public static function process_form($form_id)
{
GFCommon::log_debug("GFFormDisplay::process_form(): Starting to process form (#{$form_id}) submission.");
$form = GFAPI::get_form($form_id);
/**
* Filter the form before GF begins to process the submission.
*
* @param array $form The Form Object
*/
$filtered_form = gf_apply_filters(array('gform_pre_process', $form['id']), $form);
if ($filtered_form !== null) {
$form = $filtered_form;
}
//reading form metadata
$form = self::maybe_add_review_page($form);
if (!$form['is_active'] || $form['is_trash']) {
return;
}
if (rgar($form, 'requireLogin')) {
if (!is_user_logged_in()) {
return;
}
check_admin_referer('gform_submit_' . $form_id, '_gform_submit_nonce_' . $form_id);
}
$lead = array();
$field_values = RGForms::post('gform_field_values');
$confirmation_message = '';
$source_page_number = self::get_source_page($form_id);
$page_number = $source_page_number;
$target_page = self::get_target_page($form, $page_number, $field_values);
GFCommon::log_debug("GFFormDisplay::process_form(): Source page number: {$source_page_number}. Target page number: {$target_page}.");
//Loading files that have been uploaded to temp folder
$files = GFCommon::json_decode(stripslashes(RGForms::post('gform_uploaded_files')));
if (!is_array($files)) {
$files = array();
}
RGFormsModel::$uploaded_files[$form_id] = $files;
$saving_for_later = rgpost('gform_save') ? true : false;
$is_valid = true;
$failed_validation_page = $page_number;
//don't validate when going to previous page or saving for later
if (!$saving_for_later && (empty($target_page) || $target_page >= $page_number)) {
$is_valid = self::validate($form, $field_values, $page_number, $failed_validation_page);
}
$log_is_valid = $is_valid ? 'Yes' : 'No';
GFCommon::log_debug("GFFormDisplay::process_form(): After validation. Is submission valid? {$log_is_valid}.");
//Upload files to temp folder when saving for later, going to the next page or when submitting the form and it failed validation
if ($saving_for_later || $target_page >= $page_number || $target_page == 0 && !$is_valid) {
if (!empty($_FILES)) {
GFCommon::log_debug('GFFormDisplay::process_form(): Uploading files...');
//Uploading files to temporary folder
$files = self::upload_files($form, $files);
RGFormsModel::$uploaded_files[$form_id] = $files;
}
}
// Load target page if it did not fail validation or if going to the previous page
if (!$saving_for_later && $is_valid) {
$page_number = $target_page;
} else {
$page_number = $failed_validation_page;
}
$confirmation = '';
if ($is_valid && $page_number == 0 || $saving_for_later) {
$ajax = isset($_POST['gform_ajax']);
//adds honeypot field if configured
if (rgar($form, 'enableHoneypot')) {
$form['fields'][] = self::get_honeypot_field($form);
}
$failed_honeypot = rgar($form, 'enableHoneypot') && !self::validate_honeypot($form);
if ($failed_honeypot) {
GFCommon::log_debug('GFFormDisplay::process_form(): Failed Honeypot validation. Displaying confirmation and aborting.');
//display confirmation but doesn't process the form when honeypot fails
$confirmation = self::handle_confirmation($form, $lead, $ajax);
$is_valid = false;
} elseif (!$saving_for_later) {
GFCommon::log_debug('GFFormDisplay::process_form(): Submission is valid. Moving forward.');
$form = self::update_confirmation($form);
//pre submission action
/**
* Fires before form submission is handled
*
* Typically used to modify values before the submission is processed.
*
* @param array $form The Form object
*/
gf_do_action(array('gform_pre_submission', $form['id']), $form);
//pre submission filter
$form = gf_apply_filters(array('gform_pre_submission_filter', $form_id), $form);
//handle submission
$confirmation = self::handle_submission($form, $lead, $ajax);
//after submission hook
if (has_filter('gform_after_submission') || has_filter("gform_after_submission_{$form['id']}")) {
GFCommon::log_debug(__METHOD__ . '(): Executing functions hooked to gform_after_submission.');
}
/**
* Fires after successful form submission
*
* Used to perform additional actions after submission
*
* @param array $lead The Entry object
* @param array $form The Form object
*/
gf_do_action(array('gform_after_submission', $form['id']), $lead, $form);
} elseif ($saving_for_later) {
GFCommon::log_debug('GFFormDisplay::process_form(): Saving for later.');
$lead = GFFormsModel::get_current_lead();
$form = self::update_confirmation($form, $lead, 'form_saved');
$confirmation = rgar($form['confirmation'], 'message');
$nl2br = rgar($form['confirmation'], 'disableAutoformat') ? false : true;
$confirmation = GFCommon::replace_variables($confirmation, $form, $lead, false, true, $nl2br);
$form_unique_id = GFFormsModel::get_form_unique_id($form_id);
$ip = GFFormsModel::get_ip();
$source_url = GFFormsModel::get_current_page_url();
$source_url = esc_url_raw($source_url);
$resume_token = rgpost('gform_resume_token');
$resume_token = sanitize_key($resume_token);
$resume_token = GFFormsModel::save_incomplete_submission($form, $lead, $field_values, $page_number, $files, $form_unique_id, $ip, $source_url, $resume_token);
$notifications_to_send = GFCommon::get_notifications_to_send('form_saved', $form, $lead);
$log_notification_event = empty($notifications_to_send) ? 'No notifications to process' : 'Processing notifications';
GFCommon::log_debug("GFFormDisplay::process_form(): {$log_notification_event} for form_saved event.");
foreach ($notifications_to_send as $notification) {
if (isset($notification['isActive']) && !$notification['isActive']) {
GFCommon::log_debug("GFFormDisplay::process_form(): Notification is inactive, not processing notification (#{$notification['id']} - {$notification['name']}).");
continue;
}
$notification['message'] = self::replace_save_variables($notification['message'], $form, $resume_token);
GFCommon::send_notification($notification, $form, $lead);
}
self::set_submission_if_null($form_id, 'saved_for_later', true);
self::set_submission_if_null($form_id, 'resume_token', $resume_token);
GFCommon::log_debug('GFFormDisplay::process_form(): Saved incomplete submission.');
}
if (is_array($confirmation) && isset($confirmation['redirect'])) {
header("Location: {$confirmation["redirect"]}");
/**
* Fires after submission, if the confirmation page includes a redirect
*
* Used to perform additional actions after submission
*
* @param array $lead The Entry object
* @param array $form The Form object
*/
gf_do_action(array('gform_post_submission', $form['id']), $lead, $form);
exit;
}
}
if (!isset(self::$submission[$form_id])) {
self::$submission[$form_id] = array();
}
self::set_submission_if_null($form_id, 'is_valid', $is_valid);
self::set_submission_if_null($form_id, 'form', $form);
self::set_submission_if_null($form_id, 'lead', $lead);
self::set_submission_if_null($form_id, 'confirmation_message', $confirmation);
self::set_submission_if_null($form_id, 'page_number', $page_number);
self::set_submission_if_null($form_id, 'source_page_number', $source_page_number);
/**
* Fires after the form processing is completed. Form processing happens when submitting a page on a multi-page form (i.e. going to the "Next" or "Previous" page), or
* when submitting a single page form.
*
* @param array $form The Form Object
* @param int $page_number In a multi-page form, this variable contains the current page number.
* @param int $source_page_number In a multi-page form, this parameters contains the number of the page that the submission came from.
* For example, when clicking "Next" on page 1, this parameter will be set to 1. When clicking "Previous" on page 2, this parameter will be set to 2.
*/
gf_do_action(array('gform_post_process', $form['id']), $form, $page_number, $source_page_number);
}
/**
* Adds a single Entry object.
*
* Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here.
* Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist).
*
* @since 1.8
* @access public
* @static
*
* @param array $entry The Entry object
*
* @return mixed Either the new Entry ID or a WP_Error instance
*/
public static function add_entry($entry)
{
global $wpdb;
if (!is_array($entry)) {
return new WP_Error("invalid_entry_object", __("The entry object must be an array", "gravityforms"));
}
// make sure the form id exists
$form_id = rgar($entry, "form_id");
if (empty($form_id)) {
return new WP_Error("empty_form_id", __("The form id must be specified", "gravityforms"));
}
if (false === self::form_id_exists($form_id)) {
return new WP_Error("invalid_form_id", __("The form for this entry does not exist", "gravityforms"));
}
// use values in the entry object if present
$post_id = isset($entry["post_id"]) ? intval($entry["post_id"]) : 'NULL';
$date_created = isset($entry["date_created"]) && $entry["date_created"] != "" ? sprintf("'%s'", mysql_real_escape_string($entry["date_created"])) : "utc_timestamp()";
$is_starred = isset($entry["is_starred"]) ? $entry["is_starred"] : 0;
$is_read = isset($entry["is_read"]) ? $entry["is_read"] : 0;
$ip = isset($entry["ip"]) ? $entry["ip"] : GFFormsModel::get_ip();
$source_url = isset($entry["source_url"]) ? $entry["source_url"] : GFFormsModel::get_current_page_url();
$user_agent = isset($entry["user_agent"]) ? $entry["user_agent"] : "API";
$currency = isset($entry["currency"]) ? $entry["currency"] : GFCommon::get_currency();
$payment_status = isset($entry["payment_status"]) ? sprintf("'%s'", mysql_real_escape_string($entry["payment_status"])) : 'NULL';
$payment_date = strtotime(rgar($entry, "payment_date")) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry["payment_date"]}"))) : "NULL";
$payment_amount = isset($entry["payment_amount"]) ? (double) $entry["payment_amount"] : 'NULL';
$payment_method = isset($entry["payment_method"]) ? $entry["payment_method"] : '';
$transaction_id = isset($entry["transaction_id"]) ? sprintf("'%s'", mysql_real_escape_string($entry["transaction_id"])) : 'NULL';
$is_fulfilled = isset($entry["is_fulfilled"]) ? intval($entry["is_fulfilled"]) : 'NULL';
$status = isset($entry["status"]) ? $entry["status"] : "active";
global $current_user;
$user_id = isset($entry["created_by"]) ? mysql_real_escape_string($entry["created_by"]) : "";
if (empty($user_id)) {
$user_id = $current_user && $current_user->ID ? $current_user->ID : 'NULL';
}
$transaction_type = isset($entry["transaction_type"]) ? intval($entry["transaction_type"]) : 'NULL';
$lead_table = GFFormsModel::get_lead_table_name();
$result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method));
if (false === $result) {
return new WP_Error("insert_entry_properties_failed", __("There was a problem while inserting the entry properties", "gravityforms"), $wpdb->last_error);
}
// reading newly created lead id
$entry_id = $wpdb->insert_id;
$entry["id"] = $entry_id;
// only save field values for fields that currently exist in the form
$form = GFFormsModel::get_form_meta($form_id);
foreach ($form["fields"] as $field) {
if (in_array($field["type"], array("html", "page", "section"))) {
continue;
}
if (isset($field["inputs"]) && is_array($field["inputs"])) {
foreach ($field["inputs"] as $input) {
$input_id = $input["id"];
if (isset($entry[(string) $input_id])) {
$result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[(string) $input_id]);
if (false === $result) {
return new WP_Error("insert_input_value_failed", __("There was a problem while inserting one of the input values for the entry", "gravityforms"), $wpdb->last_error);
}
}
}
} else {
$field_id = $field["id"];
$field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : "";
$result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value);
if (false === $result) {
return new WP_Error("insert_field_values_failed", __("There was a problem while inserting the field values", "gravityforms"), $wpdb->last_error);
}
}
}
// add save the entry meta values - only for the entry meta currently available for the form, ignore the rest
$entry_meta = GFFormsModel::get_entry_meta($form_id);
if (is_array($entry_meta)) {
foreach (array_keys($entry_meta) as $key) {
if (isset($entry[$key])) {
gform_update_meta($entry_id, $key, $entry[$key]);
}
}
}
return $entry_id;
}
public static function replace_variables_prepopulate($text, $url_encode = false, $entry = false, $esc_html = false)
{
//embed url
$current_page_url = RGFormsModel::get_current_page_url();
if ($esc_html) {
$current_page_url = esc_html($current_page_url);
}
if ($url_encode) {
$current_page_url = urlencode($current_page_url);
}
$text = str_replace('{embed_url}', $current_page_url, $text);
$local_timestamp = self::get_local_timestamp(time());
//date (mm/dd/yyyy)
$local_date_mdy = date_i18n('m/d/Y', $local_timestamp, true);
$text = str_replace('{date_mdy}', $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text);
//date (dd/mm/yyyy)
$local_date_dmy = date_i18n('d/m/Y', $local_timestamp, true);
$text = str_replace('{date_dmy}', $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text);
// ip
$ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip();
$text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text);
global $post;
$post_array = self::object_to_array($post);
preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$text = str_replace($full_tag, $url_encode ? urlencode($post_array[$property]) : $post_array[$property], $text);
}
//embed post custom fields
preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$custom_field_name = $match[1];
$custom_field_value = !empty($post_array['ID']) ? get_post_meta($post_array['ID'], $custom_field_name, true) : '';
$text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text);
}
//user agent
$user_agent = RGForms::get('HTTP_USER_AGENT', $_SERVER);
if ($esc_html) {
$user_agent = esc_html($user_agent);
}
if ($url_encode) {
$user_agent = urlencode($user_agent);
}
$text = str_replace('{user_agent}', $user_agent, $text);
//referrer
$referer = RGForms::get('HTTP_REFERER', $_SERVER);
if ($esc_html) {
$referer = esc_html($referer);
}
if ($url_encode) {
$referer = urlencode($referer);
}
$text = str_replace('{referer}', $referer, $text);
//logged in user info
global $userdata, $wp_version, $current_user;
$user_array = self::object_to_array($userdata);
preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property];
$value = $url_encode ? urlencode($value) : $value;
$text = str_replace($full_tag, $value, $text);
}
$text = apply_filters('gform_replace_merge_tags', $text, false, $entry, $url_encode, $esc_html, false, false);
return $text;
}
/**
* Adds a single Entry object.
*
* Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here.
* Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist).
*
* @since 1.8
* @access public
* @static
*
* @param array $entry The Entry object
*
* @return mixed Either the new Entry ID or a WP_Error instance
*/
public static function add_entry($entry)
{
global $wpdb;
if (!is_array($entry)) {
return new WP_Error('invalid_entry_object', __('The entry object must be an array', 'gravityforms'));
}
// make sure the form id exists
$form_id = rgar($entry, 'form_id');
if (empty($form_id)) {
return new WP_Error('empty_form_id', __('The form id must be specified', 'gravityforms'));
}
if (false === self::form_id_exists($form_id)) {
return new WP_Error('invalid_form_id', __('The form for this entry does not exist', 'gravityforms'));
}
// use values in the entry object if present
$post_id = isset($entry['post_id']) ? intval($entry['post_id']) : 'NULL';
$date_created = isset($entry['date_created']) && $entry['date_created'] != '' ? sprintf("'%s'", esc_sql($entry['date_created'])) : 'utc_timestamp()';
$is_starred = isset($entry['is_starred']) ? $entry['is_starred'] : 0;
$is_read = isset($entry['is_read']) ? $entry['is_read'] : 0;
$ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip();
$source_url = isset($entry['source_url']) ? $entry['source_url'] : esc_url_raw(GFFormsModel::get_current_page_url());
$user_agent = isset($entry['user_agent']) ? $entry['user_agent'] : 'API';
$currency = isset($entry['currency']) ? $entry['currency'] : GFCommon::get_currency();
$payment_status = isset($entry['payment_status']) ? sprintf("'%s'", esc_sql($entry['payment_status'])) : 'NULL';
$payment_date = strtotime(rgar($entry, 'payment_date')) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry['payment_date']}"))) : 'NULL';
$payment_amount = isset($entry['payment_amount']) ? (double) $entry['payment_amount'] : 'NULL';
$payment_method = isset($entry['payment_method']) ? $entry['payment_method'] : '';
$transaction_id = isset($entry['transaction_id']) ? sprintf("'%s'", esc_sql($entry['transaction_id'])) : 'NULL';
$is_fulfilled = isset($entry['is_fulfilled']) ? intval($entry['is_fulfilled']) : 'NULL';
$status = isset($entry['status']) ? $entry['status'] : 'active';
global $current_user;
$user_id = isset($entry['created_by']) ? absint($entry['created_by']) : '';
if (empty($user_id)) {
$user_id = $current_user && $current_user->ID ? absint($current_user->ID) : 'NULL';
}
$transaction_type = isset($entry['transaction_type']) ? intval($entry['transaction_type']) : 'NULL';
$lead_table = GFFormsModel::get_lead_table_name();
$result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method));
if (false === $result) {
return new WP_Error('insert_entry_properties_failed', __('There was a problem while inserting the entry properties', 'gravityforms'), $wpdb->last_error);
}
// reading newly created lead id
$entry_id = $wpdb->insert_id;
$entry['id'] = $entry_id;
// only save field values for fields that currently exist in the form
$form = GFFormsModel::get_form_meta($form_id);
foreach ($form['fields'] as $field) {
/* @var GF_Field $field */
if (in_array($field->type, array('html', 'page', 'section'))) {
continue;
}
$inputs = $field->get_entry_inputs();
if (is_array($inputs)) {
foreach ($inputs as $input) {
$input_id = (string) $input['id'];
if (isset($entry[$input_id])) {
$result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[$input_id]);
if (false === $result) {
return new WP_Error('insert_input_value_failed', __('There was a problem while inserting one of the input values for the entry', 'gravityforms'), $wpdb->last_error);
}
}
}
} else {
$field_id = $field->id;
$field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : '';
$result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value);
if (false === $result) {
return new WP_Error('insert_field_values_failed', __('There was a problem while inserting the field values', 'gravityforms'), $wpdb->last_error);
}
}
}
// add save the entry meta values - only for the entry meta currently available for the form, ignore the rest
$entry_meta = GFFormsModel::get_entry_meta($form_id);
if (is_array($entry_meta)) {
foreach (array_keys($entry_meta) as $key) {
if (isset($entry[$key])) {
gform_update_meta($entry_id, $key, $entry[$key], $form['id']);
}
}
}
// Refresh the entry
$entry = GFAPI::get_entry($entry['id']);
/**
* Fires after the Entry is added using the API.
*
* @since 1.9.14.26
*
* @param array $entry
* @param array $form
*/
do_action('gform_post_add_entry', $entry, $form);
return $entry_id;
}
public static function replace_variables_prepopulate($text, $url_encode = false)
{
//embed url
$text = str_replace("{embed_url}", $url_encode ? urlencode(RGFormsModel::get_current_page_url()) : RGFormsModel::get_current_page_url(), $text);
$local_timestamp = self::get_local_timestamp(time());
//date (mm/dd/yyyy)
$local_date_mdy = date_i18n("m/d/Y", $local_timestamp, true);
$text = str_replace("{date_mdy}", $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text);
//date (dd/mm/yyyy)
$local_date_dmy = date_i18n("d/m/Y", $local_timestamp, true);
$text = str_replace("{date_dmy}", $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text);
// ip
$ip = GFFormsModel::get_ip();
$text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text);
global $post;
$post_array = self::object_to_array($post);
preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$text = str_replace($full_tag, $url_encode ? urlencode($post_array[$property]) : $post_array[$property], $text);
}
//embed post custom fields
preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$custom_field_name = $match[1];
$custom_field_value = !empty($post_array["ID"]) ? get_post_meta($post_array["ID"], $custom_field_name, true) : "";
$text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text);
}
//user agent
$text = str_replace("{user_agent}", $url_encode ? urlencode(RGForms::get("HTTP_USER_AGENT", $_SERVER)) : RGForms::get("HTTP_USER_AGENT", $_SERVER), $text);
//referrer
$text = str_replace("{referer}", $url_encode ? urlencode(RGForms::get("HTTP_REFERER", $_SERVER)) : RGForms::get("HTTP_REFERER", $_SERVER), $text);
//logged in user info
global $userdata, $wp_version, $current_user;
$user_array = self::object_to_array($userdata);
preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property];
$value = $url_encode ? urlencode($value) : $value;
$text = str_replace($full_tag, $value, $text);
}
return $text;
}
public static function replace_variables_prepopulate($text, $url_encode = false, $entry = false, $esc_html = false, $form = false, $nl2br = false, $format = 'html')
{
//embed url
$current_page_url = empty($entry) ? RGFormsModel::get_current_page_url() : rgar($entry, 'source_url');
if ($esc_html) {
$current_page_url = esc_html($current_page_url);
}
if ($url_encode) {
$current_page_url = urlencode($current_page_url);
}
$text = str_replace('{embed_url}', $current_page_url, $text);
$local_timestamp = self::get_local_timestamp(time());
//date (mm/dd/yyyy)
$local_date_mdy = date_i18n('m/d/Y', $local_timestamp, true);
$text = str_replace('{date_mdy}', $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text);
//date (dd/mm/yyyy)
$local_date_dmy = date_i18n('d/m/Y', $local_timestamp, true);
$text = str_replace('{date_dmy}', $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text);
// ip
$ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip();
$text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text);
$is_singular = is_singular();
global $post;
$post_array = self::object_to_array($post);
preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$value = $is_singular ? $post_array[$property] : '';
$text = str_replace($full_tag, $url_encode ? urlencode($value) : $value, $text);
}
//embed post custom fields
preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$custom_field_name = $match[1];
$custom_field_value = $is_singular && !empty($post_array['ID']) ? get_post_meta($post_array['ID'], $custom_field_name, true) : '';
$text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text);
}
//user agent
$user_agent = RGForms::get('HTTP_USER_AGENT', $_SERVER);
if ($esc_html) {
$user_agent = esc_html($user_agent);
}
if ($url_encode) {
$user_agent = urlencode($user_agent);
}
$text = str_replace('{user_agent}', $user_agent, $text);
//referrer
$referer = RGForms::get('HTTP_REFERER', $_SERVER);
if ($esc_html) {
$referer = esc_html($referer);
}
if ($url_encode) {
$referer = urlencode($referer);
}
$text = str_replace('{referer}', $referer, $text);
//logged in user info
global $userdata, $wp_version, $current_user;
$user_array = self::object_to_array($userdata);
preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER);
foreach ($matches as $match) {
$full_tag = $match[0];
$property = $match[1];
$value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property];
$value = $url_encode ? urlencode($value) : $value;
$text = str_replace($full_tag, $value, $text);
}
/**
* Allow the text to be filtered so custom merge tags can be replaced.
*
* @param string $text The text in which merge tags are being processed.
* @param false|array $form The Form object if available or false.
* @param false|array $entry The Entry object if available or false.
* @param bool $url_encode Indicates if the urlencode function should be applied.
* @param bool $esc_html Indicates if the esc_html function should be applied.
* @param bool $nl2br Indicates if the nl2br function should be applied.
* @param string $format The format requested for the location the merge is being used. Possible values: html, text or url.
*/
$text = apply_filters('gform_replace_merge_tags', $text, $form, $entry, $url_encode, $esc_html, $nl2br, $format);
return $text;
}
public static function process_form($form_id)
{
GFCommon::log_debug("GFFormDisplay::process_form(): Starting to process form (#{$form_id}) submission.");
//reading form metadata
$form = GFAPI::get_form($form_id);
if (!$form['is_active'] || $form['is_trash']) {
return;
}
if (rgar($form, 'requireLogin')) {
if (!is_user_logged_in()) {
return;
}
check_admin_referer('gform_submit_' . $form_id, '_gform_submit_nonce_' . $form_id);
}
//pre process action
do_action('gform_pre_process', $form);
do_action("gform_pre_process_{$form['id']}", $form);
$lead = array();
$field_values = RGForms::post('gform_field_values');
$confirmation_message = '';
$source_page_number = self::get_source_page($form_id);
$page_number = $source_page_number;
$target_page = self::get_target_page($form, $page_number, $field_values);
GFCommon::log_debug("GFFormDisplay::process_form(): Source page number: {$source_page_number}. Target page number: {$target_page}.");
//Loading files that have been uploaded to temp folder
$files = GFCommon::json_decode(stripslashes(RGForms::post('gform_uploaded_files')));
if (!is_array($files)) {
$files = array();
}
RGFormsModel::$uploaded_files[$form_id] = $files;
$saving_for_later = rgpost('gform_save') ? true : false;
$is_valid = true;
$failed_validation_page = $page_number;
//don't validate when going to previous page or saving for later
if (!$saving_for_later && (empty($target_page) || $target_page >= $page_number)) {
$is_valid = self::validate($form, $field_values, $page_number, $failed_validation_page);
}
$log_is_valid = $is_valid ? 'Yes' : 'No';
GFCommon::log_debug("GFFormDisplay::process_form(): After validation. Is submission valid? {$log_is_valid}.");
//Upload files to temp folder when saving for later, going to the next page or when submitting the form and it failed validation
if ($saving_for_later || $target_page >= $page_number || $target_page == 0 && !$is_valid) {
if (!empty($_FILES)) {
GFCommon::log_debug('GFFormDisplay::process_form(): Uploading files...');
//Uploading files to temporary folder
$files = self::upload_files($form, $files);
RGFormsModel::$uploaded_files[$form_id] = $files;
}
}
// Load target page if it did not fail validation or if going to the previous page
if (!$saving_for_later && $is_valid) {
$page_number = $target_page;
} else {
$page_number = $failed_validation_page;
}
$confirmation = '';
if ($is_valid && $page_number == 0 || $saving_for_later) {
$ajax = isset($_POST['gform_ajax']);
//adds honeypot field if configured
if (rgar($form, 'enableHoneypot')) {
$form['fields'][] = self::get_honeypot_field($form);
}
$failed_honeypot = rgar($form, 'enableHoneypot') && !self::validate_honeypot($form);
if ($failed_honeypot) {
GFCommon::log_debug('GFFormDisplay::process_form(): Failed Honeypot validation. Displaying confirmation and aborting.');
//display confirmation but doesn't process the form when honeypot fails
$confirmation = self::handle_confirmation($form, $lead, $ajax);
$is_valid = false;
} elseif (!$saving_for_later) {
GFCommon::log_debug('GFFormDisplay::process_form(): Submission is valid. Moving forward.');
$form = self::update_confirmation($form);
//pre submission action
do_action('gform_pre_submission', $form);
do_action("gform_pre_submission_{$form['id']}", $form);
//pre submission filter
$form = apply_filters("gform_pre_submission_filter_{$form['id']}", apply_filters('gform_pre_submission_filter', $form));
//handle submission
$confirmation = self::handle_submission($form, $lead, $ajax);
//after submission hook
do_action('gform_after_submission', $lead, $form);
do_action("gform_after_submission_{$form['id']}", $lead, $form);
} elseif ($saving_for_later) {
GFCommon::log_debug('GFFormDisplay::process_form(): Saving for later.');
$lead = GFFormsModel::get_current_lead();
$form = self::update_confirmation($form, $lead, 'form_saved');
$confirmation = rgar($form['confirmation'], 'message');
$nl2br = rgar($form['confirmation'], 'disableAutoformat') ? false : true;
$confirmation = GFCommon::replace_variables($confirmation, $form, $lead, false, true, $nl2br);
$form_unique_id = GFFormsModel::get_form_unique_id($form_id);
$ip = GFFormsModel::get_ip();
$source_url = GFFormsModel::get_current_page_url();
$resume_token = rgpost('gform_resume_token');
$resume_token = GFFormsModel::save_incomplete_submission($form, $lead, $field_values, $page_number, $files, $form_unique_id, $ip, $source_url, $resume_token);
$notifications_to_send = GFCommon::get_notifications_to_send('form_saved', $form, $lead);
$log_notification_event = empty($notifications_to_send) ? 'No notifications to process' : 'Processing notifications';
GFCommon::log_debug("GFFormDisplay::process_form(): {$log_notification_event} for form_saved event.");
foreach ($notifications_to_send as $notification) {
if (isset($notification['isActive']) && !$notification['isActive']) {
GFCommon::log_debug("GFFormDisplay::process_form(): Notification is inactive, not processing notification (#{$notification['id']} - {$notification['name']}).");
continue;
}
$notification['message'] = self::replace_save_variables($notification['message'], $form, $resume_token);
GFCommon::send_notification($notification, $form, $lead);
}
self::set_submission_if_null($form_id, 'saved_for_later', true);
self::set_submission_if_null($form_id, 'resume_token', $resume_token);
GFCommon::log_debug('GFFormDisplay::process_form(): Saved incomplete submission.');
}
if (is_array($confirmation) && isset($confirmation['redirect'])) {
header("Location: {$confirmation["redirect"]}");
do_action('gform_post_submission', $lead, $form);
do_action("gform_post_submission_{$form["id"]}", $lead, $form);
exit;
}
}
if (!isset(self::$submission[$form_id])) {
self::$submission[$form_id] = array();
}
self::set_submission_if_null($form_id, 'is_valid', $is_valid);
self::set_submission_if_null($form_id, 'form', $form);
self::set_submission_if_null($form_id, 'lead', $lead);
self::set_submission_if_null($form_id, 'confirmation_message', $confirmation);
self::set_submission_if_null($form_id, 'page_number', $page_number);
self::set_submission_if_null($form_id, 'source_page_number', $source_page_number);
do_action('gform_post_process', $form, $page_number, $source_page_number);
do_action("gform_post_process_{$form['id']}", $form, $page_number, $source_page_number);
}
public static function process_exterior_pages()
{
global $wpdb, $gfpdf, $form_id, $lead_ids;
/*
* If $_GET variable isn't set then stop function
*/
if (rgempty('gf_pdf', $_GET)) {
return;
}
PDF_Common::get_ids();
$ip = GFFormsModel::get_ip();
/*
* Get the template name
* Class: PDFGenerator
* File: pdf-configuration-indexer.php
*/
$template = $gfpdf->get_template($form_id);
/*
* Before setting up PDF options we will check if a configuration is found
* If not, we will set up defaults defined in configuration.php
*/
$index = self::check_configuration($form_id, $template);
/*
* Authenticate all lead Ids
*/
$lead_ids = self::validate_entry_ids($lead_ids, $form_id, $ip, $index);
if (sizeof($lead_ids) == 0) {
if (!is_user_logged_in()) {
/* give the user a chance to authenticate */
auth_redirect();
} else {
die(__('Access Denied', 'pdfextended'));
}
}
/*
* Give user with correct privilages the option to change the PDF template via the URL
*/
if (is_user_logged_in() && GFCommon::current_user_can_any('gravityforms_view_entries')) {
/*
* Because this user is logged in with the correct access
* we will allow a template to be shown by setting the template variable
*/
if ($template != $_GET['template'] && substr($_GET['template'], -4) == '.php') {
$template = $_GET['template'];
}
}
$pdf_arguments = self::generate_pdf_parameters($index, $form_id, $lead_ids[0], $template);
/*
* Add output to arguments
*/
$output = 'view';
if (isset($_GET['download'])) {
$output = 'download';
}
$pdf_arguments['output'] = $output;
/*
* While the security above will prevent the PDF being read by non-authorised users,
* a user can disable that security with the 'access' => 'all' method (THIS IS NOT RECOMMENDED)
* To prevent those PDFs showing up in search engines we will tell them not to index the documents
*/
if (!headers_sent()) {
header("X-Robots-Tag: noindex, nofollow", true);
}
$gfpdf->render->PDF_Generator($form_id, $lead_ids[0], $pdf_arguments);
exit;
}
/**
* Test that the correct IP is returned by the function
* @param String $ip The test IP address
* @param String $var The $_SERVER array key
*
* @group gravityforms
* @dataProvider provider_ip_testing
*/
public function run_ip_test($ip, $var)
{
$_SERVER[$var] = $ip;
$this->assertEquals($ip, GFFormsModel::get_ip());
unset($_SERVER[$var]);
}
public function get_payment_transaction($feed, $submission_data, $form, $entry)
{
$transaction = $this->get_aim();
$feed_name = rgar($feed['meta'], 'feedName');
$this->log_debug(__METHOD__ . "(): Initializing new AuthorizeNetAIM object based on feed #{$feed['id']} - {$feed_name}.");
$transaction->amount = $submission_data['payment_amount'];
$transaction->card_num = $submission_data['card_number'];
$exp_date = str_pad($submission_data['card_expiration_date'][0], 2, '0', STR_PAD_LEFT) . '-' . $submission_data['card_expiration_date'][1];
$transaction->exp_date = $exp_date;
$transaction->card_code = $submission_data['card_security_code'];
$names = $this->get_first_last_name($submission_data['card_name']);
$transaction->first_name = $names['first_name'];
$transaction->last_name = $names['last_name'];
$transaction->address = trim($submission_data['address'] . ' ' . $submission_data['address2']);
$transaction->city = $submission_data['city'];
$transaction->state = $submission_data['state'];
$transaction->zip = $submission_data['zip'];
$transaction->country = $submission_data['country'];
$transaction->email = $submission_data['email'];
$transaction->description = $submission_data['form_title'];
$transaction->email_customer = $feed['meta']['enableReceipt'] == 1 ? 'true' : 'false';
$transaction->duplicate_window = 5;
$transaction->customer_ip = GFFormsModel::get_ip();
$transaction->invoice_num = empty($invoice_number) ? uniqid() : $invoice_number;
//???
$transaction->phone = $submission_data['phone'];
foreach ($submission_data['line_items'] as $line_item) {
$taxable = rgempty('taxable', $line_item) ? 'Y' : $line_item['taxable'];
$transaction->addLineItem($line_item['id'], $this->remove_spaces($this->truncate($line_item['name'], 31)), $this->truncate($line_item['description'], 255), $line_item['quantity'], GFCommon::to_number($line_item['unit_price']), $taxable);
}
$this->log_debug(__METHOD__ . '(): $submission_data line_items => ' . print_r($submission_data['line_items'], 1));
return $transaction;
}
public function is_limit_reached($form_id)
{
global $wpdb;
$where = array();
$join = array();
$where[] = 'l.status = "active"';
foreach ($this->_args['limit_by'] as $limiter) {
switch ($limiter) {
case 'role':
// user ID is required when limiting by role
// user ID is required when limiting by role
case 'user_id':
$where[] = $wpdb->prepare('l.created_by = %s', get_current_user_id());
break;
case 'embed_url':
$where[] = $wpdb->prepare('l.source_url = %s', GFFormsModel::get_current_page_url());
break;
case 'field_value':
$values = $this->get_limit_field_values($form_id, $this->get_limit_field_ids());
// if there is no value submitted for any of our fields, limit is never reached
if (empty($values)) {
return false;
}
foreach ($values as $field_id => $value) {
$table_slug = sprintf('ld%s', str_replace('.', '_', $field_id));
$join[] = "INNER JOIN {$wpdb->prefix}rg_lead_detail {$table_slug} ON {$table_slug}.lead_id = l.id";
//$where[] = $wpdb->prepare( "CAST( {$table_slug}.field_number as unsigned ) = %f AND {$table_slug}.value = %s", $field_id, $value );
$where[] = $wpdb->prepare("\n( ( {$table_slug}.field_number BETWEEN %s AND %s ) AND {$table_slug}.value = %s )", doubleval($field_id) - 0.001, doubleval($field_id) + 0.001, $value);
}
break;
default:
$where[] = $wpdb->prepare('ip = %s', GFFormsModel::get_ip());
}
}
if ($this->_args['apply_limit_per_form']) {
$where[] = $wpdb->prepare('l.form_id = %d', $form_id);
}
$time_period = $this->_args['time_period'];
$time_period_sql = false;
if ($time_period === false) {
// no time period
} else {
if (intval($time_period) > 0) {
$time_period_sql = $wpdb->prepare('date_created BETWEEN DATE_SUB(utc_timestamp(), INTERVAL %d SECOND) AND utc_timestamp()', $this->_args['time_period']);
} else {
switch ($time_period) {
case 'per_day':
case 'day':
$time_period_sql = 'DATE( date_created ) = DATE( utc_timestamp() )';
break;
case 'per_month':
case 'month':
$time_period_sql = 'MONTH( date_created ) = MONTH( utc_timestamp() )';
break;
case 'per_year':
case 'year':
$time_period_sql = 'YEAR( date_created ) = YEAR( utc_timestamp() )';
break;
}
}
}
if ($time_period_sql) {
$where[] = $time_period_sql;
}
$where = implode(' AND ', $where);
$join = implode("\n", $join);
$sql = "SELECT count( l.id )\n FROM {$wpdb->prefix}rg_lead l\n {$join}\n WHERE {$where}";
$entry_count = $wpdb->get_var($sql);
return $entry_count >= $this->get_limit();
}
