function tdomf_get_error_messages($show_links = true, $form_id = 0)
{
global $wpdb, $wp_roles;
if (!isset($wp_roles)) {
$wp_roles = new WP_Roles();
}
$roles = $wp_roles->role_objects;
$message = "";
#if(ini_get('register_globals') && !TDOMF_HIDE_REGISTER_GLOBAL_ERROR){
# $message .= "<font color=\"red\"><strong>".__("ERROR: <em>register_globals</em> is enabled. This is a security risk and also prevents TDO Mini Forms from working.")."</strong></font>";
#}
if (version_compare("5.0.0", phpversion(), ">")) {
$message .= sprintf(__("Warning: You are currently using PHP version %s. It is strongly recommended to use PHP5 with TDO Mini Forms.", "tdomf"), phpversion());
$message .= "<br/>";
}
if (get_option(TDOMF_OPTION_VERIFICATION_METHOD) == 'none') {
$message .= __("Warning: Form input verification is disabled. This is a potential security risk.", "tdomf");
$message .= "<br/>";
}
# Revisions disabled => editing won't work well
if (!constant('WP_POST_REVISIONS')) {
$form_ids = tdomf_get_form_ids();
foreach ($form_ids as $a_form_id) {
if (tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $a_form_id->form_id)) {
$message .= __("Error: Post Revisioning is disabled, post editing will not work correctly!", "tdomf");
$message .= "<br/>";
break;
}
}
}
if (isset($_REQUEST['form']) || $form_id != 0) {
if ($form_id == 0) {
$form_id = intval($_REQUEST['form']);
}
// permissions error
if (tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id) == false) {
$caps = tdomf_get_option_form(TDOMF_OPTION_ALLOW_CAPS, $form_id);
if (is_array($caps) && empty($caps)) {
$caps = false;
}
$users = tdomf_get_option_form(TDOMF_OPTION_ALLOW_USERS, $form_id);
if (is_array($users) && empty($users)) {
$users = false;
}
$publish = tdomf_get_option_form(TDOMF_OPTION_ALLOW_PUBLISH, $form_id);
$role_count = 0;
$role_publish_count = 0;
foreach ($roles as $role) {
if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) {
$role_count++;
if (isset($role->capabilities['publish_posts'])) {
$role_publish_count++;
}
}
}
// if nothing set
if ($role_count == 0 && $caps == false && $users == false && $publish == false) {
if ($show_links) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: No-one has been configured to be able to access the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>";
} else {
$message .= "<font color=\"red\">" . __("<b>Warning</b>: No-one has been configured to be able to access the form!", "tdomf") . "</font><br/>";
}
tdomf_log_message("No-one has been configured to access this form ({$form_id})", TDOMF_LOG_BAD);
} else {
if ($caps == false && $users == false && $role_count == $role_publish_count && $publish == false) {
if ($show_links) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>";
} else {
$message .= "<font color=\"red\">" . __("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see this form!", "tdomf") . "</font><br/>";
}
tdomf_log_message("Only users who can already publish can access the form ({$form_id})", TDOMF_LOG_BAD);
}
}
}
// form hacker modified
$mode = tdomf_generate_default_form_mode($form_id) . '-hack';
$curr_unmod_prev = trim(tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode));
$org_unmod_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id));
$hacked_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id));
if ($hacked_prev != false && $curr_unmod_prev != $org_unmod_prev) {
$message .= "<font color=\"red\">";
$diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org&type=preview";
$form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}";
$dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss&type=preview", 'tdomf-form-hacker');
$message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the preview output but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss);
$message .= "</font><br/>";
}
$curr_unmod_form = trim(tdomf_generate_form($form_id, $mode));
$org_unmod_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id));
$hacked_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id));
if ($hacked_form != false && $curr_unmod_form != $org_unmod_form) {
$message .= "<font color=\"red\">";
$diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org";
$form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}";
$dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss", 'tdomf-form-hacker');
$message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the generated form but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss);
$message .= "</font><br/>";
}
// widget errors
global $tdomf_form_widgets_admin_errors;
$mode = "new-post";
if (tdomf_get_option_form(TDOMF_OPTION_SUBMIT_PAGE, $form_id)) {
$mode = "new-page";
}
$uri = "admin.php?page=tdomf_show_form_menu&form=" . $form_id;
do_action('tdomf_control_form_start', $form_id, $mode);
$widget_order = tdomf_get_widget_order($form_id);
$widgets = tdomf_filter_widgets($mode, $tdomf_form_widgets_admin_errors);
foreach ($widget_order as $w) {
if (isset($widgets[$w])) {
$widget_message = call_user_func($widgets[$w]['cb'], $form_id, $widgets[$w]['params']);
if (!empty($widget_message)) {
$message .= "<font color=\"red\">" . $widget_message . sprintf(__(" <a href='%s'>Fix »</a>", "tdomf"), $uri) . "</font><br/>";
}
}
}
// @todo check that key is unique in custom fields
}
if (get_option(TDOMF_OPTION_EXTRA_LOG_MESSAGES) && !get_option(TDOMF_OPTION_DISABLE_ERROR_MESSAGES)) {
$message .= "<font color=\"red\">";
if ($show_links) {
$message .= sprintf(__("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! <a href=\"%s\">Change on the Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu");
} else {
$message .= __("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! This should only be used for debugging purposes.", "tdomf");
}
$message .= "</font><br/>";
}
$create_user_link = get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu&action=create_dummy_user";
if (function_exists('wp_nonce_url')) {
$create_user_link = wp_nonce_url($create_user_link, 'tdomf-create-dummy-user');
}
if (get_option(TDOMF_DEFAULT_AUTHOR) == false) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: No default author set! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Option Default Author not set!", TDOMF_LOG_BAD);
} else {
$def_aut = new WP_User(get_option(TDOMF_DEFAULT_AUTHOR));
if (empty($def_aut->data->ID)) {
// User does not exist! Deleting option
delete_option(TDOMF_DEFAULT_AUTHOR);
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Current Default Author does not exist! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Current Default Author does not exist! Deleting option.", TDOMF_LOG_BAD);
}
if ($def_aut->has_cap("publish_posts")) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Default author can publish posts. Default author should not be able to publish posts! <a href=\"%s\">Create a dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Option Default Author is set to an author who can publish posts.", TDOMF_LOG_BAD);
}
}
if (function_exists('wp_get_http')) {
$post_uri = TDOMF_URLPATH . 'tdomf-form-post.php';
$headers = wp_get_http($post_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent posts from being submitted. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $post_uri, $post_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$post_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
$ajax_uri = TDOMF_URLPATH . 'tdomf-form-ajax.php';
$headers = wp_get_http($ajax_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent forms that use AJAX from submitting posts. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $ajax_uri, $ajax_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$ajax_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
$css_uri = TDOMF_URLPATH . 'tdomf-style-form.css';
$headers = wp_get_http($css_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will make your forms, by default, look very ugly. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $css_uri, $css_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$css_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
}
return $message;
}
function tdomf_show_form_hacker()
{
global $wp_version;
$form_id = false;
if (isset($_REQUEST['form'])) {
$form_id = $_REQUEST['form'];
} else {
$form_id = tdomf_get_first_form_id();
}
if ($form_id == false || !tdomf_form_exists($form_id)) {
?>
<div class="wrap">
<h2><?php
_e('Form Hacker', 'tdomf');
?>
</h2>
<p><?php
if (is_numeric($form_id)) {
printf(__('Invalid Form ID %s specified!'), $form_id);
} else {
_e('No Form ID specified!');
}
?>
</p>
</div>
<?php
} else {
if (isset($_REQUEST['diff'])) {
?>
<div class="wrap">
<?php
tdomf_form_hacker_diff($form_id);
?>
</div> <!-- wrap -->
<?php
} else {
$mode = tdomf_generate_default_form_mode($form_id);
$mode .= '-hack';
tdomf_form_hacker_actions($form_id);
$message = tdomf_get_error_messages(true, $form_id);
if (!empty($message)) {
?>
<div id="message" class="updated fade"><p><?php
echo $message;
?>
</p></div>
<?php
}
tdomf_forms_top_toolbar($form_id, 'tdomf_show_form_hacker');
$form_ids = tdomf_get_form_ids();
?>
<div class="wrap">
<?php
if (!isset($_REQUEST['text'])) {
?>
<h2><?php
printf(__("Form Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id));
?>
</h2>
<?php
} else {
?>
<h2><?php
printf(__("Message Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id));
?>
</h2>
<?php
}
?>
<script type="text/javascript">
function tdomfHideHelp() {
jQuery('#tdomf_help').attr('class','hidden');
jQuery('#tdomf_show_help').attr('class','');
jQuery('#tdomf_hide_help').attr('class','hidden');
}
function tdomfShowHelp() {
jQuery('#tdomf_help').attr('class','');
jQuery('#tdomf_show_help').attr('class','hidden');
jQuery('#tdomf_hide_help').attr('class','');
}
</script>
<?php
tdomf_forms_under_title_toolbar($form_id, 'tdomf_show_form_hacker');
?>
<?php
if (isset($_REQUEST['text'])) {
?>
<!-- <div id="tdomf_help" class='hidden'> -->
<?php
$code_on = false;
if (isset($_REQUEST['code'])) {
$code_on = true;
}
?>
<p><?php
_e("You can use this page to modify any messages outputed from TDOMF for your form. From here you can change the post published messages, post held in moderation, etc. etc.", "tdomf");
?>
</p>
<?php
if (version_compare($wp_version, "2.8-beta2", ">=")) {
if (!$code_on) {
?>
<p><a href="admin.php?page=tdomf_show_form_hacker&text&code&form=<?php
echo $form_id;
?>
"><?php
_e("Enable Code Syntax Highlighting...", 'tdomf');
?>
</a></p>
<?php
} else {
?>
<p><a href="admin.php?page=tdomf_show_form_hacker&text&form=<?php
echo $form_id;
?>
"><?php
_e("Disable Code Syntax Highlighting...", 'tdomf');
?>
</a></p>
<?php
}
}
?>
<?php
$form_edit = tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $form_id);
?>
<p><?php
_e("PHP code can be included in the hacked messages. Also TDOMF will automatically expand these macro strings:", "tdomf");
?>
<ul>
<li><?php
printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME);
?>
<li><?php
printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP);
?>
<li><?php
printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id);
?>
<li><?php
printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME);
?>
<li><?php
printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION);
?>
<li><?php
printf(__("<code>%s</code> - Submission Errors", "tdomf"), TDOMF_MACRO_SUBMISSIONERRORS);
?>
<?php
if ($form_edit) {
?>
<li><?php
printf(__("<code>%s</code> - URL of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONURL);
?>
<li><?php
printf(__("<code>%s</code> - Original Submission Date", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE);
?>
<li><?php
printf(__("<code>%s</code> - Original Submission Time", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME);
?>
<li><?php
printf(__("<code>%s</code> - Title of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE);
?>
<?php
} else {
?>
<li><?php
printf(__("<code>%s</code> - URL of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONURL);
?>
<li><?php
printf(__("<code>%s</code> - Date of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE);
?>
<li><?php
printf(__("<code>%s</code> - Time of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME);
?>
<li><?php
printf(__("<code>%s</code> - Title of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE);
?>
<?php
}
?>
</ul>
</p>
<!-- </div> -->
<form method="post" name="formhackermsgs" id="formhackermsgs">
<?php
if (function_exists('wp_nonce_field')) {
wp_nonce_field('tdomf-form-hacker');
}
?>
<p class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" />
</p>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id) && !tdomf_get_option_form(TDOMF_OPTION_REDIRECT, $form_id)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution Approved', 'tdomf');
} else {
_e('Submission Published', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_publish" id="tdomf_msg_sub_publish" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_PUBLISH, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (intval(tdomf_get_option_form(TDOMF_OPTION_QUEUE_PERIOD, $form_id)) > 0 && !tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) {
?>
<h3><?php
_e('Submission Queued', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_future" id="tdomf_msg_sub_future" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_FUTURE, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (get_option(TDOMF_OPTION_SPAM)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution is Spam', 'tdomf');
} else {
_e('Submission is Spam', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_spam" id="tdomf_msg_sub_spam" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_SPAM, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution awaiting Moderation', 'tdomf');
} else {
_e('Submission awaiting Moderation', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_mod" id="tdomf_msg_sub_mod" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_MOD, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<h3><?php
if ($form_edit) {
_e('Contribution contains Errors', 'tdomf');
} else {
_e('Submission contains Errors', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_error" id="tdomf_msg_sub_error" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_ERROR, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Banned User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_user" id="tdomf_msg_perm_banned_user" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Banned IP', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_ip" id="tdomf_msg_perm_banned_ip" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_IP, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
$throttle_rules = tdomf_get_option_form(TDOMF_OPTION_THROTTLE_RULES, $form_id);
if (is_array($throttle_rules) && !empty($throttle_rules)) {
?>
<h3><?php
_e('Throttled Submission', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_throttle" id="tdomf_msg_perm_throttle" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_THROTTLE, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) {
?>
<h3><?php
_e('Denied User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_user" id="tdomf_msg_perm_invalid_user" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) {
?>
<h3><?php
_e('Banned Unregistered User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_nouser" id="tdomf_msg_perm_invalid_nouser" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_NOUSER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if ($form_edit) {
?>
<?php
/*if(tdomf_get_option_form(TDOMF_OPTION_AJAX_EDIT,$form_id)) {*/
?>
<h3><?php
_e('\'Edit Post\' Link Text', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_edit_post_link" id="tdomf_msg_edit_post_link" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_ADD_EDIT_LINK_TEXT, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
/*}*/
?>
<h3><?php
_e('Invalid Post for Form', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_post" id="tdomf_msg_invalid_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Invalid Form for Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_form" id="tdomf_msg_invalid_form" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_FORM, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Locked Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_locked_post" id="tdomf_msg_locked_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_LOCKED_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
if (get_option(TDOMF_OPTION_SPAM)) {
?>
<h3><?php
_e('Spam Edit on Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_spam_edit_on_post" id="tdomf_msg_spam_edit_on_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SPAM_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<h3><?php
_e('Unapproved Edit on Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_unapproved_edit_on_post" id="tdomf_msg_unapproved_edit_on_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_UNAPPROVED_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
do_action('tdomf_form_hacker_messages_bottom', $form_id, $mode);
?>
<span class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" />
</span>
</form>
<?php
} else {
?>
<!-- <div id="tdomf_help" class='hidden'> -->
<p><?php
_e("You can use this page to hack the generated HTML code for your form without modifing the code of TDOMF. Please only do this if you know what you are doing. From here you can modify titles, default values, re-arrange fields, etc. etc.", "tdomf");
?>
</p>
<p><?php
_e('Do not modify or remove the "name" and "id" attributes of fields as this is what the widgets and TDOMF use to get input values for processing', 'tdomf');
?>
</p>
<p><?php
printf(__("Every time a form is generated, it creates a unique key. If you hack the form, make sure you keep <code>%s</code> (and also <code>%s</code>) within the form. TDOMF will replace this string with the unique key.", "tdomf"), TDOMF_MACRO_FORMKEY, TDOMF_MACRO_FORMURL);
?>
</p>
<p><?php
_e("PHP code can be included in the hacked form. Also TDOMF will automatically expand these macro strings:", "tdomf");
?>
<ul>
<li><?php
printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME);
?>
<li><?php
printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP);
?>
<li><?php
printf(__("<code>%s</code> - The form's unique key", "tdomf"), TDOMF_MACRO_FORMKEY);
?>
<li><?php
printf(__("<code>%s</code> - The current URL of the form", "tdomf"), TDOMF_MACRO_FORMURL);
?>
<li><?php
printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id);
?>
<li><?php
printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME);
?>
<li><?php
printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION);
?>
<li><?php
printf(__("<code>%s</code> - Form Output (such as preview, errors, etc.). This is automatically encapsulated in a div called tdomf_form_message (and tdomf_form_preview for preview)", "tdomf"), TDOMF_MACRO_FORMMESSAGE);
?>
<li><?php
printf(__("<code>%swidget-name%s</code> - Original, unmodified output from 'widget-name'", "tdomf"), TDOMF_MACRO_WIDGET_START, TDOMF_MACRO_END);
?>
</ul>
</p>
<!-- </div> -->
<form method="post" name="formhacker" id="formhacker">
<?php
if (function_exists('wp_nonce_field')) {
wp_nonce_field('tdomf-form-hacker');
}
?>
<p class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_form_hack_save" name="tdomf_form_hack_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" />
</p>
<?php
if (tdomf_widget_is_preview_avaliable($form_id)) {
?>
<h3><?php
_e('Core Form', 'tdomf');
?>
</h3>
<?php
}
?>
<?php
$cur_form = tdomf_generate_form($form_id, $mode);
$form = $cur_form;
$hacked_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id);
if ($hacked_form != false) {
$form = $hacked_form;
}
?>
<?php
if ($hacked_form != false) {
?>
<?php
_e("You can diff the hacked form to see what you have changed", "tdomf");
?>
<ul>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form1=hack&form2=cur"><?php
_e("Diff Hacked Form with Current Form", "tdomf");
?>
</a></li>
<?php
$org_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id);
if (trim($cur_form) != trim($org_form)) {
?>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=hack&form1=org"><?php
_e("Diff Hacked Form with Previous Form", "tdomf");
?>
</a></li>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=cur&form1=org"><?php
_e("Diff Current Form with Previous Form", "tdomf");
?>
</a></li>
<?php
}
?>
</ul>
<?php
}
?>
<textarea title="true" rows="30" cols="100" name="tdomf_form_hack" id="tdomf_form_hack" class="codepress .php" ><?php
echo htmlentities($form, ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
if (tdomf_widget_is_preview_avaliable($form_id)) {
?>
<h3><?php
_e('Form Preview', 'tdomf');
?>
</h3>
<?php
$cur_preview = tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode);
$preview = $cur_preview;
$hacked_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id);
if ($hacked_preview != false) {
$preview = $hacked_preview;
}
?>
<?php
if ($hacked_preview != false) {
?>
<?php
_e("You can diff the hacked preview to see what you have changed", "tdomf");
?>
<ul>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form1=hack&form2=cur&type=preview"><?php
_e("Diff Hacked Preview with Current Preview", "tdomf");
?>
</a></li>
<?php
$org_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id);
if (trim($cur_preview) != trim($org_preview)) {
?>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=hack&form1=org&type=preview"><?php
_e("Diff Hacked Preview with Previous Preview", "tdomf");
?>
</a></li>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=cur&form1=org&type=preview"><?php
_e("Diff Current Preview with Previous Preview", "tdomf");
?>
</a></li>
<?php
}
?>
</ul>
<?php
}
?>
<textarea title="true" rows="15" cols="100" name="tdomf_form_preview_hack" id="tdomf_form_preview_hack" class="codepress .php"><?php
echo htmlentities($preview, ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<!-- @TODO Validation Message Hacker -->
<!-- @TODO Upload Form Hacker -->
<?php
do_action('tdomf_form_hacker_bottom', $form_id, $mode);
?>
<span class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_form_hack_save" name="tdomf_form_hack_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" />
</span>
</form>
<!-- @TODO: warning about updated form (with dismiss link) -->
<?php
}
?>
</div>
<?php
}
}
}
function tdomf_get_the_form($form_id = 1, $post_id = false)
{
return tdomf_generate_form($form_id, false, $post_id);
}
function tdomf_show_your_submissions_menu()
{
global $current_user;
// how many of the recently published/approved entries to see
//
$limit = 10;
get_currentuserinfo();
$tdomf_flag = get_usermeta($current_user->ID, TDOMF_KEY_FLAG);
$sub_total = tdomf_get_users_submitted_posts_count($current_user->ID);
$app_total = tdomf_get_users_published_posts_count($current_user->ID);
$user_status = get_usermeta($current_user->ID, TDOMF_KEY_STATUS);
$app_posts = tdomf_get_user_published_posts($current_user->ID, 0, $limit);
$mod_posts = tdomf_get_user_draft_posts($current_user->ID);
$mod_total = count($mod_posts);
$fut_posts = tdomf_get_user_scheduled_posts($current_user->ID);
$fut_total = count($fut_posts);
$unapp_edits = tdomf_get_edits(array('state' => 'unapproved', 'unique_post_ids' => true, 'user_id' => $current_user->ID));
$app_edits = tdomf_get_edits(array('state' => 'approved', 'unique_post_ids' => true, 'user_id' => $current_user->ID, 'limit' => $limit));
?>
<div class="wrap">
<h2><?php
_e('Your Submissions', 'tdomf');
?>
</h2>
<?php
if (in_array($_REQUEST['REMOTE_ADDR'], tdomf_get_ips_banned())) {
?>
<?php
printf(__("You are logged on from the banned IP %s. If this is in error please contact the <a href='mailto:%s'>admins</a>.", "tdomf"), $_SERVER['REMOTE_ADDR'], get_bloginfo('admin_email'));
?>
<?php
} else {
if ($user_status == TDOMF_USER_STATUS_BANNED) {
?>
<?php
printf(__("You are banned from using this functionality on this site. If this is in error please contact the <a href='mailto:%s'>admins</a>.", "tdomf"), get_bloginfo('admin_email'));
?>
<?php
} else {
?>
<p>
<?php
if ($user_status == TDOMF_USER_STATUS_TRUSTED) {
?>
<?php
printf(__("Good to see you again <b>%s</b>! ", "tdomf"), $current_user->display_name);
?>
<?php
} else {
if ($tdomf_flag) {
?>
<?php
printf(__("Welcome back <b>%s</b>!", "tdomf"), $current_user->display_name);
?>
<?php
} else {
?>
<?php
printf(__("Welcome <b>%s</b>.", "tdomf"), $current_user->display_name);
?>
<?php
}
}
?>
</p>
<p><?php
printf(__("From here you can submit posts to the %s using the form below and check on the status of your submissions.", "tdomf"), get_bloginfo());
?>
</p>
<?php
if (current_user_can('edit_others_posts') || current_user_can('manage_options')) {
?>
<ul>
<?php
if (current_user_can('manage_options')) {
?>
<li><a href="admin.php?page=tdomf_show_options_menu"><?php
_e("Configure Options", "tdomf");
?>
</a></li>
<li><a href="admin.php?page=tdomf_show_form_menu"><?php
_e("Modify Form", "tdomf");
?>
</a></li>
<?php
}
?>
<li><a href="admin.php?page=tdomf_show_mod_posts_menu"><?php
_e("Moderate Submissions", "tdomf");
?>
</a></li>
</ul>
<?php
}
?>
<?php
if ($tdomf_flag && ($sub_total > 0 || $app_total > 0)) {
?>
<?php
if ($fut_total > 0) {
?>
<h3><?php
printf(__('Your Next %d Scheduled Submissions', 'tdomf'), $fut_total);
?>
</h3>
<ul>
<?php
foreach ($fut_posts as $p) {
?>
<li>
<?php
$t_time = get_the_time(__('Y/m/d g:i:s A'));
$m_time = $p->post_date;
$time = tdomf_get_post_time('G', true, $p);
if (abs(time() - $time) < 86400) {
$h_time = sprintf(__('%s from now'), human_time_diff($time));
} else {
$h_time = mysql2date(__('Y/m/d'), $m_time);
}
?>
<?php
printf(__("<a href='%s'>%s</a> will be published %s", "tdomf"), get_permalink($p->ID), $p->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>");
?>
</li>
<?php
}
?>
</ul>
<?php
}
?>
<?php
if ($app_total > 0) {
?>
<h3><?php
printf(__('Your Last %d Published Submissions', 'tdomf'), $app_total < 5 ? $app_total : 5);
?>
</h3>
<ul>
<?php
foreach ($app_posts as $p) {
?>
<li>
<?php
$t_time = get_the_time(__('Y/m/d g:i:s A'));
$m_time = $p->post_date;
$time = tdomf_get_post_time('G', true, $p);
if (abs(time() - $time) < 86400) {
$h_time = sprintf(__('%s ago'), human_time_diff($time));
} else {
$h_time = mysql2date(__('Y/m/d'), $m_time);
}
?>
<?php
printf(__("<a href='%s'>%s</a> approved %s", "tdomf"), get_permalink($p->ID), $p->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>");
?>
</li>
<?php
}
?>
</ul>
<?php
}
?>
<?php
if ($mod_total > 0) {
?>
<h3><?php
_e('Your Sumissions awaiting Moderation', 'tdomf');
?>
</h3>
<ul>
<?php
foreach ($mod_posts as $p) {
?>
<li>"<?php
echo $p->post_title;
?>
"</li>
<?php
}
?>
</ul>
<?php
}
?>
<?php
}
?>
<?php
if (!empty($app_edits)) {
$num = number_format_i18n(count($app_edits));
$text = __ngettext('Your Last Approved Contribution', 'Your Last %d Approved Contributions', count($app_edits));
?>
<h3><?php
printf($text, count($app_edits));
?>
</h3>
<ul>
<?php
foreach ($app_edits as $app_edit) {
?>
<li>
<?php
$edit = tdomf_get_edits(array('state' => 'approved', 'post_id' => $app_edit->post_id, 'user_id' => $current_user->ID, 'limit' => 1));
$edit = $edit[0];
$t_time = get_the_time(__('Y/m/d g:i:s A'));
$h_time = mysql2date(__('Y/m/d'), $edit->date);
$post = get_post($app_edit->post_id);
printf(__("<a href='%s'>%s</a> edited %s", "tdomf"), get_permalink($app_edit->post_id), $post->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>");
?>
</li>
<?php
}
?>
</ul>
<?php
}
?>
<?php
if (!empty($unapp_edits)) {
$num = number_format_i18n(count($unapp_edits));
$text = __ngettext('Your Contribution awaiting Moderation', 'Your Contributions awaiting Moderation', count($unapp_edits));
?>
<h3><?php
printf($text, count($unapp_edits));
?>
</h3>
<ul>
<?php
foreach ($unapp_edits as $unapp_edit) {
?>
<li>
<?php
$edit = tdomf_get_edits(array('state' => 'unapproved', 'post_id' => $unapp_edit->post_id, 'user_id' => $current_user->ID, 'limit' => 1));
$edit = $edit[0];
$t_time = get_the_time(__('Y/m/d g:i:s A'));
$h_time = mysql2date(__('Y/m/d'), $edit->date);
$post = get_post($unapp_edit->post_id);
printf(__("<a href='%s'>%s</a> edited %s", "tdomf"), get_permalink($unapp_edit->post_id), $post->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>");
?>
</li>
<?php
}
?>
</ul>
<?php
}
?>
</div>
<!-- Form formatting -->
<style>
.tdomf_form {
}
.tdomf_form fieldset legend {
#border-bottom: 1px dotted black;
font-weight: bold;
padding: 0px;
margin: 0px;
padding-bottom: 10px;
}
.tdomf_form_preview {
border: 1px dotted black;
padding: 5px;
margin: 5px;
margin-bottom: 20px;
}
.tdomf_form_preview p {
margin-left: 15px;
}
.tdomf_form .required {
color: red;
}
.tdomf_form fieldset {
margin-bottom: 10px;
border: 0;
}
</style>
<?php
$form_ids = tdomf_get_form_ids();
if (!empty($form_ids)) {
foreach ($form_ids as $form_id) {
if (tdomf_get_option_form(TDOMF_OPTION_INCLUDED_YOUR_SUBMISSIONS, $form_id->form_id)) {
$edit = tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $form_id->form_id);
$post_id = false;
if (isset($_REQUEST['tdomf_post_id'])) {
$post_id = intval($_REQUEST['tdomf_post_id']);
}
$good = true;
if ($edit && tdomf_check_permissions_form($form_id->form_id, $post_id) != NULL) {
$good = false;
}
if ($good) {
?>
<div class="wrap">
<h2><?php
echo tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id->form_id);
?>
</h2>
<p><?php
echo tdomf_get_option_form(TDOMF_OPTION_DESCRIPTION, $form_id->form_id);
?>
</p>
<?php
echo tdomf_generate_form($form_id->form_id);
?>
<br/><br/>
</div>
<?php
}
}
}
}
?>
<?php
}
}
?>
</div>
<p><center><?php
_e('Powered by the <a href="http://thedeadone.net/software/tdo-mini-forms-wordpress-plugin/">TDO Mini Forms Plugin.', 'tdomf');
?>
</a></center></p>
<?php
}
