PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.34
Code Manager v1.0.34
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 2 years ago Code_Manager_Dashboard.php 2 years ago Code_Manager_Export.php 2 years ago Code_Manager_Form.php 2 years ago Code_Manager_Import.php 2 years ago Code_Manager_Import_File.php 2 years ago Code_Manager_List.php 2 years ago Code_Manager_List_View.php 2 years ago Code_Manager_Model.php 2 years ago Code_Manager_Preview.php 2 years ago Code_Manager_Settings.php 2 years ago Code_Manager_Tabs.php 2 years ago Message_Box.php 2 years ago WP_List_Table.php 2 years ago
Code_Manager_Form.php
508 lines
1 <?php
2
3 /**
4 * Code Manager data entry form to enter code
5 *
6 * @package Code_Manager
7 */
8 namespace Code_Manager;
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form {
19 /**
20 * Actual code manager record
21 *
22 * @var null|array
23 */
24 protected $row = null;
25
26 /**
27 * Allowed values: view (read-only mode) and edit (update mode)
28 *
29 * @var string
30 */
31 protected $action = 'edit';
32
33 /**
34 * Allowed values: null (no DML action needed) and save (perform insert or update)
35 *
36 * @var null|string
37 */
38 protected $action2 = null;
39
40 /**
41 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
42 *
43 * @var int|null
44 */
45 protected $code_id = null;
46
47 /**
48 * WP Nonce used for DML actions.
49 *
50 * @var string
51 */
52 protected $wpnonce;
53
54 /* Default values */
55 protected $default_code_name = '';
56
57 protected $default_code_type = 'php shortcode';
58
59 protected $default_code = "<?php\n\n?>";
60
61 protected $default_code_enabled = '0';
62
63 protected $default_code_preview = false;
64
65 protected $default_code_author = '';
66
67 protected $default_code_description = '';
68
69 /**
70 * Code_Manager_Form constructor.
71 *
72 * Initializes data entry form and performs DML actions as requested by arguments.
73 *
74 * @since 1.0.0
75 */
76 public function __construct() {
77 $this->action = ( isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit' );
78 // input var okay.
79 $this->action2 = ( isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null );
80 // input var okay.
81 $this->code_id = ( isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null );
82 // input var okay.
83 switch ( $this->action ) {
84 case 'edit':
85 if ( null === $this->code_id ) {
86 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
87 }
88 if ( 'save' === $this->action2 ) {
89 $this->check_authorization();
90 // Dies if not authorized.
91 if ( isset( $_REQUEST['code_id'] ) && isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
92 // All data available, start update process.
93 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
94 // input var okay.
95 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
96 // input var okay.
97 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
98 // input var okay.
99 if ( isset( $_REQUEST['code_enabled'] ) ) {
100 switch ( $_REQUEST['code_enabled'] ) {
101 case 'on':
102 $code_enabled = '1';
103 break;
104 case '1':
105 case '2':
106 case '3':
107 $code_enabled = sanitize_text_field( wp_unslash( $_REQUEST['code_enabled'] ) );
108 // input var okay.
109 break;
110 default:
111 $code_enabled = '0';
112 }
113 } else {
114 $code_enabled = '0';
115 }
116 $code = wp_unslash( $_REQUEST['code'] );
117 // input var okay.
118 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
119 // input var okay.
120 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
121 // input var okay.
122 $code_manager_model = null;
123 if ( null === $code_manager_model ) {
124 $code_manager_model = new Code_Manager_Model();
125 }
126 $numrows = $code_manager_model::dml_update(
127 $code_id,
128 $code_name,
129 $code_type,
130 $code,
131 $code_author,
132 $code_description,
133 $code_enabled
134 );
135 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
136 $preview_changed = false;
137 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
138 if ( !$preview_enabled ) {
139 Code_Manager_Preview::add_user_preview_code_id( $code_id );
140 $msg = new Message_Box(array(
141 'message_text' => __( 'Preview enabled', 'code-manager' ),
142 ));
143 $msg->box();
144 $preview_changed = true;
145 }
146 } else {
147 if ( $preview_enabled ) {
148 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
149 $msg = new Message_Box(array(
150 'message_text' => __( 'Preview disabled', 'code-manager' ),
151 ));
152 $msg->box();
153 $preview_changed = true;
154 }
155 }
156 if ( 0 === $numrows ) {
157 if ( !$preview_changed ) {
158 $msg = new Message_Box(array(
159 'message_text' => __( 'Nothing to save', 'code-manager' ),
160 ));
161 $msg->box();
162 }
163 } elseif ( 1 === $numrows ) {
164 $msg = new Message_Box(array(
165 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
166 ));
167 $msg->box();
168 }
169 } else {
170 // No update possible, missing data.
171 $msg = new Message_Box(array(
172 'message_text' => __( 'Update failed', 'code-manager' ),
173 'message_type' => 'error',
174 'message_is_dismissible' => false,
175 ));
176 $msg->box();
177 }
178 }
179 // Requery.
180 $code_manager_model = null;
181 if ( null === $code_manager_model ) {
182 $code_manager_model = new Code_Manager_Model();
183 }
184 $this->row = $code_manager_model::dml_query( $this->code_id );
185 break;
186 case 'new':
187 if ( 'save' === $this->action2 ) {
188 $this->check_authorization();
189 // Dies if not authorized.
190 if ( isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
191 // All data available, start insert process.
192 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
193 // input var okay.
194 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
195 // input var okay.
196 $code_enabled = ( isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0' );
197 $code = wp_unslash( $_REQUEST['code'] );
198 // input var okay.
199 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
200 // input var okay.
201 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
202 // input var okay.
203 $code_manager_model = null;
204 if ( null === $code_manager_model ) {
205 $code_manager_model = new Code_Manager_Model();
206 }
207 $code_id = $code_manager_model::dml_insert(
208 $code_name,
209 $code_type,
210 $code,
211 $code_author,
212 $code_description,
213 $code_enabled
214 );
215 if ( -1 === $code_id ) {
216 $msg = new Message_Box(array(
217 'message_text' => __( 'Insert failed', 'code-manager' ),
218 'message_type' => 'error',
219 'message_is_dismissible' => false,
220 ));
221 $msg->box();
222 $this->default_code_name = $code_name;
223 $this->default_code_type = $code_type;
224 $this->default_code = $code;
225 $this->default_code_enabled = $code_enabled;
226 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
227 $this->default_code_author = $code_author;
228 $this->default_code_description = $code_description;
229 } else {
230 $msg = new Message_Box(array(
231 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
232 ));
233 $msg->box();
234 $this->code_id = $code_id;
235 $code_manager_model = null;
236 if ( null === $code_manager_model ) {
237 $code_manager_model = new Code_Manager_Model();
238 }
239 $this->row = $code_manager_model::dml_query( $this->code_id );
240 $this->action = 'edit';
241 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
242 Code_Manager_Preview::add_user_preview_code_id( $code_id );
243 $msg = new Message_Box(array(
244 'message_text' => __( 'Preview enabled', 'code-manager' ),
245 ));
246 $msg->box();
247 }
248 }
249 } else {
250 // No insert possible, missing data.
251 $msg = new Message_Box(array(
252 'message_text' => __( 'Insert failed', 'code-manager' ),
253 'message_type' => 'error',
254 'message_is_dismissible' => false,
255 ));
256 $msg->box();
257 }
258 }
259 }
260 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
261 }
262
263 /**
264 * Changes are only allow with proper authorization
265 *
266 * @since 1.0.0
267 */
268 private function check_authorization() {
269 $wp_nonce = ( isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : '' );
270 // input var okay.
271 if ( !wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
272 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
273 }
274 }
275
276 /**
277 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
278 *
279 * @since 1.0.0
280 */
281 public function show() {
282 if ( null !== $this->row ) {
283 $code_name = $this->row[0]['code_name'];
284 $code_type = $this->row[0]['code_type'];
285 $code_enabled = $this->row[0]['code_enabled'];
286 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
287 $code = $this->row[0]['code'];
288 $code_author = $this->row[0]['code_author'];
289 $code_description = $this->row[0]['code_description'];
290 } else {
291 $code_name = $this->default_code_name;
292 $code_type = $this->default_code_type;
293 $code = $this->default_code;
294 $code_enabled = $this->default_code_enabled;
295 $code_preview = $this->default_code_preview;
296 $code_author = $this->default_code_author;
297 $code_description = $this->default_code_description;
298 }
299 $cm_message = Code_Manager::get_cm_message();
300 ?>
301 <div class="wrap">
302 <h1 class="wp-heading-inline">
303 <?php
304 echo CODE_MANAGER_H1_TITLE;
305 ?>
306 </h1>
307 <p></p>
308 <div>
309 <form method="post" enctype="multipart/form-data"
310 action="?page=<?php
311 echo CODE_MANAGER_MENU_SLUG;
312 ?>">
313 <fieldset class="cm_fieldset">
314 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
315 <tbody>
316 <tr>
317 <td class="label">
318 <label for="code_id" title="Code ID must be entered">
319 * Code ID
320 </label>
321 </td>
322 <td class="data">
323 <input name="code_id" id="code_id" type="text"
324 value="<?php
325 echo esc_attr( $this->code_id );
326 ?>" readonly="">
327 </td>
328 <td class="icon">
329 <span class="cm_data_type">123</span>
330 </td>
331 </tr>
332 <tr>
333 <td class="label">
334 <label for="code_name" title="Name must be entered">
335 * Name
336 </label>
337 </td>
338 <td class="data">
339 <input name="code_name" id="code_name" type="text" maxlength="100"
340 value="<?php
341 echo esc_attr( $code_name );
342 ?>">
343 </td>
344 <td class="icon">
345 <span class="cm_data_type">abc</span></td>
346 </tr>
347 <tr>
348 <td class="label">
349 <label for="code_type" title="Type must be entered">
350 Type
351 </label>
352 </td>
353 <td class="data">
354 <select name="code_type" id="code_type">
355 <?php
356 $code_manager_tab = null;
357 if ( null === $code_manager_tab ) {
358 $code_manager_tab = new Code_Manager_Tabs();
359 }
360 $code_types = $code_manager_tab->get_code_types();
361 foreach ( $code_types as $code_type_group => $value ) {
362 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">';
363 foreach ( $value as $value_code_type => $value_code_label ) {
364 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>';
365 }
366 echo '</optgroup>';
367 }
368 ?>
369 </select>
370 <script type="text/javascript">
371 jQuery('#code_type').val('<?php
372 echo esc_attr( $code_type );
373 ?>');
374 </script>
375 </td>
376 <td class="icon">
377 </td>
378 </tr>
379 <tr>
380 <td class="label">
381 <label for="code_enabled">
382 Status
383 </label>
384 </td>
385 <td class="data" style="height: 30px">
386 <?php
387 $this->status_field( $code_enabled );
388 ?>
389 &nbsp;
390 <label>
391 <input type='checkbox' name='code_preview'
392 <?php
393 echo ( $code_preview ? 'checked' : '' );
394 ?>
395 >
396 Enable preview mode
397 </label>
398 </td>
399 </tr>
400 <tr>
401 <td class="label" style="vertical-align:top;padding-top:7px;">
402 <label for="code" title="Code must be entered">
403 Code
404 </label>
405 </td>
406 <td class="data" style="display: grid; width: 100%;">
407 <textarea name="code" id="code" style="vertical-align: top; display: none;"
408 maxlength="65535"><?php
409 echo str_replace( '</textarea>', '&lt;/textarea&gt;', str_replace( '&', '&amp;', $code ) );
410 ?></textarea>
411 </td>
412 <td class="icon" style="vertical-align:top;padding-top:7px;">
413 <span class="dashicons dashicons-editor-code"></span>
414 </td>
415 </tr>
416 <tr>
417 <td class="label">
418 <label for="code_author" title="Optional">
419 Author
420 </label>
421 </td>
422 <td class="data">
423 <input name="code_author" id="code_author" type="text" maxlength="100"
424 value="<?php
425 echo esc_attr( $code_author );
426 ?>">
427 </td>
428 <td class="icon">
429 <span class="cm_data_type">abc</span></td>
430 </tr>
431 <tr>
432 <td class="label" style="vertical-align:top;padding-top:7px;">
433 <label for="code_description" title="Optional">
434 Description
435 </label>
436 </td>
437 <td class="data">
438 <textarea name="code_description" id="code_description" maxlength="65536"
439 ><?php
440 echo esc_attr( $code_description );
441 ?></textarea>
442 </td>
443 <td></td>
444 </tr>
445 </tbody>
446 </table>
447 </fieldset>
448 <p></p>
449 <div>
450 <input name="action" type="hidden" value="<?php
451 echo esc_attr( $this->action );
452 ?>">
453 <input name="action2" type="hidden" value="save">
454 <?php
455 wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false );
456 ?>
457 <input type="submit" id="submit_button" value="Save changes to database"
458 class="button button-primary" name="submit_button" onclick="return submit_form();">
459 <input type="button" onclick="javascript:location.href='?page=<?php
460 echo CODE_MANAGER_MENU_SLUG;
461 ?>'"
462 class="button button-secondary" value="Back to list">
463 </div>
464 </form>
465 </div>
466 </div>
467 <script type="text/javascript">
468 var wpnonce = '<?php
469 echo esc_attr( $this->wpnonce );
470 ?>';
471
472 function submit_form() {
473 if (jQuery('#code_name').val() === '') {
474 alert('Name must be entered');
475 return false;
476 }
477 user_has_edited = false;
478 return true;
479 }
480
481 <?php
482 if ( 'hide' !== $cm_message ) {
483 ?>
484 jQuery(function() {
485 cm_warning();
486 });
487 <?php
488 }
489 ?>
490 </script>
491 <?php
492 }
493
494 protected function status_field( $code_enabled ) {
495 ?>
496 <label>
497 <input type='checkbox' name='code_enabled'
498 <?php
499 echo ( '1' === $code_enabled ? 'checked' : '' );
500 ?>
501 >
502 Enable code
503 </label>
504 <?php
505 }
506
507 }
508