public function get_attachment() { if ('POST' != $_SERVER['REQUEST_METHOD']) { die(json_encode(array('success' => false, 'message' => __('Error: only post method allowed.', APP_TD)))); } $required = array('ID', 'url', 'title'); foreach ($required as $key) { if (!isset($_POST[$key])) { die(json_encode(array('success' => false, 'message' => __('Error: missing required post data.', APP_TD)))); } } $post_id = absint($_POST['ID']); $url = appthemes_clean($_POST['url']); $title = wp_kses_data($_POST['title']); $attachment = $this->_get_attachment($post_id, $url); if (!$attachment) { $attachment = $this->alt_attachment($url, $post_id, $title); } if ($attachment) { $attachment->thumbnail_html = $this->display_attachment_thumbnail($attachment); $attachment->upload_date = appthemes_display_date($attachment->post_date, 'date'); $attachment->dimensions = $this->display_attachment_dimensions($attachment); die(json_encode($attachment)); } die(json_encode(array('success' => false, 'message' => __('Error: attachment not found.', APP_TD)))); }
/** * update function. * * @see WP_Widget->update * @access public * @param array $new_instance * @param array $old_instance * @return array */ function update($new_instance, $old_instance) { $instance = $old_instance; if (!$this->settings) { return $instance; } foreach ($this->settings as $key => $setting) { switch ($setting['type']) { case 'textarea': if (current_user_can('unfiltered_html')) { $instance[$key] = $new_instance[$key]; } else { $instance[$key] = wp_kses_data($new_instance[$key]); } break; case 'multicheck': $instance[$key] = maybe_serialize($new_instance[$key]); break; case 'text': case 'checkbox': case 'select': case 'number': case 'colorpicker': $instance[$key] = sanitize_text_field($new_instance[$key]); break; default: $instance[$key] = apply_filters('listify_widget_update_type_' . $setting['type'], $new_instance[$key], $key, $setting); break; } } $this->flush_widget_cache(); return $instance; }
function polefitness_cart_link() { ?> <a class="cart-contents" href="<?php echo esc_url(WC()->cart->get_cart_url()); ?> " title="<?php _e('Visa varukorgen', 'polefitness'); ?> "> <img src="<?php echo get_template_directory_uri(); ?> /images/cart.svg" height="16" width="16"> <span class="count"> <?php $product = wp_kses_data(sprintf('%d', WC()->cart->get_cart_contents_count())); if ($product == 1) { echo $product . ' <span class="product">vara</span>'; } else { echo $product . ' <span class="product">varor</span>'; } ?> </span> <span class="amount"> (<?php echo wp_kses_data(WC()->cart->get_cart_subtotal()); ?> ) </span> </a> <?php }
function get_post($validate = false, $ticket_id = 0, $attendee_index = 0) { $this->field_values = array(); foreach ($this->form_fields as $field) { $fieldid = $field['fieldid']; $value = ''; $request = $_REQUEST; if (isset($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index]) && $_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index] != '') { if (!is_array($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index])) { $this->field_values[$fieldid] = wp_kses_data(stripslashes($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index])); } elseif (is_array($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index])) { $this->field_values[$fieldid] = $_REQUEST['em_attendee_fields'][$ticket_id][$fieldid][$attendee_index]; } } //dates and time are special if (in_array($field['type'], array('date', 'time'))) { if (!empty($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid]['start'][$attendee_index])) { $this->field_values[$fieldid] = $_REQUEST['em_attendee_fields'][$ticket_id][$fieldid]['start'][$attendee_index]; } if ($field['options_' . $field['type'] . '_range'] && !empty($_REQUEST['em_attendee_fields'][$ticket_id][$fieldid]['end'][$attendee_index])) { $this->field_values[$fieldid] .= ',' . $_REQUEST['em_attendee_fields'][$ticket_id][$fieldid]['end'][$attendee_index]; } } } if ($validate) { return $this->validate(); } return true; }
function videotube_author_header() { global $videotube, $wp_query; //print_r( $wp_query ); $header = null; $user_id = isset($wp_query->query_vars['author']) ? $wp_query->query_vars['author'] : null; $user_data = get_user_by('id', $user_id); if ($videotube['enable_channelpage'] == 0 || !isset($videotube['enable_channelpage'])) { $header .= '<h3>' . $user_data->display_name . '</h3>'; } else { $header .= ' <div class="channel-header"> <div class="channel-image">' . get_avatar($user_id) . '</div> <div class="channel-info"> <h3>' . $user_data->display_name . '</h3> <span class="channel-item"><strong>' . __('Videos:', 'mars') . '</strong> ' . mars_get_user_postcount($user_id) . '</span> <span class="channel-item"><strong>' . __('Likes:', 'mars') . '</strong> ' . mars_get_user_metacount($user_id, 'like_key') . '</span> <span class="channel-item"><strong>' . __('Views:', 'mars') . '</strong> ' . mars_get_user_metacount($user_id, 'count_viewed') . '</span> '; if ($user_data->user_url) { $header .= '<span class="channel-item"><a ref="nofollow" href="' . $user_data->user_url . '"><i class="fa fa-home"></i></a></span>'; } $header .= ' </div> <div class="channel-description">' . wp_kses_data(nl2br($user_data->description)) . '</div> </div> <h3>Videos by: ' . $user_data->display_name . '</h3> '; } return $header; }
/** * Cart Link * Displayed a link to the cart including the number of items present and the cart total * * @since 2.2.6 * * @param array $settings Settings * * @return array Settings */ function odin_cart_link() { if (is_cart()) { $class = 'current-menu-item active'; } else { $class = ''; } ?> <li class="<?php echo esc_attr($class); ?> "> <a class="cart-contents" href="<?php echo esc_url(WC()->cart->get_cart_url()); ?> " title="<?php _e('View your shopping cart', 'odin'); ?> "> <?php echo wp_kses_data(WC()->cart->get_cart_total()); ?> <span class="count"><?php echo wp_kses_data(sprintf(_n('%d item', '%d items', WC()->cart->get_cart_contents_count(), 'odin'), WC()->cart->get_cart_contents_count())); ?> </span> </a> </li> <?php }
function save_settings() { if (!empty($_POST) && isset($_POST['nb-submit'])) { if (!isset($_POST['nb_settings_nonce_field']) || !wp_verify_nonce($_POST['nb_settings_nonce_field'], 'nb_settings_action')) { } else { global $notice_bar_themes; $settings['status'] = esc_attr($_POST[NB_SETTINGS_NAME]['status']); $settings['theme'] = esc_attr($_POST[NB_SETTINGS_NAME]['theme']); $theme_settings_name = 'theme_' . $settings['theme'] . '_settings'; $settings[$theme_settings_name]['message'] = wp_kses_data($_POST[NB_SETTINGS_NAME][$theme_settings_name]['message']); $settings[$theme_settings_name]['position'] = esc_attr($_POST[NB_SETTINGS_NAME][$theme_settings_name]['position']); $settings[$theme_settings_name]['button_label'] = sanitize_text_field($_POST[NB_SETTINGS_NAME][$theme_settings_name]['button_label']); $settings[$theme_settings_name]['button_link'] = esc_url_raw($_POST[NB_SETTINGS_NAME][$theme_settings_name]['button_link']); $settings[$theme_settings_name]['button_target'] = esc_attr($_POST[NB_SETTINGS_NAME][$theme_settings_name]['button_target']); $settings[$theme_settings_name]['background_color'] = sanitize_text_field($_POST[NB_SETTINGS_NAME][$theme_settings_name]['background_color']); $settings[$theme_settings_name]['font_color'] = sanitize_text_field($_POST[NB_SETTINGS_NAME][$theme_settings_name]['font_color']); $settings[$theme_settings_name]['font_size'] = absint($_POST[NB_SETTINGS_NAME][$theme_settings_name]['font_size']); $settings[$theme_settings_name]['bar_control'] = esc_attr($_POST[NB_SETTINGS_NAME][$theme_settings_name]['bar_control']); $theme_settings = $notice_bar_themes->theme_settings($settings['theme']); if ('' === $settings[$theme_settings_name]['message']) { $settings[$theme_settings_name]['message'] = $theme_settings['message']; } if ($settings[$theme_settings_name]['font_size'] < 1) { $settings[$theme_settings_name]['font_size'] = $theme_settings['font_size']; } update_option(NB_SETTINGS_NAME, $settings); // set_transient( 'notice_bar_success_message', __( 'Settings saved.', 'notice-bar' ), 0 ); wp_redirect(admin_url('admin.php?page=notice-bar&success=true')); } } }
/** * update function. * * @see WP_Widget->update * @access public * @param array $new_instance * @param array $old_instance * @return array */ function update($new_instance, $old_instance) { $instance = $old_instance; if (!$this->settings) { return $instance; } foreach ($this->settings as $key => $setting) { switch ($setting['type']) { case 'textarea': if (current_user_can('unfiltered_html')) { $instance[$key] = $new_instance[$key]; } else { $instance[$key] = wp_kses_data($new_instance[$key]); } break; case 'number': $instance[$key] = absint($new_instance[$key]); break; default: $instance[$key] = sanitize_text_field($new_instance[$key]); break; } } $this->flush_widget_cache(); return $instance; }
public function get_shortcode_date_format() { if (get_option('mdnooz_shortcode_date_format')) { return wp_kses_data(strip_tags(get_option('mdnooz_shortcode_date_format'))); } else { return $this->get_default_date_format(); } }
function rbs_ajax_create_article() { if (isset($_POST['galleryid']) && (int) $_POST['galleryid'] && isset($_POST['categoryid']) && (int) $_POST['categoryid']) { $galleryid = intval($_POST['galleryid']); $categoryid = intval($_POST['categoryid']); $post_info = get_post($galleryid); if (gettype($post_info) != 'object') { echo '<p><strong>' . __('Post not created. Error: ', 'rbs_gallery') . '</strong><br><p>empty gallery id</p>'; die; } $Poster = new PostController(); $title = $post_info->post_title; if (isset($_POST['articletitle']) && $_POST['articletitle']) { $title = wp_kses_data($_POST['articletitle']); } $slug = 'post_' . $post_info->post_name; if (isset($_POST['articleslug']) && $_POST['articleslug']) { $slug = wp_kses_data($_POST['articleslug']); } $Poster->set_title($title); $Poster->add_category(array($categoryid)); $Poster->set_type("post"); $Poster->set_content('[robo-gallery id="' . $galleryid . '"]'); $Poster->set_author_id(get_current_user_id()); $Poster->set_post_slug($slug); $Poster->set_post_state("publish"); $Poster->create(); $posts_id = get_post_meta($galleryid, 'rbs_gallery_id', true); if (!$posts_id) { $posts_id = array(); } else { $posts_id = json_decode($posts_id, true); } $postId = $Poster->PC_current_post_id; $posts_id[] = $postId; update_post_meta($galleryid, 'rbs_gallery_id', json_encode($posts_id, JSON_FORCE_OBJECT)); if (isset($Poster->errors) && count($Poster->errors)) { echo '<p><strong>' . __('Post not created. Error: ', 'rbs_gallery') . '</strong><br>'; for ($i = 0; $i < count($Poster->errors); $i++) { $error = $Poster->errors[$i]; echo ' - ' . $error . '<br>'; } echo '</p>'; } else { echo '<h3>' . __('Post ', 'rbs_gallery') . '"' . $title . '"' . __(' created', 'rbs_gallery') . '</h3>'; echo '<p> <a href="' . esc_url(get_edit_post_link($postId)) . '" class="button button-small" target="_blank"> ' . __('Edit', 'rbs_gallery') . '</a> <a href="' . esc_url(get_permalink($postId)) . '" class="button button-small" target="_blank"> ' . __('Preview', 'rbs_gallery') . '</a> </p>'; } } else { echo '<p><strong>' . __('Error: input value', 'rbs_gallery') . '</strong></p>'; } die; }
/** * Sanitize the field value. * * @param mixed $value * @return mixed */ public function sanitize($value) { switch ($this->type) { default: if (!current_user_can('unfiltered_html')) { $value = wp_kses_data($value); } } return $value; }
/** * Sanitize options. * * @param array $input * @return array */ public function sanitize_admin_options($input) { foreach ($input as $option_name => $value) { switch ($option_name) { case 'description': $input[$option_name] = wp_kses_data($value); break; } } return $input; }
function update($new_instance, $old_instance) { $instance = $old_instance; $instance['title'] = sprintf('%s', strip_tags(stripslashes($new_instance['title']))); $instance['description'] = sprintf('%s', wp_kses_data($new_instance['description'])); $instance['rss_text'] = sprintf('%s', strip_tags(stripslashes($new_instance['rss_text']))); $instance['email'] = sprintf('%s', wp_kses_data($new_instance['email'])); if (get_option('thesis_widget_subscriptions')) { delete_option('thesis_widget_subscriptions'); } return $instance; }
public function render_sections() { $out = '<ul class="tf_properties_list">'; foreach ($this->properties() as $property => $attribute) { $out .= sprintf('<li id="%s_control" class="tf_properties_list_expanded tf_styling_property_%s"> <strong class="tf_property_title %s"%s>%s</strong> <div class="tf_property_wrap"></div> </li>', esc_attr($attribute['name']), $property, 'customcss' === $property ? 'tf_expand_section' : 'tf_toggle_property_section', 'customcss' === $property ? 'data-expand="customcss"' : '', wp_kses_data($attribute['label'])); $this->initialize_helpers($attribute); $this->js_controls[$attribute['name']]['name'] = $attribute['name']; $this->js_controls[$attribute['name']]['type'] = $attribute['type']; } $out .= '</ul>'; // Pass data for templates $this->js_data = array('core' => array('background_control' => array('labels' => array('image' => __('Background Image', 'themify-flow'), 'repeatAll' => __('Repeat All', 'themify-flow'), 'repeatHorizontal' => __('Repeat Horizontal', 'themify-flow'), 'repeatVertical' => __('Repeat Vertical', 'themify-flow'), 'noRepeat' => __('No Repeat', 'themify-flow'), 'fullcover' => __('Fullcover', 'themify-flow'), 'leftTop' => __('Left Top', 'themify-flow'), 'leftCenter' => __('Left Center', 'themify-flow'), 'leftBottom' => __('Left Bottom', 'themify-flow'), 'rightTop' => __('Right Top', 'themify-flow'), 'rightCenter' => __('Right Center', 'themify-flow'), 'rightBottom' => __('Right Bottom', 'themify-flow'), 'centerTop' => __('Center Top', 'themify-flow'), 'centerCenter' => __('Center Center', 'themify-flow'), 'centerBottom' => __('Center Bottom', 'themify-flow'), 'noBackgroundImage' => __('No Background Image', 'themify-flow'), 'backgroundColor' => __('Background Color', 'themify-flow'), 'transparent' => __('Transparent', 'themify-flow'))), 'padding_control' => array('labels' => array('padding' => __('Padding', 'themify-flow'), 'paddingTop' => __('Padding Top', 'themify-flow'), 'paddingRight' => __('Padding Right', 'themify-flow'), 'paddingBottom' => __('Padding Bottom', 'themify-flow'), 'paddingLeft' => __('Padding Left', 'themify-flow'), 'applyToAll' => __('Apply to all padding.', 'themify-flow'))), 'margin_control' => array('labels' => array('margin' => __('Margin', 'themify-flow'), 'marginTop' => __('Margin Top', 'themify-flow'), 'marginRight' => __('Margin Right', 'themify-flow'), 'marginBottom' => __('Margin Bottom', 'themify-flow'), 'marginLeft' => __('Margin Left', 'themify-flow'), 'auto' => __('Auto', 'themify-flow'), 'applyToAll' => __('Apply to all margin.', 'themify-flow'))), 'width_control' => array('labels' => array('width' => __('Width', 'themify-flow'), 'auto' => __('Auto', 'themify-flow'))), 'height_control' => array('labels' => array('height' => __('Height', 'themify-flow'), 'auto' => __('Auto', 'themify-flow'))), 'min-width_control' => array('labels' => array('min-width' => __('Minimum Width', 'themify-flow'))), 'max-width_control' => array('labels' => array('max-width' => __('Maximum Width', 'themify-flow'))), 'min-height_control' => array('labels' => array('min-height' => __('Minimum Height', 'themify-flow'))), 'position_control' => array('labels' => array('position' => __('Position', 'themify-flow'), 'absolute' => __('Absolute', 'themify-flow'), 'relative' => __('Relative', 'themify-flow'), 'fixed' => __('Fixed', 'themify-flow'), 'static' => __('Static', 'themify-flow'), 'top' => __('Top', 'themify-flow'), 'right' => __('Right', 'themify-flow'), 'bottom' => __('Bottom', 'themify-flow'), 'left' => __('Left', 'themify-flow'), 'auto' => __('Auto', 'themify-flow'))), 'float_control' => array('labels' => array('float' => __('Float', 'themify-flow'), 'left' => __('Left', 'themify-flow'), 'right' => __('Right', 'themify-flow'), 'none' => __('None', 'themify-flow'))), 'opacity_control' => array('labels' => array()), 'z-index_control' => array('labels' => array()), 'customcss_control' => array('labels' => array())), 'controls' => $this->js_controls); wp_localize_script('tf-view-styling-control-js', '_tf_styling', $this->js_data); return $out; }
/** * Render action. * * @since 1.0.0 */ public function render_content() { ?> <label> <span class="customize-control-title"> <?php esc_html_e('Site Icon'); // We use the Wordpress context for this. ?> </span> <span class="description customize-control-description"> <?php echo wp_kses_data(__('Please manage your site icon through <a href="themes.php?page=site_icon_pro_options">Appearance -> Site Icon Pro</a>.', 'site-icon-pro')); ?> </span> </label> <?php }
public function sanitize($value) { $allow_html = $this->getSetting('allow_html'); // Sanitize if ('limited' == $allow_html) { $value = wp_kses_data($value); // Only some inline tags } elseif ('raw' == $allow_html) { $value = $value; // Any HTML tags and attr, even 'script'. RAW } elseif ($allow_html === false) { $value = strip_tags($value); // No tags allowed at all } else { $value = wp_kses_post($value); // Default. Can use only the tags that are allowed in posts. } return $value; }
function storefront_cart_link() { ?> <a class="cart-contents" href="<?php echo esc_url(WC()->cart->get_cart_url()); ?> " title="<?php _e('View your shopping cart', 'storefront'); ?> "> <?php echo wp_kses_data(WC()->cart->get_cart_subtotal()); ?> <span class="count"><?php echo wp_kses_data(sprintf(_n('%d item', '%d items', WC()->cart->get_cart_contents_count(), 'storefront'), WC()->cart->get_cart_contents_count())); ?> </span> </a> <?php }
/** * Recent reviews widget */ public function recent_reviews() { global $wpdb; $comments = $wpdb->get_results("SELECT *, SUBSTRING(comment_content,1,100) AS comment_excerpt\n\t\tFROM {$wpdb->comments}\n\t\tLEFT JOIN {$wpdb->posts} ON ({$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID)\n\t\tWHERE comment_approved = '1'\n\t\tAND comment_type = ''\n\t\tAND post_password = ''\n\t\tAND post_type = 'product'\n\t\tORDER BY comment_date_gmt DESC\n\t\tLIMIT 8"); if ($comments) { echo '<ul>'; foreach ($comments as $comment) { echo '<li>'; echo get_avatar($comment->comment_author, '32'); $rating = intval(get_comment_meta($comment->comment_ID, 'rating', true)); echo '<div class="star-rating" title="' . esc_attr($rating) . '"> <span style="width:' . $rating * 20 . '%">' . $rating . ' ' . __('out of 5', 'woocommerce') . '</span></div>'; echo '<h4 class="meta"><a href="' . get_permalink($comment->ID) . '#comment-' . absint($comment->comment_ID) . '">' . esc_html__(apply_filters('woocommerce_admin_dashboard_recent_reviews', $comment->post_title, $comment)) . '</a> ' . __('reviewed by', 'woocommerce') . ' ' . esc_html($comment->comment_author) . '</h4>'; echo '<blockquote>' . wp_kses_data($comment->comment_excerpt) . ' [...]</blockquote></li>'; } echo '</ul>'; } else { echo '<p>' . __('There are no product reviews yet.', 'woocommerce') . '</p>'; } }
function e_commerce_cart_link() { if (is_woocommerce_activated()) { ?> <div class="cart-contents cart_totals"> <a href="<?php echo esc_url(WC()->cart->get_cart_url()); ?> " title="<?php _e('View cart', 'e-commerce'); ?> "> <span class="cart-icon"></span><span class="subtotal"><?php echo wp_kses_data(WC()->cart->get_cart_subtotal()); ?> </span> <span class="count"><?php echo wp_kses_data(sprintf(_n('%d item', '%d items', WC()->cart->get_cart_contents_count(), 'e-commerce'), WC()->cart->get_cart_contents_count())); ?> </span> </a> </div> <?php } }
/** * Decides whether to register a user based on a certain booking that is to be added * @param EM_Booking $EM_Booking */ function em_booking_add_registration($EM_Booking) { global $EM_Notices; //Does this user need to be registered first? $registration = true; if ((!is_user_logged_in() && get_option('dbem_bookings_anonymous') || EM_Bookings::is_registration_forced()) && !get_option('dbem_bookings_registration_disable')) { //find random username - less options for user, less things go wrong $username_root = explode('@', wp_kses_data($_REQUEST['user_email'])); $username_root = $username_rand = sanitize_user($username_root[0], true); while (username_exists($username_rand)) { $username_rand = $username_root . rand(1, 1000); } $_REQUEST['dbem_phone'] = !empty($_REQUEST['dbem_phone']) ? wp_kses_data($_REQUEST['dbem_phone']) : ''; //fix to prevent warnings $_REQUEST['user_name'] = !empty($_REQUEST['user_name']) ? wp_kses_data($_REQUEST['user_name']) : ''; //fix to prevent warnings $user_data = array('user_login' => $username_rand, 'user_email' => $_REQUEST['user_email'], 'user_name' => $_REQUEST['user_name'], 'dbem_phone' => $_REQUEST['dbem_phone']); $id = em_register_new_user($user_data); if (is_numeric($id)) { $EM_Person = new EM_Person($id); $EM_Booking->person_id = $id; $feedback = get_option('dbem_booking_feedback_new_user'); $EM_Notices->add_confirm($feedback); add_action('em_bookings_added', 'em_new_user_notification'); } else { $registration = false; if (is_object($id) && get_class($id) == 'WP_Error') { /* @var $id WP_Error */ if ($id->get_error_code() == 'email_exists') { $EM_Notices->add_error(get_option('dbem_booking_feedback_email_exists')); } else { $EM_Notices->add_error($id->get_error_messages()); } } else { $EM_Notices->add_error(get_option('dbem_booking_feedback_reg_error')); } } } elseif ((!is_user_logged_in() || EM_Bookings::is_registration_forced()) && get_option('dbem_bookings_registration_disable')) { //Validate name, phone and email if ($EM_Booking->get_person_post()) { //Save default person to booking $EM_Booking->person_id = get_option('dbem_bookings_registration_user'); } else { $registration = false; } } elseif (!is_user_logged_in()) { $registration = false; $EM_Notices->add_error(get_option('dbem_booking_feedback_log_in')); } elseif (empty($EM_Booking->person_id)) { //user must be logged in, so we make this person the current user id $EM_Booking->person_id = get_current_user_id(); } return apply_filters('em_booking_add_registration_result', $registration, $EM_Booking, $EM_Notices); }
/** * @param $subject * @param $body * @param $receiver */ function send($subject = "no title", $body = "No message specified", $receiver = '', $attachments = array()) { //TODO add an EM_Error global object, for this sort of error reporting. (@marcus like StatusNotice) global $smtpsettings, $phpmailer, $cformsSettings; $subject = html_entity_decode(wp_kses_data($subject)); //decode entities, but run kses first just in case users use placeholders containing html if (is_array($receiver)) { $receiver_emails = array(); foreach ($receiver as $receiver_email) { $receiver_emails[] = is_email($receiver_email); } $emails_ok = !in_array(false, $receiver_emails); } else { $emails_ok = is_email($receiver); } if (get_option('dbem_smtp_html') && get_option('dbem_smtp_html_br')) { $body = nl2br($body); } if ($emails_ok && get_option('dbem_rsvp_mail_send_method') == 'wp_mail') { $from = get_option('dbem_mail_sender_address'); $headers = get_option('dbem_mail_sender_name') ? 'From: ' . get_option('dbem_mail_sender_name') . ' <' . $from . '>' : 'From: ' . $from; if (get_option('dbem_smtp_html')) { //create filter to change content type to html in wp_mail add_filter('wp_mail_content_type', create_function('', 'return "text/html";')); } $send = wp_mail($receiver, $subject, $body, $headers); if (!$send) { global $phpmailer; $this->errors[] = $phpmailer->ErrorInfo; } return $send; } elseif ($emails_ok && get_option('dbem_rsvp_mail_send_method') == 'mail') { if (is_array($receiver)) { $receiver = implode(', ', $receiver); } $headers = ''; if (get_option('dbem_smtp_html')) { $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset="UTF-8"' . "\r\n"; } else { $headers = 'Content-Type: text/plain; charset="UTF-8"' . "\r\n"; } $from = get_option('dbem_mail_sender_address'); $headers .= get_option('dbem_mail_sender_name') ? 'From: ' . get_option('dbem_mail_sender_name') . ' <' . $from . '>' : 'From: ' . $from; $send = mail($receiver, $subject, $body, $headers); if (!$send) { $this->errors[] = __('Could not send email.', 'dbem'); } return $send; } elseif ($emails_ok) { $this->load_phpmailer(); $mail = new EM_PHPMailer(); //$mail->SMTPDebug = true; if (get_option('dbem_smtp_html')) { $mail->isHTML(); } $mail->ClearAllRecipients(); $mail->ClearAddresses(); $mail->ClearAttachments(); $mail->CharSet = 'utf-8'; $mail->SetLanguage('en', dirname(__FILE__) . '/'); $mail->PluginDir = dirname(__FILE__) . '/phpmailer/'; $mail->Host = get_option('dbem_smtp_host'); $mail->port = get_option('dbem_rsvp_mail_port'); $mail->Username = get_option('dbem_smtp_username'); $mail->Password = get_option('dbem_smtp_password'); $mail->From = get_option('dbem_mail_sender_address'); $mail->FromName = get_option('dbem_mail_sender_name'); // This is the from name in the email, you can put anything you like here $mail->Body = $body; $mail->Subject = $subject; //add attachments if (is_array($attachments)) { foreach ($attachments as $attachment) { $att = array('name' => '', 'encoding' => 'base64', 'type' => 'application/octet-stream'); if (is_array($attachment)) { $att = array_merge($att, $attachment); } else { $att['path'] = $attachment; } $mail->AddAttachment($att['path'], $att['name'], $att['encoding'], $att['type']); } } do_action('em_mailer', $mail); //$mail will still be modified if (is_array($receiver)) { foreach ($receiver as $receiver_email) { $mail->AddAddress($receiver_email); } } else { $mail->AddAddress($receiver); } //Protocols if (get_option('dbem_rsvp_mail_send_method') == 'qmail') { $mail->IsQmail(); } else { $mail->Mailer = get_option('dbem_rsvp_mail_send_method'); } if (get_option('dbem_rsvp_mail_SMTPAuth') == '1') { $mail->SMTPAuth = TRUE; } $send = $mail->Send(); if (!$send) { $this->errors[] = $mail->ErrorInfo; } do_action('em_mailer_sent', $mail, $send); //$mail can still be modified return $send; } else { $this->errors[] = __('Please supply a valid email format.', 'dbem'); return false; } }
/** * Add a booking note to this booking. returns wpdb result or false if use can't manage this event. * @param string $note * @return mixed */ function add_note($note_text) { global $wpdb; if ($this->can_manage()) { $this->get_notes(); $note = array('author' => get_current_user_id(), 'note' => $note_text, 'timestamp' => current_time('timestamp')); $this->notes[] = wp_kses_data($note); $this->feedback_message = __('Booking note successfully added.', 'dbem'); return $wpdb->insert(EM_META_TABLE, array('object_id' => $this->booking_id, 'meta_key' => 'booking-note', 'meta_value' => serialize($note)), array('%d', '%s', '%s')); } return false; }
?> :</td> <td class="help"><?php echo isset($post['help']) ? $post['help'] : ''; ?> </td> <td> <mark class="<?php echo $mark; ?> "> <?php echo !empty($post['success']) ? '✔' : '✕'; ?> <?php echo !empty($post['note']) ? wp_kses_data($post['note']) : ''; ?> </mark> </td> </tr> <?php } ?> </tbody> </table> <table class="jigoshop_status_table widefat" cellspacing="0" id="status"> <thead> <tr> <th colspan="3" data-export-label="Server Locale"><?php _e('Server Locale', 'jigoshop'); ?>
/** * Sanitize options. * * @param array $input * @return array */ public function sanitize_admin_options($input) { foreach ($input as $option_name => $value) { switch ($option_name) { case 'thankyou_message': $input[$option_name] = wp_kses_data($value); break; case 'secret_key': case 'publishable_key': $input[$option_name] = sanitize_text_field($value); break; } } return $input; }
/** * Sanitises various option values based on the nature of the option. * * This is basically a switch statement which will pass $value through a number * of functions depending on the $option. * * @since 2.0.5 * * @global wpdb $wpdb WordPress database abstraction object. * * @param string $option The name of the option. * @param string $value The unsanitised value. * @return string Sanitized value. */ function sanitize_option($option, $value) { global $wpdb; $original_value = $value; $error = ''; switch ($option) { case 'admin_email': case 'new_admin_email': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { $value = sanitize_email($value); if (!is_email($value)) { $error = __('The email address entered did not appear to be a valid email address. Please enter a valid email address.'); } } break; case 'thumbnail_size_w': case 'thumbnail_size_h': case 'medium_size_w': case 'medium_size_h': case 'medium_large_size_w': case 'medium_large_size_h': case 'large_size_w': case 'large_size_h': case 'mailserver_port': case 'comment_max_links': case 'page_on_front': case 'page_for_posts': case 'rss_excerpt_length': case 'default_category': case 'default_email_category': case 'default_link_category': case 'close_comments_days_old': case 'comments_per_page': case 'thread_comments_depth': case 'users_can_register': case 'start_of_week': case 'site_icon': $value = absint($value); break; case 'posts_per_page': case 'posts_per_rss': $value = (int) $value; if (empty($value)) { $value = 1; } if ($value < -1) { $value = abs($value); } break; case 'default_ping_status': case 'default_comment_status': // Options that if not there have 0 value but need to be something like "closed" if ($value == '0' || $value == '') { $value = 'closed'; } break; case 'blogdescription': case 'blogname': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { $value = esc_html($value); } break; case 'blog_charset': $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes break; case 'blog_public': // This is the value if the settings checkbox is not checked on POST. Don't rely on this. if (null === $value) { $value = 1; } else { $value = intval($value); } break; case 'date_format': case 'time_format': case 'mailserver_url': case 'mailserver_login': case 'mailserver_pass': case 'upload_path': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { $value = strip_tags($value); $value = wp_kses_data($value); } break; case 'ping_sites': $value = explode("\n", $value); $value = array_filter(array_map('trim', $value)); $value = array_filter(array_map('esc_url_raw', $value)); $value = implode("\n", $value); break; case 'gmt_offset': $value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes break; case 'siteurl': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { if (preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $error = __('The WordPress address you entered did not appear to be a valid URL. Please enter a valid URL.'); } } break; case 'home': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { if (preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $error = __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.'); } } break; case 'WPLANG': $allowed = get_available_languages(); if (!is_multisite() && defined('WPLANG') && '' !== WPLANG && 'en_US' !== WPLANG) { $allowed[] = WPLANG; } if (!in_array($value, $allowed) && !empty($value)) { $value = get_option($option); } break; case 'illegal_names': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { if (!is_array($value)) { $value = explode(' ', $value); } $value = array_values(array_filter(array_map('trim', $value))); if (!$value) { $value = ''; } } break; case 'limited_email_domains': case 'banned_email_domains': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { if (!is_array($value)) { $value = explode("\n", $value); } $domains = array_values(array_filter(array_map('trim', $value))); $value = array(); foreach ($domains as $domain) { if (!preg_match('/(--|\\.\\.)/', $domain) && preg_match('|^([a-zA-Z0-9-\\.])+$|', $domain)) { $value[] = $domain; } } if (!$value) { $value = ''; } } break; case 'timezone_string': $allowed_zones = timezone_identifiers_list(); if (!in_array($value, $allowed_zones) && !empty($value)) { $error = __('The timezone you have entered is not valid. Please select a valid timezone.'); } break; case 'permalink_structure': case 'category_base': case 'tag_base': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { $value = esc_url_raw($value); $value = str_replace('http://', '', $value); } break; case 'default_role': if (!get_role($value) && get_role('subscriber')) { $value = 'subscriber'; } break; case 'moderation_keys': case 'blacklist_keys': $value = $wpdb->strip_invalid_text_for_column($wpdb->options, 'option_value', $value); if (is_wp_error($value)) { $error = $value->get_error_message(); } else { $value = explode("\n", $value); $value = array_filter(array_map('trim', $value)); $value = array_unique($value); $value = implode("\n", $value); } break; } if (!empty($error)) { $value = get_option($option); if (function_exists('add_settings_error')) { add_settings_error($option, "invalid_{$option}", $error); } } /** * Filter an option value following sanitization. * * @since 2.3.0 * @since 4.3.0 Added the `$original_value` parameter. * * @param string $value The sanitized option value. * @param string $option The option name. * @param string $original_value The original value passed to the function. */ return apply_filters("sanitize_option_{$option}", $value, $option, $original_value); }
/** * Sanitises various option values based on the nature of the option. * * This is basically a switch statement which will pass $value through a number * of functions depending on the $option. * * @since 2.0.5 * * @param string $option The name of the option. * @param string $value The unsanitised value. * @return string Sanitized value. */ function sanitize_option($option, $value) { switch ($option) { case 'admin_email': case 'new_admin_email': $value = sanitize_email($value); if (!is_email($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error($option, 'invalid_admin_email', __('The email address entered did not appear to be a valid email address. Please enter a valid email address.')); } } break; case 'thumbnail_size_w': case 'thumbnail_size_h': case 'medium_size_w': case 'medium_size_h': case 'large_size_w': case 'large_size_h': case 'mailserver_port': case 'comment_max_links': case 'page_on_front': case 'page_for_posts': case 'rss_excerpt_length': case 'default_category': case 'default_email_category': case 'default_link_category': case 'close_comments_days_old': case 'comments_per_page': case 'thread_comments_depth': case 'users_can_register': case 'start_of_week': $value = absint($value); break; case 'posts_per_page': case 'posts_per_rss': $value = (int) $value; if (empty($value)) { $value = 1; } if ($value < -1) { $value = abs($value); } break; case 'default_ping_status': case 'default_comment_status': // Options that if not there have 0 value but need to be something like "closed" if ($value == '0' || $value == '') { $value = 'closed'; } break; case 'blogdescription': case 'blogname': $value = wp_kses_post($value); $value = esc_html($value); break; case 'blog_charset': $value = preg_replace('/[^a-zA-Z0-9_-]/', '', $value); // strips slashes break; case 'blog_public': // This is the value if the settings checkbox is not checked on POST. Don't rely on this. if (null === $value) { $value = 1; } else { $value = intval($value); } break; case 'date_format': case 'time_format': case 'mailserver_url': case 'mailserver_login': case 'mailserver_pass': case 'upload_path': $value = strip_tags($value); $value = wp_kses_data($value); break; case 'ping_sites': $value = explode("\n", $value); $value = array_filter(array_map('trim', $value)); $value = array_filter(array_map('esc_url_raw', $value)); $value = implode("\n", $value); break; case 'gmt_offset': $value = preg_replace('/[^0-9:.-]/', '', $value); // strips slashes break; case 'siteurl': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('siteurl', 'invalid_siteurl', __('The WordPress address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'home': if ((bool) preg_match('#http(s?)://(.+)#i', $value)) { $value = esc_url_raw($value); } else { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('home', 'invalid_home', __('The Site address you entered did not appear to be a valid URL. Please enter a valid URL.')); } } break; case 'WPLANG': $allowed = get_available_languages(); if (!in_array($value, $allowed) && !empty($value)) { $value = get_option($option); } break; case 'illegal_names': if (!is_array($value)) { $value = explode("\n", $value); } $value = array_values(array_filter(array_map('trim', $value))); if (!$value) { $value = ''; } break; case 'limited_email_domains': case 'banned_email_domains': if (!is_array($value)) { $value = explode("\n", $value); } $domains = array_values(array_filter(array_map('trim', $value))); $value = array(); foreach ($domains as $domain) { if (!preg_match('/(--|\\.\\.)/', $domain) && preg_match('|^([a-zA-Z0-9-\\.])+$|', $domain)) { $value[] = $domain; } } if (!$value) { $value = ''; } break; case 'timezone_string': $allowed_zones = timezone_identifiers_list(); if (!in_array($value, $allowed_zones) && !empty($value)) { $value = get_option($option); // Resets option to stored value in the case of failed sanitization if (function_exists('add_settings_error')) { add_settings_error('timezone_string', 'invalid_timezone_string', __('The timezone you have entered is not valid. Please select a valid timezone.')); } } break; case 'permalink_structure': case 'category_base': case 'tag_base': $value = esc_url_raw($value); $value = str_replace('http://', '', $value); break; } $value = apply_filters("sanitize_option_{$option}", $value, $option); return $value; }
/** * Will output a event in the format passed in $format by replacing placeholders within the format. * @param string $format * @param string $target * @return string */ function output($format, $target = "html") { $event_string = $format; //Time place holder that doesn't show if empty. //TODO add filter here too preg_match_all('/#@?_\\{[^}]+\\}/', $format, $results); foreach ($results[0] as $result) { if (substr($result, 0, 3) == "#@_") { $date = 'end_date'; $offset = 4; } else { $date = 'start_date'; $offset = 3; } if ($date == 'end_date' && $this->event_end_date == $this->event_start_date) { $replace = __(apply_filters('em_event_output_placeholder', '', $this, $result, $target)); } else { $replace = __(apply_filters('em_event_output_placeholder', mysql2date(substr($result, $offset, strlen($result) - ($offset + 1)), $this->{$date}), $this, $result, $target)); } $event_string = str_replace($result, $replace, $event_string); } //This is for the custom attributes preg_match_all('/#_ATT\\{([^}]+)\\}(\\{([^}]+)\\})?/', $event_string, $results); $attributes = em_get_attributes(); foreach ($results[0] as $resultKey => $result) { //Strip string of placeholder and just leave the reference $attRef = substr(substr($result, 0, strpos($result, '}')), 6); $attString = ''; if (is_array($this->event_attributes) && array_key_exists($attRef, $this->event_attributes)) { $attString = $this->event_attributes[$attRef]; } elseif (!empty($results[3][$resultKey])) { //Check to see if we have a second set of braces; $attString = $results[3][$resultKey]; } elseif (!empty($attributes['values'][$attRef][0])) { $attString = $attributes['values'][$attRef][0]; } $attString = apply_filters('em_event_output_placeholder', $attString, $this, $result, $target); $event_string = str_replace($result, $attString, $event_string); } //First let's do some conditional placeholder removals for ($i = 0; $i < EM_CONDITIONAL_RECURSIONS; $i++) { //you can add nested recursions by modifying this setting in your wp_options table preg_match_all('/\\{([a-zA-Z0-9_\\-]+)\\}(.+?)\\{\\/\\1\\}/s', $event_string, $conditionals); if (count($conditionals[0]) > 0) { //Check if the language we want exists, if not we take the first language there foreach ($conditionals[1] as $key => $condition) { $show_condition = false; if ($condition == 'has_bookings') { //check if there's a booking, if not, remove this section of code. $show_condition = $this->event_rsvp && get_option('dbem_rsvp_enabled'); } elseif ($condition == 'no_bookings') { //check if there's a booking, if not, remove this section of code. $show_condition = !$this->event_rsvp && get_option('dbem_rsvp_enabled'); } elseif ($condition == 'no_location') { //does this event have a valid location? $show_condition = empty($this->location_id) || !$this->get_location()->location_status; } elseif ($condition == 'has_location') { //does this event have a valid location? $show_condition = !empty($this->location_id) && $this->get_location()->location_status; } elseif ($condition == 'has_image') { //does this event have an image? $show_condition = $this->get_image_url() != ''; } elseif ($condition == 'no_image') { //does this event have an image? $show_condition = $this->get_image_url() == ''; } elseif ($condition == 'has_time') { //are the booking times different and not an all-day event $show_condition = $this->event_start_time != $this->event_end_time && !$this->event_all_day; } elseif ($condition == 'no_time') { //are the booking times exactly the same and it's not an all-day event. $show_condition = $this->event_start_time == $this->event_end_time && !$this->event_all_day; } elseif ($condition == 'all_day') { //is it an all day event $show_condition = !empty($this->event_all_day); } elseif ($condition == 'logged_in') { //user is logged in $show_condition = is_user_logged_in(); } elseif ($condition == 'not_logged_in') { //not logged in $show_condition = !is_user_logged_in(); } elseif ($condition == 'has_spaces') { //there are still empty spaces $show_condition = $this->event_rsvp && $this->get_bookings()->get_available_spaces() > 0; } elseif ($condition == 'fully_booked') { //event is fully booked $show_condition = $this->event_rsvp && $this->get_bookings()->get_available_spaces() <= 0; } elseif ($condition == 'bookings_open') { //bookings are still open $show_condition = $this->event_rsvp && $this->get_bookings()->is_open(); } elseif ($condition == 'bookings_closed') { //bookings are still closed $show_condition = $this->event_rsvp && !$this->get_bookings()->is_open(); } elseif ($condition == 'is_free' || $condition == 'is_free_now') { //is it a free day event, if _now then free right now $show_condition = !$this->event_rsvp || $this->is_free($condition == 'is_free_now'); } elseif ($condition == 'not_free' || $condition == 'not_free_now') { //is it a paid event, if _now then paid right now $show_condition = $this->event_rsvp && !$this->is_free($condition == 'not_free_now'); } elseif ($condition == 'is_long') { //is it an all day event $show_condition = $this->event_start_date != $this->event_end_date; } elseif ($condition == 'not_long') { //is it an all day event $show_condition = $this->event_start_date == $this->event_end_date; } elseif ($condition == 'is_past') { //if event is past if (get_option('dbem_events_current_are_past')) { $show_condition = $this->start <= current_time('timestamp'); } else { $show_condition = $this->end <= current_time('timestamp'); } } elseif ($condition == 'is_future') { //if event is upcoming $show_condition = $this->start > current_time('timestamp'); } elseif ($condition == 'is_current') { //if event is upcoming $ts = current_time('timestamp'); $show_condition = $this->start <= $ts && $this->end >= $ts; } elseif ($condition == 'is_recurrence') { //if event is a recurrence $show_condition = $this->is_recurrence(); } elseif ($condition == 'not_recurrence') { //if event is not a recurrence $show_condition = !$this->is_recurrence(); } elseif ($condition == 'is_private') { //if event is a recurrence $show_condition = $this->event_private == 1; } elseif ($condition == 'not_private') { //if event is not a recurrence $show_condition = $this->event_private == 0; } elseif (preg_match('/^has_category_([a-zA-Z0-9_\\-]+)$/', $condition, $category_match)) { //event is in this category $show_condition = has_term($category_match[1], EM_TAXONOMY_CATEGORY, $this->post_id); } elseif (preg_match('/^no_category_([a-zA-Z0-9_\\-]+)$/', $condition, $category_match)) { //event is NOT in this category $show_condition = !has_term($category_match[1], EM_TAXONOMY_CATEGORY, $this->post_id); } elseif (preg_match('/^has_tag_([a-zA-Z0-9_\\-]+)$/', $condition, $tag_match)) { //event has this tag $show_condition = has_term($tag_match[1], EM_TAXONOMY_TAG, $this->post_id); } elseif (preg_match('/^no_tag_([a-zA-Z0-9_\\-]+)$/', $condition, $tag_match)) { //event doesn't have this tag $show_condition = !has_term($tag_match[1], EM_TAXONOMY_TAG, $this->post_id); } //other potential ones - has_attribute_... no_attribute_... has_categories_... $show_condition = apply_filters('em_event_output_show_condition', $show_condition, $condition, $conditionals[0][$key], $this); if ($show_condition) { //calculate lengths to delete placeholders $placeholder_length = strlen($condition) + 2; $replacement = substr($conditionals[0][$key], $placeholder_length, strlen($conditionals[0][$key]) - ($placeholder_length * 2 + 1)); } else { $replacement = ''; } $event_string = str_replace($conditionals[0][$key], apply_filters('em_event_output_condition', $replacement, $condition, $conditionals[0][$key], $this), $event_string); } } } //Now let's check out the placeholders. preg_match_all("/(#@?_?[A-Za-z0-9]+)({([^}]+)})?/", $event_string, $placeholders); $replaces = array(); foreach ($placeholders[1] as $key => $result) { $match = true; $replace = ''; $full_result = $placeholders[0][$key]; switch ($result) { //Event Details case '#_EVENTID': $replace = $this->event_id; break; case '#_EVENTPOSTID': $replace = $this->post_id; break; case '#_NAME': //depreciated //depreciated case '#_EVENTNAME': $replace = $this->event_name; break; case '#_NOTES': //depreciated //depreciated case '#_EXCERPT': //depreciated //depreciated case '#_EVENTNOTES': case '#_EVENTEXCERPT': $replace = $this->post_content; if ($result == "#_EXCERPT" || $result == "#_EVENTEXCERPT") { if (!empty($this->post_excerpt)) { $replace = $this->post_excerpt; } else { $excerpt_length = 55; $excerpt_more = apply_filters('em_excerpt_more', ' ' . '[...]'); if (!empty($placeholders[3][$key])) { $trim = true; $ph_args = explode(',', $placeholders[3][$key]); if (is_numeric($ph_args[0])) { $excerpt_length = $ph_args[0]; } if (!empty($ph_args[1])) { $excerpt_more = $ph_args[1]; } } if (preg_match('/<!--more(.*?)?-->/', $replace, $matches)) { $content = explode($matches[0], $replace, 2); $replace = force_balance_tags($content[0]); } if (!empty($trim)) { //shorten content by supplied number - copied from wp_trim_excerpt $replace = strip_shortcodes($replace); $replace = str_replace(']]>', ']]>', $replace); $replace = wp_trim_words($replace, $excerpt_length, $excerpt_more); } } } break; case '#_EVENTIMAGEURL': case '#_EVENTIMAGE': if ($this->get_image_url() != '') { if ($result == '#_EVENTIMAGEURL') { $replace = esc_url($this->image_url); } else { if (empty($placeholders[3][$key])) { $replace = "<img src='" . esc_url($this->image_url) . "' alt='" . esc_attr($this->event_name) . "'/>"; } else { $image_size = explode(',', $placeholders[3][$key]); $image_url = $this->image_url; if (self::array_is_numeric($image_size) && count($image_size) > 1) { //get a thumbnail if (get_option('dbem_disable_thumbnails')) { $image_attr = ''; $image_args = array(); if (empty($image_size[1]) && !empty($image_size[0])) { $image_attr = 'width="' . $image_size[0] . '"'; $image_args['w'] = $image_size[0]; } elseif (empty($image_size[0]) && !empty($image_size[1])) { $image_attr = 'height="' . $image_size[1] . '"'; $image_args['h'] = $image_size[1]; } elseif (!empty($image_size[0]) && !empty($image_size[1])) { $image_attr = 'width="' . $image_size[0] . '" height="' . $image_size[1] . '"'; $image_args = array('w' => $image_size[0], 'h' => $image_size[1]); } $replace = "<img src='" . esc_url(em_add_get_params($image_url, $image_args)) . "' alt='" . esc_attr($this->event_name) . "' {$image_attr} />"; } else { if (EM_MS_GLOBAL && get_current_blog_id() != $this->blog_id) { switch_to_blog($this->blog_id); $switch_back = true; } $replace = get_the_post_thumbnail($this->ID, $image_size); if (!empty($switch_back)) { restore_current_blog(); } } } else { $replace = "<img src='" . esc_url($image_url) . "' alt='" . esc_attr($this->event_name) . "'/>"; } } } } break; //Times & Dates //Times & Dates case '#_24HSTARTTIME': case '#_24HENDTIME': $time = $result == '#_24HSTARTTIME' ? $this->event_start_time : $this->event_end_time; $replace = substr($time, 0, 5); break; case '#_12HSTARTTIME': case '#_12HENDTIME': $time = $result == '#_12HSTARTTIME' ? $this->event_start_time : $this->event_end_time; $replace = date('g:i A', strtotime($time)); break; case '#_EVENTTIMES': //get format of time to show if (!$this->event_all_day) { $time_format = get_option('dbem_time_format') ? get_option('dbem_time_format') : get_option('time_format'); if ($this->event_start_time != $this->event_end_time) { $replace = date_i18n($time_format, $this->start) . get_option('dbem_times_separator') . date_i18n($time_format, $this->end); } else { $replace = date_i18n($time_format, $this->start); } } else { $replace = get_option('dbem_event_all_day_message'); } break; case '#_EVENTDATES': //get format of time to show $date_format = get_option('dbem_date_format') ? get_option('dbem_date_format') : get_option('date_format'); if ($this->event_start_date != $this->event_end_date) { $replace = date_i18n($date_format, $this->start) . get_option('dbem_dates_separator') . date_i18n($date_format, $this->end); } else { $replace = date_i18n($date_format, $this->start); } break; //Links //Links case '#_EVENTPAGEURL': //Depreciated //Depreciated case '#_LINKEDNAME': //Depreciated //Depreciated case '#_EVENTURL': //Just the URL //Just the URL case '#_EVENTLINK': //HTML Link $event_link = esc_url($this->get_permalink()); if ($result == '#_LINKEDNAME' || $result == '#_EVENTLINK') { $replace = '<a href="' . $event_link . '" title="' . esc_attr($this->event_name) . '">' . esc_attr($this->event_name) . '</a>'; } else { $replace = $event_link; } break; case '#_EDITEVENTURL': case '#_EDITEVENTLINK': if ($this->can_manage('edit_events', 'edit_others_events')) { $link = esc_url($this->get_edit_url()); if ($result == '#_EDITEVENTLINK') { $replace = '<a href="' . $link . '">' . esc_html(sprintf(__('Edit Event', 'dbem'))) . '</a>'; } else { $replace = $link; } } break; //Bookings //Bookings case '#_ADDBOOKINGFORM': //Depreciated //Depreciated case '#_REMOVEBOOKINGFORM': //Depreciated //Depreciated case '#_BOOKINGFORM': if (get_option('dbem_rsvp_enabled')) { if (!defined('EM_XSS_BOOKINGFORM_FILTER') && locate_template('plugins/events-manager/placeholders/bookingform.php')) { //xss fix for old overriden booking forms add_filter('em_booking_form_action_url', 'esc_url'); define('EM_XSS_BOOKINGFORM_FILTER', true); } ob_start(); $template = em_locate_template('placeholders/bookingform.php', true, array('EM_Event' => $this)); EM_Bookings::enqueue_js(); $replace = ob_get_clean(); } break; case '#_BOOKINGBUTTON': if (get_option('dbem_rsvp_enabled') && $this->event_rsvp) { ob_start(); $template = em_locate_template('placeholders/bookingbutton.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); } break; case '#_EVENTPRICERANGEALL': $show_all_ticket_prices = true; //continues below //continues below case '#_EVENTPRICERANGE': //get the range of prices $min = false; $max = 0; if ($this->get_bookings()->is_open() || !empty($show_all_ticket_prices)) { foreach ($this->get_tickets()->tickets as $EM_Ticket) { /* @var $EM_Ticket EM_Ticket */ if ($EM_Ticket->is_available() || get_option('dbem_bookings_tickets_show_unavailable') || !empty($show_all_ticket_prices)) { if ($EM_Ticket->get_price() > $max) { $max = $EM_Ticket->get_price(); } if ($EM_Ticket->get_price() < $min || $min === false) { $min = $EM_Ticket->get_price(); } } } } if ($min === false) { $min = 0; } if ($min != $max) { $replace = em_get_currency_formatted($min) . ' - ' . em_get_currency_formatted($max); } else { $replace = em_get_currency_formatted($min); } break; case '#_EVENTPRICEMIN': //get the range of prices $min = false; foreach ($this->get_tickets()->tickets as $EM_Ticket) { /* @var $EM_Ticket EM_Ticket */ if ($EM_Ticket->is_available() || get_option('dbem_bookings_tickets_show_unavailable')) { if ($EM_Ticket->get_price() < $min || $min === false) { $min = $EM_Ticket->get_price(); } } } if ($min === false) { $min = 0; } $replace = em_get_currency_formatted($min); break; case '#_EVENTPRICEMAX': //get the range of prices $max = 0; foreach ($this->get_tickets()->tickets as $EM_Ticket) { /* @var $EM_Ticket EM_Ticket */ if ($EM_Ticket->is_available() || get_option('dbem_bookings_tickets_show_unavailable')) { if ($EM_Ticket->get_price() > $max) { $max = $EM_Ticket->get_price(); } } } $replace = em_get_currency_formatted($max); break; case '#_AVAILABLESEATS': //Depreciated //Depreciated case '#_AVAILABLESPACES': if ($this->event_rsvp && get_option('dbem_rsvp_enabled')) { $replace = $this->get_bookings()->get_available_spaces(); } else { $replace = "0"; } break; case '#_BOOKEDSEATS': //Depreciated //Depreciated case '#_BOOKEDSPACES': //This placeholder is actually a little misleading, as it'll consider reserved (i.e. pending) bookings as 'booked' if ($this->event_rsvp && get_option('dbem_rsvp_enabled')) { $replace = $this->get_bookings()->get_booked_spaces(); if (get_option('dbem_bookings_approval_reserved')) { $replace += $this->get_bookings()->get_pending_spaces(); } } else { $replace = "0"; } break; case '#_PENDINGSPACES': if ($this->event_rsvp && get_option('dbem_rsvp_enabled')) { $replace = $this->get_bookings()->get_pending_spaces(); } else { $replace = "0"; } break; case '#_SEATS': //Depreciated //Depreciated case '#_SPACES': $replace = $this->get_spaces(); break; case '#_BOOKINGSURL': case '#_BOOKINGSLINK': if ($this->can_manage('manage_bookings', 'manage_others_bookings')) { $bookings_link = esc_url($this->get_bookings_url()); if ($result == '#_BOOKINGSLINK') { $replace = '<a href="' . $bookings_link . '" title="' . esc_attr($this->event_name) . '">' . esc_html($this->event_name) . '</a>'; } else { $replace = $bookings_link; } } break; case '#_BOOKINGSCUTOFF': case '#_BOOKINGSCUTOFFDATE': case '#_BOOKINGSCUTOFFTIME': $replace = ''; if ($this->event_rsvp && get_option('dbem_rsvp_enabled') && !empty($this->rsvp_end)) { $replace_format = get_option('dbem_date_format') . ' ' . get_option('dbem_time_format'); if ($result == '#_BOOKINGSCUTOFFDATE') { $replace_format = get_option('dbem_date_format'); } if ($result == '#_BOOKINGSCUTOFFTIME') { $replace_format = get_option('dbem_time_format'); } $replace = date($replace_format, $this->rsvp_end); } break; //Contact Person //Contact Person case '#_CONTACTNAME': case '#_CONTACTPERSON': //Depreciated (your call, I think name is better) $replace = $this->get_contact()->display_name; break; case '#_CONTACTUSERNAME': $replace = $this->get_contact()->user_login; break; case '#_CONTACTEMAIL': case '#_CONTACTMAIL': //Depreciated $replace = $this->get_contact()->user_email; break; case '#_CONTACTURL': $replace = $this->get_contact()->user_url; break; case '#_CONTACTID': $replace = $this->get_contact()->ID; break; case '#_CONTACTPHONE': $replace = $this->get_contact()->phone != '' ? $this->get_contact()->phone : __('N/A', 'dbem'); break; case '#_CONTACTAVATAR': $replace = get_avatar($this->get_contact()->ID, $size = '50'); break; case '#_CONTACTPROFILELINK': case '#_CONTACTPROFILEURL': if (function_exists('bp_core_get_user_domain')) { $replace = bp_core_get_user_domain($this->get_contact()->ID); if ($result == '#_CONTACTPROFILELINK') { $replace = '<a href="' . esc_url($replace) . '">' . __('Profile', 'dbem') . '</a>'; } } break; case '#_CONTACTMETA': if (!empty($placeholders[3][$key])) { $replace = get_user_meta($this->event_owner, $placeholders[3][$key], true); } break; case '#_ATTENDEES': ob_start(); $template = em_locate_template('placeholders/attendees.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; case '#_ATTENDEESLIST': ob_start(); $template = em_locate_template('placeholders/attendeeslist.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; case '#_ATTENDEESPENDINGLIST': ob_start(); $template = em_locate_template('placeholders/attendeespendinglist.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; //Categories and Tags //Categories and Tags case '#_EVENTCATEGORIESIMAGES': ob_start(); $template = em_locate_template('placeholders/eventcategoriesimages.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; case '#_EVENTTAGS': ob_start(); $template = em_locate_template('placeholders/eventtags.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; case '#_CATEGORIES': //depreciated //depreciated case '#_EVENTCATEGORIES': ob_start(); $template = em_locate_template('placeholders/categories.php', true, array('EM_Event' => $this)); $replace = ob_get_clean(); break; //Ical Stuff //Ical Stuff case '#_EVENTICALURL': case '#_EVENTICALLINK': $replace = $this->get_ical_url(); if ($result == '#_EVENTICALLINK') { $replace = '<a href="' . esc_url($replace) . '">iCal</a>'; } break; case '#_EVENTGCALURL': case '#_EVENTGCALLINK': //get dates in UTC/GMT time if ($this->event_all_day && $this->event_start_date == $this->event_end_date) { $dateStart = get_gmt_from_date(date('Y-m-d H:i:s', $this->start), 'Ymd'); $dateEnd = get_gmt_from_date(date('Y-m-d H:i:s', $this->start + 60 * 60 * 24), 'Ymd'); } else { $dateStart = get_gmt_from_date(date('Y-m-d H:i:s', $this->start), 'Ymd\\THis\\Z'); $dateEnd = get_gmt_from_date(date('Y-m-d H:i:s', $this->end), 'Ymd\\THis\\Z'); } //build url $gcal_url = 'http://www.google.com/calendar/event?action=TEMPLATE&text=event_name&dates=start_date/end_date&details=post_content&location=location_name&trp=false&sprop=event_url&sprop=name:blog_name'; $gcal_url = str_replace('event_name', urlencode($this->event_name), $gcal_url); $gcal_url = str_replace('start_date', urlencode($dateStart), $gcal_url); $gcal_url = str_replace('end_date', urlencode($dateEnd), $gcal_url); $gcal_url = str_replace('location_name', urlencode($this->output('#_LOCATION')), $gcal_url); $gcal_url = str_replace('blog_name', urlencode(get_bloginfo()), $gcal_url); $gcal_url = str_replace('event_url', urlencode($this->get_permalink()), $gcal_url); //calculate URL length so we know how much we can work with to make a description. if (!empty($this->post_excerpt)) { $gcal_url_description = $this->post_excerpt; } else { $matches = explode('<!--more', $this->post_content); $gcal_url_description = wp_kses_data($matches[0]); } $gcal_url_length = strlen($gcal_url) - 9; if (strlen($gcal_url_description) + $gcal_url_length > 1350) { $gcal_url_description = substr($gcal_url_description, 0, 1380 - $gcal_url_length - 3) . '...'; } $gcal_url = str_replace('post_content', urlencode($gcal_url_description), $gcal_url); //get the final url $replace = $gcal_url; if ($result == '#_EVENTGCALLINK') { $img_url = 'www.google.com/calendar/images/ext/gc_button2.gif'; $img_url = is_ssl() ? 'https://' . $img_url : 'http://' . $img_url; $replace = '<a href="' . esc_url($replace) . '" target="_blank"><img src="' . esc_url($img_url) . '" alt="0" border="0"></a>'; } break; default: $replace = $full_result; break; } $replaces[$full_result] = apply_filters('em_event_output_placeholder', $replace, $this, $full_result, $target); } //sort out replacements so that during replacements shorter placeholders don't overwrite longer varieties. krsort($replaces); foreach ($replaces as $full_result => $replacement) { if (!in_array($full_result, array('#_NOTES', '#_EVENTNOTES'))) { $event_string = str_replace($full_result, $replacement, $event_string); } else { $new_placeholder = str_replace('#_', '__#', $full_result); //this will avoid repeated filters when locations/categories are parsed $event_string = str_replace($full_result, $new_placeholder, $event_string); $desc_replace[$new_placeholder] = $replacement; } } //Time placeholders foreach ($placeholders[1] as $result) { // matches all PHP START date and time placeholders if (preg_match('/^#[dDjlNSwzWFmMntLoYyaABgGhHisueIOPTZcrU]$/', $result)) { $replace = date_i18n(ltrim($result, "#"), $this->start); $replace = apply_filters('em_event_output_placeholder', $replace, $this, $result, $target); $event_string = str_replace($result, $replace, $event_string); } // matches all PHP END time placeholders for endtime if (preg_match('/^#@[dDjlNSwzWFmMntLoYyaABgGhHisueIOPTZcrU]$/', $result)) { $replace = date_i18n(ltrim($result, "#@"), $this->end); $replace = apply_filters('em_event_output_placeholder', $replace, $this, $result, $target); $event_string = str_replace($result, $replace, $event_string); } } //Now do dependent objects if (!empty($this->location_id) && $this->get_location()->location_status) { $event_string = $this->get_location()->output($event_string, $target); } else { $EM_Location = new EM_Location(); $event_string = $EM_Location->output($event_string, $target); } //for backwards compat and easy use, take over the individual category placeholders with the frirst cat in th elist. $EM_Categories = $this->get_categories(); if (count($EM_Categories->categories) > 0) { $EM_Category = $EM_Categories->get_first(); } if (empty($EM_Category)) { $EM_Category = new EM_Category(); } $event_string = $EM_Category->output($event_string, $target); //Finally, do the event notes, so that previous placeholders don't get replaced within the content, which may use shortcodes if (!empty($desc_replace)) { foreach ($desc_replace as $full_result => $replacement) { $event_string = str_replace($full_result, $replacement, $event_string); } } //do some specific formatting //TODO apply this sort of formatting to any output() function if ($target == 'ical') { //strip html and escape characters $event_string = str_replace('\\', '\\\\', strip_tags($event_string)); $event_string = str_replace(';', '\\;', $event_string); $event_string = str_replace(',', '\\,', $event_string); //remove and define line breaks in ical format $event_string = str_replace('\\\\n', '\\n', $event_string); $event_string = str_replace("\r\n", '\\n', $event_string); $event_string = str_replace("\n", '\\n', $event_string); } return apply_filters('em_event_output', $event_string, $this, $format, $target); }
/** * save_single_event_meta * * saves the custom fields for a single event * * @return void */ public static function save_single_event_meta($postId) { $customFields = (array) tribe_get_option('custom-fields'); foreach ($customFields as $customField) { if (isset($customField['name'])) { if (!isset($_POST[$customField['name']])) { $_POST[$customField['name']] = ''; } $val = $_POST[$customField['name']]; $val = is_array($val) ? esc_attr(implode("|", $val)) : wp_kses($val, array('a' => array('href' => array(), 'title' => array(), 'target' => array()), 'b' => array(), 'i' => array(), 'strong' => array(), 'em' => array())); update_post_meta($postId, wp_kses_data($customField['name']), $val); } } }
/** * Show the upgrade notice below a plugin row if there is one. * * @since 2.5.0 * * @see /wp-admin/includes/update.php * * @param string $slug Plugin slug. * @param array $item The information available in this table row. * @return null Return early if upgrade notice is empty. */ public function wp_plugin_update_row($slug, $item) { if (empty($item['upgrade_notice'])) { return; } echo ' <tr class="plugin-update-tr"> <td colspan="', absint($this->get_column_count()), '" class="plugin-update colspanchange"> <div class="update-message">', esc_html__('Upgrade message from the plugin author:', 'tgmpa'), ' <strong>', wp_kses_data($item['upgrade_notice']), '</strong> </div> </td> </tr>'; }
/** * Hooks into em_event_get_post and writes the original event translation data into the current event, to avoid validation errors and correct data saving. * @param boolean $result * @param EM_Event $EM_Event * @return boolean */ public static function event_get_post_meta($result, $EM_Event) { //check if this is a master event, if not then we need to get the relevant master event info and populate this object with it so it passes validation and saves correctly. if (!EM_ML::is_original($EM_Event)) { //get original event object $event = EM_ML::get_original_event($EM_Event); EM_ML_IO::event_merge_original_meta($EM_Event, $event); if ($EM_Event->location_id == 0) { $_POST['no_location'] = 1; } // We need to save ticket translations here as well to the ticket objects foreach ($EM_Event->get_tickets()->tickets as $EM_Ticket) { /* @var $EM_Ticket EM_Ticket */ $ticket_translation = array(); if (!empty($_REQUEST['ticket_translations'][$EM_Ticket->ticket_id]['ticket_name'])) { $ticket_translation['ticket_name'] = wp_kses_data(stripslashes($_REQUEST['ticket_translations'][$EM_Ticket->ticket_id]['ticket_name'])); } if (!empty($_REQUEST['ticket_translations'][$EM_Ticket->ticket_id]['ticket_description'])) { $ticket_translation['ticket_description'] = wp_kses_post(stripslashes($_REQUEST['ticket_translations'][$EM_Ticket->ticket_id]['ticket_description'])); } if (!empty($ticket_translation)) { $EM_Ticket->ticket_meta['langs'][EM_ML::$current_language] = $ticket_translation; } } } elseif (!empty($EM_Event->location_id)) { //we need to make sure the location is the original location $EM_Location = $EM_Event->get_location(); if (!EM_ML::is_original($EM_Location)) { $EM_Event->location_id = EM_ML::get_original_location($EM_Location)->location_id; } } return $result; }