public function update_user($user_id, $data)
{
include_once 'pc_form_framework.php';
$form_fw = new pc_form();
// wp-sync init
if ($this->wp_user_sync) {
include_once 'wp_user_sync.php';
global $pc_wp_user;
$is_wp_synced = $pc_wp_user->pvtc_is_synced($user_id);
} else {
$is_wp_synced = false;
}
// put array elements in $_POST globval to use validator
foreach ((array) $data as $key => $val) {
$_POST[$key] = $val;
}
/*** form structure ***/
$form_fields = array();
$require = isset($data['email']) && $form_fw->mail_is_required ? array('email') : array();
// add $data fields
foreach ((array) $data as $key => $val) {
$form_fields[] = $key;
}
/* PC-FILTER - customize required fields for user update */
$require = apply_filters('pc_update_user_required_fields', $require);
$form_structure = array('include' => array_unique($form_fields), 'require' => array_unique($require));
// if WP synced - ignore username
if ($this->wp_user_sync && $is_wp_synced) {
if (($key = array_search('username', $form_structure['include'])) !== false) {
unset($form_structure['include'][$key]);
}
}
// if password is empty - ignore
if (in_array('psw', $form_structure['include']) && (!isset($data['psw']) || empty($data['psw']))) {
if (($key = array_search('psw', $form_structure['include'])) !== false) {
unset($form_structure['include'][$key]);
}
}
// if password is ok but repeat password doesn't exist - set it
if (in_array('psw', $form_structure['include']) && !isset($data['check_psw'])) {
$_POST['check_psw'] = $data['psw'];
$data['check_psw'] = $_POST['check_psw'];
}
// validation structure
$indexes = $form_fw->generate_validator($form_structure);
// add index for disable_pvt_page
if (in_array('disable_pvt_page', $form_fields)) {
$indexes[] = array('index' => 'disable_pvt_page', 'label' => __("Disable private page", 'pc_ml'), 'type' => 'int', 'max_len' => 1);
}
/*** standard validation ***/
$is_valid = $form_fw->validate_form($indexes, array(), $user_id);
$fdata = $form_fw->form_data;
/*** advanced/custom validations ***/
if ($is_valid) {
$params = array('fdata' => $fdata, 'user_id' => $user_id, 'wp_synced' => $is_wp_synced);
$this->specific_user_check('update', $params);
if (!empty($this->validation_errors)) {
return false;
}
/* PC-FILTER - custom data validation before user insertion - pass/return HTML code for error message */
$this->validation_errors = apply_filters('pc_update_user_data_check', $this->validation_errors, $fdata);
if (!empty($this->validation_errors)) {
return false;
}
}
// abort or update
if (!$is_valid) {
$this->validation_errors = $form_fw->errors;
return false;
} else {
$this->validation_errors = '';
/*** update user ***/
// prepare query array with fixed fields
$query_arr = array();
foreach ($this->fixed_fields as $ff) {
if (isset($fdata[$ff])) {
switch ($ff) {
case 'categories':
$val = serialize((array) $fdata[$ff]);
break;
case 'psw':
$val = $this->encrypt_psw($fdata[$ff]);
break;
default:
$val = isset($fdata[$ff]) ? $fdata[$ff] : false;
break;
}
if ($val !== false) {
$query_arr[$ff] = $val;
}
// sanitize known data for saving
if (isset($query_arr['disable_pvt_page'])) {
$query_arr['disable_pvt_page'] = (int) $query_arr['disable_pvt_page'];
}
}
}
// only if there are fixed fields to save
if (!empty($query_arr)) {
$result = $this->db->update(PC_USERS_TABLE, $query_arr, array('id' => (int) $user_id));
} else {
$result = 0;
// simulate "no fields updated" response
}
if ($result === false) {
// if data is same, returns 0. Check for false
$this->debug_note(__('Error updating user data into database', 'pc_ml'));
$this->validation_errors = __('Error updating user data into database', 'pc_ml');
return false;
} else {
// if is wp-synced
if ($this->wp_user_sync && $is_wp_synced) {
$wp_user_id = $pc_wp_user->sync_wp_user($fdata, $is_wp_synced->ID);
}
// update metas
$this->save_meta_fields($user_id, $form_structure['include'], $fdata);
/* PC-ACTION - triggered when user is updated - passes user id */
do_action('pc_user_updated', $user_id);
return true;
}
}
}
function pc_register_user()
{
global $wpdb, $pc_users;
if (isset($_POST['type']) && $_POST['type'] == 'pc_registration') {
require_once PC_DIR . '/classes/pc_form_framework.php';
require_once PC_DIR . '/classes/recaptchalib.php';
include_once PC_DIR . '/functions.php';
////////// VALIDATION ////////////////////////////////////
$term = get_term((int) $_REQUEST['form_id'], 'pc_reg_form');
if (!$term) {
$mess = json_encode(array('resp' => 'error', 'mess' => __('Form not found', 'pc_ml')));
die($mess);
}
$GLOBALS['pc_custom_cat_name'] = true;
$f_fw = new pc_form(array('use_custom_cat_name' => true, 'strip_no_reg_cats' => true));
$form_structure = unserialize(base64_decode($term->description));
$antispam = get_option('pg_antispam_sys', 'honeypot');
// custom validation indexes
$custom_indexes = array();
$indexes = $f_fw->generate_validator($form_structure, $custom_indexes);
//// prior custom validation
$cust_errors = array();
if ($antispam == 'honeypot') {
if (!$f_fw->honeypot_validaton()) {
$cust_errors[] = "Antispam - we've got a bot here!";
}
} else {
$privatekey = "6LfQas0SAAAAAIzpthJ7UC89nV9THR9DxFXg3nVL";
$resp = pc_recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
//var_dump($resp->is_valid);
if (!$resp->is_valid) {
$cust_errors[] = "reCAPTCHA - " . __("wasn't entered correctly", 'pc_ml');
}
}
// check disclaimer
if (get_option('pg_use_disclaimer') && !isset($_POST['pc_disclaimer'])) {
$cust_errors[] = __("Disclaimer", 'pc_ml') . " - " . __("must be accepted to proceed with registration", 'pc_ml');
}
// validation wrap-up
$is_valid = $f_fw->validate_form($indexes, $cust_errors, false, false);
$fdata = $f_fw->form_data;
if (!$is_valid) {
$error = $f_fw->errors;
} else {
$status = get_option('pg_registered_pending') ? 3 : 1;
$allow_wp_sync_fail = !get_option('pg_require_wps_registration') ? true : false;
// if no categories field - use forced or default ones
if (!isset($fdata['categories'])) {
$fdata['categories'] = isset($_POST['pc_cc']) && !empty($_POST['pc_cc']) ? explode(',', $_POST['pc_cc']) : get_option('pg_registration_cat');
if (isset($_POST['pc_cc']) && !empty($_POST['pc_cc'])) {
$GLOBALS['pc_escape_no_reg_cats'] = true;
}
// flag to bypass reg cats restrictions
}
// private page switch - put in form data
$fdata['disable_pvt_page'] = get_option('pg_registered_pvtpage') ? 0 : 1;
// insert user
$result = $pc_users->insert_user($fdata, $status, $allow_wp_sync_fail);
if (!$result) {
$error = $pc_users->validation_errors;
}
}
// results
if (isset($error) && !empty($error)) {
$mess = json_encode(array('resp' => 'error', 'mess' => $error));
die($mess);
} else {
// PC-ACTION - registered user - passes new user ID and status
do_action('pc_registered_user', $result, $status);
// success message
$mess = json_encode(array('resp' => 'success', 'mess' => pc_get_message('pc_default_sr_mex'), 'redirect' => pc_man_redirects('pg_registered_user_redirect')));
die($mess);
}
die;
// security block
}
}
function pcud_handle_custom_form()
{
if (isset($_POST['type']) && $_POST['type'] == 'pcud_cf_submit') {
require_once PC_DIR . '/classes/pc_form_framework.php';
require_once PCUD_DIR . '/functions.php';
global $wpdb, $pc_users;
$f_fw = new pc_form();
$form_id = (int) $_POST['pcud_fid'];
// check for logged users
$pc_logged = pc_user_logged(false);
if (!$pc_logged && !current_user_can(get_option('pg_min_role', 'upload_files'))) {
die(json_encode(array('resp' => 'error', 'mess' => __('You must be logged to use this form', 'pcud_ml'))));
}
////////// VALIDATION ////////////////////////////////////
// get form structure
$term = get_term_by('id', $form_id, 'pcud_forms');
if (empty($term)) {
die(json_encode(array('resp' => 'error', 'mess' => __('Form not found', 'pcud_ml'))));
}
if (empty($term->description)) {
// retrocompatibility
$form_fields = (array) get_option('pcud_form_' . $form_id, array());
} else {
$form_fields = unserialize(base64_decode($term->description));
}
$indexes = $f_fw->generate_validator(pcud_v2_field_names_sanitize($form_fields));
$is_valid = $f_fw->validate_form($indexes, $cust_errors = array(), false, false);
$fdata = $f_fw->form_data;
if (!$is_valid) {
$error = $f_fw->errors;
} else {
// check for redirects
if (isset($form_fields['redirect']) && !empty($form_fields['redirect'])) {
$redirect = $form_fields['redirect'] == 'custom' ? $form_fields['cust_redir'] : get_permalink($form_fields['redirect']);
} else {
$redirect = '';
}
// if not PC user - stop here
if (!$pc_logged) {
die(json_encode(array('resp' => 'success', 'mess' => __('Form submitted successfully.<br/> Not logged as PrivateContent user, nothing has been saved', 'pcud_ml'), 'redirect' => $redirect)));
}
// update user
$result = $pc_users->update_user($GLOBALS['pc_user_id'], $fdata);
if (!$result) {
$error = $pc_users->validation_errors;
}
}
// results
if (isset($error) && !empty($error)) {
die(json_encode(array('resp' => 'error', 'mess' => $error)));
} else {
// if is updating password - sync also cookie
if (isset($fdata['psw'])) {
$encrypted = $pc_users->get_user_field($user_id, $field);
setcookie('pc_user', $GLOBALS['pc_user_id'] . '|||' . $encrypted, time() + 3600 * 6, '/');
}
// PCUD-ACTION - user updated its data - passes form data
do_action('pcud_user_updated_data', $fdata);
// success message
$mess = json_encode(array('resp' => 'success', 'mess' => __('Data saved succesfully', 'pc_ml'), 'redirect' => $redirect));
die($mess);
}
die;
// security block
}
}
