function validate_input($valid, &$p, &$error)
{
$error = null;
if ($valid['type'] != 'func') {
if (is_array($p)) {
$val =& $p[$valid['_input']];
} else {
$val =& $p;
}
}
switch ($valid['type']) {
case 'address':
$val = string_check($val);
if (empty($valid['blank']) and strlen($val) < 4) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid address.';
}
if (!empty($valid['lines']) and !empty($val) and substr_count($val, "\n") < $valid['lines'] - 1) {
$error = 'This address must contain at least ' . $valid['lines'] . ' lines.';
}
if (!empty($valid['format'])) {
$val = str_replace(array("\r", "\n", "\r\n", ', '), ',', $val);
}
break;
case 'array':
case 'choice':
case 'select':
// $val can't be an array at this point as that's sorted higher up by validate_input_array()
if (!is_array($valid['options']) and function_exists($valid['options'])) {
$valid['options'] = $valid['options']();
}
if (is_array($valid['options'])) {
if (is_assoc($valid['options'])) {
$err = !@isset($valid['options'][$val]);
} else {
$err = !in_array($val, $valid['options']);
}
} elseif (isset($valid['no-opts'])) {
$val = '';
} else {
$err = true;
$valid['msg'] = 'The options could not be found for this field.';
}
if (isset($valid['not-empty']) and empty($val)) {
$err = true;
}
if (!empty($err)) {
if (!empty($valid['blank'])) {
$val = '';
} elseif (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must select one of the available options.';
}
}
break;
case 'bool':
case 'boolean':
if (!empty($val)) {
$val = !empty($valid['set']) ? $valid['set'] : 1;
} elseif (!empty($valid['mandatory'])) {
$error = 'You must tick this box to continue.';
} else {
$val = !empty($valid['empty']) ? $valid['empty'] : 0;
}
break;
case 'clear':
$val = false;
break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
case 'currency':
if (!make_currency($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid currency value';
}
if (!empty($valid['positive']) and $val < 0) {
$val *= -1;
}
break;
case 'dat':
case 'date':
// we had to be careful here, as when we moved to a function with &$error
// it started adding the error even if we planned to ignore it
// use $err in these cases but might be better to pass on the blank flag
// to sub functions of the validator
$func = 'sql_' . $valid['type'];
$val = $func($val, $err);
$today_date = date('Y-m-d');
if (empty($val)) {
if (!empty($valid['blank'])) {
$val = $valid['blank'] == 'today' ? $today_date : '';
} else {
$error = !empty($err) ? $err : 'The date you entered was not recognised';
}
} else {
if (!empty($valid['past'])) {
$valid['max'] = $today_date;
}
if (!empty($valid['future'])) {
$valid['min'] = $today_date;
}
if (!empty($valid['max']) and $val > $valid['max']) {
$error = 'The date specified is greater than the maximum allowed.';
}
if (!empty($valid['min']) and $val < $valid['min']) {
$error = 'The date specified is less than the minimum allowed.';
}
}
break;
case 'dob':
if (!empty($val)) {
$val = date_from_dob($val);
}
if (empty($val) and empty($valid['blank'])) {
if (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must enter a valid date of birth, try ' . (defined(DATE_USA) ? 'mm/dd/yy' : 'dd/mm/yy') . '.';
}
}
if (isset($valid['max']) or isset($valid['min'])) {
$age = age_from_dob($val);
if (!empty($valid['max']) and $age > $valid['max']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['max'] . ' or less.';
}
if (!empty($valid['min']) and $age < $valid['min']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['min'] . ' or more.';
}
}
if ($val > date('Y-m-d')) {
$error = 'A date of birth may not be in the future. If time travel has been invented, please let us know last year.';
}
break;
case 'email':
if (!make_email($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid email address.';
}
break;
case 'equal':
if (!string_compare($val, $valid['equal'])) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter the exact value.';
}
break;
// this isn't really a data type, could be removed now that we can accept arrays
// this isn't really a data type, could be removed now that we can accept arrays
case 'extra':
$extra = array();
if (is_array($val['key'])) {
foreach ($val['key'] as $n => $key) {
$extra[string_check($key)] = string_check($val['val'][$n]);
}
}
$val = serialize($extra);
break;
case 'html':
$val = make_html($val, $valid['tags'], !empty($valid['multi_byte']) ? true : false);
if ($valid['length'] > 0) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
}
break;
case 'image':
break;
case 'keygen':
if (empty($val) and empty($valid['regen'])) {
$val = rand_pass();
}
break;
case 'name':
$val = make_name($val);
if (empty($valid['blank']) and empty($val)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid name.';
}
break;
case 'num':
case 'number':
if (!is_number($val, $valid['blank'] ? 1 : false)) {
if (!empty($valid['default'])) {
$val = $valid['default'];
} else {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid number.';
}
}
if (!empty($val)) {
// for legacy support
if (isset($valid['ulimit'])) {
$valid['max'] = $valid['ulimit'];
}
if (isset($valid['dlimit'])) {
$valid['min'] = $valid['dlimit'];
}
//
if (isset($valid['max']) and $val > $valid['max']) {
$error = 'You must enter a number no greater than ' . $valid['max'] . '.';
}
if (isset($valid['min']) and $val < $valid['min']) {
$error = 'You must enter a number no lower than ' . $valid['min'] . '.';
}
if (isset($valid['max-other']) and $val > $p[$valid['max-other']]) {
$error = 'You must enter a number no greater than ' . $p[$valid['max-other']] . '.';
}
}
break;
case 'phone':
if (isset($valid['other'])) {
$error = !make_phones($val, $p[$valid['other']]);
} else {
$error = !make_phone($val, $valid['blank'] ? 1 : false);
}
if (!empty($error)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid phone number.';
}
break;
case 'postcode':
if (!make_postcode($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid postcode.';
}
break;
case 'time':
if (!make_time($val, $valid['blank'] ? 1 : false, $valid['format'] ? $valid['format'] : null)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid time.';
}
break;
case 'url':
case 'website':
if (!make_website($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid website address.';
}
if (is_array($valid['unique'])) {
$check = query("SELECT " . $valid['unique']['id'] . " FROM " . $valid['unique']['table'] . " WHERE website='{$val}'", 'single');
if ($check > 0) {
$error = 'The website address you entered is already registered.';
}
}
break;
case 'func':
$func = $valid['func'];
if (function_exists($func)) {
if (!$func($p, $err, $valid)) {
$error = !empty($valid['msg']) ? $valid['msg'] : $err;
}
break;
}
default:
if (!empty($val)) {
$val = string_check($val, $valid['strip']);
}
if (!empty($valid['length'])) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
} elseif (!empty($valid['default']) and empty($val)) {
$val = $valid['default'];
}
if (!empty($valid['max']) and $strlen > $valid['max']) {
$error = 'You may not enter a value longer than ' . $valid['max'] . ' characters.';
}
}
validate_unique($valid, $val, $error);
if ($error) {
return false;
}
return true;
}
function print_email($email, $linktext = false)
{
echo make_email($email, $linktext);
}
function send_email($p, &$error = null, $mail_type = null)
{
if (empty($mail_type) and function_exists('send_email_type')) {
$mail_type = send_email_type();
}
if (function_exists('send_email_subject')) {
$p['subject'] = send_email_subject($p);
}
$n = 0;
if (!isset($p['emails']) or !is_array_full(array_keys($p['emails']))) {
$error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.';
return false;
}
// this bit is only needed until we've updated all other sites to use new email assoc format
$first = reset($p['emails']);
if (make_email($first)) {
$temp = array();
foreach ($p['emails'] as $name => $email) {
$temp[$email] = $name;
}
$p['emails'] = $temp;
unset($temp);
}
//
if (!defined('EMAIL_SEND')) {
if (!isset($p['headers'])) {
$headers = mail_headers();
}
foreach ($p['emails'] as $email => $name) {
log_email($name . ' <' . $email . '>', $p['subject'], $p['message'], $headers);
$n++;
}
} else {
switch ($mail_type) {
case 'func':
$func = send_email_func();
if (!$func($p, $error)) {
return false;
}
break;
case 'gmail':
if (!gmail_send($p, $error)) {
return false;
}
break;
case 'sendgrid':
if (!sendgrid_send($p, $error)) {
return false;
}
break;
case 'smtp':
if (!smtp_send($p, $error)) {
return false;
}
break;
case 'sendmail':
default:
if (!is_array_full($p['emails'])) {
$error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.';
return false;
}
if (!isset($p['headers'])) {
$p['headers'] = mail_headers();
}
foreach ($p['emails'] as $email => $name) {
if (@mail($email, $p['subject'], $p['message'], $p['headers'])) {
$n++;
} else {
$errors[] = $email;
}
}
if (!empty($errors)) {
$error = 'The email message could not be sent to the following addresses.</p><ul><li>' . implode('</li><li>', $errors) . '</li></ul><p>';
return false;
}
break;
}
}
return true;
}
//everything is ok return 0
echo 0;
//everyone involved should get an email
$angebot = fetch_one_ride($angebot_id);
$f_name = $angebot['name'];
$f_tel = $angebot['tel'];
$f_email = $angebot['email'];
$von = $angebot['von'];
$nach = $angebot['nach'];
$datum = show_date($angebot['time']);
$zeit = show_time($angebot['time']);
$treffpunkt = $angebot['treffpunkt'];
$dtstart = make_dtcomponent($angebot['time']);
$dtend = make_dtcomponent($angebot['time'] + 30 * 60);
//duration 30 minutes
$ics = make_ics($dtstart, $dtend, $treffpunkt, $von, $nach);
$mitfahrer_msg = make_mitfahrer_message($mf_name, $von, $nach, $datum, $zeit, $f_name, $f_tel, $f_email);
$subject = "Mitfahrgelegenheit ({$von} -> {$nach}) am {$datum}, {$zeit}";
$from = "*****@*****.**";
$mitfahrer_email = make_email($mf_email, $from, $subject, $mitfahrer_msg);
$mitfahrer_email = add_attachment($mitfahrer_email, $ics);
send_mail($mitfahrer_email);
$fahrer_msg = make_neuer_mitfahrer_message($f_name, $von, $nach, $datum, $zeit, $mf_name, $mf_tel, $mf_email);
$fahrer_email = make_email($f_email, $from, $subject, $fahrer_msg);
$fahrer_email = add_encoding($fahrer_email);
send_mail($fahrer_email);
}
} else {
//no free seats, return 1
echo 1;
}
function download_tar()
{
$name = $GLOBALS['form_name'];
$data = array(".htaccess" => make_htaccess(), "run.php ->" => 'code/wfpl/run.php', "style.css" => read_whole_file('code/wfpl/metaform/style.css'), "{$name}.html" => make_html(), "{$name}.php" => make_php());
if ($GLOBALS['opt_db'] == 'Yes') {
$data["{$name}.sql"] = make_sql();
}
if ($GLOBALS['opt_email'] == 'Yes') {
$data["{$name}.email.txt"] = make_email();
}
make_tar($name, $data);
}
function testProceedingInvalidChar()
{
$email = '*****@*****.**>';
$this->assertFalse(make_email($email));
}
include 'mf-core.php';
$name = $_POST['name'];
$anzahl = $_POST['anzahl'];
$von = $_POST['von'];
$nach = $_POST['nach'];
$treffpunkt = $_POST['treffpunkt'];
$fahrzeug = $_POST['fahrzeug'];
$preis = $_POST['preis'];
$tel = $_POST['tel'];
$email = $_POST['email'];
$timestamp = $_POST['timestamp'];
add_ride($name, $von, $nach, $treffpunkt, $anzahl, $fahrzeug, $preis, $tel, $email, $timestamp);
$angebot_id = find_ride($name, $timestamp);
echo $angebot_id == 0 ? '0' : '1';
$datum = show_date($timestamp);
$zeit = show_time($timestamp);
//send email to fahrer
//send ics with it
//recipient, subject, separator
$to = $email;
$subject = "Mitfahrgelegenheit ({$von} -> {$nach}) am {$datum}, {$zeit}";
$from = "*****@*****.**";
$fahrer_msg = make_fahrer_msg($name, $datum, $zeit, $von, $nach, $treffpunkt, $anzahl, $preis);
$fahrer_mail = make_email($to, $from, $subject, $fahrer_msg);
$dtstart = make_dtcomponent($timestamp);
$dtend = make_dtcomponent($timestamp + 30 * 60);
//duration 30 minutes
$ics = make_ics($dtstart, $dtend, $treffpunkt, $von, $nach);
$fahrer_mail = add_attachment($fahrer_mail, $ics);
send_mail($fahrer_mail);
