| Server IP : 172.67.157.199 / Your IP : 18.118.137.57 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/chroot/var/www/wp-content/plugins/appointment-hour-booking/ |
Upload File : |
<?php
if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
class CP_AppBookingPlugin extends CP_APPBOOK_BaseClass {
private $menu_parameter = 'cp_apphourbooking';
private $prefix = 'cp_appbooking';
private $plugin_name = 'Appointment Hour Booking';
private $plugin_URL = 'https://apphourbooking.dwbooster.com/';
private $plugin_download_URL = 'https://apphourbooking.dwbooster.com/download';
public $table_items = "cpappbk_forms";
public $table_messages = "cpappbk_messages";
public $print_counter = 1;
private $include_user_data_csv = false;
private $booking_form_nonce = false;
public $CP_CFPP_global_templates;
protected $postURL;
protected $paid_statuses = array('Pending','Cancelled','Cancelled by customer','Rejected','Attended');
public $shorttag = 'CP_APP_HOUR_BOOKING';
public $blocked_by_admin_indicator = '[email protected]';
protected $tags_allowed = array(
'a' => array(
'href' => array(),
'title' => array(),
'target' => array(),
'style' => array(),
'class' => array(),
),
'br' => array(),
'em' => array(),
'b' => array(),
'strong' => array(),
'img' => array(
'src' => array(),
'width' => array(),
'height' => array(),
'border' => array(),
'style' => array(),
'class' => array(),
),
);
public function _install() {
global $wpdb;
require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
$charset_collate = $wpdb->get_charset_collate();
$results = $wpdb->get_results("SHOW TABLES LIKE '".$wpdb->prefix.$this->table_messages."'"); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
if ( !count( $results ) )
{
$sql = "CREATE TABLE ".$wpdb->prefix.$this->table_messages." (
id int(10) NOT NULL AUTO_INCREMENT,
formid INT NOT NULL,
time datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
ipaddr VARCHAR(250) DEFAULT '' NOT NULL,
notifyto VARCHAR(250) DEFAULT '' NOT NULL,
data mediumtext,
posted_data mediumtext,
whoadded VARCHAR(250) DEFAULT '' NOT NULL,
UNIQUE KEY id (id)
)".$charset_collate.";";
$wpdb->query($sql); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
}
$results = $wpdb->get_results("SHOW TABLES LIKE '".$wpdb->prefix.$this->table_items."'"); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
if ( !count( $results ) )
{
$sql = "CREATE TABLE ".$wpdb->prefix.$this->table_items." (
id mediumint(9) NOT NULL AUTO_INCREMENT,
form_name VARCHAR(250) DEFAULT '' NOT NULL,
form_structure mediumtext,
calendar_language VARCHAR(250) DEFAULT '' NOT NULL,
date_format VARCHAR(250) DEFAULT '' NOT NULL,
product_name VARCHAR(250) DEFAULT '' NOT NULL,
pay_later_label VARCHAR(250) DEFAULT '' NOT NULL,
defaultstatus VARCHAR(250) DEFAULT '' NOT NULL,
defaultpaidstatus VARCHAR(250) DEFAULT '' NOT NULL,
fp_from_email VARCHAR(250) DEFAULT '' NOT NULL,
fp_from_name text,
fp_destination_emails text,
fp_subject text,
fp_inc_additional_info VARCHAR(10) DEFAULT '' NOT NULL,
fp_return_page VARCHAR(250) DEFAULT '' NOT NULL,
fp_message text,
fp_emailformat VARCHAR(10) DEFAULT '' NOT NULL,
fp_emailtomethod VARCHAR(10) DEFAULT '' NOT NULL,
fp_destination_emails_field VARCHAR(200) DEFAULT '' NOT NULL,
cu_enable_copy_to_user VARCHAR(10) DEFAULT '' NOT NULL,
cu_user_email_field VARCHAR(250) DEFAULT '' NOT NULL,
cu_subject VARCHAR(250) DEFAULT '' NOT NULL,
cu_message text,
cu_emailformat VARCHAR(10) DEFAULT '' NOT NULL,
fp_emailfrommethod VARCHAR(10) DEFAULT '' NOT NULL,
vs_text_maxapp TEXT,
vs_text_is_required TEXT,
vs_text_is_email TEXT,
vs_text_datemmddyyyy TEXT,
vs_text_dateddmmyyyy TEXT,
vs_text_number TEXT,
vs_text_digits TEXT,
vs_text_max TEXT,
vs_text_min TEXT,
vs_text_pageof TEXT,
vs_text_submitbtn TEXT,
vs_text_previousbtn TEXT,
vs_text_nextbtn TEXT,
vs_text_quantity TEXT,
vs_text_cancel TEXT,
vs_text_cost TEXT,
vs_text_nmore TEXT,
cp_user_access text,
cp_user_access_settings VARCHAR(10) DEFAULT '' NOT NULL,
display_emails_endtime VARCHAR(10) DEFAULT '' NOT NULL,
rep_enable VARCHAR(10) DEFAULT '' NOT NULL,
rep_days VARCHAR(10) DEFAULT '' NOT NULL,
rep_hour VARCHAR(10) DEFAULT '' NOT NULL,
rep_emails text,
rep_subject text,
rep_emailformat VARCHAR(10) DEFAULT '' NOT NULL,
rep_message text,
cv_enable_captcha VARCHAR(20) DEFAULT '' NOT NULL,
cv_width VARCHAR(20) DEFAULT '' NOT NULL,
cv_height VARCHAR(20) DEFAULT '' NOT NULL,
cv_chars VARCHAR(20) DEFAULT '' NOT NULL,
cv_font VARCHAR(20) DEFAULT '' NOT NULL,
cv_min_font_size VARCHAR(20) DEFAULT '' NOT NULL,
cv_max_font_size VARCHAR(20) DEFAULT '' NOT NULL,
cv_noise VARCHAR(20) DEFAULT '' NOT NULL,
cv_noise_length VARCHAR(20) DEFAULT '' NOT NULL,
cv_background VARCHAR(20) DEFAULT '' NOT NULL,
cv_border VARCHAR(20) DEFAULT '' NOT NULL,
cv_text_enter_valid_captcha VARCHAR(200) DEFAULT '' NOT NULL,
UNIQUE KEY id (id)
)".$charset_collate.";";
$wpdb->query($sql); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
}
// insert initial data
$count = $wpdb->get_var( "SELECT COUNT(id) FROM ".$wpdb->prefix.$this->table_items ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
if ( !$count )
{
define('CP_APPBOOK_DEFAULT_fp_from_email', get_the_author_meta('user_email', get_current_user_id()) );
define('CP_APPBOOK_DEFAULT_fp_destination_emails', CP_APPBOOK_DEFAULT_fp_from_email);
$wpdb->insert( $wpdb->prefix.$this->table_items, array( 'id' => 1,
'form_name' => 'Form 1',
'form_structure' => $this->get_option('form_structure', CP_APPBOOK_DEFAULT_form_structure),
'calendar_language' => $this->get_option('calendar_language', ''),
'date_format' => $this->get_option('date_format', 'mm/dd/yy'),
'product_name' => $this->get_option('fp_from_email', 'Booking'),
'pay_later_label' => $this->get_option('fp_from_email', 'Pay later'),
'fp_from_email' => $this->get_option('fp_from_email', CP_APPBOOK_DEFAULT_fp_from_email),
'fp_destination_emails' => $this->get_option('fp_destination_emails', CP_APPBOOK_DEFAULT_fp_destination_emails),
'fp_subject' => $this->get_option('fp_subject', CP_APPBOOK_DEFAULT_fp_subject),
'fp_inc_additional_info' => $this->get_option('fp_inc_additional_info', CP_APPBOOK_DEFAULT_fp_inc_additional_info),
'fp_return_page' => $this->get_option('fp_return_page', CP_APPBOOK_DEFAULT_fp_return_page),
'fp_message' => $this->get_option('fp_message', CP_APPBOOK_DEFAULT_fp_message),
'fp_emailformat' => $this->get_option('fp_emailformat', CP_APPBOOK_DEFAULT_email_format),
'cu_enable_copy_to_user' => $this->get_option('cu_enable_copy_to_user', CP_APPBOOK_DEFAULT_cu_enable_copy_to_user),
'cu_user_email_field' => $this->get_option('cu_user_email_field', CP_APPBOOK_DEFAULT_cu_user_email_field),
'cu_subject' => $this->get_option('cu_subject', CP_APPBOOK_DEFAULT_cu_subject),
'cu_message' => $this->get_option('cu_message', CP_APPBOOK_DEFAULT_cu_message),
'cu_emailformat' => $this->get_option('cu_emailformat', CP_APPBOOK_DEFAULT_email_format),
'vs_text_maxapp' => $this->get_option('vs_text_maxapp', CP_APPBOOK_DEFAULT_vs_text_maxapp),
'vs_text_is_required' => $this->get_option('vs_text_is_required', CP_APPBOOK_DEFAULT_vs_text_is_required),
'vs_text_is_email' => $this->get_option('vs_text_is_email', CP_APPBOOK_DEFAULT_vs_text_is_email),
'vs_text_datemmddyyyy' => $this->get_option('vs_text_datemmddyyyy', CP_APPBOOK_DEFAULT_vs_text_datemmddyyyy),
'vs_text_dateddmmyyyy' => $this->get_option('vs_text_dateddmmyyyy', CP_APPBOOK_DEFAULT_vs_text_dateddmmyyyy),
'vs_text_number' => $this->get_option('vs_text_number', CP_APPBOOK_DEFAULT_vs_text_number),
'vs_text_digits' => $this->get_option('vs_text_digits', CP_APPBOOK_DEFAULT_vs_text_digits),
'vs_text_max' => $this->get_option('vs_text_max', CP_APPBOOK_DEFAULT_vs_text_max),
'vs_text_min' => $this->get_option('vs_text_min', CP_APPBOOK_DEFAULT_vs_text_min),
'vs_text_pageof' => $this->get_option('vs_text_pageof', 'Page {0} of {0}'),
'vs_text_submitbtn' => $this->get_option('vs_text_submitbtn', 'Submit'),
'vs_text_previousbtn' => $this->get_option('vs_text_previousbtn', 'Previous'),
'vs_text_nextbtn' => $this->get_option('vs_text_nextbtn', 'Next'),
'vs_text_quantity' => $this->get_option_not_empty('vs_text_quantity', 'Quantity'),
'vs_text_cancel' => $this->get_option_not_empty('vs_text_cancel', 'Cancel'),
'vs_text_cost' => $this->get_option_not_empty('vs_text_cost', 'Cost'),
'vs_text_nmore' => $this->get_option_not_empty('vs_text_nmore', 'Selected time is no longer available. Please select a different time.'),
'rep_enable' => $this->get_option('rep_enable', 'no'),
'rep_days' => $this->get_option('rep_days', '1'),
'rep_hour' => $this->get_option('rep_hour', '0'),
'rep_emails' => $this->get_option('rep_emails', ''),
'rep_subject' => $this->get_option('rep_subject', 'Submissions report...'),
'rep_emailformat' => $this->get_option('rep_emailformat', 'text'),
'rep_message' => $this->get_option('rep_message', 'Attached you will find the data from the form submissions.'),
'cv_enable_captcha' => $this->get_option('cv_enable_captcha', CP_APPBOOK_DEFAULT_cv_enable_captcha),
'cv_width' => $this->get_option('cv_width', CP_APPBOOK_DEFAULT_cv_width),
'cv_height' => $this->get_option('cv_height', CP_APPBOOK_DEFAULT_cv_height),
'cv_chars' => $this->get_option('cv_chars', CP_APPBOOK_DEFAULT_cv_chars),
'cv_font' => $this->get_option('cv_font', CP_APPBOOK_DEFAULT_cv_font),
'cv_min_font_size' => $this->get_option('cv_min_font_size', CP_APPBOOK_DEFAULT_cv_min_font_size),
'cv_max_font_size' => $this->get_option('cv_max_font_size', CP_APPBOOK_DEFAULT_cv_max_font_size),
'cv_noise' => $this->get_option('cv_noise', CP_APPBOOK_DEFAULT_cv_noise),
'cv_noise_length' => $this->get_option('cv_noise_length', CP_APPBOOK_DEFAULT_cv_noise_length),
'cv_background' => $this->get_option('cv_background', CP_APPBOOK_DEFAULT_cv_background),
'cv_border' => $this->get_option('cv_border', CP_APPBOOK_DEFAULT_cv_border),
'cv_text_enter_valid_captcha' => $this->get_option('cv_text_enter_valid_captcha', CP_APPBOOK_DEFAULT_cv_text_enter_valid_captcha)
)
);
}
}
public function get_status_list() {
$statuses = array('Approved');
foreach ($this->paid_statuses as $item)
$statuses[] = $item;
return $statuses;
}
public function render_status_box( $name, $selected, $displayall = false ) {
echo '<select name="'.esc_attr($name).'" id="'.esc_attr($name).'">';
if ($displayall)
echo '<option value="all"'.($selected == 'all'?' selected':'').'>'.esc_html(__('[All]','appointment-hour-booking')).'</option>';
echo '<option value=""'.($selected == ''?' selected':'').'>'.esc_html(__('Approved','appointment-hour-booking')).'</option>';
foreach ($this->paid_statuses as $item)
echo '<option value="'.esc_attr($item).'"'.($selected == $item?' selected':'').'>'.esc_html(__($item,'appointment-hour-booking')).'</option>';
echo '</select>';
}
public function update_status($id, $status, $indexonly = '-1')
{
global $wpdb;
$events = $wpdb->get_results( $wpdb->prepare('SELECT * FROM `'.$wpdb->prefix.$this->table_messages.'` WHERE id=%d', $id) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
$posted_data = unserialize($events[0]->posted_data);
if (!is_array($posted_data)) // no data to change status
return;
$countapps = count($posted_data["apps"]);
$something_changed = false;
for($k=0; $k<$countapps; $k++)
if (($indexonly == '-1' || $indexonly == $k) && (!isset($posted_data["apps"][$k]["cancelled"]) || $posted_data["apps"][$k]["cancelled"] != $status || (!empty($_REQUEST["rs"]) && $_REQUEST["rs"] != '')))
{
$posted_data["apps"][$k]["cancelled"] = $status;
$posted_data["app_status_".($k+1)] = $status;
if (isset($_REQUEST["rs"]))
{
$posted_data["apps"][$k]["cancelreason"] = sanitize_text_field($_REQUEST["rs"]);
$posted_data["app_cancelreason_".($k+1)] = $posted_data["apps"][$k]["cancelreason"];
}
$something_changed = true;
}
if ($something_changed)
{
$posted_data = serialize($posted_data);
$wpdb->update ( $wpdb->prefix.$this->table_messages, array( 'posted_data' => $posted_data ), array( 'id' => $id ));
do_action( 'cpappb_update_status', $id, $status );
}
}
/* Using timezone from WordPress settings */
public function localtimezone_strtotime( $datestring ) {
$timezone_string = get_option('timezone_string');
$gmt_offset = get_option('gmt_offset', 0);
if (empty($timezone_string))
{
if ($gmt_offset == 0)
$timezone_string = 'UTC';
else
{
$timezone_string = $gmt_offset;
if(substr($gmt_offset, 0, 1) != "-" && substr($gmt_offset, 0, 1) != "+" && substr($gmt_offset, 0, 1) != "U")
$timezone_string = "+" . $gmt_offset;
}
}
try
{
$result = new DateTime($datestring, new DateTimeZone($timezone_string));
return strtotime($result->format('Y-m-d H:i:s'));
}
catch (Exception $e)
{
return strtotime($datestring);
}
}
/* Filter for placing the item into the contents */
public function filter_list( $atts ) {
global $wpdb;
extract( shortcode_atts( array(
'calendar' => '', // accepts comma separated IDs
'fields' => 'DATE,TIME,email',
'from' => "today",
'to' => "today +30 days",
'paidonly' => "",
'status' => "notcancelled", // "all" means all statuses
'service' => "",
'email' => "",
'onlycurrentuser' => "",
'maxitems' => "",
'limit' => "10000"
), $atts ) );
if ( !is_admin() )
{
wp_enqueue_style('cpapp-publicstyle', plugins_url('css/stylepublic.css', __FILE__));
wp_enqueue_style('cpapp-custompublicstyle', $this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=css'));
}
if (strtolower($status) == 'approved')
$status = '';
ob_start();
if ($this->get_option('date_format', 'mm/dd/yy') == 'dd/mm/yy')
{
$from = str_replace('/','.',$from);
$to = str_replace('/','.',$to);
}
// calculate dates
$from = date("Y-m-d",$this->localtimezone_strtotime($from));
$to = date("Y-m-d",$this->localtimezone_strtotime($to));
$to_query = date("Y-m-d",$this->localtimezone_strtotime($to." +1 day"));
$calquery = '';
$calendar = explode (",",$calendar);
foreach ($calendar as $cal)
if (trim($cal))
{
$calquery .= ($calquery!=''?' OR ':'').'formid='.intval(trim($cal));
$this->setId(intval(trim($cal)));
}
if ($calquery != '')
$calquery = '('.$calquery.') AND ';
if (strtolower($onlycurrentuser) == 'yes' || strtolower($onlycurrentuser) == 'true')
{
$current_user = wp_get_current_user();
if ($current_user->ID)
$user_query = " whoadded='".esc_sql($current_user->ID)."' AND ";
else
$user_query = "(1=0) AND "; // if no logged in user then no current user bookings
}
else
$user_query = '';
if ($email != '')
$user_query .= " (notifyto='".esc_sql($email)."') AND ";
// pre-select time-slots
$selection = array();
$rows = $wpdb->get_results( $wpdb->prepare("SELECT notifyto,posted_data,data,formid,id,time FROM ".$wpdb->prefix.$this->table_messages." WHERE notifyto<>%s AND ".$user_query.$calquery."time<=%s ORDER BY time DESC LIMIT 0,".intval($limit), $this->blocked_by_admin_indicator, $to_query) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach($rows as $item)
{
$data = unserialize($item->posted_data);
if (!$paidonly || (!empty($data['paid']) && $data['paid']))
{
$appindex = 0;
if (is_array($data["apps"]))
foreach($data["apps"] as $app)
{
$appindex++;
if ($app["date"] >= $from && $app["date"] <= $to &&
($status == 'notcancelled' || $status == 'all' || $status == $app["cancelled"]) &&
($status != 'notcancelled' || ('Cancelled by customer' != $app["cancelled"] && 'Cancelled' != $app["cancelled"]) )
)
{
if ($service == '' || $service == $app["service"])
$selection[] = array(
$app["date"]." ".$app["slot"],
$app["date"],
str_replace("/","-",$app["slot"]),
$data,
sanitize_email($item->notifyto),
$item->data,
$app["cancelled"],
$app["service"],
$appindex, // 8
$item->formid, // 9
$app["quant"], // 10
$item->time, // 11
$item->id // 12
);
}
}
}
}
// order time-slots
if ( !function_exists( 'appbkfastsortfn' ) )
{
function appbkfastsortfn( $a, $b ) { return ( $a[0] > $b[0] ? 1 : -1 ); }
}
usort( $selection, "appbkfastsortfn" );
// clean fields IDs
$fields = explode(",",trim($fields));
for($j=0; $j<count($fields); $j++)
$fields[$j] = strtolower(trim($fields[$j]));
// print table
if (!count($selection))
echo '<div class="cpappb_noapps">'.esc_html(__('No appointments found with the selected filters','appointment-hour-booking')).'</div>';
else for($i=0; $i<count($selection) && ($maxitems == '' || $i < $maxitems); $i++)
{
echo '<div class="cpapp_no_wrap">';
for($j=0; $j<count($fields); $j++)
{
echo '<div class="cpappb_field_'.intval($j).($selection[$i][6]!=''?' cpappb_cancelled':'').'">';
switch ($fields[$j]) {
case 'rownumber':
echo intval($i)+1;
break;
case 'weekday':
echo esc_html(ucfirst(__(date('l',strtotime($selection[$i][1])))));
break;
case 'date':
echo esc_html($this->format_date($selection[$i][1]));
break;
case 'time':
echo esc_html($selection[$i][2]);
break;
case 'email':
echo "<a href=\"mailto:".esc_attr($selection[$i][4])."\">".esc_html($selection[$i][4])."</a> ";
break;
case 'service':
echo esc_html($selection[$i][7])." ";
break;
case 'quantity':
echo esc_html($selection[$i][10])." ";
break;
case 'cancelled':
if ($selection[$i][6] == '')
echo esc_html(__('Approved','appointment-hour-booking'));
else
echo esc_html(__($selection[$i][6],'appointment-hour-booking'));
echo ' ';
break;
case 'data':
echo esc_html(substr($selection[$i][5],strpos($selection[$i][5],"\n\n")+2));
break;
case 'paid':
echo esc_html(( (!empty($selection[$i][3]['paid']) && $selection[$i][3]['paid'])?__('Yes','appointment-hour-booking'):' '));
break;
case 'options':
if ( is_admin() && $this->check_current_user_access( intval( $selection[$i][9] ) ) )
{
echo '<div style="width:100px; zoom:75%; overflow:none">';
?><div style="clear:both;"><nobr><?php $this->render_status_box('sb'.intval($selection[$i][12]).'_'.intval($selection[$i][8]), $selection[$i][6]); ?><br><input style="float:left" class="button" type="button" name="calups_<?php echo intval($selection[$i][12]); ?>" value="<?php _e('Update Status','appointment-hour-booking'); ?>" onclick="cp_UpsItem(<?php echo intval($selection[$i][12]); ?>,<?php echo intval($selection[$i][8]); ?>);" /></nobr></div><?php
echo '</div>';
}
else
echo " ";
break;
default:
if (is_array($selection[$i][3][$fields[$j]]))
echo esc_html(implode(",",$selection[$i][3][$fields[$j]]));
else
echo esc_html(($selection[$i][3][$fields[$j]]==''?' ':$selection[$i][3][$fields[$j]])." ");
}
echo '</div>';
}
echo '</div>';
echo '<div class="cpapp_break"></div>';
}
$nonce = wp_create_nonce( 'cpappb_actions_booking' );
?>
<?php if ( is_admin() && current_user_can('edit_pages') ) { ?>
<script>
function cp_UpsItem(id,item)
{
var status = document.getElementById("sb"+id+"_"+item).options[document.getElementById("sb"+id+"_"+item).selectedIndex].value;
var reason = "";
document.location = 'admin.php?page=<?php echo esc_js($this->menu_parameter); ?>&anonce=<?php echo esc_js($nonce); ?>&cal=<?php echo intval($_GET["cal"]); ?>&list=1&ud='+id+'&status='+status+'&udidx='+(item-1)+'&or=shlist&r='+Math.random();
}
</script>
<?php }
$buffered_contents = ob_get_contents();
ob_end_clean();
return $buffered_contents;
}
/* output of the booking form */
public function output_filter_content( $atts ) {
echo $this->filter_content($atts); // phpcs:ignore WordPress.Security.EscapeOutput
}
/* Filter for placing the item into the contents */
public function filter_content( $atts ) {
global $wpdb;
extract( shortcode_atts( array(
'id' => '',
), $atts ) );
if ($id != '')
$this->item = intval($id);
/**
* Filters applied before generate the form,
* is passed as parameter an array with the forms attributes, and return the list of attributes
*/
$atts = apply_filters( 'cpappb_pre_form', $atts );
ob_start();
$this->insert_public_item();
$buffered_contents = ob_get_contents();
ob_end_clean();
/**
* Filters applied after generate the form,
* is passed as parameter the HTML code of the form with the corresponding <LINK> and <SCRIPT> tags,
* and returns the HTML code to includes in the webpage
*/
$buffered_contents = apply_filters( 'cpappb_the_form', $buffered_contents, $this->item );
return $buffered_contents;
}
function insert_public_item() {
global $wpdb;
// Initializing the $form_counter
if(!isset($GLOBALS['codepeople_form_sequence_number'])) $GLOBALS['codepeople_form_sequence_number'] = 0;
$GLOBALS['codepeople_form_sequence_number']++;
$this->print_counter = $GLOBALS['codepeople_form_sequence_number']; // Current form
$pageof_label = $this->get_option('vs_text_pageof', 'Page {0} of {0}');
$pageof_label = ($pageof_label==''?'Page {0} of {0}':$pageof_label);
$previous_label = $this->get_option('vs_text_previousbtn', 'Previous');
$previous_label = ($previous_label==''?'Previous':$previous_label);
$next_label = $this->get_option('vs_text_nextbtn', 'Next');
$next_label = ($next_label==''?'Next':$next_label);
$calendar_language = $this->get_option('calendar_language','');
if ($calendar_language == '') $calendar_language = $this->autodetect_language();
if (CP_APPBOOK_DEFER_SCRIPTS_LOADING)
{
wp_enqueue_style('cpapp-calendarstyle', plugins_url('css/cupertino/calendar.css', __FILE__));
wp_enqueue_style('cpapp-publicstyle', plugins_url('css/stylepublic.css', __FILE__));
wp_enqueue_style('cpapp-custompublicstyle', $this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=css'));
if ( !defined('ELEMENTOR_PRO_VERSION'))
wp_enqueue_style('wp-jquery-ui-dialog');
$has_lang_file = false;
if ($calendar_language != '' && file_exists(dirname( __FILE__ ).'/js/languages/jquery.ui.datepicker-'.$calendar_language.'.js'))
{
$has_lang_file = true;
wp_enqueue_script($this->prefix.'_language_file', plugins_url('js/languages/jquery.ui.datepicker-'.$calendar_language.'.js', __FILE__),array("jquery","jquery-ui-core","jquery-ui-sortable","jquery-ui-tabs","jquery-ui-droppable","jquery-ui-button","jquery-ui-datepicker"));
}
$js_dependencies = array("jquery","jquery-ui-core","jquery-ui-datepicker","jquery-ui-widget","jquery-ui-position","jquery-ui-tooltip","jquery-ui-dialog");
if ($has_lang_file)
$js_dependencies[] = $this->prefix.'_language_file';
if (defined("CP_AHB_DYNAMIC_LOADING"))
{
wp_enqueue_script( $this->prefix.'_builder_script',
$this->fixurl($this->get_site_url( false ), 'cp_cpappb_resources=public'), $js_dependencies, false, true );
}
else
{
wp_enqueue_script( $this->prefix.'_builder_script',
plugins_url('js/fbuilder-public.js', __FILE__), $js_dependencies, false, true );
}
wp_enqueue_script( $this->prefix.'_customjs', $this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=customjs&cal='.$this->item.'&nc=1'),array($this->prefix.'_builder_script'));
wp_localize_script($this->prefix.'_builder_script', $this->prefix.'_fbuilder_config'.('_'.$this->print_counter), array('obj' =>
'{"pub":true,"identifier":"'.('_'.$this->print_counter).'","messages": {
"required": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_is_required', CP_APPBOOK_DEFAULT_vs_text_is_required),'appointment-hour-booking')).'",
"maxapp": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_maxapp', CP_APPBOOK_DEFAULT_vs_text_maxapp),'appointment-hour-booking')).'",
"language": "'.str_replace(array('"'),array('\\"'),$calendar_language).'",
"date_format": "'.str_replace(array('"'),array('\\"'),$this->get_option('date_format', 'mm/dd/yy')).'",
"email": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_is_email', CP_APPBOOK_DEFAULT_vs_text_is_email),'appointment-hour-booking')).'",
"datemmddyyyy": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_datemmddyyyy', CP_APPBOOK_DEFAULT_vs_text_datemmddyyyy),'appointment-hour-booking')).'",
"dateddmmyyyy": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_dateddmmyyyy', CP_APPBOOK_DEFAULT_vs_text_dateddmmyyyy),'appointment-hour-booking')).'",
"number": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_number', CP_APPBOOK_DEFAULT_vs_text_number),'appointment-hour-booking')).'",
"digits": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_digits', CP_APPBOOK_DEFAULT_vs_text_digits),'appointment-hour-booking')).'",
"max": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_max', CP_APPBOOK_DEFAULT_vs_text_max),'appointment-hour-booking')).'",
"min": "'.str_replace(array('"'),array('\\"'),__($this->get_option('vs_text_min', CP_APPBOOK_DEFAULT_vs_text_min),'appointment-hour-booking')).'",
"maxlength": "'.str_replace(array('"'),array('\\"'),__('Please enter no more than {0} characters.','appointment-hour-booking')).'",
"minlength": "'.str_replace(array('"'),array('\\"'),__('Please enter at least {0} characters.','appointment-hour-booking')).'",
"previous": "'.str_replace(array('"'),array('\\"'),$previous_label).'",
"next": "'.str_replace(array('"'),array('\\"'),$next_label).'",
"pageof": "'.str_replace(array('"'),array('\\"'),$pageof_label).'"
}}'
));
}
else
{
wp_enqueue_script( "jquery" );
wp_enqueue_script( "jquery-ui-core" );
wp_enqueue_script( "jquery-ui-datepicker" );
}
?><!--noptimize-->
<script type="text/javascript">
var cp_hourbk_cancel_label = '<?php echo esc_js( __( $this->get_option_not_empty('vs_text_cancel', 'Cancel') ,'appointment-hour-booking')); ?>';
var cp_hourbk_quantity_label = '<?php echo esc_js( __( $this->get_option_not_empty('vs_text_quantity', 'Quantity') ,'appointment-hour-booking')); ?>';
var cp_hourbk_cost_label = '<?php echo esc_js( __( $this->get_option_not_empty('vs_text_cost', 'Cost') ,'appointment-hour-booking')); ?>';
var cp_hourbk_overlapping_label = '<?php echo esc_js( __( $this->get_option_not_empty('vs_text_nmore', 'Selected time is no longer available. Please select a different time.') ,'appointment-hour-booking')); ?>';
var cp_hourbk_nomore_label = '<?php echo esc_js( __("No more slots available.",'appointment-hour-booking')); ?>';
var cp_hourbk_avoid_overlapping = 0;
var apphboverbooking_handler<?php echo esc_html($this->print_counter-1); ?> = false;
function <?php echo esc_html($this->prefix); ?>_pform_doValidate<?php echo '_'.esc_html($this->print_counter); ?>(form)
{
try { if (document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.<?php echo esc_html($this->prefix); ?>_pform_status.value == '1') return false; } catch (e) {}
$dexQuery = jQuery.noConflict();
try { document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.cp_ref_page.value = document.location; } catch (e) {}
$dexQuery = jQuery.noConflict();<?php if (!is_admin() && $this->get_option('cv_enable_captcha', CP_APPBOOK_DEFAULT_cv_enable_captcha) != 'false' && function_exists('imagecreatetruecolor')) { ?>
var result = '';
try {
if (!apphboverbooking_handler<?php echo esc_html($this->print_counter-1); ?>) {
if (document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.hdcaptcha_<?php echo esc_html($this->prefix); ?>_post.value == '') { setTimeout( "<?php echo esc_html($this->prefix); ?>_cerror<?php echo esc_html('_'.$this->print_counter); ?>()", 100); return false; }
var result = $dexQuery.ajax({ type: "GET", url: "<?php echo esc_html($this->get_site_url()); ?>?ps=<?php echo esc_html('_'.$this->print_counter); ?>&<?php echo esc_html($this->prefix); ?>_pform_process=2&<?php echo esc_html($this->prefix); ?>_id=<?php echo intval($this->item); ?>&inAdmin=1&ps=<?php echo esc_html('_'.$this->print_counter); ?>&hdcaptcha_<?php echo esc_html($this->prefix); ?>_post="+document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.hdcaptcha_<?php echo esc_html($this->prefix); ?>_post.value, async: false }).responseText;
}
} catch (e) {result='';console.log('AHB: Captcha not detected.');}
if (!apphboverbooking_handler<?php echo esc_html($this->print_counter-1); ?> && result.indexOf("captchafailed") != -1) {
$dexQuery("#captchaimg<?php echo esc_html('_'.$this->print_counter); ?>").attr('src', $dexQuery("#captchaimg<?php echo esc_html('_'.$this->print_counter); ?>").attr('src')+'&'+Math.floor((Math.random() * 99999) + 1));
setTimeout( "<?php echo esc_html($this->prefix); ?>_cerror<?php echo esc_html('_'.$this->print_counter); ?>()", 100);
return false;
} else <?php } ?>
{
var cpefb_error = 0;
$dexQuery("#<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>").find(".cpefb_error").each(function(index){
if ($dexQuery(this).css("display")!="none")
cpefb_error++;
});
if (cpefb_error==0)
{
if (!apphboverbooking_handler<?php echo esc_html($this->print_counter-1); ?>)
{
try { document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.<?php echo esc_html($this->prefix); ?>_pform_status.value = '1'; } catch (e) {}
apphbblink<?php echo esc_html('_'.$this->print_counter); ?>(".pbSubmit:visible");
$dexQuery("#<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>").find(".avoid_overlapping_before").not(".ignore,.ignorepb").removeClass("avoid_overlapping_before").removeClass("valid").addClass("avoid_overlapping");
cp_hourbk_avoid_overlapping = 1;
try {
$dexQuery("#<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>").find(".avoid_overlapping").valid();
} catch (e) { cp_hourbk_avoid_overlapping = 0; }
function check_cp_hourbk_avoid_overlapping(){
if (cp_hourbk_avoid_overlapping>0)
setTimeout(check_cp_hourbk_avoid_overlapping,100);
else
{
var cpefb_error = 0;
$dexQuery("#<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>").find(".cpefb_error").each(function(index){
if ($dexQuery(this).css("display")!="none")
cpefb_error++;
});
try { document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.<?php echo esc_html($this->prefix); ?>_pform_status.value = '0'; } catch (e) {}
if (cpefb_error==0)
{
apphboverbooking_handler<?php echo esc_html($this->print_counter-1); ?> = true;
if (<?php echo esc_html($this->prefix); ?>_pform_doValidate<?php echo esc_html('_'.$this->print_counter); ?>(form))
{
$dexQuery( ".pbSubmit" ).unbind();
if ($dexQuery( ".pbSubmit" ).hasClass("nofirst"))
return false;
$dexQuery( ".pbSubmit" ).addClass("nofirst");
document.getElementById("<?php echo esc_html($this->prefix).'_pform_'.esc_html($this->print_counter); ?>").submit();
}
}
}
}
check_cp_hourbk_avoid_overlapping();
return false;
}
<?php
/**
* Action called before insert the data into database.
* To the function are passed two parameters: the array with submitted data, and the number of form in the page.
*/
do_action( 'cpappb_script_after_validation', $this->print_counter, $this->item );
?>
$dexQuery("#<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>").find( '.ignore' ).closest( '.fields' ).remove();
}
document.getElementById("form_structure<?php echo esc_html('_'.$this->print_counter); ?>").value = '';
document.getElementById("refpage<?php echo esc_html('_'.$this->print_counter); ?>").value = document.location;
try {
if (cpefb_error==0)
{
document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.<?php echo esc_html($this->prefix); ?>_pform_status.value = '1';
apphbblink<?php echo esc_html('_'.$this->print_counter); ?>(".pbSubmit");
}
} catch (e) {}
return true;
}
}
function apphbblink<?php echo esc_html('_'.$this->print_counter); ?>(selector){
try {
$dexQuery = jQuery.noConflict();
$dexQuery(selector).fadeOut(1000, function(){
$dexQuery(this).fadeIn(1000, function(){
try {
if (document.<?php echo esc_html($this->prefix); ?>_pform<?php echo esc_html('_'.$this->print_counter); ?>.<?php echo esc_html($this->prefix); ?>_pform_status.value != '0')
apphbblink<?php echo esc_html('_'.$this->print_counter); ?>(this);
} catch (e) { console.log(e)}
});
});
} catch (e) {}
}
function <?php echo esc_html($this->prefix); ?>_cerror<?php echo esc_html('_'.$this->print_counter); ?>(){$dexQuery = jQuery.noConflict();$dexQuery("#hdcaptcha_error<?php echo esc_html('_'.$this->print_counter); ?>").css('top',$dexQuery("#hdcaptcha_<?php echo esc_html($this->prefix); ?>_post<?php echo esc_html('_'.$this->print_counter); ?>").outerHeight());$dexQuery("#hdcaptcha_error<?php echo esc_html('_'.$this->print_counter); ?>").css("display","inline");}
</script><!--/noptimize-->
<?php
$button_label = $this->get_option('vs_text_submitbtn', 'Submit');
$button_label = ($button_label==''?'Submit':$button_label);
// START:: code to load form settings
$raw_form_str = str_replace("\r"," ",str_replace("\n"," ",$this->cleanJSON($this->translate_json($this->get_option('form_structure', CP_APPBOOK_DEFAULT_form_structure)))));
$form_data = json_decode( $raw_form_str );
if( is_null( $form_data ) ){
$json = new JSON;
$form_data = $json->unserialize( $raw_form_str );
}
if( !is_null( $form_data ) )
{
if( !empty( $form_data[ 0 ] ) )
{
foreach( $form_data[ 0 ] as $key => $object )
{
if ($object->ftype == 'fcheck' || $object->ftype == 'fradio' || $object->ftype == 'fdropdown')
{
for($ki=0; $ki<count($object->choicesVal); $ki++)
$object->choicesVal[$ki] = str_replace('@', CP_APPBOOK_REP_ARR, $object->choicesVal[$ki]);
$form_data[ 0 ][ $key ] = $object;
$raw_form_str = json_encode( $form_data );
}
else if ($object->ftype == 'fapp')
{
$object->csslayout = apply_filters ('ahb_csslayout', $object->csslayout, $this->item);
}
if (defined('CPAPPHOURBK_BLOCK_TIMES'))
{
if ($object->ftype != 'fapp')
{
$object->csslayout = 'donotdisplayfield';
if (property_exists($object, 'required') && $object->required)
$object->required = false;
if (!empty($object->minlength))
$object->minlength = '';
if (!empty($object->maxlength))
$object->maxlength = '';
if (property_exists($object, 'equalTo') && $object->equalTo)
$object->equalTo = '';
$object->ftype = 'ftext';
}
else
{
$object->maxNumberOfApp = 9999;
$object->showQuantity = 1;
}
$form_data[ 0 ][ $key ] = $object;
//$raw_form_str = json_encode( $form_data );
}
$raw_form_str = json_encode( $form_data );
}
}
if( isset( $form_data[ 1 ] ) && isset( $form_data[ 1 ][ 0 ] ) && isset( $form_data[ 1 ][ 0 ]->formtemplate ) )
{
$templatelist = $this->available_templates();
if( isset( $templatelist[ $form_data[ 1 ][ 0 ]->formtemplate ] ) )
print '<link rel=\'stylesheet\' media="all" href="'.esc_attr( esc_url( $templatelist[ $form_data[ 1 ][ 0 ]->formtemplate ][ 'file' ] ) ).'" type="text/css" />';
}
}
$raw_form_str = str_replace('"','"',esc_attr($raw_form_str));
// END:: code to load form settings
if (!defined('CP_AUTH_INCLUDE')) define('CP_AUTH_INCLUDE',true);
@include dirname( __FILE__ ) . '/cp-public-int.inc.php';
if (!CP_APPBOOK_DEFER_SCRIPTS_LOADING)
{
$prefix_ui = '';
if (@file_exists(dirname( __FILE__ ).'/../../../wp-includes/js/jquery/ui/jquery.ui.core.min.js'))
$prefix_ui = 'jquery.ui.';
// This code won't be used in most cases. This code is for preventing problems in wrong WP themes and conflicts with third party plugins.
?>
<?php $plugin_url = plugins_url('', __FILE__); ?>
<!--noptimize-->
<link href="<?php echo esc_attr(plugins_url('css/stylepublic.css', __FILE__)); ?>" type="text/css" rel="stylesheet" />
<link href="<?php echo esc_attr($this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=css')); ?>" type="text/css" rel="stylesheet" />
<link href="<?php echo esc_attr(plugins_url('css/cupertino/calendar.css', __FILE__)); ?>" type="text/css" rel="stylesheet" />
<script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/jquery.js'); ?>'></script>
<script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'core.min.js'); ?>'></script>
<script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'datepicker.min.js'); ?>'></script>
<?php if (@file_exists(dirname( __FILE__ ).'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'widget.min.js')) { ?><script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'widget.min.js'); ?>'></script><?php } ?>
<?php if (@file_exists(dirname( __FILE__ ).'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'position.min.js')) { ?><script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'position.min.js'); ?>'></script><?php } ?>
<script type='text/javascript' src='<?php echo esc_attr($plugin_url.'/../../../wp-includes/js/jquery/ui/'.$prefix_ui.'tooltip.min.js'); ?>'></script>
<?php if ($calendar_language != '' && file_exists(dirname( __FILE__ ).'/js/languages/jquery.ui.datepicker-'.$calendar_language.'.js')) { ?><script type='text/javascript' src='<?php echo esc_attr(plugins_url('js/languages/jquery.ui.datepicker-'.$calendar_language.'.js', __FILE__)); ?>'></script><?php } ?>
<script type='text/javascript'>
/* <![CDATA[ */
var <?php echo esc_html($this->prefix); ?>_fbuilder_config<?php echo esc_html('_'.$this->print_counter); ?> = {"obj":"{\"pub\":true,\"identifier\":\"<?php echo esc_html('_'.$this->print_counter); ?>\",\"messages\": {\n \t \t\"required\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_is_required', CP_APPBOOK_DEFAULT_vs_text_is_required));?>\",\"maxapp\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_maxapp', CP_APPBOOK_DEFAULT_vs_text_maxapp));?>\",\"language\": \"<?php echo str_replace(array('"'),array('\\"'),$calendar_language);?>\",\"date_format\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('date_format', 'mm/dd/yy'));?>\",\n \t \t\"email\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_is_email', CP_APPBOOK_DEFAULT_vs_text_is_email));?>\",\n \t \t\"datemmddyyyy\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_datemmddyyyy', CP_APPBOOK_DEFAULT_vs_text_datemmddyyyy));?>\",\n \t \t\"dateddmmyyyy\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_dateddmmyyyy', CP_APPBOOK_DEFAULT_vs_text_dateddmmyyyy));?>\",\n \t \t\"number\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_number', CP_APPBOOK_DEFAULT_vs_text_number));?>\",\n \t \t\"digits\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_digits', CP_APPBOOK_DEFAULT_vs_text_digits));?>\",\n \t \t\"max\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_max', CP_APPBOOK_DEFAULT_vs_text_max));?>\",\n \t \t\"min\": \"<?php echo str_replace(array('"'),array('\\"'),$this->get_option('vs_text_min', CP_APPBOOK_DEFAULT_vs_text_min));?>\",\"previous\": \"<?php echo str_replace(array('"'),array('\\"'),$previous_label); ?>\",\"next\": \"<?php echo str_replace(array('"'),array('\\"'),$next_label); // phpcs:ignore WordPress.Security.EscapeOutput
?>\"\n \t }}"};
/* ]]> */
</script>
<script type='text/javascript' src='<?php echo esc_attr($this->fixurl($this->get_site_url( false ) ,'cp_cpappb_resources=public')); ?>'></script>
<script type='text/javascript' src='<?php echo esc_attr($this->fixurl($this->get_site_url( false ) ,'cp_cpappb_resources=customjs')); ?>'></script>
<!--/noptimize-->
<?php
}
// $this->print_counter++;
}
/* Code for the admin area */
public function plugin_page_links( $links ) {
$customAdjustments_link = '<a href="https://apphourbooking.dwbooster.com/customization">'.__('Request custom changes').'</a>';
array_unshift($links, $customAdjustments_link);
$settings_link = '<a href="admin.php?page='.$this->menu_parameter.'">'.__('Settings').'</a>';
array_unshift($links, $settings_link);
$help_link = '<a href="'.$this->plugin_URL.'">'.__('Help').'</a>';
array_unshift($links, $help_link);
return $links;
}
public function admin_menu() {
add_options_page($this->plugin_name.' '.__( 'Options' ,'appointment-hour-booking'), $this->plugin_name, 'manage_options', $this->menu_parameter, array($this, 'settings_page') );
add_menu_page( $this->plugin_name.' '.__( 'Options' ,'appointment-hour-booking'), $this->plugin_name, 'read', $this->menu_parameter, array($this, 'settings_page') );
add_submenu_page( $this->menu_parameter, __('General Settings' ,'appointment-hour-booking'), __('General Settings' ,'appointment-hour-booking'), 'edit_pages', $this->menu_parameter."_settings", array($this, 'settings_page') );
add_submenu_page( $this->menu_parameter, __('Add Ons' ,'appointment-hour-booking'), __('Add Ons' ,'appointment-hour-booking'), 'edit_pages', $this->menu_parameter."_addons", array($this, 'settings_page') );
add_submenu_page( $this->menu_parameter, __( 'Online Demo','appointment-hour-booking'), __('Online Demo' ,'appointment-hour-booking'), 'edit_pages', $this->menu_parameter."_odemo", array($this, 'settings_page') );
add_submenu_page( $this->menu_parameter, __( 'Help','appointment-hour-booking'), __('Help' ,'appointment-hour-booking'), 'edit_pages', $this->menu_parameter."_support", array($this, 'settings_page') );
add_submenu_page( $this->menu_parameter, __('Upgrade Plugin' ,'appointment-hour-booking'), __('Upgrade Plugin' ,'appointment-hour-booking'), 'edit_pages', $this->menu_parameter."_upgrade", array($this, 'settings_page') );
}
function insert_button() {
global $wpdb;
$options = '';
$calendars = $wpdb->get_results( 'SELECT * FROM '.$wpdb->prefix.$this->table_items); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach($calendars as $item)
$options .= '<option value="'.intval($item->id).'">'.esc_html($item->form_name).'</option>';
if ( (!defined('ELEMENTOR_MENUS_VERSION') && !defined('ELEMENTOR_PRO_VERSION')) || @$_GET["action"] != 'elementor')
wp_enqueue_style('wp-jquery-ui-dialog');
wp_enqueue_script('jquery-ui-dialog');
wp_enqueue_script( 'cpapphourbk_classic_editor', plugins_url('/js/insertpanel.js', __FILE__));
$forms = $this->getThisUserForms();
wp_localize_script( 'cpapphourbk_classic_editor', 'apphourbk_formsclassic', array(
'forms' => $forms,
'siteUrl' => get_site_url()
) );
print '<a href="javascript:cpappbk_appointments_fpanel.open()" class="cpapphbinsertb" title="'.esc_attr(__('Insert Appointment Hour Booking','appointment-hour-booking')).'"><img hspace="5" src="'.esc_attr(plugins_url('/images/cp_form.gif', __FILE__)).'" alt="'.esc_attr(__('Insert Appointment Hour Booking','appointment-hour-booking')).'" /></a>';
}
function getThisUserForms() {
global $wpdb;
$current_user = wp_get_current_user();
$current_user_access = current_user_can('manage_options');
$rows = $wpdb->get_results("SELECT id,form_name,cp_user_access FROM ".$wpdb->prefix.$this->table_items." ORDER BY form_name"); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
$forms = array();
$forms[] = array (
'value' => 0,
'label' =>__('- Please select a booking form -','appointment-hour-booking'),
);
$counter = 0;
if (!$current_user_access) // if isn't admin and has some form assigned then return only assigned forms
{
foreach ($rows as $item)
{
$useraccess = unserialize($item->cp_user_access);
if (!is_array($useraccess)) $useraccess = array();
if (@in_array($current_user->ID, $useraccess))
{
$counter++;
$forms[] = array (
'value' => $item->id,
'label' => $item->form_name,
);
}
}
}
if ($counter == 0)
foreach ($rows as $item)
$forms[] = array (
'value' => $item->id,
'label' => $item->form_name,
);
return $forms;
}
public function settings_page() {
global $wpdb;
if ($this->get_param("cal") || $this->get_param("cal") == '0' || $this->get_param("pwizard") == '1')
{
$this->item = intval($this->get_param("cal"));
if (isset($_GET["edit"]) && $_GET["edit"] == '1')
@include_once dirname( __FILE__ ) . '/cp_admin_int_edition.inc.php';
else if ($this->get_param("schedule") == '1')
@include_once dirname( __FILE__ ) . '/cp-admin-int-schedule.inc.php';
else if ($this->get_param("list") == '1')
@include_once dirname( __FILE__ ) . '/cp-admin-int-message-list.inc.php';
else if ($this->get_param("report") == '1')
@include_once dirname( __FILE__ ) . '/cp-admin-int-report.inc.php';
else if ($this->get_param("addbk") == '1')
@include_once dirname( __FILE__ ) . '/cp-admin-int-add-booking.inc.php';
else if ($this->get_param("blocktimes") == '1')
@include_once dirname( __FILE__ ) . '/cp-admin-int-block-times.inc.php';
else if ($this->get_param("pwizard") == '1')
{
if ($this->get_param("cal"))
$this->item = intval($this->get_param("cal"));
@include_once dirname( __FILE__ ) . '/cp-publish-wizzard.inc.php';
}
else
@include_once dirname( __FILE__ ) . '/cp-admin-int.inc.php';
}
else if ($this->get_param("page") == $this->menu_parameter.'_upgrade')
{
echo("Redirecting to upgrade page...<script type='text/javascript'>document.location='".esc_js($this->plugin_download_URL)."';</script>");
exit;
}
else if ($this->get_param("page") == $this->menu_parameter.'_odemo')
{
echo("Redirecting to demo page...<script type='text/javascript'>document.location='https://apphourbooking.dwbooster.com/home#demos';</script>");
exit;
}
else if ($this->get_param("page") == $this->menu_parameter.'_support')
{
//echo("Redirecting to support page...<script type='text/javascript'>document.location='https://wordpress.org/support/plugin/appointment-hour-booking#new-post';</script>");
//exit;
@include_once dirname( __FILE__ ) . '/cp-help.inc.php';
}
else if ($this->get_param("page") == $this->menu_parameter.'_settings')
{
@include_once dirname( __FILE__ ) . '/cp-settings.inc.php';
}
else if ($this->get_param("page") == $this->menu_parameter.'_addons')
{
@include_once dirname( __FILE__ ) . '/cp-addons.inc.php';
}
else
@include_once dirname( __FILE__ ) . '/cp-admin-int-list.inc.php';
}
function gutenberg_block() {
global $wpdb;
wp_enqueue_script( 'cpapphourbk_gutenberg_editor', plugins_url('/js/block.js', __FILE__));
wp_enqueue_style('cpapp-calendarstyle', plugins_url('css/cupertino/calendar.css', __FILE__));
wp_enqueue_style('cpapp-publicstyle', plugins_url('css/stylepublic.css', __FILE__));
wp_enqueue_style('cpapp-custompublicstyle', $this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=css'));
if (defined("CP_AHB_DYNAMIC_LOADING"))
{
wp_enqueue_script( $this->prefix.'_builder_script',
$this->fixurl($this->get_site_url( false ),'cp_cpappb_resources=public'),array("jquery","jquery-ui-core","jquery-ui-datepicker","jquery-ui-widget","jquery-ui-position","jquery-ui-tooltip"), false, true );
}
else
{
wp_enqueue_script( $this->prefix.'_builder_script',
plugins_url('js/fbuilder-public.js', __FILE__),array("jquery","jquery-ui-core","jquery-ui-datepicker","jquery-ui-widget","jquery-ui-position","jquery-ui-tooltip"), false, true );
}
$forms = $this->getThisUserForms();
wp_localize_script( 'cpapphourbk_gutenberg_editor', 'apphourbk_forms', array(
'forms' => $forms,
'siteUrl' => get_site_url()
) );
}
public function render_form_admin ($atts) {
global $wpdb;
$is_gutenberg_editor = defined( 'REST_REQUEST' ) && REST_REQUEST && ! empty( $_REQUEST['context'] ) && 'edit' === $_REQUEST['context'];
if (!$is_gutenberg_editor)
{
if (!isset($atts["formId"]))
return __('Please select a booking form.','appointment-hour-booking');
else
{
$myrows = $wpdb->get_results( $wpdb->prepare ("SELECT * FROM ".$wpdb->prefix.$this->table_items." WHERE id=%d" , $atts["formId"] )); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
//if (!count($myrows))
// return __('Please select a booking form.','appointment-hour-booking');
//else
return $this->filter_content (array('id' => $atts["formId"]));
}
}
else if (isset($atts["formId"]) && $atts["formId"])
{
$myrows = $wpdb->get_results( $wpdb->prepare ("SELECT * FROM ".$wpdb->prefix.$this->table_items." WHERE id=%d" , $atts["formId"] )); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
if (!count($myrows))
return __('Please select a booking form.','appointment-hour-booking');
else
{
$this->setId($atts["formId"]);
return '<input type="hidden" name="form_structure'.$atts["instanceId"].'" id="form_structure'.$atts["instanceId"].'" value="'.str_replace("\r","",str_replace("\n","",esc_attr($this->get_option('form_structure')))).'" /><fieldset class="ahbgutenberg_editor" disabled><div id="fbuilder"><div id="fbuilder_'.$atts["instanceId"].'"><div id="formheader_'.$atts["instanceId"].'"></div><div id="fieldlist_'.$atts["instanceId"].'"></div></div></div></fieldset>';
}
}
else
{
return __('Please select a booking form.','appointment-hour-booking');
//$atts["instanceId"] = '12365';
//return '<input type="hidden" name="form_structure'.$atts["instanceId"].'" id="form_structure'.$atts["instanceId"].'" value="'.str_replace("\r","",str_replace("\n","",esc_attr($this->get_option('form_structure')))).'" /><fieldset class="ahbgutenberg_editor" disabled><div id="fbuilder"><div id="fbuilder_'.$atts["instanceId"].'"><div id="formheader_'.$atts["instanceId"].'"></div><div id="fieldlist_'.$atts["instanceId"].'"></div></div></div></fieldset>';
}
}
function insert_adminScripts( $hook ) {
if ($this->get_param("page") == $this->menu_parameter && $this->get_param("blocktimes") != '1' && $this->get_param("addbk") != '1')
{
wp_deregister_script( 'bootstrap-datepicker-js' );
wp_register_script('bootstrap-datepicker-js', plugins_url('/js/nope.js', __FILE__));
wp_deregister_script( 'wpsp_wp_admin_jquery7' );
wp_register_script('wpsp_wp_admin_jquery7', plugins_url('/js/nope.js', __FILE__));
wp_deregister_script( 'tribe-events-bootstrap-datepicker' );
wp_register_script('tribe-events-bootstrap-datepicker', plugins_url('/js/nope.js', __FILE__));
if (defined("CP_AHB_DYNAMIC_LOADING"))
{
wp_enqueue_script( $this->prefix.'_builder_script', $this->get_site_url( true ).'?cp_cpappb_resources=admin',array("jquery","jquery-ui-core","jquery-ui-sortable","jquery-ui-tabs","jquery-ui-droppable","jquery-ui-button","jquery-ui-datepicker") );
}
else
{
wp_enqueue_script( $this->prefix.'_builder_script', plugins_url('js/fbuilder-admin.js', __FILE__),array("jquery","jquery-ui-core","jquery-ui-sortable","jquery-ui-tabs","jquery-ui-droppable","jquery-ui-button","jquery-ui-datepicker") );
}
if (isset($_GET["calendarview"]) && $_GET["calendarview"] == '1')
{
wp_enqueue_script( 'jquery-ui-dialog' );
wp_enqueue_style('cpahb-jquery-schedcalstyle', plugins_url('/mv/css/cupertino/calendar.css', __FILE__));
wp_enqueue_style('cpahb-jquery-schedcalstylemv', plugins_url('/mv/css/main.css', __FILE__));
wp_enqueue_script('cpahb-schedcal-underscore', plugins_url('/mv/js/underscore.js', __FILE__));
wp_enqueue_script('cpahb-schedcal-rrule', plugins_url('/mv/js/rrule.js', __FILE__));
wp_enqueue_script('cpahb-schedcal-common', plugins_url('/mv/js/Common.js', __FILE__));
if (file_exists(dirname( __FILE__ ).'/mv/language/multiview_lang_'.$this->mv_autodetect_language().'.js'))
$langscript = plugins_url('/mv/language/multiview_lang_'.$this->mv_autodetect_language().'.js', __FILE__);
else
$langscript = plugins_url('/mv/language/multiview_lang_en_GB.js', __FILE__);
wp_enqueue_script('cptslots-schedcal-lang', $langscript );
wp_enqueue_script('cptslots-schedcal-calendar', plugins_url('/mv/js/jquery.calendar.js', __FILE__));
wp_enqueue_script('cptslots-schedcal-alert', plugins_url('/mv/js/jquery.alert.js', __FILE__));
wp_enqueue_script('cptslots-schedcal-multiview', plugins_url('/mv/js/multiview.js', __FILE__));
}
wp_enqueue_style('jquery-style', plugins_url('/css/cupertino/jquery-ui-1.8.20.custom.css', __FILE__));
wp_enqueue_style('cpapp-style', plugins_url('/css/style.css', __FILE__));
wp_enqueue_style('cpapp-newadminstyle', plugins_url('/css/newadminlayout.css', __FILE__));
$calendar_language = $this->get_option('calendar_language','');
if ($calendar_language == '') $calendar_language = $this->autodetect_language();
if ($calendar_language != '')
wp_enqueue_script($this->prefix.'_language_file', plugins_url('js/languages/jquery.ui.datepicker-'.$calendar_language.'.js', __FILE__), array("jquery","jquery-ui-core","jquery-ui-sortable","jquery-ui-tabs","jquery-ui-droppable","jquery-ui-button","jquery-ui-datepicker"));
} else if ($this->get_param("blocktimes") == '1') {
wp_enqueue_script( 'bootstrap-datepicker-js', plugins_url('/js/nope.js', __FILE__),array("jquery","jquery-ui-core","jquery-ui-sortable","jquery-ui-tabs","jquery-ui-droppable","jquery-ui-button","jquery-ui-datepicker") );
wp_deregister_script( 'tribe-events-bootstrap-datepicker' );
wp_register_script('tribe-events-bootstrap-datepicker', plugins_url('/js/nope.js', __FILE__));
wp_enqueue_style('cpapp-newadminstyle', plugins_url('/css/newadminlayout.css', __FILE__));
}
if( 'post.php' != $hook && 'post-new.php' != $hook )
return;
// space to include some script in the post or page areas if needed
}
function mv_autodetect_language()
{
$basename = '/mv/language/multiview_lang_';
$binfo = str_replace('-','_',get_bloginfo('language'));
$options = array ($binfo,
strtolower($binfo),
substr(strtolower($binfo),0,2)."_".substr(strtoupper($binfo),strlen(strtoupper($binfo))-2,2),
substr(strtolower($binfo),0,2)."_".substr(strtoupper($binfo),0,2),
substr(strtolower($binfo),0,2),
substr(strtolower($binfo),strlen(strtolower($binfo))-2,2)
);
foreach ($options as $option)
{
if (file_exists(dirname( __FILE__ ).$basename.$option.'.js'))
return $option;
$option = str_replace ("-","_", $option);
if (file_exists(dirname( __FILE__ ).$basename.$option.'.js'))
return $option;
}
return '';
}
function autodetect_language() {
$basename = '/js/languages/jquery.ui.datepicker-';
$options = array (get_bloginfo('language'),
strtolower(get_bloginfo('language')),
substr(strtolower(get_bloginfo('language')),0,2)."-".substr(strtoupper(get_bloginfo('language')),strlen(strtoupper(get_bloginfo('language')))-2,2),
substr(strtolower(get_bloginfo('language')),0,2),
substr(strtolower(get_bloginfo('language')),strlen(strtolower(get_bloginfo('language')))-2,2)
);
foreach ($options as $option)
{
if (file_exists(dirname( __FILE__ ).$basename.$option.'.js'))
return $option;
$option = str_replace ("-","_", $option);
if (file_exists(dirname( __FILE__ ).$basename.$option.'.js'))
return $option;
}
return '';
}
public function data_management_pluginsloaded() {
if (isset($_GET["cp_cpappb_resources"]))
{
add_filter( 'trp_allow_tp_to_run', 'apphourbk_tp_disable_filter' );
}
}
function data_management_loaded() {
global $wpdb;
$action = $this->get_param('cp_apphourbooking_do_action_loaded');
if (!$action) return; // go out if the call isn't for this one
if ($this->get_param('cpapphourbk_id')) $this->item = intval($this->get_param('cpapphourbk_id'));
if ($action == "wizard" && current_user_can('manage_options'))
{
$this->verify_nonce ( sanitize_text_field($_POST["anonce"]), 'cpappb_actions_pwizard');
$shortcode = '[CP_APP_HOUR_BOOKING id="'.$this->item .'"]';
$this->postURL = $this->publish_on($this->sanitize(@$_POST["whereto"]), $this->sanitize(@$_POST["publishpage"]), $this->sanitize(@$_POST["publishpost"]), $shortcode, $this->sanitize(@$_POST["posttitle"])); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
return;
}
// ...
echo 'Some unexpected error happened. If you see this error contact the support service at https://apphourbooking.dwbooster.com/contact-us';
exit();
}
private function publish_on( $whereto, $publishpage = '', $publishpost = '', $content = '', $posttitle = 'Booking Form' ) {
global $wpdb;
$id = '';
if ($whereto == '0' || $whereto =='1') // new page
{
$my_post = array(
'post_title' => $posttitle,
'post_type' => ($whereto == '0'?'page':'post'),
'post_content' => 'This is a <b>preview</b> page, remember to publish it if needed. You can edit the full calendar and form settings into the admin settings page.<br /><br /> '.$content,
'post_status' => 'draft'
);
// Insert the post into the database
$id = wp_insert_post( $my_post );
}
else
{
$id = ($whereto == '2'?$publishpage:$publishpost);
$post = get_post( $id );
$pos = strpos($post->post_content,$content);
if ($pos === false)
{
$my_post = array(
'ID' => $id,
'post_content' => $content.$post->post_content,
);
// Update the post into the database
wp_update_post( $my_post );
}
}
return get_permalink( $id );
}
function print_multiview_format( $data ) {
// $data[$k]["d"] - date
// $data[$k]["h1"] - hour
// $data[$k]["m1"] - minute
// $data[$k]["h2"] - hour end
// $data[$k]["m2"] - minute end
// $data[$k]["info"] - description
function _js2PhpTime( $jsdate ) {
if(preg_match('@(\d+)/(\d+)/(\d+)\s+(\d+):(\d+)((am|pm)*)@', $jsdate, $matches)==1){
if ($matches[6]=="pm")
if ($matches[4]<12)
$matches[4] += 12;
$ret = mktime($matches[4], $matches[5], 0, $matches[1], $matches[2], $matches[3]);
}else if(preg_match('@(\d+)/(\d+)/(\d+)@', $jsdate, $matches)==1){
$ret = mktime(0, 0, 0, $matches[1], $matches[2], $matches[3]);
}
return $ret;
}
function _php2MySqlTime( $phpDate ) {
return date("Y-m-d H:i:s", $phpDate);
}
function _php2JsTime( $phpDate ) {
return @date("m/d/Y H:i", $phpDate);
}
function _mySql2PhpTime( $sqlDate ) {
$a1 = explode (" ",$sqlDate);
$a2 = explode ("-",$a1[0]);
$a3 = explode (":",$a1[1]);
$a3[0] = isset($a3[0]) ? intval($a3[0]) : 0;
$a3[1] = isset($a3[1]) ? intval($a3[1]) : 0;
$a3[2] = isset($a3[2]) ? intval($a3[2]) : 0;
$a2[0] = isset($a2[0]) ? intval($a2[0]) : 0;
$a2[1] = isset($a2[1]) ? intval($a2[1]) : 0;
$a2[2] = isset($a2[2]) ? intval($a2[2]) : 0;
$t = mktime( $a3[0], $a3[1], $a3[2], $a2[1], $a2[2], $a2[0] );
return $t;
}
usort($data, array($this, 'wptsbk_custom_sort') );
$ret = array();
$ret['events'] = array();
$ret["issort"] = true;
$ret['error'] = null;
$d1 = _js2PhpTime(sanitize_text_field($_POST["startdate"]));
$d2 = _js2PhpTime(sanitize_text_field($_POST["enddate"]));
$d1 = mktime(0, 0, 0, date("m", $d1), date("d", $d1), date("Y", $d1));
$d2 = mktime(0, 0, 0, date("m", $d2), date("d", $d2), date("Y", $d2))+24*60*60-1;
$ret["start"] = _php2JsTime($d1);
$ret["end"] = _php2JsTime($d2);
$aid = 1;
foreach ($data as $item)
{
$datetime = $item["d"]." ".$item["h1"].":".($item["m1"]<10?"0":"").$item["m1"];
$datetime2 = $item["d"]." ".$item["h2"].":".($item["m2"]<10?"0":"").$item["m2"];
$ev = array(
$aid++,//mt_rand(1,9999999), //$row["id"],
$item["e"],
_php2JsTime(_mySql2PhpTime($datetime)),
_php2JsTime(_mySql2PhpTime($datetime2)),
0, // is all day event?
0, // more than one day event
'',//Recurring event rule,
'#3CF',
0,//editable
'',
'',//$attends
$item["info"],
'',
1
);
$ret['events'][] = $ev;
}
echo json_encode($ret);
exit;
}
public function wptsbk_custom_sort( $a, $b ) {
return ((($a['d']>$b['d']) ||
($a['d']==$b['d'] && $a['h1']>$b['h1']) ||
($a['d']==$b['d'] && $a['h1']==$b['h1'] && $a['m1']>$b['m1'])) ? 1 : -1);
}
function check_current_user_access( $calid = '' )
{
$current_user = wp_get_current_user();
$current_user_access = current_user_can('manage_options');
$saved_id = $this->item;
$this->setID($calid);
$result = ($current_user_access || @in_array($current_user->ID, unserialize($this->get_option("cp_user_access",""))));
$this->setID($saved_id);
return $result;
}
function data_management() {
global $wpdb;
if (!is_admin() ||
(get_option('cp_cpappb_admin_language', '') != 'english' && empty($_POST["cp_cpappb_admin_language"])) ||
(isset($_POST["cp_cpappb_admin_language"]) && $_POST["cp_cpappb_admin_language"] != 'english'))
load_plugin_textdomain( 'appointment-hour-booking', false, dirname( plugin_basename( __FILE__ ) ) . '/languages/' );
if(!empty($_REQUEST['cp_app_action']))
{
$formid = intval($_REQUEST['formid']);
$field = (isset($_REQUEST['formfield']) ? sanitize_key($_REQUEST['formfield']) : '');
if ('mv' == $_REQUEST['cp_app_action'])
{
$t_content_admin = get_option('cp_cpappb_schcalcontent_admin',CP_CPAPPB_SCHCALCONTENT_ADMIN);
$t_title_admin = get_option('cp_cpappb_schcaltitle_admin',CP_CPAPPB_SCHCALTITLE_ADMIN);
$t_content_public = get_option('cp_cpappb_schcalcontent_public',CP_CPAPPB_SCHCALCONTENT_PUBLIC);
$t_title_public = get_option('cp_cpappb_schcaltitle_public',CP_CPAPPB_SCHCALTITLE_PUBLIC);
$t_content_admin = apply_filters( 'cpappb_mv_content_admin_filter', $t_content_admin, intval($formid) );
$t_title_admin = apply_filters( 'cpappb_mv_title_admin_filter', $t_title_admin, intval($formid) );
$t_content_public = apply_filters( 'cpappb_mv_content_public_filter', $t_content_public, intval($formid) );
$t_title_public = apply_filters( 'cpappb_mv_title_public_filter', $t_title_public, intval($formid) );
}
if ($_REQUEST['cp_app_action'] != 'mv' || get_option('cp_cpappb_sch_admin_blockedt','') == 'Yes')
$myrows = $wpdb->get_results( $wpdb->prepare("SELECT data,notifyto,posted_data FROM ".$wpdb->prefix.$this->table_messages." where formid=%d", $formid) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
else
$myrows = $wpdb->get_results( $wpdb->prepare("SELECT data,notifyto,posted_data FROM ".$wpdb->prefix.$this->table_messages." where formid=%d AND notifyto<>%s", $formid, $this->blocked_by_admin_indicator) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
$tmp2 = array();
$excluded_multiview = ',,'.get_option('cp_cpappb_schcalcontent_exclude','').','; // fields excluded form multi view calendar
for ($i=0; $i < count($myrows); $i++)
{
$data = unserialize($myrows[$i]->posted_data);
if (is_array($data) && is_array($data["apps"]))
{
for($k=0; $k<count($data["apps"]); $k++)
if ( (!isset($data["apps"][$k]["cancelled"]) || $data["apps"][$k]["cancelled"] == '' || $data["apps"][$k]["cancelled"] == 'Attended') &&
( !isset($data["apps"][$k]["field"]) || @$data["apps"][$k]["field"] == $field || $field == '' || $data["apps"][$k]["field"] == '') &&
(($_REQUEST['cp_app_action'] != 'mv') || !strpos($excluded_multiview, ','.$data["apps"][$k]["field"].','))
)
{
$slot = $data["apps"][$k]["slot"];
$quantity = intval(@$data["apps"][$k]["quant"]);
if (!$quantity) $quantity = 1;
$availitem = array("d"=>$data["apps"][$k]["date"] ,"h1"=>intval(substr($slot,0,2)),"m1"=>intval(substr($slot,3,2)),"h2"=>intval(substr($slot,6,2)),"m2"=>intval(substr($slot,9,2)),"serviceindex"=>intval(@$data["apps"][$k]["serviceindex"]),"quantity"=>$quantity);
if (isset($data["apps"][$k]["sid"]) && $data["apps"][$k]["sid"] != '')
$availitem["sid"] = intval(@$data["apps"][$k]["sid"]);
$tmp2[] = $availitem;
if ($_REQUEST['cp_app_action'] == 'mv' && $this->check_current_user_access($formid))
{
$data["INFO"] = $this->sanitize($myrows[$i]->data);
$tmp2[count($tmp2)-1]["info"] = $this->replace_tags( $this->sanitize($t_content_admin), $data, false, $k); // $myrows[$i]->data;
$tmp2[count($tmp2)-1]["e"] = $this->replace_tags( $this->sanitize($t_title_admin), $data, false, $k); // sanitize_email($myrows[$i]->notifyto);
}
}
}
}
if ($_REQUEST['cp_app_action'] == 'mv')
{
if (is_admin() && $this->check_current_user_access(intval($formid)))
$this->print_multiview_format($tmp2);
else
echo 'Authentication required';
}
else
echo json_encode($tmp2); //{type:"all",d:"",h1:8,m1:0,h2:17,m2:0}
exit;
}
if( isset( $_REQUEST[ 'cp_cpappb_resources' ] ) )
{
if( $_REQUEST[ 'cp_cpappb_resources' ] == 'admin' )
{
require_once dirname( __FILE__ ).'/js/fbuilder-loader-admin.php';
}
else if( $_REQUEST[ 'cp_cpappb_resources' ] == 'css' )
{
header("Content-type: text/css");
$custom_styles = base64_decode(get_option('CP_AHB_CSS', ''));
echo $this->clean_sanitize($custom_styles); // phpcs:ignore WordPress.Security.EscapeOutput
}
else if( $_REQUEST[ 'cp_cpappb_resources' ] == 'customjs' )
{
header("Content-type: application/javascript");
$custom_scripts = base64_decode(get_option('CP_AHB_JS', ''));
$custom_scripts = apply_filters( 'cpappb_the_customjs', $custom_scripts, intval($_GET["cal"]) );
echo $this->clean_sanitize($custom_scripts); // phpcs:ignore WordPress.Security.EscapeOutput
}
else
{
require_once dirname( __FILE__ ).'/js/fbuilder-loader-public.php';
}
exit;
}
$this->check_reports();
if ($this->get_param($this->prefix.'_captcha') == 'captcha' )
{
@include_once dirname( __FILE__ ) . '/captcha/captcha.php';
exit;
}
if ($this->get_param($this->prefix.'_blockmultiple') == '1' && is_admin())
{
$this->verify_nonce ($_POST["anonce"], 'cpappb_actions_admin');
$this->block_multiple();
return;
}
if ($this->get_param($this->prefix.'_csv1') && is_admin() && $this->check_current_user_access(intval($this->get_param("cal"))))
{
$this->export_csv();
return;
}
if ($this->get_param($this->prefix.'_csv2') && is_admin() && $this->check_current_user_access(intval($this->get_param("cal"))))
{
$this->export_csv_schedule(array());
return;
}
if ( $this->get_param($this->prefix.'_post_options') && is_admin() && $this->check_current_user_access(intval($this->get_param($this->prefix.'_id'))))
{
$this->save_options();
return;
}
if (!isset($_SERVER['REQUEST_METHOD']))
return;
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset( $_POST['CP_AHB_post_edition'] ) && current_user_can('edit_pages') && is_admin() )
{
$this->save_edition();
return;
}
if ( 'POST' != $_SERVER['REQUEST_METHOD'] || ! isset( $_POST[$this->prefix.'_pform_process'] ) )
if ( 'GET' != $_SERVER['REQUEST_METHOD'] || !isset( $_GET['hdcaptcha_'.$this->prefix.'_post'] ) )
return;
if ($this->get_param($this->prefix.'_id')) $this->item = intval($this->get_param($this->prefix.'_id'));
@session_start();
if (isset($_GET["ps"])) $sequence = sanitize_text_field($_GET["ps"]); else if (isset($_POST["cp_pform_psequence"])) $sequence = sanitize_text_field($_POST["cp_pform_psequence"]);
$captcha_tr = '';
if (!empty($_COOKIE['rand_code'.$sequence])) $captcha_tr = get_transient( "ahb-captcha-".sanitize_key($_COOKIE['rand_code'.$sequence]));
if (
!apply_filters( 'cpappb_valid_submission', true) ||
(
(!is_admin() && $this->get_option('cv_enable_captcha', CP_APPBOOK_DEFAULT_cv_enable_captcha) != 'false' && function_exists('imagecreatetruecolor')) &&
( (!isset($_SESSION['rand_code'.$sequence]) ||
strtolower($this->get_param('hdcaptcha_'.$this->prefix.'_post')) != strtolower(sanitize_text_field($_SESSION['rand_code'.$sequence])) ||
($_SESSION['rand_code'.$sequence] == ''))
)
&&
( (strtolower($this->get_param('hdcaptcha_'.$this->prefix.'_post')) != $captcha_tr) ||
($captcha_tr == '')
)
)
)
{
echo 'captchafailed';
exit;
}
// if this isn't the real post (it was the captcha verification) then echo ok and exit
if ( 'POST' != $_SERVER['REQUEST_METHOD'] || ! isset( $_POST[$this->prefix.'_pform_process'] ) )
{
echo 'ok';
exit;
}
$posted_items = array();
foreach ($_POST as $item => $value)
$posted_items[sanitize_key($item)] = $this->sanitize( is_array($value) ? $value : stripcslashes($value) );
if (isset($_GET["blocktimes"]) && is_admin() && current_user_can('edit_posts'))
define('CPAPPHOURBK_BLOCK_TIMES_PROCESS', true);
// get form info
//---------------------------
//require_once(ABSPATH . "wp-admin" . '/includes/file.php');
$form_data = json_decode($this->cleanJSON($this->get_option('form_structure', CP_APPBOOK_DEFAULT_form_structure)));
$fields = array();
$apps = $this->extract_appointments($form_data[0], $posted_items, $sequence);
$honeypotcheck = sanitize_key(get_option('cp_cpappb_honeypot',''));
if ($honeypotcheck != '' && (isset($_POST[$honeypotcheck]) && $_POST[$honeypotcheck] != ''))
{
echo 'Blocked by anti-spam rule. Please contact our support service if you this this is an error.';
exit;
}
$price = $this->extract_total_price ($apps);
$apptext = $this->get_appointments_text ($apps);
$excluded_items = array();
foreach ($form_data[0] as $item)
if ($item->ftype != 'fapp' && !defined('CPAPPHOURBK_BLOCK_TIMES_PROCESS'))
{
if ($item->ftype == 'femail' && isset($posted_items[$item->name.$sequence]))
$posted_items[$item->name.$sequence] = sanitize_email($posted_items[$item->name.$sequence]);
$fields[$item->name] = $item->title;
if ($item->ftype == 'fPhone') // join fields for phone fields
{
$posted_items[$item->name.$sequence] = '';
for($i=0; $i<=substr_count($item->dformat," "); $i++)
{
$posted_items[$item->name.$sequence] .= ($posted_items[$item->name.$sequence."_".$i]!=''?($i==0?'':'-').$posted_items[$item->name.$sequence."_".$i]:'');
unset($posted_items[$item->name.$sequence."_".$i]);
}
}
}
else
{
$fields[$item->name] = $item->title;
$posted_items[$item->name.$sequence] = $apptext;
$excluded_items[] = $item->name;
}
// grab posted data
//---------------------------
$buffer = __('Appointments','appointment-hour-booking').":\n".$apptext."\n";
$founddata = false;
$params = array();
$params["final_price"] = $price;
$params["final_price_short"] = number_format($price,0);
$params["request_timestamp"] = $this->format_date(date("Y-m-d", current_time('timestamp'))). " ". (date("H:i:s", current_time('timestamp')));
$params["apps"] = $apps;
foreach ($apps as $appitem)
{
$is_military_t = (!isset($appitem["military"]) || $appitem["military"] == 0 || $appitem["military"] == '');
$params["app_service_".$appitem["id"]] = $appitem["service"];
$params["app_status_".$appitem["id"]] = $appitem["cancelled"];
$params["app_duration_".$appitem["id"]] = $appitem["duration"];
$params["app_price_".$appitem["id"]] = $appitem["price"];
$params["app_date_".$appitem["id"]] = $this->format_date($appitem["date"]);
$params["app_slot_".$appitem["id"]] = $appitem["slot"];
$slotpieces = explode("/",$appitem["slot"]);
$params["app_starttime_".$appitem["id"]] = $this->format12hours(trim(@$slotpieces[0]), $is_military_t);
$params["app_endtime_".$appitem["id"]] = $this->format12hours(trim(@$slotpieces[1]), $is_military_t);
$params["app_quantity_".$appitem["id"]] = $appitem["quant"];
$founddata = true;
}
$params["formid"] = $this->item;
$params["formname"] = $this->get_option('form_name');
$params["referrer"] = $posted_items["refpage".$sequence];
foreach ($posted_items as $item => $value)
if (isset($fields[str_replace($sequence,'',$item)]))
{
if (is_array($value))
{
for ($iv=0; $iv<count($value); $iv++)
$value[$iv] = str_replace(CP_APPBOOK_REP_ARR, "@", $value[$iv]);
}
else
$value = str_replace(CP_APPBOOK_REP_ARR, "@", $value);
if (!in_array(str_replace($sequence,'',$item), $excluded_items))
$buffer .= ($fields[str_replace($sequence,'',$item)]?$fields[str_replace($sequence,'',$item)] . ": ":""). (is_array($value)?($this->recursive_implode(", ",$value)):($value)) . "\n\n";
$params[str_replace($sequence,'',$item)] = $value;
$founddata = true;
}
$buffer_A = (defined('CPAPPHOURBK_BLOCK_TIMES_PROCESS')?__('BLOCKED BY ADMIN','appointment-hour-booking')."\n\n":'') . $buffer;
if ($this->booking_form_nonce || is_admin())
$this->verify_nonce ($posted_items["anonce"], 'cpappb_actions_bookingform');
$_SESSION['rand_code'.$sequence] = '';
if (!empty($_COOKIE['rand_code'.$sequence])) set_transient( "ahb-captcha-".sanitize_key($_COOKIE['rand_code'.$sequence]) , '' , 1800 );
/**
* Action called before insert the data into database.
* To the function is passed an array with submitted data.
*/
do_action( 'cpappb_process_data_before_insert', $params );
if (!$founddata)
{
echo 'Empty post! No data received.';
exit;
}
// insert into database
//---------------------------
$current_user = wp_get_current_user();
$params["username"] = $current_user->user_login;
$this->add_field_verify($wpdb->prefix.$this->table_messages, "whoadded");
$to = $this->get_option('cu_user_email_field', CP_APPBOOK_DEFAULT_cu_user_email_field);
$sanitized_email = sanitize_email( ( !empty($posted_items[$to.$sequence]) ? $posted_items[$to.$sequence] : '' ) );
if (defined('CPAPPHOURBK_BLOCK_TIMES_PROCESS'))
$sanitized_email = $this->blocked_by_admin_indicator;
if (!$this->performAdvancedDoubleBookingVerification($params, $sequence))
{
$this->endSubmission();
return; // in the case it shouldn't break the whole process
}
$rows_affected = $wpdb->insert( $wpdb->prefix.$this->table_messages, array( 'formid' => $this->item,
'time' => current_time('mysql'),
'ipaddr' => ( get_option('cp_cpappb_storeip', CP_APPBOOK_DEFAULT_track_IP)? sanitize_text_field($_SERVER['REMOTE_ADDR']) : '' ),
'notifyto' => $sanitized_email,
'posted_data' => serialize($params),
'data' =>$buffer_A,
'whoadded' => "".$current_user->ID
) );
if ( !$rows_affected )
{
echo 'Error saving data! Please try again.';
exit;
}
// $myrows = $wpdb->get_results( "SELECT MAX(id) as max_id FROM ".$wpdb->prefix.$this->table_messages );
$item_number = $wpdb->insert_id; // $myrows[0]->max_id;
// Call action for data processing
//---------------------------------
$params[ 'itemnumber' ] = $item_number;
/**
* Action called after inserted the data into database.
* To the function is passed an array with submitted data.
*/
do_action_ref_array( 'cpappb_process_data', array(&$params) );
$wpdb->update( $wpdb->prefix.$this->table_messages,
array( 'posted_data' => serialize($params) ),
array ( 'id' => $item_number),
array( '%s' ),
array( '%d' )
);
$this->ready_to_go_reservation( $item_number, "" );
$_SESSION[ 'cp_cff_form_data' ] = $item_number;
if (is_admin())
return;
/**
* Filters applied to decide if the website should be redirected to the thank you page after submit the form,
* pass a boolean as parameter and returns a boolean
*/
$redirect = true;
$redirect = apply_filters( 'cpappb_redirect', $redirect );
if( $redirect )
{
header("Location: ". $this->replace_tags($this->translate_permalink($this->get_option('fp_return_page', CP_APPBOOK_DEFAULT_fp_return_page)), $params, true));
exit();
}
}
public function endSubmission() {
echo 'Selected time is no longer available <a href="javascript:window.history.back();">please go back and select another time</a>.';
exit;
}
public function performAdvancedDoubleBookingVerification( $params, $sequence = "_1", $is_double_check = false ) {
global $wpdb;
// START: custom modification to verify double booking
$blockedstatuses = explode(",", ',Attended');
$latestitems = $wpdb->get_results($wpdb->prepare("SELECT posted_data FROM ".$wpdb->prefix.$this->table_messages." WHERE formid=%d ORDER BY ID DESC LIMIT 2000",$this->item)); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach ($latestitems as $latestitem)
{
$latestdata = unserialize($latestitem->posted_data);
if (isset($latestdata["apps"]) && isset($latestdata["apps"][0]) && isset($params["apps"][0]) && $latestdata["apps"][0] && isset($latestdata["apps"][0]["date"]))
{
if (
$latestdata["apps"][0]["date"] == $params["apps"][0]["date"] &&
$latestdata["apps"][0]["slot"] == $params["apps"][0]["slot"] &&
$latestdata["apps"][0]["service"] == $params["apps"][0]["service"] &&
( $latestdata["apps"][0]["cancelled"] == '' ||
$latestdata["apps"][0]["cancelled"] == 'Attended' ||
isset($latestdata["lock"]) ||
in_array($latestdata["apps"][0]["cancelled"],$blockedstatuses)
)
//|| $latestdata["apps"][0]["cancelled"] == 'Pending'
) // this checks for the latest submission in the database
{
if (isset($_POST[$params["apps"][0]["field"].$sequence."_capacity"]))
$cap = sanitize_text_field($_POST[$params["apps"][0]["field"].$sequence."_capacity"]);
else
$cap = '';
$quantity = explode(';', $cap);
$c1 = (isset($quantity[$params["apps"][0]["serviceindex"]]) ? intval($quantity[$params["apps"][0]["serviceindex"]]) : 0);
if ($c1 == 0) $c1 = 1;
$selected_capacity = $c1 + ($is_double_check?1:0);
if (!$selected_capacity)
return true;
if ($selected_capacity > 1 && $this->countBookingsFor($params["apps"][0]["date"], $params["apps"][0]["slot"], $params["apps"][0]["service"]) < $selected_capacity) // make additional verification
{
return true; // OK, spaces available
}
if ($is_double_check)
$wpdb->query($wpdb->prepare("DELETE FROM ".$wpdb->prefix.$this->table_messages." WHERE id=%d",$is_double_check)); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
return false; // wrong, already booked
}
}
}
return true;
// END: custom modification to verify double booking
}
private function countBookingsFor( $date, $slot, $service ) {
global $wpdb;
$count = 0;
// verification for the latest 1000 submissions
$latestitems = $wpdb->get_results(
$wpdb->prepare("SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE formid=%d AND posted_data like '%".esc_sql($date)."%' ORDER BY ID DESC LIMIT 0,1000",$this->item)
);
foreach ($latestitems as $item)
{
$latestdata = unserialize($item->posted_data);
foreach ($latestdata["apps"] as $app)
if ($app["date"] == $date &&
$app["slot"] == $slot &&
$app["service"] == $service &&
($app["cancelled"] == '' || $app["cancelled"] == 'Pending' || $app["cancelled"] == 'Attended')
)
$count++;
}
return $count;
}
public function replace_tags ( $message, $params, $urlencode = false, $slotindex = '' ) {
if ($slotindex !== '' && isset($params["apps"][$slotindex]))
{
$slotindex++;
$params["app_service"] = $params["app_service_".$slotindex];
$params["app_status"] = $params["app_status_".$slotindex];
$params["app_duration"] = $params["app_duration_".$slotindex];
$params["app_date"] = $params["app_date_".$slotindex];
$params["app_slot"] = $params["app_slot_".$slotindex];
$params["app_starttime"] = $params["app_starttime_".$slotindex];
$params["app_endtime"] = $params["app_endtime_".$slotindex];
$params["app_quantity"] = $params["app_quantity_".$slotindex];
}
foreach ($params as $item => $value)
{
if ($urlencode)
$value = urlencode( (is_array($value)?'':$value) );
$message = @str_replace('<'.'%'.$item.'%'.'>',(is_array($value)?($this->recursive_implode(", ",$value)):($value)),$message);
$message = @str_replace('%'.$item.'%',(is_array($value)?($this->recursive_implode(", ",$value)):($value)),$message);
}
for ($i=0;$i<500;$i++)
{
$message = str_replace('<'.'%fieldname'.$i.'%'.'>',"",$message);
$message = str_replace('%fieldname'.$i.'%',"",$message);
$message = str_replace('<'.'%fieldname'.$i.'_block%'.'>',"",$message);
$message = str_replace('%fieldname'.$i.'_endblock%',"",$message);
$message = str_replace('%app_date_'.$i.'%',"",$message);
$message = str_replace('%app_slot_'.$i.'%',"",$message);
$message = str_replace('%app_starttime_'.$i.'%',"",$message);
$message = str_replace('%app_endtime_'.$i.'%',"",$message);
$message = str_replace('%app_service_'.$i.'%',"",$message);
$message = str_replace('%app_status_'.$i.'%',"",$message);
$message = str_replace('%app_duration_'.$i.'%',"",$message);
$message = str_replace('%app_price_'.$i.'%',"",$message);
$message = str_replace('%app_quantity_'.$i.'%',"",$message);
}
// Remove empty blocks
while( preg_match( "/%\s*(.+)_block\s*%/", $message, $matches ) )
{
if( empty( $params[ ''.$matches[ 1 ] ] ) )
{
$from = strpos( $message, $matches[ 0 ] );
if( preg_match( "/%\s*(".$matches[ 1 ].")_endblock\s*%/", $message, $matches_end ) )
{
$lenght = strpos( $message, $matches_end[ 0 ] ) + strlen( $matches_end[ 0 ] ) - $from;
}
else
{
$lenght = strlen( $matches[ 0 ] );
}
$message = substr_replace( $message, '', $from, $lenght );
}
else
{
$message = preg_replace( array( "/%\s*".$matches[ 1 ]."_block\s*%/", "/%\s*".$matches[ 1 ]."_endblock\s*%/"), "", $message );
}
}
$message = str_replace('<'.'%email'.'%'.'>',"",$message);
$message = str_replace('%email'.'%',"",$message);
$message = str_replace('%username'.'%',"",$message);
return $message;
}
public function extract_appointments( $form, $data, $sequence ) {
$apps = array();
$subid = 0;
if (is_admin() || (isset($_POST["bccf_payment_option_paypal"]) && $_POST["bccf_payment_option_paypal"] == '0') || defined('CPAPPHOURBK_BLOCK_TIMES_PROCESS'))
{
if (is_admin() && isset($_POST["statusbox"]))
$status = sanitize_text_field($_POST["statusbox"]);
else
$status = $this->get_option('defaultpaidstatus', '');
}
else
$status = $this->get_option('defaultstatus', '');
if (defined('CPAPPHOURBK_BLOCK_TIMES_PROCESS')) $status = '';
foreach($form as $field)
if ($field->ftype == 'fapp' && @$data[$field->name.$sequence] != '')
{
$apps_text = explode(';',$data[$field->name.$sequence]);
$fieldtotalcost = 0;
$fieldpostedcost = floatval(@$data["tcost".$field->name.$sequence]);
foreach($apps_text as $app_item_text)
{
$item_split = explode(' ',$app_item_text);
$subid++;
$item_split[2] = intval($item_split[2]);
$fieldtotalcost += floatval($field->services[ $item_split[2] ]->price);
$sdate = strtotime($item_split[0]);
if ($sdate > 0)
$apps[] = array (
'id' => $subid,
'cancelled' => $status,
'serviceindex' => $item_split[2],
'service' => $field->services[ $item_split[2] ]->name,
'duration' => $field->services[ $item_split[2] ]->duration,
'price' => 0, //$field->services[ $item_split[2] ]->price,
'date' => date("Y-m-d", $sdate),
'slot' => sanitize_text_field($item_split[1]),
'military' => (!empty($field->militaryTime) ? $field->militaryTime : 0),
'field' => $field->name,
'quant' => intval($item_split[3]),
'sid' => (isset($field->services[ $item_split[2] ]->idx)?$field->services[ $item_split[2] ]->idx:'') // service ID
);
}
//if ($fieldtotalcost < $fieldpostedcost) // this is to support javascript price calculations
$apps[count($apps)-1]["price"] = $fieldpostedcost;
}
return $apps;
}
function extract_total_price( $apps ) {
$price = 0;
foreach( $apps as $app )
$price += floatval( $app["price"] );
return number_format( $price, 2, '.', '' );
}
function get_appointments_text( $apps ) {
$option = $this->get_option('display_emails_endtime', '');
$text = '';
foreach($apps as $app)
{
$slot = $app["slot"];
if ($option != '')
$slot = substr ($slot, 0, strpos($slot,"/"));
$slot = str_replace("/","-",$app["slot"]);
if (!isset($app["military"]) || $app["military"] == 0 || $app["military"] == '')
{
$times = explode("-",$slot);
$times[0] = explode(":",$times[0]);
$times[1] = explode(":",$times[1]);
if ($option != '')
$slot = ($times[0][0]>12?$times[0][0]-12:$times[0][0]).":".$times[0][1].' '.($times[0][0]>=12?'PM':'AM');
else
$slot = ($times[0][0]>12?$times[0][0]-12:$times[0][0]).":".$times[0][1].' '.($times[0][0]>=12?'PM':'AM') ." - ".
($times[1][0]>12?$times[1][0]-12:$times[1][0]).":".$times[1][1].' '.($times[1][0]>=12?'PM':'AM');
}
$text .= " - ".$this->format_date($app["date"])." ".$slot.(isset($app["quant"]) && $app["quant"]>1?' ('.$app["quant"].')':'')." (".$app["service"].")\n";
}
return $text;
}
function format12hours( $time, $is_non_military ) {
if ($is_non_military)
{
$times = explode(":",$time);
$time = ($times[0]>12?$times[0]-12:$times[0]).":".$times[1].' '.($times[0]>=12?'PM':'AM');
}
return $time;
}
function format_date( $date ) {
$format = $this->get_option( 'date_format', 'mm/dd/yy' );
if (!$format) $format = 'mm/dd/yy';
$format = str_replace( 'mm', 'm', $format );
$format = str_replace( 'dd', 'd', $format );
$format = str_replace( 'yy', 'Y', $format );
$format = str_replace( 'DD', 'K', $format );
$format = str_replace( 'MM', 'Q', $format );
$dconv = date( $format, strtotime($date) );
$dconv = str_replace( 'K', ucfirst ( __( date( 'l', strtotime( $date ) ) ) ), $dconv );
$dconv = str_replace( 'Q', ucfirst ( __( date( 'F', strtotime( $date ) ) ) ), $dconv );
return $dconv;
}
function ready_to_go_reservation( $itemnumber, $payer_email = "", $resendonly = false ) {
global $wpdb;
$myrows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE id=%d", $itemnumber) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
$params = unserialize($myrows[0]->posted_data);
$mycalendarrows = $wpdb->get_results( $wpdb->prepare('SELECT * FROM '.$wpdb->prefix.$this->table_items.' WHERE `id`=%d', $myrows[0]->formid) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
$this->item = intval($myrows[0]->formid);
$buffer_A = $myrows[0]->data;
$buffer = $buffer_A;
if ('true' == $this->get_option('fp_inc_additional_info', CP_APPBOOK_DEFAULT_fp_inc_additional_info))
{
$buffer .="ADDITIONAL INFORMATION\n"
."*********************************\n";
$basic_data = "IP: ".$myrows[0]->ipaddr."\n"
."Server Time: ".date("Y-m-d H:i:s", current_time('timestamp'))."\n";
/**
* Includes additional information to the email's message,
* are passed two parameters: the basic information, and the IP address
*/
$basic_data = apply_filters( 'cpappb_additional_information', $basic_data, $myrows[0]->ipaddr );
$params["additional"] = $basic_data;
$params["server_time"] = date("Y-m-d H:i:s", current_time('timestamp'));
$buffer .= $basic_data;
}
// 1- Send email
//---------------------------
$attachments = array();
$message = str_replace('<'.'%', '%', __($this->get_option('fp_message', CP_APPBOOK_DEFAULT_fp_message) , 'appointment-hour-booking'));
$message = str_replace('%'.'>', '%', $message);
$subject = str_replace('<'.'%', '%', __($this->get_option('fp_subject', CP_APPBOOK_DEFAULT_fp_subject) , 'appointment-hour-booking'));
$subject = str_replace('%'.'>', '%', $subject);
if ('html' == $this->get_option('fp_emailformat', CP_APPBOOK_DEFAULT_email_format))
$message = str_replace('%INFO%',str_replace("\n","<br />",str_replace('<','<',$buffer)),$message);
else
$message = str_replace('%INFO%',$buffer,$message);
$subject = $this->get_option('fp_subject', CP_APPBOOK_DEFAULT_fp_subject);
/**
* Attach or modify attached files,
* Example for adding ical or PDF attachments
*/
$attachments = apply_filters( 'cpappb_email_attachments', $attachments, $params, $this->item);
$params["apps"] = $this->get_appointments_text($params["apps"]);
foreach ($params as $item => $value)
{
$message = str_replace('%'.$item.'%',(is_array($value)?($this->recursive_implode(", ",$value)):($value)),$message);
$subject = str_replace('%'.$item.'%',(is_array($value)?($this->recursive_implode(", ",$value)):($value)),$subject);
if (strpos($item,"_link"))
{
foreach ($value as $filevalue)
$attachments[] = $filevalue;
}
}
$message = str_replace('%itemnumber%',$itemnumber,$message);
$subject = str_replace('%itemnumber%',$itemnumber,$subject);
$from = $this->get_option('fp_from_email', (defined('CP_APPBOOK_DEFAULT_fp_from_email')?CP_APPBOOK_DEFAULT_fp_from_email:''));
$from_name = $this->get_option('fp_from_name', '');
$to = explode(",",$this->get_option('fp_destination_emails', (defined('CP_APPBOOK_DEFAULT_fp_destination_emails')?CP_APPBOOK_DEFAULT_fp_destination_emails:'')));
if ('html' == $this->get_option('fp_emailformat', (defined('CP_APPBOOK_DEFAULT_email_format')?CP_APPBOOK_DEFAULT_email_format:'text'))) $content_type = "Content-Type: text/html; charset=utf-8\n"; else $content_type = "Content-Type: text/plain; charset=utf-8\n";
$replyto = sanitize_email($myrows[0]->notifyto);
if ($this->get_option('fp_emailfrommethod', "fixed") == "customer")
$from_1 = $replyto;
else
$from_1 = $from;
if ($this->get_option('fp_emailtomethod', "fixed") == 'customer')
{
$text_addr = $params[$this->get_option('fp_destination_emails_field', "fixed")];
if (is_array($text_addr))
$text_addr = implode(", ",$text_addr);
$pattern = '/[a-zA-Z0-9_\.\+-]+@[A-Za-z0-9_-]+\.([A-Za-z0-9_-][A-Za-z0-9_]+)/'; //regex for pattern of e-mail address
preg_match_all($pattern, $text_addr, $matches);
if (count($matches[0]) > 0)
$to = $matches[0];
}
$to = array_unique ($to);
$message = $this->replace_tags($message, $params);
$subject = $this->replace_tags($subject, $params);
// if is_admin and not required emails end function here
if (is_admin() && !isset($_POST["sendemails_admin"]) && !$resendonly)
return;
foreach ($to as $item)
if (trim($item) != '')
{
if (!strpos($from_1,">"))
$from_1 = '"'.($from_name!=''?$from_name:$from_1).'" <'.$from_1.'>';
wp_mail(trim($item), $subject, $message,
"From: ".$from_1."\r\n".
($replyto!=''?"Reply-To: ".$replyto."\r\n":'').
$content_type.
"X-Mailer: PHP/" . phpversion(), $attachments);
}
if (!$resendonly && $mycalendarrows[0]->rep_days == 0 && $mycalendarrows[0]->rep_enable == 'yes')
{
$this->check_reports(true);
}
// 2- Send copy to user
//---------------------------
$to = $this->get_option('cu_user_email_field', CP_APPBOOK_DEFAULT_cu_user_email_field);
$destination_to = sanitize_email($myrows[0]->notifyto);
if (($destination_to != '' || $payer_email != '') && 'true' == $this->get_option('cu_enable_copy_to_user', CP_APPBOOK_DEFAULT_cu_enable_copy_to_user))
{
$message = str_replace('<'.'%', '%', __($this->get_option('cu_message', CP_APPBOOK_DEFAULT_cu_message) , 'appointment-hour-booking'));
$message = str_replace('%'.'>', '%', $message);
$subject = str_replace('<'.'%', '%', __($this->get_option('cu_subject', CP_APPBOOK_DEFAULT_cu_subject) , 'appointment-hour-booking'));
$subject = str_replace('%'.'>', '%', $subject);
if ('html' == $this->get_option('cu_emailformat', CP_APPBOOK_DEFAULT_email_format))
$message = str_replace('%INFO%',str_replace("\n","<br />",str_replace('<','<',$buffer_A)).'</pre>',$message);
else
$message = str_replace('%INFO%',$buffer_A,$message);
$message = str_replace('%itemnumber%',$itemnumber,$message);
$subject = str_replace('%itemnumber%',$itemnumber,$subject);
$message = $this->replace_tags($message, $params);
$subject = $this->replace_tags($subject, $params);
if (!strpos($from,">"))
$from = '"'.($from_name!=''?$from_name:$from).'" <'.$from.'>';
if ('html' == $this->get_option('cu_emailformat', CP_APPBOOK_DEFAULT_email_format)) $content_type = "Content-Type: text/html; charset=utf-8\n"; else $content_type = "Content-Type: text/plain; charset=utf-8\n";
if ($destination_to != '')
wp_mail($destination_to, $subject, $message,
"From: ".$from."\r\n".
$content_type.
"X-Mailer: PHP/" . phpversion(), $attachments);
if ($destination_to != $payer_email && $payer_email != '')
wp_mail(trim($payer_email), $subject, $message,
"From: ".$from."\r\n".
$content_type.
"X-Mailer: PHP/" . phpversion(), $attachments);
}
}
function recursive_implode( $glue, array $array, $include_keys = false, $trim_all = true ) {
$glued_string = '';
// Recursively iterates array and adds key/value to glued string
array_walk_recursive($array, function($value, $key) use ($glue, $include_keys, &$glued_string)
{
$include_keys and $glued_string .= $key.$glue;
$glued_string .= $value.$glue;
});
// Removes last $glue from string
strlen($glue) > 0 and $glued_string = substr($glued_string, 0, -strlen($glue));
// Trim ALL whitespace
// $trim_all and $glued_string = preg_replace("/(\s)/ixsm", '', $glued_string);
return (string) $glued_string;
}
function available_templates() {
if( empty( $this->CP_CFPP_global_templates ) )
{
// Get available designs
$tpls_dir = dir( plugin_dir_path( __FILE__ ).'templates' );
$this->CP_CFPP_global_templates = array();
while( false !== ( $entry = $tpls_dir->read() ) )
{
if ( $entry != '.' && $entry != '..' && is_dir( $tpls_dir->path.'/'.$entry ) && file_exists( $tpls_dir->path.'/'.$entry.'/config.ini' ) && function_exists('parse_ini_file'))
{
if( function_exists('parse_ini_file') && ( $ini_array = parse_ini_file( $tpls_dir->path.'/'.$entry.'/config.ini' ) ) !== false )
{
if( !empty( $ini_array[ 'file' ] ) ) $ini_array[ 'file' ] = plugins_url( 'templates/'.$entry.'/'.$ini_array[ 'file' ], __FILE__ );
if( !empty( $ini_array[ 'thumbnail' ] ) ) $ini_array[ 'thumbnail' ] = plugins_url( 'templates/'.$entry.'/'.$ini_array[ 'thumbnail' ], __FILE__ );
$this->CP_CFPP_global_templates[ $ini_array[ 'prefix' ] ] = $ini_array;
}
}
}
}
return $this->CP_CFPP_global_templates;
}
function block_multiple()
{
global $wpdb;
$rawfromfield = sanitize_text_field($_POST["bdate"]);
if ($rawfromfield == '')
return;
$rawfromfield = explode(",",$rawfromfield);
$calendars = array();
if (is_array($_POST["selectedcalendar"]))
foreach ($_POST["selectedcalendar"] as $item)
$calendars[] = intval($item);
$current_user = wp_get_current_user();
foreach ($rawfromfield as $rawfrom)
{
$rawfrom = trim($rawfrom);
foreach ($calendars as $calendar)
{
if ($calendar)
$this->setId($calendar);
else
{
$myrows = $wpdb->get_results( "SELECT * FROM ".$wpdb->prefix.$this->table_items );
$this->setId($myrows[0]->id);
}
if ( current_user_can('manage_options') || @in_array($current_user->ID, unserialize($this->get_option("cp_user_access",""))) )
{
if ($this->get_option('date_format', 'mm/dd/yy') == 'dd/mm/yy')
$rawfrom = str_replace('/','.',$rawfrom);
$from = date("Y-m-d H:i", strtotime($rawfrom. " ".sanitize_text_field($_POST["h1"]). ":".sanitize_text_field($_POST["m1"])));
$to = date("Y-m-d H:i", strtotime($rawfrom. " ".sanitize_text_field($_POST["h2"]). ":".sanitize_text_field($_POST["m2"])));
$duration = ceil((strtotime($rawfrom. " ".sanitize_text_field($_POST["h2"]). ":".sanitize_text_field($_POST["m2"])) - strtotime($rawfrom. " ".sanitize_text_field($_POST["h1"]). ":".sanitize_text_field($_POST["m1"]))) / 60);
$apps = array();
$apps[] = array ( 'id' => 1,
'cancelled' => '',
'serviceindex' => -1,
'service' => __('[all services]','appointment-hour-booking'),
'duration' => $duration,
'price' => 0, //$field->services[ $item_split[2] ]->price,
'date' => date("Y-m-d", strtotime($rawfrom. " ".sanitize_text_field($_POST["h1"]). ":".sanitize_text_field($_POST["m1"]))),
'slot' => date("H:i", strtotime($rawfrom. " ".sanitize_text_field($_POST["h1"]). ":".sanitize_text_field($_POST["m1"])))."/". date("H:i", strtotime($rawfrom. " ".sanitize_text_field($_POST["h2"]). ":".sanitize_text_field($_POST["m2"]))),
'military' => 0,
'field' => '',
'quant' => 0
);
$apptext = __('BLOCKED BY ADMIN','appointment-hour-booking'). "\n\n" . $this->get_appointments_text ($apps);
//echo '<pre>'; print_r($apptext);exit;
$params = array();
$params["apps"] = $apps;
$current_user = wp_get_current_user();
$rows_affected = $wpdb->insert( $wpdb->prefix.$this->table_messages, array( 'formid' => $calendar,
'time' => current_time('mysql'),
'ipaddr' => (get_option('cp_cpappb_storeip', CP_APPBOOK_DEFAULT_track_IP)?$_SERVER['REMOTE_ADDR']:''),
'notifyto' => $this->blocked_by_admin_indicator,
'posted_data' => serialize($params),
'data' => $apptext,
'whoadded' => "".$current_user->ID
) );
}
}
}
}
function save_edition() {
global $wpdb;
$this->verify_nonce ( sanitize_text_field($_POST["nonce"]), 'cpappb_actions_admin');
$posted_items = array();
foreach ($_POST as $item => $value)
$posted_items[sanitize_key($item)] = ($item == 'editionarea'? $this->clean_sanitize( is_array($value) ? $value : stripcslashes($value) ) : $this->sanitize( is_array($value) ? $value : stripcslashes($value) ));
if (isset($_POST["gotab"]) && $_POST["gotab"] == '')
{
update_option( 'cp_cpappb_rep_enable', sanitize_text_field($posted_items["cp_cpappb_rep_enable"]));
update_option( 'cp_cpappb_rep_days', sanitize_text_field($posted_items["cp_cpappb_rep_days"]));
update_option( 'cp_cpappb_rep_hour', sanitize_text_field($posted_items["cp_cpappb_rep_hour"]));
update_option( 'cp_cpappb_rep_emails', sanitize_text_field($posted_items["cp_cpappb_rep_emails"]));
update_option( 'cp_cpappb_fp_from_email', sanitize_text_field($posted_items["cp_cpappb_fp_from_email"]));
update_option( 'cp_cpappb_rep_subject', $this->clean_sanitize($posted_items["cp_cpappb_rep_subject"]));
update_option( 'cp_cpappb_rep_emailformat', sanitize_text_field($posted_items["cp_cpappb_rep_emailformat"]));
update_option( 'cp_cpappb_rep_message', $this->clean_sanitize($posted_items["cp_cpappb_rep_message"]));
}
else if (isset($_POST["gotab"]) && $_POST["gotab"] == 'csvarea')
{
update_option( 'cp_cpappb_bocsvexclude', sanitize_text_field($posted_items["bocsvexclude"]));
update_option( 'cp_cpappb_schcsvexclude', sanitize_text_field($posted_items["schcsvexclude"]));
}
else if (isset($_POST["gotab"]) && $_POST["gotab"] == 'miscsettings')
{
$honeypot = sanitize_text_field($posted_items["cp_cpappb_honeypot"]);
if ($honeypot == 'Yes')
$honeypot = 'cpapphb'.substr(sanitize_key(md5(wp_generate_uuid4())),0,5);
update_option( 'cp_cpappb_honeypot', $honeypot);
update_option( 'cp_cpappb_storeip', sanitize_text_field($posted_items["cp_cpappb_storeip"]));
update_option( 'cp_cpappb_admin_language', sanitize_text_field($_POST["cp_cpappb_admin_language"]));
}
else if (isset($_POST["gotab"]) && $_POST["gotab"] == 'schedulecalarea')
{
update_option( 'cp_cpappb_schcaltitle_admin', $this->clean_sanitize($posted_items["schcaltitle_admin"]));
update_option( 'cp_cpappb_schcalcontent_admin', $this->clean_sanitize($posted_items["schcalcontent_admin"]));
update_option( 'cp_cpappb_schcaltitle_public', $this->clean_sanitize($posted_items["schcaltitle_public"]));
update_option( 'cp_cpappb_schcalcontent_public', $this->clean_sanitize($posted_items["schcalcontent_public"]));
update_option( 'cp_cpappb_sch_admin_blockedt', sanitize_text_field($posted_items["cp_cpappb_sch_admin_blockedt"]));
update_option( 'cp_cpappb_schcalcontent_exclude', trim(str_replace(' ','',str_replace('>','',str_replace('<','',str_replace('%','',sanitize_text_field($_POST["cp_cpappb_schcalcontent_exclude"])))))));
update_option( 'cp_cpappb_schcalcontent_otherparams', $this->clean_sanitize($posted_items["cp_cpappb_schcalcontent_otherparams"]));
}
else if (isset($_POST["gotab"]) && $_POST["gotab"] == 'fixarea')
{
update_option( 'CP_APPB_LOAD_SCRIPTS', ($posted_items["ccscriptload"]=="1"?"0":"1") );
update_option( 'CP_APPB_CSV_CHARFIX', ($posted_items["csvcharautofix"]==""?"":"1") );
update_option( 'CP_APPB_CSV_SEPARATOR', ($posted_items["csvseparator"]==";"?";":",") );
if ($posted_items["cccharsets"] != '')
{
$target_charset = str_replace('`','``',sanitize_text_field($posted_items["cccharsets"]));
$tables = array( $wpdb->prefix.$this->table_messages, $wpdb->prefix.$this->table_items );
foreach ($tables as $tab)
{
$myrows = $wpdb->get_results( "DESCRIBE `".$this->sanitizeTableName($tab)."`" ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach ($myrows as $item)
{
$name = $item->Field;
$type = $item->Type;
if (preg_match("/^varchar\((\d+)\)$/i", $type, $mat) || !strcasecmp($type, "CHAR") || !strcasecmp($type, "TEXT") || !strcasecmp($type, "MEDIUMTEXT"))
{
$wpdb->query("ALTER TABLE `".$this->sanitizeTableName($tab)."` CHANGE `".$this->sanitizeTableName($name)."` `".$this->sanitizeTableName($name)."` ".$this->sanitizeTableName($type)." COLLATE `".$this->sanitizeTableName($target_charset)."`"); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
}
}
}
}
}
else if (!empty($posted_items['editionarea']))
{
if (substr_count($posted_items['editionarea'],"\\\""))
$_POST["editionarea"] = stripcslashes($posted_items["editionarea"]);
if (!empty($posted_items["cfwpp_edit"]) && $posted_items["cfwpp_edit"] == 'js')
update_option('CP_AHB_JS', base64_encode($this->clean_sanitize(@$posted_items["editionarea"])));
else if (!empty($posted_items["cfwpp_edit"]) && $posted_items["cfwpp_edit"] == 'css')
update_option('CP_AHB_CSS', base64_encode($this->clean_sanitize(@$posted_items["editionarea"])));
}
}
function save_options() {
global $wpdb;
$this->item = intval($_POST[$this->prefix."_id"]);
$this->verify_nonce (sanitize_text_field($_POST["anonce"]), 'cpappb_actions_admin');
if (false == get_option('AHB_ONE_TIME_2UPDATE',false))
{
$this->add_field_verify($wpdb->prefix.$this->table_items, 'fp_from_name');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'vs_text_nmore');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'vs_text_cost');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'vs_text_cancel');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'vs_text_quantity');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'calendar_language');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'date_format');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'vs_text_maxapp');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'defaultstatus');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'defaultpaidstatus');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'cp_user_access_settings');
$this->add_field_verify($wpdb->prefix.$this->table_items, 'display_emails_endtime');
update_option('AHB_ONE_TIME_2UPDATE',true);
}
$_pdata = $_POST;
while ((substr_count($_pdata['form_structure'],"\\") > 30) || substr_count($_pdata['form_structure'],"\\\"title\\\":"))
foreach ($_pdata as $item => $value)
if (!is_array($value))
$_pdata[$item] = stripcslashes($value);
$data = array(
'form_structure' => $this->clean_sanitize($this->admin_process_json($_pdata['form_structure'])),
'vs_text_maxapp' => sanitize_text_field($_pdata['vs_text_maxapp']),
'calendar_language' => sanitize_text_field($_pdata['calendar_language']),
'date_format' => sanitize_text_field($_pdata['date_format']),
'product_name' => sanitize_text_field($_pdata['product_name']),
'pay_later_label' => sanitize_text_field($_pdata['pay_later_label']),
'fp_from_email' => sanitize_text_field($_pdata['fp_from_email']),
// 'fp_from_name' => sanitize_text_field($_pdata['fp_from_name']),
'fp_destination_emails' => sanitize_text_field(@$_pdata['fp_destination_emails']),
'fp_subject' => $this->clean_sanitize($_pdata['fp_subject']),
'fp_inc_additional_info' => sanitize_text_field($_pdata['fp_inc_additional_info']),
'fp_return_page' => sanitize_text_field($_pdata['fp_return_page']),
'fp_message' => $this->clean_sanitize($_pdata['fp_message']),
'fp_emailformat' => sanitize_text_field($_pdata['fp_emailformat']),
'defaultstatus' => sanitize_text_field($_pdata['defaultstatus']),
'defaultpaidstatus' => sanitize_text_field($_pdata['defaultpaidstatus']),
'fp_emailtomethod' => sanitize_text_field($_pdata['fp_emailtomethod']),
'fp_destination_emails_field' => sanitize_text_field(@$_pdata['fp_destination_emails_field']),
'cu_enable_copy_to_user' => sanitize_text_field($_pdata['cu_enable_copy_to_user']),
'cu_user_email_field' => sanitize_text_field(@$_pdata['cu_user_email_field']),
'cu_subject' => $this->clean_sanitize($_pdata['cu_subject']),
'cu_message' => $this->clean_sanitize($_pdata['cu_message']),
'cu_emailformat' => sanitize_text_field($_pdata['cu_emailformat']),
'fp_emailfrommethod' => sanitize_text_field($_pdata['fp_emailfrommethod']),
'vs_text_is_required' => sanitize_text_field($_pdata['vs_text_is_required']),
'vs_text_is_email' => sanitize_text_field($_pdata['vs_text_is_email']),
'vs_text_datemmddyyyy' => sanitize_text_field($_pdata['vs_text_datemmddyyyy']),
'vs_text_dateddmmyyyy' => sanitize_text_field($_pdata['vs_text_dateddmmyyyy']),
'vs_text_number' => sanitize_text_field($_pdata['vs_text_number']),
'vs_text_digits' => sanitize_text_field($_pdata['vs_text_digits']),
'vs_text_max' => sanitize_text_field($_pdata['vs_text_max']),
'vs_text_min' => sanitize_text_field($_pdata['vs_text_min']),
'vs_text_pageof' => sanitize_text_field($_pdata['vs_text_pageof']),
'vs_text_submitbtn' => sanitize_text_field($_pdata['vs_text_submitbtn']),
'vs_text_previousbtn' => sanitize_text_field($_pdata['vs_text_previousbtn']),
'vs_text_nextbtn' => sanitize_text_field($_pdata['vs_text_nextbtn']),
'vs_text_quantity' => sanitize_text_field($_pdata['vs_text_quantity']),
'vs_text_cancel' => sanitize_text_field($_pdata['vs_text_cancel']),
'vs_text_cost' => sanitize_text_field($_pdata['vs_text_cost']),
'vs_text_nmore' => sanitize_text_field($_pdata['vs_text_nmore']),
'cp_user_access' => serialize($this->sanitize( ( isset($_pdata["cp_user_access"]) ? $_pdata["cp_user_access"] : array() ) )),
'cp_user_access_settings' => sanitize_text_field($_pdata['cp_user_access_settings']),
'display_emails_endtime' => sanitize_text_field($_pdata['display_emails_endtime']),
'rep_enable' => sanitize_text_field($_pdata['rep_enable']),
'rep_days' => sanitize_text_field($_pdata['rep_days']),
'rep_hour' => sanitize_text_field($_pdata['rep_hour']),
'rep_emails' => sanitize_text_field($_pdata['rep_emails']),
'rep_subject' => $this->clean_sanitize($_pdata['rep_subject']),
'rep_emailformat' => sanitize_text_field($_pdata['rep_emailformat']),
'rep_message' => $this->clean_sanitize($_pdata['rep_message']),
'cv_enable_captcha' => sanitize_text_field($_pdata['cv_enable_captcha']),
'cv_width' => sanitize_text_field($_pdata['cv_width']),
'cv_height' => sanitize_text_field($_pdata['cv_height']),
'cv_chars' => sanitize_text_field($_pdata['cv_chars']),
'cv_font' => sanitize_text_field($_pdata['cv_font']),
'cv_min_font_size' => sanitize_text_field($_pdata['cv_min_font_size']),
'cv_max_font_size' => sanitize_text_field($_pdata['cv_max_font_size']),
'cv_noise' => sanitize_text_field($_pdata['cv_noise']),
'cv_noise_length' => sanitize_text_field($_pdata['cv_noise_length']),
'cv_background' => sanitize_text_field(str_replace('#','',$_pdata['cv_background'])),
'cv_border' => sanitize_text_field(str_replace('#','',$_pdata['cv_border'])),
'cv_text_enter_valid_captcha' => sanitize_text_field($_pdata['cv_text_enter_valid_captcha'])
);
$wpdb->update( $wpdb->prefix.$this->table_items, $data, array( 'id' => $this->item ));
$data = array( 'fp_from_name' => sanitize_text_field($_pdata['fp_from_name']) );
$wpdb->update( $wpdb->prefix.$this->table_items, $data, array( 'id' => $this->item ));
if (isset($_pdata["savepublish"]))
{
echo '<script type="text/javascript">document.location="?page=cp_apphourbooking&pwizard=1&cal='.intval($this->item).'";</script>';
} else if (isset($_pdata["savereturn"]))
{
echo '<script type="text/javascript">document.location="?page=cp_apphourbooking&confirm=1";</script>';
}
}
function get_form_field_label( $fieldid, $form ) {
foreach($form as $item)
if ($item->name == $fieldid)
{
if (isset($item->shortlabel) && $item->shortlabel != '')
return $item->shortlabel;
else
return $item->title;
}
return $fieldid;
}
function generateSafeFileName( $filename ) {
$filename = strtolower( wp_strip_all_tags( $filename ) );
$filename = str_replace( ';', '_', $filename );
$filename = str_replace( '#', '_', $filename );
$filename = str_replace( ' ', '_', $filename );
$filename = str_replace( "'", '', $filename );
$filename = str_replace( '"', '', $filename );
$filename = str_replace( '__' ,'_', $filename );
$filename = str_replace( '&', 'and', $filename );
$filename = str_replace( '/', '_', $filename );
$filename = str_replace( '\\' ,'_', $filename );
$filename = str_replace( '?', '', $filename );
return sanitize_file_name( $filename );
}
function clean_csv_value( $value ) {
$value = trim($value);
while (strlen($value) > 1 && in_array($value[0],array('=','@')))
$value = trim(substr($value, 1));
return $value;
}
function export_csv() {
if ( !is_admin() )
return;
global $wpdb;
$this->item = intval( $this->get_param("cal") );
if ( $this->item )
{
$form = json_decode( $this->cleanJSON( $this->get_option( 'form_structure', CP_APPBOOK_DEFAULT_form_structure ) ) );
$form = $form[0];
}
else
$form = array();
$cond = '';
if ($this->get_param("search")) $cond .= " AND (data like '%".esc_sql($this->get_param("search"))."%' OR posted_data LIKE '%".esc_sql($this->get_param("search"))."%')";
$rawfrom = (isset($_GET["dfrom"]) ? sanitize_text_field($_GET["dfrom"]) : '');
$rawto = (isset($_GET["dto"]) ? sanitize_text_field(@$_GET["dto"]) : '');
if ($this->get_option('date_format', 'mm/dd/yy') == 'dd/mm/yy')
{
$rawfrom = str_replace('/','.',$rawfrom);
$rawto = str_replace('/','.',$rawto);
}
if ($this->get_param("dfrom")) $cond .= " AND (`time` >= '".esc_sql(date("Y-m-d",strtotime($rawfrom)))."')";
if ($this->get_param("dto")) $cond .= " AND (`time` <= '".esc_sql(date("Y-m-d",strtotime($rawto)))." 23:59:59')";
if ($this->item != 0) $cond .= " AND formid=".intval($this->item);
$events_query = "SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE 1=1 ".$cond." ORDER BY `time` DESC";
/**
* Allows modify the query of messages, passing the query as parameter
* returns the new query
*/
$events_query = apply_filters( 'cpappb_csv_query', $events_query );
$events = $wpdb->get_results( $events_query ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
if ($this->include_user_data_csv)
$fields = array("ID", "Form", "Time", "IP Address", "email");
else
$fields = array("ID", "Form", "Time", "email");
$fields_exclude = explode(",",trim(get_option('cp_cpappb_bocsvexclude',"")));
$fields_exclude_org = array();
for($j=0; $j<count($fields_exclude); $j++)
{
$fields_exclude_org[] = (trim($fields_exclude[$j]));
$fields_exclude[$j] = strtolower(trim($fields_exclude[$j]));
}
$fields = array_values(array_diff($fields, $fields_exclude_org));
$newfields = array();
for($j=0; $j<count($fields); $j++)
if (!in_array($fields[$j],$fields_exclude))
$newfields[] = $fields[$j];
$fields = $newfields;
$saved_formid = $this->item;
$values = array();
foreach ($events as $item)
{
$value = array();
if (in_array('ID',$fields)) $value[] = $item->id;
$this->item = $item->formid;
if (in_array('Form',$fields)) $value[] = $this->get_option('form_name','');
$this->item = $saved_formid;
if (in_array('Time',$fields)) $value[] = $item->time;
if ($this->include_user_data_csv)
if (in_array('IP Address',$fields)) $value[] = $item->ipaddr;
if (in_array('email',$fields)) $value[] = sanitize_email($item->notifyto);
if ($item->posted_data)
$data = unserialize($item->posted_data);
else
$data = array();
$end = count($fields);
for ($i=0; $i<$end; $i++)
{ // if (isset($data[$fields[$i]]) )
if (isset($data[$fields[$i]]))
$d = $data[$fields[$i]];
else if (!isset($value[$i]))
$d = "";
else
$d = $value[$i];
if (substr($fields[$i],0,strlen('app_status_')) == 'app_status_')
{
$d = $data["apps"][ intval( substr($fields[$i],strlen('app_status_'))-1) ]["cancelled"];
if ($d == '')
$d = __('Approved','appointment-hour-booking');
}
$value[$i] = $d;
unset($data[$fields[$i]]);
}
if (is_array($data)) foreach ($data as $k => $d)
if ($k != 'apps' && $k != 'itemnumber' && !in_array(strtolower($k),$fields_exclude))
{
$fields[] = $k;
if (substr($k,0,strlen('app_status_')) == 'app_status_')
{
$d = $data["apps"][ intval( substr($k,strlen('app_status_'))-1) ]["cancelled"];
if ($d == '')
$d = __('Approved','appointment-hour-booking');
}
$value[] = $d;
}
$values[] = $value;
}
$separator = get_option('CP_APPB_CSV_SEPARATOR',",");
if ($separator == '') $separator = ',';
$filename = $this->generateSafeFileName(strtolower($this->get_option('form_name','export'))).'_'.date("m_d_y");
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=".$filename.".csv");
$end = count($fields);
for ($i=0; $i<$end; $i++)
{
$hlabel = $this->iconv("utf-8", "ISO-8859-1//TRANSLIT//IGNORE", $this->get_form_field_label($fields[$i],$form));
echo '"'.str_replace('"','""', $this->clean_csv_value($hlabel)).'"'.$separator; // phpcs:ignore WordPress.Security.EscapeOutput
}
echo "\n";
foreach ( $values as $item )
{
for ( $i=0; $i<$end; $i++ )
{
if ( !isset( $item[$i] ) )
$item[$i] = '';
if (is_array($item[$i]))
$item[$i] = implode(',',$item[$i]);
$item[$i] = $this->iconv("utf-8", "ISO-8859-1//TRANSLIT//IGNORE", $item[$i]);
echo '"'.str_replace('"','""', $this->clean_csv_value($item[$i])).'"'.$separator; // phpcs:ignore WordPress.Security.EscapeOutput
}
echo "\n";
}
exit;
}
function export_csv_schedule( $atts ) {
if ( !is_admin() )
return;
global $wpdb;
extract( shortcode_atts( array(
'calendar' => '',
'fields' => 'DATE,TIME,SERVICE,final_price,paid,email,data,cancelled',
'from' => "today",
'to' => "today +30 days",
'paidonly' => "",
'status' => "-1"
), $atts ) );
if (isset($_REQUEST["dfrom"])) $from = sanitize_text_field($_REQUEST["dfrom"]);
if (isset($_REQUEST["dto"])) $to = sanitize_text_field($_REQUEST["dto"]);
if (isset($_REQUEST["status"])) $status = sanitize_text_field($_REQUEST["status"]);
if (isset($_REQUEST["paid"])) $paidonly = sanitize_text_field($_REQUEST["paid"]);
if ($this->get_param("cal")) $calendar = intval($this->get_param("cal"));
ob_start();
// calculate dates
$this->item = intval($this->get_param("cal"));
if ($this->get_option('date_format', 'mm/dd/yy') == 'dd/mm/yy')
{
$from = str_replace('/','.',$from);
$to = str_replace('/','.',$to);
}
$from = str_replace(',',' ',$from);
$to = str_replace(',',' ',$to);
$from = date("Y-m-d",strtotime($from));
$to = date("Y-m-d",strtotime($to));
// pre-select time-slots
$selection = array();
$rows = $wpdb->get_results( $wpdb->prepare("SELECT notifyto,posted_data,data FROM ".$wpdb->prefix.$this->table_messages." WHERE ".($calendar?'formid='.intval($calendar).' AND ':'')."time<=%s ORDER BY time DESC LIMIT 0,10000", $to) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach($rows as $item)
{
$data = unserialize($item->posted_data);
if (!$paidonly || $data['paid'])
{
foreach($data["apps"] as $app)
if ($app["date"] >= $from && $app["date"] <= $to && ($status == 'all' || $status == '-1' || $status == $app["cancelled"]) )
{
$selection[] = array($app["date"]." ".$app["slot"], $app["date"], $app["slot"], $data, sanitize_email($item->notifyto), $item->data, $app["cancelled"], $app["service"], $app["quant"]);
}
}
}
// order time-slots
if (!function_exists('appbkfastsortfn'))
{
function appbkfastsortfn( $a, $b ) { return ( $a[0] > $b[0] ? 1 : -1 ); }
}
usort($selection, "appbkfastsortfn" );
// clean fields IDs
$fields = explode(",",trim($fields));
for($j=0; $j<count($fields); $j++)
$fields[$j] = strtolower(trim($fields[$j]));
$fields_exclude = explode(",",trim(get_option('cp_cpappb_schcsvexclude',"")));
for($j=0; $j<count($fields_exclude); $j++)
$fields_exclude[$j] = strtolower(trim($fields_exclude[$j]));
$fields = array_values(array_diff ($fields, $fields_exclude));
$separator = get_option('CP_APPB_CSV_SEPARATOR',",");
if ($separator == '') $separator = ',';
// print table
for($i=0; $i<count($selection); $i++)
{
for($j=0; $j<count($fields); $j++)
{
if ($j>0) echo esc_html($separator);
echo '"';
switch ($fields[$j]) {
case 'date':
$value = $selection[$i][1];
break;
case 'time':
$value = $selection[$i][2];
break;
case 'email':
$value = $selection[$i][4];
break;
case 'service':
$value = $selection[$i][7];
break;
case 'quantity':
$value = $selection[$i][8];
break;
case 'cancelled':
if ($selection[$i][6] == '')
$value = __('Approved','appointment-hour-booking');
else
$value = $selection[$i][6];
break;
case 'data':
$value = substr($selection[$i][5],strpos($selection[$i][5],"\n\n")+2);
break;
case 'paid':
$value = (@$selection[$i][3]['paid']?__('Yes','appointment-hour-booking'):'');
break;
default:
$value = ($selection[$i][3][$fields[$j]]==''?'':$selection[$i][3][$fields[$j]])."";
}
$value = str_replace('"','""', $value);
echo $this->clean_csv_value($value); // phpcs:ignore WordPress.Security.EscapeOutput
echo '"';
}
echo "\n";
}
if ($this->item)
{
$form = json_decode($this->cleanJSON($this->get_option('form_structure', CP_APPBOOK_DEFAULT_form_structure)));
$form = $form[0];
}
else
$form = array();
$filename = $this->generateSafeFileName(strtolower($this->get_option('form_name','export'))).'_'.date("m_d_y");
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=".$filename.".csv");
$end = count($fields);
for ($i=0; $i<$end; $i++)
{
$hlabel = $this->iconv("utf-8", "ISO-8859-1//TRANSLIT//IGNORE", $this->get_form_field_label($fields[$i],$form));
echo '"'.str_replace('"','""', $this->clean_csv_value($hlabel)).'"'.$separator; // phpcs:ignore WordPress.Security.EscapeOutput
}
echo "\n";
exit;
}
public function fixurl( $base, $param ) {
if (strpos($base,'?'))
return $base."&".$param;
else
{
$base = rtrim($base,"/")."/";
return $base."?".$param;
}
}
public function setId( $id ) {
$this->item = intval( $id );
}
public function getId() {
return intval( $this->item );
}
public function translate_permalink( $url )
{
$postid = url_to_postid( $url );
if ($postid)
{
$newpostid = apply_filters( 'wpml_object_id', $postid, 'post', TRUE );
if ( $newpostid != $postid )
$url = get_permalink( $newpostid );
}
return $url;
}
public function filter_allowed_tags( $content ) {
return wp_kses( $content, $this->tags_allowed );
}
public function admin_process_json( $str ) {
$form_data = json_decode($this->cleanJSON($str));
$form_data[1][0]->title = $this->filter_allowed_tags( $form_data[1][0]->title );
$form_data[1][0]->description = $this->filter_allowed_tags( $form_data[1][0]->description );
for ( $i=0; $i < count($form_data[0]); $i++ )
{
if ( isset( $form_data[0][$i]->title ) )
$form_data[0][$i]->title = $this->filter_allowed_tags(($form_data[0][$i]->title));
$form_data[0][$i]->userhelpTooltip = $this->filter_allowed_tags(($form_data[0][$i]->userhelpTooltip));
$form_data[0][$i]->userhelp = $this->filter_allowed_tags(($form_data[0][$i]->userhelp));
if ($form_data[0][$i]->ftype == 'fCommentArea')
$form_data[0][$i]->userhelp = $this->filter_allowed_tags(($form_data[0][$i]->userhelp));
else if ($form_data[0][$i]->ftype == 'fradio' || $form_data[0][$i]->ftype == 'fcheck' || $form_data[0][$i]->ftype == 'fdropdown')
{
for ($j=0; $j < count($form_data[0][$i]->choices); $j++)
$form_data[0][$i]->choices[$j] = $this->filter_allowed_tags(($form_data[0][$i]->choices[$j]));
}
else if ($form_data[0][$i]->ftype == 'fapp')
{
for ($j=0; $j < count($form_data[0][$i]->services); $j++)
$form_data[0][$i]->services[$j]->name = $this->filter_allowed_tags(($form_data[0][$i]->services[$j]->name));
if (isset($form_data[0][$i]->emptySelect))
$form_data[0][$i]->emptySelect= $this->filter_allowed_tags(($form_data[0][$i]->emptySelect));
}
}
$str = json_encode( $form_data );
return $str;
}
public function translate_json( $str ) {
$form_data = json_decode( $this->cleanJSON( $str ) );
if (is_array($form_data))
{
$form_data[1][0]->title = $this->filter_allowed_tags(__($form_data[1][0]->title,'appointment-hour-booking'));
$form_data[1][0]->description = $this->filter_allowed_tags(__($form_data[1][0]->description,'appointment-hour-booking'));
for ($i=0; $i < count($form_data[0]); $i++)
{
if (property_exists($form_data[0][$i], 'title'))
$form_data[0][$i]->title = $this->filter_allowed_tags(__($form_data[0][$i]->title,'appointment-hour-booking'));
$form_data[0][$i]->userhelpTooltip = $this->filter_allowed_tags(__($form_data[0][$i]->userhelpTooltip,'appointment-hour-booking'));
$form_data[0][$i]->userhelp = $this->filter_allowed_tags(__($form_data[0][$i]->userhelp,'appointment-hour-booking'));
$form_data[0][$i]->csslayout = esc_attr(str_replace('"', ' ', sanitize_text_field(__($form_data[0][$i]->csslayout,'appointment-hour-booking'))));
if (property_exists($form_data[0][$i], 'predefined') && $form_data[0][$i]->predefined != '' && $form_data[0][$i]->ftype != 'fapp')
$form_data[0][$i]->predefined = __($form_data[0][$i]->predefined,'appointment-hour-booking');
if ($form_data[0][$i]->ftype == 'fCommentArea')
$form_data[0][$i]->userhelp = $this->filter_allowed_tags(__($form_data[0][$i]->userhelp,'appointment-hour-booking'));
else if ($form_data[0][$i]->ftype == 'fradio' || $form_data[0][$i]->ftype == 'fcheck' || $form_data[0][$i]->ftype == 'fdropdown')
{
for ($j=0; $j < count($form_data[0][$i]->choices); $j++)
$form_data[0][$i]->choices[$j] = $this->filter_allowed_tags(__($form_data[0][$i]->choices[$j],'appointment-hour-booking'));
}
else if ($form_data[0][$i]->ftype == 'fapp')
{
for ($j=0; $j < count($form_data[0][$i]->services); $j++)
$form_data[0][$i]->services[$j]->name = $this->filter_allowed_tags(__($form_data[0][$i]->services[$j]->name,'appointment-hour-booking'));
if (isset($form_data[0][$i]->emptySelect))
$form_data[0][$i]->emptySelect= $this->filter_allowed_tags(__($form_data[0][$i]->emptySelect,'appointment-hour-booking'));
}
}
$str = json_encode($form_data);
}
return $str;
}
private function get_records_csv( $formid, $form_name = "" ) {
global $wpdb;
$saved_item = $this->item;
$this->item = $formid;
$last_sent_id = get_option('cp_cpappb_last_sent_id_'.$formid, '0');
$events = $wpdb->get_results(
$wpdb->prepare("SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE formid=%d AND id>%d ORDER BY id ASC",$formid,$last_sent_id) // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
);
if ($wpdb->num_rows <= 0) // if no rows, return empty
{
$this->item = $saved_item;
return '';
}
if ($this->item)
{
$form = json_decode($this->cleanJSON($this->get_option('form_structure', CP_APPBOOK_DEFAULT_form_structure)));
$form = $form[0];
}
else
$form = array();
$buffer = '';
if ($this->include_user_data_csv)
$fields = array("Submission ID", "Form", "Time", "IP Address", "email");
else
$fields = array("Submission ID", "Form", "Time", "email");
$fields_exclude = explode(",",trim(get_option('cp_cpappb_bocsvexclude',"")));
$fields_exclude_org = array();
for($j=0; $j<count($fields_exclude); $j++)
{
$fields_exclude_org[] = (trim($fields_exclude[$j]));
$fields_exclude[$j] = strtolower(trim($fields_exclude[$j]));
}
$fields = array_values(array_diff($fields, $fields_exclude_org));
$newfields = array();
for($j=0; $j<count($fields); $j++)
if (!in_array($fields[$j],$fields_exclude))
$newfields[] = $fields[$j];
$fields = $newfields;
$values = array();
foreach ($events as $item)
{
$value = array();
if (in_array('Submission ID',$fields)) $value[] = $item->id;
if (in_array('Form',$fields)) $value[] = $this->get_option('form_name','');
if (in_array('Time',$fields)) $value[] = $item->time;
if ($this->include_user_data_csv)
if (in_array('IP Address',$fields)) $value[] = $item->ipaddr;
if (in_array('email',$fields)) $value[] = sanitize_email($item->notifyto);
$last_sent_id = $item->id;
if ($item->posted_data)
$data = unserialize($item->posted_data);
else
$data = array();
$end = count($fields);
for ($i=0; $i<$end; $i++)
{ //if (isset($data[$fields[$i]]) ){
if (isset($data[$fields[$i]]))
$d = $data[$fields[$i]];
else if (!isset($value[$i]))
$d = "";
else
$d = $value[$i];
if (substr($fields[$i],0,strlen('app_status_')) == 'app_status_')
{
$d = $data["apps"][ intval( substr($fields[$i],strlen('app_status_'))-1) ]["cancelled"];
if ($d == '')
$d = __('Approved','appointment-hour-booking');
}
$value[$i] = $d;
unset($data[$fields[$i]]);
}
if (is_array($data)) foreach ($data as $k => $d)
if ($k != 'apps' && $k != 'itemnumber' && !in_array(strtolower($k),$fields_exclude))
{
$fields[] = $k;
if (substr($k,0,strlen('app_status_')) == 'app_status_')
{
$d = $data["apps"][ intval( substr($k,strlen('app_status_'))-1) ]["cancelled"];
if ($d == '')
$d = __('Approved','appointment-hour-booking');
}
$value[] = $d;
}
$values[] = $value;
}
update_option('cp_cpappb_last_sent_id_'.$formid, $last_sent_id);
$separator = get_option('CP_APPB_CSV_SEPARATOR',",");
if ($separator == '') $separator = ',';
$end = count($fields);
for ($i=0; $i<$end; $i++)
{
$hlabel = $this->iconv("utf-8", "ISO-8859-1//TRANSLIT//IGNORE", $this->get_form_field_label($fields[$i],$form));
$buffer .= '"'.str_replace('"','""', $hlabel).'"'.$separator;
}
$buffer .= "\n";
foreach ($values as $item)
{
for ($i=0; $i<$end; $i++)
{
if (!isset($item[$i]))
$item[$i] = '';
if (is_array($item[$i]))
$item[$i] = implode(',',$item[$i]);
$item[$i] = $this->iconv("utf-8", "ISO-8859-1//TRANSLIT//IGNORE", $item[$i]);
$buffer .= '"'.str_replace('"','""', $item[$i]).'"'.$separator;
}
$buffer .= "\n";
}
$this->item = $saved_item;
return $buffer;
}
private function check_reports( $skip_verification = false ) {
global $wpdb;
$last_verified = get_option( 'cp_cpappb_last_verified', '' );
if ( $skip_verification || $last_verified == '' || $last_verified < date("Y-m-d H:i:s", strtotime("-1 minutes")) ) // verification to don't check too fast to avoid overloading the site
{
update_option('cp_cpappb_last_verified',date("Y-m-d H:i:s"));
$tmp_dir = ini_get('upload_tmp_dir') ? ini_get('upload_tmp_dir') : sys_get_temp_dir();
// global reports for all forms
if (get_option('cp_cpappb_rep_enable', 'no') == 'yes' && get_option('cp_cpappb_rep_days', '') != '' && get_option('cp_cpappb_rep_emails', '') != '' )
{
$formid = 0;
$verify_after = date("Y-m-d H:i:s", strtotime("-".get_option('cp_cpappb_rep_days', '')." days"));
$last_sent = get_option('cp_cpappb_last_sent'.$formid, '');
if ($last_sent == '' || $last_sent < $verify_after) // check if this form needs to check for a new report
{
update_option('cp_cpappb_last_sent'.$formid, date("Y-m-d ".(get_option('cp_cpappb_rep_hour', '')<'10'?'0':'').get_option('cp_cpappb_rep_hour', '').":00:00"));
$text = '';
$forms = $wpdb->get_results("SELECT id,fp_from_email,form_name,rep_days,rep_hour,rep_emails,rep_subject,rep_emailformat,rep_message,rep_enable FROM ".$wpdb->prefix.$this->table_items); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
// " WHERE rep_emails<>'' AND rep_enable='yes'"
$attachments = array();
foreach ($forms as $form) // for each form with the reports enabled
{
$csv = $this->get_records_csv($form->id, $form->form_name);
if ($csv != '')
{
$text = "- ".substr_count($csv,",\n\"").' submissions from '.$form->form_name."\n";
$filename = $this->generateSafeFileName(strtolower($form->form_name)).'_'.date("m_d_y");
$filename = $tmp_dir . '/'.$filename .'.csv';
$handle = fopen($filename, 'w');
fwrite($handle,$csv);
fclose($handle);
$attachments[] = $filename;
}
}
if ('html' == get_option('cp_cpappb_rep_emailformat','')) $content_type = "Content-Type: text/html; charset=utf-8\n"; else $content_type = "Content-Type: text/plain; charset=utf-8\n";
if (count($attachments))
wp_mail( str_replace(" ","",str_replace(";",",",get_option('cp_cpappb_rep_emails',''))), get_option('cp_cpappb_rep_subject',''), get_option('cp_cpappb_rep_message','')."\n".$text,
"From: \"".get_option('cp_cpappb_fp_from_email','')."\" <".get_option('cp_cpappb_fp_from_email','').">\r\n".
$content_type.
"X-Mailer: PHP/" . phpversion(),
@$attachments);
foreach ($attachments as $file)
@unlink($file);
}
}
// reports for specific forms
$forms = $wpdb->get_results("SELECT id,form_name,fp_from_email,rep_days,rep_hour,rep_emails,rep_subject,rep_emailformat,rep_message,rep_enable FROM ".$wpdb->prefix.$this->table_items." WHERE rep_emails<>'' AND rep_enable='yes'"); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared
foreach ($forms as $form) // for each form with the reports enabled
{
$formid = $form->id;
$verify_after = date("Y-m-d H:i:s", strtotime("-".$form->rep_days." days"));
$last_sent = get_option('cp_cpappb_last_sent'.$formid, '');
if ($skip_verification || $last_sent == '' || $last_sent < $verify_after) // check if this form needs to check for a new report
{
update_option('cp_cpappb_last_sent'.$formid, date("Y-m-d ".($form->rep_hour<'10'?'0':'').$form->rep_hour.":00:00"));
$csv = $this->get_records_csv($formid, $form->form_name);
if ($csv != '')
{
$filename = $this->generateSafeFileName(strtolower($form->form_name)).'_'.date("m_d_y");
$filename = $tmp_dir . '/'.$filename .'.csv';
$handle = fopen($filename, 'w');
fwrite($handle,$csv);
fclose($handle);
$attachments = array( $filename );
if ('html' == $form->rep_emailformat) $content_type = "Content-Type: text/html; charset=utf-8\n"; else $content_type = "Content-Type: text/plain; charset=utf-8\n";
wp_mail( str_replace(" ","",str_replace(";",",",$form->rep_emails)), $form->rep_subject, $form->rep_message,
"From: \"".$form->fp_from_email."\" <".$form->fp_from_email.">\r\n".
$content_type.
"X-Mailer: PHP/" . phpversion(),
$attachments);
foreach ( $attachments as $file )
@unlink( $file );
}
}
} // end foreach
} // end if
} // end check_reports function
protected function iconv( $from, $to, $text ) {
$text = trim( $text );
if ( strlen( $text ) > 1 && ( in_array( substr( $text, 0, 1 ), array( '=', '@', '+' )) ) )
{
$text = chr( 9 ).$text;
}
if ( get_option( 'CP_APPB_CSV_CHARFIX', "" ) == "" && function_exists( 'iconv' ) )
return iconv( $from, $to, $text );
else
return $text;
}
} // end class