function makecontact_execute($action, $slot)
{
global $_POST;
global $_GET;
global $_CONFIG;
require_once "config/db.php";
global $conn;
global $_local_error;
$_local_error = "";
global $_local_reloadform;
$_local_reloadform = "";
global $render_current_slot;
global $current_slots;
//mark slot on execution stack
$render_current_slot++;
$current_slots[$render_current_slot] = $slot;
if (getUserConfig("pageprotection") == "yes") {
if (isset($_POST['fprotection']) && $_POST['fprotection'] != "") {
if (isset($_GET['ajax']) && $_GET['ajax'] == 1) {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection'])) {
$_local_error = getLT("protectionerror");
}
} else {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection']) + 1) {
$_local_error = getLT("protectionerror");
}
}
}
}
//set default filter
$control_filter = "";
$control_name = "makecontact";
$control_table = "projectissues";
$control_id = "id";
//check for rights
if (getUserConfig('dinsec_makecontact_cando', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (getUserConfig('dinsec_makecontact_canpost', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_makecontact") == "yes") {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_projectissues") == "yes") {
$_local_error = getLT('nopermissions');
}
if ($_local_error == "") {
switch ($action) {
case 'add':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
setSlotView($slot, "add");
break;
}
if ($_local_error == '') {
if (!isset($_POST['iname']) || $_POST['iname'] == '' || strip_tags($_POST['iname']) == '') {
$_local_error .= getLT('iname') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['iemail']) || $_POST['iemail'] == '' || strip_tags($_POST['iemail']) == '') {
$_local_error .= getLT('iemail') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['icontactname']) || $_POST['icontactname'] == '' || strip_tags($_POST['icontactname']) == '') {
$_local_error .= getLT('icontactname') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['useraddress'])) {
$_local_error .= getLT('javascript?');
} else {
$ab_def = strtok($_POST['useraddress'], "-");
$ab_test = $ab_def . '-' . number_format(floatVal($ab_def . '.12') * 0.34, 4, '.', '');
if ($ab_test !== $_POST['useraddress']) {
$_local_error .= getLT('antiboterror?');
}
}
}
if ($_local_error == "") {
$conn->addnew($control_table);
$conn->setvalue('iname', correctPostValue($_POST['iname']));
$conn->setvalue('iemail', correctPostValue($_POST['iemail']));
$conn->setvalue('icontactname', correctPostValue($_POST['icontactname']));
$html = correctPostValue($_POST['idesc']);
$html = str_ireplace("<script", "[script", $html);
$html = str_ireplace("<link", "[link", $html);
$html = str_ireplace("<style", "[style", $html);
$conn->setvalue('idesc', $html);
$conn->setvalue('projectid', $_CONFIG['projectid']);
$conn->setvalue('idate', date("Y-m-d H:i:s"));
$id = $conn->update();
if ($id != "") {
session_addvalue($slot . '_info', getLT('wblank'));
session_setvalue($slot . "_viewid", $id);
setSlotView($slot, "add");
} else {
$_local_error = getLT('unableadd');
break;
}
}
case 'sendemail':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
break;
}
if ($_local_error == "") {
ob_start();
require_once "config/htmlreport.php";
require_once "config/templates.php";
require_once "config/mail.php";
global $_templates;
require_once "config/utils.php";
$_control_replace_sql = "parseAndReplaceAll";
$pdf = new HtmlReport("");
$emailbody = ob_get_contents();
ob_end_clean();
$emailbody = html_entity_decode($emailbody);
$emailsubject = getLT('emailcontact');
global $mails_sql_conn;
$mails_sql_conn = create_db_connection();
$mails_sql_conn->openselect($_control_replace_sql("select pemails as email from projects where id=0[config.projectid]"));
$noemail = false;
if ($mails_sql_conn->eof()) {
$noemail = true;
}
while (!$mails_sql_conn->eof()) {
$mailman = createMailObject();
$mailman->IsHTML(true);
$emailto = $mails_sql_conn->getvalue("email");
$emailreply = "";
$emailbcc = "";
$emailcc = "";
$emailfrom = "";
$emailbody = getFileContent(getFilePathFor('html', 'makecontact'));
require_once "config/utils.php";
$emailbody = parseAndReplaceAll($emailbody);
$emailreply = correctPostValue($_POST["iemail"]);
$mailman->Body = $emailbody;
$mailman->Subject = $emailsubject;
$mailman->ClearAddresses();
$mailman->AddAddress($emailto);
if ($emailbcc != "") {
$mailman->AddBCC($emailbcc);
}
if ($emailcc != "") {
$mailman->AddCC($emailcc);
}
if ($emailfrom != "") {
$mailman->FromName = "";
$mailman->From = $emailfrom;
}
if ($emailreply != '') {
$mailman->AddReplyTo($emailreply);
}
$mailman->send();
$mails_sql_conn->movenext();
}
$mails_sql_conn->close();
if ($noemail) {
session_addvalue($slot . '_error', getLT('noemailfound'));
} else {
session_addvalue($slot . '_info', getLT('yourmessageissent'));
}
}
break;
default:
//$_local_error="slot:".$slot." unknown post action: ".$action;
setSlotView($slot, "");
break;
}
}
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
//if($_local_error!="") session_addvalue($slot.'_error',getLT($_local_error));
$_local_error = '';
} else {
if ($_local_reloadform != "" || $_local_error != "" || $action == "justreloadform") {
//save post for later use
foreach ($_POST as $key => $val) {
if (is_array($val)) {
session_setvalue('savedpost_makecontact_' . $key, correctPostValue(implode(",", str_replace(',', ' ', $_POST[$key]))));
} else {
session_setvalue('savedpost_makecontact_' . $key, correctPostValue($val));
}
}
if ($_local_error != "") {
session_addvalue($slot . '_error', $_local_error);
}
}
}
$render_current_slot--;
return $_local_error;
}
function lookup_execute($action, $slot)
{
global $_POST;
global $_GET;
global $_CONFIG;
require_once "config/db.php";
global $conn;
global $_local_error;
$_local_error = "";
global $_local_reloadform;
$_local_reloadform = "";
global $render_current_slot;
global $current_slots;
//mark slot on execution stack
$render_current_slot++;
$current_slots[$render_current_slot] = $slot;
if (getUserConfig("pageprotection") == "yes") {
if (isset($_POST['fprotection']) && $_POST['fprotection'] != "") {
if (isset($_GET['ajax']) && $_GET['ajax'] == 1) {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection'])) {
$_local_error = getLT("protectionerror");
}
} else {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection']) + 1) {
$_local_error = getLT("protectionerror");
}
}
}
}
//set default filter
$control_filter = "";
$control_name = "lookup";
$control_table = "issues";
$control_id = "id";
//check for rights
if (getUserConfig('dinsec_lookup_cando', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (getUserConfig('dinsec_lookup_canpost', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_lookup") == "yes") {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_issues") == "yes") {
$_local_error = getLT('nopermissions');
}
if ($_local_error == "") {
switch ($action) {
case 'info':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
break;
}
if ($_local_error == "") {
require_once "config/utils.php";
$_control_replace_sql = "parseAndReplaceAll";
if (file_exists("extensions/process_lookup.php")) {
include "extensions/process_lookup.php";
}
}
break;
case 'siteoffer':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
break;
}
if ($_local_error == "") {
require_once "config/utils.php";
$_control_replace_sql = "parseAndReplaceAll";
if (file_exists("extensions/process_siteoffer.php")) {
include "extensions/process_siteoffer.php";
}
}
break;
default:
//$_local_error="slot:".$slot." unknown post action: ".$action;
setSlotView($slot, "");
break;
}
}
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
//if($_local_error!="") session_addvalue($slot.'_error',getLT($_local_error));
$_local_error = '';
} else {
if ($_local_reloadform != "" || $_local_error != "" || $action == "justreloadform") {
//save post for later use
foreach ($_POST as $key => $val) {
if (is_array($val)) {
session_setvalue('savedpost_lookup_' . $key, correctPostValue(implode(",", str_replace(',', ' ', $_POST[$key]))));
} else {
session_setvalue('savedpost_lookup_' . $key, correctPostValue($val));
}
}
if ($_local_error != "") {
session_addvalue($slot . '_error', $_local_error);
}
}
}
$render_current_slot--;
return $_local_error;
}