<?php
require "../../global/session_start.php";
ft_check_permission("admin");
_ft_cache_form_stats();
if (isset($_GET["reset"])) {
$_SESSION["ft"]["form_sort_order"] = "";
$_SESSION["ft"]["form_search_keyword"] = "";
$_SESSION["ft"]["form_search_status"] = "";
$_SESSION["ft"]["form_search_client_id"] = "";
}
$order = ft_load_field("order", "form_sort_order", "form_id-DESC");
$keyword = ft_load_field("keyword", "form_search_keyword", "");
$status = ft_load_field("status", "form_search_status", "");
$client_id = ft_load_field("client_id", "form_search_client_id", "");
$search_criteria = array("order" => $order, "keyword" => $keyword, "status" => $status, "client_id" => $client_id);
$num_forms = ft_get_form_count();
$forms = ft_search_forms($client_id, true, $search_criteria);
$clients = ft_get_client_list();
// ------------------------------------------------------------------------------------------------
// compile template info
$page_vars = array();
$page_vars["page"] = "admin_forms";
$page_vars["page_url"] = ft_get_page_url("admin_forms");
$page_vars["head_title"] = $LANG["word_forms"];
$page_vars["has_client"] = count($clients) > 0 ? true : false;
$page_vars["num_forms"] = $num_forms;
$page_vars["max_forms_reached"] = !empty($g_max_ft_forms) && $num_forms >= $g_max_ft_forms ? true : false;
$page_vars["max_forms"] = $g_max_ft_forms;
$page_vars["notify_max_forms_reached"] = ft_eval_smarty_string($LANG["notify_max_forms_reached"], array("max_forms" => $g_max_ft_forms));
$page_vars["forms"] = $forms;
<?php
require_once "../../global/session_start.php";
ft_check_permission("client");
$request = array_merge($_POST, $_GET);
$account_id = $_SESSION["ft"]["account"]["account_id"];
// store the current selected tab in memory
$page = ft_load_field("page", "account_page", "main");
$same_page = ft_get_clean_php_self();
$tabs = array("main" => array("tab_label" => $LANG["word_main"], "tab_link" => "{$same_page}?page=main"), "settings" => array("tab_label" => $LANG["word_settings"], "tab_link" => "{$same_page}?page=settings"));
// ------------------------------------------------------------------------------------------
switch ($page) {
case "main":
include "page_main.php";
break;
case "settings":
include "page_settings.php";
break;
default:
include "page_main.php";
break;
}
<?php
/**
* Actions.php
*
* This file handles all server-side responses for Ajax requests. As of 2.0.0, it returns information
* in JSON format to be handled by JS.
*/
// -------------------------------------------------------------------------------------------------
// this var prevents the default behaviour of auto-logging the user out
$g_check_ft_sessions = false;
require_once "../session_start.php";
// check the permissions
$permission_check = ft_check_permission("user", false);
// check the sessions haven't timeoutted
$sessions_still_valid = ft_check_sessions_timeout(false);
if (!$sessions_still_valid) {
@session_destroy();
$_SESSION["ft"] = array();
$permission_check["has_permission"] = false;
$permission_check["message"] = "session_expired";
}
// the action to take and the ID of the page where it will be displayed (allows for
// multiple calls on same page to load content in unique areas)
$request = array_merge($_GET, $_POST);
$action = $request["action"];
// To be deprecated! This is the pre-jQuery way to return vars back. Change to use return_vars, which passes an object
// ------------
// Find out if we need to return anything back with the response. This mechanism allows us to pass any information
// between the Ajax submit function and the Ajax return function. Usage:
// "return_vals[]=question1:answer1&return_vals[]=question2:answer2&..."
<?php
require "../../global/session_start.php";
// this just checks that SOMEONE's logged in - even someone via the Submission Accounts module
ft_check_permission("user");
ft_include_module("pages");
$request = array_merge($_POST, $_GET);
$page_id = $request["id"];
$page_info = pg_get_page($page_id);
// check permissions! The above code handles booting a user out if they're not logged in,
// so the only case we're worried about
$account_type = isset($_SESSION["ft"]["account"]["account_type"]) ? $_SESSION["ft"]["account"]["account_type"] : "";
$account_id = isset($_SESSION["ft"]["account"]["account_id"]) ? $_SESSION["ft"]["account"]["account_id"] : "";
if ($account_type == "client" && $page_info["access_type"] == "private") {
if (!in_array($account_id, $page_info["clients"])) {
ft_handle_error("Sorry, you do not have permissions to see this page.");
exit;
}
}
$content = $page_info["content"];
switch ($page_info["content_type"]) {
case "php":
ob_start();
eval($page_info["content"]);
$content = ob_get_contents();
ob_end_clean();
break;
case "smarty":
$content = ft_eval_smarty_string($page_info["content"]);
break;
}
/**
* This function should be called at the top of every module page - or at least every module page that wants to
* retain the custom module nav. It does the following:
*
* - start sessions
* - checks permission
* - loads the module language file into the $LANG[module_folder] variable in the global namespace with
* the users chosen language (or if it doesn't exist, the module's default language). It also
* loads the language snippets into a $L global, for shorter use. So these are synonymous:
* $LANG.image_manager.phrase_hello_world
* $L.phrase_hello_world
*
* (the longer option is provided simply for consistency: that's how you access the module language variables in
* regular Form Tools pages after using the ft_include_module() function).
*
* @param string $account_type who is allowed to see this module page: "admin", "client"
*/
function ft_init_module_page($account_type = "admin")
{
global $g_root_dir, $g_session_type, $g_session_save_path, $g_check_ft_sessions, $LANG;
if ($g_session_type == "database") {
$sess = new SessionManager();
}
if (!empty($g_session_save_path)) {
session_save_path($g_session_save_path);
}
@session_start();
header("Cache-control: private");
header("Content-Type: text/html; charset=utf-8");
ft_check_permission($account_type);
if ($g_check_ft_sessions && isset($_SESSION["ft"]["account"])) {
ft_check_sessions_timeout();
}
$module_folder = _ft_get_current_module_folder();
// if there's a library file defined, include it
if (is_file("{$g_root_dir}/modules/{$module_folder}/library.php")) {
include_once "{$g_root_dir}/modules/{$module_folder}/library.php";
}
// get the language file content
$content = ft_get_module_lang_file_contents($module_folder);
$LANG[$module_folder] = $content;
$GLOBALS["L"] = $content;
extract(ft_process_hook_calls("end", compact("account_type", "module_folder"), array()), EXTR_OVERWRITE);
}