}
$verify_nonce = wp_verify_nonce($_REQUEST['r'], 'cfwpp_update_actions');
global $wpdb;
$message = "";
if (isset($_GET['a']) && $_GET['a'] == '1' && $verify_nonce) {
define('CP_CONTACTFORMPP_DEFAULT_fp_from_email', get_the_author_meta('user_email', get_current_user_id()));
define('CP_CONTACTFORMPP_DEFAULT_fp_destination_emails', CP_CONTACTFORMPP_DEFAULT_fp_from_email);
// temporal lines to guarantee migration
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_zero_payment', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'fp_emailformat', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cu_emailformat', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_notiemails', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_mode', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_recurrent', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_identify_prices', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cp_emailformat', " varchar(10) NOT NULL default ''");
// insert line
$wpdb->insert($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, array('form_name' => stripcslashes($_GET["name"]), 'form_structure' => CP_CONTACTFORMPP_DEFAULT_form_structure, 'fp_from_email' => cp_contactformpp_get_option('fp_from_email', CP_CONTACTFORMPP_DEFAULT_fp_from_email), 'fp_destination_emails' => cp_contactformpp_get_option('fp_destination_emails', CP_CONTACTFORMPP_DEFAULT_fp_destination_emails), 'fp_subject' => cp_contactformpp_get_option('fp_subject', CP_CONTACTFORMPP_DEFAULT_fp_subject), 'fp_inc_additional_info' => cp_contactformpp_get_option('fp_inc_additional_info', CP_CONTACTFORMPP_DEFAULT_fp_inc_additional_info), 'fp_return_page' => cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page), 'fp_message' => cp_contactformpp_get_option('fp_message', CP_CONTACTFORMPP_DEFAULT_fp_message), 'fp_emailformat' => cp_contactformpp_get_option('fp_emailformat', CP_CONTACTFORMPP_DEFAULT_email_format), 'cu_enable_copy_to_user' => cp_contactformpp_get_option('cu_enable_copy_to_user', CP_CONTACTFORMPP_DEFAULT_cu_enable_copy_to_user), 'cu_user_email_field' => cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field), 'cu_subject' => cp_contactformpp_get_option('cu_subject', CP_CONTACTFORMPP_DEFAULT_cu_subject), 'cu_message' => cp_contactformpp_get_option('cu_message', CP_CONTACTFORMPP_DEFAULT_cu_message), 'cp_emailformat' => cp_contactformpp_get_option('cp_emailformat', CP_CONTACTFORMPP_DEFAULT_email_format), 'vs_use_validation' => cp_contactformpp_get_option('vs_use_validation', CP_CONTACTFORMPP_DEFAULT_vs_use_validation), 'vs_text_is_required' => cp_contactformpp_get_option('vs_text_is_required', CP_CONTACTFORMPP_DEFAULT_vs_text_is_required), 'vs_text_is_email' => cp_contactformpp_get_option('vs_text_is_email', CP_CONTACTFORMPP_DEFAULT_vs_text_is_email), 'vs_text_datemmddyyyy' => cp_contactformpp_get_option('vs_text_datemmddyyyy', CP_CONTACTFORMPP_DEFAULT_vs_text_datemmddyyyy), 'vs_text_dateddmmyyyy' => cp_contactformpp_get_option('vs_text_dateddmmyyyy', CP_CONTACTFORMPP_DEFAULT_vs_text_dateddmmyyyy), 'vs_text_number' => cp_contactformpp_get_option('vs_text_number', CP_CONTACTFORMPP_DEFAULT_vs_text_number), 'vs_text_digits' => cp_contactformpp_get_option('vs_text_digits', CP_CONTACTFORMPP_DEFAULT_vs_text_digits), 'vs_text_max' => cp_contactformpp_get_option('vs_text_max', CP_CONTACTFORMPP_DEFAULT_vs_text_max), 'vs_text_min' => cp_contactformpp_get_option('vs_text_min', CP_CONTACTFORMPP_DEFAULT_vs_text_min), 'enable_paypal' => cp_contactformpp_get_option('enable_paypal', CP_CONTACTFORMPP_DEFAULT_ENABLE_PAYPAL), 'paypal_notiemails' => cp_contactformpp_get_option('paypal_notiemails', '0'), 'paypal_email' => cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL), 'request_cost' => cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST), 'paypal_product_name' => cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME), 'currency' => cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY), 'paypal_language' => cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE), 'cv_enable_captcha' => cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha), 'cv_width' => cp_contactformpp_get_option('cv_width', CP_CONTACTFORMPP_DEFAULT_cv_width), 'cv_height' => cp_contactformpp_get_option('cv_height', CP_CONTACTFORMPP_DEFAULT_cv_height), 'cv_chars' => cp_contactformpp_get_option('cv_chars', CP_CONTACTFORMPP_DEFAULT_cv_chars), 'cv_font' => cp_contactformpp_get_option('cv_font', CP_CONTACTFORMPP_DEFAULT_cv_font), 'cv_min_font_size' => cp_contactformpp_get_option('cv_min_font_size', CP_CONTACTFORMPP_DEFAULT_cv_min_font_size), 'cv_max_font_size' => cp_contactformpp_get_option('cv_max_font_size', CP_CONTACTFORMPP_DEFAULT_cv_max_font_size), 'cv_noise' => cp_contactformpp_get_option('cv_noise', CP_CONTACTFORMPP_DEFAULT_cv_noise), 'cv_noise_length' => cp_contactformpp_get_option('cv_noise_length', CP_CONTACTFORMPP_DEFAULT_cv_noise_length), 'cv_background' => cp_contactformpp_get_option('cv_background', CP_CONTACTFORMPP_DEFAULT_cv_background), 'cv_border' => cp_contactformpp_get_option('cv_border', CP_CONTACTFORMPP_DEFAULT_cv_border), 'cv_text_enter_valid_captcha' => cp_contactformpp_get_option('cv_text_enter_valid_captcha', CP_CONTACTFORMPP_DEFAULT_cv_text_enter_valid_captcha)));
$message = "Item added";
} else {
if (isset($_GET['u']) && $_GET['u'] != '' && $verify_nonce) {
$wpdb->query('UPDATE `' . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . '` SET form_name="' . esc_sql($_GET["name"]) . '" WHERE id=' . intval($_GET['u']));
$message = "Item updated";
} else {
if (isset($_GET['d']) && $_GET['d'] != '' && $verify_nonce) {
$wpdb->query('DELETE FROM `' . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . '` WHERE id=' . intval($_GET['d']));
$message = "Item deleted";
} else {
if (isset($_GET['c']) && $_GET['c'] != '' && $verify_nonce) {
$myrows = $wpdb->get_row("SELECT * FROM " . $wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE . " WHERE id=" . intval($_GET['c']), ARRAY_A);
unset($myrows["id"]);
function cp_contactformpp_save_options()
{
global $wpdb;
if (!defined('CP_CONTACTFORMPP_ID')) {
define('CP_CONTACTFORMPP_ID', intval($_POST["cp_contactformpp_id"]));
}
$verify_nonce = wp_verify_nonce($_POST['rsave'], 'cfwpp_update_actions_post');
if (!$verify_nonce) {
echo 'Error: Form cannot be authenticated. Please contact our <a href="http://wordpress.dwbooster.com/support">support service</a> for verification and solution. Thank you.';
return;
}
// temporal lines to guarantee migration from previous version
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'fp_emailformat', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cu_emailformat', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_notiemails', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_mode', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_recurrent', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_identify_prices', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'script_load_method', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'cp_emailformat', " varchar(10) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'request_taxes', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'request_address', " varchar(20) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'paypal_price_field', " varchar(250) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, 'vs_text_submitbtn', " varchar(250) NOT NULL default ''");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, "paypal_recurrent_setup", "varchar(20) DEFAULT '' NOT NULL");
cp_contactformpp_add_field_verify($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, "paypal_recurrent_times", " varchar(10) NOT NULL default ''");
foreach ($_POST as $item => $value) {
if (!is_array($value)) {
$_POST[$item] = stripcslashes($value);
}
}
$data = array('fp_from_email' => $_POST['fp_from_email'], 'fp_destination_emails' => $_POST['fp_destination_emails'], 'fp_subject' => $_POST['fp_subject'], 'fp_inc_additional_info' => $_POST['fp_inc_additional_info'], 'fp_return_page' => $_POST['fp_return_page'], 'fp_message' => $_POST['fp_message'], 'fp_emailformat' => $_POST['fp_emailformat'], 'cu_enable_copy_to_user' => $_POST['cu_enable_copy_to_user'], 'cu_user_email_field' => $_POST['cu_user_email_field'], 'cu_subject' => $_POST['cu_subject'], 'cu_message' => $_POST['cu_message'], 'cu_emailformat' => $_POST['cu_emailformat'], 'enable_paypal' => @$_POST["enable_paypal"], 'paypal_notiemails' => @$_POST["paypal_notiemails"], 'paypal_email' => $_POST["paypal_email"], 'request_cost' => $_POST["request_cost"], 'paypal_price_field' => @$_POST["paypal_price_field"], 'request_taxes' => $_POST["request_taxes"], 'request_address' => $_POST["request_address"], 'paypal_product_name' => $_POST["paypal_product_name"], 'currency' => $_POST["currency"], 'paypal_language' => $_POST["paypal_language"], 'paypal_mode' => $_POST["paypal_mode"], 'paypal_recurrent' => $_POST["paypal_recurrent"], 'paypal_recurrent_setup' => $_POST["paypal_recurrent_setup"], 'paypal_recurrent_times' => $_POST["paypal_recurrent_times"], 'paypal_identify_prices' => @$_POST["paypal_identify_prices"], 'paypal_zero_payment' => $_POST["paypal_zero_payment"], 'vs_text_is_required' => $_POST['vs_text_is_required'], 'vs_text_is_email' => $_POST['vs_text_is_email'], 'vs_text_datemmddyyyy' => $_POST['vs_text_datemmddyyyy'], 'vs_text_dateddmmyyyy' => $_POST['vs_text_dateddmmyyyy'], 'vs_text_number' => $_POST['vs_text_number'], 'vs_text_digits' => $_POST['vs_text_digits'], 'vs_text_max' => $_POST['vs_text_max'], 'vs_text_min' => $_POST['vs_text_min'], 'vs_text_submitbtn' => $_POST['vs_text_submitbtn'], 'cv_enable_captcha' => $_POST['cv_enable_captcha'], 'cv_width' => $_POST['cv_width'], 'cv_height' => $_POST['cv_height'], 'cv_chars' => $_POST['cv_chars'], 'cv_font' => $_POST['cv_font'], 'cv_min_font_size' => $_POST['cv_min_font_size'], 'cv_max_font_size' => $_POST['cv_max_font_size'], 'cv_noise' => $_POST['cv_noise'], 'cv_noise_length' => $_POST['cv_noise_length'], 'cv_background' => $_POST['cv_background'], 'cv_border' => $_POST['cv_border'], 'cv_text_enter_valid_captcha' => $_POST['cv_text_enter_valid_captcha']);
$wpdb->update($wpdb->prefix . CP_CONTACTFORMPP_FORMS_TABLE, $data, array('id' => CP_CONTACTFORMPP_ID));
}
function cp_contact_form_paypal_check_posted_data()
{
global $wpdb;
if (isset($_GET) && array_key_exists('cp_contact_form_paypal_post', $_GET)) {
if ($_GET["cp_contact_form_paypal_post"] == 'loadcoupons') {
cp_contactformpp_load_discount_codes();
}
}
if (isset($_GET['cp_contactformpp']) && $_GET['cp_contactformpp'] == 'captcha') {
@(include_once dirname(__FILE__) . '/captcha/captcha.php');
exit;
}
if ('POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['cp_contactformpp_post_options']) && is_admin()) {
cp_contactformpp_save_options();
return;
}
if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
if ('GET' != $_SERVER['REQUEST_METHOD'] || !isset($_GET['hdcaptcha_cp_contact_form_paypal_post'])) {
return;
}
}
if (isset($_POST["cp_contactformpp_id"])) {
define("CP_CONTACTFORMPP_ID", $_POST["cp_contactformpp_id"]);
}
@session_start();
if (!isset($_GET['hdcaptcha_cp_contact_form_paypal_post']) || $_GET['hdcaptcha_cp_contact_form_paypal_post'] == '') {
$_GET['hdcaptcha_cp_contact_form_paypal_post'] = @$_POST['hdcaptcha_cp_contact_form_paypal_post'];
}
if (cp_contactformpp_get_option('cv_enable_captcha', CP_CONTACTFORMPP_DEFAULT_cv_enable_captcha) != 'false' && ($_GET['hdcaptcha_cp_contact_form_paypal_post'] != $_SESSION['rand_code'] || $_SESSION['rand_code'] == '')) {
echo 'captchafailed';
exit;
}
// if this isn't the real post (it was the captcha verification) then echo ok and exit
if ('POST' != $_SERVER['REQUEST_METHOD'] || !isset($_POST['cp_contactformpp_pform_process'])) {
echo 'ok';
exit;
}
// get price and discounts
$price = cp_contactformpp_get_option('request_cost', CP_CONTACTFORMPP_DEFAULT_COST);
$discount_note = "";
$coupon = false;
// get form info
//---------------------------
$form_data = json_decode(cp_contactformpp_cleanJSON(cp_contactformpp_get_option('form_structure', CP_CONTACTFORMPP_DEFAULT_form_structure)));
$fields = array();
foreach ($form_data[0] as $item) {
$fields[$item->name] = $item->title;
}
// grab posted data
//---------------------------
$buffer = "";
foreach ($_POST as $item => $value) {
if (isset($fields[$item])) {
$buffer .= $fields[$item] . ": " . (is_array($value) ? implode(", ", $value) : $value) . "\n\n";
$params[$item] = $value;
}
}
$buffer_A = $buffer;
cp_contactformpp_add_field_verify(CP_CONTACTFORMPP_POSTS_TABLE_NAME, 'posted_data');
// insert into database
//---------------------------
$to = cp_contactformpp_get_option('cu_user_email_field', CP_CONTACTFORMPP_DEFAULT_cu_user_email_field);
$rows_affected = $wpdb->insert(CP_CONTACTFORMPP_POSTS_TABLE_NAME, array('formid' => CP_CONTACTFORMPP_ID, 'time' => current_time('mysql'), 'ipaddr' => $_SERVER['REMOTE_ADDR'], 'notifyto' => $_POST[$to], 'paypal_post' => serialize($params), 'posted_data' => serialize($params), 'data' => $buffer_A . ($coupon ? "\n\nCoupon code:" . $coupon->code . $discount_note : "")));
if (!$rows_affected) {
echo 'Error saving data! Please try again.';
echo '<br /><br />Error debug information: ' . mysql_error();
exit;
}
$myrows = $wpdb->get_results("SELECT MAX(id) as max_id FROM " . CP_CONTACTFORMPP_POSTS_TABLE_NAME);
// save data here
$item_number = $myrows[0]->max_id;
?>
<html>
<head><title>Redirecting to Paypal...</title></head>
<body>
<form action="https://www.paypal.com/cgi-bin/webscr" name="ppform3" method="post">
<input type="hidden" name="cmd" value="_xclick" />
<input type="hidden" name="business" value="<?php
echo cp_contactformpp_get_option('paypal_email', CP_CONTACTFORMPP_DEFAULT_PAYPAL_EMAIL);
?>
" />
<input type="hidden" name="item_name" value="<?php
echo cp_contactformpp_get_option('paypal_product_name', CP_CONTACTFORMPP_DEFAULT_PRODUCT_NAME) . $discount_note;
?>
" />
<input type="hidden" name="item_number" value="<?php
echo $item_number;
?>
" />
<input type="hidden" name="amount" value="<?php
echo $price;
?>
" />
<input type="hidden" name="page_style" value="Primary" />
<input type="hidden" name="no_shipping" value="1" />
<input type="hidden" name="return" value="<?php
echo cp_contactformpp_get_option('fp_return_page', CP_CONTACTFORMPP_DEFAULT_fp_return_page);
?>
">
<input type="hidden" name="cancel_return" value="<?php
echo $_POST["cp_ref_page"];
?>
" />
<input type="hidden" name="no_note" value="1" />
<input type="hidden" name="currency_code" value="<?php
echo strtoupper(cp_contactformpp_get_option('currency', CP_CONTACTFORMPP_DEFAULT_CURRENCY));
?>
" />
<input type="hidden" name="lc" value="<?php
echo cp_contactformpp_get_option('paypal_language', CP_CONTACTFORMPP_DEFAULT_PAYPAL_LANGUAGE);
?>
" />
<input type="hidden" name="bn" value="PP-BuyNowBF" />
<input type="hidden" name="notify_url" value="<?php
echo cp_contactformpp_get_FULL_site_url();
?>
/?cp_contactformpp_ipncheck=1&itemnumber=<?php
echo $item_number;
?>
" />
<input type="hidden" name="ipn_test" value="1" />
<input class="pbutton" type="hidden" value="Buy Now" /></div>
</form>
<script type="text/javascript">
document.ppform3.submit();
</script>
</body>
</html>
<?php
exit;
}
