function pc_user_auth()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'js_ajax_auth') {
include_once PC_DIR . '/classes/pc_form_framework.php';
include_once PC_DIR . '/classes/simple_form_validator.php';
include_once PC_DIR . '/functions.php';
$f_fw = new pc_form();
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'pc_auth_username', 'label' => 'username', 'required' => true);
$indexes[] = array('index' => 'pc_auth_psw', 'label' => 'psw', 'required' => true);
$indexes[] = array('index' => 'pc_remember_me', 'label' => 'remember me');
$validator->formHandle($indexes);
$error = $validator->getErrors();
$fdata = $validator->form_val;
// honeypot check
if (!$f_fw->honeypot_validaton()) {
echo json_encode(array('resp' => 'error', 'mess' => "Antispam - we've got a bot here!"));
die;
}
// error message
if ($error) {
die(json_encode(array('resp' => 'error', 'mess' => __('Incorrect username or password', 'pc_ml'))));
} else {
//// try to login
$response = pc_login($fdata['pc_auth_username'], $fdata['pc_auth_psw'], $fdata['pc_remember_me']);
// user not found
if (!$response) {
echo json_encode(array('resp' => 'error', 'mess' => __('Username or password incorrect', 'pc_ml')));
die;
} elseif ($response === 2 || $response === 3) {
echo json_encode(array('resp' => 'error', 'mess' => pc_get_message('pc_default_pu_mex')));
die;
}
// custom error
if ($response !== true) {
echo json_encode(array('resp' => 'error', 'mess' => $response));
die;
} else {
// redirect logged user to pvt page
if (get_option('pg_redirect_back_after_login') && isset($_SESSION['pc_last_restricted']) && filter_var($_SESSION['pc_last_restricted'], FILTER_VALIDATE_URL)) {
$redirect_url = $_SESSION['pc_last_restricted'];
} else {
// check for custom categories redirects
$custom_cat_redirect = pc_user_cats_login_redirect(pc_user_logged('categories'));
$redirect_url = $custom_cat_redirect ? $custom_cat_redirect : pc_man_redirects('pg_logged_user_redirect');
}
echo json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_login_ok_mex'), 'redirect' => $redirect_url));
die;
}
}
die;
// security block
}
}
public function validate_form($indexes, $custom_errors = array(), $user_id = false, $specific_checks = true)
{
include_once 'simple_form_validator.php';
global $wpdb;
$validator = new simple_fv();
$validator->formHandle((array) $indexes);
$fdata = $validator->form_val;
// clean data and save options
foreach ($fdata as $key => $val) {
if (is_string($val)) {
$fdata[$key] = stripslashes($val);
} elseif (is_array($val)) {
$fdata[$key] = array();
foreach ($val as $arr_val) {
$fdata[$key][] = stripslashes($arr_val);
}
}
}
/*** special validation cases ***/
foreach ($indexes as $field) {
// password strength
if ($field['index'] == 'psw') {
$psw_strength = $this->check_psw_strength($fdata['psw']);
if ($psw_strength !== true) {
$validator->custom_error[__("Password strength", 'pc_ml')] = $psw_strength;
}
}
// username unicity
if ($specific_checks && $field['index'] == 'username') {
$already_exists = $user_id ? ' AND id != ' . (int) $user_id : '';
$wpdb->query($wpdb->prepare("SELECT id FROM " . PC_USERS_TABLE . " WHERE username = %s AND status != 0 " . $already_exists . " LIMIT 1", trim((string) $fdata['username'])));
if ($wpdb->num_rows) {
$validator->custom_error[__("Username", 'pc_ml')] = __("Another user already has this username", 'pc_ml');
}
}
// categories
if ($specific_checks && $field['index'] == 'categories' && !empty($fdata['categories'])) {
$cats = !isset($GLOBALS['pc_escape_no_reg_cats']) ? pc_user_cats(false) : pc_user_cats(true);
foreach ((array) $fdata['categories'] as $f_cat) {
if (!isset($cats[$f_cat])) {
$name = $this->fields['categories']['label'];
$validator->custom_error[$name] = __("One or more chosen categories are wrong", 'pc_ml');
break;
}
}
}
}
// wrap up
$this->form_data = $fdata;
$errors = $validator->getErrors();
if (!empty($custom_errors)) {
if (!empty($errors)) {
$errors .= '<br/>';
}
$errors .= implode('<br/>', $custom_errors);
}
// PC-FILTER - add custom errors on form validation - passes errors string and form data
$this->errors = apply_filters('pc_form_valid_errors', $errors, $fdata);
return empty($this->errors) ? true : false;
}
////////////////////////////////////////////////////
/////////// IF IMPORING USERS //////////////////////
////////////////////////////////////////////////////
// security check
if (!isset($_POST['pc_import_users'])) {
die('Nice try!');
}
if (!isset($_POST['pc_nonce']) || !wp_verify_nonce($_POST['pc_nonce'], 'lcwp_nonce')) {
die('<p>Cheating?</p>');
}
include_once PC_DIR . '/functions.php';
include_once PC_DIR . '/classes/simple_form_validator.php';
include_once PC_DIR . '/classes/pc_form_framework.php';
global $wpdb, $pc_users;
$f_fw = new pc_form();
$validator = new simple_fv();
$indexes = array();
//$indexes[] = array('index'=>'pc_imp_file', 'label'=>__('CSV file', 'pc_ml'), 'mime_type'=>array('application/vnd.ms-excel', 'application/octet-stream', 'application/csv', 'text/csv'), 'required'=>true);
$indexes[] = array('index' => 'pc_imp_separator', 'label' => __("Field Delimiter", 'pc_ml'), 'required' => true, 'max_len' => 1);
$indexes[] = array('index' => 'pc_imp_pvt_page', 'label' => "Enable Pvt Page");
$indexes[] = array('index' => 'pc_imp_cat', 'label' => __('Category', 'pc_ml'), 'required' => true);
$indexes[] = array('index' => 'pc_imp_ignore_first', 'label' => "Ignore first row");
$indexes[] = array('index' => 'pc_imp_error_stop', 'label' => "Stop if errors found");
$indexes[] = array('index' => 'pc_imp_existing_stop', 'label' => "Stop if duplicated found");
$indexes[] = array('index' => 'pc_wps_error_stop', 'label' => "Stop if wp sync fails");
$indexes[] = array('index' => 'pc_cfi_import', 'label' => "Custom fields");
$validator->formHandle($indexes);
$fdata = $validator->form_val;
// more compatible upload validation
if (!isset($_FILES["pc_imp_file"]) || !isset($_FILES["pc_imp_file"]["tmp_name"]) || trim($_FILES["pc_imp_file"]["tmp_name"]) == '') {
$validator->custom_error[__("CSV file", 'pc_ml')] = __("is missing", 'pc_ml');
function pc_update_reg_form()
{
if (!isset($_POST['pc_nonce']) || !wp_verify_nonce($_POST['pc_nonce'], 'lcwp_ajax')) {
die('Cheating?');
}
include_once PC_DIR . '/classes/simple_form_validator.php';
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'form_id', 'label' => 'form id', 'type' => 'int', 'required' => true);
$indexes[] = array('index' => 'form_name', 'label' => 'form name', 'required' => true, 'max_len' => 250);
$indexes[] = array('index' => 'fields_included', 'label' => 'fields included', 'required' => true);
$indexes[] = array('index' => 'fields_required', 'label' => 'fields required', 'required' => true);
$indexes[] = array('index' => 'texts', 'label' => 'text blocks');
$validator->formHandle($indexes);
$fdata = $validator->form_val;
// check username and password fields existence
if (!is_array($fdata['fields_included']) || !in_array('username', $fdata['fields_included']) || !in_array('psw', $fdata['fields_included'])) {
$validator->custom_error[__("Form structure", 'pc_ml')] = __("Username and password fields are mandatory", 'pc_ml');
}
$error = $validator->getErrors();
if (!$error) {
// clean texts from slashes
if (!empty($fdata['texts'])) {
$escaped = array();
foreach ((array) $fdata['texts'] as $val) {
$escaped[] = stripslashes($val);
}
$fdata['texts'] = $escaped;
}
// setup array - user base64_encode to prevent WP tags cleaning
$descr = base64_encode(serialize(array('include' => $fdata['fields_included'], 'require' => $fdata['fields_required'], 'texts' => $fdata['texts'])));
// update
$result = wp_update_term($fdata['form_id'], 'pc_reg_form', array('name' => $fdata['form_name'], 'description' => $descr));
echo is_wp_error($result) ? $result->get_error_message() : 'success';
} else {
echo $error;
}
die;
}
function mg_items_meta_save($post_id)
{
if (isset($_POST['mg_item_noncename'])) {
// authentication checks
if (!wp_verify_nonce($_POST['mg_item_noncename'], 'lcwp_nonce')) {
return $post_id;
}
// check user permissions
if ($_POST['post_type'] == 'page') {
if (!current_user_can('edit_page', $post_id)) {
return $post_id;
}
} else {
if (!current_user_can('edit_post', $post_id)) {
return $post_id;
}
}
require_once MG_DIR . '/functions.php';
require_once MG_DIR . '/classes/simple_form_validator.php';
$validator = new simple_fv();
$indexes = array();
// thumb center
$indexes[] = array('index' => 'mg_thumb_center', 'label' => 'Thumbnail Center');
// main type and layout
$indexes[] = array('index' => 'mg_main_type', 'label' => 'Item Type');
$indexes[] = array('index' => 'mg_layout', 'label' => 'Display Mode');
$indexes[] = array('index' => 'mg_lb_max_w', 'label' => 'Lightbox Max-width');
$indexes[] = array('index' => 'mg_img_maxheight', 'label' => 'Full size image max-height');
// custom attributes
if (is_array(mg_get_type_opt_indexes($_POST['mg_main_type']))) {
foreach (mg_get_type_opt_indexes($_POST['mg_main_type']) as $copt) {
$indexes[] = array('index' => $copt, 'label' => $copt);
}
}
// type attributes
$type_opt = mg_types_meta_opt($_POST['mg_main_type']);
if ($type_opt) {
foreach ($type_opt as $opt) {
$indexes[] = $opt['validate'];
}
}
$validator->formHandle($indexes);
$fdata = $validator->form_val;
$error = $validator->getErrors();
// clean data
foreach ($fdata as $key => $val) {
if (!is_array($val)) {
$fdata[$key] = stripslashes($val);
} else {
$fdata[$key] = array();
foreach ($val as $arr_val) {
$fdata[$key][] = stripslashes($arr_val);
}
}
}
// save data
foreach ($fdata as $key => $val) {
delete_post_meta($post_id, $key);
add_post_meta($post_id, $key, $fdata[$key], true);
}
// update the grid categories
mg_upd_item_upd_grids($post_id);
}
return $post_id;
}
function mg_wc_meta_save($post_id)
{
if (isset($_POST['mg_wc_noncename'])) {
// authentication checks
if (!wp_verify_nonce($_POST['mg_wc_noncename'], 'lcwp_nonce')) {
return $post_id;
}
// check user permissions
if ($_POST['post_type'] == 'page') {
if (!current_user_can('edit_page', $post_id)) {
return $post_id;
}
} else {
if (!current_user_can('edit_post', $post_id)) {
return $post_id;
}
}
include_once MG_DIR . '/functions.php';
include_once MG_DIR . '/classes/simple_form_validator.php';
$validator = new simple_fv();
$indexes = array();
// thumb center
$indexes[] = array('index' => 'mg_thumb_center', 'label' => 'Thumbnail Center');
// layout and img settings
$indexes[] = array('index' => 'mg_main_type', 'label' => 'Enable product');
$indexes[] = array('index' => 'mg_layout', 'label' => 'Display Mode');
$indexes[] = array('index' => 'mg_lb_max_w', 'label' => 'Lightbox Max-width');
$indexes[] = array('index' => 'mg_wc_prod_cats', 'label' => 'Product categories');
$indexes[] = array('index' => 'mg_img_maxheight', 'label' => 'Image max height');
// multiple images
$indexes[] = array('index' => 'mg_slider_add_featured', 'label' => 'Prepend featured image');
foreach (mg_types_meta_opt('img_gallery') as $opt) {
$indexes[] = $opt['validate'];
}
$validator->formHandle($indexes);
$fdata = $validator->form_val;
$error = $validator->getErrors();
// clean data
foreach ($fdata as $key => $val) {
if (!is_array($val)) {
$fdata[$key] = stripslashes($val);
} else {
$fdata[$key] = array();
foreach ($val as $arr_val) {
$fdata[$key][] = stripslashes($arr_val);
}
}
}
// save data
foreach ($fdata as $key => $val) {
delete_post_meta($post_id, $key);
add_post_meta($post_id, $key, $fdata[$key], true);
}
// assign mg cats to this product
if (!is_array($fdata['mg_wc_prod_cats'])) {
$fdata['mg_wc_prod_cats'] = array();
}
wp_set_post_terms($post_id, $fdata['mg_wc_prod_cats'], 'mg_item_categories', $append = false);
// update the grid categories
mg_upd_item_upd_grids($post_id);
}
return $post_id;
}
function nb_save_box()
{
include_once NB_DIR . '/functions.php';
include_once NB_DIR . '/classes/simple_form_validator.php';
$validator = new simple_fv();
$indexes = array();
// sources
$indexes[] = array('index' => 'box_id', 'label' => __('Box ID', 'nb_ml'), 'required' => true, 'type' => 'int');
$indexes[] = array('index' => 'max_news', 'label' => __('News to keep', 'nb_ml'), 'required' => true, 'type' => 'int', 'min_val' => 1, 'max_val' => 40);
$indexes[] = array('index' => 'news_per_time', 'label' => __('News per time', 'nb_ml'), 'required' => true, 'type' => 'int', 'min_val' => 1, 'max_val' => 15);
$indexes[] = array('index' => 'height', 'label' => __('Box height', 'nb_ml'), 'required' => true, 'type' => 'int');
$indexes[] = array('index' => 'layout', 'label' => 'Box main layout');
$indexes[] = array('index' => 'boxed_news', 'label' => "Boxed style?");
$indexes[] = array('index' => 'horiz_img_mode', 'label' => "Horiz image mode?");
$indexes[] = array('index' => 'buttons_position', 'label' => "Buttons position");
$indexes[] = array('index' => 'hide_elements', 'label' => "Global elements to hide");
$indexes[] = array('index' => 'btn_over_img', 'label' => "Side buttons over image?");
$indexes[] = array('index' => 'show_src_logo', 'label' => "Show news source logo?");
$indexes[] = array('index' => 'horiz_img_h', 'label' => __("Image's height <small>(for horizontal layout)</small>", 'nb_ml'), 'type' => 'int');
$indexes[] = array('index' => 'vert_img_w', 'label' => __("Image's width <small>(for vertical layout)</small>", 'nb_ml'), 'type' => 'int');
$indexes[] = array('index' => 'title_behavior', 'label' => "News title behavior");
$indexes[] = array('index' => 'img_behavior', 'label' => "Main image behavior");
$indexes[] = array('index' => 'date_format', 'label' => __('Date format', 'nb_ml'), 'required' => true);
$indexes[] = array('index' => 'elapsed_time', 'label' => "Use elapsed time?");
$indexes[] = array('index' => 'read_more_btn', 'label' => 'Replace date with "read more" button?');
$indexes[] = array('index' => 'read_more_btn_txt', 'label' => __('"Read more"', 'nb_ml') . ' ' . __("button's text", 'nb_ml'));
$indexes[] = array('index' => 'expandable_news', 'label' => "Expandable news?");
$indexes[] = array('index' => 'scroll_exp_elem', 'label' => "Keep close button and side image visible on scroll?");
//$indexes[] = array('index'=>'exp_main_img_pos', 'label'=>"Main image position");
$indexes[] = array('index' => 'manage_exp_images', 'label' => "Manage news images?");
//$indexes[] = array('index'=>'exp_img_w', 'label'=>"Image's container width");
//$indexes[] = array('index'=>'height', 'label'=>__("Image's container width", 'nb_ml'), 'required'=>true);
$indexes[] = array('index' => 'nav_arrows', 'label' => "Navigation arrows position");
$indexes[] = array('index' => 'carousel', 'label' => 'Carousel mode?');
$indexes[] = array('index' => 'animation_time', 'label' => __("Animation time", 'nb_ml'), 'required' => true, 'type' => 'int');
$indexes[] = array('index' => 'autoplay', 'label' => 'Autoplay slideshow?');
$indexes[] = array('index' => 'slideshow_time', 'label' => __("Slideshow interval", 'nb_ml'), 'required' => true, 'type' => 'int');
$indexes[] = array('index' => 'pause_on_hover', 'label' => 'Pause on hover?');
$indexes[] = array('index' => 'slide_all', 'label' => 'Slide all visible elements?');
$indexes[] = array('index' => 'autop_after_exp', 'label' => 'Resume autoplay after expanded news closing?');
$validator->formHandle($indexes);
$fdata = $validator->form_val;
$error = $validator->getErrors();
if ($error) {
die('<div class="error"><p>' . $error . '</p></div>');
} else {
// sources
$sources = array();
$sources_data = json_decode(rawurldecode(stripslashes($_POST['src_data'])));
if (!is_array($sources_data) || count($sources_data) == 0) {
_e('A news source is needed', 'nb_ml');
die;
}
foreach ($sources_data as $src) {
$sources[] = nb_serArr_to_php($src);
}
// clean settings
foreach ($fdata as $key => $val) {
if (!is_array($val)) {
$fdata[$key] = stripslashes($val);
} else {
$fdata[$key] = array();
foreach ($val as $arr_val) {
$fdata[$key][] = stripslashes($arr_val);
}
}
}
// wrap up elements
$box_data = array('src' => $sources, 'settings' => $fdata);
// save
$result = wp_update_term($fdata['box_id'], 'nb_boxes', array('slug' => uniqid(), 'description' => serialize($box_data)));
echo is_wp_error($result) ? $result->get_error_message() : 'success';
}
die;
}
function pcud_save_form()
{
if (!isset($_POST['pcud_nonce']) || !wp_verify_nonce($_POST['pcud_nonce'], 'lcwp_ajax')) {
die('Cheating?');
}
include_once PC_DIR . '/classes/simple_form_validator.php';
$validator = new simple_fv();
$indexes = array();
$indexes[] = array('index' => 'form_id', 'label' => 'form id', 'type' => 'int', 'required' => true);
$indexes[] = array('index' => 'fields_included', 'label' => 'fields included');
$indexes[] = array('index' => 'fields_required', 'label' => 'fields required');
$indexes[] = array('index' => 'texts', 'label' => 'text blocks');
$indexes[] = array('index' => 'redirect', 'label' => 'redirect target');
$indexes[] = array('index' => 'cust_redir', 'label' => 'custom redirect target');
$validator->formHandle($indexes);
$fdata = $validator->form_val;
$error = $validator->getErrors();
if (!$error) {
// clean texts from slashes
if (!empty($fdata['texts'])) {
$escaped = array();
foreach ((array) $fdata['texts'] as $val) {
$escaped[] = stripslashes($val);
}
$fdata['texts'] = $escaped;
}
// setup array - user base64_encode to prevent WP tags cleaning
$descr = base64_encode(serialize(array('include' => (array) $fdata['fields_included'], 'require' => (array) $fdata['fields_required'], 'texts' => (array) $fdata['texts'], 'redirect' => $fdata['redirect'], 'cust_redir' => $fdata['cust_redir'])));
// update
$result = wp_update_term($fdata['form_id'], 'pcud_forms', array('description' => $descr));
echo is_wp_error($result) ? $result->get_error_message() : 'success';
} else {
echo $error;
}
die;
}
