function tdomf_prepare_string($message, $form_id = false, $mode = "", $post_id = false, $errors = "", $post_args = array())
{
global $current_user;
if ($post_id !== false) {
$post =& get_post($post_id);
// "post_date" is now only updated when a post is published
// so now submission date is captured in a custom field
// Failing that, go back to the old method of post_modified
//
if ($post->post_status == 'publish' || $post->post_status == 'future') {
$submission_date = mysql2date(get_option('date_format'), $post->post_date_gmt);
$submission_time = mysql2date(get_option('time_format'), $post->post_date_gmt);
} else {
if (get_post_meta($post_id, TDOMF_KEY_SUBMISSION_DATE_GMT, true)) {
$date = get_post_meta($post_id, TDOMF_KEY_SUBMISSION_DATE_GMT, true);
$submission_date = mysql2date(get_option('date_format'), $date);
$submission_time = mysql2date(get_option('time_format'), $date);
} else {
$submission_date = mysql2date(get_option('date_format'), $post->post_modified_gmt);
$submission_time = mysql2date(get_option('time_format'), $post->post_modified_gmt);
}
}
// url, date and time are safe but title is not: scrub
$patterns = array('/' . TDOMF_MACRO_SUBMISSIONURL . '/', '/' . TDOMF_MACRO_SUBMISSIONDATE . '/', '/' . TDOMF_MACRO_SUBMISSIONTIME . '/', '/' . TDOMF_MACRO_SUBMISSIONTITLE . '/');
$replacements = array(get_permalink($post_id), $submission_date, $submission_time, tdomf_protect_input($post->post_title));
$message = preg_replace($patterns, $replacements, $message);
}
if (!empty($errors)) {
$message = preg_replace('/' . TDOMF_MACRO_SUBMISSIONERRORS . '/', $errors, $message);
}
if (is_user_logged_in()) {
get_currentuserinfo();
// might not be safe
$message = preg_replace('/' . TDOMF_MACRO_USERNAME . '/', tdomf_protect_input($current_user->display_name), $message);
} else {
if ($post_id !== false) {
// may not be safe at all
$message = preg_replace('/' . TDOMF_MACRO_USERNAME . '/', tdomf_protect_input(get_post_meta($post_id, TDOMF_KEY_NAME, true)), $message);
} else {
$message = preg_replace('/' . TDOMF_MACRO_USERNAME . '/', __("Unregistered", "tdomf"), $message);
}
}
$message = preg_replace('/' . TDOMF_MACRO_IP . '/', $_SERVER['REMOTE_ADDR'], $message);
if ($form_id !== false) {
// these macros are inputed by form admin so are considered safe
$patterns = array('/' . TDOMF_MACRO_FORMURL . '/', '/' . TDOMF_MACRO_FORMID . '/', '/' . TDOMF_MACRO_FORMNAME . '/', '/' . TDOMF_MACRO_FORMDESCRIPTION . '/');
$replacements = array($_SERVER['REQUEST_URI'] . '#tdomf_form' . $form_id, $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id), tdomf_get_option_form(TDOMF_OPTION_DESCRIPTION, $form_id));
$message = preg_replace($patterns, $replacements, $message);
}
// A lot of people use the ID uppercase format
$post_ID = $post_id;
// execute any PHP code in the message
ob_start();
extract($post_args, EXTR_PREFIX_INVALID, "tdomf_");
$message = @eval("?>" . $message);
$message = ob_get_contents();
ob_end_clean();
return $message;
}
/**
* Process form input for widget
*
* @access public
* @return Mixed
*/
function post($args, $options)
{
extract($args);
// if sumbitting a new post (as opposed to editing)
// make sure to *append* to post_content. For editing, overwrite.
//
if (TDOMF_Widget::isSubmitForm($mode)) {
// Grab existing data
$post = wp_get_single_post($post_ID, ARRAY_A);
if (!empty($post['post_content'])) {
$post = add_magic_quotes($post);
}
// Append
$post_content = $post['post_content'];
$post_content .= $this->textarea->post($args, $options, 'content_content');
} else {
// $mode startswith "edit-"
// Overwrite
$post_content = $this->textarea->post($args, $options, 'content_content');
}
// Title
if ($options['title-enable']) {
$content_title = tdomf_protect_input($this->textfield->post($args, $options, 'content_title'));
}
// Update actual post
$post = array("ID" => $post_ID, "post_content" => $post_content);
if ($options['title-enable']) {
$post["post_title"] = $content_title;
$post["post_name"] = sanitize_title($content_title);
}
$post_ID = wp_update_post($post);
return NULL;
}
/**
* Process form input for widget
*
* @access public
* @return Mixed
*/
function post($args, $options)
{
global $current_user;
get_currentuserinfo();
extract($args);
// if sumbitting a new post (as opposed to editing)
// make sure to *append* to post_content. For editing, overwrite.
//
if (TDOMF_Widget::isEditForm($mode)) {
$edit_data = tdomf_get_data_edit($edit_id);
if (isset($whoami_name)) {
$edit_data[TDOMF_KEY_NAME] = tdomf_protect_input($whoami_name);
} else {
$whoami_name = "";
}
if (isset($whoami_webpage)) {
$edit_data[TDOMF_KEY_WEB] = $whoami_webpage;
} else {
$whoami_webpage = "";
}
if (isset($whoami_email)) {
$edit_data[TDOMF_KEY_EMAIL] = $whoami_email;
} else {
$whoami_email = "";
}
if (is_user_logged_in()) {
if ($current_user->ID != get_option(TDOMF_DEFAULT_AUTHOR)) {
$edit_data[TDOMF_KEY_USER_ID] = $current_user->ID;
$edit_data[TDOMF_KEY_USER_NAME] = $current_user->user_login;
$edit_data[TDOMF_KEY_NAME] = $current_user->display_name;
$edit_data[TDOMF_KEY_EMAIL] = $current_user->user_email;
$edit_data[TDOMF_KEY_WEB] = $current_user->user_url;
update_usermeta($current_user->ID, TDOMF_KEY_FLAG, true);
}
}
tdomf_set_data_edit($edit_data, $edit_id);
} else {
if (isset($whoami_name)) {
add_post_meta($post_ID, TDOMF_KEY_NAME, tdomf_protect_input($whoami_name), true);
} else {
$whoami_name = "";
}
if (isset($whoami_webpage)) {
add_post_meta($post_ID, TDOMF_KEY_WEB, $whoami_webpage, true);
} else {
$whoami_webpage = "";
}
if (isset($whoami_email)) {
add_post_meta($post_ID, TDOMF_KEY_EMAIL, $whoami_email, true);
} else {
$whoami_email = "";
}
if (is_user_logged_in()) {
if ($current_user->ID != get_option(TDOMF_DEFAULT_AUTHOR)) {
add_post_meta($post_ID, TDOMF_KEY_USER_ID, $current_user->ID, true);
add_post_meta($post_ID, TDOMF_KEY_USER_NAME, $current_user->user_login, true);
add_post_meta($post_ID, TDOMF_KEY_NAME, $current_user->display_name, true);
add_post_meta($post_ID, TDOMF_KEY_EMAIL, $current_user->user_email, true);
add_post_meta($post_ID, TDOMF_KEY_WEB, $current_user->user_url, true);
update_usermeta($current_user->ID, TDOMF_KEY_FLAG, true);
}
}
}
TDOMF_WidgetWhoami::tdomf_widget_whoami_store_cookies(tdomf_protect_input($whoami_name), $whoami_email, $whoami_webpage);
return NULL;
}
/**
* Format the custom field as per the options set by user
*
* @return String
*/
function format($value, $options)
{
// boolean is a special case: false turns to '' using strval
if (is_bool($value)) {
$value = $value ? __('true', 'tdomf') : __('false', 'tdomf');
} else {
$value = strval($value);
}
if ($value != '0' && (empty($value) || trim($value) == "")) {
return "";
}
$title = $options['title'];
$key = $options['key'];
$output = $options['format'];
$patterns = array('/%%TITLE%%/', '/%%VALUE%%/', '/%%KEY%%/');
$replacements = array($title, tdomf_protect_input($value), $key);
$output = preg_replace($patterns, $replacements, $output);
return $output;
}
