<?php

$searchTxt = esc_attr(appthemes_filter(get_search_query()));
if (empty($searchTxt) || $searchTxt == __('What are you looking for?', APP_TD)) {
    $searchTxt = '*';
}
//echo $wp_query->request;
?>

	<div class="content">

		<div class="content_botbg">

			<div class="content_res">

				<div id="breadcrumb">

					<?php 
//if ( function_exists('cp_breadcrumb') ) cp_breadcrumb();
?>
					<div id="crumbs"><a href="<?php 
echo get_site_url();
?>
">Home</a> &raquo; Search<span class="current"></span></div>
				</div><!-- /breadcrumb -->

				<!-- left block -->
				<div class="content_left">

					<div class="shadowblock_out">
function cp_update_listing()
{
    global $wpdb, $cp_options;
    // check to see if html is allowed
    if (!$cp_options->allow_html) {
        $post_content = appthemes_filter($_POST['post_content']);
    } else {
        $post_content = wp_kses_post($_POST['post_content']);
    }
    // keep only numeric, commas or decimal values
    if (!empty($_POST['cp_price'])) {
        $_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
    }
    // keep only values and insert/strip commas if needed and put into an array
    if (!empty($_POST['tags_input'])) {
        $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
        $new_tags = explode(',', $_POST['tags_input']);
    }
    // put all the ad elements into an array
    // these are the minimum required fields for WP (except tags)
    $update_ad = array();
    $update_ad['ID'] = trim($_POST['ad_id']);
    $update_ad['post_title'] = appthemes_filter($_POST['post_title']);
    $update_ad['post_content'] = trim($post_content);
    if ($cp_options->moderate_edited_ads) {
        $update_ad['post_status'] = 'pending';
    }
    // update the ad and return the ad id
    $post_id = wp_update_post($update_ad);
    if (!$post_id) {
        return false;
    }
    //update post custom taxonomy "ad_tags"
    // keep only values and insert/strip commas if needed and put into an array
    if (!empty($_POST['tags_input'])) {
        $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
        $new_tags = explode(',', $_POST['tags_input']);
        $settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
    }
    // assemble the comma separated hidden fields back into an array so we can save them.
    $metafields = explode(',', $_POST['custom_fields_vals']);
    // loop through all custom meta fields and update values
    foreach ($metafields as $name) {
        if (!isset($_POST[$name])) {
            delete_post_meta($post_id, $name);
        } else {
            if (is_array($_POST[$name])) {
                delete_post_meta($post_id, $name);
                foreach ($_POST[$name] as $checkbox_value) {
                    add_post_meta($post_id, $name, wp_kses_post($checkbox_value));
                }
            } else {
                update_post_meta($post_id, $name, wp_kses_post($_POST[$name]));
            }
        }
    }
    cp_action_update_listing($post_id);
    return $post_id;
}
function cp_add_new_listing($advals)
{
    global $wpdb;
    $new_tags = '';
    $ad_length = '';
    $attach_id = '';
    $the_attachment = '';
    // tags are tricky and need to be put into an array before saving the ad
    if (!empty($advals['tags_input'])) {
        $new_tags = explode(',', $advals['tags_input']);
    }
    // put all the new ad elements into an array
    // these are the minimum required fields for WP (except tags)
    $new_ad = array();
    $new_ad['post_title'] = appthemes_filter($advals['post_title']);
    $new_ad['post_content'] = trim($advals['post_content']);
    $new_ad['post_status'] = 'pending';
    // no longer setting final status until after images are set
    $new_ad['post_author'] = 0;
    if (!empty($_SESSION['anonym']) && $_SESSION['anonym'] != '') {
        $new_ad['post_author'] = 0;
    } else {
        $new_ad['post_author'] = $advals['user_id'];
    }
    $new_ad['post_type'] = APP_POST_TYPE;
    // make sure the WP sanitize_post function doesn't strip out embed & other html
    if (get_option('cp_allow_html') == 'yes') {
        $new_ad['filter'] = true;
    }
    //print_r($new_ad).' <- new ad array<br>';
    // insert the new ad
    $post_id = wp_insert_post($new_ad);
    //set the custom post type categories
    wp_set_post_terms($post_id, appthemes_filter($advals['cat']), APP_TAX_CAT, false);
    //set the custom post type tags
    wp_set_post_terms($post_id, $new_tags, APP_TAX_TAG, false);
    //$location = get_field('location');
    //**************************************EKLEME**********************************************
    // Google Maps ten Pozisyon Seçilmiþse O pozisyonu kaydeder seçimemiþse adresten bulur
    if (!empty($_SESSION['kordinat']) && $_SESSION['kordinat'] != '') {
        $category = get_the_terms($post_id, 'ad_cat');
        $address1 = explode('|', $_SESSION['kordinat']);
        $address2 = explode(',', $address1[1]);
        cp_add_geocode($post_id, $category[0]->name, $address2[0], $address2[1]);
        $_SESSION['kordinat'] = '';
    } else {
        $_SESSION['kordinat'] == 'yok';
    }
    //************************************************************************************
    // the unique order ID we created becomes the ad confirmation ID
    // we will use this for payment systems and for activating the ad
    // later if need be. it needs to start with cp_ otherwise it won't
    // be loaded in with the ad so let's give it a new name
    $advals['cp_sys_ad_conf_id'] = $advals['oid'];
    // get the ad duration and first see if ad packs are being used
    // if so, get the length of time in days otherwise use the default
    // prune period defined on the CP settings page
    if (isset($advals['pack_duration'])) {
        $ad_length = $advals['pack_duration'];
    } else {
        $ad_length = get_option('cp_prun_period');
    }
    // set the ad listing expiration date and put into a session
    $ad_expire_date = date_i18n('m/d/Y H:i:s', strtotime('+' . $ad_length . ' days'));
    // don't localize the word 'days'
    $advals['cp_sys_expire_date'] = $ad_expire_date;
    $advals['cp_sys_ad_duration'] = $ad_length;
    // now add all the custom fields into WP post meta fields
    foreach ($advals as $meta_key => $meta_value) {
        if (appthemes_str_starts_with($meta_key, 'cp_') && !is_array($advals[$meta_key])) {
            add_post_meta($post_id, $meta_key, $meta_value, true);
        }
        if (appthemes_str_starts_with($meta_key, 'cp_') && is_array($advals[$meta_key])) {
            foreach ($advals[$meta_key] as $checkbox_value) {
                add_post_meta($post_id, $meta_key, $checkbox_value);
            }
        }
    }
    // if they checked the box for a featured ad, then make the post sticky
    if (isset($advals['featured_ad'])) {
        stick_post($post_id);
    }
    if (isset($advals['attachment'])) {
        $the_attachment = $advals['attachment'];
        // associate the already uploaded images to the new ad and create multiple image sizes
        $attach_id = cp_associate_images($post_id, $the_attachment, true);
    }
    // set the thumbnail pic on the WP post
    //cp_set_ad_thumbnail($post_id, $attach_id);
    //last step is to publish the ad when its appropriate to publish immediately
    $final_status = cp_set_post_status($advals);
    if ($final_status == 'publish') {
        $final_post = array();
        $final_post['ID'] = $post_id;
        $final_post['post_status'] = $final_status;
        $update_result = wp_update_post($final_post);
    }
    // kick back the post id in case we want to use it
    return $post_id;
}
function cp_contact_ad_owner_email2($post_id, $files)
{
    $errors = new WP_Error();
    // check for required post data
    $expected = array('from_name', 'from_email', 'subject', 'message');
    foreach ($expected as $field_name) {
        if (empty($_POST[$field_name])) {
            $errors->add('empty_field', __('ERROR: All fields are required.', APP_TD));
            return $errors;
        }
    }
    // check for required anti-spam post data
    $expected_numbers = array('rand_total', 'rand_num', 'rand_num2');
    foreach ($expected_numbers as $field_name) {
        if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) {
            $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
            return $errors;
        }
    }
    // verify captcha answer
    $rand_post_total = (int) $_POST['rand_total'];
    $rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2'];
    if ($rand_total != $rand_post_total) {
        $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
    }
    // verify email
    if (!is_email($_POST['from_email'])) {
        $errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD));
    }
    // verify post
    $post = get_post($post_id);
    if (!$post) {
        $errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD));
    }
    if ($errors->get_error_code()) {
        return $errors;
    }
    $mailto = get_the_author_meta('user_email', $post->post_author);
    $from_name = appthemes_filter(appthemes_clean($_POST['from_name']));
    $from_email = appthemes_clean($_POST['from_email']);
    $subject = appthemes_filter(appthemes_clean($_POST['subject']));
    $posted_message = appthemes_filter(appthemes_clean($_POST['message']));
    $sitename = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES);
    $siteurl = home_url('/');
    $permalink = get_permalink($post_id);
    $message = sprintf(__('Someone is interested in your ad listing: %s', APP_TD), $permalink) . "\r\n\r\n";
    $message .= '"' . wordwrap($posted_message, 70) . '"' . "\r\n\r\n";
    $message .= sprintf(__('Name: %s', APP_TD), $from_name) . "\r\n";
    $message .= sprintf(__('E-mail: %s', APP_TD), $from_email) . "\r\n\r\n";
    $message .= '-----------------------------------------' . "\r\n";
    $message .= sprintf(__('This message was sent from %s', APP_TD), $sitename) . "\r\n";
    $message .= $siteurl . "\r\n\r\n";
    $message .= __('Sent from IP Address: ', APP_TD) . appthemes_get_ip() . "\r\n\r\n";
    $email = array('to' => $mailto, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name);
    $email = apply_filters('cp_email_user_ad_contact', $email, $post_id);
    APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true));
    $resumes = explode(',', $files[0]);
    $attachments = array();
    foreach ($resumes as $resume) {
        array_push($attachments, WP_CONTENT_DIR . '/themes/classiclean/server/files/' . $resume);
    }
    wp_mail($email['to'], $email['subject'], $email['message'], null, $attachments);
    return $errors;
}
Exemple #5
0
function cp_update_listing()
{
    global $wpdb;
    // check to see if html is allowed
    if (get_option('cp_allow_html') != 'yes') {
        $post_content = appthemes_filter($_POST['post_content']);
    } else {
        $post_content = $_POST['post_content'];
    }
    // keep only numeric, commas or decimal values
    if (!empty($_POST['cp_price'])) {
        $_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
    }
    // keep only values and insert/strip commas if needed and put into an array
    if (!empty($_POST['tags_input'])) {
        $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
        $new_tags = explode(',', $_POST['tags_input']);
    }
    // put all the ad elements into an array
    // these are the minimum required fields for WP (except tags)
    $update_ad = array();
    $update_ad['ID'] = trim($_POST['ad_id']);
    $update_ad['post_title'] = appthemes_filter($_POST['post_title']);
    $update_ad['post_content'] = trim($post_content);
    //$update_ad['post_category']   = array((int)appthemes_filter($_POST['cat'])); // maybe use later if we decide to let users change categories
    //print_r($update_ad).' <- new ad array<br>'; // for debugging
    // update the ad and return the ad id
    $post_id = wp_update_post($update_ad);
    if ($post_id) {
        //update post custom taxonomy "ad_tags"
        // keep only values and insert/strip commas if needed and put into an array
        if (!empty($_POST['tags_input'])) {
            $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
            $new_tags = explode(',', $_POST['tags_input']);
            $settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
            //echo 'Update Tags or Erro:'.print_r($settags, true);
        }
        // assemble the comma separated hidden fields back into an array so we can save them.
        $metafields = explode(',', $_POST['custom_fields_vals']);
        // loop through all custom meta fields and update values
        foreach ($metafields as $name) {
            if (!isset($_POST[$name])) {
                delete_post_meta($post_id, $name);
            } else {
                if (is_array($_POST[$name])) {
                    delete_post_meta($post_id, $name);
                    foreach ($_POST[$name] as $checkbox_value) {
                        add_post_meta($post_id, $name, $checkbox_value);
                    }
                } else {
                    update_post_meta($post_id, $name, $_POST[$name]);
                }
            }
        }
        $result = $post_id;
        cp_action_update_listing($post_id);
    } else {
        // the ad wasn't updated
        $result = false;
    }
    return $result;
}
function cp_notify_ad_owner_email($new_status, $old_status, $post)
{
    global $current_user, $wpdb;
    //$contributor = get_userdata($post->post_author);
    $the_ad = get_post($post->ID);
    $category = appthemes_get_custom_taxonomy($post->ID, APP_TAX_CAT, 'name');
    $ad_title = stripslashes($the_ad->post_title);
    $ad_cat = stripslashes($category);
    $ad_author_id = stripslashes(get_the_author_meta('ID', $the_ad->post_author));
    $ad_author = stripslashes(get_the_author_meta('user_login', $the_ad->post_author));
    $ad_author_email = stripslashes(get_the_author_meta('user_email', $the_ad->post_author));
    $ad_status = stripslashes($the_ad->post_status);
    $ad_content = appthemes_filter(stripslashes($the_ad->post_content));
    $siteurl = trailingslashit(get_option('home'));
    $dashurl = trailingslashit(CP_DASHBOARD_URL);
    // check to see if ad is legacy or not
    if (get_post_meta($post->ID, 'email', true)) {
        $mailto = get_post_meta($post->ID, 'email', true);
    } else {
        $mailto = $ad_author_email;
    }
    //$mailto = 'tester@127.0.0.1'; // USED FOR TESTING
    // The blogname option is escaped with esc_html on the way into the database in sanitize_option
    // we want to reverse this for the plain text arena of emails.
    $blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
    // make sure the admin wants to send emails
    $send_approved_email = get_option('cp_new_ad_email_owner');
    $send_expired_email = get_option('cp_expired_ad_email_owner');
    // if the ad has been approved send email to ad owner only if owner is not equal to approver
    // admin approving own ads or ad owner pausing and reactivating ad on his dashboard don't need to send email
    if ($old_status == 'pending' && $new_status == 'publish' && $current_user->ID != $ad_author_id && $send_approved_email == 'yes') {
        $subject = __('Your Ad Has Been Approved', 'appthemes');
        $headers = 'From: ' . sprintf(__('%s Admin', 'appthemes'), $blogname) . ' <' . get_option('admin_email') . '>' . "\r\n";
        $message = sprintf(__('Hi %s,', 'appthemes'), $ad_author) . "\r\n\r\n";
        $message .= sprintf(__('Your ad listing, "%s" has been approved and is now live on our site.', 'appthemes'), $ad_title) . "\r\n\r\n";
        $message .= __('You can view your ad by clicking on the following link:', 'appthemes') . "\r\n";
        $message .= get_permalink($post->ID) . "\r\n\r\n\r\n\r\n";
        $message .= __('Regards,', 'appthemes') . "\r\n\r\n";
        $message .= sprintf(__('Your %s Team', 'appthemes'), $blogname) . "\r\n";
        $message .= $siteurl . "\r\n\r\n\r\n\r\n";
        // ok let's send the email
        wp_mail($mailto, $subject, $message, $headers);
        // if the ad has expired, send an email to the ad owner only if owner is not equal to approver
    } elseif ($old_status == 'publish' && $new_status == 'draft' && $current_user->ID != $ad_author_id && $send_expired_email == 'yes') {
        $subject = __('Your Ad Has Expired', 'appthemes');
        $headers = 'From: ' . sprintf(__('%s Admin', 'appthemes'), $blogname) . ' <' . get_option('admin_email') . '>' . "\r\n";
        $message = sprintf(__('Hi %s,', 'appthemes'), $ad_author) . "\r\n\r\n";
        $message .= sprintf(__('Your ad listing, "%s" has expired.', 'appthemes'), $ad_title) . "\r\n\r\n";
        if (get_option('cp_allow_relist') == 'yes') {
            $message .= __('If you would like to relist your ad, please visit your dashboard and click the "relist" link.', 'appthemes') . "\r\n";
            $message .= $dashurl . "\r\n\r\n\r\n\r\n";
        }
        $message .= __('Regards,', 'appthemes') . "\r\n\r\n";
        $message .= sprintf(__('Your %s Team', 'appthemes'), $blogname) . "\r\n";
        $message .= $siteurl . "\r\n\r\n\r\n\r\n";
        // ok let's send the email
        wp_mail($mailto, $subject, $message, $headers);
    }
}
function cp_add_new_listing($advals, $renew_id = false)
{
    global $wpdb, $cp_options;
    $new_tags = '';
    $ad_length = '';
    $attach_id = '';
    $the_attachment = '';
    // check to see if html is allowed
    if (!$cp_options->allow_html) {
        $post_content = appthemes_filter($advals['post_content']);
    } else {
        $post_content = wp_kses_post($advals['post_content']);
    }
    // tags are tricky and need to be put into an array before saving the ad
    if (!empty($advals['tags_input'])) {
        $new_tags = explode(',', $advals['tags_input']);
    }
    // put all the new ad elements into an array
    // these are the minimum required fields for WP (except tags)
    $new_ad = array();
    $new_ad['post_title'] = appthemes_filter($advals['post_title']);
    $new_ad['post_content'] = trim($post_content);
    $new_ad['post_status'] = 'pending';
    // no longer setting final status until after images are set
    $new_ad['post_author'] = $advals['user_id'];
    $new_ad['post_type'] = APP_POST_TYPE;
    if ($renew_id) {
        $new_ad['ID'] = $renew_id;
        $new_ad['post_date'] = current_time('mysql');
        $new_ad['post_date_gmt'] = current_time('mysql', 1);
        $post_id = wp_update_post($new_ad);
    } else {
        // insert the new ad
        $post_id = wp_insert_post($new_ad);
    }
    //set the custom post type categories
    wp_set_post_terms($post_id, appthemes_filter($advals['cat']), APP_TAX_CAT, false);
    //set the custom post type tags
    wp_set_post_terms($post_id, $new_tags, APP_TAX_TAG, false);
    // the unique order ID we created becomes the ad confirmation ID
    // we will use this for payment systems and for activating the ad
    // later if need be. it needs to start with cp_ otherwise it won't
    // be loaded in with the ad so let's give it a new name
    $advals['cp_sys_ad_conf_id'] = $advals['oid'];
    // get the ad duration and first see if ad packs are being used
    // if so, get the length of time in days otherwise use the default
    // prune period defined on the CP settings page
    if (isset($advals['pack_duration'])) {
        $ad_length = $advals['pack_duration'];
    } else {
        $ad_length = $cp_options->prun_period;
    }
    // set the ad listing expiration date and put into a session
    $ad_expire_date = appthemes_mysql_date(current_time('mysql'), $ad_length);
    $advals['cp_sys_expire_date'] = $ad_expire_date;
    $advals['cp_sys_ad_duration'] = $ad_length;
    // if renew ad - delete all old post meta and unmark ad as featured
    if ($renew_id) {
        unstick_post($renew_id);
        $custom_field_keys = get_post_custom_keys($renew_id);
        foreach ($custom_field_keys as $custom_key) {
            delete_post_meta($renew_id, $custom_key);
        }
    }
    // now add all the custom fields into WP post meta fields
    foreach ($advals as $meta_key => $meta_value) {
        if (appthemes_str_starts_with($meta_key, 'cp_') && !is_array($advals[$meta_key])) {
            add_post_meta($post_id, $meta_key, wp_kses_post($meta_value), true);
        }
        if (appthemes_str_starts_with($meta_key, 'cp_') && is_array($advals[$meta_key])) {
            foreach ($advals[$meta_key] as $checkbox_value) {
                add_post_meta($post_id, $meta_key, wp_kses_post($checkbox_value));
            }
        }
    }
    // if they checked the box for a featured ad, then make the post sticky
    if (isset($advals['featured_ad'])) {
        stick_post($post_id);
    }
    if (isset($advals['attachment'])) {
        $the_attachment = $advals['attachment'];
        // associate the already uploaded images to the new ad and create multiple image sizes
        $attach_id = cp_associate_images($post_id, $the_attachment, true);
    }
    if (isset($advals['app_attach_id'])) {
        $attachments = $advals['app_attach_id'];
        $titles = isset($advals['app_attach_title']) ? $advals['app_attach_title'] : array();
        // associate the already uploaded images to the new ad and update titles
        $attach_id = appthemes_plupload_associate_images($post_id, $attachments, $titles, true);
    }
    // set the thumbnail pic on the WP post
    //cp_set_ad_thumbnail($post_id, $attach_id);
    //last step is to publish the ad when its appropriate to publish immediately
    $final_status = cp_set_post_status($advals);
    if ($final_status == 'publish') {
        $final_post = array();
        $final_post['ID'] = $post_id;
        $final_post['post_status'] = $final_status;
        $update_result = wp_update_post($final_post);
    }
    cp_action_add_new_listing($post_id);
    // kick back the post id in case we want to use it
    return $post_id;
}
function cp_update_listing()
{
    global $wpdb;
    // check to see if html is allowed
    if (get_option('cp_allow_html') != 'yes') {
        $post_content = appthemes_filter($_POST['post_content']);
    } else {
        $post_content = $_POST['post_content'];
    }
    // keep only numeric, commas or decimal values
    if (!empty($_POST['cp_price'])) {
        $_POST['cp_price'] = appthemes_clean_price($_POST['cp_price']);
    }
    // keep only values and insert/strip commas if needed and put into an array
    if (!empty($_POST['tags_input'])) {
        $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
        $new_tags = explode(',', $_POST['tags_input']);
    }
    // put all the ad elements into an array
    // these are the minimum required fields for WP (except tags)
    $update_ad = array();
    $update_ad['ID'] = trim($_POST['ad_id']);
    $update_ad['post_title'] = appthemes_filter($_POST['post_title']);
    $update_ad['post_content'] = trim($post_content);
    //$update_ad['post_category']   = array((int)appthemes_filter($_POST['cat'])); // maybe use later if we decide to let users change categories
    // make sure the WP sanitize_post function doesn't strip out embed & other html
    if (get_option('cp_allow_html') == 'yes') {
        $update_ad['filter'] = true;
    }
    //print_r($update_ad).' <- new ad array<br>'; // for debugging
    // update the ad and return the ad id
    $post_id = wp_update_post($update_ad);
    if ($post_id) {
        //update post custom taxonomy "ad_tags"
        // keep only values and insert/strip commas if needed and put into an array
        if (!empty($_POST['tags_input'])) {
            $_POST['tags_input'] = appthemes_clean_tags($_POST['tags_input']);
            $new_tags = explode(',', $_POST['tags_input']);
            $settags = wp_set_object_terms($post_id, $new_tags, APP_TAX_TAG);
            //echo 'Update Tags or Erro:'.print_r($settags, true);
        }
        // assemble the comma separated hidden fields back into an array so we can save them.
        $metafields = explode(',', $_POST['custom_fields_vals']);
        // loop through all custom meta fields and update values
        foreach ($metafields as $name) {
            if (!isset($_POST[$name])) {
                delete_post_meta($post_id, $name);
            } else {
                if (is_array($_POST[$name])) {
                    delete_post_meta($post_id, $name);
                    foreach ($_POST[$name] as $checkbox_value) {
                        add_post_meta($post_id, $name, $checkbox_value);
                    }
                } else {
                    update_post_meta($post_id, $name, $_POST[$name]);
                }
            }
        }
        $errmsg = '<div class="box-yellow"><b>' . __('Your ad has been successfully updated.', 'appthemes') . '</b> <a href="' . CP_DASHBOARD_URL . '">' . __('Return to my dashboard', 'appthemes') . '</a></div>';
        // send out the email notifications
        cp_edited_ad_email($post_id);
    } else {
        // the ad wasn't updated so throw an error
        $errmsg = '<div class="box-red"><b>' . __('There was an error trying to update your ad.', 'appthemes') . '</b></div>';
    }
    return $errmsg;
}
Exemple #9
0
/**
 * Sends email to ad author from contact form.
 *
 * @param int $post_id
 *
 * @return object
 */
function cp_contact_ad_owner_email($post_id)
{
    $errors = new WP_Error();
    // check for required post data
    $expected = array('from_name', 'from_email', 'subject', 'message');
    foreach ($expected as $field_name) {
        if (empty($_POST[$field_name])) {
            $errors->add('empty_field', __('ERROR: All fields are required.', APP_TD));
            return $errors;
        }
    }
    // check for required anti-spam post data
    $expected_numbers = array('rand_total', 'rand_num', 'rand_num2');
    foreach ($expected_numbers as $field_name) {
        if (!isset($_POST[$field_name]) || !is_numeric($_POST[$field_name])) {
            $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
            return $errors;
        }
    }
    // verify captcha answer
    $rand_post_total = (int) $_POST['rand_total'];
    $rand_total = (int) $_POST['rand_num'] + (int) $_POST['rand_num2'];
    if ($rand_total != $rand_post_total) {
        $errors->add('invalid_captcha', __('ERROR: Incorrect captcha answer.', APP_TD));
    }
    // verify email
    if (!is_email($_POST['from_email'])) {
        $errors->add('invalid_email', __('ERROR: Incorrect email address.', APP_TD));
    }
    // verify post
    $post = get_post($post_id);
    if (!$post) {
        $errors->add('invalid_post', __('ERROR: Ad does not exist.', APP_TD));
    }
    if ($errors->get_error_code()) {
        return $errors;
    }
    $author_email = get_the_author_meta('user_email', $post->post_author);
    $from_name = appthemes_filter(appthemes_clean($_POST['from_name']));
    $from_email = appthemes_clean($_POST['from_email']);
    $subject = appthemes_filter(appthemes_clean($_POST['subject']));
    $posted_message = appthemes_filter(appthemes_clean($_POST['message']));
    $blogname = wp_specialchars_decode(get_bloginfo('name'), ENT_QUOTES);
    $site_url = home_url('/');
    $permalink = get_permalink($post_id);
    $message = html('p', sprintf(__('Someone is interested in your ad listing: %s', APP_TD), html_link($permalink))) . PHP_EOL;
    $message .= html('p', '"' . wordwrap(nl2br($posted_message), 70) . '"') . PHP_EOL;
    $message .= html('p', sprintf(__('Name: %s', APP_TD), $from_name) . '<br />' . sprintf(__('E-mail: %s', APP_TD), $from_email)) . PHP_EOL;
    $message .= html('p', __('-----------------', APP_TD) . '<br />' . sprintf(__('This message was sent from %s', APP_TD), $blogname) . '<br />' . html_link($site_url)) . PHP_EOL;
    $message .= html('p', sprintf(__('Sent from IP Address: %s', APP_TD), appthemes_get_ip())) . PHP_EOL;
    $email = array('to' => $author_email, 'subject' => $subject, 'message' => $message, 'from' => $from_email, 'from_name' => $from_name);
    $email = apply_filters('cp_email_user_ad_contact', $email, $post_id);
    APP_Mail_From::apply_once(array('email' => $email['from'], 'name' => $email['from_name'], 'reply' => true));
    appthemes_send_email($email['to'], $email['subject'], $email['message']);
    return $errors;
}
Exemple #10
0
 /**
  * Returns cleaned fields that we expect.
  *
  * return array
  */
 protected function clean_expected_fields()
 {
     global $cp_options;
     $posted = array();
     foreach ($this->expected_fields() as $field) {
         $posted[$field] = isset($_POST[$field]) ? $_POST[$field] : '';
         if (!is_array($posted[$field])) {
             $posted[$field] = appthemes_clean($posted[$field]);
             if (appthemes_str_starts_with($field, 'cp_')) {
                 $posted[$field] = wp_kses_post($posted[$field]);
             }
         } else {
             $posted[$field] = array_map('appthemes_clean', $posted[$field]);
             if (appthemes_str_starts_with($field, 'cp_')) {
                 $posted[$field] = array_map('wp_kses_post', $posted[$field]);
             }
         }
         if ($field == 'cp_price') {
             $posted[$field] = appthemes_clean_price($posted[$field]);
         }
         if ($field == 'tags_input') {
             $posted[$field] = appthemes_clean_tags($posted[$field]);
             $posted[$field] = wp_kses_post($posted[$field]);
         }
         if ($field == 'post_content') {
             // check to see if html is allowed
             if (!$cp_options->allow_html) {
                 $posted[$field] = appthemes_filter($posted[$field]);
             } else {
                 $posted[$field] = wp_kses_post($posted[$field]);
             }
         }
         if ($field == 'post_title') {
             $posted[$field] = appthemes_filter($posted[$field]);
         }
     }
     return $posted;
 }