public static function process_form($form_id) { GFCommon::log_debug("GFFormDisplay::process_form(): Starting to process form (#{$form_id}) submission."); $form = GFAPI::get_form($form_id); /** * Filter the form before GF begins to process the submission. * * @param array $form The Form Object */ $filtered_form = gf_apply_filters(array('gform_pre_process', $form['id']), $form); if ($filtered_form !== null) { $form = $filtered_form; } //reading form metadata $form = self::maybe_add_review_page($form); if (!$form['is_active'] || $form['is_trash']) { return; } if (rgar($form, 'requireLogin')) { if (!is_user_logged_in()) { return; } check_admin_referer('gform_submit_' . $form_id, '_gform_submit_nonce_' . $form_id); } $lead = array(); $field_values = RGForms::post('gform_field_values'); $confirmation_message = ''; $source_page_number = self::get_source_page($form_id); $page_number = $source_page_number; $target_page = self::get_target_page($form, $page_number, $field_values); GFCommon::log_debug("GFFormDisplay::process_form(): Source page number: {$source_page_number}. Target page number: {$target_page}."); //Loading files that have been uploaded to temp folder $files = GFCommon::json_decode(stripslashes(RGForms::post('gform_uploaded_files'))); if (!is_array($files)) { $files = array(); } RGFormsModel::$uploaded_files[$form_id] = $files; $saving_for_later = rgpost('gform_save') ? true : false; $is_valid = true; $failed_validation_page = $page_number; //don't validate when going to previous page or saving for later if (!$saving_for_later && (empty($target_page) || $target_page >= $page_number)) { $is_valid = self::validate($form, $field_values, $page_number, $failed_validation_page); } $log_is_valid = $is_valid ? 'Yes' : 'No'; GFCommon::log_debug("GFFormDisplay::process_form(): After validation. Is submission valid? {$log_is_valid}."); //Upload files to temp folder when saving for later, going to the next page or when submitting the form and it failed validation if ($saving_for_later || $target_page >= $page_number || $target_page == 0 && !$is_valid) { if (!empty($_FILES)) { GFCommon::log_debug('GFFormDisplay::process_form(): Uploading files...'); //Uploading files to temporary folder $files = self::upload_files($form, $files); RGFormsModel::$uploaded_files[$form_id] = $files; } } // Load target page if it did not fail validation or if going to the previous page if (!$saving_for_later && $is_valid) { $page_number = $target_page; } else { $page_number = $failed_validation_page; } $confirmation = ''; if ($is_valid && $page_number == 0 || $saving_for_later) { $ajax = isset($_POST['gform_ajax']); //adds honeypot field if configured if (rgar($form, 'enableHoneypot')) { $form['fields'][] = self::get_honeypot_field($form); } $failed_honeypot = rgar($form, 'enableHoneypot') && !self::validate_honeypot($form); if ($failed_honeypot) { GFCommon::log_debug('GFFormDisplay::process_form(): Failed Honeypot validation. Displaying confirmation and aborting.'); //display confirmation but doesn't process the form when honeypot fails $confirmation = self::handle_confirmation($form, $lead, $ajax); $is_valid = false; } elseif (!$saving_for_later) { GFCommon::log_debug('GFFormDisplay::process_form(): Submission is valid. Moving forward.'); $form = self::update_confirmation($form); //pre submission action /** * Fires before form submission is handled * * Typically used to modify values before the submission is processed. * * @param array $form The Form object */ gf_do_action(array('gform_pre_submission', $form['id']), $form); //pre submission filter $form = gf_apply_filters(array('gform_pre_submission_filter', $form_id), $form); //handle submission $confirmation = self::handle_submission($form, $lead, $ajax); //after submission hook if (has_filter('gform_after_submission') || has_filter("gform_after_submission_{$form['id']}")) { GFCommon::log_debug(__METHOD__ . '(): Executing functions hooked to gform_after_submission.'); } /** * Fires after successful form submission * * Used to perform additional actions after submission * * @param array $lead The Entry object * @param array $form The Form object */ gf_do_action(array('gform_after_submission', $form['id']), $lead, $form); } elseif ($saving_for_later) { GFCommon::log_debug('GFFormDisplay::process_form(): Saving for later.'); $lead = GFFormsModel::get_current_lead(); $form = self::update_confirmation($form, $lead, 'form_saved'); $confirmation = rgar($form['confirmation'], 'message'); $nl2br = rgar($form['confirmation'], 'disableAutoformat') ? false : true; $confirmation = GFCommon::replace_variables($confirmation, $form, $lead, false, true, $nl2br); $form_unique_id = GFFormsModel::get_form_unique_id($form_id); $ip = GFFormsModel::get_ip(); $source_url = GFFormsModel::get_current_page_url(); $source_url = esc_url_raw($source_url); $resume_token = rgpost('gform_resume_token'); $resume_token = sanitize_key($resume_token); $resume_token = GFFormsModel::save_incomplete_submission($form, $lead, $field_values, $page_number, $files, $form_unique_id, $ip, $source_url, $resume_token); $notifications_to_send = GFCommon::get_notifications_to_send('form_saved', $form, $lead); $log_notification_event = empty($notifications_to_send) ? 'No notifications to process' : 'Processing notifications'; GFCommon::log_debug("GFFormDisplay::process_form(): {$log_notification_event} for form_saved event."); foreach ($notifications_to_send as $notification) { if (isset($notification['isActive']) && !$notification['isActive']) { GFCommon::log_debug("GFFormDisplay::process_form(): Notification is inactive, not processing notification (#{$notification['id']} - {$notification['name']})."); continue; } $notification['message'] = self::replace_save_variables($notification['message'], $form, $resume_token); GFCommon::send_notification($notification, $form, $lead); } self::set_submission_if_null($form_id, 'saved_for_later', true); self::set_submission_if_null($form_id, 'resume_token', $resume_token); GFCommon::log_debug('GFFormDisplay::process_form(): Saved incomplete submission.'); } if (is_array($confirmation) && isset($confirmation['redirect'])) { header("Location: {$confirmation["redirect"]}"); /** * Fires after submission, if the confirmation page includes a redirect * * Used to perform additional actions after submission * * @param array $lead The Entry object * @param array $form The Form object */ gf_do_action(array('gform_post_submission', $form['id']), $lead, $form); exit; } } if (!isset(self::$submission[$form_id])) { self::$submission[$form_id] = array(); } self::set_submission_if_null($form_id, 'is_valid', $is_valid); self::set_submission_if_null($form_id, 'form', $form); self::set_submission_if_null($form_id, 'lead', $lead); self::set_submission_if_null($form_id, 'confirmation_message', $confirmation); self::set_submission_if_null($form_id, 'page_number', $page_number); self::set_submission_if_null($form_id, 'source_page_number', $source_page_number); /** * Fires after the form processing is completed. Form processing happens when submitting a page on a multi-page form (i.e. going to the "Next" or "Previous" page), or * when submitting a single page form. * * @param array $form The Form Object * @param int $page_number In a multi-page form, this variable contains the current page number. * @param int $source_page_number In a multi-page form, this parameters contains the number of the page that the submission came from. * For example, when clicking "Next" on page 1, this parameter will be set to 1. When clicking "Previous" on page 2, this parameter will be set to 2. */ gf_do_action(array('gform_post_process', $form['id']), $form, $page_number, $source_page_number); }
/** * Adds a single Entry object. * * Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here. * Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist). * * @since 1.8 * @access public * @static * * @param array $entry The Entry object * * @return mixed Either the new Entry ID or a WP_Error instance */ public static function add_entry($entry) { global $wpdb; if (!is_array($entry)) { return new WP_Error("invalid_entry_object", __("The entry object must be an array", "gravityforms")); } // make sure the form id exists $form_id = rgar($entry, "form_id"); if (empty($form_id)) { return new WP_Error("empty_form_id", __("The form id must be specified", "gravityforms")); } if (false === self::form_id_exists($form_id)) { return new WP_Error("invalid_form_id", __("The form for this entry does not exist", "gravityforms")); } // use values in the entry object if present $post_id = isset($entry["post_id"]) ? intval($entry["post_id"]) : 'NULL'; $date_created = isset($entry["date_created"]) && $entry["date_created"] != "" ? sprintf("'%s'", mysql_real_escape_string($entry["date_created"])) : "utc_timestamp()"; $is_starred = isset($entry["is_starred"]) ? $entry["is_starred"] : 0; $is_read = isset($entry["is_read"]) ? $entry["is_read"] : 0; $ip = isset($entry["ip"]) ? $entry["ip"] : GFFormsModel::get_ip(); $source_url = isset($entry["source_url"]) ? $entry["source_url"] : GFFormsModel::get_current_page_url(); $user_agent = isset($entry["user_agent"]) ? $entry["user_agent"] : "API"; $currency = isset($entry["currency"]) ? $entry["currency"] : GFCommon::get_currency(); $payment_status = isset($entry["payment_status"]) ? sprintf("'%s'", mysql_real_escape_string($entry["payment_status"])) : 'NULL'; $payment_date = strtotime(rgar($entry, "payment_date")) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry["payment_date"]}"))) : "NULL"; $payment_amount = isset($entry["payment_amount"]) ? (double) $entry["payment_amount"] : 'NULL'; $payment_method = isset($entry["payment_method"]) ? $entry["payment_method"] : ''; $transaction_id = isset($entry["transaction_id"]) ? sprintf("'%s'", mysql_real_escape_string($entry["transaction_id"])) : 'NULL'; $is_fulfilled = isset($entry["is_fulfilled"]) ? intval($entry["is_fulfilled"]) : 'NULL'; $status = isset($entry["status"]) ? $entry["status"] : "active"; global $current_user; $user_id = isset($entry["created_by"]) ? mysql_real_escape_string($entry["created_by"]) : ""; if (empty($user_id)) { $user_id = $current_user && $current_user->ID ? $current_user->ID : 'NULL'; } $transaction_type = isset($entry["transaction_type"]) ? intval($entry["transaction_type"]) : 'NULL'; $lead_table = GFFormsModel::get_lead_table_name(); $result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method)); if (false === $result) { return new WP_Error("insert_entry_properties_failed", __("There was a problem while inserting the entry properties", "gravityforms"), $wpdb->last_error); } // reading newly created lead id $entry_id = $wpdb->insert_id; $entry["id"] = $entry_id; // only save field values for fields that currently exist in the form $form = GFFormsModel::get_form_meta($form_id); foreach ($form["fields"] as $field) { if (in_array($field["type"], array("html", "page", "section"))) { continue; } if (isset($field["inputs"]) && is_array($field["inputs"])) { foreach ($field["inputs"] as $input) { $input_id = $input["id"]; if (isset($entry[(string) $input_id])) { $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[(string) $input_id]); if (false === $result) { return new WP_Error("insert_input_value_failed", __("There was a problem while inserting one of the input values for the entry", "gravityforms"), $wpdb->last_error); } } } } else { $field_id = $field["id"]; $field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : ""; $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value); if (false === $result) { return new WP_Error("insert_field_values_failed", __("There was a problem while inserting the field values", "gravityforms"), $wpdb->last_error); } } } // add save the entry meta values - only for the entry meta currently available for the form, ignore the rest $entry_meta = GFFormsModel::get_entry_meta($form_id); if (is_array($entry_meta)) { foreach (array_keys($entry_meta) as $key) { if (isset($entry[$key])) { gform_update_meta($entry_id, $key, $entry[$key]); } } } return $entry_id; }
public static function replace_variables_prepopulate($text, $url_encode = false, $entry = false, $esc_html = false) { //embed url $current_page_url = RGFormsModel::get_current_page_url(); if ($esc_html) { $current_page_url = esc_html($current_page_url); } if ($url_encode) { $current_page_url = urlencode($current_page_url); } $text = str_replace('{embed_url}', $current_page_url, $text); $local_timestamp = self::get_local_timestamp(time()); //date (mm/dd/yyyy) $local_date_mdy = date_i18n('m/d/Y', $local_timestamp, true); $text = str_replace('{date_mdy}', $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text); //date (dd/mm/yyyy) $local_date_dmy = date_i18n('d/m/Y', $local_timestamp, true); $text = str_replace('{date_dmy}', $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text); // ip $ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip(); $text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text); global $post; $post_array = self::object_to_array($post); preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $text = str_replace($full_tag, $url_encode ? urlencode($post_array[$property]) : $post_array[$property], $text); } //embed post custom fields preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $custom_field_name = $match[1]; $custom_field_value = !empty($post_array['ID']) ? get_post_meta($post_array['ID'], $custom_field_name, true) : ''; $text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text); } //user agent $user_agent = RGForms::get('HTTP_USER_AGENT', $_SERVER); if ($esc_html) { $user_agent = esc_html($user_agent); } if ($url_encode) { $user_agent = urlencode($user_agent); } $text = str_replace('{user_agent}', $user_agent, $text); //referrer $referer = RGForms::get('HTTP_REFERER', $_SERVER); if ($esc_html) { $referer = esc_html($referer); } if ($url_encode) { $referer = urlencode($referer); } $text = str_replace('{referer}', $referer, $text); //logged in user info global $userdata, $wp_version, $current_user; $user_array = self::object_to_array($userdata); preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property]; $value = $url_encode ? urlencode($value) : $value; $text = str_replace($full_tag, $value, $text); } $text = apply_filters('gform_replace_merge_tags', $text, false, $entry, $url_encode, $esc_html, false, false); return $text; }
/** * Adds a single Entry object. * * Intended to be used for importing an entry object. The usual hooks that are triggered while saving entries are not fired here. * Checks that the form id, field ids and entry meta exist and ignores legacy values (i.e. values for fields that no longer exist). * * @since 1.8 * @access public * @static * * @param array $entry The Entry object * * @return mixed Either the new Entry ID or a WP_Error instance */ public static function add_entry($entry) { global $wpdb; if (!is_array($entry)) { return new WP_Error('invalid_entry_object', __('The entry object must be an array', 'gravityforms')); } // make sure the form id exists $form_id = rgar($entry, 'form_id'); if (empty($form_id)) { return new WP_Error('empty_form_id', __('The form id must be specified', 'gravityforms')); } if (false === self::form_id_exists($form_id)) { return new WP_Error('invalid_form_id', __('The form for this entry does not exist', 'gravityforms')); } // use values in the entry object if present $post_id = isset($entry['post_id']) ? intval($entry['post_id']) : 'NULL'; $date_created = isset($entry['date_created']) && $entry['date_created'] != '' ? sprintf("'%s'", esc_sql($entry['date_created'])) : 'utc_timestamp()'; $is_starred = isset($entry['is_starred']) ? $entry['is_starred'] : 0; $is_read = isset($entry['is_read']) ? $entry['is_read'] : 0; $ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip(); $source_url = isset($entry['source_url']) ? $entry['source_url'] : esc_url_raw(GFFormsModel::get_current_page_url()); $user_agent = isset($entry['user_agent']) ? $entry['user_agent'] : 'API'; $currency = isset($entry['currency']) ? $entry['currency'] : GFCommon::get_currency(); $payment_status = isset($entry['payment_status']) ? sprintf("'%s'", esc_sql($entry['payment_status'])) : 'NULL'; $payment_date = strtotime(rgar($entry, 'payment_date')) ? sprintf("'%s'", gmdate('Y-m-d H:i:s', strtotime("{$entry['payment_date']}"))) : 'NULL'; $payment_amount = isset($entry['payment_amount']) ? (double) $entry['payment_amount'] : 'NULL'; $payment_method = isset($entry['payment_method']) ? $entry['payment_method'] : ''; $transaction_id = isset($entry['transaction_id']) ? sprintf("'%s'", esc_sql($entry['transaction_id'])) : 'NULL'; $is_fulfilled = isset($entry['is_fulfilled']) ? intval($entry['is_fulfilled']) : 'NULL'; $status = isset($entry['status']) ? $entry['status'] : 'active'; global $current_user; $user_id = isset($entry['created_by']) ? absint($entry['created_by']) : ''; if (empty($user_id)) { $user_id = $current_user && $current_user->ID ? absint($current_user->ID) : 'NULL'; } $transaction_type = isset($entry['transaction_type']) ? intval($entry['transaction_type']) : 'NULL'; $lead_table = GFFormsModel::get_lead_table_name(); $result = $wpdb->query($wpdb->prepare("\n INSERT INTO {$lead_table}\n (form_id, post_id, date_created, is_starred, is_read, ip, source_url, user_agent, currency, payment_status, payment_date, payment_amount, transaction_id, is_fulfilled, created_by, transaction_type, status, payment_method)\n VALUES\n (%d, {$post_id}, {$date_created}, %d, %d, %s, %s, %s, %s, {$payment_status}, {$payment_date}, {$payment_amount}, {$transaction_id}, {$is_fulfilled}, {$user_id}, {$transaction_type}, %s, %s)\n ", $form_id, $is_starred, $is_read, $ip, $source_url, $user_agent, $currency, $status, $payment_method)); if (false === $result) { return new WP_Error('insert_entry_properties_failed', __('There was a problem while inserting the entry properties', 'gravityforms'), $wpdb->last_error); } // reading newly created lead id $entry_id = $wpdb->insert_id; $entry['id'] = $entry_id; // only save field values for fields that currently exist in the form $form = GFFormsModel::get_form_meta($form_id); foreach ($form['fields'] as $field) { /* @var GF_Field $field */ if (in_array($field->type, array('html', 'page', 'section'))) { continue; } $inputs = $field->get_entry_inputs(); if (is_array($inputs)) { foreach ($inputs as $input) { $input_id = (string) $input['id']; if (isset($entry[$input_id])) { $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $input_id, $entry[$input_id]); if (false === $result) { return new WP_Error('insert_input_value_failed', __('There was a problem while inserting one of the input values for the entry', 'gravityforms'), $wpdb->last_error); } } } } else { $field_id = $field->id; $field_value = isset($entry[(string) $field_id]) ? $entry[(string) $field_id] : ''; $result = GFFormsModel::update_lead_field_value($form, $entry, $field, 0, $field_id, $field_value); if (false === $result) { return new WP_Error('insert_field_values_failed', __('There was a problem while inserting the field values', 'gravityforms'), $wpdb->last_error); } } } // add save the entry meta values - only for the entry meta currently available for the form, ignore the rest $entry_meta = GFFormsModel::get_entry_meta($form_id); if (is_array($entry_meta)) { foreach (array_keys($entry_meta) as $key) { if (isset($entry[$key])) { gform_update_meta($entry_id, $key, $entry[$key], $form['id']); } } } // Refresh the entry $entry = GFAPI::get_entry($entry['id']); /** * Fires after the Entry is added using the API. * * @since 1.9.14.26 * * @param array $entry * @param array $form */ do_action('gform_post_add_entry', $entry, $form); return $entry_id; }
public static function replace_variables_prepopulate($text, $url_encode = false) { //embed url $text = str_replace("{embed_url}", $url_encode ? urlencode(RGFormsModel::get_current_page_url()) : RGFormsModel::get_current_page_url(), $text); $local_timestamp = self::get_local_timestamp(time()); //date (mm/dd/yyyy) $local_date_mdy = date_i18n("m/d/Y", $local_timestamp, true); $text = str_replace("{date_mdy}", $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text); //date (dd/mm/yyyy) $local_date_dmy = date_i18n("d/m/Y", $local_timestamp, true); $text = str_replace("{date_dmy}", $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text); // ip $ip = GFFormsModel::get_ip(); $text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text); global $post; $post_array = self::object_to_array($post); preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $text = str_replace($full_tag, $url_encode ? urlencode($post_array[$property]) : $post_array[$property], $text); } //embed post custom fields preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $custom_field_name = $match[1]; $custom_field_value = !empty($post_array["ID"]) ? get_post_meta($post_array["ID"], $custom_field_name, true) : ""; $text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text); } //user agent $text = str_replace("{user_agent}", $url_encode ? urlencode(RGForms::get("HTTP_USER_AGENT", $_SERVER)) : RGForms::get("HTTP_USER_AGENT", $_SERVER), $text); //referrer $text = str_replace("{referer}", $url_encode ? urlencode(RGForms::get("HTTP_REFERER", $_SERVER)) : RGForms::get("HTTP_REFERER", $_SERVER), $text); //logged in user info global $userdata, $wp_version, $current_user; $user_array = self::object_to_array($userdata); preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property]; $value = $url_encode ? urlencode($value) : $value; $text = str_replace($full_tag, $value, $text); } return $text; }
public static function replace_variables_prepopulate($text, $url_encode = false, $entry = false, $esc_html = false, $form = false, $nl2br = false, $format = 'html') { //embed url $current_page_url = empty($entry) ? RGFormsModel::get_current_page_url() : rgar($entry, 'source_url'); if ($esc_html) { $current_page_url = esc_html($current_page_url); } if ($url_encode) { $current_page_url = urlencode($current_page_url); } $text = str_replace('{embed_url}', $current_page_url, $text); $local_timestamp = self::get_local_timestamp(time()); //date (mm/dd/yyyy) $local_date_mdy = date_i18n('m/d/Y', $local_timestamp, true); $text = str_replace('{date_mdy}', $url_encode ? urlencode($local_date_mdy) : $local_date_mdy, $text); //date (dd/mm/yyyy) $local_date_dmy = date_i18n('d/m/Y', $local_timestamp, true); $text = str_replace('{date_dmy}', $url_encode ? urlencode($local_date_dmy) : $local_date_dmy, $text); // ip $ip = isset($entry['ip']) ? $entry['ip'] : GFFormsModel::get_ip(); $text = str_replace('{ip}', $url_encode ? urlencode($ip) : $ip, $text); $is_singular = is_singular(); global $post; $post_array = self::object_to_array($post); preg_match_all("/\\{embed_post:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $value = $is_singular ? $post_array[$property] : ''; $text = str_replace($full_tag, $url_encode ? urlencode($value) : $value, $text); } //embed post custom fields preg_match_all("/\\{custom_field:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $custom_field_name = $match[1]; $custom_field_value = $is_singular && !empty($post_array['ID']) ? get_post_meta($post_array['ID'], $custom_field_name, true) : ''; $text = str_replace($full_tag, $url_encode ? urlencode($custom_field_value) : $custom_field_value, $text); } //user agent $user_agent = RGForms::get('HTTP_USER_AGENT', $_SERVER); if ($esc_html) { $user_agent = esc_html($user_agent); } if ($url_encode) { $user_agent = urlencode($user_agent); } $text = str_replace('{user_agent}', $user_agent, $text); //referrer $referer = RGForms::get('HTTP_REFERER', $_SERVER); if ($esc_html) { $referer = esc_html($referer); } if ($url_encode) { $referer = urlencode($referer); } $text = str_replace('{referer}', $referer, $text); //logged in user info global $userdata, $wp_version, $current_user; $user_array = self::object_to_array($userdata); preg_match_all("/\\{user:(.*?)\\}/", $text, $matches, PREG_SET_ORDER); foreach ($matches as $match) { $full_tag = $match[0]; $property = $match[1]; $value = version_compare($wp_version, '3.3', '>=') ? $current_user->get($property) : $user_array[$property]; $value = $url_encode ? urlencode($value) : $value; $text = str_replace($full_tag, $value, $text); } /** * Allow the text to be filtered so custom merge tags can be replaced. * * @param string $text The text in which merge tags are being processed. * @param false|array $form The Form object if available or false. * @param false|array $entry The Entry object if available or false. * @param bool $url_encode Indicates if the urlencode function should be applied. * @param bool $esc_html Indicates if the esc_html function should be applied. * @param bool $nl2br Indicates if the nl2br function should be applied. * @param string $format The format requested for the location the merge is being used. Possible values: html, text or url. */ $text = apply_filters('gform_replace_merge_tags', $text, $form, $entry, $url_encode, $esc_html, $nl2br, $format); return $text; }
public static function process_form($form_id) { GFCommon::log_debug("GFFormDisplay::process_form(): Starting to process form (#{$form_id}) submission."); //reading form metadata $form = GFAPI::get_form($form_id); if (!$form['is_active'] || $form['is_trash']) { return; } if (rgar($form, 'requireLogin')) { if (!is_user_logged_in()) { return; } check_admin_referer('gform_submit_' . $form_id, '_gform_submit_nonce_' . $form_id); } //pre process action do_action('gform_pre_process', $form); do_action("gform_pre_process_{$form['id']}", $form); $lead = array(); $field_values = RGForms::post('gform_field_values'); $confirmation_message = ''; $source_page_number = self::get_source_page($form_id); $page_number = $source_page_number; $target_page = self::get_target_page($form, $page_number, $field_values); GFCommon::log_debug("GFFormDisplay::process_form(): Source page number: {$source_page_number}. Target page number: {$target_page}."); //Loading files that have been uploaded to temp folder $files = GFCommon::json_decode(stripslashes(RGForms::post('gform_uploaded_files'))); if (!is_array($files)) { $files = array(); } RGFormsModel::$uploaded_files[$form_id] = $files; $saving_for_later = rgpost('gform_save') ? true : false; $is_valid = true; $failed_validation_page = $page_number; //don't validate when going to previous page or saving for later if (!$saving_for_later && (empty($target_page) || $target_page >= $page_number)) { $is_valid = self::validate($form, $field_values, $page_number, $failed_validation_page); } $log_is_valid = $is_valid ? 'Yes' : 'No'; GFCommon::log_debug("GFFormDisplay::process_form(): After validation. Is submission valid? {$log_is_valid}."); //Upload files to temp folder when saving for later, going to the next page or when submitting the form and it failed validation if ($saving_for_later || $target_page >= $page_number || $target_page == 0 && !$is_valid) { if (!empty($_FILES)) { GFCommon::log_debug('GFFormDisplay::process_form(): Uploading files...'); //Uploading files to temporary folder $files = self::upload_files($form, $files); RGFormsModel::$uploaded_files[$form_id] = $files; } } // Load target page if it did not fail validation or if going to the previous page if (!$saving_for_later && $is_valid) { $page_number = $target_page; } else { $page_number = $failed_validation_page; } $confirmation = ''; if ($is_valid && $page_number == 0 || $saving_for_later) { $ajax = isset($_POST['gform_ajax']); //adds honeypot field if configured if (rgar($form, 'enableHoneypot')) { $form['fields'][] = self::get_honeypot_field($form); } $failed_honeypot = rgar($form, 'enableHoneypot') && !self::validate_honeypot($form); if ($failed_honeypot) { GFCommon::log_debug('GFFormDisplay::process_form(): Failed Honeypot validation. Displaying confirmation and aborting.'); //display confirmation but doesn't process the form when honeypot fails $confirmation = self::handle_confirmation($form, $lead, $ajax); $is_valid = false; } elseif (!$saving_for_later) { GFCommon::log_debug('GFFormDisplay::process_form(): Submission is valid. Moving forward.'); $form = self::update_confirmation($form); //pre submission action do_action('gform_pre_submission', $form); do_action("gform_pre_submission_{$form['id']}", $form); //pre submission filter $form = apply_filters("gform_pre_submission_filter_{$form['id']}", apply_filters('gform_pre_submission_filter', $form)); //handle submission $confirmation = self::handle_submission($form, $lead, $ajax); //after submission hook do_action('gform_after_submission', $lead, $form); do_action("gform_after_submission_{$form['id']}", $lead, $form); } elseif ($saving_for_later) { GFCommon::log_debug('GFFormDisplay::process_form(): Saving for later.'); $lead = GFFormsModel::get_current_lead(); $form = self::update_confirmation($form, $lead, 'form_saved'); $confirmation = rgar($form['confirmation'], 'message'); $nl2br = rgar($form['confirmation'], 'disableAutoformat') ? false : true; $confirmation = GFCommon::replace_variables($confirmation, $form, $lead, false, true, $nl2br); $form_unique_id = GFFormsModel::get_form_unique_id($form_id); $ip = GFFormsModel::get_ip(); $source_url = GFFormsModel::get_current_page_url(); $resume_token = rgpost('gform_resume_token'); $resume_token = GFFormsModel::save_incomplete_submission($form, $lead, $field_values, $page_number, $files, $form_unique_id, $ip, $source_url, $resume_token); $notifications_to_send = GFCommon::get_notifications_to_send('form_saved', $form, $lead); $log_notification_event = empty($notifications_to_send) ? 'No notifications to process' : 'Processing notifications'; GFCommon::log_debug("GFFormDisplay::process_form(): {$log_notification_event} for form_saved event."); foreach ($notifications_to_send as $notification) { if (isset($notification['isActive']) && !$notification['isActive']) { GFCommon::log_debug("GFFormDisplay::process_form(): Notification is inactive, not processing notification (#{$notification['id']} - {$notification['name']})."); continue; } $notification['message'] = self::replace_save_variables($notification['message'], $form, $resume_token); GFCommon::send_notification($notification, $form, $lead); } self::set_submission_if_null($form_id, 'saved_for_later', true); self::set_submission_if_null($form_id, 'resume_token', $resume_token); GFCommon::log_debug('GFFormDisplay::process_form(): Saved incomplete submission.'); } if (is_array($confirmation) && isset($confirmation['redirect'])) { header("Location: {$confirmation["redirect"]}"); do_action('gform_post_submission', $lead, $form); do_action("gform_post_submission_{$form["id"]}", $lead, $form); exit; } } if (!isset(self::$submission[$form_id])) { self::$submission[$form_id] = array(); } self::set_submission_if_null($form_id, 'is_valid', $is_valid); self::set_submission_if_null($form_id, 'form', $form); self::set_submission_if_null($form_id, 'lead', $lead); self::set_submission_if_null($form_id, 'confirmation_message', $confirmation); self::set_submission_if_null($form_id, 'page_number', $page_number); self::set_submission_if_null($form_id, 'source_page_number', $source_page_number); do_action('gform_post_process', $form, $page_number, $source_page_number); do_action("gform_post_process_{$form['id']}", $form, $page_number, $source_page_number); }
public static function process_exterior_pages() { global $wpdb, $gfpdf, $form_id, $lead_ids; /* * If $_GET variable isn't set then stop function */ if (rgempty('gf_pdf', $_GET)) { return; } PDF_Common::get_ids(); $ip = GFFormsModel::get_ip(); /* * Get the template name * Class: PDFGenerator * File: pdf-configuration-indexer.php */ $template = $gfpdf->get_template($form_id); /* * Before setting up PDF options we will check if a configuration is found * If not, we will set up defaults defined in configuration.php */ $index = self::check_configuration($form_id, $template); /* * Authenticate all lead Ids */ $lead_ids = self::validate_entry_ids($lead_ids, $form_id, $ip, $index); if (sizeof($lead_ids) == 0) { if (!is_user_logged_in()) { /* give the user a chance to authenticate */ auth_redirect(); } else { die(__('Access Denied', 'pdfextended')); } } /* * Give user with correct privilages the option to change the PDF template via the URL */ if (is_user_logged_in() && GFCommon::current_user_can_any('gravityforms_view_entries')) { /* * Because this user is logged in with the correct access * we will allow a template to be shown by setting the template variable */ if ($template != $_GET['template'] && substr($_GET['template'], -4) == '.php') { $template = $_GET['template']; } } $pdf_arguments = self::generate_pdf_parameters($index, $form_id, $lead_ids[0], $template); /* * Add output to arguments */ $output = 'view'; if (isset($_GET['download'])) { $output = 'download'; } $pdf_arguments['output'] = $output; /* * While the security above will prevent the PDF being read by non-authorised users, * a user can disable that security with the 'access' => 'all' method (THIS IS NOT RECOMMENDED) * To prevent those PDFs showing up in search engines we will tell them not to index the documents */ if (!headers_sent()) { header("X-Robots-Tag: noindex, nofollow", true); } $gfpdf->render->PDF_Generator($form_id, $lead_ids[0], $pdf_arguments); exit; }
/** * Test that the correct IP is returned by the function * @param String $ip The test IP address * @param String $var The $_SERVER array key * * @group gravityforms * @dataProvider provider_ip_testing */ public function run_ip_test($ip, $var) { $_SERVER[$var] = $ip; $this->assertEquals($ip, GFFormsModel::get_ip()); unset($_SERVER[$var]); }
public function get_payment_transaction($feed, $submission_data, $form, $entry) { $transaction = $this->get_aim(); $feed_name = rgar($feed['meta'], 'feedName'); $this->log_debug(__METHOD__ . "(): Initializing new AuthorizeNetAIM object based on feed #{$feed['id']} - {$feed_name}."); $transaction->amount = $submission_data['payment_amount']; $transaction->card_num = $submission_data['card_number']; $exp_date = str_pad($submission_data['card_expiration_date'][0], 2, '0', STR_PAD_LEFT) . '-' . $submission_data['card_expiration_date'][1]; $transaction->exp_date = $exp_date; $transaction->card_code = $submission_data['card_security_code']; $names = $this->get_first_last_name($submission_data['card_name']); $transaction->first_name = $names['first_name']; $transaction->last_name = $names['last_name']; $transaction->address = trim($submission_data['address'] . ' ' . $submission_data['address2']); $transaction->city = $submission_data['city']; $transaction->state = $submission_data['state']; $transaction->zip = $submission_data['zip']; $transaction->country = $submission_data['country']; $transaction->email = $submission_data['email']; $transaction->description = $submission_data['form_title']; $transaction->email_customer = $feed['meta']['enableReceipt'] == 1 ? 'true' : 'false'; $transaction->duplicate_window = 5; $transaction->customer_ip = GFFormsModel::get_ip(); $transaction->invoice_num = empty($invoice_number) ? uniqid() : $invoice_number; //??? $transaction->phone = $submission_data['phone']; foreach ($submission_data['line_items'] as $line_item) { $taxable = rgempty('taxable', $line_item) ? 'Y' : $line_item['taxable']; $transaction->addLineItem($line_item['id'], $this->remove_spaces($this->truncate($line_item['name'], 31)), $this->truncate($line_item['description'], 255), $line_item['quantity'], GFCommon::to_number($line_item['unit_price']), $taxable); } $this->log_debug(__METHOD__ . '(): $submission_data line_items => ' . print_r($submission_data['line_items'], 1)); return $transaction; }
public function is_limit_reached($form_id) { global $wpdb; $where = array(); $join = array(); $where[] = 'l.status = "active"'; foreach ($this->_args['limit_by'] as $limiter) { switch ($limiter) { case 'role': // user ID is required when limiting by role // user ID is required when limiting by role case 'user_id': $where[] = $wpdb->prepare('l.created_by = %s', get_current_user_id()); break; case 'embed_url': $where[] = $wpdb->prepare('l.source_url = %s', GFFormsModel::get_current_page_url()); break; case 'field_value': $values = $this->get_limit_field_values($form_id, $this->get_limit_field_ids()); // if there is no value submitted for any of our fields, limit is never reached if (empty($values)) { return false; } foreach ($values as $field_id => $value) { $table_slug = sprintf('ld%s', str_replace('.', '_', $field_id)); $join[] = "INNER JOIN {$wpdb->prefix}rg_lead_detail {$table_slug} ON {$table_slug}.lead_id = l.id"; //$where[] = $wpdb->prepare( "CAST( {$table_slug}.field_number as unsigned ) = %f AND {$table_slug}.value = %s", $field_id, $value ); $where[] = $wpdb->prepare("\n( ( {$table_slug}.field_number BETWEEN %s AND %s ) AND {$table_slug}.value = %s )", doubleval($field_id) - 0.001, doubleval($field_id) + 0.001, $value); } break; default: $where[] = $wpdb->prepare('ip = %s', GFFormsModel::get_ip()); } } if ($this->_args['apply_limit_per_form']) { $where[] = $wpdb->prepare('l.form_id = %d', $form_id); } $time_period = $this->_args['time_period']; $time_period_sql = false; if ($time_period === false) { // no time period } else { if (intval($time_period) > 0) { $time_period_sql = $wpdb->prepare('date_created BETWEEN DATE_SUB(utc_timestamp(), INTERVAL %d SECOND) AND utc_timestamp()', $this->_args['time_period']); } else { switch ($time_period) { case 'per_day': case 'day': $time_period_sql = 'DATE( date_created ) = DATE( utc_timestamp() )'; break; case 'per_month': case 'month': $time_period_sql = 'MONTH( date_created ) = MONTH( utc_timestamp() )'; break; case 'per_year': case 'year': $time_period_sql = 'YEAR( date_created ) = YEAR( utc_timestamp() )'; break; } } } if ($time_period_sql) { $where[] = $time_period_sql; } $where = implode(' AND ', $where); $join = implode("\n", $join); $sql = "SELECT count( l.id )\n FROM {$wpdb->prefix}rg_lead l\n {$join}\n WHERE {$where}"; $entry_count = $wpdb->get_var($sql); return $entry_count >= $this->get_limit(); }