function usp_checkForPublicSubmission() { global $usp_options; if (isset($_POST['user-submitted-post']) && !empty($_POST['user-submitted-post'])) { if ($usp_options['usp_title'] == 'show') { $author_submit2 = stripslashes($_POST['user-submitted-name']); $author_submit2 = $author_submit2 . '|'; $title = $author_submit2 . stripslashes($_POST['user-submitted-title']); //$title = stripslashes($_POST['user-submitted-title']); } else { $author_submit2 = stripslashes($_POST['user-submitted-name']); $author_submit2 = $author_submit2 . '|'; $title = 'User Submitted Post'; } if (stripslashes($_POST['user-submitted-name']) && !empty($_POST['user-submitted-name'])) { $author_submit = stripslashes($_POST['user-submitted-name']); $author_info = get_user_by('login', $author_submit); if ($author_info) { $authorID = $author_info->id; $authorName = $author_submit; } else { $authorID = $usp_options['author']; $authorName = $author_submit; } } else { $authorID = $usp_options['author']; $authorName = get_the_author_meta('display_name', $authorID); } $authorUrl = stripslashes($_POST['user-submitted-url']); $tags = stripslashes($_POST['user-submitted-tags']); $captcha = stripslashes($_POST['user-submitted-captcha']); $category = intval($_POST['user-submitted-category']); $content = stripslashes($_POST['user-submitted-content']); if (isset($_FILES['user-submitted-image'])) { $fileData = $_FILES['user-submitted-image']; } else { $fileData = ''; } $publicSubmission = usp_createPublicSubmission($title, $content, $authorName, $authorID, $authorUrl, $tags, $category, $fileData); if (false == $publicSubmission) { $errorMessage = empty($usp_options['error-message']) ? __('An error occurred. Please go back and try again.', 'usp') : $usp_options['error-message']; if (!empty($_POST['redirect-override'])) { $redirect = stripslashes($_POST['redirect-override']); $redirect = remove_query_arg('success', $redirect); $redirect = add_query_arg(array('submission-error' => '1'), $redirect); wp_redirect($redirect); exit; } else { $redirect = stripslashes($_SERVER["REQUEST_URI"]); $redirect = remove_query_arg('success', $redirect); $redirect = add_query_arg(array('submission-error' => '1'), $redirect); wp_redirect($redirect); exit; } // wp_die($errorMessage); } else { $redirect = empty($usp_options['redirect-url']) ? $_SERVER['REQUEST_URI'] : $usp_options['redirect-url']; if (!empty($_POST['redirect-override'])) { $redirect = stripslashes($_POST['redirect-override']); } $redirect = remove_query_arg('submission-error', $redirect); $redirect = add_query_arg(array('success' => 1), $redirect); wp_redirect($redirect); exit; } } }
function usp_checkForPublicSubmission() { global $usp_options; if (isset($_POST['user-submitted-post'], $_POST['usp-nonce']) && !empty($_POST['user-submitted-post']) && wp_verify_nonce($_POST['usp-nonce'], 'usp-nonce')) { $title = __('User Submitted Post', 'usp'); if (isset($_POST['user-submitted-title']) && ($usp_options['usp_title'] == 'show' || $usp_options['usp_title'] == 'optn')) { $title = sanitize_text_field($_POST['user-submitted-title']); } $files = array(); if (isset($_FILES['user-submitted-image'])) { $files = $_FILES['user-submitted-image']; } $ip = 'undefined'; if ($usp_options['disable_ip_tracking']) { $ip = 'not recorded'; } if (isset($_SERVER['REMOTE_ADDR']) && !$usp_options['disable_ip_tracking']) { $ip = sanitize_text_field($_SERVER['REMOTE_ADDR']); } $author = ''; $url = ''; $email = ''; $tags = ''; $captcha = ''; $verify = ''; $content = ''; $category = ''; if (isset($_POST['user-submitted-name'])) { $author = sanitize_text_field($_POST['user-submitted-name']); } if (isset($_POST['user-submitted-url'])) { $url = esc_url($_POST['user-submitted-url']); } if (isset($_POST['user-submitted-email'])) { $email = sanitize_email($_POST['user-submitted-email']); } if (isset($_POST['user-submitted-tags'])) { $tags = sanitize_text_field($_POST['user-submitted-tags']); } if (isset($_POST['user-submitted-captcha'])) { $captcha = sanitize_text_field($_POST['user-submitted-captcha']); } if (isset($_POST['user-submitted-verify'])) { $verify = sanitize_text_field($_POST['user-submitted-verify']); } if (isset($_POST['user-submitted-content'])) { $content = stripslashes($_POST['user-submitted-content']); } if (isset($_POST['user-submitted-category'])) { $category = intval($_POST['user-submitted-category']); } $result = usp_createPublicSubmission($title, $files, $ip, $author, $url, $email, $tags, $captcha, $verify, $content, $category); $post_id = false; if (isset($result['id'])) { $post_id = $result['id']; } $error = false; if (isset($result['error'])) { $error = array_filter(array_unique($result['error'])); } if ($post_id) { $redirect = empty($usp_options['redirect-url']) ? esc_url($_SERVER['REQUEST_URI']) : esc_url($usp_options['redirect-url']); if (!empty($_POST['redirect-override'])) { $redirect = esc_url($_POST['redirect-override']); } $redirect = remove_query_arg(array('usp-error'), $redirect); $redirect = add_query_arg(array('success' => 1, 'post_id' => $post_id), $redirect); do_action('usp_submit_success', $redirect); } else { if ($error) { $e = implode(',', $error); $e = trim($e, ','); } else { $e = 'error'; } if (!empty($_POST['redirect-override'])) { $redirect = esc_url($_POST['redirect-override']); $redirect = remove_query_arg(array('success', 'post_id'), $redirect); $redirect = add_query_arg(array('usp-error' => $e), $redirect); } else { $redirect = esc_url($_SERVER['REQUEST_URI']); $redirect = remove_query_arg(array('success', 'post_id'), $redirect); $redirect = add_query_arg(array('usp-error' => $e), $redirect); } do_action('usp_submit_error', $redirect); } wp_redirect(esc_url_raw($redirect)); exit; } }