PageRenderTime 40ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 1ms

/manage/expressionengine/third_party/freeform/mod.freeform.php

https://bitbucket.org/jondaiello/h5sp-r
PHP | 4705 lines | 2723 code | 857 blank | 1125 comment | 347 complexity | 6423456dbd1584effeec738124ef821f MD5 | raw file
Possible License(s): LGPL-2.1, MPL-2.0-no-copyleft-exception 
    

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. 

  3. /**
    4. 

  4.  * Freeform - User Side
    5. 

  5.  *
    6. 

  6.  * @package		Solspace:Freeform
    7. 

  7.  * @author		Solspace, Inc.
    8. 

  8.  * @copyright	Copyright (c) 2008-2015, Solspace, Inc.
    9. 

  9.  * @link		http://solspace.com/docs/freeform
    10. 

  10.  * @license		http://www.solspace.com/license_agreement
    11. 

  11.  * @version		4.2.3
    12. 

  12.  * @filesource	freeform/mod.freeform.php
    13. 

  13.  */
    14. 

  14. 

  15. if ( ! class_exists('Module_builder_freeform'))
    16. 

  16. {
    17. 

  17. 	require_once 'addon_builder/module_builder.php';
    18. 

  18. }
    19. 

  19. 

  20. class Freeform extends Module_builder_freeform
    21. 

  21. {
    22. 

  22. 	/**
    23. 

  23. 	 * return data for when the constructor os only called
    24. 

  24. 	 * unused thusfar in this addon.
    25. 

  25. 	 * @var string
    26. 

  26. 	 */
    27. 

  27. 	public $return_data		= '';
    28. 

  28. 

  29. 	/**
    30. 

  30. 	 * Multipart form?
    31. 

  31. 	 * @var boolean
    32. 

  32. 	 * @see form
    33. 

  33. 	 */
    34. 

  34. 	public $multipart		= FALSE;
    35. 

  35. 

  36. 	/**
    37. 

  37. 	 * Params array storage for param
    38. 

  38. 	 * @var array
    39. 

  39. 	 * @see param
    40. 

  40. 	 */
    41. 

  41. 	public $params			= array();
    42. 

  42. 

  43. 	/**
    44. 

  44. 	 * params id for param fetch
    45. 

  45. 	 * @var integer
    46. 

  46. 	 * @see form
    47. 

  47. 	 * @see insert_params
    48. 

  48. 	 */
    49. 

  49. 	public $params_id		= 0;
    50. 

  50. 

  51. 	/**
    52. 

  52. 	 * Form ID storage
    53. 

  53. 	 * @var integer
    54. 

  54. 	 * @see form_id
    55. 

  55. 	 */
    56. 

  56. 	public $form_id			= 0;
    57. 

  57. 

  58. 	/**
    59. 

  59. 	 * Test Mode?
    60. 

  60. 	 *
    61. 

  61. 	 * @var boolean
    62. 

  62. 	 * @see do_exist
    63. 

  63. 	 */
    64. 

  64. 	public $test_mode		= FALSE;
    65. 

  65. 

  66. 	/**
    67. 

  67. 	 * Default Multipage Marker
    68. 

  68. 	 *
    69. 

  69. 	 * @var string
    70. 

  70. 	 * @see form
    71. 

  71. 	 * @see set_form_params
    72. 

  72. 	 */
    73. 

  73. 	public $default_mp_page_marker = 'page';
    74. 

  74. 

  75. 	/**
    76. 

  76. 	 * Multipage Page Array
    77. 

  77. 	 *
    78. 

  78. 	 * @var array
    79. 

  79. 	 * @see get_mp_page_array
    80. 

  80. 	 */
    81. 

  81. 	public $mp_page_array;
    82. 

  82. 

  83. 	/**
    84. 

  84. 	 * Prevents rerunning of set_form_params
    85. 

  85. 	 * @var boolean
    86. 

  86. 	 * @see set_form_params
    87. 

  87. 	 */
    88. 

  88. 	public $params_ran = FALSE;
    89. 

  89. 

  90. 	/**
    91. 

  91. 	 * Form Data
    92. 

  92. 	 * @var array
    93. 

  93. 	 */
    94. 

  94. 	public $form_data;
    95. 

  95. 

  96. 	/**
    97. 

  97. 	 * Params With Defaults
    98. 

  98. 	 * @var array
    99. 

  99. 	 * @see get_default_params
    100. 

  100. 	 */
    101. 

  101. 	public $params_with_defaults;
    102. 

  102. 

  103. 	// --------------------------------------------------------------------
    104. 

  104. 

  105. 	/**
    106. 

  106. 	 * Constructor
    107. 

  107. 	 *
    108. 

  108. 	 * @access	public
    109. 

  109. 	 * @return	null
    110. 

  110. 	 */
    111. 

  111. 

  112. 	public function __construct ()
    113. 

  113. 	{
    114. 

  114. 		parent::__construct();
    115. 

  115. 

  116. 		// -------------------------------------
    117. 

  117. 		//  Module Installed and Up to Date?
    118. 

  118. 		// -------------------------------------
    119. 

  119. 

  120. 		ee()->load->helper(array('text', 'form', 'url', 'string'));
    121. 

  121. 

  122. 		//avoids AR collisions
    123. 

  123. 		$this->data->get_module_preferences();
    124. 

  124. 		$this->data->get_global_module_preferences();
    125. 

  125. 		$this->data->show_all_sites();
    126. 

  126. 	}
    127. 

  127. 	// END __construct()
    128. 

  128. 

  129. 

  130. 	// --------------------------------------------------------------------
    131. 

  131. 

  132. 	/**
    133. 

  133. 	 * Form Info
    134. 

  134. 	 *
    135. 

  135. 	 * @access	public
    136. 

  136. 	 * @return	string parsed tagdata
    137. 

  137. 	 */
    138. 

  138. 

  139. 	public function form_info()
    140. 

  140. 	{
    141. 

  141. 		$form_ids = $this->form_id(TRUE, FALSE);
    142. 

  142. 

  143. 		ee()->load->model('freeform_form_model');
    144. 

  144. 

  145. 		if ($form_ids)
    146. 

  146. 		{
    147. 

  147. 			ee()->freeform_form_model->where_in('form_id', $form_ids);
    148. 

  148. 		}
    149. 

  149. 

  150. 		// -------------------------------------
    151. 

  151. 		//	site ids
    152. 

  152. 		// -------------------------------------
    153. 

  153. 

  154. 		//if its star, allow all
    155. 

  155. 		if (ee()->TMPL->fetch_param('site_id') !== '*')
    156. 

  156. 		{
    157. 

  157. 			$site_id = $this->parse_numeric_array_param('site_id');
    158. 

  158. 

  159. 			//if this isn't false, its single or an array
    160. 

  160. 			if ($site_id !== FALSE)
    161. 

  161. 			{
    162. 

  162. 				//no ids? exit
    163. 

  163. 				if (empty($site_id['ids']))
    164. 

  164. 				{
    165. 

  165. 					ee()->freeform_form_model->reset();
    166. 

  166. 					return $this->no_results_error();
    167. 

  167. 				}
    168. 

  168. 				//e.g. site_id="not 1"
    169. 

  169. 				else if ($site_id['not'])
    170. 

  170. 				{
    171. 

  171. 					ee()->freeform_form_model->where_not_in(
    172. 

  172. 						'site_id',
    173. 

  173. 						$site_id['ids']
    174. 

  174. 					);
    175. 

  175. 				}
    176. 

  176. 				else
    177. 

  177. 				{
    178. 

  178. 					ee()->freeform_form_model->where_in(
    179. 

  179. 						'site_id',
    180. 

  180. 						$site_id['ids']
    181. 

  181. 					);
    182. 

  182. 				}
    183. 

  183. 			}
    184. 

  184. 			//default
    185. 

  185. 			else
    186. 

  186. 			{
    187. 

  187. 				ee()->freeform_form_model->where(
    188. 

  188. 					'site_id',
    189. 

  189. 					ee()->config->item('site_id')
    190. 

  190. 				);
    191. 

  191. 			}
    192. 

  192. 		}
    193. 

  193. 

  194. 		// -------------------------------------
    195. 

  195. 		//	form data
    196. 

  196. 		// -------------------------------------
    197. 

  197. 

  198. 		$form_data =	ee()->freeform_form_model
    199. 

  199. 							->select(
    200. 

  200. 								'form_id, site_id, ' .
    201. 

  201. 								'form_name, form_label, ' .
    202. 

  202. 								'form_description, author_id, ' .
    203. 

  203. 								'entry_date, edit_date'
    204. 

  204. 							)
    205. 

  205. 							->order_by('form_id', 'asc')
    206. 

  206. 							->get();
    207. 

  207. 

  208. 		if ( ! $form_data)
    209. 

  209. 		{
    210. 

  210. 			return	$this->no_results_error(($form_ids) ?
    211. 

  211. 						'invalid_form_id' :
    212. 

  212. 						NULL
    213. 

  213. 					);
    214. 

  214. 		}
    215. 

  215. 

  216. 		// -------------------------------------
    217. 

  217. 		//	author data
    218. 

  218. 		// -------------------------------------
    219. 

  219. 

  220. 		$author_ids		= array();
    221. 

  221. 		$author_data	= array();
    222. 

  222. 

  223. 		foreach ($form_data as $row)
    224. 

  224. 		{
    225. 

  225. 			$author_ids[] = $row['author_id'];
    226. 

  226. 		}
    227. 

  227. 

  228. 		$a_query = ee()->db->select('member_id, username, screen_name')
    229. 

  229. 							->from('members')
    230. 

  230. 							->where_in('member_id', array_unique($author_ids))
    231. 

  231. 							->get();
    232. 

  232. 

  233. 		if ($a_query->num_rows() > 0)
    234. 

  234. 		{
    235. 

  235. 			$author_data = $this->prepare_keyed_result(
    236. 

  236. 				$a_query,
    237. 

  237. 				'member_id'
    238. 

  238. 			);
    239. 

  239. 		}
    240. 

  240. 

  241. 		// -------------------------------------
    242. 

  242. 		//	output
    243. 

  243. 		// -------------------------------------
    244. 

  244. 

  245. 		$variables = array();
    246. 

  246. 

  247. 		ee()->load->model('freeform_entry_model');
    248. 

  248. 

  249. 		foreach ($form_data as $row)
    250. 

  250. 		{
    251. 

  251. 			$new_row = array();
    252. 

  252. 

  253. 			//prefix everything
    254. 

  254. 			foreach ($row as $key => $value)
    255. 

  255. 			{
    256. 

  256. 				$new_row['freeform:' . $key] = $value;
    257. 

  257. 			}
    258. 

  258. 

  259. 			//we are only counting completed entries
    260. 

  260. 			$new_row['freeform:total_entries']	=	ee()->freeform_entry_model
    261. 

  261. 														->id($row['form_id'])
    262. 

  262. 														->where('complete', 'y')
    263. 

  263. 														->count();
    264. 

  264. 

  265. 			$new_row['freeform:author']			=	(
    266. 

  266. 				isset($author_data[$row['author_id']]) ?
    267. 

  267. 					(
    268. 

  268. 						isset($author_data[$row['author_id']]['screen_name']) ?
    269. 

  269. 							$author_data[$row['author_id']]['screen_name'] :
    270. 

  270. 							$author_data[$row['author_id']]['username']
    271. 

  271. 					) :
    272. 

  272. 					lang('n_a')
    273. 

  273. 			);
    274. 

  274. 

  275. 			$variables[] = $new_row;
    276. 

  276. 		}
    277. 

  277. 

  278. 		$prefixed_tags	= array(
    279. 

  279. 			'count',
    280. 

  280. 			'switch',
    281. 

  281. 			'total_results'
    282. 

  282. 		);
    283. 

  283. 

  284. 		$tagdata = ee()->TMPL->tagdata;
    285. 

  285. 

  286. 		$tagdata = $this->tag_prefix_replace(
    287. 

  287. 			'freeform:',
    288. 

  288. 			$prefixed_tags,
    289. 

  289. 			$tagdata
    290. 

  290. 		);
    291. 

  291. 

  292. 		//this should handle backspacing as well
    293. 

  293. 		$tagdata = ee()->TMPL->parse_variables($tagdata, $variables);
    294. 

  294. 

  295. 		$tagdata = $this->tag_prefix_replace(
    296. 

  296. 			'freeform:',
    297. 

  297. 			$prefixed_tags,
    298. 

  298. 			$tagdata,
    299. 

  299. 			TRUE
    300. 

  300. 		);
    301. 

  301. 

  302. 		return $tagdata;
    303. 

  303. 	}
    304. 

  304. 	//END form_info
    305. 

  305. 

  306. 

  307. 	// --------------------------------------------------------------------
    308. 

  308. 

  309. 	/**
    310. 

  310. 	 * Freeform:Entries
    311. 

  311. 	 * {exp:freeform:entries}
    312. 

  312. 	 *
    313. 

  313. 	 * @access	public
    314. 

  314. 	 * @return	string 	tagdata
    315. 

  315. 	 */
    316. 

  316. 

  317. 	public function entries()
    318. 

  318. 	{
    319. 

  319. 		// -------------------------------------
    320. 

  320. 		//	form id
    321. 

  321. 		// -------------------------------------
    322. 

  322. 

  323. 		$form_ids = $this->form_id(TRUE, FALSE);
    324. 

  324. 

  325. 		if ( ! $form_ids)
    326. 

  326. 		{
    327. 

  327. 			return $this->no_results_error('invalid_form_id');
    328. 

  328. 		}
    329. 

  329. 

  330. 		if ( ! is_array($form_ids))
    331. 

  331. 		{
    332. 

  332. 			$form_ids = array($form_ids);
    333. 

  333. 		}
    334. 

  334. 

  335. 		// -------------------------------------
    336. 

  336. 		//	libs, models, helper
    337. 

  337. 		// -------------------------------------
    338. 

  338. 

  339. 		ee()->load->model('freeform_form_model');
    340. 

  340. 		ee()->load->model('freeform_entry_model');
    341. 

  341. 		ee()->load->model('freeform_field_model');
    342. 

  342. 		ee()->load->model('freeform_file_upload_model');
    343. 

  343. 		ee()->load->library('freeform_forms');
    344. 

  344. 		ee()->load->library('freeform_fields');
    345. 

  345. 

  346. 		// -------------------------------------
    347. 

  347. 		//	start cache for count and result
    348. 

  348. 		// -------------------------------------
    349. 

  349. 

  350. 		$forms_data	=	ee()->freeform_form_model
    351. 

  351. 							->key('form_id')
    352. 

  352. 							->get(array('form_id' => $form_ids));
    353. 

  353. 

  354. 		$statuses	= array_keys($this->data->get_form_statuses());
    355. 

  355. 

  356. 		// -------------------------------------
    357. 

  357. 		//	field order ids
    358. 

  358. 		// -------------------------------------
    359. 

  359. 

  360. 		$all_field_ids	= array();
    361. 

  361. 		$all_order_ids	= array();
    362. 

  362. 

  363. 		foreach ($forms_data as $form_data)
    364. 

  364. 		{
    365. 

  365. 			//this should always be true, but NEVER TRUST AN ELF
    366. 

  366. 			if (isset($form_data['field_ids']) AND
    367. 

  367. 				is_array($form_data['field_ids']))
    368. 

  368. 			{
    369. 

  369. 				$all_field_ids = array_merge(
    370. 

  370. 					$all_field_ids,
    371. 

  371. 					$form_data['field_ids']
    372. 

  372. 				);
    373. 

  373. 

  374. 				$all_order_ids = array_merge(
    375. 

  375. 					$all_order_ids,
    376. 

  376. 					$this->actions()->pipe_split($form_data['field_order'])
    377. 

  377. 				);
    378. 

  378. 			}
    379. 

  379. 		}
    380. 

  380. 

  381. 		$all_field_ids = array_unique($all_field_ids);
    382. 

  382. 		$all_order_ids = array_unique($all_order_ids);
    383. 

  383. 

  384. 		sort($all_field_ids);
    385. 

  385. 

  386. 		// -------------------------------------
    387. 

  387. 		//	get field data
    388. 

  388. 		// -------------------------------------
    389. 

  389. 

  390. 		$all_field_data = FALSE;
    391. 

  391. 

  392. 		if ( ! empty($all_field_ids))
    393. 

  393. 		{
    394. 

  394. 			$all_field_data = ee()->freeform_field_model
    395. 

  395. 									->key('field_id')
    396. 

  396. 									->where_in('field_id', $all_field_ids)
    397. 

  397. 									->get();
    398. 

  398. 		}
    399. 

  399. 

  400. 		$field_data = array();
    401. 

  401. 

  402. 		if ($all_field_data)
    403. 

  403. 		{
    404. 

  404. 			foreach ($all_field_data as $row)
    405. 

  405. 			{
    406. 

  406. 				$field_data[$row['field_id']] = $row;
    407. 

  407. 			}
    408. 

  408. 		}
    409. 

  409. 

  410. 		// -------------------------------------
    411. 

  411. 		//	set tables
    412. 

  412. 		// -------------------------------------
    413. 

  413. 

  414. 		ee()->freeform_entry_model->id($form_ids);
    415. 

  415. 

  416. 		// -------------------------------------
    417. 

  417. 		//	replace CURRENT_USER before we get
    418. 

  418. 		//	started because the minute we don't
    419. 

  419. 		//	someone is going to figure out
    420. 

  420. 		//	a way to need it in site_id=""
    421. 

  421. 		// -------------------------------------
    422. 

  422. 

  423. 		$this->replace_current_user();
    424. 

  424. 

  425. 		// -------------------------------------
    426. 

  426. 		//	site ids
    427. 

  427. 		// -------------------------------------
    428. 

  428. 

  429. 		//if its star, allow all
    430. 

  430. 		if (ee()->TMPL->fetch_param('site_id') !== '*')
    431. 

  431. 		{
    432. 

  432. 			$site_id = $this->parse_numeric_array_param('site_id');
    433. 

  433. 

  434. 			//if this isn't false, its single or an array
    435. 

  435. 			if ($site_id !== FALSE)
    436. 

  436. 			{
    437. 

  437. 				if (empty($site_id['ids']))
    438. 

  438. 				{
    439. 

  439. 					ee()->freeform_entry_model->reset();
    440. 

  440. 					return $this->no_results_error();
    441. 

  441. 				}
    442. 

  442. 				else if ($site_id['not'])
    443. 

  443. 				{
    444. 

  444. 					ee()->freeform_entry_model->where_not_in(
    445. 

  445. 						'site_id',
    446. 

  446. 						$site_id['ids']
    447. 

  447. 					);
    448. 

  448. 				}
    449. 

  449. 				else
    450. 

  450. 				{
    451. 

  451. 					ee()->freeform_entry_model->where_in(
    452. 

  452. 						'site_id',
    453. 

  453. 						$site_id['ids']
    454. 

  454. 					);
    455. 

  455. 				}
    456. 

  456. 			}
    457. 

  457. 			//default
    458. 

  458. 			else
    459. 

  459. 			{
    460. 

  460. 				ee()->freeform_entry_model->where(
    461. 

  461. 					'site_id',
    462. 

  462. 					ee()->config->item('site_id')
    463. 

  463. 				);
    464. 

  464. 			}
    465. 

  465. 		}
    466. 

  466. 

  467. 		// -------------------------------------
    468. 

  468. 		//	entry ids
    469. 

  469. 		// -------------------------------------
    470. 

  470. 

  471. 		$entry_id = $this->parse_numeric_array_param('entry_id');
    472. 

  472. 

  473. 		if ($entry_id !== FALSE)
    474. 

  474. 		{
    475. 

  475. 			if (empty($entry_id['ids']))
    476. 

  476. 			{
    477. 

  477. 				ee()->freeform_entry_model->reset();
    478. 

  478. 				return $this->no_results_error();
    479. 

  479. 			}
    480. 

  480. 			else if ($entry_id['not'])
    481. 

  481. 			{
    482. 

  482. 				ee()->freeform_entry_model->where_not_in(
    483. 

  483. 					'entry_id',
    484. 

  484. 					$entry_id['ids']
    485. 

  485. 				);
    486. 

  486. 			}
    487. 

  487. 			else
    488. 

  488. 			{
    489. 

  489. 				ee()->freeform_entry_model->where_in(
    490. 

  490. 					'entry_id',
    491. 

  491. 					$entry_id['ids']
    492. 

  492. 				);
    493. 

  493. 			}
    494. 

  494. 		}
    495. 

  495. 

  496. 		// -------------------------------------
    497. 

  497. 		//	author ids
    498. 

  498. 		// -------------------------------------
    499. 

  499. 

  500. 		$author_id = $this->parse_numeric_array_param('author_id');
    501. 

  501. 

  502. 		if ($author_id !== FALSE)
    503. 

  503. 		{
    504. 

  504. 			if (empty($author_id['ids']))
    505. 

  505. 			{
    506. 

  506. 				ee()->freeform_entry_model->reset();
    507. 

  507. 				return $this->no_results_error();
    508. 

  508. 			}
    509. 

  509. 			else if ($author_id['not'])
    510. 

  510. 			{
    511. 

  511. 				ee()->freeform_entry_model->where_not_in(
    512. 

  512. 					'author_id',
    513. 

  513. 					$author_id['ids']
    514. 

  514. 				);
    515. 

  515. 			}
    516. 

  516. 			else
    517. 

  517. 			{
    518. 

  518. 				ee()->freeform_entry_model->where_in(
    519. 

  519. 					'author_id',
    520. 

  520. 					$author_id['ids']
    521. 

  521. 				);
    522. 

  522. 			}
    523. 

  523. 		}
    524. 

  524. 

  525. 		// -------------------------------------
    526. 

  526. 		//	{freeform:all_form_fields}
    527. 

  527. 		// -------------------------------------
    528. 

  528. 

  529. 		$tagdata = $this->replace_all_form_fields(
    530. 

  530. 			ee()->TMPL->tagdata,
    531. 

  531. 			$field_data,
    532. 

  532. 			$all_order_ids
    533. 

  533. 		);
    534. 

  534. 

  535. 		// -------------------------------------
    536. 

  536. 		//	get standard columns and labels
    537. 

  537. 		// -------------------------------------
    538. 

  538. 

  539. 		$standard_columns 	= array_keys(
    540. 

  540. 			ee()->freeform_form_model->default_form_table_columns
    541. 

  541. 		);
    542. 

  542. 

  543. 		$standard_columns[] = 'author';
    544. 

  544. 

  545. 		$column_labels		= array();
    546. 

  546. 

  547. 		//keyed labels for the front end
    548. 

  548. 		foreach ($standard_columns as $column_name)
    549. 

  549. 		{
    550. 

  550. 			$column_labels[$column_name] = lang($column_name);
    551. 

  551. 		}
    552. 

  552. 

  553. 		// -------------------------------------
    554. 

  554. 		//	available fields
    555. 

  555. 		// -------------------------------------
    556. 

  556. 

  557. 		//this makes the keys and values the same
    558. 

  558. 		$available_fields	= array_combine(
    559. 

  559. 			$standard_columns,
    560. 

  560. 			$standard_columns
    561. 

  561. 		);
    562. 

  562. 

  563. 		$custom_fields		= array();
    564. 

  564. 		$field_descriptions	= array();
    565. 

  565. 

  566. 		foreach ($field_data as $field_id => $f_data)
    567. 

  567. 		{
    568. 

  568. 			$fid = ee()->freeform_form_model->form_field_prefix . $field_id;
    569. 

  569. 

  570. 			//field_name => field_id_1, etc
    571. 

  571. 			$available_fields[$f_data['field_name']]	= $fid;
    572. 

  572. 			//field_id_1 => field_id_1, etc
    573. 

  573. 			$available_fields[$fid]						= $fid;
    574. 

  574. 			$custom_fields[] = $f_data['field_name'];
    575. 

  575. 

  576. 			//labels
    577. 

  577. 			$column_labels[$f_data['field_name']]		= $f_data['field_label'];
    578. 

  578. 			$column_labels[$fid]						= $f_data['field_label'];
    579. 

  579. 

  580. 			$field_descriptions[
    581. 

  581. 				'freeform:description:' . $f_data['field_name']
    582. 

  582. 			]	= $f_data['field_description'];
    583. 

  583. 		}
    584. 

  584. 

  585. 		// -------------------------------------
    586. 

  586. 		//	search:field_name="kittens"
    587. 

  587. 		// -------------------------------------
    588. 

  588. 

  589. 		foreach (ee()->TMPL->tagparams as $key => $value)
    590. 

  590. 		{
    591. 

  591. 			if (substr($key, 0, 7) == 'search:')
    592. 

  592. 			{
    593. 

  593. 				$search_key = substr($key, 7);
    594. 

  594. 

  595. 				if (isset($available_fields[$search_key]))
    596. 

  596. 				{
    597. 

  597. 					ee()->freeform_entry_model->add_search(
    598. 

  598. 						$available_fields[$search_key],
    599. 

  599. 						$value
    600. 

  600. 					);
    601. 

  601. 				}
    602. 

  602. 			}
    603. 

  603. 		}
    604. 

  604. 

  605. 		// -------------------------------------
    606. 

  606. 		//	date range
    607. 

  607. 		// -------------------------------------
    608. 

  608. 

  609. 		$date_range			= ee()->TMPL->fetch_param('date_range');
    610. 

  610. 		$date_range_start	= ee()->TMPL->fetch_param('date_range_start');
    611. 

  611. 		$date_range_end		= ee()->TMPL->fetch_param('date_range_end');
    612. 

  612. 

  613. 		ee()->freeform_entry_model->date_where(
    614. 

  614. 			$date_range,
    615. 

  615. 			$date_range_start,
    616. 

  616. 			$date_range_end
    617. 

  617. 		);
    618. 

  618. 

  619. 		// -------------------------------------
    620. 

  620. 		//	complete
    621. 

  621. 		// -------------------------------------
    622. 

  622. 

  623. 		$show_incomplete = ee()->TMPL->fetch_param('show_incomplete');
    624. 

  624. 

  625. 		if ($show_incomplete === 'only')
    626. 

  626. 		{
    627. 

  627. 			ee()->freeform_entry_model->where('complete', 'n');
    628. 

  628. 		}
    629. 

  629. 		//default unless show_incomplete="y"
    630. 

  630. 		else if ( ! $this->check_yes($show_incomplete))
    631. 

  631. 		{
    632. 

  632. 			ee()->freeform_entry_model->where('complete', 'y');
    633. 

  633. 		}
    634. 

  634. 

  635. 		// -------------------------------------
    636. 

  636. 		//	status
    637. 

  637. 		// -------------------------------------
    638. 

  638. 

  639. 		$status = ee()->TMPL->fetch_param('status', 'open');
    640. 

  640. 

  641. 		if ($status !== 'all')
    642. 

  642. 		{
    643. 

  643. 			//make it an array either way
    644. 

  644. 			$status = array_map('trim', $this->actions()->pipe_split($status));
    645. 

  645. 

  646. 			$approved = array_map('strtolower', $statuses);
    647. 

  647. 

  648. 			$search_status = array();
    649. 

  649. 

  650. 			//only keep legit ones
    651. 

  651. 			foreach($status as $potential_status)
    652. 

  652. 			{
    653. 

  653. 				if (in_array(strtolower($potential_status), $approved))
    654. 

  654. 				{
    655. 

  655. 					$search_status[] = $potential_status;
    656. 

  656. 				}
    657. 

  657. 			}
    658. 

  658. 

  659. 			if ( ! empty($search_status))
    660. 

  660. 			{
    661. 

  661. 				ee()->freeform_entry_model->where_in(
    662. 

  662. 					'status',
    663. 

  663. 					$search_status
    664. 

  664. 				);
    665. 

  665. 			}
    666. 

  666. 		}
    667. 

  667. 

  668. 		// -------------------------------------
    669. 

  669. 		//	orderby/sort
    670. 

  670. 		// -------------------------------------
    671. 

  671. 

  672. 		$sort 		= ee()->TMPL->fetch_param('sort');
    673. 

  673. 		$orderby 	= ee()->TMPL->fetch_param('orderby');
    674. 

  674. 

  675. 		if ($orderby !== FALSE AND trim($orderby) !== '')
    676. 

  676. 		{
    677. 

  677. 			$orderby = $this->actions()->pipe_split(strtolower(trim($orderby)));
    678. 

  678. 

  679. 			array_walk($orderby, 'trim');
    680. 

  680. 

  681. 			// -------------------------------------
    682. 

  682. 			//	sort
    683. 

  683. 			// -------------------------------------
    684. 

  684. 

  685. 			if ($sort !== FALSE AND trim($sort) !== '')
    686. 

  686. 			{
    687. 

  687. 				$sort = $this->actions()->pipe_split(strtolower(trim($sort)));
    688. 

  688. 

  689. 				array_walk($sort, 'trim');
    690. 

  690. 

  691. 				//correct sorts
    692. 

  692. 				foreach ($sort as $key => $value)
    693. 

  693. 				{
    694. 

  694. 					if ( ! in_array($value, array('asc', 'desc')))
    695. 

  695. 					{
    696. 

  696. 						$sort[$key] = 'asc';
    697. 

  697. 					}
    698. 

  698. 				}
    699. 

  699. 			}
    700. 

  700. 			else
    701. 

  701. 			{
    702. 

  702. 				$sort = array('asc');
    703. 

  703. 			}
    704. 

  704. 

  705. 			// -------------------------------------
    706. 

  706. 			//	add sorts and orderbys
    707. 

  707. 			// -------------------------------------
    708. 

  708. 

  709. 			foreach ($orderby as $key => $value)
    710. 

  710. 			{
    711. 

  711. 				if ($value == 'random')
    712. 

  712. 				{
    713. 

  713. 					ee()->freeform_entry_model->order_by('', 'random');
    714. 

  714. 					continue;
    715. 

  715. 				}
    716. 

  716. 

  717. 				if (isset($available_fields[$value]))
    718. 

  718. 				{
    719. 

  719. 					//if the sort is not set, just use the first
    720. 

  720. 					//really this should teach people to be more specific :p
    721. 

  721. 					$temp_sort = isset($sort[$key]) ? $sort[$key] : $sort[0];
    722. 

  722. 

  723. 					ee()->freeform_entry_model->order_by(
    724. 

  724. 						$available_fields[$value],
    725. 

  725. 						$temp_sort
    726. 

  726. 					);
    727. 

  727. 				}
    728. 

  728. 			}
    729. 

  729. 		}
    730. 

  730. 

  731. 		//--------------------------------------
    732. 

  732. 		//  pagination start vars
    733. 

  733. 		//--------------------------------------
    734. 

  734. 

  735. 		$limit				= ee()->TMPL->fetch_param('limit', 50);
    736. 

  736. 		$offset				= ee()->TMPL->fetch_param('offset', 0);
    737. 

  737. 		$row_count			= 0;
    738. 

  738. 		$total_entries		= ee()->freeform_entry_model->count(array(), FALSE);
    739. 

  739. 		$current_page		= 0;
    740. 

  740. 

  741. 		if ($total_entries == 0)
    742. 

  742. 		{
    743. 

  743. 			ee()->freeform_entry_model->reset();
    744. 

  744. 			return $this->no_results_error();
    745. 

  745. 		}
    746. 

  746. 

  747. 		// -------------------------------------
    748. 

  748. 		//	pagination?
    749. 

  749. 		// -------------------------------------
    750. 

  750. 

  751. 		$prefix = stristr($tagdata, LD . 'freeform:paginate' . RD);
    752. 

  752. 

  753. 		if ($limit > 0 AND ($total_entries - $offset) > $limit)
    754. 

  754. 		{
    755. 

  755. 			//get pagination info
    756. 

  756. 			$pagination_data = $this->universal_pagination(array(
    757. 

  757. 				'total_results'			=> $total_entries,
    758. 

  758. 				'tagdata'				=> $tagdata,
    759. 

  759. 				'limit'					=> $limit,
    760. 

  760. 				'offset'				=> $offset,
    761. 

  761. 				'uri_string'			=> ee()->uri->uri_string,
    762. 

  762. 				'prefix'				=> 'freeform:',
    763. 

  763. 				'auto_paginate'			=> TRUE
    764. 

  764. 			));
    765. 

  765. 

  766. 			//if we paginated, sort the data
    767. 

  767. 			if ($pagination_data['paginate'] === TRUE)
    768. 

  768. 			{
    769. 

  769. 				$tagdata		= $pagination_data['tagdata'];
    770. 

  770. 				$current_page 	= $pagination_data['pagination_page'];
    771. 

  771. 			}
    772. 

  772. 		}
    773. 

  773. 		else
    774. 

  774. 		{
    775. 

  775. 			$this->paginate = FALSE;
    776. 

  776. 		}
    777. 

  777. 

  778. 		ee()->freeform_entry_model->limit($limit, $current_page + $offset);
    779. 

  779. 

  780. 		// -------------------------------------
    781. 

  781. 		//	get data
    782. 

  782. 		// -------------------------------------
    783. 

  783. 

  784. 		$result_array = ee()->freeform_entry_model->get();
    785. 

  785. 

  786. 		if (empty($result_array))
    787. 

  787. 		{
    788. 

  788. 			ee()->freeform_entry_model->reset();
    789. 

  789. 			return $this->no_results_error();
    790. 

  790. 		}
    791. 

  791. 

  792. 		$output_labels = array();
    793. 

  793. 

  794. 		//column labels for output
    795. 

  795. 		foreach ($column_labels as $key => $value)
    796. 

  796. 		{
    797. 

  797. 			$output_labels['freeform:label:' . $key] = $value;
    798. 

  798. 		}
    799. 

  799. 

  800. 		$count				= $row_count;
    801. 

  801. 

  802. 		$variable_rows		= array();
    803. 

  803. 

  804. 		$replace_tagdata	= '';
    805. 

  805. 

  806. 		// -------------------------------------
    807. 

  807. 		//	allow pre_process
    808. 

  808. 		// -------------------------------------
    809. 

  809. 

  810. 		$entry_ids = array();
    811. 

  811. 

  812. 		foreach ($result_array as $row)
    813. 

  813. 		{
    814. 

  814. 			if ( ! isset($entry_ids[$row['form_id']]))
    815. 

  815. 			{
    816. 

  816. 				$entry_ids[$row['form_id']] = array();
    817. 

  817. 			}
    818. 

  818. 

  819. 			$entry_ids[$row['form_id']][] = $row['entry_id'];
    820. 

  820. 		}
    821. 

  821. 

  822. 		// -------------------------------------
    823. 

  823. 		//	preprocess items
    824. 

  824. 		// -------------------------------------
    825. 

  825. 		//	These are separated by form id so this
    826. 

  826. 		//	is not iterating over each entry id
    827. 

  827. 		//	but rather grouped by form.
    828. 

  828. 		// -------------------------------------
    829. 

  829. 

  830. 		foreach ($entry_ids as $f_form_id => $f_entry_ids)
    831. 

  831. 		{
    832. 

  832. 			ee()->freeform_fields->apply_field_method(array(
    833. 

  833. 				'method'		=> 'pre_process_entries',
    834. 

  834. 				'form_id'		=> $f_form_id,
    835. 

  835. 				'form_data'		=> $forms_data,
    836. 

  836. 				'entry_id'		=> $f_entry_ids,
    837. 

  837. 				'field_data'	=> $field_data
    838. 

  838. 			));
    839. 

  839. 		}
    840. 

  840. 

  841. 		// -------------------------------------
    842. 

  842. 		//	output
    843. 

  843. 		// -------------------------------------
    844. 

  844. 

  845. 		$to_prefix = array(
    846. 

  846. 			'absolute_count',
    847. 

  847. 			'absolute_results',
    848. 

  848. 			'attachment_count',
    849. 

  849. 			'author_id',
    850. 

  850. 			'author',
    851. 

  851. 			'complete',
    852. 

  852. 			'edit_date',
    853. 

  853. 			'entry_date',
    854. 

  854. 			'entry_id',
    855. 

  855. 			'form_id',
    856. 

  856. 			'form_name',
    857. 

  857. 			'ip_address',
    858. 

  858. 			'reverse_count'
    859. 

  859. 		);
    860. 

  860. 

  861. 		$absolute_count = $current_page + $offset;
    862. 

  862. 		$total_results	= count($result_array);
    863. 

  863. 		$count			= 0;
    864. 

  864. 

  865. 		// -------------------------------------
    866. 

  866. 		//	get file attachment count for entries
    867. 

  867. 		// -------------------------------------
    868. 

  868. 

  869. 		$att_results = ee()->freeform_file_upload_model
    870. 

  870. 						->select('form_id, entry_id, COUNT(*) as file_count')
    871. 

  871. 						->where_in('form_id', $form_ids)
    872. 

  872. 						->group_by('form_id, entry_id')
    873. 

  873. 						->get();
    874. 

  874. 

  875. 

  876. 		$attached_counts = array();
    877. 

  877. 

  878. 		if ( ! empty($att_results))
    879. 

  879. 		{
    880. 

  880. 			foreach ($att_results as $att_row)
    881. 

  881. 			{
    882. 

  882. 				if ( ! isset($attached_counts[$att_row['form_id']]))
    883. 

  883. 				{
    884. 

  884. 					$attached_counts[$att_row['form_id']] = array();
    885. 

  885. 				}
    886. 

  886. 

  887. 				$attached_counts[$att_row['form_id']][$att_row['entry_id']] = $att_row['file_count'];
    888. 

  888. 			}
    889. 

  889. 		}
    890. 

  890. 

  891. 		// -------------------------------------
    892. 

  892. 		//	build results
    893. 

  893. 		// -------------------------------------
    894. 

  894. 

  895. 		foreach ($result_array as $row)
    896. 

  896. 		{
    897. 

  897. 			//apply replace tag to our field data
    898. 

  898. 			$field_parse = ee()->freeform_fields->apply_field_method(array(
    899. 

  899. 				'method'			=> 'replace_tag',
    900. 

  900. 				'form_id'			=> $row['form_id'],
    901. 

  901. 				'entry_id'			=> $row['entry_id'],
    902. 

  902. 				'form_data'			=> $forms_data,
    903. 

  903. 				'field_data'		=> $field_data,
    904. 

  904. 				'field_input_data'	=> $row,
    905. 

  905. 				'tagdata'			=> $tagdata
    906. 

  906. 			));
    907. 

  907. 

  908. 			$row = array_merge(
    909. 

  909. 				$output_labels,
    910. 

  910. 				$field_descriptions,
    911. 

  911. 				$row,
    912. 

  912. 				$field_parse['variables']
    913. 

  913. 			);
    914. 

  914. 

  915. 			$row['attachment_count'] = isset($attached_counts[$row['form_id']][$row['entry_id']]) ?
    916. 

  916. 										$attached_counts[$row['form_id']][$row['entry_id']] :
    917. 

  917. 										0;
    918. 

  918. 

  919. 			if ($replace_tagdata == '')
    920. 

  920. 			{
    921. 

  921. 				$replace_tagdata = $field_parse['tagdata'];
    922. 

  922. 			}
    923. 

  923. 

  924. 			$row['freeform:form_name']			= $forms_data[$row['form_id']]['form_name'];
    925. 

  925. 			$row['freeform:form_label']			= $forms_data[$row['form_id']]['form_label'];
    926. 

  926. 

  927. 			//prefix
    928. 

  928. 			foreach ($row as $key => $value)
    929. 

  929. 			{
    930. 

  930. 				if ( ! preg_match('/^freeform:/', $key))
    931. 

  931. 				{
    932. 

  932. 					if (in_array($key, $custom_fields) AND
    933. 

  933. 						! isset($row['freeform:field:' . $key]))
    934. 

  934. 					{
    935. 

  935. 						$row['freeform:field:' . $key] = $value;
    936. 

  936. 					}
    937. 

  937. 					else if ( ! isset($row['freeform:' . $key]))
    938. 

  938. 					{
    939. 

  939. 						$row['freeform:' . $key] = $value;
    940. 

  940. 					}
    941. 

  941. 

  942. 					unset($row[$key]);
    943. 

  943. 				}
    944. 

  944. 			}
    945. 

  945. 

  946. 			// -------------------------------------
    947. 

  947. 			//	other counts
    948. 

  948. 			// -------------------------------------
    949. 

  949. 			$row['freeform:reverse_count']		= $total_results - $count++;
    950. 

  950. 			$row['freeform:absolute_count']		= ++$absolute_count;
    951. 

  951. 			$row['freeform:absolute_results']	= $total_entries;
    952. 

  952. 

  953. 			$variable_rows[] = $row;
    954. 

  954. 		}
    955. 

  955. 

  956. 		$tagdata = $replace_tagdata;
    957. 

  957. 

  958. 		$prefixed_tags	= array(
    959. 

  959. 			'count',
    960. 

  960. 			'switch',
    961. 

  961. 			'total_results'
    962. 

  962. 		);
    963. 

  963. 

  964. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata);
    965. 

  965. 

  966. 		//this should handle backspacing as well
    967. 

  967. 		$tagdata = ee()->TMPL->parse_variables($tagdata, $variable_rows);
    968. 

  968. 

  969. 		$tagdata = $this->tag_prefix_replace('freeform:', $prefixed_tags, $tagdata, TRUE);
    970. 

  970. 

  971. 		// -------------------------------------
    972. 

  972. 		//	add pagination
    973. 

  973. 		// -------------------------------------
    974. 

  974. 

  975. 		//prefix or no prefix?
    976. 

  976. 		if ($prefix)
    977. 

  977. 		{
    978. 

  978. 			$tagdata = $this->parse_pagination(array(
    979. 

  979. 				'prefix' 	=> 'freeform:',
    980. 

  980. 				'tagdata' 	=> $tagdata
    981. 

  981. 			));
    982. 

  982. 		}
    983. 

  983. 		else
    984. 

  984. 		{
    985. 

  985. 			$tagdata = $this->parse_pagination(array(
    986. 

  986. 				'tagdata' 	=> $tagdata
    987. 

  987. 			));
    988. 

  988. 		}
    989. 

  989. 

  990. 		return $tagdata;
    991. 

  991. 	}
    992. 

  992. 	//END entries
    993. 

  993. 

  994. 

  995. 	
    996. 

  996. 

  997. 	// --------------------------------------------------------------------
    998. 

  998. 

  999. 	/**
    1000. 

  1000. 	 * Freeform:Form
    1001. 

  1001. 	 * {exp:freeform:form}
    1002. 

  1002. 	 *
    1003. 

  1003. 	 * @access	public
    1004. 

  1004. 	 * @param 	bool 	$edit			edit mode? external for security
    1005. 

  1005. 	 * @param	bool	$preview		preview mode?
    1006. 

  1006. 	 * @param	mixed	$preview_fields	extra preview fields?
    1007. 

  1007. 	 * @return	string 	tagdata
    1008. 

  1008. 	 */
    1009. 

  1009. 

  1010. 	public function form($edit = FALSE, $preview = FALSE, $preview_fields = FALSE)
    1011. 

  1011. 	{
    1012. 

  1012. 		if ($this->check_yes(ee()->TMPL->fetch_param('require_logged_in')) AND
    1013. 

  1013. 			ee()->session->userdata['member_id'] == '0')
    1014. 

  1014. 		{
    1015. 

  1015. 			return $this->no_results_error('not_logged_in');
    1016. 

  1016. 		}
    1017. 

  1017. 

  1018. 		// -------------------------------------
    1019. 

  1019. 		//	form id
    1020. 

  1020. 		// -------------------------------------
    1021. 

  1021. 

  1022. 		$form_id = $this->form_id(FALSE, FALSE);
    1023. 

  1023. 

  1024. 		if ( ! $form_id)
    1025. 

  1025. 		{
    1026. 

  1026. 			return $this->no_results_error('invalid_form_id');
    1027. 

  1027. 		}
    1028. 

  1028. 

  1029. 		// -------------------------------------
    1030. 

  1030. 		//	libs, helpers, etc
    1031. 

  1031. 		// -------------------------------------
    1032. 

  1032. 

  1033. 		ee()->load->model('freeform_form_model');
    1034. 

  1034. 		ee()->load->model('freeform_field_model');
    1035. 

  1035. 		ee()->load->library('freeform_forms');
    1036. 

  1036. 		ee()->load->library('freeform_fields');
    1037. 

  1037. 		ee()->load->helper('form');
    1038. 

  1038. 

  1039. 		// -------------------------------------
    1040. 

  1040. 		//	build query
    1041. 

  1041. 		// -------------------------------------
    1042. 

  1042. 

  1043. 		$this->form_data = $form_data = $this->data->get_form_info($form_id);
    1044. 

  1044. 

  1045. 		// -------------------------------------
    1046. 

  1046. 		//	preview fields? (composer preview)
    1047. 

  1047. 		// -------------------------------------
    1048. 

  1048. 

  1049. 		if ( ! empty($preview_fields))
    1050. 

  1050. 		{
    1051. 

  1051. 			ee()->load->model('freeform_field_model');
    1052. 

  1052. 

  1053. 			$valid_preview_fields = ee()->freeform_field_model
    1054. 

  1054. 										->where_in('field_id', $preview_fields)
    1055. 

  1055. 										->key('field_id')
    1056. 

  1056. 										->get();
    1057. 

  1057. 

  1058. 			if ($valid_preview_fields)
    1059. 

  1059. 			{
    1060. 

  1060. 				foreach ($valid_preview_fields as $p_field_id => $p_field_data)
    1061. 

  1061. 				{
    1062. 

  1062. 					$p_field_data['preview']			= TRUE;
    1063. 

  1063. 					$form_data['fields'][$p_field_id]	= $p_field_data;
    1064. 

  1064. 				}
    1065. 

  1065. 			}
    1066. 

  1066. 		}
    1067. 

  1067. 

  1068. 		// -------------------------------------
    1069. 

  1069. 		//	form data
    1070. 

  1070. 		// -------------------------------------
    1071. 

  1071. 

  1072. 		$this->params['form_id'] = $form_id;
    1073. 

  1073. 

  1074. 		// -------------------------------------
    1075. 

  1075. 		//	edit?
    1076. 

  1076. 		// -------------------------------------
    1077. 

  1077. 

  1078. 		$entry_id	= 0;
    1079. 

  1079. 

  1080. 		$edit_data	= array();
    1081. 

  1081. 

  1082. 		
    1083. 

  1083. 

  1084. 		$this->params['edit']				= $edit;
    1085. 

  1085. 		$this->params['entry_id']			= $entry_id;
    1086. 

  1086. 

  1087. 		// -------------------------------------
    1088. 

  1088. 		//	replace CURRENT_USER everywhere
    1089. 

  1089. 		// -------------------------------------
    1090. 

  1090. 

  1091. 		$this->replace_current_user();
    1092. 

  1092. 

  1093. 		// -------------------------------------
    1094. 

  1094. 		//	default params
    1095. 

  1095. 		// -------------------------------------
    1096. 

  1096. 

  1097. 		$this->default_mp_page_marker = 'page';
    1098. 

  1098. 

  1099. 		$this->set_form_params(TRUE);
    1100. 

  1100. 

  1101. 		//	----------------------------------------
    1102. 

  1102. 		//	Check for duplicate
    1103. 

  1103. 		//	----------------------------------------
    1104. 

  1104. 

  1105. 		$duplicate = FALSE;
    1106. 

  1106. 

  1107. 		//we can only prevent dupes on entry like this
    1108. 

  1108. 		if ( ! $edit AND $this->params['prevent_duplicate_on'])
    1109. 

  1109. 		{
    1110. 

  1110. 			if ( in_array(
    1111. 

  1111. 					$this->params['prevent_duplicate_on'],
    1112. 

  1112. 					array('member_id', 'ip_address'),
    1113. 

  1113. 					TRUE
    1114. 

  1114. 				))
    1115. 

  1115. 			{
    1116. 

  1116. 				$duplicate = ee()->freeform_forms->check_duplicate(
    1117. 

  1117. 					$form_id,
    1118. 

  1118. 					$this->params['prevent_duplicate_on'],
    1119. 

  1119. 					'',
    1120. 

  1120. 					$this->params['prevent_duplicate_per_site']
    1121. 

  1121. 				);
    1122. 

  1122. 			}
    1123. 

  1123. 		}
    1124. 

  1124. 

  1125. 		//	----------------------------------------
    1126. 

  1126. 		//	duplicate?
    1127. 

  1127. 		//	----------------------------------------
    1128. 

  1128. 

  1129. 		if ($duplicate)
    1130. 

  1130. 		{
    1131. 

  1131. 			if ($this->params['duplicate_redirect'] !== '')
    1132. 

  1132. 			{
    1133. 

  1133. 				ee()->functions->redirect(
    1134. 

  1134. 					$this->prep_url(
    1135. 

  1135. 						$this->params['duplicate_redirect'],
    1136. 

  1136. 						$this->params['secure_duplicate_redirect']
    1137. 

  1137. 					)
    1138. 

  1138. 				);
    1139. 

  1139. 

  1140. 				return $this->do_exit();
    1141. 

  1141. 			}
    1142. 

  1142. 			else if ($this->params['error_on_duplicate'])
    1143. 

  1143. 			{
    1144. 

  1144. 				return $this->no_results_error('no_duplicates');
    1145. 

  1145. 			}
    1146. 

  1146. 			/*else if (preg_match(
    1147. 

  1147. 				'/' . LD . 'if freeform_duplicate' . RD . '(*?)' '/',
    1148. 

  1148. 				ee()->TMPL->tagdata, ))
    1149. 

  1149. 			{
    1150. 

    1151. 

  1151. 			}*/
    1152. 

  1152. 		}
    1153. 

  1153. 

  1154. 		// -------------------------------------
    1155. 

  1155. 		//	check user email field
    1156. 

  1156. 		// 	if this is from form prefs, its an ID
    1157. 

  1157. 		// -------------------------------------
    1158. 

  1158. 

  1159. 		$valid_user_email_field = FALSE;
    1160. 

  1160. 

  1161. 		foreach ($form_data['fields'] as $field_id => $field_data)
    1162. 

  1162. 		{
    1163. 

  1163. 			if ($this->params['user_email_field'] == $field_data['field_name'] OR
    1164. 

  1164. 				$this->params['user_email_field'] == $field_id)
    1165. 

  1165. 			{
    1166. 

  1166. 				$valid_user_email_field = TRUE;
    1167. 

  1167. 

  1168. 				//in case the setting is an id
    1169. 

  1169. 				$this->params['user_email_field'] = $field_data['field_name'];
    1170. 

  1170. 				break;
    1171. 

  1171. 			}
    1172. 

  1172. 		}
    1173. 

  1173. 

  1174. 		//  if it doesn't exist in the form, lets blank it
    1175. 

  1175. 		$this->params['user_email_field'] = (
    1176. 

  1176. 			$valid_user_email_field ?
    1177. 

  1177. 				$this->params['user_email_field'] :
    1178. 

  1178. 				''
    1179. 

  1179. 		);
    1180. 

  1180. 

  1181. 		
    1182. 

  1182. 

  1183. 		$this->edit	= $edit;
    1184. 

  1184. 

  1185. 		//	----------------------------------------
    1186. 

  1186. 		//	'freeform_module_form_begin' hook.
    1187. 

  1187. 		//	 - This allows developers to change data before form processing.
    1188. 

  1188. 		//	----------------------------------------
    1189. 

  1189. 

  1190. 		if (ee()->extensions->active_hook('freeform_module_form_begin') === TRUE)
    1191. 

  1191. 		{
    1192. 

  1192. 			ee()->extensions->universal_call(
    1193. 

  1193. 				'freeform_module_form_begin',
    1194. 

  1194. 				$this
    1195. 

  1195. 			);
    1196. 

  1196. 

  1197. 			if (ee()->extensions->end_script === TRUE) return;
    1198. 

  1198. 		}
    1199. 

  1199. 		//	----------------------------------------
    1200. 

  1200. 

  1201. 		// -------------------------------------
    1202. 

  1202. 		//	start form
    1203. 

  1203. 		// -------------------------------------
    1204. 

  1204. 

  1205. 		$tagdata				= ee()->TMPL->tagdata;
    1206. 

  1206. 		$return					= '';
    1207. 

  1207. 		$hidden_fields			= array();
    1208. 

  1208. 		$outer_template_vars	= array();
    1209. 

  1209. 		$variables				= array();
    1210. 

  1210. 		$page_total				= 1;
    1211. 

  1211. 		$current_page			= 0;
    1212. 

  1212. 		$last_page				= TRUE;
    1213. 

  1213. 		$multipage				= $this->params['multipage'];
    1214. 

  1214. 

  1215. 		// -------------------------------------
    1216. 

  1216. 		//	check if this is multi-page
    1217. 

  1217. 		// -------------------------------------
    1218. 

  1218. 

  1219. 		
    1220. 

  1220. 			$current_page = 1;
    1221. 

  1221. 			
    1222. 

  1222. 

  1223. 		// -------------------------------------
    1224. 

  1224. 		//	set for hooks
    1225. 

  1225. 		// -------------------------------------
    1226. 

  1226. 

  1227. 		$this->multipage = $multipage;
    1228. 

  1228. 		$this->last_page = $last_page;
    1229. 

  1229. 

  1230. 		// -------------------------------------
    1231. 

  1231. 		//	check again for captcha now that
    1232. 

  1232. 		//	tagdata has been adjusted
    1233. 

  1233. 		// -------------------------------------
    1234. 

  1234. 

  1235. 		if ($this->params['require_captcha'])
    1236. 

  1236. 		{
    1237. 

  1237. 			$this->params['require_captcha'] = (
    1238. 

  1238. 				$this->require_captcha() &&
    1239. 

  1239. 				stristr($tagdata, LD . 'freeform:captcha' . RD) != FALSE
    1240. 

  1240. 			);
    1241. 

  1241. 		}
    1242. 

  1242. 

  1243. 		// -------------------------------------
    1244. 

  1244. 		//	submit
    1245. 

  1245. 		// -------------------------------------
    1246. 

  1246. 

  1247. 		//standard submits
    1248. 

  1248. 		$variables['freeform:submit'] = form_submit('submit', lang('submit'));
    1249. 

  1249. 

  1250. 		//replace submit buttons that have args
    1251. 

  1251. 		$tagdata = $this->replace_submit(array(
    1252. 

  1252. 			'tag'		=> 'freeform:submit',
    1253. 

  1253. 			'pre_args'	=> array(
    1254. 

  1254. 				'name' => 'submit',
    1255. 

  1255. 				'value' => lang('submit')
    1256. 

  1256. 			),
    1257. 

  1257. 			'tagdata'	=> $tagdata
    1258. 

  1258. 		));
    1259. 

  1259. 

  1260. 		// -------------------------------------
    1261. 

  1261. 		//	other random vars
    1262. 

  1262. 		// -------------------------------------
    1263. 

  1263. 

  1264. 		$variables['freeform:submit_previous']	= '';
    1265. 

  1265. 		$variables['freeform:duplicate']		= $duplicate;
    1266. 

  1266. 		$variables['freeform:not_duplicate']	= ! $duplicate;
    1267. 

  1267. 		$variables['freeform:form_label']		= $form_data['form_label'];
    1268. 

  1268. 		$variables['freeform:form_description']	= $form_data['form_description'];
    1269. 

  1269. 		$variables['freeform:last_page']		= $last_page;
    1270. 

  1270. 		$variables['freeform:current_page']		= $current_page;
    1271. 

  1271. 

  1272. 		
    1273. 

  1273. 

  1274. 		// -------------------------------------
    1275. 

  1275. 		//	display fields
    1276. 

  1276. 		// -------------------------------------
    1277. 

  1277. 

  1278. 		$field_error_data	= array();
    1279. 

  1279. 		$general_error_data	= array();
    1280. 

  1280. 		$field_input_data	= array();
    1281. 

  1281. 

  1282. 		// -------------------------------------
    1283. 

  1283. 		//	inline errors?
    1284. 

  1284. 		// -------------------------------------
    1285. 

  1285. 

  1286. 		if ($this->params['inline_errors'] AND
    1287. 

  1287. 			$this->is_positive_intlike(
    1288. 

  1288. 				ee()->session->flashdata('freeform_errors')
    1289. 

  1289. 			)
    1290. 

  1290. 		)
    1291. 

  1291. 		{
    1292. 

  1292. 			ee()->load->model('freeform_param_model');
    1293. 

  1293. 

  1294. 			$error_query = ee()->freeform_param_model->get_row(
    1295. 

  1295. 				ee()->session->flashdata('freeform_errors')
    1296. 

  1296. 			);
    1297. 

  1297. 

  1298. 			if ($error_query !== FALSE)
    1299. 

  1299. 			{
    1300. 

  1300. 				$potential_error_data = json_decode($error_query['data'], TRUE);
    1301. 

  1301. 

  1302. 				//specific field errors
    1303. 

  1303. 				if (isset($potential_error_data['field_errors']))
    1304. 

  1304. 				{
    1305. 

  1305. 					$field_error_data = $potential_error_data['field_errors'];
    1306. 

  1306. 				}
    1307. 

  1307. 

  1308. 				//errors that aren't field based
    1309. 

  1309. 				if (isset($potential_error_data['general_errors']))
    1310. 

  1310. 				{
    1311. 

  1311. 					$general_error_data = $potential_error_data['general_errors'];
    1312. 

  1312. 				}
    1313. 

  1313. 

  1314. 				//gets inputs for repopulation
    1315. 

  1315. 				if (isset($potential_error_data['inputs']))
    1316. 

  1316. 				{
    1317. 

  1317. 					$field_input_data = $potential_error_data['inputs'];
    1318. 

  1318. 				}
    1319. 

  1319. 

  1320. 				//restore recipient_emails
    1321. 

  1321. 				if (! empty($potential_error_data['stored_data']['recipient_emails']))
    1322. 

  1322. 				{
    1323. 

  1323. 					$previous_inputs['hash_stored_data']['recipient_emails'] =
    1324. 

  1324. 						$potential_error_data['stored_data']['recipient_emails'];
    1325. 

  1325. 				}
    1326. 

  1326. 

  1327. 				//restore user_recipient_emails
    1328. 

  1328. 				if (! empty($potential_error_data['stored_data']['user_recipient_emails']))
    1329. 

  1329. 				{
    1330. 

  1330. 					$previous_inputs['hash_stored_data']['user_recipient_emails'] =
    1331. 

  1331. 						$potential_error_data['stored_data']['user_recipient_emails'];
    1332. 

  1332. 				}
    1333. 

  1333. 			}
    1334. 

  1334. 		}
    1335. 

  1335. 		//END if ($this->params['inline_errors']
    1336. 

  1336. 

  1337. 		// -------------------------------------
    1338. 

  1338. 		//	build field variables
    1339. 

  1339. 		// -------------------------------------
    1340. 

  1340. 

  1341. 		foreach ($form_data['fields'] as $field_id => $field_data)
    1342. 

  1342. 		{
    1343. 

  1343. 			// -------------------------------------
    1344. 

  1344. 			//	label?
    1345. 

  1345. 			// -------------------------------------
    1346. 

  1346. 

  1347. 			$error = '';
    1348. 

  1348. 

  1349. 			if (isset($field_error_data[$field_data['field_name']]))
    1350. 

  1350. 			{
    1351. 

  1351. 				$error = is_array($field_error_data[$field_data['field_name']]) ?
    1352. 

  1352. 							implode(', ', $field_error_data[$field_data['field_name']]) :
    1353. 

  1353. 							$field_error_data[$field_data['field_name']];
    1354. 

  1354. 			}
    1355. 

  1355. 

  1356. 			// -------------------------------------
    1357. 

  1357. 			//	variables for later parsing
    1358. 

  1358. 			// -------------------------------------
    1359. 

  1359. 

  1360. 			$variables['freeform:error:' . $field_data['field_name']] = $error;
    1361. 

  1361. 

  1362. 			$variables['freeform:label:' . $field_data['field_name']] = $field_data['field_label'];
    1363. 

  1363. 			$variables['freeform:description:' . $field_data['field_name']] = $field_data['field_description'];
    1364. 

  1364. 

  1365. 			// -------------------------------------
    1366. 

  1366. 			//	values?
    1367. 

  1367. 			// -------------------------------------
    1368. 

  1368. 

  1369. 			$col_name = ee()->freeform_form_model->form_field_prefix . $field_id;
    1370. 

  1370. 

  1371. 			// -------------------------------------
    1372. 

  1372. 			//	multipage previous inputs?
    1373. 

  1373. 			// -------------------------------------
    1374. 

  1374. 

  1375. 			$possible = (
    1376. 

  1376. 				isset($previous_inputs[$col_name]) ?
    1377. 

  1377. 					$previous_inputs[$col_name] :
    1378. 

  1378. 					(
    1379. 

  1379. 						isset($previous_inputs[$field_data['field_name']]) ?
    1380. 

  1380. 							$previous_inputs[$field_data['field_name']] :
    1381. 

  1381. 							''
    1382. 

  1382. 					)
    1383. 

  1383. 			);
    1384. 

  1384. 

  1385. 			$possible = $this->prep_multi_item_data($possible, $field_data['field_type']);
    1386. 

  1386. 

  1387. 			$variables['freeform:mp_data:' . $field_data['field_name']] = $possible;
    1388. 

  1388. 

  1389. 			
    1390. 

  1390. 

  1391. 		}
    1392. 

  1392. 		//END foreach ($form_data['fields'] as $field_id => $field_data)
    1393. 

  1393. 

  1394. 		// -------------------------------------
    1395. 

  1395. 		//	This is done after edit data in
    1396. 

  1396. 		//	cause they edited data, but had an error
    1397. 

  1397. 		//	in their edits and we are now in
    1398. 

  1398. 		//	inline error mode
    1399. 

  1399. 		// -------------------------------------
    1400. 

  1400. 

  1401. 		if ( ! empty($edit_data))
    1402. 

  1402. 		{
    1403. 

  1403. 			$field_input_data = array_merge($edit_data, $field_input_data);
    1404. 

  1404. 		}
    1405. 

  1405. 		else if ( ! empty($previous_inputs))
    1406. 

  1406. 		{
    1407. 

  1407. 			$field_input_data = array_merge($previous_inputs, $field_input_data);
    1408. 

  1408. 		}
    1409. 

  1409. 

  1410. 		// -------------------------------------
    1411. 

  1411. 		//	recipient emails from multipage?
    1412. 

  1412. 		// -------------------------------------
    1413. 

  1413. 

  1414. 		$variables['freeform:mp_data:user_recipient_emails'] = '';
    1415. 

  1415. 

  1416. 		if (isset($previous_inputs['hash_stored_data']['user_recipient_emails']) AND
    1417. 

  1417. 			is_array($previous_inputs['hash_stored_data']['user_recipient_emails']))
    1418. 

  1418. 		{
    1419. 

  1419. 			$variables['freeform:mp_data:user_recipient_emails'] = implode(
    1420. 

  1420. 				', ',
    1421. 

  1421. 				$previous_inputs['hash_stored_data']['user_recipient_emails']
    1422. 

  1422. 			);
    1423. 

  1423. 		}
    1424. 

  1424. 

  1425. 		// -------------------------------------
    1426. 

  1426. 		//	freeform:all_form_fields
    1427. 

  1427. 		// -------------------------------------
    1428. 

  1428. 

  1429. 		$tagdata = $this->replace_all_form_fields(
    1430. 

  1430. 			$tagdata,
    1431. 

  1431. 			$form_data['fields'],
    1432. 

  1432. 			$form_data['field_order'],
    1433. 

  1433. 			$field_input_data
    1434. 

  1434. 		);
    1435. 

  1435. 

  1436. 		// -------------------------------------
    1437. 

  1437. 		//	general errors
    1438. 

  1438. 		// -------------------------------------
    1439. 

  1439. 

  1440. 		if ( ! empty($general_error_data))
    1441. 

  1441. 		{
    1442. 

  1442. 			//the error array might have sub arrays
    1443. 

  1443. 			//so we need to flatten
    1444. 

  1444. 			$_general_error_data = array();
    1445. 

  1445. 

  1446. 			foreach ($general_error_data as $error_set => $error_data)
    1447. 

  1447. 			{
    1448. 

  1448. 				if (is_array($error_data))
    1449. 

  1449. 				{
    1450. 

  1450. 					foreach ($error_data as $sub_key => $sub_error)
    1451. 

  1451. 					{
    1452. 

  1452. 						$_general_error_data[] = array(
    1453. 

  1453. 							'freeform:error_message' => $sub_error
    1454. 

  1454. 						);
    1455. 

  1455. 					}
    1456. 

  1456. 				}
    1457. 

  1457. 				else
    1458. 

  1458. 				{
    1459. 

  1459. 					$_general_error_data[] = array(
    1460. 

  1460. 						'freeform:error_message' => $error_data
    1461. 

  1461. 					);
    1462. 

  1462. 				}
    1463. 

  1463. 			}
    1464. 

  1464. 

  1465. 			$general_error_data = $_general_error_data;
    1466. 

  1466. 		}
    1467. 

  1467. 

  1468. 		$variables['freeform:general_errors']	= $general_error_data;
    1469. 

  1469. 		$variables['freeform:field_errors']		= ! empty($field_error_data);
    1470. 

  1470. 

  1471. 		//have to do this so the conditional will work,
    1472. 

  1472. 		//seems that parse variables doesn't think a non-empty array = YES
    1473. 

  1473. 		$tagdata = ee()->functions->prep_conditionals(
    1474. 

  1474. 			$tagdata,
    1475. 

  1475. 			array(
    1476. 

  1476. 				'freeform:general_errors'	=> ! empty($general_error_data),
    1477. 

  1477. 				'freeform:field_errors'		=> ! empty($field_error_data)
    1478. 

  1478. 			)
    1479. 

  1479. 		);
    1480. 

  1480. 

  1481. 		// -------------------------------------
    1482. 

  1482. 		//	apply replace tag to our field data
    1483. 

  1483. 		// -------------------------------------
    1484. 

  1484. 

  1485. 		$field_parse = ee()->freeform_fields->apply_field_method(array(
    1486. 

  1486. 			'method'			=> 'display_field',
    1487. 

  1487. 			'form_id'			=> $form_id,
    1488. 

  1488. 			'entry_id'			=> $entry_id,
    1489. 

  1489. 			'form_data'			=> $form_data,
    1490. 

  1490. 			'field_input_data'	=> $field_input_data,
    1491. 

  1491. 			'tagdata'			=> $tagdata
    1492. 

  1492. 		));
    1493. 

  1493. 

  1494. 		$this->multipart 	= $field_parse['multipart'];
    1495. 

  1495. 		$variables 			= array_merge($variables, $field_parse['variables']);
    1496. 

  1496. 		$tagdata 			= $field_parse['tagdata'];
    1497. 

  1497. 

  1498. 		// -------------------------------------
    1499. 

  1499. 		//	dynamic recipient list
    1500. 

  1500. 		// -------------------------------------
    1501. 

  1501. 

  1502. 		$this->params['recipients']		= (
    1503. 

  1503. 			! in_array(ee()->TMPL->fetch_param('recipients'), array(FALSE, ''))
    1504. 

  1504. 		);
    1505. 

  1505. 

  1506. 		//preload list with usable info if so
    1507. 

  1507. 		$this->params['recipients_list'] = array();
    1508. 

  1508. 

  1509. 		if ( $this->params['recipients'] )
    1510. 

  1510. 		{
    1511. 

  1511. 			$i				= 1;
    1512. 

  1512. 			$while_limit	= 1000;
    1513. 

  1513. 			$counter		= 0;
    1514. 

  1514. 

  1515. 			while ( ! in_array(ee()->TMPL->fetch_param('recipient' . $i), array(FALSE, '')) )
    1516. 

  1516. 			{
    1517. 

  1517. 				$recipient = explode('|', ee()->TMPL->fetch_param('recipient' . $i));
    1518. 

  1518. 

  1519. 				//has a name?
    1520. 

  1520. 				if ( count($recipient) > 1)
    1521. 

  1521. 				{
    1522. 

  1522. 					$recipient_name		= trim($recipient[0]);
    1523. 

  1523. 					$recipient_email	= trim($recipient[1]);
    1524. 

  1524. 				}
    1525. 

  1525. 				//no name, we assume its just an email
    1526. 

  1526. 				//(though, this makes little sense, it needs a name to be useful)
    1527. 

  1527. 				else
    1528. 

  1528. 				{
    1529. 

  1529. 					$recipient_name		= '';
    1530. 

  1530. 					$recipient_email	= trim($recipient[0]);
    1531. 

  1531. 				}
    1532. 

  1532. 

  1533. 				$recipient_selected = FALSE;
    1534. 

  1534. 

  1535. 				if (isset($previous_inputs['hash_stored_data']['recipient_emails']) AND
    1536. 

  1536. 					is_array($previous_inputs['hash_stored_data']['recipient_emails']))
    1537. 

  1537. 				{
    1538. 

  1538. 					$recipient_selected = in_array(
    1539. 

  1539. 						$recipient_email,
    1540. 

  1540. 						$previous_inputs['hash_stored_data']['recipient_emails']
    1541. 

  1541. 					);
    1542. 

  1542. 				}
    1543. 

  1543. 

  1544. 				//add to list
    1545. 

  1545. 				$this->params['recipients_list'][$i] = array(
    1546. 

  1546. 					'name'		=> $recipient_name,
    1547. 

  1547. 					'email'		=> $recipient_email,
    1548. 

  1548. 									//because this wasn't being unique enough
    1549. 

  1549. 									//on stupid windows servers *sigh*
    1550. 

  1550. 					'key'		=> uniqid('', true),
    1551. 

  1551. 					'selected'	=> $recipient_selected
    1552. 

  1552. 				);
    1553. 

  1553. 

  1554. 				$i++;
    1555. 

  1555. 

  1556. 				//In case fetch_param ever defaults to something
    1557. 

  1557. 				//thats not falsy.
    1558. 

  1558. 				if (++$counter >= $while_limit)
    1559. 

  1559. 				{
    1560. 

  1560. 					break;
    1561. 

  1561. 				}
    1562. 

  1562. 			}
    1563. 

  1563. 

  1564. 			//if we end up with nothing, then lets not attempt later
    1565. 

  1565. 			if (empty($this->params['recipients_list']))
    1566. 

  1566. 			{
    1567. 

  1567. 				$this->params['recipients'] = FALSE;
    1568. 

  1568. 			}
    1569. 

  1569. 		}
    1570. 

  1570. 

  1571. 		//	----------------------------------------
    1572. 

  1572. 		//	parse {freeform:captcha}
    1573. 

  1573. 		//	----------------------------------------
    1574. 

  1574. 

  1575. 		$variables['freeform:captcha'] = FALSE;
    1576. 

  1576. 

  1577. 		if ($this->params['require_captcha'])
    1578. 

  1578. 		{
    1579. 

  1579. 			$variables['freeform:captcha'] = ee()->functions->create_captcha();
    1580. 

  1580. 

  1581. 			// -------------------------------------
    1582. 

  1582. 			//	IF there is no captcha present
    1583. 

  1583. 			//	in this tagdata, we don't want
    1584. 

  1584. 			//	to require people to input it.
    1585. 

  1585. 			//	Thats asking for errors.
    1586. 

  1586. 			//	Usually this occurs when someone is
    1587. 

  1587. 			//	trying to force captcha but the
    1588. 

  1588. 			//	member is logged in and EE wont
    1589. 

  1589. 			//	output captcha for members unless
    1590. 

  1590. 			//	captcha_require_members is enabled.
    1591. 

  1591. 			// -------------------------------------
    1592. 

  1592. 

  1593. 			if (stristr($tagdata, LD . 'freeform:captcha' . RD) == FALSE OR
    1594. 

  1594. 				empty($variables['freeform:captcha']))
    1595. 

  1595. 			{
    1596. 

  1596. 				$this->params['require_captcha'] = FALSE;
    1597. 

  1597. 			}
    1598. 

  1598. 		}
    1599. 

  1599. 

  1600. 		// -------------------------------------
    1601. 

  1601. 		//	dynamic recipient tagdata
    1602. 

  1602. 		// -------------------------------------
    1603. 

  1603. 

  1604. 		if ( $this->params['recipients'] AND
    1605. 

  1605. 			count($this->params['recipients_list']) > 0)
    1606. 

  1606. 		{
    1607. 

  1607. 			$variables['freeform_recipients'] = array();
    1608. 

  1608. 

  1609. 			$recipient_list 	= $this->params['recipients_list'];
    1610. 

  1610. 

  1611. 			//dynamic above starts with 1, so does this
    1612. 

  1612. 			for ( $i = 1, $l = count($recipient_list); $i <= $l; $i++ )
    1613. 

  1613. 			{
    1614. 

  1614. 				$variables['freeform:recipient_name' . $i] = $recipient_list[$i]['name'];
    1615. 

  1615. 				$variables['freeform:recipient_value' . $i] = $recipient_list[$i]['key'];
    1616. 

  1616. 				$variables['freeform:recipient_selected' . $i] = $recipient_list[$i]['selected'];
    1617. 

  1617. 

  1618. 				$variables['freeform:recipients'][] = array(
    1619. 

  1619. 					'freeform:recipient_name' 		=> $recipient_list[$i]['name'],
    1620. 

  1620. 					'freeform:recipient_value'		=> $recipient_list[$i]['key'],
    1621. 

  1621. 					'freeform:recipient_count'		=> $i,
    1622. 

  1622. 					//selected from hash data from multipages
    1623. 

  1623. 					'freeform:recipient_selected' 	=> $recipient_list[$i]['selected']
    1624. 

  1624. 				);
    1625. 

  1625. 			}
    1626. 

  1626. 		}
    1627. 

  1627. 

  1628. 		// -------------------------------------
    1629. 

  1629. 		//	status pairs
    1630. 

  1630. 		// -------------------------------------
    1631. 

  1631. 

  1632. 		$tagdata = $this->parse_status_tags($tagdata);
    1633. 

  1633. 

  1634. 		//	----------------------------------------
    1635. 

  1635. 		//	'freeform_module_pre_form_parse' hook.
    1636. 

  1636. 		//	 - This allows developers to change data before tagdata processing.
    1637. 

  1637. 		//	----------------------------------------
    1638. 

  1638. 

  1639. 		$this->variables = $variables;
    1640. 

  1640. 

  1641. 		if (ee()->extensions->active_hook('freeform_module_pre_form_parse') === TRUE)
    1642. 

  1642. 		{
    1643. 

  1643. 			$backup_tagdata = $tagdata;
    1644. 

  1644. 

  1645. 			$tagdata = ee()->extensions->universal_call(
    1646. 

  1646. 				'freeform_module_pre_form_parse',
    1647. 

  1647. 				$tagdata,
    1648. 

  1648. 				$this
    1649. 

  1649. 			);
    1650. 

  1650. 

  1651. 			if (ee()->extensions->end_script === TRUE) return;
    1652. 

  1652. 

  1653. 						//valid data?
    1654. 

  1654. 			if ( (! is_string($tagdata) OR empty($tagdata)) AND
    1655. 

  1655. 				 $this->check_yes($this->preference('hook_data_protection')))
    1656. 

  1656. 			{
    1657. 

  1657. 				$tagdata = $backup_tagdata;
    1658. 

  1658. 			}
    1659. 

  1659. 		}
    1660. 

  1660. 		//	----------------------------------------
    1661. 

  1661. 

  1662. 		//extra precaution in case someone hoses this
    1663. 

  1663. 		if (isset($this->variables) AND is_array($this->variables))
    1664. 

  1664. 		{
    1665. 

  1665. 			$variables = $this->variables;
    1666. 

  1666. 		}
    1667. 

  1667. 

  1668. 		// -------------------------------------
    1669. 

  1669. 		//	parse external vars
    1670. 

  1670. 		// -------------------------------------
    1671. 

  1671. 

  1672. 		$outer_template_vars['freeform:form_id']			= $form_id;
    1673. 

  1673. 		$outer_template_vars['freeform:form_page']			= $current_page;
    1674. 

  1674. 		$outer_template_vars['freeform:form_page_total']	= $page_total;
    1675. 

  1675. 		$outer_template_vars['freeform:form_name']			= $form_data['form_name'];
    1676. 

  1676. 		$outer_template_vars['freeform:form_label']			= $form_data['form_label'];
    1677. 

  1677. 

  1678. 		ee()->TMPL->template = ee()->functions->prep_conditionals(
    1679. 

  1679. 			ee()->TMPL->template,
    1680. 

  1680. 			$outer_template_vars
    1681. 

  1681. 		);
    1682. 

  1682. 

  1683. 		ee()->TMPL->template = ee()->functions->var_swap(
    1684. 

  1684. 			ee()->TMPL->template,
    1685. 

  1685. 			$outer_template_vars
    1686. 

  1686. 		);
    1687. 

  1687. 

  1688. 		// -------------------------------------
    1689. 

  1689. 		//	parse all vars
    1690. 

  1690. 		// -------------------------------------
    1691. 

  1691. 

  1692. 		$tagdata = ee()->TMPL->parse_variables(
    1693. 

  1693. 			$tagdata,
    1694. 

  1694. 			array(array_merge($outer_template_vars,$variables))
    1695. 

  1695. 		);
    1696. 

  1696. 

  1697. 		// -------------------------------------
    1698. 

  1698. 		//	This doesn't force an ajax request
    1699. 

  1699. 		//	but instead forces it _not_ to be
    1700. 

  1700. 		//	if the ajax param = 'no'.
    1701. 

  1701. 		//	$this->params['ajax'] defaults to
    1702. 

  1702. 		//	boolean true, so this will only
    1703. 

  1703. 		//	happen if someone adds ajax="no".
    1704. 

  1704. 		// -------------------------------------
    1705. 

  1705. 

  1706. 		if ( ! $this->params['ajax'])
    1707. 

  1707. 		{
    1708. 

  1708. 			$hidden_fields['ajax_request'] = 'no';
    1709. 

  1709. 		}
    1710. 

  1710. 

  1711. 		//-------------------------------------
    1712. 

  1712. 		//	build form
    1713. 

  1713. 		//-------------------------------------
    1714. 

  1714. 

  1715. 		$return .= $this->build_form(array(
    1716. 

  1716. 			'action'			=> $this->get_action_url('save_form'),
    1717. 

  1717. 			'method'			=> 'post',
    1718. 

  1718. 			'hidden_fields'		=> array_merge($hidden_fields, array(
    1719. 

  1719. 				// 	no more params can be set after this
    1720. 

  1720. 				'params_id' => $this->insert_params(),
    1721. 

  1721. 			)),
    1722. 

  1722. 			'tagdata'			=> $tagdata
    1723. 

  1723. 		));
    1724. 

  1724. 

  1725. 		//	----------------------------------------
    1726. 

  1726. 		//	'freeform_module_form_end' hook.
    1727. 

  1727. 		//	 - This allows developers to change the form before output.
    1728. 

  1728. 		//	----------------------------------------
    1729. 

  1729. 

  1730. 		if (ee()->extensions->active_hook('freeform_module_form_end') === TRUE)
    1731. 

  1731. 		{
    1732. 

  1732. 			$backup_return = $return;
    1733. 

  1733. 

  1734. 			$return = ee()->extensions->universal_call(
    1735. 

  1735. 				'freeform_module_form_end',
    1736. 

  1736. 				$return,
    1737. 

  1737. 				$this
    1738. 

  1738. 			);
    1739. 

  1739. 

  1740. 			if (ee()->extensions->end_script === TRUE) return;
    1741. 

  1741. 

  1742. 			//valid data?
    1743. 

  1743. 			if ( (! is_string($return) OR empty($return)) AND
    1744. 

  1744. 				 $this->check_yes($this->preference('hook_data_protection')))
    1745. 

  1745. 			{
    1746. 

  1746. 				$return = $backup_return;
    1747. 

  1747. 			}
    1748. 

  1748. 		}
    1749. 

  1749. 		//	----------------------------------------
    1750. 

  1750. 

  1751. 		return $return;
    1752. 

  1752. 	}
    1753. 

  1753. 	//END form
    1754. 

  1754. 

  1755. 

  1756. 	// -------------------------------------
    1757. 

  1757. 	//	action requests
    1758. 

  1758. 	// -------------------------------------
    1759. 

  1759. 

  1760. 

  1761. 	// --------------------------------------------------------------------
    1762. 

  1762. 

  1763. 	/**
    1764. 

  1764. 	 * ajax_validate
    1765. 

  1765. 	 *
    1766. 

  1766. 	 * does a save form that stops after validation
    1767. 

  1767. 	 *
    1768. 

  1768. 	 * @access	public
    1769. 

  1769. 	 * @return	mixed 	ajax request
    1770. 

  1770. 	 */
    1771. 

  1771. 

  1772. 	public function ajax_validate_form()
    1773. 

  1773. 	{
    1774. 

  1774. 		return $this->save_form(TRUE);
    1775. 

  1775. 	}
    1776. 

  1776. 	//END ajax_validate
    1777. 

  1777. 

  1778. 

  1779. 	// --------------------------------------------------------------------
    1780. 

  1780. 

  1781. 	/**
    1782. 

  1782. 	 * save_form
    1783. 

  1783. 	 *
    1784. 

  1784. 	 * form save from front_end/action request
    1785. 

  1785. 	 *
    1786. 

  1786. 	 * @access	public
    1787. 

  1787. 	 * @param 	bool validate only
    1788. 

  1788. 	 * @return	null
    1789. 

  1789. 	 */
    1790. 

  1790. 

  1791. 	public function save_form($validate_only = FALSE)
    1792. 

  1792. 	{
    1793. 

  1793. 		if ( ! $validate_only AND REQ !== 'ACTION' AND ! $this->test_mode)
    1794. 

  1794. 		{
    1795. 

  1795. 			return;
    1796. 

  1796. 		}
    1797. 

  1797. 

  1798. 		ee()->load->library('freeform_forms');
    1799. 

  1799. 		ee()->load->library('freeform_fields');
    1800. 

  1800. 		ee()->load->model('freeform_form_model');
    1801. 

  1801. 

  1802. 		if (ee()->input->get_post('params_id') === FALSE)
    1803. 

  1803. 		{
    1804. 

  1804. 			return $this->pre_validation_error(
    1805. 

  1805. 				lang('missing_post_data') . ' - params_id'
    1806. 

  1806. 			);
    1807. 

  1807. 		}
    1808. 

  1808. 

  1809. 		// -------------------------------------
    1810. 

  1810. 		//	require logged in?
    1811. 

  1811. 		// -------------------------------------
    1812. 

  1812. 

  1813. 		if ($this->param('require_logged_in') AND
    1814. 

  1814. 			ee()->session->userdata['member_id'] == '0')
    1815. 

  1815. 		{
    1816. 

  1816. 			return $this->pre_validation_error(
    1817. 

  1817. 				lang('not_authorized') . ' - ' .
    1818. 

  1818. 				lang('not_logged_in')
    1819. 

  1819. 			);
    1820. 

  1820. 		}
    1821. 

  1821. 

  1822. 		// -------------------------------------
    1823. 

  1823. 		//	blacklist, banned
    1824. 

  1824. 		// -------------------------------------
    1825. 

  1825. 

  1826. 		if (ee()->session->userdata['is_banned'] OR (
    1827. 

  1827. 				$this->check_yes(ee()->blacklist->blacklisted) AND
    1828. 

  1828. 				$this->check_no(ee()->blacklist->whitelisted)
    1829. 

  1829. 			)
    1830. 

  1830. 		)
    1831. 

  1831. 		{
    1832. 

  1832. 			return $this->pre_validation_error(
    1833. 

  1833. 				lang('not_authorized') . ' - ' .
    1834. 

  1834. 				lang('reason_banned')
    1835. 

  1835. 			);
    1836. 

  1836. 		}
    1837. 

  1837. 

  1838. 		// -------------------------------------
    1839. 

  1839. 		//	require ip? (except admin)
    1840. 

  1840. 		// -------------------------------------
    1841. 

  1841. 

  1842. 		if ($this->param('require_ip'))
    1843. 

  1843. 		{
    1844. 

  1844. 			if (ee()->input->ip_address() == '0.0.0.0')
    1845. 

  1845. 			{
    1846. 

  1846. 				return $this->pre_validation_error(
    1847. 

  1847. 					lang('not_authorized') . ' - ' .
    1848. 

  1848. 					lang('reason_ip_required')
    1849. 

  1849. 				);
    1850. 

  1850. 			}
    1851. 

  1851. 		}
    1852. 

  1852. 

  1853. 		// -------------------------------------
    1854. 

  1854. 		//	Is the nation of the user banned?
    1855. 

  1855. 		// -------------------------------------
    1856. 

  1856. 

  1857. 		if ($this->nation_ban_check(FALSE))
    1858. 

  1858. 		{
    1859. 

  1859. 			return $this->pre_validation_error(
    1860. 

  1860. 				lang('not_authorized') . ' - ' .
    1861. 

  1861. 				ee()->config->item('ban_message')
    1862. 

  1862. 			);
    1863. 

  1863. 		}
    1864. 

  1864. 

  1865. 		
    1866. 

  1866. 

  1867. 		// -------------------------------------
    1868. 

  1868. 		//	valid form id
    1869. 

  1869. 		// -------------------------------------
    1870. 

  1870. 

  1871. 		$form_id = $this->form_id(FALSE, FALSE);
    1872. 

  1872. 

  1873. 		if ( ! $form_id)
    1874. 

  1874. 		{
    1875. 

  1875. 			return $this->pre_validation_error(lang('invalid_form_id'));
    1876. 

  1876. 		}
    1877. 

  1877. 

  1878. 		// -------------------------------------
    1879. 

  1879. 		//	is this an edit? entry_id
    1880. 

  1880. 		// -------------------------------------
    1881. 

  1881. 

  1882. 		$entry_id 		= $this->entry_id();
    1883. 

  1883. 

  1884. 		$edit			= $this->is_positive_intlike($entry_id);
    1885. 

  1885. 

  1886. 		// -------------------------------------
    1887. 

  1887. 		//	for multipage check later
    1888. 

  1888. 		// -------------------------------------
    1889. 

  1889. 

  1890. 		$multipage			= $this->param('multipage');
    1891. 

  1891. 		$current_page		= $this->param('current_page');
    1892. 

  1892. 		$last_page			= $this->param('last_page');
    1893. 

  1893. 		$previous_inputs	= array();
    1894. 

  1894. 

  1895. 		
    1896. 

  1896. 

  1897. 		// -------------------------------------
    1898. 

  1898. 		//	form data
    1899. 

  1899. 		// -------------------------------------
    1900. 

  1900. 

  1901. 		$this->form_data = $form_data = $this->data->get_form_info($form_id);
    1902. 

  1902. 		$field_labels		= array();
    1903. 

  1903. 		$valid_fields		= array();
    1904. 

  1904. 		$column_names		= array();
    1905. 

  1905. 

  1906. 		foreach ( $form_data['fields'] as $row)
    1907. 

  1907. 		{
    1908. 

  1908. 			$field_labels[$row['field_name']] 	= $row['field_label'];
    1909. 

  1909. 			$valid_fields[] 					= $row['field_name'];
    1910. 

  1910. 			//fill previous inputs names correctly
    1911. 

  1911. 

  1912. 			$column_name = 'form_field_' . $row['field_id'];
    1913. 

  1913. 

  1914. 			if (isset($previous_inputs[$column_name]))
    1915. 

  1915. 			{
    1916. 

  1916. 				$previous_inputs[$row['field_name']] = $previous_inputs[$column_name];
    1917. 

  1917. 			}
    1918. 

  1918. 

  1919. 			$column_names[$row['field_name']] = $column_name;
    1920. 

  1920. 		}
    1921. 

  1921. 

  1922. 		// -------------------------------------
    1923. 

  1923. 		//	for hooks
    1924. 

  1924. 		// -------------------------------------
    1925. 

  1925. 

  1926. 		$this->edit			= $edit;
    1927. 

  1927. 		$this->multipage	= $multipage;
    1928. 

  1928. 		$this->last_page	= $last_page;
    1929. 

  1929. 

  1930. 		// -------------------------------------
    1931. 

  1931. 		//	user email max/spam count
    1932. 

  1932. 		// -------------------------------------
    1933. 

  1933. 

  1934. 		ee()->load->library('freeform_notifications');
    1935. 

  1935. 

  1936. 		if ($last_page AND ($this->param('recipient_user_input') OR
    1937. 

  1937. 			 $this->param('recipients')) AND
    1938. 

  1938. 			 ee()->freeform_notifications->check_spam_interval($form_id)
    1939. 

  1939. 		)
    1940. 

  1940. 		{
    1941. 

  1941. 			return $this->pre_validation_error(
    1942. 

  1942. 				lang('not_authorized') . ' - ' .
    1943. 

  1943. 				lang('email_limit_exceeded')
    1944. 

  1944. 			);
    1945. 

  1945. 		}
    1946. 

  1946. 

  1947. 		// -------------------------------------
    1948. 

  1948. 		//	Check for duplicate
    1949. 

  1949. 		// -------------------------------------
    1950. 

  1950. 

  1951. 		$duplicate = FALSE;
    1952. 

  1952. 

  1953. 		if ($this->param('prevent_duplicate_on'))
    1954. 

  1954. 		{
    1955. 

  1955. 			$duplicate = ee()->freeform_forms->check_duplicate(
    1956. 

  1956. 				$form_id,
    1957. 

  1957. 				$this->param('prevent_duplicate_on'),
    1958. 

  1958. 				ee()->input->get_post(
    1959. 

  1959. 					$this->param('prevent_duplicate_on'),
    1960. 

  1960. 					TRUE
    1961. 

  1961. 				),
    1962. 

  1962. 				$this->param('prevent_duplicate_per_site')
    1963. 

  1963. 			);
    1964. 

  1964. 		}
    1965. 

  1965. 

  1966. 		if ($duplicate)
    1967. 

  1967. 		{
    1968. 

  1968. 			return $this->pre_validation_error(lang('no_duplicates'));
    1969. 

  1969. 		}
    1970. 

  1970. 

  1971. 		// -------------------------------------
    1972. 

  1972. 		//	pre xid check
    1973. 

  1973. 		// -------------------------------------
    1974. 

  1974. 		// 	we aren't going to delete just yet
    1975. 

  1975. 		// 	because if they have input errors
    1976. 

  1976. 		// 	then we want to keep this xid for a bit
    1977. 

  1977. 		// 	and only delete xid on success
    1978. 

  1978. 		// -------------------------------------
    1979. 

  1979. 		// 	EE 2.7+ does this automatically for
    1980. 

  1980. 		// 	all POSTS front end and back now
    1981. 

  1981. 		// 	so this is going to cause errors
    1982. 

  1982. 		// 	if we check it there.
    1983. 

  1983. 		// -------------------------------------
    1984. 

  1984. 

  1985. 		if (version_compare($this->ee_version, '2.7.0', '<') &&
    1986. 

  1986. 			! ee()->security->check_xid(ee()->input->post('XID')))
    1987. 

  1987. 		{
    1988. 

  1988. 			return $this->pre_validation_error(
    1989. 

  1989. 				lang('not_authorized') . ' - ' .
    1990. 

  1990. 				lang('reason_secure_form_timeout')
    1991. 

  1991. 			);
    1992. 

  1992. 		}
    1993. 

  1993. 

  1994. 		// -------------------------------------
    1995. 

  1995. 		//	pre-validate hook
    1996. 

  1996. 		// -------------------------------------
    1997. 

  1997. 

  1998. 		$errors				= array();
    1999. 

  1999. 		//have to do this weird for backward compat
    2000. 

  2000. 		$this->field_errors = array();
    2001. 

  2001. 

  2002. 		if (ee()->extensions->active_hook('freeform_module_validate_begin') === TRUE)
    2003. 

  2003. 		{
    2004. 

  2004. 			$backup_errors = $errors;
    2005. 

  2005. 

  2006. 			$errors = ee()->extensions->universal_call(
    2007. 

  2007. 				'freeform_module_validate_begin',
    2008. 

  2008. 				$errors,
    2009. 

  2009. 				$this
    2010. 

  2010. 			);
    2011. 

  2011. 

  2012. 			if (ee()->extensions->end_script === TRUE) return;
    2013. 

  2013. 

  2014. 			//valid data?
    2015. 

  2015. 			if ( ! is_array($errors) AND
    2016. 

  2016. 				 $this->check_yes($this->preference('hook_data_protection')))
    2017. 

  2017. 			{
    2018. 

  2018. 				$errors = $backup_errors;
    2019. 

  2019. 			}
    2020. 

  2020. 		}
    2021. 

  2021. 

  2022. 		// -------------------------------------
    2023. 

  2023. 		//	require fields
    2024. 

  2024. 		// -------------------------------------
    2025. 

  2025. 

  2026. 		if ($this->param('required'))
    2027. 

  2027. 		{
    2028. 

  2028. 			$required = $this->actions()->pipe_split($this->param('required'));
    2029. 

  2029. 

  2030. 			foreach ($required as $required_field)
    2031. 

  2031. 			{
    2032. 

  2032. 				//require need to work for recipients and recipient email user
    2033. 

  2033. 				$valid_require = array_merge(
    2034. 

  2034. 					$valid_fields,
    2035. 

  2035. 					array('recipient_email_user', 'recipient_email')
    2036. 

  2036. 				);
    2037. 

  2037. 

  2038. 				$require_labels = $field_labels;
    2039. 

  2039. 				$require_labels['recipient_email_user']	= lang('user_recipients');
    2040. 

  2040. 				$require_labels['recipient_email']		= lang('dynamic_recipients');
    2041. 

  2041. 

  2042. 				//just in case someone misspelled a require
    2043. 

  2043. 				//or removes a field after making the require list
    2044. 

  2044. 				if ( ! in_array($required_field, $valid_require))
    2045. 

  2045. 				{
    2046. 

  2046. 					continue;
    2047. 

  2047. 				}
    2048. 

  2048. 

  2049. 				$gp_value = ee()->input->get_post($required_field);
    2050. 

  2050. 

  2051. 				if ( (
    2052. 

  2052. 						//empty array
    2053. 

  2053. 						(is_array($gp_value) AND count($gp_value) < 1) OR
    2054. 

  2054. 						//empty string or false
    2055. 

  2055. 						( ! is_array($gp_value) AND trim((string) $gp_value) === '') OR
    2056. 

  2056. 						//recipient email <select> default is '0'
    2057. 

  2057. 						(
    2058. 

  2058. 							$required_field === 'recipient_email' AND
    2059. 

  2059. 							$gp_value === '0'
    2060. 

  2060. 						)
    2061. 

  2061. 					)
    2062. 

  2062. 					//required field could be a file
    2063. 

  2063. 					//check to see if something uploaded for that name
    2064. 

  2064. 					AND ! $this->actions()->file_upload_present(
    2065. 

  2065. 						$required_field,
    2066. 

  2066. 						$previous_inputs
    2067. 

  2067. 					)
    2068. 

  2068. 				)
    2069. 

  2069. 				{
    2070. 

  2070. 					$this->field_errors[
    2071. 

  2071. 						$required_field
    2072. 

  2072. 					] = lang('required_field_missing');
    2073. 

  2073. 

  2074. 

  2075. 					//only want the postfixing of errors
    2076. 

  2076. 					//if we are sending to general errors screen
    2077. 

  2077. 					//or an error page
    2078. 

  2078. 					//the second conditional is for people requesting
    2079. 

  2079. 					//the custom error page via ajax
    2080. 

  2080. 					if ( ! $this->param('inline_errors') AND
    2081. 

  2081. 						 ! ($this->is_ajax_request() AND
    2082. 

  2082. 							! trim($this->param('error_page'))))
    2083. 

  2083. 					{
    2084. 

  2084. 						$this->field_errors[$required_field] .= ': '.
    2085. 

  2085. 										$require_labels[$required_field];
    2086. 

  2086. 					}
    2087. 

  2087. 				}
    2088. 

  2088. 			}
    2089. 

  2089. 		}
    2090. 

  2090. 

  2091. 		// -------------------------------------
    2092. 

  2092. 		//	matching fields
    2093. 

  2093. 		// -------------------------------------
    2094. 

  2094. 

  2095. 		if ($this->param('matching_fields'))
    2096. 

  2096. 		{
    2097. 

  2097. 			$matching_fields = $this->actions()->pipe_split($this->param('matching_fields'));
    2098. 

  2098. 

  2099. 			foreach ($matching_fields as $match_field)
    2100. 

  2100. 			{
    2101. 

  2101. 

  2102. 				//just in case someone misspelled a require
    2103. 

  2103. 				//or removes a field after making the require list
    2104. 

  2104. 				if ( ! in_array($match_field, $valid_fields))
    2105. 

  2105. 				{
    2106. 

  2106. 					continue;
    2107. 

  2107. 				}
    2108. 

  2108. 

  2109. 				//array comparison is correct in PHP and this should work
    2110. 

  2110. 				//no matter what.
    2111. 

  2111. 				//normal validation will fix other issues
    2112. 

  2112. 				if ( ee()->input->get_post($match_field) == FALSE OR
    2113. 

  2113. 					 ee()->input->get_post($match_field . '_confirm') == FALSE OR
    2114. 

  2114. 					 ee()->input->get_post($match_field) !==
    2115. 

  2115. 						ee()->input->get_post($match_field . '_confirm')
    2116. 

  2116. 				)
    2117. 

  2117. 				{
    2118. 

  2118. 					$this->field_errors[$match_field] = lang('fields_do_not_match') .
    2119. 

  2119. 										$field_labels[$match_field] .
    2120. 

  2120. 										' | ' .
    2121. 

  2121. 										$field_labels[$match_field] .
    2122. 

  2122. 										' ' .
    2123. 

  2123. 										lang('confirm');
    2124. 

  2124. 				}
    2125. 

  2125. 			}
    2126. 

  2126. 		}
    2127. 

  2127. 

  2128. 		// -------------------------------------
    2129. 

  2129. 		//	validate dynamic recipients
    2130. 

  2130. 		// 	no actual validation errors
    2131. 

  2131. 		// 	will throw here, but in case we do
    2132. 

  2132. 		// 	in the future
    2133. 

  2133. 		// -------------------------------------
    2134. 

  2134. 

  2135. 		$recipient_emails = array();
    2136. 

  2136. 

  2137. 		if ($this->param('recipients'))
    2138. 

  2138. 		{
    2139. 

  2139. 			$recipient_email_input = ee()->input->get_post('recipient_email');
    2140. 

  2140. 

  2141. 			if ( ! in_array($recipient_email_input, array(FALSE, ''), TRUE))
    2142. 

  2142. 			{
    2143. 

  2143. 				if ( ! is_array($recipient_email_input))
    2144. 

  2144. 				{
    2145. 

  2145. 					$recipient_email_input = array($recipient_email_input);
    2146. 

  2146. 				}
    2147. 

  2147. 

  2148. 				// recipients are encoded, so lets check for keys
    2149. 

  2149. 				// since dynamic recipients are dev inputted
    2150. 

  2150. 				// we aren't going to error on invalid ones
    2151. 

  2151. 				// but rather just accept if present, and move on if not
    2152. 

  2152. 

  2153. 				$recipients_list	= $this->param('recipients_list');
    2154. 

  2154. 				$field_out			= '';
    2155. 

  2155. 

  2156. 				foreach($recipients_list as $i => $r_data)
    2157. 

  2157. 				{
    2158. 

  2158. 					if (in_array($r_data['key'], $recipient_email_input))
    2159. 

  2159. 					{
    2160. 

  2160. 						$recipient_emails[] = $r_data['email'];
    2161. 

  2161. 						$field_out .= $r_data['name'] . ' <' . $r_data['email'] . '>' . "\n";
    2162. 

  2162. 					}
    2163. 

  2163. 				}
    2164. 

  2164. 

  2165. 				//THE ENGLISH ARE TOO MANY!
    2166. 

  2166. 				if (count($recipient_emails) > $this->param('recipients_limit'))
    2167. 

  2167. 				{
    2168. 

  2168. 					$errors['recipient_email'] = lang('over_recipient_limit');
    2169. 

  2169. 				}
    2170. 

  2170. 

  2171. 				//does the user have a recipient_email custom field?
    2172. 

  2172. 				else if (in_array('recipient_email', $valid_fields))
    2173. 

  2173. 				{
    2174. 

  2174. 					$_POST['recipient_email'] = trim($field_out);
    2175. 

  2175. 				}
    2176. 

  2176. 			}
    2177. 

  2177. 

  2178. 			//if there is previous recipient emails
    2179. 

  2179. 			if (empty($recipient_emails) AND
    2180. 

  2180. 				! empty($previous_inputs['hash_stored_data']['recipient_emails']))
    2181. 

  2181. 			{
    2182. 

  2182. 				$recipient_emails = $previous_inputs['hash_stored_data']['recipient_emails'];
    2183. 

  2183. 			}
    2184. 

  2184. 		}
    2185. 

  2185. 

  2186. 		// -------------------------------------
    2187. 

  2187. 		//	validate user inputted emails
    2188. 

  2188. 		// -------------------------------------
    2189. 

  2189. 

  2190. 		$user_recipient_emails = array();
    2191. 

  2191. 

  2192. 		if ($this->param('recipient_user_input'))
    2193. 

  2193. 		{
    2194. 

  2194. 			$user_recipient_email_input = ee()->input->get_post('recipient_email_user');
    2195. 

  2195. 

  2196. 			if ( ! in_array($user_recipient_email_input, array(FALSE, ''), TRUE))
    2197. 

  2197. 			{
    2198. 

  2198. 				$user_recipient_emails = $this->validate_emails($user_recipient_email_input);
    2199. 

  2199. 

  2200. 				$user_recipient_emails = $user_recipient_emails['good'];
    2201. 

  2201. 

  2202. 				//if we are here that means we submitted at least something
    2203. 

  2203. 				//but nothing passed
    2204. 

  2204. 				if (empty($user_recipient_emails))
    2205. 

  2205. 				{
    2206. 

  2206. 					$errors['recipient_user_input'] = lang('no_valid_recipient_emails');
    2207. 

  2207. 				}
    2208. 

  2208. 				else if (count($user_recipient_emails) > $this->param('recipient_user_limit'))
    2209. 

  2209. 				{
    2210. 

  2210. 					$errors['recipient_email_user'] = lang('over_recipient_user_limit');
    2211. 

  2211. 				}
    2212. 

  2212. 			}
    2213. 

  2213. 

  2214. 			//if there is previous user recipient emails
    2215. 

  2215. 			if (empty($user_recipient_emails) AND
    2216. 

  2216. 				! empty($previous_inputs['hash_stored_data']['user_recipient_emails']))
    2217. 

  2217. 			{
    2218. 

  2218. 				$user_recipient_emails = $previous_inputs['hash_stored_data']['user_recipient_emails'];
    2219. 

  2219. 			}
    2220. 

  2220. 		}
    2221. 

  2221. 

  2222. 		// -------------------------------------
    2223. 

  2223. 		//	validate status
    2224. 

  2224. 		// -------------------------------------
    2225. 

  2225. 

  2226. 		//on edit we want this blank.
    2227. 

  2227. 		$status				= ($edit) ? '' : $form_data['default_status'];
    2228. 

  2228. 		$input_status		= ee()->input->post('status', TRUE);
    2229. 

  2229. 		$param_status		= $this->param('status');
    2230. 

  2230. 		$available_statuses	= $this->data->get_form_statuses();
    2231. 

  2231. 

  2232. 		//user status input
    2233. 

  2233. 		if ($this->param('allow_status_edit') AND
    2234. 

  2234. 			$input_status !== FALSE AND
    2235. 

  2235. 			array_key_exists($input_status, $available_statuses))
    2236. 

  2236. 		{
    2237. 

  2237. 			$status = $input_status;
    2238. 

  2238. 		}
    2239. 

  2239. 		//status param
    2240. 

  2240. 		else if ($param_status !== $status AND
    2241. 

  2241. 				//this will take care of any blanks
    2242. 

  2242. 				array_key_exists($param_status, $available_statuses))
    2243. 

  2243. 		{
    2244. 

  2244. 			$status = $param_status;
    2245. 

  2245. 		}
    2246. 

  2246. 

  2247. 		// -------------------------------------
    2248. 

  2248. 		//	validate
    2249. 

  2249. 		// -------------------------------------
    2250. 

  2250. 

  2251. 		$field_input_data	= array();
    2252. 

  2252. 

  2253. 		$field_list			= array();
    2254. 

  2254. 

  2255. 		foreach ($form_data['fields'] as $field_id => $field_data)
    2256. 

  2256. 		{
    2257. 

  2257. 			$field_list[$field_data['field_name']] = $field_data['field_label'];
    2258. 

  2258. 

  2259. 			$field_post = ee()->input->post($field_data['field_name'], TRUE);
    2260. 

  2260. 

  2261. 			//if it's not even in $_POST or $_GET, lets skip input
    2262. 

  2262. 			//unless its an uploaded file, then we'll send false anyway
    2263. 

  2263. 			//because its field type will handle the rest of that work
    2264. 

  2264. 			if ($field_post !== FALSE OR
    2265. 

  2265. 				isset($_FILES[$field_data['field_name']]))
    2266. 

  2266. 			{
    2267. 

  2267. 				$field_input_data[$field_data['field_name']] = $field_post;
    2268. 

  2268. 			}
    2269. 

  2269. 		}
    2270. 

  2270. 

  2271. 		//form fields do their own validation,
    2272. 

  2272. 		//so lets just get results! (sexy results?)
    2273. 

  2273. 		$this->field_errors = array_merge(
    2274. 

  2274. 			$this->field_errors,
    2275. 

  2275. 			ee()->freeform_fields->validate(
    2276. 

  2276. 				$form_id,
    2277. 

  2277. 				$field_input_data,
    2278. 

  2278. 				! ($this->is_ajax_request() OR $this->param('inline_errors'))
    2279. 

  2279. 			)
    2280. 

  2280. 		);
    2281. 

  2281. 

  2282. 		// -------------------------------------
    2283. 

  2283. 		//	post validate hook
    2284. 

  2284. 		// -------------------------------------
    2285. 

  2285. 

  2286. 		if (ee()->extensions->active_hook('freeform_module_validate_end') === TRUE)
    2287. 

  2287. 		{
    2288. 

  2288. 			$backup_errors = $errors;
    2289. 

  2289. 

  2290. 			$errors = ee()->extensions->universal_call(
    2291. 

  2291. 				'freeform_module_validate_end',
    2292. 

  2292. 				$errors,
    2293. 

  2293. 				$this
    2294. 

  2294. 			);
    2295. 

  2295. 

  2296. 			if (ee()->extensions->end_script === TRUE) return;
    2297. 

  2297. 

  2298. 			//valid data?
    2299. 

  2299. 			if ( ! is_array($errors) AND
    2300. 

  2300. 				 $this->check_yes($this->preference('hook_data_protection')))
    2301. 

  2301. 			{
    2302. 

  2302. 				$errors = $backup_errors;
    2303. 

  2303. 			}
    2304. 

  2304. 		}
    2305. 

  2305. 

  2306. 		// -------------------------------------
    2307. 

  2307. 		//	captcha
    2308. 

  2308. 		// -------------------------------------
    2309. 

  2309. 

  2310. 

  2311. 		if ( ! $validate_only AND
    2312. 

  2312. 			ee()->input->get_post('validate_only') === FALSE AND
    2313. 

  2313. 			$last_page AND
    2314. 

  2314. 			$this->param('require_captcha'))
    2315. 

  2315. 		{
    2316. 

  2316. 			if ( trim(ee()->input->post('captcha')) == '')
    2317. 

  2317. 			{
    2318. 

  2318. 				$errors[] = lang('captcha_required');
    2319. 

  2319. 			}
    2320. 

  2320. 			else
    2321. 

  2321. 			{
    2322. 

  2322. 				ee()->db->where('word', ee()->input->post('captcha', TRUE));
    2323. 

  2323. 				ee()->db->where('ip_address', ee()->input->ip_address());
    2324. 

  2324. 				ee()->db->where('date > ', '(UNIX_TIMESTAMP()-7200)', FALSE);
    2325. 

  2325. 

  2326. 				if ( ! ee()->db->count_all_results('captcha'))
    2327. 

  2327. 				{
    2328. 

  2328. 					$errors[] = lang('captcha_required');
    2329. 

  2329. 				}
    2330. 

  2330. 

  2331. 				ee()->db->where('word', ee()->input->post('captcha', TRUE));
    2332. 

  2332. 				ee()->db->where('ip_address', ee()->input->ip_address());
    2333. 

  2333. 				ee()->db->where('date < ', '(UNIX_TIMESTAMP()-7200)', FALSE);
    2334. 

  2334. 

  2335. 				ee()->db->delete('captcha');
    2336. 

  2336. 			}
    2337. 

  2337. 		}
    2338. 

  2338. 

  2339. 		$all_errors = array_merge($errors, $this->field_errors);
    2340. 

  2340. 

  2341. 		// -------------------------------------
    2342. 

  2342. 		//	halt on errors
    2343. 

  2343. 		// -------------------------------------
    2344. 

  2344. 

  2345. 		if (count($all_errors) > 0)
    2346. 

  2346. 		{
    2347. 

  2347. 			// -------------------------------------
    2348. 

  2348. 			//	EE 2.7 auto removes XID so we
    2349. 

  2349. 			//	have to restore it on errors where
    2350. 

  2350. 			//	we want the back button to work.
    2351. 

  2351. 			//	EE 2.8 changes everything again ;D.
    2352. 

  2352. 			// -------------------------------------
    2353. 

  2353. 

  2354. 			if (version_compare($this->ee_version, '2.7', '>=') &&
    2355. 

  2355. 				version_compare($this->ee_version, '2.8', '<'))
    2356. 

  2356. 			{
    2357. 

  2357. 				ee()->security->restore_xid();
    2358. 

  2358. 			}
    2359. 

  2359. 

  2360. 			// -------------------------------------
    2361. 

  2361. 			//	inline errors
    2362. 

  2362. 			// -------------------------------------
    2363. 

  2363. 

  2364. 			if ($this->param('inline_errors'))
    2365. 

  2365. 			{
    2366. 

  2366. 				ee()->load->model('freeform_param_model');
    2367. 

  2367. 

  2368. 				$error_param_id = ee()->freeform_param_model->insert_params(
    2369. 

  2369. 					array(
    2370. 

  2370. 						'general_errors'	=> $errors,
    2371. 

  2371. 						'field_errors'		=> $this->field_errors,
    2372. 

  2372. 						'inputs'			=> $field_input_data,
    2373. 

  2373. 						'stored_data'		=> array(
    2374. 

  2374. 							'recipient_emails'		=> $recipient_emails,
    2375. 

  2375. 							'user_recipient_emails'	=> $user_recipient_emails
    2376. 

  2376. 						)
    2377. 

  2377. 					)
    2378. 

  2378. 				);
    2379. 

  2379. 

  2380. 				ee()->session->set_flashdata('freeform_errors', $error_param_id);
    2381. 

  2381. 

  2382. 				ee()->functions->redirect(
    2383. 

  2383. 					$this->prep_url(
    2384. 

  2384. 						$this->param('inline_error_return'),
    2385. 

  2385. 						$this->param('secure_return')
    2386. 

  2386. 					)
    2387. 

  2387. 				);
    2388. 

  2388. 				return $this->do_exit();
    2389. 

  2389. 			}
    2390. 

  2390. 

  2391. 			
    2392. 

  2392. 

  2393. 			// -------------------------------------
    2394. 

  2394. 			//	ajax or standard user error
    2395. 

  2395. 			// -------------------------------------
    2396. 

  2396. 

  2397. 			$this->actions()->full_stop($all_errors);
    2398. 

  2398. 		}
    2399. 

  2399. 

  2400. 		//send ajax response exists
    2401. 

  2401. 		//but this is in case someone is using a replacer
    2402. 

  2402. 		//that uses
    2403. 

  2403. 		if ($validate_only OR ee()->input->get_post('validate_only') !== FALSE)
    2404. 

  2404. 		{
    2405. 

  2405. 			if ($this->is_ajax_request())
    2406. 

  2406. 			{
    2407. 

  2407. 				$this->restore_xid();
    2408. 

  2408. 				$this->send_ajax_response(array(
    2409. 

  2409. 					'success'	=> TRUE,
    2410. 

  2410. 					'errors'	=> array()
    2411. 

  2411. 				));
    2412. 

  2412. 			}
    2413. 

  2413. 

  2414. 			return $this->do_exit();
    2415. 

  2415. 		}
    2416. 

  2416. 

  2417. 		// -------------------------------------
    2418. 

  2418. 		//	status
    2419. 

  2419. 		// -------------------------------------
    2420. 

  2420. 

  2421. 		//if we have no status (edit or some other weirdness)
    2422. 

  2422. 		//let the forms lib handle it.
    2423. 

  2423. 		if ( ! $edit || trim($status) !== '')
    2424. 

  2424. 		{
    2425. 

  2425. 			$field_input_data['status'] = $status;
    2426. 

  2426. 		}
    2427. 

  2427. 

  2428. 		// -------------------------------------
    2429. 

  2429. 		//	entry insert begin hook
    2430. 

  2430. 		// -------------------------------------
    2431. 

  2431. 

  2432. 		if (ee()->extensions->active_hook('freeform_module_insert_begin') === TRUE)
    2433. 

  2433. 		{
    2434. 

  2434. 			$backup_data = $field_input_data;
    2435. 

  2435. 

  2436. 			$field_input_data = ee()->extensions->universal_call(
    2437. 

  2437. 				'freeform_module_insert_begin',
    2438. 

  2438. 				$field_input_data,
    2439. 

  2439. 				$entry_id,
    2440. 

  2440. 				$form_id,
    2441. 

  2441. 				$this
    2442. 

  2442. 			);
    2443. 

  2443. 

  2444. 			if (ee()->extensions->end_script === TRUE)
    2445. 

  2445. 			{
    2446. 

  2446. 				return;
    2447. 

  2447. 			}
    2448. 

  2448. 

  2449. 			// -------------------------------------
    2450. 

  2450. 			//	if some butthead doesn't return
    2451. 

  2451. 			//	the array from their extension
    2452. 

  2452. 			//	we need a backup here or everything
    2453. 

  2453. 			//	busts.
    2454. 

  2454. 			// -------------------------------------
    2455. 

  2455. 

  2456. 			if ( ! is_array($field_input_data) AND
    2457. 

  2457. 				 $this->check_yes($this->preference('hook_data_protection')))
    2458. 

  2458. 			{
    2459. 

  2459. 				$field_input_data = $backup_data;
    2460. 

  2460. 			}
    2461. 

  2461. 		}
    2462. 

  2462. 

  2463. 		// -------------------------------------
    2464. 

  2464. 		//	insert/update data into db
    2465. 

  2465. 		// -------------------------------------
    2466. 

  2466. 

  2467. 

  2468. 			$entry_id = ee()->freeform_forms->insert_new_entry(
    2469. 

  2469. 				$form_id,
    2470. 

  2470. 				$field_input_data
    2471. 

  2471. 			);
    2472. 

  2472. 

  2473. 		// -------------------------------------
    2474. 

  2474. 		//	entry insert end hook
    2475. 

  2475. 		// -------------------------------------
    2476. 

  2476. 

  2477. 		if (ee()->extensions->active_hook('freeform_module_insert_end') === TRUE)
    2478. 

  2478. 		{
    2479. 

  2479. 			ee()->extensions->universal_call(
    2480. 

  2480. 				'freeform_module_insert_end',
    2481. 

  2481. 				$field_input_data,
    2482. 

  2482. 				$entry_id,
    2483. 

  2483. 				$form_id,
    2484. 

  2484. 				$this
    2485. 

  2485. 			);
    2486. 

  2486. 

  2487. 			if (ee()->extensions->end_script === TRUE)
    2488. 

  2488. 			{
    2489. 

  2489. 				return;
    2490. 

  2490. 			}
    2491. 

  2491. 		}
    2492. 

  2492. 

  2493. 		// -------------------------------------
    2494. 

  2494. 		//	delete xid and captcha
    2495. 

  2495. 		// -------------------------------------
    2496. 

  2496. 		//	wait this late because we dont
    2497. 

  2497. 		//	want to remove before a custom field
    2498. 

  2498. 		// 	has a chance to throw an error
    2499. 

  2499. 		// 	on one of its actions, like file
    2500. 

  2500. 		//	upload
    2501. 

  2501. 		// -------------------------------------
    2502. 

  2502. 

  2503. 		if ($last_page AND $this->param('require_captcha'))
    2504. 

  2504. 		{
    2505. 

  2505. 			ee()->db->where(array(
    2506. 

  2506. 				'word'			=> ee()->input->post('captcha'),
    2507. 

  2507. 				'ip_address'	=> ee()->input->ip_address()
    2508. 

  2508. 			));
    2509. 

  2509. 			ee()->db->or_where('date <', ee()->localize->now - 7200);
    2510. 

  2510. 			ee()->db->delete('captcha');
    2511. 

  2511. 		}
    2512. 

  2512. 

  2513. 		if (version_compare($this->ee_version, '2.8', '<') &&
    2514. 

  2514. 			$this->check_yes(ee()->config->item('secure_forms')) )
    2515. 

  2515. 		{
    2516. 

  2516. 			ee()->security->delete_xid(ee()->input->post('XID'));
    2517. 

  2517. 		}
    2518. 

  2518. 

  2519. 		// -------------------------------------
    2520. 

  2520. 		//	if we are multipaging and going
    2521. 

  2521. 		//	to the previous page, bail early
    2522. 

  2522. 		// -------------------------------------
    2523. 

  2523. 

  2524. 		if ($multipage &&
    2525. 

  2525. 			$submit_to_previous &&
    2526. 

  2526. 			$this->param('multipage_previous_page'))
    2527. 

  2527. 		{
    2528. 

  2528. 			ee()->functions->redirect(
    2529. 

  2529. 				$this->prep_url(
    2530. 

  2530. 					$this->param('multipage_previous_page'),
    2531. 

  2531. 					$this->param('secure_return')
    2532. 

  2532. 				)
    2533. 

  2533. 			);
    2534. 

  2534. 

  2535. 			return $this->do_exit();
    2536. 

  2536. 		}
    2537. 

  2537. 

  2538. 		// -------------------------------------
    2539. 

  2539. 		//	if we are multi-paging, move on
    2540. 

  2540. 		// -------------------------------------
    2541. 

  2541. 

  2542. 		if ($multipage AND ! $last_page)
    2543. 

  2543. 		{
    2544. 

  2544. 			ee()->functions->redirect(
    2545. 

  2545. 				$this->prep_url(
    2546. 

  2546. 					$this->param('multipage_next_page'),
    2547. 

  2547. 					$this->param('secure_return')
    2548. 

  2548. 				)
    2549. 

  2549. 			);
    2550. 

  2550. 			return $this->do_exit();
    2551. 

  2551. 		}
    2552. 

  2552. 

  2553. 		// -------------------------------------
    2554. 

  2554. 		//	edit data for notifications?
    2555. 

  2555. 		// -------------------------------------
    2556. 

  2556. 

  2557. 		if ($edit)
    2558. 

  2558. 		{
    2559. 

  2559. 			$edit_data = $this->data->get_entry_data_by_id($entry_id, $form_id);
    2560. 

  2560. 

  2561. 			if (is_array($previous_inputs))
    2562. 

  2562. 			{
    2563. 

  2563. 				$previous_inputs = array_merge($edit_data, $previous_inputs);
    2564. 

  2564. 			}
    2565. 

  2565. 			else
    2566. 

  2566. 			{
    2567. 

  2567. 				$previous_inputs = $edit_data;
    2568. 

  2568. 			}
    2569. 

  2569. 		}
    2570. 

  2570. 

  2571. 		// -------------------------------------
    2572. 

  2572. 		//	previous inputs need their real names
    2573. 

  2573. 		// -------------------------------------
    2574. 

  2574. 

  2575. 		foreach ($form_data['fields'] as $field_id => $field_data)
    2576. 

  2576. 		{
    2577. 

  2577. 			if (is_array($previous_inputs))
    2578. 

  2578. 			{
    2579. 

  2579. 				$fid = ee()->freeform_form_model->form_field_prefix . $field_id;
    2580. 

  2580. 

  2581. 				//id name? field_id_1, etc
    2582. 

  2582. 				if (isset($previous_inputs[$fid]))
    2583. 

  2583. 				{
    2584. 

  2584. 					$previous_inputs[$field_data['field_name']] = $previous_inputs[$fid];
    2585. 

  2585. 				}
    2586. 

  2586. 			}
    2587. 

  2587. 		}
    2588. 

  2588. 

  2589. 		$field_input_data = array_merge(
    2590. 

  2590. 			(is_array($previous_inputs) ? $previous_inputs : array()),
    2591. 

  2591. 			array('entry_id' => $entry_id),
    2592. 

  2592. 			$field_input_data
    2593. 

  2593. 		);
    2594. 

  2594. 

  2595. 		// -------------------------------------
    2596. 

  2596. 		//	do notifications
    2597. 

  2597. 		// -------------------------------------
    2598. 

  2598. 

  2599. 		if ( ! $edit OR $this->param('notify_on_edit'))
    2600. 

  2600. 		{
    2601. 

  2601. 			if ($this->param('notify_admin'))
    2602. 

  2602. 			{
    2603. 

  2603. 				ee()->freeform_notifications->send_notification(array(
    2604. 

  2604. 					'form_id'			=> $form_id,
    2605. 

  2605. 					'entry_id'			=> $entry_id,
    2606. 

  2606. 					'notification_type'	=> 'admin',
    2607. 

  2607. 					'recipients'		=> $this->param('admin_notify'),
    2608. 

  2608. 					'form_input_data'	=> $field_input_data,
    2609. 

  2609. 					'cc_recipients'		=> $this->param('admin_cc_notify'),
    2610. 

  2610. 					'bcc_recipients'	=> $this->param('admin_bcc_notify'),
    2611. 

  2611. 					'template'			=> $this->param('admin_notification_template')
    2612. 

  2612. 				));
    2613. 

  2613. 			}
    2614. 

  2614. 

  2615. 			//this is a custom field named by the user
    2616. 

  2616. 			//notifications does its own validation
    2617. 

  2617. 			//so if someone puts a non-validated input field
    2618. 

  2618. 			//then notifications will just silently fail
    2619. 

  2619. 			//because it wont be a user input problem
    2620. 

  2620. 			//but rather a dev implementation problem
    2621. 

  2621. 			if ($this->param('notify_user') AND
    2622. 

  2622. 				$this->param('user_email_field') AND
    2623. 

  2623. 				isset($field_input_data[$this->param('user_email_field')]))
    2624. 

  2624. 			{
    2625. 

  2625. 				ee()->freeform_notifications->send_notification(array(
    2626. 

  2626. 					'form_id'			=> $form_id,
    2627. 

  2627. 					'entry_id'			=> $entry_id,
    2628. 

  2628. 					'notification_type'	=> 'user',
    2629. 

  2629. 					'recipients'		=> $field_input_data[$this->param('user_email_field')],
    2630. 

  2630. 					'form_input_data'	=> $field_input_data,
    2631. 

  2631. 					'template'			=> $this->param('user_notification_template'),
    2632. 

  2632. 					'enable_spam_log'	=> FALSE
    2633. 

  2633. 				));
    2634. 

  2634. 			}
    2635. 

  2635. 

  2636. 			//recipients
    2637. 

  2637. 			if ( ! empty($recipient_emails))
    2638. 

  2638. 			{
    2639. 

  2639. 				ee()->freeform_notifications->send_notification(array(
    2640. 

  2640. 					'form_id'			=> $form_id,
    2641. 

  2641. 					'entry_id'			=> $entry_id,
    2642. 

  2642. 					'notification_type'	=> 'user_recipient',
    2643. 

  2643. 					'recipients'		=> $recipient_emails,
    2644. 

  2644. 					'form_input_data'	=> $field_input_data,
    2645. 

  2645. 					'template'			=> $this->param('recipient_template')
    2646. 

  2646. 				));
    2647. 

  2647. 			}
    2648. 

  2648. 

  2649. 			//user inputted recipients
    2650. 

  2650. 			if ( ! empty($user_recipient_emails))
    2651. 

  2651. 			{
    2652. 

  2652. 				ee()->freeform_notifications->send_notification(array(
    2653. 

  2653. 					'form_id'			=> $form_id,
    2654. 

  2654. 					'entry_id'			=> $entry_id,
    2655. 

  2655. 					'notification_type'	=> 'user_recipient',
    2656. 

  2656. 					'recipients'		=> $user_recipient_emails,
    2657. 

  2657. 					'form_input_data'	=> $field_input_data,
    2658. 

  2658. 					'template'			=> $this->param('recipient_user_template')
    2659. 

  2659. 				));
    2660. 

  2660. 			}
    2661. 

  2661. 		}
    2662. 

  2662. 

  2663. 		// -------------------------------------
    2664. 

  2664. 		//	return
    2665. 

  2665. 		// -------------------------------------
    2666. 

  2666. 

  2667. 		$return_url = $this->param('return');
    2668. 

  2668. 

  2669. 		if (ee()->input->post('return') !== FALSE)
    2670. 

  2670. 		{
    2671. 

  2671. 			$return_url = ee()->input->post('return');
    2672. 

  2672. 		}
    2673. 

  2673. 

  2674. 		$return = str_replace(
    2675. 

  2675. 			//because. Shut up.
    2676. 

  2676. 			array(
    2677. 

  2677. 				'%%form_entry_id%%',
    2678. 

  2678. 				'%%entry_id%%',
    2679. 

  2679. 				'%form_entry_id%',
    2680. 

  2680. 				'%entry_id%'
    2681. 

  2681. 			),
    2682. 

  2682. 			$entry_id,
    2683. 

  2683. 			$this->prep_url(
    2684. 

  2684. 				$return_url,
    2685. 

  2685. 				$this->param('secure_return')
    2686. 

  2686. 			)
    2687. 

  2687. 		);
    2688. 

  2688. 

  2689. 		//detergent?
    2690. 

  2690. 		if ($this->is_ajax_request())
    2691. 

  2691. 		{
    2692. 

  2692. 			$this->send_ajax_response(array(
    2693. 

  2693. 				'success'		=> TRUE,
    2694. 

  2694. 				'entry_id'		=> $entry_id,
    2695. 

  2695. 				'form_id'		=> $form_id,
    2696. 

  2696. 				'return'		=> $return,
    2697. 

  2697. 				'return_url'	=> $return
    2698. 

  2698. 			));
    2699. 

  2699. 		}
    2700. 

  2700. 		else
    2701. 

  2701. 		{
    2702. 

  2702. 			ee()->functions->redirect($return);
    2703. 

  2703. 		}
    2704. 

  2704. 	}
    2705. 

  2705. 	//END save_form
    2706. 

  2706. 

  2707. 

  2708. 	// --------------------------------------------------------------------
    2709. 

  2709. 	//	private! No looky!
    2710. 

  2710. 	// --------------------------------------------------------------------
    2711. 

  2711. 

  2712. 

  2713. 	// --------------------------------------------------------------------
    2714. 

  2714. 

  2715. 	/**
    2716. 

  2716. 	 * Pre-Validation Errors that are deal breakers
    2717. 

  2717. 	 *
    2718. 

  2718. 	 * @access	protected
    2719. 

  2719. 	 * @param	mixed		$errors	error string or array of errors
    2720. 

  2720. 	 * @return	null		exits
    2721. 

  2721. 	 */
    2722. 

  2722. 

  2723. 	protected function pre_validation_error($errors)
    2724. 

  2724. 	{
    2725. 

  2725. 		// -------------------------------------
    2726. 

  2726. 		//	NOTE: These are pre-validation errors
    2727. 

  2727. 		//	that are only supposed to be things
    2728. 

  2728. 		//	that are fatal to the submitting
    2729. 

  2729. 		//	of the form.
    2730. 

  2730. 		// -------------------------------------
    2731. 

  2731. 

  2732. 		if ($this->param('inline_errors'))
    2733. 

  2733. 		{
    2734. 

  2734. 			ee()->load->model('freeform_param_model');
    2735. 

  2735. 

  2736. 			$error_param_id = ee()->freeform_param_model->insert_params(
    2737. 

  2737. 				array(
    2738. 

  2738. 					'general_errors'	=> is_array($errors) ? $errors : array($errors),
    2739. 

  2739. 					'field_errors'		=>	array(),
    2740. 

  2740. 					'inputs'			=> array()
    2741. 

  2741. 				)
    2742. 

  2742. 			);
    2743. 

  2743. 

  2744. 			ee()->session->set_flashdata('freeform_errors', $error_param_id);
    2745. 

  2745. 

  2746. 			ee()->functions->redirect(
    2747. 

  2747. 				$this->prep_url(
    2748. 

  2748. 					$this->param('inline_error_return'),
    2749. 

  2749. 					$this->param('secure_return')
    2750. 

  2750. 				)
    2751. 

  2751. 			);
    2752. 

  2752. 			return $this->do_exit();
    2753. 

  2753. 		}
    2754. 

  2754. 

  2755. 		
    2756. 

  2756. 

  2757. 		return $this->actions()->full_stop($errors);
    2758. 

  2758. 	}
    2759. 

  2759. 	//END pre_validation_error
    2760. 

  2760. 

  2761. 

  2762. 	// --------------------------------------------------------------------
    2763. 

  2763. 

  2764. 	/**
    2765. 

  2765. 	 * build_form
    2766. 

  2766. 	 *
    2767. 

  2767. 	 * builds a form based on passed data
    2768. 

  2768. 	 *
    2769. 

  2769. 	 * @access	private
    2770. 

  2770. 	 * @
    2771. 

  2771. 	 * @return 	mixed  	boolean false if not found else id
    2772. 

  2772. 	 */
    2773. 

  2773. 

  2774. 	private function build_form($data)
    2775. 

  2775. 	{
    2776. 

  2776. 		// -------------------------------------
    2777. 

  2777. 		//	prep input data
    2778. 

  2778. 		// -------------------------------------
    2779. 

  2779. 

  2780. 		//set defaults for optional items
    2781. 

  2781. 		$input_defaults	= array(
    2782. 

  2782. 			'action' 			=> '/',
    2783. 

  2783. 			'hidden_fields' 	=> array(),
    2784. 

  2784. 			'tagdata'			=> ee()->TMPL->tagdata,
    2785. 

  2785. 		);
    2786. 

  2786. 

  2787. 		//array2 overwrites any duplicate key from array1
    2788. 

  2788. 		$data 			= array_merge($input_defaults, $data);
    2789. 

  2789. 

  2790. 		//OK, so form_open is supposed to be doing this,
    2791. 

  2791. 		//but guess what: It only works if CI sees that
    2792. 

  2792. 		//config->item('csrf_protection') === true, and uh
    2793. 

  2793. 		//sometimes it's false eventhough secure_forms == 'y'
    2794. 

  2794. 		//
    2795. 

  2795. 		if ( $this->check_yes(ee()->config->item('secure_forms')) )
    2796. 

  2796. 		{
    2797. 

  2797. 			$data['hidden_fields'][$this->sc->csrf_name] = $this->create_xid();
    2798. 

  2798. 		}
    2799. 

  2799. 

  2800. 		// --------------------------------------------
    2801. 

  2801. 		//  HTTPS URLs?
    2802. 

  2802. 		// --------------------------------------------
    2803. 

  2803. 

  2804. 		$data['action'] = $this->prep_url(
    2805. 

  2805. 			$data['action'],
    2806. 

  2806. 			(
    2807. 

  2807. 				isset($this->params['secure_action']) AND
    2808. 

  2808. 				$this->params['secure_action']
    2809. 

  2809. 			)
    2810. 

  2810. 		);
    2811. 

  2811. 

  2812. 

  2813. 		foreach(array('return', 'RET') as $return_field)
    2814. 

  2814. 		{
    2815. 

  2815. 			if (isset($data['hidden_fields'][$return_field]))
    2816. 

  2816. 			{
    2817. 

  2817. 				$data['hidden_fields'][$return_field] = $this->prep_url(
    2818. 

  2818. 					$data['hidden_fields'][$return_field],
    2819. 

  2819. 					(
    2820. 

  2820. 						isset($this->params['secure_return']) AND
    2821. 

  2821. 						$this->params['secure_return']
    2822. 

  2822. 					)
    2823. 

  2823. 				);
    2824. 

  2824. 			}
    2825. 

  2825. 		}
    2826. 

  2826. 

  2827. 		// --------------------------------------------
    2828. 

  2828. 		//  Override Form Attributes with form:xxx="" parameters
    2829. 

  2829. 		// --------------------------------------------
    2830. 

  2830. 

  2831. 		$form_attributes = array();
    2832. 

  2832. 

  2833. 		if (is_object(ee()->TMPL) AND ! empty(ee()->TMPL->tagparams))
    2834. 

  2834. 		{
    2835. 

  2835. 			foreach(ee()->TMPL->tagparams as $key => $value)
    2836. 

  2836. 			{
    2837. 

  2837. 				if (strncmp($key, 'form:', 5) == 0)
    2838. 

  2838. 				{
    2839. 

  2839. 					//allow action override.
    2840. 

  2840. 					if (substr($key, 5) == 'action')
    2841. 

  2841. 					{
    2842. 

  2842. 						$data['action'] = $value;
    2843. 

  2843. 					}
    2844. 

  2844. 					else
    2845. 

  2845. 					{
    2846. 

  2846. 						$form_attributes[substr($key, 5)] = $value;
    2847. 

  2847. 					}
    2848. 

  2848. 				}
    2849. 

  2849. 			}
    2850. 

  2850. 		}
    2851. 

  2851. 

  2852. 		// --------------------------------------------
    2853. 

  2853. 		//  Create and Return Form
    2854. 

  2854. 		// --------------------------------------------
    2855. 

  2855. 

  2856. 		//have to have this for file uploads
    2857. 

  2857. 		if ($this->multipart)
    2858. 

  2858. 		{
    2859. 

  2859. 			$form_attributes['enctype'] = 'multipart/form-data';
    2860. 

  2860. 		}
    2861. 

  2861. 

  2862. 		$form_attributes['method'] = $data['method'];
    2863. 

  2863. 

  2864. 		$return		= form_open(
    2865. 

  2865. 			$data['action'],
    2866. 

  2866. 			$form_attributes,
    2867. 

  2867. 			$data['hidden_fields']
    2868. 

  2868. 		);
    2869. 

  2869. 

  2870. 		//Rremoved stripslashes as it was affecting html5 regex
    2871. 

  2871. 		//validation and no one can really remember why it was
    2872. 

  2872. 		//here in the first place (since FF 1.x). Might be that
    2873. 

  2873. 		//it was a legacy thing with EE 1.x.
    2874. 

  2874. 		//$return		.= stripslashes($data['tagdata']);
    2875. 

  2875. 

  2876. 		$return		.= $data['tagdata'];
    2877. 

  2877. 

  2878. 		$return		.= "</form>";
    2879. 

  2879. 

  2880. 		return $return;
    2881. 

  2881. 	}
    2882. 

  2882. 	//END build_form
    2883. 

  2883. 

  2884. 

  2885. 	// --------------------------------------------------------------------
    2886. 

  2886. 

  2887. 	/**
    2888. 

  2888. 	 * form_id - finds form id the best it can
    2889. 

  2889. 	 *
    2890. 

  2890. 	 * @access	private
    2891. 

  2891. 	 * @param   bool 	$allow_multiple allow multiple input?
    2892. 

  2892. 	 * @return 	mixed  	boolean false if not found else id
    2893. 

  2893. 	 */
    2894. 

  2894. 

  2895. 	private function form_id($allow_multiple = FALSE, $use_cache = TRUE)
    2896. 

  2896. 	{
    2897. 

  2897. 		if ($use_cache AND $this->form_id)
    2898. 

  2898. 		{
    2899. 

  2899. 			return $this->form_id;
    2900. 

  2900. 		}
    2901. 

  2901. 

  2902. 		$form_id		= FALSE;
    2903. 

  2903. 		$possible_name	= FALSE;
    2904. 

  2904. 		$possible_label	= FALSE;
    2905. 

  2905. 		$possible_id	= FALSE;
    2906. 

  2906. 		$tmpl_available	= (isset(ee()->TMPL) AND is_object(ee()->TMPL));
    2907. 

  2907. 		// -------------------------------------
    2908. 

  2908. 		//	by direct param first
    2909. 

  2909. 		// -------------------------------------
    2910. 

  2910. 

  2911. 		if ($tmpl_available)
    2912. 

  2912. 		{
    2913. 

  2913. 			$possible_id = ee()->TMPL->fetch_param('form_id');
    2914. 

  2914. 		}
    2915. 

  2915. 

  2916. 		// -------------------------------------
    2917. 

  2917. 		//	by name param
    2918. 

  2918. 		// -------------------------------------
    2919. 

  2919. 

  2920. 		if ( ! $possible_id AND $tmpl_available)
    2921. 

  2921. 		{
    2922. 

  2922. 			$possible_name = ee()->TMPL->fetch_param('form_name');
    2923. 

  2923. 		}
    2924. 

  2924. 

  2925. 		// -------------------------------------
    2926. 

  2926. 		//	by label (with legacy for collection)
    2927. 

  2927. 		// -------------------------------------
    2928. 

  2928. 

  2929. 		if ($tmpl_available AND ! $possible_id AND ! $possible_name)
    2930. 

  2930. 		{
    2931. 

  2931. 			$possible_label = ee()->TMPL->fetch_param('form_label');
    2932. 

  2932. 

  2933. 			if ( ! $possible_label)
    2934. 

  2934. 			{
    2935. 

  2935. 				$possible_label = ee()->TMPL->fetch_param('collection');
    2936. 

  2936. 			}
    2937. 

  2937. 		}
    2938. 

  2938. 

  2939. 		// -------------------------------------
    2940. 

  2940. 		//	params id
    2941. 

  2941. 		// -------------------------------------
    2942. 

  2942. 

  2943. 		if ( ! $possible_id AND
    2944. 

  2944. 			 ! $possible_name AND
    2945. 

  2945. 			 ! $possible_label AND
    2946. 

  2946. 			 $this->param('form_id'))
    2947. 

  2947. 		{
    2948. 

  2948. 			$possible_id = $this->param('form_id');
    2949. 

  2949. 		}
    2950. 

  2950. 

  2951. 		// -------------------------------------
    2952. 

  2952. 		//	params name
    2953. 

  2953. 		// -------------------------------------
    2954. 

  2954. 

  2955. 		if ( ! $possible_id AND
    2956. 

  2956. 			 ! $possible_name AND
    2957. 

  2957. 			 ! $possible_label AND
    2958. 

  2958. 			 $this->param('form_name'))
    2959. 

  2959. 		{
    2960. 

  2960. 			$possible_name = $this->param('form_name');
    2961. 

  2961. 		}
    2962. 

  2962. 

  2963. 		// -------------------------------------
    2964. 

  2964. 		//	get post id
    2965. 

  2965. 		// -------------------------------------
    2966. 

  2966. 

  2967. 		if ( ! $possible_id AND
    2968. 

  2968. 			 ! $possible_name AND
    2969. 

  2969. 			 ! $possible_label)
    2970. 

  2970. 		{
    2971. 

  2971. 			$possible_id = ee()->input->get_post('form_id');
    2972. 

  2972. 		}
    2973. 

  2973. 

  2974. 		// -------------------------------------
    2975. 

  2975. 		//	get post name
    2976. 

  2976. 		// -------------------------------------
    2977. 

  2977. 

  2978. 		if ( ! $possible_id AND
    2979. 

  2979. 			 ! $possible_name AND
    2980. 

  2980. 			 ! $possible_label)
    2981. 

  2981. 		{
    2982. 

  2982. 			$possible_name = ee()->input->get_post('form_name');
    2983. 

  2983. 		}
    2984. 

  2984. 

  2985. 		// -------------------------------------
    2986. 

  2986. 		//	check possibles
    2987. 

  2987. 		// -------------------------------------
    2988. 

  2988. 

  2989. 		if ($possible_id)
    2990. 

  2990. 		{
    2991. 

  2991. 			//if multiple and match pattern...
    2992. 

  2992. 			if ($allow_multiple AND preg_match('/^[\d\|]+$/', $possible_id))
    2993. 

  2993. 			{
    2994. 

  2994. 				$ids = $this->actions()->pipe_split($possible_id);
    2995. 

  2995. 

  2996. 				ee()->load->model('freeform_form_model');
    2997. 

  2997. 

  2998. 				$result = ee()->freeform_form_model->select('form_id')
    2999. 

  2999. 												   ->get(array('form_id' => $ids));
    3000. 

  3000. 				//we only want results, not everything
    3001. 

  3001. 				if ($result !== FALSE)
    3002. 

  3002. 				{
    3003. 

  3003. 					$form_id = array();
    3004. 

  3004. 

  3005. 					foreach ($result as $row)
    3006. 

  3006. 					{
    3007. 

  3007. 						$form_id[] = $row['form_id'];
    3008. 

  3008. 					}
    3009. 

  3009. 				}
    3010. 

  3010. 			}
    3011. 

  3011. 			else if ($this->is_positive_intlike($possible_id) AND
    3012. 

  3012. 					 $this->data->is_valid_form_id($possible_id))
    3013. 

  3013. 			{
    3014. 

  3014. 				$form_id = $possible_id;
    3015. 

  3015. 			}
    3016. 

  3016. 		}
    3017. 

  3017. 

  3018. 		if ( ! $form_id AND $possible_name)
    3019. 

  3019. 		{
    3020. 

  3020. 			//if multiple and pipe
    3021. 

  3021. 			if ($allow_multiple AND stristr($possible_name, '|'))
    3022. 

  3022. 			{
    3023. 

  3023. 				$names = $this->actions()->pipe_split($possible_name);
    3024. 

  3024. 

  3025. 				ee()->load->model('freeform_form_model');
    3026. 

  3026. 

  3027. 				$result = ee()->freeform_form_model->select('form_id')
    3028. 

  3028. 												   ->get(array('form_name' => $names));
    3029. 

  3029. 

  3030. 				//we only want results, not everything
    3031. 

  3031. 				if ($result !== FALSE)
    3032. 

  3032. 				{
    3033. 

  3033. 					$form_id = array();
    3034. 

  3034. 

  3035. 					foreach ($result as $row)
    3036. 

  3036. 					{
    3037. 

  3037. 						$form_id[] = $row['form_id'];
    3038. 

  3038. 					}
    3039. 

  3039. 				}
    3040. 

  3040. 			}
    3041. 

  3041. 			else
    3042. 

  3042. 			{
    3043. 

  3043. 				$possible_id = $this->data->get_form_id_by_name($possible_name);
    3044. 

  3044. 

  3045. 				if ($possible_id !== FALSE AND $possible_id > 0)
    3046. 

  3046. 				{
    3047. 

  3047. 					$form_id = $possible_id;
    3048. 

  3048. 				}
    3049. 

  3049. 			}
    3050. 

  3050. 		}
    3051. 

  3051. 

  3052. 		if ( ! $form_id AND $possible_label)
    3053. 

  3053. 		{
    3054. 

  3054. 			ee()->load->model('freeform_form_model');
    3055. 

  3055. 

  3056. 			//if multiple and pipe
    3057. 

  3057. 			if ($allow_multiple AND stristr($possible_label, '|'))
    3058. 

  3058. 			{
    3059. 

  3059. 				$names = $this->actions()->pipe_split($possible_label);
    3060. 

  3060. 

  3061. 				$result =	ee()->freeform_form_model
    3062. 

  3062. 								->select('form_id')
    3063. 

  3063. 								->get(array('form_label' => $names));
    3064. 

  3064. 

  3065. 				//we only want results, not everything
    3066. 

  3066. 				if ($result !== FALSE)
    3067. 

  3067. 				{
    3068. 

  3068. 					$form_id = array();
    3069. 

  3069. 

  3070. 					foreach ($result as $row)
    3071. 

  3071. 					{
    3072. 

  3072. 						$form_id[] = $row['form_id'];
    3073. 

  3073. 					}
    3074. 

  3074. 				}
    3075. 

  3075. 			}
    3076. 

  3076. 			else
    3077. 

  3077. 			{
    3078. 

  3078. 				$possible_id =	ee()->freeform_form_model
    3079. 

  3079. 									->select('form_id')
    3080. 

  3080. 									->get_row(array('form_label' => $possible_label));
    3081. 

  3081. 

  3082. 				if ($possible_id !== FALSE)
    3083. 

  3083. 				{
    3084. 

  3084. 					$form_id = $possible_id['form_id'];
    3085. 

  3085. 				}
    3086. 

  3086. 			}
    3087. 

  3087. 		}
    3088. 

  3088. 

  3089. 		// -------------------------------------
    3090. 

  3090. 		//	store if good
    3091. 

  3091. 		// -------------------------------------
    3092. 

  3092. 

  3093. 		if ($form_id AND $form_id > 0)
    3094. 

  3094. 		{
    3095. 

  3095. 			$this->form_id = $form_id;
    3096. 

  3096. 		}
    3097. 

  3097. 

  3098. 		return $form_id;
    3099. 

  3099. 	}
    3100. 

  3100. 	//END form_id
    3101. 

  3101. 

  3102. 

  3103. 	// --------------------------------------------------------------------
    3104. 

  3104. 

  3105. 	/**
    3106. 

  3106. 	 * entry_id - finds entry id the best it can
    3107. 

  3107. 	 *
    3108. 

  3108. 	 * @access	private
    3109. 

  3109. 	 * @return 	mixed	boolean false if not found else id
    3110. 

  3110. 	 */
    3111. 

  3111. 

  3112. 	private function entry_id()
    3113. 

  3113. 	{
    3114. 

  3114. 		$form_id = $this->form_id();
    3115. 

  3115. 

  3116. 		if ( ! $form_id)
    3117. 

  3117. 		{
    3118. 

  3118. 			return FALSE;
    3119. 

  3119. 		}
    3120. 

  3120. 

  3121. 		if (isset($this->entry_id) AND $this->entry_id)
    3122. 

  3122. 		{
    3123. 

  3123. 			return $this->entry_id;
    3124. 

  3124. 		}
    3125. 

  3125. 

  3126. 		$entry_id = FALSE;
    3127. 

  3127. 

  3128. 		// -------------------------------------
    3129. 

  3129. 		//	by direct param first
    3130. 

  3130. 		// -------------------------------------
    3131. 

  3131. 

  3132. 		if (isset(ee()->TMPL) AND is_object(ee()->TMPL))
    3133. 

  3133. 		{
    3134. 

  3134. 			$entry_id_param = ee()->TMPL->fetch_param('entry_id');
    3135. 

  3135. 

  3136. 			if ( $this->is_positive_intlike($entry_id_param) AND
    3137. 

  3137. 				 $this->data->is_valid_entry_id($entry_id_param, $form_id))
    3138. 

  3138. 			{
    3139. 

  3139. 				$entry_id = $entry_id_param;
    3140. 

  3140. 			}
    3141. 

  3141. 		}
    3142. 

  3142. 

  3143. 		// -------------------------------------
    3144. 

  3144. 		//	params id
    3145. 

  3145. 		// -------------------------------------
    3146. 

  3146. 

  3147. 		if ( ! $entry_id AND $this->param('entry_id'))
    3148. 

  3148. 		{
    3149. 

  3149. 			$entry_id_param = $this->param('entry_id');
    3150. 

  3150. 

  3151. 			if ( $this->is_positive_intlike($entry_id_param) AND
    3152. 

  3152. 				 $this->data->is_valid_entry_id($entry_id_param, $form_id))
    3153. 

  3153. 			{
    3154. 

  3154. 				$entry_id = $entry_id_param;
    3155. 

  3155. 			}
    3156. 

  3156. 		}
    3157. 

  3157. 

  3158. 		// -------------------------------------
    3159. 

  3159. 		//	get post id
    3160. 

  3160. 		// -------------------------------------
    3161. 

  3161. 

  3162. 		if ( ! $entry_id AND ee()->input->get_post('entry_id'))
    3163. 

  3163. 		{
    3164. 

  3164. 			$entry_id_param = ee()->input->get_post('entry_id');
    3165. 

  3165. 

  3166. 			if ( $this->is_positive_intlike($entry_id_param) AND
    3167. 

  3167. 				  $this->data->is_valid_entry_id($entry_id_param, $form_id))
    3168. 

  3168. 			{
    3169. 

  3169. 				$entry_id = $entry_id_param;
    3170. 

  3170. 			}
    3171. 

  3171. 		}
    3172. 

  3172. 

  3173. 		// -------------------------------------
    3174. 

  3174. 		//	store if good
    3175. 

  3175. 		// -------------------------------------
    3176. 

  3176. 

  3177. 		if ($entry_id AND $entry_id > 0)
    3178. 

  3178. 		{
    3179. 

  3179. 			$this->entry_id = $entry_id;
    3180. 

  3180. 		}
    3181. 

  3181. 

  3182. 		return $entry_id;
    3183. 

  3183. 	}
    3184. 

  3184. 	//END entry_id
    3185. 

  3185. 

  3186. 

  3187. 	// --------------------------------------------------------------------
    3188. 

  3188. 

  3189. 	/**
    3190. 

  3190. 	 * Set Form Params
    3191. 

  3191. 	 *
    3192. 

  3192. 	 * @access	public
    3193. 

  3193. 	 * @param	array		incoming form data for defaults
    3194. 

  3194. 	 * @param	bool		rerun param finding?
    3195. 

  3195. 	 * @return	array		array of params found
    3196. 

  3196. 	 */
    3197. 

  3197. 

  3198. 	public function set_form_params($rerun = FALSE)
    3199. 

  3199. 	{
    3200. 

  3200. 		if ( ! $rerun && $this->params_ran)
    3201. 

  3201. 		{
    3202. 

  3202. 			return $this->params;
    3203. 

  3203. 		}
    3204. 

  3204. 

  3205. 		$params_with_defaults = $this->get_default_params();
    3206. 

  3206. 

  3207. 		foreach ($params_with_defaults as $name => $default)
    3208. 

  3208. 		{
    3209. 

  3209. 			$this->set_form_param($name);
    3210. 

  3210. 		}
    3211. 

  3211. 

  3212. 		//we use the bool here because
    3213. 

  3213. 		//the params array can have items set to it
    3214. 

  3214. 		//outside of the defaults running here
    3215. 

  3215. 		$this->params_ran = true;
    3216. 

  3216. 

  3217. 		return $this->params;
    3218. 

  3218. 	}
    3219. 

  3219. 	//set_form_params
    3220. 

  3220. 

  3221. 

  3222. 	// --------------------------------------------------------------------
    3223. 

  3223. 

  3224. 	/**
    3225. 

  3225. 	 * Set Form Param
    3226. 

  3226. 	 *
    3227. 

  3227. 	 * @access	public
    3228. 

  3228. 	 * @param	string	$name			name of param
    3229. 

  3229. 	 * @param	mixed	$value			optional value to set param to
    3230. 

  3230. 	 * @param	boolean $set_tagparam [description]
    3231. 

  3231. 	 */
    3232. 

  3232. 

  3233. 	public function set_form_param($name, $value = null, $set_tagparam = false)
    3234. 

  3234. 	{
    3235. 

  3235. 		$params_with_defaults = $this->get_default_params();
    3236. 

  3236. 

  3237. 		//not default? lets just set it.
    3238. 

  3238. 		if ( ! isset($params_with_defaults[$name]))
    3239. 

  3239. 		{
    3240. 

  3240. 			if ($value === null)
    3241. 

  3241. 			{
    3242. 

  3242. 				$value = ee()->TMPL->fetch_param($name);
    3243. 

  3243. 			}
    3244. 

  3244. 

  3245. 			$this->params[$name] = $value;
    3246. 

  3246. 		}
    3247. 

  3247. 		else
    3248. 

  3248. 		{
    3249. 

  3249. 			$default = $params_with_defaults[$name];
    3250. 

  3250. 

  3251. 			//if the default is a boolean value we only want a boolean
    3252. 

  3252. 			//output
    3253. 

  3253. 			if (is_bool($default))
    3254. 

  3254. 			{
    3255. 

  3255. 				if ($value === null)
    3256. 

  3256. 				{
    3257. 

  3257. 					$value = ee()->TMPL->fetch_param($name);
    3258. 

  3258. 				}
    3259. 

  3259. 

  3260. 				//and if there is a string version of the param
    3261. 

  3261. 				if (is_string($value))
    3262. 

  3262. 				{
    3263. 

  3263. 					//and if the default is boolean true
    3264. 

  3264. 					if ($default === TRUE)
    3265. 

  3265. 					{
    3266. 

  3266. 						//and if the template param uses an indicator of the
    3267. 

  3267. 						//'false' variety, we want to override the default
    3268. 

  3268. 						//of TRUE and set FALSE.
    3269. 

  3269. 						$this->params[$name] = ! $this->check_no($value);
    3270. 

  3270. 					}
    3271. 

  3271. 					//but if the default is boolean false
    3272. 

  3272. 					else
    3273. 

  3273. 					{
    3274. 

  3274. 						//and the template param is trying to turn the feature
    3275. 

  3275. 						//on through a 'y', 'yes', or 'on' value, then we want
    3276. 

  3276. 						//to convert the FALSE to a TRUE
    3277. 

  3277. 						$this->params[$name] = $this->check_yes($value);
    3278. 

  3278. 					}
    3279. 

  3279. 				}
    3280. 

  3280. 				//there is no template param version of
    3281. 

  3281. 				//this default so the default stands
    3282. 

  3282. 				else
    3283. 

  3283. 				{
    3284. 

  3284. 					//for setting tagparam, however rare
    3285. 

  3285. 					$value = $default;
    3286. 

  3286. 					$this->params[$name] = $default;
    3287. 

  3287. 				}
    3288. 

  3288. 			}
    3289. 

  3289. 			//other wise check for the param or fallback on default
    3290. 

  3290. 			else
    3291. 

  3291. 			{
    3292. 

  3292. 				if ($value === null)
    3293. 

  3293. 				{
    3294. 

  3294. 					$value = trim(
    3295. 

  3295. 						ee()->TMPL->fetch_param($name, $default)
    3296. 

  3296. 					);
    3297. 

  3297. 				}
    3298. 

  3298. 

  3299. 				$this->params[$name] = $value;
    3300. 

  3300. 			}
    3301. 

  3301. 

  3302. 		}
    3303. 

  3303. 

  3304. 		if ($set_tagparam && $value !== null)
    3305. 

  3305. 		{
    3306. 

  3306. 			ee()->TMPL->tagparams[$name] = $value;
    3307. 

  3307. 		}
    3308. 

  3308. 	}
    3309. 

  3309. 	//END set_form_param
    3310. 

  3310. 

  3311. 

  3312. 	// --------------------------------------------------------------------
    3313. 

  3313. 

  3314. 

  3315. 	/**
    3316. 

  3316. 	 * Get Default Params
    3317. 

  3317. 	 *
    3318. 

  3318. 	 * Gets default Params and sets them to class var if not alraedy set
    3319. 

  3319. 	 * @access	public
    3320. 

  3320. 	 * @return	array	key value array of default params
    3321. 

  3321. 	 */
    3322. 

  3322. 

  3323. 	public function get_default_params()
    3324. 

  3324. 	{
    3325. 

  3325. 		if (isset($this->params_with_defaults))
    3326. 

  3326. 		{
    3327. 

  3327. 			return $this->params_with_defaults;
    3328. 

  3328. 		}
    3329. 

  3329. 

  3330. 		if ( ! isset($this->form_data))
    3331. 

  3331. 		{
    3332. 

  3332. 			$this->form_data = $this->data->get_form_info($this->form_id());
    3333. 

  3333. 		}
    3334. 

  3334. 

  3335. 		$this->params_with_defaults	= array(
    3336. 

  3336. 			//security
    3337. 

  3337. 			'secure_action'					=> FALSE,
    3338. 

  3338. 			'secure_return'					=> FALSE,
    3339. 

  3339. 			'require_captcha'				=> $this->require_captcha(),
    3340. 

  3340. 			'require_ip'					=> ! $this->check_no(
    3341. 

  3341. 				ee()->config->item("require_ip_for_posting")
    3342. 

  3342. 			),
    3343. 

  3343. 			'return'						=> ee()->uri->uri_string,
    3344. 

  3344. 			'inline_error_return'			=> ee()->uri->uri_string,
    3345. 

  3345. 			'error_page'					=> '',
    3346. 

  3346. 			'ajax'							=> TRUE,
    3347. 

  3347. 			'restrict_edit_to_author'		=> TRUE,
    3348. 

  3348. 

  3349. 			'inline_errors'					=> FALSE,
    3350. 

  3350. 

  3351. 			//dupe prevention
    3352. 

  3352. 			'prevent_duplicate_on'			=> '',
    3353. 

  3353. 			'prevent_duplicate_per_site'	=> FALSE,
    3354. 

  3354. 			'secure_duplicate_redirect'		=> FALSE,
    3355. 

  3355. 			'duplicate_redirect'			=> '',
    3356. 

  3356. 			'error_on_duplicate'			=> FALSE,
    3357. 

  3357. 

  3358. 			//required or matching fields
    3359. 

  3359. 			'required'						=> '',
    3360. 

  3360. 			'matching_fields'				=> '',
    3361. 

  3361. 

  3362. 			//multipage
    3363. 

  3363. 			'last_page'						=> TRUE,
    3364. 

  3364. 			'multipage'						=> FALSE,
    3365. 

  3365. 			'redirect_on_timeout'			=> TRUE,
    3366. 

  3366. 			'redirect_on_timeout_to'		=> '',
    3367. 

  3367. 			'page_marker'					=> $this->default_mp_page_marker,
    3368. 

  3368. 			'multipage_page'				=> '',
    3369. 

  3369. 			'paging_url'					=> '',
    3370. 

  3370. 			'multipage_page_names'			=> '',
    3371. 

  3371. 

  3372. 			//notifications
    3373. 

  3373. 			'admin_notify'					=> $this->form_data['admin_notification_email'],
    3374. 

  3374. 			'admin_cc_notify'				=> '',
    3375. 

  3375. 			'admin_bcc_notify'				=> '',
    3376. 

  3376. 			'notify_user'					=> $this->check_yes($this->form_data['notify_user']),
    3377. 

  3377. 			'notify_admin'					=> $this->check_yes($this->form_data['notify_admin']),
    3378. 

  3378. 			'notify_on_edit'				=> FALSE,
    3379. 

  3379. 			'user_email_field'				=> $this->form_data['user_email_field'],
    3380. 

  3380. 

  3381. 			//dynamic_recipients
    3382. 

  3382. 			'recipients'					=> FALSE,
    3383. 

  3383. 			'recipients_limit'				=> '3',
    3384. 

  3384. 

  3385. 			//user inputted recipients
    3386. 

  3386. 			'recipient_user_input'			=> FALSE,
    3387. 

  3387. 			'recipient_user_limit'			=> '3',
    3388. 

  3388. 

  3389. 			//templates
    3390. 

  3390. 			'recipient_template'			=> "",
    3391. 

  3391. 			'recipient_user_template'		=> "",
    3392. 

  3392. 			'admin_notification_template'	=> $this->form_data['admin_notification_id'],
    3393. 

  3393. 			'user_notification_template'	=> $this->form_data['user_notification_id'],
    3394. 

  3394. 

  3395. 												//we already set default status in like 5 places
    3396. 

  3396. 			'status'						=> '',//$this->form_data['default_status'],
    3397. 

  3397. 			'allow_status_edit'				=> FALSE,
    3398. 

  3398. 		);
    3399. 

  3399. 

  3400. 		return $this->params_with_defaults;
    3401. 

  3401. 	}
    3402. 

  3402. 	//END get_default_params
    3403. 

  3403. 

  3404. 	// --------------------------------------------------------------------
    3405. 

  3405. 

  3406. 	/**
    3407. 

  3407. 	 * Require Captcha?
    3408. 

  3408. 	 *
    3409. 

  3409. 	 * @access	public
    3410. 

  3410. 	 * @return	boolean		user isn't logged in or member require captcha
    3411. 

  3411. 	 */
    3412. 

  3412. 

  3413. 	public function require_captcha()
    3414. 

  3414. 	{
    3415. 

  3415. 		return (
    3416. 

  3416. 			ee()->session->userdata('member_id') == 0 OR
    3417. 

  3417. 			$this->check_yes(ee()->config->item('captcha_require_members'))
    3418. 

  3418. 		);
    3419. 

  3419. 	}
    3420. 

  3420. 	//END require_captcha
    3421. 

  3421. 

  3422. 

  3423. 	// --------------------------------------------------------------------
    3424. 

  3424. 

  3425. 	/**
    3426. 

  3426. 	 * Set Page Positions
    3427. 

  3427. 	 *
    3428. 

  3428. 	 * @access	public
    3429. 

  3429. 	 * @return	array	array of page positions for current page
    3430. 

  3430. 	 */
    3431. 

  3431. 

  3432. 	public function set_page_positions()
    3433. 

  3433. 	{
    3434. 

  3434. 		if (isset($this->page_positions))
    3435. 

  3435. 		{
    3436. 

  3436. 			return $this->page_positions;
    3437. 

  3437. 		}
    3438. 

  3438. 

  3439. 		// -------------------------------------
    3440. 

  3440. 		//	need form params
    3441. 

  3441. 		// -------------------------------------
    3442. 

  3442. 

  3443. 		$this->set_form_params();
    3444. 

  3444. 

  3445. 		// -------------------------------------
    3446. 

  3446. 		//	defaults
    3447. 

  3447. 		// -------------------------------------
    3448. 

  3448. 

  3449. 		$current_page	= 0;
    3450. 

  3450. 		$next_page		= 0;
    3451. 

  3451. 		$previous_page	= 0;
    3452. 

  3452. 		$page_type		= 'int';
    3453. 

  3453. 		$page_total		= 1;
    3454. 

  3454. 

  3455. 		// -------------------------------------
    3456. 

  3456. 		//	page array?
    3457. 

  3457. 		// -------------------------------------
    3458. 

  3458. 

  3459. 		$mp_page_array = $this->get_mp_page_array();
    3460. 

  3460. 

  3461. 		// -------------------------------------
    3462. 

  3462. 		//	parse
    3463. 

  3463. 		// -------------------------------------
    3464. 

  3464. 

  3465. 		if ( ! empty($mp_page_array))
    3466. 

  3466. 		{
    3467. 

  3467. 			$page_type = 'text';
    3468. 

  3468. 

  3469. 			$position		= array_search(
    3470. 

  3470. 				$this->params['multipage_page'],
    3471. 

  3471. 				$mp_page_array
    3472. 

  3472. 			);
    3473. 

  3473. 

  3474. 			if (in_array($position, array(-1, FALSE), TRUE))
    3475. 

  3475. 			{
    3476. 

  3476. 				$position = 0;
    3477. 

  3477. 			}
    3478. 

  3478. 

  3479. 			//this will be our human readable
    3480. 

  3480. 			$current_page		= $position + 1;
    3481. 

  3481. 

  3482. 			$page_total			= count($mp_page_array);
    3483. 

  3483. 

  3484. 			$next_page			= ($position + 1 < $page_total) ?
    3485. 

  3485. 									$mp_page_array[$position + 1] : 0;
    3486. 

  3486. 			$previous_page		= ($position - 1 >= 0) ?
    3487. 

  3487. 									$mp_page_array[$position - 1] : 0;
    3488. 

  3488. 

  3489. 			// -------------------------------------
    3490. 

  3490. 			//	set paging url
    3491. 

  3491. 			// -------------------------------------
    3492. 

  3492. 

  3493. 			if ($this->params['paging_url'] == '')
    3494. 

  3494. 			{
    3495. 

  3495. 				$matches = array();
    3496. 

  3496. 

  3497. 				if ($this->params['multipage_page'])
    3498. 

  3498. 				{
    3499. 

  3499. 					//we want to match all and get the last
    3500. 

  3500. 					preg_match_all(
    3501. 

  3501. 						'/(?:\/|^)(' .
    3502. 

  3502. 							preg_quote($this->params['multipage_page'], '/') .
    3503. 

  3503. 						')(?:\/|$)/',
    3504. 

  3504. 						ee()->uri->uri_string,
    3505. 

  3505. 						$matches,
    3506. 

  3506. 						PREG_SET_ORDER
    3507. 

  3507. 					);
    3508. 

  3508. 				}
    3509. 

  3509. 

  3510. 				$match = array();
    3511. 

  3511. 

  3512. 				if ($matches)
    3513. 

  3513. 				{
    3514. 

  3514. 					$match = array_pop($matches);
    3515. 

  3515. 				}
    3516. 

  3516. 

  3517. 				if (isset($match[1]))
    3518. 

  3518. 				{
    3519. 

  3519. 					$segs	= explode('/', ee()->uri->uri_string);
    3520. 

  3520. 

  3521. 					$i		= count($segs);
    3522. 

  3522. 

  3523. 					while ($i--)
    3524. 

  3524. 					{
    3525. 

  3525. 						if ($segs[$i] == $match[1])
    3526. 

  3526. 						{
    3527. 

  3527. 							$segs[$i] = '%page%';
    3528. 

  3528. 							break;
    3529. 

  3529. 						}
    3530. 

  3530. 					}
    3531. 

  3531. 

  3532. 					$this->params['paging_url'] = implode($segs, '/');
    3533. 

  3533. 

  3534. 					//if they didn't set a redirect on timeout
    3535. 

  3535. 					//we can assume its this same setup, but with
    3536. 

  3536. 					//page1 instead of page whatever else.
    3537. 

  3537. 					if ($this->params['redirect_on_timeout_to'] == '')
    3538. 

  3538. 					{
    3539. 

  3539. 						//swap the number from the match, then swap the match
    3540. 

  3540. 						$this->params['redirect_on_timeout_to'] = str_replace(
    3541. 

  3541. 							'%page%',
    3542. 

  3542. 							$mp_page_array[0],
    3543. 

  3543. 							$this->params['paging_url']
    3544. 

  3544. 						);
    3545. 

  3545. 					}
    3546. 

  3546. 				}
    3547. 

  3547. 				//END if (isset($match[1]))
    3548. 

  3548. 			}
    3549. 

  3549. 			//END if ($this->params['paging_url'] == '')
    3550. 

  3550. 		}
    3551. 

  3551. 		//else to if ( ! empty($mp_page_array))
    3552. 

  3552. 		//manually passed integer?
    3553. 

  3553. 		else if ($this->params['multipage_page'] != '')
    3554. 

  3554. 		{
    3555. 

  3555. 			//remove the marker in case someone sends us a segment
    3556. 

  3556. 			//with the marker in it like "page2"
    3557. 

  3557. 			$multipage_page = trim(
    3558. 

  3558. 				str_replace(
    3559. 

  3559. 					$this->params['page_marker'],
    3560. 

  3560. 					'',
    3561. 

  3561. 					$this->params['multipage_page']
    3562. 

  3562. 				)
    3563. 

  3563. 			);
    3564. 

  3564. 

  3565. 			if ($multipage_page AND
    3566. 

  3566. 				$this->is_positive_intlike($multipage_page))
    3567. 

  3567. 			{
    3568. 

  3568. 				$current_page = $multipage_page;
    3569. 

  3569. 

  3570. 				$next_page		= ($current_page < $page_total) ?
    3571. 

  3571. 									$current_page + 1 : 0;
    3572. 

  3572. 

  3573. 				$previous_page	= ($current_page > 1) ?
    3574. 

  3574. 									$current_page - 1 : 0;
    3575. 

  3575. 			}
    3576. 

  3576. 		}
    3577. 

  3577. 		//END if ( ! empty($mp_page_array))
    3578. 

  3578. 		//else if ($this->params['multipage_page'] != '')
    3579. 

  3579. 

  3580. 		// -------------------------------------
    3581. 

  3581. 		//	find dynamically?
    3582. 

  3582. 		// -------------------------------------
    3583. 

  3583. 

  3584. 		if ($current_page == 0)
    3585. 

  3585. 		{
    3586. 

  3586. 			$pm = $this->params['page_marker'];
    3587. 

  3587. 

  3588. 			//find the page number in /ee/template/page1/
    3589. 

  3589. 			preg_match(
    3590. 

  3590. 				'/(?:\/|^)' . preg_quote($pm, '/') . '([0-9]+)(?:\/|$)/',
    3591. 

  3591. 				ee()->uri->uri_string,
    3592. 

  3592. 				$matches
    3593. 

  3593. 			);
    3594. 

  3594. 

  3595. 			if (isset($matches[1]))
    3596. 

  3596. 			{
    3597. 

  3597. 				$current_page = $matches[1];
    3598. 

  3598. 

  3599. 				//swap the number from the match, then swap the match
    3600. 

  3600. 				$this->params['paging_url'] = str_replace(
    3601. 

  3601. 					$pm . $matches[1],
    3602. 

  3602. 					'%page%',
    3603. 

  3603. 					ee()->uri->uri_string
    3604. 

  3604. 				);
    3605. 

  3605. 

  3606. 				//if they didn't set a redirect on timeout
    3607. 

  3607. 				//we can assume its this same setup, but with
    3608. 

  3608. 				//page1 instead of page whatever else.
    3609. 

  3609. 				if ($this->params['redirect_on_timeout_to'] == '')
    3610. 

  3610. 				{
    3611. 

  3611. 					//swap the number from the match, then swap the match
    3612. 

  3612. 					$this->params['redirect_on_timeout_to'] = str_replace(
    3613. 

  3613. 						$matches[0],
    3614. 

  3614. 						str_replace(
    3615. 

  3615. 							$matches[1],
    3616. 

  3616. 							'1',
    3617. 

  3617. 							$matches[0]
    3618. 

  3618. 						),
    3619. 

  3619. 						ee()->uri->uri_string
    3620. 

  3620. 					);
    3621. 

  3621. 				}
    3622. 

  3622. 			}
    3623. 

  3623. 		}
    3624. 

  3624. 

  3625. 		//if none of that crap worked, page 1
    3626. 

  3626. 		if ($current_page == 0)
    3627. 

  3627. 		{
    3628. 

  3628. 			$current_page = 1;
    3629. 

  3629. 

  3630. 			$next_page		= ($current_page < $page_total) ?
    3631. 

  3631. 				$current_page + 1 : 0;
    3632. 

  3632. 

  3633. 			$previous_page	= ($current_page > 1) ?
    3634. 

  3634. 				$current_page - 1 : 0;
    3635. 

  3635. 		}
    3636. 

  3636. 

  3637. 		$this->page_positions = array(
    3638. 

  3638. 			'page_type'			=> $page_type,
    3639. 

  3639. 			'current_page'		=> $current_page,
    3640. 

  3640. 			'page_total'		=> $page_total,
    3641. 

  3641. 			'next_page'			=> $next_page,
    3642. 

  3642. 			'previous_page'		=> $previous_page,
    3643. 

  3643. 		);
    3644. 

  3644. 

  3645. 		return $this->page_positions;
    3646. 

  3646. 	}
    3647. 

  3647. 	//END set_page_positions
    3648. 

  3648. 

  3649. 

  3650. 	// --------------------------------------------------------------------
    3651. 

  3651. 

  3652. 	/**
    3653. 

  3653. 	 * Get Multipage page array
    3654. 

  3654. 	 *
    3655. 

  3655. 	 * @access	public
    3656. 

  3656. 	 * @return	array	array of multipage pages or empty array
    3657. 

  3657. 	 */
    3658. 

  3658. 

  3659. 	public function get_mp_page_array()
    3660. 

  3660. 	{
    3661. 

  3661. 		if (isset($this->mp_page_array))
    3662. 

  3662. 		{
    3663. 

  3663. 			return $this->mp_page_array;
    3664. 

  3664. 		}
    3665. 

  3665. 

  3666. 		$this->set_form_params();
    3667. 

  3667. 

  3668. 		if ($this->params['multipage_page_names'] != '')
    3669. 

  3669. 		{
    3670. 

  3670. 			$mp_page_array = $this->actions()->pipe_split(
    3671. 

  3671. 				$this->params['multipage_page_names']
    3672. 

  3672. 			);
    3673. 

  3673. 

  3674. 			array_walk($mp_page_array, 'trim');
    3675. 

  3675. 

  3676. 			$this->mp_page_array = $mp_page_array;
    3677. 

  3677. 

  3678. 			// -------------------------------------
    3679. 

  3679. 			//	multipage page missing?
    3680. 

  3680. 			// -------------------------------------
    3681. 

  3681. 

  3682. 			if ( ! $this->params['multipage_page'])
    3683. 

  3683. 			{
    3684. 

  3684. 				foreach ($mp_page_array as $key => $page)
    3685. 

  3685. 				{
    3686. 

  3686. 					$mp_page_array[$key] = preg_quote($page, '/');
    3687. 

  3687. 				}
    3688. 

  3688. 

  3689. 				$match_string = '/(?:\/|^)(' .
    3690. 

  3690. 									implode('|', $mp_page_array) .
    3691. 

  3691. 								')(?:\/|$)/';
    3692. 

  3692. 

  3693. 				//we want to match all and get the last
    3694. 

  3694. 				preg_match_all(
    3695. 

  3695. 					$match_string,
    3696. 

  3696. 					ee()->uri->uri_string,
    3697. 

  3697. 					$matches,
    3698. 

  3698. 					PREG_SET_ORDER
    3699. 

  3699. 				);
    3700. 

  3700. 

  3701. 				if ($matches)
    3702. 

  3702. 				{
    3703. 

  3703. 					$match = array_pop($matches);
    3704. 

  3704. 

  3705. 					if ( ! $this->params['multipage_page'])
    3706. 

  3706. 					{
    3707. 

  3707. 						$this->params['multipage_page'] = $match[1];
    3708. 

  3708. 					}
    3709. 

  3709. 				}
    3710. 

  3710. 			}
    3711. 

  3711. 		}
    3712. 

  3712. 		else
    3713. 

  3713. 		{
    3714. 

  3714. 			$this->mp_page_array = array();
    3715. 

  3715. 		}
    3716. 

  3716. 

  3717. 		return $this->mp_page_array;
    3718. 

  3718. 	}
    3719. 

  3719. 	//END get_mp_page_array
    3720. 

  3720. 

  3721. 

  3722. 	// --------------------------------------------------------------------
    3723. 

  3723. 

  3724. 	/**
    3725. 

  3725. 	 * param - gets stored paramaters
    3726. 

  3726. 	 *
    3727. 

  3727. 	 * @access	private
    3728. 

  3728. 	 * @param	string  $which	which param needed
    3729. 

  3729. 	 * @param	string  $type	type of param
    3730. 

  3730. 	 * @return	bool 			$which was empty
    3731. 

  3731. 	 */
    3732. 

  3732. 

  3733. 	private function param($which = '', $type = 'all')
    3734. 

  3734. 	{
    3735. 

  3735. 		//	----------------------------------------
    3736. 

  3736. 		//	Params set?
    3737. 

  3737. 		//	----------------------------------------
    3738. 

  3738. 

  3739. 		if ( count( $this->params ) == 0 )
    3740. 

  3740. 		{
    3741. 

  3741. 			ee()->load->model('freeform_param_model');
    3742. 

  3742. 

  3743. 			//	----------------------------------------
    3744. 

  3744. 			//	Empty id?
    3745. 

  3745. 			//	----------------------------------------
    3746. 

  3746. 

  3747. 			$params_id = ee()->input->get_post('params_id', TRUE);
    3748. 

  3748. 

  3749. 			if ( ! $this->is_positive_intlike($params_id) )
    3750. 

  3750. 			{
    3751. 

  3751. 				return FALSE;
    3752. 

  3752. 			}
    3753. 

  3753. 

  3754. 			$this->params_id = $params_id;
    3755. 

  3755. 

  3756. 			// -------------------------------------
    3757. 

  3757. 			//	pre-clean so cache can keep
    3758. 

  3758. 			// -------------------------------------
    3759. 

  3759. 

  3760. 			ee()->freeform_param_model->cleanup();
    3761. 

  3761. 

  3762. 			//	----------------------------------------
    3763. 

  3763. 			//	Select from DB
    3764. 

  3764. 			//	----------------------------------------
    3765. 

  3765. 

  3766. 			$data = ee()->freeform_param_model->select('data')
    3767. 

  3767. 											  ->get_row($this->params_id);
    3768. 

  3768. 

  3769. 			//	----------------------------------------
    3770. 

  3770. 			//	Empty?
    3771. 

  3771. 			//	----------------------------------------
    3772. 

  3772. 

  3773. 			if ( ! $data )
    3774. 

  3774. 			{
    3775. 

  3775. 				return FALSE;
    3776. 

  3776. 			}
    3777. 

  3777. 

  3778. 			//	----------------------------------------
    3779. 

  3779. 			//	Unserialize
    3780. 

  3780. 			//	----------------------------------------
    3781. 

  3781. 

  3782. 			$this->params				= json_decode( $data['data'], TRUE );
    3783. 

  3783. 			$this->params				= is_array($this->params) ? $this->params : array();
    3784. 

  3784. 			$this->params['set']		= TRUE;
    3785. 

  3785. 		}
    3786. 

  3786. 		//END if ( count( $this->params ) == 0 )
    3787. 

  3787. 

  3788. 

  3789. 		//	----------------------------------------
    3790. 

  3790. 		//	Fetch from params array
    3791. 

  3791. 		//	----------------------------------------
    3792. 

  3792. 

  3793. 		if ( isset( $this->params[$which] ) )
    3794. 

  3794. 		{
    3795. 

  3795. 			$return	= str_replace( "&#47;", "/", $this->params[$which] );
    3796. 

  3796. 

  3797. 			return $return;
    3798. 

  3798. 		}
    3799. 

  3799. 

  3800. 		//	----------------------------------------
    3801. 

  3801. 		//	Fetch TMPL
    3802. 

  3802. 		//	----------------------------------------
    3803. 

  3803. 

  3804. 		if ( isset( ee()->TMPL ) AND
    3805. 

  3805. 			 is_object(ee()->TMPL) AND
    3806. 

  3806. 			 ee()->TMPL->fetch_param($which) )
    3807. 

  3807. 		{
    3808. 

  3808. 			return ee()->TMPL->fetch_param($which);
    3809. 

  3809. 		}
    3810. 

  3810. 

  3811. 		//	----------------------------------------
    3812. 

  3812. 		//	Return (if which is blank, we are just getting data)
    3813. 

  3813. 		//	else if we are looking for something that doesn't exist...
    3814. 

  3814. 		//	----------------------------------------
    3815. 

  3815. 

  3816. 		return ($which === '');
    3817. 

  3817. 	}
    3818. 

  3818. 	//End param
    3819. 

  3819. 

  3820. 

  3821. 	// --------------------------------------------------------------------
    3822. 

  3822. 

  3823. 	/**
    3824. 

  3824. 	 * insert_params - adds multiple params to stored params
    3825. 

  3825. 	 *
    3826. 

  3826. 	 * @access	private
    3827. 

  3827. 	 * @param	array	$param	sassociative array of params to send
    3828. 

  3828. 	 * @return	mixed			insert id or false
    3829. 

  3829. 	 */
    3830. 

  3830. 

  3831. 	private function insert_params( $params = array() )
    3832. 

  3832. 	{
    3833. 

  3833. 		ee()->load->model('freeform_param_model');
    3834. 

  3834. 

  3835. 		if (empty($params) AND isset($this->params))
    3836. 

  3836. 		{
    3837. 

  3837. 			$params = $this->params;
    3838. 

  3838. 		}
    3839. 

  3839. 

  3840. 		return ee()->freeform_param_model->insert_params($params);
    3841. 

  3841. 	}
    3842. 

  3842. 	//	End insert params
    3843. 

  3843. 

  3844. 

  3845. 	// --------------------------------------------------------------------
    3846. 

  3846. 

  3847. 	/**
    3848. 

  3848. 	 * prep_url
    3849. 

  3849. 	 *
    3850. 

  3850. 	 * checks a url for {path} or url creation needs with https replacement
    3851. 

  3851. 	 *
    3852. 

  3852. 	 * @access	private
    3853. 

  3853. 	 * @param 	string 	url to be prepped
    3854. 

  3854. 	 * @param 	bool 	replace http with https?
    3855. 

  3855. 	 * @return	string 	url prepped with https or not
    3856. 

  3856. 	 */
    3857. 

  3857. 

  3858. 	private function prep_url($url, $https = FALSE)
    3859. 

  3859. 	{
    3860. 

  3860. 		$return = trim($url);
    3861. 

  3861. 

  3862. 		$return = ($return !== '') ? $return : ee()->config->item('site_url');
    3863. 

  3863. 

  3864. 		if ( preg_match( "/".LD."\s*path=(.*?)".RD."/", $return, $match ) > 0 )
    3865. 

  3865. 		{
    3866. 

  3866. 			$return	= ee()->functions->create_url( $match['1'] );
    3867. 

  3867. 		}
    3868. 

  3868. 		else if ( ! preg_match('/^http[s]?:\/\/|^\/\//', $return) )
    3869. 

  3869. 		{
    3870. 

  3870. 			$return	= ee()->functions->create_url( $return );
    3871. 

  3871. 		}
    3872. 

  3872. 

  3873. 		if ($https)
    3874. 

  3874. 		{
    3875. 

  3875. 			$return = preg_replace('/^http:\/\/|^\/\//', 'https://', $return);
    3876. 

  3876. 		}
    3877. 

  3877. 

  3878. 		return $return;
    3879. 

  3879. 	}
    3880. 

  3880. 	//end prep_url
    3881. 

  3881. 

  3882. 

  3883. 	// --------------------------------------------------------------------
    3884. 

  3884. 

  3885. 	/**
    3886. 

  3886. 	 * nation ban check
    3887. 

  3887. 	 *
    3888. 

  3888. 	 * sessions built in nation ban check doesn't properly
    3889. 

  3889. 	 * return a bool if show errors are off
    3890. 

  3890. 	 * and we want ajax responses with this
    3891. 

  3891. 	 *
    3892. 

  3892. 	 * @access	private
    3893. 

  3893. 	 * @param 	bool 	show fatal errors instead of returning bool true
    3894. 

  3894. 	 * @return	bool 	is banned or now
    3895. 

  3895. 	 */
    3896. 

  3896. 

  3897. 	private function nation_ban_check($show_error = TRUE)
    3898. 

  3898. 	{
    3899. 

  3899. 		if ( ! $this->check_yes(ee()->config->item('require_ip_for_posting')) OR
    3900. 

  3900. 			 ! $this->check_yes(ee()->config->item('ip2nation')) OR
    3901. 

  3901. 			 ! ee()->db->table_exists('exp_ip2nation'))
    3902. 

  3902. 		{
    3903. 

  3903. 			return FALSE;
    3904. 

  3904. 		}
    3905. 

  3905. 

  3906. 		//2.5.2 has a different table and ipv6 support
    3907. 

  3907. 		if (version_compare($this->ee_version, '2.5.2', '<='))
    3908. 

  3908. 		{
    3909. 

  3909. 			ee()->db->select("country");
    3910. 

  3910. 			ee()->db->where('ip <', ip2long(ee()->input->ip_address()));
    3911. 

  3911. 			ee()->db->order_by('ip', 'desc');
    3912. 

  3912. 			$query = ee()->db->get('ip2nation', 1);
    3913. 

  3913. 		}
    3914. 

  3914. 		else
    3915. 

  3915. 		{
    3916. 

  3916. 			// all IPv4 go to IPv6 mapped
    3917. 

  3917. 			$addr = ee()->input->ip_address();
    3918. 

  3918. 

  3919. 			if (strpos($addr, ':') === FALSE &&
    3920. 

  3920. 				strpos($addr, '.') !== FALSE)
    3921. 

  3921. 			{
    3922. 

  3922. 				$addr = '::'.$addr;
    3923. 

  3923. 			}
    3924. 

  3924. 

  3925. 			$addr = inet_pton($addr);
    3926. 

  3926. 			$addr = ee()->db->escape_str($addr);
    3927. 

  3927. 

  3928. 			$query = ee()->db
    3929. 

  3929. 				->select('country')
    3930. 

  3930. 				->where("ip_range_low <= '{$addr}'", '', FALSE)
    3931. 

  3931. 				->where("ip_range_high >= '{$addr}'", '', FALSE)
    3932. 

  3932. 				->order_by('ip_range_low', 'desc')
    3933. 

  3933. 				->limit(1, 0)
    3934. 

  3934. 				->get('ip2nation');
    3935. 

  3935. 		}
    3936. 

  3936. 

  3937. 		if ($query->num_rows() == 1)
    3938. 

  3938. 		{
    3939. 

  3939. 			$ip2_query = ee()->db->get_where(
    3940. 

  3940. 				'ip2nation_countries',
    3941. 

  3941. 				array(
    3942. 

  3942. 					'code'		=> $query->row('country'),
    3943. 

  3943. 					'banned'	=> 'y'
    3944. 

  3944. 				)
    3945. 

  3945. 			);
    3946. 

  3946. 

  3947. 			if ($ip2_query->num_rows() > 0)
    3948. 

  3948. 			{
    3949. 

  3949. 				if ($show_error == TRUE)
    3950. 

  3950. 				{
    3951. 

  3951. 					return ee()->output->fatal_error(
    3952. 

  3952. 						ee()->config->item('ban_message'),
    3953. 

  3953. 						0
    3954. 

  3954. 					);
    3955. 

  3955. 				}
    3956. 

  3956. 				else
    3957. 

  3957. 				{
    3958. 

  3958. 					return TRUE;
    3959. 

  3959. 				}
    3960. 

  3960. 			}
    3961. 

  3961. 		}
    3962. 

  3962. 

  3963. 		return FALSE;
    3964. 

  3964. 	}
    3965. 

  3965. 	//END nation_ban_check
    3966. 

  3966. 

  3967. 

  3968. 	// --------------------------------------------------------------------
    3969. 

  3969. 

  3970. 	/**
    3971. 

  3971. 	 * Parse Numeric Array Param
    3972. 

  3972. 	 *
    3973. 

  3973. 	 * checks template param for item like 'not 1|2|3'
    3974. 

  3974. 	 *
    3975. 

  3975. 	 * @access	private
    3976. 

  3976. 	 * @param 	string 	name of param to parse
    3977. 

  3977. 	 * @return	mixed	false if not set, array if set
    3978. 

  3978. 	 */
    3979. 

  3979. 

  3980. 	private function parse_numeric_array_param($name = '')
    3981. 

  3981. 	{
    3982. 

  3982. 		$return = array();
    3983. 

  3983. 

  3984. 		if (trim($name) == '')
    3985. 

  3985. 		{
    3986. 

  3986. 			return FALSE;
    3987. 

  3987. 		}
    3988. 

  3988. 

  3989. 		$name_id = ee()->TMPL->fetch_param($name);
    3990. 

  3990. 

  3991. 		if ($name_id == FALSE)
    3992. 

  3992. 		{
    3993. 

  3993. 			return FALSE;
    3994. 

  3994. 		}
    3995. 

  3995. 

  3996. 		$name_id 	= trim(strtolower($name_id));
    3997. 

  3997. 		$not 		= FALSE;
    3998. 

  3998. 

  3999. 		if (substr($name_id, 0, 3) == 'not')
    4000. 

  4000. 		{
    4001. 

  4001. 			$not 		= TRUE;
    4002. 

  4002. 			$name_id 	= preg_replace('/^not[\s]*/', '', $name_id);
    4003. 

  4003. 		}
    4004. 

  4004. 

  4005. 		$clean_ids = array();
    4006. 

  4006. 

  4007. 		if ($name_id !== '')
    4008. 

  4008. 		{
    4009. 

  4009. 			$name_id = str_replace(
    4010. 

  4010. 				'CURRENT_USER',
    4011. 

  4011. 				ee()->session->userdata('member_id'),
    4012. 

  4012. 				$name_id
    4013. 

  4013. 			);
    4014. 

  4014. 

  4015. 			if (stristr($name_id, '|'))
    4016. 

  4016. 			{
    4017. 

  4017. 				$name_id = $this->actions()->pipe_split($name_id);
    4018. 

  4018. 			}
    4019. 

  4019. 

  4020. 			if ( ! is_array($name_id))
    4021. 

  4021. 			{
    4022. 

  4022. 				$name_id = array($name_id);
    4023. 

  4023. 			}
    4024. 

  4024. 

  4025. 			foreach ($name_id as $value)
    4026. 

  4026. 			{
    4027. 

  4027. 				$value = trim($value);
    4028. 

  4028. 

  4029. 				if ($this->is_positive_intlike($value))
    4030. 

  4030. 				{
    4031. 

  4031. 					$clean_ids[] = $value;
    4032. 

  4032. 				}
    4033. 

  4033. 			}
    4034. 

  4034. 		}
    4035. 

  4035. 

  4036. 		return array(
    4037. 

  4037. 			'not' 	=> $not,
    4038. 

  4038. 			'ids'	=> $clean_ids
    4039. 

  4039. 		);
    4040. 

  4040. 	}
    4041. 

  4041. 	//END parse_numeric_array_param
    4042. 

  4042. 

  4043. 

  4044. 	// --------------------------------------------------------------------
    4045. 

  4045. 

  4046. 	/**
    4047. 

  4047. 	 * Tag Prefix replace
    4048. 

  4048. 	 *
    4049. 

  4049. 	 * Takes a set of tags and removes unprefixed tags then removes the
    4050. 

  4050. 	 * prefixes from the prefixed ones. Sending reverse true re-instates the
    4051. 

  4051. 	 * unprefixed items
    4052. 

  4052. 	 *
    4053. 

  4053. 	 * @param  string  $prefix  prefix for tags
    4054. 

  4054. 	 * @param  array   $tags    array of tags to look for prefixes with
    4055. 

  4055. 	 * @param  string  $tagdata incoming tagdata to replace on
    4056. 

  4056. 	 * @param  boolean $reverse reverse the replacements?
    4057. 

  4057. 	 * @return string  tagdata with replacements
    4058. 

  4058. 	 */
    4059. 

  4059. 

  4060. 	public function tag_prefix_replace($prefix = '', $tags = array(),
    4061. 

  4061. 										$tagdata = '', $reverse = FALSE)
    4062. 

  4062. 	{
    4063. 

  4063. 		if ($prefix == '' OR ! is_array($tags) OR empty($tags))
    4064. 

  4064. 		{
    4065. 

  4065. 			return $tagdata;
    4066. 

  4066. 		}
    4067. 

  4067. 

  4068. 		//allowing ':' in a prefix
    4069. 

  4069. 		if (substr($prefix, -1, 1) !== ':')
    4070. 

  4070. 		{
    4071. 

  4071. 			$prefix = rtrim($prefix, '_') . '_';
    4072. 

  4072. 		}
    4073. 

  4073. 

  4074. 

  4075. 		$hash 	= '02be645684a54f45f08d0b1dbadf78e1a3a9f2ee';
    4076. 

  4076. 

  4077. 		$find 			= array();
    4078. 

  4078. 		$hash_replace 	= array();
    4079. 

  4079. 		$prefix_replace = array();
    4080. 

  4080. 

  4081. 		$length = count($tags);
    4082. 

  4082. 

  4083. 		foreach ($tags as $key => $item)
    4084. 

  4084. 		{
    4085. 

  4085. 			$nkey = $key + $length;
    4086. 

  4086. 

  4087. 			//if there is nothing prefixed, we don't want to do anything datastardly
    4088. 

  4088. 			if ( ! $reverse AND
    4089. 

  4089. 				strpos($tagdata, LD . $prefix . $item) === FALSE)
    4090. 

  4090. 			{
    4091. 

  4091. 				continue;
    4092. 

  4092. 			}
    4093. 

  4093. 

  4094. 			//this is terse, but it ensures that we
    4095. 

  4095. 			//find any an all tag pairs if they occur
    4096. 

  4096. 			$find[$key] 			= $item;
    4097. 

  4097. 			$find[$nkey] 			= '/' .  $item;
    4098. 

  4098. 			$hash_replace[$key] 	= $hash . $item;
    4099. 

  4099. 			$hash_replace[$nkey] 	= '/' .  $hash . $item;
    4100. 

  4100. 			$prefix_replace[$key] 	= $prefix . $item;
    4101. 

  4101. 			$prefix_replace[$nkey] 	= '/' .  $prefix . $item;
    4102. 

  4102. 		}
    4103. 

  4103. 

  4104. 		//prefix standard and replace prefixes
    4105. 

  4105. 		if ( ! $reverse)
    4106. 

  4106. 		{
    4107. 

  4107. 			foreach ($find as $key => $value)
    4108. 

  4108. 			{
    4109. 

  4109. 				$tagdata = preg_replace(
    4110. 

  4110. 					'/(?<![:_])\b(' . preg_quote($value, '/') . ')\b(?![:_])/ms',
    4111. 

  4111. 					$hash_replace[$key],
    4112. 

  4112. 					$tagdata
    4113. 

  4113. 				);
    4114. 

  4114. 			}
    4115. 

  4115. 

  4116. 			foreach ($prefix_replace as $key => $value)
    4117. 

  4117. 			{
    4118. 

  4118. 				$tagdata = preg_replace(
    4119. 

  4119. 					'/(?<![:_])\b(' . preg_quote($value, '/') . ')\b(?![:_])/ms',
    4120. 

  4120. 					$find[$key],
    4121. 

  4121. 					$tagdata
    4122. 

  4122. 				);
    4123. 

  4123. 			}
    4124. 

  4124. 

  4125. 			//$tagdata = str_replace($find, $hash_replace, $tagdata);
    4126. 

  4126. 			//$tagdata = str_replace($prefix_replace, $find, $tagdata);
    4127. 

  4127. 		}
    4128. 

  4128. 		//we are on the return, fix the hashed ones
    4129. 

  4129. 		else
    4130. 

  4130. 		{
    4131. 

  4131. 			//$tagdata = str_replace($hash_replace, $find, $tagdata);
    4132. 

  4132. 			foreach ($hash_replace as $key => $value)
    4133. 

  4133. 			{
    4134. 

  4134. 				$tagdata = preg_replace(
    4135. 

  4135. 					'/(?<![:_])\b(' . preg_quote($value, '/') . ')\b(?![:_])/ms',
    4136. 

  4136. 					$find[$key],
    4137. 

  4137. 					$tagdata
    4138. 

  4138. 				);
    4139. 

  4139. 			}
    4140. 

  4140. 		}
    4141. 

  4141. 

  4142. 		return $tagdata;
    4143. 

  4143. 	}
    4144. 

  4144. 	//END tag_prefix_replace
    4145. 

  4145. 

  4146. 

  4147. 	// --------------------------------------------------------------------
    4148. 

  4148. 

  4149. 	/**
    4150. 

  4150. 	 * Checks first for an error block if present
    4151. 

  4151. 	 *
    4152. 

  4152. 	 * @access protected
    4153. 

  4153. 	 * @param  string	$line	error line
    4154. 

  4154. 	 * @return string			parsed html tagdata
    4155. 

  4155. 	 */
    4156. 

  4156. 

  4157. 	protected function no_results_error($line = '')
    4158. 

  4158. 	{
    4159. 

  4159. 		$opener		= LD . 'if ';
    4160. 

  4160. 		$closer		= LD . '/if' . RD;
    4161. 

  4161. 		$q_closer	= preg_quote($closer, '/');
    4162. 

  4162. 		$tagdata	= ee()->TMPL->tagdata;
    4163. 

  4163. 

  4164. 		if ($line != '' AND
    4165. 

  4165. 			preg_match(
    4166. 

  4166. 				"/". $opener . preg_quote($this->lower_name) . ":error" .
    4167. 

  4167. 					RD."(.*?)". $q_closer ."/s",
    4168. 

  4168. 				$tagdata,
    4169. 

  4169. 				$match
    4170. 

  4170. 			)
    4171. 

  4171. 		)
    4172. 

  4172. 		{
    4173. 

  4173. 			//This can have some nested if statements so we need to
    4174. 

  4174. 			//make sure that we have balanced {if} blocks
    4175. 

  4175. 			$td			= $match[1];
    4176. 

  4176. 			$openers	= substr_count($td, $opener);
    4177. 

  4177. 			$closers	= substr_count($td, $closer);
    4178. 

  4178. 

  4179. 			//nested IFs?
    4180. 

  4180. 			if ($openers && $openers > $closers)
    4181. 

  4181. 			{
    4182. 

  4182. 				$loop = 0;
    4183. 

  4183. 

  4184. 				while ($openers != $closers)
    4185. 

  4185. 				{
    4186. 

  4186. 					//protection
    4187. 

  4187. 					if ($loop++ > 500)
    4188. 

  4188. 					{
    4189. 

  4189. 						break;
    4190. 

  4190. 						return ee()->TMPL->no_results();
    4191. 

  4191. 					}
    4192. 

  4192. 

  4193. 					$sub_td = substr($tagdata, strpos($tagdata, $td) + strlen($td));
    4194. 

  4194. 					$td = $td . substr(
    4195. 

  4195. 						$sub_td,
    4196. 

  4196. 						strpos($sub_td, $closer),
    4197. 

  4197. 						strpos($sub_td, $closer) + strlen($closer)
    4198. 

  4198. 					);
    4199. 

  4199. 

  4200. 					$openers	= substr_count($td, $opener);
    4201. 

  4201. 					$closers	= substr_count($td, $closer);
    4202. 

  4202. 				}
    4203. 

  4203. 			}
    4204. 

  4204. 

  4205. 			$error_tag = $this->lower_name . ":error";
    4206. 

  4206. 

  4207. 			return ee()->TMPL->parse_variables(
    4208. 

  4208. 				$td,
    4209. 

  4209. 				array(array(
    4210. 

  4210. 					$error_tag		=> $line,
    4211. 

  4211. 					'error_message' => lang($line)
    4212. 

  4212. 				))
    4213. 

  4213. 			);
    4214. 

  4214. 		}
    4215. 

  4215. 		else if ( preg_match(
    4216. 

  4216. 				"/". $opener .preg_quote($this->lower_name).":no_results" .
    4217. 

  4217. 					RD."(.*?)". $q_closer ."/s",
    4218. 

  4218. 				$tagdata,
    4219. 

  4219. 				$match
    4220. 

  4220. 			)
    4221. 

  4221. 		)
    4222. 

  4222. 		{
    4223. 

  4223. 			return $match[1];
    4224. 

  4224. 		}
    4225. 

  4225. 		else
    4226. 

  4226. 		{
    4227. 

  4227. 			return ee()->TMPL->no_results();
    4228. 

  4228. 		}
    4229. 

  4229. 	}
    4230. 

  4230. 	//END no_results_error
    4231. 

  4231. 

  4232. 

  4233. 	// --------------------------------------------------------------------
    4234. 

  4234. 

  4235. 	/**
    4236. 

  4236. 	 * Replaces CURRENT_USER in tag params
    4237. 

  4237. 	 *
    4238. 

  4238. 	 * @access	protected
    4239. 

  4239. 	 * @return	null
    4240. 

  4240. 	 */
    4241. 

  4241. 

  4242. 	protected function replace_current_user()
    4243. 

  4243. 	{
    4244. 

  4244. 		if (isset(ee()->TMPL) AND is_object(ee()->TMPL))
    4245. 

  4245. 		{
    4246. 

  4246. 			foreach (ee()->TMPL->tagparams as $key => $value)
    4247. 

  4247. 			{
    4248. 

  4248. 				if (stristr($value, 'CURRENT_USER'))
    4249. 

  4249. 				{
    4250. 

  4250. 					ee()->TMPL->tagparams[$key] = preg_replace(
    4251. 

  4251. 						'/(?<![:_])\b(CURRENT_USER)\b(?![:_])/ms',
    4252. 

  4252. 						ee()->session->userdata('member_id'),
    4253. 

  4253. 						$value
    4254. 

  4254. 					);
    4255. 

  4255. 				}
    4256. 

  4256. 			}
    4257. 

  4257. 		}
    4258. 

  4258. 	}
    4259. 

  4259. 	//END replace_current_user
    4260. 

  4260. 

  4261. 

  4262. 	
    4263. 

  4263. 

  4264. 

  4265. 	// --------------------------------------------------------------------
    4266. 

  4266. 

  4267. 	/**
    4268. 

  4268. 	 * Replace all form fields tags in the {freeform:all_form_fields} loop
    4269. 

  4269. 	 *
    4270. 

  4270. 	 * @access	protected
    4271. 

  4271. 	 * @param	string	$tagdata			incoming tagdata
    4272. 

  4272. 	 * @param	array	$fields				field_id => field_data array
    4273. 

  4273. 	 * @param	array	$field_order		order of field by field id (optional)
    4274. 

  4274. 	 * @param	array	$field_input_data	field input data (optional)
    4275. 

  4275. 	 * @return	string						transformed output data
    4276. 

  4276. 	 */
    4277. 

  4277. 

  4278. 	protected function replace_all_form_fields($tagdata,
    4279. 

  4279. 												$fields,
    4280. 

  4280. 												$field_order = array(),
    4281. 

  4281. 												$field_input_data = array())
    4282. 

  4282. 	{
    4283. 

  4283. 		// -------------------------------------
    4284. 

  4284. 		//	all form fields loop
    4285. 

  4285. 		// -------------------------------------
    4286. 

  4286. 		//	this can be used to build normal output
    4287. 

  4287. 		//	or custom output for edit.
    4288. 

  4288. 		// -------------------------------------
    4289. 

  4289. 

  4290. 		if (preg_match_all(
    4291. 

  4291. 			'/' . LD . 'freeform:all_form_fields.*?' . RD .
    4292. 

  4292. 				'(.*?)' .
    4293. 

  4293. 			LD . '\/freeform:all_form_fields' . RD . '/ms',
    4294. 

  4294. 			$tagdata,
    4295. 

  4295. 			$matches,
    4296. 

  4296. 			PREG_SET_ORDER
    4297. 

  4297. 		))
    4298. 

  4298. 		{
    4299. 

  4299. 			$all_field_replace_data = array();
    4300. 

  4300. 

  4301. 			$field_loop_ids = array_keys($fields);
    4302. 

  4302. 

  4303. 			// -------------------------------------
    4304. 

  4304. 			//	order ids?
    4305. 

  4305. 			// -------------------------------------
    4306. 

  4306. 

  4307. 			if ( ! is_array($field_order) AND is_string($field_order))
    4308. 

  4308. 			{
    4309. 

  4309. 				$field_order = $this->actions()->pipe_split($field_order);
    4310. 

  4310. 			}
    4311. 

  4311. 

  4312. 			$order_ids = array();
    4313. 

  4313. 

  4314. 			if (is_array($field_order))
    4315. 

  4315. 			{
    4316. 

  4316. 				$order_ids = array_filter($field_order, array($this, 'is_positive_intlike'));
    4317. 

  4317. 			}
    4318. 

  4318. 

  4319. 			if ( ! empty($order_ids))
    4320. 

  4320. 			{
    4321. 

  4321. 				//this makes sure that any fields in 'fields' are in the
    4322. 

  4322. 				//order set as well. Will add missing at the end like this
    4323. 

  4323. 				$field_loop_ids = array_merge(
    4324. 

  4324. 					$order_ids,
    4325. 

  4325. 					array_diff($field_loop_ids, $order_ids)
    4326. 

  4326. 				);
    4327. 

  4327. 			}
    4328. 

  4328. 

  4329. 			//build variables
    4330. 

  4330. 

  4331. 			ee()->load->model('freeform_form_model');
    4332. 

  4332. 

  4333. 			foreach ($field_loop_ids as $field_id)
    4334. 

  4334. 			{
    4335. 

  4335. 

  4336. 				if ( ! isset($fields[$field_id]))
    4337. 

  4337. 				{
    4338. 

  4338. 					continue;
    4339. 

  4339. 				}
    4340. 

  4340. 

  4341. 				$field_data = $fields[$field_id];
    4342. 

  4342. 

  4343. 				// -------------------------------------
    4344. 

  4344. 				//	get previous data
    4345. 

  4345. 				// -------------------------------------
    4346. 

  4346. 

  4347. 				$col_name = ee()->freeform_form_model->form_field_prefix . $field_id;
    4348. 

  4348. 

  4349. 				$display_field_data = '';
    4350. 

  4350. 

  4351. 				if (isset($field_input_data[$field_data['field_name']]))
    4352. 

  4352. 				{
    4353. 

  4353. 					$display_field_data = $field_input_data[$field_data['field_name']];
    4354. 

  4354. 				}
    4355. 

  4355. 				else if (isset($field_input_data[$col_name]))
    4356. 

  4356. 				{
    4357. 

  4357. 					$display_field_data = $field_input_data[$col_name];
    4358. 

  4358. 				}
    4359. 

  4359. 

  4360. 				// -------------------------------------
    4361. 

  4361. 				//	load field data
    4362. 

  4362. 				// -------------------------------------
    4363. 

  4363. 

  4364. 				$all_field_replace_data[] = array(
    4365. 

  4365. 					'freeform:field_id'		=> $field_id,
    4366. 

  4366. 					'freeform:field_data'	=> $display_field_data,
    4367. 

  4367. 					'freeform:field_name'	=> $field_data['field_name'],
    4368. 

  4368. 					'freeform:field_type'	=> $field_data['field_type'],
    4369. 

  4369. 					'freeform:field_label'	=> LD . 'freeform:label:' .
    4370. 

  4370. 												$field_data['field_name'] . RD,
    4371. 

  4371. 					'freeform:field_output'	=> LD . 'freeform:field:' .
    4372. 

  4372. 												$field_data['field_name'] . RD,
    4373. 

  4373. 					'freeform:field_description'	=> LD . 'freeform:description:' .
    4374. 

  4374. 												$field_data['field_name'] . RD
    4375. 

  4375. 				);
    4376. 

  4376. 			}
    4377. 

  4377. 

  4378. 			foreach ($matches as $match)
    4379. 

  4379. 			{
    4380. 

  4380. 				$tagdata_replace = ee()->TMPL->parse_variables(
    4381. 

  4381. 					$match[1],
    4382. 

  4382. 					$all_field_replace_data
    4383. 

  4383. 				);
    4384. 

  4384. 

  4385. 				$tagdata = str_replace($match[0], $tagdata_replace, $tagdata);
    4386. 

  4386. 			}
    4387. 

  4387. 		}
    4388. 

  4388. 

  4389. 		return $tagdata;
    4390. 

  4390. 	}
    4391. 

  4391. 	//END replace_all_form_fields
    4392. 

  4392. 

  4393. 

  4394. 	// --------------------------------------------------------------------
    4395. 

  4395. 

  4396. 	/**
    4397. 

  4397. 	 * Parse Status Tags
    4398. 

  4398. 	 *
    4399. 

  4399. 	 * Parses:
    4400. 

  4400. 	 * 	 	{freeform:statuses status="not closed|open"}
    4401. 

  4401. 	 *			{status_name} {status_value}
    4402. 

  4402. 	 *		{/freeform:statuses}
    4403. 

  4403. 	 *
    4404. 

  4404. 	 * @access	protected
    4405. 

  4405. 	 * @param	string $tagdata	tagdata to be parsed
    4406. 

  4406. 	 * @return	string			adjusted tagdata with status pairs parsed
    4407. 

  4407. 	 */
    4408. 

  4408. 

  4409. 	protected function parse_status_tags ($tagdata)
    4410. 

  4410. 	{
    4411. 

  4411. 		$matches 	= array();
    4412. 

  4412. 		$tag		= 'freeform:statuses';
    4413. 

  4413. 		$statuses	= $this->data->get_form_statuses();
    4414. 

  4414. 

  4415. 		preg_match_all(
    4416. 

  4416. 			'/' . LD . $tag . '.*?' . RD .
    4417. 

  4417. 				'(.*?)' .
    4418. 

  4418. 			LD . '\/' . $tag . RD . '/ms',
    4419. 

  4419. 			$tagdata,
    4420. 

  4420. 			$matches,
    4421. 

  4421. 			PREG_SET_ORDER
    4422. 

  4422. 		);
    4423. 

  4423. 

  4424. 		if ($matches AND
    4425. 

  4425. 			isset($matches[0]) AND
    4426. 

  4426. 			! empty($matches[0]))
    4427. 

  4427. 		{
    4428. 

  4428. 			foreach ($matches as $key => $value)
    4429. 

  4429. 			{
    4430. 

  4430. 				$replace_with	= '';
    4431. 

  4431. 				$tdata			= $value[1];
    4432. 

  4432. 

  4433. 				//no need for an if. if we are here, this matched before
    4434. 

  4434. 				preg_match(
    4435. 

  4435. 					'/' . LD . $tag . '.*?' . RD . '/',
    4436. 

  4436. 					$value[0],
    4437. 

  4437. 					$sub_matches
    4438. 

  4438. 				);
    4439. 

  4439. 

  4440. 				// Checking for variables/tags embedded within tags
    4441. 

  4441. 				// {exp:channel:entries channel="{master_channel_name}"}
    4442. 

  4442. 				if (stristr(substr($sub_matches[0], 1), LD) !== FALSE)
    4443. 

  4443. 				{
    4444. 

  4444. 					$sub_matches[0] = ee()->functions->full_tag(
    4445. 

  4445. 						$sub_matches[0],
    4446. 

  4446. 						$value[0]
    4447. 

  4447. 					);
    4448. 

  4448. 

  4449. 					// -------------------------------------
    4450. 

  4450. 					//	fix local tagdata
    4451. 

  4451. 					// -------------------------------------
    4452. 

  4452. 

  4453. 					preg_match(
    4454. 

  4454. 						'/' . preg_quote($sub_matches[0]) .
    4455. 

  4455. 							'(.*?)' .
    4456. 

  4456. 						LD . '\/' . $tag . RD . '/ms',
    4457. 

  4457. 						$value[0],
    4458. 

  4458. 						$tdata_matches
    4459. 

  4459. 					);
    4460. 

  4460. 

  4461. 					if (isset($tdata_matches[1]))
    4462. 

  4462. 					{
    4463. 

  4463. 						$tdata = $tdata_matches[1];
    4464. 

  4464. 					}
    4465. 

  4465. 				}
    4466. 

  4466. 

  4467. 				$tag_params = ee()->functions->assign_parameters(
    4468. 

  4468. 					$sub_matches[0]
    4469. 

  4469. 				);
    4470. 

  4470. 

  4471. 				$out_status = $statuses;
    4472. 

  4472. 

  4473. 				if (isset($tag_params['status']))
    4474. 

  4474. 				{
    4475. 

  4475. 					$names	= strtolower($tag_params['status']);
    4476. 

  4476. 					$not	= FALSE;
    4477. 

  4477. 

  4478. 					if (preg_match("/^not\s+/s", $names))
    4479. 

  4479. 					{
    4480. 

  4480. 						$names	= preg_replace('/^not\s+/s', '', $names);
    4481. 

  4481. 						$not	= TRUE;
    4482. 

  4482. 					}
    4483. 

  4483. 

  4484. 					$names = preg_split(
    4485. 

  4485. 						'/\|/s',
    4486. 

  4486. 						trim($names),
    4487. 

  4487. 						-1,
    4488. 

  4488. 						PREG_SPLIT_NO_EMPTY
    4489. 

  4489. 					);
    4490. 

  4490. 

  4491. 					foreach ($out_status as $status_name => $status_value)
    4492. 

  4492. 					{
    4493. 

  4493. 						if (in_array(strtolower($status_name), $names) == $not)
    4494. 

  4494. 						{
    4495. 

  4495. 							unset($out_status[$status_name]);
    4496. 

  4496. 						}
    4497. 

  4497. 					}
    4498. 

  4498. 				}
    4499. 

  4499. 

  4500. 				foreach ($out_status as $out_name => $out_value)
    4501. 

  4501. 				{
    4502. 

  4502. 					$replace_with .= str_replace(
    4503. 

  4503. 						array(LD . 'status_name' . RD, LD . 'status_label' . RD),
    4504. 

  4504. 						array($out_name, $out_value),
    4505. 

  4505. 						$tdata
    4506. 

  4506. 					);
    4507. 

  4507. 				}
    4508. 

  4508. 

  4509. 				//remove
    4510. 

  4510. 				$tagdata = str_replace($value[0], $replace_with, $tagdata);
    4511. 

  4511. 			}
    4512. 

  4512. 		}
    4513. 

  4513. 

  4514. 		return $tagdata;
    4515. 

  4515. 	}
    4516. 

  4516. 	//END parse_status_tags
    4517. 

  4517. 

  4518. 

  4519. 	// --------------------------------------------------------------------
    4520. 

  4520. 

  4521. 	/**
    4522. 

  4522. 	 * Runs each fields 'prep_multi_item_data' so that things like 'cat|~|dog'
    4523. 

  4523. 	 * dont show publicly
    4524. 

  4524. 	 *
    4525. 

  4525. 	 * @access	public
    4526. 

  4526. 	 * @param	string	$data		incoming data to parse
    4527. 

  4527. 	 * @param	string	$field_type	fieldtype data is from
    4528. 

  4528. 	 * @return	string				result of prepping multiitem data
    4529. 

  4529. 	 */
    4530. 

  4530. 

  4531. 	public function prep_multi_item_data($data = '', $field_type = 'text')
    4532. 

  4532. 	{
    4533. 

  4533. 		//nothing to do if its empty, yo
    4534. 

  4534. 		if ( ! $data)
    4535. 

  4535. 		{
    4536. 

  4536. 			return $data;
    4537. 

  4537. 		}
    4538. 

  4538. 

  4539. 		ee()->load->library('freeform_fields');
    4540. 

  4540. 

  4541. 		$instance =& ee()->freeform_fields->get_fieldtype_instance(
    4542. 

  4542. 			$field_type
    4543. 

  4543. 		);
    4544. 

  4544. 

  4545. 		$result = $instance->prep_multi_item_data($data);
    4546. 

  4546. 

  4547. 		//eh, bad dog
    4548. 

  4548. 		if ( ! $result)
    4549. 

  4549. 		{
    4550. 

  4550. 			return $data;
    4551. 

  4551. 		}
    4552. 

  4552. 

  4553. 		//array?
    4554. 

  4554. 		if ( ! is_string($result))
    4555. 

  4555. 		{
    4556. 

  4556. 			return implode("\n", (array) $result);
    4557. 

  4557. 		}
    4558. 

  4558. 

  4559. 		return $result;
    4560. 

  4560. 	}
    4561. 

  4561. 	//END prep_multi_item_data
    4562. 

  4562. 

  4563. 

  4564. 	// --------------------------------------------------------------------
    4565. 

  4565. 

  4566. 	/**
    4567. 

  4567. 	 * Replace Submit buttons with args
    4568. 

  4568. 	 *
    4569. 

  4569. 	 * @access public
    4570. 

  4570. 	 * @param	array  $options	input options
    4571. 

  4571. 	 * @return	string			parsed tagdata
    4572. 

  4572. 	 */
    4573. 

  4573. 

  4574. 	public function replace_submit($options = array())
    4575. 

  4575. 	{
    4576. 

  4576. 		$defaults = array(
    4577. 

  4577. 			'pre_args'	=> array(),
    4578. 

  4578. 			'post_args'	=> array(),
    4579. 

  4579. 			'tagdata'	=> '',
    4580. 

  4580. 			'tag'		=> '',
    4581. 

  4581. 			'remove'	=> false
    4582. 

  4582. 		);
    4583. 

  4583. 

  4584. 		//set vars
    4585. 

  4585. 		foreach($defaults as $key => $value)
    4586. 

  4586. 		{
    4587. 

  4587. 			$$key = (isset($options[$key])) ? $options[$key] : $value;
    4588. 

  4588. 		}
    4589. 

  4589. 

  4590. 		if (preg_match_all(
    4591. 

  4591. 				"/" . LD . preg_quote($tag, '/') . "\b(.*?)" . RD . "/ims",
    4592. 

  4592. 				$tagdata,
    4593. 

  4593. 				$matches
    4594. 

  4594. 			)
    4595. 

  4595. 		)
    4596. 

  4596. 		{
    4597. 

  4597. 			$total_matches 	= count($matches[0]);
    4598. 

  4598. 

  4599. 			for ($i = 0; $i < $total_matches; $i++)
    4600. 

  4600. 			{
    4601. 

  4601. 

  4602. 				// Checking for variables/tags embedded within tags
    4603. 

  4603. 				// {exp:channel:entries channel="{master_channel_name}"}
    4604. 

  4604. 				if (stristr(substr($matches[0][$i], 1), LD) !== FALSE)
    4605. 

  4605. 				{
    4606. 

  4606. 					$matches[0][$i] = ee()->functions->full_tag($matches[0][$i], $tagdata);
    4607. 

  4607. 				}
    4608. 

  4608. 

  4609. 				//if we aren't dealing with just random space
    4610. 

  4610. 				if (trim($matches[1][$i]) != '')
    4611. 

  4611. 				{
    4612. 

  4612. 					$args = ee()->functions->assign_parameters($matches[1][$i]);
    4613. 

  4613. 

  4614. 					$attr = array();
    4615. 

  4615. 

  4616. 					if ($args)
    4617. 

  4617. 					{
    4618. 

  4618. 						foreach ($args as $key => $value)
    4619. 

  4619. 						{
    4620. 

  4620. 							if (substr($key, 0, 5) == 'attr:')
    4621. 

  4621. 							{
    4622. 

  4622. 								$attr[substr($key, 5)] = $value;
    4623. 

  4623. 							}
    4624. 

  4624. 						}
    4625. 

  4625. 					}
    4626. 

  4626. 

  4627. 					//wont work without the name being correct
    4628. 

  4628. 					$args = array_merge(
    4629. 

  4629. 						$pre_args,
    4630. 

  4630. 						$attr,
    4631. 

  4631. 						$post_args
    4632. 

  4632. 					);
    4633. 

  4633. 

  4634. 					if ($remove)
    4635. 

  4635. 					{
    4636. 

  4636. 						$tagdata = str_replace(
    4637. 

  4637. 							$matches[0][$i],
    4638. 

  4638. 							'',
    4639. 

  4639. 							$tagdata
    4640. 

  4640. 						);
    4641. 

  4641. 					}
    4642. 

  4642. 					else
    4643. 

  4643. 					{
    4644. 

  4644. 						$tagdata = str_replace(
    4645. 

  4645. 							$matches[0][$i],
    4646. 

  4646. 							form_submit($args),
    4647. 

  4647. 							$tagdata
    4648. 

  4648. 						);
    4649. 

  4649. 					}
    4650. 

  4650. 				}
    4651. 

  4651. 				//END if trim
    4652. 

  4652. 			}
    4653. 

  4653. 			//END for
    4654. 

  4654. 		}
    4655. 

  4655. 		//END preg_match_all
    4656. 

  4656. 

  4657. 		return $tagdata;
    4658. 

  4658. 	}
    4659. 

  4659. 	//END replace_submit
    4660. 

  4660. 

  4661. 

  4662. 	// --------------------------------------------------------------------
    4663. 

  4663. 

  4664. 	/**
    4665. 

  4665. 	 * Do Exit
    4666. 

  4666. 	 *
    4667. 

  4667. 	 * Helper for unit tests so PHP exit isn't fired in the middle of it
    4668. 

  4668. 	 *
    4669. 

  4669. 	 * @access protected
    4670. 

  4670. 	 * @return void
    4671. 

  4671. 	 */
    4672. 

  4672. 

  4673. 	protected function do_exit()
    4674. 

  4674. 	{
    4675. 

  4675. 		if ($this->test_mode)
    4676. 

  4676. 		{
    4677. 

  4677. 			return;
    4678. 

  4678. 		}
    4679. 

  4679. 		else
    4680. 

  4680. 		{
    4681. 

  4681. 			exit();
    4682. 

  4682. 		}
    4683. 

  4683. 	}
    4684. 

  4684. 	//END do_exit
    4685. 

  4685. 

  4686. 

  4687. 	// --------------------------------------------------------------------
    4688. 

  4688. 

  4689. 	/**
    4690. 

  4690. 	 * EE 2.7+ restore xid with version check
    4691. 

  4691. 	 * @access	public
    4692. 

  4692. 	 * @return	voic
    4693. 

  4693. 	 */
    4694. 

  4694. 

  4695. 	public function restore_xid()
    4696. 

  4696. 	{
    4697. 

  4697. 		if (version_compare($this->ee_version, '2.7', '>=') &&
    4698. 

  4698. 			version_compare($this->ee_version, '2.8', '<'))
    4699. 

  4699. 		{
    4700. 

  4700. 			ee()->security->restore_xid();
    4701. 

  4701. 		}
    4702. 

  4702. 	}
    4703. 

  4703. 	//END restore_xid
    4704. 

  4704. }
    4705. 

  4705. // END CLASS Freeform
    4706.