function cp_calculated_fields_form_check_posted_data()
{
    global $wpdb;
    if (isset($_GET['cp_calculatedfieldsf_ipncheck']) && $_GET['cp_calculatedfieldsf_ipncheck'] == '1' && isset($_GET["itemnumber"])) {
        cp_calculatedfieldsf_check_IPN_verification();
    }
    if (isset($_GET) && array_key_exists('cp_calculated_fields_form_post', $_GET)) {
        if ($_GET["cp_calculated_fields_form_post"] == 'loadcoupons') {
            cp_calculatedfieldsf_load_discount_codes();
        }
    }
    if (isset($_GET['cp_calculatedfieldsf']) && $_GET['cp_calculatedfieldsf'] == 'captcha') {
        @(include_once dirname(__FILE__) . '/captcha/captcha.php');
        exit;
    }
    if (isset($_GET['cp_calculatedfieldsf_csv']) && is_admin()) {
        check_admin_referer('session_id_' . session_id(), '_cpcff_nonce');
        cp_calculatedfieldsf_export_csv();
        return;
    }
    if (isset($_GET['cp_calculatedfieldsf_export']) && is_admin()) {
        check_admin_referer('session_id_' . session_id(), '_cpcff_nonce');
        cp_calculatedfieldsf_export_form();
        return;
    }
    if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_calculatedfieldsf_post_options']) && is_admin()) {
        cp_calculatedfieldsf_save_options();
        if (isset($_POST['preview'])) {
            print '<!DOCTYPE html><html><head><meta charset="UTF-8"></head><body>';
            print cp_calculatedfieldsf_filter_content(array('id' => $_POST['cp_calculatedfieldsf_id']));
            wp_footer();
            print '</body></html>';
            exit;
        }
        return;
    }
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_calculatedfieldsf_pform_process'])) {
        if ('GET' != $_SERVER['REQUEST_METHOD'] || !isset($_GET['hdcaptcha_cp_calculated_fields_form_post'])) {
            return;
        }
    }
    define("CP_CALCULATEDFIELDSF_ID", @$_POST["cp_calculatedfieldsf_id"]);
    if (isset($_GET["ps"])) {
        $sequence = $_GET["ps"];
    } else {
        if (isset($_POST["cp_calculatedfieldsf_pform_psequence"])) {
            $sequence = $_POST["cp_calculatedfieldsf_pform_psequence"];
        }
    }
    if (!isset($_GET['hdcaptcha_cp_calculated_fields_form_post']) || $_GET['hdcaptcha_cp_calculated_fields_form_post'] == '') {
        $_GET['hdcaptcha_cp_calculated_fields_form_post'] = @$_POST['hdcaptcha_cp_calculated_fields_form_post'];
    }
    if (!apply_filters('cpcff_valid_submission', true) || cp_calculatedfieldsf_get_option('cv_enable_captcha', CP_CALCULATEDFIELDSF_DEFAULT_cv_enable_captcha) != 'false' && (strtolower($_GET['hdcaptcha_cp_calculated_fields_form_post']) != strtolower($_SESSION['rand_code' . $sequence]) || $_SESSION['rand_code' . $sequence] == '')) {
        echo 'captchafailed';
        exit;
    }
    // Check the honeypot
    if (($honeypot = get_option('CP_CALCULATEDFIELDSF_HONEY_POT', '')) !== '' && !empty($_REQUEST[$honeypot])) {
        exit;
    }
    // if this isn't the real post (it was the captcha verification) then echo ok and exit
    if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_calculatedfieldsf_pform_process'])) {
        echo 'ok';
        exit;
    }
    // get form info
    //---------------------------
    $paypal_zero_payment = cp_calculatedfieldsf_get_option('paypal_zero_payment', CP_CALCULATEDFIELDSF_DEFAULT_PAYPAL_ZERO_PAYMENT);
    require_once ABSPATH . "wp-admin" . '/includes/file.php';
    $form_data = cp_calculatedfieldsf_get_option('form_structure', CP_CALCULATEDFIELDSF_DEFAULT_form_structure);
    $fields = array();
    $choicesTxt = array();
    // List of choices texts in fields where exits
    $choicesVal = array();
    // List of choices vals  in fields where exits
    foreach ($form_data[0] as $item) {
        $fields[$item->name] = $item;
        if (property_exists($item, 'choicesVal') && property_exists($item, 'choices')) {
            $choicesTxt[$item->name] = $item->choices;
            $choicesVal[$item->name] = $item->choicesVal;
        }
        if ($item->ftype == 'fPhone') {
            $_POST[$item->name . $sequence] = '';
            for ($i = 0; $i <= substr_count($item->dformat, " "); $i++) {
                $_POST[$item->name . $sequence] .= $_POST[$item->name . $sequence . "_" . $i] != '' ? ($i == 0 ? '' : '-') . $_POST[$item->name . $sequence . "_" . $i] : '';
                unset($_POST[$item->name . $sequence . "_" . $i]);
            }
        }
    }
    // get base price
    $request_cost = cp_calculatedfieldsf_get_option('request_cost', CP_CALCULATEDFIELDSF_DEFAULT_COST);
    $price_item = $fields[$request_cost];
    $find_arr = array(',', '.');
    $replace_arr = array('', '.');
    if ($price_item->ftype == 'fCalculated') {
        $find_arr[0] = $price_item->groupingsymbol;
        $find_arr[1] = $price_item->decimalsymbol;
    } elseif ($price_item->ftype == 'fcurrency') {
        $find_arr[0] = $price_item->thousandSeparator;
        $find_arr[1] = $price_item->centSeparator;
    } elseif ($price_item->ftype == 'fnumber' || $price_item->ftype == 'fnumberds') {
        $find_arr[0] = $price_item->thousandSeparator;
        $find_arr[1] = $price_item->decimalSymbol;
    }
    $price = @$_POST[$request_cost . $_POST["cp_calculatedfieldsf_pform_psequence"]];
    $price = preg_replace('/[^\\d\\.\\,]/', '', $price);
    $price = str_replace($find_arr, $replace_arr, $price);
    $paypal_base_amount = preg_replace('/[^\\d\\.\\,]/', '', cp_calculatedfieldsf_get_option('paypal_base_amount', 0));
    $paypal_base_amount = str_replace($find_arr, $replace_arr, $paypal_base_amount);
    $price = max($price, $paypal_base_amount);
    // calculate discounts if any
    //---------------------------
    $discount_note = "";
    $coupon = false;
    $codes = $wpdb->get_results($wpdb->prepare("SELECT * FROM " . CP_CALCULATEDFIELDSF_DISCOUNT_CODES_TABLE_NAME . " WHERE code=%s AND expires>='" . date("Y-m-d") . " 00:00:00' AND `form_id`=%d", @$_POST["couponcode"], CP_CALCULATEDFIELDSF_ID));
    if (count($codes)) {
        $coupon = $codes[0];
        if ($coupon->availability == 1) {
            $coupon->discount = str_replace($find_arr, $replace_arr, $coupon->discount);
            $price = number_format(floatval($price) - $coupon->discount, 2);
            $discount_note = " (" . cp_calculatedfieldsf_get_option('currency', CP_CALCULATEDFIELDSF_DEFAULT_CURRENCY) . " " . $coupon->discount . " discount applied)";
        } else {
            $price = number_format(floatval($price) - $price * $coupon->discount / 100, 2);
            $discount_note = " (" . $coupon->discount . "% discount applied)";
        }
    }
    // grab posted data
    //---------------------------
    $buffer = "";
    foreach ($_POST as $item => $value) {
        if (array_key_exists(str_replace($_POST["cp_calculatedfieldsf_pform_psequence"], '', $item), $fields)) {
            $buffer .= $fields[str_replace($_POST["cp_calculatedfieldsf_pform_psequence"], '', $item)]->title . ": " . (is_array($value) ? implode(", ", $value) : $value) . "\n\n";
            $params[str_replace($_POST["cp_calculatedfieldsf_pform_psequence"], '', $item)] = $value;
        }
    }
    foreach ($_FILES as $item => $value) {
        $item = str_replace($_POST["cp_calculatedfieldsf_pform_psequence"], '', $item);
        if (isset($fields[$item])) {
            $files_names_arr = array();
            $files_links_arr = array();
            $files_urls_arr = array();
            for ($f = 0; $f < count($value['name']); $f++) {
                if (!empty($value['name'][$f])) {
                    $uploaded_file = array('name' => $value['name'][$f], 'type' => $value['type'][$f], 'tmp_name' => $value['tmp_name'][$f], 'error' => $value['error'][$f], 'size' => $value['size'][$f]);
                    if (cp_calculatedfieldsf_check_upload($uploaded_file)) {
                        $movefile = wp_handle_upload($uploaded_file, array('test_form' => false));
                        if (empty($movefile['error'])) {
                            $files_links_arr[] = $params[$item . "_link"][$f] = $movefile["file"];
                            $files_urls_arr[] = $params[$item . "_url"][$f] = $movefile["url"];
                            $files_names_arr[] = $uploaded_file['name'];
                        }
                    }
                }
            }
            $joinned_files_names = implode(", ", $files_names_arr);
            $buffer .= $fields[$item]->title . ": " . $joinned_files_names . "\n\n";
            $params[$item] = $joinned_files_names;
            $params[$item . "_links"] = implode(",", $files_links_arr);
            $params[$item . "_urls"] = implode(",", $files_urls_arr);
        }
    }
    $buffer_A = $buffer;
    $params["final_price"] = $price;
    $params["coupon"] = $coupon ? $coupon->code . $discount_note : "";
    if (@$_POST["bccf_payment_option_paypal"] == '1') {
        $params["payment_option"] = cp_calculatedfieldsf_get_option('enable_paypal_option_yes', CP_CALCULATEDFIELDSF_PAYPAL_OPTION_YES);
    } else {
        if (@$_POST["bccf_payment_option_paypal"] == '0') {
            $params["payment_option"] = cp_calculatedfieldsf_get_option('enable_paypal_option_no', CP_CALCULATEDFIELDSF_PAYPAL_OPTION_NO);
        }
    }
    // insert into database
    //---------------------------------
    @(include_once dirname(__FILE__) . '/cp_calculatedfieldsf_insert_in_database.php');
    $to = cp_calculatedfieldsf_get_option('cu_user_email_field', CP_CALCULATEDFIELDSF_DEFAULT_cu_user_email_field);
    $to = explode(',', $to);
    $to_arr = array();
    foreach ($to as $index => $value) {
        $value .= $_POST["cp_calculatedfieldsf_pform_psequence"];
        $_POST[$value] = trim(@$_POST[$value]);
        if (!empty($_POST[$value])) {
            $to_arr[] = $_POST[$value];
        }
    }
    $rows_affected = $wpdb->insert(CP_CALCULATEDFIELDSF_POSTS_TABLE_NAME, array('formid' => CP_CALCULATEDFIELDSF_ID, 'time' => current_time('mysql'), 'ipaddr' => $_SERVER['REMOTE_ADDR'], 'notifyto' => implode(',', $to_arr), 'paypal_post' => @serialize($params), 'data' => $buffer_A . ($coupon ? "\n\nCoupon code:" . $coupon->code . $discount_note : "")), array('%d', '%s', '%s', '%s', '%s', '%s'));
    if (!$rows_affected) {
        _e('Error saving data! Please try again.', 'calculated-fields-form');
        _e('<br /><br />Error debug information: ', 'calculated-fields-form');
        $wpdb->print_error();
        exit;
    }
    $myrows = $wpdb->get_results("SELECT MAX(id) as max_id FROM " . CP_CALCULATEDFIELDSF_POSTS_TABLE_NAME);
    // saved data here
    $item_number = $myrows[0]->max_id;
    // Call action for data processing
    //---------------------------------
    $params['itemnumber'] = $item_number;
    do_action('cp_calculatedfieldsf_process_data', $params);
    $paypal_optional = cp_calculatedfieldsf_get_option('enable_paypal', CP_CALCULATEDFIELDSF_DEFAULT_ENABLE_PAYPAL) == '2';
    if ((floatval($price) >= 0 && !$paypal_zero_payment || floatval($price) > 0 && $paypal_zero_payment) && cp_calculatedfieldsf_get_option('enable_paypal', CP_CALCULATEDFIELDSF_DEFAULT_ENABLE_PAYPAL) && (!$paypal_optional || @$_POST["bccf_payment_option_paypal"] == '1')) {
        if (cp_calculatedfieldsf_get_option('paypal_mode', CP_CALCULATEDFIELDSF_DEFAULT_PAYPAL_MODE) == "sandbox") {
            $ppurl = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
        } else {
            $ppurl = 'https://www.paypal.com/cgi-bin/webscr';
        }
        if (cp_calculatedfieldsf_get_option('paypal_notiemails', '0') == '1') {
            cp_calculatedfieldsf_process_ready_to_go_reservation($item_number, "", $params, $fields);
        }
        $_SESSION['cp_cff_form_data'] = $item_number;
        ?>
<html>
<head><title>Redirecting to Paypal...</title></head>
<body>
<form action="<?php 
        echo $ppurl;
        ?>
" name="ppform3" method="post">
<input type="hidden" name="business" value="<?php 
        echo cp_calculatedfieldsf_get_option('paypal_email', CP_CALCULATEDFIELDSF_DEFAULT_PAYPAL_EMAIL);
        ?>
" />
<?php 
        $paypal_item_name = cp_calculatedfieldsf_get_option('paypal_product_name', CP_CALCULATEDFIELDSF_DEFAULT_PRODUCT_NAME) . (@$_POST["services"] ? ": " . trim($services_formatted[1]) : "") . $discount_note;
        foreach ($params as $item => $value) {
            $paypal_item_name = str_replace('<%' . $item . '%>', is_array($value) ? implode(", ", $value) : $value, $paypal_item_name);
        }
        ?>
<input type="hidden" name="item_name" value="<?php 
        echo esc_attr($paypal_item_name);
        ?>
" />
<input type="hidden" name="item_number" value="<?php 
        echo $item_number;
        ?>
" />
<input type="hidden" name="email" value="<?php 
        echo @$_POST[$to];
        ?>
" />

<?php 
        $paypal_recurrent = cp_calculatedfieldsf_get_option('paypal_recurrent', CP_CALCULATEDFIELDSF_DEFAULT_PAYPAL_RECURRENT);
        $paypal_recurrent_setup = cp_calculatedfieldsf_get_option('paypal_recurrent_setup', '');
        $paypal_recurrent_setup_days = cp_calculatedfieldsf_get_option('paypal_recurrent_setup_days', '15');
        if (strpos($paypal_recurrent, 'field') !== false) {
            if (!empty($params[$paypal_recurrent]) && !empty($choicesTxt[$paypal_recurrent]) && !empty($choicesVal[$paypal_recurrent]) && ($index = array_search($params[$paypal_recurrent], $choicesTxt[$paypal_recurrent])) !== false) {
                $paypal_recurrent = $choicesVal[$paypal_recurrent][$index];
            }
        }
        $paypal_recurrent = intval($paypal_recurrent);
        if ($paypal_recurrent == 0) {
            ?>
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="bn" value="NetFactorSL_SI_Custom" />
<input type="hidden" name="amount" value="<?php 
            echo $price;
            ?>
" />
<?php 
        } else {
            if ($paypal_recurrent_setup != '') {
                ?>
<input type="hidden" name="a1" value="<?php 
                echo $paypal_recurrent_setup;
                ?>
">
<input type="hidden" name="p1" value="<?php 
                echo $paypal_recurrent_setup_days;
                ?>
">
<input type="hidden" name="t1" value="D">
<?php 
            }
            ?>
<input type="hidden" name="cmd" value="_xclick-subscriptions">
<input type="hidden" name="bn" value="NetFactorSL_SI_Custom">
<input type="hidden" name="a3" value="<?php 
            echo $price;
            ?>
">
<input type="hidden" name="p3" value="<?php 
            echo $paypal_recurrent;
            ?>
">
<input type="hidden" name="t3" value="M">
<input type="hidden" name="src" value="1">
<input type="hidden" name="sra" value="1">
<?php 
        }
        ?>

<input type="hidden" name="page_style" value="Primary" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="return" value="<?php 
        echo cp_calculatedfieldsf_get_option('fp_return_page', CP_CALCULATEDFIELDSF_DEFAULT_fp_return_page);
        ?>
">
<input type="hidden" name="cancel_return" value="<?php 
        echo $_POST["cp_ref_page"];
        ?>
" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="currency_code" value="<?php 
        echo strtoupper(cp_calculatedfieldsf_get_option('currency', CP_CALCULATEDFIELDSF_DEFAULT_CURRENCY));
        ?>
" />
<input type="hidden" name="lc" value="<?php 
        echo cp_calculatedfieldsf_get_option('paypal_language', CP_CALCULATEDFIELDSF_DEFAULT_PAYPAL_LANGUAGE);
        ?>
" />
<input type="hidden" name="notify_url" value="<?php 
        echo cp_calculatedfieldsf_get_site_url();
        ?>
/?cp_calculatedfieldsf_ipncheck=1&itemnumber=<?php 
        echo $item_number;
        ?>
" />
<input type="hidden" name="ipn_test" value="1" />
<input class="pbutton" type="hidden" value="Buy Now" /></div>
</form>
<script type="text/javascript">
document.ppform3.submit();
</script>
</body>
</html>
<?php 
        exit;
    } else {
        cp_calculatedfieldsf_process_ready_to_go_reservation($item_number, "", $params, $fields);
        $_SESSION['cp_cff_form_data'] = $item_number;
        $redirect = true;
        /** 
         * Filters applied to decide if the website should be redirected to the thank you page after submit the form, 
         * pass a boolean as parameter and returns a boolean
         */
        $redirect = apply_filters('cpcff_redirect', $redirect);
        if ($redirect) {
            $location = cp_calculatedfieldsf_get_option('fp_return_page', CP_CALCULATEDFIELDSF_DEFAULT_fp_return_page);
            header("Location: " . $location);
            exit;
        }
    }
}
Exemplo n.º 2
0
function cp_calculated_fields_form_check_posted_data()
{
    global $wpdb;
    if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_calculatedfieldsf_post_options']) && is_admin()) {
        cp_calculatedfieldsf_save_options();
        if (isset($_POST['preview'])) {
            print '<!DOCTYPE html><html><head><meta charset="UTF-8"></head><body>';
            print cp_calculatedfieldsf_filter_content(array('id' => $_POST['cp_calculatedfieldsf_id']));
            wp_footer();
            print '</body></html>';
            exit;
        }
        return;
    }
}