function cp_process_paypal_transaction() { global $wpdb; if ($_POST['txn_id']) { // since paypal sends over the date as a string, we need to convert it // into a mysql date format. There will be a time difference due to PayPal's // US pacific time zone and your server time zone $payment_date = strtotime($_POST['payment_date']); $payment_date = strftime('%Y-%m-%d %H:%M:%S', $payment_date); //setup some values that are not always sent if (isset($_REQUEST['aid'])) { $aid = $_REQUEST['aid']; } else { $aid = ''; } if (isset($_POST['reason_code'])) { $reason_code = $_POST['reason_code']; } else { $reason_code = ''; } // check and make sure this transaction hasn't already been added $results = $wpdb->get_var($wpdb->prepare("SELECT txn_id FROM {$wpdb->cp_order_info} WHERE txn_id = %s LIMIT 1", appthemes_clean($_POST['txn_id']))); if (!$results) { // @todo Change to Insert $sql = $wpdb->prepare("INSERT INTO {$wpdb->cp_order_info}" . " (ad_id, first_name, last_name, payer_email, residence_country, transaction_subject, item_name,\r\n item_number, payment_type, payer_status, payer_id, receiver_id, parent_txn_id, txn_id, mc_gross, mc_fee, payment_status,\r\n pending_reason, txn_type, tax, mc_currency, reason_code, custom, test_ipn, payment_date, create_date\r\n ) " . "VALUES ( %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", appthemes_clean($aid), appthemes_clean($_POST['first_name']), appthemes_clean($_POST['last_name']), appthemes_clean($_POST['payer_email']), appthemes_clean($_POST['residence_country']), appthemes_clean($_POST['transaction_subject']), appthemes_clean($_POST['item_name']), appthemes_clean($_POST['item_number']), appthemes_clean($_POST['payment_type']), appthemes_clean($_POST['payer_status']), appthemes_clean($_POST['payer_id']), appthemes_clean($_POST['receiver_id']), appthemes_clean($_POST['parent_txn_id']), appthemes_clean($_POST['txn_id']), appthemes_clean($_POST['mc_gross']), appthemes_clean($_POST['mc_fee']), appthemes_clean($_POST['payment_status']), appthemes_clean($_POST['pending_reason']), appthemes_clean($_POST['txn_type']), appthemes_clean($_POST['tax']), appthemes_clean($_POST['mc_currency']), appthemes_clean($reason_code), appthemes_clean($_POST['custom']), appthemes_clean($_POST['test_ipn']), $payment_date, current_time('mysql')); $results = $wpdb->query($sql); // ad transaction already exists so it must be an update via PayPal IPN (refund, etc) // @todo send through prepare } else { $update = "UPDATE {$wpdb->cp_order_info} SET" . " payment_status = '" . $wpdb->escape(appthemes_clean($_POST['payment_status'])) . "'," . " mc_gross = '" . $wpdb->escape(appthemes_clean($_POST['mc_gross'])) . "'," . " txn_type = '" . $wpdb->escape(appthemes_clean($_POST['txn_type'])) . "'," . " reason_code = '" . $wpdb->escape(appthemes_clean($reason_code)) . "'," . " mc_currency = '" . $wpdb->escape(appthemes_clean($_POST['mc_currency'])) . "'," . " test_ipn = '" . $wpdb->escape(appthemes_clean($_POST['test_ipn'])) . "'," . " create_date = '" . $wpdb->escape($payment_date) . "'" . " WHERE txn_id ='" . $wpdb->escape($_POST['txn_id']) . "'"; //Updating transaction that was already found $results = $wpdb->query($update); } } }
function cp_process_paypal_transaction() { global $wpdb; if (isset($_POST['txn_id'])) { // since paypal sends over the date as a string, we need to convert it // into a mysql date format. There will be a time difference due to PayPal's // US pacific time zone and your server time zone $payment_date = strtotime($_POST['payment_date']); $payment_date = strftime('%Y-%m-%d %H:%M:%S', $payment_date); //setup some values that are not always sent if (isset($_REQUEST['aid'])) { $aid = trim($_REQUEST['aid']); $the_ad = get_post($aid); $user_id = $the_ad->post_author; } else { $aid = ''; $user_id = trim($_REQUEST['uid']); } $reason_code = isset($_POST['reason_code']) ? $_POST['reason_code'] : ''; $pending_reason = isset($_POST['pending_reason']) ? $_POST['pending_reason'] : ''; $parent_txn_id = isset($_POST['parent_txn_id']) ? $_POST['parent_txn_id'] : ''; $test_ipn = isset($_POST['test_ipn']) ? $_POST['test_ipn'] : ''; // check and make sure this transaction hasn't already been added $results = $wpdb->get_var($wpdb->prepare("SELECT txn_id FROM {$wpdb->cp_order_info} WHERE txn_id = %s LIMIT 1", appthemes_clean($_POST['txn_id']))); if (!$results) { $data = array('ad_id' => appthemes_clean($aid), 'user_id' => appthemes_clean($user_id), 'first_name' => appthemes_clean($_POST['first_name']), 'last_name' => appthemes_clean($_POST['last_name']), 'payer_email' => appthemes_clean($_POST['payer_email']), 'residence_country' => appthemes_clean($_POST['residence_country']), 'transaction_subject' => appthemes_clean($_POST['transaction_subject']), 'item_name' => appthemes_clean($_POST['item_name']), 'item_number' => appthemes_clean($_POST['item_number']), 'payment_type' => appthemes_clean($_POST['payment_type']), 'payer_status' => appthemes_clean($_POST['payer_status']), 'payer_id' => appthemes_clean($_POST['payer_id']), 'receiver_id' => appthemes_clean($_POST['receiver_id']), 'parent_txn_id' => appthemes_clean($parent_txn_id), 'txn_id' => appthemes_clean($_POST['txn_id']), 'mc_gross' => appthemes_clean($_POST['mc_gross']), 'mc_fee' => appthemes_clean($_POST['mc_fee']), 'payment_status' => appthemes_clean($_POST['payment_status']), 'pending_reason' => appthemes_clean($pending_reason), 'txn_type' => appthemes_clean($_POST['txn_type']), 'tax' => appthemes_clean($_POST['tax']), 'mc_currency' => appthemes_clean($_POST['mc_currency']), 'reason_code' => appthemes_clean($reason_code), 'custom' => appthemes_clean($_POST['custom']), 'test_ipn' => appthemes_clean($test_ipn), 'payment_date' => $payment_date, 'create_date' => current_time('mysql')); $wpdb->insert($wpdb->cp_order_info, $data); // ad transaction already exists so it must be an update via PayPal IPN (refund, etc) } else { //Updating transaction that was already found $data = array('payment_status' => appthemes_clean($_POST['payment_status']), 'mc_gross' => appthemes_clean($_POST['mc_gross']), 'txn_type' => appthemes_clean($_POST['txn_type']), 'reason_code' => appthemes_clean($reason_code), 'mc_currency' => appthemes_clean($_POST['mc_currency']), 'test_ipn' => appthemes_clean($_POST['test_ipn']), 'create_date' => $payment_date); $wpdb->update($wpdb->cp_order_info, $data, array('txn_id' => $_POST['txn_id'])); } } }
public function get_attachment() { if ('POST' != $_SERVER['REQUEST_METHOD']) { die(json_encode(array('success' => false, 'message' => __('Error: only post method allowed.', APP_TD)))); } $required = array('ID', 'url', 'title'); foreach ($required as $key) { if (!isset($_POST[$key])) { die(json_encode(array('success' => false, 'message' => __('Error: missing required post data.', APP_TD)))); } } $post_id = absint($_POST['ID']); $url = appthemes_clean($_POST['url']); $title = wp_kses_data($_POST['title']); $attachment = $this->_get_attachment($post_id, $url); if (!$attachment) { $attachment = $this->alt_attachment($url, $post_id, $title); } if ($attachment) { $attachment->thumbnail_html = $this->display_attachment_thumbnail($attachment); $attachment->upload_date = appthemes_display_date($attachment->post_date, 'date'); $attachment->dimensions = $this->display_attachment_dimensions($attachment); die(json_encode($attachment)); } die(json_encode(array('success' => false, 'message' => __('Error: attachment not found.', APP_TD)))); }
/** * Cleaning report options * * @param string $string * * @return string */ public function report_options_clean($string) { $string = str_replace(array("\r\n", "\r"), "\n", $string); $string = str_replace("\t", "", $string); $string = appthemes_clean($string); return $string; }
function cp_cat_base() { _deprecated_function(__FUNCTION__, '3.0.5'); if (appthemes_clean(get_option('category_base')) == '') { $cat_base = home_url('/') . 'category'; } else { $cat_base = home_url('/') . get_option('category_base'); } return $cat_base; }
function appthemes_update_options($options) { if (isset($_POST['submitted']) && $_POST['submitted'] == 'yes') { foreach ($options as $value) { if (isset($value['id']) && isset($_POST[$value['id']])) { // echo $value['id'] . '<-- value ID | ' . $_POST[$value['id']] . '<-- $_POST value ID <br/><br/>'; // FOR DEBUGGING update_option($value['id'], appthemes_clean($_POST[$value['id']])); } else { @delete_option($value['id']); } } echo '<div id="message" class="updated fade"><p><strong>' . __('Your settings have been saved.', 'appthemes') . '</strong></p></div>'; } }
$order = get_user_orders($current_user->ID, $_REQUEST['oid']); //if the order was found by OID, setup the order details into the $order variable if (isset($order) && $order) { $order = get_option($order); } //make sure the order sent from payment gateway is logged in the database and that the current user created it if (isset($order['order_id']) && $order['order_id'] == $_REQUEST['oid'] && $order['user_id'] == $current_user->ID) { $order_processed = appthemes_process_membership_order($current_user, $order); //send email to user if ($order_processed) { cp_owner_activated_membership_email($current_user, $order_processed); } } else { $order_processed = false; // check and make sure this transaction hasn't already been added $sql = "SELECT * " . "FROM {$wpdb->cp_order_info} " . "WHERE custom = '" . $wpdb->escape(appthemes_clean($_REQUEST['oid'])) . "' LIMIT 1"; $results = $wpdb->get_row($sql); if ($results) { $order_processed = 'IPN'; } } ?> <?php get_header(); ?> <!-- CONTENT --> <div class="content"> <div class="content_botbg">
/** * Execute changes made in ClassiPress 3.1.0. * * @since 3.1.0 */ function cp_upgrade_310() { global $wpdb, $app_abbr, $app_version; $wpdb->query("ALTER TABLE " . $wpdb->prefix . "cp_ad_meta ADD `field_search` int(10) NOT NULL"); $wpdb->query("ALTER TABLE " . $wpdb->prefix . "cp_ad_fields ADD `field_min_length` int(11) NOT NULL"); $wpdb->query("ALTER TABLE " . $wpdb->prefix . "cp_ad_fields ADD `field_validation` LONGTEXT NULL"); $wpdb->query("ALTER TABLE " . $wpdb->prefix . "cp_ad_packs ADD `pack_type` VARCHAR(255) NOT NULL"); $wpdb->query("ALTER TABLE " . $wpdb->prefix . "cp_ad_packs ADD `pack_membership_price` DECIMAL(10,2) UNSIGNED NOT NULL DEFAULT '0'"); if (get_option($app_abbr . '_distance_unit') == false) { update_option($app_abbr . '_distance_unit', 'mi'); } if (get_option('embed_size_w') == false) { update_option('embed_size_w', 500); } // set the WP maximum embed size width if (get_option($app_abbr . '_membership_purchase_url') == false) { update_option($app_abbr . '_membership_purchase_url', 'membership'); } if (get_option($app_abbr . '_membership_purchase_confirm_url') == false) { update_option($app_abbr . '_membership_purchase_confirm_url', 'membership-confirm'); } /** * create and set new membership page templates */ $cur_ex_pages = array(); $wpdb->get_results("SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'membership' LIMIT 1"); if ($wpdb->num_rows == 0) { $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'membership', 'post_title' => 'Memberships'); $page_id = wp_insert_post($my_page); update_post_meta($page_id, '_wp_page_template', 'tpl-membership-purchase.php'); $cur_ex_pages[] = $page_id; } $wpdb->get_results("SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'membership-confirm' LIMIT 1"); if ($wpdb->num_rows == 0) { $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'membership-confirm', 'post_title' => 'Membership Confirmation'); $page_id = wp_insert_post($my_page); update_post_meta($page_id, '_wp_page_template', 'tpl-membership-confirm.php'); $cur_ex_pages[] = $page_id; } // check to see if array of page ids is empty // if not, add them to the pages to be excluded from the nav meta option. if (!empty($cur_ex_pages)) { $all_ex_pages = array(); // get all excluded pages $ex_pages = get_option($app_abbr . '_excluded_pages'); if ($ex_pages == true) { // put page ids into an array $ex_pages = explode(',', $ex_pages); // merge them with the new page ids $all_ex_pages = array_merge($ex_pages, $cur_ex_pages); // convert back to a comma separated string for saving $all_ex_pages = implode(',', $all_ex_pages); } else { // option doesn't exist so no existing page ids $all_ex_pages = implode(',', $cur_ex_pages); } // update with the new list of excluded page ids update_option($app_abbr . '_excluded_pages', appthemes_clean($all_ex_pages)); } update_option('cp_db_version', 1200); update_option($app_abbr . '_version', $app_version); }
/** * Handles form fields admin page. * * @return void */ function cp_custom_fields() { global $options_new_field, $wpdb, $current_user; $current_user = wp_get_current_user(); ?> <!-- show/hide the dropdown field values tr --> <script type="text/javascript"> /* <![CDATA[ */ jQuery(document).ready(function() { jQuery("#mainform").validate({errorClass: "invalid"}); }); function show(o){ if(o){switch(o.value){ case 'drop-down': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'radio': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'checkbox': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'text box': jQuery('#field_min_length_row').show(); jQuery('#field_values_row').hide(); break; default: jQuery('#field_values_row').hide(); jQuery('#field_min_length_row').hide(); }} } //show/hide immediately on document load jQuery(document).ready(function() { show(jQuery('#field_type').get(0)); }); //hide unwanted options for cp_currency field jQuery(document).ready(function() { var field_name = jQuery('#field_name').val(); if(field_name == 'cp_currency'){ jQuery("#field_type option[value='text box']").attr("disabled", "disabled"); jQuery("#field_type option[value='text area']").attr("disabled", "disabled"); jQuery("#field_type option[value='checkbox']").attr("disabled", "disabled"); } }); /* ]]> */ </script> <?php $theswitch = isset($_GET['action']) ? $_GET['action'] : ''; $admin_fields_url = get_admin_url('', 'edit.php?post_type=' . APP_POST_TYPE . '&page=fields'); switch ($theswitch) { case 'addfield': ?> <div class="wrap"> <h2><?php _e('New Custom Field', APP_TD); ?> </h2> <?php // check and make sure the form was submitted if (isset($_POST['submitted'])) { $_POST['field_search'] = ''; // we aren't using this field so set it to blank for now to prevent notice $data = array('field_name' => cp_make_custom_name($_POST['field_label'], 'fields'), 'field_label' => appthemes_clean($_POST['field_label']), 'field_desc' => appthemes_clean($_POST['field_desc']), 'field_tooltip' => appthemes_clean($_POST['field_tooltip']), 'field_type' => appthemes_clean($_POST['field_type']), 'field_values' => appthemes_clean($_POST['field_values']), 'field_search' => appthemes_clean($_POST['field_search']), 'field_owner' => appthemes_clean($_POST['field_owner']), 'field_created' => current_time('mysql'), 'field_modified' => current_time('mysql')); $insert = $wpdb->insert($wpdb->cp_ad_fields, $data); if ($insert) { do_action('cp_custom_fields', 'addfield', $wpdb->insert_id); ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Creating your field.....', APP_TD); ?> <br/><br/><img src="<?php echo get_template_directory_uri(); ?> /images/loader.gif" alt="" /> </p> <meta http-equiv="refresh" content="0; URL=<?php echo $admin_fields_url; ?> " > <?php } die; } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_db_fields($options_new_field); ?> <p class="submit"> <input class="btn button-primary" name="save" type="submit" value="<?php esc_attr_e('Create New Field', APP_TD); ?> " /> <input class="btn button-secondary" name="cancel" type="button" onClick="location.href='<?php echo $admin_fields_url; ?> '" value="<?php _e('Cancel', APP_TD); ?> " /> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo esc_attr($current_user->user_login); ?> " /> </p> </form> <?php } ?> </div><!-- end wrap --> <?php break; case 'editfield': ?> <div class="wrap"> <h2><?php _e('Edit Custom Field', APP_TD); ?> </h2> <?php if (isset($_POST['submitted']) && $_POST['submitted'] == 'yes') { $data = array('field_name' => appthemes_clean($_POST['field_name']), 'field_label' => appthemes_clean($_POST['field_label']), 'field_desc' => appthemes_clean($_POST['field_desc']), 'field_tooltip' => esc_attr(appthemes_clean($_POST['field_tooltip'])), 'field_type' => appthemes_clean($_POST['field_type']), 'field_values' => appthemes_clean($_POST['field_values']), 'field_min_length' => appthemes_clean($_POST['field_min_length']), 'field_owner' => appthemes_clean($_POST['field_owner']), 'field_modified' => current_time('mysql')); $wpdb->update($wpdb->cp_ad_fields, $data, array('field_id' => $_GET['id'])); do_action('cp_custom_fields', 'editfield', $_GET['id']); ?> <p style="text-align:center;padding-top:50px;font-size:22px;"> <?php _e('Saving your changes.....', APP_TD); ?> <br /><br /> <img src="<?php echo get_template_directory_uri(); ?> /images/loader.gif" alt="" /> </p> <meta http-equiv="refresh" content="0; URL=<?php echo $admin_fields_url; ?> "> <?php } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_db_fields($options_new_field, 'cp_ad_fields', 'field_id'); ?> <p class="submit"> <input class="btn button-primary" name="save" type="submit" value="<?php _e('Save changes', APP_TD); ?> " /> <input class="btn button-secondary" name="cancel" type="button" onClick="location.href='<?php echo $admin_fields_url; ?> '" value="<?php _e('Cancel', APP_TD); ?> " /> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo $current_user->user_login; ?> " /> </p> </form> <?php } ?> </div><!-- end wrap --> <?php break; case 'delete': // check and make sure this fields perms allow deletion $sql = $wpdb->prepare("SELECT field_perm FROM {$wpdb->cp_ad_fields} WHERE field_id = %d LIMIT 1", $_GET['id']); $results = $wpdb->get_row($sql); // if it's not greater than zero, then delete it if (!($results->field_perm > 0)) { do_action('cp_custom_fields', 'delete', $_GET['id']); $delete = $wpdb->prepare("DELETE FROM {$wpdb->cp_ad_fields} WHERE field_id = %d", $_GET['id']); $wpdb->query($delete); } ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Deleting custom field.....', APP_TD); ?> <br /><br /><img src="<?php echo get_template_directory_uri(); ?> /images/loader.gif" alt="" /></p> <meta http-equiv="refresh" content="0; URL=<?php echo $admin_fields_url; ?> "> <?php break; // show the table of all custom fields // show the table of all custom fields default: $sql = "SELECT * FROM {$wpdb->cp_ad_fields} ORDER BY field_name desc"; $results = $wpdb->get_results($sql); ?> <div class="wrap"> <h2><?php _e('Custom Fields', APP_TD); ?> <a class="add-new-h2" href="<?php echo esc_url(add_query_arg('action', 'addfield', $admin_fields_url)); ?> "><?php _e('Add New', APP_TD); ?> </a></h2> <p class="admin-msg"><?php _e('Custom fields allow you to customize your ad submission forms and collect more information. Each custom field needs to be added to a form layout in order to be visible on your website. You can create unlimited custom fields and each one can be used across multiple form layouts. It is highly recommended to NOT delete a custom field once it is being used on your ads because it could cause ad editing problems for your customers.', APP_TD); ?> </p> <table id="tblspacer" class="wp-list-table widefat fixed striped"> <thead> <tr> <th scope="col" class="manage-columns column-cfield-number">#</th> <th scope="col" class="manage-columns column-cfield-name"><?php _e('Name', APP_TD); ?> </th> <th scope="col" class="manage-columns column-cfield-type"><?php _e('Type', APP_TD); ?> </th> <th scope="col" class="manage-columns column-cfield-description"><?php _e('Description', APP_TD); ?> </th> <th scope="col" class="manage-columns column-cfield-modified"><?php _e('Modified', APP_TD); ?> </th> <th scope="col" class="manage-columns column-cfield-actions" style="text-align: center;"><?php _e('Actions', APP_TD); ?> </th> </tr> </thead> <?php if ($results) { ?> <tbody id="list"> <?php $rowclass = ''; $i = 1; foreach ($results as $result) { $rowclass = 'even' == $rowclass ? 'alt' : 'even'; ?> <tr class="<?php echo $rowclass; ?> "> <td class="column-cfield-number" style="padding-left:10px;"><?php echo $i; ?> .</td> <td class="column-cfield-name"><a href="<?php echo esc_url(add_query_arg(array('action' => 'editfield', 'id' => $result->field_id), $admin_fields_url)); ?> "><strong><?php echo esc_html(translate($result->field_label, APP_TD)); ?> </strong></a></td> <td class="column-cfield-type"><?php echo $result->field_type; ?> </td> <td class="column-cfield-description"><?php echo esc_html(translate($result->field_desc, APP_TD)); ?> </td> <td class="column-cfield-modified"><?php echo appthemes_display_date($result->field_modified); ?> <?php _e('by', APP_TD); ?> <?php echo $result->field_owner; ?> </td> <td class="column-cfield-actions" style="text-align:center"> <?php // show the correct edit options based on perms switch ($result->field_perm) { case '1': // core fields no editing // core fields no editing case '2': // core fields some editing ?> <a href="<?php echo esc_url(add_query_arg(array('action' => 'editfield', 'id' => $result->field_id), $admin_fields_url)); ?> "><i class="dashicons-before custom-forms-ico edit-properties wp-ui-text-highlight" title="<?php _e('Edit', APP_TD); ?> "></i></a> <i class="dashicons-before custom-forms-ico remove remove-disabled wp-ui-text-highlight" title="<?php _e('Delete', APP_TD); ?> "></i> <?php break; default: // regular fields full editing ?> <a href="<?php echo esc_url(add_query_arg(array('action' => 'editfield', 'id' => $result->field_id), $admin_fields_url)); ?> "><i class="dashicons-before custom-forms-ico edit-properties wp-ui-text-highlight" title="<?php _e('Edit', APP_TD); ?> "></i></a> <a onclick="return confirmBeforeDelete();" href="<?php echo esc_url(add_query_arg(array('action' => 'delete', 'id' => $result->field_id), $admin_fields_url)); ?> "><i class="dashicons-before custom-forms-ico remove wp-ui-text-highlight" title="<?php _e('Delete', APP_TD); ?> "></i></a> <?php break; } // endswitch ?> </td> </tr> <?php $i++; } // endforeach; ?> </tbody> <?php } else { ?> <tr> <td colspan="5"><?php _e('No custom fields found. This usually means your install script did not run correctly. Go back and try reactivating the theme again.', APP_TD); ?> </td> </tr> <?php } ?> </table> </div><!-- end wrap --> <?php } ?> <script type="text/javascript"> /* <![CDATA[ */ function confirmBeforeDelete() { return confirm("<?php _e('WARNING: Deleting this field will prevent any existing ads currently using this field from displaying the field value. Deleting fields is NOT recommended unless you do not have any existing ads using this field. Are you sure you want to delete this field?? (This cannot be undone)', APP_TD); ?> "); } /* ]]> */ </script> <?php }
function cp_cat_base() { if (appthemes_clean(get_option('category_base')) == '') { $cat_base = trailingslashit(get_bloginfo('url')) . 'category'; } else { $cat_base = trailingslashit(get_bloginfo('url')) . get_option('category_base'); } return $cat_base; }
function cp_custom_fields() { global $options_new_field, $wpdb, $current_user; $current_user = wp_get_current_user(); ?> <!-- show/hide the dropdown field values tr --> <script type="text/javascript"> /* <![CDATA[ */ jQuery(document).ready(function() { jQuery("#mainform").validate({errorClass: "invalid"}); }); function show(o){ if(o){switch(o.value){ case 'drop-down': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'radio': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'checkbox': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'text box': jQuery('#field_min_length_row').show(); jQuery('#field_values_row').hide(); break; default: jQuery('#field_values_row').hide(); jQuery('#field_min_length_row').hide(); }} } //show/hide immediately on document load jQuery(document).ready(function() { show(jQuery('#field_type').get(0)); }); //hide unwanted options for cp_currency field jQuery(document).ready(function() { var field_name = jQuery('#field_name').val(); if(field_name == 'cp_currency'){ jQuery("#field_type option[value='text box']").attr("disabled", "disabled"); jQuery("#field_type option[value='text area']").attr("disabled", "disabled"); jQuery("#field_type option[value='checkbox']").attr("disabled", "disabled"); } }); /* ]]> */ </script> <?php // check to prevent php "notice: undefined index" msg when php strict warnings is on if (isset($_GET['action'])) { $theswitch = $_GET['action']; } else { $theswitch = ''; } switch ($theswitch) { case 'addfield': ?> <div class="wrap"> <div class="icon32" id="icon-themes"><br /></div> <h2><?php _e('New Custom Field', APP_TD); ?> </h2> <?php cp_admin_info_box(); ?> <?php // check and make sure the form was submitted if (isset($_POST['submitted'])) { $_POST['field_search'] = ''; // we aren't using this field so set it to blank for now to prevent notice $data = array('field_name' => appthemes_clean(cp_make_custom_name($_POST['field_label'])), 'field_label' => appthemes_clean($_POST['field_label']), 'field_desc' => appthemes_clean($_POST['field_desc']), 'field_tooltip' => esc_attr(appthemes_clean($_POST['field_tooltip'])), 'field_type' => appthemes_clean($_POST['field_type']), 'field_values' => appthemes_clean($_POST['field_values']), 'field_search' => appthemes_clean($_POST['field_search']), 'field_owner' => appthemes_clean($_POST['field_owner']), 'field_created' => current_time('mysql'), 'field_modified' => current_time('mysql')); $insert = $wpdb->insert($wpdb->cp_ad_fields, $data); if ($insert) { ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Creating your field.....', APP_TD); ?> <br /><br /><img src="<?php bloginfo('template_directory'); ?> /images/loader.gif" alt="" /></p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php } die; } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_fields($options_new_field); ?> <p class="submit"><input class="btn button-primary" name="save" type="submit" value="<?php _e('Create New Field', APP_TD); ?> " /> <input name="cancel" type="button" onClick="location.href='?page=fields'" value="<?php _e('Cancel', APP_TD); ?> " /></p> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo $current_user->user_login; ?> " /> </form> <?php } ?> </div><!-- end wrap --> <?php break; case 'editfield': ?> <div class="wrap"> <div class="icon32" id="icon-themes"><br /></div> <h2><?php _e('Edit Custom Field', APP_TD); ?> </h2> <?php cp_admin_info_box(); ?> <?php if (isset($_POST['submitted']) && $_POST['submitted'] == 'yes') { $data = array('field_name' => appthemes_clean($_POST['field_name']), 'field_label' => appthemes_clean($_POST['field_label']), 'field_desc' => appthemes_clean($_POST['field_desc']), 'field_tooltip' => esc_attr(appthemes_clean($_POST['field_tooltip'])), 'field_type' => appthemes_clean($_POST['field_type']), 'field_values' => appthemes_clean($_POST['field_values']), 'field_min_length' => appthemes_clean($_POST['field_min_length']), 'field_owner' => appthemes_clean($_POST['field_owner']), 'field_modified' => current_time('mysql')); $wpdb->update($wpdb->cp_ad_fields, $data, array('field_id' => $_GET['id'])); ?> <p style="text-align:center;padding-top:50px;font-size:22px;"> <?php _e('Saving your changes.....', APP_TD); ?> <br /><br /> <img src="<?php bloginfo('template_directory'); ?> /images/loader.gif" alt="" /> </p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_db_fields($options_new_field, 'cp_ad_fields', 'field_id'); ?> <p class="submit"> <input class="btn button-primary" name="save" type="submit" value="<?php _e('Save changes', APP_TD); ?> " /> <input name="cancel" type="button" onClick="location.href='?page=fields'" value="<?php _e('Cancel', APP_TD); ?> " /> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo $current_user->user_login; ?> " /> </p> </form> <?php } ?> </div><!-- end wrap --> <?php break; case 'delete': // check and make sure this fields perms allow deletion $sql = $wpdb->prepare("SELECT field_perm FROM {$wpdb->cp_ad_fields} WHERE field_id = %d LIMIT 1", $_GET['id']); $results = $wpdb->get_row($sql); // if it's not greater than zero, then delete it if (!$results->field_perm > 0) { $delete = $wpdb->prepare("DELETE FROM {$wpdb->cp_ad_fields} WHERE field_id = %d", $_GET['id']); $wpdb->query($delete); } ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Deleting custom field.....', APP_TD); ?> <br /><br /><img src="<?php bloginfo('template_directory'); ?> /images/loader.gif" alt="" /></p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php break; // cp_custom_fields() show the table of all custom fields // cp_custom_fields() show the table of all custom fields default: $sql = "SELECT field_id, field_name, field_label, field_desc, field_tooltip, field_type, field_perm, field_owner, field_modified " . "FROM {$wpdb->cp_ad_fields} " . "ORDER BY field_name desc"; $results = $wpdb->get_results($sql); ?> <div class="wrap"> <div class="icon32" id="icon-tools"><br /></div> <h2><?php _e('Custom Fields', APP_TD); ?> <a class="button add-new-h2" href="?page=fields&action=addfield"><?php _e('Add New', APP_TD); ?> </a></h2> <?php cp_admin_info_box(); ?> <p class="admin-msg"><?php _e('Custom fields allow you to customize your ad submission forms and collect more information. Each custom field needs to be added to a form layout in order to be visible on your website. You can create unlimited custom fields and each one can be used across multiple form layouts. It is highly recommended to NOT delete a custom field once it is being used on your ads because it could cause ad editing problems for your customers.', APP_TD); ?> </p> <table id="tblspacer" class="widefat fixed"> <thead> <tr> <th scope="col" style="width:35px;"> </th> <th scope="col"><?php _e('Name', APP_TD); ?> </th> <th scope="col" style="width:100px;"><?php _e('Type', APP_TD); ?> </th> <th scope="col"><?php _e('Description', APP_TD); ?> </th> <th scope="col" style="width:150px;"><?php _e('Modified', APP_TD); ?> </th> <th scope="col" style="text-align:center;width:100px;"><?php _e('Actions', APP_TD); ?> </th> </tr> </thead> <?php if ($results) { ?> <tbody id="list"> <?php $rowclass = ''; $i = 1; foreach ($results as $result) { $rowclass = 'even' == $rowclass ? 'alt' : 'even'; ?> <tr class="<?php echo $rowclass; ?> "> <td style="padding-left:10px;"><?php echo $i; ?> .</td> <td><a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><strong><?php echo esc_html(translate($result->field_label, APP_TD)); ?> </strong></a></td> <td><?php echo $result->field_type; ?> </td> <td><?php echo esc_html(translate($result->field_desc, APP_TD)); ?> </td> <td><?php echo mysql2date(get_option('date_format') . ' ' . get_option('time_format'), $result->field_modified); ?> <?php _e('by', APP_TD); ?> <?php echo $result->field_owner; ?> </td> <td style="text-align:center"> <?php // show the correct edit options based on perms switch ($result->field_perm) { case '1': // core fields no editing ?> <a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><img src="<?php bloginfo('template_directory'); ?> /images/edit.png" alt="" /></a> <img src="<?php bloginfo('template_directory'); ?> /images/cross-grey.png" alt="" /> <?php break; case '2': // core fields some editing ?> <a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><img src="<?php bloginfo('template_directory'); ?> /images/edit.png" alt="" /></a> <img src="<?php bloginfo('template_directory'); ?> /images/cross-grey.png" alt="" /> <?php break; default: // regular fields full editing // don't change these two lines to plain html/php. Get t_else error msg echo '<a href="?page=fields&action=editfield&id=' . $result->field_id . '"><img src="' . get_bloginfo('template_directory') . '/images/edit.png" alt="" /></a> '; echo '<a onclick="return confirmBeforeDelete();" href="?page=fields&action=delete&id=' . $result->field_id . '"><img src="' . get_bloginfo('template_directory') . '/images/cross.png" alt="" /></a>'; } // endswitch ?> </td> </tr> <?php $i++; } //end foreach; //} // mystery bracket which makes it work ?> </tbody> <?php } else { ?> <tr> <td colspan="5"><?php _e('No custom fields found. This usually means your install script did not run correctly. Go back and try reactivating the theme again.', APP_TD); ?> </td> </tr> <?php } // end $results ?> </table> </div><!-- end wrap --> <?php } // endswitch ?> <script type="text/javascript"> /* <![CDATA[ */ function confirmBeforeDelete() { return confirm("<?php _e('WARNING: Deleting this field will prevent any existing ads currently using this field from displaying the field value. Deleting fields is NOT recommended unless you do not have any existing ads using this field. Are you sure you want to delete this field?? (This cannot be undone)', APP_TD); ?> "); } /* ]]> */ </script> <?php }
/** * Sends email to ad author from contact form. * * @param int $post_id * * @return object */ function cp_contact_ad_owner_email($post_id) { $errors = new WP_Error(); // check for required post data $expected = array('from_name', 'from_email', 'subject', 'message'); foreach ($expected as $field_name) { if (empty($_POST[$field_name])) { $errors->add('empty_field', __('ERROR: All fields are required.', APP_TD)); return $errors; } } // check for required anti-spam post data $expected_numbers = array('rand_total', 'rand_num', 'rand_num2'); foreach ($expected_numbers as $field_name) { if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) { $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD)); return $errors; } } // verify captcha answer $rand_post_total = (int) $_POST['rand_total']; $rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2']; if ($rand_total != $rand_post_total) { $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD)); } // verify email if (!is_email($_POST['from_email'])) { $errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD)); } // verify post $post = get_post($post_id); if (!$post) { $errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD)); } if ($errors->get_error_code()) { return $errors; } $author_email = get_the_author_meta('user_email', $post->post_author); $from_name = appthemes_filter(appthemes_clean($_POST['from_name'])); $from_email = appthemes_clean($_POST['from_email']); $subject = appthemes_filter(appthemes_clean($_POST['subject'])); $posted_message = appthemes_filter(appthemes_clean($_POST['message'])); $blogname = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES); $site_url = home_url('/'); $permalink = get_permalink($post_id); $message = html('p', sprintf(__('Someone is interested in your ad listing: %s', APP_TD), html_link($permalink))) . PHP_EOL; $message .= html('p', '"' . wordwrap(nl2br($posted_message), 70) . '"') . PHP_EOL; $message .= html('p', sprintf(__('Name: %s', APP_TD), $from_name) . '<br />' . sprintf(__('E-mail: %s', APP_TD), $from_email)) . PHP_EOL; $message .= html('p', __('-----------------', APP_TD) . '<br />' . sprintf(__('This message was sent from %s', APP_TD), $blogname) . '<br />' . html_link($site_url)) . PHP_EOL; $message .= html('p', sprintf(__('Sent from IP Address: %s', APP_TD), appthemes_get_ip())) . PHP_EOL; $email = array('to' => $author_email, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name); $email = apply_filters('cp_email_user_ad_contact', $email, $post_id); APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true)); appthemes_send_email($email['to'], $email['subject'], $email['message']); return $errors; }
function cp_custom_fields() { global $options_new_field, $wpdb, $current_user; $current_user = wp_get_current_user(); ?> <!-- show/hide the dropdown field values tr --> <script type="text/javascript"> /* <![CDATA[ */ jQuery(document).ready(function() { jQuery("#mainform").validate({errorClass: "invalid"}); }); function show(o){ if(o){switch(o.value){ case 'drop-down': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'radio': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'checkbox': jQuery('#field_values_row').show(); jQuery('#field_min_length_row').hide(); break; case 'text box': jQuery('#field_min_length_row').show(); jQuery('#field_values_row').hide(); break; default: jQuery('#field_values_row').hide();jQuery('#field_min_length_row').hide(); }} } //show/hide immediately on document load jQuery(document).ready(function() { show(jQuery('#field_type').get(0)); }); //hide unwanted options for cp_currency field jQuery(document).ready(function() { var field_name = jQuery('#field_name').val(); if(field_name == 'cp_currency'){ jQuery("#field_type option[value='text box']").attr("disabled","disabled"); jQuery("#field_type option[value='text area']").attr("disabled","disabled"); jQuery("#field_type option[value='checkbox']").attr("disabled","disabled"); } }); /* ]]> */ </script> <?php // check to prevent php "notice: undefined index" msg when php strict warnings is on if (isset($_GET['action'])) { $theswitch = $_GET['action']; } else { $theswitch = ''; } switch ($theswitch) { // Adds a new AV form filed to DB case 'addfield': ?> <div class="wrap"> <div class="icon32" id="icon-themes"><br /></div> <h2><?php _e('New Custom Field', 'appthemes'); ?> </h2> <?php cp_admin_info_box(); ?> <?php // check and make sure the form was submitted if (isset($_POST['submitted'])) { $_POST['field_search'] = ''; // we aren't using this field so set it to blank for now to prevent notice $insert = "INSERT INTO {$wpdb->cp_ad_fields} ( field_name, field_label, field_desc, field_tooltip, field_type, field_values, field_search, field_owner, field_max_value, field_min_value, field_created, field_modified ) VALUES ( '" . $wpdb->escape(appthemes_clean(cp_make_custom_name($_POST['field_label']))) . "','" . $wpdb->escape(appthemes_clean($_POST['field_label'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_desc'])) . "','" . $wpdb->escape(esc_attr(appthemes_clean($_POST['field_tooltip']))) . "','" . $wpdb->escape(appthemes_clean($_POST['field_type'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_values'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_search'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_owner'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_max_value'])) . "','" . $wpdb->escape(appthemes_clean($_POST['field_min_value'])) . "','" . current_time('mysql') . "','" . current_time('mysql') . "' )"; $results = $wpdb->query($insert); if ($results) { //$lastid = $wpdb->insert_id; //echo $lastid; ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Creating your field.....', 'appthemes'); ?> <br /><br /><img src="<?php echo bloginfo('template_directory'); ?> /images/loader.gif" alt="" /></p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php } die; } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_fields($options_new_field); ?> <p class="submit"><input class="btn button-primary" name="save" type="submit" value="<?php _e('Create New Field', 'appthemes'); ?> " /> <input name="cancel" type="button" onClick="location.href='?page=fields'" value="<?php _e('Cancel', 'appthemes'); ?> " /></p> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo $current_user->user_login; ?> " /> </form> <?php } ?> </div><!-- end wrap --> <?php break; // Updates an existing AV form filed from DB // Updates an existing AV form filed from DB case 'editfield': ?> <div class="wrap"> <div class="icon32" id="icon-themes"><br /></div> <h2>Genel Alanlari Duzenle</h2> <?php cp_admin_info_box(); ?> <?php if (isset($_POST['submitted']) && $_POST['submitted'] == 'yes') { // @todo Change to Update $update = $wpdb->prepare("UPDATE {$wpdb->cp_ad_fields} SET" . " field_name = %s," . " field_label = %s," . " field_desc = %s," . " field_tooltip = %s," . " field_type = %s," . " field_values = %s," . " field_min_length = %s," . " field_owner = %s," . " field_max_value = %s," . " field_min_value = %s," . " field_modified = %s" . " WHERE field_id = %s", appthemes_clean($_POST['field_name']), appthemes_clean($_POST['field_label']), appthemes_clean($_POST['field_desc']), esc_attr(appthemes_clean($_POST['field_tooltip'])), appthemes_clean($_POST['field_type']), appthemes_clean($_POST['field_values']), appthemes_clean($_POST['field_min_length']), appthemes_clean($_POST['field_owner']), appthemes_clean($_POST['field_max_value']), appthemes_clean($_POST['field_min_value']), current_time('mysql'), $_GET['id']); $results = $wpdb->query($update); ?> <p style="text-align:center;padding-top:50px;font-size:22px;"> <?php _e('Saving your changes.....', 'appthemes'); ?> <br /><br /> <img src="<?php echo bloginfo('template_directory'); ?> /images/loader.gif" alt="" /> </p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php } else { ?> <form method="post" id="mainform" action=""> <?php cp_admin_db_fields($options_new_field, 'cp_ad_fields', 'field_id'); ?> <p class="submit"> <input class="btn button-primary" name="save" type="submit" value="Degisiklikleri Kaydet" /> <input name="cancel" type="button" onClick="location.href='?page=fields'" value="Degisiklikleri iptal et" /> <input name="submitted" type="hidden" value="yes" /> <input name="field_owner" type="hidden" value="<?php echo $current_user->user_login; ?> " /> </p> </form> <?php } ?> </div><!-- end wrap --> <?php break; // Deletes an existing AV form filed from DB // Deletes an existing AV form filed from DB case 'delete': // check and make sure this fields perms allow deletion $sql = "SELECT field_perm " . "FROM {$wpdb->cp_ad_fields} " . "WHERE field_id = '" . $_GET['id'] . "' LIMIT 1"; $results = $wpdb->get_row($sql); // if it's not greater than zero, then delete it if (!$results->field_perm > 0) { $delete = "DELETE FROM {$wpdb->cp_ad_fields} WHERE field_id = '" . $_GET['id'] . "'"; $wpdb->query($delete); } ?> <p style="text-align:center;padding-top:50px;font-size:22px;"><?php _e('Deleting custom field.....', 'appthemes'); ?> <br /><br /><img src="<?php echo bloginfo('template_directory'); ?> /images/loader.gif" alt="" /></p> <meta http-equiv="refresh" content="0; URL=?page=fields"> <?php break; // cp_custom_fields() show the table of all custom fields // cp_custom_fields() show the table of all custom fields default: $sql = "SELECT field_id, field_name, field_label, field_desc, field_tooltip, field_type, field_perm, field_owner, field_modified " . "FROM {$wpdb->cp_ad_fields} " . "ORDER BY field_name desc"; $results = $wpdb->get_results($sql); ?> <div class="wrap"> <div class="icon32" id="icon-tools"><br /></div> <h2>Genel Alanlar <a class="button add-new-h2" href="?page=fields&action=addfield">Yeni Alan Ekle</a></h2> <?php cp_admin_info_box(); ?> <p class="admin-msg"><?php _e('Genel Alanlar Erisim Engeli Formlarinda kullanicilarin doldurduklari Erisim Engellerine bagli alanlari olusturmaktadir. Asagidaki tabloda tum Erisim Engeli Alanlari listelenmektedir. Yeni bir alan ekleyebilir ve var olan alanlari degistirebilirsiniz.', 'appthemes'); ?> </p> <table id="tblspacer" class="widefat fixed"> <thead> <tr> <th scope="col" style="width:35px;"> </th> <th scope="col"><?php _e('Alan Ismi', 'appthemes'); ?> </th> <th scope="col" style="width:100px;"><?php _e('Alan Tipi', 'appthemes'); ?> </th> <th scope="col"><?php _e('Alan Aciklamasi', 'appthemes'); ?> </th> <th scope="col" style="width:150px;"><?php _e('Degistiren', 'appthemes'); ?> </th> <th scope="col" style="text-align:center;width:100px;"><?php _e('Aksiyonlar', 'appthemes'); ?> </th> </tr> </thead> <?php if ($results) { ?> <tbody id="list"> <?php $rowclass = ''; $i = 1; foreach ($results as $result) { $rowclass = 'even' == $rowclass ? 'alt' : 'even'; ?> <tr class="<?php echo $rowclass; ?> "> <td style="padding-left:10px;"><?php echo $i; ?> .</td> <td><a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><strong><?php echo esc_html(translate($result->field_label, 'appthemes')); ?> </strong></a></td> <td><?php echo $result->field_type; ?> </td> <td><?php echo esc_html(translate($result->field_desc, 'appthemes')); ?> </td> <td><?php echo mysql2date(get_option('date_format') . ' ' . get_option('time_format'), $result->field_modified); ?> <?php _e('by', 'appthemes'); ?> <?php echo $result->field_owner; ?> </td> <td style="text-align:center"> <?php // show the correct edit options based on perms switch ($result->field_perm) { case '1': // core fields no editing ?> <a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><img src="<?php echo bloginfo('template_directory'); ?> /images/edit.png" alt="" /></a> <img src="<?php echo bloginfo('template_directory'); ?> /images/cross-grey.png" alt="" /> <?php break; case '2': // core fields some editing ?> <a href="?page=fields&action=editfield&id=<?php echo $result->field_id; ?> "><img src="<?php echo bloginfo('template_directory'); ?> /images/edit.png" alt="" /></a> <img src="<?php echo bloginfo('template_directory'); ?> /images/cross-grey.png" alt="" /> <?php break; default: // regular fields full editing // don't change these two lines to plain html/php. Get t_else error msg echo '<a href="?page=fields&action=editfield&id=' . $result->field_id . '"><img src="' . get_bloginfo('template_directory') . '/images/edit.png" alt="" /></a> '; echo '<a onclick="return confirmBeforeDelete();" href="?page=fields&action=delete&id=' . $result->field_id . '"><img src="' . get_bloginfo('template_directory') . '/images/cross.png" alt="" /></a>'; } // endswitch ?> </td> </tr> <?php $i++; } //end foreach; //} // mystery bracket which makes it work ?> </tbody> <?php } else { ?> <tr> <td colspan="5"><?php _e('No custom fields found. This usually means your install script did not run correctly. Go back and try reactivating the theme again.', 'appthemes'); ?> </td> </tr> <?php } // end $results ?> </table> </div><!-- end wrap --> <?php } // endswitch ?> <script type="text/javascript"> /* <![CDATA[ */ function confirmBeforeDelete() { return confirm("<?php _e('WARNING: Deleting this field will prevent any existing ads currently using this field from displaying the field value. Deleting fields is NOT recommended unless you do not have any existing ads using this field. Are you sure you want to delete this field?? (This cannot be undone)', 'appthemes'); ?> "); } /* ]]> */ </script> <?php }
function cp_create_pages() { global $wpdb, $app_abbr; $out = array(); // first check and make sure this page doesn't already exist $sql = "SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'dashboard' LIMIT 1"; $wpdb->get_results($sql); if ($wpdb->num_rows == 0) { // first create the dashboard page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'dashboard', 'post_title' => 'Dashboard'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-dashboard.php'); $out[] = $page_id; } // first check and make sure this page doesn't already exist $sql = "SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'profile' LIMIT 1"; $wpdb->get_results($sql); if ($wpdb->num_rows == 0) { // next create the profile page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'profile', 'post_title' => 'Profile'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-profile.php'); $out[] = $page_id; } // first check and make sure this page doesn't already exist $sql = "SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'edit-item' LIMIT 1"; $wpdb->get_results($sql); if ($wpdb->num_rows == 0) { // then create the edit item page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'edit-item', 'post_title' => 'Edit Item'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-edit-item.php'); $out[] = $page_id; } // first check and make sure this page doesn't already exist $sql = "SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'add-new' LIMIT 1"; $wpdb->get_results($sql); if ($wpdb->num_rows == 0) { // then create the edit item page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'add-new', 'post_title' => 'Add New'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-add-new.php'); $out[] = $page_id; } // first check and make sure this page doesn't already exist $wpdb->get_results("SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'add-new-confirm' LIMIT 1"); if ($wpdb->num_rows == 0) { // then create the edit item page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'add-new-confirm', 'post_title' => 'Add New Confirm'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-add-new-confirm.php'); $out[] = $page_id; } // first check and make sure this page doesn't already exist $wpdb->get_results("SELECT ID FROM " . $wpdb->posts . " WHERE post_name = 'blog' LIMIT 1"); if ($wpdb->num_rows == 0) { // then create the edit item page $my_page = array('post_status' => 'publish', 'post_type' => 'page', 'post_author' => 1, 'post_name' => 'blog', 'post_title' => 'Blog'); // Insert the page into the database $page_id = wp_insert_post($my_page); // Assign the page template to the new page update_post_meta($page_id, '_wp_page_template', 'tpl-blog.php'); // the blog page is different since we don't want to exclude it. // instead we need to insert the blog page id into an option field // it's used for pulling values into the breadcrumb if (get_option($app_abbr . '_blog_page_id') == false) { update_option($app_abbr . '_blog_page_id', $page_id); } } // check to see if array of page ids is empty // if not, add them to the pages to be excluded from the nav meta option. if (!empty($out)) { // take the array and put elements into a comma separated string $exclude_pages = implode(',', $out); // now insert the excluded pages meta option and the values if the option doesn't already exist if (get_option($app_abbr . '_excluded_pages') == false) { update_option($app_abbr . '_excluded_pages', appthemes_clean($exclude_pages)); } } }
/** * Returns cleaned fields that we expect. * * return array */ protected function clean_expected_fields() { global $cp_options; $posted = array(); foreach ($this->expected_fields() as $field) { $posted[$field] = isset($_POST[$field]) ? $_POST[$field] : ''; if (!is_array($posted[$field])) { $posted[$field] = appthemes_clean($posted[$field]); if (appthemes_str_starts_with($field, 'cp_')) { $posted[$field] = wp_kses_post($posted[$field]); } } else { $posted[$field] = array_map('appthemes_clean', $posted[$field]); if (appthemes_str_starts_with($field, 'cp_')) { $posted[$field] = array_map('wp_kses_post', $posted[$field]); } } if ($field == 'cp_price') { $posted[$field] = appthemes_clean_price($posted[$field]); } if ($field == 'tags_input') { $posted[$field] = appthemes_clean_tags($posted[$field]); $posted[$field] = wp_kses_post($posted[$field]); } if ($field == 'post_content') { // check to see if html is allowed if (!$cp_options->allow_html) { $posted[$field] = appthemes_filter($posted[$field]); } else { $posted[$field] = wp_kses_post($posted[$field]); } } if ($field == 'post_title') { $posted[$field] = appthemes_filter($posted[$field]); } } return $posted; }
function cp_formbuilder_buyer($results, $post = false) { global $wpdb, $cp_options; $custom_fields_array = array(); foreach ($results as $result) { // external plugins can modify or disable field $result = apply_filters('cp_formbuilder_field', $result, $post); // //var_dump($result); if (!$result) { continue; } if (appthemes_str_starts_with($result->field_name, 'cp_')) { $custom_fields_array[] = $result->field_name; } $post_meta_val = $post ? get_post_meta($post->ID, $result->field_name, true) : false; if ($result->field_name == 'post_content') { echo "</ol><ol>"; } ?> <li id="list_<?php echo esc_attr($result->field_name); ?> " <?php /*if($result->field_name=='post_title') echo 'style="display:none;"'; */ ?> > <?php /*?><div class="labelwrapper"> <label><?php if ( $result->field_tooltip ) { ?><a href="#" tip="<?php echo esc_attr( translate( $result->field_tooltip, APP_TD ) ); ?>" tabindex="999"><div class="helpico"></div></a><?php } ?><?php echo esc_html( translate( $result->field_label, APP_TD ) ); ?>: <?php if ( $result->field_req ) echo '<span class="colour">*</span>'; ?></label> <?php if ( ($result->field_type) == 'text area' && ( $cp_options->allow_html ) ) { // only show this for tinymce since it's hard to position the error otherwise ?> <br /><label class="invalid tinymce" for="<?php echo esc_attr($result->field_name); ?>"><?php _e( 'This field is required.', APP_TD ); ?></label> <?php } ?> </div><?php */ ?> <?php if ($result->field_name == 'cp_video_url') { continue; } switch ($result->field_type) { case 'text box': if (isset($_POST[$result->field_name])) { $value = wp_kses_post(appthemes_clean($_POST[$result->field_name])); } elseif ($result->field_name == 'post_title' && $post) { $value = $post->post_title; } elseif ($result->field_name == 'tags_input' && $post) { $value = rtrim(trim(cp_get_the_term_list($post->ID, APP_TAX_TAG)), ','); } else { $value = $post_meta_val; } if ($result->field_name == 'cp_price') { //echo html( 'input', $args ); echo '<label class="form-sub-label" for="first_3" id="sublabel_first" style="color:#fff;">Maximum Budget </label><br>'; } $field_class = $result->field_req ? 'text required' : 'text'; $field_minlength = empty($result->field_min_length) ? '2' : $result->field_min_length; $args = array('value' => $value, 'name' => $result->field_name, 'id' => $result->field_name, 'type' => 'text', 'class' => $field_class, 'minlength' => $field_minlength, 'placeholder' => $result->field_label); $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); echo html('input', $args); echo html('div', array('class' => 'clr')); break; case 'drop-down': case 'multiple-drop-down': $options = explode(',', $result->field_values); $options = array_map('trim', $options); $html_options = ''; if ($result->field_type == 'multiple-drop-down') { echo '<label class="form-sub-label mobileonly" for="first_3" id="sublabel_first" style="color:#fff;">' . $result->field_label . '</label><br>'; } $html_options .= html('option', array('value' => ''), __($result->field_label, APP_TD)); foreach ($options as $option) { $args = array('value' => $option); if ($option == $post_meta_val) { $args['selected'] = 'selected'; } $args = apply_filters('cp_formbuilder_' . $result->field_name . '_option', $args, $result, $post); $html_options .= html('option', $args, $option); } $field_class = $result->field_req ? 'dropdownlist required' : 'dropdownlist'; if ($result->field_type == 'multiple-drop-down') { $args = array('name' => $result->field_name . '[]', 'id' => $result->field_name . '[]', 'class' => $field_class, 'multiple' => "multiple"); } elseif ($result->field_type == 'drop-down' && $result->field_name == 'cp_age') { echo '<label class="form-sub-label mobileonly" for="first_3" id="sublabel_first" style="color:#fff;">' . $result->field_label . '</label><br>'; $args = array('name' => $result->field_name . '[]', 'id' => $result->field_name . '[]', 'class' => $field_class, 'multiple' => "multiple"); } elseif ($result->field_type == 'drop-down' && $result->field_name == 'cp_color') { echo '<label class="form-sub-label mobileonly" for="first_3" id="sublabel_first" style="color:#fff;">' . $result->field_label . '</label><br>'; $args = array('name' => $result->field_name . '[]', 'id' => $result->field_name . '[]', 'class' => $field_class, 'multiple' => "multiple"); } elseif ($result->field_type == 'drop-down' && $result->field_name == 'cp_state') { echo '<label class="form-sub-label mobileonly" for="first_3" id="sublabel_first" style="color:#fff;">' . $result->field_label . '</label><br>'; $args = array('name' => $result->field_name . '[]', 'id' => $result->field_name . '[]', 'class' => $field_class, 'multiple' => "multiple"); } else { $args = array('name' => $result->field_name, 'id' => $result->field_name, 'class' => $field_class); } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); echo html('select', $args, $html_options); echo html('div', array('class' => 'clr')); break; case 'text area': if (isset($_POST[$result->field_name])) { $value = wp_kses_post(appthemes_clean($_POST[$result->field_name])); } elseif ($result->field_name == 'post_content' && $post) { $value = $post->post_content; } else { $value = $post_meta_val; } $field_class = $result->field_req ? 'required' : ''; $field_minlength = empty($result->field_min_length) ? '2' : $result->field_min_length; $args = array('value' => $value, 'name' => $result->field_name, 'id' => $result->field_name, 'rows' => '8', 'cols' => '40', 'class' => $field_class, 'minlength' => $field_minlength, 'placeholder' => $result->field_label); $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $value = $args['value']; unset($args['value']); echo html('div', array('class' => 'clr')); echo html('textarea', $args, esc_textarea($value)); echo html('div', array('class' => 'clr')); ?> <?php if ($cp_options->allow_html && !wp_is_mobile()) { ?> <script type="text/javascript"> <!-- tinyMCE.execCommand('mceAddControl', false, '<?php echo esc_attr($result->field_name); ?> '); --></script> <?php } ?> <?php break; case 'radio': $options = explode(',', $result->field_values); $options = array_map('trim', $options); $html_radio = ''; $html_options = ''; if (!$result->field_req) { $args = array('value' => '', 'type' => 'radio', 'class' => 'radiolist', 'name' => $result->field_name, 'id' => $result->field_name); if (empty($post_meta_val)) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_radio = html('input', $args) . ' ' . __('None', APP_TD); $html_options .= html('li', array(), $html_radio); } foreach ($options as $option) { $field_class = $result->field_req ? 'radiolist required' : 'radiolist'; $args = array('value' => $option, 'type' => 'radio', 'class' => $field_class, 'name' => $result->field_name, 'id' => $result->field_name); if ($option == $post_meta_val) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_radio = html('input', $args) . ' ' . $option; $html_options .= html('li', array(), $html_radio); } echo html('ol', array('class' => 'radios'), $html_options); echo html('div', array('class' => 'clr')); break; case 'checkbox': $post_meta_val = $post ? get_post_meta($post->ID, $result->field_name, false) : array(); $options = explode(',', $result->field_values); $options = array_map('trim', $options); $optionCursor = 1; $html_checkbox = ''; $html_options = ''; foreach ($options as $option) { $field_class = $result->field_req ? 'checkboxlist required' : 'checkboxlist'; $args = array('value' => $option, 'type' => 'checkbox', 'class' => $field_class, 'name' => $result->field_name . '[]', 'id' => $result->field_name . '_' . $optionCursor++); if (in_array($option, $post_meta_val)) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_checkbox = html('input', $args) . ' ' . $option; $html_options .= html('li', array(), $html_checkbox); } echo html('ol', array('class' => 'checkboxes'), $html_options); echo html('div', array('class' => 'clr')); break; } ?> </li> <?php } // put all the custom field names into an hidden field so we can process them on save //$custom_fields_vals['cp_type' //var_dump($custom_fields_array); $custom_fields_array[] = 'cp_type'; //var_dump($custom_fields_array); //exit; $custom_fields_vals = implode(',', $custom_fields_array); echo html('input', array('type' => 'hidden', 'name' => 'custom_fields_vals', 'value' => $custom_fields_vals)); cp_action_formbuilder($results, $post); }
/** * Handles adding reports via ajax * * @return void */ public static function ajax_add_report() { if ('POST' != $_SERVER['REQUEST_METHOD']) { die(json_encode(array('success' => false, 'message' => __('Sorry, only post method allowed.', APP_TD)))); } $id = isset($_POST['id']) ? (int) $_POST['id'] : 0; if ($id < 1) { die(json_encode(array('success' => false, 'message' => __('Sorry, item does not exist.', APP_TD)))); } if (!isset($_POST['type']) || !in_array($_POST['type'], array('post', 'user'))) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid item type.', APP_TD)))); } if ($_POST['type'] == 'user' && !appthemes_reports_get_args('users')) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid item type.', APP_TD)))); } if (!isset($_POST['report']) || appthemes_clean($_POST['report']) != $_POST['report']) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid report message.', APP_TD)))); } if (!isset($_POST['nonce']) || !wp_verify_nonce($_POST['nonce'], 'add-report')) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid request.', APP_TD)))); } $item = $_POST['type'] == 'post' ? get_post($id) : get_userdata($id); if (!$item) { die(json_encode(array('success' => false, 'message' => __('Sorry, item does not exist.', APP_TD)))); } $options = appthemes_load_reports_options(); if ($options->get(array('reports', 'users_only')) && !is_user_logged_in()) { die(json_encode(array('success' => false, 'message' => __('Sorry, only registered users can report.', APP_TD)))); } $comment = array('comment_content' => appthemes_clean($_POST['report'])); if ($_POST['type'] == 'post') { $comment['comment_post_ID'] = $id; $report = appthemes_create_report($comment); if (!$report) { die(json_encode(array('success' => false, 'message' => __('Sorry, could not create report.', APP_TD)))); } APP_Report_Comments_Email_Notify::notify_admin($report); } else { $report = appthemes_create_user_report($id, $comment); if (!$report) { die(json_encode(array('success' => false, 'message' => __('Sorry, could not create report.', APP_TD)))); } } die(json_encode(array('success' => true, 'message' => __('Thank you. Report has been submitted.', APP_TD)))); }
function cp_contact_ad_owner_email2($post_id, $files) { $errors = new WP_Error(); // check for required post data $expected = array('from_name', 'from_email', 'subject', 'message'); foreach ($expected as $field_name) { if (empty($_POST[$field_name])) { $errors->add('empty_field', __('ERROR: All fields are required.', APP_TD)); return $errors; } } // check for required anti-spam post data $expected_numbers = array('rand_total', 'rand_num', 'rand_num2'); foreach ($expected_numbers as $field_name) { if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) { $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD)); return $errors; } } // verify captcha answer $rand_post_total = (int) $_POST['rand_total']; $rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2']; if ($rand_total != $rand_post_total) { $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD)); } // verify email if (!is_email($_POST['from_email'])) { $errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD)); } // verify post $post = get_post($post_id); if (!$post) { $errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD)); } if ($errors->get_error_code()) { return $errors; } $mailto = get_the_author_meta('user_email', $post->post_author); $from_name = appthemes_filter(appthemes_clean($_POST['from_name'])); $from_email = appthemes_clean($_POST['from_email']); $subject = appthemes_filter(appthemes_clean($_POST['subject'])); $posted_message = appthemes_filter(appthemes_clean($_POST['message'])); $sitename = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES); $siteurl = home_url('/'); $permalink = get_permalink($post_id); $message = sprintf(__('Someone is interested in your ad listing: %s', APP_TD), $permalink) . "\r\n\r\n"; $message .= '"' . wordwrap($posted_message, 70) . '"' . "\r\n\r\n"; $message .= sprintf(__('Name: %s', APP_TD), $from_name) . "\r\n"; $message .= sprintf(__('E-mail: %s', APP_TD), $from_email) . "\r\n\r\n"; $message .= '-----------------------------------------' . "\r\n"; $message .= sprintf(__('This message was sent from %s', APP_TD), $sitename) . "\r\n"; $message .= $siteurl . "\r\n\r\n"; $message .= __('Sent from IP Address: ', APP_TD) . appthemes_get_ip() . "\r\n\r\n"; $email = array('to' => $mailto, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name); $email = apply_filters('cp_email_user_ad_contact', $email, $post_id); APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true)); $resumes = explode(',', $files[0]); $attachments = array(); foreach ($resumes as $resume) { array_push($attachments, WP_CONTENT_DIR . '/themes/classiclean/server/files/' . $resume); } wp_mail($email['to'], $email['subject'], $email['message'], null, $attachments); return $errors; }
function cp_membership_reminder_cron() { global $wpdb, $cp_options; if (!$cp_options->membership_ending_reminder_email) { return; } $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); $subject = sprintf(__('Membership Subscription Ending on %s', APP_TD), $blogname); $siteurl = home_url('/'); $days_before = $cp_options->membership_ending_reminder_days; $days_before = is_numeric($days_before) ? $days_before : 7; $timestamp = wp_next_scheduled('cp_send_membership_reminder'); $timestamp = $timestamp - 1 * 24 * 60 * 60 + get_option('gmt_offset') * 3600; // minus 1 day to get current schedule time, plus GMT offset $date_max = date('Y-m-d H:i:s', $timestamp + $days_before * 24 * 60 * 60); $date_min = date('Y-m-d H:i:s', $timestamp + ($days_before - 1) * 24 * 60 * 60); $query_users = $wpdb->prepare("SELECT {$wpdb->users}.ID FROM {$wpdb->users}\n\t\tLEFT JOIN {$wpdb->usermeta} ON {$wpdb->users}.ID = {$wpdb->usermeta}.user_id\n\t\tWHERE {$wpdb->usermeta}.meta_key = 'membership_expires'\n\t\tAND {$wpdb->usermeta}.meta_value < %s\n\t\tAND {$wpdb->usermeta}.meta_value > %s\n\t\t", $date_max, $date_min); $userids = $wpdb->get_col($query_users); if (!$userids) { return; } foreach ($userids as $user_id) { $user = get_userdata($user_id); $mailto = $user->user_email; $user_login = appthemes_clean($user->user_login); $membership = get_pack($user->active_membership_pack); $membership_pack_name = appthemes_clean($membership->pack_name); $membership_expires = appthemes_display_date($user->membership_expires); $message = html('p', sprintf(__('Hi %s,', APP_TD), $user_login)) . PHP_EOL; $message .= html('p', sprintf(__('Your membership pack will expire in %d days! Please renew your membership to continue posting classified ads.', APP_TD), $days_before)) . PHP_EOL; $message_details = __('Membership Details', APP_TD) . '<br />'; $message_details .= __('-----------------', APP_TD) . '<br />'; $message_details .= sprintf(__('Membership Pack: %s', APP_TD), $membership_pack_name) . '<br />'; $message_details .= sprintf(__('Membership Expires: %s', APP_TD), $membership_expires) . '<br />'; $message_details .= sprintf(__('Renew Your Membership Pack: %s', APP_TD), CP_MEMBERSHIP_PURCHASE_URL) . '<br />'; $message .= html('p', $message_details) . PHP_EOL; $message .= html('p', sprintf(__('For questions or problems, please contact us directly at %s', APP_TD), get_option('admin_email'))); $message .= html('p', __('Regards,', APP_TD) . '<br />' . sprintf(__('Your %s Team', APP_TD), $blogname)); $message .= html('p', $siteurl); $email = array('to' => $mailto, 'subject' => $subject, 'message' => $message); $email = apply_filters('cp_email_user_membership_reminder', $email, $order); appthemes_send_email($email['to'], $email['subject'], $email['message']); } }
function cp_formbuilder($results, $post = false) { global $cp_options; $custom_fields_array = array(); foreach ($results as $result) { // external plugins can modify or disable field $result = apply_filters('cp_formbuilder_field', $result, $post); if (!$result) { continue; } if (appthemes_str_starts_with($result->field_name, 'cp_')) { $custom_fields_array[] = $result->field_name; } $post_meta_val = $post ? get_post_meta($post->ID, $result->field_name, true) : false; ?> <li id="list_<?php echo esc_attr($result->field_name); ?> "> <div class="labelwrapper"> <label><?php echo esc_html(translate($result->field_label, APP_TD)); ?> <?php if ($result->field_req) { echo '<span class="colour">(*)</span>'; } ?> </label> </div> <?php $show_tooltip = !empty($result->field_tooltip); if ($show_tooltip) { echo html('a href="#" tip="' . esc_attr(translate($result->field_tooltip, APP_TD)) . '" tabindex="999"', html('div class="dashicons-before helpico"', ' ')); } else { } switch ($result->field_type) { case 'text box': if (isset($_POST[$result->field_name])) { $value = wp_kses_post(appthemes_clean($_POST[$result->field_name])); } elseif ($result->field_name == 'post_title' && $post) { $value = $post->post_title; } elseif ($result->field_name == 'tags_input' && $post) { $value = rtrim(trim(cp_get_the_term_list($post->ID, APP_TAX_TAG)), ','); } else { $value = $post_meta_val; } $field_class = $result->field_req ? 'text required' : 'text'; if ('cp_price' == $result->field_name && $cp_options->clean_price_field) { $field_class .= ' number'; } $field_minlength = empty($result->field_min_length) ? '0' : $result->field_min_length; $args = array('value' => $value, 'name' => $result->field_name, 'id' => $result->field_name, 'type' => 'text', 'class' => $field_class, 'minlength' => $field_minlength); $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); echo html('input', $args); break; case 'drop-down': $options = explode(',', $result->field_values); $options = array_map('trim', $options); $html_options = ''; $html_options .= html('option', array('value' => ''), __('-- Select --', APP_TD)); foreach ($options as $option) { $args = array('value' => $option); if ($option == $post_meta_val) { $args['selected'] = 'selected'; } $args = apply_filters('cp_formbuilder_' . $result->field_name . '_option', $args, $result, $post); $html_options .= html('option', $args, $option); } $field_class = $result->field_req ? 'dropdownlist required' : 'dropdownlist'; $args = array('name' => $result->field_name, 'id' => $result->field_name, 'class' => $field_class); $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); echo html('select', $args, $html_options); break; case 'text area': if (isset($_POST[$result->field_name])) { $value = wp_kses_post(appthemes_clean($_POST[$result->field_name])); } elseif ($result->field_name == 'post_content' && $post) { $value = $post->post_content; } else { $value = $post_meta_val; } $field_class = $result->field_req ? 'required' : ''; $field_minlength = empty($result->field_min_length) ? '15' : $result->field_min_length; $args = array('value' => $value, 'name' => $result->field_name, 'id' => $result->field_name, 'rows' => '8', 'cols' => '40', 'class' => $field_class, 'minlength' => $field_minlength); $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $value = $args['value']; unset($args['value']); if ($cp_options->allow_html && !wp_is_mobile()) { cp_editor($value, $args); } else { echo html('textarea', $args, esc_textarea($value)); } break; case 'radio': $options = explode(',', $result->field_values); $options = array_map('trim', $options); $html_radio = ''; $html_options = ''; if (!$result->field_req) { $args = array('value' => '', 'type' => 'radio', 'class' => 'radiolist', 'name' => $result->field_name, 'id' => $result->field_name); if (empty($post_meta_val)) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_radio = html('input', $args) . ' ' . __('None', APP_TD); $html_options .= html('li', array(), $html_radio); } foreach ($options as $option) { $field_class = $result->field_req ? 'radiolist required' : 'radiolist'; $args = array('value' => $option, 'type' => 'radio', 'class' => $field_class, 'name' => $result->field_name, 'id' => $result->field_name); if ($option == $post_meta_val) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_radio = html('input', $args) . ' ' . $option; $html_options .= html('li', array(), $html_radio); } echo html('ol', array('class' => 'radios'), $html_options); break; case 'checkbox': $post_meta_val = $post ? get_post_meta($post->ID, $result->field_name, false) : array(); $options = explode(',', $result->field_values); $options = array_map('trim', $options); $optionCursor = 1; $html_checkbox = ''; $html_options = ''; foreach ($options as $option) { $field_class = $result->field_req ? 'checkboxlist required' : 'checkboxlist'; $args = array('value' => $option, 'type' => 'checkbox', 'class' => $field_class, 'name' => $result->field_name . '[]', 'id' => $result->field_name . '_' . $optionCursor++); if (in_array($option, $post_meta_val)) { $args['checked'] = 'checked'; } $args = apply_filters('cp_formbuilder_' . $result->field_name, $args, $result, $post); $html_checkbox = html('input', $args) . ' ' . $option; $html_options .= html('li', array(), $html_checkbox); } echo html('ol', array('class' => 'checkboxes'), $html_options); break; } ?> </li> <?php echo html('div', array('class' => 'clr')); } // put all the custom field names into an hidden field so we can process them on save $custom_fields_vals = implode(',', $custom_fields_array); echo html('input', array('type' => 'hidden', 'name' => 'custom_fields_vals', 'value' => $custom_fields_vals)); cp_action_formbuilder($results, $post); }
*/ /** * This script is the landing page after payment has been processed * by PayPal or other gateways. It is expecting a unique ad id which * was randomly generated during the ad submission. It is stored in * the cp_sys_ad_conf_id custom field. If this page is loaded and no * matching ad id is found or the ad is already published then * show an error message instead of doing any db updates * * @package ClassiPress * @author AppThemes * @version 3.0 * */ global $wpdb, $current_user; $oid = isset($_REQUEST['oid']) ? appthemes_clean($_REQUEST['oid']) : false; $order = get_user_orders($current_user->ID, $oid); //if the order was found by OID, setup the order details into the $order variable if (isset($order) && $order) { $order = get_option($order); } //make sure the order sent from payment gateway is logged in the database and that the current user created it if (isset($order['order_id']) && $order['order_id'] == $oid && $order['user_id'] == $current_user->ID) { $order_processed = appthemes_process_membership_order($current_user, $order); //send email to user if ($order_processed) { cp_owner_activated_membership_email($current_user, $order_processed); } } else { $order_processed = false; // check and make sure this transaction hasn't already been added
cp_update_alt_text(); } // upload the images and put into the new ad array if (!empty($_FILES['image'])) { $postvals = cp_process_new_image(); } if (!empty($_POST['app_attach_id'])) { $postvals['app_attach_id'] = $_POST['app_attach_id']; } if (!empty($_POST['app_attach_title'])) { $postvals['app_attach_title'] = $_POST['app_attach_title']; } // put all the posted form values into an array foreach ($_POST as $key => $value) { if (!is_array($_POST[$key])) { $postvals[$key] = appthemes_clean($value); } else { $postvals[$key] = array_map('appthemes_clean', $value); } } // keep only numeric, commas or decimal values $postvals['cp_price'] = empty($_POST['cp_price']) ? '' : appthemes_clean_price($_POST['cp_price']); if (isset($postvals['cp_currency']) && !empty($postvals['cp_currency'])) { $price_curr = $postvals['cp_currency']; } else { $price_curr = $cp_options->curr_symbol; } // keep only values and insert/strip commas if needed if (!empty($_POST['tags_input'])) { $postvals['tags_input'] = appthemes_clean_tags($_POST['tags_input']); $_POST['tags_input'] = $postvals['tags_input'];
/** * Sends email reminder about ending membership plan, default is 7 days before expire. * Cron jobs execute the following function once per day. * * @return void */ function cp_membership_reminder_cron() { global $wpdb, $cp_options; if (!$cp_options->membership_ending_reminder_email) { return; } $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES); $subject = sprintf(__('Membership Subscription Ending on %s', APP_TD), $blogname); $siteurl = home_url('/'); $days_before = $cp_options->membership_ending_reminder_days; $days_before = is_numeric($days_before) ? $days_before : 7; $timestamp = wp_next_scheduled('cp_send_membership_reminder'); $timestamp = $timestamp - 1 * 24 * 60 * 60 + get_option('gmt_offset') * 3600; // minus 1 day to get current schedule time, plus GMT offset $date_max = date('Y-m-d H:i:s', $timestamp + $days_before * 24 * 60 * 60); $date_min = date('Y-m-d H:i:s', $timestamp + ($days_before - 1) * 24 * 60 * 60); $query_users = $wpdb->prepare("SELECT {$wpdb->users}.ID FROM {$wpdb->users}\n\t\tLEFT JOIN {$wpdb->usermeta} ON {$wpdb->users}.ID = {$wpdb->usermeta}.user_id\n\t\tWHERE {$wpdb->usermeta}.meta_key = 'membership_expires'\n\t\tAND {$wpdb->usermeta}.meta_value < %s\n\t\tAND {$wpdb->usermeta}.meta_value > %s\n\t\t", $date_max, $date_min); $userids = $wpdb->get_col($query_users); if (!$userids) { return; } $users = array(); foreach ($userids as $user_id) { $user = get_userdata($user_id); $mailto = $user->user_email; $user_login = appthemes_clean($user->user_login); $membership = cp_get_membership_package($user->active_membership_pack); $membership_pack_name = appthemes_clean($membership->pack_name); $membership_expires = appthemes_display_date($user->membership_expires); $message = html('p', sprintf(__('Hi %s,', APP_TD), $user_login)) . PHP_EOL; $message .= html('p', sprintf(__('Your membership pack will expire in %d days! Please renew your membership to continue posting classified ads.', APP_TD), $days_before)) . PHP_EOL; $message_details = __('Membership Details', APP_TD) . '<br />'; $message_details .= __('-----------------', APP_TD) . '<br />'; $message_details .= sprintf(__('Membership Pack: %s', APP_TD), $membership_pack_name) . '<br />'; $message_details .= sprintf(__('Membership Expires: %s', APP_TD), $membership_expires) . '<br />'; $message_details .= sprintf(__('Renew Your Membership Pack: %s', APP_TD), html_link(CP_MEMBERSHIP_PURCHASE_URL)) . '<br />'; $message .= html('p', $message_details) . PHP_EOL; $message .= html('p', sprintf(__('For questions or problems, please contact us directly at %s', APP_TD), get_option('admin_email'))); $message .= html('p', __('Regards,', APP_TD) . '<br />' . sprintf(__('Your %s Team', APP_TD), $blogname)); $message .= html('p', html_link($siteurl)); $email = array('to' => $mailto, 'subject' => $subject, 'message' => $message); $email = apply_filters('cp_email_user_membership_reminder', $email, $user_id); appthemes_send_email($email['to'], $email['subject'], $email['message']); $users[$user_id] = array('user' => html_link(sprintf('mailto:%s', $user->user_email), $user->user_login), 'membership' => $membership->pack_name, 'expires' => $user->membership_expires); } // allow overriding admin notifications if (!apply_filters('cp_admin_membership_reminder', true, $users)) { return; } ### notify admin // loop through the users again to notify the admin about expiring memberships foreach ($users as $user_id => $data) { $items[] = $data; } if (!empty($items)) { $table = new APP_Email_Table($items); $admin_email = get_option('admin_email'); $message = html('p', __('Dear Admin,', APP_TD)) . PHP_EOL; $message .= html('p', sprintf(__('Membership pack for these users expire in %d days! These users will need to renew their membership to continue posting classified ads on your site:', APP_TD), $days_before)) . PHP_EOL; $message .= html('p', $table->display()) . PHP_EOL; $email = array('to' => $admin_email, 'subject' => $subject, 'message' => $message); appthemes_send_email($email['to'], $email['subject'], $email['message']); } }