public static function post()
{
$form = f::dbFirstRow("select name, enabled_domains, detail \n\t\t\t\t\t\tfrom fm_forms \n\t\t\t\t\t\twhere id = {p:form_id} \n\t\t\t\t\t\tand client_id = {p:client_id} \n\t\t\t\t\t\tand (available_from = '' or available_from <= curdate()) \n\t\t\t\t\t\tand (available_to = '' or available_to >= curdate()) \n\t\t\t\t\t\tand status = 1");
self::validateForm($form);
if (f::hasErrors()) {
return;
}
// get form data
$formDetail = json_decode($form["detail"], true);
$fields = $formDetail["fields"];
// validate captcha
if (isset($formDetail["captcha"]) && $formDetail["captcha"]) {
f::validateParam("captcha", array("captcha"), "Wrong captcha");
}
$dataFields = self::validateFields($fields);
if (f::hasErrors()) {
return;
}
// validations are ok, then insert
$userData = json_encode($dataFields, JSON_UNESCAPED_UNICODE);
$siteTableId = "fm_userdata_" . substr("00" . f::getParam("client_id") * 1, -3);
$insertId = f::dbInsert("insert into {d:siteTableId} set \n\t\t\t\t\t\t\t\tcreated_date = now(),\n\t\t\t\t\t\t\t\tstatus = 0,\n\t\t\t\t\t\t\t\tform_id = {p:form_id}, \n\t\t\t\t\t\t\t\tclient_id = {p:client_id}, \n\t\t\t\t\t\t\t\tuser_data = {userData}", array("siteTableId" => $siteTableId, "userData" => $userData));
if (!$insertId) {
f::setError(500, "Unexpected Error");
} else {
f::setResponseJson(array("ok" => true));
}
}
public static function get()
{
$form = f::dbFirstRow("select enabled_domains, detail \n\t\t\t\t\t\tfrom fm_forms \n\t\t\t\t\t\twhere id = {p:form_id} \n\t\t\t\t\t\tand client_id = {p:client_id} \n\t\t\t\t\t\tand (available_from = '' or available_from <= curdate()) \n\t\t\t\t\t\tand (available_to = '' or available_to >= curdate()) \n\t\t\t\t\t\tand status = 1");
if (!$form) {
f::setError(400, "Form not found");
} else {
if (!self::checkDomain($form)) {
f::setError(400, "Hostname not allowed");
}
}
if (f::hasErrors()) {
return;
}
$formDetail = json_decode($form["detail"], true);
$uniqId = sha1(uniqid());
$captcha = f::getCaptcha();
f::setResponseJson(array("id" => $uniqId, "captcha" => $captcha, "form" => $formDetail));
}
private static function step2($page, $start, $rowsPerPage, $outData)
{
$excel = f::getParam("excel") == 1;
$order = f::getParam("order") * 1;
$orderDesc = f::getParam("orderDesc") * 1;
$orderBy = $order == "" ? "" : " ORDER BY {$order}";
$clientId = f::dbRes("select client_id from fm_forms where id = {p:form_id}");
$siteTableId = "fm_userdata_" . substr("00" . $clientId, -3);
$limit = $excel ? "" : " limit {$start}, {$rowsPerPage}";
$textFilter = "";
if (f::getParam("textFilter")) {
$textFilter = " and user_data like '%" . f::dbEscape(f::getParam("textFilter")) . "%'";
}
$sql = "select SQL_CALC_FOUND_ROWS id, date_format(created_date,'%d/%m/%Y %H:%i') as created_date, user_data \n\t\t\t\t\t\tfrom {d:siteTableId}\n\t\t\t\t\t\twhere form_id = {p:form_id} \n\t\t\t\t\t\t{n:textFilter}\n\t\t\t\t\t\torder by id desc {d:orderBy} {d:limit}";
$formData = f::dbFullRes($sql, array("siteTableId" => $siteTableId, "textFilter" => $textFilter, "orderBy" => $orderBy, "limit" => $limit));
foreach ($formData as $k => $v) {
$formData[$k]["user_data"] = json_decode($formData[$k]["user_data"], true);
}
$totalRows = f::dbRes("SELECT FOUND_ROWS()");
if ($totalRows <= $page * $rowsPerPage) {
$outData["nextPage"] = 0;
}
$form = f::dbFirstRow("select id, name, enabled_domains, detail \n\t\t\t\tfrom fm_forms \n\t\t\t\twhere id = {p:form_id}");
$form["detail"] = json_decode($form["detail"], true);
$outData["form"] = $form;
$outData["data"] = $formData;
$outData["totalRows"] = $totalRows;
$outData["order"] = $order;
$outData["orderDesc"] = $orderDesc;
$outData["end"] = min($outData["start"] + $rowsPerPage, $totalRows);
if (!$excel) {
f::setResponseJson($outData);
} else {
$out = self::prepareExcel($form, $formData);
$formName = preg_replace("/[^A-Za-z0-9 ]/", '', $form["name"]);
f::setExcelOutput($form["id"] . "_{$formName}_" . date("Ymd_His") . ".xls", $out);
}
}
public static function isLogged()
{
$token = f::getParam("_api_key");
$userIp = $_SERVER["REMOTE_ADDR"];
$session = f::dbFirstRow("select user_id from fm_sessions where user_ip = {userIp} and token = {token} and status=1 ", array("userIp" => $userIp, "token" => $token));
$userId = isset($session["user_id"]) ? $session["user_id"] : 0;
if ($userId) {
$userName = f::dbRes("select name from fm_users where id='{$userId}'");
$isAdmin = f::dbRes("select is_admin from fm_users where id='{$userId}'") == 1;
if (!defined("USER_ID")) {
define("USER_ID", $userId);
define("USER_NAME", $userName);
define("USER_IS_ADMIN", $isAdmin);
}
return true;
} else {
define("USER_ID", "");
define("USER_NAME", "");
define("USER_IS_ADMIN", "");
f::setError(401, "Unauthenticated");
return false;
}
}