function reset_captcha($no = '')
{
### fix for windows!!!
if (strpos(__FILE__, '\\')) {
$path = preg_replace('|.*(wp-content.*)lib_ajax.php|', '${1}', __FILE__);
$path = '/' . str_replace('\\', '/', $path);
} else {
$path = preg_replace('|.*(/wp-content/.*)/.*|', '${1}', __FILE__);
}
$path = get_bloginfo('wpurl') . $path;
$newimage = 'newcap|' . $no . '|' . $path . '/cforms-captcha.php?ts=' . $no . str_replace('&', '&', get_captcha_uri());
return $newimage;
}
function reset_captcha($no = '')
{
@session_start();
$_SESSION['turing_string_' . $no] = rc();
//fix for windows!!!
if (strpos(__FILE__, '\\')) {
$path = preg_replace('|.*(wp-content.*)lib_ajax.php|', '${1}', __FILE__);
$path = '/' . str_replace('\\', '/', $path);
} else {
$path = preg_replace('|.*(/wp-content/.*)/.*|', '${1}', __FILE__);
}
$path = get_bloginfo('wpurl') . $path;
$newimage = md5($_SESSION['turing_string_' . $no]) . '|' . $no . '|' . $path . '/cforms-captcha.php?ts=' . $no . str_replace('&', '&', get_captcha_uri());
return $newimage;
}
function cforms($args = '', $no = '')
{
global $smtpsettings, $subID, $cforms_root, $wpdb, $track, $wp_db_version, $cformsSettings;
parse_str($args, $r);
$oldno = $no == '1' ? '' : $no;
### remeber old val, to reset session when in new MP form
##debug
db("Original form on page #{$oldno}");
### multi page form: overwrite $no
$isWPcommentForm = substr($cformsSettings['form' . $oldno]['cforms' . $oldno . '_tellafriend'], 0, 1) == '2';
$isMPform = $cformsSettings['form' . $oldno]['cforms' . $oldno . '_mp']['mp_form'];
$isTAF = substr($cformsSettings['form' . $oldno]['cforms' . $oldno . '_tellafriend'], 0, 1);
##debug
db("Comment form = {$isWPcommentForm}");
db("Multi-page form = {$isMPform}");
if ($isMPform && is_array($_SESSION['cforms']) && $_SESSION['cforms']['current'] > 0 && !$isWPcommentForm) {
$no = $_SESSION['cforms']['current'];
}
### Safety, in case someone uses '1' for the default form
$no = $no == '1' ? '' : $no;
##debug
db("Switch to form #{$no}");
$moveBack = false;
### multi page form: reset button
if (isset($_REQUEST['resetbutton' . $no]) && is_array($_SESSION['cforms'])) {
$no = $oldno;
unset($_SESSION['cforms']);
$_SESSION['cforms']['current'] = 0;
$_SESSION['cforms']['first'] = $oldno;
$_SESSION['cforms']['pos'] = 1;
##debug
db("Reset-Button pressed");
} else {
### multi page form: back button
if (isset($_REQUEST['backbutton' . $no]) && isset($_SESSION['cforms']) && $_SESSION['cforms']['pos'] - 1 >= 0) {
$no = $_SESSION['cforms']['list'][$_SESSION['cforms']['pos']-- - 1];
$_SESSION['cforms']['current'] = $no;
$moveBack = true;
##debug
db("Back-Button pressed");
} else {
### mp init: must be mp, first & not submitted!
if ($isMPform && $cformsSettings['form' . $oldno]['cforms' . $oldno . '_mp']['mp_first'] && !isset($_REQUEST['sendbutton' . $no])) {
##debug
db("Current form is *first* MP-form");
db("Session found, you're on the first form and session is reset!");
$no = $oldno == '1' ? '' : $oldno;
### restore old val
unset($_SESSION['cforms']);
$_SESSION['cforms']['current'] = 0;
$_SESSION['cforms']['first'] = $no;
$_SESSION['cforms']['pos'] = 1;
}
}
}
##debug
db(print_r($_SESSION, 1));
### custom fields support
if (!(strpos($no, '+') === false)) {
$no = substr($no, 0, -1);
$customfields = build_fstat($args);
$field_count = count($customfields);
$custom = true;
} else {
$custom = false;
$field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
}
$content = '';
$err = 0;
$filefield = 0;
$validations = array();
$all_valid = 1;
$off = 0;
$fieldsetnr = 1;
$c_errflag = false;
$custom_error = '';
$usermessage_class = '';
### get user credentials
if (function_exists('wp_get_current_user')) {
$user = wp_get_current_user();
}
### non Ajax method
if (isset($_REQUEST['sendbutton' . $no])) {
require_once dirname(__FILE__) . '/lib_nonajax.php';
$usermessage_class = $all_valid ? ' success' : ' failure';
}
### called from lib_WPcomments ?
if ($isWPcommentForm && $send2author) {
return $all_valid;
}
###
###
### paint form
###
###
$success = false;
### fix for WP Comment (loading after redirect)
if (isset($_GET['cfemail']) && $isWPcommentForm) {
$usermessage_class = ' success';
$success = true;
if ($_GET['cfemail'] == 'sent') {
$usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_success']));
} elseif ($_GET['cfemail'] == 'posted') {
$usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes($cformsSettings['form' . $no]['cforms_commentsuccess']));
}
}
$break = '<br />';
$nl = "\n";
$tab = "\t";
$tt = "\t\t";
$ntt = "\n\t\t";
$nttt = "\n\t\t\t";
### either show info message above or below
$usermessage_text = check_default_vars($usermessage_text, $no);
$usermessage_text = check_cust_vars($usermessage_text, $track, $no);
### logic: possibly change usermessage
if (function_exists('my_cforms_logic')) {
$usermessage_text = my_cforms_logic($trackf, $usermessage_text, 'successMessage');
}
$umc = $usermessage_class != '' && $no > 1 ? ' ' . $usermessage_class . $no : '';
##debug
db("User info for form #{$no}");
### where to show message
if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 0, 1) == 'y') {
$content .= $ntt . '<div id="usermessage' . $no . 'a" class="cf_info' . $usermessage_class . $umc . ' ">' . $usermessage_text . '</div>';
$actiontarget = 'a';
} else {
if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 1, 1) == 'y') {
$actiontarget = 'b';
}
}
### multi page form: overwrite $no, move on to next form
if ($all_valid && isset($_REQUEST['sendbutton' . $no])) {
$isMPformNext = false;
### default
$oldcurrent = $no;
if ($isMPform && isset($_SESSION['cforms']) && $_SESSION['cforms']['current'] > 0 && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next'] != -1) {
$isMPformNext = true;
$no = check_form_name($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next']);
##debug
db("Session active and now moving on to form #{$no}");
### logic: possibly change next form
if (function_exists('my_cforms_logic')) {
$no = my_cforms_logic($trackf, $no, "nextForm");
}
### use trackf!
$oldcurrent = $_SESSION['cforms']['current'];
$_SESSION['cforms']['current'] = $no == '' ? 1 : $no;
$field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
} elseif ($isMPform && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_next'] == -1) {
##debug
db("Session was active but is being reset now");
$oldcurrent = $no;
$no = $_SESSION['cforms']['first'];
unset($_SESSION['cforms']);
$_SESSION['cforms']['current'] = 0;
$_SESSION['cforms']['first'] = $no;
$_SESSION['cforms']['pos'] = 1;
$field_count = $cformsSettings['form' . $no]['cforms' . $no . '_count_fields'];
}
}
##debug
db("All good, currently on form #{$no}");
##debug: optional
## db(print_r($_SESSION,1));
## db(print_r($track,1));
### redirect == 2 : hide form? || or if max entries reached! w/ SESSION support if#2
if ($all_valid && ($cformsSettings['form' . $no]['cforms' . $no . '_hide'] && isset($_REQUEST['sendbutton' . $no]) || $cformsSettings['form' . $oldcurrent]['cforms' . $oldcurrent . '_hide'] && isset($_REQUEST['sendbutton' . $oldcurrent]))) {
return $content;
} else {
if ($cformsSettings['form' . $no]['cforms' . $no . '_maxentries'] != '' && get_cforms_submission_left($no) <= 0 || !cf_check_time($no)) {
if ($cflimit == "reached") {
return stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_limittxt']);
} else {
return $content . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_limittxt']);
}
}
}
### alternative form action
$alt_action = false;
if ($cformsSettings['form' . $no]['cforms' . $no . '_action'] == '1') {
$action = $cformsSettings['form' . $no]['cforms' . $no . '_action_page'];
$alt_action = true;
} else {
if ($isWPcommentForm) {
$action = $cforms_root . '/lib_WPcomment.php';
} else {
$action = get_current_page(false) . '#usermessage' . $no . $actiontarget;
}
}
### start with form tag
$content .= $ntt . '<form enctype="multipart/form-data" action="' . $action . '" method="post" class="cform' . ($cformsSettings['form' . $no]['cforms' . $no . '_dontclear'] ? ' cfnoreset' : '') . '" id="cforms' . $no . 'form">' . $nl;
### Session item counter (for default values)
$sItem = 1;
### start with no fieldset
$fieldsetopen = false;
$verification = false;
$captcha = false;
$upload = false;
$fscount = 1;
$ol = false;
for ($i = 1; $i <= $field_count; $i++) {
if (!$custom) {
$field_stat = explode('$#$', $cformsSettings['form' . $no]['cforms' . $no . '_count_field_' . $i]);
} else {
$field_stat = explode('$#$', $customfields[$i - 1]);
}
$field_name = $field_stat[0];
$field_type = $field_stat[1];
$field_required = $field_stat[2];
$field_emailcheck = $field_stat[3];
$field_clear = $field_stat[4];
$field_disabled = $field_stat[5];
$field_readonly = $field_stat[6];
### ommit certain fields
if (in_array($field_type, array('cauthor', 'url', 'email')) && $user->ID) {
continue;
}
### check for custom err message and split field_name
$obj = explode('|err:', $field_name, 2);
$fielderr = $obj[1];
if ($fielderr != '') {
switch ($field_type) {
case 'upload':
$custom_error .= 'cf_uploadfile' . $no . '-' . $i . '$#$' . $fielderr . '|';
break;
case 'captcha':
$custom_error .= 'cforms_captcha' . $no . '$#$' . $fielderr . '|';
break;
case 'verification':
$custom_error .= 'cforms_q' . $no . '$#$' . $fielderr . '|';
break;
case "cauthor":
case "url":
case "email":
case "comment":
$custom_error .= $field_type . '$#$' . $fielderr . '|';
break;
default:
preg_match('/^([^#\\|]*).*/', $field_name, $input_name);
if (strpos($input_name[1], '[id:') > 0) {
preg_match('/\\[id:(.+)\\]/', $input_name[1], $input_name);
}
$custom_error .= $cformsSettings['form' . $no]['cforms' . $no . '_customnames'] == '1' ? cf_sanitize_ids($input_name[1]) : 'cf' . $no . '_field_' . $i;
$custom_error .= '$#$' . $fielderr . '|';
break;
}
}
### check for title attrib
$obj = explode('|title:', $obj[0], 2);
$fieldTitle = $obj[1] != '' ? ' title="' . str_replace('"', '"', stripslashes($obj[1])) . '"' : '';
### special treatment for selectboxes
if (in_array($field_type, array('multiselectbox', 'selectbox', 'radiobuttons', 'send2author', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox'))) {
$chkboxClicked = array();
if (in_array($field_type, array('luv', 'subscribe', 'checkbox', 'ccbox')) && strpos($obj[0], '|set:') > 1) {
$chkboxClicked = explode('|set:', stripslashes($obj[0]));
$obj[0] = $chkboxClicked[0];
}
$options = explode('#', stripslashes($obj[0]));
$field_name = $options[0];
}
### check if fieldset is open
if (!$fieldsetopen && !$ol && $field_type != 'fieldsetstart') {
$content .= $tt . '<ol class="cf-ol">';
$ol = true;
}
$labelclass = '';
### visitor verification
if (!$verification && $field_type == 'verification') {
srand(microtime() * 1000003);
$qall = explode("\r\n", $cformsSettings['global']['cforms_sec_qa']);
$n = rand(0, count(array_keys($qall)) - 1);
$q = $qall[$n];
$q = explode('=', $q);
### q[0]=qestion q[1]=answer
$field_name = stripslashes(htmlspecialchars($q[0]));
$labelclass = ' class="secq"';
} else {
if ($field_type == 'captcha') {
$labelclass = ' class="seccap"';
}
}
$defaultvalue = '';
### setting the default val & regexp if it exists
if (!in_array($field_type, array('fieldsetstart', 'fieldsetend', 'radiobuttons', 'send2author', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox', 'multiselectbox', 'selectbox', 'verification'))) {
### check if default val & regexp are set
$obj = explode('|', $obj[0], 3);
if ($obj[2] != '') {
$reg_exp = str_replace('"', '"', stripslashes($obj[2]));
} else {
$reg_exp = '';
}
if ($obj[1] != '') {
$defaultvalue = str_replace('"', '"', check_default_vars(stripslashes($obj[1]), $no));
}
$field_name = $obj[0];
}
### label ID's
$labelIDx = '';
$labelID = $cformsSettings['global']['cforms_labelID'] == '1' ? ' id="label-' . $no . '-' . $i . '"' : '';
### <li> ID's
$liID = $cformsSettings['global']['cforms_liID'] == '1' || substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) == "y" || substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) == "y" ? ' id="li-' . $no . '-' . $i . '"' : '';
### input field names & label
if ($cformsSettings['form' . $no]['cforms' . $no . '_customnames'] == '1') {
if (strpos($field_name, '[id:') !== false) {
$idPartA = strpos($field_name, '[id:');
$idPartB = strpos($field_name, ']', $idPartA);
$input_id = $input_name = cf_sanitize_ids(substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4));
$field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
} else {
$input_id = $input_name = cf_sanitize_ids(stripslashes($field_name));
}
} else {
$input_id = $input_name = 'cf' . $no . '_field_' . $i;
}
$field_class = '';
$field_value = '';
switch ($field_type) {
case 'luv':
$input_id = $input_name = 'luv';
break;
case 'subscribe':
$input_id = $input_name = 'subscribe';
break;
case 'verification':
if (is_user_logged_in() && $cformsSettings['global']['cforms_captcha_def']['foqa'] != '1') {
continue 2;
}
$input_id = $input_name = 'cforms_q' . $no;
break;
case 'captcha':
if (is_user_logged_in() && $cformsSettings['global']['cforms_captcha_def']['fo'] != '1') {
continue 2;
}
$input_id = $input_name = 'cforms_captcha' . $no;
break;
case 'upload':
$input_id = $input_name = 'cf_uploadfile' . $no . '-' . $i;
$field_class = 'upload';
break;
case "send2author":
case "email":
case "cauthor":
case "url":
$input_id = $input_name = $field_type;
case "datepicker":
case "yourname":
case "youremail":
case "friendsname":
case "friendsemail":
case "textfield":
case "pwfield":
$field_class = 'single';
break;
case "hidden":
$field_class = 'hidden';
break;
case 'comment':
$input_id = $input_name = $field_type;
$field_class = 'area';
break;
case 'textarea':
$field_class = 'area';
break;
}
### additional field classes
if ($field_disabled) {
$field_class .= ' disabled';
}
if ($field_readonly) {
$field_class .= ' readonly';
}
if ($field_emailcheck) {
$field_class .= ' fldemail';
}
if ($field_required) {
$field_class .= ' fldrequired';
}
### error ?
$liERR = $insertErr = '';
### only for mp forms
if ($moveBack || $isMPformNext) {
$field_value = htmlspecialchars(stripslashes($_SESSION['cforms']['cf_form' . $no][$_SESSION['cforms']['cf_form' . $no]['$$$' . $sItem++]]));
}
if (!$all_valid) {
### errors...
if ($validations[$i] == 1) {
$field_class .= '';
} else {
$field_class .= ' cf_error';
### enhanced error display
if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) == "y") {
$liERR = 'cf_li_err';
}
if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) == "y") {
$insertErr = $fielderr != '' ? '<ul class="cf_li_text_err"><li>' . stripslashes($fielderr) . '</li></ul>' : '';
}
}
if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
$field_value = $_REQUEST[$input_name];
### in this case it's an array! will do the stripping later
} else {
$field_value = htmlspecialchars(stripslashes($_REQUEST[$input_name]));
}
} else {
if (!isset($_REQUEST['sendbutton' . $no]) && isset($_REQUEST[$input_name]) || $cformsSettings['form' . $no]['cforms' . $no . '_dontclear']) {
### only pre-populating fields...
if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
$field_value = $_REQUEST[$input_name];
} else {
$field_value = htmlspecialchars(stripslashes($_REQUEST[$input_name]));
}
}
}
### print label only for non "textonly" fields! Skip some others too, and handle them below indiv.
if (!in_array($field_type, array('hidden', 'textonly', 'fieldsetstart', 'fieldsetend', 'ccbox', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'send2author', 'radiobuttons'))) {
$content .= $nttt . '<li' . $liID . ' class="' . $liERR . '">' . $insertErr . '<label' . $labelID . ' for="' . $input_id . '"' . $labelclass . '><span>' . stripslashes($field_name) . '</span></label>';
}
### if not reloaded (due to err) then use default values
if ($field_value == '' && $defaultvalue != '') {
$field_value = $defaultvalue;
}
### field disabled or readonly, greyed out?
$disabled = $field_disabled ? ' disabled="disabled"' : '';
$readonly = $field_readonly ? ' readonly="readonly"' : '';
### add input field
$dp = '';
$naming = false;
$field = '';
$val = '';
$force_checked = false;
$cookieset = '';
switch ($field_type) {
case "upload":
$upload = true;
### set upload flag for ajax suppression!
$field = '<input' . $readonly . $disabled . ' type="file" name="cf_uploadfile' . $no . '[]" id="cf_uploadfile' . $no . '-' . $i . '" class="cf_upload ' . $field_class . '"' . $fieldTitle . '/>';
break;
case "textonly":
$field .= $nttt . '<li' . $liID . ' class="textonly' . ($defaultvalue != '' ? ' ' . $defaultvalue : '') . '"' . ($reg_exp != '' ? ' style="' . $reg_exp . '" ' : '') . '>' . stripslashes($field_name) . '</li>';
break;
case "fieldsetstart":
if ($fieldsetopen) {
$field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
$fieldsetopen = false;
$ol = false;
}
if (!$fieldsetopen) {
if ($ol) {
$field = $ntt . '</ol>' . $nl;
}
$field .= $tt . '<fieldset class="cf-fs' . $fscount++ . '">' . $nl . $tt . '<legend>' . stripslashes($field_name) . '</legend>' . $nl . $tt . '<ol class="cf-ol">';
$fieldsetopen = true;
$ol = true;
}
break;
case "fieldsetend":
if ($fieldsetopen) {
$field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
$fieldsetopen = false;
$ol = false;
} else {
$field = '';
}
break;
case "verification":
$field = '<input type="text" name="' . $input_name . '" id="cforms_q' . $no . '" class="secinput ' . $field_class . '" value=""' . $fieldTitle . '/>';
$verification = true;
break;
case "captcha":
$field = '<input type="text" name="' . $input_name . '" id="cforms_captcha' . $no . '" class="secinput' . $field_class . '" value=""' . $fieldTitle . '/>' . '<img id="cf_captcha_img' . $no . '" class="captcha" src="' . $cforms_root . '/cforms-captcha.php?ts=' . $no . get_captcha_uri() . '" alt=""/>' . '<a title="' . __('reset captcha image', 'cforms') . '" href="javascript:reset_captcha(\'' . $no . '\')"><img class="captcha-reset" src="' . $cforms_root . '/images/spacer.gif" alt="Captcha"/></a>';
$captcha = true;
break;
case "cauthor":
$cookieset = 'comment_author_' . COOKIEHASH;
case "url":
$cookieset = $cookieset == '' ? 'comment_author_url_' . COOKIEHASH : $cookieset;
case "email":
$cookieset = $cookieset == '' ? 'comment_author_email_' . COOKIEHASH : $cookieset;
$field_value = $_COOKIE[$cookieset] != '' ? $_COOKIE[$cookieset] : $field_value;
case "datepicker":
case "yourname":
case "youremail":
case "friendsname":
case "friendsemail":
case "textfield":
case "pwfield":
$field_value = check_post_vars($field_value);
$type = $field_type == 'pwfield' ? 'password' : 'text';
$field_class = $field_type == 'datepicker' ? $field_class . ' cf_date' : $field_class;
$onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
$field = '<input' . $readonly . $disabled . ' type="' . $type . '" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '" value="' . $field_value . '"' . $onfocus . $fieldTitle . '/>';
if ($reg_exp != '') {
$field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
}
$field .= $dp;
break;
case "hidden":
$field_value = check_post_vars($field_value);
if (preg_match('/^<([a-zA-Z0-9]+)>$/', $field_value, $getkey)) {
$field_value = $_GET[$getkey[1]];
}
$field .= $nttt . '<li class="cf_hidden"><input type="hidden" class="cfhidden" name="' . $input_name . '" id="' . $input_id . '" value="' . $field_value . '"' . $fieldTitle . '/></li>';
break;
case "comment":
case "textarea":
$onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
$field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
if ($reg_exp != '') {
$field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
}
break;
case "subscribe":
if (class_exists('sg_subscribe') && $field_type == 'subscribe') {
global $sg_subscribe;
sg_subscribe_start();
if (($email = $sg_subscribe->current_viewer_subscription_status()) == 'admin' && current_user_can('manage_options')) {
$field .= '<li' . $liID . '>' . str_replace('[manager_link]', $sg_subscribe->manage_link($email, true, false), $sg_subscribe->author_text) . '</li>';
continue;
} else {
if ($email != '') {
$field .= '<li' . $liID . '>' . str_replace('[manager_link]', $sg_subscribe->manage_link($email, true, false), $sg_subscribe->subscribed_text) . '</li>';
continue;
}
}
$val = ' value="subscribe"';
}
case "luv":
if (function_exists('comment_luv') && $field_type == 'luv') {
get_currentuserinfo();
global $user_level;
if ($user_level == 10) {
continue 2;
}
//empty for now
$val = ' value="luv"';
}
case "ccbox":
case "checkbox":
if (!$field_value) {
$preChecked = strpos($chkboxClicked[1], 'true') !== false ? ' checked="checked"' : '';
} else {
$preChecked = $field_value && $field_value != '-' ? ' checked="checked"' : '';
}
### '-' for mp session!
$err = '';
if (!$all_valid && $validations[$i] != 1) {
$err = ' cf_errortxt';
}
if ($options[1] != '') {
$opt = explode('|', $options[1], 2);
$before = '<li' . $liID . ' class="' . $liERR . '">' . $insertErr;
$after = '<label' . $labelID . ' for="' . $input_id . '" class="cf-after' . $err . '"><span>' . $opt[0] . '</span></label></li>';
$ba = 'a';
} else {
$opt = explode('|', $field_name, 2);
$before = '<li' . $liID . ' class="' . $liERR . '">' . $insertErr . '<label' . $labelID . ' for="' . $input_name . '" class="cf-before' . $err . '"><span>' . $opt[0] . '</span></label>';
$after = '</li>';
$ba = 'b';
}
### if | val provided, then use "X"
if ($val == '') {
$val = $opt[1] != '' ? ' value="' . $opt[1] . '"' : '';
}
$field = $nttt . $before . '<input' . $readonly . $disabled . ' type="checkbox" name="' . $input_name . '" id="' . $input_id . '" class="cf-box-' . $ba . $field_class . '"' . $val . $fieldTitle . $preChecked . '/>' . $after;
break;
case "checkboxgroup":
$liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
array_shift($options);
$field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
$id = 1;
$j = 0;
### mp session support
if ($moveBack || $isMPformNext) {
$field_value = explode(',', $field_value);
}
foreach ($options as $option) {
### supporting names & values
$boxPreset = explode('|set:', $option);
$opt = explode('|', $boxPreset[0], 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
$checked = '';
if ($moveBack || $isMPformNext) {
if (in_array($opt[1], array_values($field_value))) {
$checked = 'checked="checked"';
}
} elseif (is_array($field_value)) {
if ($opt[1] == htmlspecialchars(stripslashes(strip_tags($field_value[$j])))) {
$checked = 'checked="checked"';
$j++;
}
} else {
if (strpos($boxPreset[1], 'true') !== false) {
$checked = ' checked="checked"';
}
}
if ($labelID != '') {
$labelIDx = substr($labelID, 0, -1) . $id . '"';
}
if ($opt[0] == '') {
$field .= $nttt . $tab . '<br />';
} else {
$field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="checkbox" id="' . $input_id . '-' . $id . '" name="' . $input_name . '[]" value="' . $opt[1] . '" ' . $checked . ' class="cf-box-b"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . '-' . $id++ . '" class="cf-group-after"><span>' . $opt[0] . "</span></label>";
}
}
$field .= $nttt . '</li>';
break;
case "multiselectbox":
### $field .= $nttt . '<li><label ' . $labelID . ' for="'.$input_name.'"'. $labelclass . '><span>' . stripslashes(($field_name)) . '</span></label>';
$field .= '<select' . $readonly . $disabled . ' multiple="multiple" name="' . $input_name . '[]" id="' . $input_id . '" class="cfselectmulti ' . $field_class . '"' . $fieldTitle . '>';
array_shift($options);
$j = 0;
### mp session support
if ($moveBack || $isMPformNext) {
$field_value = explode(',', $field_value);
}
foreach ($options as $option) {
### supporting names & values
$optPreset = explode('|set:', $option);
$opt = explode('|', $optPreset[0], 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
$checked = '';
if ($moveBack || $isMPformNext) {
if (in_array($opt[1], array_values($field_value))) {
$checked = 'selected="selected"';
}
} elseif (is_array($field_value)) {
if ($opt[1] == stripslashes(htmlspecialchars(strip_tags($field_value[$j])))) {
$checked = ' selected="selected"';
$j++;
}
} else {
if (strpos($optPreset[1], 'true') !== false) {
$checked = ' selected="selected"';
}
}
$field .= $nttt . $tab . '<option value="' . str_replace('"', '"', $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
}
$field .= $nttt . '</select>';
break;
case "emailtobox":
case "selectbox":
$field = '<select' . $readonly . $disabled . ' name="' . $input_name . '" id="' . $input_id . '" class="cformselect' . $field_class . '" ' . $fieldTitle . '>';
array_shift($options);
$jj = $j = 0;
foreach ($options as $option) {
### supporting names & values
$optPreset = explode('|set:', $option);
$opt = explode('|', $optPreset[0], 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
### email-to-box valid entry?
if ($field_type == 'emailtobox' && $opt[1] != '-') {
$jj = $j++;
} else {
$jj = '--';
}
$checked = '';
if ($field_value == '') {
if (strpos($optPreset[1], 'true') !== false) {
$checked = ' selected="selected"';
}
} else {
if ($opt[1] == $field_value || $jj == $field_value) {
$checked = ' selected="selected"';
}
}
$field .= $nttt . $tab . '<option value="' . ($field_type == 'emailtobox' ? $jj : $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
}
$field .= $nttt . '</select>';
break;
case "send2author":
$force_checked = strpos($field_stat[0], '|set:') === false ? true : false;
case "radiobuttons":
$liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
### only if label ID's active
array_shift($options);
$field .= $nttt . '<li' . $liID . ' class="' . $liERR . ' cf-box-title">' . $insertErr . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
$id = 1;
foreach ($options as $option) {
$checked = '';
### supporting names & values
$radioPreset = explode('|set:', $option);
$opt = explode('|', $radioPreset[0], 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
if ($field_value == '') {
if (strpos($radioPreset[1], 'true') !== false || $force_checked && $id == 1) {
$checked = ' checked="checked"';
}
} else {
if ($opt[1] == $field_value) {
$checked = ' checked="checked"';
}
}
if ($labelID != '') {
$labelIDx = substr($labelID, 0, -1) . $id . '"';
}
if ($opt[0] == '') {
$field .= $nttt . $tab . '<br />';
} else {
$field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="radio" id="' . $input_id . '-' . $id . '" name="' . $input_name . '" value="' . $opt[1] . '"' . $checked . ' class="cf-box-b' . ($second ? ' cformradioplus' : '') . ($field_required ? ' fldrequired' : '') . '"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . '-' . $id++ . '" class="cf-after"><span>' . $opt[0] . "</span></label>";
}
}
$field .= $nttt . '</li>';
break;
}
### add new field
$content .= $field;
### adding "required" text if needed
if ($field_emailcheck == 1) {
$content .= '<span class="emailreqtxt">' . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_emailrequired']) . '</span>';
} else {
if ($field_required == 1 && !in_array($field_type, array('ccbox', 'luv', 'subscribe', 'checkbox', 'radiobuttons'))) {
$content .= '<span class="reqtxt">' . stripslashes($cformsSettings['form' . $no]['cforms' . $no . '_required']) . '</span>';
}
}
### close out li item
if (!in_array($field_type, array('hidden', 'fieldsetstart', 'fieldsetend', 'radiobuttons', 'luv', 'subscribe', 'checkbox', 'checkboxgroup', 'ccbox', 'textonly', 'send2author'))) {
$content .= '</li>';
}
}
### all fields
### close any open tags
if ($ol) {
$content .= $ntt . '</ol>';
}
if ($fieldsetopen) {
$content .= $ntt . '</fieldset>';
}
### rest of the form
if ($cformsSettings['form' . $no]['cforms' . $no . '_ajax'] == '1' && !$upload && !$custom && !$alt_action) {
$ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', false)"';
} else {
if (($upload || $custom || $alt_action) && $cformsSettings['form' . $no]['cforms' . $no . '_ajax'] == '1') {
$ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', true)"';
} else {
$ajaxenabled = '';
}
}
### just to appease html "strict"
$content .= $ntt . '<fieldset class="cf_hidden">' . $nttt . '<legend> </legend>';
### if visitor verification turned on:
if ($verification) {
$content .= $nttt . '<input type="hidden" name="cforms_a' . $no . '" id="cforms_a' . $no . '" value="' . md5(rawurlencode(strtolower($q[1]))) . '"/>';
}
### custom error
$custom_error = substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 2, 1) . substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 3, 1) . substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 4, 1) . $custom_error;
### TAF or WP comment or Extra Fields
if ((int) $isTAF > 0) {
$nono = $isWPcommentForm ? '' : $no;
if ($isWPcommentForm) {
$content .= $nttt . '<input type="hidden" name="comment_parent" id="comment_parent" value="' . ($_REQUEST['replytocom'] != '' ? $_REQUEST['replytocom'] : '0') . '"/>';
}
$content .= $nttt . '<input type="hidden" name="comment_post_ID' . $nono . '" id="comment_post_ID' . $nono . '" value="' . (isset($_GET['pid']) ? $_GET['pid'] : get_the_ID()) . '"/>' . $nttt . '<input type="hidden" name="cforms_pl' . $no . '" id="cforms_pl' . $no . '" value="' . (isset($_GET['pid']) ? get_permalink($_GET['pid']) : get_permalink()) . '"/>';
}
$content .= $nttt . '<input type="hidden" name="cf_working' . $no . '" id="cf_working' . $no . '" value="' . rawurlencode($cformsSettings['form' . $no]['cforms' . $no . '_working']) . '"/>' . $nttt . '<input type="hidden" name="cf_failure' . $no . '" id="cf_failure' . $no . '" value="' . rawurlencode($cformsSettings['form' . $no]['cforms' . $no . '_failure']) . '"/>' . $nttt . '<input type="hidden" name="cf_codeerr' . $no . '" id="cf_codeerr' . $no . '" value="' . rawurlencode($cformsSettings['global']['cforms_codeerr']) . '"/>' . $nttt . '<input type="hidden" name="cf_customerr' . $no . '" id="cf_customerr' . $no . '" value="' . rawurlencode($custom_error) . '"/>' . $nttt . '<input type="hidden" name="cf_popup' . $no . '" id="cf_popup' . $no . '" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_popup'] . '"/>';
$content .= $ntt . '</fieldset>';
### multi page form: reset
$reset = '';
if ($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_form'] && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_reset']) {
$reset = '<input tabindex="999" type="submit" name="resetbutton' . $no . '" id="resetbutton' . $no . '" class="resetbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_resettext'] . '" onclick="return confirm(\'' . __('Note: This will reset all your input!', 'cforms') . '\')">';
}
### multi page form: back
$back = '';
if ($cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_form'] && $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_back']) {
$back = '<input type="submit" name="backbutton' . $no . '" id="backbutton' . $no . '" class="backbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_mp']['mp_backtext'] . '">';
}
$content .= $ntt . '<p class="cf-sb">' . $reset . $back . '<input type="submit" name="sendbutton' . $no . '" id="sendbutton' . $no . '" class="sendbutton" value="' . $cformsSettings['form' . $no]['cforms' . $no . '_submit_text'] . '"' . $ajaxenabled . '/></p>';
$content .= $ntt . '</form>';
### Thank you for leaving this in place
$content .= $ntt . '<p class="linklove" id="ll' . $no . '"><a href="http://www.deliciousdays.com/cforms-plugin"><em>cforms</em> contact form by delicious:days</a></p>';
### either show message above or below
$usermessage_text = check_default_vars($usermessage_text, $no);
$usermessage_text = check_cust_vars($usermessage_text, $track, $no);
if (substr($cformsSettings['form' . $no]['cforms' . $no . '_showpos'], 1, 1) == 'y' && !($success && $cformsSettings['form' . $no]['cforms' . $no . '_hide'])) {
$content .= $tt . '<div id="usermessage' . $no . 'b" class="cf_info ' . $usermessage_class . $umc . '" >' . $usermessage_text . '</div>' . $nl;
}
### flush debug messages
dbflush();
return $content;
}
function cforms($args = '', $no = '')
{
global $smtpsettings, $styles, $subID, $cforms_root, $wpdb, $track, $wp_db_version;
//Safety, in case someone uses '1' for the default form
$no = $no == '1' ? '' : $no;
parse_str($args, $r);
// parse all args, and if not specified, initialize to defaults
//custom fields support
if (!(strpos($no, '+') === false)) {
$no = substr($no, 0, -1);
$customfields = build_fstat($args);
$field_count = count($customfields);
$custom = true;
} else {
$custom = false;
$field_count = get_option('cforms' . $no . '_count_fields');
}
$content = '';
$err = 0;
$filefield = 0;
### for multiple file upload fields
$validations = array();
$all_valid = 1;
$off = 0;
$fieldsetnr = 1;
$c_errflag = false;
$custom_error = '';
$usermessage_class = '';
### ??? check for WP2.0.2
if ($wp_db_version >= 3440 && function_exists('wp_get_current_user')) {
$user = wp_get_current_user();
}
if (isset($_REQUEST['sendbutton' . $no])) {
/* alternative sending: both events r ok! */
require_once dirname(__FILE__) . '/lib_nonajax.php';
$usermessage_class = $all_valid ? ' success' : ' failure';
}
if (get_option('cforms' . $no . '_tellafriend') == '2' && $send2author) {
### called from lib_WPcomments ?
return $all_valid;
}
###
### paint form
###
$success = false;
if (isset($_GET['cfemail']) && get_option('cforms' . $no . '_tellafriend') == '2') {
### fix for WP Comment (loading after redirect)
$usermessage_class = ' success';
$success = true;
if ($_GET['cfemail'] == 'sent') {
$usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms' . $no . '_success')));
} elseif ($_GET['cfemail'] == 'posted') {
$usermessage_text = preg_replace('|\\r\\n|', '<br />', stripslashes(get_option('cforms_commentsuccess')));
}
}
$break = '<br />';
$nl = "\n";
$tab = "\t";
$tt = "\t\t";
$ntt = "\n\t\t";
$nttt = "\n\t\t\t";
### either show message above or below
$usermessage_text = check_default_vars($usermessage_text, $no);
$usermessage_text = check_cust_vars($usermessage_text, $track, $no);
if (substr(get_option('cforms' . $no . '_showpos'), 0, 1) == 'y') {
$content .= $ntt . '<div id="usermessage' . $no . 'a" class="cf_info' . $usermessage_class . '">' . $usermessage_text . '</div>';
$actiontarget = 'a';
} else {
if (substr(get_option('cforms' . $no . '_showpos'), 1, 1) == 'y') {
$actiontarget = 'b';
}
}
### redirect == 2 : hide form? || or if max entries reached!
if (get_option('cforms' . $no . '_redirect') == 2 && isset($_REQUEST['sendbutton' . $no]) && $all_valid) {
return $content;
} else {
if (get_option('cforms' . $no . '_maxentries') != '' && get_cforms_submission_left($no) == 0) {
if ($cflimit == "reached") {
return stripslashes(get_option('cforms' . $no . '_limittxt'));
} else {
return $content . stripslashes(get_option('cforms' . $no . '_limittxt'));
}
}
}
### alternative form action
$alt_action = false;
if (get_option('cforms' . $no . '_action') == '1') {
$action = get_option('cforms' . $no . '_action_page');
$alt_action = true;
} else {
if (get_option('cforms' . $no . '_tellafriend') == '2') {
$action = $cforms_root . '/lib_WPcomment.php';
} else {
$action = $_SERVER['REQUEST_URI'] . '#usermessage' . $no . $actiontarget;
}
}
$content .= $ntt . '<form enctype="multipart/form-data" action="' . $action . '" method="post" class="cform" id="cforms' . $no . 'form">' . $nl;
### start with no fieldset
$fieldsetopen = false;
$verification = false;
$captcha = false;
$upload = false;
$fscount = 1;
$ol = false;
for ($i = 1; $i <= $field_count; $i++) {
if (!$custom) {
$field_stat = explode('$#$', get_option('cforms' . $no . '_count_field_' . $i));
} else {
$field_stat = explode('$#$', $customfields[$i - 1]);
}
$field_name = $field_stat[0];
$field_type = $field_stat[1];
$field_required = $field_stat[2];
$field_emailcheck = $field_stat[3];
$field_clear = $field_stat[4];
$field_disabled = $field_stat[5];
$field_readonly = $field_stat[6];
### ommit certain fields
if (in_array($field_type, array('cauthor', 'url', 'email')) && $user->ID) {
continue;
}
### check for custom err message and split field_name
$obj = explode('|err:', $field_name, 2);
$fielderr = $obj[1];
if ($fielderr != '') {
switch ($field_type) {
case 'upload':
$custom_error .= 'cf_uploadfile' . $no . '-' . $i . '$#$' . $fielderr . '|';
break;
case 'captcha':
$custom_error .= 'cforms_captcha' . $no . '$#$' . $fielderr . '|';
break;
case 'verification':
$custom_error .= 'cforms_q' . $no . '$#$' . $fielderr . '|';
break;
case "cauthor":
case "url":
case "email":
case "comment":
$custom_error .= $field_type . '$#$' . $fielderr . '|';
break;
default:
preg_match('/^([^#\\|]*).*/', $field_name, $input_name);
$custom_error .= get_option('cforms' . $no . '_customnames') == '1' ? str_replace(' ', '_', $input_name[1]) : 'cf' . $no . '_field_' . $i;
$custom_error .= '$#$' . $fielderr . '|';
break;
}
}
### check for title attrib
$obj = explode('|title:', $obj[0], 2);
$fieldTitle = $obj[1] != '' ? ' title="' . str_replace('"', '"', stripslashes($obj[1])) . '"' : '';
### special treatment for selectboxes
if (in_array($field_type, array('multiselectbox', 'selectbox', 'radiobuttons', 'send2author', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox'))) {
$options = explode('#', stripslashes($obj[0]));
$field_name = $options[0];
}
### check if fieldset is open
if (!$fieldsetopen && !$ol && $field_type != 'fieldsetstart') {
$content .= $tt . '<ol class="cf-ol">';
$ol = true;
}
$labelclass = '';
### visitor verification
if (!$verification && $field_type == 'verification') {
srand(microtime() * 1000003);
$qall = explode("\r\n", get_option('cforms_sec_qa'));
$n = rand(0, count(array_keys($qall)) - 1);
$q = $qall[$n];
$q = explode('=', $q);
### q[0]=qestion q[1]=answer
$field_name = stripslashes(htmlspecialchars($q[0]));
$labelclass = ' class="secq"';
} else {
if ($field_type == 'captcha') {
$labelclass = ' class="seccap"';
}
}
$defaultvalue = '';
### setting the default val & regexp if it exists
if (!in_array($field_type, array('fieldsetstart', 'fieldsetend', 'radiobuttons', 'send2author', 'checkbox', 'checkboxgroup', 'ccbox', 'emailtobox', 'multiselectbox', 'selectbox', 'verification'))) {
### check if default val & regexp are set
$obj = explode('|', $obj[0], 3);
if ($obj[2] != '') {
$reg_exp = str_replace('"', '"', stripslashes($obj[2]));
} else {
$reg_exp = '';
}
if ($obj[1] != '') {
$defaultvalue = str_replace('"', '"', check_default_vars(stripslashes($obj[1]), $no));
}
$field_name = $obj[0];
}
### Label ID's
$labelIDx = '';
$labelID = get_option('cforms_labelID') == '1' ? ' id="label-' . $no . '-' . $i . '"' : '';
### <li> ID's
$liID = get_option('cforms_liID') == '1' || substr(get_option('cforms' . $no . '_showpos'), 2, 1) == "y" || substr(get_option('cforms' . $no . '_showpos'), 3, 1) == "y" ? ' id="li-' . $no . '-' . $i . '"' : '';
### input field names & label
if (get_option('cforms' . $no . '_customnames') == '1') {
if (strpos($field_name, '[id:') !== false) {
$idPartA = strpos($field_name, '[id:');
$idPartB = strpos($field_name, ']', $idPartA);
$input_id = $input_name = str_replace(' ', '_', substr($field_name, $idPartA + 4, $idPartB - $idPartA - 4));
$field_name = substr_replace($field_name, '', $idPartA, $idPartB - $idPartA + 1);
} else {
$input_id = $input_name = str_replace(' ', '_', $field_name);
}
} else {
$input_id = $input_name = 'cf' . $no . '_field_' . $i;
}
$field_class = '';
switch ($field_type) {
case 'verification':
$input_id = $input_name = 'cforms_q' . $no;
break;
case 'captcha':
$input_id = $input_name = 'cforms_captcha' . $no;
break;
case 'upload':
$input_id = $input_name = 'cf_uploadfile' . $no . '-' . $i;
$field_class = 'upload';
break;
case "send2author":
case "email":
case "cauthor":
case "url":
$input_id = $input_name = $field_type;
case "datepicker":
case "yourname":
case "youremail":
case "friendsname":
case "friendsemail":
case "textfield":
case "pwfield":
$field_class = 'single';
break;
case "hidden":
$field_class = 'hidden';
break;
case 'comment':
$input_id = $input_name = $field_type;
$field_class = 'area';
break;
case 'textarea':
$field_class = 'area';
break;
}
### additional field classes
if ($field_disabled) {
$field_class .= ' disabled';
}
if ($field_readonly) {
$field_class .= ' readonly';
}
if ($field_emailcheck) {
$field_class .= ' fldemail';
}
if ($field_required) {
$field_class .= ' fldrequired';
}
$field_value = '';
### pre-populating fields...
if (!isset($_REQUEST['sendbutton' . $no]) && isset($_GET[$input_name])) {
$field_value = $_REQUEST[$input_name];
}
### an error ocurred:
$liERR = $insertErr = '';
if (!$all_valid) {
if ($validations[$i] == 1) {
$field_class .= '';
} else {
$field_class .= ' cf_error';
### enhanced error display
if (substr(get_option('cforms' . $no . '_showpos'), 2, 1) == "y") {
$liERR = ' class="cf_li_err"';
}
if (substr(get_option('cforms' . $no . '_showpos'), 3, 1) == "y") {
$insertErr = $fielderr != '' ? '<ul class="cf_li_text_err"><li>' . stripslashes($fielderr) . '</li></ul>' : '';
}
}
if ($field_type == 'multiselectbox' || $field_type == 'checkboxgroup') {
$field_value = $_REQUEST[$input_name];
### in this case it's an array! will do the stripping later
} else {
$field_value = str_replace('"', '"', stripslashes($_REQUEST[$input_name]));
}
}
### print label only for non "textonly" fields! Skip some others too, and handle them below indiv.
if (!in_array($field_type, array('hidden', 'textonly', 'fieldsetstart', 'fieldsetend', 'ccbox', 'checkbox', 'checkboxgroup', 'send2author', 'radiobuttons'))) {
$content .= $nttt . '<li' . $liID . $liERR . '>' . $insertErr . '<label' . $labelID . ' for="' . $input_id . '"' . $labelclass . '><span>' . stripslashes($field_name) . '</span></label>';
}
if ($field_value == '' && $defaultvalue != '') {
### if not reloaded (due to err) then use default values
$field_value = $defaultvalue;
}
### field disabled or readonly, greyed out?
$disabled = $field_disabled ? ' disabled="disabled"' : '';
$readonly = $field_readonly ? ' readonly="readonly"' : '';
$dp = '';
$naming = false;
$field = '';
switch ($field_type) {
case "upload":
$upload = true;
### set upload flag for ajax suppression!
$field = '<input' . $readonly . $disabled . ' type="file" name="cf_uploadfile' . $no . '[]" id="cf_uploadfile' . $no . '-' . $i . '" class="cf_upload ' . $field_class . '"' . $fieldTitle . '/>';
break;
case "textonly":
$field .= $nttt . '<li' . $liID . ' class="textonly' . ($defaultvalue != '' ? ' ' . $defaultvalue : '') . '"' . ($reg_exp != '' ? ' style="' . $reg_exp . '" ' : '') . '>' . stripslashes($field_name) . '</li>';
break;
case "fieldsetstart":
if ($fieldsetopen) {
$field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
$fieldsetopen = false;
$ol = false;
}
if (!$fieldsetopen) {
if ($ol) {
$field = $ntt . '</ol>' . $nl;
}
$field .= $tt . '<fieldset class="cf-fs' . $fscount++ . '">' . $nl . $tt . '<legend>' . stripslashes($field_name) . '</legend>' . $nl . $tt . '<ol class="cf-ol">';
$fieldsetopen = true;
$ol = true;
}
break;
case "fieldsetend":
if ($fieldsetopen) {
$field = $ntt . '</ol>' . $nl . $tt . '</fieldset>' . $nl;
$fieldsetopen = false;
$ol = false;
} else {
$field = '';
}
break;
case "verification":
$field = '<input type="text" name="' . $input_name . '" id="cforms_q' . $no . '" class="secinput ' . $field_class . '" value=""' . $fieldTitle . '/>';
$verification = true;
break;
case "captcha":
$_SESSION['turing_string_' . $no] = rc();
$field = '<input type="text" name="' . $input_name . '" id="cforms_captcha' . $no . '" class="secinput' . $field_class . '" value=""' . $fieldTitle . '/>' . '<img id="cf_captcha_img' . $no . '" class="captcha" src="' . $cforms_root . '/cforms-captcha.php?ts=' . $no . get_captcha_uri() . '" alt=""/>' . '<a title="' . __('reset captcha image', 'cforms') . '" href="javascript:reset_captcha(\'' . $no . '\')"><img class="captcha-reset" src="' . $cforms_root . '/images/spacer.gif" alt="Captcha"/></a>';
$captcha = true;
break;
case "cauthor":
case "url":
case "email":
case "datepicker":
case "yourname":
case "youremail":
case "friendsname":
case "friendsemail":
case "textfield":
case "pwfield":
$type = $field_type == 'pwfield' ? 'password' : 'text';
$field_class = $field_type == 'datepicker' ? $field_class . ' cf_date' : $field_class;
$onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
$field = '<input' . $readonly . $disabled . ' type="' . $type . '" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '" value="' . $field_value . '"' . $onfocus . $fieldTitle . '/>';
if ($reg_exp != '') {
$field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
}
$field .= $dp;
break;
case "hidden":
preg_match_all('/\\{([^\\{]+)\\}/', $field_value, $findall);
if (count($findall[1]) > 0) {
$allfields = get_post_custom(get_the_ID());
foreach ($findall[1] as $fvar) {
if ($allfields[$fvar][0] != '') {
$field_value = str_replace('{' . $fvar . '}', $allfields[$fvar][0], $field_value);
}
}
}
if (preg_match('/^<([a-zA-Z0-9]+)>$/', $field_value, $getkey)) {
$field_value = $_GET[$getkey[1]];
}
$field .= $nttt . '<li class="cf_hidden"><input type="hidden" class="cfhidden" name="' . $input_name . '" id="' . $input_id . '" value="' . $field_value . '"' . $fieldTitle . '/></li>';
break;
case "comment":
$onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
$field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="comment" id="comment" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
if ($reg_exp != '') {
$field .= '<input type="hidden" name="comment" id="comment_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
}
break;
case "textarea":
$onfocus = $field_clear ? ' onfocus="clearField(this)" onblur="setField(this)"' : '';
$field = '<textarea' . $readonly . $disabled . ' cols="30" rows="8" name="' . $input_name . '" id="' . $input_id . '" class="' . $field_class . '"' . $onfocus . $fieldTitle . '>' . $field_value . '</textarea>';
if ($reg_exp != '') {
$field .= '<input type="hidden" name="' . $input_name . '_regexp" id="' . $input_id . '_regexp" value="' . $reg_exp . '"' . $fieldTitle . '/>';
}
break;
case "ccbox":
case "checkbox":
$err = '';
if (!$all_valid && $validations[$i] != 1) {
$err = ' cf_errortxt';
}
if ($options[1] != '') {
$opt = explode('|', $options[1], 2);
$before = '<li' . $liID . $liERR . '>' . $insertErr;
$after = '<label' . $labelID . ' for="' . $input_id . '" class="cf-after' . $err . '"><span>' . $opt[0] . '</span></label></li>';
$ba = 'a';
} else {
$opt = explode('|', $field_name, 2);
$before = '<li' . $liID . $liERR . '>' . $insertErr . '<label' . $labelID . ' for="' . $input_name . '" class="cf-before' . $err . '"><span>' . $opt[0] . '</span></label>';
$after = '</li>';
$ba = 'b';
}
### if | val provided, then use "X"
$val = $opt[1] != '' ? ' value="' . $opt[1] . '"' : '';
$field = $nttt . $before . '<input' . $readonly . $disabled . ' type="checkbox" name="' . $input_name . '" id="' . $input_id . '" class="cf-box-' . $ba . $field_class . '"' . ($field_value ? ' checked="checked"' : '') . $val . $fieldTitle . '/>' . $after;
break;
case "checkboxgroup":
$liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
array_shift($options);
$field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
$id = 1;
$j = 0;
foreach ($options as $option) {
### supporting names & values
$opt = explode('|', $option, 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
$checked = '';
if ($opt[1] == stripslashes($field_value[$j])) {
$checked = 'checked="checked"';
$j++;
}
if ($labelID != '') {
$labelIDx = substr($labelID, 0, -1) . $id . '"';
}
if ($opt[0] == '') {
$field .= $nttt . $tab . '<br />';
} else {
$field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="checkbox" id="' . $input_id . '-' . $id . '" name="' . $input_name . '[]" value="' . $opt[1] . '" ' . $checked . ' class="cf-box-b"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . $id++ . '" class="cf-group-after"><span>' . $opt[0] . "</span></label>";
}
}
$field .= $nttt . '</li>';
break;
case "multiselectbox":
### $field .= $nttt . '<li><label ' . $labelID . ' for="'.$input_name.'"'. $labelclass . '><span>' . stripslashes(($field_name)) . '</span></label>';
$field .= '<select' . $readonly . $disabled . ' multiple="multiple" name="' . $input_name . '[]" id="' . $input_id . '" class="cfselectmulti ' . $field_class . '"' . $fieldTitle . '>';
array_shift($options);
$second = false;
$j = 0;
foreach ($options as $option) {
### supporting names & values
$opt = explode('|', $option, 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
$checked = '';
if ($opt[1] == stripslashes(htmlspecialchars($field_value[$j]))) {
$checked = ' selected="selected"';
$j++;
}
$field .= $nttt . $tab . '<option value="' . str_replace('"', '"', $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
$second = true;
}
$field .= $nttt . '</select>';
break;
case "emailtobox":
case "selectbox":
$field = '<select' . $readonly . $disabled . ' name="' . $input_name . '" id="' . $input_id . '" class="cformselect' . $field_class . '" ' . $fieldTitle . '>';
array_shift($options);
$jj = $j = 0;
$second = false;
foreach ($options as $option) {
### supporting names & values
$opt = explode('|', $option, 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
### email-to-box valid entry?
if ($field_type == 'emailtobox' && $opt[1] != '-') {
$jj = $j++;
} else {
$jj = '-';
}
$checked = '';
if ($field_value == '' || $field_value == '-') {
if (!$second) {
$checked = ' selected="selected"';
}
} else {
if ($opt[1] == $field_value || $jj == $field_value) {
$checked = ' selected="selected"';
}
}
$field .= $nttt . $tab . '<option value="' . ($field_type == 'emailtobox' ? $jj : $opt[1]) . '"' . $checked . '>' . $opt[0] . '</option>';
$second = true;
}
$field .= $nttt . '</select>';
break;
case "send2author":
case "radiobuttons":
$liID_b = $liID != '' ? substr($liID, 0, -1) . 'items"' : '';
### only if label ID's active
array_shift($options);
$field .= $nttt . '<li' . $liID . ' class="cf-box-title">' . $field_name . '</li>' . $nttt . '<li' . $liID_b . ' class="cf-box-group">';
$second = false;
$id = 1;
foreach ($options as $option) {
$checked = '';
### supporting names & values
$opt = explode('|', $option, 2);
if ($opt[1] == '') {
$opt[1] = $opt[0];
}
if ($field_value == '') {
if (!$second) {
$checked = ' checked="checked"';
}
} else {
if ($opt[1] == $field_value) {
$checked = ' checked="checked"';
}
}
if ($labelID != '') {
$labelIDx = substr($labelID, 0, -1) . $id . '"';
}
if ($opt[0] == '') {
$field .= $nttt . $tab . '<br />';
} else {
$field .= $nttt . $tab . '<input' . $readonly . $disabled . ' type="radio" id="' . $input_id . '-' . $id . '" name="' . $input_name . '" value="' . $opt[1] . '"' . $checked . ' class="cf-box-b' . ($second ? ' cformradioplus' : '') . '"' . $fieldTitle . '/>' . '<label' . $labelIDx . ' for="' . $input_id . $id++ . '" class="cf-after"><span>' . $opt[0] . "</span></label>";
}
$second = true;
}
$field .= $nttt . '</li>';
break;
}
### add new field
$content .= $field;
### adding "required" text if needed
if ($field_emailcheck == 1) {
$content .= '<span class="emailreqtxt">' . stripslashes(get_option('cforms' . $no . '_emailrequired')) . '</span>';
} else {
if ($field_required == 1 && $field_type != 'checkbox') {
$content .= '<span class="reqtxt">' . stripslashes(get_option('cforms' . $no . '_required')) . '</span>';
}
}
### close out li item
if (!in_array($field_type, array('hidden', 'fieldsetstart', 'fieldsetend', 'radiobuttons', 'checkbox', 'checkboxgroup', 'ccbox', 'textonly', 'send2author'))) {
$content .= '</li>';
}
}
### all fields
if ($ol) {
$content .= $ntt . '</ol>';
}
if ($fieldsetopen) {
$content .= $ntt . '</fieldset>';
}
### rest of the form
if (get_option('cforms' . $no . '_ajax') == '1' && !$upload && !$custom && !$alt_action) {
$ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', false)"';
} else {
if (($upload || $custom || $alt_action) && get_option('cforms' . $no . '_ajax') == '1') {
$ajaxenabled = ' onclick="return cforms_validate(\'' . $no . '\', true)"';
} else {
$ajaxenabled = '';
}
}
### just to appease "strict"
$content .= $ntt . '<fieldset class="cf_hidden">' . $nttt . '<legend> </legend>';
### if visitor verification turned on:
if ($verification) {
$content .= $nttt . '<input type="hidden" name="cforms_a' . $no . '" id="cforms_a' . $no . '" value="' . md5(rawurlencode(strtolower($q[1]))) . '"/>';
}
if ($captcha) {
$content .= $nttt . '<input type="hidden" name="cforms_cap' . $no . '" id="cforms_cap' . $no . '" value="' . md5($_SESSION['turing_string_' . $no]) . '"/>';
}
$custom_error = substr(get_option('cforms' . $no . '_showpos'), 2, 1) . substr(get_option('cforms' . $no . '_showpos'), 3, 1) . substr(get_option('cforms' . $no . '_showpos'), 4, 1) . $custom_error;
if (get_option('cforms' . $no . '_tellafriend') > 0) {
if (get_option('cforms' . $no . '_tellafriend') == 2) {
$nono = '';
} else {
$nono = $no;
}
$content .= $nttt . '<input type="hidden" name="comment_post_ID' . $nono . '" id="comment_post_ID' . $nono . '" value="' . (isset($_GET['pid']) ? $_GET['pid'] : get_the_ID()) . '"/>' . $nttt . '<input type="hidden" name="cforms_pl' . $no . '" id="cforms_pl' . $no . '" value="' . (isset($_GET['pid']) ? get_permalink($_GET['pid']) : get_permalink()) . '"/>';
}
$content .= $nttt . '<input type="hidden" name="cf_working' . $no . '" id="cf_working' . $no . '" value="' . rawurlencode(get_option('cforms' . $no . '_working')) . '"/>' . $nttt . '<input type="hidden" name="cf_failure' . $no . '" id="cf_failure' . $no . '" value="' . rawurlencode(get_option('cforms' . $no . '_failure')) . '"/>' . $nttt . '<input type="hidden" name="cf_codeerr' . $no . '" id="cf_codeerr' . $no . '" value="' . rawurlencode(get_option('cforms_codeerr')) . '"/>' . $nttt . '<input type="hidden" name="cf_customerr' . $no . '" id="cf_customerr' . $no . '" value="' . rawurlencode($custom_error) . '"/>' . $nttt . '<input type="hidden" name="cf_popup' . $no . '" id="cf_popup' . $no . '" value="' . get_option('cforms' . $no . '_popup') . '"/>';
$content .= $ntt . '</fieldset>';
$content .= $ntt . '<p class="cf-sb"><input type="submit" name="sendbutton' . $no . '" id="sendbutton' . $no . '" class="sendbutton" value="' . get_option('cforms' . $no . '_submit_text') . '"' . $ajaxenabled . '/></p>';
$content .= $ntt . '</form>';
### link love? you bet ;)
$content .= $ntt . '<p class="linklove" id="ll' . $no . '"><a href="http://www.deliciousdays.com/cforms-plugin"><em>cforms</em> contact form by delicious:days</a></p>';
### either show message above or below
$usermessage_text = check_default_vars($usermessage_text, $no);
$usermessage_text = check_cust_vars($usermessage_text, $track, $no);
if (substr(get_option('cforms' . $no . '_showpos'), 1, 1) == 'y' && !($success && get_option('cforms' . $no . '_redirect') == 2)) {
$content .= $tt . '<div id="usermessage' . $no . 'b" class="cf_info ' . $usermessage_class . '" >' . $usermessage_text . '</div>' . $nl;
}
return $content;
}