PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.47
Code Manager v1.0.47
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 6 days ago Code_Manager_Dashboard.php 6 days ago Code_Manager_Export.php 6 days ago Code_Manager_Form.php 6 days ago Code_Manager_Import.php 6 days ago Code_Manager_Import_File.php 6 days ago Code_Manager_List.php 6 days ago Code_Manager_List_View.php 6 days ago Code_Manager_Model.php 6 days ago Code_Manager_Preview.php 6 days ago Code_Manager_Settings.php 6 days ago Code_Manager_Tabs.php 6 days ago Message_Box.php 6 days ago WP_List_Table.php 6 days ago
Code_Manager_Form.php
495 lines
1 <?php
2
3 /**
4 * Code Manager data entry form to enter code
5 *
6 * @package Code_Manager
7 */
8 namespace Code_Manager;
9
10 /**
11 * Class Code_Manager_Form
12 *
13 * Implements data entry form for Code Manager.
14 *
15 * @author Peter Schulz
16 * @since 1.0.0
17 */
18 class Code_Manager_Form {
19 /**
20 * Actual code manager record
21 *
22 * @var null|array
23 */
24 protected $row = null;
25
26 /**
27 * Allowed values: view (read-only mode) and edit (update mode)
28 *
29 * @var string
30 */
31 protected $action = 'edit';
32
33 /**
34 * Allowed values: null (no DML action needed) and save (perform insert or update)
35 *
36 * @var null|string
37 */
38 protected $action2 = null;
39
40 /**
41 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
42 *
43 * @var int|null
44 */
45 protected $code_id = null;
46
47 /**
48 * WP Nonce used for DML actions.
49 *
50 * @var string
51 */
52 protected $wpnonce;
53
54 /* Default values */
55 protected $default_code_name = '';
56
57 protected $default_code_type = 'php shortcode';
58
59 protected $default_code = "<?php\n\n?>";
60
61 protected $default_code_enabled = '0';
62
63 protected $default_code_preview = false;
64
65 protected $default_code_author = '';
66
67 protected $default_code_description = '';
68
69 protected $default_url = '';
70
71 /**
72 * Code_Manager_Form constructor.
73 *
74 * Initializes data entry form and performs DML actions as requested by arguments.
75 *
76 * @since 1.0.0
77 */
78 public function __construct() {
79 $this->action = ( isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit' );
80 // input var okay.
81 $this->action2 = ( isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null );
82 // input var okay.
83 $this->code_id = ( isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null );
84 // input var okay.
85 switch ( $this->action ) {
86 case 'edit':
87 if ( null === $this->code_id ) {
88 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
89 }
90 if ( 'save' === $this->action2 ) {
91 $this->check_authorization();
92 // Dies if not authorized.
93 if ( isset( $_REQUEST['code_id'] ) && isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
94 // All data available, start update process.
95 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) );
96 // input var okay.
97 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
98 // input var okay.
99 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
100 // input var okay.
101 if ( isset( $_REQUEST['code_enabled'] ) ) {
102 switch ( $_REQUEST['code_enabled'] ) {
103 case 'on':
104 $code_enabled = '1';
105 break;
106 case '1':
107 case '2':
108 case '3':
109 $code_enabled = sanitize_text_field( wp_unslash( $_REQUEST['code_enabled'] ) );
110 // input var okay.
111 break;
112 default:
113 $code_enabled = '0';
114 }
115 } else {
116 $code_enabled = '0';
117 }
118 $code = wp_unslash( $_REQUEST['code'] );
119 // input var okay.
120 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
121 // input var okay.
122 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
123 // input var okay.
124 $code_manager_model = new Code_Manager_Model();
125 $numrows = $code_manager_model::dml_update(
126 $code_id,
127 $code_name,
128 $code_type,
129 $code,
130 $code_author,
131 $code_description,
132 $code_enabled
133 );
134 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
135 $preview_changed = false;
136 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
137 if ( !$preview_enabled ) {
138 Code_Manager_Preview::add_user_preview_code_id( $code_id );
139 $msg = new Message_Box(array(
140 'message_text' => __( 'Preview enabled', 'code-manager' ),
141 ));
142 $msg->box();
143 $preview_changed = true;
144 }
145 } else {
146 if ( $preview_enabled ) {
147 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
148 $msg = new Message_Box(array(
149 'message_text' => __( 'Preview disabled', 'code-manager' ),
150 ));
151 $msg->box();
152 $preview_changed = true;
153 }
154 }
155 if ( 0 === $numrows ) {
156 if ( !$preview_changed ) {
157 $msg = new Message_Box(array(
158 'message_text' => __( 'Nothing to save', 'code-manager' ),
159 ));
160 $msg->box();
161 }
162 } elseif ( 1 === $numrows ) {
163 $msg = new Message_Box(array(
164 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
165 ));
166 $msg->box();
167 }
168 } else {
169 // No update possible, missing data.
170 $msg = new Message_Box(array(
171 'message_text' => __( 'Update failed', 'code-manager' ),
172 'message_type' => 'error',
173 'message_is_dismissible' => false,
174 ));
175 $msg->box();
176 }
177 }
178 // Requery.
179 $code_manager_model = new Code_Manager_Model();
180 $this->row = $code_manager_model::dml_query( $this->code_id );
181 break;
182 case 'new':
183 if ( 'save' === $this->action2 ) {
184 $this->check_authorization();
185 // Dies if not authorized.
186 if ( isset( $_REQUEST['code_name'] ) && isset( $_REQUEST['code_type'] ) && isset( $_REQUEST['code'] ) && isset( $_REQUEST['code_author'] ) && isset( $_REQUEST['code_description'] ) ) {
187 // All data available, start insert process.
188 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) );
189 // input var okay.
190 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) );
191 // input var okay.
192 $code_enabled = ( isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0' );
193 $code = wp_unslash( $_REQUEST['code'] );
194 // input var okay.
195 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) );
196 // input var okay.
197 $code_description = sanitize_textarea_field( wp_unslash( $_REQUEST['code_description'] ) );
198 // input var okay.
199 $code_manager_model = new Code_Manager_Model();
200 $code_id = $code_manager_model::dml_insert(
201 $code_name,
202 $code_type,
203 $code,
204 $code_author,
205 $code_description,
206 $code_enabled
207 );
208 if ( -1 === $code_id ) {
209 $msg = new Message_Box(array(
210 'message_text' => __( 'Insert failed', 'code-manager' ),
211 'message_type' => 'error',
212 'message_is_dismissible' => false,
213 ));
214 $msg->box();
215 $this->default_code_name = $code_name;
216 $this->default_code_type = $code_type;
217 $this->default_code = $code;
218 $this->default_code_enabled = $code_enabled;
219 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
220 $this->default_code_author = $code_author;
221 $this->default_code_description = $code_description;
222 } else {
223 $msg = new Message_Box(array(
224 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
225 ));
226 $msg->box();
227 $this->code_id = $code_id;
228 $code_manager_model = new Code_Manager_Model();
229 $this->row = $code_manager_model::dml_query( $this->code_id );
230 $this->action = 'edit';
231 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
232 Code_Manager_Preview::add_user_preview_code_id( $code_id );
233 $msg = new Message_Box(array(
234 'message_text' => __( 'Preview enabled', 'code-manager' ),
235 ));
236 $msg->box();
237 }
238 }
239 } else {
240 // No insert possible, missing data.
241 $msg = new Message_Box(array(
242 'message_text' => __( 'Insert failed', 'code-manager' ),
243 'message_type' => 'error',
244 'message_is_dismissible' => false,
245 ));
246 $msg->box();
247 }
248 }
249 }
250 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
251 }
252
253 /**
254 * Changes are only allow with proper authorization
255 *
256 * @since 1.0.0
257 */
258 private function check_authorization() {
259 $wp_nonce = ( isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : '' );
260 // input var okay.
261 if ( !wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
262 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
263 }
264 }
265
266 /**
267 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
268 *
269 * @since 1.0.0
270 */
271 public function show() {
272 if ( null !== $this->row ) {
273 $code_name = $this->row[0]['code_name'];
274 $code_type = $this->row[0]['code_type'];
275 $code_enabled = $this->row[0]['code_enabled'];
276 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
277 $code = $this->row[0]['code'];
278 $code_author = $this->row[0]['code_author'];
279 $code_description = $this->row[0]['code_description'];
280 } else {
281 $code_name = $this->default_code_name;
282 $code_type = $this->default_code_type;
283 $code = $this->default_code;
284 $code_enabled = $this->default_code_enabled;
285 $code_preview = $this->default_code_preview;
286 $code_author = $this->default_code_author;
287 $code_description = $this->default_code_description;
288 }
289 $cm_message = Code_Manager::get_cm_message();
290 ?>
291 <div class="wrap">
292 <h1 class="wp-heading-inline">
293 <?php
294 echo 'Code Manager';
295 ?>
296 </h1>
297 <p></p>
298 <div>
299 <form method="post" enctype="multipart/form-data"
300 action="?page=<?php
301 echo \Code_Manager_Admin::PAGE_MAIN;
302 ?>">
303 <fieldset class="cm_fieldset">
304 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
305 <tbody>
306 <tr>
307 <td class="label">
308 <label for="code_id" title="Code ID must be entered">
309 * Code ID
310 </label>
311 </td>
312 <td class="data">
313 <input name="code_id" id="code_id" type="text"
314 value="<?php
315 echo esc_attr( $this->code_id );
316 ?>" readonly="">
317 </td>
318 <td class="icon">
319 <span class="cm_data_type">123</span>
320 </td>
321 </tr>
322 <tr>
323 <td class="label">
324 <label for="code_name" title="Name must be entered">
325 * Name
326 </label>
327 </td>
328 <td class="data">
329 <input name="code_name" id="code_name" type="text" maxlength="100"
330 value="<?php
331 echo esc_attr( $code_name );
332 ?>">
333 </td>
334 <td class="icon">
335 <span class="cm_data_type">abc</span></td>
336 </tr>
337 <tr>
338 <td class="label">
339 <label for="code_type" title="Type must be entered">
340 Type
341 </label>
342 </td>
343 <td class="data">
344 <select name="code_type" id="code_type">
345 <?php
346 $code_manager_tab = new Code_Manager_Tabs();
347 $code_types = $code_manager_tab->get_code_types();
348 foreach ( $code_types as $code_type_group => $value ) {
349 echo '<optgroup label="' . esc_attr( $code_type_group ) . '">';
350 foreach ( $value as $value_code_type => $value_code_label ) {
351 echo '<option value="' . esc_attr( $value_code_type ) . '">' . esc_attr( $value_code_label ) . '</option>';
352 }
353 echo '</optgroup>';
354 }
355 ?>
356 </select>
357 <script type="text/javascript">
358 jQuery('#code_type').val('<?php
359 echo esc_attr( $code_type );
360 ?>');
361 </script>
362 </td>
363 <td class="icon">
364 </td>
365 </tr>
366 <tr>
367 <td class="label">
368 <label for="code_enabled">
369 Status
370 </label>
371 </td>
372 <td class="data" style="height: 30px">
373 <?php
374 $this->status_field( $code_enabled );
375 ?>
376 &nbsp;
377 <label>
378 <input type='checkbox' name='code_preview'
379 <?php
380 echo ( $code_preview ? 'checked' : '' );
381 ?>
382 >
383 Enable preview mode
384 </label>
385 </td>
386 </tr>
387 <tr>
388 <td class="label" style="vertical-align:top;padding-top:7px;">
389 <label for="code" title="Code must be entered">
390 Code
391 </label>
392 </td>
393 <td class="data" style="display: grid; width: 100%;">
394 <textarea name="code" id="code" style="vertical-align: top; display: none;"
395 maxlength="65535"><?php
396 echo str_replace( '</textarea>', '&lt;/textarea&gt;', str_replace( '&', '&amp;', $code ) );
397 ?></textarea>
398 </td>
399 <td class="icon" style="vertical-align:top;padding-top:7px;">
400 <span class="dashicons dashicons-editor-code"></span>
401 </td>
402 </tr>
403 <tr>
404 <td class="label">
405 <label for="code_author" title="Optional">
406 Author
407 </label>
408 </td>
409 <td class="data">
410 <input name="code_author" id="code_author" type="text" maxlength="100"
411 value="<?php
412 echo esc_attr( $code_author );
413 ?>">
414 </td>
415 <td class="icon">
416 <span class="cm_data_type">abc</span></td>
417 </tr>
418 <tr>
419 <td class="label" style="vertical-align:top;padding-top:7px;">
420 <label for="code_description" title="Optional">
421 Description
422 </label>
423 </td>
424 <td class="data">
425 <textarea name="code_description" id="code_description" maxlength="65536"
426 ><?php
427 echo esc_attr( $code_description );
428 ?></textarea>
429 </td>
430 <td></td>
431 </tr>
432 </tbody>
433 </table>
434 </fieldset>
435 <p></p>
436 <div>
437 <input name="action" type="hidden" value="<?php
438 echo esc_attr( $this->action );
439 ?>">
440 <input name="action2" type="hidden" value="save">
441 <?php
442 wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false );
443 ?>
444 <input type="submit" id="submit_button" value="Save changes to database"
445 class="button button-primary" name="submit_button" onclick="return submit_form();">
446 <input type="button" onclick="javascript:location.href='?page=<?php
447 echo \Code_Manager_Admin::PAGE_MAIN;
448 ?>'"
449 class="button button-secondary" value="Back to list">
450 </div>
451 </form>
452 </div>
453 </div>
454 <script type="text/javascript">
455 var wpnonce = '<?php
456 echo esc_attr( $this->wpnonce );
457 ?>';
458
459 function submit_form() {
460 if (jQuery('#code_name').val() === '') {
461 alert('Name must be entered');
462 return false;
463 }
464 user_has_edited = false;
465 return true;
466 }
467
468 <?php
469 if ( 'hide' !== $cm_message ) {
470 ?>
471 jQuery(function() {
472 cm_warning();
473 });
474 <?php
475 }
476 ?>
477 </script>
478 <?php
479 }
480
481 protected function status_field( $code_enabled ) {
482 ?>
483 <label>
484 <input type='checkbox' name='code_enabled'
485 <?php
486 echo ( '1' === $code_enabled ? 'checked' : '' );
487 ?>
488 >
489 Enable code!
490 </label>
491 <?php
492 }
493
494 }
495