spam
return true;
}
if($time - $_POST['time'] > 12 * 3600){ // user needed more than 12 hours to fill the form -> spam
return true;
}
// check baits
if(!empty($_POST['email'])){
return true;
}
if(!empty($_POST['url'])){
return true;
}
return false;
}
/** prints the contact form
* @return string
*/
//----------------------------------------
function printForm(){
//----------------------------------------
global $errors;
$f = new Template(TEMPLATE_DIR."subparts/attendance.html");
$f->removeBlock("SUCCESS");
$f->removeBlock("SPAM");
$f->setVar("ACTION", getCurrentUrl());
if(sizeof($errors) > 0){
$e = "FEHLER:
";
foreach($errors as $i){
$e .= "- $i
";
}
$e .= "
";
$f->setVar("ERRORS", $e);
}
else{
$f->setVar("ERRORS", " ");
}
if($_POST['attendance'] == "Nein, ich nehme nicht teil"){
$f->setVar("ATTENDANCE_NO", "selected=\"selected\"");
$f->setVar("ATTENDANCE_YES", "");
}
else{
$f->setVar("ATTENDANCE_YES", "selected=\"selected\"");
$f->setVar("ATTENDANCE_NO", "");
}
if($_POST['gender'] == "Frau"){
$f->setVar("GENDER_F", "selected=\"selected\"");
$f->setVar("GENDER_M", "");
}
else{
$f->setVar("GENDER_M", "selected=\"selected\"");
$f->setVar("GENDER_F", "");
}
$f->setVar("FIRSTNAME", $_POST['firstname']);
$f->setVar("SURNAME", $_POST['surname']);
$f->setVar("STREET", $_POST['street']);
$f->setVar("ZIP", $_POST['zip']);
$f->setVar("CITY", $_POST['city']);
$f->setVar("PHONE", $_POST['phone']);
$f->setVar("MAIL", $_POST['mail']);
$f->setVar("TEXT", $_POST['text']);
$f->setVar("TIME", time());
$f->setVar("DATE", $_POST['date']);
$f->setVar("SCHOOL", $_POST['school']);
$f->setVar("STUDENTS", $_POST['students']);
$f->setVar("EVENT", htmlentities($_POST['event']));
$f->setVar("USER_ID", $_POST['userid']);
return $f->toString();
}
/** prints the success view
* @return string
*/
//------------------------------------------
function printSuccess(){
//------------------------------------------
$f = new Template(TEMPLATE_DIR."subparts/attendance.html");
$f->removeBlock("FORM");
$f->removeBlock("SPAM");
return $f->toString();
}
/** prints the spam view
* @return string
*/
//------------------------------------------
function printSpam(){
//------------------------------------------
$f = new Template(TEMPLATE_DIR."subparts/attendance.html");
$f->removeBlock("FORM");
$f->removeBlock("SUCCESS");
return $f->toString();
}
/** sends the form data via e-mail
*/
//------------------------------------------
function send(){
//------------------------------------------
$to = "kulturhaus@bruckmuehle.at,sandra.kratochwill@bruckmuehle.at";
$subject = "Anmeldeformular kulturhaus-bruckmuehle.at";
$headers = "From: kulturhaus@bruckmuehle.at\r\n";
$headers .= "Content-Type: text/plain; charset=\"utf-8\"\r\n";
$body = "Folgende Daten wurden im Anmeldeformular ausgefüllt:\n\n";
$body .= "Veranstaltung: $_POST[event]\n";
$body .= "Teilnahme: $_POST[attendance]\n";
$body .= "Vorname: $_POST[firstname]\n";
$body .= "Nachname: $_POST[surname]\n";
$body .= "Straße: $_POST[street]\n";
$body .= "PLZ: $_POST[zip]\n";
$body .= "Ort: $_POST[city]\n";
$body .= "Telefon: $_POST[phone]\n";
$body .= "E-Mail: $_POST[mail]\n";
$body .= "Termin: $_POST[date]\n";
$body .= "Schule: $_POST[school]\n";
$body .= "Schüler: $_POST[students]\n";
$body .= "Bemerkungen: " . stripslashes($_POST['text']);
@mail($to, $subject, $body, $headers);
@mail("contact@mlenzelbauer.at", "Kopie: $subject", $body, $headers);
#$f = fopen("mail.txt", "w");
#fwrite($f, $body);
#fclose($f);
}
/** saves the customer data to the database
*/
//--------------------------------------------
function saveToDatabase(){
//--------------------------------------------
if (empty($_POST['mail'])) {
return;
}
$query = sprintf("SELECT * FROM bruckmuehle_ticketcustomer WHERE email = %s LIMIT 1", sqlstring($_POST['mail']));
$result = dbQuery($query);
if (mysql_num_rows($result) > 0) {
return;
}
$gender = "m";
if ($_POST['gender'] == "Frau") {
$gender = "f";
}
$newsletter = "false";
if ($_POST['info']) {
$newsletter = "true";
}
$query = sprintf("INSERT INTO bruckmuehle_ticketcustomer (firstname, surname, email, address, zip, city, gender, phone, creationDate, newsletter, info, loose)
VALUES (%s, %s, %s, %s, %d, %s, %s, %s, NOW(), %s, %s, 'true')",
sqlstring($_POST['firstname']),
sqlstring($_POST['surname']),
sqlstring($_POST['mail']),
sqlstring($_POST['street']),
sqlnum($_POST['zip']),
sqlstring($_POST['city']),
sqlstring($gender),
sqlstring($_POST['phone']),
sqlstring($newsletter),
sqlstring($newsletter));
dbQuery($query);
}
/** loads the user from the database
*/
//---------------------------------------------
function initUser() {
//---------------------------------------------
$id = intval($_GET['usr']);
if ($id > 0) {
$query = sprintf("SELECT * FROM bruckmuehle_ticketcustomer WHERE id = %d", $id);
$result = dbQuery($query);
if ($line = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$hash = substr(md5("#" . $line['email'] . "#"), 0, 8);
if ($_GET['hash'] == $hash) {
$_POST['firstname'] = $line['firstname'];
$_POST['surname'] = $line['surname'];
$_POST['street'] = $line['address'];
$_POST['zip'] = $line['zip'];
$_POST['city'] = $line['city'];
$_POST['mail'] = $line['email'];
$_POST['phone'] = $line['phone'];
$_POST['gender'] = $line['gender'] == "f" ? "Frau" : "Herr";
$_POST['userid'] = $line['id'];
}
}
}
if ($_GET['attendance'] == 1) {
$_POST['attendance'] = "Ja, ich nehme teil";
}
else {
$_POST['attendance'] = "Nein, ich nehme nicht teil";
}
}
/** loads the event from the database
*/
//--------------------------------------------
function initEvent() {
//--------------------------------------------
$id = intval($_GET['evt']);
if ($id > 0) {
$query = sprintf("SELECT * FROM bruckmuehle_attendanceblock WHERE id = %d", $id);
$result = dbQuery($query);
if ($line = mysqli_fetch_array($result, MYSQLI_ASSOC)) {
$_POST['event'] = $line['event'];
}
}
}
/** converts the $_POST value to "ja" or "nein"
* @param value checkbox value
* @return "ja" or "nein"
*/
//--------------------------------------------
function yesOrNo($value){
//--------------------------------------------
if(isset($value) && !empty($value)){
return "ja";
}
return "nein";
}
?>