From 88f936b51a95f6f90d16d6c525ce0b49b89a1cbf Mon Sep 17 00:00:00 2001
From: Aaron Yarborough <personal.ajy@gmail.com>
Date: Mon, 17 Dec 2018 23:55:34 +0000
Subject: [PATCH] More thangs.
---
ContentSubmitter.php | 64 +++++++++++++++---
functions.php | 5 +-
metabox.php | 2 +-
scripts/main.js | 18 +++++-
template-submit-content.php | 126 ++++++++++++++++++++++++++----------
5 files changed, 168 insertions(+), 47 deletions(-)
diff --git a/ContentSubmitter.php b/ContentSubmitter.php
index 35cd44f..d8fd397 100644
--- a/ContentSubmitter.php
+++ b/ContentSubmitter.php
@@ -1,5 +1,7 @@
<?php
+require_once(ABSPATH . 'wp-admin/includes/post.php');
+
class ContentSubmitter
{
public static function submit(ContentSubmission $submission)
@@ -9,11 +11,11 @@ class ContentSubmitter
}
// Validation
- if (self::is_title_valid($submission->title))
+ if (!self::is_title_valid($submission->title))
throw new InvalidSubmissionTitleException();
- if (self::is_content_valid($submission->content))
+ if (!self::is_content_valid($submission->content))
throw new InvalidSubmissionContentException();
- if (self::is_creators_valid($submission->content))
+ if (!self::is_creators_valid($submission->content))
throw new InvalidSubmissionCreatorsException();
if (self::is_title_in_use($submission->title))
throw new SubmissionTitleExistsException();
@@ -23,9 +25,10 @@ class ContentSubmitter
'post_title' => $submission->title,
'post_content' => $submission->content,
'post_status' => 'publish',
- 'post_author' => get_current_user_id()
+ 'post_author' => get_current_user_id(),
+ 'post_type' => 'content_submission'
);
-
+
$post_id = wp_insert_post($submission_post);
update_post_meta($post_id, 'garchive_metabox_creators', $submission->creators);
@@ -59,7 +62,8 @@ class ContentSubmitter
{
if (empty($title))
return false;
- return false;
+
+ return true;
}
}
@@ -70,13 +74,55 @@ class ContentSubmission
public $creators;
public $source;
- public function __construct($title, $content, $creators, $source)
+ public function __construct($title, $content, $creators, $source = '')
{
- $this->title = trim(wp_strip_all_tags($title));
- $this->content = trim(esc_html($content));
+ $this->title = trim(sanitize_text_field($title));
+ $this->content = trim(self::sanitize_content($content));
$this->creators = trim(sanitize_text_field($creators));
$this->source = trim(esc_url($source));
}
+
+ private static function sanitize_content($title) {
+ $allowd_title_tags = array(
+ 'h2' => array(),
+ 'h3' => array(),
+ 'h4' => array(),
+ 'h5' => array(),
+ 'h6' => array(),
+ 'ul' => array(),
+ 'li' => array(),
+ 'ol' => array(),
+ 'p' => array(),
+ 'a' => array(
+ 'href' => true,
+ 'title' => true,
+ ),
+ 'abbr' => array(
+ 'title' => true,
+ ),
+ 'acronym' => array(
+ 'title' => true,
+ ),
+ 'b' => array(),
+ 'blockquote' => array(
+ 'cite' => true,
+ ),
+ 'cite' => array(),
+ 'code' => array(),
+ 'del' => array(
+ 'datetime' => true,
+ ),
+ 'em' => array(),
+ 'i' => array(),
+ 'q' => array(
+ 'cite' => true,
+ ),
+ 'strike' => array(),
+ 'strong' => array(),
+ );
+
+ return wp_kses($title, $allowd_title_tags);
+ }
}
class InvalidSubmissionTitleException extends Exception
diff --git a/functions.php b/functions.php
index 6e7b1dc..56f6089 100644
--- a/functions.php
+++ b/functions.php
@@ -42,7 +42,8 @@ add_action('admin_init', function () {
});
add_action('template_redirect', function () {
- if (!wp_get_current_user()) {
+
+ if (!is_user_logged_in()) {
if (is_page_template('template-submit-content.php')) {
wp_redirect(esc_url(home_url('/register')), 302);
}
@@ -86,7 +87,7 @@ add_action('init', function () {
'label' => __('Content Submission', 'garchive'),
'description' => __('A content submission.', 'garchive'),
'labels' => $labels,
- 'supports' => array('title', 'editor'),
+ 'supports' => array('title', 'editor', 'author', 'custom-fields'),
'taxonomies' => array('category', 'post_tag'),
'hierarchical' => false,
'public' => true,
diff --git a/metabox.php b/metabox.php
index 66880b3..d50132a 100644
--- a/metabox.php
+++ b/metabox.php
@@ -5,7 +5,7 @@ add_filter('rwmb_meta_boxes', function ($meta_boxes) {
$meta_boxes[] = array(
'id' => 'extra_post_options',
'title' => __('Extra Post Options', 'garchive'),
- 'post_types' => array('post'),
+ 'post_types' => array('post', 'page'),
'context' => 'normal',
'priority' => 'high',
'autosave' => 'false',
diff --git a/scripts/main.js b/scripts/main.js
index 6c4f9c9..6b22fde 100644
--- a/scripts/main.js
+++ b/scripts/main.js
@@ -41,7 +41,23 @@
return;
tinymce.init({
- selector: editorSelector
+ selector: editorSelector,
+ menu: {},
+ style_formats: [
+ {title: 'Heading 2', format: 'h2'},
+ {title: 'Heading 3', format: 'h3'},
+ {title: 'Heading 4', format: 'h4'},
+ {title: 'Heading 5', format: 'h5'},
+ {title: 'Heading 6', format: 'h6'},
+ {title: 'Normal', block: 'p'}
+ ],
+ toolbar: 'undo redo | styleselect | bold italic | link | numlist bullist',
+ plugins: ['lists', 'link'],
+ setup: function (editor) {
+ editor.on('change', function () {
+ editor.save();
+ });
+ }
});
}
})(jQuery);
\ No newline at end of file
diff --git a/template-submit-content.php b/template-submit-content.php
index ac09bac..fdcd324 100644
--- a/template-submit-content.php
+++ b/template-submit-content.php
@@ -6,6 +6,54 @@
get_header();
+require_once 'FormHelper.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+ require_once 'ContentSubmitter.php';
+
+ $errors = array();
+
+ if (empty($_POST['title']))
+ $errors[] = 'Your must provide a title.';
+
+ if (empty($_POST['content']))
+ $errors[] = 'Your must provide some content.';
+
+ if (empty($_POST['creators']))
+ $errors[] = 'You must provide the creators.';
+
+ if (count($errors) === 0) {
+ try
+ {
+ $submission = new ContentSubmission(
+ $_POST['title'],
+ $_POST['content'],
+ $_POST['creators']
+ );
+
+ ContentSubmitter::submit($submission);
+
+ $success = true;
+ }
+ catch (InvalidSubmissionTitleException $ex)
+ {
+ $errors[] = 'Your submission title is invalid. Please provide a title.';
+ }
+ catch (InvalidSubmissionContentException $ex)
+ {
+ $errors[] = 'Your submission title is invalid. Please provide some content.';
+ }
+ catch (InvalidSubmissionCreatorsException $ex)
+ {
+ $errors[] = 'Your submitted creators field is invalid. Please provide the creators.';
+ }
+ catch (SubmissionTitleExistsException $ex)
+ {
+ $errors[] = 'A post already exists with the name \'' . $submission->title . '\', please choose another.';
+ }
+ }
+}
+
?>
<?php while(have_posts()): the_post() ?>
@@ -14,46 +62,56 @@ get_header();
<h1><?php the_title() ?></h1>
<div><?php the_content(); ?></div>
<hr/>
- <form action="">
- <div class="form-group">
- <label for="title">Title</label>
- <input name="title" type="text" class="form-control" required maxlength="30" />
- <small class="form-text text-muted">Please provide a short title. It may be no longer than 30 characters.</small>
- </div>
+ <?php if (isset($success) && $success === true): ?>
+ <div class="alert alert-success">Thank you! Your submission is now with us. You will be notified of any updates to your submission via email.</div>
+ <?php else: ?>
+ <?php if (isset($errors)): ?>
+ <?php foreach ($errors as $error): ?>
+ <div class="alert alert-danger"><?php echo sanitize_text_field($error) ?></div>
+ <?php endforeach; ?>
+ <?php endif; ?>
- <div class="form-group">
- <label for="title">Body</label>
- <div class="alert alert-info">
- <small>This is the main content of the submission. Please describe the content and provide any guides/sources.</small>
+ <form action="" method="POST">
+ <div class="form-group">
+ <label for="title">Title</label>
+ <input name="title" type="text" class="form-control" required maxlength="30" />
+ <small class="form-text text-muted">Please provide a short title. It may be no longer than 30 characters.</small>
</div>
- <textarea name="content" class="rte" required></textarea>
- </div>
- <div class="form-group">
- <label for="title">Creators</label>
- <input type="text" name="creators" class="form-control" required></textarea>
- <small class="form-text text-muted">
- Provide a list of the original creators in a comma-separated format. For example: <i>Emera, Astram</i>
- </small>
- </div>
-
- <div class="form-group">
- <label for="title">Source</label>
- <div class="input-group">
- <div class="input-group-prepend">
- <div class="input-group-text"><i class="fa fa-link"></i></div>
+ <div class="form-group">
+ <label for="content">Body</label>
+ <div class="alert alert-info">
+ <small>This is the main content of the submission. Please describe the content and provide any guides/sources.</small>
</div>
- <input type="url" name="creators" class="form-control" id="inlineFormInputGroupUsername" />
+ <textarea name="content" class="rte" required></textarea>
</div>
- <small class="form-text text-muted">
- If applicable, please provide a link to the original source. For example, if your content was originally posted on a forum, you would enter the thread URL here.
- </small>
- </div>
- <div class="form-group">
- <button type="submit" class="gar-btn">Submit</button>
- </div>
- </form>
+ <div class="form-group">
+ <label for="creators">Creators</label>
+ <input type="text" name="creators" class="form-control" required></textarea>
+ <small class="form-text text-muted">
+ Provide a list of the original creators in a comma-separated format. For example: <i>Emera, Astram</i>
+ </small>
+ </div>
+
+ <div class="form-group">
+ <label for="source">Source</label>
+ <div class="input-group">
+ <div class="input-group-prepend">
+ <div class="input-group-text"><i class="fa fa-link"></i></div>
+ </div>
+ <input type="url" name="source" class="form-control" id="inlineFormInputGroupUsername" />
+ </div>
+ <small class="form-text text-muted">
+ If applicable, please provide a link to the original source. For example, if your content was originally posted on a forum, you would enter the thread URL here.
+ </small>
+ </div>
+
+ <div class="form-group">
+ <input type="submit" class="gar-btn" value="Submit"/>
+ </div>
+ </form>
+ <?php endif; ?>
</div>
<?php endwhile; ?>