private function _activateMail() { global $guiform, $wpdb; $mv_code = esc_sql(trim($_GET['mv-code'])); $id = $_REQUEST[$guiform->getOption('permalink')->value['value']]; $data = $wpdb->get_row($wpdb->prepare("SELECT name, value FROM {$wpdb->guiform_options} WHERE id = %d", $id)); $row = unserialize($data->value); if ($row['key'] == $mv_code) { $row['key'] = ''; $row['status'] = 1; $guiform->updateOption($data->name, $row, 'mail', $id); $blog_id = get_current_blog_id(); $path = "admin.php?page=guiform-settings&tab=mail"; $path = get_admin_url($blog_id, $path); $html = "<strong>Congratulations!</strong><br /><br />\n\t\t\t\t\t\t\tYou can now use " . $data->name . " for sending confirmation message with your form.<br /><br />\n\t\t\t\t\t\t\t<a href=\"{$path}\">Click here to continue.</a><br /><br />"; echo GuiForm_Module_Ajax::emailTpl($html); } else { $blog_id = get_current_blog_id(); $path = "admin.php?page=guiform-settings&tab=mail"; $path = get_admin_url($blog_id, $path); $html = "<strong>Invalid Code!</strong><br /><br />\n\t\t\t\t\t\t\tYou entered invalid email verification code. Please check your email or send a new verification code request.<br /><br />\n\t\t\t\t\t\t\t<a href=\"{$path}\">Click here to continue.</a><br /><br />"; echo GuiForm_Module_Ajax::emailTpl($html); } die; }
/** * Save form entry to database. * * @since 1.0 * @access public */ public function saveEntry() { global $wpdb, $guiform, $wp; $unique = esc_sql($_POST['unique']); $fields = array(); $table = $wpdb->guiform_form; $guiform->createUploadDir(); $form = $guiform->form($this->_id); $unique = esc_html($_POST["guiform_unique"]); if (isset($_POST['guiform-upload'])) { $this->field = str_replace("[]", "", esc_html($_POST["guiform-upload"])); $this->item = esc_html($_POST["guiform-item"]); $guiform_fields = $guiform->form($this->_id, 'data'); $file_id = esc_html($_POST["guiform-file"]); $ext = pathinfo($_FILES[$this->field]["name"][0], PATHINFO_EXTENSION); if (isset($guiform_fields[$this->item])) { $data = $guiform_fields[$this->item]; $file_name = $_FILES[$this->field]["name"][0]; $file_size = $_FILES[$this->field]["size"][0]; if (!in_array($ext, $data['validation']['extension'])) { $data = array('id' => $file_id, 'item' => $this->item, 'field' => $this->field, 'file' => $file_name, 'message' => __("Upload failed, invalid file type !", GuiForm_Plugin::NAME)); $this->error = $data; } else { if ($file_size > $guiform->formatBytes($data['validation']['maxsize'])) { $data = array('id' => $file_id, 'item' => $this->item, 'field' => $this->field, 'file' => $file_name, 'message' => __("Upload failed, file is too large !", GuiForm_Plugin::NAME)); $this->error = $data; } else { $day = date('j', time()); $file = $day . '-' . self::_randomString(11) . '.' . $ext; if (move_uploaded_file($_FILES[$this->field]['tmp_name'][0], $guiform->tempDir($file))) { $data = array('id' => $file_id, 'item' => $this->item, 'field' => $this->field, 'name' => $file_name, 'file' => $file, 'path' => date('Y') . '/' . date('n') . '/' . $day, 'size' => $file_size, 'type' => $ext); echo json_encode(array('status' => 'success', 'id' => $this->_id, 'info' => $data)); } else { $data = array('id' => $file_id, 'item' => $this->item, 'field' => $this->field, 'file' => $file_name, 'message' => __("Unknown error occurred !", GuiForm_Plugin::NAME)); $this->error = $data; } } } } //Check for error before we continue. self::_displayError(); die; } else { unset($_POST['form']); unset($_POST['action']); unset($_POST['submit']); unset($_POST['reset']); $formFields = unserialize($form->data); $FILES = array(); $xhrFields = array(); $data_files = array(); if (sizeof($formFields) == 0) { $this->_sendResponse(array('status' => 'fail', 'message' => __("Unable to process you form!", GuiForm_Plugin::NAME))); } if (isset($_POST["guiform-xhrData"])) { $xhrData = json_decode(stripslashes($_POST["guiform-xhrData"])); foreach ($xhrData as $data) { $FILES[$data->file] = array('name' => $data->name, 'path' => $data->path, 'size' => $data->size, 'field' => $data->field); $xhrFields[] = $data->field; } $xhrFields = array_unique($xhrFields); } foreach ($formFields as $key => $props) { $this->field = $props['name']; $this->value = $_POST[$this->field]; $this->item = $key; $args = array('field' => $this->field, 'item' => $this->item, 'value' => $this->value); $required = filter_var($props['validation']['required'], FILTER_VALIDATE_BOOLEAN); if ($required && $props['type'] != 'f_file' && $_POST[$this->field] != "0" && (!isset($_POST[$this->field]) || empty($_POST[$this->field]))) { $this->error[$this->item] = __('This field is required.', GuiForm_Plugin::NAME); } else { if ($props['type'] == 'f_file') { //echo $props['type']; $multiple = filter_var($props['properties']['multiple'], FILTER_VALIDATE_BOOLEAN); if ($required && (isset($_FILES[$this->field]['name']) || self::recursiveSearch($this->field, $FILES) == false)) { $this->error[$this->item] = __('This field is required.', GuiForm_Plugin::NAME); } else { if ($multiple) { foreach ($FILES as $key => $file) { if (in_array($this->field, $file)) { $this->value[$key] = $file; } } $this->esc[] = '%s'; } else { if (isset($_FILES[$this->field]) && !empty($_FILES[$this->field]["name"])) { $ext = pathinfo($_FILES[$this->field]["name"], PATHINFO_EXTENSION); $file_size = $_FILES[$this->field]["size"]; $file_name = $_FILES[$this->field]["name"]; if (!in_array($ext, $props['validation']['extension'])) { $this->error[$this->item] = __("Upload failed, invalid file type !", GuiForm_Plugin::NAME); } else { if ($file_size > $guiform->formatBytes($props['validation']['maxsize'])) { $this->error[$this->item] = __("Upload failed, file is too large !", GuiForm_Plugin::NAME); } else { $day = date('j', time()); $file = $day . '-' . self::_randomString(11) . '.' . $ext; $path = date('Y') . '/' . date('n') . '/' . $day; $this->value[$file] = array('name' => $file_name, 'path' => $path, 'field' => $this->field, 'size' => $file_size, 'type' => $ext); $data_files[$file] = array('file' => $_FILES[$this->field]['tmp_name'], 'path' => $path); $this->esc[] = '%s'; } } } } } } else { if ($props['type'] == 'f_email' || $props['type'] == 'f_text' || $props['validation']['text'] == "email") { self::validText($props['validation']['text'], $props); $this->value = esc_html($this->value); $this->esc[] = $props['validation']['text'] == "numeric" ? '%d' : '%s'; } else { if ($props['type'] == 'f_link') { if (filter_var($this->value, FILTER_VALIDATE_URL) || empty($this->value)) { $this->value = esc_url_raw($this->value); $this->esc[] = '%s'; } else { $this->error[$this->item] = __('Please enter a valid URL.', GuiForm_Plugin::NAME); } } else { if ($props['type'] == 'f_checkbox') { if (!empty($this->value)) { $this->value = array_map('esc_html', $this->value); foreach ($this->value as $checked) { if (in_array($checked, $props['validation']['array']) == false) { $this->error[$this->item] = __("Invalid selected value.", GuiForm_Plugin::NAME); } } } $this->esc[] = '%s'; } else { if ($props['type'] == 'f_radio' || $props['type'] == 'f_select') { if (in_array($this->value, $props['validation']['array']) == false && !empty($this->value)) { $this->error[$this->item] = __("Invalid selected value.", GuiForm_Plugin::NAME); } else { $this->esc[] = '%s'; } } else { if ($props['type'] == 'f_spinner') { if (is_numeric($this->value)) { if ($this->value > $props['validation']['max_value']) { $this->error[$this->item] = __("You enter higher than the maximum required value.", GuiForm_Plugin::NAME); } else { if ($this->value < $props['validation']['min_value']) { $this->error[$this->item] = __("You enter lower than the minimum required value.", GuiForm_Plugin::NAME); } else { $this->esc[] = '%d'; } } } else { if ($required) { $this->error[$this->item] = __("Invalid input number.", GuiForm_Plugin::NAME); } } } else { if ($props['type'] == 'f_textarea') { $this->value = esc_textarea($this->value); $this->esc[] = '%s'; } else { if ($props['type'] == 'f_password') { if (strlen($this->value) < (int) $props['validation']['minimum_length'] && !empty($props['validation']['minimum_length'])) { $this->error[$this->item] = sprintf(__('The password must be at least %d characters.', GuiForm_Plugin::NAME), $props['validation']['minimum_length']); } else { $this->esc[] = '%s'; } } else { if ($props['type'] == 'f_confirm_password') { if ($this->value != $_POST[$props['validation']['compare']]) { $this->error[$this->item] = __("Password doesn't match.", GuiForm_Plugin::NAME); } } else { $this->value = esc_html($this->value); $this->esc[] = '%s'; } } } } } } } } } } if (has_filter($this->_hookFilter . 'validate_entry')) { $filter["error"] = false; $filter = apply_filters($this->_hookFilter . 'validate_entry', $args, $props); if ($filter["error"] == true) { $this->error[$this->item] = $filter["error_message"]; } else { $this->value = $filter["value"]; } unset($filter); } $fields[$this->field] = is_array($this->value) ? serialize($this->value) : esc_sql($this->value); if ($props['type'] == 'f_confirm_password') { unset($fields[$this->field]); } if (has_action($this->_hookAction . 'unset_field')) { $filter["error"] = false; $filter = do_action($this->_hookAction . 'unset_field', $args, $props); unset($filter); } } } //Check for error before we continue. self::_displayError(); $fields['guiform_ip'] = $guiform->ip; $esc[] = '%s'; $fields['guiform_os'] = $guiform->browser->getPlatform(); $esc[] = '%s'; $fields['guiform_browser'] = $guiform->browser->getBrowser(); $esc[] = '%s'; if (has_filter($this->_hookFilter . 'before_save_entry')) { $fields = apply_filters($this->_hookFilter . 'before_save_entry', $fields); } if ($form->save_entry) { $wpdb->insert($table . $this->_id, $fields, $this->esc); $insert_id = $wpdb->insert_id; } if (has_action($this->_hookAction . 'save_entry')) { $form->entry_id = $insert_id; $form->form_id = $this->_id; do_action($this->_hookAction . 'save_entry', $fields, $form); } if (sizeof($FILES) > 0) { foreach ($FILES as $key => $file) { $temp = $guiform->tempFolder . '/' . $file['path'] . '/' . $key; $upload = $guiform->uploadFolder($key, $file['path']); @rename($temp, $upload); } } if (sizeof($data_files) > 0) { foreach ($data_files as $file => $tmp) { @move_uploaded_file($tmp['file'], $guiform->uploadFolder($file, $tmp['path'])); } } self::_checkError(); if (!empty($this->error_type)) { self::sendResponse(array('status' => 'error', 'id' => $this->_id, 'message' => $this->errorMessage)); } else { $settings = $guiform->getFormSettings($this->_id); $response = array(); $index = 0; $countNotification = 0; if (sizeof($settings)) { foreach ($settings as $key => $value) { $data = unserialize($value->value); $type = $value->type; if ($type == 'confirmation' || $type == 'notification' && $data['status']) { if ($type == 'confirmation') { $index = 'confirmation'; $message = $type == 'confirmation' && $data['type'] == "redirect" ? "url" : "custom"; $response[$index]['type'] = $data['type']; } if ($type == 'notification') { $index = (int) $index; $message = 'message'; $response[$index]["form-id"] = $this->_id; $response[$index]["attachment"] = $data['attachment']; $response[$index]['to'] = $data['to']; $response[$index]['cc'] = $data['cc']; $response[$index]['bcc'] = $data['bcc']; $response[$index]['reply-to'] = $data['reply-to']; $response[$index]["from"] = $data['from']; $response[$index]['subject'] = $data['subject']; $response[$index]["subject"] = str_replace("{guiform_ip}", $guiform->ip, $response[$index]["subject"]); $response[$index]["subject"] = str_replace("{guiform_os}", $guiform->os, $response[$index]["subject"]); $response[$index]["subject"] = str_replace("{guiform_browser}", $guiform->browser->getBrowser(), $response[$index]["subject"]); $response[$index]["subject"] = str_replace("{id}", $insert_id, $response[$index]["subject"]); } $response[$index][$message] = stripcslashes($data[$message]); $response[$index][$message] = str_replace("{guiform_ip}", $guiform->ip, $response[$index][$message]); $response[$index][$message] = str_replace("{guiform_os}", $guiform->os, $response[$index][$message]); $response[$index][$message] = str_replace("{guiform_browser}", $guiform->browser->getBrowser(), $response[$index][$message]); $response[$index][$message] = str_replace("{id}", $insert_id, $response[$index][$message]); if (preg_match_all('/{([^}]*)}/', $response[$index][$message], $matches)) { foreach ($matches[1] as $key) { if ($guiform->isSerial($fields[$key])) { $count = 0; $html = "<ul style='margin: 0px; padding: 0px; list-style-position: inside;'>"; foreach (unserialize($fields[$key]) as $row => $val) { if (is_array($val)) { $file = $guiform->uploadFolder($row, $val['path'], true); $html .= "<li><a target='_blank' href='{$file}'>" . $val['name'] . "</a></li>"; $count++; } else { if (!empty($val)) { $html .= "<li>{$val}</li>"; $count++; } } } $html .= '</ul>'; $fields[$key] = $count > 0 ? $html : ''; } $response[$index][$message] = str_replace("{{$key}}", $fields[$key], $response[$index][$message]); } } if (preg_match_all('/{([^}]*)}/', $response[$index]["subject"], $matches)) { foreach ($matches[1] as $key) { $response[$index]['subject'] = str_replace("{{$key}}", $fields[$key], $response[$index]['subject']); } } if (preg_match_all('/{([^}]*)}/', $response[$index]['to'], $matches)) { foreach ($matches[1] as $key) { $response[$index]['to'] = str_replace("{{$key}}", $fields[$key], $response[$index]['to']); } } if (preg_match_all('/{([^}]*)}/', $response[$index]['cc'], $matches)) { foreach ($matches[1] as $key) { $response[$index]['cc'] = str_replace("{{$key}}", $fields[$key], $response[$index]['cc']); } } if (preg_match_all('/{([^}]*)}/', $response[$index]['bcc'], $matches)) { foreach ($matches[1] as $key) { $response[$index]['bcc'] = str_replace("{{$key}}", $fields[$key], $response[$index]['bcc']); } } if (preg_match_all('/{([^}]*)}/', $response[$index]['reply-to'], $matches)) { foreach ($matches[1] as $key) { $response[$index]['reply-to'] = str_replace("{{$key}}", $fields[$key], $response[$index]['reply-to']); } } if (preg_match_all('/{([^}]*)}/', $response[$index]["from"], $matches)) { foreach ($matches[1] as $key) { $response[$index]['from'] = str_replace("{{$key}}", $fields[$key], $response[$index]['from']); } } if ($type == 'notification' && $countNotification < 1) { if (is_email($response[$index]['from'])) { GuiForm_Module_Ajax::mailer('mail', $response[$index]); } $countNotification++; unset($response[$index]); } } $index++; } } isset($_POST['unique']) ? die(json_encode($response)) : die(self::tooString($response)); } }