Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Form Manager
- *
- *
- * Copyright 2010 Nickman
- */
- define('IN_MYBB', 1);
- require_once './global.php';
- if ($mybb->user['username'] == '')
- {
- $mybb->user['usergroup'] = '1';
- $mybb->user['postnum'] = 0;
- }
- $id=intval($_GET['id']);
- $captcha_shown=false;
- if ($id == '')
- {
- $get=$db->simple_select("forms","*","active='1'");
- add_breadcrumb("Forms", "forms.php");
- $html.="
- <html xml:lang=\"en\" lang=\"en\" xmlns=\"http://www.w3.org/1999/xhtml\">
- <head>
- <title>{$mybb->settings['bbname']}</title>
- {$headerinclude}
- </head>
- <body>
- {$header}<br/>
- <table border=\"0\" cellspacing=\"{$theme['borderwidth']}\" cellpadding=\"{$theme['tablespace']}\" class=\"tborder\" width=\"100%\">
- <tr>
- <td colspan='2' class=\"thead\" colspan=\"$cells\"><strong>Current Forms</strong></td></tr>
- <tr><td colspan='2' class='trow1'>
- <ul>";
- $i=0;
- while ($form = $db->fetch_array($get))
- {
- $perms=unserialize($form['permissions']);
- if (is_array($perms))
- {
- if (in_array($mybb->user['usergroup'],$perms) AND $mybb->user['postnum'] >= $form['required_posts'])
- {
- $i++;
- $html.="<li><a href='forms.php?id=$form[form_id]'>$form[name]</a></li>";
- }
- }
- }
- if ($i < 1)
- {
- $html.="No forms are currently available for you";
- }
- $html.= ("</td></tr></table>{$footer}</body></html>");
- output_page($html);
- exit();
- }
- $form=$db->fetch_array($db->simple_select("forms","*","form_id='$id'"));
- if ($form['uses'] != 0)
- {
- $ip=$_SERVER['REMOTE_ADDR'];
- $uid=$mybb->user['uid'];
- $get=$db->simple_select("forms_protect", "*","form_id='$id' AND (uid='$uid' OR ip='$ip')");
- if ($db->num_rows($get) >= $form['uses'])
- {
- error("You have reached the maximum uses of this form");
- }
- }
- $perms=unserialize($form['permissions']);
- $items=$db->query("SELECT * FROM ".TABLE_PREFIX."forms_items WHERE form_id='$id' ORDER BY `order` ASC");
- while ($quick=$db->fetch_array($items))
- {
- if ($quick['required'] == 1)
- {
- $required[]=$quick['item_id'];
- }
- }
- add_breadcrumb($form['name'], "forms.php?id=$id");
- //first let's check permissions
- if (!in_array($mybb->user['usergroup'],$perms))
- {
- error_no_permission();
- }
- if ($mybb->user['postnum'] < $form['required_posts'])
- {
- error_no_permission();
- }
- if ($form['active'] != '1')
- {
- error("Form Not Enabled");
- }
- if ($_POST["submitted"] == "")
- {
- $html.="<html xml:lang=\"en\" lang=\"en\" xmlns=\"http://www.w3.org/1999/xhtml\"><head>
- <title>{$mybb->settings['bbname']} - {$form['name']}</title>
- {$headerinclude}
- </head>
- <body>
- {$header}";
- $html.="<br/>
- <table border=\"0\" cellspacing=\"{$theme['borderwidth']}\" cellpadding=\"{$theme['tablespace']}\" class=\"tborder\" width=\"100%\">
- <tr>
- <td colspan='2' class=\"thead\" colspan=\"$cells\"><strong>{$form['name']}</strong></td></tr>
- <form action='' method='post'>";
- $r=1;
- $items=$db->query("SELECT * FROM ".TABLE_PREFIX."forms_items WHERE form_id='$id' ORDER BY `order` ASC");
- while ($item=$db->fetch_array($items))
- {
- $noshow=false;
- if ($item['type'] == 7)
- {
- $perms=unserialize($item['description']);
- if (is_array($perms))
- {
- if (!in_array($mybb->user['usergroup'],$perms))
- {
- $captcha_shown=true;
- }
- }
- else
- {
- $captcha_shown=true;
- }
- }
- if ($item['type'] == 8)
- {
- $html.="<tr><td colspan='2' class='tcat'>$item[name]</td></tr>";
- $noshow=true;
- }
- if ($item['type'] == 9)
- {
- $html.="<tr><td class='trow$r' colspan='2'>$item[description]</td></tr>";
- $noshow=true;
- }
- if ((($item['type'] !=7) OR ($item['type'] == '7' AND $captcha_shown == false)) AND !$noshow)
- {
- $html.="<tr><td class='trow$r'>";
- }
- if (is_array($required))
- {
- if (in_array($item['item_id'],$required))
- {
- $html.="<font color='red'>*</font>";
- }
- }
- if ($item['type'] != '7' AND !$noshow)
- {
- $html.="{$item['name']}<br/><small>{$item['description']}</small></td><td class='trow$r'>";
- }
- elseif ($item['type']== 7 AND $captcha_shown == false)
- {
- $html.="{$item['name']}</td><td class='trow$r'>";
- }
- switch($item['type'])
- {
- case 1:
- if ($item['size'] != '')
- {
- $size="size='$item[size]'";
- }
- if ($item['maxlength'] != '')
- {
- $max="maxlength='$item[maxlength]'";
- }
- $html.="<input class='$item[class]' type='text' name='$item[item_id]' value='$item[default_value]' $size $max/>";
- break;
- case 2:
- $html.="<textarea class='$item[class]' cols='$item[cols]' rows='$item[rows]' name='$item[item_id]'>$item[default_value]</textarea>";
- break;
- case 3:
- $options=explode("|",$item['options']);
- $html.="<select class='$item[class]' name='$item[item_id]'>";
- foreach ($options AS $value)
- {
- if ($value == $item['default_value'])
- {
- $html.="<option selected>$value</option>";
- }
- else
- {
- $html.="<option>$value</option>";
- }
- }
- break;
- case 4:
- $options=explode("|",$item['options']);
- $html.="<select class='$item[class]' name='$item[item_id][]' multiple='multiple'>";
- foreach ($options AS $value)
- {
- if ($value == $item['default_value'])
- {
- $html.="<option selected>$value</option>";
- }
- else
- {
- $html.="<option>$value</option>";
- }
- }
- break;
- case 5:
- $options=explode("|",$item['options']);
- foreach ($options AS $value)
- {
- if ($value == $item['default_value'])
- {
- $html.="$value: <input name='$item[item_id]' type='radio' class='$item[class]' value='$value' checked/> ";
- }
- else
- {
- $html.="$value: <input name='$item[item_id]' type='radio' class='$item[class]' value='$value'/> ";
- }
- }
- break;
- case 6:
- $options=explode("|",$item['options']);
- foreach ($options AS $value)
- {
- if ($value == $item['default_value'])
- {
- $html.="$value: <input name='$item[item_id][]' type='checkbox' class='$item[class]' value='$value' checked/> ";
- }
- else
- {
- $html.="$value: <input name='$item[item_id][]' type='checkbox' class='$item[class]' value='$value'/> ";
- }
- }
- break;
- case 7:
- if (!$captcha_shown)
- {
- $lang->load("member");
- //Change it up!
- $lang->verification_note="Please verify that you are in fact human by entering the letters in the image below";
- $randomstr = random_str(5);
- $imagehash = md5(random_str(12));
- $regimagearray = array(
- "imagehash" => $imagehash,
- "imagestring" => $randomstr,
- "dateline" => TIME_NOW
- );
- $db->insert_query("captcha", $regimagearray);
- eval("\$regimage = \"".$templates->get("member_register_regimage")."\";");
- $html.="<input type='hidden' value='yes' name='checkcaptcha'/>";
- $html.="$regimage";
- $captcha_shown=true;
- }
- $captchas++;
- break;
- if ($item['type'] != '7' OR $captchas <= 1 AND !$noshow)
- {
- $html.="</td></tr>\n";
- }
- if ($r == 1)
- {
- $r=2;
- }
- else {
- $r=1;
- }
- }
- }
- $html.= ("<tr class='trow$r'><td colspan='2'><input type='hidden' name='submitted' value='yes'/><input type='submit' value='Submit'/></form></td></tr>
- </table>
- {$footer}
- </body>
- </html>");
- output_page($html);
- }
- else
- {
- if ($mybb->input['checkcaptcha'] != '')
- {
- $imagehash = $db->escape_string($mybb->input['imagehash']);
- $imagestring = $db->escape_string(my_strtolower($mybb->input['imagestring']));
- $query = $db->simple_select("captcha", "*", "imagehash='$imagehash' AND LOWER(imagestring)='$imagestring'");
- $imgcheck = $db->fetch_array($query);
- if(!$imgcheck['dateline'])
- {
- error("The captcha you entered was incorrect");
- }
- $db->delete_query("captcha", "imagehash='$imagehash'");
- }
- foreach ($required AS $value)
- {
- if ($_POST[$value] == '')
- {
- error("You left a required field blank");
- }
- }
- $id=intval($_GET['id']);
- $items=$db->query("SELECT * FROM ".TABLE_PREFIX."forms_items WHERE form_id='$id' ORDER BY `order` ASC");
- while ($item=$db->fetch_array($items))
- {
- if ($_POST[$item['item_id']] == '')
- {
- $_POST[$item['item_id']] = "Not answered";
- }
- if ($item['type'] != '7' AND $item['type'] != '8' AND $item['type'] != '9')
- {
- add_item($item['name'],$_POST[$item['item_id']]);
- }
- }
- $ip=$_SERVER['REMOTE_ADDR'];
- $insert=array(
- 'form_id'=>$id,
- 'uid'=>$mybb->user['uid'],
- 'ip'=>$ip);
- $db->insert_query("forms_protect",$insert);
- $bbmessage=make_message('1');
- $message=make_message('2');
- //Let's PM the user!
- if ($form['pm_uid'] != '')
- {
- require_once MYBB_ROOT."inc/datahandlers/pm.php";
- $pmhandler = new PMDataHandler();
- $pm = array(
- "subject" => "Form Submission: $form[name]",
- "message" => $bbmessage,
- "icon" => -1,
- "fromid" => intval($mybb->user['uid']),
- "toid" => array($form['pm_uid']),
- "bccid" => '',
- "do" => '',
- "pmid" => ''
- );
- $pm['saveasdraft'] = 0;
- $pmhandler->admin_override = 1;
- $pmhandler->set_data($pm);
- if($pmhandler->validate_pm())
- {
- $pmhandler->insert_pm();
- }
- }
- if ($form['forum_fid'] != 0)
- {
- $user=$mybb->user['username'];
- if ($user == '')
- {
- $user="Guest";
- }
- $uid=$mybb->user['uid'];
- $insert_array = array(
- "fid" => intval($form['forum_fid']),
- "subject" => "Form Submission: $form[name]",
- "icon" => 0,
- "uid" => intval($uid),
- "username" => $user,
- "dateline" => time(),
- "lastpost" => time(),
- "closed" => "",
- "visible" => 1,
- );
- $db->insert_query("threads", $insert_array);
- $newtid = $db->insert_id();
- $insert_post = array(
- "tid" => intval($newtid),
- "subject" => "Form Submission: $form[name]",
- "fid" => intval($form[forum_fid]),
- "uid" => intval($uid),
- "username" => $user,
- "dateline" => time(),
- "message" => $bbmessage,
- "visible" => 1,
- );
- $db->insert_query("posts", $insert_post);
- //UPDATE POSTCOUNT
- $update_posts = array(
- "postnum" => $mybb->user['postnum']+1,
- );
- $db->update_query("users", $update_posts, "uid='$uid'");
- //UPDATE STATS
- update_thread_counters($newtid, array("replies" => "+1"));
- update_forum_counters($form['forum_fid'], array("threads" => "+1", "posts" => "+1"));
- update_forum_lastpost($form['forum_fid']);
- $cache->update_stats();
- }
- if ($form['email_addresses'] != '')
- {
- $emails=explode(",",$form['email_addresses']);
- foreach ($emails AS $email)
- {
- mail($email,"Form Submission: $form[name]",$message);
- }
- }
- redirect("index.php", "Form Submitted");
- }
- function add_item($name,$value)
- {
- global $names,$values;
- $names[]=$name;
- if (is_array($value))
- {
- $value=implode(",",$value);
- }
- $values[]=$value;
- }
- function make_message($type)
- {
- global $names,$db,$values;
- if (count($names) != count($values))
- {
- error("An unexpected error has occurred");
- }
- else
- {
- $i=0;
- while ($i < count($names))
- {
- //BBCode
- if ($type == '1')
- {
- $message.="[b]{$names[$i]}[/b]: {$values[$i]}[hr]";
- }
- else
- {
- $message.="{$names[$i]}: {$values[$i]}\n";
- }
- $i++;
- }
- return $db->escape_string($message);
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement