public function skip_contact($skip, $form_id, $inline_shortcodes)
{
if ($skip) {
return $skip;
}
$params = array();
$params['comment_author'] = strtr(atmb_get_field('form_akismet_author', $form_id), $inline_shortcodes);
$params['comment_author_email'] = strtr(atmb_get_field('form_akismet_author_email', $form_id), $inline_shortcodes);
$params['comment_author_url'] = strtr(atmb_get_field('form_akismet_author_url', $form_id), $inline_shortcodes);
$params['comment_content'] = strtr(atmb_get_field('form_akismet_content', $form_id), $inline_shortcodes);
$params['blog'] = get_option('home');
$params['blog_lang'] = get_locale();
$params['blog_charset'] = get_option('blog_charset');
$params['user_ip'] = POJO_FORMS()->helpers->get_client_ip();
$params['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$params['referrer'] = $_SERVER['HTTP_REFERER'];
// http://blog.akismet.com/2012/06/19/pro-tip-tell-us-your-comment_type/
$params['comment_type'] = 'contact-form';
$ignore = array('HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW');
foreach ($_SERVER as $key => $value) {
if (!in_array($key, $ignore) && is_string($value)) {
$params[$key] = $value;
}
}
if ($this->remote_check_comment($params)) {
$skip = true;
}
return $skip;
}
public function mail_validation($form_id)
{
$recaptcha = atmb_get_field('form_recaptcha_enable', $form_id);
if ('enable' === $recaptcha) {
if (empty($_POST['g-recaptcha-response'])) {
wp_send_json_error(array('message' => __('The Captcha field cannot be blank. Please enter a value.', 'pojo-forms')));
}
$recaptcha_errors = array('missing-input-secret' => __('The secret parameter is missing.', 'pojo-forms'), 'invalid-input-secret' => __('The secret parameter is invalid or malformed.', 'pojo-forms'), 'missing-input-response' => __('The response parameter is missing.', 'pojo-forms'), 'invalid-input-response' => __('The response parameter is invalid or malformed.', 'pojo-forms'));
$recaptcha_response = $_POST['g-recaptcha-response'];
$recaptcha_secret = atmb_get_field('form_recaptcha_secret_key', $form_id);
$client_ip = POJO_FORMS()->helpers->get_client_ip();
$request = array('body' => array('secret' => $recaptcha_secret, 'response' => $recaptcha_response, 'remoteip' => $client_ip));
$response = wp_remote_post('https://www.google.com/recaptcha/api/siteverify', $request);
$response_code = wp_remote_retrieve_response_code($response);
if (200 !== $response_code) {
wp_send_json_error(array('message' => sprintf(__('Can not connect to the reCAPTCHA server (%d).', 'pojo-forms'), $response_code)));
}
$body = wp_remote_retrieve_body($response);
$result = json_decode($body, true);
if (!$result['success']) {
$message = __('Invalid Form', 'pojo-forms');
$result_errors = array_flip($result['error-codes']);
foreach ($recaptcha_errors as $error_key => $error_desc) {
if (isset($result_errors[$error_key])) {
$message = $recaptcha_errors[$error_key];
break;
}
}
wp_send_json_error(array('message' => $message));
}
}
}
public static function get_message($form_id, $id)
{
$message_type = atmb_get_field('form_messages', $form_id);
if (empty($message_type)) {
return self::get_default_message($id);
}
$message = atmb_get_field('form_message_' . $id, $form_id);
if (empty($message)) {
return self::get_default_message($id);
}
return $message;
}
public function do_shortcode($atts = array())
{
$atts = wp_parse_args($atts, array('id' => 0));
if (empty($atts['id'])) {
return '';
}
$form = get_post($atts['id']);
if (!$form || 'pojo_forms' !== $form->post_type) {
return '';
}
$repeater_fields = atmb_get_field_without_type('fields', 'form_', $form->ID);
if (empty($repeater_fields)) {
return '';
}
$rows = array();
foreach ($repeater_fields as $field_index => $field) {
$field_html = $this->_get_field_html($form->ID, $field_index + 1, $field);
if (!empty($field_html)) {
$rows[] = $field_html;
}
}
// No found any fields, so return empty string
if (empty($rows)) {
return '';
}
$recaptcha_html = '';
$recaptcha = atmb_get_field('form_recaptcha_enable', $form->ID);
if ('enable' === $recaptcha) {
$recaptcha_html .= '<div class="field-group column-12">';
$recaptcha_site_key = atmb_get_field('form_recaptcha_site_key', $form->ID);
$recaptcha_secret_key = atmb_get_field('form_recaptcha_secret_key', $form->ID);
if (empty($recaptcha_site_key)) {
$recaptcha_html .= __('ERROR for site owner: Invalid site key', 'pojo-forms');
} elseif (empty($recaptcha_secret_key)) {
$recaptcha_html .= __('ERROR for site owner: Invalid secret key', 'pojo-forms');
} else {
wp_enqueue_script('recaptcha-api');
$recaptcha_attributes = array('class' => 'pojo-g-recaptcha', 'data-sitekey' => $recaptcha_site_key);
$recaptcha_style = atmb_get_field('form_recaptcha_style', $form->ID);
if (!empty($recaptcha_style)) {
$recaptcha_attributes['data-theme'] = $recaptcha_style;
}
$recaptcha_size = atmb_get_field('form_recaptcha_size', $form->ID);
if (!empty($recaptcha_size)) {
$recaptcha_attributes['data-size'] = $recaptcha_size;
}
$recaptcha_html .= '<div ' . pojo_array_to_attributes($recaptcha_attributes) . '></div>';
}
$recaptcha_html .= '</div>';
}
$forms_html = '<div class="columns">';
$forms_html .= implode("\n", $rows);
$forms_html .= $recaptcha_html;
$forms_html .= $this->_get_button_html($form->ID);
$forms_html .= '</div>';
$form_align_text = atmb_get_field('form_style_align_text', $form->ID);
if (empty($form_align_text) || !in_array($form_align_text, array('top', 'inside', 'right', 'left'))) {
$form_align_text = 'top';
}
$form_style_inline = array();
$fields_style = atmb_get_field('form_style_fields_style', $form->ID);
if ('custom' === $fields_style) {
$label_size = atmb_get_field('form_style_fields_lbl_size', $form->ID);
if (!empty($text_size)) {
$form_style_inline[] = 'font-size:' . $label_size;
}
$label_color = atmb_get_field('form_style_fields_lbl_color', $form->ID);
if (!empty($label_color)) {
$form_style_inline[] = 'color:' . $label_color;
}
}
$edit_form_link = '';
if (current_user_can('publish_posts') && !is_admin()) {
$edit_form_link = sprintf('<a href="%s" class="button size-small edit-form edit-link"><i class="fa fa-pencil"></i> %s</a>', get_edit_post_link($form->ID), __('Edit Form', 'pojo-forms'));
}
$forms_html = sprintf('<form class="pojo-form pojo-form-%3$d pojo-form-ajax form-align-%1$s"%2$s action="" method="post">
<input type="hidden" name="action" value="pojo_form_contact_submit" />
<input type="hidden" name="form_id" value="%3$d" />
%4$s
%5$s
%6$s
</form>', $form_align_text, !empty($form_style_inline) ? ' style="' . implode(';', $form_style_inline) . '"' : '', $form->ID, wp_nonce_field('contact-form-send-' . $form->ID, '_nonce', true, false), $forms_html, $edit_form_link);
$this->_form_index++;
return $forms_html;
}
public function form_contact_submit()
{
$return_array = array('fields' => array(), 'link' => '');
if (empty($_POST['form_id'])) {
$return_array['message'] = Pojo_Forms_Messages::get_default_message(Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$form = get_post(absint($_POST['form_id']));
if (!$form || 'pojo_forms' !== $form->post_type || !isset($_POST['_nonce']) || !wp_verify_nonce($_POST['_nonce'], 'contact-form-send-' . $form->ID)) {
$return_array['message'] = Pojo_Forms_Messages::get_default_message(Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$repeater_fields = atmb_get_field_without_type('fields', 'form_', $form->ID);
if (empty($repeater_fields)) {
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::INVALID_FORM);
wp_send_json_error($return_array);
}
$this->_files = array();
foreach ($repeater_fields as $field_index => $field) {
$field_name = 'form_field_' . ($field_index + 1);
$field_label = $field['name'];
// TODO: Valid by field type
if ($field['required'] && empty($_POST[$field_name]) && $field['type'] != 'file') {
$return_array['fields'][$field_name] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::FIELD_REQUIRED);
}
if ('file' === $field['type']) {
$file_upload_error = array(UPLOAD_ERR_OK => __('There is no error, the file uploaded with success.', 'pojo-forms'), UPLOAD_ERR_INI_SIZE => __('The uploaded file exceeds the upload_max_filesize directive in php.ini.', 'pojo-forms'), UPLOAD_ERR_FORM_SIZE => __('The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.', 'pojo-forms'), UPLOAD_ERR_PARTIAL => __('The uploaded file was only partially uploaded.', 'pojo-forms'), UPLOAD_ERR_NO_FILE => __('No file was uploaded.', 'pojo-forms'), UPLOAD_ERR_NO_TMP_DIR => __('Missing a temporary folder.', 'pojo-forms'), UPLOAD_ERR_CANT_WRITE => __('Failed to write file to disk.', 'pojo-forms'), UPLOAD_ERR_EXTENSION => __('A PHP extension stopped the file upload. PHP does not provide a way to ascertain which extension caused the file upload to stop; examining the list of loaded extensions with phpinfo() may help.', 'pojo-forms'));
// The file is required?
$is_file_uploaded = isset($_FILES[$field_name]) && UPLOAD_ERR_NO_FILE !== $_FILES[$field_name]['error'];
if (!$is_file_uploaded) {
if ($field['required']) {
$return_array['fields'][$field_name] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::FIELD_REQUIRED);
}
continue;
}
$file = $_FILES[$field_name];
// Has any error with upload the file?
if ($file['error'] > UPLOAD_ERR_OK && UPLOAD_ERR_NO_FILE !== $file['error'] && empty($return_array['fields'])) {
$error_code = $file['error'];
$return_array['fields'][$field_name] = $file_upload_error[$error_code];
}
// File type validation
if (empty($field['file_types'])) {
$field['file_types'] = 'jpg,jpeg,png,gif,pdf,doc,docx,ppt,pptx,odt,avi,ogg,m4a,mov,mp3,mp4,mpg,wav,wmv';
}
$file_extension = pathinfo($file['name'], PATHINFO_EXTENSION);
$file_types_meta = explode(',', $field['file_types']);
$file_types_meta = array_map('trim', $file_types_meta);
if (!in_array($file_extension, $file_types_meta) && empty($return_array['fields'])) {
$return_array['fields'][$field_name] = __('This file type is not allowed.', 'pojo-forms');
}
// File size validation
$file_size_meta = $field['file_sizes'] * pow(1024, 2);
$upload_file_size = $file['size'];
if ($upload_file_size > $file_size_meta && empty($return_array['fields'])) {
$return_array['fields'][$field_name] = __('This file size is to big, try smaller one.', 'pojo-forms');
}
// If we don't have any errors
if (empty($return_array['fields'])) {
$uploads_dir = POJO_FORMS()->helpers->get_upload_dir();
$filename = uniqid() . '.' . $file_extension;
$filename = wp_unique_filename($uploads_dir, $filename);
$new_file = trailingslashit($uploads_dir) . $filename;
if (is_dir($uploads_dir) && is_writable($uploads_dir)) {
$move_new_file = @move_uploaded_file($file['tmp_name'], $new_file);
if (false !== $move_new_file) {
// Set correct file permissions.
$perms = 0644;
@chmod($new_file, $perms);
$this->_files[$field_label] = $new_file;
} else {
$return_array['fields'][$field_name] = __('There was an error while trying uploading your file.', 'pojo-forms');
}
} else {
$return_array['fields'][$field_name] = __('Upload directory is not writable, or does not exist.', 'pojo-forms');
}
}
}
}
// End foreach
// This action for private used.
// Please do not use this action for this moment.
do_action('__pojo_forms_mail_validation', $form->ID);
if (empty($return_array['fields'])) {
$email_to = trim(atmb_get_field('form_email_to', $form->ID));
$email_subject = trim(atmb_get_field('form_email_subject', $form->ID));
if (empty($email_subject)) {
$email_subject = sprintf(__('New message from "%s"', 'pojo-forms'), get_bloginfo('name'));
}
$email_html = '';
$inline_shortcodes = $field_values = array();
foreach ($repeater_fields as $field_index => $field) {
$field_name = 'form_field_' . ($field_index + 1);
$field_label = $field['name'];
$field_value = '';
if (isset($_POST[$field_name])) {
$field_value = stripslashes_deep($_POST[$field_name]);
if (is_array($field_value)) {
$field_value = implode(', ', $field_value);
}
}
if (isset($this->_files[$field_label])) {
$field_value = $this->_get_file_url($this->_files[$field_label]);
}
$inline_shortcodes[$field['shortcode']] = $field_value;
$field_values[] = array('title' => $field['name'], 'value' => $field_value);
$email_html .= sprintf('%s: %s' . PHP_EOL, $field['name'], $field_value);
}
$metadata_types = (array) atmb_get_field('form_metadata', $form->ID, Pojo_MetaBox::FIELD_CHECKBOX_LIST);
if (!empty($metadata_types)) {
$email_html .= PHP_EOL . '---' . PHP_EOL . PHP_EOL;
$tmpl_line_html = '%s: %s' . PHP_EOL;
foreach ($metadata_types as $metadata_type) {
switch ($metadata_type) {
case 'time':
$email_html .= sprintf($tmpl_line_html, __('Time', 'pojo-forms'), date('H:i', current_time('timestamp')));
break;
case 'date':
$email_html .= sprintf($tmpl_line_html, __('Date', 'pojo-forms'), date('d/m/Y', current_time('timestamp')));
break;
case 'page_url':
$title = __('Page URL', 'pojo-forms');
$value = home_url($_POST['_wp_http_referer']);
$field_values[] = array('title' => $title, 'value' => $value);
$email_html .= sprintf($tmpl_line_html, $title, $value);
break;
case 'user_agent':
$title = __('User Agent', 'pojo-forms');
$value = $_SERVER['HTTP_USER_AGENT'];
$field_values[] = array('title' => $title, 'value' => $value);
$email_html .= sprintf($tmpl_line_html, $title, $value);
break;
case 'remote_ip':
$email_html .= sprintf($tmpl_line_html, __('Remote IP', 'pojo-forms'), POJO_FORMS()->helpers->get_client_ip());
break;
case 'credit':
$email_html .= apply_filters('pojo_forms_email_credit', __('Powered by http://pojo.me/', 'pojo-forms')) . PHP_EOL;
break;
}
}
}
$skip = apply_filters('pojo_forms_skip_contact', false, $form->ID, $inline_shortcodes);
if (!$skip) {
$email_from_name = atmb_get_field('form_email_form_name', $form->ID);
if (empty($email_from_name)) {
$email_from_name = get_bloginfo('name');
}
$email_from = atmb_get_field('form_email_form', $form->ID);
if (empty($email_from)) {
$email_from = get_bloginfo('admin_email');
}
$email_reply_to = atmb_get_field('form_email_reply_to', $form->ID);
if (empty($email_reply_to)) {
$email_reply_to = $email_from;
}
$email_subject = strtr($email_subject, $inline_shortcodes);
$email_from_name = strtr($email_from_name, $inline_shortcodes);
$email_from = strtr($email_from, $inline_shortcodes);
$email_reply_to = strtr($email_reply_to, $inline_shortcodes);
$headers = sprintf('From: %s <%s>' . "\r\n", $email_from_name, $email_from);
$headers .= sprintf('Reply-To: %s' . "\r\n", $email_reply_to);
$headers = apply_filters('pojo_forms_wp_mail_headers', $headers);
// Temp filter
$email_html = apply_filters('pojo_forms_wp_mail_message', $email_html);
wp_mail($email_to, $email_subject, $email_html, $headers);
do_action('pojo_forms_mail_sent', $form->ID, $field_values, $this->_files);
} else {
do_action('pojo_forms_mail_blocked', $form->ID);
}
$redirect_to = atmb_get_field('form_redirect_to', $form->ID);
if (empty($redirect_to) || !filter_var($redirect_to, FILTER_VALIDATE_URL)) {
$redirect_to = '';
}
$return_array['link'] = $redirect_to;
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::SUCCESS);
wp_send_json_success($return_array);
} else {
$return_array['message'] = Pojo_Forms_Messages::get_message($form->ID, Pojo_Forms_Messages::ERROR);
wp_send_json_error($return_array);
}
wp_send_json_error($return_array);
die;
}
