Inspection of "Start making lightbox edit entry and lightbox entr..." - gravityview/GravityView - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( c38b5d...31c9ca )

by Zack

created 2021-04-27 20:50 UTC

Status

Indentation +164 added lines, -164 removed lines patch added patch discarded remove patch

@@ -23,90 +23,90 @@  discard block
 block discarded – undo
 
 class GravityView_Edit_Entry {
 
-    /**
-     * @var string
-     */
+	/**
+	 * @var string
+	 */
 	static $file;
 
 	static $instance;
 
-    /**
-     * Component instances.
-     * @var array
-     */
-    public $instances = array();
+	/**
+	 * Component instances.
+	 * @var array
+	 */
+	public $instances = array();
 
 
 	function __construct() {
 
-        self::$file = plugin_dir_path( __FILE__ );
+		self::$file = plugin_dir_path( __FILE__ );
 
-        if( is_admin() ) {
-            $this->load_components( 'admin' );
-        }
+		if( is_admin() ) {
+			$this->load_components( 'admin' );
+		}
 
 		$this->load_components( 'locking' );
 
-        $this->load_components( 'render' );
+		$this->load_components( 'render' );
 
-        // If GF User Registration Add-on exists
-        $this->load_components( 'user-registration' );
+		// If GF User Registration Add-on exists
+		$this->load_components( 'user-registration' );
 
-        $this->add_hooks();
+		$this->add_hooks();
 
 		// Process hooks for addons that may or may not be present
 		$this->addon_specific_hooks();
 	}
 
 
-    static function getInstance() {
+	static function getInstance() {
 
-        if( empty( self::$instance ) ) {
-            self::$instance = new GravityView_Edit_Entry;
-        }
+		if( empty( self::$instance ) ) {
+			self::$instance = new GravityView_Edit_Entry;
+		}
 
-        return self::$instance;
-    }
+		return self::$instance;
+	}
 
 
-    private function load_components( $component ) {
+	private function load_components( $component ) {
 
-        $dir = trailingslashit( self::$file );
+		$dir = trailingslashit( self::$file );
 
-        $filename  = $dir . 'class-edit-entry-' . $component . '.php';
-        $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
+		$filename  = $dir . 'class-edit-entry-' . $component . '.php';
+		$classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
 
-        // Loads component and pass extension's instance so that component can
-        // talk each other.
-        require_once $filename;
-        $this->instances[ $component ] = new $classname( $this );
-        $this->instances[ $component ]->load();
+		// Loads component and pass extension's instance so that component can
+		// talk each other.
+		require_once $filename;
+		$this->instances[ $component ] = new $classname( $this );
+		$this->instances[ $component ]->load();
 
-    }
+	}
 
-    private function add_hooks() {
+	private function add_hooks() {
 
-        // Add front-end access to Gravity Forms delete file action
-        add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
+		// Add front-end access to Gravity Forms delete file action
+		add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
 
-        // Make sure this hook is run for non-admins
-        add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
+		// Make sure this hook is run for non-admins
+		add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
 
-        add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
+		add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
 
-        // add template path to check for field
-        add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
+		// add template path to check for field
+		add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
 
 		add_filter( 'gravityview/field/is_visible', array( $this, 'maybe_not_visible' ), 10, 3 );
 
 		add_filter( 'gravityview/api/reserved_query_args', array( $this, 'add_reserved_arg' ) );
 
-	    add_action( 'template_redirect', function() {
-		    if ( ! isset( $_GET['gv-iframe'] ) ) {
-			    return;
-		    }
+		add_action( 'template_redirect', function() {
+			if ( ! isset( $_GET['gv-iframe'] ) ) {
+				return;
+			}
 
-		    // If user doesn't have appropriate permissions, die.
+			// If user doesn't have appropriate permissions, die.
 			if ( ! GFCommon::current_user_can_any( array( 'gravityforms_edit_forms', 'gravityforms_create_form', 'gravityforms_preview_forms' ) ) ) {
 				die( esc_html__( "You don't have adequate permission to preview forms.", 'gravityforms' ) );
 			}
@@ -231,9 +231,9 @@  discard block
 block discarded – undo
 </body>
 </html>
 <?php
-		    exit();
-	    } );
-    }
+			exit();
+		} );
+	}
 
 	/**
 	 * Adds "edit" to the list of internal reserved query args
@@ -304,74 +304,74 @@  discard block
 block discarded – undo
 		return false;
 	}
 
-    /**
-     * Include this extension templates path
-     * @param array $file_paths List of template paths ordered
-     */
-    public function add_template_path( $file_paths ) {
-
-        // Index 100 is the default GravityView template path.
-        $file_paths[ 110 ] = self::$file;
-
-        return $file_paths;
-    }
-
-    /**
-     *
-     * Return a well formatted nonce key according to GravityView Edit Entry protocol
-     *
-     * @param $view_id int GravityView view id
-     * @param $form_id int Gravity Forms form id
-     * @param $entry_id int Gravity Forms entry id
-     * @return string
-     */
-    public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
-        return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
-    }
-
-
-    /**
-     * The edit entry link creates a secure link with a nonce
-     *
-     * It also mimics the URL structure Gravity Forms expects to have so that
-     * it formats the display of the edit form like it does in the backend, like
-     * "You can edit this post from the post page" fields, for example.
-     *
-     * @param $entry array Gravity Forms entry object
-     * @param $view_id int GravityView view id
-     * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
-     * @param string|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
-     * @return string
-     */
-    public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
-
-        $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id']  );
-
-        $base = gv_entry_link( $entry, $post_id ? : $view_id  );
-
-        $url = add_query_arg( array(
-            'edit' => wp_create_nonce( $nonce_key )
-        ), $base );
-
-        if( $post_id ) {
-	        $url = add_query_arg( array( 'gvid' => $view_id ), $url );
-        }
-
-	    /**
-	     * Allow passing params to dynamically populate entry with values
-	     * @since 1.9.2
-	     */
-	    if( !empty( $field_values ) ) {
-
-		    if( is_array( $field_values ) ) {
-			    // If already an array, no parse_str() needed
-			    $params = $field_values;
-		    } else {
-			    parse_str( $field_values, $params );
-		    }
-
-		    $url = add_query_arg( $params, $url );
-	    }
+	/**
+	 * Include this extension templates path
+	 * @param array $file_paths List of template paths ordered
+	 */
+	public function add_template_path( $file_paths ) {
+
+		// Index 100 is the default GravityView template path.
+		$file_paths[ 110 ] = self::$file;
+
+		return $file_paths;
+	}
+
+	/**
+	 *
+	 * Return a well formatted nonce key according to GravityView Edit Entry protocol
+	 *
+	 * @param $view_id int GravityView view id
+	 * @param $form_id int Gravity Forms form id
+	 * @param $entry_id int Gravity Forms entry id
+	 * @return string
+	 */
+	public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
+		return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
+	}
+
+
+	/**
+	 * The edit entry link creates a secure link with a nonce
+	 *
+	 * It also mimics the URL structure Gravity Forms expects to have so that
+	 * it formats the display of the edit form like it does in the backend, like
+	 * "You can edit this post from the post page" fields, for example.
+	 *
+	 * @param $entry array Gravity Forms entry object
+	 * @param $view_id int GravityView view id
+	 * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
+	 * @param string|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
+	 * @return string
+	 */
+	public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
+
+		$nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id']  );
+
+		$base = gv_entry_link( $entry, $post_id ? : $view_id  );
+
+		$url = add_query_arg( array(
+			'edit' => wp_create_nonce( $nonce_key )
+		), $base );
+
+		if( $post_id ) {
+			$url = add_query_arg( array( 'gvid' => $view_id ), $url );
+		}
+
+		/**
+		 * Allow passing params to dynamically populate entry with values
+		 * @since 1.9.2
+		 */
+		if( !empty( $field_values ) ) {
+
+			if( is_array( $field_values ) ) {
+				// If already an array, no parse_str() needed
+				$params = $field_values;
+			} else {
+				parse_str( $field_values, $params );
+			}
+
+			$url = add_query_arg( $params, $url );
+		}
 
 		/**
 		 * @filter `gravityview/edit/link` Filter the edit URL link.
@@ -380,7 +380,7 @@  discard block
 block discarded – undo
 		 * @param \GV\View $view The View.
 		 */
 		return apply_filters( 'gravityview/edit/link', $url, $entry, \GV\View::by_id( $view_id  ) );
-    }
+	}
 
 	/**
 	 * Edit mode doesn't allow certain field types.
@@ -435,19 +435,19 @@  discard block
 block discarded – undo
 	}
 
 
-    /**
-     * checks if user has permissions to edit a specific entry
-     *
-     * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
-     *
-     * @param  array $entry Gravity Forms entry array
-     * @param \GV\View|int $view ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
-     * @return bool
-     */
-    public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
+	/**
+	 * checks if user has permissions to edit a specific entry
+	 *
+	 * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
+	 *
+	 * @param  array $entry Gravity Forms entry array
+	 * @param \GV\View|int $view ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
+	 * @return bool
+	 */
+	public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
 
-        // No permission by default
-        $user_can_edit = false;
+		// No permission by default
+		$user_can_edit = false;
 
 		// get user_edit setting
 		if ( empty( $view ) ) {
@@ -465,60 +465,60 @@  discard block
 block discarded – undo
 			$user_edit = GVCommon::get_template_setting( $view_id, 'user_edit' );
 		}
 
-        // If they can edit any entries (as defined in Gravity Forms)
-        // Or if they can edit other people's entries
-        // Then we're good.
-        if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
+		// If they can edit any entries (as defined in Gravity Forms)
+		// Or if they can edit other people's entries
+		// Then we're good.
+		if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
 
-            gravityview()->log->debug( 'User has ability to edit all entries.' );
+			gravityview()->log->debug( 'User has ability to edit all entries.' );
 
-            $user_can_edit = true;
+			$user_can_edit = true;
 
-        } else if( !isset( $entry['created_by'] ) ) {
+		} else if( !isset( $entry['created_by'] ) ) {
 
-            gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
+			gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
 
-            $user_can_edit = false;
+			$user_can_edit = false;
 
-        } else {
+		} else {
 
-            $current_user = wp_get_current_user();
+			$current_user = wp_get_current_user();
 
-            // User edit is disabled
-            if( empty( $user_edit ) ) {
+			// User edit is disabled
+			if( empty( $user_edit ) ) {
 
-                gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
+				gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
 
-                $user_can_edit = false;
-            }
+				$user_can_edit = false;
+			}
 
-            // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
-            else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
+			// User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
+			else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
 
-                gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
+				gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
 
-                $user_can_edit = true;
+				$user_can_edit = true;
 
-            } else if( ! is_user_logged_in() ) {
+			} else if( ! is_user_logged_in() ) {
 
-                gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
+				gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
 
-	            $user_can_edit = false; // Here just for clarity
-            }
+				$user_can_edit = false; // Here just for clarity
+			}
 
-        }
+		}
 
-        /**
-         * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
-         * @since 1.15 Added `$entry` and `$view_id` parameters
-         * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
-         * @param[in] array $entry Gravity Forms entry array {@since 1.15}
-         * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
-         */
-        $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
+		/**
+		 * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
+		 * @since 1.15 Added `$entry` and `$view_id` parameters
+		 * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
+		 * @param[in] array $entry Gravity Forms entry array {@since 1.15}
+		 * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
+		 */
+		$user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
 
-        return (bool) $user_can_edit;
-    }
+		return (bool) $user_can_edit;
+	}
 
 
 

Please login to merge, or discard this patch.

		@@ -23,90 +23,90 @@ discard block
		block discarded – undo
23	23
24	24	class GravityView_Edit_Entry {
25	25
26		- /**
27		- * @var string
28		- */
	26	+ /**
	27	+ * @var string
	28	+ */
29	29	static $file;
30	30
31	31	static $instance;
32	32
33		- /**
34		- * Component instances.
35		- * @var array
36		- */
37		- public $instances = array();
	33	+ /**
	34	+ * Component instances.
	35	+ * @var array
	36	+ */
	37	+ public $instances = array();
38	38
39	39
40	40	function __construct() {
41	41
42		- self::$file = plugin_dir_path( __FILE__ );
	42	+ self::$file = plugin_dir_path( __FILE__ );
43	43
44		- if( is_admin() ) {
45		- $this->load_components( 'admin' );
46		- }
	44	+ if( is_admin() ) {
	45	+ $this->load_components( 'admin' );
	46	+ }
47	47
48	48	$this->load_components( 'locking' );
49	49
50		- $this->load_components( 'render' );
	50	+ $this->load_components( 'render' );
51	51
52		- // If GF User Registration Add-on exists
53		- $this->load_components( 'user-registration' );
	52	+ // If GF User Registration Add-on exists
	53	+ $this->load_components( 'user-registration' );
54	54
55		- $this->add_hooks();
	55	+ $this->add_hooks();
56	56
57	57	// Process hooks for addons that may or may not be present
58	58	$this->addon_specific_hooks();
59	59	}
60	60
61	61
62		- static function getInstance() {
	62	+ static function getInstance() {
63	63
64		- if( empty( self::$instance ) ) {
65		- self::$instance = new GravityView_Edit_Entry;
66		- }
	64	+ if( empty( self::$instance ) ) {
	65	+ self::$instance = new GravityView_Edit_Entry;
	66	+ }
67	67
68		- return self::$instance;
69		- }
	68	+ return self::$instance;
	69	+ }
70	70
71	71
72		- private function load_components( $component ) {
	72	+ private function load_components( $component ) {
73	73
74		- $dir = trailingslashit( self::$file );
	74	+ $dir = trailingslashit( self::$file );
75	75
76		- $filename = $dir . 'class-edit-entry-' . $component . '.php';
77		- $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
	76	+ $filename = $dir . 'class-edit-entry-' . $component . '.php';
	77	+ $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
78	78
79		- // Loads component and pass extension's instance so that component can
80		- // talk each other.
81		- require_once $filename;
82		- $this->instances[ $component ] = new $classname( $this );
83		- $this->instances[ $component ]->load();
	79	+ // Loads component and pass extension's instance so that component can
	80	+ // talk each other.
	81	+ require_once $filename;
	82	+ $this->instances[ $component ] = new $classname( $this );
	83	+ $this->instances[ $component ]->load();
84	84
85		- }
	85	+ }
86	86
87		- private function add_hooks() {
	87	+ private function add_hooks() {
88	88
89		- // Add front-end access to Gravity Forms delete file action
90		- add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
	89	+ // Add front-end access to Gravity Forms delete file action
	90	+ add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
91	91
92		- // Make sure this hook is run for non-admins
93		- add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
	92	+ // Make sure this hook is run for non-admins
	93	+ add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
94	94
95		- add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
	95	+ add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
96	96
97		- // add template path to check for field
98		- add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
	97	+ // add template path to check for field
	98	+ add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
99	99
100	100	add_filter( 'gravityview/field/is_visible', array( $this, 'maybe_not_visible' ), 10, 3 );
101	101
102	102	add_filter( 'gravityview/api/reserved_query_args', array( $this, 'add_reserved_arg' ) );
103	103
104		- add_action( 'template_redirect', function() {
105		- if ( ! isset( $_GET['gv-iframe'] ) ) {
106		- return;
107		- }
	104	+ add_action( 'template_redirect', function() {
	105	+ if ( ! isset( $_GET['gv-iframe'] ) ) {
	106	+ return;
	107	+ }
108	108
109		- // If user doesn't have appropriate permissions, die.
	109	+ // If user doesn't have appropriate permissions, die.
110	110	if ( ! GFCommon::current_user_can_any( array( 'gravityforms_edit_forms', 'gravityforms_create_form', 'gravityforms_preview_forms' ) ) ) {
111	111	die( esc_html__( "You don't have adequate permission to preview forms.", 'gravityforms' ) );
112	112	}
		@@ -231,9 +231,9 @@ discard block
		block discarded – undo
231	231	</body>
232	232	</html>
233	233	<?php
234		- exit();
235		- } );
236		- }
	234	+ exit();
	235	+ } );
	236	+ }
237	237
238	238	/**
239	239	* Adds "edit" to the list of internal reserved query args
		@@ -304,74 +304,74 @@ discard block
		block discarded – undo
304	304	return false;
305	305	}
306	306
307		- /**
308		- * Include this extension templates path
309		- * @param array $file_paths List of template paths ordered
310		- */
311		- public function add_template_path( $file_paths ) {
312		-
313		- // Index 100 is the default GravityView template path.
314		- $file_paths[ 110 ] = self::$file;
315		-
316		- return $file_paths;
317		- }
318		-
319		- /**
320		- *
321		- * Return a well formatted nonce key according to GravityView Edit Entry protocol
322		- *
323		- * @param $view_id int GravityView view id
324		- * @param $form_id int Gravity Forms form id
325		- * @param $entry_id int Gravity Forms entry id
326		- * @return string
327		- */
328		- public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
329		- return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
330		- }
331		-
332		-
333		- /**
334		- * The edit entry link creates a secure link with a nonce
335		- *
336		- * It also mimics the URL structure Gravity Forms expects to have so that
337		- * it formats the display of the edit form like it does in the backend, like
338		- * "You can edit this post from the post page" fields, for example.
339		- *
340		- * @param $entry array Gravity Forms entry object
341		- * @param $view_id int GravityView view id
342		- * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
343		- * @param string\|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
344		- * @return string
345		- */
346		- public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
347		-
348		- $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id'] );
349		-
350		- $base = gv_entry_link( $entry, $post_id ? : $view_id );
351		-
352		- $url = add_query_arg( array(
353		- 'edit' => wp_create_nonce( $nonce_key )
354		- ), $base );
355		-
356		- if( $post_id ) {
357		- $url = add_query_arg( array( 'gvid' => $view_id ), $url );
358		- }
359		-
360		- /**
361		- * Allow passing params to dynamically populate entry with values
362		- * @since 1.9.2
363		- */
364		- if( !empty( $field_values ) ) {
365		-
366		- if( is_array( $field_values ) ) {
367		- // If already an array, no parse_str() needed
368		- $params = $field_values;
369		- } else {
370		- parse_str( $field_values, $params );
371		- }
372		-
373		- $url = add_query_arg( $params, $url );
374		- }
	307	+ /**
	308	+ * Include this extension templates path
	309	+ * @param array $file_paths List of template paths ordered
	310	+ */
	311	+ public function add_template_path( $file_paths ) {
	312	+
	313	+ // Index 100 is the default GravityView template path.
	314	+ $file_paths[ 110 ] = self::$file;
	315	+
	316	+ return $file_paths;
	317	+ }
	318	+
	319	+ /**
	320	+ *
	321	+ * Return a well formatted nonce key according to GravityView Edit Entry protocol
	322	+ *
	323	+ * @param $view_id int GravityView view id
	324	+ * @param $form_id int Gravity Forms form id
	325	+ * @param $entry_id int Gravity Forms entry id
	326	+ * @return string
	327	+ */
	328	+ public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
	329	+ return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
	330	+ }
	331	+
	332	+
	333	+ /**
	334	+ * The edit entry link creates a secure link with a nonce
	335	+ *
	336	+ * It also mimics the URL structure Gravity Forms expects to have so that
	337	+ * it formats the display of the edit form like it does in the backend, like
	338	+ * "You can edit this post from the post page" fields, for example.
	339	+ *
	340	+ * @param $entry array Gravity Forms entry object
	341	+ * @param $view_id int GravityView view id
	342	+ * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
	343	+ * @param string\|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
	344	+ * @return string
	345	+ */
	346	+ public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
	347	+
	348	+ $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id'] );
	349	+
	350	+ $base = gv_entry_link( $entry, $post_id ? : $view_id );
	351	+
	352	+ $url = add_query_arg( array(
	353	+ 'edit' => wp_create_nonce( $nonce_key )
	354	+ ), $base );
	355	+
	356	+ if( $post_id ) {
	357	+ $url = add_query_arg( array( 'gvid' => $view_id ), $url );
	358	+ }
	359	+
	360	+ /**
	361	+ * Allow passing params to dynamically populate entry with values
	362	+ * @since 1.9.2
	363	+ */
	364	+ if( !empty( $field_values ) ) {
	365	+
	366	+ if( is_array( $field_values ) ) {
	367	+ // If already an array, no parse_str() needed
	368	+ $params = $field_values;
	369	+ } else {
	370	+ parse_str( $field_values, $params );
	371	+ }
	372	+
	373	+ $url = add_query_arg( $params, $url );
	374	+ }
375	375
376	376	/**
377	377	* @filter `gravityview/edit/link` Filter the edit URL link.
		@@ -380,7 +380,7 @@ discard block
		block discarded – undo
380	380	* @param \GV\View $view The View.
381	381	*/
382	382	return apply_filters( 'gravityview/edit/link', $url, $entry, \GV\View::by_id( $view_id ) );
383		- }
	383	+ }
384	384
385	385	/**
386	386	* Edit mode doesn't allow certain field types.
		@@ -435,19 +435,19 @@ discard block
		block discarded – undo
435	435	}
436	436
437	437
438		- /**
439		- * checks if user has permissions to edit a specific entry
440		- *
441		- * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
442		- *
443		- * @param array $entry Gravity Forms entry array
444		- * @param \GV\View\|int $view ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
445		- * @return bool
446		- */
447		- public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
	438	+ /**
	439	+ * checks if user has permissions to edit a specific entry
	440	+ *
	441	+ * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
	442	+ *
	443	+ * @param array $entry Gravity Forms entry array
	444	+ * @param \GV\View\|int $view ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
	445	+ * @return bool
	446	+ */
	447	+ public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
448	448
449		- // No permission by default
450		- $user_can_edit = false;
	449	+ // No permission by default
	450	+ $user_can_edit = false;
451	451
452	452	// get user_edit setting
453	453	if ( empty( $view ) ) {
		@@ -465,60 +465,60 @@ discard block
		block discarded – undo
465	465	$user_edit = GVCommon::get_template_setting( $view_id, 'user_edit' );
466	466	}
467	467
468		- // If they can edit any entries (as defined in Gravity Forms)
469		- // Or if they can edit other people's entries
470		- // Then we're good.
471		- if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
	468	+ // If they can edit any entries (as defined in Gravity Forms)
	469	+ // Or if they can edit other people's entries
	470	+ // Then we're good.
	471	+ if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
472	472
473		- gravityview()->log->debug( 'User has ability to edit all entries.' );
	473	+ gravityview()->log->debug( 'User has ability to edit all entries.' );
474	474
475		- $user_can_edit = true;
	475	+ $user_can_edit = true;
476	476
477		- } else if( !isset( $entry['created_by'] ) ) {
	477	+ } else if( !isset( $entry['created_by'] ) ) {
478	478
479		- gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
	479	+ gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
480	480
481		- $user_can_edit = false;
	481	+ $user_can_edit = false;
482	482
483		- } else {
	483	+ } else {
484	484
485		- $current_user = wp_get_current_user();
	485	+ $current_user = wp_get_current_user();
486	486
487		- // User edit is disabled
488		- if( empty( $user_edit ) ) {
	487	+ // User edit is disabled
	488	+ if( empty( $user_edit ) ) {
489	489
490		- gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
	490	+ gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
491	491
492		- $user_can_edit = false;
493		- }
	492	+ $user_can_edit = false;
	493	+ }
494	494
495		- // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
496		- else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
	495	+ // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
	496	+ else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
497	497
498		- gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
	498	+ gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
499	499
500		- $user_can_edit = true;
	500	+ $user_can_edit = true;
501	501
502		- } else if( ! is_user_logged_in() ) {
	502	+ } else if( ! is_user_logged_in() ) {
503	503
504		- gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
	504	+ gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
505	505
506		- $user_can_edit = false; // Here just for clarity
507		- }
	506	+ $user_can_edit = false; // Here just for clarity
	507	+ }
508	508
509		- }
	509	+ }
510	510
511		- /**
512		- * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
513		- * @since 1.15 Added `$entry` and `$view_id` parameters
514		- * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
515		- * @param[in] array $entry Gravity Forms entry array {@since 1.15}
516		- * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
517		- */
518		- $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
	511	+ /**
	512	+ * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
	513	+ * @since 1.15 Added `$entry` and `$view_id` parameters
	514	+ * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
	515	+ * @param[in] array $entry Gravity Forms entry array {@since 1.15}
	516	+ * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
	517	+ */
	518	+ $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
519	519
520		- return (bool) $user_can_edit;
521		- }
	520	+ return (bool) $user_can_edit;
	521	+ }
522	522
523	523
524	524

gravityview / GravityView

Push — develop ( c38b5d...31c9ca )

Status

Category

Indentation +164 added lines, -164 removed lines patch added patch discarded remove patch