/manage/expressionengine/third_party/freeform/mod.freeform.php
PHP | 4705 lines | 2723 code | 857 blank | 1125 comment | 347 complexity | 6423456dbd1584effeec738124ef821f MD5 | raw file
Possible License(s): LGPL-2.1, MPL-2.0-no-copyleft-exception
Large files files are truncated, but you can click here to view the full file
- <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
- /**
- * Freeform - User Side
- *
- * @package Solspace:Freeform
- * @author Solspace, Inc.
- * @copyright Copyright (c) 2008-2015, Solspace, Inc.
- * @link http://solspace.com/docs/freeform
- * @license http://www.solspace.com/license_agreement
- * @version 4.2.3
- * @filesource freeform/mod.freeform.php
- */
- if ( ! class_exists('Module_builder_freeform'))
- {
- require_once 'addon_builder/module_builder.php';
- }
- class Freeform extends Module_builder_freeform
- {
- /**
- * return data for when the constructor os only called
- * unused thusfar in this addon.
- * @var string
- */
- public $return_data = '';
- /**
- * Multipart form?
- * @var boolean
- * @see form
- */
- public $multipart = FALSE;
- /**
- * Params array storage for param
- * @var array
- * @see param
- */
- public $params = array();
- /**
- * params id for param fetch
- * @var integer
- * @see form
- * @see insert_params
- */
- public $params_id = 0;
- /**
- * Form ID storage
- * @var integer
- * @see form_id
- */
- public $form_id = 0;
- /**
- * Test Mode?
- *
- * @var boolean
- * @see do_exist
- */
- public $test_mode = FALSE;
- /**
- * Default Multipage Marker
- *
- * @var string
- * @see form
- * @see set_form_params
- */
- public $default_mp_page_marker = 'page';
- /**
- * Multipage Page Array
- *
- * @var array
- * @see get_mp_page_array
- */
- public $mp_page_array;
- /**
- * Prevents rerunning of set_form_params
- * @var boolean
- * @see set_form_params
- */
- public $params_ran = FALSE;
- /**
- * Form Data
- * @var array
- */
- public $form_data;
- /**
- * Params With Defaults
- * @var array
- * @see get_default_params
- */
- public $params_with_defaults;
- // --------------------------------------------------------------------
- /**
- * Constructor
- *
- * @access public
- * @return null
- */
- public function __construct ()
- {
- parent::__construct();
- // -------------------------------------
- // Module Installed and Up to Date?
- // -------------------------------------
- ee()->load->helper(array('text', 'form', 'url', 'string'));
- //avoids AR collisions
- $this->data->get_module_preferences();
- $this->data->get_global_module_preferences();
- $this->data->show_all_sites();
- }
- // END __construct()
- // --------------------------------------------------------------------
- /**
- * Form Info
- *
- * @access public
- * @return string parsed tagdata
- */
- public function form_info()
- {
- $form_ids = $this->form_id(TRUE, FALSE);
- ee()->load->model('freeform_form_model');
- if ($form_ids)
- {
- ee()->freeform_form_model->where_in('form_id', $form_ids);
- }
- // -------------------------------------
- // site ids
- // -------------------------------------
- //if its star, allow all
- if (ee()->TMPL->fetch_param('site_id') !== '*')
- {
- $site_id = $this->parse_numeric_array_param('site_id');
- //if this isn't false, its single or an array
- if ($site_id !== FALSE)
- {
- //no ids? exit
- if (empty($site_id['ids']))
- {
- ee()->freeform_form_model->reset();
- return $this->no_results_error();
- }
- //e.g. site_id="not 1"
- else if ($site_id['not'])
- {
- ee()->freeform_form_model->where_not_in(
- 'site_id',
- $site_id['ids']
- );
- }
- else
- {
- ee()->freeform_form_model->where_in(
- 'site_id',
- $site_id['ids']
- );
- }
- }
- //default
- else
- {
- ee()->freeform_form_model->where(
- 'site_id',
- ee()->config->item('site_id')
- );
- }
- }
- // -------------------------------------
- // form data
- // -------------------------------------
- $form_data = ee()->freeform_form_model
- ->select(
- 'form_id, site_id, ' .
- 'form_name, form_label, ' .
- 'form_description, author_id, ' .
- 'entry_date, edit_date'
- )
- ->order_by('form_id', 'asc')
- ->get();
- if ( ! $form_data)
- {
- return $this->no_results_error(($form_ids) ?
- 'invalid_form_id' :
- NULL
- );
- }
- // -------------------------------------
- // author data
- // -------------------------------------
- $author_ids = array();
- $author_data = array();
- foreach ($form_data as $row)
- {
- $author_ids[] = $row['author_id'];
- }
- $a_query = ee()->db->select('member_id, username, screen_name')
- ->from('members')
- ->where_in('member_id', array_unique($author_ids))
- ->get();
- if ($a_query->num_rows() > 0)
- {
- $author_data = $this->prepare_keyed_result(
- $a_query,
- 'member_id'
- );
- }
- // -------------------------------------
- // output
- // -------------------------------------
- $variables = array();
- ee()->load->model('freeform_entry_model');
- foreach ($form_data as $row)
- {
- $new_row = array();
- //prefix everything
- foreach ($row as $key => $value)
- {
- $new_row['freeform:' . $key] = $value;
- }
- //we are only counting completed entries
- $new_row['freeform:total_entries'] = ee()->freeform_entry_model
- ->id($row['form_id'])
- ->where('complete', 'y')
- ->count();
- $new_row['freeform:author'] = (
- isset($author_data[$row['author_id']]) ?
- (
- isset($author_data[$row['author_id']]['screen_name']) ?
- $author_data[$row['author_id']]['screen_name'] :
- $author_data[$row['author_id']]['username']
- ) :
- lang('n_a')
- );
- $variables[] = $new_row;
- }
- $prefixed_tags = array(
- 'count',
- 'switch',
- 'total_results'
- );
- $tagdata = ee()->TMPL->tagdata;
- $tagdata = $this->tag_prefix_replace(
- 'freeform:',
- $prefixed_tags,
- $tagdata
- );
- //this should handle backspacing as well
- $tagdata = ee()->TMPL->parse_variables($tagdata, $variables);
- $tagdata = $this->tag_prefix_replace(
- 'freeform:',
- $prefixed_tags,
- $tagdata,
- TRUE
- );
- return $tagdata;
- }
- //END form_info
- // --------------------------------------------------------------------
- /**
- * Freeform:Entries
- * {exp:freeform:entries}
- *
- * @access public
- * @return string tagdata
- */
- public function entries()
- {
- // -------------------------------------
- // form id
- // -------------------------------------
- $form_ids = $this->form_id(TRUE, FALSE);
- if ( ! $form_ids)
- {
- return $this->no_results_error('invalid_form_id');
- }
- if ( ! is_array($form_ids))
- {
- $form_ids = array($form_ids);
- }
- // -------------------------------------
- // libs, models, helper
- // -------------------------------------
- ee()->load->model('freeform_form_model');
- ee()->load->model('freeform_entry_model');
- ee()->load->model('freeform_field_model');
- ee()->load->model('freeform_file_upload_model');
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- // -------------------------------------
- // start cache for count and result
- // -------------------------------------
- $forms_data = ee()->freeform_form_model
- ->key('form_id')
- ->get(array('form_id' => $form_ids));
- $statuses = array_keys($this->data->get_form_statuses());
- // -------------------------------------
- // field order ids
- // -------------------------------------
- $all_field_ids = array();
- $all_order_ids = array();
- foreach ($forms_data as $form_data)
- {
- //this should always be true, but NEVER TRUST AN ELF
- if (isset($form_data['field_ids']) AND
- is_array($form_data['field_ids']))
- {
- $all_field_ids = array_merge(
- $all_field_ids,
- $form_data['field_ids']
- );
- $all_order_ids = array_merge(
- $all_order_ids,
- $this->actions()->pipe_split($form_data['field_order'])
- );
- }
- }
- $all_field_ids = array_unique($all_field_ids);
- $all_order_ids = array_unique($all_order_ids);
- sort($all_field_ids);
- // -------------------------------------
- // get field data
- // -------------------------------------
- $all_field_data = FALSE;
- if ( ! empty($all_field_ids))
- {
- $all_field_data = ee()->freeform_field_model
- ->key('field_id')
- ->where_in('field_id', $all_field_ids)
- ->get();
- }
- $field_data = array();
- if ($all_field_data)
- {
- foreach ($all_field_data as $row)
- {
- $field_data[$row['field_id']] = $row;
- }
- }
- // -------------------------------------
- // set tables
- // -------------------------------------
- ee()->freeform_entry_model->id($form_ids);
- // -------------------------------------
- // replace CURRENT_USER before we get
- // started because the minute we don't
- // someone is going to figure out
- // a way to need it in site_id=""
- // -------------------------------------
- $this->replace_current_user();
- // -------------------------------------
- // site ids
- // -------------------------------------
- //if its star, allow all
- if (ee()->TMPL->fetch_param('site_id') !== '*')
- {
- $site_id = $this->parse_numeric_array_param('site_id');
- //if this isn't false, its single or an array
- if ($site_id !== FALSE)
- {
- if (empty($site_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($site_id['not'])
- {
- ee()->freeform_entry_model->where_not_in(
- 'site_id',
- $site_id['ids']
- );
- }
- else
- {
- ee()->freeform_entry_model->where_in(
- 'site_id',
- $site_id['ids']
- );
- }
- }
- //default
- else
- {
- ee()->freeform_entry_model->where(
- 'site_id',
- ee()->config->item('site_id')
- );
- }
- }
- // -------------------------------------
- // entry ids
- // -------------------------------------
- $entry_id = $this->parse_numeric_array_param('entry_id');
- if ($entry_id !== FALSE)
- {
- if (empty($entry_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($entry_id['not'])
- {
- ee()->freeform_entry_model->where_not_in(
- 'entry_id',
- $entry_id['ids']
- );
- }
- else
- {
- ee()->freeform_entry_model->where_in(
- 'entry_id',
- $entry_id['ids']
- );
- }
- }
- // -------------------------------------
- // author ids
- // -------------------------------------
- $author_id = $this->parse_numeric_array_param('author_id');
- if ($author_id !== FALSE)
- {
- if (empty($author_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($author_id['not'])
- {
- ee()->freeform_entry_model->where_not_in(
- 'author_id',
- $author_id['ids']
- );
- }
- else
- {
- ee()->freeform_entry_model->where_in(
- 'author_id',
- $author_id['ids']
- );
- }
- }
- // -------------------------------------
- // {freeform:all_form_fields}
- // -------------------------------------
- $tagdata = $this->replace_all_form_fields(
- ee()->TMPL->tagdata,
- $field_data,
- $all_order_ids
- );
- // -------------------------------------
- // get standard columns and labels
- // -------------------------------------
- $standard_columns = array_keys(
- ee()->freeform_form_model->default_form_table_columns
- );
- $standard_columns[] = 'author';
- $column_labels = array();
- //keyed labels for the front end
- foreach ($standard_columns as $column_name)
- {
- $column_labels[$column_name] = lang($column_name);
- }
- // -------------------------------------
- // available fields
- // -------------------------------------
- //this makes the keys and values the same
- $available_fields = array_combine(
- $standard_columns,
- $standard_columns
- );
- $custom_fields = array();
- $field_descriptions = array();
- foreach ($field_data as $field_id => $f_data)
- {
- $fid = ee()->freeform_form_model->form_field_prefix . $field_id;
- //field_name => field_id_1, etc
- $available_fields[$f_data['field_name']] = $fid;
- //field_id_1 => field_id_1, etc
- $available_fields[$fid] = $fid;
- $custom_fields[] = $f_data['field_name'];
- //labels
- $column_labels[$f_data['field_name']] = $f_data['field_label'];
- $column_labels[$fid] = $f_data['field_label'];
- $field_descriptions[
- 'freeform:description:' . $f_data['field_name']
- ] = $f_data['field_description'];
- }
- // -------------------------------------
- // search:field_name="kittens"
- // -------------------------------------
- foreach (ee()->TMPL->tagparams as $key => $value)
- {
- if (substr($key, 0, 7) == 'search:')
- {
- $search_key = substr($key, 7);
- if (isset($available_fields[$search_key]))
- {
- ee()->freeform_entry_model->add_search(
- $available_fields[$search_key],
- $value
- );
- }
- }
- }
- // -------------------------------------
- // date range
- // -------------------------------------
- $date_range = ee()->TMPL->fetch_param('date_range');
- $date_range_start = ee()->TMPL->fetch_param('date_range_start');
- $date_range_end = ee()->TMPL->fetch_param('date_range_end');
- ee()->freeform_entry_model->date_where(
- $date_range,
- $date_range_start,
- $date_range_end
- );
- // -------------------------------------
- // complete
- // -------------------------------------
- $show_incomplete = ee()->TMPL->fetch_param('show_incomplete');
- if ($show_incomplete === 'only')
- {
- ee()->freeform_entry_model->where('complete', 'n');
- }
- //default unless show_incomplete="y"
- else if ( ! $this->check_yes($show_incomplete))
- {
- ee()->freeform_entry_model->where('complete', 'y');
- }
- // -------------------------------------
- // status
- // -------------------------------------
- $status = ee()->TMPL->fetch_param('status', 'open');
- if ($status !== 'all')
- {
- //make it an array either way
- $status = array_map('trim', $this->actions()->pipe_split($status));
- $approved = array_map('strtolower', $statuses);
- $search_status = array();
- //only keep legit ones
- foreach($status as $potential_status)
- {
- if (in_array(strtolower($potential_status), $approved))
- {
- $search_status[] = $potential_status;
- }
- }
- if ( ! empty($search_status))
- {
- ee()->freeform_entry_model->where_in(
- 'status',
- $search_status
- );
- }
- }
- // -------------------------------------
- // orderby/sort
- // -------------------------------------
- $sort = ee()->TMPL->fetch_param('sort');
- $orderby = ee()->TMPL->fetch_param('orderby');
- if ($orderby !== FALSE AND trim($orderby) !== '')
- {
- $orderby = $this->actions()->pipe_split(strtolower(trim($orderby)));
- array_walk($orderby, 'trim');
- // -------------------------------------
- // sort
- // -------------------------------------
- if ($sort !== FALSE AND trim($sort) !== '')
- {
- $sort = $this->actions()->pipe_split(strtolower(trim($sort)));
- array_walk($sort, 'trim');
- //correct sorts
- foreach ($sort as $key => $value)
- {
- if ( ! in_array($value, array('asc', 'desc')))
- {
- $sort[$key] = 'asc';
- }
- }
- }
- else
- {
- $sort = array('asc');
- }
- // -------------------------------------
- // add sorts and orderbys
- // -------------------------------------
- foreach ($orderby as $key => $value)
- {
- if ($value == 'random')
- {
- ee()->freeform_entry_model->order_by('', 'random');
- continue;
- }
- if (isset($available_fields[$value]))
- {
- //if the sort is not set, just use the first
- //really this should teach people to be more specific :p
- $temp_sort = isset($sort[$key]) ? $sort[$key] : $sort[0];
- ee()->freeform_entry_model->order_by(
- $available_fields[$value],
- $temp_sort
- );
- }
- }
- }
- //--------------------------------------
- // pagination start vars
- //--------------------------------------
- $limit = ee()->TMPL->fetch_param('limit', 50);
- $offset = ee()->TMPL->fetch_param('offset', 0);
- $row_count = 0;
- $total_entries = ee()->freeform_entry_model->count(array(), FALSE);
- $current_page = 0;
- if ($total_entries == 0)
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- // -------------------------------------
- // pagination?
- // -------------------------------------
- $prefix = stristr($tagdata, LD . 'freeform:paginate' . RD);
- if ($limit > 0 AND ($total_entries - $offset) > $limit)
- {
- //get pagination info
- $pagination_data = $this->universal_pagination(array(
- 'total_results' => $total_entries,
- 'tagdata' => $tagdata,
- 'limit' => $limit,
- 'offset' => $offset,
- 'uri_string' => ee()->uri->uri_string,
- 'prefix' => 'freeform:',
- 'auto_paginate' => TRUE
- ));
- //if we paginated, sort the data
- if ($pagination_data['paginate'] === TRUE)
- {
- $tagdata = $pagination_data['tagdata'];
- $current_page = $pagination_data['pagination_page'];
- }
- }
- else
- {
- $this->paginate = FALSE;
- }
- ee()->freeform_entry_model->limit($limit, $current_page + $offset);
- // -------------------------------------
- // get data
- // -------------------------------------
- $result_array = ee()->freeform_entry_model->get();
- if (empty($result_array))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- $output_labels = array();
- //column labels for output
- foreach ($column_labels as $key => $value)
- {
- $output_labels['freeform:label:' . $key] = $value;
- }
- $count = $row_count;
- $variable_rows = array();
- $replace_tagdata = '';
- // -------------------------------------
- // allow pre_process
- // -------------------------------------
- $entry_ids = array();
- foreach ($result_array as $row)
- {
- if ( ! isset($entry_ids[$row['form_id']]))
- {
- $entry_ids[$row['form_id']] = array();
- }
- $entry_ids[$row['form_id']][] = $row['entry_id'];
- }
- // -------------------------------------
- // preprocess items
- // -------------------------------------
- // These are separated by form id so this
- // is not iterating over each entry id
- // but rather grouped by form.
- // -------------------------------------
- foreach ($entry_ids as $f_form_id => $f_entry_ids)
- {
- ee()->freeform_fields->apply_field_method(array(
- 'method' => 'pre_process_entries',
- 'form_id' => $f_form_id,
- 'form_data' => $forms_data,
- 'entry_id' => $f_entry_ids,
- 'field_data' => $field_data
- ));
- }
- // -------------------------------------
- // output
- // -------------------------------------
- $to_prefix = array(
- 'absolute_count',
- 'absolute_results',
- 'attachment_count',
- 'author_id',
- 'author',
- 'complete',
- 'edit_date',
- 'entry_date',
- 'entry_id',
- 'form_id',
- 'form_name',
- 'ip_address',
- 'reverse_count'
- );
- $absolute_count = $current_page + $offset;
- $total_results = count($result_array);
- $count = 0;
- // -------------------------------------
- // get file attachment count for entries
- // -------------------------------------
- $att_results = ee()->freeform_file_upload_model
- ->select('form_id, entry_id, COUNT(*) as file_count')
- ->where_in('form_id', $form_ids)
- ->group_by('form_id, entry_id')
- ->get();
- $attached_counts = array();
- if ( ! empty($att_results))
- {
- foreach ($att_results as $att_row)
- {
- if ( ! isset($attached_counts[$att_row['form_id']]))
- {
- $attached_counts[$att_row['form_id']] = array();
- }
- $attached_counts[$att_row['form_id']][$att_row['entry_id']] = $att_row['file_count'];
- }
- }
- // -------------------------------------
- // build results
- // -------------------------------------
- foreach ($result_array as $row)
- {
- //apply replace tag to our field data
- $field_parse = ee()->freeform_fields->apply_field_method(array(
- 'method' => 'replace_tag',
- 'form_id' => $row['form_id'],
- 'entry_id' => $row['entry_id'],
- 'form_data' => $forms_data,
- 'field_data' => $field_data,
- 'field_input_data' => $row,
- 'tagdata' => $tagdata
- ));
- $row = array_merge(
- $output_labels,
- $field_descriptions,
- $row,
- $field_parse['variables']
- );
- $row['attachment_count'] = isset($attached_counts[$row['form_id']][$row['entry_id']]) ?
- $attached_counts[$row['form_id']][$row['entry_id']] :
- 0;
- if ($replace_tagdata == '')
- {
- $replace_tagdata = $field_parse['tagdata'];
- }
- $row['freeform:form_name'] = $forms_data[$row['form_id']]['form_name'];
- $row['freeform:form_label'] = $forms_data[$row['form_id']]['form_label'];
- //prefix
- foreach ($row as $key => $value)
- {
- if ( ! preg_match('/^freeform:/', $key))
- {
- if (in_array($key, $custom_fields) AND
- ! isset($row['freeform:field:' . $key]))
- {
- $row['freeform:field:' . $key] = $value;
- }
- else if ( ! isset($row['freeform:' . $key]))
- {
- $row['freeform:' . $key] = $value;
- }
- unset($row[$key]);
- }
- }
- // -------------------------------------
- // other counts
- // -------------------------------------
- $row['freeform:reverse_count'] = $total_results - $count++;
- $row['freeform:absolute_count'] = ++$absolute_count;
- $row['freeform:absolute_results'] = $total_entries;
- $variable_rows[] = $row;
- }
- $tagdata = $replace_tagdata;
- $prefixed_tags = array(
- 'count',
- 'switch',
- 'total_results'
- );
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
- //this should handle backspacing as well
- $tagdata = ee()->TMPL->parse_variables($tagdata, $variable_rows);
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
- // -------------------------------------
- // add pagination
- // -------------------------------------
- //prefix or no prefix?
- if ($prefix)
- {
- $tagdata = $this->parse_pagination(array(
- 'prefix' => 'freeform:',
- 'tagdata' => $tagdata
- ));
- }
- else
- {
- $tagdata = $this->parse_pagination(array(
- 'tagdata' => $tagdata
- ));
- }
- return $tagdata;
- }
- //END entries
-
- // --------------------------------------------------------------------
- /**
- * Freeform:Form
- * {exp:freeform:form}
- *
- * @access public
- * @param bool $edit edit mode? external for security
- * @param bool $preview preview mode?
- * @param mixed $preview_fields extra preview fields?
- * @return string tagdata
- */
- public function form($edit = FALSE, $preview = FALSE, $preview_fields = FALSE)
- {
- if ($this->check_yes(ee()->TMPL->fetch_param('require_logged_in')) AND
- ee()->session->userdata['member_id'] == '0')
- {
- return $this->no_results_error('not_logged_in');
- }
- // -------------------------------------
- // form id
- // -------------------------------------
- $form_id = $this->form_id(FALSE, FALSE);
- if ( ! $form_id)
- {
- return $this->no_results_error('invalid_form_id');
- }
- // -------------------------------------
- // libs, helpers, etc
- // -------------------------------------
- ee()->load->model('freeform_form_model');
- ee()->load->model('freeform_field_model');
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- ee()->load->helper('form');
- // -------------------------------------
- // build query
- // -------------------------------------
- $this->form_data = $form_data = $this->data->get_form_info($form_id);
- // -------------------------------------
- // preview fields? (composer preview)
- // -------------------------------------
- if ( ! empty($preview_fields))
- {
- ee()->load->model('freeform_field_model');
- $valid_preview_fields = ee()->freeform_field_model
- ->where_in('field_id', $preview_fields)
- ->key('field_id')
- ->get();
- if ($valid_preview_fields)
- {
- foreach ($valid_preview_fields as $p_field_id => $p_field_data)
- {
- $p_field_data['preview'] = TRUE;
- $form_data['fields'][$p_field_id] = $p_field_data;
- }
- }
- }
- // -------------------------------------
- // form data
- // -------------------------------------
- $this->params['form_id'] = $form_id;
- // -------------------------------------
- // edit?
- // -------------------------------------
- $entry_id = 0;
- $edit_data = array();
-
- $this->params['edit'] = $edit;
- $this->params['entry_id'] = $entry_id;
- // -------------------------------------
- // replace CURRENT_USER everywhere
- // -------------------------------------
- $this->replace_current_user();
- // -------------------------------------
- // default params
- // -------------------------------------
- $this->default_mp_page_marker = 'page';
- $this->set_form_params(TRUE);
- // ----------------------------------------
- // Check for duplicate
- // ----------------------------------------
- $duplicate = FALSE;
- //we can only prevent dupes on entry like this
- if ( ! $edit AND $this->params['prevent_duplicate_on'])
- {
- if ( in_array(
- $this->params['prevent_duplicate_on'],
- array('member_id', 'ip_address'),
- TRUE
- ))
- {
- $duplicate = ee()->freeform_forms->check_duplicate(
- $form_id,
- $this->params['prevent_duplicate_on'],
- '',
- $this->params['prevent_duplicate_per_site']
- );
- }
- }
- // ----------------------------------------
- // duplicate?
- // ----------------------------------------
- if ($duplicate)
- {
- if ($this->params['duplicate_redirect'] !== '')
- {
- ee()->functions->redirect(
- $this->prep_url(
- $this->params['duplicate_redirect'],
- $this->params['secure_duplicate_redirect']
- )
- );
- return $this->do_exit();
- }
- else if ($this->params['error_on_duplicate'])
- {
- return $this->no_results_error('no_duplicates');
- }
- /*else if (preg_match(
- '/' . LD . 'if freeform_duplicate' . RD . '(*?)' '/',
- ee()->TMPL->tagdata, ))
- {
- }*/
- }
- // -------------------------------------
- // check user email field
- // if this is from form prefs, its an ID
- // -------------------------------------
- $valid_user_email_field = FALSE;
- foreach ($form_data['fields'] as $field_id => $field_data)
- {
- if ($this->params['user_email_field'] == $field_data['field_name'] OR
- $this->params['user_email_field'] == $field_id)
- {
- $valid_user_email_field = TRUE;
- //in case the setting is an id
- $this->params['user_email_field'] = $field_data['field_name'];
- break;
- }
- }
- // if it doesn't exist in the form, lets blank it
- $this->params['user_email_field'] = (
- $valid_user_email_field ?
- $this->params['user_email_field'] :
- ''
- );
-
- $this->edit = $edit;
- // ----------------------------------------
- // 'freeform_module_form_begin' hook.
- // - This allows developers to change data before form processing.
- // ----------------------------------------
- if (ee()->extensions->active_hook('freeform_module_form_begin') === TRUE)
- {
- ee()->extensions->universal_call(
- 'freeform_module_form_begin',
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- }
- // ----------------------------------------
- // -------------------------------------
- // start form
- // -------------------------------------
- $tagdata = ee()->TMPL->tagdata;
- $return = '';
- $hidden_fields = array();
- $outer_template_vars = array();
- $variables = array();
- $page_total = 1;
- $current_page = 0;
- $last_page = TRUE;
- $multipage = $this->params['multipage'];
- // -------------------------------------
- // check if this is multi-page
- // -------------------------------------
-
- $current_page = 1;
-
- // -------------------------------------
- // set for hooks
- // -------------------------------------
- $this->multipage = $multipage;
- $this->last_page = $last_page;
- // -------------------------------------
- // check again for captcha now that
- // tagdata has been adjusted
- // -------------------------------------
- if ($this->params['require_captcha'])
- {
- $this->params['require_captcha'] = (
- $this->require_captcha() &&
- stristr($tagdata, LD . 'freeform:captcha' . RD) != FALSE
- );
- }
- // -------------------------------------
- // submit
- // -------------------------------------
- //standard submits
- $variables['freeform:submit'] = form_submit('submit', lang('submit'));
- //replace submit buttons that have args
- $tagdata = $this->replace_submit(array(
- 'tag' => 'freeform:submit',
- 'pre_args' => array(
- 'name' => 'submit',
- 'value' => lang('submit')
- ),
- 'tagdata' => $tagdata
- ));
- // -------------------------------------
- // other random vars
- // -------------------------------------
- $variables['freeform:submit_previous'] = '';
- $variables['freeform:duplicate'] = $duplicate;
- $variables['freeform:not_duplicate'] = ! $duplicate;
- $variables['freeform:form_label'] = $form_data['form_label'];
- $variables['freeform:form_description'] = $form_data['form_description'];
- $variables['freeform:last_page'] = $last_page;
- $variables['freeform:current_page'] = $current_page;
-
- // -------------------------------------
- // display fields
- // -------------------------------------
- $field_error_data = array();
- $general_error_data = array();
- $field_input_data = array();
- // -------------------------------------
- // inline errors?
- // -------------------------------------
- if ($this->params['inline_errors'] AND
- $this->is_positive_intlike(
- ee()->session->flashdata('freeform_errors')
- )
- )
- {
- ee()->load->model('freeform_param_model');
- $error_query = ee()->freeform_param_model->get_row(
- ee()->session->flashdata('freeform_errors')
- );
- if ($error_query !== FALSE)
- {
- $potential_error_data = json_decode($error_query['data'], TRUE);
- //specific field errors
- if (isset($potential_error_data['field_errors']))
- {
- $field_error_data = $potential_error_data['field_errors'];
- }
- //errors that aren't field based
- if (isset($potential_error_data['general_errors']))
- {
- $general_error_data = $potential_error_data['general_errors'];
- }
- //gets inputs for repopulation
- if (isset($potential_error_data['inputs']))
- {
- $field_input_data = $potential_error_data['inputs'];
- }
- //restore recipient_emails
- if (! empty($potential_error_data['stored_data']['recipient_emails']))
- {
- $previous_inputs['hash_stored_data']['recipient_emails'] =
- $potential_error_data['stored_data']['recipient_emails'];
- }
- //restore user_recipient_emails
- if (! empty($potential_error_data['stored_data']['user_recipient_emails']))
- {
- $previous_inputs['hash_stored_data']['user_recipient_emails'] =
- $potential_error_data['stored_data']['user_recipient_emails'];
- }
- }
- }
- //END if ($this->params['inline_errors']
- // -------------------------------------
- // build field variables
- // -------------------------------------
- foreach ($form_data['fields'] as $field_id => $field_data)
- {
- // -------------------------------------
- // label?
- // -------------------------------------
- $error = '';
- if (isset($field_error_data[$field_data['field_name']]))
- {
- $error = is_array($field_error_data[$field_data['field_name']]) ?
- implode(', ', $field_error_data[$field_data['field_name']]) :
- $field_error_data[$field_data['field_name']];
- }
- // -------------------------------------
- // variables for later parsing
- // -------------------------------------
- $variables['freeform:error:' . $field_data['field_name']] = $error;
- $variables['freeform:label:' . $field_data['field_name']] = $field_data['field_label'];
- $variables['freeform:description:' . $field_data['field_name']] = $field_data['field_description'];
- // -------------------------------------
- // values?
- // -------------------------------------
- $col_name = ee()->freeform_form_model->form_field_prefix . $field_id;
- // -------------------------------------
- // multipage previous inputs?
- // -------------------------------------
- $possible = (
- isset($previous_inputs[$col_name]) ?
- $previous_inputs[$col_name] :
- (
- isset($previous_inputs[$field_data['field_name']]) ?
- $previous_inputs[$field_data['field_name']] :
- ''
- )
- );
- $possible = $this->prep_multi_item_data($possible, $field_data['field_type']);
- $variables['freeform:mp_data:' . $field_data['field_name']] = $possible;
-
- }
- //END foreach ($form_data['fields'] as $field_id => $field_data)
- // -------------------------------------
- // This is done after edit data in
- // cause they edited data, but had an error
- // in their edits and we are now in
- // inline error mode
- // -------------------------------------
- if ( ! empty($edit_data))
- {
- $field_input_data = array_merge($edit_data, $field_input_data);
- }
- else if ( ! empty($previous_inputs))
- {
- $field_input_data = array_merge($previous_inputs, $field_input_data);
- }
- // -------------------------------------
- // recipient emails from multipage?
- // -------------------------------------
- $variables['freeform:mp_data:user_recipient_emails'] = '';
- if (isset($previous_inputs['hash_stored_data']['user_recipient_emails']) AND
- is_array($previous_inputs['hash_stored_data']['user_recipient_emails']))
- {
- $variables['freeform:mp_data:user_recipient_emails'] = implode(
- ', ',
- $previous_inputs['hash_stored_data']['user_recipient_emails']
- );
- }
- // -------------------------------------
- // freeform:all_form_fields
- // -------------------------------------
- $tagdata = $this->replace_all_form_fields(
- $tagdata,
- $form_data['fields'],
- $form_data['field_order'],
- $field_input_data
- );
- // -------------------------------------
- // general errors
- // -------------------------------------
- if ( ! empty($general_error_data))
- {
- //the error array might have sub arrays
- //so we need to flatten
- $_general_error_data = array();
- foreach ($general_error_data as $error_set => $error_data)
- {
- if (is_array($error_data))
- {
- foreach ($error_data as $sub_key => $sub_error)
- {
- $_general_error_data[] = array(
- 'freeform:error_message' => $sub_error
- );
- }
- }
- else
- {
- $_general_error_data[] = array(
- 'freeform:error_message' => $error_data
- );
- }
- }
- $general_error_data = $_general_error_data;
- }
- $variables['freeform:general_errors'] = $general_error_data;
- $variables['freeform:field_errors'] = ! empty($field_error_data);
- //have to do this so the conditional will work,
- //seems that parse variables doesn't think a non-empty array = YES
- $tagdata = ee()->functions->prep_conditionals(
- $tagdata,
- array(
- 'freeform:general_errors' => ! empty($general_error_data),
- 'freeform:field_errors' => ! empty($field_error_data)
- )
- );
- // -------------------------------------
- // apply replace tag to our field data
- // -------------------------------------
- $field_parse = ee()->freeform_fields->apply_field_method(array(
- 'method' => 'display_field',
- 'form_id' => $form_id,
- 'entry_id' => $entry_id,
- 'form_data' => $form_data,
- 'field_input_data' => $field_input_data,
- 'tagdata' => $tagdata
- ));
- $this->multipart = $field_parse['multipart'];
- $variables = array_merge($variables, $field_parse['variables']);
- $tagdata = $field_parse['tagdata'];
- // -------------------------------------
- // dynamic recipient list
- // -------------------------------------
- $this->params['recipients'] = (
- ! in_array(ee()->TMPL->fetch_param('recipients'), array(FALSE, ''))
- );
- //preload list with usable info if so
- $this->params['recipients_list'] = array();
- if ( $this->params['recipients'] )
- {
- $i = 1;
- $while_limit = 1000;
- $counter = 0;
- while ( ! in_array(ee()->TMPL->fetch_param('recipient' . $i), array(FALSE, '')) )
- {
- $recipient = explode('|', ee()->TMPL->fetch_param('recipient' . $i));
- //has a name?
- if ( count($recipient) > 1)
- {
- $recipient_name = trim($recipient[0]);
- $recipient_email = trim($recipient[1]);
- }
- //no name, we assume its just an email
- //(though, this makes little sense, it needs a name to be useful)
- else
- {
- $recipient_name = '';
- $recipient_email = trim($recipient[0]);
- }
- $recipient_selected = FALSE;
- if (isset($previous_inputs['hash_stored_data']['recipient_emails']) AND
- is_array($previous_inputs['hash_stored_data']['recipient_emails']))
- {
- $recipient_selected = in_array(
- $recipient_email,
- $previous_inputs['hash_stored_data']['recipient_emails']
- );
- }
- //add to list
- $this->params['recipients_list'][$i] = array(
- 'name' => $recipient_name,
- 'email' => $recipient_email,
- //because this wasn't being unique enough
- //on stupid windows servers *sigh*
- 'key' => uniqid('', true),
- 'selected' => $recipient_selected
- );
- $i++;
- //In case fetch_param ever defaults to something
- //thats not falsy.
- if (++$counter >= $while_limit)
- {
- break;
- }
- }
- //if we end up with nothing, then lets not attempt later
- if (empty($this->params['recipients_list']))
- {
- $this->params['recipients'] = FALSE;
- }
- }
- // ----------------------------------------
- // parse {freeform:captcha}
- // ----------------------------------------
- $variables['freeform:captcha'] = FALSE;
- if ($this->params['require_captcha'])
- {
- $variables['freeform:captcha'] = ee()->functions->create_captcha();
- // -------------------------------------
- // IF there is no captcha present
- // in this tagdata, we don't want
- // to require people to input it.
- // Thats asking for errors.
- // Usually this occurs when someone is
- // trying to force captcha but the
- // member is logged in and EE wont
- // output captcha for members unless
- // captcha_require_members is enabled.
- // -------------------------------------
- if (stristr($tagdata, LD . 'freeform:captcha' . RD) == FALSE OR
- empty($variables['freeform:captcha']))
- {
- $this->params['require_captcha'] = FALSE;
- }
- }
- // -------------------------------------
- // dynamic recipient tagdata
- // -------------------------------------
- if ( $this->params['recipients'] AND
- count($this->params['recipients_list']) > 0)
- {
- $variables['freeform_recipients'] = array();
- $recipient_list = $this->params['recipients_list'];
- //dynamic above starts with 1, so does this
- for ( $i = 1, $l = count($recipient_list); $i <= $l; $i++ )
- {
- $variables['freeform:recipient_name' . $i] = $recipient_list[$i]['name'];
- $variables['freeform:recipient_value' . $i] = $recipient_list[$i]['key'];
- $variables['freeform:recipient_selected' . $i] = $recipient_list[$i]['selected'];
- $variables['freeform:recipients'][] = array(
- 'freeform:recipient_name' => $recipient_list[$i]['name'],
- 'freeform:recipient_value' => $recipient_list[$i]['key'],
- 'freeform:recipient_count' => $i,
- //selected from hash data from multipages
- 'freeform:recipient_selected' => $recipient_list[$i]['selected']
- );
- }
- }
- // -------------------------------------
- // status pairs
- // -------------------------------------
- $tagdata = $this->parse_status_tags($tagdata);
- // ----------------------------------------
- // 'freeform_module_pre_form_parse' hook.
- // - This allows developers to change data before tagdata processing.
- // ----------------------------------------
- $this->variables = $variables;
- if (ee()->extensions->active_hook('freeform_module_pre_form_parse') === TRUE)
- {
- $backup_tagdata = $tagdata;
- $tagdata = ee()->extensions->universal_call(
- 'freeform_module_pre_form_parse',
- $tagdata,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- //valid data?
- if ( (! is_string($tagdata) OR empty($tagdata)) AND
- $this->check_yes($this->preference('hook_data_protection')))
- {
- $tagdata = $backup_tagdata;
- }
- }
- // ----------------------------------------
- //extra precaution in case someone hoses this
- if (isset($this->variables) AND is_array($this->variables))
- {
- $variables = $this->variables;
- }
- // -------------------------------------
- // parse external vars
- // -------------------------------------
- $outer_template_vars['freeform:form_id'] = $form_id;
- $outer_template_vars['freeform:form_page'] = $current_page;
- $outer_template_vars['freeform:form_page_total'] = $page_total;
- $outer_template_vars['freeform:form_name'] = $form_data['form_name'];
- $outer_template_vars['freeform:form_label'] = $form_data['form_label'];
- ee()->TMPL->template = ee()->functions->prep_conditionals(
- ee()->TMPL->template,
- $outer_template_vars
- );
- ee()->TMPL->template = ee()->functions->var_swap(
- ee()->TMPL->template,
- $outer_template_vars
- );
- // -------------------------------------
- // parse all vars
- // -------------------------------------
- $tagdata = ee()->TMPL->parse_variables(
- $tagdata,
- array(array_merge($outer_template_vars,$variables))
- );
- // -------------------------------------
- // This doesn't force an ajax request
- // but instead forces it _not_ to be
- // if the ajax param = 'no'.
- // $this->params['ajax'] defaults to
- // boolean true, so this will only
- // happen if someone adds ajax="no".
- // -------------------------------------
- if ( ! $this->params['ajax'])
- {
- $hidden_fields['ajax_request'] = 'no';
- }
- //-------------------------------------
- // build form
- //-------------------------------------
- $return .= $this->build_form(array(
- 'action' => $this->get_action_url('save_form'),
- 'method' => 'post',
- 'hidden_fields' => array_merge($hidden_fields, array(
- // no more params can be set after this
- 'params_id' => $this->insert_params(),
- )),
- 'tagdata' => $tagdata
- ));
- // ----------------------------------------
- // 'freeform_module_form_end' hook.
- // - This allows developers to change the form before output.
- // ----------------------------------------
- if (ee()->extensions->active_hook('freeform_module_form_end') === TRUE)
- {
- $backup_return = $return;
- $return = ee()->extensions->universal_call(
- 'freeform_module_form_end',
- $return,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- //valid data?
- if ( (! is_string($return) OR empty($return)) AND
- $this->check_yes($this->preference('hook_data_protection')))
- {
- $return = $backup_return;
- }
- }
- // ----------------------------------------
- return $return;
- }
- //END form
- // -------------------------------------
- // action requests
- // -------------------------------------
- // --------------------------------------------------------------------
- /**
- * ajax_validate
- *
- * does a save form that stops after validation
- *
- * @access public
- * @return mixed ajax request
- */
- public function ajax_validate_form()
- {
- return $this->save_form(TRUE);
- }
- //END ajax_validate
- // --------------------------------------------------------------------
- /**
- * save_form
- *
- * form save from front_end/action request
- *
- * @access public
- * @param bool validate only
- * @return null
- */
- public function save_form($validate_only = FALSE)
- {
- if ( ! $validate_only AND REQ !== 'ACTION' AND ! $this->test_mode)
- {
- return;
- }
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- ee()->load->model('freeform_form_model');
- if (ee()->input->get_post('params_id') === FALSE)
- {
- return $this->pre_validation_error(
- lang('missing_post_data') . ' - params_id'
- );
- }
- // -------------------------------------
- // require logged in?
- // -------------------------------------
- if ($this->param('require_logged_in') AND
- ee()->session->userdata['member_id'] == '0')
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('not_logged_in')
- );
- }
- // -------------------------------------
- // blacklist, banned
- // -------------------------------------
- if (ee()->session->userdata['is_banned'] OR (
- $this->check_yes(ee()->blacklist->blacklisted) AND
- $this->check_no(ee()->blacklist->whitelisted)
- )
- )
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_banned')
- );
- }
- // -------------------------------------
- // require ip? (except admin)
- // -------------------------------------
- if ($this->param('require_ip'))
- {
- if (ee()->input->ip_address() == '0.0.0.0')
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_ip_required')
- );
- }
- }
- // -------------------------------------
- // Is the nation of the user banned?
- // -------------------------------------
- if ($this->nation_ban_check(FALSE))
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- ee()->config->item('ban_message')
- );
- }
-
- // -------------------------------------
- // valid form id
- // -------------------------------------
- $form_id = $this->form_id(FALSE, FALSE);
- if ( ! $form_id)
- {
- return $this->pre_validation_error(lang('invalid_form_id'));
- }
- // -------------------------------------
- // is this an edit? entry_id
- // -------------------------------------
- $entry_id = $this->entry_id();
- $edit = $this->is_positive_intlike($entry_id);
- // -------------------------------------
- // for multipage check later
- // -------------------------------------
- $multipage = $this->param('multipage');
- $current_page = $this->param('current_page');
- $last_page = $this->param('last_page');
- $previous_inputs = array();
-
- // -------------------------------------
- // form data
- // -------------------------------------
- $this->form_data = $form_data = $this->data->get_form_info($form_id);
- $field_labels = array();
- $valid_fields = array();
- $column_names = array();
- foreach ( $form_data['fields'] as $row)
- {
- $field_labels[$row['field_name']] = $row['field_label'];
- $valid_fields[] = $row['field_name'];
- //fill previous inputs names correctly
- $column_name = 'form_field_' . $row['field_id'];
- if (isset($previous_inputs[$column_name]))
- {
- $previous_inputs[$row['field_name']] = $previous_inputs[$column_name];
- }
- $column_names[$row['field_name']] = $column_name;
- }
- // -------------------------------------
- // for hooks
- // -------------------------------------
- $this->edit = $edit;
- $this->multipage = $multipage;
- $this->last_page = $last_page;
- // -------------------------------------
- // user email max/spam count
- // -------------------------------------
- ee()->load->library('freeform_notifications');
- if ($last_page AND ($this->param('recipient_user_input') OR
- $this->param('recipients')) AND
- ee()->freeform_notifications->check_spam_interval($form_id)
- )
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('email_limit_exceeded')
- );
- }
- // -------------------------------------
- // Check for duplicate
- // -------------------------------------
- $duplicate = FALSE;
- if ($this->param('prevent_duplicate_on'))
- {
- $duplicate = ee()->freeform_forms->check_duplicate(
- $form_id,
- $this->param('prevent_duplicate_on'),
- ee()->input->get_post(
- $this->param('prevent_duplicate_on'),
- TRUE
- ),
- $this->param('prevent_duplicate_per_site')
- );
- }
- if ($duplicate)
- {
- return $this->pre_validation_error(lang('no_duplicates'));
- }
- // -------------------------------------
- // pre xid check
- // -------------------------------------
- // we aren't going to delete just yet
- // because if they have input errors
- // then we want to keep this xid for a bit
- // and only delete xid on success
- // -------------------------------------
- // EE 2.7+ does this automatically for
- // all POSTS front end and back now
- // so this is going to cause errors
- // if we check it there.
- // -------------------------------------
- if (version_compare($this->ee_version, '2.7.0', '<') &&
- ! ee()->security->check_xid(ee()->input->post('XID')))
- {
- return $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_secure_form_timeout')
- );
- }
- // -------------------------------------
- // pre-validate hook
- // -------------------------------------
- $errors = array();
- //have to do this weird for backward compat
- $this->field_errors = array();
- if (ee()->extensions->active_hook('freeform_module_validate_begin') === TRUE)
- {
- $backup_errors = $errors;
- $errors = ee()->extensions->universal_call(
- 'freeform_module_validate_begin',
- $errors,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- //valid data?
- if ( ! is_array($errors) AND
- $this->check_yes($this->preference('hook_data_protection')))
- {
- $errors = $backup_errors;
- }
- }
- // -------------------------------------
- // require fields
- // -------------------------------------
- if ($this->param('required'))
- {
- $required = $this->actions()->pipe_split($this->param('required'));
- foreach ($required as $required_field)
- {
- //require need to work for recipients and recipient email user
- $valid_require = array_merge(
- $valid_fields,
- array('recipient_email_user', 'recipient_email')
- );
- $require_labels = $field_labels;
- $require_labels['recipient_email_user'] = lang('user_recipients');
- $require_labels['recipient_email'] = lang('dynamic_recipients');
- //just in case someone misspelled a require
- //or removes a field after making the require list
- if ( ! in_array($required_field, $valid_require))
- {
- continue;
- }
- $gp_value = ee()->input->get_post($required_field);
- if ( (
- //empty array
- (is_array($gp_value) AND count($gp_value) < 1) OR
- //empty …
Large files files are truncated, but you can click here to view the full file