/manage/expressionengine/third_party/freeform/mod.freeform.php

Large files files are truncated, but you can click here to view the full file

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**
 * Freeform - User Side
 *
 * @package		Solspace:Freeform
 * @author		Solspace, Inc.
 * @copyright	Copyright (c) 2008-2015, Solspace, Inc.
 * @link		http://solspace.com/docs/freeform
 * @license		http://www.solspace.com/license_agreement
 * @version		4.2.3
 * @filesource	freeform/mod.freeform.php
 */

if ( ! class_exists('Module_builder_freeform'))
{
	require_once 'addon_builder/module_builder.php';
}

class Freeform extends Module_builder_freeform
{
	/**
	 * return data for when the constructor os only called
	 * unused thusfar in this addon.
	 * @var string
	 */
	public $return_data		= '';

	/**
	 * Multipart form?
	 * @var boolean
	 * @see form
	 */
	public $multipart		= FALSE;

	/**
	 * Params array storage for param
	 * @var array
	 * @see param
	 */
	public $params			= array();

	/**
	 * params id for param fetch
	 * @var integer
	 * @see form
	 * @see insert_params
	 */
	public $params_id		= 0;

	/**
	 * Form ID storage
	 * @var integer
	 * @see form_id
	 */
	public $form_id			= 0;

	/**
	 * Test Mode?
	 *
	 * @var boolean
	 * @see do_exist
	 */
	public $test_mode		= FALSE;

	/**
	 * Default Multipage Marker
	 *
	 * @var string
	 * @see form
	 * @see set_form_params
	 */
	public $default_mp_page_marker = 'page';

	/**
	 * Multipage Page Array
	 *
	 * @var array
	 * @see get_mp_page_array
	 */
	public $mp_page_array;

	/**
	 * Prevents rerunning of set_form_params
	 * @var boolean
	 * @see set_form_params
	 */
	public $params_ran = FALSE;

	/**
	 * Form Data
	 * @var array
	 */
	public $form_data;

	/**
	 * Params With Defaults
	 * @var array
	 * @see get_default_params
	 */
	public $params_with_defaults;

	// --------------------------------------------------------------------

	/**
	 * Constructor
	 *
	 * @access	public
	 * @return	null
	 */

	public function __construct ()
	{
		parent::__construct();

		// -------------------------------------
		//  Module Installed and Up to Date?
		// -------------------------------------

		ee()->load->helper(array('text', 'form', 'url', 'string'));

		//avoids AR collisions
		$this->data->get_module_preferences();
		$this->data->get_global_module_preferences();
		$this->data->show_all_sites();
	}
	// END __construct()


	// --------------------------------------------------------------------

	/**
	 * Form Info
	 *
	 * @access	public
	 * @return	string parsed tagdata
	 */

	public function form_info()
	{
		$form_ids = $this->form_id(TRUE, FALSE);

		ee()->load->model('freeform_form_model');

		if ($form_ids)
		{
			ee()->freeform_form_model->where_in('form_id', $form_ids);
		}

		// -------------------------------------
		//	site ids
		// -------------------------------------

		//if its star, allow all
		if (ee()->TMPL->fetch_param('site_id') !== '*')
		{
			$site_id = $this->parse_numeric_array_param('site_id');

			//if this isn't false, its single or an array
			if ($site_id !== FALSE)
			{
				//no ids? exit
				if (empty($site_id['ids']))
				{
					ee()->freeform_form_model->reset();
					return $this->no_results_error();
				}
				//e.g. site_id="not 1"
				else if ($site_id['not'])
				{
					ee()->freeform_form_model->where_not_in(
						'site_id',
						$site_id['ids']
					);
				}
				else
				{
					ee()->freeform_form_model->where_in(
						'site_id',
						$site_id['ids']
					);
				}
			}
			//default
			else
			{
				ee()->freeform_form_model->where(
					'site_id',
					ee()->config->item('site_id')
				);
			}
		}

		// -------------------------------------
		//	form data
		// -------------------------------------

		$form_data =	ee()->freeform_form_model
							->select(
								'form_id, site_id, ' .
								'form_name, form_label, ' .
								'form_description, author_id, ' .
								'entry_date, edit_date'
							)
							->order_by('form_id', 'asc')
							->get();

		if ( ! $form_data)
		{
			return	$this->no_results_error(($form_ids) ?
						'invalid_form_id' :
						NULL
					);
		}

		// -------------------------------------
		//	author data
		// -------------------------------------

		$author_ids		= array();
		$author_data	= array();

		foreach ($form_data as $row)
		{
			$author_ids[] = $row['author_id'];
		}

		$a_query = ee()->db->select('member_id, username, screen_name')
							->from('members')
							->where_in('member_id', array_unique($author_ids))
							->get();

		if ($a_query->num_rows() > 0)
		{
			$author_data = $this->prepare_keyed_result(
				$a_query,
				'member_id'
			);
		}

		// -------------------------------------
		//	output
		// -------------------------------------

		$variables = array();

		ee()->load->model('freeform_entry_model');

		foreach ($form_data as $row)
		{
			$new_row = array();

			//prefix everything
			foreach ($row as $key => $value)
			{
				$new_row['freeform:' . $key] = $value;
			}

			//we are only counting completed entries
			$new_row['freeform:total_entries']	=	ee()->freeform_entry_model
														->id($row['form_id'])
														->where('complete', 'y')
														->count();

			$new_row['freeform:author']			=	(
				isset($author_data[$row['author_id']]) ?
					(
						isset($author_data[$row['author_id']]['screen_name']) ?
							$author_data[$row['author_id']]['screen_name'] :
							$author_data[$row['author_id']]['username']
					) :
					lang('n_a')
			);

			$variables[] = $new_row;
		}

		$prefixed_tags	= array(
			'count',
			'switch',
			'total_results'
		);

		$tagdata = ee()->TMPL->tagdata;

		$tagdata = $this->tag_prefix_replace(
			'freeform:',
			$prefixed_tags,
			$tagdata
		);

		//this should handle backspacing as well
		$tagdata = ee()->TMPL->parse_variables($tagdata, $variables);

		$tagdata = $this->tag_prefix_replace(
			'freeform:',
			$prefixed_tags,
			$tagdata,
			TRUE
		);

		return $tagdata;
	}
	//END form_info


	// --------------------------------------------------------------------

	/**
	 * Freeform:Entries
	 * {exp:freeform:entries}
	 *
	 * @access	public
	 * @return	string 	tagdata
	 */

	public function entries()
	{
		// -------------------------------------
		//	form id
		// -------------------------------------

		$form_ids = $this->form_id(TRUE, FALSE);

		if ( ! $form_ids)
		{
			return $this->no_results_error('invalid_form_id');
		}

		if ( ! is_array($form_ids))
		{
			$form_ids = array($form_ids);
		}

		// -------------------------------------
		//	libs, models, helper
		// -------------------------------------

		ee()->load->model('freeform_form_model');
		ee()->load->model('freeform_entry_model');
		ee()->load->model('freeform_field_model');
		ee()->load->model('freeform_file_upload_model');
		ee()->load->library('freeform_forms');
		ee()->load->library('freeform_fields');

		// -------------------------------------
		//	start cache for count and result
		// -------------------------------------

		$forms_data	=	ee()->freeform_form_model
							->key('form_id')
							->get(array('form_id' => $form_ids));

		$statuses	= array_keys($this->data->get_form_statuses());

		// -------------------------------------
		//	field order ids
		// -------------------------------------

		$all_field_ids	= array();
		$all_order_ids	= array();

		foreach ($forms_data as $form_data)
		{
			//this should always be true, but NEVER TRUST AN ELF
			if (isset($form_data['field_ids']) AND
				is_array($form_data['field_ids']))
			{
				$all_field_ids = array_merge(
					$all_field_ids,
					$form_data['field_ids']
				);

				$all_order_ids = array_merge(
					$all_order_ids,
					$this->actions()->pipe_split($form_data['field_order'])
				);
			}
		}

		$all_field_ids = array_unique($all_field_ids);
		$all_order_ids = array_unique($all_order_ids);

		sort($all_field_ids);

		// -------------------------------------
		//	get field data
		// -------------------------------------

		$all_field_data = FALSE;

		if ( ! empty($all_field_ids))
		{
			$all_field_data = ee()->freeform_field_model
									->key('field_id')
									->where_in('field_id', $all_field_ids)
									->get();
		}

		$field_data = array();

		if ($all_field_data)
		{
			foreach ($all_field_data as $row)
			{
				$field_data[$row['field_id']] = $row;
			}
		}

		// -------------------------------------
		//	set tables
		// -------------------------------------

		ee()->freeform_entry_model->id($form_ids);

		// -------------------------------------
		//	replace CURRENT_USER before we get
		//	started because the minute we don't
		//	someone is going to figure out
		//	a way to need it in site_id=""
		// -------------------------------------

		$this->replace_current_user();

		// -------------------------------------
		//	site ids
		// -------------------------------------

		//if its star, allow all
		if (ee()->TMPL->fetch_param('site_id') !== '*')
		{
			$site_id = $this->parse_numeric_array_param('site_id');

			//if this isn't false, its single or an array
			if ($site_id !== FALSE)
			{
				if (empty($site_id['ids']))
				{
					ee()->freeform_entry_model->reset();
					return $this->no_results_error();
				}
				else if ($site_id['not'])
				{
					ee()->freeform_entry_model->where_not_in(
						'site_id',
						$site_id['ids']
					);
				}
				else
				{
					ee()->freeform_entry_model->where_in(
						'site_id',
						$site_id['ids']
					);
				}
			}
			//default
			else
			{
				ee()->freeform_entry_model->where(
					'site_id',
					ee()->config->item('site_id')
				);
			}
		}

		// -------------------------------------
		//	entry ids
		// -------------------------------------

		$entry_id = $this->parse_numeric_array_param('entry_id');

		if ($entry_id !== FALSE)
		{
			if (empty($entry_id['ids']))
			{
				ee()->freeform_entry_model->reset();
				return $this->no_results_error();
			}
			else if ($entry_id['not'])
			{
				ee()->freeform_entry_model->where_not_in(
					'entry_id',
					$entry_id['ids']
				);
			}
			else
			{
				ee()->freeform_entry_model->where_in(
					'entry_id',
					$entry_id['ids']
				);
			}
		}

		// -------------------------------------
		//	author ids
		// -------------------------------------

		$author_id = $this->parse_numeric_array_param('author_id');

		if ($author_id !== FALSE)
		{
			if (empty($author_id['ids']))
			{
				ee()->freeform_entry_model->reset();
				return $this->no_results_error();
			}
			else if ($author_id['not'])
			{
				ee()->freeform_entry_model->where_not_in(
					'author_id',
					$author_id['ids']
				);
			}
			else
			{
				ee()->freeform_entry_model->where_in(
					'author_id',
					$author_id['ids']
				);
			}
		}

		// -------------------------------------
		//	{freeform:all_form_fields}
		// -------------------------------------

		$tagdata = $this->replace_all_form_fields(
			ee()->TMPL->tagdata,
			$field_data,
			$all_order_ids
		);

		// -------------------------------------
		//	get standard columns and labels
		// -------------------------------------

		$standard_columns 	= array_keys(
			ee()->freeform_form_model->default_form_table_columns
		);

		$standard_columns[] = 'author';

		$column_labels		= array();

		//keyed labels for the front end
		foreach ($standard_columns as $column_name)
		{
			$column_labels[$column_name] = lang($column_name);
		}

		// -------------------------------------
		//	available fields
		// -------------------------------------

		//this makes the keys and values the same
		$available_fields	= array_combine(
			$standard_columns,
			$standard_columns
		);

		$custom_fields		= array();
		$field_descriptions	= array();

		foreach ($field_data as $field_id => $f_data)
		{
			$fid = ee()->freeform_form_model->form_field_prefix . $field_id;

			//field_name => field_id_1, etc
			$available_fields[$f_data['field_name']]	= $fid;
			//field_id_1 => field_id_1, etc
			$available_fields[$fid]						= $fid;
			$custom_fields[] = $f_data['field_name'];

			//labels
			$column_labels[$f_data['field_name']]		= $f_data['field_label'];
			$column_labels[$fid]						= $f_data['field_label'];

			$field_descriptions[
				'freeform:description:' . $f_data['field_name']
			]	= $f_data['field_description'];
		}

		// -------------------------------------
		//	search:field_name="kittens"
		// -------------------------------------

		foreach (ee()->TMPL->tagparams as $key => $value)
		{
			if (substr($key, 0, 7) == 'search:')
			{
				$search_key = substr($key, 7);

				if (isset($available_fields[$search_key]))
				{
					ee()->freeform_entry_model->add_search(
						$available_fields[$search_key],
						$value
					);
				}
			}
		}

		// -------------------------------------
		//	date range
		// -------------------------------------

		$date_range			= ee()->TMPL->fetch_param('date_range');
		$date_range_start	= ee()->TMPL->fetch_param('date_range_start');
		$date_range_end		= ee()->TMPL->fetch_param('date_range_end');

		ee()->freeform_entry_model->date_where(
			$date_range,
			$date_range_start,
			$date_range_end
		);

		// -------------------------------------
		//	complete
		// -------------------------------------

		$show_incomplete = ee()->TMPL->fetch_param('show_incomplete');

		if ($show_incomplete === 'only')
		{
			ee()->freeform_entry_model->where('complete', 'n');
		}
		//default unless show_incomplete="y"
		else if ( ! $this->check_yes($show_incomplete))
		{
			ee()->freeform_entry_model->where('complete', 'y');
		}

		// -------------------------------------
		//	status
		// -------------------------------------

		$status = ee()->TMPL->fetch_param('status', 'open');

		if ($status !== 'all')
		{
			//make it an array either way
			$status = array_map('trim', $this->actions()->pipe_split($status));

			$approved = array_map('strtolower', $statuses);

			$search_status = array();

			//only keep legit ones
			foreach($status as $potential_status)
			{
				if (in_array(strtolower($potential_status), $approved))
				{
					$search_status[] = $potential_status;
				}
			}

			if ( ! empty($search_status))
			{
				ee()->freeform_entry_model->where_in(
					'status',
					$search_status
				);
			}
		}

		// -------------------------------------
		//	orderby/sort
		// -------------------------------------

		$sort 		= ee()->TMPL->fetch_param('sort');
		$orderby 	= ee()->TMPL->fetch_param('orderby');

		if ($orderby !== FALSE AND trim($orderby) !== '')
		{
			$orderby = $this->actions()->pipe_split(strtolower(trim($orderby)));

			array_walk($orderby, 'trim');

			// -------------------------------------
			//	sort
			// -------------------------------------

			if ($sort !== FALSE AND trim($sort) !== '')
			{
				$sort = $this->actions()->pipe_split(strtolower(trim($sort)));

				array_walk($sort, 'trim');

				//correct sorts
				foreach ($sort as $key => $value)
				{
					if ( ! in_array($value, array('asc', 'desc')))
					{
						$sort[$key] = 'asc';
					}
				}
			}
			else
			{
				$sort = array('asc');
			}

			// -------------------------------------
			//	add sorts and orderbys
			// -------------------------------------

			foreach ($orderby as $key => $value)
			{
				if ($value == 'random')
				{
					ee()->freeform_entry_model->order_by('', 'random');
					continue;
				}

				if (isset($available_fields[$value]))
				{
					//if the sort is not set, just use the first
					//really this should teach people to be more specific :p
					$temp_sort = isset($sort[$key]) ? $sort[$key] : $sort[0];

					ee()->freeform_entry_model->order_by(
						$available_fields[$value],
						$temp_sort
					);
				}
			}
		}

		//--------------------------------------
		//  pagination start vars
		//--------------------------------------

		$limit				= ee()->TMPL->fetch_param('limit', 50);
		$offset				= ee()->TMPL->fetch_param('offset', 0);
		$row_count			= 0;
		$total_entries		= ee()->freeform_entry_model->count(array(), FALSE);
		$current_page		= 0;

		if ($total_entries == 0)
		{
			ee()->freeform_entry_model->reset();
			return $this->no_results_error();
		}

		// -------------------------------------
		//	pagination?
		// -------------------------------------

		$prefix = stristr($tagdata, LD . 'freeform:paginate' . RD);

		if ($limit > 0 AND ($total_entries - $offset) > $limit)
		{
			//get pagination info
			$pagination_data = $this->universal_pagination(array(
				'total_results'			=> $total_entries,
				'tagdata'				=> $tagdata,
				'limit'					=> $limit,
				'offset'				=> $offset,
				'uri_string'			=> ee()->uri->uri_string,
				'prefix'				=> 'freeform:',
				'auto_paginate'			=> TRUE
			));

			//if we paginated, sort the data
			if ($pagination_data['paginate'] === TRUE)
			{
				$tagdata		= $pagination_data['tagdata'];
				$current_page 	= $pagination_data['pagination_page'];
			}
		}
		else
		{
			$this->paginate = FALSE;
		}

		ee()->freeform_entry_model->limit($limit, $current_page + $offset);

		// -------------------------------------
		//	get data
		// -------------------------------------

		$result_array = ee()->freeform_entry_model->get();

		if (empty($result_array))
		{
			ee()->freeform_entry_model->reset();
			return $this->no_results_error();
		}

		$output_labels = array();

		//column labels for output
		foreach ($column_labels as $key => $value)
		{
			$output_labels['freeform:label:' . $key] = $value;
		}

		$count				= $row_count;

		$variable_rows		= array();

		$replace_tagdata	= '';

		// -------------------------------------
		//	allow pre_process
		// -------------------------------------

		$entry_ids = array();

		foreach ($result_array as $row)
		{
			if ( ! isset($entry_ids[$row['form_id']]))
			{
				$entry_ids[$row['form_id']] = array();
			}

			$entry_ids[$row['form_id']][] = $row['entry_id'];
		}

		// -------------------------------------
		//	preprocess items
		// -------------------------------------
		//	These are separated by form id so this
		//	is not iterating over each entry id
		//	but rather grouped by form.
		// -------------------------------------

		foreach ($entry_ids as $f_form_id => $f_entry_ids)
		{
			ee()->freeform_fields->apply_field_method(array(
				'method'		=> 'pre_process_entries',
				'form_id'		=> $f_form_id,
				'form_data'		=> $forms_data,
				'entry_id'		=> $f_entry_ids,
				'field_data'	=> $field_data
			));
		}

		// -------------------------------------
		//	output
		// -------------------------------------

		$to_prefix = array(
			'absolute_count',
			'absolute_results',
			'attachment_count',
			'author_id',
			'author',
			'complete',
			'edit_date',
			'entry_date',
			'entry_id',
			'form_id',
			'form_name',
			'ip_address',
			'reverse_count'
		);

		$absolute_count = $current_page + $offset;
		$total_results	= count($result_array);
		$count			= 0;

		// -------------------------------------
		//	get file attachment count for entries
		// -------------------------------------

		$att_results = ee()->freeform_file_upload_model
						->select('form_id, entry_id, COUNT(*) as file_count')
						->where_in('form_id', $form_ids)
						->group_by('form_id, entry_id')
						->get();


		$attached_counts = array();

		if ( ! empty($att_results))
		{
			foreach ($att_results as $att_row)
			{
				if ( ! isset($attached_counts[$att_row['form_id']]))
				{
					$attached_counts[$att_row['form_id']] = array();
				}

				$attached_counts[$att_row['form_id']][$att_row['entry_id']] = $att_row['file_count'];
			}
		}

		// -------------------------------------
		//	build results
		// -------------------------------------

		foreach ($result_array as $row)
		{
			//apply replace tag to our field data
			$field_parse = ee()->freeform_fields->apply_field_method(array(
				'method'			=> 'replace_tag',
				'form_id'			=> $row['form_id'],
				'entry_id'			=> $row['entry_id'],
				'form_data'			=> $forms_data,
				'field_data'		=> $field_data,
				'field_input_data'	=> $row,
				'tagdata'			=> $tagdata
			));

			$row = array_merge(
				$output_labels,
				$field_descriptions,
				$row,
				$field_parse['variables']
			);

			$row['attachment_count'] = isset($attached_counts[$row['form_id']][$row['entry_id']]) ?
										$attached_counts[$row['form_id']][$row['entry_id']] :
										0;

			if ($replace_tagdata == '')
			{
				$replace_tagdata = $field_parse['tagdata'];
			}

			$row['freeform:form_name']			= $forms_data[$row['form_id']]['form_name'];
			$row['freeform:form_label']			= $forms_data[$row['form_id']]['form_label'];

			//prefix
			foreach ($row as $key => $value)
			{
				if ( ! preg_match('/^freeform:/', $key))
				{
					if (in_array($key, $custom_fields) AND
						! isset($row['freeform:field:' . $key]))
					{
						$row['freeform:field:' . $key] = $value;
					}
					else if ( ! isset($row['freeform:' . $key]))
					{
						$row['freeform:' . $key] = $value;
					}

					unset($row[$key]);
				}
			}

			// -------------------------------------
			//	other counts
			// -------------------------------------
			$row['freeform:reverse_count']		= $total_results - $count++;
			$row['freeform:absolute_count']		= ++$absolute_count;
			$row['freeform:absolute_results']	= $total_entries;

			$variable_rows[] = $row;
		}

		$tagdata = $replace_tagdata;

		$prefixed_tags	= array(
			'count',
			'switch',
			'total_results'
		);

		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);

		//this should handle backspacing as well
		$tagdata = ee()->TMPL->parse_variables($tagdata, $variable_rows);

		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);

		// -------------------------------------
		//	add pagination
		// -------------------------------------

		//prefix or no prefix?
		if ($prefix)
		{
			$tagdata = $this->parse_pagination(array(
				'prefix' 	=> 'freeform:',
				'tagdata' 	=> $tagdata
			));
		}
		else
		{
			$tagdata = $this->parse_pagination(array(
				'tagdata' 	=> $tagdata
			));
		}

		return $tagdata;
	}
	//END entries


	

	// --------------------------------------------------------------------

	/**
	 * Freeform:Form
	 * {exp:freeform:form}
	 *
	 * @access	public
	 * @param 	bool 	$edit			edit mode? external for security
	 * @param	bool	$preview		preview mode?
	 * @param	mixed	$preview_fields	extra preview fields?
	 * @return	string 	tagdata
	 */

	public function form($edit = FALSE, $preview = FALSE, $preview_fields = FALSE)
	{
		if ($this->check_yes(ee()->TMPL->fetch_param('require_logged_in')) AND
			ee()->session->userdata['member_id'] == '0')
		{
			return $this->no_results_error('not_logged_in');
		}

		// -------------------------------------
		//	form id
		// -------------------------------------

		$form_id = $this->form_id(FALSE, FALSE);

		if ( ! $form_id)
		{
			return $this->no_results_error('invalid_form_id');
		}

		// -------------------------------------
		//	libs, helpers, etc
		// -------------------------------------

		ee()->load->model('freeform_form_model');
		ee()->load->model('freeform_field_model');
		ee()->load->library('freeform_forms');
		ee()->load->library('freeform_fields');
		ee()->load->helper('form');

		// -------------------------------------
		//	build query
		// -------------------------------------

		$this->form_data = $form_data = $this->data->get_form_info($form_id);

		// -------------------------------------
		//	preview fields? (composer preview)
		// -------------------------------------

		if ( ! empty($preview_fields))
		{
			ee()->load->model('freeform_field_model');

			$valid_preview_fields = ee()->freeform_field_model
										->where_in('field_id', $preview_fields)
										->key('field_id')
										->get();

			if ($valid_preview_fields)
			{
				foreach ($valid_preview_fields as $p_field_id => $p_field_data)
				{
					$p_field_data['preview']			= TRUE;
					$form_data['fields'][$p_field_id]	= $p_field_data;
				}
			}
		}

		// -------------------------------------
		//	form data
		// -------------------------------------

		$this->params['form_id'] = $form_id;

		// -------------------------------------
		//	edit?
		// -------------------------------------

		$entry_id	= 0;

		$edit_data	= array();

		

		$this->params['edit']				= $edit;
		$this->params['entry_id']			= $entry_id;

		// -------------------------------------
		//	replace CURRENT_USER everywhere
		// -------------------------------------

		$this->replace_current_user();

		// -------------------------------------
		//	default params
		// -------------------------------------

		$this->default_mp_page_marker = 'page';

		$this->set_form_params(TRUE);

		//	----------------------------------------
		//	Check for duplicate
		//	----------------------------------------

		$duplicate = FALSE;

		//we can only prevent dupes on entry like this
		if ( ! $edit AND $this->params['prevent_duplicate_on'])
		{
			if ( in_array(
					$this->params['prevent_duplicate_on'],
					array('member_id', 'ip_address'),
					TRUE
				))
			{
				$duplicate = ee()->freeform_forms->check_duplicate(
					$form_id,
					$this->params['prevent_duplicate_on'],
					'',
					$this->params['prevent_duplicate_per_site']
				);
			}
		}

		//	----------------------------------------
		//	duplicate?
		//	----------------------------------------

		if ($duplicate)
		{
			if ($this->params['duplicate_redirect'] !== '')
			{
				ee()->functions->redirect(
					$this->prep_url(
						$this->params['duplicate_redirect'],
						$this->params['secure_duplicate_redirect']
					)
				);

				return $this->do_exit();
			}
			else if ($this->params['error_on_duplicate'])
			{
				return $this->no_results_error('no_duplicates');
			}
			/*else if (preg_match(
				'/' . LD . 'if freeform_duplicate' . RD . '(*?)' '/',
				ee()->TMPL->tagdata, ))
			{

			}*/
		}

		// -------------------------------------
		//	check user email field
		// 	if this is from form prefs, its an ID
		// -------------------------------------

		$valid_user_email_field = FALSE;

		foreach ($form_data['fields'] as $field_id => $field_data)
		{
			if ($this->params['user_email_field'] == $field_data['field_name'] OR
				$this->params['user_email_field'] == $field_id)
			{
				$valid_user_email_field = TRUE;

				//in case the setting is an id
				$this->params['user_email_field'] = $field_data['field_name'];
				break;
			}
		}

		//  if it doesn't exist in the form, lets blank it
		$this->params['user_email_field'] = (
			$valid_user_email_field ?
				$this->params['user_email_field'] :
				''
		);

		

		$this->edit	= $edit;

		//	----------------------------------------
		//	'freeform_module_form_begin' hook.
		//	 - This allows developers to change data before form processing.
		//	----------------------------------------

		if (ee()->extensions->active_hook('freeform_module_form_begin') === TRUE)
		{
			ee()->extensions->universal_call(
				'freeform_module_form_begin',
				$this
			);

			if (ee()->extensions->end_script === TRUE) return;
		}
		//	----------------------------------------

		// -------------------------------------
		//	start form
		// -------------------------------------

		$tagdata				= ee()->TMPL->tagdata;
		$return					= '';
		$hidden_fields			= array();
		$outer_template_vars	= array();
		$variables				= array();
		$page_total				= 1;
		$current_page			= 0;
		$last_page				= TRUE;
		$multipage				= $this->params['multipage'];

		// -------------------------------------
		//	check if this is multi-page
		// -------------------------------------

		
			$current_page = 1;
			

		// -------------------------------------
		//	set for hooks
		// -------------------------------------

		$this->multipage = $multipage;
		$this->last_page = $last_page;

		// -------------------------------------
		//	check again for captcha now that
		//	tagdata has been adjusted
		// -------------------------------------

		if ($this->params['require_captcha'])
		{
			$this->params['require_captcha'] = (
				$this->require_captcha() &&
				stristr($tagdata, LD . 'freeform:captcha' . RD) != FALSE
			);
		}

		// -------------------------------------
		//	submit
		// -------------------------------------

		//standard submits
		$variables['freeform:submit'] = form_submit('submit', lang('submit'));

		//replace submit buttons that have args
		$tagdata = $this->replace_submit(array(
			'tag'		=> 'freeform:submit',
			'pre_args'	=> array(
				'name' => 'submit',
				'value' => lang('submit')
			),
			'tagdata'	=> $tagdata
		));

		// -------------------------------------
		//	other random vars
		// -------------------------------------

		$variables['freeform:submit_previous']	= '';
		$variables['freeform:duplicate']		= $duplicate;
		$variables['freeform:not_duplicate']	= ! $duplicate;
		$variables['freeform:form_label']		= $form_data['form_label'];
		$variables['freeform:form_description']	= $form_data['form_description'];
		$variables['freeform:last_page']		= $last_page;
		$variables['freeform:current_page']		= $current_page;

		

		// -------------------------------------
		//	display fields
		// -------------------------------------

		$field_error_data	= array();
		$general_error_data	= array();
		$field_input_data	= array();

		// -------------------------------------
		//	inline errors?
		// -------------------------------------

		if ($this->params['inline_errors'] AND
			$this->is_positive_intlike(
				ee()->session->flashdata('freeform_errors')
			)
		)
		{
			ee()->load->model('freeform_param_model');

			$error_query = ee()->freeform_param_model->get_row(
				ee()->session->flashdata('freeform_errors')
			);

			if ($error_query !== FALSE)
			{
				$potential_error_data = json_decode($error_query['data'], TRUE);

				//specific field errors
				if (isset($potential_error_data['field_errors']))
				{
					$field_error_data = $potential_error_data['field_errors'];
				}

				//errors that aren't field based
				if (isset($potential_error_data['general_errors']))
				{
					$general_error_data = $potential_error_data['general_errors'];
				}

				//gets inputs for repopulation
				if (isset($potential_error_data['inputs']))
				{
					$field_input_data = $potential_error_data['inputs'];
				}

				//restore recipient_emails
				if (! empty($potential_error_data['stored_data']['recipient_emails']))
				{
					$previous_inputs['hash_stored_data']['recipient_emails'] =
						$potential_error_data['stored_data']['recipient_emails'];
				}

				//restore user_recipient_emails
				if (! empty($potential_error_data['stored_data']['user_recipient_emails']))
				{
					$previous_inputs['hash_stored_data']['user_recipient_emails'] =
						$potential_error_data['stored_data']['user_recipient_emails'];
				}
			}
		}
		//END if ($this->params['inline_errors']

		// -------------------------------------
		//	build field variables
		// -------------------------------------

		foreach ($form_data['fields'] as $field_id => $field_data)
		{
			// -------------------------------------
			//	label?
			// -------------------------------------

			$error = '';

			if (isset($field_error_data[$field_data['field_name']]))
			{
				$error = is_array($field_error_data[$field_data['field_name']]) ?
							implode(', ', $field_error_data[$field_data['field_name']]) :
							$field_error_data[$field_data['field_name']];
			}

			// -------------------------------------
			//	variables for later parsing
			// -------------------------------------

			$variables['freeform:error:' . $field_data['field_name']] = $error;

			$variables['freeform:label:' . $field_data['field_name']] = $field_data['field_label'];
			$variables['freeform:description:' . $field_data['field_name']] = $field_data['field_description'];

			// -------------------------------------
			//	values?
			// -------------------------------------

			$col_name = ee()->freeform_form_model->form_field_prefix . $field_id;

			// -------------------------------------
			//	multipage previous inputs?
			// -------------------------------------

			$possible = (
				isset($previous_inputs[$col_name]) ?
					$previous_inputs[$col_name] :
					(
						isset($previous_inputs[$field_data['field_name']]) ?
							$previous_inputs[$field_data['field_name']] :
							''
					)
			);

			$possible = $this->prep_multi_item_data($possible, $field_data['field_type']);

			$variables['freeform:mp_data:' . $field_data['field_name']] = $possible;

			

		}
		//END foreach ($form_data['fields'] as $field_id => $field_data)

		// -------------------------------------
		//	This is done after edit data in
		//	cause they edited data, but had an error
		//	in their edits and we are now in
		//	inline error mode
		// -------------------------------------

		if ( ! empty($edit_data))
		{
			$field_input_data = array_merge($edit_data, $field_input_data);
		}
		else if ( ! empty($previous_inputs))
		{
			$field_input_data = array_merge($previous_inputs, $field_input_data);
		}

		// -------------------------------------
		//	recipient emails from multipage?
		// -------------------------------------

		$variables['freeform:mp_data:user_recipient_emails'] = '';

		if (isset($previous_inputs['hash_stored_data']['user_recipient_emails']) AND
			is_array($previous_inputs['hash_stored_data']['user_recipient_emails']))
		{
			$variables['freeform:mp_data:user_recipient_emails'] = implode(
				', ',
				$previous_inputs['hash_stored_data']['user_recipient_emails']
			);
		}

		// -------------------------------------
		//	freeform:all_form_fields
		// -------------------------------------

		$tagdata = $this->replace_all_form_fields(
			$tagdata,
			$form_data['fields'],
			$form_data['field_order'],
			$field_input_data
		);

		// -------------------------------------
		//	general errors
		// -------------------------------------

		if ( ! empty($general_error_data))
		{
			//the error array might have sub arrays
			//so we need to flatten
			$_general_error_data = array();

			foreach ($general_error_data as $error_set => $error_data)
			{
				if (is_array($error_data))
				{
					foreach ($error_data as $sub_key => $sub_error)
					{
						$_general_error_data[] = array(
							'freeform:error_message' => $sub_error
						);
					}
				}
				else
				{
					$_general_error_data[] = array(
						'freeform:error_message' => $error_data
					);
				}
			}

			$general_error_data = $_general_error_data;
		}

		$variables['freeform:general_errors']	= $general_error_data;
		$variables['freeform:field_errors']		= ! empty($field_error_data);

		//have to do this so the conditional will work,
		//seems that parse variables doesn't think a non-empty array = YES
		$tagdata = ee()->functions->prep_conditionals(
			$tagdata,
			array(
				'freeform:general_errors'	=> ! empty($general_error_data),
				'freeform:field_errors'		=> ! empty($field_error_data)
			)
		);

		// -------------------------------------
		//	apply replace tag to our field data
		// -------------------------------------

		$field_parse = ee()->freeform_fields->apply_field_method(array(
			'method'			=> 'display_field',
			'form_id'			=> $form_id,
			'entry_id'			=> $entry_id,
			'form_data'			=> $form_data,
			'field_input_data'	=> $field_input_data,
			'tagdata'			=> $tagdata
		));

		$this->multipart 	= $field_parse['multipart'];
		$variables 			= array_merge($variables, $field_parse['variables']);
		$tagdata 			= $field_parse['tagdata'];

		// -------------------------------------
		//	dynamic recipient list
		// -------------------------------------

		$this->params['recipients']		= (
			! in_array(ee()->TMPL->fetch_param('recipients'), array(FALSE, ''))
		);

		//preload list with usable info if so
		$this->params['recipients_list'] = array();

		if ( $this->params['recipients'] )
		{
			$i				= 1;
			$while_limit	= 1000;
			$counter		= 0;

			while ( ! in_array(ee()->TMPL->fetch_param('recipient' . $i), array(FALSE, '')) )
			{
				$recipient = explode('|', ee()->TMPL->fetch_param('recipient' . $i));

				//has a name?
				if ( count($recipient) > 1)
				{
					$recipient_name		= trim($recipient[0]);
					$recipient_email	= trim($recipient[1]);
				}
				//no name, we assume its just an email
				//(though, this makes little sense, it needs a name to be useful)
				else
				{
					$recipient_name		= '';
					$recipient_email	= trim($recipient[0]);
				}

				$recipient_selected = FALSE;

				if (isset($previous_inputs['hash_stored_data']['recipient_emails']) AND
					is_array($previous_inputs['hash_stored_data']['recipient_emails']))
				{
					$recipient_selected = in_array(
						$recipient_email,
						$previous_inputs['hash_stored_data']['recipient_emails']
					);
				}

				//add to list
				$this->params['recipients_list'][$i] = array(
					'name'		=> $recipient_name,
					'email'		=> $recipient_email,
									//because this wasn't being unique enough
									//on stupid windows servers *sigh*
					'key'		=> uniqid('', true),
					'selected'	=> $recipient_selected
				);

				$i++;

				//In case fetch_param ever defaults to something
				//thats not falsy.
				if (++$counter >= $while_limit)
				{
					break;
				}
			}

			//if we end up with nothing, then lets not attempt later
			if (empty($this->params['recipients_list']))
			{
				$this->params['recipients'] = FALSE;
			}
		}

		//	----------------------------------------
		//	parse {freeform:captcha}
		//	----------------------------------------

		$variables['freeform:captcha'] = FALSE;

		if ($this->params['require_captcha'])
		{
			$variables['freeform:captcha'] = ee()->functions->create_captcha();

			// -------------------------------------
			//	IF there is no captcha present
			//	in this tagdata, we don't want
			//	to require people to input it.
			//	Thats asking for errors.
			//	Usually this occurs when someone is
			//	trying to force captcha but the
			//	member is logged in and EE wont
			//	output captcha for members unless
			//	captcha_require_members is enabled.
			// -------------------------------------

			if (stristr($tagdata, LD . 'freeform:captcha' . RD) == FALSE OR
				empty($variables['freeform:captcha']))
			{
				$this->params['require_captcha'] = FALSE;
			}
		}

		// -------------------------------------
		//	dynamic recipient tagdata
		// -------------------------------------

		if ( $this->params['recipients'] AND
			count($this->params['recipients_list']) > 0)
		{
			$variables['freeform_recipients'] = array();

			$recipient_list 	= $this->params['recipients_list'];

			//dynamic above starts with 1, so does this
			for ( $i = 1, $l = count($recipient_list); $i <= $l; $i++ )
			{
				$variables['freeform:recipient_name' . $i] = $recipient_list[$i]['name'];
				$variables['freeform:recipient_value' . $i] = $recipient_list[$i]['key'];
				$variables['freeform:recipient_selected' . $i] = $recipient_list[$i]['selected'];

				$variables['freeform:recipients'][] = array(
					'freeform:recipient_name' 		=> $recipient_list[$i]['name'],
					'freeform:recipient_value'		=> $recipient_list[$i]['key'],
					'freeform:recipient_count'		=> $i,
					//selected from hash data from multipages
					'freeform:recipient_selected' 	=> $recipient_list[$i]['selected']
				);
			}
		}

		// -------------------------------------
		//	status pairs
		// -------------------------------------

		$tagdata = $this->parse_status_tags($tagdata);

		//	----------------------------------------
		//	'freeform_module_pre_form_parse' hook.
		//	 - This allows developers to change data before tagdata processing.
		//	----------------------------------------

		$this->variables = $variables;

		if (ee()->extensions->active_hook('freeform_module_pre_form_parse') === TRUE)
		{
			$backup_tagdata = $tagdata;

			$tagdata = ee()->extensions->universal_call(
				'freeform_module_pre_form_parse',
				$tagdata,
				$this
			);

			if (ee()->extensions->end_script === TRUE) return;

						//valid data?
			if ( (! is_string($tagdata) OR empty($tagdata)) AND
				 $this->check_yes($this->preference('hook_data_protection')))
			{
				$tagdata = $backup_tagdata;
			}
		}
		//	----------------------------------------

		//extra precaution in case someone hoses this
		if (isset($this->variables) AND is_array($this->variables))
		{
			$variables = $this->variables;
		}

		// -------------------------------------
		//	parse external vars
		// -------------------------------------

		$outer_template_vars['freeform:form_id']			= $form_id;
		$outer_template_vars['freeform:form_page']			= $current_page;
		$outer_template_vars['freeform:form_page_total']	= $page_total;
		$outer_template_vars['freeform:form_name']			= $form_data['form_name'];
		$outer_template_vars['freeform:form_label']			= $form_data['form_label'];

		ee()->TMPL->template = ee()->functions->prep_conditionals(
			ee()->TMPL->template,
			$outer_template_vars
		);

		ee()->TMPL->template = ee()->functions->var_swap(
			ee()->TMPL->template,
			$outer_template_vars
		);

		// -------------------------------------
		//	parse all vars
		// -------------------------------------

		$tagdata = ee()->TMPL->parse_variables(
			$tagdata,
			array(array_merge($outer_template_vars,$variables))
		);

		// -------------------------------------
		//	This doesn't force an ajax request
		//	but instead forces it _not_ to be
		//	if the ajax param = 'no'.
		//	$this->params['ajax'] defaults to
		//	boolean true, so this will only
		//	happen if someone adds ajax="no".
		// -------------------------------------

		if ( ! $this->params['ajax'])
		{
			$hidden_fields['ajax_request'] = 'no';
		}

		//-------------------------------------
		//	build form
		//-------------------------------------

		$return .= $this->build_form(array(
			'action'			=> $this->get_action_url('save_form'),
			'method'			=> 'post',
			'hidden_fields'		=> array_merge($hidden_fields, array(
				// 	no more params can be set after this
				'params_id' => $this->insert_params(),
			)),
			'tagdata'			=> $tagdata
		));

		//	----------------------------------------
		//	'freeform_module_form_end' hook.
		//	 - This allows developers to change the form before output.
		//	----------------------------------------

		if (ee()->extensions->active_hook('freeform_module_form_end') === TRUE)
		{
			$backup_return = $return;

			$return = ee()->extensions->universal_call(
				'freeform_module_form_end',
				$return,
				$this
			);

			if (ee()->extensions->end_script === TRUE) return;

			//valid data?
			if ( (! is_string($return) OR empty($return)) AND
				 $this->check_yes($this->preference('hook_data_protection')))
			{
				$return = $backup_return;
			}
		}
		//	----------------------------------------

		return $return;
	}
	//END form


	// -------------------------------------
	//	action requests
	// -------------------------------------


	// --------------------------------------------------------------------

	/**
	 * ajax_validate
	 *
	 * does a save form that stops after validation
	 *
	 * @access	public
	 * @return	mixed 	ajax request
	 */

	public function ajax_validate_form()
	{
		return $this->save_form(TRUE);
	}
	//END ajax_validate


	// --------------------------------------------------------------------

	/**
	 * save_form
	 *
	 * form save from front_end/action request
	 *
	 * @access	public
	 * @param 	bool validate only
	 * @return	null
	 */

	public function save_form($validate_only = FALSE)
	{
		if ( ! $validate_only AND REQ !== 'ACTION' AND ! $this->test_mode)
		{
			return;
		}

		ee()->load->library('freeform_forms');
		ee()->load->library('freeform_fields');
		ee()->load->model('freeform_form_model');

		if (ee()->input->get_post('params_id') === FALSE)
		{
			return $this->pre_validation_error(
				lang('missing_post_data') . ' - params_id'
			);
		}

		// -------------------------------------
		//	require logged in?
		// -------------------------------------

		if ($this->param('require_logged_in') AND
			ee()->session->userdata['member_id'] == '0')
		{
			return $this->pre_validation_error(
				lang('not_authorized') . ' - ' .
				lang('not_logged_in')
			);
		}

		// -------------------------------------
		//	blacklist, banned
		// -------------------------------------

		if (ee()->session->userdata['is_banned'] OR (
				$this->check_yes(ee()->blacklist->blacklisted) AND
				$this->check_no(ee()->blacklist->whitelisted)
			)
		)
		{
			return $this->pre_validation_error(
				lang('not_authorized') . ' - ' .
				lang('reason_banned')
			);
		}

		// -------------------------------------
		//	require ip? (except admin)
		// -------------------------------------

		if ($this->param('require_ip'))
		{
			if (ee()->input->ip_address() == '0.0.0.0')
			{
				return $this->pre_validation_error(
					lang('not_authorized') . ' - ' .
					lang('reason_ip_required')
				);
			}
		}

		// -------------------------------------
		//	Is the nation of the user banned?
		// -------------------------------------

		if ($this->nation_ban_check(FALSE))
		{
			return $this->pre_validation_error(
				lang('not_authorized') . ' - ' .
				ee()->config->item('ban_message')
			);
		}

		

		// -------------------------------------
		//	valid form id
		// -------------------------------------

		$form_id = $this->form_id(FALSE, FALSE);

		if ( ! $form_id)
		{
			return $this->pre_validation_error(lang('invalid_form_id'));
		}

		// -------------------------------------
		//	is this an edit? entry_id
		// -------------------------------------

		$entry_id 		= $this->entry_id();

		$edit			= $this->is_positive_intlike($entry_id);

		// -------------------------------------
		//	for multipage check later
		// -------------------------------------

		$multipage			= $this->param('multipage');
		$current_page		= $this->param('current_page');
		$last_page			= $this->param('last_page');
		$previous_inputs	= array();

		

		// -------------------------------------
		//	form data
		// -------------------------------------

		$this->form_data = $form_data = $this->data->get_form_info($form_id);
		$field_labels		= array();
		$valid_fields		= array();
		$column_names		= array();

		foreach ( $form_data['fields'] as $row)
		{
			$field_labels[$row['field_name']] 	= $row['field_label'];
			$valid_fields[] 					= $row['field_name'];
			//fill previous inputs names correctly

			$column_name = 'form_field_' . $row['field_id'];

			if (isset($previous_inputs[$column_name]))
			{
				$previous_inputs[$row['field_name']] = $previous_inputs[$column_name];
			}

			$column_names[$row['field_name']] = $column_name;
		}

		// -------------------------------------
		//	for hooks
		// -------------------------------------

		$this->edit			= $edit;
		$this->multipage	= $multipage;
		$this->last_page	= $last_page;

		// -------------------------------------
		//	user email max/spam count
		// -------------------------------------

		ee()->load->library('freeform_notifications');

		if ($last_page AND ($this->param('recipient_user_input') OR
			 $this->param('recipients')) AND
			 ee()->freeform_notifications->check_spam_interval($form_id)
		)
		{
			return $this->pre_validation_error(
				lang('not_authorized') . ' - ' .
				lang('email_limit_exceeded')
			);
		}

		// -------------------------------------
		//	Check for duplicate
		// -------------------------------------

		$duplicate = FALSE;

		if ($this->param('prevent_duplicate_on'))
		{
			$duplicate = ee()->freeform_forms->check_duplicate(
				$form_id,
				$this->param('prevent_duplicate_on'),
				ee()->input->get_post(
					$this->param('prevent_duplicate_on'),
					TRUE
				),
				$this->param('prevent_duplicate_per_site')
			);
		}

		if ($duplicate)
		{
			return $this->pre_validation_error(lang('no_duplicates'));
		}

		// -------------------------------------
		//	pre xid check
		// -------------------------------------
		// 	we aren't going to delete just yet
		// 	because if they have input errors
		// 	then we want to keep this xid for a bit
		// 	and only delete xid on success
		// -------------------------------------
		// 	EE 2.7+ does this automatically for
		// 	all POSTS front end and back now
		// 	so this is going to cause errors
		// 	if we check it there.
		// -------------------------------------

		if (version_compare($this->ee_version, '2.7.0', '<') &&
			! ee()->security->check_xid(ee()->input->post('XID')))
		{
			return $this->pre_validation_error(
				lang('not_authorized') . ' - ' .
				lang('reason_secure_form_timeout')
			);
		}

		// -------------------------------------
		//	pre-validate hook
		// -------------------------------------

		$errors				= array();
		//have to do this weird for backward compat
		$this->field_errors = array();

		if (ee()->extensions->active_hook('freeform_module_validate_begin') === TRUE)
		{
			$backup_errors = $errors;

			$errors = ee()->extensions->universal_call(
				'freeform_module_validate_begin',
				$errors,
				$this
			);

			if (ee()->extensions->end_script === TRUE) return;

			//valid data?
			if ( ! is_array($errors) AND
				 $this->check_yes($this->preference('hook_data_protection')))
			{
				$errors = $backup_errors;
			}
		}

		// -------------------------------------
		//	require fields
		// -------------------------------------

		if ($this->param('required'))
		{
			$required = $this->actions()->pipe_split($this->param('required'));

			foreach ($required as $required_field)
			{
				//require need to work for recipients and recipient email user
				$valid_require = array_merge(
					$valid_fields,
					array('recipient_email_user', 'recipient_email')
				);

				$require_labels = $field_labels;
				$require_labels['recipient_email_user']	= lang('user_recipients');
				$require_labels['recipient_email']		= lang('dynamic_recipients');

				//just in case someone misspelled a require
				//or removes a field after making the require list
				if ( ! in_array($required_field, $valid_require))
				{
					continue;
				}

				$gp_value = ee()->input->get_post($required_field);

				if ( (
						//empty array
						(is_array($gp_value) AND count($gp_value) < 1) OR
						//empty …