/**
* Return the live preview data of table that has non-saved changes.
*
* @since 1.0.0
*/
public function ajax_action_preview_table()
{
if (empty($_POST['tablepress']) || empty($_POST['tablepress']['id'])) {
wp_die('-1');
} else {
$preview_table = wp_unslash($_POST['tablepress']);
}
// Check if the submitted nonce matches the generated nonce we created earlier, dies -1 on failure.
TablePress::check_nonce('preview_table', $preview_table['id'], '_ajax_nonce', true);
// Ignore the request if the current user doesn't have sufficient permissions.
if (!current_user_can('tablepress_preview_table', $preview_table['id'])) {
wp_die('-1');
}
// Default response data.
$success = false;
do {
// to be able to "break;" (allows for better readable code)
// Load table, without table data, but with options and visibility settings.
$existing_table = TablePress::$model_table->load($preview_table['id'], false, true);
if (is_wp_error($existing_table)) {
// maybe somehow load a new table here? (TablePress::$model_table->get_table_template())?
break;
}
// Check and convert data that was transmitted as JSON.
if (empty($preview_table['data']) || empty($preview_table['options']) || empty($preview_table['visibility'])) {
break;
}
$preview_table['data'] = (array) json_decode($preview_table['data'], true);
$preview_table['options'] = (array) json_decode($preview_table['options'], true);
$preview_table['visibility'] = (array) json_decode($preview_table['visibility'], true);
// Check consistency of new table, and then merge with existing table.
$table = TablePress::$model_table->prepare_table($existing_table, $preview_table, true, true);
if (is_wp_error($table)) {
break;
}
// DataTables Custom Commands can only be edit by trusted users.
if (!current_user_can('unfiltered_html')) {
$table['options']['datatables_custom_commands'] = $existing_table['options']['datatables_custom_commands'];
}
// If the ID has changed, and the new ID is valid, render with the new ID (important e.g. for CSS classes/HTML ID).
if ($table['id'] !== $table['new_id'] && 0 === preg_match('/[^a-zA-Z0-9_-]/', $table['new_id'])) {
$table['id'] = $table['new_id'];
}
// Sanitize all table data to remove unsafe HTML from the preview output.
$table = TablePress::$model_table->sanitize($table);
// At this point, the table data is valid and sanitized and can be rendered.
$success = true;
} while (false);
// Do-while-loop through this exactly once, to be able to "break;" early.
// Initialize i18n support, load plugin's textdomain, to retrieve correct translations for the description of the preview.
load_plugin_textdomain('tablepress', false, dirname(TABLEPRESS_BASENAME) . '/i18n');
if ($success) {
// Create a render class instance.
$_render = TablePress::load_class('TablePress_Render', 'class-render.php', 'classes');
// Merge desired options with default render options (see TablePress_Controller_Frontend::shortcode_table()).
$default_render_options = $_render->get_default_render_options();
/** This filter is documented in controllers/controller-frontend.php */
$default_render_options = apply_filters('tablepress_shortcode_table_default_shortcode_atts', $default_render_options);
$render_options = shortcode_atts($default_render_options, $table['options']);
/** This filter is documented in controllers/controller-frontend.php */
$render_options = apply_filters('tablepress_shortcode_table_shortcode_atts', $render_options);
$_render->set_input($table, $render_options);
$head_html = $_render->get_preview_css();
$custom_css = TablePress::$model_options->get('custom_css');
if (!empty($custom_css)) {
$head_html .= "<style type=\"text/css\">\n{$custom_css}\n</style>\n";
}
$body_html = '<div id="tablepress-page"><p>' . __('This is a preview of your table.', 'tablepress') . ' ' . __('Because of CSS styling in your theme, the table might look different on your page!', 'tablepress') . ' ' . __('The features of the DataTables JavaScript library are also not available or visible in this preview!', 'tablepress') . '<br />' . sprintf(__('To insert the table into a page, post, or text widget, copy the Shortcode %s and paste it into the editor.', 'tablepress'), '<input type="text" class="table-shortcode table-shortcode-inline" value="' . esc_attr('[' . TablePress::$shortcode . " id={$table['id']} /]") . '" readonly="readonly" />') . '</p>' . $_render->get_output() . '</div>';
} else {
$head_html = '';
$body_html = __('The preview could not be loaded.', 'tablepress');
}
// Generate the response.
$response = array('success' => $success, 'head_html' => $head_html, 'body_html' => $body_html);
// Buffer all outputs, to prevent errors/warnings being printed that make the JSON invalid.
$output_buffer = ob_get_clean();
if (!empty($output_buffer)) {
$response['output_buffer'] = $output_buffer;
}
// Send the response.
wp_send_json($response);
}
/**
* Uninstall TablePress, and delete all tables and options.
*
* @since 1.0.0
*/
public function handle_get_action_uninstall_tablepress()
{
TablePress::check_nonce('uninstall_tablepress');
$plugin = TABLEPRESS_BASENAME;
if (!current_user_can('activate_plugins') || !current_user_can('tablepress_edit_options') || !current_user_can('tablepress_delete_tables') || is_plugin_active_for_network($plugin)) {
wp_die(__('You do not have sufficient permissions to access this page.', 'default'), 403);
}
// Deactivate TablePress for the site (but not for the network).
deactivate_plugins($plugin, false, false);
update_option('recently_activated', array($plugin => time()) + (array) get_option('recently_activated', array()));
// Delete all tables, "Custom CSS" files, and options.
TablePress::$model_table->delete_all();
$tablepress_css = TablePress::load_class('TablePress_CSS', 'class-css.php', 'classes');
$css_files_deleted = $tablepress_css->delete_custom_css_files();
TablePress::$model_options->remove_access_capabilities();
TablePress::$model_table->destroy();
TablePress::$model_options->destroy();
$this->init_i18n_support();
$output = '<strong>' . __('TablePress was uninstalled successfully.', 'tablepress') . '</strong><br /><br />';
$output .= __('All tables, data, and options were deleted.', 'tablepress');
if (is_multisite()) {
$output .= ' ' . __('You may now ask the network admin to delete the plugin’s folder <code>tablepress</code> from the server, if no other site in the network uses it.', 'tablepress');
} else {
$output .= ' ' . __('You may now manually delete the plugin’s folder <code>tablepress</code> from the <code>plugins</code> directory on your server or use the “Delete” link for TablePress on the WordPress “Plugins” page.', 'tablepress');
}
if ($css_files_deleted) {
$output .= ' ' . __('Your TablePress “Custom CSS” files have been deleted automatically.', 'tablepress');
} else {
if (is_multisite()) {
$output .= ' ' . __('Please also ask him to delete your TablePress “Custom CSS” files from the server.', 'tablepress');
} else {
$output .= ' ' . __('You may now also delete your TablePress “Custom CSS” files in the <code>wp-content</code> folder.', 'tablepress');
}
}
$output .= "</p>\n<p>";
if (!is_multisite() || is_super_admin()) {
$output .= '<a class="button" href="' . esc_url(admin_url('plugins.php')) . '">' . __('Go to “Plugins” page', 'tablepress') . '</a> ';
}
$output .= '<a class="button" href="' . esc_url(admin_url('index.php')) . '">' . __('Go to Dashboard', 'tablepress') . '</a>';
wp_die($output, __('Uninstall TablePress', 'tablepress'), array('response' => 200, 'back_link' => false));
}
/**
* Save changes on the Stockflock screen.
*
*/
public function handle_post_action_stockflock()
{
if (!isset($_POST['stockflock'])) {
return;
}
TablePress::check_nonce('stockflock');
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
if (empty($_POST['stockflock']) || !is_array($_POST['stockflock'])) {
TablePress::redirect(array('action' => 'stockflock', 'message' => 'error_save'));
} else {
$stockflock = stripslashes_deep($_POST['stockflock']);
}
$params = array('option_name' => 'tablepress_stockflock_config', 'default_value' => array());
$stockflock_config = TablePress::load_class('TablePress_WP_Option', 'class-wp_option.php', 'classes', $params);
//trim and restrict array length to be not more than 20
$raw_companies = explode(',', $stockflock['companies']);
$valid_companies = array_slice(array_map('trim', $raw_companies), 0, $this->company_limit);
$stockflock['companies'] = strtoupper(implode(',', $valid_companies));
//give default value to data_points
$data_point_list = ['short_name', 'price_value', 'industry_name', 'dividend_yield', 'earning_value', 'dividend_per_share', 'book_value', 'debt_assets', 'net_asset_value', 'gearing_ratio', 'property_yield_ratio'];
if (is_array($stockflock['data_points'])) {
foreach ($data_point_list as $key => $value) {
if (!array_key_exists($value, $stockflock['data_points'])) {
$stockflock['data_points'][$value] = "false";
}
}
}
//store to wp_options
$stockflock_config->update($stockflock);
TablePress::redirect(array('action' => 'stockflock', 'message' => 'success_save'));
}
/**
* Show a list of tables in the Editor toolbar Thickbox (opened by TinyMCE or Quicktags button)
*
* @since 1.0.0
*/
public function handle_get_action_editor_button_thickbox()
{
TablePress::check_nonce('editor_button_thickbox');
$this->init_i18n_support();
$view_data = array('tables' => $this->model_table->load_all());
set_current_screen('tablepress_editor_button_thickbox');
// Prepare, initialize, and render the view
$this->view = TablePress::load_view('editor_button_thickbox', $view_data);
$this->view->render();
}
/**
* Return the live preview data of table that has non-saved changes
*
* @since 1.0.0
*/
public function ajax_action_preview_table()
{
if (empty($_POST['tablepress']) || empty($_POST['tablepress']['id'])) {
wp_die('-1');
} else {
$preview_table = stripslashes_deep($_POST['tablepress']);
}
// check to see if the submitted nonce matches with the generated nonce we created earlier, dies -1 on fail
TablePress::check_nonce('preview_table', $preview_table['id'], '_ajax_nonce', true);
// ignore the request if the current user doesn't have sufficient permissions
if (!current_user_can('tablepress_preview_table', $preview_table['id'])) {
wp_die('-1');
}
// default response data:
$success = false;
do {
// to be able to "break;" (allows for better readable code)
// Load existing table from DB
$existing_table = $this->model_table->load($preview_table['id']);
if (false === $existing_table) {
// maybe somehow load a new table here? ($this->model_table->get_table_template())?
break;
}
// Check and convert data that was transmitted as JSON
if (empty($preview_table['data']) || empty($preview_table['options']) || empty($preview_table['visibility'])) {
break;
}
$preview_table['data'] = json_decode($preview_table['data'], true);
$preview_table['options'] = json_decode($preview_table['options'], true);
$preview_table['visibility'] = json_decode($preview_table['visibility'], true);
// Check consistency of new table, and then merge with existing table
$table = $this->model_table->prepare_table($existing_table, $preview_table, true, true);
if (false === $table) {
break;
}
// DataTables Custom Commands can only be edit by trusted users
if (!current_user_can('unfiltered_html')) {
$table['options']['datatables_custom_commands'] = $existing_table['options']['datatables_custom_commands'];
}
// If the ID has changed, and the new ID is valid, render with the new ID (important e.g. for CSS classes/HTML ID)
if ($table['id'] !== $table['new_id'] && 0 === preg_match('/[^a-zA-Z0-9_-]/', $table['new_id'])) {
$table['id'] = $table['new_id'];
}
// at this point, the table data is valid and can be rendered
$success = true;
} while (false);
// do-while-loop through this exactly once, to be able to "break;" early
if ($success) {
// Create a render class instance
$_render = TablePress::load_class('TablePress_Render', 'class-render.php', 'classes');
// Merge desired options with default render options (as not all of them are stored in the table options, but are just Shortcode parameters)
$render_options = shortcode_atts($_render->get_default_render_options(), $table['options']);
$_render->set_input($table, $render_options);
$head_html = '<style type="text/css">body{margin:10px;}</style>';
$head_html .= $_render->get_preview_css();
// Add "Custom CSS"
if ($this->model_options->get('use_custom_css_file')) {
$custom_css = $this->model_options->load_custom_css_from_file('normal');
// fall back to "Custom CSS" in options, if it could not be retrieved from file
if (false === $custom_css) {
$custom_css = $this->model_options->get('custom_css');
}
} else {
// get "Custom CSS" from options
$custom_css = $this->model_options->get('custom_css');
}
if (!empty($custom_css)) {
$head_html .= "<style type=\"text/css\">\n{$custom_css}\n</style>\n";
}
$body_html = '<div id="tablepress-page"><p>' . __('This is a preview of your table.', 'tablepress') . ' ' . __('Because of CSS styling, the table might look different on your page!', 'tablepress') . ' ' . __('The features of the DataTables JavaScript library are also not visible in this preview!', 'tablepress') . '<br />' . sprintf(__('To insert the table into a page, post, or text widget, copy the Shortcode %s and paste it into the editor.', 'tablepress'), '<input type="text" class="table-shortcode table-shortcode-inline" value="[' . TablePress::$shortcode . ' id=' . esc_attr($table['id']) . ' /]" readonly="readonly" />') . '</p>' . $_render->get_output() . '</div>';
} else {
$head_html = '';
$body_html = __('The preview could not be loaded.', 'tablepress');
}
// Generate the response
$response = array('success' => $success, 'head_html' => $head_html, 'body_html' => $body_html);
// Send the response
$response['output_buffer'] = ob_get_clean();
// buffer all outputs, to prevent errors/warnings being printed that make the JSON invalid
wp_send_json($response);
}