/**
* initializes and outputs the list for the backend
*/
public static function initialize()
{
self::_setup_i18n();
self::$options = Participants_Db::$plugin_options;
get_currentuserinfo();
// set up the user settings transient
global $user_ID;
self::$user_settings = Participants_Db::$prefix . self::$user_settings . '-' . $user_ID;
self::set_list_limit();
self::$registration_page_url = get_bloginfo('url') . '/' . (isset(self::$options['registration_page']) ? self::$options['registration_page'] : '');
self::setup_display_columns();
self::$sortables = Participants_Db::get_sortables();
// set up the basic values
$default_values = array('search_field' => self::get_admin_user_setting('search_field', 'none'), 'value' => '', 'operator' => self::get_admin_user_setting('search_op', 'LIKE'), 'sortBy' => self::get_admin_user_setting('sort_by', self::$options['admin_default_sort']), 'ascdesc' => self::get_admin_user_setting('sort_order', self::$options['admin_default_sort_order']), 'submit-button' => '');
// merge the defaults with the $_REQUEST array so if there are any new values coming in, they're included
self::$filter = shortcode_atts($default_values, $_REQUEST);
self::set_admin_user_setting('search_field', self::$filter['search_field']);
self::set_admin_user_setting('search_op', self::$filter['operator']);
self::set_admin_user_setting('sort_by', self::$filter['sortBy']);
self::set_admin_user_setting('sort_order', self::$filter['ascdesc']);
//error_log(__METHOD__.' request:'.print_r($_REQUEST,1).' filter:'.print_r(self::$filter,1));
// process delete and items-per-page form submissions
self::_process_general();
self::_process_search(self::$filter['submit-button']);
if (WP_DEBUG) {
error_log(__METHOD__ . ' list query= ' . self::$list_query);
}
// get the $wpdb object
global $wpdb;
// get the number of records returned
self::$num_records = $wpdb->get_var(str_replace('*', 'COUNT(*)', self::$list_query));
// set the pagination object
self::$pagination = new PDb_Pagination(array('link' => self::prepare_page_link($_SERVER['REQUEST_URI']), 'page' => isset($_GET[self::$list_page]) ? $_GET[self::$list_page] : '1', 'size' => self::$page_list_limit, 'total_records' => self::$num_records, 'add_variables' => http_build_query(self::$filter) . '#pdb-list-admin'));
// get the records for this page, adding the pagination limit clause
self::$participants = $wpdb->get_results(self::$list_query . ' ' . self::$pagination->getLimitSql(), ARRAY_A);
// ok, setup finished, start outputting the form
// add the top part of the page for the admin
self::_admin_top();
// print the sorting/filtering forms
self::_sort_filter_forms();
// add the delete and items-per-page controls for the backend
self::_general_list_form_top();
// print the main table
self::_main_table();
// output the pagination controls
echo '<div class="pdb-list">' . self::$pagination->links() . '</div>';
// print the CSV export form (admin users only)
if (current_user_can(Participants_Db::$plugin_options['plugin_admin_capability'])) {
self::_print_export_form();
}
// print the plugin footer
Participants_Db::plugin_footer();
}
/**
* processes any POST requests
*
* this is called on the 'init' hook
*
* @global object $wpdb
* @return null
*/
public static function process_page_request()
{
$post_sanitize = array('subsource' => FILTER_SANITIZE_STRING, 'action' => FILTER_SANITIZE_STRING, 'pdb_data_keys' => FILTER_SANITIZE_STRING, 'submit_button' => FILTER_SANITIZE_STRING, 'filename' => FILTER_SANITIZE_STRING, 'base_filename' => FILTER_SANITIZE_STRING, 'CSV_type' => FILTER_SANITIZE_STRING, 'include_csv_titles' => FILTER_VALIDATE_BOOLEAN, 'nocookie' => FILTER_VALIDATE_BOOLEAN, 'previous_multipage' => FILTER_SANITIZE_STRING);
/*
* $post_input is used for control functions, not for the dataset
*/
$post_input = filter_input_array(INPUT_POST, $post_sanitize);
// only process POST arrays from this plugin's pages
if (empty($post_input['subsource']) or $post_input['subsource'] != self::PLUGIN_NAME or empty($post_input['action'])) {
return;
}
// add a filter to check the submission before anything is done with it
$check = true;
self::set_filter('check_submission', $check);
if ($check === false) {
return;
}
// error_log( __METHOD__.' post:'.print_r( $_POST, true ) );
/*
* the originating page for a multipage form is saved in a session value
*
* if this is an empty string, it is assumed the submission was not part of a multipage form series
*/
self::$session->set('previous_multipage', $post_input['previous_multipage']);
/*
* get the defined columns for the submitting shortcode (if any)
*
* this is needed so that validation will be performed on the expected list
* of fields, not just what's found in the POST array
*/
$columns = false;
if (!empty($post_input['pdb_data_keys'])) {
$columns = self::get_data_key_columns($post_input['pdb_data_keys']);
}
/*
* instantiate the validation object if we need to. This is necessary
* because another script can instantiate the object in order to add a
* feedback message
*
* we don't validate administrators in the admin
*/
if (!is_object(self::$validation_errors)) {
if (Participants_Db::is_form_validated()) {
self::$validation_errors = new PDb_FormValidation();
}
}
switch ($post_input['action']) {
case 'update':
case 'insert':
/*
* we are here for one of these cases:
* a) we're adding a new record in the admin
* b) a user is updating their record on the frontend
* c) an admin is updating a record
*
* signups are processed in the case 'signup' section
*
* set the raw post array filters. We pass in the $_POST array, expecting
* a possibly altered copy of it to be returned
*
* filter: pdb-before_submit_update
* filter: pdb-before_submit_add
*/
$post_data = self::set_filter('before_submit_' . ($post_input['action'] === 'insert' ? 'add' : 'update'), $_POST);
if (isset($_POST['id'])) {
$id = filter_input(INPUT_POST, 'id', FILTER_VALIDATE_INT, array('options' => array('min_range' => 1)));
} elseif (isset($_GET['id'])) {
$id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT, array('options' => array('min_range' => 1)));
} else {
$id = false;
}
$participant_id = self::process_form($post_data, $post_input['action'], $id, $columns);
if (false === $participant_id) {
// we have errors; go back to form and show errors
return;
}
/*
* set the stored record hook.
*
* hook: pdb-after_submit_update
* hook: pdb-after_submit_add
*/
$wp_hook = self::$prefix . 'after_submit_' . ($post_input['action'] == 'insert' ? 'add' : 'update');
do_action($wp_hook, self::get_participant($participant_id));
/*
* if we are submitting from the frontend, set the feedback message and
* send the update notification
*/
if (!is_admin()) {
/*
* if the user is an admin, the validation object won't be instantiated,
* so we do that here so the feedback message can be shown.
*/
if (!is_object(self::$validation_errors)) {
self::$validation_errors = new PDb_FormValidation();
}
self::$validation_errors->add_error('', self::$plugin_options['record_updated_message']);
if (self::$plugin_options['send_record_update_notify_email'] && Participants_Db::$session->get('form_status') !== 'multipage') {
$sent = wp_mail(self::$plugin_options['email_signup_notify_addresses'], self::proc_tags(self::$plugin_options['record_update_email_subject'], $participant_id, 'all'), self::proc_tags(self::$plugin_options['record_update_email_body'], $participant_id, 'all'), self::$email_headers);
}
/*
* if the "thanks page" is defined as another page, save the ID in a session variable and move to that page.
*/
if (isset($post_data['thanks_page']) && $post_data['thanks_page'] != $_SERVER['REQUEST_URI']) {
self::$session->set('pdbid', $post_data['id']);
$redirect = $post_input['action'] == 'insert' ? $post_data['thanks_page'] : self::add_uri_conjunction($post_data['thanks_page']) . 'action=update';
wp_redirect($redirect);
exit;
}
return;
}
// redirect according to which submit button was used
switch ($post_input['submit_button']) {
case self::$i18n['apply']:
$redirect = get_admin_url() . 'admin.php?page=' . self::PLUGIN_NAME . '-edit_participant&id=' . $participant_id;
break;
case self::$i18n['next']:
$get_id = $post_input['action'] == 'update' ? '&id=' . self::next_id($participant_id) : '';
$redirect = get_admin_url() . 'admin.php?page=' . self::PLUGIN_NAME . '-edit_participant' . $get_id;
break;
case self::$i18n['previous']:
$get_id = $post_input['action'] == 'update' ? '&id=' . self::next_id($participant_id, false) : '';
$redirect = get_admin_url() . 'admin.php?page=' . self::PLUGIN_NAME . '-edit_participant' . $get_id;
break;
case self::$i18n['submit']:
default:
$redirect = get_admin_url() . 'admin.php?page=' . self::PLUGIN_NAME;
}
wp_redirect($redirect);
exit;
case 'output CSV':
$csv_role = Participants_Db::plugin_setting_is_true('editor_allowed_csv_export') ? 'editor' : 'admin';
if (!Participants_Db::current_user_has_plugin_role($csv_role, 'csv export')) {
die;
}
$header_row = array();
$title_row = array();
$data = array();
$filename = !empty($post_input['filename']) ? $post_input['filename'] : '';
switch ($post_input['CSV_type']) {
// create a blank data array
case 'blank':
// add the header row
foreach (self::get_column_atts('CSV') as $column) {
$header_row[] = $column->name;
}
$data[] = $header_row;
$i = 2;
// number of blank rows to create
while ($i > 0) {
$data[] = array_fill_keys($header_row, '');
$i--;
}
break;
case 'participant list':
global $wpdb;
$import_columns = '';
foreach (self::get_column_atts('CSV') as $column) {
$import_columns .= sprintf('`%s`,', $column->name);
$header_row[] = $column->name;
$title_row[] = $column->title;
}
$data['header'] = $header_row;
if ($post_input['include_csv_titles']) {
$data['titles'] = $title_row;
}
global $current_user;
$query = get_transient(Participants_Db::$prefix . 'admin_list_query' . $current_user->ID);
if ($query) {
$query = str_replace('*', ' ' . trim($import_columns, ',') . ' ', $query);
$data += self::_prepare_CSV_rows($wpdb->get_results($query, ARRAY_A));
}
break;
}
// CSV type
if (!empty($filename)) {
$base_filename = substr($filename, 0, strpos($filename, PDb_List_Admin::filename_datestamp() . '.csv'));
/*
* @version 1.6
* base filename is now saved as a preference
*/
global $user_ID;
PDb_List_Admin::$user_settings = Participants_Db::$prefix . PDb_List_Admin::$user_settings . '-' . $user_ID;
PDb_List_Admin::set_admin_user_setting('csv_base_filename', $base_filename);
// create a file pointer connected to the output stream
$output = fopen('php://output', 'w');
//header('Content-type: application/csv'); // some sources say it should be this
header('Content-Type: text/csv; charset=utf-8');
header("Cache-Control: no-store, no-cache");
header('Content-Disposition: attachment; filename="' . $filename . '"');
// output the data lines
foreach ($data as $line) {
fputcsv($output, $line, ',', self::$CSV_enclosure);
}
fclose($output);
// we must terminate the script to prevent additional output being added to the CSV file
exit;
}
return $data;
case 'retrieve':
if (self::nonce_check(filter_input(INPUT_POST, 'session_hash', FILTER_SANITIZE_STRING), self::$main_submission_nonce_key)) {
self::_process_retrieval();
}
return;
case 'signup':
if (!self::nonce_check(filter_input(INPUT_POST, 'session_hash', FILTER_SANITIZE_STRING), self::$main_submission_nonce_key)) {
return;
}
$_POST['private_id'] = '';
$columns[] = 'private_id';
/*
* route the $_POST data through a callback if defined
*
* filter: pdb-before_submit_signup
*/
$post_data = self::set_filter('before_submit_signup', $_POST);
/*
* the signup form should update the current record if it is revisited during a multipage form session
*/
$submit_action = 'insert';
if (self::$session->get('pdbid') !== false) {
$submit_action = 'update';
}
// submit the data
$post_data['id'] = self::process_form($post_data, $submit_action, self::$session->get('pdbid'), $columns);
if (false !== $post_data['id']) {
/*
* hook: pdb-after_submit_signup
*/
$wp_hook = self::$prefix . 'after_submit_signup';
do_action($wp_hook, self::get_participant($post_data['id']));
$redirect = $post_data['thanks_page'];
self::$session->set('pdbid', $post_data['id']);
wp_redirect($redirect);
exit;
}
return;
}
// $_POST['action']
}
/**
* initializes and outputs the list for the backend
*/
public static function initialize()
{
self::_setup_i18n();
wp_localize_script(Participants_Db::$prefix . 'list-admin', 'list_adminL10n', array('delete' => self::$i18n['delete_checked'], 'cancel' => self::$i18n['change'], "record" => __("Do you really want to delete the selected record?", 'participants-database'), "records" => __("Do you really want to delete the selected records?", 'participants-database')));
wp_enqueue_script(Participants_Db::$prefix . 'list-admin');
wp_enqueue_script(Participants_Db::$prefix . 'debounce');
get_currentuserinfo();
// set up the user settings transient
global $user_ID;
self::$user_settings = Participants_Db::$prefix . self::$user_settings . '-' . $user_ID;
self::$filter_transient = Participants_Db::$prefix . self::$filter_transient . '-' . $user_ID;
self::set_list_limit();
self::$registration_page_url = get_bloginfo('url') . '/' . Participants_Db::plugin_setting('registration_page', '');
self::setup_display_columns();
self::$sortables = Participants_Db::get_field_list(false, false, 'alpha');
// self::$sortables = Participants_Db::get_sortables(false, 'alpha');
// set up the basic values
self::$default_filter = array('search' => array(0 => array('search_field' => 'none', 'value' => '', 'operator' => 'LIKE', 'logic' => 'AND')), 'sortBy' => Participants_Db::plugin_setting('admin_default_sort'), 'ascdesc' => Participants_Db::plugin_setting('admin_default_sort_order'), 'list_filter_count' => 1);
// merge the defaults with the $_REQUEST array so if there are any new values coming in, they're included
self::_update_filter();
// error_log(__METHOD__.' filter:'.print_r(self::$filter,1));
// process delete and items-per-page form submissions
self::_process_general();
self::_process_search();
if (WP_DEBUG) {
error_log(__METHOD__ . ' list query= ' . self::$list_query);
}
/*
* save the query in a transient so it can be used by the export CSV functionality
*/
if (Participants_Db::current_user_has_plugin_role('admin', 'csv export')) {
global $current_user;
set_transient(Participants_Db::$prefix . 'admin_list_query' . $current_user->ID, self::$list_query, 3600 * 24);
}
// get the $wpdb object
global $wpdb;
// get the number of records returned
self::$num_records = $wpdb->get_var(str_replace('*', 'COUNT(*)', self::$list_query));
// set the pagination object
$current_page = filter_input(INPUT_GET, self::$list_page, FILTER_VALIDATE_INT, array('options' => array('default' => 1, 'min_range' => 1)));
self::$pagination = new PDb_Pagination(array('link' => self::prepare_page_link($_SERVER['REQUEST_URI']) . '&' . self::$list_page . '=%1$s', 'page' => $current_page, 'size' => self::$page_list_limit, 'total_records' => self::$num_records, 'add_variables' => '#pdb-list-admin'));
// get the records for this page, adding the pagination limit clause
self::$participants = $wpdb->get_results(self::$list_query . ' ' . self::$pagination->getLimitSql(), ARRAY_A);
// ok, setup finished, start outputting the form
// add the top part of the page for the admin
self::_admin_top();
// print the sorting/filtering forms
self::_sort_filter_forms();
// add the delete and items-per-page controls for the backend
self::_general_list_form_top();
// print the main table
self::_main_table();
// output the pagination controls
echo '<div class="pdb-list">' . self::$pagination->links() . '</div>';
// print the CSV export form (authorized users only)
$csv_role = Participants_Db::plugin_setting_is_true('editor_allowed_csv_export') ? 'editor' : 'admin';
if (Participants_Db::current_user_has_plugin_role($csv_role, 'csv export')) {
self::_print_export_form();
}
// print the plugin footer
Participants_Db::plugin_footer();
}
