/** * Handle admin ajax * * @since 2.0 */ public function admin_ajax() { if (false === headers_sent()) { pods_session_start(); header('Content-Type: text/html; charset=' . get_bloginfo('charset')); } // Sanitize input $params = pods_unslash((array) $_POST); foreach ($params as $key => $value) { if ('action' == $key) { continue; } unset($params[$key]); $params[str_replace('_podsfix_', '', $key)] = $value; } $params = (object) $params; $component = $params->component; $method = $params->method; if (!isset($component) || !isset($this->components[$component]) || !isset($this->settings['components'][$component])) { pods_error('Invalid AJAX request', $this); } if (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, 'pods-component-' . $component . '-' . $method)) { pods_error('Unauthorized request', $this); } // Cleaning up $params unset($params->action); unset($params->component); unset($params->method); unset($params->_wpnonce); $params = (object) apply_filters('pods_component_ajax_' . $component . '_' . $method, $params, $component, $method); $output = false; // Component init if (isset($this->components[$component]['object']) && method_exists($this->components[$component]['object'], 'init')) { $this->components[$component]['object']->init($this->settings['components'][$component], $component); } // Handle internal methods if (isset($this->components[$component]['object']) && !method_exists($this->components[$component]['object'], 'ajax_' . $method) && method_exists($this, 'admin_ajax_' . $method)) { $output = call_user_func(array($this, 'admin_ajax_' . $method), $component, $params); } elseif (!isset($this->components[$component]['object']) || !method_exists($this->components[$component]['object'], 'ajax_' . $method)) { pods_error('API method does not exist', $this); } else { $output = call_user_func(array($this->components[$component]['object'], 'ajax_' . $method), $params); } if (!is_bool($output)) { echo $output; } die; // KBAI! }
$uri_hash = wp_create_nonce('pods_uri_' . $_SERVER['REQUEST_URI']); $field_hash = wp_create_nonce('pods_fields_' . implode(',', array_keys($submittable_fields))); $uid = @session_id(); if (is_user_logged_in()) { $uid = 'user_' . get_current_user_id(); } $nonce = wp_create_nonce('pods_form_' . $pod->pod . '_' . $uid . '_' . ($duplicate ? 0 : $pod->id()) . '_' . $uri_hash . '_' . $field_hash); if (isset($_POST['_pods_nonce'])) { $action = __('saved', 'pods'); if ('create' == pods_var_raw('do', 'post', 'save')) { $action = __('created', 'pods'); } elseif ('duplicate' == pods_var_raw('do', 'get', 'save')) { $action = __('duplicated', 'pods'); } try { $params = pods_unslash((array) $_POST); $id = $pod->api->process_form($params, $pod, $fields, $thank_you); $message = sprintf(__('<strong>Success!</strong> %s %s successfully.', 'pods'), $obj->item, $action); if (0 < strlen(pods_var('detail_url', $pod->pod_data['options']))) { $message .= ' <a target="_blank" href="' . $pod->field('detail_url') . '">' . sprintf(__('View %s', 'pods'), $obj->item) . '</a>'; } $error = sprintf(__('<strong>Error:</strong> %s %s successfully.', 'pods'), $obj->item, $action); if (0 < $id) { echo $obj->message($message); } else { echo $obj->error($error); } } catch (Exception $e) { echo $obj->error($e->getMessage()); } } elseif (isset($_GET['do'])) {
/** * Handle ajax calls for the administration */ public function admin_ajax() { if (false === headers_sent()) { pods_session_start(); header('Content-Type: text/html; charset=' . get_bloginfo('charset')); } // Sanitize input $params = pods_unslash((array) $_POST); foreach ($params as $key => $value) { if ('action' == $key) { continue; } // Fixup $_POST data $_POST[str_replace('_podsfix_', '', $key)] = $_POST[$key]; // Fixup $params with unslashed data $params[str_replace('_podsfix_', '', $key)] = $value; // Unset the _podsfix_* keys unset($params[$key]); } $params = (object) $params; $methods = array('add_pod' => array('priv' => true), 'save_pod' => array('priv' => true), 'load_sister_fields' => array('priv' => true), 'process_form' => array('custom_nonce' => true), 'upgrade' => array('priv' => true), 'migrate' => array('priv' => true)); $methods = apply_filters('pods_admin_ajax_methods', $methods, $this); if (!isset($params->method) || !isset($methods[$params->method])) { pods_error('Invalid AJAX request', $this); } $defaults = array('priv' => null, 'name' => $params->method, 'custom_nonce' => null); $method = (object) array_merge($defaults, (array) $methods[$params->method]); if (true !== $method->custom_nonce && (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, 'pods-' . $params->method))) { pods_error(__('Unauthorized request', 'pods'), $this); } // Cleaning up $params unset($params->action); unset($params->method); if (true !== $method->custom_nonce) { unset($params->_wpnonce); } // Check permissions (convert to array to support multiple) if (!empty($method->priv) && !pods_is_admin(array('pods')) && true !== $method->priv && !pods_is_admin($method->priv)) { pods_error(__('Access denied', 'pods'), $this); } $params->method = $method->name; $params = apply_filters('pods_api_' . $method->name, $params, $method); $api = pods_api(); if ('upgrade' == $method->name) { $output = (string) pods_upgrade($params->version)->ajax($params); } elseif ('migrate' == $method->name) { $output = (string) apply_filters('pods_api_migrate_run', $params); } else { if (!method_exists($api, $method->name)) { pods_error('API method does not exist', $this); } elseif ('save_pod' == $method->name) { if (isset($params->field_data_json) && is_array($params->field_data_json)) { $params->fields = $params->field_data_json; unset($params->field_data_json); foreach ($params->fields as $k => $v) { if (empty($v)) { unset($params->fields[$k]); } elseif (!is_array($v)) { $params->fields[$k] = (array) @json_decode($v, true); } } } } // Dynamically call the API method $params = (array) $params; $output = call_user_func(array($api, $method->name), $params); } // Output in json format if (false !== $output) { if (is_array($output) || is_object($output)) { wp_send_json($output); } else { echo $output; } } else { pods_error('There was a problem with your request.'); } die; // KBAI! }
/** * Return a variable (if exists) * * @param mixed $var The variable name, can also be a modifier for specific types * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates * @param mixed $default (optional) The default value to set if variable doesn't exist * @param bool $strict (optional) Only allow values (must not be empty) * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @return mixed The variable (if exists), or default value * @since 2.3.10 */ function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array()) { $defaults = array('casting' => false, 'allowed' => null); $params = (object) array_merge($defaults, (array) $params); $output = null; if (null === $type || '' === $type) { // Invalid $type } elseif (is_array($type)) { if (isset($type[$var])) { $output = $type[$var]; } } elseif (is_object($type)) { if (isset($type->{$var})) { $output = $type->{$var}; } } else { $type = strtolower((string) $type); switch ($type) { case 'get': if (isset($_GET[$var])) { $output = pods_unslash($_GET[$var]); } break; case 'post': if (isset($_POST[$var])) { $output = pods_unslash($_POST[$var]); } break; case 'request': if (isset($_REQUEST[$var])) { $output = pods_unslash($_REQUEST[$var]); } break; case 'url': case 'uri': $url = parse_url(pods_current_url()); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'url-relative': $url_raw = pods_current_url(); $prefix = get_site_url(); if (substr($url_raw, 0, strlen($prefix)) == $prefix) { $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw)); } $url = parse_url($url_raw); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'template-url': $output = get_template_directory_uri(); break; case 'stylesheet-url': $output = get_stylesheet_directory_uri(); break; case 'site-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_site_url($blog_id, $path, $scheme); break; case 'home-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_home_url($blog_id, $path, $scheme); break; case 'admin-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_admin_url($blog_id, $path, $scheme); break; case 'includes-url': $output = includes_url($var); break; case 'content-url': $output = content_url($var); break; case 'plugins-url': $path = $plugin = ''; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $plugin = $var[1]; } } else { $path = $var; } $output = plugins_url($path, $plugin); break; case 'network-site-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_site_url($path, $scheme); break; case 'network-home-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_home_url($path, $scheme); break; case 'network-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_admin_url($path, $scheme); break; case 'user-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = user_admin_url($path, $scheme); break; case 'prefix': global $wpdb; $output = $wpdb->prefix; break; case 'server': if (!pods_strict()) { if (isset($_SERVER[$var])) { $output = pods_unslash($_SERVER[$var]); } elseif (isset($_SERVER[strtoupper($var)])) { $output = pods_unslash($_SERVER[strtoupper($var)]); } } break; case 'session': if (isset($_SESSION[$var])) { $output = $_SESSION[$var]; } break; case 'global': case 'globals': if (isset($GLOBALS[$var])) { $output = $GLOBALS[$var]; } break; case 'cookie': if (isset($_COOKIE[$var])) { $output = pods_unslash($_COOKIE[$var]); } break; case 'constant': if (defined($var)) { $output = constant($var); } break; case 'user': if (is_user_logged_in()) { $user = get_userdata(get_current_user_id()); if (isset($user->{$var})) { $value = $user->{$var}; } elseif ('role' == $var) { $value = ''; if (!empty($user->roles)) { $value = array_shift($user->roles); } } else { $value = get_user_meta($user->ID, $var); } if (is_array($value) && !empty($value)) { $output = $value; } elseif (!is_array($value) && 0 < strlen($value)) { $output = $value; } } break; case 'option': $output = get_option($var, $default); break; case 'site-option': $output = get_site_option($var, $default); break; case 'transient': $output = get_transient($var); break; case 'site-transient': $output = get_site_transient($var); break; case 'cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $force = false; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $force = $var[2]; } $var = $var[0]; $output = wp_cache_get($var, $group, $force); } } break; case 'pods-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_transient_get($var, $callback); } break; case 'pods-site-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_site_transient_get($var, $callback); } break; case 'pods-cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_cache_get($var, $group, $callback); } } break; case 'pods-option-cache': $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_option_cache_get($var, $group, $callback); } break; case 'date': $var = explode('|', $var); if (!empty($var)) { $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false); } break; case 'pods': case 'pods_display': /** * @var $pods Pods */ global $pods; if (is_object($pods) && 'Pods' == get_class($pods)) { if ('pods' === $type) { $output = $pods->field($var); if (is_array($output)) { $options = array('field' => $var, 'fields' => $pods->fields); $output = pods_serial_comma($output, $options); } } elseif ('pods_display' === $type) { $output = $pods->display($var); } } break; default: $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params); } } if (null !== $default) { // Set default if (null === $output) { $output = $default; } // Casting if (true === $params->casting) { $output = pods_cast($output, $default); } } // Strict defaults for empty values if (true === $strict) { if (empty($output)) { $output = $default; } } // Allowed values if (null !== $params->allowed) { if (is_array($params->allowed)) { // Not in array and is not the same array if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) { $output = $default; } } elseif ($output !== $params->allowed) { // Value doesn't match $output = $default; } } return $output; }
/** * Handle autocomplete AJAX * * @since 2.3 */ public function admin_ajax_relationship() { pods_session_start(); // Sanitize input $params = pods_unslash((array) $_POST); foreach ($params as $key => $value) { if ('action' == $key) { continue; } unset($params[$key]); $params[str_replace('_podsfix_', '', $key)] = $value; } $params = (object) $params; $uid = @session_id(); if (is_user_logged_in()) { $uid = 'user_' . get_current_user_id(); } $nonce_check = 'pods_relationship_' . (int) $params->pod . '_' . $uid . '_' . $params->uri . '_' . (int) $params->field; if (!isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, $nonce_check)) { pods_error(__('Unauthorized request', 'pods'), PodsInit::$admin); } $api = pods_api(); $pod = $api->load_pod(array('id' => (int) $params->pod)); $field = $api->load_field(array('id' => (int) $params->field, 'table_info' => true)); $id = (int) $params->id; $limit = 15; if (isset($params->limit)) { $limit = (int) $params->limit; } $page = 1; if (isset($params->page)) { $page = (int) $params->page; } if (!isset($params->query) || strlen(trim($params->query)) < 1) { pods_error(__('Invalid field request', 'pods'), PodsInit::$admin); } elseif (empty($pod) || empty($field) || $pod['id'] != $field['pod_id'] || !isset($pod['fields'][$field['name']])) { pods_error(__('Invalid field request', 'pods'), PodsInit::$admin); } elseif ('pick' != $field['type'] || empty($field['table_info'])) { pods_error(__('Invalid field', 'pods'), PodsInit::$admin); } elseif ('single' == pods_var(self::$type . '_format_type', $field) && 'autocomplete' == pods_var(self::$type . '_format_single', $field)) { pods_error(__('Invalid field', 'pods'), PodsInit::$admin); } elseif ('multi' == pods_var(self::$type . '_format_type', $field) && 'autocomplete' == pods_var(self::$type . '_format_multi', $field)) { pods_error(__('Invalid field', 'pods'), PodsInit::$admin); } $object_params = array('name' => $field['name'], 'value' => null, 'options' => array_merge($field, $field['options']), 'pod' => $pod, 'id' => $id, 'context' => 'admin_ajax_relationship', 'data_params' => $params, 'page' => $page, 'limit' => $limit); $pick_data = apply_filters('pods_field_pick_data_ajax', null, $field['name'], null, $field, $pod, $id); if (null !== $pick_data) { $items = $pick_data; } else { $items = $this->get_object_data($object_params); } if (!empty($items) && isset($items[0]) && !is_array($items[0])) { $new_items = array(); foreach ($items as $id => $text) { $new_items[] = array('id' => $id, 'text' => $text, 'image' => ''); } $items = $new_items; } $items = apply_filters('pods_field_pick_data_ajax_items', $items, $field['name'], null, $field, $pod, $id); $items = array('results' => $items); wp_send_json($items); die; // KBAI! }
/** * @param $comment_id */ public function save_comment($comment_id) { $groups = $this->groups_get('comment', 'comment'); if (empty($groups)) { return $comment_id; } elseif (empty($_POST)) { return $comment_id; } elseif (!wp_verify_nonce(pods_v('pods_meta', 'post'), 'pods_meta_comment')) { return $comment_id; } $data = array(); $id = $comment_id; $pod = null; foreach ($groups as $group) { if (empty($group['fields'])) { continue; } if (null === $pod || is_object($pod) && $pod->id() != $id) { if (!is_object(self::$current_pod) || self::$current_pod->pod != $group['pod']['name']) { self::$current_pod = pods($group['pod']['name'], $id, true); } elseif (self::$current_pod->id() != $id) { self::$current_pod->fetch($id); } $pod = self::$current_pod; } foreach ($group['fields'] as $field) { if (false === PodsForm::permission($field['type'], $field['name'], $field, $group['fields'], $pod, $id)) { if (!pods_var('hidden', $field['options'], false)) { continue; } } $data[$field['name']] = ''; if (isset($_POST['pods_meta_' . $field['name']])) { $data[$field['name']] = $_POST['pods_meta_' . $field['name']]; } } } do_action('pods_meta_save_pre_comment', $data, $pod, $id, $groups); if (!empty($pod)) { // Fix for Pods doing it's own sanitization $data = pods_unslash((array) $data); $pod->save($data); } elseif (!empty($id)) { pods_no_conflict_on('comment'); foreach ($data as $field => $value) { update_comment_meta($id, $field, $value); } pods_no_conflict_off('comment'); } do_action('pods_meta_save_comment', $data, $pod, $id, $groups); return $comment_id; }
/** * Import a Package * * @param string|array $data a JSON array package string, or an array of Package Data * @param bool $replace Whether to replace existing pods entirely or just update them * * @return array|bool * * @static * @since 2.0.5 */ public static function import($data, $replace = false) { if (!defined('PODS_FIELD_STRICT')) { define('PODS_FIELD_STRICT', false); } if (!is_array($data)) { $json_data = @json_decode($data, true); if (!is_array($json_data)) { $json_data = @json_decode(pods_unslash($data), true); } $data = $json_data; } if (!is_array($data) || empty($data)) { return false; } $api = pods_api(); if (!isset($data['meta']) || !isset($data['meta']['version']) || empty($data['meta']['version'])) { return false; } // Pods 1.x < 1.10 if (false === strpos($data['meta']['version'], '.') && (int) $data['meta']['version'] < 1000) { $data['meta']['version'] = implode('.', str_split($data['meta']['version'])); } elseif (false === strpos($data['meta']['version'], '.')) { $data['meta']['version'] = pods_version_to_point($data['meta']['version']); } $found = array(); if (isset($data['pods']) && is_array($data['pods'])) { foreach ($data['pods'] as $pod_data) { if (isset($pod_data['id'])) { unset($pod_data['id']); } $pod = $api->load_pod(array('name' => $pod_data['name']), false); $existing_fields = array(); if (!empty($pod)) { // Delete Pod if it exists if ($replace) { $api->delete_pod(array('id' => $pod['id'])); $pod = array('fields' => array()); } else { $existing_fields = $pod['fields']; } } else { $pod = array('fields' => array()); } // Backwards compatibility if (version_compare($data['meta']['version'], '2.0', '<')) { $core_fields = array(array('name' => 'created', 'label' => 'Date Created', 'type' => 'datetime', 'options' => array('datetime_format' => 'ymd_slash', 'datetime_time_type' => '12', 'datetime_time_format' => 'h_mm_ss_A'), 'weight' => 1), array('name' => 'modified', 'label' => 'Date Modified', 'type' => 'datetime', 'options' => array('datetime_format' => 'ymd_slash', 'datetime_time_type' => '12', 'datetime_time_format' => 'h_mm_ss_A'), 'weight' => 2), array('name' => 'author', 'label' => 'Author', 'type' => 'pick', 'pick_object' => 'user', 'options' => array('pick_format_type' => 'single', 'pick_format_single' => 'autocomplete', 'default_value' => '{@user.ID}'), 'weight' => 3)); $found_fields = array(); if (!empty($pod_data['fields'])) { foreach ($pod_data['fields'] as $k => $field) { $field_type = $field['coltype']; if ('txt' == $field_type) { $field_type = 'text'; } elseif ('desc' == $field_type) { $field_type = 'wysiwyg'; } elseif ('code' == $field_type) { $field_type = 'paragraph'; } elseif ('bool' == $field_type) { $field_type = 'boolean'; } elseif ('num' == $field_type) { $field_type = 'number'; } elseif ('date' == $field_type) { $field_type = 'datetime'; } $multiple = min(max((int) $field['multiple'], 0), 1); $new_field = array('name' => trim($field['name']), 'label' => trim($field['label']), 'description' => trim($field['comment']), 'type' => $field_type, 'weight' => (int) $field['weight'], 'options' => array('required' => min(max((int) $field['required'], 0), 1), 'unique' => min(max((int) $field['unique'], 0), 1), 'input_helper' => $field['input_helper'])); if (in_array($new_field['name'], $found_fields)) { unset($pod_data['fields'][$k]); continue; } $found_fields[] = $new_field['name']; if ('pick' == $field_type) { $new_field['pick_object'] = 'pod'; $new_field['pick_val'] = $field['pickval']; if ('wp_user' == $field['pickval']) { $new_field['pick_object'] = 'user'; } elseif ('wp_post' == $field['pickval']) { $new_field['pick_object'] = 'post_type-post'; } elseif ('wp_page' == $field['pickval']) { $new_field['pick_object'] = 'post_type-page'; } elseif ('wp_taxonomy' == $field['pickval']) { $new_field['pick_object'] = 'taxonomy-category'; } // This won't work if the field doesn't exist // $new_field[ 'sister_id' ] = $field[ 'sister_field_id' ]; $new_field['options']['pick_filter'] = $field['pick_filter']; $new_field['options']['pick_orderby'] = $field['pick_orderby']; $new_field['options']['pick_display'] = ''; $new_field['options']['pick_size'] = 'medium'; if (1 == $multiple) { $new_field['options']['pick_format_type'] = 'multi'; $new_field['options']['pick_format_multi'] = 'checkbox'; $new_field['options']['pick_limit'] = 0; } else { $new_field['options']['pick_format_type'] = 'single'; $new_field['options']['pick_format_single'] = 'dropdown'; $new_field['options']['pick_limit'] = 1; } } elseif ('file' == $field_type) { $new_field['options']['file_format_type'] = 'multi'; $new_field['options']['file_type'] = 'any'; } elseif ('number' == $field_type) { $new_field['options']['number_decimals'] = 2; } elseif ('desc' == $field['coltype']) { $new_field['options']['wysiwyg_editor'] = 'tinymce'; } elseif ('text' == $field_type) { $new_field['options']['text_max_length'] = 128; } if (isset($pod['fields'][$new_field['name']])) { $new_field = array_merge($pod['fields'][$new_field['name']], $new_field); } $pod_data['fields'][$k] = $new_field; } } if (pods_var('id', $pod, 0) < 1) { $pod_data['fields'] = array_merge($core_fields, $pod_data['fields']); } if (empty($pod_data['label'])) { $pod_data['label'] = ucwords(str_replace('_', ' ', $pod_data['name'])); } if (isset($pod_data['is_toplevel'])) { $pod_data['show_in_menu'] = 1 == $pod_data['is_toplevel'] ? 1 : 0; unset($pod_data['is_toplevel']); } if (isset($pod_data['detail_page'])) { $pod_data['detail_url'] = $pod_data['detail_page']; unset($pod_data['detail_page']); } if (isset($pod_data['before_helpers'])) { $pod_data['pre_save_helpers'] = $pod_data['before_helpers']; unset($pod_data['before_helpers']); } if (isset($pod_data['after_helpers'])) { $pod_data['post_save_helpers'] = $pod_data['after_helpers']; unset($pod_data['after_helpers']); } if (isset($pod_data['pre_drop_helpers'])) { $pod_data['pre_delete_helpers'] = $pod_data['pre_drop_helpers']; unset($pod_data['pre_drop_helpers']); } if (isset($pod_data['post_drop_helpers'])) { $pod_data['post_delete_helpers'] = $pod_data['post_drop_helpers']; unset($pod_data['post_drop_helpers']); } $pod_data['name'] = pods_clean_name($pod_data['name']); $pod_data = array('name' => $pod_data['name'], 'label' => $pod_data['label'], 'type' => 'pod', 'storage' => 'table', 'fields' => $pod_data['fields'], 'options' => array('pre_save_helpers' => pods_var_raw('pre_save_helpers', $pod_data), 'post_save_helpers' => pods_var_raw('post_save_helpers', $pod_data), 'pre_delete_helpers' => pods_var_raw('pre_delete_helpers', $pod_data), 'post_delete_helpers' => pods_var_raw('post_delete_helpers', $pod_data), 'show_in_menu' => 1 == pods_var_raw('show_in_menu', $pod_data, 0) ? 1 : 0, 'detail_url' => pods_var_raw('detail_url', $pod_data), 'pod_index' => 'name')); } $pod = array_merge($pod, $pod_data); foreach ($pod['fields'] as $k => $field) { if (isset($field['id']) && !isset($existing_fields[$field['name']])) { unset($pod['fields'][$k]['id']); } if (isset($field['pod_id'])) { unset($pod['fields'][$k]['pod_id']); } if (isset($existing_fields[$field['name']])) { if ($existing_field = pods_api()->load_field(array('name' => $field['name'], 'pod' => $pod['name']))) { $pod['fields'][$k]['id'] = $existing_field['id']; } } if (isset($field['pod'])) { unset($pod['fields'][$k]['pod']); } } $api->save_pod($pod); if (!isset($found['pods'])) { $found['pods'] = array(); } $found['pods'][$pod['name']] = $pod['label']; } } if (isset($data['templates']) && is_array($data['templates'])) { foreach ($data['templates'] as $template_data) { if (isset($template_data['id'])) { unset($template_data['id']); } $template = $api->load_template(array('name' => $template_data['name'])); if (!empty($template)) { // Delete Template if it exists if ($replace) { $api->delete_template(array('id' => $template['id'])); $template = array(); } } else { $template = array(); } $template = array_merge($template, $template_data); $api->save_template($template); if (!isset($found['templates'])) { $found['templates'] = array(); } $found['templates'][$template['name']] = $template['name']; } } // Backwards compatibility if (isset($data['pod_pages'])) { $data['pages'] = $data['pod_pages']; unset($data['pod_pages']); } if (isset($data['pages']) && is_array($data['pages'])) { foreach ($data['pages'] as $page_data) { if (isset($page_data['id'])) { unset($page_data['id']); } $page = $api->load_page(array('name' => pods_var_raw('name', $page_data, pods_var_raw('uri', $page_data), null, true))); if (!empty($page)) { // Delete Page if it exists if ($replace) { $api->delete_page(array('id' => $page['id'])); $page = array(); } } else { $page = array(); } // Backwards compatibility if (isset($page_data['uri'])) { $page_data['name'] = $page_data['uri']; unset($page_data['uri']); } if (isset($page_data['phpcode'])) { $page_data['code'] = $page_data['phpcode']; unset($page_data['phpcode']); } $page = array_merge($page, $page_data); $page['name'] = trim($page['name'], '/'); $api->save_page($page); if (!isset($found['pages'])) { $found['pages'] = array(); } $found['pages'][$page['name']] = $page['name']; } } if (isset($data['helpers']) && is_array($data['helpers'])) { foreach ($data['helpers'] as $helper_data) { if (isset($helper_data['id'])) { unset($helper_data['id']); } $helper = $api->load_helper(array('name' => $helper_data['name'])); if (!empty($helper)) { // Delete Helper if it exists if ($replace) { $api->delete_helper(array('id' => $helper['id'])); $helper = array(); } } else { $helper = array(); } // Backwards compatibility if (isset($helper_data['phpcode'])) { $helper_data['code'] = $helper_data['phpcode']; unset($helper_data['phpcode']); } if (isset($helper_data['type'])) { if ('before' == $helper_data['type']) { $helper_data['type'] = 'pre_save'; } elseif ('after' == $helper_data['type']) { $helper_data['type'] = 'post_save'; } } $helper = array_merge($helper, $helper_data); if (isset($helper['type'])) { $helper['helper_type'] = $helper['type']; unset($helper['helper_type']); } $api->save_helper($helper); if (!isset($found['helpers'])) { $found['helpers'] = array(); } $found['helpers'][$helper['name']] = $helper['name']; } } $found = apply_filters('pods_packages_import', $found, $data, $replace); if (!empty($found)) { return $found; } return false; }
/** * Return a variable (if exists) * * @param mixed $var The variable name, can also be a modifier for specific types * @param string|array|object $type (optional) Super globals, url/url-relative, constants, globals, options, transients, cache, user data, Pod field values, dates * @param mixed $default (optional) The default value to set if variable doesn't exist * @param bool $strict (optional) Only allow values (must not be empty) * @param array $params (optional) Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @return mixed The variable (if exists), or default value * @since 2.3.10 */ function pods_v($var = null, $type = 'get', $default = null, $strict = false, $params = array()) { $defaults = array('casting' => false, 'allowed' => null); $params = (object) array_merge($defaults, (array) $params); $output = null; if (null === $type || '' === $type) { // Invalid $type } elseif (is_array($type)) { if (isset($type[$var])) { $output = $type[$var]; } } elseif (is_object($type)) { if (isset($type->{$var})) { $output = $type->{$var}; } } else { $type = strtolower((string) $type); switch ($type) { case 'get': if (isset($_GET[$var])) { $output = pods_unslash($_GET[$var]); } break; case 'post': if (isset($_POST[$var])) { $output = pods_unslash($_POST[$var]); } break; case 'request': if (isset($_REQUEST[$var])) { $output = pods_unslash($_REQUEST[$var]); } break; case 'url': case 'uri': $url = parse_url(pods_current_url()); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'url-relative': $url_raw = pods_current_url(); $prefix = get_site_url(); if (substr($url_raw, 0, strlen($prefix)) == $prefix) { $url_raw = substr($url_raw, strlen($prefix) + 1, strlen($url_raw)); } $url = parse_url($url_raw); $uri = trim($url['path'], '/'); $uri = array_filter(explode('/', $uri)); if ('first' == $var) { $var = 0; } elseif ('last' == $var) { $var = -1; } if (is_numeric($var)) { $output = $var < 0 ? pods_v(count($uri) + $var, $uri) : pods_v($var, $uri); } break; case 'template-url': $output = get_template_directory_uri(); break; case 'stylesheet-url': $output = get_stylesheet_directory_uri(); break; case 'site-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_site_url($blog_id, $path, $scheme); break; case 'home-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_home_url($blog_id, $path, $scheme); break; case 'admin-url': $blog_id = $scheme = null; $path = ''; if (is_array($var)) { if (isset($var[0])) { $blog_id = $var[0]; } elseif (isset($var[1])) { $path = $var[1]; } elseif (isset($var[2])) { $scheme = $var[2]; } } else { $blog_id = $var; } $output = get_admin_url($blog_id, $path, $scheme); break; case 'includes-url': $output = includes_url($var); break; case 'content-url': $output = content_url($var); break; case 'plugins-url': $path = $plugin = ''; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $plugin = $var[1]; } } else { $path = $var; } $output = plugins_url($path, $plugin); break; case 'network-site-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_site_url($path, $scheme); break; case 'network-home-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_home_url($path, $scheme); break; case 'network-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = network_admin_url($path, $scheme); break; case 'user-admin-url': $path = ''; $scheme = null; if (is_array($var)) { if (isset($var[0])) { $path = $var[0]; } elseif (isset($var[1])) { $scheme = $var[1]; } } else { $path = $var; } $output = user_admin_url($path, $scheme); break; case 'prefix': global $wpdb; $output = $wpdb->prefix; break; case 'server': if (!pods_strict()) { if (isset($_SERVER[$var])) { $output = pods_unslash($_SERVER[$var]); } elseif (isset($_SERVER[strtoupper($var)])) { $output = pods_unslash($_SERVER[strtoupper($var)]); } } break; case 'session': if (isset($_SESSION[$var])) { $output = $_SESSION[$var]; } break; case 'global': case 'globals': if (isset($GLOBALS[$var])) { $output = $GLOBALS[$var]; } break; case 'cookie': if (isset($_COOKIE[$var])) { $output = pods_unslash($_COOKIE[$var]); } break; case 'constant': if (defined($var)) { $output = constant($var); } break; case 'user': if (is_user_logged_in()) { $user = get_userdata(get_current_user_id()); if (isset($user->{$var})) { $value = $user->{$var}; } elseif ('role' == $var) { $value = ''; if (!empty($user->roles)) { $value = array_shift($user->roles); } } else { $value = get_user_meta($user->ID, $var); } if (is_array($value) && !empty($value)) { $output = $value; } elseif (!is_array($value) && 0 < strlen($value)) { $output = $value; } } break; case 'option': $output = get_option($var, $default); break; case 'site-option': $output = get_site_option($var, $default); break; case 'transient': $output = get_transient($var); break; case 'site-transient': $output = get_site_transient($var); break; case 'cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $force = false; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $force = $var[2]; } $var = $var[0]; $output = wp_cache_get($var, $group, $force); } } break; case 'pods-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_transient_get($var, $callback); } break; case 'pods-site-transient': $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $callback = $var[1]; } $var = $var[0]; $output = pods_site_transient_get($var, $callback); } break; case 'pods-cache': if (isset($GLOBALS['wp_object_cache']) && is_object($GLOBALS['wp_object_cache'])) { $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_cache_get($var, $group, $callback); } } break; case 'pods-option-cache': $group = 'default'; $callback = null; if (!is_array($var)) { $var = explode('|', $var); } if (isset($var[0])) { if (isset($var[1])) { $group = $var[1]; } if (isset($var[2])) { $callback = $var[2]; } $var = $var[0]; $output = pods_option_cache_get($var, $group, $callback); } break; case 'date': $var = explode('|', $var); if (!empty($var)) { $output = date_i18n($var[0], isset($var[1]) ? strtotime($var[1]) : false); } break; case 'pods': case 'pods_display': /** * @var $pods Pods */ global $pods; if (is_object($pods) && 'Pods' == get_class($pods)) { if ('pods' === $type) { $output = $pods->field($var); if (is_array($output)) { $options = array('field' => $var, 'fields' => $pods->fields); $output = pods_serial_comma($output, $options); } } elseif ('pods_display' === $type) { $output = $pods->display($var); } } break; case 'post_id': if (empty($var)) { if (!empty($default)) { $post_id = $default; } else { // If no $var and no $default then use current post ID $post_id = get_the_ID(); } } else { $post_id = $var; } if (did_action('wpml_loaded')) { /* Only call filter if WPML is installed */ $post_type = get_post_type($post_id); $post_id = apply_filters('wpml_object_id', $post_id, $post_type, true); } elseif (function_exists('pll_get_post')) { $polylang_id = pll_get_post($post_id); if (!empty($polylang_id)) { $post_id = $polylang_id; } } // Add other translation plugin specific code here /** * Filter to override post_id * * Generally used with language translation plugins in order to return the post id of a * translated post * * @param int $post_id The post ID of current post * @param mixed $default The default value to set if variable doesn't exist * @param mixed $var The variable name, can also be a modifier for specific types * @param bool $strict Only allow values (must not be empty) * @param array $params Set 'casting'=>true to cast value from $default, 'allowed'=>$allowed to restrict a value to what's allowed * * @since 2.6.6 */ $output = apply_filters('pods_var_post_id', $post_id, $default, $var, $strict, $params); break; default: $output = apply_filters('pods_var_' . $type, $default, $var, $strict, $params); } } if (null !== $default) { // Set default if (null === $output) { $output = $default; } // Casting if (true === $params->casting) { $output = pods_cast($output, $default); } } // Strict defaults for empty values if (true === $strict) { if (empty($output)) { $output = $default; } } // Allowed values if (null !== $params->allowed) { if (is_array($params->allowed)) { // Not in array and is not the same array if (!in_array($output, $params->allowed) && (!is_array($output) || $output !== $params->allowed)) { $output = $default; } } elseif ($output !== $params->allowed) { // Value doesn't match $output = $default; } } return $output; }
echo $active; ?> ><?php echo esc_html($val['name']); ?> </option> <?php } ?> </select> <?php } } } // Display the search box and submit button $search = empty($_GET[$this->search_var]) ? '' : pods_unslash($_GET[$this->search_var]); if (false !== $show_textbox) { ?> <input type="text" class="pod_search" name="<?php echo esc_attr($this->search_var); ?> " value="<?php echo esc_attr($search); ?> " /> <?php } else { ?> <input type="hidden" name="<?php echo esc_attr($this->search_var); ?>
/** * Handle plupload AJAX * * @since 2.3 */ public function admin_ajax_upload() { pods_session_start(); // Sanitize input $params = pods_unslash((array) $_POST); foreach ($params as $key => $value) { if ('action' == $key) { continue; } unset($params[$key]); $params[str_replace('_podsfix_', '', $key)] = $value; } $params = (object) $params; $methods = array('upload'); if (!isset($params->method) || !in_array($params->method, $methods) || !isset($params->pod) || !isset($params->field) || !isset($params->uri) || empty($params->uri)) { pods_error('Invalid AJAX request', PodsInit::$admin); } elseif (!empty($params->pod) && empty($params->field)) { pods_error('Invalid AJAX request', PodsInit::$admin); } elseif (empty($params->pod) && !current_user_can('upload_files')) { pods_error('Invalid AJAX request', PodsInit::$admin); } // Flash often fails to send cookies with the POST or upload, so we need to pass it in GET or POST instead if (is_ssl() && empty($_COOKIE[SECURE_AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) { $_COOKIE[SECURE_AUTH_COOKIE] = $_REQUEST['auth_cookie']; } elseif (empty($_COOKIE[AUTH_COOKIE]) && !empty($_REQUEST['auth_cookie'])) { $_COOKIE[AUTH_COOKIE] = $_REQUEST['auth_cookie']; } if (empty($_COOKIE[LOGGED_IN_COOKIE]) && !empty($_REQUEST['logged_in_cookie'])) { $_COOKIE[LOGGED_IN_COOKIE] = $_REQUEST['logged_in_cookie']; } global $current_user; unset($current_user); /** * Access Checking */ $upload_disabled = false; if (defined('PODS_DISABLE_FILE_UPLOAD') && true === PODS_DISABLE_FILE_UPLOAD) { $upload_disabled = true; } elseif (defined('PODS_UPLOAD_REQUIRE_LOGIN') && is_bool(PODS_UPLOAD_REQUIRE_LOGIN) && true === PODS_UPLOAD_REQUIRE_LOGIN && !is_user_logged_in()) { $upload_disabled = true; } elseif (defined('PODS_UPLOAD_REQUIRE_LOGIN') && !is_bool(PODS_UPLOAD_REQUIRE_LOGIN) && (!is_user_logged_in() || !current_user_can(PODS_UPLOAD_REQUIRE_LOGIN))) { $upload_disabled = true; } $uid = @session_id(); if (is_user_logged_in()) { $uid = 'user_' . get_current_user_id(); } $nonce_check = 'pods_upload_' . (int) $params->pod . '_' . $uid . '_' . $params->uri . '_' . (int) $params->field; if (true === $upload_disabled || !isset($params->_wpnonce) || false === wp_verify_nonce($params->_wpnonce, $nonce_check)) { pods_error(__('Unauthorized request', 'pods'), PodsInit::$admin); } $pod = array(); $field = array('type' => 'file', 'options' => array()); $api = pods_api(); $api->display_errors = false; if (!empty($params->pod)) { $pod = $api->load_pod(array('id' => (int) $params->pod)); $field = $api->load_field(array('id' => (int) $params->field)); if (empty($pod) || empty($field) || $pod['id'] != $field['pod_id'] || !isset($pod['fields'][$field['name']])) { pods_error(__('Invalid field request', 'pods'), PodsInit::$admin); } if (!in_array($field['type'], PodsForm::file_field_types())) { pods_error(__('Invalid field', 'pods'), PodsInit::$admin); } } $method = $params->method; // Cleaning up $params unset($params->action); unset($params->method); unset($params->_wpnonce); $params->post_id = pods_var('post_id', $params, 0, null, true); /** * Upload a new file (advanced - returns URL and ID) */ if ('upload' == $method) { $file = $_FILES['Filedata']; $limit_size = pods_var($field['type'] . '_restrict_filesize', $field['options']); if (!empty($limit_size)) { if (false !== stripos($limit_size, 'MB')) { $limit_size = (double) trim(str_ireplace('MB', '', $limit_size)); $limit_size = $limit_size * 1025 * 1025; // convert to KB to B } elseif (false !== stripos($limit_size, 'KB')) { $limit_size = (double) trim(str_ireplace('KB', '', $limit_size)); $limit_size = $limit_size * 1025 * 1025; // convert to B } elseif (false !== stripos($limit_size, 'GB')) { $limit_size = (double) trim(str_ireplace('GB', '', $limit_size)); $limit_size = $limit_size * 1025 * 1025 * 1025; // convert to MB to KB to B } elseif (false !== stripos($limit_size, 'B')) { $limit_size = (double) trim(str_ireplace('B', '', $limit_size)); } else { $limit_size = wp_max_upload_size(); } if (0 < $limit_size && $limit_size < $file['size']) { $error = __('File size too large, max size is %s', 'pods'); $error = sprintf($error, pods_var($field['type'] . '_restrict_filesize', $field['options'])); pods_error('<div style="color:#FF0000">Error: ' . $error . '</div>'); } } $limit_file_type = pods_var($field['type'] . '_type', $field['options'], 'images'); if ('images' == $limit_file_type) { $limit_types = 'jpg,jpeg,png,gif'; } elseif ('video' == $limit_file_type) { $limit_types = 'mpg,mov,flv,mp4'; } elseif ('audio' == $limit_file_type) { $limit_types = 'mp3,m4a,wav,wma'; } elseif ('text' == $limit_file_type) { $limit_types = 'txt,rtx,csv,tsv'; } elseif ('any' == $limit_file_type) { $limit_types = ''; } else { $limit_types = pods_var($field['type'] . '_allowed_extensions', $field['options'], '', null, true); } $limit_types = trim(str_replace(array(' ', '.', "\n", "\t", ';'), array('', ',', ',', ','), $limit_types), ','); if (pods_version_check('wp', '3.5')) { $mime_types = wp_get_mime_types(); if (in_array($limit_file_type, array('images', 'audio', 'video'))) { $new_limit_types = array(); foreach ($mime_types as $type => $mime) { if (0 === strpos($mime, $limit_file_type)) { $type = explode('|', $type); $new_limit_types = array_merge($new_limit_types, $type); } } if (!empty($new_limit_types)) { $limit_types = implode(',', $new_limit_types); } } elseif ('any' != $limit_file_type) { $new_limit_types = array(); $limit_types = explode(',', $limit_types); foreach ($limit_types as $k => $limit_type) { $found = false; foreach ($mime_types as $type => $mime) { if (0 === strpos($mime, $limit_type)) { $type = explode('|', $type); foreach ($type as $t) { if (!in_array($t, $new_limit_types)) { $new_limit_types[] = $t; } } $found = true; } } if (!$found) { $new_limit_types[] = $limit_type; } } if (!empty($new_limit_types)) { $limit_types = implode(',', $new_limit_types); } } } $limit_types = explode(',', $limit_types); $limit_types = array_filter(array_unique($limit_types)); if (!empty($limit_types)) { $ok = false; foreach ($limit_types as $limit_type) { $limit_type = '.' . trim($limit_type, ' .'); $pos = strlen($file['name']) - strlen($limit_type); if ($pos === stripos($file['name'], $limit_type)) { $ok = true; break; } } if (false === $ok) { $error = __('File type not allowed, please use one of the following: %s', 'pods'); $error = sprintf($error, '.' . implode(', .', $limit_types)); pods_error('<div style="color:#FF0000">Error: ' . $error . '</div>'); } } $custom_handler = apply_filters('pods_upload_handle', null, 'Filedata', $params->post_id, $params, $field); if (null === $custom_handler) { $linked = pods_var($field['type'] . '_linked', $field['options'], 0); $attachment_id = media_handle_upload('Filedata', $params->post_id); if (is_object($attachment_id)) { $errors = array(); foreach ($attachment_id->errors['upload_error'] as $error_code => $error_message) { $errors[] = '[' . $error_code . '] ' . $error_message; } pods_error('<div style="color:#FF0000">Error: ' . implode('</div><div>', $errors) . '</div>'); } else { $attachment = get_post($attachment_id, ARRAY_A); $attachment['filename'] = basename($attachment['guid']); $thumb = wp_get_attachment_image_src($attachment['ID'], 'thumbnail', true); $attachment['thumbnail'] = $thumb[0]; $attachment['link'] = ''; if ($linked) { $attachment['link'] = wp_get_attachment_url($attachment['ID']); } $attachment = apply_filters('pods_upload_attachment', $attachment, $params->post_id); wp_send_json($attachment); } } } die; // KBAI! }