function mf_process_form($dbh, $input)
{
global $mf_lang;
$form_id = (int) trim($input['form_id']);
$edit_id = (int) trim($input['edit_id']);
if (empty($input['page_number'])) {
$page_number = 1;
} else {
$page_number = (int) $input['page_number'];
}
$is_committed = false;
$mf_settings = mf_get_settings($dbh);
//this function handle password submission and general form submission
//check for password requirement
$query = "select \r\n\t\t\t\t\t\tform_password,\r\n\t\t\t\t\t\tform_language,\r\n\t\t\t\t\t\tform_review,\r\n\t\t\t\t\t\tform_page_total,\r\n\t\t\t\t\t\tlogic_field_enable,\r\n\t\t\t\t\t\tlogic_page_enable \r\n\t\t\t\t\tfrom \r\n\t\t\t\t\t\t`" . MF_TABLE_PREFIX . "forms` where form_id=?";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$form_review = $row['form_review'];
$form_page_total = (int) $row['form_page_total'];
$logic_field_enable = (int) $row['logic_field_enable'];
$logic_page_enable = (int) $row['logic_page_enable'];
if (!empty($row['form_password'])) {
$require_password = true;
} else {
$require_password = false;
}
if (!empty($row['form_language'])) {
mf_set_language($row['form_language']);
}
//if this form require password and no session has been set
if ($require_password && (empty($_SESSION['user_authenticated']) || $_SESSION['user_authenticated'] != $form_id)) {
$query = "select count(form_id) valid_password from `" . MF_TABLE_PREFIX . "forms` where form_id=? and form_password=?";
$params = array($form_id, $input['password']);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
if (!empty($row['valid_password'])) {
$process_result['status'] = true;
$_SESSION['user_authenticated'] = $form_id;
} else {
$process_result['status'] = false;
$process_result['custom_error'] = $mf_lang['form_pass_invalid'];
}
return $process_result;
}
$delay_notifications = false;
$form_properties = array();
$form_properties = mf_get_form_properties($dbh, $form_id, array('payment_enable_merchant', 'payment_delay_notifications', 'payment_merchant_type'));
//at this moment, delay notification only available for stripe
if ($form_properties['payment_enable_merchant'] == 1 && !empty($form_properties['payment_delay_notifications']) && in_array($form_properties['payment_merchant_type'], array('stripe'))) {
$delay_notifications = true;
}
$element_child_lookup['address'] = 5;
$element_child_lookup['simple_name'] = 1;
$element_child_lookup['simple_name_wmiddle'] = 2;
$element_child_lookup['name'] = 3;
$element_child_lookup['name_wmiddle'] = 4;
$element_child_lookup['phone'] = 2;
$element_child_lookup['date'] = 2;
$element_child_lookup['europe_date'] = 2;
$element_child_lookup['time'] = 3;
$element_child_lookup['money'] = 1;
//this applies to dollar,euro and pound. yen don't have child
$element_child_lookup['checkbox'] = 1;
//this is just a dumb value
$element_child_lookup['matrix'] = 1;
//this is just a dumb value
//never trust user input, get a list of input fields based on info stored on table
//element has real child -> address, simple_name, name, simple_name_wmiddle, name_wmiddle
//element has virtual child -> phone, date, europe_date, time, money
$is_edit_page = false;
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this is edit_entry page, process all elements on all pages at once
$page_number_clause = '';
$params = array($form_id);
$is_edit_page = true;
} else {
$page_number_clause = 'and element_page_number =?';
$params = array($form_id, $page_number);
}
$query = "SELECT \r\n\t\t\t\t\t\telement_id,\r\n \t\t\t\t\telement_title,\r\n \t\t\t\t\telement_is_required,\r\n \t\t\t\t\telement_is_unique,\r\n \t\t\t\t\telement_is_private,\r\n \t\t\t\t\telement_type, \r\n \t\t\t\t\telement_constraint,\r\n \t\t\t\t\telement_total_child,\r\n \t\t\t\t\telement_file_enable_multi_upload,\r\n \t\t\t\t\telement_file_max_selection,\r\n \t\t\t\t\telement_file_enable_type_limit,\r\n \t\t\t\t\telement_file_block_or_allow,\r\n \t\t\t\t\telement_file_type_list,\r\n \t\t\t\t\telement_range_max,\r\n \t\t\t\t\telement_range_min,\r\n \t\t\t\t\telement_range_limit_by,\r\n \t\t\t\t\telement_choice_has_other,\r\n \t\t\t\t\telement_time_showsecond,\r\n \t\t\t\t\telement_time_24hour,\r\n \t\t\t\t\telement_matrix_parent_id,\r\n \t\t\t\t\telement_matrix_allow_multiselect,\r\n \t\t\t\t\telement_date_enable_range,\r\n \t\t\t\t\telement_date_range_min,\r\n \t\t\t\t\telement_date_range_max,\r\n \t\t\t\t\telement_date_past_future,\r\n \t\t\t\t\telement_date_disable_past_future,\r\n \t\t\t\t\telement_date_enable_selection_limit,\r\n\t\t\t\t\t\telement_date_selection_max,\r\n\t\t\t\t\t\telement_date_disable_weekend,\r\n\t\t\t\t\t\telement_date_disable_specific,\r\n\t\t\t\t\t\telement_date_disabled_list\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_elements \r\n\t\t\t\t WHERE \r\n\t\t\t\t \t\tform_id=? and element_status = '1' {$page_number_clause} and element_type <> 'page_break' and element_type <> 'section'\r\n\t\t\t\tORDER BY \r\n\t\t\t\t\t\telement_id asc";
$sth = mf_do_query($query, $params, $dbh);
$element_to_get = array();
$private_elements = array();
//admin-only fields
$matrix_childs_array = array();
while ($row = mf_do_fetch_result($sth)) {
if ($row['element_type'] == 'section') {
continue;
}
//store element info
$element_info[$row['element_id']]['title'] = $row['element_title'];
$element_info[$row['element_id']]['type'] = $row['element_type'];
$element_info[$row['element_id']]['is_required'] = $row['element_is_required'];
$element_info[$row['element_id']]['is_unique'] = $row['element_is_unique'];
$element_info[$row['element_id']]['is_private'] = $row['element_is_private'];
$element_info[$row['element_id']]['constraint'] = $row['element_constraint'];
$element_info[$row['element_id']]['file_enable_multi_upload'] = $row['element_file_enable_multi_upload'];
$element_info[$row['element_id']]['file_max_selection'] = $row['element_file_max_selection'];
$element_info[$row['element_id']]['file_enable_type_limit'] = $row['element_file_enable_type_limit'];
$element_info[$row['element_id']]['file_block_or_allow'] = $row['element_file_block_or_allow'];
$element_info[$row['element_id']]['file_type_list'] = $row['element_file_type_list'];
$element_info[$row['element_id']]['range_min'] = $row['element_range_min'];
$element_info[$row['element_id']]['range_max'] = $row['element_range_max'];
$element_info[$row['element_id']]['range_limit_by'] = $row['element_range_limit_by'];
$element_info[$row['element_id']]['choice_has_other'] = $row['element_choice_has_other'];
$element_info[$row['element_id']]['time_showsecond'] = (int) $row['element_time_showsecond'];
$element_info[$row['element_id']]['time_24hour'] = (int) $row['element_time_24hour'];
$element_info[$row['element_id']]['matrix_parent_id'] = (int) $row['element_matrix_parent_id'];
$element_info[$row['element_id']]['matrix_allow_multiselect'] = (int) $row['element_matrix_allow_multiselect'];
$element_info[$row['element_id']]['date_enable_range'] = (int) $row['element_date_enable_range'];
$element_info[$row['element_id']]['date_range_max'] = $row['element_date_range_max'];
$element_info[$row['element_id']]['date_range_min'] = $row['element_date_range_min'];
$element_info[$row['element_id']]['date_past_future'] = $row['element_date_past_future'];
$element_info[$row['element_id']]['date_disable_past_future'] = (int) $row['element_date_disable_past_future'];
$element_info[$row['element_id']]['date_enable_selection_limit'] = (int) $row['element_date_enable_selection_limit'];
$element_info[$row['element_id']]['date_selection_max'] = (int) $row['element_date_selection_max'];
$element_info[$row['element_id']]['date_disable_weekend'] = (int) $row['element_date_disable_weekend'];
$element_info[$row['element_id']]['date_disable_specific'] = (int) $row['element_date_disable_specific'];
$element_info[$row['element_id']]['date_disabled_list'] = $row['element_date_disabled_list'];
//get element form name, complete with the childs
if (empty($element_child_lookup[$row['element_type']]) || $row['element_constraint'] == 'yen') {
//elements with no child
$element_to_get[] = 'element_' . $row['element_id'];
} else {
//elements with child
if ($row['element_type'] == 'checkbox' || $row['element_type'] == 'matrix' && !empty($row['element_matrix_allow_multiselect'])) {
//for checkbox, get childs elements from ap_element_options table
$sub_query = "select \r\n\t\t\t\t\t\t\t\t\t\toption_id \r\n\t\t\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t \t\tform_id=? and element_id=? and live=1 \r\n\t\t\t\t\t\t\t\torder by \r\n\t\t\t\t\t\t\t\t\t\t`position` asc";
$params = array($form_id, $row['element_id']);
$sub_sth = mf_do_query($sub_query, $params, $dbh);
while ($sub_row = mf_do_fetch_result($sub_sth)) {
$element_to_get[] = "element_{$row['element_id']}_{$sub_row['option_id']}";
$checkbox_childs[$row['element_id']][] = $sub_row['option_id'];
//store the child into array for further reference
}
//if this is the parent of the matrix (checkbox matrix only), get the child as well
if ($row['element_type'] == 'matrix' && !empty($row['element_matrix_allow_multiselect'])) {
$temp_matrix_child_element_id_array = explode(',', trim($row['element_constraint']));
foreach ($temp_matrix_child_element_id_array as $mc_element_id) {
$sub_query = "select \r\n\t\t\t\t\t\t\t\t\t\t\toption_id \r\n\t\t\t\t\t\t\t\t\t\tfrom \r\n\t\t\t\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t \t\tform_id=? and element_id=? and live=1 \r\n\t\t\t\t\t\t\t\t\torder by \r\n\t\t\t\t\t\t\t\t\t\t\t`position` asc";
$params = array($form_id, $mc_element_id);
$sub_sth = mf_do_query($sub_query, $params, $dbh);
while ($sub_row = mf_do_fetch_result($sub_sth)) {
$element_to_get[] = "element_{$mc_element_id}_{$sub_row['option_id']}";
$checkbox_childs[$mc_element_id][] = $sub_row['option_id'];
//store the child into array for further reference
}
}
}
} else {
if ($row['element_type'] == 'matrix' && empty($row['element_matrix_allow_multiselect'])) {
//radio button matrix, each row doesn't have childs
$element_to_get[] = 'element_' . $row['element_id'];
} else {
$max = $element_child_lookup[$row['element_type']] + 1;
for ($j = 1; $j <= $max; $j++) {
$element_to_get[] = "element_{$row['element_id']}_{$j}";
}
}
}
}
//if the back button pressed after review page, or this is multipage form, we need to store the file info
if (!empty($_SESSION['review_id']) && !empty($form_review) || $form_page_total > 1 || $is_edit_page === true) {
if ($row['element_type'] == 'file') {
$existing_file_id[] = $row['element_id'];
}
}
//if this is matrix field, particularly the child rows, we need to store the id into temporary array
//we need to loop through it later, to set the "required" property based on the matrix parent value
if ($row['element_type'] == 'matrix' && !empty($row['element_matrix_parent_id'])) {
$matrix_childs_array[$row['element_id']] = $row['element_matrix_parent_id'];
}
//extra security measure for file upload
//even though the user disabled 'file type limit', we need to enforce it here and block dangerous files
if ($row['element_type'] == 'file') {
//if the 'Limit File Upload Type' disabled by user, enable it here and check for dangerous files
if (empty($row['element_file_enable_type_limit'])) {
$element_info[$row['element_id']]['file_enable_type_limit'] = 1;
$element_info[$row['element_id']]['file_block_or_allow'] = 'b';
//block
$element_info[$row['element_id']]['file_type_list'] = 'php,php3,php4,php5,phtml,exe,pl,cgi,html,htm,js';
} else {
//if the limit being enabled but the list type is empty
if (empty($element_info[$row['element_id']]['file_type_list'])) {
$element_info[$row['element_id']]['file_block_or_allow'] = 'b';
//block
$element_info[$row['element_id']]['file_type_list'] = 'php,php3,php4,php5,phtml,exe,pl,cgi,html,htm,js';
} else {
//if the list is not empty, and it set to block files, make sure to add dangerous file types into the list
if ($element_info[$row['element_id']]['file_block_or_allow'] == 'b') {
$element_info[$row['element_id']]['file_type_list'] .= ',php,php3,php4,php5,phtml,exe,pl,cgi,html,htm,js';
}
}
}
}
}
//loop through each matrix childs array
//if the parent matrix has required=1, the child need to be set the same
//if the parent matrix allow multi select, the child need to be set the same
if (!empty($matrix_childs_array)) {
foreach ($matrix_childs_array as $matrix_child_element_id => $matrix_parent_element_id) {
if (!empty($element_info[$matrix_parent_element_id]['is_required'])) {
$element_info[$matrix_child_element_id]['is_required'] = 1;
}
if (!empty($element_info[$matrix_parent_element_id]['matrix_allow_multiselect'])) {
$element_info[$matrix_child_element_id]['matrix_allow_multiselect'] = 1;
}
}
}
if (!empty($existing_file_id)) {
$existing_file_id_list = '';
foreach ($existing_file_id as $value) {
$existing_file_id_list .= 'element_' . $value . ',';
}
$existing_file_id_list = rtrim($existing_file_id_list, ',');
if (!empty($_SESSION['review_id'])) {
$current_session_id = $_SESSION['review_id'];
$query = "select {$existing_file_id_list} from " . MF_TABLE_PREFIX . "form_{$form_id}_review where `id`=?";
} else {
if ($is_edit_page === true) {
//if this is edit_entry.php page
$current_session_id = $edit_id;
$query = "select {$existing_file_id_list} from " . MF_TABLE_PREFIX . "form_{$form_id} where `id`=?";
} else {
$current_session_id = session_id();
$query = "select {$existing_file_id_list} from " . MF_TABLE_PREFIX . "form_{$form_id}_review where `session_id`=?";
}
}
$params = array($current_session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
foreach ($existing_file_id as $value) {
if (!empty($row['element_' . $value])) {
$element_info[$value]['existing_file'] = $row['element_' . $value];
}
}
}
//pick user input
$user_input = array();
foreach ($element_to_get as $element_name) {
$user_input[$element_name] = @$input[$element_name];
}
//if conditional logic for field is being enabled, and this is not edit entry page
//we need to check the status of all elements which has "required" property
//the "required" status might be disabled, depend on the condition
if (!empty($logic_field_enable) && $is_edit_page === false) {
$required_elements_status = array();
$required_elements_status = mf_get_required_elements_status($dbh, $form_id, $page_number, $input);
if (!empty($required_elements_status)) {
foreach ($required_elements_status as $element_id => $required_status) {
$element_info[$element_id]['is_required'] = $required_status;
}
}
} else {
if (!empty($logic_field_enable) && $is_edit_page === true) {
//if this edit entry page and has logic enabled, disable all "required" fields
foreach ($element_info as $element_id => $value) {
$element_info[$element_id]['is_required'] = 0;
}
}
}
$error_elements = array();
$table_data = array();
//validate input based on rules specified for each field
foreach ($user_input as $element_name => $element_data) {
//get element_id from element_name
$exploded = array();
$exploded = explode('_', $element_name);
$element_id = $exploded[1];
$rules = array();
$target_input = array();
$element_type = $element_info[$element_id]['type'];
//if this is private fields and not logged-in as admin, bypass operation below, just supply the default value if any
if ($element_info[$element_id]['is_private'] == 1 && empty($_SESSION['mf_logged_in'])) {
if (!empty($element_info[$element_id]['default_value'])) {
$table_data['element_' . $element_id] = $element_info[$element_id]['default_value'];
}
continue;
}
//if this is matrix field, we need to convert the field type into radio button or checkbox
if ('matrix' == $element_type) {
$is_matrix_field = true;
if (!empty($element_info[$element_id]['matrix_allow_multiselect'])) {
$element_type = 'checkbox';
} else {
$element_type = 'radio';
}
} else {
$is_matrix_field = false;
}
if ('text' == $element_type) {
//Single Line Text
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
if (!empty($user_input[$element_name]) || is_numeric($user_input[$element_name])) {
if (!empty($element_info[$element_id]['range_max']) && !empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['range_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_max'])) {
$rules[$element_name]['max_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['min_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'];
}
}
}
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data);
//prepare data for table column
$table_data[$element_name] = $element_data;
} elseif ('textarea' == $element_type) {
//Paragraph
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
if (!empty($user_input[$element_name]) || is_numeric($user_input[$element_name])) {
if (!empty($element_info[$element_id]['range_max']) && !empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['range_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_max'])) {
$rules[$element_name]['max_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['min_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'];
}
}
}
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data);
//prepare data for table column
$table_data[$element_name] = $element_data;
} elseif ('signature' == $element_type) {
//Signature
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
$target_input[$element_name] = $element_data;
if ($target_input[$element_name] == '[]') {
//this is considered as empty signature
$target_input[$element_name] = '';
}
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data, ENT_NOQUOTES);
//prepare data for table column
$table_data[$element_name] = $element_data;
} elseif ('radio' == $element_type) {
//Multiple Choice
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
//if this field has 'other' label
if (!empty($element_info[$element_id]['choice_has_other'])) {
if (empty($element_data) && !empty($input[$element_name . '_other'])) {
$element_data = $input[$element_name . '_other'];
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name . '_other']['default_value'] = $element_data;
$table_data[$element_name . '_other'] = $element_data;
//make sure to set the main element value to 0
$form_data[$element_name]['default_value'] = 0;
$table_data[$element_name] = 0;
}
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
if ($is_matrix_field && !empty($matrix_childs_array[$element_id])) {
$error_elements[$matrix_childs_array[$element_id]] = $validation_result;
} else {
$error_elements[$element_id] = $validation_result;
}
}
//save old data into array, for form redisplay in case errors occured
if (empty($form_data[$element_name . '_other']['default_value'])) {
$form_data[$element_name]['default_value'] = $element_data;
}
//prepare data for table column
if (empty($table_data[$element_name . '_other'])) {
$table_data[$element_name] = $element_data;
}
} elseif ('number' == $element_type) {
//Number
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
//check for numeric if not empty
if (!empty($user_input[$element_name])) {
$rules[$element_name]['numeric'] = true;
}
if ((!empty($user_input[$element_name]) || is_numeric($user_input[$element_name])) && $element_info[$element_id]['range_limit_by'] == 'd') {
if (!empty($element_info[$element_id]['range_max']) && !empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['range_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_max'])) {
$rules[$element_name]['max_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['min_length'] = $element_info[$element_id]['range_limit_by'] . '#' . $element_info[$element_id]['range_min'];
}
}
}
} else {
if ((!empty($user_input[$element_name]) || is_numeric($user_input[$element_name])) && $element_info[$element_id]['range_limit_by'] == 'v') {
if (!empty($element_info[$element_id]['range_max']) && !empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['range_value'] = $element_info[$element_id]['range_min'] . '#' . $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_max'])) {
$rules[$element_name]['max_value'] = $element_info[$element_id]['range_max'];
} else {
if (!empty($element_info[$element_id]['range_min'])) {
$rules[$element_name]['min_value'] = $element_info[$element_id]['range_min'];
}
}
}
}
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data);
//prepare data for table column
$table_data[$element_name] = $element_data;
//if the user removed the number, set the value to null
if ($table_data[$element_name] == "") {
$table_data[$element_name] = null;
}
} elseif ('url' == $element_type) {
//Website
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$rules[$element_name]['website'] = true;
if ($element_data == 'http://') {
$element_data = '';
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data);
//prepare data for table column
$table_data[$element_name] = $element_data;
} elseif ('email' == $element_type) {
//Email
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$rules[$element_name]['email'] = true;
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($element_data);
//prepare data for table column
$table_data[$element_name] = $element_data;
} elseif ('simple_name' == $element_type) {
//Simple Name
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 2 elements total
$element_name_2 = substr($element_name, 0, -1) . '2';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed on next loop
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
$rules[$element_name_2]['required'] = true;
}
$target_input[$element_name] = $user_input[$element_name];
$target_input[$element_name_2] = $user_input[$element_name_2];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
$table_data[$element_name_2] = $user_input[$element_name_2];
} elseif ('simple_name_wmiddle' == $element_type) {
//Simple Name with Middle
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other elements, 3 elements total
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed on next loop
$processed_elements[] = $element_name_3;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
$rules[$element_name_3]['required'] = true;
}
$target_input[$element_name] = $user_input[$element_name];
$target_input[$element_name_3] = $user_input[$element_name_3];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
$table_data[$element_name_2] = $user_input[$element_name_2];
$table_data[$element_name_3] = $user_input[$element_name_3];
} elseif ('name' == $element_type) {
//Name - Extended
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 4 elements total
//only element no 2&3 matters (first and last name)
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$element_name_4 = substr($element_name, 0, -1) . '4';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
$processed_elements[] = $element_name_4;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name_2]['required'] = true;
$rules[$element_name_3]['required'] = true;
}
$target_input[$element_name_2] = $user_input[$element_name_2];
$target_input[$element_name_3] = $user_input[$element_name_3];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
$form_data[$element_name_4]['default_value'] = htmlspecialchars($user_input[$element_name_4]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
$table_data[$element_name_2] = $user_input[$element_name_2];
$table_data[$element_name_3] = $user_input[$element_name_3];
$table_data[$element_name_4] = $user_input[$element_name_4];
} elseif ('name_wmiddle' == $element_type) {
//Name - Extended, with Middle
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 5 elements total
//only element no 2,3,4 matters (first, middle, last name)
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$element_name_4 = substr($element_name, 0, -1) . '4';
$element_name_5 = substr($element_name, 0, -1) . '5';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
$processed_elements[] = $element_name_4;
$processed_elements[] = $element_name_5;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name_2]['required'] = true;
$rules[$element_name_4]['required'] = true;
}
$target_input[$element_name_2] = $user_input[$element_name_2];
$target_input[$element_name_4] = $user_input[$element_name_4];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
$form_data[$element_name_4]['default_value'] = htmlspecialchars($user_input[$element_name_4]);
$form_data[$element_name_5]['default_value'] = htmlspecialchars($user_input[$element_name_5]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
$table_data[$element_name_2] = $user_input[$element_name_2];
$table_data[$element_name_3] = $user_input[$element_name_3];
$table_data[$element_name_4] = $user_input[$element_name_4];
$table_data[$element_name_5] = $user_input[$element_name_5];
} elseif ('time' == $element_type) {
//Time
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 4 elements total
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$element_name_4 = substr($element_name, 0, -1) . '4';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
$processed_elements[] = $element_name_4;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name_2]['required'] = true;
$rules[$element_name_3]['required'] = true;
if (empty($element_info[$element_id]['time_24hour'])) {
$rules[$element_name_4]['required'] = true;
}
}
//check time validity if any of the compound field entered
$time_entry_exist = false;
if (!empty($user_input[$element_name]) || !empty($user_input[$element_name_2]) || !empty($user_input[$element_name_3])) {
$rules['element_time']['time'] = true;
$time_entry_exist = true;
}
//for backward compatibility with machform v2 and beyond
if ($element_info[$element_id]['constraint'] == 'show_seconds') {
$element_info[$element_id]['time_showsecond'] = 1;
}
if ($time_entry_exist && empty($element_info[$element_id]['time_showsecond'])) {
$user_input[$element_name_3] = '00';
}
if ($element_info[$element_id]['is_unique']) {
$rules['element_time_no_meridiem']['unique'] = $form_id . '#' . substr($element_name, 0, -2);
//to check uniquenes we need to use 24 hours HH:MM:SS format
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$target_input[$element_name_2] = $user_input[$element_name_2];
$target_input[$element_name_3] = $user_input[$element_name_3];
$target_input[$element_name_4] = $user_input[$element_name_4];
if ($time_entry_exist) {
$target_input['element_time'] = trim($user_input[$element_name] . ':' . $user_input[$element_name_2] . ':' . $user_input[$element_name_3] . ' ' . $user_input[$element_name_4]);
$target_input['element_time_no_meridiem'] = @date("G:i:s", strtotime($target_input['element_time']));
}
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
$form_data[$element_name_4]['default_value'] = htmlspecialchars($user_input[$element_name_4]);
//prepare data for table column
$table_data[substr($element_name, 0, -2)] = @$target_input['element_time_no_meridiem'];
} elseif ('address' == $element_type) {
//Address
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 6 elements total, element #2 (address line 2) is optional
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$element_name_4 = substr($element_name, 0, -1) . '4';
$element_name_5 = substr($element_name, 0, -1) . '5';
$element_name_6 = substr($element_name, 0, -1) . '6';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
$processed_elements[] = $element_name_4;
$processed_elements[] = $element_name_5;
$processed_elements[] = $element_name_6;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
$rules[$element_name_3]['required'] = true;
$rules[$element_name_4]['required'] = true;
$rules[$element_name_5]['required'] = true;
$rules[$element_name_6]['required'] = true;
}
$target_input[$element_name] = $user_input[$element_name];
$target_input[$element_name_3] = $user_input[$element_name_3];
$target_input[$element_name_4] = $user_input[$element_name_4];
$target_input[$element_name_5] = $user_input[$element_name_5];
$target_input[$element_name_6] = $user_input[$element_name_6];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
$form_data[$element_name_4]['default_value'] = htmlspecialchars($user_input[$element_name_4]);
$form_data[$element_name_5]['default_value'] = htmlspecialchars($user_input[$element_name_5]);
$form_data[$element_name_6]['default_value'] = htmlspecialchars($user_input[$element_name_6]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
$table_data[$element_name_2] = $user_input[$element_name_2];
$table_data[$element_name_3] = $user_input[$element_name_3];
$table_data[$element_name_4] = $user_input[$element_name_4];
$table_data[$element_name_5] = $user_input[$element_name_5];
$table_data[$element_name_6] = $user_input[$element_name_6];
} elseif ('money' == $element_type) {
//Price
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 2 elements total (for currency other than yen)
if ($element_info[$element_id]['constraint'] != 'yen') {
//if other than yen
$base_element_name = substr($element_name, 0, -1);
$element_name_2 = $base_element_name . '2';
$processed_elements[] = $element_name_2;
if ($element_info[$element_id]['is_required']) {
$rules[$base_element_name]['required'] = true;
}
//check for numeric if not empty
if (!empty($user_input[$element_name]) || !empty($user_input[$element_name_2])) {
$rules[$base_element_name]['numeric'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$base_element_name]['unique'] = $form_id . '#' . substr($element_name, 0, -2);
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$target_input[$base_element_name] = $user_input[$element_name] . '.' . $user_input[$element_name_2];
//join dollar+cent
if ($target_input[$base_element_name] == '.') {
$target_input[$base_element_name] = '';
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
//prepare data for table column
if (!empty($user_input[$element_name]) || !empty($user_input[$element_name_2]) || $user_input[$element_name] === '0' || $user_input[$element_name_2] === '0') {
$table_data[substr($element_name, 0, -2)] = $user_input[$element_name] . '.' . $user_input[$element_name_2];
}
//if the user removed the number, set the value to null
if ($user_input[$element_name] == "" && $user_input[$element_name_2] == "") {
$table_data[substr($element_name, 0, -2)] = null;
}
} else {
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
//check for numeric if not empty
if (!empty($user_input[$element_name])) {
$rules[$element_name]['numeric'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$target_input[$element_name] = $user_input[$element_name];
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
//if the user removed the number, set the value to null
if ($table_data[$element_name] == "") {
$table_data[$element_name] = null;
}
}
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
} elseif ('checkbox' == $element_type) {
//Checkboxes
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
$all_child_array = array();
$all_child_array = $checkbox_childs[$element_id];
$base_element_name = 'element_' . $element_id . '_';
if (!empty($element_info[$element_id]['choice_has_other'])) {
$all_checkbox_value = $input[$base_element_name . 'other'];
//save old data into array, for form redisplay in case errors occured
$form_data[$base_element_name . 'other']['default_value'] = $input[$base_element_name . 'other'];
$table_data[$base_element_name . 'other'] = $input[$base_element_name . 'other'];
} else {
$all_checkbox_value = '';
}
if ($element_info[$element_id]['is_required']) {
//checking 'required' for checkboxes is more complex
//we need to get total child, and join it into one element
//only one element is required to be checked
foreach ($all_child_array as $i) {
$all_checkbox_value .= $user_input[$base_element_name . $i];
$processed_elements[] = $base_element_name . $i;
//save old data into array, for form redisplay in case errors occured
$form_data[$base_element_name . $i]['default_value'] = $user_input[$base_element_name . $i];
//prepare data for table column
$table_data[$base_element_name . $i] = $user_input[$base_element_name . $i];
}
$rules[$base_element_name]['required'] = true;
$target_input[$base_element_name] = $all_checkbox_value;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
if ($is_matrix_field && !empty($matrix_childs_array[$element_id])) {
$error_elements[$matrix_childs_array[$element_id]] = $validation_result;
} else {
$error_elements[$element_id] = $validation_result;
}
}
} else {
//if not required, we only need to capture all data
foreach ($all_child_array as $i) {
//save old data into array, for form redisplay in case errors occured
$form_data[$base_element_name . $i]['default_value'] = $user_input[$base_element_name . $i];
//prepare data for table column
$table_data[$base_element_name . $i] = $user_input[$base_element_name . $i];
}
}
} elseif ('select' == $element_type) {
//Drop Down
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = $user_input[$element_name];
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
} elseif ('date' == $element_type || 'europe_date' == $element_type) {
//Date
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 3 elements total
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
if (!empty($element_info[$element_id]['is_required'])) {
$rules[$element_name]['required'] = true;
$rules[$element_name_2]['required'] = true;
$rules[$element_name_3]['required'] = true;
}
$rules['element_date']['date'] = 'yyyy/mm/dd';
if (!empty($element_info[$element_id]['is_unique'])) {
$rules['element_date']['unique'] = $form_id . '#' . substr($element_name, 0, -2);
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
if (!empty($element_info[$element_id]['date_enable_range'])) {
if (!empty($element_info[$element_id]['date_range_max']) || !empty($element_info[$element_id]['date_range_min'])) {
$rules['element_date']['date_range'] = $element_info[$element_id]['date_range_min'] . '#' . $element_info[$element_id]['date_range_max'];
}
}
//disable past/future dates, if enabled. this rule override the date range rule being set above
if (!empty($element_info[$element_id]['date_disable_past_future'])) {
$today_date = date('Y-m-d', time());
if ($element_info[$element_id]['date_past_future'] == 'p') {
//disable past dates
$rules['element_date']['date_range'] = $today_date . '#0000-00-00';
} else {
if ($element_info[$element_id]['date_past_future'] == 'f') {
//disable future dates
$rules['element_date']['date_range'] = '0000-00-00#' . $today_date;
}
}
}
//check for weekend dates rule
if (!empty($element_info[$element_id]['date_disable_weekend'])) {
$rules['element_date']['date_weekend'] = true;
}
//get disabled dates (either coming from 'date selection limit' or 'disable specific dates' rules)
$disabled_dates = array();
//get disabled dates from 'date selection limit' rule
if (!empty($element_info[$element_id]['date_enable_selection_limit']) && !empty($element_info[$element_id]['date_selection_max'])) {
$sub_query = "select \r\n\t\t\t\t\t\t\t\t\t\tselected_date \r\n\t\t\t\t\t\t\t\t\tfrom (\r\n\t\t\t\t\t\t\t\t\t\t\tselect \r\n\t\t\t\t\t\t\t\t\t\t\t\t date_format(element_{$element_id},'%Y-%c-%e') as selected_date,\r\n\t\t\t\t\t\t\t\t\t\t\t\t count(element_{$element_id}) as total_selection \r\n\t\t\t\t\t\t\t\t\t\t from \r\n\t\t\t\t\t\t\t\t\t\t \t " . MF_TABLE_PREFIX . "form_{$form_id} \r\n\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t \t status=1 and element_{$element_id} is not null \r\n\t\t\t\t\t\t\t\t\t\t group by \r\n\t\t\t\t\t\t\t\t\t\t \t\t element_{$element_id}\r\n\t\t\t\t\t\t\t\t\t\t ) as A\r\n\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t A.total_selection >= ?";
$params = array($element_info[$element_id]['date_selection_max']);
$sub_sth = mf_do_query($sub_query, $params, $dbh);
while ($sub_row = mf_do_fetch_result($sub_sth)) {
$disabled_dates[] = $sub_row['selected_date'];
}
}
//get disabled dates from 'disable specific dates' rules
if (!empty($element_info[$element_id]['date_disable_specific']) && !empty($element_info[$element_id]['date_disabled_list'])) {
$exploded = array();
$exploded = explode(',', $element_info[$element_id]['date_disabled_list']);
foreach ($exploded as $date_value) {
$disabled_dates[] = date('Y-n-j', strtotime(trim($date_value)));
}
}
if (!empty($disabled_dates)) {
$rules['element_date']['disabled_dates'] = $disabled_dates;
}
$target_input[$element_name] = $user_input[$element_name];
$target_input[$element_name_2] = $user_input[$element_name_2];
$target_input[$element_name_3] = $user_input[$element_name_3];
$base_element_name = substr($element_name, 0, -2);
if ('date' == $element_type) {
//MM/DD/YYYY
$target_input['element_date'] = $user_input[$element_name_3] . '-' . $user_input[$element_name] . '-' . $user_input[$element_name_2];
//prepare data for table column
$table_data[$base_element_name] = $user_input[$element_name_3] . '-' . $user_input[$element_name] . '-' . $user_input[$element_name_2];
} else {
//DD/MM/YYYY
$target_input['element_date'] = $user_input[$element_name_3] . '-' . $user_input[$element_name_2] . '-' . $user_input[$element_name];
//prepare data for table column
$table_data[$base_element_name] = $user_input[$element_name_3] . '-' . $user_input[$element_name_2] . '-' . $user_input[$element_name];
}
$test_empty = str_replace('-', '', $target_input['element_date']);
//if user not submitting any entry, remove the dashes
if (empty($test_empty)) {
unset($target_input['element_date']);
$table_data[$base_element_name] = '';
}
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
} elseif ('simple_phone' == $element_type) {
//Simple Phone
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if (!empty($user_input[$element_name])) {
$rules[$element_name]['simple_phone'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$target_input[$element_name] = $user_input[$element_name];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
} elseif ('phone' == $element_type) {
//Phone - US format
if (!empty($processed_elements) && is_array($processed_elements) && in_array($element_name, $processed_elements)) {
continue;
}
//compound element, grab the other element, 3 elements total
$element_name_2 = substr($element_name, 0, -1) . '2';
$element_name_3 = substr($element_name, 0, -1) . '3';
$processed_elements[] = $element_name_2;
//put this element into array so that it won't be processed next
$processed_elements[] = $element_name_3;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
$rules[$element_name_2]['required'] = true;
$rules[$element_name_3]['required'] = true;
}
$rules['element_phone']['phone'] = true;
if ($element_info[$element_id]['is_unique']) {
$rules['element_phone']['unique'] = $form_id . '#' . substr($element_name, 0, -2);
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$target_input[$element_name] = $user_input[$element_name];
$target_input[$element_name_2] = $user_input[$element_name_2];
$target_input[$element_name_3] = $user_input[$element_name_3];
$target_input['element_phone'] = $user_input[$element_name] . $user_input[$element_name_2] . $user_input[$element_name_3];
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
$form_data[$element_name_2]['default_value'] = htmlspecialchars($user_input[$element_name_2]);
$form_data[$element_name_3]['default_value'] = htmlspecialchars($user_input[$element_name_3]);
//prepare data for table column
$table_data[substr($element_name, 0, -2)] = $user_input[$element_name] . $user_input[$element_name_2] . $user_input[$element_name_3];
} elseif ('email' == $element_type) {
//Email
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required'] = true;
}
if ($element_info[$element_id]['is_unique']) {
$rules[$element_name]['unique'] = $form_id . '#' . $element_name;
$target_input['dbh'] = $dbh;
//we need to pass the $dbh for this 'unique' rule
}
$rules[$element_name]['email'] = true;
$target_input[$element_name] = $element_data;
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
}
//save old data into array, for form redisplay in case errors occured
$form_data[$element_name]['default_value'] = htmlspecialchars($user_input[$element_name]);
//prepare data for table column
$table_data[$element_name] = $user_input[$element_name];
} elseif ('file' == $element_type) {
//File
$listfile_name = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/listfile_{$input[$element_name . '_token']}.php";
if (!file_exists($listfile_name)) {
$check_filetype = false;
if ($element_info[$element_id]['is_required']) {
$rules[$element_name]['required_file'] = true;
$rules[$element_name]['filetype'] = true;
$check_filetype = true;
//if form review enabled, and user pressed back button after going to review page
//or if this is multipage form
//disable the required file checking if file already uploaded
if (!empty($_SESSION['review_id']) || $form_page_total > 1 || $is_edit_page === true) {
if (!empty($element_info[$element_id]['existing_file'])) {
unset($rules[$element_name]['required_file']);
unset($rules[$element_name]['filetype']);
$check_filetype = false;
}
}
} else {
if ($_FILES[$element_name]['size'] > 0) {
$rules[$element_name]['filetype'] = true;
$check_filetype = true;
}
}
if ($check_filetype == true && !empty($element_info[$element_id]['file_enable_type_limit'])) {
if ($element_info[$element_id]['file_block_or_allow'] == 'b') {
//block file type
$target_input['file_block_or_allow'] = 'b';
} elseif ($element_info[$element_id]['file_block_or_allow'] == 'a') {
$target_input['file_block_or_allow'] = 'a';
}
$target_input['file_type_list'] = $element_info[$element_id]['file_type_list'];
}
$target_input[$element_name] = $element_name;
//special for file, only need to pass input name
$validation_result = mf_validate_element($target_input, $rules);
if ($validation_result !== true) {
$error_elements[$element_id] = $validation_result;
} else {
//if validation passed, store uploaded file info into array
if ($_FILES[$element_name]['size'] > 0) {
$uploaded_files[] = $element_name;
}
}
} else {
//if files were uploaded using advance uploader
//file type validation already done in upload.php, so we don't need to do validation again here
//store uploaded file list into array
$current_element_uploaded_files_advance = array();
$current_element_uploaded_files_advance = file($listfile_name, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
array_shift($current_element_uploaded_files_advance);
//remove the first index of the array
array_pop($current_element_uploaded_files_advance);
//remove the last index of the array
$uploaded_files_advance[$element_id]['listfile_name'] = $listfile_name;
$uploaded_files_advance[$element_id]['listfile_content'] = $current_element_uploaded_files_advance;
//save old token into array, for form redisplay in case errors occured
$form_data[$element_name]['file_token'] = $input[$element_name . '_token'];
}
}
}
//get form redirect info, if any
//get form properties data
$query = "select \r\n\t\t\t\t\t\t form_redirect,\r\n\t\t\t\t\t\t form_redirect_enable,\r\n\t\t\t\t\t\t form_email,\r\n\t\t\t\t\t\t form_unique_ip,\r\n\t\t\t\t\t\t form_captcha,\r\n\t\t\t\t\t\t form_captcha_type,\r\n\t\t\t\t\t\t form_review,\r\n\t\t\t\t\t\t form_page_total,\r\n\t\t\t\t\t\t form_resume_enable,\r\n\t\t\t\t\t\t form_name,\r\n\t\t\t\t\t\t esl_enable,\r\n\t\t\t\t\t\t esl_from_name,\r\n\t\t\t\t\t\t esl_from_email_address,\r\n\t\t\t\t\t\t esl_subject,\r\n\t\t\t\t\t\t esl_content,\r\n\t\t\t\t\t\t esl_plain_text,\r\n\t\t\t\t\t\t esr_enable,\r\n\t\t\t\t\t\t esr_email_address,\r\n\t\t\t\t\t\t esr_from_name,\r\n\t\t\t\t\t\t esr_from_email_address,\r\n\t\t\t\t\t\t esr_subject,\r\n\t\t\t\t\t\t esr_content,\r\n\t\t\t\t\t\t esr_plain_text,\r\n\t\t\t\t\t\t payment_enable_merchant,\r\n\t\t\t\t\t\t payment_merchant_type,\r\n\t\t\t\t\t\t ifnull(payment_paypal_email,'') payment_paypal_email,\r\n\t\t\t\t\t\t payment_paypal_language,\r\n\t\t\t\t\t\t payment_currency,\r\n\t\t\t\t\t\t payment_show_total,\r\n\t\t\t\t\t\t payment_total_location,\r\n\t\t\t\t\t\t payment_enable_recurring,\r\n\t\t\t\t\t\t payment_recurring_cycle,\r\n\t\t\t\t\t\t payment_recurring_unit,\r\n\t\t\t\t\t\t payment_price_type,\r\n\t\t\t\t\t\t payment_price_amount,\r\n\t\t\t\t\t\t payment_price_name\r\n\t\t\t\t from \r\n\t\t\t\t \t `" . MF_TABLE_PREFIX . "forms` \r\n\t\t\t\t where \r\n\t\t\t\t \t form_id=?";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
if (!empty($row['form_redirect_enable'])) {
$form_redirect = $row['form_redirect'];
}
$form_unique_ip = $row['form_unique_ip'];
$form_email = $row['form_email'];
$form_captcha = $row['form_captcha'];
$form_captcha_type = $row['form_captcha_type'];
$form_review = $row['form_review'];
$form_page_total = $row['form_page_total'];
$form_name = $row['form_name'];
$user_ip_address = $_SERVER['REMOTE_ADDR'];
$esl_enable = $row['esl_enable'];
$esl_from_name = $row['esl_from_name'];
$esl_from_email_address = $row['esl_from_email_address'];
$esl_subject = $row['esl_subject'];
$esl_content = $row['esl_content'];
$esl_plain_text = $row['esl_plain_text'];
$esr_enable = $row['esr_enable'];
$esr_email_address = $row['esr_email_address'];
$esr_from_name = $row['esr_from_name'];
$esr_from_email_address = $row['esr_from_email_address'];
$esr_subject = $row['esr_subject'];
$esr_content = $row['esr_content'];
$esr_plain_text = $row['esr_plain_text'];
$payment_enable_merchant = (int) $row['payment_enable_merchant'];
if ($payment_enable_merchant < 1) {
$payment_enable_merchant = 0;
}
$payment_merchant_type = $row['payment_merchant_type'];
$payment_paypal_email = $row['payment_paypal_email'];
$payment_paypal_language = $row['payment_paypal_language'];
$payment_currency = $row['payment_currency'];
$payment_show_total = (int) $row['payment_show_total'];
$payment_total_location = $row['payment_total_location'];
$payment_enable_recurring = (int) $row['payment_enable_recurring'];
$payment_recurring_cycle = (int) $row['payment_recurring_cycle'];
$payment_recurring_unit = $row['payment_recurring_unit'];
$payment_price_type = $row['payment_price_type'];
$payment_price_amount = (double) $row['payment_price_amount'];
$payment_price_name = $row['payment_price_name'];
//if the user is saving a form to resume later, we need to discard all validation errors
if (!empty($input['generate_resume_url']) && !empty($row['form_resume_enable']) && $form_page_total > 1) {
$is_saving_form_resume = true;
$error_elements = array();
} else {
$is_saving_form_resume = false;
}
$process_result['form_redirect'] = $form_redirect;
$process_result['old_values'] = $form_data;
$process_result['error_elements'] = $error_elements;
//if this is edit_entry page, unique ip address validation should be bypassed
$check_unique_ip = false;
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
$check_unique_ip = false;
} else {
if (!empty($form_unique_ip)) {
$check_unique_ip = true;
}
}
//check for ip address
if ($check_unique_ip === true) {
//if ip address checking enabled, compare user ip address with value in db
$query = "select count(id) total_ip from `" . MF_TABLE_PREFIX . "form_{$form_id}` where ip_address=?";
$params = array($user_ip_address);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
if (!empty($row['total_ip'])) {
$process_result['custom_error'] = 'Sorry, but this form is limited to one submission per user.';
}
}
if (!empty($_SESSION['edit_entry']['form_id']) && $_SESSION['edit_entry']['form_id'] === $form_id) {
//when editing an entry, the captcha shouldn't be checked
$is_bypass_captcha = true;
} else {
if (!empty($_SESSION['captcha_passed'][$form_id]) && $_SESSION['captcha_passed'][$form_id] === true) {
//if the user already validated the captcha once for that session (e.g. on multi-page form), no need to check it again
$is_bypass_captcha = true;
} else {
$is_bypass_captcha = false;
}
}
//check for captcha if enabled and there is no errors from previous fields
//on multipage form, captcha should be validated on the last page only
if (!empty($form_captcha) && empty($error_elements) && $is_bypass_captcha !== true) {
if ($form_page_total == 1 || $form_page_total == $page_number) {
if ($form_captcha_type == 'i') {
//if simple image captcha is being used
if (!empty($_POST['captcha_response_field'])) {
$captcha_response_field = trim($_POST['captcha_response_field']);
if (PhpCaptcha::Validate($captcha_response_field) !== true) {
$error_elements['element_captcha'] = 'incorrect-captcha-sol';
$process_result['error_elements'] = $error_elements;
} else {
//captcha succesfully validated
//set a session variable, so that the user won't need to fill it again, if this is a multi-page form
$_SESSION['captcha_passed'][$form_id] = true;
}
} else {
//user not entered the words at all
$error_elements['element_captcha'] = 'el-required';
$process_result['error_elements'] = $error_elements;
}
} else {
if ($form_captcha_type == 't') {
//if simple text captcha is being used
if (!empty($_POST['captcha_response_field'])) {
$captcha_response_field = strtolower(trim($_POST['captcha_response_field']));
if ($captcha_response_field != strtolower($_SESSION['MF_TEXT_CAPTCHA_ANSWER'])) {
$error_elements['element_captcha'] = 'incorrect-text-captcha-sol';
$process_result['error_elements'] = $error_elements;
} else {
unset($_SESSION['MF_TEXT_CAPTCHA_ANSWER']);
//captcha succesfully validated
//set a session variable, so that the user won't need to fill it again, if this is a multi-page form
$_SESSION['captcha_passed'][$form_id] = true;
}
} else {
//user not entered the words at all
$error_elements['element_captcha'] = 'el-text-required';
$process_result['error_elements'] = $error_elements;
}
} else {
if ($form_captcha_type == 'r') {
//otherwise reCaptcha is being used
if (!empty($_POST['recaptcha_response_field'])) {
$recaptcha_response = recaptcha_check_answer(RECAPTCHA_PRIVATE_KEY, $user_ip_address, $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if ($recaptcha_response !== false) {
//if false, then we can't connect to captcha server, bypass captcha checking
if ($recaptcha_response->is_valid === false) {
$error_elements['element_captcha'] = $recaptcha_response->error;
$process_result['error_elements'] = $error_elements;
} else {
//captcha succesfully validated
//set a session variable, so that the user won't need to fill it again, if this is a multi-page form
$_SESSION['captcha_passed'][$form_id] = true;
}
}
} else {
//user not entered the words at all
$error_elements['element_captcha'] = 'el-required';
$process_result['error_elements'] = $error_elements;
}
}
}
}
}
}
//if the 'previous' button being clicked, we need to discard any validation errors
if (!empty($input['submit_secondary']) || !empty($input['submit_secondary_x'])) {
$process_result['error_elements'] = '';
$process_result['custom_error'] = '';
$error_elements = array();
}
//insert ip address and date created
$table_data['ip_address'] = $user_ip_address;
$table_data['date_created'] = date("Y-m-d H:i:s");
$is_inserted = false;
//start insert data into table ----------------------
//dynamically create the field list and field values, based on the input given
if (!empty($table_data) && empty($error_elements) && empty($process_result['custom_error'])) {
$has_value = false;
$field_list = '';
$field_values = '';
foreach ($table_data as $key => $value) {
if ($value == '') {
//don't insert blank entry
continue;
}
$field_list .= "`{$key}`,";
$field_values .= ":{$key},";
$params_table_data[':' . $key] = $value;
if (!empty($value)) {
$has_value = true;
}
}
//add session_id to query if 'form review' enabled or this is multipage forms
if (!empty($form_review) || $form_page_total > 1) {
//save previously uploaded file list, so users don't need to reupload files
//get all file uploads elements first
$session_id = session_id();
$file_uploads_array = array();
$query = "SELECT \r\n\t\t\t\t\t\t\t\t\telement_id \r\n\t\t\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_elements \r\n\t\t\t\t\t\t\t WHERE \r\n\t\t\t\t\t\t\t \t\tform_id=? AND \r\n\t\t\t\t\t\t\t \t\telement_type='file' AND \r\n\t\t\t\t\t\t\t \t\telement_is_private=0";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$file_uploads_array[] = 'element_' . $row['element_id'];
}
$file_uploads_column = implode('`,`', $file_uploads_array);
$file_uploads_column = '`' . $file_uploads_column . '`';
if (!empty($file_uploads_array)) {
if (!empty($_SESSION['review_id'])) {
//if this is single page form and has review enabled
$query = "SELECT {$file_uploads_column} FROM `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where id=?";
$params = array($_SESSION['review_id']);
} elseif ($form_page_total > 1) {
//if this is multi page form
$query = "SELECT {$file_uploads_column} FROM `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
}
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
foreach ($file_uploads_array as $element_name) {
if (!empty($row[$element_name])) {
$uploaded_file_lookup[$element_name] = $row[$element_name];
}
}
}
//add session_id to query if 'form review' enabled
$field_list .= "`session_id`,";
$field_values .= ":session_id,";
$params_table_data[':session_id'] = $session_id;
}
if ($has_value) {
//if blank form submitted, dont insert anything
//start insert query ----------------------------------------
$field_list = substr($field_list, 0, -1);
$field_values = substr($field_values, 0, -1);
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this is edit_entry page submission, update the table
$update_values = '';
$params_update = array();
unset($table_data['date_created']);
$table_data['date_updated'] = date("Y-m-d H:i:s");
foreach ($table_data as $key => $value) {
$update_values .= "`{$key}`=:{$key},";
$params_update[':' . $key] = $value;
}
$params_update[':id'] = $edit_id;
$update_values = substr($update_values, 0, -1);
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}` set \r\n\t\t\t\t\t\t\t\t\t\t\t\t{$update_values}\r\n\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t \t \t\t`id`=:id;";
mf_do_query($query, $params_update, $dbh);
$record_insert_id = $edit_id;
} else {
//insert to temporary table, if form review is enabled or this is multipage form
if (!empty($form_review) || $form_page_total > 1) {
if ($form_page_total > 1) {
//if this is the first page and the first time being submitted, do insert table
//otherwise, do update table
$do_review_insert = false;
if ($input['page_number'] == 1) {
$session_id = session_id();
$query = "SELECT count(`id`) as total_row from " . MF_TABLE_PREFIX . "form_{$form_id}_review where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
if ($row['total_row'] == 0) {
$do_review_insert = true;
}
}
//if this is the first page, do insert
if ($do_review_insert) {
$query = "INSERT INTO `" . MF_TABLE_PREFIX . "form_{$form_id}_review` ({$field_list}) VALUES ({$field_values});";
mf_do_query($query, $params_table_data, $dbh);
$record_insert_id = (int) $dbh->lastInsertId();
} else {
//otherwise, do update
//dynamically create the sql update string, based on the input given
$update_values = '';
$params_update = array();
foreach ($table_data as $key => $value) {
$update_values .= "`{$key}`=:{$key},";
$params_update[':' . $key] = $value;
}
$update_values = substr($update_values, 0, -1);
$params_update[':session_id'] = $session_id;
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}_review` set \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$update_values}\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t\t\t \t \t\tsession_id=:session_id;";
mf_do_query($query, $params_update, $dbh);
$query = "SELECT `id` from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$record_insert_id = $row['id'];
//if this is the last page of the form, check if form review enabled or not
//if enabled, simply get the record_insert_id and send it as review_id
//otherwise, commit form review
if ($input['page_number'] == $form_page_total && (!empty($input['submit_primary']) || !empty($input['submit_primary_x'])) && !$is_saving_form_resume) {
if (!empty($form_review)) {
//pass the current page number, so the user could go back from the preview page
$process_result['origin_page_number'] = $input['page_number'];
} else {
$query = "SELECT `id` from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$commit_options = array();
$commit_options['send_notification'] = false;
$commit_result = mf_commit_form_review($dbh, $form_id, $row['id'], $commit_options);
$record_insert_id = $commit_result['record_insert_id'];
$is_committed = true;
$process_result['entry_id'] = $record_insert_id;
$_SESSION['mf_form_completed'][$form_id] = true;
}
}
}
} else {
$query = "SELECT `id` from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$record_insert_id = $row['id'];
if (empty($record_insert_id)) {
$query = "INSERT INTO `" . MF_TABLE_PREFIX . "form_{$form_id}_review` ({$field_list}) VALUES ({$field_values});";
mf_do_query($query, $params_table_data, $dbh);
$record_insert_id = (int) $dbh->lastInsertId();
} else {
$update_values = '';
$params_update = array();
foreach ($table_data as $key => $value) {
$update_values .= "`{$key}`=:{$key},";
$params_update[':' . $key] = $value;
}
$params_update[':id'] = $record_insert_id;
$update_values = substr($update_values, 0, -1);
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}_review` set \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t{$update_values}\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t\t\t \t \t\t`id`=:id;";
mf_do_query($query, $params_update, $dbh);
}
}
} else {
$query = "INSERT INTO `" . MF_TABLE_PREFIX . "form_{$form_id}` ({$field_list}) VALUES ({$field_values});";
mf_do_query($query, $params_table_data, $dbh);
$record_insert_id = (int) $dbh->lastInsertId();
}
}
//end insert query ------------------------------------------
$is_inserted = true;
}
}
//end insert data into table -------------------------
//upload the files
$write_to_permanent_file = false;
$write_to_temporary_file = false;
if ($is_inserted) {
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this ie edit_entry page, always write to permanent file
$write_to_permanent_file = true;
} else {
if ($form_page_total <= 1) {
//if this is single page form
if (empty($form_review)) {
//if review disabled, upload the files into permanent filename
$write_to_permanent_file = true;
} else {
//if this single form has review enabled
$write_to_temporary_file = true;
}
} else {
//if this is multipage form
if ($input['page_number'] == $form_page_total && (!empty($input['submit_primary']) || !empty($input['submit_primary_x'])) && $is_committed) {
$write_to_permanent_file = true;
} else {
$write_to_temporary_file = true;
}
}
}
}
if ($write_to_permanent_file === true) {
//START writing into permanent file ------------------------
//within one form, it is possible to use a mix of standard file upload field and the advanced/ajax uploader
//we need to be able processing both at the same time
//if files were uploaded using standard file upload fields
if (!empty($uploaded_files)) {
foreach ($uploaded_files as $element_name) {
$file_token = md5(uniqid(rand(), true));
//add random token to uploaded filename, to increase security
//move file and check for invalid file
$destination_file = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/{$element_name}_{$file_token}-{$record_insert_id}-{$_FILES[$element_name]['name']}";
$destination_file = mf_sanitize($destination_file);
if (move_uploaded_file($_FILES[$element_name]['tmp_name'], $destination_file)) {
$query = "update " . MF_TABLE_PREFIX . "form_{$form_id} set {$element_name}=? where id=?";
$file_element = "{$element_name}_{$file_token}-{$record_insert_id}-{$_FILES[$element_name]['name']}";
$file_element = mf_sanitize($file_element);
$params = array($file_element, $record_insert_id);
mf_do_query($query, $params, $dbh);
}
}
}
//if files were uploaded using advance uploader
if (!empty($uploaded_files_advance)) {
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this is edit_entry, we need to get existing file records and merge the data with the new uploaded files
$uploaded_element_names = array();
$uploaded_element_ids = array_keys($uploaded_files_advance);
foreach ($uploaded_element_ids as $element_id) {
$uploaded_element_names[] = 'element_' . $element_id;
}
$uploaded_element_names_joined = implode(',', $uploaded_element_names);
$query = "SELECT {$uploaded_element_names_joined} from `" . MF_TABLE_PREFIX . "form_{$form_id}` where `id`=?";
$params = array($edit_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$existing_files_data = array();
$multi_upload_info = array();
foreach ($uploaded_element_names as $element_name) {
$existing_files_data[$element_name] = trim($row[$element_name]);
$element_name_exploded = explode('_', $element_name);
$multi_upload_info[$element_name] = $element_info[$element_name_exploded[1]]['file_enable_multi_upload'];
}
}
//loop through each list
foreach ($uploaded_files_advance as $element_id => $values) {
$current_listfile_name = $values['listfile_name'];
$current_listfile_content = $values['listfile_content'];
$file_list_array = array();
foreach ($current_listfile_content as $tmp_filename_path) {
$tmp_filename_only = basename($tmp_filename_path);
$filename_value = substr($tmp_filename_only, strpos($tmp_filename_only, '-') + 1);
$filename_value = str_replace('|', '', str_replace('.tmp', '', $filename_value));
$new_file_token = md5(uniqid(rand(), true));
//add random token to uploaded filename, to increase security
$new_filename = "element_{$element_id}_{$new_file_token}-{$record_insert_id}-{$filename_value}";
$destination_filename = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/" . $new_filename;
//remove tmp name and change it into permanent name
//store all the permanent name into a variable
if (file_exists($tmp_filename_path)) {
rename($tmp_filename_path, $destination_filename);
}
$file_list_array[] = $new_filename;
}
//delete the listfile for the current element_id
unlink($current_listfile_name);
//update the table with the file name list
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this is edit_entry, we need to get existing file records and merge the data with the new uploaded files
//which depends on the multi upload setting for each file upload field
//if multi upload enabled, we need to merge the data. otherwise, replace the old data
if (!empty($multi_upload_info['element_' . $element_id])) {
//if multi upload enabled, merge the data
$new_files_array = $file_list_array;
if (!empty($existing_files_data['element_' . $element_id])) {
$old_files_array = explode('|', $existing_files_data['element_' . $element_id]);
$merged_files_array = array_merge($new_files_array, $old_files_array);
$merged_files_array = array_unique($merged_files_array);
} else {
$merged_files_array = $new_files_array;
}
$file_list_joined[$element_id] = implode('|', $merged_files_array);
} else {
//replace the old data with the new file
$file_list_joined[$element_id] = implode('|', $file_list_array);
}
} else {
$file_list_joined[$element_id] = implode('|', $file_list_array);
}
}
//update the table with the file name list
$update_values = '';
$params_update = array();
foreach ($file_list_joined as $element_id => $file_joined) {
$file_joined = mf_sanitize($file_joined);
$update_values .= "element_{$element_id}=:element_{$element_id},";
$params_update[':element_' . $element_id] = $file_joined;
}
$update_values = rtrim($update_values, ',');
$params_update[':id'] = $record_insert_id;
$query = "update " . MF_TABLE_PREFIX . "form_{$form_id} set {$update_values} where id=:id";
mf_do_query($query, $params_update, $dbh);
}
//END writing into permanent file ------------------------
} else {
if ($write_to_temporary_file === true) {
//START writing into temporary file ------------------------
//if files were uploaded using standard file upload fields
if (!empty($uploaded_files)) {
$record_review_id = session_id();
foreach ($uploaded_files as $element_name) {
$file_token = md5(uniqid(rand(), true));
//add random token to uploaded filename, to increase security
//move file and check for invalid file
$destination_file = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/{$element_name}_{$file_token}-{$record_insert_id}-{$_FILES[$element_name]['name']}.tmp";
$destination_file = mf_sanitize($destination_file);
if (move_uploaded_file($_FILES[$element_name]['tmp_name'], $destination_file)) {
$query = "update " . MF_TABLE_PREFIX . "form_{$form_id}_review set {$element_name}=? where session_id=?";
$file_element = "{$element_name}_{$file_token}-{$record_insert_id}-{$_FILES[$element_name]['name']}";
$file_element = mf_sanitize($file_element);
$params = array($file_element, $record_review_id);
mf_do_query($query, $params, $dbh);
}
if (!empty($uploaded_file_lookup[$element_name])) {
unset($uploaded_file_lookup[$element_name]);
}
}
}
//if files were uploaded using advance uploader
if (!empty($uploaded_files_advance)) {
//loop through each list
foreach ($uploaded_files_advance as $element_id => $values) {
$current_listfile_name = $values['listfile_name'];
$current_listfile_content = $values['listfile_content'];
$file_list_array = array();
foreach ($current_listfile_content as $tmp_filename_path) {
$tmp_filename_only = basename($tmp_filename_path);
$filename_value = substr($tmp_filename_only, strpos($tmp_filename_only, '-') + 1);
$filename_value = str_replace('|', '', str_replace('.tmp', '', $filename_value));
$new_file_token = md5(uniqid(rand(), true));
//add random token to uploaded filename, to increase security
$new_filename = "element_{$element_id}_{$new_file_token}-{$record_insert_id}-{$filename_value}";
$destination_filename = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/" . $new_filename . ".tmp";
//assign new temporary name, using new token and record id
//store all the temporary name into a variable
if (file_exists($tmp_filename_path)) {
rename($tmp_filename_path, $destination_filename);
}
$file_list_array[] = $new_filename;
}
//delete the listfile for the current element_id
unlink($current_listfile_name);
//update the table with the file name list
$file_list_joined[$element_id] = implode('|', $file_list_array);
}
//update the table with the file name list
$update_values = '';
$params_update = array();
foreach ($file_list_joined as $element_id => $file_joined) {
$file_joined = mf_sanitize($file_joined);
$update_values .= "element_{$element_id}=:element_{$element_id},";
$params_update[':element_' . $element_id] = $file_joined;
}
$update_values = rtrim($update_values, ',');
$params_update[':id'] = $record_insert_id;
$query = "update " . MF_TABLE_PREFIX . "form_{$form_id}_review set {$update_values} where id=:id";
mf_do_query($query, $params_update, $dbh);
}
//if the user goes to review page and then go back to the form page or navigate within multipage form, $uploaded_file_lookup will contain the list of the previously submitted files
//if the multi upload option enabled, make sure to update the previouly uploaded file to the current record during form submit
//when updating the table, make sure to MERGE existing data within the table and the new one
//otherwise, if the multi upload is not enabled, we need to delete previous files and don't update the table with the old files data
if (!empty($uploaded_file_lookup)) {
//get the existing data within the table
$uploaded_element_names = array_keys($uploaded_file_lookup);
$uploaded_element_names_joined = implode(',', $uploaded_element_names);
$query = "SELECT {$uploaded_element_names_joined} from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where `id`=?";
$params = array($record_insert_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$existing_files_data = array();
$multi_upload_info = array();
foreach ($uploaded_element_names as $element_name) {
$existing_files_data[$element_name] = $row[$element_name];
$element_name_exploded = explode('_', $element_name);
$multi_upload_info[$element_name] = $element_info[$element_name_exploded[1]]['file_enable_multi_upload'];
}
//merge the data
foreach ($uploaded_file_lookup as $element_name => $filename) {
$new_files_array = array();
$old_files_array = array();
$new_files_array = explode('|', $filename);
$old_files_array = explode('|', $existing_files_data[$element_name]);
if (!empty($multi_upload_info[$element_name])) {
//if multi upload enabled, merge the data
$merged_files_array = array_merge($new_files_array, $old_files_array);
$merged_files_array = array_unique($merged_files_array);
} else {
//otherwise, just use the new one
$merged_files_array = $old_files_array;
//delete the old files as well, if the files aren't the same with the new one
if ($filename != $existing_files_data[$element_name]) {
foreach ($new_files_array as $filename) {
$filename = $input['machform_data_path'] . $mf_settings['upload_dir'] . "/form_{$form_id}/files/{$filename}.tmp";
if (file_exists($filename)) {
unlink($filename);
}
}
}
}
$merged_files_joined = implode('|', $merged_files_array);
$merged_files_data[$element_name] = $merged_files_joined;
}
$update_clause = '';
foreach ($merged_files_data as $element_name => $filename) {
$filename = addslashes(mf_sanitize($filename));
$update_clause .= "`{$element_name}`='{$filename}',";
}
$update_clause = rtrim($update_clause, ",");
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}_review` SET {$update_clause} WHERE id=?";
$params = array($record_insert_id);
mf_do_query($query, $params, $dbh);
}
//END writing into temporary file ------------------------
}
}
//process any rules to skip pages, if this functionality is being enabled
$process_result['logic_page_enable'] = false;
if ($is_inserted === true && $is_edit_page === false && $is_saving_form_resume === false && !empty($logic_page_enable)) {
//if the back button being clicked, don't evaluate the logic conditions
//simply get the previous page from the array
if (!empty($input['submit_secondary']) || !empty($input['submit_secondary_x'])) {
$pages_history = array();
$pages_history = $_SESSION['mf_pages_history'][$form_id];
$page_number_array_index = array_search($page_number, $pages_history);
$previous_page_number = $pages_history[$page_number_array_index - 1];
$process_result['logic_page_enable'] = true;
$process_result['target_page_id'] = $previous_page_number;
} else {
//submit/continue button being clicked
//get all the destination pages from ap_page_logic
//only get pages with larger page number. the skip page logic can't move backward
$query = "SELECT \r\n\t\t\t\t\t\t\t\tpage_id,\r\n\t\t\t\t\t\t\t\trule_all_any \r\n\t\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "page_logic \r\n\t\t\t\t\t\t WHERE \r\n\t\t\t\t\t\t\t\tform_id = ? and (page_id > ? or page_id in('payment','review','success')) \r\n\t\t\t\t\t\tORDER BY \r\n\t\t\t\t\t\t\t\tpage_id asc";
$params = array($form_id, $page_number);
$sth = mf_do_query($query, $params, $dbh);
$page_logic_array = array();
$i = 0;
while ($row = mf_do_fetch_result($sth)) {
$page_logic_array[$i]['page_id'] = $row['page_id'];
$page_logic_array[$i]['rule_all_any'] = $row['rule_all_any'];
$i++;
}
//evaluate the condition for each destination page
//once a condition results true, break the loop and send the result
if (!empty($page_logic_array)) {
foreach ($page_logic_array as $value) {
$target_page_id = $value['page_id'];
$rule_all_any = $value['rule_all_any'];
$current_page_conditions_status = array();
$query = "SELECT \r\n\t\t\t\t\t\t\t\t\t\telement_name,\r\n\t\t\t\t\t\t\t\t\t\trule_condition,\r\n\t\t\t\t\t\t\t\t\t\trule_keyword \r\n\t\t\t\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "page_logic_conditions \r\n\t\t\t\t\t\t\t\t WHERE \r\n\t\t\t\t\t\t\t\t \t\tform_id = ? AND target_page_id = ?";
$params = array($form_id, $target_page_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$condition_params = array();
$condition_params['form_id'] = $form_id;
$condition_params['element_name'] = $row['element_name'];
$condition_params['rule_condition'] = $row['rule_condition'];
$condition_params['rule_keyword'] = $row['rule_keyword'];
$current_page_conditions_status[] = mf_get_condition_status_from_table($dbh, $condition_params);
}
if ($rule_all_any == 'all') {
if (in_array(false, $current_page_conditions_status)) {
$all_conditions_status = false;
} else {
$all_conditions_status = true;
}
} else {
if ($rule_all_any == 'any') {
if (in_array(true, $current_page_conditions_status)) {
$all_conditions_status = true;
} else {
$all_conditions_status = false;
}
}
}
if ($all_conditions_status === true) {
//all conditions for this target page has been met, break the loop and send it to $process_result
$process_result['logic_page_enable'] = true;
$process_result['target_page_id'] = $target_page_id;
//allow access to the next destination page
if (is_numeric($target_page_id)) {
$_SESSION['mf_form_access'][$form_id][$target_page_id] = true;
} else {
if ($target_page_id == 'review') {
$process_result['review_id'] = $record_insert_id;
$process_result['origin_page_number'] = $input['page_number'];
} else {
if ($target_page_id == 'payment' || $target_page_id == 'success') {
//if the destination is payment page or success page, we need to commit the data first
$commit_options = array();
if ($delay_notifications) {
$commit_options['send_notification'] = false;
}
$session_id = session_id();
$query = "SELECT `id` from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$commit_result = mf_commit_form_review($dbh, $form_id, $row['id'], $commit_options);
$process_result['entry_id'] = $commit_result['record_insert_id'];
if ($target_page_id == 'success') {
$_SESSION['mf_form_completed'][$form_id] = true;
$bypass_merchant_redirect_url = true;
}
}
}
}
break;
}
}
//end foreach page_logic_array
}
}
}
//start sending notification email to admin ------------------------------------------
if ($is_inserted && !empty($esl_enable) && !empty($form_email) && empty($form_review) && $form_page_total == 1 && empty($edit_id) && $delay_notifications === false || $is_inserted && !empty($esl_enable) && !empty($form_email) && $is_committed && empty($edit_id) && $delay_notifications === false) {
//get parameters for the email
//from name
if (!empty($esl_from_name)) {
if (is_numeric($esl_from_name)) {
$admin_email_param['from_name'] = '{element_' . $esl_from_name . '}';
} else {
$admin_email_param['from_name'] = $esl_from_name;
}
} else {
$admin_email_param['from_name'] = 'MachForm';
}
//from email address
if (!empty($esl_from_email_address)) {
if (is_numeric($esl_from_email_address)) {
$admin_email_param['from_email'] = '{element_' . $esl_from_email_address . '}';
} else {
$admin_email_param['from_email'] = $esl_from_email_address;
}
} else {
$domain = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$admin_email_param['from_email'] = "no-reply@{$domain}";
}
//subject
if (!empty($esl_subject)) {
$admin_email_param['subject'] = $esl_subject;
} else {
$admin_email_param['subject'] = '{form_name} [#{entry_no}]';
}
//content
if (!empty($esl_content)) {
$admin_email_param['content'] = $esl_content;
} else {
$admin_email_param['content'] = '{entry_data}';
}
$admin_email_param['as_plain_text'] = $esl_plain_text;
$admin_email_param['target_is_admin'] = true;
$admin_email_param['machform_base_path'] = $input['machform_base_path'];
$admin_email_param['check_hook_file'] = true;
mf_send_notification($dbh, $form_id, $record_insert_id, $form_email, $admin_email_param);
}
//end emailing notifications to admin ----------------------------------------------
//start sending notification email to user ------------------------------------------
if ($is_inserted && !empty($esr_enable) && !empty($esr_email_address) && empty($form_review) && $form_page_total == 1 && empty($edit_id) && $delay_notifications === false || $is_inserted && !empty($esr_enable) && !empty($esr_email_address) && $is_committed && empty($edit_id) && $delay_notifications === false) {
//get parameters for the email
//to email
if (is_numeric($esr_email_address)) {
$esr_email_address = '{element_' . $esr_email_address . '}';
}
//from name
if (!empty($esr_from_name)) {
if (is_numeric($esr_from_name)) {
$user_email_param['from_name'] = '{element_' . $esr_from_name . '}';
} else {
$user_email_param['from_name'] = $esr_from_name;
}
} else {
$user_email_param['from_name'] = 'MachForm';
}
//from email address
if (!empty($esr_from_email_address)) {
if (is_numeric($esr_from_email_address)) {
$user_email_param['from_email'] = '{element_' . $esr_from_email_address . '}';
} else {
$user_email_param['from_email'] = $esr_from_email_address;
}
} else {
$domain = str_replace('www.', '', $_SERVER['SERVER_NAME']);
$user_email_param['from_email'] = "no-reply@{$domain}";
}
//subject
if (!empty($esr_subject)) {
$user_email_param['subject'] = $esr_subject;
} else {
$user_email_param['subject'] = '{form_name} - Receipt';
}
//content
if (!empty($esr_content)) {
$user_email_param['content'] = $esr_content;
} else {
$user_email_param['content'] = '{entry_data}';
}
$user_email_param['as_plain_text'] = $esr_plain_text;
$user_email_param['target_is_admin'] = false;
$user_email_param['machform_base_path'] = $input['machform_base_path'];
mf_send_notification($dbh, $form_id, $record_insert_id, $esr_email_address, $user_email_param);
}
//end emailing notifications to user ---------------------------------------------
//if there is no error message or elements, send true as status
if (empty($error_elements) && empty($process_result['custom_error'])) {
$process_result['status'] = true;
if ($form_page_total > 1) {
//if this is multipage form
$_SESSION['mf_form_loaded'][$form_id][$page_number] = true;
if ($is_saving_form_resume) {
//if the user is saving his progress instead of submitting the form
//copy the record from review table into main form table and set the status to incomplete (status=2)
//also generate resume url
$has_invalid_resume_email = false;
//validate the email address first, if the user entered invalid email address, display error message
if (!empty($input['element_resume_email'])) {
$regex = '/^[A-z0-9][\\w.-]*@[A-z0-9][\\w\\-\\.]+\\.[A-z0-9]{2,6}$/';
$resume_email = trim($input['element_resume_email']);
$preg_result = preg_match($regex, $resume_email);
if (empty($preg_result)) {
$has_invalid_resume_email = true;
$error_elements['element_resume_email'] = $mf_lang['val_email'];
$process_result['status'] = false;
$process_result['error_elements'] = $error_elements;
$process_result['old_values']['element_resume_email'] = $input['element_resume_email'];
}
}
if (!$has_invalid_resume_email) {
//get all column name except session_id and id
$query = "SELECT * FROM `" . MF_TABLE_PREFIX . "form_{$form_id}_review` WHERE session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$columns = array();
foreach ($row as $column_name => $column_data) {
if ($column_name != 'id' && $column_name != 'session_id') {
$columns[] = $column_name;
}
}
$columns_joined = implode("`,`", $columns);
$columns_joined = '`' . $columns_joined . '`';
//if there is no resume key, generate new one
if (empty($row['resume_key'])) {
$form_resume_key = substr(strtolower(md5(uniqid(rand(), true))), 0, 10);
} else {
$form_resume_key = $row['resume_key'];
}
//delete previous entry on ap_form_x table
$query = "DELETE from `" . MF_TABLE_PREFIX . "form_{$form_id}` WHERE resume_key=? and status=2";
$params = array($form_resume_key);
mf_do_query($query, $params, $dbh);
//copy from ap_form_x_review to ap_form_x
$query = "INSERT INTO `" . MF_TABLE_PREFIX . "form_{$form_id}`({$columns_joined}) SELECT {$columns_joined} from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` WHERE session_id=?";
$params = array($session_id);
mf_do_query($query, $params, $dbh);
$new_record_id = (int) $dbh->lastInsertId();
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}` set `status`=2,resume_key='{$form_resume_key}' where `id`=?";
$params = array($new_record_id);
mf_do_query($query, $params, $dbh);
//delete from ap_form_x_review table
$query = "DELETE from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` WHERE session_id=?";
$params = array($session_id);
mf_do_query($query, $params, $dbh);
//pass form resume key
$process_result['form_resume_key'] = $form_resume_key;
//pass form resume url
$form_resume_url = $mf_settings['base_url'] . "view.php?id={$form_id}&mf_resume={$form_resume_key}";
$process_result['form_resume_url'] = $form_resume_url;
if (!empty($resume_email)) {
//send the resume link to the provided email
mf_send_resume_link($dbh, $form_name, $form_resume_url, $resume_email);
}
}
} else {
//get the next page number and send it
//don't send page number if this is already the last page, unless back button being clicked
if ($input['page_number'] < $form_page_total) {
if (!empty($input['submit_primary']) || !empty($input['submit_primary_x'])) {
$process_result['next_page_number'] = $page_number + 1;
} elseif (!empty($input['submit_secondary']) || !empty($input['submit_secondary_x'])) {
$process_result['next_page_number'] = $page_number - 1;
} else {
$process_result['next_page_number'] = $page_number + 1;
}
} else {
//if this is the last page
if (!empty($input['submit_primary']) || !empty($input['submit_primary_x'])) {
if (!empty($form_review)) {
$process_result['review_id'] = $record_insert_id;
}
} elseif (!empty($input['submit_secondary']) || !empty($input['submit_secondary_x'])) {
$process_result['next_page_number'] = $page_number - 1;
} else {
if (!empty($form_review)) {
$process_result['review_id'] = $record_insert_id;
}
}
}
}
} else {
//if this is single page form
//if 'form review' enabled, send review_id
if (!empty($form_review)) {
$process_result['review_id'] = $record_insert_id;
} else {
//form submitted successfully, set the session to display success page
$_SESSION['mf_form_completed'][$form_id] = true;
$process_result['entry_id'] = $record_insert_id;
}
}
} else {
$process_result['status'] = false;
}
//get payment processor URL, if applicable for this form
if ($process_result['status'] === true) {
$merchant_redirect_url = mf_get_merchant_redirect_url($dbh, $form_id, $record_insert_id);
if (!empty($merchant_redirect_url) && $bypass_merchant_redirect_url !== true) {
$process_result['form_redirect'] = $merchant_redirect_url;
}
}
return $process_result;
}
$mf_settings = mf_get_settings($dbh);
//check permission, is the user allowed to access this page?
if (empty($_SESSION['mf_user_privileges']['priv_administer'])) {
$user_perms = mf_get_user_permissions($dbh, $form_id, $_SESSION['mf_user_id']);
//this page need edit_entries or view_entries permission
if (empty($user_perms['edit_entries']) && empty($user_perms['view_entries'])) {
die("Access Denied. You don't have permission to access this page.");
}
}
//get form properties data
$query = "select \r\n\t\t\t\t\t form_redirect,\r\n\t\t\t\t\t form_language,\r\n\t\t\t\t\t form_redirect_enable,\r\n\t\t\t\t\t form_email,\r\n\t\t\t\t\t esl_enable,\r\n\t\t\t\t\t esl_from_name,\r\n\t\t\t\t\t esl_from_email_address,\r\n\t\t\t\t\t esl_subject,\r\n\t\t\t\t\t esl_content,\r\n\t\t\t\t\t esl_plain_text,\r\n\t\t\t\t\t esr_enable,\r\n\t\t\t\t\t esr_email_address,\r\n\t\t\t\t\t esr_from_name,\r\n\t\t\t\t\t esr_from_email_address,\r\n\t\t\t\t\t esr_subject,\r\n\t\t\t\t\t esr_content,\r\n\t\t\t\t\t esr_plain_text\r\n\t\t\t from \r\n\t\t\t \t `" . MF_TABLE_PREFIX . "forms` \r\n\t\t\t where \r\n\t\t\t \t form_id=?";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
if (!empty($row['form_language'])) {
mf_set_language($row['form_language']);
}
$esl_from_name = $row['esl_from_name'];
$esl_from_email_address = $row['esl_from_email_address'];
$esl_subject = $row['esl_subject'];
$esl_content = $row['esl_content'];
$esl_plain_text = $row['esl_plain_text'];
$esl_enable = $row['esl_enable'];
$esr_email_address = $row['esr_email_address'];
$esr_from_name = $row['esr_from_name'];
$esr_from_email_address = $row['esr_from_email_address'];
$esr_subject = $row['esr_subject'];
$esr_content = $row['esr_content'];
$esr_plain_text = $row['esr_plain_text'];
$esr_enable = $row['esr_enable'];
//get parameters for the email
function mf_display_form($dbh, $form_id, $form_params = array())
{
global $mf_lang;
//parameters mapping
if (isset($form_params['page_number'])) {
$page_number = $form_params['page_number'];
} else {
$page_number = 1;
}
if (isset($form_params['populated_values'])) {
$populated_values = $form_params['populated_values'];
} else {
$populated_values = array();
}
if (isset($form_params['error_elements'])) {
$error_elements = $form_params['error_elements'];
} else {
$error_elements = array();
}
if (isset($form_params['custom_error'])) {
$custom_error = $form_params['custom_error'];
} else {
$custom_error = '';
}
if (isset($form_params['edit_id'])) {
$edit_id = (int) $form_params['edit_id'];
} else {
$edit_id = 0;
}
if (isset($form_params['integration_method'])) {
//valid values are empty string, 'iframe' or 'php'
$integration_method = $form_params['integration_method'];
} else {
$integration_method = '';
}
if (!empty($form_params['machform_path'])) {
$machform_path = $form_params['machform_path'];
} else {
$machform_path = '';
}
if (!empty($form_params['machform_data_path'])) {
$machform_data_path = $form_params['machform_data_path'];
} else {
$machform_data_path = '';
}
$mf_settings = mf_get_settings($dbh);
//if there is custom error, don't show other errors
if (!empty($custom_error)) {
$error_elements = array();
}
//get form properties data
$query = "SELECT \r\n\t\t\t\t\t\t form_name,\r\n\t\t\t\t\t\t form_description,\r\n\t\t\t\t\t\t form_redirect,\r\n\t\t\t\t\t\t form_success_message,\r\n\t\t\t\t\t\t form_password,\r\n\t\t\t\t\t\t form_unique_ip,\r\n\t\t\t\t\t\t form_frame_height,\r\n\t\t\t\t\t\t form_has_css,\r\n\t\t\t\t\t\t form_active,\r\n\t\t\t\t\t\t form_captcha,\r\n\t\t\t\t\t\t form_captcha_type,\r\n\t\t\t\t\t\t form_review,\r\n\t\t\t\t\t\t form_label_alignment,\r\n\t\t\t\t\t\t form_language,\r\n\t\t\t\t\t\t form_page_total,\r\n\t\t\t\t\t\t form_lastpage_title,\r\n\t\t\t\t\t\t form_submit_primary_text,\r\n\t\t\t\t\t\t form_submit_secondary_text,\r\n\t\t\t\t\t\t form_submit_primary_img,\r\n\t\t\t\t\t\t form_submit_secondary_img,\r\n\t\t\t\t\t\t form_submit_use_image,\r\n\t\t\t\t\t\t form_pagination_type,\r\n\t\t\t\t\t\t form_review_primary_text,\r\n\t\t\t\t\t\t form_review_secondary_text,\r\n\t\t\t\t\t\t form_review_primary_img,\r\n\t\t\t\t\t\t form_review_secondary_img,\r\n\t\t\t\t\t\t form_review_use_image,\r\n\t\t\t\t\t\t form_review_title,\r\n\t\t\t\t\t\t form_review_description,\r\n\t\t\t\t\t\t form_resume_enable,\r\n\t\t\t\t\t\t form_theme_id,\r\n\t\t\t\t\t\t payment_show_total,\r\n\t\t\t\t\t\t payment_total_location,\r\n\t\t\t\t\t\t payment_enable_merchant,\r\n\t\t\t\t\t\t payment_currency,\r\n\t\t\t\t\t\t payment_price_type,\r\n\t\t\t\t\t\t payment_price_amount,\r\n\t\t\t\t\t\t form_limit_enable,\r\n\t\t\t\t\t\t form_limit,\r\n\t\t\t\t\t\t form_schedule_enable,\r\n\t\t\t\t\t\t form_schedule_start_date,\r\n\t\t\t\t\t\t form_schedule_end_date,\r\n\t\t\t\t\t\t form_schedule_start_hour,\r\n\t\t\t\t\t\t form_schedule_end_hour\r\n\t\t\t\t FROM \r\n\t\t\t\t \t " . MF_TABLE_PREFIX . "forms \r\n\t\t\t\t WHERE \r\n\t\t\t\t \t form_id = ?";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
//check for non-existent or currently drafted forms
if (empty($row) || $row['form_active'] != 1) {
die('This is not valid form URL.');
}
$form = new stdClass();
$form->id = $form_id;
$form->name = $row['form_name'];
$form->description = $row['form_description'];
$form->redirect = $row['form_redirect'];
$form->success_message = $row['form_success_message'];
$form->password = $row['form_password'];
$form->frame_height = $row['form_frame_height'];
$form->unique_ip = $row['form_unique_ip'];
$form->has_css = $row['form_has_css'];
$form->active = $row['form_active'];
$form->captcha = $row['form_captcha'];
$form->captcha_type = $row['form_captcha_type'];
$form->review = $row['form_review'];
$form->label_alignment = $row['form_label_alignment'];
$form->page_total = $row['form_page_total'];
$form->lastpage_title = $row['form_lastpage_title'];
$form->submit_primary_text = $row['form_submit_primary_text'];
$form->submit_secondary_text = $row['form_submit_secondary_text'];
$form->submit_primary_img = $row['form_submit_primary_img'];
$form->submit_secondary_img = $row['form_submit_secondary_img'];
$form->submit_use_image = (int) $row['form_submit_use_image'];
$form->pagination_type = $row['form_pagination_type'];
$form->review_primary_text = $row['form_review_primary_text'];
$form->review_secondary_text = $row['form_review_secondary_text'];
$form->review_primary_img = $row['form_review_primary_img'];
$form->review_secondary_img = $row['form_review_secondary_img'];
$form->review_use_image = (int) $row['form_review_use_image'];
$form->review_title = $row['form_review_title'];
$form->review_description = $row['form_review_description'];
$form->resume_enable = $row['form_resume_enable'];
$form->theme_id = (int) $row['form_theme_id'];
$form->payment_show_total = (int) $row['payment_show_total'];
$form->payment_total_location = $row['payment_total_location'];
$form->payment_enable_merchant = (int) $row['payment_enable_merchant'];
if ($form->payment_enable_merchant < 1) {
$form->payment_enable_merchant = 0;
}
$form->payment_currency = $row['payment_currency'];
$form->payment_price_type = $row['payment_price_type'];
$form->payment_price_amount = $row['payment_price_amount'];
$form->limit_enable = (int) $row['form_limit_enable'];
$form->limit = (int) $row['form_limit'];
$form->schedule_enable = (int) $row['form_schedule_enable'];
$form->schedule_start_date = $row['form_schedule_start_date'];
$form->schedule_end_date = $row['form_schedule_end_date'];
$form->schedule_start_hour = $row['form_schedule_start_hour'];
$form->schedule_end_hour = $row['form_schedule_end_hour'];
$form->language = trim($row['form_language']);
if (!empty($form->language)) {
mf_set_language($form->language);
}
if (empty($error_elements)) {
$form->is_error = 0;
} else {
$form->is_error = 1;
}
if (!empty($edit_id)) {
$form->active = 1;
}
if ($form->page_total == 1) {
//if this form has review enabled and user are having $_SESSION['review_id'], then populate the form with that values
if (!empty($form->review) && !empty($_SESSION['review_id']) && empty($populated_values)) {
$entry_params = array();
$entry_params['machform_data_path'] = $machform_data_path;
$populated_values = mf_get_entry_values($dbh, $form_id, $_SESSION['review_id'], true, $entry_params);
} elseif (!empty($form->review) && !empty($_SESSION['review_id']) && !empty($populated_values)) {
//if form review enabled and there is some validation error, the uploaded files needs to be displayed
$entry_params = array();
$entry_params['machform_data_path'] = $machform_data_path;
$populated_file_values = mf_get_entry_values($dbh, $form_id, $_SESSION['review_id'], true, $entry_params);
}
} else {
//if this is multipage form, always populate the fields
$session_id = session_id();
//if there is form resume key, load the record from ap_form_x table to ap_form_x_review table
if (!empty($_SESSION['mf_form_resume_key'][$form_id])) {
$resume_key = $_SESSION['mf_form_resume_key'][$form_id];
//first delete existing record within review table
$query = "DELETE from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=? or resume_key=?";
$params = array($session_id, $resume_key);
mf_do_query($query, $params, $dbh);
//copy data from ap_form_x table to ap_form_x_review table
$query = "SELECT * FROM `" . MF_TABLE_PREFIX . "form_{$form_id}` WHERE resume_key=?";
$params = array($resume_key);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$columns = array();
foreach ($row as $column_name => $column_data) {
if ($column_name != 'id') {
$columns[] = $column_name;
}
}
if (empty($columns)) {
//invalid resume_key given, display error message
$custom_error = 'Invalid Link! <br/>Please open the complete URL to resume your saved progress.';
} else {
$columns_joined = implode("`,`", $columns);
$columns_joined = '`' . $columns_joined . '`';
//copy data from main table
$query = "INSERT INTO `" . MF_TABLE_PREFIX . "form_{$form_id}_review`({$columns_joined}) SELECT {$columns_joined} from `" . MF_TABLE_PREFIX . "form_{$form_id}` WHERE resume_key=?";
$params = array($resume_key);
mf_do_query($query, $params, $dbh);
$query = "UPDATE `" . MF_TABLE_PREFIX . "form_{$form_id}_review` set session_id=? WHERE resume_key=?";
$params = array($session_id, $resume_key);
mf_do_query($query, $params, $dbh);
for ($i = 1; $i <= $form->page_total; $i++) {
$_SESSION['mf_form_loaded'][$form_id][$i] = true;
}
unset($_SESSION['mf_form_resume_key'][$form_id]);
}
}
$query = "SELECT `id` from `" . MF_TABLE_PREFIX . "form_{$form_id}_review` where session_id=?";
$params = array($session_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
//we need to check mf_form_loaded to make sure default values of fields are being loaded on the first view of the form
if (empty($populated_values) && !empty($_SESSION['mf_form_loaded'][$form_id][$page_number])) {
$entry_params = array();
$entry_params['machform_data_path'] = $machform_data_path;
$populated_values = mf_get_entry_values($dbh, $form_id, $row['id'], true, $entry_params);
} else {
//if there is some validation error, the uploaded files needs to be displayed
$entry_params = array();
$entry_params['machform_data_path'] = $machform_data_path;
$populated_file_values = mf_get_entry_values($dbh, $form_id, $row['id'], true, $entry_params);
}
}
//get price definitions for fields, if the merchant feature is enabled
if (!empty($form->payment_enable_merchant)) {
$query = "select \r\n\t\t\t\t\t\t\telement_id,\r\n\t\t\t\t\t\t\toption_id,\r\n\t\t\t\t\t\t\t`price` \r\n\t\t\t\t\t from \r\n\t\t\t\t\t \t\t`" . MF_TABLE_PREFIX . "element_prices` \r\n\t\t\t\t\t where \r\n\t\t\t\t\t \t\tform_id=? \r\n\t\t\t\t order by \r\n\t\t\t\t \t\t\telement_id,option_id asc";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$element_prices_array[$row['element_id']][$row['option_id']] = $row['price'];
}
}
//get elements data
//get element options first and store it into array
$query = "SELECT \r\n\t\t\t\t\t\telement_id,\r\n\t\t\t\t\t\toption_id,\r\n\t\t\t\t\t\t`position`,\r\n\t\t\t\t\t\t`option`,\r\n\t\t\t\t\t\toption_is_default \r\n\t\t\t\t FROM \r\n\t\t\t\t \t" . MF_TABLE_PREFIX . "element_options \r\n\t\t\t\t where \r\n\t\t\t\t \t\tform_id = ? and live=1 \r\n\t\t\t\torder by \r\n\t\t\t\t\t\telement_id asc,`position` asc";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$element_id = $row['element_id'];
$option_id = $row['option_id'];
$options_lookup[$element_id][$option_id]['position'] = $row['position'];
$options_lookup[$element_id][$option_id]['option'] = $row['option'];
$options_lookup[$element_id][$option_id]['option_is_default'] = $row['option_is_default'];
if (isset($element_prices_array[$element_id][$option_id])) {
$options_lookup[$element_id][$option_id]['price_definition'] = $element_prices_array[$element_id][$option_id];
}
}
$matrix_elements = array();
//get elements data
$element = array();
if ($page_number === 0) {
//if page_number is 0, display all pages (this is being used on edit_entry page)
$page_number_clause = '';
$params = array($form_id);
} else {
$page_number_clause = 'and element_page_number = ?';
$params = array($form_id, $page_number);
}
$query = "SELECT \r\n\t\t\t\t\t\telement_id,\r\n\t\t\t\t\t\telement_title,\r\n\t\t\t\t\t\telement_guidelines,\r\n\t\t\t\t\t\telement_size,\r\n\t\t\t\t\t\telement_is_required,\r\n\t\t\t\t\t\telement_is_unique,\r\n\t\t\t\t\t\telement_is_private,\r\n\t\t\t\t\t\telement_type,\r\n\t\t\t\t\t\telement_position,\r\n\t\t\t\t\t\telement_default_value,\r\n\t\t\t\t\t\telement_constraint,\r\n\t\t\t\t\t\telement_choice_has_other,\r\n\t\t\t\t\t\telement_choice_other_label,\r\n\t\t\t\t\t\telement_choice_columns,\r\n\t\t\t\t\t\telement_time_showsecond, \r\n\t\t\t\t\t\telement_time_24hour,\r\n\t\t\t\t\t\telement_address_hideline2,\r\n\t\t\t\t\t\telement_address_us_only,\r\n\t\t\t\t\t\telement_date_enable_range,\r\n\t\t\t\t\t\telement_date_range_min,\r\n\t\t\t\t\t\telement_date_range_max,\r\n\t\t\t\t\t\telement_date_enable_selection_limit,\r\n\t\t\t\t\t\telement_date_selection_max,\r\n\t\t\t\t\t\telement_date_disable_past_future,\r\n\t\t\t\t\t\telement_date_past_future,\r\n\t\t\t\t\t\telement_date_disable_weekend,\r\n\t\t\t\t\t\telement_date_disable_specific,\r\n\t\t\t\t\t\telement_date_disabled_list,\r\n\t\t\t\t\t\telement_file_enable_type_limit,\r\n\t\t\t\t\t\telement_file_block_or_allow,\r\n\t\t\t\t\t\telement_file_type_list,\r\n\t\t\t\t\t\telement_file_as_attachment,\r\n\t\t\t\t\t\telement_file_enable_advance,\r\n\t\t\t\t\t\telement_file_auto_upload,\r\n\t\t\t\t\t\telement_file_enable_multi_upload,\r\n\t\t\t\t\t\telement_file_max_selection,\r\n\t\t\t\t\t\telement_file_enable_size_limit,\r\n\t\t\t\t\t\telement_file_size_max,\r\n\t\t\t\t\t\telement_matrix_allow_multiselect,\r\n\t\t\t\t\t\telement_matrix_parent_id,\r\n\t\t\t\t\t\telement_range_min,\r\n\t\t\t\t\t\telement_range_max,\r\n\t\t\t\t\t\telement_range_limit_by,\r\n\t\t\t\t\t\telement_css_class\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_elements \r\n\t\t\t\t WHERE \r\n\t\t\t\t \t\tform_id = ? and element_status='1' {$page_number_clause} and element_type <> 'page_break'\r\n\t\t\t\tORDER BY \r\n\t\t\t\t\t\telement_position asc";
$sth = mf_do_query($query, $params, $dbh);
$j = 0;
$has_calendar = false;
//assume the form doesn't have calendar, so it won't load calendar.js
$has_advance_uploader = false;
$has_guidelines = false;
while ($row = mf_do_fetch_result($sth)) {
$element[$j] = new stdClass();
$element_id = $row['element_id'];
//lookup element options first
if (!empty($options_lookup[$element_id])) {
$element_options = array();
$i = 0;
foreach ($options_lookup[$element_id] as $option_id => $data) {
$element_options[$i] = new stdClass();
$element_options[$i]->id = $option_id;
$element_options[$i]->option = $data['option'];
$element_options[$i]->is_default = $data['option_is_default'];
$element_options[$i]->is_db_live = 1;
if (isset($data['price_definition'])) {
$element_options[$i]->price_definition = $data['price_definition'];
}
$i++;
}
}
//populate elements
$element[$j]->title = nl2br($row['element_title']);
$element[$j]->guidelines = $row['element_guidelines'];
if (!empty($row['element_guidelines']) && $row['element_type'] != 'section' && $row['element_type'] != 'matrix') {
$has_guidelines = true;
}
$element[$j]->size = $row['element_size'];
$element[$j]->is_required = $row['element_is_required'];
$element[$j]->is_unique = $row['element_is_unique'];
$element[$j]->is_private = $row['element_is_private'];
$element[$j]->type = $row['element_type'];
$element[$j]->position = $row['element_position'];
$element[$j]->id = $row['element_id'];
$element[$j]->is_db_live = 1;
$element[$j]->form_id = $form_id;
$element[$j]->choice_has_other = (int) $row['element_choice_has_other'];
$element[$j]->choice_other_label = $row['element_choice_other_label'];
$element[$j]->choice_columns = (int) $row['element_choice_columns'];
$element[$j]->time_showsecond = (int) $row['element_time_showsecond'];
$element[$j]->time_24hour = (int) $row['element_time_24hour'];
$element[$j]->address_hideline2 = (int) $row['element_address_hideline2'];
$element[$j]->address_us_only = (int) $row['element_address_us_only'];
$element[$j]->date_enable_range = (int) $row['element_date_enable_range'];
$element[$j]->date_range_min = $row['element_date_range_min'];
$element[$j]->date_range_max = $row['element_date_range_max'];
$element[$j]->date_enable_selection_limit = (int) $row['element_date_enable_selection_limit'];
$element[$j]->date_selection_max = (int) $row['element_date_selection_max'];
$element[$j]->date_disable_past_future = (int) $row['element_date_disable_past_future'];
$element[$j]->date_past_future = $row['element_date_past_future'];
$element[$j]->date_disable_weekend = (int) $row['element_date_disable_weekend'];
$element[$j]->date_disable_specific = (int) $row['element_date_disable_specific'];
$element[$j]->date_disabled_list = $row['element_date_disabled_list'];
$element[$j]->file_enable_type_limit = (int) $row['element_file_enable_type_limit'];
$element[$j]->file_block_or_allow = $row['element_file_block_or_allow'];
$element[$j]->file_type_list = $row['element_file_type_list'];
$element[$j]->file_as_attachment = (int) $row['element_file_as_attachment'];
$element[$j]->file_enable_advance = (int) $row['element_file_enable_advance'];
if (!empty($element[$j]->file_enable_advance)) {
$has_advance_uploader = true;
}
$element[$j]->file_auto_upload = (int) $row['element_file_auto_upload'];
$element[$j]->file_enable_multi_upload = (int) $row['element_file_enable_multi_upload'];
$element[$j]->file_max_selection = (int) $row['element_file_max_selection'];
$element[$j]->file_enable_size_limit = (int) $row['element_file_enable_size_limit'];
$element[$j]->file_size_max = (int) $row['element_file_size_max'];
$element[$j]->matrix_allow_multiselect = (int) $row['element_matrix_allow_multiselect'];
$element[$j]->matrix_parent_id = (int) $row['element_matrix_parent_id'];
$element[$j]->upload_dir = $mf_settings['upload_dir'];
$element[$j]->range_min = $row['element_range_min'];
$element[$j]->range_max = $row['element_range_max'];
$element[$j]->range_limit_by = $row['element_range_limit_by'];
$element[$j]->css_class = $row['element_css_class'];
$element[$j]->machform_path = $machform_path;
$element[$j]->machform_data_path = $machform_data_path;
//this data came from db or form submit
//being used to display edit form or redisplay form with errors and previous inputs
//this should be optimized in the future, only pass necessary data, not the whole array
$element[$j]->populated_value = $populated_values;
//set prices for price-enabled field
if ($row['element_type'] == 'money' && isset($element_prices_array[$row['element_id']][0])) {
$element[$j]->price_definition = 0;
}
//if there is file upload type, set form enctype to multipart
if ($row['element_type'] == 'file') {
$form_enc_type = 'enctype="multipart/form-data"';
//if this is single page form with review enabled or multipage form
if (!empty($form->review) && !empty($_SESSION['review_id']) && !empty($populated_file_values) || $form->page_total > 1 && !empty($populated_file_values)) {
//populate the default value for uploaded files, when validation error occured
//make sure to keep the file token if exist
if (!empty($populated_values['element_' . $row['element_id']]['file_token'])) {
$populated_file_values['element_' . $row['element_id']]['file_token'] = $populated_values['element_' . $row['element_id']]['file_token'];
}
$element[$j]->populated_value = $populated_file_values;
}
if (!empty($edit_id) && $_SESSION['mf_logged_in'] === true) {
//if this is edit_entry page
$element[$j]->is_edit_entry = true;
}
}
if (!empty($error_elements[$element[$j]->id])) {
$element[$j]->is_error = 1;
$element[$j]->error_message = $error_elements[$element[$j]->id];
}
$element[$j]->default_value = htmlspecialchars($row['element_default_value']);
$element[$j]->constraint = $row['element_constraint'];
if (!empty($element_options)) {
$element[$j]->options = $element_options;
} else {
$element[$j]->options = '';
}
//check for calendar type
if ($row['element_type'] == 'date' || $row['element_type'] == 'europe_date') {
$has_calendar = true;
//if the field has date selection limit, we need to do query to existing entries and disable all date which reached the limit
if (!empty($row['element_date_enable_selection_limit']) && !empty($row['element_date_selection_max'])) {
$sub_query = "select \r\n\t\t\t\t\t\t\t\t\t\tselected_date \r\n\t\t\t\t\t\t\t\t\tfrom (\r\n\t\t\t\t\t\t\t\t\t\t\tselect \r\n\t\t\t\t\t\t\t\t\t\t\t\t date_format(element_{$row['element_id']},'%m/%d/%Y') as selected_date,\r\n\t\t\t\t\t\t\t\t\t\t\t\t count(element_{$row['element_id']}) as total_selection \r\n\t\t\t\t\t\t\t\t\t\t from \r\n\t\t\t\t\t\t\t\t\t\t \t " . MF_TABLE_PREFIX . "form_{$form_id} \r\n\t\t\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t \t status=1 and element_{$row['element_id']} is not null \r\n\t\t\t\t\t\t\t\t\t\t group by \r\n\t\t\t\t\t\t\t\t\t\t \t\t element_{$row['element_id']}\r\n\t\t\t\t\t\t\t\t\t\t ) as A\r\n\t\t\t\t\t\t\t\t where \r\n\t\t\t\t\t\t\t\t\t\t A.total_selection >= ?";
$params = array($row['element_date_selection_max']);
$sub_sth = mf_do_query($sub_query, $params, $dbh);
$current_date_disabled_list = array();
$current_date_disabled_list_joined = '';
while ($sub_row = mf_do_fetch_result($sub_sth)) {
$current_date_disabled_list[] = $sub_row['selected_date'];
}
$current_date_disabled_list_joined = implode(',', $current_date_disabled_list);
if (!empty($element[$j]->date_disable_specific)) {
//add to existing disable date list
if (empty($element[$j]->date_disabled_list)) {
$element[$j]->date_disabled_list = $current_date_disabled_list_joined;
} else {
$element[$j]->date_disabled_list .= ',' . $current_date_disabled_list_joined;
}
} else {
//'disable specific date' is not enabled, we need to override and enable it from here
$element[$j]->date_disable_specific = 1;
$element[$j]->date_disabled_list = $current_date_disabled_list_joined;
}
}
}
//if the element is a matrix field and not the parent, store the data into a lookup array for later use when rendering the markup
if ($row['element_type'] == 'matrix' && !empty($row['element_matrix_parent_id'])) {
$parent_id = $row['element_matrix_parent_id'];
$el_position = $row['element_position'];
$matrix_elements[$parent_id][$el_position]['title'] = $element[$j]->title;
$matrix_elements[$parent_id][$el_position]['id'] = $element[$j]->id;
$matrix_child_option_id = '';
foreach ($element_options as $value) {
$matrix_child_option_id .= $value->id . ',';
}
$matrix_child_option_id = rtrim($matrix_child_option_id, ',');
$matrix_elements[$parent_id][$el_position]['children_option_id'] = $matrix_child_option_id;
//remove it from the main element array
$element[$j] = array();
unset($element[$j]);
$j--;
}
$j++;
}
//add captcha if enabled
//on multipage form, captcha should be displayed on the last page only
if (!empty($form->captcha) && empty($edit_id)) {
if ($form->page_total == 1 || $form->page_total == $page_number) {
$element[$j] = new stdClass();
$element[$j]->type = 'captcha';
$element[$j]->captcha_type = $form->captcha_type;
$element[$j]->form_id = $form_id;
$element[$j]->is_private = 0;
if (!empty($error_elements['element_captcha'])) {
$element[$j]->is_error = 1;
$element[$j]->error_message = $error_elements['element_captcha'];
}
}
}
//generate html markup for each element
$container_class = '';
$all_element_markup = '';
foreach ($element as $element_data) {
if ($element_data->is_private && empty($edit_id)) {
//don't show private element on live forms
continue;
}
//if this is matrix field, build the children data from $matrix_elements array
if ($element_data->type == 'matrix') {
$element_data->matrix_children = $matrix_elements[$element_data->id];
}
$all_element_markup .= call_user_func('mf_display_' . $element_data->type, $element_data);
}
if (!empty($custom_error)) {
$form->error_message = <<<EOT
\t\t\t<li id="error_message">
\t\t\t\t\t<h3 id="error_message_title">{$custom_error}</h3>
\t\t\t</li>\t
EOT;
} elseif (!empty($error_elements)) {
$form->error_message = <<<EOT
\t\t\t<li id="error_message">
\t\t\t\t\t<h3 id="error_message_title">{$mf_lang['error_title']}</h3>
\t\t\t\t\t<p id="error_message_desc">{$mf_lang['error_desc']}</p>
\t\t\t</li>\t
EOT;
}
//if this form is using custom theme and not on edit entry page
if (!empty($form->theme_id) && empty($edit_id)) {
//get the field highlight color for the particular theme
$query = "SELECT \r\n\t\t\t\t\t\t\thighlight_bg_type,\r\n\t\t\t\t\t\t\thighlight_bg_color,\r\n\t\t\t\t\t\t\tform_shadow_style,\r\n\t\t\t\t\t\t\tform_shadow_size,\r\n\t\t\t\t\t\t\tform_shadow_brightness,\r\n\t\t\t\t\t\t\tform_button_type,\r\n\t\t\t\t\t\t\tform_button_text,\r\n\t\t\t\t\t\t\tform_button_image,\r\n\t\t\t\t\t\t\ttheme_has_css \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_themes \r\n\t\t\t\t\t WHERE \r\n\t\t\t\t\t \t\ttheme_id = ?";
$params = array($form->theme_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$form_shadow_style = $row['form_shadow_style'];
$form_shadow_size = $row['form_shadow_size'];
$form_shadow_brightness = $row['form_shadow_brightness'];
$theme_has_css = (int) $row['theme_has_css'];
//if the theme has css file, make sure to refer to that file
//otherwise, generate the css dynamically
if (!empty($theme_has_css)) {
$theme_css_link = '<link rel="stylesheet" type="text/css" href="' . $machform_path . $mf_settings['data_dir'] . '/themes/theme_' . $form->theme_id . '.css" media="all" />';
} else {
$theme_css_link = '<link rel="stylesheet" type="text/css" href="' . $machform_path . 'css_theme.php?theme_id=' . $form->theme_id . '" media="all" />';
}
if ($row['highlight_bg_type'] == 'color') {
$field_highlight_color = $row['highlight_bg_color'];
} else {
//if the field highlight is using pattern instead of color, set the color to empty string
$field_highlight_color = '';
}
//get the css link for the fonts
$font_css_markup = mf_theme_get_fonts_link($dbh, $form->theme_id);
//get the form shadow classes
if (!empty($form_shadow_style) && $form_shadow_style != 'disabled') {
preg_match_all("/[A-Z]/", $form_shadow_style, $prefix_matches);
//this regex simply get the capital characters of the shadow style name
//example: RightPerspectiveShadow result to RPS and then being sliced to RP
$form_shadow_prefix_code = substr(implode("", $prefix_matches[0]), 0, -1);
$form_shadow_size_class = $form_shadow_prefix_code . ucfirst($form_shadow_size);
$form_shadow_brightness_class = $form_shadow_prefix_code . ucfirst($form_shadow_brightness);
if (empty($integration_method)) {
//only display shadow if the form is not being embedded using any method
$form_container_class = $form_shadow_style . ' ' . $form_shadow_size_class . ' ' . $form_shadow_brightness_class;
}
}
//get the button text/image setting
if (empty($form->review)) {
if ($row['form_button_type'] == 'text') {
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="' . $row['form_button_text'] . '" />';
} else {
$submit_button_markup = '<input class="submit_img_primary" type="image" alt="Submit" id="submit_form" name="submit_form" src="' . $row['form_button_image'] . '" />';
}
} else {
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="' . $mf_lang['continue_button'] . '" />';
}
} else {
//if the form doesn't have any theme being applied
$field_highlight_color = '#FFF7C0';
if (empty($integration_method)) {
$form_container_class = 'WarpShadow WLarge WNormal';
//default shadow
} else {
$form_container_class = '';
//dont show any shadow when the form being embedded
}
if (empty($form->review)) {
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="' . $mf_lang['submit_button'] . '" />';
} else {
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="' . $mf_lang['continue_button'] . '" />';
}
}
//display edit_id if there is any, this is being called on edit_entry.php page
if (!empty($edit_id)) {
$edit_markup = "<input type=\"hidden\" name=\"edit_id\" value=\"{$edit_id}\" />\n";
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="Save Changes" />';
} else {
$edit_markup = '';
}
//check for specific form css, if any, use it instead
if ($form->has_css) {
$css_dir = $mf_settings['data_dir'] . "/form_{$form_id}/css/";
}
if (!empty($form->password) && empty($_SESSION['user_authenticated'])) {
//if form require password and password hasn't set yet
$show_password_form = true;
} elseif (!empty($form->password) && !empty($_SESSION['user_authenticated']) && $_SESSION['user_authenticated'] != $form_id) {
//if user authenticated but not for this form
$show_password_form = true;
} else {
//user authenticated for this form, or no password required
$show_password_form = false;
}
if ($show_password_form) {
$submit_button_markup = '<input id="submit_form" class="button_text" type="submit" name="submit_form" value="' . $mf_lang['submit_button'] . '" />';
}
//default markup for single page form submit button
$button_markup = <<<EOT
\t\t<li id="li_buttons" class="buttons">
\t\t\t <input type="hidden" name="form_id" value="{$form->id}" />
\t\t\t {$edit_markup}
\t\t\t <input type="hidden" name="submit_form" value="1" />
\t\t\t <input type="hidden" name="page_number" value="{$page_number}" />
\t\t\t\t{$submit_button_markup}
\t\t</li>
EOT;
//check for form limit rule
$form_has_maximum_entries = false;
if (!empty($form->limit_enable)) {
$query = "select count(*) total_row from " . MF_TABLE_PREFIX . "form_{$form_id} where `status`=1";
$params = array();
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$total_entries = $row['total_row'];
if ($total_entries >= $form->limit) {
$form_has_maximum_entries = true;
}
}
//check for automatic scheduling limit, if enabled
if (!empty($form->schedule_enable)) {
$schedule_start_time = strtotime($form->schedule_start_date . ' ' . $form->schedule_start_hour);
$schedule_end_time = strtotime($form->schedule_end_date . ' ' . $form->schedule_end_hour);
$current_time = strtotime(date("Y-m-d H:i:s"));
if (!empty($schedule_start_time)) {
if ($current_time < $schedule_start_time) {
$form->active = 0;
}
}
if (!empty($schedule_end_time)) {
if ($current_time > $schedule_end_time) {
$form->active = 0;
}
}
}
if (empty($form->active) || $form_has_maximum_entries) {
//if form is not active, don't show the fields
$form_desc_div = '';
$all_element_markup = '';
$button_markup = '';
$ul_class = 'class="password"';
if ($form_has_maximum_entries) {
$inactive_message = $mf_lang['form_limited'];
} else {
$inactive_message = $mf_lang['form_inactive'];
}
$custom_element = <<<EOT
\t\t\t<li>
\t\t\t\t<h2>{$inactive_message}</h2>
\t\t\t</li>
EOT;
} elseif ($show_password_form) {
//don't show form description if this page is password protected and user not authenticated
$form_desc_div = '';
$all_element_markup = '';
$custom_element = <<<EOT
\t\t\t<li>
\t\t\t\t<h2>{$mf_lang['form_pass_title']}</h2>
\t\t\t\t<div>
\t\t\t\t<input type="password" value="" class="text" name="password" id="password" />
\t\t\t\t<label for="password" class="desc">{$mf_lang['form_pass_desc']}</label>
\t\t\t\t</div>
\t\t\t</li>
EOT;
$ul_class = 'class="password"';
} else {
if (!empty($form->name) || !empty($form->description)) {
$form->description = nl2br($form->description);
$form_desc_div = <<<EOT
\t\t<div class="form_description">
\t\t\t<h2>{$form->name}</h2>
\t\t\t<p>{$form->description}</p>
\t\t</div>
EOT;
}
}
if (!$has_guidelines) {
$container_class .= " no_guidelines";
}
if ($integration_method == 'iframe') {
$html_class_tag = 'class="embed"';
}
if ($has_calendar) {
$calendar_init = '<script type="text/javascript" src="' . $machform_path . 'js/datepick/jquery.datepick.js"></script>' . "\n" . '<script type="text/javascript" src="' . $machform_path . 'js/datepick/jquery.datepick.ext.js"></script>' . "\n" . '<link type="text/css" href="' . $machform_path . 'js/datepick/smoothness.datepick.css" rel="stylesheet" />';
} else {
$calendar_init = '';
}
//if the form has multiple pages
//display the pagination header
if ($form->page_total > 1 && $show_password_form === false) {
//build pagination header based on the selected type. possible values:
//steps - display multi steps progress
//percentage - display progress bar with percentage
//disabled - disabled
$page_breaks_data = array();
$page_title_array = array();
//get page titles
$query = "SELECT \r\n\t\t\t\t\t\t\telement_page_title,\r\n\t\t\t\t\t\t\telement_page_number,\r\n\t\t\t\t\t\t\telement_submit_use_image,\r\n\t\t\t\t\t\t element_submit_primary_text,\r\n\t\t\t\t\t\t\telement_submit_secondary_text,\r\n\t\t\t\t\t\t\telement_submit_primary_img,\r\n\t\t\t\t\t\t\telement_submit_secondary_img \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_elements\r\n\t\t\t\t\t WHERE\r\n\t\t\t\t\t\t\tform_id = ? and element_status = 1 and element_type = 'page_break'\r\n\t\t\t\t\tORDER BY \r\n\t\t\t\t\t \t\telement_page_number asc";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$temp_page_number = $row['element_page_number'];
$page_breaks_data[$temp_page_number]['use_image'] = $row['element_submit_use_image'];
$page_breaks_data[$temp_page_number]['primary_text'] = $row['element_submit_primary_text'];
$page_breaks_data[$temp_page_number]['secondary_text'] = $row['element_submit_secondary_text'];
$page_breaks_data[$temp_page_number]['primary_img'] = $row['element_submit_primary_img'];
$page_breaks_data[$temp_page_number]['secondary_img'] = $row['element_submit_secondary_img'];
$page_title_array[] = $row['element_page_title'];
}
//add the last page buttons info into the array for easy lookup
$page_breaks_data[$form->page_total]['use_image'] = $form->submit_use_image;
$page_breaks_data[$form->page_total]['primary_text'] = $form->submit_primary_text;
$page_breaks_data[$form->page_total]['secondary_text'] = $form->submit_secondary_text;
$page_breaks_data[$form->page_total]['primary_img'] = $form->submit_primary_img;
$page_breaks_data[$form->page_total]['secondary_img'] = $form->submit_secondary_img;
if ($form->pagination_type == 'steps') {
$page_titles_markup = '';
$i = 1;
foreach ($page_title_array as $page_title) {
if ($i == $page_number) {
$ap_tp_num_active = ' ap_tp_num_active';
$ap_tp_text_active = ' ap_tp_text_active';
} else {
$ap_tp_num_active = '';
$ap_tp_text_active = '';
}
$page_titles_markup .= '<td align="center"><span id="page_num_' . $i . '" class="ap_tp_num' . $ap_tp_num_active . '">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text' . $ap_tp_text_active . '">' . $page_title . '</span></td><td align="center" class="ap_tp_arrow">></td>' . "\n";
$i++;
}
//add the last page title into the pagination header markup
if ($i == $page_number) {
$ap_tp_num_active = ' ap_tp_num_active';
$ap_tp_text_active = ' ap_tp_text_active';
} else {
$ap_tp_num_active = '';
$ap_tp_text_active = '';
}
$page_titles_markup .= '<td align="center"><span id="page_num_' . $i . '" class="ap_tp_num' . $ap_tp_num_active . '">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text' . $ap_tp_text_active . '">' . $form->lastpage_title . '</span></td>';
//if form review enabled, we need to add the pagination header
if (!empty($form->review)) {
$i++;
$page_titles_markup .= '<td align="center" class="ap_tp_arrow">></td><td align="center"><span id="page_num_' . $i . '" class="ap_tp_num">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text">' . $form->review_title . '</span></td>';
}
$pagination_header = <<<EOT
\t\t\t<li id="pagination_header" class="li_pagination">
\t\t\t <table class="ap_table_pagination" width="100%" border="0" cellspacing="0" cellpadding="0">
\t\t\t <tr>
\t\t\t \t{$page_titles_markup}
\t\t\t </tr>
\t\t\t</table>
\t\t\t</li>
EOT;
} else {
if ($form->pagination_type == 'percentage') {
$page_total = count($page_title_array) + 1;
if (!empty($form->review)) {
$page_total++;
}
$percent_value = round($page_number / $page_total * 100);
if ($percent_value == 100) {
//it's not make sense to display 100% when the form is not really submitted yet
$percent_value = 99;
}
if (!empty($form->review)) {
if ($page_total - 1 == $page_number) {
//if this is last page of the form
$current_page_title = $form->lastpage_title;
} else {
$current_page_title = $page_title_array[$page_number - 1];
}
} else {
if ($page_total == $page_number) {
//if this is last page of the form
$current_page_title = $form->lastpage_title;
} else {
$current_page_title = $page_title_array[$page_number - 1];
}
}
$page_number_title = sprintf($mf_lang['page_title'], $page_number, $page_total);
$pagination_header = <<<EOT
\t\t\t<li id="pagination_header" class="li_pagination" title="Click to edit">
\t\t\t <h3 id="page_title_{$page_number}">{$page_number_title} - {$current_page_title}</h3>
\t\t\t\t<div class="mf_progress_container">
\t\t\t \t<div id="mf_progress_percentage" class="mf_progress_value" style="width: {$percent_value}%"><span>{$percent_value}%</span></div>
\t\t\t\t</div>
\t\t\t</li>
EOT;
} else {
$pagination_header = '';
}
}
//build the submit buttons markup
if (empty($edit_id)) {
if (empty($page_breaks_data[$page_number]['use_image'])) {
//if using text buttons as submit
if ($page_number > 1) {
$button_secondary_markup = '<input class="button_text btn_secondary" type="submit" id="submit_secondary" name="submit_secondary" value="' . $page_breaks_data[$page_number]['secondary_text'] . '" />';
}
$button_markup = <<<EOT
\t\t\t<li id="li_buttons" class="buttons">
\t\t\t\t <input type="hidden" name="form_id" value="{$form->id}" />
\t\t\t\t {$edit_markup}
\t\t\t\t <input type="hidden" name="submit_form" value="1" />
\t\t\t\t <input type="hidden" name="page_number" value="{$page_number}" />
\t\t\t\t\t<input class="button_text btn_primary" type="submit" id="submit_primary" name="submit_primary" value="{$page_breaks_data[$page_number]['primary_text']}" />
\t\t\t\t\t{$button_secondary_markup}
\t\t\t</li>
EOT;
} else {
//if using images as submit
if ($page_number > 1) {
$button_secondary_markup = '<input class="submit_img_secondary" type="image" alt="Previous" id="submit_secondary" name="submit_secondary" src="' . $page_breaks_data[$page_number]['secondary_img'] . '" />';
}
$button_markup = <<<EOT
\t\t\t<li id="li_buttons" class="buttons">
\t\t\t\t <input type="hidden" name="form_id" value="{$form->id}" />
\t\t\t\t {$edit_markup}
\t\t\t\t <input type="hidden" name="submit_form" value="1" />
\t\t\t\t <input type="hidden" name="page_number" value="{$page_number}" />
\t\t\t\t \t<input class="submit_img_primary" type="image" alt="Continue" id="submit_primary" name="submit_primary" src="{$page_breaks_data[$page_number]['primary_img']}" />
\t\t\t\t\t{$button_secondary_markup}
\t\t\t</li>
EOT;
}
} else {
//if there is edit_id, then this is edit_entry page, display a standard button
$button_markup = <<<EOT
\t\t\t<li id="li_buttons" class="buttons">
\t\t\t\t <input type="hidden" name="form_id" value="{$form->id}" />
\t\t\t\t {$edit_markup}
\t\t\t\t <input type="hidden" name="submit_form" value="1" />
\t\t\t\t <input type="hidden" name="page_number" value="{$page_number}" />
\t\t\t\t\t<input class="button_text btn_primary" type="submit" id="submit_primary" name="submit_primary" value="Save Changes" />
\t\t\t</li>
EOT;
}
}
if ($has_advance_uploader) {
if (!empty($machform_path)) {
$mf_path_script = <<<EOT
<script type="text/javascript">
var __machform_path = '{$machform_path}';
</script>
EOT;
}
$advance_uploader_js = <<<EOT
<script type="text/javascript" src="{$machform_path}js/uploadify/swfobject.js"></script>
<script type="text/javascript" src="{$machform_path}js/uploadify/jquery.uploadify.js"></script>
<script type="text/javascript" src="{$machform_path}js/jquery.jqplugin.min.js"></script>
{$mf_path_script}
EOT;
}
if ($integration_method == 'iframe') {
$auto_height_js = <<<EOT
<script type="text/javascript" src="{$machform_path}js/jquery.ba-postmessage.min.js"></script>
<script type="text/javascript">
\$(function(){
\t\$.postMessage({mf_iframe_height: \$('body').outerHeight(true)}, '*', parent );
});
</script>
EOT;
}
//if the form has resume enabled and this is multi page form (single page form doesn't have resume option)
if (!empty($form->resume_enable) && $form->page_total > 1) {
if (!empty($error_elements['element_resume_email'])) {
$li_resume_email_style = '';
$li_resume_error_message = "<p class=\"error\">{$error_elements['element_resume_email']}</p>";
$li_resume_class = 'class="error"';
$li_resume_checked = 'checked="checked"';
$li_resume_button_status = 1;
} else {
$li_resume_email_style = 'style="display: none"';
$li_resume_error_message = '';
$li_resume_class = '';
$li_resume_checked = '';
$li_resume_button_status = 0;
}
$form_resume_markup = <<<EOT
\t\t\t<li id="li_resume_checkbox">
\t\t\t<div>
\t\t\t\t<span><input type="checkbox" value="1" class="element checkbox" name="element_resume_checkbox" id="element_resume_checkbox" {$li_resume_checked}>
\t\t\t\t\t<label for="element_resume_checkbox" class="choice">{$mf_lang['resume_checkbox_title']}</label>
\t\t\t\t</span>
\t\t\t</div>
\t\t\t</li>
\t\t\t<li id="li_resume_email" {$li_resume_class} {$li_resume_email_style} data-resumebutton="{$li_resume_button_status}" data-resumelabel="{$mf_lang['resume_submit_button_text']}">
\t\t\t\t<label for="element_resume_email" class="description">{$mf_lang['resume_email_input_label']}</label>
\t\t\t\t<div>
\t\t\t\t\t<input type="text" value="{$populated_values['element_resume_email']}" class="element text medium" name="element_resume_email" id="element_resume_email">
\t\t\t\t</div><p id="guide_resume_email" class="guidelines"><small>{$mf_lang['resume_guideline']}</small></p> {$li_resume_error_message}
\t\t\t</li>
EOT;
}
//if the form has enabled merchant support and set the total payment to be displayed
if (!empty($form->payment_enable_merchant) && !empty($form->payment_show_total)) {
$currency_symbol = '$';
switch ($form->payment_currency) {
case 'USD':
$currency_symbol = '$';
break;
case 'EUR':
$currency_symbol = '€';
break;
case 'GBP':
$currency_symbol = '£';
break;
case 'AUD':
$currency_symbol = 'A$';
break;
case 'CAD':
$currency_symbol = 'C$';
break;
case 'JPY':
$currency_symbol = '¥';
break;
case 'THB':
$currency_symbol = '฿';
break;
case 'HUF':
$currency_symbol = 'Ft';
break;
case 'CHF':
$currency_symbol = 'CHF';
break;
case 'CZK':
$currency_symbol = 'Kč';
break;
case 'SEK':
$currency_symbol = 'kr';
break;
case 'DKK':
$currency_symbol = 'kr';
break;
case 'PHP':
$currency_symbol = '$';
break;
case 'MYR':
$currency_symbol = 'RM';
break;
case 'PLN':
$currency_symbol = 'zł';
break;
case 'BRL':
$currency_symbol = 'R$';
break;
case 'HKD':
$currency_symbol = 'HK$';
break;
case 'MXN':
$currency_symbol = 'Mex$';
break;
case 'TWD':
$currency_symbol = 'NT$';
break;
case 'TRY':
$currency_symbol = 'TL';
break;
}
if ($form->payment_price_type == 'variable') {
//if this is multipage form, we need to get the total selected price from other pages
if ($form->page_total > 1) {
$other_page_total_payment = (double) mf_get_payment_total($dbh, $form_id, $session_id, $page_number);
$other_page_total_data_tag = 'data-basetotal="' . $other_page_total_payment . '"';
} else {
$other_page_total_data_tag = 'data-basetotal="0"';
}
} elseif ($form->payment_price_type == 'fixed') {
$other_page_total_data_tag = 'data-basetotal="' . $form->payment_price_amount . '"';
}
$payment_total_markup = <<<EOT
\t\t\t<li class="total_payment" {$other_page_total_data_tag}>
\t\t\t\t<span>
\t\t\t\t\t<h3>{$currency_symbol}<var>0</var></h3>
\t\t\t\t\t<h5>{$mf_lang['payment_total']}</h5>
\t\t\t\t</span>
\t\t\t</li>
EOT;
if ($form->payment_total_location == 'top') {
$payment_total_markup_top = $payment_total_markup;
} else {
if ($form->payment_total_location == 'bottom') {
$payment_total_markup_bottom = $payment_total_markup;
} else {
if ($form->payment_total_location == 'top-bottom' || $form->payment_total_location == 'all') {
$payment_total_markup_top = $payment_total_markup;
$payment_total_markup_bottom = $payment_total_markup;
}
}
}
}
if (empty($mf_settings['disable_machform_link'])) {
$powered_by_markup = 'Powered by MachForm';
} else {
$powered_by_markup = '';
}
//if advanced form code being used, display the form without body container
if ($integration_method == 'php') {
$container_class .= " integrated";
if (!empty($edit_id)) {
$view_css_markup = '<link rel="stylesheet" type="text/css" href="css/edit_entry.css" media="all" />';
} else {
$view_css_markup = "<link rel=\"stylesheet\" type=\"text/css\" href=\"{$machform_path}{$css_dir}view.css\" media=\"all\" />";
}
$form_markup = <<<EOT
{$view_css_markup}
{$theme_css_link}
{$font_css_markup}
<style>
html{
\tbackground: none repeat scroll 0 0 transparent;
\tbackground-color: transparent;
}
</style>
<script type="text/javascript" src="{$machform_path}js/jquery.min.js"></script>
<script type="text/javascript" src="{$machform_path}js/jquery-ui/ui/jquery.effects.core.js"></script>
<script type="text/javascript" src="{$machform_path}view.js"></script>
{$advance_uploader_js}
{$calendar_init}
<div id="main_body" class="{$container_class}">
\t<div id="form_container">
\t
\t\t<h1><a>{$form->name}</a></h1>
\t\t<form id="form_{$form->id}" class="appnitro {$form->label_alignment}" {$form_enc_type} method="post" data-highlightcolor="{$field_highlight_color}" action="#main_body">
\t\t\t{$form_desc_div}\t\t\t\t\t\t
\t\t\t<ul {$ul_class}>
\t\t\t{$pagination_header}
\t\t\t{$payment_total_markup_top}
\t\t\t{$form->error_message}
\t\t\t{$all_element_markup}
\t\t\t{$custom_element}
\t\t\t{$payment_total_markup_bottom}
\t\t\t{$form_resume_markup}
\t\t\t{$button_markup}
\t\t\t</ul>
\t\t</form>\t
\t\t<div id="footer">
\t\t\t{$powered_by_markup}
\t\t</div>
\t</div>\t
</div>
EOT;
} else {
$form_markup = <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html {$html_class_tag} xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>{$form->name}</title>
<link rel="stylesheet" type="text/css" href="data/form_default/css/view.css" media="all" />
{$theme_css_link}
{$font_css_markup}
<script type="text/javascript" src="{$machform_path}js/jquery.min.js"></script>
<script type="text/javascript" src="{$machform_path}js/jquery-ui/ui/jquery.effects.core.js"></script>
<script type="text/javascript" src="{$machform_path}view.js"></script>
{$advance_uploader_js}
{$calendar_init}
{$auto_height_js}
</head>
<body id="main_body" class="{$container_class}">
\t
\t<div id="form_container" class="{$form_container_class}">
\t
\t\t<h1><a>{$form->name}</a></h1>
\t\t<form id="form_{$form->id}" class="appnitro {$form->label_alignment}" {$form_enc_type} method="post" data-highlightcolor="{$field_highlight_color}" action="#main_body">
\t\t\t{$form_desc_div}\t\t\t\t\t\t
\t\t\t<ul {$ul_class}>
\t\t\t{$pagination_header}
\t\t\t{$payment_total_markup_top}
\t\t\t{$form->error_message}
\t\t\t{$all_element_markup}
\t\t\t{$custom_element}
\t\t\t{$payment_total_markup_bottom}
\t\t\t{$form_resume_markup}
\t\t\t{$button_markup}
\t\t\t</ul>
\t\t</form>\t
\t\t<div id="footer">
\t\t\t{$powered_by_markup}
\t\t</div>
\t</div>
\t
\t</body>
</html>
EOT;
}
return $form_markup;
}
function mf_display_form_payment($dbh, $form_id, $record_id, $form_params = array())
{
global $mf_lang;
if (!empty($form_params['integration_method'])) {
$integration_method = $form_params['integration_method'];
} else {
$integration_method = '';
}
if (!empty($form_params['machform_path'])) {
$machform_path = $form_params['machform_path'];
} else {
$machform_path = '';
}
if (!empty($form_params['machform_data_path'])) {
$machform_data_path = $form_params['machform_data_path'];
} else {
$machform_data_path = '';
}
//check permission to access this page
if ($_SESSION['mf_form_payment_access'][$form_id] !== true) {
return "Your session has been expired. Please <a href='view.php?id={$form_id}'>click here</a> to start again.";
}
$mf_settings = mf_get_settings($dbh);
//get form properties data
$query = "select \r\n\t\t\t\t\t\t form_name,\r\n\t\t\t\t\t\t form_has_css,\r\n\t\t\t\t\t\t form_redirect,\r\n\t\t\t\t\t\t form_language,\r\n\t\t\t\t\t\t form_review,\r\n\t\t\t\t\t\t form_review_primary_text,\r\n\t\t\t\t\t\t form_review_secondary_text,\r\n\t\t\t\t\t\t form_review_primary_img,\r\n\t\t\t\t\t\t form_review_secondary_img,\r\n\t\t\t\t\t\t form_review_use_image,\r\n\t\t\t\t\t\t form_review_title,\r\n\t\t\t\t\t\t form_review_description,\r\n\t\t\t\t\t\t form_resume_enable,\r\n\t\t\t\t\t\t form_page_total,\r\n\t\t\t\t\t\t form_lastpage_title,\r\n\t\t\t\t\t\t form_pagination_type,\r\n\t\t\t\t\t\t form_theme_id,\r\n\t\t\t\t\t\t payment_show_total,\r\n\t\t\t\t\t\t payment_total_location,\r\n\t\t\t\t\t\t payment_enable_merchant,\r\n\t\t\t\t\t\t payment_merchant_type,\r\n\t\t\t\t\t\t payment_currency,\r\n\t\t\t\t\t\t payment_price_type,\r\n\t\t\t\t\t\t payment_price_name,\r\n\t\t\t\t\t\t payment_price_amount,\r\n\t\t\t\t\t\t payment_ask_billing,\r\n\t\t\t\t\t\t payment_ask_shipping,\r\n\t\t\t\t\t\t payment_stripe_live_public_key,\r\n\t\t\t\t\t\t payment_stripe_test_public_key,\r\n\t\t\t\t\t\t payment_stripe_enable_test_mode,\r\n\t\t\t\t\t\t payment_enable_recurring,\r\n\t\t\t\t\t\t payment_recurring_cycle,\r\n\t\t\t\t\t\t payment_recurring_unit,\r\n\t\t\t\t\t\t payment_enable_trial,\r\n\t\t\t\t\t\t payment_trial_period,\r\n\t\t\t\t\t\t payment_trial_unit,\r\n\t\t\t\t\t\t payment_trial_amount,\r\n\t\t\t\t\t\t payment_delay_notifications\r\n\t\t\t\t from \r\n\t\t\t\t \t " . MF_TABLE_PREFIX . "forms \r\n\t\t\t\t where \r\n\t\t\t\t \t form_id=?";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$form_language = $row['form_language'];
if (!empty($form_language)) {
mf_set_language($form_language);
}
$form_payment_title = $mf_lang['form_payment_title'];
$form_payment_description = $mf_lang['form_payment_description'];
$form_has_css = $row['form_has_css'];
$form_redirect = $row['form_redirect'];
$form_review = (int) $row['form_review'];
$form_review_primary_text = $row['form_review_primary_text'];
$form_review_secondary_text = $row['form_review_secondary_text'];
$form_review_primary_img = $row['form_review_primary_img'];
$form_review_secondary_img = $row['form_review_secondary_img'];
$form_review_use_image = (int) $row['form_review_use_image'];
$form_review_title = $row['form_review_title'];
$form_review_description = $row['form_review_description'];
$form_page_total = (int) $row['form_page_total'];
$form_lastpage_title = $row['form_lastpage_title'];
$form_pagination_type = $row['form_pagination_type'];
$form_name = htmlspecialchars($row['form_name'], ENT_QUOTES);
$form_theme_id = $row['form_theme_id'];
$form_resume_enable = (int) $row['form_resume_enable'];
$payment_show_total = (int) $row['payment_show_total'];
$payment_total_location = $row['payment_total_location'];
$payment_enable_merchant = (int) $row['payment_enable_merchant'];
if ($payment_enable_merchant < 1) {
$payment_enable_merchant = 0;
}
$payment_currency = $row['payment_currency'];
$payment_price_type = $row['payment_price_type'];
$payment_price_amount = $row['payment_price_amount'];
$payment_price_name = htmlspecialchars($row['payment_price_name'], ENT_QUOTES);
$payment_ask_billing = (int) $row['payment_ask_billing'];
$payment_ask_shipping = (int) $row['payment_ask_shipping'];
$payment_merchant_type = $row['payment_merchant_type'];
$payment_stripe_enable_test_mode = (int) $row['payment_stripe_enable_test_mode'];
$payment_stripe_live_public_key = trim($row['payment_stripe_live_public_key']);
$payment_stripe_test_public_key = trim($row['payment_stripe_test_public_key']);
$payment_enable_recurring = (int) $row['payment_enable_recurring'];
$payment_recurring_cycle = (int) $row['payment_recurring_cycle'];
$payment_recurring_unit = $row['payment_recurring_unit'];
$payment_enable_trial = (int) $row['payment_enable_trial'];
$payment_trial_period = (int) $row['payment_trial_period'];
$payment_trial_unit = $row['payment_trial_unit'];
$payment_trial_amount = (double) $row['payment_trial_amount'];
$payment_delay_notifications = (int) $row['payment_delay_notifications'];
//check for specific form css, if any, use it instead
if ($form_has_css) {
$css_dir = $mf_settings['data_dir'] . "/form_{$form_id}/css/";
}
if ($integration_method == 'iframe') {
$embed_class = 'class="embed"';
}
//get total payment
$currency_symbol = '$';
if ($payment_price_type == 'variable') {
$total_payment_amount = (double) mf_get_payment_total($dbh, $form_id, $record_id, 0, 'live');
$payment_items = mf_get_payment_items($dbh, $form_id, $record_id, 'live');
//build the payment list markup
$payment_list_items_markup = '';
if (!empty($payment_items)) {
foreach ($payment_items as $item) {
if ($item['type'] == 'money') {
$payment_list_items_markup .= "<li>{$item['title']} <span>{$currency_symbol}{$item['amount']}</span></li>" . "\n";
} else {
if ($item['type'] == 'checkbox') {
$payment_list_items_markup .= "<li>{$item['sub_title']} <span>{$currency_symbol}{$item['amount']}</span></li>" . "\n";
} else {
if ($item['type'] == 'select' || $item['type'] == 'radio') {
$payment_list_items_markup .= "<li>{$item['title']} <em>({$item['sub_title']})</em> <span>{$currency_symbol}{$item['amount']}</span></li>" . "\n";
}
}
}
}
}
} else {
if ($payment_price_type == 'fixed') {
$total_payment_amount = $payment_price_amount;
$payment_list_items_markup = "<li>{$payment_price_name}</li>";
}
}
//construct payment terms
if (!empty($payment_enable_recurring)) {
$payment_plurals = '';
if ($payment_recurring_cycle > 1) {
$payment_plurals = 's';
$payment_recurring_cycle_markup = $payment_recurring_cycle . ' ';
}
if (!empty($payment_enable_trial)) {
//recurring with trial period
$payment_trial_price = $currency_symbol . $payment_trial_amount;
if (empty($payment_trial_amount)) {
$payment_trial_price = 'free';
}
$payment_trial_plurals = '';
if ($payment_trial_period > 1) {
$payment_trial_plurals = 's';
}
$payment_term_markup = <<<EOT
\t\t\t\t\t<li class="payment_summary_term">
\t\t\t\t\t\t<em>Trial period: {$payment_trial_period} {$payment_trial_unit}{$payment_trial_plurals} ({$payment_trial_price})</em><br>
\t\t\t\t\t\t<em>Then you will be charged {$currency_symbol}{$total_payment_amount} every {$payment_recurring_cycle_markup}{$payment_recurring_unit}{$payment_plurals}</em>
\t\t\t\t\t</li>
EOT;
} else {
$payment_term_markup = "<li class=\"payment_summary_term\"><em>You will be charged {$currency_symbol}{$total_payment_amount} every {$payment_recurring_cycle_markup}{$payment_recurring_unit}{$payment_plurals}</em></li>";
}
}
//if the form has multiple pages
//display the pagination header
if ($form_page_total > 1) {
//build pagination header based on the selected type. possible values:
//steps - display multi steps progress
//percentage - display progress bar with percentage
//disabled - disabled
$page_breaks_data = array();
$page_title_array = array();
//get page titles
$query = "SELECT \r\n\t\t\t\t\t\t\telement_page_title\r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_elements\r\n\t\t\t\t\t WHERE\r\n\t\t\t\t\t\t\tform_id = ? and element_status = 1 and element_type = 'page_break'\r\n\t\t\t\t\tORDER BY \r\n\t\t\t\t\t \t\telement_page_number asc";
$params = array($form_id);
$sth = mf_do_query($query, $params, $dbh);
while ($row = mf_do_fetch_result($sth)) {
$page_title_array[] = $row['element_page_title'];
}
if ($form_pagination_type == 'steps') {
$page_titles_markup = '';
$i = 1;
foreach ($page_title_array as $page_title) {
$page_titles_markup .= '<td align="center"><span id="page_num_' . $i . '" class="ap_tp_num">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text">' . $page_title . '</span></td><td align="center" class="ap_tp_arrow">></td>' . "\n";
$i++;
}
//add the last page title into the pagination header markup
$page_titles_markup .= '<td align="center"><span id="page_num_' . $i . '" class="ap_tp_num">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text">' . $form_lastpage_title . '</span></td>';
if (!empty($form_review)) {
$i++;
$page_titles_markup .= '<td align="center" class="ap_tp_arrow">></td><td align="center"><span id="page_num_' . $i . '" class="ap_tp_num">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text">' . $form_review_title . '</span></td>';
}
$i++;
$page_titles_markup .= '<td align="center" class="ap_tp_arrow">></td><td align="center"><span id="page_num_' . $i . '" class="ap_tp_num ap_tp_num_active">' . $i . '</span><span id="page_title_' . $i . '" class="ap_tp_text ap_tp_text_active">' . $mf_lang['form_payment_header_title'] . '</span></td>';
$pagination_header = <<<EOT
\t\t\t<ul>
\t\t\t<li id="pagination_header" class="li_pagination">
\t\t\t <table class="ap_table_pagination" width="100%" border="0" cellspacing="0" cellpadding="0">
\t\t\t <tr>
\t\t\t \t{$page_titles_markup}
\t\t\t </tr>
\t\t\t</table>
\t\t\t</li>
\t\t\t</ul>
EOT;
} else {
if ($form_pagination_type == 'percentage') {
$page_total = count($page_title_array) + 2;
if (!empty($form_review)) {
$page_total++;
}
$percent_value = 99;
$page_number_title = sprintf($mf_lang['page_title'], $page_total, $page_total);
$pagination_header = <<<EOT
\t\t\t<ul>
\t\t\t\t<li id="pagination_header" class="li_pagination" title="Click to edit">
\t\t\t <h3 id="page_title_{$page_total}">{$page_number_title}</h3>
\t\t\t\t<div class="mf_progress_container">
\t\t\t \t<div id="mf_progress_percentage" class="mf_progress_value" style="width: {$percent_value}%"><span>{$percent_value}%</span></div>
\t\t\t\t</div>
\t\t\t\t</li>
\t\t\t</ul>
EOT;
} else {
$pagination_header = '';
}
}
}
//build the button markup
$button_markup = <<<EOT
<input id="btn_submit_payment" class="button_text btn_primary" type="submit" data-originallabel="{$mf_lang['payment_submit_button']}" value="{$mf_lang['payment_submit_button']}" />
EOT;
//if this form is using custom theme
if (!empty($form_theme_id)) {
//get the field highlight color for the particular theme
$query = "SELECT \r\n\t\t\t\t\t\t\thighlight_bg_type,\r\n\t\t\t\t\t\t\thighlight_bg_color,\r\n\t\t\t\t\t\t\tform_shadow_style,\r\n\t\t\t\t\t\t\tform_shadow_size,\r\n\t\t\t\t\t\t\tform_shadow_brightness,\r\n\t\t\t\t\t\t\tform_button_type,\r\n\t\t\t\t\t\t\tform_button_text,\r\n\t\t\t\t\t\t\tform_button_image,\r\n\t\t\t\t\t\t\ttheme_has_css \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . MF_TABLE_PREFIX . "form_themes \r\n\t\t\t\t\t WHERE \r\n\t\t\t\t\t \t\ttheme_id = ?";
$params = array($form_theme_id);
$sth = mf_do_query($query, $params, $dbh);
$row = mf_do_fetch_result($sth);
$form_shadow_style = $row['form_shadow_style'];
$form_shadow_size = $row['form_shadow_size'];
$form_shadow_brightness = $row['form_shadow_brightness'];
$theme_has_css = (int) $row['theme_has_css'];
//if the theme has css file, make sure to refer to that file
//otherwise, generate the css dynamically
if (!empty($theme_has_css)) {
$theme_css_link = '<link rel="stylesheet" type="text/css" href="' . $machform_path . $mf_settings['data_dir'] . '/themes/theme_' . $form_theme_id . '.css" media="all" />';
} else {
$theme_css_link = '<link rel="stylesheet" type="text/css" href="' . $machform_path . 'css_theme.php?theme_id=' . $form_theme_id . '" media="all" />';
}
if ($row['highlight_bg_type'] == 'color') {
$field_highlight_color = $row['highlight_bg_color'];
} else {
//if the field highlight is using pattern instead of color, set the color to empty string
$field_highlight_color = '';
}
//get the css link for the fonts
$font_css_markup = mf_theme_get_fonts_link($dbh, $form_theme_id);
//get the form shadow classes
if (!empty($form_shadow_style) && $form_shadow_style != 'disabled') {
preg_match_all("/[A-Z]/", $form_shadow_style, $prefix_matches);
//this regex simply get the capital characters of the shadow style name
//example: RightPerspectiveShadow result to RPS and then being sliced to RP
$form_shadow_prefix_code = substr(implode("", $prefix_matches[0]), 0, -1);
$form_shadow_size_class = $form_shadow_prefix_code . ucfirst($form_shadow_size);
$form_shadow_brightness_class = $form_shadow_prefix_code . ucfirst($form_shadow_brightness);
if (empty($integration_method)) {
//only display shadow if the form is not being embedded using any method
$form_container_class = $form_shadow_style . ' ' . $form_shadow_size_class . ' ' . $form_shadow_brightness_class;
}
}
} else {
//if the form doesn't have any theme being applied
$field_highlight_color = '#FFF7C0';
if (empty($integration_method)) {
$form_container_class = 'WarpShadow WLarge WNormal';
//default shadow
} else {
$form_container_class = '';
//dont show any shadow when the form being embedded
}
}
if (empty($mf_settings['disable_machform_link'])) {
$powered_by_markup = 'Powered by <a href="http://www.appnitro.com" target="_blank">MachForm</a>';
} else {
$powered_by_markup = '';
}
$self_address = htmlentities($_SERVER['PHP_SELF']);
//prevent XSS
$country = mf_get_country_list();
$country_markup = '<option value="" selected="selected"></option>' . "\n";
foreach ($country as $data) {
$country_markup .= "<option value=\"{$data['value']}\">{$data['label']}</option>\n";
}
$billing_address_markup = '';
if (!empty($payment_ask_billing)) {
$billing_address_markup = <<<EOT
\t\t\t\t<li id="li_billing_address" class="address">
\t\t\t\t\t<label class="description">Billing Address <span class="required">*</span></label>
\t\t\t\t\t<div>
\t\t\t\t\t\t<span id="li_billing_span_1">
\t\t\t\t\t\t\t<input id="billing_street" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="billing_street">{$mf_lang['address_street']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_billing_span_2" class="left state_list">
\t\t\t\t\t\t\t<input id="billing_city" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="billing_city">{$mf_lang['address_city']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_billing_span_3" class="right state_list">
\t\t\t\t\t\t\t<input id="billing_state" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="billing_state">{$mf_lang['address_state']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_billing_span_4" class="left">
\t\t\t\t\t\t\t<input id="billing_zipcode" class="element text large" maxlength="15" value="{$default_value_5}" type="text" />
\t\t\t\t\t\t\t<label for="billing_zipcode">{$mf_lang['address_zip']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t
\t\t\t\t\t\t<span id="li_billing_span_5" class="right">
\t\t\t\t\t\t\t<select class="element select large" id="billing_country">
\t\t\t\t\t\t\t\t{$country_markup}\t
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t<label for="billing_country">{$mf_lang['address_country']}</label>
\t\t\t\t\t </span>
\t\t\t\t </div><p id="billing_error_message" class="error" style="display: none"></p>
\t\t\t\t</li>
EOT;
}
$shipping_address_markup = '';
if (!empty($payment_ask_shipping)) {
$shipping_address_markup = <<<EOT
\t\t\t\t<li id="li_shipping_address" class="address">
\t\t\t\t\t<label class="description shipping_address_detail" style="display: none">Shipping Address <span class="required">*</span></label>
\t\t\t\t\t<div class="shipping_address_detail" style="display: none">
\t\t\t\t\t\t<span id="li_shipping_span_1">
\t\t\t\t\t\t\t<input id="shipping_street" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="shipping_street">{$mf_lang['address_street']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_shipping_span_2" class="left state_list">
\t\t\t\t\t\t\t<input id="shipping_city" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="shipping_city">{$mf_lang['address_city']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_shipping_span_3" class="right state_list">
\t\t\t\t\t\t\t<input id="shipping_state" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="shipping_state">{$mf_lang['address_state']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_shipping_span_4" class="left">
\t\t\t\t\t\t\t<input id="shipping_zipcode" class="element text large" maxlength="15" value="{$default_value_5}" type="text" />
\t\t\t\t\t\t\t<label for="shipping_zipcode">{$mf_lang['address_zip']}</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t
\t\t\t\t\t\t<span id="li_shipping_span_5" class="right">
\t\t\t\t\t\t\t<select class="element select large" id="shipping_country">
\t\t\t\t\t\t\t\t{$country_markup}\t
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t<label for="shipping_country">{$mf_lang['address_country']}</label>
\t\t\t\t\t </span>
\t\t\t\t\t <p id="shipping_error_message" class="error" style="display: none"></p>
\t\t\t\t </div>
\t\t\t\t <div>
\t\t\t\t\t <input type="checkbox" value="1" checked="checked" class="checkbox" id="mf_same_shipping_address">
\t\t\t\t\t\t<label for="mf_same_shipping_address" class="choice">My shipping address is the same as my billing address</label>
\t\t\t\t\t</div>
\t\t\t\t</li>
EOT;
}
if ($payment_merchant_type == 'stripe') {
if (!empty($payment_stripe_enable_test_mode)) {
$stripe_public_key = $payment_stripe_test_public_key;
} else {
$stripe_public_key = $payment_stripe_live_public_key;
}
$stripe_js = <<<EOT
<script type="text/javascript" src="https://js.stripe.com/v1/"></script>
<script type="text/javascript">
\tStripe.setPublishableKey('{$stripe_public_key}');
</script>
<script type="text/javascript" src="{$machform_path}js/payment_stripe.js"></script>
EOT;
}
$ssl_suffix = mf_get_ssl_suffix();
$jquery_url = 'http' . $ssl_suffix . '://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js';
$current_year = date("Y");
$year_dropdown_markup = '';
foreach (range($current_year, $current_year + 15) as $year) {
$year_dropdown_markup .= "<option value=\"{$year}\">{$year}</option>" . "\n";
}
if ($integration_method == 'php') {
$form_markup = <<<EOT
<link rel="stylesheet" type="text/css" href="{$machform_path}{$css_dir}view.css" media="all" />
<link rel="stylesheet" type="text/css" href="{$machform_path}view.mobile.css" media="all" />
{$theme_css_link}
{$font_css_markup}
<script type="text/javascript" src="{$jquery_url}"></script>
<script type="text/javascript" src="{$machform_path}js/jquery-ui/ui/jquery.effects.core.js"></script>
<script type="text/javascript" src="{$machform_path}view.js"></script>
{$stripe_js}
<style>
html{
\tbackground: none repeat scroll 0 0 transparent;
}
</style>
<div id="main_body" class="integrated no_guidelines" data-machformpath="{$machform_path}">
\t<div id="form_container">
\t\t<form id="form_{$form_id}" class="appnitro" method="post" action="javascript:" data-highlightcolor="{$field_highlight_color}">
\t\t <div class="form_description">
\t\t\t\t<h2>{$form_payment_title}</h2>
\t\t\t\t<p>{$form_payment_description}</p>
\t\t\t</div>
\t\t\t{$pagination_header}
\t\t\t
\t\t\t<ul class="payment_summary">
\t\t\t\t<li class="payment_summary_amount total_payment" data-basetotal="{$total_payment_amount}">
\t\t\t\t\t<span>
\t\t\t\t\t\t<h3>{$currency_symbol}<var>0</var></h3>
\t\t\t\t\t\t<h5>{$mf_lang['payment_total']}</h5>
\t\t\t\t\t</span>
\t\t\t\t</li>
\t\t\t\t<li class="payment_summary_list">
\t\t\t\t\t<ul class="payment_list_items">
\t\t\t\t\t\t{$payment_list_items_markup}
\t\t\t\t\t</ul>
\t\t\t\t</li>
\t\t\t\t{$payment_term_markup}
\t\t\t</ul>
\t\t\t<ul class="payment_detail_form">
\t\t\t\t<li id="error_message" style="display: none">
\t\t\t\t\t\t<h3 id="error_message_title">{$mf_lang['error_title']}</h3>
\t\t\t\t\t\t<p id="error_message_desc">{$mf_lang['error_desc']}</p>
\t\t\t\t</li>\t
\t\t\t\t<li id="li_accepted_cards">
\t\t\t\t\t<img src="{$machform_path}images/cards/visa.png" alt="Visa" title="Visa" />
\t\t\t\t\t<img src="{$machform_path}images/cards/mastercard.png" alt="MasterCard" title="MasterCard" />
\t\t\t\t\t<img src="{$machform_path}images/cards/amex.png" alt="American Express" title="American Express" />
\t\t\t\t\t<img src="{$machform_path}images/cards/jcb.png" alt="JCB" title="JCB" />
\t\t\t\t\t<img src="{$machform_path}images/cards/discover.png" alt="Discover" title="Discover" />
\t\t\t\t\t<img src="{$machform_path}images/cards/diners.png" alt="Diners Club" title="Diners Club" />
\t\t\t\t</li>
\t\t\t\t<li id="li_credit_card" class="credit_card">
\t\t\t\t\t<label class="description">Credit Card <span class="required">*</span></label>
\t\t\t\t\t<div>
\t\t\t\t\t\t<span id="li_cc_span_1" class="left">
\t\t\t\t\t\t\t<input id="cc_first_name" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_first_name">First Name</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_cc_span_2" class="right">
\t\t\t\t\t\t\t<input id="cc_last_name" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_last_name">Last Name</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t<span id="li_cc_span_3" class="left">
\t\t\t\t\t\t\t<input id="cc_number" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_number">Credit Card Number</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_cc_span_4" class="right">
\t\t\t\t\t\t\t<input id="cc_cvv" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_cvv">CVV</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t<span id="li_cc_span_5" style="text-align: right">
\t\t\t\t\t\t\t<img id="cc_secure_icon" src="{$machform_path}images/icons/lock.png" alt="Secure" title="Secure" />
\t\t\t\t\t\t\t<label for="cc_expiry_month" style="display: inline">Expiration: </label>
\t\t\t\t\t\t\t<select class="element select" id="cc_expiry_month">
\t\t\t\t\t\t\t\t<option value="01">01 - January</option>
\t\t\t\t\t\t\t\t<option value="02">02 - February</option>
\t\t\t\t\t\t\t\t<option value="03">03 - March</option>
\t\t\t\t\t\t\t\t<option value="04">04 - April</option>
\t\t\t\t\t\t\t\t<option value="05">05 - May</option>
\t\t\t\t\t\t\t\t<option value="06">06 - June</option>
\t\t\t\t\t\t\t\t<option value="07">07 - July</option>
\t\t\t\t\t\t\t\t<option value="08">08 - August</option>
\t\t\t\t\t\t\t\t<option value="09">09 - September</option>
\t\t\t\t\t\t\t\t<option value="10">10 - October</option>
\t\t\t\t\t\t\t\t<option value="11">11 - November</option>
\t\t\t\t\t\t\t\t<option value="12">12 - December</option>
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t\t<select class="element select" id="cc_expiry_year">
\t\t\t\t\t\t\t\t{$year_dropdown_markup}
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t</span>
\t\t\t\t\t</div><p id="credit_card_error_message" class="error" style="display: none"></p>
\t\t\t\t</li>
\t\t\t\t<li id="li_2" class="section_break">
\t\t\t\t</li>
\t\t\t\t{$billing_address_markup}
\t\t\t\t{$shipping_address_markup}
\t\t\t\t<li id="li_buttons" class="buttons">
\t\t\t\t\t<input type="hidden" id="form_id" value="{$form_id}" />
\t\t\t\t {$button_markup}
\t\t\t\t <img id="mf_payment_loader_img" style="display: none" src="{$machform_path}images/loader_small_grey.gif" />
\t\t\t\t</li>
\t\t\t</ul>
\t\t</form>\t\t
\t\t<form id="form_payment_redirect" method="post" action="{$self_address}">
\t\t\t<input type="hidden" id="form_id_redirect" name="form_id_redirect" value="{$form_id}" />
\t\t</form>\t\t
\t</div>
</div>
EOT;
} else {
if ($integration_method == 'iframe') {
$auto_height_js = <<<EOT
<script type="text/javascript" src="{$machform_path}js/jquery.ba-postmessage.min.js"></script>
<script type="text/javascript">
\$(function(){
\t\$.postMessage({mf_iframe_height: \$('body').outerHeight(true)}, '*', parent );
});
</script>
EOT;
}
$form_markup = <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html {$embed_class} xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>{$form_name}</title>
<link rel="stylesheet" type="text/css" href="{$machform_path}{$css_dir}view.css" media="all" />
<link rel="stylesheet" type="text/css" href="{$machform_path}view.mobile.css" media="all" />
{$theme_css_link}
{$font_css_markup}
<script type="text/javascript" src="{$jquery_url}"></script>
<script type="text/javascript" src="{$machform_path}js/jquery-ui/ui/jquery.effects.core.js"></script>
<script type="text/javascript" src="{$machform_path}view.js"></script>
{$stripe_js}
{$auto_height_js}
</head>
<body id="main_body" class="no_guidelines" data-machformpath="{$machform_path}">
\t
\t<img id="top" src="{$machform_path}images/top.png" alt="" />
\t<div id="form_container" class="{$form_container_class}">
\t
\t\t<h1><a>MachForm</a></h1>
\t\t<form id="form_{$form_id}" class="appnitro" method="post" action="javascript:" data-highlightcolor="{$field_highlight_color}">
\t\t <div class="form_description">
\t\t\t\t<h2>{$form_payment_title}</h2>
\t\t\t\t<p>{$form_payment_description}</p>
\t\t\t</div>
\t\t\t{$pagination_header}
\t\t\t
\t\t\t<ul class="payment_summary">
\t\t\t\t<li class="payment_summary_amount total_payment" data-basetotal="{$total_payment_amount}">
\t\t\t\t\t<span>
\t\t\t\t\t\t<h3>{$currency_symbol}<var>0</var></h3>
\t\t\t\t\t\t<h5>{$mf_lang['payment_total']}</h5>
\t\t\t\t\t</span>
\t\t\t\t</li>
\t\t\t\t<li class="payment_summary_list">
\t\t\t\t\t<ul class="payment_list_items">
\t\t\t\t\t\t{$payment_list_items_markup}
\t\t\t\t\t</ul>
\t\t\t\t</li>
\t\t\t\t{$payment_term_markup}
\t\t\t</ul>
\t\t\t<ul class="payment_detail_form">
\t\t\t\t<li id="error_message" style="display: none">
\t\t\t\t\t\t<h3 id="error_message_title">{$mf_lang['error_title']}</h3>
\t\t\t\t\t\t<p id="error_message_desc">{$mf_lang['error_desc']}</p>
\t\t\t\t</li>\t
\t\t\t\t<li id="li_accepted_cards">
\t\t\t\t\t<img src="{$machform_path}images/cards/visa.png" alt="Visa" title="Visa" />
\t\t\t\t\t<img src="{$machform_path}images/cards/mastercard.png" alt="MasterCard" title="MasterCard" />
\t\t\t\t\t<img src="{$machform_path}images/cards/amex.png" alt="American Express" title="American Express" />
\t\t\t\t\t<img src="{$machform_path}images/cards/jcb.png" alt="JCB" title="JCB" />
\t\t\t\t\t<img src="{$machform_path}images/cards/discover.png" alt="Discover" title="Discover" />
\t\t\t\t\t<img src="{$machform_path}images/cards/diners.png" alt="Diners Club" title="Diners Club" />
\t\t\t\t</li>
\t\t\t\t<li id="li_credit_card" class="credit_card">
\t\t\t\t\t<label class="description">Credit Card <span class="required">*</span></label>
\t\t\t\t\t<div>
\t\t\t\t\t\t<span id="li_cc_span_1" class="left">
\t\t\t\t\t\t\t<input id="cc_first_name" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_first_name">First Name</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_cc_span_2" class="right">
\t\t\t\t\t\t\t<input id="cc_last_name" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_last_name">Last Name</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t<span id="li_cc_span_3" class="left">
\t\t\t\t\t\t\t<input id="cc_number" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_number">Credit Card Number</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t
\t\t\t\t\t\t<span id="li_cc_span_4" class="right">
\t\t\t\t\t\t\t<input id="cc_cvv" class="element text large" value="" type="text" />
\t\t\t\t\t\t\t<label for="cc_cvv">CVV</label>
\t\t\t\t\t\t</span>
\t\t\t\t\t\t<span id="li_cc_span_5" style="text-align: right">
\t\t\t\t\t\t\t<img id="cc_secure_icon" src="{$machform_path}images/icons/lock.png" alt="Secure" title="Secure" />
\t\t\t\t\t\t\t<label for="cc_expiry_month" style="display: inline">Expiration: </label>
\t\t\t\t\t\t\t<select class="element select" id="cc_expiry_month">
\t\t\t\t\t\t\t\t<option value="01">01 - January</option>
\t\t\t\t\t\t\t\t<option value="02">02 - February</option>
\t\t\t\t\t\t\t\t<option value="03">03 - March</option>
\t\t\t\t\t\t\t\t<option value="04">04 - April</option>
\t\t\t\t\t\t\t\t<option value="05">05 - May</option>
\t\t\t\t\t\t\t\t<option value="06">06 - June</option>
\t\t\t\t\t\t\t\t<option value="07">07 - July</option>
\t\t\t\t\t\t\t\t<option value="08">08 - August</option>
\t\t\t\t\t\t\t\t<option value="09">09 - September</option>
\t\t\t\t\t\t\t\t<option value="10">10 - October</option>
\t\t\t\t\t\t\t\t<option value="11">11 - November</option>
\t\t\t\t\t\t\t\t<option value="12">12 - December</option>
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t\t<select class="element select" id="cc_expiry_year">
\t\t\t\t\t\t\t\t{$year_dropdown_markup}
\t\t\t\t\t\t\t</select>
\t\t\t\t\t\t</span>
\t\t\t\t\t</div><p id="credit_card_error_message" class="error" style="display: none"></p>
\t\t\t\t</li>
\t\t\t\t<li id="li_2" class="section_break">
\t\t\t\t</li>
\t\t\t\t{$billing_address_markup}
\t\t\t\t{$shipping_address_markup}
\t\t\t\t<li id="li_buttons" class="buttons">
\t\t\t\t\t<input type="hidden" id="form_id" value="{$form_id}" />
\t\t\t\t {$button_markup}
\t\t\t\t <img id="mf_payment_loader_img" style="display: none" src="{$machform_path}images/loader_small_grey.gif" />
\t\t\t\t</li>
\t\t\t</ul>
\t\t</form>\t\t
\t\t<form id="form_payment_redirect" method="post" action="{$self_address}">
\t\t\t<input type="hidden" id="form_id_redirect" name="form_id_redirect" value="{$form_id}" />
\t\t</form>\t
\t</div>
\t<img id="bottom" src="{$machform_path}images/bottom.png" alt="" />
\t</body>
</html>
EOT;
}
return $form_markup;
}
