public function __construct($form, $post_id = null, $preview = false, $force_form_count = false)
{
global $post, $current_user;
// reference to the form submission method
global ${'_' . self::METHOD};
$method =& ${'_' . self::METHOD};
// if types is not active, no CRED
if (!function_exists('wpcf_init') || !defined('WPCF_ABSPATH')) {
$this->error = __('Types plugin not active', 'wp-cred');
return;
}
self::initVars();
// get inputs
if (isset($post_id) && !empty($post_id) && $post_id != false && !$preview) {
$post_id = intval($post_id);
} elseif (isset($post->ID) && !$preview) {
$post_id = $post->ID;
} else {
$post_id = false;
}
// get recaptcha settings
if (!self::$recaptcha_settings) {
$sm = CRED_Loader::get('MODEL/Settings');
$gen_setts = $sm->getSettings();
if (isset($gen_setts['recaptcha']['public_key']) && isset($gen_setts['recaptcha']['private_key']) && !empty($gen_setts['recaptcha']['public_key']) && !empty($gen_setts['recaptcha']['private_key'])) {
self::$recaptcha_settings = $gen_setts['recaptcha'];
}
}
// load form data
require_once ABSPATH . '/wp-admin/includes/post.php';
$fm = CRED_Loader::get('MODEL/Forms');
$this->_form = $fm->getForm($form);
if ($this->_form === false) {
$this->error = __('Form does not exist!', 'wp-cred');
return;
}
$this->_form_id = $this->_form->form->ID;
// preview when form is not saved at all
//print_r($this->_form);
if (!isset($this->_form->fields) || !is_array($this->_form->fields) || empty($this->_form->fields) || !isset($this->_form->fields['form_settings'])) {
$this->_form->fields = array('form_settings' => new stdClass(), 'extra' => new stdClass(), 'notification' => new stdClass());
if ($preview) {
$this->error = __('Form preview does not exist. Try saving your form first', 'wp-cred');
return;
}
}
$this->_redirect_delay = isset($this->_form->fields['form_settings']->redirect_delay) ? intval($this->_form->fields['form_settings']->redirect_delay) : self::DELAY;
$this->_hide_comments = isset($this->_form->fields['form_settings']->hide_comments) && $this->_form->fields['form_settings']->hide_comments ? true : false;
$form_id = $this->_form->form->ID;
$cred_css_themes = array('minimal' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/minimal.css', 'styled' => CRED_PLUGIN_URL . '/third-party/zebra_form/public/css/styled.css');
$this->_extra = array();
if ($preview) {
if (array_key_exists(self::PREFIX . 'form_preview_post_type', $method)) {
$this->_post_type = $this->_form->fields['form_settings']->post_type = stripslashes($method[self::PREFIX . 'form_preview_post_type']);
} else {
$this->error = __('Preview post type not provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_preview_form_type', $method)) {
$this->_form_type = stripslashes($method[self::PREFIX . 'form_preview_form_type']);
} else {
$this->error = __('Preview form type not provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_preview_content', $method)) {
$this->_preview_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
$this->_content = stripslashes($method[self::PREFIX . 'form_preview_content']);
} else {
$this->error = __('No preview form content provided', 'wp-cred');
return;
}
if (array_key_exists(self::PREFIX . 'form_css_to_use', $method)) {
$this->css_to_use = trim(stripslashes($method[self::PREFIX . 'form_css_to_use']));
if (in_array($this->css_to_use, array_keys($cred_css_themes))) {
$this->css_to_use = $cred_css_themes[$this->css_to_use];
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
if (array_key_exists(self::PREFIX . 'extra_css_to_use', $method)) {
$this->_extra['css'] = trim(stripslashes($method[self::PREFIX . 'extra_css_to_use']));
}
if (array_key_exists(self::PREFIX . 'extra_js_to_use', $method)) {
$this->_extra['js'] = trim(stripslashes($method[self::PREFIX . 'extra_js_to_use']));
}
} else {
$this->_post_type = $this->_form->fields['form_settings']->post_type;
$this->_form_type = $this->_form->fields['form_settings']->form_type;
$this->_extra = isset($this->_form->fields['extra']) ? (array) $this->_form->fields['extra'] : array();
// get form content in order to replace it with actual form
$this->_content = $this->_form->form->post_content;
if (isset($this->_form->fields['form_settings']->cred_theme_css) && in_array($this->_form->fields['form_settings']->cred_theme_css, array_keys($cred_css_themes))) {
$this->css_to_use = $cred_css_themes[$this->_form->fields['form_settings']->cred_theme_css];
} else {
$this->css_to_use = $cred_css_themes['minimal'];
}
}
if (!isset($this->_extra['messages'])) {
if (isset($this->_form->fields['extra']) && isset($this->_form->fields['extra']->messages)) {
$this->_extra['messages'] = $this->_form->fields['extra']->messages;
} else {
$this->_extra['messages'] = CRED_Loader::get('MODEL/Forms')->getDefaultMessages();
}
}
// if this is an edit form and no post id given
if ($this->_form_type == 'edit' && $post_id === false && !$preview) {
$this->error = __('No post specified', 'wp-cred');
return;
}
// if this is a new form and post id given
if ($this->_form_type == 'new' && !$preview) {
if (isset($method[self::PREFIX . 'post_id']) && intval($method[self::PREFIX . 'post_id']) > 0) {
$post_id = intval($method[self::PREFIX . 'post_id']);
} else {
$post_id = get_default_post_to_edit($this->_post_type, true)->ID;
}
}
$this->_post_id = $post_id;
// increase counter
//self::$form_count++;
if ($force_form_count !== false) {
$this->_form_count = $force_form_count;
} else {
$this->_form_count = self::$form_count;
}
// dependencies, uses Zebra_Form framework (see folder for details)
CRED_Loader::load('THIRDPARTY/MyZebra_Parser');
CRED_Loader::load('THIRDPARTY/MyZebra_Form');
// instantiate form
$this->_myzebra_form = new MyZebra_Form('cred_form_' . $form_id . '_' . $this->_form_count, self::METHOD, $this->currentURI(array('_tt' => time()), array('_success')), '', array());
if ($preview) {
$this->_myzebra_form->preview = true;
} else {
$this->_myzebra_form->preview = false;
}
// form properties
self::$ASSETS_PATH = DIRECTORY_SEPARATOR . 'third-party' . DIRECTORY_SEPARATOR . 'zebra_form' . DIRECTORY_SEPARATOR;
self::$ASSETS_URL = '/third-party/zebra_form/';
$this->_myzebra_form->doctype('xhtml');
$this->_myzebra_form->client_side_validation(true);
$this->_myzebra_form->show_all_error_messages(true);
$this->_myzebra_form->assets_path(CRED_PLUGIN_PATH . self::$ASSETS_PATH, plugins_url() . '/' . CRED_PLUGIN_FOLDER . self::$ASSETS_URL);
$locale = self::$localized_strings;
$this->_myzebra_form->language($locale);
// get custom post fields
$ffm = CRED_Loader::get('MODEL/Fields');
$this->_fields = $ffm->getFields($this->_post_type);
// in CRED 1.1 post_fields and custom_fields are different keys, merge them together to keep consistency
$this->_fields['_post_fields'] = $this->_fields['post_fields'];
$this->_fields['post_fields'] = array_merge($this->_fields['post_fields'], $this->_fields['custom_fields']);
//cred_log(print_r($this->_fields,true));
// get existing post data if edit form and post given
if ($this->_form_type == 'edit') {
if ($post_id) {
$res = $fm->getPost($post_id);
if ($res && isset($res[0])) {
$mypost = $res[0];
cred_log(array('edit_own_posts_with_cred_' . $form_id => current_user_can('edit_own_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
cred_log(array('edit_other_posts_with_cred_' . $form_id => current_user_can('edit_other_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID, 'author' => $mypost->post_author), 'access.log');
if (!current_user_can('edit_own_posts_with_cred_' . $form_id) && $current_user->ID == $mypost->post_author) {
//$this->error=__('Do not have permission (edit own with this form)','wp-cred');
$this->error = ' ';
return;
}
if (!current_user_can('edit_other_posts_with_cred_' . $form_id) && $current_user->ID != $mypost->post_author) {
//$this->error=__('Do not have permission (edit other with this form)','wp-cred');
$this->error = ' ';
return;
}
//cred_log($mypost->post_content);
if ($mypost->post_type != $this->_post_type) {
$this->error = __('Form type and post type do not match', 'wp-cred');
return;
}
$myfields = isset($res[1]) ? $res[1] : array();
$mytaxs = isset($res[2]) ? $res[2] : array();
$myextra = isset($res[3]) ? $res[3] : array();
$myfields['post_title'] = array($mypost->post_title);
$myfields['post_content'] = array($mypost->post_content);
if (isset($mypost->post_excerpt)) {
$myfields['post_excerpt'] = array($mypost->post_excerpt);
}
$this->_post_data = array('fields' => &$myfields, 'post' => &$mypost, 'taxonomies' => &$mytaxs, 'extra' => &$myextra);
//cred_log(print_r($mytaxs,true));
//cred_log(print_r($mypost,true)/*.print_r($myfields,true).print_r($myterms,true)*/);
//exit;
}
}
} elseif ($this->_form_type == 'new') {
cred_log(array('create_posts_with_cred_' . $form_id => current_user_can('create_posts_with_cred_' . $form_id), 'current_user' => $current_user->ID), 'access.log');
if (!current_user_can('create_posts_with_cred_' . $form_id)) {
//$this->error=__('Do not have permission (create with this form)','wp-cred');
$this->error = ' ';
return;
}
}
$this->_form_content = '';
// set allowed file types
$mimes = get_allowed_mime_types();
$this->wp_mimes = array();
foreach ($mimes as $exts => $mime) {
$exts_a = explode('|', $exts);
foreach ($exts_a as $single_ext) {
//$this->form_mimes[$single_ext]=$mime;
$this->wp_mimes[] = $single_ext;
}
}
$this->wp_mimes = implode(',', $this->wp_mimes);
unset($mimes);
$this->_shortcode_parser = CRED_Loader::get('CLASS/Shortcode_Parser', false);
}
public static function register_access_cred_caps($caps, $area_id, $group_id)
{
$CRED_ACCESS_AREA_NAME = __('CRED Frontend Access', 'wp-cred');
$CRED_ACCESS_AREA_ID = '__CRED_CRED';
$CRED_ACCESS_GROUP_NAME = __('CRED Frontend Access Group', 'wp-cred');
$CRED_ACCESS_GROUP_ID = '__CRED_CRED_GROUP';
$default_role = 'guest';
//'administrator';
if ($area_id == $CRED_ACCESS_AREA_ID && $group_id == $CRED_ACCESS_GROUP_ID) {
$forms = self::getAllFormsCached();
foreach ($forms as $form) {
$settings = isset($form->meta) ? maybe_unserialize($form->meta) : false;
// caps for forms that create
if ($settings && $settings->form_type == 'new') {
$cred_cap = 'create_posts_with_cred_' . $form->ID;
$caps[$cred_cap] = array('cap_id' => $cred_cap, 'title' => sprintf(__('Create Custom Post with CRED Form "%s"', 'wp-cred'), $form->post_title), 'default_role' => $default_role);
} elseif ($settings && $settings->form_type == 'edit') {
$cred_cap = 'edit_own_posts_with_cred_' . $form->ID;
$caps[$cred_cap] = array('cap_id' => $cred_cap, 'title' => sprintf(__('Edit Own Custom Post with CRED Form "%s"', 'wp-cred'), $form->post_title), 'default_role' => $default_role);
$cred_cap = 'edit_other_posts_with_cred_' . $form->ID;
$caps[$cred_cap] = array('cap_id' => $cred_cap, 'title' => sprintf(__('Edit Others Custom Post with CRED Form "%s"', 'wp-cred'), $form->post_title), 'default_role' => $default_role);
}
}
// these caps do not require a specific form
$caps['delete_own_posts_with_cred'] = array('cap_id' => 'delete_own_posts_with_cred', 'title' => __('Delete Own Posts using CRED', 'wp-cred'), 'default_role' => $default_role);
$caps['delete_other_posts_with_cred'] = array('cap_id' => 'delete_other_posts_with_cred', 'title' => __('Delete Others Posts using CRED', 'wp-cred'), 'default_role' => $default_role);
cred_log('Access Caps after CRED', 'access.log');
cred_log($caps, 'access.log');
}
return $caps;
}