/** * Handles adding reports via ajax * * @return void */ public static function ajax_add_report() { if ('POST' != $_SERVER['REQUEST_METHOD']) { die(json_encode(array('success' => false, 'message' => __('Sorry, only post method allowed.', APP_TD)))); } $id = isset($_POST['id']) ? (int) $_POST['id'] : 0; if ($id < 1) { die(json_encode(array('success' => false, 'message' => __('Sorry, item does not exist.', APP_TD)))); } if (!isset($_POST['type']) || !in_array($_POST['type'], array('post', 'user'))) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid item type.', APP_TD)))); } if ($_POST['type'] == 'user' && !appthemes_reports_get_args('users')) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid item type.', APP_TD)))); } if (!isset($_POST['report']) || appthemes_clean($_POST['report']) != $_POST['report']) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid report message.', APP_TD)))); } if (!isset($_POST['nonce']) || !wp_verify_nonce($_POST['nonce'], 'add-report')) { die(json_encode(array('success' => false, 'message' => __('Sorry, invalid request.', APP_TD)))); } $item = $_POST['type'] == 'post' ? get_post($id) : get_userdata($id); if (!$item) { die(json_encode(array('success' => false, 'message' => __('Sorry, item does not exist.', APP_TD)))); } $options = appthemes_load_reports_options(); if ($options->get(array('reports', 'users_only')) && !is_user_logged_in()) { die(json_encode(array('success' => false, 'message' => __('Sorry, only registered users can report.', APP_TD)))); } $comment = array('comment_content' => appthemes_clean($_POST['report'])); if ($_POST['type'] == 'post') { $comment['comment_post_ID'] = $id; $report = appthemes_create_report($comment); if (!$report) { die(json_encode(array('success' => false, 'message' => __('Sorry, could not create report.', APP_TD)))); } APP_Report_Comments_Email_Notify::notify_admin($report); } else { $report = appthemes_create_user_report($id, $comment); if (!$report) { die(json_encode(array('success' => false, 'message' => __('Sorry, could not create report.', APP_TD)))); } } die(json_encode(array('success' => true, 'message' => __('Thank you. Report has been submitted.', APP_TD)))); }
/** * Sends notification to admin * * @param object $report * * @return void */ public static function notify_admin($report) { $options = appthemes_load_reports_options(); if (!$options->get(array('reports', 'send_email'))) { return; } // notify only once per post about report $reports = appthemes_get_post_reports($report->get_post_ID()); if (count($reports->reports) > 1) { return; } $emails = apply_filters('comment_notification_recipients', array(), $report->get_id()); $subject = apply_filters('comment_notification_subject', '', $report->get_id()); $notify_message = apply_filters('comment_notification_text', '', $report->get_id()); foreach ($emails as $email) { appthemes_send_email($email, $subject, $notify_message); } }
/** * Returns an HTML form for reporting item * * @param int $id The post or user ID * @param string $type (optional) Type of reported item, post or user * * @return string The report form */ function appthemes_get_reports_form($id, $type = 'post') { $options = appthemes_load_reports_options(); $select_options_type = $type == 'post' ? 'post_options' : 'user_options'; $select_options = $options->get(array('reports', $select_options_type)); if (empty($select_options)) { return false; } if ($type == 'user' && !appthemes_reports_get_args('users')) { return false; } if ($options->get(array('reports', 'users_only')) && !is_user_logged_in()) { return false; } $select_options = explode("\n", $select_options); $select_html = ''; foreach ($select_options as $option) { $select_html .= html('option', array('value' => $option), $option); } $select_html = html('select', array('name' => 'report'), $select_html); $nonce = wp_create_nonce('add-report'); $form = '<div class="reports_message"><span class="spinner"></span>' . __('Processing your request, Please wait....', APP_TD) . '</div>'; $form .= '<div class="reports_form">'; $form .= '<form method="post" enctype="text/plain">'; $form .= $select_html; $form .= html('input', array('type' => 'submit', 'name' => 'submit', 'value' => __('Report', APP_TD))); $form .= html('input', array('type' => 'hidden', 'name' => 'type', 'value' => $type)); $form .= html('input', array('type' => 'hidden', 'name' => 'id', 'value' => $id)); $form .= html('input', array('type' => 'hidden', 'name' => 'nonce', 'value' => $nonce)); $form .= '</form>'; $form .= '</div>'; return $form; }