Exemplo n.º 1
0
function parseAndReplaceAll($text, $slotback = '')
{
    global $directdump;
    $directdump = false;
    //[sql.s1.field1.type]
    //[var.name.type]
    //[para.name]
    $newstring = "";
    $oldpos = 0;
    $pos = strpos($text, "[", $oldpos);
    $ifs = array();
    $cif = 0;
    $ifs[$cif] = false;
    while ($pos !== false) {
        //search for close
        $pos2 = strpos($text, "]", $pos);
        if ($pos2 !== false) {
            if ($ifs[$cif]) {
                //ignore only for an [endif]  [fi]
                $token = substr($text, $pos + 1, $pos2 - $pos - 1);
                $arr = explode(".", $token);
                if ($arr[0] == 'if' || $arr[0] == '!if' || $arr[0] == 'nif') {
                    $cif++;
                    $ifs[$cif] = true;
                }
                if ($arr[0] == "endif" || $arr[0] == "fi") {
                    $ifs[$cif] = false;
                    $cif--;
                }
                $oldpos = $pos2 + 1;
            } else {
                if ($directdump) {
                    echo substr($text, $oldpos, $pos - $oldpos);
                } else {
                    $newstring .= substr($text, $oldpos, $pos - $oldpos);
                }
                $oldpos = $pos;
                //we have a token.. anallys
                $token = substr($text, $pos + 1, $pos2 - $pos - 1);
                if (strlen($token)) {
                    $displaytype = "";
                    $displaypara = "";
                    $displayvalue = "";
                    $arr = explode(".", $token);
                    $iftest = false;
                    $ifnegative = false;
                    if (isset($arr[0]) && ($arr[0] == 'if' || $arr[0] == '!if' || $arr[0] == 'nif')) {
                        $iftest = true;
                        if ($arr[0] == '!if' || $arr[0] == 'nif') {
                            $ifnegative = true;
                        }
                        $iftestvalue = "";
                        if (isset($arr[1])) {
                            $iftestvalue = $arr[1];
                        }
                        for ($i = 2; $i < count($arr); $i++) {
                            $arr[$i - 2] = $arr[$i];
                        }
                        if (count($arr)) {
                            unset($arr[count($arr) - 1]);
                        }
                        if (count($arr)) {
                            unset($arr[count($arr) - 1]);
                        }
                    }
                    if (isset($arr[1]) || $token == "fi" || $token == "endif") {
                        switch ($arr[0]) {
                            case 'endif':
                            case 'fi':
                                $oldpos = $pos2 + 1;
                                $ifs[$cif] = false;
                                $cif--;
                                break;
                            case 'sql':
                                //valid
                                $oldpos = $pos2 + 1;
                                if (isset($arr[3])) {
                                    $displaytype = $arr[3];
                                }
                                if (isset($arr[4])) {
                                    $displaypara = $arr[4];
                                }
                                //get value
                                if (isset($arr[1]) && isset($GLOBALS[$arr[1] . '_sql_conn'])) {
                                    if (isset($arr[2])) {
                                        $displayvalue = $GLOBALS[$arr[1] . '_sql_conn']->getvalue($arr[2]);
                                    }
                                    if ($displaytype == "fast" && isset($arr[2])) {
                                        $displayvalue = $GLOBALS[$arr[1] . '_sql_conn']->getvaluefast($arr[2]);
                                        if (isset($arr[4])) {
                                            $displaytype = $arr[4];
                                        }
                                        if (isset($arr[5])) {
                                            $displaypara = $arr[5];
                                        }
                                    }
                                    if ($displaytype == "mins") {
                                        $displaypara = $GLOBALS[$arr[1] . '_sql_conn']->getvalue($arr[2] . "_panala");
                                        require_once "config/dateutils.php";
                                        $diff = timediff($displayvalue, $displaypara, getLT("dateformat"));
                                        $secs = intval(timediffsecs($diff) / 60);
                                        $displayvalue = $secs;
                                        $displaypara = $arr[5];
                                    }
                                } else {
                                    if ($arr[1] == "conn") {
                                        if (isset($arr[2])) {
                                            $displayvalue = $GLOBALS[$arr[1]]->getvalue($arr[2]);
                                        }
                                        if ($displaytype == "fast" && isset($arr[2])) {
                                            $displayvalue = $GLOBALS[$arr[1]]->getvaluefast($arr[2]);
                                            if (isset($arr[4])) {
                                                $displaytype = $arr[4];
                                            }
                                            if (isset($arr[5])) {
                                                $displaypara = $arr[5];
                                            }
                                        }
                                        if ($displaytype == "mins") {
                                            $displaypara = $GLOBALS[$arr[1]]->getvalue($arr[2] . "_panala");
                                            require_once "config/dateutils.php";
                                            $diff = timediff($displayvalue, $displaypara, getLT("dateformat"));
                                            $secs = intval(timediffsecs($diff) / 60);
                                            $displayvalue = $secs;
                                            $displaypara = $arr[5];
                                        }
                                    }
                                }
                                break;
                            case 'var':
                            case 'g':
                                //valid
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = $GLOBALS[$arr[1]];
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                //get value
                                break;
                            case 'cache':
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = cache_getvalue($arr[1]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                //get value
                                break;
                            case 'para':
                                //valid
                                $oldpos = $pos2 + 1;
                                global $_control_replace_sql;
                                if (isset($arr[1])) {
                                    $displayvalue = $_control_replace_sql('@' . $arr[1]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'post':
                                //valid
                                $oldpos = $pos2 + 1;
                                global $_POST;
                                if (isset($arr[1]) && $_POST[$arr[1]] != "") {
                                    $displayvalue = '' . correctPostValue($_POST[$arr[1]]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'posttags':
                                //valid
                                $oldpos = $pos2 + 1;
                                global $_POST;
                                if (isset($arr[1]) && $_POST[$arr[1]] != "") {
                                    $displayvalue = '' . correctPostValue(implode(",", $_POST[$arr[1]]));
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'get':
                                //valid
                                $oldpos = $pos2 + 1;
                                global $_GET;
                                if (isset($arr[1]) && $_GET[$arr[1]] != "") {
                                    $displayvalue = '' . correctPostValue($_GET[$arr[1]]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'config':
                            case 'c':
                                //valid
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = getUserConfig($arr[1]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'cookie':
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1]) && isset($arr[2])) {
                                    $displayvalue = cookie_getvalue($arr[1], $arr[2]);
                                }
                                if (isset($arr[3])) {
                                    $displaytype = $arr[3];
                                }
                                if (isset($arr[4])) {
                                    $displaypara = $arr[4];
                                }
                                break;
                            case 'session':
                            case 's':
                                //valid
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = session_getvalue($arr[1]);
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'utils':
                                //valid
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = $arr[1];
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                break;
                            case 'slot':
                                //we have a callback
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = $arr[1];
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                if ($slotback != '') {
                                    $displayvalue = $slotback($displayvalue, $displaytype, $displaypara);
                                    $displaytype = '';
                                    $displaypara = '';
                                }
                                break;
                            case 'call':
                                //we have a callback
                                $oldpos = $pos2 + 1;
                                if (isset($arr[1])) {
                                    $displayvalue = $arr[1];
                                }
                                if (isset($arr[2])) {
                                    $displaytype = $arr[2];
                                }
                                if (isset($arr[3])) {
                                    $displaypara = $arr[3];
                                }
                                $fn = $displayvalue;
                                if (function_exists($fn)) {
                                    $displayvalue = $fn($displaytype, $displaypara);
                                } else {
                                    $displayvalue = '';
                                }
                                break;
                        }
                    }
                    $displaypara = str_replace('^', '.', $displaypara);
                    if ($iftest) {
                        //we have an ok
                        $cif++;
                        $iftestvalue = str_replace('^', '.', $iftestvalue);
                        if ($ifnegative) {
                            if ($displayvalue != $iftestvalue) {
                                $ifs[$cif] = false;
                            } else {
                                $ifs[$cif] = true;
                            }
                        } else {
                            if ($displayvalue == $iftestvalue) {
                                $ifs[$cif] = false;
                            } else {
                                $ifs[$cif] = true;
                            }
                        }
                    } else {
                        $oldnewstring = $newstring;
                        if ($directdump) {
                            $newstring = '';
                        }
                        switch ($displaytype) {
                            case 'lb':
                                $newstring .= '[';
                                break;
                            case 'rb':
                                $newstring .= ']';
                                break;
                            case 'now':
                                require_once "config/dateutils.php";
                                if ($displayvalue != "") {
                                    $newstring .= date($displayvalue);
                                } else {
                                    $newstring .= showDate(date("Y-m-d"), getLT("dateformat"));
                                }
                                break;
                            case 'date':
                                require_once "config/dateutils.php";
                                if ($displaypara != "") {
                                    if ($displayvalue != "0000-00-00") {
                                        $newstring .= date(str_replace("~", ".", $displaypara), showDate($displayvalue, "time"));
                                    }
                                } else {
                                    $newstring .= showDate($displayvalue, getLT("dateformat"));
                                }
                                break;
                            case 'sqldate':
                                require_once "config/dateutils.php";
                                $newstring .= getDateForMysql($displayvalue, getLT("dateformat"));
                                break;
                            case 'time':
                                require_once "config/dateutils.php";
                                $newstring .= showTime($displayvalue);
                                break;
                            case 'intval':
                                if ($displaypara != "") {
                                    $newstring .= bcadd($displayvalue, '0');
                                } else {
                                    $newstring .= intval($displayvalue);
                                }
                                break;
                            case 'number':
                                $newstring .= showNumber($displayvalue, $displaypara);
                                break;
                            case 'exnumber':
                                $newstring .= number_format(floatval($displayvalue), $displaypara, '.', '');
                                break;
                            case 'zeronumber':
                                if (abs(round($displayvalue) - $displayvalue) <= 0.01) {
                                    $newstring .= showNumber(round($displayvalue), $displaypara);
                                } else {
                                    $newstring .= showNumber($displayvalue, $displaypara);
                                }
                                break;
                            case 'zeros':
                                $newstring .= str_pad($displayvalue, $displaypara, "0", STR_PAD_LEFT);
                                break;
                            case 'spell':
                                require_once "extern/numberspell.php";
                                if (isset($GLOBALS[$displaypara])) {
                                    $newstring .= spellNumber($displayvalue, $GLOBALS[$displaypara]);
                                } else {
                                    $newstring .= spellNumber($displayvalue, getCurrentLang());
                                }
                                break;
                            case 'sqlescape':
                                global $conn;
                                if ($displaypara != "") {
                                    $newstring .= $conn->escape(substr($displayvalue, 0, intval($displaypara)));
                                } else {
                                    $newstring .= $conn->escape($displayvalue);
                                }
                                break;
                            case 'sqlvalues':
                                global $conn;
                                $myvalues = '';
                                $myarr = explode(",", $displayvalue);
                                foreach ($myarr as $kkmk => $kkmv) {
                                    if ($myvalues != "") {
                                        $myvalues .= ",";
                                    }
                                    $myvalues .= "'" . $conn->escape($kkmv) . "'";
                                }
                                if ($myvalues == "") {
                                    $myvalues = "''";
                                }
                                $newstring .= $myvalues;
                                break;
                            case 'split':
                                $sparr = explode(".", trim($displayvalue));
                                $newstring .= $sparr[intval($displaypara)];
                                break;
                            case 'explode':
                                $sparr = explode(" ", trim($displayvalue));
                                $newstring .= $sparr[intval($displaypara)];
                                break;
                            case 'substr':
                                if (intval($displaypara) < 0) {
                                    $newstring .= substr($displayvalue, intval($displaypara));
                                } else {
                                    $newstring .= substr($displayvalue, 0, intval($displaypara));
                                }
                                break;
                            case 'trim':
                                $displayvalue = str_replace(" ", "", trim($displayvalue));
                                $displayvalue = str_replace(".", "", $displayvalue);
                                $displayvalue = str_replace("-", "", $displayvalue);
                                $displayvalue = str_replace("=", "", $displayvalue);
                                $newstring .= $displayvalue;
                                break;
                            case 'html':
                                $newstring .= str_replace("\n", "<br>", $displayvalue);
                                break;
                            case 'nohtml':
                                $newstring .= strip_tags(html_entity_decode2($displayvalue));
                                break;
                            case 'pin':
                                $newstring .= substr(md5($displayvalue), intval($displaypara));
                                break;
                            case 'lang':
                                $newstring .= getLT($displayvalue);
                                break;
                            case 'upper':
                                $newstring .= strtoupper($displayvalue);
                                break;
                            case 'caps':
                                $newstring .= strtoupper(substr(getLT($displayvalue), 0, 1)) . strtolower(substr(getLT($displayvalue), 1));
                                break;
                            case 'lower':
                                $newstring .= strtolower($displayvalue);
                                break;
                            case 'adresa':
                                $newstring .= strtoupper(str_ireplace("zip", "cod postal", $displayvalue));
                                break;
                            case 'full':
                                $newstring .= parseAndReplaceAll($displayvalue, $slotback);
                                break;
                            case 'easyread':
                                $newstring .= strrev(join(str_split(strrev($displayvalue), 3), "."));
                                break;
                            case 'phone':
                                $displayvalue = str_replace("-", "", $displayvalue);
                                $displayvalue = str_replace("/", "", $displayvalue);
                                $displayvalue = str_replace(" ", "", $displayvalue);
                                $displayvalue = str_replace(".", "", $displayvalue);
                                $displayvalue = str_replace(",", "", $displayvalue);
                                $displayvalue = str_replace(",", "", $displayvalue);
                                $displayvalue = substr($displayvalue, 0, 10);
                                $newstring .= $displayvalue;
                                break;
                            case 'seo':
                                $newstring .= buildSeoLink($displayvalue);
                                break;
                            default:
                                $newstring .= $displayvalue;
                                break;
                        }
                        if ($directdump) {
                            echo $newstring;
                            $newstring = $oldnewstring;
                        }
                    }
                }
            }
        }
        $pos = strpos($text, "[", $pos + 1);
    }
    $newstring .= substr($text, $oldpos);
    return $newstring;
}
Exemplo n.º 2
0
function makecontact_execute($action, $slot)
{
    global $_POST;
    global $_GET;
    global $_CONFIG;
    require_once "config/db.php";
    global $conn;
    global $_local_error;
    $_local_error = "";
    global $_local_reloadform;
    $_local_reloadform = "";
    global $render_current_slot;
    global $current_slots;
    //mark slot on execution stack
    $render_current_slot++;
    $current_slots[$render_current_slot] = $slot;
    if (getUserConfig("pageprotection") == "yes") {
        if (isset($_POST['fprotection']) && $_POST['fprotection'] != "") {
            if (isset($_GET['ajax']) && $_GET['ajax'] == 1) {
                if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection'])) {
                    $_local_error = getLT("protectionerror");
                }
            } else {
                if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection']) + 1) {
                    $_local_error = getLT("protectionerror");
                }
            }
        }
    }
    //set default filter
    $control_filter = "";
    $control_name = "makecontact";
    $control_table = "projectissues";
    $control_id = "id";
    //check for rights
    if (getUserConfig('dinsec_makecontact_cando', $action) == 'no') {
        $_local_error = getLT('nopermissions');
    }
    if (getUserConfig('dinsec_makecontact_canpost', $action) == 'no') {
        $_local_error = getLT('nopermissions');
    }
    if (session_getvalue("blockaccess_makecontact") == "yes") {
        $_local_error = getLT('nopermissions');
    }
    if (session_getvalue("blockaccess_projectissues") == "yes") {
        $_local_error = getLT('nopermissions');
    }
    if ($_local_error == "") {
        switch ($action) {
            case 'add':
                if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
                    $_local_error = 'usercanceled';
                    setSlotView($slot, "add");
                    break;
                }
                if ($_local_error == '') {
                    if (!isset($_POST['iname']) || $_POST['iname'] == '' || strip_tags($_POST['iname']) == '') {
                        $_local_error .= getLT('iname') . ' ' . getLT('shouldbefilled');
                    }
                }
                if ($_local_error == '') {
                    if (!isset($_POST['iemail']) || $_POST['iemail'] == '' || strip_tags($_POST['iemail']) == '') {
                        $_local_error .= getLT('iemail') . ' ' . getLT('shouldbefilled');
                    }
                }
                if ($_local_error == '') {
                    if (!isset($_POST['icontactname']) || $_POST['icontactname'] == '' || strip_tags($_POST['icontactname']) == '') {
                        $_local_error .= getLT('icontactname') . ' ' . getLT('shouldbefilled');
                    }
                }
                if ($_local_error == '') {
                    if (!isset($_POST['useraddress'])) {
                        $_local_error .= getLT('javascript?');
                    } else {
                        $ab_def = strtok($_POST['useraddress'], "-");
                        $ab_test = $ab_def . '-' . number_format(floatVal($ab_def . '.12') * 0.34, 4, '.', '');
                        if ($ab_test !== $_POST['useraddress']) {
                            $_local_error .= getLT('antiboterror?');
                        }
                    }
                }
                if ($_local_error == "") {
                    $conn->addnew($control_table);
                    $conn->setvalue('iname', correctPostValue($_POST['iname']));
                    $conn->setvalue('iemail', correctPostValue($_POST['iemail']));
                    $conn->setvalue('icontactname', correctPostValue($_POST['icontactname']));
                    $html = correctPostValue($_POST['idesc']);
                    $html = str_ireplace("<script", "[script", $html);
                    $html = str_ireplace("<link", "[link", $html);
                    $html = str_ireplace("<style", "[style", $html);
                    $conn->setvalue('idesc', $html);
                    $conn->setvalue('projectid', $_CONFIG['projectid']);
                    $conn->setvalue('idate', date("Y-m-d H:i:s"));
                    $id = $conn->update();
                    if ($id != "") {
                        session_addvalue($slot . '_info', getLT('wblank'));
                        session_setvalue($slot . "_viewid", $id);
                        setSlotView($slot, "add");
                    } else {
                        $_local_error = getLT('unableadd');
                        break;
                    }
                }
            case 'sendemail':
                if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
                    $_local_error = 'usercanceled';
                    break;
                }
                if ($_local_error == "") {
                    ob_start();
                    require_once "config/htmlreport.php";
                    require_once "config/templates.php";
                    require_once "config/mail.php";
                    global $_templates;
                    require_once "config/utils.php";
                    $_control_replace_sql = "parseAndReplaceAll";
                    $pdf = new HtmlReport("");
                    $emailbody = ob_get_contents();
                    ob_end_clean();
                    $emailbody = html_entity_decode($emailbody);
                    $emailsubject = getLT('emailcontact');
                    global $mails_sql_conn;
                    $mails_sql_conn = create_db_connection();
                    $mails_sql_conn->openselect($_control_replace_sql("select pemails as email from projects where id=0[config.projectid]"));
                    $noemail = false;
                    if ($mails_sql_conn->eof()) {
                        $noemail = true;
                    }
                    while (!$mails_sql_conn->eof()) {
                        $mailman = createMailObject();
                        $mailman->IsHTML(true);
                        $emailto = $mails_sql_conn->getvalue("email");
                        $emailreply = "";
                        $emailbcc = "";
                        $emailcc = "";
                        $emailfrom = "";
                        $emailbody = getFileContent(getFilePathFor('html', 'makecontact'));
                        require_once "config/utils.php";
                        $emailbody = parseAndReplaceAll($emailbody);
                        $emailreply = correctPostValue($_POST["iemail"]);
                        $mailman->Body = $emailbody;
                        $mailman->Subject = $emailsubject;
                        $mailman->ClearAddresses();
                        $mailman->AddAddress($emailto);
                        if ($emailbcc != "") {
                            $mailman->AddBCC($emailbcc);
                        }
                        if ($emailcc != "") {
                            $mailman->AddCC($emailcc);
                        }
                        if ($emailfrom != "") {
                            $mailman->FromName = "";
                            $mailman->From = $emailfrom;
                        }
                        if ($emailreply != '') {
                            $mailman->AddReplyTo($emailreply);
                        }
                        $mailman->send();
                        $mails_sql_conn->movenext();
                    }
                    $mails_sql_conn->close();
                    if ($noemail) {
                        session_addvalue($slot . '_error', getLT('noemailfound'));
                    } else {
                        session_addvalue($slot . '_info', getLT('yourmessageissent'));
                    }
                }
                break;
            default:
                //$_local_error="slot:".$slot." unknown post action: ".$action;
                setSlotView($slot, "");
                break;
        }
    }
    if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
        //if($_local_error!="") session_addvalue($slot.'_error',getLT($_local_error));
        $_local_error = '';
    } else {
        if ($_local_reloadform != "" || $_local_error != "" || $action == "justreloadform") {
            //save post for later use
            foreach ($_POST as $key => $val) {
                if (is_array($val)) {
                    session_setvalue('savedpost_makecontact_' . $key, correctPostValue(implode(",", str_replace(',', ' ', $_POST[$key]))));
                } else {
                    session_setvalue('savedpost_makecontact_' . $key, correctPostValue($val));
                }
            }
            if ($_local_error != "") {
                session_addvalue($slot . '_error', $_local_error);
            }
        }
    }
    $render_current_slot--;
    return $_local_error;
}