function cimy_save_options() { global $wpdb, $cimy_uef_version, $wpdb_wp_fields_table, $max_length_fieldset_value, $cimy_uef_domain, $wp_hidden_fields, $max_length_extra_fields_title; if (!cimy_check_admin('manage_options')) { return; } if (isset($_POST['force_activation'])) { cimy_plugin_install(); return; } if (!check_admin_referer('cimy_uef_options', 'cimy_uef_optionsnonce')) { return; } $results = array(); $do_not_save_options = false; $options = cimy_get_options(); $old_wp_hidden_fields = $options['wp_hidden_fields']; $options['aue_hidden_fields'] = array(); $options['wp_hidden_fields'] = array(); $options['welcome_email'] = stripslashes($_POST['welcome_email']); $options['extra_fields_title'] = stripslashes($_POST['extra_fields_title']); $options['extra_fields_title'] = substr($options['extra_fields_title'], 0, $max_length_extra_fields_title); $options['fieldset_title'] = stripslashes($_POST['fieldset_title']); $options['fieldset_title'] = substr($options['fieldset_title'], 0, $max_length_fieldset_value); $old_reg_log = $options['registration-logo']; $registration_logo = cimy_manage_upload("registration_logo", "", array(), empty($old_reg_log) ? false : basename($old_reg_log), isset($_POST['registration_logo_del']), "registration-logo"); if (!empty($registration_logo) || isset($_POST['registration_logo_del'])) { $options['registration-logo'] = $registration_logo; } if (isset($_POST['db_wp_fields_check'])) { switch ($_POST['db_wp_fields']) { case 'empty': cimy_manage_db('empty_wp_fields'); $results['empty_wp_fields'] = __("WordPress Fields table emptied", $cimy_uef_domain); break; case 'delete': cimy_manage_db('drop_wp_fields'); $results['empty_wp_fields'] = __("WordPress Fields table deleted", $cimy_uef_domain); break; } } if (isset($_POST['db_extra_fields_check'])) { switch ($_POST['db_extra_fields']) { case 'empty': cimy_manage_db('empty_extra_fields'); $results['empty_extra_fields'] = __("Extra Fields table emptied", $cimy_uef_domain); break; case 'delete': cimy_manage_db('drop_extra_fields'); $results['empty_extra_fields'] = __("Extra Fields table deleted", $cimy_uef_domain); break; } } if (isset($_POST['db_data_check'])) { switch ($_POST['db_data']) { case 'empty': cimy_manage_db('empty_data'); $results['empty_data'] = __("Users Data table emptied", $cimy_uef_domain); break; case 'delete': cimy_manage_db('drop_data'); $results['empty_data'] = __("Users Data table deleted", $cimy_uef_domain); break; } } if (isset($_POST['db_options_check'])) { switch ($_POST['db_options']) { case 'default': cimy_manage_db('default_options'); $do_not_save_options = true; $results['results'] = __("Options set to default values", $cimy_uef_domain); break; case 'delete': cimy_manage_db('drop_options'); $do_not_save_options = true; $results['results'] = __("Options deleted", $cimy_uef_domain); break; } } if (isset($_POST['do_not_save_options'])) { $do_not_save_options = true; } if (isset($_POST['hide_username'])) { array_push($options['aue_hidden_fields'], 'username'); } if (isset($_POST['hide_name'])) { array_push($options['aue_hidden_fields'], 'name'); } if (isset($_POST['hide_posts'])) { array_push($options['aue_hidden_fields'], 'posts'); } if (isset($_POST['hide_email'])) { array_push($options['aue_hidden_fields'], 'email'); } if (isset($_POST['hide_website'])) { array_push($options['aue_hidden_fields'], 'website'); } if (isset($_POST['hide_role'])) { array_push($options['aue_hidden_fields'], 'role'); } $tot_wp_hidden_fields = count($old_wp_hidden_fields); $action = "add"; isset($_POST['confirm_email']) ? $options['confirm_email'] = true : ($options['confirm_email'] = false); isset($_POST['confirm_form']) ? $options['confirm_form'] = true : ($options['confirm_form'] = false); if ($options['confirm_email']) { cimy_force_signup_table_creation(); } isset($_POST['redirect_to']) ? $options['redirect_to'] = $_POST['redirect_to'] : ($options['redirect_to'] = ""); isset($_POST['mail_include_fields']) ? $options['mail_include_fields'] = true : ($options['mail_include_fields'] = false); if (isset($_POST['captcha'])) { $options['captcha'] = $_POST['captcha']; } if (isset($_POST['recaptcha_public_key'])) { $options['recaptcha_public_key'] = trim($_POST['recaptcha_public_key']); } if (isset($_POST['recaptcha_private_key'])) { $options['recaptcha_private_key'] = trim($_POST['recaptcha_private_key']); } if (!isset($results['empty_wp_fields'])) { if (isset($_POST['show_wp_password'])) { array_push($options['wp_hidden_fields'], 'password'); if (!in_array("password", $old_wp_hidden_fields)) { $data = $wp_hidden_fields['password']; $data['num_fields'] = $tot_wp_hidden_fields; $tot_wp_hidden_fields++; cimy_save_field($action, $wpdb_wp_fields_table, $data); } if (isset($_POST['show_wp_password2'])) { array_push($options['wp_hidden_fields'], 'password2'); if (!in_array("password2", $old_wp_hidden_fields)) { $data = $wp_hidden_fields['password2']; $data['num_fields'] = $tot_wp_hidden_fields; $tot_wp_hidden_fields++; cimy_save_field($action, $wpdb_wp_fields_table, $data); } } isset($_POST['show_wp_password_meter']) ? $options['password_meter'] = true : ($options['password_meter'] = false); } else { $options['password_meter'] = false; } $db_wp_fields_independent = array("firstname", "lastname", "nickname", "website", "aim", "yahoo", "jgt", "bio-info"); foreach ($db_wp_fields_independent as $wp_field_independent) { if (isset($_POST['show_wp_' . $wp_field_independent])) { array_push($options['wp_hidden_fields'], $wp_field_independent); if (!in_array($wp_field_independent, $old_wp_hidden_fields)) { $data = $wp_hidden_fields[$wp_field_independent]; $data['num_fields'] = $tot_wp_hidden_fields; $tot_wp_hidden_fields++; cimy_save_field($action, $wpdb_wp_fields_table, $data); } } } } $all_wp_fields = get_cimyFields(true); $sql = "DELETE FROM " . $wpdb_wp_fields_table . " WHERE "; $k = -1; $j = -1; $msg = ""; $not_del_old = ""; $not_del_sql = ""; foreach ($all_wp_fields as $wp_field) { $f_name = strtolower($wp_field['NAME']); $f_order = intval($wp_field['F_ORDER']); if (!in_array($f_name, $options['wp_hidden_fields'])) { if (in_array($f_name, $old_wp_hidden_fields)) { if ($k > -1) { $sql .= " OR "; $msg .= ", "; } else { $k = $f_order; $j = $f_order; } $sql .= "F_ORDER=" . $f_order; $msg .= $f_order; } } else { if ($j > -1) { if ($not_del_old != "") { $not_del_old .= ", "; } $not_del_sql .= " WHEN " . $f_order . " THEN " . $j . " "; $not_del_old .= $f_order; $j++; } } } // if at least one field was selected if ($k > -1) { // $sql WILL BE: DELETE FROM <table> WHERE F_ORDER=<value1> [OR F_ORDER=<value2> ...] $wpdb->query($sql); if ($not_del_sql != "") { $not_del_sql = "UPDATE " . $wpdb_wp_fields_table . " SET F_ORDER=CASE F_ORDER" . $not_del_sql . "ELSE F_ORDER END WHERE F_ORDER IN(" . $not_del_old . ")"; // $not_del_sql WILL BE: UPDATE <table> SET F_ORDER=CASE F_ORDER WHEN <oldvalue1> THEN <newvalue1> [WHEN ... THEN ...] ELSE F_ORDER END WHERE F_ORDER IN(<oldvalue1> [, <oldvalue2>...]) $wpdb->query($not_del_sql); } } if (!$do_not_save_options) { cimy_set_options($options); $results['results'] = __("Options changed", $cimy_uef_domain); } return $results; }
function cimy_update_ExtraFields_new_me() { global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level, $cimy_uef_domain; include_once ABSPATH . '/wp-admin/includes/user.php'; // if updating meta-data from registration post then exit if (isset($_POST['cimy_post'])) { return; } if (isset($_POST['user_id'])) { $get_user_id = $_POST['user_id']; if (!current_user_can('edit_user', $get_user_id)) { return; } } else { return; } //echo "asd"; if (!function_exists('get_cimyFields')) { return; } $get_user_id = intval($get_user_id); $profileuser = get_user_to_edit($get_user_id); $user_login = $profileuser->user_login; $user_displayname = $profileuser->display_name; $extra_fields = get_cimyFields(false, true); $query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID"; $i = 0; $field_ids = ""; $mail_changes = ""; foreach ($extra_fields as $thisField) { $field_id = $thisField["ID"]; $name = $thisField["NAME"]; $type = $thisField["TYPE"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $unique_id = $fields_name_prefix . $field_id; $input_name = $fields_name_prefix . esc_attr($name); $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the profile is NOT activated, skip it if (!$rules['show_in_profile']) { continue; } } $prev_value = $wpdb->escape(stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"])); if (cimy_uef_is_field_disabled($type, $rules['edit'], $prev_value)) { continue; } if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) { if ($type == "dropdown-multi") { $field_value = stripslashes(implode(",", $_POST[$input_name])); } else { $field_value = stripslashes($_POST[$input_name]); } if ($type == "picture-url") { $field_value = str_replace('../', '', $field_value); } if (isset($rules['max_length'])) { $field_value = substr($field_value, 0, $rules['max_length']); } else { $field_value = substr($field_value, 0, $max_length_value); } $field_value = $wpdb->escape($field_value); if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; switch ($type) { case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; case 'picture-url': case 'textarea': case 'textarea-rich': case 'password': case 'text': $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; break; case 'checkbox': $value = $field_value == '1' ? "'YES'" : "'NO'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; break; case 'radio': $value = $field_value == $field_id ? "'selected'" : "''"; $prev_value = "'" . $prev_value . "'"; break; } $query .= $value; } else { $rules = $thisField['RULES']; if (in_array($type, $cimy_uef_file_types)) { if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (isset($_POST[$input_name . '_del'])) { $delete_file = true; } else { $delete_file = false; } if (isset($_POST[$input_name . "_" . $field_id . "_prev_value"])) { $old_file = stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]); } else { $old_file = false; } $field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); if (!empty($field_value) || $delete_file) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } else { $prev_value = $value; $file_on_server = cimy_uef_get_dir_or_filename($user_login, $old_file, false); if ($type == "picture" || $type == "avatar") { cimy_uef_crop_image($file_on_server, $field_id_data); } } } if ($type == 'checkbox') { // if can be editable then write NO // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = "NO"; $value = "'" . $field_value . "'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } if ($type == 'dropdown-multi') { // if can be editable then write '' // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = ''; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } } if ($rules["email_admin"] && $value != $prev_value && $type != "registration-date") { $mail_changes .= sprintf(__("%s previous value: %s new value: %s", $cimy_uef_domain), $label, stripslashes($prev_value), stripslashes($value)); $mail_changes .= "\r\n"; } } if ($i > 0) { $query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id; // $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id> $wpdb->query($query); } // mail only if set and if there is something to mail if (!empty($mail_changes)) { $admin_email = get_option('admin_email'); $mail_subject = sprintf(__("%s (%s) has changed one or more fields", $cimy_uef_domain), $user_displayname, $user_login); wp_mail($admin_email, $mail_subject, $mail_changes); } }
function cimy_registration_form($errors = null, $show_type = 0) { global $wpdb, $start_cimy_uef_comment, $end_cimy_uef_comment, $rule_maxlen_needed, $fields_name_prefix, $wp_fields_name_prefix, $cuef_plugin_dir, $cimy_uef_file_types, $cimy_uef_textarea_types, $user_level, $cimy_uef_domain, $cimy_uef_file_images_types, $cimy_uef_text_types; if (cimy_is_at_least_wordpress35()) { cimy_switch_to_blog(); } $my_user_level = $user_level; // -1 == anonymous if (!is_user_logged_in()) { $my_user_level = -1; } $extra_fields = get_cimyFields(false, true); $wp_fields = get_cimyFields(true); if (is_multisite()) { $input_class = "cimy_uef_input_mu"; } else { $input_class = "cimy_uef_input_27"; } $options = cimy_get_options(); $tabindex = 21; echo $start_cimy_uef_comment; // needed to apply default values only first time and not in case of errors echo "\t<input type=\"hidden\" name=\"cimy_post\" value=\"1\" />\n"; if ($options['confirm_form']) { if ($show_type == 0) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"1\" />\n"; } else { if ($show_type == 2) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"2\" />\n"; } } } $radio_checked = array(); $i = 1; // confirmation page, all fields are plain text + hidden fields to carry over values if ($show_type == 2) { $user_email = $_POST["user_email"]; if (in_array("username", $options["wp_hidden_fields"])) { $username = $_POST["user_login"]; ?> <p id="user_login_p"> <label for="user_login"><?php _e("Username"); ?> </label><?php echo esc_html($username); ?> </p> <?php } else { $username = $user_email; } $upload_dir = cimy_uef_get_dir_or_filename(""); $dirs = glob($upload_dir . ".cimytemp_*.tmp"); if (is_array($dirs)) { foreach ($dirs as $dir) { $diff = current_time('timestamp', true) - filemtime($dir); // If older than two days delete! if ($diff > 172800) { cimy_rfr($dir . "/", "*"); if (is_dir($dir)) { rmdir($dir); } } } } $temp_user_login = "******" . sanitize_user($username) . '_' . rand() . '.tmp'; ?> <input type="hidden" name="temp_user_login" value="<?php echo esc_attr($temp_user_login); ?> " /> <input type="hidden" name="user_login" id="user_login" value="<?php echo esc_attr($username); ?> " /> <p id="user_email_p"> <label for="user_email"><?php _e("E-mail"); ?> </label><input type="hidden" name="user_email" id="user_email" value="<?php echo esc_attr($user_email); ?> " /><?php echo esc_html($user_email); ?> </p> <br /> <?php } // do first the WP fields then the EXTRA fields while ($i <= 2) { if ($i == 1) { $fields = $wp_fields; $prefix = $wp_fields_name_prefix; } else { $fields = $extra_fields; $prefix = $fields_name_prefix; $current_fieldset = -1; if (!empty($options['fieldset_title'])) { $fieldset_titles = explode(',', $options['fieldset_title']); } else { $fieldset_titles = array(); } } $tiny_mce_objects = ""; foreach ($fields as $thisField) { $field_id = $thisField['ID']; $name = $thisField['NAME']; $rules = $thisField['RULES']; $type = $thisField['TYPE']; $old_type = $type; $label = cimy_wpml_translate_string($name . "_label", $thisField["LABEL"]); $description = cimy_uef_sanitize_content(cimy_wpml_translate_string($name . "_desc", $thisField["DESCRIPTION"])); $fieldset = empty($thisField['FIELDSET']) ? 0 : $thisField['FIELDSET']; $maxlen = 0; $unique_id = $prefix . $field_id; $input_name = $prefix . esc_attr($name); $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); // do not dupe username if ($i == 1 && $name == "USERNAME") { continue; } // showing the search then there is no need for upload buttons if ($show_type == 1) { if ($type == "password") { continue; } if (in_array($type, $cimy_uef_file_types)) { $type = "text"; } } else { if ($show_type == 2) { $type = "hidden"; } } // if the current user LOGGED IN has not enough permissions to see the field, skip it if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($my_user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { if ($show_type == 0 || $show_type == 2) { // if flag to show the field in the registration is NOT activated, skip it if (!$rules['show_in_reg']) { continue; } } else { if ($show_type == 1) { // if flag to show the field in the blog is NOT activated, skip it if (!$rules['show_in_search']) { continue; } } } } // uploading a file is not supported when confirmation email is enabled (on MS is turned on by default yes) if ((is_multisite() || $options["confirm_email"]) && in_array($type, $cimy_uef_file_types)) { continue; } if (isset($_POST[$input_name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_POST[$input_name])); } else { $value = stripslashes($_POST[$input_name]); } } else { if (isset($_GET[$name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_GET[$name])); } else { $value = stripslashes($_GET[$name]); } } else { if (!isset($_POST["cimy_post"])) { $value = $thisField['VALUE']; switch ($type) { case "radio": if ($value == "YES") { $value = $field_id; } else { $value = ""; } break; case "checkbox": if ($value == "YES") { $value = "1"; } else { $value = ""; } break; } } else { $value = ""; } } } if ($i != 1 && $fieldset > $current_fieldset && isset($fieldset_titles[$fieldset])) { $current_fieldset = $fieldset; if (isset($fieldset_titles[$current_fieldset])) { echo "\n\t<h2>" . esc_html(cimy_wpml_translate_string("a_opt_fieldset_title_" . $current_fieldset, $fieldset_titles[$current_fieldset])) . "</h2>\n"; } } if (!empty($description) && $type != "registration-date") { echo "\t"; echo '<p id="' . $prefix . 'p_desc_' . $field_id . '" class="description"><br />' . $description . '</p>'; echo "\n"; } echo "\t"; echo '<p id="' . $prefix . 'p_field_' . $field_id . '">'; echo "\n\t"; $obj_class = ""; switch ($type) { case "date": $obj_class = " datepicker"; case "picture-url": case "password": case "text": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . $obj_class . '"'; $obj_name = ' name="' . $input_name . '"'; if (in_array($type, $cimy_uef_text_types)) { $obj_type = ' type="text"'; } else { $obj_type = ' type="' . $type . '"'; } $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "dropdown": case "dropdown-multi": // cimy_dropDownOptions uses cimy_uef_sanitize_content and esc_attr by itself $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; $html = $ret['html']; if ($type == "dropdown-multi") { $obj_name = ' name="' . $input_name . '[]" multiple="multiple" size="6"'; } else { $obj_name = ' name="' . $input_name . '"'; } $obj_label = '<label for="' . $unique_id . '">' . $label . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_type = ''; $obj_value = ''; $obj_value2 = $html; $obj_checked = ""; $obj_tag = "select"; $obj_closing_tag = true; break; case "textarea": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "textarea-rich": if (empty($tiny_mce_objects)) { $tiny_mce_objects = $fields_name_prefix . $field_id; } else { $tiny_mce_objects .= "," . $fields_name_prefix . $field_id; } $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "checkbox": $obj_label = '<label class="cimy_uef_label_checkbox" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label><br />'; $obj_class = ' class="cimy_uef_checkbox"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="1"'; $obj_value2 = ""; $value == "1" ? $obj_checked = ' checked="checked"' : ($obj_checked = ''); $obj_tag = "input"; $obj_closing_tag = false; break; case "radio": $obj_label = '<label class="cimy_uef_label_radio" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="cimy_uef_radio"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="' . $field_id . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; // do not check if another check was done if (intval($value) == intval($field_id) && !in_array($name, $radio_checked)) { $obj_checked = ' checked="checked"'; $radio_checked += array($name => true); } else { $obj_checked = ''; } break; case "avatar": case "picture": case "file": $allowed_exts = ''; if (isset($rules['equal_to'])) { if ($rules['equal_to'] != "") { $allowed_exts = "'" . implode("', '", explode(",", $rules['equal_to'])) . "'"; } } if ($type == "file") { // if we do not escape then some translations can break $warning_msg = esc_js(__("Please upload a file with one of the following extensions", $cimy_uef_domain)); $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(' . $allowed_exts . '));"'; } else { // if we do not escape then some translations can break $warning_msg = esc_js(__("Please upload an image with one of the following extensions", $cimy_uef_domain)); $allowed_exts = "'" . implode("','", cimy_uef_get_allowed_image_extensions()) . "'"; $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(' . $allowed_exts . '));"'; } $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; $obj_class = ' class="cimy_uef_picture"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="file"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "hidden": $obj_label = ""; $obj_value2 = ""; switch ($old_type) { case 'checkbox': $value == 1 ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'radio': intval($value) == intval($field_id) ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; break; case 'picture': case 'avatar': case 'file': if ($old_type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } $value = cimy_manage_upload($input_name, $temp_user_login, $rules, false, false, $old_type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); $file_on_server = cimy_uef_get_dir_or_filename($temp_user_login, $value, false); $file_thumb = cimy_uef_get_dir_or_filename($temp_user_login, $value, true); if (!empty($advanced_options["no-thumb"]) && is_file($file_thumb)) { rename($file_thumb, $file_on_server); } // yea little trick empty($value) ? $obj_value2 = " " : ($obj_value2 = esc_html(basename($value))); break; } if ($old_type != "password") { $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; if (empty($obj_value2)) { $obj_value2 = cimy_uef_sanitize_content($value); } } $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "registration-date": $obj_label = ''; $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; } $obj_id = ' id="' . $unique_id . '"'; // tabindex not used in MU, WordPress 3.5+ and Theme My Login dropping... if (is_multisite() || cimy_is_at_least_wordpress35() || cimy_uef_is_theme_my_login_register_page()) { $obj_tabindex = ""; } else { $obj_tabindex = ' tabindex="' . strval($tabindex) . '"'; $tabindex++; } $obj_maxlen = ""; if (in_array($type, $rule_maxlen_needed) && !in_array($type, $cimy_uef_file_types)) { if (isset($rules['max_length'])) { $obj_maxlen = ' maxlength="' . $rules['max_length'] . '"'; } else { if (isset($rules['exact_length'])) { $obj_maxlen = ' maxlength="' . $rules['exact_length'] . '"'; } } } if (in_array($type, $cimy_uef_textarea_types)) { $obj_rowscols = ' rows="3" cols="25"'; } else { $obj_rowscols = ''; } echo "\t"; $form_object = '<' . $obj_tag . $obj_type . $obj_name . $obj_id . $obj_class . $obj_value . $obj_checked . $obj_maxlen . $obj_rowscols . $obj_tabindex; if ($obj_closing_tag) { $form_object .= ">" . $obj_value2 . "</" . $obj_tag . ">"; } else { if ($type == "hidden") { $form_object .= " />" . $obj_value2; if (in_array($old_type, $cimy_uef_file_types)) { $f_size = empty($_FILES[$input_name]['size']) ? 0 : $_FILES[$input_name]['size']; $f_type = empty($_FILES[$input_name]['type']) ? "" : $_FILES[$input_name]['type']; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_size\" id=\"" . esc_attr($field_id_data) . "_size\" value=\"" . esc_attr(strval($f_size / 1024)) . "\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_type\" id=\"" . esc_attr($field_id_data) . "_type\" value=\"" . esc_attr(strval($f_type)) . "\" />"; } if (in_array($old_type, $cimy_uef_file_images_types) && is_file($file_on_server)) { echo '<img id="' . esc_attr($field_id_data) . '" src="' . esc_attr($value) . '" alt="picture" /><br />'; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_button\" id=\"" . esc_attr($field_id_data) . "_button\" value=\"1\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x1\" id=\"" . esc_attr($field_id_data) . "_x1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y1\" id=\"" . esc_attr($field_id_data) . "_y1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x2\" id=\"" . esc_attr($field_id_data) . "_x2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y2\" id=\"" . esc_attr($field_id_data) . "_y2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_w\" id=\"" . esc_attr($field_id_data) . "_w\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_h\" id=\"" . esc_attr($field_id_data) . "_h\" value=\"\" />"; $imgarea_options = "handles: true, fadeSpeed: 200, onSelectChange: preview"; if (isset($advanced_options["crop_x1"]) && isset($advanced_options["crop_y1"]) && isset($advanced_options["crop_x2"]) && isset($advanced_options["crop_y2"])) { $imgarea_options .= ", x1: " . intval($advanced_options["crop_x1"]); $imgarea_options .= ", y1: " . intval($advanced_options["crop_y1"]); $imgarea_options .= ", x2: " . intval($advanced_options["crop_x2"]); $imgarea_options .= ", y2: " . intval($advanced_options["crop_y2"]); } if (!empty($advanced_options["crop_ratio"])) { $imgarea_options .= ", aspectRatio: '" . esc_js($advanced_options["crop_ratio"]) . "'"; } else { if ($type == "avatar") { $imgarea_options .= ", aspectRatio: '1:1'"; } } echo "<script type='text/javascript'>jQuery(document).ready(function () { jQuery('#" . esc_js($field_id_data) . "').imgAreaSelect({ " . $imgarea_options . " }); });</script>"; } } else { $form_object .= " />"; } } if ($type != "radio" && $type != "checkbox") { echo $obj_label; } if (is_multisite() && is_wp_error($errors)) { if ($errmsg = $errors->get_error_message($unique_id)) { echo '<p class="error">' . $errmsg . '</p>'; } } // TinceMCE needed and we have WordPress >= 3.3 yummy! if ($type == "textarea-rich" && function_exists("wp_editor")) { ?> <script type='text/javascript'> var login_div = document.getElementById("login"); login_div.style.width = "535px"; </script> <?php $quicktags_settings = array('buttons' => 'strong,em,link,block,del,ins,img,ul,ol,li,code,spell,close'); $editor_settings = array('textarea_name' => $input_name, 'teeny' => false, 'textarea_rows' => '10', 'dfw' => false, 'media_buttons' => true, 'tinymce' => true, 'quicktags' => $quicktags_settings); if (!empty($obj_tabindex)) { $editor_settings['tabindex'] = $tabindex; } wp_editor($value, $unique_id, $editor_settings); } else { echo $form_object; } if ($type == "date") { echo cimy_uef_date_picker_options($unique_id, $rules); } if ($show_type == 0 && $i == 1 && $options['password_meter']) { if ($input_name == $prefix . "PASSWORD") { $pass1_id = $unique_id; } if ($input_name == $prefix . "PASSWORD2") { echo "\n\t\t<div id=\"pass-strength-result\" class=\"hide-if-no-js\" aria-live=\"polite\">" . __('Strength indicator') . "</div>"; echo "\n\t\t<p class=\"description indicator-hint\">" . __('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).') . "</p><br />"; $pass2_id = $unique_id; } } if (!($type != "radio" && $type != "checkbox")) { echo $obj_label; } echo "\n\t</p>\n"; if ($type == "textarea-rich" || in_array($type, $cimy_uef_file_types)) { echo "\t<br />\n"; } } $i++; } echo "\t<br />"; if ($show_type != 2 && $options['captcha'] == "securimage") { global $cuef_securimage_webpath; if (is_multisite()) { if (is_wp_error($errors) && ($errmsg = $errors->get_error_message("securimage_code"))) { echo '<p class="error">' . $errmsg . '</p>'; } } require_once $cuef_plugin_dir . '/securimage/securimage.php'; $captcha_options = array(); $captcha_options['image_id'] = 'captcha'; $captcha_options['input_name'] = 'securimage_response_field'; $captcha_options['input_text'] = __("Insert the code:", $cimy_uef_domain); $captcha_options['refresh_alt_text'] = __("Change image", $cimy_uef_domain); $captcha_options['refresh_title_text'] = __("Change image", $cimy_uef_domain); $captcha_options['show_audio_button'] = true; $captcha_options['show_refresh_button'] = true; echo Securimage::getCaptchaHtml($captcha_options); } if ($show_type != 2) { if (is_multisite() && is_wp_error($errors) && ($errmsg = $errors->get_error_message("recaptcha_code"))) { echo '<p class="error">' . $errmsg . '</p>'; } if ($options['captcha'] == "recaptcha2" && !empty($options['recaptcha2_site_key']) && !empty($options['recaptcha2_secret_key'])) { ?> <div class="g-recaptcha" data-sitekey="<?php echo esc_attr($options['recaptcha2_site_key']); ?> " <?php if (!empty($obj_tabindex)) { echo "data-tabindex=" . $tabindex; } $tabindex++; ?> data-size="compact" > </div> <?php } if ($options['captcha'] == "recaptcha" && !empty($options['recaptcha_public_key']) && !empty($options['recaptcha_private_key'])) { require_once $cuef_plugin_dir . '/recaptcha/recaptchalib.php'; ?> <script type='text/javascript'> var RecaptchaOptions = { lang: '<?php echo substr(get_locale(), 0, 2); ?> ' <?php if (!empty($obj_tabindex)) { echo ", tabindex: " . $tabindex; } $tabindex++; ?> }; </script> <?php // no need if Tiny MCE is present already if (empty($tiny_mce_objects)) { ?> <script type='text/javascript'> var login_div = document.getElementById("login"); login_div.style.width = "375px"; </script> <?php } echo recaptcha_get_html($options['recaptcha_public_key'], null, is_ssl()); } } cimy_switch_current_blog(true); echo $end_cimy_uef_comment; }
function cimy_register_user_extra_fields($user_id, $password = "", $meta = array()) { global $wpdb_data_table, $wpdb, $max_length_value, $fields_name_prefix, $wp_fields_name_prefix, $wp_hidden_fields, $cimy_uef_file_types, $user_level; if (isset($meta["blog_id"])) { cimy_switch_to_blog($meta); } // avoid to save stuff if user is being added from: /wp-admin/user-new.php if ($_POST["action"] == "adduser") { return; } // if not set, set to -1 == anonymous if (!isset($user_level)) { $user_level = -1; } $options = cimy_get_options(); $extra_fields = get_cimyFields(false, true); $wp_fields = get_cimyFields(true); $user_signups = false; if (!is_multisite() && $options["confirm_email"] && empty($meta)) { $user_signups = true; } // ok ok this is yet another call from wp_create_user function under cimy_uef_activate_signup, we are not yet ready for this, aboooort! if ($user_signups) { $user = new WP_User((int) $user_id); $signup = $wpdb->get_row($wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "signups WHERE user_login = %s AND active = 0", $user->user_login)); if (!empty($signup)) { return; } } $i = 1; // do first for the WP fields then for EXTRA fields while ($i <= 2) { if ($i == 1) { $are_wp_fields = true; $fields = $wp_fields; $prefix = $wp_fields_name_prefix; } else { $are_wp_fields = false; $fields = $extra_fields; $prefix = $fields_name_prefix; } $i++; foreach ($fields as $thisField) { $type = $thisField["TYPE"]; $name = $thisField["NAME"]; $field_id = $thisField["ID"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $input_name = $prefix . $wpdb->escape($name); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($user_level < $rules['show_level']) { continue; } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the registration is NOT activated, skip it if (!$rules['show_in_reg']) { continue; } } // uploading a file is not supported when confirmation email is enabled (on MS is turned on by default yes) if ((is_multisite() || $options["confirm_email"]) && in_array($type, $cimy_uef_file_types)) { continue; } if (isset($meta[$input_name])) { $data = stripslashes($meta[$input_name]); } else { if (isset($_POST[$input_name])) { if ($type == "dropdown-multi") { $data = stripslashes(implode(",", $_POST[$input_name])); } else { $data = stripslashes($_POST[$input_name]); } } else { $data = ""; } } if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (in_array($type, $cimy_uef_file_types)) { $data = cimy_manage_upload($input_name, sanitize_user($_POST['user_login']), $rules, false, false, $type); } else { if ($type == "picture-url") { $data = str_replace('../', '', $data); } if (isset($rules['max_length'])) { $data = substr($data, 0, $rules['max_length']); } else { $data = substr($data, 0, $max_length_value); } } $data = $wpdb->escape($data); if ($user_signups) { $meta[$input_name] = $data; } else { if (!$are_wp_fields) { $sql = "INSERT INTO " . $wpdb_data_table . " SET USER_ID = " . $user_id . ", FIELD_ID=" . $field_id . ", "; switch ($type) { case 'avatar': case 'picture-url': case 'picture': case 'textarea': case 'textarea-rich': case 'dropdown': case 'dropdown-multi': case 'password': case 'text': case 'file': $field_value = $data; break; case 'checkbox': $field_value = $data == '1' ? "YES" : "NO"; break; case 'radio': $field_value = $data == $field_id ? "selected" : ""; break; case 'registration-date': $field_value = mktime(); break; } $sql .= "VALUE='" . $field_value . "'"; $wpdb->query($sql); } else { $f_name = strtolower($thisField['NAME']); $userdata = array(); $userdata['ID'] = $user_id; $userdata[$wp_hidden_fields[$f_name]['post_name']] = $data; wp_update_user($userdata); } } } } if ($user_signups) { $sql = $wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE ID={$user_id}"); $saved_user = array_shift($wpdb->get_results($sql)); $key = substr(md5(time() . rand() . $saved_user->user_email), 0, 16); $wpdb->insert($wpdb->prefix . "signups", array('user_login' => $saved_user->user_login, 'user_email' => $saved_user->user_email, 'registered' => $saved_user->user_registered, 'active' => '0', 'activation_key' => $key, 'meta' => serialize($meta))); $sql = $wpdb->prepare("DELETE FROM {$wpdb->users} WHERE ID={$user_id}"); $wpdb->query($sql); $sql = $wpdb->prepare("DELETE FROM {$wpdb->usermeta} WHERE user_id={$user_id}"); $wpdb->query($sql); cimy_signup_user_notification($saved_user->user_login, $saved_user->user_email, $key, serialize($meta)); } cimy_switch_current_blog(true); }
function cimy_update_ExtraFields() { global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level; // if updating meta-data from registration post then exit if (isset($_POST['cimy_post'])) { return; } if (isset($_POST['user_id'])) { $get_user_id = $_POST['user_id']; if (!current_user_can('edit_user', $get_user_id)) { return; } } else { return; } $get_user_id = intval($get_user_id); $extra_fields = get_cimyFields(false, true); $query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID"; $i = 0; $field_ids = ""; foreach ($extra_fields as $thisField) { $field_id = $thisField["ID"]; $name = $thisField["NAME"]; $type = $thisField["TYPE"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $input_name = $fields_name_prefix . $wpdb->escape($name); cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($user_level < $rules['show_level']) { continue; } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the profile is NOT activated, skip it if (!$rules['show_in_profile']) { continue; } } if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) { if ($type == "dropdown-multi") { $field_value = stripslashes(implode(",", $_POST[$input_name])); } else { $field_value = stripslashes($_POST[$input_name]); } if ($type == "picture-url") { $field_value = str_replace('../', '', $field_value); } if (isset($rules['max_length'])) { $field_value = substr($field_value, 0, $rules['max_length']); } else { $field_value = substr($field_value, 0, $max_length_value); } $field_value = $wpdb->escape($field_value); if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; switch ($type) { case 'picture-url': case 'textarea': case 'textarea-rich': case 'dropdown': case 'dropdown-multi': case 'password': case 'text': $value = "'" . $field_value . "'"; break; case 'checkbox': $value = $field_value == '1' ? "'YES'" : "'NO'"; break; case 'radio': $value = $field_value == $field_id ? "'selected'" : "''"; break; } $query .= $value; } else { $rules = $thisField['RULES']; if (in_array($type, $cimy_uef_file_types)) { $profileuser = get_user_to_edit($get_user_id); $user_login = $profileuser->user_login; if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (isset($_POST[$input_name . '_del'])) { $delete_file = true; } else { $delete_file = false; } if (isset($_POST[$input_name . '_oldfile'])) { $old_file = stripslashes($_POST[$input_name . '_oldfile']); } else { $old_file = false; } $field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type); if ($field_value != "" || $delete_file) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $value = "'" . $field_value . "'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } } if ($type == 'checkbox') { // if can be editable then write NO // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($rules['edit'] == "ok_edit" || $rules['edit'] == 'edit_only_by_admin' && current_user_can('edit_users')) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; $query .= "'NO'"; } } } } if ($i > 0) { $query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id; // $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id> $wpdb->query($query); } }
function cimy_registration_form($errors = null, $show_type = 0) { global $wpdb, $start_cimy_uef_comment, $end_cimy_uef_comment, $rule_maxlen_needed, $fields_name_prefix, $wp_fields_name_prefix, $cuef_plugin_dir, $cimy_uef_file_types, $cimy_uef_textarea_types, $user_level, $cimy_uef_domain; // cimy_switch_to_blog(); $my_user_level = $user_level; // -1 == anonymous if (!is_user_logged_in()) { $my_user_level = -1; } // needed by cimy_uef_init_mce.php $cimy_uef_register_page = true; $extra_fields = get_cimyFields(false, true); $wp_fields = get_cimyFields(true); if (is_multisite()) { $input_class = "cimy_uef_input_mu"; } else { $input_class = "cimy_uef_input_27"; } $options = cimy_get_options(); $tabindex = 21; echo $start_cimy_uef_comment; // needed to apply default values only first time and not in case of errors echo "\t<input type=\"hidden\" name=\"cimy_post\" value=\"1\" />\n"; if ($options['confirm_form']) { if ($show_type == 0) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"1\" />\n"; } else { if ($show_type == 2) { echo "\t<input type=\"hidden\" name=\"register_confirmation\" value=\"2\" />\n"; } } } $radio_checked = array(); $i = 1; $upload_file_function = false; $is_jquery_added = false; $crop_image_function = false; // confirmation page, all fields are plain text + hidden fields to carry over values if ($show_type == 2) { $upload_dir = cimy_uef_get_dir_or_filename(""); $dirs = glob($upload_dir . ".cimytemp_*.tmp"); if (is_array($dirs)) { foreach ($dirs as $dir) { $diff = current_time('timestamp', true) - filemtime($dir); // If older than two days delete! if ($diff > 172800) { cimy_rfr($dir . "/", "*"); if (is_dir($dir)) { rmdir($dir); } } } } $temp_user_login = "******" . sanitize_user($_POST['user_login']) . '_' . rand() . '.tmp'; ?> <input type="hidden" name="temp_user_login" value="<?php echo esc_attr($temp_user_login); ?> " /> <p id="user_login_p"> <label for="user_login"><?php _e("Username"); ?> </label><input type="hidden" name="user_login" id="user_login" value="<?php echo esc_attr($_POST["user_login"]); ?> " /><?php echo esc_html($_POST["user_login"]); ?> </p> <p id="user_email_p"> <label for="user_email"><?php _e("E-mail"); ?> </label><input type="hidden" name="user_email" id="user_email" value="<?php echo esc_attr($_POST["user_email"]); ?> " /><?php echo esc_html($_POST["user_email"]); ?> </p> <br /> <?php } // do first the WP fields then the EXTRA fields while ($i <= 2) { if ($i == 1) { $fields = $wp_fields; $prefix = $wp_fields_name_prefix; } else { $fields = $extra_fields; $prefix = $fields_name_prefix; $current_fieldset = -1; if (!empty($options['fieldset_title'])) { $fieldset_titles = explode(',', $options['fieldset_title']); } else { $fieldset_titles = array(); } } $tiny_mce_objects = ""; foreach ($fields as $thisField) { $field_id = $thisField['ID']; $name = $thisField['NAME']; $rules = $thisField['RULES']; $type = $thisField['TYPE']; $old_type = $type; $label = $thisField['LABEL']; $description = cimy_uef_sanitize_content($thisField['DESCRIPTION']); $fieldset = empty($thisField['FIELDSET']) ? 0 : $thisField['FIELDSET']; $input_name = $prefix . esc_attr($name); $post_input_name = $prefix . $wpdb->escape($name); $maxlen = 0; $unique_id = $prefix . $field_id; $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); // showing the search then there is no need to upload buttons if ($show_type == 1) { if ($type == "password") { continue; } if ($type == "avatar" || $type == "picture" || $type == "file") { $type = "text"; } } else { if ($show_type == 2) { $type = "hidden"; } } // if the current user LOGGED IN has not enough permissions to see the field, skip it if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($my_user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { if ($show_type == 0) { // if flag to show the field in the registration is NOT activated, skip it if (!$rules['show_in_reg']) { continue; } } else { if ($show_type == 1) { // if flag to show the field in the blog is NOT activated, skip it if (!$rules['show_in_search']) { continue; } } } } // uploading a file is not supported when confirmation email is enabled (on MS is turned on by default yes) if ((is_multisite() || $options["confirm_email"]) && in_array($type, $cimy_uef_file_types)) { continue; } if (isset($_POST[$post_input_name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_POST[$post_input_name])); } else { $value = stripslashes($_POST[$post_input_name]); } } else { if (isset($_GET[$name])) { if ($type == "dropdown-multi" || $old_type == "dropdown-multi") { $value = stripslashes(implode(",", $_GET[$name])); } else { $value = stripslashes($_GET[$name]); } } else { if (!isset($_POST["cimy_post"])) { $value = $thisField['VALUE']; switch ($type) { case "radio": if ($value == "YES") { $value = $field_id; } else { $value = ""; } break; case "checkbox": if ($value == "YES") { $value = "1"; } else { $value = ""; } break; } } else { $value = ""; } } } if ($i != 1 && $fieldset > $current_fieldset && isset($fieldset_titles[$fieldset])) { $current_fieldset = $fieldset; if (isset($fieldset_titles[$current_fieldset])) { echo "\n\t<h2>" . esc_html($fieldset_titles[$current_fieldset]) . "</h2>\n"; } } if (!empty($description) && $type != "registration-date") { echo "\t"; echo '<p id="' . $prefix . 'p_desc_' . $field_id . '" class="desc"><br />' . $description . '</p>'; echo "\n"; } echo "\t"; echo '<p id="' . $prefix . 'p_field_' . $field_id . '">'; echo "\n\t"; switch ($type) { case "picture-url": case "password": case "text": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; if ($type == "picture-url") { $obj_type = ' type="text"'; } else { $obj_type = ' type="' . $type . '"'; } $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "dropdown": case "dropdown-multi": // cimy_dropDownOptions uses cimy_uef_sanitize_content and esc_attr by itself $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; $html = $ret['html']; if ($type == "dropdown-multi") { $obj_name = ' name="' . $input_name . '[]" multiple="multiple" size="6"'; } else { $obj_name = ' name="' . $input_name . '"'; } $obj_label = '<label for="' . $unique_id . '">' . $label . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_type = ''; $obj_value = ''; $obj_value2 = $html; $obj_checked = ""; $obj_tag = "select"; $obj_closing_tag = true; break; case "textarea": $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "textarea-rich": if ($tiny_mce_objects == "") { $tiny_mce_objects = $fields_name_prefix . $field_id; } else { $tiny_mce_objects .= "," . $fields_name_prefix . $field_id; } $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="' . $input_class . '"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ""; $obj_value = ""; $obj_value2 = esc_html($value); $obj_checked = ""; $obj_tag = "textarea"; $obj_closing_tag = true; break; case "checkbox": $obj_label = '<label class="cimy_uef_label_checkbox" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label><br />'; $obj_class = ' class="cimy_uef_checkbox"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="1"'; $obj_value2 = ""; $value == "1" ? $obj_checked = ' checked="checked"' : ($obj_checked = ''); $obj_tag = "input"; $obj_closing_tag = false; break; case "radio": $obj_label = '<label class="cimy_uef_label_radio" for="' . $unique_id . '"> ' . cimy_uef_sanitize_content($label) . '</label>'; $obj_class = ' class="cimy_uef_radio"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="' . $type . '"'; $obj_value = ' value="' . $field_id . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; // do not check if another check was done if (intval($value) == intval($field_id) && !in_array($name, $radio_checked)) { $obj_checked = ' checked="checked"'; $radio_checked += array($name => true); } else { $obj_checked = ''; } break; case "avatar": case "picture": case "file": $allowed_exts = ''; if (isset($rules['equal_to'])) { if ($rules['equal_to'] != "") { $allowed_exts = "'" . implode("', '", explode(",", $rules['equal_to'])) . "'"; } } if ($type == "file") { // if we do not escape then some translations can break $warning_msg = $wpdb->escape(__("Please upload a file with one of the following extensions", $cimy_uef_domain)); $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(' . $allowed_exts . '));"'; } else { // if we do not escape then some translations can break $warning_msg = $wpdb->escape(__("Please upload an image with one of the following extensions", $cimy_uef_domain)); $obj_checked = ' onchange="uploadFile(\'registerform\', \'' . $unique_id . '\', \'' . $warning_msg . '\', Array(\'gif\', \'png\', \'jpg\', \'jpeg\', \'tiff\'));"'; } // javascript will be added later $upload_file_function = true; $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; $obj_class = ' class="cimy_uef_picture"'; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="file"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "hidden": $obj_label = ""; $obj_value2 = ""; switch ($old_type) { case 'checkbox': $value == 1 ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'radio': intval($value) == intval($field_id) ? $obj_value2 = __("YES", $cimy_uef_domain) : ($obj_value2 = __("NO", $cimy_uef_domain)); break; case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $value); $label = $ret['label']; break; case 'picture': case 'avatar': case 'file': $value = cimy_manage_upload($input_name, $temp_user_login, $rules, false, false, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); $file_on_server = cimy_uef_get_dir_or_filename($temp_user_login, $value, false); $file_thumb = cimy_uef_get_dir_or_filename($temp_user_login, $value, true); if ($advanced_options["no-thumb"] && is_file($file_thumb)) { rename($file_thumb, $file_on_server); } // yea little trick $obj_value2 = " "; break; } if ($old_type != "password") { $obj_label = '<label for="' . $unique_id . '">' . cimy_uef_sanitize_content($label) . ' </label>'; if (empty($obj_value2)) { $obj_value2 = cimy_uef_sanitize_content($value); } } $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; case "registration-date": $obj_label = ''; $obj_class = ''; $obj_name = ' name="' . $input_name . '"'; $obj_type = ' type="hidden"'; $obj_value = ' value="' . esc_attr($value) . '"'; $obj_value2 = ""; $obj_checked = ""; $obj_tag = "input"; $obj_closing_tag = false; break; } $obj_id = ' id="' . $unique_id . '"'; // tabindex not used in MU, dropping... if (is_multisite()) { $obj_tabindex = ""; } else { $obj_tabindex = ' tabindex="' . strval($tabindex) . '"'; $tabindex++; } $obj_maxlen = ""; if (in_array($type, $rule_maxlen_needed) && !in_array($type, $cimy_uef_file_types)) { if (isset($rules['max_length'])) { $obj_maxlen = ' maxlength="' . $rules['max_length'] . '"'; } else { if (isset($rules['exact_length'])) { $obj_maxlen = ' maxlength="' . $rules['exact_length'] . '"'; } } } if (in_array($type, $cimy_uef_textarea_types)) { $obj_rowscols = ' rows="3" cols="25"'; } else { $obj_rowscols = ''; } echo "\t"; $form_object = '<' . $obj_tag . $obj_type . $obj_name . $obj_id . $obj_class . $obj_value . $obj_checked . $obj_maxlen . $obj_rowscols . $obj_tabindex; if ($obj_closing_tag) { $form_object .= ">" . $obj_value2 . "</" . $obj_tag . ">"; } else { if ($type == "hidden") { $form_object .= " />" . $obj_value2; if (in_array($old_type, $cimy_uef_file_types)) { echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_size\" id=\"" . esc_attr($field_id_data) . "_size\" value=\"" . strval($_FILES[$input_name]['size'] / 1024) . "\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_type\" id=\"" . esc_attr($field_id_data) . "_type\" value=\"" . strval($_FILES[$input_name]['type']) . "\" />"; } if (($old_type == "picture" || $old_type == "avatar") && is_file($file_on_server)) { if (!$is_jquery_added) { wp_print_scripts("jquery"); $is_jquery_added = true; } $crop_image_function = true; echo '<img id="' . esc_attr($field_id_data) . '" src="' . esc_attr($value) . '" alt="picture" /><br />'; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_button\" id=\"" . esc_attr($field_id_data) . "_button\" value=\"1\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x1\" id=\"" . esc_attr($field_id_data) . "_x1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y1\" id=\"" . esc_attr($field_id_data) . "_y1\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_x2\" id=\"" . esc_attr($field_id_data) . "_x2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_y2\" id=\"" . esc_attr($field_id_data) . "_y2\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_w\" id=\"" . esc_attr($field_id_data) . "_w\" value=\"\" />"; echo "<input type=\"hidden\" name=\"" . esc_attr($field_id_data) . "_h\" id=\"" . esc_attr($field_id_data) . "_h\" value=\"\" />"; $imgarea_options = "handles: true, fadeSpeed: 200, onSelectChange: preview"; if (isset($advanced_options["crop_x1"]) && isset($advanced_options["crop_y1"]) && isset($advanced_options["crop_x2"]) && isset($advanced_options["crop_y2"])) { $imgarea_options .= ", x1: " . intval($advanced_options["crop_x1"]); $imgarea_options .= ", y1: " . intval($advanced_options["crop_y1"]); $imgarea_options .= ", x2: " . intval($advanced_options["crop_x2"]); $imgarea_options .= ", y2: " . intval($advanced_options["crop_y2"]); } if (!empty($advanced_options["crop_ratio"])) { $imgarea_options .= ", aspectRatio: '" . esc_js($advanced_options["crop_ratio"]) . "'"; } else { if ($type == "avatar") { $imgarea_options .= ", aspectRatio: '1:1'"; } } echo "<script type='text/javascript'>jQuery(document).ready(function () { jQuery('#" . esc_js($field_id_data) . "').imgAreaSelect({ " . $imgarea_options . " }); });</script>"; } } else { $form_object .= " />"; } } if ($type != "radio" && $type != "checkbox") { echo $obj_label; } if (is_multisite()) { if ($errmsg = $errors->get_error_message($unique_id)) { echo '<p class="error">' . $errmsg . '</p>'; } } // write to the html the form object built echo $form_object; if ($show_type == 0 && $i == 1 && $options['password_meter']) { if ($input_name == $prefix . "PASSWORD") { $pass1_id = $unique_id; } if ($input_name == $prefix . "PASSWORD2") { echo "\n\t\t<div id=\"pass-strength-result\">" . __('Strength indicator') . "</div>"; echo "\n\t\t<p class=\"description indicator-hint\">" . __('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).') . "</p><br />"; $pass2_id = $unique_id; } } if (!($type != "radio" && $type != "checkbox")) { echo $obj_label; } echo "\n\t</p>\n"; if ($type == "textarea-rich" || in_array($type, $cimy_uef_file_types)) { echo "\t<br />\n"; } } $i++; } echo "\t<br />"; if ($show_type == 0) { if (!empty($tiny_mce_objects)) { require_once $cuef_plugin_dir . '/cimy_uef_init_mce.php'; } if ($options['password_meter']) { if (!$is_jquery_added) { wp_print_scripts("jquery"); $is_jquery_added = true; } require_once $cuef_plugin_dir . '/cimy_uef_init_strength_meter.php'; } } if ($crop_image_function) { wp_print_scripts('imgareaselect'); wp_print_styles('imgareaselect'); wp_print_scripts('cimy_uef_img_selection'); } if ($show_type != 2 && $options['captcha'] == "securimage") { global $cuef_securimage_webpath; ?> <div style="width: 278px; float: left; height: 80px; vertical-align: text-top;"> <img id="captcha" align="left" style="padding-right: 5px; border: 0" src="<?php echo $cuef_securimage_webpath; ?> /securimage_show_captcha.php" alt="CAPTCHA Image" /> <object type="application/x-shockwave-flash" data="<?php echo $cuef_securimage_webpath; ?> /securimage_play.swf?audio=<?php echo $cuef_securimage_webpath; ?> /securimage_play.php&bgColor1=#fff&bgColor2=#fff&iconColor=#777&borderWidth=1&borderColor=#000" height="19" width="19"><param name="movie" value="<?php echo $cuef_securimage_webpath; ?> /securimage_play.swf?audio=<?php echo $cuef_securimage_webpath; ?> /securimage_play.php&bgColor1=#fff&bgColor2=#fff&iconColor=#777&borderWidth=1&borderColor=#000" /></object> <br /><br /><br /><br /> <a align="right" tabindex="<?php echo $tabindex; $tabindex++; ?> " style="border-style: none" href="#" onclick="document.getElementById('captcha').src = '<?php echo $cuef_securimage_webpath; ?> /securimage_show_captcha.php?' + Math.random(); return false"><img src="<?php echo $cuef_securimage_webpath; ?> /images/refresh.gif" alt="<?php _e("Change image", $cimy_uef_domain); ?> " border="0" onclick="this.blur()" align="bottom" /></a> </div> <div style="width: 278px; float: left; height: 50px; vertical-align: bottom; padding: 5px;"> <?php _e("Insert the code:", $cimy_uef_domain); ?> <input type="text" name="securimage_response_field" size="10" maxlength="6" tabindex="<?php echo $tabindex; $tabindex++; ?> " /> </div> <?php } if ($show_type != 2 && $options['captcha'] == "recaptcha" && !empty($options['recaptcha_public_key']) && !empty($options['recaptcha_private_key'])) { require_once $cuef_plugin_dir . '/recaptcha/recaptchalib.php'; ?> <script type='text/javascript'> var RecaptchaOptions = { lang: '<?php echo substr(get_locale(), 0, 2); ?> ', tabindex : <?php echo strval($tabindex); $tabindex++; ?> }; </script> <?php // no need if Tiny MCE is present already if ($tiny_mce_objects == "") { ?> <script type='text/javascript'> var login_div = document.getElementById("login"); login_div.style.width = "375px"; </script> <?php } echo recaptcha_get_html($options['recaptcha_public_key']); } if ($upload_file_function) { wp_print_scripts("cimy_uef_upload_file"); } cimy_switch_current_blog(true); echo $end_cimy_uef_comment; }