PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.23
Code Manager v1.0.23
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 3 years ago Code_Manager_Dashboard.php 3 years ago Code_Manager_Export.php 3 years ago Code_Manager_Form.php 3 years ago Code_Manager_Import.php 3 years ago Code_Manager_Import_File.php 3 years ago Code_Manager_List.php 3 years ago Code_Manager_List_View.php 3 years ago Code_Manager_Model.php 3 years ago Code_Manager_Preview.php 3 years ago Code_Manager_Settings.php 3 years ago Code_Manager_Tabs.php 3 years ago Message_Box.php 3 years ago WP_List_Table.php 3 years ago
Code_Manager_Form.php
479 lines
1 <?php
2 /**
3 * Code Manager data entry form to enter code
4 *
5 * @package Code_Manager
6 */
7
8 namespace Code_Manager {
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form {
19
20 /**
21 * Actual code manager record
22 *
23 * @var null|array
24 */
25 protected $row = null;
26
27 /**
28 * Allowed values: view (read-only mode) and edit (update mode)
29 *
30 * @var string
31 */
32 protected $action = 'edit';
33
34 /**
35 * Allowed values: null (no DML action needed) and save (perform insert or update)
36 *
37 * @var null|string
38 */
39 protected $action2 = null;
40
41 /**
42 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
43 *
44 * @var int|null
45 */
46 protected $code_id = null;
47
48 /**
49 * WP Nonce used for DML actions.
50 *
51 * @var string
52 */
53 protected $wpnone;
54
55 /* Default values */
56 protected $default_code_name = '';
57 protected $default_code_type = 'php shortcode';
58 protected $default_code = "<?php\n\n?>";
59 protected $default_code_enabled = '0';
60 protected $default_code_preview = false;
61 protected $default_code_author = '';
62 protected $default_code_description = '';
63
64 /**
65 * Code_Manager_Form constructor.
66 *
67 * Initializes data entry form and performs DML actions as requested by arguments.
68 *
69 * @since 1.0.0
70 */
71 public function __construct() {
72 $this->action =
73 isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit'; // input var okay.
74
75 $this->action2 =
76 isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null; // input var okay.
77
78 $this->code_id =
79 isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null; // input var okay.
80
81 switch ( $this->action ) {
82 case 'edit':
83 if ( null === $this->code_id ) {
84 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
85 }
86 if ( 'save' === $this->action2 ) {
87 $this->check_authorization(); // Dies if not authorized.
88 if (
89 isset( $_REQUEST['code_id'] ) &&
90 isset( $_REQUEST['code_name'] ) &&
91 isset( $_REQUEST['code_type'] ) &&
92 isset( $_REQUEST['code'] ) &&
93 isset( $_REQUEST['code_author'] ) &&
94 isset( $_REQUEST['code_description'] )
95 ) {
96 // All data available, start update process.
97 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
98 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
99 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
100 if ( isset( $_REQUEST['code_enabled'] ) ) {
101 switch( $_REQUEST['code_enabled'] ) {
102 case 'on':
103 $code_enabled = '1';
104 break;
105 case '1':
106 case '2':
107 case '3':
108 $code_enabled = sanitize_text_field( wp_unslash( $_REQUEST['code_enabled'] ) ); // input var okay.
109 break;
110 default:
111 $code_enabled = '0';
112 }
113 } else {
114 $code_enabled = '0';
115 }
116 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
117 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
118 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
119
120 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
121 $code_manager_model = new $code_manager_model_class();
122 $numrows = $code_manager_model::dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
123
124 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
125 $preview_changed = false;
126 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
127 if ( ! $preview_enabled ) {
128 Code_Manager_Preview::add_user_preview_code_id( $code_id );
129 $msg = new Message_Box(
130 array(
131 'message_text' => __( 'Preview enabled', 'code-manager' ),
132 )
133 );
134 $msg->box();
135 $preview_changed = true;
136 }
137 } else {
138 if ( $preview_enabled ) {
139 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
140 $msg = new Message_Box(
141 array(
142 'message_text' => __( 'Preview disabled', 'code-manager' ),
143 )
144 );
145 $msg->box();
146 $preview_changed = true;
147 }
148 }
149
150 if ( 0 === $numrows ) {
151 if ( ! $preview_changed ) {
152 $msg = new Message_Box(
153 array(
154 'message_text' => __( 'Nothing to save', 'code-manager' ),
155 )
156 );
157 $msg->box();
158 }
159 } elseif ( 1 === $numrows ) {
160 $msg = new Message_Box(
161 array(
162 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
163 )
164 );
165 $msg->box();
166 }
167 } else {
168 // No update possible, missing data.
169 $msg = new Message_Box(
170 array(
171 'message_text' => __( 'Update failed', 'code-manager' ),
172 'message_type' => 'error',
173 'message_is_dismissible' => false,
174 )
175 );
176 $msg->box();
177 }
178 }
179 // Requery.
180 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
181 $code_manager_model = new $code_manager_model_class();
182 $this->row = $code_manager_model::dml_query( $this->code_id );
183 break;
184 case 'new':
185 if ( 'save' === $this->action2 ) {
186 $this->check_authorization(); // Dies if not authorized.
187 if (
188 isset( $_REQUEST['code_name'] ) &&
189 isset( $_REQUEST['code_type'] ) &&
190 isset( $_REQUEST['code'] ) &&
191 isset( $_REQUEST['code_author'] ) &&
192 isset( $_REQUEST['code_description'] )
193 ) {
194 // All data available, start insert process.
195 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
196 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
197 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
198 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
199 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
200 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) ); // input var okay.
201
202 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
203 $code_manager_model = new $code_manager_model_class();
204 $code_id = $code_manager_model::dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
205 if ( -1 === $code_id ) {
206 $msg = new Message_Box(
207 array(
208 'message_text' => __( 'Insert failed', 'code-manager' ),
209 'message_type' => 'error',
210 'message_is_dismissible' => false,
211 )
212 );
213 $msg->box();
214
215 $this->default_code_name = $code_name;
216 $this->default_code_type = $code_type;
217 $this->default_code = $code;
218 $this->default_code_enabled = $code_enabled;
219 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
220 $this->default_code_author = $code_author;
221 $this->default_code_description = $code_description;
222 } else {
223 $msg = new Message_Box(
224 array(
225 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
226 )
227 );
228 $msg->box();
229
230 $this->code_id = $code_id;
231 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
232 $code_manager_model = new $code_manager_model_class();
233 $this->row = $code_manager_model::dml_query( $this->code_id );
234 $this->action = 'edit';
235
236 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
237 Code_Manager_Preview::add_user_preview_code_id( $code_id );
238 $msg = new Message_Box(
239 array(
240 'message_text' => __( 'Preview enabled', 'code-manager' ),
241 )
242 );
243 $msg->box();
244 }
245 }
246 } else {
247 // No insert possible, missing data.
248 $msg = new Message_Box(
249 array(
250 'message_text' => __( 'Insert failed', 'code-manager' ),
251 'message_type' => 'error',
252 'message_is_dismissible' => false,
253 )
254 );
255 $msg->box();
256 }
257 }
258 }
259
260 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
261 }
262
263 /**
264 * Changes are only allow with proper authorization
265 *
266 * @since 1.0.0
267 */
268 private function check_authorization() {
269 $wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
270 if ( ! wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
271 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
272 }
273 }
274
275 /**
276 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
277 *
278 * @since 1.0.0
279 */
280 public function show() {
281 if ( null !== $this->row ) {
282 $code_name = $this->row[0]['code_name'];
283 $code_type = $this->row[0]['code_type'];
284 $code_enabled = $this->row[0]['code_enabled'];
285 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
286 $code = $this->row[0]['code'];
287 $code_author = $this->row[0]['code_author'];
288 $code_description = $this->row[0]['code_description'];
289 } else {
290 $code_name = $this->default_code_name;
291 $code_type = $this->default_code_type;
292 $code = $this->default_code;
293 $code_enabled = $this->default_code_enabled;
294 $code_preview = $this->default_code_preview;
295 $code_author = $this->default_code_author;
296 $code_description = $this->default_code_description;
297 }
298 $cm_message = Code_Manager::get_cm_message();
299 ?>
300 <div class="wrap">
301 <h1 class="wp-heading-inline">
302 <?php echo CODE_MANAGER_H1_TITLE; ?>
303 </h1>
304 <p></p>
305 <div>
306 <form method="post" enctype="multipart/form-data"
307 action="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>">
308 <fieldset class="cm_fieldset">
309 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
310 <tbody>
311 <tr>
312 <td class="label">
313 <label for="code_id" title="Code ID must be entered">
314 * Code ID
315 </label>
316 </td>
317 <td class="data">
318 <input name="code_id" id="code_id" type="text"
319 value="<?php echo esc_attr( $this->code_id ); ?>" readonly="">
320 </td>
321 <td class="icon">
322 <span class="cm_data_type">123</span>
323 </td>
324 </tr>
325 <tr>
326 <td class="label">
327 <label for="code_name" title="Name must be entered">
328 * Name
329 </label>
330 </td>
331 <td class="data">
332 <input name="code_name" id="code_name" type="text" maxlength="100"
333 value="<?php echo esc_attr( $code_name ); ?>">
334 </td>
335 <td class="icon">
336 <span class="cm_data_type">abc</span></td>
337 </tr>
338 <tr>
339 <td class="label">
340 <label for="code_type" title="Type must be entered">
341 Type
342 </label>
343 </td>
344 <td class="data">
345 <select name="code_type" id="code_type">
346 <?php
347 $code_manager_tab_class = CODE_MANAGER_TAB_CLASS;
348 $code_manager_tab = new $code_manager_tab_class();
349 $code_types = $code_manager_tab->get_code_types();
350 foreach ( $code_types as $code_type_group => $value ) {
351 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">';
352 foreach ( $value as $value_code_type => $value_code_label ) {
353 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>';
354 }
355 echo '</optgroup>';
356 }
357 ?>
358 </select>
359 <script type="text/javascript">
360 jQuery('#code_type').val('<?php echo esc_attr( $code_type ); ?>');
361 </script>
362 </td>
363 <td class="icon">
364 </td>
365 </tr>
366 <tr>
367 <td class="label">
368 <label for="code_enabled">
369 Status
370 </label>
371 </td>
372 <td class="data" style="height: 30px">
373 <?php
374 $this->status_field( $code_enabled );
375 ?>
376 &nbsp;
377 <label>
378 <input type='checkbox' name='code_preview'
379 <?php echo $code_preview ? 'checked' : ''; ?>
380 >
381 Enable preview mode
382 </label>
383 </td>
384 </tr>
385 <tr>
386 <td class="label" style="vertical-align:top;padding-top:7px;">
387 <label for="code" title="Code must be entered">
388 Code
389 </label>
390 </td>
391 <td class="data" style="display: grid; width: 100%;">
392 <textarea name="code" id="code" style="vertical-align: top; display: none;"
393 maxlength="65535"><?php echo str_replace( '</textarea>', '&lt;/textarea&gt;', str_replace( '&', '&amp;', $code ) ); ?></textarea>
394 </td>
395 <td class="icon" style="vertical-align:top;padding-top:7px;">
396 <span class="dashicons dashicons-editor-code"></span>
397 </td>
398 </tr>
399 <tr>
400 <td class="label">
401 <label for="code_author" title="Optional">
402 Author
403 </label>
404 </td>
405 <td class="data">
406 <input name="code_author" id="code_author" type="text" maxlength="100"
407 value="<?php echo esc_attr( $code_author ); ?>">
408 </td>
409 <td class="icon">
410 <span class="cm_data_type">abc</span></td>
411 </tr>
412 <tr>
413 <td class="label" style="vertical-align:top;padding-top:7px;">
414 <label for="code_description" title="Optional">
415 Description
416 </label>
417 </td>
418 <td class="data">
419 <textarea name="code_description" id="code_description" maxlength="65536"
420 ><?php echo esc_attr( $code_description ); ?></textarea>
421 </td>
422 <td></td>
423 </tr>
424 </tbody>
425 </table>
426 </fieldset>
427 <p></p>
428 <div>
429 <input name="action" type="hidden" value="<?php echo esc_attr( $this->action ); ?>">
430 <input name="action2" type="hidden" value="save">
431 <?php wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false ); ?>
432 <input type="submit" id="submit_button" value="Save changes to database"
433 class="button button-primary" name="submit_button" onclick="return submit_form();">
434 <input type="button" onclick="javascript:location.href='?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>'"
435 class="button button-secondary" value="Back to list">
436 </div>
437 </form>
438 </div>
439 </div>
440 <script type="text/javascript">
441 var wpnonce = '<?php echo esc_attr( $this->wpnonce ); ?>';
442
443 function submit_form() {
444 if (jQuery('#code_name').val() === '') {
445 alert('Name must be entered');
446 return false;
447 }
448 user_has_edited = false;
449 return true;
450 }
451
452 <?php
453 if ( 'hide' !== $cm_message ) {
454 ?>
455 jQuery(function() {
456 cm_warning();
457 });
458 <?php
459 }
460 ?>
461 </script>
462 <?php
463 }
464
465 protected function status_field( $code_enabled ) {
466 ?>
467 <label>
468 <input type='checkbox' name='code_enabled'
469 <?php echo '1' === $code_enabled ? 'checked' : ''; ?>
470 >
471 Enable code
472 </label>
473 <?php
474 }
475
476 }
477
478 }
479