Exemplo n.º 1
0
function contact()
{
    //
    // Custom fields definition array
    $arrFields = array();
    // Add custom fields using following definition:
    // $arrFields[] = array("<input type>", "<name>", "<label>", '<required/optional>', '<minlength/0>');
    //
    // Examples.
    // To add mandatory field with label Phone No without string length checking:
    $arrFields[] = array('text', 'domicilio', 'Domicilio', 'optional', 0);
    $arrFields[] = array('text', 'localidad', 'Localidad', 'optional', 0);
    $arrFields[] = array('text', 'phone', 'Teléfono – Celular', 'optional', 0);
    // To add optional field with label City with checking for minimal string length of 4 symbols:
    //$arrFields[] = array('text', 'city', 'City', 'optional', 4);
    //
    if (!isset($_POST['contactform'])) {
        // Display contact form
        echo '<div class="contact">';
        //<h2>'.l('contact').'</h2>';
        extra('contact');
        echo '<p>' . l('required') . '</p>';
        echo html_input('form', '', 'post', '', '', '', '', '', '', '', '', '', 'post', db('website'), '');
        echo html_input('text', 'name', 'name', '', '* ' . l('name'), 'text', '', '', '', '', '', '', '', '', '');
        echo html_input('text', 'email', 'email', '', '* ' . l('email'), 'text', '', '', '', '', '', '', '', '', '');
        echo html_input('hidden', 'weblink', 'weblink', '', l('url'), 'text', '', '', '', '', '', '', '', '', '');
        //
        // Get output for custom fields
        $strHTML = get_contact_fields($arrFields, $code, 'output');
        echo $strHTML;
        //
        echo html_input('textarea', 'message', 'message', '', '* ' . l('message'), '', '', '', '', '', '5', '5', '', '', '');
        //
        echo mathCaptcha();
        //
        echo '<p>';
        echo html_input('hidden', 'ip', 'ip', $_SERVER['REMOTE_ADDR'], '', '', '', '', '', '', '', '', '', '', '');
        echo html_input('hidden', 'time', 'time', time(), '', '', '', '', '', '', '', '', '', '', '');
        echo html_input('submit', 'contactform', 'contactform', l('submit'), '', 'button', '', '', '', '', '', '', '', '', '');
        echo '</p></form></div>';
        $_SESSION[db('website') . 'contact'] = 0;
    } else {
        // Fetch and clean input data from default contact form
        $to = s('website_email');
        $subject = s('contact_subject');
        $name = trim($_POST['name']);
        $name = strlen($name) > 1 ? clean(cleanXSS($name)) : null;
        $mail = trim($_POST['email']);
        $mail = trim($_POST['email']);
        $mail = strlen($mail) > 7 && preg_match('/^[A-Z0-9._-]+@[A-Z0-9][A-Z0-9.-]{0,61}[A-Z0-9]\\.[A-Z.]{2,6}$/i', $mail) ? clean(cleanXSS($mail)) : null;
        $url = trim($_POST['weblink']);
        $url = strlen($url) > 8 && strpos($url, '?') === false ? clean(cleanXSS($url)) : null;
        $message = trim($_POST['message']);
        $message = strlen($message) > 9 ? stripslashes(cleanXSS($message)) : null;
        $message = strip_tags($message);
        $now = is_numeric($_POST['time']) ? $_POST['time'] : null;
        $ip = strlen($_POST['ip']) < 16 ? clean(cleanXSS($_POST['ip'])) : null;
        //
        // Fetch and clean data from added custom input fields
        $validExtraFields = true;
        $code = 0;
        $strExtraFields = get_contact_fields($arrFields, $code, 'submit');
        if ($code == 1 || $code == 2) {
            // Required fields values missing/invalid
            $validExtraFields = false;
        }
        //
        if ($_SESSION[db('website') . 'contact'] == 0) {
            // Added $validExtraFields to if condition
            if ($ip == $_SERVER['REMOTE_ADDR'] && time() - $now > 4 && $name && $mail && $message && mathCaptcha($_POST['calc'], $_POST['sum']) && $validExtraFields) {
                $header = "MIME-Version: 1.0\n";
                $header .= "Content-type: text/plain; charset=" . s('charset') . "\n";
                $header .= "From: {$name} <{$mail}>\r\nReply-To: {$name} <{$mail}>\r\nReturn-Path: <{$mail}>\r\n";
                $addUrl = isset($url) ? l('url') . ': ' . $url . "\n\n" : '';
                $body = "Message from: " . $name . " <{$mail}>\n" . $addUrl . $strExtraFields . l('message') . ":\n" . $message;
                mail($to, $subject, $body, $header);
                # notify of success
                echo notification(0, l('contact_sent'), 'home');
                $_SESSION[db('website') . 'contact'] = 1;
            } else {
                echo notification(1, l('contact_not_sent'), 'contact');
            }
        }
    }
}
Exemplo n.º 2
0
    function get_attribute_values($attribute_value_type = '', $attribute = array())
    {
        $result = '';
        if (!empty($attribute)) {
            $attribute_id = $attribute['attribute_id'];
            $this_attribute_group_type = $attribute['attribute_group_type'];
            $this_attribute_value_type = $attribute['attribute_value_type'];
            $attribute_values = array();
            if (!empty($attribute['attribute_values'])) {
                $attribute_values = $attribute['attribute_values'];
            }
            if ($attribute_value_type == 'PC') {
                $counter = 0;
                $id = $attribute_id . '_PC_value';
                $class = $attribute_id . '_value';
                $result .= '	<div class="form_field attributes ' . $class . '" id="' . $id . '">
										<div class="form_title">Contact:</div>
										<ul class="form_input picklist_contacts">';
                if ($this_attribute_value_type == 'PC' && !empty($attribute_values)) {
                    foreach ($attribute_values as $attribute_value) {
                        $result .= get_contact_fields($attribute_id, $counter, $attribute_value);
                        $counter++;
                    }
                } else {
                    $result .= get_contact_fields($attribute_id, $counter);
                }
                $result .= '		</ul>
									</div>';
            } elseif ($attribute_value_type == 'PD') {
                $counter = 0;
                $id = $attribute_id . '_PD_value';
                $class = $attribute_id . '_value';
                $result .= '	<div class="form_field attributes ' . $class . '" id="' . $id . '">
										<div class="form_title">Date Field:</div>
										<ul class="form_input picklist_dates">';
                if ($this_attribute_value_type == 'PD' && !empty($attribute_values)) {
                    foreach ($attribute_values as $attribute_value) {
                        $result .= get_date_fields($attribute_id, $counter, $attribute_value);
                        $counter++;
                    }
                } else {
                    $result .= get_date_fields($attribute_id, $counter);
                }
                $result .= '		</ul>
									</div>';
            } elseif ($attribute_value_type == 'PT') {
                $counter = 0;
                $id = $attribute_id . '_PT_value';
                $class = $attribute_id . '_value';
                $result .= '	<div class="form_field attributes ' . $class . '" id="' . $id . '">
										<div class="form_title">Text Field:</div>
										<ul class="form_input picklist_texts">';
                if ($this_attribute_value_type == 'PT' && !empty($attribute_values)) {
                    foreach ($attribute_values as $attribute_value) {
                        $result .= get_text_fields($attribute_id, $counter, $attribute_value);
                        $counter++;
                    }
                } else {
                    $result .= get_text_fields($attribute_id, $counter);
                }
                $result .= '		</ul>
									</div>';
            } elseif ($this_attribute_group_type == 'M' || $attribute_value_type == 'SF') {
                $counter = 0;
                $id = $attribute_id . '_SF_value';
                $class = $attribute_id . '_value';
                $result .= '	<div class="form_field attributes ' . $class . '" id="' . $id . '">
										<div class="form_title">Search String:</div>
										<ul class="form_input search_fields">';
                if ($this_attribute_value_type == 'SF' && !empty($attribute_values)) {
                    foreach ($attribute_values as $attribute_value) {
                        $result .= get_search_fields($attribute_id, $counter, $attribute_value);
                        $counter++;
                    }
                } else {
                    $result .= get_search_fields($attribute_id, $counter);
                }
                $found_value = isset($attribute['client_attribute_found_value']) ? $attribute['client_attribute_found_value'] : '';
                $not_found_value = isset($attribute['client_attribute_not_found_value']) ? $attribute['client_attribute_not_found_value'] : '';
                $found_id = 'attribute_value_found_' . $attribute_id;
                $not_found_id = 'attribute_value_not_found_' . $attribute_id;
                $found_data = array('name' => 'data[attribute_found_value_SF_' . $attribute_id . ']', 'size' => '50', 'maxlength' => '255', 'id' => $found_id);
                $not_found_data = array('name' => 'data[attribute_not_found_value_SF_' . $attribute_id . ']', 'size' => '50', 'maxlength' => '255', 'id' => $not_found_id);
                $result .= '		</ul>
										<div class="form_field found_value first">
											<div class="form_title">Found Value:</div>
											<div class="form_input">
												' . form_input($found_data, $found_value) . '
											</div>
										</div>
										<div class="form_field found_value">
											<div class="form_title">Not Found Value:</div>
											<div class="form_input">
												' . form_input($not_found_data, $not_found_value) . '
											</div>
										</div>
									</div>';
            }
        }
        return $result;
    }