/**
* tests a private link retrieval submission and send the link or sets an error
*
* @return null
*/
private static function _process_retrieval()
{
/*
* we check a transient based on the user's IP; if the user tries more than 3
* times per day to get a private ID, they are blocked for 24 hours
*/
$max_tries = Participants_Db::current_user_has_plugin_role('admin', 'retrieve link') ? 10000 : 3;
// give the plugin admin unlimited tries
$transient = self::$prefix . 'retrieve-count-' . str_replace('.', '', $_SERVER['REMOTE_ADDR']);
$count = get_transient($transient);
if ($count === false) {
set_transient($transient, 1, 60 * 60 * 24);
}
if ($count > $max_tries) {
// too many tries, come back tomorrow
error_log('Participants Database Plugin: IP blocked for too many retrieval attempts from IP ' . $_SERVER['REMOTE_ADDR'] . ' in 24-hour period.');
return;
}
$count++;
set_transient($transient, $count, 60 * 60 * 24);
$column = self::plugin_setting('retrieve_link_identifier', 'email');
if (!isset($_POST[$column]) || empty($_POST[$column])) {
self::$validation_errors->add_error($column, 'empty');
return;
}
// a value was submitted, try to find a record with it
//$match_id = self::_get_participant_id_by_term($column, $_POST[$column]);
$match_id = self::find_record_match($column, $_POST);
if (!is_object(self::$validation_errors)) {
self::$validation_errors = new PDb_FormValidation();
}
if ($match_id === false) {
self::$validation_errors->add_error($column, 'identifier');
return;
} else {
$participant_values = self::get_participant($match_id);
}
$retrieve_link_email = new stdClass();
$retrieve_link_email->body_template = self::set_filter('translate_string', self::plugin_setting('retrieve_link_email_body'));
$retrieve_link_email->subject = self::set_filter('translate_string', self::plugin_setting('retrieve_link_email_subject'));
$retrieve_link_email->recipient = $participant_values[self::plugin_setting('primary_email_address_field', 'email')];
/**
* @version 1.6
*
* filter pdb-before_send_retrieve_link_email
*/
self::set_filter('before_send_retrieve_link_email', $retrieve_link_email);
if (!empty($retrieve_link_email->recipient)) {
$body = self::proc_tags($retrieve_link_email->body_template, $match_id);
$sent = wp_mail($retrieve_link_email->recipient, self::proc_tags($retrieve_link_email->subject, $match_id), self::plugin_setting('html_email') ? self::process_rich_text($body) : $body, self::$email_headers);
if (false === $sent) {
error_log(__METHOD__ . ' sending returned false');
}
} else {
error_log(__METHOD__ . ' primary email address field undefined');
}
if (self::plugin_setting_is_true('send_retrieve_link_notify_email')) {
$body = self::proc_tags(self::plugin_setting('retrieve_link_notify_body'), $match_id);
$sent = wp_mail(self::plugin_setting('email_signup_notify_addresses'), self::proc_tags(self::plugin_setting('retrieve_link_notify_subject'), $match_id, 'all'), self::plugin_setting('html_email') ? self::process_rich_text($body) : $body, self::$email_headers);
}
//self::$validation_errors->add_error('', 'success');
$_POST['action'] = 'success';
return;
}
?>
">
<?php
$column_title = str_replace(array('"', "'"), array('"', '''), Participants_Db::set_filter('translate_string', stripslashes($column->title)));
if ($options['mark_required_fields'] && $column->validation != 'no') {
$column_title = sprintf(Participants_Db::set_filter('translate_string', $options['required_field_marker']), $column_title);
}
?>
<?php
$add_title = '';
$fieldnote_pattern = ' <span class="fieldnote">%s</span>';
if ($column->form_element == 'hidden') {
$add_title = sprintf($fieldnote_pattern, __('hidden', 'participants-database'));
} elseif (in_array($column->name, $readonly_columns) or $column->form_element == 'timestamp') {
$attributes['class'] = 'readonly-field';
if (!Participants_Db::current_user_has_plugin_role('editor', 'readonly access')) {
$attributes['readonly'] = 'readonly';
}
$add_title = sprintf($fieldnote_pattern, __('read only', 'participants-database'));
}
?>
<th><?php
echo $column_title . $add_title;
?>
</th>
<td id="<?php
echo Participants_Db::$prefix . $column->name;
?>
-field" >
<?php
/*
<?php
if (!defined('ABSPATH')) {
exit;
}
if (!Participants_Db::current_user_has_plugin_role('admin', 'upload csv')) {
exit;
}
$CSV_import = new PDb_CSV_Import('csv_file_upload');
$csv_paramdefaults = array('delimiter_character' => 'auto', 'enclosure_character' => 'auto', 'match_field' => Participants_Db::plugin_setting('unique_field'), 'match_preference' => Participants_Db::plugin_setting('unique_email'));
$csv_options = get_option(Participants_Db::$prefix . 'csv_import_params');
if ($csv_options === false) {
$csv_params = $csv_paramdefaults;
} else {
$csv_params = array_merge($csv_paramdefaults, $csv_options);
}
foreach (array_keys($csv_paramdefaults) as $param) {
$new_value = '';
if (isset($_POST[$param])) {
switch ($param) {
case 'enclosure_character':
$new_value = str_replace(array('"', "'"), array('"', '''), filter_input(INPUT_POST, 'enclosure_character', FILTER_SANITIZE_STRING));
break;
default:
$new_value = filter_input(INPUT_POST, $param, FILTER_SANITIZE_STRING);
}
$csv_params[$param] = $new_value;
}
}
extract($csv_params);
update_option(Participants_Db::$prefix . 'csv_import_params', $csv_params);
/*
* add / edit / delete fields and field groups and their attributes
*
*
* @category
* @package WordPress
* @author Roland Barker <*****@*****.**>
* @copyright 2015 xnau webdesign
* @license GPL2
* @version 1.6
* @link http://wordpress.org/extend/plugins/participants-database/
*/
if (!defined('ABSPATH')) {
die;
}
if (!Participants_Db::current_user_has_plugin_role('admin', 'manage fields')) {
exit;
}
class PDb_Manage_Fields
{
/**
* @var array translations strings used by this class
*/
var $i18n;
/**
* @var array all defined groups
*/
var $groups;
/**
* @var array of field attribute names
*/
/**
* initializes and outputs the list for the backend
*/
public static function initialize()
{
self::_setup_i18n();
wp_localize_script(Participants_Db::$prefix . 'list-admin', 'list_adminL10n', array('delete' => self::$i18n['delete_checked'], 'cancel' => self::$i18n['change'], "record" => __("Do you really want to delete the selected record?", 'participants-database'), "records" => __("Do you really want to delete the selected records?", 'participants-database')));
wp_enqueue_script(Participants_Db::$prefix . 'list-admin');
wp_enqueue_script(Participants_Db::$prefix . 'debounce');
get_currentuserinfo();
// set up the user settings transient
global $user_ID;
self::$user_settings = Participants_Db::$prefix . self::$user_settings . '-' . $user_ID;
self::$filter_transient = Participants_Db::$prefix . self::$filter_transient . '-' . $user_ID;
self::set_list_limit();
self::$registration_page_url = get_bloginfo('url') . '/' . Participants_Db::plugin_setting('registration_page', '');
self::setup_display_columns();
self::$sortables = Participants_Db::get_field_list(false, false, 'alpha');
// self::$sortables = Participants_Db::get_sortables(false, 'alpha');
// set up the basic values
self::$default_filter = array('search' => array(0 => array('search_field' => 'none', 'value' => '', 'operator' => 'LIKE', 'logic' => 'AND')), 'sortBy' => Participants_Db::plugin_setting('admin_default_sort'), 'ascdesc' => Participants_Db::plugin_setting('admin_default_sort_order'), 'list_filter_count' => 1);
// merge the defaults with the $_REQUEST array so if there are any new values coming in, they're included
self::_update_filter();
// error_log(__METHOD__.' filter:'.print_r(self::$filter,1));
// process delete and items-per-page form submissions
self::_process_general();
self::_process_search();
if (WP_DEBUG) {
error_log(__METHOD__ . ' list query= ' . self::$list_query);
}
/*
* save the query in a transient so it can be used by the export CSV functionality
*/
if (Participants_Db::current_user_has_plugin_role('admin', 'csv export')) {
global $current_user;
set_transient(Participants_Db::$prefix . 'admin_list_query' . $current_user->ID, self::$list_query, 3600 * 24);
}
// get the $wpdb object
global $wpdb;
// get the number of records returned
self::$num_records = $wpdb->get_var(str_replace('*', 'COUNT(*)', self::$list_query));
// set the pagination object
$current_page = filter_input(INPUT_GET, self::$list_page, FILTER_VALIDATE_INT, array('options' => array('default' => 1, 'min_range' => 1)));
self::$pagination = new PDb_Pagination(array('link' => self::prepare_page_link($_SERVER['REQUEST_URI']) . '&' . self::$list_page . '=%1$s', 'page' => $current_page, 'size' => self::$page_list_limit, 'total_records' => self::$num_records, 'add_variables' => '#pdb-list-admin'));
// get the records for this page, adding the pagination limit clause
self::$participants = $wpdb->get_results(self::$list_query . ' ' . self::$pagination->getLimitSql(), ARRAY_A);
// ok, setup finished, start outputting the form
// add the top part of the page for the admin
self::_admin_top();
// print the sorting/filtering forms
self::_sort_filter_forms();
// add the delete and items-per-page controls for the backend
self::_general_list_form_top();
// print the main table
self::_main_table();
// output the pagination controls
echo '<div class="pdb-list">' . self::$pagination->links() . '</div>';
// print the CSV export form (authorized users only)
$csv_role = Participants_Db::plugin_setting_is_true('editor_allowed_csv_export') ? 'editor' : 'admin';
if (Participants_Db::current_user_has_plugin_role($csv_role, 'csv export')) {
self::_print_export_form();
}
// print the plugin footer
Participants_Db::plugin_footer();
}
