Example #1
0
 /**
  * Handle admin ajax
  *
  * @since 2.0
  */
 public function admin_ajax()
 {
     if (false === headers_sent()) {
         pods_session_start();
         header('Content-Type: text/html; charset=' . get_bloginfo('charset'));
     }
     // Sanitize input
     $params = pods_unslash((array) $_POST);
     foreach ($params as $key => $value) {
         if ('action' == $key) {
             continue;
         }
         unset($params[$key]);
         $params[str_replace('_podsfix_', '', $key)] = $value;
     }
     $params = (object) $params;
     $component = $params->component;
     $method = $params->method;
     if (!isset($component) || !isset($this->components[$component]) || !isset($this->settings['components'][$component])) {
         pods_error('Invalid AJAX request', $this);
     }
     if (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, 'pods-component-' . $component . '-' . $method)) {
         pods_error('Unauthorized request', $this);
     }
     // Cleaning up $params
     unset($params->action);
     unset($params->component);
     unset($params->method);
     unset($params->_wpnonce);
     $params = (object) apply_filters('pods_component_ajax_' . $component . '_' . $method, $params, $component, $method);
     $output = false;
     // Component init
     if (isset($this->components[$component]['object']) && method_exists($this->components[$component]['object'], 'init')) {
         $this->components[$component]['object']->init($this->settings['components'][$component], $component);
     }
     // Handle internal methods
     if (isset($this->components[$component]['object']) && !method_exists($this->components[$component]['object'], 'ajax_' . $method) && method_exists($this, 'admin_ajax_' . $method)) {
         $output = call_user_func(array($this, 'admin_ajax_' . $method), $component, $params);
     } elseif (!isset($this->components[$component]['object']) || !method_exists($this->components[$component]['object'], 'ajax_' . $method)) {
         pods_error('API method does not exist', $this);
     } else {
         $output = call_user_func(array($this->components[$component]['object'], 'ajax_' . $method), $params);
     }
     if (!is_bool($output)) {
         echo $output;
     }
     die;
     // KBAI!
 }
Example #2
0
$uri_hash = wp_create_nonce('pods_uri_' . $_SERVER['REQUEST_URI']);
$field_hash = wp_create_nonce('pods_fields_' . implode(',', array_keys($submittable_fields)));
$uid = @session_id();
if (is_user_logged_in()) {
    $uid = 'user_' . get_current_user_id();
}
$nonce = wp_create_nonce('pods_form_' . $pod->pod . '_' . $uid . '_' . ($duplicate ? 0 : $pod->id()) . '_' . $uri_hash . '_' . $field_hash);
if (isset($_POST['_pods_nonce'])) {
    $action = __('saved', 'pods');
    if ('create' == pods_var_raw('do', 'post', 'save')) {
        $action = __('created', 'pods');
    } elseif ('duplicate' == pods_var_raw('do', 'get', 'save')) {
        $action = __('duplicated', 'pods');
    }
    try {
        $params = pods_unslash((array) $_POST);
        $id = $pod->api->process_form($params, $pod, $fields, $thank_you);
        $message = sprintf(__('<strong>Success!</strong> %s %s successfully.', 'pods'), $obj->item, $action);
        if (0 < strlen(pods_var('detail_url', $pod->pod_data['options']))) {
            $message .= ' <a target="_blank" href="' . $pod->field('detail_url') . '">' . sprintf(__('View %s', 'pods'), $obj->item) . '</a>';
        }
        $error = sprintf(__('<strong>Error:</strong> %s %s successfully.', 'pods'), $obj->item, $action);
        if (0 < $id) {
            echo $obj->message($message);
        } else {
            echo $obj->error($error);
        }
    } catch (Exception $e) {
        echo $obj->error($e->getMessage());
    }
} elseif (isset($_GET['do'])) {
Example #3
0
 /**
  * Handle ajax calls for the administration
  */
 public function admin_ajax()
 {
     if (false === headers_sent()) {
         pods_session_start();
         header('Content-Type: text/html; charset=' . get_bloginfo('charset'));
     }
     // Sanitize input
     $params = pods_unslash((array) $_POST);
     foreach ($params as $key => $value) {
         if ('action' == $key) {
             continue;
         }
         // Fixup $_POST data
         $_POST[str_replace('_podsfix_', '', $key)] = $_POST[$key];
         // Fixup $params with unslashed data
         $params[str_replace('_podsfix_', '', $key)] = $value;
         // Unset the _podsfix_* keys
         unset($params[$key]);
     }
     $params = (object) $params;
     $methods = array('add_pod' => array('priv' => true), 'save_pod' => array('priv' => true), 'load_sister_fields' => array('priv' => true), 'process_form' => array('custom_nonce' => true), 'upgrade' => array('priv' => true), 'migrate' => array('priv' => true));
     $methods = apply_filters('pods_admin_ajax_methods', $methods, $this);
     if (!isset($params->method) || !isset($methods[$params->method])) {
         pods_error('Invalid AJAX request', $this);
     }
     $defaults = array('priv' => null, 'name' => $params->method, 'custom_nonce' => null);
     $method = (object) array_merge($defaults, (array) $methods[$params->method]);
     if (true !== $method->custom_nonce && (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, 'pods-' . $params->method))) {
         pods_error(__('Unauthorized request', 'pods'), $this);
     }
     // Cleaning up $params
     unset($params->action);
     unset($params->method);
     if (true !== $method->custom_nonce) {
         unset($params->_wpnonce);
     }
     // Check permissions (convert to array to support multiple)
     if (!empty($method->priv) && !pods_is_admin(array('pods')) && true !== $method->priv && !pods_is_admin($method->priv)) {
         pods_error(__('Access denied', 'pods'), $this);
     }
     $params->method = $method->name;
     $params = apply_filters('pods_api_' . $method->name, $params, $method);
     $api = pods_api();
     if ('upgrade' == $method->name) {
         $output = (string) pods_upgrade($params->version)->ajax($params);
     } elseif ('migrate' == $method->name) {
         $output = (string) apply_filters('pods_api_migrate_run', $params);
     } else {
         if (!method_exists($api, $method->name)) {
             pods_error('API method does not exist', $this);
         } elseif ('save_pod' == $method->name) {
             if (isset($params->field_data_json) && is_array($params->field_data_json)) {
                 $params->fields = $params->field_data_json;
                 unset($params->field_data_json);
                 foreach ($params->fields as $k => $v) {
                     if (empty($v)) {
                         unset($params->fields[$k]);
                     } elseif (!is_array($v)) {
                         $params->fields[$k] = (array) @json_decode($v, true);
                     }
                 }
             }
         }
         // Dynamically call the API method
         $params = (array) $params;
         $output = call_user_func(array($api, $method->name), $params);
     }
     // Output in json format
     if (false !== $output) {
         if (is_array($output) || is_object($output)) {
             wp_send_json($output);
         } else {
             echo $output;
         }
     } else {
         pods_error('There was a problem with your request.');
     }
     die;
     // KBAI!
 }
/**
 * Return a variable (if exists)
 *
 * @param mixed $var The variable name, can also be a modifier for specific types
 * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates
 * @param mixed $default (optional) The default value to set if variable doesn't exist
 * @param bool $strict (optional) Only allow values (must not be empty)
 * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
 *
 * @return mixed The variable (if exists), or default value
 * @since 2.3.10
 */
function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array())
{
    $defaults = array('casting' => false, 'allowed' => null);
    $params = (object) array_merge($defaults, (array) $params);
    $output = null;
    if (null === $type || '' === $type) {
        // Invalid $type
    } elseif (is_array($type)) {
        if (isset($type[$var])) {
            $output = $type[$var];
        }
    } elseif (is_object($type)) {
        if (isset($type->{$var})) {
            $output = $type->{$var};
        }
    } else {
        $type = strtolower((string) $type);
        switch ($type) {
            case 'get':
                if (isset($_GET[$var])) {
                    $output = pods_unslash($_GET[$var]);
                }
                break;
            case 'post':
                if (isset($_POST[$var])) {
                    $output = pods_unslash($_POST[$var]);
                }
                break;
            case 'request':
                if (isset($_REQUEST[$var])) {
                    $output = pods_unslash($_REQUEST[$var]);
                }
                break;
            case 'url':
            case 'uri':
                $url = parse_url(pods_current_url());
                $uri = trim($url['path'], '/');
                $uri = array_filter(explode('/', $uri));
                if ('first' == $var) {
                    $var = 0;
                } elseif ('last' == $var) {
                    $var = -1;
                }
                if (is_numeric($var)) {
                    $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
                }
                break;
            case 'url-relative':
                $url_raw = pods_current_url();
                $prefix = get_site_url();
                if (substr($url_raw, 0, strlen($prefix)) == $prefix) {
                    $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw));
                }
                $url = parse_url($url_raw);
                $uri = trim($url['path'], '/');
                $uri = array_filter(explode('/', $uri));
                if ('first' == $var) {
                    $var = 0;
                } elseif ('last' == $var) {
                    $var = -1;
                }
                if (is_numeric($var)) {
                    $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
                }
                break;
            case 'template-url':
                $output = get_template_directory_uri();
                break;
            case 'stylesheet-url':
                $output = get_stylesheet_directory_uri();
                break;
            case 'site-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_site_url($blog_id, $path, $scheme);
                break;
            case 'home-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_home_url($blog_id, $path, $scheme);
                break;
            case 'admin-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_admin_url($blog_id, $path, $scheme);
                break;
            case 'includes-url':
                $output = includes_url($var);
                break;
            case 'content-url':
                $output = content_url($var);
                break;
            case 'plugins-url':
                $path = $plugin = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $plugin = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = plugins_url($path, $plugin);
                break;
            case 'network-site-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_site_url($path, $scheme);
                break;
            case 'network-home-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_home_url($path, $scheme);
                break;
            case 'network-admin-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_admin_url($path, $scheme);
                break;
            case 'user-admin-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = user_admin_url($path, $scheme);
                break;
            case 'prefix':
                global $wpdb;
                $output = $wpdb->prefix;
                break;
            case 'server':
                if (!pods_strict()) {
                    if (isset($_SERVER[$var])) {
                        $output = pods_unslash($_SERVER[$var]);
                    } elseif (isset($_SERVER[strtoupper($var)])) {
                        $output = pods_unslash($_SERVER[strtoupper($var)]);
                    }
                }
                break;
            case 'session':
                if (isset($_SESSION[$var])) {
                    $output = $_SESSION[$var];
                }
                break;
            case 'global':
            case 'globals':
                if (isset($GLOBALS[$var])) {
                    $output = $GLOBALS[$var];
                }
                break;
            case 'cookie':
                if (isset($_COOKIE[$var])) {
                    $output = pods_unslash($_COOKIE[$var]);
                }
                break;
            case 'constant':
                if (defined($var)) {
                    $output = constant($var);
                }
                break;
            case 'user':
                if (is_user_logged_in()) {
                    $user = get_userdata(get_current_user_id());
                    if (isset($user->{$var})) {
                        $value = $user->{$var};
                    } elseif ('role' == $var) {
                        $value = '';
                        if (!empty($user->roles)) {
                            $value = array_shift($user->roles);
                        }
                    } else {
                        $value = get_user_meta($user->ID, $var);
                    }
                    if (is_array($value) && !empty($value)) {
                        $output = $value;
                    } elseif (!is_array($value) && 0 < strlen($value)) {
                        $output = $value;
                    }
                }
                break;
            case 'option':
                $output = get_option($var, $default);
                break;
            case 'site-option':
                $output = get_site_option($var, $default);
                break;
            case 'transient':
                $output = get_transient($var);
                break;
            case 'site-transient':
                $output = get_site_transient($var);
                break;
            case 'cache':
                if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
                    $group = 'default';
                    $force = false;
                    if (!is_array($var)) {
                        $var = explode('|', $var);
                    }
                    if (isset($var[0])) {
                        if (isset($var[1])) {
                            $group = $var[1];
                        }
                        if (isset($var[2])) {
                            $force = $var[2];
                        }
                        $var = $var[0];
                        $output = wp_cache_get($var, $group, $force);
                    }
                }
                break;
            case 'pods-transient':
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $callback = $var[1];
                    }
                    $var = $var[0];
                    $output = pods_transient_get($var, $callback);
                }
                break;
            case 'pods-site-transient':
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $callback = $var[1];
                    }
                    $var = $var[0];
                    $output = pods_site_transient_get($var, $callback);
                }
                break;
            case 'pods-cache':
                if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
                    $group = 'default';
                    $callback = null;
                    if (!is_array($var)) {
                        $var = explode('|', $var);
                    }
                    if (isset($var[0])) {
                        if (isset($var[1])) {
                            $group = $var[1];
                        }
                        if (isset($var[2])) {
                            $callback = $var[2];
                        }
                        $var = $var[0];
                        $output = pods_cache_get($var, $group, $callback);
                    }
                }
                break;
            case 'pods-option-cache':
                $group = 'default';
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $group = $var[1];
                    }
                    if (isset($var[2])) {
                        $callback = $var[2];
                    }
                    $var = $var[0];
                    $output = pods_option_cache_get($var, $group, $callback);
                }
                break;
            case 'date':
                $var = explode('|', $var);
                if (!empty($var)) {
                    $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false);
                }
                break;
            case 'pods':
            case 'pods_display':
                /**
                 * @var $pods Pods
                 */
                global $pods;
                if (is_object($pods) && 'Pods' == get_class($pods)) {
                    if ('pods' === $type) {
                        $output = $pods->field($var);
                        if (is_array($output)) {
                            $options = array('field' => $var, 'fields' => $pods->fields);
                            $output = pods_serial_comma($output, $options);
                        }
                    } elseif ('pods_display' === $type) {
                        $output = $pods->display($var);
                    }
                }
                break;
            default:
                $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params);
        }
    }
    if (null !== $default) {
        // Set default
        if (null === $output) {
            $output = $default;
        }
        // Casting
        if (true === $params->casting) {
            $output = pods_cast($output, $default);
        }
    }
    // Strict defaults for empty values
    if (true === $strict) {
        if (empty($output)) {
            $output = $default;
        }
    }
    // Allowed values
    if (null !== $params->allowed) {
        if (is_array($params->allowed)) {
            // Not in array and is not the same array
            if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) {
                $output = $default;
            }
        } elseif ($output !== $params->allowed) {
            // Value doesn't match
            $output = $default;
        }
    }
    return $output;
}
 /**
  * Handle autocomplete AJAX
  *
  * @since 2.3
  */
 public function admin_ajax_relationship()
 {
     pods_session_start();
     // Sanitize input
     $params = pods_unslash((array) $_POST);
     foreach ($params as $key => $value) {
         if ('action' == $key) {
             continue;
         }
         unset($params[$key]);
         $params[str_replace('_podsfix_', '', $key)] = $value;
     }
     $params = (object) $params;
     $uid = @session_id();
     if (is_user_logged_in()) {
         $uid = 'user_' . get_current_user_id();
     }
     $nonce_check = 'pods_relationship_' . (int) $params->pod . '_' . $uid . '_' . $params->uri . '_' . (int) $params->field;
     if (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, $nonce_check)) {
         pods_error(__('Unauthorized request', 'pods'), PodsInit::$admin);
     }
     $api = pods_api();
     $pod = $api->load_pod(array('id' => (int) $params->pod));
     $field = $api->load_field(array('id' => (int) $params->field, 'table_info' => true));
     $id = (int) $params->id;
     $limit = 15;
     if (isset($params->limit)) {
         $limit = (int) $params->limit;
     }
     $page = 1;
     if (isset($params->page)) {
         $page = (int) $params->page;
     }
     if (!isset($params->query) || strlen(trim($params->query)) < 1) {
         pods_error(__('Invalid field request', 'pods'), PodsInit::$admin);
     } elseif (empty($pod) || empty($field) || $pod['id'] != $field['pod_id'] || !isset($pod['fields'][$field['name']])) {
         pods_error(__('Invalid field request', 'pods'), PodsInit::$admin);
     } elseif ('pick' != $field['type'] || empty($field['table_info'])) {
         pods_error(__('Invalid field', 'pods'), PodsInit::$admin);
     } elseif ('single' == pods_var(self::$type . '_format_type', $field) && 'autocomplete' == pods_var(self::$type . '_format_single', $field)) {
         pods_error(__('Invalid field', 'pods'), PodsInit::$admin);
     } elseif ('multi' == pods_var(self::$type . '_format_type', $field) && 'autocomplete' == pods_var(self::$type . '_format_multi', $field)) {
         pods_error(__('Invalid field', 'pods'), PodsInit::$admin);
     }
     $object_params = array('name' => $field['name'], 'value' => null, 'options' => array_merge($field, $field['options']), 'pod' => $pod, 'id' => $id, 'context' => 'admin_ajax_relationship', 'data_params' => $params, 'page' => $page, 'limit' => $limit);
     $pick_data = apply_filters('pods_field_pick_data_ajax', null, $field['name'], null, $field, $pod, $id);
     if (null !== $pick_data) {
         $items = $pick_data;
     } else {
         $items = $this->get_object_data($object_params);
     }
     if (!empty($items) && isset($items[0]) && !is_array($items[0])) {
         $new_items = array();
         foreach ($items as $id => $text) {
             $new_items[] = array('id' => $id, 'text' => $text, 'image' => '');
         }
         $items = $new_items;
     }
     $items = apply_filters('pods_field_pick_data_ajax_items', $items, $field['name'], null, $field, $pod, $id);
     $items = array('results' => $items);
     wp_send_json($items);
     die;
     // KBAI!
 }
Example #6
0
 /**
  * @param $comment_id
  */
 public function save_comment($comment_id)
 {
     $groups = $this->groups_get('comment', 'comment');
     if (empty($groups)) {
         return $comment_id;
     } elseif (empty($_POST)) {
         return $comment_id;
     } elseif (!wp_verify_nonce(pods_v('pods_meta', 'post'), 'pods_meta_comment')) {
         return $comment_id;
     }
     $data = array();
     $id = $comment_id;
     $pod = null;
     foreach ($groups as $group) {
         if (empty($group['fields'])) {
             continue;
         }
         if (null === $pod || is_object($pod) && $pod->id() != $id) {
             if (!is_object(self::$current_pod) || self::$current_pod->pod != $group['pod']['name']) {
                 self::$current_pod = pods($group['pod']['name'], $id, true);
             } elseif (self::$current_pod->id() != $id) {
                 self::$current_pod->fetch($id);
             }
             $pod = self::$current_pod;
         }
         foreach ($group['fields'] as $field) {
             if (false === PodsForm::permission($field['type'], $field['name'], $field, $group['fields'], $pod, $id)) {
                 if (!pods_var('hidden', $field['options'], false)) {
                     continue;
                 }
             }
             $data[$field['name']] = '';
             if (isset($_POST['pods_meta_' . $field['name']])) {
                 $data[$field['name']] = $_POST['pods_meta_' . $field['name']];
             }
         }
     }
     do_action('pods_meta_save_pre_comment', $data, $pod, $id, $groups);
     if (!empty($pod)) {
         // Fix for Pods doing it's own sanitization
         $data = pods_unslash((array) $data);
         $pod->save($data);
     } elseif (!empty($id)) {
         pods_no_conflict_on('comment');
         foreach ($data as $field => $value) {
             update_comment_meta($id, $field, $value);
         }
         pods_no_conflict_off('comment');
     }
     do_action('pods_meta_save_comment', $data, $pod, $id, $groups);
     return $comment_id;
 }
 /**
  * Import a Package
  *
  * @param string|array $data a JSON array package string, or an array of Package Data
  * @param bool $replace Whether to replace existing pods entirely or just update them
  *
  * @return array|bool
  *
  * @static
  * @since 2.0.5
  */
 public static function import($data, $replace = false)
 {
     if (!defined('PODS_FIELD_STRICT')) {
         define('PODS_FIELD_STRICT', false);
     }
     if (!is_array($data)) {
         $json_data = @json_decode($data, true);
         if (!is_array($json_data)) {
             $json_data = @json_decode(pods_unslash($data), true);
         }
         $data = $json_data;
     }
     if (!is_array($data) || empty($data)) {
         return false;
     }
     $api = pods_api();
     if (!isset($data['meta']) || !isset($data['meta']['version']) || empty($data['meta']['version'])) {
         return false;
     }
     // Pods 1.x < 1.10
     if (false === strpos($data['meta']['version'], '.') && (int) $data['meta']['version'] < 1000) {
         $data['meta']['version'] = implode('.', str_split($data['meta']['version']));
     } elseif (false === strpos($data['meta']['version'], '.')) {
         $data['meta']['version'] = pods_version_to_point($data['meta']['version']);
     }
     $found = array();
     if (isset($data['pods']) && is_array($data['pods'])) {
         foreach ($data['pods'] as $pod_data) {
             if (isset($pod_data['id'])) {
                 unset($pod_data['id']);
             }
             $pod = $api->load_pod(array('name' => $pod_data['name']), false);
             $existing_fields = array();
             if (!empty($pod)) {
                 // Delete Pod if it exists
                 if ($replace) {
                     $api->delete_pod(array('id' => $pod['id']));
                     $pod = array('fields' => array());
                 } else {
                     $existing_fields = $pod['fields'];
                 }
             } else {
                 $pod = array('fields' => array());
             }
             // Backwards compatibility
             if (version_compare($data['meta']['version'], '2.0', '<')) {
                 $core_fields = array(array('name' => 'created', 'label' => 'Date Created', 'type' => 'datetime', 'options' => array('datetime_format' => 'ymd_slash', 'datetime_time_type' => '12', 'datetime_time_format' => 'h_mm_ss_A'), 'weight' => 1), array('name' => 'modified', 'label' => 'Date Modified', 'type' => 'datetime', 'options' => array('datetime_format' => 'ymd_slash', 'datetime_time_type' => '12', 'datetime_time_format' => 'h_mm_ss_A'), 'weight' => 2), array('name' => 'author', 'label' => 'Author', 'type' => 'pick', 'pick_object' => 'user', 'options' => array('pick_format_type' => 'single', 'pick_format_single' => 'autocomplete', 'default_value' => '{@user.ID}'), 'weight' => 3));
                 $found_fields = array();
                 if (!empty($pod_data['fields'])) {
                     foreach ($pod_data['fields'] as $k => $field) {
                         $field_type = $field['coltype'];
                         if ('txt' == $field_type) {
                             $field_type = 'text';
                         } elseif ('desc' == $field_type) {
                             $field_type = 'wysiwyg';
                         } elseif ('code' == $field_type) {
                             $field_type = 'paragraph';
                         } elseif ('bool' == $field_type) {
                             $field_type = 'boolean';
                         } elseif ('num' == $field_type) {
                             $field_type = 'number';
                         } elseif ('date' == $field_type) {
                             $field_type = 'datetime';
                         }
                         $multiple = min(max((int) $field['multiple'], 0), 1);
                         $new_field = array('name' => trim($field['name']), 'label' => trim($field['label']), 'description' => trim($field['comment']), 'type' => $field_type, 'weight' => (int) $field['weight'], 'options' => array('required' => min(max((int) $field['required'], 0), 1), 'unique' => min(max((int) $field['unique'], 0), 1), 'input_helper' => $field['input_helper']));
                         if (in_array($new_field['name'], $found_fields)) {
                             unset($pod_data['fields'][$k]);
                             continue;
                         }
                         $found_fields[] = $new_field['name'];
                         if ('pick' == $field_type) {
                             $new_field['pick_object'] = 'pod';
                             $new_field['pick_val'] = $field['pickval'];
                             if ('wp_user' == $field['pickval']) {
                                 $new_field['pick_object'] = 'user';
                             } elseif ('wp_post' == $field['pickval']) {
                                 $new_field['pick_object'] = 'post_type-post';
                             } elseif ('wp_page' == $field['pickval']) {
                                 $new_field['pick_object'] = 'post_type-page';
                             } elseif ('wp_taxonomy' == $field['pickval']) {
                                 $new_field['pick_object'] = 'taxonomy-category';
                             }
                             // This won't work if the field doesn't exist
                             // $new_field[ 'sister_id' ] = $field[ 'sister_field_id' ];
                             $new_field['options']['pick_filter'] = $field['pick_filter'];
                             $new_field['options']['pick_orderby'] = $field['pick_orderby'];
                             $new_field['options']['pick_display'] = '';
                             $new_field['options']['pick_size'] = 'medium';
                             if (1 == $multiple) {
                                 $new_field['options']['pick_format_type'] = 'multi';
                                 $new_field['options']['pick_format_multi'] = 'checkbox';
                                 $new_field['options']['pick_limit'] = 0;
                             } else {
                                 $new_field['options']['pick_format_type'] = 'single';
                                 $new_field['options']['pick_format_single'] = 'dropdown';
                                 $new_field['options']['pick_limit'] = 1;
                             }
                         } elseif ('file' == $field_type) {
                             $new_field['options']['file_format_type'] = 'multi';
                             $new_field['options']['file_type'] = 'any';
                         } elseif ('number' == $field_type) {
                             $new_field['options']['number_decimals'] = 2;
                         } elseif ('desc' == $field['coltype']) {
                             $new_field['options']['wysiwyg_editor'] = 'tinymce';
                         } elseif ('text' == $field_type) {
                             $new_field['options']['text_max_length'] = 128;
                         }
                         if (isset($pod['fields'][$new_field['name']])) {
                             $new_field = array_merge($pod['fields'][$new_field['name']], $new_field);
                         }
                         $pod_data['fields'][$k] = $new_field;
                     }
                 }
                 if (pods_var('id', $pod, 0) < 1) {
                     $pod_data['fields'] = array_merge($core_fields, $pod_data['fields']);
                 }
                 if (empty($pod_data['label'])) {
                     $pod_data['label'] = ucwords(str_replace('_', ' ', $pod_data['name']));
                 }
                 if (isset($pod_data['is_toplevel'])) {
                     $pod_data['show_in_menu'] = 1 == $pod_data['is_toplevel'] ? 1 : 0;
                     unset($pod_data['is_toplevel']);
                 }
                 if (isset($pod_data['detail_page'])) {
                     $pod_data['detail_url'] = $pod_data['detail_page'];
                     unset($pod_data['detail_page']);
                 }
                 if (isset($pod_data['before_helpers'])) {
                     $pod_data['pre_save_helpers'] = $pod_data['before_helpers'];
                     unset($pod_data['before_helpers']);
                 }
                 if (isset($pod_data['after_helpers'])) {
                     $pod_data['post_save_helpers'] = $pod_data['after_helpers'];
                     unset($pod_data['after_helpers']);
                 }
                 if (isset($pod_data['pre_drop_helpers'])) {
                     $pod_data['pre_delete_helpers'] = $pod_data['pre_drop_helpers'];
                     unset($pod_data['pre_drop_helpers']);
                 }
                 if (isset($pod_data['post_drop_helpers'])) {
                     $pod_data['post_delete_helpers'] = $pod_data['post_drop_helpers'];
                     unset($pod_data['post_drop_helpers']);
                 }
                 $pod_data['name'] = pods_clean_name($pod_data['name']);
                 $pod_data = array('name' => $pod_data['name'], 'label' => $pod_data['label'], 'type' => 'pod', 'storage' => 'table', 'fields' => $pod_data['fields'], 'options' => array('pre_save_helpers' => pods_var_raw('pre_save_helpers', $pod_data), 'post_save_helpers' => pods_var_raw('post_save_helpers', $pod_data), 'pre_delete_helpers' => pods_var_raw('pre_delete_helpers', $pod_data), 'post_delete_helpers' => pods_var_raw('post_delete_helpers', $pod_data), 'show_in_menu' => 1 == pods_var_raw('show_in_menu', $pod_data, 0) ? 1 : 0, 'detail_url' => pods_var_raw('detail_url', $pod_data), 'pod_index' => 'name'));
             }
             $pod = array_merge($pod, $pod_data);
             foreach ($pod['fields'] as $k => $field) {
                 if (isset($field['id']) && !isset($existing_fields[$field['name']])) {
                     unset($pod['fields'][$k]['id']);
                 }
                 if (isset($field['pod_id'])) {
                     unset($pod['fields'][$k]['pod_id']);
                 }
                 if (isset($existing_fields[$field['name']])) {
                     if ($existing_field = pods_api()->load_field(array('name' => $field['name'], 'pod' => $pod['name']))) {
                         $pod['fields'][$k]['id'] = $existing_field['id'];
                     }
                 }
                 if (isset($field['pod'])) {
                     unset($pod['fields'][$k]['pod']);
                 }
             }
             $api->save_pod($pod);
             if (!isset($found['pods'])) {
                 $found['pods'] = array();
             }
             $found['pods'][$pod['name']] = $pod['label'];
         }
     }
     if (isset($data['templates']) && is_array($data['templates'])) {
         foreach ($data['templates'] as $template_data) {
             if (isset($template_data['id'])) {
                 unset($template_data['id']);
             }
             $template = $api->load_template(array('name' => $template_data['name']));
             if (!empty($template)) {
                 // Delete Template if it exists
                 if ($replace) {
                     $api->delete_template(array('id' => $template['id']));
                     $template = array();
                 }
             } else {
                 $template = array();
             }
             $template = array_merge($template, $template_data);
             $api->save_template($template);
             if (!isset($found['templates'])) {
                 $found['templates'] = array();
             }
             $found['templates'][$template['name']] = $template['name'];
         }
     }
     // Backwards compatibility
     if (isset($data['pod_pages'])) {
         $data['pages'] = $data['pod_pages'];
         unset($data['pod_pages']);
     }
     if (isset($data['pages']) && is_array($data['pages'])) {
         foreach ($data['pages'] as $page_data) {
             if (isset($page_data['id'])) {
                 unset($page_data['id']);
             }
             $page = $api->load_page(array('name' => pods_var_raw('name', $page_data, pods_var_raw('uri', $page_data), null, true)));
             if (!empty($page)) {
                 // Delete Page if it exists
                 if ($replace) {
                     $api->delete_page(array('id' => $page['id']));
                     $page = array();
                 }
             } else {
                 $page = array();
             }
             // Backwards compatibility
             if (isset($page_data['uri'])) {
                 $page_data['name'] = $page_data['uri'];
                 unset($page_data['uri']);
             }
             if (isset($page_data['phpcode'])) {
                 $page_data['code'] = $page_data['phpcode'];
                 unset($page_data['phpcode']);
             }
             $page = array_merge($page, $page_data);
             $page['name'] = trim($page['name'], '/');
             $api->save_page($page);
             if (!isset($found['pages'])) {
                 $found['pages'] = array();
             }
             $found['pages'][$page['name']] = $page['name'];
         }
     }
     if (isset($data['helpers']) && is_array($data['helpers'])) {
         foreach ($data['helpers'] as $helper_data) {
             if (isset($helper_data['id'])) {
                 unset($helper_data['id']);
             }
             $helper = $api->load_helper(array('name' => $helper_data['name']));
             if (!empty($helper)) {
                 // Delete Helper if it exists
                 if ($replace) {
                     $api->delete_helper(array('id' => $helper['id']));
                     $helper = array();
                 }
             } else {
                 $helper = array();
             }
             // Backwards compatibility
             if (isset($helper_data['phpcode'])) {
                 $helper_data['code'] = $helper_data['phpcode'];
                 unset($helper_data['phpcode']);
             }
             if (isset($helper_data['type'])) {
                 if ('before' == $helper_data['type']) {
                     $helper_data['type'] = 'pre_save';
                 } elseif ('after' == $helper_data['type']) {
                     $helper_data['type'] = 'post_save';
                 }
             }
             $helper = array_merge($helper, $helper_data);
             if (isset($helper['type'])) {
                 $helper['helper_type'] = $helper['type'];
                 unset($helper['helper_type']);
             }
             $api->save_helper($helper);
             if (!isset($found['helpers'])) {
                 $found['helpers'] = array();
             }
             $found['helpers'][$helper['name']] = $helper['name'];
         }
     }
     $found = apply_filters('pods_packages_import', $found, $data, $replace);
     if (!empty($found)) {
         return $found;
     }
     return false;
 }
Example #8
0
/**
 * Return a variable (if exists)
 *
 * @param mixed $var The variable name, can also be a modifier for specific types
 * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates
 * @param mixed $default (optional) The default value to set if variable doesn't exist
 * @param bool $strict (optional) Only allow values (must not be empty)
 * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
 *
 * @return mixed The variable (if exists), or default value
 * @since 2.3.10
 */
function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array())
{
    $defaults = array('casting' => false, 'allowed' => null);
    $params = (object) array_merge($defaults, (array) $params);
    $output = null;
    if (null === $type || '' === $type) {
        // Invalid $type
    } elseif (is_array($type)) {
        if (isset($type[$var])) {
            $output = $type[$var];
        }
    } elseif (is_object($type)) {
        if (isset($type->{$var})) {
            $output = $type->{$var};
        }
    } else {
        $type = strtolower((string) $type);
        switch ($type) {
            case 'get':
                if (isset($_GET[$var])) {
                    $output = pods_unslash($_GET[$var]);
                }
                break;
            case 'post':
                if (isset($_POST[$var])) {
                    $output = pods_unslash($_POST[$var]);
                }
                break;
            case 'request':
                if (isset($_REQUEST[$var])) {
                    $output = pods_unslash($_REQUEST[$var]);
                }
                break;
            case 'url':
            case 'uri':
                $url = parse_url(pods_current_url());
                $uri = trim($url['path'], '/');
                $uri = array_filter(explode('/', $uri));
                if ('first' == $var) {
                    $var = 0;
                } elseif ('last' == $var) {
                    $var = -1;
                }
                if (is_numeric($var)) {
                    $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
                }
                break;
            case 'url-relative':
                $url_raw = pods_current_url();
                $prefix = get_site_url();
                if (substr($url_raw, 0, strlen($prefix)) == $prefix) {
                    $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw));
                }
                $url = parse_url($url_raw);
                $uri = trim($url['path'], '/');
                $uri = array_filter(explode('/', $uri));
                if ('first' == $var) {
                    $var = 0;
                } elseif ('last' == $var) {
                    $var = -1;
                }
                if (is_numeric($var)) {
                    $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri);
                }
                break;
            case 'template-url':
                $output = get_template_directory_uri();
                break;
            case 'stylesheet-url':
                $output = get_stylesheet_directory_uri();
                break;
            case 'site-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_site_url($blog_id, $path, $scheme);
                break;
            case 'home-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_home_url($blog_id, $path, $scheme);
                break;
            case 'admin-url':
                $blog_id = $scheme = null;
                $path = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $blog_id = $var[0];
                    } elseif (isset($var[1])) {
                        $path = $var[1];
                    } elseif (isset($var[2])) {
                        $scheme = $var[2];
                    }
                } else {
                    $blog_id = $var;
                }
                $output = get_admin_url($blog_id, $path, $scheme);
                break;
            case 'includes-url':
                $output = includes_url($var);
                break;
            case 'content-url':
                $output = content_url($var);
                break;
            case 'plugins-url':
                $path = $plugin = '';
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $plugin = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = plugins_url($path, $plugin);
                break;
            case 'network-site-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_site_url($path, $scheme);
                break;
            case 'network-home-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_home_url($path, $scheme);
                break;
            case 'network-admin-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = network_admin_url($path, $scheme);
                break;
            case 'user-admin-url':
                $path = '';
                $scheme = null;
                if (is_array($var)) {
                    if (isset($var[0])) {
                        $path = $var[0];
                    } elseif (isset($var[1])) {
                        $scheme = $var[1];
                    }
                } else {
                    $path = $var;
                }
                $output = user_admin_url($path, $scheme);
                break;
            case 'prefix':
                global $wpdb;
                $output = $wpdb->prefix;
                break;
            case 'server':
                if (!pods_strict()) {
                    if (isset($_SERVER[$var])) {
                        $output = pods_unslash($_SERVER[$var]);
                    } elseif (isset($_SERVER[strtoupper($var)])) {
                        $output = pods_unslash($_SERVER[strtoupper($var)]);
                    }
                }
                break;
            case 'session':
                if (isset($_SESSION[$var])) {
                    $output = $_SESSION[$var];
                }
                break;
            case 'global':
            case 'globals':
                if (isset($GLOBALS[$var])) {
                    $output = $GLOBALS[$var];
                }
                break;
            case 'cookie':
                if (isset($_COOKIE[$var])) {
                    $output = pods_unslash($_COOKIE[$var]);
                }
                break;
            case 'constant':
                if (defined($var)) {
                    $output = constant($var);
                }
                break;
            case 'user':
                if (is_user_logged_in()) {
                    $user = get_userdata(get_current_user_id());
                    if (isset($user->{$var})) {
                        $value = $user->{$var};
                    } elseif ('role' == $var) {
                        $value = '';
                        if (!empty($user->roles)) {
                            $value = array_shift($user->roles);
                        }
                    } else {
                        $value = get_user_meta($user->ID, $var);
                    }
                    if (is_array($value) && !empty($value)) {
                        $output = $value;
                    } elseif (!is_array($value) && 0 < strlen($value)) {
                        $output = $value;
                    }
                }
                break;
            case 'option':
                $output = get_option($var, $default);
                break;
            case 'site-option':
                $output = get_site_option($var, $default);
                break;
            case 'transient':
                $output = get_transient($var);
                break;
            case 'site-transient':
                $output = get_site_transient($var);
                break;
            case 'cache':
                if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
                    $group = 'default';
                    $force = false;
                    if (!is_array($var)) {
                        $var = explode('|', $var);
                    }
                    if (isset($var[0])) {
                        if (isset($var[1])) {
                            $group = $var[1];
                        }
                        if (isset($var[2])) {
                            $force = $var[2];
                        }
                        $var = $var[0];
                        $output = wp_cache_get($var, $group, $force);
                    }
                }
                break;
            case 'pods-transient':
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $callback = $var[1];
                    }
                    $var = $var[0];
                    $output = pods_transient_get($var, $callback);
                }
                break;
            case 'pods-site-transient':
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $callback = $var[1];
                    }
                    $var = $var[0];
                    $output = pods_site_transient_get($var, $callback);
                }
                break;
            case 'pods-cache':
                if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) {
                    $group = 'default';
                    $callback = null;
                    if (!is_array($var)) {
                        $var = explode('|', $var);
                    }
                    if (isset($var[0])) {
                        if (isset($var[1])) {
                            $group = $var[1];
                        }
                        if (isset($var[2])) {
                            $callback = $var[2];
                        }
                        $var = $var[0];
                        $output = pods_cache_get($var, $group, $callback);
                    }
                }
                break;
            case 'pods-option-cache':
                $group = 'default';
                $callback = null;
                if (!is_array($var)) {
                    $var = explode('|', $var);
                }
                if (isset($var[0])) {
                    if (isset($var[1])) {
                        $group = $var[1];
                    }
                    if (isset($var[2])) {
                        $callback = $var[2];
                    }
                    $var = $var[0];
                    $output = pods_option_cache_get($var, $group, $callback);
                }
                break;
            case 'date':
                $var = explode('|', $var);
                if (!empty($var)) {
                    $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false);
                }
                break;
            case 'pods':
            case 'pods_display':
                /**
                 * @var $pods Pods
                 */
                global $pods;
                if (is_object($pods) && 'Pods' == get_class($pods)) {
                    if ('pods' === $type) {
                        $output = $pods->field($var);
                        if (is_array($output)) {
                            $options = array('field' => $var, 'fields' => $pods->fields);
                            $output = pods_serial_comma($output, $options);
                        }
                    } elseif ('pods_display' === $type) {
                        $output = $pods->display($var);
                    }
                }
                break;
            case 'post_id':
                if (empty($var)) {
                    if (!empty($default)) {
                        $post_id = $default;
                    } else {
                        // If no $var and no $default then use current post ID
                        $post_id = get_the_ID();
                    }
                } else {
                    $post_id = $var;
                }
                if (did_action('wpml_loaded')) {
                    /* Only call filter if WPML is installed */
                    $post_type = get_post_type($post_id);
                    $post_id = apply_filters('wpml_object_id', $post_id, $post_type, true);
                } elseif (function_exists('pll_get_post')) {
                    $polylang_id = pll_get_post($post_id);
                    if (!empty($polylang_id)) {
                        $post_id = $polylang_id;
                    }
                }
                // Add other translation plugin specific code here
                /**
                 * Filter to override post_id
                 *
                 * Generally used with language translation plugins in order to return the post id of a
                 * translated post
                 *
                 * @param  int $post_id The post ID of current post
                 * @param  mixed $default The default value to set if variable doesn't exist
                 * @param  mixed $var The variable name, can also be a modifier for specific types
                 * @param  bool $strict Only allow values (must not be empty)
                 * @param  array $params Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed
                 *
                 * @since 2.6.6
                 */
                $output = apply_filters('pods_var_post_id', $post_id, $default, $var, $strict, $params);
                break;
            default:
                $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params);
        }
    }
    if (null !== $default) {
        // Set default
        if (null === $output) {
            $output = $default;
        }
        // Casting
        if (true === $params->casting) {
            $output = pods_cast($output, $default);
        }
    }
    // Strict defaults for empty values
    if (true === $strict) {
        if (empty($output)) {
            $output = $default;
        }
    }
    // Allowed values
    if (null !== $params->allowed) {
        if (is_array($params->allowed)) {
            // Not in array and is not the same array
            if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) {
                $output = $default;
            }
        } elseif ($output !== $params->allowed) {
            // Value doesn't match
            $output = $default;
        }
    }
    return $output;
}
                echo $active;
                ?>
><?php 
                echo esc_html($val['name']);
                ?>
</option>
<?php 
            }
            ?>
    </select>
<?php 
        }
    }
}
// Display the search box and submit button
$search = empty($_GET[$this->search_var]) ? '' : pods_unslash($_GET[$this->search_var]);
if (false !== $show_textbox) {
    ?>
        <input type="text" class="pod_search" name="<?php 
    echo esc_attr($this->search_var);
    ?>
" value="<?php 
    echo esc_attr($search);
    ?>
" />
<?php 
} else {
    ?>
        <input type="hidden" name="<?php 
    echo esc_attr($this->search_var);
    ?>
Example #10
0
 /**
  * Handle plupload AJAX
  *
  * @since 2.3
  */
 public function admin_ajax_upload()
 {
     pods_session_start();
     // Sanitize input
     $params = pods_unslash((array) $_POST);
     foreach ($params as $key => $value) {
         if ('action' == $key) {
             continue;
         }
         unset($params[$key]);
         $params[str_replace('_podsfix_', '', $key)] = $value;
     }
     $params = (object) $params;
     $methods = array('upload');
     if (!isset($params->method) || !in_array($params->method, $methods) || !isset($params->pod) || !isset($params->field) || !isset($params->uri) || empty($params->uri)) {
         pods_error('Invalid AJAX request', PodsInit::$admin);
     } elseif (!empty($params->pod) && empty($params->field)) {
         pods_error('Invalid AJAX request', PodsInit::$admin);
     } elseif (empty($params->pod) && !current_user_can('upload_files')) {
         pods_error('Invalid AJAX request', PodsInit::$admin);
     }
     // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead
     if (is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) {
         $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie'];
     } elseif (empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) {
         $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie'];
     }
     if (empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie'])) {
         $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie'];
     }
     global $current_user;
     unset($current_user);
     /**
      * Access Checking
      */
     $upload_disabled = false;
     if (defined('PODS_DISABLE_FILE_UPLOAD') && true === PODS_DISABLE_FILE_UPLOAD) {
         $upload_disabled = true;
     } elseif (defined('PODS_UPLOAD_REQUIRE_LOGIN') && is_bool(PODS_UPLOAD_REQUIRE_LOGIN) && true === PODS_UPLOAD_REQUIRE_LOGIN && !is_user_logged_in()) {
         $upload_disabled = true;
     } elseif (defined('PODS_UPLOAD_REQUIRE_LOGIN') && !is_bool(PODS_UPLOAD_REQUIRE_LOGIN) && (!is_user_logged_in() || !current_user_can(PODS_UPLOAD_REQUIRE_LOGIN))) {
         $upload_disabled = true;
     }
     $uid = @session_id();
     if (is_user_logged_in()) {
         $uid = 'user_' . get_current_user_id();
     }
     $nonce_check = 'pods_upload_' . (int) $params->pod . '_' . $uid . '_' . $params->uri . '_' . (int) $params->field;
     if (true === $upload_disabled || !isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, $nonce_check)) {
         pods_error(__('Unauthorized request', 'pods'), PodsInit::$admin);
     }
     $pod = array();
     $field = array('type' => 'file', 'options' => array());
     $api = pods_api();
     $api->display_errors = false;
     if (!empty($params->pod)) {
         $pod = $api->load_pod(array('id' => (int) $params->pod));
         $field = $api->load_field(array('id' => (int) $params->field));
         if (empty($pod) || empty($field) || $pod['id'] != $field['pod_id'] || !isset($pod['fields'][$field['name']])) {
             pods_error(__('Invalid field request', 'pods'), PodsInit::$admin);
         }
         if (!in_array($field['type'], PodsForm::file_field_types())) {
             pods_error(__('Invalid field', 'pods'), PodsInit::$admin);
         }
     }
     $method = $params->method;
     // Cleaning up $params
     unset($params->action);
     unset($params->method);
     unset($params->_wpnonce);
     $params->post_id = pods_var('post_id', $params, 0, null, true);
     /**
      * Upload a new file (advanced - returns URL and ID)
      */
     if ('upload' == $method) {
         $file = $_FILES['Filedata'];
         $limit_size = pods_var($field['type'] . '_restrict_filesize', $field['options']);
         if (!empty($limit_size)) {
             if (false !== stripos($limit_size, 'MB')) {
                 $limit_size = (double) trim(str_ireplace('MB', '', $limit_size));
                 $limit_size = $limit_size * 1025 * 1025;
                 // convert to KB to B
             } elseif (false !== stripos($limit_size, 'KB')) {
                 $limit_size = (double) trim(str_ireplace('KB', '', $limit_size));
                 $limit_size = $limit_size * 1025 * 1025;
                 // convert to B
             } elseif (false !== stripos($limit_size, 'GB')) {
                 $limit_size = (double) trim(str_ireplace('GB', '', $limit_size));
                 $limit_size = $limit_size * 1025 * 1025 * 1025;
                 // convert to MB to KB to B
             } elseif (false !== stripos($limit_size, 'B')) {
                 $limit_size = (double) trim(str_ireplace('B', '', $limit_size));
             } else {
                 $limit_size = wp_max_upload_size();
             }
             if (0 < $limit_size && $limit_size < $file['size']) {
                 $error = __('File size too large, max size is %s', 'pods');
                 $error = sprintf($error, pods_var($field['type'] . '_restrict_filesize', $field['options']));
                 pods_error('<div style="color:#FF0000">Error: ' . $error . '</div>');
             }
         }
         $limit_file_type = pods_var($field['type'] . '_type', $field['options'], 'images');
         if ('images' == $limit_file_type) {
             $limit_types = 'jpg,jpeg,png,gif';
         } elseif ('video' == $limit_file_type) {
             $limit_types = 'mpg,mov,flv,mp4';
         } elseif ('audio' == $limit_file_type) {
             $limit_types = 'mp3,m4a,wav,wma';
         } elseif ('text' == $limit_file_type) {
             $limit_types = 'txt,rtx,csv,tsv';
         } elseif ('any' == $limit_file_type) {
             $limit_types = '';
         } else {
             $limit_types = pods_var($field['type'] . '_allowed_extensions', $field['options'], '', null, true);
         }
         $limit_types = trim(str_replace(array(' ', '.', "\n", "\t", ';'), array('', ',', ',', ','), $limit_types), ',');
         if (pods_version_check('wp', '3.5')) {
             $mime_types = wp_get_mime_types();
             if (in_array($limit_file_type, array('images', 'audio', 'video'))) {
                 $new_limit_types = array();
                 foreach ($mime_types as $type => $mime) {
                     if (0 === strpos($mime, $limit_file_type)) {
                         $type = explode('|', $type);
                         $new_limit_types = array_merge($new_limit_types, $type);
                     }
                 }
                 if (!empty($new_limit_types)) {
                     $limit_types = implode(',', $new_limit_types);
                 }
             } elseif ('any' != $limit_file_type) {
                 $new_limit_types = array();
                 $limit_types = explode(',', $limit_types);
                 foreach ($limit_types as $k => $limit_type) {
                     $found = false;
                     foreach ($mime_types as $type => $mime) {
                         if (0 === strpos($mime, $limit_type)) {
                             $type = explode('|', $type);
                             foreach ($type as $t) {
                                 if (!in_array($t, $new_limit_types)) {
                                     $new_limit_types[] = $t;
                                 }
                             }
                             $found = true;
                         }
                     }
                     if (!$found) {
                         $new_limit_types[] = $limit_type;
                     }
                 }
                 if (!empty($new_limit_types)) {
                     $limit_types = implode(',', $new_limit_types);
                 }
             }
         }
         $limit_types = explode(',', $limit_types);
         $limit_types = array_filter(array_unique($limit_types));
         if (!empty($limit_types)) {
             $ok = false;
             foreach ($limit_types as $limit_type) {
                 $limit_type = '.' . trim($limit_type, ' .');
                 $pos = strlen($file['name']) - strlen($limit_type);
                 if ($pos === stripos($file['name'], $limit_type)) {
                     $ok = true;
                     break;
                 }
             }
             if (false === $ok) {
                 $error = __('File type not allowed, please use one of the following: %s', 'pods');
                 $error = sprintf($error, '.' . implode(', .', $limit_types));
                 pods_error('<div style="color:#FF0000">Error: ' . $error . '</div>');
             }
         }
         $custom_handler = apply_filters('pods_upload_handle', null, 'Filedata', $params->post_id, $params, $field);
         if (null === $custom_handler) {
             $linked = pods_var($field['type'] . '_linked', $field['options'], 0);
             $attachment_id = media_handle_upload('Filedata', $params->post_id);
             if (is_object($attachment_id)) {
                 $errors = array();
                 foreach ($attachment_id->errors['upload_error'] as $error_code => $error_message) {
                     $errors[] = '[' . $error_code . '] ' . $error_message;
                 }
                 pods_error('<div style="color:#FF0000">Error: ' . implode('</div><div>', $errors) . '</div>');
             } else {
                 $attachment = get_post($attachment_id, ARRAY_A);
                 $attachment['filename'] = basename($attachment['guid']);
                 $thumb = wp_get_attachment_image_src($attachment['ID'], 'thumbnail', true);
                 $attachment['thumbnail'] = $thumb[0];
                 $attachment['link'] = '';
                 if ($linked) {
                     $attachment['link'] = wp_get_attachment_url($attachment['ID']);
                 }
                 $attachment = apply_filters('pods_upload_attachment', $attachment, $params->post_id);
                 wp_send_json($attachment);
             }
         }
     }
     die;
     // KBAI!
 }