コード例 #1
0
ファイル: lib_nonajax.php プロジェクト: blocher/oneholyname
if (file_exists($CFfunctionsC)) {
    include_once $CFfunctionsC;
} else {
    if (file_exists($CFfunctions)) {
        include_once $CFfunctions;
    }
}
require_once dirname(__FILE__) . '/lib_validate.php';
if (isset($_POST['sendbutton' . $no]) && $all_valid) {
    ###
    ###  all valid? get ready to send
    ###
    if (function_exists('my_cforms_filter')) {
        $_POST = my_cforms_filter($_POST);
    }
    if ($cformsSettings['form' . $no]['cforms' . $no . '_maxentries'] != '' && get_cforms_submission_left($no) == 0 || !cf_check_time($no)) {
        $cflimit = 'reached';
        return;
    }
    $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_success']));
    $track = array();
    $trackinstance = array();
    $to_one = -1;
    $ccme = false;
    $field_email = '';
    $filefield = 0;
    $taf_youremail = false;
    $taf_friendsemail = false;
    $send2author = false;
    $inpFieldArr = array();
    // for var[] type input fields
コード例 #2
0
ファイル: cforms.php プロジェクト: saatchidgs/ourhouse
function cforms($args = '', $no = '')
{
    global $smtpsettings, $subID, $cforms_root, $wpdb, $track, $wp_db_version, $cformsSettings;
    parse_str($args, $r);
    $oldno = $no == '1' ? '' : $no;
    ### remeber old val, to reset session when in new MP form
    ##debug
    db("Original form on page #{$oldno}");
    ### multi page form: overwrite $no
    $isWPcommentForm = substr($cformsSettings['form' . $oldno]['cforms' . $oldno . '_tellafriend'], 0, 1) == '2';
    $isMPform = $cformsSettings['form' . $oldno]['cforms' . $oldno . '_mp']['mp_form'];
    $isTAF = substr($cformsSettings['form' . $oldno]['cforms' . $oldno . '_tellafriend'], 0, 1);
    ##debug
    db("Comment form = {$isWPcommentForm}");
    db("Multi-page form = {$isMPform}");
    if ($isMPform && is_array($_SESSION['cforms']) && $_SESSION['cforms']['current'] > 0 && !$isWPcommentForm) {
        $no = $_SESSION['cforms']['current'];
    }
    ### Safety, in case someone uses '1' for the default form
    $no = $no == '1' ? '' : $no;
    ##debug
    db("Switch to form #{$no}");
    $moveBack = false;
    ### multi page form: reset button
    if (isset($_REQUEST['resetbutton' . $no]) && is_array($_SESSION['cforms'])) {
        $no = $oldno;
        unset($_SESSION['cforms']);
        $_SESSION['cforms']['current'] = 0;
        $_SESSION['cforms']['first'] = $oldno;
        $_SESSION['cforms']['pos'] = 1;
        ##debug
        db("Reset-Button pressed");
    } else {
        ### multi page form: back button
        if (isset($_REQUEST['backbutton' . $no]) && isset($_SESSION['cforms']) && $_SESSION['cforms']['pos'] - 1 >= 0) {
            $no = $_SESSION['cforms']['list'][$_SESSION['cforms']['pos']-- - 1];
            $_SESSION['cforms']['current'] = $no;
            $moveBack = true;
            ##debug
            db("Back-Button pressed");
        } else {
            ### mp init: must be mp, first & not submitted!
            if ($isMPform && $cformsSettings['form' . $oldno]['cforms' . $oldno . '_mp']['mp_first'] && !isset($_REQUEST['sendbutton' . $no])) {
                ##debug
                db("Current form is *first* MP-form");
                db("Session found, you're on the first form and session is reset!");
                $no = $oldno == '1' ? '' : $oldno;
                ### restore old val
                unset($_SESSION['cforms']);
                $_SESSION['cforms']['current'] = 0;
                $_SESSION['cforms']['first'] = $no;
                $_SESSION['cforms']['pos'] = 1;
            }
        }
    }
    ##debug
    db(print_r($_SESSION, 1));
    ### custom fields support
    if (!(strpos($no, '+') === false)) {
        $no = substr($no, 0, -1);
        $customfields = build_fstat($args);
        $field_count = count($customfields);
        $custom = true;
    } else {
        $custom = false;
        $field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
    }
    $content = '';
    $err = 0;
    $filefield = 0;
    $validations = array();
    $all_valid = 1;
    $off = 0;
    $fieldsetnr = 1;
    $c_errflag = false;
    $custom_error = '';
    $usermessage_class = '';
    ### get user credentials
    if (function_exists('wp_get_current_user')) {
        $user = wp_get_current_user();
    }
    ### non Ajax method
    if (isset($_REQUEST['sendbutton' . $no])) {
        require_once dirname(__FILE__) . '/lib_nonajax.php';
        $usermessage_class = $all_valid ? ' success' : ' failure';
    }
    ### called from lib_WPcomments ?
    if ($isWPcommentForm && $send2author) {
        return $all_valid;
    }
    ###
    ###
    ### paint form
    ###
    ###
    $success = false;
    ###  fix for WP Comment (loading after redirect)
    if (isset($_GET['cfemail']) && $isWPcommentForm) {
        $usermessage_class = ' success';
        $success = true;
        if ($_GET['cfemail'] == 'sent') {
            $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_success']));
        } elseif ($_GET['cfemail'] == 'posted') {
            $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms_commentsuccess']));
        }
    }
    $break = '<br />';
    $nl = "\n";
    $tab = "\t";
    $tt = "\t\t";
    $ntt = "\n\t\t";
    $nttt = "\n\t\t\t";
    ### either show info message above or below
    $usermessage_text = check_default_vars($usermessage_text, $no);
    $usermessage_text = check_cust_vars($usermessage_text, $track, $no);
    ### logic: possibly change usermessage
    if (function_exists('my_cforms_logic')) {
        $usermessage_text = my_cforms_logic($trackf, $usermessage_text, 'successMessage');
    }
    $umc = $usermessage_class != '' && $no > 1 ? ' ' . $usermessage_class . $no : '';
    ##debug
    db("User info for form #{$no}");
    ### where to show message
    if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 0, 1) == 'y') {
        $content .= $ntt . '<div id="usermessage' . $no . 'a" class="cf_info' . $usermessage_class . $umc . ' ">' . $usermessage_text . '</div>';
        $actiontarget = 'a';
    } else {
        if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 1, 1) == 'y') {
            $actiontarget = 'b';
        }
    }
    ### multi page form: overwrite $no, move on to next form
    if ($all_valid && isset($_REQUEST['sendbutton' . $no])) {
        $isMPformNext = false;
        ### default
        $oldcurrent = $no;
        if ($isMPform && isset($_SESSION['cforms']) && $_SESSION['cforms']['current'] > 0 && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next'] != -1) {
            $isMPformNext = true;
            $no = check_form_name($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next']);
            ##debug
            db("Session active and now moving on to form #{$no}");
            ### logic: possibly change next form
            if (function_exists('my_cforms_logic')) {
                $no = my_cforms_logic($trackf, $no, "nextForm");
            }
            ### use trackf!
            $oldcurrent = $_SESSION['cforms']['current'];
            $_SESSION['cforms']['current'] = $no == '' ? 1 : $no;
            $field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
        } elseif ($isMPform && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next'] == -1) {
            ##debug
            db("Session was active but is being reset now");
            $oldcurrent = $no;
            $no = $_SESSION['cforms']['first'];
            unset($_SESSION['cforms']);
            $_SESSION['cforms']['current'] = 0;
            $_SESSION['cforms']['first'] = $no;
            $_SESSION['cforms']['pos'] = 1;
            $field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
        }
    }
    ##debug
    db("All good, currently on form #{$no}");
    ##debug: optional
    ## db(print_r($_SESSION,1));
    ## db(print_r($track,1));
    ### redirect == 2 : hide form?    || or if max entries reached! w/ SESSION support if#2
    if ($all_valid && ($cformsSettings['form' . $no]['cforms' . $no . '_hide'] && isset($_REQUEST['sendbutton' . $no]) || $cformsSettings['form' . $oldcurrent]['cforms' . $oldcurrent . '_hide'] && isset($_REQUEST['sendbutton' . $oldcurrent]))) {
        return $content;
    } else {
        if ($cformsSettings['form' . $no]['cforms' . $no . '_maxentries'] != '' && get_cforms_submission_left($no) <= 0 || !cf_check_time($no)) {
            if ($cflimit == "reached") {
                return stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_limittxt']);
            } else {
                return $content . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_limittxt']);
            }
        }
    }
    ### alternative form action
    $alt_action = false;
    if ($cformsSettings['form' . $no]['cforms' . $no . '_action'] == '1') {
        $action = $cformsSettings['form' . $no]['cforms' . $no . '_action_page'];
        $alt_action = true;
    } else {
        if ($isWPcommentForm) {
            $action = $cforms_root . '/lib_WPcomment.php';
        } else {
            $action = get_current_page(false) . '#usermessage' . $no . $actiontarget;
        }
    }
    ### start with form tag
    $content .= $ntt . '<form enctype="multipart/form-data" action="' . $action . '" method="post" class="cform' . ($cformsSettings['form' . $no]['cforms' . $no . '_dontclear'] ? ' cfnoreset' : '') . '" id="cforms' . $no . 'form">' . $nl;
    ### Session item counter (for default values)
    $sItem = 1;
    ### start with no fieldset
    $fieldsetopen = false;
    $verification = false;
    $captcha = false;
    $upload = false;
    $fscount = 1;
    $ol = false;
    for ($i = 1; $i <= $field_count; $i++) {
        if (!$custom) {
            $field_stat = explode('$#$', $cformsSettings['form' . $no]['cforms' . $no . '_count_field_' . $i]);
        } else {
            $field_stat = explode('$#$', $customfields[$i - 1]);
        }
        $field_name = $field_stat[0];
        $field_type = $field_stat[1];
        $field_required = $field_stat[2];
        $field_emailcheck = $field_stat[3];
        $field_clear = $field_stat[4];
        $field_disabled = $field_stat[5];
        $field_readonly = $field_stat[6];
        ### ommit certain fields
        if (in_array($field_type, array('cauthor', 'url', 'email')) && $user->ID) {
            continue;
        }
        ### check for custom err message and split field_name
        $obj = explode('|err:', $field_name, 2);
        $fielderr = $obj[1];
        if ($fielderr != '') {
            switch ($field_type) {
                case 'upload':
                    $custom_error .= 'cf_uploadfile' . $no . '-' . $i . '$#$' . $fielderr . '|';
                    break;
                case 'captcha':
                    $custom_error .= 'cforms_captcha' . $no . '$#$' . $fielderr . '|';
                    break;
                case 'verification':
                    $custom_error .= 'cforms_q' . $no . '$#$' . $fielderr . '|';
                    break;
                case "cauthor":
                case "url":
                case "email":
                case "comment":
                    $custom_error .= $field_type . '$#$' . $fielderr . '|';
                    break;
                default:
                    preg_match('/^([^#\\|]*).*/', $field_name, $input_name);
                    if (strpos($input_name[1], '[id:') > 0) {
                        preg_match('/\\[id:(.+)\\]/', $input_name[1], $input_name);
                    }
                    $custom_error .= $cformsSettings['form' . $no]['cforms' . $no . '_customnames'] == '1' ? cf_sanitize_ids($input_name[1]) : 'cf' . $no . '_field_' . $i;
                    $custom_error .= '$#$' . $fielderr . '|';
                    break;
            }
        }
        ### check for title attrib
        $obj = explode('|title:', $obj[0], 2);
        $fieldTitle = $obj[1] != '' ? ' title="' . str_replace('"', '&quot;', stripslashes($obj[1])) . '"' : '';
        ### special treatment for selectboxes
        if (in_array($field_type, array('multiselectbox', 'selectbox', 'radiobuttons', 'send2author', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox'))) {
            $chkboxClicked = array();
            if (in_array($field_type, array('luv', 'subscribe', 'checkbox', 'ccbox')) && strpos($obj[0], '|set:') > 1) {
                $chkboxClicked = explode('|set:', stripslashes($obj[0]));
                $obj[0] = $chkboxClicked[0];
            }
            $options = explode('#', stripslashes($obj[0]));
            $field_name = $options[0];
        }
        ### check if fieldset is open
        if (!$fieldsetopen && !$ol && $field_type != 'fieldsetstart') {
            $content .= $tt . '<ol class="cf-ol">';
            $ol = true;
        }
        $labelclass = '';
        ### visitor verification
        if (!$verification && $field_type == 'verification') {
            srand(microtime() * 1000003);
            $qall = explode("\r\n", $cformsSettings['global']['cforms_sec_qa']);
            $n = rand(0, count(array_keys($qall)) - 1);
            $q = $qall[$n];
            $q = explode('=', $q);
            ### q[0]=qestion  q[1]=answer
            $field_name = stripslashes(htmlspecialchars($q[0]));
            $labelclass = ' class="secq"';
        } else {
            if ($field_type == 'captcha') {
                $labelclass = ' class="seccap"';
            }
        }
        $defaultvalue = '';
        ### setting the default val & regexp if it exists
        if (!in_array($field_type, array('fieldsetstart', 'fieldsetend', 'radiobuttons', 'send2author', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox', 'multiselectbox', 'selectbox', 'verification'))) {
            ### check if default val & regexp are set
            $obj = explode('|', $obj[0], 3);
            if ($obj[2] != '') {
                $reg_exp = str_replace('"', '&quot;', stripslashes($obj[2]));
            } else {
                $reg_exp = '';
            }
            if ($obj[1] != '') {
                $defaultvalue = str_replace('"', '&quot;', check_default_vars(stripslashes($obj[1]), $no));
            }
            $field_name = $obj[0];
        }
        ### label ID's
        $labelIDx = '';
        $labelID = $cformsSettings['global']['cforms_labelID'] == '1' ? ' id="label-' . $no . '-' . $i . '"' : '';
        ### <li> ID's
        $liID = $cformsSettings['global']['cforms_liID'] == '1' || substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) == "y" || substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) == "y" ? ' id="li-' . $no . '-' . $i . '"' : '';
        ### input field names & label
        if ($cformsSettings['form' . $no]['cforms' . $no . '_customnames'] == '1') {
            if (strpos($field_name, '[id:') !== false) {
                $idPartA = strpos($field_name, '[id:');
                $idPartB = strpos($field_name, ']', $idPartA);
                $input_id = $input_name = cf_sanitize_ids(substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4));
                $field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
            } else {
                $input_id = $input_name = cf_sanitize_ids(stripslashes($field_name));
            }
        } else {
            $input_id = $input_name = 'cf' . $no . '_field_' . $i;
        }
        $field_class = '';
        $field_value = '';
        switch ($field_type) {
            case 'luv':
                $input_id = $input_name = 'luv';
                break;
            case 'subscribe':
                $input_id = $input_name = 'subscribe';
                break;
            case 'verification':
                if (is_user_logged_in() && $cformsSettings['global']['cforms_captcha_def']['foqa'] != '1') {
                    continue 2;
                }
                $input_id = $input_name = 'cforms_q' . $no;
                break;
            case 'captcha':
                if (is_user_logged_in() && $cformsSettings['global']['cforms_captcha_def']['fo'] != '1') {
                    continue 2;
                }
                $input_id = $input_name = 'cforms_captcha' . $no;
                break;
            case 'upload':
                $input_id = $input_name = 'cf_uploadfile' . $no . '-' . $i;
                $field_class = 'upload';
                break;
            case "send2author":
            case "email":
            case "cauthor":
            case "url":
                $input_id = $input_name = $field_type;
            case "datepicker":
            case "yourname":
            case "youremail":
            case "friendsname":
            case "friendsemail":
            case "textfield":
            case "pwfield":
                $field_class = 'single';
                break;
            case "hidden":
                $field_class = 'hidden';
                break;
            case 'comment':
                $input_id = $input_name = $field_type;
                $field_class = 'area';
                break;
            case 'textarea':
                $field_class = 'area';
                break;
        }
        ### additional field classes
        if ($field_disabled) {
            $field_class .= ' disabled';
        }
        if ($field_readonly) {
            $field_class .= ' readonly';
        }
        if ($field_emailcheck) {
            $field_class .= ' fldemail';
        }
        if ($field_required) {
            $field_class .= ' fldrequired';
        }
        ### error ?
        $liERR = $insertErr = '';
        ### only for mp forms
        if ($moveBack || $isMPformNext) {
            $field_value = htmlspecialchars(stripslashes($_SESSION['cforms']['cf_form' . $no][$_SESSION['cforms']['cf_form' . $no]['$$$' . $sItem++]]));
        }
        if (!$all_valid) {
            ### errors...
            if ($validations[$i] == 1) {
                $field_class .= '';
            } else {
                $field_class .= ' cf_error';
                ### enhanced error display
                if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) == "y") {
                    $liERR = 'cf_li_err';
                }
                if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) == "y") {
                    $insertErr = $fielderr != '' ? '<ul class="cf_li_text_err"><li>' . stripslashes($fielderr) . '</li></ul>' : '';
                }
            }
            if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
                $field_value = $_REQUEST[$input_name];
                ### in this case it's an array! will do the stripping later
            } else {
                $field_value = htmlspecialchars(stripslashes($_REQUEST[$input_name]));
            }
        } else {
            if (!isset($_REQUEST['sendbutton' . $no]) && isset($_REQUEST[$input_name]) || $cformsSettings['form' . $no]['cforms' . $no . '_dontclear']) {
                ### only pre-populating fields...
                if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
                    $field_value = $_REQUEST[$input_name];
                } else {
                    $field_value = htmlspecialchars(stripslashes($_REQUEST[$input_name]));
                }
            }
        }
        ### print label only for non "textonly" fields! Skip some others too, and handle them below indiv.
        if (!in_array($field_type, array('hidden', 'textonly', 'fieldsetstart', 'fieldsetend', 'ccbox', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'send2author', 'radiobuttons'))) {
            $content .= $nttt . '<li' . $liID . ' class="' . $liERR . '">' . $insertErr . '<label' . $labelID . ' for="' . $input_id . '"' . $labelclass . '><span>' . stripslashes($field_name) . '</span></label>';
        }
        ### if not reloaded (due to err) then use default values
        if ($field_value == '' && $defaultvalue != '') {
            $field_value = $defaultvalue;
        }
        ### field disabled or readonly, greyed out?
        $disabled = $field_disabled ? ' disabled="disabled"' : '';
        $readonly = $field_readonly ? ' readonly="readonly"' : '';
        ### add input field
        $dp = '';
        $naming = false;
        $field = '';
        $val = '';
        $force_checked = false;
        $cookieset = '';
        switch ($field_type) {
            case "upload":
                $upload = true;
                ### set upload flag for ajax suppression!
                $field = '<input' . $readonly . $disabled . ' type="file" name="cf_uploadfile' . $no . '[]" id="cf_uploadfile' . $no . '-' . $i . '" class="cf_upload ' . $field_class . '"' . $fieldTitle . '/>';
                break;
            case "textonly":
                $field .= $nttt . '<li' . $liID . ' class="textonly' . ($defaultvalue != '' ? ' ' . $defaultvalue : '') . '"' . ($reg_exp != '' ? ' style="' . $reg_exp . '" ' : '') . '>' . stripslashes($field_name) . '</li>';
                break;
            case "fieldsetstart":
                if ($fieldsetopen) {
                    $field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
                    $fieldsetopen = false;
                    $ol = false;
                }
                if (!$fieldsetopen) {
                    if ($ol) {
                        $field = $ntt . '</ol>' . $nl;
                    }
                    $field .= $tt . '<fieldset class="cf-fs' . $fscount++ . '">' . $nl . $tt . '<legend>' . stripslashes($field_name) . '</legend>' . $nl . $tt . '<ol class="cf-ol">';
                    $fieldsetopen = true;
                    $ol = true;
                }
                break;
            case "fieldsetend":
                if ($fieldsetopen) {
                    $field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
                    $fieldsetopen = false;
                    $ol = false;
                } else {
                    $field = '';
                }
                break;
            case "verification":
                $field = '<input type="text" name="' . $input_name . '" id="cforms_q' . $no . '" class="secinput ' . $field_class . '" value=""' . $fieldTitle . '/>';
                $verification = true;
                break;
            case "captcha":
                $field = '<input type="text" name="' . $input_name . '" id="cforms_captcha' . $no . '" class="secinput' . $field_class . '" value=""' . $fieldTitle . '/>' . '<img id="cf_captcha_img' . $no . '" class="captcha" src="' . $cforms_root . '/cforms-captcha.php?ts=' . $no . get_captcha_uri() . '" alt=""/>' . '<a title="' . __('reset captcha image', 'cforms') . '" href="javascript:reset_captcha(\'' . $no . '\')"><img class="captcha-reset" src="' . $cforms_root . '/images/spacer.gif" alt="Captcha"/></a>';
                $captcha = true;
                break;
            case "cauthor":
                $cookieset = 'comment_author_' . COOKIEHASH;
            case "url":
                $cookieset = $cookieset == '' ? 'comment_author_url_' . COOKIEHASH : $cookieset;
            case "email":
                $cookieset = $cookieset == '' ? 'comment_author_email_' . COOKIEHASH : $cookieset;
                $field_value = $_COOKIE[$cookieset] != '' ? $_COOKIE[$cookieset] : $field_value;
            case "datepicker":
            case "yourname":
            case "youremail":
            case "friendsname":
            case "friendsemail":
            case "textfield":
            case "pwfield":
                $field_value = check_post_vars($field_value);
                $type = $field_type == 'pwfield' ? 'password' : 'text';
                $field_class = $field_type == 'datepicker' ? $field_class . ' cf_date' : $field_class;
                $onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
                $field = '<input' . $readonly . $disabled . ' type="' . $type . '" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '" value="' . $field_value . '"' . $onfocus . $fieldTitle . '/>';
                if ($reg_exp != '') {
                    $field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
                }
                $field .= $dp;
                break;
            case "hidden":
                $field_value = check_post_vars($field_value);
                if (preg_match('/^<([a-zA-Z0-9]+)>$/', $field_value, $getkey)) {
                    $field_value = $_GET[$getkey[1]];
                }
                $field .= $nttt . '<li class="cf_hidden"><input type="hidden" class="cfhidden" name="' . $input_name . '" id="' . $input_id . '" value="' . $field_value . '"' . $fieldTitle . '/></li>';
                break;
            case "comment":
            case "textarea":
                $onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
                $field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
                if ($reg_exp != '') {
                    $field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
                }
                break;
            case "subscribe":
                if (class_exists('sg_subscribe') && $field_type == 'subscribe') {
                    global $sg_subscribe;
                    sg_subscribe_start();
                    if (($email = $sg_subscribe->current_viewer_subscription_status()) == 'admin' && current_user_can('manage_options')) {
                        $field .= '<li' . $liID . '>' . str_replace('[manager_link]', $sg_subscribe->manage_link($email, true, false), $sg_subscribe->author_text) . '</li>';
                        continue;
                    } else {
                        if ($email != '') {
                            $field .= '<li' . $liID . '>' . str_replace('[manager_link]', $sg_subscribe->manage_link($email, true, false), $sg_subscribe->subscribed_text) . '</li>';
                            continue;
                        }
                    }
                    $val = ' value="subscribe"';
                }
            case "luv":
                if (function_exists('comment_luv') && $field_type == 'luv') {
                    get_currentuserinfo();
                    global $user_level;
                    if ($user_level == 10) {
                        continue 2;
                    }
                    //empty for now
                    $val = ' value="luv"';
                }
            case "ccbox":
            case "checkbox":
                if (!$field_value) {
                    $preChecked = strpos($chkboxClicked[1], 'true') !== false ? ' checked="checked"' : '';
                } else {
                    $preChecked = $field_value && $field_value != '-' ? ' checked="checked"' : '';
                }
                ### '-' for mp session!
                $err = '';
                if (!$all_valid && $validations[$i] != 1) {
                    $err = ' cf_errortxt';
                }
                if ($options[1] != '') {
                    $opt = explode('|', $options[1], 2);
                    $before = '<li' . $liID . ' class="' . $liERR . '">' . $insertErr;
                    $after = '<label' . $labelID . ' for="' . $input_id . '" class="cf-after' . $err . '"><span>' . $opt[0] . '</span></label></li>';
                    $ba = 'a';
                } else {
                    $opt = explode('|', $field_name, 2);
                    $before = '<li' . $liID . ' class="' . $liERR . '">' . $insertErr . '<label' . $labelID . ' for="' . $input_name . '" class="cf-before' . $err . '"><span>' . $opt[0] . '</span></label>';
                    $after = '</li>';
                    $ba = 'b';
                }
                ### if | val provided, then use "X"
                if ($val == '') {
                    $val = $opt[1] != '' ? ' value="' . $opt[1] . '"' : '';
                }
                $field = $nttt . $before . '<input' . $readonly . $disabled . ' type="checkbox" name="' . $input_name . '" id="' . $input_id . '" class="cf-box-' . $ba . $field_class . '"' . $val . $fieldTitle . $preChecked . '/>' . $after;
                break;
            case "checkboxgroup":
                $liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
                array_shift($options);
                $field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
                $id = 1;
                $j = 0;
                ### mp session support
                if ($moveBack || $isMPformNext) {
                    $field_value = explode(',', $field_value);
                }
                foreach ($options as $option) {
                    ### supporting names & values
                    $boxPreset = explode('|set:', $option);
                    $opt = explode('|', $boxPreset[0], 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    $checked = '';
                    if ($moveBack || $isMPformNext) {
                        if (in_array($opt[1], array_values($field_value))) {
                            $checked = 'checked="checked"';
                        }
                    } elseif (is_array($field_value)) {
                        if ($opt[1] == htmlspecialchars(stripslashes(strip_tags($field_value[$j])))) {
                            $checked = 'checked="checked"';
                            $j++;
                        }
                    } else {
                        if (strpos($boxPreset[1], 'true') !== false) {
                            $checked = ' checked="checked"';
                        }
                    }
                    if ($labelID != '') {
                        $labelIDx = substr($labelID, 0, -1) . $id . '"';
                    }
                    if ($opt[0] == '') {
                        $field .= $nttt . $tab . '<br />';
                    } else {
                        $field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="checkbox" id="' . $input_id . '-' . $id . '" name="' . $input_name . '[]" value="' . $opt[1] . '" ' . $checked . ' class="cf-box-b"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . '-' . $id++ . '" class="cf-group-after"><span>' . $opt[0] . "</span></label>";
                    }
                }
                $field .= $nttt . '</li>';
                break;
            case "multiselectbox":
                ### $field .= $nttt . '<li><label ' . $labelID . ' for="'.$input_name.'"'. $labelclass . '><span>' . stripslashes(($field_name)) . '</span></label>';
                $field .= '<select' . $readonly . $disabled . ' multiple="multiple" name="' . $input_name . '[]" id="' . $input_id . '" class="cfselectmulti ' . $field_class . '"' . $fieldTitle . '>';
                array_shift($options);
                $j = 0;
                ### mp session support
                if ($moveBack || $isMPformNext) {
                    $field_value = explode(',', $field_value);
                }
                foreach ($options as $option) {
                    ### supporting names & values
                    $optPreset = explode('|set:', $option);
                    $opt = explode('|', $optPreset[0], 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    $checked = '';
                    if ($moveBack || $isMPformNext) {
                        if (in_array($opt[1], array_values($field_value))) {
                            $checked = 'selected="selected"';
                        }
                    } elseif (is_array($field_value)) {
                        if ($opt[1] == stripslashes(htmlspecialchars(strip_tags($field_value[$j])))) {
                            $checked = ' selected="selected"';
                            $j++;
                        }
                    } else {
                        if (strpos($optPreset[1], 'true') !== false) {
                            $checked = ' selected="selected"';
                        }
                    }
                    $field .= $nttt . $tab . '<option value="' . str_replace('"', '&quot;', $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
                }
                $field .= $nttt . '</select>';
                break;
            case "emailtobox":
            case "selectbox":
                $field = '<select' . $readonly . $disabled . ' name="' . $input_name . '" id="' . $input_id . '" class="cformselect' . $field_class . '" ' . $fieldTitle . '>';
                array_shift($options);
                $jj = $j = 0;
                foreach ($options as $option) {
                    ### supporting names & values
                    $optPreset = explode('|set:', $option);
                    $opt = explode('|', $optPreset[0], 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    ### email-to-box valid entry?
                    if ($field_type == 'emailtobox' && $opt[1] != '-') {
                        $jj = $j++;
                    } else {
                        $jj = '--';
                    }
                    $checked = '';
                    if ($field_value == '') {
                        if (strpos($optPreset[1], 'true') !== false) {
                            $checked = ' selected="selected"';
                        }
                    } else {
                        if ($opt[1] == $field_value || $jj == $field_value) {
                            $checked = ' selected="selected"';
                        }
                    }
                    $field .= $nttt . $tab . '<option value="' . ($field_type == 'emailtobox' ? $jj : $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
                }
                $field .= $nttt . '</select>';
                break;
            case "send2author":
                $force_checked = strpos($field_stat[0], '|set:') === false ? true : false;
            case "radiobuttons":
                $liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
                ### only if label ID's active
                array_shift($options);
                $field .= $nttt . '<li' . $liID . ' class="' . $liERR . ' cf-box-title">' . $insertErr . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
                $id = 1;
                foreach ($options as $option) {
                    $checked = '';
                    ### supporting names & values
                    $radioPreset = explode('|set:', $option);
                    $opt = explode('|', $radioPreset[0], 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    if ($field_value == '') {
                        if (strpos($radioPreset[1], 'true') !== false || $force_checked && $id == 1) {
                            $checked = ' checked="checked"';
                        }
                    } else {
                        if ($opt[1] == $field_value) {
                            $checked = ' checked="checked"';
                        }
                    }
                    if ($labelID != '') {
                        $labelIDx = substr($labelID, 0, -1) . $id . '"';
                    }
                    if ($opt[0] == '') {
                        $field .= $nttt . $tab . '<br />';
                    } else {
                        $field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="radio" id="' . $input_id . '-' . $id . '" name="' . $input_name . '" value="' . $opt[1] . '"' . $checked . ' class="cf-box-b' . ($second ? ' cformradioplus' : '') . ($field_required ? ' fldrequired' : '') . '"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . '-' . $id++ . '" class="cf-after"><span>' . $opt[0] . "</span></label>";
                    }
                }
                $field .= $nttt . '</li>';
                break;
        }
        ### add new field
        $content .= $field;
        ### adding "required" text if needed
        if ($field_emailcheck == 1) {
            $content .= '<span class="emailreqtxt">' . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_emailrequired']) . '</span>';
        } else {
            if ($field_required == 1 && !in_array($field_type, array('ccbox', 'luv', 'subscribe', 'checkbox', 'radiobuttons'))) {
                $content .= '<span class="reqtxt">' . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_required']) . '</span>';
            }
        }
        ### close out li item
        if (!in_array($field_type, array('hidden', 'fieldsetstart', 'fieldsetend', 'radiobuttons', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'textonly', 'send2author'))) {
            $content .= '</li>';
        }
    }
    ### all fields
    ### close any open tags
    if ($ol) {
        $content .= $ntt . '</ol>';
    }
    if ($fieldsetopen) {
        $content .= $ntt . '</fieldset>';
    }
    ### rest of the form
    if ($cformsSettings['form' . $no]['cforms' . $no . '_ajax'] == '1' && !$upload && !$custom && !$alt_action) {
        $ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', false)"';
    } else {
        if (($upload || $custom || $alt_action) && $cformsSettings['form' . $no]['cforms' . $no . '_ajax'] == '1') {
            $ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', true)"';
        } else {
            $ajaxenabled = '';
        }
    }
    ### just to appease html "strict"
    $content .= $ntt . '<fieldset class="cf_hidden">' . $nttt . '<legend>&nbsp;</legend>';
    ### if visitor verification turned on:
    if ($verification) {
        $content .= $nttt . '<input type="hidden" name="cforms_a' . $no . '" id="cforms_a' . $no . '" value="' . md5(rawurlencode(strtolower($q[1]))) . '"/>';
    }
    ### custom error
    $custom_error = substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) . substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) . substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 4, 1) . $custom_error;
    ### TAF or WP comment or Extra Fields
    if ((int) $isTAF > 0) {
        $nono = $isWPcommentForm ? '' : $no;
        if ($isWPcommentForm) {
            $content .= $nttt . '<input type="hidden" name="comment_parent" id="comment_parent" value="' . ($_REQUEST['replytocom'] != '' ? $_REQUEST['replytocom'] : '0') . '"/>';
        }
        $content .= $nttt . '<input type="hidden" name="comment_post_ID' . $nono . '" id="comment_post_ID' . $nono . '" value="' . (isset($_GET['pid']) ? $_GET['pid'] : get_the_ID()) . '"/>' . $nttt . '<input type="hidden" name="cforms_pl' . $no . '" id="cforms_pl' . $no . '" value="' . (isset($_GET['pid']) ? get_permalink($_GET['pid']) : get_permalink()) . '"/>';
    }
    $content .= $nttt . '<input type="hidden" name="cf_working' . $no . '" id="cf_working' . $no . '" value="' . rawurlencode($cformsSettings['form' . $no]['cforms' . $no . '_working']) . '"/>' . $nttt . '<input type="hidden" name="cf_failure' . $no . '" id="cf_failure' . $no . '" value="' . rawurlencode($cformsSettings['form' . $no]['cforms' . $no . '_failure']) . '"/>' . $nttt . '<input type="hidden" name="cf_codeerr' . $no . '" id="cf_codeerr' . $no . '" value="' . rawurlencode($cformsSettings['global']['cforms_codeerr']) . '"/>' . $nttt . '<input type="hidden" name="cf_customerr' . $no . '" id="cf_customerr' . $no . '" value="' . rawurlencode($custom_error) . '"/>' . $nttt . '<input type="hidden" name="cf_popup' . $no . '" id="cf_popup' . $no . '" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_popup'] . '"/>';
    $content .= $ntt . '</fieldset>';
    ### multi page form: reset
    $reset = '';
    if ($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_form'] && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_reset']) {
        $reset = '<input tabindex="999" type="submit" name="resetbutton' . $no . '" id="resetbutton' . $no . '" class="resetbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_resettext'] . '" onclick="return confirm(\'' . __('Note: This will reset all your input!', 'cforms') . '\')">';
    }
    ### multi page form: back
    $back = '';
    if ($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_form'] && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_back']) {
        $back = '<input type="submit" name="backbutton' . $no . '" id="backbutton' . $no . '" class="backbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_backtext'] . '">';
    }
    $content .= $ntt . '<p class="cf-sb">' . $reset . $back . '<input type="submit" name="sendbutton' . $no . '" id="sendbutton' . $no . '" class="sendbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_submit_text'] . '"' . $ajaxenabled . '/></p>';
    $content .= $ntt . '</form>';
    ### Thank you for leaving this in place
    $content .= $ntt . '<p class="linklove" id="ll' . $no . '"><a href="http://www.deliciousdays.com/cforms-plugin"><em>cforms</em> contact form by delicious:days</a></p>';
    ### either show message above or below
    $usermessage_text = check_default_vars($usermessage_text, $no);
    $usermessage_text = check_cust_vars($usermessage_text, $track, $no);
    if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 1, 1) == 'y' && !($success && $cformsSettings['form' . $no]['cforms' . $no . '_hide'])) {
        $content .= $tt . '<div id="usermessage' . $no . 'b" class="cf_info ' . $usermessage_class . $umc . '" >' . $usermessage_text . '</div>' . $nl;
    }
    ### flush debug messages
    dbflush();
    return $content;
}
コード例 #3
0
ファイル: lib_ajax.php プロジェクト: saatchidgs/ourhouse
function cforms_submitcomment($content)
{
    global $cformsSettings, $wpdb, $subID, $smtpsettings, $track, $trackf, $Ajaxpid, $AjaxURL, $wp_locale, $abspath;
    $WPsuccess = false;
    ### WP Comment flag
    $isAjaxWPcomment = strpos($content, '***');
    ###  WP comment feature
    $content = explode('***', $content);
    $content = $content[0];
    $content = explode('+++', $content);
    ###  Added special fields
    if (count($content) > 3) {
        $commentparent = $content[1];
        $Ajaxpid = $content[2];
        $AjaxURL = $content[3];
    } else {
        $Ajaxpid = $content[1];
        $AjaxURL = $content[2];
    }
    $segments = explode('$#$', $content[0]);
    $params = array();
    $sep = strpos(__FILE__, '/') === false ? '\\' : '/';
    $WPpluggable = $abspath . 'wp-includes' . $sep . 'pluggable.php';
    if (file_exists($WPpluggable)) {
        require_once $WPpluggable;
    }
    $CFfunctionsC = dirname(dirname(__FILE__)) . $cformsSettings['global']['cforms_IIS'] . 'cforms-custom' . $cformsSettings['global']['cforms_IIS'] . 'my-functions.php';
    $CFfunctions = dirname(__FILE__) . $cformsSettings['global']['cforms_IIS'] . 'my-functions.php';
    if (file_exists($CFfunctionsC)) {
        include_once $CFfunctionsC;
    } else {
        if (file_exists($CFfunctions)) {
            include_once $CFfunctions;
        }
    }
    if (function_exists('wp_get_current_user')) {
        $user = wp_get_current_user();
    }
    for ($i = 1; $i <= sizeof($segments); $i++) {
        $params['field_' . $i] = $segments[$i];
    }
    ###  fix reference to first form
    if ($segments[0] == '1') {
        $params['id'] = $no = '';
    } else {
        $params['id'] = $no = $segments[0];
    }
    ### TAF flag
    $isTAF = substr($cformsSettings['form' . $no]['cforms' . $no . '_tellafriend'], 0, 1);
    ###  user filter ?
    if (function_exists('my_cforms_ajax_filter')) {
        $params = my_cforms_ajax_filter($params);
    }
    ###  init variables
    $track = array();
    $trackinstance = array();
    $to_one = -1;
    $ccme = false;
    $field_email = '';
    $off = 0;
    $fieldsetnr = 1;
    $taf_youremail = false;
    $taf_friendsemail = false;
    ###  form limit reached
    if ($cformsSettings['form' . $no]['cforms' . $no . '_maxentries'] != '' && get_cforms_submission_left($no) == 0 || !cf_check_time($no)) {
        $pre = $segments[0] . '*$#' . substr($cformsSettings['form' . $no]['cforms' . $no . '_popup'], 0, 1);
        return $pre . preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_limittxt'])) . $hide;
    }
    ### for comment luv
    get_currentuserinfo();
    global $user_level;
    ### Subscribe-To-Comments
    $isSubscribed == '';
    if (class_exists('sg_subscribe')) {
        global $sg_subscribe;
        sg_subscribe_start();
        $isSubscribed = $sg_subscribe->current_viewer_subscription_status();
    }
    $captchaopt = $cformsSettings['global']['cforms_captcha_def'];
    for ($i = 1; $i <= sizeof($params) - 2; $i++) {
        $field_stat = explode('$#$', $cformsSettings['form' . $no]['cforms' . $no . '_count_field_' . ((int) $i + (int) $off)]);
        while (in_array($field_stat[1], array('fieldsetstart', 'fieldsetend', 'textonly', 'captcha', 'verification'))) {
            if ($field_stat[1] == 'captcha' && !(is_user_logged_in() && !$captchaopt['fo'] == '1')) {
                break;
            }
            if ($field_stat[1] == 'verification' && !(is_user_logged_in() && !$captchaopt['foqa'] == '1')) {
                break;
            }
            if ($field_stat[1] == 'fieldsetstart') {
                $track['$$$' . ((int) $i + (int) $off)] = 'Fieldset' . $fieldsetnr;
                $track['Fieldset' . $fieldsetnr++] = $field_stat[0];
            } elseif ($field_stat[1] == 'fieldsetend') {
                $track['FieldsetEnd' . $fieldsetnr++] = '--';
            }
            ### get next in line...
            $off++;
            $field_stat = explode('$#$', $cformsSettings['form' . $no]['cforms' . $no . '_count_field_' . ((int) $i + (int) $off)]);
            if ($field_stat[1] == '') {
                break 2;
            }
            ###  all fields searched, break both while & for
        }
        ###  filter all redundant WP comment fields if user is logged in
        while (in_array($field_stat[1], array('cauthor', 'email', 'url')) && $user->ID) {
            $temp = explode('|', $field_stat[0], 3);
            ### get field name
            $temp = explode('#', $temp[0], 2);
            switch ($field_stat[1]) {
                case 'cauthor':
                    $track['cauthor'] = $track[$temp[0]] = $user->display_name;
                    $track['$$$' . ((int) $i + (int) $off)] = $temp[0];
                    break;
                case 'email':
                    $track['email'] = $track[$temp[0]] = $field_email = $user->user_email;
                    $track['$$$' . ((int) $i + (int) $off)] = $temp[0];
                    break;
                case 'url':
                    $track['url'] = $track[$temp[0]] = $user->user_url;
                    $track['$$$' . ((int) $i + (int) $off)] = $temp[0];
                    break;
            }
            $off++;
            $field_stat = explode('$#$', $cformsSettings['form' . $no]['cforms' . $no . '_count_field_' . ((int) $i + (int) $off)]);
            if ($field_stat[1] == '') {
                break 2;
            }
            ###  all fields searched, break both while & for
        }
        $field_name = $field_stat[0];
        $field_type = $field_stat[1];
        ### remove [id: ] first
        if (strpos($field_name, '[id:') !== false) {
            $idPartA = strpos($field_name, '[id:');
            $idPartB = strpos($field_name, ']', $idPartA);
            $customTrackingID = substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4);
            $field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
        } else {
            $customTrackingID = '';
        }
        ###  dissect field
        $obj = explode('|', $field_name, 3);
        ###  strip out default value
        $field_name = $obj[0];
        ###  special WP comment fields
        if (in_array($field_stat[1], array('luv', 'subscribe', 'cauthor', 'email', 'url', 'comment', 'send2author'))) {
            $temp = explode('#', $field_name, 2);
            if ($temp[0] == '') {
                $field_name = $field_stat[1];
            } else {
                $field_name = $temp[0];
            }
            ### keep copy of values
            $track[$field_stat[1]] = stripslashes($params['field_' . $i]);
            if ($field_stat[1] == 'email') {
                $field_email = $params['field_' . $i];
            }
        }
        ###  special Tell-A-Friend fields
        if ($taf_friendsemail == '' && $field_type == 'friendsemail' && $field_stat[3] == '1') {
            $field_email = $taf_friendsemail = $params['field_' . $i];
        }
        if ($taf_youremail == '' && $field_type == 'youremail' && $field_stat[3] == '1') {
            $taf_youremail = $params['field_' . $i];
        }
        if ($field_type == 'friendsname') {
            $taf_friendsname = $params['field_' . $i];
        }
        if ($field_type == 'yourname') {
            $taf_yourname = $params['field_' . $i];
        }
        ###  lets find an email field ("Is Email") and that's not empty!
        if ($field_email == '' && $field_stat[3] == '1') {
            $field_email = $params['field_' . $i];
        }
        ###  special case: select & radio
        if ($field_type == "multiselectbox" || $field_type == "selectbox" || $field_type == "radiobuttons" || $field_type == "checkboxgroup") {
            $field_name = explode('#', $field_name);
            $field_name = $field_name[0];
        }
        ###  special case: check box
        if ($field_type == "checkbox" || $field_type == "ccbox") {
            $field_name = explode('#', $field_name);
            $field_name = $field_name[1] == '' ? $field_name[0] : $field_name[1];
            $field_name = explode('|', $field_name);
            $field_name = $field_name[0];
            ###  if ccbox & checked
            if ($field_type == "ccbox" && $params['field_' . $i] != "-") {
                $ccme = 'field_' . $i;
            }
        }
        if ($field_type == "emailtobox") {
            ### special case where the value needs to bet get from the DB!
            $to_one = $params['field_' . $i];
            $field_name = explode('#', $field_stat[0]);
            ### can't use field_name, since '|' check earlier
            $tmp = explode('|', $field_name[$to_one + 1]);
            ###  remove possible |set:true
            $value = $tmp[0];
            ###  values start from 0 or after!
            $to = $replyto = stripslashes($tmp[1]);
            $field_name = $field_name[0];
        } else {
            if (strtoupper(get_option('blog_charset')) != 'UTF-8' && function_exists('mb_convert_encoding')) {
                $value = mb_convert_encoding(utf8_decode(stripslashes($params['field_' . $i])), get_option('blog_charset'));
            } else {
                $value = stripslashes($params['field_' . $i]);
            }
        }
        ### only if hidden!
        if ($field_type == 'hidden') {
            $value = rawurldecode($value);
        }
        ###  Q&A verification
        if ($field_type == "verification") {
            $field_name = __('Q&A', 'cforms');
        }
        ### determine tracked field name
        $inc = '';
        $trackname = trim($field_name);
        if (array_key_exists($trackname, $track)) {
            if ($trackinstance[$trackname] == '') {
                $trackinstance[$trackname] = 2;
            }
            $inc = '___' . $trackinstance[$trackname]++;
        }
        $track['$$$' . (int) ($i + $off)] = $trackname . $inc;
        $track[$trackname . $inc] = $value;
        if ($customTrackingID != '') {
            $track['$$$' . $customTrackingID] = $trackname . $inc;
        }
    }
    ###  for
    ###  assemble text & html email
    $r = formatEmail($track, $no);
    $formdata = $r['text'];
    $htmlformdata = $r['html'];
    ###
    ###  record:
    ###
    $subID = $isTAF == '2' && $track['send2author'] != '1' ? 'noid' : write_tracking_record($no, $field_email);
    ###
    ###  allow the user to use form data for other apps
    ###
    $trackf['id'] = $no;
    $trackf['data'] = $track;
    if (function_exists('my_cforms_action')) {
        my_cforms_action($trackf);
    }
    ###  Catch WP-Comment function | if send2author just continue
    if ($isAjaxWPcomment !== false && $track['send2author'] == '0') {
        require_once dirname(__FILE__) . '/lib_WPcomment.php';
        ###  Catch WP-Comment function: error
        if (!$WPsuccess) {
            return $segments[0] . '*$#' . substr($cformsSettings['form' . $no]['cforms' . $no . '_popup'], 1, 1) . $WPresp . '|---';
        }
    }
    ### Catch WP-Comment function
    ###  multiple recipients? and to whom is the email sent? to_one = picked recip.
    if ($isAjaxWPcomment !== false && $track['send2author'] == '1') {
        $to = $wpdb->get_results("SELECT U.user_email FROM {$wpdb->users} as U, {$wpdb->posts} as P WHERE P.ID = {$Ajaxpid} AND U.ID=P.post_author");
        $to = $replyto = $to[0]->user_email != '' ? $to[0]->user_email : $replyto;
    } else {
        if (!($to_one != -1 && $to != '')) {
            $to = $replyto = preg_replace(array('/;|#|\\|/'), array(','), stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_email']));
        }
    }
    ### from
    $frommail = check_cust_vars(stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_fromemail']), $track, $no);
    ###  T-A-F override?
    if ($isTAF == '1' && $taf_youremail && $taf_friendsemail) {
        $replyto = "\"{$taf_yourname}\" <{$taf_youremail}>";
    }
    ### logic: dynamic admin email address
    if (function_exists('my_cforms_logic')) {
        $to = my_cforms_logic($trackf, $to, 'adminTO');
    }
    ### use trackf!
    ### either use configured subject or user determined
    $vsubject = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_subject']);
    $vsubject = check_default_vars($vsubject, $no);
    $vsubject = check_cust_vars($vsubject, $track, $no);
    ###  prep message text, replace variables
    $message = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_header']);
    if (function_exists('my_cforms_logic')) {
        $message = my_cforms_logic($trackf, $message, 'adminEmailTXT');
    }
    $message = check_default_vars($message, $no);
    $message = check_cust_vars($message, $track, $no);
    ###  actual user message
    $htmlmessage = '';
    if (substr($cformsSettings['form' . $no]['cforms' . $no . '_formdata'], 2, 1) == '1') {
        $htmlmessage = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_header_html']);
        if (function_exists('my_cforms_logic')) {
            $htmlmessage = my_cforms_logic($trackf, $htmlmessage, 'adminEmailHTML');
        }
        $htmlmessage = check_default_vars($htmlmessage, $no);
        $htmlmessage = check_cust_vars($htmlmessage, $track, $no);
    }
    $mail = new cf_mail($no, $frommail, $to, $field_email, true);
    $mail->subj = $vsubject;
    $mail->char_set = 'utf-8';
    ### HTML email
    if ($mail->html_show) {
        $mail->is_html(true);
        $mail->body = "<html>" . $mail->eol . "<body>" . $htmlmessage . ($mail->f_html ? $mail->eol . $htmlformdata : '') . $mail->eol . "</body></html>" . $mail->eol;
        $mail->body_alt = $message . ($mail->f_txt ? $mail->eol . $formdata : '');
    } else {
        $mail->body = $message . ($mail->f_txt ? $mail->eol . $formdata : '');
    }
    ###  SMTP server or native PHP mail() ?
    if ($cformsSettings['form' . $no]['cforms' . $no . '_emailoff'] == '1' || $WPsuccess && $cformsSettings['form' . $no]['cforms' . $no . '_tellafriend'] != '21') {
        $sentadmin = 1;
    } else {
        if ($smtpsettings[0] == '1') {
            $sentadmin = cforms_phpmailer($no, $frommail, $field_email, $to, $vsubject, $message, $formdata, $htmlmessage, $htmlformdata);
        } else {
            $sentadmin = $mail->send();
        }
    }
    if ($sentadmin == 1) {
        ###  send copy or notification?
        if ($cformsSettings['form' . $no]['cforms' . $no . '_confirm'] == '1' && $field_email != '' || $ccme && $trackf[$ccme] != '-') {
            $frommail = check_cust_vars(stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_fromemail']), $track, $no);
            ###  actual user message
            $cmsg = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_cmsg']);
            if (function_exists('my_cforms_logic')) {
                $cmsg = my_cforms_logic($trackf, $cmsg, 'autoConfTXT');
            }
            $cmsg = check_default_vars($cmsg, $no);
            $cmsg = check_cust_vars($cmsg, $track, $no);
            ###  HTML text
            $cmsghtml = '';
            if (substr($cformsSettings['form' . $no]['cforms' . $no . '_formdata'], 3, 1) == '1') {
                $cmsghtml = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_cmsg_html']);
                if (function_exists('my_cforms_logic')) {
                    $cmsghtml = my_cforms_logic($trackf, $cmsghtml, 'autoConfHTML');
                }
                $cmsghtml = check_default_vars($cmsghtml, $no);
                $cmsghtml = check_cust_vars($cmsghtml, $track, $no);
            }
            ### subject
            $subject2 = stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_csubject']);
            $subject2 = check_default_vars($subject2, $no);
            $subject2 = check_cust_vars($subject2, $track, $no);
            ###  different cc & ac subjects?
            $s = explode('$#$', $subject2);
            $s[1] = $s[1] != '' ? $s[1] : $s[0];
            ###  email tracking via 3rd party?
            ###  if in Tell-A-Friend Mode, then overwrite header stuff...
            if ($taf_youremail && $taf_friendsemail && $isTAF == '1') {
                $field_email = "\"{$taf_friendsname}\" <{$taf_friendsemail}>";
            } else {
                $field_email = $cformsSettings['form' . $no]['cforms' . $no . '_tracking'] != '' ? $field_email . $cformsSettings['form' . $no]['cforms' . $no . '_tracking'] : $field_email;
            }
            $mail = new cf_mail($no, $frommail, $field_email, $replyto);
            ### auto conf attachment?
            $a = $cformsSettings['form' . $no]['cforms' . $no . '_cattachment'][0];
            $a = substr($a, 0, 1) == '/' ? $a : dirname(__FILE__) . $cformsSettings['global']['cforms_IIS'] . $a;
            if ($a != '' && file_exists($a)) {
                $n = substr($a, strrpos($a, $cformsSettings['global']['cforms_IIS']) + 1, strlen($a));
                $m = getMIME(strtolower(substr($n, strrpos($n, '.') + 1, strlen($n))));
                $mail->add_file($a, $n, 'base64', $m);
                ### optional name
            }
            $mail->char_set = 'utf-8';
            ### CC or auto conf?
            if ($ccme && $trackf[$ccme] != '-') {
                if ($smtpsettings[0] == '1') {
                    $sent = cforms_phpmailer($no, $frommail, $replyto, $field_email, $s[1], $message, $formdata, $htmlmessage, $htmlformdata, 'ac');
                } else {
                    $mail->subj = $s[1];
                    if ($mail->html_show_ac) {
                        $mail->is_html(true);
                        $mail->body = "<html>" . $mail->eol . "<body>" . $htmlmessage . ($mail->f_html ? $mail->eol . $htmlformdata : '') . $mail->eol . "</body></html>" . $mail->eol;
                        $mail->body_alt = $message . ($mail->f_txt ? $mail->eol . $formdata : '');
                    } else {
                        $mail->body = $message . ($mail->f_txt ? $mail->eol . $formdata : '');
                    }
                    $sent = $mail->send();
                }
            } else {
                if ($smtpsettings[0] == '1') {
                    $sent = cforms_phpmailer($no, $frommail, $replyto, $field_email, $s[0], $cmsg, '', $cmsghtml, '', 'ac');
                } else {
                    $mail->subj = $s[0];
                    if ($mail->html_show_ac) {
                        $mail->is_html(true);
                        $mail->body = "<html>" . $mail->eol . "<body>" . $cmsghtml . "</body></html>" . $mail->eol;
                        $mail->body_alt = $cmsg;
                    } else {
                        $mail->body = $cmsg;
                    }
                    $sent = $mail->send();
                }
            }
            if ($sent != '1') {
                $err = __('Error occurred while sending the auto confirmation message: ', 'cforms') . '<br />' . $smtpsettings[0] ? '<br />' . $sent : $mail->ErrorInfo;
                $pre = $segments[0] . '*$#' . substr($cformsSettings['form' . $no]['cforms' . $no . '_popup'], 1, 1);
                return $pre . $err . '|!!!';
            }
        }
        ###  cc
        ###  return success msg
        $pre = $segments[0] . '*$#' . substr($cformsSettings['form' . $no]['cforms' . $no . '_popup'], 0, 1);
        $successMsg = check_default_vars(stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_success']), $no);
        $successMsg = check_cust_vars($successMsg, $track, $no);
        $successMsg = str_replace($mail->eol, '<br />', $successMsg);
        ### logic: possibly change usermessage
        if (function_exists('my_cforms_logic')) {
            $successMsg = my_cforms_logic($trackf, $successMsg, 'successMessage');
        }
        ###  WP-Comment: override
        if ($WPsuccess && $cformsSettings['form' . $no]['cforms' . $no . '_tellafriend'] == '21') {
            $successMsg = $WPresp;
        }
        $opt = '';
        ###  hide?
        if ($cformsSettings['form' . $no]['cforms' . $no . '_hide'] || get_cforms_submission_left($no) == 0) {
            $opt .= '|~~~';
        }
        ###  redirect to a different page on suceess?
        if ($cformsSettings['form' . $no]['cforms' . $no . '_redirect']) {
            if (function_exists('my_cforms_logic')) {
                $red = my_cforms_logic($trackf, $cformsSettings['form' . $no]['cforms' . $no . '_redirect_page'], 'redirection');
                if ($red != '') {
                    $opt .= '|>>>' . $red;
                }
                ### use trackf!
            } else {
                $opt .= '|>>>' . $cformsSettings['form' . $no]['cforms' . $no . '_redirect_page'];
            }
        }
        return $pre . $successMsg . $opt;
    } else {
        ###  no admin mail sent!
        ###  return error msg
        $err = __('Error occurred while sending the message: ', 'cforms') . '<br />' . $smtpsettings[0] ? '<br />' . $sentadmin : $mail->ErrorInfo;
        $pre = $segments[0] . '*$#' . substr($cformsSettings['form' . $no]['cforms' . $no . '_popup'], 1, 1);
        return $pre . $err . '|!!!';
    }
}
コード例 #4
0
ファイル: cforms.php プロジェクト: prabhu/desistartups
function cforms($args = '', $no = '')
{
    global $smtpsettings, $styles, $subID, $cforms_root, $wpdb, $track, $wp_db_version;
    //Safety, in case someone uses '1' for the default form
    $no = $no == '1' ? '' : $no;
    parse_str($args, $r);
    // parse all args, and if not specified, initialize to defaults
    //custom fields support
    if (!(strpos($no, '+') === false)) {
        $no = substr($no, 0, -1);
        $customfields = build_fstat($args);
        $field_count = count($customfields);
        $custom = true;
    } else {
        $custom = false;
        $field_count = get_option('cforms' . $no . '_count_fields');
    }
    $content = '';
    $err = 0;
    $filefield = 0;
    ### for multiple file upload fields
    $validations = array();
    $all_valid = 1;
    $off = 0;
    $fieldsetnr = 1;
    $c_errflag = false;
    $custom_error = '';
    $usermessage_class = '';
    ### ??? check for WP2.0.2
    if ($wp_db_version >= 3440 && function_exists('wp_get_current_user')) {
        $user = wp_get_current_user();
    }
    if (isset($_REQUEST['sendbutton' . $no])) {
        /* alternative sending: both events r ok!  */
        require_once dirname(__FILE__) . '/lib_nonajax.php';
        $usermessage_class = $all_valid ? ' success' : ' failure';
    }
    if (get_option('cforms' . $no . '_tellafriend') == '2' && $send2author) {
        ### called from lib_WPcomments ?
        return $all_valid;
    }
    ###
    ### paint form
    ###
    $success = false;
    if (isset($_GET['cfemail']) && get_option('cforms' . $no . '_tellafriend') == '2') {
        ###  fix for WP Comment (loading after redirect)
        $usermessage_class = ' success';
        $success = true;
        if ($_GET['cfemail'] == 'sent') {
            $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms' . $no . '_success')));
        } elseif ($_GET['cfemail'] == 'posted') {
            $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms_commentsuccess')));
        }
    }
    $break = '<br />';
    $nl = "\n";
    $tab = "\t";
    $tt = "\t\t";
    $ntt = "\n\t\t";
    $nttt = "\n\t\t\t";
    ### either show message above or below
    $usermessage_text = check_default_vars($usermessage_text, $no);
    $usermessage_text = check_cust_vars($usermessage_text, $track, $no);
    if (substr(get_option('cforms' . $no . '_showpos'), 0, 1) == 'y') {
        $content .= $ntt . '<div id="usermessage' . $no . 'a" class="cf_info' . $usermessage_class . '">' . $usermessage_text . '</div>';
        $actiontarget = 'a';
    } else {
        if (substr(get_option('cforms' . $no . '_showpos'), 1, 1) == 'y') {
            $actiontarget = 'b';
        }
    }
    ### redirect == 2 : hide form?    || or if max entries reached!
    if (get_option('cforms' . $no . '_redirect') == 2 && isset($_REQUEST['sendbutton' . $no]) && $all_valid) {
        return $content;
    } else {
        if (get_option('cforms' . $no . '_maxentries') != '' && get_cforms_submission_left($no) == 0) {
            if ($cflimit == "reached") {
                return stripslashes(get_option('cforms' . $no . '_limittxt'));
            } else {
                return $content . stripslashes(get_option('cforms' . $no . '_limittxt'));
            }
        }
    }
    ### alternative form action
    $alt_action = false;
    if (get_option('cforms' . $no . '_action') == '1') {
        $action = get_option('cforms' . $no . '_action_page');
        $alt_action = true;
    } else {
        if (get_option('cforms' . $no . '_tellafriend') == '2') {
            $action = $cforms_root . '/lib_WPcomment.php';
        } else {
            $action = $_SERVER['REQUEST_URI'] . '#usermessage' . $no . $actiontarget;
        }
    }
    $content .= $ntt . '<form enctype="multipart/form-data" action="' . $action . '" method="post" class="cform" id="cforms' . $no . 'form">' . $nl;
    ### start with no fieldset
    $fieldsetopen = false;
    $verification = false;
    $captcha = false;
    $upload = false;
    $fscount = 1;
    $ol = false;
    for ($i = 1; $i <= $field_count; $i++) {
        if (!$custom) {
            $field_stat = explode('$#$', get_option('cforms' . $no . '_count_field_' . $i));
        } else {
            $field_stat = explode('$#$', $customfields[$i - 1]);
        }
        $field_name = $field_stat[0];
        $field_type = $field_stat[1];
        $field_required = $field_stat[2];
        $field_emailcheck = $field_stat[3];
        $field_clear = $field_stat[4];
        $field_disabled = $field_stat[5];
        $field_readonly = $field_stat[6];
        ### ommit certain fields
        if (in_array($field_type, array('cauthor', 'url', 'email')) && $user->ID) {
            continue;
        }
        ### check for custom err message and split field_name
        $obj = explode('|err:', $field_name, 2);
        $fielderr = $obj[1];
        if ($fielderr != '') {
            switch ($field_type) {
                case 'upload':
                    $custom_error .= 'cf_uploadfile' . $no . '-' . $i . '$#$' . $fielderr . '|';
                    break;
                case 'captcha':
                    $custom_error .= 'cforms_captcha' . $no . '$#$' . $fielderr . '|';
                    break;
                case 'verification':
                    $custom_error .= 'cforms_q' . $no . '$#$' . $fielderr . '|';
                    break;
                case "cauthor":
                case "url":
                case "email":
                case "comment":
                    $custom_error .= $field_type . '$#$' . $fielderr . '|';
                    break;
                default:
                    preg_match('/^([^#\\|]*).*/', $field_name, $input_name);
                    $custom_error .= get_option('cforms' . $no . '_customnames') == '1' ? str_replace(' ', '_', $input_name[1]) : 'cf' . $no . '_field_' . $i;
                    $custom_error .= '$#$' . $fielderr . '|';
                    break;
            }
        }
        ### check for title attrib
        $obj = explode('|title:', $obj[0], 2);
        $fieldTitle = $obj[1] != '' ? ' title="' . str_replace('"', '&quot;', stripslashes($obj[1])) . '"' : '';
        ### special treatment for selectboxes
        if (in_array($field_type, array('multiselectbox', 'selectbox', 'radiobuttons', 'send2author', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox'))) {
            $options = explode('#', stripslashes($obj[0]));
            $field_name = $options[0];
        }
        ### check if fieldset is open
        if (!$fieldsetopen && !$ol && $field_type != 'fieldsetstart') {
            $content .= $tt . '<ol class="cf-ol">';
            $ol = true;
        }
        $labelclass = '';
        ### visitor verification
        if (!$verification && $field_type == 'verification') {
            srand(microtime() * 1000003);
            $qall = explode("\r\n", get_option('cforms_sec_qa'));
            $n = rand(0, count(array_keys($qall)) - 1);
            $q = $qall[$n];
            $q = explode('=', $q);
            ### q[0]=qestion  q[1]=answer
            $field_name = stripslashes(htmlspecialchars($q[0]));
            $labelclass = ' class="secq"';
        } else {
            if ($field_type == 'captcha') {
                $labelclass = ' class="seccap"';
            }
        }
        $defaultvalue = '';
        ### setting the default val & regexp if it exists
        if (!in_array($field_type, array('fieldsetstart', 'fieldsetend', 'radiobuttons', 'send2author', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox', 'multiselectbox', 'selectbox', 'verification'))) {
            ### check if default val & regexp are set
            $obj = explode('|', $obj[0], 3);
            if ($obj[2] != '') {
                $reg_exp = str_replace('"', '&quot;', stripslashes($obj[2]));
            } else {
                $reg_exp = '';
            }
            if ($obj[1] != '') {
                $defaultvalue = str_replace('"', '&quot;', check_default_vars(stripslashes($obj[1]), $no));
            }
            $field_name = $obj[0];
        }
        ### Label ID's
        $labelIDx = '';
        $labelID = get_option('cforms_labelID') == '1' ? ' id="label-' . $no . '-' . $i . '"' : '';
        ### <li> ID's
        $liID = get_option('cforms_liID') == '1' || substr(get_option('cforms' . $no . '_showpos'), 2, 1) == "y" || substr(get_option('cforms' . $no . '_showpos'), 3, 1) == "y" ? ' id="li-' . $no . '-' . $i . '"' : '';
        ### input field names & label
        if (get_option('cforms' . $no . '_customnames') == '1') {
            if (strpos($field_name, '[id:') !== false) {
                $idPartA = strpos($field_name, '[id:');
                $idPartB = strpos($field_name, ']', $idPartA);
                $input_id = $input_name = str_replace(' ', '_', substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4));
                $field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
            } else {
                $input_id = $input_name = str_replace(' ', '_', $field_name);
            }
        } else {
            $input_id = $input_name = 'cf' . $no . '_field_' . $i;
        }
        $field_class = '';
        switch ($field_type) {
            case 'verification':
                $input_id = $input_name = 'cforms_q' . $no;
                break;
            case 'captcha':
                $input_id = $input_name = 'cforms_captcha' . $no;
                break;
            case 'upload':
                $input_id = $input_name = 'cf_uploadfile' . $no . '-' . $i;
                $field_class = 'upload';
                break;
            case "send2author":
            case "email":
            case "cauthor":
            case "url":
                $input_id = $input_name = $field_type;
            case "datepicker":
            case "yourname":
            case "youremail":
            case "friendsname":
            case "friendsemail":
            case "textfield":
            case "pwfield":
                $field_class = 'single';
                break;
            case "hidden":
                $field_class = 'hidden';
                break;
            case 'comment':
                $input_id = $input_name = $field_type;
                $field_class = 'area';
                break;
            case 'textarea':
                $field_class = 'area';
                break;
        }
        ### additional field classes
        if ($field_disabled) {
            $field_class .= ' disabled';
        }
        if ($field_readonly) {
            $field_class .= ' readonly';
        }
        if ($field_emailcheck) {
            $field_class .= ' fldemail';
        }
        if ($field_required) {
            $field_class .= ' fldrequired';
        }
        $field_value = '';
        ### pre-populating fields...
        if (!isset($_REQUEST['sendbutton' . $no]) && isset($_GET[$input_name])) {
            $field_value = $_REQUEST[$input_name];
        }
        ### an error ocurred:
        $liERR = $insertErr = '';
        if (!$all_valid) {
            if ($validations[$i] == 1) {
                $field_class .= '';
            } else {
                $field_class .= ' cf_error';
                ### enhanced error display
                if (substr(get_option('cforms' . $no . '_showpos'), 2, 1) == "y") {
                    $liERR = ' class="cf_li_err"';
                }
                if (substr(get_option('cforms' . $no . '_showpos'), 3, 1) == "y") {
                    $insertErr = $fielderr != '' ? '<ul class="cf_li_text_err"><li>' . stripslashes($fielderr) . '</li></ul>' : '';
                }
            }
            if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
                $field_value = $_REQUEST[$input_name];
                ### in this case it's an array! will do the stripping later
            } else {
                $field_value = str_replace('"', '&quot;', stripslashes($_REQUEST[$input_name]));
            }
        }
        ### print label only for non "textonly" fields! Skip some others too, and handle them below indiv.
        if (!in_array($field_type, array('hidden', 'textonly', 'fieldsetstart', 'fieldsetend', 'ccbox', 'checkbox', 'checkboxgroup', 'send2author', 'radiobuttons'))) {
            $content .= $nttt . '<li' . $liID . $liERR . '>' . $insertErr . '<label' . $labelID . ' for="' . $input_id . '"' . $labelclass . '><span>' . stripslashes($field_name) . '</span></label>';
        }
        if ($field_value == '' && $defaultvalue != '') {
            ### if not reloaded (due to err) then use default values
            $field_value = $defaultvalue;
        }
        ### field disabled or readonly, greyed out?
        $disabled = $field_disabled ? ' disabled="disabled"' : '';
        $readonly = $field_readonly ? ' readonly="readonly"' : '';
        $dp = '';
        $naming = false;
        $field = '';
        switch ($field_type) {
            case "upload":
                $upload = true;
                ### set upload flag for ajax suppression!
                $field = '<input' . $readonly . $disabled . ' type="file" name="cf_uploadfile' . $no . '[]" id="cf_uploadfile' . $no . '-' . $i . '" class="cf_upload ' . $field_class . '"' . $fieldTitle . '/>';
                break;
            case "textonly":
                $field .= $nttt . '<li' . $liID . ' class="textonly' . ($defaultvalue != '' ? ' ' . $defaultvalue : '') . '"' . ($reg_exp != '' ? ' style="' . $reg_exp . '" ' : '') . '>' . stripslashes($field_name) . '</li>';
                break;
            case "fieldsetstart":
                if ($fieldsetopen) {
                    $field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
                    $fieldsetopen = false;
                    $ol = false;
                }
                if (!$fieldsetopen) {
                    if ($ol) {
                        $field = $ntt . '</ol>' . $nl;
                    }
                    $field .= $tt . '<fieldset class="cf-fs' . $fscount++ . '">' . $nl . $tt . '<legend>' . stripslashes($field_name) . '</legend>' . $nl . $tt . '<ol class="cf-ol">';
                    $fieldsetopen = true;
                    $ol = true;
                }
                break;
            case "fieldsetend":
                if ($fieldsetopen) {
                    $field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
                    $fieldsetopen = false;
                    $ol = false;
                } else {
                    $field = '';
                }
                break;
            case "verification":
                $field = '<input type="text" name="' . $input_name . '" id="cforms_q' . $no . '" class="secinput ' . $field_class . '" value=""' . $fieldTitle . '/>';
                $verification = true;
                break;
            case "captcha":
                $_SESSION['turing_string_' . $no] = rc();
                $field = '<input type="text" name="' . $input_name . '" id="cforms_captcha' . $no . '" class="secinput' . $field_class . '" value=""' . $fieldTitle . '/>' . '<img id="cf_captcha_img' . $no . '" class="captcha" src="' . $cforms_root . '/cforms-captcha.php?ts=' . $no . get_captcha_uri() . '" alt=""/>' . '<a title="' . __('reset captcha image', 'cforms') . '" href="javascript:reset_captcha(\'' . $no . '\')"><img class="captcha-reset" src="' . $cforms_root . '/images/spacer.gif" alt="Captcha"/></a>';
                $captcha = true;
                break;
            case "cauthor":
            case "url":
            case "email":
            case "datepicker":
            case "yourname":
            case "youremail":
            case "friendsname":
            case "friendsemail":
            case "textfield":
            case "pwfield":
                $type = $field_type == 'pwfield' ? 'password' : 'text';
                $field_class = $field_type == 'datepicker' ? $field_class . ' cf_date' : $field_class;
                $onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
                $field = '<input' . $readonly . $disabled . ' type="' . $type . '" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '" value="' . $field_value . '"' . $onfocus . $fieldTitle . '/>';
                if ($reg_exp != '') {
                    $field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
                }
                $field .= $dp;
                break;
            case "hidden":
                preg_match_all('/\\{([^\\{]+)\\}/', $field_value, $findall);
                if (count($findall[1]) > 0) {
                    $allfields = get_post_custom(get_the_ID());
                    foreach ($findall[1] as $fvar) {
                        if ($allfields[$fvar][0] != '') {
                            $field_value = str_replace('{' . $fvar . '}', $allfields[$fvar][0], $field_value);
                        }
                    }
                }
                if (preg_match('/^<([a-zA-Z0-9]+)>$/', $field_value, $getkey)) {
                    $field_value = $_GET[$getkey[1]];
                }
                $field .= $nttt . '<li class="cf_hidden"><input type="hidden" class="cfhidden" name="' . $input_name . '" id="' . $input_id . '" value="' . $field_value . '"' . $fieldTitle . '/></li>';
                break;
            case "comment":
                $onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
                $field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="comment" id="comment" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
                if ($reg_exp != '') {
                    $field .= '<input type="hidden" name="comment" id="comment_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
                }
                break;
            case "textarea":
                $onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
                $field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
                if ($reg_exp != '') {
                    $field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
                }
                break;
            case "ccbox":
            case "checkbox":
                $err = '';
                if (!$all_valid && $validations[$i] != 1) {
                    $err = ' cf_errortxt';
                }
                if ($options[1] != '') {
                    $opt = explode('|', $options[1], 2);
                    $before = '<li' . $liID . $liERR . '>' . $insertErr;
                    $after = '<label' . $labelID . ' for="' . $input_id . '" class="cf-after' . $err . '"><span>' . $opt[0] . '</span></label></li>';
                    $ba = 'a';
                } else {
                    $opt = explode('|', $field_name, 2);
                    $before = '<li' . $liID . $liERR . '>' . $insertErr . '<label' . $labelID . ' for="' . $input_name . '" class="cf-before' . $err . '"><span>' . $opt[0] . '</span></label>';
                    $after = '</li>';
                    $ba = 'b';
                }
                ### if | val provided, then use "X"
                $val = $opt[1] != '' ? ' value="' . $opt[1] . '"' : '';
                $field = $nttt . $before . '<input' . $readonly . $disabled . ' type="checkbox" name="' . $input_name . '" id="' . $input_id . '" class="cf-box-' . $ba . $field_class . '"' . ($field_value ? ' checked="checked"' : '') . $val . $fieldTitle . '/>' . $after;
                break;
            case "checkboxgroup":
                $liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
                array_shift($options);
                $field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
                $id = 1;
                $j = 0;
                foreach ($options as $option) {
                    ### supporting names & values
                    $opt = explode('|', $option, 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    $checked = '';
                    if ($opt[1] == stripslashes($field_value[$j])) {
                        $checked = 'checked="checked"';
                        $j++;
                    }
                    if ($labelID != '') {
                        $labelIDx = substr($labelID, 0, -1) . $id . '"';
                    }
                    if ($opt[0] == '') {
                        $field .= $nttt . $tab . '<br />';
                    } else {
                        $field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="checkbox" id="' . $input_id . '-' . $id . '" name="' . $input_name . '[]" value="' . $opt[1] . '" ' . $checked . ' class="cf-box-b"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . $id++ . '" class="cf-group-after"><span>' . $opt[0] . "</span></label>";
                    }
                }
                $field .= $nttt . '</li>';
                break;
            case "multiselectbox":
                ### $field .= $nttt . '<li><label ' . $labelID . ' for="'.$input_name.'"'. $labelclass . '><span>' . stripslashes(($field_name)) . '</span></label>';
                $field .= '<select' . $readonly . $disabled . ' multiple="multiple" name="' . $input_name . '[]" id="' . $input_id . '" class="cfselectmulti ' . $field_class . '"' . $fieldTitle . '>';
                array_shift($options);
                $second = false;
                $j = 0;
                foreach ($options as $option) {
                    ### supporting names & values
                    $opt = explode('|', $option, 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    $checked = '';
                    if ($opt[1] == stripslashes(htmlspecialchars($field_value[$j]))) {
                        $checked = ' selected="selected"';
                        $j++;
                    }
                    $field .= $nttt . $tab . '<option value="' . str_replace('"', '&quot;', $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
                    $second = true;
                }
                $field .= $nttt . '</select>';
                break;
            case "emailtobox":
            case "selectbox":
                $field = '<select' . $readonly . $disabled . ' name="' . $input_name . '" id="' . $input_id . '" class="cformselect' . $field_class . '" ' . $fieldTitle . '>';
                array_shift($options);
                $jj = $j = 0;
                $second = false;
                foreach ($options as $option) {
                    ### supporting names & values
                    $opt = explode('|', $option, 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    ### email-to-box valid entry?
                    if ($field_type == 'emailtobox' && $opt[1] != '-') {
                        $jj = $j++;
                    } else {
                        $jj = '-';
                    }
                    $checked = '';
                    if ($field_value == '' || $field_value == '-') {
                        if (!$second) {
                            $checked = ' selected="selected"';
                        }
                    } else {
                        if ($opt[1] == $field_value || $jj == $field_value) {
                            $checked = ' selected="selected"';
                        }
                    }
                    $field .= $nttt . $tab . '<option value="' . ($field_type == 'emailtobox' ? $jj : $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
                    $second = true;
                }
                $field .= $nttt . '</select>';
                break;
            case "send2author":
            case "radiobuttons":
                $liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
                ### only if label ID's active
                array_shift($options);
                $field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
                $second = false;
                $id = 1;
                foreach ($options as $option) {
                    $checked = '';
                    ### supporting names & values
                    $opt = explode('|', $option, 2);
                    if ($opt[1] == '') {
                        $opt[1] = $opt[0];
                    }
                    if ($field_value == '') {
                        if (!$second) {
                            $checked = ' checked="checked"';
                        }
                    } else {
                        if ($opt[1] == $field_value) {
                            $checked = ' checked="checked"';
                        }
                    }
                    if ($labelID != '') {
                        $labelIDx = substr($labelID, 0, -1) . $id . '"';
                    }
                    if ($opt[0] == '') {
                        $field .= $nttt . $tab . '<br />';
                    } else {
                        $field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="radio" id="' . $input_id . '-' . $id . '" name="' . $input_name . '" value="' . $opt[1] . '"' . $checked . ' class="cf-box-b' . ($second ? ' cformradioplus' : '') . '"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . $id++ . '" class="cf-after"><span>' . $opt[0] . "</span></label>";
                    }
                    $second = true;
                }
                $field .= $nttt . '</li>';
                break;
        }
        ### add new field
        $content .= $field;
        ### adding "required" text if needed
        if ($field_emailcheck == 1) {
            $content .= '<span class="emailreqtxt">' . stripslashes(get_option('cforms' . $no . '_emailrequired')) . '</span>';
        } else {
            if ($field_required == 1 && $field_type != 'checkbox') {
                $content .= '<span class="reqtxt">' . stripslashes(get_option('cforms' . $no . '_required')) . '</span>';
            }
        }
        ### close out li item
        if (!in_array($field_type, array('hidden', 'fieldsetstart', 'fieldsetend', 'radiobuttons', 'checkbox', 'checkboxgroup', 'ccbox', 'textonly', 'send2author'))) {
            $content .= '</li>';
        }
    }
    ### all fields
    if ($ol) {
        $content .= $ntt . '</ol>';
    }
    if ($fieldsetopen) {
        $content .= $ntt . '</fieldset>';
    }
    ### rest of the form
    if (get_option('cforms' . $no . '_ajax') == '1' && !$upload && !$custom && !$alt_action) {
        $ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', false)"';
    } else {
        if (($upload || $custom || $alt_action) && get_option('cforms' . $no . '_ajax') == '1') {
            $ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', true)"';
        } else {
            $ajaxenabled = '';
        }
    }
    ### just to appease "strict"
    $content .= $ntt . '<fieldset class="cf_hidden">' . $nttt . '<legend>&nbsp;</legend>';
    ### if visitor verification turned on:
    if ($verification) {
        $content .= $nttt . '<input type="hidden" name="cforms_a' . $no . '" id="cforms_a' . $no . '" value="' . md5(rawurlencode(strtolower($q[1]))) . '"/>';
    }
    if ($captcha) {
        $content .= $nttt . '<input type="hidden" name="cforms_cap' . $no . '" id="cforms_cap' . $no . '" value="' . md5($_SESSION['turing_string_' . $no]) . '"/>';
    }
    $custom_error = substr(get_option('cforms' . $no . '_showpos'), 2, 1) . substr(get_option('cforms' . $no . '_showpos'), 3, 1) . substr(get_option('cforms' . $no . '_showpos'), 4, 1) . $custom_error;
    if (get_option('cforms' . $no . '_tellafriend') > 0) {
        if (get_option('cforms' . $no . '_tellafriend') == 2) {
            $nono = '';
        } else {
            $nono = $no;
        }
        $content .= $nttt . '<input type="hidden" name="comment_post_ID' . $nono . '" id="comment_post_ID' . $nono . '" value="' . (isset($_GET['pid']) ? $_GET['pid'] : get_the_ID()) . '"/>' . $nttt . '<input type="hidden" name="cforms_pl' . $no . '" id="cforms_pl' . $no . '" value="' . (isset($_GET['pid']) ? get_permalink($_GET['pid']) : get_permalink()) . '"/>';
    }
    $content .= $nttt . '<input type="hidden" name="cf_working' . $no . '" id="cf_working' . $no . '" value="' . rawurlencode(get_option('cforms' . $no . '_working')) . '"/>' . $nttt . '<input type="hidden" name="cf_failure' . $no . '" id="cf_failure' . $no . '" value="' . rawurlencode(get_option('cforms' . $no . '_failure')) . '"/>' . $nttt . '<input type="hidden" name="cf_codeerr' . $no . '" id="cf_codeerr' . $no . '" value="' . rawurlencode(get_option('cforms_codeerr')) . '"/>' . $nttt . '<input type="hidden" name="cf_customerr' . $no . '" id="cf_customerr' . $no . '" value="' . rawurlencode($custom_error) . '"/>' . $nttt . '<input type="hidden" name="cf_popup' . $no . '" id="cf_popup' . $no . '" value="' . get_option('cforms' . $no . '_popup') . '"/>';
    $content .= $ntt . '</fieldset>';
    $content .= $ntt . '<p class="cf-sb"><input type="submit" name="sendbutton' . $no . '" id="sendbutton' . $no . '" class="sendbutton" value="' . get_option('cforms' . $no . '_submit_text') . '"' . $ajaxenabled . '/></p>';
    $content .= $ntt . '</form>';
    ### link love? you bet ;)
    $content .= $ntt . '<p class="linklove" id="ll' . $no . '"><a href="http://www.deliciousdays.com/cforms-plugin"><em>cforms</em> contact form by delicious:days</a></p>';
    ### either show message above or below
    $usermessage_text = check_default_vars($usermessage_text, $no);
    $usermessage_text = check_cust_vars($usermessage_text, $track, $no);
    if (substr(get_option('cforms' . $no . '_showpos'), 1, 1) == 'y' && !($success && get_option('cforms' . $no . '_redirect') == 2)) {
        $content .= $tt . '<div id="usermessage' . $no . 'b" class="cf_info ' . $usermessage_class . '" >' . $usermessage_text . '</div>' . $nl;
    }
    return $content;
}
コード例 #5
0
ファイル: lib_ajax.php プロジェクト: prabhu/desistartups
function cforms_submitcomment($content)
{
    global $wpdb, $subID, $styles, $smtpsettings, $track, $Ajaxpid, $AjaxURL, $wp_locale;
    $isAjaxWPcomment = strpos($content, '***');
    // WP comment feature
    $content = explode('***', $content);
    $content = $content[0];
    $content = explode('+++', $content);
    // Added special fields
    $Ajaxpid = $content[1];
    $AjaxURL = $content[2];
    $segments = explode('$#$', $content[0]);
    $params = array();
    $sep = strpos(__FILE__, '/') === false ? '\\' : '/';
    $WPpluggable = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), 'wp-content')) . 'wp-includes' . $sep . 'pluggable.php';
    if (file_exists($WPpluggable)) {
        require_once $WPpluggable;
    }
    $CFfunctions = dirname(__FILE__) . $sep . 'my-functions.php';
    if (file_exists($CFfunctions)) {
        include_once $CFfunctions;
    }
    if (function_exists('wp_get_current_user')) {
        $user = wp_get_current_user();
    }
    for ($i = 1; $i <= sizeof($segments); $i++) {
        $params['field_' . $i] = $segments[$i];
    }
    // fix reference to first form
    if ($segments[0] == '1') {
        $params['id'] = $no = '';
    } else {
        $params['id'] = $no = $segments[0];
    }
    // user filter ?
    if (function_exists('my_cforms_ajax_filter')) {
        $params = my_cforms_ajax_filter($params);
    }
    // init variables
    $formdata = '';
    $htmlformdata = '';
    $track = array();
    $trackinstance = array();
    $to_one = "-1";
    $ccme = false;
    $field_email = '';
    $off = 0;
    $fieldsetnr = 1;
    $taf_youremail = false;
    $taf_friendsemail = false;
    // form limit reached
    if (get_option('cforms' . $no . '_maxentries') != '' && get_cforms_submission_left($no) == 0) {
        $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 0, 1);
        return $pre . preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms' . $no . '_limittxt'))) . $hide;
    }
    //space for pre formatted text layout
    $customspace = (int) (get_option('cforms' . $no . '_space') > 0) ? get_option('cforms' . $no . '_space') : 30;
    for ($i = 1; $i <= sizeof($params) - 2; $i++) {
        $field_stat = explode('$#$', get_option('cforms' . $no . '_count_field_' . ((int) $i + (int) $off)));
        // filter non input fields
        while (in_array($field_stat[1], array('fieldsetstart', 'fieldsetend', 'textonly'))) {
            if ($field_stat[1] != 'textonly') {
                // include and make only fieldsets pretty!
                //just for email looks
                $space = '-';
                $n = ($customspace * 2 + 2 - strlen($field_stat[0])) / 2;
                $n = $n < 0 ? 0 : $n;
                if (strlen($field_stat[0]) < $customspace * 2 - 2) {
                    $space = str_repeat("-", $n);
                }
                $formdata .= substr("\n{$space}" . stripslashes($field_stat[0]) . "{$space}", 0, $customspace * 2) . "\n\n";
                $htmlformdata .= '<tr><td class=3D"fs-td" colspan=3D"2">' . $field_stat[0] . '</td></tr>';
                if ($field_stat[1] == 'fieldsetstart') {
                    $track['$$$' . ((int) $i + (int) $off)] = 'Fieldset' . $fieldsetnr;
                    $track['Fieldset' . $fieldsetnr++] = $field_stat[0];
                }
            }
            //get next in line...
            $off++;
            $field_stat = explode('$#$', get_option('cforms' . $no . '_count_field_' . ((int) $i + (int) $off)));
            if ($field_stat[1] == '') {
                break 2;
            }
            // all fields searched, break both while & for
        }
        // filter all redundant WP comment fields if user is logged in
        while (in_array($field_stat[1], array('cauthor', 'email', 'url')) && $user->ID) {
            switch ($field_stat[1]) {
                case 'cauthor':
                    $track['cauthor'] = $user->display_name;
                    $track['$$$' . ((int) $i + (int) $off)] = 'cauthor';
                    break;
                case 'email':
                    $track['email'] = $field_email = $user->user_email;
                    $track['$$$' . ((int) $i + (int) $off)] = 'email';
                    break;
                case 'url':
                    $track['url'] = $user->user_url;
                    $track['$$$' . ((int) $i + (int) $off)] = 'url';
                    break;
            }
            $formdata .= stripslashes($field_stat[1]) . ': ' . $space . $track[$field_stat[1]] . "\n";
            $htmlformdata .= '<tr><td class=3D"data-td">' . $field_stat[1] . '</td><td>' . $track[$field_stat[1]] . '</td></tr>';
            $off++;
            $field_stat = explode('$#$', get_option('cforms' . $no . '_count_field_' . ((int) $i + (int) $off)));
            if ($field_stat[1] == '') {
                break 2;
            }
            // all fields searched, break both while & for
        }
        $field_name = $field_stat[0];
        $field_type = $field_stat[1];
        ### remove [id: ] first
        if (strpos($field_name, '[id:') !== false) {
            $idPartA = strpos($field_name, '[id:');
            $idPartB = strpos($field_name, ']', $idPartA);
            $customTrackingID = substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4);
            $field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
        } else {
            $customTrackingID = '';
        }
        // check if fields needs to be cleared
        $obj = explode('|', $field_name, 3);
        $defaultval = stripslashes($obj[1]);
        if ($params['field_' . $i] == $defaultval && $field_stat[4] == '1') {
            $params['field_' . $i] = '';
        }
        // strip out default value
        $field_name = $obj[0];
        // special WP comment fields
        if (in_array($field_stat[1], array('cauthor', 'email', 'url', 'comment', 'send2author'))) {
            $field_name = $field_stat[1];
            if ($field_stat[1] == 'email') {
                $field_email = $params['field_' . $i];
            }
        }
        // special Tell-A-Friend fields
        if ($taf_friendsemail == '' && $field_type == 'friendsemail' && $field_stat[3] == '1') {
            $field_email = $taf_friendsemail = $params['field_' . $i];
        }
        if ($taf_youremail == '' && $field_type == 'youremail' && $field_stat[3] == '1') {
            $taf_youremail = $params['field_' . $i];
        }
        if ($field_type == 'friendsname') {
            $taf_friendsname = $params['field_' . $i];
        }
        if ($field_type == 'yourname') {
            $taf_yourname = $params['field_' . $i];
        }
        // lets find an email field ("Is Email") and that's not empty!
        if ($field_email == '' && $field_stat[3] == '1') {
            $field_email = $params['field_' . $i];
        }
        // special case: select & radio
        if ($field_type == "multiselectbox" || $field_type == "selectbox" || $field_type == "radiobuttons" || $field_type == "checkboxgroup") {
            $field_name = explode('#', $field_name);
            $field_name = $field_name[0];
        }
        // special case: check box
        if ($field_type == "checkbox" || $field_type == "ccbox") {
            $field_name = explode('#', $field_name);
            $field_name = $field_name[1] == '' ? $field_name[0] : $field_name[1];
            $field_name = explode('|', $field_name);
            $field_name = $field_name[0];
            // if ccbox & checked
            if ($field_type == "ccbox" && $params['field_' . $i] != "-") {
                $ccme = true;
            }
        }
        if ($field_type == "emailtobox") {
            //special case where the value needs to bet get from the DB!
            $field_name = explode('#', $field_stat[0]);
            //can't use field_name, since '|' check earlier
            $to_one = $params['field_' . $i];
            $offset = strpos($field_name[1], '|') === false ? 1 : 2;
            // names come usually right after the label
            $value = $field_name[(int) $to_one + $offset];
            // values start from 0 or after!
            $field_name = $field_name[0];
        } else {
            if (strtoupper(get_option('blog_charset')) != 'UTF-8' && function_exists('mb_convert_encoding')) {
                $value = mb_convert_encoding(utf8_decode(stripslashes($params['field_' . $i])), get_option('blog_charset'));
            } else {
                $value = stripslashes($params['field_' . $i]);
            }
        }
        //only if hidden!
        if ($field_type == 'hidden') {
            $value = rawurldecode($value);
        }
        // Q&A verification
        if ($field_type == "verification") {
            $field_name = __('Q&A', 'cforms');
        }
        //for db tracking
        $inc = '';
        $trackname = trim($field_name);
        if (array_key_exists($trackname, $track)) {
            if ($trackinstance[$trackname] == '') {
                $trackinstance[$trackname] = 2;
            }
            $inc = '___' . $trackinstance[$trackname]++;
        }
        $track['$$$' . (int) ($i + $off)] = $trackname . $inc;
        $track[$trackname . $inc] = $value;
        if ($customTrackingID != '') {
            $track['$$$' . $customTrackingID] = $trackname . $inc;
        }
        //for all equal except textareas!
        $htmlvalue = str_replace("=", "=3D", $value);
        $htmlfield_name = $field_name;
        // just for looks: break for textarea
        if ($field_type == "textarea" || $field_type == "comment") {
            $field_name = "\n" . $field_name;
            $htmlvalue = str_replace(array("=", "\n"), array("=3D", "<br />\n"), $value);
            $value = "\n" . $value . "\n";
        }
        // just for looks:rest
        $space = '';
        if (strlen(stripslashes($field_name)) < $customspace) {
            // don't count ->\"  sometimes adds more spaces?!?
            $space = str_repeat(" ", $customspace - strlen(stripslashes($field_name)));
        }
        // create formdata block for email
        if ($field_stat[1] != 'verification' && $field_stat[1] != 'captcha') {
            $formdata .= stripslashes($field_name) . ': ' . $space . $value . "\n";
            $htmlformdata .= '<tr><td class=3D"data-td">' . $htmlfield_name . '</td><td>' . $htmlvalue . '</td></tr>';
        }
    }
    // for
    // assemble html formdata
    $htmlformdata = '<div class=3D"datablock"><table width=3D"100%" cellpadding=3D"2">' . stripslashes($htmlformdata) . '</table></div><span class=3D"cforms">powered by <a href=3D"http://www.deliciousdays.com/cforms-plugin">cformsII</a></span>';
    //
    // allow the user to use form data for other apps
    //
    $trackf['id'] = $no;
    $trackf['data'] = $track;
    if (function_exists('my_cforms_action')) {
        my_cforms_action($trackf);
    }
    // Catch WP-Comment function
    if ($isAjaxWPcomment !== false && $track['send2author'] == '0') {
        require_once dirname(__FILE__) . '/lib_WPcomment.php';
        if ($WPsuccess) {
            $hide = '';
            // redirect to a different page on suceess?
            if (get_option('cforms' . $no . '_redirect') == 1) {
                return get_option('cforms' . $no . '_redirect_page');
            } else {
                if (get_option('cforms' . $no . '_redirect') == 2) {
                    $hide = '|~~~';
                }
            }
            $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 0, 1);
            return $pre . $WPresp . $hide;
        } else {
            $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 1, 1);
            return $pre . $WPresp . '|---';
        }
    }
    //
    //reply to all email recipients
    //
    $replyto = preg_replace(array('/;|#|\\|/'), array(','), stripslashes(get_option('cforms' . $no . '_email')));
    // multiple recipients? and to whom is the email sent? to_one = picked recip.
    if ($isAjaxWPcomment !== false && $track['send2author'] == '1') {
        $to = $wpdb->get_results("SELECT U.user_email FROM {$wpdb->users} as U, {$wpdb->posts} as P WHERE P.ID = {$Ajaxpid} AND U.ID=P.post_author");
        $to = $replyto = $to[0]->user_email != '' ? $to[0]->user_email : $replyto;
    } else {
        if ($to_one != "-1") {
            $all_to_email = explode(',', $replyto);
            $replyto = $to = $all_to_email[$to_one];
        } else {
            $to = $replyto;
        }
    }
    // T-A-F override?
    if ($taf_youremail && $taf_friendsemail && substr(get_option('cforms' . $no . '_tellafriend'), 0, 1) == '1') {
        $replyto = "\"{$taf_yourname}\" <{$taf_youremail}>";
    }
    //
    // FIRST write into the cforms tables!
    //
    $subID = write_tracking_record($no, $field_email);
    //
    // ready to send email
    // email header
    //
    $html_show = substr(get_option('cforms' . $no . '_formdata'), 2, 1) == '1' ? true : false;
    $fmessage = '';
    $eol = "\n";
    if (($frommail = stripslashes(get_option('cforms' . $no . '_fromemail'))) == '') {
        $frommail = '"' . get_option('blogname') . '" <wordpress@' . preg_replace('#^www\\.#', '', strtolower($_SERVER['SERVER_NAME'])) . '>';
    }
    $headers = "From: " . $frommail . $eol;
    $headers .= "Reply-To: " . $field_email . $eol;
    if (($tempBcc = stripslashes(get_option('cforms' . $no . '_bcc'))) != "") {
        $headers .= "Bcc: " . $tempBcc . $eol;
    }
    $headers .= "MIME-Version: 1.0" . $eol;
    if ($html_show) {
        $headers .= "Content-Type: multipart/alternative; boundary=\"----MIME_BOUNDRY_main_message\"";
        $fmessage = "This is a multi-part message in MIME format." . $eol;
        $fmessage .= "------MIME_BOUNDRY_main_message" . $eol;
        $fmessage .= "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"" . $eol;
        $fmessage .= "Content-Transfer-Encoding: quoted-printable" . $eol . $eol;
    } else {
        $headers .= "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"";
    }
    // prep message text, replace variables
    $message = get_option('cforms' . $no . '_header');
    $message = check_default_vars($message, $no);
    $message = stripslashes(check_cust_vars($message, $track, $no));
    // text text
    $fmessage .= $message . $eol;
    // need to add form data summary or is all in the header anyway?
    if (substr(get_option('cforms' . $no . '_formdata'), 0, 1) == '1') {
        $fmessage .= $eol . $formdata . $eol;
    }
    // HTML text
    if ($html_show) {
        // actual user message
        $htmlmessage = get_option('cforms' . $no . '_header_html');
        $htmlmessage = check_default_vars($htmlmessage, $no);
        $htmlmessage = str_replace(array("=", "\n"), array("=3D", "<br />\n"), stripslashes(check_cust_vars($htmlmessage, $track, $no)));
        $fmessage .= "------MIME_BOUNDRY_main_message" . $eol;
        $fmessage .= "Content-Type: text/html; charset=\"" . get_option('blog_charset') . "\"" . $eol;
        $fmessage .= "Content-Transfer-Encoding: quoted-printable" . $eol . $eol;
        $fmessage .= "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">" . $eol;
        $fmessage .= "<HTML>" . $eol;
        $fmessage .= $styles;
        $fmessage .= "<BODY>" . $eol;
        $fmessage .= $htmlmessage;
        // need to add form data summary or is all in the header anyway?
        if (substr(get_option('cforms' . $no . '_formdata'), 1, 1) == '1') {
            $fmessage .= $eol . $htmlformdata;
        }
        $fmessage .= "</BODY></HTML>" . $eol . $eol;
    }
    //either use configured subject or user determined
    $vsubject = get_option('cforms' . $no . '_subject');
    $vsubject = check_default_vars($vsubject, $no);
    $vsubject = stripslashes(check_cust_vars($vsubject, $track, $no));
    // SMTP server or native PHP mail() ?
    if ($smtpsettings[0] == '1') {
        $sentadmin = cforms_phpmailer($no, $frommail, $field_email, $to, $vsubject, $message, $formdata, $htmlmessage, $htmlformdata);
    } else {
        $sentadmin = @mail($to, encode_header($vsubject), $fmessage, $headers);
    }
    if ($sentadmin == 1) {
        // send copy or notification?
        if (get_option('cforms' . $no . '_confirm') == '1' && $field_email != '' || $ccme) {
            if (($frommail = stripslashes(get_option('cforms' . $no . '_fromemail'))) == '') {
                $frommail = '"' . get_option('blogname') . '" <wordpress@' . preg_replace('#^www\\.#', '', strtolower($_SERVER['SERVER_NAME'])) . '>';
            }
            // HTML message part?
            $html_show_ac = substr(get_option('cforms' . $no . '_formdata'), 3, 1) == '1' ? true : false;
            $automessage = '';
            $headers2 = "From: " . $frommail . $eol;
            $headers2 .= "Reply-To: " . $replyto . $eol;
            if (substr(get_option('cforms' . $no . '_tellafriend'), 0, 1) == '1') {
                //TAF: add CC
                $headers2 .= "CC: " . $replyto . $eol;
            }
            $headers2 .= "MIME-Version: 1.0" . $eol;
            if ($html_show_ac || $html_show && $ccme) {
                $headers2 .= "Content-Type: multipart/alternative; boundary=\"----MIME_BOUNDRY_main_message\"";
                $automessage = "This is a multi-part message in MIME format." . $eol;
                $automessage .= "------MIME_BOUNDRY_main_message" . $eol;
                $automessage .= "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"" . $eol;
                $automessage .= "Content-Transfer-Encoding: quoted-printable" . $eol . $eol;
            } else {
                $headers2 .= "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"";
            }
            // actual user message
            $cmsg = get_option('cforms' . $no . '_cmsg');
            $cmsg = check_default_vars($cmsg, $no);
            $cmsg = check_cust_vars($cmsg, $track, $no);
            // text text
            $automessage .= $cmsg . $eol;
            // HTML text
            if ($html_show_ac) {
                // actual user message
                $cmsghtml = get_option('cforms' . $no . '_cmsg_html');
                $cmsghtml = check_default_vars($cmsghtml, $no);
                $cmsghtml = str_replace(array("=", "\n"), array("=3D", "<br />\n"), check_cust_vars($cmsghtml, $track, $no));
                $automessage .= "------MIME_BOUNDRY_main_message" . $eol;
                $automessage .= "Content-Type: text/html; charset=\"" . get_option('blog_charset') . "\"" . $eol;
                $automessage .= "Content-Transfer-Encoding: quoted-printable" . $eol . $eol;
                $automessage .= "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">" . $eol;
                $automessage .= "<HTML><BODY>" . $eol;
                $automessage .= $cmsghtml;
                $automessage .= "</BODY></HTML>" . $eol . $eol;
            }
            // replace variables
            $subject2 = get_option('cforms' . $no . '_csubject');
            $subject2 = check_default_vars($subject2, $no);
            $subject2 = check_cust_vars($subject2, $track, $no);
            // different cc & ac subjects?
            $t = explode('$#$', $subject2);
            $t[1] = $t[1] != '' ? $t[1] : $t[0];
            // email tracking via 3rd party?
            $field_email = get_option('cforms' . $no . '_tracking') != '' ? $field_email . get_option('cforms' . $no . '_tracking') : $field_email;
            // if in Tell-A-Friend Mode, then overwrite header stuff...
            if ($taf_youremail && $taf_friendsemail && substr(get_option('cforms' . $no . '_tellafriend'), 0, 1) == '1') {
                $field_email = "\"{$taf_friendsname}\" <{$taf_friendsemail}>";
            }
            if ($ccme) {
                if ($smtpsettings[0] == '1') {
                    $sent = cforms_phpmailer($no, $frommail, $replyto, $field_email, stripslashes($t[1]), $message, $formdata, $htmlmessage, $htmlformdata, 'ac');
                } else {
                    $sent = @mail($field_email, encode_header(stripslashes($t[1])), $fmessage, $headers2);
                }
                //takes $message!!
            } else {
                if ($smtpsettings[0] == '1') {
                    $sent = cforms_phpmailer($no, $frommail, $replyto, $field_email, stripslashes($t[0]), $cmsg, '', $cmsghtml, '', 'ac');
                } else {
                    $sent = @mail($field_email, encode_header(stripslashes($t[0])), stripslashes($automessage), $headers2);
                }
            }
            if ($sent != '1') {
                $err = __('Error occurred while sending the auto confirmation message: ', 'cforms') . ($smtpsettings[0] ? " ({$sent})" : '');
                $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 1, 1);
                return $pre . $err . '|!!!';
            }
        }
        // cc
        $hide = '';
        // redirect to a different page on suceess?
        if (get_option('cforms' . $no . '_redirect') == 1) {
            return get_option('cforms' . $no . '_redirect_page');
        } else {
            if (get_option('cforms' . $no . '_redirect') == 2 || get_cforms_submission_left($no) == 0) {
                $hide = '|~~~';
            }
        }
        // return success msg
        $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 0, 1);
        $successMsg = check_default_vars(stripslashes(get_option('cforms' . $no . '_success')), $no);
        $successMsg = check_cust_vars($successMsg, $track, $no);
        return $pre . preg_replace('|\\r\\n|', '<br />', $successMsg) . $hide;
    } else {
        // return error msg
        $err = __('Error occurred while sending the message: ', 'cforms') . ($smtpsettings[0] ? '<br />' . $sentadmin : '');
        $pre = $segments[0] . '*$#' . substr(get_option('cforms' . $no . '_popup'), 1, 1);
        return $pre . $err . '|!!!';
    }
}
コード例 #6
0
ファイル: lib_nonajax.php プロジェクト: prabhu/desistartups
// VALIDATE all fields
//
require_once dirname(__FILE__) . '/lib_validate.php';
if (isset($_POST['sendbutton' . $no]) && $all_valid) {
    //
    // all valid? get ready to send
    //
    $sep = strpos(__FILE__, '/') === false ? '\\' : '/';
    $CFfunctions = dirname(__FILE__) . $sep . 'my-functions.php';
    if (file_exists($CFfunctions)) {
        include_once $CFfunctions;
    }
    if (function_exists('my_cforms_filter')) {
        $_POST = my_cforms_filter($_POST);
    }
    if (get_option('cforms' . $no . '_maxentries') != '' && get_cforms_submission_left($no) == 0) {
        $cflimit = 'reached';
        return;
    }
    $usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms' . $no . '_success')));
    $formdata = '';
    $htmlformdata = '';
    $track = array();
    $trackinstance = array();
    $to_one = "-1";
    $ccme = false;
    $field_email = '';
    $filefield = 0;
    $taf_youremail = false;
    $taf_friendsemail = false;
    $send2author = false;