class-preview.php — WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More 1.5.0.4

wpforms-lite / includes / class-preview.php

wpforms-lite / includes Last commit date

class-preview.php

419 lines

1	<?php
2	/**
3	* Preview class.
4	*
5	* @package WPForms
6	* @author WPForms
7	* @since 1.1.5
8	* @license GPL-2.0+
9	* @copyright Copyright (c) 2016, WPForms LLC
10	*/
11	class WPForms_Preview {
12
13	/**
14	* Primary class constructor.
15	*
16	* @since 1.1.5
17	*/
18	public function __construct() {
19
20	// Maybe load a preview page.
21	add_action( 'init', array( $this, 'init' ) );
22
23	// Hide preview page from admin.
24	add_action( 'pre_get_posts', array( $this, 'form_preview_hide' ) );
25	}
26
27	/**
28	* Determining if the user should see a preview page, if so, party on.
29	*
30	* @since 1.1.5
31	*/
32	public function init() {
33
34	// Check for preview param with allowed values.
35	if ( empty( $_GET['wpforms_preview'] ) \|\| ! in_array( $_GET['wpforms_preview'], array( 'print', 'form' ), true ) ) {
36	return;
37	}
38
39	// Check for authenticated user with correct capabilities.
40	if ( ! is_user_logged_in() \|\| ! wpforms_current_user_can() ) {
41	return;
42	}
43
44	// Print preview.
45	if ( 'print' === $_GET['wpforms_preview'] && ! empty( $_GET['entry_id'] ) ) {
46	$this->print_preview();
47	}
48
49	// Form preview.
50	if ( 'form' === $_GET['wpforms_preview'] && ! empty( $_GET['form_id'] ) ) {
51	$this->form_preview();
52	}
53	}
54
55	/**
56	* Print Preview.
57	*
58	* @since 1.1.5
59	*/
60	public function print_preview() {
61
62	// Load entry details.
63	$entry = wpforms()->entry->get( absint( $_GET['entry_id'] ) );
64
65	// Double check that we found a real entry.
66	if ( empty( $entry ) ) {
67	return;
68	}
69
70	// Get form details.
71	$form_data = wpforms()->form->get(
72	$entry->form_id,
73	array(
74	'content_only' => true,
75	)
76	);
77
78	// Double check that we found a valid entry.
79	if ( empty( $form_data ) ) {
80	return;
81	}
82
83	// Check for entry notes.
84	$entry->entry_notes = wpforms()->entry_meta->get_meta(
85	array(
86	'entry_id' => $entry->entry_id,
87	'type' => 'note',
88	)
89	);
90
91	?>
92	<!doctype html>
93	<html>
94	<head>
95	<meta charset="utf-8">
96	<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
97	<title>WPForms Print Preview - <?php echo ucfirst( sanitize_text_field( $form_data['settings']['form_title'] ) ); ?> </title>
98	<meta name="description" content="">
99	<meta name="viewport" content="width=device-width, initial-scale=1">
100	<meta name="robots" content="noindex,nofollow,noarchive">
101	<link rel="stylesheet" href="<?php echo includes_url( 'css/buttons.min.css' ); ?>" type="text/css">
102	<link rel="stylesheet" href="<?php echo WPFORMS_PLUGIN_URL; ?>assets/css/wpforms-preview.css" type="text/css">
103	<script type="text/javascript" src="<?php echo includes_url( 'js/jquery/jquery.js' ); ?>"></script>
104	<script>
105	jQuery(function($){
106	var showEmpty = false,
107	showNotes = false,
108	showCompact = false;
109	// Print page.
110	$(document).on('click', '.print', function(e) {
111	e.preventDefault();
112	window.print();
113	});
114	// Close page.
115	$(document).on('click', '.close-window', function(e) {
116	e.preventDefault();
117	window.close();
118	});
119	// Toggle empty fields.
120	$(document).on('click', '.toggle-empty', function(e) {
121	e.preventDefault();
122	if ( ! showEmpty ) {
123	$(this).text('<?php esc_html_e( 'Hide empty fields', 'wpforms-lite' ); ?>');
124	} else {
125	$(this).text('<?php esc_html_e( 'Show empty fields', 'wpforms-lite' ); ?>');
126	}
127	$('.field.empty').toggle();
128	showEmpty = !showEmpty;
129	});
130	// Toggle notes.
131	$(document).on('click', '.toggle-notes', function(e) {
132	e.preventDefault();
133	if ( ! showNotes ) {
134	$(this).text('<?php esc_html_e( 'Hide notes', 'wpforms-lite' ); ?>');
135	} else {
136	$(this).text('<?php esc_html_e( 'Show notes', 'wpforms-lite' ); ?>');
137	}
138	$('.notes, .notes-head').toggle();
139	showNotes = !showNotes;
140	});
141	// Toggle compact view.
142	$(document).on('click', '.toggle-view', function(e) {
143	e.preventDefault();
144	if ( ! showCompact ) {
145	$(this).text('<?php esc_html_e( 'Normal view', 'wpforms-lite' ); ?>');
146	} else {
147	$(this).text('<?php esc_html_e( 'Compact view', 'wpforms-lite' ); ?>');
148	}
149	$('body').toggleClass('compact');
150	showCompact = !showCompact;
151	});
152	});
153	</script>
154	</head>
155	<body class="wp-core-ui">
156	<div class="wpforms-preview" id="print">
157	<h1>
158	<?php /* translators: %d - entry ID. */ ?>
159	<?php echo sanitize_text_field( $form_data['settings']['form_title'] ); ?> <span> - <?php printf( esc_html__( 'Entry #%d', 'wpforms-lite' ), absint( $entry->entry_id ) ); ?></span>
160	<div class="buttons">
161	<a href="" class="button button-secondary close-window"><?php esc_html_e( 'Close', 'wpforms-lite' ); ?></a>
162	<a href="" class="button button-primary print"><?php esc_html_e( 'Print', 'wpforms-lite' ); ?></a>
163	</div>
164	</h1>
165	<div class="actions">
166	<a href="#" class="toggle-empty"><?php esc_html_e( 'Show empty fields', 'wpforms-lite' ); ?></a> •
167	<?php echo ! empty( $entry->entry_notes ) ? '<a href="#" class="toggle-notes">' . esc_html__( 'Show notes', 'wpforms-lite' ) . '</a> •' : ''; ?>
168	<a href="#" class="toggle-view"><?php esc_html_e( 'Compact view', 'wpforms-lite' ); ?></a>
169	</div>
170	<?php
171	$fields = apply_filters( 'wpforms_entry_single_data', wpforms_decode( $entry->fields ), $entry, $form_data );
172
173	if ( empty( $fields ) ) {
174
175	// Whoops, no fields! This shouldn't happen under normal use cases.
176	echo '<p class="no-fields">' . esc_html__( 'This entry does not have any fields', 'wpforms-lite' ) . '</p>';
177
178	} else {
179
180	echo '<div class="fields">';
181
182	// Display the fields and their values.
183	foreach ( $fields as $key => $field ) {
184
185	$field_value = apply_filters( 'wpforms_html_field_value', wp_strip_all_tags( $field['value'] ), $field, $form_data, 'entry-single' );
186	$field_class = sanitize_html_class( 'wpforms-field-' . $field['type'] );
187	$field_class .= empty( $field_value ) ? ' empty' : '';
188
189	echo '<div class="field ' . $field_class . '">';
190
191	echo '<p class="field-name">';
192	/* translators: %d - field ID */
193	echo ! empty( $field['name'] ) ? wp_strip_all_tags( $field['name'] ) : sprintf( esc_html__( 'Field ID #%d', 'wpforms-lite' ), absint( $field['id'] ) );
194	echo '</p>';
195
196	echo '<p class="field-value">';
197	echo ! empty( $field_value ) ? nl2br( make_clickable( $field_value ) ) : esc_html__( 'Empty', 'wpforms-lite' );
198	echo '</p>';
199
200	echo '</div>';
201	}
202
203	echo '</div>';
204	}
205
206	if ( ! empty( $entry->entry_notes ) ) {
207
208	echo '<h2 class="notes-head">' . esc_html__( 'Notes', 'wpforms-lite' ) . '</h2>';
209
210	echo '<div class="notes">';
211
212	foreach ( $entry->entry_notes as $note ) {
213
214	$user = get_userdata( $note->user_id );
215	$user_name = esc_html( ! empty( $user->display_name ) ? $user->display_name : $user->user_login );
216	$date_format = sprintf( '%s %s', get_option( 'date_format' ), get_option( 'time_format' ) );
217	$date = date_i18n( $date_format, strtotime( $note->date ) + ( get_option( 'gmt_offset' ) * 3600 ) );
218
219	echo '<div class="note">';
220	echo '<div class="note-byline">';
221	/* translators: %1$s - user name; %2$s - date */
222	printf( esc_html__( 'Added by %1$s on %2$s', 'wpforms-lite' ), $user_name, $date );
223	echo '</div>';
224	echo '<div class="note-text">' . wp_kses_post( $note->data ) . '</div>';
225	echo '</div>';
226	}
227	echo '</div>';
228	}
229	?>
230	</div>
231	<p class="site"><a href="<?php echo home_url(); ?>"><?php echo get_bloginfo( 'name'); ?></a></p>
232	</body>
233	<?php
234	exit();
235	}
236
237	/**
238	* Check if preview page exists, if not create it.
239	*
240	* @since 1.1.9
241	*/
242	public function form_preview_check() {
243
244	// This isn't a privilege check, rather this is intended to prevent
245	// the check from running on the site frontend and areas where
246	// we don't want it to load.
247	if ( ! is_admin() ) {
248	return;
249	}
250
251	// Verify page exits.
252	$preview = get_option( 'wpforms_preview_page' );
253
254	if ( $preview ) {
255
256	$preview_page = get_post( $preview );
257
258	// Check to see if the visibility has been changed, if so correct it.
259	if ( ! empty( $preview_page ) && 'private' !== $preview_page->post_status ) {
260	$preview_page->post_status = 'private';
261	wp_update_post( $preview_page );
262
263	return;
264	} elseif ( ! empty( $preview_page ) ) {
265	return;
266	}
267	}
268
269	// Create the custom preview page.
270	$content = '<p>' . esc_html__( 'This is the WPForms preview page. All your form previews will be handled on this page.', 'wpforms-lite' ) . '</p>';
271	$content .= '<p>' . esc_html__( 'The page is set to private, so it is not publicly accessible. Please do not delete this page :) .', 'wpforms-lite' ) . '</p>';
272	$args = array(
273	'post_type' => 'page',
274	'post_name' => 'wpforms-preview',
275	'post_author' => 1,
276	'post_title' => esc_html__( 'WPForms Preview', 'wpforms-lite' ),
277	'post_status' => 'private',
278	'post_content' => $content,
279	'comment_status' => 'closed',
280	);
281
282	$id = wp_insert_post( $args );
283	if ( $id ) {
284	update_option( 'wpforms_preview_page', $id );
285	}
286	}
287
288	/**
289	* Preview page URL.
290	*
291	* @since 1.1.9
292	*
293	* @param int $form_id
294	*
295	* @return string
296	*/
297	public function form_preview_url( $form_id ) {
298
299	$id = get_option( 'wpforms_preview_page' );
300
301	if ( ! $id ) {
302	return home_url();
303	}
304
305	$url = get_permalink( $id );
306
307	if ( ! $url ) {
308	return home_url();
309	}
310
311	return add_query_arg(
312	array(
313	'wpforms_preview' => 'form',
314	'form_id' => absint( $form_id ),
315	),
316	$url
317	);
318	}
319
320	/**
321	* Fires when form preview might be detected.
322	*
323	* @since 1.1.9
324	*/
325	public function form_preview() {
326
327	add_filter( 'the_posts', array( $this, 'form_preview_query' ), 10, 2 );
328	}
329
330	/**
331	* Tweak the page content for form preview page requests.
332	*
333	* @since 1.1.9
334	*
335	* @param array $posts
336	* @param WP_Query $query
337	*
338	* @return array
339	*/
340	public function form_preview_query( $posts, $query ) {
341
342	// One last cap check, just for fun.
343	if ( ! is_user_logged_in() \|\| ! wpforms_current_user_can() ) {
344	return $posts;
345	}
346
347	// Only target main query.
348	if ( ! $query->is_main_query() ) {
349	return $posts;
350	}
351
352	// If our queried object ID does not match the preview page ID, return early.
353	$preview_id = absint( get_option( 'wpforms_preview_page' ) );
354	$queried = $query->get_queried_object_id();
355	if (
356	$queried &&
357	$queried !== $preview_id &&
358	isset( $query->query_vars['page_id'] ) &&
359	$preview_id != $query->query_vars['page_id']
360	) {
361	return $posts;
362	}
363
364	// Get the form details.
365	$form = wpforms()->form->get(
366	absint( $_GET['form_id'] ),
367	array(
368	'content_only' => true,
369	)
370	);
371
372	if ( ! $form \|\| empty( $form ) ) {
373	return $posts;
374	}
375
376	// Customize the page content.
377	$title = ! empty( $form['settings']['form_title'] ) ? sanitize_text_field( $form['settings']['form_title'] ) : esc_html__( 'Form', 'wpforms-lite' );
378	$shortcode = ! empty( $form['id'] ) ? '[wpforms id="' . absint( $form['id'] ) . '"]' : '';
379	$content = esc_html__( 'This is a preview of your form. This page is not publicly accessible.', 'wpforms-lite' );
380	if ( ! empty( $_GET['new_window'] ) ) {
381	$content .= ' <a href="javascript:window.close();">' . esc_html__( 'Close this window', 'wpforms-lite' ) . '.</a>';
382	}
383	/* translators: %s - Form name. */
384	$posts[0]->post_title = sprintf( esc_html__( '%s Preview', 'wpforms-lite' ), $title );
385	$posts[0]->post_content = $content . $shortcode;
386	$posts[0]->post_status = 'public';
387
388	return $posts;
389	}
390
391	/**
392	* Hide the preview page from admin
393	*
394	* @since 1.2.3
395	*
396	* @param WP_Query $query
397	*/
398	public function form_preview_hide( $query ) {
399
400	// Hide the preview page from the site's edit.php post table.
401	// This prevents users from seeing or trying to modify this page, since
402	// it is intended to be for internal WPForms use only.
403	if (
404	$query->is_main_query() &&
405	is_admin() &&
406	isset( $query->query_vars['post_type'] ) &&
407	'page' === $query->query_vars['post_type']
408	) {
409	$wpforms_preview = intval( get_option( 'wpforms_preview_page' ) );
410
411	if ( $wpforms_preview ) {
412	$exclude = $query->query_vars['post__not_in'];
413	$exclude[] = $wpforms_preview;
414	$query->set( 'post__not_in', $exclude );
415	}
416	}
417	}
418	}
419