/**
* Process the contact form's POST submission
* Stores feedback. Sends email.
*/
function process_submission()
{
global $post;
$plugin = Grunion_Contact_Form_Plugin::init();
$id = $this->get_attribute('id');
$to = $this->get_attribute('to');
$widget = $this->get_attribute('widget');
$contact_form_subject = $this->get_attribute('subject');
$to = str_replace(' ', '', $to);
$emails = explode(',', $to);
$valid_emails = array();
foreach ((array) $emails as $email) {
if (!is_email($email)) {
continue;
}
if (function_exists('is_email_address_unsafe') && is_email_address_unsafe($email)) {
continue;
}
$valid_emails[] = $email;
}
// No one to send it to :(
if (!$valid_emails) {
return false;
}
$to = $valid_emails;
// Make sure we're processing the form we think we're processing... probably a redundant check.
if ($widget) {
if ('widget-' . $widget != $_POST['contact-form-id']) {
return false;
}
} else {
if ($post->ID != $_POST['contact-form-id']) {
return false;
}
}
$field_ids = $this->get_field_ids();
// Initialize all these "standard" fields to null
$comment_author_email = $comment_author_email_label = $comment_author = $comment_author_label = $comment_author_url = $comment_author_url_label = $comment_content = $comment_content_label = null;
// For each of the "standard" fields, grab their field label and value.
if (isset($field_ids['name'])) {
$field = $this->fields[$field_ids['name']];
$comment_author = Grunion_Contact_Form_Plugin::strip_tags(stripslashes(apply_filters('pre_comment_author_name', addslashes($field->value))));
$comment_author_label = Grunion_Contact_Form_Plugin::strip_tags($field->get_attribute('label'));
}
if (isset($field_ids['email'])) {
$field = $this->fields[$field_ids['email']];
$comment_author_email = Grunion_Contact_Form_Plugin::strip_tags(stripslashes(apply_filters('pre_comment_author_email', addslashes($field->value))));
$comment_author_email_label = Grunion_Contact_Form_Plugin::strip_tags($field->get_attribute('label'));
}
if (isset($field_ids['url'])) {
$field = $this->fields[$field_ids['url']];
$comment_author_url = Grunion_Contact_Form_Plugin::strip_tags(stripslashes(apply_filters('pre_comment_author_url', addslashes($field->value))));
if ('http://' == $comment_author_url) {
$comment_author_url = '';
}
$comment_author_url_label = Grunion_Contact_Form_Plugin::strip_tags($field->get_attribute('label'));
}
if (isset($field_ids['textarea'])) {
$field = $this->fields[$field_ids['textarea']];
$comment_content = trim(Grunion_Contact_Form_Plugin::strip_tags($field->value));
$comment_content_label = Grunion_Contact_Form_Plugin::strip_tags($field->get_attribute('label'));
}
if (isset($field_ids['subject'])) {
$field = $this->fields[$field_ids['subject']];
if ($field->value) {
$contact_form_subject = Grunion_Contact_Form_Plugin::strip_tags($field->value);
}
}
$all_values = $extra_values = array();
// For all fields, grab label and value
foreach ($field_ids['all'] as $field_id) {
$field = $this->fields[$field_id];
$label = $field->get_attribute('label');
$value = $field->value;
$all_values[$label] = $value;
}
// For the "non-standard" fields, grab label and value
foreach ($field_ids['extra'] as $field_id) {
$field = $this->fields[$field_id];
$label = $field->get_attribute('label');
$value = $field->value;
$extra_values[$label] = $value;
}
$contact_form_subject = trim($contact_form_subject);
$comment_author_IP = Grunion_Contact_Form_Plugin::strip_tags($_SERVER['REMOTE_ADDR']);
$vars = array('comment_author', 'comment_author_email', 'comment_author_url', 'contact_form_subject', 'comment_author_IP');
foreach ($vars as $var) {
${$var} = str_replace(array("\n", "\r"), '', ${$var});
}
$vars[] = 'comment_content';
$spam = '';
$akismet_values = $plugin->prepare_for_akismet(compact($vars));
// Is it spam?
$is_spam = apply_filters('contact_form_is_spam', $akismet_values);
if (is_wp_error($is_spam)) {
// WP_Error to abort
return $is_spam;
} else {
if ($is_spam === TRUE) {
// TRUE to flag a spam
$spam = '***SPAM*** ';
}
}
if (!$comment_author) {
$comment_author = $comment_author_email;
}
$to = (array) apply_filters('contact_form_to', $to);
foreach ($to as $to_key => $to_value) {
$to[$to_key] = Grunion_Contact_Form_Plugin::strip_tags($to_value);
}
$blog_url = parse_url(site_url());
$from_email_addr = 'wordpress@' . $blog_url['host'];
$reply_to_addr = $to[0];
if (!empty($comment_author_email)) {
$reply_to_addr = $comment_author_email;
}
$headers = 'From: ' . $comment_author . ' <' . $from_email_addr . ">\r\n" . 'Reply-To: ' . $comment_author . ' <' . $reply_to_addr . ">\r\n" . "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"";
$subject = apply_filters('contact_form_subject', $contact_form_subject);
$time = date_i18n(__('l F j, Y \\a\\t g:i a', 'jetpack'), current_time('timestamp'));
$extra_content = '';
foreach ($extra_values as $label => $value) {
$extra_content .= $label . ': ' . trim($value) . "\n";
}
$message = "{$comment_author_label}: {$comment_author}\n";
if (!empty($comment_author_email)) {
$message .= "{$comment_author_email_label}: {$comment_author_email}\n";
}
if (!empty($comment_author_url)) {
$message .= "{$comment_author_url_label}: {$comment_author_url}\n";
}
if (!empty($comment_content_label)) {
$message .= "{$comment_content_label}: {$comment_content}\n";
}
$message .= $extra_content . "\n";
$message .= __('Time:', 'jetpack') . ' ' . $time . "\n";
$message .= __('IP Address:', 'jetpack') . ' ' . $comment_author_IP . "\n";
if ($widget) {
$url = home_url('/');
} else {
$url = get_permalink($post->ID);
}
$message .= __('Contact Form URL:', 'jetpack') . " {$url}\n";
if (is_user_logged_in()) {
$message .= "\n";
$message .= sprintf(__('Sent by a verified %s user.', 'jetpack'), isset($GLOBALS['current_site']->site_name) && $GLOBALS['current_site']->site_name ? $GLOBALS['current_site']->site_name : '"' . get_option('blogname') . '"');
} else {
$message .= __('Sent by an unverified visitor to your site.', 'jetpack');
}
$message = apply_filters('contact_form_message', $message);
$message = Grunion_Contact_Form_Plugin::strip_tags($message);
// keep a copy of the feedback as a custom post type
$feedback_mysql_time = current_time('mysql');
$feedback_title = "{$comment_author} - {$feedback_mysql_time}";
$feedback_status = 'publish';
if ($is_spam === TRUE) {
$feedback_status = 'spam';
}
foreach ((array) $akismet_values as $av_key => $av_value) {
$akismet_values[$av_key] = Grunion_Contact_Form_Plugin::strip_tags($av_value);
}
foreach ((array) $all_values as $all_key => $all_value) {
$all_values[$all_key] = Grunion_Contact_Form_Plugin::strip_tags($all_value);
}
foreach ((array) $extra_values as $ev_key => $ev_value) {
$extra_values[$ev_key] = Grunion_Contact_Form_Plugin::strip_tags($ev_value);
}
/* We need to make sure that the post author is always zero for contact
* form submissions. This prevents export/import from trying to create
* new users based on form submissions from people who were logged in
* at the time.
*
* Unfortunately wp_insert_post() tries very hard to make sure the post
* author gets the currently logged in user id. That is how we ended up
* with this work around. */
add_filter('wp_insert_post_data', array($plugin, 'insert_feedback_filter'), 10, 2);
$post_id = wp_insert_post(array('post_date' => addslashes($feedback_mysql_time), 'post_type' => 'feedback', 'post_status' => addslashes($feedback_status), 'post_parent' => (int) $post->ID, 'post_title' => addslashes(wp_kses($feedback_title, array())), 'post_content' => addslashes(wp_kses($comment_content . "\n<!--more-->\n" . "AUTHOR: {$comment_author}\nAUTHOR EMAIL: {$comment_author_email}\nAUTHOR URL: {$comment_author_url}\nSUBJECT: {$contact_form_subject}\nIP: {$comment_author_IP}\n" . print_r($all_values, TRUE), array())), 'post_name' => md5($feedback_title)));
// once insert has finished we don't need this filter any more
remove_filter('wp_insert_post_data', array($plugin, 'insert_feedback_filter'), 10, 2);
update_post_meta($post_id, '_feedback_author', addslashes($comment_author));
update_post_meta($post_id, '_feedback_author_email', addslashes($comment_author_email));
update_post_meta($post_id, '_feedback_author_url', addslashes($comment_author_url));
update_post_meta($post_id, '_feedback_subject', addslashes($contact_form_subject));
update_post_meta($post_id, '_feedback_ip', addslashes($comment_author_IP));
update_post_meta($post_id, '_feedback_contact_form_url', addslashes(get_permalink($post->ID)));
update_post_meta($post_id, '_feedback_all_fields', $this->addslashes_deep($all_values));
update_post_meta($post_id, '_feedback_extra_fields', $this->addslashes_deep($extra_values));
update_post_meta($post_id, '_feedback_akismet_values', $this->addslashes_deep($akismet_values));
update_post_meta($post_id, '_feedback_email', $this->addslashes_deep(array('to' => $to, 'subject' => $subject, 'message' => $message, 'headers' => $headers)));
do_action('grunion_pre_message_sent', $post_id, $all_values, $extra_values);
// schedule deletes of old spam feedbacks
if (!wp_next_scheduled('grunion_scheduled_delete')) {
wp_schedule_event(time() + 250, 'daily', 'grunion_scheduled_delete');
}
if ($is_spam !== TRUE) {
wp_mail($to, "{$spam}{$subject}", $message, $headers);
} elseif (apply_filters('grunion_still_email_spam', FALSE) == TRUE) {
// don't send spam by default. Filterable.
wp_mail($to, "{$spam}{$subject}", $message, $headers);
}
if (defined('DOING_AJAX') && DOING_AJAX) {
return self::success_message($post_id, $this);
}
$redirect = wp_get_referer();
if (!$redirect) {
// wp_get_referer() returns false if the referer is the same as the current page
$redirect = $_SERVER['REQUEST_URI'];
}
$redirect = add_query_arg(urlencode_deep(array('contact-form-id' => $id, 'contact-form-sent' => $post_id, '_wpnonce' => wp_create_nonce("contact-form-sent-{$post_id}"))), $redirect);
$redirect = apply_filters('grunion_contact_form_redirect_url', $redirect, $id, $post_id);
wp_safe_redirect($redirect);
exit;
}