spam return true; } if($time - $_POST['time'] > 12 * 3600){ // user needed more than 12 hours to fill the form -> spam return true; } // check baits if(!empty($_POST['email'])){ return true; } if(!empty($_POST['url'])){ return true; } return false; } /** prints the contact form * @return string */ //---------------------------------------- function printForm(){ //---------------------------------------- global $errors; $f = new Template(TEMPLATE_DIR."subparts/attendance.html"); $f->removeBlock("SUCCESS"); $f->removeBlock("SPAM"); $f->setVar("ACTION", getCurrentUrl()); if(sizeof($errors) > 0){ $e = "FEHLER:

"; $f->setVar("ERRORS", $e); } else{ $f->setVar("ERRORS", " "); } if($_POST['attendance'] == "Nein, ich nehme nicht teil"){ $f->setVar("ATTENDANCE_NO", "selected=\"selected\""); $f->setVar("ATTENDANCE_YES", ""); } else{ $f->setVar("ATTENDANCE_YES", "selected=\"selected\""); $f->setVar("ATTENDANCE_NO", ""); } if($_POST['gender'] == "Frau"){ $f->setVar("GENDER_F", "selected=\"selected\""); $f->setVar("GENDER_M", ""); } else{ $f->setVar("GENDER_M", "selected=\"selected\""); $f->setVar("GENDER_F", ""); } $f->setVar("FIRSTNAME", $_POST['firstname']); $f->setVar("SURNAME", $_POST['surname']); $f->setVar("STREET", $_POST['street']); $f->setVar("ZIP", $_POST['zip']); $f->setVar("CITY", $_POST['city']); $f->setVar("PHONE", $_POST['phone']); $f->setVar("MAIL", $_POST['mail']); $f->setVar("TEXT", $_POST['text']); $f->setVar("TIME", time()); $f->setVar("DATE", $_POST['date']); $f->setVar("SCHOOL", $_POST['school']); $f->setVar("STUDENTS", $_POST['students']); $f->setVar("EVENT", htmlentities($_POST['event'])); $f->setVar("USER_ID", $_POST['userid']); return $f->toString(); } /** prints the success view * @return string */ //------------------------------------------ function printSuccess(){ //------------------------------------------ $f = new Template(TEMPLATE_DIR."subparts/attendance.html"); $f->removeBlock("FORM"); $f->removeBlock("SPAM"); return $f->toString(); } /** prints the spam view * @return string */ //------------------------------------------ function printSpam(){ //------------------------------------------ $f = new Template(TEMPLATE_DIR."subparts/attendance.html"); $f->removeBlock("FORM"); $f->removeBlock("SUCCESS"); return $f->toString(); } /** sends the form data via e-mail */ //------------------------------------------ function send(){ //------------------------------------------ $to = "kulturhaus@bruckmuehle.at,sandra.kratochwill@bruckmuehle.at"; $subject = "Anmeldeformular kulturhaus-bruckmuehle.at"; $headers = "From: kulturhaus@bruckmuehle.at\r\n"; $headers .= "Content-Type: text/plain; charset=\"utf-8\"\r\n"; $body = "Folgende Daten wurden im Anmeldeformular ausgefüllt:\n\n"; $body .= "Veranstaltung: $_POST[event]\n"; $body .= "Teilnahme: $_POST[attendance]\n"; $body .= "Vorname: $_POST[firstname]\n"; $body .= "Nachname: $_POST[surname]\n"; $body .= "Straße: $_POST[street]\n"; $body .= "PLZ: $_POST[zip]\n"; $body .= "Ort: $_POST[city]\n"; $body .= "Telefon: $_POST[phone]\n"; $body .= "E-Mail: $_POST[mail]\n"; $body .= "Termin: $_POST[date]\n"; $body .= "Schule: $_POST[school]\n"; $body .= "Schüler: $_POST[students]\n"; $body .= "Bemerkungen: " . stripslashes($_POST['text']); @mail($to, $subject, $body, $headers); @mail("contact@mlenzelbauer.at", "Kopie: $subject", $body, $headers); #$f = fopen("mail.txt", "w"); #fwrite($f, $body); #fclose($f); } /** saves the customer data to the database */ //-------------------------------------------- function saveToDatabase(){ //-------------------------------------------- if (empty($_POST['mail'])) { return; } $query = sprintf("SELECT * FROM bruckmuehle_ticketcustomer WHERE email = %s LIMIT 1", sqlstring($_POST['mail'])); $result = dbQuery($query); if (mysql_num_rows($result) > 0) { return; } $gender = "m"; if ($_POST['gender'] == "Frau") { $gender = "f"; } $newsletter = "false"; if ($_POST['info']) { $newsletter = "true"; } $query = sprintf("INSERT INTO bruckmuehle_ticketcustomer (firstname, surname, email, address, zip, city, gender, phone, creationDate, newsletter, info, loose) VALUES (%s, %s, %s, %s, %d, %s, %s, %s, NOW(), %s, %s, 'true')", sqlstring($_POST['firstname']), sqlstring($_POST['surname']), sqlstring($_POST['mail']), sqlstring($_POST['street']), sqlnum($_POST['zip']), sqlstring($_POST['city']), sqlstring($gender), sqlstring($_POST['phone']), sqlstring($newsletter), sqlstring($newsletter)); dbQuery($query); } /** loads the user from the database */ //--------------------------------------------- function initUser() { //--------------------------------------------- $id = intval($_GET['usr']); if ($id > 0) { $query = sprintf("SELECT * FROM bruckmuehle_ticketcustomer WHERE id = %d", $id); $result = dbQuery($query); if ($line = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $hash = substr(md5("#" . $line['email'] . "#"), 0, 8); if ($_GET['hash'] == $hash) { $_POST['firstname'] = $line['firstname']; $_POST['surname'] = $line['surname']; $_POST['street'] = $line['address']; $_POST['zip'] = $line['zip']; $_POST['city'] = $line['city']; $_POST['mail'] = $line['email']; $_POST['phone'] = $line['phone']; $_POST['gender'] = $line['gender'] == "f" ? "Frau" : "Herr"; $_POST['userid'] = $line['id']; } } } if ($_GET['attendance'] == 1) { $_POST['attendance'] = "Ja, ich nehme teil"; } else { $_POST['attendance'] = "Nein, ich nehme nicht teil"; } } /** loads the event from the database */ //-------------------------------------------- function initEvent() { //-------------------------------------------- $id = intval($_GET['evt']); if ($id > 0) { $query = sprintf("SELECT * FROM bruckmuehle_attendanceblock WHERE id = %d", $id); $result = dbQuery($query); if ($line = mysqli_fetch_array($result, MYSQLI_ASSOC)) { $_POST['event'] = $line['event']; } } } /** converts the $_POST value to "ja" or "nein" * @param value checkbox value * @return "ja" or "nein" */ //-------------------------------------------- function yesOrNo($value){ //-------------------------------------------- if(isset($value) && !empty($value)){ return "ja"; } return "nein"; } ?>