PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.13
Code Manager v1.0.13
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 4 years ago Code_Manager_Dashboard.php 4 years ago Code_Manager_Export.php 4 years ago Code_Manager_Form.php 4 years ago Code_Manager_Import.php 4 years ago Code_Manager_Import_File.php 4 years ago Code_Manager_List.php 4 years ago Code_Manager_List_View.php 4 years ago Code_Manager_Model.php 4 years ago Code_Manager_Preview.php 4 years ago Code_Manager_Settings.php 4 years ago Code_Manager_Tabs.php 4 years ago Message_Box.php 4 years ago WP_List_Table.php 4 years ago
Code_Manager_Form.php
472 lines
1 <?php
2 /**
3 * Code Manager data entry form to enter code
4 *
5 * @package Code_Manager
6 */
7
8 namespace Code_Manager {
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form {
19
20 /**
21 * Actual code manager record
22 *
23 * @var null|array
24 */
25 protected $row = null;
26
27 /**
28 * Allowed values: view (read-only mode) and edit (update mode)
29 *
30 * @var string
31 */
32 protected $action = 'edit';
33
34 /**
35 * Allowed values: null (no DML action needed) and save (perform insert or update)
36 *
37 * @var null|string
38 */
39 protected $action2 = null;
40
41 /**
42 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
43 *
44 * @var int|null
45 */
46 protected $code_id = null;
47
48 /**
49 * WP Nonce used for DML actions.
50 *
51 * @var string
52 */
53 protected $wpnone;
54
55 /* Default values */
56 protected $default_code_name = '';
57 protected $default_code_type = 'php shortcode';
58 protected $default_code = "<?php\n\n?>";
59 protected $default_code_enabled = '0';
60 protected $default_code_preview = false;
61 protected $default_code_author = '';
62 protected $default_code_description = '';
63
64 /**
65 * Code_Manager_Form constructor.
66 *
67 * Initializes data entry form and performs DML actions as requested by arguments.
68 *
69 * @since 1.0.0
70 */
71 public function __construct() {
72 $this->action =
73 isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit'; // input var okay.
74
75 $this->action2 =
76 isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null; // input var okay.
77
78 $this->code_id =
79 isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null; // input var okay.
80
81 switch ( $this->action ) {
82 case 'edit':
83 if ( null === $this->code_id ) {
84 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
85 }
86 if ( 'save' === $this->action2 ) {
87 $this->check_authorization(); // Dies if not authorized.
88 if (
89 isset( $_REQUEST['code_id'] ) &&
90 isset( $_REQUEST['code_name'] ) &&
91 isset( $_REQUEST['code_type'] ) &&
92 isset( $_REQUEST['code'] ) &&
93 isset( $_REQUEST['code_author'] ) &&
94 isset( $_REQUEST['code_description'] )
95 ) {
96 // All data available, start update process.
97 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
98 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
99 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
100 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
101 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
102 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
103 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
104
105 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
106 $code_manager_model = new $code_manager_model_class();
107 $numrows = $code_manager_model::dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
108
109 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
110 $preview_changed = false;
111 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
112 if ( ! $preview_enabled ) {
113 Code_Manager_Preview::add_user_preview_code_id( $code_id );
114 $msg = new Message_Box(
115 array(
116 'message_text' => __( 'Preview enabled', 'code-manager' ),
117 )
118 );
119 $msg->box();
120 $preview_changed = true;
121 }
122 } else {
123 if ( $preview_enabled ) {
124 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
125 $msg = new Message_Box(
126 array(
127 'message_text' => __( 'Preview disabled', 'code-manager' ),
128 )
129 );
130 $msg->box();
131 $preview_changed = true;
132 }
133 }
134
135 if ( 0 === $numrows ) {
136 if ( ! $preview_changed ) {
137 $msg = new Message_Box(
138 array(
139 'message_text' => __( 'Nothing to save', 'code-manager' ),
140 )
141 );
142 $msg->box();
143 }
144 } elseif ( 1 === $numrows ) {
145 $msg = new Message_Box(
146 array(
147 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
148 )
149 );
150 $msg->box();
151 }
152 } else {
153 // No update possible, missing data.
154 $msg = new Message_Box(
155 array(
156 'message_text' => __( 'Update failed', 'code-manager' ),
157 'message_type' => 'error',
158 'message_is_dismissible' => false,
159 )
160 );
161 $msg->box();
162 }
163 }
164 // Requery.
165 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
166 $code_manager_model = new $code_manager_model_class();
167 $this->row = $code_manager_model::dml_query( $this->code_id );
168 break;
169 case 'new':
170 if ( 'save' === $this->action2 ) {
171 $this->check_authorization(); // Dies if not authorized.
172 if (
173 isset( $_REQUEST['code_name'] ) &&
174 isset( $_REQUEST['code_type'] ) &&
175 isset( $_REQUEST['code'] ) &&
176 isset( $_REQUEST['code_author'] ) &&
177 isset( $_REQUEST['code_description'] )
178 ) {
179 // All data available, start insert process.
180 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
181 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
182 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
183 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
184 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
185 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
186
187 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
188 $code_manager_model = new $code_manager_model_class();
189 $code_id = $code_manager_model::dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
190 if ( -1 === $code_id ) {
191 $msg = new Message_Box(
192 array(
193 'message_text' => __( 'Insert failed', 'code-manager' ),
194 'message_type' => 'error',
195 'message_is_dismissible' => false,
196 )
197 );
198 $msg->box();
199
200 $this->default_code_name = $code_name;
201 $this->default_code_type = $code_type;
202 $this->default_code = $code;
203 $this->default_code_enabled = $code_enabled;
204 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
205 $this->default_code_author = $code_author;
206 $this->default_code_description = $code_description;
207 } else {
208 $msg = new Message_Box(
209 array(
210 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
211 )
212 );
213 $msg->box();
214
215 $this->code_id = $code_id;
216 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
217 $code_manager_model = new $code_manager_model_class();
218 $this->row = $code_manager_model::dml_query( $this->code_id );
219 $this->action = 'edit';
220
221 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
222 Code_Manager_Preview::add_user_preview_code_id( $code_id );
223 $msg = new Message_Box(
224 array(
225 'message_text' => __( 'Preview enabled', 'code-manager' ),
226 )
227 );
228 $msg->box();
229 }
230 }
231 } else {
232 // No insert possible, missing data.
233 $msg = new Message_Box(
234 array(
235 'message_text' => __( 'Insert failed', 'code-manager' ),
236 'message_type' => 'error',
237 'message_is_dismissible' => false,
238 )
239 );
240 $msg->box();
241 }
242 }
243 }
244
245 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
246 }
247
248 /**
249 * Changes are only allow with proper authorization
250 *
251 * @since 1.0.0
252 */
253 private function check_authorization() {
254 $wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
255 if ( ! wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
256 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
257 }
258 }
259
260 /**
261 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
262 *
263 * @since 1.0.0
264 */
265 public function show() {
266 if ( null !== $this->row ) {
267 $code_name = $this->row[0]['code_name'];
268 $code_type = $this->row[0]['code_type'];
269 $code_enabled = $this->row[0]['code_enabled'];
270 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
271 $code = $this->row[0]['code'];
272 $code_author = $this->row[0]['code_author'];
273 $code_description = $this->row[0]['code_description'];
274 } else {
275 $code_name = $this->default_code_name;
276 $code_type = $this->default_code_type;
277 $code = $this->default_code;
278 $code_enabled = $this->default_code_enabled;
279 $code_preview = $this->default_code_preview;
280 $code_author = $this->default_code_author;
281 $code_description = $this->default_code_description;
282 }
283 $cm_message = Code_Manager::get_cm_message();
284 ?>
285 <div class="wrap">
286 <h1 class="wp-heading-inline">
287 <span>
288 <span class="cm_page_title">
289 <?php echo CODE_MANAGER_H1_TITLE; ?>
290 </span>
291 <?php
292 if ( ! Code_Manager_Dashboard::dashboard_enabled() ) {
293 ?>
294 <a href="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>"
295 title="Back to list">
296 <span class="material-icons cm_menu_title">menu</span></a>
297 <a href="<?php echo CODE_MANAGER_HELP_URL; ?>" target="_blank"
298 title="Plugin help - opens in a new tab or window">
299 <span class="material-icons cm_menu_title">help_outline</span></a>
300 <?php
301 }
302 ?>
303 </span>
304 </h1>
305 <p></p>
306 <div>
307 <form method="post" enctype="multipart/form-data"
308 action="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>">
309 <fieldset class="cm_fieldset">
310 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
311 <tbody>
312 <tr>
313 <td class="label">
314 <label for="code_id" title="Code ID must be entered">
315 * Code ID
316 </label>
317 </td>
318 <td class="data">
319 <input name="code_id" id="code_id" type="text"
320 value="<?php echo esc_attr( $this->code_id ); ?>" readonly="">
321 </td>
322 <td class="icon">
323 <span class="cm_data_type">123</span>
324 </td>
325 </tr>
326 <tr>
327 <td class="label">
328 <label for="code_name" title="Name must be entered">
329 * Name
330 </label>
331 </td>
332 <td class="data">
333 <input name="code_name" id="code_name" type="text" maxlength="100"
334 value="<?php echo esc_attr( $code_name ); ?>">
335 </td>
336 <td class="icon">
337 <span class="cm_data_type">abc</span></td>
338 </tr>
339 <tr>
340 <td class="label">
341 <label for="code_type" title="Type must be entered">
342 Type
343 </label>
344 </td>
345 <td class="data">
346 <select name="code_type" id="code_type">
347 <?php
348 $code_manager_tab_class = CODE_MANAGER_TAB_CLASS;
349 $code_manager_tab = new $code_manager_tab_class();
350 $code_types = $code_manager_tab->get_code_types();
351 foreach ( $code_types as $code_type_group => $value ) {
352 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">';
353 foreach ( $value as $value_code_type => $value_code_label ) {
354 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>';
355 }
356 echo '</optgroup>';
357 }
358 ?>
359 </select>
360 <script type="text/javascript">
361 jQuery('#code_type').val('<?php echo esc_attr( $code_type ); ?>');
362 </script>
363 </td>
364 <td class="icon">
365 </td>
366 </tr>
367 <tr>
368 <td class="label">
369 <label for="code_enabled">
370 Status
371 </label>
372 </td>
373 <td class="data" style="height: 30px">
374 <label>
375 <input type='checkbox' name='code_enabled'
376 <?php echo '1' === $code_enabled ? 'checked' : ''; ?>
377 >
378 Enable code
379 </label>
380 &nbsp;
381 <label>
382 <input type='checkbox' name='code_preview'
383 <?php echo $code_preview ? 'checked' : ''; ?>
384 >
385 Enable preview mode
386 </label>
387 </td>
388 </tr>
389 <tr>
390 <td class="label" style="vertical-align:top;padding-top:7px;">
391 <label for="code" title="Code must be entered">
392 Code
393 </label>
394 </td>
395 <td class="data" style="display: grid; width: 100%;">
396 <textarea name="code" id="code" style="vertical-align: top; display: none;"
397 maxlength="65535"><?php echo str_replace( '&', '&amp;', $code ); ?></textarea>
398 </td>
399 <td class="icon" style="vertical-align:top;padding-top:7px;">
400 <span class="dashicons dashicons-editor-code"></span>
401 </td>
402 </tr>
403 <tr>
404 <td class="label">
405 <label for="code_author" title="Optional">
406 Author
407 </label>
408 </td>
409 <td class="data">
410 <input name="code_author" id="code_author" type="text" maxlength="100"
411 value="<?php echo esc_attr( $code_author ); ?>">
412 </td>
413 <td class="icon">
414 <span class="cm_data_type">abc</span></td>
415 </tr>
416 <tr>
417 <td class="label" style="vertical-align:top;padding-top:7px;">
418 <label for="code_description" title="Optional">
419 Description
420 </label>
421 </td>
422 <td class="data">
423 <textarea name="code_description" id="code_description" maxlength="65536"
424 ><?php echo esc_attr( $code_description ); ?></textarea>
425 </td>
426 <td></td>
427 </tr>
428 </tbody>
429 </table>
430 </fieldset>
431 <p></p>
432 <div>
433 <input name="action" type="hidden" value="<?php echo esc_attr( $this->action ); ?>">
434 <input name="action2" type="hidden" value="save">
435 <?php wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false ); ?>
436 <input type="submit" id="submit_button" value="Save changes to database"
437 class="button button-primary" name="submit_button" onclick="return submit_form();">
438 <input type="button" onclick="javascript:location.href='?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>'"
439 class="button button-secondary" value="Back to list">
440 </div>
441 </form>
442 </div>
443 </div>
444 <script type="text/javascript">
445 var wpnonce = '<?php echo esc_attr( $this->wpnonce ); ?>';
446
447 function submit_form() {
448 if (jQuery('#code_name').val() === '') {
449 alert('Name must be entered');
450 return false;
451 }
452 user_has_edited = false;
453 return true;
454 }
455
456 <?php
457 if ( 'hide' !== $cm_message ) {
458 ?>
459 jQuery(function() {
460 cm_warning();
461 });
462 <?php
463 }
464 ?>
465 </script>
466 <?php
467 }
468
469 }
470
471 }
472