function management_page_load() { wp_reset_vars(array('page', 'action', 'poll', 'style', 'rating', 'id')); global $plugin_page, $page, $action, $poll, $style, $rating, $id, $wp_locale; $this->set_api_user_code(); if (empty($this->user_code) && $page == 'polls') { $action = 'signup'; } require_once WP_POLLDADDY__POLLDADDY_CLIENT_PATH; wp_enqueue_script('polls', "{$this->base_url}polldaddy.js", array('jquery', 'jquery-ui-sortable'), $this->version); wp_enqueue_script('polls-common', "{$this->base_url}common.js", array(), $this->version); if ($page == 'polls') { if (!$this->is_author && in_array($action, array('edit', 'edit-poll', 'create-poll', 'edit-style', 'create-style', 'list-styles', 'options', 'update-options', 'import-account'))) { //check user privileges has access to action $action = ''; } switch ($action) { case 'edit': case 'edit-poll': case 'create-poll': wp_enqueue_script('polls-style', "http://i.polldaddy.com/js/poll-style-picker.js", array(), $this->version); if ($action == 'create-poll') { $plugin_page = 'polls&action=create-poll'; } break; case 'edit-style': case 'create-style': wp_enqueue_script('polls-style', "http://i.polldaddy.com/js/style-editor.js", array(), $this->version); wp_enqueue_script('polls-style-color', "http://i.polldaddy.com/js/jquery/jscolor.js", array(), $this->version); wp_enqueue_style('polls', "{$this->base_url}style-editor.css", array(), $this->version); $plugin_page = 'polls&action=list-styles'; break; case 'list-styles': $plugin_page = 'polls&action=list-styles'; break; case 'options': case 'update-options': case 'import-account': $plugin_page = 'polls&action=options'; break; } } elseif ($page == 'ratings') { if (!$this->is_admin && !in_array($action, array('reports', 'delete'))) { //check user privileges has access to action $action = 'reports'; } switch ($action) { case 'delete': case 'reports': $plugin_page = 'ratings&action=reports'; break; default: wp_enqueue_script('rating-text-color', "http://i.polldaddy.com/js/jquery/jscolor.js", array(), $this->version); wp_enqueue_script('ratings', 'http://i.polldaddy.com/ratings/rating.js', array(), $this->version); wp_localize_script('polls-common', 'adminRatingsL10n', array('star_colors' => __('Star Colors', 'polldaddy'), 'star_size' => __('Star Size', 'polldaddy'), 'nero_type' => __('Nero Type', 'polldaddy'), 'nero_size' => __('Nero Size', 'polldaddy'))); } } wp_enqueue_script('admin-forms'); add_thickbox(); wp_enqueue_style('polls', "{$this->base_url}polldaddy.css", array('global', 'wp-admin'), $this->version); if (isset($wp_locale->text_direction) && 'rtl' == $wp_locale->text_direction) { wp_enqueue_style('polls-rtl', "{$this->base_url}polldaddy-rtl.css", array('global', 'wp-admin'), $this->version); } add_action('admin_body_class', array(&$this, 'admin_body_class')); add_action('admin_notices', array(&$this, 'management_page_notices')); $query_args = array(); $args = array(); $allowedtags = array('a' => array('href' => array(), 'title' => array(), 'target' => array()), 'img' => array('alt' => array(), 'align' => array(), 'border' => array(), 'class' => array(), 'height' => array(), 'hspace' => array(), 'longdesc' => array(), 'vspace' => array(), 'src' => array(), 'width' => array()), 'abbr' => array('title' => array()), 'acronym' => array('title' => array()), 'b' => array(), 'blockquote' => array('cite' => array()), 'cite' => array(), 'em' => array(), 'i' => array(), 'q' => array('cite' => array()), 'strike' => array(), 'strong' => array()); $is_POST = 'post' == strtolower($_SERVER['REQUEST_METHOD']); if ($page == 'polls') { switch ($action) { case 'signup': // sign up for first time // sign up for first time case 'account': // reauthenticate // reauthenticate case 'import-account': // reauthenticate if (!$is_POST) { return; } check_admin_referer('polldaddy-account'); if ($new_args = $this->management_page_load_signup()) { $query_args = array_merge($query_args, $new_args); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'imported-account'; wp_reset_vars(array('action')); if (!empty($_GET['reaction'])) { $query_args['action'] = $_GET['reaction']; } elseif (!empty($_GET['action']) && 'account' == $_GET['action']) { $query_args['action'] = $_GET['action']; } else { $query_args['action'] = false; } break; case 'delete': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("delete-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to delete this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->delete_poll($poll_id); } $query_args['message'] = 'deleted'; $query_args['deleted'] = count((array) $poll); break; case 'open': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("open-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to open this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->open_poll($poll_id); } $query_args['message'] = 'opened'; $query_args['opened'] = count((array) $poll); break; case 'close': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("close-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to close this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->close_poll($poll_id); } $query_args['message'] = 'closed'; $query_args['closed'] = count((array) $poll); break; case 'edit-poll': // TODO: use polldaddy_poll if (!$is_POST || !($poll = (int) $poll)) { return; } check_admin_referer("edit-poll_{$poll}"); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll); $this->parse_errors($polldaddy); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to edit this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $this->parse_errors($polldaddy); $polldaddy->userCode = $userCode; } if (!$poll_object) { $this->errors->add('GetPoll', __('Poll not found', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $poll_data = get_object_vars($poll_object); foreach ($poll_data as $key => $value) { if ('_' === $key[0]) { unset($poll_data[$key]); } } foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $poll_data[$option] = 'yes'; } else { $poll_data[$option] = 'no'; } } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $poll_data['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $poll_data['resultsType'] = $_POST['resultsType']; } $poll_data['question'] = stripslashes($_POST['question']); if (empty($_POST['answer']) || !is_array($_POST['answer'])) { $this->errors->add('answer', __('Invalid answers', 'polldaddy')); } $answers = array(); foreach ($_POST['answer'] as $answer_id => $answer) { $answer = stripslashes(trim($answer)); if (strlen($answer) > 0) { $answer = wp_kses($answer, $allowedtags); $args['text'] = (string) $answer; if (is_numeric($answer_id)) { $answers[] = polldaddy_poll_answer($args, $answer_id); } else { $answers[] = polldaddy_poll_answer($args); } } } if (2 > count($answers)) { $this->errors->add('answer', __('You must include at least 2 answers', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $poll_data['answers'] = $answers; $poll_data['question'] = wp_kses($poll_data['question'], $allowedtags); if (isset($_POST['styleID'])) { if ($_POST['styleID'] == 'x') { $this->errors->add('UpdatePoll', __('Please choose a poll style', 'polldaddy')); return false; } } $poll_data['styleID'] = (int) $_POST['styleID']; $poll_data['choices'] = (int) $_POST['choices']; if ($poll_data['blockRepeatVotersType'] == 'cookie') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } elseif ($poll_data['blockRepeatVotersType'] == 'cookieip') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } $polldaddy->reset(); $update_response = $polldaddy->update_poll($poll, $poll_data); $this->parse_errors($polldaddy); if (!$update_response) { $this->errors->add('UpdatePoll', __('Poll could not be updated', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated'; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'create-poll': if (!$is_POST) { return; } check_admin_referer('create-poll'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $answers = array(); foreach ($_POST['answer'] as $answer) { $answer = stripslashes(trim($answer)); if (strlen($answer) > 0) { $answer = wp_kses($answer, $allowedtags); $args['text'] = (string) $answer; $answers[] = polldaddy_poll_answer($args); } } if (!$answers) { return false; } $poll_data = _polldaddy_poll_defaults(); foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $poll_data[$option] = 'yes'; } else { $poll_data[$option] = 'no'; } } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $poll_data['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $poll_data['resultsType'] = $_POST['resultsType']; } $poll_data['answers'] = $answers; $poll_data['question'] = stripslashes($_POST['question']); $poll_data['question'] = wp_kses($poll_data['question'], $allowedtags); if (isset($_POST['styleID'])) { if ($_POST['styleID'] == 'x') { $this->errors->add('UpdatePoll', __('Please choose a poll style', 'polldaddy')); return false; } } $poll_data['styleID'] = (int) $_POST['styleID']; $poll_data['choices'] = (int) $_POST['choices']; if ($poll_data['blockRepeatVotersType'] == 'cookie') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } elseif ($poll_data['blockRepeatVotersType'] == 'cookieip') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } $poll = $polldaddy->create_poll($poll_data); $this->parse_errors($polldaddy); if (!$poll || empty($poll->_id)) { $this->errors->add('CreatePoll', __('Poll could not be created', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'created'; $query_args['action'] = 'edit-poll'; $query_args['poll'] = $poll->_id; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'delete-style': if (empty($style)) { return; } if (is_array($style)) { check_admin_referer('action-style_bulk'); } else { check_admin_referer("delete-style_{$style}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['style'] as $style_id) { $polldaddy->reset(); $polldaddy->delete_style($style_id); } $query_args['message'] = 'deleted-style'; $query_args['deleted'] = count((array) $style); break; case 'edit-style': if (!$is_POST || !($style = (int) $style)) { return; } check_admin_referer("edit-style{$style}"); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $style_data = _polldaddy_style_defaults(); if (isset($_POST['style-title'])) { $style_data['title'] = stripslashes(trim((string) $_POST['style-title'])); } if (isset($_POST['CSSXML'])) { $style_data['css'] = urlencode(stripslashes(trim((string) $_POST['CSSXML']))); } if (isset($_REQUEST['updatePollCheck']) && $_REQUEST['updatePollCheck'] == 'on') { $style_data['retro'] = 1; } $update_response = $polldaddy->update_style($style, $style_data); $this->parse_errors($polldaddy); if (!$update_response) { $this->errors->add('UpdateStyle', __('Style could not be updated', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated-style'; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'create-style': if (!$is_POST) { return; } check_admin_referer('create-style'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $style_data = _polldaddy_style_defaults(); if (isset($_POST['style-title'])) { $style_data['title'] = stripslashes(strip_tags(trim((string) $_POST['style-title']))); } if (isset($_POST['CSSXML'])) { $style_data['css'] = urlencode(stripslashes(trim((string) $_POST['CSSXML']))); } $style = $polldaddy->create_style($style_data); $this->parse_errors($polldaddy); if (!$style || empty($style->_id)) { $this->errors->add('CreateStyle', __('Style could not be created', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'created-style'; $query_args['action'] = 'edit-style'; $query_args['style'] = $style->_id; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'update-options': if (!$is_POST) { return; } check_admin_referer('polldaddy-account'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $poll_defaults = _polldaddy_poll_defaults(); $user_defaults = array(); foreach (array("multipleChoice", "randomiseAnswers", "otherAnswer", "sharing", "resultsType", "styleID", "blockRepeatVotersType", "blockExpiration") as $option) { if (isset($poll_defaults[$option]) && $poll_defaults[$option]) { $user_defaults[$option] = $poll_defaults[$option]; } } foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $user_defaults[$option] = 'yes'; } else { $user_defaults[$option] = 'no'; } } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $user_defaults['resultsType'] = $_POST['resultsType']; } if (isset($_POST['styleID'])) { $user_defaults['styleID'] = (int) $_POST['styleID']; } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $user_defaults['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } if (isset($_POST['blockExpiration'])) { $user_defaults['blockExpiration'] = (int) $_POST['blockExpiration']; } $polldaddy->update_poll_defaults(0, $user_defaults); $this->parse_errors($polldaddy); if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated-options'; break; default: return; } } elseif ($page == 'ratings') { switch ($action) { case 'delete': if (empty($id)) { return; } if (empty($rating)) { return; } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->rating_user_code); if (is_array($rating)) { check_admin_referer('action-rating_bulk'); foreach ($rating as $key => $value) { $polldaddy->reset(); $polldaddy->delete_rating_result($id, $value); } } else { check_admin_referer("delete-rating_{$rating}"); $polldaddy->delete_rating_result($id, $rating); } if (isset($_REQUEST['filter'])) { $query_args['filter'] = $_REQUEST['filter']; } if (isset($_REQUEST['change-report-to'])) { $query_args['change-report-to'] = $_REQUEST['change-report-to']; } $query_args['message'] = 'deleted-rating'; $query_args['deleted'] = count((array) $rating); break; default: return; } } wp_redirect(add_query_arg($query_args, wp_get_referer())); exit; }
function &polldaddy_poll($args = null, $id = null, $_require_data = true) { $false = false; if (is_a($args, 'PollDaddy_Poll')) { if (is_null($id)) { return $args; } if (!($id = (int) $id)) { return $false; } $args->_id = $id; return $args; } $defaults = _polldaddy_poll_defaults(); if (!is_null($args)) { $args = wp_parse_args($args, $defaults); $args['parentID'] = (int) $args['parentID']; if ($_require_data) { if (!is_string($args['question']) || !$args['question']) { return $false; } if (!is_array($args['answers']) || !$args['answers']) { return $false; } } foreach (array('multipleChoice', 'randomiseAnswers', 'makePublic', 'otherAnswer', 'closePoll', 'closePollNow', 'sharing') as $bool) { if ('no' !== $args[$bool] && 'yes' !== $args[$bool]) { $args[$bool] = $defaults[$bool]; } } global $wpdb; $public = (int) $wpdb->get_var($wpdb->prepare("SELECT public FROM wp_blogs WHERE blog_id = %d", $wpdb->blogid)); if ($public == -1) { $args['makePublic'] = 'no'; } foreach (array('styleID', 'packID', 'folderID', 'languageID', 'choices', 'blockExpiration') as $int) { if (!is_numeric($args[$int])) { $args[$bool] = $defaults[$int]; } } if (!in_array($args['resultsType'], array('show', 'percent', 'hide'))) { $args['resultsType'] = $defaults['resultsType']; } if (!in_array($args['blockRepeatVotersType'], array('off', 'cookie', 'cookieip'))) { $args['blockRepeatVotersType'] = $defaults['blockRepeatVotersType']; } if (!in_array($args['comments'], array('off', 'allow', 'moderate'))) { $args['comments'] = $defaults['comments']; } if (is_numeric($args['closeDate'])) { $args['closeDate'] = gmdate('Y-m-d H:i:s', $args['closeDate']); } if (!$args['closeDate']) { $args['closeDate'] = gmdate('Y-m-d H:i:s'); } $args['answers'] = new PollDaddy_Poll_Answers(array('answer' => $args['answers'])); if (is_null($id)) { $id = $args['id']; } unset($args['id']); } $obj = new PollDaddy_Poll($args, compact('id')); return $obj; }
function management_page_load() { wp_reset_vars(array('page', 'action', 'poll', 'style', 'rating', 'id')); global $plugin_page, $page, $action, $poll, $style, $rating, $id, $wp_locale; $this->set_api_user_code(); if (empty($this->user_code) && $page == 'polls') { // one last try to get the user code automatically if possible $this->user_code = apply_filters_ref_array('polldaddy_get_user_code', array($this->user_code, &$this)); if (false == $this->user_code && $action != 'restore-account') { $action = 'signup'; } } require_once WP_POLLDADDY__POLLDADDY_CLIENT_PATH; wp_enqueue_script('polls', "{$this->base_url}js/polldaddy.js", array('jquery', 'jquery-ui-sortable', 'jquery-form'), $this->version); wp_enqueue_script('polls-common', "{$this->base_url}js/common.js", array(), $this->version); if ($page == 'polls') { if (!$this->is_author && in_array($action, array('edit', 'edit-poll', 'create-poll', 'edit-style', 'create-style', 'list-styles', 'options', 'update-options', 'import-account'))) { //check user privileges has access to action $action = ''; } switch ($action) { case 'edit': case 'edit-poll': case 'create-poll': case 'add-media': wp_enqueue_script('media-upload', array(), $this->version); wp_enqueue_script('polls-style', "{$this->base_url}js/poll-style-picker.js", array('polls', 'polls-common'), $this->version); if ($action == 'create-poll') { $plugin_page = 'polls&action=create-poll'; } break; case 'edit-style': case 'create-style': wp_enqueue_script('polls-style', "{$this->base_url}js/style-editor.js", array('polls', 'polls-common'), $this->version); wp_enqueue_script('polls-style-color', "{$this->base_url}js/jscolor.js", array(), $this->version); wp_enqueue_style('polls', "{$this->base_url}css/style-editor.css", array(), $this->version); $plugin_page = 'polls&action=list-styles'; break; case 'list-styles': $plugin_page = 'polls&action=list-styles'; break; case 'options': case 'update-options': case 'import-account': case 'reset-account': case 'restore-account': $plugin_page = 'polls&action=options'; break; } //end switch } elseif ($page == 'ratings') { switch ($action) { case 'update-rating': case 'options': $plugin_page = 'ratings&action=options'; wp_enqueue_script('rating-text-color', "{$this->base_url}js/jscolor.js", array(), $this->version); wp_enqueue_script('ratings', "{$this->base_url}js/rating.js", array(), $this->version); wp_localize_script('polls-common', 'adminRatingsL10n', array('star_colors' => __('Star Colors', 'polldaddy'), 'star_size' => __('Star Size', 'polldaddy'), 'nero_type' => __('Nero Type', 'polldaddy'), 'nero_size' => __('Nero Size', 'polldaddy'))); break; default: if (empty($action)) { $action = 'reports'; } $plugin_page = 'ratings&action=reports'; } //end switch } wp_enqueue_style('polldaddy', "{$this->base_url}css/polldaddy.css", array(), $this->version); wp_enqueue_script('admin-forms'); add_thickbox(); if (isset($_GET['iframe'])) { add_action('admin_head', array(&$this, 'hide_admin_menu')); } if (isset($wp_locale->text_direction) && 'rtl' == $wp_locale->text_direction) { wp_enqueue_style('polls-rtl', "{$this->base_url}css/polldaddy-rtl.css", array('global', 'wp-admin'), $this->version); } add_action('admin_body_class', array(&$this, 'admin_body_class')); add_action('admin_notices', array(&$this, 'management_page_notices')); $query_args = array(); $args = array(); $allowedtags = array('a' => array('href' => array(), 'title' => array(), 'target' => array()), 'img' => array('alt' => array(), 'align' => array(), 'border' => array(), 'class' => array(), 'height' => array(), 'hspace' => array(), 'longdesc' => array(), 'vspace' => array(), 'src' => array(), 'width' => array()), 'abbr' => array('title' => array()), 'acronym' => array('title' => array()), 'blockquote' => array('cite' => array()), 'q' => array('cite' => array()), 'b' => array(), 'cite' => array(), 'em' => array(), 'i' => array(), 'strike' => array(), 'strong' => array()); $is_POST = 'post' == strtolower($_SERVER['REQUEST_METHOD']); if ($page == 'polls') { switch ($action) { case 'reset-account': // reset everything global $current_user; check_admin_referer('polldaddy-reset' . $this->id); $fields = array('polldaddy_api_key', 'pd-rating-comments', 'pd-rating-comments-id', 'pd-rating-comments-pos', 'pd-rating-exclude-post-ids', 'pd-rating-pages', 'pd-rating-pages-id', 'pd-rating-posts', 'pd-rating-posts-id', 'pd-rating-posts-index', 'pd-rating-posts-index-id', 'pd-rating-posts-index-pos', 'pd-rating-posts-pos', 'pd-rating-title-filter', 'pd-rating-usercode', 'pd-rich-snippets', 'pd-usercode-' . $current_user->ID); $msg = __("You have just reset your Polldaddy connection settings.") . "\n\n"; foreach ($fields as $field) { $value = get_option($field); if ($value != false) { $settings[$field] = $value; $msg .= "{$field}: {$value}\n"; delete_option($field); } } if (isset($_POST['email'])) { wp_mail($current_user->user_email, "Polldaddy Settings", $msg); } update_option('polldaddy_settings', $settings); break; case 'restore-account': // restore everything global $current_user; check_admin_referer('polldaddy-restore' . $this->id); $previous_settings = get_option('polldaddy_settings'); foreach ($previous_settings as $key => $value) { update_option($key, $value); } delete_option('polldaddy_settings'); break; case 'restore-ratings': // restore ratings global $current_user; check_admin_referer('polldaddy-restore-ratings' . $this->id); $previous_settings = get_option('polldaddy_settings'); $fields = array('pd-rating-comments', 'pd-rating-comments-id', 'pd-rating-comments-pos', 'pd-rating-exclude-post-ids', 'pd-rating-pages', 'pd-rating-pages-id', 'pd-rating-posts', 'pd-rating-posts-id', 'pd-rating-posts-index', 'pd-rating-posts-index-id', 'pd-rating-posts-index-pos', 'pd-rating-posts-pos', 'pd-rating-title-filter'); foreach ($fields as $key) { if (isset($previous_settings[$key])) { update_option($key, $previous_settings[$key]); } } break; case 'signup': // sign up for first time // sign up for first time case 'account': // reauthenticate // reauthenticate case 'import-account': // reauthenticate if (!$is_POST) { return; } check_admin_referer('polldaddy-account'); $this->user_code = ''; update_option('pd-usercode-' . $this->id, ''); if ($new_args = $this->management_page_load_signup()) { $query_args = array_merge($query_args, $new_args); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'imported-account'; wp_reset_vars(array('action')); if (!empty($_GET['reaction'])) { $query_args['action'] = $_GET['reaction']; } elseif (!empty($_GET['action']) && 'account' == $_GET['action']) { $query_args['action'] = $_GET['action']; } else { $query_args['action'] = false; } if ($action == 'import-account') { $query_args['action'] = 'options'; } // make sure we redirect back to the right page. break; case 'delete': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("delete-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll_id); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to delete this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->delete_poll($poll_id); } $query_args['message'] = 'deleted'; $query_args['deleted'] = count((array) $poll); break; case 'open': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("open-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll_id); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to open this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->open_poll($poll_id); } $query_args['message'] = 'opened'; $query_args['opened'] = count((array) $poll); break; case 'close': if (empty($poll)) { return; } if (is_array($poll)) { check_admin_referer('action-poll_bulk'); } else { check_admin_referer("close-poll_{$poll}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['poll'] as $poll_id) { $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll_id); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to close this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $polldaddy->userCode = $userCode; } $polldaddy->reset(); $polldaddy->close_poll($poll_id); } $query_args['message'] = 'closed'; $query_args['closed'] = count((array) $poll); break; case 'edit-poll': // TODO: use polldaddy_poll if (!$is_POST || !($poll = (int) $poll)) { return; } check_admin_referer("edit-poll_{$poll}"); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $poll_object = $polldaddy->get_poll($poll); $this->parse_errors($polldaddy); if (!$this->can_edit($poll_object)) { $this->errors->add('permission', __('You are not allowed to edit this poll.', 'polldaddy')); return false; } // Send Poll Author credentials if (!empty($poll_object->_owner) && $this->id != $poll_object->_owner) { $polldaddy->reset(); if (!($userCode = $polldaddy->get_usercode($poll_object->_owner))) { $this->errors->add('no_usercode', __('Invalid Poll Author', 'polldaddy')); } $this->parse_errors($polldaddy); $polldaddy->userCode = $userCode; } if (!$poll_object) { $this->errors->add('GetPoll', __('Poll not found', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $media = $mediaType = array(); if (isset($_POST['media'])) { $media = $_POST['media']; unset($_POST['media']); } if (isset($_POST['mediaType'])) { $mediaType = $_POST['mediaType']; unset($_POST['mediaType']); } $poll_data = get_object_vars($poll_object); foreach ($poll_data as $key => $value) { if ('_' === $key[0]) { unset($poll_data[$key]); } } foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $poll_data[$option] = 'yes'; } else { $poll_data[$option] = 'no'; } } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $poll_data['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $poll_data['resultsType'] = $_POST['resultsType']; } $poll_data['question'] = stripslashes($_POST['question']); $comments = array('off', 'allow', 'moderate'); if (isset($_POST['comments']) && in_array($_POST['comments'], $comments)) { $poll_data['comments'] = $_POST['comments']; } if (empty($_POST['answer']) || !is_array($_POST['answer'])) { $this->errors->add('answer', __('Invalid answers', 'polldaddy')); } $answers = array(); foreach ($_POST['answer'] as $answer_id => $answer) { $answer = stripslashes(trim($answer)); if (strlen($answer) > 0) { $answer = wp_kses($answer, $allowedtags); $args['text'] = (string) $answer; $answer_id = str_replace('new', '', $answer_id); $mc = ''; $mt = 0; if (isset($media[$answer_id])) { $mc = esc_html($media[$answer_id]); } if (isset($mediaType[$answer_id])) { $mt = intval($mediaType[$answer_id]); } $args['mediaType'] = $mt; $args['mediaCode'] = $mc; if ($answer_id > 1000) { $answer = polldaddy_poll_answer($args, $answer_id); } else { $answer = polldaddy_poll_answer($args); } if (isset($answer) && is_a($answer, 'Polldaddy_Poll_Answer')) { $answers[] = $answer; } } } if (2 > count($answers)) { $this->errors->add('answer', __('You must include at least 2 answers', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $poll_data['answers'] = $answers; $poll_data['question'] = wp_kses($poll_data['question'], $allowedtags); if (isset($_POST['styleID'])) { if ($_POST['styleID'] == 'x') { $this->errors->add('UpdatePoll', __('Please choose a poll style', 'polldaddy')); return false; } } $poll_data['styleID'] = (int) $_POST['styleID']; $poll_data['choices'] = (int) $_POST['choices']; if ($poll_data['blockRepeatVotersType'] == 'cookie') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } elseif ($poll_data['blockRepeatVotersType'] == 'cookieip') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } if (isset($media[999999999])) { $poll_data['mediaCode'] = esc_html($media[999999999]); } if (isset($mediaType[999999999])) { $poll_data['mediaType'] = intval($mediaType[999999999]); } if (isset($GLOBALS['blog_id'])) { $poll_data['parentID'] = (int) $GLOBALS['blog_id']; } $polldaddy->reset(); $update_response = $polldaddy->update_poll($poll, $poll_data); $this->parse_errors($polldaddy); if (!$update_response) { $this->errors->add('UpdatePoll', __('Poll could not be updated', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated'; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'create-poll': if (!$is_POST) { return; } check_admin_referer('create-poll'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $media = $mediaType = array(); if (isset($_POST['media'])) { $media = $_POST['media']; unset($_POST['media']); } if (isset($_POST['mediaType'])) { $mediaType = $_POST['mediaType']; unset($_POST['mediaType']); } $answers = array(); foreach ($_POST['answer'] as $answer_id => $answer) { $answer = stripslashes(trim($answer)); if (strlen($answer) > 0) { $answer = wp_kses($answer, $allowedtags); $args['text'] = (string) $answer; $answer_id = (int) str_replace('new', '', $answer_id); $mc = ''; $mt = 0; if (isset($media[$answer_id])) { $mc = esc_html($media[$answer_id]); } if (isset($mediaType[$answer_id])) { $mt = intval($mediaType[$answer_id]); } $args['mediaType'] = $mt; $args['mediaCode'] = $mc; $answer = polldaddy_poll_answer($args); if (isset($answer) && is_a($answer, 'Polldaddy_Poll_Answer')) { $answers[] = $answer; } } } if (!$answers) { return false; } $poll_data = _polldaddy_poll_defaults(); foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $poll_data[$option] = 'yes'; } else { $poll_data[$option] = 'no'; } } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $poll_data['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $poll_data['resultsType'] = $_POST['resultsType']; } $comments = array('off', 'allow', 'moderate'); if (isset($_POST['comments']) && in_array($_POST['comments'], $comments)) { $poll_data['comments'] = $_POST['comments']; } $poll_data['answers'] = $answers; $poll_data['question'] = stripslashes($_POST['question']); $poll_data['question'] = wp_kses($poll_data['question'], $allowedtags); if (isset($_POST['styleID'])) { if ($_POST['styleID'] == 'x') { $this->errors->add('UpdatePoll', __('Please choose a poll style', 'polldaddy')); return false; } } $poll_data['styleID'] = (int) $_POST['styleID']; $poll_data['choices'] = (int) $_POST['choices']; if ($poll_data['blockRepeatVotersType'] == 'cookie') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } elseif ($poll_data['blockRepeatVotersType'] == 'cookieip') { if (isset($_POST['cookieip_expiration'])) { $poll_data['blockExpiration'] = (int) $_POST['cookieip_expiration']; } } if (isset($media[999999999])) { $poll_data['mediaCode'] = esc_html($media[999999999]); } if (isset($mediaType[999999999])) { $poll_data['mediaType'] = intval($mediaType[999999999]); } $poll = $polldaddy->create_poll($poll_data); $this->parse_errors($polldaddy); if (!$poll || empty($poll->_id)) { $this->errors->add('CreatePoll', __('Poll could not be created', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'created'; $query_args['action'] = 'edit-poll'; $query_args['poll'] = $poll->_id; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'delete-style': if (empty($style)) { return; } if (is_array($style)) { check_admin_referer('action-style_bulk'); } else { check_admin_referer("delete-style_{$style}"); } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); foreach ((array) $_REQUEST['style'] as $style_id) { $polldaddy->reset(); $polldaddy->delete_style($style_id); } $query_args['message'] = 'deleted-style'; $query_args['deleted'] = count((array) $style); break; case 'edit-style': if (!$is_POST || !($style = (int) $style)) { return; } check_admin_referer("edit-style{$style}"); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $style_data = _polldaddy_style_defaults(); if (isset($_POST['style-title'])) { $style_data['title'] = stripslashes(trim((string) $_POST['style-title'])); } if (isset($_POST['CSSXML'])) { $style_data['css'] = urlencode(stripslashes(trim((string) $_POST['CSSXML']))); } if (isset($_REQUEST['updatePollCheck']) && $_REQUEST['updatePollCheck'] == 'on') { $style_data['retro'] = 1; } $update_response = $polldaddy->update_style($style, $style_data); $this->parse_errors($polldaddy); if (!$update_response) { $this->errors->add('UpdateStyle', __('Style could not be updated', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated-style'; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'create-style': if (!$is_POST) { return; } check_admin_referer('create-style'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $style_data = _polldaddy_style_defaults(); if (isset($_POST['style-title'])) { $style_data['title'] = stripslashes(strip_tags(trim((string) $_POST['style-title']))); } if (isset($_POST['CSSXML'])) { $style_data['css'] = urlencode(stripslashes(trim((string) $_POST['CSSXML']))); } $style = $polldaddy->create_style($style_data); $this->parse_errors($polldaddy); if (!$style || empty($style->_id)) { $this->errors->add('CreateStyle', __('Style could not be created', 'polldaddy')); } if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'created-style'; $query_args['action'] = 'edit-style'; $query_args['style'] = $style->_id; if (isset($_POST['iframe'])) { $query_args['iframe'] = ''; } break; case 'update-options': if (!$is_POST) { return; } check_admin_referer('polldaddy-account'); $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->user_code); $polldaddy->reset(); $poll_defaults = _polldaddy_poll_defaults(); $user_defaults = array(); foreach (array("multipleChoice", "randomiseAnswers", "otherAnswer", "sharing", "resultsType", "styleID", "blockRepeatVotersType", "blockExpiration") as $option) { if (isset($poll_defaults[$option]) && $poll_defaults[$option]) { $user_defaults[$option] = $poll_defaults[$option]; } } foreach (array('multipleChoice', 'randomiseAnswers', 'otherAnswer', 'sharing') as $option) { if (isset($_POST[$option]) && $_POST[$option]) { $user_defaults[$option] = 'yes'; } else { $user_defaults[$option] = 'no'; } } $results = array('show', 'percent', 'hide'); if (isset($_POST['resultsType']) && in_array($_POST['resultsType'], $results)) { $user_defaults['resultsType'] = $_POST['resultsType']; } if (isset($_POST['styleID'])) { $user_defaults['styleID'] = (int) $_POST['styleID']; } $blocks = array('off', 'cookie', 'cookieip'); if (isset($_POST['blockRepeatVotersType']) && in_array($_POST['blockRepeatVotersType'], $blocks)) { $user_defaults['blockRepeatVotersType'] = $_POST['blockRepeatVotersType']; } if (isset($_POST['blockExpiration'])) { $user_defaults['blockExpiration'] = (int) $_POST['blockExpiration']; } $polldaddy->update_poll_defaults(0, $user_defaults); $this->parse_errors($polldaddy); if ($this->errors->get_error_codes()) { return false; } $query_args['message'] = 'updated-options'; break; default: return; } //end switch } elseif ($page == 'ratings') { switch ($action) { case 'delete': if (empty($id)) { return; } if (empty($rating)) { return; } $polldaddy = $this->get_client(WP_POLLDADDY__PARTNERGUID, $this->rating_user_code); if (is_array($rating)) { check_admin_referer('action-rating_bulk'); foreach ($rating as $key => $value) { $polldaddy->reset(); $polldaddy->delete_rating_result($id, $value); } } else { check_admin_referer("delete-rating_{$rating}"); $polldaddy->delete_rating_result($id, $rating); } if (isset($_REQUEST['filter'])) { $query_args['filter'] = $_REQUEST['filter']; } if (isset($_REQUEST['change-report-to'])) { $query_args['change-report-to'] = $_REQUEST['change-report-to']; } $query_args['message'] = 'deleted-rating'; $query_args['deleted'] = count((array) $rating); break; default: return; } //end switch } wp_safe_redirect(add_query_arg($query_args, wp_get_referer())); exit; }