Beispiel #1
0
 public function __construct($form, $post_id = null, $preview = false, $force_form_count = false)
 {
     global $post, $current_user;
     // reference to the form submission method
     global ${'_' . self::METHOD};
     $method =& ${'_' . self::METHOD};
     // if types is not active, no CRED
     if (!function_exists('wpcf_init') || !defined('WPCF_ABSPATH')) {
         $this->error = __('Types plugin not active', 'wp-cred');
         return;
     }
     self::initVars();
     // get inputs
     if (isset($post_id) && !empty($post_id) && $post_id != false && !$preview) {
         $post_id = intval($post_id);
     } elseif (isset($post->ID) && !$preview) {
         $post_id = $post->ID;
     } else {
         $post_id = false;
     }
     // get recaptcha settings
     if (!self::$recaptcha_settings) {
         $sm = CRED_Loader::get('MODEL/Settings');
         $gen_setts = $sm->getSettings();
         if (isset($gen_setts['recaptcha']['public_key']) && isset($gen_setts['recaptcha']['private_key']) && !empty($gen_setts['recaptcha']['public_key']) && !empty($gen_setts['recaptcha']['private_key'])) {
             self::$recaptcha_settings = $gen_setts['recaptcha'];
         }
     }
     // load form data
     require_once ABSPATH . '/wp-admin/includes/post.php';
     $fm = CRED_Loader::get('MODEL/Forms');
     $this->_form = $fm->getForm($form);
     if ($this->_form === false) {
         $this->error = __('Form does not exist!', 'wp-cred');
         return;
     }
     $this->_form_id = $this->_form->form->ID;
     // preview when form is not saved at all
     //print_r($this->_form);
     if (!isset($this->_form->fields) || !is_array($this->_form->fields) || empty($this->_form->fields) || !isset($this->_form->fields['form_settings'])) {
         $this->_form->fields = array('form_settings' => new stdClass(), 'extra' => new stdClass(), 'notification' => new stdClass());
         if ($preview) {
             $this->error = __('Form preview does not exist. Try saving your form first', 'wp-cred');
             return;
         }
     }
     $this->_redirect_delay = isset($this->_form->fields['form_settings']->redirect_delay) ? intval($this->_form->fields['form_settings']->redirect_delay) : self::DELAY;
     $this->_hide_comments = isset($this->_form->fields['form_settings']->hide_comments) && $this->_form->fields['form_settings']->hide_comments ? true : false;
     $form_id = $this->_form->form->ID;
     $cred_css_themes = array('minimal' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/minimal.css', 'styled' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/styled.css');
     $this->_extra = array();
     if ($preview) {
         if (array_key_exists(self::PREFIX . 'form_preview_post_type', $method)) {
             $this->_post_type = $this->_form->fields['form_settings']->post_type = stripslashes($method[self::PREFIX . 'form_preview_post_type']);
         } else {
             $this->error = __('Preview post type not provided', 'wp-cred');
             return;
         }
         if (array_key_exists(self::PREFIX . 'form_preview_form_type', $method)) {
             $this->_form_type = stripslashes($method[self::PREFIX . 'form_preview_form_type']);
         } else {
             $this->error = __('Preview form type not provided', 'wp-cred');
             return;
         }
         if (array_key_exists(self::PREFIX . 'form_preview_content', $method)) {
             $this->_preview_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
             $this->_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
         } else {
             $this->error = __('No preview form content provided', 'wp-cred');
             return;
         }
         if (array_key_exists(self::PREFIX . 'form_css_to_use', $method)) {
             $this->css_to_use = trim(stripslashes($method[self::PREFIX . 'form_css_to_use']));
             if (in_array($this->css_to_use, array_keys($cred_css_themes))) {
                 $this->css_to_use = $cred_css_themes[$this->css_to_use];
             } else {
                 $this->css_to_use = $cred_css_themes['minimal'];
             }
         } else {
             $this->css_to_use = $cred_css_themes['minimal'];
         }
         if (array_key_exists(self::PREFIX . 'extra_css_to_use', $method)) {
             $this->_extra['css'] = trim(stripslashes($method[self::PREFIX . 'extra_css_to_use']));
         }
         if (array_key_exists(self::PREFIX . 'extra_js_to_use', $method)) {
             $this->_extra['js'] = trim(stripslashes($method[self::PREFIX . 'extra_js_to_use']));
         }
     } else {
         $this->_post_type = $this->_form->fields['form_settings']->post_type;
         $this->_form_type = $this->_form->fields['form_settings']->form_type;
         $this->_extra = isset($this->_form->fields['extra']) ? (array) $this->_form->fields['extra'] : array();
         // get form content in order to replace it with actual form
         $this->_content = $this->_form->form->post_content;
         if (isset($this->_form->fields['form_settings']->cred_theme_css) && in_array($this->_form->fields['form_settings']->cred_theme_css, array_keys($cred_css_themes))) {
             $this->css_to_use = $cred_css_themes[$this->_form->fields['form_settings']->cred_theme_css];
         } else {
             $this->css_to_use = $cred_css_themes['minimal'];
         }
     }
     if (!isset($this->_extra['messages'])) {
         if (isset($this->_form->fields['extra']) && isset($this->_form->fields['extra']->messages)) {
             $this->_extra['messages'] = $this->_form->fields['extra']->messages;
         } else {
             $this->_extra['messages'] = CRED_Loader::get('MODEL/Forms')->getDefaultMessages();
         }
     }
     // if this is an edit form and no post id given
     if ($this->_form_type == 'edit' && $post_id === false && !$preview) {
         $this->error = __('No post specified', 'wp-cred');
         return;
     }
     // if this is a new form and post id given
     if ($this->_form_type == 'new' && !$preview) {
         if (isset($method[self::PREFIX . 'post_id']) && intval($method[self::PREFIX . 'post_id']) > 0) {
             $post_id = intval($method[self::PREFIX . 'post_id']);
         } else {
             $post_id = get_default_post_to_edit($this->_post_type, true)->ID;
         }
     }
     $this->_post_id = $post_id;
     // increase counter
     //self::$form_count++;
     if ($force_form_count !== false) {
         $this->_form_count = $force_form_count;
     } else {
         $this->_form_count = self::$form_count;
     }
     // dependencies, uses Zebra_Form framework (see folder for details)
     CRED_Loader::load('THIRDPARTY/MyZebra_Parser');
     CRED_Loader::load('THIRDPARTY/MyZebra_Form');
     // instantiate form
     $this->_myzebra_form = new MyZebra_Form('cred_form_' . $form_id . '_' . $this->_form_count, self::METHOD, $this->currentURI(array('_tt' => time()), array('_success')), '', array());
     if ($preview) {
         $this->_myzebra_form->preview = true;
     } else {
         $this->_myzebra_form->preview = false;
     }
     // form properties
     self::$ASSETS_PATH = DIRECTORY_SEPARATOR . 'third-party' . DIRECTORY_SEPARATOR . 'zebra_form' . DIRECTORY_SEPARATOR;
     self::$ASSETS_URL = '/third-party/zebra_form/';
     $this->_myzebra_form->doctype('xhtml');
     $this->_myzebra_form->client_side_validation(true);
     $this->_myzebra_form->show_all_error_messages(true);
     $this->_myzebra_form->assets_path(CRED_PLUGIN_PATH . self::$ASSETS_PATH, plugins_url() . '/' . CRED_PLUGIN_FOLDER . self::$ASSETS_URL);
     $locale = self::$localized_strings;
     $this->_myzebra_form->language($locale);
     // get custom post fields
     $ffm = CRED_Loader::get('MODEL/Fields');
     $this->_fields = $ffm->getFields($this->_post_type);
     // in CRED 1.1 post_fields and custom_fields are different keys, merge them together to keep consistency
     $this->_fields['_post_fields'] = $this->_fields['post_fields'];
     $this->_fields['post_fields'] = array_merge($this->_fields['post_fields'], $this->_fields['custom_fields']);
     //cred_log(print_r($this->_fields,true));
     // get existing post data if edit form and post given
     if ($this->_form_type == 'edit') {
         if ($post_id) {
             $res = $fm->getPost($post_id);
             if ($res && isset($res[0])) {
                 $mypost = $res[0];
                 cred_log(array('edit_own_posts_with_cred_' . $form_id => current_user_can('edit_own_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
                 cred_log(array('edit_other_posts_with_cred_' . $form_id => current_user_can('edit_other_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
                 if (!current_user_can('edit_own_posts_with_cred_' . $form_id) && $current_user->ID == $mypost->post_author) {
                     //$this->error=__('Do not have permission (edit own with this form)','wp-cred');
                     $this->error = ' ';
                     return;
                 }
                 if (!current_user_can('edit_other_posts_with_cred_' . $form_id) && $current_user->ID != $mypost->post_author) {
                     //$this->error=__('Do not have permission (edit other with this form)','wp-cred');
                     $this->error = ' ';
                     return;
                 }
                 //cred_log($mypost->post_content);
                 if ($mypost->post_type != $this->_post_type) {
                     $this->error = __('Form type and post type do not match', 'wp-cred');
                     return;
                 }
                 $myfields = isset($res[1]) ? $res[1] : array();
                 $mytaxs = isset($res[2]) ? $res[2] : array();
                 $myextra = isset($res[3]) ? $res[3] : array();
                 $myfields['post_title'] = array($mypost->post_title);
                 $myfields['post_content'] = array($mypost->post_content);
                 if (isset($mypost->post_excerpt)) {
                     $myfields['post_excerpt'] = array($mypost->post_excerpt);
                 }
                 $this->_post_data = array('fields' => &$myfields, 'post' => &$mypost, 'taxonomies' => &$mytaxs, 'extra' => &$myextra);
                 //cred_log(print_r($mytaxs,true));
                 //cred_log(print_r($mypost,true)/*.print_r($myfields,true).print_r($myterms,true)*/);
                 //exit;
             }
         }
     } elseif ($this->_form_type == 'new') {
         cred_log(array('create_posts_with_cred_' . $form_id => current_user_can('create_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID), 'access.log');
         if (!current_user_can('create_posts_with_cred_' . $form_id)) {
             //$this->error=__('Do not have permission (create with this form)','wp-cred');
             $this->error = ' ';
             return;
         }
     }
     $this->_form_content = '';
     // set allowed file types
     $mimes = get_allowed_mime_types();
     $this->wp_mimes = array();
     foreach ($mimes as $exts => $mime) {
         $exts_a = explode('|', $exts);
         foreach ($exts_a as $single_ext) {
             //$this->form_mimes[$single_ext]=$mime;
             $this->wp_mimes[] = $single_ext;
         }
     }
     $this->wp_mimes = implode(',', $this->wp_mimes);
     unset($mimes);
     $this->_shortcode_parser = CRED_Loader::get('CLASS/Shortcode_Parser', false);
 }
Beispiel #2
0
function has_cred_form()
{
    if (!class_exists('CRED_Form_Builder', false)) {
        return false;
    }
    return CRED_Form_Builder::has_form();
}
Beispiel #3
0
 public static function getForm($form, $preview = false, $post = null)
 {
     CRED_Loader::load('CLASS/Form_Builder');
     return CRED_Form_Builder::getForm($form, $post, $preview);
 }
 public function processForm($data)
 {
     if (!isset($data['post'])) {
         return;
     }
     $form = $data['post'];
     $message = $data['message'];
     $notification = $data['notification'];
     $messages = $data['messages'];
     $this->setFormData($form->ID, $form->post_title);
     //  register field values
     $this->processFormForStrings($form->post_content, 'Value: ');
     // register form title
     $this->registerString('Form Title: ' . $form->post_title, $form->post_title);
     $this->registerString('Display Message: ' . $form->post_title, $message);
     // register Notification Data also
     if ($notification && isset($notification->notifications) && is_array($notification->notifications)) {
         foreach ($notification->notifications as $ii => $nott) {
             // new format
             // these are not relevant in new format for localization
             /*switch($nott['to']['type'])
               {
                   case 'wp_user':
                       $this->registerString('CRED Notification '.$ii.' Mail To', $nott['to']['user']);
                       break;
                   case 'specific_mail':
                       $this->registerString('CRED Notification '.$ii.' Mail To', $nott['to']['address']);
                       if (isset($nott['to']['name']))
                           $this->registerString('CRED Notification '.$ii.' Mail To Name', $nott['to']['name']);
                       if (isset($nott['to']['lastname']))
                           $this->registerString('CRED Notification '.$ii.' Mail To LastName', $nott['to']['lastname']);
                       break;
                   default:
                       break;
               }*/
             $hashSubject = CRED_Helper::strHash($nott['mail']['subject']);
             $hashBody = CRED_Helper::strHash($nott['mail']['body']);
             $this->registerString('CRED Notification Subject ' . $hashSubject, $nott['mail']['subject']);
             $this->registerString('CRED Notification Body ' . $hashBody, $nott['mail']['body']);
         }
     }
     // register messages also
     foreach ($messages as $msgid => $msg) {
         $this->registerString('Message_' . $msgid, $msg);
     }
     // register options from select and checkboxes/radio fields, force form build
     CRED_Loader::load('CLASS/Form_Builder');
     CRED_Form_Builder::init();
     CRED_Form_Builder::getForm($form->ID, null, false);
     // allow 3rd-party to add extra localization
     do_action('cred_localize_form', $data);
 }
Beispiel #5
0
 private static function getCachedForm($form_id, $post_id, $preview, $force_count = false, $specific_post_id = null)
 {
     global $post;
     StaticClass::$_mail_error = get_option('_' . $form_id . '_last_mail_error', '');
     //put a sanitize someone could add _mail_error text injection?
     StaticClass::$_mail_error = sanitize_text_field(StaticClass::$_mail_error);
     StaticClass::$_cred_container_id = isset($_POST[StaticClass::PREFIX . 'cred_container_id']) ? intval($_POST[StaticClass::PREFIX . 'cred_container_id']) : $post->ID;
     //https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/196173458/comments
     //Security Check
     if (isset(StaticClass::$_cred_container_id) && !empty(StaticClass::$_cred_container_id)) {
         if (!is_numeric(StaticClass::$_cred_container_id)) {
             wp_die('Invalid data');
         }
     }
     $form_count = false !== $force_count ? $force_count : StaticClass::$_staticGlobal['COUNT'];
     if (false !== $force_count || !array_key_exists($form_id . '_' . StaticClass::$_staticGlobal['COUNT'], StaticClass::$_staticGlobal['CACHE'])) {
         // parse and cache form
         $fb = new CRED_Form_Builder();
         $form_post_type = get_post_type($form_id);
         $form = $form_post_type == CRED_USER_FORMS_CUSTOM_POST_NAME ? $fb->user_form($form_id, $post_id, $preview, $form_count, $specific_post_id) : $fb->form($form_id, $post_id, $preview, $form_count, $specific_post_id);
         /* StaticClass::$_staticGlobal['CACHE'][$form_id.'_'.$form_count]=array(
            'form' =>  $output,
            'count' => $form_count,
            'extra' => $this->_formData->getExtra(),
            'css_to_use' => $this->_formData->getCSS(),
            'js' => $this->getJS(),
            'hide_comments' =>  $this->_formData->hasHideComments(),
            'has_recaptcha' =>  $this->hasRecaptcha()
            ); */
         StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count] = array('form' => $form, 'count' => $form_count, 'extra' => $fb->getExtra(), 'js' => $fb->getJS(), 'hide_comments' => $fb->hasHideComments(), 'has_recaptcha' => $fb->hasRecaptcha());
     }
     if (isset($post_id)) {
         $parent_post = get_post($post_id);
     }
     // add filter to hide comments (new method)
     if (StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count]['hide_comments'] || isset($parent_post) && $parent_post->comment_status == 'closed') {
         CRED_Form_Builder_Helper::hideComments();
     }
     return StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count]['form'];
 }
Beispiel #6
0
 public static function replaceContentWithForm($content)
 {
     global $post, $wp_query;
     //resolve problem when view templates are added in sidebar widgets
     remove_filter('the_content', array(__CLASS__, 'replaceContentWithForm'), 1000);
     // if it is front page and form preview is required
     if (array_key_exists('cred_form_preview', $_GET)) {
         CRED_Loader::load('CLASS/Form_Builder');
         return CRED_Form_Builder::getForm(intval($_GET['cred_form_preview']), null, true);
     }
     if (array_key_exists('cred_user_form_preview', $_GET)) {
         CRED_Loader::load('CLASS/Form_Builder');
         return CRED_Form_Builder::getUserForm(intval($_GET['cred_user_form_preview']), null, true);
     }
     global $_creds_created;
     if (!isset($_creds_created)) {
         $_creds_created = array();
     }
     if (!empty($_creds_created) && in_array($_GET['cred-edit-form'], $_creds_created)) {
         return apply_filters('the_content', $content);
     }
     if (strpos($content, 'cred-edit-form=' . $_GET['cred-edit-form']) !== false || array_key_exists('cred-edit-form', $_GET) && !is_admin()) {
         array_push($_creds_created, $_GET['cred-edit-form']);
         CRED_Loader::load('CLASS/Form_Builder');
         // get a localised form if exists
         return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
     }
     if (array_key_exists('cred-edit-form', $_GET) && !is_admin()) {
         if (strpos($content, 'cred-edit-form=' . $_GET['cred-edit-form']) !== false) {
             array_push($_creds_created, $_GET['cred-edit-form']);
             // Show if the content has a cred-edit-form link.
             CRED_Loader::load('CLASS/Form_Builder');
             // get a localised form if exists
             return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
         } else {
             // Check if it's called from the_content function or wpv-post-body function.
             $db = debug_backtrace();
             //StaticClass::_pre($db);
             foreach ($db as $n => $dbf) {
                 if (isset($dbf['function']) && ($dbf['function'] == 'the_content' || $dbf['function'] == 'wpv_shortcode_wpv_post_body') || $dbf['function'] == 'apply_filters' && in_array('the_content', $dbf['args'])) {
                     array_push($_creds_created, $_GET['cred-edit-form']);
                     CRED_Loader::load('CLASS/Form_Builder');
                     return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
                 }
             }
             //                if (isset($db[3]['function']) && ($db[3]['function'] == 'the_content' || $db[3]['function'] == 'wpv_shortcode_wpv_post_body')) {
             //                    CRED_Loader::load('CLASS/Form_Builder');
             //                    return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
             //                }
         }
     }
     // else do nothing
     return $content;
 }
Beispiel #7
0
 public static function _init_()
 {
     global $wp_version, $post;
     // load help settings (once)
     self::$help = CRED_Loader::getVar(CRED_INI_PATH . "/help.ini.php");
     // set up models and db settings
     CRED_Helper::prepareDB();
     // needed by others
     self::$settingsPage = admin_url('admin.php') . '?page=CRED_Settings';
     // localize forms, support for WPML
     CRED_Helper::localizeForms();
     // setup custom capabilities
     CRED_Helper::setupCustomCaps();
     // setup custom user caps
     CRED_Helper::setupCustomUserCaps();
     // setup extra admin hooks for other plugins
     CRED_Helper::setupExtraHooks();
     if (is_admin()) {
         if (self::is_embedded()) {
             self::initAdmin();
         } else {
             CRED_Admin::initAdmin();
         }
         //            if ($_GET['a']=='1') {
         //                require_once CRED_CLASSES_PATH . "/CredUserFormCreator.php";
         //                CredUserFormCreator::cred_create_form(time(), 'edit', array('subscriber','author'), false, false, false);
         //            }
     } else {
         // init form processing to check for submits
         CRED_Loader::load('CLASS/Form_Builder');
         CRED_Form_Builder::init();
     }
     // add form short code hooks and filters, to display forms on front end
     CRED_Helper::addShortcodesAndFilters();
     // handle Ajax calls
     CRED_Router::addCalls(array('cred_skype_ajax' => array('nopriv' => true, 'callback' => array(__CLASS__, 'cred_skype_ajax')), 'cred-ajax-delete-post' => array('nopriv' => true, 'callback' => array(__CLASS__, 'cred_ajax_delete_post'))));
     CRED_Router::addRoutes('cred', array('Forms' => 0, 'Posts' => 0, 'Settings' => 0, 'Generic_Fields' => 0));
     /* CRED_Router::addPages('cred', array(
        )); */
 }