/**
* Save final form data
*
* @param array $form Form config
*
* @return void|\WP_Error
*/
public static function save_final_form($form)
{
global $transdata;
$entryid = null;
// check submit type (new or update)
if (isset($_POST['_cf_frm_edt'])) {
// is edit
//check user can edit this item.
$user_id = get_current_user_id();
$details = Caldera_Forms::get_entry_detail($_POST['_cf_frm_edt'], $form);
// check token
if (isset($_POST['_cf_frm_edt_tkn'])) {
// build token
$token_array = array('id' => (int) $details['id'], 'datestamp' => $details['datestamp'], 'user_id' => (int) $details['user_id'], 'form_id' => $form['ID']);
if (sha1(json_encode($token_array)) !== trim($_POST['_cf_frm_edt_tkn'])) {
return new WP_Error('error', __("Permission denied.", "caldera-forms"));
} else {
$entryid = (int) $details['id'];
$edit_token = sha1(json_encode($token_array));
}
} else {
if (!empty($user_id)) {
if (!empty($details)) {
// check user can edit
if (current_user_can('edit_posts') || $details['user_id'] === $user_id) {
$entryid = $_POST['_cf_frm_edt'];
} else {
return new WP_Error('error', __("Permission denied.", "caldera-forms"));
}
}
}
}
}
// pull in the class
include_once CFCORE_PATH . 'classes/save.php';
if (!empty($form['db_support'])) {
Caldera_Forms_Save_Final::save_in_db($form, $entryid);
}
if (!empty($transdata['edit'])) {
// update
if (empty($form['mailer']['on_update'])) {
return;
}
} else {
// insert
if (empty($form['mailer']['enable_mailer']) && empty($form['mailer']['on_insert'])) {
return;
}
}
Caldera_Forms_Save_Final::do_mailer($form, $entryid);
}
