function custom_form_generate_validation($invoice_type_id)
{
    global $wpdb;
    // get form fields to validate
    $results = $wpdb->get_results($wpdb->prepare("SELECT * FROM wp_invoice_info where invoice_type_id = %d ORDER BY field_order ASC", $invoice_type_id));
    $error_msg .= validate_emails();
    /* ********** BEGIN Validate form fields */
    foreach ($results as $row2) {
        $attributesArray = unserialize($row2->attributes);
        // nametracking is different that means we have a new field...we only care about non duplicate entries
        if ($nametracking != $row2->field_name) {
            if ($_POST[$row2->field_name] != "") {
                // use != "" instead of == 0 because sometimes 0 is a valid field value
                switch ($row2->field_type) {
                    // check to see if the posted value passes validation
                    case "textbox":
                        $error_msg .= validateTextbox($row2);
                        break;
                    default:
                        // rest don't need validation
                        break;
                }
                // switch
            } elseif (array_key_exists("required", $attributesArray)) {
                $error_msg .= '<p class="cstem_im_form_error">Form field "' . $row2->field_description . '" must not be empty</p>';
            }
        }
        // if: it is a new field so need to validate
        $nametracking = $row2->field_name;
        $prevtype = $row2->field_type;
    }
    // for: look through results
    /* END Validate form fields ********** */
    return $error_msg;
}
function validate_form_input()
{
    //Grab the address of params in $GLOBALS. Is this necessary?
    $params =& $GLOBALS["params"];
    $params["to"] = isset($_REQUEST["to"]) ? $_REQUEST["to"] : "";
    $params["from"] = isset($_REQUEST["from"]) ? $_REQUEST["from"] : "";
    $params["subject"] = isset($_REQUEST["subject"]) ? $_REQUEST["subject"] : "";
    $params["message"] = isset($_REQUEST["message"]) ? $_REQUEST["message"] : "";
    $params["bcc_checkbox"] = isset($_REQUEST["bcc_checkbox"]) ? $_REQUEST["bcc_checkbox"] : "no";
    $result = validate_input_presence($params);
    if ($result !== TRUE) {
        return $result;
    }
    $result = validate_emails($params["to"]);
    if ($result !== TRUE) {
        return $result;
    }
    $result = validate_emails($params["from"]);
    if ($result !== TRUE) {
        return $result;
    }
    $result = validate_text_input($params["subject"], "subject");
    if ($result !== TRUE) {
        return $result;
    }
    $result = validate_text_input($params["message"], "message");
    if ($result !== TRUE) {
        return $result;
    }
    $bcc_address = "";
    //Only validate the BCC address(es) if the checkbox has been checked
    if (strcmp($params["bcc_checkbox"], "yes") === 0) {
        $bcc_address = isset($_REQUEST["bcc_input"]) ? $_REQUEST["bcc_input"] : "";
        $result = validate_emails($bcc_address);
        if ($result !== TRUE) {
            return $result;
        }
    }
    $GLOBALS["headers"] = 'From: ' . $params["from"] . "\r\n";
    $GLOBALS["headers"] .= 'Bcc: spencerbartz@gmail.com,' . $bcc_address . "\r\n";
    return TRUE;
}
示例#3
0
<?php

require_once "./config.php";
$input = array();
$errors = array();
$success = array();
$input['number_ppl'] = $_POST['number_ppl'] ? $_POST['number_ppl'] : $_GET['number_ppl'];
$input['form_key'] = $_POST['form_key'] ? $_POST['form_key'] : $_GET['form_key'];
$input['rand_key'] = $_POST['rand_key'] ? $_POST['rand_key'] : $_GET['rand_key'];
$input['names'] = $_POST['names'] ? $_POST['names'] : $_GET['names'];
$input['emails'] = $_POST['emails'] ? $_POST['emails'] : $_GET['emails'];
$input['others'] = $_POST['others'] ? $_POST['others'] : $_GET['others'];
$input['gift_value'] = $_POST['gift_value'] ? $_POST['gift_value'] : $_GET['gift_value'];
try {
    if (validate_input($input, $errors) && validate_form($input, $errors) && eliminate_blank_values($input) && validate_emails($input, $errors) && count($input['names']) >= 1) {
        if (send_emails($input, $errors, $success)) {
            return_success($success);
        } else {
            return_errors($errors);
        }
    } else {
        return_errors($errors);
    }
} catch (Exception $e) {
    return_errors($errors, $input, $e);
}
function validate_input(&$input, &$errors)
{
    $return_val = true;
    //Testing Form Key
    if (!isset($input['form_key']) || empty($input['form_key']) || !is_numeric($input['form_key'])) {
示例#4
0
     break;
 case 'setAdmin':
     $sql = "SELECT cvs_is_private FROM groups WHERE group_id=" . (int) $group_id;
     $result = db_query($sql);
     $initial_settings = db_fetch_array($result);
     $feedback .= $Language->getText('cvs_index', 'config_updated');
     $status = $Language->getText('cvs_index', 'full_success');
     if (trim($custom_mailing_header) == '') {
         $mailing_header = 'NULL';
     } else {
         $mailing_header = $custom_mailing_header;
     }
     if (trim($mailing_list) == '') {
         $mailing_list = 'NULL';
     } else {
         if (!validate_emails($mailing_list)) {
             $mailing_list = 'NULL';
             $status = $Language->getText('cvs_index', 'partial_success');
         }
     }
     $feedback = $feedback . ' ' . $status;
     $is_private = '';
     if ($request->exist('private')) {
         //TODO check that the project is public (else the cvs is always private)
         $private = $request->get('private') ? 1 : 0;
         $is_private = ', cvs_is_private = ' . $private;
         //Raise an event if needed
         if ($initial_settings['cvs_is_private'] != $private) {
             EventManager::instance()->processEvent('cvs_is_private', array('group_id' => $group_id, 'cvs_is_private' => $private));
         }
     }
示例#5
0
 /**
  *	update - Update number of common properties.
  *
  *	Unlike updateAdmin(), this function accessible to project admin.
  *
  *	@param	object	User requesting operation (for access control).
  *	@param	bool	Whether group is publicly accessible (0/1).
  *	@param	string	Project's license (string ident).
  *	@param	int		Group type (1-project, 2-foundry).
  *	@param	string	Machine on which group's home directory located.
  *	@param	string	Domain which serves group's WWW.
  *	@return int	status.
  *	@access public.
  */
 function update(&$user, $group_name, $homepage, $short_description, $use_mail, $use_survey, $use_forum, $use_pm, $use_pm_depend_box, $use_scm, $use_news, $use_docman, $new_doc_address, $send_all_docs, $logo_image_id, $enable_pserver, $enable_anonscm, $use_ftp, $use_tracker, $use_frs, $use_stats, $is_public)
 {
     $perm =& $this->getPermission($user);
     if (!$perm || !is_object($perm)) {
         $this->setError(_('Could not get permission.'));
         return false;
     }
     if (!$perm->isAdmin()) {
         $this->setError(_('Permission denied.'));
         return false;
     }
     // Validate some values
     if (!$group_name) {
         $this->setError(_('Invalid Group Name'));
         return false;
     }
     if ($new_doc_address) {
         $invalid_mails = validate_emails($new_doc_address);
         if (count($invalid_mails) > 0) {
             $this->setError(sprintf(ngettext('New Doc Address Appeared Invalid: %s', 'New Doc Addresses Appeared Invalid: %s', count($invalid_mails)), implode(',', $invalid_mails)));
             return false;
         }
     }
     // in the database, these all default to '1',
     // so we have to explicity set 0
     if (!$use_mail) {
         $use_mail = 0;
     }
     if (!$use_survey) {
         $use_survey = 0;
     }
     if (!$use_forum) {
         $use_forum = 0;
     }
     if (!$use_pm) {
         $use_pm = 0;
     }
     if (!$use_pm_depend_box) {
         $use_pm_depend_box = 0;
     }
     if (!$use_scm) {
         $use_scm = 0;
     }
     if (!$use_news) {
         $use_news = 0;
     }
     if (!$use_docman) {
         $use_docman = 0;
     }
     if (!$use_ftp) {
         $use_ftp = 0;
     }
     if (!$use_tracker) {
         $use_tracker = 0;
     }
     if (!$use_frs) {
         $use_frs = 0;
     }
     if (!$use_stats) {
         $use_stats = 0;
     }
     if (!$send_all_docs) {
         $send_all_docs = 0;
     }
     if (!$homepage) {
         $homepage = $GLOBALS['sys_default_domain'] . '/projects/' . $this->getUnixName() . '/';
     }
     if (strlen($short_description) > 255) {
         $this->setError(_('Error updating project information: Maximum length for Project Description is 255 chars.'));
         return false;
     }
     db_begin();
     //XXX not yet actived logo_image_id='$logo_image_id',
     $sql = "\n\t\t\tUPDATE groups\n\t\t\tSET \n\t\t\t\tgroup_name='" . htmlspecialchars($group_name) . "',\n\t\t\t\thomepage='{$homepage}',\n\t\t\t\tshort_description='" . htmlspecialchars($short_description) . "',\n\t\t\t\tuse_mail='{$use_mail}',\n\t\t\t\tuse_survey='{$use_survey}',\n\t\t\t\tuse_forum='{$use_forum}',\n\t\t\t\tuse_pm='{$use_pm}',\n\t\t\t\tuse_pm_depend_box='{$use_pm_depend_box}',\n\t\t\t\tuse_scm='{$use_scm}',\n\t\t\t\tuse_news='{$use_news}',\n\t\t\t\tuse_docman='{$use_docman}',\n                                is_public='{$is_public}',\n\t\t\t\tnew_doc_address='{$new_doc_address}',\n\t\t\t\tsend_all_docs='{$send_all_docs}',\n\t\t";
     if ($enable_pserver != '') {
         $sql .= "\n\t\t\t\tenable_pserver='{$enable_pserver}',\n\t\t";
     }
     if ($enable_anonscm != '') {
         $sql .= "\n\t\t\t\tenable_anonscm='{$enable_anonscm}',\n\t\t";
     }
     $sql .= "\n\t\t\t\tuse_ftp='{$use_ftp}',\n\t\t\t\tuse_tracker='{$use_tracker}',\n\t\t\t\tuse_frs='{$use_frs}',\n\t\t\t\tuse_stats='{$use_stats}'\n\t\t\tWHERE group_id='" . $this->getID() . "'\n\t\t";
     $res = db_query($sql);
     if (!$res) {
         $this->setError(sprintf(_('Error updating project information: %s'), db_error()));
         db_rollback();
         return false;
     }
     $hook_params = array();
     $hook_params['group'] = $this;
     $hook_params['group_id'] = $this->getID();
     $hook_params['group_homepage'] = $homepage;
     $hook_params['group_name'] = htmlspecialchars($group_name);
     $hook_params['group_description'] = htmlspecialchars($short_description);
     plugin_hook("group_update", $hook_params);
     // Log the audit trail
     $this->addHistory('Changed Public Info', '');
     if (!$this->fetchData($this->getID())) {
         db_rollback();
         return false;
     }
     db_commit();
     return true;
 }
示例#6
0
 /**
  *	update - use this function to update an entry in the database.
  *
  *	@param	string	The name of the forum.
  *	@param	string	The description of the forum.
  *	@param	int		if it should be public (0) for private.
  *	@param	int	 	if we should allow non-logged-in users to post (0) for mandatory login.
  *	@param	string	The email address to send all new posts to.
  *	@param	int		if the messages that are posted in the forum should go to moderation before available. 0-> no moderation 1-> moderation for anonymous and non-project members 2-> moderation for everyone
  *	@return	boolean	success.
  */
 function update($forum_name, $description, $allow_anonymous, $is_public, $send_all_posts_to = '', $moderation_level = 0)
 {
     if (strlen($forum_name) < 3) {
         $this->setError(_('Forum Name Must Be At Least 3 Characters'));
         return false;
     }
     if (strlen($description) < 10) {
         $this->setError(_('Forum Description Must Be At Least 10 Characters'));
         return false;
     }
     if (eregi('[^_\\.0-9a-z-]', $forum_name)) {
         $this->setError(_('Illegal Characters in Forum Name'));
         return false;
     }
     if ($send_all_posts_to) {
         $invalid_mails = validate_emails($send_all_posts_to);
         if (count($invalid_mails) > 0) {
             $this->setInvalidEmailError();
             return false;
         }
     }
     if (!$this->userIsAdmin()) {
         $this->setPermissionDeniedError();
         return false;
     }
     $res = db_query("UPDATE forum_group_list SET\n\t\t\tforum_name='" . strtolower($forum_name) . "',\n\t\t\tdescription='" . htmlspecialchars($description) . "',\n\t\t\tsend_all_posts_to='" . $send_all_posts_to . "',\n\t\t\tallow_anonymous='" . $allow_anonymous . "',\n\t\t\tmoderation_level='" . $moderation_level . "',\n\t\t\tis_public='" . $is_public . "'\n\t\t\tWHERE group_id='" . $this->Group->getID() . "'\n\t\t\tAND group_forum_id='" . $this->getID() . "'");
     if (!$res || db_affected_rows($res) < 1) {
         $this->setError(_('Error On Update:') . ': ' . db_error());
         return false;
     }
     return true;
 }
 /**
  *	update - update a ProjectGroup in the database.
  *
  *	@param	string	The project name.
  *	@param	string	The project description.
  *	@param	string	The email address to send new notifications to.
  *	@return boolean success.
  */
 function update($project_name, $description, $send_all_posts_to = '')
 {
     if (strlen($project_name) < 3) {
         $this->setError(_('Title Must Be At Least 5 Characters'));
         return false;
     }
     if (strlen($description) < 10) {
         $this->setError(_('Document Description Must Be At Least 10 Characters'));
         return false;
     }
     if ($send_all_posts_to) {
         $invalid_mails = validate_emails($send_all_posts_to);
         if (count($invalid_mails) > 0) {
             $this->setInvalidEmailError();
             return false;
         }
     }
     if (!$this->userIsAdmin()) {
         $this->setPermissionDeniedError();
         return false;
     }
     $sql = "UPDATE project_group_list SET\n\t\t\tproject_name='" . htmlspecialchars($project_name) . "',\n\t\t\tdescription='" . htmlspecialchars($description) . "',\n\t\t\tsend_all_posts_to='{$send_all_posts_to}'\n\t\t\tWHERE group_id='" . $this->Group->getID() . "'\n\t\t\tAND group_project_id='" . $this->getID() . "'";
     $res = db_query($sql);
     if (!$res || db_affected_rows($res) < 1) {
         $this->setError('Error On Update: ' . db_error() . $sql);
         return false;
     }
     return true;
 }
 /**
  *  update - use this to update this ArtifactType in the database.
  *
  *  @param	string	The item name.
  *  @param	string	The item description.
  *  @param	bool	(1) true (0) false - whether to email on all updates.
  *  @param	string	The address to send new entries and updates to.
  *  @param	int		Days before this item is considered overdue.
  *  @param	int		Days before stale items time out.
  *  @param	bool	(1) true (0) false - whether the resolution box should be shown.
  *  @param	string	Free-form string that project admins can place on the submit page.
  *  @param	string	Free-form string that project admins can place on the browse page.
  *  @return true on success, false on failure.
  */
 function update($name, $description, $email_all, $email_address, $due_period, $status_timeout, $use_resolution, $submit_instructions, $browse_instructions)
 {
     if (!$this->userIsAdmin()) {
         $this->setPermissionDeniedError();
         return false;
     }
     if ($this->getDataType()) {
         $name = $this->getName();
         $description = $this->getDescription();
     }
     if (!$name || !$description || !$due_period || !$status_timeout) {
         $this->setError(_('ArtifactType: Name, Description, Due Period, and Status Timeout are required'));
         return false;
     }
     if ($email_address) {
         $invalid_emails = validate_emails($email_address);
         if (count($invalid_emails) > 0) {
             $this->SetError(_('E-mail address(es) appeared invalid') . ': ' . implode(',', $invalid_emails));
             return false;
         }
     }
     $email_all = !$email_all ? 0 : $email_all;
     $use_resolution = !$use_resolution ? 0 : $use_resolution;
     $sql = "UPDATE artifact_group_list SET \n\t\t\tname='" . htmlspecialchars($name) . "',\n\t\t\tdescription='" . htmlspecialchars($description) . "',\n\t\t\temail_all_updates='{$email_all}',\n\t\t\temail_address='{$email_address}',\n\t\t\tdue_period='" . $due_period * (60 * 60 * 24) . "',\n\t\t\tstatus_timeout='" . $status_timeout * (60 * 60 * 24) . "',\n\t\t\tsubmit_instructions='" . htmlspecialchars($submit_instructions) . "',\n\t\t\tbrowse_instructions='" . htmlspecialchars($browse_instructions) . "'\n\t\t\tWHERE \n\t\t\tgroup_artifact_id='" . $this->getID() . "' \n\t\t\tAND group_id='" . $this->Group->getID() . "'";
     $res = db_query($sql);
     if (!$res || db_affected_rows($res) < 1) {
         $this->setError('ArtifactType::Update(): ' . db_error());
         return false;
     } else {
         $this->fetchData($this->getID());
         return true;
     }
 }