<?php

/* * ************************************************
 * CONTENIDO MODULE - OUTPUT
 *
 * Modulname   :     w3concepts.form.v1
 * Author      :     Andreas Kummer
 * Copyright   :     mumprecht & kummer w3concepts
 * Created     :     20-08-2004
 * Modified    :     20-08-2004
 * Modified    :     24-08-2013, Murat Purc, adapted to newer CONTENIDO (4.8) and PHP (5.3/5.4) versions
 * *********************************************** */

$sFrontEndPath = cRegistry::getClientConfig(cRegistry::getClientId())['path']['frontend'] . 'securimage' . DIRECTORY_SEPARATOR;
require_once $sFrontEndPath . 'securimage.php';
require_once $sFrontEndPath . 'CaptchaObject.php';
require_once $sFrontEndPath . 'StorageAdapter/AdapterInterface.php';

class w3form {

    private array $email = ['adresses' => '', 'from' => ['name' => '', 'email' => ''], 'message' => '', 'subject' => ''];
    private array $unraveled = [];
    private array $form = ['form' => '', 'answer' => '', 'colorError' => ''];
    private array $formField = [];

    public function __construct()
    {
    }

    private function sendEmail(): bool
    {
        $this->unravel($this->suppress('sent'));
        $this->generateEmailMessage();

        $oMailer = new PHPMailer();
        $oMailer->CharSet = "UTF-8";
        $oMailer->AddAddress($this->email['adresses']);
        $oMailer->From = $this->email['from']['email'];
        $oMailer->FromName = $this->email['from']['name'];
        $oMailer->Subject = $this->email['subject'];
        $oMailer->Body = $this->email['message'];

        if ($oMailer->send()) {
            return true;
        }

        return false;
    }

    private function unravel($toUnravel, $prefix = ''): void
    {
        foreach ($toUnravel as $key => $value) {
            if (is_array($value)) {
                $this->unravel($value, $key . ' ');
            } else {
                $this->unraveled["{$prefix}{$key}"] = $value;
            }
        }
    }

    private function add2Message($key, $value) {
        if (strlen($key) > 25 OR strlen($value) > 54) {
            $this->email['message'] .= "$key\n$value\n";
        } else {
            $this->email['message'] .= $key;
            $this->email['message'] .= str_repeat(' ', 25 - strlen($key));
            $this->email['message'] .= "$value\n";
        }
    }

    private function generateEmailMessage() {
        if ($this->unraveled)
            foreach ($this->unraveled as $key => $value) {
                $this->add2Message($key, $value);
            }
    }

    private function suppress() {
        $fields = [];
        $suppress = func_get_args();
        foreach ($_POST as $key => $value) {
            if (array_search($key, $suppress) === false)
                $fields[$key] = $value;
        }
        return $fields;
    }

    public function addEmailAdress($email) {
        if (empty($this->emailAdresses)) {
            $this->email['adresses'] .= "$email";
        } else {
            $this->email['adresses'] .= ", $email";
        }
    }

    public function setEmailSubject($subject) {
        $this->email['subject'] = $subject;
    }

    public function setEmailFrom($email, $name) {
        $this->email['from']['email'] = $email;
        $this->email['from']['name'] = $name;
    }

    public function setForm($form) {
        $this->form['form'] = $form;
    }

    public function setAnswer($answer) {
        $this->form['answer'] = $answer;
    }

    public function setBackgroundError($color) {
        $this->form['colorError'] = $color;
    }

    public function formInterpretation(&$form) {
        $fields = explode('###', $form);
        $field = [];

        for ($i = 1; $i < count($fields); $i = $i + 2) {
            $attributte = explode(';', trim($fields[$i]));
            foreach ($attributte as $attribute) {
                $nameValue = explode(':', trim($attribute));
                if ($nameValue[0] != 'option' && $nameValue[0] != 'optionvalue') {
                    $field["{$fields[$i]}"]["{$nameValue[0]}"] = $nameValue[1];
                } else {
                    $field["{$fields[$i]}"]["{$nameValue[0]}"][] = $nameValue[1];
                }
            }
        }

        return $field;
    }

    public function formOutput($sent = false) {
        echo '<div class="textItem secondItem"><form action="" method="POST" class="form-horizontal">';
        echo '<input type="hidden" name="sent" value="true" />';
        $form = $this->form['form'];
        $formData = $this->formInterpretation($form);
        $form = explode('###', $form);

        foreach ($form as $item) {
            if (!empty($formData["{$item}"])) {
                $this->formField($formData["{$item}"], $sent);
            } else {
                echo $item;
            }
        }

        echo '</form></div>';
    }

    public function formField($attribute, $sent) {
        $style = '';
        $value = '';
        $parameter = "name=\"{$attribute['name']}\"";
        if ($sent && !$this->formFieldCorrect($attribute))
            $style = "style=\"background-color:{$this->form['colorError']};\"";

        switch ($attribute['type']) {
            case 'select':
            case 'password':
            case 'text':
                if (!empty($attribute['size']))
                    $parameter .= " size=\"{$attribute['size']}\"";
                break;
        }

        switch ($attribute['type']) {
            case 'textarea':
            case 'text':
                if (!empty($attribute['size']))
                    $parameter .= " size=\"{$attribute['size']}\"";
                if (!empty($attribute['value']))
                    $value = $attribute['value'];
                if (!empty($_POST["{$attribute['name']}"]))
                    $value = $_POST["{$attribute['name']}"];
                break;
        }

        switch ($attribute['type']) {
            case 'captcha':
                if ($sent) {
                    $captcha = @$_POST['ct_captcha'];
                    $capId = @$_POST['captcha_id'];
                    $securimage = new Securimage();

                    if ($securimage->check($captcha) == false) {
                        echo '<style>'
                        . '#captcha_code {background-color: '.$this->form['colorError'].'}'
                                . '</style>';
                    }
                }
                // show captcha HTML using Securimage::getCaptchaHtml()
                $options = [];
                $options['input_name'] = 'ct_captcha'; // change name of input element for form post input_text
                $options['input_text'] = mi18n("Zeichen eingeben");
                $options['input_required'] = false;

                if (!empty($_SESSION['ctform']['captcha_error'])) {
                    // error html to show in captcha output
                    $options['error_html'] = $_SESSION['ctform']['captcha_error'];
                }

                echo "<div id='captcha_container_1'>\n";
                echo Securimage::getCaptchaHtml($options);
                echo "\n</div>\n";
                break;
            case 'text':
                echo "<input type=\"text\" $parameter value=\"$value\" $style />";
                break;
            case 'password':
                echo "<input type=\"password\" $parameter value=\"$value\" $style />";
                break;
            case 'textarea':
                echo "<textarea name=\"{$attribute['name']}\" cols=\"";
                echo (empty($attribute['cols'])) ? ('20') : ($attribute['cols']);
                echo "\" rows=\"";
                echo (empty($attribute['rows'])) ? ('2') : ($attribute['rows']);
                echo "\" wrap=\"virtual\" $style>$value</textarea>";
                break;
            case 'select':
                echo "<select $parameter $style>";
                for ($i = 0; $i < (is_countable($attribute['option']) ? count($attribute['option']) : 0); $i++) {
                    if (!empty($attribute['optionvalue'][$i])) {
                        if (!empty($_POST["{$attribute['name']}"]) && $_POST["{$attribute['name']}"] == $attribute['optionvalue'][$i]) {
                            echo "<option value=\"{$attribute['optionvalue'][$i]}\" selected=\"selected\">{$attribute['option'][$i]}</option>\n";
                        } else {
                            if (empty($_POST["{$attribute['name']}"]) && !empty($attribute['optionvalue'][$i]) && $attribute['optionvalue'][$i] == $attribute['value']) {
                                echo "<option value=\"{$attribute['optionvalue'][$i]}\" selected=\"selected\">{$attribute['option'][$i]}</option>\n";
                            } else {
                                echo "<option value=\"{$attribute['optionvalue'][$i]}\">{$attribute['option'][$i]}</option>\n";
                            }
                        }
                    } else {
                        if (!empty($_POST["{$attribute['name']}"]) && $_POST["{$attribute['name']}"] == $attribute['option'][$i]) {
                            echo "<option selected=\"selected\">{$attribute['option'][$i]}</option>\n";
                        } else {
                            if (empty($_POST["{$attribute['name']}"]) && $attribute['option'][$i] == $attribute['value']) {
                                echo "<option selected=\"selected\">{$attribute['option'][$i]}</option>\n";
                            } else {
                                echo "<option>{$attribute['option'][$i]}</option>\n";
                            }
                        }
                    }
                }
                echo "</select>";
                break;
            case 'checkbox':
                $formId = preg_split('[\[|\]]', $attribute['name']);
                if ($sent) {
                    if ($_POST["{$formId[0]}"]["{$formId[1]}"] == $attribute['value']) {
                        echo "<input type=\"checkbox\" $parameter value=\"{$attribute['value']}\" checked=\"checked\"/>";
                    } else {
                        echo "<label $style><input type=\"checkbox\" $parameter value=\"{$attribute['value']}\"/></label>";
                    }
                } else {
                    if (!empty($attribute['selected']) && $attribute['selected'] == 'true') {
                        echo "<input type=\"checkbox\" $parameter value=\"{$attribute['value']}\" checked=\"checked\"/>";
                    } else {
                        echo "<input type=\"checkbox\" $parameter value=\"{$attribute['value']}\"/>";
                    }
                }
                break;
            case 'radio':
                if (!empty($_POST["{$attribute['name']}"])) {
                    if ($_POST["{$attribute['name']}"] == $attribute['value']) {
                        echo "<input type=\"radio\" $parameter value=\"{$attribute['value']}\" checked=\"checked\"/>";
                    } else {
                        echo "<input type=\"radio\" $parameter value=\"{$attribute['value']}\" />";
                    }
                } else {
                    if (!empty($attribute['selected']) && $attribute['selected'] == 'true') {
                        echo "<input type=\"radio\" $parameter value=\"{$attribute['value']}\" checked=\"checked\"/>";
                    } else {
                        echo "<input type=\"radio\" $parameter value=\"{$attribute['value']}\"/>";
                    }
                }
                break;
        }
    }

    private function formComplete() {
        $form = $this->form['form'];
        $fields = $this->formInterpretation($form);
        foreach ($fields as $field) {
            if (!$this->formFieldCorrect($field)) {
                return false;
            }
        }
        return true;
    }

    private function success() {
        if ($this->sendEmail()) {
            echo $this->form['answer'];
        } else {
            echo '<span style="color:red;">' . mi18n("Es ist  ein Fehler aufgetreten!<br>Bitte versuchen Sie es später noch einmal.") . '</span>';
        }
    }

    private function formFieldCorrect(&$field) {

        $tmp_name = rtrim($field['name'], '[0]');
        preg_match('/\[(\d*)\]/', $field['name'], $matches);
        $bEmptyPost = false;
        $bIsPostArray = false;
        $sPostFieldValue = $_POST[$tmp_name];
        if (is_array($_POST[$tmp_name])) {
            $bIsPostArray == true;
            $sPostFieldValue = $_POST[$tmp_name][$matches[1]];
            if (empty($_POST[$tmp_name][$matches[1]])) {
                $bEmptyPost = true;
            }
        } elseif (empty($_POST[$tmp_name])) {
            $bEmptyPost = true;
        }

        if (!empty($field['mandatory']) && $field['mandatory'] == 'true' && $bEmptyPost) {
            return false;
        }

        // wenn das formularfeld kein pflichtfeld und nicht vorhanden ist, true zurückgeben
        if ($bEmptyPost) {
            return true;
        }

        // regular expression prüfungen
        if (!empty($field['valid'])) {
            switch ($field['valid']) {
                case 'textmitumbruch':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[\n\r,;:\. ÄÖÜäöüß\-\+\*§$%&\/()=?!\"'\w\d]*$/"]])) {
                        return false;
                    }
                    break;
                case 'simpletext':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[\w]*$/i"]])) {
                        return false;
                    }
                    break;
                case 'text':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[,;:\. ÄÖÜäöüß\-\+\*§$%&\/()=?!\"'\w\d]*$/"]])) {
                        return false;
                    }
                    break;
                case 'phone':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^(\(?([\d \-\)\–\+\/\(]+){6,}\)?([ .\-–\/]?)([\d]+))$/"]])) {
                        return false;
                    }
                    break;
                case 'integer':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^\d*$/"]])) {
                        return false;
                    }
                    break;
                case 'float':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[+-]?([0-9]*[.])?[0-9]+$/"]])) {
                        return false;
                    }
                    break;
                case 'date':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[0-9]{1,2}.[0-9]{1,2}.[0-9]{2,4}$/"]])) {
                        return false;
                    }
                    break;
                case 'email':
                    if (!filter_var($sPostFieldValue, FILTER_VALIDATE_REGEXP, ["options" => ["regexp" => "/^[öäüéàèâêîç_a-z0-9-]+(\.[öäüéàèâêîç_a-z0-9-]+)*@[öäüéàèâêîça-z0-9-]+(\.[öäüéàèâêîça-z0-9-]+)*$/"]])) {
                        return false;
                    }
                    break;
            }
        }

        // grössenbereich bei integer und float prüfen
        if (!empty($field['minvalue']) && $sPostFieldValue < $field['minvalue'])
            return false;
        if (!empty($field['maxvalue']) && $sPostFieldValue > $field['maxvalue'])
            return false;

        // längenbereich bei allen typen prüfen
        if (!empty($field['minlength']) && strlen($sPostFieldValue) < $field['minlength'])
            return false;
        if (!empty($field['maxlength']) && strlen($sPostFieldValue) > $field['maxlength'])
            return false;

        return true;
    }

    public function process() {
        if (!isset($_POST['sent'])) {
            $this->formOutput();
        } elseif ($this->formComplete()) {
            // check captcha
            $captcha = @$_POST['ct_captcha'];
            $capId = @$_POST['captcha_id'];
            $securimage = new Securimage();
            if ($securimage->check($captcha, $capId, true) == false) {
                echo '<div style="color: red;">' . mi18n("Ihr Captcha Code war nicht korrekt. Bitte versuchen Sie es erneut.") . '</div>';
                $this->formOutput(true);
            } else {
                $this->success();
            }
        } else {
            $this->formOutput(true);
        }
    }

}

if (isset($edit) && $edit) {
    echo "<h1>" . mi18n("Formularkonfiguration") . "</h1>";
    echo "<p>" . mi18n("Hier ist das Formular sowie der Text einzugeben, der zusammen mit dem Formular ausgegeben werden soll:") . "</p>";
    echo "CMS_HTML[0]";
    echo "<p>" . mi18n("Hier ist die Ausgabe einzugeben, die erscheint, wenn das Formular erfolgreich prozessiert worden ist:") . "</p>";
    echo "CMS_HTML[1]";
} else {
    $form = new w3form();
    $form->addEmailAdress("CMS_VALUE[0]");
    $form->setEmailSubject("CMS_VALUE[1]");
    $form->setEmailFrom("CMS_VALUE[2]", "CMS_VALUE[3]");
    $form->setBackgroundError("CMS_VALUE[4]");
    $form->setForm("CMS_HTML[0]");
    $form->setAnswer("CMS_HTML[1]");
    $form->process();
}
?>