/**
* Verify that correct nonce was used with time limit.
*
* The user is given an amount of time to use the token, so therefore, since the
* UID and $action remain the same, the independent variable is the time.
*
* @since 2.0.3
*
* @param string $nonce Nonce that was used in the form to verify
* @param string|int $action Should give context to what is taking place and be the same when nonce was created.
*
* @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
* 0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
*/
function wp_verify_nonce($nonce, $action = -1)
{
$nonce = (string) $nonce;
$user = wp_get_current_user();
$uid = (int) $user->ID;
if (!$uid) {
/**
* Filter whether the user who generated the nonce is logged out.
*
* @since 3.5.0
*
* @param int $uid ID of the nonce-owning user.
* @param string $action The nonce action.
*/
$uid = apply_filters('nonce_user_logged_out', $uid, $action);
}
if (empty($nonce)) {
die('<mainwp>' . base64_encode(json_encode(array('error' => 'You dont send nonce: ' . $action))) . '</mainwp>');
}
$token = wp_get_session_token();
$i = wp_nonce_tick();
// Nonce generated 0-12 hours ago
$expected = substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
if (hash_equals($expected, $nonce)) {
return 1;
}
// Nonce generated 12-24 hours ago
$expected = substr(wp_hash($i - 1 . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
if (hash_equals($expected, $nonce)) {
return 2;
}
// Invalid nonce
die('<mainwp>' . base64_encode(json_encode(array('error' => 'Invalid nonce. Try use: ' . $action))) . '</mainwp>');
}
/**
* Validate the user token.
*
* @since 0.1-dev
*
* @param int $user_id User ID.
* @param string $token User token.
* @return boolean
*/
public function validate_token( $user_id, $token ) {
$hashed_token = get_user_meta( $user_id, self::TOKEN_META_KEY, true );
if ( wp_hash( $token ) !== $hashed_token ) {
$this->delete_token( $user_id );
return false;
}
return true;
}
/**
* Creates a custom nonce in order to secure feed
* retrieval requests.
*/
public function get_chunk_nonce()
{
$nonce = wp_hash(time());
pf_log('Create the retrieval nonce: ');
pf_log($nonce);
update_option('chunk_nonce', $nonce);
return $nonce;
}
function recaptcha_wp_hash_comment($id)
{
global $recaptcha_opt;
if (function_exists('wp_hash')) {
return wp_hash(RECAPTCHA_WP_HASH_COMMENT . $id);
} else {
return md5(RECAPTCHA_WP_HASH_COMMENT . $recaptcha_opt['privkey'] . $id);
}
}
private function get_temporary_file_path($filename)
{
$uploads_dir = $this->settings->get_runtime_option('awpcp-uploads-dir');
$tempory_dir_path = implode(DIRECTORY_SEPARATOR, array($uploads_dir, 'tmp'));
$pathinfo = awpcp_utf8_pathinfo($filename);
$new_name = wp_hash($pathinfo['basename']) . '.' . $pathinfo['extension'];
$unique_filename = wp_unique_filename($tempory_dir_path, $new_name);
return $tempory_dir_path . DIRECTORY_SEPARATOR . $unique_filename;
}
function wptouch_create_anonymous_nonce($action)
{
// Creates a valid WordPress nonce for anonymous requests.
$uid = 0;
$token = '';
$i = wp_nonce_tick();
$nonce = substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
return $nonce;
}
function get_image_uri($image, $params)
{
$params['image'] = $image;
$uri = $this->object->get_uri_from_params($params);
if (substr($uri, -1) != '/') {
$uri .= '/';
}
$uri .= wp_hash($uri) . '/';
return $uri;
}
public function verify_nonce($nonce, $action)
{
$i = wp_nonce_tick();
if (substr(wp_hash($i . $action, 'nonce'), -12, 10) === $nonce) {
return true;
}
if (substr(wp_hash($i - 1 . $action, 'nonce'), -12, 10) === $nonce) {
return true;
}
return false;
}
function wp_create_nonce($action = -1)
{
$user = wp_get_current_user();
$uid = (int) $user->ID;
if (!$uid) {
/** This filter is documented in wp-includes/pluggable.php */
$uid = apply_filters('nonce_user_logged_out', $uid, $action);
}
$token = wp_get_session_token();
$i = wp_nonce_tick();
return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}
static function process_form()
{
// Invoked at init via add_action
// Do we process one of our forms now?
if (isset($_POST['si_contact_action']) && 'send' == $_POST['si_contact_action'] && isset($_POST['form_id']) && is_numeric($_POST['form_id'])) {
self::$form_id_num = (int) $_POST['form_id'];
} else {
// Error: no form id in $_POST
return;
}
// prevent double action
if (self::$form_processed) {
return;
}
// begin logic that redirects on forged form token.
$token = 'ok';
if (!isset($_POST['fs_postonce_' . self::$form_id_num]) || empty($_POST['fs_postonce_' . self::$form_id_num]) || strpos($_POST['fs_postonce_' . self::$form_id_num], ',') === false) {
$token = 'bad';
}
$vars = explode(',', $_POST['fs_postonce_' . self::$form_id_num]);
if (empty($vars[0]) || empty($vars[1]) || !preg_match("/^[0-9]+\$/", $vars[1])) {
$token = 'bad';
}
if (wp_hash($vars[1]) != $vars[0]) {
$token = 'bad';
}
if ($token == 'bad') {
// forgery token was no good, so redirect and blank the form
self::$form_action_url = FSCF_Display::get_form_action_url();
wp_redirect(self::$form_action_url);
exit;
}
self::$global_options = FSCF_Util::get_global_options();
self::$form_options = FSCF_Util::get_form_options(self::$form_id_num, $use_defauilts = true);
// Do some security checks
self::check_security();
self::validate_data();
self::$form_processed = true;
if (empty(self::$form_errors)) {
// Send the email, cleanup attachments, redirect.
self::prepare_email();
if (self::$form_options['email_keep_attachments'] != 'true') {
self::email_sent_cleanup_attachments();
}
self::email_sent_redirect();
}
if (!empty(self::$uploaded_files)) {
// unlink (delete) attachment temp files
foreach ((array) self::$uploaded_files as $path) {
@unlink($path);
}
}
}
/**
* Local nonce verification.
* WordPress uses the UID and sometimes I don't want that
* Verify that correct nonce was used with time limit.
*
* The user is given an amount of time to use the token, so therefore, since the
* $action remain the same, the independent variable is the time.
*
* @param string $nonce Nonce that was used in the form to verify
* @param string|int $action Should give context to what is taking place and be the same when nonce was created.
*
* @return bool Whether the nonce check passed or failed.
*/
public static function verifyNonce($nonce, $action = -1)
{
$r = false;
$i = wp_nonce_tick();
// Nonce generated 0-12 hours ago
if (substr(wp_hash($i . $action, 'nonce'), -12, 10) == $nonce) {
$r = 1;
} elseif (substr(wp_hash($i - 1 . $action, 'nonce'), -12, 10) == $nonce) {
// Nonce generated 12-24 hours ago
$r = 2;
}
return $r;
}
public function __construct()
{
global $woocommerce;
$this->token = sanitize_file_name(wp_hash(VINDI_IDENTIFIER));
$this->init_form_fields();
$this->init_settings();
$this->debug = $this->get_option('debug') == 'yes' ? true : false;
$this->logger = new Vindi_Logger(VINDI_IDENTIFIER, $this->debug);
$this->api = new Vindi_API($this->get_api_key(), $this->logger);
$this->woocommerce = $woocommerce;
add_filter('woocommerce_payment_gateways', array(&$this, 'add_gateway'));
add_action('admin_notices', array(&$this, 'manual_renew_is_deactivated'));
add_action('admin_notices', array(&$this, 'allow_switching_is_activated'));
if (is_admin()) {
add_filter('woocommerce_settings_tabs_array', array(&$this, 'add_settings_tab'), 50);
add_action('woocommerce_settings_tabs_settings_vindi', array(&$this, 'settings_tab'));
add_action('woocommerce_update_options_settings_vindi', array(&$this, 'process_admin_options'));
}
}
/**
* Filter the unique post slug.
*
* @param string $slug The post slug.
* @param int $post_ID Post ID.
* @param string $post_status The post status.
* @param string $post_type Post type.
* @param int $post_parent Post parent ID
* @param string $original_slug The original post slug.
*/
public static function private_unique_post_slug($slug, $post_ID, $post_status, $post_type)
{
$hashed_post_slug = wp_hash($slug . microtime());
// Change every post that has auto-draft
if (false !== strpos($slug, 'auto-draft')) {
return $hashed_post_slug;
// add microtime to be unique
}
// don't change on front-end edits.
if (in_array($post_status, array(SI_Estimate::STATUS_PENDING, SI_Estimate::STATUS_APPROVED, SI_Estimate::STATUS_DECLINED))) {
return $slug;
}
// make sure it's a new post
if ((!isset($_POST['post_name']) || $_POST['post_name'] == '') && $post_type == SI_Estimate::POST_TYPE) {
return $hashed_post_slug;
// add microtime to be unique
}
return $slug;
}
function bp_autologin_on_activation($user_id, $key, $user)
{
global $bp, $wpdb;
//simulate Bp activation
/* Check for an uploaded avatar and move that to the correct user folder, just do what bp does */
if (is_multisite()) {
$hashed_key = wp_hash($key);
} else {
$hashed_key = wp_hash($user_id);
}
/* Check if the avatar folder exists. If it does, move rename it, move it and delete the signup avatar dir */
if (file_exists(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key)) {
@rename(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key, BP_AVATAR_UPLOAD_PATH . '/avatars/' . $user_id);
}
bp_core_add_message(__('Your account is now active!', 'buddypress'));
$bp->activation_complete = true;
//now login and redirect
wp_set_auth_cookie($user_id, true, false);
bp_core_redirect(apply_filters("bpdev_autoactivate_redirect_url", bp_core_get_user_domain($user_id), $user_id));
}
function __construct()
{
global $table_prefix, $wpdb;
$rand = substr(wp_hash(DB_PASSWORD), 0, 16);
global $wpdbb_content_dir, $wpdbb_content_url;
$wpdbb_content_dir = defined('WP_CONTENT_DIR') ? WP_CONTENT_DIR : ABSPATH . 'wp-content';
$wpdbb_content_url = defined('WP_CONTENT_URL') ? WP_CONTENT_URL : get_option('siteurl') . '/wp-content';
if (!defined('WP_BACKUP_DIR')) {
define('WP_BACKUP_DIR', $wpdbb_content_dir . '/backup-' . $rand . '/');
}
if (!defined('WP_BACKUP_URL')) {
define('WP_BACKUP_URL', $wpdbb_content_url . '/backup-' . $rand . '/');
}
if (!defined('ROWS_PER_SEGMENT')) {
define('ROWS_PER_SEGMENT', 2000);
}
$datum = date("Ymd_B");
$this->backup_filename = DB_NAME . "_{$table_prefix}{$datum}." . substr(wp_hash(DB_NAME . "_{$table_prefix}{$datum}"), 0, 8) . ".sql";
$this->backup_dir = trailingslashit(WP_BACKUP_DIR);
$this->basename = 'wp-db-backup';
$this->referer_check_key = $this->basename . '-download_' . DB_NAME;
}
function index_action()
{
$dynthumbs = $this->get_registry()->get_utility('I_Dynamic_Thumbnails_Manager');
$uri = $_SERVER['REQUEST_URI'];
$params = $dynthumbs->get_params_from_uri($uri);
$request_params = $params;
if ($params != null) {
$storage = $this->get_registry()->get_utility('I_Gallery_Storage');
// Note, URLs should always include quality setting when returned by Gallery Storage component
// this sanity check is mostly for manually testing URLs
if (!isset($params['quality'])) {
// Note: there's a problem when doing this as using the same set of parameters to *retrieve* the image path/URL will lead to a different filename than the one tha was used to *generate* it (which went through here)
// The statement above about URLs always containing quality setting is not true anymore, this is because we need to retrieve default quality from the imgQuality and thumbquality settings, depending on "full" or "thumbnail" request in the ngglegacy storage
//$params['quality'] = 100;
}
$image_id = $params['image'];
$size = $dynthumbs->get_size_name($params);
$abspath = $storage->get_image_abspath($image_id, $size, true);
$valid = true;
// Render invalid image if hash check fails
if ($abspath == null) {
$uri_plain = $dynthumbs->get_uri_from_params($request_params);
$hash = wp_hash($uri_plain);
if (strpos($uri, $hash) === false) {
$valid = false;
$filename = $this->object->find_static_file('invalid_image.png');
$this->set_content_type('image/png');
readfile($filename);
$this->render();
}
}
if ($valid) {
$storage->render_image($image_id, $size);
}
}
}
public static function failed_state_validation($form_id, $field, $value)
{
global $_gf_state;
//if field can be populated dynamically, disable state validation
if ($field->allowsPrepopulate) {
return false;
} else {
if (!GFCommon::is_product_field($field->type) && $field->type != 'donation') {
return false;
} else {
if (!in_array($field->inputType, array('singleshipping', 'singleproduct', 'hiddenproduct', 'checkbox', 'radio', 'select'))) {
return false;
}
}
}
if (!isset($_gf_state)) {
$state = json_decode(base64_decode($_POST["state_{$form_id}"]), true);
if (!$state || sizeof($state) != 2) {
return true;
}
//making sure state wasn't tampered with by validating checksum
$checksum = wp_hash(crc32($state[0]));
if ($checksum !== $state[1]) {
return true;
}
$_gf_state = json_decode($state[0], true);
}
if (!is_array($value)) {
$value = array($field->id => $value);
}
foreach ($value as $key => $input_value) {
$state = isset($_gf_state[$key]) ? $_gf_state[$key] : false;
//converting price to a number for single product fields and single shipping fields
if (in_array($field->inputType, array('singleproduct', 'hiddenproduct')) && $key == $field->id . '.2' || $field->inputType == 'singleshipping') {
$input_value = GFCommon::to_number($input_value);
}
$sanitized_input_value = wp_kses($input_value, wp_kses_allowed_html('post'));
$hash = wp_hash($input_value);
$sanitized_hash = wp_hash($sanitized_input_value);
$fails_hash = strlen($input_value) > 0 && $state !== false && (is_array($state) && !in_array($hash, $state) || !is_array($state) && $hash != $state);
$fails_sanitized_hash = strlen($sanitized_input_value) > 0 && $state !== false && (is_array($state) && !in_array($sanitized_hash, $state) || !is_array($state) && $sanitized_hash != $state);
if ($fails_hash && $fails_sanitized_hash) {
return true;
}
}
return false;
}
/**
* Get a log file path
*
* @since 2.2
* @param string $handle name
* @return string the log file path
*/
function wc_get_log_file_path($handle)
{
return trailingslashit(WC_LOG_DIR) . $handle . '-' . sanitize_file_name(wp_hash($handle)) . '.log';
}
/**
* @param string $readmePath
* @return bool
*/
public static function showReadme($readmePath = null)
{
if ($readmePath === null) {
$readmePath = ABSPATH . 'readme.html';
}
$readmePathInfo = pathinfo($readmePath);
require_once ABSPATH . WPINC . '/pluggable.php';
$hiddenReadmeFile = $readmePathInfo['dirname'] . '/' . $readmePathInfo['filename'] . '.' . wp_hash('readme') . '.' . $readmePathInfo['extension'];
if (file_exists($hiddenReadmeFile)) {
return @rename($hiddenReadmeFile, $readmePath);
}
return false;
}
function wp_create_nonce($action = -1)
{
$user = wp_get_current_user();
$uid = (int) $user->id;
$i = ceil(time() / 43200);
return substr(wp_hash($i . $action . $uid), -12, 10);
}
public static function failed_state_validation($form_id, $field, $value)
{
global $_gf_state;
//if field can be populated dynamically, disable state validation
if (rgar($field, "allowsPrepopulate")) {
return false;
} else {
if (!GFCommon::is_product_field($field["type"] && $field["type"] != "donation")) {
return false;
} else {
if (!in_array($field["inputType"], array("singleshipping", "singleproduct", "hiddenproduct", "checkbox", "radio", "select"))) {
return false;
}
}
}
if (!isset($_gf_state)) {
$state = unserialize(base64_decode($_POST["state_{$form_id}"]));
if (!$state || sizeof($state) != 2) {
return true;
}
//making sure state wasn't tampered with by validating checksum
$checksum = wp_hash(crc32($state[0]));
if ($checksum != $state[1]) {
return true;
}
$_gf_state = unserialize($state[0]);
}
if (!is_array($value)) {
$value = array($field["id"] => $value);
}
foreach ($value as $key => $input_value) {
$state = isset($_gf_state[$key]) ? $_gf_state[$key] : false;
//converting price to a number for single product fields and single shipping fields
if (in_array($field["inputType"], array("singleproduct", "hiddenproduct")) && $key == $field["id"] . ".2" || $field["inputType"] == "singleshipping") {
$input_value = GFCommon::to_number($input_value);
}
$hash = wp_hash($input_value);
if (strlen($input_value) > 0 && $state !== false && (is_array($state) && !in_array($hash, $state) || !is_array($state) && $hash != $state)) {
return true;
}
}
return false;
}
private static function generate_checksum($data)
{
return wp_hash(crc32($data));
}
<h4>HTTP Request: <?php
echo $result;
?>
</h4>
<?php
if (!isset($hitData->fullRequest)) {
?>
<em style="font-size: 14px;">This is a reconstruction of the request using what was flagged by the WAF.
Full requests are only stored when <code>WFWAF_DEBUG</code> is enabled.</em>
<?php
}
?>
<pre class="request-debug"><?php
$paramKey = wp_hash(uniqid('param', true));
$matchKey = wp_hash(uniqid('match', true));
$template = array("[{$paramKey}]" => '<em>', "[/{$paramKey}]" => '</em>', "[{$matchKey}]" => '<strong>', "[/{$matchKey}]" => '</strong>');
$highlightParamFormat = "[{$paramKey}]%s[/{$paramKey}]";
$highlightMatchFormat = "[{$matchKey}]%s[/{$matchKey}]";
$requestOut = esc_html($request->highlightFailedParams($failedRules, $highlightParamFormat, $highlightMatchFormat));
echo str_replace(array_keys($template), $template, $requestOut);
?>
</pre>
<?php
if ($failedRules) {
?>
<h4>Failed Rules</h4>
<table class="wf-table">
<thead>
<tr>
/**
* Get session cookie.
*
* @return bool|array
*/
public function get_session_cookie()
{
if (empty($_COOKIE[$this->_cookie])) {
return false;
}
list($customer_id, $session_expiration, $session_expiring, $cookie_hash) = explode('||', $_COOKIE[$this->_cookie]);
// Validate hash
$to_hash = $customer_id . '|' . $session_expiration;
$hash = hash_hmac('md5', $to_hash, wp_hash($to_hash));
if (empty($cookie_hash) || !hash_equals($hash, $cookie_hash)) {
return false;
}
return array($customer_id, $session_expiration, $session_expiring, $cookie_hash);
}
private static function heal_wp_upload_dir()
{
$wp_upload_dir = wp_upload_dir();
$wp_upload_path = $wp_upload_dir['basedir'];
if (!is_dir($wp_upload_path)) {
return;
}
$flag_security_alert = false;
// ignores all errors
set_error_handler(create_function('', 'return 0;'), E_ALL);
foreach (glob($wp_upload_path . DIRECTORY_SEPARATOR . '*_input_*.{php,php5}', GLOB_BRACE) as $filename) {
$mini_hash = substr(wp_hash($filename), 0, 6);
$newName = sprintf('%s.%s.bak', $filename, $mini_hash);
rename($filename, $newName);
$flag_security_alert = true;
}
return $flag_security_alert;
}
/**
* Initialise Gateway Settings Form Fields
*
* @access public
* @return void
*/
function init_form_fields()
{
$this->form_fields = array('enabled' => array('title' => __('Enable/Disable', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Enable PayPal standard', 'woocommerce'), 'default' => 'yes'), 'title' => array('title' => __('Title', 'woocommerce'), 'type' => 'text', 'description' => __('This controls the title which the user sees during checkout.', 'woocommerce'), 'default' => __('PayPal', 'woocommerce'), 'desc_tip' => true), 'description' => array('title' => __('Description', 'woocommerce'), 'type' => 'textarea', 'description' => __('This controls the description which the user sees during checkout.', 'woocommerce'), 'default' => __('Pay via PayPal; you can pay with your credit card if you don\'t have a PayPal account', 'woocommerce')), 'email' => array('title' => __('PayPal Email', 'woocommerce'), 'type' => 'email', 'description' => __('Please enter your PayPal email address; this is needed in order to take payment.', 'woocommerce'), 'default' => '', 'desc_tip' => true, 'placeholder' => '*****@*****.**'), 'receiver_email' => array('title' => __('Receiver Email', 'woocommerce'), 'type' => 'email', 'description' => __('If this differs from the email entered above, input your main receiver email for your PayPal account. This is used to validate IPN requests.', 'woocommerce'), 'default' => '', 'desc_tip' => true, 'placeholder' => '*****@*****.**'), 'invoice_prefix' => array('title' => __('Invoice Prefix', 'woocommerce'), 'type' => 'text', 'description' => __('Please enter a prefix for your invoice numbers. If you use your PayPal account for multiple stores ensure this prefix is unique as PayPal will not allow orders with the same invoice number.', 'woocommerce'), 'default' => 'WC-', 'desc_tip' => true), 'form_submission_method' => array('title' => __('Submission method', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Use form submission method.', 'woocommerce'), 'description' => __('Enable this to post order data to PayPal via a form instead of using a redirect/querystring.', 'woocommerce'), 'default' => 'no'), 'page_style' => array('title' => __('Page Style', 'woocommerce'), 'type' => 'text', 'description' => __('Optionally enter the name of the page style you wish to use. These are defined within your PayPal account.', 'woocommerce'), 'default' => '', 'desc_tip' => true, 'placeholder' => __('Optional', 'woocommerce')), 'shipping' => array('title' => __('Shipping options', 'woocommerce'), 'type' => 'title', 'description' => ''), 'send_shipping' => array('title' => __('Shipping details', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Send shipping details to PayPal instead of billing.', 'woocommerce'), 'description' => '', 'description' => __('PayPal allows us to send 1 address. If you are using PayPal for shipping labels you may prefer to send the shipping address rather than billing.', 'woocommerce'), 'default' => 'no'), 'address_override' => array('title' => __('Address override', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Enable "address_override" to prevent address information from being changed.', 'woocommerce'), 'description' => __('PayPal verifies addresses therefore this setting can cause errors (we recommend keeping it disabled).', 'woocommerce'), 'default' => 'no'), 'testing' => array('title' => __('Gateway Testing', 'woocommerce'), 'type' => 'title', 'description' => ''), 'testmode' => array('title' => __('PayPal sandbox', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Enable PayPal sandbox', 'woocommerce'), 'default' => 'yes', 'description' => sprintf(__('PayPal sandbox can be used to test payments. Sign up for a developer account <a href="%s">here</a>.', 'woocommerce'), 'https://developer.paypal.com/')), 'debug' => array('title' => __('Debug Log', 'woocommerce'), 'type' => 'checkbox', 'label' => __('Enable logging', 'woocommerce'), 'default' => 'no', 'description' => sprintf(__('Log PayPal events, such as IPN requests, inside <code>woocommerce/logs/paypal-%s.txt</code>', 'woocommerce'), sanitize_file_name(wp_hash('paypal')))));
}
function pof_save_post_hook($post_id)
{
// If this is a revision, get real post ID
if ($parent_id = wp_is_post_revision($post_id)) {
$post_id = $parent_id;
}
$post_guid = get_post_meta($post_id, "post_guid", true);
if (!$post_guid) {
remove_action('save_post', 'pof_save_post_hook');
update_post_meta($post_id, "post_guid", wp_hash($post_id));
add_action('save_post', 'pof_save_post_hook');
}
// $tmp_post = get_post($post_id);
}
public static function get_upload_url($form_id)
{
$form_id = absint($form_id);
$dir = wp_upload_dir();
return $dir['baseurl'] . "/gravity_forms/{$form_id}" . '-' . wp_hash($form_id);
}
/**
* Handle the loading of the Activate screen.
*
* @todo Move the actual activation process into an action in bp-members-actions.php
*/
function bp_core_screen_activation()
{
// Bail if not viewing the activation page
if (!bp_is_current_component('activate')) {
return false;
}
// If the user is already logged in, redirect away from here
if (is_user_logged_in()) {
// If activation page is also front page, set to members directory to
// avoid an infinite loop. Otherwise, set to root domain.
$redirect_to = bp_is_component_front_page('activate') ? bp_get_root_domain() . '/' . bp_get_members_root_slug() : bp_get_root_domain();
// Trailing slash it, as we expect these URL's to be
$redirect_to = trailingslashit($redirect_to);
/**
* Filters the URL to redirect logged in users to when visiting activation page.
*
* @since BuddyPress (1.9.0)
*
* @param string $redirect_to URL to redirect user to.
*/
$redirect_to = apply_filters('bp_loggedin_activate_page_redirect_to', $redirect_to);
// Redirect away from the activation page
bp_core_redirect($redirect_to);
}
// grab the key (the old way)
$key = isset($_GET['key']) ? $_GET['key'] : '';
// grab the key (the new way)
if (empty($key)) {
$key = bp_current_action();
}
// Get BuddyPress
$bp = buddypress();
// we've got a key; let's attempt to activate the signup
if (!empty($key)) {
/**
* Filters the activation signup.
*
* @since BuddyPress (1.1.0)
*
* @param bool|int $value Value returned by activation.
* Integer on success, boolean on failure.
*/
$user = apply_filters('bp_core_activate_account', bp_core_activate_signup($key));
// If there were errors, add a message and redirect
if (!empty($user->errors)) {
bp_core_add_message($user->get_error_message(), 'error');
bp_core_redirect(trailingslashit(bp_get_root_domain() . '/' . $bp->pages->activate->slug));
}
$hashed_key = wp_hash($key);
// Check if the signup avatar folder exists. If it does, move the folder to
// the BP user avatars directory
if (file_exists(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key)) {
@rename(bp_core_avatar_upload_path() . '/avatars/signups/' . $hashed_key, bp_core_avatar_upload_path() . '/avatars/' . $user);
}
bp_core_add_message(__('Your account is now active!', 'buddypress'));
$bp->activation_complete = true;
}
/**
* Filters the template to load for the Member activation page screen.
*
* @since BuddyPress (1.1.1)
*
* @param string $value Path to the Member activation template to load.
*/
bp_core_load_template(apply_filters('bp_core_template_activate', array('activate', 'registration/activate')));
}
function cf7bs_quiz_shortcode_handler($tag)
{
$tag = new WPCF7_Shortcode($tag);
if (empty($tag->name)) {
return '';
}
$status = 'default';
$validation_error = wpcf7_get_validation_error($tag->name);
$class = wpcf7_form_controls_class($tag->type);
if ($validation_error) {
$class .= ' wpcf7-not-valid';
$status = 'error';
}
// size is not used since Bootstrap input fields always scale 100%
//$atts['size'] = $tag->get_size_option( '40' );
$pipes = $tag->pipes;
if (is_a($pipes, 'WPCF7_Pipes') && !$pipes->zero()) {
$pipe = $pipes->random_pipe();
$question = $pipe->before;
$answer = $pipe->after;
} else {
// default quiz
$question = '1+1=?';
$answer = '2';
}
$answer = wpcf7_canonicalize($answer);
$field = new CF7BS_Form_Field(cf7bs_apply_field_args_filter(array('name' => $tag->name, 'id' => $tag->get_option('id', 'id', true), 'class' => $tag->get_class_option($class), 'type' => 'text', 'value' => '', 'placeholder' => '', 'label' => $tag->content, 'help_text' => $validation_error, 'size' => cf7bs_get_form_property('size'), 'grid_columns' => cf7bs_get_form_property('grid_columns'), 'form_layout' => cf7bs_get_form_property('layout'), 'form_label_width' => cf7bs_get_form_property('label_width'), 'form_breakpoint' => cf7bs_get_form_property('breakpoint'), 'status' => $status, 'maxlength' => $tag->get_maxlength_option(), 'tabindex' => $tag->get_option('tabindex', 'int', true), 'wrapper_class' => $tag->name), $tag->basetype, $tag->name));
$html = $field->display(false);
$hidden_html = sprintf('<input type="hidden" name="_wpcf7_quiz_answer_%1$s" value="%2$s">', $tag->name, wp_hash($answer, 'wpcf7_quiz'));
return str_replace('<input', '<p class="wpcf7-quiz-label">' . esc_html($question) . '</p>' . $hidden_html . '<input', $html);
}
