Parses shortcode to output the contact form as HTML
Sends email and stores the contact form response (a.k.a. "feedback")
/**
* The contact-form shortcode processor
*
* @param array $attributes Key => Value pairs as parsed by shortcode_parse_atts()
* @param string|null $content The shortcode's inner content: [contact-form]$content[/contact-form]
* @return string HTML for the concat form.
*/
static function parse($attributes, $content)
{
if (Jetpack_Sync_Settings::is_syncing()) {
return '';
}
// Create a new Grunion_Contact_Form object (this class)
$form = new Grunion_Contact_Form($attributes, $content);
$id = $form->get_attribute('id');
if (!$id) {
// something terrible has happened
return '[contact-form]';
}
if (is_feed()) {
return '[contact-form]';
}
// Only allow one contact form per post/widget
if (self::$last && $id == self::$last->get_attribute('id')) {
// We're processing the same post
if (self::$last->attributes != $form->attributes || self::$last->content != $form->content) {
// And we're processing a different shortcode;
return '';
}
// else, we're processing the same shortcode - probably a separate run of do_shortcode() - let it through
} else {
self::$last = $form;
}
// Enqueue the grunion.css stylesheet if self::$style allows it
if (self::$style && (empty($_REQUEST['action']) || $_REQUEST['action'] != 'grunion_shortcode_to_json')) {
// Enqueue the style here instead of printing it, because if some other plugin has run the_post()+rewind_posts(),
// (like VideoPress does), the style tag gets "printed" the first time and discarded, leaving the contact form unstyled.
// when WordPress does the real loop.
wp_enqueue_style('grunion.css');
}
$r = '';
$r .= "<div id='contact-form-{$id}'>\n";
if (is_wp_error($form->errors) && $form->errors->get_error_codes()) {
// There are errors. Display them
$r .= "<div class='form-error'>\n<h3>" . __('Error!', 'jetpack') . "</h3>\n<ul class='form-errors'>\n";
foreach ($form->errors->get_error_messages() as $message) {
$r .= "\t<li class='form-error-message'>" . esc_html($message) . "</li>\n";
}
$r .= "</ul>\n</div>\n\n";
}
if (isset($_GET['contact-form-id']) && $_GET['contact-form-id'] == self::$last->get_attribute('id') && isset($_GET['contact-form-sent'])) {
// The contact form was submitted. Show the success message/results
$feedback_id = (int) $_GET['contact-form-sent'];
$back_url = remove_query_arg(array('contact-form-id', 'contact-form-sent', '_wpnonce'));
$r_success_message = "<h3>" . __('Message Sent', 'jetpack') . ' (<a href="' . esc_url($back_url) . '">' . esc_html__('go back', 'jetpack') . '</a>)' . "</h3>\n\n";
// Don't show the feedback details unless the nonce matches
if ($feedback_id && wp_verify_nonce(stripslashes($_GET['_wpnonce']), "contact-form-sent-{$feedback_id}")) {
$r_success_message .= self::success_message($feedback_id, $form);
}
/**
* Filter the message returned after a successfull contact form submission.
*
* @module contact-form
*
* @since 1.3.1
*
* @param string $r_success_message Success message.
*/
$r .= apply_filters('grunion_contact_form_success_message', $r_success_message);
} else {
// Nothing special - show the normal contact form
if ($form->get_attribute('widget')) {
// Submit form to the current URL
$url = remove_query_arg(array('contact-form-id', 'contact-form-sent', 'action', '_wpnonce'));
} else {
// Submit form to the post permalink
$url = get_permalink();
}
// For SSL/TLS page. See RFC 3986 Section 4.2
$url = set_url_scheme($url);
// May eventually want to send this to admin-post.php...
/**
* Filter the contact form action URL.
*
* @module contact-form
*
* @since 1.3.1
*
* @param string $contact_form_id Contact form post URL.
* @param $post $GLOBALS['post'] Post global variable.
* @param int $id Contact Form ID.
*/
$url = apply_filters('grunion_contact_form_form_action', "{$url}#contact-form-{$id}", $GLOBALS['post'], $id);
$r .= "<form action='" . esc_url($url) . "' method='post' class='contact-form commentsblock'>\n";
$r .= $form->body;
$r .= "\t<p class='contact-submit'>\n";
$r .= "\t\t<input type='submit' value='" . esc_attr($form->get_attribute('submit_button_text')) . "' class='pushbutton-wide'/>\n";
if (is_user_logged_in()) {
$r .= "\t\t" . wp_nonce_field('contact-form_' . $id, '_wpnonce', true, false) . "\n";
// nonce and referer
}
$r .= "\t\t<input type='hidden' name='contact-form-id' value='{$id}' />\n";
$r .= "\t\t<input type='hidden' name='action' value='grunion-contact-form' />\n";
$r .= "\t</p>\n";
$r .= "</form>\n";
}
$r .= "</div>";
return $r;
}
/**
* The contact-form shortcode processor
*
* @param array $attributes Key => Value pairs as parsed by shortcode_parse_atts()
* @param string|null $content The shortcode's inner content: [contact-form]$content[/contact-form]
* @return string HTML for the concat form.
*/
static function parse($attributes, $content)
{
// Create a new Grunion_Contact_Form object (this class)
$form = new Grunion_Contact_Form($attributes, $content);
$id = $form->get_attribute('id');
if (!$id) {
// something terrible has happened
return '[contact-form]';
}
if (apply_filters('jetpack_bail_on_shortcode', false, 'contact-form') || is_feed()) {
return '[contact-form]';
}
// Only allow one contact form per post/widget
if (self::$last && $id == self::$last->get_attribute('id')) {
// We're processing the same post
if (self::$last->attributes != $form->attributes || self::$last->content != $form->content) {
// And we're processing a different shortcode;
return '';
}
// else, we're processing the same shortcode - probably a separate run of do_shortcode() - let it through
} else {
self::$last = $form;
}
// Output the grunion.css stylesheet if self::$style allows it
if (self::$style && (empty($_REQUEST['action']) || $_REQUEST['action'] != 'grunion_shortcode_to_json')) {
ob_start();
wp_print_styles('grunion.css');
// wp_print_styles() will only ever print grunion.css once, regaurdless of how many times it is called.
$r = ob_get_clean();
} else {
$r = '';
}
$r .= "<div id='contact-form-{$id}'>\n";
if (is_wp_error($form->errors) && $form->errors->get_error_codes()) {
// There are errors. Display them
$r .= "<div class='form-error'>\n<h3>" . __('Error!', 'jetpack') . "</h3>\n<ul class='form-errors'>\n";
foreach ($form->errors->get_error_messages() as $message) {
$r .= "\t<li class='form-error-message'>" . esc_html($message) . "</li>\n";
}
$r .= "</ul>\n</div>\n\n";
}
if (isset($_GET['contact-form-id']) && $_GET['contact-form-id'] == self::$last->get_attribute('id') && isset($_GET['contact-form-sent'])) {
// The contact form was submitted. Show the success message/results
$feedback_id = (int) $_GET['contact-form-sent'];
$back_url = remove_query_arg(array('contact-form-id', 'contact-form-sent', '_wpnonce'));
$r_success_message = "<h3>" . __('Message Sent', 'jetpack') . ' (<a href="' . esc_url($back_url) . '">' . esc_html__('go back', 'jetpack') . '</a>)' . "</h3>\n\n";
// Don't show the feedback details unless the nonce matches
if ($feedback_id && wp_verify_nonce(stripslashes($_GET['_wpnonce']), "contact-form-sent-{$feedback_id}")) {
$feedback = get_post($feedback_id);
$field_ids = $form->get_field_ids();
// Maps field_ids to post_meta keys
$field_value_map = array('name' => 'author', 'email' => 'author_email', 'url' => 'author_url', 'subject' => 'subject', 'textarea' => false);
$contact_form_message = "<blockquote>\n";
// "Standard" field whitelist
foreach ($field_value_map as $type => $meta_key) {
if (isset($field_ids[$type])) {
$field = $form->fields[$field_ids[$type]];
if ($meta_key) {
$value = get_post_meta($feedback_id, "_feedback_{$meta_key}", true);
} else {
// The feedback content is stored as the first "half" of post_content
$value = $feedback->post_content;
list($value) = explode('<!--more-->', $value);
$value = trim($value);
}
$contact_form_message .= sprintf(_x('%1$s: %2$s', '%1$s = form field label, %2$s = form field value', 'jetpack'), wp_kses($field->get_attribute('label'), array()), wp_kses($value, array())) . '<br />';
}
}
// "Non-standard" fields
if ($field_ids['extra']) {
// array indexed by field label (not field id)
$extra_fields = get_post_meta($feedback_id, '_feedback_extra_fields', true);
foreach ($field_ids['extra'] as $field_id) {
$field = $form->fields[$field_id];
$label = $field->get_attribute('label');
$contact_form_message .= sprintf(_x('%1$s: %2$s', '%1$s = form field label, %2$s = form field value', 'jetpack'), wp_kses($label, array()), wp_kses($extra_fields[$label], array())) . '<br />';
}
}
$contact_form_message .= "</blockquote><br /><br />";
$r_success_message .= wp_kses($contact_form_message, array('br' => array(), 'blockquote' => array()));
}
$r .= apply_filters('grunion_contact_form_success_message', $r_success_message);
} else {
// Nothing special - show the normal contact form
if ($form->get_attribute('widget')) {
// Submit form to the current URL
$url = remove_query_arg(array('contact-form-id', 'contact-form-sent', 'action', '_wpnonce'));
} else {
// Submit form to the post permalink
$url = get_permalink();
}
// May eventually want to send this to admin-post.php...
$url = apply_filters('grunion_contact_form_form_action', "{$url}#contact-form-{$id}", $GLOBALS['post'], $id);
$r .= "<form action='" . esc_url($url) . "' method='post' class='contact-form commentsblock'>\n";
$r .= $form->body;
$r .= "\t<p class='contact-submit'>\n";
$r .= "\t\t<input type='submit' value='" . esc_attr__('Submit »', 'jetpack') . "' class='pushbutton-wide'/>\n";
$r .= "\t\t" . wp_nonce_field('contact-form_' . $id, '_wpnonce', true, false) . "\n";
// nonce and referer
$r .= "\t\t<input type='hidden' name='contact-form-id' value='{$id}' />\n";
$r .= "\t\t<input type='hidden' name='action' value='grunion-contact-form' />\n";
$r .= "\t</p>\n";
$r .= "</form>\n";
}
$r .= "</div>";
return $r;
}
/**
* @author tonykova
* @covers Grunion_Contact_Form::process_submission
*/
public function test_process_submission_labels_message_as_spam_in_subject_if_marked_as_spam_with_true_and_sending_spam()
{
add_filter('jetpack_contact_form_is_spam', '__return_true', 11);
// Run after akismet filter
add_filter('grunion_still_email_spam', '__return_true');
add_filter('wp_mail', array($this, 'pre_test_process_submission_labels_message_as_spam_in_subject_if_marked_as_spam_with_true_and_sending_spam'));
$form = new Grunion_Contact_Form(array('to' => '*****@*****.**'));
$result = $form->process_submission();
}
/**
* @author tonykova
* @covers Grunion_Contact_Form::process_submission
*/
public function test_process_submission_labels_message_as_spam_in_subject_if_marked_as_spam_with_true_and_sending_spam()
{
add_filter('jetpack_contact_form_is_spam', function () {
return true;
}, 11);
// Run after akismet filter
add_filter('grunion_still_email_spam', function () {
return true;
});
add_filter('wp_mail', function ($args) {
$this->assertContains('***SPAM***', $args['subject']);
});
$form = new Grunion_Contact_Form(array('to' => '*****@*****.**'));
$result = $form->process_submission();
}