public static function processForm($formId) { $mainframe = JFactory::getApplication(); $formId = (int) $formId; $db = JFactory::getDBO(); $db->setQuery("SELECT `FormLayoutName`, `Keepdata`, `ConfirmSubmission`, `ScriptProcess`, `ScriptProcess2`, `UserEmailScript`, `AdminEmailScript`, `ReturnUrl`, `ShowThankyou`, `Thankyou`, `ShowContinue` FROM #__rsform_forms WHERE `FormId`='" . $formId . "'"); $form = $db->loadObject(); $lang = RSFormProHelper::getCurrentLanguage(); $translations = RSFormProHelper::getTranslations('forms', $formId, $lang); if ($translations) { foreach ($translations as $field => $value) { if (isset($form->{$field})) { $form->{$field} = $value; } } } $invalid = RSFormProHelper::validateForm($formId); $post = JRequest::getVar('form', array(), 'post', 'none', JREQUEST_ALLOWRAW); //Trigger Event - onBeforeFormValidation $mainframe->triggerEvent('rsfp_f_onBeforeFormValidation', array(array('invalid' => &$invalid, 'formId' => $formId, 'post' => &$post))); $userEmail = array('to' => '', 'cc' => '', 'bcc' => '', 'from' => '', 'replyto' => '', 'fromName' => '', 'text' => '', 'subject' => '', 'files' => array()); $adminEmail = array('to' => '', 'cc' => '', 'bcc' => '', 'from' => '', 'replyto' => '', 'fromName' => '', 'text' => '', 'subject' => '', 'files' => array()); $_POST['form'] = $post; $RSadapter = RSFormProHelper::getLegacyAdapter(); eval($form->ScriptProcess); if (!empty($invalid)) { return $invalid; } $post = $_POST['form']; //Trigger Event - onBeforeFormProcess $mainframe->triggerEvent('rsfp_f_onBeforeFormProcess', array(array('post' => &$post))); if (empty($invalid)) { // Cache enabled ? jimport('joomla.plugin.helper'); $cache_enabled = JPluginHelper::isEnabled('system', 'cache'); if ($cache_enabled) { RSFormProHelper::cleanCache(); } $user = JFactory::getUser(); $confirmsubmission = $form->ConfirmSubmission ? 0 : 1; // Add to db (submission) $date = JFactory::getDate(); $db->setQuery("INSERT INTO #__rsform_submissions SET `FormId`='" . $formId . "', `DateSubmitted`='" . $date->toSql() . "', `UserIp`='" . (isset($_SERVER['REMOTE_ADDR']) ? $db->escape($_SERVER['REMOTE_ADDR']) : '') . "', `Username`='" . $db->escape($user->get('username')) . "', `UserId`='" . (int) $user->get('id') . "', `Lang`='" . RSFormProHelper::getCurrentLanguage() . "', `confirmed` = '" . $confirmsubmission . "' "); $db->execute(); $SubmissionId = $db->insertid(); $files = JRequest::get('files'); if (isset($files['form']['tmp_name']) && is_array($files['form']['tmp_name'])) { $names = array(); foreach ($files['form']['tmp_name'] as $fieldName => $val) { if ($files['form']['error'][$fieldName]) { continue; } $names[] = $db->escape($fieldName); } $componentIds = array(); if (!empty($names)) { $db->setQuery("SELECT c.ComponentId, p.PropertyValue FROM #__rsform_components c LEFT JOIN #__rsform_properties p ON (c.ComponentId=p.ComponentId AND p.PropertyName='NAME') WHERE c.FormId='" . $formId . "' AND p.PropertyValue IN ('" . implode("','", $names) . "')"); $results = $db->loadObjectList(); foreach ($results as $result) { $componentIds[$result->PropertyValue] = $result->ComponentId; } } $all_data = RSFormProHelper::getComponentProperties($componentIds); jimport('joomla.filesystem.file'); foreach ($files['form']['tmp_name'] as $fieldName => $val) { if ($files['form']['error'][$fieldName]) { continue; } $data = @$all_data[$componentIds[$fieldName]]; if (empty($data)) { continue; } // Prefix $prefix = uniqid('') . '-'; if (isset($data['PREFIX']) && strlen(trim($data['PREFIX'])) > 0) { $prefix = RSFormProHelper::isCode($data['PREFIX']); } // Path $realpath = realpath($data['DESTINATION'] . DIRECTORY_SEPARATOR); if (substr($realpath, -1) != DIRECTORY_SEPARATOR) { $realpath .= DIRECTORY_SEPARATOR; } // Filename $file = $realpath . $prefix . $files['form']['name'][$fieldName]; // Upload File JFile::upload($files['form']['tmp_name'][$fieldName], $file); // Add to db (submission value) $db->setQuery("INSERT INTO #__rsform_submission_values SET `SubmissionId`='" . $SubmissionId . "', `FormId`='" . $formId . "', `FieldName`='" . $db->escape($fieldName) . "', `FieldValue`='" . $db->escape($file) . "'"); $db->execute(); $emails = !empty($data['EMAILATTACH']) ? explode(',', $data['EMAILATTACH']) : array(); // Attach to user and admin email if (in_array('useremail', $emails)) { $userEmail['files'][] = $file; } if (in_array('adminemail', $emails)) { $adminEmail['files'][] = $file; } } } // birthDay Field if ($componentIds = RSFormProHelper::componentExists($formId, 211)) { $all_data = RSFormProHelper::getComponentProperties($componentIds); foreach ($all_data as $componentId => $data) { $day = strpos($data['DATEORDERING'], 'D'); $month = strpos($data['DATEORDERING'], 'M'); $year = strpos($data['DATEORDERING'], 'Y'); $items = array(); if ($data['SHOWDAY'] == 'YES') { if (isset($data['STORELEADINGZERO']) && $data['STORELEADINGZERO'] == 'YES') { $post[$data['NAME']]['d'] = str_pad(@$post[$data['NAME']]['d'], 2, '0', STR_PAD_LEFT); } $items[$day] = @$post[$data['NAME']]['d']; } if ($data['SHOWMONTH'] == 'YES') { if (isset($data['STORELEADINGZERO']) && $data['STORELEADINGZERO'] == 'YES') { $post[$data['NAME']]['m'] = str_pad(@$post[$data['NAME']]['m'], 2, '0', STR_PAD_LEFT); } $items[$month] = @$post[$data['NAME']]['m']; } if ($data['SHOWYEAR'] == 'YES') { $items[$year] = @$post[$data['NAME']]['y']; } ksort($items); $hasValues = false; foreach ($items as $item) { if (!empty($item)) { $hasValues = true; break; } } if (!$hasValues) { $post[$data['NAME']] = ''; } else { $post[$data['NAME']] = implode($data['DATESEPARATOR'], $items); } } } //Trigger Event - onBeforeStoreSubmissions $mainframe->triggerEvent('rsfp_f_onBeforeStoreSubmissions', array(array('formId' => $formId, 'post' => &$post, 'SubmissionId' => $SubmissionId))); // Add to db (values) foreach ($post as $key => $val) { $val = is_array($val) ? implode("\n", $val) : $val; $val = RSFormProHelper::stripJava($val); $db->setQuery("INSERT INTO #__rsform_submission_values SET `SubmissionId`='" . $SubmissionId . "', `FormId`='" . $formId . "', `FieldName`='" . $db->escape($key) . "', `FieldValue`='" . $db->escape($val) . "'"); $db->execute(); } //Trigger Event - onAfterStoreSubmissions $mainframe->triggerEvent('rsfp_f_onAfterStoreSubmissions', array(array('SubmissionId' => $SubmissionId, 'formId' => $formId))); // Send emails list($replace, $with) = RSFormProHelper::sendSubmissionEmails($SubmissionId); // RSForm! Pro Scripting - Thank You Message // performance check if (strpos($form->Thankyou, '{if ') !== false && strpos($form->Thankyou, '{/if}') !== false) { require_once dirname(__FILE__) . '/scripting.php'; RSFormProScripting::compile($form->Thankyou, $replace, $with); } // Thank You Message $thankYouMessage = str_replace($replace, $with, $form->Thankyou); $form->ReturnUrl = str_replace($replace, $with, $form->ReturnUrl); // Set redirect link $u = RSFormProHelper::getURL(); // Create the Continue button $continueButton = ''; if ($form->ShowContinue) { // Create goto link $goto = 'document.location.reload();'; // Cache workaround #1 if ($cache_enabled) { $goto = "document.location='" . addslashes($u) . "';"; } if (!empty($form->ReturnUrl)) { $goto = "document.location='" . addslashes($form->ReturnUrl) . "';"; } // Continue button $continueButtonLabel = JText::_('RSFP_THANKYOU_BUTTON'); if (strpos($continueButtonLabel, 'input')) { $continueButton = JText::sprintf('RSFP_THANKYOU_BUTTON', $goto); } else { if ($form->FormLayoutName == 'responsive') { $continueButton .= '<div class="formResponsive">'; } else { $continueButton .= '<br/>'; } $continueButton .= '<input type="button" class="rsform-submit-button btn btn-primary" name="continue" value="' . JText::_('RSFP_THANKYOU_BUTTON') . '" onclick="' . $goto . '"/>'; if ($form->FormLayoutName == 'responsive') { $continueButton .= '</div>'; } } } // get mappings data $db->setQuery("SELECT * FROM #__rsform_mappings WHERE formId = " . (int) $formId . " ORDER BY ordering ASC"); $mappings = $db->loadObjectList(); // get Post to another location $db->setQuery("SELECT * FROM #__rsform_posts WHERE form_id='" . (int) $formId . "' AND enabled='1'"); $silentPost = $db->loadObject(); $RSadapter = RSFormProHelper::getLegacyAdapter(); eval($form->ScriptProcess2); $thankYouMessage .= $continueButton; //Mappings if (!empty($mappings)) { $lastinsertid = ''; $replacewith = $with; array_walk($replacewith, array('RSFormProHelper', 'escapeSql')); foreach ($mappings as $mapping) { //get the query $query = RSFormProHelper::getMappingQuery($mapping); //replace the placeholders $query = str_replace($replace, $replacewith, $query); //replace the last insertid placeholder $query = str_replace('{last_insert_id}', $lastinsertid, $query); if ($mapping->connection) { $options = array('driver' => 'mysql', 'host' => $mapping->host, 'user' => $mapping->username, 'password' => $mapping->password, 'database' => $mapping->database); if (RSFormProHelper::isJ('3.0')) { $database = JDatabaseDriver::getInstance($options); } else { $database = JDatabase::getInstance($options); } //is a valid database connection if (is_a($database, 'JException')) { continue; } $database->setQuery($query); $database->execute(); $lastinsertid = $database->insertid(); } else { $db->setQuery($query); $db->execute(); $lastinsertid = $db->insertid(); } } } if (!$form->Keepdata) { $db->setQuery("DELETE FROM #__rsform_submission_values WHERE SubmissionId = " . (int) $SubmissionId . " "); $db->execute(); $db->setQuery("DELETE FROM #__rsform_submissions WHERE SubmissionId = " . (int) $SubmissionId . " "); $db->execute(); } if ($silentPost && !empty($silentPost->url) && $silentPost->url != 'http://') { // url $url = $silentPost->url; // set the variables to be sent // the format of the variables is var1=value1&var2=value2&var3=value3 $data = array(); foreach ($post as $key => $value) { if (is_array($value)) { foreach ($value as $post2 => $value2) { $data[] = urlencode($key) . '[]=' . urlencode($value2); } } else { $data[] = urlencode($key) . '=' . urlencode($value); } } // do we need to post silently? if ($silentPost->silent) { $data = implode('&', $data); $params = array('method' => $silentPost->method ? 'POST' : 'GET'); require_once dirname(__FILE__) . '/connect.php'; RSFormProConnect($url, $data, $params); } else { // just try to redirect if ($silentPost->method) { @ob_end_clean(); // create form $output = array(); $output[] = '<form id="formSubmit" method="POST" action="' . RSFormProHelper::htmlEscape($url) . '">'; foreach ($post as $key => $value) { if (is_array($value)) { foreach ($value as $post2 => $value2) { $output[] = '<input type="hidden" name="' . RSFormProHelper::htmlEscape($key) . '[]" value="' . RSFormProHelper::htmlEscape($value2) . '" />'; } } else { $output[] = '<input type="hidden" name="' . RSFormProHelper::htmlEscape($key) . '" value="' . RSFormProHelper::htmlEscape($value) . '" />'; } } $output[] = '</form>'; $output[] = '<script type="text/javascript">'; $output[] = 'function formSubmit() { if (typeof document.getElementById("formSubmit").submit == "function") { document.getElementById("formSubmit").submit(); } else { document.createElement("form").submit.call(document.getElementById("formSubmit")); } }'; $output[] = 'try { window.addEventListener ? window.addEventListener("load",formSubmit,false) : window.attachEvent("onload",formSubmit); }'; $output[] = 'catch (err) { formSubmit(); }'; $output[] = '</script>'; // echo form and submit it echo implode("\r\n", $output); die; } else { $data = implode('&', $data); $mainframe->redirect($url . (strpos($url, '?') === false ? '?' : '&') . $data); } } } //Trigger - After form process $mainframe->triggerEvent('rsfp_f_onAfterFormProcess', array(array('SubmissionId' => $SubmissionId, 'formId' => $formId))); if (!$form->ShowThankyou && $form->ReturnUrl) { $mainframe->redirect($form->ReturnUrl); return; } // SESSION quick hack - we base64 encode it here and decode it when we show it $session = JFactory::getSession(); $formParams = new stdClass(); $formParams->formProcessed = true; $formParams->submissionId = $SubmissionId; $formParams->thankYouMessage = base64_encode($thankYouMessage); $session->set('com_rsform.formparams.' . $formId, $formParams); // Cache workaround #2 if ($cache_enabled) { $uniqid = uniqid('rsform'); $u .= strpos($u, '?') === false ? '?skipcache=' . $uniqid : '&skipcache=' . $uniqid; } $mainframe->redirect($u); } return false; }
public function getTemplate() { $app = JFactory::getApplication(); $Itemid = $this->getItemId(); $has_suffix = JFactory::getConfig()->get('sef') && JFactory::getConfig()->get('sef_suffix'); $layout = $app->input->getCmd('layout', 'default'); // Templates $template_module = $this->params->def('template_module', ''); $template_formdatarow = $this->params->def('template_formdatarow', ''); $template_formdetail = $this->params->def('template_formdetail', ''); if ($layout == 'default') { $formdata = ''; $submissions = $this->getSubmissions(); $headers = $this->getHeaders(); $pagination = $this->getPagination(); $i = 0; foreach ($submissions as $SubmissionId => $submission) { list($replace, $with) = $this->getReplacements($submission['UserId']); $pdf_link = JRoute::_('index.php?option=com_rsform&view=submissions&layout=view&cid=' . $SubmissionId . '&format=pdf' . $Itemid); if ($has_suffix) { $pdf_link .= strpos($pdf_link, '?') === false ? '?' : '&'; $pdf_link .= 'format=pdf'; } $details_link = JRoute::_('index.php?option=com_rsform&view=submissions&layout=view&cid=' . $SubmissionId . $Itemid); $replacements = array('{global:userip}' => $submission['UserIp'], '{global:date_added}' => RSFormProHelper::getDate($submission['DateSubmitted']), '{global:submissionid}' => $SubmissionId, '{global:submission_id}' => $SubmissionId, '{global:counter}' => $pagination->getRowOffset($i), '{global:confirmed}' => $submission['confirmed'], '{details}' => '<a href="' . $details_link . '">', '{details_link}' => $details_link, '{detailspdf}' => '<a href="' . $pdf_link . '">', '{detailspdf_link}' => $pdf_link, '{_STATUS:value}' => isset($submission['SubmissionValues']['_STATUS']) ? JText::_('RSFP_PAYPAL_STATUS_' . $submission['SubmissionValues']['_STATUS']['Value']) : ''); $replace = array_merge($replace, array_keys($replacements)); $with = array_merge($with, array_values($replacements)); foreach ($headers as $header) { if (!isset($submission['SubmissionValues'][$header]['Value'])) { $submission['SubmissionValues'][$header]['Value'] = ''; } if (!empty($submission['SubmissionValues'][$header]['Path'])) { $replace[] = '{' . $header . ':path}'; $with[] = $submission['SubmissionValues'][$header]['Path']; } } list($replace2, $with2) = RSFormProHelper::getReplacements($SubmissionId, true); $replace = array_merge($replace, $replace2); $with = array_merge($with, $with2); $rowdata = $template_formdatarow; // Add scripting if (strpos($rowdata, '{/if}') !== false) { require_once JPATH_ADMINISTRATOR . '/components/com_rsform/helpers/scripting.php'; RSFormProScripting::compile($rowdata, $replace, $with); } $formdata .= str_replace($replace, $with, $rowdata); $i++; } $html = str_replace('{formdata}', $formdata, $template_module); } else { $cid = $app->input->getInt('cid'); $format = $app->input->getCmd('format'); $user = JFactory::getUser(); $userId = $this->params->def('userId', 0); if ($userId != 'login' && $userId != 0) { $userId = explode(',', $userId); JArrayHelper::toInteger($userId); } // Grab submission $this->_db->setQuery("SELECT * FROM #__rsform_submissions WHERE SubmissionId='" . $cid . "'"); $submission = $this->_db->loadObject(); // Submission doesn't exist if (!$submission) { JError::raiseWarning(500, JText::sprintf('RSFP_SUBMISSION_DOES_NOT_EXIST', $cid)); return $app->redirect(JURI::root()); } // Submission doesn't belong to the configured form ID OR // can view only own submissions and not his own OR // can view only specified user IDs and this doesn't belong to any of the IDs if ($submission->FormId != $this->params->get('formId') || $userId == 'login' && $submission->UserId != $user->get('id') || is_array($userId) && !in_array($user->get('id'), $userId)) { JError::raiseWarning(500, JText::sprintf('RSFP_SUBMISSION_NOT_ALLOWED', $cid)); return $app->redirect(JURI::root()); } if ($this->params->get('show_confirmed', 0) && !$submission->confirmed) { JError::raiseWarning(500, JText::sprintf('RSFP_SUBMISSION_NOT_CONFIRMED', $cid)); return $app->redirect(JURI::root()); } $pdf_link = JRoute::_('index.php?option=com_rsform&view=submissions&layout=view&cid=' . $cid . '&format=pdf' . $Itemid); if ($has_suffix) { $pdf_link .= strpos($pdf_link, '?') === false ? '?' : '&'; $pdf_link .= 'format=pdf'; } list($replace, $with) = RSFormProHelper::getReplacements($cid, true); list($replace2, $with2) = $this->getReplacements($submission->UserId); $replacements = array('{global:userip}' => $submission->UserIp, '{global:date_added}' => RSFormProHelper::getDate($submission->DateSubmitted), '{global:submissionid}' => $cid, '{global:submission_id}' => $cid, '{global:confirmed}' => $submission->confirmed ? JText::_('RSFP_YES') : JText::_('RSFP_NO'), '{detailspdf}' => '<a href="' . $pdf_link . '">', '{detailspdf_link}' => $pdf_link); $replace = array_merge($replace, $replace2, array_keys($replacements)); $with = array_merge($with, $with2, array_values($replacements)); if ($format == 'pdf' && preg_match_all('#{detailspdf}(.*?){\\/detailspdf}#is', $template_formdetail, $matches)) { foreach ($matches[0] as $fullmatch) { $template_formdetail = str_replace($fullmatch, '', $template_formdetail); } } // Add scripting if (strpos($template_formdetail, '{/if}') !== false) { require_once JPATH_ADMINISTRATOR . '/components/com_rsform/helpers/scripting.php'; RSFormProScripting::compile($template_formdetail, $replace, $with); } $html = str_replace($replace, $with, $template_formdetail); } return $html; }
public function sendEmails($formId, $SubmissionId) { $directory = $this->getDirectory(); $this->_db->setQuery("SELECT Lang FROM #__rsform_submissions WHERE FormId='" . $formId . "' AND SubmissionId='" . $SubmissionId . "'"); $lang = $this->_db->loadResult(); list($placeholders, $values) = RSFormProHelper::getReplacements($SubmissionId); $this->_db->setQuery("SELECT * FROM #__rsform_emails WHERE `type` = 'directory' AND `formId` = " . $formId . " AND `from` != ''"); if ($emails = $this->_db->loadObjectList()) { $etranslations = RSFormProHelper::getTranslations('emails', $formId, $lang); foreach ($emails as $email) { if (isset($etranslations[$email->id . '.fromname'])) { $email->fromname = $etranslations[$email->id . '.fromname']; } if (isset($etranslations[$email->id . '.subject'])) { $email->subject = $etranslations[$email->id . '.subject']; } if (isset($etranslations[$email->id . '.message'])) { $email->message = $etranslations[$email->id . '.message']; } if (empty($email->fromname) || empty($email->subject) || empty($email->message)) { continue; } // RSForm! Pro Scripting - Additional Email Text // performance check if (strpos($email->message, '{/if}') !== false) { require_once JPATH_ADMINISTRATOR . '/components/com_rsform/helpers/scripting.php'; RSFormProScripting::compile($email->message, $placeholders, $values); } $directoryEmail = array('to' => str_replace($placeholders, $values, $email->to), 'cc' => str_replace($placeholders, $values, $email->cc), 'bcc' => str_replace($placeholders, $values, $email->bcc), 'from' => str_replace($placeholders, $values, $email->from), 'replyto' => str_replace($placeholders, $values, $email->replyto), 'fromName' => str_replace($placeholders, $values, $email->fromname), 'text' => str_replace($placeholders, $values, $email->message), 'subject' => str_replace($placeholders, $values, $email->subject), 'mode' => $email->mode, 'files' => array()); // additional cc if (strpos($directoryEmail['cc'], ',') !== false) { $directoryEmail['cc'] = explode(',', $directoryEmail['cc']); } // additional bcc if (strpos($directoryEmail['bcc'], ',') !== false) { $directoryEmail['bcc'] = explode(',', $directoryEmail['bcc']); } //Trigger Event - beforeDirectoryEmail $this->_app->triggerEvent('rsfp_beforeDirectoryEmail', array(array('directory' => &$directory, 'placeholders' => &$placeholders, 'values' => &$values, 'submissionId' => $SubmissionId, 'directoryEmail' => &$directoryEmail))); eval($directory->EmailsScript); // mail users $recipients = explode(',', $directoryEmail['to']); if (!empty($recipients)) { foreach ($recipients as $recipient) { if (!empty($recipient)) { RSFormProHelper::sendMail($directoryEmail['from'], $directoryEmail['fromName'], $recipient, $directoryEmail['subject'], $directoryEmail['text'], $directoryEmail['mode'], !empty($directoryEmail['cc']) ? $directoryEmail['cc'] : null, !empty($directoryEmail['bcc']) ? $directoryEmail['bcc'] : null, $directoryEmail['files'], !empty($directoryEmail['replyto']) ? $directoryEmail['replyto'] : ''); } } } } } }