metaform has option for a session-based login-required

[wfpl.git] / metaform / template.php

<?php

# This form requires wfpl. See: http://jasonwoof.org/wfpl

# This form was initially auto-generated. If you would like to alter the
# parameters and generate a new one try this URL:
#
# ~metaform_url~


# SETUP
<!--~opt_email_1 {~-->
# To send results by e-mail, all you have to do is set your e-mail address here:
$GLOBALS['~file_name~_form_recipient'] = "fixme@example.com";
<!--~}~--><!--~opt_db_1 {~-->
# To save results to a database, you'll need to create the ~table_name~ table
# (the file ~file_name~.sql should help with this), and create the file
# 'code/db_connect.php' which calls db_connect() see:
# code/wfpl/examples/db_connect.php
#
# if you rename any of the database fields, you'll need to update this:

define('~file_name upper~_DB_FIELDS', '~db_fields~');
<!--~}~--><!--~upload_settings {~-->
# Set this to the path to your uploads directory. It can be relative to the
# location of this script. IT MUST END WITH A SLASH
$GLOBALS['upload_directory'] = 'uploads/';
<!--~}~--><!--~image_settings {~-->
$GLOBALS['~name~_max_width'] = '400';
$GLOBALS['~name~_max_height'] = '400';<!--~thumb_settings {~-->
$GLOBALS['~name~_thumb_max_width'] = '70';
$GLOBALS['~name~_thumb_max_height'] = '70';
$GLOBALS['~name~_file_name'] = uniqid() . getmypid() . '.jpg'; # comment this out to use uploader's filename
<!--~}~--><!--~}~-->

require_once('code/wfpl/template.php');
require_once('code/wfpl/format.php');
require_once('code/wfpl/messages.php');
require_once('code/wfpl/email.php');<!--~opt_db_2 {~-->
require_once('code/db_connect.php');<!--~}~--><!--~image_include {~-->
require_once('code/wfpl/upload.php');<!--~}~-->

function ~file_name~_get_fields() {<!--~formats {~-->
        $~name~ = format_~format~($_REQUEST['~name~']<!--~pulldown_format_extra {~-->, '~name~'<!--~}~-->);<!--~}~--><!--~image_upload {~-->
        if($_FILES['~name~'] && $_FILES['~name~']['error'] == 0) {
                $~name~ = convert_uploaded_image('~name~', $GLOBALS['upload_directory'] . $GLOBALS['~name~_file_name'], $GLOBALS['~name~_max_width'], $GLOBALS['~name~_max_height']<!--~thumb_upload_params {~-->, $GLOBALS['~name~_thumb_max_width'], $GLOBALS['~name~_thumb_max_height']<!--~}~-->);
        } else {
                if($_REQUEST['delete_~name~'] == 'Yes') {
                        $~name~ = '';
                } else {
                        $~name~ = format_image_w_h<!--~thumb_w_h {~-->_thumb_w_h<!--~}~-->($_REQUEST['old_~name~']);
                }
        }<!--~}~-->

        ~file_name~_tem_sets(~php_fields~);

        return array(~php_fields~);
}

function ~file_name~_tem_sets(~php_fields~) {<!--~tem_sets {~-->
        tem_set('~name~', $~name~);<!--~}~-->
}
<!--~opt_listing_2 {~-->
# You may pass a "where clause" for the db query.
function ~file_name~_display_listing($where = 'order by ~always_field~ limit 100') {
        $rows = db_get_rows('~table_name~', 'id<!--~listing_fields_1 {~-->,~name~<!--~}~-->', $where);
        if($rows == false || count($rows) == 0) {
                tem_show('empty_listing');
                tem_show('listings');
                return false;
        }

        foreach($rows as $row) {
                list($id<!--~listing_fields_2 {~-->, $~name~<!--~}~-->) = $row;
                tem_set('id', $id);
                if($~always_field~ == '') {
                        $~always_field~ = '--';
                }
                ~file_name~_tem_sets(~php_fields~);
                tem_show('listing_row');
        }
        tem_show('populated_listing');
        tem_show('listings');
        return true;
}
<!--~}~-->
function ~file_name~_main() {<!--~opt_display_1 {~-->
        if(isset($_REQUEST['~file_name~_id'])) {
                $ret = ~file_name~_display_main();
                if($ret) {
                        return $ret;
                }
                tem_show('display_body');
        } else {
                $ret = ~file_name~_edit_main();
                if($ret) {
                        return $ret;
                }
                tem_show('edit_body');
        }
<!--~}~--><!--~opt_display_1_else {~-->
        $ret = _~file_name~_main();
        if($ret) {
                return $ret;
        }
<!--~}~-->
        # sections displayed with tem_show() will be coppied to the main template if you have one.
        tem_show('main_body');
}<!--~opt_display_2 {~-->

function ~file_name~_display_main() {
        $id = format_int($_REQUEST['~file_name~_id']);
        unset($_REQUEST['~file_name~_id']);
        if(!$id) {
                message('Error: Broken link');
                return './~file_name~';
        }
        $row = db_get_row('~table_name~', ~file_name upper~_DB_FIELDS, 'where id=%i', $id);
        if(!$row) {
                message('Error: ~singular cap~ not found');
                return './~file_name~';
        }
        list(~php_fields~) = $row;
        ~file_name~_tem_sets(~php_fields~);
        tem_set('id', $id);
}

function ~file_name~_edit_main() {<!--~}~--><!--~opt_display_2_else {~-->


function _~file_name~_main() {<!--~}~--><!--~opt_pass {~-->
        if(!logged_in_as_admin()) {
                $GLOBALS['url'] = this_url();
                return 'admin_login';
        }
<!--~}~--><!--~pulldowns {~-->
        pulldown('~name~', array('option 1', 'option 2', 'option 3'));
<!--~}~--><!--~opt_db_3 {~-->
        $edit_id = format_int($_REQUEST['~file_name~_edit_id']);
        unset($_REQUEST['~file_name~_edit_id']);
        if($edit_id) {
                # add hidden field for database id of row we're editing
                tem_set('~file_name~_edit_id', $edit_id);
                tem_show('editing');
        }

        $delete_id = format_int($_REQUEST['~file_name~_delete_id']);
        unset($_REQUEST['~file_name~_delete_id']);
        if($delete_id) {
                db_delete('~table_name~', 'where id=%i', $delete_id);
                message('~singular cap~ deleted.');

                return './~file_name~';
        }

        if(!$edit_id) {<!--~opt_listing_1 {~-->
                if(!isset($_REQUEST['~file_name~_new']) && !isset($_REQUEST['~always_field~'])) {
                        ~file_name~_display_listing();
                        return;
                }
<!--~}~-->
                tem_show('new_msg');
        }<!--~}~-->

        if(isset($_POST['~always_field~'])) {
                list(~php_fields~) = ~file_name~_get_fields();

                if("you're happy with the POSTed values") {<!--~opt_db_4 {~-->
                        if($edit_id) {
                                db_update('~table_name~', ~file_name upper~_DB_FIELDS, ~php_fields~, 'where id=%i', $edit_id);
                                message('~singular cap~ updated.');
                        } else {
                                db_insert('~table_name~', ~file_name upper~_DB_FIELDS, ~php_fields~);
                                message('~singular cap~ saved.');
                        }<!--~}~--><!--~opt_email_2 {~-->
                        if($GLOBALS['~file_name~_form_recipient'] != "fixme@example.com") {
                                $to = $GLOBALS['~file_name~_form_recipient'];
                                $from = $to;
                                $reply_to = '';
                                if(isset($_REQUEST['email']) and valid_email($_REQUEST['email'])) {
                                        $reply_to = $_REQUEST['email'];
                                        if($_REQUEST['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $_REQUEST['name']) !== false) {
                                                $reply_to = "$_REQUEST[name] <$reply_to>";
                                        }
                                }
                                $subject = '~plural cap~ form submitted';
                                $message = tem_run('~file_name~.email.txt');
                                $cc = '';
                                $bcc = '';
                                if(email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
                                        message('Due to an internal error, your message could not be sent. Please try again later.');
                                        $error = true;
                                } else {
                                        message('Message sent');
                                }
                        }<!--~}~-->
                        if($error !== true) {
                                return './~file_name~'; # FIXME is this the page you want to go to after successful form submission?
                        }
                }
                # otherwise, we display the form again. ~file_name~_get_fields() has
                # already put the posted values back into the template engine, so they will
                # show up in the form fields. You should add some message asking people to
                # fix their entry in whatever way you require.<!--~opt_db_5 {~-->
        } elseif($edit_id) {
                # we've recieved an edit id, but no data. So we grab the values to be edited from the database
                list(~php_fields~) = db_get_row('~table_name~', ~file_name upper~_DB_FIELDS, 'where id=%i', $edit_id);
                ~file_name~_tem_sets(~php_fields~);<!--~}~-->
        } else {
                # form not submitted, you can set default values like so:
                #tem_set('~always_field~', 'Yes');
        }<!--~upload_max {~-->

        tem_set('upload_max_filesize', upload_max_filesize());<!--~}~-->

        # this has to be later in the file because it requres that ~always_field~ be set already
        if($edit_id) {
                tem_show('edit_msg');
        }

        tem_show('form');<!--~show_extra_headers {~-->
        tem_show('extra_headers');<!--~}~-->
}

?>