PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.11
Code Manager v1.0.11
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 4 years ago Code_Manager_Dashboard.php 4 years ago Code_Manager_Export.php 4 years ago Code_Manager_Form.php 4 years ago Code_Manager_Import.php 4 years ago Code_Manager_Import_File.php 4 years ago Code_Manager_List.php 4 years ago Code_Manager_List_View.php 4 years ago Code_Manager_Model.php 4 years ago Code_Manager_Preview.php 4 years ago Code_Manager_Settings.php 4 years ago Code_Manager_Tabs.php 4 years ago Message_Box.php 4 years ago WP_List_Table.php 4 years ago
Code_Manager_Form.php
458 lines
1 <?php
2
3 namespace Code_Manager {
4
5 /**
6 * Class Code_Manager_Form
7 *
8 * Implements data entry form for Code Manager.
9 *
10 * @author Peter Schulz
11 * @since 1.0.0
12 */
13 class Code_Manager_Form {
14
15 /**
16 * Actual code manager record
17 *
18 * @var null|array
19 */
20 protected $row = null;
21
22 /**
23 * Allowed values: view (read-only mode) and edit (update mode)
24 *
25 * @var string
26 */
27 protected $action = 'edit';
28
29 /**
30 * Allowed values: null (no DML action needed) and save (perform insert or update)
31 *
32 * @var null|string
33 */
34 protected $action2 = null;
35
36 /**
37 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
38 *
39 * @var int|null
40 */
41 protected $code_id = null;
42
43 /**
44 * WP Nonce used for DML actions.
45 *
46 * @var string
47 */
48 protected $wpnone;
49
50 // Default values
51 protected $default_code_name = '';
52 protected $default_code_type = 'php shortcode';
53 protected $default_code = "<?php\n\n?>";
54 protected $default_code_enabled = '0';
55 protected $default_code_preview = false;
56 protected $default_code_author = '';
57 protected $default_code_description = '';
58
59
60 /**
61 * Code_Manager_Form constructor.
62 *
63 * Initializes data entry form and performs DML actions as requested by arguments.
64 *
65 * @since 1.0.0
66 */
67 public function __construct() {
68 $this->action =
69 isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit'; // input var okay.
70
71 $this->action2 =
72 isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null; // input var okay.
73
74 $this->code_id =
75 isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null; // input var okay.
76
77 switch( $this->action ) {
78 case 'edit':
79 if ( null === $this->code_id ) {
80 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
81 }
82 if ( 'save' === $this->action2 ) {
83 $this->check_authorization(); // Dies if not authorized
84 if (
85 isset( $_REQUEST['code_id'] ) &&
86 isset( $_REQUEST['code_name'] ) &&
87 isset( $_REQUEST['code_type'] ) &&
88 isset( $_REQUEST['code'] ) &&
89 isset( $_REQUEST['code_author'] ) &&
90 isset( $_REQUEST['code_description'] )
91 ) {
92 // All data available, start update process
93 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
94 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
95 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
96 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
97 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
98 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
99 $code_description = wp_unslash( $_REQUEST['code_description'] ); // input var okay.
100
101 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
102 $code_manager_model = new $code_manager_model_class();
103 $numrows = $code_manager_model::dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
104
105 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
106 $preview_changed = false;
107 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
108 if ( ! $preview_enabled ) {
109 Code_Manager_Preview::add_user_preview_code_id( $code_id );
110 $msg = new Message_Box(
111 [
112 'message_text' => __( 'Preview enabled', 'code-manager' ),
113 ]
114 );
115 $msg->box();
116 $preview_changed = true;
117 }
118 } else {
119 if ( $preview_enabled ) {
120 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
121 $msg = new Message_Box(
122 [
123 'message_text' => __( 'Preview disabled', 'code-manager' ),
124 ]
125 );
126 $msg->box();
127 $preview_changed = true;
128 }
129 }
130
131 if ( 0 === $numrows ) {
132 if ( ! $preview_changed ) {
133 $msg = new Message_Box(
134 [
135 'message_text' => __( 'Nothing to save', 'code-manager' ),
136 ]
137 );
138 $msg->box();
139 }
140 } elseif ( 1 === $numrows ) {
141 $msg = new Message_Box(
142 [
143 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
144 ]
145 );
146 $msg->box();
147 }
148 } else {
149 // No update possible, missing data
150 $msg = new Message_Box(
151 [
152 'message_text' => __( 'Update failed', 'code-manager' ),
153 'message_type' => 'error',
154 'message_is_dismissible' => false,
155 ]
156 );
157 $msg->box();
158 }
159 }
160 // Requery
161 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
162 $code_manager_model = new $code_manager_model_class();
163 $this->row = $code_manager_model::dml_query( $this->code_id );
164 break;
165 case 'new':
166 if ( 'save' === $this->action2 ) {
167 $this->check_authorization(); // Dies if not authorized
168 if (
169 isset( $_REQUEST['code_name'] ) &&
170 isset( $_REQUEST['code_type'] ) &&
171 isset( $_REQUEST['code'] ) &&
172 isset( $_REQUEST['code_author'] ) &&
173 isset( $_REQUEST['code_description'] )
174 ) {
175 // All data available, start insert process
176 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
177 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
178 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
179 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
180 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
181 $code_description = wp_unslash( $_REQUEST['code_description'] ); // input var okay.
182
183 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
184 $code_manager_model = new $code_manager_model_class();
185 $code_id = $code_manager_model::dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
186 if ( -1 === $code_id ) {
187 $msg = new Message_Box(
188 [
189 'message_text' => __( 'Insert failed', 'code-manager' ),
190 'message_type' => 'error',
191 'message_is_dismissible' => false,
192 ]
193 );
194 $msg->box();
195
196 $this->default_code_name = $code_name;
197 $this->default_code_type = $code_type;
198 $this->default_code = $code;
199 $this->default_code_enabled = $code_enabled;
200 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
201 $this->default_code_author = $code_author;
202 $this->default_code_description = $code_description;
203 } else {
204 $msg = new Message_Box(
205 [
206 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
207 ]
208 );
209 $msg->box();
210
211 $this->code_id = $code_id;
212 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
213 $code_manager_model = new $code_manager_model_class();
214 $this->row = $code_manager_model::dml_query( $this->code_id );
215 $this->action = 'edit';
216
217 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
218 Code_Manager_Preview::add_user_preview_code_id( $code_id );
219 $msg = new Message_Box(
220 [
221 'message_text' => __( 'Preview enabled', 'code-manager' ),
222 ]
223 );
224 $msg->box();
225 }
226 }
227 } else {
228 // No insert possible, missing data
229 $msg = new Message_Box(
230 [
231 'message_text' => __( 'Insert failed', 'code-manager' ),
232 'message_type' => 'error',
233 'message_is_dismissible' => false,
234 ]
235 );
236 $msg->box();
237 }
238 }
239 }
240
241 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
242 }
243
244 /**
245 * Changes are only allow with proper authorization
246 *
247 * @since 1.0.0
248 */
249 private function check_authorization() {
250 $wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
251 if ( ! wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
252 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
253 }
254 }
255
256 /**
257 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
258 *
259 * @since 1.0.0
260 */
261 public function show() {
262 if ( null !== $this->row ) {
263 $code_name = $this->row[0]['code_name'];
264 $code_type = $this->row[0]['code_type'];
265 $code_enabled = $this->row[0]['code_enabled'];
266 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
267 $code = $this->row[0]['code'];
268 $code_author = $this->row[0]['code_author'];
269 $code_description = $this->row[0]['code_description'];
270 } else {
271 $code_name = $this->default_code_name;
272 $code_type = $this->default_code_type;
273 $code = $this->default_code;
274 $code_enabled = $this->default_code_enabled;
275 $code_preview = $this->default_code_preview;
276 $code_author = $this->default_code_author;
277 $code_description = $this->default_code_description;
278 }
279 ?>
280 <div class="wrap">
281 <h1 class="wp-heading-inline">
282 <span>
283 <span class="cm_page_title">
284 <?php echo CODE_MANAGER_H1_TITLE; ?>
285 </span>
286 <?php
287 if ( ! Code_Manager_Dashboard::dashboard_enabled() ) {
288 ?>
289 <a href="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>"
290 title="Back to list">
291 <span class="material-icons cm_menu_title">menu</span></a>
292 <a href="<?php echo CODE_MANAGER_HELP_URL; ?>" target="_blank"
293 title="Plugin help - opens in a new tab or window">
294 <span class="material-icons cm_menu_title">help_outline</span></a>
295 <?php
296 }
297 ?>
298 </span>
299 </h1>
300 <p></p>
301 <div>
302 <form method="post" enctype="multipart/form-data"
303 action="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>">
304 <fieldset class="cm_fieldset">
305 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
306 <tbody>
307 <tr>
308 <td class="label">
309 <label for="code_id" title="Code ID must be entered">
310 * Code ID
311 </label>
312 </td>
313 <td class="data">
314 <input name="code_id" id="code_id" type="text"
315 value="<?php echo esc_attr( $this->code_id ); ?>" readonly="">
316 </td>
317 <td class="icon">
318 <span class="cm_data_type">123</span>
319 </td>
320 </tr>
321 <tr>
322 <td class="label">
323 <label for="code_name" title="Name must be entered">
324 * Name
325 </label>
326 </td>
327 <td class="data">
328 <input name="code_name" id="code_name" type="text" maxlength="100"
329 value="<?php echo esc_attr( $code_name ); ?>">
330 </td>
331 <td class="icon">
332 <span class="cm_data_type">abc</span></td>
333 </tr>
334 <tr>
335 <td class="label">
336 <label for="code_type" title="Type must be entered">
337 Type
338 </label>
339 </td>
340 <td class="data">
341 <select name="code_type" id="code_type">
342 <?php
343 $code_manager_tab_class = CODE_MANAGER_TAB_CLASS;
344 $code_manager_tab = new $code_manager_tab_class();
345 $code_types = $code_manager_tab->get_code_types();
346 foreach ( $code_types as $code_type_group => $value ) {
347 echo "<optgroup label='{$code_type_group}'>";
348 foreach ( $value as $value_code_type => $value_code_label ) {
349 echo "<option value='{$value_code_type}'>{$value_code_label}</option>";
350 }
351 echo '</optgroup>';
352 }
353 ?>
354 </select>
355 <script type="text/javascript">
356 jQuery('#code_type').val('<?php echo esc_attr( $code_type ); ?>');
357 </script>
358 </td>
359 <td class="icon">
360 </td>
361 </tr>
362 <tr>
363 <td class="label">
364 <label for="code_enabled">
365 Status
366 </label>
367 </td>
368 <td class="data" style="height: 30px">
369 <label>
370 <input type='checkbox'
371 name='code_enabled'
372 <?php echo '1'===$code_enabled ? 'checked' : ''; ?>
373 >
374 Enable code
375 </label>
376 &nbsp;
377 <label>
378 <input type='checkbox'
379 name='code_preview'
380 <?php echo $code_preview ? 'checked' : ''; ?>
381 >
382 Enable preview mode
383 </label>
384 </td>
385 </tr>
386 <tr>
387 <td class="label" style="vertical-align:top;padding-top:7px;">
388 <label for="code" title="Code must be entered">
389 Code
390 </label>
391 </td>
392 <td class="data" style="display: grid; width: 100%;">
393 <textarea name="code" id="code" style="vertical-align: top; display: none;"
394 maxlength="65535"><?php echo str_replace( "&", "&amp;", $code ); ?></textarea>
395 </td>
396 <td class="icon" style="vertical-align:top;padding-top:7px;">
397 <span class="dashicons dashicons-editor-code"></span>
398 </td>
399 </tr>
400 <tr>
401 <td class="label">
402 <label for="code_author" title="Optional">
403 Author
404 </label>
405 </td>
406 <td class="data">
407 <input name="code_author" id="code_author" type="text" maxlength="100"
408 value="<?php echo esc_attr( $code_author ); ?>">
409 </td>
410 <td class="icon">
411 <span class="cm_data_type">abc</span></td>
412 </tr>
413 <tr>
414 <td class="label" style="vertical-align:top;padding-top:7px;">
415 <label for="code_description" title="Optional">
416 Description
417 </label>
418 </td>
419 <td class="data">
420 <textarea name="code_description" id="code_description" maxlength="65536"
421 ><?php echo esc_attr( $code_description ); ?></textarea>
422 </td>
423 <td></td>
424 </tr>
425 </tbody>
426 </table>
427 </fieldset>
428 <p></p>
429 <div>
430 <input name="action" type="hidden" value="<?php echo $this->action; ?>">
431 <input name="action2" type="hidden" value="save">
432 <?php wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false ); ?>
433 <input type="submit" id="submit_button" value="Save changes to database"
434 class="button button-primary" name="submit_button" onclick="return submit_form();">
435 <input type="button" onclick="javascript:location.href='?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>'"
436 class="button button-secondary" value="Back to list">
437 </div>
438 </form>
439 </div>
440 </div>
441 <script type="text/javascript">
442 var wpnonce = '<?php echo $this->wpnonce; ?>';
443
444 function submit_form() {
445 if (jQuery('#code_name').val()==='') {
446 alert('Name must be entered');
447 return false;
448 }
449 user_has_edited = false;
450 return true;
451 }
452 </script>
453 <?php
454 }
455
456 }
457
458 }