PageRenderTime 62ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/system/expressionengine/third_party/freeform/mod.freeform.php

https://bitbucket.org/studiobreakfast/sync
PHP | 3621 lines | 2148 code | 670 blank | 803 comment | 272 complexity | 5d3ca1dbaaa9b76e0758cdc55ddf847f MD5 | raw file

Large files files are truncated, but you can click here to view the full file

    

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. 

  3.  /**
    4. 

  4.  * Solspace - Freeform
    5. 

  5.  *
    6. 

  6.  * @package		Solspace:Freeform
    7. 

  7.  * @author		Solspace DevTeam
    8. 

  8.  * @copyright	Copyright (c) 2008-2012, Solspace, Inc.
    9. 

  9.  * @link		http://solspace.com/docs/addon/c/Freeform/
    10. 

  10.  * @version		4.0.8
    11. 

  11.  * @filesource 	./system/expressionengine/third_party/freeform/
    12. 

  12.  */
    13. 

  13. 

  14. /**
    15. 

  15.  * Freeform - User Side
    16. 

  16.  *
    17. 

  17.  * @package 	Solspace:Freeform
    18. 

  18.  * @author		Solspace DevTeam
    19. 

  19.  * @filesource 	./system/expressionengine/third_party/freeform/mod.freeform.php
    20. 

  20.  */
    21. 

  21. 

  22. // EE 2.0's Wizard might not set this constant
    23. 

  23. if ( ! defined('APP_VER')) define('APP_VER', '2.0');
    24. 

  24. 

  25. if ( ! class_exists('Module_builder_freeform'))
    26. 

  26. {
    27. 

  27. 	require_once 'addon_builder/module_builder.php';
    28. 

  28. }
    29. 

  29. 

  30. class Freeform extends Module_builder_freeform
    31. 

  31. {
    32. 

  32. 	public $return_data		= '';
    33. 

  33. 	public $disabled		= FALSE;
    34. 

  34. 	public $multipart		= FALSE;
    35. 

  35. 	public $params			= array();
    36. 

  36. 	public $params_id		= 0;
    37. 

  37. 	public $form_id			= 0;
    38. 

  38. 

  39. 	// --------------------------------------------------------------------
    40. 

  40. 

  41. 	/**
    42. 

  42. 	 * Constructor
    43. 

  43. 	 *
    44. 

  44. 	 * @access	public
    45. 

  45. 	 * @return	null
    46. 

  46. 	 */
    47. 

  47. 

  48. 	public function __construct ()
    49. 

  49. 	{
    50. 

  50. 		parent::__construct('freeform');
    51. 

  51. 

  52. 		// -------------------------------------
    53. 

  53. 		//  Module Installed and Up to Date?
    54. 

  54. 		// -------------------------------------
    55. 

  55. 

  56. 		if ($this->database_version() == FALSE OR
    57. 

  57. 			$this->version_compare($this->database_version(), '<', FREEFORM_VERSION)
    58. 

  58. 			OR ! $this->extensions_enabled())
    59. 

  59. 		{
    60. 

  60. 			$this->disabled = TRUE;
    61. 

  61. 

  62. 			trigger_error(lang('freeform_module_disabled'), E_USER_NOTICE);
    63. 

  63. 		}
    64. 

  64. 

  65. 		ee()->load->helper(array('text', 'form', 'url', 'string'));
    66. 

  66. 

  67. 		//avoids AR collisions
    68. 

  68. 		$this->data->get_module_preferences();
    69. 

  69. 		$this->data->get_global_module_preferences();
    70. 

  70. 		$this->data->show_all_sites();
    71. 

  71. 	}
    72. 

  72. 	// END __construct()
    73. 

  73. 

  74. 

  75. 	// --------------------------------------------------------------------
    76. 

  76. 

  77. 	/**
    78. 

  78. 	 * Form Info
    79. 

  79. 	 *
    80. 

  80. 	 * @access	public
    81. 

  81. 	 * @return	string parsed tagdata
    82. 

  82. 	 */
    83. 

  83. 

  84. 	public function form_info ()
    85. 

  85. 	{
    86. 

  86. 		$form_ids = $this->form_id(TRUE);
    87. 

  87. 

  88. 		ee()->load->model('freeform_form_model');
    89. 

  89. 

  90. 		if ($form_ids)
    91. 

  91. 		{
    92. 

  92. 			ee()->freeform_form_model->where_in('form_id', $form_ids);
    93. 

  93. 		}
    94. 

  94. 

  95. 		// -------------------------------------
    96. 

  96. 		//	site ids
    97. 

  97. 		// -------------------------------------
    98. 

  98. 

  99. 		//if its star, allow all
    100. 

  100. 		if (ee()->TMPL->fetch_param('site_id') !== '*')
    101. 

  101. 		{
    102. 

  102. 			$site_id = $this->parse_numeric_array_param('site_id');
    103. 

  103. 

  104. 			//if this isn't false, its single or an array
    105. 

  105. 			if ($site_id !== FALSE)
    106. 

  106. 			{
    107. 

  107. 				if (empty($site_id['ids']))
    108. 

  108. 				{
    109. 

  109. 					ee()->freeform_form_model->reset();
    110. 

  110. 					return $this->no_results_error();
    111. 

  111. 				}
    112. 

  112. 				else if ($site_id['not'])
    113. 

  113. 				{
    114. 

  114. 					ee()->freeform_form_model->where_not_in('site_id', $site_id['ids']);
    115. 

  115. 				}
    116. 

  116. 				else
    117. 

  117. 				{
    118. 

  118. 					ee()->freeform_form_model->where_in('site_id', $site_id['ids']);
    119. 

  119. 				}
    120. 

  120. 			}
    121. 

  121. 			//default
    122. 

  122. 			else
    123. 

  123. 			{
    124. 

  124. 				ee()->freeform_form_model->where('site_id', ee()->config->item('site_id'));
    125. 

  125. 			}
    126. 

  126. 		}
    127. 

  127. 

  128. 		// -------------------------------------
    129. 

  129. 		//	form data
    130. 

  130. 		// -------------------------------------
    131. 

  131. 

  132. 		$form_data =	ee()->freeform_form_model
    133. 

  133. 							->select(
    134. 

  134. 								'form_id, site_id, ' .
    135. 

  135. 								'form_name, form_label, ' .
    136. 

  136. 								'form_description, author_id, ' .
    137. 

  137. 								'entry_date, edit_date'
    138. 

  138. 							)
    139. 

  139. 							->order_by('form_id', 'asc')
    140. 

  140. 							->get();
    141. 

  141. 

  142. 		if ( ! $form_data)
    143. 

  143. 		{
    144. 

  144. 			return $this->no_results_error(($form_ids) ? 'invalid_form_id' : NULL);
    145. 

  145. 		}
    146. 

  146. 

  147. 		// -------------------------------------
    148. 

  148. 		//	author data
    149. 

  149. 		// -------------------------------------
    150. 

  150. 

  151. 		$author_ids		= array();
    152. 

  152. 		$author_data	= array();
    153. 

  153. 

  154. 		foreach ($form_data as $row)
    155. 

  155. 		{
    156. 

  156. 			$author_ids[] = $row['author_id'];
    157. 

  157. 		}
    158. 

  158. 

  159. 		$a_query = ee()->db->select('member_id, username, screen_name')
    160. 

  160. 							->from('members')
    161. 

  161. 							->where_in('member_id', array_unique($author_ids))
    162. 

  162. 							->get();
    163. 

  163. 

  164. 		if ($a_query->num_rows() > 0)
    165. 

  165. 		{
    166. 

  166. 			$author_data = $this->prepare_keyed_result(
    167. 

  167. 				$a_query,
    168. 

  168. 				'member_id'
    169. 

  169. 			);
    170. 

  170. 		}
    171. 

  171. 

  172. 		// -------------------------------------
    173. 

  173. 		//	output
    174. 

  174. 		// -------------------------------------
    175. 

  175. 

  176. 		$variables = array();
    177. 

  177. 

  178. 		ee()->load->model('freeform_entry_model');
    179. 

  179. 

  180. 		foreach ($form_data as $row)
    181. 

  181. 		{
    182. 

  182. 			$new_row = array();
    183. 

  183. 

  184. 			foreach ($row as $key => $value)
    185. 

  185. 			{
    186. 

  186. 				$new_row['freeform:' . $key] = $value;
    187. 

  187. 			}
    188. 

  188. 

  189. 			$new_row['freeform:total_entries']	=	ee()->freeform_entry_model
    190. 

  190. 														->id($row['form_id'])
    191. 

  191. 														->where('complete', 'y')
    192. 

  192. 														->count();
    193. 

  193. 			$new_row['freeform:author']			=	(
    194. 

  194. 				isset($author_data[$row['author_id']]) ?
    195. 

  195. 					(
    196. 

  196. 						isset($author_data[$row['author_id']]['screen_name']) ?
    197. 

  197. 							$author_data[$row['author_id']]['screen_name'] :
    198. 

  198. 							$author_data[$row['author_id']]['username']
    199. 

  199. 					) :
    200. 

  200. 					lang('n_a')
    201. 

  201. 			);
    202. 

  202. 

  203. 			$variables[] = $new_row;
    204. 

  204. 		}
    205. 

  205. 

  206. 		$prefixed_tags	= array(
    207. 

  207. 			'count',
    208. 

  208. 			'switch',
    209. 

  209. 			'total_results'
    210. 

  210. 		);
    211. 

  211. 

  212. 		$tagdata = ee()->TMPL->tagdata;
    213. 

  213. 

  214. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
    215. 

  215. 

  216. 		//this should handle backspacing as well
    217. 

  217. 		$tagdata = ee()->TMPL->parse_variables($tagdata, $variables);
    218. 

  218. 

  219. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
    220. 

  220. 

  221. 		return $tagdata;
    222. 

  222. 	}
    223. 

  223. 	//END form_info
    224. 

  224. 

  225. 

  226. 	// --------------------------------------------------------------------
    227. 

  227. 

  228. 	/**
    229. 

  229. 	 * Freeform:Entries
    230. 

  230. 	 * {exp:freeform:entries}
    231. 

  231. 	 *
    232. 

  232. 	 * @access	public
    233. 

  233. 	 * @return	string 	tagdata
    234. 

  234. 	 */
    235. 

  235. 

  236. 	public function entries ()
    237. 

  237. 	{
    238. 

  238. 		// -------------------------------------
    239. 

  239. 		//	form id
    240. 

  240. 		// -------------------------------------
    241. 

  241. 

  242. 		$form_ids = $this->form_id(TRUE);
    243. 

  243. 

  244. 		if ( ! $form_ids)
    245. 

  245. 		{
    246. 

  246. 			return $this->no_results_error('invalid_form_id');
    247. 

  247. 		}
    248. 

  248. 

  249. 		if ( ! is_array($form_ids))
    250. 

  250. 		{
    251. 

  251. 			$form_ids = array($form_ids);
    252. 

  252. 		}
    253. 

  253. 

  254. 		// -------------------------------------
    255. 

  255. 		//	libs, models, helper
    256. 

  256. 		// -------------------------------------
    257. 

  257. 

  258. 		ee()->load->model('freeform_form_model');
    259. 

  259. 		ee()->load->model('freeform_entry_model');
    260. 

  260. 		ee()->load->model('freeform_field_model');
    261. 

  261. 		ee()->load->library('freeform_forms');
    262. 

  262. 		ee()->load->library('freeform_fields');
    263. 

  263. 

  264. 		// -------------------------------------
    265. 

  265. 		//	start cache for count and result
    266. 

  266. 		// -------------------------------------
    267. 

  267. 

  268. 		$forms_data	=	ee()->freeform_form_model
    269. 

  269. 							->key('form_id')
    270. 

  270. 							->get(array('form_id' => $form_ids));
    271. 

  271. 

  272. 		$statuses 	= array_keys($this->data->get_form_statuses());
    273. 

  273. 

  274. 		// -------------------------------------
    275. 

  275. 		//	field data
    276. 

  276. 		// -------------------------------------
    277. 

  277. 

  278. 		$all_field_ids	= array();
    279. 

  279. 		$all_order_ids	= array();
    280. 

  280. 

  281. 		foreach ($forms_data as $form_data)
    282. 

  282. 		{
    283. 

  283. 			//this should always be true, but NEVER TRUST AN ELF
    284. 

  284. 			if (isset($form_data['field_ids']) AND
    285. 

  285. 				is_array($form_data['field_ids']))
    286. 

  286. 			{
    287. 

  287. 				$all_field_ids = array_merge($all_field_ids, $form_data['field_ids']);
    288. 

  288. 				$all_order_ids = array_merge(
    289. 

  289. 					$all_order_ids,
    290. 

  290. 					$this->actions()->pipe_split($form_data['field_order'])
    291. 

  291. 				);
    292. 

  292. 			}
    293. 

  293. 		}
    294. 

  294. 

  295. 		$all_field_ids = array_unique($all_field_ids);
    296. 

  296. 		$all_order_ids = array_unique($all_order_ids);
    297. 

  297. 

  298. 		sort($all_field_ids);
    299. 

  299. 

  300. 		// -------------------------------------
    301. 

  301. 		//	get field data
    302. 

  302. 		// -------------------------------------
    303. 

  303. 

  304. 		$all_field_data = FALSE;
    305. 

  305. 

  306. 		if ( ! empty($all_field_ids))
    307. 

  307. 		{
    308. 

  308. 			$all_field_data = ee()->freeform_field_model
    309. 

  309. 									->key('field_id')
    310. 

  310. 									->where_in('field_id', $all_field_ids)
    311. 

  311. 									->get();
    312. 

  312. 		}
    313. 

  313. 

  314. 		$field_data = array();
    315. 

  315. 

  316. 		if ($all_field_data)
    317. 

  317. 		{
    318. 

  318. 			foreach ($all_field_data as $row)
    319. 

  319. 			{
    320. 

  320. 				$field_data[$row['field_id']] = $row;
    321. 

  321. 			}
    322. 

  322. 		}
    323. 

  323. 

  324. 		// -------------------------------------
    325. 

  325. 		//	set tables
    326. 

  326. 		// -------------------------------------
    327. 

  327. 

  328. 		ee()->freeform_entry_model->id($form_ids);
    329. 

  329. 

  330. 		// -------------------------------------
    331. 

  331. 		//	replace CURRENT_USER before we get
    332. 

  332. 		//	started because the minute we don't
    333. 

  333. 		//	someone is going to figure out
    334. 

  334. 		//	a way to need it in site_id=""
    335. 

  335. 		// -------------------------------------
    336. 

  336. 

  337. 		$this->replace_current_user();
    338. 

  338. 

  339. 		// -------------------------------------
    340. 

  340. 		//	site ids
    341. 

  341. 		// -------------------------------------
    342. 

  342. 

  343. 		//if its star, allow all
    344. 

  344. 		if (ee()->TMPL->fetch_param('site_id') !== '*')
    345. 

  345. 		{
    346. 

  346. 			$site_id = $this->parse_numeric_array_param('site_id');
    347. 

  347. 

  348. 			//if this isn't false, its single or an array
    349. 

  349. 			if ($site_id !== FALSE)
    350. 

  350. 			{
    351. 

  351. 				if (empty($site_id['ids']))
    352. 

  352. 				{
    353. 

  353. 					ee()->freeform_entry_model->reset();
    354. 

  354. 					return $this->no_results_error();
    355. 

  355. 				}
    356. 

  356. 				else if ($site_id['not'])
    357. 

  357. 				{
    358. 

  358. 					ee()->freeform_entry_model->where_not_in('site_id', $site_id['ids']);
    359. 

  359. 				}
    360. 

  360. 				else
    361. 

  361. 				{
    362. 

  362. 					ee()->freeform_entry_model->where_in('site_id', $site_id['ids']);
    363. 

  363. 				}
    364. 

  364. 			}
    365. 

  365. 			//default
    366. 

  366. 			else
    367. 

  367. 			{
    368. 

  368. 				ee()->freeform_entry_model->where('site_id', ee()->config->item('site_id'));
    369. 

  369. 			}
    370. 

  370. 		}
    371. 

  371. 

  372. 		// -------------------------------------
    373. 

  373. 		//	entry ids
    374. 

  374. 		// -------------------------------------
    375. 

  375. 

  376. 		$entry_id = $this->parse_numeric_array_param('entry_id');
    377. 

  377. 

  378. 		if ($entry_id !== FALSE)
    379. 

  379. 		{
    380. 

  380. 			if (empty($entry_id['ids']))
    381. 

  381. 			{
    382. 

  382. 				ee()->freeform_entry_model->reset();
    383. 

  383. 				return $this->no_results_error();
    384. 

  384. 			}
    385. 

  385. 			else if ($entry_id['not'])
    386. 

  386. 			{
    387. 

  387. 				ee()->freeform_entry_model->where_not_in('entry_id', $entry_id['ids']);
    388. 

  388. 			}
    389. 

  389. 			else
    390. 

  390. 			{
    391. 

  391. 				ee()->freeform_entry_model->where_in('entry_id', $entry_id['ids']);
    392. 

  392. 			}
    393. 

  393. 		}
    394. 

  394. 

  395. 		// -------------------------------------
    396. 

  396. 		//	author ids
    397. 

  397. 		// -------------------------------------
    398. 

  398. 

  399. 		$author_id = $this->parse_numeric_array_param('author_id');
    400. 

  400. 

  401. 		if ($author_id !== FALSE)
    402. 

  402. 		{
    403. 

  403. 			if (empty($author_id['ids']))
    404. 

  404. 			{
    405. 

  405. 				ee()->freeform_entry_model->reset();
    406. 

  406. 				return $this->no_results_error();
    407. 

  407. 			}
    408. 

  408. 			else if ($author_id['not'])
    409. 

  409. 			{
    410. 

  410. 				ee()->freeform_entry_model->where_not_in('author_id', $author_id['ids']);
    411. 

  411. 			}
    412. 

  412. 			else
    413. 

  413. 			{
    414. 

  414. 				ee()->freeform_entry_model->where_in('author_id', $author_id['ids']);
    415. 

  415. 			}
    416. 

  416. 		}
    417. 

  417. 

  418. 		// -------------------------------------
    419. 

  419. 		//	freeform:all_form_fields
    420. 

  420. 		// -------------------------------------
    421. 

  421. 

  422. 		$tagdata = $this->replace_all_form_fields(
    423. 

  423. 			ee()->TMPL->tagdata,
    424. 

  424. 			$field_data,
    425. 

  425. 			$all_order_ids
    426. 

  426. 		);
    427. 

  427. 

  428. 		// -------------------------------------
    429. 

  429. 		//	get standard columns and labels
    430. 

  430. 		// -------------------------------------
    431. 

  431. 

  432. 		$standard_columns 	= array_keys(
    433. 

  433. 			ee()->freeform_form_model->default_form_table_columns
    434. 

  434. 		);
    435. 

  435. 

  436. 		$standard_columns[] = 'author';
    437. 

  437. 

  438. 		$column_labels 		= array();
    439. 

  439. 

  440. 		//keyed labels for the front end
    441. 

  441. 		foreach ($standard_columns as $column_name)
    442. 

  442. 		{
    443. 

  443. 			$column_labels[$column_name] = lang($column_name);
    444. 

  444. 		}
    445. 

  445. 

  446. 		// -------------------------------------
    447. 

  447. 		//	available fields
    448. 

  448. 		// -------------------------------------
    449. 

  449. 

  450. 		//this makes the keys and values the same
    451. 

  451. 		$available_fields	= array_combine($standard_columns, $standard_columns);
    452. 

  452. 		$custom_fields		= array();
    453. 

  453. 		$field_descriptions	= array();
    454. 

  454. 

  455. 		foreach ($field_data as $field_id => $f_data)
    456. 

  456. 		{
    457. 

  457. 			$fid = ee()->freeform_form_model->form_field_prefix . $field_id;
    458. 

  458. 

  459. 			//field_name => field_id_1, etc
    460. 

  460. 			$available_fields[$f_data['field_name']] 	= $fid;
    461. 

  461. 			//field_id_1 => field_id_1, etc
    462. 

  462. 			$available_fields[$fid] 					= $fid;
    463. 

  463. 			$custom_fields[] = $f_data['field_name'];
    464. 

  464. 

  465. 			//labels
    466. 

  466. 			$column_labels[$f_data['field_name']] 		= $f_data['field_label'];
    467. 

  467. 			$column_labels[$fid] 						= $f_data['field_label'];
    468. 

  468. 

  469. 			$field_descriptions[
    470. 

  470. 				'freeform:description:' . $f_data['field_name']
    471. 

  471. 			]	= $f_data['field_description'];
    472. 

  472. 		}
    473. 

  473. 

  474. 		// -------------------------------------
    475. 

  475. 		//	search:field_name="kittens"
    476. 

  476. 		// -------------------------------------
    477. 

  477. 

  478. 		foreach (ee()->TMPL->tagparams as $key => $value)
    479. 

  479. 		{
    480. 

  480. 			if (substr($key, 0, 7) == 'search:')
    481. 

  481. 			{
    482. 

  482. 				$search_key = substr($key, 7);
    483. 

  483. 

  484. 				if (isset($available_fields[$search_key]))
    485. 

  485. 				{
    486. 

  486. 					ee()->freeform_entry_model->add_search(
    487. 

  487. 						$available_fields[$search_key],
    488. 

  488. 						$value
    489. 

  489. 					);
    490. 

  490. 				}
    491. 

  491. 			}
    492. 

  492. 		}
    493. 

  493. 

  494. 		// -------------------------------------
    495. 

  495. 		//	date range
    496. 

  496. 		// -------------------------------------
    497. 

  497. 

  498. 		$date_range 		= ee()->TMPL->fetch_param('date_range');
    499. 

  499. 		$date_range_start 	= ee()->TMPL->fetch_param('date_range_start');
    500. 

  500. 		$date_range_end 	= ee()->TMPL->fetch_param('date_range_end');
    501. 

  501. 

  502. 		ee()->freeform_entry_model->date_where(
    503. 

  503. 			$date_range,
    504. 

  504. 			$date_range_start,
    505. 

  505. 			$date_range_end
    506. 

  506. 		);
    507. 

  507. 

  508. 		// -------------------------------------
    509. 

  509. 		//	complete
    510. 

  510. 		// -------------------------------------
    511. 

  511. 

  512. 		$show_incomplete = ee()->TMPL->fetch_param('show_incomplete');
    513. 

  513. 

  514. 		if ($show_incomplete === 'only')
    515. 

  515. 		{
    516. 

  516. 			ee()->freeform_entry_model->where('complete', 'n');
    517. 

  517. 		}
    518. 

  518. 		else if ( ! $this->check_yes($show_incomplete))
    519. 

  519. 		{
    520. 

  520. 			ee()->freeform_entry_model->where('complete', 'y');
    521. 

  521. 		}
    522. 

  522. 

  523. 		// -------------------------------------
    524. 

  524. 		//	status
    525. 

  525. 		// -------------------------------------
    526. 

  526. 

  527. 		$status = ee()->TMPL->fetch_param('status', 'open');
    528. 

  528. 

  529. 		if ($status !== 'all')
    530. 

  530. 		{
    531. 

  531. 			if (in_array($status, $statuses))
    532. 

  532. 			{
    533. 

  533. 				ee()->freeform_entry_model->where('status', $status);
    534. 

  534. 			}
    535. 

  535. 		}
    536. 

  536. 

  537. 		// -------------------------------------
    538. 

  538. 		//	orderby/sort
    539. 

  539. 		// -------------------------------------
    540. 

  540. 

  541. 		$sort 		= ee()->TMPL->fetch_param('sort');
    542. 

  542. 		$orderby 	= ee()->TMPL->fetch_param('orderby');
    543. 

  543. 

  544. 		if ($orderby !== FALSE AND trim($orderby) !== '')
    545. 

  545. 		{
    546. 

  546. 			$orderby = $this->actions()->pipe_split(strtolower(trim($orderby)));
    547. 

  547. 

  548. 			array_walk($orderby, 'trim');
    549. 

  549. 

  550. 			// -------------------------------------
    551. 

  551. 			//	sort
    552. 

  552. 			// -------------------------------------
    553. 

  553. 

  554. 			if ($sort !== FALSE AND trim($sort) !== '')
    555. 

  555. 			{
    556. 

  556. 				$sort = $this->actions()->pipe_split(strtolower(trim($sort)));
    557. 

  557. 

  558. 				array_walk($sort, 'trim');
    559. 

  559. 

  560. 				//correct sorts
    561. 

  561. 				foreach ($sort as $key => $value)
    562. 

  562. 				{
    563. 

  563. 					if ( ! in_array($value, array('asc', 'desc')))
    564. 

  564. 					{
    565. 

  565. 						$sort[$key] = 'asc';
    566. 

  566. 					}
    567. 

  567. 				}
    568. 

  568. 			}
    569. 

  569. 			else
    570. 

  570. 			{
    571. 

  571. 				$sort = array('asc');
    572. 

  572. 			}
    573. 

  573. 

  574. 			// -------------------------------------
    575. 

  575. 			//	add sorts and orderbys
    576. 

  576. 			// -------------------------------------
    577. 

  577. 

  578. 			foreach ($orderby as $key => $value)
    579. 

  579. 			{
    580. 

  580. 				if (isset($available_fields[$value]))
    581. 

  581. 				{
    582. 

  582. 					//if the sort is not set, just use the first
    583. 

  583. 					//really this should teach people to be more specific :p
    584. 

  584. 					$temp_sort = isset($sort[$key]) ? $sort[$key] : $sort[0];
    585. 

  585. 

  586. 					ee()->freeform_entry_model->order_by(
    587. 

  587. 						$available_fields[$value],
    588. 

  588. 						$temp_sort
    589. 

  589. 					);
    590. 

  590. 				}
    591. 

  591. 			}
    592. 

  592. 		}
    593. 

  593. 

  594. 		//--------------------------------------
    595. 

  595. 		//  pagination start vars
    596. 

  596. 		//--------------------------------------
    597. 

  597. 

  598. 		$limit				= ee()->TMPL->fetch_param('limit', 50);
    599. 

  599. 		$offset				= ee()->TMPL->fetch_param('offset', 0);
    600. 

  600. 		$row_count			= 0;
    601. 

  601. 		$total_entries		= ee()->freeform_entry_model->count(array(), FALSE);
    602. 

  602. 		$current_page		= 0;
    603. 

  603. 

  604. 		if ($total_entries == 0)
    605. 

  605. 		{
    606. 

  606. 			ee()->freeform_entry_model->reset();
    607. 

  607. 			return $this->no_results_error();
    608. 

  608. 		}
    609. 

  609. 

  610. 		// -------------------------------------
    611. 

  611. 		//	pagination?
    612. 

  612. 		// -------------------------------------
    613. 

  613. 

  614. 		$prefix = stristr($tagdata, LD . 'freeform:paginate' . RD);
    615. 

  615. 

  616. 		if ($limit > 0 AND ($total_entries - $offset) > $limit)
    617. 

  617. 		{
    618. 

  618. 			//get pagination info
    619. 

  619. 			$pagination_data = $this->universal_pagination(array(
    620. 

  620. 				'total_results'			=> $total_entries,
    621. 

  621. 				'tagdata'				=> $tagdata,
    622. 

  622. 				'limit'					=> $limit,
    623. 

  623. 				'offset' 				=> $offset,
    624. 

  624. 				'uri_string'			=> ee()->uri->uri_string,
    625. 

  625. 				'prefix'				=> 'freeform:',
    626. 

  626. 				'auto_paginate'			=> TRUE
    627. 

  627. 			));
    628. 

  628. 

  629. 			//if we paginated, sort the data
    630. 

  630. 			if ($pagination_data['paginate'] === TRUE)
    631. 

  631. 			{
    632. 

  632. 				$tagdata		= $pagination_data['tagdata'];
    633. 

  633. 				$current_page 	= $pagination_data['pagination_page'];
    634. 

  634. 			}
    635. 

  635. 		}
    636. 

  636. 		else
    637. 

  637. 		{
    638. 

  638. 			$this->paginate = FALSE;
    639. 

  639. 		}
    640. 

  640. 

  641. 		ee()->freeform_entry_model->limit($limit, $current_page + $offset);
    642. 

  642. 

  643. 		// -------------------------------------
    644. 

  644. 		//	get data
    645. 

  645. 		// -------------------------------------
    646. 

  646. 

  647. 		$result_array = ee()->freeform_entry_model->get();
    648. 

  648. 

  649. 		if (empty($result_array))
    650. 

  650. 		{
    651. 

  651. 			ee()->freeform_entry_model->reset();
    652. 

  652. 			return $this->no_results_error();
    653. 

  653. 		}
    654. 

  654. 

  655. 		$output_labels = array();
    656. 

  656. 

  657. 		//column labels for output
    658. 

  658. 		foreach ($column_labels as $key => $value)
    659. 

  659. 		{
    660. 

  660. 			$output_labels['freeform:label:' . $key] = $value;
    661. 

  661. 		}
    662. 

  662. 

  663. 		$count				= $row_count;
    664. 

  664. 

  665. 		$variable_rows		= array();
    666. 

  666. 

  667. 		$replace_tagdata	= '';
    668. 

  668. 

  669. 		// -------------------------------------
    670. 

  670. 		//	allow pre_process
    671. 

  671. 		// -------------------------------------
    672. 

  672. 

  673. 		$entry_ids = array();
    674. 

  674. 

  675. 		foreach ($result_array as $row)
    676. 

  676. 		{
    677. 

  677. 			if ( ! isset($entry_ids[$row['form_id']]))
    678. 

  678. 			{
    679. 

  679. 				$entry_ids[$row['form_id']] = array();
    680. 

  680. 			}
    681. 

  681. 

  682. 			$entry_ids[$row['form_id']][] = $row['entry_id'];
    683. 

  683. 		}
    684. 

  684. 

  685. 		foreach ($entry_ids as $f_form_id => $f_entry_ids)
    686. 

  686. 		{
    687. 

  687. 			ee()->freeform_fields->apply_field_method(array(
    688. 

  688. 				'method' 		=> 'pre_process_entries',
    689. 

  689. 				'form_id' 		=> $f_form_id,
    690. 

  690. 				'form_data'		=> $forms_data,
    691. 

  691. 				'entry_id'		=> $f_entry_ids,
    692. 

  692. 				'field_data'	=> $field_data
    693. 

  693. 			));
    694. 

  694. 		}
    695. 

  695. 

  696. 		// -------------------------------------
    697. 

  697. 		//	output
    698. 

  698. 		// -------------------------------------
    699. 

  699. 

  700. 		$to_prefix = array(
    701. 

  701. 			'absolute_count',
    702. 

  702. 			'absolute_results',
    703. 

  703. 			'author_id',
    704. 

  704. 			'author',
    705. 

  705. 			'complete',
    706. 

  706. 			'edit_date',
    707. 

  707. 			'entry_date',
    708. 

  708. 			'entry_id',
    709. 

  709. 			'form_id',
    710. 

  710. 			'form_name',
    711. 

  711. 			'ip_address',
    712. 

  712. 			'reverse_count'
    713. 

  713. 		);
    714. 

  714. 

  715. 		$absolute_count = $current_page + $offset;
    716. 

  716. 		$total_results	= count($result_array);
    717. 

  717. 		$count			= 0;
    718. 

  718. 

  719. 		foreach ($result_array as $row)
    720. 

  720. 		{
    721. 

  721. 			//apply replace tag to our field data
    722. 

  722. 			$field_parse = ee()->freeform_fields->apply_field_method(array(
    723. 

  723. 				'method'			=> 'replace_tag',
    724. 

  724. 				'form_id'			=> $row['form_id'],
    725. 

  725. 				'entry_id'			=> $row['entry_id'],
    726. 

  726. 				'form_data'			=> $forms_data,
    727. 

  727. 				'field_data'		=> $field_data,
    728. 

  728. 				'field_input_data'	=> $row,
    729. 

  729. 				'tagdata'			=> $tagdata
    730. 

  730. 			));
    731. 

  731. 

  732. 

  733. 			$row = array_merge(
    734. 

  734. 				$output_labels,
    735. 

  735. 				$field_descriptions,
    736. 

  736. 				$row,
    737. 

  737. 				$field_parse['variables']
    738. 

  738. 			);
    739. 

  739. 

  740. 			if ($replace_tagdata == '')
    741. 

  741. 			{
    742. 

  742. 				$replace_tagdata = $field_parse['tagdata'];
    743. 

  743. 			}
    744. 

  744. 

  745. 			$row['freeform:form_name']			= $forms_data[$row['form_id']]['form_name'];
    746. 

  746. 			$row['freeform:form_label']			= $forms_data[$row['form_id']]['form_label'];
    747. 

  747. 

  748. 			//prefix
    749. 

  749. 			foreach ($row as $key => $value)
    750. 

  750. 			{
    751. 

  751. 				if ( ! preg_match('/^freeform:/', $key))
    752. 

  752. 				{
    753. 

  753. 					if (in_array($key, $custom_fields) AND
    754. 

  754. 						! isset($row['freeform:field:' . $key]))
    755. 

  755. 					{
    756. 

  756. 						$row['freeform:field:' . $key] = $value;
    757. 

  757. 					}
    758. 

  758. 					else if ( ! isset($row['freeform:' . $key]))
    759. 

  759. 					{
    760. 

  760. 						$row['freeform:' . $key] = $value;
    761. 

  761. 					}
    762. 

  762. 

  763. 					unset($row[$key]);
    764. 

  764. 				}
    765. 

  765. 			}
    766. 

  766. 

  767. 			// -------------------------------------
    768. 

  768. 			//	other counts
    769. 

  769. 			// -------------------------------------
    770. 

  770. 			$row['freeform:reverse_count']		= $total_results - $count++;
    771. 

  771. 			$row['freeform:absolute_count']		= ++$absolute_count;
    772. 

  772. 			$row['freeform:absolute_results']	= $total_entries;
    773. 

  773. 

  774. 

  775. 			$variable_rows[] = $row;
    776. 

  776. 		}
    777. 

  777. 

  778. 		$tagdata = $replace_tagdata;
    779. 

  779. 

  780. 		$prefixed_tags	= array(
    781. 

  781. 			'count',
    782. 

  782. 			'switch',
    783. 

  783. 			'total_results'
    784. 

  784. 		);
    785. 

  785. 

  786. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
    787. 

  787. 

  788. 		//this should handle backspacing as well
    789. 

  789. 		$tagdata = ee()->TMPL->parse_variables($tagdata, $variable_rows);
    790. 

  790. 

  791. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
    792. 

  792. 

  793. 		// -------------------------------------
    794. 

  794. 		//	add pagination
    795. 

  795. 		// -------------------------------------
    796. 

  796. 

  797. 		//prefix or no prefix?
    798. 

  798. 		if ($prefix)
    799. 

  799. 		{
    800. 

  800. 			$tagdata = $this->parse_pagination(array(
    801. 

  801. 				'prefix' 	=> 'freeform:',
    802. 

  802. 				'tagdata' 	=> $tagdata
    803. 

  803. 			));
    804. 

  804. 		}
    805. 

  805. 		else
    806. 

  806. 		{
    807. 

  807. 			$tagdata = $this->parse_pagination(array(
    808. 

  808. 				'tagdata' 	=> $tagdata
    809. 

  809. 			));
    810. 

  810. 		}
    811. 

  811. 

  812. 		return $tagdata;
    813. 

  813. 	}
    814. 

  814. 	//END entries
    815. 

  815. 

  816. 

  817. 	
    818. 

  818. 

  819. 	// --------------------------------------------------------------------
    820. 

  820. 

  821. 	/**
    822. 

  822. 	 * Freeform:Form
    823. 

  823. 	 * {exp:freeform:form}
    824. 

  824. 	 *
    825. 

  825. 	 * @access	public
    826. 

  826. 	 * @param 	bool 	$edit			edit mode? external for security
    827. 

  827. 	 * @param	bool	$preview		preview mode?
    828. 

  828. 	 * @param	mixed	$preview_fields	extra preview fields?
    829. 

  829. 	 * @return	string 	tagdata
    830. 

  830. 	 */
    831. 

  831. 

  832. 	public function form ( $edit = FALSE, $preview = FALSE, $preview_fields = FALSE)
    833. 

  833. 	{
    834. 

  834. 		if ($this->check_yes(ee()->TMPL->fetch_param('require_logged_in')) AND
    835. 

  835. 			ee()->session->userdata['member_id'] == '0')
    836. 

  836. 		{
    837. 

  837. 			return $this->no_results_error('not_logged_in');
    838. 

  838. 		}
    839. 

  839. 

  840. 		// -------------------------------------
    841. 

  841. 		//	form id
    842. 

  842. 		// -------------------------------------
    843. 

  843. 

  844. 		$form_id = $this->form_id();
    845. 

  845. 

  846. 		if ( ! $form_id)
    847. 

  847. 		{
    848. 

  848. 			return $this->no_results_error('invalid_form_id');
    849. 

  849. 		}
    850. 

  850. 

  851. 		// -------------------------------------
    852. 

  852. 		//	libs, helpers, etc
    853. 

  853. 		// -------------------------------------
    854. 

  854. 

  855. 		ee()->load->model('freeform_form_model');
    856. 

  856. 		ee()->load->model('freeform_field_model');
    857. 

  857. 		ee()->load->library('freeform_forms');
    858. 

  858. 		ee()->load->library('freeform_fields');
    859. 

  859. 		ee()->load->helper('form');
    860. 

  860. 

  861. 		// -------------------------------------
    862. 

  862. 		//	get prefs early to avoid query mess
    863. 

  863. 		// -------------------------------------
    864. 

  864. 

  865. 		$this->data->get_module_preferences();
    866. 

  866. 		$this->data->get_global_module_preferences();
    867. 

  867. 

  868. 		// -------------------------------------
    869. 

  869. 		//	build query
    870. 

  870. 		// -------------------------------------
    871. 

  871. 

  872. 		$form_data = $this->data->get_form_info($form_id);
    873. 

  873. 

  874. 		// -------------------------------------
    875. 

  875. 		//	preview fields? (composer preview)
    876. 

  876. 		// -------------------------------------
    877. 

  877. 

  878. 		if ( ! empty($preview_fields))
    879. 

  879. 		{
    880. 

  880. 			ee()->load->model('freeform_field_model');
    881. 

  881. 

  882. 			$valid_preview_fields = ee()->freeform_field_model
    883. 

  883. 										->where_in('field_id', $preview_fields)
    884. 

  884. 										->key('field_id')
    885. 

  885. 										->get();
    886. 

  886. 

  887. 			if ($valid_preview_fields)
    888. 

  888. 			{
    889. 

  889. 				foreach ($valid_preview_fields as $p_field_id => $p_field_data)
    890. 

  890. 				{
    891. 

  891. 					$p_field_data['preview']			= TRUE;
    892. 

  892. 					$form_data['fields'][$p_field_id]	= $p_field_data;
    893. 

  893. 				}
    894. 

  894. 			}
    895. 

  895. 		}
    896. 

  896. 

  897. 		// -------------------------------------
    898. 

  898. 		//	form data
    899. 

  899. 		// -------------------------------------
    900. 

  900. 

  901. 		$this->params['form_id'] = $form_id;
    902. 

  902. 

  903. 		// -------------------------------------
    904. 

  904. 		//	edit?
    905. 

  905. 		// -------------------------------------
    906. 

  906. 

  907. 		$entry_id	= 0;
    908. 

  908. 

  909. 		$edit_data	= array();
    910. 

  910. 

  911. 		
    912. 

  912. 

  913. 		$this->params['edit']				= $edit;
    914. 

  914. 		$this->params['entry_id']			= $entry_id;
    915. 

  915. 

  916. 		// -------------------------------------
    917. 

  917. 		//	replace CURRENT_USER everywhere
    918. 

  918. 		// -------------------------------------
    919. 

  919. 

  920. 		$this->replace_current_user();
    921. 

  921. 

  922. 		// -------------------------------------
    923. 

  923. 		//	default params
    924. 

  924. 		// -------------------------------------
    925. 

  925. 

  926. 		$default_mp_page_marker = 'page';
    927. 

  927. 

  928. 		$params_with_defaults 	= array(
    929. 

  929. 			//security
    930. 

  930. 			'secure_action' 				=> FALSE,
    931. 

  931. 			'secure_return' 				=> FALSE,
    932. 

  932. 			'require_captcha'				=> (
    933. 

  933. 				$this->check_yes(ee()->config->item('captcha_require_members')) OR
    934. 

  934. 				(
    935. 

  935. 					$this->check_no(ee()->config->item('captcha_require_members')) AND
    936. 

  936. 					ee()->session->userdata('member_id') == 0
    937. 

  937. 				)
    938. 

  938. 			),
    939. 

  939. 			'require_ip'					=> ! $this->check_no(
    940. 

  940. 				ee()->config->item("require_ip_for_posting")
    941. 

  941. 			),
    942. 

  942. 			'return'						=> ee()->uri->uri_string,
    943. 

  943. 			'inline_error_return'			=> ee()->uri->uri_string,
    944. 

  944. 			'error_page'					=> '',
    945. 

  945. 			'ajax' 							=> TRUE,
    946. 

  946. 			'restrict_edit_to_author'		=> TRUE,
    947. 

  947. 

  948. 			'inline_errors'					=> FALSE,
    949. 

  949. 

  950. 			//dupe prevention
    951. 

  951. 			'prevent_duplicate_on' 			=> '',
    952. 

  952. 			'prevent_duplicate_per_site'	=> FALSE,
    953. 

  953. 			'secure_duplicate_redirect'		=> FALSE,
    954. 

  954. 			'duplicate_redirect'			=> '',
    955. 

  955. 			'error_on_duplicate'			=> FALSE,
    956. 

  956. 

  957. 			//required or matching fields
    958. 

  958. 			'required'						=> '',
    959. 

  959. 			'matching_fields'				=> '',
    960. 

  960. 

  961. 			//multipage
    962. 

  962. 			'last_page'						=> TRUE,
    963. 

  963. 			'multipage' 					=> FALSE,
    964. 

  964. 			'redirect_on_timeout' 			=> TRUE,
    965. 

  965. 			'redirect_on_timeout_to' 		=> '',
    966. 

  966. 			'page_marker' 					=> $default_mp_page_marker,
    967. 

  967. 			'multipage_page'				=> '',
    968. 

  968. 			'paging_url' 					=> '',
    969. 

  969. 			'multipage_page_names' 			=> '',
    970. 

  970. 

  971. 			//notifications
    972. 

  972. 			'admin_notify'					=> $form_data['admin_notification_email'],
    973. 

  973. 			'admin_cc_notify'				=> '',
    974. 

  974. 			'admin_bcc_notify'				=> '',
    975. 

  975. 			'notify_user' 					=> $this->check_yes($form_data['notify_user']),
    976. 

  976. 			'notify_admin' 					=> $this->check_yes($form_data['notify_admin']),
    977. 

  977. 			'notify_on_edit' 				=> FALSE,
    978. 

  978. 			'user_email_field' 				=> $form_data['user_email_field'],
    979. 

  979. 

  980. 			//dynamic_recipients
    981. 

  981. 			'recipients'					=> FALSE,
    982. 

  982. 			'recipients_limit' 				=> '3',
    983. 

  983. 

  984. 			//user inputted recipients
    985. 

  985. 			'recipient_user_input' 			=> FALSE,
    986. 

  986. 			'recipient_user_limit' 			=> '3',
    987. 

  987. 

  988. 			//templates
    989. 

  989. 			'recipient_template' 			=> "",
    990. 

  990. 			'recipient_user_template' 		=> "",
    991. 

  991. 			'admin_notification_template'	=> $form_data['admin_notification_id'],
    992. 

  992. 			'user_notification_template'	=> $form_data['user_notification_id'],
    993. 

  993. 

  994. 			'status'						=> $form_data['default_status'],
    995. 

  995. 			'allow_status_edit'				=> FALSE,
    996. 

  996. 		);
    997. 

  997. 

  998. 		foreach ($params_with_defaults as $p_name => $p_default)
    999. 

  999. 		{
    1000. 

  1000. 			//if the default is a boolean value
    1001. 

  1001. 			if ( is_bool($p_default))
    1002. 

  1002. 			{
    1003. 

  1003. 				//and if there is a template param version of the param
    1004. 

  1004. 				if (ee()->TMPL->fetch_param($p_name) !== FALSE)
    1005. 

  1005. 				{
    1006. 

  1006. 					//and if the default is boolean true
    1007. 

  1007. 					if ($p_default === TRUE)
    1008. 

  1008. 					{
    1009. 

  1009. 						//and if the template param uses an indicator of the
    1010. 

  1010. 						//'false' variety, we want to override the default
    1011. 

  1011. 						//of TRUE and set FALSE.
    1012. 

  1012. 						$this->params[$p_name] = ! $this->check_no(
    1013. 

  1013. 							ee()->TMPL->fetch_param($p_name)
    1014. 

  1014. 						);
    1015. 

  1015. 					}
    1016. 

  1016. 					//but if the default is boolean false
    1017. 

  1017. 					else
    1018. 

  1018. 					{
    1019. 

  1019. 						//and the template param is trying to turn the feature
    1020. 

  1020. 						//on through a 'y', 'yes', or 'on' value, then we want
    1021. 

  1021. 						//to convert the FALSE to a TRUE
    1022. 

  1022. 						$this->params[$p_name] = $this->check_yes(
    1023. 

  1023. 							ee()->TMPL->fetch_param($p_name)
    1024. 

  1024. 						);
    1025. 

  1025. 					}
    1026. 

  1026. 				}
    1027. 

  1027. 				//there is no template param version of this default so the default stands
    1028. 

  1028. 				else
    1029. 

  1029. 				{
    1030. 

  1030. 					$this->params[$p_name] = $p_default;
    1031. 

  1031. 				}
    1032. 

  1032. 			}
    1033. 

  1033. 			//other wise check for the param or fallback on default
    1034. 

  1034. 			else
    1035. 

  1035. 			{
    1036. 

  1036. 				$this->params[$p_name] = trim(
    1037. 

  1037. 					ee()->TMPL->fetch_param($p_name, $p_default)
    1038. 

  1038. 				);
    1039. 

  1039. 			}
    1040. 

  1040. 		}
    1041. 

  1041. 

  1042. 		//	----------------------------------------
    1043. 

  1043. 		//	Check for duplicate
    1044. 

  1044. 		//	----------------------------------------
    1045. 

  1045. 

  1046. 		$duplicate = FALSE;
    1047. 

  1047. 

  1048. 		//we can only prevent dupes on entry like this
    1049. 

  1049. 		if ( ! $edit AND $this->params['prevent_duplicate_on'])
    1050. 

  1050. 		{
    1051. 

  1051. 			if ( in_array(
    1052. 

  1052. 					$this->params['prevent_duplicate_on'],
    1053. 

  1053. 					array('member_id', 'ip_address'),
    1054. 

  1054. 					TRUE
    1055. 

  1055. 				))
    1056. 

  1056. 			{
    1057. 

  1057. 				$duplicate = ee()->freeform_forms->check_duplicate(
    1058. 

  1058. 					$form_id,
    1059. 

  1059. 					$this->params['prevent_duplicate_on'],
    1060. 

  1060. 					'',
    1061. 

  1061. 					$this->params['prevent_duplicate_per_site']
    1062. 

  1062. 				);
    1063. 

  1063. 			}
    1064. 

  1064. 		}
    1065. 

  1065. 

  1066. 		//	----------------------------------------
    1067. 

  1067. 		//	duplicate?
    1068. 

  1068. 		//	----------------------------------------
    1069. 

  1069. 

  1070. 		if ($duplicate)
    1071. 

  1071. 		{
    1072. 

  1072. 			if ($this->params['duplicate_redirect'] !== '')
    1073. 

  1073. 			{
    1074. 

  1074. 				ee()->functions->redirect(
    1075. 

  1075. 					$this->prep_url(
    1076. 

  1076. 						$this->params['duplicate_redirect'],
    1077. 

  1077. 						$this->params['secure_duplicate_redirect']
    1078. 

  1078. 					)
    1079. 

  1079. 				);
    1080. 

  1080. 				exit();
    1081. 

  1081. 			}
    1082. 

  1082. 			else if ($this->params['error_on_duplicate'])
    1083. 

  1083. 			{
    1084. 

  1084. 				return $this->no_results_error('no_duplicates');
    1085. 

  1085. 			}
    1086. 

  1086. 			/*else if (preg_match(
    1087. 

  1087. 				'/' . LD . 'if freeform_duplicate' . RD . '(*?)' '/',
    1088. 

  1088. 				ee()->TMPL->tagdata, ))
    1089. 

  1089. 			{
    1090. 

    1091. 

  1091. 			}*/
    1092. 

  1092. 		}
    1093. 

  1093. 

  1094. 		// -------------------------------------
    1095. 

  1095. 		//	check user email field
    1096. 

  1096. 		// 	if this is from form prefs, its an ID
    1097. 

  1097. 		// -------------------------------------
    1098. 

  1098. 

  1099. 		$valid_user_email_field = FALSE;
    1100. 

  1100. 

  1101. 		foreach ($form_data['fields'] as $field_id => $field_data)
    1102. 

  1102. 		{
    1103. 

  1103. 			if ($this->params['user_email_field'] == $field_data['field_name'] OR
    1104. 

  1104. 				$this->params['user_email_field'] == $field_id)
    1105. 

  1105. 			{
    1106. 

  1106. 				$valid_user_email_field = TRUE;
    1107. 

  1107. 

  1108. 				//in case the setting is an id
    1109. 

  1109. 				$this->params['user_email_field'] = $field_data['field_name'];
    1110. 

  1110. 				break;
    1111. 

  1111. 			}
    1112. 

  1112. 		}
    1113. 

  1113. 

  1114. 		//  if it doesn't exist in the form, lets blank it
    1115. 

  1115. 		$this->params['user_email_field'] = (
    1116. 

  1116. 			$valid_user_email_field ?
    1117. 

  1117. 				$this->params['user_email_field'] :
    1118. 

  1118. 				''
    1119. 

  1119. 		);
    1120. 

  1120. 

  1121. 		
    1122. 

  1122. 

  1123. 		//	----------------------------------------
    1124. 

  1124. 		//	'freeform_module_form_begin' hook.
    1125. 

  1125. 		//	 - This allows developers to change data before form processing.
    1126. 

  1126. 		//	----------------------------------------
    1127. 

  1127. 

  1128. 		if (ee()->extensions->active_hook('freeform_module_form_begin') === TRUE)
    1129. 

  1129. 		{
    1130. 

  1130. 			$edata = ee()->extensions->universal_call(
    1131. 

  1131. 				'freeform_module_form_begin',
    1132. 

  1132. 				$this
    1133. 

  1133. 			);
    1134. 

  1134. 

  1135. 			if (ee()->extensions->end_script === TRUE) return;
    1136. 

  1136. 		}
    1137. 

  1137. 		//	----------------------------------------
    1138. 

  1138. 

  1139. 		// -------------------------------------
    1140. 

  1140. 		//	start form
    1141. 

  1141. 		// -------------------------------------
    1142. 

  1142. 

  1143. 		$tagdata				= ee()->TMPL->tagdata;
    1144. 

  1144. 		$return					= '';
    1145. 

  1145. 		$hidden_fields			= array();
    1146. 

  1146. 		$outer_template_vars	= array();
    1147. 

  1147. 		$variables				= array();
    1148. 

  1148. 		$multipage				= $this->params['multipage'];
    1149. 

  1149. 		$last_page				= TRUE;
    1150. 

  1150. 		$page_total				= 1;
    1151. 

  1151. 		$current_page			= 0;
    1152. 

  1152. 

  1153. 		// -------------------------------------
    1154. 

  1154. 		//	check if this is multi-page
    1155. 

  1155. 		// -------------------------------------
    1156. 

  1156. 

  1157. 		
    1158. 

  1158. 			$current_page = 1;
    1159. 

  1159. 			
    1160. 

  1160. 

  1161. 		// -------------------------------------
    1162. 

  1162. 		//	check again for captcha now that
    1163. 

  1163. 		//	tagdata has been adjusted
    1164. 

  1164. 		// -------------------------------------
    1165. 

  1165. 

  1166. 		if ($this->params['require_captcha'])
    1167. 

  1167. 		{
    1168. 

  1168. 			$this->params['require_captcha'] = (stristr($tagdata, LD . 'freeform:captcha' . RD) != FALSE);
    1169. 

  1169. 		}
    1170. 

  1170. 

  1171. 		// -------------------------------------
    1172. 

  1172. 		//	other random vars
    1173. 

  1173. 		// -------------------------------------
    1174. 

  1174. 

  1175. 		$variables['freeform:submit']			= form_submit('submit', lang('submit'));
    1176. 

  1176. 		$variables['freeform:duplicate']		= $duplicate;
    1177. 

  1177. 		$variables['freeform:not_duplicate']	= ! $duplicate;
    1178. 

  1178. 		$variables['freeform:form_label']		= $form_data['form_label'];
    1179. 

  1179. 		$variables['freeform:form_description']	= $form_data['form_description'];
    1180. 

  1180. 

  1181. 		
    1182. 

  1182. 

  1183. 		// -------------------------------------
    1184. 

  1184. 		//	recipient emails from multipage?
    1185. 

  1185. 		// -------------------------------------
    1186. 

  1186. 

  1187. 		$variables['freeform:mp_data:user_recipient_emails'] = '';
    1188. 

  1188. 

  1189. 		if (isset($previous_inputs['hash_stored_data']['user_recipient_emails']) AND
    1190. 

  1190. 			is_array($previous_inputs['hash_stored_data']['user_recipient_emails']))
    1191. 

  1191. 		{
    1192. 

  1192. 			$variables['freeform:mp_data:user_recipient_emails'] = implode(
    1193. 

  1193. 				', ',
    1194. 

  1194. 				$previous_inputs['hash_stored_data']['user_recipient_emails']
    1195. 

  1195. 			);
    1196. 

  1196. 		}
    1197. 

  1197. 

  1198. 		// -------------------------------------
    1199. 

  1199. 		//	display fields
    1200. 

  1200. 		// -------------------------------------
    1201. 

  1201. 

  1202. 		$field_error_data	= array();
    1203. 

  1203. 		$general_error_data	= array();
    1204. 

  1204. 		$field_input_data	= array();
    1205. 

  1205. 

  1206. 		// -------------------------------------
    1207. 

  1207. 		//	inline errors?
    1208. 

  1208. 		// -------------------------------------
    1209. 

  1209. 

  1210. 		if ($this->params['inline_errors'] AND
    1211. 

  1211. 			$this->is_positive_intlike(ee()->session->flashdata('freeform_errors')))
    1212. 

  1212. 		{
    1213. 

  1213. 			ee()->load->model('freeform_param_model');
    1214. 

  1214. 

  1215. 			$error_query = ee()->freeform_param_model->get_row(
    1216. 

  1216. 				ee()->session->flashdata('freeform_errors')
    1217. 

  1217. 			);
    1218. 

  1218. 

  1219. 			if ($error_query !== FALSE)
    1220. 

  1220. 			{
    1221. 

  1221. 				$potential_error_data = json_decode($error_query['data'], TRUE);
    1222. 

  1222. 

  1223. 				if (isset($potential_error_data['field_errors']))
    1224. 

  1224. 				{
    1225. 

  1225. 					$field_error_data = $potential_error_data['field_errors'];
    1226. 

  1226. 				}
    1227. 

  1227. 

  1228. 				if (isset($potential_error_data['general_errors']))
    1229. 

  1229. 				{
    1230. 

  1230. 					$general_error_data = $potential_error_data['general_errors'];
    1231. 

  1231. 				}
    1232. 

  1232. 

  1233. 				if (isset($potential_error_data['inputs']))
    1234. 

  1234. 				{
    1235. 

  1235. 					$field_input_data = $potential_error_data['inputs'];
    1236. 

  1236. 				}
    1237. 

  1237. 			}
    1238. 

  1238. 		}
    1239. 

  1239. 

  1240. 		foreach ($form_data['fields'] as $field_id => $field_data)
    1241. 

  1241. 		{
    1242. 

  1242. 			// -------------------------------------
    1243. 

  1243. 			//	label?
    1244. 

  1244. 			// -------------------------------------
    1245. 

  1245. 

  1246. 			$error = '';
    1247. 

  1247. 

  1248. 			if (isset($field_error_data[$field_data['field_name']]))
    1249. 

  1249. 			{
    1250. 

  1250. 				$error = is_array($field_error_data[$field_data['field_name']]) ?
    1251. 

  1251. 							implode(', ', $field_error_data[$field_data['field_name']]) :
    1252. 

  1252. 							$field_error_data[$field_data['field_name']];
    1253. 

  1253. 			}
    1254. 

  1254. 

  1255. 			$variables['freeform:error:' . $field_data['field_name']] = $error;
    1256. 

  1256. 

  1257. 			$variables['freeform:label:' . $field_data['field_name']] = $field_data['field_label'];
    1258. 

  1258. 			$variables['freeform:description:' . $field_data['field_name']] = $field_data['field_description'];
    1259. 

  1259. 

  1260. 			// -------------------------------------
    1261. 

  1261. 			//	values?
    1262. 

  1262. 			// -------------------------------------
    1263. 

  1263. 

  1264. 			$col_name = ee()->freeform_form_model->form_field_prefix . $field_id;
    1265. 

  1265. 

  1266. 			// -------------------------------------
    1267. 

  1267. 			//	multipage previous inputs?
    1268. 

  1268. 			// -------------------------------------
    1269. 

  1269. 

  1270. 			$variables['freeform:mp_data:' . $field_data['field_name']] = (
    1271. 

  1271. 				isset($previous_inputs[$col_name]) ?
    1272. 

  1272. 					$previous_inputs[$col_name] :
    1273. 

  1273. 					(
    1274. 

  1274. 						isset($previous_inputs[$field_data['field_name']]) ?
    1275. 

  1275. 							$previous_inputs[$field_data['field_name']] :
    1276. 

  1276. 							''
    1277. 

  1277. 					)
    1278. 

  1278. 			);
    1279. 

  1279. 

  1280. 			
    1281. 

  1281. 

  1282. 		}
    1283. 

  1283. 		//END foreach ($form_data['fields'] as $field_id => $field_data)
    1284. 

  1284. 

  1285. 		if ( ! empty($edit_data))
    1286. 

  1286. 		{
    1287. 

  1287. 			$field_input_data = $edit_data;
    1288. 

  1288. 		}
    1289. 

  1289. 		else if ( ! empty($previous_inputs))
    1290. 

  1290. 		{
    1291. 

  1291. 			$field_input_data = $previous_inputs;
    1292. 

  1292. 		}
    1293. 

  1293. 

  1294. 		// -------------------------------------
    1295. 

  1295. 		//	freeform:all_form_fields
    1296. 

  1296. 		// -------------------------------------
    1297. 

  1297. 

  1298. 		$tagdata = $this->replace_all_form_fields(
    1299. 

  1299. 			$tagdata,
    1300. 

  1300. 			$form_data['fields'],
    1301. 

  1301. 			$form_data['field_order'],
    1302. 

  1302. 			$field_input_data
    1303. 

  1303. 		);
    1304. 

  1304. 

  1305. 		// -------------------------------------
    1306. 

  1306. 		//	general errors
    1307. 

  1307. 		// -------------------------------------
    1308. 

  1308. 

  1309. 		if ( ! empty($general_error_data))
    1310. 

  1310. 		{
    1311. 

  1311. 			//the error array might have sub arrays
    1312. 

  1312. 			//so we need to flatten
    1313. 

  1313. 			$_general_error_data = array();
    1314. 

  1314. 

  1315. 			foreach ($general_error_data as $error_set => $error_data)
    1316. 

  1316. 			{
    1317. 

  1317. 				if (is_array($error_data))
    1318. 

  1318. 				{
    1319. 

  1319. 					foreach ($error_data as $sub_key => $sub_error)
    1320. 

  1320. 					{
    1321. 

  1321. 						$_general_error_data[] = array('freeform:error_message' => $sub_error);
    1322. 

  1322. 					}
    1323. 

  1323. 				}
    1324. 

  1324. 				else
    1325. 

  1325. 				{
    1326. 

  1326. 					$_general_error_data[] = array('freeform:error_message' => $error_data);
    1327. 

  1327. 				}
    1328. 

  1328. 			}
    1329. 

  1329. 

  1330. 			$general_error_data = $_general_error_data;
    1331. 

  1331. 		}
    1332. 

  1332. 

  1333. 		$variables['freeform:general_errors'] = $general_error_data;
    1334. 

  1334. 

  1335. 		//have to do this so the conditional will work,
    1336. 

  1336. 		//seems that parse variables doesn't think a non-empty array = YES
    1337. 

  1337. 		$tagdata = ee()->functions->prep_conditionals(
    1338. 

  1338. 			$tagdata,
    1339. 

  1339. 			array('freeform:general_errors' => ! empty($general_error_data))
    1340. 

  1340. 		);
    1341. 

  1341. 

  1342. 		// -------------------------------------
    1343. 

  1343. 		//	apply replace tag to our field data
    1344. 

  1344. 		// -------------------------------------
    1345. 

  1345. 

  1346. 		$field_parse = ee()->freeform_fields->apply_field_method(array(
    1347. 

  1347. 			'method'			=> 'display_field',
    1348. 

  1348. 			'form_id'			=> $form_id,
    1349. 

  1349. 			'entry_id'			=> $entry_id,
    1350. 

  1350. 			'form_data'			=> $form_data,
    1351. 

  1351. 			'field_input_data'	=> $field_input_data,
    1352. 

  1352. 			'tagdata'			=> $tagdata
    1353. 

  1353. 		));
    1354. 

  1354. 

  1355. 		$this->multipart 	= $field_parse['multipart'];
    1356. 

  1356. 		$variables 			= array_merge($variables, $field_parse['variables']);
    1357. 

  1357. 		$tagdata 			= $field_parse['tagdata'];
    1358. 

  1358. 

  1359. 		// -------------------------------------
    1360. 

  1360. 		//	dynamic recipient list
    1361. 

  1361. 		// -------------------------------------
    1362. 

  1362. 

  1363. 		$this->params['recipients']		= (
    1364. 

  1364. 			! in_array(ee()->TMPL->fetch_param('recipients'), array(FALSE, ''))
    1365. 

  1365. 		);
    1366. 

  1366. 

  1367. 		//preload list with usable info if so
    1368. 

  1368. 		$this->params['recipients_list'] = array();
    1369. 

  1369. 

  1370. 		if ( $this->params['recipients'] )
    1371. 

  1371. 		{
    1372. 

  1372. 			$i 				= 1;
    1373. 

  1373. 			$while_limit	= 1000;
    1374. 

  1374. 			$counter 		= 0;
    1375. 

  1375. 

  1376. 			while ( ! in_array(ee()->TMPL->fetch_param('recipient' . $i), array(FALSE, '')) )
    1377. 

  1377. 			{
    1378. 

  1378. 				$recipient = explode('|', ee()->TMPL->fetch_param('recipient' . $i));
    1379. 

  1379. 

  1380. 				//has a name?
    1381. 

  1381. 				if ( count($recipient) > 1)
    1382. 

  1382. 				{
    1383. 

  1383. 					$recipient_name 	= trim($recipient[0]);
    1384. 

  1384. 					$recipient_email 	= trim($recipient[1]);
    1385. 

  1385. 				}
    1386. 

  1386. 				//no name, we assume its just an email
    1387. 

  1387. 				//(though, this makes little sense, it needs a name to be useful)
    1388. 

  1388. 				else
    1389. 

  1389. 				{
    1390. 

  1390. 					$recipient_name 	= '';
    1391. 

  1391. 					$recipient_email 	= trim($recipient[0]);
    1392. 

  1392. 				}
    1393. 

  1393. 

  1394. 				$recipient_selected = FALSE;
    1395. 

  1395. 

  1396. 				if (isset($previous_inputs['hash_stored_data']['recipient_emails']) AND
    1397. 

  1397. 					is_array($previous_inputs['hash_stored_data']['recipient_emails']))
    1398. 

  1398. 				{
    1399. 

  1399. 					$recipient_selected = in_array(
    1400. 

  1400. 						$recipient_email,
    1401. 

  1401. 						$previous_inputs['hash_stored_data']['recipient_emails']
    1402. 

  1402. 					);
    1403. 

  1403. 				}
    1404. 

  1404. 

  1405. 				//add to list
    1406. 

  1406. 				$this->params['recipients_list'][$i] = array(
    1407. 

  1407. 					'name'		=> $recipient_name,
    1408. 

  1408. 					'email'		=> $recipient_email,
    1409. 

  1409. 					'key'		=> uniqid(),
    1410. 

  1410. 					'selected'	=> $recipient_selected
    1411. 

  1411. 				);
    1412. 

  1412. 

  1413. 				$i++;
    1414. 

  1414. 

  1415. 				//extra protection because while loops are scary
    1416. 

  1416. 				if (++$counter >= $while_limit)
    1417. 

  1417. 				{
    1418. 

  1418. 					break;
    1419. 

  1419. 				}
    1420. 

  1420. 			}
    1421. 

  1421. 

  1422. 			//if we end up with nothing, then lets not attempt later
    1423. 

  1423. 			if (empty($this->params['recipients_list']))
    1424. 

  1424. 			{
    1425. 

  1425. 				$this->params['recipients'] = FALSE;
    1426. 

  1426. 			}
    1427. 

  1427. 		}
    1428. 

  1428. 

  1429. 		//	----------------------------------------
    1430. 

  1430. 		//	parse {captcha}
    1431. 

  1431. 		//	----------------------------------------
    1432. 

  1432. 

  1433. 		$variables['freeform:captcha'] = FALSE;
    1434. 

  1434. 

  1435. 		if ($this->params['require_captcha'])
    1436. 

  1436. 		{
    1437. 

  1437. 			$variables['freeform:captcha'] = ee()->functions->create_captcha();
    1438. 

  1438. 		}
    1439. 

  1439. 

  1440. 		// -------------------------------------
    1441. 

  1441. 		//	dynamic recipient tagdata
    1442. 

  1442. 		// -------------------------------------
    1443. 

  1443. 

  1444. 		if ( $this->params['recipients'] AND
    1445. 

  1445. 			count($this->params['recipients_list']) > 0)
    1446. 

  1446. 		{
    1447. 

  1447. 			$variables['freeform_recipients'] = array();
    1448. 

  1448. 

  1449. 			$recipient_list 	= $this->params['recipients_list'];
    1450. 

  1450. 

  1451. 			//dynamic above starts with 1, so does this
    1452. 

  1452. 			for ( $i = 1, $l = count($recipient_list); $i <= $l; $i++ )
    1453. 

  1453. 			{
    1454. 

  1454. 				$variables['freeform:recipient_name' . $i] = $recipient_list[$i]['name'];
    1455. 

  1455. 				$variables['freeform:recipient_value' . $i] = $recipient_list[$i]['key'];
    1456. 

  1456. 				$variables['freeform:recipient_selected' . $i] = $recipient_list[$i]['selected'];
    1457. 

  1457. 

  1458. 				$variables['freeform:recipients'][] = array(
    1459. 

  1459. 					'freeform:recipient_name' 		=> $recipient_list[$i]['name'],
    1460. 

  1460. 					'freeform:recipient_value'		=> $recipient_list[$i]['key'],
    1461. 

  1461. 					'freeform:recipient_count'		=> $i,
    1462. 

  1462. 					//selected from hash data from multipages
    1463. 

  1463. 					'freeform:recipient_selected' 	=> $recipient_list[$i]['selected']
    1464. 

  1464. 				);
    1465. 

  1465. 			}
    1466. 

  1466. 		}
    1467. 

  1467. 

  1468. 		// -------------------------------------
    1469. 

  1469. 		//	status pairs
    1470. 

  1470. 		// -------------------------------------
    1471. 

  1471. 

  1472. 		$tagdata = $this->parse_status_tags($tagdata);
    1473. 

  1473. 

  1474. 		//	----------------------------------------
    1475. 

  1475. 		//	'freeform_module_pre_form_parse' hook.
    1476. 

  1476. 		//	 - This allows developers to change data before tagdata processing.
    1477. 

  1477. 		//	----------------------------------------
    1478. 

  1478. 

  1479. 		$this->variables = $variables;
    1480. 

  1480. 

  1481. 		if (ee()->extensions->active_hook('freeform_module_pre_form_parse') === TRUE)
    1482. 

  1482. 		{
    1483. 

  1483. 			$tagdata = ee()->extensions->universal_call(
    1484. 

  1484. 				'freeform_module_pre_form_parse',
    1485. 

  1485. 				$tagdata,
    1486. 

  1486. 				$this
    1487. 

  1487. 			);
    1488. 

  1488. 

  1489. 			if (ee()->extensions->end_script === TRUE) return;
    1490. 

  1490. 		}
    1491. 

  1491. 		//	----------------------------------------
    1492. 

  1492. 

  1493. 		//extra precaution in case someone hoses this
    1494. 

  1494. 		if (isset($this->variables) AND is_array($this->variables))
    1495. 

  1495. 		{
    1496. 

  1496. 			$variables = $this->variables;
    1497. 

  1497. 		}
    1498. 

  1498. 

  1499. 		// -------------------------------------
    1500. 

  1500. 		//	parse external vars
    1501. 

  1501. 		// -------------------------------------
    1502. 

  1502. 

  1503. 		$outer_template_vars['freeform:form_page']			= $current_page;
    1504. 

  1504. 		$outer_template_vars['freeform:form_page_total']	= $page_total;
    1505. 

  1505. 		$outer_template_vars['freeform:form_name']			= $form_data['form_name'];
    1506. 

  1506. 		$outer_template_vars['freeform:form_label']			= $form_data['form_label'];
    1507. 

  1507. 

  1508. 		ee()->TMPL->template = ee()->functions->prep_conditionals(
    1509. 

  1509. 			ee()->TMPL->template,
    1510. 

  1510. 			$outer_template_vars
    1511. 

  1511. 		);
    1512. 

  1512. 

  1513. 		ee()->TMPL->template = ee()->functions->var_swap(
    1514. 

  1514. 			ee()->TMPL->template,
    1515. 

  1515. 			$outer_template_vars
    1516. 

  1516. 		);
    1517. 

  1517. 

  1518. 		// -------------------------------------
    1519. 

  1519. 		//	parse all vars
    1520. 

  1520. 		// -------------------------------------
    1521. 

  1521. 

  1522. 		$tagdata = ee()->TMPL->parse_variables(
    1523. 

  1523. 			$tagdata,
    1524. 

  1524. 			array(array_merge($outer_template_vars,$variables))
    1525. 

  1525. 		);
    1526. 

  1526. 

  1527. 		// -------------------------------------
    1528. 

  1528. 		//	this doesn't force ana ajax request
    1529. 

  1529. 		//	but instead forces it _not_ to be
    1530. 

  1530. 		//	if the ajax param = 'no'
    1531. 

  1531. 		// -------------------------------------
    1532. 

  1532. 

  1533. 		if ( ! $this->params['ajax'])
    1534. 

  1534. 		{
    1535. 

  1535. 			$hidden_fields['ajax_request'] = 'no';
    1536. 

  1536. 		}
    1537. 

  1537. 

  1538. 		//-------------------------------------
    1539. 

  1539. 		//	build form
    1540. 

  1540. 		//-------------------------------------
    1541. 

  1541. 

  1542. 		$return .= $this->build_form(array(
    1543. 

  1543. 			'action'			=> $this->get_action_url('save_form'),
    1544. 

  1544. 			'method'			=> 'POST',
    1545. 

  1545. 			'hidden_fields'		=> array_merge($hidden_fields, array(
    1546. 

  1546. 				// 	no more params can be set after this
    1547. 

  1547. 				'params_id' => $this->insert_params(),
    1548. 

  1548. 			)),
    1549. 

  1549. 			'tagdata'			=> $tagdata
    1550. 

  1550. 		));
    1551. 

  1551. 

  1552. 		//	----------------------------------------
    1553. 

  1553. 		//	'freeform_module_form_end' hook.
    1554. 

  1554. 		//	 - This allows developers to change the form before output.
    1555. 

  1555. 		//	----------------------------------------
    1556. 

  1556. 

  1557. 		if (ee()->extensions->active_hook('freeform_module_form_end') === TRUE)
    1558. 

  1558. 		{
    1559. 

  1559. 			$return = ee()->extensions->universal_call(
    1560. 

  1560. 				'freeform_module_form_end',
    1561. 

  1561. 				$return,
    1562. 

  1562. 				$this
    1563. 

  1563. 			);
    1564. 

  1564. 

  1565. 			if (ee()->extensions->end_script === TRUE) return;
    1566. 

  1566. 		}
    1567. 

  1567. 		//	----------------------------------------
    1568. 

  1568. 

  1569. 		return $return;
    1570. 

  1570. 	}
    1571. 

  1571. 	//END form
    1572. 

  1572. 

  1573. 

  1574. 	// -------------------------------------
    1575. 

  1575. 	//	action requests
    1576. 

  1576. 	// -------------------------------------
    1577. 

  1577. 

  1578. 

  1579. 	// --------------------------------------------------------------------
    1580. 

  1580. 

  1581. 	/**
    1582. 

  1582. 	 * ajax_validate
    1583. 

  1583. 	 *
    1584. 

  1584. 	 * does a save form that stops after validation
    1585. 

  1585. 	 *
    1586. 

  1586. 	 * @access	public
    1587. 

  1587. 	 * @return	mixed 	ajax request
    1588. 

  1588. 	 */
    1589. 

  1589. 

  1590. 	public function ajax_validate_form ()
    1591. 

  1591. 	{
    1592. 

  1592. 		return $this->save_form(TRUE);
    1593. 

  1593. 	}
    1594. 

  1594. 	//END ajax_validate
    1595. 

  1595. 

  1596. 

  1597. 	// --------------------------------------------------------------------
    1598. 

  1598. 

  1599. 	/**
    1600. 

  1600. 	 * save_form
    1601. 

  1601. 	 *
    1602. 

  1602. 	 * form save from front_end/action request
    1603. 

  1603. 	 *
    1604. 

  1604. 	 * @access	public
    1605. 

  1605. 	 * @param 	bool validate only
    1606. 

  1606. 	 * @return	null
    1607. 

  1607. 	 */
    1608. 

  1608. 

  1609. 	public function save_form ($validate_only = FALSE)
    1610. 

  1610. 	{
    1611. 

  1611. 		if ( ! $validate_only AND REQ !== 'ACTION')
    1612. 

  1612. 		{
    1613. 

  1613. 			return;
    1614. 

  1614. 		}
    1615. 

  1615. 

  1616. 		ee()->load->library('freeform_forms');
    1617. 

  1617. 		ee()->load->library('freeform_fields');
    1618. 

  1618. 		ee()->load->model('freeform_form_model');
    1619. 

  1619. 

  1620. 		// -------------------------------------
    1621. 

  1621. 		//	require logged in?
    1622. 

  1622. 		// -------------------------------------
    1623. 

  1623. 

  1624. 		if ($this->param('require_logged_in') AND
    1625. 

  1625. 			ee()->session->userdata['member_id'] == '0')
    1626. 

  1626. 		{
    1627. 

  1627. 			$this->pre_validation_error(
    1628. 

  1628. 				lang('not_authorized') . ' - ' .
    1629. 

  1629. 				lang('not_logged_in')
    1630. 

  1630. 			);
    1631. 

  1631. 		}
    1632. 

  1632. 

  1633. 		// -------------------------------------
    1634. 

  1634. 		//	blacklist, banned
    1635. 

  1635. 		// -------------------------------------
    1636. 

  1636. 

  1637. 		if (ee()->session->userdata['is_banned'] OR (
    1638. 

  1638. 				$this->check_yes(ee()->blacklist->blacklisted) AND
    1639. 

  1639. 				$this->check_no(ee()->blacklist->whitelisted)
    1640. 

  1640. 			)
    1641. 

  1641. 		)
    1642. 

  1642. 		{
    1643. 

  1643. 			$this->pre_validation_error(
    1644. 

  1644. 				lang('not_authorized') . ' - ' .
    1645. 

  1645. 				lang('reason_banned')
    1646. 

  1646. 			);
    1647. 

  1647. 		}
    1648. 

  1648. 

  1649. 		// -------------------------------------
    1650. 

  1650. 		//	require ip? (except admin)
    1651. 

  1651. 		// -------------------------------------
    1652. 

  1652. 

  1653. 		if ($this->param('require_ip'))
    1654. 

  1654. 		{
    1655. 

  1655. 			if (ee()->input->ip_address() == '0.0.0.0')
    1656. 

  1656. 			{
    1657. 

  1657. 				$this->pre_validation_error(
    1658. 

  1658. 					lang('not_authorized') . ' - ' .
    1659. 

  1659. 					lang('reason_ip_required')
    1660. 

  1660. 				);
    1661. 

  1661. 			}
    1662. 

  1662. 		}
    1663. 

  1663. 

  1664. 		// -------------------------------------
    1665. 

  1665. 		//	Is the nation of the user banned?
    1666. 

  1666. 		// -------------------------------------
    1667. 

  1667. 

  1668. 		if ($this->nation_ban_check(FALSE))
    1669. 

  1669. 		{
    1670. 

  1670. 			$this->pre_validation_error(
    1671. 

  1671. 				lang('not_authorized') . ' - ' .
    1672. 

  1672. 				ee()->config->item('ban_message')
    1673. 

  1673. 			);
    1674. 

  1674. 		}
    1675. 

  1675. 

  1676. 		
    1677. 

  1677. 

  1678. 		// -------------------------------------
    1679. 

  1679. 		//	valid form id
    1680. 

  1680. 		// -------------------------------------
    1681. 

  1681. 

  1682. 		$form_id = $this->form_id();
    1683. 

  1683. 

  1684. 		if ( ! $form_id)
    1685. 

  1685. 		{
    1686. 

  1686. 			$this->pre_validation_error(lang('invalid_form_id'));
    1687. 

  1687. 		}
    1688. 

  1688. 

  1689. 		// -------------------------------------
    1690. 

  1690. 		//	is this an edit? entry_id
    1691. 

  1691. 		// -------------------------------------
    1692. 

  1692. 

  1693. 		$entry_id 		= $this->entry_id();
    1694. 

  1694. 

  1695. 		$edit 			= ($entry_id AND $entry_id != 0);
    1696. 

  1696. 

  1697. 		// -------------------------------------
    1698. 

  1698. 		//	for multipage check later
    1699. 

  1699. 		// -------------------------------------
    1700. 

  1700. 

  1701. 		$multipage			= $this->param('multipage');
    1702. 

  1702. 		$current_page		= $this->param('current_page');
    1703. 

  1703. 		$last_page			= $this->param('last_page');
    1704. 

  1704. 		$previous_inputs	= array();
    1705. 

  1705. 

  1706. 		
    1707. 

  1707. 

  1708. 		// -------------------------------------
    1709. 

  1709. 		//	form data
    1710. 

  1710. 		// -------------------------------------
    1711. 

  1711. 

  1712. 		$form_data 		= $this->data->get_form_info($form_id);
    1713. 

  1713. 

  1714. 		$field_labels 	= array();
    1715. 

  1715. 		$valid_fields 	= array();
    1716. 

  1716. 

  1717. 		foreach ( $form_data['fields'] as $row)
    1718. 

  1718. 		{
    1719. 

  1719. 			$field_labels[$row['field_name']] 	= $row['field_label'];
    1720. 

  1720. 			$valid_fields[] 					= $row['field_name'];
    1721. 

  1721. 		}
    1722. 

  1722. 

  1723. 		// -------------------------------------
    1724. 

  1724. 		//	for hooks
    1725. 

  1725. 		// -------------------------------------
    1726. 

  1726. 

  1727. 		$this->edit			= $edit;
    1728. 

  1728. 		$this->multipage	= $multipage;
    1729. 

  1729. 		$this->last_page	= $last_page;
    1730. 

  1730. 

  1731. 		// -------------------------------------
    1732. 

  1732. 		//	user email max/spam count
    1733. 

  1733. 		// -------------------------------------
    1734. 

  1734. 

  1735. 		ee()->load->library('freeform_notifications');
    1736. 

  1736. 

  1737. 		if ($last_page AND ($this->param('recipient_user_input') OR
    1738. 

  1738. 			 $this->param('recipients')) AND
    1739. 

  1739. 			 ee()->freeform_notifications->check_spam_interval($form_id)
    1740. 

  1740. 		)
    1741. 

  1741. 		{
    1742. 

  1742. 			$this->pre_validation_error(
    1743. 

  1743. 				lang('not_authorized') . ' - ' .
    1744. 

  1744. 				lang('email_limit_exceeded')
    1745. 

  1745. 			);
    1746. 

  1746. 		}
    1747. 

  1747. 

  1748. 		// -------------------------------------
    1749. 

  1749. 		//	Check for duplicate
    1750. 

  1750. 		// -------------------------------------
    1751. 

  1751. 

  1752. 		$duplicate = FALSE;
    1753. 

  1753. 

  1754. 		if ($this->param('prevent_duplicate_on') AND
    1755. 

  1755. 			! in_array(
    1756. 

  1756. 				$this->param('prevent_duplicate_on'),
    1757. 

  1757. 				array('member_id', 'ip_address'),
    1758. 

  1758. 				TRUE
    1759. 

  1759. 			))
    1760. 

  1760. 		{
    1761. 

  1761. 			$duplicate = ee()->freeform_forms->check_duplicate(
    1762. 

  1762. 				$form_id,
    1763. 

  1763. 				$this->param('prevent_duplicate_on'),
    1764. 

  1764. 				ee()->input->get_post(
    1765. 

  1765. 					$this->param('prevent_duplicate_on'),
    1766. 

  1766. 					TRUE
    1767. 

  1767. 				),
    1768. 

  1768. 				$this->param('prevent_duplicate_per_site')
    1769. 

  1769. 			);
    1770. 

  1770. 		}
    1771. 

  1771. 

  1772. 		if ($duplicate)
    1773. 

  1773. 		{
    1774. 

  1774. 			$this->pre_validation_error(lang('no_duplicates'));
    1775. 

  1775. 		}
    1776. 

  1776. 

  1777. 		// -------------------------------------
    1778. 

  1778. 		//	pre xid check
    1779. 

  1779. 		// -------------------------------------
    1780. 

  1780. 		// 	we aren't going to delete just yet
    1781. 

  1781. 		// 	because if they have input errors
    1782. 

  1782. 		// 	then we want to keep this xid for a bit
    1783. 

  1783. 		// 	and only delete xid on success
    1784. 

  1784. 		// -------------------------------------
    1785. 

  1785. 

  1786. 		if ( $this->check_yes(ee()->config->item('secure_forms')) )
    1787. 

  1787. 		{
    1788. 

  1788. 			ee()->db->from('security_hashes');
    1789. 

  1789. 			ee()->db->where(array(
    1790. 

  1790. 				'hash'			=> ee()->input->post('XID'),
    1791. 

  1791. 				'ip_address'	=> ee()->input->ip_address(),
    1792. 

  1792. 				'date >'		=> ee()->localize->now - 7200
    1793. 

  1793. 			));
    1794. 

  1794. 

  1795. 			if (ee()->db->count_all_results() == 0)
    1796. 

  1796. 			{
    1797. 

  1797. 				$this->pre_validation_error(
    1798. 

  1798. 					lang('not_authorized') . ' - ' .
    1799. 

  1799. 					lang('reason_secure_form_timeout')
    1800. 

  1800. 				);
    1801. 

  1801. 			}
    1802. 

  1802. 		}
    1803. 

  1803. 

  1804. 		// -------------------------------------
    1805. 

  1805. 		//	pre-validate hook
    1806. 

  1806. 		// -------------------------------------
    1807. 

  1807. 

  1808. 		$errors				= array();
    1809. 

  1809. 		//have to do this weird for backward compat
    1810. 

  1810. 		$this->field_errors = array();
    1811. 

  1811. 

  1812. 		if (ee()->extensions->active_hook('freeform_module_validate_begin') === TRUE)
    1813. 

  1813. 		{
    1814. 

  1814. 			$errors = ee()->extensions->universal_call(
    1815. 

  1815. 				'freeform_module_validate_begin',
    1816. 

  1816. 				$errors,
    1817. 

  1817. 				$this
    1818. 

  1818. 			);
    1819. 

  1819. 

  1820. 			if (ee()->extensions->end_script === TRUE) return;
    1821. 

  1821. 		}
    1822. 

  1822. 

  1823. 		// -------------------------------------
    1824. 

  1824. 		//	require fields
    1825. 

  1825. 		// -------------------------------------
    1826. 

  1826. 

  1827. 		if ($this->param('required'))
    1828. 

  1828. 		{
    1829. 

  1829. 			$required = $this->actions()->pipe_split($this->param('required'));
    1830. 

  1830. 

  1831. 			foreach ($required as $required_field)
    1832. 

  1832. 			{
    1833. 

  1833. 				//just in case someone misspelled a require
    1834. 

  1834. 				//or removes a field after making the require list
    1835. 

  1835. 				if ( ! in_array($required_field, $valid_fields))
    1836. 

  1836. 				{
    1837. 

  1837. 					continue;
    1838. 

  1838. 				}
    1839. 

  1839. 

  1840. 				if ( (
    1841. 

  1841. 						(
    1842. 

  1842. 							is_array( ee()->input->get_post($required_field) ) AND
    1843. 

  1843. 							count(ee()->input->get_post($required_field)) < 1
    1844. 

  1844. 						) OR
    1845. 

  1845. 						trim((string) ee()->input->get_post($required_field)) === ''
    1846. 

  1846. 					)
    1847. 

  1847. 					//required field could be a file
    1848. 

  1848. 					AND ! isset($_FILES[$required_field])
    1849. 

  1849. 				)
    1850. 

  1850. 				{
    1851. 

  1851. 					$this->field_errors[
    1852. 

  1852. 						$required_field
    1853. 

  1853. 					] = lang('required_field_missing');
    1854. 

  1854. 

  1855. 

  1856. 					//only want the postfixing of errors
    1857. 

  1857. 					//if we are sending to general errors screen
    1858. 

  1858. 					//or an error page
    1859. 

  1859. 					//the second conditional is for people requesting
    1860. 

  1860. 					//the custom error page via ajax
    1861. 

  1861. 					if ( ! $this->param('inline_errors') AND
    1862. 

  1862. 						 ! ($this->is_ajax_request() AND
    1863. 

  1863. 							! trim($this->param('error_page'))))
    1864. 

  1864. 					{
    1865. 

  1865. 						$this->field_errors[$required_field] .= ': '.
    1866. 

  1866. 										$field_labels[$required_field];
    1867. 

  1867. 					}
    1868. 

  1868. 				}
    1869. 

  1869. 			}
    1870. 

  1870. 		}
    1871. 

  1871. 

  1872. 		// -------------------------------------
    1873. 

  1873. 		//	matching fields
    1874. 

  1874. 		// -------------------------------------
    1875. 

  1875. 

  1876. 		if ($this->param('matching_fields'))
    1877. 

  1877. 		{
    1878. 

  1878. 			$matching_fields = $this->actions()->pipe_split($this->param('matching_fields'));
    1879. 

  1879. 

  1880. 			foreach ($matching_fields as $match_field)
    1881. 

  1881. 			{
    1882. 

  1882. 

  1883. 				//just in case someone misspelled a require
    1884. 

  1884. 				//or removes a field after making the require list
    1885. 

  1885. 				if ( ! in_array($match_field, $valid_fields))
    1886. 

  1886. 				{
    1887. 

  1887. 					continue;
    1888. 

  1888. 				}
    1889. 

  1889. 

  1890. 				//array comparison is correct in PHP and this should work
    1891. 

  1891. 				//no matter what.
    1892. 

  1892. 				//normal validation will fix other issues
    1893. 

  1893. 				if ( ee()->input->get_post($match_field) == FALSE OR
    1894. 

  1894. 					 ee()->input->get_post($match_field . '_confirm') == FALSE OR
    1895. 

  1895. 					 ee()->input->get_post($match_field) !==
    1896. 

  1896. 						ee()->input->get_post($match_field . '_confirm')
    1897. 

  1897. 				)
    1898. 

  1898. 				{
    1899. 

  1899. 					$this->field_errors[$match_field] = lang('fields_do_not_match') .
    1900. 

  1900. 										$field_labels[$match_field] .
    1901. 

  1901. 										' | ' .
    1902. 

  1902. 										$field_labels[$match_field] .
    1903. 

  1903. 										' ' .
    1904. 

  1904. 										lang('confirm');
    1905. 

  1905. 				}
    1906. 

  1906. 			}
    1907. 

  1907. 		}
    1908. 

  1908. 

  1909. 		// -------------------------------------
    1910. 

  1910. 		//	validate dynamic recipients
    1911. 

  1911. 		// 	no actual validation errors
    1912. 

  1912. 		// 	will throw here, but in case we do
    1913. 

  1913. 		// 	in the future
    1914. 

  1914. 		// -------------------------------------
    1915. 

  1915. 

  1916. 		$recipient_emails = array();
    1917. 

  1917. 

  1918. 		if ($this->param('recipients'))
    1919. 

  1919. 		{
    1920. 

  1920. 			$recipient_email_input = ee()->input->get_post('recipient_email');
    1921. 

  1921. 

  1922. 			if ( ! in_array($recipient_email_input, array(FALSE, ''), TRUE))
    1923. 

  1923. 			{
    1924. 

  1924. 				if ( ! is_array($recipient_email_input))
    1925. 

  1925. 				{
    1926. 

  1926. 					$recipient_email_input = array($recipient_email_input);
    1927. 

  1927. 				}
    1928. 

  1928. 

  1929. 				// recipients are encoded, so lets check for keys
    1930. 

  1930. 				// since dynamic recipients are dev inputted
    1931. 

  1931. 				// we aren't going to error on invalid ones
    1932. 

  1932. 				// but rather just accept if present, and move on if not
    1933. 

  1933. 

  1934. 				$recipients_list	= $this->param('recipients_list');
    1935. 

  1935. 				$field_out			= '';
    1936. 

  1936. 

  1937. 				foreach($recipients_list as $i => $r_data)
    1938. 

  1938. 				{
    1939. 

  1939. 					if (in_array($r_data['key'], $recipient_email_input))
    1940. 

  1940. 					{
    1941. 

  1941. 						$recipient_emails[] = $r_data['email'];
    1942. 

  1942. 						$field_out .= $r_data['name'] . ' <' . $r_data['email'] . '>' . "\n";
    1943. 

  1943. 					}
    1944. 

  1944. 				}
    1945. 

  1945. 

  1946. 				//THE ENGLISH ARE TOO MANY!
    1947. 

  1947. 				if (count($recipient_emails) > $this->param('recipients_limit'))
    1948. 

  1948. 				{
    1949. 

  1949. 					$errors['recipient_email'] = lang('over_recipient_limit');
    1950. 

  1950. 				}
    1951. 

  1951. 

  1952. 				//does the user have a recipient_email custom field?
    1953. 

  1953. 				else if (in_array('recipient_email', $valid_fields))
    1954. 

  1954. 				{
    1955. 

  1955. 					$_POST['recipient_email'] = trim($field_out);
    1956. 

  1956. 				}
    1957. 

  1957. 			}
    1958. 

  1958. 

  1959. 			//if there is previous recipient emails
    1960. 

  1960. 			if (empty($recipient_emails) AND
    1961. 

  1961. 				isset($previous_inputs['hash_stored_data']['recipient_emails']))
    1962. 

  1962. 			{
    1963. 

  1963. 				$recipient_emails = $previous_inputs['hash_stored_data']['recipient_emails'];
    1964. 

  1964. 			}
    1965. 

  1965. 		}
    1966. 

  1966. 

  1967. 		// -------------------------------------
    1968. 

  1968. 		//	validate user inputted emails
    1969. 

  1969. 		// -------------------------------------
    1970. 

  1970. 

  1971. 		$user_recipient_emails = array();
    1972. 

  1972. 

  1973. 		if ($this->param('recipient_user_input'))
    1974. 

  1974. 		{
    1975. 

  1975. 	
    1976.

Large files files are truncated, but you can click here to view the full file