Greywacke Posted May 19, 2011 Share Posted May 19, 2011 hi there,the following piece of php was recommended on the one accurately targeted site out of very few that were resulting from my search. <?php/*SURVEY MANAGER FORM GENERATORVersion 2.2.5*/function encrypt($string, $key) { $result = ''; for($i=0; $i<strlen($string); $i++) { $char = substr($string, $i, 1); $keychar = substr($key, ($i % strlen($key))-1, 1); $char = chr(ord($char)+ord($keychar)); $result.=$char; } return base64_encode($result);}function decrypt($string, $key) { $result = ''; $string = base64_decode($string); for($i=0; $i<strlen($string); $i++) { $char = substr($string, $i, 1); $keychar = substr($key, ($i % strlen($key))-1, 1); $char = chr(ord($char)-ord($keychar)); $result.=$char; } return $result;}// load installation db by passing encrypted include path in querystring$key = "JapieMySkapie101";$qs_encr = explode('?',$_SERVER['QUERY_STRING'],2);$qs_decr = explode('&',decrypt($qs_encr[0], $key),2);//print_r($qs_decr);$p = $qs_decr[0]; // installation path$q = $qs_decr[1]; // consumer survey idif (file_exists($p)) include($p); // call global includefunction getquestions($surveytype,$consumerid,$leadid=0,$refid=0) { global $conn; $sql = "SELECT * FROM 22_surveyquestions LEFT JOIN 23_surveyoptions ON ( 22_surveyquestions.bigint_QuestionID = 23_surveyoptions.bigint_QuestionID ) WHERE 22_surveyquestions.bigint_TypeID = ".$surveytype." ORDER BY 22_surveyquestions.smallint_SortOrder ASC, 23_surveyoptions.smallint_SortOrder ASC;"; $result = mysql_query_errors($sql, $conn , __FILE__ , __LINE__ ); $html = "<form id=\"form_survey\" name=\"form_survey\" method=\"post\" accept-charset=\"UTF-8\" action=\"survey_handler.php\" onsubmit=\"return valform(this);\">". "<input name=\"consumersurveyid\" id=\"consumersurveyid\" type=\"hidden\" value=\"".$GLOBALS["q"]."\" />". "<input name=\"includepath\" id=\"includepath\" type=\"hidden\" value=\"".$GLOBALS["p"]."\" />\n"; $q = array(); $q[0] = ""; $q[1] = ""; $shtml = ""; $i = 0; if ($result) { while ($row = mysql_fetch_array($result)) { $q[1] = $row["text_QuestionContent"]; if ($q[0] != $q[1]) { $i++; $n = 0; if ($q[0] != "") { $html .= " </p>\n"; } $q[0] = $q[1]; $html .= " <p><label for=\"radio_answer_".$i."_1\"><strong>".$i."). ".$q[1]."</strong></label></p>\n". " <p>\n"; $shtml = ""; } $n++; $a = xmlentities($row["text_OptionContent"]); $sid = 0; switch ($row["tinyint_OptionType"]) { case 1: // radio select + text input $html .= " <input type=\"radio\" name=\"group_".$i."\" id=\"radio_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" onfocus=\"document.form_survey.text_".$row["bigint_OptionID"].".focus();\" />". "<label for=\"radio_".$i."_".$n."\" > ".$a."<br /> ". "<input type=\"text\" name=\"text_".$row["bigint_OptionID"]."\" id=\"text_".$row["bigint_OptionID"]."\" value=\"\" /></label><br />\n"; break; case 2: // checkbox $html .= " <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"check_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" />". "<label for=\"check_".$i."_".$n."\" > ".$a."</label><br />\n"; break; case 3: // checkbox + text input $html .= " <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"check_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" onfocus=\"document.form_survey.text_".$row["bigint_OptionID"].".focus();\" />". "<label for=\"check_".$i."_".$n."\" > ".$a."<br /> ". "<input type=\"text\" name=\"text_".$row["bigint_OptionID"]."\" id=\"text_".$row["bigint_OptionID"]."\" value=\"\" /></label><br />\n"; break; case 4: // supplier names listing radio $sql0 = "SELECT 5_suppliers.bigint_SupplierID, 5_suppliers.text_SupplierName FROM 5_suppliers LEFT JOIN ( 27_leadssent, 13_prospectleadsent ) ON ( 5_suppliers.bigint_SupplierID = 27_leadssent.bigint_SupplierID AND 5_suppliers.bigint_SupplierID = 13_prospectleadsent.bigint_SupplierID ) WHERE 27_leadssent.bigint_LeadID = ".$leadid." OR 13_prospectleadsent.bigint_ProspectID = ".$refid." GROUP BY 5_suppliers.text_SupplierName;"; $result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ ); if ($result0) { while ($row0 = mysql_fetch_array($result0)) { $a = $row0["text_SupplierName"]; $html .= " <input type=\"radio\" name=\"group_".$i."\" id=\"supplier_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.".$row0["bigint_SupplierID"]."\" />". "<label for=\"supplier_".$i."_".$n."\" > ".$a."</label>". "<input type=\"hidden\" name=\"text_".$row0["bigint_SupplierID"]."\" id=\"text_".$row0["bigint_SupplierID"]."\" value=\"".$a."\" /><br />\n"; if ($n<mysql_num_rows($result0)) $n++; } } break; case 5: // supplier names listing checkbox $sql0 = "SELECT 5_suppliers.bigint_SupplierID, 5_suppliers.text_SupplierName FROM 5_suppliers LEFT JOIN ( 27_leadssent, 13_prospectleadsent ) ON ( 5_suppliers.bigint_SupplierID = 27_leadssent.bigint_SupplierID AND 5_suppliers.bigint_SupplierID = 13_prospectleadsent.bigint_SupplierID ) WHERE 27_leadssent.bigint_LeadID = ".$leadid." OR 13_prospectleadsent.bigint_ProspectID = ".$refid." GROUP BY 5_suppliers.text_SupplierName;"; $result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ ); if ($result0) { while ($row0 = mysql_fetch_array($result0)) { $a = $row0["text_SupplierName"]; $html .= " <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"supplier_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.".$row0["bigint_SupplierID"]."\" />". "<label for=\"supplier_".$i."_".$n."\" > ".$a."</label>". "<input type=\"hidden\" name=\"text_".$row0["bigint_SupplierID"]."\" id=\"text_".$row0["bigint_SupplierID"]."\" value=\"".$a."\" /><br />\n"; if ($n<mysql_num_rows($result0)) $n++; } } break; default: // radio select $html .= " <input type=\"radio\" name=\"group_".$i."\" id=\"radio_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" />". "<label for=\"radio_".$i."_".$n."\" > ".$a."</label><br />\n"; } } mysql_free_result($result); } $html .= " </p>\n"; $html .= " <p><input type=\"submit\" value=\"Submit!\" /><input type=\"reset\" value=\"Reset...\" /></p>\n"; $html .= "</form>"; return array($i, $html);}if (is_numeric($q)) { // retrieve consumer survey created with cronjob $sql0 = "SELECT * FROM 21_consumersurveys LEFT JOIN ( 19_consumers, 20_surveytypes, 2_servicescatalogue, 10_serviceprospects, 25_serviceleads ) ON ( 25_serviceleads.bigint_ConsumerID = 19_consumers.bigint_ConsumerID AND ( 21_consumersurveys.bigint_ReferenceID = 10_serviceprospects.bigint_ProspectID OR 21_consumersurveys.bigint_LeadID = 25_serviceleads.bigint_LeadID) AND 21_consumersurveys.bigint_SurveyType = 20_surveytypes.bigint_SurveyID AND 25_serviceleads.bigint_ServiceID = 2_servicescatalogue.bigint_ServiceID ) WHERE 21_consumersurveys.bigint_ConsumerSurveysID = ".$q." LIMIT 0, 1;"; $result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ ); if ($result0) { if ($row = mysql_fetch_array($result0)) { // initiate variables $service = $row["bigint_ServiceID"]; $consumerfullname = $row["text_ConsumerName"]; $consumeremail = $row["text_ConsumerE-Mail"]; $region = $row["bigint_ConsumerRegion"]; $attribs = $row["text_LeadAttributes"]; $attribsarr = formattribs($attribs); $surveytype = $row["text_SurveyDescription"]; $surveyq = getquestions($row["bigint_SurveyType"],$row["bigint_ConsumerID"],$row["bigint_LeadID"],$row["bigint_ReferenceID"]); $qcnt = $surveyq[0]; $surveyquestions = $surveyq[1]; $servicename = xmlentities($row["text_ServiceDescription"]); $surveyurl = "https://www.intellisource.co.za/survey.php?".$qs_encr[0]; $referer = (isset($_SERVER['HTTP_REFERER']))?$_SERVER['HTTP_REFERER']:""; $prospecting = 0; $recipient[6] = 0; $tsql0 = "SELECT * FROM 32_webformconfigs WHERE text_FormWebLocation LIKE \"".$referer."%\";"; $tresult0 = mysql_query_errors($tsql0, $conn, __FILE__, __LINE__ ); $trow0 = mysql_fetch_array($tresult0); $formid = $trow0["bigint_FormID"]; $formname = $trow0["text_FormName"]; $formlogo = $trow0["text_FormLogo"]; $formfromname = $trow0["text_FormMailerFromName"]; $formfrommail = $trow0["text_FormMailerFromAddress"]; $redirect = $trow0["text_Redirect"]; $pmail = $trow0["text_FormMailerFromAddress"]; $tafurl = $trow0["text_WebFormTAFUrl"]; $tafimg = $trow0["text_WebFormTAFImage"];?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta name="robots" content="none" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title><?php echo populateflags("%SURVEYHEADER%"); ?></title><script language="javascript" defer="defer"><!--function valform(form) { for (var i = 0; i < form.elements.length; i++) { var elm = form.elements[i]; var type = elm.type; var name = elm.name; var val = elm.value; var sele = false; //alert(name); switch (type) { case "radio": var q = parseInt(name.split("_")[1]); for (var n = 0; n < form[name].length; n++) { if (form[name][n].checked) { sele = true; } } if (!sele) { alert("An answer is required for question "+q+")."); form.elements[i].focus(); return false; } break; case "text": if (form.elements[i-1].checked && elm.value == "") { alert("Input text is required for checked or selected options."); form.elements[i].focus(); return false; } break; } } return true;}//--></script><style type="text/css"><!--body { background: #ffffff url('https://www.intellisource.co.za/images/mail_bg.jpg') repeat-x fixed top left;}* { margin: 0px; padding: 0px;}h1, h2, div { font: 10pt Tahoma, Verdana, Arial, Helvetica, sans-serif;}p { clear: both; margin: 12px;}a { font-weight: bold; text-decoration: none;}div.gw000 { /* container */ width: 90%; margin: 0 auto;}div.gw001 { /* header */ text-align: left; vertical-align: top;}div.gw002 { /* tools */ text-align: justify;}div.gw003 { /* data listing */ }A.gw000:hover { color: #008000;}A.gw001:hover { color: #800000;}div.gw004 { /* footer */ padding: 12px; font-size: 9pt; text-align: right; border-top: #b0b0b0 solid 1px;}div.gw005 { /* lead cost / balance */ float: left; text-align: left;}div.colleft { color: inherited; width: 65%; float: left;}div.colright { color: inherit; width: 30%; float: right;}.cleart { clear: both; margin: 12px;}.clearb { clear: both; color: #606060; margin: 12px;}input[type="text"] { margin-left: 21px; width: 260px;}//--></style></head><body><div class="gw000"> <div class="gw001"><img src="<?php echo populateflags("%LOGO%"); ?>" alt="" hspace="5" border="0" align="left" /></div> <div class="gw002"><?php echo populateflags("%SURVEYINTRO%"); ?></div> <div class="gw003"><?php echo populateflags("%SURVEYSIGNATURE%"); ?></div> <div class="gw004"><div class="gw005"><?php echo ((count($sql))?"SQL DEBUGGING INFO:<br />\n<br />\n".join("<br />\n<br />\n",$sql):""); ?></div></div></div></body></html><?php } }}?> Link to comment Share on other sites More sharing options...
Greywacke Posted May 19, 2011 Author Share Posted May 19, 2011 ah i get it now... the referer is not the form (this is where it identifies the form from). hmmm, wrote a query to identify the form by the form id now passed in the leads. also put a copy of the logo on the intellisource domain for download by the form. this issue is now officially sorted! the logo displays and no images "break" the https anymore... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.