function validate_advanced($input) { global $allowedposttags; // dealing with kses $allowed_atts = array('align' => array(), 'class' => array(), 'type' => array(), 'id' => array(), 'dir' => array(), 'lang' => array(), 'style' => array(), 'xml:lang' => array(), 'src' => array(), 'alt' => array(), 'href' => array(), 'rel' => array(), 'target' => array()); $allowedposttags['script'] = $allowed_atts; $allowedposttags['strong'] = $allowed_atts; $allowedposttags['small'] = $allowed_atts; $allowedposttags['span'] = $allowed_atts; $allowedposttags['abbr'] = $allowed_atts; $allowedposttags['code'] = $allowed_atts; $allowedposttags['div'] = $allowed_atts; $allowedposttags['img'] = $allowed_atts; $allowedposttags['h1'] = $allowed_atts; $allowedposttags['h2'] = $allowed_atts; $allowedposttags['h3'] = $allowed_atts; $allowedposttags['h4'] = $allowed_atts; $allowedposttags['h5'] = $allowed_atts; $allowedposttags['ol'] = $allowed_atts; $allowedposttags['ul'] = $allowed_atts; $allowedposttags['li'] = $allowed_atts; $allowedposttags['em'] = $allowed_atts; $allowedposttags['p'] = $allowed_atts; $allowedposttags['a'] = $allowed_atts; if (isset($input['custom_before'])) { $input['custom_before'] = wp_kses_post($input['custom_before'], $allowedposttags); } if (isset($input['custom_after'])) { $input['custom_after'] = wp_kses_post($input['custom_after'], $allowedposttags); } if (isset($input['success_before'])) { $input['success_before'] = wp_kses_post($input['success_before'], $allowedposttags); } if (isset($input['success_after'])) { $input['success_after'] = wp_kses_post($input['success_after'], $allowedposttags); } if (isset($input['error_before'])) { $input['error_before'] = wp_kses_post($input['error_before'], $allowedposttags); } if (isset($input['error_after'])) { $input['error_after'] = wp_kses_post($input['error_after'], $allowedposttags); } if (isset($input['custom_fields'])) { $input['custom_fields'] = wp_kses_post($input['custom_fields'], $allowedposttags); } if (isset($input['success_reg'])) { $input['success_reg'] = wp_kses_post($input['success_reg'], $allowedposttags); } if (isset($input['success_post'])) { $input['success_post'] = wp_kses_post($input['success_post'], $allowedposttags); } if (isset($input['success_both'])) { $input['success_both'] = wp_kses_post($input['success_both'], $allowedposttags); } if (isset($input['success_contact'])) { $input['success_contact'] = wp_kses_post($input['success_contact'], $allowedposttags); } if (isset($input['success_email_reg'])) { $input['success_email_reg'] = wp_kses_post($input['success_email_reg'], $allowedposttags); } if (isset($input['success_email_post'])) { $input['success_email_post'] = wp_kses_post($input['success_email_post'], $allowedposttags); } if (isset($input['success_email_both'])) { $input['success_email_both'] = wp_kses_post($input['success_email_both'], $allowedposttags); } // errors if (isset($input['usp_error_1'])) { $input['usp_error_1'] = wp_filter_nohtml_kses($input['usp_error_1']); } if (isset($input['usp_error_2'])) { $input['usp_error_2'] = wp_filter_nohtml_kses($input['usp_error_2']); } if (isset($input['usp_error_3'])) { $input['usp_error_3'] = wp_filter_nohtml_kses($input['usp_error_3']); } if (isset($input['usp_error_4'])) { $input['usp_error_4'] = wp_filter_nohtml_kses($input['usp_error_4']); } if (isset($input['usp_error_5'])) { $input['usp_error_5'] = wp_filter_nohtml_kses($input['usp_error_5']); } if (isset($input['usp_error_6'])) { $input['usp_error_6'] = wp_filter_nohtml_kses($input['usp_error_6']); } if (isset($input['usp_error_7'])) { $input['usp_error_7'] = wp_filter_nohtml_kses($input['usp_error_7']); } if (isset($input['usp_error_8'])) { $input['usp_error_8'] = wp_filter_nohtml_kses($input['usp_error_8']); } if (isset($input['usp_error_9'])) { $input['usp_error_9'] = wp_filter_nohtml_kses($input['usp_error_9']); } if (isset($input['usp_error_10'])) { $input['usp_error_10'] = wp_filter_nohtml_kses($input['usp_error_10']); } if (isset($input['usp_error_11'])) { $input['usp_error_11'] = wp_filter_nohtml_kses($input['usp_error_11']); } if (isset($input['usp_error_12'])) { $input['usp_error_12'] = wp_filter_nohtml_kses($input['usp_error_12']); } if (isset($input['usp_error_13'])) { $input['usp_error_13'] = wp_filter_nohtml_kses($input['usp_error_13']); } if (isset($input['usp_error_14'])) { $input['usp_error_14'] = wp_filter_nohtml_kses($input['usp_error_14']); } if (isset($input['usp_error_15'])) { $input['usp_error_15'] = wp_filter_nohtml_kses($input['usp_error_15']); } if (isset($input['usp_error_16'])) { $input['usp_error_16'] = wp_filter_nohtml_kses($input['usp_error_16']); } if (isset($input['usp_error_17'])) { $input['usp_error_17'] = wp_filter_nohtml_kses($input['usp_error_17']); } if (isset($input['usp_error_a'])) { $input['usp_error_a'] = wp_filter_nohtml_kses($input['usp_error_a']); } if (isset($input['usp_error_b'])) { $input['usp_error_b'] = wp_filter_nohtml_kses($input['usp_error_b']); } if (isset($input['usp_error_c'])) { $input['usp_error_c'] = wp_filter_nohtml_kses($input['usp_error_c']); } if (isset($input['usp_error_d'])) { $input['usp_error_d'] = wp_filter_nohtml_kses($input['usp_error_d']); } if (isset($input['usp_error_e'])) { $input['usp_error_e'] = wp_filter_nohtml_kses($input['usp_error_e']); } if (isset($input['usp_error_f'])) { $input['usp_error_f'] = wp_filter_nohtml_kses($input['usp_error_f']); } if (isset($input['usp_error_g'])) { $input['usp_error_g'] = wp_filter_nohtml_kses($input['usp_error_g']); } // custom fields foreach ($input as $key => $value) { if (preg_match("/^usp_label_c([0-9]+)\$/i", $key, $match)) { if (isset($input['usp_label_c' . $match[1]])) { $input['usp_label_c' . $match[1]] = wp_filter_nohtml_kses($input['usp_label_c' . $match[1]]); } } elseif (preg_match("/^usp_custom_label_([0-9a-z_-]+)\$/i", $key, $match)) { $custom_merged = usp_merge_custom_fields(); if (in_array($match[1], $custom_merged)) { $input['usp_custom_label_' . $match[1]] = wp_filter_nohtml_kses($input['usp_custom_label_' . $match[1]]); } } } if (isset($input['submit_text'])) { $input['submit_text'] = wp_filter_nohtml_kses($input['submit_text']); } if (isset($input['html_content'])) { $input['html_content'] = wp_filter_nohtml_kses($input['html_content']); } if (isset($input['other_type'])) { $input['other_type'] = wp_filter_nohtml_kses($input['other_type']); } if (isset($input['post_type_slug'])) { $input['post_type_slug'] = wp_filter_nohtml_kses($input['post_type_slug']); } $post_type = $this->post_type_options(); if (!isset($input['post_type'])) { $input['post_type'] = null; } if (!array_key_exists($input['post_type'], $post_type)) { $input['post_type'] = null; } if (isset($input['post_type_role'])) { $input['post_type_role'] = is_array($input['post_type_role']) && !empty($input['post_type_role']) ? array_unique($input['post_type_role']) : array(); } if (isset($input['form_type_role'])) { $input['form_type_role'] = is_array($input['form_type_role']) && !empty($input['form_type_role']) ? array_unique($input['form_type_role']) : array(); } if (!isset($input['success_form'])) { $input['success_form'] = null; } $input['success_form'] = $input['success_form'] == 1 ? 1 : 0; if (!isset($input['enable_autop'])) { $input['enable_autop'] = null; } $input['enable_autop'] = $input['enable_autop'] == 1 ? 1 : 0; if (!isset($input['submit_button'])) { $input['submit_button'] = null; } $input['submit_button'] = $input['submit_button'] == 1 ? 1 : 0; if (!isset($input['fieldsets'])) { $input['fieldsets'] = null; } $input['fieldsets'] = $input['fieldsets'] == 1 ? 1 : 0; if (!isset($input['form_demos'])) { $input['form_demos'] = null; } $input['form_demos'] = $input['form_demos'] == 1 ? 1 : 0; if (!isset($input['post_demos'])) { $input['post_demos'] = null; } $input['post_demos'] = $input['post_demos'] == 1 ? 1 : 0; if (isset($input['custom_prefix'])) { $input['custom_prefix'] = preg_replace('/\\s+/', '', wp_filter_nohtml_kses($input['custom_prefix'])); } if (isset($input['custom_optional'])) { $input['custom_optional'] = preg_replace('/\\s+/', '', wp_filter_nohtml_kses($input['custom_optional'])); } if (isset($input['custom_required'])) { $input['custom_required'] = preg_replace('/\\s+/', '', wp_filter_nohtml_kses($input['custom_required'])); } if (isset($input['form_atts'])) { $input['form_atts'] = sanitize_text_field($input['form_atts']); } return $input; }
public function get_field_val() { global $usp_general, $usp_advanced, $usp_admin; do_action('usp_get_field_val_before', $_POST); if (isset($_POST['usp_form_submit']) && empty($_POST['usp-verify']) && wp_verify_nonce($_POST['usp_form_submit'], 'usp_form_submit') || isset($_GET['usp_reset_form'])) { // AUTHOR NAME $error_1 = ''; if (isset($_POST['usp-name']) && !empty($_POST['usp-name'])) { $usp_author = sanitize_text_field($_POST['usp-name']); if (usp_check_malicious($usp_author)) { $error_1 = 'usp_error_1a'; } } else { if (isset($_POST['usp-name-required'])) { $error_1 = 'usp_error_1'; } $usp_author = ''; } // POST URL $error_2 = ''; if (isset($_POST['usp-url']) && !empty($_POST['usp-url'])) { $usp_url = sanitize_text_field($_POST['usp-url']); } else { if (isset($_POST['usp-url-required'])) { $error_2 = 'usp_error_2'; } $usp_url = ''; } // POST TITLE $error_3 = ''; if (isset($_POST['usp-title']) && !empty($_POST['usp-title'])) { $usp_title = sanitize_text_field($_POST['usp-title']); } else { if (isset($_POST['usp-title-required'])) { $error_3 = 'usp_error_3'; } $usp_title = ''; } // POST TAGS $error_4 = ''; if (isset($_POST['usp-tags']) && !empty($_POST['usp-tags'])) { if (is_array($_POST['usp-tags'])) { $usp_tags = array(); foreach ($_POST['usp-tags'] as $tag_id) { $usp_tags[] = sanitize_text_field($tag_id); } } else { $usp_tags = sanitize_text_field($_POST['usp-tags']); } } else { if (isset($_POST['usp-tags-required'])) { $error_4 = 'usp_error_4'; } $usp_tags = ''; } // POST CAPTCHA $error_5 = ''; $usp_captcha = ''; if (isset($_POST['usp-captcha']) && !empty($_POST['usp-captcha'])) { $usp_captcha = sanitize_text_field($_POST['usp-captcha']); $pass = $this->challenge_question($_POST['usp-captcha']); if (!$pass) { $error_5 = 'usp_error_5a'; } } elseif (isset($_POST['recaptcha_response_field']) && !empty($_POST['recaptcha_response_field'])) { require_once USP_PATH . '/lib/recaptchalib.php'; $publickey = $usp_general['recaptcha_public']; $privatekey = $usp_general['recaptcha_private']; $resp = null; $error = null; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if ($resp->is_valid) { $pass = true; } else { $pass = false; } if (!$pass) { $error_5 = 'usp_error_5a'; } // esc_url($resp->error); } else { if (isset($_POST['usp-captcha-required'])) { $error_5 = 'usp_error_5'; } } // POST CATS $error_6 = ''; if (isset($_POST['usp-category']) && !empty($_POST['usp-category'])) { if (is_array($_POST['usp-category'])) { $usp_category = array(); foreach ($_POST['usp-category'] as $cat_id) { $usp_category[] = sanitize_text_field($cat_id); } } else { $usp_category = sanitize_text_field($_POST['usp-category']); } } else { if (isset($_POST['usp-category-required'])) { $error_6 = 'usp_error_6'; } $usp_category = ''; } // CAT COMBOS $usp_cat_combos = array(); if (isset($_POST['usp-cat-combo-1']) && !empty($_POST['usp-cat-combo-1'])) { if (is_array($_POST['usp-cat-combo-1'])) { foreach ($_POST['usp-cat-combo-1'] as $cat) { $usp_cat_combos[] = sanitize_text_field($cat); } } else { $usp_cat_combos[] = sanitize_text_field($_POST['usp-cat-combo-1']); } } else { if (isset($_POST['usp-cat-combo-1-required'])) { $error_6 = 'usp_error_6'; } } if (isset($_POST['usp-cat-combo-2']) && !empty($_POST['usp-cat-combo-2'])) { if (is_array($_POST['usp-cat-combo-2'])) { foreach ($_POST['usp-cat-combo-2'] as $cat) { $usp_cat_combos[] = sanitize_text_field($cat); } } else { $usp_cat_combos[] = sanitize_text_field($_POST['usp-cat-combo-2']); } } else { if (isset($_POST['usp-cat-combo-2-required'])) { $error_6 = 'usp_error_6'; } } if (isset($_POST['usp-cat-combo-3']) && !empty($_POST['usp-cat-combo-3'])) { if (is_array($_POST['usp-cat-combo-3'])) { foreach ($_POST['usp-cat-combo-3'] as $cat) { $usp_cat_combos[] = sanitize_text_field($cat); } } else { $usp_cat_combos[] = sanitize_text_field($_POST['usp-cat-combo-3']); } } else { if (isset($_POST['usp-cat-combo-3-required'])) { $error_6 = 'usp_error_6'; } } if (!empty($usp_cat_combos)) { if (!empty($usp_category)) { $all_cats = array(); if (is_array($usp_category)) { $all_cats = array_merge($usp_cat_combos, $usp_category); } else { $all_cats = array_push($usp_cat_combos, $usp_category); } $usp_category = array_unique($all_cats); } else { $usp_category = $usp_cat_combos; } } // POST TAX $error_14 = array(); $usp_taxonomy = array(); $usp_taxonomy_required = array(); if (isset($_POST) && !empty($_POST)) { foreach ($_POST as $key => $value) { if (preg_match("/^usp-taxonomy-([0-9a-z_-]+)\$/i", $key, $match)) { if (strpos($match[0], '-required') === false) { if (is_array($value)) { foreach ($value as $val) { if (!empty($val)) { $usp_taxonomy[$match[1]][] = sanitize_text_field($val); } } } else { if (!empty($value)) { $usp_taxonomy[$match[1]] = sanitize_text_field($value); } } } else { $required = $match[1]; $required = substr_replace($required, '', -9); $usp_taxonomy_required['usp_taxonomy_required_' . $required] = $required; } } } foreach ($usp_taxonomy_required as $key => $value) { if (empty($usp_taxonomy[$value])) { $error_14['usp_error_14_' . $value] = 'usp_error_14_' . $value; } } } // POST CONTENT $error_7 = ''; $content_filter = ''; $blocked_terms = $usp_admin['blacklist_terms']; if (isset($_POST['usp-content']) && !empty($_POST['usp-content'])) { $usp_content = $this->sanitize_content($_POST['usp-content']); if (!empty($blocked_terms)) { $blocked_terms = trim($blocked_terms); $blocked_terms = explode("\n", $blocked_terms); foreach ($blocked_terms as $term) { $term = trim($term); if (preg_match("/{$term}/i", $usp_content)) { $content_filter = 'usp_content_filter'; } } } if (isset($usp_general['character_min']) && $usp_general['character_min'] !== '0') { if (strlen($usp_content) < (int) $usp_general['character_min']) { $error_7 = 'usp_error_7a'; } } if (isset($usp_general['character_max']) && $usp_general['character_max'] !== '0') { if (strlen($usp_content) > (int) $usp_general['character_max']) { $error_7 = 'usp_error_7b'; } } } else { if (isset($_POST['usp-content-required'])) { $error_7 = 'usp_error_7'; } $usp_content = ''; } // POST FILES $process_files = $this->process_files(); $usp_files = $process_files['files']; $error_8 = $process_files['error']; // POST EMAIL $error_9 = ''; if (isset($_POST['usp-email']) && !empty($_POST['usp-email'])) { $usp_email = sanitize_email($_POST['usp-email']); if (usp_check_malicious($usp_email)) { $error_9 = 'usp_error_9a'; } } else { if (isset($_POST['usp-email-required'])) { $error_9 = 'usp_error_9'; } $usp_email = ''; } // POST SUBJECT $error_10 = ''; if (isset($_POST['usp-subject']) && !empty($_POST['usp-subject'])) { $usp_subject = sanitize_text_field($_POST['usp-subject']); if (usp_check_malicious($usp_subject)) { $error_10 = 'usp_error_10a'; } } else { if (isset($_POST['usp-subject-required'])) { $error_10 = 'usp_error_10'; } $usp_subject = ''; } // POST FORMAT $error_15 = ''; if (isset($_POST['usp-custom-format']) && !empty($_POST['usp-custom-format'])) { $usp_format = sanitize_text_field($_POST['usp-custom-format']); } else { if (isset($_POST['usp-custom-format-required'])) { $error_15 = 'usp_error_15'; } $usp_format = ''; } // ALT CAPTION DESC TITLE NAME $error_11 = ''; $usp_alt = array(); $error_12 = ''; $usp_caption = array(); $error_13 = ''; $usp_desc = array(); $error_16 = ''; $usp_mediatitle = array(); $error_17 = ''; $usp_filename = array(); if (isset($_POST) && !empty($_POST)) { foreach ($_POST as $key => $value) { if (preg_match("/^usp-custom-alt-([0-9]+)\$/i", $key, $match)) { if (!empty($value)) { ${'usp_alt_' . $match[1]} = sanitize_text_field($value); } else { if (isset($_POST['usp-custom-alt-' . $match[1] . '-required'])) { ${'usp_alt_' . $match[1]} = ''; $error_11 = 'usp_error_11'; } else { ${'usp_alt_' . $match[1]} = ''; } } $usp_alt[] = ${'usp_alt_' . $match[1]}; } if (preg_match("/^usp-custom-caption-([0-9]+)\$/i", $key, $match)) { if (!empty($value)) { ${'usp_caption_' . $match[1]} = sanitize_text_field($value); } else { if (isset($_POST['usp-custom-caption-' . $match[1] . '-required'])) { ${'usp_caption_' . $match[1]} = ''; $error_12 = 'usp_error_12'; } else { ${'usp_caption_' . $match[1]} = ''; } } $usp_caption[] = ${'usp_caption_' . $match[1]}; } if (preg_match("/^usp-custom-desc-([0-9]+)\$/i", $key, $match)) { if (!empty($value)) { ${'usp_desc_' . $match[1]} = sanitize_text_field($value); } else { if (isset($_POST['usp-custom-desc-' . $match[1] . '-required'])) { ${'usp_desc_' . $match[1]} = ''; $error_13 = 'usp_error_13'; } else { ${'usp_desc_' . $match[1]} = ''; } } $usp_desc[] = ${'usp_desc_' . $match[1]}; } if (preg_match("/^usp-custom-mediatitle-([0-9]+)\$/i", $key, $match)) { if (!empty($value)) { ${'usp_mediatitle_' . $match[1]} = sanitize_text_field($value); } else { if (isset($_POST['usp-custom-mediatitle-' . $match[1] . '-required'])) { ${'usp_mediatitle_' . $match[1]} = ''; $error_16 = 'usp_error_16'; } else { ${'usp_mediatitle_' . $match[1]} = ''; } } $usp_mediatitle[] = ${'usp_mediatitle_' . $match[1]}; } if (preg_match("/^usp-custom-filename-([0-9]+)\$/i", $key, $match)) { if (!empty($value)) { ${'usp_filename_' . $match[1]} = sanitize_text_field($value); } else { if (isset($_POST['usp-custom-filename-' . $match[1] . '-required'])) { ${'usp_filename_' . $match[1]} = ''; $error_17 = 'usp_error_17'; } else { ${'usp_filename_' . $match[1]} = ''; } } $usp_filename[] = ${'usp_filename_' . $match[1]}; } } } // CUSTOM FIELDS $usp_custom = array(); $usp_required = array(); $usp_error_custom = array(); $prefix = 'null___'; if (isset($usp_advanced['custom_prefix']) && !empty($usp_advanced['custom_prefix'])) { $prefix = $usp_advanced['custom_prefix']; } // if (isset($_POST) && !empty($_POST)) { foreach ($_POST as $key => $value) { if (preg_match("/^usp-custom-([0-9a-z_-]+)\$/i", $key, $match) || preg_match("/^{$prefix}([0-9a-z_-]+)?\$/i", $key, $match)) { if (strpos($match[0], 'usp-custom-') !== false) { $field = 'usp-custom-'; } else { $field = $prefix; } $excludes = array('-nicename', '-displayname', '-nickname', '-firstname', '-lastname', '-description', '-password', '-format', '-type', '-caption', '-desc', '-alt', '-mediatitle', '-filename'); foreach ($excludes as $exclude) { if (strpos($match[0], $exclude) !== false) { continue 2; } } if (strpos($match[1], '-required') === false) { if (is_array($value)) { foreach ($value as $val) { if (!empty($val)) { $usp_custom[$field . $match[1]][] = htmlspecialchars($val, ENT_QUOTES, get_option('blog_charset', 'UTF-8')); } } } else { if (!empty($value)) { $usp_custom[$field . $match[1]] = htmlspecialchars($value, ENT_QUOTES, get_option('blog_charset', 'UTF-8')); } } } else { $required = substr_replace($match[1], '', -9); $usp_required['usp_required_' . $key] = $required; } } } foreach ($usp_required as $key => $value) { // if (isset($usp_files['field'])) { foreach ($usp_files['field'] as $field) { if (strpos($field, $prefix) !== false) { continue 2; } } } if (strpos($error_8, $prefix) !== false) { continue; } // if (strpos($key, 'usp-custom-') !== false) { $error_prefix = 'usp_error_custom_'; $field = 'usp-custom-'; } else { $error_prefix = 'usp_error_' . $prefix; $field = $prefix; } if (empty($usp_custom[$field . $value])) { $usp_error_custom[$error_prefix . $value] = $error_prefix . $value; } } } // CUSTOM CUSTOM $usp_custom_custom = array(); $usp_custom_required = array(); $usp_ccf_error = array(); $custom_merged = usp_merge_custom_fields(); $custom_required = usp_required_custom_fields(); $custom_custom = array_merge($custom_merged, $custom_required); if (isset($_POST) && !empty($_POST)) { foreach ($_POST as $key => $value) { if (preg_match("/^usp([_-])/i", $key)) { continue; } // if (in_array($key, $custom_custom)) { if (preg_match("/^([0-9a-z_-]+)-required\$/i", $key, $match)) { // if (isset($usp_files['field'])) { foreach ($usp_files['field'] as $field) { if (strpos($field, $match[1]) !== false) { continue 2; } } } if (strpos($error_8, $match[1]) !== false) { continue; } // $usp_custom_required[$match[1]] = $match[1]; } else { if (is_array($value)) { foreach ($value as $val) { if (!empty($val)) { $usp_custom_custom[$key][] = htmlspecialchars($val, ENT_QUOTES, get_option('blog_charset', 'UTF-8')); } } } else { if (!empty($value)) { $usp_custom_custom[$key] = htmlspecialchars($value, ENT_QUOTES, get_option('blog_charset', 'UTF-8')); } } } } } foreach ($usp_custom_required as $key => $value) { if (empty($usp_custom_custom[$key])) { $usp_ccf_error['usp_ccf_error_' . $key] = 'usp_ccf_error_' . $key; } } } // CUSTOM USER $error_a = ''; if (isset($_POST['usp-custom-nicename']) && !empty($_POST['usp-custom-nicename'])) { $usp_nicename = sanitize_text_field($_POST['usp-custom-nicename']); } else { if (isset($_POST['usp-custom-nicename-required'])) { $error_a = 'usp_error_a'; } $usp_nicename = ''; } $error_b = ''; if (isset($_POST['usp-custom-displayname']) && !empty($_POST['usp-custom-displayname'])) { $usp_displayname = sanitize_text_field($_POST['usp-custom-displayname']); } else { if (isset($_POST['usp-custom-displayname-required'])) { $error_b = 'usp_error_b'; } $usp_displayname = ''; } $error_c = ''; if (isset($_POST['usp-custom-nickname']) && !empty($_POST['usp-custom-nickname'])) { $usp_nickname = sanitize_text_field($_POST['usp-custom-nickname']); } else { if (isset($_POST['usp-custom-nickname-required'])) { $error_c = 'usp_error_c'; } $usp_nickname = ''; } $error_d = ''; if (isset($_POST['usp-custom-firstname']) && !empty($_POST['usp-custom-firstname'])) { $usp_firstname = sanitize_text_field($_POST['usp-custom-firstname']); } else { if (isset($_POST['usp-custom-firstname-required'])) { $error_d = 'usp_error_d'; } $usp_firstname = ''; } $error_e = ''; if (isset($_POST['usp-custom-lastname']) && !empty($_POST['usp-custom-lastname'])) { $usp_lastname = sanitize_text_field($_POST['usp-custom-lastname']); } else { if (isset($_POST['usp-custom-lastname-required'])) { $error_e = 'usp_error_e'; } $usp_lastname = ''; } $error_f = ''; if (isset($_POST['usp-custom-description']) && !empty($_POST['usp-custom-description'])) { $usp_description = sanitize_text_field($_POST['usp-custom-description']); } else { if (isset($_POST['usp-custom-description-required'])) { $error_f = 'usp_error_f'; } $usp_description = ''; } $error_g = ''; if (isset($_POST['usp-custom-password']) && !empty($_POST['usp-custom-password'])) { $usp_password = sanitize_text_field($_POST['usp-custom-password']); } else { if (isset($_POST['usp-custom-password-required'])) { $error_g = 'usp_error_g'; } $usp_password = ''; } // OTHERS $form_error = ''; $form_id = ''; if (isset($_POST['usp-form-id'])) { $form_id = intval($_POST['usp-form-id']); } $post_submit = true; if (isset($_POST['usp-is-register']) && !isset($_POST['usp-is-post-submit'])) { $post_submit = false; } if (isset($_POST['usp-is-contact']) && !isset($_POST['usp-is-post-submit'])) { $post_submit = false; } if (isset($_POST['usp-send-mail']) && !isset($_POST['usp-is-post-submit'])) { $post_submit = false; } // dep. if (isset($_POST['usp-is-post-submit']) || !isset($_POST['usp-is-register']) && !isset($_POST['usp-is-contact']) && !isset($_POST['usp-send-mail'])) { if (isset($_POST['usp-is-post-submit'])) { $post_submit = (bool) sanitize_text_field($_POST['usp-is-post-submit']); } if ($usp_general['enable_form_lock']) { if (!usp_check_form_type($form_id, 'submit')) { $post_submit = false; $form_error = 'usp_error_form'; } } } $register = false; if (isset($_POST['usp-is-register'])) { $register = (bool) sanitize_text_field($_POST['usp-is-register']); if ($usp_general['enable_form_lock']) { if (!usp_check_form_type($form_id, 'register')) { $register = false; $form_error = 'usp_error_form'; } } } $contact = false; if (isset($_POST['usp-is-contact']) || isset($_POST['usp-send-mail'])) { if (!empty($_POST['usp-send-mail'])) { $contact = (bool) sanitize_text_field($_POST['usp-send-mail']); } // dep. if (!empty($_POST['usp-is-contact'])) { $contact = (bool) sanitize_text_field($_POST['usp-is-contact']); } if ($usp_general['enable_form_lock']) { if (!usp_check_form_type($form_id, 'contact')) { $contact = false; $form_error = 'usp_error_form'; } } } if (isset($_POST['usp-logged-id'])) { $logged_id = sanitize_text_field($_POST['usp-logged-id']); } else { $logged_id = ''; } if (isset($_POST['usp-logged-cat'])) { $logged_cats = sanitize_text_field($_POST['usp-logged-cat']); } else { $logged_cats = ''; } if (isset($_POST['usp-tags-default'])) { $default_tags = sanitize_text_field($_POST['usp-tags-default']); } else { $default_tags = ''; } if (isset($_POST['usp-cats-default'])) { $default_cats = sanitize_text_field($_POST['usp-cats-default']); } else { $default_cats = ''; } if (isset($_POST['usp-redirect'])) { $usp_redirect = esc_url($_POST['usp-redirect']); } else { $usp_redirect = ''; } if (isset($_POST['usp-custom-type'])) { $custom_type = sanitize_text_field($_POST['usp-custom-type']); } else { $custom_type = ''; } if (isset($_POST['usp-contact-ids'])) { $contact_ids = sanitize_text_field($_POST['usp-contact-ids']); } else { $contact_ids = ''; } // PROCESS $fields = array('usp_author' => $usp_author, 'usp_url' => $usp_url, 'usp_title' => $usp_title, 'usp_tags' => $usp_tags, 'usp_captcha' => $usp_captcha, 'usp_category' => $usp_category, 'usp_taxonomy' => $usp_taxonomy, 'usp_content' => $usp_content, 'usp_files' => $usp_files, 'usp_email' => $usp_email, 'usp_subject' => $usp_subject, 'usp_format' => $usp_format, 'usp_alt' => $usp_alt, 'usp_caption' => $usp_caption, 'usp_desc' => $usp_desc, 'usp_mediatitle' => $usp_mediatitle, 'usp_filename' => $usp_filename, 'usp_custom' => $usp_custom, 'usp_custom_custom' => $usp_custom_custom, 'usp_nicename' => $usp_nicename, 'usp_displayname' => $usp_displayname, 'usp_nickname' => $usp_nickname, 'usp_firstname' => $usp_firstname, 'usp_lastname' => $usp_lastname, 'usp_description' => $usp_description, 'usp_password' => $usp_password, 'usp_form_id' => $form_id); $errors = array($error_1, $error_2, $error_3, $error_4, $error_5, $error_6, $error_7, $error_8, $error_9, $error_10, $error_11, $error_12, $error_13, $error_14, $error_15, $error_16, $error_17, $error_a, $error_b, $error_c, $error_d, $error_e, $error_f, $error_g, $usp_error_custom, $usp_ccf_error, $form_error, $content_filter); if (isset($_GET['usp_reset_form'])) { $this->unset_session(); $redirect = str_replace('?' . $_SERVER['QUERY_STRING'], '', 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); foreach ($errors as $error) { unset($error); } header('Location: ' . esc_url($redirect)); exit; } $args = array('fields' => $fields, 'errors' => $errors, 'contact' => $contact, 'register' => $register, 'post_submit' => $post_submit, 'logged_id' => $logged_id, 'logged_cats' => $logged_cats, 'default_tags' => $default_tags, 'default_cats' => $default_cats, 'usp_redirect' => $usp_redirect, 'usp_custom_type' => $custom_type, 'contact_ids' => $contact_ids); return apply_filters('usp_get_field_val', $args); } }
function usp_custom_field($args) { global $usp_advanced; if (isset($args['id']) && !empty($args['id'])) { $id = $args['id']; } else { return __('error:usp_custom_field:1:', 'usp') . $args['id']; } if (isset($args['form']) && !empty($args['form'])) { $form = usp_get_form_id($args['form']); } else { return __('error:usp_custom_field:2:', 'usp') . $args['form']; } $custom_fields = get_post_custom($form); if (is_null($custom_fields) || empty($custom_fields)) { return __('error:usp_custom_field:3:', 'usp') . $custom_fields; } $custom_merged = usp_merge_custom_fields(); $custom_arrays = usp_custom_field_string_to_array(); $custom_prefix = $usp_advanced['custom_prefix']; if (empty($custom_prefix)) { $custom_prefix = 'prefix_'; } foreach ($custom_fields as $key => $value) { $key = trim($key); if ('_' == $key[0]) { continue; } if ($key !== '[usp_custom_field form="' . $args['form'] . '" id="' . $id . '"]') { continue; } if (preg_match("/usp_custom_field/i", $key)) { $atts = explode("|", $value[0]); $get_value = $this->usp_custom_field_cookies($id, $value); $default_atts = $this->usp_custom_field_defaults($id, $get_value); $field_atts = $this->usp_custom_field_atts($atts, $default_atts); if (empty($field_atts)) { return __('error:usp_custom_field:4:', 'usp') . $field_atts; } $fieldset = usp_fieldset_custom($field_atts['fieldset'], $field_atts['field_class']); if (in_array($field_atts['name'], $custom_merged) || preg_match("/^{$custom_prefix}/i", $field_atts['name'])) { $prefix = ''; } else { $prefix = 'usp-custom-'; } $checked = ''; $selected = ''; $class = ''; $class_label = ''; $label_custom = ''; if (!empty($field_atts['checked'])) { $checked = ' checked="checked"'; } if (!empty($field_atts['selected'])) { $selected = ' selected="selected"'; } if (!empty($field_atts['class'])) { $class = $field_atts['class'] . ' '; } if (!empty($field_atts['label_class'])) { $class_label = $field_atts['label_class'] . ' '; } if (!empty($field_atts['label_custom'])) { $label_custom = ' ' . $field_atts['label_custom']; } $multiple = ''; $select_array = ''; $multiple_enable = array('multiple', 'true', 'yes', 'on'); if (in_array($field_atts['multiple'], $multiple_enable)) { $multiple = ' multiple="multiple"'; $select_array = '[]'; } if (in_array($field_atts['name'], $custom_arrays['required'])) { $field_atts['data-required'] = 'true'; } elseif (in_array($field_atts['name'], $custom_arrays['optional'])) { $field_atts['data-required'] = 'false'; } $field_hidden = ''; $parsley = ''; if ($field_atts['data-required'] == 'true') { if (!empty($field_atts['checkboxes']) && empty($multiple)) { unset($field_atts['data-required']); } else { if ($field_atts['field'] !== 'input_file') { $field_hidden = '<input name="' . $prefix . $field_atts['name'] . '-required" value="1" type="hidden" />' . "\n"; } } $parsley = ' required="required"'; } else { if ($field_atts['data-required'] == 'null') { unset($field_atts['data-required']); } } $get_wp_editor = $this->usp_custom_field_wp_editor($field_atts); if (!empty($get_wp_editor)) { return $fieldset['fieldset_before'] . $get_wp_editor . $field_hidden . $fieldset['fieldset_after']; } $error = $this->usp_custom_field_errors($id, $field_atts, $custom_prefix); $checkboxes = $this->usp_custom_fields_checkboxes($field_atts, $prefix, $select_array); $radio = $this->usp_custom_fields_radio($field_atts, $prefix); $options = $this->usp_custom_fields_select($field_atts); $files = $this->usp_custom_fields_files($field_atts, $prefix, $class_label, $label_custom); // switch ($field_atts['field']) { case 'input': $field_start = '<input name="' . $prefix . $field_atts['name'] . '" '; $field_end = 'class="' . $error . $class . 'usp-input usp-input-custom usp-form-' . $form . '"' . $checked . $selected . $parsley . ' />'; $label_class = 'class="' . $class_label . 'usp-label usp-label-input usp-label-custom usp-form-' . $form; break; case 'textarea': $field_start = '<textarea name="' . $prefix . $field_atts['name'] . '" '; $field_end = 'class="' . $error . $class . 'usp-input usp-textarea usp-form-' . $form . '" rows="' . $field_atts['rows'] . '" cols="' . $field_atts['cols'] . '"' . $parsley . '>' . $field_atts['value'] . '</textarea>'; $label_class = 'class="' . $class_label . 'usp-label usp-label-textarea usp-label-custom usp-form-' . $form; unset($field_atts['type']); break; case 'select': $field_start = '<select name="' . $prefix . $field_atts['name'] . $select_array . '" '; $field_end = 'class="' . $error . $class . 'usp-input usp-select usp-form-' . $form . '"' . $parsley . $multiple . '>' . $options . '</select>'; $label_class = 'class="' . $class_label . 'usp-label usp-label-select usp-label-custom usp-form-' . $form; unset($field_atts['type'], $field_atts['value'], $field_atts['multiple'], $field_atts['placeholder']); break; case 'input_checkbox': $field_start = '<div class="' . $error . $class . 'usp-input usp-checkboxes usp-form-' . $form . '">'; $field_end = $checkboxes . '</div>'; $label_class = ''; unset($field_atts['type'], $field_atts['value'], $field_atts['multiple'], $field_atts['placeholder'], $field_atts['data-required']); break; case 'input_radio': $field_start = '<div class="' . $error . $class . 'usp-input usp-radio usp-form-' . $form . '">'; $field_end = $radio . '</div>'; $label_class = ''; unset($field_atts['type'], $field_atts['value'], $field_atts['placeholder'], $field_atts['data-required']); break; case 'input_file': $field_start = '<div id="' . $prefix . $field_atts['name'] . '-files" class="' . $error . $class . 'usp-files">' . $files['start']; $field_end = $files['end'] . '</div>' . "\n" . '<div class="usp-preview"></div>'; $label_class = ''; unset($field_atts['type'], $field_atts['value']); break; default: return __('error:usp_custom_field:5:', 'usp') . $field_atts['field']; break; } // if ($field_atts['field'] == 'input_checkbox' || $field_atts['field'] == 'input_radio' || $field_atts['field'] == 'input_file') { $label = ''; } else { $label = '<label for="' . $prefix . $field_atts['for'] . $select_array . '" ' . $label_class . '"' . $label_custom . '>' . $field_atts['label'] . '</label>' . "\n"; } if (isset($field_atts['label']) && $field_atts['label'] == 'null') { $label = ''; } if (isset($field_atts['placeholder']) && $field_atts['placeholder'] == 'null') { unset($field_atts['placeholder']); } $field_atts = $this->usp_custom_field_unset($field_atts); $attributes = ''; foreach ($field_atts as $att_name => $att_value) { $attributes .= $att_name . '="' . $att_value . '" '; } $content = $label . $field_start . $attributes . $field_end . "\n" . $field_hidden; $return = $fieldset['fieldset_before'] . $content . $fieldset['fieldset_after']; return apply_filters('usp_custom_field_data', $return); } } }