/system/expressionengine/third_party/freeform/mod.freeform.php
PHP | 3621 lines | 2148 code | 670 blank | 803 comment | 272 complexity | 5d3ca1dbaaa9b76e0758cdc55ddf847f MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
- /**
- * Solspace - Freeform
- *
- * @package Solspace:Freeform
- * @author Solspace DevTeam
- * @copyright Copyright (c) 2008-2012, Solspace, Inc.
- * @link http://solspace.com/docs/addon/c/Freeform/
- * @version 4.0.8
- * @filesource ./system/expressionengine/third_party/freeform/
- */
- /**
- * Freeform - User Side
- *
- * @package Solspace:Freeform
- * @author Solspace DevTeam
- * @filesource ./system/expressionengine/third_party/freeform/mod.freeform.php
- */
- // EE 2.0's Wizard might not set this constant
- if ( ! defined('APP_VER')) define('APP_VER', '2.0');
- if ( ! class_exists('Module_builder_freeform'))
- {
- require_once 'addon_builder/module_builder.php';
- }
- class Freeform extends Module_builder_freeform
- {
- public $return_data = '';
- public $disabled = FALSE;
- public $multipart = FALSE;
- public $params = array();
- public $params_id = 0;
- public $form_id = 0;
- // --------------------------------------------------------------------
- /**
- * Constructor
- *
- * @access public
- * @return null
- */
- public function __construct ()
- {
- parent::__construct('freeform');
- // -------------------------------------
- // Module Installed and Up to Date?
- // -------------------------------------
- if ($this->database_version() == FALSE OR
- $this->version_compare($this->database_version(), '<', FREEFORM_VERSION)
- OR ! $this->extensions_enabled())
- {
- $this->disabled = TRUE;
- trigger_error(lang('freeform_module_disabled'), E_USER_NOTICE);
- }
- ee()->load->helper(array('text', 'form', 'url', 'string'));
- //avoids AR collisions
- $this->data->get_module_preferences();
- $this->data->get_global_module_preferences();
- $this->data->show_all_sites();
- }
- // END __construct()
- // --------------------------------------------------------------------
- /**
- * Form Info
- *
- * @access public
- * @return string parsed tagdata
- */
- public function form_info ()
- {
- $form_ids = $this->form_id(TRUE);
- ee()->load->model('freeform_form_model');
- if ($form_ids)
- {
- ee()->freeform_form_model->where_in('form_id', $form_ids);
- }
- // -------------------------------------
- // site ids
- // -------------------------------------
- //if its star, allow all
- if (ee()->TMPL->fetch_param('site_id') !== '*')
- {
- $site_id = $this->parse_numeric_array_param('site_id');
- //if this isn't false, its single or an array
- if ($site_id !== FALSE)
- {
- if (empty($site_id['ids']))
- {
- ee()->freeform_form_model->reset();
- return $this->no_results_error();
- }
- else if ($site_id['not'])
- {
- ee()->freeform_form_model->where_not_in('site_id', $site_id['ids']);
- }
- else
- {
- ee()->freeform_form_model->where_in('site_id', $site_id['ids']);
- }
- }
- //default
- else
- {
- ee()->freeform_form_model->where('site_id', ee()->config->item('site_id'));
- }
- }
- // -------------------------------------
- // form data
- // -------------------------------------
- $form_data = ee()->freeform_form_model
- ->select(
- 'form_id, site_id, ' .
- 'form_name, form_label, ' .
- 'form_description, author_id, ' .
- 'entry_date, edit_date'
- )
- ->order_by('form_id', 'asc')
- ->get();
- if ( ! $form_data)
- {
- return $this->no_results_error(($form_ids) ? 'invalid_form_id' : NULL);
- }
- // -------------------------------------
- // author data
- // -------------------------------------
- $author_ids = array();
- $author_data = array();
- foreach ($form_data as $row)
- {
- $author_ids[] = $row['author_id'];
- }
- $a_query = ee()->db->select('member_id, username, screen_name')
- ->from('members')
- ->where_in('member_id', array_unique($author_ids))
- ->get();
- if ($a_query->num_rows() > 0)
- {
- $author_data = $this->prepare_keyed_result(
- $a_query,
- 'member_id'
- );
- }
- // -------------------------------------
- // output
- // -------------------------------------
- $variables = array();
- ee()->load->model('freeform_entry_model');
- foreach ($form_data as $row)
- {
- $new_row = array();
- foreach ($row as $key => $value)
- {
- $new_row['freeform:' . $key] = $value;
- }
- $new_row['freeform:total_entries'] = ee()->freeform_entry_model
- ->id($row['form_id'])
- ->where('complete', 'y')
- ->count();
- $new_row['freeform:author'] = (
- isset($author_data[$row['author_id']]) ?
- (
- isset($author_data[$row['author_id']]['screen_name']) ?
- $author_data[$row['author_id']]['screen_name'] :
- $author_data[$row['author_id']]['username']
- ) :
- lang('n_a')
- );
- $variables[] = $new_row;
- }
- $prefixed_tags = array(
- 'count',
- 'switch',
- 'total_results'
- );
- $tagdata = ee()->TMPL->tagdata;
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
- //this should handle backspacing as well
- $tagdata = ee()->TMPL->parse_variables($tagdata, $variables);
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
- return $tagdata;
- }
- //END form_info
- // --------------------------------------------------------------------
- /**
- * Freeform:Entries
- * {exp:freeform:entries}
- *
- * @access public
- * @return string tagdata
- */
- public function entries ()
- {
- // -------------------------------------
- // form id
- // -------------------------------------
- $form_ids = $this->form_id(TRUE);
- if ( ! $form_ids)
- {
- return $this->no_results_error('invalid_form_id');
- }
- if ( ! is_array($form_ids))
- {
- $form_ids = array($form_ids);
- }
- // -------------------------------------
- // libs, models, helper
- // -------------------------------------
- ee()->load->model('freeform_form_model');
- ee()->load->model('freeform_entry_model');
- ee()->load->model('freeform_field_model');
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- // -------------------------------------
- // start cache for count and result
- // -------------------------------------
- $forms_data = ee()->freeform_form_model
- ->key('form_id')
- ->get(array('form_id' => $form_ids));
- $statuses = array_keys($this->data->get_form_statuses());
- // -------------------------------------
- // field data
- // -------------------------------------
- $all_field_ids = array();
- $all_order_ids = array();
- foreach ($forms_data as $form_data)
- {
- //this should always be true, but NEVER TRUST AN ELF
- if (isset($form_data['field_ids']) AND
- is_array($form_data['field_ids']))
- {
- $all_field_ids = array_merge($all_field_ids, $form_data['field_ids']);
- $all_order_ids = array_merge(
- $all_order_ids,
- $this->actions()->pipe_split($form_data['field_order'])
- );
- }
- }
- $all_field_ids = array_unique($all_field_ids);
- $all_order_ids = array_unique($all_order_ids);
- sort($all_field_ids);
- // -------------------------------------
- // get field data
- // -------------------------------------
- $all_field_data = FALSE;
- if ( ! empty($all_field_ids))
- {
- $all_field_data = ee()->freeform_field_model
- ->key('field_id')
- ->where_in('field_id', $all_field_ids)
- ->get();
- }
- $field_data = array();
- if ($all_field_data)
- {
- foreach ($all_field_data as $row)
- {
- $field_data[$row['field_id']] = $row;
- }
- }
- // -------------------------------------
- // set tables
- // -------------------------------------
- ee()->freeform_entry_model->id($form_ids);
- // -------------------------------------
- // replace CURRENT_USER before we get
- // started because the minute we don't
- // someone is going to figure out
- // a way to need it in site_id=""
- // -------------------------------------
- $this->replace_current_user();
- // -------------------------------------
- // site ids
- // -------------------------------------
- //if its star, allow all
- if (ee()->TMPL->fetch_param('site_id') !== '*')
- {
- $site_id = $this->parse_numeric_array_param('site_id');
- //if this isn't false, its single or an array
- if ($site_id !== FALSE)
- {
- if (empty($site_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($site_id['not'])
- {
- ee()->freeform_entry_model->where_not_in('site_id', $site_id['ids']);
- }
- else
- {
- ee()->freeform_entry_model->where_in('site_id', $site_id['ids']);
- }
- }
- //default
- else
- {
- ee()->freeform_entry_model->where('site_id', ee()->config->item('site_id'));
- }
- }
- // -------------------------------------
- // entry ids
- // -------------------------------------
- $entry_id = $this->parse_numeric_array_param('entry_id');
- if ($entry_id !== FALSE)
- {
- if (empty($entry_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($entry_id['not'])
- {
- ee()->freeform_entry_model->where_not_in('entry_id', $entry_id['ids']);
- }
- else
- {
- ee()->freeform_entry_model->where_in('entry_id', $entry_id['ids']);
- }
- }
- // -------------------------------------
- // author ids
- // -------------------------------------
- $author_id = $this->parse_numeric_array_param('author_id');
- if ($author_id !== FALSE)
- {
- if (empty($author_id['ids']))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- else if ($author_id['not'])
- {
- ee()->freeform_entry_model->where_not_in('author_id', $author_id['ids']);
- }
- else
- {
- ee()->freeform_entry_model->where_in('author_id', $author_id['ids']);
- }
- }
- // -------------------------------------
- // freeform:all_form_fields
- // -------------------------------------
- $tagdata = $this->replace_all_form_fields(
- ee()->TMPL->tagdata,
- $field_data,
- $all_order_ids
- );
- // -------------------------------------
- // get standard columns and labels
- // -------------------------------------
- $standard_columns = array_keys(
- ee()->freeform_form_model->default_form_table_columns
- );
- $standard_columns[] = 'author';
- $column_labels = array();
- //keyed labels for the front end
- foreach ($standard_columns as $column_name)
- {
- $column_labels[$column_name] = lang($column_name);
- }
- // -------------------------------------
- // available fields
- // -------------------------------------
- //this makes the keys and values the same
- $available_fields = array_combine($standard_columns, $standard_columns);
- $custom_fields = array();
- $field_descriptions = array();
- foreach ($field_data as $field_id => $f_data)
- {
- $fid = ee()->freeform_form_model->form_field_prefix . $field_id;
- //field_name => field_id_1, etc
- $available_fields[$f_data['field_name']] = $fid;
- //field_id_1 => field_id_1, etc
- $available_fields[$fid] = $fid;
- $custom_fields[] = $f_data['field_name'];
- //labels
- $column_labels[$f_data['field_name']] = $f_data['field_label'];
- $column_labels[$fid] = $f_data['field_label'];
- $field_descriptions[
- 'freeform:description:' . $f_data['field_name']
- ] = $f_data['field_description'];
- }
- // -------------------------------------
- // search:field_name="kittens"
- // -------------------------------------
- foreach (ee()->TMPL->tagparams as $key => $value)
- {
- if (substr($key, 0, 7) == 'search:')
- {
- $search_key = substr($key, 7);
- if (isset($available_fields[$search_key]))
- {
- ee()->freeform_entry_model->add_search(
- $available_fields[$search_key],
- $value
- );
- }
- }
- }
- // -------------------------------------
- // date range
- // -------------------------------------
- $date_range = ee()->TMPL->fetch_param('date_range');
- $date_range_start = ee()->TMPL->fetch_param('date_range_start');
- $date_range_end = ee()->TMPL->fetch_param('date_range_end');
- ee()->freeform_entry_model->date_where(
- $date_range,
- $date_range_start,
- $date_range_end
- );
- // -------------------------------------
- // complete
- // -------------------------------------
- $show_incomplete = ee()->TMPL->fetch_param('show_incomplete');
- if ($show_incomplete === 'only')
- {
- ee()->freeform_entry_model->where('complete', 'n');
- }
- else if ( ! $this->check_yes($show_incomplete))
- {
- ee()->freeform_entry_model->where('complete', 'y');
- }
- // -------------------------------------
- // status
- // -------------------------------------
- $status = ee()->TMPL->fetch_param('status', 'open');
- if ($status !== 'all')
- {
- if (in_array($status, $statuses))
- {
- ee()->freeform_entry_model->where('status', $status);
- }
- }
- // -------------------------------------
- // orderby/sort
- // -------------------------------------
- $sort = ee()->TMPL->fetch_param('sort');
- $orderby = ee()->TMPL->fetch_param('orderby');
- if ($orderby !== FALSE AND trim($orderby) !== '')
- {
- $orderby = $this->actions()->pipe_split(strtolower(trim($orderby)));
- array_walk($orderby, 'trim');
- // -------------------------------------
- // sort
- // -------------------------------------
- if ($sort !== FALSE AND trim($sort) !== '')
- {
- $sort = $this->actions()->pipe_split(strtolower(trim($sort)));
- array_walk($sort, 'trim');
- //correct sorts
- foreach ($sort as $key => $value)
- {
- if ( ! in_array($value, array('asc', 'desc')))
- {
- $sort[$key] = 'asc';
- }
- }
- }
- else
- {
- $sort = array('asc');
- }
- // -------------------------------------
- // add sorts and orderbys
- // -------------------------------------
- foreach ($orderby as $key => $value)
- {
- if (isset($available_fields[$value]))
- {
- //if the sort is not set, just use the first
- //really this should teach people to be more specific :p
- $temp_sort = isset($sort[$key]) ? $sort[$key] : $sort[0];
- ee()->freeform_entry_model->order_by(
- $available_fields[$value],
- $temp_sort
- );
- }
- }
- }
- //--------------------------------------
- // pagination start vars
- //--------------------------------------
- $limit = ee()->TMPL->fetch_param('limit', 50);
- $offset = ee()->TMPL->fetch_param('offset', 0);
- $row_count = 0;
- $total_entries = ee()->freeform_entry_model->count(array(), FALSE);
- $current_page = 0;
- if ($total_entries == 0)
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- // -------------------------------------
- // pagination?
- // -------------------------------------
- $prefix = stristr($tagdata, LD . 'freeform:paginate' . RD);
- if ($limit > 0 AND ($total_entries - $offset) > $limit)
- {
- //get pagination info
- $pagination_data = $this->universal_pagination(array(
- 'total_results' => $total_entries,
- 'tagdata' => $tagdata,
- 'limit' => $limit,
- 'offset' => $offset,
- 'uri_string' => ee()->uri->uri_string,
- 'prefix' => 'freeform:',
- 'auto_paginate' => TRUE
- ));
- //if we paginated, sort the data
- if ($pagination_data['paginate'] === TRUE)
- {
- $tagdata = $pagination_data['tagdata'];
- $current_page = $pagination_data['pagination_page'];
- }
- }
- else
- {
- $this->paginate = FALSE;
- }
- ee()->freeform_entry_model->limit($limit, $current_page + $offset);
- // -------------------------------------
- // get data
- // -------------------------------------
- $result_array = ee()->freeform_entry_model->get();
- if (empty($result_array))
- {
- ee()->freeform_entry_model->reset();
- return $this->no_results_error();
- }
- $output_labels = array();
- //column labels for output
- foreach ($column_labels as $key => $value)
- {
- $output_labels['freeform:label:' . $key] = $value;
- }
- $count = $row_count;
- $variable_rows = array();
- $replace_tagdata = '';
- // -------------------------------------
- // allow pre_process
- // -------------------------------------
- $entry_ids = array();
- foreach ($result_array as $row)
- {
- if ( ! isset($entry_ids[$row['form_id']]))
- {
- $entry_ids[$row['form_id']] = array();
- }
- $entry_ids[$row['form_id']][] = $row['entry_id'];
- }
- foreach ($entry_ids as $f_form_id => $f_entry_ids)
- {
- ee()->freeform_fields->apply_field_method(array(
- 'method' => 'pre_process_entries',
- 'form_id' => $f_form_id,
- 'form_data' => $forms_data,
- 'entry_id' => $f_entry_ids,
- 'field_data' => $field_data
- ));
- }
- // -------------------------------------
- // output
- // -------------------------------------
- $to_prefix = array(
- 'absolute_count',
- 'absolute_results',
- 'author_id',
- 'author',
- 'complete',
- 'edit_date',
- 'entry_date',
- 'entry_id',
- 'form_id',
- 'form_name',
- 'ip_address',
- 'reverse_count'
- );
- $absolute_count = $current_page + $offset;
- $total_results = count($result_array);
- $count = 0;
- foreach ($result_array as $row)
- {
- //apply replace tag to our field data
- $field_parse = ee()->freeform_fields->apply_field_method(array(
- 'method' => 'replace_tag',
- 'form_id' => $row['form_id'],
- 'entry_id' => $row['entry_id'],
- 'form_data' => $forms_data,
- 'field_data' => $field_data,
- 'field_input_data' => $row,
- 'tagdata' => $tagdata
- ));
- $row = array_merge(
- $output_labels,
- $field_descriptions,
- $row,
- $field_parse['variables']
- );
- if ($replace_tagdata == '')
- {
- $replace_tagdata = $field_parse['tagdata'];
- }
- $row['freeform:form_name'] = $forms_data[$row['form_id']]['form_name'];
- $row['freeform:form_label'] = $forms_data[$row['form_id']]['form_label'];
- //prefix
- foreach ($row as $key => $value)
- {
- if ( ! preg_match('/^freeform:/', $key))
- {
- if (in_array($key, $custom_fields) AND
- ! isset($row['freeform:field:' . $key]))
- {
- $row['freeform:field:' . $key] = $value;
- }
- else if ( ! isset($row['freeform:' . $key]))
- {
- $row['freeform:' . $key] = $value;
- }
- unset($row[$key]);
- }
- }
- // -------------------------------------
- // other counts
- // -------------------------------------
- $row['freeform:reverse_count'] = $total_results - $count++;
- $row['freeform:absolute_count'] = ++$absolute_count;
- $row['freeform:absolute_results'] = $total_entries;
- $variable_rows[] = $row;
- }
- $tagdata = $replace_tagdata;
- $prefixed_tags = array(
- 'count',
- 'switch',
- 'total_results'
- );
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
- //this should handle backspacing as well
- $tagdata = ee()->TMPL->parse_variables($tagdata, $variable_rows);
- $tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
- // -------------------------------------
- // add pagination
- // -------------------------------------
- //prefix or no prefix?
- if ($prefix)
- {
- $tagdata = $this->parse_pagination(array(
- 'prefix' => 'freeform:',
- 'tagdata' => $tagdata
- ));
- }
- else
- {
- $tagdata = $this->parse_pagination(array(
- 'tagdata' => $tagdata
- ));
- }
- return $tagdata;
- }
- //END entries
-
- // --------------------------------------------------------------------
- /**
- * Freeform:Form
- * {exp:freeform:form}
- *
- * @access public
- * @param bool $edit edit mode? external for security
- * @param bool $preview preview mode?
- * @param mixed $preview_fields extra preview fields?
- * @return string tagdata
- */
- public function form ( $edit = FALSE, $preview = FALSE, $preview_fields = FALSE)
- {
- if ($this->check_yes(ee()->TMPL->fetch_param('require_logged_in')) AND
- ee()->session->userdata['member_id'] == '0')
- {
- return $this->no_results_error('not_logged_in');
- }
- // -------------------------------------
- // form id
- // -------------------------------------
- $form_id = $this->form_id();
- if ( ! $form_id)
- {
- return $this->no_results_error('invalid_form_id');
- }
- // -------------------------------------
- // libs, helpers, etc
- // -------------------------------------
- ee()->load->model('freeform_form_model');
- ee()->load->model('freeform_field_model');
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- ee()->load->helper('form');
- // -------------------------------------
- // get prefs early to avoid query mess
- // -------------------------------------
- $this->data->get_module_preferences();
- $this->data->get_global_module_preferences();
- // -------------------------------------
- // build query
- // -------------------------------------
- $form_data = $this->data->get_form_info($form_id);
- // -------------------------------------
- // preview fields? (composer preview)
- // -------------------------------------
- if ( ! empty($preview_fields))
- {
- ee()->load->model('freeform_field_model');
- $valid_preview_fields = ee()->freeform_field_model
- ->where_in('field_id', $preview_fields)
- ->key('field_id')
- ->get();
- if ($valid_preview_fields)
- {
- foreach ($valid_preview_fields as $p_field_id => $p_field_data)
- {
- $p_field_data['preview'] = TRUE;
- $form_data['fields'][$p_field_id] = $p_field_data;
- }
- }
- }
- // -------------------------------------
- // form data
- // -------------------------------------
- $this->params['form_id'] = $form_id;
- // -------------------------------------
- // edit?
- // -------------------------------------
- $entry_id = 0;
- $edit_data = array();
-
- $this->params['edit'] = $edit;
- $this->params['entry_id'] = $entry_id;
- // -------------------------------------
- // replace CURRENT_USER everywhere
- // -------------------------------------
- $this->replace_current_user();
- // -------------------------------------
- // default params
- // -------------------------------------
- $default_mp_page_marker = 'page';
- $params_with_defaults = array(
- //security
- 'secure_action' => FALSE,
- 'secure_return' => FALSE,
- 'require_captcha' => (
- $this->check_yes(ee()->config->item('captcha_require_members')) OR
- (
- $this->check_no(ee()->config->item('captcha_require_members')) AND
- ee()->session->userdata('member_id') == 0
- )
- ),
- 'require_ip' => ! $this->check_no(
- ee()->config->item("require_ip_for_posting")
- ),
- 'return' => ee()->uri->uri_string,
- 'inline_error_return' => ee()->uri->uri_string,
- 'error_page' => '',
- 'ajax' => TRUE,
- 'restrict_edit_to_author' => TRUE,
- 'inline_errors' => FALSE,
- //dupe prevention
- 'prevent_duplicate_on' => '',
- 'prevent_duplicate_per_site' => FALSE,
- 'secure_duplicate_redirect' => FALSE,
- 'duplicate_redirect' => '',
- 'error_on_duplicate' => FALSE,
- //required or matching fields
- 'required' => '',
- 'matching_fields' => '',
- //multipage
- 'last_page' => TRUE,
- 'multipage' => FALSE,
- 'redirect_on_timeout' => TRUE,
- 'redirect_on_timeout_to' => '',
- 'page_marker' => $default_mp_page_marker,
- 'multipage_page' => '',
- 'paging_url' => '',
- 'multipage_page_names' => '',
- //notifications
- 'admin_notify' => $form_data['admin_notification_email'],
- 'admin_cc_notify' => '',
- 'admin_bcc_notify' => '',
- 'notify_user' => $this->check_yes($form_data['notify_user']),
- 'notify_admin' => $this->check_yes($form_data['notify_admin']),
- 'notify_on_edit' => FALSE,
- 'user_email_field' => $form_data['user_email_field'],
- //dynamic_recipients
- 'recipients' => FALSE,
- 'recipients_limit' => '3',
- //user inputted recipients
- 'recipient_user_input' => FALSE,
- 'recipient_user_limit' => '3',
- //templates
- 'recipient_template' => "",
- 'recipient_user_template' => "",
- 'admin_notification_template' => $form_data['admin_notification_id'],
- 'user_notification_template' => $form_data['user_notification_id'],
- 'status' => $form_data['default_status'],
- 'allow_status_edit' => FALSE,
- );
- foreach ($params_with_defaults as $p_name => $p_default)
- {
- //if the default is a boolean value
- if ( is_bool($p_default))
- {
- //and if there is a template param version of the param
- if (ee()->TMPL->fetch_param($p_name) !== FALSE)
- {
- //and if the default is boolean true
- if ($p_default === TRUE)
- {
- //and if the template param uses an indicator of the
- //'false' variety, we want to override the default
- //of TRUE and set FALSE.
- $this->params[$p_name] = ! $this->check_no(
- ee()->TMPL->fetch_param($p_name)
- );
- }
- //but if the default is boolean false
- else
- {
- //and the template param is trying to turn the feature
- //on through a 'y', 'yes', or 'on' value, then we want
- //to convert the FALSE to a TRUE
- $this->params[$p_name] = $this->check_yes(
- ee()->TMPL->fetch_param($p_name)
- );
- }
- }
- //there is no template param version of this default so the default stands
- else
- {
- $this->params[$p_name] = $p_default;
- }
- }
- //other wise check for the param or fallback on default
- else
- {
- $this->params[$p_name] = trim(
- ee()->TMPL->fetch_param($p_name, $p_default)
- );
- }
- }
- // ----------------------------------------
- // Check for duplicate
- // ----------------------------------------
- $duplicate = FALSE;
- //we can only prevent dupes on entry like this
- if ( ! $edit AND $this->params['prevent_duplicate_on'])
- {
- if ( in_array(
- $this->params['prevent_duplicate_on'],
- array('member_id', 'ip_address'),
- TRUE
- ))
- {
- $duplicate = ee()->freeform_forms->check_duplicate(
- $form_id,
- $this->params['prevent_duplicate_on'],
- '',
- $this->params['prevent_duplicate_per_site']
- );
- }
- }
- // ----------------------------------------
- // duplicate?
- // ----------------------------------------
- if ($duplicate)
- {
- if ($this->params['duplicate_redirect'] !== '')
- {
- ee()->functions->redirect(
- $this->prep_url(
- $this->params['duplicate_redirect'],
- $this->params['secure_duplicate_redirect']
- )
- );
- exit();
- }
- else if ($this->params['error_on_duplicate'])
- {
- return $this->no_results_error('no_duplicates');
- }
- /*else if (preg_match(
- '/' . LD . 'if freeform_duplicate' . RD . '(*?)' '/',
- ee()->TMPL->tagdata, ))
- {
- }*/
- }
- // -------------------------------------
- // check user email field
- // if this is from form prefs, its an ID
- // -------------------------------------
- $valid_user_email_field = FALSE;
- foreach ($form_data['fields'] as $field_id => $field_data)
- {
- if ($this->params['user_email_field'] == $field_data['field_name'] OR
- $this->params['user_email_field'] == $field_id)
- {
- $valid_user_email_field = TRUE;
- //in case the setting is an id
- $this->params['user_email_field'] = $field_data['field_name'];
- break;
- }
- }
- // if it doesn't exist in the form, lets blank it
- $this->params['user_email_field'] = (
- $valid_user_email_field ?
- $this->params['user_email_field'] :
- ''
- );
-
- // ----------------------------------------
- // 'freeform_module_form_begin' hook.
- // - This allows developers to change data before form processing.
- // ----------------------------------------
- if (ee()->extensions->active_hook('freeform_module_form_begin') === TRUE)
- {
- $edata = ee()->extensions->universal_call(
- 'freeform_module_form_begin',
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- }
- // ----------------------------------------
- // -------------------------------------
- // start form
- // -------------------------------------
- $tagdata = ee()->TMPL->tagdata;
- $return = '';
- $hidden_fields = array();
- $outer_template_vars = array();
- $variables = array();
- $multipage = $this->params['multipage'];
- $last_page = TRUE;
- $page_total = 1;
- $current_page = 0;
- // -------------------------------------
- // check if this is multi-page
- // -------------------------------------
-
- $current_page = 1;
-
- // -------------------------------------
- // check again for captcha now that
- // tagdata has been adjusted
- // -------------------------------------
- if ($this->params['require_captcha'])
- {
- $this->params['require_captcha'] = (stristr($tagdata, LD . 'freeform:captcha' . RD) != FALSE);
- }
- // -------------------------------------
- // other random vars
- // -------------------------------------
- $variables['freeform:submit'] = form_submit('submit', lang('submit'));
- $variables['freeform:duplicate'] = $duplicate;
- $variables['freeform:not_duplicate'] = ! $duplicate;
- $variables['freeform:form_label'] = $form_data['form_label'];
- $variables['freeform:form_description'] = $form_data['form_description'];
-
- // -------------------------------------
- // recipient emails from multipage?
- // -------------------------------------
- $variables['freeform:mp_data:user_recipient_emails'] = '';
- if (isset($previous_inputs['hash_stored_data']['user_recipient_emails']) AND
- is_array($previous_inputs['hash_stored_data']['user_recipient_emails']))
- {
- $variables['freeform:mp_data:user_recipient_emails'] = implode(
- ', ',
- $previous_inputs['hash_stored_data']['user_recipient_emails']
- );
- }
- // -------------------------------------
- // display fields
- // -------------------------------------
- $field_error_data = array();
- $general_error_data = array();
- $field_input_data = array();
- // -------------------------------------
- // inline errors?
- // -------------------------------------
- if ($this->params['inline_errors'] AND
- $this->is_positive_intlike(ee()->session->flashdata('freeform_errors')))
- {
- ee()->load->model('freeform_param_model');
- $error_query = ee()->freeform_param_model->get_row(
- ee()->session->flashdata('freeform_errors')
- );
- if ($error_query !== FALSE)
- {
- $potential_error_data = json_decode($error_query['data'], TRUE);
- if (isset($potential_error_data['field_errors']))
- {
- $field_error_data = $potential_error_data['field_errors'];
- }
- if (isset($potential_error_data['general_errors']))
- {
- $general_error_data = $potential_error_data['general_errors'];
- }
- if (isset($potential_error_data['inputs']))
- {
- $field_input_data = $potential_error_data['inputs'];
- }
- }
- }
- foreach ($form_data['fields'] as $field_id => $field_data)
- {
- // -------------------------------------
- // label?
- // -------------------------------------
- $error = '';
- if (isset($field_error_data[$field_data['field_name']]))
- {
- $error = is_array($field_error_data[$field_data['field_name']]) ?
- implode(', ', $field_error_data[$field_data['field_name']]) :
- $field_error_data[$field_data['field_name']];
- }
- $variables['freeform:error:' . $field_data['field_name']] = $error;
- $variables['freeform:label:' . $field_data['field_name']] = $field_data['field_label'];
- $variables['freeform:description:' . $field_data['field_name']] = $field_data['field_description'];
- // -------------------------------------
- // values?
- // -------------------------------------
- $col_name = ee()->freeform_form_model->form_field_prefix . $field_id;
- // -------------------------------------
- // multipage previous inputs?
- // -------------------------------------
- $variables['freeform:mp_data:' . $field_data['field_name']] = (
- isset($previous_inputs[$col_name]) ?
- $previous_inputs[$col_name] :
- (
- isset($previous_inputs[$field_data['field_name']]) ?
- $previous_inputs[$field_data['field_name']] :
- ''
- )
- );
-
- }
- //END foreach ($form_data['fields'] as $field_id => $field_data)
- if ( ! empty($edit_data))
- {
- $field_input_data = $edit_data;
- }
- else if ( ! empty($previous_inputs))
- {
- $field_input_data = $previous_inputs;
- }
- // -------------------------------------
- // freeform:all_form_fields
- // -------------------------------------
- $tagdata = $this->replace_all_form_fields(
- $tagdata,
- $form_data['fields'],
- $form_data['field_order'],
- $field_input_data
- );
- // -------------------------------------
- // general errors
- // -------------------------------------
- if ( ! empty($general_error_data))
- {
- //the error array might have sub arrays
- //so we need to flatten
- $_general_error_data = array();
- foreach ($general_error_data as $error_set => $error_data)
- {
- if (is_array($error_data))
- {
- foreach ($error_data as $sub_key => $sub_error)
- {
- $_general_error_data[] = array('freeform:error_message' => $sub_error);
- }
- }
- else
- {
- $_general_error_data[] = array('freeform:error_message' => $error_data);
- }
- }
- $general_error_data = $_general_error_data;
- }
- $variables['freeform:general_errors'] = $general_error_data;
- //have to do this so the conditional will work,
- //seems that parse variables doesn't think a non-empty array = YES
- $tagdata = ee()->functions->prep_conditionals(
- $tagdata,
- array('freeform:general_errors' => ! empty($general_error_data))
- );
- // -------------------------------------
- // apply replace tag to our field data
- // -------------------------------------
- $field_parse = ee()->freeform_fields->apply_field_method(array(
- 'method' => 'display_field',
- 'form_id' => $form_id,
- 'entry_id' => $entry_id,
- 'form_data' => $form_data,
- 'field_input_data' => $field_input_data,
- 'tagdata' => $tagdata
- ));
- $this->multipart = $field_parse['multipart'];
- $variables = array_merge($variables, $field_parse['variables']);
- $tagdata = $field_parse['tagdata'];
- // -------------------------------------
- // dynamic recipient list
- // -------------------------------------
- $this->params['recipients'] = (
- ! in_array(ee()->TMPL->fetch_param('recipients'), array(FALSE, ''))
- );
- //preload list with usable info if so
- $this->params['recipients_list'] = array();
- if ( $this->params['recipients'] )
- {
- $i = 1;
- $while_limit = 1000;
- $counter = 0;
- while ( ! in_array(ee()->TMPL->fetch_param('recipient' . $i), array(FALSE, '')) )
- {
- $recipient = explode('|', ee()->TMPL->fetch_param('recipient' . $i));
- //has a name?
- if ( count($recipient) > 1)
- {
- $recipient_name = trim($recipient[0]);
- $recipient_email = trim($recipient[1]);
- }
- //no name, we assume its just an email
- //(though, this makes little sense, it needs a name to be useful)
- else
- {
- $recipient_name = '';
- $recipient_email = trim($recipient[0]);
- }
- $recipient_selected = FALSE;
- if (isset($previous_inputs['hash_stored_data']['recipient_emails']) AND
- is_array($previous_inputs['hash_stored_data']['recipient_emails']))
- {
- $recipient_selected = in_array(
- $recipient_email,
- $previous_inputs['hash_stored_data']['recipient_emails']
- );
- }
- //add to list
- $this->params['recipients_list'][$i] = array(
- 'name' => $recipient_name,
- 'email' => $recipient_email,
- 'key' => uniqid(),
- 'selected' => $recipient_selected
- );
- $i++;
- //extra protection because while loops are scary
- if (++$counter >= $while_limit)
- {
- break;
- }
- }
- //if we end up with nothing, then lets not attempt later
- if (empty($this->params['recipients_list']))
- {
- $this->params['recipients'] = FALSE;
- }
- }
- // ----------------------------------------
- // parse {captcha}
- // ----------------------------------------
- $variables['freeform:captcha'] = FALSE;
- if ($this->params['require_captcha'])
- {
- $variables['freeform:captcha'] = ee()->functions->create_captcha();
- }
- // -------------------------------------
- // dynamic recipient tagdata
- // -------------------------------------
- if ( $this->params['recipients'] AND
- count($this->params['recipients_list']) > 0)
- {
- $variables['freeform_recipients'] = array();
- $recipient_list = $this->params['recipients_list'];
- //dynamic above starts with 1, so does this
- for ( $i = 1, $l = count($recipient_list); $i <= $l; $i++ )
- {
- $variables['freeform:recipient_name' . $i] = $recipient_list[$i]['name'];
- $variables['freeform:recipient_value' . $i] = $recipient_list[$i]['key'];
- $variables['freeform:recipient_selected' . $i] = $recipient_list[$i]['selected'];
- $variables['freeform:recipients'][] = array(
- 'freeform:recipient_name' => $recipient_list[$i]['name'],
- 'freeform:recipient_value' => $recipient_list[$i]['key'],
- 'freeform:recipient_count' => $i,
- //selected from hash data from multipages
- 'freeform:recipient_selected' => $recipient_list[$i]['selected']
- );
- }
- }
- // -------------------------------------
- // status pairs
- // -------------------------------------
- $tagdata = $this->parse_status_tags($tagdata);
- // ----------------------------------------
- // 'freeform_module_pre_form_parse' hook.
- // - This allows developers to change data before tagdata processing.
- // ----------------------------------------
- $this->variables = $variables;
- if (ee()->extensions->active_hook('freeform_module_pre_form_parse') === TRUE)
- {
- $tagdata = ee()->extensions->universal_call(
- 'freeform_module_pre_form_parse',
- $tagdata,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- }
- // ----------------------------------------
- //extra precaution in case someone hoses this
- if (isset($this->variables) AND is_array($this->variables))
- {
- $variables = $this->variables;
- }
- // -------------------------------------
- // parse external vars
- // -------------------------------------
- $outer_template_vars['freeform:form_page'] = $current_page;
- $outer_template_vars['freeform:form_page_total'] = $page_total;
- $outer_template_vars['freeform:form_name'] = $form_data['form_name'];
- $outer_template_vars['freeform:form_label'] = $form_data['form_label'];
- ee()->TMPL->template = ee()->functions->prep_conditionals(
- ee()->TMPL->template,
- $outer_template_vars
- );
- ee()->TMPL->template = ee()->functions->var_swap(
- ee()->TMPL->template,
- $outer_template_vars
- );
- // -------------------------------------
- // parse all vars
- // -------------------------------------
- $tagdata = ee()->TMPL->parse_variables(
- $tagdata,
- array(array_merge($outer_template_vars,$variables))
- );
- // -------------------------------------
- // this doesn't force ana ajax request
- // but instead forces it _not_ to be
- // if the ajax param = 'no'
- // -------------------------------------
- if ( ! $this->params['ajax'])
- {
- $hidden_fields['ajax_request'] = 'no';
- }
- //-------------------------------------
- // build form
- //-------------------------------------
- $return .= $this->build_form(array(
- 'action' => $this->get_action_url('save_form'),
- 'method' => 'POST',
- 'hidden_fields' => array_merge($hidden_fields, array(
- // no more params can be set after this
- 'params_id' => $this->insert_params(),
- )),
- 'tagdata' => $tagdata
- ));
- // ----------------------------------------
- // 'freeform_module_form_end' hook.
- // - This allows developers to change the form before output.
- // ----------------------------------------
- if (ee()->extensions->active_hook('freeform_module_form_end') === TRUE)
- {
- $return = ee()->extensions->universal_call(
- 'freeform_module_form_end',
- $return,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- }
- // ----------------------------------------
- return $return;
- }
- //END form
- // -------------------------------------
- // action requests
- // -------------------------------------
- // --------------------------------------------------------------------
- /**
- * ajax_validate
- *
- * does a save form that stops after validation
- *
- * @access public
- * @return mixed ajax request
- */
- public function ajax_validate_form ()
- {
- return $this->save_form(TRUE);
- }
- //END ajax_validate
- // --------------------------------------------------------------------
- /**
- * save_form
- *
- * form save from front_end/action request
- *
- * @access public
- * @param bool validate only
- * @return null
- */
- public function save_form ($validate_only = FALSE)
- {
- if ( ! $validate_only AND REQ !== 'ACTION')
- {
- return;
- }
- ee()->load->library('freeform_forms');
- ee()->load->library('freeform_fields');
- ee()->load->model('freeform_form_model');
- // -------------------------------------
- // require logged in?
- // -------------------------------------
- if ($this->param('require_logged_in') AND
- ee()->session->userdata['member_id'] == '0')
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('not_logged_in')
- );
- }
- // -------------------------------------
- // blacklist, banned
- // -------------------------------------
- if (ee()->session->userdata['is_banned'] OR (
- $this->check_yes(ee()->blacklist->blacklisted) AND
- $this->check_no(ee()->blacklist->whitelisted)
- )
- )
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_banned')
- );
- }
- // -------------------------------------
- // require ip? (except admin)
- // -------------------------------------
- if ($this->param('require_ip'))
- {
- if (ee()->input->ip_address() == '0.0.0.0')
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_ip_required')
- );
- }
- }
- // -------------------------------------
- // Is the nation of the user banned?
- // -------------------------------------
- if ($this->nation_ban_check(FALSE))
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- ee()->config->item('ban_message')
- );
- }
-
- // -------------------------------------
- // valid form id
- // -------------------------------------
- $form_id = $this->form_id();
- if ( ! $form_id)
- {
- $this->pre_validation_error(lang('invalid_form_id'));
- }
- // -------------------------------------
- // is this an edit? entry_id
- // -------------------------------------
- $entry_id = $this->entry_id();
- $edit = ($entry_id AND $entry_id != 0);
- // -------------------------------------
- // for multipage check later
- // -------------------------------------
- $multipage = $this->param('multipage');
- $current_page = $this->param('current_page');
- $last_page = $this->param('last_page');
- $previous_inputs = array();
-
- // -------------------------------------
- // form data
- // -------------------------------------
- $form_data = $this->data->get_form_info($form_id);
- $field_labels = array();
- $valid_fields = array();
- foreach ( $form_data['fields'] as $row)
- {
- $field_labels[$row['field_name']] = $row['field_label'];
- $valid_fields[] = $row['field_name'];
- }
- // -------------------------------------
- // for hooks
- // -------------------------------------
- $this->edit = $edit;
- $this->multipage = $multipage;
- $this->last_page = $last_page;
- // -------------------------------------
- // user email max/spam count
- // -------------------------------------
- ee()->load->library('freeform_notifications');
- if ($last_page AND ($this->param('recipient_user_input') OR
- $this->param('recipients')) AND
- ee()->freeform_notifications->check_spam_interval($form_id)
- )
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('email_limit_exceeded')
- );
- }
- // -------------------------------------
- // Check for duplicate
- // -------------------------------------
- $duplicate = FALSE;
- if ($this->param('prevent_duplicate_on') AND
- ! in_array(
- $this->param('prevent_duplicate_on'),
- array('member_id', 'ip_address'),
- TRUE
- ))
- {
- $duplicate = ee()->freeform_forms->check_duplicate(
- $form_id,
- $this->param('prevent_duplicate_on'),
- ee()->input->get_post(
- $this->param('prevent_duplicate_on'),
- TRUE
- ),
- $this->param('prevent_duplicate_per_site')
- );
- }
- if ($duplicate)
- {
- $this->pre_validation_error(lang('no_duplicates'));
- }
- // -------------------------------------
- // pre xid check
- // -------------------------------------
- // we aren't going to delete just yet
- // because if they have input errors
- // then we want to keep this xid for a bit
- // and only delete xid on success
- // -------------------------------------
- if ( $this->check_yes(ee()->config->item('secure_forms')) )
- {
- ee()->db->from('security_hashes');
- ee()->db->where(array(
- 'hash' => ee()->input->post('XID'),
- 'ip_address' => ee()->input->ip_address(),
- 'date >' => ee()->localize->now - 7200
- ));
- if (ee()->db->count_all_results() == 0)
- {
- $this->pre_validation_error(
- lang('not_authorized') . ' - ' .
- lang('reason_secure_form_timeout')
- );
- }
- }
- // -------------------------------------
- // pre-validate hook
- // -------------------------------------
- $errors = array();
- //have to do this weird for backward compat
- $this->field_errors = array();
- if (ee()->extensions->active_hook('freeform_module_validate_begin') === TRUE)
- {
- $errors = ee()->extensions->universal_call(
- 'freeform_module_validate_begin',
- $errors,
- $this
- );
- if (ee()->extensions->end_script === TRUE) return;
- }
- // -------------------------------------
- // require fields
- // -------------------------------------
- if ($this->param('required'))
- {
- $required = $this->actions()->pipe_split($this->param('required'));
- foreach ($required as $required_field)
- {
- //just in case someone misspelled a require
- //or removes a field after making the require list
- if ( ! in_array($required_field, $valid_fields))
- {
- continue;
- }
- if ( (
- (
- is_array( ee()->input->get_post($required_field) ) AND
- count(ee()->input->get_post($required_field)) < 1
- ) OR
- trim((string) ee()->input->get_post($required_field)) === ''
- )
- //required field could be a file
- AND ! isset($_FILES[$required_field])
- )
- {
- $this->field_errors[
- $required_field
- ] = lang('required_field_missing');
- //only want the postfixing of errors
- //if we are sending to general errors screen
- //or an error page
- //the second conditional is for people requesting
- //the custom error page via ajax
- if ( ! $this->param('inline_errors') AND
- ! ($this->is_ajax_request() AND
- ! trim($this->param('error_page'))))
- {
- $this->field_errors[$required_field] .= ': '.
- $field_labels[$required_field];
- }
- }
- }
- }
- // -------------------------------------
- // matching fields
- // -------------------------------------
- if ($this->param('matching_fields'))
- {
- $matching_fields = $this->actions()->pipe_split($this->param('matching_fields'));
- foreach ($matching_fields as $match_field)
- {
- //just in case someone misspelled a require
- //or removes a field after making the require list
- if ( ! in_array($match_field, $valid_fields))
- {
- continue;
- }
- //array comparison is correct in PHP and this should work
- //no matter what.
- //normal validation will fix other issues
- if ( ee()->input->get_post($match_field) == FALSE OR
- ee()->input->get_post($match_field . '_confirm') == FALSE OR
- ee()->input->get_post($match_field) !==
- ee()->input->get_post($match_field . '_confirm')
- )
- {
- $this->field_errors[$match_field] = lang('fields_do_not_match') .
- $field_labels[$match_field] .
- ' | ' .
- $field_labels[$match_field] .
- ' ' .
- lang('confirm');
- }
- }
- }
- // -------------------------------------
- // validate dynamic recipients
- // no actual validation errors
- // will throw here, but in case we do
- // in the future
- // -------------------------------------
- $recipient_emails = array();
- if ($this->param('recipients'))
- {
- $recipient_email_input = ee()->input->get_post('recipient_email');
- if ( ! in_array($recipient_email_input, array(FALSE, ''), TRUE))
- {
- if ( ! is_array($recipient_email_input))
- {
- $recipient_email_input = array($recipient_email_input);
- }
- // recipients are encoded, so lets check for keys
- // since dynamic recipients are dev inputted
- // we aren't going to error on invalid ones
- // but rather just accept if present, and move on if not
- $recipients_list = $this->param('recipients_list');
- $field_out = '';
- foreach($recipients_list as $i => $r_data)
- {
- if (in_array($r_data['key'], $recipient_email_input))
- {
- $recipient_emails[] = $r_data['email'];
- $field_out .= $r_data['name'] . ' <' . $r_data['email'] . '>' . "\n";
- }
- }
- //THE ENGLISH ARE TOO MANY!
- if (count($recipient_emails) > $this->param('recipients_limit'))
- {
- $errors['recipient_email'] = lang('over_recipient_limit');
- }
- //does the user have a recipient_email custom field?
- else if (in_array('recipient_email', $valid_fields))
- {
- $_POST['recipient_email'] = trim($field_out);
- }
- }
- //if there is previous recipient emails
- if (empty($recipient_emails) AND
- isset($previous_inputs['hash_stored_data']['recipient_emails']))
- {
- $recipient_emails = $previous_inputs['hash_stored_data']['recipient_emails'];
- }
- }
- // -------------------------------------
- // validate user inputted emails
- // -------------------------------------
- $user_recipient_emails = array();
- if ($this->param('recipient_user_input'))
- {
- …
Large files files are truncated, but you can click here to view the full file