PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.20
Code Manager v1.0.20
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 3 years ago Code_Manager_Dashboard.php 3 years ago Code_Manager_Export.php 3 years ago Code_Manager_Form.php 3 years ago Code_Manager_Import.php 3 years ago Code_Manager_Import_File.php 3 years ago Code_Manager_List.php 3 years ago Code_Manager_List_View.php 3 years ago Code_Manager_Model.php 3 years ago Code_Manager_Preview.php 3 years ago Code_Manager_Settings.php 3 years ago Code_Manager_Tabs.php 3 years ago Message_Box.php 3 years ago WP_List_Table.php 3 years ago
Code_Manager_Form.php
493 lines
1 <?php
2 /**
3 * Code Manager data entry form to enter code
4 *
5 * @package Code_Manager
6 */
7
8 namespace Code_Manager {
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form {
19
20 /**
21 * Actual code manager record
22 *
23 * @var null|array
24 */
25 protected $row = null;
26
27 /**
28 * Allowed values: view (read-only mode) and edit (update mode)
29 *
30 * @var string
31 */
32 protected $action = 'edit';
33
34 /**
35 * Allowed values: null (no DML action needed) and save (perform insert or update)
36 *
37 * @var null|string
38 */
39 protected $action2 = null;
40
41 /**
42 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
43 *
44 * @var int|null
45 */
46 protected $code_id = null;
47
48 /**
49 * WP Nonce used for DML actions.
50 *
51 * @var string
52 */
53 protected $wpnone;
54
55 /* Default values */
56 protected $default_code_name = '';
57 protected $default_code_type = 'php shortcode';
58 protected $default_code = "<?php\n\n?>";
59 protected $default_code_enabled = '0';
60 protected $default_code_preview = false;
61 protected $default_code_author = '';
62 protected $default_code_description = '';
63
64 /**
65 * Code_Manager_Form constructor.
66 *
67 * Initializes data entry form and performs DML actions as requested by arguments.
68 *
69 * @since 1.0.0
70 */
71 public function __construct() {
72 $this->action =
73 isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit'; // input var okay.
74
75 $this->action2 =
76 isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null; // input var okay.
77
78 $this->code_id =
79 isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null; // input var okay.
80
81 switch ( $this->action ) {
82 case 'edit':
83 if ( null === $this->code_id ) {
84 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
85 }
86 if ( 'save' === $this->action2 ) {
87 $this->check_authorization(); // Dies if not authorized.
88 if (
89 isset( $_REQUEST['code_id'] ) &&
90 isset( $_REQUEST['code_name'] ) &&
91 isset( $_REQUEST['code_type'] ) &&
92 isset( $_REQUEST['code'] ) &&
93 isset( $_REQUEST['code_author'] ) &&
94 isset( $_REQUEST['code_description'] )
95 ) {
96 // All data available, start update process.
97 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
98 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
99 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
100 if ( isset( $_REQUEST['code_enabled'] ) ) {
101 switch( $_REQUEST['code_enabled'] ) {
102 case 'on':
103 $code_enabled = '1';
104 break;
105 case '1':
106 case '2':
107 case '3':
108 $code_enabled = sanitize_text_field( wp_unslash( $_REQUEST['code_enabled'] ) ); // input var okay.
109 break;
110 default:
111 $code_enabled = '0';
112 }
113 }
114 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
115 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
116 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
117
118 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
119 $code_manager_model = new $code_manager_model_class();
120 $numrows = $code_manager_model::dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
121
122 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
123 $preview_changed = false;
124 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
125 if ( ! $preview_enabled ) {
126 Code_Manager_Preview::add_user_preview_code_id( $code_id );
127 $msg = new Message_Box(
128 array(
129 'message_text' => __( 'Preview enabled', 'code-manager' ),
130 )
131 );
132 $msg->box();
133 $preview_changed = true;
134 }
135 } else {
136 if ( $preview_enabled ) {
137 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
138 $msg = new Message_Box(
139 array(
140 'message_text' => __( 'Preview disabled', 'code-manager' ),
141 )
142 );
143 $msg->box();
144 $preview_changed = true;
145 }
146 }
147
148 if ( 0 === $numrows ) {
149 if ( ! $preview_changed ) {
150 $msg = new Message_Box(
151 array(
152 'message_text' => __( 'Nothing to save', 'code-manager' ),
153 )
154 );
155 $msg->box();
156 }
157 } elseif ( 1 === $numrows ) {
158 $msg = new Message_Box(
159 array(
160 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
161 )
162 );
163 $msg->box();
164 }
165 } else {
166 // No update possible, missing data.
167 $msg = new Message_Box(
168 array(
169 'message_text' => __( 'Update failed', 'code-manager' ),
170 'message_type' => 'error',
171 'message_is_dismissible' => false,
172 )
173 );
174 $msg->box();
175 }
176 }
177 // Requery.
178 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
179 $code_manager_model = new $code_manager_model_class();
180 $this->row = $code_manager_model::dml_query( $this->code_id );
181 break;
182 case 'new':
183 if ( 'save' === $this->action2 ) {
184 $this->check_authorization(); // Dies if not authorized.
185 if (
186 isset( $_REQUEST['code_name'] ) &&
187 isset( $_REQUEST['code_type'] ) &&
188 isset( $_REQUEST['code'] ) &&
189 isset( $_REQUEST['code_author'] ) &&
190 isset( $_REQUEST['code_description'] )
191 ) {
192 // All data available, start insert process.
193 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
194 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
195 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
196 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
197 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
198 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
199
200 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
201 $code_manager_model = new $code_manager_model_class();
202 $code_id = $code_manager_model::dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
203 if ( -1 === $code_id ) {
204 $msg = new Message_Box(
205 array(
206 'message_text' => __( 'Insert failed', 'code-manager' ),
207 'message_type' => 'error',
208 'message_is_dismissible' => false,
209 )
210 );
211 $msg->box();
212
213 $this->default_code_name = $code_name;
214 $this->default_code_type = $code_type;
215 $this->default_code = $code;
216 $this->default_code_enabled = $code_enabled;
217 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
218 $this->default_code_author = $code_author;
219 $this->default_code_description = $code_description;
220 } else {
221 $msg = new Message_Box(
222 array(
223 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
224 )
225 );
226 $msg->box();
227
228 $this->code_id = $code_id;
229 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
230 $code_manager_model = new $code_manager_model_class();
231 $this->row = $code_manager_model::dml_query( $this->code_id );
232 $this->action = 'edit';
233
234 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
235 Code_Manager_Preview::add_user_preview_code_id( $code_id );
236 $msg = new Message_Box(
237 array(
238 'message_text' => __( 'Preview enabled', 'code-manager' ),
239 )
240 );
241 $msg->box();
242 }
243 }
244 } else {
245 // No insert possible, missing data.
246 $msg = new Message_Box(
247 array(
248 'message_text' => __( 'Insert failed', 'code-manager' ),
249 'message_type' => 'error',
250 'message_is_dismissible' => false,
251 )
252 );
253 $msg->box();
254 }
255 }
256 }
257
258 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
259 }
260
261 /**
262 * Changes are only allow with proper authorization
263 *
264 * @since 1.0.0
265 */
266 private function check_authorization() {
267 $wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
268 if ( ! wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
269 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
270 }
271 }
272
273 /**
274 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
275 *
276 * @since 1.0.0
277 */
278 public function show() {
279 if ( null !== $this->row ) {
280 $code_name = $this->row[0]['code_name'];
281 $code_type = $this->row[0]['code_type'];
282 $code_enabled = $this->row[0]['code_enabled'];
283 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
284 $code = $this->row[0]['code'];
285 $code_author = $this->row[0]['code_author'];
286 $code_description = $this->row[0]['code_description'];
287 } else {
288 $code_name = $this->default_code_name;
289 $code_type = $this->default_code_type;
290 $code = $this->default_code;
291 $code_enabled = $this->default_code_enabled;
292 $code_preview = $this->default_code_preview;
293 $code_author = $this->default_code_author;
294 $code_description = $this->default_code_description;
295 }
296 $cm_message = Code_Manager::get_cm_message();
297 ?>
298 <div class="wrap">
299 <h1 class="wp-heading-inline">
300 <span>
301 <span class="cm_page_title">
302 <?php echo CODE_MANAGER_H1_TITLE; ?>
303 </span>
304 <?php
305 if ( ! Code_Manager_Dashboard::dashboard_enabled() ) {
306 ?>
307 <a href="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>"
308 title="Back to list">
309 <i class="fas fa-table-list cm_menu_title"></i></a>
310 <a href="<?php echo CODE_MANAGER_HELP_URL; ?>" target="_blank"
311 title="Plugin help - opens in a new tab or window">
312 <i class="fas fa-circle-question cm_menu_title"></i></a>
313 <?php
314 }
315 ?>
316 </span>
317 </h1>
318 <p></p>
319 <div>
320 <form method="post" enctype="multipart/form-data"
321 action="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>">
322 <fieldset class="cm_fieldset">
323 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
324 <tbody>
325 <tr>
326 <td class="label">
327 <label for="code_id" title="Code ID must be entered">
328 * Code ID
329 </label>
330 </td>
331 <td class="data">
332 <input name="code_id" id="code_id" type="text"
333 value="<?php echo esc_attr( $this->code_id ); ?>" readonly="">
334 </td>
335 <td class="icon">
336 <span class="cm_data_type">123</span>
337 </td>
338 </tr>
339 <tr>
340 <td class="label">
341 <label for="code_name" title="Name must be entered">
342 * Name
343 </label>
344 </td>
345 <td class="data">
346 <input name="code_name" id="code_name" type="text" maxlength="100"
347 value="<?php echo esc_attr( $code_name ); ?>">
348 </td>
349 <td class="icon">
350 <span class="cm_data_type">abc</span></td>
351 </tr>
352 <tr>
353 <td class="label">
354 <label for="code_type" title="Type must be entered">
355 Type
356 </label>
357 </td>
358 <td class="data">
359 <select name="code_type" id="code_type">
360 <?php
361 $code_manager_tab_class = CODE_MANAGER_TAB_CLASS;
362 $code_manager_tab = new $code_manager_tab_class();
363 $code_types = $code_manager_tab->get_code_types();
364 foreach ( $code_types as $code_type_group => $value ) {
365 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">';
366 foreach ( $value as $value_code_type => $value_code_label ) {
367 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>';
368 }
369 echo '</optgroup>';
370 }
371 ?>
372 </select>
373 <script type="text/javascript">
374 jQuery('#code_type').val('<?php echo esc_attr( $code_type ); ?>');
375 </script>
376 </td>
377 <td class="icon">
378 </td>
379 </tr>
380 <tr>
381 <td class="label">
382 <label for="code_enabled">
383 Status
384 </label>
385 </td>
386 <td class="data" style="height: 30px">
387 <?php
388 $this->status_field( $code_enabled );
389 ?>
390 &nbsp;
391 <label>
392 <input type='checkbox' name='code_preview'
393 <?php echo $code_preview ? 'checked' : ''; ?>
394 >
395 Enable preview mode
396 </label>
397 </td>
398 </tr>
399 <tr>
400 <td class="label" style="vertical-align:top;padding-top:7px;">
401 <label for="code" title="Code must be entered">
402 Code
403 </label>
404 </td>
405 <td class="data" style="display: grid; width: 100%;">
406 <textarea name="code" id="code" style="vertical-align: top; display: none;"
407 maxlength="65535"><?php echo str_replace( '</textarea>', '&lt;/textarea&gt;', str_replace( '&', '&amp;', $code ) ); ?></textarea>
408 </td>
409 <td class="icon" style="vertical-align:top;padding-top:7px;">
410 <span class="dashicons dashicons-editor-code"></span>
411 </td>
412 </tr>
413 <tr>
414 <td class="label">
415 <label for="code_author" title="Optional">
416 Author
417 </label>
418 </td>
419 <td class="data">
420 <input name="code_author" id="code_author" type="text" maxlength="100"
421 value="<?php echo esc_attr( $code_author ); ?>">
422 </td>
423 <td class="icon">
424 <span class="cm_data_type">abc</span></td>
425 </tr>
426 <tr>
427 <td class="label" style="vertical-align:top;padding-top:7px;">
428 <label for="code_description" title="Optional">
429 Description
430 </label>
431 </td>
432 <td class="data">
433 <textarea name="code_description" id="code_description" maxlength="65536"
434 ><?php echo esc_attr( $code_description ); ?></textarea>
435 </td>
436 <td></td>
437 </tr>
438 </tbody>
439 </table>
440 </fieldset>
441 <p></p>
442 <div>
443 <input name="action" type="hidden" value="<?php echo esc_attr( $this->action ); ?>">
444 <input name="action2" type="hidden" value="save">
445 <?php wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false ); ?>
446 <input type="submit" id="submit_button" value="Save changes to database"
447 class="button button-primary" name="submit_button" onclick="return submit_form();">
448 <input type="button" onclick="javascript:location.href='?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>'"
449 class="button button-secondary" value="Back to list">
450 </div>
451 </form>
452 </div>
453 </div>
454 <script type="text/javascript">
455 var wpnonce = '<?php echo esc_attr( $this->wpnonce ); ?>';
456
457 function submit_form() {
458 if (jQuery('#code_name').val() === '') {
459 alert('Name must be entered');
460 return false;
461 }
462 user_has_edited = false;
463 return true;
464 }
465
466 <?php
467 if ( 'hide' !== $cm_message ) {
468 ?>
469 jQuery(function() {
470 cm_warning();
471 });
472 <?php
473 }
474 ?>
475 </script>
476 <?php
477 }
478
479 protected function status_field( $code_enabled ) {
480 ?>
481 <label>
482 <input type='checkbox' name='code_enabled'
483 <?php echo '1' === $code_enabled ? 'checked' : ''; ?>
484 >
485 Enable code
486 </label>
487 <?php
488 }
489
490 }
491
492 }
493