} } } // Captcha check if (empty($guestbook['captcha'])) { $guestbook['form'] = replace_tmpl_section('CAPTCHA', $guestbook['form']); } else { $guestbook['captcha_maxchar'] = empty($guestbook['captcha_maxchar']) ? 5 : $guestbook['captcha_maxchar']; $guestbook['form'] = str_replace('{CAPTCHA}', '<img src="img/captcha.php?regen=y&length=' . $guestbook['captcha_maxchar'] . '&' . time() . '" alt="Captcha" id="gbCaptchaImage" />', $guestbook['form']); } if (isset($_POST['guestbook_email']) && !empty($guestbook['captcha'])) { include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php'; // instantiate the object $spaf_obj = new SPAF_FormValidator(); $guestbook['post']['captcha'] = isset($_POST['guestbook_captcha']) ? clean_slweg($_POST['guestbook_captcha']) : ''; if ($spaf_obj->validRequest($guestbook['post']['captcha'])) { // destroy successful code $spaf_obj->destroy(); } else { $guestbook['error']['captcha'] = 'Fill in the correct captcha code. Proof it twice!'; } } if (isset($_POST['guestbook_email']) && !$guestbook['flooding']) { // make global spam check if (!checkFormTrackingValue()) { $guestbook['flooding'] = 1; $guestbook['readform'] = 1; $guestbook['spamalert'] = '<div class="spamFormAlert">Your IP ' . getRemoteIP() . ' is not allowed to send form!</div>'; } } // final guestbook form check and insert into db
$form_field .= ' placeholder="' . html_specialchars($cnt_form["fields"][$key]['placeholder']) . '"'; } if ($cnt_form["fields"][$key]['required']) { $form_field .= ' required="required"'; } $form_field .= ' />'; break; case 'captcha': /* * Captcha */ if ($POST_DO && isset($_POST[$POST_name])) { $POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name])); include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php'; $spaf_obj = new SPAF_FormValidator(); if ($spaf_obj->validRequest($POST_val[$POST_name])) { $spaf_obj->destroy(); } else { $POST_ERR[$key] = empty($cnt_form["fields"][$key]['error']) ? 'Captcha error' : $cnt_form["fields"][$key]['error']; $cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]); } $cnt_form["fields"][$key]['value'] = ''; } // $form_field .= '<input type="text" name="' . $form_name . '" id="' . $form_name . '" value=""'; if ($cnt_form["fields"][$key]['size']) { $form_field .= ' size="' . $cnt_form["fields"][$key]['size'] . '"'; } if ($cnt_form["fields"][$key]['max']) { $form_field .= ' maxlength="' . $cnt_form["fields"][$key]['max'] . '"'; }
if (count($req_key)) { $err_num = 0; foreach ($req_key as $value) { $required_val[$value] = 1; if (!isset($_POST[$value])) { $form_error[400 + $err_num] = str_replace("###value###", strtoupper($value), $translate[$lang]["error400"]); $err_num += 10; } } } unset($_POST["required"]); } if (isset($_POST["Captcha_Validation"])) { include_once PHPWCMS_ROOT . '/include/inc_ext/SPAF_FormValidator.class.php'; $spaf_obj = new SPAF_FormValidator(); if ($spaf_obj->validRequest($_POST["Captcha_Validation"])) { $spaf_obj->destroy(); unset($_POST["Captcha_Validation"]); } else { $form_error[350] = $translate[$lang]["error350"]; } } //getting the label fields list if (isset($_POST["label"])) { $label = explode(',', trim($_POST["label"])); if ($label) { foreach ($label as $value) { list($field_name, $field_label) = explode('|', $value); $form_label[$field_name] = $field_label; } }