+
+function _~form_name~_main() {<!--~end~--><!--~opt_http_pass_2 start~-->
+ # To remove password protection, just delete this block:
+ if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != AUTH_USER || $_SERVER['PHP_AUTH_PW'] != AUTH_PASS) {
+ header('WWW-Authenticate: Basic realm="' . AUTH_REALM . '"');
+ header('HTTP/1.0 401 Unauthorized');
+ echo '401 Unauthorized';
+ exit;
+ }
+<!--~end~--><!--~pulldowns start~-->
+ pulldown('~name~', array('option 1', 'option 2', 'option 3'));
+<!--~end~--><!--~opt_db_3 start~-->
+ $edit_id = format_int($_REQUEST['~form_name~_edit_id']);
+ unset($_REQUEST['~form_name~_edit_id']);
+ if($edit_id) {
+ # add hidden field for database id of row we're editing
+ tem_set('~form_name~_edit_id', $edit_id);
+ tem_show('editing');
+ }
+
+ $delete_id = format_int($_REQUEST['~form_name~_delete_id']);
+ unset($_REQUEST['~form_name~_delete_id']);
+ if($delete_id) {
+ db_delete('~form_name~', 'where id=%i', $delete_id);
+ message('~singular.cap~ deleted.');
+
+ return './~form_name~';
+ }
+
+ if(!$edit_id) {<!--~opt_listing_1 start~-->
+ if(!isset($_REQUEST['~form_name~_new']) && !isset($_REQUEST['~always_field~'])) {
+ ~form_name~_display_listing();
+ return;
+ }
+<!--~end~-->
+ tem_show('new_msg');
+ }<!--~end~-->
+
+ if(isset($_POST['~always_field~'])) {
+ list(~php_fields~) = ~form_name~_get_fields();
+
+ if("you're happy with the POSTed values") {<!--~opt_db_4 start~-->
+ if($edit_id) {
+ db_update('~form_name~', ~form_name.upper~_DB_FIELDS, ~php_fields~, 'where id=%i', $edit_id);
+ message('~singular.cap~ updated.');
+ } else {
+ db_insert('~form_name~', ~form_name.upper~_DB_FIELDS, ~php_fields~);
+ message('~singular.cap~ saved.');
+ }<!--~end~--><!--~opt_email_2 start~-->
+ if($GLOBALS['~form_name~_form_recipient'] != "fixme@example.com") {
+ $to = $GLOBALS['~form_name~_form_recipient'];
+ $from = $to;
+ $reply_to = '';
+ if(isset($_REQUEST['email']) and valid_email($_REQUEST['email'])) {
+ $reply_to = $_REQUEST['email'];
+ if($_REQUEST['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $_REQUEST['name']) !== false) {
+ $reply_to = "$_REQUEST[name] <$reply_to>";
+ }
+ }
+ $subject = '~form_name~ form submitted';
+ $message = tem_run('~form_name~.email.txt');
+ $cc = '';
+ $bcc = '';
+ if(email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
+ message('Due to an internal error, your message could not be sent. Please try again later.');
+ $error = true;
+ } else {
+ message('Message sent');
+ }
+ }<!--~end~-->
+ if($error !== true) {
+ return './~form_name~'; # FIXME is this the page you want to go to after successful form submission?
+ }
+ }
+ # otherwise, we display the form again. ~form_name~_get_fields() has
+ # already put the posted values back into the template engine, so they will
+ # show up in the form fields. You should add some message asking people to
+ # fix their entry in whatever way you require.<!--~opt_db_5 start~-->
+ } elseif($edit_id) {
+ # we've recieved an edit id, but no data. So we grab the values to be edited from the database
+ list(~php_fields~) = db_get_row('~form_name~', ~form_name.upper~_DB_FIELDS, 'where id=%i', $edit_id);
+ ~form_name~_tem_sets(~php_fields~);<!--~end~-->
+ } else {
+ # form not submitted, you can set default values like so:
+ #tem_set('~always_field~', 'Yes');
+ }<!--~upload_max start~-->
+
+ tem_set('upload_max_filesize', upload_max_filesize());<!--~end~-->
+
+ # this has to be later in the file because it requres that ~always_field~ be set already
+ if($edit_id) {
+ tem_show('edit_msg');
+ }
+
+ tem_show('form');
+}