public function captcha()
{
$app = JFactory::getApplication();
$model = $this->getModel('subscribe');
if ($model->getUseBuiltin()) {
// Load Captcha
if (!class_exists('JSecurImage')) {
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/securimage/securimage.php';
}
ob_end_clean();
$captcha = new JSecurImage();
$captcha->num_lines = RSMembershipHelper::getConfig('captcha_lines') ? 8 : 0;
$captcha->code_length = RSMembershipHelper::getConfig('captcha_characters');
$captcha->image_width = 30 * $captcha->code_length + 50;
$captcha->show();
}
$app->close();
}
function _bindData($verbose = true)
{
$option = 'com_rsmembership';
jimport('joomla.mail.helper');
$return = true;
$post = JRequest::get('post');
if (empty($post)) {
return false;
}
$this->_data = new stdClass();
$user =& JFactory::getUser();
$choose_username = RSMembershipHelper::getConfig('choose_username');
if ($choose_username) {
$post['username'] = str_replace('-', '_', JFilterOutput::linkXHTMLSafe(@$post['username']));
if ($user->get('guest')) {
if (empty($post['username']) || strlen($post['username']) < 2) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_TYPE_USERNAME'));
}
$return = false;
}
$this->_db->setQuery("SELECT id FROM #__users WHERE username='******'username']) . "'");
if ($this->_db->loadResult()) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_USERNAME_NOT_OK'));
}
$return = false;
}
}
$this->_data->username = $user->get('guest') ? @$post['username'] : $user->get('username');
}
$choose_password = RSMembershipHelper::getConfig('choose_password');
if ($choose_password) {
$password = JRequest::getVar('password', '', 'default', 'none', JREQUEST_ALLOWRAW);
$password2 = JRequest::getVar('password2', '', 'default', 'none', JREQUEST_ALLOWRAW);
if ($user->get('guest')) {
if (!strlen($password)) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_TYPE_PASSWORD'));
}
$return = false;
} elseif (strlen($password) < 6) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_TYPE_PASSWORD_6'));
}
$return = false;
} elseif ($password != $password2) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_CONFIRM_PASSWORD'));
}
$return = false;
}
}
$this->_data->password = $user->get('guest') ? md5($password) : '';
}
if ($user->get('guest') && empty($post['name'])) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_TYPE_NAME'));
}
$return = false;
}
$this->_data->name = $user->get('guest') ? @$post['name'] : $user->get('name');
if ($user->get('guest') && (empty($post['email']) || !JMailHelper::isEmailAddress($post['email']))) {
if ($verbose) {
JError::raiseWarning(500, JText::_('RSM_PLEASE_TYPE_EMAIL'));
}
$return = false;
}
$this->_data->email = $user->get('guest') ? @$post['email'] : $user->get('email');
$db =& JFactory::getDBO();
$db->setQuery("SELECT * FROM #__rsmembership_fields WHERE (required='1' OR `rule` != '') AND published='1' ORDER BY ordering");
$fields = $db->loadObjectList();
foreach ($fields as $field) {
if ($field->required && empty($post['rsm_fields'][$field->name]) || $field->rule && !empty($post['rsm_fields'][$field->name]) && is_callable('RSMembershipValidation', $field->rule) && !call_user_func(array('RSMembershipValidation', $field->rule), @$post['rsm_fields'][$field->name])) {
$validation_message = JText::_($field->validation);
if (empty($validation_message)) {
$validation_message = JText::sprintf('RSM_VALIDATION_DEFAULT_ERROR', JText::_($field->label));
}
if ($verbose) {
JError::raiseWarning(500, $validation_message);
}
$return = false;
}
}
$this->_data->fields = @$post['rsm_fields'];
// coupon
$this->_data->coupon = JRequest::getVar('coupon');
$captcha_enabled = RSMembershipHelper::getConfig('captcha_enabled');
$use_captcha = $this->getUseCaptcha();
if ($use_captcha && $captcha_enabled && $verbose) {
if ($captcha_enabled == 1) {
if (!class_exists('JSecurImage')) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'helpers' . DS . 'securimage' . DS . 'securimage.php';
}
$captcha_image = new JSecurImage();
$valid = $captcha_image->check($post['captcha']);
if (!$valid) {
JError::raiseNotice(500, JText::_('RSM_CAPTCHA_ERROR'));
$return = false;
}
} elseif ($captcha_enabled == 2) {
if (!class_exists('JReCAPTCHA')) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'helpers' . DS . 'recaptcha' . DS . 'recaptchalib.php';
}
$privatekey = RSMembershipHelper::getConfig('recaptcha_private_key');
$response = JReCAPTCHA::checkAnswer($privatekey, @$_SERVER['REMOTE_ADDR'], @$post['recaptcha_challenge_field'], @$post['recaptcha_response_field']);
if ($response === false || !$response->is_valid) {
$this->recaptcha_error = @$response->error;
JError::raiseNotice(500, JText::_('RSM_CAPTCHA_ERROR'));
$return = false;
}
}
}
$session = JFactory::getSession();
$session->set($option . '.subscribe.data', $this->_data);
return $return;
}
function captcha()
{
$captcha_enabled = RSMembershipHelper::getConfig('captcha_enabled');
if (!$captcha_enabled) {
return false;
}
ob_end_clean();
if ($captcha_enabled == 1) {
if (!class_exists('JSecurImage')) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_rsmembership' . DS . 'helpers' . DS . 'securimage' . DS . 'securimage.php';
}
$captcha = new JSecurImage();
$captcha_lines = RSMembershipHelper::getConfig('captcha_lines');
if ($captcha_lines) {
$captcha->num_lines = 8;
} else {
$captcha->num_lines = 0;
}
$captcha_characters = RSMembershipHelper::getConfig('captcha_characters');
$captcha->code_length = $captcha_characters;
$captcha->image_width = 30 * $captcha_characters + 50;
$captcha->show();
}
die;
}
function _processData()
{
// don't process anything if the form hasn't been submitted
if (empty($this->_data['task']) || $this->_data['task'] != 'submit') {
return;
}
$mainframe =& JFactory::getApplication();
// get the customer (ticket submitter) information
$user = JFactory::getUser();
if ($mainframe->isSite() && $user->get('guest') || $mainframe->isAdmin() && $this->_data['submit_type'] == 1) {
jimport('joomla.mail.helper');
if (empty($this->_data['email']) || !JMailHelper::isEmailAddress($this->_data['email'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_EMAIL_ERROR'));
return;
}
$this->_db->setQuery("SELECT id FROM #__users WHERE email LIKE '" . $this->_db->getEscaped($this->_data['email']) . "'");
$user_id = $this->_db->loadResult();
if ($user_id && RSTicketsProHelper::isStaff($user_id)) {
JError::raiseNotice(500, JText::sprintf('RST_TICKET_EMAIL_STAFF_ERROR', $this->_data['email']));
return;
}
$this->_data['customer_id'] = 0;
if (empty($this->_data['name'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_NAME_ERROR'));
return;
}
} else {
$this->_data['email'] = $user->get('email');
$this->_data['name'] = $user->get('name');
$this->_data['customer_id'] = $user->get('id');
if (RSTicketsProHelper::isStaff()) {
$permissions = RSTicketsProHelper::getCurrentPermissions();
if (!$permissions->add_ticket && !$permissions->add_ticket_customers && !$permissions->add_ticket_staff) {
JError::raiseWarning(500, JText::_('RST_STAFF_CANNOT_SUBMIT_TICKET'));
$mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=rsticketspro', false));
} elseif ($permissions->add_ticket_customers || $permissions->add_ticket_staff) {
$this->_data['email'] = '';
$this->_data['name'] = '';
$this->_data['customer_id'] = 0;
$customer_id = JRequest::getInt('customer_id', 0, 'post');
if ($mainframe->isSite() && !$customer_id || $mainframe->isAdmin() && $this->_data['submit_type'] == 2 && !$customer_id) {
JError::raiseNotice(500, JText::_('RST_TICKET_CUSTOMER_ERROR'));
return;
}
$customer = JFactory::getUser($customer_id);
$this->_data['email'] = $customer->get('email');
$this->_data['name'] = $customer->get('name');
$this->_data['customer_id'] = $customer->get('id');
}
}
}
// must select a department
if (empty($this->_data['department_id'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_DEPARTMENT_ERROR'));
return;
}
// get all custom fields
$custom_fields = $this->_getList("SELECT * FROM #__rsticketspro_custom_fields WHERE department_id='" . (int) $this->_data['department_id'] . "' AND published=1 ORDER BY ordering");
// get the submitted custom fields
$sent_custom_fields = JRequest::getVar('rst_custom_fields', array(), 'post');
$sent_custom_fields = @$sent_custom_fields['department_' . $this->_data['department_id']];
// add the custom fields to an array so that we can send them as a parameter later on
$correct_custom_fields = array();
foreach ($custom_fields as $field) {
if ($field->type == 'freetext') {
continue;
}
if ($field->required) {
$validation_message = JText::_($field->validation);
if (empty($validation_message)) {
$validation_message = JText::sprintf('RST_VALIDATION_DEFAULT_ERROR', JText::_($field->label));
}
if (empty($sent_custom_fields[$field->name])) {
JError::raiseNotice(500, $validation_message);
return false;
} elseif (is_array($sent_custom_fields[$field->name]) && empty($sent_custom_fields[$field->name][0])) {
JError::raiseNotice(500, $validation_message);
return false;
}
}
if (!empty($sent_custom_fields[$field->name])) {
$correct_custom_fields[$field->id] = $sent_custom_fields[$field->name];
}
}
// must write a subject
if (empty($this->_data['subject'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_SUBJECT_ERROR'));
return;
}
// must write a message
if (empty($this->_data['message'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_MESSAGE_ERROR'));
return;
}
// must select a priority
if (empty($this->_data['priority_id'])) {
JError::raiseNotice(500, JText::_('RST_TICKET_PRIORITY_ERROR'));
return;
}
if ($mainframe->isSite()) {
$captcha_enabled = RSTicketsProHelper::getConfig('captcha_enabled');
$use_captcha = $this->getUseCaptcha();
if ($use_captcha && $captcha_enabled) {
if ($captcha_enabled == 1) {
$captcha_image = new JSecurImage();
$valid = $captcha_image->check($this->_data['captcha']);
if (!$valid) {
JError::raiseNotice(500, JText::_('RST_TICKET_CAPTCHA_ERROR'));
return;
}
} elseif ($captcha_enabled == 2) {
$privatekey = RSTicketsProHelper::getConfig('recaptcha_private_key');
$response = JReCAPTCHA::checkAnswer($privatekey, @$_SERVER['REMOTE_ADDR'], @$this->_data['recaptcha_challenge_field'], @$this->_data['recaptcha_response_field']);
if ($response === false || !$response->is_valid) {
$this->recaptcha_error = @$response->error;
JError::raiseNotice(500, JText::_('RST_TICKET_CAPTCHA_ERROR'));
return;
}
}
}
}
$this->_data['agent'] = @$_SERVER['HTTP_USER_AGENT'];
$this->_data['referer'] = @$_SERVER['HTTP_REFERER'];
$this->_data['ip'] = @$_SERVER['REMOTE_ADDR'];
$correct_files = array();
if ($this->getCanUpload()) {
$department =& JTable::getInstance('RSTicketsPro_Departments', 'Table');
$department->load($this->_data['department_id']);
$upload_extensions = str_replace("\r\n", "\n", $department->upload_extensions);
$upload_extensions = explode("\n", $upload_extensions);
$files = JRequest::get('files');
$files = @$files['rst_files'];
if (is_array($files)) {
foreach ($files['tmp_name'] as $i => $file_tmp) {
if ($files['error'][$i] == 4) {
continue;
}
switch ($files['error'][$i]) {
default:
$msg = 'RST_TICKET_UPLOAD_ERROR';
break;
case 1:
$msg = 'RST_TICKET_UPLOAD_ERROR_INI_SIZE';
break;
case 2:
$msg = 'RST_TICKET_UPLOAD_ERROR_FORM_SIZE';
break;
case 3:
$msg = 'RST_TICKET_UPLOAD_ERROR_PARTIAL';
break;
case 6:
$msg = 'RST_TICKET_UPLOAD_ERROR_NO_TMP_DIR';
break;
case 7:
$msg = 'RST_TICKET_UPLOAD_ERROR_CANT_WRITE';
break;
case 8:
$msg = 'RST_TICKET_UPLOAD_ERROR_PHP_EXTENSION';
break;
}
$file_name = $files['name'][$i];
if ($files['error'][$i]) {
JError::raiseWarning(500, JText::sprintf($msg, $file_name));
return;
}
if (!RSTicketsProHelper::isAllowedExtension(RSTicketsProHelper::getExtension($file_name), $upload_extensions)) {
$upload_extensions = implode(', ', $upload_extensions);
JError::raiseNotice(500, JText::sprintf('RST_TICKET_UPLOAD_EXTENSION_ERROR', $file_name, $upload_extensions));
return;
}
if ($department->upload_size > 0 && $files['size'][$i] > $department->upload_size * 1048576) {
JError::raiseWarning(500, JText::sprintf('RST_TICKET_UPLOAD_SIZE_ERROR', $file_name, $department->upload_size));
return;
}
$correct_files[] = array('src' => 'upload', 'tmp_name' => $file_tmp, 'name' => $file_name);
}
}
}
RSTicketsProHelper::addTicket($this->_data, $correct_custom_fields, $correct_files);
$redirect = RSTicketsProHelper::getConfig('submit_redirect');
if ($redirect && $mainframe->isSite()) {
$mainframe->redirect($redirect);
} else {
$mainframe->redirect(RSTicketsProHelper::route('index.php?option=com_rsticketspro&view=submit', false), JText::_('RST_TICKET_SUBMIT_OK'));
}
}
public function validateCaptcha()
{
$builtin = $this->getUseBuiltin();
$recaptcha = $this->getUseReCaptcha();
$recaptcha_new = $this->getUseReCaptchaNew();
$input = JFactory::getApplication()->input;
if ($this->getUseCaptcha()) {
if ($builtin) {
// Load Captcha
if (!class_exists('JSecurImage')) {
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/securimage/securimage.php';
}
$image = new JSecurImage();
$code = $input->get('captcha', '', 'string');
if (!$image->check($code)) {
$this->setError(JText::_('COM_RSMEMBERSHIP_CAPTCHA_ERROR'));
return false;
}
} elseif ($recaptcha) {
// Load ReCaptcha
if (!class_exists('JReCAPTCHA')) {
require_once JPATH_ADMINISTRATOR . '/components/com_rsmembership/helpers/recaptcha/recaptchalib.php';
}
$privatekey = RSMembershipHelper::getConfig('recaptcha_private_key');
$challenge = $input->get('recaptcha_challenge_field', '', 'string');
$response = $input->get('recaptcha_response_field', '', 'string');
$result = JReCAPTCHA::checkAnswer($privatekey, isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', $challenge, $response);
if (!$result || !$result->is_valid) {
if ($result) {
$this->recaptcha_error = $result->error;
}
$this->setError(JText::_('COM_RSMEMBERSHIP_CAPTCHA_ERROR'));
return false;
}
} elseif ($recaptcha_new) {
$response = $input->get('g-recaptcha-response', '', 'raw');
$ip = $input->server->get('REMOTE_ADDR');
$secret = RSMembershipHelper::getConfig('recaptcha_new_secret_key');
try {
jimport('joomla.http.factory');
$http = JHttpFactory::getHttp();
if ($request = $http->get('https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($secret) . '&response=' . urlencode($response) . '&remoteip=' . urlencode($ip))) {
$json = json_decode($request->body);
}
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
if (empty($json->success) || !$json->success) {
if (!empty($json) && isset($json->{'error-codes'}) && is_array($json->{'error-codes'})) {
foreach ($json->{'error-codes'} as $code) {
$this->setError(JText::_('COM_RSMEMBERSHIP_RECAPTCHA_NEW_ERR_' . str_replace('-', '_', $code)));
return false;
}
}
}
}
}
return true;
}
function captcha()
{
$captcha_enabled = RSTicketsProHelper::getConfig('captcha_enabled');
if (!$captcha_enabled) {
return false;
}
ob_end_clean();
if ($captcha_enabled == 1) {
$captcha = new JSecurImage();
$captcha_lines = RSTicketsProHelper::getConfig('captcha_lines');
if ($captcha_lines) {
$captcha->num_lines = 8;
} else {
$captcha->num_lines = 0;
}
$captcha_characters = RSTicketsProHelper::getConfig('captcha_characters');
$captcha->code_length = $captcha_characters;
$captcha->image_width = 30 * $captcha_characters + 50;
$captcha->show();
}
die;
}
