PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.32
Code Manager v1.0.32
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 2 years ago Code_Manager_Dashboard.php 2 years ago Code_Manager_Export.php 2 years ago Code_Manager_Form.php 2 years ago Code_Manager_Import.php 2 years ago Code_Manager_Import_File.php 2 years ago Code_Manager_List.php 2 years ago Code_Manager_List_View.php 2 years ago Code_Manager_Model.php 2 years ago Code_Manager_Preview.php 2 years ago Code_Manager_Settings.php 2 years ago Code_Manager_Tabs.php 2 years ago Message_Box.php 2 years ago WP_List_Table.php 2 years ago
Code_Manager_Form.php
526 lines
1 <?php
2
3 /**
4 * Code Manager data entry form to enter code
5 *
6 * @package Code_Manager
7 */
8 namespace Code_Manager;
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form
19 {
20 /**
21 * Actual code manager record
22 *
23 * @var null|array
24 */
25 protected $row = null ;
26 /**
27 * Allowed values: view (read-only mode) and edit (update mode)
28 *
29 * @var string
30 */
31 protected $action = 'edit' ;
32 /**
33 * Allowed values: null (no DML action needed) and save (perform insert or update)
34 *
35 * @var null|string
36 */
37 protected $action2 = null ;
38 /**
39 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
40 *
41 * @var int|null
42 */
43 protected $code_id = null ;
44 /**
45 * WP Nonce used for DML actions.
46 *
47 * @var string
48 */
49 protected $wpnonce ;
50 /* Default values */
51 protected $default_code_name = '' ;
52 protected $default_code_type = 'php shortcode' ;
53 protected $default_code = "<?php\n\n?>" ;
54 protected $default_code_enabled = '0' ;
55 protected $default_code_preview = false ;
56 protected $default_code_author = '' ;
57 protected $default_code_description = '' ;
58 /**
59 * Code_Manager_Form constructor.
60 *
61 * Initializes data entry form and performs DML actions as requested by arguments.
62 *
63 * @since 1.0.0
64 */
65 public function __construct()
66 {
67 $this->action = ( isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit' );
68 // input var okay.
69 $this->action2 = ( isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null );
70 // input var okay.
71 $this->code_id = ( isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null );
72 // input var okay.
73 switch ( $this->action ) {
74 case 'edit':
75 if ( null === $this->code_id ) {
76 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
77 }
78
79 if ( 'save' === $this->action2 ) {
80 $this->check_authorization();
81 // Dies if not authorized.
82
83 if ( isset( $_REQUEST['code_id'] ) && isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
84 // All data available, start update process.
85 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
86 // input var okay.
87 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
88 // input var okay.
89 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
90 // input var okay.
91
92 if ( isset( $_REQUEST['code_enabled'] ) ) {
93 switch ( $_REQUEST['code_enabled'] ) {
94 case 'on':
95 $code_enabled = '1';
96 break;
97 case '1':
98 case '2':
99 case '3':
100 $code_enabled = sanitize_text_field( wp_unslash( $_REQUEST['code_enabled'] ) );
101 // input var okay.
102 break;
103 default:
104 $code_enabled = '0';
105 }
106 } else {
107 $code_enabled = '0';
108 }
109
110 $code = wp_unslash( $_REQUEST['code'] );
111 // input var okay.
112 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
113 // input var okay.
114 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
115 // input var okay.
116 $code_manager_model = null;
117 if ( null === $code_manager_model ) {
118 $code_manager_model = new Code_Manager_Model();
119 }
120 $numrows = $code_manager_model::dml_update(
121 $code_id,
122 $code_name,
123 $code_type,
124 $code,
125 $code_author,
126 $code_description,
127 $code_enabled
128 );
129 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
130 $preview_changed = false;
131
132 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
133
134 if ( !$preview_enabled ) {
135 Code_Manager_Preview::add_user_preview_code_id( $code_id );
136 $msg = new Message_Box( array(
137 'message_text' => __( 'Preview enabled', 'code-manager' ),
138 ) );
139 $msg->box();
140 $preview_changed = true;
141 }
142
143 } else {
144
145 if ( $preview_enabled ) {
146 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
147 $msg = new Message_Box( array(
148 'message_text' => __( 'Preview disabled', 'code-manager' ),
149 ) );
150 $msg->box();
151 $preview_changed = true;
152 }
153
154 }
155
156
157 if ( 0 === $numrows ) {
158
159 if ( !$preview_changed ) {
160 $msg = new Message_Box( array(
161 'message_text' => __( 'Nothing to save', 'code-manager' ),
162 ) );
163 $msg->box();
164 }
165
166 } elseif ( 1 === $numrows ) {
167 $msg = new Message_Box( array(
168 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
169 ) );
170 $msg->box();
171 }
172
173 } else {
174 // No update possible, missing data.
175 $msg = new Message_Box( array(
176 'message_text' => __( 'Update failed', 'code-manager' ),
177 'message_type' => 'error',
178 'message_is_dismissible' => false,
179 ) );
180 $msg->box();
181 }
182
183 }
184
185 // Requery.
186 $code_manager_model = null;
187 if ( null === $code_manager_model ) {
188 $code_manager_model = new Code_Manager_Model();
189 }
190 $this->row = $code_manager_model::dml_query( $this->code_id );
191 break;
192 case 'new':
193
194 if ( 'save' === $this->action2 ) {
195 $this->check_authorization();
196 // Dies if not authorized.
197
198 if ( isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
199 // All data available, start insert process.
200 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
201 // input var okay.
202 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
203 // input var okay.
204 $code_enabled = ( isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0' );
205 $code = wp_unslash( $_REQUEST['code'] );
206 // input var okay.
207 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
208 // input var okay.
209 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
210 // input var okay.
211 $code_manager_model = null;
212 if ( null === $code_manager_model ) {
213 $code_manager_model = new Code_Manager_Model();
214 }
215 $code_id = $code_manager_model::dml_insert(
216 $code_name,
217 $code_type,
218 $code,
219 $code_author,
220 $code_description,
221 $code_enabled
222 );
223
224 if ( -1 === $code_id ) {
225 $msg = new Message_Box( array(
226 'message_text' => __( 'Insert failed', 'code-manager' ),
227 'message_type' => 'error',
228 'message_is_dismissible' => false,
229 ) );
230 $msg->box();
231 $this->default_code_name = $code_name;
232 $this->default_code_type = $code_type;
233 $this->default_code = $code;
234 $this->default_code_enabled = $code_enabled;
235 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
236 $this->default_code_author = $code_author;
237 $this->default_code_description = $code_description;
238 } else {
239 $msg = new Message_Box( array(
240 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
241 ) );
242 $msg->box();
243 $this->code_id = $code_id;
244 $code_manager_model = null;
245 if ( null === $code_manager_model ) {
246 $code_manager_model = new Code_Manager_Model();
247 }
248 $this->row = $code_manager_model::dml_query( $this->code_id );
249 $this->action = 'edit';
250
251 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
252 Code_Manager_Preview::add_user_preview_code_id( $code_id );
253 $msg = new Message_Box( array(
254 'message_text' => __( 'Preview enabled', 'code-manager' ),
255 ) );
256 $msg->box();
257 }
258
259 }
260
261 } else {
262 // No insert possible, missing data.
263 $msg = new Message_Box( array(
264 'message_text' => __( 'Insert failed', 'code-manager' ),
265 'message_type' => 'error',
266 'message_is_dismissible' => false,
267 ) );
268 $msg->box();
269 }
270
271 }
272
273 }
274 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
275 }
276
277 /**
278 * Changes are only allow with proper authorization
279 *
280 * @since 1.0.0
281 */
282 private function check_authorization()
283 {
284 $wp_nonce = ( isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : '' );
285 // input var okay.
286 if ( !wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
287 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
288 }
289 }
290
291 /**
292 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
293 *
294 * @since 1.0.0
295 */
296 public function show()
297 {
298
299 if ( null !== $this->row ) {
300 $code_name = $this->row[0]['code_name'];
301 $code_type = $this->row[0]['code_type'];
302 $code_enabled = $this->row[0]['code_enabled'];
303 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
304 $code = $this->row[0]['code'];
305 $code_author = $this->row[0]['code_author'];
306 $code_description = $this->row[0]['code_description'];
307 } else {
308 $code_name = $this->default_code_name;
309 $code_type = $this->default_code_type;
310 $code = $this->default_code;
311 $code_enabled = $this->default_code_enabled;
312 $code_preview = $this->default_code_preview;
313 $code_author = $this->default_code_author;
314 $code_description = $this->default_code_description;
315 }
316
317 $cm_message = Code_Manager::get_cm_message();
318 ?>
319 <div class="wrap">
320 <h1 class="wp-heading-inline">
321 <?php
322 echo CODE_MANAGER_H1_TITLE ;
323 ?>
324 </h1>
325 <p></p>
326 <div>
327 <form method="post" enctype="multipart/form-data"
328 action="?page=<?php
329 echo CODE_MANAGER_MENU_SLUG ;
330 ?>">
331 <fieldset class="cm_fieldset">
332 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
333 <tbody>
334 <tr>
335 <td class="label">
336 <label for="code_id" title="Code ID must be entered">
337 * Code ID
338 </label>
339 </td>
340 <td class="data">
341 <input name="code_id" id="code_id" type="text"
342 value="<?php
343 echo esc_attr( $this->code_id ) ;
344 ?>" readonly="">
345 </td>
346 <td class="icon">
347 <span class="cm_data_type">123</span>
348 </td>
349 </tr>
350 <tr>
351 <td class="label">
352 <label for="code_name" title="Name must be entered">
353 * Name
354 </label>
355 </td>
356 <td class="data">
357 <input name="code_name" id="code_name" type="text" maxlength="100"
358 value="<?php
359 echo esc_attr( $code_name ) ;
360 ?>">
361 </td>
362 <td class="icon">
363 <span class="cm_data_type">abc</span></td>
364 </tr>
365 <tr>
366 <td class="label">
367 <label for="code_type" title="Type must be entered">
368 Type
369 </label>
370 </td>
371 <td class="data">
372 <select name="code_type" id="code_type">
373 <?php
374 $code_manager_tab = null;
375 if ( null === $code_manager_tab ) {
376 $code_manager_tab = new Code_Manager_Tabs();
377 }
378 $code_types = $code_manager_tab->get_code_types();
379 foreach ( $code_types as $code_type_group => $value ) {
380 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">' ;
381 foreach ( $value as $value_code_type => $value_code_label ) {
382 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>' ;
383 }
384 echo '</optgroup>' ;
385 }
386 ?>
387 </select>
388 <script type="text/javascript">
389 jQuery('#code_type').val('<?php
390 echo esc_attr( $code_type ) ;
391 ?>');
392 </script>
393 </td>
394 <td class="icon">
395 </td>
396 </tr>
397 <tr>
398 <td class="label">
399 <label for="code_enabled">
400 Status
401 </label>
402 </td>
403 <td class="data" style="height: 30px">
404 <?php
405 $this->status_field( $code_enabled );
406 ?>
407 &nbsp;
408 <label>
409 <input type='checkbox' name='code_preview'
410 <?php
411 echo ( $code_preview ? 'checked' : '' ) ;
412 ?>
413 >
414 Enable preview mode
415 </label>
416 </td>
417 </tr>
418 <tr>
419 <td class="label" style="vertical-align:top;padding-top:7px;">
420 <label for="code" title="Code must be entered">
421 Code
422 </label>
423 </td>
424 <td class="data" style="display: grid; width: 100%;">
425 <textarea name="code" id="code" style="vertical-align: top; display: none;"
426 maxlength="65535"><?php
427 echo str_replace( '</textarea>', '&lt;/textarea&gt;', str_replace( '&', '&amp;', $code ) ) ;
428 ?></textarea>
429 </td>
430 <td class="icon" style="vertical-align:top;padding-top:7px;">
431 <span class="dashicons dashicons-editor-code"></span>
432 </td>
433 </tr>
434 <tr>
435 <td class="label">
436 <label for="code_author" title="Optional">
437 Author
438 </label>
439 </td>
440 <td class="data">
441 <input name="code_author" id="code_author" type="text" maxlength="100"
442 value="<?php
443 echo esc_attr( $code_author ) ;
444 ?>">
445 </td>
446 <td class="icon">
447 <span class="cm_data_type">abc</span></td>
448 </tr>
449 <tr>
450 <td class="label" style="vertical-align:top;padding-top:7px;">
451 <label for="code_description" title="Optional">
452 Description
453 </label>
454 </td>
455 <td class="data">
456 <textarea name="code_description" id="code_description" maxlength="65536"
457 ><?php
458 echo esc_attr( $code_description ) ;
459 ?></textarea>
460 </td>
461 <td></td>
462 </tr>
463 </tbody>
464 </table>
465 </fieldset>
466 <p></p>
467 <div>
468 <input name="action" type="hidden" value="<?php
469 echo esc_attr( $this->action ) ;
470 ?>">
471 <input name="action2" type="hidden" value="save">
472 <?php
473 wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false );
474 ?>
475 <input type="submit" id="submit_button" value="Save changes to database"
476 class="button button-primary" name="submit_button" onclick="return submit_form();">
477 <input type="button" onclick="javascript:location.href='?page=<?php
478 echo CODE_MANAGER_MENU_SLUG ;
479 ?>'"
480 class="button button-secondary" value="Back to list">
481 </div>
482 </form>
483 </div>
484 </div>
485 <script type="text/javascript">
486 var wpnonce = '<?php
487 echo esc_attr( $this->wpnonce ) ;
488 ?>';
489
490 function submit_form() {
491 if (jQuery('#code_name').val() === '') {
492 alert('Name must be entered');
493 return false;
494 }
495 user_has_edited = false;
496 return true;
497 }
498
499 <?php
500 if ( 'hide' !== $cm_message ) {
501 ?>
502 jQuery(function() {
503 cm_warning();
504 });
505 <?php
506 }
507 ?>
508 </script>
509 <?php
510 }
511
512 protected function status_field( $code_enabled )
513 {
514 ?>
515 <label>
516 <input type='checkbox' name='code_enabled'
517 <?php
518 echo ( '1' === $code_enabled ? 'checked' : '' ) ;
519 ?>
520 >
521 Enable code
522 </label>
523 <?php
524 }
525
526 }