File Manager
/ wp-content
Search
Upload
New Item
Settings
File "db5.php"
Full path: /home1/epichome/public_html/wp-content/db5.php
File size: 60.67 B (60.67 KB bytes)
MIME-type: text/x-php
Charset: utf-8
Download Open Edit Advanced Editor Back
/home/pharmacy/www/wp-content/plugins/visual-form-builder/admin/class-export.php
<?php
/**
* Class that controls the Export page view
*/
class Visual_Form_Builder_Export {
/**
* Default delimiter for CSV and Tab export
*
* Override using the vfb_csv_delimiter filter
*
* (default value: ',')
*
* @var string
* @access protected
*/
protected $delimiter = ',';
/**
* Default_cols
*
* @var mixed
* @access public
*/
public $default_cols;
/**
* __construct function
*
* @access public
* @return void
*/
public function __construct() {
$this->delimiter = apply_filters( 'vfb_csv_delimiter', ',' );
// Setup our default columns.
$this->default_cols = array(
'entries_id' => esc_html__( 'Entries ID', 'visual-form-builder' ),
'date_submitted' => esc_html__( 'Date Submitted', 'visual-form-builder' ),
'ip_address' => esc_html__( 'IP Address', 'visual-form-builder' ),
'subject' => esc_html__( 'Subject', 'visual-form-builder' ),
'sender_name' => esc_html__( 'Sender Name', 'visual-form-builder' ),
'sender_email' => esc_html__( 'Sender Email', 'visual-form-builder' ),
'emails_to' => esc_html__( 'Emailed To', 'visual-form-builder' ),
);
add_action( 'admin_init', array( $this, 'export_action' ) );
add_action( 'wp_ajax_vfb-export-fields', array( $this, 'load_fields' ) );
}
/**
* Display function.
*
* @access public
* @return void
*/
public function display() {
$forms = $this->get_all_forms();
?>
<div class="wrap">
<h2><?php esc_html_e( 'Export', 'visual-form-builder' ); ?></h2>
<form method="post" id="vfbp-export" action="">
<input name="_vfb_action" type="hidden" value="export" />
<?php wp_nonce_field( 'vfb_export' ); ?>
<p><?php esc_html_e( 'Backup and save some or all of your Visual Form Builder data.', 'visual-form-builder' ); ?></p>
<p><?php esc_html_e( 'Once you have saved the file, you will be able to import Visual Form Builder Pro data from this site into another site.', 'visual-form-builder' ); ?></p>
<h3><?php esc_html_e( 'Choose what to export', 'visual-form-builder' ); ?></h3>
<p>
<label for="content-forms">
<input type="radio" id="content-forms" name="settings[content]" value="forms" disabled="disabled" /> <?php esc_html_e( 'Forms', 'visual-form-builder' ); ?>
</label>
</p>
<p class="description"><?php esc_html_e( 'This will export a single form with all fields and settings for that form.', 'visual-form-builder' ); ?><br><strong>*<?php esc_html_e( 'Only available in VFB Pro', 'visual-form-builder' ); ?>*</strong></p>
<p>
<label for="content-entries">
<input type="radio" id="content-entries" name="settings[content]" value="entries" checked="checked" /> <?php esc_html_e( 'Entries', 'visual-form-builder' ); ?>
</label>
</p>
<p class="description"><?php esc_html_e( 'This will export entries in either .csv, .txt, or .xls and cannot be used with the Import.', 'visual-form-builder' ); ?></p>
<h3><?php esc_html_e( 'Select a form', 'vfb-pro' ); ?></h3>
<select name="settings[form-id]" id="vfb-export-forms-list">
<?php
$first_form = '';
$entries_count = 0;
if ( is_array( $forms ) && ! empty( $forms ) ) {
$first_form = $forms[0];
foreach ( $forms as $form ) {
printf(
'<option value="%1$d">%1$d - %2$s</option>',
esc_html( $form['form_id'] ),
esc_html( $form['form_title'] )
);
}
}
?>
</select>
<div class="vfb-export-entries-options">
<h3><?php esc_html_e( 'Customize your export', 'visual-form-builder' ); ?></h3>
<p>
<label class="vfb-export-label" for="format"><?php esc_html_e( 'Format:', 'visual-form-builder' ); ?></label>
<select name="settings[format]">
<option value="csv" selected="selected"><?php esc_html_e( 'Comma Separated (.csv)', 'visual-form-builder' ); ?></option>
<option value="txt" disabled="disabled"><?php esc_html_e( 'Tab Delimited (.txt)', 'visual-form-builder' ); ?></option>
<option value="xls" disabled="disabled"><?php esc_html_e( 'Excel (.xls)', 'visual-form-builder' ); ?></option>
</select>
</p>
<p>
<label class="vfb-export-label" for="start-date"><?php esc_html_e( 'Date Range:', 'visual-form-builder' ); ?></label>
<select name="settings[start-date]">
<option value="0">Start Date</option>
<?php $this->months_dropdown(); ?>
</select>
<select name="settings[end-date]">
<option value="0">End Date</option>
<?php $this->months_dropdown(); ?>
</select>
</p>
<label class="vfb-export-label"><?php esc_html_e( 'Fields:', 'visual-form-builder' ); ?></label>
<p>
<a id="vfb-export-select-all" href="#"><?php esc_html_e( 'Select All', 'visual-form-builder' ); ?></a>
<a id="vfb-export-unselect-all" href="#"><?php esc_html_e( 'Unselect All', 'visual-form-builder' ); ?></a>
</p>
<div id="vfb-export-entries-fields">
<?php $this->fields_list( $first_form['form_id'] ); ?>
</div>
</div>
<?php
submit_button(
esc_html__( 'Download Export File', 'visual-form-builder' ),
'primary',
'' // leave blank so "name" attribute will not be added.
);
?>
</form>
</div>
<?php
}
/**
* Determine which export function to execute based on selected options
*
* @access public
* @return void
*/
public function export_action() {
if ( ! isset( $_POST['_vfb_action'] ) || ! isset( $_GET['page'] ) ) {
return;
}
if ( 'export' !== $_POST['_vfb_action'] ) {
return;
}
check_admin_referer( 'vfb_export' );
$data = array();
if ( isset( $_POST['settings'] ) ) {
// Sanitized below.
foreach ( wp_unslash( $_POST['settings'] ) as $key => $val ) {
$data[ $key ] = $val;
}
}
$data = stripslashes_deep( $data );
$content = isset( $data['content'] ) ? $data['content'] : 'forms';
$form_id = isset( $data['form-id'] ) ? absint( $data['form-id'] ) : 0;
$format = isset( $data['format'] ) ? sanitize_text_field( $data['format'] ) : 'csv';
$start_date = isset( $data['start-date'] ) ? sanitize_text_field( $data['start-date'] ) : '';
$end_date = isset( $data['end-date'] ) ? sanitize_text_field( $data['end-date'] ) : '';
$fields = isset( $data['fields'] ) ? $data['fields'] : '';
if ( 0 == $form_id ) {
return;
}
switch ( $content ) {
case 'entries':
// If no fields selected, exit because there's nothing to do.
if ( empty( $fields ) ) {
return;
}
global $wpdb;
$where = '';
if ( 0 !== $form_id ) {
$where .= $wpdb->prepare( ' AND form_id = %d', $form_id );
}
if ( $start_date ) {
$where .= $wpdb->prepare( ' AND date_submitted >= %s', gmdate( 'Y-m-d', strtotime( $start_date ) ) );
}
if ( $end_date ) {
$where .= $wpdb->prepare( ' AND date_submitted < %s', gmdate( 'Y-m-d', strtotime( '+1 month', strtotime( $end_date ) ) ) );
}
$title = $wpdb->get_var( null, 1 );
$settings['format'] = $format;
$settings['fields'] = $fields;
$settings['where'] = $where;
$this->export_entries( $settings, $title );
die( 1 );
break;
}
}
/**
* [export_entries description]
*
* @param [type] $data [$data description].
* @param array $title [$title description].
*
* @return [type] [return description]
*/
public function export_entries( $data = array(), $title = '' ) {
if ( ! is_array( $data ) || empty( $data ) ) {
return;
}
$format = $data['format'];
$sitename = sanitize_key( get_bloginfo( 'name' ) );
if ( ! empty( $sitename ) ) {
$sitename .= '.';
}
$filename = "{$sitename}vfb-export.{$title}." . gmdate( 'Y-m-d-Hi' ) . ".{$format}";
// Set content type based on file format.
switch ( $format ) {
case 'csv':
$content_type = 'text/csv';
break;
}
$upload_dir = wp_upload_dir();
$file_path = trailingslashit( $upload_dir['path'] ) . $filename;
header( 'Cache-Control: must-revalidate, post-check=0, pre-check=0' );
header( 'Content-Description: File Transfer' );
header( 'Content-Disposition: attachment; filename=' . $filename );
header( "Content-Type: $content_type; charset=" . get_option( 'blog_charset' ), true );
header( 'Expires: 0' );
header( 'Pragma: public' );
if ( in_array( $format, array( 'csv', 'txt' ), true ) ) {
$this->csv_tab( $data['fields'], $data['where'], $format, $file_path );
}
}
/**
* [csv_tab description]
*
* @param [type] $fields [$fields description].
* @param [type] $where [$where description].
* @param [type] $format [$format description].
* @param [type] $file_path [$file_path description].
*
* @return [type] [return description]
*/
public function csv_tab( $fields, $where, $format, $file_path ) {
global $wpdb;
$file = fopen( $file_path, 'w' );
$headers = $rows = array();
$entries = $wpdb->get_results( 'SELECT * FROM ' . VFB_WP_ENTRIES_TABLE_NAME . " WHERE entry_approved = 1 $where ORDER BY entries_id ASC" );
// Get columns.
$columns = $this->get_cols( $entries );
// Get JSON data.
$json = json_decode( $columns, true );
$rows = $fields_clean = $fields_header = array();
// Decode special characters.
foreach ( $fields as $field ) {
// Strip unique ID for a clean header.
$search = preg_replace( '/{{(\d+)}}/', '', $field );
$fields_header[] = wp_specialchars_decode( $search, ENT_QUOTES );
// Field with unique ID to use as matching data.
$fields_clean[] = wp_specialchars_decode( $field, ENT_QUOTES );
}
// Build headers.
fputcsv( $file, $fields_header, $this->delimiter );
// Build table rows and cells.
foreach ( $json as $row ) {
foreach ( $fields_clean as $label ) {
$label = wp_specialchars_decode( $label );
// Prepend a space to prevent CSV injection attacks.
$value = ' ' . wp_specialchars_decode( $row[ $label ] );
$rows[ $label ] = isset( $row[ $label ] ) && in_array( $label, $fields_clean, true ) ? $value : '';
}
fputcsv( $file, $rows, $this->delimiter );
}
// Close the file.
fclose( $file );
// Reads file in uploads folder and writes to output buffer.
readfile( $file_path );
// Delete export file.
wp_delete_file( $file_path );
exit();
}
/**
* [fields_list description]
*
* @param [type] $form_id [$form_id description].
*
* @return [type] [return description]
*/
public function fields_list( $form_id ) {
$entries = $this->get_entries( $form_id );
$entries_count = $this->get_entries_count( $form_id );
if ( 0 == $entries_count ) {
return esc_html_e( 'No entries.', 'visual-form-builder' );
}
if ( is_array( $entries ) && ! empty( $entries ) ) {
$columns = $this->get_cols( $entries );
$data = json_decode( $columns, true );
$output = '';
$array = array();
foreach ( $data as $row ) {
$array = array_merge( $row, $array );
}
$array = array_keys( $array );
$array = array_values( array_merge( $this->default_cols, $array ) );
$array = array_map( 'stripslashes', $array );
foreach ( $array as $id => $value ) {
$selected = in_array( $value, $this->default_cols, true ) ? ' checked="checked"' : '';
// Strip unique ID for a clean list.
$search = preg_replace( '/{{(\d+)}}/', '', $value );
?>
<label for="vfb-export-fields-val-<?php echo esc_attr( $id ); ?>">
<input
name="settings[fields][<?php echo esc_attr( $id ); ?>]"
class="vfb-export-fields-vals"
id="vfb-export-fields-val-<?php echo esc_attr( $id ); ?>"
type="checkbox"
value="<?php echo esc_attr( $value ); ?>"
<?php echo esc_html( $selected ); ?>
>
<?php echo esc_html( $search ); ?>
</label><br>
<?php
}
return $output;
}
}
/**
* [get_entries description]
*
* @param [type] $form_id [$form_id description].
*
* @return [type] [return description]
*/
public function get_entries( $form_id ) {
global $wpdb;
$entries = $wpdb->get_results( $wpdb->prepare( 'SELECT data FROM ' . VFB_WP_ENTRIES_TABLE_NAME . ' WHERE form_id = %d AND entry_approved = 1', $form_id ), ARRAY_A );
return $entries;
}
/**
* Build the entries as JSON
*
* @since 1.7
*
* @param array $entries The resulting database query for entries.
*/
public function get_cols( $entries ) {
// Initialize row index at 0.
$row = 0;
$output = array();
// Loop through all entries.
foreach ( $entries as $entry ) {
foreach ( $entry as $key => $value ) {
switch ( $key ) {
case 'entries_id':
case 'date_submitted':
case 'ip_address':
case 'subject':
case 'sender_name':
case 'sender_email':
$output[ $row ][ stripslashes( $this->default_cols[ $key ] ) ] = $value;
break;
case 'emails_to':
$output[ $row ][ stripslashes( $this->default_cols[ $key ] ) ] = implode( ',', maybe_unserialize( $value ) );
break;
case 'data':
// Unserialize value only if it was serialized.
$fields = maybe_unserialize( $value );
// Make sure there are no errors with unserializing before proceeding.
if ( is_array( $fields ) ) {
// Loop through our submitted data.
foreach ( $fields as $field_key => $field_value ) {
// Cast each array as an object.
$obj = (object) $field_value;
// Decode the values so HTML tags can be stripped.
$val = wp_specialchars_decode( $obj->value, ENT_QUOTES );
switch ( $obj->type ) {
case 'fieldset':
case 'section':
case 'instructions':
case 'page-break':
case 'verification':
case 'secret':
case 'submit':
break;
case 'address':
$val = str_replace( array( '<p>', '</p>', '<br>' ), array( '', "\n", "\n" ), $val );
$output[ $row ][ stripslashes( $obj->name ) . "{{{$obj->id}}}" ] = $val;
break;
case 'html':
$output[ $row ][ stripslashes( $obj->name ) . "{{{$obj->id}}}" ] = $val;
break;
default:
$val = wp_strip_all_tags( $val );
$output[ $row ][ stripslashes( $obj->name ) . "{{{$obj->id}}}" ] = $val;
break;
}
}
}
break;
}
}
$row++;
}
return wp_json_encode( $output );
}
/**
* AJAX function to load new fields list when a new form is selected
*
* @access public
* @return void
*/
public function load_fields() {
global $wpdb;
// Check AJAX nonce set via wp_localize_script.
check_ajax_referer( 'vfb_ajax', 'vfb_ajax_nonce' );
if ( isset( $_GET['action'] ) && 'vfb-export-fields' !== $_GET['action'] ) {
return;
}
$form_id = absint( $_GET['id'] );
$this->fields_list( $form_id );
die( 1 );
}
/**
* Display Year/Month filter
*
* @since 1.7
*/
public function months_dropdown() {
global $wpdb, $wp_locale;
$where = apply_filters( 'vfb_pre_get_entries', '' );
$months = $wpdb->get_results(
'SELECT DISTINCT YEAR( forms.date_submitted ) AS year, MONTH( forms.date_submitted ) AS month FROM ' . VFB_WP_ENTRIES_TABLE_NAME . " AS forms
WHERE 1=1 $where
ORDER BY forms.date_submitted DESC
"
);
$month_count = count( $months );
if ( ! $month_count || ( 1 == $month_count && 0 == $months[0]->month ) ) {
return;
}
$m = isset( $_POST['m'] ) ? (int) $_POST['m'] : 0;
foreach ( $months as $arc_row ) {
if ( 0 == $arc_row->year ) {
continue;
}
$month = zeroise( $arc_row->month, 2 );
$year = $arc_row->year;
printf(
"<option value='%s'>%s</option>\n",
esc_attr( $arc_row->year . '-' . $month ),
sprintf( esc_html__( '%1$s %2$d' ), esc_html( $wp_locale->get_month( $month ) ), esc_html( $year ) )
);
}
}
/**
* [count_entries description]
*
* @param [type] $form_id [description].
* @return [type] [description]
*/
public function get_entries_count( $form_id ) {
global $wpdb;
$count = $wpdb->get_var( $wpdb->prepare( 'SELECT COUNT(*) FROM ' . VFB_WP_ENTRIES_TABLE_NAME . ' WHERE form_id = %d', $form_id ) );
if ( ! $count ) {
return 0;
}
return $count;
}
/**
* [get_all_forms description]
*
* @return [type] [return description]
*/
public function get_all_forms() {
global $wpdb;
// Query to get all forms.
$order = sanitize_sql_orderby( 'form_id ASC' );
$where = apply_filters( 'vfb_pre_get_forms_export', '' );
$forms = $wpdb->get_results( 'SELECT form_id, form_key, form_title FROM ' . VFB_WP_FORMS_TABLE_NAME . " WHERE 1=1 $where ORDER BY $order", ARRAY_A );
return $forms;
}
}
