function contact() { // // Custom fields definition array $arrFields = array(); // Add custom fields using following definition: // $arrFields[] = array("<input type>", "<name>", "<label>", '<required/optional>', '<minlength/0>'); // // Examples. // To add mandatory field with label Phone No without string length checking: $arrFields[] = array('text', 'domicilio', 'Domicilio', 'optional', 0); $arrFields[] = array('text', 'localidad', 'Localidad', 'optional', 0); $arrFields[] = array('text', 'phone', 'Teléfono – Celular', 'optional', 0); // To add optional field with label City with checking for minimal string length of 4 symbols: //$arrFields[] = array('text', 'city', 'City', 'optional', 4); // if (!isset($_POST['contactform'])) { // Display contact form echo '<div class="contact">'; //<h2>'.l('contact').'</h2>'; extra('contact'); echo '<p>' . l('required') . '</p>'; echo html_input('form', '', 'post', '', '', '', '', '', '', '', '', '', 'post', db('website'), ''); echo html_input('text', 'name', 'name', '', '* ' . l('name'), 'text', '', '', '', '', '', '', '', '', ''); echo html_input('text', 'email', 'email', '', '* ' . l('email'), 'text', '', '', '', '', '', '', '', '', ''); echo html_input('hidden', 'weblink', 'weblink', '', l('url'), 'text', '', '', '', '', '', '', '', '', ''); // // Get output for custom fields $strHTML = get_contact_fields($arrFields, $code, 'output'); echo $strHTML; // echo html_input('textarea', 'message', 'message', '', '* ' . l('message'), '', '', '', '', '', '5', '5', '', '', ''); // echo mathCaptcha(); // echo '<p>'; echo html_input('hidden', 'ip', 'ip', $_SERVER['REMOTE_ADDR'], '', '', '', '', '', '', '', '', '', '', ''); echo html_input('hidden', 'time', 'time', time(), '', '', '', '', '', '', '', '', '', '', ''); echo html_input('submit', 'contactform', 'contactform', l('submit'), '', 'button', '', '', '', '', '', '', '', '', ''); echo '</p></form></div>'; $_SESSION[db('website') . 'contact'] = 0; } else { // Fetch and clean input data from default contact form $to = s('website_email'); $subject = s('contact_subject'); $name = trim($_POST['name']); $name = strlen($name) > 1 ? clean(cleanXSS($name)) : null; $mail = trim($_POST['email']); $mail = trim($_POST['email']); $mail = strlen($mail) > 7 && preg_match('/^[A-Z0-9._-]+@[A-Z0-9][A-Z0-9.-]{0,61}[A-Z0-9]\\.[A-Z.]{2,6}$/i', $mail) ? clean(cleanXSS($mail)) : null; $url = trim($_POST['weblink']); $url = strlen($url) > 8 && strpos($url, '?') === false ? clean(cleanXSS($url)) : null; $message = trim($_POST['message']); $message = strlen($message) > 9 ? stripslashes(cleanXSS($message)) : null; $message = strip_tags($message); $now = is_numeric($_POST['time']) ? $_POST['time'] : null; $ip = strlen($_POST['ip']) < 16 ? clean(cleanXSS($_POST['ip'])) : null; // // Fetch and clean data from added custom input fields $validExtraFields = true; $code = 0; $strExtraFields = get_contact_fields($arrFields, $code, 'submit'); if ($code == 1 || $code == 2) { // Required fields values missing/invalid $validExtraFields = false; } // if ($_SESSION[db('website') . 'contact'] == 0) { // Added $validExtraFields to if condition if ($ip == $_SERVER['REMOTE_ADDR'] && time() - $now > 4 && $name && $mail && $message && mathCaptcha($_POST['calc'], $_POST['sum']) && $validExtraFields) { $header = "MIME-Version: 1.0\n"; $header .= "Content-type: text/plain; charset=" . s('charset') . "\n"; $header .= "From: {$name} <{$mail}>\r\nReply-To: {$name} <{$mail}>\r\nReturn-Path: <{$mail}>\r\n"; $addUrl = isset($url) ? l('url') . ': ' . $url . "\n\n" : ''; $body = "Message from: " . $name . " <{$mail}>\n" . $addUrl . $strExtraFields . l('message') . ":\n" . $message; mail($to, $subject, $body, $header); # notify of success echo notification(0, l('contact_sent'), 'home'); $_SESSION[db('website') . 'contact'] = 1; } else { echo notification(1, l('contact_not_sent'), 'contact'); } } } }
function get_attribute_values($attribute_value_type = '', $attribute = array()) { $result = ''; if (!empty($attribute)) { $attribute_id = $attribute['attribute_id']; $this_attribute_group_type = $attribute['attribute_group_type']; $this_attribute_value_type = $attribute['attribute_value_type']; $attribute_values = array(); if (!empty($attribute['attribute_values'])) { $attribute_values = $attribute['attribute_values']; } if ($attribute_value_type == 'PC') { $counter = 0; $id = $attribute_id . '_PC_value'; $class = $attribute_id . '_value'; $result .= ' <div class="form_field attributes ' . $class . '" id="' . $id . '"> <div class="form_title">Contact:</div> <ul class="form_input picklist_contacts">'; if ($this_attribute_value_type == 'PC' && !empty($attribute_values)) { foreach ($attribute_values as $attribute_value) { $result .= get_contact_fields($attribute_id, $counter, $attribute_value); $counter++; } } else { $result .= get_contact_fields($attribute_id, $counter); } $result .= ' </ul> </div>'; } elseif ($attribute_value_type == 'PD') { $counter = 0; $id = $attribute_id . '_PD_value'; $class = $attribute_id . '_value'; $result .= ' <div class="form_field attributes ' . $class . '" id="' . $id . '"> <div class="form_title">Date Field:</div> <ul class="form_input picklist_dates">'; if ($this_attribute_value_type == 'PD' && !empty($attribute_values)) { foreach ($attribute_values as $attribute_value) { $result .= get_date_fields($attribute_id, $counter, $attribute_value); $counter++; } } else { $result .= get_date_fields($attribute_id, $counter); } $result .= ' </ul> </div>'; } elseif ($attribute_value_type == 'PT') { $counter = 0; $id = $attribute_id . '_PT_value'; $class = $attribute_id . '_value'; $result .= ' <div class="form_field attributes ' . $class . '" id="' . $id . '"> <div class="form_title">Text Field:</div> <ul class="form_input picklist_texts">'; if ($this_attribute_value_type == 'PT' && !empty($attribute_values)) { foreach ($attribute_values as $attribute_value) { $result .= get_text_fields($attribute_id, $counter, $attribute_value); $counter++; } } else { $result .= get_text_fields($attribute_id, $counter); } $result .= ' </ul> </div>'; } elseif ($this_attribute_group_type == 'M' || $attribute_value_type == 'SF') { $counter = 0; $id = $attribute_id . '_SF_value'; $class = $attribute_id . '_value'; $result .= ' <div class="form_field attributes ' . $class . '" id="' . $id . '"> <div class="form_title">Search String:</div> <ul class="form_input search_fields">'; if ($this_attribute_value_type == 'SF' && !empty($attribute_values)) { foreach ($attribute_values as $attribute_value) { $result .= get_search_fields($attribute_id, $counter, $attribute_value); $counter++; } } else { $result .= get_search_fields($attribute_id, $counter); } $found_value = isset($attribute['client_attribute_found_value']) ? $attribute['client_attribute_found_value'] : ''; $not_found_value = isset($attribute['client_attribute_not_found_value']) ? $attribute['client_attribute_not_found_value'] : ''; $found_id = 'attribute_value_found_' . $attribute_id; $not_found_id = 'attribute_value_not_found_' . $attribute_id; $found_data = array('name' => 'data[attribute_found_value_SF_' . $attribute_id . ']', 'size' => '50', 'maxlength' => '255', 'id' => $found_id); $not_found_data = array('name' => 'data[attribute_not_found_value_SF_' . $attribute_id . ']', 'size' => '50', 'maxlength' => '255', 'id' => $not_found_id); $result .= ' </ul> <div class="form_field found_value first"> <div class="form_title">Found Value:</div> <div class="form_input"> ' . form_input($found_data, $found_value) . ' </div> </div> <div class="form_field found_value"> <div class="form_title">Not Found Value:</div> <div class="form_input"> ' . form_input($not_found_data, $not_found_value) . ' </div> </div> </div>'; } } return $result; }