/**
* Called by test form submission during form setup procedure. This stores a complete form submission
* in the database for examination and pruning by the administrator. Error / notification messages are
* displayed in the language of the currently logged in administrator.
*
* It works with both submissions sent through process.php and the API.
*
* @param array $form_data a hash of the COMPLETE form data (i.e. all fields)
*/
function ft_initialize_form($form_data)
{
global $g_table_prefix, $g_root_dir, $g_multi_val_delimiter, $LANG, $g_default_datetime_format;
$textbox_field_type_id = ft_get_field_type_id_by_identifier("textbox");
$date_field_type_id = ft_get_field_type_id_by_identifier("date");
$date_field_type_datetime_setting_id = ft_get_field_type_setting_id_by_identifier($date_field_type_id, "display_format");
$date_field_type_timezone_setting_id = ft_get_field_type_setting_id_by_identifier($date_field_type_id, "apply_timezone_offset");
$display_notification_page = isset($form_data["form_tools_display_notification_page"]) ? $form_data["form_tools_display_notification_page"] : true;
// escape the incoming values
$form_data = ft_sanitize($form_data);
$form_id = $form_data["form_tools_form_id"];
// check the form ID is valid
if (!ft_check_form_exists($form_id, true)) {
$page_vars = array("message_type" => "error", "error_code" => 100);
ft_display_page("error.tpl", $page_vars);
exit;
}
$form_info = ft_get_form($form_id, true);
// if this form has already been completed, exit with an error message
if ($form_info["is_complete"] == "yes") {
$page_vars = array("message_type" => "error", "error_code" => 101);
ft_display_page("error.tpl", $page_vars);
exit;
}
// since this form is still incomplete, remove any old records from form_fields concerning this form
$query = mysql_query("\n DELETE FROM {$g_table_prefix}form_fields\n WHERE form_id = {$form_id}\n ");
// remove irrelevant key-values
unset($form_data["form_tools_initialize_form"]);
unset($form_data["form_tools_submission_id"]);
unset($form_data["form_tools_form_id"]);
unset($form_data["form_tools_display_notification_page"]);
$order = 1;
// add the submission ID system field ("ID" can be changed by the user via the interface)
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_test_value, field_type_id, is_system_field,\n data_type, field_title, col_name, list_order, is_new_sort_group)\n VALUES ({$form_id}, 'core__submission_id', '', {$textbox_field_type_id}, 'yes', 'number', '{$LANG["word_id"]}',\n 'submission_id', '{$order}', 'yes')\n ");
if (!$query) {
$page_vars = array("message_type" => "error", "error_code" => 102, "error_type" => "system", "debugging" => "<b>" . __FUNCTION__ . ", " . __FILE__ . "</b>, failed query: " . mysql_error());
ft_display_page("error.tpl", $page_vars);
exit;
}
$order++;
while (list($key, $value) = each($form_data)) {
// if the value is an array, it's either a checkbox field or a multi-select field. Just
// comma-separate them
if (is_array($value)) {
$value = join("{$g_multi_val_delimiter}", $value);
}
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_type_id, is_system_field,\n field_test_value, data_type, list_order, is_new_sort_group)\n VALUES ({$form_id}, '{$key}', 1, 'no', '{$value}', 'string', '{$order}', 'yes')\n ");
if (!$query) {
$page_vars = array("message_type" => "error", "error_code" => 103, "error_type" => "system", "debugging" => "<b>" . __FUNCTION__ . ", " . __FILE__ . "</b>, failed query: " . mysql_error());
ft_display_page("error.tpl", $page_vars);
exit;
}
$order++;
}
// now see if any files were uploaded, too. ** don't actually upload the file, just allocate a
// spot for the filename string in the database. The user will have to configure the field settings
// later
while (list($key, $fileinfo) = each($_FILES)) {
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_type_id, is_system_field,\n field_test_value, data_type, list_order)\n VALUES ({$form_id}, '{$key}', 8, 'no', '{$LANG["word_file_b_uc"]}', 'string', '{$order}')\n ");
if (!$query) {
$page_vars = array("message_type" => "error", "error_code" => 104, "error_type" => "system", "debugging" => "<b>" . __FUNCTION__ . ", " . __FILE__ . "</b>, failed query: " . mysql_error());
ft_display_page("error.tpl", $page_vars);
exit;
}
$order++;
}
// add the Submission Date, Last Modified Date and IP Address system fields. For the date fields, we also
// add in a custom formatting to display the full datetime. This is because the default date formatting is date only -
// I think that's probably going to be more useful as a default than a datetime - hence the extra work here
// submission date
$order1 = $order;
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_test_value, field_type_id, is_system_field,\n field_title, data_type, col_name, list_order)\n VALUES ({$form_id}, 'core__submission_date', '', {$date_field_type_id}, 'yes', '{$LANG["word_date"]}',\n 'date', 'submission_date', '{$order1}')\n ");
$submission_date_field_id = mysql_insert_id();
mysql_query("\n INSERT INTO {$g_table_prefix}field_settings (field_id, setting_id, setting_value)\n VALUES ({$submission_date_field_id}, {$date_field_type_datetime_setting_id}, '{$g_default_datetime_format}')\n ");
mysql_query("\n INSERT INTO {$g_table_prefix}field_settings (field_id, setting_id, setting_value)\n VALUES ({$submission_date_field_id}, {$date_field_type_timezone_setting_id}, 'yes')\n ");
// last modified date
$order2 = $order + 1;
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_test_value, field_type_id, is_system_field,\n field_title, data_type, col_name, list_order)\n VALUES ({$form_id}, 'core__last_modified', '', {$date_field_type_id}, 'yes', '{$LANG["phrase_last_modified"]}',\n 'date', 'last_modified_date', '{$order2}')\n ");
$last_modified_date_field_id = mysql_insert_id();
mysql_query("\n INSERT INTO {$g_table_prefix}field_settings (field_id, setting_id, setting_value)\n VALUES ({$last_modified_date_field_id}, {$date_field_type_datetime_setting_id}, '{$g_default_datetime_format}')\n ");
mysql_query("\n INSERT INTO {$g_table_prefix}field_settings (field_id, setting_id, setting_value)\n VALUES ({$last_modified_date_field_id}, {$date_field_type_timezone_setting_id}, 'yes')\n ");
// ip address
$order3 = $order + 2;
$query = mysql_query("\n INSERT INTO {$g_table_prefix}form_fields (form_id, field_name, field_test_value, field_type_id, is_system_field,\n field_title, data_type, col_name, list_order)\n VALUES ({$form_id}, 'core__ip_address', '', {$textbox_field_type_id}, 'yes', '{$LANG["phrase_ip_address"]}',\n 'number', 'ip_address', '{$order3}')\n ");
if (!$query) {
$page_vars = array("message_type" => "error", "error_code" => 105, "error_type" => "system", "debugging" => "<b>" . __FUNCTION__ . ", " . __FILE__ . "</b>, failed query: " . mysql_error());
ft_display_page("error.tpl", $page_vars);
exit;
}
// finally, set this form's "is_initialized" value to "yes", so the administrator can proceed to
// the next step of the Add Form process.
mysql_query("\n UPDATE {$g_table_prefix}forms\n SET is_initialized = 'yes'\n WHERE form_id = {$form_id}\n ");
// alert a "test submission complete" message. The only time this wouldn't be outputted would be
// if this function is being called programmatically, like with the blank_form module
if ($display_notification_page) {
$page_vars = array();
$page_vars["message"] = $LANG["processing_init_complete"];
$page_vars["message_type"] = "notify";
$page_vars["title"] = $LANG["phrase_test_submission_received"];
ft_display_page("error.tpl", $page_vars);
exit;
}
}
foreach ($updated_modules as $module_info) {
// we can rely on these guys being returned first
if ($module_info["is_installed"] == "no") {
$sorted_modules[] = $module_info;
} else {
if ($module_info["needs_upgrading"]) {
$sorted_modules[] = $module_info;
} else {
$installed_modules[] = $module_info;
}
}
}
$modules = array_merge($sorted_modules, $installed_modules);
// ------------------------------------------------------------------------------------------
// compile header information
$page_vars = array();
$page_vars["page"] = "modules";
$page_vars["page_url"] = ft_get_page_url("modules");
$page_vars["head_title"] = $LANG["word_modules"];
$page_vars["modules"] = $modules;
$page_vars["num_modules"] = $num_modules;
$page_vars["order"] = $order;
$page_vars["search_criteria"] = $search_criteria;
$page_vars["module_ids_in_page"] = $module_ids_in_page;
$page_vars["pagination"] = ft_get_dhtml_page_nav(count($modules), $_SESSION["ft"]["settings"]["num_modules_per_page"], 1);
$page_vars["js_messages"] = array("validation_modules_search_no_status", "phrase_please_enter_license_key", "word_yes", "word_no", "phrase_please_confirm", "confirm_uninstall_module", "word_close", "word_verify", "notify_invalid_license_key", "notify_license_key_no_longer_valid", "notify_unknown_error");
$page_vars["head_string"] = <<<END
<script src="../../global/scripts/manage_modules.js"></script>
END;
ft_display_page("admin/modules/index.tpl", $page_vars);
ms.num_results_per_page = {$results_per_page};
\$(function() {
ms.init_submissions_page();
if (\$("#search_field").length) {
ms.change_search_field(\$("#search_field").val());
\$("#search_field").bind("keyup change", function() {
ms.change_search_field(this.value);
});
}
if (\$("#search_date").length) {
\$("#search_date").daterangepicker({
dateFormat: "{$date_field_search_js_format}",
doneButtonText: "{$LANG["word_done"]}",
presetRanges: [
{text: '{$LANG["word_today"]}', dateStart: 'today', dateEnd: 'today' },
{text: '{$LANG["phrase_last_7_days"]}', dateStart: 'today-7days', dateEnd: 'today' },
{text: '{$LANG["phrase_month_to_date"]}', dateStart: function(){ return Date.parse('today').moveToFirstDayOfMonth(); }, dateEnd: 'today' },
{text: '{$LANG["phrase_year_to_date"]}', dateStart: function(){ var x= Date.parse('today'); x.setMonth(0); x.setDate(1); return x; }, dateEnd: 'today' },
{text: '{$LANG["phrase_the_previous_month"]}', dateStart: function(){ return Date.parse('1 month ago').moveToFirstDayOfMonth(); }, dateEnd: function(){ return Date.parse('1 month ago').moveToLastDayOfMonth(); } }
],
datepickerOptions: {
changeYear: true,
changeMonth: true
}
});
}
});
END;
ft_display_page("admin/forms/submissions.tpl", $page_vars);
<?php
if (isset($request["update_main"])) {
list($g_success, $g_message) = ft_update_main_settings($_POST);
}
$page_vars = array();
$page_vars["page"] = "main";
$page_vars["page_url"] = ft_get_page_url("settings_main");
$page_vars["tabs"] = $tabs;
$page_vars["head_title"] = "{$LANG["word_settings"]} - {$LANG["word_main"]}";
$replacement_info = array("datefunctionlink" => '<a href="http://ca3.php.net/manual/en/function.date.php" target="_blank">date()</a>');
$page_vars["text_date_formatting_link"] = ft_eval_smarty_string($LANG["text_date_formatting_link"], $replacement_info);
$page_vars["head_js"] = <<<END
var rules = [];
rules.push("required,program_name,{$LANG["validation_no_program_name"]}");
rules.push("required,num_clients_per_page,{$LANG["validation_no_num_clients_per_page"]}");
rules.push("digits_only,num_clients_per_page,{$LANG["validation_invalid_num_clients_per_page"]}");
rules.push("required,num_emails_per_page,{$LANG["validation_no_num_emails_per_page"]}");
rules.push("digits_only,num_emails_per_page,{$LANG["validation_invalid_num_emails_per_page"]}");
rules.push("required,num_forms_per_page,{$LANG["validation_no_num_forms_per_page"]}");
rules.push("digits_only,num_forms_per_page,{$LANG["validation_invalid_num_forms_per_page"]}");
rules.push("required,num_option_lists_per_page,{$LANG["validation_no_num_option_lists_per_page"]}");
rules.push("digits_only,num_option_lists_per_page,{$LANG["validation_invalid_num_option_lists_per_page"]}");
rules.push("required,num_menus_per_page,{$LANG["validation_no_num_menus_per_page"]}");
rules.push("digits_only,num_menus_per_page,{$LANG["validation_invalid_num_menus_per_page"]}");
rules.push("required,num_modules_per_page,{$LANG["validation_no_num_modules_per_page"]}");
rules.push("digits_only,num_modules_per_page,{$LANG["validation_invalid_num_modules_per_page"]}");
END;
ft_display_page("admin/settings/index.tpl", $page_vars);
$updated_option_lists = array();
foreach ($option_lists as $option_list) {
$list_id = $option_list["list_id"];
// add the number of fields that use this option group
$option_list["num_fields"] = ft_get_num_fields_using_option_list($list_id);
if ($option_list["num_fields"] > 0) {
$option_list["fields"] = ft_get_fields_using_option_list($list_id, array("group_by_form" => true));
}
// add the total number of options in this group
$option_list["num_option_list_options"] = ft_get_num_options_in_option_list($list_id);
$updated_option_lists[] = $option_list;
}
$all_option_lists = ft_get_option_lists("all");
// ------------------------------------------------------------------------------------------------
// compile template info
$page_vars = array();
$page_vars["page"] = "option_lists";
$page_vars["text_option_list_page"] = ft_eval_smarty_string($LANG["text_option_list_page"], array("link" => "../add/step1.php"));
$page_vars["page_url"] = ft_get_page_url("option_lists");
$page_vars["head_title"] = $LANG["phrase_option_lists"];
$page_vars["option_lists"] = $updated_option_lists;
$page_vars["num_option_lists"] = $num_option_lists;
$page_vars["all_option_lists"] = $all_option_lists["results"];
$page_vars["order"] = $order;
$page_vars["js_messages"] = array("validation_delete_non_empty_option_list", "confirm_delete_option_list", "phrase_please_confirm", "word_yes", "word_no", "word_edit", "word_remove");
$page_vars["pagination"] = ft_get_page_nav($num_option_lists, $num_option_lists_per_page, $option_list_page);
$page_vars["head_string"] = <<<END
<script src="{$g_root_url}/global/scripts/manage_option_lists.js"></script>
END;
ft_display_page("admin/forms/option_lists/index.tpl", $page_vars);
<?php
if (isset($request["update_public_form_omit_list"])) {
list($g_success, $g_message) = ft_update_public_form_omit_list($request, $form_id);
}
$form_info = ft_get_form($form_id);
$form_omit_list = ft_get_public_form_omit_list($form_id);
// ------------------------------------------------------------------------------------------------
// a little hacky, but not too bad. Override the form nav links so that it always links to the main tab, not this
// (possibly non-relevant) omit list page
$page_vars["prev_tabset_link"] = !empty($links["prev_form_id"]) ? "edit.php?page=main&form_id={$links["prev_form_id"]}" : "";
$page_vars["next_tabset_link"] = !empty($links["next_form_id"]) ? "edit.php?page=main&form_id={$links["next_form_id"]}" : "";
$page_vars["page"] = "public_form_omit_list";
$page_vars["page_url"] = ft_get_page_url("edit_form_public_form_omit_list", array("form_id" => $form_id));
$page_vars["head_title"] = "{$LANG["phrase_edit_form"]} - {$LANG["phrase_public_form_omit_list"]}";
$page_vars["form_info"] = $form_info;
$page_vars["form_omit_list"] = $form_omit_list;
$page_vars["head_js"] = <<<EOF
var page_ns = {};
page_ns.clear_omit_list = function() \t{
ft.select_all('selected_client_ids[]');
ft.move_options('selected_client_ids[]', 'available_client_ids[]');
}
EOF;
ft_display_page("admin/forms/edit.tpl", $page_vars);
$page_vars["pagination"] = ft_get_dhtml_page_nav(count($clients), $_SESSION["ft"]["settings"]["num_clients_per_page"], 1);
$page_vars["js_messages"] = array("phrase_delete_row");
$page_vars["head_js"] = <<<END
var page_ns = {};
page_ns.dialog = \$("<div></div>");
page_ns.delete_client = function(account_id) {
ft.create_dialog({
dialog: page_ns.dialog,
title: "{$LANG["phrase_please_confirm"]}",
content: "{$LANG["validation_check_delete_client"]}",
popup_type: "warning",
buttons: [
{
text: "{$LANG["word_yes"]}",
click: function() {
window.location = "index.php?delete=1&client_id=" + account_id;
}
},
{
text: "{$LANG["word_no"]}",
click: function() {
\$(this).dialog("close");
}
}
]
});
return false;
}
END;
ft_display_page("admin/clients/index.tpl", $page_vars);
$page_vars["required_password_chars"] = $required_password_chars;
$page_vars["password_special_chars"] = $g_password_special_chars;
$page_vars["has_extra_password_requirements"] = !empty($settings["required_password_chars"]) || !empty($settings["min_password_length"]);
$page_vars["has_min_password_length"] = !empty($settings["min_password_length"]);
$page_vars["password_special_char"] = ft_eval_smarty_string($LANG["phrase_password_special_char"], array("chars" => $g_password_special_chars));
$page_vars["phrase_password_min"] = ft_eval_smarty_string($LANG["phrase_password_min"], array("length" => $settings["min_password_length"]));
$page_vars["vals"] = $post_values;
$page_vars["head_js"] = <<<END
var rules = [];
rules.push("required,first_name,{$LANG['validation_no_client_first_name']}");
rules.push("required,last_name,{$LANG['validation_no_client_first_name']}");
rules.push("required,email,{$LANG['validation_no_client_email']}");
rules.push("valid_email,email,{$LANG['validation_invalid_email']}");
rules.push("required,username,{$LANG['validation_no_client_username']}");
rules.push("function,validate_username");
rules.push("required,password,{$LANG['validation_no_client_password']}");
rules.push("same_as,password,password_2,{$LANG['validation_passwords_different']}");
{$conditional_rules}
function validate_username() {
var username = \$("input[name=username]").val();
if (username.match(/[^\\.@a-zA-Z0-9_]/)) {
return [[\$("input[name=username]")[0], "{$LANG['validation_invalid_client_username']}"]];
}
return true;
}
\$(function() { \$("#first_name").focus(); });
END;
ft_display_page("admin/clients/add.tpl", $page_vars);
\$(function() {
ms.init_submissions_page();
ms.change_search_field(\$("#search_field").val());
if (\$("#search_field").length) {
\$("#search_field").bind("keyup change", function() {
ms.change_search_field(this.value);
});
}
if (\$("#search_date").length) {
\$("#search_date").daterangepicker({
dateFormat: "{$date_field_search_js_format}",
doneButtonText: "{$LANG["word_done"]}",
presetRanges: [
{text: '{$LANG["word_today"]}', dateStart: 'today', dateEnd: 'today' },
{text: '{$LANG["phrase_last_7_days"]}', dateStart: 'today-7days', dateEnd: 'today' },
{text: '{$LANG["phrase_month_to_date"]}', dateStart: function(){ return Date.parse('today').moveToFirstDayOfMonth(); }, dateEnd: 'today' },
{text: '{$LANG["phrase_year_to_date"]}', dateStart: function(){ var x= Date.parse('today'); x.setMonth(0); x.setDate(1); return x; }, dateEnd: 'today' },
{text: '{$LANG["phrase_the_previous_month"]}', dateStart: function(){ return Date.parse('1 month ago').moveToFirstDayOfMonth(); }, dateEnd: function(){ return Date.parse('1 month ago').moveToLastDayOfMonth(); } }
],
datepickerOptions: {
changeYear: true,
changeMonth: true
}
});
}
});
END;
ft_display_page("clients/forms/index.tpl", $page_vars);
rules.push("function,validate_swatch");
rules.push("required,login_page,{$LANG["validation_no_login_page"]}");
rules.push("required,logout_url,{$LANG["validation_no_account_logout_url"]}");
rules.push("required,ui_language,{$LANG["validation_no_ui_language"]}");
rules.push("required,sessions_timeout,{$LANG["validation_no_sessions_timeout"]}");
rules.push("required,date_format,{$LANG["validation_no_date_format"]}");
rules.push("required,username,{$LANG["validation_no_username"]}");
rules.push("function,validate_username");
rules.push("if:password!=,required,password_2,{$LANG["validation_no_account_password_confirmed"]}");
rules.push("if:password!=,same_as,password,password_2,{$LANG["validation_passwords_different"]}");
function validate_swatch() {
var theme = \$("#theme").val();
var swatch_id = "#" + theme + "_theme_swatches";
if (\$(swatch_id).length > 0 && \$(swatch_id).val() == "") {
return [[\$(swatch_id)[0], "{$LANG["validation_no_theme_swatch"]}"]];
}
return true;
}
function validate_username() {
var username = \$("input[name=username]").val();
if (username.match(/[^\\.@a-zA-Z0-9_]/)) {
return [[\$("input[name=username]")[0], "{$LANG['validation_invalid_admin_username']}"]];
}
return true;
}
\$(function() { document.login_info.first_name.focus(); });
END;
ft_display_page("admin/account/index.tpl", $page_vars);
continue;
}
// if this is a NEW field, we just ignore it here. New fields are only added by updating the main page, not
// via the Edit Field dialog
if (preg_match("/^NEW/", $field_id)) {
continue;
}
list($success, $message) = ft_update_field($form_id, $field_id, $request["data"]["field_{$field_id}"]);
if (!$success) {
$problems[] = array("field_id" => $field_id, "error" => $message);
}
}
if (!empty($problems)) {
$problems_json = ft_convert_to_json($problems);
echo "{ \"success\": \"0\", \"problems\": {$problems_json}{$return_str} }";
} else {
echo "{ \"success\": \"1\"{$return_str} }";
}
break;
// used to return a page outlining all the form field placeholders available
// used to return a page outlining all the form field placeholders available
case "get_form_field_placeholders":
$form_id = $request["form_id"];
$text_reference_tab_info = ft_eval_smarty_string($LANG["text_reference_tab_info"], array("g_root_url" => $g_root_url));
$page_vars = array();
$page_vars["form_id"] = $form_id;
$page_vars["form_fields"] = ft_get_form_fields($form_id, array("include_field_type_info" => true));
$page_vars["text_reference_tab_info"] = $text_reference_tab_info;
ft_display_page("admin/forms/form_placeholders.tpl", $page_vars);
break;
}
/**
* Returns all information about a submission. N.B. Would have been nice to have made this just a
* wrapper for ft_get_submission_info, but that function contains hooks. Need to revise all core
* code to allow external calls to optionally avoid any hook calls.
*
* @param integer $form_id
* @param integer $submission_id
*/
function ft_api_get_submission($form_id, $submission_id)
{
global $g_table_prefix, $g_api_debug;
// confirm the form is valid
if (!ft_check_form_exists($form_id)) {
if ($g_api_debug) {
$page_vars = array("message_type" => "error", "error_code" => 405, "error_type" => "user");
ft_display_page("error.tpl", $page_vars);
exit;
} else {
return array(false, 405);
}
}
if (!is_numeric($submission_id)) {
if ($g_api_debug) {
$page_vars = array("message_type" => "error", "error_code" => 406, "error_type" => "user");
ft_display_page("error.tpl", $page_vars);
exit;
} else {
return array(false, 406);
}
}
// get the form submission info
$submission_info = mysql_query("\n SELECT *\n FROM {$g_table_prefix}form_{$form_id}\n WHERE submission_id = {$submission_id}\n ");
$submission = mysql_fetch_assoc($submission_info);
return $submission;
}
<?php
require "../../global/session_start.php";
ft_check_permission("admin");
$request = array_merge($_POST, $_GET);
$theme_id = isset($request["theme_id"]) ? $request["theme_id"] : "";
if (empty($theme_id)) {
header("location: index.php");
exit;
}
$theme_info = ft_get_theme($theme_id);
// if this theme uses swatches, generate a list of all available swatches
if ($theme_info["uses_swatches"] == "yes") {
$theme_info["available_swatches"] = ft_get_theme_swatch_list($theme_info["swatches"]);
}
// compile header information
$page_vars = array();
$page_vars["page"] = "themes_about";
$page_vars["page_url"] = ft_get_page_url("themes_about");
$page_vars["head_title"] = "{$LANG["word_themes"]} - {$LANG["word_about"]}";
$page_vars["theme_info"] = $theme_info;
ft_display_page("admin/themes/about.tpl", $page_vars);
/**
* This function processes the form submissions, after the form has been set up in the database.
*/
function ft_process_form($form_data)
{
global $g_table_prefix, $g_multi_val_delimiter, $g_query_str_multi_val_separator, $g_root_dir, $LANG, $g_api_version, $g_api_recaptcha_private_key;
// ensure the incoming values are escaped
$form_data = ft_sanitize($form_data);
$form_id = $form_data["form_tools_form_id"];
$form_info = ft_get_form($form_id);
// do we have a form for this id?
if (!ft_check_form_exists($form_id)) {
$page_vars = array("message_type" => "error", "message" => $LANG["processing_invalid_form_id"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
extract(ft_process_hook_calls("start", compact("form_info", "form_id", "form_data"), array("form_data")), EXTR_OVERWRITE);
// check to see if this form has been completely set up
if ($form_info["is_complete"] == "no") {
$page_vars = array("message_type" => "error", "message" => $LANG["processing_form_incomplete"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
// check to see if this form has been disabled
if ($form_info["is_active"] == "no") {
if (isset($form_data["form_tools_inactive_form_redirect_url"])) {
header("location: {$form_data["form_tools_inactive_form_redirect_url"]}");
exit;
}
$page_vars = array("message_type" => "error", "message" => $LANG["processing_form_disabled"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
// do we have a form for this id?
if (!ft_check_form_exists($form_id)) {
$page_vars = array("message_type" => "error", "message" => $LANG["processing_invalid_form_id"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
// was there a reCAPTCHA response? If so, a recaptcha was just submitted. This generally implies the
// form page included the API, so check it was entered correctly. If not, return the user to the webpage
if (isset($g_api_version) && isset($form_data["recaptcha_response_field"])) {
$passes_captcha = false;
$recaptcha_challenge_field = $form_data["recaptcha_challenge_field"];
$recaptcha_response_field = $form_data["recaptcha_response_field"];
$folder = dirname(__FILE__);
require_once "{$folder}/global/api/recaptchalib.php";
$resp = recaptcha_check_answer($g_api_recaptcha_private_key, $_SERVER["REMOTE_ADDR"], $recaptcha_challenge_field, $recaptcha_response_field);
if ($resp->is_valid) {
$passes_captcha = true;
} else {
// since we need to pass all the info back to the form page we do it by storing the data in sessions. Enable 'em.
@ft_api_start_sessions();
$_SESSION["form_tools_form_data"] = $form_data;
$_SESSION["form_tools_form_data"]["api_recaptcha_error"] = $resp->error;
// if there's a form_tools_form_url specified, redirect to that
if (isset($form_data["form_tools_form_url"])) {
header("location: {$form_data["form_tools_form_url"]}");
exit;
} else {
if (isset($_SERVER["HTTP_REFERER"])) {
header("location: {$_SERVER["HTTP_REFERER"]}");
exit;
} else {
$page_vars = array("message_type" => "error", "message" => $LANG["processing_no_form_url_for_recaptcha"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
}
}
}
// get a list of the custom form fields (i.e. non-system) for this form
$form_fields = ft_get_form_fields($form_id, array("include_field_type_info" => true));
$custom_form_fields = array();
$file_fields = array();
foreach ($form_fields as $field_info) {
$field_id = $field_info["field_id"];
$is_system_field = $field_info["is_system_field"];
$field_name = $field_info["field_name"];
// ignore system fields
if ($is_system_field == "yes") {
continue;
}
if ($field_info["is_file_field"] == "no") {
$custom_form_fields[$field_name] = array("field_id" => $field_id, "col_name" => $field_info["col_name"], "field_title" => $field_info["field_title"], "include_on_redirect" => $field_info["include_on_redirect"], "field_type_id" => $field_info["field_type_id"], "is_date_field" => $field_info["is_date_field"]);
} else {
$file_fields[] = array("field_id" => $field_id, "field_info" => $field_info);
}
}
// now examine the contents of the POST/GET submission and get a list of those fields
// which we're going to update
$valid_form_fields = array();
while (list($form_field, $value) = each($form_data)) {
// if this field is included, store the value for adding to DB
if (array_key_exists($form_field, $custom_form_fields)) {
$curr_form_field = $custom_form_fields[$form_field];
$cleaned_value = $value;
if (is_array($value)) {
if ($form_info["submission_strip_tags"] == "yes") {
for ($i = 0; $i < count($value); $i++) {
$value[$i] = strip_tags($value[$i]);
}
}
$cleaned_value = implode("{$g_multi_val_delimiter}", $value);
} else {
if ($form_info["submission_strip_tags"] == "yes") {
$cleaned_value = strip_tags($value);
}
}
$valid_form_fields[$curr_form_field["col_name"]] = "'{$cleaned_value}'";
}
}
$now = ft_get_current_datetime();
$ip_address = $_SERVER["REMOTE_ADDR"];
$col_names = array_keys($valid_form_fields);
$col_names_str = join(", ", $col_names);
if (!empty($col_names_str)) {
$col_names_str .= ", ";
}
$col_values = array_values($valid_form_fields);
$col_values_str = join(", ", $col_values);
if (!empty($col_values_str)) {
$col_values_str .= ", ";
}
// build our query
$query = "\r\n INSERT INTO {$g_table_prefix}form_{$form_id} ({$col_names_str} submission_date, last_modified_date, ip_address, is_finalized)\r\n VALUES ({$col_values_str} '{$now}', '{$now}', '{$ip_address}', 'yes')\r\n ";
// add the submission to the database (if form_tools_ignore_submission key isn't set by either the form or a module)
$submission_id = "";
if (!isset($form_data["form_tools_ignore_submission"])) {
$result = mysql_query($query);
if (!$result) {
$page_vars = array("message_type" => "error", "error_code" => 304, "error_type" => "system", "debugging" => "Failed query in <b>" . __FUNCTION__ . ", " . __FILE__ . "</b>, line " . __LINE__ . ": <i>" . nl2br($query) . "</i>", mysql_error());
ft_display_page("error.tpl", $page_vars);
exit;
}
$submission_id = mysql_insert_id();
extract(ft_process_hook_calls("end", compact("form_id", "submission_id"), array()), EXTR_OVERWRITE);
}
$redirect_query_params = array();
// build the redirect query parameter array
foreach ($form_fields as $field_info) {
if ($field_info["include_on_redirect"] == "no" || $field_info["is_file_field"] == "yes") {
continue;
}
switch ($field_info["col_name"]) {
case "submission_id":
$redirect_query_params[] = "submission_id={$submission_id}";
break;
case "submission_date":
$settings = ft_get_settings();
$submission_date_formatted = ft_get_date($settings["default_timezone_offset"], $now, $settings["default_date_format"]);
$redirect_query_params[] = "submission_date=" . rawurlencode($submission_date_formatted);
break;
case "last_modified_date":
$settings = ft_get_settings();
$submission_date_formatted = ft_get_date($settings["default_timezone_offset"], $now, $settings["default_date_format"]);
$redirect_query_params[] = "last_modified_date=" . rawurlencode($submission_date_formatted);
break;
case "ip_address":
$redirect_query_params[] = "ip_address={$ip_address}";
break;
default:
$field_name = $field_info["field_name"];
// if $value is an array, convert it to a string, separated by $g_query_str_multi_val_separator
if (isset($form_data[$field_name])) {
if (is_array($form_data[$field_name])) {
$value_str = join($g_query_str_multi_val_separator, $form_data[$field_name]);
$redirect_query_params[] = "{$field_name}=" . rawurlencode($value_str);
} else {
$redirect_query_params[] = "{$field_name}=" . rawurlencode($form_data[$field_name]);
}
}
break;
}
}
// only upload files & send emails if we're not ignoring the submission
if (!isset($form_data["form_tools_ignore_submission"])) {
// now process any file fields. This is placed after the redirect query param code block above to allow whatever file upload
// module to append the filename to the query string, if needed
extract(ft_process_hook_calls("manage_files", compact("form_id", "submission_id", "file_fields", "redirect_query_params"), array("success", "message", "redirect_query_params")), EXTR_OVERWRITE);
// send any emails
ft_send_emails("on_submission", $form_id, $submission_id);
}
// if the redirect URL has been specified either in the database or as part of the form
// submission, redirect the user [form submission form_tools_redirect_url value overrides
// database value]
if (!empty($form_info["redirect_url"]) || !empty($form_data["form_tools_redirect_url"])) {
// build redirect query string
$redirect_url = isset($form_data["form_tools_redirect_url"]) && !empty($form_data["form_tools_redirect_url"]) ? $form_data["form_tools_redirect_url"] : $form_info["redirect_url"];
$query_str = "";
if (!empty($redirect_query_params)) {
$query_str = join("&", $redirect_query_params);
}
if (!empty($query_str)) {
// only include the ? if it's not already there
if (strpos($redirect_url, "?")) {
$redirect_url .= "&" . $query_str;
} else {
$redirect_url .= "?" . $query_str;
}
}
header("Location: " . $redirect_url);
exit;
}
// the user should never get here! This means that the no redirect URL has been specified
$page_vars = array("message_type" => "error", "message" => $LANG["processing_no_redirect_url"]);
ft_display_page("error.tpl", $page_vars);
exit;
}
$js[] = "rules.push(\"function,validate_swatch\")";
}
if ($client_info["settings"]["may_edit_logout_url"] == "yes") {
$js[] = "rules.push(\"required,logout_url,{$LANG["validation_no_logout_url"]}\")";
}
if ($client_info["settings"]["may_edit_language"] == "yes") {
$js[] = "rules.push(\"required,ui_language,{$LANG["validation_no_ui_language"]}\")";
}
if ($client_info["settings"]["may_edit_timezone_offset"] == "yes") {
$js[] = "rules.push(\"required,timezone_offset,{$LANG["validation_no_timezone_offset"]}\")";
}
if ($client_info["settings"]["may_edit_sessions_timeout"] == "yes") {
$js[] = "rules.push(\"required,sessions_timeout,{$LANG["validation_no_sessions_timeout"]}\")";
$js[] = "rules.push(\"digits_only,sessions_timeout,{$LANG["validation_invalid_sessions_timeout"]}\")";
}
if ($client_info["settings"]["may_edit_date_format"] == "yes") {
$js[] = "rules.push(\"required,date_format,{$LANG["validation_no_date_format"]}\")";
}
$js[] = <<<END
function validate_swatch() {
var theme = \$("#theme").val();
var swatch_id = "#" + theme + "_theme_swatches";
if (\$(swatch_id).length > 0 && \$(swatch_id).val() == "") {
return [[\$(swatch_id)[0], "{$LANG["validation_no_theme_swatch"]}"]];
}
return true;
}
END;
$page_vars["head_js"] = implode(";\n", $js);
ft_display_page("clients/account/index.tpl", $page_vars);
$account_id = isset($_SESSION["ft"]["account"]["account_id"]) ? $_SESSION["ft"]["account"]["account_id"] : "";
if ($account_type == "client" && $page_info["access_type"] == "private") {
if (!in_array($account_id, $page_info["clients"])) {
ft_handle_error("Sorry, you do not have permissions to see this page.");
exit;
}
}
$content = $page_info["content"];
switch ($page_info["content_type"]) {
case "php":
ob_start();
eval($page_info["content"]);
$content = ob_get_contents();
ob_end_clean();
break;
case "smarty":
$content = ft_eval_smarty_string($page_info["content"]);
break;
}
// ------------------------------------------------------------------------------------------------
$page_vars = array();
$page_vars["page"] = "custom_page";
$page_vars["page_id"] = $page_id;
$page_vars["phrase_edit_page"] = $LANG["pages"]["phrase_edit_page"];
$page_vars["account_type"] = $account_type;
$page_vars["page_url"] = ft_get_page_url("custom_page");
$page_vars["head_title"] = "{$LANG["pages"]["word_page"]} - {$page_info["heading"]}";
$page_vars["page_info"] = $page_info;
$page_vars["content"] = $content;
ft_display_page("../../modules/pages/templates/page.tpl", $page_vars);
$uploaded_files = ft_get_uploaded_files($form_id, $file_field_ids);
// delete the form
if (isset($_POST["delete_form"]) && $_POST["delete_form"] == "yes") {
$delete_files = isset($_POST['delete_files']) && $_POST['delete_files'] == "yes" ? true : false;
list($g_success, $g_message) = ft_delete_form($form_id, $delete_files);
// redirect back to the form list page
header("location: {$g_root_url}/admin/forms/");
exit;
}
// ------------------------------------------------------------------------------------------------
// compile the header information
$page_vars = array();
$page_vars["head_title"] = $LANG["phrase_delete_form"];
$page_vars["page"] = "delete_form";
$page_vars["page_url"] = ft_get_page_url("delete_form");
$page_vars["form_id"] = $form_id;
$page_vars["form_info"] = $form_info;
$page_vars["uploaded_files"] = $uploaded_files;
$page_vars["head_js"] = <<<END
var page_ns = {};
page_ns.show_uploaded_files = function(){
\$('#uploaded_files').show(600);
}
var rules = ["required,delete_form,{$LANG["validation_delete_form_confirm"]}"];
\$(function() {
\$("#delete_form").focus();
});
END;
ft_display_page("admin/forms/delete_form.tpl", $page_vars);
$page_vars["client_id"] = $client_id;
$page_vars["required_password_chars"] = $required_password_chars;
$page_vars["password_special_chars"] = $g_password_special_chars;
$page_vars["has_extra_password_requirements"] = !empty($client_info["settings"]["required_password_chars"]) || !empty($client_info["settings"]["min_password_length"]);
$page_vars["has_min_password_length"] = !empty($client_info["settings"]["min_password_length"]);
$page_vars["password_special_char"] = ft_eval_smarty_string($LANG["phrase_password_special_char"], array("chars" => $g_password_special_chars));
$page_vars["phrase_password_min"] = ft_eval_smarty_string($LANG["phrase_password_min"], array("length" => $client_info["settings"]["min_password_length"]));
$page_vars["head_js"] = <<<END
var rules = [];
rules.push("required,first_name,{$LANG['validation_no_client_first_name']}");
rules.push("required,last_name,{$LANG['validation_no_client_last_name']}");
rules.push("required,email,{$LANG['validation_no_client_email']}");
rules.push("valid_email,email,{$LANG['validation_invalid_email']}");
rules.push("required,username,{$LANG['validation_no_client_username']}");
rules.push("function,validate_username");
rules.push("if:password!=,required,password_2,{$LANG["validation_no_account_password_confirmed2"]}");
rules.push("if:password!=,same_as,password,password_2,{$LANG["validation_passwords_different"]}");
{$conditional_rules}
function validate_username() {
var username = \$("input[name=username]").val();
if (username.match(/[^\\.@a-zA-Z0-9_]/)) {
return [[\$("input[name=username]")[0], "{$LANG['validation_invalid_client_username']}"]];
}
return true;
}
\$(function() { \$("#add_client :input:visible:enabled:first").focus(); });
END;
ft_display_page("admin/clients/edit.tpl", $page_vars);
rules.push("function,validate_admin_swatch");
rules.push("required,default_client_theme,{$LANG["validation_no_default_client_theme"]}");
rules.push("function,validate_client_swatch");
function validate_admin_swatch() {
var admin_theme = \$("#admin_theme").val();
var swatch_id = "#" + admin_theme + "_admin_theme_swatches";
if (\$(swatch_id).length > 0 && \$(swatch_id).val() == "") {
return [[\$(swatch_id)[0], "{$LANG["validation_no_admin_theme_swatch"]}"]];
}
return true;
}
function validate_client_swatch() {
var client_theme = \$("#default_client_theme").val();
var swatch_id = "#" + client_theme + "_default_client_theme_swatches";
if (\$(swatch_id).length > 0 && \$(swatch_id).val() == "") {
return [[\$(swatch_id)[0], "{$LANG["validation_no_client_theme_swatch"]}"]];
}
return true;
}
\$(function() {
\$(".fancybox").fancybox();
});
EOF;
$page_vars["head_string"] = <<<EOF
<script src="{$g_root_url}/global/fancybox/jquery.fancybox-1.3.4.pack.js"></script>
<link rel="stylesheet" href="{$g_root_url}/global/fancybox/jquery.fancybox-1.3.4.css" type="text/css" media="screen" />
EOF;
ft_display_page("admin/themes/index.tpl", $page_vars);
// ------------------------------------------------------------------------------------------------
// compile the header information
$page_values = array();
$page_vars["page"] = "add_form_internal";
$page_vars["page_url"] = ft_get_page_url("add_form_internal");
$page_vars["head_title"] = "{$LANG['phrase_add_form']}";
$page_vars["head_js"] = <<<END
ft.click([
{ el: "at1", targets: [{ el: "custom_clients", action: "hide" }] },
{ el: "at2", targets: [{ el: "custom_clients", action: "hide" }] },
{ el: "at3", targets: [{ el: "custom_clients", action: "show" }] }
]);
\$(function() {
\$("#form_name").focus();
\$("#create_internal_form").bind("submit",function(e) {
var rules = [];
rules.push("required,form_name,{$LANG["validation_no_form_name"]}");
rules.push("required,num_fields,{$LANG["validation_no_num_form_fields"]}");
rules.push("digits_only,num_fields,{$LANG["validation_invalid_num_form_fields"]}");
rules.push("range<=1000,num_fields,{$LANG["validation_internal_form_too_many_fields"]}");
rules.push("required,access_type,{$LANG["validation_no_access_type"]}");
if (!rsv.validate(this, rules)) {
e.preventDefault();
}
ft.select_all("selected_client_ids[]");
});
});
END;
ft_display_page("admin/forms/add/internal.tpl", $page_vars);
$page_vars["head_title"] = $edit_submission_page_label;
$page_vars["form_info"] = $form_info;
$page_vars["form_id"] = $form_id;
$page_vars["view_id"] = $view_id;
$page_vars["submission_id"] = $submission_id;
$page_vars["tabs"] = $tabs;
$page_vars["settings"] = $settings;
$page_vars["tab_number"] = $tab_number;
$page_vars["grouped_fields"] = $grouped_fields;
$page_vars["field_types"] = $page_field_types;
$page_vars["previous_link_html"] = $prev_link_html;
$page_vars["page_has_required_fields"] = $page_has_required_fields;
$page_vars["search_results_link_html"] = $search_results_link_html;
$page_vars["next_link_html"] = $next_link_html;
$page_vars["tab_has_editable_fields"] = count($editable_tab_fields) > 0;
$page_vars["view_info"] = $view_info;
$page_vars["edit_submission_page_label"] = $edit_submission_page_label;
$page_vars["page_field_ids"] = $page_field_ids;
$page_vars["page_field_ids_str"] = implode(",", $page_field_ids);
$page_vars["js_messages"] = array("confirm_delete_submission", "notify_no_email_template_selected", "confirm_delete_submission_file", "phrase_please_confirm", "word_no", "word_yes", "word_close", "phrase_validation_error");
$page_vars["head_string"] = <<<EOF
<script src="{$g_root_url}/global/scripts/manage_submissions.js"></script>
<script src="{$g_root_url}/global/scripts/field_types.php"></script>
<link rel="stylesheet" href="{$g_root_url}/global/css/field_types.php" type="text/css" />
{$shared_resources}
EOF;
$page_vars["head_js"] = <<<END
{$validation_js}
END;
ft_display_page("admin/forms/edit_submission.tpl", $page_vars);
<?php
require_once "global/session_start.php";
$page_vars = array();
$page_vars["page_url"] = ft_get_page_url("error");
$page_vars["source"] = "error_page";
$page_vars["message_type"] = isset($_SESSION["ft"]["last_error_type"]) ? $_SESSION["ft"]["last_error_type"] : "";
$page_vars["message"] = isset($_SESSION["ft"]["last_error"]) ? $_SESSION["ft"]["last_error"] : "";
$page_vars["error_debug"] = isset($_SESSION["ft"]["last_error_debug"]) ? $_SESSION["ft"]["last_error_debug"] : "";
ft_display_page("error.tpl", $page_vars);
<?php
require "../../../global/session_start.php";
ft_check_permission("admin");
// delete any temporary Smart Fill uploaded files
if (isset($_SESSION["ft"]["smart_fill_tmp_uploaded_files"]) && !empty($_SESSION["ft"]["smart_fill_tmp_uploaded_files"])) {
foreach ($_SESSION["ft"]["smart_fill_tmp_uploaded_files"] as $file) {
@unlink($file);
}
}
$_SESSION["ft"]["method"] = "";
$form_id = ft_load_field("form_id", "add_form_form_id", "");
unset($_SESSION["ft"]["add_form_form_id"]);
// ------------------------------------------------------------------------------------------------
// compile the header information
$page_vars["page"] = "add_form6";
$page_vars["page_url"] = ft_get_page_url("add_form6");
$page_vars["head_title"] = "{$LANG['phrase_add_form']} - {$LANG["phrase_step_5"]}";
$page_vars["form_id"] = $form_id;
$page_vars["text_add_form_step_5_para"] = ft_eval_smarty_string($LANG["text_add_form_step_5_para_3"], array("editformlink" => "../edit.php?form_id={$form_id}"));
$page_vars["text_add_form_step_5_para_4"] = ft_eval_smarty_string($LANG["text_add_form_step_5_para_4"], array("editformlink" => "../edit.php?form_id={$form_id}"));
$page_vars["uploading_files"] = $_SESSION["ft"]["uploading_files"];
$page_vars["head_css"] = "";
ft_display_page("admin/forms/add/step6.tpl", $page_vars);
<?php
require "../../global/session_start.php";
ft_check_permission("admin");
$request = array_merge($_POST, $_GET);
$module_info = ft_get_module($request["module_id"]);
// compile header information
$page_vars = array();
$page_vars["page"] = "modules_about";
$page_vars["page_url"] = ft_get_page_url("modules_about");
$page_vars["head_title"] = "{$LANG["word_modules"]} - {$LANG["word_about"]}";
$page_vars["module_info"] = $module_info;
ft_display_page("admin/modules/about.tpl", $page_vars);
$new_version = "{$settings['program_version']}-alpha-{$settings['release_date']}";
} else {
if ($settings["release_type"] == "beta") {
$new_version = "{$settings['program_version']}-beta-{$settings['release_date']}";
}
}
$replacements = array("version" => $new_version);
$page_vars["upgrade_notification"] = ft_eval_smarty_string($LANG["text_upgraded"], $replacements, $g_theme);
} else {
$g_success = false;
$g_message = $g_upgrade_info["message"];
}
}
$replacements = array("program_name" => $settings["program_name"], "forgot_password_link" => "forget_password.php");
$page_vars["text_login"] = ft_eval_smarty_string($LANG["text_login"], $replacements, $g_theme);
$page_vars["program_name"] = $settings["program_name"];
$page_vars["login_heading"] = sprintf("%s %s", $settings['program_name'], $LANG["word_administration"]);
$page_vars["username"] = $username;
$page_vars["is_logged_in"] = false;
$page_vars["head_js"] = "\$(function() { document.login.username.focus(); });";
$page_vars["head_string"] = "<noscript><style type=\"text/css\">.login_outer_table { display: none; }</style></noscript>";
if (!isset($g_upgrade_info["message"]) && isset($_GET["message"])) {
$g_success = false;
if (array_key_exists($_GET["message"], $LANG)) {
$g_message = $LANG[$_GET["message"]];
} else {
$g_message = strip_tags($_GET["message"]);
}
}
ft_display_page("index.tpl", $page_vars, $g_theme, $g_swatch);
$page_vars["grouped_views"] = $grouped_views;
$page_vars["tab_number"] = $tab_number;
$page_vars["settings"] = $settings;
$page_vars["page_field_ids"] = $page_field_ids;
$page_vars["grouped_fields"] = $grouped_fields;
$page_vars["field_types"] = $page_field_types;
$page_vars["head_title"] = $edit_submission_page_label;
$page_vars["submission_id"] = $submission_id;
$page_vars["previous_link_html"] = $prev_link_html;
$page_vars["search_results_link_html"] = $search_results_link_html;
$page_vars["next_link_html"] = $next_link_html;
$page_vars["tab_has_editable_fields"] = count($editable_tab_fields) > 0;
$page_vars["view_info"] = $view_info;
$page_vars["form_id"] = $form_id;
$page_vars["view_id"] = $view_id;
$page_vars["view_info"] = $view_info;
$page_vars["edit_submission_page_label"] = $edit_submission_page_label;
$page_vars["page_field_ids"] = $page_field_ids;
$page_vars["page_field_ids_str"] = implode(",", $page_field_ids);
$page_vars["js_messages"] = array("confirm_delete_submission", "notify_no_email_template_selected", "confirm_delete_submission_file", "phrase_please_confirm", "word_no", "word_yes", "word_close", "phrase_validation_error");
$page_vars["head_string"] = <<<EOF
<script src="{$g_root_url}/global/scripts/manage_submissions.js?v=20110809"></script>
<script src="{$g_root_url}/global/scripts/field_types.php"></script>
<link rel="stylesheet" href="{$g_root_url}/global/css/field_types.php" type="text/css" />
{$shared_resources}
EOF;
$page_vars["head_js"] = <<<END
{$validation_js}
END;
ft_display_page("clients/forms/edit_submission.tpl", $page_vars);
$keyword = ft_load_field("keyword", "form_search_keyword", "");
$status = ft_load_field("status", "form_search_status", "");
$client_id = ft_load_field("client_id", "form_search_client_id", "");
$search_criteria = array("order" => $order, "keyword" => $keyword, "status" => $status, "client_id" => $client_id);
$num_forms = ft_get_form_count();
$forms = ft_search_forms($client_id, true, $search_criteria);
$clients = ft_get_client_list();
// ------------------------------------------------------------------------------------------------
// compile template info
$page_vars = array();
$page_vars["page"] = "admin_forms";
$page_vars["page_url"] = ft_get_page_url("admin_forms");
$page_vars["head_title"] = $LANG["word_forms"];
$page_vars["has_client"] = count($clients) > 0 ? true : false;
$page_vars["num_forms"] = $num_forms;
$page_vars["max_forms_reached"] = !empty($g_max_ft_forms) && $num_forms >= $g_max_ft_forms ? true : false;
$page_vars["max_forms"] = $g_max_ft_forms;
$page_vars["notify_max_forms_reached"] = ft_eval_smarty_string($LANG["notify_max_forms_reached"], array("max_forms" => $g_max_ft_forms));
$page_vars["forms"] = $forms;
$page_vars["order"] = $order;
$page_vars["clients"] = $clients;
$page_vars["search_criteria"] = $search_criteria;
$page_vars["pagination"] = ft_get_dhtml_page_nav(count($forms), $_SESSION["ft"]["settings"]["num_forms_per_page"], 1);
$page_vars["js_messages"] = array("word_remove", "word_edit", "phrase_open_form_in_new_tab_or_win", "word_close", "phrase_show_form");
$page_vars["head_js"] = <<<END
\$(function() {
ft.init_show_form_links();
});
END;
ft_display_page("admin/forms/index.tpl", $page_vars);
$id = ft_load_field("id", "id", "");
if (!empty($id)) {
$info = ft_get_account_info($id);
if (!empty($info)) {
$g_theme = $info['theme'];
$language = $info["ui_language"];
include_once "global/lang/{$language}.php";
}
}
// if trying to send password
if (isset($_POST) && !empty($_POST)) {
list($g_success, $g_message) = ft_send_password($_POST);
}
$username = isset($_POST["username"]) && !empty($_POST["username"]) ? $_POST["username"] : "";
$username = ft_strip_chars($username);
// --------------------------------------------------------------------------------------------
$replacements = array("site_admin_email" => "<a href=\"mailto:{$admin_email}\">{$admin_email}</a>");
$page_vars = array();
$page_vars["text_forgot_password"] = ft_eval_smarty_string($LANG["text_forgot_password"], $replacements);
$page_vars["head_title"] = $settings['program_name'];
$page_vars["page"] = "forgot_password";
$page_vars["page_url"] = ft_get_page_url("forgot_password");
$page_vars["settings"] = $settings;
$page_vars["username"] = $username;
$page_vars["head_js"] = <<<END
var rules = [];
rules.push("required,username,{$LANG['validation_no_username']}");
\$(function() { document.forget_password.username.focus(); });
END;
ft_display_page("forget_password.tpl", $page_vars, $g_theme);