public function skip_contact($skip, $form_id, $inline_shortcodes)
{
if ($skip) {
return $skip;
}
$params = array();
$params['comment_author'] = strtr(atmb_get_field('form_akismet_author', $form_id), $inline_shortcodes);
$params['comment_author_email'] = strtr(atmb_get_field('form_akismet_author_email', $form_id), $inline_shortcodes);
$params['comment_author_url'] = strtr(atmb_get_field('form_akismet_author_url', $form_id), $inline_shortcodes);
$params['comment_content'] = strtr(atmb_get_field('form_akismet_content', $form_id), $inline_shortcodes);
$params['blog'] = get_option('home');
$params['blog_lang'] = get_locale();
$params['blog_charset'] = get_option('blog_charset');
$params['user_ip'] = POJO_FORMS()->helpers->get_client_ip();
$params['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$params['referrer'] = $_SERVER['HTTP_REFERER'];
// http://blog.akismet.com/2012/06/19/pro-tip-tell-us-your-comment_type/
$params['comment_type'] = 'contact-form';
$ignore = array('HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW');
foreach ($_SERVER as $key => $value) {
if (!in_array($key, $ignore) && is_string($value)) {
$params[$key] = $value;
}
}
if ($this->remote_check_comment($params)) {
$skip = true;
}
return $skip;
}
public function mail_validation($form_id)
{
$recaptcha = atmb_get_field('form_recaptcha_enable', $form_id);
if ('enable' === $recaptcha) {
if (empty($_POST['g-recaptcha-response'])) {
wp_send_json_error(array('message' => __('The Captcha field cannot be blank. Please enter a value.', 'pojo-forms')));
}
$recaptcha_errors = array('missing-input-secret' => __('The secret parameter is missing.', 'pojo-forms'), 'invalid-input-secret' => __('The secret parameter is invalid or malformed.', 'pojo-forms'), 'missing-input-response' => __('The response parameter is missing.', 'pojo-forms'), 'invalid-input-response' => __('The response parameter is invalid or malformed.', 'pojo-forms'));
$recaptcha_response = $_POST['g-recaptcha-response'];
$recaptcha_secret = atmb_get_field('form_recaptcha_secret_key', $form_id);
$client_ip = POJO_FORMS()->helpers->get_client_ip();
$request = array('body' => array('secret' => $recaptcha_secret, 'response' => $recaptcha_response, 'remoteip' => $client_ip));
$response = wp_remote_post('https://www.google.com/recaptcha/api/siteverify', $request);
$response_code = wp_remote_retrieve_response_code($response);
if (200 !== $response_code) {
wp_send_json_error(array('message' => sprintf(__('Can not connect to the reCAPTCHA server (%d).', 'pojo-forms'), $response_code)));
}
$body = wp_remote_retrieve_body($response);
$result = json_decode($body, true);
if (!$result['success']) {
$message = __('Invalid Form', 'pojo-forms');
$result_errors = array_flip($result['error-codes']);
foreach ($recaptcha_errors as $error_key => $error_desc) {
if (isset($result_errors[$error_key])) {
$message = $recaptcha_errors[$error_key];
break;
}
}
wp_send_json_error(array('message' => $message));
}
}
}
/**
* Front-end display of widget.
*
* @see WP_Widget::widget()
*
* @param array $args Widget arguments.
* @param array $instance Saved values from database.
*/
public function widget($args, $instance)
{
$instance['title'] = apply_filters('widget_title', $instance['title']);
if (empty($instance['form'])) {
return;
}
echo $args['before_widget'];
if (!empty($instance['title'])) {
echo $args['before_title'] . $instance['title'] . $args['after_title'];
}
echo do_shortcode(POJO_FORMS()->helpers->get_shortcode_text($instance['form']));
echo $args['after_widget'];
}
/**
* Creates blank index.php and .htaccess files
*
* This function runs approximately once per month in order to ensure all folders
* have their necessary protection files
*
* @since 1.2.3
*
* @param bool $force
*
* @return void
*/
public function _create_protection_files($force = false)
{
if (false === get_transient('pojo_forms_check_protection_files') || $force) {
$upload_path = POJO_FORMS()->helpers->get_upload_dir();
$files = array(array('file' => 'index.php', 'content' => '<?php' . PHP_EOL . '// Silence is golden.'), array('file' => '.htaccess', 'content' => 'Options -Indexes' . PHP_EOL));
foreach ($files as $file) {
if (!file_exists(trailingslashit($upload_path) . $file['file'])) {
@file_put_contents(trailingslashit($upload_path) . $file['file'], $file['content']);
}
}
// Check for the files once per day
set_transient('pojo_forms_check_protection_files', true, DAY_IN_SECONDS);
}
}
public function form_contact_submit()
{
$return_array = array('fields' => array(), 'link' => '');
if (empty($_POST['form_id'])) {
$return_array['message'] = Pojo_Forms_Messages::get_default_message(Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$form = get_post(absint($_POST['form_id']));
if (!$form || 'pojo_forms' !== $form->post_type || !isset($_POST['_nonce']) || !wp_verify_nonce($_POST['_nonce'], 'contact-form-send-' . $form->ID)) {
$return_array['message'] = Pojo_Forms_Messages::get_default_message(Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$repeater_fields = atmb_get_field_without_type('fields', 'form_', $form->ID);
if (empty($repeater_fields)) {
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$this->_files = array();
foreach ($repeater_fields as $field_index => $field) {
$field_name = 'form_field_' . ($field_index + 1);
$field_label = $field['name'];
// TODO: Valid by field type
if ($field['required'] && empty($_POST[$field_name]) && $field['type'] != 'file') {
$return_array['fields'][$field_name] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::FIELD_REQUIRED);
}
if ('file' === $field['type']) {
$file_upload_error = array(UPLOAD_ERR_OK => __('There is no error, the file uploaded with success.', 'pojo-forms'), UPLOAD_ERR_INI_SIZE => __('The uploaded file exceeds the upload_max_filesize directive in php.ini.', 'pojo-forms'), UPLOAD_ERR_FORM_SIZE => __('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.', 'pojo-forms'), UPLOAD_ERR_PARTIAL => __('The uploaded file was only partially uploaded.', 'pojo-forms'), UPLOAD_ERR_NO_FILE => __('No file was uploaded.', 'pojo-forms'), UPLOAD_ERR_NO_TMP_DIR => __('Missing a temporary folder.', 'pojo-forms'), UPLOAD_ERR_CANT_WRITE => __('Failed to write file to disk.', 'pojo-forms'), UPLOAD_ERR_EXTENSION => __('A PHP extension stopped the file upload. PHP does not provide a way to ascertain which extension caused the file upload to stop; examining the list of loaded extensions with phpinfo() may help.', 'pojo-forms'));
// The file is required?
$is_file_uploaded = isset($_FILES[$field_name]) && UPLOAD_ERR_NO_FILE !== $_FILES[$field_name]['error'];
if (!$is_file_uploaded) {
if ($field['required']) {
$return_array['fields'][$field_name] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::FIELD_REQUIRED);
}
continue;
}
$file = $_FILES[$field_name];
// Has any error with upload the file?
if ($file['error'] > UPLOAD_ERR_OK && UPLOAD_ERR_NO_FILE !== $file['error'] && empty($return_array['fields'])) {
$error_code = $file['error'];
$return_array['fields'][$field_name] = $file_upload_error[$error_code];
}
// File type validation
if (empty($field['file_types'])) {
$field['file_types'] = 'jpg,jpeg,png,gif,pdf,doc,docx,ppt,pptx,odt,avi,ogg,m4a,mov,mp3,mp4,mpg,wav,wmv';
}
$file_extension = pathinfo($file['name'], PATHINFO_EXTENSION);
$file_types_meta = explode(',', $field['file_types']);
$file_types_meta = array_map('trim', $file_types_meta);
if (!in_array($file_extension, $file_types_meta) && empty($return_array['fields'])) {
$return_array['fields'][$field_name] = __('This file type is not allowed.', 'pojo-forms');
}
// File size validation
$file_size_meta = $field['file_sizes'] * pow(1024, 2);
$upload_file_size = $file['size'];
if ($upload_file_size > $file_size_meta && empty($return_array['fields'])) {
$return_array['fields'][$field_name] = __('This file size is to big, try smaller one.', 'pojo-forms');
}
// If we don't have any errors
if (empty($return_array['fields'])) {
$uploads_dir = POJO_FORMS()->helpers->get_upload_dir();
$filename = uniqid() . '.' . $file_extension;
$filename = wp_unique_filename($uploads_dir, $filename);
$new_file = trailingslashit($uploads_dir) . $filename;
if (is_dir($uploads_dir) && is_writable($uploads_dir)) {
$move_new_file = @move_uploaded_file($file['tmp_name'], $new_file);
if (false !== $move_new_file) {
// Set correct file permissions.
$perms = 0644;
@chmod($new_file, $perms);
$this->_files[$field_label] = $new_file;
} else {
$return_array['fields'][$field_name] = __('There was an error while trying uploading your file.', 'pojo-forms');
}
} else {
$return_array['fields'][$field_name] = __('Upload directory is not writable, or does not exist.', 'pojo-forms');
}
}
}
}
// End foreach
// This action for private used.
// Please do not use this action for this moment.
do_action('__pojo_forms_mail_validation', $form->ID);
if (empty($return_array['fields'])) {
$email_to = trim(atmb_get_field('form_email_to', $form->ID));
$email_subject = trim(atmb_get_field('form_email_subject', $form->ID));
if (empty($email_subject)) {
$email_subject = sprintf(__('New message from "%s"', 'pojo-forms'), get_bloginfo('name'));
}
$email_html = '';
$inline_shortcodes = $field_values = array();
foreach ($repeater_fields as $field_index => $field) {
$field_name = 'form_field_' . ($field_index + 1);
$field_label = $field['name'];
$field_value = '';
if (isset($_POST[$field_name])) {
$field_value = stripslashes_deep($_POST[$field_name]);
if (is_array($field_value)) {
$field_value = implode(', ', $field_value);
}
}
if (isset($this->_files[$field_label])) {
$field_value = $this->_get_file_url($this->_files[$field_label]);
}
$inline_shortcodes[$field['shortcode']] = $field_value;
$field_values[] = array('title' => $field['name'], 'value' => $field_value);
$email_html .= sprintf('%s: %s' . PHP_EOL, $field['name'], $field_value);
}
$metadata_types = (array) atmb_get_field('form_metadata', $form->ID, Pojo_MetaBox::FIELD_CHECKBOX_LIST);
if (!empty($metadata_types)) {
$email_html .= PHP_EOL . '---' . PHP_EOL . PHP_EOL;
$tmpl_line_html = '%s: %s' . PHP_EOL;
foreach ($metadata_types as $metadata_type) {
switch ($metadata_type) {
case 'time':
$email_html .= sprintf($tmpl_line_html, __('Time', 'pojo-forms'), date('H:i', current_time('timestamp')));
break;
case 'date':
$email_html .= sprintf($tmpl_line_html, __('Date', 'pojo-forms'), date('d/m/Y', current_time('timestamp')));
break;
case 'page_url':
$title = __('Page URL', 'pojo-forms');
$value = home_url($_POST['_wp_http_referer']);
$field_values[] = array('title' => $title, 'value' => $value);
$email_html .= sprintf($tmpl_line_html, $title, $value);
break;
case 'user_agent':
$title = __('User Agent', 'pojo-forms');
$value = $_SERVER['HTTP_USER_AGENT'];
$field_values[] = array('title' => $title, 'value' => $value);
$email_html .= sprintf($tmpl_line_html, $title, $value);
break;
case 'remote_ip':
$email_html .= sprintf($tmpl_line_html, __('Remote IP', 'pojo-forms'), POJO_FORMS()->helpers->get_client_ip());
break;
case 'credit':
$email_html .= apply_filters('pojo_forms_email_credit', __('Powered by http://pojo.me/', 'pojo-forms')) . PHP_EOL;
break;
}
}
}
$skip = apply_filters('pojo_forms_skip_contact', false, $form->ID, $inline_shortcodes);
if (!$skip) {
$email_from_name = atmb_get_field('form_email_form_name', $form->ID);
if (empty($email_from_name)) {
$email_from_name = get_bloginfo('name');
}
$email_from = atmb_get_field('form_email_form', $form->ID);
if (empty($email_from)) {
$email_from = get_bloginfo('admin_email');
}
$email_reply_to = atmb_get_field('form_email_reply_to', $form->ID);
if (empty($email_reply_to)) {
$email_reply_to = $email_from;
}
$email_subject = strtr($email_subject, $inline_shortcodes);
$email_from_name = strtr($email_from_name, $inline_shortcodes);
$email_from = strtr($email_from, $inline_shortcodes);
$email_reply_to = strtr($email_reply_to, $inline_shortcodes);
$headers = sprintf('From: %s <%s>' . "\r\n", $email_from_name, $email_from);
$headers .= sprintf('Reply-To: %s' . "\r\n", $email_reply_to);
$headers = apply_filters('pojo_forms_wp_mail_headers', $headers);
// Temp filter
$email_html = apply_filters('pojo_forms_wp_mail_message', $email_html);
wp_mail($email_to, $email_subject, $email_html, $headers);
do_action('pojo_forms_mail_sent', $form->ID, $field_values, $this->_files);
} else {
do_action('pojo_forms_mail_blocked', $form->ID);
}
$redirect_to = atmb_get_field('form_redirect_to', $form->ID);
if (empty($redirect_to) || !filter_var($redirect_to, FILTER_VALIDATE_URL)) {
$redirect_to = '';
}
$return_array['link'] = $redirect_to;
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::SUCCESS);
wp_send_json_success($return_array);
} else {
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::ERROR);
wp_send_json_error($return_array);
}
wp_send_json_error($return_array);
die;
}
include 'classes/class-pojo-forms-cf7db.php';
$cf7db = new Pojo_Forms_CF7DB();
}
}
public function admin_notices()
{
echo '<div class="error"><p>' . sprintf(__('<a href="%s" target="_blank">Pojo Theme</a> is not active. Please activate any theme by Pojo.me before you are using "Pojo Forms" plugin.', 'pojo-forms'), 'http://pojo.me/') . '</p></div>';
}
public function print_update_error()
{
echo '<div class="error"><p>' . sprintf(__('The Pojo Forms is not supported by this version of %s. Please <a href="%s">upgrade the theme to its latest version</a>.', 'pojo-forms'), Pojo_Core::instance()->licenses->updater->theme_name, admin_url('update-core.php')) . '</p></div>';
}
protected function __construct()
{
include 'classes/class-pojo-forms-helpers.php';
include 'classes/class-pojo-forms-maintenance.php';
$this->helpers = new Pojo_Forms_Helpers();
$this->maintenance = new Pojo_Forms_Maintenance();
add_action('after_setup_theme', array(&$this, 'bootstrap'), 100);
add_action('plugins_loaded', array(&$this, 'load_textdomain'));
}
}
/**
* @return Pojo_Forms
*/
function POJO_FORMS()
{
return Pojo_Forms::instance();
}
POJO_FORMS();
public function post_submitbox_misc_actions()
{
global $post;
if ('pojo_forms' !== $post->post_type) {
return;
}
?>
<div class="misc-pub-section" id="form-preview-shortcode">
<input type="text" class="copy-paste-shortcode" value="<?php
echo esc_attr(POJO_FORMS()->helpers->get_shortcode_text($post->ID));
?>
" readonly />
<span><?php
_e('Copy and paste this shortcode into your Text editor or use with Form Widget.', 'pojo-forms');
?>
</span>
</div>
<div class="misc-pub-section">
<?php
printf('<a href="javascript:void(0);" class="btn-admin-preview-shortcode button" data-action="form_preview_shortcode" data-id="%d">%s</a>', $post->ID, __('Preview', 'pojo-forms'));
?>
</div>
<?php
}
