Email Subscribers & Newsletters - Version 4.1.8

Version Description

(16.07.2019) = * New: Now, admin can add/ edit First Name & Last Name of subscribers. * Fix: Fixed Vulnerabilities (Thanks Tin Duong of Fortinet's FortiGuard Labs, WordPress Plugin Review Team & Ihor Voschyk for reporting)

Download this release

Release Info

Developer Icegram
Plugin Icon 128x128 Email Subscribers & Newsletters
Version 4.1.8
Comparing to
See all releases

Code changes from version 4.1.7 to 4.1.8

Files changed (11) hide show
  1. email-subscribers.php +2 -2
  2. includes/admin/class-es-admin-settings.php +47 -3
  3. includes/admin/class-es-campaigns-table.php +5 -1
  4. includes/admin/class-es-forms-table.php +19 -14
  5. includes/admin/class-es-handle-subscription.php +6 -5
  6. includes/admin/class-es-lists-table.php +6 -2
  7. includes/admin/class-es-reports-table.php +5 -1
  8. includes/admin/class-es-subscribers-table.php +245 -155
  9. includes/db/class-es-db-lists-contacts.php +7 -4
  10. public/partials/class-es-shortcode.php +3 -3
  11. readme.txt +5 -1
email-subscribers.php CHANGED
@@ -3,7 +3,7 @@
3
  * Plugin Name: Email Subscribers & Newsletters
4
  * Plugin URI: https://www.icegram.com/
5
  * Description: Add subscription forms on website, send HTML newsletters & automatically notify subscribers about new blog posts once it is published.
6
- * Version: 4.1.7
7
  * Author: Icegram
8
  * Author URI: https://www.icegram.com/
9
  * Requires at least: 3.9
@@ -24,7 +24,7 @@ if ( ! defined( 'WPINC' ) ) {
24
  * Define constants
25
  */
26
  define( 'ES_PLUGIN_DIR', dirname( __FILE__ ) );
27
- define( 'ES_PLUGIN_VERSION', '4.1.7' );
28
  define( 'ES_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
29
 
30
  if ( ! defined( 'ES_PLUGIN_FILE' ) ) {
3
  * Plugin Name: Email Subscribers & Newsletters
4
  * Plugin URI: https://www.icegram.com/
5
  * Description: Add subscription forms on website, send HTML newsletters & automatically notify subscribers about new blog posts once it is published.
6
+ * Version: 4.1.8
7
  * Author: Icegram
8
  * Author URI: https://www.icegram.com/
9
  * Requires at least: 3.9
24
  * Define constants
25
  */
26
  define( 'ES_PLUGIN_DIR', dirname( __FILE__ ) );
27
+ define( 'ES_PLUGIN_VERSION', '4.1.8' );
28
  define( 'ES_PLUGIN_BASE_NAME', plugin_basename( __FILE__ ) );
29
 
30
  if ( ! defined( 'ES_PLUGIN_FILE' ) ) {
includes/admin/class-es-admin-settings.php CHANGED
@@ -29,7 +29,6 @@ class ES_Admin_Settings {
29
 
30
  public function es_settings_callback() {
31
 
32
-
33
  $submitted = ! empty( $_POST['submitted'] ) ? $_POST['submitted'] : '';
34
  $submit_action = ! empty( $_POST['submit_action'] ) ? $_POST['submit_action'] : '';
35
 
@@ -42,13 +41,58 @@ class ES_Admin_Settings {
42
  $options['ig_es_disable_wp_cron'] = isset( $options['ig_es_disable_wp_cron'] ) ? $options['ig_es_disable_wp_cron'] : 'no';
43
  $options['ig_es_track_email_opens'] = isset( $options['ig_es_track_email_opens'] ) ? $options['ig_es_track_email_opens'] : 'no';
44
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
45
  foreach ( $options as $key => $value ) {
46
  if ( substr( $key, 0, 6 ) === 'ig_es_' ) {
47
- update_option( $key, stripslashes( $value ) );
 
 
 
 
 
 
 
 
 
48
  }
49
  }
50
 
51
- do_action('ig_es_after_settings_save', $options);
52
 
53
  $message = __( 'Settings have been saved successfully!' );
54
  $status = 'success';
29
 
30
  public function es_settings_callback() {
31
 
 
32
  $submitted = ! empty( $_POST['submitted'] ) ? $_POST['submitted'] : '';
33
  $submit_action = ! empty( $_POST['submit_action'] ) ? $_POST['submit_action'] : '';
34
 
41
  $options['ig_es_disable_wp_cron'] = isset( $options['ig_es_disable_wp_cron'] ) ? $options['ig_es_disable_wp_cron'] : 'no';
42
  $options['ig_es_track_email_opens'] = isset( $options['ig_es_track_email_opens'] ) ? $options['ig_es_track_email_opens'] : 'no';
43
 
44
+ $text_fields_to_sanitize = array(
45
+ 'ig_es_from_name',
46
+ 'ig_es_admin_emails',
47
+ 'ig_es_email_type',
48
+ 'ig_es_optin_type',
49
+ 'ig_es_post_image_size',
50
+ 'ig_es_track_email_opens',
51
+ 'ig_es_enable_welcome_email',
52
+ 'ig_es_welcome_email_subject',
53
+ 'ig_es_confirmation_mail_subject',
54
+ 'ig_es_notify_admin',
55
+ 'ig_es_admin_new_contact_email_subject',
56
+ 'ig_es_enable_cron_admin_email',
57
+ 'ig_es_cron_admin_email_subject',
58
+ 'ig_es_cronurl',
59
+ 'ig_es_hourly_email_send_limit',
60
+ 'ig_es_disable_wp_cron'
61
+ );
62
+
63
+ $texarea_fields_to_sanitize = array(
64
+ 'ig_es_unsubscribe_link_content',
65
+ 'ig_es_subscription_success_message',
66
+ 'ig_es_subscription_error_messsage',
67
+ 'ig_es_unsubscribe_success_message',
68
+ 'ig_es_unsubscribe_error_message',
69
+ 'ig_es_welcome_email_content',
70
+ 'ig_es_confirmation_mail_content',
71
+ 'ig_es_admin_new_contact_email_content',
72
+ 'ig_es_cron_admin_email',
73
+ 'ig_es_blocked_domains'
74
+ );
75
+
76
+ $email_fields_to_sanitize = array(
77
+ 'ig_es_from_email'
78
+ );
79
+
80
  foreach ( $options as $key => $value ) {
81
  if ( substr( $key, 0, 6 ) === 'ig_es_' ) {
82
+
83
+ if ( in_array( $key, $text_fields_to_sanitize ) ) {
84
+ $value = sanitize_text_field( $value );
85
+ } elseif ( in_array( $key, $texarea_fields_to_sanitize ) ) {
86
+ $value = sanitize_textarea_field($value);
87
+ } elseif ( in_array( $key, $email_fields_to_sanitize ) ) {
88
+ $value = sanitize_email( $value );
89
+ }
90
+
91
+ update_option( $key, wp_unslash( $value ) );
92
  }
93
  }
94
 
95
+ do_action( 'ig_es_after_settings_save', $options );
96
 
97
  $message = __( 'Settings have been saved successfully!' );
98
  $status = 'success';
includes/admin/class-es-campaigns-table.php CHANGED
@@ -121,7 +121,11 @@ class ES_Campaigns_Table extends WP_List_Table {
121
 
122
  if ( ! $do_count_only ) {
123
 
124
- $order = ! empty( $order ) ? ' ' . esc_sql( $order ) : ' DESC';
 
 
 
 
125
 
126
  $default_order_by = esc_sql( 'created_at' );
127
 
121
 
122
  if ( ! $do_count_only ) {
123
 
124
+ $order = ! empty( $order ) ? strtolower($order) : 'desc';
125
+ $expected_order_values = array('asc', 'desc');
126
+ if(!in_array($order, $expected_order_values)) {
127
+ $order = 'desc';
128
+ }
129
 
130
  $default_order_by = esc_sql( 'created_at' );
131
 
includes/admin/class-es-forms-table.php CHANGED
@@ -121,7 +121,7 @@ class ES_Forms_Table extends WP_List_Table {
121
 
122
  $validate_data = array(
123
  'nonce' => $nonce,
124
- 'name' => ! empty( $form_data['name'] ) ? $form_data['name'] : '',
125
  'lists' => ! empty( $form_data['lists'] ) ? $form_data['lists'] : array()
126
  );
127
 
@@ -207,16 +207,16 @@ class ES_Forms_Table extends WP_List_Table {
207
  $action = 'edit';
208
  }
209
 
210
- $form_data['name'] = ! empty( $data['name'] ) ? $data['name'] : '';
211
- $form_data['name_visible'] = ! empty( $data['name_visible'] ) ? $data['name_visible'] : 'no';
212
- $form_data['name_required'] = ! empty( $data['name_required'] ) ? $data['name_required'] : 'no';
213
- $form_data['name_label'] = ! empty( $data['name_label'] ) ? $data['name_label'] : '';
214
- $form_data['email_label'] = ! empty( $data['email_label'] ) ? $data['email_label'] : '';
215
- $form_data['button_label'] = ! empty( $data['button_label'] ) ? $data['button_label'] : __( 'Subscribe', 'email-subscribers' );
216
  $form_data['list_visible'] = ! empty( $data['list_visible'] ) ? $data['list_visible'] : 'no';
217
  $form_data['lists'] = ! empty( $data['lists'] ) ? $data['lists'] : array();
218
  $form_data['af_id'] = ! empty( $data['af_id'] ) ? $data['af_id'] : 0;
219
- $form_data['desc'] = ! empty( $data['desc'] ) ? $data['desc'] : '';
220
 
221
  $lists = ES_DB_Lists::get_list_id_name_map();
222
  $nonce = wp_create_nonce( 'es_form' );
@@ -385,12 +385,13 @@ class ES_Forms_Table extends WP_List_Table {
385
  }
386
 
387
  public static function prepare_form_data( $data ) {
 
388
  $form_data = array();
389
- $name = ! empty( $data['name'] ) ? $data['name'] : '';
390
- $desc = ! empty( $data['desc'] ) ? $data['desc'] : '';
391
- $email_label = ! empty( $data['email_label'] ) ? $data['email_label'] : '';
392
- $name_label = ! empty( $data['name_label'] ) ? $data['name_label'] : '';
393
- $button_label = ! empty( $data['button_label'] ) ? $data['button_label'] : '';
394
  $name_visible = ( ! empty( $data['name_visible'] ) && $data['name_visible'] === 'yes' ) ? true : false;
395
  $name_required = ( ! empty( $data['name_required'] ) && $data['name_required'] === 'yes' ) ? true : false;
396
  $list_visible = ( ! empty( $data['list_visible'] ) && $data['list_visible'] === 'yes' ) ? true : false;
@@ -546,7 +547,11 @@ class ES_Forms_Table extends WP_List_Table {
546
 
547
  if ( ! $do_count_only ) {
548
 
549
- $order = ! empty( $order ) ? ' ' . esc_sql( $order ) : ' DESC';
 
 
 
 
550
 
551
  $default_order_by = esc_sql( 'created_at' );
552
 
121
 
122
  $validate_data = array(
123
  'nonce' => $nonce,
124
+ 'name' => ! empty( $form_data['name'] ) ? sanitize_text_field( $form_data['name'] ) : '',
125
  'lists' => ! empty( $form_data['lists'] ) ? $form_data['lists'] : array()
126
  );
127
 
207
  $action = 'edit';
208
  }
209
 
210
+ $form_data['name'] = ! empty( $data['name'] ) ? sanitize_text_field( $data['name'] ) : '';
211
+ $form_data['name_visible'] = ! empty( $data['name_visible'] ) ? sanitize_text_field( $data['name_visible'] ) : 'no';
212
+ $form_data['name_required'] = ! empty( $data['name_required'] ) ? sanitize_text_field( $data['name_required'] ) : 'no';
213
+ $form_data['name_label'] = ! empty( $data['name_label'] ) ? sanitize_text_field( $data['name_label'] ) : '';
214
+ $form_data['email_label'] = ! empty( $data['email_label'] ) ? sanitize_text_field( $data['email_label'] ) : '';
215
+ $form_data['button_label'] = ! empty( $data['button_label'] ) ? sanitize_text_field( $data['button_label'] ) : __( 'Subscribe', 'email-subscribers' );
216
  $form_data['list_visible'] = ! empty( $data['list_visible'] ) ? $data['list_visible'] : 'no';
217
  $form_data['lists'] = ! empty( $data['lists'] ) ? $data['lists'] : array();
218
  $form_data['af_id'] = ! empty( $data['af_id'] ) ? $data['af_id'] : 0;
219
+ $form_data['desc'] = ! empty( $data['desc'] ) ? sanitize_text_field( $data['desc'] ) : '';
220
 
221
  $lists = ES_DB_Lists::get_list_id_name_map();
222
  $nonce = wp_create_nonce( 'es_form' );
385
  }
386
 
387
  public static function prepare_form_data( $data ) {
388
+
389
  $form_data = array();
390
+ $name = ! empty( $data['name'] ) ? sanitize_text_field( $data['name'] ) : '';
391
+ $desc = ! empty( $data['desc'] ) ? sanitize_text_field( $data['desc'] ) : '';
392
+ $email_label = ! empty( $data['email_label'] ) ? sanitize_text_field( $data['email_label'] ) : '';
393
+ $name_label = ! empty( $data['name_label'] ) ? sanitize_text_field( $data['name_label'] ) : '';
394
+ $button_label = ! empty( $data['button_label'] ) ? sanitize_text_field( $data['button_label'] ) : '';
395
  $name_visible = ( ! empty( $data['name_visible'] ) && $data['name_visible'] === 'yes' ) ? true : false;
396
  $name_required = ( ! empty( $data['name_required'] ) && $data['name_required'] === 'yes' ) ? true : false;
397
  $list_visible = ( ! empty( $data['list_visible'] ) && $data['list_visible'] === 'yes' ) ? true : false;
547
 
548
  if ( ! $do_count_only ) {
549
 
550
+ $order = ! empty( $order ) ? strtolower( $order ) : 'desc';
551
+ $expected_order_values = array( 'asc', 'desc' );
552
+ if ( ! in_array( $order, $expected_order_values ) ) {
553
+ $order = 'desc';
554
+ }
555
 
556
  $default_order_by = esc_sql( 'created_at' );
557
 
includes/admin/class-es-handle-subscription.php CHANGED
@@ -64,22 +64,23 @@ class ES_Handle_Subscription {
64
  exit;
65
  }
66
 
 
 
 
67
  $first_name = $last_name = '';
68
- if ( ! empty( $form_data['esfpx_name'] ) ) {
69
- $name = trim( $form_data['esfpx_name'] );
70
  // Get First Name and Last Name from Name
71
  $name_parts = ES_Common::prepare_first_name_last_name( $name );
72
  $first_name = $name_parts['first_name'];
73
  $last_name = $name_parts['last_name'];
74
  } else {
75
- $email = trim( $form_data['esfpx_email'] );
76
  $first_name = ES_Common::get_name_from_email( $email );
77
  }
78
 
79
  $this->name = $first_name;
80
  $this->first_name = $first_name;
81
  $this->last_name = $last_name;
82
- $this->email = isset( $form_data['esfpx_email'] ) ? trim( $form_data['esfpx_email'] ) : '';
83
  $this->list_ids = isset( $form_data['esfpx_lists'] ) ? $form_data['esfpx_lists'] : array();
84
  $this->es_nonce = isset( $form_data['esfpx_es-subscribe'] ) ? trim( $form_data['esfpx_es-subscribe'] ) : '';
85
  $this->form_id = isset( $form_data['esfpx_form_id'] ) ? trim( $form_data['esfpx_form_id'] ) : 0;
@@ -370,7 +371,7 @@ class ES_Handle_Subscription {
370
  return true;
371
  }
372
 
373
- $domains = trim(get_option( 'ig_es_blocked_domains', '' ));
374
 
375
  // No domains to block? Return
376
  if ( empty( $domains ) ) {
64
  exit;
65
  }
66
 
67
+ $email = ! empty( $form_data['esfpx_email'] ) ? sanitize_email( $form_data['esfpx_email'] ) : '';
68
+ $name = ! empty( $form_data['esfpx_name'] ) ? sanitize_text_field( $form_data['esfpx_name'] ) : '';
69
+
70
  $first_name = $last_name = '';
71
+ if ( ! empty( $name ) ) {
 
72
  // Get First Name and Last Name from Name
73
  $name_parts = ES_Common::prepare_first_name_last_name( $name );
74
  $first_name = $name_parts['first_name'];
75
  $last_name = $name_parts['last_name'];
76
  } else {
 
77
  $first_name = ES_Common::get_name_from_email( $email );
78
  }
79
 
80
  $this->name = $first_name;
81
  $this->first_name = $first_name;
82
  $this->last_name = $last_name;
83
+ $this->email = $email;
84
  $this->list_ids = isset( $form_data['esfpx_lists'] ) ? $form_data['esfpx_lists'] : array();
85
  $this->es_nonce = isset( $form_data['esfpx_es-subscribe'] ) ? trim( $form_data['esfpx_es-subscribe'] ) : '';
86
  $this->form_id = isset( $form_data['esfpx_form_id'] ) ? trim( $form_data['esfpx_form_id'] ) : 0;
371
  return true;
372
  }
373
 
374
+ $domains = trim( get_option( 'ig_es_blocked_domains', '' ) );
375
 
376
  // No domains to block? Return
377
  if ( empty( $domains ) ) {
includes/admin/class-es-lists-table.php CHANGED
@@ -241,7 +241,7 @@ class ES_Lists_Table extends WP_List_Table {
241
 
242
  global $wpdb;
243
 
244
- $list_data['name'] = $data['list_name'];
245
  $list_data['slug'] = sanitize_title( $list_data['name'] );
246
  $list_data['created_at'] = ig_get_current_date_time();
247
 
@@ -301,7 +301,11 @@ class ES_Lists_Table extends WP_List_Table {
301
  if ( ! $do_count_only ) {
302
 
303
  // Prepare Order by clause
304
- $order = ! empty( $order ) ? ' ' . esc_sql( $order ) : ' DESC';
 
 
 
 
305
 
306
  $default_order_by = esc_sql( 'created_at' );
307
 
241
 
242
  global $wpdb;
243
 
244
+ $list_data['name'] = sanitize_text_field($data['list_name']);
245
  $list_data['slug'] = sanitize_title( $list_data['name'] );
246
  $list_data['created_at'] = ig_get_current_date_time();
247
 
301
  if ( ! $do_count_only ) {
302
 
303
  // Prepare Order by clause
304
+ $order = ! empty( $order ) ? strtolower($order) : 'desc';
305
+ $expected_order_values = array('asc', 'desc');
306
+ if(!in_array($order, $expected_order_values)) {
307
+ $order = 'desc';
308
+ }
309
 
310
  $default_order_by = esc_sql( 'created_at' );
311
 
includes/admin/class-es-reports-table.php CHANGED
@@ -375,7 +375,11 @@ class ES_Reports_Table extends WP_List_Table {
375
  if ( ! $do_count_only ) {
376
 
377
  // Prepare Order by clause
378
- $order = ! empty( $order ) ? ' ' . esc_sql( $order ) : ' DESC';
 
 
 
 
379
 
380
  $default_order_by = esc_sql( 'created_at' );
381
 
375
  if ( ! $do_count_only ) {
376
 
377
  // Prepare Order by clause
378
+ $order = ! empty( $order ) ? strtolower($order) : 'desc';
379
+ $expected_order_values = array('asc', 'desc');
380
+ if(!in_array($order, $expected_order_values)) {
381
+ $order = 'desc';
382
+ }
383
 
384
  $default_order_by = esc_sql( 'created_at' );
385
 
includes/admin/class-es-subscribers-table.php CHANGED
@@ -108,10 +108,9 @@ class ES_Subscribers_Table extends WP_List_Table {
108
  $this->load_import();
109
  } elseif ( 'export' === $action ) {
110
  $this->load_export();
111
- } elseif ( 'new' === $action ) {
112
- $this->es_newsubscriber_callback();
113
- } elseif ( 'edit' === $action ) {
114
- echo $this->edit_list( absint( Email_Subscribers::get_request( 'subscriber' ) ) );
115
  } elseif ( 'sync' === $action ) {
116
  update_option( 'ig_es_show_sync_tab', 'no' ); // yes/no
117
  $this->load_sync();
@@ -183,85 +182,163 @@ class ES_Subscribers_Table extends WP_List_Table {
183
 
184
  }
185
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
186
 
187
- public function es_newsubscriber_callback() {
188
  ?>
 
189
  <div class="wrap">
190
- <h1 class="wp-heading-inline"><?php _e( 'Add New Contact', 'email-subscribers' ); ?>
191
- <a href="admin.php?page=es_lists&action=manage-lists" class="page-title-action es-imp-button"><?php _e( 'Manage Lists', 'email-subscribers' ); ?></a>
192
- </h1>
193
- <?php Email_Subscribers_Admin::es_feedback(); ?>
194
  <div id="poststuff">
195
  <div id="post-body" class="metabox-holder column-1">
196
  <div id="post-body-content">
197
  <div class="meta-box-sortables ui-sortable es-contact-form">
198
- <?php echo $this->prepare_contact_form(); ?>
199
  </div>
200
  </div>
201
  </div>
202
- <br class="clear">
203
  </div>
204
  </div>
205
 
206
  <?php
207
- global $wpdb;
208
-
209
- if ( Email_Subscribers::get_request( 'email' ) ) {
210
-
211
- $list_id = Email_Subscribers::get_request( 'lists' );
212
-
213
- if ( empty( $list_id ) ) {
214
- $message = __( 'Please Select List', 'email-subscribers' );
215
- ES_Common::show_message( $message, 'error' );
216
-
217
- return '';
218
- }
219
- $email = Email_Subscribers::get_request( 'email' );
220
- $data = array(
221
- 'first_name' => Email_Subscribers::get_request( 'subscriber_name' ),
222
- 'email' => $email,
223
- 'source' => 'admin',
224
- 'status' => 'verified',
225
- 'hash' => ES_Common::generate_guid(),
226
- 'created_at' => ig_get_current_date_time(),
227
- );
228
- $check = ES_DB_Contacts::is_subscriber_exist_in_list( $email, $list_id );
229
- if ( empty( $check['contact_id'] ) ) {
230
- $added = ES_DB_Contacts::add_subscriber( $data );
231
- } else {
232
- $added = $check['contact_id'];
233
- }
234
- if ( empty( $check['list_id'] ) ) {
235
- $optin_type_option = get_option( 'ig_es_optin_type', true );
236
- if ( in_array( $optin_type_option, array( 'double_opt_in', 'double_optin' ) ) ) {
237
- $optin_type = 2;
238
- } else {
239
- $optin_type = 1;
240
- }
241
- $list_id = ! empty( $list_id ) ? $list_id : 1;
242
- $list_contact_data = array(
243
- 'list_id' => $list_id,
244
- 'contact_id' => $added,
245
- 'status' => 'subscribed',
246
- 'subscribed_at' => ig_get_current_date_time(),
247
- 'optin_type' => $optin_type,
248
- 'subscribed_ip' => null
249
- );
250
-
251
- $result = ES_DB_Lists_Contacts::add_lists_contacts( $list_contact_data );
252
- if ( $added ) {
253
- $message = __( 'Contact has been added successfully!', 'email-subscribers' );
254
- ES_Common::show_message( $message, 'success' );
255
- }
256
- } else {
257
- $message = __( 'Contact already exist.', 'email-subscribers' );
258
- ES_Common::show_message( $message, 'success' );
259
- }
260
 
261
- return '';
262
- } else {
263
- return false;
264
- }
265
  }
266
 
267
  /**
@@ -272,7 +349,12 @@ class ES_Subscribers_Table extends WP_List_Table {
272
  *
273
  * @return mixed
274
  */
275
- public function get_subscribers( $per_page = 5, $page_number = 1, $do_count_only = false ) {
 
 
 
 
 
276
  global $wpdb;
277
 
278
  $order_by = Email_Subscribers::get_request( 'orderby' );
@@ -346,7 +428,12 @@ class ES_Subscribers_Table extends WP_List_Table {
346
  if ( ! $do_count_only ) {
347
 
348
  // Prepare Order by clause
349
- $order = ! empty( $order ) ? esc_sql( $order ) : 'DESC';
 
 
 
 
 
350
  $offset = ( $page_number - 1 ) * $per_page;
351
 
352
  $expected_order_by_values = array( 'name', 'email', 'created_at' );
@@ -369,7 +456,10 @@ class ES_Subscribers_Table extends WP_List_Table {
369
  return $result;
370
  }
371
 
372
- public function edit_list( $id ) {
 
 
 
373
  global $wpdb;
374
 
375
  $notificationid = $wpdb->get_results( "SELECT * FROM " . IG_CONTACTS_TABLE . " WHERE id = $id" );
@@ -388,8 +478,6 @@ class ES_Subscribers_Table extends WP_List_Table {
388
  }
389
  }
390
 
391
- $updated = '';
392
- // $status_options_html = ES_Common::prepare_statuses_dropdown_options( $status );
393
  $id = $notificationid[0]->id;
394
  $guid = $notificationid[0]->hash;
395
  $created = $notificationid[0]->created_at;
@@ -413,7 +501,7 @@ class ES_Subscribers_Table extends WP_List_Table {
413
  $editform = '<div class="wrap">
414
  <h1 class="wp-heading-inline">' . __( 'Edit Contact', 'email-subscribers' ) . '<a href="admin.php?page=es_subscribers&action=new" class="page-title-action">Add New</a></h1>' . Email_Subscribers_Admin::es_feedback() . '
415
  <hr class="wp-header-end">
416
- <div id="poststuff">' . $updated . '
417
  <div id="post-body" class="metabox-holder column-1">
418
  <div id="post-body-content">
419
  <div class="meta-box-sortables ui-sortable es-contact-form">'
@@ -433,77 +521,81 @@ class ES_Subscribers_Table extends WP_List_Table {
433
  $created = ! empty( $data['created'] ) ? $data['created'] : '';
434
  $guid = ! empty( $data['guid'] ) ? $data['guid'] : '';
435
  $action = ! empty( $data['action'] ) ? $data['action'] : '#';
436
- $name = ! empty( $data['name'] ) ? $data['name'] : '';
 
437
  $email = ! empty( $data['email'] ) ? $data['email'] : '';
438
  $selected_list_ids = ! empty( $data['selected_list_ids'] ) ? $data['selected_list_ids'] : array();
439
 
440
  $lists_id_name_map = ES_DB_Lists::get_list_id_name_map();
441
 
442
  if ( count( $lists_id_name_map ) ) {
443
- $list_html = ES_Shortcode::prepare_lists_checkboxes( $lists_id_name_map, array_keys( $lists_id_name_map ), 4, $selected_list_ids, $id );
444
  } else {
445
  $list_html = "<tr><td>" . __( 'No list found', 'email-subscribers' ) . "</td></tr>";
446
  }
447
 
448
- $form = '<form method="post" action="' . $action . '">
449
- <table class="form-table">
450
- <tbody>
451
- <tr class="form-field">
452
- <td><label><b>' . __( 'Name', 'email-subscribers' ) . '</b></label></td>
453
- <td><input type="text" id="name" name="subscriber_name" value="' . $name . '"/></td>
454
- </tr>
455
- <tr class="form-field">
456
- <td><label><b>' . __( 'Email', 'email-subscribers' ) . '</b></label></td>
457
- <td><input type="email" id="email" name="email" value="' . $email . '"/></td>
458
- </tr>
459
- <tr class="form-field">
460
- <td><label><b>' . __( 'List(s)', 'email-subscribers' ) . '</b></label></td>
461
- <td>
462
- <table>' . $list_html . '</table>
463
- </td>
464
- </tr>
465
- <tr class="form-field">
466
- <td></td>
467
- <td>
468
- <input type="hidden" name="created_on" value="' . $created . '" />
469
- <input type="hidden" name="guid" value="' . $guid . '" />
470
- <input type="submit" name="submit" id="submit" class="button button-primary" value="' . __( 'Save Changes', 'email-subscribers' ) . '" />
471
- </td>
472
- </tr>
473
- </tbody>
474
- </table>
475
- </form>';
476
-
477
- return $form;
 
 
 
 
 
 
 
478
  }
479
 
480
- public function update_list( $id ) {
481
 
482
  global $wpdb;
483
 
484
- $email = Email_Subscribers::get_request( 'email' );
485
- $name = Email_Subscribers::get_request( 'subscriber_name' );
486
-
487
- if ( ! empty( $email ) ) {
488
 
489
- $name_parts = ES_Common::prepare_first_name_last_name( $name );
490
- $first_name = $name_parts['first_name'];
491
- $last_name = $name_parts['last_name'];
492
 
493
- $data = array(
494
- 'first_name' => $first_name,
495
- 'last_name' => $last_name,
496
- 'email' => $email,
497
- 'updated_at' => ig_get_current_date_time()
498
- );
499
 
500
- $wpdb->update( IG_CONTACTS_TABLE, $data, array( 'id' => $id ) );
501
- $list_ids = Email_Subscribers::get_request( 'lists' );
 
 
 
 
502
 
503
- if ( count( $list_ids ) > 0 ) {
504
- ES_DB_Lists_Contacts::update_list_contacts( $id, $list_ids );
505
  }
506
  }
 
507
  }
508
 
509
 
@@ -596,7 +688,7 @@ class ES_Subscribers_Table extends WP_List_Table {
596
  */
597
  function column_cb( $item ) {
598
  return sprintf(
599
- '<input type="checkbox" name="subscribers[]" value="%s" />', $item['id']
600
  );
601
  }
602
 
@@ -631,13 +723,13 @@ class ES_Subscribers_Table extends WP_List_Table {
631
 
632
 
633
  /**
634
- * Associative array of columns
635
  *
636
  * @return array
637
  */
638
  function get_columns() {
639
  $columns = array(
640
- 'cb' => '<input type="checkbox" />',
641
  'name' => __( 'Name', 'email-subscribers' ),
642
  'email' => __( 'Email', 'email-subscribers' ),
643
  'lists' => __( 'List(s)', 'email-subscribers' ),
@@ -653,11 +745,12 @@ class ES_Subscribers_Table extends WP_List_Table {
653
  *
654
  * @return array
655
  */
656
- public function get_sortable_columns() {
 
657
  $sortable_columns = array(
658
  'name' => array( 'first_name', true ),
659
  'email' => array( 'email', false ),
660
- // 'status' => array( 'status', false ),
661
  'created_at' => array( 'created_at', false )
662
  );
663
 
@@ -669,7 +762,8 @@ class ES_Subscribers_Table extends WP_List_Table {
669
  *
670
  * @return array
671
  */
672
- public function get_bulk_actions() {
 
673
  $actions = array(
674
  'bulk_delete' => __( 'Delete', 'email-subscribers' ),
675
  'bulk_list_update' => __( 'Move To List', 'email-subscribers' ),
@@ -681,7 +775,11 @@ class ES_Subscribers_Table extends WP_List_Table {
681
  }
682
 
683
 
684
- public function search_box( $text, $input_id ) { ?>
 
 
 
 
685
  <p class="search-box box-ma10">
686
  <label class="screen-reader-text" for="<?php echo $input_id ?>"><?php echo $text; ?>:</label>
687
  <input type="search" id="<?php echo $input_id ?>" name="s" value="<?php _admin_search_query(); ?>"/>
@@ -706,7 +804,8 @@ class ES_Subscribers_Table extends WP_List_Table {
706
  /**
707
  * Handles data query and filter, sorting, and pagination.
708
  */
709
- public function prepare_items() {
 
710
 
711
  $this->_column_headers = $this->get_column_info();
712
 
@@ -745,11 +844,15 @@ class ES_Subscribers_Table extends WP_List_Table {
745
  }
746
  }
747
 
748
- public function get_contact_id( $contact ) {
 
 
 
749
  return $contact['id'];
750
  }
751
 
752
- public function edit_group() {
 
753
  $data = '<label for="bulk-action-selector-top" class="screen-reader-text">Select bulk action</label><select name="list_id" id="list_id" class="groupsselect" style="display: none">';
754
  $data .= ES_Common::prepare_list_dropdown_options();
755
  $data .= '</select>';
@@ -757,7 +860,8 @@ class ES_Subscribers_Table extends WP_List_Table {
757
  echo $data;
758
  }
759
 
760
- public function edit_status() {
 
761
  $data = '<label for="bulk-action-selector-top" class="screen-reader-text">Select bulk action</label><select name="status_select" id="status_select" class="statusesselect" style="display:none;">';
762
  $data .= ES_Common::prepare_statuses_dropdown_options();
763
  $data .= '</select>';
@@ -765,26 +869,10 @@ class ES_Subscribers_Table extends WP_List_Table {
765
  echo $data;
766
  }
767
 
768
- public function process_bulk_action() {
 
769
 
770
  //Detect when a bulk action is being triggered...
771
-
772
- if ( 'edit' === $this->current_action() ) {
773
-
774
- // In our file that handles the request, verify the nonce.
775
- $nonce = esc_attr( Email_Subscribers::get_request( '_wpnonce' ) );
776
-
777
- if ( ! wp_verify_nonce( $nonce, 'ig_es_delete_subscriber' ) ) {
778
- die( 'You do not have a permission to delete subscriber' );
779
- } else {
780
- $this->edit_list( absint( Email_Subscribers::get_request( 'subscriber' ) ) );
781
- $message = __( 'Contact have been updated successfully!', 'email-subscribers' );
782
- ES_Common::show_message( $message, 'success' );
783
-
784
- return;
785
- }
786
- }
787
-
788
  if ( 'delete' === $this->current_action() ) {
789
 
790
  // In our file that handles the request, verify the nonce.
@@ -927,11 +1015,13 @@ class ES_Subscribers_Table extends WP_List_Table {
927
  }
928
  }
929
 
930
- public function no_items() {
 
931
  _e( 'No contacts avaliable.', 'email-subscribers' );
932
  }
933
 
934
- public static function get_instance() {
 
935
  if ( ! isset( self::$instance ) ) {
936
  self::$instance = new self();
937
  }
108
  $this->load_import();
109
  } elseif ( 'export' === $action ) {
110
  $this->load_export();
111
+ } elseif ( 'new' === $action || 'edit' === $action ) {
112
+ $contact_id = absint( Email_Subscribers::get_request( 'subscriber' ) );
113
+ $this->save_contact( $contact_id );
 
114
  } elseif ( 'sync' === $action ) {
115
  update_option( 'ig_es_show_sync_tab', 'no' ); // yes/no
116
  $this->load_sync();
182
 
183
  }
184
 
185
+ public function save_contact( $id = 0 ) {
186
+ global $wpdb;
187
+
188
+ $first_name = $action = $last_name = $email = $guid = $created = '';
189
+ $list_ids = array();
190
+
191
+ if ( $id === 0 ) {
192
+ $title = __( 'Add New Contact', 'email-subscribers' );
193
+ $title_action = '<a href="admin.php?page=es_lists&action=manage-lists" class="page-title-action es-imp-button">' . __( 'Manage Lists', 'email-subscribers' ) . '</a>';
194
+
195
+ } else {
196
+
197
+ $title = __( 'Edit Contact', 'email-subscribers' );
198
+ $title_action = '<a href="admin.php?page=es_subscribers&action=new" class="page-title-action">' . __( 'Add New', 'email-subscribers' ) . '</a>';
199
+
200
+ $contacts_table = IG_CONTACTS_TABLE;
201
+ $query = "SELECT * FROM {$contacts_table} WHERE id = %d";
202
+ $contact = $wpdb->get_results( $wpdb->prepare( $query, $id ), ARRAY_A );
203
+
204
+ if ( ! empty( $contact[0] ) ) {
205
+ $contact = $contact[0];
206
+
207
+ $first_name = ! empty( $contact['first_name'] ) ? $contact['first_name'] : '';
208
+ $last_name = ! empty( $contact['last_name'] ) ? $contact['last_name'] : '';
209
+ $email = ! empty( $contact['email'] ) ? $contact['email'] : '';
210
+ $list_ids = ES_DB_Lists_Contacts::get_list_ids_by_contact( $id );
211
+ $guid = $contact['hash'];
212
+ $created = $contact['created_at'];
213
+ $nonce = esc_attr( Email_Subscribers::get_request( '_wpnonce' ) );
214
+ $action = "admin.php?page=es_subscribers&action=edit&subscriber={$id}&_wpnonce={$nonce}&status=updated";
215
+ }
216
+ }
217
+
218
+ $submitted = Email_Subscribers::get_request( 'submitted' );
219
+ if ( 'submitted' === $submitted ) {
220
+ $contact_data = ! empty( $_POST['contact_data'] ) ? $_POST['contact_data'] : array();
221
+
222
+ $email = ! empty( $contact_data['email'] ) ? sanitize_email( $contact_data['email'] ) : '';
223
+ $first_name = ! empty( $contact_data['first_name'] ) ? sanitize_text_field( $contact_data['first_name'] ) : '';
224
+ $last_name = ! empty( $contact_data['last_name'] ) ? sanitize_text_field( $contact_data['last_name'] ) : '';
225
+ $list_ids = ! empty( $contact_data['lists'] ) ? $contact_data['lists'] : array();
226
+ }
227
+
228
+ $data = array(
229
+ 'id' => $id,
230
+ 'first_name' => $first_name,
231
+ 'last_name' => $last_name,
232
+ 'email' => $email,
233
+ 'selected_list_ids' => $list_ids,
234
+ 'guid' => $guid,
235
+ //'action' => $action,
236
+ //'created' => $created,
237
+ );
238
+
239
+
240
+ $submitted = Email_Subscribers::get_request( 'submitted' );
241
+
242
+ if ( 'submitted' === $submitted ) {
243
+ $contact_data = ! empty( $_POST['contact_data'] ) ? $_POST['contact_data'] : array();
244
+
245
+ $is_error = false;
246
+ if ( ! empty( $contact_data ) ) {
247
+ $email = ! empty( $contact_data['email'] ) ? sanitize_email( $contact_data['email'] ) : '';
248
+
249
+ if ( $email ) {
250
+
251
+ $list_ids = ! empty( $contact_data['lists'] ) ? $contact_data['lists'] : array();
252
+
253
+ if ( count( $list_ids ) > 0 ) {
254
+
255
+ $first_name = ! empty( $contact_data['first_name'] ) ? sanitize_text_field( $contact_data['first_name'] ) : '';
256
+ $last_name = ! empty( $contact_data['last_name'] ) ? sanitize_text_field( $contact_data['last_name'] ) : '';
257
+
258
+ if ( ! empty( $first_name ) ) {
259
+
260
+ $contact = array(
261
+ 'first_name' => $first_name,
262
+ 'last_name' => $last_name,
263
+ 'email' => $email,
264
+ );
265
+
266
+ // Add contact
267
+ $is_new = true;
268
+ if ( $id ) {
269
+ $is_new = false;
270
+ $this->update_contact( $id, $contact );
271
+ } else {
272
+ $id = ES_DB_Contacts::get_contact_id_by_email( $email );
273
+ if ( ! $id ) {
274
+ $contact['source'] = 'admin';
275
+ $contact['status'] = 'verified';
276
+ $contact['hash'] = ES_Common::generate_guid();
277
+ $contact['created_at'] = ig_get_current_date_time();
278
+
279
+ $id = ES_DB_Contacts::add_subscriber( $contact );
280
+
281
+ } else {
282
+ $message = __( 'Contact already exist.', 'email-subscribers' );
283
+ ES_Common::show_message( $message, 'error' );
284
+ $is_error = true;
285
+ }
286
+
287
+ }
288
+
289
+ if ( ! $is_error ) {
290
+
291
+ $list_ids = ! empty( $list_ids ) ? $list_ids : array( 1 );
292
+
293
+ ES_DB_Lists_Contacts::update_list_contacts( $id, $list_ids );
294
+
295
+ if ( $id ) {
296
+
297
+ if ( $is_new ) {
298
+ $message = __( 'Contact has been added successfully!', 'email-subscribers' );
299
+ } else {
300
+ $message = __( 'Contact has been updated successfully!', 'email-subscribers' );
301
+ }
302
+
303
+ ES_Common::show_message( $message, 'success' );
304
+ }
305
+ }
306
+ } else {
307
+ $message = __( 'Please Enter First Name', 'email-subscribers' );
308
+ ES_Common::show_message( $message, 'error' );
309
+ }
310
+
311
+ } else {
312
+ $message = __( 'Please Select List', 'email-subscribers' );
313
+ ES_Common::show_message( $message, 'error' );
314
+ }
315
+
316
+ } else {
317
+ $message = __( 'Please Enter Valid Email Address', 'email-subscribers' );
318
+ ES_Common::show_message( $message, 'error' );
319
+ }
320
+
321
+ }
322
+ }
323
 
 
324
  ?>
325
+
326
  <div class="wrap">
327
+ <h1 class="wp-heading-inline"><?php echo $title; ?><?php echo $title_action; ?></h1><?php Email_Subscribers_Admin::es_feedback(); ?>
328
+ <hr class="wp-header-end">
 
 
329
  <div id="poststuff">
330
  <div id="post-body" class="metabox-holder column-1">
331
  <div id="post-body-content">
332
  <div class="meta-box-sortables ui-sortable es-contact-form">
333
+ <?php echo $this->prepare_contact_form( $data ); ?>
334
  </div>
335
  </div>
336
  </div>
 
337
  </div>
338
  </div>
339
 
340
  <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
341
 
 
 
 
 
342
  }
343
 
344
  /**
349
  *
350
  * @return mixed
351
  */
352
+ public
353
+ function get_subscribers(
354
+ $per_page = 5,
355
+ $page_number = 1,
356
+ $do_count_only = false
357
+ ) {
358
  global $wpdb;
359
 
360
  $order_by = Email_Subscribers::get_request( 'orderby' );
428
  if ( ! $do_count_only ) {
429
 
430
  // Prepare Order by clause
431
+ $order = ! empty( $order ) ? strtolower($order) : 'desc';
432
+ $expected_order_values = array('asc', 'desc');
433
+ if(!in_array($order, $expected_order_values)) {
434
+ $order = 'desc';
435
+ }
436
+
437
  $offset = ( $page_number - 1 ) * $per_page;
438
 
439
  $expected_order_by_values = array( 'name', 'email', 'created_at' );
456
  return $result;
457
  }
458
 
459
+ public
460
+ function edit_list(
461
+ $id
462
+ ) {
463
  global $wpdb;
464
 
465
  $notificationid = $wpdb->get_results( "SELECT * FROM " . IG_CONTACTS_TABLE . " WHERE id = $id" );
478
  }
479
  }
480
 
 
 
481
  $id = $notificationid[0]->id;
482
  $guid = $notificationid[0]->hash;
483
  $created = $notificationid[0]->created_at;
501
  $editform = '<div class="wrap">
502
  <h1 class="wp-heading-inline">' . __( 'Edit Contact', 'email-subscribers' ) . '<a href="admin.php?page=es_subscribers&action=new" class="page-title-action">Add New</a></h1>' . Email_Subscribers_Admin::es_feedback() . '
503
  <hr class="wp-header-end">
504
+ <div id="poststuff">
505
  <div id="post-body" class="metabox-holder column-1">
506
  <div id="post-body-content">
507
  <div class="meta-box-sortables ui-sortable es-contact-form">'
521
  $created = ! empty( $data['created'] ) ? $data['created'] : '';
522
  $guid = ! empty( $data['guid'] ) ? $data['guid'] : '';
523
  $action = ! empty( $data['action'] ) ? $data['action'] : '#';
524
+ $first_name = ! empty( $data['first_name'] ) ? $data['first_name'] : '';
525
+ $last_name = ! empty( $data['last_name'] ) ? $data['last_name'] : '';
526
  $email = ! empty( $data['email'] ) ? $data['email'] : '';
527
  $selected_list_ids = ! empty( $data['selected_list_ids'] ) ? $data['selected_list_ids'] : array();
528
 
529
  $lists_id_name_map = ES_DB_Lists::get_list_id_name_map();
530
 
531
  if ( count( $lists_id_name_map ) ) {
532
+ $list_html = ES_Shortcode::prepare_lists_checkboxes( $lists_id_name_map, array_keys( $lists_id_name_map ), 4, $selected_list_ids, $id, 'contact_data[lists][]' );
533
  } else {
534
  $list_html = "<tr><td>" . __( 'No list found', 'email-subscribers' ) . "</td></tr>";
535
  }
536
 
537
+ ?>
538
+ <form method="post" action="<?php echo $action; ?>">
539
+ <table class="ig-es-form-table form-table">
540
+ <tbody>
541
+ <tr class="form-field">
542
+ <td><label><b><?php _e( 'First Name', 'email-subscribers' ); ?></b></label></td>
543
+ <td><input type="text" class="ig-es-contact-first-name" id="ig-es-contact-first-name" name="contact_data[first_name]" value="<?php echo $first_name; ?>"/></td>
544
+ </tr>
545
+
546
+ <tr class="form-field">
547
+ <td><label><b><?php _e( 'Last Name', 'email-subscribers' ); ?></b></label></td>
548
+ <td><input type="text" class="ig-es-contact-last-name" id="ig-es-contact-last-name" name="contact_data[last_name]" value="<?php echo $last_name; ?>"/></td>
549
+ </tr>
550
+
551
+ <tr class="form-field">
552
+ <td><label><b><?php _e( 'Email', 'email-subscribers' ); ?></b></label></td>
553
+ <td><input type="email" id="email" name="contact_data[email]" value="<?php echo $email; ?>"/></td>
554
+ </tr>
555
+ <tr class="form-field">
556
+ <td><label><b><?php _e( 'List(s)', 'email-subscribers' ); ?></b></label></td>
557
+ <td>
558
+ <table><?php echo $list_html; ?></table>
559
+ </td>
560
+ </tr>
561
+ <tr class="form-field">
562
+ <td></td>
563
+ <td>
564
+ <input type="hidden" name="contact_data[created_at]" value="<?php echo $created; ?>"/>
565
+ <input type="hidden" name="contact_data[guid]" value="<?php echo $guid; ?>"/>
566
+ <input type="hidden" name="submitted" value="submitted"/>
567
+ <input type="submit" name="submit" id="submit" class="button button-primary" value="<?php _e( 'Save Changes', 'email-subscribers' ); ?>"/>
568
+ </td>
569
+ </tr>
570
+ </tbody>
571
+ </table>
572
+ </form>
573
+ <?php
574
  }
575
 
576
+ public function update_contact( $contact_id = 0, $data = array() ) {
577
 
578
  global $wpdb;
579
 
580
+ if ( ! empty( $contact_id ) ) {
 
 
 
581
 
582
+ $email = ! empty( $data['email'] ) ? sanitize_email( $data['email'] ) : '';
583
+ if ( ! empty( $email ) ) {
 
584
 
585
+ $first_name = ! empty( $data['first_name'] ) ? sanitize_text_field( $data['first_name'] ) : '';
586
+ $last_name = ! empty( $data['last_name'] ) ? sanitize_text_field( $data['last_name'] ) : '';
 
 
 
 
587
 
588
+ $data_to_update = array(
589
+ 'first_name' => $first_name,
590
+ 'last_name' => $last_name,
591
+ 'email' => $email,
592
+ 'updated_at' => ig_get_current_date_time()
593
+ );
594
 
595
+ $wpdb->update( IG_CONTACTS_TABLE, $data_to_update, array( 'id' => $contact_id ) );
 
596
  }
597
  }
598
+
599
  }
600
 
601
 
688
  */
689
  function column_cb( $item ) {
690
  return sprintf(
691
+ '<input type="checkbox" name="subscribers[]" value="%s"/>', $item['id']
692
  );
693
  }
694
 
723
 
724
 
725
  /**
726
+ * Associative array of columns
727
  *
728
  * @return array
729
  */
730
  function get_columns() {
731
  $columns = array(
732
+ 'cb' => '<input type="checkbox"/>',
733
  'name' => __( 'Name', 'email-subscribers' ),
734
  'email' => __( 'Email', 'email-subscribers' ),
735
  'lists' => __( 'List(s)', 'email-subscribers' ),
745
  *
746
  * @return array
747
  */
748
+ public
749
+ function get_sortable_columns() {
750
  $sortable_columns = array(
751
  'name' => array( 'first_name', true ),
752
  'email' => array( 'email', false ),
753
+ // 'status' => array( 'status', false ),
754
  'created_at' => array( 'created_at', false )
755
  );
756
 
762
  *
763
  * @return array
764
  */
765
+ public
766
+ function get_bulk_actions() {
767
  $actions = array(
768
  'bulk_delete' => __( 'Delete', 'email-subscribers' ),
769
  'bulk_list_update' => __( 'Move To List', 'email-subscribers' ),
775
  }
776
 
777
 
778
+ public
779
+ function search_box(
780
+ $text,
781
+ $input_id
782
+ ) { ?>
783
  <p class="search-box box-ma10">
784
  <label class="screen-reader-text" for="<?php echo $input_id ?>"><?php echo $text; ?>:</label>
785
  <input type="search" id="<?php echo $input_id ?>" name="s" value="<?php _admin_search_query(); ?>"/>
804
  /**
805
  * Handles data query and filter, sorting, and pagination.
806
  */
807
+ public
808
+ function prepare_items() {
809
 
810
  $this->_column_headers = $this->get_column_info();
811
 
844
  }
845
  }
846
 
847
+ public
848
+ function get_contact_id(
849
+ $contact
850
+ ) {
851
  return $contact['id'];
852
  }
853
 
854
+ public
855
+ function edit_group() {
856
  $data = '<label for="bulk-action-selector-top" class="screen-reader-text">Select bulk action</label><select name="list_id" id="list_id" class="groupsselect" style="display: none">';
857
  $data .= ES_Common::prepare_list_dropdown_options();
858
  $data .= '</select>';
860
  echo $data;
861
  }
862
 
863
+ public
864
+ function edit_status() {
865
  $data = '<label for="bulk-action-selector-top" class="screen-reader-text">Select bulk action</label><select name="status_select" id="status_select" class="statusesselect" style="display:none;">';
866
  $data .= ES_Common::prepare_statuses_dropdown_options();
867
  $data .= '</select>';
869
  echo $data;
870
  }
871
 
872
+ public
873
+ function process_bulk_action() {
874
 
875
  //Detect when a bulk action is being triggered...
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
876
  if ( 'delete' === $this->current_action() ) {
877
 
878
  // In our file that handles the request, verify the nonce.
1015
  }
1016
  }
1017
 
1018
+ public
1019
+ function no_items() {
1020
  _e( 'No contacts avaliable.', 'email-subscribers' );
1021
  }
1022
 
1023
+ public
1024
+ static function get_instance() {
1025
  if ( ! isset( self::$instance ) ) {
1026
  self::$instance = new self();
1027
  }
includes/db/class-es-db-lists-contacts.php CHANGED
@@ -64,8 +64,10 @@ class ES_DB_Lists_Contacts {
64
 
65
  public static function update_list_contacts( $contact_id, $list_ids ) {
66
  global $wpdb;
67
- $query = "DELETE FROM " . IG_LISTS_CONTACTS_TABLE . " WHERE contact_id = $contact_id";
68
- $res = $wpdb->get_results( $query );
 
 
69
  $optin_type_option = get_option( 'ig_es_optin_type', true );
70
 
71
  $optin_type = 1;
@@ -80,10 +82,11 @@ class ES_DB_Lists_Contacts {
80
  $data['optin_type'] = $optin_type;
81
  $data['subscribed_at'] = ig_get_current_date_time();
82
  $data['subscribed_ip'] = '';
83
- $result = ES_DB_Lists_Contacts::add_lists_contacts( $data );
 
84
  }
85
 
86
- return $res;
87
  }
88
 
89
  public static function delete_list_contacts( $contact_id, $list_ids ) {
64
 
65
  public static function update_list_contacts( $contact_id, $list_ids ) {
66
  global $wpdb;
67
+ $query = "DELETE FROM " . IG_LISTS_CONTACTS_TABLE . " WHERE contact_id = $contact_id";
68
+ $res = $wpdb->query( $query );
69
+
70
+ $result = false;
71
  $optin_type_option = get_option( 'ig_es_optin_type', true );
72
 
73
  $optin_type = 1;
82
  $data['optin_type'] = $optin_type;
83
  $data['subscribed_at'] = ig_get_current_date_time();
84
  $data['subscribed_ip'] = '';
85
+
86
+ $result = ES_DB_Lists_Contacts::add_lists_contacts( $data );
87
  }
88
 
89
+ return $result;
90
  }
91
 
92
  public static function delete_list_contacts( $contact_id, $list_ids ) {
public/partials/class-es-shortcode.php CHANGED
@@ -207,7 +207,7 @@ class ES_Shortcode {
207
  <?php
208
  }
209
 
210
- public static function prepare_lists_checkboxes( $lists, $list_ids = array(), $columns = 3, $selected_lists = array(), $contact_id = 0 ) {
211
  $lists_html = '<div><p><b>' . __('Select List(s)', 'email-subscribers') .'*</b></p><table class="ig-es-form-list-selection"><tr>';
212
  $i = 0;
213
 
@@ -225,9 +225,9 @@ class ES_Shortcode {
225
  if ( ! empty( $contact_id ) ) {
226
  $status_span = '<span class="es_list_contact_status ' . $list_contact_status_map[ $list_id ] . '" title="' . ucwords( $list_contact_status_map[ $list_id ] ) . '">';
227
  }
228
- $lists_html .= '<td>' . $status_span . '<label><input type="checkbox" name="lists[]" checked="checked" value="' . $list_id . '" />' . $list_name . '</label></td>';
229
  } else {
230
- $lists_html .= '<td><label><input type="checkbox" name="lists[]" value="' . $list_id . '" />' . $list_name . '</label></td>';
231
  }
232
  $i ++;
233
  }
207
  <?php
208
  }
209
 
210
+ public static function prepare_lists_checkboxes( $lists, $list_ids = array(), $columns = 3, $selected_lists = array(), $contact_id = 0, $name = "lists[]" ) {
211
  $lists_html = '<div><p><b>' . __('Select List(s)', 'email-subscribers') .'*</b></p><table class="ig-es-form-list-selection"><tr>';
212
  $i = 0;
213
 
225
  if ( ! empty( $contact_id ) ) {
226
  $status_span = '<span class="es_list_contact_status ' . $list_contact_status_map[ $list_id ] . '" title="' . ucwords( $list_contact_status_map[ $list_id ] ) . '">';
227
  }
228
+ $lists_html .= '<td>' . $status_span . '<label><input type="checkbox" name="'. $name .'" checked="checked" value="' . $list_id . '" />' . $list_name . '</label></td>';
229
  } else {
230
+ $lists_html .= '<td><label><input type="checkbox" name="'. $name .'" value="' . $list_id . '" />' . $list_name . '</label></td>';
231
  }
232
  $i ++;
233
  }
readme.txt CHANGED
@@ -5,7 +5,7 @@ Author URI: https://www.icegram.com/
5
  Tags: subscription, newsletter, email marketing, post notification, email newsletter form, email signup, email widget, newsletter signup, subscribe, subscription form, bulk emails, signup form, list builder, lead generation, welcome email, contacts
6
  Requires at least: 3.9
7
  Tested up to: 5.2.2
8
- Stable tag: 4.1.7
9
  License: GPLv3
10
  License URI: http://www.gnu.org/licenses
11
 
@@ -305,6 +305,10 @@ Use our free plugin [Email Subscribers - Group Selector](https://wordpress.org/p
305
 
306
  == Changelog ==
307
 
 
 
 
 
308
  = 4.1.7 (15.07.2019) =
309
  * Update: Now, able to sort reports by Subject, Status, Start Date, End Date & Total Contacts
310
  * Update: Now, able to sort forms by Name & Created date
5
  Tags: subscription, newsletter, email marketing, post notification, email newsletter form, email signup, email widget, newsletter signup, subscribe, subscription form, bulk emails, signup form, list builder, lead generation, welcome email, contacts
6
  Requires at least: 3.9
7
  Tested up to: 5.2.2
8
+ Stable tag: 4.1.8
9
  License: GPLv3
10
  License URI: http://www.gnu.org/licenses
11
 
305
 
306
  == Changelog ==
307
 
308
+ = 4.1.8 (16.07.2019) =
309
+ * New: Now, admin can add/ edit First Name & Last Name of subscribers.
310
+ * Fix: Fixed Vulnerabilities (Thanks Tin Duong of Fortinet's FortiGuard Labs, WordPress Plugin Review Team & Ihor Voschyk for reporting)
311
+
312
  = 4.1.7 (15.07.2019) =
313
  * Update: Now, able to sort reports by Subject, Status, Start Date, End Date & Total Contacts
314
  * Update: Now, able to sort forms by Name & Created date