} $verify_nonce = wp_verify_nonce($_REQUEST['r'], 'cfwpp_update_actions'); global $wpdb; $message = ""; if (isset($_GET['a']) && $_GET['a'] == '1' && $verify_nonce) { define('CP_CONTACTFORMPP_DEFAULT_fp_from_email', get_the_author_meta('user_email', get_current_user_id())); define('CP_CONTACTFORMPP_DEFAULT_fp_destination_emails', CP_CONTACTFORMPP_DEFAULT_fp_from_email); // temporal lines to guarantee migration cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_zero_payment', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'fp_emailformat', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cu_emailformat', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_notiemails', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_mode', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_recurrent', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_identify_prices', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cp_emailformat', " varchar(10) NOT NULL default ''"); // insert line $wpdb->insert($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, array('form_name' => stripcslashes($_GET["name"]), 'form_structure' => CP_CONTACTFORMPP_DEFAULT_form_structure, 'fp_from_email' => cp_contactformpp_get_option('fp_from_email', CP_CONTACTFORMPP_DEFAULT_fp_from_email), 'fp_destination_emails' => cp_contactformpp_get_option('fp_destination_emails', CP_CONTACTFORMPP_DEFAULT_fp_destination_emails), 'fp_subject' => cp_contactformpp_get_option('fp_subject', CP_CONTACTFORMPP_DEFAULT_fp_subject), 'fp_inc_additional_info' => cp_contactformpp_get_option('fp_inc_additional_info', CP_CONTACTFORMPP_DEFAULT_fp_inc_additional_info), 'fp_return_page' => cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page), 'fp_message' => cp_contactformpp_get_option('fp_message', CP_CONTACTFORMPP_DEFAULT_fp_message), 'fp_emailformat' => cp_contactformpp_get_option('fp_emailformat', CP_CONTACTFORMPP_DEFAULT_email_format), 'cu_enable_copy_to_user' => cp_contactformpp_get_option('cu_enable_copy_to_user', CP_CONTACTFORMPP_DEFAULT_cu_enable_copy_to_user), 'cu_user_email_field' => cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field), 'cu_subject' => cp_contactformpp_get_option('cu_subject', CP_CONTACTFORMPP_DEFAULT_cu_subject), 'cu_message' => cp_contactformpp_get_option('cu_message', CP_CONTACTFORMPP_DEFAULT_cu_message), 'cp_emailformat' => cp_contactformpp_get_option('cp_emailformat', CP_CONTACTFORMPP_DEFAULT_email_format), 'vs_use_validation' => cp_contactformpp_get_option('vs_use_validation', CP_CONTACTFORMPP_DEFAULT_vs_use_validation), 'vs_text_is_required' => cp_contactformpp_get_option('vs_text_is_required', CP_CONTACTFORMPP_DEFAULT_vs_text_is_required), 'vs_text_is_email' => cp_contactformpp_get_option('vs_text_is_email', CP_CONTACTFORMPP_DEFAULT_vs_text_is_email), 'vs_text_datemmddyyyy' => cp_contactformpp_get_option('vs_text_datemmddyyyy', CP_CONTACTFORMPP_DEFAULT_vs_text_datemmddyyyy), 'vs_text_dateddmmyyyy' => cp_contactformpp_get_option('vs_text_dateddmmyyyy', CP_CONTACTFORMPP_DEFAULT_vs_text_dateddmmyyyy), 'vs_text_number' => cp_contactformpp_get_option('vs_text_number', CP_CONTACTFORMPP_DEFAULT_vs_text_number), 'vs_text_digits' => cp_contactformpp_get_option('vs_text_digits', CP_CONTACTFORMPP_DEFAULT_vs_text_digits), 'vs_text_max' => cp_contactformpp_get_option('vs_text_max', CP_CONTACTFORMPP_DEFAULT_vs_text_max), 'vs_text_min' => cp_contactformpp_get_option('vs_text_min', CP_CONTACTFORMPP_DEFAULT_vs_text_min), 'enable_paypal' => cp_contactformpp_get_option('enable_paypal', CP_CONTACTFORMPP_DEFAULT_ENABLE_PAYPAL), 'paypal_notiemails' => cp_contactformpp_get_option('paypal_notiemails', '0'), 'paypal_email' => cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL), 'request_cost' => cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST), 'paypal_product_name' => cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME), 'currency' => cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY), 'paypal_language' => cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE), 'cv_enable_captcha' => cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha), 'cv_width' => cp_contactformpp_get_option('cv_width', CP_CONTACTFORMPP_DEFAULT_cv_width), 'cv_height' => cp_contactformpp_get_option('cv_height', CP_CONTACTFORMPP_DEFAULT_cv_height), 'cv_chars' => cp_contactformpp_get_option('cv_chars', CP_CONTACTFORMPP_DEFAULT_cv_chars), 'cv_font' => cp_contactformpp_get_option('cv_font', CP_CONTACTFORMPP_DEFAULT_cv_font), 'cv_min_font_size' => cp_contactformpp_get_option('cv_min_font_size', CP_CONTACTFORMPP_DEFAULT_cv_min_font_size), 'cv_max_font_size' => cp_contactformpp_get_option('cv_max_font_size', CP_CONTACTFORMPP_DEFAULT_cv_max_font_size), 'cv_noise' => cp_contactformpp_get_option('cv_noise', CP_CONTACTFORMPP_DEFAULT_cv_noise), 'cv_noise_length' => cp_contactformpp_get_option('cv_noise_length', CP_CONTACTFORMPP_DEFAULT_cv_noise_length), 'cv_background' => cp_contactformpp_get_option('cv_background', CP_CONTACTFORMPP_DEFAULT_cv_background), 'cv_border' => cp_contactformpp_get_option('cv_border', CP_CONTACTFORMPP_DEFAULT_cv_border), 'cv_text_enter_valid_captcha' => cp_contactformpp_get_option('cv_text_enter_valid_captcha', CP_CONTACTFORMPP_DEFAULT_cv_text_enter_valid_captcha))); $message = "Item added"; } else { if (isset($_GET['u']) && $_GET['u'] != '' && $verify_nonce) { $wpdb->query('UPDATE `' . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . '` SET form_name="' . esc_sql($_GET["name"]) . '" WHERE id=' . intval($_GET['u'])); $message = "Item updated"; } else { if (isset($_GET['d']) && $_GET['d'] != '' && $verify_nonce) { $wpdb->query('DELETE FROM `' . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . '` WHERE id=' . intval($_GET['d'])); $message = "Item deleted"; } else { if (isset($_GET['c']) && $_GET['c'] != '' && $verify_nonce) { $myrows = $wpdb->get_row("SELECT * FROM " . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . " WHERE id=" . intval($_GET['c']), ARRAY_A); unset($myrows["id"]);
function cp_contactformpp_save_options() { global $wpdb; if (!defined('CP_CONTACTFORMPP_ID')) { define('CP_CONTACTFORMPP_ID', intval($_POST["cp_contactformpp_id"])); } $verify_nonce = wp_verify_nonce($_POST['rsave'], 'cfwpp_update_actions_post'); if (!$verify_nonce) { echo 'Error: Form cannot be authenticated. Please contact our <a href="http://wordpress.dwbooster.com/support">support service</a> for verification and solution. Thank you.'; return; } // temporal lines to guarantee migration from previous version cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'fp_emailformat', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cu_emailformat', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_notiemails', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_mode', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_recurrent', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_identify_prices', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'script_load_method', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cp_emailformat', " varchar(10) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'request_taxes', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'request_address', " varchar(20) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_price_field', " varchar(250) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'vs_text_submitbtn', " varchar(250) NOT NULL default ''"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, "paypal_recurrent_setup", "varchar(20) DEFAULT '' NOT NULL"); cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, "paypal_recurrent_times", " varchar(10) NOT NULL default ''"); foreach ($_POST as $item => $value) { if (!is_array($value)) { $_POST[$item] = stripcslashes($value); } } $data = array('fp_from_email' => $_POST['fp_from_email'], 'fp_destination_emails' => $_POST['fp_destination_emails'], 'fp_subject' => $_POST['fp_subject'], 'fp_inc_additional_info' => $_POST['fp_inc_additional_info'], 'fp_return_page' => $_POST['fp_return_page'], 'fp_message' => $_POST['fp_message'], 'fp_emailformat' => $_POST['fp_emailformat'], 'cu_enable_copy_to_user' => $_POST['cu_enable_copy_to_user'], 'cu_user_email_field' => $_POST['cu_user_email_field'], 'cu_subject' => $_POST['cu_subject'], 'cu_message' => $_POST['cu_message'], 'cu_emailformat' => $_POST['cu_emailformat'], 'enable_paypal' => @$_POST["enable_paypal"], 'paypal_notiemails' => @$_POST["paypal_notiemails"], 'paypal_email' => $_POST["paypal_email"], 'request_cost' => $_POST["request_cost"], 'paypal_price_field' => @$_POST["paypal_price_field"], 'request_taxes' => $_POST["request_taxes"], 'request_address' => $_POST["request_address"], 'paypal_product_name' => $_POST["paypal_product_name"], 'currency' => $_POST["currency"], 'paypal_language' => $_POST["paypal_language"], 'paypal_mode' => $_POST["paypal_mode"], 'paypal_recurrent' => $_POST["paypal_recurrent"], 'paypal_recurrent_setup' => $_POST["paypal_recurrent_setup"], 'paypal_recurrent_times' => $_POST["paypal_recurrent_times"], 'paypal_identify_prices' => @$_POST["paypal_identify_prices"], 'paypal_zero_payment' => $_POST["paypal_zero_payment"], 'vs_text_is_required' => $_POST['vs_text_is_required'], 'vs_text_is_email' => $_POST['vs_text_is_email'], 'vs_text_datemmddyyyy' => $_POST['vs_text_datemmddyyyy'], 'vs_text_dateddmmyyyy' => $_POST['vs_text_dateddmmyyyy'], 'vs_text_number' => $_POST['vs_text_number'], 'vs_text_digits' => $_POST['vs_text_digits'], 'vs_text_max' => $_POST['vs_text_max'], 'vs_text_min' => $_POST['vs_text_min'], 'vs_text_submitbtn' => $_POST['vs_text_submitbtn'], 'cv_enable_captcha' => $_POST['cv_enable_captcha'], 'cv_width' => $_POST['cv_width'], 'cv_height' => $_POST['cv_height'], 'cv_chars' => $_POST['cv_chars'], 'cv_font' => $_POST['cv_font'], 'cv_min_font_size' => $_POST['cv_min_font_size'], 'cv_max_font_size' => $_POST['cv_max_font_size'], 'cv_noise' => $_POST['cv_noise'], 'cv_noise_length' => $_POST['cv_noise_length'], 'cv_background' => $_POST['cv_background'], 'cv_border' => $_POST['cv_border'], 'cv_text_enter_valid_captcha' => $_POST['cv_text_enter_valid_captcha']); $wpdb->update($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, $data, array('id' => CP_CONTACTFORMPP_ID)); }
function cp_contact_form_paypal_check_posted_data() { global $wpdb; if (isset($_GET) && array_key_exists('cp_contact_form_paypal_post', $_GET)) { if ($_GET["cp_contact_form_paypal_post"] == 'loadcoupons') { cp_contactformpp_load_discount_codes(); } } if (isset($_GET['cp_contactformpp']) && $_GET['cp_contactformpp'] == 'captcha') { @(include_once dirname(__FILE__) . '/captcha/captcha.php'); exit; } if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_contactformpp_post_options']) && is_admin()) { cp_contactformpp_save_options(); return; } if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) { if ('GET' != $_SERVER['REQUEST_METHOD'] || !isset($_GET['hdcaptcha_cp_contact_form_paypal_post'])) { return; } } if (isset($_POST["cp_contactformpp_id"])) { define("CP_CONTACTFORMPP_ID", $_POST["cp_contactformpp_id"]); } @session_start(); if (!isset($_GET['hdcaptcha_cp_contact_form_paypal_post']) || $_GET['hdcaptcha_cp_contact_form_paypal_post'] == '') { $_GET['hdcaptcha_cp_contact_form_paypal_post'] = @$_POST['hdcaptcha_cp_contact_form_paypal_post']; } if (cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha) != 'false' && ($_GET['hdcaptcha_cp_contact_form_paypal_post'] != $_SESSION['rand_code'] || $_SESSION['rand_code'] == '')) { echo 'captchafailed'; exit; } // if this isn't the real post (it was the captcha verification) then echo ok and exit if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) { echo 'ok'; exit; } // get price and discounts $price = cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST); $discount_note = ""; $coupon = false; // get form info //--------------------------- $form_data = json_decode(cp_contactformpp_cleanJSON(cp_contactformpp_get_option('form_structure', CP_CONTACTFORMPP_DEFAULT_form_structure))); $fields = array(); foreach ($form_data[0] as $item) { $fields[$item->name] = $item->title; } // grab posted data //--------------------------- $buffer = ""; foreach ($_POST as $item => $value) { if (isset($fields[$item])) { $buffer .= $fields[$item] . ": " . (is_array($value) ? implode(", ", $value) : $value) . "\n\n"; $params[$item] = $value; } } $buffer_A = $buffer; cp_contactformpp_add_field_verify(CP_CONTACTFORMPP_POSTS_TABLE_NAME, 'posted_data'); // insert into database //--------------------------- $to = cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field); $rows_affected = $wpdb->insert(CP_CONTACTFORMPP_POSTS_TABLE_NAME, array('formid' => CP_CONTACTFORMPP_ID, 'time' => current_time('mysql'), 'ipaddr' => $_SERVER['REMOTE_ADDR'], 'notifyto' => $_POST[$to], 'paypal_post' => serialize($params), 'posted_data' => serialize($params), 'data' => $buffer_A . ($coupon ? "\n\nCoupon code:" . $coupon->code . $discount_note : ""))); if (!$rows_affected) { echo 'Error saving data! Please try again.'; echo '<br /><br />Error debug information: ' . mysql_error(); exit; } $myrows = $wpdb->get_results("SELECT MAX(id) as max_id FROM " . CP_CONTACTFORMPP_POSTS_TABLE_NAME); // save data here $item_number = $myrows[0]->max_id; ?> <html> <head><title>Redirecting to Paypal...</title></head> <body> <form action="https://www.paypal.com/cgi-bin/webscr" name="ppform3" method="post"> <input type="hidden" name="cmd" value="_xclick" /> <input type="hidden" name="business" value="<?php echo cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL); ?> " /> <input type="hidden" name="item_name" value="<?php echo cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME) . $discount_note; ?> " /> <input type="hidden" name="item_number" value="<?php echo $item_number; ?> " /> <input type="hidden" name="amount" value="<?php echo $price; ?> " /> <input type="hidden" name="page_style" value="Primary" /> <input type="hidden" name="no_shipping" value="1" /> <input type="hidden" name="return" value="<?php echo cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page); ?> "> <input type="hidden" name="cancel_return" value="<?php echo $_POST["cp_ref_page"]; ?> " /> <input type="hidden" name="no_note" value="1" /> <input type="hidden" name="currency_code" value="<?php echo strtoupper(cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY)); ?> " /> <input type="hidden" name="lc" value="<?php echo cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE); ?> " /> <input type="hidden" name="bn" value="PP-BuyNowBF" /> <input type="hidden" name="notify_url" value="<?php echo cp_contactformpp_get_FULL_site_url(); ?> /?cp_contactformpp_ipncheck=1&itemnumber=<?php echo $item_number; ?> " /> <input type="hidden" name="ipn_test" value="1" /> <input class="pbutton" type="hidden" value="Buy Now" /></div> </form> <script type="text/javascript"> document.ppform3.submit(); </script> </body> </html> <?php exit; }