function formbuilder_process_form_redirect($form, $fields)
{
global $_POST, $wpdb;
$autoresponse_required = false;
$source_email = "";
foreach ($fields as $field) {
// Get source email address, if exists. Will use the first email address listed in the form results, as the source email address.
if ($field['required_data'] == "email address" and !$source_email) {
$source_email = $field['value'];
}
}
// Set autoresponse information if required and send it out.
if ($source_email and $form['autoresponse'] != false and $autoresponse_required == false) {
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_RESPONSES . " WHERE id = '" . $form['autoresponse'] . "';";
$results = $wpdb->get_results($sql, ARRAY_A);
$response_details = $results[0];
$response_details['destination_email'] = $source_email;
if ($response_details['from_email'] and $response_details['subject'] and $response_details['message'] and $response_details['destination_email']) {
if ($response_details['from_name']) {
$response_details['from_email'] = "\"" . $response_details['from_name'] . "\"<" . $response_details['from_email'] . ">";
}
}
$result = formbuilder_send_email($response_details['destination_email'], decode_html_entities($response_details['subject'], ENT_QUOTES, get_option('blog_charset')), $response_details['message'], "From: " . $response_details['from_email']);
if ($result) {
die($result);
}
}
foreach ($fields as $field) {
if ($field['field_type'] == "followup page") {
echo "<meta HTTP-EQUIV='REFRESH' content='0; url=" . $field['field_value'] . "'>";
break;
}
}
return false;
}
function formbuilder_process_alternate_action($form, $fields)
{
// Ensure that the post location in the thankyoutext looks like a valid url.
$url = trim($form['thankyoutext']);
if (!($parts = parse_url($url))) {
// Post location does NOT look like a valid url, return an error.
return __("Alternate Form Action does NOT look like a valid URL. Please contact the website administrator.", 'formbuilder');
}
if (isset($parts['path']) && $parts['path'][0] !== '/') {
$parts['path'] = dirname($_SERVER['REQUEST_URI']) . '/' . $parts['path'];
}
$url = formbuilder_create_url($parts);
// Create data array to be sent to the alternate form processing system.
$data['name'] = $form['name'];
$data['subject'] = $form['subject'];
$data['destination_email'] = $form['recipient'];
foreach ($fields as $field) {
$field_name = $field['field_name'];
$field_post = $field['value'];
$data[$field_name] = $field_post;
}
// send a request to example.com (referer = jonasjohn.de)
list($header, $content) = formbuilder_curlRequest($url, $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $data);
$thankyoutext = $content;
echo "\n<div class='formBuilderSuccess'>" . decode_html_entities($thankyoutext, ENT_NOQUOTES, get_option('blog_charset')) . "</div>";
return false;
}
function formbuilder_process_xml_email($form, $fields)
{
global $_POST, $wpdb, $formBuilderTextStrings;
$xml_container = "form";
$email_msg = "<{$xml_container}>\r\n";
$autoresponse_required = false;
$source_email = "";
// Iterate through the form fields to add values to the email sent to the recipient.
foreach ($fields as $field) {
// Add the comments to the email message, if they are appropriate.
if ($field['field_type'] != "comments area" and $field['field_type'] != "followup page" and $field['field_type'] != "spam blocker" and $field['field_type'] != "page break" and $field['field_type'] != "submit button" and $field['field_type'] != "submit image" and $field['field_type'] != "captcha field") {
$email_msg .= "<" . decode_html_entities($field['field_name'], ENT_QUOTES, get_option('blog_charset')) . ">" . decode_html_entities($field['value'], ENT_QUOTES, get_option('blog_charset')) . "</" . decode_html_entities($field['field_name'], ENT_QUOTES, get_option('blog_charset')) . ">\r\n";
}
// Get source email address, if exists. Will use the first email address listed in the form results, as the source email address.
if ($field['required_data'] == "email address" and !$source_email) {
$source_email = $field['value'];
}
// Add IP if enabled.
$ip_capture = get_option('formBuilder_IP_Capture');
if ($ip_capture == 'Enabled' and isset($_SERVER['REMOTE_ADDR'])) {
$email_msg .= "<ip>" . $_SERVER['REMOTE_ADDR'] . "</ip>\r\n";
}
// Add Page and Referer urls to the bottom of the email.
if (isset($_POST['PAGE'])) {
$email_msg .= "<page>" . $_POST['PAGE'] . "</page>\r\n";
}
if (isset($_POST['REFERER'])) {
$email_msg .= "<referer>" . $_POST['REFERER'] . "</referer>\r\n";
}
}
$email_msg .= "</{$xml_container}>";
// Set autoresponse information if required and send it out.
if ($source_email and $form['autoresponse'] != false and $autoresponse_required == false) {
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_RESPONSES . " WHERE id = '" . $form['autoresponse'] . "';";
$results = $wpdb->get_results($sql, ARRAY_A);
$response_details = $results[0];
$response_details['destination_email'] = $source_email;
if ($response_details['from_email'] and $response_details['subject'] and $response_details['message'] and $response_details['destination_email']) {
if ($response_details['from_name']) {
$response_details['from_email'] = "\"" . $response_details['from_name'] . "\"<" . $response_details['from_email'] . ">";
}
}
$result = formbuilder_send_email($response_details['destination_email'], decode_html_entities($response_details['subject'], ENT_QUOTES, get_option('blog_charset')), $response_details['message'], "From: " . $response_details['from_email']);
if ($result) {
die($result);
}
}
if (!$source_email) {
$source_email = get_option('admin_email');
}
$sendResult = formbuilder_send_email($form['recipient'], $form['subject'], $email_msg, "From: " . $source_email . "\n");
if (!$sendResult) {
if (!$form['thankyoutext']) {
$form['thankyoutext'] = "<h4>" . $formBuilderTextStrings['success'] . "</h4><p>" . $formBuilderTextStrings['send_success'] . "</p>";
}
echo "\n<div class='formBuilderSuccess'>" . decode_html_entities($form['thankyoutext'], ENT_NOQUOTES, get_option('blog_charset')) . "</div>";
}
return $sendResult;
}
function formbuilder_process_alternate_action($form, $fields)
{
// Ensure that the post location in the thankyoutext looks like a valid url.
$url = trim($form['thankyoutext']);
$urlregex = '@^[a-z]{3,5}\\://([a-z0-9\\.\\-\\:]+)([a-z0-9/=]*)([a-z0-9/\\?=]*)@i';
if (!preg_match($urlregex, $url, $regs)) {
// Post location does NOT look like a valid url, return an error.
return __("Alternate Form Action does NOT look like a valid URL. Please contact the website administrator.", 'formbuilder');
}
// Create data array to be sent to the alternate form processing system.
$data['name'] = $form['name'];
$data['subject'] = $form['subject'];
$data['destination_email'] = $form['recipient'];
foreach ($fields as $field) {
$field_name = $field['field_name'];
$field_post = $field['value'];
$data[$field_name] = $field_post;
}
// send a request to example.com (referer = jonasjohn.de)
list($header, $content) = formbuilder_curlRequest($url, $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $data);
$thankyoutext = $content;
echo "\n<div class='formBuilderSuccess'>" . decode_html_entities($thankyoutext, ENT_NOQUOTES, get_option('blog_charset')) . "</div>";
return false;
}
function export_csv()
{
global $wpdb;
$specific_form = false;
$where = "WHERE 1";
// Configure the Where clause depending on posted data.
if (isset($_POST['date_from']) and isset($_POST['date_to'])) {
$timestamp_from = $this->output_date($_POST['date_from'], false);
$timestamp_to = $this->output_date($_POST['date_to'], true);
$where .= " AND timestamp > '{$timestamp_from}' AND timestamp < '{$timestamp_to}'";
}
if (isset($_POST['form_id']) and $_POST['form_id'] != "" and preg_match('#^[0-9]+$#isU', $_POST['form_id'])) {
$form_id = addslashes(trim($_POST['form_id']));
$specific_form = true;
$where .= " AND form_id = '" . $form_id . "'";
}
if (isset($_POST['form_id']) and $_POST['form_id'] == "orphaned") {
$sql = 'SELECT id FROM ' . FORMBUILDER_TABLE_FORMS . ' ORDER BY name ASC;';
$forms = $wpdb->get_results($sql, ARRAY_A);
$allFormIDs = array();
foreach ($forms as $form) {
$allFormIDs[] = $form['id'];
}
$where .= " AND form_id NOT IN (" . implode(',', $allFormIDs) . ") ";
}
if (isset($_GET['h'])) {
$formResults = get_option('formbuilder_db_export_ids');
$hash = md5($formResults);
if ($hash != $_GET['h']) {
_e("We're sorry, the export seems to have failed. Please try again.");
exit;
}
$formIDs = explode(",", $formResults);
$where .= " AND (";
$first = true;
foreach ($formIDs as $form_id) {
if (preg_match('#^[0-9]+$#isU', $form_id)) {
$form_id = addslashes(trim($form_id));
if (!$first) {
$where .= " OR";
}
$where .= " id = '" . $form_id . "'";
}
$first = false;
}
$where .= " ) ";
}
// Set headers
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=forms.csv");
header("Content-Type: application/csv");
header("Content-Transfer-Encoding: text");
// Create the first line of the CSV export with field labels if necessary.
echo '"' . __('Result ID', 'formbuilder') . '","' . __('Form ID', 'formbuilder') . '","' . __('Timestamp', 'formbuilder') . '"';
echo ',"' . __('FormSubject', 'formbuilder') . '","' . __('FormRecipient', 'formbuilder') . '"';
if ($specific_form == true and $form_id > 0) {
$field_list = array();
$field_list[] = 'FormSubject';
$field_list[] = 'FormRecipient';
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '" . $form_id . "' ORDER BY display_order ASC;";
$fields = $wpdb->get_results($sql, ARRAY_A);
if (isset($fields) and $fields !== false) {
foreach ($fields as $field) {
if (trim($field['field_name']) != "") {
$field_list[] = $field['field_name'];
echo ',"' . $field['field_name'] . '"';
}
}
} else {
echo ',"' . __('Field Values', 'formbuilder') . '"';
}
$field_list[] = 'IP';
$field_list[] = 'Page';
$field_list[] = 'Referrer';
echo ',"' . __('IP', 'formbuilder') . '"';
echo ',"' . __('Page', 'formbuilder') . '"';
echo ',"' . __('Referrer', 'formbuilder') . '"';
} else {
echo ',"' . __('Field Values', 'formbuilder') . '"';
}
echo "\r\n";
$currentTime = current_time('timestamp');
$offset = time() - $currentTime;
$i = 0;
do {
$sql_offset = $this->result_limit;
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_RESULTS . " {$where} ORDER BY timestamp DESC;";
$result = $wpdb->get_row($sql, ARRAY_A, $i);
if ($result === false or $result == "") {
break;
}
$form_data = $this->xmltoarray($result['xmldata']);
echo $result['id'];
echo ',' . $result['form_id'];
echo ',"' . date("F j, Y, g:i a", $result['timestamp'] - $offset) . '"';
if ($specific_form == true and $field_list) {
foreach ($field_list as $key) {
if (isset($form_data['form'][$key])) {
$value = $form_data['form'][$key];
} else {
$value = "";
}
echo ',"' . str_replace('"', '""', decode_html_entities($value, ENT_NOQUOTES, get_option('blog_charset'))) . '"';
}
} else {
foreach ($form_data['form'] as $key => $value) {
if ($specific_form == true) {
$key_insert = '';
} else {
$key_insert = $key . ': ';
}
echo ',"' . $key_insert . str_replace('"', '""', decode_html_entities($value, ENT_NOQUOTES, get_option('blog_charset'))) . '"';
}
}
echo "\r\n";
$i++;
flush();
@set_time_limit(30);
} while ($result != false);
}
function formbuilder_process_email($form, $fields)
{
global $_POST, $wpdb;
$formBuilderTextStrings = formbuilder_load_strings();
$email_sub = $form['subject'];
// mai - added
$email_msg = "";
$autoresponse_required = false;
$source_email = "";
// Iterate through the form fields to add values to the email sent to the recipient.
foreach ($fields as $field) {
// Add the comments to the email message, if they are appropriate.
if (trim($field['field_name']) != "" and $field['field_type'] != "recipient selection" and $field['field_type'] != "comments area" and $field['field_type'] != "followup page" and $field['field_type'] != "spam blocker" and $field['field_type'] != "page break" and $field['field_type'] != "reset button" and $field['field_type'] != "submit button" and $field['field_type'] != "submit image" and $field['field_type'] != "captcha field") {
$email_msg .= strtoupper(decode_html_entities($field['field_name'], ENT_QUOTES, get_option('blog_charset'))) . ": " . decode_html_entities($field['value'], ENT_QUOTES, get_option('blog_charset')) . "\r\n\r\n";
$field_values[$field['field_name']] = decode_html_entities($field['value'], ENT_QUOTES, get_option('blog_charset'));
// Populate ~variable~ tags in the form subject with values submitted by the user
$email_sub = str_replace("~" . $field['field_name'] . "~", $field_values[$field['field_name']], $email_sub);
// mai - added
} elseif ($field['field_type'] == "recipient selection") {
// If we have a recipient selection field, change the form recipient to the selected value.
if (preg_match('#' . FORMBUILDER_PATTERN_EMAIL . '#isU', trim($field['value']))) {
$form['recipient'] = trim($field['value']);
} else {
$email_msg .= $formBuilderTextStrings['bad_alternate_email'] . " [" . trim($field['value']) . "]\n\n";
}
}
// Get source email address, if exists. Will use the first email address listed in the form results, as the source email address.
if ($field['required_data'] == "email address" and !$source_email) {
$source_email = $field['value'];
}
}
// Add IP if enabled.
$ip_capture = get_option('formBuilder_IP_Capture');
if ($ip_capture == 'Enabled' and isset($_SERVER['REMOTE_ADDR'])) {
$email_msg .= "IP: " . $_SERVER['REMOTE_ADDR'] . "\r\n";
}
$referrer_info = get_option('formBuilder_referrer_info');
if ($referrer_info == 'Enabled') {
// Add Page and Referer urls to the bottom of the email.
if (isset($_POST['PAGE'])) {
$email_msg .= "PAGE: " . $_POST['PAGE'] . "\r\n";
}
if (isset($_POST['REFERER'])) {
$email_msg .= "REFERER: " . $_POST['REFERER'] . "\r\n";
}
}
// Set autoresponse information if required and send it out.
if ($source_email and $form['autoresponse'] != false and $autoresponse_required == false) {
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_RESPONSES . " WHERE id='" . $form['autoresponse'] . "';";
$results = $wpdb->get_results($sql, ARRAY_A);
$response_details = $results[0];
$response_details['destination_email'] = $source_email;
if ($response_details['from_email'] and $response_details['subject'] and $response_details['message'] and $response_details['destination_email']) {
if ($response_details['from_name']) {
$response_details['from_email'] = '"' . $response_details['from_name'] . '"<' . $response_details['from_email'] . '>';
}
}
// Populate ~variable~ tags in the autoresponse with values submitted by the user.
$txtAllFields = "";
foreach ($field_values as $key => $value) {
$response_details['subject'] = str_replace("~" . $key . "~", $value, $response_details['subject']);
$response_details['message'] = str_replace("~" . $key . "~", $value, $response_details['message']);
$txtAllFields .= $key . ": " . $value . "\n";
}
$response_details['subject'] = str_replace("~FullForm~", trim($txtAllFields), $response_details['subject']);
$response_details['message'] = str_replace("~FullForm~", trim($txtAllFields), $response_details['message']);
$result = formbuilder_send_email($response_details['destination_email'], decode_html_entities($response_details['subject'], ENT_QUOTES, get_option('blog_charset')), $response_details['message'], "From: " . $response_details['from_email'] . "\nReply-To: " . $response_details['from_email'] . "\n");
if ($result) {
die($result);
}
}
// James' addition to ensure no hacking is allowed.
$email_sub = preg_replace('#[^a-z0-9_ -]#isU', '', $email_sub);
if (!$source_email) {
$source_email = get_option('admin_email');
}
// Updated to force from address to use what is saved in settings.
$formBuilder_Default_from = formbuilder_get_default_from();
// Allow for old style messaging.
if (strtoupper($formBuilder_Default_from) == '[SENDER_EMAIL]') {
$formBuilder_Default_from = $source_email;
}
return formbuilder_send_email($form['recipient'], decode_html_entities($email_sub, ENT_QUOTES, get_option('blog_charset')), $email_msg, "From: " . $formBuilder_Default_from . "\nReply-To: " . $source_email . "\n");
}
function formbuilder_process_email($form, $fields)
{
global $_POST, $wpdb;
$formBuilderTextStrings = formbuilder_load_strings();
$email_msg = "";
$autoresponse_required = false;
$source_email = "";
// Iterate through the form fields to add values to the email sent to the recipient.
foreach ($fields as $field) {
// Add the comments to the email message, if they are appropriate.
if (trim($field['field_name']) != "" and $field['field_type'] != "recipient selection" and $field['field_type'] != "comments area" and $field['field_type'] != "followup page" and $field['field_type'] != "spam blocker" and $field['field_type'] != "page break" and $field['field_type'] != "reset button" and $field['field_type'] != "submit button" and $field['field_type'] != "submit image" and $field['field_type'] != "captcha field") {
$email_msg .= strtoupper(decode_html_entities($field['field_name'], ENT_QUOTES, get_option('blog_charset'))) . ": " . decode_html_entities($field['value'], ENT_QUOTES, get_option('blog_charset')) . "\r\n\r\n";
$field_values[$field['field_name']] = decode_html_entities($field['value'], ENT_QUOTES, get_option('blog_charset'));
} elseif ($field['field_type'] == "recipient selection") {
// If we have a recipient selection field, change the form recipient to the selected value.
if (eregi(FORMBUILDER_PATTERN_EMAIL, trim($field['value']))) {
$form['recipient'] = trim($field['value']);
} else {
$email_msg .= $formBuilderTextStrings['bad_alternate_email'] . " [" . trim($field['value']) . "]\n\n";
}
}
// Get source email address, if exists. Will use the first email address listed in the form results, as the source email address.
if ($field['required_data'] == "email address" and !$source_email) {
$source_email = $field['value'];
}
// Add the followup page redirect, if it exists.
if ($field['field_type'] == "followup page" and trim($field['field_value']) != "") {
echo "<meta HTTP-EQUIV='REFRESH' content='0; url=" . $field['field_value'] . "'>";
}
}
// Add IP if enabled.
$ip_capture = get_option('formBuilder_IP_Capture');
if ($ip_capture == 'Enabled' and isset($_SERVER['REMOTE_ADDR'])) {
$email_msg .= "IP: " . $_SERVER['REMOTE_ADDR'] . "\r\n";
}
$referrer_info = get_option('formBuilder_referrer_info');
if ($referrer_info == 'Enabled') {
// Add Page and Referer urls to the bottom of the email.
if (isset($_POST['PAGE'])) {
$email_msg .= "PAGE: " . $_POST['PAGE'] . "\r\n";
}
if (isset($_POST['REFERER'])) {
$email_msg .= "REFERER: " . $_POST['REFERER'] . "\r\n";
}
}
// Set autoresponse information if required and send it out.
if ($source_email and $form['autoresponse'] != false and $autoresponse_required == false) {
$sql = "SELECT * FROM " . FORMBUILDER_TABLE_RESPONSES . " WHERE id='" . $form['autoresponse'] . "';";
$results = $wpdb->get_results($sql, ARRAY_A);
$response_details = $results[0];
$response_details['destination_email'] = $source_email;
if ($response_details['from_email'] and $response_details['subject'] and $response_details['message'] and $response_details['destination_email']) {
if ($response_details['from_name']) {
$response_details['from_email'] = '"' . $response_details['from_name'] . '"<' . $response_details['from_email'] . '>';
}
}
// Populate ~variable~ tags in the autoresponse with values submitted by the user.
foreach ($field_values as $key => $value) {
$response_details['subject'] = str_replace("~" . $key . "~", $value, $response_details['subject']);
$response_details['message'] = str_replace("~" . $key . "~", $value, $response_details['message']);
}
$result = formbuilder_send_email($response_details['destination_email'], decode_html_entities($response_details['subject'], ENT_QUOTES, get_option('blog_charset')), $response_details['message'], "From: " . $response_details['from_email'] . "\nReply-To: " . $response_details['from_email'] . "\n");
if ($result) {
die($result);
}
}
if (!$source_email) {
$source_email = get_option('admin_email');
}
return formbuilder_send_email($form['recipient'], decode_html_entities($form['subject'], ENT_QUOTES, get_option('blog_charset')), $email_msg, "From: " . $source_email . "\nReply-To: " . $source_email . "\n");
}
