/** * defines the default image * * @param string $image path to the default image file, relative to the WP root */ public function set_default_image($image = false) { if (!$image) { $this->default_image = Participants_Db::$plugin_options['default_image']; } else { $this->default_image = $image; } $default_image = trailingslashit(PDb_Path::base_url()) . ltrim($this->default_image, '/'); // error_log(__METHOD__.' setting: '.$this->default_image.' full: '.$default_image); if (!empty($this->default_image) and @getimagesize($default_image)) { $this->default_image = $default_image; } else { $this->default_image = false; } }
/** * handles a file upload * * @param string $name the name of the current field * @param array $file the $_FILES array element corresponding to one file * @param int|bool record id if the action is an update * * @return string the path to the uploaded file or false if error */ private static function _handle_file_upload($field_name, $file, $id = false) { $field_atts = self::get_field_atts($field_name); $type = 'image-upload' == $field_atts->form_element ? 'image' : 'file'; $delete_checked = (bool) (isset($_POST[$field_name . '-deletefile']) and $_POST[$field_name . '-deletefile'] == 'delete'); $_POST[$field_name . '-deletefile'] = ''; // attempt to create the target directory if it does not exist if (!is_dir(PDb_Path::files_path())) { if (false === PDb_Path::_make_uploads_dir()) { return false; } } if (!is_uploaded_file(realpath($file['tmp_name']))) { self::_show_validation_error(__('There is something wrong with the file you tried to upload. Try another.', 'participants-database'), $field_name); return false; } /* get the allowed file types and test the uploaded file for an allowed file * extension */ $extensions = empty($field_atts->values) ? self::$plugin_options['allowed_file_types'] : implode(',', self::unserialize_array($field_atts->values)); $test = preg_match('#^(.+)\\.(' . implode('|', array_map('trim', explode(',', str_replace('.', '', strtolower($extensions))))) . ')$#', strtolower($file['name']), $matches); //error_log(__METHOD__.' ext:'.$extensions.' test:'. $test.' matches:'.print_r($matches,1)); if (0 === $test) { if ($type == 'image' && empty($field_atts->values)) { self::_show_validation_error(sprintf(__('For "%s", you may only upload image files like JPEGs, GIFs or PNGs.', 'participants-database'), $field_atts->title), $field_name); } else { self::_show_validation_error(sprintf(__('The file selected for "%s" must be one of these types: %s. ', 'participants-database'), $field_atts->title, preg_replace('#(,)(?=[^,])#U', ', ', $extensions)), $field_name); } return false; } else { // validate and construct the new filename using only the allowed file extension $new_filename = preg_replace(array('#\\.#', "/\\s+/", "/[^-\\.\\w]+/"), array("-", "_", ""), $matches[1]) . '.' . $matches[2]; // now make sure the name is unique by adding an index if needed $index = 1; while (file_exists(PDb_Path::files_path() . $new_filename)) { $filename_parts = pathinfo($new_filename); $new_filename = preg_replace(array('#_[0-9]+$#'), array(''), $filename_parts['filename']) . '_' . $index . '.' . $filename_parts['extension']; $index++; } } if ($type == 'image') { /* * we perform a validity check on the image files, this also makes sure only * images are uploaded in image upload fields */ $fileinfo = getimagesize($file['tmp_name']); $valid_image = in_array($fileinfo[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG, IMAGETYPE_WBMP)); if (!$valid_image) { self::_show_validation_error(sprintf(__('For "%s", you may only upload image files like JPEGs, GIFs or PNGs.', 'participants-database'), $field_atts->title), $field_name); return false; } } if ($file['size'] > self::$plugin_options['image_upload_limit'] * 1024) { self::_show_validation_error(sprintf(__('The file you tried to upload is too large. The file must be smaller than %sK.', 'participants-database'), self::$plugin_options['image_upload_limit']), $field_name); return false; } if (false === move_uploaded_file($file['tmp_name'], PDb_Path::files_path() . $new_filename)) { self::_show_validation_error(__('The file could not be saved.', 'participants-database')); return false; } /* * if a previously uploaded file exists and the preference is to allow user deletes, * the previously uploaded file is deleted. If an admin wants to delete a file while * user deletes are not allowed, they must check the delete box. * * as of 1.5.5 */ if ($id !== false) { $record_data = self::get_participant($id); if (!empty($record_data[$field_name])) { $image_obj = new PDb_Image(array('filename' => $record_data[$field_name])); if ($image_obj->image_defined and self::$plugin_options['file_delete'] == '1' || is_admin() && $delete_checked) { self::delete_file($record_data[$field_name]); } } } /* * as of 1.3.2 we save the image as filename only; the image is retrieved from * the directory defined in the plugin setting using the self::get_image function */ return $new_filename; }
/** * returns an element value formatted for display or storage * * this supplants the function Participants_Db::prep_field_for_display * * @param object $field a Field_Item object * @param bool $html if true, retuns the value wrapped in HTML, false returns * the formatted value alone * @return string the object's current value, formatted */ public static function get_field_value_display($field, $html = true) { $return = ''; /** * filter: pdb-before_display_form_element * * @since 1.6 * * @param string $return the value display * @param object $field the field object * * formerly, this was set as "pdb-before_display_field" and included a more limited set of arguments */ if (has_filter(Participants_Db::$prefix . 'before_display_form_element')) { $return = Participants_Db::set_filter('before_display_form_element', $return, $field); } elseif (has_filter(Participants_Db::$prefix . 'before_display_field')) { // provided for backward-compatibility $return = Participants_Db::set_filter('before_display_field', $return, $field->value, $field->form_element); } if (empty($return)) { switch ($field->form_element) { case 'image-upload': $image = new PDb_Image(array('filename' => $field->value, 'link' => isset($field->link) ? $field->link : false, 'mode' => 'both', 'module' => $field->module)); if ($html) { if (isset($field->module) and in_array($field->module, array('single', 'list'))) { $image->display_mode = 'image'; } elseif (isset($field->module) and in_array($field->module, array('signup'))) { $image->display_mode = $image->image_defined ? 'both' : 'none'; $image->link = false; } $image->set_image_wrap(); $return = $image->get_image_html(); } elseif ($image->file_exists) { $return = $image->get_image_file(); } else { $return = $field->value; } break; case 'file-upload': if ($html and !empty($field->value)) { if ($field->module == 'signup') { $field->link = false; $return = $field->value; } else { $field->link = PDb_Path::files_uri() . $field->value; $return = self::make_link($field); } break; } else { $return = $field->value; break; } case 'date': case 'timestamp': $return = ''; if (self::is_empty($field->value) === false) { $date = Participants_Db::parse_date($field->value, $field); $format = Participants_Db::$date_format; if (Participants_Db::plugin_setting_is_true('show_time') and $field->form_element === 'timestamp') { $format .= ' ' . get_option('time_format'); } $return = date_i18n($format, $date); } else { $return = ''; } break; case 'multi-checkbox': case 'multi-select-other': /* * these elements are stored as serialized arrays of values, the data is displayed * a comma-separated string of the values, using the value titles if defined */ $return = self::array_display($field); break; case 'link': $linkdata = maybe_unserialize($field->value); if (!is_array($linkdata)) { $return = ''; break; } if (empty($linkdata[1])) { $linkdata[1] = str_replace('http://', '', $linkdata[0]); } if ($html) { $return = vsprintf(empty($linkdata[0]) ? '%1$s%2$s' : '<a href="%1$s">%2$s</a>', $linkdata); } else { $return = $linkdata[0]; } break; case 'text-line': if ($html) { $field->value = self::get_value_title($field->value, $field->name); $return = self::make_link($field); break; } else { $return = $field->value; break; } case 'text-area': case 'textarea': $pattern = $html ? '<span ' . self::class_attribute('textarea') . '>%s</span>' : '%s'; $return = sprintf($pattern, $field->value); break; case 'rich-text': if ($html) { $return = sprintf('<span ' . self::class_attribute('textarea richtext') . '>%s</span>', Participants_Db::process_rich_text($field->value)); } else { $return = strip_tags($field->value); } break; case 'dropdown': case 'radio': case 'checkbox': case 'dropdown-other': case 'select-other': $field->value = self::array_display($field); if ($html) { $return = sprintf('<span %s>%s</span>', self::class_attribute($field->form_element), self::make_link($field)); } else { $return = $field->value; } break; case 'placeholder': $field->value = $field->default; $return = $html ? self::make_link($field) : $field->value; break; case 'hidden': if ($field->value === $field->default) { $field->value = ''; } elseif (!Participants_Db::is_dynamic_value($field->default)) { $field->value = $field->default; } default: $return = $html ? self::make_link($field) : $field->value; } } return $return; }
/** * sets the uploads directory path * * @return bool true if the directory is located */ function _set_upload_dir() { $this->upload_directory = PDb_Path::files_location(); // check for the target directory; attept to create if it doesn't exist return is_dir($this->root_path . $this->upload_directory) ? true : PDb_Path::_make_uploads_dir($this->upload_directory); }
/** * deletes a file * * this looks in the fie upload directory and deletes $filename if found * * @param string $filename * @return bool success */ public static function delete_file($filename) { $current_dir = getcwd(); // save the cirrent dir chdir(PDb_Path::files_path()); // set the plugin uploads dir $result = unlink(basename($filename)); // delete the file chdir($current_dir); // change back to the previous directory return $result; }