PluginProbe ʕ •ᴥ•ʔ
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder with AI / 1.5.4
Everest Forms – Contact Form, Payment Form, Quiz, Survey & Custom Form Builder with AI v1.5.4
3.5.1 3.5.0 3.4.8 3.4.7 3.4.6 1.1.0 1.1.1 1.1.2 1.1.3 1.1.4 1.1.5 1.1.5.1 1.1.6 1.1.7 1.1.8 1.1.9 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0 1.5.1 1.5.10 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.6.1 1.6.7 1.7.0 1.7.0.1 1.7.0.2 1.7.0.3 1.7.1 1.7.2 1.7.2.1 1.7.2.2 1.7.3 1.7.4 1.7.5 1.7.5.1 1.7.5.2 1.7.6 1.7.7 1.7.7.1 1.7.7.2 1.7.8 1.7.9 1.8.0 1.8.0.1 1.8.1 1.8.2 1.8.2.1 1.8.2.2 1.8.2.3 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9.0 1.9.0.1 1.9.1 1.9.2 1.9.3 1.9.4 1.9.4.1 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.0.0 2.0.0.1 2.0.1 2.0.2 2.0.3 2.0.3.1 2.0.4 2.0.4.1 2.0.5 2.0.6 2.0.7 2.0.8 2.0.8.1 2.0.9 3.0.0 3.0.0.1 3.0.1 3.0.2 3.0.3 3.0.3.1 3.0.4 3.0.4.1 3.0.4.2 3.0.5 3.0.5.1 3.0.5.2 3.0.6 3.0.6.1 3.0.7.1 3.0.8 3.0.8.1 3.0.9 3.0.9.1 3.0.9.2 3.0.9.3 3.0.9.4 3.0.9.5 3.1.0 3.1.1 3.1.2 3.2.0 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.3.0 3.4.0 3.4.1 3.4.2 3.4.2.1 3.4.3 3.4.4 3.4.5 trunk 1.0 1.0.1 1.0.2 1.0.3
everest-forms / includes / class-evf-ajax.php
everest-forms / includes Last commit date
abstracts 6 years ago admin 6 years ago export 6 years ago fields 6 years ago interfaces 8 years ago libraries 7 years ago log-handlers 8 years ago shortcodes 6 years ago templates 7 years ago class-everest-forms.php 6 years ago class-evf-ajax.php 6 years ago class-evf-autoloader.php 7 years ago class-evf-background-updater.php 7 years ago class-evf-cache-helper.php 8 years ago class-evf-deprecated-action-hooks.php 7 years ago class-evf-deprecated-filter-hooks.php 7 years ago class-evf-emails.php 7 years ago class-evf-fields.php 7 years ago class-evf-form-block.php 6 years ago class-evf-form-handler.php 6 years ago class-evf-form-task.php 6 years ago class-evf-forms-features.php 7 years ago class-evf-frontend-scripts.php 7 years ago class-evf-install.php 6 years ago class-evf-integrations.php 7 years ago class-evf-log-levels.php 8 years ago class-evf-logger.php 8 years ago class-evf-post-types.php 7 years ago class-evf-privacy.php 7 years ago class-evf-session-handler.php 7 years ago class-evf-shortcodes.php 7 years ago class-evf-smart-tags.php 7 years ago class-evf-template-loader.php 7 years ago class-evf-validation.php 8 years ago evf-conditional-functions.php 7 years ago evf-core-functions.php 6 years ago evf-deprecated-functions.php 7 years ago evf-entry-functions.php 6 years ago evf-formatting-functions.php 7 years ago evf-notice-functions.php 6 years ago evf-template-functions.php 7 years ago evf-template-hooks.php 7 years ago evf-update-functions.php 6 years ago
class-evf-ajax.php
526 lines
1 <?php
2 /**
3 * EverestForms EVF_AJAX. AJAX Event Handlers.
4 *
5 * @class EVF_AJAX
6 * @package EverestForms/Classes
7 */
8
9 defined( 'ABSPATH' ) || exit;
10
11 /**
12 * EVF_AJAX class.
13 */
14 class EVF_AJAX {
15
16 /**
17 * Hook in ajax handlers.
18 */
19 public static function init() {
20 add_action( 'init', array( __CLASS__, 'define_ajax' ), 0 );
21 add_action( 'template_redirect', array( __CLASS__, 'do_evf_ajax' ), 0 );
22 self::add_ajax_events();
23 }
24
25 /**
26 * Set EVF AJAX constant and headers.
27 */
28 public static function define_ajax() {
29 if ( ! empty( $_GET['ev-ajax'] ) ) {
30 evf_maybe_define_constant( 'DOING_AJAX', true );
31 evf_maybe_define_constant( 'EVF_DOING_AJAX', true );
32 if ( ! WP_DEBUG || ( WP_DEBUG && ! WP_DEBUG_DISPLAY ) ) {
33 @ini_set( 'display_errors', 0 ); // Turn off display_errors during AJAX events to prevent malformed JSON
34 }
35 $GLOBALS['wpdb']->hide_errors();
36 }
37 }
38
39 /**
40 * Send headers for EVF Ajax Requests.
41 *
42 * @since 1.0.0
43 */
44 private static function evf_ajax_headers() {
45 send_origin_headers();
46 @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
47 @header( 'X-Robots-Tag: noindex' );
48 send_nosniff_header();
49 evf_nocache_headers();
50 status_header( 200 );
51 }
52
53 /**
54 * Check for EVF Ajax request and fire action.
55 */
56 public static function do_evf_ajax() {
57 global $wp_query;
58
59 if ( ! empty( $_GET['evf-ajax'] ) ) {
60 $wp_query->set( 'evf-ajax', sanitize_text_field( $_GET['evf-ajax'] ) );
61 }
62
63 $action = $wp_query->get( 'evf-ajax' );
64
65 if ( $action ) {
66 self::evf_ajax_headers();
67 $action = sanitize_text_field( $action );
68 do_action( 'evf_ajax_' . $action );
69 wp_die();
70 }
71 }
72
73 /**
74 * Hook in methods - uses WordPress ajax handlers (admin-ajax).
75 */
76 public static function add_ajax_events() {
77 $ajax_events = array(
78 'save_form' => false,
79 'create_form' => false,
80 'get_next_id' => false,
81 'install_extension' => false,
82 'integration_connect' => false,
83 'new_email_add' => false,
84 'integration_disconnect' => false,
85 'deactivation_notice' => false,
86 'rated' => false,
87 'review_dismiss' => false,
88 'enabled_form' => false,
89 );
90
91 foreach ( $ajax_events as $ajax_event => $nopriv ) {
92 add_action( 'wp_ajax_everest_forms_' . $ajax_event, array( __CLASS__, $ajax_event ) );
93
94 if ( $nopriv ) {
95 add_action( 'wp_ajax_nopriv_everest_forms_' . $ajax_event, array( __CLASS__, $ajax_event ) );
96
97 // EVF AJAX can be used for frontend ajax requests.
98 add_action( 'evf_ajax_' . $ajax_event, array( __CLASS__, $ajax_event ) );
99 }
100 }
101 }
102
103 public static function get_next_id() {
104 // Run a security check.
105 check_ajax_referer( 'everest_forms_get_next_id', 'security' );
106
107 $form_id = isset( $_POST['form_id'] ) ? absint( $_POST['form_id'] ) : 0;
108 if ( $form_id < 1 ) {
109 wp_send_json_error(
110 array(
111 'error' => __( 'Invalid form', 'everest-forms' ),
112 )
113 );
114 }
115 if ( ! current_user_can( apply_filters( 'everest_forms_manage_cap', 'manage_options' ) ) ) {
116 wp_send_json_error();
117 }
118 $field_key = EVF()->form->field_unique_key( $form_id );
119 $field_id_array = explode( '-', $field_key );
120 $new_field_id = ( $field_id_array[ count( $field_id_array ) - 1 ] + 1 );
121 wp_send_json_success(
122 array(
123 'field_id' => $new_field_id,
124 'field_key' => $field_key,
125 )
126 );
127 }
128
129 /**
130 * AJAX create new form.
131 */
132 public static function create_form() {
133 ob_start();
134
135 check_ajax_referer( 'everest_forms_create_form', 'security' );
136
137 if ( ! current_user_can( 'edit_everest_forms' ) ) {
138 wp_die( -1 );
139 }
140
141 $title = isset( $_POST['title'] ) ? $_POST['title'] : __( 'Blank Form', 'everest-forms' );
142 $template = isset( $_POST['template'] ) ? $_POST['template'] : 'blank';
143
144 $form_id = EVF()->form->create( $title, $template );
145
146 if ( $form_id ) {
147 $data = array(
148 'id' => $form_id,
149 'redirect' => add_query_arg(
150 array(
151 'tab' => 'fields',
152 'form_id' => $form_id,
153 ),
154 admin_url( 'admin.php?page=evf-builder' )
155 ),
156 );
157
158 wp_send_json_success( $data );
159 }
160
161 wp_send_json_error(
162 array(
163 'error' => __( 'Something went wrong, please try again later', 'everest-forms' ),
164 )
165 );
166 }
167
168 /**
169 * AJAX Form save.
170 */
171 public static function save_form() {
172 check_ajax_referer( 'everest_forms_save_form', 'security' );
173
174 // Check for permissions.
175 if ( ! current_user_can( apply_filters( 'everest_forms_manage_cap', 'manage_options' ) ) ) {
176 die( esc_html__( 'You do not have permission.', 'everest-forms' ) );
177 }
178
179 // Check for form data.
180 if ( empty( $_POST['form_data'] ) ) {
181 die( esc_html__( 'No data provided', 'everest-forms' ) );
182 }
183
184 $form_post = json_decode( stripslashes( $_POST['form_data'] ) );
185
186 $data = array();
187
188 if ( ! is_null( $form_post ) && $form_post ) {
189 foreach ( $form_post as $post_input_data ) {
190 // For input names that are arrays (e.g. `menu-item-db-id[3][4][5]`),
191 // derive the array path keys via regex and set the value in $_POST.
192 preg_match( '#([^\[]*)(\[(.+)\])?#', $post_input_data->name, $matches );
193
194 $array_bits = array( $matches[1] );
195
196 if ( isset( $matches[3] ) ) {
197 $array_bits = array_merge( $array_bits, explode( '][', $matches[3] ) );
198 }
199
200 $new_post_data = array();
201
202 // Build the new array value from leaf to trunk.
203 for ( $i = count( $array_bits ) - 1; $i >= 0; $i -- ) {
204 if ( $i === count( $array_bits ) - 1 ) {
205 $new_post_data[ $array_bits[ $i ] ] = wp_slash( $post_input_data->value );
206 } else {
207 $new_post_data = array(
208 $array_bits[ $i ] => $new_post_data,
209 );
210 }
211 }
212
213 $data = array_replace_recursive( $data, $new_post_data );
214 }
215 }
216
217 // Check for empty meta key.
218 $empty_meta_data = array();
219 if ( ! empty( $data['form_fields'] ) ) {
220 foreach ( $data['form_fields'] as $field ) {
221 if ( empty( $field['meta-key'] ) && ! in_array( $field['type'], array( 'html', 'title', 'captcha' ), true ) ) {
222 $empty_meta_data[] = $field['label'];
223 }
224 }
225
226 if ( ! empty( $empty_meta_data ) ) {
227 wp_send_json_error(
228 array(
229 'errorTitle' => __( 'Meta Key missing', 'everest-forms' ),
230 'errorMessage' => sprintf( __( 'Please add Meta key for fields: %s', 'everest-forms' ), '<strong>' . implode( ', ', $empty_meta_data ) . '</strong>' ),
231 )
232 );
233 }
234 }
235
236 // Fix for sorting field ordering.
237 if ( isset( $data['structure'], $data['form_fields'] ) ) {
238 $structure = evf_flatten_array( $data['structure'] );
239 $data['form_fields'] = array_merge( array_intersect_key( array_flip( $structure ), $data['form_fields'] ), $data['form_fields'] );
240 }
241
242 $form_id = EVF()->form->update( $data['id'], $data );
243
244 do_action( 'everest_forms_save_form', $form_id, $data );
245
246 if ( ! $form_id ) {
247 wp_send_json_error(
248 array(
249 'errorTitle' => esc_html__( 'Form not found', 'everest-forms' ),
250 'errorMessage' => esc_html__( 'An error occurred while saving the form.', 'everest-forms' ),
251 )
252 );
253 } else {
254 wp_send_json_success(
255 array(
256 'form_name' => esc_html( $data['settings']['form_title'] ),
257 'redirect_url' => admin_url( 'admin.php?page=evf-builder' ),
258 )
259 );
260 }
261 }
262
263 /**
264 * Ajax handler for installing a extension.
265 *
266 * @since 1.2.0
267 *
268 * @see Plugin_Upgrader
269 *
270 * @global WP_Filesystem_Base $wp_filesystem Subclass
271 */
272 public static function install_extension() {
273 check_ajax_referer( 'updates' );
274
275 if ( empty( $_POST['slug'] ) ) {
276 wp_send_json_error(
277 array(
278 'slug' => '',
279 'errorCode' => 'no_plugin_specified',
280 'errorMessage' => __( 'No plugin specified.', 'everest-forms' ),
281 )
282 );
283 }
284
285 $status = array(
286 'install' => 'plugin',
287 'slug' => sanitize_key( wp_unslash( $_POST['slug'] ) ),
288 'name' => wp_unslash( $_POST['name'] ),
289 );
290
291 if ( ! current_user_can( 'install_plugins' ) ) {
292 $status['errorMessage'] = __( 'Sorry, you are not allowed to install plugins on this site.', 'everest-forms' );
293 wp_send_json_error( $status );
294 }
295
296 include_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
297 include_once ABSPATH . 'wp-admin/includes/plugin-install.php';
298
299 $key = get_option( 'everest-forms-pro_license_key' );
300 $api = json_decode(
301 EVF_Updater_Key_API::version(
302 array(
303 'license' => $key,
304 'item_name' => $status['name'],
305 )
306 )
307 );
308
309 if ( is_wp_error( $api ) ) {
310 $status['errorMessage'] = $api->get_error_message();
311 wp_send_json_error( $status );
312 }
313
314 $status['pluginName'] = $api->name;
315
316 $skin = new WP_Ajax_Upgrader_Skin();
317 $upgrader = new Plugin_Upgrader( $skin );
318 $result = $upgrader->install( $api->download_link );
319
320 if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
321 $status['debug'] = $skin->get_upgrade_messages();
322 }
323
324 if ( is_wp_error( $result ) ) {
325 $status['errorCode'] = $result->get_error_code();
326 $status['errorMessage'] = $result->get_error_message();
327 wp_send_json_error( $status );
328 } elseif ( is_wp_error( $skin->result ) ) {
329 $status['errorCode'] = $skin->result->get_error_code();
330 $status['errorMessage'] = $skin->result->get_error_message();
331 wp_send_json_error( $status );
332 } elseif ( $skin->get_errors()->get_error_code() ) {
333 $status['errorMessage'] = $skin->get_error_messages();
334 wp_send_json_error( $status );
335 } elseif ( is_null( $result ) ) {
336 global $wp_filesystem;
337
338 $status['errorCode'] = 'unable_to_connect_to_filesystem';
339 $status['errorMessage'] = __( 'Unable to connect to the filesystem. Please confirm your credentials.', 'everest-forms' );
340
341 // Pass through the error from WP_Filesystem if one was raised.
342 if ( $wp_filesystem instanceof WP_Filesystem_Base && is_wp_error( $wp_filesystem->errors ) && $wp_filesystem->errors->get_error_code() ) {
343 $status['errorMessage'] = esc_html( $wp_filesystem->errors->get_error_message() );
344 }
345
346 wp_send_json_error( $status );
347 }
348
349 $install_status = install_plugin_install_status( $api );
350
351 if ( current_user_can( 'activate_plugin', $install_status['file'] ) && is_plugin_inactive( $install_status['file'] ) ) {
352 $status['activateUrl'] = add_query_arg(
353 array(
354 'action' => 'activate',
355 'plugin' => $install_status['file'],
356 '_wpnonce' => wp_create_nonce( 'activate-plugin_' . $install_status['file'] ),
357 ),
358 admin_url( 'admin.php?page=evf-addons' )
359 );
360 }
361
362 wp_send_json_success( $status );
363 }
364
365 /**
366 * AJAX Integration connect.
367 */
368 public static function integration_connect() {
369 check_ajax_referer( 'process-ajax-nonce', 'security' );
370
371 // Checking permission.
372 if ( ! current_user_can( 'manage_everest_forms' ) ) {
373 wp_die( -1 );
374 }
375
376 if ( empty( $_POST ) ) {
377 wp_send_json_error(
378 array(
379 'error' => esc_html__( 'Missing data', 'everest-forms' ),
380 )
381 );
382 }
383
384 do_action( 'everest_forms_integration_account_connect_' . $_POST['source'], $_POST );
385 }
386
387 /**
388 * AJAX Email Add.
389 */
390 public static function new_email_add() {
391 check_ajax_referer( 'process-ajax-nonce', 'security' );
392
393 if ( ! current_user_can( 'manage_everest_forms' ) ) {
394 wp_die( -1 );
395 }
396 // $connection = self::output_email_connection( '', array( 'connection_name' => $_POST['name'] ), $_POST['id'] );
397 $connection_id = 'connection_' . uniqid();
398
399 wp_send_json_success(
400 array(
401 // 'html' => $connection[ 'html' ],
402 'connection_id' => $connection_id,
403 )
404 );
405 }
406
407 /**
408 * AJAX Integration disconnect.
409 */
410 public static function integration_disconnect() {
411 check_ajax_referer( 'process-ajax-nonce', 'security' );
412
413 // Checking permission.
414 if ( ! current_user_can( 'manage_everest_forms' ) ) {
415 wp_die( -1 );
416 }
417
418 if ( empty( $_POST ) ) {
419 wp_send_json_error(
420 array(
421 'error' => esc_html__( 'Missing data', 'everest-forms' ),
422 )
423 );
424 }
425
426 $connected_accounts = get_option( 'everest_forms_integrations', false );
427
428 if ( ! empty( $connected_accounts[ $_POST['source'] ][ $_POST['key'] ] ) ) {
429 unset( $connected_accounts[ $_POST['source'] ][ $_POST['key'] ] );
430 update_option( 'everest_forms_integrations', $connected_accounts );
431 wp_send_json_success();
432 } else {
433 wp_send_json_error(
434 array(
435 'error' => esc_html__( 'Connection missing', 'everest-forms' ),
436 )
437 );
438 }
439 }
440
441 /**
442 * AJAX plugin deactivation notice.
443 */
444 public static function deactivation_notice() {
445 global $status, $page, $s;
446
447 check_ajax_referer( 'deactivation-notice', 'security' );
448
449 $deactivate_url = wp_nonce_url(
450 add_query_arg(
451 array(
452 'action' => 'deactivate',
453 'plugin' => EVF_PLUGIN_BASENAME,
454 'plugin_status' => $status,
455 'paged' => $page,
456 's' => $s,
457 ),
458 admin_url( 'plugins.php' )
459 ),
460 'deactivate-plugin_' . EVF_PLUGIN_BASENAME
461 );
462
463 /* translators: %1$s - deactivation reason page; %2$d - deactivation url. */
464 $deactivation_notice = sprintf( __( 'Before we deactivate Everest Forms, would you care to <a href="%1$s" target="_blank">let us know why</a> so we can improve it for you? <a href="%2$s">No, deactivate now</a>.', 'everest-forms' ), 'https://wpeverest.com/deactivation/everest-forms/', $deactivate_url );
465
466 wp_send_json(
467 array(
468 'fragments' => apply_filters(
469 'everest_forms_deactivation_notice_fragments',
470 array(
471 'deactivation_notice' => '<tr class="plugin-update-tr active updated" data-slug="everest-forms" data-plugin="everest-forms/everest-forms.php"><td colspan ="3" class="plugin-update colspanchange"><div class="notice inline notice-warning notice-alt"><p>' . $deactivation_notice . '</p></div></td></tr>',
472 )
473 ),
474 )
475 );
476 }
477
478 /**
479 * Triggered when clicking the rating footer.
480 */
481 public static function rated() {
482 if ( ! current_user_can( 'manage_everest_forms' ) ) {
483 wp_die( -1 );
484 }
485 update_option( 'everest_forms_admin_footer_text_rated', 1 );
486 wp_die();
487 }
488
489 /**
490 * Triggered when clicking the review notice button.
491 */
492 public static function review_dismiss() {
493 if ( ! current_user_can( 'manage_everest_forms' ) ) {
494 wp_die( -1 );
495 }
496 $review = get_option( 'everest_forms_review', array() );
497 $review['time'] = current_time( 'timestamp' );
498 $review['dismissed'] = true;
499 update_option( 'everest_forms_review', $review );
500 wp_die();
501 }
502
503 /**
504 * Triggered when clicking the form toggle.
505 */
506 public static function enabled_form() {
507 // Run a security check.
508 check_ajax_referer( 'everest_forms_enabled_form', 'security' );
509
510 if ( ! current_user_can( 'manage_everest_forms' ) ) {
511 wp_die( -1 );
512 }
513
514 $form_id = isset( $_POST['form_id'] ) ? absint( $_POST['form_id'] ) : 0;
515 $enabled = isset( $_POST['enabled'] ) ? absint( $_POST['enabled'] ) : 0;
516
517 $form_data = EVF()->form->get( absint( $form_id ), array( 'content_only' => true ) );
518
519 $form_data['form_enabled'] = $enabled;
520
521 EVF()->form->update( $form_id, $form_data );
522 }
523 }
524
525 EVF_AJAX::init();
526