require 'includes/common-validator.php';
require 'includes/view-functions.php';
require 'includes/theme-functions.php';
require 'includes/post-functions.php';
require 'includes/entry-functions.php';
require 'lib/swift-mailer/swift_required.php';
require 'hooks/custom_hooks.php';
$dbh = mf_connect_db();
$form_id = (int) trim($_REQUEST['id']);
$paid_form_id = (int) trim($_POST['form_id_redirect']);
if (!empty($paid_form_id) && $_SESSION['mf_payment_completed'][$paid_form_id] === true) {
//when payment succeeded, $paid_form_id should contain the form id number
$form_properties = mf_get_form_properties($dbh, $paid_form_id, array('form_redirect_enable', 'form_redirect', 'form_review', 'form_page_total', 'payment_delay_notifications'));
//process any delayed notifications
if (!empty($form_properties['payment_delay_notifications'])) {
mf_process_delayed_notifications($dbh, $paid_form_id, $_SESSION['mf_payment_record_id'][$paid_form_id]);
}
//redirect to the default success page or the custom redirect URL being set on form properties
if (!empty($form_properties['form_redirect_enable']) && !empty($form_properties['form_redirect'])) {
echo "<script type=\"text/javascript\">top.location.replace('{$form_properties['form_redirect']}')</script>";
exit;
} else {
$ssl_suffix = mf_get_ssl_suffix();
header("Location: http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . mf_get_dirname($_SERVER['PHP_SELF']) . "/view.php?id={$paid_form_id}&done=1");
exit;
}
} else {
//display payment form
if (empty($form_id)) {
die('ID required.');
} else {
function display_machform($config)
{
$form_id = $config['form_id'];
$show_border = $config['show_border'];
$machform_path = $config['base_path'];
$machform_data_path = '';
if ($show_border === true) {
$integration_method = '';
} else {
$integration_method = 'php';
}
//start session if there isn't any
if (session_id() == "") {
@session_start();
}
$dbh = mf_connect_db();
if (mf_is_form_submitted()) {
//if form submitted
$input_array = mf_sanitize($_POST);
$input_array['machform_data_path'] = $machform_data_path;
$input_array['machform_base_path'] = $machform_path;
$submit_result = mf_process_form($dbh, $input_array);
if (!isset($input_array['password'])) {
//if normal form submitted
if ($submit_result['status'] === true) {
if (!empty($submit_result['form_resume_url'])) {
//the user saving a form, display success page with the resume URL
$_SESSION['mf_form_resume_url'][$input_array['form_id']] = $submit_result['form_resume_url'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>";
}
exit;
} else {
if ($submit_result['logic_page_enable'] === true) {
//the page has skip logic enable and a custom destination page has been set
$target_page_id = $submit_result['target_page_id'];
if (is_numeric($target_page_id)) {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?mf_page={$target_page_id}'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&mf_page={$target_page_id}'</script>";
}
exit;
} else {
if ($target_page_id == 'payment') {
//allow access to payment page
$_SESSION['mf_form_payment_access'][$input_array['form_id']] = true;
$_SESSION['mf_payment_record_id'][$input_array['form_id']] = $submit_result['entry_id'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>";
}
exit;
} else {
if ($target_page_id == 'review') {
if (!empty($submit_result['origin_page_number'])) {
$page_num_params = '&mf_page_from=' . $submit_result['origin_page_number'];
}
$_SESSION['review_id'] = $submit_result['review_id'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_review=1{$page_num_params}'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_review=1{$page_num_params}'</script>";
}
exit;
} else {
if ($target_page_id == 'success') {
//redirect to success page
if (empty($submit_result['form_redirect'])) {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>";
}
exit;
} else {
echo "<script type=\"text/javascript\">top.location = '{$submit_result['form_redirect']}'</script>";
exit;
}
}
}
}
}
} else {
if (!empty($submit_result['review_id'])) {
//redirect to review page
if (!empty($submit_result['origin_page_number'])) {
$page_num_params = '&mf_page_from=' . $submit_result['origin_page_number'];
}
$_SESSION['review_id'] = $submit_result['review_id'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_review=1{$page_num_params}'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_review=1{$page_num_params}'</script>";
}
exit;
} else {
$ssl_suffix = mf_get_ssl_suffix();
if (!empty($submit_result['next_page_number'])) {
//redirect to the next page number
$_SESSION['mf_form_access'][$input_array['form_id']][$submit_result['next_page_number']] = true;
echo "<script type=\"text/javascript\">top.location = 'http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?id={$input_array['form_id']}&mf_page={$submit_result['next_page_number']}'</script>";
exit;
} else {
//otherwise display success message or redirect to the custom redirect URL or payment page
if (mf_is_payment_has_value($dbh, $input_array['form_id'], $submit_result['entry_id'])) {
//redirect to credit card payment page, if the merchant is being enabled and the amount is not zero
//allow access to payment page
$_SESSION['mf_form_payment_access'][$input_array['form_id']] = true;
$_SESSION['mf_payment_record_id'][$input_array['form_id']] = $submit_result['entry_id'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>";
}
exit;
} else {
if (empty($submit_result['form_redirect'])) {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>";
}
exit;
} else {
echo "<script type=\"text/javascript\">top.location = '{$submit_result['form_redirect']}'</script>";
exit;
}
}
}
}
}
}
} else {
if ($submit_result['status'] === false) {
//there are errors, display the form again with the errors
$old_values = $submit_result['old_values'];
$custom_error = @$submit_result['custom_error'];
$error_elements = $submit_result['error_elements'];
$form_params = array();
$form_params['page_number'] = $input_array['page_number'];
$form_params['populated_values'] = $old_values;
$form_params['error_elements'] = $error_elements;
$form_params['custom_error'] = $custom_error;
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form($dbh, $input_array['form_id'], $form_params);
}
}
} else {
//if password form submitted
if ($submit_result['status'] === true) {
//on success, display the form
$form_params = array();
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form($dbh, $input_array['form_id'], $form_params);
} else {
$custom_error = $submit_result['custom_error'];
//error, display the pasword form again
$form_params = array();
$form_params['custom_error'] = $custom_error;
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form($dbh, $input_array['form_id'], $form_params);
}
}
} else {
if (!empty($_POST['review_submit']) || !empty($_POST['review_submit_x'])) {
//if form review being submitted
//commit data from review table to actual table
//however, we need to check if this form has payment enabled or not
//if the form doesn't have any payment enabled, continue with commit and redirect to success page
$form_properties = mf_get_form_properties($dbh, $form_id, array('payment_enable_merchant', 'payment_delay_notifications', 'payment_merchant_type'));
$ssl_suffix = mf_get_ssl_suffix();
$record_id = $_SESSION['review_id'];
if ($form_properties['payment_enable_merchant'] != 1) {
$commit_options = array();
$commit_options['machform_path'] = $machform_path;
$commit_options['machform_data_path'] = $machform_data_path;
$commit_result = mf_commit_form_review($dbh, $form_id, $record_id, $commit_options);
unset($_SESSION['review_id']);
if (empty($commit_result['form_redirect'])) {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>";
}
exit;
} else {
echo "<script type=\"text/javascript\">top.location = '{$commit_result['form_redirect']}'</script>";
exit;
}
} else {
//if the form has payment enabled, continue commit and redirect to payment page
$commit_options = array();
//delay notifications only available on stripe
if (!empty($form_properties['payment_delay_notifications']) && $form_properties['payment_merchant_type'] == 'stripe') {
$commit_options['send_notification'] = false;
}
$commit_result = mf_commit_form_review($dbh, $form_id, $record_id, $commit_options);
unset($_SESSION['review_id']);
//allow access to payment page
$_SESSION['mf_form_payment_access'][$form_id] = true;
$_SESSION['mf_payment_record_id'][$form_id] = $commit_result['record_insert_id'];
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?show_payment=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&show_payment=1'</script>";
}
exit;
}
} else {
if (!empty($_POST['review_back']) || !empty($_POST['review_back_x'])) {
//go back to form from review page
$origin_page_num = (int) $_POST['mf_page_from'];
$ssl_suffix = mf_get_ssl_suffix();
echo "<script type=\"text/javascript\">top.location = 'http{$ssl_suffix}://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?id={$form_id}&mf_page={$origin_page_num}'</script>";
exit;
} else {
if (!empty($_POST['form_id_redirect'])) {
//form payment being submitted
$paid_form_id = (int) trim($_POST['form_id_redirect']);
if ($_SESSION['mf_payment_completed'][$paid_form_id] === true) {
//when payment succeeded, $paid_form_id should contain the form id number
$form_properties = mf_get_form_properties($dbh, $paid_form_id, array('form_redirect_enable', 'form_redirect', 'form_review', 'form_page_total', 'payment_delay_notifications'));
//process any delayed notifications
if (!empty($form_properties['payment_delay_notifications'])) {
mf_process_delayed_notifications($dbh, $paid_form_id, $_SESSION['mf_payment_record_id'][$paid_form_id]);
}
//redirect to the default success page or the custom redirect URL being set on form properties
if (!empty($form_properties['form_redirect_enable']) && !empty($form_properties['form_redirect'])) {
echo "<script type=\"text/javascript\">top.location = '{$form_properties['form_redirect']}'</script>";
exit;
} else {
if (strpos($_SERVER['REQUEST_URI'], '?') === false) {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}?done=1'</script>";
} else {
echo "<script type=\"text/javascript\">top.location = '{$_SERVER['REQUEST_URI']}&done=1'</script>";
}
exit;
}
} else {
$markup = 'You are not authorized to access this page.';
}
} else {
if (!empty($_GET['show_review'])) {
//show review page
if (empty($_SESSION['review_id'])) {
die("Your session has been expired. Please start again.");
} else {
$record_id = $_SESSION['review_id'];
}
$from_page_num = (int) $_GET['mf_page_from'];
if (empty($from_page_num)) {
$form_page_num = 1;
}
$form_params = array();
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form_review($dbh, $form_id, $record_id, $from_page_num, $form_params);
} else {
if (!empty($_GET['show_payment'])) {
//show payment page
$record_id = $_SESSION['mf_payment_record_id'][$form_id];
$form_params = array();
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form_payment($dbh, $form_id, $record_id, $form_params);
} else {
$form_id = $form_id;
$page_number = (int) trim($_GET['mf_page']);
$page_number = mf_verify_page_access($form_id, $page_number);
$resume_key = trim($_GET['mf_resume']);
if (!empty($resume_key)) {
$_SESSION['mf_form_resume_key'][$form_id] = $resume_key;
}
if (!empty($_GET['done']) && (!empty($_SESSION['mf_form_completed'][$form_id]) || !empty($_SESSION['mf_form_resume_url'][$form_id]))) {
$form_params = array();
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$markup = mf_display_success($dbh, $form_id, $form_params);
} else {
$form_params = array();
$form_params['page_number'] = $page_number;
$form_params['integration_method'] = $integration_method;
$form_params['machform_path'] = $machform_path;
$form_params['machform_data_path'] = $machform_data_path;
$markup = mf_display_form($dbh, $form_id, $form_params);
}
}
}
}
}
}
}
echo $markup;
}