Formidable Forms – Form Builder for WordPress - Version 2.0.06

Version Description

  • Fix an XSS vulnerability in the lite version. When the pro version is active, the vulnerability was resolved.
  • Increased security
  • Fix the shortcode display on form listing page
  • Add frm_helper_shortcode filter
  • Prevent javascript error on form settings page when WooThemes Helper plugin is active
  • Prevent conflict from unknown plugin/theme that was modifying the post excerpt in form actions, which prevented them from showing
  • Only scroll to the errored field and success message if they are not already in view
  • Make sure admins always have permission to view menus
  • Pro: Fix datepicker field when the jQuery CSS is set to load on all pages
  • Pro: Added frm_footer_scripts hook
  • Pro: Don't autoselect 0 in scale fields
Download this release

Release Info

Developer sswells
Plugin Icon 128x128 Formidable Forms – Form Builder for WordPress
Version 2.0.06
Comparing to
See all releases

Code changes from version 2.0.05 to 2.0.06

Files changed (43) hide show
  1. classes/controllers/FrmAppController.php +53 -44
  2. classes/controllers/FrmEntriesController.php +13 -9
  3. classes/controllers/FrmFieldsController.php +10 -13
  4. classes/controllers/FrmFormsController.php +93 -27
  5. classes/controllers/FrmHooksController.php +85 -85
  6. classes/controllers/FrmSettingsController.php +10 -15
  7. classes/controllers/FrmStatisticsController.php +4 -4
  8. classes/controllers/FrmStylesController.php +14 -6
  9. classes/controllers/FrmXMLController.php +2 -2
  10. classes/helpers/FrmAppHelper.php +110 -147
  11. classes/helpers/FrmEntriesHelper.php +11 -7
  12. classes/helpers/FrmFieldsHelper.php +224 -12
  13. classes/helpers/FrmFormActionsHelper.php +8 -2
  14. classes/helpers/FrmFormsHelper.php +92 -14
  15. classes/helpers/FrmFormsListHelper.php +3 -3
  16. classes/helpers/FrmXMLHelper.php +1 -1
  17. classes/models/FrmEntry.php +3 -3
  18. classes/models/FrmField.php +5 -4
  19. classes/models/FrmForm.php +27 -49
  20. classes/models/FrmFormAction.php +3 -13
  21. classes/models/FrmNotification.php +4 -4
  22. classes/models/FrmSettings.php +6 -6
  23. classes/models/FrmStyle.php +3 -12
  24. classes/views/frm-entries/errors.php +4 -30
  25. classes/views/frm-entries/list.php +2 -2
  26. classes/views/frm-entries/new.php +1 -1
  27. classes/views/frm-entries/show.php +1 -1
  28. classes/views/frm-entries/sidebar-shared.php +7 -6
  29. classes/views/frm-fields/import_choices.php +1 -1
  30. classes/views/frm-fields/input.php +21 -14
  31. classes/views/frm-fields/radio.php +2 -2
  32. classes/views/frm-fields/show-build.php +2 -2
  33. classes/views/frm-form-actions/form_action.php +1 -1
  34. classes/views/frm-forms/add_field.php +5 -5
  35. classes/views/frm-forms/form.php +1 -1
  36. classes/views/frm-forms/list.php +1 -1
  37. classes/views/frm-forms/settings.php +2 -2
  38. classes/views/frm-settings/form.php +3 -3
  39. classes/views/shared/mb_adv_info.php +0 -28
  40. css/_single_theme.css.php +3 -2
  41. formidable.php +6 -6
  42. js/formidable.min.js +53 -53
  43. readme.txt +14 -1
classes/controllers/FrmAppController.php CHANGED
@@ -3,7 +3,7 @@
3
  class FrmAppController {
4
 
5
  public static function menu() {
6
- add_filter( 'plugin_action_links_'. FrmAppHelper::plugin_folder() .'/formidable.php', 'FrmAppController::settings_link' );
7
  add_filter( 'admin_body_class', 'FrmAppController::wp_admin_body_class' );
8
 
9
  FrmAppHelper::maybe_add_permissions();
@@ -17,18 +17,18 @@ class FrmAppController {
17
  $pos = apply_filters( 'frm_menu_position', $pos );
18
 
19
  $frm_settings = FrmAppHelper::get_settings();
20
- add_menu_page( 'Formidable', $frm_settings->menu, 'frm_view_forms', 'formidable', 'FrmFormsController::route', FrmAppHelper::plugin_url() .'/images/form_16.png', $pos );
21
  }
22
 
23
  public static function load_wp_admin_style() {
24
- wp_enqueue_style( 'frm_fonts', FrmAppHelper::plugin_url() .'/css/frm_fonts.css', array(), FrmAppHelper::plugin_version() );
25
  }
26
 
27
  public static function get_form_nav( $form, $show_nav = '', $title = 'show' ) {
28
  global $pagenow, $frm_vars;
29
 
30
  $show_nav = FrmAppHelper::get_param( 'show_nav', $show_nav, 'get', 'absint' );
31
- if ( empty($show_nav) ) {
32
  return;
33
  }
34
 
@@ -42,15 +42,15 @@ class FrmAppController {
42
  }
43
  }
44
 
45
- if ( ! isset($id) ) {
46
  $form = $id = false;
47
  }
48
 
49
- include(FrmAppHelper::plugin_path() .'/classes/views/shared/form-nav.php');
50
  }
51
 
52
  // Adds a settings link to the plugins page
53
- public static function settings_link($links) {
54
  $settings = '<a href="' . esc_url( admin_url( 'admin.php?page=formidable-settings' ) ) . '">' . __( 'Settings', 'formidable' ) . '</a>';
55
  array_unshift( $links, $settings );
56
 
@@ -133,11 +133,11 @@ class FrmAppController {
133
  'jquery-ui-sortable',
134
  'bootstrap_tooltip', 'bootstrap-multiselect',
135
  ), $version, true );
136
- wp_register_style( 'formidable-admin', FrmAppHelper::plugin_url() .'/css/frm_admin.css', array(), $version );
137
- wp_register_script( 'bootstrap_tooltip', FrmAppHelper::plugin_url() .'/js/bootstrap.min.js', array( 'jquery' ), '3.3.4' );
138
 
139
  // load multselect js
140
- wp_register_script( 'bootstrap-multiselect', FrmAppHelper::plugin_url() .'/js/bootstrap-multiselect.js', array( 'jquery', 'bootstrap_tooltip' ), '0.9.8', true );
141
 
142
  $page = FrmAppHelper::simple_get( 'page', 'sanitize_title' );
143
  $post_type = FrmAppHelper::simple_get( 'post_type', 'sanitize_title' );
@@ -154,10 +154,10 @@ class FrmAppController {
154
  wp_enqueue_style( 'formidable-admin' );
155
  add_thickbox();
156
 
157
- wp_register_script( 'formidable-editinplace', FrmAppHelper::plugin_url() .'/js/jquery/jquery.editinplace.packed.js', array( 'jquery' ), '2.3.0' );
158
 
159
  } else if ( $pagenow == 'post.php' || ( $pagenow == 'post-new.php' && $post_type == 'frm_display' ) ) {
160
- if ( isset($_REQUEST['post_type']) ) {
161
  $post_type = sanitize_title( $_REQUEST['post_type'] );
162
  } else if ( isset( $_REQUEST['post'] ) && absint( $_REQUEST['post'] ) ) {
163
  $post = get_post( absint( $_REQUEST['post'] ) );
@@ -191,7 +191,7 @@ class FrmAppController {
191
  }
192
 
193
  public static function load_lang() {
194
- load_plugin_textdomain( 'formidable', false, FrmAppHelper::plugin_folder() .'/languages/' );
195
  }
196
 
197
  /**
@@ -219,7 +219,7 @@ class FrmAppController {
219
 
220
  $version = FrmAppHelper::plugin_version();
221
  wp_register_script( 'formidable', FrmAppHelper::plugin_url() . '/js/formidable.min.js', array( 'jquery' ), $version, true );
222
- wp_register_script( 'jquery-placeholder', FrmAppHelper::plugin_url() .'/js/jquery/jquery.placeholder.js', array( 'jquery' ), '2.0.7', true );
223
 
224
  if ( FrmAppHelper::is_admin() ) {
225
  // don't load this in back-end
@@ -251,20 +251,20 @@ class FrmAppController {
251
  /**
252
  * @param string $location
253
  */
254
- public static function localize_script($location) {
255
- wp_localize_script('formidable', 'frm_js', array(
256
  'ajax_url' => admin_url( 'admin-ajax.php' ),
257
- 'images_url' => FrmAppHelper::plugin_url() .'/images',
258
  'loading' => __( 'Loading&hellip;' ),
259
  'remove' => __( 'Remove', 'formidable' ),
260
  'offset' => apply_filters( 'frm_scroll_offset', 4 ),
261
  'nonce' => wp_create_nonce( 'frm_ajax' ),
262
  'id' => __( 'ID', 'formidable' ),
263
- ));
264
 
265
  if ( $location == 'admin' ) {
266
  $frm_settings = FrmAppHelper::get_settings();
267
- wp_localize_script('formidable_admin', 'frm_admin_js', array(
268
  'confirm_uninstall' => __( 'Are you sure you want to do this? Clicking OK will delete all forms, form data, and all other Formidable data. There is no Undo.', 'formidable' ),
269
  'desc' => __( '(Click to add description)', 'formidable' ),
270
  'blank' => __( '(blank)', 'formidable' ),
@@ -296,32 +296,41 @@ class FrmAppController {
296
  }
297
  }
298
 
299
-
300
  public static function custom_stylesheet() {
301
  global $frm_vars;
302
- $css_file = array();
 
303
 
304
- if ( ! isset($frm_vars['css_loaded']) || ! $frm_vars['css_loaded'] ) {
305
  //include css in head
306
- $uploads = FrmStylesHelper::get_upload_base();
307
- if ( is_readable( $uploads['basedir'] .'/formidable/css/formidablepro.css' ) ) {
308
- $css_file['formidable'] = $uploads['baseurl'] .'/formidable/css/formidablepro.css';
309
- } else {
310
- $css_file['formidable'] = admin_url( 'admin-ajax.php' ) . '?action=frmpro_css';
311
- }
312
  }
313
 
314
- if ( isset($frm_vars['datepicker_loaded']) && ! empty($frm_vars['datepicker_loaded']) ) {
315
- FrmStylesHelper::enqueue_jquery_css();
316
- }
317
-
318
- return $css_file;
319
  }
320
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
321
  public static function load_css() {
322
  $css = get_transient( 'frmpro_css' );
323
 
324
- include(FrmAppHelper::plugin_path() .'/css/custom_theme.css.php');
325
  wp_die();
326
  }
327
 
@@ -404,8 +413,8 @@ class FrmAppController {
404
  $frmdb->uninstall();
405
 
406
  //disable the plugin and redirect after uninstall so the tables don't get added right back
407
- deactivate_plugins( FrmAppHelper::plugin_folder() .'/formidable.php', false, false );
408
- echo esc_url( admin_url('plugins.php?deactivate=true') );
409
  } else {
410
  $frm_settings = FrmAppHelper::get_settings();
411
  wp_die( $frm_settings->admin_permission );
@@ -413,28 +422,28 @@ class FrmAppController {
413
  wp_die();
414
  }
415
 
416
- public static function drop_tables($tables) {
417
  global $wpdb;
418
- $tables[] = $wpdb->prefix .'frm_fields';
419
- $tables[] = $wpdb->prefix .'frm_forms';
420
- $tables[] = $wpdb->prefix .'frm_items';
421
- $tables[] = $wpdb->prefix .'frm_item_metas';
422
  return $tables;
423
  }
424
 
425
  // Routes for wordpress pages -- we're just replacing content here folks.
426
- public static function page_route($content) {
427
  global $post;
428
 
429
  $frm_settings = FrmAppHelper::get_settings();
430
- if ( $post && $post->ID == $frm_settings->preview_page_id && isset($_GET['form']) ) {
431
  $content = FrmFormsController::page_preview();
432
  }
433
 
434
  return $content;
435
  }
436
 
437
- public static function update_message($features) {
438
  _deprecated_function( __FUNCTION__, '2.0', 'FrmAppHelper::update_message' );
439
  return FrmAppHelper::update_message( $features );
440
  }
3
  class FrmAppController {
4
 
5
  public static function menu() {
6
+ add_filter( 'plugin_action_links_' . FrmAppHelper::plugin_folder() . '/formidable.php', 'FrmAppController::settings_link' );
7
  add_filter( 'admin_body_class', 'FrmAppController::wp_admin_body_class' );
8
 
9
  FrmAppHelper::maybe_add_permissions();
17
  $pos = apply_filters( 'frm_menu_position', $pos );
18
 
19
  $frm_settings = FrmAppHelper::get_settings();
20
+ add_menu_page( 'Formidable', $frm_settings->menu, 'frm_view_forms', 'formidable', 'FrmFormsController::route', FrmAppHelper::plugin_url() . '/images/form_16.png', $pos );
21
  }
22
 
23
  public static function load_wp_admin_style() {
24
+ wp_enqueue_style( 'frm_fonts', FrmAppHelper::plugin_url() . '/css/frm_fonts.css', array(), FrmAppHelper::plugin_version() );
25
  }
26
 
27
  public static function get_form_nav( $form, $show_nav = '', $title = 'show' ) {
28
  global $pagenow, $frm_vars;
29
 
30
  $show_nav = FrmAppHelper::get_param( 'show_nav', $show_nav, 'get', 'absint' );
31
+ if ( empty( $show_nav ) ) {
32
  return;
33
  }
34
 
42
  }
43
  }
44
 
45
+ if ( ! isset( $id ) ) {
46
  $form = $id = false;
47
  }
48
 
49
+ include( FrmAppHelper::plugin_path() . '/classes/views/shared/form-nav.php' );
50
  }
51
 
52
  // Adds a settings link to the plugins page
53
+ public static function settings_link( $links ) {
54
  $settings = '<a href="' . esc_url( admin_url( 'admin.php?page=formidable-settings' ) ) . '">' . __( 'Settings', 'formidable' ) . '</a>';
55
  array_unshift( $links, $settings );
56
 
133
  'jquery-ui-sortable',
134
  'bootstrap_tooltip', 'bootstrap-multiselect',
135
  ), $version, true );
136
+ wp_register_style( 'formidable-admin', FrmAppHelper::plugin_url() . '/css/frm_admin.css', array(), $version );
137
+ wp_register_script( 'bootstrap_tooltip', FrmAppHelper::plugin_url() . '/js/bootstrap.min.js', array( 'jquery' ), '3.3.4' );
138
 
139
  // load multselect js
140
+ wp_register_script( 'bootstrap-multiselect', FrmAppHelper::plugin_url() . '/js/bootstrap-multiselect.js', array( 'jquery', 'bootstrap_tooltip' ), '0.9.8', true );
141
 
142
  $page = FrmAppHelper::simple_get( 'page', 'sanitize_title' );
143
  $post_type = FrmAppHelper::simple_get( 'post_type', 'sanitize_title' );
154
  wp_enqueue_style( 'formidable-admin' );
155
  add_thickbox();
156
 
157
+ wp_register_script( 'formidable-editinplace', FrmAppHelper::plugin_url() . '/js/jquery/jquery.editinplace.packed.js', array( 'jquery' ), '2.3.0' );
158
 
159
  } else if ( $pagenow == 'post.php' || ( $pagenow == 'post-new.php' && $post_type == 'frm_display' ) ) {
160
+ if ( isset( $_REQUEST['post_type'] ) ) {
161
  $post_type = sanitize_title( $_REQUEST['post_type'] );
162
  } else if ( isset( $_REQUEST['post'] ) && absint( $_REQUEST['post'] ) ) {
163
  $post = get_post( absint( $_REQUEST['post'] ) );
191
  }
192
 
193
  public static function load_lang() {
194
+ load_plugin_textdomain( 'formidable', false, FrmAppHelper::plugin_folder() . '/languages/' );
195
  }
196
 
197
  /**
219
 
220
  $version = FrmAppHelper::plugin_version();
221
  wp_register_script( 'formidable', FrmAppHelper::plugin_url() . '/js/formidable.min.js', array( 'jquery' ), $version, true );
222
+ wp_register_script( 'jquery-placeholder', FrmAppHelper::plugin_url() . '/js/jquery/jquery.placeholder.js', array( 'jquery' ), '2.0.7', true );
223
 
224
  if ( FrmAppHelper::is_admin() ) {
225
  // don't load this in back-end
251
  /**
252
  * @param string $location
253
  */
254
+ public static function localize_script( $location ) {
255
+ wp_localize_script( 'formidable', 'frm_js', array(
256
  'ajax_url' => admin_url( 'admin-ajax.php' ),
257
+ 'images_url' => FrmAppHelper::plugin_url() . '/images',
258
  'loading' => __( 'Loading&hellip;' ),
259
  'remove' => __( 'Remove', 'formidable' ),
260
  'offset' => apply_filters( 'frm_scroll_offset', 4 ),
261
  'nonce' => wp_create_nonce( 'frm_ajax' ),
262
  'id' => __( 'ID', 'formidable' ),
263
+ ) );
264
 
265
  if ( $location == 'admin' ) {
266
  $frm_settings = FrmAppHelper::get_settings();
267
+ wp_localize_script( 'formidable_admin', 'frm_admin_js', array(
268
  'confirm_uninstall' => __( 'Are you sure you want to do this? Clicking OK will delete all forms, form data, and all other Formidable data. There is no Undo.', 'formidable' ),
269
  'desc' => __( '(Click to add description)', 'formidable' ),
270
  'blank' => __( '(blank)', 'formidable' ),
296
  }
297
  }
298
 
 
299
  public static function custom_stylesheet() {
300
  global $frm_vars;
301
+ $stylesheet_urls = array();
302
+ self::maybe_enqueue_jquery_css();
303
 
304
+ if ( ! isset( $frm_vars['css_loaded'] ) || ! $frm_vars['css_loaded'] ) {
305
  //include css in head
306
+ self::get_url_to_custom_style( $stylesheet_urls );
 
 
 
 
 
307
  }
308
 
309
+ return $stylesheet_urls;
 
 
 
 
310
  }
311
 
312
+ private static function get_url_to_custom_style( &$stylesheet_urls ) {
313
+ $uploads = FrmStylesHelper::get_upload_base();
314
+ $saved_css_path = '/formidable/css/formidablepro.css';
315
+ if ( is_readable( $uploads['basedir'] . $saved_css_path ) ) {
316
+ $url = $uploads['baseurl'] . $saved_css_path;
317
+ } else {
318
+ $url = admin_url( 'admin-ajax.php' ) . '?action=frmpro_css';
319
+ }
320
+ $stylesheet_urls['formidable'] = $url;
321
+ }
322
+
323
+ private static function maybe_enqueue_jquery_css() {
324
+ global $frm_vars;
325
+ if ( isset( $frm_vars['datepicker_loaded'] ) && ! empty( $frm_vars['datepicker_loaded'] ) ) {
326
+ FrmStylesHelper::enqueue_jquery_css();
327
+ }
328
+ }
329
+
330
  public static function load_css() {
331
  $css = get_transient( 'frmpro_css' );
332
 
333
+ include( FrmAppHelper::plugin_path() . '/css/custom_theme.css.php' );
334
  wp_die();
335
  }
336
 
413
  $frmdb->uninstall();
414
 
415
  //disable the plugin and redirect after uninstall so the tables don't get added right back
416
+ deactivate_plugins( FrmAppHelper::plugin_folder() . '/formidable.php', false, false );
417
+ echo esc_url( admin_url( 'plugins.php?deactivate=true' ) );
418
  } else {
419
  $frm_settings = FrmAppHelper::get_settings();
420
  wp_die( $frm_settings->admin_permission );
422
  wp_die();
423
  }
424
 
425
+ public static function drop_tables( $tables ) {
426
  global $wpdb;
427
+ $tables[] = $wpdb->prefix . 'frm_fields';
428
+ $tables[] = $wpdb->prefix . 'frm_forms';
429
+ $tables[] = $wpdb->prefix . 'frm_items';
430
+ $tables[] = $wpdb->prefix . 'frm_item_metas';
431
  return $tables;
432
  }
433
 
434
  // Routes for wordpress pages -- we're just replacing content here folks.
435
+ public static function page_route( $content ) {
436
  global $post;
437
 
438
  $frm_settings = FrmAppHelper::get_settings();
439
+ if ( $post && $post->ID == $frm_settings->preview_page_id && isset( $_GET['form'] ) ) {
440
  $content = FrmFormsController::page_preview();
441
  }
442
 
443
  return $content;
444
  }
445
 
446
+ public static function update_message( $features ) {
447
  _deprecated_function( __FUNCTION__, '2.0', 'FrmAppHelper::update_message' );
448
  return FrmAppHelper::update_message( $features );
449
  }
classes/controllers/FrmEntriesController.php CHANGED
@@ -3,15 +3,11 @@
3
  class FrmEntriesController {
4
 
5
  public static function menu() {
6
- if ( current_user_can( 'administrator' ) && ! current_user_can( 'frm_view_entries' ) ) {
7
- global $wp_roles;
8
- $wp_roles->add_cap( 'administrator', 'frm_view_entries' );
9
- $wp_roles->add_cap( 'administrator', 'frm_delete_entries' );
10
- }
11
 
12
  add_submenu_page('formidable', 'Formidable | '. __( 'Entries', 'formidable' ), __( 'Entries', 'formidable' ), 'frm_view_entries', 'formidable-entries', 'FrmEntriesController::route' );
13
 
14
- if ( ! isset( $_GET['frm_action'] ) || ! in_array( $_GET['frm_action'], array( 'edit', 'show' ) ) ) {
15
  $frm_settings = FrmAppHelper::get_settings();
16
  add_filter( 'manage_' . sanitize_title( $frm_settings->menu ) . '_page_formidable-entries_columns', 'FrmEntriesController::manage_columns' );
17
  add_filter( 'manage_' . sanitize_title( $frm_settings->menu ) . '_page_formidable-entries_sortable_columns', 'FrmEntriesController::sortable_columns' );
@@ -81,7 +77,7 @@ class FrmEntriesController {
81
  $form_cols = FrmField::get_all_for_form($form_id, '', 'include');
82
 
83
  foreach ( $form_cols as $form_col ) {
84
- if ( FrmFieldsHelper::is_no_save_field($form_col->type) ) {
85
  continue;
86
  }
87
 
@@ -126,13 +122,13 @@ class FrmEntriesController {
126
  return $columns;
127
  }
128
 
129
- public static function check_hidden_cols($check, $object_id, $meta_key, $meta_value, $prev_value) {
130
  $frm_settings = FrmAppHelper::get_settings();
131
  if ( $meta_key != 'manage'. sanitize_title($frm_settings->menu) .'_page_formidable-entriescolumnshidden' || $meta_value == $prev_value ) {
132
  return $check;
133
  }
134
 
135
- if ( empty($prev_value) ) {
136
  $prev_value = get_metadata('user', $object_id, $meta_key, true);
137
  }
138
 
@@ -445,6 +441,14 @@ class FrmEntriesController {
445
  if ( $errors == '' ) {
446
  $errors = FrmEntry::validate( $_POST );
447
  }
 
 
 
 
 
 
 
 
448
  $frm_vars['created_entries'][ $form_id ] = array( 'errors' => $errors );
449
 
450
  if ( empty( $errors ) ) {
3
  class FrmEntriesController {
4
 
5
  public static function menu() {
6
+ FrmAppHelper::force_capability( 'frm_view_entries' );
 
 
 
 
7
 
8
  add_submenu_page('formidable', 'Formidable | '. __( 'Entries', 'formidable' ), __( 'Entries', 'formidable' ), 'frm_view_entries', 'formidable-entries', 'FrmEntriesController::route' );
9
 
10
+ if ( ! in_array( FrmAppHelper::simple_get( 'frm_action', 'sanitize_title' ), array( 'edit', 'show' ) ) ) {
11
  $frm_settings = FrmAppHelper::get_settings();
12
  add_filter( 'manage_' . sanitize_title( $frm_settings->menu ) . '_page_formidable-entries_columns', 'FrmEntriesController::manage_columns' );
13
  add_filter( 'manage_' . sanitize_title( $frm_settings->menu ) . '_page_formidable-entries_sortable_columns', 'FrmEntriesController::sortable_columns' );
77
  $form_cols = FrmField::get_all_for_form($form_id, '', 'include');
78
 
79
  foreach ( $form_cols as $form_col ) {
80
+ if ( FrmFieldsHelper::is_no_save_field( $form_col->type ) ) {
81
  continue;
82
  }
83
 
122
  return $columns;
123
  }
124
 
125
+ public static function check_hidden_cols( $check, $object_id, $meta_key, $meta_value, $prev_value ) {
126
  $frm_settings = FrmAppHelper::get_settings();
127
  if ( $meta_key != 'manage'. sanitize_title($frm_settings->menu) .'_page_formidable-entriescolumnshidden' || $meta_value == $prev_value ) {
128
  return $check;
129
  }
130
 
131
+ if ( empty( $prev_value ) ) {
132
  $prev_value = get_metadata('user', $object_id, $meta_key, true);
133
  }
134
 
441
  if ( $errors == '' ) {
442
  $errors = FrmEntry::validate( $_POST );
443
  }
444
+
445
+ /**
446
+ * Use this filter to add trigger actions and add errors after
447
+ * all other errors have been processed
448
+ * @since 2.0.6
449
+ */
450
+ $errors = apply_filters( 'frm_entries_before_create', $errors, $form );
451
+
452
  $frm_vars['created_entries'][ $form_id ] = array( 'errors' => $errors );
453
 
454
  if ( empty( $errors ) ) {
classes/controllers/FrmFieldsController.php CHANGED
@@ -332,14 +332,14 @@ class FrmFieldsController {
332
  $response = array( 'other' => true );
333
 
334
  //If the deleted option is an "other" option
335
- if ( FrmAppHelper::is_other_opt( $opt_key ) ) {
336
  //Assume all other options are gone, unless proven otherwise
337
  $other = false;
338
 
339
  //Check if all other options are really gone
340
  foreach ( $options as $o_key => $o_val ) {
341
  //If there is still an other option in the field, set other to true
342
- if ( FrmAppHelper::is_other_opt( $o_key ) ) {
343
  $other = true;
344
  break;
345
  }
@@ -350,13 +350,13 @@ class FrmFieldsController {
350
  if ( false === $other ) {
351
  $field_options = maybe_unserialize( $field->field_options );
352
  $field_options['other'] = 0;
353
- FrmField::update( $_POST['field_id'], array( 'field_options' => maybe_serialize( $field_options ) ) );
354
  $response = array( 'other' => false );
355
  }
356
  }
357
  echo json_encode( $response );
358
 
359
- FrmField::update( $_POST['field_id'], array( 'options' => maybe_serialize( $options ) ) );
360
 
361
  wp_die();
362
  }
@@ -471,11 +471,10 @@ class FrmFieldsController {
471
 
472
  public static function update_order() {
473
  check_ajax_referer( 'frm_ajax', 'nonce' );
474
- if ( isset($_POST) && isset($_POST['frm_field_id']) ) {
475
- foreach ( $_POST['frm_field_id'] as $position => $item ) {
476
- FrmField::update( $item, array( 'field_order' => $position ) );
477
- }
478
- }
479
  wp_die();
480
  }
481
 
@@ -539,13 +538,11 @@ class FrmFieldsController {
539
 
540
  $class = apply_filters('frm_field_classes', implode(' ', $class), $field);
541
 
542
- if ( ! empty($class) ) {
543
- $add_html['class'] = 'class="' . esc_attr( trim( $class ) ) . '"';
544
- }
545
 
546
  self::add_shortcodes_to_html($field, $add_html);
547
 
548
- $add_html = implode(' ', $add_html);
549
 
550
  if ( $echo ) {
551
  echo $add_html;
332
  $response = array( 'other' => true );
333
 
334
  //If the deleted option is an "other" option
335
+ if ( FrmFieldsHelper::is_other_opt( $opt_key ) ) {
336
  //Assume all other options are gone, unless proven otherwise
337
  $other = false;
338
 
339
  //Check if all other options are really gone
340
  foreach ( $options as $o_key => $o_val ) {
341
  //If there is still an other option in the field, set other to true
342
+ if ( FrmFieldsHelper::is_other_opt( $o_key ) ) {
343
  $other = true;
344
  break;
345
  }
350
  if ( false === $other ) {
351
  $field_options = maybe_unserialize( $field->field_options );
352
  $field_options['other'] = 0;
353
+ FrmField::update( $field_id, array( 'field_options' => maybe_serialize( $field_options ) ) );
354
  $response = array( 'other' => false );
355
  }
356
  }
357
  echo json_encode( $response );
358
 
359
+ FrmField::update( $field_id, array( 'options' => maybe_serialize( $options ) ) );
360
 
361
  wp_die();
362
  }
471
 
472
  public static function update_order() {
473
  check_ajax_referer( 'frm_ajax', 'nonce' );
474
+ $fields = FrmAppHelper::get_post_param( 'frm_field_id' );
475
+ foreach ( (array) $fields as $position => $item ) {
476
+ FrmField::update( absint( $item ), array( 'field_order' => absint( $position ) ) );
477
+ }
 
478
  wp_die();
479
  }
480
 
538
 
539
  $class = apply_filters('frm_field_classes', implode(' ', $class), $field);
540
 
541
+ FrmFormsHelper::add_html_attr( $class, 'class', $add_html );
 
 
542
 
543
  self::add_shortcodes_to_html($field, $add_html);
544
 
545
+ $add_html = ' ' . implode( ' ', $add_html ) . ' ';
546
 
547
  if ( $echo ) {
548
  echo $add_html;
classes/controllers/FrmFormsController.php CHANGED
@@ -141,12 +141,13 @@ class FrmFormsController {
141
  check_ajax_referer( 'frm_ajax', 'nonce' );
142
  FrmAppHelper::permission_check('frm_edit_forms', 'hide');
143
 
144
- global $wpdb;
145
- $values = array( 'form_key' => trim($_POST['update_value']));
146
 
147
- FrmForm::update($_POST['form_id'], $values);
148
- $key = FrmForm::getKeyById($_POST['form_id']);
149
- echo stripslashes($key);
 
150
  wp_die();
151
  }
152
 
@@ -154,8 +155,12 @@ class FrmFormsController {
154
  check_ajax_referer( 'frm_ajax', 'nonce' );
155
  FrmAppHelper::permission_check('frm_edit_forms', 'hide');
156
 
157
- FrmForm::update($_POST['form_id'], array( 'description' => $_POST['update_value']));
158
- $description = FrmAppHelper::use_wpautop(stripslashes($_POST['update_value']));
 
 
 
 
159
  echo $description;
160
  wp_die();
161
  }
@@ -265,9 +270,13 @@ class FrmFormsController {
265
 
266
  header( 'Content-Type: text/html; charset='. get_option( 'blog_charset' ) );
267
 
268
- $key = (isset($_GET['form']) ? $_GET['form'] : (isset($_POST['form']) ? $_POST['form'] : ''));
269
- $form = FrmForm::getAll( array( 'form_key' => $key), '', 1);
270
- if ( empty($form) ) {
 
 
 
 
271
  $form = FrmForm::getAll( array(), '', 1 );
272
  }
273
 
@@ -414,7 +423,7 @@ class FrmFormsController {
414
  public static function get_shortcode_opts() {
415
  check_ajax_referer( 'frm_ajax', 'nonce' );
416
 
417
- $shortcode = sanitize_text_field( $_POST['shortcode'] );
418
  if ( empty($shortcode) ) {
419
  wp_die();
420
  }
@@ -614,36 +623,93 @@ class FrmFormsController {
614
  $col = 'one';
615
  $settings_tab = FrmAppHelper::is_admin_page('formidable' ) ? true : false;
616
 
617
- $cond_shortcodes = apply_filters('frm_conditional_shortcodes', array());
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
618
 
619
- $adv_shortcodes = array(
620
- 'sep=", "' => array( 'label' => __( 'Separator', 'formidable' ), 'title' => __( 'Use a different separator for checkbox fields', 'formidable' ) ),
621
- 'format="d-m-Y"' => __( 'Date Format', 'formidable' ),
622
- 'show="field_label"' => __( 'Field Label', 'formidable' ),
623
- 'wpautop=0' => array( 'label' => __( 'No Auto P', 'formidable' ), 'title' => __( 'Do not automatically add any paragraphs or line breaks', 'formidable' )),
 
 
 
 
 
 
 
 
 
 
 
 
 
624
  );
625
- $adv_shortcodes = apply_filters('frm_advanced_shortcodes', $adv_shortcodes);
626
 
627
- // __( 'Leave blank instead of defaulting to User Login', 'formidable' ) : blank=1
 
 
 
 
 
 
 
 
 
 
 
 
 
628
 
629
- $user_fields = apply_filters('frm_user_shortcodes', array());
 
 
 
 
 
630
 
631
- include(FrmAppHelper::plugin_path() .'/classes/views/shared/mb_adv_info.php');
632
- }
633
 
634
  // Insert the form class setting into the form
635
  public static function form_classes($form) {
636
  if ( isset($form->options['form_class']) ) {
637
- echo esc_attr($form->options['form_class']);
638
  }
639
  }
640
 
641
  public static function get_email_html() {
642
  check_ajax_referer( 'frm_ajax', 'nonce' );
643
  echo FrmEntriesController::show_entry_shortcode( array(
644
- 'form_id' => $_POST['form_id'],
645
  'default_email' => true,
646
- 'plain_text' => $_POST['plain_text'],
647
  ) );
648
  wp_die();
649
  }
@@ -651,7 +717,7 @@ class FrmFormsController {
651
  public static function filter_content( $content, $form, $entry = false ) {
652
  if ( ! $entry || ! is_object( $entry ) ) {
653
  if ( ! $entry || ! is_numeric( $entry ) ) {
654
- $entry = ( $_POST && isset( $_POST['id'] ) ) ? $_POST['id'] : false;
655
  }
656
 
657
  FrmEntriesHelper::maybe_get_entry( $entry );
@@ -723,7 +789,7 @@ class FrmFormsController {
723
  }
724
 
725
  if ( isset( $message ) && ! empty( $message ) ) {
726
- echo '<div id="message" class="updated frm_msg_padding">'.$message.'</div>';
727
  }
728
 
729
  return $errors;
141
  check_ajax_referer( 'frm_ajax', 'nonce' );
142
  FrmAppHelper::permission_check('frm_edit_forms', 'hide');
143
 
144
+ $form_key = FrmAppHelper::get_post_param( 'update_value', '', 'sanitize_title' );
145
+ $values = array( 'form_key' => trim( $form_key ) );
146
 
147
+ $form_id = FrmAppHelper::get_post_param( 'form_id', '', 'absint' );
148
+ FrmForm::update( $form_id, $values );
149
+ $key = FrmForm::getKeyById( $form_id );
150
+ echo stripslashes( $key );
151
  wp_die();
152
  }
153
 
155
  check_ajax_referer( 'frm_ajax', 'nonce' );
156
  FrmAppHelper::permission_check('frm_edit_forms', 'hide');
157
 
158
+ $form_id = FrmAppHelper::get_post_param( 'form_id', '', 'absint' );
159
+ $value = FrmAppHelper::get_post_param( 'update_value', '', 'wp_filter_post_kses' );
160
+
161
+ FrmForm::update( $form_id, array( 'description' => $value ) );
162
+
163
+ $description = FrmAppHelper::use_wpautop( stripslashes( $value ) );
164
  echo $description;
165
  wp_die();
166
  }
270
 
271
  header( 'Content-Type: text/html; charset='. get_option( 'blog_charset' ) );
272
 
273
+ $key = FrmAppHelper::simple_get( 'form', 'sanitize_title' );
274
+ if ( $key == '' ) {
275
+ $key = FrmAppHelper::get_post_param( 'form', '', 'sanitize_title' );
276
+ }
277
+
278
+ $form = FrmForm::getAll( array( 'form_key' => $key ), '', 1 );
279
+ if ( empty( $form ) ) {
280
  $form = FrmForm::getAll( array(), '', 1 );
281
  }
282
 
423
  public static function get_shortcode_opts() {
424
  check_ajax_referer( 'frm_ajax', 'nonce' );
425
 
426
+ $shortcode = FrmAppHelper::get_post_param( 'shortcode', '', 'sanitize_text_field' );
427
  if ( empty($shortcode) ) {
428
  wp_die();
429
  }
623
  $col = 'one';
624
  $settings_tab = FrmAppHelper::is_admin_page('formidable' ) ? true : false;
625
 
626
+ $cond_shortcodes = apply_filters( 'frm_conditional_shortcodes', array() );
627
+ $adv_shortcodes = self::get_advanced_shortcodes();
628
+ $user_fields = apply_filters( 'frm_user_shortcodes', array() );
629
+ $entry_shortcodes = self::get_shortcode_helpers( $settings_tab );
630
+
631
+ include( FrmAppHelper::plugin_path() . '/classes/views/shared/mb_adv_info.php' );
632
+ }
633
+
634
+ /**
635
+ * Get an array of the options to display in the advanced tab
636
+ * of the customization panel
637
+ * @since 2.0.6
638
+ */
639
+ private static function get_advanced_shortcodes() {
640
+ $adv_shortcodes = array(
641
+ 'sep=", "' => array(
642
+ 'label' => __( 'Separator', 'formidable' ),
643
+ 'title' => __( 'Use a different separator for checkbox fields', 'formidable' ),
644
+ ),
645
+ 'format="d-m-Y"' => __( 'Date Format', 'formidable' ),
646
+ 'show="field_label"' => __( 'Field Label', 'formidable' ),
647
+ 'wpautop=0' => array(
648
+ 'label' => __( 'No Auto P', 'formidable' ),
649
+ 'title' => __( 'Do not automatically add any paragraphs or line breaks', 'formidable' ),
650
+ ),
651
+ );
652
+ $adv_shortcodes = apply_filters( 'frm_advanced_shortcodes', $adv_shortcodes );
653
+ // __( 'Leave blank instead of defaulting to User Login', 'formidable' ) : blank=1
654
 
655
+ return $adv_shortcodes;
656
+ }
657
+
658
+ /**
659
+ * Get an array of the helper shortcodes to display in the customization panel
660
+ * @since 2.0.6
661
+ */
662
+ private static function get_shortcode_helpers( $settings_tab ) {
663
+ $entry_shortcodes = array(
664
+ 'id' => __( 'Entry ID', 'formidable' ),
665
+ 'key' => __( 'Entry Key', 'formidable' ),
666
+ 'post_id' => __( 'Post ID', 'formidable' ),
667
+ 'ip' => __( 'User IP', 'formidable' ),
668
+ 'created-at' => __( 'Entry created', 'formidable' ),
669
+ 'updated-at' => __( 'Entry updated', 'formidable' ),
670
+ '' => '',
671
+ 'siteurl' => __( 'Site URL', 'formidable' ),
672
+ 'sitename' => __( 'Site Name', 'formidable' ),
673
  );
 
674
 
675
+ if ( ! FrmAppHelper::pro_is_installed() ) {
676
+ unset( $entry_shortcodes['post_id'] );
677
+ }
678
+
679
+ if ( $settings_tab ) {
680
+ $entry_shortcodes['default-message'] = __( 'Default Msg', 'formidable' );
681
+ $entry_shortcodes['default-html'] = __( 'Default HTML', 'formidable' );
682
+ $entry_shortcodes['default-plain'] = __( 'Default Plain', 'formidable' );
683
+ } else {
684
+ $entry_shortcodes['detaillink'] = __( 'Detail Link', 'formidable' );
685
+ $entry_shortcodes['editlink location="front" label="Edit" page_id=x'] = __( 'Edit Entry Link', 'formidable' );
686
+ $entry_shortcodes['evenodd'] = __( 'Even/Odd', 'formidable' );
687
+ $entry_shortcodes['entry_count'] = __( 'Entry Count', 'formidable' );
688
+ }
689
 
690
+ /**
691
+ * Use this hook to add or remove buttons in the helpers section
692
+ * in the customization panel
693
+ * @since 2.0.6
694
+ */
695
+ $entry_shortcodes = apply_filters( 'frm_helper_shortcodes', $entry_shortcodes, $settings_tab );
696
 
697
+ return $entry_shortcodes;
698
+ }
699
 
700
  // Insert the form class setting into the form
701
  public static function form_classes($form) {
702
  if ( isset($form->options['form_class']) ) {
703
+ echo esc_attr( sanitize_text_field( $form->options['form_class'] ) );
704
  }
705
  }
706
 
707
  public static function get_email_html() {
708
  check_ajax_referer( 'frm_ajax', 'nonce' );
709
  echo FrmEntriesController::show_entry_shortcode( array(
710
+ 'form_id' => FrmAppHelper::get_post_param( 'form_id', '', 'absint' ),
711
  'default_email' => true,
712
+ 'plain_text' => FrmAppHelper::get_post_param( 'plain_text', '', 'absint' ),
713
  ) );
714
  wp_die();
715
  }
717
  public static function filter_content( $content, $form, $entry = false ) {
718
  if ( ! $entry || ! is_object( $entry ) ) {
719
  if ( ! $entry || ! is_numeric( $entry ) ) {
720
+ $entry = FrmAppHelper::get_post_param( 'id', false, 'sanitize_title' );
721
  }
722
 
723
  FrmEntriesHelper::maybe_get_entry( $entry );
789
  }
790
 
791
  if ( isset( $message ) && ! empty( $message ) ) {
792
+ echo '<div id="message" class="updated frm_msg_padding">' . FrmAppHelper::kses( $message ) . '</div>';
793
  }
794
 
795
  return $errors;
classes/controllers/FrmHooksController.php CHANGED
@@ -24,9 +24,9 @@ class FrmHooksController {
24
  }
25
  } else {
26
  // Make sure the hooks are only triggered once
27
- add_filter('frm'. str_replace('load', '', $trigger_hooks) .'_loaded', '__return_true');
28
  }
29
- unset($trigger_hooks);
30
 
31
  // Instansiate Controllers
32
  foreach ( $controllers as $c ) {
@@ -41,156 +41,156 @@ class FrmHooksController {
41
 
42
  public static function load_hooks() {
43
  if ( ! is_admin() ) {
44
- add_filter('the_content', 'FrmAppController::page_route', 10);
45
  }
46
 
47
- add_action('plugins_loaded', 'FrmAppController::load_lang' );
48
- add_action('init', 'FrmAppController::front_head' );
49
- add_filter('widget_text', 'FrmAppController::widget_text_filter', 8 );
50
- add_action('wp_footer', 'FrmAppController::footer_js', 1, 0);
51
 
52
  // Entries controller
53
- add_action('wp', 'FrmEntriesController::process_entry', 10, 0);
54
- add_action('frm_wp', 'FrmEntriesController::process_entry', 10, 0);
55
- add_filter('frm_redirect_url', 'FrmEntriesController::delete_entry_before_redirect', 50, 3);
56
- add_action('frm_after_entry_processed', 'FrmEntriesController::delete_entry_after_save', 100);
57
- add_filter('frm_email_value', 'FrmEntriesController::filter_email_value', 10, 3);
58
- add_filter('frmpro_fields_replace_shortcodes', 'FrmEntriesController::filter_shortcode_value', 10, 4);
59
 
60
  // Form Actions Controller
61
- add_action('init', 'FrmFormActionsController::register_post_types', 1);
62
  add_action( 'frm_after_create_entry', 'FrmFormActionsController::trigger_create_actions', 20, 3 );
63
 
64
  // Forms Controller
65
- add_action('widgets_init', 'FrmFormsController::register_widgets' );
66
- add_filter('frm_content', 'FrmFormsController::filter_content', 10, 3);
67
- add_filter('frm_replace_content_shortcodes', 'FrmFormsController::replace_content_shortcodes', 20, 3);
68
- add_action('admin_bar_init', 'FrmFormsController::admin_bar_css' );
69
- add_action('wp_before_admin_bar_render', 'FrmFormsController::admin_bar_configure' );
70
- add_action('wp_scheduled_delete', 'FrmFormsController::scheduled_delete' );
71
 
72
  // Form Shortcodes
73
- add_shortcode('formidable', 'FrmFormsController::get_form_shortcode' );
74
 
75
  // Styles Controller
76
- add_action('init', 'FrmStylesController::register_post_types', 0);
77
- add_filter('frm_get_style_opts', 'FrmStylesController::get_style_opts');
78
- add_filter('frm_add_form_style_class', 'FrmStylesController::get_form_style_class', 10, 2);
79
- add_filter('frm_show_entry_styles', 'FrmStylesController::show_entry_styles');
80
  }
81
 
82
  public static function load_admin_hooks() {
83
- add_action('admin_menu', 'FrmAppController::menu', 1);
84
- add_action('admin_enqueue_scripts', 'FrmAppController::load_wp_admin_style' );
85
- add_action('admin_notices', 'FrmAppController::pro_get_started_headline' );
86
  add_action( 'admin_init', 'FrmAppController::admin_init', 11 );
87
- register_activation_hook(FrmAppHelper::plugin_path().'/formidable.php', 'FrmAppController::activation_install' );
88
 
89
  // Entries Controller
90
- add_action('admin_menu', 'FrmEntriesController::menu', 12);
91
- add_filter('contextual_help', 'FrmEntriesController::contextual_help', 10, 3 );
92
- add_filter('set-screen-option', 'FrmEntriesController::save_per_page', 10, 3);
93
- add_filter('update_user_metadata', 'FrmEntriesController::check_hidden_cols', 10, 5);
94
- add_action('updated_user_meta', 'FrmEntriesController::update_hidden_cols', 10, 4);
95
 
96
  // Fields Controller
97
- add_filter('frm_display_field_options', 'FrmFieldsController::display_field_options');
98
- add_action('frm_field_options_form', 'FrmFieldsController::add_conditional_update_msg', 50);
99
 
100
  // Form Actions Controller
101
- if ( FrmAppHelper::is_admin_page('formidable' ) ) {
102
- add_action('frm_before_update_form_settings', 'FrmFormActionsController::update_settings');
103
  }
104
- add_action('frm_after_duplicate_form', 'FrmFormActionsController::duplicate_form_actions', 20, 3);
105
 
106
  // Forms Controller
107
- add_action('admin_menu', 'FrmFormsController::menu', 10);
108
- add_action('admin_head-toplevel_page_formidable', 'FrmFormsController::head' );
109
 
110
- add_filter('set-screen-option', 'FrmFormsController::save_per_page', 10, 3);
111
- add_action('admin_footer', 'FrmFormsController::insert_form_popup' );
112
- add_filter('media_buttons_context', 'FrmFormsController::insert_form_button' );
113
 
114
  // Forms Model
115
- add_action('frm_after_duplicate_form', 'FrmForm::after_duplicate', 10, 2);
116
 
117
  // Settings Controller
118
- add_action('admin_menu', 'FrmSettingsController::menu', 45);
119
- add_action('frm_before_settings', 'FrmSettingsController::license_box');
120
 
121
  // Stats Controller
122
- add_action('admin_menu', 'FrmStatisticsController::menu', 24);
123
- add_action('frm_form_action_reports', 'FrmStatisticsController::list_reports');
124
 
125
  // Styles Controller
126
- add_action('admin_menu', 'FrmStylesController::menu', 14);
127
- add_action('admin_init', 'FrmStylesController::admin_init');
128
 
129
  // XML Controller
130
- add_action('admin_menu', 'FrmXMLController::menu', 41);
131
  }
132
 
133
  public static function load_ajax_hooks() {
134
  add_action( 'wp_ajax_frm_silent_upgrade', 'FrmAppController::ajax_install' );
135
  add_action( 'wp_ajax_nopriv_frm_silent_upgrade', 'FrmAppController::ajax_install' );
136
  add_action( 'wp_ajax_frm_install', 'FrmAppController::ajax_install' );
137
- add_action('wp_ajax_frm_uninstall', 'FrmAppController::uninstall' );
138
- add_action('wp_ajax_frm_deauthorize', 'FrmAppController::deauthorize' );
139
 
140
- add_action('wp_ajax_frmpro_css', 'FrmAppController::load_css' );
141
- add_action('wp_ajax_nopriv_frmpro_css', 'FrmAppController::load_css' );
142
 
143
  // Fields Controller
144
- add_action('wp_ajax_frm_load_field', 'FrmFieldsController::load_field');
145
- add_action('wp_ajax_frm_insert_field', 'FrmFieldsController::create');
146
- add_action('wp_ajax_frm_update_field_form_id', 'FrmFieldsController::update_form_id');
147
- add_action('wp_ajax_frm_field_name_in_place_edit', 'FrmFieldsController::edit_name');
148
- add_action('wp_ajax_frm_update_ajax_option', 'FrmFieldsController::update_ajax_option');
149
- add_action('wp_ajax_frm_duplicate_field', 'FrmFieldsController::duplicate');
150
- add_action('wp_ajax_frm_delete_field', 'FrmFieldsController::destroy');
151
- add_action('wp_ajax_frm_add_field_option', 'FrmFieldsController::add_option');
152
- add_action('wp_ajax_frm_field_option_ipe', 'FrmFieldsController::edit_option');
153
- add_action('wp_ajax_frm_delete_field_option', 'FrmFieldsController::delete_option');
154
- add_action('wp_ajax_frm_import_choices', 'FrmFieldsController::import_choices');
155
- add_action('wp_ajax_frm_import_options', 'FrmFieldsController::import_options');
156
- add_action('wp_ajax_frm_update_field_order', 'FrmFieldsController::update_order');
157
 
158
  // Form Actions Controller
159
- add_action('wp_ajax_frm_add_form_action', 'FrmFormActionsController::add_form_action');
160
- add_action('wp_ajax_frm_form_action_fill', 'FrmFormActionsController::fill_action');
161
 
162
  // Forms Controller
163
  add_action( 'wp_ajax_frm_create_from_template', 'FrmFormsController::_create_from_template' );
164
  add_action( 'wp_ajax_frm_save_form', 'FrmFormsController::route' );
165
  add_action( 'wp_ajax_frm_form_key_in_place_edit', 'FrmFormsController::edit_key' );
166
  add_action( 'wp_ajax_frm_form_desc_in_place_edit', 'FrmFormsController::edit_description' );
167
- add_action('wp_ajax_frm_get_default_html', 'FrmFormsController::get_email_html' );
168
- add_action('wp_ajax_frm_get_shortcode_opts', 'FrmFormsController::get_shortcode_opts' );
169
- add_action('wp_ajax_frm_forms_preview', 'FrmFormsController::preview' );
170
- add_action('wp_ajax_nopriv_frm_forms_preview', 'FrmFormsController::preview' );
171
 
172
  // Styles Controller
173
- add_action('wp_ajax_frm_settings_reset', 'FrmStylesController::reset_styling');
174
- add_action('wp_ajax_frm_change_styling', 'FrmStylesController::change_styling');
175
- add_action('wp_ajax_frmpro_load_css', 'FrmStylesController::load_css');
176
- add_action('wp_ajax_nopriv_frmpro_load_css', 'FrmStylesController::load_css');
177
 
178
  // XML Controller
179
- add_action('wp_ajax_frm_export_xml', 'FrmXMLController::export_xml');
180
  }
181
 
182
  public static function load_form_hooks() {
183
  // Fields Controller
184
- add_filter('frm_field_type', 'FrmFieldsController::change_type');
185
- add_action('frm_field_input_html', 'FrmFieldsController::input_html');
186
- add_filter('frm_field_value_saved', 'FrmFieldsController::check_value', 50, 3);
187
- add_filter('frm_field_label_seen', 'FrmFieldsController::check_label');
188
 
189
  // Forms Controller
190
  add_filter( 'frm_form_classes', 'FrmFormsController::form_classes' );
191
 
192
  // Styles Controller
193
- add_filter('frm_use_important_width', 'FrmStylesController::important_style', 10, 2 );
194
  }
195
 
196
  public static function load_view_hooks() {
24
  }
25
  } else {
26
  // Make sure the hooks are only triggered once
27
+ add_filter( 'frm' . str_replace( 'load', '', $trigger_hooks ) . '_loaded', '__return_true' );
28
  }
29
+ unset( $trigger_hooks );
30
 
31
  // Instansiate Controllers
32
  foreach ( $controllers as $c ) {
41
 
42
  public static function load_hooks() {
43
  if ( ! is_admin() ) {
44
+ add_filter( 'the_content', 'FrmAppController::page_route', 10 );
45
  }
46
 
47
+ add_action( 'plugins_loaded', 'FrmAppController::load_lang' );
48
+ add_action( 'init', 'FrmAppController::front_head' );
49
+ add_filter( 'widget_text', 'FrmAppController::widget_text_filter', 8 );
50
+ add_action( 'wp_footer', 'FrmAppController::footer_js', 1, 0 );
51
 
52
  // Entries controller
53
+ add_action( 'wp', 'FrmEntriesController::process_entry', 10, 0 );
54
+ add_action( 'frm_wp', 'FrmEntriesController::process_entry', 10, 0 );
55
+ add_filter( 'frm_redirect_url', 'FrmEntriesController::delete_entry_before_redirect', 50, 3 );
56
+ add_action( 'frm_after_entry_processed', 'FrmEntriesController::delete_entry_after_save', 100 );
57
+ add_filter( 'frm_email_value', 'FrmEntriesController::filter_email_value', 10, 3 );
58
+ add_filter( 'frmpro_fields_replace_shortcodes', 'FrmEntriesController::filter_shortcode_value', 10, 4 );
59
 
60
  // Form Actions Controller
61
+ add_action( 'init', 'FrmFormActionsController::register_post_types', 1 );
62
  add_action( 'frm_after_create_entry', 'FrmFormActionsController::trigger_create_actions', 20, 3 );
63
 
64
  // Forms Controller
65
+ add_action( 'widgets_init', 'FrmFormsController::register_widgets' );
66
+ add_filter( 'frm_content', 'FrmFormsController::filter_content', 10, 3 );
67
+ add_filter( 'frm_replace_content_shortcodes', 'FrmFormsController::replace_content_shortcodes', 20, 3 );
68
+ add_action( 'admin_bar_init', 'FrmFormsController::admin_bar_css' );
69
+ add_action( 'wp_before_admin_bar_render', 'FrmFormsController::admin_bar_configure' );
70
+ add_action( 'wp_scheduled_delete', 'FrmFormsController::scheduled_delete' );
71
 
72
  // Form Shortcodes
73
+ add_shortcode( 'formidable', 'FrmFormsController::get_form_shortcode' );
74
 
75
  // Styles Controller
76
+ add_action( 'init', 'FrmStylesController::register_post_types', 0 );
77
+ add_filter( 'frm_get_style_opts', 'FrmStylesController::get_style_opts' );
78
+ add_filter( 'frm_add_form_style_class', 'FrmStylesController::get_form_style_class', 10, 2 );
79
+ add_filter( 'frm_show_entry_styles', 'FrmStylesController::show_entry_styles' );
80
  }
81
 
82
  public static function load_admin_hooks() {
83
+ add_action( 'admin_menu', 'FrmAppController::menu', 1 );
84
+ add_action( 'admin_enqueue_scripts', 'FrmAppController::load_wp_admin_style' );
85
+ add_action( 'admin_notices', 'FrmAppController::pro_get_started_headline' );
86
  add_action( 'admin_init', 'FrmAppController::admin_init', 11 );
87
+ register_activation_hook( FrmAppHelper::plugin_path() . '/formidable.php', 'FrmAppController::activation_install' );
88
 
89
  // Entries Controller
90
+ add_action( 'admin_menu', 'FrmEntriesController::menu', 12 );
91
+ add_filter( 'contextual_help', 'FrmEntriesController::contextual_help', 10, 3 );
92
+ add_filter( 'set-screen-option', 'FrmEntriesController::save_per_page', 10, 3 );
93
+ add_filter( 'update_user_metadata', 'FrmEntriesController::check_hidden_cols', 10, 5 );
94
+ add_action( 'updated_user_meta', 'FrmEntriesController::update_hidden_cols', 10, 4 );
95
 
96
  // Fields Controller
97
+ add_filter( 'frm_display_field_options', 'FrmFieldsController::display_field_options' );
98
+ add_action( 'frm_field_options_form', 'FrmFieldsController::add_conditional_update_msg', 50 );
99
 
100
  // Form Actions Controller
101
+ if ( FrmAppHelper::is_admin_page( 'formidable' ) ) {
102
+ add_action( 'frm_before_update_form_settings', 'FrmFormActionsController::update_settings' );
103
  }
104
+ add_action( 'frm_after_duplicate_form', 'FrmFormActionsController::duplicate_form_actions', 20, 3 );
105
 
106
  // Forms Controller
107
+ add_action( 'admin_menu', 'FrmFormsController::menu', 10 );
108
+ add_action( 'admin_head-toplevel_page_formidable', 'FrmFormsController::head' );
109
 
110
+ add_filter( 'set-screen-option', 'FrmFormsController::save_per_page', 10, 3 );
111
+ add_action( 'admin_footer', 'FrmFormsController::insert_form_popup' );
112
+ add_filter( 'media_buttons_context', 'FrmFormsController::insert_form_button' );
113
 
114
  // Forms Model
115
+ add_action( 'frm_after_duplicate_form', 'FrmForm::after_duplicate', 10, 2 );
116
 
117
  // Settings Controller
118
+ add_action( 'admin_menu', 'FrmSettingsController::menu', 45 );
119
+ add_action( 'frm_before_settings', 'FrmSettingsController::license_box' );
120
 
121
  // Stats Controller
122
+ add_action( 'admin_menu', 'FrmStatisticsController::menu', 24 );
123
+ add_action( 'frm_form_action_reports', 'FrmStatisticsController::list_reports' );
124
 
125
  // Styles Controller
126
+ add_action( 'admin_menu', 'FrmStylesController::menu', 14 );
127
+ add_action( 'admin_init', 'FrmStylesController::admin_init' );
128
 
129
  // XML Controller
130
+ add_action( 'admin_menu', 'FrmXMLController::menu', 41 );
131
  }
132
 
133
  public static function load_ajax_hooks() {
134
  add_action( 'wp_ajax_frm_silent_upgrade', 'FrmAppController::ajax_install' );
135
  add_action( 'wp_ajax_nopriv_frm_silent_upgrade', 'FrmAppController::ajax_install' );
136
  add_action( 'wp_ajax_frm_install', 'FrmAppController::ajax_install' );
137
+ add_action( 'wp_ajax_frm_uninstall', 'FrmAppController::uninstall' );
138
+ add_action( 'wp_ajax_frm_deauthorize', 'FrmAppController::deauthorize' );
139
 
140
+ add_action( 'wp_ajax_frmpro_css', 'FrmAppController::load_css' );
141
+ add_action( 'wp_ajax_nopriv_frmpro_css', 'FrmAppController::load_css' );
142
 
143
  // Fields Controller
144
+ add_action( 'wp_ajax_frm_load_field', 'FrmFieldsController::load_field' );
145
+ add_action( 'wp_ajax_frm_insert_field', 'FrmFieldsController::create' );
146
+ add_action( 'wp_ajax_frm_update_field_form_id', 'FrmFieldsController::update_form_id' );
147
+ add_action( 'wp_ajax_frm_field_name_in_place_edit', 'FrmFieldsController::edit_name' );
148
+ add_action( 'wp_ajax_frm_update_ajax_option', 'FrmFieldsController::update_ajax_option' );
149
+ add_action( 'wp_ajax_frm_duplicate_field', 'FrmFieldsController::duplicate' );
150
+ add_action( 'wp_ajax_frm_delete_field', 'FrmFieldsController::destroy' );
151
+ add_action( 'wp_ajax_frm_add_field_option', 'FrmFieldsController::add_option' );
152
+ add_action( 'wp_ajax_frm_field_option_ipe', 'FrmFieldsController::edit_option' );
153
+ add_action( 'wp_ajax_frm_delete_field_option', 'FrmFieldsController::delete_option' );
154
+ add_action( 'wp_ajax_frm_import_choices', 'FrmFieldsController::import_choices' );
155
+ add_action( 'wp_ajax_frm_import_options', 'FrmFieldsController::import_options' );
156
+ add_action( 'wp_ajax_frm_update_field_order', 'FrmFieldsController::update_order' );
157
 
158
  // Form Actions Controller
159
+ add_action( 'wp_ajax_frm_add_form_action', 'FrmFormActionsController::add_form_action' );
160
+ add_action( 'wp_ajax_frm_form_action_fill', 'FrmFormActionsController::fill_action' );
161
 
162
  // Forms Controller
163
  add_action( 'wp_ajax_frm_create_from_template', 'FrmFormsController::_create_from_template' );
164
  add_action( 'wp_ajax_frm_save_form', 'FrmFormsController::route' );
165
  add_action( 'wp_ajax_frm_form_key_in_place_edit', 'FrmFormsController::edit_key' );
166
  add_action( 'wp_ajax_frm_form_desc_in_place_edit', 'FrmFormsController::edit_description' );
167
+ add_action( 'wp_ajax_frm_get_default_html', 'FrmFormsController::get_email_html' );
168
+ add_action( 'wp_ajax_frm_get_shortcode_opts', 'FrmFormsController::get_shortcode_opts' );
169
+ add_action( 'wp_ajax_frm_forms_preview', 'FrmFormsController::preview' );
170
+ add_action( 'wp_ajax_nopriv_frm_forms_preview', 'FrmFormsController::preview' );
171
 
172
  // Styles Controller
173
+ add_action( 'wp_ajax_frm_settings_reset', 'FrmStylesController::reset_styling' );
174
+ add_action( 'wp_ajax_frm_change_styling', 'FrmStylesController::change_styling' );
175
+ add_action( 'wp_ajax_frmpro_load_css', 'FrmStylesController::load_css' );
176
+ add_action( 'wp_ajax_nopriv_frmpro_load_css', 'FrmStylesController::load_css' );
177
 
178
  // XML Controller
179
+ add_action( 'wp_ajax_frm_export_xml', 'FrmXMLController::export_xml' );
180
  }
181
 
182
  public static function load_form_hooks() {
183
  // Fields Controller
184
+ add_filter( 'frm_field_type', 'FrmFieldsController::change_type' );
185
+ add_action( 'frm_field_input_html', 'FrmFieldsController::input_html' );
186
+ add_filter( 'frm_field_value_saved', 'FrmFieldsController::check_value', 50, 3 );
187
+ add_filter( 'frm_field_label_seen', 'FrmFieldsController::check_label' );
188
 
189
  // Forms Controller
190
  add_filter( 'frm_form_classes', 'FrmFormsController::form_classes' );
191
 
192
  // Styles Controller
193
+ add_filter( 'frm_use_important_width', 'FrmStylesController::important_style', 10, 2 );
194
  }
195
 
196
  public static function load_view_hooks() {
classes/controllers/FrmSettingsController.php CHANGED
@@ -4,20 +4,14 @@ class FrmSettingsController {
4
 
5
  public static function menu() {
6
  // Make sure admins can see the menu items
7
- if ( current_user_can( 'administrator' ) && ! current_user_can( 'frm_change_settings' ) ) {
8
- $role = get_role( 'administrator' );
9
- $frm_roles = FrmAppHelper::frm_capabilities();
10
- foreach ( $frm_roles as $frm_role => $frm_role_description ) {
11
- $role->add_cap( $frm_role );
12
- }
13
- }
14
-
15
- add_submenu_page('formidable', 'Formidable | '. __( 'Global Settings', 'formidable' ), __( 'Global Settings', 'formidable' ), 'frm_change_settings', 'formidable-settings', 'FrmSettingsController::route');
16
  }
17
 
18
  public static function license_box() {
19
- $a = isset($_GET['t']) ? $_GET['t'] : 'general_settings';
20
- include(FrmAppHelper::plugin_path() .'/classes/views/frm-settings/license_box.php');
21
  }
22
 
23
  public static function display_form( $errors = array(), $message = '' ) {
@@ -28,11 +22,11 @@ class FrmSettingsController {
28
 
29
  $uploads = wp_upload_dir();
30
  $target_path = $uploads['basedir'] . '/formidable/css';
31
- $sections = apply_filters('frm_add_settings_section', array());
32
 
33
- $captcha_lang = FrmAppHelper::locales('captcha');
34
 
35
- require(FrmAppHelper::plugin_path() .'/classes/views/frm-settings/form.php');
36
  }
37
 
38
  public static function process_form( $stop_load = false ) {
@@ -40,7 +34,8 @@ class FrmSettingsController {
40
 
41
  $frm_settings = FrmAppHelper::get_settings();
42
 
43
- if ( ! isset( $_POST['process_form'] ) || ! wp_verify_nonce( $_POST['process_form'], 'process_form_nonce' ) ) {
 
44
  wp_die( $frm_settings->admin_permission );
45
  }
46
 
4
 
5
  public static function menu() {
6
  // Make sure admins can see the menu items
7
+ FrmAppHelper::force_capability( 'frm_change_settings' );
8
+
9
+ add_submenu_page( 'formidable', 'Formidable | ' . __( 'Global Settings', 'formidable' ), __( 'Global Settings', 'formidable' ), 'frm_change_settings', 'formidable-settings', 'FrmSettingsController::route' );
 
 
 
 
 
 
10
  }
11
 
12
  public static function license_box() {
13
+ $a = FrmAppHelper::simple_get( 't', 'sanitize_title', 'general_settings' );
14
+ include( FrmAppHelper::plugin_path() . '/classes/views/frm-settings/license_box.php' );
15
  }
16
 
17
  public static function display_form( $errors = array(), $message = '' ) {
22
 
23
  $uploads = wp_upload_dir();
24
  $target_path = $uploads['basedir'] . '/formidable/css';
25
+ $sections = apply_filters( 'frm_add_settings_section', array() );
26
 
27
+ $captcha_lang = FrmAppHelper::locales( 'captcha' );
28
 
29
+ require( FrmAppHelper::plugin_path() . '/classes/views/frm-settings/form.php' );
30
  }
31
 
32
  public static function process_form( $stop_load = false ) {
34
 
35
  $frm_settings = FrmAppHelper::get_settings();
36
 
37
+ $process_form = FrmAppHelper::simple_request( array( 'param' => 'process_form', 'sanitize' => 'sanitize_text_field', 'type' => 'post' ) );
38
+ if ( ! wp_verify_nonce( $process_form, 'process_form_nonce' ) ) {
39
  wp_die( $frm_settings->admin_permission );
40
  }
41
 
classes/controllers/FrmStatisticsController.php CHANGED
@@ -3,18 +3,18 @@
3
  class FrmStatisticsController {
4
 
5
  public static function menu() {
6
- add_submenu_page( 'formidable', 'Formidable | '. __( 'Views', 'formidable' ), '<span class="frm_inactive_menu">'. __( 'Views', 'formidable' ) .'</span>', 'administrator', 'formidable-entry-templates', 'FrmStatisticsController::list_displays' );
7
  }
8
 
9
  public static function list_reports() {
10
- add_filter('frm_form_stop_action_reports', '__return_true');
11
  $form = FrmAppHelper::get_param( 'form', false, 'get', 'absint' );
12
- require(FrmAppHelper::plugin_path() .'/classes/views/frm-statistics/list.php');
13
  }
14
 
15
  public static function list_displays() {
16
  $form = FrmAppHelper::get_param( 'form', false, 'get', 'sanitize_title' );
17
- require(FrmAppHelper::plugin_path() .'/classes/views/frm-statistics/list_displays.php');
18
  }
19
 
20
  }
3
  class FrmStatisticsController {
4
 
5
  public static function menu() {
6
+ add_submenu_page( 'formidable', 'Formidable | ' . __( 'Views', 'formidable' ), '<span class="frm_inactive_menu">' . __( 'Views', 'formidable' ) . '</span>', 'administrator', 'formidable-entry-templates', 'FrmStatisticsController::list_displays' );
7
  }
8
 
9
  public static function list_reports() {
10
+ add_filter( 'frm_form_stop_action_reports', '__return_true' );
11
  $form = FrmAppHelper::get_param( 'form', false, 'get', 'absint' );
12
+ require( FrmAppHelper::plugin_path() . '/classes/views/frm-statistics/list.php' );
13
  }
14
 
15
  public static function list_displays() {
16
  $form = FrmAppHelper::get_param( 'form', false, 'get', 'sanitize_title' );
17
+ require( FrmAppHelper::plugin_path() . '/classes/views/frm-statistics/list_displays.php' );
18
  }
19
 
20
  }
classes/controllers/FrmStylesController.php CHANGED
@@ -91,8 +91,10 @@ class FrmStylesController {
91
  public static function save() {
92
  $frm_style = new FrmStyle();
93
  $message = '';
94
- $post_id = ( $_POST && isset($_POST['ID']) ) ? $_POST['ID'] : false;
95
- if ( $post_id !== false && isset($_POST['frm_style']) && wp_verify_nonce($_POST['frm_style'], 'frm_style_nonce') ) {
 
 
96
  $id = $frm_style->update($post_id);
97
  if ( empty($post_id) && ! empty($id) ) {
98
  // set the post id to the new style so it will be loaded for editing
@@ -123,6 +125,10 @@ class FrmStylesController {
123
  include(FrmAppHelper::plugin_path() .'/classes/views/styles/show.php');
124
  }
125
 
 
 
 
 
126
  private static function manage($message = '', $forms = array()) {
127
  $frm_style = new FrmStyle();
128
  $styles = $frm_style->get_all();
@@ -136,7 +142,8 @@ class FrmStylesController {
136
  }
137
 
138
  private static function manage_styles() {
139
- if ( ! $_POST || ! isset($_POST['style']) || ! isset($_POST['frm_manage_style']) || ! wp_verify_nonce($_POST['frm_manage_style'], 'frm_manage_style_nonce') ) {
 
140
  return self::manage();
141
  }
142
 
@@ -175,8 +182,9 @@ class FrmStylesController {
175
  $frm_style = new FrmStyle();
176
 
177
  $message = '';
178
- $post_id = ( $_POST && isset($_POST['ID']) ) ? $_POST['ID'] : false;
179
- if ( isset($_POST['frm_custom_css']) && wp_verify_nonce($_POST['frm_custom_css'], 'frm_custom_css_nonce') ) {
 
180
  $frm_style->update($post_id);
181
  $message = __( 'Your styling settings have been saved.', 'formidable' );
182
  }
@@ -262,7 +270,7 @@ class FrmStylesController {
262
 
263
  public static function include_style_section($atts, $sec) {
264
  extract($atts);
265
- $current_tab = isset($_GET['page-tab']) ? $_GET['page-tab'] : 'default';
266
  include(FrmAppHelper::plugin_path() .'/classes/views/styles/_'. $sec['args'] .'.php');
267
  }
268
 
91
  public static function save() {
92
  $frm_style = new FrmStyle();
93
  $message = '';
94
+ $post_id = FrmAppHelper::get_post_param( 'ID', false, 'sanitize_title' );
95
+ $style_nonce = FrmAppHelper::get_post_param( 'frm_style', '', 'sanitize_text_field' );
96
+
97
+ if ( $post_id !== false && wp_verify_nonce( $style_nonce, 'frm_style_nonce' ) ) {
98
  $id = $frm_style->update($post_id);
99
  if ( empty($post_id) && ! empty($id) ) {
100
  // set the post id to the new style so it will be loaded for editing
125
  include(FrmAppHelper::plugin_path() .'/classes/views/styles/show.php');
126
  }
127
 
128
+ /**
129
+ * @param string $message
130
+ * @param array $forms
131
+ */
132
  private static function manage($message = '', $forms = array()) {
133
  $frm_style = new FrmStyle();
134
  $styles = $frm_style->get_all();
142
  }
143
 
144
  private static function manage_styles() {
145
+ $style_nonce = FrmAppHelper::get_post_param( 'frm_manage_style', '', 'sanitize_text_field' );
146
+ if ( ! $_POST || ! isset( $_POST['style'] ) || ! wp_verify_nonce( $style_nonce, 'frm_manage_style_nonce' ) ) {
147
  return self::manage();
148
  }
149
 
182
  $frm_style = new FrmStyle();
183
 
184
  $message = '';
185
+ $post_id = FrmAppHelper::get_post_param( 'ID', false, 'sanitize_text_field' );
186
+ $nonce = FrmAppHelper::get_post_param( 'frm_custom_css', '', 'sanitize_text_field' );
187
+ if ( wp_verify_nonce( $nonce, 'frm_custom_css_nonce' ) ) {
188
  $frm_style->update($post_id);
189
  $message = __( 'Your styling settings have been saved.', 'formidable' );
190
  }
270
 
271
  public static function include_style_section($atts, $sec) {
272
  extract($atts);
273
+ $current_tab = FrmAppHelper::simple_get( 'page-tab', 'sanitize_title', 'default' );
274
  include(FrmAppHelper::plugin_path() .'/classes/views/styles/_'. $sec['args'] .'.php');
275
  }
276
 
classes/controllers/FrmXMLController.php CHANGED
@@ -137,8 +137,8 @@ class FrmXMLController {
137
  wp_die( $error );
138
  }
139
 
140
- $ids = isset( $_POST['frm_export_forms'] ) ? $_POST['frm_export_forms'] : array();
141
- $type = isset( $_POST['type'] ) ? $_POST['type'] : array();
142
  $format = FrmAppHelper::get_post_param( 'format', 'xml', 'sanitize_title' );
143
 
144
  if ( ! headers_sent() && ! $type ) {
137
  wp_die( $error );
138
  }
139
 
140
+ $ids = FrmAppHelper::get_post_param( 'frm_export_forms', array() );
141
+ $type = FrmAppHelper::get_post_param( 'type', array() );
142
  $format = FrmAppHelper::get_post_param( 'format', 'xml', 'sanitize_title' );
143
 
144
  if ( ! headers_sent() && ! $type ) {
classes/helpers/FrmAppHelper.php CHANGED
@@ -10,7 +10,7 @@ class FrmAppHelper {
10
  /**
11
  * @since 2.0
12
  */
13
- public static $plug_version = '2.0.05';
14
 
15
  /**
16
  * @since 1.07.02
@@ -104,11 +104,12 @@ class FrmAppHelper {
104
  */
105
  public static function is_admin_page($page = 'formidable' ) {
106
  global $pagenow;
 
107
  if ( $pagenow ) {
108
- return $pagenow == 'admin.php' && $_GET['page'] == $page;
109
  }
110
 
111
- return is_admin() && isset($_GET['page']) && $_GET['page'] == $page;
112
  }
113
 
114
  /**
@@ -121,7 +122,8 @@ class FrmAppHelper {
121
  */
122
  public static function is_preview_page() {
123
  global $pagenow;
124
- return $pagenow && $pagenow == 'admin-ajax.php' && isset($_GET['action']) && $_GET['action'] == 'frm_forms_preview';
 
125
  }
126
 
127
  /**
@@ -211,7 +213,7 @@ class FrmAppHelper {
211
  }
212
  self::sanitize_value( $value, $sanitize );
213
  } else {
214
- $value = self::get_post_param( $param, $default, $sanitize );
215
  }
216
 
217
  if ( isset( $params ) && is_array( $value ) && ! empty( $value ) ) {
@@ -228,13 +230,15 @@ class FrmAppHelper {
228
  return $value;
229
  }
230
 
 
 
 
 
 
 
 
231
  public static function get_post_param( $param, $default = '', $sanitize = '' ) {
232
- $val = $default;
233
- if ( isset( $_POST[ $param ] ) ) {
234
- $val = stripslashes_deep( maybe_unserialize( $_POST[ $param ] ) );
235
- self::sanitize_value( $value, $sanitize );
236
- }
237
- return $val;
238
  }
239
 
240
  public static function sanitize_value( &$value, $sanitize ) {
@@ -242,18 +246,51 @@ class FrmAppHelper {
242
  $value = call_user_func( $sanitize, $value );
243
  }
244
  }
245
- /**
246
- * @since 2.0
247
- * @param string $action
248
- */
249
- public static function simple_get( $action, $sanitize = 'sanitize_text_field' ) {
250
- $val = '';
251
- if ( $_GET && isset( $_GET[ $action ] ) ) {
252
- $val = call_user_func( $sanitize, $_GET[ $action ] );
253
- }
254
- return $val;
 
 
255
  }
256
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
257
  public static function sanitize_request( $sanitize_method, &$values ) {
258
  $temp_values = $values;
259
  foreach ( $temp_values as $k => $val ) {
@@ -451,13 +488,14 @@ class FrmAppHelper {
451
 
452
  public static function wp_pages_dropdown( $field_name, $page_id, $truncate = false ) {
453
  $pages = self::get_pages();
 
454
  ?>
455
  <select name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($field_name); ?>" class="frm-pages-dropdown">
456
  <option value=""> </option>
457
  <?php foreach ( $pages as $page ) { ?>
458
- <option value="<?php echo esc_attr($page->ID); ?>" <?php
459
- echo ( ( ( isset( $_POST[ $field_name ] ) && $_POST[ $field_name ] == $page->ID ) || ( ! isset( $_POST[ $field_name ] ) && $page_id == $page->ID ) ) ? ' selected="selected"' : '' );
460
- ?>><?php echo esc_html( $truncate ? self::truncate( $page->post_title, $truncate ) : $page->post_title ); ?> </option>
461
  <?php } ?>
462
  </select>
463
  <?php
@@ -500,6 +538,21 @@ class FrmAppHelper {
500
  }
501
  }
502
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
503
  public static function frm_capabilities($type = 'auto') {
504
  $cap = array(
505
  'frm_view_forms' => __( 'View Forms and Templates', 'formidable' ),
@@ -550,6 +603,8 @@ class FrmAppHelper {
550
  * @since 2.0
551
  */
552
  public static function maybe_add_permissions() {
 
 
553
  if ( ! current_user_can('administrator') || current_user_can('frm_view_forms') ) {
554
  return;
555
  }
@@ -626,7 +681,8 @@ class FrmAppHelper {
626
  * @return boolean Returns true if current field option is an "Other" option
627
  */
628
  public static function is_other_opt( $opt_key ) {
629
- return $opt_key && strpos( $opt_key, 'other' ) !== false;
 
630
  }
631
 
632
  /**
@@ -639,68 +695,8 @@ class FrmAppHelper {
639
  * @return string $other_val
640
  */
641
  public static function get_other_val( $opt_key, $field, $parent = false, $pointer = false ) {
642
- $other_val = '';
643
-
644
- //If option is an "other" option and there is a value set for this field, check if the value belongs in the current "Other" option text field
645
- if ( ! self::is_other_opt( $opt_key ) || ! isset( $field['value'] ) || ! $field['value'] ) {
646
- return $other_val;
647
- }
648
-
649
- // Check posted vals before checking saved values
650
-
651
- // For fields inside repeating sections - note, don't check if $pointer is true because it will often be zero
652
- if ( $parent && isset( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ] ) ) {
653
- if ( FrmFieldsHelper::is_field_with_multiple_values( $field ) ) {
654
- $other_val = isset( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ][ $opt_key ] ) ? $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ][ $opt_key ] : '';
655
- } else {
656
- $other_val = $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ];
657
- }
658
- return $other_val;
659
-
660
- } else if ( isset( $field['id'] ) && isset( $_POST['item_meta']['other'][ $field['id'] ] ) ) {
661
- // For normal fields
662
-
663
- if ( FrmFieldsHelper::is_field_with_multiple_values( $field ) ) {
664
- $other_val = isset( $_POST['item_meta']['other'][ $field['id'] ][ $opt_key ] ) ? $_POST['item_meta']['other'][ $field['id'] ][ $opt_key ] : '';
665
- } else {
666
- $other_val = sanitize_text_field( $_POST['item_meta']['other'][ $field['id'] ] );
667
- }
668
- return $other_val;
669
- }
670
-
671
- // For checkboxes
672
- if ( $field['type'] == 'checkbox' && is_array( $field['value'] ) ) {
673
- // Check if there is an "other" val in saved value and make sure the "other" val is not equal to the Other checkbox option
674
- if ( isset( $field['value'][ $opt_key ] ) && $field['options'][ $opt_key ] != $field['value'][ $opt_key ] ) {
675
- $other_val = $field['value'][ $opt_key ];
676
- }
677
- } else {
678
- /**
679
- * For radio buttons and dropdowns
680
- * Check if saved value equals any of the options. If not, set it as the other value.
681
- */
682
- foreach ( $field['options'] as $opt_key => $opt_val ) {
683
- $temp_val = is_array( $opt_val ) ? $opt_val['value'] : $opt_val;
684
- // Multi-select dropdowns - key is not preserved
685
- if ( is_array( $field['value'] ) ) {
686
- $o_key = array_search( $temp_val, $field['value'] );
687
- if ( isset( $field['value'][ $o_key ] ) ) {
688
- unset( $field['value'][ $o_key ], $o_key );
689
- }
690
- } else if ( $temp_val == $field['value'] ) {
691
- // For radio and regular dropdowns
692
- return '';
693
- } else {
694
- $other_val = $field['value'];
695
- }
696
- unset($opt_key, $opt_val, $temp_val);
697
- }
698
- // For multi-select dropdowns only
699
- if ( is_array( $field['value'] ) && ! empty( $field['value'] ) ) {
700
- $other_val = reset( $field['value'] );
701
- }
702
- }
703
- return $other_val;
704
  }
705
 
706
  /**
@@ -716,42 +712,9 @@ class FrmAppHelper {
716
  * @return string $other_val
717
  */
718
  public static function prepare_other_input( $field, &$other_opt, &$checked, $args = array() ) {
719
- //Check if this is an "Other" option
720
- if ( ! self::is_other_opt( $args['opt_key'] ) ) {
721
- return;
722
- }
723
-
724
- $other_opt = true;
725
- $other_args = array();
726
- $parent = $pointer = '';
727
-
728
- // Check for parent ID and pointer
729
- $temp_array = explode( '[', $args['field_name'] );
730
- // Count should only be greater than 3 if inside of a repeating section
731
- if ( count( $temp_array ) > 3 ) {
732
- $parent = str_replace( ']', '', $temp_array[1] );
733
- $pointer = str_replace( ']', '', $temp_array[2]);
734
- }
735
- unset( $temp_array );
736
-
737
- //Set up name for other field
738
- $other_args['name'] = str_replace( '[]', '', $args['field_name'] );
739
- $other_args['name'] = preg_replace('/\[' . $field['id'] . '\]$/', '', $other_args['name']);
740
- $other_args['name'] = $other_args['name'] . '[other]' . '[' . $field['id'] . ']';
741
- //Converts item_meta[field_id] => item_meta[other][field_id] and
742
- //item_meta[parent][0][field_id] => item_meta[parent][0][other][field_id]
743
- if ( FrmFieldsHelper::is_field_with_multiple_values( $field ) ) {
744
- $other_args['name'] .= '[' . $args['opt_key'] . ']';
745
- }
746
-
747
- // Get text for "other" text field
748
- $other_args['value'] = self::get_other_val( $args['opt_key'], $field, $parent, $pointer );
749
-
750
- if ( $other_args['value'] ) {
751
- $checked = 'checked="checked" ';
752
- }
753
-
754
- return $other_args;
755
  }
756
 
757
  public static function recursive_trim(&$value) {
@@ -1072,29 +1035,7 @@ class FrmAppHelper {
1072
 
1073
  foreach ( $form_defaults as $opt => $default ) {
1074
  if ( ! isset( $values[ $opt ] ) || $values[ $opt ] == '' ) {
1075
- if ( $opt == 'notification' ) {
1076
- $values[ $opt ] = ( $post_values && isset( $post_values[ $opt ] ) ) ? $post_values[ $opt ] : $default;
1077
-
1078
- foreach ( $default as $o => $d ) {
1079
- if ( $o == 'email_to' ) {
1080
- $d = ''; //allow blank email address
1081
- }
1082
- $values[ $opt ][0][ $o ] = ( $post_values && isset( $post_values[ $opt ][0][ $o ]) ) ? $post_values[ $opt ][0][ $o ] : $d;
1083
- unset($o, $d);
1084
- }
1085
- } else {
1086
- $values[ $opt ] = ( $post_values && isset( $post_values['options'][ $opt ] ) ) ? $post_values['options'][ $opt ] : $default;
1087
- }
1088
- } else if ( $values[ $opt ] == 'notification' ) {
1089
- foreach ( $values[ $opt ] as $k => $n ) {
1090
- foreach ( $default as $o => $d ) {
1091
- if ( ! isset( $n[ $o ] ) ) {
1092
- $values[ $opt ][ $k ][ $o ] = ( $post_values && isset( $post_values[ $opt ][ $k ][ $o ] ) ) ? $post_values[ $opt ][ $k ][ $o ] : $d;
1093
- }
1094
- unset($o, $d);
1095
- }
1096
- unset($k, $n);
1097
- }
1098
  }
1099
 
1100
  unset($opt, $defaut);
@@ -1102,7 +1043,7 @@ class FrmAppHelper {
1102
 
1103
  if ( ! isset($values['custom_style']) ) {
1104
  $frm_settings = self::get_settings();
1105
- $values['custom_style'] = ( $post_values && isset($post_values['options']['custom_style']) ) ? $_POST['options']['custom_style'] : ( $frm_settings->load_style != 'none' );
1106
  }
1107
 
1108
  foreach ( array( 'before', 'after', 'submit') as $h ) {
@@ -1584,6 +1525,28 @@ class FrmAppHelper {
1584
  }
1585
  }
1586
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1587
  /**
1588
  * Since actions are JSON encoded, we don't want any filters messing with it.
1589
  * Remove the filters and then add them back in case any posts or views are
10
  /**
11
  * @since 2.0
12
  */
13
+ public static $plug_version = '2.0.06';
14
 
15
  /**
16
  * @since 1.07.02
104
  */
105
  public static function is_admin_page($page = 'formidable' ) {
106
  global $pagenow;
107
+ $get_page = self::simple_get( 'page', 'sanitize_title' );
108
  if ( $pagenow ) {
109
+ return $pagenow == 'admin.php' && $get_page == $page;
110
  }
111
 
112
+ return is_admin() && $get_page == $page;
113
  }
114
 
115
  /**
122
  */
123
  public static function is_preview_page() {
124
  global $pagenow;
125
+ $action = FrmAppHelper::simple_get( 'action', 'sanitize_title' );
126
+ return $pagenow && $pagenow == 'admin-ajax.php' && $action == 'frm_forms_preview';
127
  }
128
 
129
  /**
213
  }
214
  self::sanitize_value( $value, $sanitize );
215
  } else {
216
+ $value = self::simple_request( array( 'type' => 'post', 'param' => $param, 'default' => $default, 'sanitize' => $sanitize ) );
217
  }
218
 
219
  if ( isset( $params ) && is_array( $value ) && ! empty( $value ) ) {
230
  return $value;
231
  }
232
 
233
+ /**
234
+ * @todo Deprecate this and use simple_request instead
235
+ *
236
+ * @param string $param
237
+ * @param mixed $default
238
+ * @param string $sanitize
239
+ */
240
  public static function get_post_param( $param, $default = '', $sanitize = '' ) {
241
+ return self::simple_request( array( 'type' => 'post', 'param' => $param, 'default' => $default, 'sanitize' => $sanitize ) );
 
 
 
 
 
242
  }
243
 
244
  public static function sanitize_value( &$value, $sanitize ) {
246
  $value = call_user_func( $sanitize, $value );
247
  }
248
  }
249
+
250
+ /**
251
+ * @since 2.0
252
+ *
253
+ * @param string $param
254
+ * @param string $sanitize
255
+ * @param string $default
256
+ *
257
+ * @todo Deprecate this and use simple_request instead
258
+ */
259
+ public static function simple_get( $param, $sanitize = 'sanitize_text_field', $default = '' ) {
260
+ return self::simple_request( array( 'type' => 'get', 'param' => $param, 'default' => $default, 'sanitize' => $sanitize ) );
261
  }
262
 
263
+ /**
264
+ * Get a GET/POST/REQUEST value and sanitize it
265
+ *
266
+ * @since 2.0.6
267
+ */
268
+ public static function simple_request( $args ) {
269
+ $defaults = array(
270
+ 'param' => '', 'default' => '',
271
+ 'type' => 'get', 'sanitize' => 'sanitize_text_field',
272
+ );
273
+ $args = wp_parse_args( $args, $defaults );
274
+
275
+ $value = $args['default'];
276
+ if ( $args['type'] == 'get' ) {
277
+ if ( $_GET && isset( $_GET[ $args['param'] ] ) ) {
278
+ $value = $_GET[ $args['param'] ];
279
+ }
280
+ } else if ( $args['type'] == 'post' ) {
281
+ if ( isset( $_POST[ $args['param'] ] ) ) {
282
+ $value = stripslashes_deep( maybe_unserialize( $_POST[ $args['param'] ] ) );
283
+ }
284
+ } else {
285
+ if ( isset( $_REQUEST[ $args['param'] ] ) ) {
286
+ $value = $_REQUEST[ $args['param'] ];
287
+ }
288
+ }
289
+
290
+ self::sanitize_value( $value, $args['sanitize'] );
291
+ return $value;
292
+ }
293
+
294
  public static function sanitize_request( $sanitize_method, &$values ) {
295
  $temp_values = $values;
296
  foreach ( $temp_values as $k => $val ) {
488
 
489
  public static function wp_pages_dropdown( $field_name, $page_id, $truncate = false ) {
490
  $pages = self::get_pages();
491
+ $selected = self::get_post_param( $field_name, $page_id, 'absint' );
492
  ?>
493
  <select name="<?php echo esc_attr($field_name); ?>" id="<?php echo esc_attr($field_name); ?>" class="frm-pages-dropdown">
494
  <option value=""> </option>
495
  <?php foreach ( $pages as $page ) { ?>
496
+ <option value="<?php echo esc_attr($page->ID); ?>" <?php selected( $selected, $page->ID ) ?>>
497
+ <?php echo esc_html( $truncate ? self::truncate( $page->post_title, $truncate ) : $page->post_title ); ?>
498
+ </option>
499
  <?php } ?>
500
  </select>
501
  <?php
538
  }
539
  }
540
 
541
+ /**
542
+ * Make sure admins have permission to see the menu items
543
+ * @since 2.0.6
544
+ */
545
+ public static function force_capability( $cap = 'frm_change_settings' ) {
546
+ // Make sure admins can see the menu items
547
+ if ( current_user_can( 'administrator' ) && ! current_user_can( $cap ) ) {
548
+ $role = get_role( 'administrator' );
549
+ $frm_roles = self::frm_capabilities();
550
+ foreach ( $frm_roles as $frm_role => $frm_role_description ) {
551
+ $role->add_cap( $frm_role );
552
+ }
553
+ }
554
+ }
555
+
556
  public static function frm_capabilities($type = 'auto') {
557
  $cap = array(
558
  'frm_view_forms' => __( 'View Forms and Templates', 'formidable' ),
603
  * @since 2.0
604
  */
605
  public static function maybe_add_permissions() {
606
+ self::force_capability( 'frm_view_entries' );
607
+
608
  if ( ! current_user_can('administrator') || current_user_can('frm_view_forms') ) {
609
  return;
610
  }
681
  * @return boolean Returns true if current field option is an "Other" option
682
  */
683
  public static function is_other_opt( $opt_key ) {
684
+ _deprecated_function( __FUNCTION__, '2.0.6', 'FrmFieldsHelper::is_other_opt' );
685
+ return FrmFieldsHelper::is_other_opt( $opt_key );
686
  }
687
 
688
  /**
695
  * @return string $other_val
696
  */
697
  public static function get_other_val( $opt_key, $field, $parent = false, $pointer = false ) {
698
+ _deprecated_function( __FUNCTION__, '2.0.6', 'FrmFieldsHelper::get_other_val' );
699
+ return FrmFieldsHelper::get_other_val( compact( 'opt_key', 'field', 'parent', 'pointer' ) );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
700
  }
701
 
702
  /**
712
  * @return string $other_val
713
  */
714
  public static function prepare_other_input( $field, &$other_opt, &$checked, $args = array() ) {
715
+ _deprecated_function( __FUNCTION__, '2.0.6', 'FrmFieldsHelper::prepare_other_input' );
716
+ $args['field'] = $field;
717
+ return FrmFieldsHelper::prepare_other_input( $args, $other_opt, $checked );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
718
  }
719
 
720
  public static function recursive_trim(&$value) {
1035
 
1036
  foreach ( $form_defaults as $opt => $default ) {
1037
  if ( ! isset( $values[ $opt ] ) || $values[ $opt ] == '' ) {
1038
+ $values[ $opt ] = ( $post_values && isset( $post_values['options'][ $opt ] ) ) ? $post_values['options'][ $opt ] : $default;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1039
  }
1040
 
1041
  unset($opt, $defaut);
1043
 
1044
  if ( ! isset($values['custom_style']) ) {
1045
  $frm_settings = self::get_settings();
1046
+ $values['custom_style'] = ( $post_values && isset( $post_values['options']['custom_style'] ) ) ? absint( $_POST['options']['custom_style'] ) : ( $frm_settings->load_style != 'none' );
1047
  }
1048
 
1049
  foreach ( array( 'before', 'after', 'submit') as $h ) {
1525
  }
1526
  }
1527
 
1528
+ /**
1529
+ * Prepare and save settings in styles and actions
1530
+ *
1531
+ * @param array $settings
1532
+ * @param string $group
1533
+ *
1534
+ * @since 2.0.6
1535
+ */
1536
+ public static function save_settings( $settings, $group ) {
1537
+ $settings = (array) $settings;
1538
+ $settings['post_content'] = FrmAppHelper::prepare_and_encode( $settings['post_content'] );
1539
+
1540
+ if ( empty( $settings['ID'] ) ) {
1541
+ unset( $settings['ID']);
1542
+ }
1543
+
1544
+ // delete all caches for this group
1545
+ self::cache_delete_group( $group );
1546
+
1547
+ return self::save_json_post( $settings );
1548
+ }
1549
+
1550
  /**
1551
  * Since actions are JSON encoded, we don't want any filters messing with it.
1552
  * Remove the filters and then add them back in case any posts or views are
classes/helpers/FrmEntriesHelper.php CHANGED
@@ -224,11 +224,6 @@ class FrmEntriesHelper {
224
  }
225
  }
226
 
227
- // Don't include blank values
228
- if ( ! $atts['include_blank'] && isset( $atts['entry']->metas[ $f->id ] ) && FrmAppHelper::is_empty_value( $atts['entry']->metas[ $f->id ] ) ) {
229
- return;
230
- }
231
-
232
  $val = '';
233
  if ( $atts['entry'] ) {
234
  $prev_val = maybe_unserialize( $atts['entry']->metas[ $f->id ] );
@@ -242,6 +237,11 @@ class FrmEntriesHelper {
242
  }
243
  }
244
 
 
 
 
 
 
245
  self::textarea_display_value( $val, $f->type, $atts['plain_text'] );
246
 
247
  if ( is_array($val) && $atts['format'] == 'text' ) {
@@ -429,7 +429,6 @@ class FrmEntriesHelper {
429
 
430
  if ( $child_values ) {
431
  $child_entries = FrmEntry::getAll( array( 'it.id' => (array) $child_values ) );
432
- //$atts['post_id']
433
  }
434
  }
435
 
@@ -455,6 +454,7 @@ class FrmEntriesHelper {
455
  }
456
 
457
  $val = implode(', ', (array) $field_value );
 
458
 
459
  return $val;
460
  }
@@ -523,6 +523,10 @@ class FrmEntriesHelper {
523
  $value = FrmAppHelper::truncate($value, 50);
524
  }
525
 
 
 
 
 
526
  return apply_filters('frm_display_value', $value, $field, $atts);
527
  }
528
 
@@ -700,11 +704,11 @@ class FrmEntriesHelper {
700
  }
701
 
702
  $agent_options = array(
703
- 'Firefox' => 'Mozilla Firefox',
704
  'Chrome' => 'Google Chrome',
705
  'Safari' => 'Apple Safari',
706
  'Opera' => 'Opera',
707
  'Netscape' => 'Netscape',
 
708
  );
709
 
710
  // Next get the name of the useragent yes seperately and for good reason
224
  }
225
  }
226
 
 
 
 
 
 
227
  $val = '';
228
  if ( $atts['entry'] ) {
229
  $prev_val = maybe_unserialize( $atts['entry']->metas[ $f->id ] );
237
  }
238
  }
239
 
240
+ // Don't include blank values
241
+ if ( ! $atts['include_blank'] && FrmAppHelper::is_empty_value( $val ) ) {
242
+ return;
243
+ }
244
+
245
  self::textarea_display_value( $val, $f->type, $atts['plain_text'] );
246
 
247
  if ( is_array($val) && $atts['format'] == 'text' ) {
429
 
430
  if ( $child_values ) {
431
  $child_entries = FrmEntry::getAll( array( 'it.id' => (array) $child_values ) );
 
432
  }
433
  }
434
 
454
  }
455
 
456
  $val = implode(', ', (array) $field_value );
457
+ $val = wp_kses_post( $val );
458
 
459
  return $val;
460
  }
523
  $value = FrmAppHelper::truncate($value, 50);
524
  }
525
 
526
+ if ( ! $atts['keepjs'] && ! is_array( $value ) ) {
527
+ $value = wp_kses_post( $value );
528
+ }
529
+
530
  return apply_filters('frm_display_value', $value, $field, $atts);
531
  }
532
 
704
  }
705
 
706
  $agent_options = array(
 
707
  'Chrome' => 'Google Chrome',
708
  'Safari' => 'Apple Safari',
709
  'Opera' => 'Opera',
710
  'Netscape' => 'Netscape',
711
+ 'Firefox' => 'Mozilla Firefox',
712
  );
713
 
714
  // Next get the name of the useragent yes seperately and for good reason
classes/helpers/FrmFieldsHelper.php CHANGED
@@ -90,10 +90,17 @@ class FrmFieldsHelper {
90
  return $field['type'] == 'checkbox' || ( $field['type'] == 'data' && isset($field['data_type']) && $field['data_type'] == 'checkbox' ) || self::is_multiple_select( $field );
91
  } else {
92
  // For field object
93
- return $field->type == 'checkbox' || ( $field->type == 'data' && $field->field_options['data_type'] == 'checkbox' ) || self::is_multiple_select($field);
94
  }
95
  }
96
 
 
 
 
 
 
 
 
97
  /**
98
  * If $field is numeric, get the field object
99
  */
@@ -341,7 +348,7 @@ DEFAULT_HTML;
341
  $html = str_replace('[key]', $field['field_key'], $html);
342
 
343
  //replace [description] and [required_label] and [error]
344
- $required = ($field['required'] == '0') ? '' : $field['required_indicator'];
345
  if ( ! is_array( $errors ) ) {
346
  $errors = array();
347
  }
@@ -361,7 +368,7 @@ DEFAULT_HTML;
361
  }
362
 
363
  //replace [required_class]
364
- $required_class = ($field['required'] == '0') ? '' : ' frm_required_field';
365
  $html = str_replace('[required_class]', $required_class, $html);
366
 
367
  //replace [label_position]
@@ -382,7 +389,7 @@ DEFAULT_HTML;
382
  $html = str_replace('[error_class]', $error_class, $html);
383
 
384
  //replace [entry_key]
385
- $entry_key = ( $_GET && isset($_GET['entry']) ) ? $_GET['entry'] : '';
386
  $html = str_replace('[entry_key]', $entry_key, $html);
387
 
388
  //replace [input]
@@ -573,9 +580,9 @@ DEFAULT_HTML;
573
  $opt = apply_filters('frm_field_label_seen', $opt, $opt_key, $field);
574
 
575
  // If this is an "Other" option, get the HTML for it
576
- if ( FrmAppHelper::is_other_opt( $opt_key ) ) {
577
  // Get string for Other text field, if needed
578
- $other_val = FrmAppHelper::get_other_val( $opt_key, $field );
579
  require(FrmAppHelper::plugin_path() .'/pro/classes/views/frmpro-fields/other-option.php');
580
  } else {
581
  require(FrmAppHelper::plugin_path() .'/classes/views/frm-fields/single-option.php');
@@ -1006,16 +1013,221 @@ DEFAULT_HTML;
1006
  }
1007
  }
1008
 
1009
- public static function show_onfocus_js($clear_on_focus){ ?>
1010
- <a href="javascript:void(0)" class="frm_bstooltip <?php echo ($clear_on_focus) ? '' : 'frm_inactive_icon '; ?>frm_default_val_icons frm_action_icon frm_reload_icon frm_icon_font" title="<?php echo esc_attr($clear_on_focus ? __( 'Clear default value when typing', 'formidable' ) : __( 'Do not clear default value when typing', 'formidable' )); ?>"></a>
1011
- <?php
 
 
 
 
 
 
 
1012
  }
1013
 
1014
- public static function show_default_blank_js($default_blank){ ?>
1015
- <a href="javascript:void(0)" class="frm_bstooltip <?php echo $default_blank ? '' : 'frm_inactive_icon '; ?>frm_default_val_icons frm_action_icon frm_error_icon frm_icon_font" title="<?php echo $default_blank ? esc_attr( 'Default value will NOT pass form validation', 'formidable' ) : esc_attr( 'Default value will pass form validation', 'formidable' ); ?>"></a>
1016
- <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1017
  }
1018
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1019
  public static function switch_field_ids($val) {
1020
  global $frm_duplicate_ids;
1021
  $replace = array();
90
  return $field['type'] == 'checkbox' || ( $field['type'] == 'data' && isset($field['data_type']) && $field['data_type'] == 'checkbox' ) || self::is_multiple_select( $field );
91
  } else {
92
  // For field object
93
+ return $field->type == 'checkbox' || ( $field->type == 'data' && isset( $field->field_options['data_type'] ) && $field->field_options['data_type'] == 'checkbox' ) || self::is_multiple_select($field);
94
  }
95
  }
96
 
97
+ /**
98
+ * @since 2.0.6
99
+ */
100
+ public static function is_required_field( $field ) {
101
+ return $field['required'] != '0';
102
+ }
103
+
104
  /**
105
  * If $field is numeric, get the field object
106
  */
348
  $html = str_replace('[key]', $field['field_key'], $html);
349
 
350
  //replace [description] and [required_label] and [error]
351
+ $required = self::is_required_field( $field ) ? $field['required_indicator'] : '';
352
  if ( ! is_array( $errors ) ) {
353
  $errors = array();
354
  }
368
  }
369
 
370
  //replace [required_class]
371
+ $required_class = self::is_required_field( $field ) ? ' frm_required_field' : '';
372
  $html = str_replace('[required_class]', $required_class, $html);
373
 
374
  //replace [label_position]
389
  $html = str_replace('[error_class]', $error_class, $html);
390
 
391
  //replace [entry_key]
392
+ $entry_key = FrmAppHelper::simple_get( 'entry', 'sanitize_title' );
393
  $html = str_replace('[entry_key]', $entry_key, $html);
394
 
395
  //replace [input]
580
  $opt = apply_filters('frm_field_label_seen', $opt, $opt_key, $field);
581
 
582
  // If this is an "Other" option, get the HTML for it
583
+ if ( self::is_other_opt( $opt_key ) ) {
584
  // Get string for Other text field, if needed
585
+ $other_val = self::get_other_val( compact( 'opt_key', 'field' ) );
586
  require(FrmAppHelper::plugin_path() .'/pro/classes/views/frmpro-fields/other-option.php');
587
  } else {
588
  require(FrmAppHelper::plugin_path() .'/classes/views/frm-fields/single-option.php');
1013
  }
1014
  }
1015
 
1016
+ /**
1017
+ * Check if current field option is an "other" option
1018
+ *
1019
+ * @since 2.0.6
1020
+ *
1021
+ * @param string $opt_key
1022
+ * @return boolean Returns true if current field option is an "Other" option
1023
+ */
1024
+ public static function is_other_opt( $opt_key ) {
1025
+ return $opt_key && strpos( $opt_key, 'other' ) !== false;
1026
  }
1027
 
1028
+ /**
1029
+ * Get value that belongs in "Other" text box
1030
+ *
1031
+ * @since 2.0.6
1032
+ *
1033
+ * @param array $args
1034
+ */
1035
+ public static function get_other_val( $args ) {
1036
+ $defaults = array(
1037
+ 'opt_key' => 0, 'field' => array(),
1038
+ 'parent' => false, 'pointer' => false,
1039
+ );
1040
+ $args = wp_parse_args( $args, $defaults );
1041
+
1042
+ $opt_key = $args['opt_key'];
1043
+ $field = $args['field'];
1044
+ $parent = $args['parent'];
1045
+ $pointer = $args['pointer'];
1046
+ $other_val = '';
1047
+
1048
+ // If option is an "other" option and there is a value set for this field,
1049
+ // check if the value belongs in the current "Other" option text field
1050
+ if ( ! FrmFieldsHelper::is_other_opt( $opt_key ) || ! isset( $field['value'] ) || ! $field['value'] ) {
1051
+ return $other_val;
1052
+ }
1053
+
1054
+ // Check posted vals before checking saved values
1055
+
1056
+ // For fields inside repeating sections - note, don't check if $pointer is true because it will often be zero
1057
+ if ( $parent && isset( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ] ) ) {
1058
+ if ( FrmFieldsHelper::is_field_with_multiple_values( $field ) ) {
1059
+ $other_val = isset( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ][ $opt_key ] ) ? sanitize_text_field( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ][ $opt_key ] ) : '';
1060
+ } else {
1061
+ $other_val = sanitize_text_field( $_POST['item_meta'][ $parent ][ $pointer ]['other'][ $field['id'] ] );
1062
+ }
1063
+ return $other_val;
1064
+
1065
+ } else if ( isset( $field['id'] ) && isset( $_POST['item_meta']['other'][ $field['id'] ] ) ) {
1066
+ // For normal fields
1067
+
1068
+ if ( FrmFieldsHelper::is_field_with_multiple_values( $field ) ) {
1069
+ $other_val = isset( $_POST['item_meta']['other'][ $field['id'] ][ $opt_key ] ) ? sanitize_text_field( $_POST['item_meta']['other'][ $field['id'] ][ $opt_key ] ) : '';
1070
+ } else {
1071
+ $other_val = sanitize_text_field( $_POST['item_meta']['other'][ $field['id'] ] );
1072
+ }
1073
+ return $other_val;
1074
+ }
1075
+
1076
+ // For checkboxes
1077
+ if ( $field['type'] == 'checkbox' && is_array( $field['value'] ) ) {
1078
+ // Check if there is an "other" val in saved value and make sure the
1079
+ // "other" val is not equal to the Other checkbox option
1080
+ if ( isset( $field['value'][ $opt_key ] ) && $field['options'][ $opt_key ] != $field['value'][ $opt_key ] ) {
1081
+ $other_val = $field['value'][ $opt_key ];
1082
+ }
1083
+ } else {
1084
+ /**
1085
+ * For radio buttons and dropdowns
1086
+ * Check if saved value equals any of the options. If not, set it as the other value.
1087
+ */
1088
+ foreach ( $field['options'] as $opt_key => $opt_val ) {
1089
+ $temp_val = is_array( $opt_val ) ? $opt_val['value'] : $opt_val;
1090
+ // Multi-select dropdowns - key is not preserved
1091
+ if ( is_array( $field['value'] ) ) {
1092
+ $o_key = array_search( $temp_val, $field['value'] );
1093
+ if ( isset( $field['value'][ $o_key ] ) ) {
1094
+ unset( $field['value'][ $o_key ], $o_key );
1095
+ }
1096
+ } else if ( $temp_val == $field['value'] ) {
1097
+ // For radio and regular dropdowns
1098
+ return '';
1099
+ } else {
1100
+ $other_val = $field['value'];
1101
+ }
1102
+ unset( $opt_key, $opt_val, $temp_val );
1103
+ }
1104
+ // For multi-select dropdowns only
1105
+ if ( is_array( $field['value'] ) && ! empty( $field['value'] ) ) {
1106
+ $other_val = reset( $field['value'] );
1107
+ }
1108
+ }
1109
+
1110
+ return $other_val;
1111
+ }
1112
+
1113
+ /**
1114
+ * Check if there is a saved value for the "Other" text field. If so, set it as the $other_val.
1115
+ * Intended for front-end use
1116