diff --git a/includes/admin/assets/js/um-admin-field.js b/includes/admin/assets/js/um-admin-field.js index 3e9591a8..0ff7ef15 100644 --- a/includes/admin/assets/js/um-admin-field.js +++ b/includes/admin/assets/js/um-admin-field.js @@ -35,22 +35,20 @@ jQuery(document).ready(function() { /* Add a Field */ jQuery(document.body).on('submit', 'form.um_add_field', function(e){ - e.preventDefault(); - var conditions = jQuery('.um-admin-cur-condition'); - //need fields refactor - jQuery(conditions).each( function ( i ) { - - if ( jQuery( this ).find('[id^="_conditional_action"]').val() === '' || - jQuery( this ).find('[id^="_conditional_field"]').val() === '' || - jQuery( this ).find('[id^="_conditional_operator"]').val() ==='' ) - { - jQuery(conditions[i]).find('.um-admin-remove-condition').trigger('click'); - } - } ); - conditions = jQuery('.um-admin-cur-condition'); - jQuery(conditions).each( function ( i ) { - var id = i === 0 ? '' : i; + var conditions = jQuery('.um-admin-cur-condition'); + //need fields refactor + jQuery(conditions).each( function ( i ) { + if ( jQuery( this ).find('[id^="_conditional_action"]').val() === '' || + jQuery( this ).find('[id^="_conditional_field"]').val() === '' || + jQuery( this ).find('[id^="_conditional_operator"]').val() ==='' ) + { + jQuery(conditions[i]).find('.um-admin-remove-condition').trigger('click'); + } + } ); + conditions = jQuery('.um-admin-cur-condition'); + jQuery(conditions).each( function ( i ) { + var id = i === 0 ? '' : i; jQuery( this ).find('[id^="_conditional_action"]').attr('name', '_conditional_action' + id); jQuery( this ).find('[id^="_conditional_action"]').attr('id', '_conditional_action' + id); @@ -60,8 +58,7 @@ jQuery(document).ready(function() { jQuery( this ).find('[id^="_conditional_operator"]').attr('id', '_conditional_operator' + id); jQuery( this ).find('[id^="_conditional_value"]').attr('name', '_conditional_value' + id); jQuery( this ).find('[id^="_conditional_value"]').attr('id', '_conditional_value' + id); - - } ); + } ); var form = jQuery(this); jQuery.ajax({ @@ -78,40 +75,34 @@ jQuery(document).ready(function() { complete: function(){ form.css({'opacity': 1}); }, - success: function(data){ - if (data.error){ - - c = 0; - jQuery.each(data.error, function(i, v){ - c++; - if ( c == 1 ) { - form.find('#'+i).addClass('um-admin-error').trigger('focus'); - form.find('.um-admin-error-block').show().html(v); - } - }); - - um_admin_modal_responsive(); + success: function( response ){ + if ( response.success ) { + let data = response.data; + if ( data.error ) { + let c = 0; + jQuery.each( data.error, function(i, v){ + c++; + if ( 1 === c ) { + form.find('#' + i).addClass('um-admin-error').trigger('focus'); + form.find('.um-admin-error-block').show().html(v); + } + }); + um_admin_modal_responsive(); + } else { + jQuery('.um-col-demon-settings').data('in_row', '').data('in_sub_row', '').data('in_column', '').data('in_group', ''); + um_admin_remove_modal(); + um_admin_update_builder(); + } } else { - - jQuery('.um-col-demon-settings').data('in_row', ''); - jQuery('.um-col-demon-settings').data('in_sub_row', ''); - jQuery('.um-col-demon-settings').data('in_column', ''); - jQuery('.um-col-demon-settings').data('in_group', ''); - - um_admin_remove_modal(); - um_admin_update_builder(); - + console.log( response ); } - }, - error: function(data){ - console.log(data); + error: function( response ){ + console.log( response ); } }); - return false; - }); -}); \ No newline at end of file +}); diff --git a/includes/admin/core/class-admin-builder.php b/includes/admin/core/class-admin-builder.php index a2eca841..7bc41c71 100644 --- a/includes/admin/core/class-admin-builder.php +++ b/includes/admin/core/class-admin-builder.php @@ -37,114 +37,131 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) { } /** - * Apply a filter to handle errors for field updating in backend + * Apply a filter to handle errors for field updating in backend. * - * @param $errors - * @param $array + * @param null|array $errors + * @param array $submission_data * * @return mixed */ - function um_admin_field_update_error_handling( $errors, $array ) { - /** - * @var $field_type - */ - extract( $array ); + public function um_admin_field_update_error_handling( $errors, $submission_data ) { + if ( ! array_key_exists( 'field_type', $submission_data ) ) { + return $errors; + } - $field_attr = UM()->builtin()->get_core_field_attrs( $field_type ); - - if ( isset( $field_attr['validate'] ) ) { - - $validate = $field_attr['validate']; - foreach ( $validate as $post_input => $arr ) { - - $skip = apply_filters( 'um_admin_builder_skip_field_validation', false, $post_input, $array ); - if ( $skip ) { - continue; - } - - $mode = $arr['mode']; - - switch ( $mode ) { - - case 'numeric': - if ( ! empty( $array['post'][ $post_input ] ) && ! is_numeric( $array['post'][ $post_input ] ) ){ - $errors[ $post_input ] = $validate[ $post_input ]['error']; - } - break; - - case 'unique': - if ( ! isset( $array['post']['edit_mode'] ) ) { - if ( UM()->builtin()->unique_field_err( $array['post'][ $post_input ] ) ) { - $errors[ $post_input ] = UM()->builtin()->unique_field_err( $array['post'][ $post_input ] ); - } - } - break; - - case 'required': - if ( $array['post'][ $post_input ] == '' ) { - $errors[ $post_input ] = $validate[ $post_input ]['error']; - } - break; - - case 'range-start': - if ( UM()->builtin()->date_range_start_err( $array['post'][ $post_input ] ) && $array['post']['_range'] == 'date_range' ) { - $errors[ $post_input ] = UM()->builtin()->date_range_start_err( $array['post'][ $post_input ] ); - } - break; - - case 'range-end': - if ( UM()->builtin()->date_range_end_err( $array['post'][ $post_input ], $array['post']['_range_start'] ) && $array['post']['_range'] == 'date_range' ) { - $errors[ $post_input ] = UM()->builtin()->date_range_end_err( $array['post'][ $post_input ], $array['post']['_range_start'] ); - } - break; - - } + $field_attr = UM()->builtin()->get_core_field_attrs( $submission_data['field_type'] ); + if ( ! array_key_exists( 'validate', $field_attr ) ) { + return $errors; + } + $validate = $field_attr['validate']; + foreach ( $validate as $post_input => $arr ) { + /** + * Filters the marker for skipping field validation. + * + * @param {bool} $skip Errors list. It's null by default. + * @param {string} $post_input Field key for validation. + * @param {array} $submission_data Update field handler data. + * + * @return {bool} True for skipping validation. + * + * @since 2.1.0 + * @hook um_admin_builder_skip_field_validation + * + * @example Skipping validation for the `_options` setting field for `billing_country` and `shipping_country` form fields. + * function my_custom_um_admin_builder_skip_field_validation( $skip, $post_input, $submission_data ) { + * if ( $post_input === '_options' && isset( $submission_data['post']['_metakey'] ) && in_array( $submission_data['post']['_metakey'], array( 'billing_country', 'shipping_country' ), true ) ) { + * $skip = true; + * } + * return $skip; + * } + * add_filter( 'um_admin_builder_skip_field_validation', 'my_custom_um_admin_builder_skip_field_validation', 10, 3 ); + */ + $skip = apply_filters( 'um_admin_builder_skip_field_validation', false, $post_input, $submission_data ); + if ( $skip ) { + continue; } + if ( ! array_key_exists( 'mode', $arr ) ) { + continue; + } + + switch ( $arr['mode'] ) { + case 'numeric': + if ( ! empty( $submission_data['post'][ $post_input ] ) && ! is_numeric( $submission_data['post'][ $post_input ] ) ) { + $errors[ $post_input ] = $validate[ $post_input ]['error']; + } + break; + case 'unique': + if ( ! isset( $submission_data['post']['edit_mode'] ) ) { + $mode_error = UM()->builtin()->unique_field_err( $submission_data['post'][ $post_input ] ); + if ( ! empty( $mode_error ) ) { + $errors[ $post_input ] = $mode_error; + } + } + break; + case 'required': + if ( '' === $submission_data['post'][ $post_input ] ) { + $errors[ $post_input ] = $validate[ $post_input ]['error']; + } + break; + case 'range-start': + if ( 'date_range' === $submission_data['post']['_range'] ) { + $mode_error = UM()->builtin()->date_range_start_err( $submission_data['post'][ $post_input ] ); + if ( ! empty( $mode_error ) ) { + $errors[ $post_input ] = $mode_error; + } + } + break; + case 'range-end': + if ( 'date_range' === $submission_data['post']['_range'] ) { + $mode_error = UM()->builtin()->date_range_end_err( $submission_data['post'][ $post_input ], $submission_data['post']['_range_start'] ); + if ( ! empty( $mode_error ) ) { + $errors[ $post_input ] = $mode_error; + } + } + break; + } } return $errors; - } - /** - * Some fields may require extra fields before saving + * Some fields may require extra fields before saving. * - * @param $array + * @param array $submission_data * - * @return mixed + * @return array */ - function um_admin_pre_save_fields_hook( $array ) { - /** - * @var $form_id - * @var $field_type - */ - extract( $array ); + public function um_admin_pre_save_fields_hook( $submission_data ) { + if ( ! array_key_exists( 'form_id', $submission_data ) || ! array_key_exists( 'field_type', $submission_data ) || ! array_key_exists( 'post', $submission_data ) ) { + return $submission_data; + } - $fields_without_metakey = UM()->builtin()->get_fields_without_metakey(); + $form_id = $submission_data['form_id']; + $field_type = $submission_data['field_type']; $fields = UM()->query()->get_attr( 'custom_fields', $form_id ); - $count = 1; + $count = 1; if ( ! empty( $fields ) ) { $count = count( $fields ) + 1; } - // set unique meta key - if ( in_array( $field_type, $fields_without_metakey ) && ! isset( $array['post']['_metakey'] ) ) { - $array['post']['_metakey'] = "um_{$field_type}_{$form_id}_{$count}"; + // Set unique meta key. + $fields_without_metakey = UM()->builtin()->get_fields_without_metakey(); + if ( ! array_key_exists( '_metakey', $submission_data['post'] ) && in_array( $field_type, $fields_without_metakey, true ) ) { + $submission_data['post']['_metakey'] = "um_{$field_type}_{$form_id}_{$count}"; } - // set position - if ( ! isset( $array['post']['_position'] ) ) { - $array['post']['_position'] = $count; + // Set position. + if ( ! array_key_exists( '_position', $submission_data['post'] ) ) { + $submission_data['post']['_position'] = $count; } - return $array; + return $submission_data; } - /** * Modify field args just before it is saved into form * @@ -374,7 +391,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) { return ''; } - foreach( $row_fields as $key => $array ) { + foreach ( $row_fields as $key => $array ) { if ( ! isset( $array['in_sub_row'] ) || ( isset( $array['in_sub_row'] ) && $array['in_sub_row'] == $subrow_id ) ) { $results[ $key ] = $array; unset( $this->global_fields[ $key ] ); @@ -384,18 +401,15 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) { return ( isset ( $results ) ) ? $results : ''; } - /** - * Display the builder + * Display the builder. */ - function show_builder() { - + public function show_builder() { $fields = UM()->query()->get_attr( 'custom_fields', $this->form_id ); - if ( !isset( $fields ) || empty( $fields ) ) { ?> - + if ( empty( $fields ) ) { + ?>
-
@@ -403,211 +417,164 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) {
-
-
-
- -
- -
- +
-
-
-
- global_fields = array(); - } else { - $this->global_fields = $fields; - } - - foreach ( $this->global_fields as $key => $array ) { - if ( $array['type'] == 'row' ) { - $rows[ $key ] = $array; - unset( $this->global_fields[ $key ] ); // not needed now + $rows = array(); + $this->global_fields = is_array( $fields ) ? $fields : array(); + foreach ( $this->global_fields as $key => $field_data ) { + if ( array_key_exists( 'type', $field_data ) && 'row' === $field_data['type'] ) { + $rows[ $key ] = $field_data; + unset( $this->global_fields[ $key ] ); // Remove rows from global fields because not needed below. } - } - if ( ! isset( $rows ) ) { + // Set 1st row if there aren't any rows in form. + if ( empty( $rows ) ) { $rows = array( '_um_row_1' => array( - 'type' => 'row', - 'id' => '_um_row_1', - 'sub_rows' => 1, - 'cols' => 1 + 'type' => 'row', + 'id' => '_um_row_1', + 'sub_rows' => 1, + 'cols' => 1, ), ); } - foreach ( $rows as $row_id => $array ) { ?> - + foreach ( $rows as $row_id => $array ) { + ?>
-
- + - + -
- +
+
+ get_fields_by_row( $row_id ); + $sub_rows = array_key_exists( 'sub_rows', $array ) ? $array['sub_rows'] : 1; - get_fields_by_row( $row_id ); - - $sub_rows = ( isset( $array['sub_rows'] ) ) ? $array['sub_rows'] : 1; - for ( $c = 0; $c < $sub_rows; $c++ ) { - + for ( $c = 0; $c < $sub_rows; $c++ ) { $subrow_fields = $this->get_fields_in_subrow( $row_fields, $c ); - ?> -
-
- '; + $col_class = ( $col_num === $i ) ? 'active' : ''; + ?> + + -
-
- 0 ) { ?> + 0 ) { ?> + +
-
- array_sort_by_column( $subrow_fields, 'position' ); + foreach ( $subrow_fields as $key => $keyarray ) { + if ( ! array_key_exists( 'type', $keyarray ) || ! array_key_exists( 'title', $keyarray ) ) { + continue; + } - $subrow_fields = $this->array_sort_by_column( $subrow_fields, 'position'); - - foreach( $subrow_fields as $key => $keyarray ) { - /** - * @var $type - * @var $title - */ - extract( $keyarray ); - + $field_type = $keyarray['type']; + $field_title = $keyarray['title']; + $in_group = array_key_exists( 'in_group', $keyarray ) ? $keyarray['in_group'] : ''; + $in_column = array_key_exists( 'in_column', $keyarray ) ? $keyarray['in_column'] : 1; + $icon = array_key_exists( 'icon', $keyarray ) ? $keyarray['icon'] : ''; + $field_name = __( 'Invalid field type', 'ultimate-member' ); + if ( array_key_exists( $field_type, UM()->builtin()->core_fields ) && array_key_exists( 'name', UM()->builtin()->core_fields[ $field_type ] ) ) { + $field_name = UM()->builtin()->core_fields[ $field_type ]['name']; + } ?> - -
- -
- +
+
+ - - -
- builtin()->core_fields[$type]['name'] ) ? UM()->builtin()->core_fields[$type]['name'] : ''; ?> -
-
- - - - - - - - - - - - + + - -
- - -
- -
+ +
+
+
+ + + + + + + +
+
+ +
-
- -
-
-
-
- - - +
-
- admin()->check_ajax_nonce(); if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) { @@ -616,512 +583,486 @@ if ( ! class_exists( 'um\admin\core\Admin_Builder' ) ) { $output['error'] = null; + // phpcs:disable WordPress.Security.NonceVerification -- Already verified by `UM()->admin()->check_ajax_nonce()` $array = array( 'field_type' => sanitize_key( $_POST['_type'] ), 'form_id' => absint( $_POST['post_id'] ), 'args' => UM()->builtin()->get_core_field_attrs( sanitize_key( $_POST['_type'] ) ), 'post' => UM()->admin()->sanitize_builder_field_meta( $_POST ), ); + // phpcs:enable WordPress.Security.NonceVerification -- Already verified by `UM()->admin()->check_ajax_nonce()` /** - * UM hook + * Filters the field data before save in Form Builder. * - * @type filter - * @title um_admin_pre_save_fields_hook - * @description Filter field data before save - * @input_vars - * [{"var":"$array","type":"array","desc":"Save Field data"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_admin_pre_save_fields_hook', 'function_name', 10, 1 ); - * @example - * Change submitted value to new one by the field key. + * function my_custom_um_admin_pre_save_fields_hook( $submission_data ) { + * $submission_data['post']['{field_key}'] = {new value}; + * return $submission_data; * } - * ?> + * add_filter( 'um_admin_pre_save_fields_hook', 'my_custom_um_admin_pre_save_fields_hook' ); */ $array = apply_filters( 'um_admin_pre_save_fields_hook', $array ); /** - * UM hook + * Filters the validation errors on the update field in Form Builder. * - * @type filter - * @title um_admin_field_update_error_handling - * @description Change error string on save field - * @input_vars - * [{"var":"$error","type":"string","desc":"Error String"}, - * {"var":"$array","type":"array","desc":"Save Field data"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_admin_field_update_error_handling', 'function_name', 10, 2 ); - * @example - * Added error with Error text to the field by the field key. + * function my_custom_um_admin_field_update_error_handling( $errors, $submission_data ) { + * $errors['{field_key}'] = {Error text}; + * return $errors; * } - * ?> + * add_filter( 'um_admin_field_update_error_handling', 'my_custom_um_admin_field_update_error_handling', 10, 2 ); */ $output['error'] = apply_filters( 'um_admin_field_update_error_handling', $output['error'], $array ); - - /** - * @var $_metakey - * @var $post_id - */ - extract( $array['post'] ); - if ( empty( $output['error'] ) ) { - - $save = array(); - $save[ $_metakey ] = null; + $save = array(); + $field_id = $array['post']['_metakey']; // Set field ID as it's metakey. + $save[ $field_id ] = null; foreach ( $array['post'] as $key => $val ) { + if ( '' !== $val && '_' === substr( $key, 0, 1 ) ) { // field attribute + $new_key = ltrim( $key, '_' ); - if ( substr( $key, 0, 1 ) === '_' && $val !== '' ) { // field attribute - $new_key = ltrim ( $key, '_' ); - - if ( $new_key == 'options' ) { - //$save[ $_metakey ][$new_key] = explode(PHP_EOL, $val); - $save[ $_metakey ][ $new_key ] = preg_split( '/[\r\n]+/', $val, -1, PREG_SPLIT_NO_EMPTY ); + if ( 'options' === $new_key ) { + $save[ $field_id ][ $new_key ] = preg_split( '/[\r\n]+/', $val, -1, PREG_SPLIT_NO_EMPTY ); } else { - $save[ $_metakey ][ $new_key ] = $val; + $save[ $field_id ][ $new_key ] = $val; } - - } elseif ( strstr( $key, 'um_editor' ) ) { - + } elseif ( false !== strpos( $key, 'um_editor' ) ) { if ( 'block' === $array['post']['_type'] ) { - $save[ $_metakey ]['content'] = wp_kses_post( $val ); + $save[ $field_id ]['content'] = wp_kses_post( $val ); } else { - $save[ $_metakey ]['content'] = sanitize_textarea_field( $val ); + $save[ $field_id ]['content'] = sanitize_textarea_field( $val ); } } - } - $field_ID = $_metakey; - $field_args = $save[ $_metakey ]; - /** - * UM hook + * Filters the field options before save to form on the update field in Form Builder. * - * @type filter - * @title um_admin_pre_save_field_to_form - * @description Change field options before save to form - * @input_vars - * [{"var":"$field_args","type":"array","desc":"Field Options"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_admin_pre_save_field_to_form', 'function_name', 10, 1 ); - * @example - * Force change the field's metakey when store it to DB for the form. + * function my_custom_um_admin_pre_save_field_to_form( $field_args ) { + * $field_args['metakey'] = {new_metakey}; * return $field_args; * } - * ?> + * add_filter( 'um_admin_pre_save_field_to_form', 'my_custom_um_admin_pre_save_field_to_form' ); */ - $field_args = apply_filters( 'um_admin_pre_save_field_to_form', $field_args ); + $field_args = apply_filters( 'um_admin_pre_save_field_to_form', $save[ $field_id ] ); - UM()->fields()->update_field( $field_ID, $field_args, $post_id ); + UM()->fields()->update_field( $field_id, $field_args, $array['post']['post_id'] ); /** - * UM hook + * Filters the field options before save to DB (globally) on the update field in Form Builder. * - * @type filter - * @title um_admin_pre_save_field_to_db - * @description Change field options before save to DB - * @input_vars - * [{"var":"$field_args","type":"array","desc":"Field Options"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_admin_pre_save_field_to_db', 'function_name', 10, 1 ); - * @example - * Force change the field's metakey when store it to DB globally. + * function my_custom_um_admin_pre_save_field_to_db( $field_args ) { + * $field_args['metakey'] = {new_metakey}; * return $field_args; * } - * ?> + * add_filter( 'um_admin_pre_save_field_to_db', 'my_custom_um_admin_pre_save_field_to_db' ); */ $field_args = apply_filters( 'um_admin_pre_save_field_to_db', $field_args ); if ( ! isset( $array['args']['form_only'] ) ) { - if ( ! isset( UM()->builtin()->predefined_fields[ $field_ID ] ) ) { - UM()->fields()->globally_update_field( $field_ID, $field_args ); + if ( ! isset( UM()->builtin()->predefined_fields[ $field_id ] ) ) { + UM()->fields()->globally_update_field( $field_id, $field_args ); } } - } - $output = json_encode( $output ); - if ( is_array( $output ) ) { - print_r( $output ); - } else { - echo $output; - } - die; + wp_send_json_success( $output ); } - /** - * + * AJAX handler for dynamic content inside the modal window. */ - function dynamic_modal_content() { + public function dynamic_modal_content() { UM()->admin()->check_ajax_nonce(); if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) { wp_send_json_error( __( 'Please login as administrator', 'ultimate-member' ) ); } + // phpcs:disable WordPress.Security.NonceVerification -- already verified here + if ( empty( $_POST['act_id'] ) ) { + wp_send_json_error( __( 'Wrong dynamic-content attribute.', 'ultimate-member' ) ); + } + $metabox = UM()->metabox(); + $act_id = sanitize_key( $_POST['act_id'] ); - /** - * @var $act_id - * @var $arg1 - * @var $arg2 - * @var $arg3 - */ - extract( $_POST ); - - if ( isset( $arg1 ) ) { - $arg1 = sanitize_text_field( $arg1 ); + $arg1 = null; + if ( isset( $_POST['arg1'] ) ) { + $arg1 = sanitize_text_field( $_POST['arg1'] ); } - if ( isset( $arg2 ) ) { - $arg2 = sanitize_text_field( $arg2 ); + $arg2 = null; + if ( isset( $_POST['arg2'] ) ) { + $arg2 = sanitize_text_field( $_POST['arg2'] ); } - if ( isset( $arg3 ) ) { - $arg3 = sanitize_text_field( $arg3 ); + $arg3 = null; + if ( isset( $_POST['arg3'] ) ) { + $arg3 = sanitize_text_field( $_POST['arg3'] ); } - switch ( sanitize_key( $act_id ) ) { + $form_mode = null; + if ( isset( $_POST['form_mode'] ) ) { + $form_mode = sanitize_key( $_POST['form_mode'] ); + } + $in_row = null; + if ( isset( $_POST['in_row'] ) ) { + $in_row = absint( $_POST['in_row'] ); + } + + $in_sub_row = null; + if ( isset( $_POST['in_sub_row'] ) ) { + $in_sub_row = absint( $_POST['in_sub_row'] ); + } + + $in_column = null; + if ( isset( $_POST['in_column'] ) ) { + $in_column = absint( $_POST['in_column'] ); + } + + $in_group = null; + if ( isset( $_POST['in_group'] ) ) { + $in_group = absint( $_POST['in_group'] ); + } + // phpcs:enable WordPress.Security.NonceVerification -- already verified here + + switch ( $act_id ) { default: - ob_start(); - /** - * UM hook + * Fires for integration on AJAX popup admin builder modal content. * - * @type action - * @title um_admin_ajax_modal_content__hook - * @description Integration hook on ajax popup admin builder modal content - * @input_vars - * [{"var":"$act_id","type":"string","desc":"Ajax Action"}] - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_admin_ajax_modal_content__hook', 'function_name', 10, 1 ); - * @example - * Pass HTML to the custom UM modal with data-dynamic-content="user_info". + * function my_custom_um_admin_ajax_modal_content__hook( $act_id ) { + * if ( 'user_info' === $act_id ) { + * // Your HTML is here + * } * } - * ?> + * add_action( 'um_admin_ajax_modal_content__hook', 'my_custom_um_admin_ajax_modal_content__hook' ); */ - do_action( 'um_admin_ajax_modal_content__hook', sanitize_key( $act_id ) ); + do_action( 'um_admin_ajax_modal_content__hook', $act_id ); /** - * UM hook + * Fires for integration on AJAX popup admin builder modal content. * - * @type action - * @title um_admin_ajax_modal_content__hook_{$act_id} - * @description Integration hook on ajax popup admin builder modal content - * @change_log - * ["Since: 2.0"] - * @usage add_action( 'um_admin_ajax_modal_content__hook_{$act_id}', 'function_name', 10 ); - * @example - * Pass HTML to the custom UM modal with data-dynamic-content="user_info". + * function my_custom_um_admin_ajax_modal_content__hook_user_info() { + * // Your HTML is here for `user_info` modal * } - * ?> + * add_action( 'um_admin_ajax_modal_content__hook_user_info', 'my_custom_um_admin_ajax_modal_content__hook_user_info' ); */ - do_action( "um_admin_ajax_modal_content__hook_" . sanitize_key( $act_id ) ); - + do_action( 'um_admin_ajax_modal_content__hook_' . $act_id ); $output = ob_get_clean(); break; - case 'um_admin_fonticon_selector': - - ob_start(); ?> - + ob_start(); + ?>
- +
-
- fonticons()->all as $icon ) { ?> - + fonticons()->all as $icon ) { ?> + -
- - +
+ query()->get_attr( 'custom_fields', $arg2 ); $form_fields = array_values( array_filter( array_keys( $form_fields ) ) ); - //$form_fields = array_keys( $form_fields ); ?> - -

+

- - builtin()->core_fields ) { - foreach ( UM()->builtin()->core_fields as $field_type => $array ) { - - if ( isset( $array['in_fields'] ) && $array['in_fields'] == false ) { + builtin()->core_fields ) { + foreach ( UM()->builtin()->core_fields as $field_type => $field_data ) { + if ( isset( $field_data['in_fields'] ) && false === $field_data['in_fields'] ) { continue; - } ?> - - - - - + } + ?> + +
- -

+

- - builtin()->predefined_fields ) { - foreach ( UM()->builtin()->predefined_fields as $field_key => $array ) { - if ( ! isset( $array['account_only'] ) && ! isset( $array['private_use'] ) ) { ?> - - data-silent_action="um_admin_add_field_from_predefined" data-arg1="" data-arg2=""> - - builtin()->predefined_fields ) { + foreach ( UM()->builtin()->predefined_fields as $field_key => $field_data ) { + if ( array_key_exists( 'account_only', $field_data ) && true === $field_data['account_only'] ) { + continue; + } + if ( array_key_exists( 'private_use', $field_data ) && true === $field_data['private_use'] ) { + continue; + } + ?> + data-silent_action="um_admin_add_field_from_predefined" data-arg1="" data-arg2="" title=""> + ' . __( 'None', 'ultimate-member' ) . '

'; - } ?> - + ?> +

+
- -

+

- builtin()->custom_fields ) { - foreach ( UM()->builtin()->custom_fields as $field_key => $array ) { - if ( empty( $array['title'] ) || empty( $array['type'] ) ) { + foreach ( UM()->builtin()->custom_fields as $field_key => $field_data ) { + if ( empty( $field_data['title'] ) || empty( $field_data['type'] ) ) { continue; - } ?> - - data-silent_action="um_admin_add_field_from_list" data-arg1="" data-arg2="" title=""> () - - + + data-silent_action="um_admin_add_field_from_list" data-arg1="" data-arg2="" title=""> () + ' . __( 'You did not create any custom fields', 'ultimate-member' ) . '

'; - } ?> - + ?> +

+
- - builtin()->get_core_field_attrs( $arg1 ); + $form_fields = UM()->query()->get_attr( 'custom_fields', $arg2 ); - ob_start(); - - $args = UM()->builtin()->get_core_field_attrs( $arg1 ); - - $form_fields = UM()->query()->get_attr( 'custom_fields', $arg2 ); + if ( ! array_key_exists( $arg3, $form_fields ) ) { + $output = '

' . esc_html__( 'This field is not setup correctly for this form.', 'ultimate-member' ) . '

'; + break; + } $metabox->set_field_type = $arg1; - $metabox->in_edit = true; - $metabox->edit_array = $form_fields[ $arg3 ]; + $metabox->in_edit = true; + $metabox->edit_array = $form_fields[ $arg3 ]; - if ( !isset( $metabox->edit_array['metakey'] ) ){ + if ( ! array_key_exists( 'metakey', $metabox->edit_array ) ) { $metabox->edit_array['metakey'] = $metabox->edit_array['id']; } - if ( !isset( $metabox->edit_array['position'] ) ){ + if ( ! array_key_exists( 'position', $metabox->edit_array ) ) { $metabox->edit_array['position'] = $metabox->edit_array['id']; } - extract( $args ); - - if ( ! isset( $col1 ) ) { - - echo '

'. __( 'This field type is not setup correcty.', 'ultimate-member' ) . '

'; - - } else { + ob_start(); + if ( ! array_key_exists( 'col1', $field_type_data ) ) { ?> - - edit_array['in_group'] ) ) { ?> - - - - - - - - - - +

+ + + + + + + + + - - - - - -
edit_array['content'] ) ? $metabox->edit_array['content'] : ''; ?>
+ +
edit_array['content'] ) ? wp_kses( $metabox->edit_array['content'], UM()->get_allowed_html( 'templates' ) ) : ''; ?>
modal_header(); ?>
- - field_input ( $opt, $arg2, $metabox->edit_array ); } ?> - + field_input( $opt, $arg2, $metabox->edit_array ); + } + } + ?>
-
- - field_input ( $opt, $arg2, $metabox->edit_array ); } ?> - -
- - field_input ( $opt, $arg2, $metabox->edit_array ); } ?> - + field_input( $opt, $arg2, $metabox->edit_array ); + } + } + ?> +
- - field_input ( $opt, $arg2, $metabox->edit_array ); } ?> - - modal_footer( $arg2, $args, $metabox ); ?> - field_input( $opt, $arg2, $metabox->edit_array ); + } + } + ?> +
+ field_input( $opt, $arg2, $metabox->edit_array ); + } + } + $this->modal_footer( $arg2, $field_type_data, $metabox ); } - $output = ob_get_clean(); break; - case 'um_admin_new_field_popup': + // $arg1 means `field_type` variable in this case. + // $arg2 means `form_id` variable in this case. + $field_type_data = UM()->builtin()->get_core_field_attrs( $arg1 ); + $metabox->set_field_type = $arg1; ob_start(); - $args = UM()->builtin()->get_core_field_attrs( $arg1 ); - - $metabox->set_field_type = $arg1; - - /** - * @var $in_row - * @var $in_sub_row - * @var $in_column - * @var $in_group - */ - extract( $args ); - - if ( ! isset( $col1 ) ) { - - echo '

'. __( 'This field type is not setup correcty.', 'ultimate-member' ) . '

'; - + if ( ! array_key_exists( 'col1', $field_type_data ) ) { + ?> +

+ - - - - - - - - - + ?> + + + + + + modal_header(); ?>
- - field_input ( $opt ); } ?> - + field_input( $opt ); + } + } + ?>
-
- - field_input ( $opt ); } ?> - -
- - field_input ( $opt ); } ?> - + field_input( $opt ); + } + } + ?> +
- - field_input ( $opt ); } ?> - - modal_footer( $arg2, $args, $metabox ); ?> - field_input( $opt ); + } + } + ?> +
+ field_input( $opt ); + } + } + $this->modal_footer( $arg2, $field_type_data, $metabox ); } - $output = ob_get_clean(); break; - case 'um_admin_preview_form': - + // $arg1 means `form_id` variable in this case. UM()->user()->preview = true; - $mode = UM()->query()->get_attr('mode', $arg1 ); - - if ( $mode == 'profile' ) { + $mode = UM()->query()->get_attr( 'mode', $arg1 ); + if ( empty( $mode ) ) { + $mode = $form_mode; + } + if ( 'profile' === $mode ) { UM()->fields()->editing = true; } - $output = '
'; - - if ( version_compare( get_bloginfo('version'),'5.4', '<' ) ) { - $output .= do_shortcode('[ultimatemember form_id="' . $arg1 . '" /]'); - } else { - $output .= apply_shortcodes('[ultimatemember form_id="' . $arg1 . '" /]'); - } - + $output = '
'; + $output .= apply_shortcodes( '[ultimatemember form_id="' . $arg1 . '" /]' ); break; - case 'um_admin_review_registration': - //$user_id = $arg1; - - if ( ! current_user_can( 'administrator' ) ) { - if ( ! um_can_view_profile( $arg1 ) ) { - $output = ''; - break; - } + // $arg1 means `user_id` variable in this case. + if ( ! current_user_can( 'administrator' ) && ! um_can_view_profile( $arg1 ) ) { + $output = ''; + break; } - um_fetch_user( $arg1 ); - UM()->user()->preview = true; - - $output = um_user_submitted_registration_formatted( true ); - + $output = um_user_submitted_registration_formatted( true ); um_reset_user(); - break; - } - if ( is_array( $output ) ) { - print_r( $output ); - } else { - echo $output; - } + // @todo WPCS through wp_kses. + echo $output; die; } - /** * */ diff --git a/includes/admin/core/class-admin-dragdrop.php b/includes/admin/core/class-admin-dragdrop.php index b135b91c..b6614b70 100644 --- a/includes/admin/core/class-admin-dragdrop.php +++ b/includes/admin/core/class-admin-dragdrop.php @@ -35,18 +35,19 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) { */ public function update_order() { UM()->admin()->check_ajax_nonce(); + // phpcs:disable WordPress.Security.NonceVerification -- already verified here if ( ! is_user_logged_in() || ! current_user_can( 'manage_options' ) ) { wp_send_json_error( __( 'Please login as administrator', 'ultimate-member' ) ); } - /** - * @var $form_id - */ - extract( $_POST ); + if ( empty( $_POST['form_id'] ) ) { + wp_send_json_error( __( 'Invalid form ID.', 'ultimate-member' ) ); + } - if ( isset( $form_id ) ) { - $form_id = absint( $form_id ); + $form_id = absint( $_POST['form_id'] ); + if ( empty( $form_id ) ) { + wp_send_json_error( __( 'Invalid form ID.', 'ultimate-member' ) ); } $fields = UM()->query()->get_attr( 'custom_fields', $form_id ); @@ -71,12 +72,11 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) { // adding rows if ( 0 === strpos( $key, '_um_row_' ) ) { - $update_args = null; $row_id = str_replace( '_um_row_', '', $key ); - if ( strstr( $_POST[ '_um_rowcols_' . $row_id . '_cols' ], ':' ) ) { + if ( false !== strpos( $_POST[ '_um_rowcols_' . $row_id . '_cols' ], ':' ) ) { $cols = sanitize_text_field( $_POST[ '_um_rowcols_' . $row_id . '_cols' ] ); } else { $cols = absint( $_POST[ '_um_rowcols_' . $row_id . '_cols' ] ); @@ -105,7 +105,6 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) { } $fields[ $key ] = $row_args; - } // change field position @@ -160,16 +159,16 @@ if ( ! class_exists( 'um\admin\core\Admin_DragDrop' ) ) { update_option( 'um_form_rowdata_' . $form_id, $this->row_data ); UM()->query()->update_attr( 'custom_fields', $form_id, $fields ); + // phpcs:enable WordPress.Security.NonceVerification -- already verified here } /** * Load form to maintain form order. */ public function load_field_order() { - $screen = get_current_screen(); - if ( ! isset( $screen->id ) || 'um_form' !== $screen->id ) { + if ( ! isset( $screen, $screen->id ) || 'um_form' !== $screen->id ) { return; } ?> diff --git a/includes/admin/core/class-admin-metabox.php b/includes/admin/core/class-admin-metabox.php index e226068d..2b4a9c96 100644 --- a/includes/admin/core/class-admin-metabox.php +++ b/includes/admin/core/class-admin-metabox.php @@ -61,6 +61,8 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) { */ public $is_loaded = false; + public $set_field_type; + /** * Admin_Metabox constructor. */ @@ -1820,7 +1822,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) { ?>

- +

- +

- +

- +

@@ -2283,7 +2285,7 @@ if ( ! class_exists( 'um\admin\core\Admin_Metabox' ) ) { ?>

- +

- +

- +

core_fields[ $type ] ) ) ? $this->core_fields[ $type ] : array(''); + public function get_core_field_attrs( $type ) { + return array_key_exists( $type, $this->core_fields ) ? $this->core_fields[ $type ] : array( '' ); } - /** * Core Fields */ - function set_core_fields() { - + public function set_core_fields() { $this->core_fields = array( - 'row' => array( 'name' => 'Row', 'in_fields' => false, @@ -651,21 +647,21 @@ if ( ! class_exists( 'um\core\Builtin' ) ) { ), /*'group' => array( - 'name' => 'Field Group', - 'col1' => array('_title','_max_entries'), - 'col2' => array('_label','_public','_roles'), - 'form_only' => true, - 'validate' => array( - '_title' => array( - 'mode' => 'required', - 'error' => 'You must provide a title' - ), - '_label' => array( - 'mode' => 'required', - 'error' => 'You must provide a label' - ), - ) - ),*/ + 'name' => 'Field Group', + 'col1' => array('_title','_max_entries'), + 'col2' => array('_label','_public','_roles'), + 'form_only' => true, + 'validate' => array( + '_title' => array( + 'mode' => 'required', + 'error' => 'You must provide a title' + ), + '_label' => array( + 'mode' => 'required', + 'error' => 'You must provide a label' + ), + ) + ),*/ ); @@ -1379,48 +1375,43 @@ if ( ! class_exists( 'um\core\Builtin' ) ) { } } - /** - * Get all fields without metakeys + * Get all fields without metakeys. * * @since 2.0.56 * * @return array */ - function get_fields_without_metakey() { + public function get_fields_without_metakey() { $fields_without_metakey = array( 'block', 'shortcode', 'spacing', 'divider', - 'group' + 'group', ); - /** - * UM hook + * Filters the field types without meta key. * - * @type filter - * @title um_fields_without_metakey - * @description Field Types without meta key - * @input_vars - * [{"var":"$types","type":"array","desc":"Field Types"}] - * @change_log - * ["Since: 2.0"] - * @usage add_filter( 'um_fields_without_metakey', 'function_name', 10, 1 ); - * @example - * It adds 'location' and 'distance' field-types to fields without metakeys array. + * function my_custom_um_fields_without_metakey( $field_types ) { + * $field_types[] = 'location'; + * $field_types[] = 'distance'; + * return $field_types; * } - * ?> + * add_filter( 'um_fields_without_metakey', 'my_custom_um_fields_without_metakey' ); */ return apply_filters( 'um_fields_without_metakey', $fields_without_metakey ); } - /** * May be used to show a dropdown, or source for user meta * diff --git a/includes/core/class-password.php b/includes/core/class-password.php index dfd14cef..df8c3c2e 100644 --- a/includes/core/class-password.php +++ b/includes/core/class-password.php @@ -1,34 +1,36 @@ change_password ) ) { + if ( false !== $this->change_password ) { // then COOKIE are valid then get data from them and populate hidden fields for the password reset form $args['template'] = 'password-change'; $args['rp_key'] = ''; diff --git a/includes/core/class-query.php b/includes/core/class-query.php index ef19440a..80b72e42 100644 --- a/includes/core/class-query.php +++ b/includes/core/class-query.php @@ -95,9 +95,9 @@ if ( ! class_exists( 'um\core\Query' ) ) { } $pages = $wpdb->get_results( - "SELECT * - FROM {$wpdb->posts} - WHERE post_type = 'page' AND + "SELECT * + FROM {$wpdb->posts} + WHERE post_type = 'page' AND post_status = 'publish'", OBJECT ); @@ -363,21 +363,18 @@ if ( ! class_exists( 'um\core\Query' ) ) { update_post_meta( $post_id, '_um_' . $key, $new_value ); } - /** - * Get data + * Get postmeta related to Ultimate Member. * - * @param $key - * @param $post_id + * @param string $key + * @param int $post_id * * @return mixed */ - function get_attr( $key, $post_id ) { - $meta = get_post_meta( $post_id, '_um_' . $key, true ); - return $meta; + public function get_attr( $key, $post_id ) { + return get_post_meta( $post_id, '_um_' . $key, true ); } - /** * Delete data *