/** * Save final form data * * @param array $form Form config * * @return void|\WP_Error */ public static function save_final_form($form) { global $transdata; $entryid = null; // check submit type (new or update) if (isset($_POST['_cf_frm_edt'])) { // is edit //check user can edit this item. $user_id = get_current_user_id(); $details = Caldera_Forms::get_entry_detail($_POST['_cf_frm_edt'], $form); // check token if (isset($_POST['_cf_frm_edt_tkn'])) { // build token $token_array = array('id' => (int) $details['id'], 'datestamp' => $details['datestamp'], 'user_id' => (int) $details['user_id'], 'form_id' => $form['ID']); if (sha1(json_encode($token_array)) !== trim($_POST['_cf_frm_edt_tkn'])) { return new WP_Error('error', __("Permission denied.", "caldera-forms")); } else { $entryid = (int) $details['id']; $edit_token = sha1(json_encode($token_array)); } } else { if (!empty($user_id)) { if (!empty($details)) { // check user can edit if (current_user_can('edit_posts') || $details['user_id'] === $user_id) { $entryid = $_POST['_cf_frm_edt']; } else { return new WP_Error('error', __("Permission denied.", "caldera-forms")); } } } } } // pull in the class include_once CFCORE_PATH . 'classes/save.php'; if (!empty($form['db_support'])) { Caldera_Forms_Save_Final::save_in_db($form, $entryid); } if (!empty($transdata['edit'])) { // update if (empty($form['mailer']['on_update'])) { return; } } else { // insert if (empty($form['mailer']['enable_mailer']) && empty($form['mailer']['on_insert'])) { return; } } Caldera_Forms_Save_Final::do_mailer($form, $entryid); }