/** * * Sends a promotional email to the given recipients * @param string $sender Sender e-Mail address * @param string|array $recipients List of recipients either as array or comma/semi colon separated string * @param string $subject E-Mail subject * @param array $tokenlist * @internal param string $url_for_friend URL to share * @return bool true on success / false if the supplied parameters were incorrect/missing or an error occurred sending the mail */ function sendMail($sender, $recipients, $subject, $tokenlist = array()) { global $errors, $prefs, $smarty, $user, $userlib, $logslib; global $registrationlib; include_once 'lib/registration/registrationlib.php'; if (empty($sender)) { $errors[] = tra('Your email is mandatory'); return false; } if (function_exists('validate_email')) { $ok = validate_email($sender, $prefs['validateEmail']); } else { $ret = $registrationlib->SnowCheckMail($sender, '', 'mini'); $ok = $ret[0]; } if ($ok) { $from = str_replace(array("\r", "\n"), '', $sender); } else { $errors[] = tra('Invalid email') . ': ' . $_REQUEST['email']; return false; } $recipients = checkAddresses($recipients); if ($recipients === false) { return false; } include_once 'lib/webmail/tikimaillib.php'; $smarty->assign_by_ref('mail_site', $_SERVER['SERVER_NAME']); $applyFrom = !empty($user) && $from == $userlib->get_user_email($user); $ok = true; foreach ($recipients as $i => $recipient) { $mail = new TikiMail(); $mail->setSubject($subject); if ($applyFrom) { $mail->setFrom($from); $mail->setReplyTo("<{$from}>"); } if (count($tokenlist) > 1) { $url_for_friend = $tokenlist[$i]; } else { $url_for_friend = $tokenlist[0]; // only one token if not "subscribing" } $smarty->assign('url_for_friend', $url_for_friend); $txt = $smarty->fetch('mail/share.tpl'); // Rebuild email message texte $mail->setText($txt); $mailsent = $mail->send(array($recipient)); if (!$mailsent) { $errors[] = tra('Error sending mail to') . " {$recipient}"; $logslib->add_log('share', tra('Error sending mail to') . " {$recipient} " . tra('by') . ' ' . $user); } else { $logslib->add_log('share', tra('Share page') . ': ' . $url_for_friend . ' ' . tra('to') . ' ' . $recipient . ' ' . tra('by') . ' ' . $user); } $ok = $ok && $mailsent; } return $ok; }
empty($_REQUEST['wikipageafter']) ? NULL : $_REQUEST['wikipageafter'] ) ); $res=$tikilib->query("SELECT MAX(id) as `id` FROM `tiki_invite` WHERE `inviter`=? AND `ts`=?", array($user, $tikilib->now)); $row=$res->fetchRow(); $id=$row['id']; foreach ($emails as $m) $tikilib->query( "INSERT INTO `tiki_invited` (id_invite, email, firstname, lastname, used) VALUES (?,?,?,?,?)", array($id, $m['email'], $m['firstname'], $m['lastname'], "no") ); $_SERVER['SCRIPT_URI'] = empty($_SERVER['SCRIPT_URI']) ? 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_URI']; foreach ($emails as $m) { $mail = new TikiMail(); $mail->setFrom($prefs['sender_email']); $mail->setSubject($_REQUEST["emailsubject"]); $mail->setCrlf("\n"); $url=str_replace('tiki-invite.php', 'tiki-invited.php', $_SERVER['SCRIPT_URI']) .'?invite='.$id.'&email='.urlencode($m['email']); $text=$_text; $text=str_replace('{link}', $url, $text); $text=str_replace('{email}', $m['email'], $text); $text=str_replace('{firstname}', $m['firstname'], $text); $text=str_replace('{lastname}', $m['lastname'], $text); $mail->setText($text); $mail->send(array($m['email'])); } $smarty->assign('sentresult', true); }
$errors = array(); $users = $nllib->get_all_subscribers($_REQUEST["nlId"], $nl_info["unsubMsg"]); foreach ($users as $us) { $userEmail = $us["login"]; $email = $us["email"]; if ($email == "") { $errors[] = array("user" => $userEmail, "email" => ""); continue; } if ($userEmail == "") { $userEmail = $userlib->get_user_by_email($email); } if ($userEmail) { $mail->setUser($userEmail); } $mail->setFrom($tikilib->get_preference("sender_email", "")); $mail->setSubject($_REQUEST["subject"]); // htmlMimeMail memorised the encoded subject $languageEmail = !$userEmail ? $language : $tikilib->get_user_preference($userEmail, "language", $language); if ($nl_info["unsubMsg"] == 'y') { $unsubmsg = $nllib->get_unsub_msg($_REQUEST["nlId"], $userEmail, $languageEmail, $us["code"], $userEmail); if (stristr($html, "</body>") === false) { $msg = $html . nl2br($unsubmsg); } else { $msg = str_replace("</body>", nl2br($unsubmsg) . "</body>", $html); } } else { $msg = $html; } $mail->setHtml($msg, $txt . strip_tags($unsubmsg)); $mail->buildMessage();
$current = $webmaillib->get_current_webmail_account($user); if (!$current) { header("location: tiki-webmail.php?locSection=settings"); die; } // Send a message if (isset($_REQUEST["reply"]) || isset($_REQUEST["replyall"])) { check_ticket('webmail'); $webmaillib->set_mail_flag($current["accountId"], $user, $_REQUEST["realmsgid"], 'isReplied', 'y'); } $smarty->assign('sent', 'n'); $smarty->assign('attaching', 'n'); if (isset($_REQUEST["send"])) { $mail = new TikiMail($user); $email = $userlib->get_user_email($user); $mail->setFrom($email); if (!empty($_REQUEST["cc"])) { $mail->setCc($_REQUEST["cc"]); } if (!empty($_REQUEST["bcc"])) { $mail->setBcc($_REQUEST["bcc"]); } $mail->setSubject($_REQUEST["subject"]); if ($_REQUEST["attach1"]) { check_ticket('webmail'); $a1 = $mail->getFile('temp/mail_attachs/' . $_REQUEST["attach1file"]); $mail->addAttachment($a1, $_REQUEST["attach1"], $_REQUEST["attach1type"]); @unlink('temp/mail_attachs/' . $_REQUEST["attach1file"]); } if ($_REQUEST["attach2"]) { check_ticket('webmail');
/** * Send a message to a user with gpg-armor block etc included * A changed encryption-related version was copied/changed from lib/messu/messulib.pgp * into lib/openpgp/openpgplib.php for prepending/appending content into * message body * @param string $user * @param string $from * @param string $to * @param string $cc * @param string $subject * @param string $body * @param string $prepend_email_body * @param string $user_pubkeyarmor * @param string $priority * @param string $replyto_hash * @param string $replyto_email * @param string $bcc_sender * @access public * @return boolean true/false */ function post_message_with_pgparmor_attachment($user, $from, $to, $cc, $subject, $body, $prepend_email_body, $user_pubkeyarmor, $priority, $replyto_hash = '', $replyto_email = '', $bcc_sender = '') { global $prefs; $userlib = TikiLib::lib('user'); $tikilib = TikiLib::lib('tiki'); $smarty = TikiLib::lib('smarty'); $subject = strip_tags($subject); $body = strip_tags($body, '<a><b><img><i>'); // Prevent duplicates $hash = md5($subject . $body); if ($tikilib->getOne("select count(*) from `messu_messages` where `user`=? and `user_from`=? and `hash`=?", array($user, $from, $hash))) { return false; } $query = "insert into `messu_messages`(`user`,`user_from`,`user_to`,`user_cc`,`subject`,`body`,`date`,`isRead`,`isReplied`,`isFlagged`,`priority`,`hash`,`replyto_hash`) values(?,?,?,?,?,?,?,?,?,?,?,?,?)"; $tikilib->query($query, array($user, $from, $to, $cc, $subject, $body, (int) $tikilib->now, 'n', 'n', 'n', (int) $priority, $hash, $replyto_hash)); // Now check if the user should be notified by email $foo = parse_url($_SERVER["REQUEST_URI"]); $machine = $tikilib->httpPrefix(true) . $foo["path"]; $machine = str_replace('messu-compose', 'messu-mailbox', $machine); if ($tikilib->get_user_preference($user, 'minPrio', 6) <= $priority) { if (!isset($_SERVER["SERVER_NAME"])) { $_SERVER["SERVER_NAME"] = $_SERVER["HTTP_HOST"]; } $email = $userlib->get_user_email($user); if ($email) { include_once 'lib/webmail/tikimaillib.php'; $smarty->assign('mail_site', $_SERVER["SERVER_NAME"]); $smarty->assign('mail_machine', $machine); $smarty->assign('mail_date', $tikilib->now); $smarty->assign('mail_user', stripslashes($user)); $smarty->assign('mail_from', stripslashes($from)); $smarty->assign('mail_subject', stripslashes($subject)); //////////////////////////////////////////////////////////////////////// // // // ALPHAFIELDS 2012-11-03: ADDED PGP/MIME ENCRYPTION PREPARATION // // USING lib/openpgp/opepgplib.php // // // // prepend original headers into email // $aux_body = $prepend_email_body . $body; $body = $aux_body; // // //////////////////////////////////////////////////////////////////////// $smarty->assign('mail_body', stripslashes($body)); $mail = new TikiMail($user); $lg = $tikilib->get_user_preference($user, 'language', $prefs['site_language']); if (empty($subject)) { $s = $smarty->fetchLang($lg, 'mail/messu_message_notification_subject.tpl'); $mail->setSubject(sprintf($s, $_SERVER["SERVER_NAME"])); } else { $mail->setSubject($subject); } $mail_data = $smarty->fetchLang($lg, 'mail/messu_message_notification.tpl'); //////////////////////////////////////////////////////////////////////// // // // ALPHAFIELDS 2012-11-03: ADDED PGP/MIME ENCRYPTION PREPARATION // // USING lib/openpgp/opepgplib.php // // // // append pgparmor block and fingerprint into email // $mail_data .= $user_pubkeyarmor; // // //////////////////////////////////////////////////////////////////////// $mail->setText($mail_data); if ($userlib->user_exists($from)) { $from_email = $userlib->get_user_email($from); if ($bcc_sender === 'y' && !empty($from_email)) { $mail->setBcc($from_email); } if ($replyto_email !== 'y' && $userlib->get_user_preference($from, 'email is public', 'n') == 'n') { $from_email = ''; // empty $from_email if not to be used - saves getting it twice } if (!empty($from_email)) { $mail->setReplyTo($from_email); } } if (!empty($from_email)) { $mail->setFrom($from_email); } if (!$mail->send(array($email), 'mail')) { return false; //TODO echo $mail->errors; } } } return true; }
function wikiplugin_tracker($data, $params) { global $user, $group, $page, $prefs; $parserlib = TikiLib::lib('parser'); $trklib = TikiLib::lib('trk'); $userlib = TikiLib::lib('user'); $tikilib = TikiLib::lib('tiki'); $smarty = TikiLib::lib('smarty'); $captchalib = TikiLib::lib('captcha'); static $iTRACKER = 0; ++$iTRACKER; if (isset($params['itemId']) && empty($params['itemId'])) { return; } $smarty->assign('trackerEditFormId', $iTRACKER); $default = array('overwrite' => 'n', 'embedded' => 'n', 'showtitle' => 'n', 'showdesc' => 'n', 'showfieldsdesc' => 'y', 'sort' => 'n', 'showmandatory' => 'y', 'status' => '', 'transactionFinalStep' => 'y', 'registration' => 'n', 'chosenGroup' => 'Registered', 'validateusers' => '', 'emailformat' => 'text'); $params = array_merge($default, $params); $item = array(); extract($params, EXTR_SKIP); if (empty($transactionName) xor empty($transactionStep)) { return '<b>' . tra("You need to define both transaction name and transaction step, or none of the two.") . '</b>'; } else { if (isset($transactionName) && !isset($_SESSION[$transactionName])) { $_SESSION[$transactionName] = array(); } if (isset($transactionStep) && !isset($_SESSION[$transactionName][$transactionStep])) { $_SESSION[$transactionName][$transactionStep] = array(); } if (!isset($_SESSION[$transactionName]['transactionStep'])) { $_SESSION[$transactionName]['transactionStep'] = 0; } if ($_SESSION[$transactionName]['transactionStep'] != $transactionStep) { return; } } if ($prefs['feature_trackers'] != 'y') { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } if (empty($trackerId) || !($definition = Tracker_Definition::get($trackerId))) { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } $tracker = $definition->getInformation(); if (empty($trackerId) && !empty($view) && $view == 'user' && $prefs['userTracker'] == 'y') { // the user tracker item $utid = $userlib->get_tracker_usergroup($user); if (!empty($utid) && !empty($utid['usersTrackerId'])) { $itemId = $trklib->get_item_id($utid['usersTrackerId'], $utid['usersFieldId'], $user); $trackerId = $utid['usersTrackerId']; $usertracker = true; } } elseif (!empty($trackerId) && !empty($view) && $view == 'user') { // the user item of a tracker $itemId = $trklib->get_user_item($trackerId, $tracker, null, null, strlen($status) == 1 ? $status : ''); $usertracker = true; } elseif (!empty($trackerId) && !empty($view) && $view == 'page' && !empty($_REQUEST['page']) && ($f = $trklib->get_page_field($trackerId))) { // the page item $itemId = $trklib->get_item_id($trackerId, $f['fieldId'], $_REQUEST['page']); } elseif (!empty($trackerId) && !empty($_REQUEST['view_user'])) { $itemId = $trklib->get_user_item($trackerId, $tracker, $_REQUEST['view_user']); } elseif (!empty($_REQUEST['itemId']) && (empty($ignoreRequestItemId) || $ignoreRequestItemId != 'y')) { $itemId = $_REQUEST['itemId']; $item = $trklib->get_tracker_item($itemId); $trackerId = $item['trackerId']; } elseif (!empty($view) && $view == 'group') { $gtid = $userlib->get_grouptrackerid($group); if (isset($gtid['groupTrackerId'])) { $trackerId = $gtid['groupTrackerId']; $itemId = $trklib->get_item_id($trackerId, $gtid['groupFieldId'], $group); $grouptracker = true; } } if (!isset($trackerId)) { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } //test for validation errors for registration tracker calls if (isset($_REQUEST['register']) && ($_REQUEST['register'] == 'Register' || $_REQUEST['register'] == 'register')) { $regtracker = $userlib->get_usertrackerid('Registered'); if ($trackerId == $regtracker['usersTrackerId'] && $_REQUEST['valerror'] !== false) { if (is_array($_REQUEST['valerror'])) { foreach ($_REQUEST['valerror'] as $valerror) { if (is_a($valerror, 'RegistrationError')) { return false; break; } } } elseif (is_a($_REQUEST['valerror'], 'RegistrationError')) { return false; } } } if (!isset($action)) { $action = array('Save'); } if (!is_array($action)) { $action = array($action); } $dynamicSave = false; if (count($action) == 1 && reset($action) == 'NONE') { $action = array(); $dynamicSave = true; } if (!isset($action_style)) { $action_style = array(); foreach ($action as $ac) { $action_style[] = 'btn btn-primary'; } } if (isset($preview)) { if (empty($preview)) { $preview = 'Preview'; } } else { unset($_REQUEST['tr_preview']); } if (isset($reset)) { if (empty($reset)) { $reset = 'reset'; } } else { unset($_REQUEST['tr_reset']); } $smarty->assign('showmandatory', empty($wiki) && empty($tpl) ? 'n' : $showmandatory); if (!empty($wiki)) { if (preg_match('/^wiki:(.+)$/', $wiki, $wiki_matches)) { $wiki = $wiki_matches[1]; } $wiki = trim($wiki); } if (!isset($params['formtag'])) { $params['formtag'] = 'y'; } $fields_prefix = 'ins_'; if (isset($values)) { if (!is_array($values)) { $values = $parserlib->quotesplit(':', $values); foreach ($values as $i => $v) { $values[$i] = preg_replace('/^"(.*)"$/', '$1', $v); } } } if (isset($_REQUEST['values'])) { if (is_array($_REQUEST['values'])) { foreach ($_REQUEST['values'] as $i => $k) { $_REQUEST['values'][$i] = urldecode($k); } } else { $_REQUEST['values'] = urldecode($_REQUEST['values']); } } $perms = $tikilib->get_perm_object($trackerId, 'tracker', $tracker, false); if (empty($_SERVER['SCRIPT_NAME']) || strpos($_SERVER['SCRIPT_NAME'], 'tiki-register.php') === false) { if ($perms['tiki_p_create_tracker_items'] == 'n' && empty($itemId)) { return '<b>' . tra("You do not have permission to insert an item") . '</b>'; } elseif (!empty($itemId)) { $item_info = $trklib->get_tracker_item($itemId); if (empty($item_info)) { return '<b>' . tra("Incorrect item") . '</b>'; } $itemObject = Tracker_Item::fromInfo($item_info); if (!$itemObject->canModify()) { return '<b>' . tra("You do not have permission to modify an item") . '</b>'; } } } if (!empty($itemId)) { $logslib = TikiLib::lib('logs'); $logslib->add_action('Viewed', $itemId, 'trackeritem', $_SERVER['REQUEST_URI']); } if (isset($_REQUEST['removeattach']) && $tracker['useAttachments'] == 'y') { $owner = $trklib->get_item_attachment_owner($_REQUEST['removeattach']); if ($perms['tiki_p_admin_trackers'] == 'y' || $user && $user == $owner) { $trklib->remove_item_attachment($_REQUEST["removeattach"]); unset($_REQUEST['removeattach']); } } if (isset($_REQUEST['removeImage']) && !empty($_REQUEST['trackerId']) && !empty($_REQUEST['itemId']) && !empty($_REQUEST['fieldId']) && !empty($_REQUEST['fieldName'])) { $img_field = array('data' => array()); $img_field['data'][] = array('fieldId' => $_REQUEST['fieldId'], 'type' => 'i', 'name' => $_REQUEST['fieldName'], 'value' => 'blank'); $trklib->replace_item($_REQUEST['trackerId'], $_REQUEST['itemId'], $img_field); } $back = ''; $thisIsThePlugin = isset($_REQUEST['iTRACKER']) && $_REQUEST['iTRACKER'] == $iTRACKER; if (!isset($_REQUEST["ok"]) || $_REQUEST["ok"] == "n" || !$thisIsThePlugin || isset($_REQUEST['tr_preview'])) { $field_errors = array('err_mandatory' => array(), 'err_value' => array()); $notificationlib = TikiLib::lib('notification'); $tracker = $trklib->get_tracker($trackerId); $tracker = array_merge($tracker, $trklib->get_tracker_options($trackerId)); if (!empty($tracker['start']) && $tikilib->now < $tracker['start'] || !empty($tracker['end']) && $tikilib->now > $tracker['end']) { return; } $outf = array(); $auto_fieldId = array(); $hidden_fieldId = array(); if (!empty($fields) || !empty($wiki) || !empty($tpl)) { if ($registration == 'y' && $prefs["user_register_prettytracker"] == 'y' && !empty($prefs["user_register_prettytracker_tpl"])) { $registrationlib = TikiLib::lib('registration'); $smarty->assign('listgroups', $registrationlib->merged_prefs['choosable_groups']); $smarty->assign('register_login', $smarty->fetch('register-login.tpl')); $smarty->assign('register_email', $smarty->fetch('register-email.tpl')); $smarty->assign('register_pass', $smarty->fetch('register-pass.tpl')); $smarty->assign('register_pass2', $smarty->fetch('register-pass2.tpl')); $smarty->assign('register_passcode', $smarty->fetch('register-passcode.tpl')); $smarty->assign('register_groupchoice', $smarty->fetch('register-groupchoice.tpl')); if ($prefs['feature_antibot'] == 'y') { $smarty->assign('showantibot', true); $smarty->assign('form', 'register'); $smarty->assign('register_antibot', $smarty->fetch('antibot.tpl')); } $wiki = $prefs["user_register_prettytracker_tpl"]; } if (!empty($wiki)) { $outf = $trklib->get_pretty_fieldIds($wiki, 'wiki', $prettyModifier, $trackerId); } elseif (!empty($tpl)) { $outf = $trklib->get_pretty_fieldIds($tpl, 'tpl', $prettyModifier, $trackerId); } elseif (!empty($fields)) { $outf = $fields; } if (!empty($_REQUEST['autosavefields'])) { $autosavefields = explode(':', $_REQUEST['autosavefields']); $autosavevalues = explode(':', $_REQUEST['autosavevalues']); if (isset($params['autosavefields'])) { $autosavefields = array_merge($autosavefields, $params['autosavefields']); $autosavevalues = array_merge($autosavevalues, $params['autosavevalues']); } } if (!empty($autosavefields)) { $auto_fieldId = array_merge($auto_fieldId, $autosavefields); } foreach ($definition->getFields() as $field) { // User and group on autoassign create/modify if (($user || $registration == 'y' || isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName'])) && ($field['type'] == 'u' || $field['type'] == 'g')) { $autoassign = $field['options_map']['autoassign']; if ($autoassign == 1 || $autoassign == 2) { if ($user) { $hidden_fieldId[] = $field['fieldId']; } $userField = $field['fieldId']; } } // IP and page on autoassign if ($field['type'] == 'I' || $field['type'] == 'k') { $autoassign = $field['options_map']['autoassign']; if ($autoassign == 1) { $hidden_fieldId[] = $field['fieldId']; } } // Auto-increment if ($field['type'] == 'q') { $auto_fieldId[] = $field['fieldId']; } } foreach ($auto_fieldId as $k => $v) { if (empty($v) || in_array($v, $outf)) { unset($auto_fieldId[$k]); } else { $outf[] = $v; } } foreach ($hidden_fieldId as $k => $v) { if (empty($v) || in_array($v, $outf)) { unset($hidden_fieldId[$k]); } else { $outf[] = $v; } } } $definition = Tracker_Definition::get($trackerId); $item_info = isset($item_info) ? $item_info : array(); $factory = $definition->getFieldFactory(); if (empty($item_info)) { $itemObject = Tracker_Item::newItem($trackerId); } elseif (!isset($itemObject)) { $itemObject = Tracker_Item::fromInfo($item_info); } if (empty($outf)) { $unfiltered = array('data' => $definition->getFields()); } else { $unfiltered = array('data' => array()); foreach ($outf as $fieldId) { $unfiltered['data'][] = $definition->getField($fieldId); } } $flds = array('data' => array()); foreach ($unfiltered['data'] as $f) { if ($itemObject->canModifyField($f['fieldId']) || $registration == 'y' && empty($item_info)) { $flds['data'][] = $f; } } // If we create multiple items, get field Ids, default values and separator if (!empty($fieldsfill)) { $fill_fields = $fieldsfill; // Allow for superfluous spaces and ignore them $fill_flds = array('data' => array()); $fill_defaults = array(); $fill_flds_defaults = array(); // May be different from fill_defaults if some fields are not editable $fieldsfillnames = array(); if (trim($fieldsfilldefaults) != '') { $fill_defaults = preg_split('/ *: */', $fieldsfilldefaults); } foreach ($fill_fields as $k => $fieldId) { if ($itemObject->canModifyField($fieldId)) { $tmp = $definition->getField($fieldId); $fill_flds['data'][] = $tmp; if (isset($fill_defaults[$k])) { $fill_flds_defaults[] = $fill_defaults[$k]; } else { $fill_flds_defaults[] = ''; } $fieldsfillnames[] = $tmp['name']; } } $fill_line_cant = count($fill_flds['data']); if ($fieldsfillseparator == '') { $fieldsfillseparator = '|'; } } $bad = array(); $embeddedId = false; $onemandatory = false; $full_fields = array(); $mainfield = ''; if ($thisIsThePlugin) { /* ------------------------------------- Recup all values from REQUEST -------------- */ if (!empty($autosavefields)) { foreach ($autosavefields as $i => $f) { if (!($ff = $trklib->get_field($f, $flds['data']))) { continue; } if (preg_match('/categories\\(([0-9]+)\\)/', $autosavevalues[$i], $matches)) { if (ctype_digit($matches[1]) && $matches[1] > 0) { $filter = array('identifier' => $matches[1], 'type' => 'descendants'); } else { $filter = NULL; } $categlib = TikiLib::lib('categ'); $categs = $categlib->getCategories($filter, true, false); $_REQUEST["{$fields_prefix}{$f}"][] = $categs[0]['categId']; } elseif (preg_match('/preference\\((.*)\\)/', $autosavevalues[$i], $matches)) { $_REQUEST["{$fields_prefix}{$f}"] = $prefs[$matches[1]]; } elseif (isset($transactionName) && preg_match('/#TSTEP\\[(\\d+)\\]\\[(\\d+|name|pass)\\]/', $autosavevalues[$i], $matches)) { $traStep = $matches[1]; $traStepInsField = $matches[2]; if (preg_match('/\\d+/', $matches[2])) { $traStepInsField = "{$fields_prefix}{$traStepInsField}"; } $_REQUEST["{$fields_prefix}{$f}"] = str_replace($matches[0], $_SESSION[$transactionName][$traStep]['request'][$traStepInsField], $autosavevalues[$i]); } elseif ($ff['type'] == 'e') { $_REQUEST["{$fields_prefix}{$f}"][] = $autosavevalues[$i]; } else { if (isset($params['levelupfields']) && in_array($f, $params['levelupfields'])) { $current_levelup_val = $trklib->get_item_value($trackerId, $itemId, $f); if ($autosavevalues[$i] <= $current_levelup_val) { continue; } } $_REQUEST["{$fields_prefix}{$f}"] = $autosavevalues[$i]; } } } if ($registration == 'y' && isset($userField) && isset($_REQUEST['name'])) { $_REQUEST["{$fields_prefix}{$userField}"] = $_REQUEST['name']; } foreach ($flds['data'] as $k => $field) { $handler = $factory->getHandler($field, $item_info); if ($handler) { $value_field = $handler->getFieldData($_REQUEST); $ins_fields['data'][$k] = array_merge($field, $value_field); if (isset($ins_fields['data'][$k]['value'])) { // add ins value into field if creating or editing item $flds['data'][$k] = $ins_fields['data'][$k]; // to keep user input in case of errors (not only value) } } } $cpt = 0; if (isset($fields)) { $fields_plugin = $fields; } if (!isset($itemId) && $tracker['oneUserItem'] == 'y' && $registration != 'y') { $itemId = $trklib->get_user_item($trackerId, $tracker); } if ($embedded == 'y' && isset($_REQUEST['page'])) { $ins_fields["data"][] = array('fieldId' => $embeddedId, 'value' => $_REQUEST['page']); } if (isset($userField) && ($registration == 'y' && isset($_REQUEST['name']) || isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName']))) { $userFieldDef = $definition->getField($userField); if (isset($_REQUEST['name'])) { $userFieldDef['value'] = $_REQUEST['name']; if (isset($_SESSION[$transactionName])) { $_SESSION[$transactionName]['registrationName'] = $_REQUEST['name']; } } elseif (isset($_SESSION[$transactionName]) && isset($_SESSION[$transactionName]['registrationName'])) { $userFieldDef['value'] = $_SESSION[$transactionName]['registrationName']; } $ins_fields['data'][] = $userFieldDef; } $ins_categs = 0; // important: non-array ins_categs means categories should remain unchanged $parent_categs_only = array(); foreach ($ins_fields['data'] as $current_field) { if ($current_field['type'] == 'e' && isset($current_field['selected_categories'])) { if (!is_array($ins_categs)) { $ins_categs = array(); } $ins_categs = array_merge($ins_categs, $current_field['selected_categories']); $parent_categs_only[] = $current_field['options_array'][0]; } } $categorized_fields = $definition->getCategorizedFields(); /* ------------------------------------- End recup all values from REQUEST -------------- */ /* ------------------------------------- Check field values for each type and presence of mandatory ones ------------------- */ $field_errors = $trklib->check_field_values($ins_fields, $categorized_fields, $trackerId, empty($itemId) ? '' : $itemId); if ($prefs['feature_antibot'] === 'y' && $registration === 'y' && isset($_REQUEST['valerror'])) { // in_tracker session var checking is for tiki-register.php if (isset($_REQUEST['valerror'])) { $rve = $_REQUEST['valerror']; if (is_array($rve)) { foreach ($rve as $ve) { if (is_a($ve, 'RegistrationError')) { if (isset($ve->field) && $ve->field == 'antibotcode') { $field_errors['err_antibot'] = 'y'; continue; } } } } elseif (is_a($rve, 'RegistrationError')) { if (isset($rve->field) && $rve->field == 'antibotcode') { $field_errors['err_antibot'] = 'y'; } } } else { if (!$captchalib->validate()) { $field_errors['err_antibot'] = 'y'; } } } // check valid page name for wiki output if requested if (isset($outputtowiki) && !empty($outputwiki)) { $newpagename = ''; foreach ($ins_fields["data"] as $fl) { if ($fl["fieldId"] == $outputtowiki) { $newpagename = $fl["value"]; } if ($fl["type"] == 'F') { $newpagefreetags = $fl["value"]; } $newpagefields[] = $fl["fieldId"]; } if ($newpagename) { if ($prefs['namespace_enabled'] == 'y' && !empty($outputwikinamespace)) { $newpagename = $outputwikinamespace . $prefs['namespace_separator'] . $newpagename; } if ($tikilib->page_exists($newpagename)) { $field_errors['err_outputwiki'] = tra('The page to output the results to already exists. Try another name.'); } $page_badchars_display = TikiLib::lib('wiki')->get_badchars(); if (TikiLib::lib('wiki')->contains_badchars($newName)) { $field_errors['err_outputwiki'] = tr("The page to output the results to contains the following prohibited characters: %0. Try another name.", $page_badchars_display); } } else { unset($outputtowiki); } } if (count($field_errors['err_mandatory']) == 0 && count($field_errors['err_value']) == 0 && empty($field_errors['err_antibot']) && empty($field_errors['err_outputwiki']) && !isset($_REQUEST['tr_preview'])) { if (isset($_REQUEST['status'])) { $status = $_REQUEST['status']; } elseif (isset($newstatus) && ($newstatus == 'o' || $newstatus == 'c' || $newstatus == 'p')) { $status = $newstatus; } elseif (empty($itemId) && isset($tracker['newItemStatus'])) { $status = $tracker['newItemStatus']; } else { $status = ''; } $saveThis = array('trackerId' => $trackerId, 'request' => $_REQUEST, 'chosenGroup' => $chosenGroup, 'registration' => $registration, 'registrationTrackerId' => $registrationTrackerId, 'validateusers' => $validateusers, 'status' => $status, 'ins_fields' => $ins_fields, 'itemId' => $itemId, 'ins_categs' => $ins_categs, 'newItemRate' => $newItemRate); //-- check if we are in a transaction if (isset($transactionName)) { $_SESSION[$transactionName][$transactionStep] = $saveThis; if ($transactionFinalStep == 'y') { //-- final step: commit the transaction of registrations and tracker changes of all the transaction steps foreach ($_SESSION[$transactionName] as $saveStep) { $rid = wikiplugin_tracker_save($saveStep); } unset($_SESSION[$transactionName]); // the tracker transaction can be closed } else { $_SESSION[$transactionName]['transactionStep'] += 1; // switch to the next step } } else { // no transaction is used $rid = wikiplugin_tracker_save($saveThis); } // now for wiki output if desired if (isset($outputtowiki) && !empty($outputwiki)) { // note that values will be raw - that is the limit of the capability of this feature for now $newpageinfo = $tikilib->get_page_info($outputwiki); $wikioutput = $newpageinfo["data"]; $newpagefields = $trklib->get_pretty_fieldIds($outputwiki, 'wiki', $prettyModifier, $trackerId); $tracker_definition = Tracker_Definition::get($trackerId); foreach ($newpagefields as $lf) { $field = $tracker_definition->getField($lf); $lfpermname = $field['permName']; $wikioutput = str_replace('{$f_' . $lf . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput); $wikioutput = str_replace('{$f_' . $lfpermname . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput); } if (isset($registration)) { $wikioutput = str_replace('{$register_login}', $user, $wikioutput); $wikioutput = str_replace('{$register_email}', $_REQUEST['email'], $wikioutput); } $tikilib->create_page($newpagename, 0, $wikioutput, $tikilib->now, '', $user, $tikilib->get_ip_address()); $cat_desc = ''; $cat_type = 'wiki page'; $cat_name = $newpagename; $cat_objid = $newpagename; $cat_href = "tiki-index.php?page=" . urlencode($newpagename); if (count($ins_categs)) { $_REQUEST['cat_categories'] = $ins_categs; $_REQUEST['cat_categorize'] = 'on'; include_once "categorize.php"; } if (isset($newpagefreetags) && $newpagefreetags) { $_REQUEST['freetag_string'] = $newpagefreetags; include_once "freetag_apply.php"; } if ($discarditem == 'y') { $trklib->remove_tracker_item($rid); } elseif ($outputwikirelation == 'y') { TikiLib::lib('relation')->add_relation('tiki.wiki.linkeditem', 'wiki page', $newpagename, 'trackeritem', $rid); TikiLib::lib('relation')->add_relation('tiki.wiki.linkedfield', 'wiki page', $newpagename, 'trackerfield', $outputtowiki); } if (empty($url)) { $wikilib = TikiLib::lib('wiki'); $url[0] = $wikilib->sefurl($newpagename); } } // end wiki output // send emails if email param is set and tracker_always_notify or something was changed (mail_data is set in \TrackerLib::send_replace_item_notifications) if (!empty($email) && ($prefs['tracker_always_notify'] === 'y' || !empty($smarty->getTemplateVars('mail_data')))) { // expose the pretty tracker fields to the email tpls foreach ($flds['data'] as $f) { $prettyout = strip_tags(wikiplugin_tracker_render_value($f, $item)); $smarty->assign('f_' . $f['fieldId'], $prettyout); $smarty->assign('f_' . $f['permName'], $prettyout); } $emailOptions = preg_split("#\\|#", $email); if (is_numeric($emailOptions[0])) { $emailOptions[0] = $trklib->get_item_value($trackerId, $rid, $emailOptions[0]); } if (empty($emailOptions[0])) { // from $emailOptions[0] = $prefs['sender_email']; } if (empty($emailOptions[1])) { // to $emailOptions[1][0] = $prefs['sender_email']; } else { $emailOptions[1] = preg_split('/ *, */', $emailOptions[1]); foreach ($emailOptions[1] as $key => $email) { if (is_numeric($email)) { $emailOptions[1][$key] = $trklib->get_item_value($trackerId, $rid, $email); } } } include_once 'lib/webmail/tikimaillib.php'; $mail = new TikiMail(); $mail->setFrom($emailOptions[0]); if (!empty($emailOptions[2])) { //tpl $emailOptions[2] = preg_split('/ *, */', $emailOptions[2]); foreach ($emailOptions[2] as $ieo => $eo) { if (!preg_match('/\\.tpl$/', $eo)) { $emailOptions[2][$ieo] = $eo . '.tpl'; } $tplSubject[$ieo] = str_replace('.tpl', '_subject.tpl', $emailOptions[2][$ieo]); } } else { $emailOptions[2] = array('tracker_changed_notification.tpl'); } if (empty($tplSubject)) { $tplSubject = array('tracker_changed_notification_subject.tpl'); } $itpl = 0; $smarty->assign('mail_date', $tikilib->now); $smarty->assign('mail_itemId', $rid); foreach ($emailOptions[1] as $ieo => $ueo) { @($mail_data = $smarty->fetch('mail/' . $tplSubject[$itpl])); if (empty($mail_data)) { $mail_data = tra('Tracker was modified at ') . $_SERVER["SERVER_NAME"]; } $mail->setSubject($mail_data); $mail_data = $smarty->fetch('mail/' . $emailOptions[2][$itpl]); if ($emailformat == 'html') { $mail->setHtml($mail_data); } else { $mail->setText($mail_data); } try { $mail->send($ueo); $title = 'mail'; } catch (Zend_Mail_Exception $e) { $title = 'mail error'; } if ($title == 'mail error') { // Log the email error at the tiki syslog $logslib = TikiLib::lib('logs'); $logslib->add_log('mail error', 'plugin tracker email error / ' . $emailOptions[1][$ieo] . ' / item' . $rid); } elseif ($title == 'mail' && $prefs['log_mail'] == 'y') { // Log the email at the tiki syslog $logslib = TikiLib::lib('logs'); $logslib->add_log('mail', 'plugin tracker email sent / ' . $emailOptions[1][$ieo] . ' / item' . $rid); } if (isset($tplSubject[$itpl + 1])) { ++$itpl; } } } if (empty($url)) { if (!empty($_REQUEST['ajax_add'])) { // called by tracker ItemLink fields when adding new list items while (ob_get_level()) { ob_end_clean(); } if ($prefs['feature_obzip'] == 'y') { ob_start('ob_gzhandler'); } else { ob_start(); } // Need to add newly created itemId for item link selector $ins_fields['itemId'] = $rid; $access = TikiLib::lib('access'); $access->output_serialized($ins_fields); ob_end_flush(); die; } else { if (!empty($page)) { $url = "tiki-index.php?page=" . urlencode($page); if (!empty($itemId)) { $url .= "&itemId=" . $itemId; } $url .= "&ok=y&iTRACKER={$iTRACKER}"; $url .= "#wikiplugin_tracker{$iTRACKER}"; TikiLib::lib('access')->redirect($url); exit; } else { return ''; } } } else { $key = 0; foreach ($action as $key => $act) { if (!empty($_REQUEST["action{$key}"])) { break; } } $itemIdPos = strpos($url[$key], 'itemId'); if ($itemIdPos !== false) { if (strstr($url[$key], '#itemId')) { $url[$key] = str_replace('#itemId', $rid, $url[$key]); } else { if ($itemIdPos + strlen('itemId') >= strlen($url[$key]) - 1 || substr($url[$key], $itemIdPos + strlen('itemId'), 1) == "&") { // replace by the itemId if in the end (or -1: for backward compatibility so that "&itemId=" also works) or if it is followed by an '&' $url[$key] = str_replace('itemId', 'itemId=' . $rid, $url[$key]); } } } TikiLib::lib('access')->redirect($url[$key]); exit; } } elseif (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) { $smarty->assign('wikiplugin_tracker', $trackerId); //used in vote plugin } } else { if ((empty($itemId) || $overwrite == 'y') && !empty($values) || (!empty($_REQUEST['values']) and empty($_REQUEST['prefills']))) { // assign default values for each filedId specify if (empty($values)) { // url with values[]=x&values[] witouth the list of fields $values = $_REQUEST['values']; } if (!is_array($values)) { $values = array($values); } if (isset($fields)) { $fl = $fields; for ($j = 0, $count_fl = count($fl); $j < $count_fl; $j++) { for ($i = 0, $count_flds = count($flds['data']); $i < $count_flds; $i++) { if ($flds['data'][$i]['fieldId'] == $fl[$j]) { $flds['data'][$i]['value'] = $values[$j]; } } } } else { // values contains all the fields value in the default order $i = 0; foreach ($values as $value) { $flds['data'][$i++]['value'] = $value; } } } elseif (!empty($itemId)) { if (isset($fields)) { $fl = $fields; $filter = ''; foreach ($flds['data'] as $f) { if (in_array($f['fieldId'], $fl)) { $filter[] = $f; } } } else { $filter =& $flds['data']; } if (!empty($filter)) { foreach ($filter as $f) { $filter2[$f['fieldId']] = $f; } $flds['data'] = $trklib->get_item_fields($trackerId, $itemId, $filter2, $itemUser, true); } // todo: apply the values for fields with no values } else { if (isset($_REQUEST['values']) && isset($_REQUEST['prefills'])) { //url:prefills=1:2&values[]=x&values[]=y if (!is_array($_REQUEST['values'])) { $_REQUEST['values'] = array($_REQUEST['values']); } $fl = preg_split('/:/', $_REQUEST['prefills']); } else { unset($fl); } for ($i = 0, $count_flds2 = count($flds['data']); $i < $count_flds2; $i++) { if (isset($fl) && ($j = array_search($flds['data'][$i]['fieldId'], $fl)) !== false) { $flds['data'][$i]['value'] = $_REQUEST['values'][$j]; } else { // setting default value prevent dropdown default value working $options = $flds['data'][$i]['options_array']; if (!in_array($flds['data'][$i]['type'], array('d', 'D', 'R', 'M')) || count($options) === count(array_unique($options))) { $flds['data'][$i]['value'] = ''; // initialize fields with blank values } } } } } // Check that individual fields are in the tracker if (!empty($fields)) { $fl = $fields; if ($sort == 'y') { $flds = $trklib->sort_fields($flds, $fl); } foreach ($fl as $l) { $ok = false; foreach ($flds['data'] as $f) { if ($f['fieldId'] == $l) { $ok = true; break; } } if (!$ok) { $back .= '<div class="alert alert-warning"><strong>' . tra('Incorrect fieldId:') . ' ' . $l . '</strong>.<br> ' . tra("Please ensure you are using the correct field ID and that it is properly included in the template, if any.") . '</div>'; } } } elseif (empty($fields) && empty($wiki) && empty($tpl)) { // in this case outf still be blank and needs to be filled foreach ($flds['data'] as $f) { $outf[] = $f['fieldId']; } } // Check that multiple fill fields are in the tracker if (!empty($fieldsfill)) { foreach ($fill_fields as $l) { $ok = false; foreach ($fill_flds['data'] as $f) { if ($f['fieldId'] == $l) { $ok = true; break; } } if (!$ok) { $back .= '<div class="alert alert-warning">' . tra('Incorrect fieldId:') . ' ' . $l . '</div>'; } } } // Display warnings when needed if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0) { $back .= $smarty->fetch('tracker_error.tpl'); $_REQUEST['error'] = 'y'; if (count($field_errors['err_mandatory']) > 0) { $msg = tra('Following mandatory fields are missing'); foreach ($field_errors['err_mandatory'] as $err) { $msg .= '<br> ' . $err['name']; } TikiLib::lib('errorreport')->report($msg); } if (count($field_errors['err_value']) > 0) { $msg = tra('Following fields are incorrect'); foreach ($field_errors['err_value'] as $err) { $msg .= '<br> ' . $err['name']; } TikiLib::lib('errorreport')->report($msg); } if ($registration && !empty($userField) && isset($_REQUEST['name']) && $_REQUEST['name'] === $userField['value'] && $_REQUEST['name'] === $user) { // if in registration and creating a user tracker item for the new user // remove the user if they did not complete the tracker correctly $userlib->remove_user($userField['value']); if ($prefs['eponymousGroups'] == 'y') { // eponymous group will contain only this (former) user so remove that too $userlib->remove_group($userField['value']); } $user = ''; // needed to re-include the captcha inputs $hidden_fieldId = array(); // remove hidden user fields which are otherwise required foreach ($flds['data'] as $k => $v) { // remove the login field otherwise it gets rendered in the form also required if ($v['fieldId'] == $userField['fieldId']) { unset($flds['data'][$k]); } } } if (isset($field_errors['err_antibot'])) { $_REQUEST['error'] = 'y'; } if (isset($field_errors['err_outputwiki'])) { $smarty->loadPlugin('smarty_function_icon'); $icon = smarty_function_icon(['name' => 'warning'], $smarty); $back .= '<div class="alert alert-warning">' . $icon . ' '; $back .= $field_errors['err_outputwiki']; $back .= '</div><br />'; $_REQUEST['error'] = 'y'; } if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0 || isset($field_errors['err_antibot']) || isset($field_errors['err_outputwiki'])) { $smarty->assign('input_err', 'y'); } } if (!empty($page)) { $back .= '~np~'; $smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']); } if (!empty($params['_ajax_form_ins_id'])) { $headerlib = TikiLib::lib('header'); $old_js['js'] = $headerlib->js; // of tracker form JS into a function to initialise it when the dialog is created $old_js['jq_onready'] = $headerlib->jq_onready; $headerlib->clear_js(); // so store existing js for later and clear } if ($prefs['feature_jquery'] == 'y' && $prefs['feature_jquery_validation'] == 'y') { $validatorslib = TikiLib::lib('validators'); $customvalidation = ''; $customvalidation_m = ''; if ($registration == 'y') { // email validation $customvalidation .= 'email: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'email: true }, '; $customvalidation_m .= 'email: { email: "' . tra("Invalid email") . '", required: "' . tra("This field is required") . '"}, '; // password validation $customvalidation .= 'pass: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "password", '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $("#pass1").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= 'pass: { required: "' . tra("This field is required") . '"}, '; // password repeat validation $customvalidation .= 'passAgain: { equalTo: "#pass1" }, '; $customvalidation_m .= 'passAgain: { equalTo: "' . tra("Passwords do not match") . '"}, '; // username validation $customvalidation .= 'name: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "username", '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $("#name").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= 'name: { required: "' . tra("This field is required") . '"}, '; if (extension_loaded('gd') && function_exists('imagepng') && function_exists('imageftbbox') && $prefs['feature_antibot'] == 'y' && empty($user) && $prefs['recaptcha_enabled'] != 'y') { // antibot validation $customvalidation .= '"captcha[input]": { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "captcha", '; $customvalidation .= 'parameter: function() { '; $customvalidation .= 'return $("#captchaId").val(); '; $customvalidation .= '}, '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $("#antibotcode").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= '"captcha[input]": { required: "' . tra("This field is required") . '"}, '; } if ($prefs['useRegisterPasscode'] == 'y') { $customvalidation .= 'passcode: { required: true, remote: { url: "validate-ajax.php", type: "post", data: { validator: "passcode", input: function() { return $("#passcode").val(); } } } }, '; $customvalidation_m .= 'passcode: { required: "' . tra("This field is required") . '"}, '; } } $validationjs = $validatorslib->generateTrackerValidateJS($flds['data'], $fields_prefix, $customvalidation, $customvalidation_m); if (!empty($params['_ajax_form_ins_id']) && $params['_ajax_form_ins_id'] === 'group') { $headerlib->add_jq_onready("var ajaxTrackerValidation_group={validation:{" . $validationjs . '};'); // return clean rules and messages object for ajax } else { $smarty->assign('validationjs', $validationjs); $back .= $smarty->fetch('tracker_validator.tpl'); } } if ($params['formtag'] == 'y') { //check if tracker has custom form classes, else default to form-horizontal $formClasses = $tracker['useFormClasses'] == 'y' ? $tracker['formClasses'] : "form-horizontal"; $back .= '<form class="' . $formClasses . '" name="editItemForm' . $iTRACKER . '" id="editItemForm' . $iTRACKER . '" enctype="multipart/form-data" method="post"' . (isset($target) ? ' target="' . $target . '"' : '') . ' action="' . $_SERVER['REQUEST_URI'] . '"><input type="hidden" name="trackit" value="' . $trackerId . '" />'; $back .= '<input type="hidden" name="refresh" value="1" />'; } $back .= '<input type="hidden" name="iTRACKER" value="' . $iTRACKER . '" />'; if (isset($_REQUEST['page'])) { $back .= '<input type="hidden" name="page" value="' . $_REQUEST["page"] . '" />'; } // for registration if (isset($_REQUEST['name'])) { $back .= '<input type="hidden" name="name" value="' . $_REQUEST["name"] . '" />'; } if (isset($_REQUEST['pass'])) { $back .= '<input type="hidden" name="pass" value="' . $_REQUEST["pass"] . '" />'; $back .= '<input type="hidden" name="passAgain" value="' . $_REQUEST["pass"] . '" />'; } if (isset($_REQUEST['email'])) { $back .= '<input type="hidden" name="email" value="' . $_REQUEST["email"] . '" />'; } if (isset($_REQUEST['antibotcode'])) { $back .= '<input type="hidden" name="antibotcode" value="' . $_REQUEST["antibotcode"] . '" />'; } if (isset($_REQUEST['chosenGroup'])) { // for registration $back .= '<input type="hidden" name="chosenGroup" value="' . $_REQUEST["chosenGroup"] . '" />'; } if (isset($_REQUEST['register'])) { $back .= '<input type="hidden" name="register" value="' . $_REQUEST["register"] . '" />'; } if ($showtitle == 'y') { $back .= '<div class="h1">' . $tracker["name"] . '</div>'; } if ($showdesc == 'y' && $tracker['description']) { if ($tracker['descriptionIsParsed'] == 'y') { $back .= '<div class="wikitext">' . $tikilib->parse_data($tracker['description']) . '</div><br />'; } else { $back .= '<div class="wikitext">' . tra($tracker["description"]) . '</div><br />'; } } if (isset($_REQUEST['tr_preview'])) { // use for the computed and join fields $assocValues = array(); $assocNumerics = array(); foreach ($flds['data'] as $f) { if (empty($f['value']) && ($f['type'] == 'u' || $f['type'] == 'g' || $f['type'] == 'I') && ($f['options_array'][0] == '1' || $f['options_array'][0] == '2')) { //need to fill the selector fields for the join $f['value'] = $f['type'] == 'I' ? $tikilib->get_ip_address() : ($f['type'] == 'g' ? $group : $user); } $assocValues[$f['fieldId']] = $f['value']; $assocNumerics[$f['fieldId']] = preg_replace('/[^0-9\\.\\+]/', '', $f['value']); // get rid off the $ and such unit } } if (!empty($itemId)) { $item = array('itemId' => $itemId, 'trackerId' => $trackerId); } else { $item = array('itemId' => ''); } foreach ($flds['data'] as $i => $f) { // collect additional infos if (in_array($f['fieldId'], $outf)) { $flds['data'][$i]['ins_id'] = $f['type'] == 'e' ? 'ins_' . $f['fieldId'] : $fields_prefix . $f['fieldId']; if (($f['isHidden'] == 'c' || $f['isHidden'] == 'p') && !empty($itemId) && !isset($item['creator'])) { $item['creator'] = $trklib->get_item_creator($trackerId, $itemId); } } } if (!empty($showstatus) && $showstatus == 'y') { $status_types = $trklib->status_types(); $smarty->assign_by_ref('status_types', $status_types); $smarty->assign('form_status', 'status'); $smarty->assign_by_ref('tracker', $tracker); if (!empty($item_info)) { $smarty->assign_by_ref('item', $item_info); } $status_input = $smarty->fetch('tracker_status_input.tpl'); } $labelclass = 'col-md-3'; $inputclass = 'col-md-9'; $buttonclass = 'col-md-9 col-md-offset-3'; if ($registration == "y") { $back .= '<input type="hidden" name="register" value="Register">'; $labelclass = 'col-md-4 col-sm-3'; $inputclass = 'col-md-4 col-sm-6'; $buttonclass = 'col-md-8 col-md-offset-4'; } // Loop on tracker fields and display form if (empty($tpl) && empty($wiki)) { $back .= '<div class="wikiplugin_tracker">'; if (!empty($showstatus) && $showstatus == 'y') { $back .= '<div class="alert alert-info">' . tra('Status') . $status_input . '</div>'; // <tr><td>'.tra('Status').'</td><td>'.$status_input.'</td></tr> } if ($registration == 'y' && $prefs["user_register_prettytracker"] != 'y') { $back .= $smarty->fetch('register-form.tpl'); } } else { $back .= '<div class="wikiplugin_tracker">'; if (!empty($showstatus) && $showstatus == 'y') { $smarty->assign_by_ref('f_status_input', $status_input); } } $backLength0 = strlen($back); foreach ($flds['data'] as $f) { if (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $hidden_fieldId)) { // Show in hidden form $back .= '<span style="display:none;">' . wikiplugin_tracker_render_input($f, $item, $dynamicSave) . '</span>'; } elseif (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $outf)) { if ($showmandatory == 'y' and $f['isMandatory'] == 'y') { $onemandatory = true; } if ($f['type'] == 'A') { $smarty->assign_by_ref('tiki_p_attach_trackers', $perms['tiki_p_attach_trackers']); } if (!empty($tpl) || !empty($wiki)) { if ($prettyModifier[$f['fieldId']] == "output") { //check if modifier is set to "output" ( set in getPrettyFieldIds() in trackerlib ) $prettyout = '<span class="outputPretty" id="track_' . $f['fieldId'] . '" name="track_' . $f['fieldId'] . '">' . wikiplugin_tracker_render_value($f, $item) . '</span>'; $smarty->assign('f_' . $f['fieldId'], $prettyout); $smarty->assign('f_' . $f['permName'], $prettyout); } else { $mand = ($showmandatory == 'y' and $f['isMandatory'] == 'y') ? " <strong class='mandatory_star'>*</strong> " : ''; if (!empty($f['description'])) { $desc = $f['descriptionIsParsed'] == 'y' ? $tikilib->parse_data($f['description']) : tra($f['description']); $desc = '<div class="trackerplugindesc">' . $desc . '</div>'; } else { $desc = ''; } if (!empty($prettyModifier[$f['fieldId']])) { // check if a template was specified in prettyModifier $smarty->assign("field_name", $f['name']); $smarty->assign("field_id", $f['fieldId']); $smarty->assign("permname", $f['permName']); $smarty->assign("mandatory_sym", $mand); $smarty->assign("field_input", wikiplugin_tracker_render_input($f, $item, $dynamicSave)); $smarty->assign("description", $desc); $smarty->assign("field_type", $f['type']); $prettyout = $smarty->fetch($prettyModifier[$f['fieldId']]); //fetch template identified in prettyModifier } else { $prettyout = wikiplugin_tracker_render_input($f, $item, $dynamicSave) . $mand . $desc; } $smarty->assign('f_' . $f['fieldId'], $prettyout); $smarty->assign('f_' . $f['permName'], $prettyout); } } else { $back .= '<div class="form-group tracker_input_label"'; // <tr><td class="tracker_input_label" // If type is has a samerow param and samerow is "No", show text on one line and the input field on the next $isTextOnSameRow = true; switch ($f['type']) { case 't': // Text field // Text field case 'n': // Numeric field // Numeric field case 'b': // Currency if (empty($f['options_array']) || isset($f['options_array']['0']) && strlen($f['options_array']['0']) == 0) { // Use default // Pending: Unable to locate the object to check to determine the default (in the tracker field definitions). Hardcode true. Arild $isTextOnSameRow = true; } else { $isTextOnSameRow = intval($f['options_array']['0']) == 0 ? false : true; } break; case 'a': // Text area $isTextOnSameRow = true; if (isset($f['options_array']['8'])) { if (empty($f['options_array']) || isset($f['options_array']['8']) && strlen($f['options_array']['8']) == 0) { // Use default // Pending: Unable to locate the object to check to determine the default (in the tracker field definitions). Hardcode true. Arild $isTextOnSameRow = true; } else { $isTextOnSameRow = intval($f['options_array']['8']) == 0 ? false : true; } } break; } if (!empty($colwidth)) { $back .= " width='" . $colwidth . "'"; } $back .= '><label class="' . $labelclass . ' control-label" for="' . $f['ins_id'] . '">' . wikiplugin_tracker_name($f['fieldId'], tra($f['name']), $field_errors); // if ($showmandatory == 'y' and $f['isMandatory'] == 'y' && $registration != 'y') { $back .= " <strong class='mandatory_star'>*</strong> "; } $back .= '</label>'; // If use different lines, add a line break. // Otherwise a new column if (!$isTextOnSameRow) { $back .= "<br/>"; } else { $back .= '<div class="' . $inputclass . ' tracker_input_value tracker_field' . $f['fieldId'] . '">'; // '</td><td class="tracker_input_value">'; } $back .= wikiplugin_tracker_render_input($f, $item, $dynamicSave) . "</div>"; // chibaguy added /divs if ($showmandatory == 'y' and $f['isMandatory'] == 'y' && $registration == 'y') { $back .= '<div class="col-md-1 col-sm-1"><span class="text-danger tips" title=":' . tra('This field is mandatory') . '">*</span></div>'; } if ($isTextOnSameRow) { $back .= '</div>'; } } if ($f['type'] != 'S' && empty($tpl) && empty($wiki)) { if ($showfieldsdesc == 'y') { $back .= '<div class="form-group tracker-help-block"><div class="' . $labelclass . ' control-label sr-only">Label</div><div class="' . $inputclass . ' trackerplugindesc help-block">'; if ($f['descriptionIsParsed'] == 'y') { $back .= $tikilib->parse_data($f['description']); } else { $back .= tra($f['description']); } $back .= '</div></div>'; } } } } if (isset($params['fieldsfill']) && !empty($params['fieldsfill']) && empty($itemId)) { // $back.= '<tr><td><label for="ins_fill">' . tra("Create multiple items (one per line).") . '</label>'; $back .= '<div class="form-group"><label class="col-md-3" for="ins_fill">' . tra("Insert one item per line:") . '<br />' . '<br />' . '<br />' . '</label>'; $back .= <<<FILL // </td><td> <input type="hidden" value="" name="mode_wysiwyg"/> <input type="hidden" value="" name="mode_normal"/> <div class="edit-zone"> <textarea id="ins_fill" class="wikiedit class="form-control" data-syntax="" data-codemirror="" onkeyup="" rows="15" name="ins_fill" > </textarea> </div> <input type="hidden" value="n" name="wysiwyg"/> <div name="ins_fill_desc" class="trackerplugindesc" > FILL; $back .= sprintf(tra('Each line is a list of %d field values separated with: %s'), $fill_line_cant, htmlspecialchars($fieldsfillseparator)); $back .= '</div><div name="ins_fill_desc2" class="trackerplugindesc" >' . htmlspecialchars(implode($fieldsfillseparator, $fieldsfillnames)); $back .= '</div>'; // $back .= '</td></tr>'; } if ($prefs['feature_antibot'] == 'y' && (empty($user) || !empty($user) && isset($_REQUEST['error']) && $_REQUEST['error'] == 'y')) { $smarty->assign('showantibot', true); } if (!empty($tpl)) { $smarty->security = true; $back .= $smarty->fetch($tpl); } elseif (!empty($wiki)) { $smarty->security = true; if ($tikilib->page_exists($wiki)) { $back .= $smarty->fetch('wiki:' . $wiki); } else { $back .= '<span class="alert-warning">' . tr('Missing wiki template page "%0"', htmlspecialchars($wiki)) . '</span>'; } } $smarty->assign('showmandatory', $showmandatory); if ($prefs['feature_antibot'] == 'y' && empty($user) && (!isset($transactionStep) || $transactionStep == 0) && $params['formtag'] != 'n' && ($registration != 'y' || $prefs["user_register_prettytracker"] != 'y')) { // in_tracker session var checking is for tiki-register.php $smarty->assign('antibot_table', empty($wiki) && empty($tpl) ? 'n' : 'y'); $captchalib = TikiLib::lib('captcha'); $smarty->assign('captchalib', $captchalib); if ($registration == 'y') { $smarty->assign('form', 'register'); } $back .= $smarty->fetch('antibot.tpl'); } $back .= '</div>'; if ($params['formtag'] == 'y') { if (empty($wiki) && empty($tpl)) { $back .= '<div class="form-group"><div class="input_submit_container btn-bar ' . $buttonclass . '">'; } else { $back .= '<div class="form-group"><div class="input_submit_container btn-bar">'; } if (!empty($reset)) { $back .= '<input class="button submit preview" type="reset" name="tr_reset" value="' . tra($reset) . '" />'; } if (!empty($preview)) { $back .= '<input class="btn btn-default button submit preview" type="submit" name="tr_preview" value="' . tra($preview) . '" />'; } foreach ($action as $key => $act) { $back .= '<input class="button submit ' . $action_style[$key] . '" type="submit" name="action' . $key . '" value="' . tra($act) . '" onclick="needToConfirm=false" />'; } $back .= '</div></div>'; } if ($showmandatory == 'y' and $onemandatory) { if (empty($wiki) && empty($tpl)) { $back .= "<div class='form-group'><div class='" . $buttonclass . "'><div class='text-center alert alert-danger'><em>" . tra("Fields marked with an * are mandatory.") . "</em></div></div></div>"; } else { $back .= "<div class='form-group'><div class='text-center alert alert-danger'><em>" . tra("Fields marked with an * are mandatory.") . "</em></div></div>"; } } if ($params['formtag'] == 'y') { $back .= '</form>'; } if (!empty($params['_ajax_form_ins_id'])) { // save new js in a function for the form init fn $headerlib->add_js(' var ajaxTrackerFormInit_' . $params['_ajax_form_ins_id'] . ' = function() {' . $headerlib->output_js(false) . '}', 10); // put back the pre-existing js $headerlib->js = array_merge($headerlib->js, $old_js['js']); $headerlib->jq_onready = array_merge($headerlib->jq_onready, $old_js['jq_onready']); } if (!empty($page)) { $back .= '~/np~'; } $smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']); return $back; } else { if (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) { $smarty->assign('wikiplugin_tracker', $trackerId); } //used in vote plugin $id = ' id="wikiplugin_tracker' . $iTRACKER . '"'; if ($showtitle == 'y') { $back .= '<div class="h1"' . $id . '>' . $tracker["name"] . '</div>'; $id = ''; } if ($showdesc == 'y') { $back .= '<div class="wikitext"' . $id . '>' . $tracker["description"] . '</div><br />'; $id = ''; } $back .= "<div{$id}>" . $data . '</div>'; return $back; } }
$body = $body . $info['data']; } $tikilib->update_page($page, $body, "Created from " . $acc["account"], $aux["sender"]["user"], '0.0.0.0', '', 0, '', $parsed_data['is_html'], '', null, $parsed_data['wysiwyg']); $errorMsg = "Page: {$page} has been updated by email: " . $fromEmail . "<br />"; $logslib->add_log('mailin', mailin_preplog($errorMsg), $logUser); $content .= $errorMsg; $hasError = false; } } } } else { ////////////// // Invalid mail-in type ////////////////////////////////////////////////////////////////////////////////// $mail = new TikiMail(); $mail->setFrom($acc["account"]); $l = $prefs['language']; $mail_data = $smarty->fetchLang($l, "mail/mailin_help_subject.tpl"); $mail->setSubject($mail_data); $smarty->assign('subject', $output['header']['subject']); $mail_data = $smarty->fetchLang($l, "mail/mailin_help.tpl"); $mail->setText($mail_data); if ($acc['respond_email'] === 'y') { $res = $mail->send(array($email_from), 'mail'); $content .= "Help response sent<br />"; } else { $content .= "Response by email is disabled<br />"; } $errorMsg = "Invalid mail-in type"; $logslib->add_log('mailin', mailin_preplog($errorMsg), $logUser); }
foreach ($users as $us) { $userEmail = $us["login"]; $email = $us["email"]; if ($email == "") { $errors[] = array("user" => $userEmail, "email" => ""); continue; } if ($userEmail == "") { $userEmail = $userlib->get_user_by_email($email); } if ($userEmail) { $mail->setUser($userEmail); } else { $userEmail = ''; } $mail->setFrom($sender_email); $mail->setSubject($_REQUEST["subject"]); // htmlMimeMail memorised the encoded subject $languageEmail = !$userEmail ? $prefs['site_language'] : $tikilib->get_user_preference($userEmail, "language", $prefs['site_language']); if ($nl_info["unsubMsg"] == 'y') { $unsubmsg = $nllib->get_unsub_msg($_REQUEST["nlId"], $email, $languageEmail, $us["code"], $userEmail); if (stristr($html, "</body>") === false) { $msg = $html . nl2br($unsubmsg); } else { $msg = str_replace("</body>", nl2br($unsubmsg) . "</body>", $html); } } else { $msg = $html; } $mail->setHtml($msg, $txt . strip_tags($unsubmsg)); $mail->buildMessage();
/** \brief send the email notifications dealing with the forum changes to * \brief outbound address + admin notification addresses / forum admin email + watching users addresses * \param $event = 'forum_post_topic' or 'forum_post_thread' * \param $object = forumId watch if forum_post_topic or topicId watch if forum_post_thread * \param $threadId = topicId if forum_post_thread * \param $title of the message * \param $topicName name of the parent topic */ function sendForumEmailNotification($event, $object, $forum_info, $title, $data, $author, $topicName, $messageId = '', $inReplyTo = '', $threadId, $parentId, $contributions = '', $postId = '') { global $tikilib, $prefs, $smarty, $userlib; // Per-forum From address overrides global default. if ($forum_info['outbound_from']) { $author = $userlib->clean_user($author); $my_sender = '"' . "{$author}" . '" <' . $forum_info['outbound_from'] . '>'; } else { $my_sender = $prefs['sender_email']; } //outbound email -> will be sent in utf8 - from sender_email if ($forum_info['outbound_address']) { include_once 'lib/webmail/tikimaillib.php'; $mail = new TikiMail(); $mail->setSubject($title); if (!empty($forum_info['outbound_mails_reply_link']) && $forum_info['outbound_mails_reply_link'] == 'y') { $foo = parse_url($_SERVER["REQUEST_URI"]); $machine = $tikilib->httpPrefix(true) . dirname($foo["path"]); if ($event == 'forum_post_topic') { $reply_link = "{$machine}/tiki-view_forum_thread.php?forumId=" . $forum_info['forumId'] . "&comments_parentId={$threadId}#form"; } else { $reply_link = "{$machine}/tiki-view_forum_thread.php?forumId=" . $forum_info['forumId'] . "&comments_reply_threadId={$object}&comments_parentId={$threadId}&post_reply=1#form"; } } else { $reply_link = ''; } $smarty->assign('title', $title); $smarty->assign('data', $data); $smarty->assign('reply_link', $reply_link); $smarty->assign('author', $author); $mail_data = $smarty->fetch("mail/forum_outbound.tpl"); $mail->setText($mail_data); $mail->setReplyTo($my_sender); $mail->setFrom($my_sender); $mail->setSubject($topicName); if ($inReplyTo) { $mail->setHeader("In-Reply-To", "<" . $inReplyTo . ">"); } global $commentslib; $attachments = $commentslib->get_thread_attachments($event == 'forum_post_topic' ? $threadId : $object, 0); if (count($attachments) > 0) { foreach ($attachments as $att) { $att_data = $commentslib->get_thread_attachment($att['attId']); if ($att_data['dir'] . $att_data['path'] == "") { // no path to file on disk $file = $att_data['data']; // read file from database } else { $file = $mail->getFile($att_data['dir'] . $att_data['path']); // read file from disk } $mail->addAttachment($file, $att_data['filename'], $att_data['filetype']); } } // Message-ID is set below buildMessage because otherwise lib/webmail/htmlMimeMail.php will over-write it. $mail->setHeader("Message-ID", "<" . $messageId . ">"); $mail->send(array($forum_info['outbound_address'])); } $nots = array(); $defaultLanguage = $prefs['site_language']; // Users watching this forum or this post if ($prefs['feature_user_watches'] == 'y' || $prefs['feature_group_watches'] == 'y') { $nots_raw = $tikilib->get_event_watches($event, $event == 'forum_post_topic' ? $forum_info['forumId'] : $threadId, $forum_info); $nots = array(); $users = array(); foreach ($nots_raw as $n) { if ($n['user'] != $author && !in_array($n['user'], $users)) { // make sure user receive only one notification even if he is monitoring both the topic and thread $n['language'] = $tikilib->get_user_preference($n['user'], "language", $defaultLanguage); $nots[] = $n; $users[] = $n['user']; } } } // Special forward address //TODO: merge or use the admin notification feature if ($forum_info["useMail"] == 'y') { $not['email'] = $forum_info['mail']; if ($not['user'] = $userlib->get_user_by_email($forum_info['mail'])) { $not['language'] = $tikilib->get_user_preference($not['user'], "language", $defaultLanguage); } else { $not['language'] = $defaultLanguage; } $nots[] = $not; } if ($prefs['feature_user_watches'] == 'y' && $prefs['feature_daily_report_watches'] == 'y') { $reportsManager = Reports_Factory::build('Reports_Manager'); $reportsManager->addToCache($nots, array("event" => $event, "forumId" => $forum_info['forumId'], "forumName" => $forum_info['name'], "topicId" => $threadId, "threadId" => $postId, "threadName" => $topicName, "user" => $author)); } if (count($nots)) { include_once 'lib/webmail/tikimaillib.php'; $smarty->assign('mail_forum', $forum_info["name"]); $smarty->assign('mail_title', $title); $smarty->assign('mail_date', $tikilib->now); $smarty->assign('mail_message', $data); $smarty->assign('mail_author', $author); if ($prefs['feature_contribution'] == 'y' && !empty($contributions)) { global $contributionlib; include_once 'lib/contribution/contributionlib.php'; $smarty->assign('mail_contributions', $contributionlib->print_contributions($contributions)); } $foo = parse_url($_SERVER["REQUEST_URI"]); $machine = $tikilib->httpPrefix(true) . dirname($foo["path"]); $machine = preg_replace("!/\$!", "", $machine); // just incase $smarty->assign('mail_machine', $machine); $smarty->assign('forumId', $forum_info["forumId"]); if ($event == "forum_post_topic") { $smarty->assign('new_topic', 'y'); } else { $smarty->assign('threadId', $object); } $smarty->assign('topicId', $threadId); $smarty->assign('mail_topic', $topicName); foreach ($nots as $not) { $mail = new TikiMail(); $mail->setUser($not['user']); $mail_data = $smarty->fetchLang($not['language'], "mail/user_watch_forum_subject.tpl"); $mail->setSubject($mail_data); $mail_data = $smarty->fetchLang($not['language'], "mail/forum_post_notification.tpl"); $mail->setText($mail_data); $mail->send(array($not['email'])); } } }
if (empty($errors)) { include_once 'lib/webmail/tikimaillib.php'; $smarty->assign_by_ref('mail_site', $_SERVER['SERVER_NAME']); if (isset($_REQUEST['report']) && $_REQUEST['report'] == 'y') { $subject = tra('Report to the webmaster', $prefs['site_language']); } else { $subject = $smarty->fetch('mail/tellAFriend_subject.tpl'); } // Generate once, unless token is required, in which case, regenrate per-message if ($prefs['auth_token_tellafriend'] != 'y' || $prefs['auth_token_access'] != 'y' || !isset($_POST['share_access'])) { $txt = $smarty->fetch('mail/tellAFriend.tpl'); } $ok = true; foreach ($emails as $email) { $mail = new TikiMail(); $mail->setFrom($from); $mail->setReplyTo($from); $mail->setSubject($subject); if ($prefs['auth_token_tellafriend'] == 'y' && $prefs['auth_token_access'] == 'y' && isset($_POST['share_access'])) { require_once 'lib/auth/tokens.php'; $tokenlib = AuthTokens::build($prefs); $url_for_friend = $tokenlib->includeToken($url_for_friend, $globalperms->getGroups()); $smarty->assign('url_for_friend', $url_for_friend); $txt = $smarty->fetch('mail/tellAFriend.tpl'); } $mail->setText($txt); $ok = $ok && $mail->send(array($email)); } if ($ok) { $access->redirect($_REQUEST['url'], tra('Your link was sent.')); } else {
function wikiplugin_tracker($data, $params) { global $tikilib, $userlib, $user, $group, $page, $smarty, $prefs, $trklib, $captchalib; $parserlib = TikiLib::lib('parser'); static $iTRACKER = 0; ++$iTRACKER; if (isset($params['itemId']) && empty($params['itemId'])) { return; } include_once 'lib/trackers/trackerlib.php'; $default = array('overwrite' => 'n', 'embedded' => 'n', 'showtitle' => 'n', 'showdesc' => 'n', 'sort' => 'n', 'showmandatory' => 'y', 'status' => '', 'registration' => 'n', 'emailformat' => 'text'); $params = array_merge($default, $params); $item = array(); extract($params, EXTR_SKIP); if ($prefs['feature_trackers'] != 'y') { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } if (empty($trackerId) || !($tracker = $trklib->get_tracker($trackerId))) { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } if ($t = $trklib->get_tracker_options($trackerId)) { $tracker = array_merge($tracker, $t); } if (empty($trackerId) && !empty($view) && $view == 'user' && $prefs['userTracker'] == 'y') { // the user tracker item $utid = $userlib->get_tracker_usergroup($user); if (!empty($utid) && !empty($utid['usersTrackerId'])) { $itemId = $trklib->get_item_id($utid['usersTrackerId'], $utid['usersFieldId'], $user); $trackerId = $utid['usersTrackerId']; $usertracker = true; } } elseif (!empty($trackerId) && !empty($view) && $view == 'user') { // the user item of a tracker $itemId = $trklib->get_user_item($trackerId, $tracker, null, null, strlen($status) == 1 ? $status : ''); $usertracker = true; } elseif (!empty($trackerId) && !empty($view) && $view == 'page' && !empty($_REQUEST['page']) && (($f = $trklib->get_field_id_from_type($trackerId, 'k', '1%')) || ($f = $trklib->get_field_id_from_type($trackerId, 'k', '%,1%')) || ($f = $trklib->get_field_id_from_type($trackerId, 'k')))) { // the page item $itemId = $trklib->get_item_id($trackerId, $f, $_REQUEST['page']); } elseif (!empty($trackerId) && !empty($_REQUEST['view_user'])) { $itemId = $trklib->get_user_item($trackerId, $tracker, $_REQUEST['view_user']); } elseif (!empty($_REQUEST['itemId']) && (empty($ignoreRequestItemId) || $ignoreRequestItemId != 'y')) { $itemId = $_REQUEST['itemId']; $item = $trklib->get_tracker_item($itemId); $trackerId = $item['trackerId']; } elseif (!empty($view) && $view == 'group') { $gtid = $userlib->get_grouptrackerid($group); if (isset($gtid['groupTrackerId'])) { $trackerId = $gtid['groupTrackerId']; $itemId = $trklib->get_item_id($trackerId, $gtid['groupFieldId'], $group); $grouptracker = true; } } if (!isset($trackerId)) { return $smarty->fetch("wiki-plugins/error_tracker.tpl"); } //test registration passcode if used and if this is the user tracker being called during a registration if ($prefs['useRegisterPasscode'] == 'y' && !empty($prefs['registerPasscode']) && isset($_REQUEST['register']) && $_REQUEST['register'] == 'Register') { $regtracker = $userlib->get_usertrackerid('Registered'); if ($trackerId == $regtracker['usersTrackerId'] && $_REQUEST['passcode'] != $prefs['registerPasscode']) { return false; } } if (!isset($action)) { $action = array('Save'); } if (!is_array($action)) { $action = array($action); } $dynamicSave = false; if (count($action) == 1 && reset($action) == 'NONE') { $action = array(); $dynamicSave = true; } if (isset($preview)) { if (empty($preview)) { $preview = 'Preview'; } } else { unset($_REQUEST['tr_preview']); } if (isset($reset)) { if (empty($reset)) { $reset = 'reset'; } } else { unset($_REQUEST['tr_reset']); } $smarty->assign('showmandatory', empty($wiki) && empty($tpl) ? 'n' : $showmandatory); if (!empty($wiki)) { if (preg_match('/^wiki:(.+)$/', $wiki, $wiki_matches)) { $wiki = $wiki_matches[1]; } $wiki = trim($wiki); } if (!isset($params['formtag'])) { $params['formtag'] = 'y'; } $fields_prefix = 'ins_'; if (isset($values)) { if (!is_array($values)) { $values = $parserlib->quotesplit(':', $values); foreach ($values as $i => $v) { $values[$i] = preg_replace('/^"(.*)"$/', '$1', $v); } } } if (isset($_REQUEST['values'])) { if (is_array($_REQUEST['values'])) { foreach ($_REQUEST['values'] as $i => $k) { $_REQUEST['values'][$i] = urldecode($k); } } else { $_REQUEST['values'] = urldecode($_REQUEST['values']); } } $perms = $tikilib->get_perm_object($trackerId, 'tracker', $tracker, false); if (empty($_SERVER['SCRIPT_NAME']) || strpos($_SERVER['SCRIPT_NAME'], 'tiki-register.php') === false) { if ($perms['tiki_p_create_tracker_items'] == 'n' && empty($itemId)) { return '<b>' . tra("You do not have permission to insert an item") . '</b>'; } elseif (!empty($itemId)) { $item_info = $trklib->get_tracker_item($itemId); if (empty($item_info)) { return '<b>' . tra("Incorrect item") . '</b>'; } $itemObject = Tracker_Item::fromInfo($item_info); if (!$itemObject->canModify()) { return '<b>' . tra("You do not have permission to modify an item") . '</b>'; } } } if (!empty($itemId)) { global $logslib; include_once 'lib/logs/logslib.php'; $logslib->add_action('Viewed', $itemId, 'trackeritem', $_SERVER['REQUEST_URI']); } if (isset($_REQUEST['removeattach']) && $tracker['useAttachments'] == 'y') { $owner = $trklib->get_item_attachment_owner($_REQUEST['removeattach']); if ($perms['tiki_p_admin_trackers'] == 'y' || $user && $user == $owner) { $trklib->remove_item_attachment($_REQUEST["removeattach"]); unset($_REQUEST['removeattach']); } } if (isset($_REQUEST['removeImage']) && !empty($_REQUEST['trackerId']) && !empty($_REQUEST['itemId']) && !empty($_REQUEST['fieldId']) && !empty($_REQUEST['fieldName'])) { $img_field = array('data' => array()); $img_field['data'][] = array('fieldId' => $_REQUEST['fieldId'], 'type' => 'i', 'name' => $_REQUEST['fieldName'], 'value' => 'blank'); $trklib->replace_item($_REQUEST['trackerId'], $_REQUEST['itemId'], $img_field); } $back = ''; $thisIsThePlugin = isset($_REQUEST['iTRACKER']) && $_REQUEST['iTRACKER'] == $iTRACKER; if (!isset($_REQUEST["ok"]) || $_REQUEST["ok"] == "n" || !$thisIsThePlugin || isset($_REQUEST['tr_preview'])) { $field_errors = array('err_mandatory' => array(), 'err_value' => array()); global $notificationlib; include_once 'lib/notifications/notificationlib.php'; $tracker = $trklib->get_tracker($trackerId); $tracker = array_merge($tracker, $trklib->get_tracker_options($trackerId)); if (!empty($tracker['start']) && $tikilib->now < $tracker['start'] || !empty($tracker['end']) && $tikilib->now > $tracker['end']) { return; } $outf = array(); $auto_fieldId = array(); $hidden_fieldId = array(); if (!empty($fields) || !empty($wiki) || !empty($tpl)) { if ($registration == 'y' && $prefs["user_register_prettytracker"] == 'y' && !empty($prefs["user_register_prettytracker_tpl"])) { $registrationlib = TikiLib::lib('registration'); $smarty->assign('listgroups', $registrationlib->merged_prefs['choosable_groups']); $smarty->assign('register_login', $smarty->fetch('register-login.tpl')); $smarty->assign('register_email', $smarty->fetch('register-email.tpl')); $smarty->assign('register_pass', $smarty->fetch('register-pass.tpl')); $smarty->assign('register_pass2', $smarty->fetch('register-pass2.tpl')); $smarty->assign('register_passcode', $smarty->fetch('register-passcode.tpl')); $smarty->assign('register_groupchoice', $smarty->fetch('register-groupchoice.tpl')); if ($prefs['feature_antibot'] == 'y') { $smarty->assign('showantibot', true); $smarty->assign('register_antibot', $smarty->fetch('antibot.tpl')); } $wiki = $prefs["user_register_prettytracker_tpl"]; } if (!empty($wiki)) { $outf = $trklib->get_pretty_fieldIds($wiki, 'wiki', $outputPretty); } elseif (!empty($tpl)) { $outf = $trklib->get_pretty_fieldIds($tpl, 'tpl', $outputPretty); } elseif (!empty($fields)) { $outf = $fields; } if (!empty($_REQUEST['autosavefields'])) { $autosavefields = explode(':', $_REQUEST['autosavefields']); $autosavevalues = explode(':', $_REQUEST['autosavevalues']); if (isset($params['autosavefields'])) { $autosavefields = array_merge($autosavefields, $params['autosavefields']); $autosavevalues = array_merge($autosavevalues, $params['autosavevalues']); } } if (!empty($autosavefields)) { $auto_fieldId = array_merge($auto_fieldId, $autosavefields); } if ($user) { $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'u', '1%'); // user owner $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'u', '2%'); // user modifier $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'g', '1%'); // owner group $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'g', '2%'); // owner modifier } $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'I', '1%'); // IP auto-assign $hidden_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'k', '1%'); // page creator $auto_fieldId[] = $trklib->get_field_id_from_type($trackerId, 'q'); // auto-increment foreach ($auto_fieldId as $k => $v) { if (empty($v) || in_array($v, $outf)) { unset($auto_fieldId[$k]); } else { $outf[] = $v; } } foreach ($hidden_fieldId as $k => $v) { if (empty($v) || in_array($v, $outf)) { unset($hidden_fieldId[$k]); } else { $outf[] = $v; } } } $definition = Tracker_Definition::get($trackerId); $item_info = isset($item_info) ? $item_info : array(); $factory = $definition->getFieldFactory(); if (empty($item_info)) { $itemObject = Tracker_Item::newItem($trackerId); } elseif (!isset($itemObject)) { $itemObject = Tracker_Item::fromInfo($item_info); } if (empty($outf)) { $unfiltered = array('data' => $definition->getFields()); } else { $unfiltered = array('data' => array()); foreach ($outf as $fieldId) { $unfiltered['data'][] = $definition->getField($fieldId); } } $flds = array('data' => array()); foreach ($unfiltered['data'] as $f) { if ($itemObject->canModifyField($f['fieldId']) || $registration == 'y' && empty($item_info)) { $flds['data'][] = $f; } } // If we create multiple items, get field Ids, default values and separator if (!empty($fieldsfill)) { $fill_fields = $fieldsfill; // Allow for superfluous spaces and ignore them $fill_flds = array('data' => array()); $fill_defaults = array(); $fill_flds_defaults = array(); // May be different from fill_defaults if some fields are not editable $fieldsfillnames = array(); if (trim($fieldsfilldefaults) != '') { $fill_defaults = preg_split('/ *: */', $fieldsfilldefaults); } foreach ($fill_fields as $k => $fieldId) { if ($itemObject->canModifyField($fieldId)) { $tmp = $definition->getField($fieldId); $fill_flds['data'][] = $tmp; if (isset($fill_defaults[$k])) { $fill_flds_defaults[] = $fill_defaults[$k]; } else { $fill_flds_defaults[] = ''; } $fieldsfillnames[] = $tmp['name']; } } $fill_line_cant = count($fill_flds['data']); if ($fieldsfillseparator == '') { $fieldsfillseparator = '|'; } } $bad = array(); $embeddedId = false; $onemandatory = false; $full_fields = array(); $mainfield = ''; if ($thisIsThePlugin) { /* ------------------------------------- Recup all values from REQUEST -------------- */ if (!empty($autosavefields)) { foreach ($autosavefields as $i => $f) { if (!($ff = $trklib->get_field($f, $flds['data']))) { continue; } if (preg_match('/categories\\(([0-9]+)\\)/', $autosavevalues[$i], $matches)) { if (ctype_digit($matches[1]) && $matches[1] > 0) { $filter = array('identifier' => $matches[1], 'type' => 'descendants'); } else { $filter = NULL; } global $categlib; include_once 'lib/categories/categlib.php'; $categs = $categlib->getCategories($filter, true, false); $_REQUEST["ins_{$f}"][] = $categs[0]['categId']; } elseif (preg_match('/preference\\((.*)\\)/', $autosavevalues[$i], $matches)) { $_REQUEST["ins_{$f}"] = $prefs[$matches[1]]; } elseif ($ff['type'] == 'e') { $_REQUEST["ins_{$f}"][] = $autosavevalues[$i]; } else { if (isset($params['levelupfields']) && in_array($f, $params['levelupfields'])) { $current_levelup_val = $trklib->get_item_value($trackerId, $itemId, $f); if ($autosavevalues[$i] <= $current_levelup_val) { continue; } } $_REQUEST["ins_{$f}"] = $autosavevalues[$i]; } } } foreach ($flds['data'] as $k => $field) { $handler = $factory->getHandler($field, $item_info); if ($handler) { $ins_fields['data'][$k] = array_merge($field, $handler->getFieldData($_REQUEST)); if (isset($ins_fields['data'][$k]['value'])) { // add ins value into field if creating or editing item $flds['data'][$k] = $ins_fields['data'][$k]; // to keep user input in case of errors (not only value) } } } $cpt = 0; if (isset($fields)) { $fields_plugin = preg_split('/:/', $fields); } if (!isset($itemId) && $tracker['oneUserItem'] == 'y') { $itemId = $trklib->get_user_item($trackerId, $tracker); } if ($embedded == 'y' && isset($_REQUEST['page'])) { $ins_fields["data"][] = array('fieldId' => $embeddedId, 'value' => $_REQUEST['page']); } if ($registration == 'y' && isset($params['userField']) && isset($_REQUEST['name'])) { $userField = $definition->getField($params['userField']); $userField['value'] = $_REQUEST['name']; $ins_fields['data'][] = $userField; } $ins_categs = 0; // important: non-array ins_categs means categories should remain unchanged $parent_categs_only = array(); foreach ($ins_fields['data'] as $current_field) { if ($current_field['type'] == 'e' && isset($current_field['selected_categories'])) { if (!is_array($ins_categs)) { $ins_categs = array(); } $ins_categs = array_merge($ins_categs, $current_field['selected_categories']); $parent_categs_only[] = $current_field['options_array'][0]; } } $categorized_fields = $definition->getCategorizedFields(); /* ------------------------------------- End recup all values from REQUEST -------------- */ /* ------------------------------------- Check field values for each type and presence of mandatory ones ------------------- */ $field_errors = $trklib->check_field_values($ins_fields, $categorized_fields, $trackerId, empty($itemId) ? '' : $itemId); if ($prefs['feature_antibot'] === 'y' && $registration === 'y' && isset($_REQUEST['valerror'])) { // in_tracker session var checking is for tiki-register.php if (isset($_REQUEST['valerror'])) { $rve = $_REQUEST['valerror']; if (is_array($rve)) { foreach ($rve as $ve) { if (is_a($ve, 'RegistrationError')) { if (isset($ve->field) && $ve->field == 'antibotcode') { $field_errors['err_antibot'] = 'y'; continue; } } } } elseif (is_a($rve, 'RegistrationError')) { if (isset($rve->field) && $rve->field == 'antibotcode') { $field_errors['err_antibot'] = 'y'; } } } else { if (!$captchalib->validate()) { $field_errors['err_antibot'] = 'y'; } } } // check valid page name for wiki output if requested if (isset($outputtowiki) && !empty($outputwiki)) { $newpagename = ''; foreach ($ins_fields["data"] as $fl) { if ($fl["fieldId"] == $outputtowiki) { $newpagename = $fl["value"]; } if ($fl["type"] == 'F') { $newpagefreetags = $fl["value"]; } $newpagefields[] = $fl["fieldId"]; } if ($newpagename) { if ($tikilib->page_exists($newpagename)) { $field_errors['err_outputwiki'] = tra('The page to output the results to already exists. Try another name.'); } $page_badchars_display = ":/?#[]@!\$&'()*+,;=<>"; $page_badchars = "/[:\\/?#\\[\\]@!\$&'()*+,;=<>]/"; $matches = preg_match($page_badchars, $newpagename); if ($matches) { $field_errors['err_outputwiki'] = tr("The page to output the results to contains the following prohibited characters: %0. Try another name.", $page_badchars_display); } } else { unset($outputtowiki); } } if (count($field_errors['err_mandatory']) == 0 && count($field_errors['err_value']) == 0 && empty($field_errors['err_antibot']) && empty($field_errors['err_outputwiki']) && !isset($_REQUEST['tr_preview'])) { /* ------------------------------------- save the item ---------------------------------- */ if (isset($_REQUEST['status'])) { $status = $_REQUEST['status']; } elseif (isset($newstatus) && ($newstatus == 'o' || $newstatus == 'c' || $newstatus == 'p')) { $status = $newstatus; } elseif (empty($itemId) && isset($tracker['newItemStatus'])) { $status = $tracker['newItemStatus']; } else { $status = ''; } //tracker item created here if (!empty($fieldsfill) && !empty($_REQUEST['ins_fill'])) { // We create multiple items $fill_lines = explode("\n", $_REQUEST['ins_fill']); foreach ($fill_lines as $fill_line) { if (trim($fill_line) == '') { // Ignore blank lines continue; } $fill_line_item = explode($fieldsfillseparator, $fill_line, $fill_line_cant); // Extra fields are merged with the last field. this avoids data loss and permits a last text field with commas $rid = $trklib->replace_item($trackerId, $itemId, $ins_fields, $status, $ins_categs); for ($i = 0; $i < $fill_line_cant; $i++) { if ($fill_line_item[$i] != '') { $fill_item = trim($fill_line_item[$i]); } else { $fill_item = $fill_flds_defaults[$i]; } $fill_rid = $trklib->modify_field($rid, $fill_flds['data'][$i]['fieldId'], $fill_item); } if (is_array($ins_categs)) { if ($registration == 'y' && empty($item_info)) { $override_perms = true; } else { $override_perms = false; } $trklib->categorized_item($trackerId, $rid, $mainfield, $ins_categs, $parent_categs_only, $override_perms); } if (isset($newItemRate)) { $trklib->replace_rating($trackerId, $rid, $newItemRateField, $user, $newItemRate); } } } else { if ($registration == 'y' && $_SERVER['REQUEST_METHOD'] != 'POST') { return false; } $rid = $trklib->replace_item($trackerId, $itemId, $ins_fields, $status, $ins_categs); if (is_array($ins_categs)) { if ($registration == 'y' && empty($item_info)) { $override_perms = true; } else { $override_perms = false; } $trklib->categorized_item($trackerId, $rid, $mainfield, $ins_categs, $parent_categs_only, $override_perms); } if (isset($newItemRate)) { $trklib->replace_rating($trackerId, $rid, $newItemRateField, $user, $newItemRate); } } // now for wiki output if desired if (isset($outputtowiki) && !empty($outputwiki)) { // note that values will be raw - that is the limit of the capability of this feature for now $newpageinfo = $tikilib->get_page_info($outputwiki); $wikioutput = $newpageinfo["data"]; $newpagefields = $trklib->get_pretty_fieldIds($outputwiki, 'wiki', $outputPretty); foreach ($newpagefields as $lf) { $wikioutput = str_replace('{$f_' . $lf . '}', $trklib->get_item_value($trackerId, $rid, $lf), $wikioutput); } if (isset($registration)) { $wikioutput = str_replace('{$register_login}', $user, $wikioutput); $wikioutput = str_replace('{$register_email}', $_REQUEST['email'], $wikioutput); } $tikilib->create_page($newpagename, 0, $wikioutput, $tikilib->now, '', $user, $tikilib->get_ip_address()); $cat_desc = ''; $cat_type = 'wiki page'; $cat_name = $newpagename; $cat_objid = $newpagename; $cat_href = "tiki-index.php?page=" . urlencode($newpagename); if (count($ins_categs)) { $_REQUEST['cat_categories'] = $ins_categs; $_REQUEST['cat_categorize'] = 'on'; include_once "categorize.php"; } if (isset($newpagefreetags) && $newpagefreetags) { $_REQUEST['freetag_string'] = $newpagefreetags; include_once "freetag_apply.php"; } if ($discarditem == 'y') { $trklib->remove_tracker_item($rid); } if (empty($url)) { global $wikilib; $url[0] = $wikilib->sefurl($newpagename); } } // end wiki output if (!empty($email)) { $emailOptions = preg_split("#\\|#", $email); if (is_numeric($emailOptions[0])) { $emailOptions[0] = $trklib->get_item_value($trackerId, $rid, $emailOptions[0]); } if (empty($emailOptions[0])) { // from $emailOptions[0] = $prefs['sender_email']; } if (empty($emailOptions[1])) { // to $emailOptions[1][0] = $prefs['sender_email']; } else { $emailOptions[1] = preg_split('/ *, */', $emailOptions[1]); foreach ($emailOptions[1] as $key => $email) { if (is_numeric($email)) { $emailOptions[1][$key] = $trklib->get_item_value($trackerId, $rid, $email); } } } include_once 'lib/webmail/tikimaillib.php'; $mail = new TikiMail(); $mail->setFrom($emailOptions[0]); if (!empty($emailOptions[2])) { //tpl $emailOptions[2] = preg_split('/ *, */', $emailOptions[2]); foreach ($emailOptions[2] as $ieo => $eo) { if (!preg_match('/\\.tpl$/', $eo)) { $emailOptions[2][$ieo] = $eo . '.tpl'; } $tplSubject[$ieo] = str_replace('.tpl', '_subject.tpl', $emailOptions[2][$ieo]); } } else { $emailOptions[2] = array('tracker_changed_notification.tpl'); } if (empty($tplSubject)) { $tplSubject = array('tracker_changed_notification_subject.tpl'); } $itpl = 0; $smarty->assign('mail_date', $tikilib->now); $smarty->assign('mail_itemId', $rid); foreach ($emailOptions[1] as $ieo => $ueo) { @($mail_data = $smarty->fetch('mail/' . $tplSubject[$itpl])); if (empty($mail_data)) { $mail_data = tra('Tracker was modified at ') . $_SERVER["SERVER_NAME"]; } $mail->setSubject($mail_data); $mail_data = $smarty->fetch('mail/' . $emailOptions[2][$itpl]); if ($emailformat == 'html') { $mail->setHtml($mail_data); } else { $mail->setText($mail_data); } $mail->send($ueo); if (isset($tplSubject[$itpl + 1])) { ++$itpl; } } } if (empty($url)) { if (!empty($_REQUEST['ajax_add'])) { // called by tracker ItemLink fields when adding new list items global $access; while (ob_get_level()) { ob_end_clean(); } if ($prefs['feature_obzip'] == 'y') { ob_start('ob_gzhandler'); } else { ob_start(); } // Need to add newly created itemId for item link selector $ins_fields['itemId'] = $rid; $access->output_serialized($ins_fields); ob_end_flush(); die; } else { if (!empty($page)) { $url = "tiki-index.php?page=" . urlencode($page); if (!empty($itemId)) { $url .= "&itemId=" . $itemId; } $url .= "&ok=y&iTRACKER={$iTRACKER}"; $url .= "#wikiplugin_tracker{$iTRACKER}"; header("Location: {$url}"); exit; } else { return ''; } } } else { $key = 0; foreach ($action as $key => $act) { if (!empty($_REQUEST["action{$key}"])) { break; } } $itemIdPos = strpos($url[$key], 'itemId'); if ($itemIdPos !== false) { if (strstr($url[$key], '#itemId')) { $url[$key] = str_replace('#itemId', $rid, $url[$key]); } else { if ($itemIdPos + strlen('itemId') >= strlen($url[$key]) - 1 || substr($url[$key], $itemIdPos + strlen('itemId'), 1) == "&") { // replace by the itemId if in the end (or -1: for backward compatibility so that "&itemId=" also works) or if it is followed by an '&' $url[$key] = str_replace('itemId', 'itemId=' . $rid, $url[$key]); } } } header('Location: ' . $url[$key]); exit; } /* ------------------------------------- end save the item ---------------------------------- */ } elseif (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) { $smarty->assign('wikiplugin_tracker', $trackerId); //used in vote plugin } } else { if ((empty($itemId) || $overwrite == 'y') && !empty($values) || (!empty($_REQUEST['values']) and empty($_REQUEST['prefills']))) { // assign default values for each filedId specify if (empty($values)) { // url with values[]=x&values[] witouth the list of fields $values = $_REQUEST['values']; } if (!is_array($values)) { $values = array($values); } if (isset($fields)) { $fl = preg_split('/:/', $fields); for ($j = 0, $count_fl = count($fl); $j < $count_fl; $j++) { for ($i = 0, $count_flds = count($flds['data']); $i < $count_flds; $i++) { if ($flds['data'][$i]['fieldId'] == $fl[$j]) { $flds['data'][$i]['value'] = $values[$j]; } } } } else { // values contains all the fields value in the default order $i = 0; foreach ($values as $value) { $flds['data'][$i++]['value'] = $value; } } } elseif (!empty($itemId)) { if (isset($fields)) { $fl = preg_split('/:/', $fields); $filter = ''; foreach ($flds['data'] as $f) { if (in_array($f['fieldId'], $fl)) { $filter[] = $f; } } } else { $filter =& $flds['data']; } if (!empty($filter)) { foreach ($filter as $f) { $filter2[$f['fieldId']] = $f; } $flds['data'] = $trklib->get_item_fields($trackerId, $itemId, $filter2, $itemUser, true); } // todo: apply the values for fields with no values } else { if (isset($_REQUEST['values']) && isset($_REQUEST['prefills'])) { //url:prefields=1:2&values[]=x&values[]=y if (!is_array($_REQUEST['values'])) { $_REQUEST['values'] = array($_REQUEST['values']); } $fl = preg_split('/:/', $_REQUEST['prefills']); } else { unset($fl); } for ($i = 0, $count_flds2 = count($flds['data']); $i < $count_flds2; $i++) { if (isset($fl) && ($j = array_search($flds['data'][$i]['fieldId'], $fl)) !== false) { $flds['data'][$i]['value'] = $_REQUEST['values'][$j]; } else { $flds['data'][$i]['value'] = ''; // initialize fields with blank values } } } } // Check that individual fields are in the tracker if (!empty($fields)) { $fl = preg_split('/:/', $fields); if ($sort == 'y') { $flds = $trklib->sort_fields($flds, $fl); } foreach ($fl as $l) { $ok = false; foreach ($flds['data'] as $f) { if ($f['fieldId'] == $l) { $ok = true; break; } } if (!$ok) { $back .= '<div class="error">' . tra('Incorrect fieldId:') . ' ' . $l . '</div>'; } } } elseif (empty($fields) && empty($wiki) && empty($tpl)) { // in this case outf still be blank and needs to be filled foreach ($flds['data'] as $f) { $outf[] = $f['fieldId']; } } // Check that multiple fill fields are in the tracker if (!empty($fieldsfill)) { foreach ($fill_fields as $l) { $ok = false; foreach ($fill_flds['data'] as $f) { if ($f['fieldId'] == $l) { $ok = true; break; } } if (!$ok) { $back .= '<div class="error">' . tra('Incorrect fieldId:') . ' ' . $l . '</div>'; } } } // Display warnings when needed if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0) { $back .= $smarty->fetch('tracker_error.tpl'); $_REQUEST['error'] = 'y'; if (count($field_errors['err_mandatory']) > 0) { $msg = tra('Following mandatory fields are missing'); foreach ($field_errors['err_mandatory'] as $err) { $msg .= '<br> ' . $err['name']; } TikiLib::lib('errorreport')->report($msg); } if (count($field_errors['err_value']) > 0) { $msg = tra('Following fields are incorrect'); foreach ($field_errors['err_value'] as $err) { $msg .= '<br> ' . $err['name']; } TikiLib::lib('errorreport')->report($msg); } if ($registration && !empty($userField) && isset($_REQUEST['name']) && $_REQUEST['name'] === $userField['value'] && $_REQUEST['name'] === $user) { // if in registration and creating a user tracker item for the new user // remove the user if they did not complete the tracker correctly $userlib->remove_user($userField['value']); $user = ''; // needed to re-include the captcha inputs $hidden_fieldId = array(); // remove hidden user fields which are otherwise required foreach ($flds['data'] as $k => $v) { // remove the login field otherwise it gets rendered in the form also required if ($v['fieldId'] == $userField['fieldId']) { unset($flds['data'][$k]); } } } } if (isset($field_errors['err_antibot'])) { $_REQUEST['error'] = 'y'; } if (isset($field_errors['err_outputwiki'])) { $back .= '<div class="simplebox highlight"><img src="img/icons/exclamation.png" alt=" ' . tra('Error') . '" style="vertical-align:middle" /> '; $back .= $field_errors['err_outputwiki']; $back .= '</div><br />'; $_REQUEST['error'] = 'y'; } if (count($field_errors['err_mandatory']) > 0 || count($field_errors['err_value']) > 0 || isset($field_errors['err_antibot']) || isset($field_errors['err_outputwiki'])) { $smarty->assign('input_err', 'y'); } if (!empty($page)) { $back .= '~np~'; } $smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']); $smarty->assign('trackerEditFormId', $iTRACKER); if (!empty($params['_ajax_form_ins_id'])) { global $headerlib; // when called via AJAX take a copy of the JS so far to allow collection $old_js['js'] = $headerlib->js; // of tracker form JS into a function to initialise it when the dialog is created $old_js['jq_onready'] = $headerlib->jq_onready; $headerlib->clear_js(); // so store existing js for later and clear } if ($prefs['feature_jquery'] == 'y' && $prefs['feature_jquery_validation'] == 'y') { global $validatorslib; include_once 'lib/validatorslib.php'; $customvalidation = ''; $customvalidation_m = ''; if ($registration == 'y') { // email validation $customvalidation .= 'email: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'email: true }, '; $customvalidation_m .= 'email: { email: "' . tra("Invalid email") . '", required: "' . tra("This field is required") . '"}, '; // password validation $customvalidation .= 'pass: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "password", '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $("#pass1").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= 'pass: { required: "' . tra("This field is required") . '"}, '; // password repeat validation $customvalidation .= 'passAgain: { equalTo: "#pass1" }, '; $customvalidation_m .= 'passAgain: { equalTo: "' . tra("Passwords do not match") . '"}, '; // username validation $customvalidation .= 'name: { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "username", '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $("#name").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= 'name: { required: "' . tra("This field is required") . '"}, '; if (extension_loaded('gd') && function_exists('imagepng') && function_exists('imageftbbox') && $prefs['feature_antibot'] == 'y' && empty($user) && $prefs['recaptcha_enabled'] != 'y') { // antibot validation $customvalidation .= '"captcha[input]": { '; $customvalidation .= 'required: true, '; $customvalidation .= 'remote: { '; $customvalidation .= 'url: "validate-ajax.php", '; $customvalidation .= 'type: "post", '; $customvalidation .= 'data: { '; $customvalidation .= 'validator: "captcha", '; $customvalidation .= 'parameter: function() { '; $customvalidation .= 'return $jq("#captchaId").val(); '; $customvalidation .= '}, '; $customvalidation .= 'input: function() { '; $customvalidation .= 'return $jq("#antibotcode").val(); '; $customvalidation .= '} } } '; $customvalidation .= '}, '; $customvalidation_m .= '"captcha[input]": { required: "' . tra("This field is required") . '"}, '; } if ($prefs['useRegisterPasscode'] == 'y') { $customvalidation .= 'passcode: { required: true, remote: { url: "validate-ajax.php", type: "post", data: { validator: "passcode", input: function() { return $("#passcode").val(); } } } }, '; $customvalidation_m .= 'passcode: { required: "' . tra("This field is required") . '"}, '; } } $validationjs = $validatorslib->generateTrackerValidateJS($flds['data'], $fields_prefix, $customvalidation, $customvalidation_m); if (!empty($params['_ajax_form_ins_id']) && $params['_ajax_form_ins_id'] === 'group') { $headerlib->add_jq_onready("var ajaxTrackerValidation_group={validation:{" . $validationjs . '};'); // return clean rules and messages object for ajax } else { $smarty->assign('validationjs', $validationjs); $back .= $smarty->fetch('tracker_validator.tpl'); } } if ($params['formtag'] == 'y') { $back .= '<form name="editItemForm' . $iTRACKER . '" id="editItemForm' . $iTRACKER . '" enctype="multipart/form-data" method="post"' . (isset($target) ? ' target="' . $target . '"' : '') . ' action="' . $_SERVER['REQUEST_URI'] . '"><input type="hidden" name="trackit" value="' . $trackerId . '" />'; $back .= '<input type="hidden" name="refresh" value="1" />'; } $back .= '<input type="hidden" name="iTRACKER" value="' . $iTRACKER . '" />'; if (isset($_REQUEST['page'])) { $back .= '<input type="hidden" name="page" value="' . $_REQUEST["page"] . '" />'; } // for registration if (isset($_REQUEST['name'])) { $back .= '<input type="hidden" name="name" value="' . $_REQUEST["name"] . '" />'; } if (isset($_REQUEST['pass'])) { $back .= '<input type="hidden" name="pass" value="' . $_REQUEST["pass"] . '" />'; $back .= '<input type="hidden" name="passAgain" value="' . $_REQUEST["pass"] . '" />'; } if (isset($_REQUEST['email'])) { $back .= '<input type="hidden" name="email" value="' . $_REQUEST["email"] . '" />'; } if (isset($_REQUEST['antibotcode'])) { $back .= '<input type="hidden" name="antibotcode" value="' . $_REQUEST["antibotcode"] . '" />'; } if (isset($_REQUEST['chosenGroup'])) { // for registration $back .= '<input type="hidden" name="chosenGroup" value="' . $_REQUEST["chosenGroup"] . '" />'; } if (isset($_REQUEST['register'])) { $back .= '<input type="hidden" name="register" value="' . $_REQUEST["register"] . '" />'; } if ($showtitle == 'y') { $back .= '<div class="titlebar">' . $tracker["name"] . '</div>'; } if ($showdesc == 'y' && $tracker['description']) { if ($tracker['descriptionIsParsed'] == 'y') { $back .= '<div class="wikitext">' . $tikilib->parse_data($tracker['description']) . '</div><br />'; } else { $back .= '<div class="wikitext">' . tra($tracker["description"]) . '</div><br />'; } } if (isset($_REQUEST['tr_preview'])) { // use for the computed and join fields $assocValues = array(); $assocNumerics = array(); foreach ($flds['data'] as $f) { if (empty($f['value']) && ($f['type'] == 'u' || $f['type'] == 'g' || $f['type'] == 'I') && ($f['options_array'][0] == '1' || $f['options_array'][0] == '2')) { //need to fill the selector fields for the join $f['value'] = $f['type'] == 'I' ? $tikilib->get_ip_address() : ($f['type'] == 'g' ? $group : $user); } $assocValues[$f['fieldId']] = $f['value']; $assocNumerics[$f['fieldId']] = preg_replace('/[^0-9\\.\\+]/', '', $f['value']); // get rid off the $ and such unit } } if (!empty($itemId)) { $item = array('itemId' => $itemId, 'trackerId' => $trackerId); } else { $item = array('itemId' => ''); } foreach ($flds['data'] as $i => $f) { // collect additional infos if (in_array($f['fieldId'], $outf)) { $flds['data'][$i]['ins_id'] = $f['type'] == 'e' ? 'ins_' . $f['fieldId'] : $fields_prefix . $f['fieldId']; if (($f['isHidden'] == 'c' || $f['isHidden'] == 'p') && !empty($itemId) && !isset($item['creator'])) { $item['creator'] = $trklib->get_item_creator($trackerId, $itemId); } } } if (!empty($showstatus) && $showstatus == 'y') { $status_types = $trklib->status_types(); $smarty->assign_by_ref('status_types', $status_types); $smarty->assign('form_status', 'status'); $smarty->assign_by_ref('tracker', $tracker); if (!empty($item_info)) { $smarty->assign_by_ref('item', $item_info); } $status_input = $smarty->fetch('tracker_status_input.tpl'); } if ($registration == "y") { $back .= '<input type="hidden" name="register" value="Register" />'; } // Loop on tracker fields and display form if (empty($tpl) && empty($wiki)) { $back .= '<table class="wikiplugin_tracker">'; if (!empty($showstatus) && $showstatus == 'y') { $back .= '<tr><td>' . tra('Status') . '</td><td>' . $status_input . '</td></tr>'; } if ($registration == 'y' && $prefs["user_register_prettytracker"] != 'y') { $back .= $smarty->fetch('register-form.tpl'); } } else { $back .= '<div class="wikiplugin_tracker">'; if (!empty($showstatus) && $showstatus == 'y') { $smarty->assign_by_ref('f_status_input', $status_input); } } $backLength0 = strlen($back); foreach ($flds['data'] as $f) { if (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $hidden_fieldId)) { // Show in hidden form $back .= '<span style="display:none;">' . wikiplugin_tracker_render_input($f, $item, $dynamicSave) . '</span>'; } elseif (!in_array($f['fieldId'], $auto_fieldId) && in_array($f['fieldId'], $outf)) { if ($showmandatory == 'y' and $f['isMandatory'] == 'y') { $onemandatory = true; } if ($f['type'] == 'A') { $smarty->assign_by_ref('tiki_p_attach_trackers', $perms['tiki_p_attach_trackers']); } if (!empty($tpl) || !empty($wiki)) { if (!empty($outputPretty) && in_array($f['fieldId'], $outputPretty)) { $smarty->assign('f_' . $f['fieldId'], '<span class="outputPretty" id="track_' . $f['fieldId'] . '" name="track_' . $f['fieldId'] . '">' . wikiplugin_tracker_render_value($f, $item) . '</span>'); } else { $mand = ($showmandatory == 'y' and $f['isMandatory'] == 'y') ? " <strong class='mandatory_star'>*</strong> " : ''; $smarty->assign('f_' . $f['fieldId'], wikiplugin_tracker_render_input($f, $item, $dynamicSave) . $mand . '<div class="trackerplugindesc">' . ($f['descriptionIsParsed'] == 'y' ? $tikilib->parse_data($f['description']) : tra($f['description'])) . '</div>'); } } else { $back .= '<tr><td class="tracker_input_label"'; // If type is has a samerow param and samerow is "No", show text on one line and the input field on the next $isTextOnSameRow = true; switch ($f['type']) { case 't': // Text field // Text field case 'n': // Numeric field // Numeric field case 'b': // Currency $isTextOnSameRow = $f['options_array'][0] == 0 ? false : true; break; case 'a': // Text area if (!isset($f['options_array'][8])) { $isTextOnSameRow = true; } else { $isTextOnSameRow = $f['options_array'][8] == 0 ? false : true; } break; } if (!$isTextOnSameRow) { $back .= " colspan='2'"; } if (!empty($colwidth)) { $back .= " width='" . $colwidth . "'"; } $back .= '><label for="' . $f['ins_id'] . '">' . wikiplugin_tracker_name($f['fieldId'], tra($f['name']), $field_errors) . '</label>'; if ($showmandatory == 'y' and $f['isMandatory'] == 'y') { $back .= " <strong class='mandatory_star'>*</strong> "; } // If use different lines, add a line break. // Otherwise a new column if (!$isTextOnSameRow) { $back .= "<br/>"; } else { $back .= '</td><td class="tracker_input_value">'; } $back .= wikiplugin_tracker_render_input($f, $item, $dynamicSave); $back .= "</td></tr>"; } if ($f['type'] != 'S' && empty($tpl) && empty($wiki)) { $back .= '<tr><td class="plugindesc_cell" colspan="2">'; $back .= '<span class="trackerplugindesc">'; if ($f['descriptionIsParsed'] == 'y') { $back .= $tikilib->parse_data($f['description']); } else { $back .= tra($f['description']); } $back .= '</span>'; $back .= "</td></tr>"; } } } if (isset($params['fieldsfill']) && !empty($params['fieldsfill']) && empty($itemId)) { // $back.= '<tr><td><label for="ins_fill">' . tra("Create multiple items (one per line).") . '</label>'; $back .= '<tr><td><label for="ins_fill">' . tra("Insert one item per line:") . '<br />' . '<br />' . '<br />' . '</label>'; $back .= <<<FILL </td><td> <input type="hidden" value="" name="mode_wysiwyg"/> <input type="hidden" value="" name="mode_normal"/> <div class="edit-zone"> <textarea id="ins_fill" class="wikiedit" style="width: 99%;" data-syntax="" data-codemirror="" onkeyup="" rows="15" cols="50" name="ins_fill" > </textarea > </div> <input type="hidden" value="n" name="wysiwyg"/> <div name="ins_fill_desc" class="trackerplugindesc" > FILL; $back .= sprintf(tra('Each line is a list of %d field values separated with: %s'), $fill_line_cant, htmlspecialchars($fieldsfillseparator)); $back .= '</div><div name="ins_fill_desc2" class="trackerplugindesc" >' . htmlspecialchars(implode($fieldsfillseparator, $fieldsfillnames)); $back .= '</div>'; $back .= '</td></tr>'; } if ($prefs['feature_antibot'] == 'y' && (empty($user) || !empty($user) && $_REQUEST['error'] == 'y')) { $smarty->assign('showantibot', true); } if (!empty($tpl)) { $smarty->security = true; $back .= $smarty->fetch($tpl); } elseif (!empty($wiki)) { $smarty->security = true; if ($tikilib->page_exists($wiki)) { $back .= $smarty->fetch('wiki:' . $wiki); } else { $back .= '<span class="error">' . tr('Missing wiki template page "%0"', htmlspecialchars($wiki)) . '</span>'; } } include_once 'lib/smarty_tiki/function.trackerheader.php'; $back .= smarty_function_trackerheader(array('level' => -1, 'title' => '', 'inTable' => empty($tpl) && empty($wiki) ? 'wikiplugin_tracker' : ''), $smarty); $smarty->assign('showmandatory', $showmandatory); if ($prefs['feature_antibot'] == 'y' && empty($user) && $params['formtag'] != 'n' && ($registration != 'y' || $prefs["user_register_prettytracker"] != 'y')) { // in_tracker session var checking is for tiki-register.php $smarty->assign('antibot_table', empty($wiki) && empty($tpl) ? 'n' : 'y'); include_once 'lib/captcha/captchalib.php'; $smarty->assign('captchalib', $captchalib); $back .= $smarty->fetch('antibot.tpl'); } if (empty($tpl) && empty($wiki)) { $back .= "</table>"; } else { $back .= '</div>'; } if ($params['formtag'] == 'y') { $back .= '<div class="input_submit_container">'; if (!empty($reset)) { $back .= '<input class="button submit preview" type="reset" name="tr_reset" value="' . tra($reset) . '" />'; } if (!empty($preview)) { $back .= '<input class="button submit preview" type="submit" name="tr_preview" value="' . tra($preview) . '" />'; } foreach ($action as $key => $act) { $back .= '<input class="button submit" type="submit" name="action' . $key . '" value="' . tra($act) . '" onclick="needToConfirm=false" />'; } $back .= '</div>'; } if ($showmandatory == 'y' and $onemandatory) { $back .= "<em class='mandatory_note'>" . tra("Fields marked with a * are mandatory.") . "</em>"; } if ($params['formtag'] == 'y') { $back .= '</form>'; } if (!empty($params['_ajax_form_ins_id'])) { // save new js in a function for the form init fn $headerlib->add_js(' var ajaxTrackerFormInit_' . $params['_ajax_form_ins_id'] . ' = function() {' . $headerlib->output_js(false) . '}', 10); // put back the pre-existing js $headerlib->js = array_merge($headerlib->js, $old_js['js']); $headerlib->jq_onready = array_merge($headerlib->jq_onready, $old_js['jq_onready']); } if (!empty($page)) { $back .= '~/np~'; } $smarty->assign_by_ref('tiki_p_admin_trackers', $perms['tiki_p_admin_trackers']); return $back; } else { if (isset($_REQUEST['trackit']) and $_REQUEST['trackit'] == $trackerId) { $smarty->assign('wikiplugin_tracker', $trackerId); } //used in vote plugin $id = ' id="wikiplugin_tracker' . $iTRACKER . '"'; if ($showtitle == 'y') { $back .= '<div class="titlebar"' . $id . '>' . $tracker["name"] . '</div>'; $id = ''; } if ($showdesc == 'y') { $back .= '<div class="wikitext"' . $id . '>' . $tracker["description"] . '</div><br />'; $id = ''; } $back .= "<div{$id}>" . $data . '</div>'; return $back; } }