00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 {
00004 header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005 echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006 echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007 exit(1);
00008 }
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026 function submitRegistrationForm($moduleCompId, $userId, $silent = false, $disableCaptcha = false) {
00028 if($userId==0) {
00029 $useridQuery = "SELECT MIN(`user_id`) - 1 AS MIN FROM `form_regdata` WHERE 1";
00030 $useridResult = mysql_query($useridQuery);
00031 if(mysql_num_rows($useridResult)>0) {
00032 $useridRow = mysql_fetch_assoc($useridResult);
00033 $userId = $useridRow['MIN'];
00034 }
00035 else
00036 $userId = -1;
00037 }
00040 if(!$disableCaptcha) {
00041 $captchaQuery = 'SELECT `form_usecaptcha` FROM `form_desc` WHERE `page_modulecomponentid` = ' . $moduleCompId;
00042 $captchaResult = mysql_query($captchaQuery);
00043 $captchaRow = mysql_fetch_row($captchaResult);
00044 if($captchaRow[0] == 1)
00045 if(!submitCaptcha())
00046 return false;
00047
00048 }
00050
00051 $query="SELECT `form_elementid`,`form_elementtype` FROM `form_elementdesc` WHERE `page_modulecomponentid`=$moduleCompId";
00052 $result=mysql_query($query);
00053 $allFieldsUpdated = true;
00054 while($elementRow=mysql_fetch_assoc($result)) {
00055 $type = $elementRow['form_elementtype'];
00056 $elementId = $elementRow['form_elementid'];
00057 $postVarName = "form_".$moduleCompId."_element_".$elementRow['form_elementid'];
00058 $functionName = "submitRegistrationForm".ucfirst(strtolower($type));
00059
00060 $elementDescQuery="SELECT `form_elementname`,`form_elementsize`,`form_elementtypeoptions`,`form_elementmorethan`," .
00061 "`form_elementlessthan`,`form_elementcheckint`,`form_elementisrequired` FROM `form_elementdesc` " .
00062 "WHERE `page_modulecomponentid`=$moduleCompId AND `form_elementid` =$elementId";
00063 $elementDescResult=mysql_query($elementDescQuery);
00064 if (!$elementDescResult) { displayerror('E69 : Invalid query: ' . mysql_error()); return false; }
00065
00066 $elementDescRow = mysql_fetch_assoc($elementDescResult);
00067
00068 $elementName = $elementDescRow['form_elementname'];
00069 $elementSize = $elementDescRow['form_elementsize'];
00070 $elementTypeOptions = $elementDescRow['form_elementtypeoptions'];
00071 $elementMoreThan = $elementDescRow['form_elementmorethan'];
00072 $elementLessThan = $elementDescRow['form_elementlessthan'];
00073 $elementCheckInt = ($elementDescRow['form_elementcheckint'])==1?true:false;
00074 $elementIsRequired = ($elementDescRow['form_elementisrequired'])==1?true:false;
00075
00076 if($functionName($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired)==false) {
00077
00078 $allFieldsUpdated = false;
00079 break;
00080 }
00081 }
00082 if(!$allFieldsUpdated) {
00083 if($userId < 0)
00084 unregisterUser($moduleCompId,$userId);
00085 else {
00086 if (!verifyUserRegistered($moduleCompId, $userId)) {
00087 $deleteelementdata_query = "DELETE FROM `form_elementdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId ";
00088 $deleteelementdata_result = mysql_query($deleteelementdata_query);
00089 }
00090 return false;
00091 }
00092 }
00093 else {
00094 if(!verifyUserRegistered($moduleCompId,$userId)) {
00095 registerUser($moduleCompId,$userId);
00096 }
00097 else
00098 updateUser($moduleCompId,$userId);
00099 if(!$silent)
00100 {
00101 displayinfo("User successfully registered!");
00102
00103
00104
00105
00106
00107
00108
00109
00110
00111
00112
00113
00114
00115
00116
00117
00118
00119
00120
00121
00122
00123
00124
00125
00126
00127
00128
00129
00130
00131
00132
00133
00134
00135
00136
00137
00138
00139
00140
00141
00142
00143
00144
00145
00146
00147 }
00148 }
00149 return true;
00150 }
00153 function submitCaptcha(){
00154 if(isset($_SESSION['CAPTCHAString']) && isset($_POST['txtCaptcha']))
00155 if(strtolower($_SESSION['CAPTCHAString']) == strtolower($_POST['txtCaptcha']))
00156 return true;
00157 displayerror('The text did not match the letters in the image. Please try again.');
00158 return false;
00159 }
00160
00161 function submitRegistrationFormText($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00162 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || trim($_POST[$postVarName]) == "")) {
00163 displayerror("Essential field $elementName is missing");
00164 return false;
00165 }
00166
00167 $submitData = trim($_POST[$postVarName]);
00168 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00169 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00170 $textResult = mysql_query($textQuery);
00171 if (!$textResult) { displayerror('E46 : Invalid query: ' . mysql_error()); return false; }
00172
00173 $query="SELECT * FROM `form_elementdesc` WHERE `page_modulecomponentid`=$moduleCompId AND `form_elementid` =$elementId";
00174 $result=mysql_query($query);
00175 $fetch=mysql_fetch_assoc($result);
00176 if($elementSize>0)
00177 {
00178 if(strlen($submitData) > $elementSize) {
00179 displayerror("$elementName is more than element size");
00180 return false;
00181 }
00182 }
00183 if($elementMoreThan!=0)
00184 {
00185 if($elementMoreThan > $submitData) {
00186 displayerror("$elementName is less than element minimum value");
00187 return false;
00188 }
00189 }
00190 if($elementLessThan!=0)
00191 {
00192 if($elementLessThan < $submitData) {
00193 displayerror("$elementName is more than element maximum value");
00194 return false;
00195 }
00196 }
00197 if($elementCheckInt)
00198 {
00199 if(!is_numeric($submitData)) {
00200 if($submitData != '') {
00201 displayerror("$elementName is not of type int");
00202 return false;
00203 }
00204 }
00205 }
00206 if(mysql_num_rows($textResult)>0) {
00207 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".$submitData."' ".
00208 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00209 $textUpdateResult = mysql_query($textUpdateQuery);
00210 if (!$textUpdateResult) { displayerror('E67 : Invalid query: ' . mysql_error()); return false; }
00211 } else {
00212 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00213 "VALUES ( '$userId', '$moduleCompId', '$elementId', '". $submitData ."')";
00214 $textInsertResult = mysql_query($textInsertQuery);
00215 if (!$textInsertResult) { displayerror('E13 : Invalid query: ' . mysql_error()); return false; }
00216 }
00217 return true;
00218 }
00219
00220 function submitRegistrationFormTextarea($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00221 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || trim($_POST[$postVarName] == "" ))) {
00222 displayerror("Essential field $elementName is missing");
00223 return false;
00224 }
00225 elseif(!isset($_POST[$postVarName]) && !$elementIsRequired) {
00226 return true;
00227 }
00228 $submitData = trim($_POST[$postVarName]);
00229
00230 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00231 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00232 $textResult = mysql_query($textQuery);
00233 if (!$textResult) { displayerror('E34 : Invalid query: ' . mysql_error()); return false; }
00234
00235 if(mysql_num_rows($textResult)>0) {
00236 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '$submitData' ".
00237 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00238 $textUpdateResult = mysql_query($textUpdateQuery);
00239 if (!$textUpdateResult) { displayerror('E12 : Invalid query: ' . mysql_error()); return false; }
00240 } else {
00241 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00242 "VALUES ( '$userId', '$moduleCompId', '$elementId', '$submitData')";
00243 $textInsertResult = mysql_query($textInsertQuery);
00244 if (!$textInsertResult) { displayerror('E89 : Invalid query: ' . mysql_error()); return false; }
00245 }
00246 return true;
00247
00248 }
00249
00250 function submitRegistrationFormRadio($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00251 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == NULL || $_POST[$postVarName] == "")) {
00252 displayerror("Essential field ".$elementName." is missing");
00253 return false;
00254 }
00255
00256 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00257 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00258 $textResult = mysql_query($textQuery);
00259 if (!$textResult) { displayerror('E73 : Invalid query: ' . mysql_error()); return false; }
00260
00261 $optionNumber = $_POST[$postVarName];
00262 $options = explode("|",$elementTypeOptions);
00263
00264 if(count($options)<($optionNumber+1)){
00265 displayerror("$elementName is out of bounds of the available number of options.");
00266 return false;
00267 }
00268
00269 if(mysql_num_rows($textResult)>0) {
00270 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '" . $options[$optionNumber] . "' ".
00271 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00272 $textUpdateResult = mysql_query($textUpdateQuery);
00273 if (!$textUpdateResult) { displayerror('E28 : Invalid query: ' . mysql_error()); return false; }
00274 } else {
00275 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00276 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $options[$optionNumber] . "')";
00277 $textInsertResult = mysql_query($textInsertQuery);
00278 if (!$textInsertResult) { displayerror('E90 : Invalid query: ' . mysql_error()); return false; }
00279 }
00280 return true;
00281
00282
00283 }
00284
00285 function submitRegistrationFormCheckbox($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00286
00287 $options = explode("|",$elementTypeOptions);
00288 $i=-1;
00289 $values = array();
00290 foreach($options as $value) {
00291 $i++;
00292 if(!isset($_POST[$postVarName."_".$i]))
00293 continue;
00294
00295 $values[] = $value;
00296 }
00297
00298 $valuesString = join($values,"|");
00299
00300 if($elementIsRequired && $valuesString == "") {
00301 displayerror("Essential field ".$elementName." is missing");
00302 return false;
00303 }
00304
00305 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00306 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00307 $textResult = mysql_query($textQuery);
00308 if (!$textResult) { displayerror('E91 : Invalid query: '.$textQuery . mysql_error()); return false; }
00309
00310
00311 if(mysql_num_rows($textResult)>0) {
00312 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '$valuesString' ".
00313 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00314 $textUpdateResult = mysql_query($textUpdateQuery);
00315 if (!$textUpdateResult) { displayerror('E78 : Invalid query: ' . mysql_error()); return false; }
00316 } else {
00317 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00318 "VALUES ( '$userId', '$moduleCompId', '$elementId', '$valuesString')";
00319 $textInsertResult = mysql_query($textInsertQuery);
00320 if (!$textInsertResult) { displayerror('E55 : Invalid query: ' . mysql_error()); return false; }
00321 }
00322
00323 return true;
00324
00325 }
00326
00327 function submitRegistrationFormSelect($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00328 if($elementIsRequired && ( !is_numeric($_POST[$postVarName]) || !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00329 displayerror("Essential field ".$elementName." is missing");
00330 return false;
00331 }
00332 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00333 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00334 $textResult = mysql_query($textQuery);
00335 if (!$textResult) { displayerror('E64 : Invalid query: ' . mysql_error()); return false; }
00336 $optionNumber = $_POST[$postVarName];
00337 $options = explode("|",$elementTypeOptions);
00338
00339 if(count($options)<($optionNumber+1)){
00340 displayerror("$elementName is out of bounds of the available number of options.");
00341 return false;
00342 }
00343
00344 if(mysql_num_rows($textResult)>0) {
00345 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '" . $options[$optionNumber] ."' ".
00346 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00347 $textUpdateResult = mysql_query($textUpdateQuery);
00348 if (!$textUpdateResult) { displayerror('E102 : Invalid query: ' . mysql_error()); return false; }
00349 } else {
00350 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00351 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $options[$optionNumber] . "')";
00352 $textInsertResult = mysql_query($textInsertQuery);
00353 if (!$textInsertResult) { displayerror('E121 : Invalid query: ' . mysql_error()); return false; }
00354 }
00355 return true;
00356
00357 }
00358
00359 function submitRegistrationFormPassword($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00360 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00361 displayerror("Essential field ".$elementName." is missing");
00362 return false;
00363 }
00364 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00365 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00366 $textResult = mysql_query($textQuery);
00367 if (!$textResult) { displayerror('E234 : Invalid query: ' . mysql_error()); return false; }
00368
00369 if(mysql_num_rows($textResult)>0) {
00370 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".$_POST[$postVarName]."' ".
00371 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00372 $textUpdateResult = mysql_query($textUpdateQuery);
00373 if (!$textUpdateResult) { displayerror('E39 : Invalid query: ' . mysql_error()); return false; }
00374 } else {
00375 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00376 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $_POST[$postVarName] . "')";
00377 $textInsertResult = mysql_query($textInsertQuery);
00378 if (!$textInsertResult) { displayerror('E42 : Invalid query: ' . mysql_error()); return false; }
00379 }
00380 return true;
00381 }
00382
00383 function submitRegistrationFormFile($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00384 if($elementIsRequired && !isset($_FILES[$postVarName])) {
00385 displayerror('Required file ' . $elementName . ' not uploaded.');
00386 return false;
00387 }
00388
00389 $existsQuery = "SELECT `form_elementdata` from `form_elementdata` WHERE `user_id` = $userId AND " .
00390 "`page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00391 $existsResult = mysql_query($existsQuery);
00392
00393 global $sourceFolder;
00394 require_once("$sourceFolder/upload.lib.php");
00396 if($_FILES[$postVarName]['error'][0] != UPLOAD_ERR_NO_FILE) {
00397 if(mysql_num_rows($existsResult)>0) {
00398 $existsRow = mysql_fetch_array($existsResult);
00399 if(deleteFile( $moduleCompId,'form', $existsRow[0])) {
00400 $deleteQuery = "DELETE FROM `form_elementdata` WHERE `form_elementid` = $elementId AND `page_modulecomponentid` = $moduleCompId";
00401 mysql_query($deleteQuery);
00402 }
00403 }
00404 }
00405 $maxFileSizeInBytes = $elementLessThan;
00406 if($maxFileSizeInBytes == NULL || $maxFileSizeInBytes == "" || $maxFileSizeInBytes == 0) $maxFileSizeInBytes = 2*1024*1024;
00407 if(trim($elementTypeOptions)=="") $uploadableFileTypes = false;
00408 else {
00409 $uploadableFileTypes = explode( "|" , $elementTypeOptions );
00410 if(count($uploadableFileTypes)==0) $uploadableFileTypes = false;
00411 }
00412 $uploadFileName = submitFileUploadForm($moduleCompId, "form", $userId, $maxFileSizeInBytes , $uploadableFileTypes, $postVarName);
00413 if(!isset($uploadFileName[0])) {
00414 return false;
00415 }
00416 $uploadFileName = $uploadFileName[0];
00417
00418 $submitQuery = 'INSERT INTO `form_elementdata`(`user_id`, `page_modulecomponentid`, `form_elementid`, `form_elementdata`) ' .
00419 "VALUES($userId, $moduleCompId, $elementId, '$uploadFileName')";
00420 if(!mysql_query($submitQuery) || mysql_affected_rows() != 1) {
00421 displayerror('Error updating information in the database.');
00422 return false;
00423 }
00424 return true;
00425 }
00426
00427 function submitRegistrationFormDate($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00428 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00429 displayerror("Essential field ".$elementName." is missing");
00430 return false;
00431 }
00432 if(!$elementIsRequired && $_POST[$postVarName]=="") return true;
00433 if(!verifyDate($_POST[$postVarName])) return false;
00434 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00435 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00436 $textResult = mysql_query($textQuery);
00437 if (!$textResult) { displayerror('E134 : Invalid query: ' . mysql_error()); return false; }
00438
00439 if(mysql_num_rows($textResult)>0) {
00440 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".$_POST[$postVarName]."' ".
00441 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00442 $textUpdateResult = mysql_query($textUpdateQuery);
00443 if (!$textUpdateResult) { displayerror('E12 : Invalid query: ' . mysql_error()); return false; }
00444 } else {
00445 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00446 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $_POST[$postVarName] . "')";
00447 $textInsertResult = mysql_query($textInsertQuery);
00448 if (!$textInsertResult) { displayerror('E89 : Invalid query: ' . mysql_error()); return false; }
00449 }
00450 return true;
00451
00452 }
00453
00454 function submitRegistrationFormDatetime($moduleCompId, $elementId, $userId, $postVarName, $elementName, $elementSize, $elementTypeOptions, $elementMoreThan, $elementLessThan, $elementCheckInt, $elementIsRequired) {
00455 if($elementIsRequired && ( !isset($_POST[$postVarName]) || $_POST[$postVarName] == "" || $_POST[$postVarName] == NULL )) {
00456 displayerror("Essential field ".$elementName." is missing");
00457 return false;
00458 }
00459 if(!$elementIsRequired && $_POST[$postVarName]=="") return true;
00460 $strdatetime=$_POST[$postVarName];
00461 $pos=strpos($strdatetime," ");
00462 $date=substr($strdatetime,0,($pos));
00463 $time=substr($strdatetime,$pos+1,strlen($strdatetime));
00464 if(!verifyDate($date))
00465 return false;
00466 if(!verifyTime($time))
00467 return false;
00468 $textQuery = "SELECT 1 FROM `form_elementdata` " .
00469 "WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId AND `form_elementid` =$elementId";
00470 $textResult = mysql_query($textQuery);
00471 if (!$textResult) { displayerror('E234 : Invalid query: ' . mysql_error()); return false; }
00472
00473 if(mysql_num_rows($textResult)>0) {
00474 $textUpdateQuery = "UPDATE `form_elementdata` SET `form_elementdata` = '".$_POST[$postVarName]."' ".
00475 "WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId AND `form_elementid` = $elementId";
00476 $textUpdateResult = mysql_query($textUpdateQuery);
00477 if (!$textUpdateResult) { displayerror('E12 : Invalid query: ' . mysql_error()); return false; }
00478 } else {
00479 $textInsertQuery = "INSERT INTO `form_elementdata` ( `user_id` , `page_modulecomponentid` , `form_elementid` , `form_elementdata` ) ".
00480 "VALUES ( '$userId', '$moduleCompId', '$elementId', '" . $_POST[$postVarName] . "')";
00481 $textInsertResult = mysql_query($textInsertQuery);
00482 if (!$textInsertResult) { displayerror('E89 : Invalid query: ' . mysql_error()); return false; }
00483 }
00484 return true;
00485 }
00486
00487 function verifyDate($inputDate){
00488 $datePattern = '/^(?P<year>19[5-9][0-9]|20[0-4][0-9]|2050)-(?P<month>0[1-9]|1[0-2])-(?P<date>0[1-9]|[12][0-9]|3[01])$/';
00489 $matches = array();
00490 $isMatch = preg_match($datePattern, $inputDate, $matches);
00491 if(!$isMatch) {
00492 displayerror("Enter the date in 'YYYY-MM-DD' format");
00493 return false;
00494 }
00495
00496 $year = $matches['year'];
00497 $month = $matches['month'];
00498 $date = $matches['date'];
00499
00500 if($year < 1950 || $year > 2050) {
00501 displayerror($year . ' Enter a valid year.');
00502 return false;
00503 }
00504 if($month > 12) {
00505 displayerror('Enter a valid month.');
00506 return false;
00507 }
00508 if($date > 31) {
00509 displayerror('Enter a valid date.');
00510 return false;
00511 }
00512 switch($month) {
00513 case 2:
00514 if(($year % 4 && $date > 28) || (!($year % 4) && $date > 29)) {
00515 displayerror('Enter a valid date for February.');
00516 return false;
00517 }
00518 break;
00519
00520 case 4:
00521 case 6:
00522 case 9:
00523 case 11:
00524 if($date > 30) {
00525 displayerror('Enter a valid date for the specified month.');
00526 return false;
00527 }
00528 }
00529
00530 return true;
00531 }
00532
00533 function verifyTime($inputTime){
00534 $timePattern = '/^([01][0-9]|2[0-3]):[0-5][0-9]$/';
00535 if(!preg_match($timePattern, $inputTime)) {
00536 displayerror("Enter the time in 'HH:MM' format in 24 hours clock");
00537 return false;
00538 }
00539 return true;
00540 }
00541
00542 function insertFormView($moduleComponentId, $userId) {
00543 $existsQuery = "SELECT COUNT(*) FROM `form_visits` WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00544 $existsResult = mysql_query($existsQuery);
00545 $existsRow = mysql_fetch_row($existsResult);
00546
00547 if ($existsRow[0] == 0) {
00548 $insertQuery = "INSERT INTO `form_visits`(`page_modulecomponentid`, `user_id`, `user_submitcount`, `user_firstvisit`) VALUES " .
00549 "($moduleComponentId, $userId, 0, NOW())";
00550 mysql_query($insertQuery);
00551 }
00552 }
00553
00554 function updateFormSubmitCount($moduleComponentId, $userId) {
00555 $existsQuery = "SELECT COUNT(*) FROM `form_visits` WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00556 $existsResult = mysql_query($existsQuery);
00557 $existsRow = mysql_fetch_row($existsResult);
00558
00559 if ($existsRow[0] == 1)
00560 $updateQuery = "UPDATE `form_visits` SET `user_submitcount` = `user_submitcount` + 1 WHERE `page_modulecomponentid` = $moduleComponentId AND `user_id` = $userId";
00561 else
00562 $updateQuery = "INSERT INTO `form_visits`(`page_modulecomponentid`, `user_id`, `user_submitcount`, `user_firstvisit`) VALUES " .
00563 "($moduleComponentId, $userId, 1, NOW())";
00564 mysql_query($updateQuery);
00565 }
00566
00568 function registerUser($moduleCompId,$userId) {
00569 $registeruser_query = "INSERT INTO `form_regdata` (`user_id` ,`page_modulecomponentid` ,`form_firstupdated` ,`form_lastupdated`) " .
00570 "VALUES ('$userId', '$moduleCompId', CURRENT_TIMESTAMP , CURRENT_TIMESTAMP)";
00571 $registeruser_result = mysql_query($registeruser_query);
00572 if(mysql_affected_rows()>0){
00573
00576 $TUXVENTUREMCID = array('203','204','205','206');
00577 if (in_array($moduleCompId,$TUXVENTUREMCID)) {
00578
00579 updateFormSubmitCount($moduleCompId, $userId);
00580 }
00583 global $sourceFolder;
00584 require_once($sourceFolder."/group.lib.php");
00585 $groupId = getGroupIdFromFormId($moduleCompId);
00586 if($groupId!=false) {
00587 if(addUserToGroupId($groupId, $userId))
00588 return true;
00589 else {
00590 displayerror("Error in registering user to group.");
00591 return false;
00592 }
00593 }
00594 return true;
00595 }
00596 else {
00597 displayerror("Error in registering user to form.");
00598 return false;
00599 }
00600 }
00602 function updateUser($moduleCompId,$userId) {
00605 $TUXVENTUREMCID = array('203','204','205','206');
00606 if (in_array($moduleCompId,$TUXVENTUREMCID)){
00607
00608 updateFormSubmitCount($moduleCompId, $userId);
00609 }
00610
00613 $updateuser_query = "UPDATE `form_regdata` SET `form_lastupdated` = CURRENT_TIMESTAMP WHERE `user_id` =$userId AND `page_modulecomponentid` =$moduleCompId";
00614 $updateuser_result = mysql_query($updateuser_query);
00615 if(mysql_affected_rows()>0)
00616 return true;
00617 else
00618 return false;
00619 }
00621 function verifyUserRegistered($moduleCompId,$userId) {
00622 if($userId == 0) return false;
00623 $verifyuser_query = " SELECT 1 FROM `form_regdata` WHERE `user_id` =$userId AND `page_modulecomponentid` = $moduleCompId";
00624 $verifyuser_result = mysql_query($verifyuser_query);
00625 if (!$verifyuser_result) {
00626 displayerror('E39 : Invalid query: '.$verifyuser_query . mysql_error());
00627 return false;
00628 }
00630 if(mysql_num_rows($verifyuser_result)>0)
00631 return true;
00632 else
00633 return false;
00634 }
00636 function verifyUserProfileFilled($userId) {
00637 $verifyprofile_query = 'SELECT s.form_elementname ' .
00638 'FROM `form_elementdesc` s LEFT JOIN `form_elementdata` d ' .
00639 ' ON s.form_elementid = d.form_elementid AND s.page_modulecomponentid = d.page_modulecomponentid AND d.user_id='.$userId.' ' .
00640 ' WHERE s.form_elementisrequired = 1 AND s.page_modulecomponentid = 0 ' .
00641 ' AND (d.form_elementdata IS NULL OR d.form_elementdata = "")';
00642 $verifyprofile_result = mysql_query($verifyprofile_query);
00643 if(!$verifyprofile_result)
00644 return false;
00645 if(mysql_num_rows($verifyprofile_result)>0)
00646 return false;
00647 else
00648 return true;
00649 }
00651 function unregisterUser($moduleCompId, $userId, $silentOnSuccess = false) {
00652 if(verifyUserRegistered($moduleCompId,$userId)){
00653 $unregisteruser_query = "DELETE FROM `form_regdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId";
00654 $unregisteruser_result = mysql_query($unregisteruser_query);
00655
00657 $fileFieldQuery = 'SELECT `form_elementdata` FROM `form_elementdata`, `form_elementdesc` WHERE ' .
00658 "`form_elementdata`.`page_modulecomponentid` = $moduleCompId AND `form_elementtype` = 'file' AND " .
00659 "`form_elementdata`.`user_id` = $userId AND `form_elementdesc`.`page_modulecomponentid` = `form_elementdata`.`page_modulecomponentid` AND " .
00660 "`form_elementdata`.`form_elementid` = `form_elementdesc`.`form_elementid`";
00661 $fileFieldResult = mysql_query($fileFieldQuery);
00662
00663 global $sourceFolder;
00664 require_once("$sourceFolder/upload.lib.php");
00665 while($fileFieldRow = mysql_fetch_row($fileFieldResult)) {
00666 deleteFile($moduleCompId, 'form', $fileFieldRow[0]);
00667 }
00668
00669 $deleteelementdata_query = "DELETE FROM `form_elementdata` WHERE `user_id` = $userId AND `page_modulecomponentid` = $moduleCompId ";
00670 $deleteelementdata_result = mysql_query($deleteelementdata_query);
00671
00672 if($deleteelementdata_result) {
00673 global $sourceFolder;
00674 require_once($sourceFolder."/group.lib.php");
00675 $groupId = getGroupIdFromFormId($moduleCompId);
00676 if($groupId!=false) {
00677 if(removeUserFromGroupId($groupId, $userId)) {
00678 if(!$silentOnSuccess)
00679 displayinfo("User successfully unregistered");
00680 return true;
00681 }
00682 else {
00683 displayerror("Unable to unregister user from group.");
00684 return false;
00685 }
00686 }
00687 else {
00688 if(!$silentOnSuccess)
00689 displayinfo("User successfully unregistered");
00690 return true;
00691 }
00692 }
00693 else {
00694 displayerror("Error in unregistering user.");
00695 return false;
00696 }
00697 }
00698 else {
00699 displaywarning("User not registered!");
00700 return false;
00701 }
00702 }
00703
00704 ?>