<?php
$searchTxt = esc_attr(appthemes_filter(get_search_query()));
if (empty($searchTxt) || $searchTxt == __('What are you looking for?', APP_TD)) {
$searchTxt = '*';
}
//echo $wp_query->request;
?>
<div class="content">
<div class="content_botbg">
<div class="content_res">
<div id="breadcrumb">
<?php
//if ( function_exists('cp_breadcrumb') ) cp_breadcrumb();
?>
<div id="crumbs"><a href="<?php
echo get_site_url();
?>
">Home</a> » Search<span class="current"></span></div>
</div><!-- /breadcrumb -->
<!-- left block -->
<div class="content_left">
<div class="shadowblock_out">
function cp_update_listing()
{
global $wpdb, $cp_options;
// check to see if html is allowed
if (!$cp_options->allow_html) {
$post_content = appthemes_filter($_POST['post_content']);
} else {
$post_content = wp_kses_post($_POST['post_content']);
}
// keep only numeric, commas or decimal values
if (!empty($_POST['cp_price'])) {
$_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
}
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
}
// put all the ad elements into an array
// these are the minimum required fields for WP (except tags)
$update_ad = array();
$update_ad['ID'] = trim($_POST['ad_id']);
$update_ad['post_title'] = appthemes_filter($_POST['post_title']);
$update_ad['post_content'] = trim($post_content);
if ($cp_options->moderate_edited_ads) {
$update_ad['post_status'] = 'pending';
}
// update the ad and return the ad id
$post_id = wp_update_post($update_ad);
if (!$post_id) {
return false;
}
//update post custom taxonomy "ad_tags"
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
$settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
}
// assemble the comma separated hidden fields back into an array so we can save them.
$metafields = explode(',', $_POST['custom_fields_vals']);
// loop through all custom meta fields and update values
foreach ($metafields as $name) {
if (!isset($_POST[$name])) {
delete_post_meta($post_id, $name);
} else {
if (is_array($_POST[$name])) {
delete_post_meta($post_id, $name);
foreach ($_POST[$name] as $checkbox_value) {
add_post_meta($post_id, $name, wp_kses_post($checkbox_value));
}
} else {
update_post_meta($post_id, $name, wp_kses_post($_POST[$name]));
}
}
}
cp_action_update_listing($post_id);
return $post_id;
}
function cp_add_new_listing($advals)
{
global $wpdb;
$new_tags = '';
$ad_length = '';
$attach_id = '';
$the_attachment = '';
// tags are tricky and need to be put into an array before saving the ad
if (!empty($advals['tags_input'])) {
$new_tags = explode(',', $advals['tags_input']);
}
// put all the new ad elements into an array
// these are the minimum required fields for WP (except tags)
$new_ad = array();
$new_ad['post_title'] = appthemes_filter($advals['post_title']);
$new_ad['post_content'] = trim($advals['post_content']);
$new_ad['post_status'] = 'pending';
// no longer setting final status until after images are set
$new_ad['post_author'] = 0;
if (!empty($_SESSION['anonym']) && $_SESSION['anonym'] != '') {
$new_ad['post_author'] = 0;
} else {
$new_ad['post_author'] = $advals['user_id'];
}
$new_ad['post_type'] = APP_POST_TYPE;
// make sure the WP sanitize_post function doesn't strip out embed & other html
if (get_option('cp_allow_html') == 'yes') {
$new_ad['filter'] = true;
}
//print_r($new_ad).' <- new ad array<br>';
// insert the new ad
$post_id = wp_insert_post($new_ad);
//set the custom post type categories
wp_set_post_terms($post_id, appthemes_filter($advals['cat']), APP_TAX_CAT, false);
//set the custom post type tags
wp_set_post_terms($post_id, $new_tags, APP_TAX_TAG, false);
//$location = get_field('location');
//**************************************EKLEME**********************************************
// Google Maps ten Pozisyon Seçilmiþse O pozisyonu kaydeder seçimemiþse adresten bulur
if (!empty($_SESSION['kordinat']) && $_SESSION['kordinat'] != '') {
$category = get_the_terms($post_id, 'ad_cat');
$address1 = explode('|', $_SESSION['kordinat']);
$address2 = explode(',', $address1[1]);
cp_add_geocode($post_id, $category[0]->name, $address2[0], $address2[1]);
$_SESSION['kordinat'] = '';
} else {
$_SESSION['kordinat'] == 'yok';
}
//************************************************************************************
// the unique order ID we created becomes the ad confirmation ID
// we will use this for payment systems and for activating the ad
// later if need be. it needs to start with cp_ otherwise it won't
// be loaded in with the ad so let's give it a new name
$advals['cp_sys_ad_conf_id'] = $advals['oid'];
// get the ad duration and first see if ad packs are being used
// if so, get the length of time in days otherwise use the default
// prune period defined on the CP settings page
if (isset($advals['pack_duration'])) {
$ad_length = $advals['pack_duration'];
} else {
$ad_length = get_option('cp_prun_period');
}
// set the ad listing expiration date and put into a session
$ad_expire_date = date_i18n('m/d/Y H:i:s', strtotime('+' . $ad_length . ' days'));
// don't localize the word 'days'
$advals['cp_sys_expire_date'] = $ad_expire_date;
$advals['cp_sys_ad_duration'] = $ad_length;
// now add all the custom fields into WP post meta fields
foreach ($advals as $meta_key => $meta_value) {
if (appthemes_str_starts_with($meta_key, 'cp_') && !is_array($advals[$meta_key])) {
add_post_meta($post_id, $meta_key, $meta_value, true);
}
if (appthemes_str_starts_with($meta_key, 'cp_') && is_array($advals[$meta_key])) {
foreach ($advals[$meta_key] as $checkbox_value) {
add_post_meta($post_id, $meta_key, $checkbox_value);
}
}
}
// if they checked the box for a featured ad, then make the post sticky
if (isset($advals['featured_ad'])) {
stick_post($post_id);
}
if (isset($advals['attachment'])) {
$the_attachment = $advals['attachment'];
// associate the already uploaded images to the new ad and create multiple image sizes
$attach_id = cp_associate_images($post_id, $the_attachment, true);
}
// set the thumbnail pic on the WP post
//cp_set_ad_thumbnail($post_id, $attach_id);
//last step is to publish the ad when its appropriate to publish immediately
$final_status = cp_set_post_status($advals);
if ($final_status == 'publish') {
$final_post = array();
$final_post['ID'] = $post_id;
$final_post['post_status'] = $final_status;
$update_result = wp_update_post($final_post);
}
// kick back the post id in case we want to use it
return $post_id;
}
function cp_contact_ad_owner_email2($post_id, $files)
{
$errors = new WP_Error();
// check for required post data
$expected = array('from_name', 'from_email', 'subject', 'message');
foreach ($expected as $field_name) {
if (empty($_POST[$field_name])) {
$errors->add('empty_field', __('ERROR: All fields are required.', APP_TD));
return $errors;
}
}
// check for required anti-spam post data
$expected_numbers = array('rand_total', 'rand_num', 'rand_num2');
foreach ($expected_numbers as $field_name) {
if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) {
$errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
return $errors;
}
}
// verify captcha answer
$rand_post_total = (int) $_POST['rand_total'];
$rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2'];
if ($rand_total != $rand_post_total) {
$errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
}
// verify email
if (!is_email($_POST['from_email'])) {
$errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD));
}
// verify post
$post = get_post($post_id);
if (!$post) {
$errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD));
}
if ($errors->get_error_code()) {
return $errors;
}
$mailto = get_the_author_meta('user_email', $post->post_author);
$from_name = appthemes_filter(appthemes_clean($_POST['from_name']));
$from_email = appthemes_clean($_POST['from_email']);
$subject = appthemes_filter(appthemes_clean($_POST['subject']));
$posted_message = appthemes_filter(appthemes_clean($_POST['message']));
$sitename = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES);
$siteurl = home_url('/');
$permalink = get_permalink($post_id);
$message = sprintf(__('Someone is interested in your ad listing: %s', APP_TD), $permalink) . "\r\n\r\n";
$message .= '"' . wordwrap($posted_message, 70) . '"' . "\r\n\r\n";
$message .= sprintf(__('Name: %s', APP_TD), $from_name) . "\r\n";
$message .= sprintf(__('E-mail: %s', APP_TD), $from_email) . "\r\n\r\n";
$message .= '-----------------------------------------' . "\r\n";
$message .= sprintf(__('This message was sent from %s', APP_TD), $sitename) . "\r\n";
$message .= $siteurl . "\r\n\r\n";
$message .= __('Sent from IP Address: ', APP_TD) . appthemes_get_ip() . "\r\n\r\n";
$email = array('to' => $mailto, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name);
$email = apply_filters('cp_email_user_ad_contact', $email, $post_id);
APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true));
$resumes = explode(',', $files[0]);
$attachments = array();
foreach ($resumes as $resume) {
array_push($attachments, WP_CONTENT_DIR . '/themes/classiclean/server/files/' . $resume);
}
wp_mail($email['to'], $email['subject'], $email['message'], null, $attachments);
return $errors;
}
function cp_update_listing()
{
global $wpdb;
// check to see if html is allowed
if (get_option('cp_allow_html') != 'yes') {
$post_content = appthemes_filter($_POST['post_content']);
} else {
$post_content = $_POST['post_content'];
}
// keep only numeric, commas or decimal values
if (!empty($_POST['cp_price'])) {
$_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
}
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
}
// put all the ad elements into an array
// these are the minimum required fields for WP (except tags)
$update_ad = array();
$update_ad['ID'] = trim($_POST['ad_id']);
$update_ad['post_title'] = appthemes_filter($_POST['post_title']);
$update_ad['post_content'] = trim($post_content);
//$update_ad['post_category'] = array((int)appthemes_filter($_POST['cat'])); // maybe use later if we decide to let users change categories
//print_r($update_ad).' <- new ad array<br>'; // for debugging
// update the ad and return the ad id
$post_id = wp_update_post($update_ad);
if ($post_id) {
//update post custom taxonomy "ad_tags"
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
$settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
//echo 'Update Tags or Erro:'.print_r($settags, true);
}
// assemble the comma separated hidden fields back into an array so we can save them.
$metafields = explode(',', $_POST['custom_fields_vals']);
// loop through all custom meta fields and update values
foreach ($metafields as $name) {
if (!isset($_POST[$name])) {
delete_post_meta($post_id, $name);
} else {
if (is_array($_POST[$name])) {
delete_post_meta($post_id, $name);
foreach ($_POST[$name] as $checkbox_value) {
add_post_meta($post_id, $name, $checkbox_value);
}
} else {
update_post_meta($post_id, $name, $_POST[$name]);
}
}
}
$result = $post_id;
cp_action_update_listing($post_id);
} else {
// the ad wasn't updated
$result = false;
}
return $result;
}
function cp_notify_ad_owner_email($new_status, $old_status, $post)
{
global $current_user, $wpdb;
//$contributor = get_userdata($post->post_author);
$the_ad = get_post($post->ID);
$category = appthemes_get_custom_taxonomy($post->ID, APP_TAX_CAT, 'name');
$ad_title = stripslashes($the_ad->post_title);
$ad_cat = stripslashes($category);
$ad_author_id = stripslashes(get_the_author_meta('ID', $the_ad->post_author));
$ad_author = stripslashes(get_the_author_meta('user_login', $the_ad->post_author));
$ad_author_email = stripslashes(get_the_author_meta('user_email', $the_ad->post_author));
$ad_status = stripslashes($the_ad->post_status);
$ad_content = appthemes_filter(stripslashes($the_ad->post_content));
$siteurl = trailingslashit(get_option('home'));
$dashurl = trailingslashit(CP_DASHBOARD_URL);
// check to see if ad is legacy or not
if (get_post_meta($post->ID, 'email', true)) {
$mailto = get_post_meta($post->ID, 'email', true);
} else {
$mailto = $ad_author_email;
}
//$mailto = 'tester@127.0.0.1'; // USED FOR TESTING
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
// make sure the admin wants to send emails
$send_approved_email = get_option('cp_new_ad_email_owner');
$send_expired_email = get_option('cp_expired_ad_email_owner');
// if the ad has been approved send email to ad owner only if owner is not equal to approver
// admin approving own ads or ad owner pausing and reactivating ad on his dashboard don't need to send email
if ($old_status == 'pending' && $new_status == 'publish' && $current_user->ID != $ad_author_id && $send_approved_email == 'yes') {
$subject = __('Your Ad Has Been Approved', 'appthemes');
$headers = 'From: ' . sprintf(__('%s Admin', 'appthemes'), $blogname) . ' <' . get_option('admin_email') . '>' . "\r\n";
$message = sprintf(__('Hi %s,', 'appthemes'), $ad_author) . "\r\n\r\n";
$message .= sprintf(__('Your ad listing, "%s" has been approved and is now live on our site.', 'appthemes'), $ad_title) . "\r\n\r\n";
$message .= __('You can view your ad by clicking on the following link:', 'appthemes') . "\r\n";
$message .= get_permalink($post->ID) . "\r\n\r\n\r\n\r\n";
$message .= __('Regards,', 'appthemes') . "\r\n\r\n";
$message .= sprintf(__('Your %s Team', 'appthemes'), $blogname) . "\r\n";
$message .= $siteurl . "\r\n\r\n\r\n\r\n";
// ok let's send the email
wp_mail($mailto, $subject, $message, $headers);
// if the ad has expired, send an email to the ad owner only if owner is not equal to approver
} elseif ($old_status == 'publish' && $new_status == 'draft' && $current_user->ID != $ad_author_id && $send_expired_email == 'yes') {
$subject = __('Your Ad Has Expired', 'appthemes');
$headers = 'From: ' . sprintf(__('%s Admin', 'appthemes'), $blogname) . ' <' . get_option('admin_email') . '>' . "\r\n";
$message = sprintf(__('Hi %s,', 'appthemes'), $ad_author) . "\r\n\r\n";
$message .= sprintf(__('Your ad listing, "%s" has expired.', 'appthemes'), $ad_title) . "\r\n\r\n";
if (get_option('cp_allow_relist') == 'yes') {
$message .= __('If you would like to relist your ad, please visit your dashboard and click the "relist" link.', 'appthemes') . "\r\n";
$message .= $dashurl . "\r\n\r\n\r\n\r\n";
}
$message .= __('Regards,', 'appthemes') . "\r\n\r\n";
$message .= sprintf(__('Your %s Team', 'appthemes'), $blogname) . "\r\n";
$message .= $siteurl . "\r\n\r\n\r\n\r\n";
// ok let's send the email
wp_mail($mailto, $subject, $message, $headers);
}
}
function cp_add_new_listing($advals, $renew_id = false)
{
global $wpdb, $cp_options;
$new_tags = '';
$ad_length = '';
$attach_id = '';
$the_attachment = '';
// check to see if html is allowed
if (!$cp_options->allow_html) {
$post_content = appthemes_filter($advals['post_content']);
} else {
$post_content = wp_kses_post($advals['post_content']);
}
// tags are tricky and need to be put into an array before saving the ad
if (!empty($advals['tags_input'])) {
$new_tags = explode(',', $advals['tags_input']);
}
// put all the new ad elements into an array
// these are the minimum required fields for WP (except tags)
$new_ad = array();
$new_ad['post_title'] = appthemes_filter($advals['post_title']);
$new_ad['post_content'] = trim($post_content);
$new_ad['post_status'] = 'pending';
// no longer setting final status until after images are set
$new_ad['post_author'] = $advals['user_id'];
$new_ad['post_type'] = APP_POST_TYPE;
if ($renew_id) {
$new_ad['ID'] = $renew_id;
$new_ad['post_date'] = current_time('mysql');
$new_ad['post_date_gmt'] = current_time('mysql', 1);
$post_id = wp_update_post($new_ad);
} else {
// insert the new ad
$post_id = wp_insert_post($new_ad);
}
//set the custom post type categories
wp_set_post_terms($post_id, appthemes_filter($advals['cat']), APP_TAX_CAT, false);
//set the custom post type tags
wp_set_post_terms($post_id, $new_tags, APP_TAX_TAG, false);
// the unique order ID we created becomes the ad confirmation ID
// we will use this for payment systems and for activating the ad
// later if need be. it needs to start with cp_ otherwise it won't
// be loaded in with the ad so let's give it a new name
$advals['cp_sys_ad_conf_id'] = $advals['oid'];
// get the ad duration and first see if ad packs are being used
// if so, get the length of time in days otherwise use the default
// prune period defined on the CP settings page
if (isset($advals['pack_duration'])) {
$ad_length = $advals['pack_duration'];
} else {
$ad_length = $cp_options->prun_period;
}
// set the ad listing expiration date and put into a session
$ad_expire_date = appthemes_mysql_date(current_time('mysql'), $ad_length);
$advals['cp_sys_expire_date'] = $ad_expire_date;
$advals['cp_sys_ad_duration'] = $ad_length;
// if renew ad - delete all old post meta and unmark ad as featured
if ($renew_id) {
unstick_post($renew_id);
$custom_field_keys = get_post_custom_keys($renew_id);
foreach ($custom_field_keys as $custom_key) {
delete_post_meta($renew_id, $custom_key);
}
}
// now add all the custom fields into WP post meta fields
foreach ($advals as $meta_key => $meta_value) {
if (appthemes_str_starts_with($meta_key, 'cp_') && !is_array($advals[$meta_key])) {
add_post_meta($post_id, $meta_key, wp_kses_post($meta_value), true);
}
if (appthemes_str_starts_with($meta_key, 'cp_') && is_array($advals[$meta_key])) {
foreach ($advals[$meta_key] as $checkbox_value) {
add_post_meta($post_id, $meta_key, wp_kses_post($checkbox_value));
}
}
}
// if they checked the box for a featured ad, then make the post sticky
if (isset($advals['featured_ad'])) {
stick_post($post_id);
}
if (isset($advals['attachment'])) {
$the_attachment = $advals['attachment'];
// associate the already uploaded images to the new ad and create multiple image sizes
$attach_id = cp_associate_images($post_id, $the_attachment, true);
}
if (isset($advals['app_attach_id'])) {
$attachments = $advals['app_attach_id'];
$titles = isset($advals['app_attach_title']) ? $advals['app_attach_title'] : array();
// associate the already uploaded images to the new ad and update titles
$attach_id = appthemes_plupload_associate_images($post_id, $attachments, $titles, true);
}
// set the thumbnail pic on the WP post
//cp_set_ad_thumbnail($post_id, $attach_id);
//last step is to publish the ad when its appropriate to publish immediately
$final_status = cp_set_post_status($advals);
if ($final_status == 'publish') {
$final_post = array();
$final_post['ID'] = $post_id;
$final_post['post_status'] = $final_status;
$update_result = wp_update_post($final_post);
}
cp_action_add_new_listing($post_id);
// kick back the post id in case we want to use it
return $post_id;
}
function cp_update_listing()
{
global $wpdb;
// check to see if html is allowed
if (get_option('cp_allow_html') != 'yes') {
$post_content = appthemes_filter($_POST['post_content']);
} else {
$post_content = $_POST['post_content'];
}
// keep only numeric, commas or decimal values
if (!empty($_POST['cp_price'])) {
$_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
}
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
}
// put all the ad elements into an array
// these are the minimum required fields for WP (except tags)
$update_ad = array();
$update_ad['ID'] = trim($_POST['ad_id']);
$update_ad['post_title'] = appthemes_filter($_POST['post_title']);
$update_ad['post_content'] = trim($post_content);
//$update_ad['post_category'] = array((int)appthemes_filter($_POST['cat'])); // maybe use later if we decide to let users change categories
// make sure the WP sanitize_post function doesn't strip out embed & other html
if (get_option('cp_allow_html') == 'yes') {
$update_ad['filter'] = true;
}
//print_r($update_ad).' <- new ad array<br>'; // for debugging
// update the ad and return the ad id
$post_id = wp_update_post($update_ad);
if ($post_id) {
//update post custom taxonomy "ad_tags"
// keep only values and insert/strip commas if needed and put into an array
if (!empty($_POST['tags_input'])) {
$_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
$new_tags = explode(',', $_POST['tags_input']);
$settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
//echo 'Update Tags or Erro:'.print_r($settags, true);
}
// assemble the comma separated hidden fields back into an array so we can save them.
$metafields = explode(',', $_POST['custom_fields_vals']);
// loop through all custom meta fields and update values
foreach ($metafields as $name) {
if (!isset($_POST[$name])) {
delete_post_meta($post_id, $name);
} else {
if (is_array($_POST[$name])) {
delete_post_meta($post_id, $name);
foreach ($_POST[$name] as $checkbox_value) {
add_post_meta($post_id, $name, $checkbox_value);
}
} else {
update_post_meta($post_id, $name, $_POST[$name]);
}
}
}
$errmsg = '<div class="box-yellow"><b>' . __('Your ad has been successfully updated.', 'appthemes') . '</b> <a href="' . CP_DASHBOARD_URL . '">' . __('Return to my dashboard', 'appthemes') . '</a></div>';
// send out the email notifications
cp_edited_ad_email($post_id);
} else {
// the ad wasn't updated so throw an error
$errmsg = '<div class="box-red"><b>' . __('There was an error trying to update your ad.', 'appthemes') . '</b></div>';
}
return $errmsg;
}
/**
* Sends email to ad author from contact form.
*
* @param int $post_id
*
* @return object
*/
function cp_contact_ad_owner_email($post_id)
{
$errors = new WP_Error();
// check for required post data
$expected = array('from_name', 'from_email', 'subject', 'message');
foreach ($expected as $field_name) {
if (empty($_POST[$field_name])) {
$errors->add('empty_field', __('ERROR: All fields are required.', APP_TD));
return $errors;
}
}
// check for required anti-spam post data
$expected_numbers = array('rand_total', 'rand_num', 'rand_num2');
foreach ($expected_numbers as $field_name) {
if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) {
$errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
return $errors;
}
}
// verify captcha answer
$rand_post_total = (int) $_POST['rand_total'];
$rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2'];
if ($rand_total != $rand_post_total) {
$errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
}
// verify email
if (!is_email($_POST['from_email'])) {
$errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD));
}
// verify post
$post = get_post($post_id);
if (!$post) {
$errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD));
}
if ($errors->get_error_code()) {
return $errors;
}
$author_email = get_the_author_meta('user_email', $post->post_author);
$from_name = appthemes_filter(appthemes_clean($_POST['from_name']));
$from_email = appthemes_clean($_POST['from_email']);
$subject = appthemes_filter(appthemes_clean($_POST['subject']));
$posted_message = appthemes_filter(appthemes_clean($_POST['message']));
$blogname = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES);
$site_url = home_url('/');
$permalink = get_permalink($post_id);
$message = html('p', sprintf(__('Someone is interested in your ad listing: %s', APP_TD), html_link($permalink))) . PHP_EOL;
$message .= html('p', '"' . wordwrap(nl2br($posted_message), 70) . '"') . PHP_EOL;
$message .= html('p', sprintf(__('Name: %s', APP_TD), $from_name) . '<br />' . sprintf(__('E-mail: %s', APP_TD), $from_email)) . PHP_EOL;
$message .= html('p', __('-----------------', APP_TD) . '<br />' . sprintf(__('This message was sent from %s', APP_TD), $blogname) . '<br />' . html_link($site_url)) . PHP_EOL;
$message .= html('p', sprintf(__('Sent from IP Address: %s', APP_TD), appthemes_get_ip())) . PHP_EOL;
$email = array('to' => $author_email, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name);
$email = apply_filters('cp_email_user_ad_contact', $email, $post_id);
APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true));
appthemes_send_email($email['to'], $email['subject'], $email['message']);
return $errors;
}
/**
* Returns cleaned fields that we expect.
*
* return array
*/
protected function clean_expected_fields()
{
global $cp_options;
$posted = array();
foreach ($this->expected_fields() as $field) {
$posted[$field] = isset($_POST[$field]) ? $_POST[$field] : '';
if (!is_array($posted[$field])) {
$posted[$field] = appthemes_clean($posted[$field]);
if (appthemes_str_starts_with($field, 'cp_')) {
$posted[$field] = wp_kses_post($posted[$field]);
}
} else {
$posted[$field] = array_map('appthemes_clean', $posted[$field]);
if (appthemes_str_starts_with($field, 'cp_')) {
$posted[$field] = array_map('wp_kses_post', $posted[$field]);
}
}
if ($field == 'cp_price') {
$posted[$field] = appthemes_clean_price($posted[$field]);
}
if ($field == 'tags_input') {
$posted[$field] = appthemes_clean_tags($posted[$field]);
$posted[$field] = wp_kses_post($posted[$field]);
}
if ($field == 'post_content') {
// check to see if html is allowed
if (!$cp_options->allow_html) {
$posted[$field] = appthemes_filter($posted[$field]);
} else {
$posted[$field] = wp_kses_post($posted[$field]);
}
}
if ($field == 'post_title') {
$posted[$field] = appthemes_filter($posted[$field]);
}
}
return $posted;
}