Files
awo-hamburg-intranet/module/contactform/show_contactform.inc.php
2026-02-17 14:56:23 +01:00

1071 lines
64 KiB
PHP

<?php if($_COOKIE['recaptcha'] == 1){ ?>
<script src='https://www.google.com/recaptcha/api.js'></script>
<?
}
/* breadcrumb */
$tempSitepart = array(
"navigation_has_sitepart_id" => $sitepart_id
);
$queryFormData = "SELECT * FROM contactform_header WHERE id = '" . $sitepart_id."'";
$resultFormData = @mysqli_query($GLOBALS['mysql_con'], $queryFormData);
$contactFormData = @mysqli_fetch_array($resultFormData);
$header_id = $contactFormData['id'];
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$spid = 0;
$userId = 0;
$addUser = FALSE;
if (isset($_GET["action" . $sitepart_id]) && $_GET["action" . $sitepart_id] == "send" && !empty($_POST)) {
$requestmassage = "";
$success = false;
$_REQUEST['input_contactform'] = $header_id;
// daten sammeln
$query = "SELECT * FROM contactform_header WHERE id = '" . $sitepart_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contactform_header = @mysqli_fetch_array($result);
$filetypeError = FALSE;
$error = FALSE;
$captchError = FALSE;
$message = "";
/** Neu Abfrage aus welcher Seite Anfrage geschickt wurde */
$navigation_pfad = $_SERVER['HTTP_HOST'];
$navigation_pfad .= navigation_path($GLOBALS["site"],$GLOBALS["language"],$GLOBALS["navigation"]);
// $navigation_pfad .= $_SERVER['REQUEST_URI'];
$message .= "<strong>Kontaktanfrage aus: </strong><a href=\"$navigation_pfad\">".$navigation_pfad."</a>\n";
$message .= "<strong>Menücode: </strong>".$_SERVER['HTTP_REFERER']."\n\n";
$ajaxHelper = "";
if(isset($_GET['ajax'])){
$ajaxHelper = "~|~";
}
//recaptcha
if ($contactform_header['recaptcha_active'] == 1) {
$secretKey = $GLOBALS['site']['secretkey'];
$responseKey = $_POST['g-recaptcha-response'];
$userIP = $_SERVER['REMOTE_ADDR'];
$url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
$response = file_get_contents($url);
$data = json_decode($response);
if($data->success==FALSE){
$error = TRUE;
$captchError = TRUE;
}
}
$query = "SELECT * FROM contactform_line WHERE header_id = '" . $sitepart_id . "' ORDER BY sorting ASC";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
// for ($resultArray = array(); $row = @mysqli_fetch_array($result); $resultArray[] = $row) {
// }
// print_r($resultArray);
if (@mysqli_num_rows($result) > 0) {
unset($field_errors);
$field_errors = array();
$attachements = array();
// survey
if($contactFormData['is_survey']){
$querySurveyData = "SELECT * FROM survey_persons WHERE header_id = '" . $header_id."' AND ip_address='". $_SERVER['REMOTE_ADDR']."' AND email='". $_REQUEST["input_survey_email"]."' ";
$resultSurveyData = @mysqli_query($GLOBALS['mysql_con'], $querySurveyData);
if (@mysqli_num_rows($resultSurveyData) > 0) {
$error = TRUE;
$requestmassage .= "<div class=\"danger infobox\">Sie haben die Umfrage bereits eingereicht <br></div>" ;
}else{
// insert
$querySurveyInsert = "INSERT INTO survey_persons (name, email,header_id,ip_address)
VALUES (
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_survey_name"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_survey_email"]) . "',
'" . $header_id . "',
'" . $_SERVER['REMOTE_ADDR'] . "'
)";
if (@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert)) {
$spid = mysqli_insert_id($GLOBALS['mysql_con']);
}
// insert end
}
}
// survey end
// check for the user registration
if($contactFormData['is_registration']){
$queryPerson = "SELECT * FROM bewerber_user WHERE contact_form_id = '" . $header_id."' AND email='". $_REQUEST["registration_email"]."' ";
$resultPerson = @mysqli_query($GLOBALS['mysql_con'], $queryPerson);
if (@mysqli_num_rows($resultPerson) > 0) {
// $error = TRUE;
// $requestmassage .= "<div class=\"danger infobox\">".$translation->get('user_exist')."<br></div>" ;
$row = @mysqli_fetch_array($resultPerson);
$userId = $row['id'];
}else{
// insert
$_REQUEST["input_user_password"] = '123456';
$queryInsert = "INSERT INTO bewerber_user (name, email,password,main_site_id, main_language_id, contact_form_id, modified_date)
VALUES (
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["registration_name"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["registration_email"]) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], md5($_REQUEST["input_user_password"])) . "',
'".$GLOBALS['site']['id']."',
'".$GLOBALS["language"]['id']."',
'" . $header_id . "',
'" . time() . "'
)";
if (@mysqli_query($GLOBALS['mysql_con'], $queryInsert)) {
$userId = mysqli_insert_id($GLOBALS['mysql_con']);
$addUser = TRUE;
}
$message .= "<strong>" . $translation->get('new_user_detail') . ":</strong> " . "\n";
$message .= "<strong>" . $translation->get("name") . ":</strong> " . $_POST["registration_name"] . "\n";
$message .= "<strong>" . $translation->get("email") . ":</strong> " . $_POST["registration_email"] . "\n";
// insert end
}
}
// check for the user registration end
// contact form linked in collection
if((isset($_POST['contact_field_id']) && isset($_POST['main_collection_id']) && $_POST['contact_field_id'] != 0 && $_POST['main_collection_id'] != 0)){
$queryLinked = "SELECT * FROM main_collection_contact_linked WHERE main_collection_id = ".$_POST['main_collection_id']." AND field_id = ".$_POST['contact_field_id'];
$resultLinked = @mysqli_query($GLOBALS['mysql_con'], $queryLinked);
if (@mysqli_num_rows($resultLinked) > 0) {
$row = @mysqli_fetch_array($resultLinked);
$contactform_header["recipient_email"] = $row['receiver_email'];
$contactform_header["recipient_name"] = $row['receiver_name'];
}
$queryCollection = "SELECT mc.*, mcs.collection_type FROM main_collection as mc INNER JOIN main_collection_setup as mcs on mc.main_collection_setup_id = mcs.id WHERE mc.id = '" . $_POST['main_collection_id']."' ";
$resultCollection = @mysqli_query($GLOBALS['mysql_con'], $queryCollection);
if (@mysqli_num_rows($resultCollection) > 0) {
$collection = @mysqli_fetch_array($resultCollection);
if($collection['collection_type'] == 2){
$queryLinked = "SELECT * FROM bewerbung WHERE main_collection_id = ".$_POST['main_collection_id']." AND contact_id = ".$header_id." AND user_id = ".$userId;
$resultLinked = @mysqli_query($GLOBALS['mysql_con'], $queryLinked);
if (@mysqli_num_rows($resultLinked) > 0) {
$addUser = FALSE;
$error = TRUE;
$requestmassage .= "<div class=\"danger infobox\">".$translation->get('user_exist')."<br></div>" ;
}else{
$queryInsert = "INSERT INTO bewerbung (contact_id,user_id,main_collection_id, modified_date)
VALUES (
'" . $header_id . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $userId) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST['main_collection_id']) . "',
'". time()."'
)";
$addUser = TRUE;
@mysqli_query($GLOBALS['mysql_con'], $queryInsert) ;
}
}
}
}
$anonymous = 0;
// contact form linked in collection end
while ($field = @mysqli_fetch_array($result)) {
if ( ($field["code"] != 'registration_name' && $field["code"] != 'registration_email') && $_POST["input_" . $field["code"]] == '' &&
$field["mandatory"] &&
($field["typ"] != 8 || $field["typ"] != 10)
) {
$error = TRUE;
array_push($field_errors, $field['id']);
}
$linkedText = ' ';
switch ($field["typ"]) {
case 1:
if($field['code'] == 'subject'){
$contactform_header["subject"] = $_POST["input_" . $field["code"]];
}
if($anonymous == 1 && $field['code'] == "main_contact_id"){
$message .= "<strong>" . $field["name"] . ":</strong> " . "anonym" . "\n";
}else{
$message .= "<strong>" . $field["name"] . ":</strong> " . $_POST["input_" . $field["code"]] . "\n";
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $_POST["input_" . $field["code"]] . "',
'" . $linkedText . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
break;
case 2:
$search_array = array('\r\n','\n\r','\r','\n');
$replace_array = array(PHP_EOL,PHP_EOL,PHP_EOL,PHP_EOL);
$cleaned_text = str_replace($search_array, $replace_array, $_POST["input_" . $field["code"]]);
$message .= " <strong>" . $field["name"] . "</strong> " . $cleaned_text . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
break;
case 3:
$boolean_text = ($_POST["input_" . $field["code"]]) ? "Ja" : "Nein";
// var_dump($field["code"]);
// var_dump($boolean_text);
if ($field["code"] == "hinweis" and $boolean_text == "Ja") {
$anonymous = 1;
// print_r($anonymous);
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n<strong>" . $field["name"] . ":</strong> " . $boolean_text . "\n";
break;
case 9:
if($_POST["input_" . $field["id"]] != NULL){
$boolean_text = '';
foreach($_POST["input_" . $field["id"]] as $key => $val){
$boolean_text .= $val.'<br>';
}
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n<strong>" . $field["name"] . ":</strong><br> " . $boolean_text . "\n";
if($contactFormData['is_multistep'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
}
}
}
}
}
break;
case 10:
if($_POST["input_" . $field["id"]] != NULL){
$boolean_text = ($_POST["input_" . $field["id"]]) ? $_POST["input_" . $field["id"]] : "";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
$message .= "\n<strong>" . $field["name"] . ":</strong> " . $boolean_text . "\n";
$linkedText = '';
$clo_id = 0;
if($contactFormData['is_multistep'] == 1 || $contactFormData['is_survey'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id']; ;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['option_string'] == $boolean_text){
$clo_id = $option['id'];
}
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
$linkedText = $_POST["inputlinked_" . $field["id"].'_'.$option['id']];
}
}
}
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other, clo_id)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $boolean_text . "',
'" . $linkedText . "',
".$clo_id."
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
}
break;
case 4:
$message .= "<strong>" . $field["name"] . ":</strong> " . $_POST["input_" . $field["code"]] . "\n";
$boolean_text = ($_POST["input_" . $field["code"]]) ? $_POST["input_" . $field["code"]] : "";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $boolean_text);
}
if($contactFormData['is_multistep'] == 1 || $contactFormData['is_survey'] == 1){
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id']; ;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
$clo_id = 0;
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['option_string'] == $boolean_text){
$clo_id = $option['id'];
}
if($option['linked_field']){
if($_POST["inputlinked_" . $field["id"].'_'.$option['id']] != NULL){
$message .= $_POST["inputlinked_" . $field["id"].'_'.$option['id']] . "\n";
$linkedText = $_POST["inputlinked_" . $field["id"].'_'.$option['id']];
}
}
}
}
// survey
if($contactFormData['is_survey'] && !$error){
$querySurveyInsert = "INSERT INTO survey_answers (spid, header_id,line_id,option_string, other, clo_id)
VALUES (
" . $spid . ",
" . $header_id . ",
" . $field['id'] . ",
'" . $boolean_text . "',
'" . $linkedText . "',
".$clo_id."
)";
@mysqli_query($GLOBALS['mysql_con'], $querySurveyInsert);
}
// survey end
break;
case 5:
$message .= "<strong>" . $field["name"] . "</strong>\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $field["name"]);
}
break;
case 6:
$message .= "\n";
break;
case 7:
$message .= "<strong>" . $_POST["input_" . $field["code"]] . "</strong>\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]] );
}
break;
case 11: // Datum
$date = new DateTime($_POST["input_" . $field["code"]]);
$message .= "<strong>" . $field["name"] . ":</strong> " . $date->format('d.m.Y') . "<br>";
break;
if (copy($attachemend["tmp_name"], rtrim(dirname(dirname(__DIR__)),"/") . '/userdata/mail_attachments/' . $attachemend["name"] . '')) {
$attachements[] = $attachemend["name"];
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $attachemend["name"]);
}
}
break;
case 11:
$message .= "<strong>" . $field["name"] . ":</strong> " . $_POST["input_" . $field["code"]] . "\n";
if($contactFormData['is_registration'] && $addUser){
addContactLink($userId, $header_id, $field['id'], $_POST["input_" . $field["code"]]);
}
break;
case 8:
$attachemend = $_FILES["input_" . $field["code"]];
if ($attachemend["name"] == "" && $field["mandatory"]) {
$error = TRUE;
break;
}
if ($attachemend["name"] == "") {
break;
}
$not_allowed_filetypes = array('php');
$pos = strrpos($attachemend["name"], '.');
$ext = strtolower(substr($attachemend["name"], $pos + 1));
if (in_array($ext, $not_allowed_filetypes)) {
$filetypeError = TRUE;
$error = TRUE;
break;
}
if (copy($attachemend["tmp_name"], rtrim(dirname(dirname(__DIR__)),"/") . '/userdata/mail_attachments/' . $attachemend["name"] . '')) {
$attachements[] = $attachemend["name"];
}
break;
}
}
}
if (($_POST["input_captcha1"] <> "") | ((time() - $_POST["input_captcha2"]) < 5)) {
$error = TRUE;
$requestmassage .= $GLOBALS['tc']['contactform_spam'];
}
if($captchError == TRUE){
echo $ajaxHelper . "<div class=\"danger infobox\">Bitte verwenden Sie das Captcha <br></div>" . $ajaxHelper;
}else{
echo $ajaxHelper . "" . $ajaxHelper;
}
if ($filetypeError === true) {
echo $ajaxHelper . "<div class=\"danger infobox\">Upload von PHP Dateien nicht erlaubt</div>" . $ajaxHelper;
}
//DUP breadcrumb upload mehrere Dateien update
if (!$error) {
//fügt Daten ins Array
foreach ($attachements as $attachement_line) {
$file[] = "/userdata/mail_attachments/" . $attachement_line;
}
// AUTOMATISCHE ANTWORT
if($contactform_header["auto_answer"] != "" && $GLOBALS['main_contact']['email'] != ""){
if (mail_create($contactform_header["subject"],
$contactform_header["auto_answer"],
$contactform_header["sender_email"],
$GLOBALS['main_contact']['email'],
$contactform_header["sender_name"],
$GLOBALS['main_contact']['email'],
FALSE,
"",
"",
"", 0, "", "", $contact_form_id)) {
mail_send();
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
}
if($sitepart_id == 1){
$mandant_id = $GLOBALS["main_contact"]['master_mandant_id'];
$contact_id = $GLOBALS["main_contact"]['id'];
$query = "SELECT * FROM main_contact_department LEFT JOIN main_collection as mc on mc.id = plg.portal_group_id WHERE plg.portal_login_id ='".$login_id."' AND plg.portal_group_id = '".$group_id."' AND plg.email != ''";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$res = mysqli_fetch_array($result);
$contactform_header2["sender_email"] = $contactform_header["sender_email"];
$contactform_header2["sender_name"] = $contactform_header["sender_name"];
$contactform_header["sender_email"] = $GLOBALS["main_contact"]['email'];
$contactform_header["sender_name"] = $GLOBALS["main_contact"]['name'];
$contactform_header["subject"] = "Abwesenheit | {$GLOBALS["main_contact"]['name']}";
}
if($sitepart_id == 2){
$contactform_header["sender_email"] = $GLOBALS["main_contact"]['email'];
$contactform_header["sender_name"] = $GLOBALS["main_contact"]['name'];
$query = 'SELECT * from main_contact WHERE id = '.$_REQUEST['input_user'].' LIMIT 1';
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 1) {
$user = @mysqli_fetch_array($result);
if($user['email'] != NULL && $user['email'] != ''){
$contactform_header["recipient_name"] = $user['name'];
$contactform_header["recipient_email"] = $user['email'];
}
}
}
// Sende E-Mail an Firmen-Email
if($sitepart_id == 1){
$query = "SELECT * FROM main_contact_department WHERE main_contact_id = ".$GLOBALS["main_contact"]['id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$input_arbeitsunfaehigkeitsbescheinigung = $_POST['input_arbeitsunfaehigkeitsbescheinigung'];
$input_date2 = new DateTime($_POST['input_date2']);
$input_date = new DateTime($_POST['input_date']);
$input_besprechung = $_POST['input_besprechung'];
$input_ansprechpartner = $_POST['input_ansprechpartner'];
while ($res = mysqli_fetch_array($result)) {
$query = "SELECT * FROM main_mandant WHERE id = ".$res['main_mandant_id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$res_mandant = @mysqli_fetch_array($result);
$contactform_header2['recipient_email'] = $res_mandant['mail_team'];
$contactform_header2['recipient_name'] = $res_mandant['description'];
$message2 = "Liebes Team, \n\n";
if(isset($input_arbeitsunfaehigkeitsbescheinigung) && $input_date2 != ""){
$message2 .= $GLOBALS["main_contact"]['name'] . " ist bis einschließlich den ". $input_date2->format('d.m.Y') ." abwesend.\n";
for($i = $input_date; $i <= $input_date2; $i->modify('+1 day')){
$delete_query = "DELETE FROM infoboard WHERE date = '".$i->format('Y-m-d')."' AND main_contact_id = ".$GLOBALS['main_contact']['id'];
@mysqli_query($GLOBALS['mysql_con'], $delete_query);
$insert_query = "INSERT INTO infoboard (id, category_id, date, main_contact_id) VALUES (
NULL,
'0',
'" . $i->format('Y-m-d') . "',
'" . $GLOBALS["main_contact"]['id'] . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $insert_query);
}
}else{
$message2 .= $GLOBALS["main_contact"]['name'] . " hat sich für den ". $input_date->format('d.m.Y') ." abgemeldet.\n";
$delete_query = "DELETE FROM infoboard WHERE date = '".$input_date->format('Y-m-d')."' AND main_contact_id = ".$GLOBALS['main_contact']['id'];
@mysqli_query($GLOBALS['mysql_con'], $delete_query);
$insert_query = "INSERT INTO infoboard (id, category_id, date, main_contact_id) VALUES (
NULL,
'0',
'" . $input_date->format('Y-m-d') . "',
'" . $GLOBALS["main_contact"]['id'] . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $insert_query);
}
if(isset($input_besprechung) && $input_ansprechpartner != ""){
$message2 .= "Die telefonische Besprechung zur Übergabe von Aufgaben und Terminen erfolgte mit " . $input_ansprechpartner . ".\n";
}
if (mail_create($contactform_header["subject"],
$message2,
$contactform_header2["sender_email"],
$contactform_header2["recipient_email"],
$contactform_header2["sender_name"],
$contactform_header2["recipient_name"],
FALSE,
$file,
"",
"", 0, "", "", $contact_form_id)) {
mail_send();
unset($file);
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
}
}
if (mail_create($contactform_header["subject"],
$message,
$contactform_header["sender_email"],
$contactform_header["recipient_email"],
$contactform_header["sender_name"],
$contactform_header["recipient_name"],
FALSE,
$file, "", "", 0, "", $spid)) {
mail_send();
unset($file);
clearstatcache();
$success = true;
$requestmassage .= $GLOBALS['tc']['contactform_success'];
foreach ($_POST as $key => $value) {
unset($_POST[$key]);
}
} else {
$error = TRUE;
$requestmassage .= $translation->get('not_send');
}
} else {
$error = TRUE;
$requestmassage .= $GLOBALS['tc']['mandatory_fields_error'];
if ($filetypeError === TRUE) {
$requestmassage .= $GLOBALS['tc']['contactform_error_php'];
}
}
if($error || $success){
if($success){
get_requestbox($requestmassage,"","success");
}else{
get_requestbox($requestmassage,"");
}
}
}
?>
<div class="contactformular">
<div class="sitepart_<?= $sitepart_id ?>">
<?php
// ini_set('display_errors', 1);
// ini_set('display_startup_errors', 1);
// error_reporting(E_ALL);
if($contactFormData['is_multistep'] == 0){
?>
<form class="form-label-left" name="contactformular_<?= $sitepart_id ?>" id="contactformular_<?= $sitepart_id ?>" method="post" action="<?= ml($tempSitepart, "action", "send") ?>" enctype="multipart/form-data">
<input type="hidden" name="contact_field_id" id="contact_field_id<?= $sitepart_id; ?>" value="0">
<input type="hidden" name="main_collection_id" id="main_collection_id<?= $sitepart_id; ?>" value="0">
<?
$query = "SELECT * FROM contactform_line WHERE header_id = '" . $sitepart_id . "' ORDER BY sorting ASC";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) > 0) {
// while ($field = @mysqli_fetch_array($result)) {
// $anonymous = 0;
// if ($field['code'] == "hinweis") {
// if (isset($_POST["input_" . $field["code"]]) and $_POST["input_" . $field["code"]] == "1") {
// $anonymous = 1;
// }
// }
// }
while ($field = @mysqli_fetch_array($result)) {
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
if ($field['mandatory'] == 1) {
$mandatory_text = " *";
$required = "required";
} else {
$mandatory_text = "";
$required = "";
}
$prefillValue = '';
if (array_key_exists("input_" . $field["code"],$_POST)) {
$prefillValue = $_POST["input_" . $field["code"]];
}
if ($field["infield"] == "1") {
$placeholder = "placeholder='" . $field['name'] . $mandatory_text . "'";
$label = "";
} else {
$placeholder = "";
$label = $field['name'] . $mandatory_text;
}
if (isset($_GET["action" . $sitepart_id]) && $_GET["action" . $sitepart_id] == "send" && $field["mandatory"] == 1 && trim($_POST["input_" . $field["code"]]) == "") {
$errorclass = "error";
} else {
$errorclass = "";
}
if (isset($_GET["action" . $sitepart_id]) && $_GET["action" . $sitepart_id] == "send" && $field["mandatory"] == 1 && in_array($field['id'], $field_errors)) {
$errorclass = "error";
} else {
$errorclass = "";
}
switch ($field["typ"]) {
case 1:?>
<?php $name = 'input_'.$field['code'];
if($field['code'] == 'registration_email' || $field['code'] == 'registration_name' ){
$name = $field['code'];
}
$value = htmlspecialchars($_POST["input_" . $field["code"]], ENT_QUOTES, 'UTF-8');
if($field['code'] == 'main_contact_id' && $anonymous != 1){
$value = $GLOBALS['main_contact']['name'];
}
?>
<div class="form-group <?=$field['code']?>">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<input type="text" class="form-control text <?= $errorclass ?>" <?= $required ?>
name="<?= $name; ?>"
id="input_<?= $field["code"]; ?>" <?= $placeholder; ?>
value="<?= $value ?>">
</div>
<?
break;
case 2:?>
<div class="form-group">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<textarea class="form-control textarea <?= $errorclass ?>" <?= $required ?>
name="input_<?= $field['code'] ?>"
id="input_<?= $field["code"]; ?>" <?= $placeholder; ?>
value="<?= htmlspecialchars(str_replace( '\r\n', PHP_EOL, $_POST["input_" . $field["code"]]), ENT_QUOTES, 'UTF-8') ?>"></textarea>
</div>
<?
break;
case 3:
$checked_text = ($prefillValue) ? " checked=\"checked\"" : "";
?>
<div class="form-group form-check">
<label class="form-check-label">
<input class="form-check-input" <?= $checked_text ?> <?= $required ?>
name="input_<?= $field['code'] ?>" id="input_<?= $field["code"]; ?>"
type="checkbox" value="<?= $field["code"]; ?>">
<?=$field['name'] . $mandatory_text;?>
</label>
</div>
<?
break;
case 4:?>
<?php if($contactFormData['is_survey'] == 0){ ?>
<div class="form-group">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<div class="input select_body <?= $errorclass ?>">
<?php
if($field['code'] == 'mandant'){
selectMandant($required, $field);
// }elseif($field['code'] == 'user'){
// selectUser($required, $field);
}else { ?>
<select class="select" <?= $required ?> name="input_<?= $field['code'] ?>"
id="input_<?= $field['code']; ?>">
<?
$options = explode(";", $field["option_string"]);
foreach ($options as $option) {
$selected_text = ($prefillValue == $option) ? " selected=\"selected\"" : "";
echo "<option" . $selected_text . " value=\"" . $option . "\">" . $option . "</option>";
}
?>
</select>
<?php } ?>
</div>
</div>
<?php } else{ ?>
<!-- survey -->
<div class="form-group">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<div class="input select_body <?= $errorclass ?>">
<select class="select input_select" data-section="<?=$field['section_id']?>" data-next-section="<?=$field['next_section_id']?>" <?= $required ?> name="input_<?= $field['code'] ?>"
id="input_<?= $field['code']; ?>">
<option selected>------</option>
<?
while ($option = @mysqli_fetch_array($resultOpt)) {
echo 'opt ist '; print_r($option);echo '<br>';
$className = 'col-md-12';
$linked = 0;
if($option['linked_field']){
$linked = 1;
}
$selected_text = ($prefillValue == $option['option_string']) ? " selected=\"selected\"" : "";
echo "<option data-opt='".$option['id']."' data-linked='".$linked."' data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' data-field='".$field['id']."' data-id='".$field['id']."' " . $selected_text . " value=\"" . $option['option_string'] . "\">" . $option['option_string'] . "</option>";
// if($option['linked_field']){
// echo "<div class=\"input_collection_link_input_linked ".$className." iconfield-no-border \">";
// echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' readonly class='input_selection_text inputLinked_".$option['id']."' data-id='".$key."' id=\"input_collection_link_field_" . $field['id'] . "_value_" . $value . "\" placeholder= '".$option['linked_placeholder']."' type=\"text\" name=\"inputlinked_" . $field['id'] . "_".$option['id']."\" value='' >";
// echo '</div>';
// }
}
?>
</select>
<?php
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
while ($option = @mysqli_fetch_array($resultOpt)) {
if($option['linked_field']){
echo '<div class="noDisplay input_selected_linked select'.$option['id'].'">';
echo "<div class=\"input_collection_link_input_linked ".$className." iconfield-no-border \">";
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' readonly class='input_selection_text inputLinked_".$option['id']."' data-id='".$key."' id=\"input_collection_link_field_" . $field['id'] . "_value_" . $value . "\" placeholder= '".$option['linked_placeholder']."' type=\"text\" name=\"inputlinked_" . $field['id'] . "_".$option['id']."\" value='' >";
echo '</div>';
echo '</div>';
}
}
?>
</div>
</div>
<!-- Survey End -->
<? }
break;
case 5:
echo "<h2>" . $field["name"] . "</h2>";
break;
case 6:
echo "<br />";
break;
case 7:
if ($_GET["registration"] == 1 && (int)$_GET["collection_id"] > 0) {
$query = "SELECT * FROM main_collection WHERE id = '" . $_GET["collection_id"]."'";
$newsresult = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($newsresult) == 1) {
$news = @mysqli_fetch_array($newsresult);
echo "<h3>" . $news["description"] . "</h3>";
echo "<input name=\"input_" . $field["code"] . "\" type=\"hidden\" id=\"input_" . $field["code"] . "\" value=\"" . $news["description"] . "\" /></td></tr>\n";
}
}
break;
case 8:?>
<div class="form-group">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<input class="form-control file <?= $errorclass ?>" <?= $required ?>
name="input_<?= $field['code'] ?>" id="input_<?= $field["code"]; ?>"
type="file"/>
</div>
<?
break;
case 9: // Checkbox
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
// checkbox start
echo "<div class='form-group'> <h2 id=\"input_collection_link_" . $field['id'] . "\" class=\"checkbox multi_input_heading classLabel\" >".$field['name'].'</h2>';
//Get all option_values
//Values als Integer
$value = 1;
while ($option = @mysqli_fetch_array($resultOpt)) {
$iconClass = '';
if($option['icon'] != NULL && $option['icon'] != ''){
$iconClass = ' <span class="material-icons">'.$option['icon'].'</span> ';
}
$imgClass = '';
if($option['field_img'] != NULL && $option['field_img'] != '' && $option['field_img'] != ' '){
$imgClass = "<div class='img_container img-option'><img class='img-fluid' src='/userdata/collection/resize/".$option["field_img"]."'></div>";
}
if(!$option['linked_field']){
echo "<div class=\"input_collection_link_checkbox col-md-4 iconfield \">";
echo "<label " . "for=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\">".' '.$imgClass.$iconClass .'<br>'. $option['option_string'] ;
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' class='input_selection_checkbox' data-field='".$field['id']."' data-id='".$field['id']."' id=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\" type=\"checkbox\" name=\"input_" . $field['id'] . "[]\" value='".$option['option_string']."' >";
echo "</label>";
echo "</div>";
} else{
$className = 'col-md-12';
if($option['linked_field']){
$className = 'col-md-6';
}
echo '<div class="row">';
echo "<div class=\"input_collection_link_checkbox ".$className." iconfield-no-border \">";
echo "<label " . "for=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\">".' '.$imgClass.$iconClass .'<br>'. $option['option_string'] ;
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' class='input_selection_checkbox input_check_linked' data-id='".$field['id']."' data-opt='".$option['id']."' id=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\" type=\"checkbox\" name=\"input_" . $field['id'] . "[]\" value='".$option['option_string']."' >";
echo "</label>";
echo "</div>";
if($option['linked_field']){
echo "<div class=\"input_collection_link_input_linked ".$className." iconfield-no-border \">";
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' readonly class='input_selection_text inputLinked_".$option['id']."' data-id='".$key."' id=\"input_collection_link_field_" . $field['id'] . "_value_" . $value . "\" placeholder= '".$option['linked_placeholder']."' type=\"text\" name=\"inputlinked_" . $field['id'] . "_".$option['id']."\" value='' >";
echo '</div>';
?>
<?php }
echo '</div>';
}
$value++;
}
echo "</div>";
// checkbox end
// break;
case 10: // Radio
$queryOpt = 'SELECT * FROM contactform_line_option WHERE line_id = '.$field['id'];
;
$resultOpt = @mysqli_query($GLOBALS['mysql_con'], $queryOpt);
echo "<div class='form-group'> <h3 id=\"input_collection_link_" . $field['id'] . "\" class=\"checkbox multi_input_heading classLabel\" >".$field['name'].'</h3>';
//Get all option_values
//Values als Integer
$value = 1;
while ($option = @mysqli_fetch_array($resultOpt)) {
$iconClass = '';
if($option['icon'] != NULL && $option['icon'] != ''){
$iconClass = ' <span class="material-icons">'.$option['icon'].'</span> ';
}
$imgClass = '';
if($option['field_img'] != NULL && $option['field_img'] != '' && $option['field_img'] != ' '){
$imgClass = "<div class='img_container img-option'><img class='img-fluid' src='/userdata/collection/resize/".$option["field_img"]."'></div>";
}
if(!$option['linked_field']){
echo "<div class=\"form-group input_collection_link_checkbox col-md-12 iconfield \">";
echo "<label " . "for=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\">".' '.$imgClass.$iconClass .$option['option_string'] ;
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' class='surveyInput form-control input_selection_radio' data-field='".$field['id']."' data-id='".$field['id']."' id=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\" type=\"radio\" name=\"input_" . $field['id'] . "\" value='".$option['option_string']."' >";
echo "</label>";
echo "</div>";
} else{
$className = 'col-md-12';
if($option['linked_field']){
$className = 'col-md-12';
}
echo '<div class="row">';
echo "<div class=\"input_collection_link_checkbox ".$className." iconfield-no-border \">";
echo "<label " . "for=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\">".' '. $option['option_string'] ;
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' class='surveyInput input_selection_radio input_radio_linked' data-id='".$field['id']."' data-opt='".$option['id']."' id=\"input_collection_link_" . $field['id'] . "_value_" . $value . "\" type=\"radio\" name=\"input_" . $field['id'] . "\" value='".$option['option_string']."' >";
echo "</label>";
echo "</div>";
if($option['linked_field']){
echo "<div class=\"input_collection_link_input_linked ".$className." iconfield-no-border \">";
echo "<input data-form='". $sitepart_id."' data-section='".$field['section_id']."' data-next-section='".$option['next_section_id']."' readonly class='input_selection_text inputLinked_".$option['id']."' data-id='".$key."' id=\"input_collection_link_field_" . $field['id'] . "_value_" . $value . "\" placeholder= '".$option['linked_placeholder']."' type=\"text\" name=\"inputlinked_" . $field['id'] . "_".$option['id']."\" value='' >";
echo '</div>';
?>
<?php }
echo '</div>';
}
$value++;
}
echo "</div>";
break;
case 11:?>
<div class="form-group date_input">
<label for="input_<?=$field["code"];?>"><?=$label?></label>
<input class="form-control date <?= $errorclass ?>" <?= $required ?>
name="input_<?= $field['code'] ?>" id="input_<?= $field["code"]; ?>"
type="date"/>
</div>
<?
break;
}
}
if($contactFormData['is_survey']){
?>
<div class="row">
<div class="col-md-12 surveyFields">
<div class="form-group">
<label for="input_survey_name">Ihren Namen</label>
<input type="text" class="form-control text" required
name="input_survey_name"
id="input_survey_name" placeholder="Gib deinen Namen ein"
>
</div>
<div class="form-group">
<label for="input_survey_email">Ihren Email</label>
<input type="email" class="form-control text" required
name="input_survey_email"
id="input_survey_name" placeholder="Gib deinen Email ein"
>
</div>
</div>
</div>
<?php }
}
// daten sammeln
$query = "SELECT * FROM contactform_header WHERE id = '" . $sitepart_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contactform_header = @mysqli_fetch_array($result);
if ($contactform_header['recaptcha_active'] == 1) {
$websiteKey = $GLOBALS['site']['websitekey'];
$reCaptcha = TRUE;
} else {
$reCaptcha = FALSE;
}
?>
<div style="display:none;">
<input type="text" name="input_captcha1" id="input_captcha1" value="" />
<input type="text" name="input_captcha2" id="input_captcha2" value="<?= time() ?>" />
</div>
<? if ($reCaptcha == TRUE ) {
if($_COOKIE['recaptcha'] == 1){ ?>
<div class="recaptcha-class" style="float: left; padding-top: 0px;width:100%;">
<div class="g-recaptcha" data-sitekey="<? echo $websiteKey; ?>"></div>
</div>
<br/>
<?php }else{
$disabled = 'disabled'; ?>
<div class='cookie_conflict'>
<p>Akzeptiere die Cookies um das Formular zu senden.</p>
<div class="cookie-accept cookie-option" data-cookie="accept">Alle Cookies akzeptieren</div>
</div>
<?php } }?>
<div class="contact-button <?= $disabled ?>" id="submit_button"><input type="submit" name="button" class="button" id="button" <?= $disabled ?> value="<?= $translation->get('send') ?>" /></div>
</form>
<?php } else { ?>
<?php require_once(MODULE_PATH.'contactform/multiform_functions.inc.php'); ?>
<form id="regForms" style="display:none" action="/action_page.php">
<h1>Mehrstufiges Formular:</h1>
<!-- One "tab" for each step in the form: -->
<div class="tab">Name:
<p><input placeholder="Vorname..." oninput="this.className = ''" name="fname"></p>
<p><input placeholder="Nachname..." oninput="this.className = ''" name="lname"></p>
</div>
<div class="tab">Kontaktinformation:
<p><input placeholder="E-mail..." oninput="this.className = ''" name="email"></p>
<p><input placeholder="Telefonnummer..." oninput="this.className = ''" name="phone"></p>
</div>
<div class="tab">Geburtstag:
<p><input placeholder="dd" oninput="this.className = ''" name="dd"></p>
<p><input placeholder="mm" oninput="this.className = ''" name="nn"></p>
<p><input placeholder="yyyy" oninput="this.className = ''" name="yyyy"></p>
</div>
</form>
<?php } ?>
</div>
</div>
<?php
function addContactLink($userId, $header_id, $fieldId, $content){
// insert
$queryInsert = "INSERT INTO bewerber_user_contact_link (contact_id, line_id,user_id,content)
VALUES (
'" . $header_id . "',
'" . $fieldId . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $userId) . "',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $content) . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $queryInsert) ;
}
function selectMandant($required, $field){
$query = "SELECT * FROM main_mandant";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
?>
<select class="select" <?= $required ?> name="input_<?= $field['code'] ?>" id="input_<?= $field['code']; ?>">
<option value="">---</option>
<?
while ($row = @mysqli_fetch_array($result)) {
echo "<option value=\"" . $row['id'] . "\">" . $row['description'] . "</option>";
}
?>
</select>
<?php }
function getUserFromID($id){
$query = "SELECT * FROM portal_login WHERE id = ".$id;
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = @mysqli_fetch_array($result)) {
return $row;
}
}
?>