public static function replace_save_variables($text, $form, $resume_token, $email = null) { $resume_token = sanitize_key($resume_token); $form_id = intval($form['id']); $resume_url = apply_filters('gform_save_and_continue_resume_url', add_query_arg(array('gf_token' => $resume_token), GFFormsModel::get_current_page_url()), $form, $resume_token, $email); $resume_url = esc_url($resume_url); $resume_link = "<a href=\"{$resume_url}\" class='resume_form_link'>{$resume_url}</a>"; $text = str_replace('{save_link}', $resume_link, $text); $text = str_replace('{save_token}', $resume_token, $text); $text = str_replace('{save_url}', $resume_url, $text); $email_esc = esc_attr($email); $text = str_replace('{save_email}', $email_esc, $text); $resume_submit_button_text = esc_html__('Send Email', 'gravityforms'); $resume_email_validation_message = esc_html__('Please enter a valid email address.', 'gravityforms'); // The {save_email_input} accepts shortcode-style options button_text and validation_message. E.g., // {save_email_input: button_text="Send the link to my email address" validation_message="The link couldn't be sent because the email address is not valid."} preg_match_all('/\\{save_email_input:(.*?)\\}/', $text, $matches, PREG_SET_ORDER); if (is_array($matches) && isset($matches[0]) && isset($matches[0][1])) { $options_string = isset($matches[0][1]) ? $matches[0][1] : ''; $options = shortcode_parse_atts($options_string); if (isset($options['button_text'])) { $resume_submit_button_text = $options['button_text']; } if (isset($options['validation_message'])) { $resume_email_validation_message = $options['validation_message']; } $full_tag = $matches[0][0]; $text = str_replace($full_tag, '{save_email_input}', $text); } $action = esc_url(remove_query_arg('gf_token')); $ajax = isset($_POST['gform_ajax']); $has_pages = self::has_pages($form); $default_anchor = $has_pages || $ajax ? true : false; $use_anchor = gf_apply_filters(array('gform_confirmation_anchor', $form_id), $default_anchor); if ($use_anchor !== false) { $action .= "#gf_{$form_id}"; } $html_input_type = RGFormsModel::is_html5_enabled() ? 'email' : 'text'; $resume_token = esc_attr($resume_token); $validation_message = !is_null($email) && !GFCommon::is_valid_email($email) ? sprintf('<div class="validation_message">%s</div>', $resume_email_validation_message) : ''; $nonce_input = ''; if (rgar($form, 'requireLogin')) { $nonce_input = wp_nonce_field('gform_send_resume_link', '_gform_send_resume_link_nonce', true, false); } $target = $ajax ? "target='gform_ajax_frame_{$form_id}'" : ''; $ajax_fields = ''; if ($ajax) { $ajax_fields = "<input type='hidden' name='gform_ajax' value='" . esc_attr("form_id={$form_id}&title=1&description=1&tabindex=1") . "' />"; $ajax_fields .= "<input type='hidden' name='gform_field_values' value='' />"; } $resume_form = "<div class='form_saved_message_emailform'>\n\t\t\t\t\t\t\t<form action='{$action}' method='POST' id='gform_{$form_id}' {$target}>\n\t\t\t\t\t\t\t\t{$ajax_fields}\n\t\t\t\t\t\t\t\t<input type='{$html_input_type}' name='gform_resume_email' value='{$email_esc}'/>\n\t\t\t\t\t\t\t\t<input type='hidden' name='gform_resume_token' value='{$resume_token}' />\n\t\t\t\t\t\t\t\t<input type='hidden' name='gform_send_resume_link' value='{$form_id}' />\n\t <input type='submit' name='gform_send_resume_link_button' id='gform_send_resume_link_button_{$form_id}' value='{$resume_submit_button_text}' />\n\t {$validation_message}\n\t {$nonce_input}\n\t\t\t\t\t\t\t</form>\n\t </div>"; $text = str_replace('{save_email_input}', $resume_form, $text); return $text; }
/** * Adds a single Entry object. * * Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here. * Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist). * * @since 1.8 * @access public * @static * * @param array $entry The Entry object * * @return mixed Either the new Entry ID or a WP_Error instance */ public static function add_entry($entry) { global $wpdb; if (!is_array($entry)) { return new WP_Error('invalid_entry_object', __('The entry object must be an array', 'gravityforms')); } // make sure the form id exists $form_id = rgar($entry, 'form_id'); if (empty($form_id)) { return new WP_Error('empty_form_id', __('The form id must be specified', 'gravityforms')); } if (false === self::form_id_exists($form_id)) { return new WP_Error('invalid_form_id', __('The form for this entry does not exist', 'gravityforms')); } // use values in the entry object if present $post_id = isset($entry['post_id']) ? intval($entry['post_id']) : 'NULL'; $date_created = isset($entry['date_created']) && $entry['date_created'] != '' ? sprintf("'%s'", esc_sql($entry['date_created'])) : 'utc_timestamp()'; $is_starred = isset($entry['is_starred']) ? $entry['is_starred'] : 0; $is_read = isset($entry['is_read']) ? $entry['is_read'] : 0; $ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip(); $source_url = isset($entry['source_url']) ? $entry['source_url'] : esc_url_raw(GFFormsModel::get_current_page_url()); $user_agent = isset($entry['user_agent']) ? $entry['user_agent'] : 'API'; $currency = isset($entry['currency']) ? $entry['currency'] : GFCommon::get_currency(); $payment_status = isset($entry['payment_status']) ? sprintf("'%s'", esc_sql($entry['payment_status'])) : 'NULL'; $payment_date = strtotime(rgar($entry, 'payment_date')) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry['payment_date']}"))) : 'NULL'; $payment_amount = isset($entry['payment_amount']) ? (double) $entry['payment_amount'] : 'NULL'; $payment_method = isset($entry['payment_method']) ? $entry['payment_method'] : ''; $transaction_id = isset($entry['transaction_id']) ? sprintf("'%s'", esc_sql($entry['transaction_id'])) : 'NULL'; $is_fulfilled = isset($entry['is_fulfilled']) ? intval($entry['is_fulfilled']) : 'NULL'; $status = isset($entry['status']) ? $entry['status'] : 'active'; global $current_user; $user_id = isset($entry['created_by']) ? absint($entry['created_by']) : ''; if (empty($user_id)) { $user_id = $current_user && $current_user->ID ? absint($current_user->ID) : 'NULL'; } $transaction_type = isset($entry['transaction_type']) ? intval($entry['transaction_type']) : 'NULL'; $lead_table = GFFormsModel::get_lead_table_name(); $result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method)); if (false === $result) { return new WP_Error('insert_entry_properties_failed', __('There was a problem while inserting the entry properties', 'gravityforms'), $wpdb->last_error); } // reading newly created lead id $entry_id = $wpdb->insert_id; $entry['id'] = $entry_id; // only save field values for fields that currently exist in the form $form = GFFormsModel::get_form_meta($form_id); foreach ($form['fields'] as $field) { /* @var GF_Field $field */ if (in_array($field->type, array('html', 'page', 'section'))) { continue; } $inputs = $field->get_entry_inputs(); if (is_array($inputs)) { foreach ($inputs as $input) { $input_id = (string) $input['id']; if (isset($entry[$input_id])) { $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[$input_id]); if (false === $result) { return new WP_Error('insert_input_value_failed', __('There was a problem while inserting one of the input values for the entry', 'gravityforms'), $wpdb->last_error); } } } } else { $field_id = $field->id; $field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : ''; $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value); if (false === $result) { return new WP_Error('insert_field_values_failed', __('There was a problem while inserting the field values', 'gravityforms'), $wpdb->last_error); } } } // add save the entry meta values - only for the entry meta currently available for the form, ignore the rest $entry_meta = GFFormsModel::get_entry_meta($form_id); if (is_array($entry_meta)) { foreach (array_keys($entry_meta) as $key) { if (isset($entry[$key])) { gform_update_meta($entry_id, $key, $entry[$key], $form['id']); } } } // Refresh the entry $entry = GFAPI::get_entry($entry['id']); /** * Fires after the Entry is added using the API. * * @since 1.9.14.26 * * @param array $entry * @param array $form */ do_action('gform_post_add_entry', $entry, $form); return $entry_id; }
/** * Adds a single Entry object. * * Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here. * Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist). * * @since 1.8 * @access public * @static * * @param array $entry The Entry object * * @return mixed Either the new Entry ID or a WP_Error instance */ public static function add_entry($entry) { global $wpdb; if (!is_array($entry)) { return new WP_Error("invalid_entry_object", __("The entry object must be an array", "gravityforms")); } // make sure the form id exists $form_id = rgar($entry, "form_id"); if (empty($form_id)) { return new WP_Error("empty_form_id", __("The form id must be specified", "gravityforms")); } if (false === self::form_id_exists($form_id)) { return new WP_Error("invalid_form_id", __("The form for this entry does not exist", "gravityforms")); } // use values in the entry object if present $post_id = isset($entry["post_id"]) ? intval($entry["post_id"]) : 'NULL'; $date_created = isset($entry["date_created"]) && $entry["date_created"] != "" ? sprintf("'%s'", mysql_real_escape_string($entry["date_created"])) : "utc_timestamp()"; $is_starred = isset($entry["is_starred"]) ? $entry["is_starred"] : 0; $is_read = isset($entry["is_read"]) ? $entry["is_read"] : 0; $ip = isset($entry["ip"]) ? $entry["ip"] : GFFormsModel::get_ip(); $source_url = isset($entry["source_url"]) ? $entry["source_url"] : GFFormsModel::get_current_page_url(); $user_agent = isset($entry["user_agent"]) ? $entry["user_agent"] : "API"; $currency = isset($entry["currency"]) ? $entry["currency"] : GFCommon::get_currency(); $payment_status = isset($entry["payment_status"]) ? sprintf("'%s'", mysql_real_escape_string($entry["payment_status"])) : 'NULL'; $payment_date = strtotime(rgar($entry, "payment_date")) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry["payment_date"]}"))) : "NULL"; $payment_amount = isset($entry["payment_amount"]) ? (double) $entry["payment_amount"] : 'NULL'; $payment_method = isset($entry["payment_method"]) ? $entry["payment_method"] : ''; $transaction_id = isset($entry["transaction_id"]) ? sprintf("'%s'", mysql_real_escape_string($entry["transaction_id"])) : 'NULL'; $is_fulfilled = isset($entry["is_fulfilled"]) ? intval($entry["is_fulfilled"]) : 'NULL'; $status = isset($entry["status"]) ? $entry["status"] : "active"; global $current_user; $user_id = isset($entry["created_by"]) ? mysql_real_escape_string($entry["created_by"]) : ""; if (empty($user_id)) { $user_id = $current_user && $current_user->ID ? $current_user->ID : 'NULL'; } $transaction_type = isset($entry["transaction_type"]) ? intval($entry["transaction_type"]) : 'NULL'; $lead_table = GFFormsModel::get_lead_table_name(); $result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method)); if (false === $result) { return new WP_Error("insert_entry_properties_failed", __("There was a problem while inserting the entry properties", "gravityforms"), $wpdb->last_error); } // reading newly created lead id $entry_id = $wpdb->insert_id; $entry["id"] = $entry_id; // only save field values for fields that currently exist in the form $form = GFFormsModel::get_form_meta($form_id); foreach ($form["fields"] as $field) { if (in_array($field["type"], array("html", "page", "section"))) { continue; } if (isset($field["inputs"]) && is_array($field["inputs"])) { foreach ($field["inputs"] as $input) { $input_id = $input["id"]; if (isset($entry[(string) $input_id])) { $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[(string) $input_id]); if (false === $result) { return new WP_Error("insert_input_value_failed", __("There was a problem while inserting one of the input values for the entry", "gravityforms"), $wpdb->last_error); } } } } else { $field_id = $field["id"]; $field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : ""; $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value); if (false === $result) { return new WP_Error("insert_field_values_failed", __("There was a problem while inserting the field values", "gravityforms"), $wpdb->last_error); } } } // add save the entry meta values - only for the entry meta currently available for the form, ignore the rest $entry_meta = GFFormsModel::get_entry_meta($form_id); if (is_array($entry_meta)) { foreach (array_keys($entry_meta) as $key) { if (isset($entry[$key])) { gform_update_meta($entry_id, $key, $entry[$key]); } } } return $entry_id; }
public function is_limit_reached($form_id) { global $wpdb; $where = array(); $join = array(); $where[] = 'l.status = "active"'; foreach ($this->_args['limit_by'] as $limiter) { switch ($limiter) { case 'role': // user ID is required when limiting by role // user ID is required when limiting by role case 'user_id': $where[] = $wpdb->prepare('l.created_by = %s', get_current_user_id()); break; case 'embed_url': $where[] = $wpdb->prepare('l.source_url = %s', GFFormsModel::get_current_page_url()); break; case 'field_value': $values = $this->get_limit_field_values($form_id, $this->get_limit_field_ids()); // if there is no value submitted for any of our fields, limit is never reached if (empty($values)) { return false; } foreach ($values as $field_id => $value) { $table_slug = sprintf('ld%s', str_replace('.', '_', $field_id)); $join[] = "INNER JOIN {$wpdb->prefix}rg_lead_detail {$table_slug} ON {$table_slug}.lead_id = l.id"; //$where[] = $wpdb->prepare( "CAST( {$table_slug}.field_number as unsigned ) = %f AND {$table_slug}.value = %s", $field_id, $value ); $where[] = $wpdb->prepare("\n( ( {$table_slug}.field_number BETWEEN %s AND %s ) AND {$table_slug}.value = %s )", doubleval($field_id) - 0.001, doubleval($field_id) + 0.001, $value); } break; default: $where[] = $wpdb->prepare('ip = %s', GFFormsModel::get_ip()); } } if ($this->_args['apply_limit_per_form']) { $where[] = $wpdb->prepare('l.form_id = %d', $form_id); } $time_period = $this->_args['time_period']; $time_period_sql = false; if ($time_period === false) { // no time period } else { if (intval($time_period) > 0) { $time_period_sql = $wpdb->prepare('date_created BETWEEN DATE_SUB(utc_timestamp(), INTERVAL %d SECOND) AND utc_timestamp()', $this->_args['time_period']); } else { switch ($time_period) { case 'per_day': case 'day': $time_period_sql = 'DATE( date_created ) = DATE( utc_timestamp() )'; break; case 'per_month': case 'month': $time_period_sql = 'MONTH( date_created ) = MONTH( utc_timestamp() )'; break; case 'per_year': case 'year': $time_period_sql = 'YEAR( date_created ) = YEAR( utc_timestamp() )'; break; } } } if ($time_period_sql) { $where[] = $time_period_sql; } $where = implode(' AND ', $where); $join = implode("\n", $join); $sql = "SELECT count( l.id )\n FROM {$wpdb->prefix}rg_lead l\n {$join}\n WHERE {$where}"; $entry_count = $wpdb->get_var($sql); return $entry_count >= $this->get_limit(); }