/**
* Checks the Values sent trough post
*
* Checks the Values sent trough post. Normally this is already done
* by Javascript, but it could be possible that the client doens't run
* JS, so this is done here again. Sadly, it is not possible to rewrite
* the posted values again
* @access private
* @global array
* @param array Submitted field values
* @see getSettings(), initCheckTypes(), arrCheckTypes, _isSpam(), errorMsg
* @return boolean Return FALSE if a field's value isn't valid, otherwise TRUE
*/
function _checkValues($arrFields, $useCaptcha)
{
global $_ARRAYLANG;
$error = false;
$arrSettings = $this->getSettings();
$arrSpamKeywords = explode(',', $arrSettings['spamProtectionWordList']);
$this->initCheckTypes();
if (count($arrFields['fields']) > 0) {
foreach ($arrFields['fields'] as $fieldId => $field) {
$value = '';
$validationRegex = null;
$isRequired = $field['is_required'];
switch ($field['type']) {
case 'label':
case 'fieldset':
case 'horizontalLine':
// we need to use a 'continue 2' here to first break out of the switch and then move over to the next iteration of the foreach loop
continue 2;
break;
case 'select':
$value = $arrFields['data'][$fieldId];
break;
case 'file':
case 'multi_file':
if (!$this->legacyMode && $isRequired) {
//check if the user has uploaded any files
$tup = self::getTemporaryUploadPath($this->submissionId, $fieldId);
$path = $tup[0] . '/' . $tup[2];
if (count(@scandir($path)) == 2) {
//only . and .. present, directory is empty
//no uploaded files in a mandatory field - no good.
$error = true;
}
// we need to use a 'continue 2' here to first break out of the switch and then move over to the next iteration of the foreach loop
continue 2;
}
// this is used for legacyMode
$value = isset($arrFields['uploadedFiles'][$fieldId]) ? $arrFields['uploadedFiles'][$fieldId] : '';
break;
case 'text':
case 'checkbox':
case 'checkboxGroup':
case 'country':
case 'date':
case 'hidden':
case 'password':
case 'radio':
case 'textarea':
case 'recipient':
case 'special':
default:
if ($field['check_type']) {
$validationRegex = "#" . $this->arrCheckTypes[$field['check_type']]['regex'] . "#";
if (!empty($this->arrCheckTypes[$field['check_type']]['modifiers'])) {
$validationRegex .= $this->arrCheckTypes[$field['check_type']]['modifiers'];
}
}
$value = isset($arrFields['data'][$fieldId]) ? $arrFields['data'][$fieldId] : '';
break;
}
if ($isRequired && $value != 0 && empty($value)) {
$error = true;
} elseif (empty($value)) {
continue;
} elseif ($validationRegex && !preg_match($validationRegex, $value)) {
$error = true;
} elseif ($this->_isSpam($value, $arrSpamKeywords)) {
$error = true;
}
}
}
if ($useCaptcha) {
if (!\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$error = true;
}
}
if ($error) {
$this->errorMsg = $_ARRAYLANG['TXT_FEEDBACK_ERROR'] . '<br />';
return false;
} else {
return true;
}
}
/**
* show thread
*
* @param integer $intThreadId
* @return bool
*/
function showThread($intThreadId)
{
global $objDatabase, $_ARRAYLANG;
$objFWUser = \FWUser::getFWUserObject();
$this->_communityLogin();
$intThreadId = intval($intThreadId);
if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) {
$this->_updateNotification($intThreadId);
}
$intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0';
if ($intCatId == 0) {
$intCatId = $this->_getCategoryIdFromThread($intThreadId);
}
if (empty($intCatId)) {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum');
die;
}
if ($objFWUser->objUser->login()) {
$this->_objTpl->touchBlock('notificationRow');
} else {
$this->_objTpl->hideBlock('notificationRow');
}
$intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0;
$intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId;
$this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId);
$_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : '';
if ($_REQUEST['act'] == 'delete') {
if ($this->_checkAuth($intCatId, 'delete')) {
if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) {
$this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']);
} else {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']);
}
} else {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
}
}
$pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0;
$this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos));
if (!empty($_REQUEST['preview_new'])) {
$pos = $this->_getLastPos($intPostId, $intThreadId);
}
if (!empty($_REQUEST['postid'])) {
if ($_REQUEST['act'] == 'quote') {
$pos = $this->_getLastPos($intPostId, $intThreadId);
}
if ($_REQUEST['act'] == 'edit') {
$pos = $this->_getEditPos($intPostId, $intThreadId);
}
}
if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) {
$pos = $this->_getEditPos($intPostId, $intThreadId);
}
$arrPosts = $this->createPostArray($intThreadId, $pos);
if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') {
$intPostId = intval($intPostId);
$pos = $this->_getEditPos($intPostId, $intThreadId);
$arrPosts = $this->createPostArray($intThreadId, $pos);
$arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT'];
$arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message']));
}
$userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0;
$icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1;
if ($_REQUEST['act'] == 'edit') {
//submit is an edit
$arrEditedPost = $this->_getPostingData($intPostId);
$subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$content = $arrEditedPost['content'];
$keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$attachment = $arrEditedPost['attachment'];
$this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']);
if (!empty($attachment)) {
$this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment));
}
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
$this->_objTpl->hideBlock('previewNewPost');
$this->_objTpl->touchBlock('previewEditPost');
} else {
//new post
if ($this->_objTpl->blockExists('delAttachment')) {
$this->_objTpl->hideBlock('delAttachment');
}
$subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : '';
$content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : '';
$keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : '';
$attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : '';
$this->_objTpl->touchBlock('createPost');
$this->_objTpl->hideBlock('updatePost');
$this->_objTpl->touchBlock('previewNewPost');
$this->_objTpl->hideBlock('previewEditPost');
}
if ($_REQUEST['act'] == 'quote') {
$quoteContent = $this->_getPostingData($intPostId);
$subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]';
}
$firstPost = current($arrPosts);
if ($this->_arrSettings['wysiwyg_editor'] == 1) {
//IF WYSIWIG enabled..
$strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode');
} else {
//plain textarea
$strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>';
}
$this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&cmd=board&id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '§ion=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging'])));
if ($objFWUser->objUser->login()) {
$this->_objTpl->hideBlock('captcha');
} else {
$this->_objTpl->touchBlock('captcha');
}
$this->_setIcons($this->_getIcons());
if (!$this->_checkAuth($intCatId, 'read')) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
return false;
}
$intCounter = 0;
foreach ($arrPosts as $postId => $arrValues) {
$strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>';
if ($arrValues['rating'] == 0) {
$class = 'none';
} elseif ($arrValues['rating'] > 0) {
$class = 'pos';
} else {
$class = 'neg';
}
$strRating = sprintf($strRating, $class, $arrValues['rating']);
$strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName;
$arrAttachment = $this->_getAttachment($arrValues['attachment']);
$this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1));
$quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId;
$quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&cmd=thread&" . htmlentities($quoteLink) . "';";
$quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';";
$this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn));
if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) {
$button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />';
$this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button));
}
$this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId));
if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) {
$this->_objTpl->touchBlock('postEdit');
} else {
$this->_objTpl->hideBlock('postEdit');
}
if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) {
$this->_objTpl->touchBlock('postQuote');
} else {
$this->_objTpl->hideBlock('postQuote');
}
if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) {
$this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId));
$this->_objTpl->touchBlock('postDelete');
} else {
$this->_objTpl->hideBlock('postDelete');
}
if ($this->_objTpl->blockExists('rating')) {
if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) {
$this->_objTpl->parse('rating');
} else {
$this->_objTpl->hideBlock('rating');
}
}
if ($this->_objTpl->blockExists('attachment')) {
if (!empty($arrValues['attachment'])) {
$this->_objTpl->parse('attachment');
} else {
$this->_objTpl->hideBlock('attachment');
}
}
$this->_objTpl->parse('forumPosts');
}
if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) {
$this->_objTpl->hideBlock('addPost');
$this->_objTpl->hideBlock('addPostAnchor');
} else {
$this->_objTpl->touchBlock('addPostAnchor');
}
// initialize the uploader
$this->initForumUploader();
//addpost code
if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) {
if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) {
//auth check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
$this->_objTpl->hideBlock('addPost');
return false;
}
if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
//captcha check
return false;
}
if (strlen(trim($content)) < $this->_minPostlength) {
//content check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
$fileInfo = $this->_handleUpload('forum_attachment');
if ($fileInfo === false) {
//an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
return false;
}
$lastPostIdQuery = ' SELECT max( id ) as last_post_id
FROM ' . DBPREFIX . 'module_forum_postings
WHERE category_id = ' . $intCatId . '
AND thread_id = ' . $intThreadId;
if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) {
$intPrevPostId = $objRSmaxId->fields['last_post_id'];
} else {
die('Database error: ' . $objDatabase->ErrorMsg());
}
$insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings (
id, category_id, thread_id, prev_post_id,
user_id, time_created, time_edited, is_locked,
is_sticky, rating, views, icon,
keywords, subject, content, attachment
) VALUES (
NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ',
' . $userId . ', ' . time() . ', 0, 0,
0, 0, 0, ' . $icon . ",\n '{$keywords}' ,'" . $subject . "', '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n )";
if ($objDatabase->Execute($insertQuery) !== false) {
$lastInsertId = $objDatabase->Insert_ID();
$this->updateViewsNewItem($intCatId, $lastInsertId, true);
$this->_updateNotification($intThreadId);
$this->_sendNotifications($intThreadId, $subject, $content);
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
die;
}
if (!empty($_REQUEST['preview_new'])) {
$content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content);
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
if (strlen(trim($content)) < $this->_minPostlength) {
//content check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
$this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&cmd=user&id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0'));
$this->_objTpl->touchBlock('createPost');
$this->_objTpl->hideBlock('updatePost');
if ($this->_objTpl->blockExists('attachment')) {
$this->_objTpl->hideBlock('attachment');
}
$this->_objTpl->hideBlock('postEdit');
$this->_objTpl->hideBlock('postQuote');
$this->_objTpl->touchBlock('previewNewPost');
$this->_objTpl->hideBlock('previewEditPost');
$this->_objTpl->parse('forumPosts');
}
if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) {
if (strlen(trim($content)) < $this->_minPostlength) {
//content size check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
$this->_objTpl->hideBlock('postEdit');
return false;
}
if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
return false;
}
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
$fileInfo = $this->_handleUpload('forum_attachment');
if ($fileInfo === false) {
//an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
return false;
}
if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) {
$fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']);
} elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) {
unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname']));
}
$updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET
time_edited = ' . mktime() . ',
icon = ' . $icon . ',
subject = \'' . $subject . '\',
keywords = \'' . $keywords . '\',
content = \'' . contrexx_raw2db($content) . '\',
attachment = \'' . $fileInfo['name'] . '\'
WHERE id = ' . $intPostId;
if ($objDatabase->Execute($updateQuery) !== false) {
$this->updateViews($intThreadId, $intPostId);
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
die;
}
if (!empty($_REQUEST['preview_edit'])) {
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
$this->_objTpl->hideBlock('previewNewPost');
$this->_objTpl->touchBlock('previewEditPost');
}
$hasAccess = false;
foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) {
if (!$this->_checkAuth($intCatId, strtolower($action))) {
$this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"');
} else {
$hasAccess = true;
}
}
if ($this->_objTpl->blockExists('threadActionsSelect')) {
if ($userId < 1 || !$hasAccess) {
$this->_objTpl->hideBlock('threadActionsSelect');
} else {
$this->_objTpl->touchBlock('threadActionsSelect');
}
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) {
$thread = intval($_REQUEST['id']);
$newCat = intval($_REQUEST['moveToThread']);
$oldCat = $this->_getCategoryIdFromThread($thread);
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread;
if ($objDatabase->Execute($query)) {
$intMovedPosts = $objDatabase->Affected_Rows();
$query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}";
$objRS = $objDatabase->SelectLimit($query, 1);
$intMovedPostLastId = $objRS->fields['lastid'];
$query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}";
$objRS = $objDatabase->SelectLimit($query, 1);
$query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}";
$objDatabase->Execute($query);
$query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC";
$objRS = $objDatabase->Execute($query);
$query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}";
$objDatabase->Execute($query);
$this->_objTpl->hideBlock('moveForm');
$this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId));
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread);
}
}
if (!empty($_GET['a'])) {
$this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']]));
}
$success = false;
if (!empty($_REQUEST['thread_actions'])) {
$action = contrexx_addslashes($_REQUEST['thread_actions']);
if ($this->_checkAuth($intCatId, $action)) {
switch ($action) {
case 'move':
$arrForums = $this->createForumArray($this->_intLangId);
foreach ($arrForums as $intCatID => $arrThread) {
$strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat(' ', $arrThread['level'] * 2) . $arrThread['name'] . '</option>';
}
$this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions));
$success = true;
$suffix = '';
\Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']);
break;
case 'close':
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
if ($objDatabase->Execute($query) !== false) {
$success = true;
}
$suffix = '_' . $firstPost['is_locked'];
break;
case 'sticky':
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
if ($objDatabase->Execute($query) !== false) {
$success = true;
}
$suffix = '_' . $firstPost['is_sticky'];
break;
default:
break;
}
if ($action != 'move') {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix);
}
} else {
$this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
}
$this->_objTpl->parse('threadActions');
$this->_objTpl->touchBlock('threadActions');
$this->_objTpl->hideBlock('threadDisplay');
} else {
$this->updateViews($intThreadId, $intPostId);
$this->_objTpl->hideBlock('threadActions');
}
return true;
}
/**
* Show the login mask.
*
* @access private
* @global array $_ARRAYLANG
* @global FWUser $objFWUser
*/
private function showLogin()
{
global $_CORELANG, $_ARRAYLANG;
$this->objTemplate->addBlockfile('CONTENT_FILE', 'CONTENT_BLOCK', '/core_modules/Login/View/Template/Backend/login.html');
$frontendLink = ASCMS_INSTANCE_OFFSET;
if (empty($frontendLink)) {
$frontendLink = '/';
}
$this->objTemplate->setVariable(array('TITLE' => $_ARRAYLANG['TXT_LOGIN_LOGIN'], 'TXT_LOGIN_LOGIN' => $_ARRAYLANG['TXT_LOGIN_LOGIN'], 'TXT_FRONTEND_LINK' => $_ARRAYLANG['TXT_FRONTEND_LINK'], 'TXT_LOGIN_ENTER_A_LOGIN' => $_ARRAYLANG['TXT_LOGIN_ENTER_A_LOGIN'], 'TXT_LOGIN_ENTER_A_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_ENTER_A_PASSWORD'], 'TXT_LOGIN_ENTER_CAPTCHA' => $_ARRAYLANG['TXT_LOGIN_ENTER_CAPTCHA'], 'TXT_LOGIN_USERNAME' => $_ARRAYLANG['TXT_LOGIN_USERNAME'], 'TXT_LOGIN_PASSWORD' => $_ARRAYLANG['TXT_LOGIN_PASSWORD'], 'TXT_LOGIN_PASSWORD_LOST' => $_ARRAYLANG['TXT_LOGIN_PASSWORD_LOST'], 'TXT_LOGIN_REMEMBER_ME' => $_CORELANG['TXT_CORE_REMEMBER_ME'], 'REDIRECT_URL' => !empty($_POST['redirect']) ? $_POST['redirect'] : ASCMS_PATH_OFFSET . ASCMS_BACKEND_PATH . substr(getenv('REQUEST_URI'), strlen(\Env::get('cx')->getWebsiteBackendPath())), 'FRONTEND_LINK' => $frontendLink, 'JAVASCRIPT' => \JS::getCode()));
if (\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$this->objTemplate->setVariable('LOGIN_ERROR_MESSAGE', \FWUser::getFWUserObject()->getErrorMsg());
$this->objTemplate->parse('error_message');
} else {
$this->objTemplate->hideBlock('error_message');
}
if (isset($_SESSION['auth']['loginLastAuthFailed'])) {
$this->objTemplate->setVariable(array('TXT_LOGIN_SECURITY_CODE' => $_ARRAYLANG['TXT_LOGIN_SECURITY_CODE'], 'CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(3)));
$this->objTemplate->parse('captcha');
} else {
$this->objTemplate->hideBlock('captcha');
}
}
/**
* Send Recommendation
*
* Send an email if the input is valid. Otherwise
* Show some error messages and the form again
*/
function _sendRecomm()
{
global $_ARRAYLANG, $_CONFIG, $_LANGID, $_CORELANG;
if (empty($_POST['receivername'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_RECEIVER_NAME'] . ' ' . $_ARRAYLANG['TXT_IS_EMPTY'] . '<br />';
}
if (empty($_POST['receivermail'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_RECEIVER_MAIL'] . ' ' . $_ARRAYLANG['TXT_IS_EMPTY'] . '<br />';
} elseif (!$this->isEmail($_POST['receivermail'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_RECEIVER_MAIL'] . ' ' . $_ARRAYLANG['TXT_IS_INVALID'] . '<br />';
}
if (empty($_POST['sendername'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_SENDER_NAME'] . ' ' . $_ARRAYLANG['TXT_IS_EMPTY'] . '<br />';
}
if (empty($_POST['sendermail'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_SENDER_MAIL'] . ' ' . $_ARRAYLANG['TXT_IS_EMPTY'] . '<br />';
} elseif (!$this->isEmail($_POST['sendermail'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_SENDER_MAIL'] . ' ' . $_ARRAYLANG['TXT_IS_INVALID'] . '<br />';
}
if (empty($_POST['comment'])) {
$this->_pageMessage .= $_ARRAYLANG['TXT_STATUS_COMMENT'] . ' ' . $_ARRAYLANG['TXT_IS_EMPTY'] . '<br />';
}
$receivername = $_POST['receivername'];
$receivermail = $_POST['receivermail'];
$sendername = $_POST['sendername'];
$sendermail = $_POST['sendermail'];
$comment = $_POST['comment'];
if (!empty($this->_pageMessage) || !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
//something's missing or wrong
$this->_objTpl->setVariable('RECOM_STATUS', '<div class="text-danger">' . $this->_pageMessage . '</div>');
$this->_objTpl->setCurrentBlock('recommend_form');
$this->_objTpl->setVariable(array('RECOM_SCRIPT' => $this->getJs(), 'RECOM_RECEIVER_NAME' => stripslashes($receivername), 'RECOM_RECEIVER_MAIL' => stripslashes($receivermail), 'RECOM_SENDER_NAME' => stripslashes($sendername), 'RECOM_SENDER_MAIL' => stripslashes($sendermail), 'RECOM_COMMENT' => stripslashes($comment), 'RECOM_PREVIEW' => $this->getMessageBody($_LANGID), 'RECOM_FEMALE_SALUTATION_TEXT' => $this->getFemaleSalutation($_LANGID), 'RECOM_MALE_SALUTATION_TEXT' => $this->getMaleSalutation($_LANGID)));
$this->_objTpl->setVariable(array('RECOM_TXT_RECEIVER_NAME' => $_ARRAYLANG['TXT_RECEIVERNAME_FRONTEND'], 'RECOM_TXT_RECEIVER_MAIL' => $_ARRAYLANG['TXT_RECEIVERMAIL_FRONTEND'], 'RECOM_TXT_GENDER' => $_ARRAYLANG['TXT_GENDER_FRONTEND'], 'RECOM_TXT_SENDER_NAME' => $_ARRAYLANG['TXT_SENDERNAME_FRONTEND'], 'RECOM_TXT_SENDER_MAIL' => $_ARRAYLANG['TXT_SENDERMAIL_FRONTEND'], 'RECOM_TXT_COMMENT' => $_ARRAYLANG['TXT_COMMENT_FRONTEND'], 'RECOM_TXT_PREVIEW' => $_ARRAYLANG['TXT_PREVIEW_FRONTEND'], 'RECOM_TXT_FEMALE' => $_ARRAYLANG['TXT_FEMALE_FRONTEND'], 'RECOM_TXT_MALE' => $_ARRAYLANG['TXT_MALE_FRONTEND'], 'RECOM_TEXT' => $_ARRAYLANG['TXT_INTRODUCTION'], 'TXT_RECOMMEND_SEND' => $_ARRAYLANG['TXT_RECOMMEND_SEND'], 'TXT_RECOMMEND_DELETE' => $_ARRAYLANG['TXT_RECOMMEND_DELETE']));
$this->_objTpl->setVariable(array('RECOM_TXT_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'RECOM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode()));
if ($this->_objTpl->blockExists('recommend_captcha')) {
$this->_objTpl->parse('recommend_captcha');
} else {
$this->_objTpl->hideBlock('recommend_captcha');
}
$this->_objTpl->parseCurrentBlock('recommend_form');
$this->_objTpl->parse();
} else {
//data is valid
if (empty($_POST['uri'])) {
$url = ASCMS_PROTOCOL . '://' . $_SERVER['HTTP_HOST'] . ASCMS_PATH_OFFSET;
} else {
$url = $_POST['uri'];
}
if ($_POST['gender'] == 'male') {
$salutation = $this->getMaleSalutation($_LANGID);
} else {
$salutation = $this->getFemaleSalutation($_LANGID);
}
$body = $this->getMessageBody($_LANGID);
$body = preg_replace('/<SENDER_NAME>/', $sendername, $body);
$body = preg_replace('/<SENDER_MAIL>/', $sendermail, $body);
$body = preg_replace('/<RECEIVER_NAME>/', $receivername, $body);
$body = preg_replace('/<RECEIVER_MAIL>/', $receivermail, $body);
$body = preg_replace('/<URL>/', $url, $body);
$body = preg_replace('/<COMMENT>/', $comment, $body);
$body = preg_replace('/<SALUTATION>/', $salutation, $body);
$subject = $this->getMessageSubject($_LANGID);
$subject = preg_replace('/<SENDER_NAME>/', $sendername, $subject);
$subject = preg_replace('/<SENDER_MAIL>/', $sendermail, $subject);
$subject = preg_replace('/<RECEIVER_NAME>/', $receivername, $subject);
$subject = preg_replace('/<RECEIVER_MAIL>/', $receivermail, $subject);
$subject = preg_replace('/<URL>/', $url, $subject);
$subject = preg_replace('/<COMMENT>/', $comment, $subject);
$subject = preg_replace('/<SALUTATION>/', $salutation, $subject);
if (@(include_once ASCMS_LIBRARY_PATH . '/phpmailer/class.phpmailer.php')) {
$objMail = new \phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0) {
if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->SetFrom($sendermail, $sendername);
$objMail->Subject = $subject;
$objMail->IsHTML(false);
$objMail->Body = $body;
$objMail->AddAddress($receivermail);
$objMail->Send();
$objMail->ClearAddresses();
$objMail->AddAddress($_CONFIG['contactFormEmail']);
$objMail->Send();
}
$this->_objTpl->setVariable('RECOM_STATUS', $_ARRAYLANG['TXT_SENT_OK']);
$this->_objTpl->parse();
}
}
/**
* performs the registratio page
*
* @return null
*/
function showRegistrationForm()
{
global $_ARRAYLANG, $_CORELANG;
$this->_objTpl->setTemplate($this->pageContent, true, true);
$objFWUser = \FWUser::getFWUserObject();
$objUser = $objFWUser->objUser;
$userId = intval($objUser->getId());
$userLogin = $objUser->login();
$captchaCheck = true;
if (!$userLogin && isset($_POST['submitRegistration'])) {
$captchaCheck = \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check();
if (!$captchaCheck) {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_INVALID_CAPTCHA_CODE'] . '</span>'));
}
}
$objEvent = $this->objEventManager->eventList[0];
if (empty($objEvent)) {
\Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, ''));
return;
}
if (!$objEvent->status) {
\Cx\Core\Csrf\Controller\Csrf::redirect(\Cx\Core\Routing\Url::fromModuleAndCmd($this->moduleName, ''));
return;
}
if ($objEvent->access == 1 && !\FWUser::getFWUserObject()->objUser->login()) {
$link = base64_encode(CONTREXX_SCRIPT_PATH . '?' . $_SERVER['QUERY_STRING']);
\Cx\Core\Csrf\Controller\Csrf::redirect(CONTREXX_SCRIPT_PATH . "?section=Login&redirect=" . $link);
return;
}
$dateForPageTitle = $objEvent->startDate;
$this->pageTitle = $this->format2userDate($dateForPageTitle) . ": " . html_entity_decode($objEvent->title, ENT_QUOTES, CONTREXX_CHARSET);
// Only show registration form if event lies in the future
if (time() <= $objEvent->startDate->getTimestamp()) {
// Only show registration form if event accepts registrations.
// Event accepts registrations, if registration is set up and
// - no attendee limit is set
// - or if there are still free places available
if ($objEvent->registration == CalendarEvent::EVENT_REGISTRATION_INTERNAL && (empty($objEvent->numSubscriber) || !\FWValidator::isEmpty($objEvent->getFreePlaces()))) {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ID' => intval($_REQUEST['id']), $this->moduleLangVar . '_FORM_ID' => intval($objEvent->registrationForm), $this->moduleLangVar . '_EVENT_DATE' => intval($_REQUEST['date']), $this->moduleLangVar . '_USER_ID' => $userId, 'TXT_' . $this->moduleLangVar . '_REGISTRATION_SUBMIT' => $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUBMIT']));
$objFormManager = new \Cx\Modules\Calendar\Controller\CalendarFormManager();
$objFormManager->setEvent($objEvent);
$objFormManager->getFormList();
//$objFormManager->showForm($this->_objTpl,intval($objEvent->registrationForm), 2, $objEvent->ticketSales);
// Made the ticket sales always true, because ticket functionality currently not implemented
$objFormManager->showForm($this->_objTpl, intval($objEvent->registrationForm), 2, true);
/* if ($this->arrSettings['paymentStatus'] == '1' && $objEvent->ticketSales && ($this->arrSettings['paymentBillStatus'] == '1' || $this->arrSettings['paymentYellowpayStatus'] == '1')) {
$paymentMethods = '<select class="calendarSelect" name="paymentMethod">';
$paymentMethods .= $this->arrSettings['paymentBillStatus'] == '1' || $objEvent->price == 0 ? '<option value="1">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_BILL'].'</option>' : '';
$paymentMethods .= $this->arrSettings['paymentYellowpayStatus'] == '1' && $objEvent->price > 0 ? '<option value="2">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_YELLOWPAY'].'</option>' : '';
$paymentMethods .= '</select>';
$this->_objTpl->setVariable(array(
'TXT_'.$this->moduleLangVar.'_PAYMENT_METHOD' => $_ARRAYLANG['TXT_CALENDAR_PAYMENT_METHOD'],
$this->moduleLangVar.'_PAYMENT_METHODS' => $paymentMethods,
));
$this->_objTpl->parse('calendarRegistrationPayment');
} else {
$this->_objTpl->hideBlock('calendarRegistrationPayment');
} */
if (!$userLogin) {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], $this->moduleLangVar . '_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode()));
$this->_objTpl->parse('calendarRegistrationCaptcha');
} else {
$this->_objTpl->hideBlock('calendarRegistrationCaptcha');
}
if (isset($_POST['submitRegistration']) && $captchaCheck) {
$objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(intval($_POST['form']));
if ($objRegistration->save($_POST)) {
if ($objRegistration->saveIn == 2) {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_WAITLIST'];
} else {
if ($objRegistration->saveIn == 0) {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_SIGNOFF'];
} else {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED'];
/* if($_POST["paymentMethod"] == 2) {
$objRegistration->get($objRegistration->id);
$objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($objRegistration->eventId);
$this->getSettings();
$amount = (int) $objEvent->price * 100;
$status .= \Cx\Modules\Calendar\Controller\CalendarPayment::_yellowpay(array("orderID" => $objRegistration->id, "amount" => $amount, "currency" => $this->arrSettings["paymentCurrency"], "language" => "DE"));
} */
}
}
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $status));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
} else {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_CHECK_REQUIRED'] . '</span>'));
$this->_objTpl->parse('calendarRegistrationForm');
$this->_objTpl->hideBlock('calendarRegistrationStatus');
}
} else {
$this->_objTpl->parse('calendarRegistrationForm');
$this->_objTpl->hideBlock('calendarRegistrationStatus');
}
} else {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_FULLY_BLOCKED']));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
}
} else {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_IN_PAST']));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
}
}
/**
* checks input
*/
function checkInput()
{
global $_ARRAYLANG;
$objValidator = new \FWValidator();
$captchaCheck = true;
$_POST['forename'] = strip_tags(contrexx_stripslashes($_POST['forename']));
$_POST['name'] = strip_tags(contrexx_stripslashes($_POST['name']));
$_POST['comment'] = htmlentities(strip_tags(contrexx_stripslashes($_POST['comment'])), ENT_QUOTES, CONTREXX_CHARSET);
$_POST['location'] = strip_tags(contrexx_stripslashes($_POST['location']));
$_POST['email'] = strip_tags(contrexx_stripslashes($_POST['email']));
$_POST['url'] = strip_tags(contrexx_stripslashes($_POST['url']));
if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$captchaCheck = false;
}
if (empty($_POST['name']) || empty($_POST['forename'])) {
$this->makeError($_ARRAYLANG['TXT_NAME']);
}
if (empty($_POST['comment'])) {
$this->makeError($_ARRAYLANG['TXT_COMMENT']);
}
if (empty($_POST['malefemale'])) {
$this->makeError($_ARRAYLANG['TXT_SEX']);
}
if (empty($_POST['location'])) {
$this->makeError($_ARRAYLANG['TXT_LOCATION']);
}
if (!$objValidator->isEmail($_POST['email'])) {
$this->makeError($_ARRAYLANG['TXT_EMAIL']);
}
if (empty($this->error) && $captchaCheck) {
return true;
} else {
return false;
}
}
/**
* Validates the submitted comment data and writes it to the databse if valid.
* Additionally, a notification is send out to the administration about the comment
* by e-mail (only if the corresponding configuration option is set to do so).
*
* @param integer News message ID for which the comment shall be stored
* @param string Title of the news message for which the comment shall be stored.
* The title will be used in the notification e-mail
* @param string The poster's name of the comment
* @param string The comment's title
* @param string The comment's message text
* @global ADONewConnection
* @global array
* @global array
* @global array
* @return array Returns an array of two elements. The first is either TRUE on success or FALSE on failure.
* The second element contains an error message on failure.
*/
private function storeMessageComment($newsMessageId, $newsMessageTitle, $name, $title, $message)
{
global $objDatabase, $_ARRAYLANG, $_CORELANG, $_CONFIG;
if (!isset($_SESSION['news'])) {
$_SESSION['news'] = array();
$_SESSION['news']['comments'] = array();
}
// just comment
if ($this->checkForCommentFlooding($newsMessageId)) {
return array(false, sprintf($_ARRAYLANG['TXT_NEWS_COMMENT_INTERVAL_MSG'], $this->arrSettings['news_comments_timeout']));
}
if (empty($title)) {
return array(false, $_ARRAYLANG['TXT_NEWS_MISSING_COMMENT_TITLE']);
}
if (empty($message)) {
return array(false, $_ARRAYLANG['TXT_NEWS_MISSING_COMMENT_MESSAGE']);
}
$date = time();
$userId = 0;
if (\FWUser::getFWUserObject()->objUser->login()) {
$userId = \FWUser::getFWUserObject()->objUser->getId();
$name = \FWUser::getParsedUserTitle($userId);
} elseif ($this->arrSettings['news_comments_anonymous'] == '1') {
// deny comment if the poster did not specify his name
if (empty($name)) {
return array(false, $_ARRAYLANG['TXT_NEWS_POSTER_NAME_MISSING']);
}
// check CAPTCHA for anonymous posters
if (!\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
return array(false, null);
}
} else {
// Anonymous comments are not allowed
return array(false, null);
}
$isActive = $this->arrSettings['news_comments_autoactivate'];
$ipAddress = contrexx_input2raw($_SERVER['REMOTE_ADDR']);
$objResult = $objDatabase->Execute("\n INSERT INTO `" . DBPREFIX . "module_news_comments` \n SET `title` = '" . contrexx_raw2db($title) . "',\n `text` = '" . contrexx_raw2db($message) . "',\n `newsid` = '" . contrexx_raw2db($newsMessageId) . "',\n `date` = '" . contrexx_raw2db($date) . "',\n `poster_name` = '" . contrexx_raw2db($name) . "',\n `userid` = '" . contrexx_raw2db($userId) . "',\n `ip_address` = '" . contrexx_raw2db($ipAddress) . "',\n `is_active` = '" . contrexx_raw2db($isActive) . "'");
if (!$objResult) {
return array(false, $_ARRAYLANG['TXT_NEWS_COMMENT_SAVE_ERROR']);
}
/* Prevent comment flooding from same user:
Either user is authenticated or had to validate a CAPTCHA.
In either way, a Contrexx session had been initialized,
therefore we are able to use the $_SESSION to log this comment */
$_SESSION['news']['comments'][$newsMessageId] = $date;
// Don't send a notification e-mail to the administrator
if (!$this->arrSettings['news_comments_notification']) {
return array(true, null);
}
// Send a notification e-mail to administrator
if (!@(include_once ASCMS_LIBRARY_PATH . '/phpmailer/class.phpmailer.php')) {
\DBG::msg('Unable to send e-mail notification to admin');
//DBG::stack();
return array(true, null);
}
$objMail = new \phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once ASCMS_CORE_PATH . '/SmtpSettings.class.php')) {
if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->From = $_CONFIG['coreAdminEmail'];
$objMail->FromName = $_CONFIG['coreGlobalPageTitle'];
$objMail->IsHTML(false);
$objMail->Subject = sprintf($_ARRAYLANG['TXT_NEWS_COMMENT_NOTIFICATION_MAIL_SUBJECT'], $newsMessageTitle);
$manageCommentsUrl = ASCMS_PROTOCOL . '://' . $_CONFIG['domainUrl'] . ($_SERVER['SERVER_PORT'] == 80 ? NULL : ':' . intval($_SERVER['SERVER_PORT'])) . ASCMS_ADMIN_WEB_PATH . '/index.php?cmd=News&act=comments&newsId=' . $newsMessageId;
$activateCommentTxt = $this->arrSettings['news_comments_autoactivate'] ? '' : sprintf($_ARRAYLANG['TXT_NEWS_COMMENT_NOTIFICATION_MAIL_LINK'], $manageCommentsUrl);
$objMail->Body = sprintf($_ARRAYLANG['TXT_NEWS_COMMENT_NOTIFICATION_MAIL_BODY'], $_CONFIG['domainUrl'], $newsMessageTitle, \FWUser::getParsedUserTitle($userId, $name), $title, nl2br($message), $activateCommentTxt);
$objMail->AddAddress($_CONFIG['coreAdminEmail']);
if (!$objMail->Send()) {
\DBG::msg('Sending of notification e-mail failed');
//DBG::stack();
}
return array(true, null);
}
/**
* Checks the login
*
* @return bool|mixed false or user id
*/
public function checkLogin()
{
$username = isset($_POST['USERNAME']) && $_POST['USERNAME'] != '' ? contrexx_stripslashes($_POST['USERNAME']) : null;
$password = isset($_POST['PASSWORD']) && $_POST['PASSWORD'] != '' ? md5(contrexx_stripslashes($_POST['PASSWORD'])) : null;
if (isset($username) && isset($password)) {
return $this->objUser->checkLoginData($username, $password, \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check());
}
return false;
}
function getSourceCode($id, $lang, $preview = false, $show = false)
{
global $_ARRAYLANG, $objInit, $objDatabase;
$hasFileInput = false;
//remember if we added a file input -> this would need the uploader to be initialized
$arrFields = $this->getFormFields($id);
$sourcecode = array();
$this->initContactForms();
$sourcecode[] = '<div class="text-warning" id="contactFeedback">{CONTACT_FEEDBACK_TEXT}</div>
<div id="contactDescription"><!-- BEGIN formText -->' . ($preview ? $this->arrForms[$id]['lang'][$lang]['text'] : '{' . $id . '_FORM_TEXT}') . '<!-- END formText --></div>
<div class="text-danger" id="contactFormError">' . ($preview ? $_ARRAYLANG['TXT_NEW_ENTRY_ERORR'] : '{TXT_NEW_ENTRY_ERORR}') . '</div>
<!-- BEGIN contact_form -->
<form role="form" id="contactForm' . ($this->arrForms[$id]['useCustomStyle'] > 0 ? '_' . $id : '') . '" class="contactForm' . ($this->arrForms[$id]['useCustomStyle'] > 0 ? '_' . $id : '') . '" action="' . ($preview ? '../' : '') . 'index.php?section=Contact&cmd=' . $id . '" method="post" enctype="multipart/form-data" onsubmit="return checkAllFields();">
<fieldset id="contactFrame">
<legend>' . ($preview ? $this->arrForms[$id]['lang'][$lang]['name'] : '{' . $id . '_FORM_NAME}') . '</legend>';
foreach ($arrFields as $fieldId => $arrField) {
if ($arrField['is_required']) {
$required = '<strong class="is_required">*</strong>';
} else {
$required = '';
}
if ($arrField['type'] != 'fieldset' && $arrField['type'] != 'hidden') {
$sourcecode[] = '<div class="contact row form-group">';
}
switch ($arrField['type']) {
case 'label':
case 'hidden':
case 'horizontalLine':
case 'checkbox':
break;
case 'fieldset':
$sourcecode[] = '</fieldset>';
$sourcecode[] = '<fieldset id="contactFormFieldId_' . $fieldId . '">';
$sourcecode[] = "<legend>" . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . "</legend>";
break;
case 'checkboxGroup':
case 'radio':
$sourcecode[] = '<label>' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . $required . '</label>';
break;
case 'date':
$sourcecode[] = '<label for="contactFormFieldId_' . $fieldId . '">' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . $required . '</label>';
break;
case 'datetime':
$sourcecode[] = '<label for="contactFormFieldId_' . $fieldId . '">' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . $required . '</label>';
break;
default:
$sourcecode[] = '<label for="contactFormFieldId_' . $fieldId . '">' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . $required . '</label>';
}
$arrField['lang'][$lang]['value'] = preg_replace('/\\[\\[([A-Z0-9_]+)\\]\\]/', '{$1}', $arrField['lang'][$lang]['value']);
$fieldType = $arrField['type'] != 'special' ? $arrField['type'] : $arrField['special_type'];
switch ($fieldType) {
case 'label':
$sourcecode[] = '<div class="contactFormClass_' . $arrField['type'] . '">' . contrexx_raw2xhtml($arrField['lang'][$lang]['value']) . '</div>';
break;
case 'checkbox':
$sourcecode[] = '<div class="checkbox"><label for="contactFormFieldId_' . $fieldId . '"><input class="contactFormClass_' . $arrField['type'] . '" id="contactFormFieldId_' . $fieldId . '" type="checkbox" name="contactFormField_' . $fieldId . '" value="1" {SELECTED_' . $fieldId . '} />' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['name']) : "{" . $fieldId . "_LABEL}") . $required . '</label></div>';
break;
case 'checkboxGroup':
$selectedLang = $preview ? FRONTEND_LANG_ID : $lang;
$sourcecode[] = '<div class="contactFormGroup" id="contactFormFieldId_' . $fieldId . '">';
$options = explode(',', $arrField['lang'][$selectedLang]['value']);
foreach ($options as $index => $option) {
$sourcecode[] = '<div class="checkbox"><label class="noCaption" for="contactFormField_' . $index . '_' . $fieldId . '"><input type="checkbox" class="contactFormClass_' . $arrField['type'] . '" name="contactFormField_' . $fieldId . '[]" id="contactFormField_' . $index . '_' . $fieldId . '" value="' . contrexx_raw2xhtml($option) . '" {SELECTED_' . $fieldId . '_' . $index . '}/>' . ($preview ? contrexx_raw2xhtml($option) : '{' . $fieldId . '_' . $index . '_VALUE}') . '</label></div>';
}
$sourcecode[] = '</div>';
break;
case 'country':
case 'access_country':
$sourcecode[] = '<select class="contactFormClass_' . $arrField['type'] . '" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '">';
if ($arrField['is_required'] == 1) {
$sourcecode[] = "<option value=\"" . ($preview ? $_ARRAYLANG['TXT_CONTACT_PLEASE_SELECT'] : '{TXT_CONTACT_PLEASE_SELECT}') . "\">" . ($preview ? $_ARRAYLANG['TXT_CONTACT_PLEASE_SELECT'] : '{TXT_CONTACT_PLEASE_SELECT}') . "</option>";
} else {
$sourcecode[] = "<option value=\"" . ($preview ? $_ARRAYLANG['TXT_CONTACT_NOT_SPECIFIED'] : '{TXT_CONTACT_NOT_SPECIFIED}') . "\">" . ($preview ? $_ARRAYLANG['TXT_CONTACT_NOT_SPECIFIED'] : '{TXT_CONTACT_NOT_SPECIFIED}') . "</option>";
}
if ($preview) {
$lang = $arrField['lang'][$lang]['name'];
$country = \Cx\Core\Country\Controller\Country::getNameArray(true, $lang);
foreach ($country as $id => $name) {
$sourcecode[] = "<option value=\"" . $name . "\" >" . $name . "</option>";
}
} else {
$sourcecode[] = "<!-- BEGIN field_" . $fieldId . " -->";
$sourcecode[] = "<option value=\"{" . $fieldId . "_VALUE}\" {SELECTED_" . $fieldId . "} >{" . $fieldId . "_VALUE}</option>";
$sourcecode[] = "<!-- END field_" . $fieldId . " -->";
}
$sourcecode[] = "</select>";
break;
case 'date':
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . ' date" type="text" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '" value="{' . $fieldId . '_VALUE}" />';
break;
case 'datetime':
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . ' datetime" type="text" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '" value="{' . $fieldId . '_VALUE}" />';
break;
case 'access_birthday':
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . ' date" id="contactFormFieldId_' . $fieldId . '" type="text" name="contactFormField_' . $fieldId . '" value="' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['value']) : '{' . $fieldId . '_VALUE}') . '" />';
break;
case 'file':
case 'multi_file':
$sourcecode[] = '<div class="contactFormUpload" id="contactFormUpload_' . $fieldId . '">{CONTACT_UPLOADER_FOLDER_WIDGET_' . $fieldId . '}<input type="hidden" name="contactFormUploadId_' . $fieldId . '" value = "{CONTACT_UPLOADER_ID_' . $fieldId . '}"/>';
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . '" id="contactFormFieldId_' . $fieldId . '" type="file" name="contactFormField_' . $fieldId . '" disabled="disabled"/></div>';
break;
case 'hidden':
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . '" id="contactFormFieldId_' . $fieldId . '" type="hidden" name="contactFormField_' . $fieldId . '" value="' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['value']) : "{" . $fieldId . "_VALUE}") . '" />';
break;
case 'horizontalLine':
$sourcecode[] = '<hr />';
break;
case 'password':
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . '" id="contactFormFieldId_' . $fieldId . '" type="password" name="contactFormField_' . $fieldId . '" value="" />';
break;
case 'radio':
$selectedLang = $preview ? FRONTEND_LANG_ID : $lang;
$sourcecode[] = '<div class="contactFormGroup" id="contactFormFieldId_' . $fieldId . '">';
$options = explode(',', $arrField['lang'][$selectedLang]['value']);
foreach ($options as $index => $option) {
$sourcecode[] .= '<div class="radio"><label class="noCaption" for="contactFormField_' . $index . '_' . $fieldId . '"><input class="contactFormClass_' . $arrField['type'] . '" type="radio" name="contactFormField_' . $fieldId . '" id="contactFormField_' . $index . '_' . $fieldId . '" value="' . ($preview ? contrexx_raw2xhtml($option) : '{' . $fieldId . '_' . $index . '_VALUE}') . '" {SELECTED_' . $fieldId . '_' . $index . '} />' . ($preview ? contrexx_raw2xhtml($option) : '{' . $fieldId . '_' . $index . '_VALUE}') . '</label></div>';
}
$sourcecode[] = '</div>';
break;
case 'access_title':
case 'access_gender':
// collect user attribute options
$arrOptions = array();
$accessAttributeId = str_replace('access_', '', $fieldType);
$objAttribute = \FWUser::getFWUserObject()->objUser->objAttribute->getById($accessAttributeId);
// get options
$arrAttribute = $objAttribute->getChildren();
foreach ($arrAttribute as $attributeId) {
$objAttribute = \FWUser::getFWUserObject()->objUser->objAttribute->getById($attributeId);
$arrOptions[] = $objAttribute->getName(FRONTEND_LANG_ID);
}
// options will be used for select input generation
$arrField['lang'][FRONTEND_LANG_ID]['value'] = implode(',', $arrOptions);
case 'select':
$sourcecode[] = '<select class="contactFormClass_' . $arrField['type'] . '" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '">';
if ($preview) {
$options = explode(',', $arrField['lang'][FRONTEND_LANG_ID]['value']);
foreach ($options as $index => $option) {
$sourcecode[] = "<option value='" . contrexx_raw2xhtml($option) . "'>" . contrexx_raw2xhtml($option) . "</option>";
}
} else {
$sourcecode[] = "<!-- BEGIN field_" . $fieldId . " -->";
$sourcecode[] = "<option value='{" . $fieldId . "_VALUE}' {SELECTED_" . $fieldId . "}>" . '{' . $fieldId . '_VALUE}' . "</option>";
$sourcecode[] = "<!-- END field_" . $fieldId . " -->";
}
$sourcecode[] = "</select>";
break;
case 'textarea':
$sourcecode[] = '<textarea class="contactFormClass_' . $arrField['type'] . '" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '" rows="5" cols="20">{' . $fieldId . '_VALUE}</textarea>';
break;
case 'recipient':
$sourcecode[] = '<select class="contactFormClass_' . $arrField['type'] . '" name="contactFormField_' . $fieldId . '" id="contactFormFieldId_' . $fieldId . '">';
if ($preview) {
foreach ($this->arrForms[$id]['recipients'] as $index => $arrRecipient) {
$sourcecode[] = "<option value='" . $index . "'>" . $arrRecipient['lang'][$lang] . "</option>";
}
} else {
$sourcecode[] = "<!-- BEGIN field_" . $fieldId . " -->";
$sourcecode[] = "<option value='{" . $fieldId . "_VALUE_ID}' {SELECTED_" . $fieldId . "} >" . '{' . $fieldId . '_VALUE}' . "</option>";
$sourcecode[] = "<!-- END field_" . $fieldId . " -->";
}
$sourcecode[] = "</select>";
break;
case 'fieldset':
break;
default:
$sourcecode[] = '<input class="contactFormClass_' . $arrField['type'] . '" id="contactFormFieldId_' . $fieldId . '" type="text" name="contactFormField_' . $fieldId . '" value="' . ($preview ? contrexx_raw2xhtml($arrField['lang'][$lang]['value']) : '{' . $fieldId . '_VALUE}') . '" />';
break;
}
if ($arrField['type'] != 'fieldset' && $arrField['type'] != 'hidden') {
$sourcecode[] = '</div>';
}
}
if ($preview) {
$themeId = $objInit->arrLang[FRONTEND_LANG_ID]['themesid'];
if (($objRS = $objDatabase->SelectLimit("SELECT `foldername` FROM `" . DBPREFIX . "skins` WHERE `id` = " . $themeId, 1)) !== false) {
$themePath = $objRS->fields['foldername'];
}
$sourcecode[] = '<link href="../core_modules/Contact/View/Style/form.css" rel="stylesheet" type="text/css" />';
if ($this->arrForms[$id]['useCaptcha']) {
$sourcecode[] = '<div class="contact row form-group">';
$sourcecode[] = '<label>' . $_ARRAYLANG["TXT_CONTACT_CAPTCHA"] . '</label>';
$sourcecode[] = \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode();
$sourcecode[] = '</div>';
}
} else {
$sourcecode[] = "<!-- BEGIN contact_form_captcha -->";
$sourcecode[] = '<div class="contact row form-group">';
$sourcecode[] = '<label>{TXT_CONTACT_CAPTCHA}</label>';
$sourcecode[] = '{CONTACT_CAPTCHA_CODE}';
$sourcecode[] = '</div>';
$sourcecode[] = "<!-- END contact_form_captcha -->";
}
$sourcecode[] = '<div class="contact row form-group">';
$sourcecode[] = '<input class="contactFormClass_button btn btn-default" type="submit" name="submitContactForm" value="' . ($preview ? $_ARRAYLANG['TXT_CONTACT_SUBMIT'] : '{TXT_CONTACT_SUBMIT}') . '" /><input class="contactFormClass_button btn btn-default" type="reset" value="' . ($preview ? $_ARRAYLANG['TXT_CONTACT_RESET'] : '{TXT_CONTACT_RESET}') . '" />';
$sourcecode[] = '<input type="hidden" name="unique_id" value="{CONTACT_UNIQUE_ID}" />';
$sourcecode[] = '</div>';
$sourcecode[] = "</fieldset>";
$sourcecode[] = "</form>";
$sourcecode[] = "<!-- END contact_form -->";
$sourcecode[] = $preview ? $this->_getJsSourceCode($id, $arrFields, $preview, $show) : "{CONTACT_JAVASCRIPT}";
if ($show) {
$sourcecode = preg_replace('/\\{([A-Z0-9_-]+)\\}/', '[[\\1]]', $sourcecode);
}
return implode("\n", $sourcecode);
}
function saveComment($intEntryId, $arrCommentData)
{
global $_ARRAYLANG, $objDatabase;
$strRemoteAddress = contrexx_addslashes($_SERVER['REMOTE_ADDR']);
$objFWUser = \FWUser::getFWUserObject();
$objUser = $objFWUser->objUser;
if ($objUser->login()) {
$intAddedBy = $objUser->getId();
} else {
$intAddedBy = 0;
//captcha check
if (!\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
die('captcha');
}
}
$objInsertComment = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_comments\n SET\n `entry_id`='" . intval($intEntryId) . "',\n `added_by`='" . intval($intAddedBy) . "',\n `date`='" . mktime() . "',\n `ip`='" . $strRemoteAddress . "',\n `name`='" . contrexx_addslashes($arrCommentData['commentName']) . "',\n `mail`='" . contrexx_addslashes($arrCommentData['commentMail']) . "',\n `url`='" . contrexx_addslashes($arrCommentData['commentUrl']) . "',\n `notification`='0',\n `comment`='" . contrexx_addslashes($arrCommentData['commentComment']) . "'\n ");
if ($objInsertComment !== false) {
echo 'success-' . $arrCommentData['commentPageSection'] . "-" . $arrCommentData['commentPageCmd'];
} else {
echo 'fail';
}
die;
}
private function checkCaptcha()
{
global $_ARRAYLANG;
$arrSettings = \User_Setting::getSettings();
if (!$arrSettings['user_captcha']['status'] || \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
return true;
}
$this->arrStatusMsg['error'][] = $_ARRAYLANG['TXT_ACCESS_INVALID_CAPTCHA_CODE'];
return false;
}
/**
* Checks if the user has been successfully authenticated
*
* If a user has been successfully authenticated then he will be
* redirected to the requested page, otherwise the login page will be displayed
*
* @access private
* @global array
* @see cmsSession::cmsSessionStatusUpdate(), contrexx_strip_tags, \Cx\Core\Html\Sigma::get()
* @return string \Cx\Core\Html\Sigma::get()
*/
function _login()
{
global $_CORELANG, $sessionObj;
$objFWUser = \FWUser::getFWUserObject();
if (isset($_REQUEST['redirect'])) {
$redirect = contrexx_strip_tags($_REQUEST['redirect']);
} elseif (isset($_SESSION['redirect'])) {
$redirect = $_SESSION['redirect'];
} else {
$redirect = "";
}
\Cx\Lib\SocialLogin::parseSociallogin($this->_objTpl);
$arrSettings = \User_Setting::getSettings();
if (function_exists('curl_init') && $arrSettings['sociallogin']['status'] && !empty($_GET['provider'])) {
$providerLogin = $this->loginWithProvider($_GET['provider']);
if ($providerLogin) {
return $providerLogin;
}
}
if ($objFWUser->objUser->login()) {
if (isset($_POST['login']) && $objFWUser->checkLogin() || isset($_GET['auth-token']) && isset($_GET['user-id'])) {
$objFWUser->objUser->reset();
$objFWUser->logoutAndDestroySession();
$sessionObj = \cmsSession::getInstance();
} elseif (isset($_POST['login'])) {
$_GET['relogin'] = '******';
}
}
if ((!isset($_GET['relogin']) || $_GET['relogin'] != 'true') && $objFWUser->objUser->login() || $objFWUser->checkAuth()) {
$groupRedirect = ($objGroup = $objFWUser->objGroup->getGroup($objFWUser->objUser->getPrimaryGroupId())) && $objGroup->getHomepage() ? preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $objGroup->getHomepage()) : CONTREXX_SCRIPT_PATH;
\LinkGenerator::parseTemplate($groupRedirect);
if (isset($_SESSION['redirect'])) {
unset($_SESSION['redirect']);
}
if (!empty($redirect)) {
$redirect = \FWUser::getRedirectUrl(urlencode(base64_decode($redirect)));
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (empty($redirect) ? $groupRedirect : $redirect));
exit;
} else {
if (isset($_POST['login'])) {
$this->_statusMessage = $_CORELANG['TXT_PASSWORD_OR_USERNAME_IS_INCORRECT'];
}
}
if (isset($_SESSION['auth']['loginLastAuthFailed'])) {
$this->_objTpl->setVariable(array('TXT_CORE_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode()));
$this->_objTpl->parse('captcha');
} else {
$this->_objTpl->hideBlock('captcha');
}
// TODO: loading the language data of component Access at this
// point is a workaround as the integration of the Access
// component's functionality itself is hard-coded too and
// has not been implemented through the system component
// framework.
$accessLang = \Env::get('init')->getComponentSpecificLanguageData('Access');
$this->_objTpl->setVariable(array('TXT_ACCESS_SIGNUP_BY_FACEBOOK' => $accessLang['TXT_ACCESS_SIGNUP_BY_FACEBOOK'], 'TXT_ACCESS_SIGNUP_BY_GOOGLE' => $accessLang['TXT_ACCESS_SIGNUP_BY_GOOGLE'], 'TXT_ACCESS_SIGNUP_BY_TWITTER' => $accessLang['TXT_ACCESS_SIGNUP_BY_TWITTER'], 'TXT_CORE_SIGN_UP' => $_CORELANG['TXT_CORE_SIGN_UP'], 'TXT_LOGIN' => $_CORELANG['TXT_LOGIN'], 'TXT_USER_NAME' => $_CORELANG['TXT_USER_NAME'], 'TXT_EMAIL' => $_CORELANG['TXT_EMAIL'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_LOGIN_REMEMBER_ME' => $_CORELANG['TXT_CORE_REMEMBER_ME'], 'TXT_PASSWORD_LOST' => $_CORELANG['TXT_PASSWORD_LOST'], 'LOGIN_REDIRECT' => $redirect, 'LOGIN_STATUS_MESSAGE' => $this->_statusMessage));
return $this->_objTpl->get();
}
/**
* Insert a new comment for a message into database, if the function is activated. Furthermore, all input values are validated.
* Sends also the notification mail to the administrator, if it is enabled in options.
*
* @global ADONewConnection
* @global array
* @global array
*/
function addComment()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
\Cx\Core\Csrf\Controller\Csrf::check_code();
$this->initUserId();
//Check for activated function
if (!$this->_arrSettings['blog_comments_activated']) {
$this->_strErrorMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_ACTIVATED'];
return;
}
if ($this->hasUserJustCommented()) {
$this->_strErrorMessage = str_replace('[SECONDS]', intval($this->_arrSettings['blog_comments_timeout']), $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_TIMEOUT']);
return;
}
//Create validator-object
$objValidator = new \FWValidator();
//Get general-input
$intMessageId = intval($_POST['frmAddComment_MessageId']);
$strSubject = contrexx_addslashes(strip_tags($_POST['frmAddComment_Subject']));
$strComment = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForDb($_POST['frmAddComment_Comment']);
//Get specified-input
if ($this->_intCurrentUserId == 0) {
$intUserId = 0;
$strName = contrexx_addslashes(strip_tags($_POST['frmAddComment_Name']));
$strEMail = contrexx_addslashes(strip_tags($_POST['frmAddComment_EMail']));
$strWWW = contrexx_addslashes(strip_tags($objValidator->getUrl($_POST['frmAddComment_WWW'])));
} else {
$intUserId = $this->_intCurrentUserId;
$strName = '';
$strEMail = '';
$strWWW = '';
}
//Get options
$intIsActive = intval($this->_arrSettings['blog_comments_autoactivate']);
$intIsNotification = intval($this->_arrSettings['blog_comments_notification']);
//Validate general-input
if ($intMessageId <= 0) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MID']);
}
if (empty($strSubject)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_SUBJECT']);
}
if (empty($strComment)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_COMMENT']);
}
//Validate specified-input
if ($this->_intCurrentUserId == 0) {
if (empty($strName)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_NAME']);
}
if (!$objValidator->isEmail($strEMail)) {
$this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_EMAIL']);
}
}
$captchaCheck = true;
if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$captchaCheck = false;
}
//Now check error-string
if (empty($this->_strErrorMessage) && $captchaCheck) {
//No errors, insert entry
$objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_blog_comments
SET message_id = ' . $intMessageId . ',
lang_id = ' . $this->_intLanguageId . ',
is_active = "' . $intIsActive . '",
time_created = ' . time() . ',
ip_address = "' . $_SERVER['REMOTE_ADDR'] . '",
user_id = ' . $intUserId . ',
user_name = "' . $strName . '",
user_mail = "' . $strEMail . '",
user_www = "' . $strWWW . '",
subject = "' . $strSubject . '",
comment = "' . $strComment . '"
');
//Set a cookie with the current timestamp. Avoids flooding.
setcookie('BlogCommentLast', time(), 0, ASCMS_PATH_OFFSET . '/');
$this->_strStatusMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_SUCCESS'];
$this->writeCommentRSS();
if ($intIsNotification) {
//Send notification to administrator
if (\Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/phpmailer/class.phpmailer.php')) {
$objMail = new \phpmailer();
if ($_CONFIG['coreSmtpServer'] > 0) {
if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
$objMail->IsSMTP();
$objMail->Host = $arrSmtp['hostname'];
$objMail->Port = $arrSmtp['port'];
$objMail->SMTPAuth = true;
$objMail->Username = $arrSmtp['username'];
$objMail->Password = $arrSmtp['password'];
}
}
if ($this->_intCurrentUserId > 0) {
$objFWUser = \FWUser::getFWUserObject();
$strName = htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET);
}
$strMailSubject = str_replace('[SUBJECT]', $strSubject, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_SUBJECT']);
$strMailBody = str_replace('[USERNAME]', $strName, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_BODY']);
$strMailBody = str_replace('[DOMAIN]', ASCMS_PROTOCOL . '://' . $_CONFIG['domainUrl'] . ASCMS_PATH_OFFSET, $strMailBody);
$strMailBody = str_replace('[SUBJECT]', $strSubject, $strMailBody);
$strMailBody = str_replace('[COMMENT]', $strComment, $strMailBody);
$objMail->CharSet = CONTREXX_CHARSET;
$objMail->SetFrom($_CONFIG['coreAdminEmail'], $_CONFIG['coreGlobalPageTitle']);
$objMail->AddAddress($_CONFIG['coreAdminEmail']);
$objMail->Subject = $strMailSubject;
$objMail->IsHTML(false);
$objMail->Body = $strMailBody;
$objMail->Send();
}
}
}
}
/**
* performs the registratio page
*
* @return null
*/
function showRegistrationForm()
{
global $_ARRAYLANG, $_CORELANG;
$this->_objTpl->setTemplate($this->pageContent, true, true);
$objFWUser = \FWUser::getFWUserObject();
$objUser = $objFWUser->objUser;
$userId = intval($objUser->getId());
$userLogin = $objUser->login();
$captchaCheck = true;
if (!$userLogin && isset($_POST['submitRegistration'])) {
$captchaCheck = \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check();
if (!$captchaCheck) {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_INVALID_CAPTCHA_CODE'] . '</span>'));
}
}
$objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent(intval($_REQUEST['id']));
$numRegistrations = (int) $objEvent->registrationCount;
$this->pageTitle = date("d.m.Y", isset($_GET['date']) ? $_GET['date'] : $objEvent->startDate) . ": " . html_entity_decode($objEvent->title, ENT_QUOTES, CONTREXX_CHARSET);
if (time() <= intval($_REQUEST['date'])) {
if ($numRegistrations < $objEvent->numSubscriber) {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_EVENT_ID' => intval($_REQUEST['id']), $this->moduleLangVar . '_FORM_ID' => intval($objEvent->registrationForm), $this->moduleLangVar . '_EVENT_DATE' => intval($_REQUEST['date']), $this->moduleLangVar . '_USER_ID' => $userId, 'TXT_' . $this->moduleLangVar . '_REGISTRATION_SUBMIT' => $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUBMIT']));
$objFormManager = new \Cx\Modules\Calendar\Controller\CalendarFormManager();
$objFormManager->getFormList();
//$objFormManager->showForm($this->_objTpl,intval($objEvent->registrationForm), 2, $objEvent->ticketSales);
// Made the ticket sales always true, because ticket functionality currently not implemented
$objFormManager->showForm($this->_objTpl, intval($objEvent->registrationForm), 2, true);
/* if ($this->arrSettings['paymentStatus'] == '1' && $objEvent->ticketSales && ($this->arrSettings['paymentBillStatus'] == '1' || $this->arrSettings['paymentYellowpayStatus'] == '1')) {
$paymentMethods = '<select class="calendarSelect" name="paymentMethod">';
$paymentMethods .= $this->arrSettings['paymentBillStatus'] == '1' || $objEvent->price == 0 ? '<option value="1">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_BILL'].'</option>' : '';
$paymentMethods .= $this->arrSettings['paymentYellowpayStatus'] == '1' && $objEvent->price > 0 ? '<option value="2">'.$_ARRAYLANG['TXT_CALENDAR_PAYMENT_YELLOWPAY'].'</option>' : '';
$paymentMethods .= '</select>';
$this->_objTpl->setVariable(array(
'TXT_'.$this->moduleLangVar.'_PAYMENT_METHOD' => $_ARRAYLANG['TXT_CALENDAR_PAYMENT_METHOD'],
$this->moduleLangVar.'_PAYMENT_METHODS' => $paymentMethods,
));
$this->_objTpl->parse('calendarRegistrationPayment');
} else {
$this->_objTpl->hideBlock('calendarRegistrationPayment');
} */
if (!$userLogin) {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], $this->moduleLangVar . '_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode()));
$this->_objTpl->parse('calendarRegistrationCaptcha');
} else {
$this->_objTpl->hideBlock('calendarRegistrationCaptcha');
}
if (isset($_POST['submitRegistration']) && $captchaCheck) {
$objRegistration = new \Cx\Modules\Calendar\Controller\CalendarRegistration(intval($_POST['form']));
if ($objRegistration->save($_POST)) {
if ($objRegistration->saveIn == 2) {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_WAITLIST'];
} else {
if ($objRegistration->saveIn == 0) {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED_SIGNOFF'];
} else {
$status = $_ARRAYLANG['TXT_CALENDAR_REGISTRATION_SUCCESSFULLY_ADDED'];
/* if($_POST["paymentMethod"] == 2) {
$objRegistration->get($objRegistration->id);
$objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($objRegistration->eventId);
parent::getSettings();
$amount = (int) $objEvent->price * 100;
$status .= \Cx\Modules\Calendar\Controller\CalendarPayment::_yellowpay(array("orderID" => $objRegistration->id, "amount" => $amount, "currency" => $this->arrSettings["paymentCurrency"], "language" => "DE"));
} */
}
}
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $status));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
} else {
$this->_objTpl->setVariable(array('TXT_' . $this->moduleLangVar . '_ERROR' => '<span class="text-danger">' . $_ARRAYLANG['TXT_CALENDAR_CHECK_REQUIRED'] . '</span>'));
$this->_objTpl->parse('calendarRegistrationForm');
$this->_objTpl->hideBlock('calendarRegistrationStatus');
}
} else {
$this->_objTpl->parse('calendarRegistrationForm');
$this->_objTpl->hideBlock('calendarRegistrationStatus');
}
} else {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_FULLY_BLOCKED']));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
}
} else {
$this->_objTpl->setVariable(array($this->moduleLangVar . '_LINK_BACK' => '<a href="' . CONTREXX_DIRECTORY_INDEX . '?section=' . $this->moduleName . '">' . $_ARRAYLANG['TXT_CALENDAR_BACK'] . '</a>', $this->moduleLangVar . '_REGISTRATION_STATUS' => $_ARRAYLANG['TXT_CALENDAR_EVENT_IN_PAST']));
$this->_objTpl->touchBlock('calendarRegistrationStatus');
$this->_objTpl->hideBlock('calendarRegistrationForm');
}
}
/**
* Checks if the user has been successfully authenticated
*
* If a user has been successfully authenticated then he will be
* redirected to the requested page, otherwise the login page will be displayed
*
* @access private
* @global array
* @see cmsSession::cmsSessionStatusUpdate(), contrexx_strip_tags, \Cx\Core\Html\Sigma::get()
* @return string \Cx\Core\Html\Sigma::get()
*/
function _login()
{
global $_CORELANG, $sessionObj;
$objFWUser = \FWUser::getFWUserObject();
if (isset($_REQUEST['redirect'])) {
$redirect = contrexx_strip_tags($_REQUEST['redirect']);
} elseif (isset($_SESSION['redirect'])) {
$redirect = $_SESSION['redirect'];
} else {
$redirect = "";
}
\Cx\Lib\SocialLogin::parseSociallogin($this->_objTpl);
$arrSettings = \User_Setting::getSettings();
if (function_exists('curl_init') && $arrSettings['sociallogin']['status'] && !empty($_GET['provider'])) {
$providerLogin = $this->loginWithProvider($_GET['provider']);
if ($providerLogin) {
return $providerLogin;
}
}
if ($objFWUser->objUser->login()) {
if (isset($_POST['login']) && $objFWUser->checkLogin() || isset($_GET['auth-token']) && isset($_GET['user-id'])) {
$objFWUser->objUser->reset();
$objFWUser->logoutAndDestroySession();
$sessionObj = \cmsSession::getInstance();
} else {
$_GET['relogin'] = '******';
}
}
if ((!isset($_GET['relogin']) || $_GET['relogin'] != 'true') && $objFWUser->objUser->login() || $objFWUser->checkAuth()) {
$groupRedirect = ($objGroup = $objFWUser->objGroup->getGroup($objFWUser->objUser->getPrimaryGroupId())) && $objGroup->getHomepage() ? preg_replace('/\\[\\[([A-Z0-9_-]+)\\]\\]/', '{\\1}', $objGroup->getHomepage()) : CONTREXX_SCRIPT_PATH;
\LinkGenerator::parseTemplate($groupRedirect);
if (isset($_SESSION['redirect'])) {
unset($_SESSION['redirect']);
}
if (!empty($redirect)) {
$redirect = \FWUser::getRedirectUrl(urlencode(base64_decode($redirect)));
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: ' . (empty($redirect) ? $groupRedirect : $redirect));
exit;
} else {
if (isset($_POST['login'])) {
$this->_statusMessage = $_CORELANG['TXT_PASSWORD_OR_USERNAME_IS_INCORRECT'];
}
}
if (isset($_SESSION['auth']['loginLastAuthFailed'])) {
$this->_objTpl->setVariable(array('TXT_CORE_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode()));
$this->_objTpl->parse('captcha');
} else {
$this->_objTpl->hideBlock('captcha');
}
$this->_objTpl->setVariable(array('TXT_LOGIN' => $_CORELANG['TXT_LOGIN'], 'TXT_USER_NAME' => $_CORELANG['TXT_USER_NAME'], 'TXT_PASSWORD' => $_CORELANG['TXT_PASSWORD'], 'TXT_LOGIN_REMEMBER_ME' => $_CORELANG['TXT_CORE_REMEMBER_ME'], 'TXT_PASSWORD_LOST' => $_CORELANG['TXT_PASSWORD_LOST'], 'LOGIN_REDIRECT' => $redirect, 'LOGIN_STATUS_MESSAGE' => $this->_statusMessage));
return $this->_objTpl->get();
}
function _profile()
{
global $_ARRAYLANG, $_CORELANG, $objDatabase;
$this->_objTpl->setTemplate($this->pageContent);
$showForm = true;
$arrStatusMessage = array('ok' => array(), 'error' => array());
$isNewsletterRecipient = false;
$isAccessRecipient = false;
$recipientId = 0;
$recipientEmail = '';
$recipientUri = '';
$recipientSex = '';
$recipientSalutation = 0;
$recipientTitle = '';
$recipientPosition = '';
$recipientIndustrySector = '';
$recipientPhoneMobile = '';
$recipientPhonePrivate = '';
$recipientFax = '';
$recipientNotes = '';
$recipientLastname = '';
$recipientFirstname = '';
$recipientCompany = '';
$recipientAddress = '';
$recipientZip = '';
$recipientCity = '';
$recipientCountry = '';
$recipientPhoneOffice = '';
$recipientBirthday = '';
$recipientLanguage = '';
$recipientStatus = 0;
$requestedMail = isset($_GET['mail']) ? contrexx_input2raw(urldecode($_GET['mail'])) : (isset($_POST['mail']) ? contrexx_input2raw($_POST['mail']) : '');
$arrAssociatedLists = array();
$arrPreAssociatedInactiveLists = array();
$code = isset($_REQUEST['code']) ? contrexx_addslashes($_REQUEST['code']) : '';
if (!empty($code) && !empty($requestedMail)) {
$objRecipient = $objDatabase->SelectLimit("SELECT accessUserID\n FROM " . DBPREFIX . "module_newsletter_access_user AS nu\n INNER JOIN " . DBPREFIX . "access_users AS au ON au.id=nu.accessUserID\n WHERE nu.code='" . $code . "'\n AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
if ($objRecipient && $objRecipient->RecordCount() == 1) {
$objUser = \FWUser::getFWUserObject()->objUser->getUser($objRecipient->fields['accessUserID']);
if ($objUser) {
$recipientId = $objUser->getId();
$isAccessRecipient = true;
//$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
} else {
$objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE status=1 AND code='" . $code . "' AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
if ($objRecipient && $objRecipient->RecordCount() == 1) {
$recipientId = $objRecipient->fields['id'];
$isNewsletterRecipient = true;
}
}
} else {
if (\FWUser::getFWUserObject()->objUser->login()) {
$objUser = \FWUser::getFWUserObject()->objUser;
$recipientId = $objUser->getId();
$isAccessRecipient = true;
//$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
}
// Get interface settings
$objInterface = $objDatabase->Execute('SELECT `setvalue`
FROM `' . DBPREFIX . 'module_newsletter_settings`
WHERE `setname` = "recipient_attribute_status"');
$recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true);
$captchaOk = true;
if (isset($recipientAttributeStatus['captcha']) && $recipientAttributeStatus['captcha']['active']) {
if (!\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$captchaOk = false;
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_CAPTCHA']);
}
}
if (isset($_POST['recipient_save'])) {
if (isset($_POST['email'])) {
$recipientEmail = $_POST['email'];
}
if (isset($_POST['website'])) {
$recipientUri = $_POST['website'];
}
if (isset($_POST['sex'])) {
$recipientSex = in_array($_POST['sex'], array('f', 'm')) ? $_POST['sex'] : '';
}
if (isset($_POST['salutation'])) {
// TODO: use FWUSER
$arrRecipientTitles = $this->_getRecipientTitles();
$recipientSalutation = in_array($_POST['salutation'], array_keys($arrRecipientTitles)) ? intval($_POST['salutation']) : 0;
}
if (isset($_POST['title'])) {
$recipientTitle = $_POST['title'];
}
if (isset($_POST['lastname'])) {
$recipientLastname = $_POST['lastname'];
}
if (isset($_POST['firstname'])) {
$recipientFirstname = $_POST['firstname'];
}
if (isset($_POST['position'])) {
$recipientPosition = $_POST['position'];
}
if (isset($_POST['company'])) {
$recipientCompany = $_POST['company'];
}
if (isset($_POST['industry_sector'])) {
$recipientIndustrySector = $_POST['industry_sector'];
}
if (isset($_POST['address'])) {
$recipientAddress = $_POST['address'];
}
if (isset($_POST['zip'])) {
$recipientZip = $_POST['zip'];
}
if (isset($_POST['city'])) {
$recipientCity = $_POST['city'];
}
if (isset($_POST['newsletter_country_id'])) {
$recipientCountry = $_POST['newsletter_country_id'];
}
if (isset($_POST['phone_office'])) {
$recipientPhoneOffice = $_POST['phone_office'];
}
if (isset($_POST['phone_private'])) {
$recipientPhonePrivate = $_POST['phone_private'];
}
if (isset($_POST['phone_mobile'])) {
$recipientPhoneMobile = $_POST['phone_mobile'];
}
if (isset($_POST['fax'])) {
$recipientFax = $_POST['fax'];
}
if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) {
$recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']);
}
if (isset($_POST['language'])) {
$recipientLanguage = $_POST['language'];
}
if (isset($_POST['notes'])) {
$recipientNotes = $_POST['notes'];
}
if (isset($_POST['list'])) {
foreach ($_POST['list'] as $listId => $status) {
if (intval($status) == 1) {
array_push($arrAssociatedLists, intval($listId));
}
}
} elseif (!$recipientId) {
// Signup request where no recipient list had been selected
// check if the user didn't select any list or if there is non or just 1 recipient list visible and was therefore not visible for the user to select
// only show newsletter-lists that are visible for new users (not yet registered ones)
$excludeDisabledLists = 1;
$arrLists = self::getLists($excludeDisabledLists);
switch (count($arrLists)) {
case 0:
// no active lists > ok
break;
case 1:
// only 1 list is active, therefore no list was visible for selection -> let's signup the new recipient to this very list
$arrAssociatedLists = array_keys($arrLists);
break;
default:
// more than one list is active, therefore the user would have been able to select his preferred lists.
// however, the fact that we landed in this case is that the user didn't make any selection at all.
// so lets be it like that > the user won't be subscribed to any list
break;
}
}
if (!$isAccessRecipient) {
// add or update existing newsletter recipient (for access user see ELSE case)
$arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
$arrAssociatedInactiveLists = array_intersect($arrPreAssociatedInactiveLists, $arrAssociatedLists);
$objValidator = new \FWValidator();
if ($objValidator->isEmail($recipientEmail)) {
// Let's check if a user account with the provided email address is already present
// Important: we must check only for active accounts (active => 1), otherwise we'll send a notification e-mail
// to a user that won't be able to active himself due to his account's inactive state.
// TODO: implement feature
$objUser = null;
//FWUser::getFWUserObject()->objUser->getUsers(array('email' => $recipientEmail, 'active' => 1));
if (false && $objUser) {
// there is already a user account present by the same email address as the one submitted by the user
// TODO: send notification e-mail about existing e-mail account
// Important: We must output the same status message as if the user has been newly added!
// This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) {
if ($captchaOk && $this->_isUniqueRecipientEmail($recipientEmail, $recipientId)) {
if (!empty($arrAssociatedInactiveLists) || !empty($arrAssociatedLists) && ($objList = $objDatabase->SelectLimit('SELECT id FROM ' . DBPREFIX . 'module_newsletter_category WHERE status=1 AND (id=' . implode(' OR id=', $arrAssociatedLists) . ')', 1)) && $objList->RecordCount() > 0) {
if ($recipientId > 0) {
if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, 1, $arrAssociatedLists, $recipientLanguage)) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
$showForm = false;
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_UPDATE_YOUR_DATA']);
}
} else {
if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
$objDatabase->Execute("DELETE tblU, tblR FROM " . DBPREFIX . "module_newsletter_user AS tblU, " . DBPREFIX . "module_newsletter_rel_user_cat AS tblR WHERE tblU.email='" . contrexx_addslashes($recipientEmail) . "' AND tblR.user = tblU.id");
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
}
}
} else {
$unsub = $_ARRAYLANG['TXT_UNSUBSCRIBE'];
if (isset($_REQUEST['code']) && isset($_REQUEST['mail'])) {
$nm = new \Cx\Modules\Newsletter\Controller\NewsletterManager();
$unsub = $nm->GetUnsubscribeURL($_REQUEST['code'], $_REQUEST['mail']);
}
array_push($arrStatusMessage['error'], sprintf($_ARRAYLANG['TXT_NEWSLETTER_UNSUBSCRIBE_IF_ONLY_ONE_LIST_ACTIVE'], $unsub));
}
} elseif ($captchaOk && empty($recipientId)) {
// We must send a new confirmation e-mail here
// otherwise someone could reactivate someone else's e-mail address
// It could be that a user who has unsubscribed himself from the newsletter system (recipient = deactivated) would like to subscribe the newsletter again.
// Therefore, lets see if we can find a recipient by the specified e-mail address that has been deactivated (status=0)
$objRecipient = $objDatabase->SelectLimit("SELECT id, language, notes, status FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1);
$recipientId = $objRecipient && !$objRecipient->EOF ? $objRecipient->fields['id'] : 0;
if ($recipientId) {
$arrPreAssociatedActiveLists = array();
if ($objRecipient->fields['status']) {
// When recipient is active then load his associative list and send notification about the new/existing subscription lists
// otherwise someone could unsubscribe lists of someone else
$arrPreAssociatedActiveLists = $this->_getAssociatedListsOfRecipient($recipientId);
$arrAssociatedLists = array_merge($arrPreAssociatedActiveLists, $arrAssociatedLists);
}
// Important: We intentionally do not load existing recipient list associations, due to the fact that the user most likely had
// himself been unsubscribed from the newsletter system some time in the past. Therefore the user most likey does not want
// to be subscribed to any lists more than to those he just selected
$arrAssociatedLists = array_unique($arrAssociatedLists);
$this->_setRecipientLists($recipientId, $arrAssociatedLists);
if (!$objRecipient->fields['status']) {
$recipientLanguage = $objRecipient->fields['language'];
// Important: We do not update the recipient's profile data here by the reason that we can't verify the recipient's identity at this point!
if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
// Important: We must output the same status message as if the user has been newly added!
// This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
}
} else {
$this->sendSubscriptionNotificationMail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname, $arrAssociatedLists, $arrPreAssociatedActiveLists);
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
$showForm = false;
}
}
} else {
if ($captchaOk) {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBER_ALREADY_INSERTED']);
}
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']);
}
}
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NOT_VALID_EMAIL']);
}
} else {
if ($captchaOk) {
// update subscribed lists of access user
$arrAssociatedLists = array_unique($arrAssociatedLists);
$objUser->setSubscribedNewsletterListIDs($arrAssociatedLists);
if ($objUser->store()) {
array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
$showForm = false;
} else {
$arrStatusMessage['error'] = array_merge($arrStatusMessage['error'], $objUser->getErrorMsg());
}
}
}
} elseif ($isNewsletterRecipient) {
$objRecipient = $objDatabase->SelectLimit("SELECT uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1);
if ($objRecipient !== false && $objRecipient->RecordCount() == 1) {
$recipientEmail = urldecode($_REQUEST['mail']);
$recipientUri = $objRecipient->fields['uri'];
$recipientSex = $objRecipient->fields['sex'];
$recipientSalutation = $objRecipient->fields['salutation'];
$recipientTitle = $objRecipient->fields['title'];
$recipientLastname = $objRecipient->fields['lastname'];
$recipientFirstname = $objRecipient->fields['firstname'];
$recipientPosition = $objRecipient->fields['position'];
$recipientCompany = $objRecipient->fields['company'];
$recipientIndustrySector = $objRecipient->fields['industry_sector'];
$recipientAddress = $objRecipient->fields['address'];
$recipientZip = $objRecipient->fields['zip'];
$recipientCity = $objRecipient->fields['city'];
$recipientCountry = $objRecipient->fields['country_id'];
$recipientPhoneOffice = $objRecipient->fields['phone_office'];
$recipientPhonePrivate = $objRecipient->fields['phone_private'];
$recipientPhoneMobile = $objRecipient->fields['phone_mobile'];
$recipientFax = $objRecipient->fields['fax'];
$recipientBirthday = $objRecipient->fields['birthday'];
$recipientLanguage = $objRecipient->fields['language'];
$recipientNotes = $objRecipient->fields['notes'];
$arrAssociatedLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
$arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
} else {
array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_AUTHENTICATION_FAILED']);
$showForm = false;
}
} elseif ($isAccessRecipient) {
$objUser = \FWUser::getFWUserObject()->objUser->getUser($recipientId);
if ($objUser) {
$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
$arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
}
}
$this->_createDatesDropdown($recipientBirthday);
if (count($arrStatusMessage['ok']) > 0) {
$this->_objTpl->setVariable('NEWSLETTER_OK_MESSAGE', implode('<br />', $arrStatusMessage['ok']));
$this->_objTpl->parse('newsletter_ok_message');
} else {
$this->_objTpl->hideBlock('newsletter_ok_message');
}
if (count($arrStatusMessage['error']) > 0) {
$this->_objTpl->setVariable('NEWSLETTER_ERROR_MESSAGE', implode('<br />', $arrStatusMessage['error']));
$this->_objTpl->parse('newsletter_error_message');
} else {
$this->_objTpl->hideBlock('newsletter_error_message');
}
$languages = '<select name="language" class="selectLanguage" id="language" >';
$objLanguage = $objDatabase->Execute("SELECT id, name FROM " . DBPREFIX . "languages WHERE frontend = 1 ORDER BY name");
$languages .= '<option value="0">' . $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE_PLEASE_CHOSE'] . '</option>';
while (!$objLanguage->EOF) {
$selected = $objLanguage->fields['id'] == $recipientLanguage ? 'selected' : '';
$languages .= '<option value="' . $objLanguage->fields['id'] . '" ' . $selected . '>' . contrexx_raw2xhtml($objLanguage->fields['name']) . '</option>';
$objLanguage->MoveNext();
}
$languages .= '</select>';
if ($showForm) {
if ($isAccessRecipient) {
if ($this->_objTpl->blockExists('recipient_profile')) {
$this->_objTpl->hideBlock('recipient_profile');
}
} else {
//display settings recipient profile detials
$recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website', 'captcha');
foreach ($recipientAttributesArray as $attribute) {
if ($this->_objTpl->blockExists($attribute)) {
if ($recipientAttributeStatus[$attribute]['active']) {
$this->_objTpl->touchBlock($attribute);
$this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : ''));
} else {
$this->_objTpl->hideBlock($attribute);
}
}
}
$this->_objTpl->setVariable(array('TXT_MODULE_CAPTCHA' => $_CORELANG['TXT_CORE_CAPTCHA'], 'MODULE_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'NEWSLETTER_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_WEBSITE' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_SEX_F' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_SEX_M' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="salutation" size="1"'), 'NEWSLETTER_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LANGUAGE' => $languages));
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR']));
if ($this->_objTpl->blockExists('recipient_profile')) {
$this->_objTpl->parse('recipient_profile');
}
}
// only show newsletter-lists that are visible for new users (not yet registered ones)
$excludeDisabledLists = $recipientId == 0;
$arrLists = self::getLists($excludeDisabledLists);
if ($this->_objTpl->blockExists('newsletter_lists') && !empty($arrLists)) {
foreach ($arrLists as $listId => $arrList) {
if ($arrList['status'] || in_array($listId, $arrPreAssociatedInactiveLists)) {
$this->_objTpl->setVariable(array('NEWSLETTER_LIST_ID' => $listId, 'NEWSLETTER_LIST_NAME' => contrexx_raw2xhtml($arrList['name']), 'NEWSLETTER_LIST_SELECTED' => in_array($listId, $arrAssociatedLists) ? 'checked="checked"' : ''));
$this->_objTpl->parse('newsletter_list');
}
}
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_LISTS']));
$this->_objTpl->parse('newsletter_lists');
}
$this->_objTpl->setVariable(array('NEWSLETTER_PROFILE_MAIL' => contrexx_raw2xhtml($requestedMail), 'NEWSLETTER_USER_CODE' => $code, 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE']));
$this->_objTpl->parse('newsletterForm');
} else {
$this->_objTpl->hideBlock('newsletterForm');
}
}
