';
$CNT_TMP .= headline($crow["acontent_title"], $crow["acontent_subtitle"], $template_default["article"]);
$cnt_form = unserialize($crow["acontent_form"]);
// save default form tracking status
$default_formtracking_value = $phpwcms['form_tracking'];
// check form related form tracking status
if(isset($cnt_form['formtracking_off']) && $cnt_form['formtracking_off'] == 1) {
$phpwcms['form_tracking'] = 0;
}
$form_error_text = '';
$form_cnt = $cnt_form['labelpos']== 2 ? $cnt_form['customform'] : '';
// set sender email address
if(empty($cnt_form['sendertype']) || $cnt_form['sendertype'] == 'system') {
$cnt_form['sender'] = $phpwcms['SMTP_FROM_EMAIL'];
} elseif($cnt_form['sendertype'] == 'email' && !is_valid_email($cnt_form['sender'])) {
$cnt_form['sender'] = $phpwcms['SMTP_FROM_EMAIL'];
}
// basic sender name check
if(empty($cnt_form['sendernametype'])) {
$cnt_form['sendername'] = '';
$cnt_form['sendernametype'] = '';
} elseif($cnt_form['sendernametype'] == 'system') {
$cnt_form['sendername'] = $phpwcms['SMTP_FROM_NAME'];
}
if(empty($cnt_form['sendername'])) {
$cnt_form['sendername'] = '';
}
if(empty($cnt_form["error_class"])) {
$cnt_form["error_class"] = 'error';
}
// set enctype mode false (no upload)
$cnt_form['is_enctype'] = false;
/*
* Browse form fields
*/
if(isset($cnt_form["fields"]) && is_array($cnt_form["fields"]) && count($cnt_form["fields"])) {
$form_counter = 0;
$cnt_form['label_wrap'] = explode('|', $cnt_form['label_wrap']);
$cnt_form['label_wrap'][0] = !empty($cnt_form['label_wrap'][0]) ? trim($cnt_form['label_wrap'][0]) : '';
$cnt_form['label_wrap'][1] = !empty($cnt_form['label_wrap'][1]) ? trim($cnt_form['label_wrap'][1]) : '';
$form_field_hidden = '';
$cnt_form['regx_pattern'] = array(
'A-Z' => '/^[A-Z]+$/',
'a-Z' => '/^[a-zA-Z]+$/',
'a-z' => '/^[a-z]+$/',
'0-9' => '/^[0-9]+$/',
'PHONE' => '/^[+]?([0-9]*[\.\s\-\(\)\/]|[0-9]+){3,24}$/',
'INT' => '/^[0-9\-\+]+$/',
'WORD' => '/^[\w]+$/',
'LETTER+SPACE' => '/^[a-z _\-\:]+$/i'
);
if(!empty($_POST['cpID'.$crow["acontent_id"]]) && intval($_POST['cpID'.$crow["acontent_id"]]) == $crow["acontent_id"]) {
$POST_DO = true;
$POST_val = array();
$cache_nosave = true;
} else {
$POST_DO = false;
}
// make spam check
if($POST_DO && !checkFormTrackingValue()) {
$POST_ERR['spamFormAlert'.time()] = '[span_class:spamFormAlert]Your IP '.getRemoteIP().' is not allowed to send form![/class]';
}
foreach($cnt_form["fields"] as $key => $value) {
$form_field = '';
$form_name = html_specialchars($cnt_form["fields"][$key]['name']);
$POST_name = $cnt_form["fields"][$key]['name'];
switch($cnt_form["fields"][$key]['type']) {
case 'text' : /*
* Text
*/
if($POST_DO && isset($_POST[$POST_name])) {
$POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name]));
if($cnt_form["fields"][$key]['required'] && $POST_val[$POST_name] == '') {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
} else {
$cnt_form["fields"][$key]['value'] = $POST_val[$POST_name];
}
}
//
$form_field .= 'validRequest($POST_val[$POST_name])) {
$spaf_obj->destroy();
} else {
$POST_ERR[$key] = empty($cnt_form["fields"][$key]['error']) ? 'Captcha error' : $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
}
$cnt_form["fields"][$key]['value'] = '';
}
//
$form_field .= ' empty($cnt_form["fields"][$key]['value']['public_key']) ? get_user_rc('pu') : $cnt_form["fields"][$key]['value']['public_key'],
'private_key' => empty($cnt_form["fields"][$key]['value']['private_key']) ? get_user_rc('pr') : $cnt_form["fields"][$key]['value']['private_key'],
'lang' => empty($cnt_form["fields"][$key]['value']['lang']) ? $phpwcms['default_lang'] : $cnt_form["fields"][$key]['value']['lang'],
'theme' => empty($cnt_form["fields"][$key]['value']['theme']) ? 'clear' : $cnt_form["fields"][$key]['value']['theme'],
'tabindex' => empty($cnt_form["fields"][$key]['value']['tabindex']) ? 0 : $cnt_form["fields"][$key]['value']['tabindex'],
'error' => NULL
);
if($POST_DO && isset($_POST['recaptcha_response_field']) && isset($_POST['recaptcha_challenge_field'])) {
$cnt_form['recaptcha']['response'] = recaptcha_check_answer($cnt_form['recaptcha']['private_key'], $_SERVER["REMOTE_ADDR"], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if(!$cnt_form['recaptcha']['response']->is_valid) {
$cnt_form['recaptcha']['error'] = $cnt_form['recaptcha']['response']->error;
$POST_ERR[$key] = empty($cnt_form["fields"][$key]['error']) ? $cnt_form['recaptcha']['error'] : $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
}
}
//
$form_field = '
'',
'type' => 'MIX',
'dateformat' => 'm/d/Y',
'pattern' => '/.*?/'
);
//
if($cnt_form["fields"][$key]['value']) {
$cnt_form['special_value'] = str_replace( array('"', "'", "\r'"), '', $cnt_form["fields"][$key]['value'] );
$cnt_form['special_value'] = explode("\n", $cnt_form['special_value']);
$cnt_form["fields"][$key]['value'] = '';
if(is_array($cnt_form['special_value']) && count($cnt_form['special_value'])) {
foreach($cnt_form['special_value'] as $cnt_form['special_key'] => $cnt_form['special_val']) {
$temp_array = explode('=', $cnt_form['special_val']);
switch($temp_array[0]) {
case 'default': $cnt_form['special_attribute']['default'] = isset($temp_array[1]) ? $temp_array[1] : '';
break;
case 'type': $cnt_form['special_attribute']['type'] = isset($temp_array[1]) ? $temp_array[1] : 'MIX';
break;
case 'dateformat': $cnt_form['special_attribute']['dateformat'] = isset($temp_array[1]) ? $temp_array[1] : 'm/d/Y';
break;
case 'pattern': $cnt_form['special_attribute']['pattern'] = isset($temp_array[1]) ? $temp_array[1] : '/.*?/';
break;
}
}
}
}
$cnt_form["fields"][$key]['value'] = isset($cnt_form['special_attribute']['default']) ? $cnt_form['special_attribute']['default'] : '';
if($POST_DO && isset($_POST[$POST_name])) {
$POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name]));
if($cnt_form["fields"][$key]['required'] && $POST_val[$POST_name] == '') {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
} else {
$cnt_form["fields"][$key]['value'] = $POST_val[$POST_name];
// try to check for special value
if(isset($cnt_form['special_attribute']['type'])) {
switch($cnt_form['special_attribute']['type']) {
case 'A-Z':
case 'a-Z':
case 'a-z':
case '0-9':
case 'WORD':
case 'LETTER+SPACE':
case 'PHONE':
case 'INT': if($cnt_form["fields"][$key]['value'] !== '' && !preg_match($cnt_form['regx_pattern'][ $cnt_form['special_attribute']['type'] ], $cnt_form["fields"][$key]['value'])) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
} /* else { $cnt_form["fields"][$key]['value'] = $cnt_form["fields"][$key]['value']; } */
break;
case 'REGEX': if($cnt_form["fields"][$key]['value'] !== '' && !preg_match($cnt_form['special_attribute']['pattern'], $cnt_form["fields"][$key]['value'])) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
}
break;
case 'DEC':
case 'FLOAT': if($cnt_form["fields"][$key]['value'] !== '' && !is_float_ex($cnt_form["fields"][$key]['value'])) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
}
break;
case 'IDENT': if(isset($cnt_form['special_attribute']['default']) &&
decode_entities($cnt_form['special_attribute']['default']) != decode_entities($cnt_form["fields"][$key]['value'])) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
}
break;
case 'DATE': if($cnt_form["fields"][$key]['value'] !== '' && isset($cnt_form['special_attribute']['dateformat']) &&
!is_date($cnt_form["fields"][$key]['value'], $cnt_form['special_attribute']['dateformat'])) {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
}
break;
}
}
}
} else {
if(isset($cnt_form['special_attribute']['default']) && isset($cnt_form['special_attribute']['type']) &&
$cnt_form['special_attribute']['type'] == 'DATE' && $cnt_form['special_attribute']['default'] == 'NOW') {
echo 'ja';
if(isset($cnt_form['special_attribute']['dateformat'])) {
$cnt_form["fields"][$key]['value'] = date($cnt_form['special_attribute']['dateformat']);
} else {
$cnt_form["fields"][$key]['value'] = date('m/d/Y');
}
}
}
//
$form_field .= '
';
break;
case 'hidden' : /*
* Hidden
*/
if($POST_DO && isset($_POST[$POST_name])) {
$POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name]));
if($cnt_form["fields"][$key]['required'] && $POST_val[$POST_name] == '') {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
} else {
$cnt_form["fields"][$key]['value'] = $POST_val[$POST_name];
}
}
//
$form_field_hidden .= '
';
break;
case 'password' : /*
* Password
*/
if($POST_DO && isset($_POST[$POST_name])) {
$POST_val[$POST_name] = remove_unsecure_rptags(clean_slweg($_POST[$POST_name]));
if($cnt_form["fields"][$key]['required'] && $POST_val[$POST_name] == '') {
$POST_ERR[$key] = $cnt_form["fields"][$key]['error'];
$cnt_form["fields"][$key]['class'] = getFieldErrorClass($value['class'], $cnt_form["error_class"]);
} else {
$cnt_form["fields"][$key]['value'] = $POST_val[$POST_name];
}
}
//
$form_field .= '
' . LF;
}
$form_field .= list_country($option_value, $form_value['lang']);
// build value/option select menu
} else {
$form_value = explode("\n", $cnt_form["fields"][$key]['value']);
$form_value = array_map('trim', $form_value);
$form_value = array_diff($form_value, array(''));
if(count($form_value)) {
$form_optgroup = false;
foreach($form_value as $option_value) {
// search for OPTGROUP
if( strpos(strtoupper($option_value), 'OPTGROUP') === 0 ) {
$option_value = explode(' ', $option_value, 2);
if(isset($option_value[1]) ) {
$option_value = trim($option_value[1]);
$form_field .= '
'.LF;
$form_optgroup = false;
}
continue;
}
// check if select item has specila value and name
$option_value = explode('-|-', $option_value, 2);
$option_label = $option_value[0];
$option_value = isset($option_value[1]) ? $option_value[1] : $option_label;
if(substr($option_label, -2) === ' -') {
$option_label = trim( substr($option_label, 0, strlen($option_label) -2) );
}
$option_label = str_replace(' selected', '', $option_label);
if(isset($POST_val[$POST_name]) && $POST_val[$POST_name] == $option_value) {
$option_value .= ' selected';
}
$option_value = html_specialchars($option_value);
if(substr($option_value, -2) === ' -') {
$form_field .= '