addElement('text', 'name', array('label' => 'Your Name', 'required' => true)); $form->name->removeDecorator('Label'); $form->addElement('text', 'email', array('label' => 'Your Email', 'required' => true)); $form->email->addValidator('EmailAddress'); $form->email->removeDecorator('Label'); $form->addElement('textarea', 'comments', array('label' => 'Comments', 'required' => true, 'rows' => 10)); $form->comments->removeDecorator('Label'); if (!Qs_Request::isXmlHttpRequest()) { $csrfToken = new Zend_Form_Element_Hash('csrf_token'); $csrfToken->setSalt(Zend_Crypt::hash('MD5', uniqid() . microtime())); $form->addElement($csrfToken); } $form->addElement('captcha', 'captcha'); $form->captcha->removeDecorator('Label'); return $this; } protected function _doInsert() { $form = $this->_getNewForm(); if ($form->validate()) { $this->_initFromForm($form); if (($e = $this->dataObj->insert()) instanceof Exception) { if ($e instanceof Qs_Db_Obj_Exception) { $this->_setBackError($e->getMessage()); } else { Qs_Debug::processException($e); } } else { $this->_postInsert(); $this->_setBackMessage(Qs_ViewController::MSG_ADDED); } $this->_doBack(); } else { $csrfErrors = $form->getErrors('csrf_token'); if (!empty($csrfErrors)) { $this->_logCsrfErrors(); }; $this->_renderMainForm($form); } return $this; } protected function _logCsrfErrors() { $logsPath = BASE_PATH . '/tmp/csrf-logs'; if (!is_dir($logsPath)) { $umask = umask(0); if (false === mkdir($logsPath, 0777)) { umask($umask); return false; } umask($umask); } if (($fp = fopen($logsPath . '/times_' . date('Y-m-d') . '.txt', 'a+'))) { $separator = ' '; fwrite( $fp, date('Y-m-d H:i:s') . $separator . $_SERVER['REMOTE_ADDR'] . $separator . $_SERVER['REQUEST_METHOD'] . $separator . 'POST: '. implode($separator, Qs_Request::getPost()) . $separator . 'GET: '. implode($separator, Qs_Request::getGet()) . $separator . str_replace(WEB_PATH . '/', '/', $_SERVER['REQUEST_URI']) . "\n" ); fclose($fp); } return $this; } protected function _bindFormButtons(Qs_Form $form) { $form->addElement('submit', 'btnSubmit', array( 'label' => 'Submit', 'attribs' => array('class' => 'btn'), 'decorators' => array('ViewHelper') ) ); $decorators = array('FormElements'); $decorators[] = array('decorator' => 'HtmlTag', 'options' => array('tag' => 'div')); $decorators[] = 'Fieldset'; $decorators[] = 'DtDdWrapper'; $form->addDisplayGroup(array('btnSubmit'), 'submitGroup', array('decorators' => $decorators)); return $this; } protected function _getMailData(array $data) { $mailData = array( 'name' => htmlspecialchars($data['name']), 'email' => htmlspecialchars($data['email']), 'comments' => nl2br(htmlspecialchars($data['comments'])), 'link' => BASE_URL . '/' . Qs_SiteMap::findFirst(null, array('type' => 'Form_Contact_Admin'), null, 'fullAlias') . '?action=view&id=' . $data['id'], ); return $mailData; } protected function _getNewForm() { $this->doc->addScript('js/defaultHint.js', array(), 'defaultHint'); $params = array( 'elements' => array( array('selector' => '#name', 'hint' => 'Your Name'), array('selector' => '#email', 'hint' => 'Your Email'), array('selector' => '#comments', 'hint' => 'Message', 'required' => true) ) ); $this->doc->addInitFunction ('$().defaultHint', array($params)); return parent::_getNewForm(); } }