public function getDetailPage()
 {
     global $_ARRAYLANG, $objDatabase;
     $cx = \Cx\Core\Core\Controller\Cx::instanciate();
     $file = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"];
     $objResult = $objDatabase->Execute("SELECT `id`, `file`, `source`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
     $existing = $objResult !== false && $objResult->RecordCount() > 0;
     if ($_GET["switch"]) {
         if ($existing) {
             $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
         } else {
             $hash = FileSharingLib::createHash();
             $check = FileSharingLib::createCheck($hash);
             $source = str_replace($cx->getWebsiteOffsetPath(), '', $_GET["path"]) . $_GET["file"];
             $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_filesharing (`file`, `source`, `hash`, `check`) VALUES ('" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($source) . "', '" . contrexx_raw2db($hash) . "', '" . contrexx_raw2db($check) . "')");
         }
         $existing = !$existing;
     }
     if ($existing) {
         $this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_STOP_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1'));
         $this->_objTpl->touchBlock('shared');
     } else {
         $this->_objTpl->setVariable(array('FILE_STATUS' => $_ARRAYLANG["TXT_FILESHARING_NOT_SHARED"], 'FILE_STATUS_SWITCH' => $_ARRAYLANG["TXT_FILESHARING_START_SHARING"], 'FILE_STATUS_SWITCH_HREF' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"] . '&switch=1'));
         $this->_objTpl->hideBlock('shared');
     }
     if ($_POST["shareFiles"]) {
         $emails = array();
         foreach (preg_split('/[;,\\s]+/', $_POST["email"]) as $email) {
             if (\FWValidator::isEmail($email)) {
                 $emails[] = contrexx_input2raw($email);
             }
         }
         if (count($emails) > 0) {
             FileSharingLib::sendMail($objResult->fields["id"], $_POST["subject"], $emails, $_POST["message"]);
         }
     } elseif ($_POST["saveExpiration"]) {
         if ($_POST["expiration"]) {
             $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = NULL WHERE `id` = " . $objResult->fields["id"]);
         } else {
             $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . date('Y-m-d H:i:s', strtotime($_POST["expirationDate"])) . "' WHERE `id` = " . $objResult->fields["id"]);
         }
     }
     $objResult = $objDatabase->Execute("SELECT `id`, `hash`, `check`, `expiration_date` FROM " . DBPREFIX . "module_filesharing WHERE `source` = '" . contrexx_raw2db($file) . "'");
     $this->_objTpl->setVariable(array('FORM_ACTION' => 'index.php?cmd=Media&archive=FileSharing&act=filesharing&path=' . $_GET["path"] . '&file=' . $_GET["file"], 'FORM_METHOD' => 'POST', 'FILESHARING_INFO' => $_ARRAYLANG['TXT_FILESHARING_INFO'], 'FILESHARING_LINK_BACK_HREF' => 'index.php?cmd=Media&archive=FileSharing&path=' . $_GET["path"], 'FILESHARING_LINK_BACK' => $_ARRAYLANG['TXT_FILESHARING_LINK_BACK'], 'FILESHARING_DOWNLOAD_LINK' => $_ARRAYLANG['TXT_FILESHARING_DOWNLOAD_LINK'], 'FILE_DOWNLOAD_LINK_HREF' => FileSharingLib::getDownloadLink($objResult->fields["id"]), 'FILE_DELETE_LINK_HREF' => FileSharingLib::getDeleteLink($objResult->fields["id"]), 'FILESHARING_DELETE_LINK' => $_ARRAYLANG['TXT_FILESHARING_DELETE_LINK'], 'FILESHARING_STATUS' => $_ARRAYLANG['TXT_FILESHARING_STATUS'], 'FILESHARING_EXPIRATION' => $_ARRAYLANG['TXT_FILESHARING_EXPIRATION'], 'FILESHARING_NEVER' => $_ARRAYLANG['TXT_FILESHARING_NEVER'], 'FILESHARING_EXPIRATION_CHECKED' => htmlentities($objResult->fields["expiration_date"] == NULL ? 'checked="checked"' : '', ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_EXPIRATION_DATE' => htmlentities($objResult->fields["expiration_date"] != NULL ? date('d.m.Y H:i', strtotime($objResult->fields["expiration_date"])) : date('d.m.Y H:i', time() + 3600 * 24 * 7), ENT_QUOTES, CONTREXX_CHARSET), 'FILESHARING_SEND_MAIL' => $_ARRAYLANG['TXT_FILESHARING_SEND_MAIL'], 'FILESHARING_EMAIL' => $_ARRAYLANG["TXT_FILESHARING_EMAIL"], 'FILESHARING_EMAIL_INFO' => $_ARRAYLANG["TXT_FILESHARING_EMAIL_INFO"], 'FILESHARING_SUBJECT' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT"], 'FILESHARING_SUBJECT_INFO' => $_ARRAYLANG["TXT_FILESHARING_SUBJECT_INFO"], 'FILESHARING_MESSAGE' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE"], 'FILESHARING_MESSAGE_INFO' => $_ARRAYLANG["TXT_FILESHARING_MESSAGE_INFO"], 'FILESHARING_SEND' => $_ARRAYLANG["TXT_FILESHARING_SEND"], 'FILESHARING_SAVE' => $_ARRAYLANG["TXT_FILESHARING_SAVE"], 'TXT_CORE_MAILTEMPLATE_NOTE_TO' => $_ARRAYLANG['TXT_CORE_MAILTEMPLATE_NOTE_TO']));
 }
示例#2
0
 /**
  * Verifies the account data present in the session
  * @param   boolean     $silent     If true, no messages are created.
  *                                  Defaults to false
  * @return  boolean                 True if the account data is complete
  *                                  and valid, false otherwise
  */
 static function verify_account($silent = false)
 {
     global $_ARRAYLANG;
     //\DBG::log("Verify account");
     $status = true;
     //\DBG::log("POST: ".  var_export($_POST, true));
     if (isset($_POST) && !self::verifySessionAddress()) {
         if ($silent) {
             return false;
         }
         $status = \Message::error($_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']);
     }
     // Registered Customers are okay now
     if (self::$objCustomer) {
         return $status;
     }
     if (\Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_MANDATORY || \Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_OPTIONAL && empty($_SESSION['shop']['dont_register'])) {
         if (isset($_SESSION['shop']['password']) && !\User::isValidPassword($_SESSION['shop']['password'])) {
             if ($silent) {
                 return false;
             }
             global $objInit;
             $objInit->loadLanguageData('Access');
             $status = \Message::error(\Cx\Core_Modules\Access\Controller\AccessLib::getPasswordInfo());
         }
     } else {
         // User is not trying to register, so she doesn't need a password.
         // Mind that this is necessary in order to avoid passwords filled
         // in automatically by the browser, which may be wrong, or
         // invalid, or both.
         $_SESSION['shop']['password'] = NULL;
     }
     if (isset($_SESSION['shop']['email']) && !\FWValidator::isEmail($_SESSION['shop']['email'])) {
         if ($silent) {
             return false;
         }
         $status = \Message::error($_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']);
     }
     if (!$status) {
         return false;
     }
     if (isset($_SESSION['shop']['email'])) {
         // Ignore "unregistered" Customers.  These will silently be updated
         if (Customer::getUnregisteredByEmail($_SESSION['shop']['email'])) {
             return true;
         }
         $objUser = new \User();
         $objUser->setUsername($_SESSION['shop']['email']);
         $objUser->setEmail($_SESSION['shop']['email']);
         \Message::save();
         // This method will set an error message we don't want here
         // (as soon as it uses the Message class, that is)
         if (!($objUser->validateUsername() && $objUser->validateEmail())) {
             //\DBG::log("Shop::verify_account(): Username or e-mail in use");
             \Message::restore();
             $_POST['email'] = $_SESSION['shop']['email'] = NULL;
             if ($silent) {
                 return false;
             }
             return \Message::error(sprintf($_ARRAYLANG['TXT_EMAIL_USED_BY_OTHER_CUSTOMER'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'account')))) || \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_GOTO_SENDPASS'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'sendpass')));
         }
         \Message::restore();
     }
     return $status;
 }
示例#3
0
 /**
  * Validate user input data.
  *
  * @access      private
  * @param       array       $arrUserData            user input data from submitted form
  * @return      array       $arrFieldsToHighlight   contains all fields which need to be highlighted
  */
 private function validateUserData($arrUserData)
 {
     global $_ARRAYLANG;
     $arrFieldsToHighlight = array();
     foreach ($arrUserData['numeric'] as $key => $field) {
         if (!empty($field['mandatory'])) {
             if (empty($field['value'])) {
                 $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
                 $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
                 $this->arrStatusMessages['error'][] = $msg;
                 $arrFieldsToHighlight[$key] = '';
                 continue;
             }
         }
         if (strlen($field['value']) > $field['length']) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
         if (!empty($field['value']) && !is_numeric($field['value'])) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_NUMERIC'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
         if (!empty($field['value']) && $field['value'] < 1) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_NOT_POSITIVE'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
     }
     foreach ($arrUserData['text'] as $key => $field) {
         if (!empty($field['mandatory'])) {
             if (empty($field['value'])) {
                 $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
                 $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
                 $this->arrStatusMessages['error'][] = $msg;
                 $arrFieldsToHighlight[$key] = '';
                 continue;
             }
         }
         if (strlen($field['value']) > $field['length']) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
     }
     foreach ($arrUserData['selection'] as $key => $field) {
         if (!empty($field['mandatory'])) {
             if (empty($field['value'])) {
                 $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_EMPTY'];
                 $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
                 $this->arrStatusMessages['error'][] = $msg;
                 $arrFieldsToHighlight[$key] = '';
                 continue;
             }
         }
         if (!empty($field['value']) && !isset($field['options'][$field['value']])) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_SELECTION_INVALID_OPTION'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
     }
     foreach ($arrUserData['email'] as $key => $field) {
         if (!empty($field['mandatory'])) {
             if (empty($field['value'])) {
                 $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_EMPTY'];
                 $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
                 $this->arrStatusMessages['error'][] = $msg;
                 $arrFieldsToHighlight[$key] = '';
                 continue;
             }
         }
         if (strlen($field['value']) > $field['length']) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_FIELD_LENGTH_EXCEEDED'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
         if (!empty($field['value']) && !\FWValidator::isEmail($field['value'])) {
             $msg = $_ARRAYLANG['TXT_CHECKOUT_VALIDATION_INVALID_EMAIL'];
             $msg = str_replace('{FIELD_NAME}', $field['name'], $msg);
             $msg = str_replace('{MAX_LENGTH}', $field['length'], $msg);
             $this->arrStatusMessages['error'][] = $msg;
             $arrFieldsToHighlight[$key] = '';
             continue;
         }
     }
     return $arrFieldsToHighlight;
 }
示例#4
0
 /**
  * Check that a string looks roughly like an email address should
  * Static so it can be used without instantiation
  * Tries to use PHP built-in validator in the filter extension (from PHP 5.2), falls back to a reasonably competent regex validator
  * Conforms approximately to RFC2822
  * @link http://www.hexillion.com/samples/#Regex Original pattern found here
  * @param string $address The email address to check
  * @return boolean
  * @static
  * @access public
  */
 public static function ValidateAddress($address)
 {
     return FWValidator::isEmail($address);
     /* if (function_exists('filter_var')) { //Introduced in PHP 5.2 */
     /*   if(filter_var($address, FILTER_VALIDATE_EMAIL) === FALSE) { */
     /*     return false; */
     /*   } else { */
     /*     return true; */
     /*   } */
     /* } else { */
     /*     return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_-]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $address); */
     /* } */
 }
示例#5
0
 /**
  * check the account id
  * 
  * @global object $objFWUser
  *
  * @return json
  */
 function checkAccountId()
 {
     global $objFWUser;
     $accountId = isset($_GET['id']) ? (int) $_GET['id'] : '';
     $accountEmail = isset($_GET['email']) ? trim($_GET['email']) : '';
     $show = !empty($accountId) || !empty($accountEmail) ? true : false;
     if (!empty($accountId)) {
         $objUsers = $objFWUser->objUser->getUsers($filter = array('id' => intval($accountId)));
         if ($objUsers) {
             $email = $objUsers->getEmail();
         }
     }
     if (empty($accountId) && !empty($accountEmail) && \FWValidator::isEmail($accountEmail)) {
         $objFWUser = \FWUser::getFWUserObject();
         $objUsers = $objFWUser->objUser->getUsers($filter = array('email' => addslashes($accountEmail)));
         if ($objUsers) {
             $id = $objUsers->getId();
             $email = $objUsers->getEmail();
             $company = trim($objUsers->getProfileAttribute('company'));
             $lastname = trim($objUsers->getProfileAttribute('lastname'));
             $firstname = trim($objUsers->getProfileAttribute('firstname'));
             $defaultUser = !empty($company) ? trim($company . ', ' . $firstname . ' ' . $lastname) : trim($firstname . ' ' . $lastname);
             $setDefaultUser = !empty($defaultUser) ? $defaultUser : '******';
         } else {
             $sendLoginCheck = true;
             $email = $accountEmail;
         }
     } else {
         $email = $accountEmail;
     }
     $json[] = array('show' => $show, 'id' => $id, 'email' => $email, 'sendLoginCheck' => $sendLoginCheck, 'setDefaultUser' => $setDefaultUser);
     echo json_encode($json);
     exit;
 }
示例#6
0
 /**
  * Returns true if the given $username is valid
  *
  * @param string $username
  *
  * @return  boolean
  */
 protected function isValidUsername($username)
 {
     if (preg_match('/^[a-zA-Z0-9-_]+$/', $username)) {
         return true;
     }
     if (\FWValidator::isEmail($username)) {
         return true;
     }
     return false;
 }
示例#7
0
 /**
  * Validate the email
  *
  * @param  string  $string
  * @return boolean result
  */
 function isEmail($string)
 {
     return \FWValidator::isEmail($string);
 }
 /**
  * Update guestbook
  *
  * @global  ADONewConnection
  * @global  array
  */
 function _update()
 {
     global $objDatabase, $_ARRAYLANG;
     $guestbookId = intval($_GET['id']);
     $error = "";
     if (!empty($guestbookId)) {
         $forename = contrexx_addslashes(strip_tags($_POST['forename']));
         $name = contrexx_addslashes(strip_tags($_POST['name']));
         $gender = contrexx_addslashes(strip_tags($_POST['malefemale']));
         $mail = isset($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : '';
         $url = isset($_POST['url']) && strlen($_POST['url']) > 7 ? contrexx_addslashes(strip_tags($_POST['url'])) : "";
         $comment = contrexx_addslashes(strip_tags($_POST['comment']));
         $location = contrexx_addslashes(strip_tags($_POST['location']));
         $ip = contrexx_addslashes(strip_tags($_POST['ip']));
         $date = contrexx_addslashes(strip_tags($_POST['datetime']));
         $objValidator = new \FWValidator();
         if (!empty($url)) {
             if (!$this->isUrl($url)) {
                 $error .= $_ARRAYLANG['TXT_INVALID_INTERNET_ADDRESS'] . "<br />";
             }
         }
         if (!$objValidator->isEmail($mail)) {
             $error .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'] . "<br />";
         }
         if (!empty($forename) && !empty($name)) {
             $query = "UPDATE " . DBPREFIX . "module_guestbook\n                               SET forename='{$forename}',\n                                      name='{$name}',\n                                   gender='{$gender}',\n                                   email='{$mail}',\n                                   url='{$url}',\n                                   comment='{$comment}',\n                                   location='{$location}',\n                                   ip='{$ip}',\n                                   datetime='{$date}',\n                                   lang_id='{$this->langId}'\n                             WHERE id={$guestbookId}";
             $objDatabase->Execute($query);
         }
     }
     if (empty($error)) {
         $this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL'];
     } else {
         $this->strErrMessage = $error;
     }
 }
 /**
  * Import Users from a CSV file
  *
  * Sets up common User and Profile fields as well as
  * Newsletter list relations.
  * Fields and their mapping:
  *  Anrede    -> Titel
  *  Vorname
  *  Name
  *  eMail
  *  Firma
  *  Strasse    -> Zusammen mit Hausnummer in Adresse
  *  Hausnummer    -> Zusammen mit Strasse in Adresse
  *  PLZ
  *  Ort
  *  Land
  *  Bundesland    -> Evtl in Ort?
  *  Tel.-Vorwahl    -> Zusammen mit Tel.-Nummer in phone_office
  *  Tel.-Nummer        -> Zusammen mit Tel.-Vorwahl in phone_office
  *  Fax-Vorwahl        -> Zusammen mit Fax.-Nummer in phone_fax
  *  Fax-Nummer        -> Zusammen mit Fax.-Vorwahl in phone_fax
  *  Mobil-Vorwahl    -> Zusammen mit Mobil-Nummer in phone_mobile
  *  Mobil-Nummer    -> Zusammen mit Mobil-Vorwahl in phone_mobile
  *  P1    -> Interessen: Newsletter Listen, kommagetrennt
  *      -> Nicht vorhandene Listen werden angelegt
  *  P2    -> Antwort: ?
  *  P3    -> ?
  *  P4    -> Titel: ?
  *  P5    -> ?
  *  Ursprungsformular    -> ?
  *  Permission    -> ?
  *  Ausgetragen    -> Wenn true, alle Listenzuordnungen entfernen, sonst fehlende anlegen
  *  Anzahl Hard-Bounces    -> Nicht vorhanden?
  *  Status    -> Bedeutung?
  *  Sprache    -> Wird die verwendet?
  *  ID    -> Bedeutung?
  *  Eintragungsdatum    -> regdate
  *  Aenderungsdatum    -> ? (Nur regdate)
  *  Austragungsdatum    -> ? (Nur regdate)
  * @param   string    $file_name    The CSV file name
  */
 static function import_csv($file_name)
 {
     global $_ARRAYLANG;
     \Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/importexport/lib/csv.class.php');
     //DBG::activate(DBG_ADODB_ERROR|DBG_LOG_FIREPHP|DBG_PHP);
     $objUser = \FWUser::getFWUserObject()->objUser;
     $objCsv = new \CsvLib();
     $arrCsv = $objCsv->parse($file_name);
     //        $arrFields = $arrCsv['fieldnames'];
     $arrUsers = $arrCsv['data'];
     //DBG::log("Found ".count($arrUsers)." Users in the CSV file");
     foreach ($arrUsers as $arrUser) {
         //echo(var_export($arrUser, true)."<br />");// var_export($objUser, true)."<hr />"
         $email = $arrUser['3'];
         //DBG::log("Found e-mail $email");
         if (!\FWValidator::isEmail($email)) {
             self::$arrStatusMsg['error'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $_ARRAYLANG['TXT_ACCESS_IMPORT_ERROR_INVALID_EMAIL']);
             continue;
         }
         // TODO: I suppose that the imported file is ISO-8859-1 or so
         $title = utf8_encode($arrUser[0]);
         $gender = preg_match('//', $title) ? 'gender_male' : 'gender_female';
         $firstname = utf8_encode($arrUser[1]);
         $lastname = utf8_encode($arrUser[2]);
         $company = utf8_encode($arrUser[4]);
         $address = utf8_encode($arrUser[5]) . ' ' . utf8_encode($arrUser[6]);
         $zip = utf8_encode($arrUser[7]);
         $city = utf8_encode($arrUser[8]);
         $country = utf8_encode($arrUser[9]);
         $state = utf8_encode($arrUser[10]);
         if ($state) {
             $city .= ", {$state}";
         }
         $phone_office = utf8_encode($arrUser[11]) . ' ' . utf8_encode($arrUser[12]);
         $phone_fax = utf8_encode($arrUser[13]) . ' ' . utf8_encode($arrUser[14]);
         $phone_mobile = utf8_encode($arrUser[15]) . ' ' . utf8_encode($arrUser[16]);
         $p1_lists = utf8_encode($arrUser[17]);
         $unsubscribed = utf8_encode($arrUser[24]);
         $language = utf8_encode($arrUser[27]);
         // These are all unused for the time being
         //                $p2_answer = $arrUser[18];
         //                $p3 = $arrUser[19];
         //                $p4_title = $arrUser[20];
         //                $p5 = $arrUser[21];
         //                $source = $arrUser[22];
         //                $permission = $arrUser[23];
         //                $bounces = $arrUser[25];
         //                $status = $arrUser[26];
         //                $id = $arrUser[28];
         //                $date_subscribed = $arrUser[29];
         //                $date_changed = $arrUser[30];
         //                $date_unsubscribe = $arrUser[31];
         $objUser = new \User();
         $objUser = $objUser->getUsers(array('email' => array($email)));
         $new_user = false;
         if (!$objUser) {
             $new_user = true;
             $objUser = new \User();
             $objUser->setUsername(\User::makeUsername($lastname, $firstname));
             $objUser->setPassword(\User::makePassword());
             $objUser->setEmail($email);
         }
         // TODO: Make new Users active or inactive?
         //            $objUser->setActiveStatus(0);
         //            $objUser->setAdminStatus(0);
         $lang_id = \FWLanguage::getLanguageIdByCode($language);
         $objUser->setFrontendLanguage($lang_id);
         $objUser->setBackendLanguage($lang_id);
         $objUser->setProfile(array('gender' => array($gender), 'title' => array($title), 'firstname' => array($firstname), 'lastname' => array($lastname), 'company' => array($company), 'address' => array($address), 'city' => array($city), 'zip' => array($zip), 'country' => array($country), 'phone_office' => array($phone_office), 'phone_mobile' => array($phone_mobile), 'phone_fax' => array($phone_fax)));
         $arrLists = preg_split('/\\s*,\\s*/', $p1_lists, null, PREG_SPLIT_NO_EMPTY);
         $arrListId = array();
         if (preg_match('/false/i', $unsubscribed)) {
             // User has not unsubscribed (yet), collect the List IDs
             foreach ($arrLists as $list_name) {
                 $list_id = \Cx\Modules\Newsletter\Controller\NewsletterLib::getListIdByName($list_name);
                 //DBG::log("List '$list_name' => ID $list_id");
                 if (!$list_id) {
                     // TODO: Shall I do this?
                     $list_id = \Cx\Modules\Newsletter\Controller\NewsletterLib::_addList(addslashes($list_name));
                     self::$arrStatusMsg['ok'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $list_name, $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_LIST_CREATED']);
                 }
                 $arrListId[$list_id] = $list_id;
             }
         }
         $objUser->setNewsletterCategories($arrListId);
         if ($objUser->store()) {
             self::$arrStatusMsg['ok'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $new_user ? $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_USER_CREATED'] : $_ARRAYLANG['TXT_ACCESS_IMPORT_SUCCESS_USER_UPDATED']);
         } else {
             self::$arrStatusMsg['error'][] = sprintf($_ARRAYLANG['TXT_ACCESS_IMPORT_MESSAGE_TEMPLATE'], $email, $_ARRAYLANG['TXT_ACCESS_IMPORT_ERROR_CREATING_USER']);
         }
     }
 }
示例#10
0
/**
 * Show current voting
 */
function votingShowCurrent($page_content)
{
    global $objDatabase, $_CONFIG, $_ARRAYLANG, $_COOKIE;
    $paging = '';
    $objTpl = new \Cx\Core\Html\Sigma('.');
    \Cx\Core\Csrf\Controller\Csrf::add_placeholder($objTpl);
    $objTpl->setErrorHandling(PEAR_ERROR_DIE);
    $objTpl->setTemplate($page_content);
    if (!isset($_GET['vid'])) {
        $_GET['vid'] = '';
    }
    if (!isset($_POST['votingemail'])) {
        $_POST['votingemail'] = '';
    }
    $votingId = intval($_GET['vid']);
    $msg = '';
    $voted = false;
    if ($_POST["votingoption"]) {
        $voteId = intval($_POST["votingoption"]);
        $query = "SELECT voting_system_id from " . DBPREFIX . "voting_results WHERE id=" . $voteId;
        $objResult = $objDatabase->SelectLimit($query, 1);
        if (!$objResult->EOF) {
            $votingId = $objResult->fields["voting_system_id"];
        }
        $objVoting = $objDatabase->SelectLimit("SELECT submit_check FROM `" . DBPREFIX . "voting_system` WHERE `id`=" . $votingId, 1);
        if ($objVoting !== false && $objVoting->RecordCount() == 1) {
            if ($objVoting->fields['submit_check'] == 'email') {
                $email = contrexx_addslashes($_POST['votingemail']);
                $objValidator = new \FWValidator();
                if ($objValidator->isEmail($email)) {
                    if (!_alreadyVotedWithEmail($votingId, $email)) {
                        if (($msg = VotingSubmitEmail($votingId, $voteId, $email)) === true) {
                            $msg = '';
                            $voted = true;
                        } else {
                            $msg = $_ARRAYLANG['TXT_VOTING_NONEXISTENT_EMAIL'] . '<br /><br />';
                        }
                    } else {
                        $msg = $_ARRAYLANG['TXT_VOTING_ALREADY_VOTED'] . '<br /><br />';
                    }
                } else {
                    $msg = $_ARRAYLANG['TXT_VOTING_INVALID_EMAIL_ERROR'] . '<br /><br />';
                }
            } else {
                VotingSubmit();
                $voted = true;
            }
        }
    }
    if ($_GET['vid'] != '' && $_GET['act'] != 'delete') {
        $query = "SELECT\n\t\t\tid,                                 status,\n\t\t\tdate as datesec,                    question,\n\t\t\tvotes,                              submit_check,\n\t\t\tadditional_nickname,                additional_forename,\n\t\t\tadditional_surname,                 additional_phone,\n\t\t\tadditional_street,                  additional_zip,\n            additional_city,                    additional_email,\n            additional_comment\n\n\t\t\tFROM " . DBPREFIX . "voting_system where id=" . intval($_GET['vid']);
    } else {
        $query = "SELECT\n\t\t\tid,                                 status,\n\t\t\tdate as datesec,                    question,\n\t\t\tvotes,                              submit_check,\n\t\t\tadditional_nickname,                additional_forename,\n\t\t\tadditional_surname,                 additional_phone,\n\t\t\tadditional_street,                  additional_zip,\n\t\t   \tadditional_city,                    additional_email,\n            additional_comment\n\n\t\t\tFROM " . DBPREFIX . "voting_system where status=1";
    }
    $objResult = $objDatabase->Execute($query);
    if ($objResult->RecordCount() == 0) {
        // Only show old records when no voting is set available
        $objTpl->setVariable(array('VOTING_TITLE' => $_ARRAYLANG['TXT_VOTING_NOT_AVAILABLE'], 'VOTING_DATE' => '', 'VOTING_OLDER_TEXT' => '', 'VOTING_OLDER_DATE' => '', 'VOTING_PAGING' => '', 'TXT_DATE' => '', 'TXT_TITLE' => '', 'VOTING_RESULTS_TEXT' => '', 'VOTING_RESULTS_TOTAL_VOTES' => '', 'VOTING_OLDER_TITLE' => $_ARRAYLANG['TXT_VOTING_OLDER'], 'TXT_SUBMIT' => ''));
        /** start paging **/
        $query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system order by id desc";
        $objResult = $objDatabase->SelectLimit($query, 5);
        $count = $objResult->RecordCount();
        $pos = intval($_GET[pos]);
        if ($count > intval($_CONFIG['corePagingLimit'])) {
            $paging = getPaging($count, $pos, "&section=Voting", "<b>" . $_ARRAYLANG['TXT_VOTING_ENTRIES'] . "</b>", true);
        }
        /** end paging **/
        $query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system order by id desc ";
        $objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos);
        while (!$objResult->EOF) {
            $votingid = $objResult->fields['id'];
            $votingTitle = stripslashes($objResult->fields['title']);
            $votingVotes = $objResult->fields['votes'];
            $votingDate = strtotime($objResult->fields['datesec']);
            if ($i % 2 == 0) {
                $class = "row2";
            } else {
                $class = "row1";
            }
            $objTpl->setVariable(array('VOTING_OLDER_TEXT' => '<a href="index.php?section=Voting&vid=' . $votingid . '" title="' . $votingTitle . '">' . $votingTitle . '</a>', 'VOTING_OLDER_DATE' => showFormattedDate($votingDate), 'VOTING_VOTING_ID' => $votingid, 'VOTING_LIST_CLASS' => $class, 'VOTING_PAGING' => $paging));
            $objTpl->parse("votingRow");
            $i++;
            $objResult->MoveNext();
        }
    } else {
        if (!$objResult->EOF) {
            $votingId = $objResult->fields['id'];
            $votingTitle = stripslashes($objResult->fields['question']);
            $votingVotes = $objResult->fields['votes'];
            $votingDate = strtotime($objResult->fields['datesec']);
            $votingStatus = $objResult->fields['status'];
            $votingMethod = $objResult->fields['submit_check'];
            $additional_fields = _create_additional_input_fields($objResult);
            $objResult->MoveNext();
        } else {
            errorHandling();
            return false;
        }
        $images = 1;
        $query = "SELECT id, question, votes FROM " . DBPREFIX . "voting_results WHERE voting_system_id='{$votingId}' ORDER BY id";
        $objResult = $objDatabase->Execute($query);
        while (!$objResult->EOF) {
            if ($votingStatus == 1 && ($votingMethod == 'email' && !$voted || $votingMethod == 'cookie' && $_COOKIE['votingcookie'] != '1')) {
                $votingOptionText .= "<div><input type='radio' id='votingoption_" . $objResult->fields['id'] . "' name='votingoption' value='" . $objResult->fields['id'] . "' " . ($_POST["votingoption"] == $objResult->fields['id'] ? 'checked="checked"' : '') . " /> ";
                $votingOptionText .= "<label for='votingoption_" . $objResult->fields['id'] . "'>" . stripslashes($objResult->fields['question']) . "</label></div>";
            }
            $objResult->MoveNext();
        }
        $votingResultText = _vote_result_html($votingId);
        if ($votingStatus == 1 && ($votingMethod == 'email' && !$voted || $votingMethod == 'cookie' && $_COOKIE['votingcookie'] != '1')) {
            $votingVotes = '';
            if ($votingMethod == 'email') {
                $objTpl->setVariable('VOTING_EMAIL', !empty($_POST['votingemail']) ? htmlentities($_POST['votingemail'], ENT_QUOTES) : '');
                $objTpl->parse('voting_email_input');
            } else {
                if ($objTpl->blockExists('voting_email_input')) {
                    $objTpl->hideBlock('voting_email_input');
                }
            }
            $submitbutton = '<input type="submit" value="' . $_ARRAYLANG['TXT_SUBMIT'] . '" name="Submit" />';
        } else {
            if ($objTpl->blockExists('voting_email_input')) {
                $objTpl->hideBlock('voting_email_input');
            }
            if ($objTpl->blockExists('additional_fields')) {
                $objTpl->hideBlock('additional_fields');
            }
            $votingVotes = $_ARRAYLANG['TXT_VOTING_TOTAL'] . ":\t" . $votingVotes;
            $submitbutton = '';
        }
        if (sizeof($additional_fields)) {
            $objTpl->parse('additional_fields');
            foreach ($additional_fields as $field) {
                list($name, $label, $tag) = $field;
                $objTpl->setVariable(array('VOTING_ADDITIONAL_INPUT_LABEL' => $label, 'VOTING_ADDITIONAL_INPUT' => $tag, 'VOTING_ADDITIONAL_NAME' => $name));
                $objTpl->parse('additional_elements');
            }
        } else {
            $objTpl->hideBlock('additional_fields');
        }
        $objTpl->setVariable(array('VOTING_MSG' => $msg, 'VOTING_TITLE' => $votingTitle, 'VOTING_DATE' => showFormattedDate($votingDate), 'VOTING_OPTIONS_TEXT' => $votingOptionText, 'VOTING_RESULTS_TEXT' => $votingResultText, 'VOTING_RESULTS_TOTAL_VOTES' => $votingVotes, 'VOTING_OLDER_TITLE' => $_ARRAYLANG['TXT_VOTING_OLDER'], 'TXT_DATE' => $_ARRAYLANG['TXT_DATE'], 'TXT_TITLE' => $_ARRAYLANG['TXT_TITLE'], 'TXT_VOTES' => $_ARRAYLANG['TXT_VOTES'], 'TXT_SUBMIT' => $submitbutton));
        // show other Poll entries
        /** start paging **/
        $query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system WHERE id<>{$votingId} order by id desc";
        $objResult = $objDatabase->SelectLimit($query, 5);
        $count = $objResult->RecordCount();
        $pos = intval($_GET[pos]);
        if ($count > intval($_CONFIG['corePagingLimit'])) {
            $paging = getPaging($count, $pos, "&section=Voting", "<b>" . $_ARRAYLANG['TXT_VOTING_ENTRIES'] . "</b>", true);
        }
        /** end paging **/
        $query = "SELECT id, date as datesec, title, votes FROM " . DBPREFIX . "voting_system WHERE id<>{$votingId} order by id desc ";
        $objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos);
        $objTpl->setVariable(array('VOTING_OLDER_TEXT' => '', 'VOTING_OLDER_DATE' => '', 'VOTING_VOTING_ID' => '', 'VOTING_PAGING' => '', 'TXT_DATE' => '', 'TXT_TITLE' => ''));
        while (!$objResult->EOF) {
            $votingid = $objResult->fields['id'];
            $votingTitle = stripslashes($objResult->fields['title']);
            $votingVotes = $objResult->fields['votes'];
            $votingDate = strtotime($objResult->fields['datesec']);
            if ($i % 2 == 0) {
                $class = "row2";
            } else {
                $class = "row1";
            }
            $objTpl->setVariable(array('VOTING_OLDER_TEXT' => '<a href="index.php?section=Voting&vid=' . $votingid . '" title="' . $votingTitle . '">' . $votingTitle . '</a>', 'VOTING_OLDER_DATE' => showFormattedDate($votingDate), 'VOTING_VOTING_ID' => $votingid, 'VOTING_LIST_CLASS' => $class, 'VOTING_PAGING' => $paging));
            $objTpl->parse("votingRow");
            $i++;
            $objResult->MoveNext();
        }
    }
    return $objTpl->get();
}
 function validateSenderMail()
 {
     global $_CORELANG;
     $objValidator = new FWValidator();
     if ($objValidator->isEmail($this->sender_mail)) {
         return true;
     } else {
         $this->error_msg[] = $_CORELANG['TXT_ACCESS_INVALID_SENDER_ADDRESS'];
         return false;
     }
 }
示例#12
0
 /**
  * function handling protected link requests
  * @return void
  */
 function _getPDF()
 {
     global $objDatabase, $_ARRAYLANG, $_CONFIG;
     $objValidator = new FWValidator();
     $ids = explode('_', $_GET['id']);
     $immoID = intval($ids[0]);
     $fieldID = intval($ids[1]);
     if (isset($_POST['immo_id'])) {
         //form was sent
         $name = !empty($_POST['name']) ? contrexx_addslashes(strip_tags($_POST['name'])) : '';
         $firstname = !empty($_POST['firstname']) ? contrexx_addslashes(strip_tags($_POST['firstname'])) : '';
         $company = !empty($_POST['company']) ? contrexx_addslashes(strip_tags($_POST['company'])) : '';
         $street = !empty($_POST['street']) ? contrexx_addslashes(strip_tags($_POST['street'])) : '';
         $zip = !empty($_POST['zip']) ? intval($_POST['zip']) : '';
         $location = !empty($_POST['location']) ? contrexx_addslashes(strip_tags($_POST['location'])) : '';
         $telephone = !empty($_POST['telephone']) ? contrexx_addslashes(strip_tags($_POST['telephone'])) : '';
         $telephone_office = !empty($_POST['telephone_office']) ? contrexx_addslashes(strip_tags($_POST['telephone_office'])) : '';
         $telephone_mobile = !empty($_POST['telephone_mobile']) ? contrexx_addslashes(strip_tags($_POST['telephone_mobile'])) : '';
         $purchase = isset($_POST['purchase']) ? 1 : 0;
         $funding = isset($_POST['funding']) ? 1 : 0;
         $email = !empty($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : '';
         $comment = !empty($_POST['comment']) ? contrexx_addslashes(strip_tags($_POST['comment'])) : '';
         $immoID = !empty($_POST['immo_id']) ? intval($_POST['immo_id']) : '';
         $fieldID = !empty($_POST['field_id']) ? intval($_POST['field_id']) : '';
         $error = 0;
         if ($objValidator->isEmail($email)) {
             if (!empty($name) && !empty($telephone) && !empty($email) && $immoID > 0 && $fieldID > 0) {
                 require_once ASCMS_LIBRARY_PATH . DS . '/phpmailer' . DS . "class.phpmailer.php";
                 $objRS = $objDatabase->SelectLimit("SELECT email\n                                                FROM " . DBPREFIX . "module_immo_contact\n                                                WHERE immo_id = '{$immoID}'\n                                                AND email = '{$email}'\n                                                AND timestamp > " . (mktime() - 600), 1);
                 if ($objRS->RecordCount() > 0) {
                     $this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">' . $_ARRAYLANG['TXT_IMMO_ALREADY_SENT_RECENTLY'] . '</span>');
                     $this->_showContactForm($immoID, $fieldID);
                     return false;
                 }
                 $objRS = $objDatabase->SelectLimit("SELECT fieldvalue\n                                                FROM " . DBPREFIX . "module_immo_content\n                                                WHERE immo_id = '{$immoID}'\n                                                AND field_id = '{$fieldID}'\n                                                AND lang_id = '" . $this->frontLang . "'", 1);
                 if ($objRS) {
                     $link = 'http://' . $_CONFIG['domainUrl'] . str_replace(" ", "%20", $objRS->fields['fieldvalue']);
                     $mailer = new PHPMailer();
                     $objDatabase->Execute("INSERT INTO " . DBPREFIX . "module_immo_contact\n                                                VALUES\n                                                (NULL, '{$email}', '{$name}', '{$firstname}', '{$street}', '{$zip}', '{$location}', '{$company}', '{$telephone}', '{$telephone_office}', '{$telephone_mobile}', '{$purchase}', '{$funding}', '{$comment}', '{$immoID}', '{$fieldID}', " . mktime() . " )");
                     $mailer->CharSet = CONTREXX_CHARSET;
                     $mailer->IsHTML(false);
                     $mailer->SetFrom($this->arrSettings['sender_email'], $this->arrSettings['sender_name']);
                     $mailer->Subject = $this->arrSettings['prot_link_message_subject'];
                     $mailer->Body = str_replace('[[IMMO_PROTECTED_LINK]]', $link, $this->arrSettings['prot_link_message_body']) . "\n\n";
                     $mailer->AddAddress($email);
                     $mailer->Send();
                 } else {
                     $this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">DB error.</span>');
                 }
             } else {
                 $error = 1;
             }
         } else {
             $error = 1;
         }
         if ($error == 1) {
             $this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="errmsg">' . $_ARRAYLANG['TXT_IMMO_MISSIONG_OR_INVALID_FIELDS'] . '</span>');
         } else {
             $this->_objTpl->setVariable('TXT_IMMO_STATUS', '<span class="okmsg">' . $_ARRAYLANG['TXT_IMMO_CONTACT_SUCCESSFUL'] . '</span>');
         }
     }
     // else { //form was not sent }
     return $this->_showContactForm($immoID, $fieldID);
 }
示例#13
0
 /**
  * Insert a new comment for a message into database, if the function is activated. Furthermore, all input values are validated.
  * Sends also the notification mail to the administrator, if it is enabled in options.
  *
  * @global  ADONewConnection
  * @global  array
  * @global  array
  */
 function addComment()
 {
     global $objDatabase, $_ARRAYLANG, $_CONFIG;
     \Cx\Core\Csrf\Controller\Csrf::check_code();
     $this->initUserId();
     //Check for activated function
     if (!$this->_arrSettings['blog_comments_activated']) {
         $this->_strErrorMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_ACTIVATED'];
         return;
     }
     if ($this->hasUserJustCommented()) {
         $this->_strErrorMessage = str_replace('[SECONDS]', intval($this->_arrSettings['blog_comments_timeout']), $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_ERROR_TIMEOUT']);
         return;
     }
     //Create validator-object
     $objValidator = new \FWValidator();
     //Get general-input
     $intMessageId = intval($_POST['frmAddComment_MessageId']);
     $strSubject = contrexx_addslashes(strip_tags($_POST['frmAddComment_Subject']));
     $strComment = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForDb($_POST['frmAddComment_Comment']);
     //Get specified-input
     if ($this->_intCurrentUserId == 0) {
         $intUserId = 0;
         $strName = contrexx_addslashes(strip_tags($_POST['frmAddComment_Name']));
         $strEMail = contrexx_addslashes(strip_tags($_POST['frmAddComment_EMail']));
         $strWWW = contrexx_addslashes(strip_tags($objValidator->getUrl($_POST['frmAddComment_WWW'])));
     } else {
         $intUserId = $this->_intCurrentUserId;
         $strName = '';
         $strEMail = '';
         $strWWW = '';
     }
     //Get options
     $intIsActive = intval($this->_arrSettings['blog_comments_autoactivate']);
     $intIsNotification = intval($this->_arrSettings['blog_comments_notification']);
     //Validate general-input
     if ($intMessageId <= 0) {
         $this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MID']);
     }
     if (empty($strSubject)) {
         $this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_SUBJECT']);
     }
     if (empty($strComment)) {
         $this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_COMMENT']);
     }
     //Validate specified-input
     if ($this->_intCurrentUserId == 0) {
         if (empty($strName)) {
             $this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_NAME']);
         }
         if (!$objValidator->isEmail($strEMail)) {
             $this->_strErrorMessage .= $this->getFormError($_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_ADD_EMAIL']);
         }
     }
     $captchaCheck = true;
     if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
         $captchaCheck = false;
     }
     //Now check error-string
     if (empty($this->_strErrorMessage) && $captchaCheck) {
         //No errors, insert entry
         $objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_blog_comments
                                 SET     message_id = ' . $intMessageId . ',
                                         lang_id = ' . $this->_intLanguageId . ',
                                         is_active = "' . $intIsActive . '",
                                         time_created = ' . time() . ',
                                         ip_address = "' . $_SERVER['REMOTE_ADDR'] . '",
                                         user_id = ' . $intUserId . ',
                                         user_name = "' . $strName . '",
                                         user_mail = "' . $strEMail . '",
                                         user_www = "' . $strWWW . '",
                                         subject = "' . $strSubject . '",
                                         comment = "' . $strComment . '"
                             ');
         //Set a cookie with the current timestamp. Avoids flooding.
         setcookie('BlogCommentLast', time(), 0, ASCMS_PATH_OFFSET . '/');
         $this->_strStatusMessage = $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_SUCCESS'];
         $this->writeCommentRSS();
         if ($intIsNotification) {
             //Send notification to administrator
             if (\Env::get('ClassLoader')->loadFile(ASCMS_LIBRARY_PATH . '/phpmailer/class.phpmailer.php')) {
                 $objMail = new \phpmailer();
                 if ($_CONFIG['coreSmtpServer'] > 0) {
                     if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
                         $objMail->IsSMTP();
                         $objMail->Host = $arrSmtp['hostname'];
                         $objMail->Port = $arrSmtp['port'];
                         $objMail->SMTPAuth = true;
                         $objMail->Username = $arrSmtp['username'];
                         $objMail->Password = $arrSmtp['password'];
                     }
                 }
                 if ($this->_intCurrentUserId > 0) {
                     $objFWUser = \FWUser::getFWUserObject();
                     $strName = htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET);
                 }
                 $strMailSubject = str_replace('[SUBJECT]', $strSubject, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_SUBJECT']);
                 $strMailBody = str_replace('[USERNAME]', $strName, $_ARRAYLANG['TXT_BLOG_FRONTEND_DETAILS_COMMENT_INSERT_MAIL_BODY']);
                 $strMailBody = str_replace('[DOMAIN]', ASCMS_PROTOCOL . '://' . $_CONFIG['domainUrl'] . ASCMS_PATH_OFFSET, $strMailBody);
                 $strMailBody = str_replace('[SUBJECT]', $strSubject, $strMailBody);
                 $strMailBody = str_replace('[COMMENT]', $strComment, $strMailBody);
                 $objMail->CharSet = CONTREXX_CHARSET;
                 $objMail->SetFrom($_CONFIG['coreAdminEmail'], $_CONFIG['coreGlobalPageTitle']);
                 $objMail->AddAddress($_CONFIG['coreAdminEmail']);
                 $objMail->Subject = $strMailSubject;
                 $objMail->IsHTML(false);
                 $objMail->Body = $strMailBody;
                 $objMail->Send();
             }
         }
     }
 }
示例#14
0
 /**
  * Verifies a name/value pair
  *
  * May change the value before returning it.
  * Use the value returned when adding to the form in any case.
  * @access  private
  * @param   string    $name     The name of the parameter
  * @param   string    $value    The value of the parameter
  * @return  boolean             The verified value on success,
  *                              null otherwise
  */
 static function verifyParameter($name, $value)
 {
     switch ($name) {
         // Mandatory
         case 'ORDERID':
             if ($value) {
                 return $value;
             }
             break;
         case 'AMOUNT':
             // Fix cents, like "1.23" to "123"
             if (preg_match('/\\./', $value)) {
                 $value = intval($value * 100);
             }
             if ($value === intval($value)) {
                 return $value;
             }
             break;
         case 'CURRENCY':
             if (preg_match('/^\\w{3}$/', $value)) {
                 return $value;
             }
             break;
         case 'PSPID':
             if (preg_match('/.+/', $value)) {
                 return $value;
             }
             break;
             // The above four are needed to form the hash:
         // The above four are needed to form the hash:
         case 'SHASIGN':
             // 40 digit hexadecimal string, like
             // 4d0a445beac3561528dc26023e9ecb2d38fadc61
             if (preg_match('/^[0-9a-f]{40}$/i', $value)) {
                 return $value;
             }
         case 'LANGUAGE':
             if (preg_match('/^\\w{2}(?:_\\w{2})?$/', $value)) {
                 return $value;
             }
             break;
         case 'OPERATION':
             if ($value == 'RES' || $value == 'SAL') {
                 return $value;
             }
             break;
         case 'ACCEPTURL':
         case 'DECLINEURL':
         case 'EXCEPTIONURL':
         case 'CANCELURL':
         case 'BACKURL':
             //                if (FWValidator::isUri($value)) return $value;
             // *SHOULD* verify the URIs, but the expression is not fit
             if ($value) {
                 return $value;
             }
             break;
             // Optional
             // optional customer details, highly recommended for fraud prevention: see chapter 5.2
         // Optional
         // optional customer details, highly recommended for fraud prevention: see chapter 5.2
         case 'CN':
         case 'OWNERADDRESS':
         case 'OWNERCTY':
         case 'OWNERZIP':
         case 'OWNERTOWN':
         case 'OWNERTELNO':
         case 'COM':
             if (preg_match('/.*/', $value)) {
                 return $value;
             }
             break;
         case 'EMAIL':
             if (FWValidator::isEmail($value)) {
                 return $value;
             }
             break;
         case 'PMLIST':
             if (preg_match('/.*/', $value)) {
                 return $value;
             }
             break;
         case 'WIN3DS':
             if ($value == 'MAINW' || ($value = 'POPUP')) {
                 return $value;
             }
             break;
             // post payment parameters: see chapter 8.2
         // post payment parameters: see chapter 8.2
         case 'COMPLUS':
             if (preg_match('/.*/', $value)) {
                 return $value;
             }
             break;
         case 'PARAMPLUS':
             if (preg_match('/.*/', $value)) {
                 return $value;
             }
             break;
             // post payment parameters: see chapter 8.3
         // post payment parameters: see chapter 8.3
         case 'PARAMVAR':
             if (preg_match('/.*/', $value)) {
                 return $value;
             }
             break;
             // optional operation field: see chapter 9.2
         // optional operation field: see chapter 9.2
         case 'operation':
             if ($value == 'RES' || $value == 'SAL') {
                 return $value;
             }
             break;
             // layout information: see chapter 7.1
         // layout information: see chapter 7.1
         case 'TITLE':
         case 'BGCOLOR':
         case 'TXTCOLOR':
         case 'TBLBGCOLOR':
         case 'TBLTXTCOLOR':
         case 'BUTTONBGCOLOR':
         case 'BUTTONTXTCOLOR':
         case 'LOGO':
         case 'FONTTYPE':
             return $value;
             // dynamic template page: see chapter 7.2
         // dynamic template page: see chapter 7.2
         case 'TP':
             if (preg_match('/.+/', $value)) {
                 return $value;
             }
             break;
             // Alias details: see Alias Management documentation
         // Alias details: see Alias Management documentation
         case 'ALIAS':
             if (strlen($value) <= 40) {
                 return $value;
             }
             break;
         case 'ALIASUSAGE':
             if (strlen($value) <= 255) {
                 return $value;
             }
             break;
         case 'ALIASOPERATION':
             // Valid values: BYMERCHANT (or empty), BYPSP
             if ($value == '' || $value == 'BYMERCHANT' || $value == 'BYPSP') {
                 return $value;
             }
             break;
             // Contrexx does not yet supply nor support the following:
             // payment methods/page specifics: see chapter 9.1
         // Contrexx does not yet supply nor support the following:
         // payment methods/page specifics: see chapter 9.1
         case 'PM':
         case 'BRAND':
         case 'PMLISTTYPE':
             // link to your website: see chapter 8.1
         // link to your website: see chapter 8.1
         case 'HOMEURL':
         case 'CATALOGURL':
             // optional extra login field: see chapter 9.3
         // optional extra login field: see chapter 9.3
         case 'USERID':
             break;
     }
     self::$arrError[] = "Unknown or unsupported field '{$name}' (value '{$value}')";
     return null;
 }
示例#15
0
 /**
  * checks input
  */
 function checkInput()
 {
     global $_ARRAYLANG;
     $objValidator = new \FWValidator();
     $captchaCheck = true;
     $_POST['forename'] = strip_tags(contrexx_stripslashes($_POST['forename']));
     $_POST['name'] = strip_tags(contrexx_stripslashes($_POST['name']));
     $_POST['comment'] = htmlentities(strip_tags(contrexx_stripslashes($_POST['comment'])), ENT_QUOTES, CONTREXX_CHARSET);
     $_POST['location'] = strip_tags(contrexx_stripslashes($_POST['location']));
     $_POST['email'] = strip_tags(contrexx_stripslashes($_POST['email']));
     $_POST['url'] = strip_tags(contrexx_stripslashes($_POST['url']));
     if (!\FWUser::getFWUserObject()->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
         $captchaCheck = false;
     }
     if (empty($_POST['name']) || empty($_POST['forename'])) {
         $this->makeError($_ARRAYLANG['TXT_NAME']);
     }
     if (empty($_POST['comment'])) {
         $this->makeError($_ARRAYLANG['TXT_COMMENT']);
     }
     if (empty($_POST['malefemale'])) {
         $this->makeError($_ARRAYLANG['TXT_SEX']);
     }
     if (empty($_POST['location'])) {
         $this->makeError($_ARRAYLANG['TXT_LOCATION']);
     }
     if (!$objValidator->isEmail($_POST['email'])) {
         $this->makeError($_ARRAYLANG['TXT_EMAIL']);
     }
     if (empty($this->error) && $captchaCheck) {
         return true;
     } else {
         return false;
     }
 }
 /**
  * Save the registration
  *
  * @param array $data posted data from the form
  *
  * @return boolean true if the registration saved, false otherwise
  */
 function save($data)
 {
     global $objDatabase, $objInit, $_LANGID;
     /* foreach ($this->form->inputfields as $key => $arrInputfield) {
            if($arrInputfield['type'] == 'selectBillingAddress') {
                $affiliationStatus = $data['registrationField'][$arrInputfield['id']];
            }
        } */
     foreach ($this->form->inputfields as $key => $arrInputfield) {
         /* if($affiliationStatus == 'sameAsContact') {
                         if($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']]) && $arrInputfield['affiliation'] != 'billing') {
                             return false;
                         }
         
                         if($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail' && $arrInputfield['affiliation'] != 'billing') {
                             $objValidator = new FWValidator();
         
                             if(!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) {
                                 return false;
                             }
                         }
                     } else { */
         if ($arrInputfield['required'] == 1 && empty($data['registrationField'][$arrInputfield['id']])) {
             return false;
         }
         if ($arrInputfield['required'] == 1 && $arrInputfield['type'] == 'mail') {
             $objValidator = new \FWValidator();
             if (!$objValidator->isEmail($data['registrationField'][$arrInputfield['id']])) {
                 return false;
             }
         }
         /* } */
     }
     $regId = intval($data['regid']);
     $eventId = intval($data['id']);
     $formId = intval($data['form']);
     $eventDate = intval($data['date']);
     $userId = intval($data['userid']);
     $objEvent = new \Cx\Modules\Calendar\Controller\CalendarEvent($eventId);
     if ($objEvent->seriesStatus && $objEvent->independentSeries) {
         $eventDate = isset($data['registrationEventDate']) ? contrexx_input2int($data['registrationEventDate']) : $eventDate;
         $endDate = new \DateTime();
         $endDate->modify('+10 years');
         $eventManager = new CalendarEventManager(null, $endDate);
         $eventManager->getEvent($objEvent, $eventDate, true);
         $objEvent = $eventManager->eventList[0];
         if (empty($objEvent)) {
             return false;
         }
     }
     $query = '
         SELECT
             `id`
         FROM
             `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field`
         WHERE
             `form` = ' . $formId . '
         AND
             `type` = "seating"
         LIMIT 1
     ';
     $objResult = $objDatabase->Execute($query);
     $numSeating = intval($data['registrationField'][$objResult->fields['id']]);
     $type = empty($regId) && intval($objEvent->getFreePlaces() - $numSeating) < 0 ? 2 : (isset($data['registrationType']) ? intval($data['registrationType']) : 1);
     $this->saveIn = intval($type);
     $paymentMethod = intval($data['paymentMethod']);
     $paid = intval($data['paid']);
     $hostName = 0;
     $ipAddress = 0;
     $key = $this->generateKey();
     if ($regId == 0) {
         $submissionDate = $this->getDbDateTimeFromIntern($this->getInternDateTimeFromUser());
         $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration
                     SET `event_id`         = ' . $eventId . ',
                         `submission_date`  = "' . $submissionDate->format('Y-m-d H:i:s') . '",
                         `date`             = ' . $eventDate . ',
                         `host_name`        = "' . $hostName . '",
                         `ip_address`       = "' . $ipAddress . '",
                         `type`             = ' . $type . ',
                         `key`              = "' . $key . '",
                         `user_id`          = ' . $userId . ',
                         `lang_id`          = ' . $_LANGID . ',
                         `export`           = 0,
                         `payment_method`   = ' . $paymentMethod . ',
                         `paid`             = ' . $paid . ' ';
         $objResult = $objDatabase->Execute($query);
         if ($objResult !== false) {
             $this->id = $objDatabase->Insert_ID();
         } else {
             return false;
         }
     } else {
         $query = 'UPDATE `' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration`
                      SET `event_id` = ' . $eventId . ',
                          `date` = ' . $eventDate . ',
                          `host_name` = ' . $hostName . ',
                          `ip_address` = ' . $ipAddress . ',
                          `key` = "' . $key . '",
                          `user_id` = ' . $userId . ',
                          `type`    = ' . $type . ',
                          `lang_id` = ' . $_LANGID . ',
                          `payment_method` = ' . $paymentMethod . ',
                          `paid` = ' . $paid . '
                    WHERE `id` = ' . $regId;
         $objResult = $objDatabase->Execute($query);
         if ($objResult === false) {
             return false;
         }
     }
     if ($regId != 0) {
         $this->id = $regId;
         $deleteQuery = 'DELETE FROM ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value
                         WHERE `reg_id` = ' . $this->id;
         $objDeleteResult = $objDatabase->Execute($deleteQuery);
         if ($objDeleteResult === false) {
             return false;
         }
     }
     foreach ($this->form->inputfields as $key => $arrInputfield) {
         $value = $data['registrationField'][$arrInputfield['id']];
         $id = $arrInputfield['id'];
         if (is_array($value)) {
             $subvalue = array();
             foreach ($value as $key => $element) {
                 if (!empty($data['registrationFieldAdditional'][$id][$element - 1])) {
                     $subvalue[] = $element . '[[' . $data['registrationFieldAdditional'][$id][$element - 1] . ']]';
                 } else {
                     $subvalue[] = $element;
                 }
             }
             $value = join(",", $subvalue);
         } else {
             if (isset($data['registrationFieldAdditional'][$id][$value - 1])) {
                 $value = $value . "[[" . $data['registrationFieldAdditional'][$id][$value - 1] . "]]";
             }
         }
         $query = 'INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_registration_form_field_value
                               (`reg_id`, `field_id`, `value`)
                        VALUES (' . $this->id . ', ' . $id . ', "' . contrexx_input2db($value) . '")';
         $objResult = $objDatabase->Execute($query);
         if ($objResult === false) {
             return false;
         }
     }
     if ($objInit->mode == 'frontend') {
         $objMailManager = new \Cx\Modules\Calendar\Controller\CalendarMailManager();
         $templateId = $objEvent->emailTemplate[FRONTEND_LANG_ID];
         $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_CONFIRM_REG, $this->id, $templateId);
         $objMailManager->sendMail($objEvent, \Cx\Modules\Calendar\Controller\CalendarMailManager::MAIL_ALERT_REG, $this->id);
     }
     return true;
 }
示例#17
0
 function _profile()
 {
     global $_ARRAYLANG, $objDatabase;
     $this->_objTpl->setTemplate($this->pageContent);
     $showForm = true;
     $arrStatusMessage = array('ok' => array(), 'error' => array());
     $isNewsletterRecipient = false;
     $isAccessRecipient = false;
     $recipientId = 0;
     $recipientEmail = '';
     $recipientUri = '';
     $recipientSex = '';
     $recipientSalutation = 0;
     $recipientTitle = '';
     $recipientPosition = '';
     $recipientIndustrySector = '';
     $recipientPhoneMobile = '';
     $recipientPhonePrivate = '';
     $recipientFax = '';
     $recipientNotes = '';
     $recipientLastname = '';
     $recipientFirstname = '';
     $recipientCompany = '';
     $recipientAddress = '';
     $recipientZip = '';
     $recipientCity = '';
     $recipientCountry = '';
     $recipientPhoneOffice = '';
     $recipientBirthday = '';
     $recipientLanguage = '';
     $recipientStatus = 0;
     $requestedMail = isset($_GET['mail']) ? contrexx_input2raw(urldecode($_GET['mail'])) : (isset($_POST['mail']) ? contrexx_input2raw($_POST['mail']) : '');
     $arrAssociatedLists = array();
     $arrPreAssociatedInactiveLists = array();
     $code = isset($_REQUEST['code']) ? contrexx_addslashes($_REQUEST['code']) : '';
     if (!empty($code) && !empty($requestedMail)) {
         $objRecipient = $objDatabase->SelectLimit("SELECT accessUserID\n                FROM " . DBPREFIX . "module_newsletter_access_user AS nu\n                INNER JOIN " . DBPREFIX . "access_users AS au ON au.id=nu.accessUserID\n                WHERE nu.code='" . $code . "'\n                AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
         if ($objRecipient && $objRecipient->RecordCount() == 1) {
             $objUser = \FWUser::getFWUserObject()->objUser->getUser($objRecipient->fields['accessUserID']);
             if ($objUser) {
                 $recipientId = $objUser->getId();
                 $isAccessRecipient = true;
                 //$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
                 $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
             }
         } else {
             $objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE status=1 AND code='" . $code . "' AND email='" . contrexx_raw2db($requestedMail) . "'", 1);
             if ($objRecipient && $objRecipient->RecordCount() == 1) {
                 $recipientId = $objRecipient->fields['id'];
                 $isNewsletterRecipient = true;
             }
         }
     } else {
         if (\FWUser::getFWUserObject()->objUser->login()) {
             $objUser = \FWUser::getFWUserObject()->objUser;
             $recipientId = $objUser->getId();
             $isAccessRecipient = true;
             //$arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
             $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
         }
     }
     // Get interface settings
     $objInterface = $objDatabase->Execute('SELECT `setvalue` 
                                             FROM `' . DBPREFIX . 'module_newsletter_settings`
                                             WHERE `setname` = "recipient_attribute_status"');
     $recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true);
     if (isset($_POST['recipient_save'])) {
         if (isset($_POST['email'])) {
             $recipientEmail = $_POST['email'];
         }
         if (isset($_POST['website'])) {
             $recipientUri = $_POST['website'];
         }
         if (isset($_POST['sex'])) {
             $recipientSex = in_array($_POST['sex'], array('f', 'm')) ? $_POST['sex'] : '';
         }
         if (isset($_POST['salutation'])) {
             // TODO: use FWUSER
             $arrRecipientTitles = $this->_getRecipientTitles();
             $recipientSalutation = in_array($_POST['salutation'], array_keys($arrRecipientTitles)) ? intval($_POST['salutation']) : 0;
         }
         if (isset($_POST['title'])) {
             $recipientTitle = $_POST['title'];
         }
         if (isset($_POST['lastname'])) {
             $recipientLastname = $_POST['lastname'];
         }
         if (isset($_POST['firstname'])) {
             $recipientFirstname = $_POST['firstname'];
         }
         if (isset($_POST['position'])) {
             $recipientPosition = $_POST['position'];
         }
         if (isset($_POST['company'])) {
             $recipientCompany = $_POST['company'];
         }
         if (isset($_POST['industry_sector'])) {
             $recipientIndustrySector = $_POST['industry_sector'];
         }
         if (isset($_POST['address'])) {
             $recipientAddress = $_POST['address'];
         }
         if (isset($_POST['zip'])) {
             $recipientZip = $_POST['zip'];
         }
         if (isset($_POST['city'])) {
             $recipientCity = $_POST['city'];
         }
         if (isset($_POST['newsletter_country_id'])) {
             $recipientCountry = $_POST['newsletter_country_id'];
         }
         if (isset($_POST['phone_office'])) {
             $recipientPhoneOffice = $_POST['phone_office'];
         }
         if (isset($_POST['phone_private'])) {
             $recipientPhonePrivate = $_POST['phone_private'];
         }
         if (isset($_POST['phone_mobile'])) {
             $recipientPhoneMobile = $_POST['phone_mobile'];
         }
         if (isset($_POST['fax'])) {
             $recipientFax = $_POST['fax'];
         }
         if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) {
             $recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']);
         }
         if (isset($_POST['language'])) {
             $recipientLanguage = $_POST['language'];
         }
         if (isset($_POST['notes'])) {
             $recipientNotes = $_POST['notes'];
         }
         if (isset($_POST['list'])) {
             foreach ($_POST['list'] as $listId => $status) {
                 if (intval($status) == 1) {
                     array_push($arrAssociatedLists, intval($listId));
                 }
             }
         } elseif (!$recipientId) {
             // Signup request where no recipient list had been selected
             // check if the user didn't select any list or if there is non or just 1 recipient list visible and was therefore not visible for the user to select
             // only show newsletter-lists that are visible for new users (not yet registered ones)
             $excludeDisabledLists = 1;
             $arrLists = self::getLists($excludeDisabledLists);
             switch (count($arrLists)) {
                 case 0:
                     // no active lists > ok
                     break;
                 case 1:
                     // only 1 list is active, therefore no list was visible for selection -> let's signup the new recipient to this very list
                     $arrAssociatedLists = array_keys($arrLists);
                     break;
                 default:
                     // more than one list is active, therefore the user would have been able to select his preferred lists.
                     // however, the fact that we landed in this case is that the user didn't make any selection at all.
                     // so lets be it like that > the user won't be subscribed to any list
                     break;
             }
         }
         if (!$isAccessRecipient) {
             // add or update existing newsletter recipient (for access user see ELSE case)
             $arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
             $arrAssociatedInactiveLists = array_intersect($arrPreAssociatedInactiveLists, $arrAssociatedLists);
             $objValidator = new \FWValidator();
             if ($objValidator->isEmail($recipientEmail)) {
                 // Let's check if a user account with the provided email address is already present
                 // Important: we must check only for active accounts (active => 1), otherwise we'll send a notification e-mail
                 //            to a user that won't be able to active himself due to his account's inactive state.
                 // TODO: implement feature
                 $objUser = null;
                 //FWUser::getFWUserObject()->objUser->getUsers(array('email' => $recipientEmail, 'active' => 1));
                 if (false && $objUser) {
                     // there is already a user account present by the same email address as the one submitted by the user
                     // TODO: send notification e-mail about existing e-mail account
                     // Important: We must output the same status message as if the user has been newly added!
                     //            This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
                     array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
                     $showForm = false;
                 } else {
                     if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) {
                         if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId)) {
                             if (!empty($arrAssociatedInactiveLists) || !empty($arrAssociatedLists) && ($objList = $objDatabase->SelectLimit('SELECT id FROM ' . DBPREFIX . 'module_newsletter_category WHERE status=1 AND (id=' . implode(' OR id=', $arrAssociatedLists) . ')', 1)) && $objList->RecordCount() > 0) {
                                 if ($recipientId > 0) {
                                     if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, 1, $arrAssociatedLists, $recipientLanguage)) {
                                         array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
                                         $showForm = false;
                                     } else {
                                         array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_UPDATE_YOUR_DATA']);
                                     }
                                 } else {
                                     if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
                                         if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
                                             array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
                                             $showForm = false;
                                         } else {
                                             $objDatabase->Execute("DELETE tblU, tblR FROM " . DBPREFIX . "module_newsletter_user AS tblU, " . DBPREFIX . "module_newsletter_rel_user_cat AS tblR WHERE tblU.email='" . contrexx_addslashes($recipientEmail) . "' AND tblR.user = tblU.id");
                                             array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
                                         }
                                     } else {
                                         array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
                                     }
                                 }
                             } else {
                                 array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MUST_SELECT_LIST']);
                             }
                         } elseif (empty($recipientId)) {
                             // We must send a new confirmation e-mail here
                             // otherwise someone could reactivate someone else's e-mail address
                             // It could be that a user who has unsubscribed himself from the newsletter system (recipient = deactivated) would like to subscribe the newsletter again.
                             // Therefore, lets see if we can find a recipient by the specified e-mail address that has been deactivated (status=0)
                             $objRecipient = $objDatabase->SelectLimit("SELECT id, language, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND status=0", 1);
                             if ($objRecipient && !$objRecipient->EOF) {
                                 $recipientId = $objRecipient->fields['id'];
                                 $recipientLanguage = $objRecipient->fields['language'];
                                 // Important: We intentionally do not load existing recipient list associations, due to the fact that the user most likely had
                                 // himself been unsubscribed from the newsletter system some time in the past. Therefore the user most likey does not want
                                 // to be subscribed to any lists more than to those he just selected
                                 $arrAssociatedLists = array_unique($arrAssociatedLists);
                                 $this->_setRecipientLists($recipientId, $arrAssociatedLists);
                                 // Important: We do not update the recipient's profile data here by the reason that we can't verify the recipient's identity at this point!
                                 if ($this->_sendAuthorizeEmail($recipientEmail, $recipientSex, $recipientSalutation, $recipientFirstname, $recipientLastname)) {
                                     // Important: We must output the same status message as if the user has been newly added!
                                     //            This shall prevent email-address-crawling-bots from detecting existing e-mail accounts.
                                     array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBE_OK']);
                                     $showForm = false;
                                 } else {
                                     array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_FAILED_ADDING_YOU']);
                                     array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIPTION_CANCELED_BY_EMAIL']);
                                 }
                             }
                         } else {
                             array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_SUBSCRIBER_ALREADY_INSERTED']);
                         }
                     } else {
                         array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR']);
                     }
                 }
             } else {
                 array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NOT_VALID_EMAIL']);
             }
         } else {
             // update subscribed lists of access user
             $arrAssociatedLists = array_unique($arrAssociatedLists);
             $objUser->setSubscribedNewsletterListIDs($arrAssociatedLists);
             if ($objUser->store()) {
                 array_push($arrStatusMessage['ok'], $_ARRAYLANG['TXT_NEWSLETTER_YOUR_DATE_SUCCESSFULLY_UPDATED']);
                 $showForm = false;
             } else {
                 $arrStatusMessage['error'] = array_merge($arrStatusMessage['error'], $objUser->getErrorMsg());
             }
         }
     } elseif ($isNewsletterRecipient) {
         $objRecipient = $objDatabase->SelectLimit("SELECT uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1);
         if ($objRecipient !== false && $objRecipient->RecordCount() == 1) {
             $recipientEmail = urldecode($_REQUEST['mail']);
             $recipientUri = $objRecipient->fields['uri'];
             $recipientSex = $objRecipient->fields['sex'];
             $recipientSalutation = $objRecipient->fields['salutation'];
             $recipientTitle = $objRecipient->fields['title'];
             $recipientLastname = $objRecipient->fields['lastname'];
             $recipientFirstname = $objRecipient->fields['firstname'];
             $recipientPosition = $objRecipient->fields['position'];
             $recipientCompany = $objRecipient->fields['company'];
             $recipientIndustrySector = $objRecipient->fields['industry_sector'];
             $recipientAddress = $objRecipient->fields['address'];
             $recipientZip = $objRecipient->fields['zip'];
             $recipientCity = $objRecipient->fields['city'];
             $recipientCountry = $objRecipient->fields['country_id'];
             $recipientPhoneOffice = $objRecipient->fields['phone_office'];
             $recipientPhonePrivate = $objRecipient->fields['phone_private'];
             $recipientPhoneMobile = $objRecipient->fields['phone_mobile'];
             $recipientFax = $objRecipient->fields['fax'];
             $recipientBirthday = $objRecipient->fields['birthday'];
             $recipientLanguage = $objRecipient->fields['language'];
             $recipientNotes = $objRecipient->fields['notes'];
             $arrAssociatedLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
             $arrPreAssociatedInactiveLists = $this->_getAssociatedListsOfRecipient($recipientId, false);
         } else {
             array_push($arrStatusMessage['error'], $_ARRAYLANG['TXT_NEWSLETTER_AUTHENTICATION_FAILED']);
             $showForm = false;
         }
     } elseif ($isAccessRecipient) {
         $objUser = \FWUser::getFWUserObject()->objUser->getUser($recipientId);
         if ($objUser) {
             $arrAssociatedLists = $objUser->getSubscribedNewsletterListIDs();
             $arrPreAssociatedInactiveLists = $objUser->getSubscribedNewsletterListIDs();
         }
     }
     $this->_createDatesDropdown($recipientBirthday);
     if (count($arrStatusMessage['ok']) > 0) {
         $this->_objTpl->setVariable('NEWSLETTER_OK_MESSAGE', implode('<br />', $arrStatusMessage['ok']));
         $this->_objTpl->parse('newsletter_ok_message');
     } else {
         $this->_objTpl->hideBlock('newsletter_ok_message');
     }
     if (count($arrStatusMessage['error']) > 0) {
         $this->_objTpl->setVariable('NEWSLETTER_ERROR_MESSAGE', implode('<br />', $arrStatusMessage['error']));
         $this->_objTpl->parse('newsletter_error_message');
     } else {
         $this->_objTpl->hideBlock('newsletter_error_message');
     }
     $languages = '<select name="language" class="selectLanguage" id="language" >';
     $objLanguage = $objDatabase->Execute("SELECT id, name FROM " . DBPREFIX . "languages WHERE frontend = 1 ORDER BY name");
     $languages .= '<option value="0">' . $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE_PLEASE_CHOSE'] . '</option>';
     while (!$objLanguage->EOF) {
         $selected = $objLanguage->fields['id'] == $recipientLanguage ? 'selected' : '';
         $languages .= '<option value="' . $objLanguage->fields['id'] . '" ' . $selected . '>' . contrexx_raw2xhtml($objLanguage->fields['name']) . '</option>';
         $objLanguage->MoveNext();
     }
     $languages .= '</select>';
     if ($showForm) {
         if ($isAccessRecipient) {
             if ($this->_objTpl->blockExists('recipient_profile')) {
                 $this->_objTpl->hideBlock('recipient_profile');
             }
         } else {
             //display settings recipient profile detials
             $recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website');
             foreach ($recipientAttributesArray as $attribute) {
                 if ($this->_objTpl->blockExists($attribute)) {
                     if ($recipientAttributeStatus[$attribute]['active']) {
                         $this->_objTpl->touchBlock($attribute);
                         $this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : ''));
                     } else {
                         $this->_objTpl->hideBlock($attribute);
                     }
                 }
             }
             $this->_objTpl->setVariable(array('NEWSLETTER_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_WEBSITE' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_SEX_F' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_SEX_M' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="salutation" size="1"'), 'NEWSLETTER_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_LANGUAGE' => $languages));
             $this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR']));
             if ($this->_objTpl->blockExists('recipient_profile')) {
                 $this->_objTpl->parse('recipient_profile');
             }
         }
         // only show newsletter-lists that are visible for new users (not yet registered ones)
         $excludeDisabledLists = $recipientId == 0;
         $arrLists = self::getLists($excludeDisabledLists);
         if ($this->_objTpl->blockExists('newsletter_lists')) {
             switch (count($arrLists)) {
                 case 0:
                     // no lists are active, therefore we shall not try to parse any non existing list
                 // no lists are active, therefore we shall not try to parse any non existing list
                 case 1:
                     // only one list is active, therefore we will not parse any list and will automatically subscribe the user to this very list
                     if (!$isAccessRecipient) {
                         $this->_objTpl->hideBlock('newsletter_lists');
                         break;
                     }
                 default:
                     foreach ($arrLists as $listId => $arrList) {
                         if ($arrList['status'] || in_array($listId, $arrPreAssociatedInactiveLists)) {
                             $this->_objTpl->setVariable(array('NEWSLETTER_LIST_ID' => $listId, 'NEWSLETTER_LIST_NAME' => contrexx_raw2xhtml($arrList['name']), 'NEWSLETTER_LIST_SELECTED' => in_array($listId, $arrAssociatedLists) ? 'checked="checked"' : ''));
                             $this->_objTpl->parse('newsletter_list');
                         }
                     }
                     $this->_objTpl->setVariable(array('TXT_NEWSLETTER_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_LISTS']));
                     $this->_objTpl->parse('newsletter_lists');
                     break;
             }
         }
         $this->_objTpl->setVariable(array('NEWSLETTER_PROFILE_MAIL' => contrexx_raw2xhtml($requestedMail), 'NEWSLETTER_USER_CODE' => $code, 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE']));
         $this->_objTpl->parse('newsletterForm');
     } else {
         $this->_objTpl->hideBlock('newsletterForm');
     }
 }
 function _editUser()
 {
     global $objDatabase, $_ARRAYLANG, $_CORELANG;
     $activeFrontendlang = \FWLanguage::getActiveFrontendLanguages();
     $copy = isset($_REQUEST['copy']) && $_REQUEST['copy'] == 1;
     $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
     $recipientEmail = '';
     $recipientUri = '';
     $recipientSex = '';
     $recipientSalutation = 0;
     $recipientTitle = '';
     $recipientPosition = '';
     $recipientIndustrySector = '';
     $recipientPhoneMobile = '';
     $recipientPhonePrivate = '';
     $recipientFax = '';
     $recipientNotes = '';
     $recipientLastname = '';
     $recipientFirstname = '';
     $recipientCompany = '';
     $recipientAddress = '';
     $recipientZip = '';
     $recipientCity = '';
     $recipientCountry = '';
     $recipientPhoneOffice = '';
     $recipientBirthday = '';
     $recipientLanguage = count($activeFrontendlang) == 1 ? key($activeFrontendlang) : '';
     $recipientStatus = isset($_POST['newsletter_recipient_status']) ? 1 : (empty($_POST) ? 1 : 0);
     $arrAssociatedLists = array();
     $recipientSendEmailId = isset($_POST['sendEmail']) ? intval($_POST['sendEmail']) : 0;
     $recipientSendMailDisplay = false;
     if (isset($_POST['newsletter_recipient_email'])) {
         $recipientEmail = $_POST['newsletter_recipient_email'];
     }
     if (isset($_POST['newsletter_recipient_uri'])) {
         $recipientUri = $_POST['newsletter_recipient_uri'];
     }
     if (isset($_POST['newsletter_recipient_sex'])) {
         $recipientSex = in_array($_POST['newsletter_recipient_sex'], array('f', 'm')) ? $_POST['newsletter_recipient_sex'] : '';
     }
     if (isset($_POST['newsletter_recipient_salutation'])) {
         // TODO: use FWUSER
         $arrRecipientSalutation = $this->_getRecipientTitles();
         $recipientSalutation = in_array($_POST['newsletter_recipient_salutation'], array_keys($arrRecipientSalutation)) ? intval($_POST['newsletter_recipient_salutation']) : 0;
     }
     if (isset($_POST['newsletter_recipient_lastname'])) {
         $recipientLastname = $_POST['newsletter_recipient_lastname'];
     }
     if (isset($_POST['newsletter_recipient_firstname'])) {
         $recipientFirstname = $_POST['newsletter_recipient_firstname'];
     }
     if (isset($_POST['newsletter_recipient_company'])) {
         $recipientCompany = $_POST['newsletter_recipient_company'];
     }
     if (isset($_POST['newsletter_recipient_address'])) {
         $recipientAddress = $_POST['newsletter_recipient_address'];
     }
     if (isset($_POST['newsletter_recipient_zip'])) {
         $recipientZip = $_POST['newsletter_recipient_zip'];
     }
     if (isset($_POST['newsletter_recipient_city'])) {
         $recipientCity = $_POST['newsletter_recipient_city'];
     }
     if (isset($_POST['newsletter_country_id'])) {
         $recipientCountry = $_POST['newsletter_country_id'];
     }
     if (isset($_POST['newsletter_recipient_phone_office'])) {
         $recipientPhoneOffice = $_POST['newsletter_recipient_phone_office'];
     }
     if (isset($_POST['newsletter_recipient_notes'])) {
         $recipientNotes = $_POST['newsletter_recipient_notes'];
     }
     if (isset($_POST['day']) && isset($_POST['month']) && isset($_POST['year'])) {
         $recipientBirthday = str_pad(intval($_POST['day']), 2, '0', STR_PAD_LEFT) . '-' . str_pad(intval($_POST['month']), 2, '0', STR_PAD_LEFT) . '-' . intval($_POST['year']);
     }
     if (isset($_POST['newsletter_recipient_title'])) {
         $recipientTitle = $_POST['newsletter_recipient_title'];
     }
     if (isset($_POST['newsletter_recipient_position'])) {
         $recipientPosition = $_POST['newsletter_recipient_position'];
     }
     if (isset($_POST['newsletter_recipient_industry_sector'])) {
         $recipientIndustrySector = $_POST['newsletter_recipient_industry_sector'];
     }
     if (isset($_POST['newsletter_recipient_phone_mobile'])) {
         $recipientPhoneMobile = $_POST['newsletter_recipient_phone_mobile'];
     }
     if (isset($_POST['newsletter_recipient_phone_private'])) {
         $recipientPhonePrivate = $_POST['newsletter_recipient_phone_private'];
     }
     if (isset($_POST['newsletter_recipient_fax'])) {
         $recipientFax = $_POST['newsletter_recipient_fax'];
     }
     if (isset($_POST['language'])) {
         $recipientLanguage = $_POST['language'];
     }
     if (isset($_POST['newsletter_recipient_associated_list'])) {
         foreach ($_POST['newsletter_recipient_associated_list'] as $listId => $status) {
             if (intval($status) == 1) {
                 array_push($arrAssociatedLists, intval($listId));
             }
         }
     }
     // Get interface settings
     $objInterface = $objDatabase->Execute('SELECT `setvalue`
                                             FROM `' . DBPREFIX . 'module_newsletter_settings`
                                             WHERE `setname` = "recipient_attribute_status"');
     $recipientAttributeStatus = json_decode($objInterface->fields['setvalue'], true);
     if (isset($_POST['newsletter_recipient_save'])) {
         $objValidator = new \FWValidator();
         if ($objValidator->isEmail($recipientEmail)) {
             if ($this->_validateRecipientAttributes($recipientAttributeStatus, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientBirthday)) {
                 if ($this->_isUniqueRecipientEmail($recipientEmail, $recipientId, $copy)) {
                     //reset the $recipientId on copy function
                     $recipientId = $copy ? 0 : $recipientId;
                     if ($recipientId > 0) {
                         if ($this->_updateRecipient($recipientAttributeStatus, $recipientId, $recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
                             self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_UPDATED_SUCCESSFULLY'];
                             return $this->_userList();
                         } else {
                             // fall back to old recipient id, if any error occurs on copy
                             $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
                             self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_UPDATE_RECIPIENT'];
                         }
                     } else {
                         if ($this->_addRecipient($recipientEmail, $recipientUri, $recipientSex, $recipientSalutation, $recipientTitle, $recipientLastname, $recipientFirstname, $recipientPosition, $recipientCompany, $recipientIndustrySector, $recipientAddress, $recipientZip, $recipientCity, $recipientCountry, $recipientPhoneOffice, $recipientPhonePrivate, $recipientPhoneMobile, $recipientFax, $recipientNotes, $recipientBirthday, $recipientStatus, $arrAssociatedLists, $recipientLanguage)) {
                             if (!empty($recipientSendEmailId)) {
                                 $objRecipient = $objDatabase->SelectLimit("SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1);
                                 $recipientId = $objRecipient->fields['id'];
                                 $this->insertTmpEmail($recipientSendEmailId, $recipientEmail, self::USER_TYPE_NEWSLETTER);
                                 // setting TmpEntry=1 will set the newsletter status=1, this will force an imediate stop in the newsletter send procedere.
                                 if ($this->SendEmail($recipientId, $recipientSendEmailId, $recipientEmail, 1, self::USER_TYPE_NEWSLETTER) == false) {
                                     // fall back to old recipient id, if any error occurs on copy
                                     $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
                                     self::$strErrMessage .= $_ARRAYLANG['TXT_SENDING_MESSAGE_ERROR'];
                                 } else {
                                     $objRecipientCount = $objDatabase->execute('SELECT subject FROM ' . DBPREFIX . 'module_newsletter WHERE id=' . intval($recipientSendEmailId));
                                     $newsTitle = $objRecipientCount->fields['subject'];
                                     // TODO: Unused
                                     //                                        $objUpdateCount    =
                                     $objDatabase->execute('
                                         UPDATE ' . DBPREFIX . 'module_newsletter
                                         SET recipient_count = recipient_count+1
                                         WHERE id=' . intval($recipientSendEmailId));
                                     self::$strOkMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MAIL_SEND_SUCCESSFULLY'] . '<br />', '<strong>' . $newsTitle . '</strong>');
                                 }
                             }
                             self::$strOkMessage .= $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_SAVED_SUCCESSFULLY'];
                             return $this->_userList();
                         } else {
                             // fall back to old recipient id, if any error occurs on copy
                             $recipientId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
                             self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_ERROR_SAVE_RECIPIENT'];
                         }
                     }
                 } elseif (empty($recipientId)) {
                     $objRecipient = $objDatabase->SelectLimit("SELECT id, language, status, notes FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "'", 1);
                     $recipientId = $objRecipient->fields['id'];
                     $recipientLanguage = $objRecipient->fields['language'];
                     $recipientStatus = $objRecipient->fields['status'];
                     $recipientNotes = !empty($objRecipient->fields['notes']) ? $objRecipient->fields['notes'] . ' ' . $recipientNotes : $recipientNotes;
                     $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"SELECT id FROM " . DBPREFIX . "module_newsletter_user WHERE email='" . contrexx_input2db($recipientEmail) . "' AND id!=" . ($copy ? 0 : $recipientId), 1);
                     self::$strErrMessage .= sprintf($_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS'], '<a href="index.php?cmd=Newsletter&amp;act=users&amp;tpl=edit&amp;id=' . $objResult->fields['id'] . '" target="_blank">' . $_ARRAYLANG['TXT_NEWSLETTER_ERROR_EMAIL_ALREADY_EXISTS_CLICK_HERE'] . '</a>');
                 }
             } else {
                 self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_MANDATORY_FIELD_ERROR'];
             }
         } else {
             self::$strErrMessage .= $_ARRAYLANG['TXT_NEWSLETTER_INVALIDE_EMAIL_ADDRESS'];
         }
     } elseif ($recipientId > 0) {
         $objRecipient = $objDatabase->SelectLimit("SELECT email, uri, sex, salutation, title, lastname, firstname, position, company, industry_sector, address, zip, city, country_id, phone_office, phone_private, phone_mobile, fax, notes, birthday, status, language FROM " . DBPREFIX . "module_newsletter_user WHERE id=" . $recipientId, 1);
         if ($objRecipient !== false && $objRecipient->RecordCount() == 1) {
             $recipientEmail = $objRecipient->fields['email'];
             $recipientUri = $objRecipient->fields['uri'];
             $recipientSex = $objRecipient->fields['sex'];
             $recipientSalutation = $objRecipient->fields['salutation'];
             $recipientTitle = $objRecipient->fields['title'];
             $recipientLastname = $objRecipient->fields['lastname'];
             $recipientFirstname = $objRecipient->fields['firstname'];
             $recipientPosition = $objRecipient->fields['position'];
             $recipientCompany = $objRecipient->fields['company'];
             $recipientIndustrySector = $objRecipient->fields['industry_sector'];
             $recipientAddress = $objRecipient->fields['address'];
             $recipientZip = $objRecipient->fields['zip'];
             $recipientCity = $objRecipient->fields['city'];
             $recipientCountry = $objRecipient->fields['country_id'];
             $recipientPhoneOffice = $objRecipient->fields['phone_office'];
             $recipientPhonePrivate = $objRecipient->fields['phone_private'];
             $recipientPhoneMobile = $objRecipient->fields['phone_mobile'];
             $recipientFax = $objRecipient->fields['fax'];
             $recipientBirthday = $objRecipient->fields['birthday'];
             $recipientLanguage = $objRecipient->fields['language'];
             $recipientStatus = $objRecipient->fields['status'];
             $recipientNotes = $objRecipient->fields['notes'];
             $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_user_cat WHERE user="******"checked"' : ''));
         $this->_objTpl->parse('newsletter_mail_associated_list_' . $column);
         $listNr++;
     }
     if (count($activeFrontendlang) > 1) {
         foreach ($activeFrontendlang as $lang) {
             $selected = $lang['id'] == $recipientLanguage ? 'selected="selected"' : '';
             $this->_objTpl->setVariable(array('NEWSLETTER_LANGUAGE_ID' => contrexx_raw2xhtml($lang['id']), 'NEWSLETTER_LANGUAGE_NAME' => contrexx_raw2xhtml($lang['name']), 'NEWSLETTER_LANGUAGES_SELECTED' => $selected));
             $this->_objTpl->parse('languages');
         }
         $languageOptionDisplay = true;
     } else {
         $this->_objTpl->hideBlock('languageOption');
     }
     if (empty($recipientId) || $copy) {
         $objNewsletterMails = $objDatabase->Execute('SELECT
                                                   id,
                                                   subject
                                                   FROM ' . DBPREFIX . 'module_newsletter
                                                   ORDER BY status, id DESC');
         while (!$objNewsletterMails->EOF) {
             $selected = $recipientSendEmailId == $objNewsletterMails->fields['id'] ? 'selected="selected"' : '';
             $this->_objTpl->setVariable(array('NEWSLETTER_EMAIL_ID' => contrexx_raw2xhtml($objNewsletterMails->fields['id']), 'NEWSLETTER_EMAIL_NAME' => contrexx_raw2xhtml($objNewsletterMails->fields['subject']), 'NEWSLETTER_EMAIL_SELECTED' => $selected));
             $this->_objTpl->parse('allMails');
             $objNewsletterMails->MoveNext();
         }
         $recipientSendMailDisplay = true;
     } else {
         $this->_objTpl->hideBlock('sendEmail');
     }
     // Display settings recipient general attributes
     $sendMailRowClass = $languageOptionDisplay ? 'row2' : 'row1';
     if ($languageOptionDisplay && $recipientSendMailDisplay) {
         $associatedListRowClass = 'row1';
     } elseif ($languageOptionDisplay || $recipientSendMailDisplay) {
         $associatedListRowClass = 'row2';
     } else {
         $associatedListRowClass = 'row1';
     }
     $recipientNotesRowClass = $associatedListRowClass == 'row1' ? 'row2' : 'row1';
     $this->_objTpl->setVariable(array('NEWSLETTER_SEND_EMAIL_ROWCLASS' => $sendMailRowClass, 'NEWSLETTER_ASSOCIATED_LISTS_ROWCLASS' => $associatedListRowClass, 'NEWSLETTER_NOTES_ROWCLASS' => $recipientNotesRowClass));
     //display settings recipient profile detials
     $recipientAttributeDisplay = false;
     foreach ($recipientAttributeStatus as $value) {
         if ($value['active']) {
             $recipientAttributeDisplay = true;
             break;
         }
     }
     $profileRowCount = 0;
     $recipientAttributesArray = array('recipient_sex', 'recipient_salutation', 'recipient_title', 'recipient_firstname', 'recipient_lastname', 'recipient_position', 'recipient_company', 'recipient_industry', 'recipient_address', 'recipient_city', 'recipient_zip', 'recipient_country', 'recipient_phone', 'recipient_private', 'recipient_mobile', 'recipient_fax', 'recipient_birthday', 'recipient_website');
     if ($recipientAttributeDisplay) {
         foreach ($recipientAttributesArray as $attribute) {
             if ($recipientAttributeStatus[$attribute]['active'] && $this->_objTpl->blockExists($attribute)) {
                 $this->_objTpl->touchBlock($attribute);
                 $this->_objTpl->setVariable(array('NEWSLETTER_' . strtoupper($attribute) . '_ROW_CLASS' => $profileRowCount % 2 == 0 ? 'row2' : 'row1', 'NEWSLETTER_' . strtoupper($attribute) . '_MANDATORY' => $recipientAttributeStatus[$attribute]['required'] ? '*' : ''));
                 $profileRowCount++;
             } else {
                 $this->_objTpl->hideBlock($attribute);
             }
         }
     } else {
         $this->_objTpl->hideBlock('recipientProfileAttributes');
     }
     $filterParams = (!empty($_GET['newsletterListId']) ? '&newsletterListId=' . contrexx_input2raw($_GET['newsletterListId']) : '') . (!empty($_GET['filterkeyword']) ? '&filterkeyword=' . contrexx_input2raw($_GET['filterkeyword']) : '') . (!empty($_GET['filterattribute']) ? '&filterattribute=' . contrexx_input2raw($_GET['filterattribute']) : '') . (!empty($_GET['filterStatus']) ? '&filterStatus=' . contrexx_input2raw($_GET['filterStatus']) : '');
     $this->_objTpl->setVariable(array('NEWSLETTER_RECIPIENT_ID' => $recipientId, 'NEWSLETTER_RECIPIENT_EMAIL' => htmlentities($recipientEmail, ENT_QUOTES, CONTREXX_CHARSET), 'TXT_NEWSLETTER_STATUS' => $_ARRAYLANG['TXT_NEWSLETTER_STATUS'], 'TXT_NEWSLETTER_LANGUAGE' => $_ARRAYLANG['TXT_NEWSLETTER_LANGUAGE'], 'TXT_NEWSLETTER_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_EMAIL'], 'TXT_NEWSLETTER_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_ASSOCIATED_LISTS'], 'TXT_NEWSLETTER_NOTES' => $_ARRAYLANG['TXT_NEWSLETTER_NOTES'], 'TXT_NEWSLETTER_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_PROFILE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'NEWSLETTER_RECIPIENT_STATUS' => $recipientStatus == '1' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_NOTES' => htmlentities($recipientNotes, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_URI' => htmlentities($recipientUri, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FEMALE' => $recipientSex == 'f' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_MALE' => $recipientSex == 'm' ? 'checked="checked"' : '', 'NEWSLETTER_RECIPIENT_SALUTATION' => $this->_getRecipientTitleMenu($recipientSalutation, 'name="newsletter_recipient_salutation" style="width:296px" size="1"'), 'NEWSLETTER_RECIPIENT_TITLE' => htmlentities($recipientTitle, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FIRSTNAME' => htmlentities($recipientFirstname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_LASTNAME' => htmlentities($recipientLastname, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_POSITION' => htmlentities($recipientPosition, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COMPANY' => htmlentities($recipientCompany, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_INDUSTRY_SECTOR' => htmlentities($recipientIndustrySector, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ADDRESS' => htmlentities($recipientAddress, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_ZIP' => htmlentities($recipientZip, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_CITY' => htmlentities($recipientCity, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COUNTRY' => $this->getCountryMenu($recipientCountry, $recipientAttributeStatus['recipient_country']['active'] && $recipientAttributeStatus['recipient_country']['required']), 'NEWSLETTER_RECIPIENT_PHONE' => htmlentities($recipientPhoneOffice, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_MOBILE' => htmlentities($recipientPhoneMobile, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_PHONE_PRIVATE' => htmlentities($recipientPhonePrivate, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_FAX' => htmlentities($recipientFax, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_BIRTHDAY' => htmlentities($recipientBirthday, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_RECIPIENT_COPY' => $copy ? 1 : 0, 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_FEMALE' => $_ARRAYLANG['TXT_NEWSLETTER_FEMALE'], 'TXT_NEWSLETTER_MALE' => $_ARRAYLANG['TXT_NEWSLETTER_MALE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_CANCEL' => $_CORELANG['TXT_CANCEL'], 'TXT_NEWSLETTER_DO_NOT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_DO_NOT_SEND_EMAIL'], 'TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_SEND_EMAIL'], 'TXT_NEWSLETTER_RECIPIENT_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_DATE'], 'TXT_NEWSLETTER_RECIPIENT_MONTH' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_MONTH'], 'TXT_NEWSLETTER_RECIPIENT_YEAR' => $_ARRAYLANG['TXT_NEWSLETTER_RECIPIENT_YEAR'], 'NEWSLETTER_FILTER_PARAMS' => $filterParams));
     $this->_objTpl->parse('module_newsletter_user_edit');
     return true;
 }
示例#19
0
 function send()
 {
     global $objDatabase, $_ARRAYLANG, $_CONFIG;
     $this->_objTpl->setTemplate($this->pageContent);
     // Initialize variables
     $code = substr(md5(rand()), 1, 10);
     $url = \Cx\Core\Routing\Url::fromModuleAndCmd('Ecard', 'show', '', array('code' => $code))->toString();
     // Initialize POST variables
     $id = intval($_POST['selectedEcard']);
     $message = contrexx_addslashes($_POST['ecardMessage']);
     $recipientSalutation = contrexx_stripslashes($_POST['ecardRecipientSalutation']);
     $senderName = contrexx_stripslashes($_POST['ecardSenderName']);
     $senderEmail = \FWValidator::isEmail($_POST['ecardSenderEmail']) ? $_POST['ecardSenderEmail'] : '';
     $recipientName = contrexx_stripslashes($_POST['ecardRecipientName']);
     $recipientEmail = \FWValidator::isEmail($_POST['ecardRecipientEmail']) ? $_POST['ecardRecipientEmail'] : '';
     if (empty($senderEmail) || empty($recipientEmail)) {
         $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR']));
         return false;
     }
     $query = "\n            SELECT `setting_name`, `setting_value`\n              FROM " . DBPREFIX . "module_ecard_settings";
     $objResult = $objDatabase->Execute($query);
     while (!$objResult->EOF) {
         switch ($objResult->fields['setting_name']) {
             case 'validdays':
                 $validdays = $objResult->fields['setting_value'];
                 break;
                 // Never used
                 //                case 'greetings':
                 //                    $greetings = $objResult->fields['setting_value'];
                 //                    break;
             // Never used
             //                case 'greetings':
             //                    $greetings = $objResult->fields['setting_value'];
             //                    break;
             case 'subject':
                 $subject = $objResult->fields['setting_value'];
                 break;
             case 'emailText':
                 $emailText = strip_tags($objResult->fields['setting_value']);
                 break;
         }
         $objResult->MoveNext();
     }
     $timeToLife = $validdays * 86400;
     // Replace placeholders with used in notification mail with user data
     $emailText = str_replace('[[ECARD_RECIPIENT_SALUTATION]]', $recipientSalutation, $emailText);
     $emailText = str_replace('[[ECARD_RECIPIENT_NAME]]', $recipientName, $emailText);
     $emailText = str_replace('[[ECARD_RECIPIENT_EMAIL]]', $recipientEmail, $emailText);
     $emailText = str_replace('[[ECARD_SENDER_NAME]]', $senderName, $emailText);
     $emailText = str_replace('[[ECARD_SENDER_EMAIL]]', $senderEmail, $emailText);
     $emailText = str_replace('[[ECARD_VALID_DAYS]]', $validdays, $emailText);
     $emailText = str_replace('[[ECARD_URL]]', $url, $emailText);
     $body = $emailText;
     // Insert ecard to DB
     $query = "\n            INSERT INTO `" . DBPREFIX . "module_ecard_ecards` (\n                code, date, TTL, salutation,\n                senderName, senderEmail,\n                recipientName, recipientEmail,\n                message\n            ) VALUES (\n                '" . $code . "',\n                '" . time() . "',\n                '" . $timeToLife . "',\n                '" . addslashes($recipientSalutation) . "',\n                '" . addslashes($senderName) . "',\n                '" . $senderEmail . "',\n                '" . addslashes($recipientName) . "',\n                '" . $recipientEmail . "',\n                '" . $message . "');";
     if ($objDatabase->Execute($query)) {
         $query = "\n                SELECT setting_value\n                  FROM " . DBPREFIX . "module_ecard_settings\n                 WHERE setting_name='motive_{$id}'";
         $objResult = $objDatabase->SelectLimit($query, 1);
         // Copy motive to new file with $code as filename
         $fileExtension = preg_replace('/^.+(\\.[^\\.]+)$/', '$1', $objResult->fields['setting_value']);
         $fileName = $objResult->fields['setting_value'];
         $objFile = new \File();
         if ($objFile->copyFile(ASCMS_ECARD_OPTIMIZED_PATH . '/', $fileName, ASCMS_ECARD_SEND_ECARDS_PATH . '/', $code . $fileExtension)) {
             $objMail = new \phpmailer();
             // Check e-mail settings
             if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once ASCMS_CORE_PATH . '/SmtpSettings.class.php')) {
                 $objSmtpSettings = new \SmtpSettings();
                 if (($arrSmtp = $objSmtpSettings->getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
                     $objMail->IsSMTP();
                     $objMail->Host = $arrSmtp['hostname'];
                     $objMail->Port = $arrSmtp['port'];
                     $objMail->SMTPAuth = true;
                     $objMail->Username = $arrSmtp['username'];
                     $objMail->Password = $arrSmtp['password'];
                 }
             }
             // Send notification mail to ecard-recipient
             $objMail->CharSet = CONTREXX_CHARSET;
             $objMail->SetFrom($senderEmail, $senderName);
             $objMail->Subject = $subject;
             $objMail->IsHTML(false);
             $objMail->Body = $body;
             $objMail->AddAddress($recipientEmail);
             if ($objMail->Send()) {
                 $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_HAS_BEEN_SENT']));
             } else {
                 $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_MAIL_SENDING_ERROR']));
             }
         }
     } else {
         $this->_objTpl->setVariable(array('STATUS_MESSAGE' => $_ARRAYLANG['TXT_ECARD_SENDING_ERROR']));
     }
 }
示例#20
0
 /**
  * creates the upload page for the frontend
  */
 private function uploadPage()
 {
     global $_ARRAYLANG, $objDatabase, $_CONFIG;
     $params = $this->objUrl->getParamArray();
     // the upload is finished and the script has to send a mail and assign the expiration dates
     if (!empty($this->files) && $_POST["accept_terms"]) {
         // set expiration time
         $cmd = \Env::get("Resolver")->getCmd();
         if ($cmd != "downloads") {
             $expiration_date = date("Y-m-d H:i:s", time() + $_POST["expiration"]);
             $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `expiration_date` = '" . contrexx_raw2db($expiration_date) . "' WHERE `upload_id` = '" . intval($params["uploadId"]) . "'");
         }
         // send the mail to the reciever
         if (\FWValidator::isEmail($_POST["email"])) {
             parent::sendMail($params["uploadId"], $_POST["subject"], array($_POST["email"]), $_POST["message"]);
         }
         // send the mail to the administrator
         parent::sendMail($params["uploadId"], null, array($_CONFIG['coreAdminEmail']), $_POST["message"]);
         // reset the upload id so the uploads are invisible now
         $objDatabase->Execute("UPDATE " . DBPREFIX . "module_filesharing SET `upload_id` = NULL WHERE `upload_id` = " . intval($params["uploadId"]));
         $this->getFileList();
     } else {
         $this->getForm();
     }
     // set the template-variables for the expiration dates
     foreach ($_ARRAYLANG["TXT_FILESHARING_EXPIRATION_DATES"] as $placeholder => $value) {
         $this->objTemplate->setVariable(strtoupper($placeholder), $value);
     }
 }
示例#21
0
 /**
  * Validate an E-mail address
  *
  * @param  string  unvalidated email string
  * @return boolean
  * @access public
  */
 function isEmail($email)
 {
     require_once ASCMS_FRAMEWORK_PATH . '/Validator.class.php';
     return FWValidator::isEmail($email);
 }
示例#22
0
 /**
  * Sends an email with the contact details to the responsible persons
  *
  * This methode sends an email to all email addresses that are defined in the
  * option "Receiver address(es)" of the requested contact form.
  * @access private
  * @global array
  * @global array
  * @param array Details of the contact request
  * @see _getEmailAdressOfString(), phpmailer::From, phpmailer::FromName, phpmailer::AddReplyTo(), phpmailer::Subject, phpmailer::IsHTML(), phpmailer::Body, phpmailer::AddAddress(), phpmailer::Send(), phpmailer::ClearAddresses()
  */
 private function sendMail($arrFormData)
 {
     global $_ARRAYLANG, $_CONFIG;
     $plaintextBody = '';
     $replyAddress = '';
     $firstname = '';
     $lastname = '';
     $senderName = '';
     $isHtml = $arrFormData['htmlMail'] == 1 ? true : false;
     // stop send process in case no real data had been submitted
     if (!isset($arrFormData['data']) && !isset($arrFormData['uploadedFiles'])) {
         return false;
     }
     // check if we shall send the email as multipart (text/html)
     if ($isHtml) {
         // setup html mail template
         $objTemplate = new \Cx\Core\Html\Sigma('.');
         $objTemplate->setErrorHandling(PEAR_ERROR_DIE);
         $objTemplate->setTemplate($arrFormData['mailTemplate']);
         $objTemplate->setVariable(array('DATE' => date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']), 'HOSTNAME' => contrexx_raw2xhtml($arrFormData['meta']['host']), 'IP_ADDRESS' => contrexx_raw2xhtml($arrFormData['meta']['ipaddress']), 'BROWSER_LANGUAGE' => contrexx_raw2xhtml($arrFormData['meta']['lang']), 'BROWSER_VERSION' => contrexx_raw2xhtml($arrFormData['meta']['browser'])));
     }
     // TODO: check if we have to excape $arrRecipients later in the code
     $arrRecipients = $this->getRecipients(intval($_GET['cmd']));
     // calculate the longest field label.
     // this will be used to correctly align all user submitted data in the plaintext e-mail
     // TODO: check if the label of upload-fields are taken into account as well
     $maxlength = 0;
     foreach ($arrFormData['fields'] as $arrField) {
         $length = strlen($arrField['lang'][FRONTEND_LANG_ID]['name']);
         $maxlength = $maxlength < $length ? $length : $maxlength;
     }
     // try to fetch a user submitted e-mail address to which we will send a copy to
     if (!empty($arrFormData['fields'])) {
         foreach ($arrFormData['fields'] as $fieldId => $arrField) {
             // check if field validation is set to e-mail
             if ($arrField['check_type'] == '2') {
                 $mail = trim($arrFormData['data'][$fieldId]);
                 if (\FWValidator::isEmail($mail)) {
                     $replyAddress = $mail;
                     break;
                 }
             }
             if ($arrField['type'] == 'special') {
                 switch ($arrField['special_type']) {
                     case 'access_firstname':
                         $firstname = trim($arrFormData['data'][$fieldId]);
                         break;
                     case 'access_lastname':
                         $lastname = trim($arrFormData['data'][$fieldId]);
                         break;
                     default:
                         break;
                 }
             }
         }
     }
     if ($arrFormData['useEmailOfSender'] == 1 && (!empty($firstname) || !empty($lastname))) {
         $senderName = trim($firstname . ' ' . $lastname);
     } else {
         $senderName = $_CONFIG['coreGlobalPageTitle'];
     }
     // a recipient mail address which has been picked by sender
     $chosenMailRecipient = null;
     // fill the html and plaintext body with the submitted form data
     foreach ($arrFormData['fields'] as $fieldId => $arrField) {
         if ($fieldId == 'unique_id') {
             //generated for uploader. no interesting mail content.
             continue;
         }
         $htmlValue = '';
         $plaintextValue = '';
         $textAreaKeys = array();
         switch ($arrField['type']) {
             case 'label':
             case 'fieldset':
                 // TODO: parse TH row instead
             // TODO: parse TH row instead
             case 'horizontalLine':
                 // TODO: add visual horizontal line
                 // we need to use a 'continue 2' here to first break out of the switch and then move over to the next iteration of the foreach loop
                 continue 2;
                 break;
             case 'file':
             case 'multi_file':
                 $htmlValue = "";
                 $plaintextValue = "";
                 if (isset($arrFormData['uploadedFiles'][$fieldId])) {
                     $htmlValue = "<ul>";
                     foreach ($arrFormData['uploadedFiles'][$fieldId] as $file) {
                         $htmlValue .= "<li><a href='" . ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . contrexx_raw2xhtml($file['path']) . "' >" . contrexx_raw2xhtml($file['name']) . "</a></li>";
                         $plaintextValue .= ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . \Env::get('cx')->getWebsiteOffsetPath() . $file['path'] . "\r\n";
                     }
                     $htmlValue .= "</ul>";
                 }
                 break;
             case 'checkbox':
                 $plaintextValue = !empty($arrFormData['data'][$fieldId]) ? $_ARRAYLANG['TXT_CONTACT_YES'] : $_ARRAYLANG['TXT_CONTACT_NO'];
                 $htmlValue = $plaintextValue;
                 break;
             case 'recipient':
                 // TODO: check for XSS
                 $plaintextValue = $arrRecipients[$arrFormData['data'][$fieldId]]['lang'][FRONTEND_LANG_ID];
                 $htmlValue = $plaintextValue;
                 $chosenMailRecipient = $arrRecipients[$arrFormData['data'][$fieldId]]['email'];
                 break;
             case 'textarea':
                 //we need to know all textareas - they're indented differently then the rest of the other field types
                 $textAreaKeys[] = $fieldId;
             default:
                 $plaintextValue = isset($arrFormData['data'][$fieldId]) ? $arrFormData['data'][$fieldId] : '';
                 $htmlValue = contrexx_raw2xhtml($plaintextValue);
                 break;
         }
         $fieldLabel = $arrField['lang'][FRONTEND_LANG_ID]['name'];
         // try to fetch an e-mail address from submitted form date in case we were unable to fetch one from an input type with e-mail validation
         if (empty($replyAddress)) {
             $mail = $this->_getEmailAdressOfString($plaintextValue);
             if (\FWValidator::isEmail($mail)) {
                 $replyAddress = $mail;
             }
         }
         // parse html body
         if ($isHtml) {
             if (!empty($htmlValue)) {
                 if ($objTemplate->blockExists('field_' . $fieldId)) {
                     // parse field specific template block
                     $objTemplate->setVariable(array('FIELD_' . $fieldId . '_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_' . $fieldId . '_VALUE' => $htmlValue));
                     $objTemplate->parse('field_' . $fieldId);
                 } elseif ($objTemplate->blockExists('form_field')) {
                     // parse regular field template block
                     $objTemplate->setVariable(array('FIELD_LABEL' => contrexx_raw2xhtml($fieldLabel), 'FIELD_VALUE' => $htmlValue));
                     $objTemplate->parse('form_field');
                 }
             } elseif ($objTemplate->blockExists('field_' . $fieldId)) {
                 // hide field specific template block, if present
                 $objTemplate->hideBlock('field_' . $fieldId);
             }
         }
         // parse plaintext body
         $tabCount = $maxlength - strlen($fieldLabel);
         $tabs = $tabCount == 0 ? 1 : $tabCount + 1;
         // TODO: what is this all about? - $value is undefined
         if ($arrFormData['fields'][$fieldId]['type'] == 'recipient') {
             $value = $arrRecipients[$value]['lang'][FRONTEND_LANG_ID];
         }
         if (in_array($fieldId, $textAreaKeys)) {
             // we're dealing with a textarea, don't indent value
             $plaintextBody .= $fieldLabel . ":\n" . $plaintextValue . "\n";
         } else {
             $plaintextBody .= $fieldLabel . str_repeat(" ", $tabs) . ": " . $plaintextValue . "\n";
         }
     }
     $arrSettings = $this->getSettings();
     // TODO: this is some fixed plaintext message data -> must be ported to html body
     $message = $_ARRAYLANG['TXT_CONTACT_TRANSFERED_DATA_FROM'] . " " . $_CONFIG['domainUrl'] . "\n\n";
     if ($arrSettings['fieldMetaDate']) {
         $message .= $_ARRAYLANG['TXT_CONTACT_DATE'] . " " . date(ASCMS_DATE_FORMAT, $arrFormData['meta']['time']) . "\n\n";
     }
     $message .= $plaintextBody . "\n\n";
     if ($arrSettings['fieldMetaHost']) {
         $message .= $_ARRAYLANG['TXT_CONTACT_HOSTNAME'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['host']) . "\n";
     }
     if ($arrSettings['fieldMetaIP']) {
         $message .= $_ARRAYLANG['TXT_CONTACT_IP_ADDRESS'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['ipaddress']) . "\n";
     }
     if ($arrSettings['fieldMetaLang']) {
         $message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_LANGUAGE'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['lang']) . "\n";
     }
     $message .= $_ARRAYLANG['TXT_CONTACT_BROWSER_VERSION'] . " : " . contrexx_raw2xhtml($arrFormData['meta']['browser']) . "\n";
     if (@(include_once \Env::get('cx')->getCodeBaseLibraryPath() . '/phpmailer/class.phpmailer.php')) {
         $objMail = new \phpmailer();
         if ($_CONFIG['coreSmtpServer'] > 0 && @(include_once \Env::get('cx')->getCodeBaseCorePath() . '/SmtpSettings.class.php')) {
             if (($arrSmtp = \SmtpSettings::getSmtpAccount($_CONFIG['coreSmtpServer'])) !== false) {
                 $objMail->IsSMTP();
                 $objMail->Host = $arrSmtp['hostname'];
                 $objMail->Port = $arrSmtp['port'];
                 $objMail->SMTPAuth = true;
                 $objMail->Username = $arrSmtp['username'];
                 $objMail->Password = $arrSmtp['password'];
             }
         }
         $objMail->CharSet = CONTREXX_CHARSET;
         $objMail->From = $_CONFIG['coreAdminEmail'];
         $objMail->FromName = $senderName;
         if (!empty($replyAddress)) {
             $objMail->AddReplyTo($replyAddress);
             if ($arrFormData['sendCopy'] == 1) {
                 $objMail->AddAddress($replyAddress);
             }
             if ($arrFormData['useEmailOfSender'] == 1) {
                 $objMail->From = $replyAddress;
             }
         }
         $objMail->Subject = $arrFormData['subject'];
         if ($isHtml) {
             $objMail->Body = $objTemplate->get();
             $objMail->AltBody = $message;
         } else {
             $objMail->IsHTML(false);
             $objMail->Body = $message;
         }
         // attach submitted files to email
         if (count($arrFormData['uploadedFiles']) > 0 && $arrFormData['sendAttachment'] == 1) {
             foreach ($arrFormData['uploadedFiles'] as $arrFilesOfField) {
                 foreach ($arrFilesOfField as $file) {
                     $objMail->AddAttachment(\Env::get('cx')->getWebsiteDocumentRootPath() . $file['path'], $file['name']);
                 }
             }
         }
         if ($chosenMailRecipient !== null) {
             if (!empty($chosenMailRecipient)) {
                 $objMail->AddAddress($chosenMailRecipient);
                 $objMail->Send();
                 $objMail->ClearAddresses();
             }
         } else {
             foreach ($arrFormData['emails'] as $sendTo) {
                 if (!empty($sendTo)) {
                     $objMail->AddAddress($sendTo);
                     $objMail->Send();
                     $objMail->ClearAddresses();
                 }
             }
         }
     }
     return true;
 }
示例#23
0
 /**
  * Returns true if the given $username is valid
  * @param   string    $username
  * @return  boolean
  * @static
  */
 public static function isValidUsername($username)
 {
     if (preg_match('/^[a-zA-Z0-9-_]*$/', $username)) {
         return true;
     }
     // For version 2.3, inspired by migrating Shop Customers to Users:
     // In addition to the above, also accept usernames that look like valid
     // e-mail addresses
     // TODO: Maybe this should be restricted to MODULE_ID == 16 (Shop)?
     if (FWValidator::isEmail($username)) {
         return true;
     }
     return false;
 }