• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • Examples
  • File List
  • Globals

cms/modules/form/registrationformsubmit.php

Go to the documentation of this file.
00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 { 
00004         header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005         echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006         echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007         exit(1);
00008 }
00016 /*
00017  * Make all POST variables name formid and elementid dependent (form_<form_id>_element_<elementid>)
00018  *
00019  * But, make all javascript name variables, formid, elementid AND one more random number dependent - to
00020  *                              allow more than one forms in the same page...
00021  *
00022  *
00023  *
00024  */
00025 
00026         function submitRegistrationForm($moduleCompId, $userId, $silent = false, $disableCaptcha = false) {
00028                 if($userId==0) {
00029                         $useridQuery = "SELECT MIN(`user_id`) - 1 AS MIN FROM `form_regdata` WHERE 1";
00030                         $useridResult = mysql_query($useridQuery);
00031                         if(mysql_num_rows($useridResult)>0) {
00032                                 $useridRow = mysql_fetch_assoc($useridResult);
00033                                 $userId = $useridRow['MIN'];
00034                         }
00035                         else
00036                                 $userId = -1;
00037                 }
00040                 if(!$disableCaptcha) {
00041                         $captchaQuery = 'SELECT `form_usecaptcha` FROM `form_desc` WHERE `page_modulecomponentid` = ' . $moduleCompId;
00042                         $captchaResult = mysql_query($captchaQuery);
00043                         $captchaRow = mysql_fetch_row($captchaResult);
00044                         if($captchaRow[0] == 1)
00045                                 if(!submitCaptcha())
00046                                         return false;
00047 
00048                 }
00050 
00051                 $query="SELECT `form_elementid`,`form_elementtype` FROM `form_elementdesc` WHERE `page_modulecomponentid`=$moduleCompId";
00052                 $result=mysql_query($query);
00053                 $allFieldsUpdated = true;
00054                 while($elementRow=mysql_fetch_assoc($result)) {
00055                         $type = $elementRow['form_elementtype'];
00056                         $elementId = $elementRow['form_elementid'];
00057                         $postVarName = "form_".$moduleCompId."_element_".$elementRow['form_elementid'];
00058                         $functionName = "submitRegistrationForm".ucfirst(strtolower($type));
00059 
00060                         $elementDescQuery="SELECT `form_elementname`,`form_elementsize`,`form_elementtypeoptions`,`form_elementmorethan`," .
00061                                         "`form_elementlessthan`,`form_elementcheckint`,`form_elementisrequired` FROM `form_elementdesc` " .
00062                                         "WHERE `page_modulecomponentid`=$moduleCompId AND `form_elementid` =$elementId";
00063                         $elementDescResult=mysql_query($elementDescQuery);
00064                         if (!$elementDescResult) {      displayerror('E69 : Invalid query: ' . mysql_error());  return false;   }
00065 
00066                         $elementDescRow = mysql_fetch_assoc($elementDescResult);
00067 
00068                         $elementName = $elementDescRow['form_elementname'];
00069                         $elementSize = $elementDescRow['form_elementsize'];
00070                         $elementTypeOptions = $elementDescRow['form_elementtypeoptions'];
00071                         $elementMoreThan = $elementDescRow['form_elementmorethan'];
00072                         $elementLessThan = $elementDescRow['form_elementlessthan'];
00073                         $elementCheckInt = ($elementDescRow['form_elementcheckint'])==1?true:false;
00074                         $elementIsRequired = ($elementDescRow['form_elementisrequired'])==1?true:false;
00075 
00076                         if($functionName($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired)==false)   {
00077                         //      displayerror("Error in inputting data in function $functionName.");
00078                                 $allFieldsUpdated = false;
00079                                 break;
00080                         }
00081                 }
00082                 if(!$allFieldsUpdated) {
00083                         if($userId < 0)
00084                                 unregisterUser($moduleCompId,$userId);
00085                         else {
00086                                 if (!verifyUserRegistered($moduleCompId, $userId)) {
00087                                         $deleteelementdata_query = "DELETE FROM `form_elementdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId ";
00088                                         $deleteelementdata_result = mysql_query($deleteelementdata_query);
00089                                 }
00090                                 return false;
00091                         }
00092                 }
00093                 else {
00094                         if(!verifyUserRegistered($moduleCompId,$userId)) {
00095                                 registerUser($moduleCompId,$userId);
00096                         }
00097                         else
00098                                 updateUser($moduleCompId,$userId);
00099                         if(!$silent)
00100                         {
00101                                 $footerQuery = "SELECT `form_footertext`, `form_sendconfirmation` FROM `form_desc` WHERE `page_modulecomponentid` = $moduleCompId";
00102                                 $footerResult = mysql_query($footerQuery);
00103                                 $footerRow = mysql_fetch_row($footerResult);
00104 
00105                                 $footerText = $footerRow[0];
00106                                 $footerTextLength = strlen($footerText);
00107 
00108                                 if ($footerTextLength > 7) {
00109                                         if (substr($footerText, 0, 4) == '<!--' && substr($footerText, $footerTextLength - 3) == '-->')
00110                                                 $footerText = substr($footerText, 4, $footerTextLength - 7);
00111                                         else
00112                                                 $footerText = '';
00113                                 }
00114                                 else
00115                                         $footerText = '';
00116 
00117                                 displayinfo($footerText == '' ? "User successfully registered!" : $footerText);
00118                                 // send mail code starts here - see common.lib.php for more
00119 
00120                                 if ($footerRow[1]) {
00121                                         $from = CMS_EMAIL;
00122                                         $to = getUserEmail($userId);
00123 
00124                                         $pageId = getPageIdFromModuleComponentId('form',$moduleCompId);
00125                                         $parentPage = getParentPage($pageId);
00126                                         $formname = getPageTitle($parentPage);
00127                                         $keyid = $finalName = str_pad($userId, 5,'0', STR_PAD_LEFT);
00128                                         $key = '';
00129                                         $mailtype = "form_registration_mail";
00130                                         $messenger = new messenger(false);
00131 
00132                                         global $onlineSiteUrl;                          
00133                                         $messenger->assign_vars(array('FORMNAME'=>"$formname",'KEY'=>"$key",'WEBSITE'=>CMS_TITLE,'DOMAIN'=>$onlineSiteUrl,      'NAME'=>getUserFullName($userId)));
00134                                         if ($messenger->mailer($to,$mailtype,$key,$from))
00135                                                         displayinfo("You have been succesfully registered to $formname and a registration confirmation mail has been sent. Kindly check your e-mail.");
00136                                                 else 
00137                                                         displayerror("Registration confirmation mail sending failure. Kindly contact webadmin@pragyan.org");
00138                                         
00139                                 }
00140 
00141                                 // send mail code ends here
00142                         }
00143                 }
00144                 return true;
00145         }
00148         function submitCaptcha(){
00149                 if($_POST['captcha'])
00150                         {
00151                         global $sourceFolder, $moduleFolder, $cmsFolder;
00152                         require_once("$sourceFolder/$moduleFolder/form/captcha/recaptcha/recaptchalib.php");
00153                         $query = "SELECT `value` FROM `". MYSQL_DATABASE_PREFIX ."global` WHERE `attribute`='recaptcha_private'";
00154                         $res = mysql_fetch_assoc(mysql_query($query));
00155                         $private_key = $res['value'];
00156                         if ($_POST["recaptcha_response_field"]) {
00157                                         $resp = recaptcha_check_answer ($private_key,
00158                                         $_SERVER["REMOTE_ADDR"],
00159                                         $_POST["recaptcha_challenge_field"],
00160                                         $_POST["recaptcha_response_field"]);
00161 
00162                          if ($resp->is_valid) 
00163                                 return true;
00164                                 }
00165                         }
00166                         else
00167                         {
00168                   if(isset($_SESSION['CAPTCHAString']) && isset($_POST['txtCaptcha']))
00169                         if(strtolower($_SESSION['CAPTCHAString']) == strtolower($_POST['txtCaptcha']))
00170                                 return true;
00171                         }
00172                 displayerror('The text did not match the letters in the image. Please try again.');
00173                 return false;
00174         }
00175 
00176         function submitRegistrationFormText($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00177                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || trim($_POST[$postVarName]) == "")) {
00178                         displayerror("Essential field $elementName is missing");
00179                         return false;
00180                 }
00181 
00182                 $submitData = escape(trim($_POST[$postVarName]));
00183                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00184                                                 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00185                 $textResult = mysql_query($textQuery);
00186                 if (!$textResult) {     displayerror('E46 : Invalid query: ' . mysql_error());  return false;   }
00187 
00188                 $query="SELECT * FROM `form_elementdesc` WHERE `page_modulecomponentid`=$moduleCompId AND `form_elementid` =$elementId";
00189                 $result=mysql_query($query);
00190                 $fetch=mysql_fetch_assoc($result);
00191                 if($elementSize>0)
00192                 {
00193                         if(strlen($submitData) > $elementSize) {
00194                                 displayerror("$elementName is more than element size");
00195                                 return false;
00196                         }
00197                 }
00198                 if($elementMoreThan!=0)
00199                 {
00200                         if($elementMoreThan > $submitData) {
00201                                 displayerror("$elementName is less than element minimum value");
00202                                 return false;
00203                         }
00204                 }
00205                 if($elementLessThan!=0)
00206                 {
00207                         if($elementLessThan < $submitData) {
00208                                 displayerror("$elementName is more than element maximum value");
00209                                 return false;
00210                         }
00211                 }
00212                 if($elementCheckInt)
00213                 {
00214                         if(!is_numeric($submitData)) {
00215                                 if($submitData != '') {
00216                                         displayerror("$elementName is not of type int");
00217                                         return false;
00218                                 }
00219                         }
00220                 }
00221                 if(mysql_num_rows($textResult)>0) {
00222                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".$submitData."' ".
00223                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00224                         $textUpdateResult = mysql_query($textUpdateQuery);
00225                         if (!$textUpdateResult) {       displayerror('E67 : Invalid query: ' . mysql_error());  return false;   }
00226                 } else {
00227                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00228                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '". $submitData ."')";
00229                         $textInsertResult = mysql_query($textInsertQuery);
00230                         if (!$textInsertResult) {       displayerror('E13 : Invalid query: ' . mysql_error());  return false;   }
00231                 }
00232                 return true;
00233         }
00234 
00235         function submitRegistrationFormTextarea($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00236                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || trim($_POST[$postVarName] == "" ))) {
00237                         displayerror("Essential field $elementName is missing");
00238                         return false;
00239                 }
00240                 elseif(!isset($_POST[$postVarName]) && !$elementIsRequired) {
00241                         return true;
00242                 }
00243                 $submitData = escape(trim($_POST[$postVarName]));
00244 
00245                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00246                                                 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00247                 $textResult = mysql_query($textQuery);
00248                 if (!$textResult) {     displayerror('E34 : Invalid query: ' . mysql_error());  return false;   }
00249 
00250                 if(mysql_num_rows($textResult)>0) {
00251                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '$submitData' ".
00252                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00253                         $textUpdateResult = mysql_query($textUpdateQuery);
00254                         if (!$textUpdateResult) {       displayerror('E12 : Invalid query: ' . mysql_error());  return false;   }
00255                 } else {
00256                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00257                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '$submitData')";
00258                         $textInsertResult = mysql_query($textInsertQuery);
00259                         if (!$textInsertResult) {       displayerror('E89 : Invalid query: ' . mysql_error());  return false;   }
00260                 }
00261                 return true;
00262 
00263         }
00264 
00265         function submitRegistrationFormRadio($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00266                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || $_POST[$postVarName] == "")) {
00267                         displayerror("Essential field ".$elementName." is missing");
00268                         return false;
00269                 }
00270 
00271                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00272                                                 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00273                 $textResult = mysql_query($textQuery);
00274                 if (!$textResult) {     displayerror('E73 : Invalid query: ' . mysql_error());  return false;   }
00275 
00276                 $optionNumber = escape($_POST[$postVarName]);
00277                 $options = explode("|",$elementTypeOptions);
00278 
00279                 if(count($options)<($optionNumber+1)){
00280                         displayerror("$elementName is out of bounds of the available number of options.");
00281                         return false;
00282                 }
00283 
00284                 if(mysql_num_rows($textResult)>0) {
00285                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '" . $options[$optionNumber] . "' ".
00286                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00287                         $textUpdateResult = mysql_query($textUpdateQuery);
00288                         if (!$textUpdateResult) {       displayerror('E28 : Invalid query: ' . mysql_error());  return false;   }
00289                 } else {
00290                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00291                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $options[$optionNumber] . "')";
00292                         $textInsertResult = mysql_query($textInsertQuery);
00293                         if (!$textInsertResult) {       displayerror('E90 : Invalid query: ' . mysql_error());  return false;   }
00294                 }
00295                 return true;
00296 
00297 
00298         }
00299 
00300         function submitRegistrationFormCheckbox($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00301 
00302                 $options = explode("|",$elementTypeOptions);
00303                 $i=-1;
00304                 $values = array();
00305                 foreach($options as $value) {
00306                         $i++;
00307                         if(!isset($_POST[$postVarName."_".$i]))
00308                                 continue;
00309 
00310                         $values[] = $value;
00311                 }
00312 
00313                 $valuesString = join($values,"|");
00314 
00315                 if($elementIsRequired &&  $valuesString == "") {
00316                         displayerror("Essential field ".$elementName." is missing");
00317                         return false;
00318                 }
00319 
00320                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00321                                                         "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00322                 $textResult = mysql_query($textQuery);
00323                 if (!$textResult) {     displayerror('E91 : Invalid query: '.$textQuery . mysql_error());       return false;   }
00324 
00325 
00326                 if(mysql_num_rows($textResult)>0) {
00327                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '$valuesString' ".
00328                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00329                         $textUpdateResult = mysql_query($textUpdateQuery);
00330                         if (!$textUpdateResult) {       displayerror('E78 : Invalid query: ' . mysql_error());  return false;   }
00331                 } else {
00332                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00333                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '$valuesString')";
00334                         $textInsertResult = mysql_query($textInsertQuery);
00335                         if (!$textInsertResult) {       displayerror('E55 : Invalid query: ' . mysql_error());  return false;   }
00336                 }
00337 
00338                 return true;
00339 
00340         }
00341 
00342         function submitRegistrationFormSelect($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00343                 if($elementIsRequired && ( !is_numeric($_POST[$postVarName]) || !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00344                         displayerror("Essential field ".$elementName." is missing");
00345                         return false;
00346                 }
00347                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00348                                                 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00349                 $textResult = mysql_query($textQuery);
00350                 if (!$textResult) {     displayerror('E64 : Invalid query: ' . mysql_error());  return false;   }
00351                 $optionNumber = escape($_POST[$postVarName]);
00352                 $options = explode("|",$elementTypeOptions);
00353 
00354                 if(count($options)<($optionNumber+1)){
00355                         displayerror("$elementName is out of bounds of the available number of options.");
00356                         return false;
00357                 }
00358 
00359                 if(mysql_num_rows($textResult)>0) {
00360                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '" . $options[$optionNumber] ."' ".
00361                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00362                         $textUpdateResult = mysql_query($textUpdateQuery);
00363                         if (!$textUpdateResult) {       displayerror('E102 : Invalid query: ' . mysql_error());         return false;   }
00364                 } else {
00365                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00366                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $options[$optionNumber] . "')";
00367                         $textInsertResult = mysql_query($textInsertQuery);
00368                         if (!$textInsertResult) {       displayerror('E121 : Invalid query: ' . mysql_error());         return false;   }
00369                 }
00370                 return true;
00371 
00372         }
00373 
00374         function submitRegistrationFormPassword($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00375                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00376                         displayerror("Essential field ".$elementName." is missing");
00377                         return false;
00378                 }
00379                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00380                                                 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00381                 $textResult = mysql_query($textQuery);
00382                 if (!$textResult) {     displayerror('E234 : Invalid query: ' . mysql_error());         return false;   }
00383 
00384                 if(mysql_num_rows($textResult)>0) {
00385                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".escape($_POST[$postVarName])."' ".
00386                                                                 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00387                         $textUpdateResult = mysql_query($textUpdateQuery);
00388                         if (!$textUpdateResult) {       displayerror('E39 : Invalid query: ' . mysql_error());  return false;   }
00389                 } else {
00390                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00391                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . escape($_POST[$postVarName]) . "')";
00392                         $textInsertResult = mysql_query($textInsertQuery);
00393                         if (!$textInsertResult) {       displayerror('E42 : Invalid query: ' . mysql_error());  return false;   }
00394                 }
00395                 return true;
00396         }
00397 
00398         function submitRegistrationFormFile($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00399                 if($elementIsRequired && !isset($_FILES[$postVarName])) {
00400                         displayerror('Required file ' . $elementName . ' not uploaded.');
00401                         return false;
00402                 }
00403 
00404                 $existsQuery = "SELECT `form_elementdata` from `form_elementdata` WHERE `user_id` = $userId AND " .
00405                                         "`page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00406                 $existsResult = mysql_query($existsQuery);
00407 
00408                 global $sourceFolder;
00409                 require_once("$sourceFolder/upload.lib.php");
00411                 if($_FILES[$postVarName]['error'][0] != UPLOAD_ERR_NO_FILE) {
00412                         if(mysql_num_rows($existsResult)>0) {
00413                                 $existsRow = mysql_fetch_array($existsResult);
00414                                 if(deleteFile( $moduleCompId,'form', $existsRow[0])) {
00415                                         $deleteQuery = "DELETE FROM `form_elementdata` WHERE `form_elementid` = $elementId AND `page_modulecomponentid` = $moduleCompId";
00416                                         mysql_query($deleteQuery);
00417                                 }
00418                         }
00419                 }
00420                 $maxFileSizeInBytes = $elementLessThan;
00421                 if($maxFileSizeInBytes == NULL || $maxFileSizeInBytes == "" || $maxFileSizeInBytes == 0) $maxFileSizeInBytes = 2*1024*1024;
00422                 if(trim($elementTypeOptions)=="") $uploadableFileTypes = false;
00423                 else {
00424                         $uploadableFileTypes = explode( "|" , $elementTypeOptions );
00425                         if(count($uploadableFileTypes)==0) $uploadableFileTypes = false;
00426                 }
00427                 $uploadFileName = submitFileUploadForm($moduleCompId, "form", $userId, $maxFileSizeInBytes , $uploadableFileTypes, $postVarName);
00428                 if(!isset($uploadFileName[0])) {
00429                         return !$elementIsRequired;
00430                 }
00431                 $uploadFileName = $uploadFileName[0];
00432 
00433                 $submitQuery = 'INSERT INTO `form_elementdata`(`user_id`, `page_modulecomponentid`, `form_elementid`, `form_elementdata`) ' .
00434                                                                         "VALUES($userId, $moduleCompId, $elementId, '$uploadFileName')";
00435                 if(!mysql_query($submitQuery) || mysql_affected_rows() != 1) {
00436                         displayerror('Error updating information in the database.');
00437                         return false;
00438                 }
00439                 return true;
00440         }
00441 
00442         function submitRegistrationFormDate($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00443                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00444                         displayerror("Essential field ".$elementName." is missing");
00445                         return false;
00446                 }
00447                 if(!$elementIsRequired && $_POST[$postVarName]=="") return true;
00448                 if(!verifyDate(escape($_POST[$postVarName]))) return false;
00449                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00450                                                         "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00451                 $textResult = mysql_query($textQuery);
00452                 if (!$textResult) {     displayerror('E134 : Invalid query: ' . mysql_error());         return false;   }
00453 
00454                 if(mysql_num_rows($textResult)>0) {
00455                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".escape($_POST[$postVarName])."' ".
00456                                                                         "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00457                         $textUpdateResult = mysql_query($textUpdateQuery);
00458                         if (!$textUpdateResult) {       displayerror('E12 : Invalid query: ' . mysql_error());  return false;   }
00459                 } else {
00460                                 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00461                                                                         "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . escape($_POST[$postVarName]) . "')";
00462                                 $textInsertResult = mysql_query($textInsertQuery);
00463                                 if (!$textInsertResult) {       displayerror('E89 : Invalid query: ' . mysql_error());  return false;   }
00464                 }
00465                         return true;
00466 
00467         }
00468 
00469         function submitRegistrationFormDatetime($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00470                 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00471                         displayerror("Essential field ".$elementName." is missing");
00472                         return false;
00473                 }
00474                 if(!$elementIsRequired && $_POST[$postVarName]=="") return true;
00475                 $strdatetime=escape($_POST[$postVarName]);
00476                 $pos=strpos($strdatetime," ");
00477                 $date=substr($strdatetime,0,($pos));
00478                 $time=substr($strdatetime,$pos+1,strlen($strdatetime));
00479                 if(!verifyDate($date))
00480                                 return false;
00481                 if(!verifyTime($time))
00482                                 return false;
00483                 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00484                                                         "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00485                 $textResult = mysql_query($textQuery);
00486                 if (!$textResult) {     displayerror('E234 : Invalid query: ' . mysql_error());         return false;   }
00487 
00488                 if(mysql_num_rows($textResult)>0) {
00489                         $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".escape($_POST[$postVarName])."' ".
00490                                                                         "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00491                         $textUpdateResult = mysql_query($textUpdateQuery);
00492                         if (!$textUpdateResult) {       displayerror('E12 : Invalid query: ' . mysql_error());  return false;   }
00493                 } else {
00494                         $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00495                                                                 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . escape($_POST[$postVarName]) . "')";
00496                         $textInsertResult = mysql_query($textInsertQuery);
00497                         if (!$textInsertResult) {       displayerror('E89 : Invalid query: ' . mysql_error());  return false;   }
00498                 }
00499                         return true;
00500         }
00501 
00502         function verifyDate($inputDate){
00503                 $datePattern = '/^(?P<year>19[5-9][0-9]|20[0-4][0-9]|2050)-(?P<month>0[1-9]|1[0-2])-(?P<date>0[1-9]|[12][0-9]|3[01])$/';
00504                 $matches = array();
00505                 $isMatch = preg_match($datePattern, $inputDate, $matches);
00506                 if(!$isMatch) {
00507                         displayerror("Enter the date in 'YYYY-MM-DD' format");
00508                         return false;
00509                 }
00510 
00511                 $year = $matches['year'];
00512                 $month = $matches['month'];
00513                 $date = $matches['date'];
00514 
00515                 if($year < 1950 || $year > 2050) {
00516                         displayerror($year . ' Enter a valid year.');
00517                         return false;
00518                 }
00519                 if($month > 12) {
00520                         displayerror('Enter a valid month.');
00521                         return false;
00522                 }
00523                 if($date > 31) {
00524                         displayerror('Enter a valid date.');
00525                         return false;
00526                 }
00527                 switch($month) {
00528                         case 2:
00529                                 if(($year % 4 && $date > 28) || (!($year % 4) && $date > 29)) {
00530                                         displayerror('Enter a valid date for February.');
00531                                         return false;
00532                                 }
00533                         break;
00534 
00535                         case 4:
00536                         case 6:
00537                         case 9:
00538                         case 11:
00539                                 if($date > 30) {
00540                                         displayerror('Enter a valid date for the specified month.');
00541                                         return false;
00542                                 }
00543                 }
00544 
00545                 return true;
00546         }
00547 
00548         function verifyTime($inputTime){
00549                 $timePattern = '/^([01][0-9]|2[0-3]):[0-5][0-9]$/';
00550                 if(!preg_match($timePattern, $inputTime)) {
00551                         displayerror("Enter the time in 'HH:MM' format in 24 hours clock");
00552                         return false;
00553                 }
00554                 return true;
00555         }
00556 
00557         function insertFormView($moduleComponentId, $userId) {
00558                 $existsQuery = "SELECT COUNT(*) FROM `form_visits` WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00559                 $existsResult = mysql_query($existsQuery);
00560                 $existsRow = mysql_fetch_row($existsResult);
00561 
00562                 if ($existsRow[0] == 0) {
00563                         $insertQuery = "INSERT INTO `form_visits`(`page_modulecomponentid`, `user_id`, `user_submitcount`, `user_firstvisit`) VALUES " .
00564                                         "($moduleComponentId, $userId, 0, NOW())";
00565                         mysql_query($insertQuery);
00566                 }
00567         }
00568 
00569         function updateFormSubmitCount($moduleComponentId, $userId) {
00570                 $existsQuery = "SELECT COUNT(*) FROM `form_visits` WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00571                 $existsResult = mysql_query($existsQuery);
00572                 $existsRow = mysql_fetch_row($existsResult);
00573 
00574                 if ($existsRow[0] == 1)
00575                         $updateQuery = "UPDATE `form_visits` SET `user_submitcount` = `user_submitcount` + 1 WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00576                 else
00577                         $updateQuery = "INSERT INTO `form_visits`(`page_modulecomponentid`, `user_id`, `user_submitcount`, `user_firstvisit`) VALUES " .
00578                                         "($moduleComponentId, $userId, 1, NOW())";
00579                 mysql_query($updateQuery);
00580         }
00581 
00583         function registerUser($moduleCompId,$userId) {
00584                 $registeruser_query = "INSERT INTO `form_regdata` (`user_id` ,`page_modulecomponentid` ,`form_firstupdated` ,`form_lastupdated`) " .
00585                                 "VALUES ('$userId', '$moduleCompId', CURRENT_TIMESTAMP , CURRENT_TIMESTAMP)";
00586                 $registeruser_result = mysql_query($registeruser_query);
00587                 if(mysql_affected_rows()>0){
00588 
00589 
00590                         global $sourceFolder;
00591                         require_once($sourceFolder."/group.lib.php");
00592                         $groupId = getGroupIdFromFormId($moduleCompId);
00593                         if($groupId!=false) {
00594                                 if(addUserToGroupId($groupId, $userId))
00595                                         return true;
00596                                 else {
00597                                         displayerror("Error in registering user to group.");
00598                                         return false;
00599                                 }
00600                         }
00601                         return true;
00602                 }
00603                 else {
00604                         displayerror("Error in registering user to form.");
00605                         return false;
00606                 }
00607         }
00609         function updateUser($moduleCompId,$userId) {
00610                 
00611 
00612                 $updateuser_query = "UPDATE `form_regdata` SET `form_lastupdated` = CURRENT_TIMESTAMP WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId";
00613                 $updateuser_result = mysql_query($updateuser_query);
00614                 if(mysql_affected_rows()>0)
00615                         return true;
00616                 else
00617                         return false;
00618         }
00620         function verifyUserRegistered($moduleCompId,$userId) {
00621                 if($userId == 0)        return false;
00622                 $verifyuser_query = " SELECT 1 FROM `form_regdata` WHERE `user_id` =$userId AND `page_modulecomponentid` = $moduleCompId";
00623                 $verifyuser_result = mysql_query($verifyuser_query);
00624                 if (!$verifyuser_result) {
00625                         displayerror('E39 : Invalid query: '.$verifyuser_query . mysql_error());
00626                         return false;
00627                 }
00629                 if(mysql_num_rows($verifyuser_result)>0)
00630                         return true;
00631                 else
00632                         return false;
00633         }
00635         function verifyUserProfileFilled($userId) {
00636                 $verifyprofile_query = 'SELECT s.form_elementname ' .
00637                                 'FROM `form_elementdesc` s LEFT JOIN `form_elementdata` d ' .
00638                                 '       ON s.form_elementid = d.form_elementid AND s.page_modulecomponentid = d.page_modulecomponentid AND d.user_id='.$userId.' ' .
00639                                 '   WHERE s.form_elementisrequired = 1 AND s.page_modulecomponentid = 0 ' .
00640                                 '       AND (d.form_elementdata IS NULL OR d.form_elementdata = "")';
00641                 $verifyprofile_result = mysql_query($verifyprofile_query);
00642                 if(!$verifyprofile_result)
00643                         return false;
00644                 if(mysql_num_rows($verifyprofile_result)>0)
00645                         return false;
00646                 else
00647                         return true;
00648         }
00650         function unregisterUser($moduleCompId, $userId, $silentOnSuccess = false) {
00651                 if(verifyUserRegistered($moduleCompId,$userId)){
00652                         $unregisteruser_query = "DELETE FROM `form_regdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId";
00653                         $unregisteruser_result = mysql_query($unregisteruser_query);
00654 
00656                         $fileFieldQuery = 'SELECT `form_elementdata` FROM `form_elementdata`, `form_elementdesc` WHERE ' .
00657                                                 "`form_elementdata`.`page_modulecomponentid` = $moduleCompId AND `form_elementtype` = 'file' AND " .
00658                                                 "`form_elementdata`.`user_id` = $userId AND `form_elementdesc`.`page_modulecomponentid` = `form_elementdata`.`page_modulecomponentid` AND " .
00659                                                 "`form_elementdata`.`form_elementid` = `form_elementdesc`.`form_elementid`";
00660                         $fileFieldResult = mysql_query($fileFieldQuery);
00661 
00662                         global $sourceFolder;
00663                         require_once("$sourceFolder/upload.lib.php");
00664                         while($fileFieldRow = mysql_fetch_row($fileFieldResult)) {
00665                                 deleteFile($moduleCompId, 'form', $fileFieldRow[0]);
00666                         }
00667 
00668                         $deleteelementdata_query = "DELETE FROM `form_elementdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId ";
00669                         $deleteelementdata_result = mysql_query($deleteelementdata_query);
00670 
00671                         if($deleteelementdata_result) {
00672                                 global $sourceFolder;
00673                                 require_once($sourceFolder."/group.lib.php");
00674                                 $groupId = getGroupIdFromFormId($moduleCompId);
00675                                 if($groupId!=false) {
00676                                         if(removeUserFromGroupId($groupId, $userId)) {
00677                                                 if(!$silentOnSuccess)
00678                                                         displayinfo("User successfully unregistered");
00679                                                 return true;
00680                                         }
00681                                         else {
00682                                                 displayerror("Unable to unregister user from group.");
00683                                                 return false;
00684                                         }
00685                                 }
00686                                 else {
00687                                         if(!$silentOnSuccess)
00688                                                 displayinfo("User successfully unregistered");
00689                                         return true;
00690                                 }
00691                         }
00692                         else {
00693                                 displayerror("Error in unregistering user.");
00694                                 return false;
00695                         }
00696                 }
00697                 else {
00698                         displaywarning("User not registered!");
00699                         return false;
00700                 }
00701         }
00702 
00703 ?>

Generated on Sun Jan 2 2011 04:55:32 for Pragyan CMS by  doxygen 1.7.1