = "users";
$notif['rel_type'] = 'users';
$notif['rel_id'] = $data_to_save['id'];
$notif['title'] = "Password reset link sent";
$content_notif = "User with id: {$data_to_save['id']} and email: {$to} has requested a password reset link";
$notif['description'] = $content_notif;
$this->app->log_manager->save($notif);
$content .= "Click here to reset your password <a href='{$pass_reset_link}'>" . $pass_reset_link . "</a><br><br> ";
$sender = new \Microweber\Utils\MailSender();
$sender->send($to, $subject, $content);
return array('success' => 'Your password reset link has been sent to ' . $to);
} else {
return array('error' => 'Error: the user doesn\'t have a valid email address!');
}
}
}
}
function post_comment($data)
{
$adm = is_admin();
$table = MODULE_DB_COMMENTS;
mw_var('FORCE_SAVE', $table);
if (isset($data['id'])) {
if ($adm == false) {
error('Error: Only admin can edit comments!');
}
}
if (defined("MW_API_CALL")) {
if (!$adm) {
$validate_token = mw()->user_manager->csrf_validate($data);
if ($validate_token == false) {
return array('error' => 'Invalid token!');
}
}
}
if (isset($data['action']) and isset($data['id'])) {
if ($adm == false) {
error('Error: Only admin can edit comments!');
} else {
$action = strtolower($data['action']);
switch ($action) {
case 'publish':
$data['is_moderated'] = 1;
break;
case 'unpublish':
$data['is_moderated'] = 0;
break;
case 'spam':
$data['is_moderated'] = 0;
break;
case 'delete':
$del = mw()->database_manager->delete_by_id($table, $id = intval($data['id']), $field_name = 'id');
return array('success' => 'Deleted comment with id:' . $id);
return $del;
break;
default:
break;
}
}
} else {
if (isset($data['rel'])) {
$data['rel_type'] = $data['rel'];
}
if (!isset($data['rel_type'])) {
return array('error' => 'Error: invalid data');
}
if (!isset($data['rel_id'])) {
return array('error' => 'Error: invalid data');
} else {
if (trim($data['rel_id']) == '') {
return array('error' => 'Error: invalid data');
}
}
if (!isset($data['captcha'])) {
return array('error' => 'Please enter the captcha answer!');
} else {
$cap = mw()->user_manager->session_get('captcha');
if (isset($data['module_id'])) {
$captcha_sid = 'captcha_' . $data['module_id'];
$cap_sid = mw()->user_manager->session_get($captcha_sid);
if ($cap_sid != false) {
$cap = $cap_sid;
}
}
if ($cap == false) {
return array('error' => 'You must load a captcha first!');
}
if (intval($data['captcha']) != $cap) {
if ($adm == false) {
return array('error' => 'Invalid captcha answer!');
}
}
}
}
if (!isset($data['id']) and isset($data['comment_body'])) {
if (!isset($data['comment_email']) and user_id() == 0) {
return array('error' => 'You must type your email or be logged in order to comment.');
}
$ref = mw()->url_manager->current(1);
if ($ref != false and $ref != '') {
$data['from_url'] = htmlentities(strip_tags(mw()->url_manager->current(1)));
}
}
if ($adm == true and !isset($data['id']) and !isset($data['is_moderated'])) {
$data['is_moderated'] = '1';
} else {
$require_moderation = get_option('require_moderation', 'comments');
if ($require_moderation != 'y') {
$data['is_moderated'] = '0';
}
}
if (!isset($data['id'])) {
$data['is_new'] = '1';
}
$data['allow_html'] = true;
$data = mw()->format->clean_xss($data);
$saved_data = mw()->database_manager->save($table, $data);
if (!isset($data['id']) and isset($data['comment_body'])) {
$notif = array();
$notif['module'] = "comments";
$notif['rel_type'] = $data['rel_type'];
$notif['rel_id'] = $data['rel_id'];
$notif['title'] = "You have new comment";
$notif['description'] = "New comment is posted on " . mw()->url_manager->current(1);
$notif['content'] = mw()->format->limit(strip_tags($data['comment_body']), 800);
$notf_id = mw()->notifications_manager->save($notif);
$data['moderate'] = admin_url('view:modules/load_module:comments/mw_notif:' . $notf_id);
$email_on_new_comment = get_option('email_on_new_comment', 'comments') == 'y';
$to = get_option('email_on_new_comment_value', 'comments');
if ($email_on_new_comment == true) {
$subject = "You have new comment";
$message = "Hi, <br/> You have new comment posted on " . mw()->url_manager->current(1) . ' <br /> ';
$message .= "IP:" . MW_USER_IP . ' <br /> ';
$message .= mw()->format->array_to_ul($data);
$sender = new \Microweber\Utils\MailSender();
$sender->send($to, $subject, $message);
}
}
return $saved_data;
}