}
/* breadcrumb */
$tempSitepart = array(
"navigation_has_sitepart_id" => $sitepart_id
);
$queryFormData = "SELECT * FROM contactform_header WHERE id = '" . $sitepart_id."'";
$resultFormData = @mysqli_query($GLOBALS['mysql_con'], $queryFormData);
$contactFormData = @mysqli_fetch_array($resultFormData);
$header_id = $contactFormData['id'];
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$spid = 0;
$userId = 0;
$addUser = FALSE;
if (isset($_GET["action" . $sitepart_id]) && $_GET["action" . $sitepart_id] == "send" && !empty($_POST)) {
$requestmassage = "";
$success = false;
$_REQUEST['input_contactform'] = $header_id;
// daten sammeln
$query = "SELECT * FROM contactform_header WHERE id = '" . $sitepart_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contactform_header = @mysqli_fetch_array($result);
$filetypeError = FALSE;
$error = FALSE;
$captchError = FALSE;
$message = "";
/** Neu Abfrage aus welcher Seite Anfrage geschickt wurde */
$navigation_pfad = $_SERVER['HTTP_HOST'];
$navigation_pfad .= navigation_path($GLOBALS["site"],$GLOBALS["language"],$GLOBALS["navigation"]);
// $navigation_pfad .= $_SERVER['REQUEST_URI'];
$message .= "Kontaktanfrage aus: ".$navigation_pfad."\n";
$message .= "Menücode: ".$_SERVER['HTTP_REFERER']."\n\n";
$ajaxHelper = "";
if(isset($_GET['ajax'])){
$ajaxHelper = "~|~";
}
//recaptcha
if ($contactform_header['recaptcha_active'] == 1) {
$secretKey = $GLOBALS['site']['secretkey'];
$responseKey = $_POST['g-recaptcha-response'];
$userIP = $_SERVER['REMOTE_ADDR'];
$url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
$response = file_get_contents($url);
$data = json_decode($response);
if($data->success==FALSE){
$error = TRUE;
$captchError = TRUE;
}
}
$query = "SELECT * FROM contactform_line WHERE header_id = '" . $sitepart_id . "' ORDER BY sorting ASC";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
// for ($resultArray = array(); $row = @mysqli_fetch_array($result); $resultArray[] = $row) {
// }
// print_r($resultArray);
if (@mysqli_num_rows($result) > 0) {
unset($field_errors);
$field_errors = array();
$attachements = array();
// survey
if($contactFormData['is_survey']){
$querySurveyData = "SELECT * FROM survey_persons WHERE header_id = '" . $header_id."' AND ip_address='". $_SERVER['REMOTE_ADDR']."' AND email='". $_REQUEST["input_survey_email"]."' ";
$resultSurveyData = @mysqli_query($GLOBALS['mysql_con'], $querySurveyData);
if (@mysqli_num_rows($resultSurveyData) > 0) {
$error = TRUE;
$requestmassage .= "
Sie haben die Umfrage bereits eingereicht
" ;
}else{
// insert
$querySurveyInsert = "INSERT INTO survey_persons (name, email,header_id,ip_address)
VALUES (
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_survey_name"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_survey_email"]) . "',
'" . $header_id . "',
'" . $_SERVER['REMOTE_ADDR'] . "'
)";
if (@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert)) {
$spid = mysqli_insert_id($GLOBALS['mysql_con']);
}
// insert end
}
}
// survey end
// check for the user registration
if($contactFormData['is_registration']){
$queryPerson = "SELECT * FROM bewerber_user WHERE contact_form_id = '" . $header_id."' AND email='". $_REQUEST["registration_email"]."' ";
$resultPerson = @mysqli_query($GLOBALS['mysql_con'], $queryPerson);
if (@mysqli_num_rows($resultPerson) > 0) {
// $error = TRUE;
// $requestmassage .= "".$translation->get('user_exist')."
" ;
$row = @mysqli_fetch_array($resultPerson);
$userId = $row['id'];
}else{
// insert
$_REQUEST["input_user_password"] = '123456';
$queryInsert = "INSERT INTO bewerber_user (name, email,password,main_site_id, main_language_id, contact_form_id, modified_date)
VALUES (
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["registration_name"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["registration_email"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], md5($_REQUEST["input_user_password"])) . "',
'".$GLOBALS['site']['id']."',
'".$GLOBALS["language"]['id']."',
'" . $header_id . "',
'" . time() . "'
)";
if (@mysqli_query($GLOBALS['mysql_con'], $queryInsert)) {
$userId = mysqli_insert_id($GLOBALS['mysql_con']);
$addUser = TRUE;
}
$message .= "" . $translation->get('new_user_detail') . ": " . "\n";
$message .= "" . $translation->get("name") . ": " . $_POST["registration_name"] . "\n";
$message .= "" . $translation->get("email") . ": " . $_POST["registration_email"] . "\n";
// insert end
}
}
// check for the user registration end
// contact form linked in collection
if((isset($_POST['contact_field_id']) && isset($_POST['main_collection_id']) && $_POST['contact_field_id'] != 0 && $_POST['main_collection_id'] != 0)){
$queryLinked = "SELECT * FROM main_collection_contact_linked WHERE main_collection_id = ".$_POST['main_collection_id']." AND field_id = ".$_POST['contact_field_id'];
$resultLinked = @mysqli_query($GLOBALS['mysql_con'], $queryLinked);
if (@mysqli_num_rows($resultLinked) > 0) {
$row = @mysqli_fetch_array($resultLinked);
$contactform_header["recipient_email"] = $row['receiver_email'];
$contactform_header["recipient_name"] = $row['receiver_name'];
}
$queryCollection = "SELECT mc.*, mcs.collection_type FROM main_collection as mc INNER JOIN main_collection_setup as mcs on mc.main_collection_setup_id = mcs.id WHERE mc.id = '" . $_POST['main_collection_id']."' ";
$resultCollection = @mysqli_query($GLOBALS['mysql_con'], $queryCollection);
if (@mysqli_num_rows($resultCollection) > 0) {
$collection = @mysqli_fetch_array($resultCollection);
if($collection['collection_type'] == 2){
$queryLinked = "SELECT * FROM bewerbung WHERE main_collection_id = ".$_POST['main_collection_id']." AND contact_id = ".$header_id." AND user_id = ".$userId;
$resultLinked = @mysqli_query($GLOBALS['mysql_con'], $queryLinked);
if (@mysqli_num_rows($resultLinked) > 0) {
$addUser = FALSE;
$error = TRUE;
$requestmassage .= "".$translation->get('user_exist')."
" ;
}else{
$queryInsert = "INSERT INTO bewerbung (contact_id,user_id,main_collection_id, modified_date)
VALUES (
'" . $header_id . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $userId) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['main_collection_id']) . "',
'". time()."'
)";
$addUser = TRUE;
@mysqli_query($GLOBALS['mysql_con'], $queryInsert) ;
}
}
}
}
$anonymous = 0;
// contact form linked in collection end
while ($field = @mysqli_fetch_array($result)) {
if ( ($field["code"] != 'registration_name' && $field["code"] != 'registration_email') && $_POST["input_" . $field["code"]] == '' &&
$field["mandatory"] &&
($field["typ"] != 8 || $field["typ"] != 10)
) {
$error = TRUE;
array_push($field_errors, $field['id']);
}
$linkedText = ' ';
switch ($field["typ"]) {
case 1:
if($field['code'] == 'subject'){
$contactform_header["subject"] = $_POST["input_" . $field["code"]];
}
if($anonymous == 1 && $field['code'] == "main_contact_id"){
$message .= "" . $field["name"] . ": " . "anonym" . "\n";
}else{
$message .= "" . $field["name"] . ": " . $_POST["input_" . $field["code"]] . "\n";
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $_POST["input_" . $field["code"]] . "',
'" . $linkedText . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
break;
case 2:
$search_array = array('\r\n','\n\r','\r','\n');
$replace_array = array(PHP_EOL,PHP_EOL,PHP_EOL,PHP_EOL);
$cleaned_text = str_replace($search_array, $replace_array, $_POST["input_" . $field["code"]]);
$message .= " " . $field["name"] . " " . $cleaned_text . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
break;
case 3:
$boolean_text = ($_POST["input_" . $field["code"]]) ? "Ja" : "Nein";
// var_dump($field["code"]);
// var_dump($boolean_text);
if ($field["code"] == "hinweis" and $boolean_text == "Ja") {
$anonymous = 1;
// print_r($anonymous);
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n" . $field["name"] . ": " . $boolean_text . "\n";
break;
case 9:
if($_POST["input_" . $field["id"]] != NULL){
$boolean_text = '';
foreach($_POST["input_" . $field["id"]] as $key => $val){
$boolean_text .= $val.'
';
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n" . $field["name"] . ":
" . $boolean_text . "\n";
if($contactFormData['is_multistep'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
}
}
}
}
}
break;
case 10:
if($_POST["input_" . $field["id"]] != NULL){
$boolean_text = ($_POST["input_" . $field["id"]]) ? $_POST["input_" . $field["id"]] : "";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n" . $field["name"] . ": " . $boolean_text . "\n";
$linkedText = '';
$clo_id = 0;
if($contactFormData['is_multistep'] == 1 || $contactFormData['is_survey'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id']; ;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['option_string'] == $boolean_text){
$clo_id = $option['id'];
}
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
$linkedText = $_POST["inputlinked_" . $field["id"].'_'.$option['id']];
}
}
}
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other, clo_id)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $boolean_text . "',
'" . $linkedText . "',
".$clo_id."
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
}
break;
case 4:
$message .= "" . $field["name"] . ": " . $_POST["input_" . $field["code"]] . "\n";
$boolean_text = ($_POST["input_" . $field["code"]]) ? $_POST["input_" . $field["code"]] : "";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
if($contactFormData['is_multistep'] == 1 || $contactFormData['is_survey'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id']; ;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
$clo_id = 0;
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['option_string'] == $boolean_text){
$clo_id = $option['id'];
}
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
$linkedText = $_POST["inputlinked_" . $field["id"].'_'.$option['id']];
}
}
}
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other, clo_id)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $boolean_text . "',
'" . $linkedText . "',
".$clo_id."
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
break;
case 5:
$message .= "" . $field["name"] . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $field["name"]);
}
break;
case 6:
$message .= "\n";
break;
case 7:
$message .= "" . $_POST["input_" . $field["code"]] . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]] );
}
break;
case 11: // Datum
$date = new DateTime($_POST["input_" . $field["code"]]);
$message .= "" . $field["name"] . ": " . $date->format('d.m.Y') . "
";
break;
if (copy($attachemend["tmp_name"], rtrim(dirname(dirname(__DIR__)),"/") . '/userdata/mail_attachments/' . $attachemend["name"] . '')) {
$attachements[] = $attachemend["name"];
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $attachemend["name"]);
}
}
break;
case 11:
$message .= "" . $field["name"] . ": " . $_POST["input_" . $field["code"]] . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
break;
case 8:
$attachemend = $_FILES["input_" . $field["code"]];
if ($attachemend["name"] == "" && $field["mandatory"]) {
$error = TRUE;
break;
}
if ($attachemend["name"] == "") {
break;
}
$not_allowed_filetypes = array('php');
$pos = strrpos($attachemend["name"], '.');
$ext = strtolower(substr($attachemend["name"], $pos + 1));
if (in_array($ext, $not_allowed_filetypes)) {
$filetypeError = TRUE;
$error = TRUE;
break;
}
if (copy($attachemend["tmp_name"], rtrim(dirname(dirname(__DIR__)),"/") . '/userdata/mail_attachments/' . $attachemend["name"] . '')) {
$attachements[] = $attachemend["name"];
}
break;
}
}
}
if (($_POST["input_captcha1"] <> "") | ((time() - $_POST["input_captcha2"]) < 5)) {
$error = TRUE;
$requestmassage .= $GLOBALS['tc']['contactform_spam'];
}
if($captchError == TRUE){
echo $ajaxHelper . "Bitte verwenden Sie das Captcha
" . $ajaxHelper;
}else{
echo $ajaxHelper . "" . $ajaxHelper;
}
if ($filetypeError === true) {
echo $ajaxHelper . "Upload von PHP Dateien nicht erlaubt
" . $ajaxHelper;
}
//DUP breadcrumb upload mehrere Dateien update
if (!$error) {
//fügt Daten ins Array
foreach ($attachements as $attachement_line) {
$file[] = "/userdata/mail_attachments/" . $attachement_line;
}
// AUTOMATISCHE ANTWORT
if($contactform_header["auto_answer"] != "" && $GLOBALS['main_contact']['email'] != ""){
if (mail_create($contactform_header["subject"],
$contactform_header["auto_answer"],
$contactform_header["sender_email"],
$GLOBALS['main_contact']['email'],
$contactform_header["sender_name"],
$GLOBALS['main_contact']['email'],
FALSE,
"",
"",
"", 0, "", "", $contact_form_id)) {
mail_send();
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
}
if($sitepart_id == 1){
$mandant_id = $GLOBALS["main_contact"]['master_mandant_id'];
$contact_id = $GLOBALS["main_contact"]['id'];
$query = "SELECT * FROM main_contact_department LEFT JOIN main_collection as mc on mc.id = plg.portal_group_id WHERE plg.portal_login_id ='".$login_id."' AND plg.portal_group_id = '".$group_id."' AND plg.email != ''";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$res = mysqli_fetch_array($result);
$contactform_header2["sender_email"] = $contactform_header["sender_email"];
$contactform_header2["sender_name"] = $contactform_header["sender_name"];
$contactform_header["sender_email"] = $GLOBALS["main_contact"]['email'];
$contactform_header["sender_name"] = $GLOBALS["main_contact"]['name'];
$contactform_header["subject"] = "Abwesenheit | {$GLOBALS["main_contact"]['name']}";
}
if($sitepart_id == 2){
$contactform_header["sender_email"] = $GLOBALS["main_contact"]['email'];
$contactform_header["sender_name"] = $GLOBALS["main_contact"]['name'];
$query = 'SELECT * from main_contact WHERE id = '.$_REQUEST['input_user'].' LIMIT 1';
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 1) {
$user = @mysqli_fetch_array($result);
if($user['email'] != NULL && $user['email'] != ''){
$contactform_header["recipient_name"] = $user['name'];
$contactform_header["recipient_email"] = $user['email'];
}
}
}
// Sende E-Mail an Firmen-Email
if($sitepart_id == 1){
$query = "SELECT * FROM main_contact_department WHERE main_contact_id = ".$GLOBALS["main_contact"]['id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$input_arbeitsunfaehigkeitsbescheinigung = $_POST['input_arbeitsunfaehigkeitsbescheinigung'];
$input_date2 = new DateTime($_POST['input_date2']);
$input_date = new DateTime($_POST['input_date']);
$input_besprechung = $_POST['input_besprechung'];
$input_ansprechpartner = $_POST['input_ansprechpartner'];
while ($res = mysqli_fetch_array($result)) {
$query = "SELECT * FROM main_mandant WHERE id = ".$res['main_mandant_id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$res_mandant = @mysqli_fetch_array($result);
$contactform_header2['recipient_email'] = $res_mandant['mail_team'];
$contactform_header2['recipient_name'] = $res_mandant['description'];
$message2 = "Liebes Team, \n\n";
if(isset($input_arbeitsunfaehigkeitsbescheinigung) && $input_date2 != ""){
$message2 .= $GLOBALS["main_contact"]['name'] . " ist bis einschließlich den ". $input_date2->format('d.m.Y') ." abwesend.\n";
for($i = $input_date; $i <= $input_date2; $i->modify('+1 day')){
$delete_query = "DELETE FROM infoboard WHERE date = '".$i->format('Y-m-d')."' AND main_contact_id = ".$GLOBALS['main_contact']['id'];
@mysqli_query($GLOBALS['mysql_con'], $delete_query);
$insert_query = "INSERT INTO infoboard (id, category_id, date, main_contact_id) VALUES (
NULL,
'0',
'" . $i->format('Y-m-d') . "',
'" . $GLOBALS["main_contact"]['id'] . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $insert_query);
}
}else{
$message2 .= $GLOBALS["main_contact"]['name'] . " hat sich für den ". $input_date->format('d.m.Y') ." abgemeldet.\n";
$delete_query = "DELETE FROM infoboard WHERE date = '".$input_date->format('Y-m-d')."' AND main_contact_id = ".$GLOBALS['main_contact']['id'];
@mysqli_query($GLOBALS['mysql_con'], $delete_query);
$insert_query = "INSERT INTO infoboard (id, category_id, date, main_contact_id) VALUES (
NULL,
'0',
'" . $input_date->format('Y-m-d') . "',
'" . $GLOBALS["main_contact"]['id'] . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $insert_query);
}
if(isset($input_besprechung) && $input_ansprechpartner != ""){
$message2 .= "Die telefonische Besprechung zur Übergabe von Aufgaben und Terminen erfolgte mit " . $input_ansprechpartner . ".\n";
}
if (mail_create($contactform_header["subject"],
$message2,
$contactform_header2["sender_email"],
$contactform_header2["recipient_email"],
$contactform_header2["sender_name"],
$contactform_header2["recipient_name"],
FALSE,
$file,
"",
"", 0, "", "", $contact_form_id)) {
mail_send();
unset($file);
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
}
}
if (mail_create($contactform_header["subject"],
$message,
$contactform_header["sender_email"],
$contactform_header["recipient_email"],
$contactform_header["sender_name"],
$contactform_header["recipient_name"],
FALSE,
$file, "", "", 0, "", $spid)) {
mail_send();
unset($file);
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
} else {
$error = TRUE;
$requestmassage .= $GLOBALS['tc']['mandatory_fields_error'];
if ($filetypeError === TRUE) {
$requestmassage .= $GLOBALS['tc']['contactform_error_php'];
}
}
if($error || $success){
if($success){
get_requestbox($requestmassage,"","success");
}else{
get_requestbox($requestmassage,"");
}
}
}
?>