public function __construct($form, $post_id = null, $preview = false, $force_form_count = false)
{
global $post, $current_user;
// reference to the form submission method
global ${'_' . self::METHOD};
$method =& ${'_' . self::METHOD};
// if types is not active, no CRED
if (!function_exists('wpcf_init') || !defined('WPCF_ABSPATH')) {
$this->error = __('Types plugin not active', 'wp-cred');
return;
}
self::initVars();
// get inputs
if (isset($post_id) && !empty($post_id) && $post_id != false && !$preview) {
$post_id = intval($post_id);
} elseif (isset($post->ID) && !$preview) {
$post_id = $post->ID;
} else {
$post_id = false;
}
// get recaptcha settings
if (!self::$recaptcha_settings) {
$sm = CRED_Loader::get('MODEL/Settings');
$gen_setts = $sm->getSettings();
if (isset($gen_setts['recaptcha']['public_key']) && isset($gen_setts['recaptcha']['private_key']) && !empty($gen_setts['recaptcha']['public_key']) && !empty($gen_setts['recaptcha']['private_key'])) {
self::$recaptcha_settings = $gen_setts['recaptcha'];
}
}
// load form data
require_once ABSPATH . '/wp-admin/includes/post.php';
$fm = CRED_Loader::get('MODEL/Forms');
$this->_form = $fm->getForm($form);
if ($this->_form === false) {
$this->error = __('Form does not exist!', 'wp-cred');
return;
}
$this->_form_id = $this->_form->form->ID;
// preview when form is not saved at all
//print_r($this->_form);
if (!isset($this->_form->fields) || !is_array($this->_form->fields) || empty($this->_form->fields) || !isset($this->_form->fields['form_settings'])) {
$this->_form->fields = array('form_settings' => new stdClass(), 'extra' => new stdClass(), 'notification' => new stdClass());
if ($preview) {
$this->error = __('Form preview does not exist. Try saving your form first', 'wp-cred');
return;
}
}
$this->_redirect_delay = isset($this->_form->fields['form_settings']->redirect_delay) ? intval($this->_form->fields['form_settings']->redirect_delay) : self::DELAY;
$this->_hide_comments = isset($this->_form->fields['form_settings']->hide_comments) && $this->_form->fields['form_settings']->hide_comments ? true : false;
$form_id = $this->_form->form->ID;
$cred_css_themes = array('minimal' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/minimal.css', 'styled' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/styled.css');
$this->_extra = array();
if ($preview) {
if (array_key_exists(self::PREFIX . 'form_preview_post_type', $method)) {
$this->_post_type = $this->_form->fields['form_settings']->post_type = stripslashes($method[self::PREFIX . 'form_preview_post_type']);
} else {
$this->error = __('Preview post type not provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_preview_form_type', $method)) {
$this->_form_type = stripslashes($method[self::PREFIX . 'form_preview_form_type']);
} else {
$this->error = __('Preview form type not provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_preview_content', $method)) {
$this->_preview_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
$this->_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
} else {
$this->error = __('No preview form content provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_css_to_use', $method)) {
$this->css_to_use = trim(stripslashes($method[self::PREFIX . 'form_css_to_use']));
if (in_array($this->css_to_use, array_keys($cred_css_themes))) {
$this->css_to_use = $cred_css_themes[$this->css_to_use];
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
if (array_key_exists(self::PREFIX . 'extra_css_to_use', $method)) {
$this->_extra['css'] = trim(stripslashes($method[self::PREFIX . 'extra_css_to_use']));
}
if (array_key_exists(self::PREFIX . 'extra_js_to_use', $method)) {
$this->_extra['js'] = trim(stripslashes($method[self::PREFIX . 'extra_js_to_use']));
}
} else {
$this->_post_type = $this->_form->fields['form_settings']->post_type;
$this->_form_type = $this->_form->fields['form_settings']->form_type;
$this->_extra = isset($this->_form->fields['extra']) ? (array) $this->_form->fields['extra'] : array();
// get form content in order to replace it with actual form
$this->_content = $this->_form->form->post_content;
if (isset($this->_form->fields['form_settings']->cred_theme_css) && in_array($this->_form->fields['form_settings']->cred_theme_css, array_keys($cred_css_themes))) {
$this->css_to_use = $cred_css_themes[$this->_form->fields['form_settings']->cred_theme_css];
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
}
if (!isset($this->_extra['messages'])) {
if (isset($this->_form->fields['extra']) && isset($this->_form->fields['extra']->messages)) {
$this->_extra['messages'] = $this->_form->fields['extra']->messages;
} else {
$this->_extra['messages'] = CRED_Loader::get('MODEL/Forms')->getDefaultMessages();
}
}
// if this is an edit form and no post id given
if ($this->_form_type == 'edit' && $post_id === false && !$preview) {
$this->error = __('No post specified', 'wp-cred');
return;
}
// if this is a new form and post id given
if ($this->_form_type == 'new' && !$preview) {
if (isset($method[self::PREFIX . 'post_id']) && intval($method[self::PREFIX . 'post_id']) > 0) {
$post_id = intval($method[self::PREFIX . 'post_id']);
} else {
$post_id = get_default_post_to_edit($this->_post_type, true)->ID;
}
}
$this->_post_id = $post_id;
// increase counter
//self::$form_count++;
if ($force_form_count !== false) {
$this->_form_count = $force_form_count;
} else {
$this->_form_count = self::$form_count;
}
// dependencies, uses Zebra_Form framework (see folder for details)
CRED_Loader::load('THIRDPARTY/MyZebra_Parser');
CRED_Loader::load('THIRDPARTY/MyZebra_Form');
// instantiate form
$this->_myzebra_form = new MyZebra_Form('cred_form_' . $form_id . '_' . $this->_form_count, self::METHOD, $this->currentURI(array('_tt' => time()), array('_success')), '', array());
if ($preview) {
$this->_myzebra_form->preview = true;
} else {
$this->_myzebra_form->preview = false;
}
// form properties
self::$ASSETS_PATH = DIRECTORY_SEPARATOR . 'third-party' . DIRECTORY_SEPARATOR . 'zebra_form' . DIRECTORY_SEPARATOR;
self::$ASSETS_URL = '/third-party/zebra_form/';
$this->_myzebra_form->doctype('xhtml');
$this->_myzebra_form->client_side_validation(true);
$this->_myzebra_form->show_all_error_messages(true);
$this->_myzebra_form->assets_path(CRED_PLUGIN_PATH . self::$ASSETS_PATH, plugins_url() . '/' . CRED_PLUGIN_FOLDER . self::$ASSETS_URL);
$locale = self::$localized_strings;
$this->_myzebra_form->language($locale);
// get custom post fields
$ffm = CRED_Loader::get('MODEL/Fields');
$this->_fields = $ffm->getFields($this->_post_type);
// in CRED 1.1 post_fields and custom_fields are different keys, merge them together to keep consistency
$this->_fields['_post_fields'] = $this->_fields['post_fields'];
$this->_fields['post_fields'] = array_merge($this->_fields['post_fields'], $this->_fields['custom_fields']);
//cred_log(print_r($this->_fields,true));
// get existing post data if edit form and post given
if ($this->_form_type == 'edit') {
if ($post_id) {
$res = $fm->getPost($post_id);
if ($res && isset($res[0])) {
$mypost = $res[0];
cred_log(array('edit_own_posts_with_cred_' . $form_id => current_user_can('edit_own_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
cred_log(array('edit_other_posts_with_cred_' . $form_id => current_user_can('edit_other_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
if (!current_user_can('edit_own_posts_with_cred_' . $form_id) && $current_user->ID == $mypost->post_author) {
//$this->error=__('Do not have permission (edit own with this form)','wp-cred');
$this->error = ' ';
return;
}
if (!current_user_can('edit_other_posts_with_cred_' . $form_id) && $current_user->ID != $mypost->post_author) {
//$this->error=__('Do not have permission (edit other with this form)','wp-cred');
$this->error = ' ';
return;
}
//cred_log($mypost->post_content);
if ($mypost->post_type != $this->_post_type) {
$this->error = __('Form type and post type do not match', 'wp-cred');
return;
}
$myfields = isset($res[1]) ? $res[1] : array();
$mytaxs = isset($res[2]) ? $res[2] : array();
$myextra = isset($res[3]) ? $res[3] : array();
$myfields['post_title'] = array($mypost->post_title);
$myfields['post_content'] = array($mypost->post_content);
if (isset($mypost->post_excerpt)) {
$myfields['post_excerpt'] = array($mypost->post_excerpt);
}
$this->_post_data = array('fields' => &$myfields, 'post' => &$mypost, 'taxonomies' => &$mytaxs, 'extra' => &$myextra);
//cred_log(print_r($mytaxs,true));
//cred_log(print_r($mypost,true)/*.print_r($myfields,true).print_r($myterms,true)*/);
//exit;
}
}
} elseif ($this->_form_type == 'new') {
cred_log(array('create_posts_with_cred_' . $form_id => current_user_can('create_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID), 'access.log');
if (!current_user_can('create_posts_with_cred_' . $form_id)) {
//$this->error=__('Do not have permission (create with this form)','wp-cred');
$this->error = ' ';
return;
}
}
$this->_form_content = '';
// set allowed file types
$mimes = get_allowed_mime_types();
$this->wp_mimes = array();
foreach ($mimes as $exts => $mime) {
$exts_a = explode('|', $exts);
foreach ($exts_a as $single_ext) {
//$this->form_mimes[$single_ext]=$mime;
$this->wp_mimes[] = $single_ext;
}
}
$this->wp_mimes = implode(',', $this->wp_mimes);
unset($mimes);
$this->_shortcode_parser = CRED_Loader::get('CLASS/Shortcode_Parser', false);
}
function has_cred_form()
{
if (!class_exists('CRED_Form_Builder', false)) {
return false;
}
return CRED_Form_Builder::has_form();
}
public static function getForm($form, $preview = false, $post = null)
{
CRED_Loader::load('CLASS/Form_Builder');
return CRED_Form_Builder::getForm($form, $post, $preview);
}
public function processForm($data)
{
if (!isset($data['post'])) {
return;
}
$form = $data['post'];
$message = $data['message'];
$notification = $data['notification'];
$messages = $data['messages'];
$this->setFormData($form->ID, $form->post_title);
// register field values
$this->processFormForStrings($form->post_content, 'Value: ');
// register form title
$this->registerString('Form Title: ' . $form->post_title, $form->post_title);
$this->registerString('Display Message: ' . $form->post_title, $message);
// register Notification Data also
if ($notification && isset($notification->notifications) && is_array($notification->notifications)) {
foreach ($notification->notifications as $ii => $nott) {
// new format
// these are not relevant in new format for localization
/*switch($nott['to']['type'])
{
case 'wp_user':
$this->registerString('CRED Notification '.$ii.' Mail To', $nott['to']['user']);
break;
case 'specific_mail':
$this->registerString('CRED Notification '.$ii.' Mail To', $nott['to']['address']);
if (isset($nott['to']['name']))
$this->registerString('CRED Notification '.$ii.' Mail To Name', $nott['to']['name']);
if (isset($nott['to']['lastname']))
$this->registerString('CRED Notification '.$ii.' Mail To LastName', $nott['to']['lastname']);
break;
default:
break;
}*/
$hashSubject = CRED_Helper::strHash($nott['mail']['subject']);
$hashBody = CRED_Helper::strHash($nott['mail']['body']);
$this->registerString('CRED Notification Subject ' . $hashSubject, $nott['mail']['subject']);
$this->registerString('CRED Notification Body ' . $hashBody, $nott['mail']['body']);
}
}
// register messages also
foreach ($messages as $msgid => $msg) {
$this->registerString('Message_' . $msgid, $msg);
}
// register options from select and checkboxes/radio fields, force form build
CRED_Loader::load('CLASS/Form_Builder');
CRED_Form_Builder::init();
CRED_Form_Builder::getForm($form->ID, null, false);
// allow 3rd-party to add extra localization
do_action('cred_localize_form', $data);
}
private static function getCachedForm($form_id, $post_id, $preview, $force_count = false, $specific_post_id = null)
{
global $post;
StaticClass::$_mail_error = get_option('_' . $form_id . '_last_mail_error', '');
//put a sanitize someone could add _mail_error text injection?
StaticClass::$_mail_error = sanitize_text_field(StaticClass::$_mail_error);
StaticClass::$_cred_container_id = isset($_POST[StaticClass::PREFIX . 'cred_container_id']) ? intval($_POST[StaticClass::PREFIX . 'cred_container_id']) : $post->ID;
//https://icanlocalize.basecamphq.com/projects/7393061-toolset/todo_items/196173458/comments
//Security Check
if (isset(StaticClass::$_cred_container_id) && !empty(StaticClass::$_cred_container_id)) {
if (!is_numeric(StaticClass::$_cred_container_id)) {
wp_die('Invalid data');
}
}
$form_count = false !== $force_count ? $force_count : StaticClass::$_staticGlobal['COUNT'];
if (false !== $force_count || !array_key_exists($form_id . '_' . StaticClass::$_staticGlobal['COUNT'], StaticClass::$_staticGlobal['CACHE'])) {
// parse and cache form
$fb = new CRED_Form_Builder();
$form_post_type = get_post_type($form_id);
$form = $form_post_type == CRED_USER_FORMS_CUSTOM_POST_NAME ? $fb->user_form($form_id, $post_id, $preview, $form_count, $specific_post_id) : $fb->form($form_id, $post_id, $preview, $form_count, $specific_post_id);
/* StaticClass::$_staticGlobal['CACHE'][$form_id.'_'.$form_count]=array(
'form' => $output,
'count' => $form_count,
'extra' => $this->_formData->getExtra(),
'css_to_use' => $this->_formData->getCSS(),
'js' => $this->getJS(),
'hide_comments' => $this->_formData->hasHideComments(),
'has_recaptcha' => $this->hasRecaptcha()
); */
StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count] = array('form' => $form, 'count' => $form_count, 'extra' => $fb->getExtra(), 'js' => $fb->getJS(), 'hide_comments' => $fb->hasHideComments(), 'has_recaptcha' => $fb->hasRecaptcha());
}
if (isset($post_id)) {
$parent_post = get_post($post_id);
}
// add filter to hide comments (new method)
if (StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count]['hide_comments'] || isset($parent_post) && $parent_post->comment_status == 'closed') {
CRED_Form_Builder_Helper::hideComments();
}
return StaticClass::$_staticGlobal['CACHE'][$form_id . '_' . $form_count]['form'];
}
public static function replaceContentWithForm($content)
{
global $post, $wp_query;
//resolve problem when view templates are added in sidebar widgets
remove_filter('the_content', array(__CLASS__, 'replaceContentWithForm'), 1000);
// if it is front page and form preview is required
if (array_key_exists('cred_form_preview', $_GET)) {
CRED_Loader::load('CLASS/Form_Builder');
return CRED_Form_Builder::getForm(intval($_GET['cred_form_preview']), null, true);
}
if (array_key_exists('cred_user_form_preview', $_GET)) {
CRED_Loader::load('CLASS/Form_Builder');
return CRED_Form_Builder::getUserForm(intval($_GET['cred_user_form_preview']), null, true);
}
global $_creds_created;
if (!isset($_creds_created)) {
$_creds_created = array();
}
if (!empty($_creds_created) && in_array($_GET['cred-edit-form'], $_creds_created)) {
return apply_filters('the_content', $content);
}
if (strpos($content, 'cred-edit-form=' . $_GET['cred-edit-form']) !== false || array_key_exists('cred-edit-form', $_GET) && !is_admin()) {
array_push($_creds_created, $_GET['cred-edit-form']);
CRED_Loader::load('CLASS/Form_Builder');
// get a localised form if exists
return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
}
if (array_key_exists('cred-edit-form', $_GET) && !is_admin()) {
if (strpos($content, 'cred-edit-form=' . $_GET['cred-edit-form']) !== false) {
array_push($_creds_created, $_GET['cred-edit-form']);
// Show if the content has a cred-edit-form link.
CRED_Loader::load('CLASS/Form_Builder');
// get a localised form if exists
return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
} else {
// Check if it's called from the_content function or wpv-post-body function.
$db = debug_backtrace();
//StaticClass::_pre($db);
foreach ($db as $n => $dbf) {
if (isset($dbf['function']) && ($dbf['function'] == 'the_content' || $dbf['function'] == 'wpv_shortcode_wpv_post_body') || $dbf['function'] == 'apply_filters' && in_array('the_content', $dbf['args'])) {
array_push($_creds_created, $_GET['cred-edit-form']);
CRED_Loader::load('CLASS/Form_Builder');
return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
}
}
// if (isset($db[3]['function']) && ($db[3]['function'] == 'the_content' || $db[3]['function'] == 'wpv_shortcode_wpv_post_body')) {
// CRED_Loader::load('CLASS/Form_Builder');
// return CRED_Form_Builder::getForm(self::getLocalisedID(intval($_GET['cred-edit-form'])), $post->ID, false);
// }
}
}
// else do nothing
return $content;
}
public static function _init_()
{
global $wp_version, $post;
// load help settings (once)
self::$help = CRED_Loader::getVar(CRED_INI_PATH . "/help.ini.php");
// set up models and db settings
CRED_Helper::prepareDB();
// needed by others
self::$settingsPage = admin_url('admin.php') . '?page=CRED_Settings';
// localize forms, support for WPML
CRED_Helper::localizeForms();
// setup custom capabilities
CRED_Helper::setupCustomCaps();
// setup custom user caps
CRED_Helper::setupCustomUserCaps();
// setup extra admin hooks for other plugins
CRED_Helper::setupExtraHooks();
if (is_admin()) {
if (self::is_embedded()) {
self::initAdmin();
} else {
CRED_Admin::initAdmin();
}
// if ($_GET['a']=='1') {
// require_once CRED_CLASSES_PATH . "/CredUserFormCreator.php";
// CredUserFormCreator::cred_create_form(time(), 'edit', array('subscriber','author'), false, false, false);
// }
} else {
// init form processing to check for submits
CRED_Loader::load('CLASS/Form_Builder');
CRED_Form_Builder::init();
}
// add form short code hooks and filters, to display forms on front end
CRED_Helper::addShortcodesAndFilters();
// handle Ajax calls
CRED_Router::addCalls(array('cred_skype_ajax' => array('nopriv' => true, 'callback' => array(__CLASS__, 'cred_skype_ajax')), 'cred-ajax-delete-post' => array('nopriv' => true, 'callback' => array(__CLASS__, 'cred_ajax_delete_post'))));
CRED_Router::addRoutes('cred', array('Forms' => 0, 'Posts' => 0, 'Settings' => 0, 'Generic_Fields' => 0));
/* CRED_Router::addPages('cred', array(
)); */
}
