function store_message($items, $form)
{
global $xoopsUser, $xoopsDB, $xoopsModuleConfig;
$uid = is_object($xoopsUser) ? $xoopsUser->getVar('uid') : 0;
$store = $form['store'];
if ($store == _DB_STORE_NONE) {
$showaddr = true;
// no store to need show address
} else {
$showaddr = get_attr_value(null, 'notify_with_email');
}
$from = $email = "";
$attach = array();
$vals = array();
$rtext = '';
foreach ($items as $item) {
if (empty($item['name'])) {
continue;
}
$name = $item['name'];
$val = $item['value'];
$vals[$name] = $val;
$opts =& $item['options'];
switch ($item['type']) {
case 'mail':
if (empty($email)) {
// save first email for contact
$email = $vals[$name];
$mail_name = $name;
if ($showaddr) {
$from = $email;
break;
}
continue 2;
/* PHP switch catch continue! */
}
break;
case 'file':
$val = $vals[$name];
if ($val) {
$vals[$name] = "file=" . $val;
$attach[] = $val;
}
break;
case 'radio':
case 'select':
if (isset($opts[$val])) {
$val = strip_tags($opts[$val]);
}
break;
case 'checkbox':
foreach ($val as $k => $v) {
$val[$k] = isset($opts[$v]) ? strip_tags($opts[$v]) : $v;
}
$val = join(', ', $val);
break;
}
if (!empty($val) && preg_match('/\\n/', $val)) {
$val = "\n\t" . preg_replace('/\\n/', "\n\t", $val);
}
$rtext .= strip_tags($item['label']) . ": {$val}\n";
}
// remove if not show/store email address in database
if (!$showaddr && isset($mail_name)) {
unset($vals[$mail_name]);
}
$text = serialize_text($vals);
// store value
$onepass = $uid == 0 ? cc_onetime_ticket($email) : "";
if ($form['priuid'] < 0) {
$touid = empty($form['priuser']) ? 0 : $form['priuser']['uid'];
} else {
$touid = $form['priuid'];
}
$now = time();
$values = array('uid' => $uid, 'touid' => $touid, 'ctime' => $now, 'mtime' => $now, 'atime' => $now, 'fidref' => $form['formid'], 'email' => $xoopsDB->quoteString($email), 'onepass' => $xoopsDB->quoteString($onepass));
$parg = $onepass ? "&p=" . urlencode($onepass) : "";
if ($store == _DB_STORE_YES) {
$values['body'] = $xoopsDB->quoteString($text);
}
if ($store != _DB_STORE_NONE) {
$res = $xoopsDB->query("INSERT INTO " . CCMES . "(" . join(',', array_keys($values)) . ") VALUES (" . join(',', $values) . ")");
if ($res === false) {
return array("Error in DATABASE insert");
}
$id = $xoopsDB->getInsertID();
if (empty($id)) {
return array("Internal Error in Store Message");
}
} else {
$id = 0;
}
$member_handler =& xoops_gethandler('member');
if ($touid) {
$toUser = $member_handler->getUser($touid);
$toUname = $toUser->getVar('uname');
} else {
$toUser = false;
$toUname = _MD_CONTACT_NOTYET;
}
$atext = "";
// reply sender
$btext = "";
// to contact and monitors
if (count($attach)) {
$atext = $btext = "\n" . _MD_ATTACHMENT . "\n";
foreach ($attach as $i => $file) {
move_attach_file('', $file, $id);
$a = cc_attach_image($id, $file, true);
$atext .= "{$a}{$parg}\n";
$btext .= "{$a}\n";
}
rmdir(XOOPS_UPLOAD_PATH . cc_attach_path(0, ''));
}
$dirname = basename(dirname(__FILE__));
$uname = $xoopsUser ? $xoopsUser->getVar('uname') : $GLOBALS['xoopsConfig']['anonymous'];
$tags = array('SUBJECT' => $form['title'], 'TO_USER' => $toUname, 'FROM_USER' => $uname, 'FROM_EMAIL' => $email, 'REMOTE_ADDR' => $_SERVER["REMOTE_ADDR"], 'HTTP_USER_AGENT' => $_SERVER["HTTP_USER_AGENT"], 'MSGID' => $id);
foreach ($vals as $k => $v) {
$tags[$k] = is_array($v) ? implode(', ', $v) : $v;
}
$tpl = get_attr_value(null, 'from_confirm_tpl', 'form_confirm.tpl');
$msgurl = XOOPS_URL . ($id ? "/modules/{$dirname}/message.php?id={$id}" : '/');
if ($email) {
// reply automaticaly
$tags['VALUES'] = "{$rtext}{$atext}";
$tags['MSG_URL'] = $store == _DB_STORE_NONE ? '' : "\n" . _MD_NOTIFY_URL . "\n{$msgurl}{$parg}";
cc_notify_mail($tpl, $tags, $email, $toUser ? $toUser->getVar('email') : '');
}
$tags['VALUES'] = "{$rtext}{$btext}";
$tags['MSG_URL'] = $store == _DB_STORE_NONE ? '' : "\n" . _MD_NOTIFY_URL . "\n" . $msgurl;
$notification_handler =& xoops_gethandler('notification');
$notification_handler->triggerEvent('global', 0, 'new', $tags);
$notification_handler->triggerEvent('form', $form['formid'], 'new', $tags);
// force subscribe sender and recipient
if ($id) {
$notification_handler->subscribe('message', $id, 'comment');
}
if ($touid) {
if ($id) {
$notification_handler->subscribe('message', $id, 'comment', null, null, $touid);
}
cc_notify_mail(get_attr_value(null, 'charge_notify_tpl', $tpl), $tags, $toUser, $from);
} elseif ($form['cgroup']) {
// contact group notify
$users = $member_handler->getUsersByGroup($form['cgroup'], true);
cc_notify_mail(get_attr_value(null, 'group_notify_tpl', $tpl), $tags, $users, $from);
}
if ($id) {
$msgurl .= $parg;
}
$redirect = get_attr_value(null, 'redirect');
if (!empty($redirect)) {
$msgurl = preg_match('/^\\//', $redirect) ? XOOPS_URL . $redirect : $redirect;
}
redirect_header($msgurl, 3, _MD_CONTACT_DONE);
exit;
}
function assign_post_values(&$items)
{
global $myts;
$errors = array();
foreach ($items as $key => $item) {
if (empty($item['field'])) {
continue;
}
$name = $item['field'];
$type = $item['type'];
$lab = $item['label'];
$attr =& $item['attr'];
$check = !empty($attr['check']) ? $attr['check'] : "";
$val = '';
if (isset($_POST[$name])) {
$val = $_POST[$name];
if (is_array($val)) {
foreach ($val as $n => $v) {
$val[$n] = $myts->stripSlashesGPC($v);
}
} else {
$val = $myts->stripSlashesGPC($val);
}
}
switch ($type) {
case 'checkbox':
if (empty($val)) {
$val = array();
}
$idx = array_search(LABEL_ETC, $val);
// etc
if (is_int($idx)) {
$val[$idx] = strip_tags($item['options'][LABEL_ETC]) . " " . $myts->stripSlashesGPC($_POST[$name . "_etc"]);
}
break;
case 'radio':
if ($val == LABEL_ETC) {
// etc
$val = strip_tags($item['options'][LABEL_ETC]) . " " . $myts->stripSlashesGPC($_POST[$name . "_etc"]);
}
break;
case 'hidden':
case 'const':
$val = eval_user_value(join(',', $item['options']));
break;
case 'file':
$upfile = isset($_FILES[$name]) ? $_FILES[$name] : array('name' => '');
$fname = $upfile['name'];
$exts = preg_wildcard(get_attr_value($attr, 'accept_ext'));
$types = preg_wildcard(get_attr_value($attr, 'accept_type'));
if ($exts && $fname) {
if (!preg_match("/\\.({$exts})\$/", $fname, $d)) {
$errors[] = $lab . ": " . _MD_UPLOADFILE_ERR;
} elseif ($types) {
$aexts = explode('|', $exts);
$nth = array_search($d[1], $exts, $ext);
$atypes = explode('|', $types);
// same count accept to check strict
if (count($aexts) == count($atypes)) {
$types = $atypes[$nth];
}
}
}
$tmpfile = isset($upfile['tmp_name']) ? $upfile['tmp_name'] : null;
if ($types && $tmpfile) {
$ftype = cc_mime_content_type($tmpfile);
if (!preg_match('/^(' . $types . ')$/', $ftype)) {
$errors[] = $lab . ": " . _MD_UPLOADFILE_ERR;
}
}
$val = '';
// filename
$prename = $name . "_prev";
if (isset($_POST[$prename])) {
$val = $myts->stripSlashesGPC($_POST[$prename]);
if (!empty($fname)) {
unlink(XOOPS_UPLOAD_PATH . cc_attach_path(0, $val));
$val = '';
}
}
if (empty($val)) {
$val = $fname;
if ($val) {
move_attach_file($tmpfile, $val);
} elseif (isset($_POST[$name])) {
// confirm
$val = $myts->stripSlashesGPC($_POST[$name]);
}
}
break;
case 'mail':
if (is_object($GLOBALS['xoopsUser']) && get_attr_value(null, 'input_mail_login', '') == 'no') {
continue 2;
}
$name .= '_conf';
if (!checkEmail($val)) {
$errors[] = $lab . ": " . _MD_ADDRESS_ERR;
}
if (get_attr_value(null, 'input_mail_confirm', '') != 'no' && isset($_POST[$name])) {
if ($val != $myts->stripSlashesGPC($_POST[$name])) {
$errors[] = sprintf(_MD_CONF_LABEL, $lab) . ": " . _MD_CONFIRM_ERR;
}
}
break;
}
switch ($check) {
case '':
break;
case 'require':
if ($val === '') {
$errors[] = $lab . ": " . _MD_REQUIRE_ERR;
}
break;
case 'mail':
if (!checkEmail($val)) {
$errors[] = $lab . ": " . _MD_ADDRESS_ERR;
}
break;
case 'num':
$check = 'numeric';
default:
$v = get_attr_value(null, $check);
if (!empty($v)) {
$check = $v;
}
if (!preg_match('/^' . $check . '$/', $val)) {
$errors[] = $lab . ": " . ($val ? _MD_REGEXP_ERR : _MD_REQUIRE_ERR);
}
break;
}
$items[$key]['value'] = $val;
}
return $errors;
}
