Exemplo n.º 1
0
 function plugin_form_process()
 {
     extract(tep_load('defs', 'database', 'validator', 'message_stack'));
     $cStrings =& $this->strings;
     // self-check
     if (!tep_check_submit($this->form_box)) {
         return false;
     }
     $this->newsletter_subscribe();
     return true;
     $email = isset($_POST['email']) ? $db->prepare_input($_POST['email']) : '';
     if (empty($email)) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
         return true;
     }
     // Get the validated parameters only
     $params = $cValidator->convert_to_get();
     if (isset($_POST['remove'])) {
         $check_query = $db->query("select customers_id, customers_email from " . TABLE_CUSTOMERS . " where newsletter is not null and customers_email = '" . $db->input($email) . "'");
         if (!$db->num_rows($check_query)) {
             $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
             return true;
         }
         $check_array = $db->fetch_array($check_query);
         $sql_data_array = array('newsletter' => 'null');
         $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id='" . (int) $check_array['customers_id'] . "'");
         $msg->add_session(sprintf($cStrings->SUCCESS_PLUGIN_EMAIL_REMOVED, $check_array['customers_email']), 'success');
     } else {
         $check_query = $db->query("select customers_id, newsletter from " . TABLE_CUSTOMERS . " where customers_email = '" . $db->input($email) . "'");
         if (!$db->num_rows($check_query)) {
             if (!tep_validate_email($email)) {
                 $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
                 return true;
             }
             $sql_data_array = array('customers_name' => $email, 'customers_email' => $email, 'newsletter' => serialize(array()));
             $msg->add_session($cStrings->SUCCESS_PLUGIN_EMAIL_SUBSCRIBED);
             $db->perform(TABLE_CUSTOMERS, $sql_data_array);
         } else {
             $check_array = $db->fetch_array($check_query);
             if (!empty($check_array['newsletter'])) {
                 $msg->add($cStrings->ERROR_PLUGIN_EXISTING_EMAIL);
                 return true;
             }
             $sql_data_array = array('newsletter' => serialize(array()));
             $db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id='" . (int) $check_array['customers_id'] . "'");
         }
     }
     tep_redirect(tep_href_link($cDefs->script, $params));
 }
Exemplo n.º 2
0
 function plugin_form_process()
 {
     extract(tep_load('defs', 'http_validator', 'database', 'validator', 'message_stack'));
     $cStrings =& $this->strings;
     // self-check
     if (!tep_check_submit($this->form_box)) {
         return false;
     }
     $result_array = $cValidator->post_validate(array('rating' => array('max' => $this->options['box_steps'], 'min' => 1, 'type' => 'range')));
     // Get the validated parameters only
     $params = $cValidator->convert_to_get();
     $type_id = 0;
     if ($cDefs->gtext_id && $this->options['text_pages']) {
         $type_id = 1;
         $id = $cDefs->gtext_id;
     } elseif ($cDefs->abstract_id) {
         $result = $this->check_collection();
         if ($result !== false) {
             $type_id = 2;
             $id = $cDefs->abstract_id;
         }
     }
     if (!$type_id) {
         $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_PAGE);
         tep_redirect(tep_href_link($cDefs->script, $params));
     }
     if (!isset($_POST['rating']) || $_POST['rating'] > $this->options['box_steps']) {
         $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_RATING);
         tep_redirect(tep_href_link($cDefs->script, $params));
     }
     if ($this->check_reentry($id, $type_id)) {
         $msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_SUBMITTED);
         tep_redirect(tep_href_link($cDefs->script, $params));
     }
     $sql_data_array = array('votes_id' => (int) $id, 'votes_type' => (int) $type_id, 'ip_address' => $db->prepare_input($http->ip_string), 'rating' => (int) $_POST['rating'], 'resolution' => (int) $this->options['box_steps'], 'date_added' => 'now()');
     $db->perform(TABLE_VOTES, $sql_data_array);
     $msg->add_session($cStrings->SUCCESS_PLUGIN_VOTE_ACCEPTED, 'success');
     tep_redirect(tep_href_link($cDefs->script, $params));
     return false;
 }
Exemplo n.º 3
0
 function plugin_form_process()
 {
     extract(tep_load('defs', 'database', 'sessions'));
     $down_id = isset($_GET['down_id']) ? (int) $_GET['down_id'] : 0;
     if (empty($down_id)) {
         return false;
     }
     if (!tep_check_submit($this->form_name . '_' . $down_id)) {
         return false;
     }
     $check_query = $db->query("select filename from " . TABLE_DOWNLOAD . " where auto_id = '" . (int) $down_id . "' and status_id='1'");
     if (!$db->num_rows($check_query)) {
         return false;
     }
     $check_array = $db->fetch_array($check_query);
     $filename = $check_array['filename'];
     if (!empty($filename) && is_file($filename)) {
         header('Content-type: application/x-octet-stream');
         header('Content-disposition: attachment; filename=' . $filename);
         readfile($filename);
     }
     $cSessions->close();
     return true;
 }
Exemplo n.º 4
0
 function plugin_form_process()
 {
     extract(tep_load('defs', 'http_validator', 'database', 'sessions', 'validator', 'message_stack'));
     if (empty($this->entry_result)) {
         return false;
     }
     $cStrings =& $this->strings;
     $this->storage =& $cSessions->register($this->key, $this->storage);
     $buttons_array = array();
     if ($this->options['anti_bot']) {
         $buttons_array = $this->storage['css_buttons'];
         unset($buttons_array['visible_button']);
         $buttons_array = array_values($buttons_array);
     }
     // anti-bot verification check
     if (!$this->storage['process'] || !tep_check_submit($this->storage['visible_button'], $buttons_array)) {
         return false;
     }
     if ($this->options['display_rating']) {
         $min_rating = 1;
     } else {
         $_POST['rating'] = 0;
         $min_rating = 0;
     }
     $result_array = $cValidator->post_validate(array('email' => array('max' => 100, 'min' => 7), 'rating' => array('max' => $this->options['rating_steps'], 'min' => $min_rating, 'type' => 'range'), 'name' => array('max' => 64, 'min' => 3), 'comment' => array('max' => 10000, 'min' => 6), 'url' => array('max' => 250, 'min' => 0)));
     // Get the validated parameters only
     $params = $cValidator->convert_to_get();
     $idx_array = $this->get_content_indices();
     if (empty($idx_array)) {
         $msg->add_session($cStrings->ERROR_PLUGIN_INVALID_PAGE);
         tep_redirect(tep_href_link($cDefs->script, $params));
     }
     $error = false;
     if (!empty($result_array['rating'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_RATING);
         $error = true;
     }
     if (!empty($result_array['name'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_NAME);
         $error = true;
     }
     if (!empty($result_array['comment'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_COMMENT);
         $error = true;
     }
     if (!empty($result_array['url'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_URL);
         $error = true;
     }
     if (!empty($result_array['email'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
         $error = true;
     }
     if ($error) {
         return true;
     }
     $error = false;
     $body = $db->prepare_input($_POST['comment'], false);
     $body_key = md5($body);
     if ($this->check_reentry($body_key)) {
         $msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_SUBMITTED);
         tep_redirect(tep_href_link($cDefs->script, $params));
     }
     if (!tep_validate_email($_POST['email'])) {
         $msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
         $error = true;
     }
     $url = $db->prepare_input($_POST['url']);
     if (!tep_validate_url($url)) {
         if (!empty($_POST['url'])) {
             $msg->add($cStrings->ERROR_PLUGIN_INVALID_URL);
             $error = true;
         }
         $url = '';
     }
     if (!empty($url) && substr($url, 0, 7) != 'http://') {
         $url = 'http://' . $url;
     }
     if ($error) {
         return true;
     }
     $body = $db->prepare_input($_POST['comment'], false);
     $sql_data_array = array('comments_id' => (int) $idx_array['id'], 'content_type' => (int) $idx_array['type_id'], 'comments_author' => $db->prepare_input($_POST['name']), 'comments_email' => $db->prepare_input($_POST['email']), 'comments_url' => $url, 'comments_body' => $body, 'comments_key' => $body_key, 'ip_address' => $db->prepare_input($http->ip_string), 'comments_rating' => (int) $_POST['rating'], 'resolution' => (int) $this->options['rating_steps'], 'date_added' => 'now()', 'status_id' => (int) $this->options['auto_display']);
     $db->perform(TABLE_COMMENTS, $sql_data_array);
     $msg->add_session($cStrings->SUCCESS_PLUGIN_COMMENT_ACCEPTED, 'success');
     $cSessions->unregister($this->key);
     tep_redirect(tep_href_link($cDefs->script, $params));
     return false;
 }