/** * Validate the form */ private function validateForm() { // get settings $commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments']; // comments aren't allowed so we don't have to validate if (!$commentsAllowed) { return false; } if ($this->frmContact->isSubmitted()) { //--Clean fields $this->frmContact->cleanUpFields(); //--Get the fields $fields = $this->frmContact->getFields(); //--Check if the fields are filled in $fields['name']->isFilled(FL::err('NameIsRequired')); $fields['emailContact']->isEmail(FL::err('EmailIsRequired')); //--Check if frm is correct if ($this->frmContact->isCorrect()) { //--Create variable array $arrVariables["sentOn"] = time(); $arrVariables["product"] = $this->record['title']; $arrVariables["name"] = $fields['name']->getValue(); $arrVariables["email"] = $fields['emailContact']->getValue(); $arrVariables["phone"] = $fields['phone']->getValue(); $arrVariables["message"] = nl2br($fields['messageContact']->getValue()); $message = \Common\Mailer\Message::newInstance(FL::getMessage('Contact') . ": " . $this->record['title']); $message->parseHtml(FRONTEND_MODULES_PATH . '/Catalog/Layout/Templates/Mails/Contact.tpl', $arrVariables, true); // $message->setTo(array('*****@*****.**')); $message->setTo(array('*****@*****.**')); $message->setFrom(array($arrVariables["email"] => $arrVariables['name'])); $this->get('mailer')->send($message); $this->tpl->assign("showContactSend", true); } } // is the form submitted if ($this->frm->isSubmitted()) { // cleanup the submitted fields, ignore fields that were added by hackers $this->frm->cleanupFields(); // does the key exists? if (\SpoonSession::exists('catalog_comment_' . $this->record['id'])) { // calculate difference $diff = time() - (int) \SpoonSession::get('catalog_comment_' . $this->record['id']); // calculate difference, it it isn't 10 seconds the we tell the user to slow down if ($diff < 10 && $diff != 0) { $this->frm->getField('message')->addError(FL::err('CommentTimeout')); } } // validate required fields $this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired')); $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired')); $this->frm->getField('message')->isFilled(FL::err('MessageIsRequired')); // validate optional fields if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') { $this->frm->getField('website')->isURL(FL::err('InvalidURL')); } // no errors? if ($this->frm->isCorrect()) { // get module setting $spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter']; $moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation']; // reformat data $author = $this->frm->getField('author')->getValue(); $email = $this->frm->getField('email')->getValue(); $website = $this->frm->getField('website')->getValue(); if (trim($website) == '' || $website == 'http://') { $website = null; } $text = $this->frm->getField('message')->getValue(); // build array $comment['product_id'] = $this->record['id']; $comment['language'] = FRONTEND_LANGUAGE; $comment['created_on'] = FrontendModel::getUTCDate(); $comment['author'] = $author; $comment['email'] = $email; $comment['website'] = $website; $comment['text'] = $text; $comment['status'] = 'published'; $comment['data'] = serialize(array('server' => $_SERVER)); // get URL for article $permaLink = $this->record['full_url']; $redirectLink = $permaLink; // is moderation enabled if ($moderationEnabled) { // if the commenter isn't moderated before alter the comment status so it will appear in the moderation queue if (!FrontendCatalogModel::isModerated($author, $email)) { $comment['status'] = 'moderation'; } } // should we check if the item is spam if ($spamFilterEnabled) { // check for spam $result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website); // if the comment is spam alter the comment status so it will appear in the spam queue if ($result) { $comment['status'] = 'spam'; } elseif ($result == 'unknown') { $comment['status'] = 'moderation'; } } // insert comment $comment['id'] = FrontendCatalogModel::insertComment($comment); // trigger event FrontendModel::triggerEvent('catalog', 'after_add_comment', array('comment' => $comment)); // append a parameter to the URL so we can show moderation if (strpos($redirectLink, '?') === false) { if ($comment['status'] == 'moderation') { $redirectLink .= '?comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '?comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '?comment=true#comment-' . $comment['id']; } } else { if ($comment['status'] == 'moderation') { $redirectLink .= '&comment=moderation#' . FL::act('Comment'); } if ($comment['status'] == 'spam') { $redirectLink .= '&comment=spam#' . FL::act('Comment'); } if ($comment['status'] == 'published') { $redirectLink .= '&comment=true#comment-' . $comment['id']; } } // set title $comment['product_title'] = $this->record['title']; $comment['product_url'] = $this->record['url']; // notify the admin FrontendCatalogModel::notifyAdmin($comment); // store timestamp in session so we can block excessive usage \SpoonSession::set('catalog_comment_' . $this->record['id'], time()); // store author-data in cookies try { Cookie::set('comment_author', $author); Cookie::set('comment_email', $email); Cookie::set('comment_website', $website); } catch (Exception $e) { // settings cookies isn't allowed, but because this isn't a real problem we ignore the exception } // redirect $this->redirect($redirectLink); } } }