/**
* @covers GravityView_Entry_Link_Shortcode::edit_shortcode
*/
function _test_edit($view, $entry, $atts)
{
$nonce_key = GravityView_Edit_Entry::get_nonce_key($view->ID, $entry['form_id'], $entry['id']);
$nonce = wp_create_nonce($nonce_key);
$gvid = GravityView_View_Data::getInstance()->has_multiple_views() ? '&gvid=' . gravityview_get_view_id() : '';
$atts['return'] = 'html';
$edit_link = $this->object->edit_shortcode($atts);
$atts['action'] = 'edit';
$edit_link_backward_compat = $this->object->read_shortcode($atts);
$this->assertEquals($edit_link, $edit_link_backward_compat);
$this->assertEquals('<a href="http://example.org/?p=' . $atts['post_id'] . '&entry=' . $atts['entry_id'] . esc_attr($gvid) . '&page=gf_entries&view=entry&edit=' . $nonce . '">Edit Entry</a>', $edit_link, 'edit link');
$atts['return'] = 'url';
$edit_link_return_url = $this->object->edit_shortcode($atts);
$this->assertEquals('http://example.org/?p=' . $atts['post_id'] . '&entry=' . $atts['entry_id'] . $gvid . '&page=gf_entries&view=entry&edit=' . $nonce, $edit_link_return_url, 'edit link URL only');
$atts['return'] = 'html';
$atts['link_atts'] = 'target="_blank"&title="check me out!"';
$edit_link_link_atts = $this->object->edit_shortcode($atts);
$this->assertEquals('<a title=""check me out!"" target=""_blank"" href="http://example.org/?p=' . $atts['post_id'] . '&entry=' . $atts['entry_id'] . esc_attr($gvid) . '&page=gf_entries&view=entry&edit=' . $nonce . '">Edit Entry</a>', $edit_link_link_atts, 'edit link, return html, with link_atts target="_blank"&title="check me out!"');
$atts['return'] = 'html';
$atts['link_atts'] = 'target=_blank&title=check me out!';
$edit_link_link_atts = $this->object->edit_shortcode($atts);
$this->assertEquals('<a title="check me out!" target="_blank" href="http://example.org/?p=' . $atts['post_id'] . '&entry=' . $atts['entry_id'] . esc_attr($gvid) . '&page=gf_entries&view=entry&edit=' . $nonce . '">Edit Entry</a>', $edit_link_link_atts, 'edit link return html with link atts target=_blank&title=check me out!');
$zero = $this->factory->user->create_and_set(array('role' => 'zero'));
// User without edit entry caps should not be able to see link
$this->assertNull($this->object->edit_shortcode($atts), 'user with no caps shouldn\'t be able to see link');
}
static function getInstance()
{
if (empty(self::$instance)) {
self::$instance = new GravityView_Edit_Entry();
}
return self::$instance;
}
/**
* Survey fields inject their output using `gform_field_input` filter, but in Edit Entry, the values were empty.
* We filter the values here because it was the easiest access point: tell the survey field the correct value, GF outputs it.
*
* @since 1.16.4
* @since 1.17 Moved to GravityView_Plugin_Hooks_Gravity_Forms_Survey class
*
* @param string $value Existing value
* @param GF_Field $field
* @param string $name Field custom parameter name, normally blank.
*
* @return mixed
*/
public function fix_survey_field_value($value, $field, $name)
{
if ('survey' === $field->type) {
$entry = GravityView_Edit_Entry::getInstance()->instances['render']->get_entry();
// We need to run through each survey row until we find a match for expected values
foreach ($entry as $field_id => $field_value) {
if (floor($field_id) !== floor($field->id)) {
continue;
}
if (rgar($field, 'gsurveyLikertEnableMultipleRows')) {
list($row_val, $col_val) = explode(':', $field_value, 2);
// If the $name matches the $row_val, we are processing the correct row
if ($row_val === $name) {
$value = $field_value;
break;
}
} else {
// When not processing multiple rows, the value is the $entry[ $field_id ] value.
$value = $field_value;
break;
}
}
}
return $value;
}
/**
* Check if the user can edit the entry
*
* - Is the nonce valid?
* - Does the user have the right caps for the entry
* - Is the entry in the trash?
*
* @todo Move to GVCommon
*
* @param boolean $echo Show error messages in the form?
* @return boolean True: can edit form. False: nope.
*/
function user_can_edit_entry($echo = false)
{
$error = NULL;
/**
* 1. Permalinks are turned off
* 2. There are two entries embedded using oEmbed
* 3. One of the entries has just been saved
*/
if (!empty($_POST['lid']) && !empty($_GET['entry']) && $_POST['lid'] !== $_GET['entry']) {
$error = true;
}
if (!empty($_GET['entry']) && (string) $this->entry['id'] !== $_GET['entry']) {
$error = true;
} elseif (!$this->verify_nonce()) {
/**
* If the Entry is embedded, there may be two entries on the same page.
* If that's the case, and one is being edited, the other should fail gracefully and not display an error.
*/
if (GravityView_oEmbed::getInstance()->get_entry_id()) {
$error = true;
} else {
$error = __('The link to edit this entry is not valid; it may have expired.', 'gravityview');
}
}
if (!GravityView_Edit_Entry::check_user_cap_edit_entry($this->entry)) {
$error = __('You do not have permission to edit this entry.', 'gravityview');
}
if ($this->entry['status'] === 'trash') {
$error = __('You cannot edit the entry; it is in the trash.', 'gravityview');
}
// No errors; everything's fine here!
if (empty($error)) {
return true;
}
if ($echo && $error !== true) {
$error = esc_html($error);
/**
* @since 1.9
*/
if (!empty($this->entry)) {
$error .= ' ' . gravityview_get_link('#', _x('Go back.', 'Link shown when invalid Edit Entry link is clicked', 'gravityview'), array('onclick' => "window.history.go(-1); return false;"));
}
echo GVCommon::generate_notice(wpautop($error), 'gv-error error');
}
do_action('gravityview_log_error', 'GravityView_Edit_Entry[user_can_edit_entry]' . $error);
return false;
}
/**
* @param array $atts {
* @type string $view_id Define the ID for the View where the entry will
* @type string $entry_id ID of the entry to edit. If undefined, uses the current entry ID
* @type string $post_id ID of the base post or page to use for an embedded View
* @type string $link_atts Whether to open Edit Entry link in a new window or the same window
* @type string $return What should the shortcode return: link HTML (`html`) or the URL (`url`). Default: `html`
* @type string $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
* }
* @param string $content
* @param string $context
*
* @return string|void
*/
public function shortcode($atts = array(), $content = '', $context = 'gv_edit_entry')
{
// Make sure GV is loaded
if (!class_exists('GravityView_frontend') || !class_exists('GravityView_View')) {
return null;
}
$defaults = array('view_id' => 0, 'entry_id' => 0, 'post_id' => 0, 'link_atts' => '', 'return' => 'html', 'field_values' => '');
$settings = shortcode_atts($defaults, $atts, $context);
if (empty($settings['view_id'])) {
$view_id = GravityView_View::getInstance()->getViewId();
} else {
$view_id = absint($settings['view_id']);
}
if (empty($view_id)) {
do_action('gravityview_log_debug', __METHOD__ . ' A View ID was not defined');
return null;
}
$post_id = empty($settings['post_id']) ? $view_id : absint($settings['post_id']);
$form_id = gravityview_get_form_id($view_id);
$backup_entry_id = GravityView_frontend::getInstance()->getSingleEntry() ? GravityView_frontend::getInstance()->getSingleEntry() : GravityView_View::getInstance()->getCurrentEntry();
$entry_id = empty($settings['entry_id']) ? $backup_entry_id : absint($settings['entry_id']);
if (empty($entry_id)) {
do_action('gravityview_log_debug', __METHOD__ . ' No entry defined');
return null;
}
// By default, show only current user
$user = wp_get_current_user();
if (!$user) {
do_action('gravityview_log_debug', __METHOD__ . ' No user defined; edit entry requires logged in user');
return null;
}
$entry = $this->get_entry($entry_id, $form_id);
// No search results
if (false === $entry) {
do_action('gravityview_log_debug', __METHOD__ . ' No entries match the entry ID defined', $entry_id);
return null;
}
// Check permissions
if (false === GravityView_Edit_Entry::check_user_cap_edit_entry($entry, $view_id)) {
do_action('gravityview_log_debug', __METHOD__ . ' User does not have the capability to edit this entry: ' . $entry_id);
return null;
}
$href = GravityView_Delete_Entry::get_delete_link($entry, $view_id, $post_id, $settings);
// Get just the URL, not the tag
if ('url' === $settings['return']) {
return $href;
}
$link_text = empty($content) ? __('Delete Entry', 'gravityview') : $content;
return gravityview_get_link($href, $link_text, $settings['link_atts']);
}
/**
* Always show the live Category values
*
* By default, Gravity Forms would show unchecked/default choices. We want to show the live Post categories
*
* @since 1.17
*
* @param $choices
* @param $field
* @param $form_id
*
* @return mixed
*/
function edit_entry_post_category_choices($choices, $field, $form_id)
{
$entry = GravityView_Edit_Entry::getInstance()->instances['render']->get_entry();
// $entry['post_id'] should always be set, but we check to make sure.
if ($entry && isset($entry['post_id']) && ($post_id = $entry['post_id'])) {
$post_categories = wp_get_post_categories($post_id, array('fields' => 'ids'));
// Always use the live value
foreach ($choices as &$choice) {
$choice['isSelected'] = in_array($choice['value'], array_values($post_categories));
}
}
return $choices;
}
/**
* @covers GravityView_Edit_Entry::get_nonce_key()
*/
public function test_get_nonce_key()
{
$view_id = 1;
$form_id = 2;
$entry_id = 3;
$nonce_key = GravityView_Edit_Entry::get_nonce_key($view_id, $form_id, $entry_id);
$this->assertEquals($nonce_key, sprintf('edit_%d_%d_%d', $view_id, $form_id, $entry_id));
}
/**
* Check whether the user has the capability to see the shortcode output, depending on the action ('read', 'edit', 'delete')
*
* @since 1.15
* @return bool True: has cap.
*/
private function has_cap()
{
switch ($this->settings['action']) {
case 'edit':
$has_cap = GravityView_Edit_Entry::check_user_cap_edit_entry($this->entry, $this->view_id);
break;
case 'delete':
$has_cap = GravityView_Delete_Entry::check_user_cap_delete_entry($this->entry, array(), $this->view_id);
break;
case 'read':
default:
$has_cap = true;
// TODO: add cap check for read_gravityview
}
return $has_cap;
}
function makeAdminCopyEntry()
{
$entryID = isset($_POST['copy_entry_id']) ? $_POST['copy_entry_id'] : 0;
$copy2Form = isset($_POST['copy2Form']) ? $_POST['copy2Form'] : '';
$view_id = isset($_POST['view_id']) ? $_POST['view_id'] : 0;
if ($entryID != 0 and $copy2Form != '' && $view_id != 0) {
//get entry data
$lead = GFAPI::get_entry(esc_attr($entryID));
//get new form field ID's
$form = GFAPI::get_form($copy2Form);
/*The following fields will not be copied from one entry to another
* Page 4 review fields:
* 295 - Are you 18 years or older
* 114 - Full Name
* 297 - I am the parent and/or legal guardian of
* 115 - Date
* 117 - Release and consent
* all admin only fields
*/
$doNotCopy = array(295, 114, 297, 115, 117);
/*loop thru fields in existing entry and if they are in the new form copy them */
$newEntry = array();
$newEntry['form_id'] = $copy2Form;
foreach ($form['fields'] as $field) {
//skip doNotCopy fields
if (!in_array($field['id'], $doNotCopy)) {
//do not copy admin only fields
$adminOnly = isset($field['adminOnly']) ? $field['adminOnly'] : FALSE;
if (!$adminOnly) {
if (is_array($field['inputs'])) {
foreach ($field['inputs'] as $inputs) {
$fieldID = $inputs['id'];
if (isset($lead[$fieldID])) {
$newEntry[$fieldID] = $lead[$fieldID];
}
}
}
if (isset($lead[$field['id']])) {
$newEntry[$field['id']] = $lead[$field['id']];
}
}
}
}
$newEntry['303'] = 'In Progress';
//in-progress
$newEntry_id = GFAPI::add_entry($newEntry);
$entry = GFAPI::get_entry($newEntry_id);
$href = GravityView_Edit_Entry::get_edit_link($entry, $view_id);
echo 'New Entry created:' . $newEntry_id . '. Please click <a href="entry/' . $newEntry_id . '/' . $href . '">here</a> to finish the submission process';
} else {
echo 'Error in creating a new entry. Proper data was not received.';
}
exit;
}
<?php
$gravityview_view = GravityView_View::getInstance();
$view_id = $gravityview_view->getViewId();
extract($gravityview_view->getCurrentField());
// Only show the link to logged-in users.
if (!GravityView_Edit_Entry::check_user_cap_edit_entry($entry)) {
return;
}
$link_text = empty($field_settings['edit_link']) ? __('Edit Entry', 'gravityview') : $field_settings['edit_link'];
$link_atts = empty($field_settings['new_window']) ? '' : 'target="_blank"';
$output = apply_filters('gravityview_entry_link', GravityView_API::replace_variables($link_text, $form, $entry));
$href = GravityView_Edit_Entry::get_edit_link($entry, $view_id);
echo gravityview_get_link($href, $output, $link_atts);