Project-Pro/vidok.com
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Jacek Pyziak
2026-05-05 22:36:55 +02:00
parent cf1a0adb0b
commit cb077e80d8
39 changed files with 812 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

244
plugins/special-actions-middle.php
View File

@@ -179,7 +179,138 @@ function strposa($haystack, $needles = array(), $offset = 0)
return min($chr);
}
function saveContactData( $name = '', $email = '', $phone = '', $message = '', $zip = '', $title = '', $company = '', $invoiceNumber = '', $address = '', $formId = '', $voivodeship = '', $clientType = '', $consentOffer = 0, $consentMarketing = 0 )
function contactAttachmentAllowedExtensions()
{
return ['pdf', 'jpg', 'jpeg', 'png', 'doc', 'docx', 'xls', 'xlsx', 'csv', 'txt', 'xml', 'dwg', 'dxf', 'zip'];
}
function contactAttachmentMaxSize()
{
return 50 * 1024 * 1024;
}
function ensureContactMessagesAttachmentsColumn($pdo)
{
static $checked = false;
if ($checked)
return;
$stmt = $pdo->query("SHOW COLUMNS FROM contact_messages LIKE 'attachments'");
if (!$stmt->fetch(PDO::FETCH_ASSOC))
{
try
{
$pdo->exec("ALTER TABLE contact_messages ADD attachments TEXT NULL AFTER consent_marketing");
}
catch (PDOException $e)
{
if (strpos($e->getMessage(), 'Duplicate column') === false && strpos($e->getMessage(), '1060') === false)
throw $e;
}
}
$checked = true;
}
function contactAttachmentSanitizeName($name)
{
$convertedName = @iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $name);
if ($convertedName !== false)
$name = $convertedName;
$name = preg_replace('/[^A-Za-z0-9_-]+/', '-', $name);
$name = trim($name, '-');
return $name ? strtolower($name) : 'plik';
}
function saveContactAttachments($fieldName = 'files')
{
$result = [
'success' => true,
'error' => '',
'files_to_send' => [],
'links' => []
];
if (empty($_FILES[$fieldName]) || empty($_FILES[$fieldName]['name']))
return $result;
$uploaded = $_FILES[$fieldName];
$names = is_array($uploaded['name']) ? $uploaded['name'] : [$uploaded['name']];
$tmpNames = is_array($uploaded['tmp_name']) ? $uploaded['tmp_name'] : [$uploaded['tmp_name']];
$sizes = is_array($uploaded['size']) ? $uploaded['size'] : [$uploaded['size']];
$errors = is_array($uploaded['error']) ? $uploaded['error'] : [$uploaded['error']];
$allowedExtensions = contactAttachmentAllowedExtensions();
$maxSize = contactAttachmentMaxSize();
$relativeDir = 'uploads/contact-attachments/' . date('Y') . '/' . date('m');
$targetDir = dirname(__DIR__) . '/' . $relativeDir;
if (!is_dir($targetDir) && !mkdir($targetDir, 0755, true))
{
$result['success'] = false;
$result['error'] = 'upload_dir';
return $result;
}
for ($i = 0; $i < count($names); $i++)
{
if (empty($names[$i]) || $errors[$i] == UPLOAD_ERR_NO_FILE)
continue;
if ($errors[$i] != UPLOAD_ERR_OK)
{
$result['success'] = false;
$result['error'] = 'upload_error';
return $result;
}
if ((int)$sizes[$i] > $maxSize)
{
$result['success'] = false;
$result['error'] = 'file_size';
return $result;
}
$extension = strtolower(pathinfo($names[$i], PATHINFO_EXTENSION));
if (!in_array($extension, $allowedExtensions))
{
$result['success'] = false;
$result['error'] = 'file_type';
return $result;
}
if (!is_uploaded_file($tmpNames[$i]))
{
$result['success'] = false;
$result['error'] = 'upload_source';
return $result;
}
$baseName = contactAttachmentSanitizeName(pathinfo($names[$i], PATHINFO_FILENAME));
$fileName = $baseName . '-' . date('YmdHis') . '-' . bin2hex(random_bytes(4)) . '.' . $extension;
$targetPath = $targetDir . '/' . $fileName;
if (!move_uploaded_file($tmpNames[$i], $targetPath))
{
$result['success'] = false;
$result['error'] = 'move_failed';
return $result;
}
$result['files_to_send'][] = $targetPath;
$result['links'][] = '/' . $relativeDir . '/' . $fileName;
}
return $result;
}
function contactAttachmentFailureMessage()
{
return 'Zalacznik ma niedozwolony typ pliku albo przekracza limit 50 MB.';
}
function saveContactData( $name = '', $email = '', $phone = '', $message = '', $zip = '', $title = '', $company = '', $invoiceNumber = '', $address = '', $formId = '', $voivodeship = '', $clientType = '', $consentOffer = 0, $consentMarketing = 0, $attachments = [] )
{
// Konfiguracja bazy danych
$dbHost = 'mysql8';
@@ -191,6 +322,7 @@ function saveContactData( $name = '', $email = '', $phone = '', $message = '', $
{
$pdo = new PDO("mysql:host=$dbHost;dbname=$dbName;charset=utf8mb4", $dbUser, $dbPass);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
ensureContactMessagesAttachmentsColumn($pdo);
// Przygotowanie danych
$data = [
@@ -209,14 +341,15 @@ function saveContactData( $name = '', $email = '', $phone = '', $message = '', $
'client_type' => str_replace(['\'', '"'], '', $clientType),
'consent_offer' => (int)$consentOffer,
'consent_marketing' => (int)$consentMarketing,
'attachments' => !empty($attachments) ? json_encode(array_values($attachments), JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE) : null,
'created_at' => date('Y-m-d H:i:s')
];
// Zaktualizowane zapytanie SQL
$sql = "INSERT INTO contact_messages
(form_id, name, email, phone, message, zip_code, topic, company, invoice_number, address, voivodeship, client_type, consent_offer, consent_marketing, created_at)
(form_id, name, email, phone, message, zip_code, topic, company, invoice_number, address, voivodeship, client_type, consent_offer, consent_marketing, attachments, created_at)
VALUES
(:form_id, :name, :email, :phone, :message, :zip_code, :topic, :company, :invoice_number, :address, :voivodeship, :client_type, :consent_offer, :consent_marketing, :created_at)";
(:form_id, :name, :email, :phone, :message, :zip_code, :topic, :company, :invoice_number, :address, :voivodeship, :client_type, :consent_offer, :consent_marketing, :attachments, :created_at)";
$stmt = $pdo->prepare($sql);
$stmt->execute($data);
@@ -305,17 +438,8 @@ if ( \S::get('action') == 'send-contact-modal' and \S::get('token') == \S::get_s
exit;
}
$countfiles = count($_FILES['files']['name']);
for ($i = 0; $i < $countfiles; $i++)
{
$filename = $_FILES['files']['name'][$i];
if ($filename and pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION) != 'php')
{
move_uploaded_file($_FILES['files']['tmp_name'][$i], 'temp/' . $filename);
$files_to_send[] = 'temp/' . $filename;
}
}
$files_to_send = [];
$attachment_links = [];
if ( \S::get( 'name' ) and \S::get( 'email' ) and \S::get( 'address' ) and \S::get( 'phone' ) and strposa( \S::get( 'name' ), $spam_words ) === false and strposa( \S::get( 'email' ), $spam_words ) === false and strposa( \S::get( 'address' ), $spam_words ) === false and strposa( \S::get( 'phone' ), $spam_words ) === false and strposa( \S::get( 'information' ), $spam_words ) === false )
{
@@ -335,7 +459,17 @@ if ( \S::get('action') == 'send-contact-modal' and \S::get('token') == \S::get_s
$fullMessage .= "\n\n--- Wymiary stolarki ---\n" . \S::get('wymiaryStolarki');
}
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), $fullMessage, \S::get('address'), '', '', '', '', 'modal-contact-form', '', '', $zgoda1, $zgoda2 );
$uploadedFiles = saveContactAttachments();
if (!$uploadedFiles['success'])
{
\S::alert(contactAttachmentFailureMessage());
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
$files_to_send = $uploadedFiles['files_to_send'];
$attachment_links = $uploadedFiles['links'];
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), $fullMessage, \S::get('address'), '', '', '', '', 'modal-contact-form', '', '', $zgoda1, $zgoda2, $attachment_links );
if ( \S::send_email( 'marketing@vidok.com', 'Wiadomość ze strony vidok.com', $text, \S::get('email'), $files_to_send ) )
{
@@ -459,18 +593,8 @@ if (\S::get('action') == 'send-contact-form-new' and \S::get('token') == \S::get
// should return JSON with success as true
if ($responseKeys["success"])
{
$countfiles = count($_FILES['files']['name']);
for ($i = 0; $i < $countfiles; $i++)
{
$filename = $_FILES['files']['name'][$i];
if ($filename and pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION) != 'php')
{
move_uploaded_file($_FILES['files']['tmp_name'][$i], 'temp/' . $filename);
$files_to_send[] = 'temp/' . $filename;
}
}
$files_to_send = [];
$attachment_links = [];
if ( \S::get('name') and \S::get('email') and \S::get('postal_code') and \S::get('phone') and \S::get('voivodeship') and \S::get('client') and strposa(\S::get('name'), $spam_words) === false and strposa(\S::get('email'), $spam_words) === false and
strposa(\S::get('postal_code'), $spam_words) === false and strposa(\S::get('phone'), $spam_words) === false and strposa(\S::get('message'), $spam_words) === false
@@ -488,7 +612,17 @@ if (\S::get('action') == 'send-contact-form-new' and \S::get('token') == \S::get
$zgoda1 = (\S::get('zgoda_1') == 'on' || \S::get('zgoda_1') == 1) ? 1 : 0;
$zgoda2 = (\S::get('zgoda_2') == 'on' || \S::get('zgoda_2') == 1) ? 1 : 0;
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2 );
$uploadedFiles = saveContactAttachments();
if (!$uploadedFiles['success'])
{
\S::alert(contactAttachmentFailureMessage());
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
$files_to_send = $uploadedFiles['files_to_send'];
$attachment_links = $uploadedFiles['links'];
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2, $attachment_links );
if (\S::send_email('marketing@vidok.com', 'Wiadomość ze strony vidok.com', $text, \S::get('email'), $files_to_send))
{
@@ -608,18 +742,8 @@ if (\S::get('action') == 'send-contact-form-new-2' and \S::get('token') == \S::g
// should return JSON with success as true
if ($responseKeys["success"])
{
$countfiles = count($_FILES['files']['name']);
for ($i = 0; $i < $countfiles; $i++)
{
$filename = $_FILES['files']['name'][$i];
if ($filename and pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION) != 'php')
{
move_uploaded_file($_FILES['files']['tmp_name'][$i], 'temp/' . $filename);
$files_to_send[] = 'temp/' . $filename;
}
}
$files_to_send = [];
$attachment_links = [];
if ( \S::get('name') and \S::get('email') and \S::get('postal_code') and \S::get('phone') and \S::get('voivodeship') and \S::get('client') and strposa(\S::get('name'), $spam_words) === false and strposa(\S::get('email'), $spam_words) === false and
strposa(\S::get('postal_code'), $spam_words) === false and strposa(\S::get('phone'), $spam_words) === false and strposa(\S::get('message'), $spam_words) === false
@@ -638,7 +762,17 @@ if (\S::get('action') == 'send-contact-form-new-2' and \S::get('token') == \S::g
$zgoda1 = (\S::get('zgoda_1') == 'on' || \S::get('zgoda_1') == 1) ? 1 : 0;
$zgoda2 = (\S::get('zgoda_2') == 'on' || \S::get('zgoda_2') == 1) ? 1 : 0;
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2 );
$uploadedFiles = saveContactAttachments();
if (!$uploadedFiles['success'])
{
\S::alert(contactAttachmentFailureMessage());
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
$files_to_send = $uploadedFiles['files_to_send'];
$attachment_links = $uploadedFiles['links'];
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2, $attachment_links );
if (\S::send_email('marketing@vidok.com', 'Wiadomość ze strony vidok.com', $text, \S::get('email'), $files_to_send))
{
@@ -751,18 +885,8 @@ if (\S::get('action') == 'send-contact-form-new-deweloper' and \S::get('token')
// should return JSON with success as true
if ($responseKeys["success"])
{
$countfiles = count($_FILES['files']['name']);
for ($i = 0; $i < $countfiles; $i++)
{
$filename = $_FILES['files']['name'][$i];
if ($filename and pathinfo($_FILES['files']['name'][$i], PATHINFO_EXTENSION) != 'php')
{
move_uploaded_file($_FILES['files']['tmp_name'][$i], 'temp/' . $filename);
$files_to_send[] = 'temp/' . $filename;
}
}
$files_to_send = [];
$attachment_links = [];
if ( \S::get('name') and \S::get('email') and \S::get('postal_code') and \S::get('phone') and \S::get('voivodeship') and \S::get('client') and strposa(\S::get('name'), $spam_words) === false and strposa(\S::get('email'), $spam_words) === false and
strposa(\S::get('postal_code'), $spam_words) === false and strposa(\S::get('phone'), $spam_words) === false and strposa(\S::get('message'), $spam_words) === false
@@ -783,7 +907,17 @@ if (\S::get('action') == 'send-contact-form-new-deweloper' and \S::get('token')
$zgoda1 = (\S::get('zgoda_1') == 'on' || \S::get('zgoda_1') == 1) ? 1 : 0;
$zgoda2 = (\S::get('zgoda_2') == 'on' || \S::get('zgoda_2') == 1) ? 1 : 0;
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2 );
$uploadedFiles = saveContactAttachments();
if (!$uploadedFiles['success'])
{
\S::alert(contactAttachmentFailureMessage());
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
$files_to_send = $uploadedFiles['files_to_send'];
$attachment_links = $uploadedFiles['links'];
saveContactData( \S::get('name'), \S::get('email'), \S::get('phone'), \S::get('message'), \S::get('postal_code'), '', '', '', '', 'contact-form-new', \S::get('voivodeship'), \S::get('client'), $zgoda1, $zgoda2, $attachment_links );
if (\S::send_email('marketing@vidok.com', 'Wiadomość ze strony vidok.com', $text, \S::get('email'), $files_to_send))
{
@@ -807,4 +941,4 @@ if (\S::get('action') == 'send-contact-form-new-deweloper' and \S::get('token')
}
header('Location: ' . $_SERVER['REQUEST_URI']);
exit;
}
}