PluginProbe ʕ •ᴥ•ʔ
Code Manager / 1.0.8
Code Manager v1.0.8
1.0.47 trunk 1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.21 1.0.22 1.0.23 1.0.24 1.0.25 1.0.26 1.0.27 1.0.28 1.0.3 1.0.30 1.0.31 1.0.32 1.0.33 1.0.34 1.0.35 1.0.36 1.0.37 1.0.38 1.0.39 1.0.4 1.0.40 1.0.41 1.0.42 1.0.43 1.0.44 1.0.45 1.0.46 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9
code-manager / Code_Manager / Code_Manager_Form.php
code-manager / Code_Manager Last commit date
Code_Manager.php 4 years ago Code_Manager_Dashboard.php 4 years ago Code_Manager_Export.php 4 years ago Code_Manager_Form.php 4 years ago Code_Manager_Import.php 4 years ago Code_Manager_Import_File.php 4 years ago Code_Manager_List.php 4 years ago Code_Manager_List_View.php 4 years ago Code_Manager_Model.php 4 years ago Code_Manager_Preview.php 4 years ago Code_Manager_Settings.php 4 years ago Code_Manager_Tabs.php 4 years ago Message_Box.php 4 years ago WP_List_Table.php 4 years ago
Code_Manager_Form.php
452 lines
1 <?php
2
3 namespace Code_Manager {
4
5 /**
6 * Class Code_Manager_Form
7 *
8 * Implements data entry form for Code Manager.
9 *
10 * @author Peter Schulz
11 * @since 1.0.0
12 */
13 class Code_Manager_Form {
14
15 /**
16 * Actual code manager record
17 *
18 * @var null|array
19 */
20 protected $row = null;
21
22 /**
23 * Allowed values: view (read-only mode) and edit (update mode)
24 *
25 * @var string
26 */
27 protected $action = 'edit';
28
29 /**
30 * Allowed values: null (no DML action needed) and save (perform insert or update)
31 *
32 * @var null|string
33 */
34 protected $action2 = null;
35
36 /**
37 * Code ID. Must be entered to view or edit. Allows null when action = new (insert).
38 *
39 * @var int|null
40 */
41 protected $code_id = null;
42
43 /**
44 * WP Nonce used for DML actions.
45 *
46 * @var string
47 */
48 protected $wpnone;
49
50 // Default values
51 protected $default_code_name = '';
52 protected $default_code_type = 'php shortcode';
53 protected $default_code = "<?php\n\n?>";
54 protected $default_code_enabled = '0';
55 protected $default_code_preview = false;
56 protected $default_code_author = '';
57 protected $default_code_description = '';
58
59
60 /**
61 * Code_Manager_Form constructor.
62 *
63 * Initializes data entry form and performs DML actions as requested by arguments.
64 *
65 * @since 1.0.0
66 */
67 public function __construct() {
68 $this->action =
69 isset( $_REQUEST['action'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action'] ) ) : 'edit'; // input var okay.
70
71 $this->action2 =
72 isset( $_REQUEST['action2'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['action2'] ) ) : null; // input var okay.
73
74 $this->code_id =
75 isset( $_REQUEST['code_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ) : null; // input var okay.
76
77 switch( $this->action ) {
78 case 'edit':
79 if ( null === $this->code_id ) {
80 wp_die( __( 'ERROR: Invalid arguments', 'code-manager' ) );
81 }
82 if ( 'save' === $this->action2 ) {
83 $this->check_authorization(); // Dies if not authorized
84 if (
85 isset( $_REQUEST['code_id'] ) &&
86 isset( $_REQUEST['code_name'] ) &&
87 isset( $_REQUEST['code_type'] ) &&
88 isset( $_REQUEST['code'] ) &&
89 isset( $_REQUEST['code_author'] ) &&
90 isset( $_REQUEST['code_description'] )
91 ) {
92 // All data available, start update process
93 $code_id = sanitize_text_field( wp_unslash( $_REQUEST['code_id'] ) ); // input var okay.
94 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
95 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
96 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
97 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
98 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
99 $code_description = wp_unslash( $_REQUEST['code_description'] ); // input var okay.
100
101 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
102 $code_manager_model = new $code_manager_model_class();
103 $numrows = $code_manager_model::dml_update( $code_id, $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
104
105 $preview_enabled = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
106 $preview_changed = false;
107 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
108 if ( ! $preview_enabled ) {
109 Code_Manager_Preview::add_user_preview_code_id( $code_id );
110 $msg = new Message_Box(
111 [
112 'message_text' => __( 'Preview enabled', 'code-manager' ),
113 ]
114 );
115 $msg->box();
116 $preview_changed = true;
117 }
118 } else {
119 if ( $preview_enabled ) {
120 Code_Manager_Preview::remove_user_preview_code_id( $code_id );
121 $msg = new Message_Box(
122 [
123 'message_text' => __( 'Preview disabled', 'code-manager' ),
124 ]
125 );
126 $msg->box();
127 $preview_changed = true;
128 }
129 }
130
131 if ( 0 === $numrows ) {
132 if ( ! $preview_changed ) {
133 $msg = new Message_Box(
134 [
135 'message_text' => __( 'Nothing to save', 'code-manager' ),
136 ]
137 );
138 $msg->box();
139 }
140 } elseif ( 1 === $numrows ) {
141 $msg = new Message_Box(
142 [
143 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
144 ]
145 );
146 $msg->box();
147 }
148 } else {
149 // No update possible, missing data
150 $msg = new Message_Box(
151 [
152 'message_text' => __( 'Update failed', 'code-manager' ),
153 'message_type' => 'error',
154 'message_is_dismissible' => false,
155 ]
156 );
157 $msg->box();
158 }
159 }
160 // Requery
161 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
162 $code_manager_model = new $code_manager_model_class();
163 $this->row = $code_manager_model::dml_query( $this->code_id );
164 break;
165 case 'new':
166 if ( 'save' === $this->action2 ) {
167 $this->check_authorization(); // Dies if not authorized
168 if (
169 isset( $_REQUEST['code_name'] ) &&
170 isset( $_REQUEST['code_type'] ) &&
171 isset( $_REQUEST['code'] ) &&
172 isset( $_REQUEST['code_author'] ) &&
173 isset( $_REQUEST['code_description'] )
174 ) {
175 // All data available, start insert process
176 $code_name = sanitize_text_field( wp_unslash( $_REQUEST['code_name'] ) ); // input var okay.
177 $code_type = sanitize_text_field( wp_unslash( $_REQUEST['code_type'] ) ); // input var okay.
178 $code_enabled = isset( $_REQUEST['code_enabled'] ) && 'on' === $_REQUEST['code_enabled'] ? '1' : '0';
179 $code = wp_unslash( $_REQUEST['code'] ); // input var okay.
180 $code_author = sanitize_text_field( wp_unslash( $_REQUEST['code_author'] ) ); // input var okay.
181 $code_description = wp_unslash( $_REQUEST['code_description'] ); // input var okay.
182
183 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
184 $code_manager_model = new $code_manager_model_class();
185 $code_id = $code_manager_model::dml_insert( $code_name, $code_type, $code, $code_author, $code_description, $code_enabled );
186 if ( -1 === $code_id ) {
187 $msg = new Message_Box(
188 [
189 'message_text' => __( 'Insert failed', 'code-manager' ),
190 'message_type' => 'error',
191 'message_is_dismissible' => false,
192 ]
193 );
194 $msg->box();
195
196 $this->default_code_name = $code_name;
197 $this->default_code_type = $code_type;
198 $this->default_code = $code;
199 $this->default_code_enabled = $code_enabled;
200 $this->default_code_preview = isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'];
201 $this->default_code_author = $code_author;
202 $this->default_code_description = $code_description;
203 } else {
204 $msg = new Message_Box(
205 [
206 'message_text' => __( 'Succesfully saved changes to database', 'code-manager' ),
207 ]
208 );
209 $msg->box();
210
211 $this->code_id = $code_id;
212 $code_manager_model_class = CODE_MANAGER_MODEL_CLASS;
213 $code_manager_model = new $code_manager_model_class();
214 $this->row = $code_manager_model::dml_query( $this->code_id );
215 $this->action = 'edit';
216
217 if ( isset( $_REQUEST['code_preview'] ) && 'on' === $_REQUEST['code_preview'] ) {
218 Code_Manager_Preview::add_user_preview_code_id( $code_id );
219 $msg = new Message_Box(
220 [
221 'message_text' => __( 'Preview enabled', 'code-manager' ),
222 ]
223 );
224 $msg->box();
225 }
226 }
227 } else {
228 // No insert possible, missing data
229 $msg = new Message_Box(
230 [
231 'message_text' => __( 'Insert failed', 'code-manager' ),
232 'message_type' => 'error',
233 'message_is_dismissible' => false,
234 ]
235 );
236 $msg->box();
237 }
238 }
239 }
240
241 $this->wpnonce = wp_create_nonce( 'code-manager-' . Code_manager::get_current_user_login() );
242 }
243
244 /**
245 * Changes are only allow with proper authorization
246 *
247 * @since 1.0.0
248 */
249 private function check_authorization() {
250 $wp_nonce = isset( $_REQUEST['_wpnonce'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ) : ''; // input var okay.
251 if ( ! wp_verify_nonce( $wp_nonce, 'code_manager_editor' . Code_manager::get_current_user_login() ) ) {
252 wp_die( __( 'ERROR: Not authorized', 'code-manager' ) );
253 }
254 }
255
256 /**
257 * Build data entry form. Generates HTML only. JS actions are added from JS script file.
258 *
259 * @since 1.0.0
260 */
261 public function show() {
262 if ( null !== $this->row ) {
263 $code_name = $this->row[0]['code_name'];
264 $code_type = $this->row[0]['code_type'];
265 $code_enabled = $this->row[0]['code_enabled'];
266 $code_preview = Code_Manager_Preview::is_code_id_preview_enabled( $this->code_id );
267 $code = $this->row[0]['code'];
268 $code_author = $this->row[0]['code_author'];
269 $code_description = $this->row[0]['code_description'];
270 } else {
271 $code_name = $this->default_code_name;
272 $code_type = $this->default_code_type;
273 $code = $this->default_code;
274 $code_enabled = $this->default_code_enabled;
275 $code_preview = $this->default_code_preview;
276 $code_author = $this->default_code_author;
277 $code_description = $this->default_code_description;
278 }
279 ?>
280 <div class="wrap">
281 <h1 class="wp-heading-inline">
282 <span>
283 <span class="cm_page_title">
284 <?php echo CODE_MANAGER_H1_TITLE; ?>
285 </span>
286 <a href="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>"
287 title="Back to list">
288 <span class="material-icons cm_menu_title">menu</span></a>
289 <a href="<?php echo CODE_MANAGER_HELP_URL; ?>" target="_blank"
290 title="Plugin help - opens in a new tab or window">
291 <span class="material-icons cm_menu_title">help_outline</span></a>
292 </span>
293 </h1>
294 <p></p>
295 <div>
296 <form method="post" enctype="multipart/form-data"
297 action="?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>">
298 <fieldset class="cm_fieldset">
299 <table class="cm_simple_table" cellspacing="0" cellpadding="0">
300 <tbody>
301 <tr>
302 <td class="label">
303 <label for="code_id" title="Code ID must be entered">
304 * Code ID
305 </label>
306 </td>
307 <td class="data">
308 <input name="code_id" id="code_id" type="text"
309 value="<?php echo esc_attr( $this->code_id ); ?>" readonly="">
310 </td>
311 <td class="icon">
312 <span class="cm_data_type">123</span>
313 </td>
314 </tr>
315 <tr>
316 <td class="label">
317 <label for="code_name" title="Name must be entered">
318 * Name
319 </label>
320 </td>
321 <td class="data">
322 <input name="code_name" id="code_name" type="text" maxlength="100"
323 value="<?php echo esc_attr( $code_name ); ?>">
324 </td>
325 <td class="icon">
326 <span class="cm_data_type">abc</span></td>
327 </tr>
328 <tr>
329 <td class="label">
330 <label for="code_type" title="Type must be entered">
331 Type
332 </label>
333 </td>
334 <td class="data">
335 <select name="code_type" id="code_type">
336 <?php
337 $code_manager_tab_class = CODE_MANAGER_TAB_CLASS;
338 $code_manager_tab = new $code_manager_tab_class();
339 $code_types = $code_manager_tab->get_code_types();
340 foreach ( $code_types as $code_type_group => $value ) {
341 echo "<optgroup label='{$code_type_group}'>";
342 foreach ( $value as $value_code_type => $value_code_label ) {
343 echo "<option value='{$value_code_type}'>{$value_code_label}</option>";
344 }
345 echo '</optgroup>';
346 }
347 ?>
348 </select>
349 <script type="text/javascript">
350 jQuery('#code_type').val('<?php echo esc_attr( $code_type ); ?>');
351 </script>
352 </td>
353 <td class="icon">
354 </td>
355 </tr>
356 <tr>
357 <td class="label">
358 <label for="code_enabled">
359 Status
360 </label>
361 </td>
362 <td class="data" style="height: 30px">
363 <label>
364 <input type='checkbox'
365 name='code_enabled'
366 <?php echo '1'===$code_enabled ? 'checked' : ''; ?>
367 >
368 Enable code
369 </label>
370 &nbsp;
371 <label>
372 <input type='checkbox'
373 name='code_preview'
374 <?php echo $code_preview ? 'checked' : ''; ?>
375 >
376 Enable preview mode
377 </label>
378 </td>
379 </tr>
380 <tr>
381 <td class="label" style="vertical-align:top;padding-top:7px;">
382 <label for="code" title="Code must be entered">
383 Code
384 </label>
385 </td>
386 <td class="data" style="display: grid; width: 100%;">
387 <textarea name="code" id="code" style="vertical-align: top; display: none;"
388 maxlength="65535"><?php echo str_replace( "&", "&amp;", $code ); ?></textarea>
389 </td>
390 <td class="icon" style="vertical-align:top;padding-top:7px;">
391 <span class="dashicons dashicons-editor-code"></span>
392 </td>
393 </tr>
394 <tr>
395 <td class="label">
396 <label for="code_author" title="Optional">
397 Author
398 </label>
399 </td>
400 <td class="data">
401 <input name="code_author" id="code_author" type="text" maxlength="100"
402 value="<?php echo esc_attr( $code_author ); ?>">
403 </td>
404 <td class="icon">
405 <span class="cm_data_type">abc</span></td>
406 </tr>
407 <tr>
408 <td class="label" style="vertical-align:top;padding-top:7px;">
409 <label for="code_description" title="Optional">
410 Description
411 </label>
412 </td>
413 <td class="data">
414 <textarea name="code_description" id="code_description" maxlength="65536"
415 ><?php echo esc_attr( $code_description ); ?></textarea>
416 </td>
417 <td></td>
418 </tr>
419 </tbody>
420 </table>
421 </fieldset>
422 <p></p>
423 <div>
424 <input name="action" type="hidden" value="<?php echo $this->action; ?>">
425 <input name="action2" type="hidden" value="save">
426 <?php wp_nonce_field( 'code_manager_editor' . Code_manager::get_current_user_login(), '_wpnonce', false ); ?>
427 <input type="submit" id="submit_button" value="Save changes to database"
428 class="button button-primary" name="submit_button" onclick="return submit_form();">
429 <input type="button" onclick="javascript:location.href='?page=<?php echo CODE_MANAGER_MENU_SLUG; ?>'"
430 class="button button-secondary" value="Back to list">
431 </div>
432 </form>
433 </div>
434 </div>
435 <script type="text/javascript">
436 var wpnonce = '<?php echo $this->wpnonce; ?>';
437
438 function submit_form() {
439 if (jQuery('#code_name').val()==='') {
440 alert('Name must be entered');
441 return false;
442 }
443 user_has_edited = false;
444 return true;
445 }
446 </script>
447 <?php
448 }
449
450 }
451
452 }