function eme_replace_filter_form_placeholders($format, $multiple, $multisize, $scope_count, $fields, $category, $notcategory) { if ($fields == "all") { $fields = "categories,locations,towns,weeks,months"; } preg_match_all("/#_[A-Za-z0-9_]+/", $format, $placeholders); usort($placeholders[0], 'sort_stringlenth'); // if one of these changes, also the eme_events.php needs changing for the "Next page" part $cat_post_name = "eme_cat_filter"; $loc_post_name = "eme_loc_filter"; $town_post_name = "eme_town_filter"; $scope_post_name = "eme_scope_filter"; $localised_scope_post_name = "eme_localised_scope_filter"; $selected_scope = isset($_REQUEST[$scope_post_name]) ? eme_sanitize_request($_REQUEST[$scope_post_name]) : ''; $selected_location = isset($_REQUEST[$loc_post_name]) ? eme_sanitize_request($_REQUEST[$loc_post_name]) : ''; $selected_town = isset($_REQUEST[$town_post_name]) ? eme_sanitize_request($_REQUEST[$town_post_name]) : ''; $selected_category = isset($_REQUEST[$cat_post_name]) ? eme_sanitize_request($_REQUEST[$cat_post_name]) : ''; $extra_conditions_arr = array(); if ($category != '') { $extra_conditions_arr[] = "(category_id IN ({$category}))"; } if ($notcategory != '') { $extra_conditions_arr[] = "(category_id NOT IN ({$notcategory}))"; } $extra_conditions = implode(' AND ', $extra_conditions_arr); $scope_fieldcount = 0; foreach ($placeholders[0] as $result) { $replacement = ""; $eventful = 0; $found = 1; $orig_result = $result; if (preg_match('/#_(EVENTFUL_)?FILTER_CATS/', $result) && get_option('eme_categories_enabled')) { if (strstr($result, '#_EVENTFUL')) { $eventful = 1; } $categories = eme_get_categories($eventful, "future", $extra_conditions); if ($categories && (empty($fields) || strstr($fields, 'categories'))) { $cat_list = array(); foreach ($categories as $this_category) { $id = $this_category['category_id']; $cat_list[$id] = eme_translate($this_category['category_name']); } asort($cat_list); if ($multiple) { $cat_list = array(0 => __('Select one or more categories', 'eme')) + $cat_list; $replacement = eme_ui_multiselect($selected_category, $cat_post_name, $cat_list, $multisize); } else { $cat_list = array(0 => __('Select a category', 'eme')) + $cat_list; $replacement = eme_ui_select($selected_category, $cat_post_name, $cat_list); } } } elseif (preg_match('/#_(EVENTFUL_)?FILTER_LOCS/', $result)) { if (strstr($result, '#_EVENTFUL')) { $eventful = 1; } $locations = eme_get_locations($eventful, "future"); if ($locations && (empty($fields) || strstr($fields, 'locations'))) { $loc_list = array(); foreach ($locations as $this_location) { $id = $this_location['location_id']; $loc_list[$id] = eme_translate($this_location['location_name']); } asort($loc_list); if ($multiple) { $loc_list = array(0 => __('Select one or more locations', 'eme')) + $loc_list; $replacement = eme_ui_multiselect($selected_location, $loc_post_name, $loc_list, $multisize); } else { $loc_list = array(0 => __('Select a location', 'eme')) + $loc_list; $replacement = eme_ui_select($selected_location, $loc_post_name, $loc_list); } } } elseif (preg_match('/#_(EVENTFUL_)?FILTER_TOWNS/', $result)) { if (strstr($result, '#_EVENTFUL')) { $eventful = 1; } $towns = eme_get_locations($eventful, "future"); if ($towns && (empty($fields) || strstr($fields, 'towns'))) { $town_list = array(); foreach ($towns as $this_town) { $id = eme_translate($this_town['location_town']); $town_list[$id] = $id; } asort($town_list); if ($multiple) { $town_list = array(0 => __('Select one or more towns', 'eme')) + $town_list; $replacement = eme_ui_multiselect($selected_town, $town_post_name, $town_list, $multisize); } else { $town_list = array(0 => __('Select a town', 'eme')) + $town_list; $replacement = eme_ui_select($selected_town, $town_post_name, $town_list); } } } elseif (preg_match('/#_FILTER_WEEKS/', $result)) { if ($scope_fieldcount == 0 && (empty($fields) || strstr($fields, 'weeks'))) { $replacement = eme_ui_select($selected_scope, $scope_post_name, eme_create_week_scope($scope_count)); $scope_fieldcount++; } } elseif (preg_match('/#_FILTER_MONTHS/', $result)) { if ($scope_fieldcount == 0 && (empty($fields) || strstr($fields, 'months'))) { $replacement = eme_ui_select($selected_scope, $scope_post_name, eme_create_month_scope($scope_count)); $scope_fieldcount++; } } elseif (preg_match('/#_FILTER_MONTHRANGE/', $result)) { if ($scope_fieldcount == 0 && (empty($fields) || strstr($fields, 'monthrange'))) { $replacement = "<input type='text' id='{$localised_scope_post_name}' name='{$localised_scope_post_name}' readonly='readonly' >"; $replacement .= "<input type='hidden' id='{$scope_post_name}' name='{$scope_post_name}' value='" . eme_sanitize_html($selected_scope) . "'>"; wp_enqueue_script('eme-jquery-datepick'); wp_enqueue_style('eme-jquery-datepick', EME_PLUGIN_URL . "js/jquery-datepick/jquery.datepick.css"); // jquery ui locales are with dashes, not underscores $locale_code = get_locale(); $locale_code = preg_replace("/_/", "-", $locale_code); $locale_file = EME_PLUGIN_DIR . "js/jquery-datepick/jquery.datepick-{$locale_code}.js"; $locale_file_url = EME_PLUGIN_URL . "js/jquery-datepick/jquery.datepick-{$locale_code}.js"; // for english, no translation code is needed) if ($locale_code != "en-US") { if (!file_exists($locale_file)) { $locale_code = substr($locale_code, 0, 2); $locale_file = EME_PLUGIN_DIR . "js/jquery-datepick/jquery.datepick-{$locale_code}.js"; $locale_file_url = EME_PLUGIN_URL . "js/jquery-datepick/jquery.datepick-{$locale_code}.js"; } if (file_exists($locale_file)) { wp_enqueue_script('eme-jquery-datepick-locale', $locale_file_url); } } ob_start(); ?> <script type="text/javascript"> var locale_code = '<?php echo $locale_code; ?> '; var firstDayOfWeek = <?php echo get_option('start_of_week'); ?> ; </script> <?php $replacement .= ob_get_clean(); $replacement .= "<script type='text/javascript' src='" . EME_PLUGIN_URL . "js/eme_filters.js'></script>"; } } elseif (preg_match('/#_FILTER_YEARS/', $result)) { if ($scope_fieldcount == 0 && (empty($fields) || strstr($fields, 'years'))) { $replacement = eme_ui_select($selected_scope, $scope_post_name, eme_create_year_scope($scope_count)); $scope_fieldcount++; } } else { $found = 0; } if ($found) { $replacement = apply_filters('eme_general', $replacement); $format = str_replace($orig_result, $replacement, $format); } } return do_shortcode($format); }
function eme_trans_sanitize_html($value, $lang = '') { return eme_sanitize_html(eme_translate($value, $lang)); }
function eme_replace_payment_provider_placeholders($format, $charge, $currency, $lang) { preg_match_all("/#_?[A-Za-z0-9_]+/", $format, $placeholders); usort($placeholders[0], 'sort_stringlenth'); foreach ($placeholders[0] as $result) { $replacement = ''; $found = 1; $orig_result = $result; if (preg_match('/#_EXTRACHARGE$/', $result)) { $replacement = $charge; } elseif (preg_match('/#_CURRENCY$/', $result)) { $replacement = $currency; } else { $found = 0; } if ($found) { $format = str_replace($orig_result, $replacement, $format); } } // now, replace any language tags found in the format itself $format = eme_translate($format, $lang); return do_shortcode($format); }
function eme_replace_locations_placeholders($format, $location = "", $target = "html", $do_shortcode = 1, $lang = '') { // first we do the custom attributes, since these can contain other placeholders preg_match_all("/#(ESC|URL)?_ATT\\{.+?\\}(\\{.+?\\})?/", $format, $results); foreach ($results[0] as $resultKey => $result) { $need_escape = 0; $need_urlencode = 0; $orig_result = $result; if (strstr($result, '#ESC')) { $result = str_replace("#ESC", "#", $result); $need_escape = 1; } elseif (strstr($result, '#URL')) { $result = str_replace("#URL", "#", $result); $need_urlencode = 1; } $replacement = ""; //Strip string of placeholder and just leave the reference $attRef = substr(substr($result, 0, strpos($result, '}')), 6); if (isset($location['location_attributes'][$attRef])) { $replacement = $location['location_attributes'][$attRef]; } if (trim($replacement) == '' && isset($results[2][$resultKey]) && $results[2][$resultKey] != '') { //Check to see if we have a second set of braces; $replacement = substr($results[2][$resultKey], 1, strlen(trim($results[2][$resultKey])) - 2); } if ($need_escape) { $replacement = eme_sanitize_request(eme_sanitize_html(preg_replace('/\\n|\\r/', '', $replacement))); } if ($need_urlencode) { $replacement = rawurlencode($replacement); } $format = str_replace($orig_result, $replacement, $format); } preg_match_all("/#(ESC|URL)?@?_?[A-Za-z0-9_]+/", $format, $placeholders); // make sure we set the largest matched placeholders first, otherwise if you found e.g. // #_LOCATION, part of #_LOCATIONPAGEURL would get replaced as well ... usort($placeholders[0], 'sort_stringlenth'); foreach ($placeholders[0] as $result) { $need_escape = 0; $need_urlencode = 0; $orig_result = $result; $found = 1; if (strstr($result, '#ESC')) { $result = str_replace("#ESC", "#", $result); $need_escape = 1; } elseif (strstr($result, '#URL')) { $result = str_replace("#URL", "#", $result); $need_urlencode = 1; } $replacement = ""; // echo "RESULT: $result <br>"; // matches alla fields placeholder if (preg_match('/#_MAP/', $result)) { $replacement = eme_single_location_map($location); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_PASTEVENTS/', $result)) { $replacement = eme_events_in_location_list($location, "past"); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_NEXTEVENTS/', $result)) { $replacement = eme_events_in_location_list($location); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_ALLEVENTS/', $result)) { $replacement = eme_events_in_location_list($location, "all"); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_(ADDRESS|TOWN)/', $result)) { $field = "location_" . ltrim(strtolower($result), "#_"); if (isset($location[$field])) { $replacement = $location[$field]; } $replacement = eme_trans_sanitize_html($replacement, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_(NAME|LOCATIONNAME|LOCATION)$/', $result)) { $field = "location_name"; if (isset($location[$field])) { $replacement = $location[$field]; } $replacement = eme_trans_sanitize_html($replacement, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_LOCATIONID/', $result)) { $field = "location_id"; $replacement = $location[$field]; $replacement = eme_trans_sanitize_html($replacement, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_(IMAGE|LOCATIONIMAGE)$/', $result)) { if (!empty($location['location_image_id'])) { $location['location_image_url'] = wp_get_attachment_url($location['location_image_id']); } if (!empty($location['location_image_url'])) { $replacement = "<img src='" . $location['location_image_url'] . "' alt='" . eme_trans_sanitize_html($location['location_name'], $lang) . "'/>"; if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } } elseif (preg_match('/#_(IMAGEURL|LOCATIONIMAGEURL)/', $result)) { if (!empty($location['location_image_id'])) { $location['location_image_url'] = wp_get_attachment_url($location['location_image_id']); } if ($location['location_image_url'] != '') { $replacement = $location['location_image_url']; if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } } elseif (preg_match('/#_LOCATIONIMAGETHUMB$/', $result)) { if (!empty($location['location_image_id'])) { $thumb_array = image_downsize($location['location_image_id'], get_option('eme_thumbnail_size')); $thumb_url = $thumb_array[0]; $thumb_width = $thumb_array[1]; $thumb_height = $thumb_array[2]; $replacement = "<img width='{$thumb_width}' height='{$thumb_height}' src='" . $thumb_url . "' alt='" . eme_trans_sanitize_html($location['location_name'], $lang) . "'/>"; if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } } elseif (preg_match('/#_LOCATIONIMAGETHUMBURL/', $result)) { if (!empty($location['location_image_id'])) { $thumb_array = image_downsize($location['location_image_id'], get_option('eme_thumbnail_size')); $thumb_url = $thumb_array[0]; $replacement = $thumb_url; if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } } elseif (preg_match('/#_LOCATIONPAGEURL/', $result)) { $replacement = eme_location_url($location, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_LATITUDE/', $result)) { $field = "location_latitude"; $replacement = $location[$field]; $replacement = eme_trans_sanitize_html($replacement, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_LONGITUDE/', $result)) { $field = "location_longitude"; $replacement = $location[$field]; $replacement = eme_trans_sanitize_html($replacement, $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_DIRECTIONS/', $result)) { $replacement = eme_add_directions_form($location); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_CATEGORIES|#_LOCATIONCATEGORIES/', $result) && get_option('eme_categories_enabled')) { $categories = eme_get_location_category_names($location['location_id']); $replacement = eme_trans_sanitize_html(join(", ", $categories), $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_LOCATIONCATEGORYDESCRIPTIONS/', $result) && get_option('eme_categories_enabled')) { $categories = eme_get_location_category_descriptions($location['location_id']); $replacement = eme_trans_sanitize_html(join(", ", $categories), $lang); if ($target == "html") { $replacement = apply_filters('eme_general', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_general_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } } elseif (preg_match('/#_EDITLOCATIONLINK/', $result)) { if (current_user_can(get_option('eme_cap_edit_locations')) || current_user_can(get_option('eme_cap_author_locations')) && $location['location_author'] == $current_userid) { $replacement = "<a href=' " . admin_url("admin.php?page=eme-locations&eme_admin_action=edit_location&location_id=" . $location['location_id']) . "'>" . __('Edit') . "</a>"; } } elseif (preg_match('/#_EDITLOCATIONURL/', $result)) { if (current_user_can(get_option('eme_cap_edit_locations')) || current_user_can(get_option('eme_cap_author_locations')) && $location['location_author'] == $current_userid) { $replacement = admin_url("admin.php?page=eme-locations&eme_admin_action=edit_location&location_id=" . $location['location_id']); } } elseif (preg_match('/#_IS_SINGLE_LOC/', $result)) { if (eme_is_single_location_page()) { $replacement = 1; } else { $replacement = 0; } } elseif (preg_match('/#_IS_LOGGED_IN/', $result)) { if (is_user_logged_in()) { $replacement = 1; } else { $replacement = 0; } } elseif (preg_match('/#_IS_ADMIN_PAGE/', $result)) { if (is_admin()) { $replacement = 1; } else { $replacement = 0; } } else { $found = 0; } if ($found) { if ($need_escape) { $replacement = eme_sanitize_request(eme_sanitize_html(preg_replace('/\\n|\\r/', '', $replacement))); } if ($need_urlencode) { $replacement = rawurlencode($replacement); } $format = str_replace($orig_result, $replacement, $format); } } # we handle DESCRIPTION the last, so no placeholder replacement happens accidentaly in the text of #_DESCRIPTION if (preg_match('/#_DESCRIPTION|#_LOCATIONDETAILS/', $format, $placeholders)) { $result = $placeholders[0]; $need_escape = 0; $need_urlencode = 0; $orig_result = $result; if (strstr($result, '#ESC')) { $result = str_replace("#ESC", "#", $result); $need_escape = 1; } elseif (strstr($result, '#URL')) { $result = str_replace("#URL", "#", $result); $need_urlencode = 1; } $replacement = ""; $field = "location_description"; if (isset($location[$field])) { $replacement = $location[$field]; } // no real sanitizing needed, but possible translation // this is the same as for an event in fact $replacement = eme_translate($replacement); if ($target == "html") { $replacement = apply_filters('eme_notes', $replacement); } elseif ($target == "rss") { $replacement = apply_filters('eme_notes_rss', $replacement); $replacement = apply_filters('the_content_rss', $replacement); } else { $replacement = apply_filters('eme_text', $replacement); } if ($need_escape) { $replacement = eme_sanitize_request(eme_sanitize_html(preg_replace('/\\n|\\r/', '', $replacement))); } if ($need_urlencode) { $replacement = rawurlencode($replacement); } $format = str_replace($orig_result, $replacement, $format); } // now, replace any language tags found $format = eme_translate($format, $lang); // and now replace any shortcodes, if wanted if ($do_shortcode) { return do_shortcode($format); } else { return $format; } }
function eme_send_mails_page() { global $wpdb; $event_id = isset($_POST['event_id']) ? intval($_POST['event_id']) : 0; $action = isset($_POST['eme_admin_action']) ? $_POST['eme_admin_action'] : ''; $onchange = isset($_POST['onchange']) ? intval($_POST['onchange']) : 0; if (isset($_POST['mail_subject']) && !empty($_POST['mail_subject'])) { $mail_subject = stripslashes_deep($_POST['mail_subject']); } elseif (isset($_POST['subject_template']) && intval($_POST['subject_template']) > 0) { $mail_subject = eme_get_template_format(intval($_POST['subject_template'])); } else { $mail_subject = ""; } if (isset($_POST['mail_message']) && !empty($_POST['mail_message'])) { $mail_message = stripslashes_deep($_POST['mail_message']); } elseif (isset($_POST['message_template']) && intval($_POST['message_template']) > 0) { $mail_message = eme_get_template_format(intval($_POST['message_template'])); } else { $mail_message = ""; } if (!$onchange && $event_id > 0 && $action == 'send_mail') { $pending_approved = isset($_POST['pending_approved']) ? $_POST['pending_approved'] : 0; $only_unpayed = isset($_POST['only_unpayed']) ? $_POST['only_unpayed'] : 0; $eme_mail_type = isset($_POST['eme_mail_type']) ? $_POST['eme_mail_type'] : 'attendees'; if (empty($mail_subject) || empty($mail_message)) { print "<div id='message' class='error'><p>" . __('Please enter both subject and message for the mail to be sent.', 'eme') . "</p></div>"; } else { $event = eme_get_event($event_id); $current_userid = get_current_user_id(); if (current_user_can(get_option('eme_cap_send_other_mails')) || current_user_can(get_option('eme_cap_send_mails')) && ($event['event_author'] == $current_userid || $event['event_contactperson_id'] == $current_userid)) { $event_name = $event['event_name']; $contact = eme_get_contact($event); $contact_email = $contact->user_email; $contact_name = $contact->display_name; $mail_text_html = get_option('eme_rsvp_send_html') ? "html" : "text"; if ($eme_mail_type == 'attendees') { $attendees = eme_get_attendees_for($event_id, $pending_approved, $only_unpayed); foreach ($attendees as $attendee) { $tmp_subject = eme_replace_placeholders($mail_subject, $event, "text", 0, $attendee['lang']); $tmp_message = eme_replace_placeholders($mail_message, $event, $mail_text_html, 0, $attendee['lang']); $tmp_subject = eme_replace_attendees_placeholders($tmp_subject, $event, $attendee, "text", 0, $attendee['lang']); $tmp_message = eme_replace_attendees_placeholders($tmp_message, $event, $attendee, $mail_text_html, 0, $attendee['lang']); $tmp_subject = eme_translate($tmp_subject, $attendee['lang']); $tmp_message = eme_translate($tmp_message, $attendee['lang']); $person_name = $attendee['lastname'] . ' ' . $attendee['firstname']; eme_send_mail($tmp_subject, $tmp_message, $attendee['email'], $person_name, $contact_email, $contact_name); } } elseif ($eme_mail_type == 'bookings') { $bookings = eme_get_bookings_for($event_id, $pending_approved, $only_unpayed); foreach ($bookings as $booking) { // we use the language done in the booking for the mails, not the attendee lang in this case $attendee = eme_get_person($booking['person_id']); if ($attendee && is_array($attendee)) { $tmp_subject = eme_replace_placeholders($mail_subject, $event, "text", 0, $booking['lang']); $tmp_message = eme_replace_placeholders($mail_message, $event, $mail_text_html, 0, $booking['lang']); $tmp_subject = eme_replace_booking_placeholders($tmp_subject, $event, $booking, "text", 0, $booking['lang']); $tmp_message = eme_replace_booking_placeholders($tmp_message, $event, $booking, $mail_text_html, 0, $booking['lang']); $tmp_subject = eme_translate($tmp_subject, $booking['lang']); $tmp_message = eme_translate($tmp_message, $booking['lang']); $person_name = $attendee['lastname'] . ' ' . $attendee['firstname']; eme_send_mail($tmp_subject, $tmp_message, $attendee['email'], $person_name, $contact_email, $contact_name); } } } elseif ($eme_mail_type == 'all_wp') { $wp_users = get_users(); $tmp_subject = eme_replace_placeholders($mail_subject, $event, "text"); $tmp_message = eme_replace_placeholders($mail_message, $event, $mail_text_html); foreach ($wp_users as $wp_user) { eme_send_mail($tmp_subject, $tmp_message, $wp_user->user_email, $wp_user->display_name, $contact_email, $contact_name); } } elseif ($eme_mail_type == 'all_wp_not_registered') { $wp_users = get_users(); $attendee_wp_ids = eme_get_wp_ids_for($event_id); $tmp_subject = eme_replace_placeholders($mail_subject, $event, "text"); $tmp_message = eme_replace_placeholders($mail_message, $event, $mail_text_html); foreach ($wp_users as $wp_user) { if (!in_array($wp_user->ID, $attendee_wp_ids)) { eme_send_mail($tmp_subject, $tmp_message, $wp_user->user_email, $wp_user->display_name, $contact_email, $contact_name); } } } print "<div id='message' class='updated'><p>" . __('The mail has been sent.', 'eme') . "</p></div>"; } else { print "<div id='message' class='error'><p>" . __('You do not have the permission to send mails for this event.', 'eme') . "</p></div>"; } } } // now show the form eme_send_mail_form($event_id); }
function eme_replace_formfields_placeholders($event, $booking = "", $format = "", $eme_multibooking = 0) { global $current_user; $event_id = $event['event_id']; $registration_wp_users_only = $event['registration_wp_users_only']; $is_admin = is_admin(); if ($is_admin && $booking) { $editing_booking_from_backend = 1; } else { $editing_booking_from_backend = 0; } // if not in the backend and wp membership is required // or when editing an existing booking via backend (not a new) if ($registration_wp_users_only && !$is_admin || $editing_booking_from_backend) { $readonly = "disabled='disabled'"; } else { $readonly = ""; } if (empty($format)) { if (!empty($event['event_registration_form_format'])) { $format = $event['event_registration_form_format']; } elseif ($event['event_properties']['event_registration_form_format_tpl'] > 0) { $format = eme_get_template_format($event['event_properties']['event_registration_form_format_tpl']); } else { $format = get_option('eme_registration_form_format'); } } $min_allowed = $event['event_properties']['min_allowed']; $max_allowed = $event['event_properties']['max_allowed']; if ($event['event_properties']['take_attendance']) { $min_allowed = 0; $max_allowed = 1; } if ($editing_booking_from_backend) { // in the admin itf, and editing a booking // then the avail seats are the total seats if (eme_is_multi($event['event_seats'])) { $avail_seats = eme_get_multitotal($event['event_seats']); } else { $avail_seats = $event['event_seats']; } } else { // the next gives the number of available seats, even for multiprice $avail_seats = eme_get_available_seats($event_id); } $booked_places_options = array(); if (eme_is_multi($max_allowed)) { $multi_max_allowed = eme_convert_multi2array($max_allowed); $max_allowed_is_multi = 1; } else { $max_allowed_is_multi = 0; } if (eme_is_multi($min_allowed)) { $multi_min_allowed = eme_convert_multi2array($min_allowed); $min_allowed_is_multi = 1; } else { $min_allowed_is_multi = 0; } if (eme_is_multi($event['event_seats'])) { // in the admin itf, and editing a booking // then the avail seats are the total seats if ($editing_booking_from_backend) { $multi_avail = eme_convert_multi2array($event['event_seats']); } else { $multi_avail = eme_get_available_multiseats($event_id); } foreach ($multi_avail as $key => $avail_seats) { $booked_places_options[$key] = array(); if ($max_allowed_is_multi) { $real_max_allowed = $multi_max_allowed[$key]; } else { $real_max_allowed = $max_allowed; } // don't let people choose more seats than available if ($real_max_allowed > $avail_seats || $real_max_allowed == 0) { $real_max_allowed = $avail_seats; } if ($min_allowed_is_multi) { $real_min_allowed = $multi_min_allowed[$key]; } else { // it's no use to have a non-multi minimum for multiseats $real_min_allowed = 0; } for ($i = $real_min_allowed; $i <= $real_max_allowed; $i++) { $booked_places_options[$key][$i] = $i; } } } elseif (eme_is_multi($event['price'])) { // we just need to loop through the same amount of seats as there are prices foreach (eme_convert_multi2array($event['price']) as $key => $value) { $booked_places_options[$key] = array(); if ($max_allowed_is_multi) { $real_max_allowed = $multi_max_allowed[$key]; } else { $real_max_allowed = $max_allowed; } // don't let people choose more seats than available if ($real_max_allowed > $avail_seats || $real_max_allowed == 0) { $real_max_allowed = $avail_seats; } if ($min_allowed_is_multi) { $real_min_allowed = $multi_min_allowed[$key]; } else { // it's no use to have a non-multi minimum for multiseats/multiprice $real_min_allowed = 0; } for ($i = $real_min_allowed; $i <= $real_max_allowed; $i++) { $booked_places_options[$key][$i] = $i; } } } else { if ($max_allowed_is_multi) { $real_max_allowed = $multi_max_allowed[0]; } else { $real_max_allowed = $max_allowed; } // don't let people choose more seats than available if ($real_max_allowed > $avail_seats || $real_max_allowed == 0) { $real_max_allowed = $avail_seats; } if ($min_allowed_is_multi) { $real_min_allowed = $multi_min_allowed[0]; } else { $real_min_allowed = $min_allowed; } for ($i = $real_min_allowed; $i <= $real_max_allowed; $i++) { $booked_places_options[$i] = $i; } } $required_fields_count = 0; $eme_captcha_for_booking = get_option('eme_captcha_for_booking'); # we need 4 required fields: #_NAME, #_EMAIL, #_SEATS and #_SUBMIT # for multiprice: 3 + number of possible prices (we add those later on) if (eme_is_multi($event['price'])) { $required_fields_min = 3; } else { $required_fields_min = 4; } // if we require the captcha: add 1 if (!$is_admin && $eme_captcha_for_booking) { $required_fields_min++; } // for multi booking forms, the required field count per booking form is 1 (SEATS) if (!$is_admin && $eme_multibooking) { $required_fields_min = 1; } $bookerLastName = ""; $bookerFirstName = ""; $bookerAddress1 = ""; $bookerAddress2 = ""; $bookerCity = ""; $bookerState = ""; $bookerZip = ""; $bookerCountry = ""; $bookerEmail = ""; $bookerComment = ""; $bookerPhone = ""; $bookedSeats = 0; if (is_user_logged_in()) { get_currentuserinfo(); $bookerLastName = $current_user->user_lastname; if (empty($bookerLastName)) { $bookerLastName = $current_user->display_name; } $bookerFirstName = $current_user->user_firstname; $bookerEmail = $current_user->user_email; } if ($editing_booking_from_backend) { $person = eme_get_person($booking['person_id']); // when editing a booking $bookerLastName = eme_sanitize_html($person['lastname']); $bookerFirstName = eme_sanitize_html($person['firstname']); $bookerAddress1 = eme_sanitize_html($person['address1']); $bookerAddress2 = eme_sanitize_html($person['address2']); $bookerCity = eme_sanitize_html($person['city']); $bookerState = eme_sanitize_html($person['state']); $bookerZip = eme_sanitize_html($person['zip']); $bookerCountry = eme_sanitize_html($person['country']); $bookerEmail = eme_sanitize_html($person['email']); $bookerPhone = eme_sanitize_html($person['phone']); $bookerComment = eme_sanitize_html($booking['booking_comment']); $bookedSeats = eme_sanitize_html($booking['booking_seats']); if ($booking['booking_seats_mp']) { $booking_seats_mp = eme_convert_multi2array($booking['booking_seats_mp']); foreach ($booking_seats_mp as $key => $val) { $field_index = $key + 1; ${"bookedSeats" . $field_index} = eme_sanitize_html($val); } } } else { // check for previously filled in data // this in case people entered a wrong captcha if (isset($_POST['lastname'])) { $bookerLastName = eme_sanitize_html(stripslashes_deep($_POST['lastname'])); } if (isset($_POST['firstname'])) { $bookerFirstName = eme_sanitize_html(stripslashes_deep($_POST['firstname'])); } if (isset($_POST['address1'])) { $bookerAddress1 = eme_sanitize_html(stripslashes_deep($_POST['address1'])); } if (isset($_POST['address2'])) { $bookerAddress2 = eme_sanitize_html(stripslashes_deep($_POST['address2'])); } if (isset($_POST['city'])) { $bookerCity = eme_sanitize_html(stripslashes_deep($_POST['city'])); } if (isset($_POST['state'])) { $bookerState = eme_sanitize_html(stripslashes_deep($_POST['state'])); } if (isset($_POST['zip'])) { $bookerZip = eme_sanitize_html(stripslashes_deep($_POST['zip'])); } if (isset($_POST['country'])) { $bookerCountry = eme_sanitize_html(stripslashes_deep($_POST['country'])); } if (isset($_POST['email'])) { $bookerEmail = eme_sanitize_html(stripslashes_deep($_POST['email'])); } if (isset($_POST['phone'])) { $bookerPhone = eme_sanitize_html(stripslashes_deep($_POST['phone'])); } if (isset($_POST['comment'])) { $bookerComment = eme_sanitize_html(stripslashes_deep($_POST['comment'])); } } // first we do the custom attributes, since these can contain other placeholders preg_match_all("/#(ESC|URL)?_ATT\\{.+?\\}(\\{.+?\\})?/", $format, $results); foreach ($results[0] as $resultKey => $result) { $need_escape = 0; $need_urlencode = 0; $orig_result = $result; if (strstr($result, '#ESC')) { $result = str_replace("#ESC", "#", $result); $need_escape = 1; } elseif (strstr($result, '#URL')) { $result = str_replace("#URL", "#", $result); $need_urlencode = 1; } $replacement = ""; //Strip string of placeholder and just leave the reference $attRef = substr(substr($result, 0, strpos($result, '}')), 6); if (isset($event['event_attributes'][$attRef])) { $replacement = $event['event_attributes'][$attRef]; } if (trim($replacement) == '' && isset($results[2][$resultKey]) && $results[2][$resultKey] != '') { //Check to see if we have a second set of braces; $replacement = substr($results[2][$resultKey], 1, strlen(trim($results[2][$resultKey])) - 2); } if ($need_escape) { $replacement = eme_sanitize_request(eme_sanitize_html(preg_replace('/\\n|\\r/', '', $replacement))); } if ($need_urlencode) { $replacement = rawurlencode($replacement); } $format = str_replace($orig_result, $replacement, $format); } // the 2 placeholders that can contain extra text are treated seperately first // the question mark is used for non greedy (minimal) matching if (preg_match('/#_CAPTCHAHTML\\{.+\\}/', $format)) { // only show the captcha when booking via the frontend, not the admin backend if (!$is_admin && $eme_captcha_for_booking) { $format = preg_replace('/#_CAPTCHAHTML\\{(.+?)\\}/', '$1', $format); } else { $format = preg_replace('/#_CAPTCHAHTML\\{(.+?)\\}/', '', $format); } } if (preg_match('/#_SUBMIT\\{.+\\}/', $format)) { if ($editing_booking_from_backend) { $format = preg_replace('/#_SUBMIT\\{(.+?)\\}/', "<input name='eme_submit_button' class='eme_submit_button' type='submit' value='" . __('Update booking', 'eme') . "' />", $format); } else { $format = preg_replace('/#_SUBMIT\\{(.+?)\\}/', "<input name='eme_submit_button' class='eme_submit_button' type='submit' value='" . eme_trans_sanitize_html('$1') . "' />", $format); } if (!$eme_multibooking) { $required_fields_count++; } } $deprecated = get_option('eme_deprecated'); if ($deprecated && preg_match('/#_CAPTCHAHTML\\[.+\\]/', $format)) { // only show the captcha when booking via the frontend, not the admin backend if (!$is_admin && $eme_captcha_for_booking) { $format = preg_replace('/#_CAPTCHAHTML\\[(.+?)\\]/', '$1', $format); } else { $format = preg_replace('/#_CAPTCHAHTML\\[(.+?)\\]/', '', $format); } } if ($deprecated && preg_match('/#_SUBMIT\\[.+\\]/', $format)) { if ($editing_booking_from_backend) { $format = preg_replace('/#_SUBMIT\\[(.+?)\\]/', "<input name='eme_submit_button' class='eme_submit_button' type='submit' value='" . __('Update booking', 'eme') . "' />", $format); } else { $format = preg_replace('/#_SUBMIT\\[(.+?)\\]/', "<input name='eme_submit_button' class='eme_submit_button' type='submit' value='" . eme_trans_sanitize_html('$1') . "' />", $format); } if (!$eme_multibooking) { $required_fields_count++; } } // now the normal placeholders preg_match_all("/#(REQ)?_?[A-Z0-9_]+(\\{[A-Z0-9_]+\\})?/", $format, $placeholders); // make sure we set the largest matched placeholders first, otherwise if you found e.g. // #_LOCATION, part of #_LOCATIONPAGEURL would get replaced as well ... usort($placeholders[0], 'sort_stringlenth'); # we need 3 required fields: #_NAME, #_EMAIL and #_SEATS # if these are not present: we don't replace anything and the form is worthless foreach ($placeholders[0] as $result) { $orig_result = $result; $found = 1; $required = 0; $required_att = ""; $html5_wanted = 0; $replacement = ""; if (strstr($result, '#REQ')) { $result = str_replace("#REQ", "#", $result); $required = 1; $required_att = "required='required'"; } // also support RESPNAME, RESPEMAIL, ... if (strstr($result, '#_RESP')) { $result = str_replace("#_RESP", "#_", $result); } if ($eme_multibooking) { $var_prefix = "bookings[{$event_id}]["; $var_postfix = "]"; } else { $var_prefix = ''; $var_postfix = ''; } if (preg_match('/#_NAME|#_LASTNAME/', $result)) { if (!$eme_multibooking) { $replacement = "<input required='required' type='text' name='{$var_prefix}lastname{$var_postfix}' value='{$bookerLastName}' {$readonly} />"; $required_fields_count++; // #_NAME is always required $required = 1; } } elseif (preg_match('/#_FIRSTNAME/', $result)) { if (!empty($bookerFirstName)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}firstname{$var_postfix}' value='{$bookerFirstName}' {$readonly} />"; } else { $replacement = "<input {$required_att} type='text' name='{$var_prefix}firstname{$var_postfix}' value='{$bookerFirstName}' />"; } } elseif (preg_match('/#_ADDRESS1/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}address1{$var_postfix}' value='{$bookerAddress1}' />"; } elseif (preg_match('/#_ADDRESS2/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}address2{$var_postfix}' value='{$bookerAddress2}' />"; } elseif (preg_match('/#_CITY/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}city{$var_postfix}' value='{$bookerCity}' />"; } elseif (preg_match('/#_STATE/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}state{$var_postfix}' value='{$bookerState}' />"; } elseif (preg_match('/#_ZIP/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}zip{$var_postfix}' value='{$bookerZip}' />"; } elseif (preg_match('/#_COUNTRY/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}country{$var_postfix}' value='{$bookerCountry}' />"; } elseif (preg_match('/#_HTML5_EMAIL/', $result)) { if (!$eme_multibooking) { $replacement = "<input required='required' type='email' name='{$var_prefix}email{$var_postfix}' value='{$bookerEmail}' {$readonly} />"; $required_fields_count++; // #_EMAIL is always required $required = 1; } } elseif (preg_match('/#_EMAIL/', $result)) { if (!$eme_multibooking) { $replacement = "<input required='required' type='text' name='{$var_prefix}email{$var_postfix}' value='{$bookerEmail}' {$readonly} />"; $required_fields_count++; // #_EMAIL is always required $required = 1; } } elseif (preg_match('/#_HTML5_PHONE/', $result)) { $replacement = "<input {$required_att} type='tel' name='{$var_prefix}phone{$var_postfix}' value='{$bookerPhone}' />"; } elseif (preg_match('/#_PHONE/', $result)) { $replacement = "<input {$required_att} type='text' name='{$var_prefix}phone{$var_postfix}' value='{$bookerPhone}' />"; } elseif (preg_match('/#_SEATS$|#_SPACES$/', $result)) { $postfield_name = "{$var_prefix}bookedSeats{$var_postfix}"; if ($editing_booking_from_backend && isset($bookedSeats)) { $entered_val = $bookedSeats; } elseif ($eme_multibooking && isset($_POST['bookings'][$event_id]) && isset($_POST['bookings'][$event_id]['bookedSeats'])) { $entered_val = intval($_POST['bookings'][$event_id]['bookedSeats']); } elseif (isset($_POST['bookedSeats'])) { $entered_val = intval($_POST['bookedSeats']); } else { $entered_val = 0; } if ($event['event_properties']['take_attendance']) { $replacement = eme_ui_select_binary($entered_val, $postfield_name); } else { $replacement = eme_ui_select($entered_val, $postfield_name, $booked_places_options); } $required_fields_count++; } elseif ($deprecated && preg_match('/#_(SEATS|SPACES)(\\d+)/', $result, $matches) || preg_match('/#_(SEATS|SPACES)\\{(\\d+)\\}/', $result, $matches)) { $field_id = intval($matches[2]); $postfield_name = "{$var_prefix}bookedSeats" . $field_id . $var_postfix; if ($editing_booking_from_backend && isset(${"bookedSeats" . $field_id})) { $entered_val = ${"bookedSeats" . $field_id}; } elseif ($eme_multibooking && isset($_POST['bookings'][$event_id]) && isset($_POST['bookings'][$event_id]['bookedSeats' . $field_id])) { $entered_val = intval($_POST['bookings'][$event_id]['bookedSeats' . $field_id]); } elseif (isset($_POST['bookedSeats' . $field_id])) { $entered_val = intval($_POST['bookedSeats' . $field_id]); } else { $entered_val = 0; } if (eme_is_multi($event['event_seats']) || eme_is_multi($event['price'])) { if ($event['event_properties']['take_attendance']) { $replacement = eme_ui_select_binary($entered_val, $postfield_name); } else { $replacement = eme_ui_select($entered_val, $postfield_name, $booked_places_options[$field_id - 1]); } } else { if ($event['event_properties']['take_attendance']) { $replacement = eme_ui_select_binary($entered_val, $postfield_name); } else { $replacement = eme_ui_select($entered_val, $postfield_name, $booked_places_options); } } $required_fields_count++; } elseif (preg_match('/#_COMMENT/', $result)) { if (!$eme_multibooking) { $replacement = "<textarea {$required_att} name='{$var_prefix}comment{$var_postfix}'>{$bookerComment}</textarea>"; } } elseif (preg_match('/#_CAPTCHA/', $result) && $eme_captcha_for_booking) { if (!$eme_multibooking) { $replacement = "<img src='" . EME_PLUGIN_URL . "captcha.php?sessionvar=eme_add_booking'><br /><input required='required' type='text' name='captcha_check' autocomplete='off' />"; $required_fields_count++; } } elseif ($deprecated && preg_match('/#_FIELDNAME(\\d+)/', $result, $matches) || preg_match('/#_FIELDNAME\\{(\\d+)\\}/', $result, $matches)) { $field_id = intval($matches[1]); $formfield = eme_get_formfield_byid($field_id); $replacement = eme_trans_sanitize_html($formfield['field_name']); } elseif ($deprecated && preg_match('/#_FIELD(\\d+)/', $result, $matches) || preg_match('/#_FIELD\\{(\\d+)\\}/', $result, $matches)) { $field_id = intval($matches[1]); $postfield_name = "{$var_prefix}FIELD" . $field_id . $var_postfix; $entered_val = ""; if ($booking) { $answers = eme_get_answers($booking['booking_id']); $formfield = eme_get_formfield_byid($field_id); foreach ($answers as $answer) { if ($answer['field_name'] == $formfield['field_name']) { // the entered value for the function eme_get_formfield_html needs to be an array for multiple values // since we store them with "||", we can use the good old eme_is_multi function and split in an array then $entered_val = $answer['answer']; if (eme_is_multi($entered_val)) { $entered_val = eme_convert_multi2array($entered_val); } } } } elseif (isset($_POST[$postfield_name])) { $entered_val = stripslashes_deep($_POST[$postfield_name]); } $replacement = eme_get_formfield_html($field_id, $entered_val, $required); } elseif (preg_match('/#_SUBMIT/', $result, $matches)) { if (!$eme_multibooking) { if ($editing_booking_from_backend) { $replacement = "<input name='eme_submit_button' type='submit' value='" . __('Update booking', 'eme') . "' />"; } else { $replacement = "<input name='eme_submit_button' type='submit' value='" . eme_trans_sanitize_html(get_option('eme_rsvp_addbooking_submit_string')) . "' />"; } $required_fields_count++; } } else { $found = 0; } if ($required) { $replacement .= "<div class='eme-required-field'> " . __('(Required field)', 'eme') . "</div>"; } if ($found) { $format = str_replace($orig_result, $replacement, $format); } } // now any leftover event placeholders $format = eme_replace_placeholders($format, $event); // now, replace any language tags found in the format itself $format = eme_translate($format); # we need 4 required fields: #_NAME, #_EMAIL, #_SEATS and #_SUBMIT # for multiprice: 3 + number of possible prices # if these are not present: we don't replace anything and the form is worthless if (eme_is_multi($event['price'])) { $matches = preg_split('/\\|\\|/', $event['price']); $count = count($matches); // the count can be >3+$count if conditional tags are used to combine a form for single and multiple prices if ($required_fields_count >= $required_fields_min + $count) { return $format; } else { $res = __('Not all required fields are present in the booking form.', 'eme'); $res .= '<br />' . __("Since this is a multiprice event, make sure you changed the setting 'Registration Form Format' for the event to include #_SEATxx placeholders for each price.", 'eme'); $res .= '<br />' . __("See the documentation about multiprice events.", 'eme'); return "<div id='message' class='eme-rsvp-message'>{$res}</div>"; } } elseif ($required_fields_count >= $required_fields_min) { // the count can be > 4 if conditional tags are used to combine a form for single and multiple prices return $format; } else { return __('Not all required fields are present in the booking form.', 'eme'); } }