function build_x_field_item_vars($x_field_item_array)
 {
     $sanitized_array = array();
     foreach ($x_field_item_array as $var) {
         $sanitized_array[$var] = clean_field($_REQUEST[$var]);
     }
 }
Exemple #2
0
/**
 * A function created to wrap code intended to handle
 * Admin Panel requests.
 *
 * The body of this function was in the content of awpcp.php
 * being executed every time the plugin file was read.
 *
 * The part of this function that handles Fees is @deprecated since 2.1.4.
 * The part of this function that handles Ads is @deprecated since 2.1.4.
 * The part of this function that handles Categories is still being used.
 */
function awpcp_handle_admin_requests()
{
    global $wpdb;
    global $message;
    if (isset($_REQUEST['createeditadcategory']) && !empty($_REQUEST['createeditadcategory'])) {
        $tbl_ad_categories = $wpdb->prefix . "awpcp_categories";
        $tbl_ads = $wpdb->prefix . "awpcp_ads";
        $category_id = clean_field($_REQUEST['category_id']);
        if (isset($_REQUEST['$movetocat']) && !empty($_REQUEST['$movetocat'])) {
            $movetocat = clean_field($_REQUEST['movetocat']);
        }
        if (isset($_REQUEST['$deletetheads']) && !empty($_REQUEST['$deletetheads'])) {
            $deletetheads = $_REQUEST['deletetheads'];
        }
        $aeaction = clean_field($_REQUEST['aeaction']);
        if ($aeaction == 'newcategory') {
            $name = stripslashes_deep(awpcp_request_param('category_name'));
            $parent = intval(awpcp_request_param('category_parent_id'));
            $order = intval(awpcp_request_param('category_order'));
            $category = new AWPCP_Category(null, $name, null, $order, $parent);
            try {
                awpcp_categories_collection()->save($category);
                $themessagetoprint = __('The new category was successfully added.', 'AWPCP');
            } catch (AWPCP_Exception $e) {
                $themessagetoprint = $e->getMessage();
            }
        } elseif ($aeaction == 'delete') {
            if (isset($_REQUEST['category_name']) && !empty($_REQUEST['category_name'])) {
                $category_name = clean_field($_REQUEST['category_name']);
            }
            if (isset($_REQUEST['category_parent_id']) && !empty($_REQUEST['category_parent_id'])) {
                $category_parent_id = clean_field($_REQUEST['category_parent_id']);
            }
            // Make sure this is not the default category. If it is the default category alert that the default category can only be renamed not deleted
            if ($category_id == 1) {
                $themessagetoprint = __("Sorry but you cannot delete the default category. The default category can only be renamed", "AWPCP");
            } else {
                //Proceed with the delete instructions
                // Move any ads that the category contains if move-to category value is set and does not equal zero
                if (isset($movetocat) && !empty($movetocat) && $movetocat != 0) {
                    $movetocatparent = get_cat_parent_ID($movetocat);
                    $query = 'UPDATE ' . AWPCP_TABLE_ADS . ' SET ad_category_id = %d ad_category_parent_id=%d ';
                    $query .= 'WHERE ad_category_id = %d';
                    $query = $wpdb->prepare($query, $movetocat, $movetocatparent, $category_id);
                    $wpdb->query($query);
                    // Must also relocate ads where the main category was a child of the category being deleted
                    $query = 'UPDATE ' . AWPCP_TABLE_ADS . ' SET ad_category_parent_id = %d WHERE ad_category_parent_id = %d';
                    $query = $wpdb->prepare($query, $movetocat, $category_id);
                    $wpdb->query($query);
                    // Must also relocate any children categories to the the move-to-cat
                    $query = 'UPDATE ' . AWPCP_TABLE_CATEGORIES . ' SET category_parent_id = %d WHERE category_parent_id = %d';
                    $wpdb->prepare($query, $movetocat, $category_id);
                    $wpdb->query($query);
                } elseif (!isset($movetocat) || empty($movetocat) || $movetocat == 0) {
                    // If the category has a parent move the ads to the parent otherwise move the ads to the default
                    if (category_is_child($category_id)) {
                        $movetocat = get_cat_parent_ID($category_id);
                    } else {
                        $movetocat = 1;
                    }
                    $movetocatparent = get_cat_parent_ID($movetocat);
                    // Adjust any ads transferred from the main category
                    $query = "UPDATE " . $tbl_ads . " SET ad_category_id='{$movetocat}', ad_category_parent_id='{$movetocatparent}' WHERE ad_category_id='{$category_id}'";
                    $wpdb->query($query);
                    // Must also relocate any children categories to the the move-to-cat
                    $query = "UPDATE " . $tbl_ad_categories . " SET category_parent_id='{$movetocat}' WHERE category_parent_id='{$category_id}'";
                    $wpdb->query($query);
                    // Adjust  any ads transferred from children categories
                    $query = "UPDATE " . $tbl_ads . " SET ad_category_parent_id='{$movetocat}' WHERE ad_category_parent_id='{$category_id}'";
                    $wpdb->query($query);
                }
                $query = "DELETE FROM  " . AWPCP_TABLE_CATEGORIES . " WHERE category_id='{$category_id}'";
                $wpdb->query($query);
                do_action('awpcp-category-deleted', $category_id);
                $themessagetoprint = __("The category has been deleted", "AWPCP");
            }
        } elseif ($aeaction == 'edit') {
            $category = AWPCP_Category::find_by_id($category_id);
            $category->name = clean_field(awpcp_request_param('category_name'));
            $category->parent = intval(clean_field(awpcp_request_param('category_parent_id')));
            $category->order = intval(awpcp_request_param('category_order', 0));
            try {
                awpcp_categories_collection()->save($category);
                $themessagetoprint = __('Your category changes have been saved.', 'AWPCP');
            } catch (AWPCP_Exception $e) {
                $themessagetoprint = $e->getMessage();
            }
        } else {
            $themessagetoprint = __("No changes made to categories.", "AWPCP");
        }
        $message = "<div style=\"background-color: rgb(255, 251, 204);\" id=\"message\" class=\"awpcp-updated updated fade\">{$themessagetoprint}</div>";
        $clearform = 1;
    }
    // Move multiple categories
    if (isset($_REQUEST['movemultiplecategories']) && !empty($_REQUEST['movemultiplecategories'])) {
        $tbl_ad_categories = $wpdb->prefix . "awpcp_categories";
        $tbl_ads = $wpdb->prefix . "awpcp_ads";
        // First get the array of categories to be deleted
        $categoriestomove = clean_field($_REQUEST['category_to_delete_or_move']);
        // Next get the value for where the admin wants to move the ads
        if (isset($_REQUEST['moveadstocategory']) && !empty($_REQUEST['moveadstocategory']) && $_REQUEST['moveadstocategory'] != 0) {
            $moveadstocategory = clean_field($_REQUEST['moveadstocategory']);
            // Next loop through the categories and move them to the new category
            foreach ($categoriestomove as $cattomove) {
                if ($cattomove != $moveadstocategory) {
                    // First update all the ads in the category to take on the new parent ID
                    $query = "UPDATE " . AWPCP_TABLE_ADS . " SET ad_category_parent_id='{$moveadstocategory}' WHERE ad_category_id='{$cattomove}'";
                    $wpdb->query($query);
                    $query = "UPDATE " . AWPCP_TABLE_CATEGORIES . " SET category_parent_id='{$moveadstocategory}' WHERE category_id='{$cattomove}'";
                    $wpdb->query($query);
                }
            }
            $themessagetoprint = __("With the exception of any category that was being moved to itself, the categories have been moved", "AWPCP");
        } else {
            $themessagetoprint = __("The categories have not been moved because you did not indicate where you want the categories to be moved to", "AWPCP");
        }
        $message = "<div style=\"background-color: rgb(255, 251, 204);\" id=\"message\" class=\"awpcp-updated updated fade\">{$themessagetoprint}</div>";
    }
    // Delete multiple categories
    if (isset($_REQUEST['deletemultiplecategories']) && !empty($_REQUEST['deletemultiplecategories'])) {
        $tbl_ad_categories = $wpdb->prefix . "awpcp_categories";
        $tbl_ads = $wpdb->prefix . "awpcp_ads";
        // First get the array of categories to be deleted
        $categoriestodelete = (array) clean_field($_REQUEST['category_to_delete_or_move']);
        // Next get the value of move/delete ads
        if (isset($_REQUEST['movedeleteads']) && !empty($_REQUEST['movedeleteads'])) {
            $movedeleteads = clean_field($_REQUEST['movedeleteads']);
        } else {
            $movedeleteads = 1;
        }
        // Next get the value for where the admin wants to move the ads
        if (isset($_REQUEST['moveadstocategory']) && !empty($_REQUEST['moveadstocategory']) && $_REQUEST['moveadstocategory'] != 0) {
            $moveadstocategory = clean_field($_REQUEST['moveadstocategory']);
        } else {
            $moveadstocategory = 1;
        }
        // Next make sure there is a default category with an ID of 1 because any ads that exist in the
        // categories will need to be moved to a default category if admin has checked move ads but
        // has not selected a move to category
        if ($moveadstocategory == 1 && !defaultcatexists($defid = 1)) {
            createdefaultcategory($idtomake = 1, $titletocallit = 'Untitled');
        }
        // Next loop through the categories and move all their ads
        foreach ($categoriestodelete as $cattodel) {
            // Make sure this is not the default category which cannot be deleted
            if ($cattodel != 1) {
                // If admin has instructed moving ads move the ads
                if ($movedeleteads == 1) {
                    // Now move the ads if any
                    $movetocat = $moveadstocategory;
                    $movetocatparent = get_cat_parent_ID($movetocat);
                    // Move the ads in the category main
                    $query = "UPDATE " . AWPCP_TABLE_ADS . " SET ad_category_id='{$movetocat}',ad_category_parent_id='{$movetocatparent}' WHERE ad_category_id='{$cattodel}'";
                    $wpdb->query($query);
                    // Must also relocate ads where the main category was a child of the category being deleted
                    $query = "UPDATE " . AWPCP_TABLE_ADS . " SET ad_category_parent_id='{$movetocat}' WHERE ad_category_parent_id='{$cattodel}'";
                    $wpdb->query($query);
                    // Must also relocate any children categories that do not exist in the categories to delete loop to the the move-to-cat
                    $query = "UPDATE " . AWPCP_TABLE_CATEGORIES . " SET category_parent_id='{$movetocat}' WHERE category_parent_id='{$cattodel}' AND category_id NOT IN (" . implode(',', $categoriestodelete) . ")";
                    $wpdb->query($query);
                } elseif ($movedeleteads == 2) {
                    $movetocat = $moveadstocategory;
                    // If the category has children move the ads in the child categories to the default category
                    if (category_has_children($cattodel)) {
                        //  Relocate the ads ads in any children categories of the category being deleted
                        $query = "UPDATE " . AWPCP_TABLE_ADS . " SET ad_category_parent_id='{$movetocat}' WHERE ad_category_parent_id='{$cattodel}'";
                        $wpdb->query($query);
                        // Relocate any children categories that exist under the category being deleted
                        $query = "UPDATE " . AWPCP_TABLE_CATEGORIES . " SET category_parent_id='{$movetocat}' WHERE category_parent_id='{$cattodel}'";
                        $wpdb->query($query);
                    }
                    // Now delete the ads because the admin has checked Delete ads if any
                    massdeleteadsfromcategory($cattodel);
                }
                // Now delete the categories
                $query = "DELETE FROM  " . AWPCP_TABLE_CATEGORIES . " WHERE category_id='{$cattodel}'";
                $wpdb->query($query);
                $themessagetoprint = __("The categories have been deleted", "AWPCP");
            }
        }
        if (isset($themessagetoprint)) {
            $message = "<div style=\"background-color: rgb(255, 251, 204);\" id=\"message\" class=\"awpcp-updated updated fade\">{$themessagetoprint}</div>";
        }
    }
}