public function getDetailPage()
{
global $_ARRAYLANG, $objDatabase;
$cx = \Cx\Core\Core\Controller\Cx::instanciate();
$file = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"];
$objResult = $objDatabase->Execute("SELECT `id`, `file`, `source`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
$existing = $objResult !== false && $objResult->RecordCount() > 0;
if ($_GET["switch"]) {
if ($existing) {
$objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
} else {
$hash = FileSharingLib::createHash();
$check = FileSharingLib::createCheck($hash);
$source = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"];
$objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_filesharing (`file`, `source`, `hash`, `check`) VALUES ('" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($hash) . "', '" . contrexx_raw2db($check) . "')");
}
$existing = !$existing;
}
if ($existing) {
$this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_STOP_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1'));
$this->_objTpl->touchBlock('shared');
} else {
$this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_NOT_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_START_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1'));
$this->_objTpl->hideBlock('shared');
}
if ($_POST["shareFiles"]) {
$emails = array();
foreach (preg_split('/[;,\\s]+/', $_POST["email"]) as $email) {
if (\FWValidator::isEmail($email)) {
$emails[] = contrexx_input2raw($email);
}
}
if (count($emails) > 0) {
FileSharingLib::sendMail($objResult->fields["id"], $_POST["subject"], $emails, $_POST["message"]);
}
} elseif ($_POST["saveExpiration"]) {
if ($_POST["expiration"]) {
$objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = NULL WHERE `id` = " . $objResult->fields["id"]);
} else {
$objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . date('Y-m-d H:i:s', strtotime($_POST["expirationDate"])) . "' WHERE `id` = " . $objResult->fields["id"]);
}
}
$objResult = $objDatabase->Execute("SELECT `id`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
$this->_objTpl->setVariable(array('FORM_ACTION' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"], 'FORM_METHOD' => 'POST', 'FILESHARING_INFO' => $_ARRAYLANG['TXT_FILESHARING_INFO'], 'FILESHARING_LINK_BACK_HREF' => 'index.php?cmd=Media&archive=FileSharing&path=' . $_GET["path"], 'FILESHARING_LINK_BACK' => $_ARRAYLANG['TXT_FILESHARING_LINK_BACK'], 'FILESHARING_DOWNLOAD_LINK' => $_ARRAYLANG['TXT_FILESHARING_DOWNLOAD_LINK'], 'FILE_DOWNLOAD_LINK_HREF' => FileSharingLib::getDownloadLink($objResult->fields["id"]), 'FILE_DELETE_LINK_HREF' => FileSharingLib::getDeleteLink($objResult->fields["id"]), 'FILESHARING_DELETE_LINK' => $_ARRAYLANG['TXT_FILESHARING_DELETE_LINK'], 'FILESHARING_STATUS' => $_ARRAYLANG['TXT_FILESHARING_STATUS'], 'FILESHARING_EXPIRATION' => $_ARRAYLANG['TXT_FILESHARING_EXPIRATION'], 'FILESHARING_NEVER' => $_ARRAYLANG['TXT_FILESHARING_NEVER'], 'FILESHARING_EXPIRATION_CHECKED' => htmlentities($objResult->fields["expiration_date"] == NULL ? 'checked="checked"' : '', ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_EXPIRATION_DATE' => htmlentities($objResult->fields["expiration_date"] != NULL ? date('d.m.Y H:i', strtotime($objResult->fields["expiration_date"])) : date('d.m.Y H:i', time() + 3600 * 24 * 7), ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_SEND_MAIL' => $_ARRAYLANG['TXT_FILESHARING_SEND_MAIL'], 'FILESHARING_EMAIL' => $_ARRAYLANG["TXT_FILESHARING_EMAIL"], 'FILESHARING_EMAIL_INFO' => $_ARRAYLANG["TXT_FILESHARING_EMAIL_INFO"], 'FILESHARING_SUBJECT' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT"], 'FILESHARING_SUBJECT_INFO' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT_INFO"], 'FILESHARING_MESSAGE' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE"], 'FILESHARING_MESSAGE_INFO' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE_INFO"], 'FILESHARING_SEND' => $_ARRAYLANG["TXT_FILESHARING_SEND"], 'FILESHARING_SAVE' => $_ARRAYLANG["TXT_FILESHARING_SAVE"], 'TXT_CORE_MAILTEMPLATE_NOTE_TO' => $_ARRAYLANG['TXT_CORE_MAILTEMPLATE_NOTE_TO']));
}
/**
* Verifies the account data present in the session
* @param boolean $silent If true, no messages are created.
* Defaults to false
* @return boolean True if the account data is complete
* and valid, false otherwise
*/
static function verify_account($silent = false)
{
global $_ARRAYLANG;
//\DBG::log("Verify account");
$status = true;
//\DBG::log("POST: ". var_export($_POST, true));
if (isset($_POST) && !self::verifySessionAddress()) {
if ($silent) {
return false;
}
$status = \Message::error($_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']);
}
// Registered Customers are okay now
if (self::$objCustomer) {
return $status;
}
if (\Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_MANDATORY || \Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_OPTIONAL && empty($_SESSION['shop']['dont_register'])) {
if (isset($_SESSION['shop']['password']) && !\User::isValidPassword($_SESSION['shop']['password'])) {
if ($silent) {
return false;
}
global $objInit;
$objInit->loadLanguageData('Access');
$status = \Message::error(\Cx\Core_Modules\Access\Controller\AccessLib::getPasswordInfo());
}
} else {
// User is not trying to register, so she doesn't need a password.
// Mind that this is necessary in order to avoid passwords filled
// in automatically by the browser, which may be wrong, or
// invalid, or both.
$_SESSION['shop']['password'] = NULL;
}
if (isset($_SESSION['shop']['email']) && !\FWValidator::isEmail($_SESSION['shop']['email'])) {
if ($silent) {
return false;
}
$status = \Message::error($_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']);
}
if (!$status) {
return false;
}
if (isset($_SESSION['shop']['email'])) {
// Ignore "unregistered" Customers. These will silently be updated
if (Customer::getUnregisteredByEmail($_SESSION['shop']['email'])) {
return true;
}
$objUser = new \User();
$objUser->setUsername($_SESSION['shop']['email']);
$objUser->setEmail($_SESSION['shop']['email']);
\Message::save();
// This method will set an error message we don't want here
// (as soon as it uses the Message class, that is)
if (!($objUser->validateUsername() && $objUser->validateEmail())) {
//\DBG::log("Shop::verify_account(): Username or e-mail in use");
\Message::restore();
$_POST['email'] = $_SESSION['shop']['email'] = NULL;
if ($silent) {
return false;
}
return \Message::error(sprintf($_ARRAYLANG['TXT_EMAIL_USED_BY_OTHER_CUSTOMER'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'account')))) || \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_GOTO_SENDPASS'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'sendpass')));
}
\Message::restore();
}
return $status;
}
/**
* Validate user input data.
*
* @access private
* @param array $arrUserData user input data from submitted form
* @return array $arrFieldsToHighlight contains all fields which need to be highlighted
*/
private function validateUserData($arrUserData)
{
global $_ARRAYLANG;
$arrFieldsToHighlight = array();
foreach ($arrUserData['numeric'] as $key => $field) {
if (!empty($field['mandatory'])) {
if (empty($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
if (strlen($field['value']) > $field['length']) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
if (!empty($field['value']) && !is_numeric($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_NUMERIC'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
if (!empty($field['value']) && $field['value'] < 1) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_POSITIVE'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
foreach ($arrUserData['text'] as $key => $field) {
if (!empty($field['mandatory'])) {
if (empty($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
if (strlen($field['value']) > $field['length']) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
foreach ($arrUserData['selection'] as $key => $field) {
if (!empty($field['mandatory'])) {
if (empty($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_EMPTY'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
if (!empty($field['value']) && !isset($field['options'][$field['value']])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_INVALID_OPTION'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
foreach ($arrUserData['email'] as $key => $field) {
if (!empty($field['mandatory'])) {
if (empty($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
if (strlen($field['value']) > $field['length']) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
if (!empty($field['value']) && !\FWValidator::isEmail($field['value'])) {
$msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_INVALID_EMAIL'];
$msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
$msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
$this->arrStatusMessages['error'][] = $msg;
$arrFieldsToHighlight[$key] = '';
continue;
}
}
return $arrFieldsToHighlight;
}
/**
* Check that a string looks roughly like an email address should
* Static so it can be used without instantiation
* Tries to use PHP built-in validator in the filter extension (from PHP 5.2), falls back to a reasonably competent regex validator
* Conforms approximately to RFC2822
* @link http://www.hexillion.com/samples/#Regex Original pattern found here
* @param string $address The email address to check
* @return boolean
* @static
* @access public
*/
public static function ValidateAddress($address)
{
return FWValidator::isEmail($address);
/* if (function_exists('filter_var')) { //Introduced in PHP 5.2 */
/* if(filter_var($address, FILTER_VALIDATE_EMAIL) === FALSE) { */
/* return false; */
/* } else { */
/* return true; */
/* } */
/* } else { */
/* return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_-]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $address); */
/* } */
}
/**
* check the account id
*
* @global object $objFWUser
*
* @return json
*/
function checkAccountId()
{
global $objFWUser;
$accountId = isset($_GET['id']) ? (int) $_GET['id'] : '';
$accountEmail = isset($_GET['email']) ? trim($_GET['email']) : '';
$show = !empty($accountId) || !empty($accountEmail) ? true : false;
if (!empty($accountId)) {
$objUsers = $objFWUser->objUser->getUsers($filter = array('id' => intval($accountId)));
if ($objUsers) {
$email = $objUsers->getEmail();
}
}
if (empty($accountId) && !empty($accountEmail) && \FWValidator::isEmail($accountEmail)) {
$objFWUser = \FWUser::getFWUserObject();
$objUsers = $objFWUser->objUser->getUsers($filter = array('email' => addslashes($accountEmail)));
if ($objUsers) {
$id = $objUsers->getId();
$email = $objUsers->getEmail();
$company = trim($objUsers->getProfileAttribute('company'));
$lastname = trim($objUsers->getProfileAttribute('lastname'));
$firstname = trim($objUsers->getProfileAttribute('firstname'));
$defaultUser = !empty($company) ? trim($company . ', ' . $firstname . ' ' . $lastname) : trim($firstname . ' ' . $lastname);
$setDefaultUser = !empty($defaultUser) ? $defaultUser : '******';
} else {
$sendLoginCheck = true;
$email = $accountEmail;
}
} else {
$email = $accountEmail;
}
$json[] = array('show' => $show, 'id' => $id, 'email' => $email, 'sendLoginCheck' => $sendLoginCheck, 'setDefaultUser' => $setDefaultUser);
echo json_encode($json);
exit;
}
/**
* Returns true if the given $username is valid
*
* @param string $username
*
* @return boolean
*/
protected function isValidUsername($username)
{
if (preg_match('/^[a-zA-Z0-9-_]+$/', $username)) {
return true;
}
if (\FWValidator::isEmail($username)) {
return true;
}
return false;
}
/**
* Validate the email
*
* @param string $string
* @return boolean result
*/
function isEmail($string)
{
return \FWValidator::isEmail($string);
}
/**
* Update guestbook
*
* @global ADONewConnection
* @global array
*/
function _update()
{
global $objDatabase, $_ARRAYLANG;
$guestbookId = intval($_GET['id']);
$error = "";
if (!empty($guestbookId)) {
$forename = contrexx_addslashes(strip_tags($_POST['forename']));
$name = contrexx_addslashes(strip_tags($_POST['name']));
$gender = contrexx_addslashes(strip_tags($_POST['malefemale']));
$mail = isset($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : '';
$url = isset($_POST['url']) && strlen($_POST['url']) > 7 ? contrexx_addslashes(strip_tags($_POST['url'])) : "";
$comment = contrexx_addslashes(strip_tags($_POST['comment']));
$location = contrexx_addslashes(strip_tags($_POST['location']));
$ip = contrexx_addslashes(strip_tags($_POST['ip']));
$date = contrexx_addslashes(strip_tags($_POST['datetime']));
$objValidator = new \FWValidator();
if (!empty($url)) {
if (!$this->isUrl($url)) {
$error .= $_ARRAYLANG['TXT_INVALID_INTERNET_ADDRESS'] . "<br />";
}
}
if (!$objValidator->isEmail($mail)) {
$error .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'] . "<br />";
}
if (!empty($forename) && !empty($name)) {
$query = "UPDATE " . DBPREFIX . "module_guestbook\n SET forename='{$forename}',\n name='{$name}',\n gender='{$gender}',\n email='{$mail}',\n url='{$url}',\n comment='{$comment}',\n location='{$location}',\n ip='{$ip}',\n datetime='{$date}',\n lang_id='{$this->langId}'\n WHERE id={$guestbookId}";
$objDatabase->Execute($query);
}
}
if (empty($error)) {
$this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL'];
} else {
$this->strErrMessage = $error;
}
}
/**
* Import Users from a CSV file
*
* Sets up common User and Profile fields as well as
* Newsletter list relations.
* Fields and their mapping:
* Anrede -> Titel
* Vorname
* Name
* eMail
* Firma
* Strasse -> Zusammen mit Hausnummer in Adresse
* Hausnummer -> Zusammen mit Strasse in Adresse
* PLZ
* Ort
* Land
* Bundesland -> Evtl in Ort?
* Tel.-Vorwahl -> Zusammen mit Tel.-Nummer in phone_office
* Tel.-Nummer -> Zusammen mit Tel.-Vorwahl in phone_office
* Fax-Vorwahl -> Zusammen mit Fax.-Nummer in phone_fax
* Fax-Nummer -> Zusammen mit Fax.-Vorwahl in phone_fax
* Mobil-Vorwahl -> Zusammen mit Mobil-Nummer in phone_mobile
* Mobil-Nummer -> Zusammen mit Mobil-Vorwahl in phone_mobile
* P1 -> Interessen: Newsletter Listen, kommagetrennt
* -> Nicht vorhandene Listen werden angelegt
* P2 -> Antwort: ?
* P3 -> ?
* P4 -> Titel: ?
* P5 -> ?
* Ursprungsformular -> ?
* Permission -> ?
* Ausgetragen -> Wenn true, alle Listenzuordnungen entfernen, sonst fehlende anlegen
* Anzahl Hard-Bounces -> Nicht vorhanden?
* Status -> Bedeutung?
* Sprache -> Wird die verwendet?
* ID -> Bedeutung?
* Eintragungsdatum -> regdate
* Aenderungsdatum -> ? (Nur regdate)
* Austragungsdatum -> ? (Nur regdate)
* @param string $file_name The CSV file name
*/
static function import_csv($file_name)
{
global $_ARRAYLANG;
\Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/importexport/lib/csv.class.php');
//DBG::activate(DBG_ADODB_ERROR|DBG_LOG_FIREPHP|DBG_PHP);
$objUser = \FWUser::getFWUserObject()->objUser;
$objCsv = new \CsvLib();
$arrCsv = $objCsv->parse($file_name);
// $arrFields = $arrCsv['fieldnames'];
$arrUsers = $arrCsv['data'];
//DBG::log("Found ".count($arrUsers)." Users in the CSV file");
foreach ($arrUsers as $arrUser) {
//echo(var_export($arrUser, true)."<br />");// var_export($objUser, true)."<hr />"
$email = $arrUser['3'];
//DBG::log("Found e-mail $email");
if (!\FWValidator::isEmail($email)) {
self::$arrStatusMsg['error'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $_ARRAYLANG['TXT_ACCESS_IMPORT_ERROR_INVALID_EMAIL']);
continue;
}
// TODO: I suppose that the imported file is ISO-8859-1 or so
$title = utf8_encode($arrUser[0]);
$gender = preg_match('//', $title) ? 'gender_male' : 'gender_female';
$firstname = utf8_encode($arrUser[1]);
$lastname = utf8_encode($arrUser[2]);
$company = utf8_encode($arrUser[4]);
$address = utf8_encode($arrUser[5]) . ' ' . utf8_encode($arrUser[6]);
$zip = utf8_encode($arrUser[7]);
$city = utf8_encode($arrUser[8]);
$country = utf8_encode($arrUser[9]);
$state = utf8_encode($arrUser[10]);
if ($state) {
$city .= ", {$state}";
}
$phone_office = utf8_encode($arrUser[11]) . ' ' . utf8_encode($arrUser[12]);
$phone_fax = utf8_encode($arrUser[13]) . ' ' . utf8_encode($arrUser[14]);
$phone_mobile = utf8_encode($arrUser[15]) . ' ' . utf8_encode($arrUser[16]);
$p1_lists = utf8_encode($arrUser[17]);
$unsubscribed = utf8_encode($arrUser[24]);
$language = utf8_encode($arrUser[27]);
// These are all unused for the time being
// $p2_answer = $arrUser[18];
// $p3 = $arrUser[19];
// $p4_title = $arrUser[20];
// $p5 = $arrUser[21];
// $source = $arrUser[22];
// $permission = $arrUser[23];
// $bounces = $arrUser[25];
// $status = $arrUser[26];
// $id = $arrUser[28];
// $date_subscribed = $arrUser[29];
// $date_changed = $arrUser[30];
// $date_unsubscribe = $arrUser[31];
$objUser = new \User();
$objUser = $objUser->getUsers(array('email' => array($email)));
$new_user = false;
if (!$objUser) {
$new_user = true;
$objUser = new \User();
$objUser->setUsername(\User::makeUsername($lastname, $firstname));
$objUser->setPassword(\User::makePassword());
$objUser->setEmail($email);
}
// TODO: Make new Users active or inactive?
// $objUser->setActiveStatus(0);
// $objUser->setAdminStatus(0);
$lang_id = \FWLanguage::getLanguageIdByCode($language);
$objUser->setFrontendLanguage($lang_id);
$objUser->setBackendLanguage($lang_id);
$objUser->setProfile(array('gender' => array($gender), 'title' => array($title), 'firstname' => array($firstname), 'lastname' => array($lastname), 'company' => array($company), 'address' => array($address), 'city' => array($city), 'zip' => array($zip), 'country' => array($country), 'phone_office' => array($phone_office), 'phone_mobile' => array($phone_mobile), 'phone_fax' => array($phone_fax)));
$arrLists = preg_split('/\\s*,\\s*/', $p1_lists, null, PREG_SPLIT_NO_EMPTY);
$arrListId = array();
if (preg_match('/false/i', $unsubscribed)) {
// User has not unsubscribed (yet), collect the List IDs
foreach ($arrLists as $list_name) {
$list_id = \Cx\Modules\Newsletter\Controller\NewsletterLib::getListIdByName($list_name);
//DBG::log("List '$list_name' => ID $list_id");
if (!$list_id) {
// TODO: Shall I do this?
$list_id = \Cx\Modules\Newsletter\Controller\NewsletterLib::_addList(addslashes($list_name));
self::$arrStatusMsg['ok'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $list_name, $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_LIST_CREATED']);
}
$arrListId[$list_id] = $list_id;
}
}
$objUser->setNewsletterCategories($arrListId);
if ($objUser->store()) {
self::$arrStatusMsg['ok'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $new_user ? $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_USER_CREATED'] : $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_USER_UPDATED']);
} else {
self::$arrStatusMsg['error'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $_ARRAYLANG['TXT_ACCESS_IMPORT_ERROR_CREATING_USER']);
}
}
}
/**
* Show current voting
*/
function votingShowCurrent($page_content)
{
global $objDatabase, $_CONFIG, $_ARRAYLANG, $_COOKIE;
$paging = '';
$objTpl = new \Cx\Core\Html\Sigma('.');
\Cx\Core\Csrf\Controller\Csrf::add_placeholder($objTpl);
$objTpl->setErrorHandling(PEAR_ERROR_DIE);
$objTpl->setTemplate($page_content);
if (!isset($_GET['vid'])) {
$_GET['vid'] = '';
}
if (!isset($_POST['votingemail'])) {
$_POST['votingemail'] = '';
}
$votingId = intval($_GET['vid']);
$msg = '';
$voted = false;
if ($_POST["votingoption"]) {
$voteId = intval($_POST["votingoption"]);
$query = "SELECT voting_system_id from " . DBPREFIX . "voting_results WHERE id=" . $voteId;
$objResult = $objDatabase->SelectLimit($query, 1);
if (!$objResult->EOF) {
$votingId = $objResult->fields["voting_system_id"];
}
$objVoting = $objDatabase->SelectLimit("SELECT submit_check FROM `" . DBPREFIX . "voting_system` WHERE `id`=" . $votingId, 1);
if ($objVoting !== false && $objVoting->RecordCount() == 1) {
if ($objVoting->fields['submit_check'] == 'email') {
$email = contrexx_addslashes($_POST['votingemail']);
$objValidator = new \FWValidator();
if ($objValidator->isEmail($email)) {
if (!_alreadyVotedWithEmail($votingId, $email)) {
if (($msg = VotingSubmitEmail($votingId, $voteId, $email)) === true) {
$msg = '';
$voted = true;
} else {
$msg = $_ARRAYLANG['TXT_VOTING_NONEXISTENT_EMAIL'] . '<br /><br />';
}
} else {
$msg = $_ARRAYLANG['TXT_VOTING_ALREADY_VOTED'] . '<br /><br />';
}
} else {
$msg = $_ARRAYLANG['TXT_VOTING_INVALID_EMAIL_ERROR'] . '<br /><br />';
}
} else {
VotingSubmit();
$voted = true;
}
}
}
if ($_GET['vid'] != '' && $_GET['act'] != 'delete') {
$query = "SELECT\n\t\t\tid, status,\n\t\t\tdate as datesec, question,\n\t\t\tvotes, submit_check,\n\t\t\tadditional_nickname, additional_forename,\n\t\t\tadditional_surname, additional_phone,\n\t\t\tadditional_street, additional_zip,\n additional_city, additional_email,\n additional_comment\n\n\t\t\tFROM " . DBPREFIX . "voting_system where id=" . intval($_GET['vid']);
} else {
$query = "SELECT\n\t\t\tid, status,\n\t\t\tdate as datesec, question,\n\t\t\tvotes, submit_check,\n\t\t\tadditional_nickname, additional_forename,\n\t\t\tadditional_surname, additional_phone,\n\t\t\tadditional_street, additional_zip,\n\t\t \tadditional_city, additional_email,\n additional_comment\n\n\t\t\tFROM " . DBPREFIX . "voting_system where status=1";
}
$objResult = $objDatabase->Execute($query);
if ($objResult->RecordCount() == 0) {
// Only show old records when no voting is set available
$objTpl->setVariable(array('VOTING_TITLE' => $_ARRAYLANG['TXT_VOTING_NOT_AVAILABLE'], 'VOTING_DATE' => '', 'VOTING_OLDER_TEXT' => '', 'VOTING_OLDER_DATE' => '', 'VOTING_PAGING' => '', 'TXT_DATE' => '', 'TXT_TITLE' => '', 'VOTING_RESULTS_TEXT' => '', 'VOTING_RESULTS_TOTAL_VOTES' => '', 'VOTING_OLDER_TITLE' => $_ARRAYLANG['TXT_VOTING_OLDER'], 'TXT_SUBMIT' => ''));
/** start paging **/
$query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system order by id desc";
$objResult = $objDatabase->SelectLimit($query, 5);
$count = $objResult->RecordCount();
$pos = intval($_GET[pos]);
if ($count > intval($_CONFIG['corePagingLimit'])) {
$paging = getPaging($count, $pos, "§ion=Voting", "<b>" . $_ARRAYLANG['TXT_VOTING_ENTRIES'] . "</b>", true);
}
/** end paging **/
$query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system order by id desc ";
$objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos);
while (!$objResult->EOF) {
$votingid = $objResult->fields['id'];
$votingTitle = stripslashes($objResult->fields['title']);
$votingVotes = $objResult->fields['votes'];
$votingDate = strtotime($objResult->fields['datesec']);
if ($i % 2 == 0) {
$class = "row2";
} else {
$class = "row1";
}
$objTpl->setVariable(array('VOTING_OLDER_TEXT' => '<a href="index.php?section=Voting&vid=' . $votingid . '" title="' . $votingTitle . '">' . $votingTitle . '</a>', 'VOTING_OLDER_DATE' => showFormattedDate($votingDate), 'VOTING_VOTING_ID' => $votingid, 'VOTING_LIST_CLASS' => $class, 'VOTING_PAGING' => $paging));
$objTpl->parse("votingRow");
$i++;
$objResult->MoveNext();
}
} else {
if (!$objResult->EOF) {
$votingId = $objResult->fields['id'];
$votingTitle = stripslashes($objResult->fields['question']);
$votingVotes = $objResult->fields['votes'];
$votingDate = strtotime($objResult->fields['datesec']);
$votingStatus = $objResult->fields['status'];
$votingMethod = $objResult->fields['submit_check'];
$additional_fields = _create_additional_input_fields($objResult);
$objResult->MoveNext();
} else {
errorHandling();
return false;
}
$images = 1;
$query = "SELECT id, question, votes FROM " . DBPREFIX . "voting_results WHERE voting_system_id='{$votingId}' ORDER BY id";
$objResult = $objDatabase->Execute($query);
while (!$objResult->EOF) {
if ($votingStatus == 1 && ($votingMethod == 'email' && !$voted || $votingMethod == 'cookie' && $_COOKIE['votingcookie'] != '1')) {
$votingOptionText .= "<div><input type='radio' id='votingoption_" . $objResult->fields['id'] . "' name='votingoption' value='" . $objResult->fields['id'] . "' " . ($_POST["votingoption"] == $objResult->fields['id'] ? 'checked="checked"' : '') . " /> ";
$votingOptionText .= "<label for='votingoption_" . $objResult->fields['id'] . "'>" . stripslashes($objResult->fields['question']) . "</label></div>";
}
$objResult->MoveNext();
}
$votingResultText = _vote_result_html($votingId);
if ($votingStatus == 1 && ($votingMethod == 'email' && !$voted || $votingMethod == 'cookie' && $_COOKIE['votingcookie'] != '1')) {
$votingVotes = '';
if ($votingMethod == 'email') {
$objTpl->setVariable('VOTING_EMAIL', !empty($_POST['votingemail']) ? htmlentities($_POST['votingemail'], ENT_QUOTES) : '');
$objTpl->parse('voting_email_input');
} else {
if ($objTpl->blockExists('voting_email_input')) {
$objTpl->hideBlock('voting_email_input');
}
}
$submitbutton = '<input type="submit" value="' . $_ARRAYLANG['TXT_SUBMIT'] . '" name="Submit" />';
} else {
if ($objTpl->blockExists('voting_email_input')) {
$objTpl->hideBlock('voting_email_input');
}
if ($objTpl->blockExists('additional_fields')) {
$objTpl->hideBlock('additional_fields');
}
$votingVotes = $_ARRAYLANG['TXT_VOTING_TOTAL'] . ":\t" . $votingVotes;
$submitbutton = '';
}
if (sizeof($additional_fields)) {
$objTpl->parse('additional_fields');
foreach ($additional_fields as $field) {
list($name, $label, $tag) = $field;
$objTpl->setVariable(array('VOTING_ADDITIONAL_INPUT_LABEL' => $label, 'VOTING_ADDITIONAL_INPUT' => $tag, 'VOTING_ADDITIONAL_NAME' => $name));
$objTpl->parse('additional_elements');
}
} else {
$objTpl->hideBlock('additional_fields');
}
$objTpl->setVariable(array('VOTING_MSG' => $msg, 'VOTING_TITLE' => $votingTitle, 'VOTING_DATE' => showFormattedDate($votingDate), 'VOTING_OPTIONS_TEXT' => $votingOptionText, 'VOTING_RESULTS_TEXT' => $votingResultText, 'VOTING_RESULTS_TOTAL_VOTES' => $votingVotes, 'VOTING_OLDER_TITLE' => $_ARRAYLANG['TXT_VOTING_OLDER'], 'TXT_DATE' => $_ARRAYLANG['TXT_DATE'], 'TXT_TITLE' => $_ARRAYLANG['TXT_TITLE'], 'TXT_VOTES' => $_ARRAYLANG['TXT_VOTES'], 'TXT_SUBMIT' => $submitbutton));
// show other Poll entries
/** start paging **/
$query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system WHERE id<>{$votingId} order by id desc";
$objResult = $objDatabase->SelectLimit($query, 5);
$count = $objResult->RecordCount();
$pos = intval($_GET[pos]);
if ($count > intval($_CONFIG['corePagingLimit'])) {
$paging = getPaging($count, $pos, "§ion=Voting", "<b>" . $_ARRAYLANG['TXT_VOTING_ENTRIES'] . "</b>", true);
}
/** end paging **/
$query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system WHERE id<>{$votingId} order by id desc ";
$objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos);
$objTpl->setVariable(array('VOTING_OLDER_TEXT' => '', 'VOTING_OLDER_DATE' => '', 'VOTING_VOTING_ID' => '', 'VOTING_PAGING' => '', 'TXT_DATE' => '', 'TXT_TITLE' => ''));
while (!$objResult->EOF) {
$votingid = $objResult->fields['id'];
$votingTitle = stripslashes($objResult->fields['title']);
$votingVotes = $objResult->fields['votes'];
$votingDate = strtotime($objResult->fields['datesec']);
if ($i % 2 == 0) {
$class = "row2";
} else {
$class = "row1";
}
$objTpl->setVariable(array('VOTING_OLDER_TEXT' => '<a href="index.php?section=Voting&vid=' . $votingid . '" title="' . $votingTitle . '">' . $votingTitle . '</a>', 'VOTING_OLDER_DATE' => showFormattedDate($votingDate), 'VOTING_VOTING_ID' => $votingid, 'VOTING_LIST_CLASS' => $class, 'VOTING_PAGING' => $paging));
$objTpl->parse("votingRow");
$i++;
$objResult->MoveNext();
}
}
return $objTpl->get();
}
function validateSenderMail()
{
global $_CORELANG;
$objValidator = new FWValidator();
if ($objValidator->isEmail($this->sender_mail)) {
return true;
} else {
$this->error_msg[] = $_CORELANG['TXT_ACCESS_INVALID_SENDER_ADDRESS'];
return false;
}
}
/**
* function handling protected link requests
* @return void
*/
function _getPDF()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
$objValidator = new FWValidator();
$ids = explode('_', $_GET['id']);
$immoID = intval($ids[0]);
$fieldID = intval($ids[1]);
if (isset($_POST['immo_id'])) {
//form was sent
$name = !empty($_POST['name']) ? contrexx_addslashes(strip_tags($_POST['name'])) : '';
$firstname = !empty($_POST['firstname']) ? contrexx_addslashes(strip_tags($_POST['firstname'])) : '';
$company = !empty($_POST['company']) ? contrexx_addslashes(strip_tags($_POST['company'])) : '';
$street = !empty($_POST['street']) ? contrexx_addslashes(strip_tags($_POST['street'])) : '';
$zip = !empty($_POST['zip']) ? intval($_POST['zip']) : '';
$location = !empty($_POST['location']) ? contrexx_addslashes(strip_tags($_POST['location'])) : '';
$telephone = !empty($_POST['telephone']) ? contrexx_addslashes(strip_tags($_POST['telephone'])) : '';
$telephone_office = !empty($_POST['telephone_office']) ? contrexx_addslashes(strip_tags($_POST['telephone_office'])) : '';
$telephone_mobile = !empty($_POST['telephone_mobile']) ? contrexx_addslashes(strip_tags($_POST['telephone_mobile'])) : '';
$purchase = isset($_POST['purchase']) ? 1 : 0;
$funding = isset($_POST['funding']) ? 1 : 0;
$email = !empty($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : '';
$comment = !empty($_POST['comment']) ? contrexx_addslashes(strip_tags($_POST['comment'])) : '';
$immoID = !empty($_POST['immo_id']) ? intval($_POST['immo_id']) : '';
$fieldID = !empty($_POST['field_id']) ? intval($_POST['field_id']) : '';
$error = 0;
if ($objValidator->isEmail($email)) {
if (!empty($name) && !empty($telephone) && !empty($email) && $immoID > 0 && $fieldID > 0) {
require_once ASCMS_LIBRARY_PATH . DS . '/phpmailer' . DS . "class.phpmailer.php";
$objRS = $objDatabase->SelectLimit("SELECT email\n FROM " . DBPREFIX . "module_immo_contact\n WHERE immo_id = '{$immoID}'\n AND email = '{$email}'\n AND timestamp > " . (mktime() - 600), 1);
if ($objRS->RecordCount() > 0) {
$this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">' . $_ARRAYLANG['TXT_IMMO_ALREADY_SENT_RECENTLY'] . '</span>');
$this->_showContactForm($immoID, $fieldID);
return false;
}
$objRS = $objDatabase->SelectLimit("SELECT fieldvalue\n FROM " . DBPREFIX . "module_immo_content\n WHERE immo_id = '{$immoID}'\n AND field_id = '{$fieldID}'\n AND lang_id = '" . $this->frontLang . "'", 1);
if ($objRS) {
$link = 'http://' . $_CONFIG['domainUrl'] . str_replace(" ", "%20", $objRS->fields['fieldvalue']);
$mailer = new PHPMailer();
$objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_immo_contact\n VALUES\n (NULL, '{$email}', '{$name}', '{$firstname}', '{$street}', '{$zip}', '{$location}', '{$company}', '{$telephone}', '{$telephone_office}', '{$telephone_mobile}', '{$purchase}', '{$funding}', '{$comment}', '{$immoID}', '{$fieldID}', " . mktime() . " )");
$mailer->CharSet = CONTREXX_CHARSET;
$mailer->IsHTML(false);
$mailer->SetFrom($this->arrSettings['sender_email'], $this->arrSettings['sender_name']);
$mailer->Subject = $this->arrSettings['prot_link_message_subject'];
$mailer->Body = str_replace('[[IMMO_PROTECTED_LINK]]', $link, $this->arrSettings['prot_link_message_body']) . "\n\n";
$mailer->AddAddress($email);
$mailer->Send();
} else {
$this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">DB error.</span>');
}
} else {
$error = 1;
}
} else {
$error = 1;
}
if ($error == 1) {
$this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">' . $_ARRAYLANG['TXT_IMMO_MISSIONG_OR_INVALID_FIELDS'] . '</span>');
} else {
$this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="okmsg">' . $_ARRAYLANG['TXT_IMMO_CONTACT_SUCCESSFUL'] . '</span>');
}
}
// else { //form was not sent }
return $this->_showContactForm($immoID, $fieldID);
}
/**
* Insert a new comment for a message into database, if the function is activated. Furthermore, all input values are validated.
* Sends also the notification mail to the administrator, if it is enabled in options.
*
* @global ADONewConnection
* @global array
* @global array
*/
function addComment()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
\Cx\Core\Csrf\Controller\Csrf::check_code();
$this->initUserId();
//Check for activated function
if (!$this->_arrSettings['blog_comments_activated']) {
$this->_strErrorMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_ACTIVATED'];
return;
}
if ($this->hasUserJustCommented()) {
$this->_strErrorMessage = str_replace('[SECONDS]', intval($this->_arrSettings['blog_comments_timeout']), $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_TIMEOUT']);
return;
}
//Create validator-object
$objValidator = new \FWValidator();
//Get general-input
$intMessageId = intval($_POST['frmAddComment_MessageId']);
$strSubject = contrexx_addslashes(strip_tags($_POST['frmAddComment_Subject']));
$strComment = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForDb($_POST['frmAddComment_Comment']);
//Get specified-input
if ($this->_intCurrentUserId == 0) {
$intUserId = 0;
$strName = contrexx_addslashes(strip_tags($_POST['frmAddComment_Name']));
$strEMail = contrexx_addslashes(strip_tags($_POST['frmAddComment_EMail']));
$strWWW = contrexx_addslashes(strip_tags($objValidator->getUrl($_POST['frmAddComment_WWW'])));
} else {
$intUserId = $this->_intCurrentUserId;
$strName = '';
$strEMail = '';
$strWWW = '';
}
//Get options
$intIsActive = intval($this->_arrSettings['blog_comments_autoactivate']);
$intIsNotification = intval($this->_arrSettings['blog_comments_notification']);
//Validate general-input
if ($intMessageId <= 0) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MID']);
}
if (empty($strSubject)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_SUBJECT']);
}
if (empty($strComment)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_COMMENT']);
}
//Validate specified-input
if ($this->_intCurrentUserId == 0) {
if (empty($strName)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_NAME']);
}
if (!$objValidator->isEmail($strEMail)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_EMAIL']);
}
}
$captchaCheck = true;
if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$captchaCheck = false;
}
//Now check error-string
if (empty($this->_strErrorMessage) && $captchaCheck) {
//No errors, insert entry
$objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_blog_comments
SET message_id = ' . $intMessageId . ',
lang_id = ' . $this->_intLanguageId . ',
is_active = "' . $intIsActive . '",
time_created = ' . time() . ',
ip_address = "' . $_SERVER['REMOTE_ADDR'] . '",
user_id = ' . $intUserId . ',
user_name = "' . $strName . '",
user_mail = "' . $strEMail . '",
user_www = "' . $strWWW . '",
subject = "' . $strSubject . '",
comment = "' . $strComment . '"
');
//Set a cookie with the current timestamp. Avoids flooding.
setcookie('BlogCommentLast', time(), 0, ASCMS_PATH_OFFSET . '/');
$this->_strStatusMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_SUCCESS'];
$this->writeCommentRSS();
if ($intIsNotification) {
//Send notification to administrator
if (\Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/phpmailer/class.phpmailer.php')) {
$objMail = new \phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0) {
if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
if ($this->_intCurrentUserId > 0) {
$objFWUser = \FWUser::getFWUserObject();
$strName = htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET);
}
$strMailSubject = str_replace('[SUBJECT]', $strSubject, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_SUBJECT']);
$strMailBody = str_replace('[USERNAME]', $strName, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_BODY']);
$strMailBody = str_replace('[DOMAIN]', ASCMS_PROTOCOL . '://' . $_CONFIG['domainUrl'] . ASCMS_PATH_OFFSET, $strMailBody);
$strMailBody = str_replace('[SUBJECT]', $strSubject, $strMailBody);
$strMailBody = str_replace('[COMMENT]', $strComment, $strMailBody);
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->SetFrom($_CONFIG['coreAdminEmail'], $_CONFIG['coreGlobalPageTitle']);
$objMail->AddAddress($_CONFIG['coreAdminEmail']);
$objMail->Subject = $strMailSubject;
$objMail->IsHTML(false);
$objMail->Body = $strMailBody;
$objMail->Send();
}
}
}
}
/**
* Verifies a name/value pair
*
* May change the value before returning it.
* Use the value returned when adding to the form in any case.
* @access private
* @param string $name The name of the parameter
* @param string $value The value of the parameter
* @return boolean The verified value on success,
* null otherwise
*/
static function verifyParameter($name, $value)
{
switch ($name) {
// Mandatory
case 'ORDERID':
if ($value) {
return $value;
}
break;
case 'AMOUNT':
// Fix cents, like "1.23" to "123"
if (preg_match('/\\./', $value)) {
$value = intval($value * 100);
}
if ($value === intval($value)) {
return $value;
}
break;
case 'CURRENCY':
if (preg_match('/^\\w{3}$/', $value)) {
return $value;
}
break;
case 'PSPID':
if (preg_match('/.+/', $value)) {
return $value;
}
break;
// The above four are needed to form the hash:
// The above four are needed to form the hash:
case 'SHASIGN':
// 40 digit hexadecimal string, like
// 4d0a445beac3561528dc26023e9ecb2d38fadc61
if (preg_match('/^[0-9a-f]{40}$/i', $value)) {
return $value;
}
case 'LANGUAGE':
if (preg_match('/^\\w{2}(?:_\\w{2})?$/', $value)) {
return $value;
}
break;
case 'OPERATION':
if ($value == 'RES' || $value == 'SAL') {
return $value;
}
break;
case 'ACCEPTURL':
case 'DECLINEURL':
case 'EXCEPTIONURL':
case 'CANCELURL':
case 'BACKURL':
// if (FWValidator::isUri($value)) return $value;
// *SHOULD* verify the URIs, but the expression is not fit
if ($value) {
return $value;
}
break;
// Optional
// optional customer details, highly recommended for fraud prevention: see chapter 5.2
// Optional
// optional customer details, highly recommended for fraud prevention: see chapter 5.2
case 'CN':
case 'OWNERADDRESS':
case 'OWNERCTY':
case 'OWNERZIP':
case 'OWNERTOWN':
case 'OWNERTELNO':
case 'COM':
if (preg_match('/.*/', $value)) {
return $value;
}
break;
case 'EMAIL':
if (FWValidator::isEmail($value)) {
return $value;
}
break;
case 'PMLIST':
if (preg_match('/.*/', $value)) {
return $value;
}
break;
case 'WIN3DS':
if ($value == 'MAINW' || ($value = 'POPUP')) {
return $value;
}
break;
// post payment parameters: see chapter 8.2
// post payment parameters: see chapter 8.2
case 'COMPLUS':
if (preg_match('/.*/', $value)) {
return $value;
}
break;
case 'PARAMPLUS':
if (preg_match('/.*/', $value)) {
return $value;
}
break;
// post payment parameters: see chapter 8.3
// post payment parameters: see chapter 8.3
case 'PARAMVAR':
if (preg_match('/.*/', $value)) {
return $value;
}
break;
// optional operation field: see chapter 9.2
// optional operation field: see chapter 9.2
case 'operation':
if ($value == 'RES' || $value == 'SAL') {
return $value;
}
break;
// layout information: see chapter 7.1
// layout information: see chapter 7.1
case 'TITLE':
case 'BGCOLOR':
case 'TXTCOLOR':
case 'TBLBGCOLOR':
case 'TBLTXTCOLOR':
case 'BUTTONBGCOLOR':
case 'BUTTONTXTCOLOR':
case 'LOGO':
case 'FONTTYPE':
return $value;
// dynamic template page: see chapter 7.2
// dynamic template page: see chapter 7.2
case 'TP':
if (preg_match('/.+/', $value)) {
return $value;
}
break;
// Alias details: see Alias Management documentation
// Alias details: see Alias Management documentation
case 'ALIAS':
if (strlen($value) <= 40) {
return $value;
}
break;
case 'ALIASUSAGE':
if (strlen($value) <= 255) {
return $value;
}
break;
case 'ALIASOPERATION':
// Valid values: BYMERCHANT (or empty), BYPSP
if ($value == '' || $value == 'BYMERCHANT' || $value == 'BYPSP') {
return $value;
}
break;
// Contrexx does not yet supply nor support the following:
// payment methods/page specifics: see chapter 9.1
// Contrexx does not yet supply nor support the following:
// payment methods/page specifics: see chapter 9.1
case 'PM':
case 'BRAND':
case 'PMLISTTYPE':
// link to your website: see chapter 8.1
// link to your website: see chapter 8.1
case 'HOMEURL':
case 'CATALOGURL':
// optional extra login field: see chapter 9.3
// optional extra login field: see chapter 9.3
case 'USERID':
break;
}
self::$arrError[] = "Unknown or unsupported field '{$name}' (value '{$value}')";
return null;
}
/**
* checks input
*/
function checkInput()
{
global $_ARRAYLANG;
$objValidator = new \FWValidator();
$captchaCheck = true;
$_POST['forename'] = strip_tags(contrexx_stripslashes($_POST['forename']));
$_POST['name'] = strip_tags(contrexx_stripslashes($_POST['name']));
$_POST['comment'] = htmlentities(strip_tags(contrexx_stripslashes($_POST['comment'])), ENT_QUOTES, CONTREXX_CHARSET);
$_POST['location'] = strip_tags(contrexx_stripslashes($_POST['location']));
$_POST['email'] = strip_tags(contrexx_stripslashes($_POST['email']));
$_POST['url'] = strip_tags(contrexx_stripslashes($_POST['url']));
if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$captchaCheck = false;
}
if (empty($_POST['name']) || empty($_POST['forename'])) {
$this->makeError($_ARRAYLANG['TXT_NAME']);
}
if (empty($_POST['comment'])) {
$this->makeError($_ARRAYLANG['TXT_COMMENT']);
}
if (empty($_POST['malefemale'])) {
$this->makeError($_ARRAYLANG['TXT_SEX']);
}
if (empty($_POST['location'])) {
$this->makeError($_ARRAYLANG['TXT_LOCATION']);
}
if (!$objValidator->isEmail($_POST['email'])) {
$this->makeError($_ARRAYLANG['TXT_EMAIL']);
}
if (empty($this->error) && $captchaCheck) {
return true;
} else {
return false;
}
}
/**
* Save the registration
*
* @param array $data posted data from the form
*
* @return boolean true if the registration saved, false otherwise
*/
function save($data)
{
global $objDatabase, $objInit, $_LANGID;
/* foreach ($this->form->inputfields as $key => $arrInputfield) {
if($arrInputfield['type'] == 'selectBillingAddress') {
$affiliationStatus = $data['registrationField'][$arrInputfield['id']];
}
} */
foreach ($this->form->inputfields as $key => $arrInputfield) {
/* if($affiliationStatus == 'sameAsContact') {
if($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']]) && $arrInputfield['affiliation'] != 'billing') {
return false;
}
if($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail' && $arrInputfield['affiliation'] != 'billing') {
$objValidator = new FWValidator();
if(!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) {
return false;
}
}
} else { */
if ($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']])) {
return false;
}
if ($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail') {
$objValidator = new \FWValidator();
if (!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) {
return false;
}
}
/* } */
}
$regId = intval($data['regid']);
$eventId = intval($data['id']);
$formId = intval($data['form']);
$eventDate = intval($data['date']);
$userId = intval($data['userid']);
$objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId);
if ($objEvent->seriesStatus && $objEvent->independentSeries) {
$eventDate = isset($data['registrationEventDate']) ? contrexx_input2int($data['registrationEventDate']) : $eventDate;
$endDate = new \DateTime();
$endDate->modify('+10 years');
$eventManager = new CalendarEventManager(null, $endDate);
$eventManager->getEvent($objEvent, $eventDate, true);
$objEvent = $eventManager->eventList[0];
if (empty($objEvent)) {
return false;
}
}
$query = '
SELECT
`id`
FROM
`' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field`
WHERE
`form` = ' . $formId . '
AND
`type` = "seating"
LIMIT 1
';
$objResult = $objDatabase->Execute($query);
$numSeating = intval($data['registrationField'][$objResult->fields['id']]);
$type = empty($regId) && intval($objEvent->getFreePlaces() - $numSeating) < 0 ? 2 : (isset($data['registrationType']) ? intval($data['registrationType']) : 1);
$this->saveIn = intval($type);
$paymentMethod = intval($data['paymentMethod']);
$paid = intval($data['paid']);
$hostName = 0;
$ipAddress = 0;
$key = $this->generateKey();
if ($regId == 0) {
$submissionDate = $this->getDbDateTimeFromIntern($this->getInternDateTimeFromUser());
$query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration
SET `event_id` = ' . $eventId . ',
`submission_date` = "' . $submissionDate->format('Y-m-d H:i:s') . '",
`date` = ' . $eventDate . ',
`host_name` = "' . $hostName . '",
`ip_address` = "' . $ipAddress . '",
`type` = ' . $type . ',
`key` = "' . $key . '",
`user_id` = ' . $userId . ',
`lang_id` = ' . $_LANGID . ',
`export` = 0,
`payment_method` = ' . $paymentMethod . ',
`paid` = ' . $paid . ' ';
$objResult = $objDatabase->Execute($query);
if ($objResult !== false) {
$this->id = $objDatabase->Insert_ID();
} else {
return false;
}
} else {
$query = 'UPDATE `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration`
SET `event_id` = ' . $eventId . ',
`date` = ' . $eventDate . ',
`host_name` = ' . $hostName . ',
`ip_address` = ' . $ipAddress . ',
`key` = "' . $key . '",
`user_id` = ' . $userId . ',
`type` = ' . $type . ',
`lang_id` = ' . $_LANGID . ',
`payment_method` = ' . $paymentMethod . ',
`paid` = ' . $paid . '
WHERE `id` = ' . $regId;
$objResult = $objDatabase->Execute($query);
if ($objResult === false) {
return false;
}
}
if ($regId != 0) {
$this->id = $regId;
$deleteQuery = 'DELETE FROM ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value
WHERE `reg_id` = ' . $this->id;
$objDeleteResult = $objDatabase->Execute($deleteQuery);
if ($objDeleteResult === false) {
return false;
}
}
foreach ($this->form->inputfields as $key => $arrInputfield) {
$value = $data['registrationField'][$arrInputfield['id']];
$id = $arrInputfield['id'];
if (is_array($value)) {
$subvalue = array();
foreach ($value as $key => $element) {
if (!empty($data['registrationFieldAdditional'][$id][$element - 1])) {
$subvalue[] = $element . '[[' . $data['registrationFieldAdditional'][$id][$element - 1] . ']]';
} else {
$subvalue[] = $element;
}
}
$value = join(",", $subvalue);
} else {
if (isset($data['registrationFieldAdditional'][$id][$value - 1])) {
$value = $value . "[[" . $data['registrationFieldAdditional'][$id][$value - 1] . "]]";
}
}
$query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value
(`reg_id`, `field_id`, `value`)
VALUES (' . $this->id . ', ' . $id . ', "' . contrexx_input2db($value) . '")';
$objResult = $objDatabase->Execute($query);
if ($objResult === false) {
return false;
}
}
if ($objInit->mode == 'frontend') {
$objMailManager = new \Cx\Modules\Calendar\Controller\CalendarMailManager();
$templateId = $objEvent->emailTemplate[FRONTEND_LANG_ID];
$objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_CONFIRM_REG, $this->id, $templateId);
$objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_ALERT_REG, $this->id);
}
return true;
}
function _profile()
{
global $_ARRAYLANG, $objDatabase;
$this->_objTpl->setTemplate($this->pageContent);
$showForm = true;
$arrStatusMessage = array('ok' => array(), 'error' => array());
$isNewsletterRecipient = false;
$isAccessRecipient = false;
$recipientId = 0;
$recipientEmail = '';
$recipientUri = '';
$recipientSex = '';
$recipientSalutation = 0;
$recipientTitle = '';
$recipientPosition = '';
$recipientIndustrySector = '';
$recipientPhoneMobile = '';
$recipientPhonePrivate = '';
$recipientFax = '';
$recipientNotes = '';
$recipientLastname = '';
$recipientFirstname = '';
$recipientCompany = '';
$recipientAddress = '';
$recipientZip = '';
$recipientCity = '';
$recipientCountry = '';
$recipientPhoneOffice = '';
$recipientBirthday = '';
$recipientLanguage = '';
$recipientStatus = 0;
$requestedMail = isset($_GET['mail']) ? contrexx_input2raw(urldecode($_GET['mail'])) : (isset($_POST['mail']) ? contrexx_input2raw($_POST['mail']) : '');
$arrAssociatedLists = array();
$arrPreAssociatedInactiveLists = array();
$code = isset($_REQUEST['code']) ? contrexx_addslashes($_REQUEST['code']) : '';
if (!empty($code) && !empty($requestedMail)) {
$objRecipient = $objDatabase->SelectLimit("SELECT accessUserID\n FROM " . DBPREFIX . "module_newsletter_access_user AS nu\n INNER JOIN " . DBPREFIX . "access_users AS au ON au.id=nu.accessUserID\n WHERE nu.code='" . $code . "'\n AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
if ($objRecipient && $objRecipient->RecordCount() == 1) {
$objUser = \FWUser::getFWUserObject()->objUser->getUser($objRecipient->fields['accessUserID']);
if ($objUser) {
$recipientId = $objUser->getId();
$isAccessRecipient = true;
//$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
} else {
$objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE status=1 AND code='" . $code . "' AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
if ($objRecipient && $objRecipient->RecordCount() == 1) {
$recipientId = $objRecipient->fields['id'];
$isNewsletterRecipient = true;
}
}
} else {
if (\FWUser::getFWUserObject()->objUser->login()) {
$objUser = \FWUser::getFWUserObject()->objUser;
$recipientId = $objUser->getId();
$isAccessRecipient = true;
//$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
}
// Get interface settings
$objInterface = $objDatabase->Execute('SELECT `setvalue`
FROM `' . DBPREFIX . 'module_newsletter_settings`
WHERE `setname` = "recipient_attribute_status"');
$recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true);
if (isset($_POST['recipient_save'])) {
if (isset($_POST['email'])) {
$recipientEmail = $_POST['email'];
}
if (isset($_POST['website'])) {
$recipientUri = $_POST['website'];
}
if (isset($_POST['sex'])) {
$recipientSex = in_array($_POST['sex'], array('f', 'm')) ? $_POST['sex'] : '';
}
if (isset($_POST['salutation'])) {
// TODO: use FWUSER
$arrRecipientTitles = $this->_getRecipientTitles();
$recipientSalutation = in_array($_POST['salutation'], array_keys($arrRecipientTitles)) ? intval($_POST['salutation']) : 0;
}
if (isset($_POST['title'])) {
$recipientTitle = $_POST['title'];
}
if (isset($_POST['lastname'])) {
$recipientLastname = $_POST['lastname'];
}
if (isset($_POST['firstname'])) {
$recipientFirstname = $_POST['firstname'];
}
if (isset($_POST['position'])) {
$recipientPosition = $_POST['position'];
}
if (isset($_POST['company'])) {
$recipientCompany = $_POST['company'];
}
if (isset($_POST['industry_sector'])) {
$recipientIndustrySector = $_POST['industry_sector'];
}
if (isset($_POST['address'])) {
$recipientAddress = $_POST['address'];
}
if (isset($_POST['zip'])) {
$recipientZip = $_POST['zip'];
}
if (isset($_POST['city'])) {
$recipientCity = $_POST['city'];
}
if (isset($_POST['newsletter_country_id'])) {
$recipientCountry = $_POST['newsletter_country_id'];
}
if (isset($_POST['phone_office'])) {
$recipientPhoneOffice = $_POST['phone_office'];
}
if (isset($_POST['phone_private'])) {
$recipientPhonePrivate = $_POST['phone_private'];
}
if (isset($_POST['phone_mobile'])) {
$recipientPhoneMobile = $_POST['phone_mobile'];
}
if (isset($_POST['fax'])) {
$recipientFax = $_POST['fax'];
}
if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) {
$recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']);
}
if (isset($_POST['language'])) {
$recipientLanguage = $_POST['language'];
}
if (isset($_POST['notes'])) {
$recipientNotes = $_POST['notes'];
}
if (isset($_POST['list'])) {
foreach ($_POST['list'] as $listId => $status) {
if (intval($status) == 1) {
array_push($arrAssociatedLists, intval($listId));
}
}
} elseif (!$recipientId) {
// Signup request where no recipient list had been selected
// check if the user didn't select any list or if there is non or just 1 recipient list visible and was therefore not visible for the user to select
// only show newsletter-lists that are visible for new users (not yet registered ones)
$excludeDisabledLists = 1;
$arrLists = self::getLists($excludeDisabledLists);
switch (count($arrLists)) {
case 0:
// no active lists > ok
break;
case 1:
// only 1 list is active, therefore no list was visible for selection -> let's signup the new recipient to this very list
$arrAssociatedLists = array_keys($arrLists);
break;
default:
// more than one list is active, therefore the user would have been able to select his preferred lists.
// however, the fact that we landed in this case is that the user didn't make any selection at all.
// so lets be it like that > the user won't be subscribed to any list
break;
}
}
if (!$isAccessRecipient) {
// add or update existing newsletter recipient (for access user see ELSE case)
$arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
$arrAssociatedInactiveLists = array_intersect($arrPreAssociatedInactiveLists, $arrAssociatedLists);
$objValidator = new \FWValidator();
if ($objValidator->isEmail($recipientEmail)) {
// Let's check if a user account with the provided email address is already present
// Important: we must check only for active accounts (active => 1), otherwise we'll send a notification e-mail
// to a user that won't be able to active himself due to his account's inactive state.
// TODO: implement feature
$objUser = null;
//FWUser::getFWUserObject()->objUser->getUsers(array('email' => $recipientEmail, 'active' => 1));
if (false && $objUser) {
// there is already a user account present by the same email address as the one submitted by the user
// TODO: send notification e-mail about existing e-mail account
// Important: We must output the same status message as if the user has been newly added!
// This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) {
if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId)) {
if (!empty($arrAssociatedInactiveLists) || !empty($arrAssociatedLists) && ($objList = $objDatabase->SelectLimit('SELECT id FROM ' . DBPREFIX . 'module_newsletter_category WHERE status=1 AND (id=' . implode(' OR id=', $arrAssociatedLists) . ')', 1)) && $objList->RecordCount() > 0) {
if ($recipientId > 0) {
if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, 1, $arrAssociatedLists, $recipientLanguage)) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
$showForm = false;
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_UPDATE_YOUR_DATA']);
}
} else {
if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
$objDatabase->Execute("DELETE tblU, tblR FROM " . DBPREFIX . "module_newsletter_user AS tblU, " . DBPREFIX . "module_newsletter_rel_user_cat AS tblR WHERE tblU.email='" . contrexx_addslashes($recipientEmail) . "' AND tblR.user = tblU.id");
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
}
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MUST_SELECT_LIST']);
}
} elseif (empty($recipientId)) {
// We must send a new confirmation e-mail here
// otherwise someone could reactivate someone else's e-mail address
// It could be that a user who has unsubscribed himself from the newsletter system (recipient = deactivated) would like to subscribe the newsletter again.
// Therefore, lets see if we can find a recipient by the specified e-mail address that has been deactivated (status=0)
$objRecipient = $objDatabase->SelectLimit("SELECT id, language, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND status=0", 1);
if ($objRecipient && !$objRecipient->EOF) {
$recipientId = $objRecipient->fields['id'];
$recipientLanguage = $objRecipient->fields['language'];
// Important: We intentionally do not load existing recipient list associations, due to the fact that the user most likely had
// himself been unsubscribed from the newsletter system some time in the past. Therefore the user most likey does not want
// to be subscribed to any lists more than to those he just selected
$arrAssociatedLists = array_unique($arrAssociatedLists);
$this->_setRecipientLists($recipientId, $arrAssociatedLists);
// Important: We do not update the recipient's profile data here by the reason that we can't verify the recipient's identity at this point!
if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
// Important: We must output the same status message as if the user has been newly added!
// This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
}
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBER_ALREADY_INSERTED']);
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']);
}
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NOT_VALID_EMAIL']);
}
} else {
// update subscribed lists of access user
$arrAssociatedLists = array_unique($arrAssociatedLists);
$objUser->setSubscribedNewsletterListIDs($arrAssociatedLists);
if ($objUser->store()) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
$showForm = false;
} else {
$arrStatusMessage['error'] = array_merge($arrStatusMessage['error'], $objUser->getErrorMsg());
}
}
} elseif ($isNewsletterRecipient) {
$objRecipient = $objDatabase->SelectLimit("SELECT uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1);
if ($objRecipient !== false && $objRecipient->RecordCount() == 1) {
$recipientEmail = urldecode($_REQUEST['mail']);
$recipientUri = $objRecipient->fields['uri'];
$recipientSex = $objRecipient->fields['sex'];
$recipientSalutation = $objRecipient->fields['salutation'];
$recipientTitle = $objRecipient->fields['title'];
$recipientLastname = $objRecipient->fields['lastname'];
$recipientFirstname = $objRecipient->fields['firstname'];
$recipientPosition = $objRecipient->fields['position'];
$recipientCompany = $objRecipient->fields['company'];
$recipientIndustrySector = $objRecipient->fields['industry_sector'];
$recipientAddress = $objRecipient->fields['address'];
$recipientZip = $objRecipient->fields['zip'];
$recipientCity = $objRecipient->fields['city'];
$recipientCountry = $objRecipient->fields['country_id'];
$recipientPhoneOffice = $objRecipient->fields['phone_office'];
$recipientPhonePrivate = $objRecipient->fields['phone_private'];
$recipientPhoneMobile = $objRecipient->fields['phone_mobile'];
$recipientFax = $objRecipient->fields['fax'];
$recipientBirthday = $objRecipient->fields['birthday'];
$recipientLanguage = $objRecipient->fields['language'];
$recipientNotes = $objRecipient->fields['notes'];
$arrAssociatedLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
$arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_AUTHENTICATION_FAILED']);
$showForm = false;
}
} elseif ($isAccessRecipient) {
$objUser = \FWUser::getFWUserObject()->objUser->getUser($recipientId);
if ($objUser) {
$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
}
$this->_createDatesDropdown($recipientBirthday);
if (count($arrStatusMessage['ok']) > 0) {
$this->_objTpl->setVariable('NEWSLETTER_OK_MESSAGE', implode('<br />', $arrStatusMessage['ok']));
$this->_objTpl->parse('newsletter_ok_message');
} else {
$this->_objTpl->hideBlock('newsletter_ok_message');
}
if (count($arrStatusMessage['error']) > 0) {
$this->_objTpl->setVariable('NEWSLETTER_ERROR_MESSAGE', implode('<br />', $arrStatusMessage['error']));
$this->_objTpl->parse('newsletter_error_message');
} else {
$this->_objTpl->hideBlock('newsletter_error_message');
}
$languages = '<select name="language" class="selectLanguage" id="language" >';
$objLanguage = $objDatabase->Execute("SELECT id, name FROM " . DBPREFIX . "languages WHERE frontend = 1 ORDER BY name");
$languages .= '<option value="0">' . $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE_PLEASE_CHOSE'] . '</option>';
while (!$objLanguage->EOF) {
$selected = $objLanguage->fields['id'] == $recipientLanguage ? 'selected' : '';
$languages .= '<option value="' . $objLanguage->fields['id'] . '" ' . $selected . '>' . contrexx_raw2xhtml($objLanguage->fields['name']) . '</option>';
$objLanguage->MoveNext();
}
$languages .= '</select>';
if ($showForm) {
if ($isAccessRecipient) {
if ($this->_objTpl->blockExists('recipient_profile')) {
$this->_objTpl->hideBlock('recipient_profile');
}
} else {
//display settings recipient profile detials
$recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website');
foreach ($recipientAttributesArray as $attribute) {
if ($this->_objTpl->blockExists($attribute)) {
if ($recipientAttributeStatus[$attribute]['active']) {
$this->_objTpl->touchBlock($attribute);
$this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : ''));
} else {
$this->_objTpl->hideBlock($attribute);
}
}
}
$this->_objTpl->setVariable(array('NEWSLETTER_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_WEBSITE' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_SEX_F' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_SEX_M' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="salutation" size="1"'), 'NEWSLETTER_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LANGUAGE' => $languages));
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR']));
if ($this->_objTpl->blockExists('recipient_profile')) {
$this->_objTpl->parse('recipient_profile');
}
}
// only show newsletter-lists that are visible for new users (not yet registered ones)
$excludeDisabledLists = $recipientId == 0;
$arrLists = self::getLists($excludeDisabledLists);
if ($this->_objTpl->blockExists('newsletter_lists')) {
switch (count($arrLists)) {
case 0:
// no lists are active, therefore we shall not try to parse any non existing list
// no lists are active, therefore we shall not try to parse any non existing list
case 1:
// only one list is active, therefore we will not parse any list and will automatically subscribe the user to this very list
if (!$isAccessRecipient) {
$this->_objTpl->hideBlock('newsletter_lists');
break;
}
default:
foreach ($arrLists as $listId => $arrList) {
if ($arrList['status'] || in_array($listId, $arrPreAssociatedInactiveLists)) {
$this->_objTpl->setVariable(array('NEWSLETTER_LIST_ID' => $listId, 'NEWSLETTER_LIST_NAME' => contrexx_raw2xhtml($arrList['name']), 'NEWSLETTER_LIST_SELECTED' => in_array($listId, $arrAssociatedLists) ? 'checked="checked"' : ''));
$this->_objTpl->parse('newsletter_list');
}
}
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_LISTS']));
$this->_objTpl->parse('newsletter_lists');
break;
}
}
$this->_objTpl->setVariable(array('NEWSLETTER_PROFILE_MAIL' => contrexx_raw2xhtml($requestedMail), 'NEWSLETTER_USER_CODE' => $code, 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE']));
$this->_objTpl->parse('newsletterForm');
} else {
$this->_objTpl->hideBlock('newsletterForm');
}
}
function _editUser()
{
global $objDatabase, $_ARRAYLANG, $_CORELANG;
$activeFrontendlang = \FWLanguage::getActiveFrontendLanguages();
$copy = isset($_REQUEST['copy']) && $_REQUEST['copy'] == 1;
$recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
$recipientEmail = '';
$recipientUri = '';
$recipientSex = '';
$recipientSalutation = 0;
$recipientTitle = '';
$recipientPosition = '';
$recipientIndustrySector = '';
$recipientPhoneMobile = '';
$recipientPhonePrivate = '';
$recipientFax = '';
$recipientNotes = '';
$recipientLastname = '';
$recipientFirstname = '';
$recipientCompany = '';
$recipientAddress = '';
$recipientZip = '';
$recipientCity = '';
$recipientCountry = '';
$recipientPhoneOffice = '';
$recipientBirthday = '';
$recipientLanguage = count($activeFrontendlang) == 1 ? key($activeFrontendlang) : '';
$recipientStatus = isset($_POST['newsletter_recipient_status']) ? 1 : (empty($_POST) ? 1 : 0);
$arrAssociatedLists = array();
$recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0;
$recipientSendMailDisplay = false;
if (isset($_POST['newsletter_recipient_email'])) {
$recipientEmail = $_POST['newsletter_recipient_email'];
}
if (isset($_POST['newsletter_recipient_uri'])) {
$recipientUri = $_POST['newsletter_recipient_uri'];
}
if (isset($_POST['newsletter_recipient_sex'])) {
$recipientSex = in_array($_POST['newsletter_recipient_sex'], array('f', 'm')) ? $_POST['newsletter_recipient_sex'] : '';
}
if (isset($_POST['newsletter_recipient_salutation'])) {
// TODO: use FWUSER
$arrRecipientSalutation = $this->_getRecipientTitles();
$recipientSalutation = in_array($_POST['newsletter_recipient_salutation'], array_keys($arrRecipientSalutation)) ? intval($_POST['newsletter_recipient_salutation']) : 0;
}
if (isset($_POST['newsletter_recipient_lastname'])) {
$recipientLastname = $_POST['newsletter_recipient_lastname'];
}
if (isset($_POST['newsletter_recipient_firstname'])) {
$recipientFirstname = $_POST['newsletter_recipient_firstname'];
}
if (isset($_POST['newsletter_recipient_company'])) {
$recipientCompany = $_POST['newsletter_recipient_company'];
}
if (isset($_POST['newsletter_recipient_address'])) {
$recipientAddress = $_POST['newsletter_recipient_address'];
}
if (isset($_POST['newsletter_recipient_zip'])) {
$recipientZip = $_POST['newsletter_recipient_zip'];
}
if (isset($_POST['newsletter_recipient_city'])) {
$recipientCity = $_POST['newsletter_recipient_city'];
}
if (isset($_POST['newsletter_country_id'])) {
$recipientCountry = $_POST['newsletter_country_id'];
}
if (isset($_POST['newsletter_recipient_phone_office'])) {
$recipientPhoneOffice = $_POST['newsletter_recipient_phone_office'];
}
if (isset($_POST['newsletter_recipient_notes'])) {
$recipientNotes = $_POST['newsletter_recipient_notes'];
}
if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) {
$recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']);
}
if (isset($_POST['newsletter_recipient_title'])) {
$recipientTitle = $_POST['newsletter_recipient_title'];
}
if (isset($_POST['newsletter_recipient_position'])) {
$recipientPosition = $_POST['newsletter_recipient_position'];
}
if (isset($_POST['newsletter_recipient_industry_sector'])) {
$recipientIndustrySector = $_POST['newsletter_recipient_industry_sector'];
}
if (isset($_POST['newsletter_recipient_phone_mobile'])) {
$recipientPhoneMobile = $_POST['newsletter_recipient_phone_mobile'];
}
if (isset($_POST['newsletter_recipient_phone_private'])) {
$recipientPhonePrivate = $_POST['newsletter_recipient_phone_private'];
}
if (isset($_POST['newsletter_recipient_fax'])) {
$recipientFax = $_POST['newsletter_recipient_fax'];
}
if (isset($_POST['language'])) {
$recipientLanguage = $_POST['language'];
}
if (isset($_POST['newsletter_recipient_associated_list'])) {
foreach ($_POST['newsletter_recipient_associated_list'] as $listId => $status) {
if (intval($status) == 1) {
array_push($arrAssociatedLists, intval($listId));
}
}
}
// Get interface settings
$objInterface = $objDatabase->Execute('SELECT `setvalue`
FROM `' . DBPREFIX . 'module_newsletter_settings`
WHERE `setname` = "recipient_attribute_status"');
$recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true);
if (isset($_POST['newsletter_recipient_save'])) {
$objValidator = new \FWValidator();
if ($objValidator->isEmail($recipientEmail)) {
if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) {
if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId, $copy)) {
//reset the $recipientId on copy function
$recipientId = $copy ? 0 : $recipientId;
if ($recipientId > 0) {
if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_UPDATED_SUCCESSFULLY'];
return $this->_userList();
} else {
// fall back to old recipient id, if any error occurs on copy
$recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_UPDATE_RECIPIENT'];
}
} else {
if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
if (!empty($recipientSendEmailId)) {
$objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1);
$recipientId = $objRecipient->fields['id'];
$this->insertTmpEmail($recipientSendEmailId, $recipientEmail, self::USER_TYPE_NEWSLETTER);
// setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere.
if ($this->SendEmail($recipientId, $recipientSendEmailId, $recipientEmail, 1, self::USER_TYPE_NEWSLETTER) == false) {
// fall back to old recipient id, if any error occurs on copy
$recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR'];
} else {
$objRecipientCount = $objDatabase->execute('SELECT subject FROM ' . DBPREFIX . 'module_newsletter WHERE id=' . intval($recipientSendEmailId));
$newsTitle = $objRecipientCount->fields['subject'];
// TODO: Unused
// $objUpdateCount =
$objDatabase->execute('
UPDATE ' . DBPREFIX . 'module_newsletter
SET recipient_count = recipient_count+1
WHERE id=' . intval($recipientSendEmailId));
self::$strOkMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MAIL_SEND_SUCCESSFULLY'] . '<br />', '<strong>' . $newsTitle . '</strong>');
}
}
self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_SAVED_SUCCESSFULLY'];
return $this->_userList();
} else {
// fall back to old recipient id, if any error occurs on copy
$recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_SAVE_RECIPIENT'];
}
}
} elseif (empty($recipientId)) {
$objRecipient = $objDatabase->SelectLimit("SELECT id, language, status, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1);
$recipientId = $objRecipient->fields['id'];
$recipientLanguage = $objRecipient->fields['language'];
$recipientStatus = $objRecipient->fields['status'];
$recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $recipientNotes : $recipientNotes;
$objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND id!=" . ($copy ? 0 : $recipientId), 1);
self::$strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS'], '<a href="index.php?cmd=Newsletter&act=users&tpl=edit&id=' . $objResult->fields['id'] . '" target="_blank">' . $_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS_CLICK_HERE'] . '</a>');
}
} else {
self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR'];
}
} else {
self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_INVALIDE_EMAIL_ADDRESS'];
}
} elseif ($recipientId > 0) {
$objRecipient = $objDatabase->SelectLimit("SELECT email, uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1);
if ($objRecipient !== false && $objRecipient->RecordCount() == 1) {
$recipientEmail = $objRecipient->fields['email'];
$recipientUri = $objRecipient->fields['uri'];
$recipientSex = $objRecipient->fields['sex'];
$recipientSalutation = $objRecipient->fields['salutation'];
$recipientTitle = $objRecipient->fields['title'];
$recipientLastname = $objRecipient->fields['lastname'];
$recipientFirstname = $objRecipient->fields['firstname'];
$recipientPosition = $objRecipient->fields['position'];
$recipientCompany = $objRecipient->fields['company'];
$recipientIndustrySector = $objRecipient->fields['industry_sector'];
$recipientAddress = $objRecipient->fields['address'];
$recipientZip = $objRecipient->fields['zip'];
$recipientCity = $objRecipient->fields['city'];
$recipientCountry = $objRecipient->fields['country_id'];
$recipientPhoneOffice = $objRecipient->fields['phone_office'];
$recipientPhonePrivate = $objRecipient->fields['phone_private'];
$recipientPhoneMobile = $objRecipient->fields['phone_mobile'];
$recipientFax = $objRecipient->fields['fax'];
$recipientBirthday = $objRecipient->fields['birthday'];
$recipientLanguage = $objRecipient->fields['language'];
$recipientStatus = $objRecipient->fields['status'];
$recipientNotes = $objRecipient->fields['notes'];
$objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"checked"' : ''));
$this->_objTpl->parse('newsletter_mail_associated_list_' . $column);
$listNr++;
}
if (count($activeFrontendlang) > 1) {
foreach ($activeFrontendlang as $lang) {
$selected = $lang['id'] == $recipientLanguage ? 'selected="selected"' : '';
$this->_objTpl->setVariable(array('NEWSLETTER_LANGUAGE_ID' => contrexx_raw2xhtml($lang['id']), 'NEWSLETTER_LANGUAGE_NAME' => contrexx_raw2xhtml($lang['name']), 'NEWSLETTER_LANGUAGES_SELECTED' => $selected));
$this->_objTpl->parse('languages');
}
$languageOptionDisplay = true;
} else {
$this->_objTpl->hideBlock('languageOption');
}
if (empty($recipientId) || $copy) {
$objNewsletterMails = $objDatabase->Execute('SELECT
id,
subject
FROM ' . DBPREFIX . 'module_newsletter
ORDER BY status, id DESC');
while (!$objNewsletterMails->EOF) {
$selected = $recipientSendEmailId == $objNewsletterMails->fields['id'] ? 'selected="selected"' : '';
$this->_objTpl->setVariable(array('NEWSLETTER_EMAIL_ID' => contrexx_raw2xhtml($objNewsletterMails->fields['id']), 'NEWSLETTER_EMAIL_NAME' => contrexx_raw2xhtml($objNewsletterMails->fields['subject']), 'NEWSLETTER_EMAIL_SELECTED' => $selected));
$this->_objTpl->parse('allMails');
$objNewsletterMails->MoveNext();
}
$recipientSendMailDisplay = true;
} else {
$this->_objTpl->hideBlock('sendEmail');
}
// Display settings recipient general attributes
$sendMailRowClass = $languageOptionDisplay ? 'row2' : 'row1';
if ($languageOptionDisplay && $recipientSendMailDisplay) {
$associatedListRowClass = 'row1';
} elseif ($languageOptionDisplay || $recipientSendMailDisplay) {
$associatedListRowClass = 'row2';
} else {
$associatedListRowClass = 'row1';
}
$recipientNotesRowClass = $associatedListRowClass == 'row1' ? 'row2' : 'row1';
$this->_objTpl->setVariable(array('NEWSLETTER_SEND_EMAIL_ROWCLASS' => $sendMailRowClass, 'NEWSLETTER_ASSOCIATED_LISTS_ROWCLASS' => $associatedListRowClass, 'NEWSLETTER_NOTES_ROWCLASS' => $recipientNotesRowClass));
//display settings recipient profile detials
$recipientAttributeDisplay = false;
foreach ($recipientAttributeStatus as $value) {
if ($value['active']) {
$recipientAttributeDisplay = true;
break;
}
}
$profileRowCount = 0;
$recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website');
if ($recipientAttributeDisplay) {
foreach ($recipientAttributesArray as $attribute) {
if ($recipientAttributeStatus[$attribute]['active'] && $this->_objTpl->blockExists($attribute)) {
$this->_objTpl->touchBlock($attribute);
$this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_ROW_CLASS' => $profileRowCount % 2 == 0 ? 'row2' : 'row1', 'NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : ''));
$profileRowCount++;
} else {
$this->_objTpl->hideBlock($attribute);
}
}
} else {
$this->_objTpl->hideBlock('recipientProfileAttributes');
}
$filterParams = (!empty($_GET['newsletterListId']) ? '&newsletterListId=' . contrexx_input2raw($_GET['newsletterListId']) : '') . (!empty($_GET['filterkeyword']) ? '&filterkeyword=' . contrexx_input2raw($_GET['filterkeyword']) : '') . (!empty($_GET['filterattribute']) ? '&filterattribute=' . contrexx_input2raw($_GET['filterattribute']) : '') . (!empty($_GET['filterStatus']) ? '&filterStatus=' . contrexx_input2raw($_GET['filterStatus']) : '');
$this->_objTpl->setVariable(array('NEWSLETTER_RECIPIENT_ID' => $recipientId, 'NEWSLETTER_RECIPIENT_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'TXT_NEWSLETTER_STATUS' => $_ARRAYLANG['TXT_NEWSLETTER_STATUS'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'TXT_NEWSLETTER_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_ASSOCIATED_LISTS'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_PROFILE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'NEWSLETTER_RECIPIENT_STATUS' => $recipientStatus == '1' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_URI' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FEMALE' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_MALE' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="newsletter_recipient_salutation" style="width:296px" size="1"'), 'NEWSLETTER_RECIPIENT_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_RECIPIENT_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_BIRTHDAY' => htmlentities($recipientBirthday, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COPY' => $copy ? 1 : 0, 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_CANCEL' => $_CORELANG['TXT_CANCEL'], 'TXT_NEWSLETTER_DO_NOT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_DO_NOT_SEND_EMAIL'], 'TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR'], 'NEWSLETTER_FILTER_PARAMS' => $filterParams));
$this->_objTpl->parse('module_newsletter_user_edit');
return true;
}
function send()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
$this->_objTpl->setTemplate($this->pageContent);
// Initialize variables
$code = substr(md5(rand()), 1, 10);
$url = \Cx\Core\Routing\Url::fromModuleAndCmd('Ecard', 'show', '', array('code' => $code))->toString();
// Initialize POST variables
$id = intval($_POST['selectedEcard']);
$message = contrexx_addslashes($_POST['ecardMessage']);
$recipientSalutation = contrexx_stripslashes($_POST['ecardRecipientSalutation']);
$senderName = contrexx_stripslashes($_POST['ecardSenderName']);
$senderEmail = \FWValidator::isEmail($_POST['ecardSenderEmail']) ? $_POST['ecardSenderEmail'] : '';
$recipientName = contrexx_stripslashes($_POST['ecardRecipientName']);
$recipientEmail = \FWValidator::isEmail($_POST['ecardRecipientEmail']) ? $_POST['ecardRecipientEmail'] : '';
if (empty($senderEmail) || empty($recipientEmail)) {
$this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR']));
return false;
}
$query = "\n SELECT `setting_name`, `setting_value`\n FROM " . DBPREFIX . "module_ecard_settings";
$objResult = $objDatabase->Execute($query);
while (!$objResult->EOF) {
switch ($objResult->fields['setting_name']) {
case 'validdays':
$validdays = $objResult->fields['setting_value'];
break;
// Never used
// case 'greetings':
// $greetings = $objResult->fields['setting_value'];
// break;
// Never used
// case 'greetings':
// $greetings = $objResult->fields['setting_value'];
// break;
case 'subject':
$subject = $objResult->fields['setting_value'];
break;
case 'emailText':
$emailText = strip_tags($objResult->fields['setting_value']);
break;
}
$objResult->MoveNext();
}
$timeToLife = $validdays * 86400;
// Replace placeholders with used in notification mail with user data
$emailText = str_replace('[[ECARD_RECIPIENT_SALUTATION]]', $recipientSalutation, $emailText);
$emailText = str_replace('[[ECARD_RECIPIENT_NAME]]', $recipientName, $emailText);
$emailText = str_replace('[[ECARD_RECIPIENT_EMAIL]]', $recipientEmail, $emailText);
$emailText = str_replace('[[ECARD_SENDER_NAME]]', $senderName, $emailText);
$emailText = str_replace('[[ECARD_SENDER_EMAIL]]', $senderEmail, $emailText);
$emailText = str_replace('[[ECARD_VALID_DAYS]]', $validdays, $emailText);
$emailText = str_replace('[[ECARD_URL]]', $url, $emailText);
$body = $emailText;
// Insert ecard to DB
$query = "\n INSERT INTO `" . DBPREFIX . "module_ecard_ecards` (\n code, date, TTL, salutation,\n senderName, senderEmail,\n recipientName, recipientEmail,\n message\n ) VALUES (\n '" . $code . "',\n '" . time() . "',\n '" . $timeToLife . "',\n '" . addslashes($recipientSalutation) . "',\n '" . addslashes($senderName) . "',\n '" . $senderEmail . "',\n '" . addslashes($recipientName) . "',\n '" . $recipientEmail . "',\n '" . $message . "');";
if ($objDatabase->Execute($query)) {
$query = "\n SELECT setting_value\n FROM " . DBPREFIX . "module_ecard_settings\n WHERE setting_name='motive_{$id}'";
$objResult = $objDatabase->SelectLimit($query, 1);
// Copy motive to new file with $code as filename
$fileExtension = preg_replace('/^.+(\\.[^\\.]+)$/', '$1', $objResult->fields['setting_value']);
$fileName = $objResult->fields['setting_value'];
$objFile = new \File();
if ($objFile->copyFile(ASCMS_ECARD_OPTIMIZED_PATH . '/', $fileName, ASCMS_ECARD_SEND_ECARDS_PATH . '/', $code . $fileExtension)) {
$objMail = new \phpmailer();
// Check e-mail settings
if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once ASCMS_CORE_PATH . '/SmtpSettings.class.php')) {
$objSmtpSettings = new \SmtpSettings();
if (($arrSmtp = $objSmtpSettings->getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
// Send notification mail to ecard-recipient
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->SetFrom($senderEmail, $senderName);
$objMail->Subject = $subject;
$objMail->IsHTML(false);
$objMail->Body = $body;
$objMail->AddAddress($recipientEmail);
if ($objMail->Send()) {
$this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_HAS_BEEN_SENT']));
} else {
$this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_MAIL_SENDING_ERROR']));
}
}
} else {
$this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR']));
}
}
/**
* creates the upload page for the frontend
*/
private function uploadPage()
{
global $_ARRAYLANG, $objDatabase, $_CONFIG;
$params = $this->objUrl->getParamArray();
// the upload is finished and the script has to send a mail and assign the expiration dates
if (!empty($this->files) && $_POST["accept_terms"]) {
// set expiration time
$cmd = \Env::get("Resolver")->getCmd();
if ($cmd != "downloads") {
$expiration_date = date("Y-m-d H:i:s", time() + $_POST["expiration"]);
$objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . contrexx_raw2db($expiration_date) . "' WHERE `upload_id` = '" . intval($params["uploadId"]) . "'");
}
// send the mail to the reciever
if (\FWValidator::isEmail($_POST["email"])) {
parent::sendMail($params["uploadId"], $_POST["subject"], array($_POST["email"]), $_POST["message"]);
}
// send the mail to the administrator
parent::sendMail($params["uploadId"], null, array($_CONFIG['coreAdminEmail']), $_POST["message"]);
// reset the upload id so the uploads are invisible now
$objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `upload_id` = NULL WHERE `upload_id` = " . intval($params["uploadId"]));
$this->getFileList();
} else {
$this->getForm();
}
// set the template-variables for the expiration dates
foreach ($_ARRAYLANG["TXT_FILESHARING_EXPIRATION_DATES"] as $placeholder => $value) {
$this->objTemplate->setVariable(strtoupper($placeholder), $value);
}
}
/**
* Validate an E-mail address
*
* @param string unvalidated email string
* @return boolean
* @access public
*/
function isEmail($email)
{
require_once ASCMS_FRAMEWORK_PATH . '/Validator.class.php';
return FWValidator::isEmail($email);
}
/**
* Sends an email with the contact details to the responsible persons
*
* This methode sends an email to all email addresses that are defined in the
* option "Receiver address(es)" of the requested contact form.
* @access private
* @global array
* @global array
* @param array Details of the contact request
* @see _getEmailAdressOfString(), phpmailer::From, phpmailer::FromName, phpmailer::AddReplyTo(), phpmailer::Subject, phpmailer::IsHTML(), phpmailer::Body, phpmailer::AddAddress(), phpmailer::Send(), phpmailer::ClearAddresses()
*/
private function sendMail($arrFormData)
{
global $_ARRAYLANG, $_CONFIG;
$plaintextBody = '';
$replyAddress = '';
$firstname = '';
$lastname = '';
$senderName = '';
$isHtml = $arrFormData['htmlMail'] == 1 ? true : false;
// stop send process in case no real data had been submitted
if (!isset($arrFormData['data']) && !isset($arrFormData['uploadedFiles'])) {
return false;
}
// check if we shall send the email as multipart (text/html)
if ($isHtml) {
// setup html mail template
$objTemplate = new \Cx\Core\Html\Sigma('.');
$objTemplate->setErrorHandling(PEAR_ERROR_DIE);
$objTemplate->setTemplate($arrFormData['mailTemplate']);
$objTemplate->setVariable(array('DATE' => date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']), 'HOSTNAME' => contrexx_raw2xhtml($arrFormData['meta']['host']), 'IP_ADDRESS' => contrexx_raw2xhtml($arrFormData['meta']['ipaddress']), 'BROWSER_LANGUAGE' => contrexx_raw2xhtml($arrFormData['meta']['lang']), 'BROWSER_VERSION' => contrexx_raw2xhtml($arrFormData['meta']['browser'])));
}
// TODO: check if we have to excape $arrRecipients later in the code
$arrRecipients = $this->getRecipients(intval($_GET['cmd']));
// calculate the longest field label.
// this will be used to correctly align all user submitted data in the plaintext e-mail
// TODO: check if the label of upload-fields are taken into account as well
$maxlength = 0;
foreach ($arrFormData['fields'] as $arrField) {
$length = strlen($arrField['lang'][FRONTEND_LANG_ID]['name']);
$maxlength = $maxlength < $length ? $length : $maxlength;
}
// try to fetch a user submitted e-mail address to which we will send a copy to
if (!empty($arrFormData['fields'])) {
foreach ($arrFormData['fields'] as $fieldId => $arrField) {
// check if field validation is set to e-mail
if ($arrField['check_type'] == '2') {
$mail = trim($arrFormData['data'][$fieldId]);
if (\FWValidator::isEmail($mail)) {
$replyAddress = $mail;
break;
}
}
if ($arrField['type'] == 'special') {
switch ($arrField['special_type']) {
case 'access_firstname':
$firstname = trim($arrFormData['data'][$fieldId]);
break;
case 'access_lastname':
$lastname = trim($arrFormData['data'][$fieldId]);
break;
default:
break;
}
}
}
}
if ($arrFormData['useEmailOfSender'] == 1 && (!empty($firstname) || !empty($lastname))) {
$senderName = trim($firstname . ' ' . $lastname);
} else {
$senderName = $_CONFIG['coreGlobalPageTitle'];
}
// a recipient mail address which has been picked by sender
$chosenMailRecipient = null;
// fill the html and plaintext body with the submitted form data
foreach ($arrFormData['fields'] as $fieldId => $arrField) {
if ($fieldId == 'unique_id') {
//generated for uploader. no interesting mail content.
continue;
}
$htmlValue = '';
$plaintextValue = '';
$textAreaKeys = array();
switch ($arrField['type']) {
case 'label':
case 'fieldset':
// TODO: parse TH row instead
// TODO: parse TH row instead
case 'horizontalLine':
// TODO: add visual horizontal line
// we need to use a 'continue 2' here to first break out of the switch and then move over to the next iteration of the foreach loop
continue 2;
break;
case 'file':
case 'multi_file':
$htmlValue = "";
$plaintextValue = "";
if (isset($arrFormData['uploadedFiles'][$fieldId])) {
$htmlValue = "<ul>";
foreach ($arrFormData['uploadedFiles'][$fieldId] as $file) {
$htmlValue .= "<li><a href='" . ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . contrexx_raw2xhtml($file['path']) . "' >" . contrexx_raw2xhtml($file['name']) . "</a></li>";
$plaintextValue .= ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . $file['path'] . "\r\n";
}
$htmlValue .= "</ul>";
}
break;
case 'checkbox':
$plaintextValue = !empty($arrFormData['data'][$fieldId]) ? $_ARRAYLANG['TXT_CONTACT_YES'] : $_ARRAYLANG['TXT_CONTACT_NO'];
$htmlValue = $plaintextValue;
break;
case 'recipient':
// TODO: check for XSS
$plaintextValue = $arrRecipients[$arrFormData['data'][$fieldId]]['lang'][FRONTEND_LANG_ID];
$htmlValue = $plaintextValue;
$chosenMailRecipient = $arrRecipients[$arrFormData['data'][$fieldId]]['email'];
break;
case 'textarea':
//we need to know all textareas - they're indented differently then the rest of the other field types
$textAreaKeys[] = $fieldId;
default:
$plaintextValue = isset($arrFormData['data'][$fieldId]) ? $arrFormData['data'][$fieldId] : '';
$htmlValue = contrexx_raw2xhtml($plaintextValue);
break;
}
$fieldLabel = $arrField['lang'][FRONTEND_LANG_ID]['name'];
// try to fetch an e-mail address from submitted form date in case we were unable to fetch one from an input type with e-mail validation
if (empty($replyAddress)) {
$mail = $this->_getEmailAdressOfString($plaintextValue);
if (\FWValidator::isEmail($mail)) {
$replyAddress = $mail;
}
}
// parse html body
if ($isHtml) {
if (!empty($htmlValue)) {
if ($objTemplate->blockExists('field_' . $fieldId)) {
// parse field specific template block
$objTemplate->setVariable(array('FIELD_' . $fieldId . '_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_' . $fieldId . '_VALUE' => $htmlValue));
$objTemplate->parse('field_' . $fieldId);
} elseif ($objTemplate->blockExists('form_field')) {
// parse regular field template block
$objTemplate->setVariable(array('FIELD_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_VALUE' => $htmlValue));
$objTemplate->parse('form_field');
}
} elseif ($objTemplate->blockExists('field_' . $fieldId)) {
// hide field specific template block, if present
$objTemplate->hideBlock('field_' . $fieldId);
}
}
// parse plaintext body
$tabCount = $maxlength - strlen($fieldLabel);
$tabs = $tabCount == 0 ? 1 : $tabCount + 1;
// TODO: what is this all about? - $value is undefined
if ($arrFormData['fields'][$fieldId]['type'] == 'recipient') {
$value = $arrRecipients[$value]['lang'][FRONTEND_LANG_ID];
}
if (in_array($fieldId, $textAreaKeys)) {
// we're dealing with a textarea, don't indent value
$plaintextBody .= $fieldLabel . ":\n" . $plaintextValue . "\n";
} else {
$plaintextBody .= $fieldLabel . str_repeat(" ", $tabs) . ": " . $plaintextValue . "\n";
}
}
$arrSettings = $this->getSettings();
// TODO: this is some fixed plaintext message data -> must be ported to html body
$message = $_ARRAYLANG['TXT_CONTACT_TRANSFERED_DATA_FROM'] . " " . $_CONFIG['domainUrl'] . "\n\n";
if ($arrSettings['fieldMetaDate']) {
$message .= $_ARRAYLANG['TXT_CONTACT_DATE'] . " " . date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']) . "\n\n";
}
$message .= $plaintextBody . "\n\n";
if ($arrSettings['fieldMetaHost']) {
$message .= $_ARRAYLANG['TXT_CONTACT_HOSTNAME'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['host']) . "\n";
}
if ($arrSettings['fieldMetaIP']) {
$message .= $_ARRAYLANG['TXT_CONTACT_IP_ADDRESS'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['ipaddress']) . "\n";
}
if ($arrSettings['fieldMetaLang']) {
$message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_LANGUAGE'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['lang']) . "\n";
}
$message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_VERSION'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['browser']) . "\n";
if (@(include_once \Env::get('cx')->getCodeBaseLibraryPath() . '/phpmailer/class.phpmailer.php')) {
$objMail = new \phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once \Env::get('cx')->getCodeBaseCorePath() . '/SmtpSettings.class.php')) {
if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->From = $_CONFIG['coreAdminEmail'];
$objMail->FromName = $senderName;
if (!empty($replyAddress)) {
$objMail->AddReplyTo($replyAddress);
if ($arrFormData['sendCopy'] == 1) {
$objMail->AddAddress($replyAddress);
}
if ($arrFormData['useEmailOfSender'] == 1) {
$objMail->From = $replyAddress;
}
}
$objMail->Subject = $arrFormData['subject'];
if ($isHtml) {
$objMail->Body = $objTemplate->get();
$objMail->AltBody = $message;
} else {
$objMail->IsHTML(false);
$objMail->Body = $message;
}
// attach submitted files to email
if (count($arrFormData['uploadedFiles']) > 0 && $arrFormData['sendAttachment'] == 1) {
foreach ($arrFormData['uploadedFiles'] as $arrFilesOfField) {
foreach ($arrFilesOfField as $file) {
$objMail->AddAttachment(\Env::get('cx')->getWebsiteDocumentRootPath() . $file['path'], $file['name']);
}
}
}
if ($chosenMailRecipient !== null) {
if (!empty($chosenMailRecipient)) {
$objMail->AddAddress($chosenMailRecipient);
$objMail->Send();
$objMail->ClearAddresses();
}
} else {
foreach ($arrFormData['emails'] as $sendTo) {
if (!empty($sendTo)) {
$objMail->AddAddress($sendTo);
$objMail->Send();
$objMail->ClearAddresses();
}
}
}
}
return true;
}
/**
* Returns true if the given $username is valid
* @param string $username
* @return boolean
* @static
*/
public static function isValidUsername($username)
{
if (preg_match('/^[a-zA-Z0-9-_]*$/', $username)) {
return true;
}
// For version 2.3, inspired by migrating Shop Customers to Users:
// In addition to the above, also accept usernames that look like valid
// e-mail addresses
// TODO: Maybe this should be restricted to MODULE_ID == 16 (Shop)?
if (FWValidator::isEmail($username)) {
return true;
}
return false;
}
