function tdomf_load_widgets() { if (file_exists(TDOMF_WIDGET_PATH)) { #tdomf_log_message_extra("Looking in ".TDOMF_WIDGET_PATH." for widgets..."); if ($handle = opendir(TDOMF_WIDGET_PATH)) { while (false !== ($file = readdir($handle))) { if (preg_match('/.*\\.php$/', $file)) { #tdomf_log_message_extra("Loading widget $file..."); require_once TDOMF_WIDGET_PATH . $file; } } } else { tdomf_log_message("Could not open directory " . TDOMF_WIDGET_PATH . "!", TDOMF_LOG_ERROR); } } else { tdomf_log_message("Could not find " . TDOMF_WIDGET_PATH . "!", TDOMF_LOG_ERROR); } }
function preview($args, $opts, $original_field_name = false) { $output = ''; $value = false; if (isset($args[$this->prefix . 's'])) { $value = $args[$this->prefix . 's']; } else { if (isset($args[$original_field_name])) { $value = $args[$original_field_name]; } else { tdomf_log_message("Select: can't get any input for preview!", TDOMF_LOG_ERROR); } } if ($value) { // prepare value if (is_array($value)) { foreach ($value as $v) { if (isset($opts[$this->prefix . 'values'][$v])) { if (!empty($output)) { $output .= ", "; } $output .= $opts[$this->prefix . 'values'][$v]; } } } else { if (isset($opts[$this->prefix . 'values'][$value])) { $output = $opts[$this->prefix . 'values'][$value]; } } // format output if (!empty($output)) { if (!empty($opts[$this->prefix . 'title'])) { $output = "<b>" . sprintf(__("%s: ", "tdomf"), $opts[$this->prefix . 'title']) . "</b>" . $output; } } else { tdomf_log_message("Select: values are bad for preview!", TDOMF_LOG_ERROR); } } return $output; }
function adminEmail($args, $options, $post_ID, $postfix = '') { extract($args); $output = ''; $widget_id = $postfix; if (empty($widget_id)) { $widget_id = 1; } $files = get_post_meta($post_ID, TDOMF_KEY_UPLOADED_FILES, true); if (is_array($files) && is_array($files[$widget_id])) { $files = $files[$widget_id]; foreach ($files as $filepath) { $filepath = @realpath($filepath); if (file_exists($filepath)) { // now scan custom fields for specific info on this file path for ($i = 0; $i < $options['max']; $i++) { $test = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_PATH . $i, true); $test = @realpath($test); if ($filepath == $test) { break; } } if ($i >= $options['max']) { tdomf_log_message('Upload Files Widget.adminEmail(): can\'t find details of ' . $filepath . ' (it may be a auto-generated thumbnail)'); $size = tdomf_filesize_format(filesize($filepath)); $output .= sprintf(__("A file was uploaded/generated with submission.\r\nPath: %s\r\nSize: %s\r\n\r\n", "tdomf"), $filepath, $size); } else { $name = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_NAME . $i, true); $uri = get_bloginfo('wpurl') . '/?tdomf_download=' . $post_ID . '&id=' . $i; $size = tdomf_filesize_format(filesize($filepath)); $cmd = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_CMD_OUTPUT . $i, true); $type = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_TYPE . $i, true); $output .= sprintf(__("File %s was uploaded with submission.\r\nPath: %s\r\nSize: %s\r\nType: %s\r\nURL (can only be accessed by administrators until post published):\r\n%s\r\n\r\n", "tdomf"), $name, $filepath, $size, $type, $uri); if ($cmd != false && !empty($cmd)) { $output .= sprintf(__("User Command:\r\n\"%s %s\"\r\n\r\n%s\r\n\r\n", "tdomf"), $options['cmd'], $filepath, $cmd); } } } else { tdomf_log_message('Upload Files Widget.adminEmail(): File ' . $filepath . ' does not actually exist!', TDOMF_LOG_ERROR); } } } else { // use old method for ($i = 0; $i < $options['max']; $i++) { $filepath = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_PATH . $i, true); if (file_exists($filepath)) { $name = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_NAME . $i, true); $uri = get_bloginfo('wpurl') . '/?tdomf_download=' . $post_ID . '&id=' . $i; $size = tdomf_filesize_format(filesize($filepath)); $cmd = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_CMD_OUTPUT . $i, true); $type = get_post_meta($post_ID, TDOMF_KEY_DOWNLOAD_TYPE . $i, true); $output .= sprintf(__("File %s was uploaded with submission.\r\nPath: %s\r\nSize: %s\r\nType: %s\r\nURL (can only be accessed by administrators until post published):\r\n%s\r\n\r\n", "tdomf"), $name, $filepath, $size, $type, $uri); if ($cmd != false && !empty($cmd)) { $output .= sprintf(__("User Command:\r\n\"%s %s\"\r\n\r\n%s\r\n\r\n", "tdomf"), $options['cmd'], $filepath, $cmd); } } } } if ($output != '') { return $output; } return __("No files uploaded with this post/widget!", "tdomf"); }
$message = tdomf_check_permissions_form($form_id, $post_id); // Remove magic quote slashes and additionally ones Wordpress "cleverly" adds tdomf_fixslashesargs(); // Now either generate a preview or create a post // $save_post_info = FALSE; $hide_form = true; $publish = false; if ($message == NULL) { if ($is_edit) { $form_tag = $form_id . '_' . $post_id; } else { $form_tag = $form_id; } if (isset($_POST['tdomf_form' . $form_tag . '_send'])) { tdomf_log_message("Someone is attempting to submit something"); $message = tdomf_validate_form($_POST, false); if ($message == NULL) { $args = $_POST; $args['ip'] = $_SERVER['REMOTE_ADDR']; $retVal = tdomf_create_post($args); // If retVal is an int it's a post id or an edit id $message = "<div class=\"tdomf_form_message\" id=\"tdomf_form" . $form_tag . "_message\" name=\"tdomf_form" . $form_tag . "_message\">"; $publish = false; if (is_int($retVal)) { if ($is_edit) { $edit_id = $retVal; $edit = tdomf_get_edit($edit_id); // @todo could probably test if $edit is real or not before proceeding $post_id = $edit->post_id; if ($edit->state == 'approved') {
function tdomf_widget_notifyme_post($args) { global $current_user; get_currentuserinfo(); extract($args); if (isset($notifyme)) { if (!isset($notifyme_email)) { if (is_user_logged_in() && tdomf_check_email_address($current_user->user_email)) { $notifyme_email = $current_user->user_email; } else { if (isset($whoami_email)) { $notifyme_email = $whoami_email; } else { tdomf_log_message("Could not find a email address to store for notification!", TDOMF_LOG_ERROR); } } } setcookie("tdomf_notify_widget_email", $notifyme_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); add_post_meta($post_ID, TDOMF_KEY_NOTIFY_EMAIL, $notifyme_email, true); } return NULL; }
function tdomf_trust_user($user_id) { #tdomf_log_message("Check if user $user_id's status needs to be updated"); if ($user_id && $user_id != get_option(TDOMF_DEFAULT_AUTHOR)) { $trust_count = intval(get_option(TDOMF_OPTION_TRUST_COUNT)); #tdomf_log_message("trust count = $trust_count"); if ($trust_count >= 0) { $user_status = get_usermeta($user_id, TDOMF_KEY_STATUS); $user_role = new WP_User($user_id); if ($user_status != TDOMF_USER_STATUS_TRUSTED && !$user_role->has_cap("publish_posts")) { /** @todo bug: the counts here include posts that were automatically published, which isn't exactly correct, but it'll do. */ $approved_submissions_count = tdomf_get_users_published_posts_count($user_id); #tdomf_log_message("User $user_id's approved submissions = $approved_submissions_count"); $approved_edit_count = tdomf_get_edits(array('user_id' => $user_id, 'count' => true, 'state' => 'approved')); #tdomf_log_message("User $user_id's approved edits = $approved_edit_count"); $approved_total = $approved_submissions_count + $approved_edit_count; // 0 is a valid trust count, means that at least one approved post makes the user truested if ($trust_count == 0 && $approved_total > 0 || $trust_count > 0 && $trust_count <= $approved_total) { tdomf_log_message("User {$user_id} has {$approved_submissions_count} approved submissions and {$approved_edit_count} approved contributions. Automatically setting the user to trusted. Well done.", TDOMF_LOG_GOOD); update_usermeta($user_id, TDOMF_KEY_FLAG, true); update_usermeta($user_id, TDOMF_KEY_STATUS, TDOMF_USER_STATUS_TRUSTED); } else { #tdomf_log_message("User $user_id's approved total $approved_total does hit trust count's threshold of $trust_count"); } } else { #tdomf_log_message("User $user_id is already trusted (current status='$user_status') or can publish posts"); } } else { #tdomf_log_message("trust count < 0, feature disabled"); } } else { #tdomf_log_message("User $user_id is invalid or the default author", TDOMF_LOG_ERROR); } }
function tdomf_clear_log() { if (get_option(TDOMF_LOG) != false) { delete_option(TDOMF_LOG); } tdomf_log_message('Log cleared'); }
function tdomf_get_error_messages($show_links = true, $form_id = 0) { global $wpdb, $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $roles = $wp_roles->role_objects; $message = ""; #if(ini_get('register_globals') && !TDOMF_HIDE_REGISTER_GLOBAL_ERROR){ # $message .= "<font color=\"red\"><strong>".__("ERROR: <em>register_globals</em> is enabled. This is a security risk and also prevents TDO Mini Forms from working.")."</strong></font>"; #} if (version_compare("5.0.0", phpversion(), ">")) { $message .= sprintf(__("Warning: You are currently using PHP version %s. It is strongly recommended to use PHP5 with TDO Mini Forms.", "tdomf"), phpversion()); $message .= "<br/>"; } if (get_option(TDOMF_OPTION_VERIFICATION_METHOD) == 'none') { $message .= __("Warning: Form input verification is disabled. This is a potential security risk.", "tdomf"); $message .= "<br/>"; } # Revisions disabled => editing won't work well if (!constant('WP_POST_REVISIONS')) { $form_ids = tdomf_get_form_ids(); foreach ($form_ids as $a_form_id) { if (tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $a_form_id->form_id)) { $message .= __("Error: Post Revisioning is disabled, post editing will not work correctly!", "tdomf"); $message .= "<br/>"; break; } } } if (isset($_REQUEST['form']) || $form_id != 0) { if ($form_id == 0) { $form_id = intval($_REQUEST['form']); } // permissions error if (tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id) == false) { $caps = tdomf_get_option_form(TDOMF_OPTION_ALLOW_CAPS, $form_id); if (is_array($caps) && empty($caps)) { $caps = false; } $users = tdomf_get_option_form(TDOMF_OPTION_ALLOW_USERS, $form_id); if (is_array($users) && empty($users)) { $users = false; } $publish = tdomf_get_option_form(TDOMF_OPTION_ALLOW_PUBLISH, $form_id); $role_count = 0; $role_publish_count = 0; foreach ($roles as $role) { if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) { $role_count++; if (isset($role->capabilities['publish_posts'])) { $role_publish_count++; } } } // if nothing set if ($role_count == 0 && $caps == false && $users == false && $publish == false) { if ($show_links) { $message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: No-one has been configured to be able to access the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>"; } else { $message .= "<font color=\"red\">" . __("<b>Warning</b>: No-one has been configured to be able to access the form!", "tdomf") . "</font><br/>"; } tdomf_log_message("No-one has been configured to access this form ({$form_id})", TDOMF_LOG_BAD); } else { if ($caps == false && $users == false && $role_count == $role_publish_count && $publish == false) { if ($show_links) { $message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>"; } else { $message .= "<font color=\"red\">" . __("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see this form!", "tdomf") . "</font><br/>"; } tdomf_log_message("Only users who can already publish can access the form ({$form_id})", TDOMF_LOG_BAD); } } } // form hacker modified $mode = tdomf_generate_default_form_mode($form_id) . '-hack'; $curr_unmod_prev = trim(tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode)); $org_unmod_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id)); $hacked_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id)); if ($hacked_prev != false && $curr_unmod_prev != $org_unmod_prev) { $message .= "<font color=\"red\">"; $diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org&type=preview"; $form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}"; $dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss&type=preview", 'tdomf-form-hacker'); $message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the preview output but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss); $message .= "</font><br/>"; } $curr_unmod_form = trim(tdomf_generate_form($form_id, $mode)); $org_unmod_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id)); $hacked_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id)); if ($hacked_form != false && $curr_unmod_form != $org_unmod_form) { $message .= "<font color=\"red\">"; $diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org"; $form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}"; $dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss", 'tdomf-form-hacker'); $message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the generated form but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss); $message .= "</font><br/>"; } // widget errors global $tdomf_form_widgets_admin_errors; $mode = "new-post"; if (tdomf_get_option_form(TDOMF_OPTION_SUBMIT_PAGE, $form_id)) { $mode = "new-page"; } $uri = "admin.php?page=tdomf_show_form_menu&form=" . $form_id; do_action('tdomf_control_form_start', $form_id, $mode); $widget_order = tdomf_get_widget_order($form_id); $widgets = tdomf_filter_widgets($mode, $tdomf_form_widgets_admin_errors); foreach ($widget_order as $w) { if (isset($widgets[$w])) { $widget_message = call_user_func($widgets[$w]['cb'], $form_id, $widgets[$w]['params']); if (!empty($widget_message)) { $message .= "<font color=\"red\">" . $widget_message . sprintf(__(" <a href='%s'>Fix »</a>", "tdomf"), $uri) . "</font><br/>"; } } } // @todo check that key is unique in custom fields } if (get_option(TDOMF_OPTION_EXTRA_LOG_MESSAGES) && !get_option(TDOMF_OPTION_DISABLE_ERROR_MESSAGES)) { $message .= "<font color=\"red\">"; if ($show_links) { $message .= sprintf(__("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! <a href=\"%s\">Change on the Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu"); } else { $message .= __("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! This should only be used for debugging purposes.", "tdomf"); } $message .= "</font><br/>"; } $create_user_link = get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu&action=create_dummy_user"; if (function_exists('wp_nonce_url')) { $create_user_link = wp_nonce_url($create_user_link, 'tdomf-create-dummy-user'); } if (get_option(TDOMF_DEFAULT_AUTHOR) == false) { $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: No default author set! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Option Default Author not set!", TDOMF_LOG_BAD); } else { $def_aut = new WP_User(get_option(TDOMF_DEFAULT_AUTHOR)); if (empty($def_aut->data->ID)) { // User does not exist! Deleting option delete_option(TDOMF_DEFAULT_AUTHOR); $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Current Default Author does not exist! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Current Default Author does not exist! Deleting option.", TDOMF_LOG_BAD); } if ($def_aut->has_cap("publish_posts")) { $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Default author can publish posts. Default author should not be able to publish posts! <a href=\"%s\">Create a dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Option Default Author is set to an author who can publish posts.", TDOMF_LOG_BAD); } } if (function_exists('wp_get_http')) { $post_uri = TDOMF_URLPATH . 'tdomf-form-post.php'; $headers = wp_get_http($post_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent posts from being submitted. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $post_uri, $post_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$post_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } $ajax_uri = TDOMF_URLPATH . 'tdomf-form-ajax.php'; $headers = wp_get_http($ajax_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent forms that use AJAX from submitting posts. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $ajax_uri, $ajax_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$ajax_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } $css_uri = TDOMF_URLPATH . 'tdomf-style-form.css'; $headers = wp_get_http($css_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will make your forms, by default, look very ugly. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $css_uri, $css_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$css_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } } return $message; }
function tdomf_save_post() { $post_id = (int) $_POST['post_ID']; if ($_POST['tdomf_locked'] == "false") { delete_post_meta($post_id, TDOMF_KEY_LOCK); tdomf_log_message("Post {$post_id} is now set to unlocked. Post can be edited by valid TDO Mini Form forms."); } else { tdomf_log_message("Post {$post_id} is now set to locked. Post cannot be edited by any TDO Mini Form forms."); delete_post_meta($post_id, TDOMF_KEY_LOCK); add_post_meta($post_id, TDOMF_KEY_LOCK, true, true); } if ($_POST['tdomf_flag'] == "false") { delete_post_meta($post_id, TDOMF_KEY_FLAG); tdomf_log_message("Removed post {$post_id} from TDOMF"); die("alert('" . sprintf(__('TDOMF: Post %d is no longer managed by TDOMF!', 'tdomf'), $post_id) . "')"); } else { add_post_meta($post_id, TDOMF_KEY_FLAG, true, true); if (isset($_POST["tdomf_user"])) { $user_id = $_POST["tdomf_user"]; if (!empty($user_id) && !is_numeric($user_id)) { if (($userdata = get_userdatabylogin($user_id)) != false) { $user_id = $userdata->ID; } else { die("alert('" . sprintf(__("TDOMF: The user %s is not a valid user and cannot be used for Submitter", "tdomf"), $user_id) . "')"); } } delete_post_meta($post_id, TDOMF_KEY_USER_ID); add_post_meta($post_id, TDOMF_KEY_USER_ID, $user_id, true); tdomf_log_message("Submitter info for post {$post_id} added"); die("alert('" . sprintf(__('TDOMF: TDO Mini Forms info for post %d updated', 'tdomf'), $post_id) . "')"); } else { // do this so that we *know* that submitter user is not used delete_post_meta($post_id, TDOMF_KEY_USER_ID); $name = $_POST["tdomf_name"]; delete_post_meta($post_id, TDOMF_KEY_NAME); add_post_meta($post_id, TDOMF_KEY_NAME, $name, true); $email = $_POST["tdomf_email"]; delete_post_meta($post_id, TDOMF_KEY_EMAIL); add_post_meta($post_id, TDOMF_KEY_EMAIL, $email, true); $web = $_POST["tdomf_web"]; delete_post_meta($post_id, TDOMF_KEY_WEB); add_post_meta($post_id, TDOMF_KEY_WEB, $web, true); tdomf_log_message("Submitter info for post {$post_id} added"); die("alert('" . sprintf(__('TDOMF: TDO Mini Forms info for post %d updated', 'tdomf'), $post_id) . "')"); } } tdomf_log_message("Error captured in EditPostPanel:tdomf_save_post"); die("alert('<?php _e('TDOMF: Error! Incomplete information provided!','tdomf'); ?>')"); }
// Future versions of TDOMF will provide this as an option. // #die( "tdomfRedirect$form_tag('http://thedeadone.net/download/tdo-mini-forms-wordpress-plugin/');" ); } } } } // If retVal is a string, something went wrong! } else { tdomf_ajax_exit($form_id, tdomf_get_message_instance(TDOMF_OPTION_MSG_SUB_ERROR, $form_id, false, false, $retVal), false, false, $post_id); } } else { tdomf_ajax_exit($form_id, tdomf_get_message_instance(TDOMF_OPTION_MSG_SUB_ERROR, $form_id, false, false, $message), false, false, $post_id); } } else { if ($_POST['tdomf_action'] == "preview") { tdomf_log_message("Someone is attempting to preview something"); $message = tdomf_validate_form($tdomf_args, true); if ($message == NULL) { tdomf_log_message("Submission validated. Generating preview..."); $message = tdomf_preview_form($tdomf_args); tdomf_log_message("Now sending back to form using AJAX!"); tdomf_ajax_exit($form_id, $message, false, true, $post_id); } else { tdomf_ajax_exit($form_id, sprintf(__("Your submission contained errors:<br/><br/>%s<br/><br/>Please correct and resubmit.", "tdomf"), $message), false, false, $post_id); } } else { tdomf_ajax_exit($form_id, sprintf(__("TDOMF (AJAX) ERROR: unrecognised action %s!", "tdomf"), $_POST['action']), true, false, $post_id); } } tdomf_ajax_exit($form_id, __("ERROR! Should never reach here.", "tdomf"), true, false, $post_id);
function tdomf_set_state_edit($edit_state, $edit_id) { global $wpdb; #tdomf_log_message("Updating state of edit $edit_id to $edit_state"); $returnVal = false; $key = "tdomf_edit_" . $edit_id; $edit_cache = wp_cache_get($key); $writedb = true; if ($edit_cache != false && is_array($edit_cache) && isset($edit_cache['state'])) { #tdomf_log_message("There is a cache for this edit: $edit_id",TDOMF_LOG_GOOD); if ($edit_cache['state'] == $edit_state) { tdomf_log_message("State does not need to be updated for {$edit_id}. It is already at " . $edit_state, TDOMF_LOG_GOOD); $writedb = false; $returnVal = true; } } if ($writedb) { #tdomf_log_message("Writing new state for $edit_id to db",TDOMF_LOG_GOOD); $table_name = $wpdb->prefix . TDOMF_DB_TABLE_EDITS; $query = "UPDATE {$table_name} \n SET state = '" . $wpdb->escape($edit_state) . "'\n WHERE edit_id = '" . $wpdb->escape($edit_id) . "'"; $returnVal = $wpdb->query($query); } if ($returnVal && $writedb && is_array($edit_cache)) { #tdomf_log_message("Updating cache for $edit_id",TDOMF_LOG_GOOD); $edit_cache['state'] = $edit_state; wp_cache_set($key, $edit_cache); #tdomf_log_message("$edit_id Cache: <pre>" . var_export($edit_cache,true) . "</pre>"); } return $returnVal; }
function tdomf_import_form_from_file() { $form_id = $_REQUEST['form_id']; $ok = true; $message = false; if (!tdomf_form_exists($form_id)) { tdomf_log_message("tdomf_import_form_from_file: bad form id: {$form_id}", TDOMF_LOG_ERROR); $ok = false; } if (!current_user_can('manage_options')) { $ok = false; } if ($ok) { check_admin_referer('tdomf-import-' . $form_id); } if ($ok) { if (isset($_FILES["import_file"])) { $thefile = $_FILES["import_file"]; # tmp_name, name, error, size, type if (@is_uploaded_file($thefile['tmp_name'])) { tdomf_log_message("Import File Found"); $fh = @fopen($thefile['tmp_name'], 'r'); if ($fh != false) { $form_import = fread($fh, filesize($thefile['tmp_name'])); fclose($fh); } else { tdomf_log_message("Error opening file!"); $message = __("Error importing form", "tdomf", TDOMF_LOG_ERROR); $ok = false; } @unlink($thefile['tmp_name']); } else { tdomf_log_message("Error uploading file! <pre>" . var_export($_FILES["import_file"], true) . "</pre>", TDOMF_LOG_ERROR); $message = __("Error importing form", "tdomf"); $ok = false; } } else { tdomf_log_message("Error no 'import_file' value: <pre>" . var_export($_FILES, true) . "</pre>", TDOMF_LOG_ERROR); $message = __("Error importing form", "tdomf", TDOMF_LOG_ERROR); $ok = false; } /*$fh = @fopen('/storage/home/associat/c/cammy/form_export_1.txt', 'r'); if($fh != false) { #$form_import = fread($fh, filesize('/storage/home/associat/c/cammy/form_export_1.txt') + 100); while (!feof($fh)) { $form_import .= fread($fh, 8192); } fclose($fh); tdomf_log_message("Seralized form data: <pre>" . htmlentities($form_import) . "</pre>"); } else { tdomf_log_message("Error opening file!" ); $message = __("Error importing form","tdomf",TDOMF_LOG_ERROR); $ok = false; }*/ } if ($ok) { #error_reporting(E_ALL); $form_data = unserialize($form_import); if (is_array($form_data)) { tdomf_import_form($form_id, $form_data['options'], $form_data['widgets'], $form_data['caps']); tdomf_log_message("Form import succeeded <pre>" . htmlentities(var_export($form_data, true)) . "</pre>", TDOMF_LOG_GOOD); $message = __("Form import successful", "tdomf"); } else { if ($form_data == false) { tdomf_log_message("Form import failed. Couldn't unserialize data: <pre>" . htmlentities($form_import) . "</pre>", TDOMF_LOG_ERROR); $message = __("Failed to unserialize form data: Form import failed", "tdomf"); } else { tdomf_log_message("Form import failed: Data invalid: <pre>" . htmlentities(var_export($form_data, true)) . "</pre>", TDOMF_LOG_ERROR); $message = __("Form import failed", "tdomf"); } $ok = false; } } return $message; }
function tdomf_widget_subscribe_to_comments_post($args) { global $current_user, $sg_subscribe; $options = tdomf_widget_subscribe_to_comments_get_options($args['tdomf_form_id']); get_currentuserinfo(); extract($args); if ($options['always_subscribe'] || $subscribe_to_comments) { if (!isset($subscribe_to_comments_email)) { if (is_user_logged_in() && tdomf_check_email_address($current_user->user_email)) { $subscribe_to_comments_email = $current_user->user_email; } else { if (isset($whoami_email)) { $subscribe_to_comments_email = $whoami_email; } else { tdomf_log_message("Could not find a email address to use for comment subscribption!", TDOMF_LOG_ERROR); } } } /* This method doesn't work because the post must be published... sg_subscribe_start(); if(is_user_logged_in()) { $sg_subscribe->solo_subscribe("",$post_ID); } else { $sg_subscribe->solo_subscribe($subscribe_to_comments_email,$post_ID); } if(isset($sg_subscribe->errors['solo_subscribe'])) { if(count($sg_subscribe->errors['solo_subscribe']) > 1) { foreach($sg_subscribe->errors['solo_subscribe'] as $err) { $errors = $err . "<br/>"; } return $error; } else { return $sg_subscribe->errors['solo_subscribe'][0]; } }*/ // this is how subscibe to email works add_post_meta($post_ID, '_sg_subscribe-to-comments', $subscribe_to_comments_email); // set comment email so that you can "unsubscribe" setcookie('comment_author_email_' . COOKIEHASH, $subscribe_to_comments_email, time() + 30000000, COOKIEPATH); setcookie('tdomf_subscribe_to_comments_widget_email', $subscribe_to_comments_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN); } return NULL; }
function tdomf_cleanup_spam() { global $wpdb; if (!get_option(TDOMF_OPTION_SPAM_AUTO_DELETE)) { return; } // delete edit spam older than a month $edit_list = ''; $time_diff = tdomf_timestamp_wp_sql(time() - 2592000); // 1 month in seconds $edits = tdomf_get_edits(array('state' => 'spam', 'older_than' => $time_diff)); if (count($edits) > 0) { foreach ($edits as $edit) { $edit_list[] = $edit->edit_id; if ($edit->revision_id != 0) { wp_delete_post_revision($edit->revision_id); } if ($edit->current_revision_id != 0) { wp_delete_post_revision($last_edit[0]->current_revision_id); } } tdomf_delete_edits($edit_list); tdomf_log_message("Deleting spam edits older than a month: " . implode(",", $edit_list)); } // delete spam more than a month old $query = "SELECT ID, post_modified_gmt\n FROM {$wpdb->posts}\n LEFT JOIN {$wpdb->postmeta} ON ({$wpdb->posts}.ID = {$wpdb->postmeta}.post_id)\n WHERE meta_key = '" . TDOMF_KEY_SPAM . "'"; $spam_posts = $wpdb->get_results($query); if (count($spam_posts) > 0) { $list = ""; foreach ($spam_posts as $post) { // we use to use post_modified_gmt but since 2.6 or 2.7 this is // no longer set when the post is initially created in draft // $post_date_gmt = get_post_meta($post->ID, TDOMF_KEY_SUBMISSION_DATE, true); if ($post_date_gmt != false) { $post_date_ts = mysql2date('U', $post_date_gmt); $diff = time() - $post_date_ts; if ($diff >= 2952000) { // 1 month (30 days) $list .= $post->ID . ", "; wp_delete_post($post->ID); } tdomf_log_message($post->ID . ' ' . $post_data_ts . ' ' . $diff); } else { // old way // $last_updated = strtotime($post->post_modified_gmt); $diff = time() - $last_updated; if ($diff >= 2952000) { // 1 month (30 days) $list .= $post->ID . ", "; wp_delete_post($post->ID); } } } if ($list != "") { tdomf_log_message("Deleting spam posts older than a month: {$list}"); } } else { #tdomf_log_message("No spam submissions to clean up!",TDOMF_LOG_GOOD); } }
function formHack($args, $options, $postfix = '') { $output = ""; $field = $this->getField($options['type'], $this->index); if ($field != false) { extract($args); $options = $this->updateFieldOptions($options, $options['type'], $this->index); if (TDOMF_Widget::isEditForm($mode, $tdomf_form_id)) { #$fieldPrefix = $this->getFieldPrefix($options['type'],$this->index); $original_value = get_post_meta($args['post_ID'], $options['key'], true); $output .= "\t\t" . '<?php if(strpos($mode,\'-preview\') === false) {' . "\n"; $output .= "\t\t\t" . '$post = get_post($post_id); if($post) {' . "\n"; $output .= "\t\t\t\t" . 'if(!isset($post_args[\'' . $field->getId() . '\'])) {' . "\n"; $output .= "\t\t\t\t\t" . '$post_args[\'' . $field->getId() . '\'] = get_post_meta($post_id,\'' . $options['key'] . '\',true); }' . "\n"; $output .= "\t\t" . '} } ?>' . "\n\n"; } $output .= $field->formHack($args, $options); } else { tdomf_log_message('TDOMF_WidgetCustomFields->formHack(): ERROR: Cant find field', TDOMF_LOG_ERROR); } return $output; }
function wp_notify_postauthor($comment_id, $comment_type = '') { $comment = get_comment($comment_id); $post = get_post($comment->comment_post_ID); $user = get_userdata($post->post_author); if ('' == $user->user_email) { return false; } // If there's no email to send the comment to $comment_author_domain = @gethostbyaddr($comment->comment_author_IP); $blogname = get_option('blogname'); // This little bit of code checks if the comment belongs to a post // submitted via TDOMF. If the author is set to the default TDOMF author // or the TDOMF submitter author does not have spam/delete rights on the // comment, then redirect email to author // $user_email = $user->user_email; if (get_post_meta($comment->comment_post_ID, TDOMF_KEY_FLAG, true) != false) { // default tdomf author if ($post->post_author == get_option(TDOMF_DEFAULT_AUTHOR)) { tdomf_log_message("wp_notify_postauthor: Comment {$comment_id} action email is destined for default author. Redirecting to admin."); $user_email = get_option('admin_email'); } else { // user must have the edit post right to delete or spam a comment $user_role = new WP_User($post->post_author); if (!$user_role->has_cap('edit_post', $comment->comment_post_ID)) { tdomf_log_message("wp_notify_postauthor: Comment {$comment_id} action email is destined for tdomf submitter with incorrect rights. Redirecting to admin."); $user_email = get_option('admin_email'); } else { #tdomf_log_message("wp_notify_postauthor: Comment $comment_id action email is destined for tdomf submitter with correct rights.", TDOMF_LOG_GOOD); } } $user_email = get_option('admin_email'); } else { #tdomf_log_message("wp_notify_postauthor: Comment $comment_id action email for non tdomf mail."); } if (empty($comment_type)) { $comment_type = 'comment'; } if ('comment' == $comment_type) { $notify_message = sprintf(__('New comment on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title) . "\r\n"; $notify_message .= sprintf(__('Author : %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain) . "\r\n"; $notify_message .= sprintf(__('E-mail : %s'), $comment->comment_author_email) . "\r\n"; $notify_message .= sprintf(__('URL : %s'), $comment->comment_author_url) . "\r\n"; $notify_message .= sprintf(__('Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=%s'), $comment->comment_author_IP) . "\r\n"; $notify_message .= __('Comment: ') . "\r\n" . $comment->comment_content . "\r\n\r\n"; $notify_message .= __('You can see all comments on this post here: ') . "\r\n"; $subject = sprintf(__('[%1$s] Comment: "%2$s"'), $blogname, $post->post_title); } elseif ('trackback' == $comment_type) { $notify_message = sprintf(__('New trackback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title) . "\r\n"; $notify_message .= sprintf(__('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain) . "\r\n"; $notify_message .= sprintf(__('URL : %s'), $comment->comment_author_url) . "\r\n"; $notify_message .= __('Excerpt: ') . "\r\n" . $comment->comment_content . "\r\n\r\n"; $notify_message .= __('You can see all trackbacks on this post here: ') . "\r\n"; $subject = sprintf(__('[%1$s] Trackback: "%2$s"'), $blogname, $post->post_title); } elseif ('pingback' == $comment_type) { $notify_message = sprintf(__('New pingback on your post #%1$s "%2$s"'), $comment->comment_post_ID, $post->post_title) . "\r\n"; $notify_message .= sprintf(__('Website: %1$s (IP: %2$s , %3$s)'), $comment->comment_author, $comment->comment_author_IP, $comment_author_domain) . "\r\n"; $notify_message .= sprintf(__('URL : %s'), $comment->comment_author_url) . "\r\n"; $notify_message .= __('Excerpt: ') . "\r\n" . sprintf('[...] %s [...]', $comment->comment_content) . "\r\n\r\n"; $notify_message .= __('You can see all pingbacks on this post here: ') . "\r\n"; $subject = sprintf(__('[%1$s] Pingback: "%2$s"'), $blogname, $post->post_title); } $notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n"; if (function_exists('admin_url')) { $notify_message .= sprintf(__('Delete it: %s'), admin_url("comment.php?action=cdc&c={$comment_id}")) . "\r\n"; $notify_message .= sprintf(__('Spam it: %s'), admin_url("comment.php?action=cdc&dt=spam&c={$comment_id}")) . "\r\n"; } else { $notify_message .= sprintf(__('Delete it: %s'), get_bloginfo('wpurl') . '/wp-admin/comment.php?action=cdc&c=$comment_id') . "\r\n"; $notify_message .= sprintf(__('Spam it: %s'), get_bloginfo('wpurl') . '/comment.php?action=cdc&dt=spam&c=$comment_id') . "\r\n"; } $wp_email = 'wordpress@' . preg_replace('#^www\\.#', '', strtolower($_SERVER['SERVER_NAME'])); if ('' == $comment->comment_author) { $from = "From: \"{$blogname}\" <{$wp_email}>"; if ('' != $comment->comment_author_email) { $reply_to = "Reply-To: {$comment->comment_author_email}"; } } else { $from = "From: \"{$comment->comment_author}\" <{$wp_email}>"; if ('' != $comment->comment_author_email) { $reply_to = "Reply-To: \"{$comment->comment_author_email}\" <{$comment->comment_author_email}>"; } } $message_headers = "{$from}\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n"; if (isset($reply_to)) { $message_headers .= $reply_to . "\n"; } $notify_message = apply_filters('comment_notification_text', $notify_message, $comment_id); $subject = apply_filters('comment_notification_subject', $subject, $comment_id); $message_headers = apply_filters('comment_notification_headers', $message_headers, $comment_id); @wp_mail($user_email, $subject, $notify_message, $message_headers); return true; }
$myfiles[$i] = array("name" => $upload_file_name, "path" => $uploaded_file, "size" => $upload_size, "type" => $upload_type); $count++; tdomf_log_message("File {$upload_file_name} saved to tmp area as {$uploaded_file}. It has a size of {$upload_size} and type of {$upload_type}"); // within an hour, delete the file if not claimed! wp_schedule_single_event(time() + TDOMF_UPLOAD_TIMEOUT, 'tdomf_delete_tmp_file_hook', array($uploaded_file)); } else { tdomf_log_message("move_uploaded_file failed!"); $errors .= sprintf(__("Could not move uploaded file %s to storage area!<br/>", "tdomf"), $upload_file_name); } } else { tdomf_log_message("file {$upload_file_name} uploaded with bad extension: {$ext}"); $errors .= sprintf(__("Files with %s extensions are forbidden.<br/>", "tdomf"), $ext); } } else { if ($upload_error != 0 && !empty($upload_file_name)) { tdomf_log_message("There was a reported error {$upload_error} with the uploaded file!"); switch ($upload_error) { case 1: $errors .= sprintf(__("Sorry but %s was too big. It exceeded the server configuration.<br/>", "tdomf"), $upload_file_name); break; case 2: $errors .= sprintf(__("Sorry but %s was too big. It was greater than %s. It exceeded the configured maximum.<br/>", "tdomf"), $upload_file_name, tdomf_filesize_format($options['size'])); break; case 3: $errors .= sprintf(__("Sorry but only part of %s was uploaded.<br/>", "tdomf"), $upload_file_name); break; case 4: $errors .= __("Sorry file does not exist.<br/>", "tdomf"); break; default: $errors .= sprintf(__("Upload of %s failed for an unknown reason. (%s)<br/>", "tdomf"), $upload_file_name, $upload_error);
function tdomf_moderation_handler() { $message .= ""; # this means a post was deleted # if (isset($_REQUEST['deleted'])) { $message .= __("Submissions deleted. ", "tdomf"); } // bulk actions if (isset($_REQUEST['doaction']) && isset($_REQUEST['action']) && isset($_REQUEST['post'])) { $posts = $_REQUEST['post']; $action = $_REQUEST['action']; if ($action != -1 && is_array($posts) && !empty($posts)) { check_admin_referer('tdomf-moderate-bulk'); switch ($action) { case 'spam_recheck': $spam_list = array(); $ham_list = array(); foreach ($posts as $post) { if (tdomf_check_submissions_spam($post)) { $ham_list[] = $post; } else { $spam_list[] = $post; } } tdomf_log_message('Akismet thinks these submissions are spam: ' . implode(", ", $spam_list)); $message .= sprintf(__("Marked these submissions as spam: %s.", "tdomf"), implode(", ", $spam_list)); tdomf_log_message('Akismet thinks these posts are not spam: ' . implode(", ", $ham_list)); $message .= " "; $message .= sprintf(__("Marked these submissions as not spam: %s.", "tdomf"), implode(", ", $ham_list)); break; case 'delete': foreach ($posts as $p) { wp_delete_post($p); } tdomf_log_message('Deleted ' . implode(", ", $posts) . ' posts'); $message .= sprintf(__("Deleted submissions: %s", "tdomf"), implode(", ", $posts)); break; case 'publish_now': $list = ""; foreach ($posts as $p) { if (!get_post_meta($p, TDOMF_KEY_SPAM)) { // if we're going to publish the post, then it's not spam! tdomf_ham_post($p); } tdomf_publish_post($p, false); $list .= "<a href=\"" . get_permalink($p) . "\">" . $p . "</a>, "; } tdomf_log_message("Published {$list} posts"); $message .= sprintf(__("Attempted to published these submissions immediately: %s", "tdomf"), $list); break; case 'publish': $list = ""; foreach ($posts as $p) { if (!get_post_meta($p, TDOMF_KEY_SPAM)) { // if we're going to publish the post, then it's not spam! tdomf_ham_post($p); } tdomf_publish_post($p); $list .= "<a href=\"" . get_permalink($p) . "\">" . $p . "</a>, "; } tdomf_log_message("Published or queued {$list} posts"); $message .= sprintf(__("Attempted to publish or queue these submissions: %s", "tdomf"), $list); break; case 'unpublish': foreach ($posts as $p) { tdomf_unpublish_post($p); } tdomf_log_message("Un-published " . implode(", ", $posts) . " posts"); $message .= sprintf(__("Attempted to un-publish theses submissions: %s", "tdomf"), implode(", ", $posts)); break; case 'spamit': $spams = array(); foreach ($posts as $p) { if (!get_post_meta($p, TDOMF_KEY_SPAM)) { tdomf_spam_post($p); $spams[] = $p; } } tdomf_log_message("Marked as spam " . implode(", ", $spams) . " posts"); $message .= sprintf(__("Marked these submissions as spam: %s", "tdomf"), implode(", ", $spams)); break; case 'hamit': $hams = array(); foreach ($posts as $p) { if (get_post_meta($p, TDOMF_KEY_SPAM)) { tdomf_spam_post($p); $hams[] = $p; } } if (!empty($hams)) { tdomf_log_message("Marked as ham " . implode(", ", $hams) . " posts"); $message .= sprintf(__("Marked these submissions as not spam: %s", "tdomf"), implode(", ", $hams)); } break; case 'lock': $locks = array(); foreach ($posts as $p) { if (!get_post_meta($p, TDOMF_KEY_LOCK)) { add_post_meta($p, TDOMF_KEY_LOCK, true, true); $locks[] = $p; } } if (!empty($locks)) { tdomf_log_message("Locked " . implode(", ", $locks) . " posts"); $message .= sprintf(__("Locked these posts/pages from editing: %s", "tdomf"), implode(", ", $locks)); } break; case 'unlock': $locks = array(); foreach ($posts as $p) { if (get_post_meta($p, TDOMF_KEY_LOCK)) { delete_post_meta($p, TDOMF_KEY_LOCK); $locks[] = $p; } } if (!empty($locks)) { tdomf_log_message("Unlocked " . implode(", ", $locks) . " posts"); $message .= sprintf(__("Unlocked these posts/pages: %s", "tdomf"), implode(", ", $locks)); } break; case 'edit_spam_recheck': $spam_list = array(); $ham_list = array(); $edit_spam_list = array(); $edit_ham_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if ($last_edit != false && !empty($last_edit)) { if (tdomf_check_edit_spam($last_edit[0]->edit_id, false)) { $ham_list[] = $post; $edit_ham_list[] = $last_edit[0]->edit_id; } else { $spam_list[] = $post; $edit_spam_list[] = $last_edit[0]->edit_id; } } } tdomf_log_message('Akismet thinks these edits are spam: ' . implode(", ", $edit_spam_list)); $message .= sprintf(__("Marked last contribution on these submissions as spam: %s.", "tdomf"), implode(", ", $spam_list)); tdomf_log_message('Akismet thinks these edits are not spam: ' . implode(", ", $edit_ham_list)); $message .= " "; $message .= sprintf(__("Marked last contribution on these submissions as not spam: %s.", "tdomf"), implode(", ", $ham_list)); break; case 'edit_approve': $edit_list = array(); $post_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if (!empty($last_edit) && $last_edit[0]->state != 'approved') { $edit_list[] = $last_edit[0]->edit_id; $post_list[] = $post; $user_id = $last_edit[0]->user_id; if ($last_edit[0]->state == 'spam') { tdomf_hamit_edit($last_edit[0]); } wp_restore_post_revision($edit->revision_id); tdomf_set_state_edit('approved', $last_edit[0]->edit_id); if ($user_id > 0) { tdomf_trust_user($user_id); } } } tdomf_log_message('These edits have been approved: ' . implode(", ", $edit_list)); $message .= sprintf(__("Approved contributions on these submissions: %s.", "tdomf"), implode(", ", $post_list)); break; case 'edit_revert': $edit_list = array(); $post_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if (!empty($last_edit) && $last_edit[0]->state == 'approved' && $last_edit[0]->revision_id != 0 && $last_edit[0]->current_revision_id != 0) { $edit_list[] = $last_edit[0]->edit_id; $post_list[] = $post; wp_restore_post_revision($last_edit[0]->current_revision_id); tdomf_set_state_edit('unapproved', $last_edit[0]->edit_id); } } tdomf_log_message('These edits have been reverted: ' . implode(", ", $edit_list)); $message .= sprintf(__("Latest contribution on these submissions have been reverted: %s.", "tdomf"), implode(", ", $post_list)); break; case 'edit_delete': $edit_list = array(); $post_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if (!empty($last_edit) && $last_edit[0]->state != 'approved') { $edit_list[] = $last_edit[0]->edit_id; $post_list[] = $post; if ($last_edit[0]->revision_id != 0) { wp_delete_post_revision($edit->revision_id); tdomf_log_message("Deleting revision " . $last_edit[0]->revision_id . " on post " . $post); } if ($last_edit[0]->current_revision_id != 0) { wp_delete_post_revision($last_edit[0]->current_revision_id); tdomf_log_message("Deleting revision " . $last_edit[0]->current_revision_id . " on post " . $post); } } tdomf_delete_edits($edit_list); } tdomf_log_message('These edits have been deleted: ' . implode(", ", $edit_list)); $message .= sprintf(__("Latest contribution on these submissions have been deleted: %s.", "tdomf"), implode(", ", $post_list)); break; case 'edit_spamit': $edit_list = array(); $post_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if (!empty($last_edit) && $last_edit[0]->state != 'spam') { $edit_list[] = $last_edit[0]->edit_id; $post_list[] = $post; tdomf_spamit_edit($last_edit[0]); } } tdomf_log_message('These edits have been marked as spam: ' . implode(", ", $edit_list)); $message .= sprintf(__("Latest contribution on these submissions have been marked as spam: %s.", "tdomf"), implode(", ", $post_list)); break; case 'edit_hamit': $edit_list = array(); $post_list = array(); foreach ($posts as $post) { $last_edit = tdomf_get_edits(array('post_id' => $post, 'limit' => 1)); if (!empty($last_edit) && $last_edit[0]->state == 'soam') { $edit_list[] = $last_edit[0]->edit_id; $post_list[] = $post; tdomf_hamit_edit($last_edit[0]); } } tdomf_log_message('These edits have been marked as not spam: ' . implode(", ", $edit_list)); $message .= sprintf(__("Latest contribution on these submissions have been marked as not being spam: %s.", "tdomf"), implode(", ", $post_list)); break; default: tdomf_log_message('Unexpected bulk action ' . $action . ' in moderation screen!', TDOMF_LOG_BAD); $message .= sprintf(__("Unrecognised bulk action %s,", "tdomf"), $action); break; } } // else no posts selected or bulk actions // individual actions // operations on posts/pages (submissions) } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'publish_now') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-publish_' . $post_id); // if we're going to publish the post, then it's not spam! tdomf_ham_post($post_id); tdomf_publish_post($post_id, false); tdomf_log_message("Published post {$post_id}"); $message .= sprintf(__("Published post <a href=\"%s\">%d</a>.", "tdomf"), get_permalink($post_id), $post_id); } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'publish') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-publish_' . $post_id); // if we're going to publish the post, then it's not spam! tdomf_ham_post($post_id); tdomf_publish_post($post_id); tdomf_log_message("Published post {$post_id}"); $message .= sprintf(__("Published post <a href=\"%s\">%d</a>.", "tdomf"), get_permalink($post_id), $post_id); } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'unpublish') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-unpublish_' . $post_id); tdomf_unpublish_post($post_id); tdomf_log_message("Unpublished post {$post_id}"); $message .= sprintf(__("Unpublished post %d.", "tdomf"), $post_id); } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'spamit') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-spamit_' . $post_id); if (!get_post_meta($post_id, TDOMF_KEY_SPAM)) { tdomf_spam_post($post_id); tdomf_log_message("Post {$post_id} submitted as spam"); $message .= sprintf(__("Post %d flagged as spam", "tdomf"), $post_id); } else { $message .= sprintf(__("Did not flag post %d as being spam as it is already flagged appropriately.", "tdomf"), $post_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'hamit') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-hamit_' . $post_id); if (get_post_meta($post_id, TDOMF_KEY_SPAM)) { tdomf_ham_post($post_id); tdomf_log_message("Post {$post_id} submitted as ham"); $message .= sprintf(__("Post %d flagged as not being spam", "tdomf"), $post_id); } else { $message .= sprintf(__("Did not flag post %d as not being spam as it is already flagged appropriately.", "tdomf"), $post_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'lock') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-lock_' . $post_id); if (!get_post_meta($post_id, TDOMF_KEY_LOCK)) { add_post_meta($post_id, TDOMF_KEY_LOCK, true, true); tdomf_log_message("Post {$post_id} locked"); $message .= sprintf(__("Post %d is now locked from editing", "tdomf"), $post_id); } else { $message .= sprintf(__("Post %d is already locked from editing.", "tdomf"), $post_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'unlock') { $post_id = $_REQUEST['post']; check_admin_referer('tdomf-unlock_' . $post_id); if (get_post_meta($post_id, TDOMF_KEY_LOCK)) { delete_post_meta($post_id, TDOMF_KEY_LOCK); tdomf_log_message("Post {$post_id} unlocked"); $message .= sprintf(__("Post %d is now unlocked.", "tdomf"), $post_id); } else { $message .= sprintf(__("Post %d is already unlocked.", "tdomf"), $post_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'approve_edit') { $edit_id = $_REQUEST['edit']; check_admin_referer('tdomf-approve_edit_' . $edit_id); $edit = tdomf_get_edit($edit_id); if ($edit && ($edit->state == 'spam' || $edit->state == 'unapproved')) { if ($edit->state == 'spam') { tdomf_hamit_edit($edit); } wp_restore_post_revision($edit->revision_id); tdomf_set_state_edit('approved', $edit_id); if ($edit->user_id > 0) { tdomf_trust_user($edit->user_id); } tdomf_log_message("Edit {$edit_id} has been approved on post " . $edit->post_id); $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been approved and published', "tdomf"), get_permalink($edit->post_id), $edit->post_id); } else { tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD); $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'revert_edit') { $edit_id = $_REQUEST['edit']; check_admin_referer('tdomf-revert_edit_' . $edit_id); $edit = tdomf_get_edit($edit_id); if ($edit && $edit->state == 'approved' && $edit->revision_id != 0 && $edit->current_revision_id != 0) { wp_restore_post_revision($edit->current_revision_id); tdomf_set_state_edit('unapproved', $edit_id); tdomf_log_message("Edit {$edit_id} on post " . $edit->post_id . " has been reverted"); $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has reverted to previous revision', "tdomf"), get_permalink($edit->post_id), $edit->post_id); } else { tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD); $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete_edit') { $edit_id = $_REQUEST['edit']; check_admin_referer('tdomf-delete_edit_' . $edit_id); $edit = tdomf_get_edit($edit_id); if ($edit && $edit->state != 'approved') { $post_id = $edit->post_id; if ($edit->revision_id != 0) { wp_delete_post_revision($edit->revision_id); tdomf_log_message("Deleting revision {$revision_id} on post " . $post_id); } if ($edit->current_revision_id != 0) { wp_delete_post_revision($edit->current_revision_id); tdomf_log_message("Deleting revision {$current_revision_id} on post " . $post_id); } tdomf_delete_edits(array($edit_id)); tdomf_log_message("Edit {$edit_id} on post " . $post_id . " has been deleted"); $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has deleted', "tdomf"), get_permalink($edit->post_id), $edit->post_id); } else { tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD); $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'spamit_edit') { $edit_id = $_REQUEST['edit']; check_admin_referer('tdomf-spamit_edit_' . $edit_id); $edit = tdomf_get_edit($edit_id); if ($edit && $edit->state != 'spam') { tdomf_spamit_edit($edit); tdomf_log_message("Marking edit {$edit_id} as spam!"); $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been flagged as spam', "tdomf"), get_permalink($edit->post_id), $edit->post_id); } else { tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD); $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id); } } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'hamit_edit') { $edit_id = $_REQUEST['edit']; check_admin_referer('tdomf-hamit_edit_' . $edit_id); $edit = tdomf_get_edit($edit_id); if ($edit && $edit->state == 'spam') { tdomf_spamit_edit($edit); tdomf_log_message("Marking edit {$edit_id} as not spam!"); $message .= sprintf(__('Contribution to <a href="%s">Post %d</a> has been flagged as not being spam', "tdomf"), get_permalink($edit->post_id), $edit->post_id); } else { tdomf_log_message("Invalid {$action} performed on edit {$edit_id}", TDOMF_LOG_BAD); $message .= sprintf(__('Invalid action %s or invalid edit identifier %d!', 'tdomf'), $_REQUEST['action'], $edit_id); } } } } } } } } } } } } } } if (!empty($message)) { ?> <div id="message" class="updated fade"><p><?php echo $message; ?> </p></div> <?php } }
function handleLinkAction() { $post_id = false; if (isset($_GET['key']) && isset($_GET['tdomf_autorespondemail_post_id'])) { $key = $_GET['key']; $post_id = $_GET['tdomf_autorespondemail_post_id']; if (!wp_verify_nonce($key, 'tdomf-autorespondemail-' . $post_id)) { $message = __('TDOMF: nonce fail', 'tdomf'); tdomf_log_message("[autorespondemail] nonce {$key} invalid for Post ID {$post_id}", TDOMF_LOG_ERROR); $post_id = false; } } else { $message = __('TDOMF: Bad input values', 'tdomf'); tdomf_log_message("[autorespondemail] Missing 'key' and 'tdomf_autorespondemail_post_id'", TDOMF_LOG_ERROR); } if ($post_id) { $tdomf_key = get_post_meta($post_id, TDOMF_KEY_FLAG, true); if (!$tdomf_key) { $message = __('This is not a TDOMF post', 'tdomf'); tdomf_log_message("[autorespondemail] Tried to flag post {$post_id} that isn't a TDOMF post", TDOMF_LOG_ERROR); $post_id = false; } } if ($post_id) { $form_id = get_post_meta($post_id, TDOMF_KEY_FORM_ID, true); if (!$form_id) { $message = __('No Form ID is set on this post', 'tdomf'); tdomf_log_message("[autorespondemail] Form ID is not set on this post {$post_id}", TDOMF_LOG_ERROR); $post_id = false; } } if ($post_id) { $options = $this->getOptions($form_id); if (!$options['link']) { $message = __('This form is not configured', 'tdomf'); tdomf_log_message("[autorespondemail] Form ID {$form_id} is not configured for autorespondemail on post {$post_id}", TDOMF_LOG_ERROR); $post_id = false; } } if ($post_id) { $field = get_post_meta($post_id, $options['link'], true); if (!empty($field)) { $message = __('You have already set this post!', 'tdomf'); tdomf_log_message("[autorespondemail] Already flagged post {$post_id}", TDOMF_LOG_BAD); $post_id = false; } } if ($post_id) { update_post_meta($post_id, $options['link'], true); $message = __('Thank you', 'tdomf'); tdomf_log_message("[autorespondemail] Flagged post {$post_id} (with Form ID {$form_id})", TDOMF_LOG_GOOD); } echo $message; exit; }
/** * Validate widget input * * @access public * @return Mixed */ function validate($args, $options, $preview) { // don't bother validating for preview if ($preview) { return NULL; } extract($args); $output = ""; if (empty($args['recaptcha_response_field'])) { return __('Please complete the reCAPTCHA.', 'tdomf'); } if (!function_exists('recaptcha_check_answer')) { @(require_once TDOMF_RECAPTCHALIB_PATH); } $response = recaptcha_check_answer($options['privatekey'], $_SERVER['REMOTE_ADDR'], $args['recaptcha_challenge_field'], $args['recaptcha_response_field']); if (!$response->is_valid) { $form_data = tdomf_get_form_data($args['tdomf_form_id']); $form_data['recaptcha_error'] = $response->error; tdomf_save_form_data($args['tdomf_form_id'], $form_data); if ($response->error == 'incorrect-captcha-sol') { return __('That reCAPTCHA was incorrect.', 'tdomf'); } else { tdomf_log_message('reCAPTCHA error ' . $response->error . '. Please refer to <a href="http://recaptcha.net/apidocs/captcha/">reCaptcha docs</a> for more information', TDOMF_LOG_ERROR); return __('Invalid reCAPTCHA configuration.', 'tdomf'); } } return NULL; }
function tdomf_handle_form_options_actions() { global $wpdb, $wp_roles; $message = ""; $retValue = false; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $roles = $wp_roles->role_objects; $caps = tdomf_get_all_caps(); $remove_throttle_rule = false; $rule_id = 0; if (isset($_REQUEST['tdomf_form_id'])) { $form_id = intval($_REQUEST['tdomf_form_id']); $rules = tdomf_get_option_form(TDOMF_OPTION_THROTTLE_RULES, $form_id); if (is_array($rules)) { foreach ($rules as $id => $r) { if (isset($_REQUEST["tdomf_remove_throttle_rule_{$id}"])) { $remove_throttle_rule = true; $rule_id = $id; break; } } } } if ($remove_throttle_rule) { check_admin_referer('tdomf-options-save'); unset($rules[$rule_id]); tdomf_set_option_form(TDOMF_OPTION_THROTTLE_RULES, $rules, $form_id); $message .= "Throttle rule removed!<br/>"; tdomf_log_message("Removed throttle rule"); } else { if (isset($_REQUEST['tdomf_add_throttle_rule'])) { check_admin_referer('tdomf-options-save'); $form_id = intval($_REQUEST['tdomf_form_id']); $rule = array(); $rule['sub_type'] = $_REQUEST['tdomf_throttle_rule_sub_type']; $rule['count'] = $_REQUEST['tdomf_throttle_rule_count']; $rule['type'] = $_REQUEST['tdomf_throttle_rule_user_type']; $rule['opt1'] = isset($_REQUEST['tdomf_throttle_rule_opt1']); $rule['time'] = intval($_REQUEST['tdomf_throttle_rule_time']); $rules = tdomf_get_option_form(TDOMF_OPTION_THROTTLE_RULES, $form_id); if (!is_array($rules)) { $rules = array(); } $rules[] = $rule; tdomf_set_option_form(TDOMF_OPTION_THROTTLE_RULES, $rules, $form_id); $message .= "Throttle rule added!<br/>"; tdomf_log_message("Added a new throttle rule: " . var_export($rule, true)); } else { if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'create_form_page') { check_admin_referer('tdomf-create-form-page'); $form_id = intval($_REQUEST['form']); $page_id = tdomf_create_form_page($form_id); $message = sprintf(__("A page with the form has been created. <a href='%s'>View page »</a><br/>", "tdomf"), get_permalink($page_id)); } else { if (isset($_REQUEST['save_settings']) && isset($_REQUEST['tdomf_form_id'])) { check_admin_referer('tdomf-options-save'); $form_id = intval($_REQUEST['tdomf_form_id']); // Edit or Submit $edit_form = false; if (isset($_REQUEST['tdomf_mode']) && $_REQUEST['tdomf_mode'] == "edit") { $edit_form = true; } tdomf_set_option_form(TDOMF_OPTION_FORM_EDIT, $edit_form, $form_id); // Allow pages with forms to be editted $edit_page_form = isset($_REQUEST['tdomf_edit_page_form']); tdomf_set_option_form(TDOMF_OPTION_EDIT_PAGE_FORM, $edit_page_form, $form_id); // Allow authors to edit $author_edit = false; if (isset($_REQUEST['tdomf_author_edit'])) { $author_edit = true; } tdomf_set_option_form(TDOMF_OPTION_ALLOW_AUTHOR, $author_edit, $form_id); // Edit post within X seconds of being published $time_edit = false; if (isset($_REQUEST['tdomf_time_edit'])) { $time_edit = intval($_REQUEST['tdomf_time_edit']); if ($time_edit <= 0) { $time_edit = false; } } tdomf_set_option_form(TDOMF_OPTION_ALLOW_TIME, $time_edit, $form_id); // Who can access the form? if (isset($_REQUEST['tdomf_special_access_anyone']) && tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id) == false) { tdomf_set_option_form(TDOMF_OPTION_ALLOW_EVERYONE, true, $form_id); foreach ($roles as $role) { // remove cap as it's not needed if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) { $role->remove_cap(TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id); } } tdomf_set_option_form(TDOMF_OPTION_ALLOW_CAPS, array(), $form_id); } else { if (!isset($_REQUEST['tdomf_special_access_anyone'])) { tdomf_set_option_form(TDOMF_OPTION_ALLOW_EVERYONE, false, $form_id); // add cap to right roles foreach ($roles as $role) { if (isset($_REQUEST["tdomf_access_" . $role->name])) { $role->add_cap(TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id); } else { if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) { $role->remove_cap(TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id); } } } // list caps that can access form $allow_caps = array(); foreach ($caps as $cap) { if (isset($_REQUEST['tdomf_access_caps_' . $cap])) { $allow_caps[] = $cap; } } tdomf_set_option_form(TDOMF_OPTION_ALLOW_CAPS, $allow_caps, $form_id); // convert user names to ids $allow_users = array(); if (isset($_REQUEST['tdomf_access_users_list'])) { $user_names = trim($_REQUEST['tdomf_access_users_list']); if (!empty($user_names)) { $user_names = explode(' ', $user_names); foreach ($user_names as $user_name) { if (!empty($user_name)) { if (($userdata = get_userdatabylogin($user_name)) != false) { $allow_users[] = $userdata->ID; } else { $message .= "<font color='red'>" . sprintf(__("{$user_name} is not a valid user name. Ignoring.<br/>", "tdomf"), $form_id) . "</font>"; tdomf_log_message("User login {$user_name} is not recognised by wordpress. Ignoring.", TDOMF_LOG_BAD); } } } } } tdomf_set_option_form(TDOMF_OPTION_ALLOW_USERS, $allow_users, $form_id); } } tdomf_set_option_form(TDOMF_OPTION_ALLOW_PUBLISH, isset($_REQUEST['tdomf_user_publish_override']), $form_id); // Who gets notified? $notify_roles = ""; foreach ($roles as $role) { if (isset($_REQUEST["tdomf_notify_" . $role->name])) { $notify_roles .= $role->name . ";"; } } if (!empty($notify_roles)) { tdomf_set_option_form(TDOMF_NOTIFY_ROLES, $notify_roles, $form_id); } else { tdomf_set_option_form(TDOMF_NOTIFY_ROLES, false, $form_id); } $save = true; $tdomf_admin_emails = $_POST['tdomf_admin_emails']; $emails = explode(',', $tdomf_admin_emails); foreach ($emails as $email) { if (!empty($email)) { if (!tdomf_check_email_address($email)) { $message .= "<font color='red'>" . sprintf(__("The email %s is not valid! Please update 'Who Gets Notified' with valid email addresses.", "tdomf"), $email) . "</font><br/>"; $save = false; break; } } } if ($save) { tdomf_set_option_form(TDOMF_OPTION_ADMIN_EMAILS, $tdomf_admin_emails, $form_id); } // Default Category $def_cat = $_POST['tdomf_def_cat']; tdomf_set_option_form(TDOMF_DEFAULT_CATEGORY, $def_cat, $form_id); // Restrict editing to posts submitted by tdomf $edit_restrict_tdomf = isset($_REQUEST['tdomf_edit_tdomf_only']); tdomf_set_option_form(TDOMF_OPTION_EDIT_RESTRICT_TDOMF, $edit_restrict_tdomf, $form_id); $edit_restrict_cats = explode(',', trim($_REQUEST['tdomf_edit_cats'])); if (!empty($edit_restrict_cats)) { $cats = array(); foreach ($edit_restrict_cats as $cat) { $cat = intval(trim($cat)); if ($cat > 0) { $cats[] = $cat; } } $edit_restrict_cats = $cats; } else { $edit_restrict_cats = array(); } tdomf_set_option_form(TDOMF_OPTION_EDIT_RESTRICT_CATS, $edit_restrict_cats, $form_id); // add edit link $add_edit_link = $_REQUEST['tdomf_add_edit_link']; if ($add_edit_link == 'custom') { $add_edit_link = $_REQUEST['tdomf_add_edit_link_custom_url']; } tdomf_set_option_form(TDOMF_OPTION_ADD_EDIT_LINK, $add_edit_link, $form_id); $ajax_edit = isset($_REQUEST['tdomf_ajax_edit']); tdomf_set_option_form(TDOMF_OPTION_AJAX_EDIT, $ajax_edit, $form_id); // auto modify edit link $auto_edit_link = $_REQUEST['tdomf_auto_edit_link']; if ($auto_edit_link == 'custom') { $auto_edit_link = $_REQUEST['tdomf_auto_edit_link_custom_url']; } tdomf_set_option_form(TDOMF_OPTION_AUTO_EDIT_LINK, $auto_edit_link, $form_id); //Turn On/Off Moderation $mod = false; if (isset($_POST['tdomf_moderation'])) { $mod = true; } tdomf_set_option_form(TDOMF_OPTION_MODERATION, $mod, $form_id); $tdomf_redirect = isset($_POST['tdomf_redirect']); tdomf_set_option_form(TDOMF_OPTION_REDIRECT, $tdomf_redirect, $form_id); //Preview $preview = false; if (isset($_POST['tdomf_preview'])) { $preview = true; } tdomf_set_option_form(TDOMF_OPTION_PREVIEW, $preview, $form_id); //From email if (trim($_POST['tdomf_from_email']) == "") { tdomf_set_option_form(TDOMF_OPTION_FROM_EMAIL, false, $form_id); } else { tdomf_set_option_form(TDOMF_OPTION_FROM_EMAIL, $_POST['tdomf_from_email'], $form_id); } // Form name if (trim($_POST['tdomf_form_name']) == "") { tdomf_set_option_form(TDOMF_OPTION_NAME, "", $form_id); } else { tdomf_set_option_form(TDOMF_OPTION_NAME, strip_tags($_POST['tdomf_form_name']), $form_id); } // Form description if (trim($_POST['tdomf_form_descp']) == "") { tdomf_set_option_form(TDOMF_OPTION_DESCRIPTION, false, $form_id); } else { tdomf_set_option_form(TDOMF_OPTION_DESCRIPTION, $_POST['tdomf_form_descp'], $form_id); } // Include on "your submissions" page // $include = false; if (isset($_POST['tdomf_include_sub'])) { $include = true; } tdomf_set_option_form(TDOMF_OPTION_INCLUDED_YOUR_SUBMISSIONS, $include, $form_id); if (get_option(TDOMF_OPTION_YOUR_SUBMISSIONS) && $include) { $message .= sprintf(__("Saved Options for Form %d. <a href='%s'>See your form »</a>", "tdomf"), $form_id, "users.php?page=tdomf_your_submissions#tdomf_form%d") . "<br/>"; } else { $message .= sprintf(__("Saved Options for Form %d.", "tdomf"), $form_id) . "<br/>"; } // widget count // $widget_count = 10; if (isset($_POST['tdomf_widget_count'])) { $widget_count = intval($_POST['tdomf_widget_count']); } if ($widget_count < 1) { $widget_count = 1; } tdomf_set_option_form(TDOMF_OPTION_WIDGET_INSTANCES, $widget_count, $form_id); //Submit page instead of post // $use_page = false; if (isset($_POST['tdomf_use_type']) && $_POST['tdomf_use_type'] == 'page') { $use_page = true; } tdomf_set_option_form(TDOMF_OPTION_SUBMIT_PAGE, $use_page, $form_id); // Queue period // $tdomf_queue_period = intval($_POST['tdomf_queue_period']); tdomf_set_option_form(TDOMF_OPTION_QUEUE_PERIOD, $tdomf_queue_period, $form_id); // Queue on all // $tdomf_queue_on_all = isset($_POST['tdomf_queue_on_all']); tdomf_set_option_form(TDOMF_OPTION_QUEUE_ON_ALL, $tdomf_queue_on_all, $form_id); // ajax // $tdomf_ajax = isset($_POST['tdomf_ajax']); tdomf_set_option_form(TDOMF_OPTION_AJAX, $tdomf_ajax, $form_id); // Send moderation email even for published posts // $tdomf_mod_email_on_pub = isset($_POST['tdomf_mod_email_on_pub']); tdomf_set_option_form(TDOMF_OPTION_MOD_EMAIL_ON_PUB, $tdomf_mod_email_on_pub, $form_id); // Admin users auto-publish? // $tdomf_publish_no_mod = isset($_POST['tdomf_user_publish_auto']); tdomf_set_option_form(TDOMF_OPTION_PUBLISH_NO_MOD, $tdomf_publish_no_mod, $form_id); // Spam // $message .= tdomf_handle_spam_options_actions($form_id); tdomf_log_message("Options Saved for Form ID {$form_id}"); } else { if (isset($_REQUEST['delete'])) { $form_id = intval($_REQUEST['delete']); check_admin_referer('tdomf-delete-form-' . $form_id); if (tdomf_form_exists($form_id)) { $count_forms = count(tdomf_get_form_ids()); if ($count_forms > 1) { if (tdomf_delete_form($form_id)) { $message .= sprintf(__("Form %d deleted.<br/>", "tdomf"), $form_id); } else { $message .= sprintf(__("Could not delete Form %d!<br/>", "tdomf"), $form_id); } } else { $message .= sprintf(__("You cannot delete the last form! There must be at least one form in the system.<br/>", "tdomf"), $form_id); } } else { $message .= sprintf(__("Form %d is not valid!<br/>", "tdomf"), $form_id); } } else { if (isset($_REQUEST['copy'])) { $form_id = intval($_REQUEST['copy']); check_admin_referer('tdomf-copy-form-' . $form_id); $copy_form_id = tdomf_copy_form($form_id); if ($copy_form_id != 0) { $message .= sprintf(__("Form %d copied with id %d.<br/>", "tdomf"), $form_id, $copy_form_id); $retValue = $copy_form_id; } else { $message .= sprintf(__("Failed to copy Form %d!<br/>", "tdomf"), $form_id); } } else { if (isset($_REQUEST['new'])) { check_admin_referer('tdomf-new-form'); $form_id = tdomf_create_form(__('New Form', 'tdomf'), array()); if ($form_id != 0) { $message .= sprintf(__("New form created with %d.<br/>", "tdomf"), $form_id); $retValue = $form_id; } else { $message .= __("Failed to create new Form!<br/>", "tdomf"); } } } } } } } } // Warnings $message .= tdomf_get_error_messages(false); if (!empty($message)) { ?> <div id="message" class="updated fade"><p><?php echo $message; ?> </p></div> <?php } return $retValue; }