File "module.php"
Full Path: /home/fmpomerode/public_html/wp-content/plugins/bdthemes-element-pack/modules/contact-form/module.php
File size: 9.34 KB
MIME-type: text/x-c++; charset=us-ascii
Charset: utf-8
<?php
namespace ElementPack\Modules\ContactForm;
use ElementPack\Base\Element_Pack_Module_Base;
use ElementPack\Utils;
if (!defined('ABSPATH')) exit; // Exit if accessed directly
class Module extends Element_Pack_Module_Base {
public function get_name() {
return 'contact-form';
}
public function get_widgets() {
$widgets = ['Contact_Form'];
return $widgets;
}
public function is_valid_captcha() {
$ep_api_settings = get_option('element_pack_api_settings');
if (isset($_POST['g-recaptcha-response']) and !empty($ep_api_settings['recaptcha_secret_key'])) {
$request = wp_remote_get('https://www.google.com/recaptcha/api/siteverify?secret=' . $ep_api_settings['recaptcha_secret_key'] . '&response=' . esc_textarea($_POST["g-recaptcha-response"]) . '&remoteip=' . $_SERVER["REMOTE_ADDR"]);
$response = wp_remote_retrieve_body($request);
$result = json_decode($response, TRUE);
if (isset($result['success']) && $result['success'] == 1) {
// Captcha ok
return true;
} else {
// Captcha failed;
return false;
}
}
return false;
}
public function normalize_email( $email ) {
/**
* Split the email into local part and domain
*/
list( $local, $domain ) = explode( '@', $email );
/**
* Remove any text after the plus sign in the local part
*/
if ( ( $plusPos = strpos( $local, '+' ) ) !== false ) {
$local = substr( $local, 0, $plusPos );
}
/**
* Return the normalized email
*/
return $local . '@' . $domain;
}
public function are_emails_same( $email1, $email2 ) {
return $this->normalize_email( $email1 ) === $this->normalize_email( $email2 );
}
public function contact_form() {
$email = get_bloginfo('admin_email');
$error_empty = esc_html__('Please fill in all the required fields.', 'bdthemes-element-pack');
$error_noemail = esc_html__('Please enter a valid e-mail.', 'bdthemes-element-pack');
$error_same_as_admin = esc_html__('You can not use this e-mail due to security issues.', 'bdthemes-element-pack');
$error_spam_email = esc_html__('You are trying to send e-mail by banned e-mail. Multiple tries can ban you permanently!', 'bdthemes-element-pack');
$result = esc_html__('Unknown error! Please check your settings.', 'bdthemes-element-pack');
$ep_api_settings = get_option('element_pack_api_settings');
$api_settings = get_option('element_pack_api_settings');;
if (!empty($ep_api_settings['contact_form_email'])) {
$email = $ep_api_settings['contact_form_email'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'simpleContactForm')) {
$result = esc_html__('Security check failed!', 'bdthemes-element-pack');
echo '<span class="bdt-text-warning">' . esc_html($result) . '</span>';
wp_die();
}
$post_id = sanitize_text_field($_REQUEST['page_id']);
$widget_id = sanitize_text_field($_REQUEST['widget_id']);
$error = false;
// this part fetches everything that has been POSTed, sanitizes them and lets us use them as $form_data['subject']
foreach ($_POST as $field => $value) {
if (is_email($value)) {
$value = sanitize_email($value);
} else {
$value = sanitize_textarea_field($value);
}
$form_data[$field] = strip_tags($value);
}
foreach ($form_data as $key => $value) {
$value = trim($value);
if (empty($value)) {
$error = true;
$result = $error_empty;
}
}
$success = sprintf(esc_html__('Hi, %s. We got your e-mail. We\'ll reply you very soon. Thanks for being with us...', 'bdthemes-element-pack'), $form_data['name']);
// and if the e-mail is not valid, switch $error to TRUE and set the result text to the shortcode attribute named 'error_noemail'
if (!is_email($form_data['email'])) {
$error = true;
$result = $error_noemail;
}
/**
* Stop spamming
*/
if (!$error) {
$admin_email = get_option('admin_email');
if ( $this->are_emails_same( wp_kses_post( trim( $form_data['email'] ) ), $admin_email ) || $admin_email == wp_kses_post(trim($form_data['email'])) || $email == wp_kses_post(trim($form_data['email']))) {
$error = true;
$result = $error_same_as_admin;
} else {
if (isset($api_settings['contact_form_spam_email'])) {
$spam_email_list = $api_settings['contact_form_spam_email'];
$final_spam_list = explode(',', $spam_email_list);
foreach ($final_spam_list as $spam_email) {
if (trim($form_data['email']) == trim($spam_email)) {
$error = true;
$result = $error_spam_email;
break;
}
}
}
}
}
/** Recaptcha*/
$result_recaptcha = $this->get_widget_settings($post_id, $widget_id);
if (isset($result_recaptcha['show_recaptcha']) && $result_recaptcha['show_recaptcha'] == 'yes') {
if (!empty($ep_api_settings['recaptcha_site_key']) and !empty($ep_api_settings['recaptcha_secret_key'])) {
if (!$this->is_valid_captcha()) {
$error = true;
$result = esc_html__("reCAPTCHA is invalid!", "bdthemes-element-pack");
}
}
}
$contact_number = isset($form_data['contact']) ? esc_attr($form_data['contact']) : '';
$contact_subject = isset($form_data['subject']) ? esc_attr($form_data['subject']) : '';
// but if $error is still FALSE, put together the POSTed variables and send the e-mail!
if ($error == false) {
// get the website's name and puts it in front of the subject
$email_subject = "[" . get_bloginfo('name') . "] " . $contact_subject;
// get the message from the form and add the IP address of the user below it
$email_message = $this->message_html($form_data['message'], $form_data['name'], $form_data['email'], $contact_number);
// set the e-mail headers with the user's name, e-mail address and character encoding
$headers = "Reply-To: " . $form_data['name'] . " <" . $form_data['email'] . ">\n";
$headers .= "Content-Type: text/html; charset=UTF-8\n";
$headers .= "Content-Transfer-Encoding: 8bit\n";
// send the e-mail with the shortcode attribute named 'email' and the POSTed data
wp_mail($email, html_entity_decode($email_subject), $email_message, $headers);
// and set the result text to the shortcode attribute named 'success'
$result = $success;
// ...and switch the $sent variable to TRUE
$sent = true;
}
$redirect_url = (isset($form_data['redirect-url']) && !empty($form_data['redirect-url'])) ? esc_url($form_data['redirect-url']) : 'no';
$is_external = (isset($form_data['is-external']) && !empty($form_data['is-external'])) ? esc_attr($form_data['is-external']) : 'no';
$reset_status = (isset($form_data['reset-after-submit']) && ($form_data['reset-after-submit'] == 'yes')) ? 'yes' : 'no';
if ($error == false) {
echo '<span class="bdt-text-success" data-resetstatus="' . esc_html($reset_status) . '" data-redirect="' . wp_kses_post($redirect_url) . '" data-external="' . esc_attr($is_external) . '">' . esc_html($result) . '</span>';
// wp_redirect( $form_data['redirect_url'] );
} else {
echo '<span class="bdt-text-warning">' . esc_html($result) . '</span>';
}
}
die;
}
public function message_html($message, $name, $email, $number = '') {
$fullmsg = "<html lang='en-US'><body style='background-color: #f5f5f5; padding: 35px;'>";
$fullmsg .= "<div style='max-width: 768px; margin: 0 auto; background-color: #fff; padding: 50px 35px;'>";
$fullmsg .= nl2br($message);
$fullmsg .= "<br><br>";
$fullmsg .= "<b>" . esc_html($name) . "<b><br>";
$fullmsg .= esc_html($email) . "<br>";
$fullmsg .= ($number) ? esc_html($number) . "<br>" : "";
$fullmsg .= "<em>IP: " . Utils::get_client_ip() . "</em>";
$fullmsg .= "</div>";
$fullmsg .= "</body></html>";
return $fullmsg;
}
public function __construct() {
parent::__construct();
add_action('wp_ajax_element_pack_contact_form', [$this, 'contact_form']);
add_action('wp_ajax_nopriv_element_pack_contact_form', [$this, 'contact_form']);
}
}