function tdomf_get_error_messages($show_links = true, $form_id = 0) { global $wpdb, $wp_roles; if (!isset($wp_roles)) { $wp_roles = new WP_Roles(); } $roles = $wp_roles->role_objects; $message = ""; #if(ini_get('register_globals') && !TDOMF_HIDE_REGISTER_GLOBAL_ERROR){ # $message .= "<font color=\"red\"><strong>".__("ERROR: <em>register_globals</em> is enabled. This is a security risk and also prevents TDO Mini Forms from working.")."</strong></font>"; #} if (version_compare("5.0.0", phpversion(), ">")) { $message .= sprintf(__("Warning: You are currently using PHP version %s. It is strongly recommended to use PHP5 with TDO Mini Forms.", "tdomf"), phpversion()); $message .= "<br/>"; } if (get_option(TDOMF_OPTION_VERIFICATION_METHOD) == 'none') { $message .= __("Warning: Form input verification is disabled. This is a potential security risk.", "tdomf"); $message .= "<br/>"; } # Revisions disabled => editing won't work well if (!constant('WP_POST_REVISIONS')) { $form_ids = tdomf_get_form_ids(); foreach ($form_ids as $a_form_id) { if (tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $a_form_id->form_id)) { $message .= __("Error: Post Revisioning is disabled, post editing will not work correctly!", "tdomf"); $message .= "<br/>"; break; } } } if (isset($_REQUEST['form']) || $form_id != 0) { if ($form_id == 0) { $form_id = intval($_REQUEST['form']); } // permissions error if (tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id) == false) { $caps = tdomf_get_option_form(TDOMF_OPTION_ALLOW_CAPS, $form_id); if (is_array($caps) && empty($caps)) { $caps = false; } $users = tdomf_get_option_form(TDOMF_OPTION_ALLOW_USERS, $form_id); if (is_array($users) && empty($users)) { $users = false; } $publish = tdomf_get_option_form(TDOMF_OPTION_ALLOW_PUBLISH, $form_id); $role_count = 0; $role_publish_count = 0; foreach ($roles as $role) { if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) { $role_count++; if (isset($role->capabilities['publish_posts'])) { $role_publish_count++; } } } // if nothing set if ($role_count == 0 && $caps == false && $users == false && $publish == false) { if ($show_links) { $message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: No-one has been configured to be able to access the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>"; } else { $message .= "<font color=\"red\">" . __("<b>Warning</b>: No-one has been configured to be able to access the form!", "tdomf") . "</font><br/>"; } tdomf_log_message("No-one has been configured to access this form ({$form_id})", TDOMF_LOG_BAD); } else { if ($caps == false && $users == false && $role_count == $role_publish_count && $publish == false) { if ($show_links) { $message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>"; } else { $message .= "<font color=\"red\">" . __("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see this form!", "tdomf") . "</font><br/>"; } tdomf_log_message("Only users who can already publish can access the form ({$form_id})", TDOMF_LOG_BAD); } } } // form hacker modified $mode = tdomf_generate_default_form_mode($form_id) . '-hack'; $curr_unmod_prev = trim(tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode)); $org_unmod_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id)); $hacked_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id)); if ($hacked_prev != false && $curr_unmod_prev != $org_unmod_prev) { $message .= "<font color=\"red\">"; $diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org&type=preview"; $form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}"; $dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss&type=preview", 'tdomf-form-hacker'); $message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the preview output but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss); $message .= "</font><br/>"; } $curr_unmod_form = trim(tdomf_generate_form($form_id, $mode)); $org_unmod_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id)); $hacked_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id)); if ($hacked_form != false && $curr_unmod_form != $org_unmod_form) { $message .= "<font color=\"red\">"; $diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org"; $form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}"; $dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss", 'tdomf-form-hacker'); $message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the generated form but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss); $message .= "</font><br/>"; } // widget errors global $tdomf_form_widgets_admin_errors; $mode = "new-post"; if (tdomf_get_option_form(TDOMF_OPTION_SUBMIT_PAGE, $form_id)) { $mode = "new-page"; } $uri = "admin.php?page=tdomf_show_form_menu&form=" . $form_id; do_action('tdomf_control_form_start', $form_id, $mode); $widget_order = tdomf_get_widget_order($form_id); $widgets = tdomf_filter_widgets($mode, $tdomf_form_widgets_admin_errors); foreach ($widget_order as $w) { if (isset($widgets[$w])) { $widget_message = call_user_func($widgets[$w]['cb'], $form_id, $widgets[$w]['params']); if (!empty($widget_message)) { $message .= "<font color=\"red\">" . $widget_message . sprintf(__(" <a href='%s'>Fix »</a>", "tdomf"), $uri) . "</font><br/>"; } } } // @todo check that key is unique in custom fields } if (get_option(TDOMF_OPTION_EXTRA_LOG_MESSAGES) && !get_option(TDOMF_OPTION_DISABLE_ERROR_MESSAGES)) { $message .= "<font color=\"red\">"; if ($show_links) { $message .= sprintf(__("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! <a href=\"%s\">Change on the Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu"); } else { $message .= __("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! This should only be used for debugging purposes.", "tdomf"); } $message .= "</font><br/>"; } $create_user_link = get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu&action=create_dummy_user"; if (function_exists('wp_nonce_url')) { $create_user_link = wp_nonce_url($create_user_link, 'tdomf-create-dummy-user'); } if (get_option(TDOMF_DEFAULT_AUTHOR) == false) { $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: No default author set! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Option Default Author not set!", TDOMF_LOG_BAD); } else { $def_aut = new WP_User(get_option(TDOMF_DEFAULT_AUTHOR)); if (empty($def_aut->data->ID)) { // User does not exist! Deleting option delete_option(TDOMF_DEFAULT_AUTHOR); $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Current Default Author does not exist! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Current Default Author does not exist! Deleting option.", TDOMF_LOG_BAD); } if ($def_aut->has_cap("publish_posts")) { $message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Default author can publish posts. Default author should not be able to publish posts! <a href=\"%s\">Create a dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>"; tdomf_log_message("Option Default Author is set to an author who can publish posts.", TDOMF_LOG_BAD); } } if (function_exists('wp_get_http')) { $post_uri = TDOMF_URLPATH . 'tdomf-form-post.php'; $headers = wp_get_http($post_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent posts from being submitted. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $post_uri, $post_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$post_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } $ajax_uri = TDOMF_URLPATH . 'tdomf-form-ajax.php'; $headers = wp_get_http($ajax_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent forms that use AJAX from submitting posts. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $ajax_uri, $ajax_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$ajax_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } $css_uri = TDOMF_URLPATH . 'tdomf-style-form.css'; $headers = wp_get_http($css_uri, false, 1); if ($headers != false && $headers["response"] != '200') { $message .= "<font color=\"red\">"; $message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will make your forms, by default, look very ugly. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $css_uri, $css_uri); $message .= "</font><br/>"; tdomf_log_message("Did not receive a 200 response when checking {$css_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR); } } return $message; }
function tdomf_show_form_hacker() { global $wp_version; $form_id = false; if (isset($_REQUEST['form'])) { $form_id = $_REQUEST['form']; } else { $form_id = tdomf_get_first_form_id(); } if ($form_id == false || !tdomf_form_exists($form_id)) { ?> <div class="wrap"> <h2><?php _e('Form Hacker', 'tdomf'); ?> </h2> <p><?php if (is_numeric($form_id)) { printf(__('Invalid Form ID %s specified!'), $form_id); } else { _e('No Form ID specified!'); } ?> </p> </div> <?php } else { if (isset($_REQUEST['diff'])) { ?> <div class="wrap"> <?php tdomf_form_hacker_diff($form_id); ?> </div> <!-- wrap --> <?php } else { $mode = tdomf_generate_default_form_mode($form_id); $mode .= '-hack'; tdomf_form_hacker_actions($form_id); $message = tdomf_get_error_messages(true, $form_id); if (!empty($message)) { ?> <div id="message" class="updated fade"><p><?php echo $message; ?> </p></div> <?php } tdomf_forms_top_toolbar($form_id, 'tdomf_show_form_hacker'); $form_ids = tdomf_get_form_ids(); ?> <div class="wrap"> <?php if (!isset($_REQUEST['text'])) { ?> <h2><?php printf(__("Form Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id)); ?> </h2> <?php } else { ?> <h2><?php printf(__("Message Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id)); ?> </h2> <?php } ?> <script type="text/javascript"> function tdomfHideHelp() { jQuery('#tdomf_help').attr('class','hidden'); jQuery('#tdomf_show_help').attr('class',''); jQuery('#tdomf_hide_help').attr('class','hidden'); } function tdomfShowHelp() { jQuery('#tdomf_help').attr('class',''); jQuery('#tdomf_show_help').attr('class','hidden'); jQuery('#tdomf_hide_help').attr('class',''); } </script> <?php tdomf_forms_under_title_toolbar($form_id, 'tdomf_show_form_hacker'); ?> <?php if (isset($_REQUEST['text'])) { ?> <!-- <div id="tdomf_help" class='hidden'> --> <?php $code_on = false; if (isset($_REQUEST['code'])) { $code_on = true; } ?> <p><?php _e("You can use this page to modify any messages outputed from TDOMF for your form. From here you can change the post published messages, post held in moderation, etc. etc.", "tdomf"); ?> </p> <?php if (version_compare($wp_version, "2.8-beta2", ">=")) { if (!$code_on) { ?> <p><a href="admin.php?page=tdomf_show_form_hacker&text&code&form=<?php echo $form_id; ?> "><?php _e("Enable Code Syntax Highlighting...", 'tdomf'); ?> </a></p> <?php } else { ?> <p><a href="admin.php?page=tdomf_show_form_hacker&text&form=<?php echo $form_id; ?> "><?php _e("Disable Code Syntax Highlighting...", 'tdomf'); ?> </a></p> <?php } } ?> <?php $form_edit = tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $form_id); ?> <p><?php _e("PHP code can be included in the hacked messages. Also TDOMF will automatically expand these macro strings:", "tdomf"); ?> <ul> <li><?php printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME); ?> <li><?php printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP); ?> <li><?php printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id); ?> <li><?php printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME); ?> <li><?php printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION); ?> <li><?php printf(__("<code>%s</code> - Submission Errors", "tdomf"), TDOMF_MACRO_SUBMISSIONERRORS); ?> <?php if ($form_edit) { ?> <li><?php printf(__("<code>%s</code> - URL of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONURL); ?> <li><?php printf(__("<code>%s</code> - Original Submission Date", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE); ?> <li><?php printf(__("<code>%s</code> - Original Submission Time", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME); ?> <li><?php printf(__("<code>%s</code> - Title of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE); ?> <?php } else { ?> <li><?php printf(__("<code>%s</code> - URL of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONURL); ?> <li><?php printf(__("<code>%s</code> - Date of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE); ?> <li><?php printf(__("<code>%s</code> - Time of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME); ?> <li><?php printf(__("<code>%s</code> - Title of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE); ?> <?php } ?> </ul> </p> <!-- </div> --> <form method="post" name="formhackermsgs" id="formhackermsgs"> <?php if (function_exists('wp_nonce_field')) { wp_nonce_field('tdomf-form-hacker'); } ?> <p class="submit"> <input type="submit" value="<?php _e('Save »', 'tdomf'); ?> " id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" /> <input type="submit" value="<?php _e('Reset »', 'tdomf'); ?> " id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" /> </p> <?php if (!tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id) && !tdomf_get_option_form(TDOMF_OPTION_REDIRECT, $form_id)) { ?> <h3><?php if ($form_edit) { _e('Contribution Approved', 'tdomf'); } else { _e('Submission Published', 'tdomf'); } ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_publish" id="tdomf_msg_sub_publish" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_PUBLISH, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if (intval(tdomf_get_option_form(TDOMF_OPTION_QUEUE_PERIOD, $form_id)) > 0 && !tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) { ?> <h3><?php _e('Submission Queued', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_future" id="tdomf_msg_sub_future" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_FUTURE, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if (get_option(TDOMF_OPTION_SPAM)) { ?> <h3><?php if ($form_edit) { _e('Contribution is Spam', 'tdomf'); } else { _e('Submission is Spam', 'tdomf'); } ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_spam" id="tdomf_msg_sub_spam" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_SPAM, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if (tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) { ?> <h3><?php if ($form_edit) { _e('Contribution awaiting Moderation', 'tdomf'); } else { _e('Submission awaiting Moderation', 'tdomf'); } ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_mod" id="tdomf_msg_sub_mod" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_MOD, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <h3><?php if ($form_edit) { _e('Contribution contains Errors', 'tdomf'); } else { _e('Submission contains Errors', 'tdomf'); } ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_error" id="tdomf_msg_sub_error" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_ERROR, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <h3><?php _e('Banned User', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_user" id="tdomf_msg_perm_banned_user" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <h3><?php _e('Banned IP', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_ip" id="tdomf_msg_perm_banned_ip" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_IP, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php $throttle_rules = tdomf_get_option_form(TDOMF_OPTION_THROTTLE_RULES, $form_id); if (is_array($throttle_rules) && !empty($throttle_rules)) { ?> <h3><?php _e('Throttled Submission', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_throttle" id="tdomf_msg_perm_throttle" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_THROTTLE, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) { ?> <h3><?php _e('Denied User', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_user" id="tdomf_msg_perm_invalid_user" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) { ?> <h3><?php _e('Banned Unregistered User', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_nouser" id="tdomf_msg_perm_invalid_nouser" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_NOUSER, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php if ($form_edit) { ?> <?php /*if(tdomf_get_option_form(TDOMF_OPTION_AJAX_EDIT,$form_id)) {*/ ?> <h3><?php _e('\'Edit Post\' Link Text', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_edit_post_link" id="tdomf_msg_edit_post_link" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_ADD_EDIT_LINK_TEXT, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php /*}*/ ?> <h3><?php _e('Invalid Post for Form', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_post" id="tdomf_msg_invalid_post" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <h3><?php _e('Invalid Form for Post', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_form" id="tdomf_msg_invalid_form" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_FORM, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <h3><?php _e('Locked Post', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_locked_post" id="tdomf_msg_locked_post" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_LOCKED_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php if (get_option(TDOMF_OPTION_SPAM)) { ?> <h3><?php _e('Spam Edit on Post', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_spam_edit_on_post" id="tdomf_msg_spam_edit_on_post" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SPAM_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <h3><?php _e('Unapproved Edit on Post', 'tdomf'); ?> </h3> <textarea title="true" rows="5" cols="70" name="tdomf_msg_unapproved_edit_on_post" id="tdomf_msg_unapproved_edit_on_post" <?php if ($code_on) { ?> class="codepress .php"<?php } ?> ><?php echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_UNAPPROVED_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <?php do_action('tdomf_form_hacker_messages_bottom', $form_id, $mode); ?> <span class="submit"> <input type="submit" value="<?php _e('Save »', 'tdomf'); ?> " id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" /> <input type="submit" value="<?php _e('Reset »', 'tdomf'); ?> " id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" /> </span> </form> <?php } else { ?> <!-- <div id="tdomf_help" class='hidden'> --> <p><?php _e("You can use this page to hack the generated HTML code for your form without modifing the code of TDOMF. Please only do this if you know what you are doing. From here you can modify titles, default values, re-arrange fields, etc. etc.", "tdomf"); ?> </p> <p><?php _e('Do not modify or remove the "name" and "id" attributes of fields as this is what the widgets and TDOMF use to get input values for processing', 'tdomf'); ?> </p> <p><?php printf(__("Every time a form is generated, it creates a unique key. If you hack the form, make sure you keep <code>%s</code> (and also <code>%s</code>) within the form. TDOMF will replace this string with the unique key.", "tdomf"), TDOMF_MACRO_FORMKEY, TDOMF_MACRO_FORMURL); ?> </p> <p><?php _e("PHP code can be included in the hacked form. Also TDOMF will automatically expand these macro strings:", "tdomf"); ?> <ul> <li><?php printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME); ?> <li><?php printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP); ?> <li><?php printf(__("<code>%s</code> - The form's unique key", "tdomf"), TDOMF_MACRO_FORMKEY); ?> <li><?php printf(__("<code>%s</code> - The current URL of the form", "tdomf"), TDOMF_MACRO_FORMURL); ?> <li><?php printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id); ?> <li><?php printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME); ?> <li><?php printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION); ?> <li><?php printf(__("<code>%s</code> - Form Output (such as preview, errors, etc.). This is automatically encapsulated in a div called tdomf_form_message (and tdomf_form_preview for preview)", "tdomf"), TDOMF_MACRO_FORMMESSAGE); ?> <li><?php printf(__("<code>%swidget-name%s</code> - Original, unmodified output from 'widget-name'", "tdomf"), TDOMF_MACRO_WIDGET_START, TDOMF_MACRO_END); ?> </ul> </p> <!-- </div> --> <form method="post" name="formhacker" id="formhacker"> <?php if (function_exists('wp_nonce_field')) { wp_nonce_field('tdomf-form-hacker'); } ?> <p class="submit"> <input type="submit" value="<?php _e('Save »', 'tdomf'); ?> " id="tdomf_form_hack_save" name="tdomf_form_hack_save" /> <input type="submit" value="<?php _e('Reset »', 'tdomf'); ?> " id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" /> </p> <?php if (tdomf_widget_is_preview_avaliable($form_id)) { ?> <h3><?php _e('Core Form', 'tdomf'); ?> </h3> <?php } ?> <?php $cur_form = tdomf_generate_form($form_id, $mode); $form = $cur_form; $hacked_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id); if ($hacked_form != false) { $form = $hacked_form; } ?> <?php if ($hacked_form != false) { ?> <?php _e("You can diff the hacked form to see what you have changed", "tdomf"); ?> <ul> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form1=hack&form2=cur"><?php _e("Diff Hacked Form with Current Form", "tdomf"); ?> </a></li> <?php $org_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id); if (trim($cur_form) != trim($org_form)) { ?> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form2=hack&form1=org"><?php _e("Diff Hacked Form with Previous Form", "tdomf"); ?> </a></li> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form2=cur&form1=org"><?php _e("Diff Current Form with Previous Form", "tdomf"); ?> </a></li> <?php } ?> </ul> <?php } ?> <textarea title="true" rows="30" cols="100" name="tdomf_form_hack" id="tdomf_form_hack" class="codepress .php" ><?php echo htmlentities($form, ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php if (tdomf_widget_is_preview_avaliable($form_id)) { ?> <h3><?php _e('Form Preview', 'tdomf'); ?> </h3> <?php $cur_preview = tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode); $preview = $cur_preview; $hacked_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id); if ($hacked_preview != false) { $preview = $hacked_preview; } ?> <?php if ($hacked_preview != false) { ?> <?php _e("You can diff the hacked preview to see what you have changed", "tdomf"); ?> <ul> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form1=hack&form2=cur&type=preview"><?php _e("Diff Hacked Preview with Current Preview", "tdomf"); ?> </a></li> <?php $org_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id); if (trim($cur_preview) != trim($org_preview)) { ?> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form2=hack&form1=org&type=preview"><?php _e("Diff Hacked Preview with Previous Preview", "tdomf"); ?> </a></li> <li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php echo $form_id; ?> &mode=<?php echo $mode; ?> &diff&form2=cur&form1=org&type=preview"><?php _e("Diff Current Preview with Previous Preview", "tdomf"); ?> </a></li> <?php } ?> </ul> <?php } ?> <textarea title="true" rows="15" cols="100" name="tdomf_form_preview_hack" id="tdomf_form_preview_hack" class="codepress .php"><?php echo htmlentities($preview, ENT_NOQUOTES, get_bloginfo('charset')); ?> </textarea> <br/><br/> <?php } ?> <!-- @TODO Validation Message Hacker --> <!-- @TODO Upload Form Hacker --> <?php do_action('tdomf_form_hacker_bottom', $form_id, $mode); ?> <span class="submit"> <input type="submit" value="<?php _e('Save »', 'tdomf'); ?> " id="tdomf_form_hack_save" name="tdomf_form_hack_save" /> <input type="submit" value="<?php _e('Reset »', 'tdomf'); ?> " id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" /> </span> </form> <!-- @TODO: warning about updated form (with dismiss link) --> <?php } ?> </div> <?php } } }
function tdomf_get_the_form($form_id = 1, $post_id = false) { return tdomf_generate_form($form_id, false, $post_id); }
function tdomf_show_your_submissions_menu() { global $current_user; // how many of the recently published/approved entries to see // $limit = 10; get_currentuserinfo(); $tdomf_flag = get_usermeta($current_user->ID, TDOMF_KEY_FLAG); $sub_total = tdomf_get_users_submitted_posts_count($current_user->ID); $app_total = tdomf_get_users_published_posts_count($current_user->ID); $user_status = get_usermeta($current_user->ID, TDOMF_KEY_STATUS); $app_posts = tdomf_get_user_published_posts($current_user->ID, 0, $limit); $mod_posts = tdomf_get_user_draft_posts($current_user->ID); $mod_total = count($mod_posts); $fut_posts = tdomf_get_user_scheduled_posts($current_user->ID); $fut_total = count($fut_posts); $unapp_edits = tdomf_get_edits(array('state' => 'unapproved', 'unique_post_ids' => true, 'user_id' => $current_user->ID)); $app_edits = tdomf_get_edits(array('state' => 'approved', 'unique_post_ids' => true, 'user_id' => $current_user->ID, 'limit' => $limit)); ?> <div class="wrap"> <h2><?php _e('Your Submissions', 'tdomf'); ?> </h2> <?php if (in_array($_REQUEST['REMOTE_ADDR'], tdomf_get_ips_banned())) { ?> <?php printf(__("You are logged on from the banned IP %s. If this is in error please contact the <a href='mailto:%s'>admins</a>.", "tdomf"), $_SERVER['REMOTE_ADDR'], get_bloginfo('admin_email')); ?> <?php } else { if ($user_status == TDOMF_USER_STATUS_BANNED) { ?> <?php printf(__("You are banned from using this functionality on this site. If this is in error please contact the <a href='mailto:%s'>admins</a>.", "tdomf"), get_bloginfo('admin_email')); ?> <?php } else { ?> <p> <?php if ($user_status == TDOMF_USER_STATUS_TRUSTED) { ?> <?php printf(__("Good to see you again <b>%s</b>! ", "tdomf"), $current_user->display_name); ?> <?php } else { if ($tdomf_flag) { ?> <?php printf(__("Welcome back <b>%s</b>!", "tdomf"), $current_user->display_name); ?> <?php } else { ?> <?php printf(__("Welcome <b>%s</b>.", "tdomf"), $current_user->display_name); ?> <?php } } ?> </p> <p><?php printf(__("From here you can submit posts to the %s using the form below and check on the status of your submissions.", "tdomf"), get_bloginfo()); ?> </p> <?php if (current_user_can('edit_others_posts') || current_user_can('manage_options')) { ?> <ul> <?php if (current_user_can('manage_options')) { ?> <li><a href="admin.php?page=tdomf_show_options_menu"><?php _e("Configure Options", "tdomf"); ?> </a></li> <li><a href="admin.php?page=tdomf_show_form_menu"><?php _e("Modify Form", "tdomf"); ?> </a></li> <?php } ?> <li><a href="admin.php?page=tdomf_show_mod_posts_menu"><?php _e("Moderate Submissions", "tdomf"); ?> </a></li> </ul> <?php } ?> <?php if ($tdomf_flag && ($sub_total > 0 || $app_total > 0)) { ?> <?php if ($fut_total > 0) { ?> <h3><?php printf(__('Your Next %d Scheduled Submissions', 'tdomf'), $fut_total); ?> </h3> <ul> <?php foreach ($fut_posts as $p) { ?> <li> <?php $t_time = get_the_time(__('Y/m/d g:i:s A')); $m_time = $p->post_date; $time = tdomf_get_post_time('G', true, $p); if (abs(time() - $time) < 86400) { $h_time = sprintf(__('%s from now'), human_time_diff($time)); } else { $h_time = mysql2date(__('Y/m/d'), $m_time); } ?> <?php printf(__("<a href='%s'>%s</a> will be published %s", "tdomf"), get_permalink($p->ID), $p->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>"); ?> </li> <?php } ?> </ul> <?php } ?> <?php if ($app_total > 0) { ?> <h3><?php printf(__('Your Last %d Published Submissions', 'tdomf'), $app_total < 5 ? $app_total : 5); ?> </h3> <ul> <?php foreach ($app_posts as $p) { ?> <li> <?php $t_time = get_the_time(__('Y/m/d g:i:s A')); $m_time = $p->post_date; $time = tdomf_get_post_time('G', true, $p); if (abs(time() - $time) < 86400) { $h_time = sprintf(__('%s ago'), human_time_diff($time)); } else { $h_time = mysql2date(__('Y/m/d'), $m_time); } ?> <?php printf(__("<a href='%s'>%s</a> approved %s", "tdomf"), get_permalink($p->ID), $p->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>"); ?> </li> <?php } ?> </ul> <?php } ?> <?php if ($mod_total > 0) { ?> <h3><?php _e('Your Sumissions awaiting Moderation', 'tdomf'); ?> </h3> <ul> <?php foreach ($mod_posts as $p) { ?> <li>"<?php echo $p->post_title; ?> "</li> <?php } ?> </ul> <?php } ?> <?php } ?> <?php if (!empty($app_edits)) { $num = number_format_i18n(count($app_edits)); $text = __ngettext('Your Last Approved Contribution', 'Your Last %d Approved Contributions', count($app_edits)); ?> <h3><?php printf($text, count($app_edits)); ?> </h3> <ul> <?php foreach ($app_edits as $app_edit) { ?> <li> <?php $edit = tdomf_get_edits(array('state' => 'approved', 'post_id' => $app_edit->post_id, 'user_id' => $current_user->ID, 'limit' => 1)); $edit = $edit[0]; $t_time = get_the_time(__('Y/m/d g:i:s A')); $h_time = mysql2date(__('Y/m/d'), $edit->date); $post = get_post($app_edit->post_id); printf(__("<a href='%s'>%s</a> edited %s", "tdomf"), get_permalink($app_edit->post_id), $post->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>"); ?> </li> <?php } ?> </ul> <?php } ?> <?php if (!empty($unapp_edits)) { $num = number_format_i18n(count($unapp_edits)); $text = __ngettext('Your Contribution awaiting Moderation', 'Your Contributions awaiting Moderation', count($unapp_edits)); ?> <h3><?php printf($text, count($unapp_edits)); ?> </h3> <ul> <?php foreach ($unapp_edits as $unapp_edit) { ?> <li> <?php $edit = tdomf_get_edits(array('state' => 'unapproved', 'post_id' => $unapp_edit->post_id, 'user_id' => $current_user->ID, 'limit' => 1)); $edit = $edit[0]; $t_time = get_the_time(__('Y/m/d g:i:s A')); $h_time = mysql2date(__('Y/m/d'), $edit->date); $post = get_post($unapp_edit->post_id); printf(__("<a href='%s'>%s</a> edited %s", "tdomf"), get_permalink($unapp_edit->post_id), $post->post_title, "<abbr title='{$t_time}'>{$h_time}</abbr>"); ?> </li> <?php } ?> </ul> <?php } ?> </div> <!-- Form formatting --> <style> .tdomf_form { } .tdomf_form fieldset legend { #border-bottom: 1px dotted black; font-weight: bold; padding: 0px; margin: 0px; padding-bottom: 10px; } .tdomf_form_preview { border: 1px dotted black; padding: 5px; margin: 5px; margin-bottom: 20px; } .tdomf_form_preview p { margin-left: 15px; } .tdomf_form .required { color: red; } .tdomf_form fieldset { margin-bottom: 10px; border: 0; } </style> <?php $form_ids = tdomf_get_form_ids(); if (!empty($form_ids)) { foreach ($form_ids as $form_id) { if (tdomf_get_option_form(TDOMF_OPTION_INCLUDED_YOUR_SUBMISSIONS, $form_id->form_id)) { $edit = tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $form_id->form_id); $post_id = false; if (isset($_REQUEST['tdomf_post_id'])) { $post_id = intval($_REQUEST['tdomf_post_id']); } $good = true; if ($edit && tdomf_check_permissions_form($form_id->form_id, $post_id) != NULL) { $good = false; } if ($good) { ?> <div class="wrap"> <h2><?php echo tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id->form_id); ?> </h2> <p><?php echo tdomf_get_option_form(TDOMF_OPTION_DESCRIPTION, $form_id->form_id); ?> </p> <?php echo tdomf_generate_form($form_id->form_id); ?> <br/><br/> </div> <?php } } } } ?> <?php } } ?> </div> <p><center><?php _e('Powered by the <a href="http://thedeadone.net/software/tdo-mini-forms-wordpress-plugin/">TDO Mini Forms Plugin.', 'tdomf'); ?> </a></center></p> <?php }