function store_message($items, $form) { global $xoopsUser, $xoopsDB, $xoopsModuleConfig; $uid = is_object($xoopsUser) ? $xoopsUser->getVar('uid') : 0; $store = $form['store']; if ($store == _DB_STORE_NONE) { $showaddr = true; // no store to need show address } else { $showaddr = get_attr_value(null, 'notify_with_email'); } $from = $email = ""; $attach = array(); $vals = array(); $rtext = ''; foreach ($items as $item) { if (empty($item['name'])) { continue; } $name = $item['name']; $val = $item['value']; $vals[$name] = $val; $opts =& $item['options']; switch ($item['type']) { case 'mail': if (empty($email)) { // save first email for contact $email = $vals[$name]; $mail_name = $name; if ($showaddr) { $from = $email; break; } continue 2; /* PHP switch catch continue! */ } break; case 'file': $val = $vals[$name]; if ($val) { $vals[$name] = "file=" . $val; $attach[] = $val; } break; case 'radio': case 'select': if (isset($opts[$val])) { $val = strip_tags($opts[$val]); } break; case 'checkbox': foreach ($val as $k => $v) { $val[$k] = isset($opts[$v]) ? strip_tags($opts[$v]) : $v; } $val = join(', ', $val); break; } if (!empty($val) && preg_match('/\\n/', $val)) { $val = "\n\t" . preg_replace('/\\n/', "\n\t", $val); } $rtext .= strip_tags($item['label']) . ": {$val}\n"; } // remove if not show/store email address in database if (!$showaddr && isset($mail_name)) { unset($vals[$mail_name]); } $text = serialize_text($vals); // store value $onepass = $uid == 0 ? cc_onetime_ticket($email) : ""; if ($form['priuid'] < 0) { $touid = empty($form['priuser']) ? 0 : $form['priuser']['uid']; } else { $touid = $form['priuid']; } $now = time(); $values = array('uid' => $uid, 'touid' => $touid, 'ctime' => $now, 'mtime' => $now, 'atime' => $now, 'fidref' => $form['formid'], 'email' => $xoopsDB->quoteString($email), 'onepass' => $xoopsDB->quoteString($onepass)); $parg = $onepass ? "&p=" . urlencode($onepass) : ""; if ($store == _DB_STORE_YES) { $values['body'] = $xoopsDB->quoteString($text); } if ($store != _DB_STORE_NONE) { $res = $xoopsDB->query("INSERT INTO " . CCMES . "(" . join(',', array_keys($values)) . ") VALUES (" . join(',', $values) . ")"); if ($res === false) { return array("Error in DATABASE insert"); } $id = $xoopsDB->getInsertID(); if (empty($id)) { return array("Internal Error in Store Message"); } } else { $id = 0; } $member_handler =& xoops_gethandler('member'); if ($touid) { $toUser = $member_handler->getUser($touid); $toUname = $toUser->getVar('uname'); } else { $toUser = false; $toUname = _MD_CONTACT_NOTYET; } $atext = ""; // reply sender $btext = ""; // to contact and monitors if (count($attach)) { $atext = $btext = "\n" . _MD_ATTACHMENT . "\n"; foreach ($attach as $i => $file) { move_attach_file('', $file, $id); $a = cc_attach_image($id, $file, true); $atext .= "{$a}{$parg}\n"; $btext .= "{$a}\n"; } rmdir(XOOPS_UPLOAD_PATH . cc_attach_path(0, '')); } $dirname = basename(dirname(__FILE__)); $uname = $xoopsUser ? $xoopsUser->getVar('uname') : $GLOBALS['xoopsConfig']['anonymous']; $tags = array('SUBJECT' => $form['title'], 'TO_USER' => $toUname, 'FROM_USER' => $uname, 'FROM_EMAIL' => $email, 'REMOTE_ADDR' => $_SERVER["REMOTE_ADDR"], 'HTTP_USER_AGENT' => $_SERVER["HTTP_USER_AGENT"], 'MSGID' => $id); foreach ($vals as $k => $v) { $tags[$k] = is_array($v) ? implode(', ', $v) : $v; } $tpl = get_attr_value(null, 'from_confirm_tpl', 'form_confirm.tpl'); $msgurl = XOOPS_URL . ($id ? "/modules/{$dirname}/message.php?id={$id}" : '/'); if ($email) { // reply automaticaly $tags['VALUES'] = "{$rtext}{$atext}"; $tags['MSG_URL'] = $store == _DB_STORE_NONE ? '' : "\n" . _MD_NOTIFY_URL . "\n{$msgurl}{$parg}"; cc_notify_mail($tpl, $tags, $email, $toUser ? $toUser->getVar('email') : ''); } $tags['VALUES'] = "{$rtext}{$btext}"; $tags['MSG_URL'] = $store == _DB_STORE_NONE ? '' : "\n" . _MD_NOTIFY_URL . "\n" . $msgurl; $notification_handler =& xoops_gethandler('notification'); $notification_handler->triggerEvent('global', 0, 'new', $tags); $notification_handler->triggerEvent('form', $form['formid'], 'new', $tags); // force subscribe sender and recipient if ($id) { $notification_handler->subscribe('message', $id, 'comment'); } if ($touid) { if ($id) { $notification_handler->subscribe('message', $id, 'comment', null, null, $touid); } cc_notify_mail(get_attr_value(null, 'charge_notify_tpl', $tpl), $tags, $toUser, $from); } elseif ($form['cgroup']) { // contact group notify $users = $member_handler->getUsersByGroup($form['cgroup'], true); cc_notify_mail(get_attr_value(null, 'group_notify_tpl', $tpl), $tags, $users, $from); } if ($id) { $msgurl .= $parg; } $redirect = get_attr_value(null, 'redirect'); if (!empty($redirect)) { $msgurl = preg_match('/^\\//', $redirect) ? XOOPS_URL . $redirect : $redirect; } redirect_header($msgurl, 3, _MD_CONTACT_DONE); exit; }
function assign_post_values(&$items) { global $myts; $errors = array(); foreach ($items as $key => $item) { if (empty($item['field'])) { continue; } $name = $item['field']; $type = $item['type']; $lab = $item['label']; $attr =& $item['attr']; $check = !empty($attr['check']) ? $attr['check'] : ""; $val = ''; if (isset($_POST[$name])) { $val = $_POST[$name]; if (is_array($val)) { foreach ($val as $n => $v) { $val[$n] = $myts->stripSlashesGPC($v); } } else { $val = $myts->stripSlashesGPC($val); } } switch ($type) { case 'checkbox': if (empty($val)) { $val = array(); } $idx = array_search(LABEL_ETC, $val); // etc if (is_int($idx)) { $val[$idx] = strip_tags($item['options'][LABEL_ETC]) . " " . $myts->stripSlashesGPC($_POST[$name . "_etc"]); } break; case 'radio': if ($val == LABEL_ETC) { // etc $val = strip_tags($item['options'][LABEL_ETC]) . " " . $myts->stripSlashesGPC($_POST[$name . "_etc"]); } break; case 'hidden': case 'const': $val = eval_user_value(join(',', $item['options'])); break; case 'file': $upfile = isset($_FILES[$name]) ? $_FILES[$name] : array('name' => ''); $fname = $upfile['name']; $exts = preg_wildcard(get_attr_value($attr, 'accept_ext')); $types = preg_wildcard(get_attr_value($attr, 'accept_type')); if ($exts && $fname) { if (!preg_match("/\\.({$exts})\$/", $fname, $d)) { $errors[] = $lab . ": " . _MD_UPLOADFILE_ERR; } elseif ($types) { $aexts = explode('|', $exts); $nth = array_search($d[1], $exts, $ext); $atypes = explode('|', $types); // same count accept to check strict if (count($aexts) == count($atypes)) { $types = $atypes[$nth]; } } } $tmpfile = isset($upfile['tmp_name']) ? $upfile['tmp_name'] : null; if ($types && $tmpfile) { $ftype = cc_mime_content_type($tmpfile); if (!preg_match('/^(' . $types . ')$/', $ftype)) { $errors[] = $lab . ": " . _MD_UPLOADFILE_ERR; } } $val = ''; // filename $prename = $name . "_prev"; if (isset($_POST[$prename])) { $val = $myts->stripSlashesGPC($_POST[$prename]); if (!empty($fname)) { unlink(XOOPS_UPLOAD_PATH . cc_attach_path(0, $val)); $val = ''; } } if (empty($val)) { $val = $fname; if ($val) { move_attach_file($tmpfile, $val); } elseif (isset($_POST[$name])) { // confirm $val = $myts->stripSlashesGPC($_POST[$name]); } } break; case 'mail': if (is_object($GLOBALS['xoopsUser']) && get_attr_value(null, 'input_mail_login', '') == 'no') { continue 2; } $name .= '_conf'; if (!checkEmail($val)) { $errors[] = $lab . ": " . _MD_ADDRESS_ERR; } if (get_attr_value(null, 'input_mail_confirm', '') != 'no' && isset($_POST[$name])) { if ($val != $myts->stripSlashesGPC($_POST[$name])) { $errors[] = sprintf(_MD_CONF_LABEL, $lab) . ": " . _MD_CONFIRM_ERR; } } break; } switch ($check) { case '': break; case 'require': if ($val === '') { $errors[] = $lab . ": " . _MD_REQUIRE_ERR; } break; case 'mail': if (!checkEmail($val)) { $errors[] = $lab . ": " . _MD_ADDRESS_ERR; } break; case 'num': $check = 'numeric'; default: $v = get_attr_value(null, $check); if (!empty($v)) { $check = $v; } if (!preg_match('/^' . $check . '$/', $val)) { $errors[] = $lab . ": " . ($val ? _MD_REGEXP_ERR : _MD_REQUIRE_ERR); } break; } $items[$key]['value'] = $val; } return $errors; }