function tdomf_get_error_messages($show_links = true, $form_id = 0)
{
global $wpdb, $wp_roles;
if (!isset($wp_roles)) {
$wp_roles = new WP_Roles();
}
$roles = $wp_roles->role_objects;
$message = "";
#if(ini_get('register_globals') && !TDOMF_HIDE_REGISTER_GLOBAL_ERROR){
# $message .= "<font color=\"red\"><strong>".__("ERROR: <em>register_globals</em> is enabled. This is a security risk and also prevents TDO Mini Forms from working.")."</strong></font>";
#}
if (version_compare("5.0.0", phpversion(), ">")) {
$message .= sprintf(__("Warning: You are currently using PHP version %s. It is strongly recommended to use PHP5 with TDO Mini Forms.", "tdomf"), phpversion());
$message .= "<br/>";
}
if (get_option(TDOMF_OPTION_VERIFICATION_METHOD) == 'none') {
$message .= __("Warning: Form input verification is disabled. This is a potential security risk.", "tdomf");
$message .= "<br/>";
}
# Revisions disabled => editing won't work well
if (!constant('WP_POST_REVISIONS')) {
$form_ids = tdomf_get_form_ids();
foreach ($form_ids as $a_form_id) {
if (tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $a_form_id->form_id)) {
$message .= __("Error: Post Revisioning is disabled, post editing will not work correctly!", "tdomf");
$message .= "<br/>";
break;
}
}
}
if (isset($_REQUEST['form']) || $form_id != 0) {
if ($form_id == 0) {
$form_id = intval($_REQUEST['form']);
}
// permissions error
if (tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id) == false) {
$caps = tdomf_get_option_form(TDOMF_OPTION_ALLOW_CAPS, $form_id);
if (is_array($caps) && empty($caps)) {
$caps = false;
}
$users = tdomf_get_option_form(TDOMF_OPTION_ALLOW_USERS, $form_id);
if (is_array($users) && empty($users)) {
$users = false;
}
$publish = tdomf_get_option_form(TDOMF_OPTION_ALLOW_PUBLISH, $form_id);
$role_count = 0;
$role_publish_count = 0;
foreach ($roles as $role) {
if (isset($role->capabilities[TDOMF_CAPABILITY_CAN_SEE_FORM . '_' . $form_id])) {
$role_count++;
if (isset($role->capabilities['publish_posts'])) {
$role_publish_count++;
}
}
}
// if nothing set
if ($role_count == 0 && $caps == false && $users == false && $publish == false) {
if ($show_links) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: No-one has been configured to be able to access the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>";
} else {
$message .= "<font color=\"red\">" . __("<b>Warning</b>: No-one has been configured to be able to access the form!", "tdomf") . "</font><br/>";
}
tdomf_log_message("No-one has been configured to access this form ({$form_id})", TDOMF_LOG_BAD);
} else {
if ($caps == false && $users == false && $role_count == $role_publish_count && $publish == false) {
if ($show_links) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see the form! <a href=\"%s\">Configure on Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_form_options_menu&form={$form_id}") . "</font><br/>";
} else {
$message .= "<font color=\"red\">" . __("<b>Warning</b>: Only users who can <i>already publish posts</i>, can see this form!", "tdomf") . "</font><br/>";
}
tdomf_log_message("Only users who can already publish can access the form ({$form_id})", TDOMF_LOG_BAD);
}
}
}
// form hacker modified
$mode = tdomf_generate_default_form_mode($form_id) . '-hack';
$curr_unmod_prev = trim(tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode));
$org_unmod_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id));
$hacked_prev = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id));
if ($hacked_prev != false && $curr_unmod_prev != $org_unmod_prev) {
$message .= "<font color=\"red\">";
$diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org&type=preview";
$form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}";
$dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss&type=preview", 'tdomf-form-hacker');
$message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the preview output but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss);
$message .= "</font><br/>";
}
$curr_unmod_form = trim(tdomf_generate_form($form_id, $mode));
$org_unmod_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id));
$hacked_form = trim(tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id));
if ($hacked_form != false && $curr_unmod_form != $org_unmod_form) {
$message .= "<font color=\"red\">";
$diffs = "admin.php?page=tdomf_show_form_hacker&form={$form_id}&mode={$mode}&diff&form2=cur&form1=org";
$form_hacker = "admin.php?page=tdomf_show_form_hacker&form={$form_id}";
$dismiss = wp_nonce_url("admin.php?page=tdomf_show_form_hacker&form={$form_id}&dismiss", 'tdomf-form-hacker');
$message .= sprintf(__("<b>Warning</b>: Form configuration has been changed that affect the generated form but Form Hacker has not been updated! <a href='%s'>Diff »</a> | <a href='%s'>Hack Form »</a> | <a href='%s'>Dismiss</a>", "tdomf"), $diffs, $form_hacker, $dismiss);
$message .= "</font><br/>";
}
// widget errors
global $tdomf_form_widgets_admin_errors;
$mode = "new-post";
if (tdomf_get_option_form(TDOMF_OPTION_SUBMIT_PAGE, $form_id)) {
$mode = "new-page";
}
$uri = "admin.php?page=tdomf_show_form_menu&form=" . $form_id;
do_action('tdomf_control_form_start', $form_id, $mode);
$widget_order = tdomf_get_widget_order($form_id);
$widgets = tdomf_filter_widgets($mode, $tdomf_form_widgets_admin_errors);
foreach ($widget_order as $w) {
if (isset($widgets[$w])) {
$widget_message = call_user_func($widgets[$w]['cb'], $form_id, $widgets[$w]['params']);
if (!empty($widget_message)) {
$message .= "<font color=\"red\">" . $widget_message . sprintf(__(" <a href='%s'>Fix »</a>", "tdomf"), $uri) . "</font><br/>";
}
}
}
// @todo check that key is unique in custom fields
}
if (get_option(TDOMF_OPTION_EXTRA_LOG_MESSAGES) && !get_option(TDOMF_OPTION_DISABLE_ERROR_MESSAGES)) {
$message .= "<font color=\"red\">";
if ($show_links) {
$message .= sprintf(__("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! <a href=\"%s\">Change on the Options Page »</a>", "tdomf"), get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu");
} else {
$message .= __("<b>Warning:</b> You have enabled 'Extra Debug Messages' and disabled 'Disable Error Messages'. This invokes a special mode where all PHP errors are turned on. This can lead to unexpected problems and could be considered a security leak! This should only be used for debugging purposes.", "tdomf");
}
$message .= "</font><br/>";
}
$create_user_link = get_bloginfo('wpurl') . "/wp-admin/admin.php?page=tdomf_show_options_menu&action=create_dummy_user";
if (function_exists('wp_nonce_url')) {
$create_user_link = wp_nonce_url($create_user_link, 'tdomf-create-dummy-user');
}
if (get_option(TDOMF_DEFAULT_AUTHOR) == false) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: No default author set! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Option Default Author not set!", TDOMF_LOG_BAD);
} else {
$def_aut = new WP_User(get_option(TDOMF_DEFAULT_AUTHOR));
if (empty($def_aut->data->ID)) {
// User does not exist! Deleting option
delete_option(TDOMF_DEFAULT_AUTHOR);
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Current Default Author does not exist! <a href=\"%s\">Create dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Current Default Author does not exist! Deleting option.", TDOMF_LOG_BAD);
}
if ($def_aut->has_cap("publish_posts")) {
$message .= "<font color=\"red\">" . sprintf(__("<b>Error</b>: Default author can publish posts. Default author should not be able to publish posts! <a href=\"%s\">Create a dummy user for default author automatically »</a>", "tdomf"), $create_user_link) . "</font><br/>";
tdomf_log_message("Option Default Author is set to an author who can publish posts.", TDOMF_LOG_BAD);
}
}
if (function_exists('wp_get_http')) {
$post_uri = TDOMF_URLPATH . 'tdomf-form-post.php';
$headers = wp_get_http($post_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent posts from being submitted. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $post_uri, $post_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$post_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
$ajax_uri = TDOMF_URLPATH . 'tdomf-form-ajax.php';
$headers = wp_get_http($ajax_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will prevent forms that use AJAX from submitting posts. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $ajax_uri, $ajax_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$ajax_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
$css_uri = TDOMF_URLPATH . 'tdomf-style-form.css';
$headers = wp_get_http($css_uri, false, 1);
if ($headers != false && $headers["response"] != '200') {
$message .= "<font color=\"red\">";
$message .= sprintf(__("<b>Error</b>: Got a %d error when checking <a href=\"%s\">%s</a>! This will make your forms, by default, look very ugly. The permissions may be wrong on the tdo-mini-forms folder.", "tdomf"), $headers["response"], $css_uri, $css_uri);
$message .= "</font><br/>";
tdomf_log_message("Did not receive a 200 response when checking {$css_uri}:<pre>" . var_export($headers, true) . "</pre>", TDOMF_LOG_ERROR);
}
}
return $message;
}
function tdomf_show_form_hacker()
{
global $wp_version;
$form_id = false;
if (isset($_REQUEST['form'])) {
$form_id = $_REQUEST['form'];
} else {
$form_id = tdomf_get_first_form_id();
}
if ($form_id == false || !tdomf_form_exists($form_id)) {
?>
<div class="wrap">
<h2><?php
_e('Form Hacker', 'tdomf');
?>
</h2>
<p><?php
if (is_numeric($form_id)) {
printf(__('Invalid Form ID %s specified!'), $form_id);
} else {
_e('No Form ID specified!');
}
?>
</p>
</div>
<?php
} else {
if (isset($_REQUEST['diff'])) {
?>
<div class="wrap">
<?php
tdomf_form_hacker_diff($form_id);
?>
</div> <!-- wrap -->
<?php
} else {
$mode = tdomf_generate_default_form_mode($form_id);
$mode .= '-hack';
tdomf_form_hacker_actions($form_id);
$message = tdomf_get_error_messages(true, $form_id);
if (!empty($message)) {
?>
<div id="message" class="updated fade"><p><?php
echo $message;
?>
</p></div>
<?php
}
tdomf_forms_top_toolbar($form_id, 'tdomf_show_form_hacker');
$form_ids = tdomf_get_form_ids();
?>
<div class="wrap">
<?php
if (!isset($_REQUEST['text'])) {
?>
<h2><?php
printf(__("Form Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id));
?>
</h2>
<?php
} else {
?>
<h2><?php
printf(__("Message Hacker for Form %d: \"%s\"", "tdomf"), $form_id, tdomf_get_option_form(TDOMF_OPTION_NAME, $form_id));
?>
</h2>
<?php
}
?>
<script type="text/javascript">
function tdomfHideHelp() {
jQuery('#tdomf_help').attr('class','hidden');
jQuery('#tdomf_show_help').attr('class','');
jQuery('#tdomf_hide_help').attr('class','hidden');
}
function tdomfShowHelp() {
jQuery('#tdomf_help').attr('class','');
jQuery('#tdomf_show_help').attr('class','hidden');
jQuery('#tdomf_hide_help').attr('class','');
}
</script>
<?php
tdomf_forms_under_title_toolbar($form_id, 'tdomf_show_form_hacker');
?>
<?php
if (isset($_REQUEST['text'])) {
?>
<!-- <div id="tdomf_help" class='hidden'> -->
<?php
$code_on = false;
if (isset($_REQUEST['code'])) {
$code_on = true;
}
?>
<p><?php
_e("You can use this page to modify any messages outputed from TDOMF for your form. From here you can change the post published messages, post held in moderation, etc. etc.", "tdomf");
?>
</p>
<?php
if (version_compare($wp_version, "2.8-beta2", ">=")) {
if (!$code_on) {
?>
<p><a href="admin.php?page=tdomf_show_form_hacker&text&code&form=<?php
echo $form_id;
?>
"><?php
_e("Enable Code Syntax Highlighting...", 'tdomf');
?>
</a></p>
<?php
} else {
?>
<p><a href="admin.php?page=tdomf_show_form_hacker&text&form=<?php
echo $form_id;
?>
"><?php
_e("Disable Code Syntax Highlighting...", 'tdomf');
?>
</a></p>
<?php
}
}
?>
<?php
$form_edit = tdomf_get_option_form(TDOMF_OPTION_FORM_EDIT, $form_id);
?>
<p><?php
_e("PHP code can be included in the hacked messages. Also TDOMF will automatically expand these macro strings:", "tdomf");
?>
<ul>
<li><?php
printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME);
?>
<li><?php
printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP);
?>
<li><?php
printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id);
?>
<li><?php
printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME);
?>
<li><?php
printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION);
?>
<li><?php
printf(__("<code>%s</code> - Submission Errors", "tdomf"), TDOMF_MACRO_SUBMISSIONERRORS);
?>
<?php
if ($form_edit) {
?>
<li><?php
printf(__("<code>%s</code> - URL of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONURL);
?>
<li><?php
printf(__("<code>%s</code> - Original Submission Date", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE);
?>
<li><?php
printf(__("<code>%s</code> - Original Submission Time", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME);
?>
<li><?php
printf(__("<code>%s</code> - Title of Post/Page being edited", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE);
?>
<?php
} else {
?>
<li><?php
printf(__("<code>%s</code> - URL of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONURL);
?>
<li><?php
printf(__("<code>%s</code> - Date of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONDATE);
?>
<li><?php
printf(__("<code>%s</code> - Time of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTIME);
?>
<li><?php
printf(__("<code>%s</code> - Title of Submission", "tdomf"), TDOMF_MACRO_SUBMISSIONTITLE);
?>
<?php
}
?>
</ul>
</p>
<!-- </div> -->
<form method="post" name="formhackermsgs" id="formhackermsgs">
<?php
if (function_exists('wp_nonce_field')) {
wp_nonce_field('tdomf-form-hacker');
}
?>
<p class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" />
</p>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id) && !tdomf_get_option_form(TDOMF_OPTION_REDIRECT, $form_id)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution Approved', 'tdomf');
} else {
_e('Submission Published', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_publish" id="tdomf_msg_sub_publish" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_PUBLISH, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (intval(tdomf_get_option_form(TDOMF_OPTION_QUEUE_PERIOD, $form_id)) > 0 && !tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) {
?>
<h3><?php
_e('Submission Queued', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_future" id="tdomf_msg_sub_future" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_FUTURE, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (get_option(TDOMF_OPTION_SPAM)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution is Spam', 'tdomf');
} else {
_e('Submission is Spam', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_spam" id="tdomf_msg_sub_spam" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_SPAM, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (tdomf_get_option_form(TDOMF_OPTION_MODERATION, $form_id)) {
?>
<h3><?php
if ($form_edit) {
_e('Contribution awaiting Moderation', 'tdomf');
} else {
_e('Submission awaiting Moderation', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_mod" id="tdomf_msg_sub_mod" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_MOD, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<h3><?php
if ($form_edit) {
_e('Contribution contains Errors', 'tdomf');
} else {
_e('Submission contains Errors', 'tdomf');
}
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_sub_error" id="tdomf_msg_sub_error" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SUB_ERROR, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Banned User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_user" id="tdomf_msg_perm_banned_user" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Banned IP', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_banned_ip" id="tdomf_msg_perm_banned_ip" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_BANNED_IP, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
$throttle_rules = tdomf_get_option_form(TDOMF_OPTION_THROTTLE_RULES, $form_id);
if (is_array($throttle_rules) && !empty($throttle_rules)) {
?>
<h3><?php
_e('Throttled Submission', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_throttle" id="tdomf_msg_perm_throttle" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_THROTTLE, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) {
?>
<h3><?php
_e('Denied User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_user" id="tdomf_msg_perm_invalid_user" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_USER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if (!tdomf_get_option_form(TDOMF_OPTION_ALLOW_EVERYONE, $form_id)) {
?>
<h3><?php
_e('Banned Unregistered User', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_perm_invalid_nouser" id="tdomf_msg_perm_invalid_nouser" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_PERM_INVALID_NOUSER, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
if ($form_edit) {
?>
<?php
/*if(tdomf_get_option_form(TDOMF_OPTION_AJAX_EDIT,$form_id)) {*/
?>
<h3><?php
_e('\'Edit Post\' Link Text', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_edit_post_link" id="tdomf_msg_edit_post_link" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_ADD_EDIT_LINK_TEXT, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
/*}*/
?>
<h3><?php
_e('Invalid Post for Form', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_post" id="tdomf_msg_invalid_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Invalid Form for Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_invalid_form" id="tdomf_msg_invalid_form" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_INVALID_FORM, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<h3><?php
_e('Locked Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_locked_post" id="tdomf_msg_locked_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_LOCKED_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
if (get_option(TDOMF_OPTION_SPAM)) {
?>
<h3><?php
_e('Spam Edit on Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_spam_edit_on_post" id="tdomf_msg_spam_edit_on_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_SPAM_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<h3><?php
_e('Unapproved Edit on Post', 'tdomf');
?>
</h3>
<textarea title="true" rows="5" cols="70" name="tdomf_msg_unapproved_edit_on_post" id="tdomf_msg_unapproved_edit_on_post" <?php
if ($code_on) {
?>
class="codepress .php"<?php
}
?>
><?php
echo htmlentities(tdomf_get_message(TDOMF_OPTION_MSG_UNAPPROVED_EDIT_ON_POST, $form_id), ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<?php
do_action('tdomf_form_hacker_messages_bottom', $form_id, $mode);
?>
<span class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_hack_messages_save" name="tdomf_hack_messages_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_hack_messages_reset" name="tdomf_hack_messages_reset" />
</span>
</form>
<?php
} else {
?>
<!-- <div id="tdomf_help" class='hidden'> -->
<p><?php
_e("You can use this page to hack the generated HTML code for your form without modifing the code of TDOMF. Please only do this if you know what you are doing. From here you can modify titles, default values, re-arrange fields, etc. etc.", "tdomf");
?>
</p>
<p><?php
_e('Do not modify or remove the "name" and "id" attributes of fields as this is what the widgets and TDOMF use to get input values for processing', 'tdomf');
?>
</p>
<p><?php
printf(__("Every time a form is generated, it creates a unique key. If you hack the form, make sure you keep <code>%s</code> (and also <code>%s</code>) within the form. TDOMF will replace this string with the unique key.", "tdomf"), TDOMF_MACRO_FORMKEY, TDOMF_MACRO_FORMURL);
?>
</p>
<p><?php
_e("PHP code can be included in the hacked form. Also TDOMF will automatically expand these macro strings:", "tdomf");
?>
<ul>
<li><?php
printf(__("<code>%s</code> - User name of the currently logged in user", "tdomf"), TDOMF_MACRO_USERNAME);
?>
<li><?php
printf(__("<code>%s</code> - IP of the current visitor", "tdomf"), TDOMF_MACRO_IP);
?>
<li><?php
printf(__("<code>%s</code> - The form's unique key", "tdomf"), TDOMF_MACRO_FORMKEY);
?>
<li><?php
printf(__("<code>%s</code> - The current URL of the form", "tdomf"), TDOMF_MACRO_FORMURL);
?>
<li><?php
printf(__("<code>%s</code> - The ID of the current form (which is currently %d)", "tdomf"), TDOMF_MACRO_FORMID, $form_id);
?>
<li><?php
printf(__("<code>%s</code> - Name of the Form (set in options)", "tdomf"), TDOMF_MACRO_FORMNAME);
?>
<li><?php
printf(__("<code>%s</code> - Form Description (set in options)", "tdomf"), TDOMF_MACRO_FORMDESCRIPTION);
?>
<li><?php
printf(__("<code>%s</code> - Form Output (such as preview, errors, etc.). This is automatically encapsulated in a div called tdomf_form_message (and tdomf_form_preview for preview)", "tdomf"), TDOMF_MACRO_FORMMESSAGE);
?>
<li><?php
printf(__("<code>%swidget-name%s</code> - Original, unmodified output from 'widget-name'", "tdomf"), TDOMF_MACRO_WIDGET_START, TDOMF_MACRO_END);
?>
</ul>
</p>
<!-- </div> -->
<form method="post" name="formhacker" id="formhacker">
<?php
if (function_exists('wp_nonce_field')) {
wp_nonce_field('tdomf-form-hacker');
}
?>
<p class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_form_hack_save" name="tdomf_form_hack_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" />
</p>
<?php
if (tdomf_widget_is_preview_avaliable($form_id)) {
?>
<h3><?php
_e('Core Form', 'tdomf');
?>
</h3>
<?php
}
?>
<?php
$cur_form = tdomf_generate_form($form_id, $mode);
$form = $cur_form;
$hacked_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK, $form_id);
if ($hacked_form != false) {
$form = $hacked_form;
}
?>
<?php
if ($hacked_form != false) {
?>
<?php
_e("You can diff the hacked form to see what you have changed", "tdomf");
?>
<ul>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form1=hack&form2=cur"><?php
_e("Diff Hacked Form with Current Form", "tdomf");
?>
</a></li>
<?php
$org_form = tdomf_get_option_form(TDOMF_OPTION_FORM_HACK_ORIGINAL, $form_id);
if (trim($cur_form) != trim($org_form)) {
?>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=hack&form1=org"><?php
_e("Diff Hacked Form with Previous Form", "tdomf");
?>
</a></li>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=cur&form1=org"><?php
_e("Diff Current Form with Previous Form", "tdomf");
?>
</a></li>
<?php
}
?>
</ul>
<?php
}
?>
<textarea title="true" rows="30" cols="100" name="tdomf_form_hack" id="tdomf_form_hack" class="codepress .php" ><?php
echo htmlentities($form, ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
if (tdomf_widget_is_preview_avaliable($form_id)) {
?>
<h3><?php
_e('Form Preview', 'tdomf');
?>
</h3>
<?php
$cur_preview = tdomf_preview_form(array('tdomf_form_id' => $form_id), $mode);
$preview = $cur_preview;
$hacked_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK, $form_id);
if ($hacked_preview != false) {
$preview = $hacked_preview;
}
?>
<?php
if ($hacked_preview != false) {
?>
<?php
_e("You can diff the hacked preview to see what you have changed", "tdomf");
?>
<ul>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form1=hack&form2=cur&type=preview"><?php
_e("Diff Hacked Preview with Current Preview", "tdomf");
?>
</a></li>
<?php
$org_preview = tdomf_get_option_form(TDOMF_OPTION_FORM_PREVIEW_HACK_ORIGINAL, $form_id);
if (trim($cur_preview) != trim($org_preview)) {
?>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=hack&form1=org&type=preview"><?php
_e("Diff Hacked Preview with Previous Preview", "tdomf");
?>
</a></li>
<li><a href="admin.php?page=tdomf_show_form_hacker&form=<?php
echo $form_id;
?>
&mode=<?php
echo $mode;
?>
&diff&form2=cur&form1=org&type=preview"><?php
_e("Diff Current Preview with Previous Preview", "tdomf");
?>
</a></li>
<?php
}
?>
</ul>
<?php
}
?>
<textarea title="true" rows="15" cols="100" name="tdomf_form_preview_hack" id="tdomf_form_preview_hack" class="codepress .php"><?php
echo htmlentities($preview, ENT_NOQUOTES, get_bloginfo('charset'));
?>
</textarea>
<br/><br/>
<?php
}
?>
<!-- @TODO Validation Message Hacker -->
<!-- @TODO Upload Form Hacker -->
<?php
do_action('tdomf_form_hacker_bottom', $form_id, $mode);
?>
<span class="submit">
<input type="submit" value="<?php
_e('Save »', 'tdomf');
?>
" id="tdomf_form_hack_save" name="tdomf_form_hack_save" />
<input type="submit" value="<?php
_e('Reset »', 'tdomf');
?>
" id="tdomf_form_hack_reset" name="tdomf_form_hack_reset" />
</span>
</form>
<!-- @TODO: warning about updated form (with dismiss link) -->
<?php
}
?>
</div>
<?php
}
}
}
$message .= "</div>";
} else {
$message = "<div class=\"tdomf_form_message\" id=\"tdomf_form" . $form_tag . "_message\" name=\"tdomf_form" . $form_tag . "_message\">" . $message . "</div>";
$save_post_info = TRUE;
$hide_form = false;
#tdomf_fixslashesargs();
}
} else {
if (isset($_POST['tdomf_form' . $form_tag . '_preview'])) {
#tdomf_fixslashesargs();
$save_post_info = TRUE;
$hide_form = false;
$message = tdomf_validate_form($_POST, true);
if ($message == NULL) {
$message = "<div class=\"tdomf_form_preview\" id=\"tdomf_form" . $form_tag . "_message\" name=\"tdomf_form" . $form_tag . "_message\">";
$message .= tdomf_preview_form($_POST);
$message .= "</div>";
} else {
$message = "<div class=\"tdomf_form_message\" id=\"tdomf_form" . $form_tag . "_message\" name=\"tdomf_form" . $form_tag . "_message\">" . $message . "</div>";
}
// allows the final check to work when editing
//
unset($post_id);
} else {
if (isset($_POST['tdomf_form' . $form_tag . '_clear'])) {
$message = NULL;
$save_post_info = false;
$hide_form = false;
}
}
}
// Future versions of TDOMF will provide this as an option.
//
#die( "tdomfRedirect$form_tag('http://thedeadone.net/download/tdo-mini-forms-wordpress-plugin/');" );
}
}
}
}
// If retVal is a string, something went wrong!
} else {
tdomf_ajax_exit($form_id, tdomf_get_message_instance(TDOMF_OPTION_MSG_SUB_ERROR, $form_id, false, false, $retVal), false, false, $post_id);
}
} else {
tdomf_ajax_exit($form_id, tdomf_get_message_instance(TDOMF_OPTION_MSG_SUB_ERROR, $form_id, false, false, $message), false, false, $post_id);
}
} else {
if ($_POST['tdomf_action'] == "preview") {
tdomf_log_message("Someone is attempting to preview something");
$message = tdomf_validate_form($tdomf_args, true);
if ($message == NULL) {
tdomf_log_message("Submission validated. Generating preview...");
$message = tdomf_preview_form($tdomf_args);
tdomf_log_message("Now sending back to form using AJAX!");
tdomf_ajax_exit($form_id, $message, false, true, $post_id);
} else {
tdomf_ajax_exit($form_id, sprintf(__("Your submission contained errors:<br/><br/>%s<br/><br/>Please correct and resubmit.", "tdomf"), $message), false, false, $post_id);
}
} else {
tdomf_ajax_exit($form_id, sprintf(__("TDOMF (AJAX) ERROR: unrecognised action %s!", "tdomf"), $_POST['action']), true, false, $post_id);
}
}
tdomf_ajax_exit($form_id, __("ERROR! Should never reach here.", "tdomf"), true, false, $post_id);
