PluginProbe ʕ •ᴥ•ʔ
Strong Testimonials / trunk
Strong Testimonials vtrunk
3.3.1 trunk 1.0.1 2.30.9 2.31.10 2.32 2.32.1 2.32.2 2.32.3 2.32.4 2.33 2.34 2.35 2.36 2.37 2.38 2.38.1 2.39 2.39.1 2.39.2 2.39.3 2.40.0 2.40.1 2.40.2 2.40.3 2.40.4 2.40.5 2.40.6 2.40.7 2.41.0 2.41.1 2.50.0 2.50.1 2.50.2 2.50.3 2.50.4 2.51.0 2.51.1 2.51.2 2.51.3 2.51.4 2.51.5 2.51.6 2.51.7 2.51.8 2.51.9 3.0.0 3.0.1 3.0.2 3.0.3 3.1.0 3.1.1 3.1.10 3.1.11 3.1.12 3.1.13 3.1.14 3.1.15 3.1.16 3.1.17 3.1.18 3.1.19 3.1.2 3.1.20 3.1.3 3.1.4 3.1.5 3.1.6 3.1.7 3.1.8 3.1.9 3.2.0 3.2.1 3.2.10 3.2.11 3.2.12 3.2.13 3.2.14 3.2.15 3.2.16 3.2.17 3.2.18 3.2.19 3.2.2 3.2.20 3.2.21 3.2.22 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 3.2.9 3.3.0
strong-testimonials / admin / views-validate.php
strong-testimonials / admin Last commit date
challenge 1 year ago css 1 month ago img 1 year ago js 1 month ago menu 1 month ago partials 2 days ago rest-api 2 days ago scss 1 year ago settings 1 month ago uninstall 1 year ago wpchill 1 month ago admin-notices.php 5 months ago admin.php 1 month ago class-strong-testimonials-addons.php 1 month ago class-strong-testimonials-admin-category-list.php 1 year ago class-strong-testimonials-admin-list.php 1 year ago class-strong-testimonials-admin-scripts.php 1 month ago class-strong-testimonials-admin.php 1 month ago class-strong-testimonials-debug.php 5 months ago class-strong-testimonials-exporter.php 1 year ago class-strong-testimonials-help.php 1 year ago class-strong-testimonials-helper.php 1 month ago class-strong-testimonials-list-table.php 1 year ago class-strong-testimonials-lite-vs-pro-page.php 1 month ago class-strong-testimonials-post-editor.php 6 months ago class-strong-testimonials-review.php 1 year ago class-strong-testimonials-updater.php 1 month ago class-strong-testimonials-upsell.php 1 month ago class-strong-views-list-table.php 1 month ago class-walker-strong-category-checklist.php 1 year ago class-walker-strong-form-category-checklist.php 1 year ago class-wpmtst-onboarding.php 1 year ago compat.php 1 year ago custom-fields-ajax.php 1 year ago custom-fields.php 2 days ago form-preview.php 1 year ago view-list-order.php 1 year ago views-ajax.php 1 month ago views-validate.php 1 year ago views.php 1 month ago
views-validate.php
552 lines
1 <?php
2
3 /**
4 * Validate a View's name.
5 *
6 * @since 2.11.14
7 *
8 * @param $name
9 * @param $view_id
10 *
11 * @return string
12 */
13 function wpmtst_validate_view_name( $name, $view_id ) {
14 if ( '' === $name ) {
15 $name = "Testimonial View $view_id";
16 } else {
17 $name = sanitize_text_field( stripslashes( $name ) );
18 }
19
20 return $name;
21 }
22
23
24 /**
25 * Sanitize and validate a View.
26 * TODO break down into separate validators
27 *
28 * @since 1.21.0
29 * @since 2.5.7 Strip CSS from CSS Class Names field.
30 * @since 2.10.0 Provide both more_post and more_page.
31 * @since 2.11.0 More slideshow options: effect, slideshow_nav, stretch
32 * @since 2.11.4 more_full_post for manual excerpts
33 * @since 2.11.5 more_page_hook
34 *
35 * @param $input
36 *
37 * @return array
38 */
39 function wpmtst_sanitize_view( $input ) {
40 ksort( $input );
41
42 $default_view = wpmtst_get_view_default();
43
44 $data = array();
45 $data['mode'] = sanitize_text_field( $input['mode'] );
46
47 $data['form_ajax'] = isset( $input['form_ajax'] ) ? 1 : 0;
48
49 $data = wpmtst_sanitize_view_post_id( $data, $input );
50
51 $data = wpmtst_sanitize_view_template( $data, $input );
52
53 // Category
54 if ( 'form' === $data['mode'] ) {
55 if ( isset( $input['category-form'] ) ) {
56 $data['category'] = sanitize_text_field( implode( ',', $input['category-form'] ) );
57 } else {
58 $data['category'] = '';
59 }
60 } elseif ( 'allcats' === $input['category_all'] ) {
61 $data['category'] = 'all';
62 } elseif ( ! isset( $input['category'] ) ) {
63 $data['category'] = 'all';
64 } elseif ( 'somecats' === $input['category_all'] && ! isset( $input['category'] ) ) {
65 $data['category'] = 'all';
66 } else {
67 $data['category'] = sanitize_text_field( implode( ',', $input['category'] ) );
68 }
69
70 $data['order'] = sanitize_text_field( $input['order'] );
71
72 // Limit
73 if ( isset( $input['all'] ) && $input['all'] ) {
74 $data['count'] = -1;
75 } else {
76 $data['count'] = (int) sanitize_text_field( $input['count'] );
77 }
78
79 // Pagination
80 $data['pagination'] = isset( $input['pagination'] ) ? 1 : 0;
81 $data['pagination_settings'] = wpmtst_sanitize_view_pagination( $input['pagination_settings'] );
82
83 $data['title'] = isset( $input['title'] ) ? 1 : 'hidden';
84 $data['title_link'] = sanitize_text_field( $input['title_link'] );
85
86 $data['content'] = sanitize_text_field( $input['content'] );
87 $data['excerpt_length'] = (int) sanitize_text_field( $input['excerpt_length'] );
88 $data['use_default_length'] = sanitize_text_field( $input['use_default_length'] );
89 $data['html_content'] = isset( $input['html_content'] ) ? 1 : 0;
90
91 $data = wpmtst_sanitize_view_readmore( $data, $input, $default_view );
92
93 // Thumbnail
94 $data['thumbnail'] = isset( $input['thumbnail'] ) ? 1 : 0;
95 $data['thumbnail_size'] = sanitize_text_field( $input['thumbnail_size'] );
96 $data['thumbnail_width'] = max( 0, sanitize_text_field( $input['thumbnail_width'] ) );
97 $data['thumbnail_height'] = max( 0, sanitize_text_field( $input['thumbnail_height'] ) );
98 $data['lightbox'] = isset( $input['lightbox'] ) ? 1 : 0;
99 $data['lightbox_class'] = sanitize_text_field( $input['lightbox_class'] );
100 $data['gravatar'] = sanitize_text_field( $input['gravatar'] );
101
102 /**
103 * CSS Class Names
104 * This field is being confused with custom CSS rules like `.wpmtst-testimonial { border: none; }`
105 * so strip periods and declarations.
106 */
107 $data['class'] = sanitize_text_field( trim( preg_replace( '/\{.*?\}|\./', '', $input['class'] ) ) );
108
109 // Background
110 $data['background'] = wpmtst_get_background_defaults();
111 if ( ! isset( $input['background']['type'] ) ) {
112 $data['background']['type'] = '';
113 } else {
114 $data['background']['type'] = sanitize_text_field( $input['background']['type'] );
115 }
116 $data['background']['color'] = sanitize_hex_color( $input['background']['color'] );
117 $data['background']['gradient1'] = sanitize_hex_color( $input['background']['gradient1'] );
118 $data['background']['gradient2'] = sanitize_hex_color( $input['background']['gradient2'] );
119 $data['background']['preset'] = sanitize_text_field( $input['background']['preset'] );
120
121 // Font color
122 if ( ! isset( $input['font-color']['type'] ) ) {
123 $data['font-color']['type'] = '';
124 } else {
125 $data['font-color']['type'] = sanitize_text_field( $input['font-color']['type'] );
126 }
127 $data['font-color']['color'] = sanitize_hex_color( $input['font-color']['color'] );
128
129 // Layout input may have been disabled by selecting the widget template so no value is posted.
130 if ( ! isset( $input['layout'] ) ) {
131 $data['layout'] = '';
132 } else {
133 // pagination and Masonry are incompatible
134 $data['layout'] = sanitize_text_field( $input['layout'] );
135 if ( isset( $input['pagination'] ) && 'masonry' === $data['layout'] ) {
136 $data['layout'] = '';
137 }
138 }
139
140 $data['column_count'] = sanitize_text_field( $input['column_count'] );
141
142 $data['slideshow_settings'] = wpmtst_sanitize_view_slideshow( $input['slideshow_settings'] );
143
144 if ( isset( $input['client_section'] ) ) {
145 $data['client_section'] = wpmtst_sanitize_view_client_section( $input['client_section'] );
146 } else {
147 $data['client_section'] = null;
148 }
149
150 // Multiple Forms add-on
151 if ( isset( $input['form_id'] ) ) {
152 $data['form_id'] = $input['form_id'];
153 } else {
154 // hidden
155 $data['form_id'] = $input['_form_id'];
156 }
157
158 // Divi Builder
159 $data['divi_builder'] = isset( $input['divi_builder'] ) ? 1 : 0;
160
161 $data = apply_filters( 'wpmtst_sanitized_view', $data, $input );
162 ksort( $data );
163
164 return $data;
165 }
166
167 /**
168 * Read-more options.
169 *
170 * @param $data
171 * @param $input
172 * @param $default_view
173 *
174 * @since 2.33.0 As separate function.
175 *
176 * @return array
177 */
178 function wpmtst_sanitize_view_readmore( $data, $input, $default_view ) {
179 if ( 'truncated' === $data['content'] || 'excerpt' === $data['content'] ) {
180 $data['more_post'] = 1;
181 } else {
182 $data['more_post'] = 0;
183 }
184 $data['more_post_ellipsis'] = sanitize_text_field( $input['more_post_ellipsis'] );
185 $data['use_default_more'] = ( isset( $input['use_default_more'] ) ) ? $input['use_default_more'] : 0;
186 $data['more_post_text'] = sanitize_text_field( $input['more_post_text'] );
187 $data['less_post_text'] = sanitize_text_field( $input['less_post_text'] );
188 $data['more_post_text_inline'] = isset( $input['more_post_text_inline'] ) ? 1 : 0;
189
190 /**
191 * Read more in place
192 *
193 * @since 2.33.0
194 */
195 $data['more_post_in_place'] = isset( $input['more_post_in_place'] ) ? $input['more_post_in_place'] : 0;
196
197 /**
198 * Read more --> post (dependent on more-post-in-place)
199 */
200 $data['more_full_post'] = sanitize_text_field( $input['more_full_post'] );
201
202 /**
203 * Read more --> page
204 */
205 if ( isset( $input['more_page'] ) && $input['more_page'] ) {
206
207 // Check the "ID or slug" field first
208 if ( isset( $input['more_page_id2'] ) && ! empty( $input['more_page_id2'] ) ) {
209
210 // is post ID?
211 $id = sanitize_text_field( $input['more_page_id2'] );
212 if ( is_numeric( $id ) ) {
213 if ( ! get_posts(
214 array(
215 'p' => $id,
216 'post_type' => array( 'page', 'post' ),
217 'post_status' => 'publish',
218 )
219 ) ) {
220 $id = null;
221 }
222 } else {
223 // is post slug?
224 $target = get_posts(
225 array(
226 'name' => $id,
227 'post_type' => array( 'page', 'post' ),
228 'post_status' => 'publish',
229 )
230 );
231 if ( $target ) {
232 $id = $target[0]->ID;
233 }
234 }
235
236 if ( $id ) {
237 $data['more_page_id'] = $id;
238 unset( $data['more_page_id2'] );
239 }
240 } elseif ( $input['more_page_id'] ) {
241 if ( is_numeric( $input['more_page_id'] ) ) {
242 $data['more_page_id'] = (int) sanitize_text_field( $input['more_page_id'] );
243 } else {
244 $data['more_page_id'] = sanitize_text_field( $input['more_page_id'] );
245 }
246 }
247
248 // Only enable more_page if a page was selected by either method.
249 if ( isset( $data['more_page_id'] ) && $data['more_page_id'] ) {
250 $data['more_page'] = 1;
251 }
252 }
253
254 if ( ! $input['more_page_text'] ) {
255 $data['more_page_text'] = $default_view['more_page_text'];
256 } else {
257 $data['more_page_text'] = sanitize_text_field( $input['more_page_text'] );
258 }
259 $data['more_page_hook'] = sanitize_text_field( $input['more_page_hook'] );
260
261 return $data;
262 }
263
264 /**
265 * Single testimonial
266 *
267 * @since 2.30.0 As separate function.
268 *
269 * @param $data array
270 * @param $input array
271 *
272 * @return array
273 */
274 function wpmtst_sanitize_view_post_id( $data, $input ) {
275 // Clear single ID if "multiple" selected
276 if ( 'multiple' === $input['select'] ) {
277 $data['id'] = 0; // must be zero not empty or false
278 return $data;
279 }
280
281 // Clear single ID if mode:slideshow selected
282 if ( 'slideshow' === $input['mode'] ) {
283 $data['id'] = 0; // must be zero not empty or false
284 return $data;
285 }
286
287 // Check the "ID or slug" field first
288 if ( ! $input['post_id'] ) {
289 $data['id'] = (int) sanitize_text_field( $input['id'] );
290 return $data;
291 }
292
293 // Is post ID?
294 $id = (int) $input['post_id'];
295 if ( $id ) {
296 $args = array(
297 'p' => $id,
298 'post_type' => 'wpm-testimonial',
299 'post_status' => 'publish',
300 );
301 if ( ! get_posts( $args ) ) {
302 $id = null;
303 }
304 } else {
305 // Is post slug?
306 $args = array(
307 'name' => $input['post_id'],
308 'post_type' => 'wpm-testimonial',
309 'post_status' => 'publish',
310 );
311 $target = get_posts( $args );
312 if ( $target ) {
313 $id = $target[0]->ID;
314 }
315 }
316
317 $data['id'] = $id;
318 $data['post_id'] = '';
319
320 return $data;
321 }
322
323 /**
324 * Sanitize slideshow settings.
325 *
326 * @since 2.28.0
327 *
328 * @param $in
329 *
330 * @return array
331 */
332 function wpmtst_sanitize_view_pagination( $in ) {
333 $out['type'] = sanitize_text_field( $in['type'] );
334 $out['nav'] = str_replace( ' ', '', sanitize_text_field( $in['nav'] ) );
335 $out['show_all'] = 'on' === $in['show_all'];
336 $out['prev_next'] = wpmtst_sanitize_checkbox( $in, 'prev_next' );
337 $out['prev_text'] = sanitize_text_field( $in['prev_text'] );
338 $out['next_text'] = sanitize_text_field( $in['next_text'] );
339 $out['before_page_number'] = sanitize_text_field( $in['before_page_number'] );
340 $out['after_page_number'] = sanitize_text_field( $in['after_page_number'] );
341
342 /**
343 * Attempt to repair bug from 2.28.2
344 */
345 if ( isset( $in['end_size'] ) && intval( $in['end_size'] ) ) {
346 $out['end_size'] = (int) sanitize_text_field( $in['end_size'] );
347 } else {
348 $out['end_size'] = 1;
349 }
350
351 if ( isset( $in['mid_size'] ) && intval( $in['mid_size'] ) ) {
352 $out['mid_size'] = (int) sanitize_text_field( $in['mid_size'] );
353 } else {
354 $out['mid_size'] = 2;
355 }
356
357 if ( isset( $in['per_page'] ) && intval( $in['per_page'] ) ) {
358 $out['per_page'] = (int) sanitize_text_field( $in['per_page'] );
359 } else {
360 $out['per_page'] = 5;
361 }
362
363 return $out;
364 }
365
366 /**
367 * Sanitize slideshow settings.
368 *
369 * @param $in
370 * @since 2.15.0
371 *
372 * @return array
373 */
374 function wpmtst_sanitize_view_slideshow( $in ) {
375 $out = array();
376
377 $out['type'] = sanitize_text_field( $in['type'] );
378
379 // Insert unused defaults.
380 $out['show_single'] = array(
381 'max_slides' => 1,
382 'move_slides' => 1,
383 'margin' => 1,
384 );
385
386 // Save carousel breakpoints.
387 $breakpoints = $in['breakpoints'];
388
389 foreach ( $breakpoints as $key => $breakpoint ) {
390 $out['breakpoints'][ $key ]['width'] = intval( sanitize_text_field( $breakpoint['width'] ) );
391
392 $out['breakpoints'][ $key ]['max_slides'] = intval( sanitize_text_field( $breakpoint['max_slides'] ) );
393
394 $out['breakpoints'][ $key ]['move_slides'] = intval( sanitize_text_field( $breakpoint['move_slides'] ) );
395
396 if ( $out['breakpoints'][ $key ]['move_slides'] > $out['breakpoints'][ $key ]['max_slides'] ) {
397 $out['breakpoints'][ $key ]['move_slides'] = $out['breakpoints'][ $key ]['max_slides'];
398 }
399
400 $out['breakpoints'][ $key ]['margin'] = intval( sanitize_text_field( $breakpoint['margin'] ) );
401 }
402
403 // Carousel requires horizontal scroll.
404 if ( 'show_multiple' === $out['type'] ) {
405 $out['effect'] = 'horizontal';
406 } else {
407 $out['effect'] = sanitize_text_field( $in['effect'] );
408 }
409
410 $out['pause'] = floatval( sanitize_text_field( $in['pause'] ) );
411 $out['speed'] = floatval( sanitize_text_field( $in['speed'] ) );
412 $out['auto_hover'] = isset( $in['auto_hover'] ) ? 1 : 0;
413 $out['continuous_sliding'] = isset( $in['continuous_sliding'] ) ? 1 : 0;
414 $out['stop_auto_on_click'] = isset( $in['stop_auto_on_click'] ) ? 1 : 0;
415
416 if ( 'dynamic' === $in['height'] ) {
417 $out['adapt_height'] = 1;
418 } else {
419 $out['adapt_height'] = 0;
420 }
421 $out['adapt_height_speed'] = floatval( sanitize_text_field( $in['adapt_height_speed'] ) );
422 $out['stretch'] = isset( $in['stretch'] ) ? 1 : 0;
423
424 // If no navigation, must start automatically.
425 if ( 'none' === $in['pager_type'] && 'none' === $in['controls_type'] ) {
426 $out['auto_start'] = 1;
427 } else {
428 $out['auto_start'] = isset( $in['auto_start'] ) ? 1 : 0;
429 }
430
431 // Controls
432 $out['controls_type'] = sanitize_text_field( $in['controls_type'] );
433 $out['controls_style'] = sanitize_text_field( $in['controls_style'] );
434
435 // Pagination
436 $out['pager_type'] = sanitize_text_field( $in['pager_type'] );
437 $out['pager_style'] = sanitize_text_field( $in['pager_style'] );
438
439 // Position is shared by Controls and Pagination
440 if ( $out['controls_type'] || $out['pager_type'] ) {
441 if ( 'show_multiple' === $out['type'] ) {
442 $out['nav_position'] = 'outside';
443 } else {
444 $out['nav_position'] = sanitize_text_field( $in['nav_position'] );
445 }
446 }
447
448 ksort( $out );
449
450 return $out;
451 }
452
453
454 /**
455 * Sanitize client section (custom fields).
456 *
457 * @param $in
458 * @since 2.17.0
459 *
460 * @return array
461 */
462 function wpmtst_sanitize_view_client_section( $in ) {
463 $out = array();
464
465 foreach ( $in as $key => $field ) {
466 if ( empty( $field['field'] ) ) {
467 continue;
468 }
469
470 $out[ $key ]['field'] = sanitize_text_field( $field['field'] );
471
472 if ( isset( $field['type'] ) ) {
473 $type = sanitize_text_field( $field['type'] );
474 } else {
475 $type = sanitize_text_field( $field['save-type'] );
476 }
477 $out[ $key ]['type'] = $type;
478
479 $out[ $key ]['before'] = sanitize_text_field( $field['before'] );
480
481 $out[ $key ]['class'] = sanitize_text_field( $field['class'] );
482
483 switch ( $type ) {
484 case 'link':
485 case 'link2':
486 /**
487 * If no URL, change field type to 'text'. This happens when a URL field
488 * (e.g. company_name) is removed from Custom Fields.
489 * @since 2.10.0
490 */
491 if ( ! isset( $field['url'] ) ) {
492 $out[ $key ]['type'] = 'text';
493 unset( $out[ $key ]['link_text'] );
494 unset( $out[ $key ]['link_text_custom'] );
495 unset( $out[ $key ]['new_tab'] );
496 } else {
497 $out[ $key ]['url'] = sanitize_text_field( $field['url'] );
498
499 $out[ $key ]['link_text'] = isset( $field['link_text'] ) ? sanitize_text_field( $field['link_text'] ) : '';
500
501 $out[ $key ]['link_text_custom'] = isset( $field['link_text_custom'] ) ? sanitize_text_field( $field['link_text_custom'] ) : '';
502
503 $out[ $key ]['new_tab'] = isset( $field['new_tab'] ) ? 1 : 0;
504 }
505 break;
506 case 'date':
507 $format = isset( $field['format'] ) ? sanitize_text_field( $field['format'] ) : '';
508 $out[ $key ]['format'] = $format;
509 break;
510 case 'checkbox':
511 $out[ $key ]['label'] = isset( $field['label'] ) ? sanitize_text_field( $field['label'] ) : 'label';
512 $out[ $key ]['custom_label'] = isset( $field['custom_label'] ) ? sanitize_text_field( $field['custom_label'] ) : '';
513 $out[ $key ]['checked_value'] = isset( $field['checked_value'] ) ? sanitize_text_field( $field['checked_value'] ) : '';
514 $out[ $key ]['checked_value_custom'] = isset( $field['checked_value_custom'] ) ? sanitize_text_field( $field['checked_value_custom'] ) : '';
515 $out[ $key ]['unchecked_value'] = isset( $field['unchecked_value'] ) ? sanitize_text_field( $field['unchecked_value'] ) : '';
516 break;
517 case 'category':
518 $out[ $key ]['category_show'] = isset( $field['category_show'] ) ? sanitize_text_field( $field['category_show'] ) : 'both';
519 break;
520 default:
521 }
522 }
523
524 return $out;
525 }
526
527 /**
528 * Template settings.
529 *
530 * @param $data
531 * @param $input
532 *
533 * @return array
534 */
535 function wpmtst_sanitize_view_template( $data, $input ) {
536 if ( 'form' === $data['mode'] ) {
537 $data['template'] = isset( $input['form-template'] ) ? sanitize_text_field( $input['form-template'] ) : '';
538 } else {
539 $data['template'] = isset( $input['template'] ) ? sanitize_text_field( $input['template'] ) : '';
540 }
541
542 // To save all template settings:
543 foreach ( $input['template_settings'] as $template => $settings ) {
544 foreach ( $settings as $key => $setting ) {
545 // This does not work for checkboxes yet.
546 $data['template_settings'][ $template ][ $key ] = apply_filters( 'wpmtst_sanitize_view_template_setting', sanitize_text_field( $setting ), $key );
547 }
548 }
549
550 return $data;
551 }
552