278 lines
10 KiB
PHP
278 lines
10 KiB
PHP
<?php
|
|
/**
|
|
* This file handles the addintion and updating of Post Meta Boxes.
|
|
*
|
|
* @package MainWP/Dashboard
|
|
*/
|
|
|
|
namespace MainWP\Dashboard;
|
|
|
|
/**
|
|
* Class MainWP_Meta_Boxes
|
|
*
|
|
* @package MainWP\Dashboard
|
|
*/
|
|
class MainWP_Meta_Boxes { // phpcs:ignore Generic.Classes.OpeningBraceSameLine.ContentAfterBrace -- NOSONAR.
|
|
|
|
/**
|
|
* Method select_sites_handle()
|
|
*
|
|
* Update Post meta for Select Sites Meta boxes.
|
|
*
|
|
* @param mixed $post_id Post ID.
|
|
* @param mixed $post_type Post type.
|
|
*
|
|
* @return int $post_id Post ID.
|
|
*/
|
|
public function select_sites_handle( $post_id, $post_type ) { // phpcs:ignore -- NOSONAR - complex function. Current complexity is the only way to achieve desired results, pull request solutions appreciated.
|
|
|
|
/**
|
|
* Verify this came from the our screen and with proper authorization.
|
|
*/
|
|
// phpcs:disable WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
|
if ( ! isset( $_POST['select_sites_nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['select_sites_nonce'] ), 'select_sites_' . $post_id ) ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* Verify if this is an auto save routine. If it is our form has not been submitted, so we dont want to do anything.
|
|
*/
|
|
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* Check permissions.
|
|
*/
|
|
if ( ! current_user_can( 'edit_post', $post_id ) ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* OK, we're authenticated: we need to find and save the data.
|
|
*/
|
|
$_post = get_post( $post_id );
|
|
if ( $_post->post_type === $post_type && isset( $_POST['select_by'] ) ) {
|
|
$selected_wp = array();
|
|
if ( isset( $_POST['selected_sites'] ) ) {
|
|
if ( is_array( $_POST['selected_sites'] ) ) {
|
|
$selected_wp = ! empty( $_POST['selected_sites'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['selected_sites'] ) ) : array();
|
|
} else { // radio selection.
|
|
$selected_wp = ! empty( $_POST['selected_sites'] ) ? array( sanitize_text_field( wp_unslash( $_POST['selected_sites'] ) ) ) : array();
|
|
}
|
|
}
|
|
update_post_meta( $post_id, '_selected_sites', $selected_wp );
|
|
$selected_groups = array();
|
|
if ( isset( $_POST['selected_groups'] ) ) {
|
|
if ( is_array( $_POST['selected_groups'] ) ) {
|
|
$selected_groups = ! empty( $_POST['selected_groups'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['selected_groups'] ) ) : array();
|
|
} else { // radio selection.
|
|
$selected_groups = ! empty( $_POST['selected_groups'] ) ? array( sanitize_text_field( wp_unslash( $_POST['selected_groups'] ) ) ) : array();
|
|
}
|
|
}
|
|
update_post_meta( $post_id, '_selected_groups', $selected_groups );
|
|
$selected_clients = array();
|
|
if ( isset( $_POST['selected_clients'] ) ) {
|
|
if ( is_array( $_POST['selected_clients'] ) ) {
|
|
$selected_clients = ! empty( $_POST['selected_clients'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_POST['selected_clients'] ) ) : array();
|
|
} else { // radio selection.
|
|
$selected_clients = ! empty( $_POST['selected_clients'] ) ? array( sanitize_text_field( wp_unslash( $_POST['selected_clients'] ) ) ) : array();
|
|
}
|
|
}
|
|
update_post_meta( $post_id, '_selected_clients', $selected_clients );
|
|
update_post_meta( $post_id, '_selected_by', sanitize_text_field( wp_unslash( $_POST['select_by'] ) ) );
|
|
|
|
if ( ( 'group' === $_POST['select_by'] && ! empty( $selected_groups ) ) || ( 'site' === $_POST['select_by'] && ! empty( $selected_wp ) ) || ( 'client' === $_POST['select_by'] && ! empty( $selected_clients ) ) ) {
|
|
return sanitize_text_field( wp_unslash( $_POST['select_by'] ) );
|
|
}
|
|
}
|
|
// phpcs:enable
|
|
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* Method add_categories()
|
|
*
|
|
* Add categories.
|
|
*
|
|
* @param int $post_id Post ID.
|
|
*/
|
|
public function add_categories( $post_id = false ) {
|
|
if ( empty( $post_id ) ) {
|
|
return;
|
|
}
|
|
$post = get_post( $post_id );
|
|
MainWP_Post::render_categories_list( $post );
|
|
}
|
|
|
|
/**
|
|
* Method add_categories_handle()
|
|
*
|
|
* Handle adding categories.
|
|
*
|
|
* @param int $post_id Post ID.
|
|
* @param string $post_type Post type.
|
|
*/
|
|
public function add_categories_handle( $post_id, $post_type ) {
|
|
/**
|
|
* Verify this came from the our screen and with proper authorization.
|
|
*/
|
|
|
|
// phpcs:disable WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
|
if ( ! isset( $_POST['post_category_nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['post_category_nonce'] ), 'post_category_' . $post_id ) ) {
|
|
return;
|
|
}
|
|
|
|
/**
|
|
* Verify if this is an auto save routine. If it is our form has not been submitted, so we dont want to do anything.
|
|
*/
|
|
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
|
|
return;
|
|
}
|
|
|
|
/**
|
|
* Check permissions.
|
|
*/
|
|
if ( ! current_user_can( 'edit_post', $post_id ) ) {
|
|
return;
|
|
}
|
|
|
|
/**
|
|
* OK, we're authenticated: we need to find and save the data.
|
|
*/
|
|
$_post = get_post( $post_id );
|
|
if ( $_post->post_type === $post_type ) {
|
|
if ( isset( $_POST['post_category'] ) && is_array( $_POST['post_category'] ) ) {
|
|
update_post_meta( $post_id, '_categories', base64_encode( implode( ',', wp_unslash( $_POST['post_category'] ) ) ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode used for http encoding compatible.
|
|
do_action( 'mainwp_bulkpost_categories_handle', $post_id, wp_unslash( $_POST['post_category'] ) );
|
|
}
|
|
|
|
$post_existing = ! empty( $_POST['post_only_existing'] ) ? 1 : 0;
|
|
update_post_meta( $post_id, '_post_to_only_existing_categories', $post_existing );
|
|
}
|
|
// phpcs:enable
|
|
}
|
|
|
|
/**
|
|
* Method add_tags()
|
|
*
|
|
* Add tags to Post array.
|
|
*
|
|
* @param object $post Post object.
|
|
*/
|
|
public function add_tags( $post ) {
|
|
$this->add_extra( 'Tags', '_tags', 'add_tags', $post );
|
|
}
|
|
|
|
/**
|
|
* Method add_tags_handle()
|
|
*
|
|
* Add Tags to post array handler.
|
|
*
|
|
* @param int $post_id Post ID.
|
|
* @param string $post_type Post type.
|
|
*/
|
|
public function add_tags_handle( $post_id, $post_type ) {
|
|
$this->add_extra_handle( 'Tags', '_tags', 'add_tags', $post_id, $post_type );
|
|
if ( isset( $_POST['add_tags'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Missing
|
|
do_action( 'mainwp_bulkpost_tags_handle', $post_id, $post_type, wp_strip_all_tags( wp_unslash( $_POST['add_tags'] ) ) ); // phpcs:ignore WordPress.Security.NonceVerification.Missing
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Method add_slug()
|
|
*
|
|
* Add Slug to Post object.
|
|
*
|
|
* @param object $post Post object.
|
|
*/
|
|
public function add_slug( $post ) {
|
|
$this->add_extra( 'Slug', '_slug', 'add_slug', $post );
|
|
}
|
|
|
|
/**
|
|
* Method add_extra()
|
|
*
|
|
* Add nounce to post object.
|
|
*
|
|
* @param string $title Post title.
|
|
* @param string $saveto Save to.
|
|
* @param string $prefix Custom prefix.
|
|
* @param object $post Post object.
|
|
*/
|
|
private function add_extra( $title, $saveto, $prefix, $post ) {
|
|
unset( $title );
|
|
$extra = base64_decode( get_post_meta( $post->ID, $saveto, true ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_decode used for http encoding compatible.
|
|
?>
|
|
<input type="hidden" name="<?php echo esc_attr( $prefix ); ?>_nonce" value="<?php echo esc_attr( wp_create_nonce( $prefix . '_' . $post->ID ) ); ?>"/>
|
|
<input type="text" name="<?php echo esc_attr( $prefix ); ?>" value="<?php echo esc_attr( $extra ); ?>"/>
|
|
<?php
|
|
}
|
|
|
|
|
|
/**
|
|
* Method add_slug_handle()
|
|
*
|
|
* Add post slug.
|
|
*
|
|
* @param int $post_id Post ID.
|
|
* @param string $post_type Post type.
|
|
*/
|
|
public function add_slug_handle( $post_id, $post_type ) {
|
|
$this->add_extra_handle( 'Slug', '_slug', 'add_slug', $post_id, $post_type );
|
|
}
|
|
|
|
/**
|
|
* Method add_extra_handle()
|
|
*
|
|
* Update Post meta & add Security Nonce Prefix.
|
|
*
|
|
* @param string $title Post title.
|
|
* @param string $saveto Where to save.
|
|
* @param string $prefix Custom prefix.
|
|
* @param int $post_id Post ID.
|
|
* @param string $post_type Post type.
|
|
*
|
|
* @return int $post_id Post ID.
|
|
*/
|
|
private function add_extra_handle( $title, $saveto, $prefix, $post_id, $post_type ) {
|
|
unset( $title );
|
|
/**
|
|
* Verify this came from the our screen and with proper authorization.
|
|
*/
|
|
// phpcs:disable WordPress.Security.NonceVerification,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
|
|
if ( ! isset( $_POST[ $prefix . '_nonce' ] ) || ! wp_verify_nonce( sanitize_key( $_POST[ $prefix . '_nonce' ] ), $prefix . '_' . $post_id ) ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* Verify if this is an auto save routine. If it is our form has not been submitted, so we dont want to do anything.
|
|
*/
|
|
if ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* Check permissions.
|
|
*/
|
|
if ( ! current_user_can( 'edit_post', $post_id ) ) {
|
|
return $post_id;
|
|
}
|
|
|
|
/**
|
|
* OK, we're authenticated: we need to find and save the data.
|
|
*/
|
|
$_post = get_post( $post_id );
|
|
if ( $_post->post_type === $post_type && isset( $_POST[ $prefix ] ) ) {
|
|
$value = isset( $_POST[ $prefix ] ) ? base64_encode( wp_unslash( $_POST[ $prefix ] ) ) : ''; // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions -- base64_encode used for http encoding compatible.
|
|
update_post_meta( $post_id, $saveto, $value );
|
|
return $value;
|
|
}
|
|
// phpcs:enable
|
|
|
|
return $post_id;
|
|
}
|
|
}
|
|
?>
|