/**
* Generate Table HTML code
*
* @return string
*/
function genTable()
{
// add default className to attributes
$this->aTableAttrs['class'] = 'form_advanced_table' . (isset($this->aTableAttrs['class']) ? ' ' . $this->aTableAttrs['class'] : '');
// add CSRF token if it's needed.
if ($GLOBALS['MySQL']->getParam('sys_security_form_token_enable') == 'on' && !defined('BX_DOL_CRON_EXECUTE') && (!isset($this->aParams['csrf']['disable']) || isset($this->aParams['csrf']['disable']) && $this->aParams['csrf']['disable'] !== true) && ($mixedCsrfToken = BxDolForm::getCsrfToken()) !== false) {
$this->aInputs['csrf_token'] = array('type' => 'hidden', 'name' => 'csrf_token', 'value' => $mixedCsrfToken, 'db' => array('pass' => 'Xss'));
}
// generate table contents
$sTableContent = '';
foreach ($this->aInputs as $aInput) {
$sTableContent .= $this->genRow($aInput);
}
$this->addCssJs($this->_isDateControl, $this->_isDateTimeControl);
return $this->_sCodeAdd . $GLOBALS['oSysTemplate']->parseHtmlByName('form_content.html', array('wrapper_id' => $this->id, 'table_attrs' => $this->convertArray2Attrs($this->aTableAttrs), 'content' => $sTableContent));
}
/**
* Generate Table HTML code
*
* @return string
*/
function genTable()
{
// add default className to attributes
$this->aTableAttrs['class'] = 'form_advanced_table' . (isset($this->aTableAttrs['class']) ? ' ' . $this->aTableAttrs['class'] : '');
// default cellpadding
if (!isset($this->aTableAttrs['cellpadding'])) {
$this->aTableAttrs['cellpadding'] = 0;
}
// default cellspacing
if (!isset($this->aTableAttrs['cellspacing'])) {
$this->aTableAttrs['cellspacing'] = 0;
}
$sTableAttrs = $this->convertArray2Attrs($this->aTableAttrs);
// add CSRF token if it's needed.
if ($GLOBALS['MySQL']->getParam('sys_security_form_token_enable') == 'on' && (!isset($this->aParams['csrf']['disable']) || isset($this->aParams['csrf']['disable']) && $this->aParams['csrf']['disable'] !== true) && ($mixedCsrfToken = BxDolForm::getCsrfToken()) !== false) {
$this->aInputs['csrf_token'] = array('type' => 'hidden', 'name' => 'csrf_token', 'value' => $mixedCsrfToken, 'db' => array('pass' => 'Xss'));
}
// generate table contents
$sTableCont = '';
foreach ($this->aInputs as $aInput) {
$sTableCont .= $this->genRow($aInput);
}
$sOpenTbody = $this->getOpenTbody();
$sCloseTbody = $this->getCloseTbody();
// generate table
$sTable = <<<BLAH
<table {$sTableAttrs}>
{$sOpenTbody}
{$sTableCont}
{$sCloseTbody}
</table>
BLAH;
$this->addCssJs($this->_isDateControl, $this->_isDateTimeControl);
return $sTable;
}
function check(&$aInputs)
{
$oChecker = $this->_oChecker;
$iErrors = 0;
// check CSRF token if it's needed.
if ($GLOBALS['MySQL']->getParam('sys_security_form_token_enable') == 'on' && !defined('BX_DOL_CRON_EXECUTE') && $this->_bFormCsrfChecking === true && ($mixedCsrfTokenSys = BxDolForm::getCsrfToken()) !== false) {
$mixedCsrfTokenUsr = BxDolForm::getSubmittedValue('csrf_token', $this->_sFormMethod);
unset($aInputs['csrf_token']);
if ($mixedCsrfTokenUsr === false || $mixedCsrfTokenSys != $mixedCsrfTokenUsr) {
return false;
}
}
foreach ($aInputs as $k => $a) {
$a['name'] = str_replace('[]', '', $a['name']);
$val = BxDolForm::getSubmittedValue($a['name'], $this->_sFormMethod);
if ($val === false) {
$val = isset($_FILES[$a['name']]) ? $_FILES[$a['name']] : '';
}
if (!isset($a['checker'])) {
if ($a['type'] != 'checkbox' && $a['type'] != 'submit') {
$aInputs[$k]['value'] = $_FILES[$a['name']] ? '' : (get_magic_quotes_gpc() ? stripslashes_adv($val) : $val);
}
continue;
}
$sCheckFunction = array($oChecker, 'check' . ucfirst($a['checker']['func']));
if (is_callable($sCheckFunction)) {
$bool = call_user_func_array($sCheckFunction, $a['checker']['params'] ? array_merge(array($val), $a['checker']['params']) : array($val));
} else {
$bool = true;
}
if (is_string($bool)) {
++$iErrors;
$aInputs[$k]['error'] = $bool;
} elseif (!$bool) {
++$iErrors;
$aInputs[$k]['error'] = $a['checker']['error'];
}
$aInputs[$k]['value'] = $_FILES[$a['name']] ? '' : (get_magic_quotes_gpc() ? stripslashes_adv($val) : $val);
}
// check for spam
if (!$iErrors && ('on' == getParam('sys_uridnsbl_enable') || 'on' == getParam('sys_akismet_enable'))) {
foreach ($aInputs as $k => $a) {
if ($a['type'] != 'textarea') {
continue;
}
$a['name'] = str_replace('[]', '', $a['name']);
$val = BxDolForm::getSubmittedValue($a['name'], $this->_sFormMethod);
if (!$val) {
continue;
}
if ($oChecker->checkNoSpam($val)) {
continue;
}
++$iErrors;
$aInputs[$k]['error'] = sprintf(_t("_sys_spam_detected"), BX_DOL_URL_ROOT . 'contact.php');
}
}
return $iErrors ? false : true;
}
/**
* Generate Table HTML code
*
* @return string
*/
function genRows()
{
// add CSRF token if it's needed.
if (!(isset($this->aParams['view_mode']) && $this->aParams['view_mode']) && getParam('sys_security_form_token_enable') == 'on' && (!isset($this->aParams['csrf']['disable']) || isset($this->aParams['csrf']['disable']) && $this->aParams['csrf']['disable'] !== true) && ($mixedCsrfToken = BxDolForm::getCsrfToken()) !== false) {
$this->aInputs['csrf_token'] = array('type' => 'hidden', 'name' => 'csrf_token', 'value' => $mixedCsrfToken, 'db' => array('pass' => 'Xss'), 'visible_for_levels' => PHP_INT_MAX);
}
// check if we need to generate open section clause
$sOpenSection = '';
foreach ($this->aInputs as $aInput) {
if (isset($aInput['type']) && 'hidden' == $aInput['type']) {
continue;
}
if (isset($aInput['type']) && 'block_header' != $aInput['type']) {
$sOpenSection = $this->{$this->_sSectionOpen}();
}
break;
}
// generate rows contents
$sCont = '';
$sFuncGenRow = isset($this->aParams['view_mode']) && $this->aParams['view_mode'] ? 'genViewRow' : 'genRow';
foreach ($this->aInputs as $aInput) {
if (!isset($aInput['visible_for_levels']) || $this->_isVisible($aInput)) {
$sCont .= $this->{$sFuncGenRow}($aInput);
}
}
$sCloseSection = $this->{$this->_sSectionClose}();
return $sOpenSection . $sCont . $sCloseSection;
}
function check(&$aInputs)
{
$oChecker = $this->_oChecker;
$iErrors = 0;
// check CSRF token if it's needed.
if (getParam('sys_security_form_token_enable') == 'on' && $this->_bFormCsrfChecking === true && ($mixedCsrfTokenSys = BxDolForm::getCsrfToken()) !== false) {
$mixedCsrfTokenUsr = BxDolForm::getSubmittedValue('csrf_token', $this->_sFormMethod, $this->_aSpecificValues);
unset($aInputs['csrf_token']);
if ($mixedCsrfTokenUsr === false || $mixedCsrfTokenSys != $mixedCsrfTokenUsr) {
return false;
}
}
$sSubmitName = false;
foreach ($aInputs as $k => $a) {
if (empty($a['name']) || 'submit' == $a['type'] || 'reset' == $a['type'] || 'button' == $a['type'] || 'value' == $a['type']) {
if (isset($a['type']) && 'submit' == $a['type']) {
$sSubmitName = $k;
}
continue;
}
if ('input_set' == $a['type']) {
foreach ($a as $r) {
if (isset($r['type']) && 'submit' == $r['type']) {
$sSubmitName = $k;
}
}
}
$a['name'] = str_replace('[]', '', $a['name']);
$val = BxDolForm::getSubmittedValue($a['name'], $this->_sFormMethod, $this->_aSpecificValues);
if (isset(BxDolForm::$TYPES_FILE[$a['type']])) {
$val = isset($_FILES[$a['name']]['name']) ? $_FILES[$a['name']]['name'] : '';
}
if (!isset($a['checker'])) {
if (isset(BxDolForm::$TYPES_CHECKBOX[$a['type']])) {
$aInputs[$k]['checked'] = isset($aInputs[$k]['value']) && $aInputs[$k]['value'] == $val;
} elseif (!isset(BxDolForm::$TYPES_FILE[$a['type']])) {
$aInputs[$k]['value'] = bx_process_input($val);
}
continue;
}
$sCheckFunction = array($oChecker, 'check' . bx_gen_method_name($a['checker']['func']));
if (is_callable($sCheckFunction)) {
$bool = call_user_func_array($sCheckFunction, !empty($a['checker']['params']) ? array_merge(array($val), $a['checker']['params']) : array($val));
} else {
$bool = true;
}
if (is_string($bool)) {
++$iErrors;
$aInputs[$k]['error'] = $bool;
} elseif (!$bool) {
++$iErrors;
$aInputs[$k]['error'] = $a['checker']['error'];
}
if (isset(BxDolForm::$TYPES_CHECKBOX[$a['type']])) {
$aInputs[$k]['checked'] = $aInputs[$k]['value'] == $val;
} elseif (!isset(BxDolForm::$TYPES_FILE[$a['type']])) {
$aInputs[$k]['value'] = bx_process_input($val);
}
}
// check for spam
if (!$iErrors) {
foreach ($aInputs as $k => $a) {
if ($a['type'] != 'textarea') {
continue;
}
$a['name'] = str_replace('[]', '', $a['name']);
$val = BxDolForm::getSubmittedValue($a['name'], $this->_sFormMethod, $this->_aSpecificValues);
if (!$val) {
continue;
}
if (!$oChecker->checkIsSpam($val)) {
continue;
}
++$iErrors;
$sErr = _t('_sys_spam_detected');
if (BxDolRequest::serviceExists('bx_contact', 'get_contact_page_url') && ($sUrl = BxDolService::call('bx_contact', 'get_contact_page_url'))) {
$sErr = _t('_sys_spam_detected_contact', $sUrl);
}
$aInputs[$k]['error'] = $sErr;
}
}
// add error message near submit button
if ($iErrors && $sSubmitName) {
$aInputs[$sSubmitName]['error'] = _t('_sys_txt_form_submission_error');
}
return $iErrors ? false : true;
}