function gwolle_gb_frontend_posthandling()
{
global $wpdb, $gwolle_gb_errors, $gwolle_gb_error_fields, $gwolle_gb_messages, $gwolle_gb_data;
/*
* Handle $_POST and check and save entry.
*/
if (isset($_POST['gwolle_gb_function']) && $_POST['gwolle_gb_function'] == 'add_entry') {
// Initialize errors
$gwolle_gb_errors = false;
$gwolle_gb_error_fields = array();
// Initialize messages
$gwolle_gb_messages = '';
// Option to allow only logged-in users to post. Don't show the form if not logged-in.
if (!is_user_logged_in() && get_option('gwolle_gb-require_login', 'false') == 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_messages .= '<p class="require_login"><strong>' . __('Submitting a new guestbook entry is only allowed for logged-in users.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
return;
}
/*
* Collect data from the Form
*/
$gwolle_gb_data = array();
$form_setting = gwolle_gb_get_setting('form');
/* Name */
if (isset($form_setting['form_name_enabled']) && $form_setting['form_name_enabled'] === 'true') {
if (isset($_POST['gwolle_gb_author_name'])) {
$gwolle_gb_data['author_name'] = trim($_POST['gwolle_gb_author_name']);
$gwolle_gb_data['author_name'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_name'], 'author_name');
if ($gwolle_gb_data['author_name'] == "") {
if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'name';
// mandatory
}
}
} else {
if (isset($form_setting['form_name_mandatory']) && $form_setting['form_name_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'name';
// mandatory
}
}
}
/* City / Origin */
if (isset($form_setting['form_city_enabled']) && $form_setting['form_city_enabled'] === 'true') {
if (isset($_POST['gwolle_gb_author_origin'])) {
$gwolle_gb_data['author_origin'] = trim($_POST['gwolle_gb_author_origin']);
$gwolle_gb_data['author_origin'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['author_origin'], 'author_origin');
if ($gwolle_gb_data['author_origin'] == "") {
if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_origin';
// mandatory
}
}
} else {
if (isset($form_setting['form_city_mandatory']) && $form_setting['form_city_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_origin';
// mandatory
}
}
}
/* Email */
if (isset($form_setting['form_email_enabled']) && $form_setting['form_email_enabled'] === 'true') {
if (isset($_POST['gwolle_gb_author_email'])) {
$gwolle_gb_data['author_email'] = trim($_POST['gwolle_gb_author_email']);
if (filter_var($gwolle_gb_data['author_email'], FILTER_VALIDATE_EMAIL)) {
// Valid Email address.
} else {
if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_email';
// mandatory
}
}
} else {
if (isset($form_setting['form_email_mandatory']) && $form_setting['form_email_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_email';
// mandatory
}
}
}
/* Website / Homepage */
if (isset($form_setting['form_homepage_enabled']) && $form_setting['form_homepage_enabled'] === 'true') {
if (isset($_POST['gwolle_gb_author_website'])) {
$gwolle_gb_data['author_website'] = trim($_POST['gwolle_gb_author_website']);
$pattern = '/^http/';
if (!preg_match($pattern, $gwolle_gb_data['author_website'], $matches)) {
$gwolle_gb_data['author_website'] = "http://" . $gwolle_gb_data['author_website'];
}
if (filter_var($gwolle_gb_data['author_website'], FILTER_VALIDATE_URL)) {
// Valid Website URL.
} else {
if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_website';
// mandatory
}
}
} else {
if (isset($form_setting['form_homepage_mandatory']) && $form_setting['form_homepage_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'author_website';
// mandatory
}
}
}
/* Message */
if (isset($form_setting['form_message_enabled']) && $form_setting['form_message_enabled'] === 'true') {
if (isset($_POST['gwolle_gb_content'])) {
$gwolle_gb_data['content'] = trim($_POST['gwolle_gb_content']);
if ($gwolle_gb_data['content'] == "") {
if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'content';
// mandatory
}
} else {
$gwolle_gb_data['content'] = gwolle_gb_maybe_encode_emoji($gwolle_gb_data['content'], 'content');
}
} else {
if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'content';
// mandatory
}
}
}
/* Custom Anti-Spam */
if (isset($form_setting['form_antispam_enabled']) && $form_setting['form_antispam_enabled'] === 'true') {
$antispam_question = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-question'));
$antispam_answer = gwolle_gb_sanitize_output(get_option('gwolle_gb-antispam-answer'));
if (isset($antispam_question) && strlen($antispam_question) > 0 && isset($antispam_answer) && strlen($antispam_answer) > 0) {
if (isset($_POST["gwolle_gb_antispam_answer"]) && trim($_POST["gwolle_gb_antispam_answer"]) == trim($antispam_answer)) {
//echo "You got it!";
} else {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'antispam';
// mandatory
}
}
if (isset($_POST["gwolle_gb_antispam_answer"])) {
$gwolle_gb_data['antispam'] = trim($_POST['gwolle_gb_antispam_answer']);
}
}
/* CAPTCHA */
if (isset($form_setting['form_recaptcha_enabled']) && $form_setting['form_recaptcha_enabled'] === 'true') {
if (class_exists('ReallySimpleCaptcha')) {
$gwolle_gb_captcha = new ReallySimpleCaptcha();
// This variable holds the CAPTCHA image prefix, which corresponds to the correct answer
$gwolle_gb_captcha_prefix = $_POST['gwolle_gb_captcha_prefix'];
// This variable holds the CAPTCHA response, entered by the user
$gwolle_gb_captcha_code = $_POST['gwolle_gb_captcha_code'];
// Validate the CAPTCHA response
$gwolle_gb_captcha_correct = $gwolle_gb_captcha->check($gwolle_gb_captcha_prefix, $gwolle_gb_captcha_code);
// If CAPTCHA validation fails (incorrect value entered in CAPTCHA field) mark comment as spam.
if (true != $gwolle_gb_captcha_correct) {
$gwolle_gb_errors = true;
$gwolle_gb_error_fields[] = 'captcha';
// mandatory
//$gwolle_gb_messages .= '<p style="display_:none"><strong>' . $gwolle_gb_captcha_correct . '</strong></p>';
} else {
// verified!
//$gwolle_gb_messages .= '<p class="error_fields"><strong>Verified.</strong></p>';
}
// clean up the tmp directory
$gwolle_gb_captcha->remove($gwolle_gb_captcha_prefix);
$gwolle_gb_captcha->cleanup();
}
}
/* If there are errors, stop here and return false */
if (is_array($gwolle_gb_error_fields) && !empty($gwolle_gb_error_fields)) {
// There was no data filled in, even though that was mandatory.
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
if (isset($gwolle_gb_error_fields)) {
foreach ($gwolle_gb_error_fields as $field) {
switch ($field) {
case 'name':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your name is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'author_origin':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your origin is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'author_email':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your e-mail address is not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'author_website':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('Your website is not filled in, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'content':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('There is no message, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'antispam':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The anti-spam question was not answered correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
case 'captcha':
$gwolle_gb_messages .= '<p class="error_fields"><strong>' . __('The CAPTCHA was not filled in correctly, even though it is mandatory.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
break;
}
}
}
$gwolle_gb_messages .= '<p class="error_fields" style="display: none;">' . print_r($gwolle_gb_error_fields, true) . '</p>';
return false;
// no need to check and save
}
/* New Instance of gwolle_gb_entry. */
$entry = new gwolle_gb_entry();
/* Set the data in the instance */
$set_data = $entry->set_data($gwolle_gb_data);
if (!$set_data) {
// Data is not set in the Instance, something happened
$gwolle_gb_errors = true;
$gwolle_gb_messages .= '<p class="set_data"><strong>' . __('There were errors submitting your guestbook entry.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
return false;
}
/* Check for spam and set accordingly */
$isspam = gwolle_gb_akismet($entry, 'comment-check');
if ($isspam) {
// Returned true, so considered spam
$entry->set_isspam(true);
// Is it wise to make them any wiser? Probably not...
// $gwolle_gb_messages .= '<p><strong>' . __('Your guestbook entry is probably spam. A moderator will decide upon it.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
}
/* if Moderation is off, set it to "ischecked" */
$user_id = get_current_user_id();
// returns 0 if no current user
if (get_option('gwolle_gb-moderate-entries', 'true') == 'true') {
if (gwolle_gb_is_moderator($user_id)) {
$entry->set_ischecked(true);
} else {
$entry->set_ischecked(false);
}
} else {
// First set to checked
$entry->set_ischecked(true);
// Check for abusive content (too long words). Set it to unchecked, so manual moderation is needed.
$maxlength = 100;
$words = explode(" ", $entry->get_content());
foreach ($words as $word) {
if (strlen($word) > $maxlength) {
$entry->set_ischecked(false);
break;
}
}
$maxlength = 60;
$words = explode(" ", $entry->get_author_name());
foreach ($words as $word) {
if (strlen($word) > $maxlength) {
$entry->set_ischecked(false);
break;
}
}
}
/* Check for logged in user, and set the userid as author_id, just in case someone is also admin, or gets promoted some day */
$entry->set_author_id($user_id);
/*
* Network Information
*/
$entry->set_author_ip($_SERVER['REMOTE_ADDR']);
$entry->set_author_host(gethostbyaddr($_SERVER['REMOTE_ADDR']));
/*
* Check for double post using email field and content.
* Only if content is mandatory.
*/
if (isset($form_setting['form_message_mandatory']) && $form_setting['form_message_mandatory'] === 'true') {
$entries = gwolle_gb_get_entries(array('email' => $entry->get_author_email()));
if (is_array($entries) && !empty($entries)) {
foreach ($entries as $entry_email) {
if ($entry_email->get_content() == $entry->get_content()) {
// Match is double entry
$gwolle_gb_errors = true;
$gwolle_gb_messages .= '<p class="double_post"><strong>' . __('Double post: An entry with the data you entered has already been saved.', GWOLLE_GB_TEXTDOMAIN) . '</strong></p>';
return false;
}
}
}
}
/*
* Save the Entry
*/
// $save = ""; // Testing mode
$save = $entry->save();
//if ( WP_DEBUG ) { echo "save: "; var_dump($save); }
if ($save) {
// We have been saved to the Database
$gwolle_gb_messages .= '<p class="entry_saved">' . __('Thank you for your entry.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
if ($entry->get_ischecked() == 0) {
$gwolle_gb_messages .= '<p>' . __('We will review it and unlock it in a short while.', GWOLLE_GB_TEXTDOMAIN) . '</p>';
}
}
/*
* Update Cache plugins
*/
if ($entry->get_ischecked() == 1) {
gwolle_gb_clear_cache();
}
/*
* Send the Notification Mail to moderators that have subscribed (only when it is not Spam)
*/
if (!$isspam) {
$subscribers = array();
$recipients = get_option('gwolle_gb-notifyByMail', array());
if (count($recipients) > 0) {
$recipients = explode(",", $recipients);
foreach ($recipients as $recipient) {
if (is_numeric($recipient)) {
$userdata = get_userdata($recipient);
$subscribers[] = $userdata->user_email;
}
}
}
@ini_set('sendmail_from', get_bloginfo('admin_mail'));
// Set the Mail Content
$mailTags = array('user_email', 'user_name', 'status', 'entry_management_url', 'blog_name', 'blog_url', 'wp_admin_url', 'entry_content', 'author_ip');
$mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-adminMailContent', false));
if (!$mail_body) {
$mail_body = __("\nHello,\n\nThere is a new guestbook entry at '%blog_name%'.\nYou can check it at %entry_management_url%.\n\nHave a nice day.\nYour Gwolle-GB-Mailer\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry status: %status%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
}
// Set the Mail Headers
$subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
$header = "";
if (get_option('gwolle_gb-mail-from', false)) {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_option('gwolle_gb-mail-from') . ">\r\n";
} else {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
}
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
// Encoding of the mail
// Replace the tags from the mailtemplate with real data from the website and entry
$info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
$info['user_email'] = $entry->get_author_email();
$info['blog_name'] = get_bloginfo('name');
$info['blog_url'] = get_bloginfo('wpurl');
$info['wp_admin_url'] = $info['blog_url'] . '/wp-admin';
$info['entry_management_url'] = $info['wp_admin_url'] . '/admin.php?page=' . GWOLLE_GB_FOLDER . '/editor.php&entry_id=' . $entry->get_id();
$info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
$info['author_ip'] = $_SERVER['REMOTE_ADDR'];
if ($entry->get_ischecked()) {
$info['status'] = __('Checked', GWOLLE_GB_TEXTDOMAIN);
} else {
$info['status'] = __('Unchecked', GWOLLE_GB_TEXTDOMAIN);
}
// The last tags are bloginfo-based
for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
$mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
$mail_body = gwolle_gb_format_values_for_mail($mail_body);
}
if (is_array($subscribers) && !empty($subscribers)) {
foreach ($subscribers as $subscriber) {
wp_mail($subscriber, $subject, $mail_body, $header);
}
}
}
/*
* Send Notification Mail to the author if set to true in an option
*/
if (!$isspam) {
if (get_option('gwolle_gb-mail_author', 'false') == 'true') {
// Set the Mail Content
$mailTags = array('user_email', 'user_name', 'blog_name', 'blog_url', 'entry_content');
$mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-authorMailContent', false));
if (!$mail_body) {
$mail_body = __("\nHello,\n\nYou have just posted a new guestbook entry at '%blog_name%'.\n\nHave a nice day.\nThe editors at %blog_name%.\n\n\nWebsite address: %blog_url%\nUser name: %user_name%\nUser email: %user_email%\nEntry content:\n%entry_content%\n", GWOLLE_GB_TEXTDOMAIN);
}
// Set the Mail Headers
$subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('New Guestbook Entry', GWOLLE_GB_TEXTDOMAIN);
$header = "";
if (get_option('gwolle_gb-mail-from', false)) {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . gwolle_gb_sanitize_output(get_option('gwolle_gb-mail-from')) . ">\r\n";
} else {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
}
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
// Encoding of the mail
// Replace the tags from the mailtemplate with real data from the website and entry
$info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
$info['user_email'] = $entry->get_author_email();
$info['blog_name'] = get_bloginfo('name');
$info['blog_url'] = get_bloginfo('wpurl');
$info['entry_content'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_content()));
for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
$mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
$mail_body = gwolle_gb_format_values_for_mail($mail_body);
}
wp_mail($entry->get_author_email(), $subject, $mail_body, $header);
}
}
/*
* No Log for the Entry needed, it has a default post date in the Entry itself.
*/
}
}
function gwolle_gb_mail_author_on_admin_reply($entry)
{
$isspam = $entry->get_isspam();
if (!$isspam) {
// Set the Mail Content
$mailTags = array('user_email', 'user_name', 'blog_name', 'blog_url', 'admin_reply');
$mail_body = gwolle_gb_sanitize_output(get_option('gwolle_gb-mail_admin_replyContent', false));
if (!$mail_body) {
$mail_body = __("\nHello,\n\nAn admin has just added or changed a reply message to your guestbook entry at '%blog_name%'.\n\nHave a nice day.\nThe editors at %blog_name%.\n\n\nWebsite address: %blog_url%\nAdmin Reply:\n%admin_reply%\n", 'gwolle-gb');
}
// Set the Mail Headers
$subject = '[' . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . '] ' . __('Admin Reply', 'gwolle-gb');
$header = "";
if (get_option('gwolle_gb-mail-from', false)) {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . gwolle_gb_sanitize_output(get_option('gwolle_gb-mail-from')) . ">\r\n";
} else {
$header .= "From: " . gwolle_gb_format_values_for_mail(get_bloginfo('name')) . " <" . get_bloginfo('admin_email') . ">\r\n";
}
$header .= "Content-Type: text/plain; charset=UTF-8\r\n";
// Encoding of the mail
// Replace the tags from the mailtemplate with real data from the website and entry
$info['user_name'] = gwolle_gb_sanitize_output($entry->get_author_name());
$info['user_email'] = $entry->get_author_email();
$info['blog_name'] = get_bloginfo('name');
$postid = gwolle_gb_get_postid();
if ($postid) {
$info['blog_url'] = get_bloginfo('wpurl') . '?p=' . $postid;
} else {
$info['blog_url'] = get_bloginfo('wpurl');
}
$info['admin_reply'] = gwolle_gb_format_values_for_mail(gwolle_gb_sanitize_output($entry->get_admin_reply()));
for ($tagNum = 0; $tagNum < count($mailTags); $tagNum++) {
$mail_body = str_replace('%' . $mailTags[$tagNum] . '%', $info[$mailTags[$tagNum]], $mail_body);
$mail_body = gwolle_gb_format_values_for_mail($mail_body);
}
wp_mail($entry->get_author_email(), $subject, $mail_body, $header);
}
}
