forked from mikelietz/jambo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjambo-formui.plugin.php
225 lines (193 loc) · 7.24 KB
/
jambo-formui.plugin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
<?php
/**
* Jambo a contact form plugin for Habari
*
* @package jambo
*
* @todo use AJAX to submit form, fallback on default if no AJAX.
* @todo allow "custom fields" to be added by user.
* @todo redo the hook and make it easy to add other formui comment stuff.
*/
// require_once 'jambohandler.php';
class JamboFormUI extends Plugin
{
/**
* Create the default email form
*/
public function get_jambo_form( )
{
// borrow default values from the comment forms
$commenter_name = '';
$commenter_email = '';
$commenter_url = '';
$commenter_content = '';
$user = User::identify();
if ( isset( $_SESSION['comment'] ) ) {
$details = Session::get_set( 'comment' );
$commenter_name = $details['name'];
$commenter_email = $details['email'];
$commenter_url = $details['url'];
$commenter_content = $details['content'];
}
elseif ( $user->loggedin ) {
$commenter_name = $user->displayname;
$commenter_email = $user->email;
$commenter_url = Site::get_url( 'habari' );
}
// Now start the form.
$form = new FormUI( 'jambo' );
// $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) );
// Create the Name field
$form->append( 'text', 'jambo_name', 'null:null', _t( 'Name' ) )
->add_validator( 'validate_required', _t( 'Your Name is required.' ) )
->id = 'jambo_name';
$form->jambo_name->tabindex = 1;
$form->jambo_name->value = $commenter_name;
// Create the Email field
$form->append( 'text', 'jambo_email', 'null:null', _t( 'Email' ) )
->add_validator( 'validate_email', _t( 'Your Email must be a valid address.' ) )
->id = 'jambo_email';
$form->jambo_email->tabindex = 2;
$form->jambo_email->caption = _t( 'Email' );
$form->jambo_email->value = $commenter_email;
// Create the Subject field
$form->append( 'text', 'jambo_subject', 'null:null', _t( 'Subject', 'jambo' ) )
->id = 'jambo_subject';
$form->jambo_subject->tabindex = 3;
// Create the Message field
$form->append( 'textarea', 'jambo_message', 'null:null', _t( 'Message', 'jambo' ) )
->add_validator( 'validate_required', _t( 'Your message cannot be blank.', 'jambo' ) )
->id = 'jambo_message';
$form->jambo_message->tabindex = 4;
// Create the Submit button
$form->append( 'submit', 'jambo_submit', _t( 'Submit' ) );
$form->jambo_submit->tabindex = 5;
// Allow other plugins and theme authors to modify and customise this form easily.
Plugins::act( 'form_jambo', $form, $this );
// Create hidden token fields
self::insert_token( $form );
// Set up form processing
$form->on_success( array( $this, 'process_jambo' ) );
// Return the form object
return $form;
}
/**
* Process the submitted form and send the email
*
* @param type $form
* @return String
*/
function process_jambo( $form )
{
// get the values and the stored options.
$email = array();
$email['sent'] = false;
$email['send_to'] = Options::get( 'jambo__send_to' );
$email['name'] = $form->jambo_name->value;
$email['email'] = $form->jambo_email->value;
$email['subject'] = Options::get( 'jambo__subject' ) . ' ' . $form->jambo_subject;
$email['message'] = $form->jambo_message->value;
$email['success_msg'] = Options::get ( 'jambo__success_msg','Thank you contacting me. I\'ll get back to you as soon as possible.' );
// Utils::mail expects an array
$email['headers'] = array( 'MIME-Version' => '1.0',
'From' => "{$email['name']} <{$email['email']}>",
'Content-Type' => 'text/plain; charset="utf-8"' );
$email = Plugins::filter( 'jambo_email', $email, $form->token->value, $form->token_time->value );
$email['sent'] = Utils::mail( $email['send_to'], $email['subject'], $email['message'], $email['headers'] );
return '<p class="jambo-confirmation">' .$email ['success_msg'] .'</p>';
}
public function set_priorities()
{
return array(
'filter_post_content_out' => 11
);
}
/**
* The plugin configuration form.
*/
public function configure()
{
$ui = new FormUI( 'jambo' );
// Add a text control for the address you want the email sent to
$send_to = $ui->append( 'text', 'send_to', 'option:jambo__send_to', _t( 'Where To Send Email: ' ) );
$send_to->add_validator( 'validate_required' );
// Add a text control for the prefix to the subject field
$subject_prefix = $ui->append( 'text', 'subject', 'option:jambo__subject', _t( 'Subject Prefix: ' ) );
$subject_prefix->add_validator( 'validate_required' );
// Add a text control for the prefix to the success message
$success_msg = $ui->append( 'textarea', 'success_msg', 'option:jambo__success_msg', _t( 'Success Message: ' ) );
$ui->append( 'submit', 'save', 'Save' );
return $ui;
}
/**
* Replace <!-- jambo --> or <!-- contactform --> in the post content with
* the Jambo email form.
*/
public function filter_post_content_out( $content )
{
$content = str_ireplace( array('<!-- jambo -->', '<!-- contactform -->'), $this->get_jambo_form()->get(), $content );
return $content;
}
/**
* Verify the submitted form has been submitted by a real user and also pass
* it through Spam Checker plugin. The spam checking part will only be
* effective if the plugin is enabled.
*/
public function filter_jambo_email( $email, $token, $timestamp )
{
if ( ! self::verify_token( $token, $timestamp ) ) {
ob_end_clean();
header( 'HTTP/1.1 403 Forbidden' );
die( '<h1>' . _t( 'The selected action is forbidden.' ) . '</h1><p>' . _t( 'You are submitting the form too fast and look like a spam bot.' ) . '</p>' );
}
// If we've got this far, I think we can be certain we have a valid email address and the comment has probably been manually submitted.
$comment = new Comment( array(
'name' => $email['name'],
'email' => $email['email'],
'content' => $email['message'],
'ip' => sprintf( "%u", ip2long( Utils::get_ip() ) ),
'post_id' => ( isset( $post ) ? $post->id : 0 ),
) );
// Run the message through the Spam Filter plugin, if it's enabled.
Plugins::act( 'comment_insert_before', $comment );
if ( Comment::STATUS_SPAM == $comment->status ) {
ob_end_clean();
header( 'HTTP/1.1 403 Forbidden' );
die( '<h1>' . _t( 'The selected action is forbidden.' ) . '</h1><p>' . _t( 'Your attempted contact appears to be spam. If it wasn\'t, return to the previous page and try again.' ) . '</p>' );
}
return $email;
}
/**
* Create the token based on the time string submitted and the UID for this Habari installation.
*/
private static function create_token( $timestamp )
{
$token = substr( md5( $timestamp . Options::get( 'GUID' ) ), 0, 10 );
$token = Plugins::filter( 'jambo_token', $token, $timestamp );
return $token;
}
/**
* Verify that the token and time passed are valid.
*/
private static function verify_token( $token, $timestamp )
{
if ( $token == self::create_token( $timestamp ) ) {
if ( ( time() > ( $timestamp + 5 ) ) && ( time() < ( $timestamp + 5*60 ) ) ) {
return true;
}
}
return false;
}
/**
* Add the token fields to the form.
*/
private static function insert_token( $form )
{
$timestamp = time();
$token = self::create_token( $timestamp );
$form->append( 'hidden', 'token', 'null:null' )->value = $token;
$form->append( 'hidden', 'token_time', 'null:null' )->value = $timestamp;
return $form;
}
}
?>