HEX
Server: Apache/2.4.65 (Debian)
System: Linux web6 5.10.0-36-amd64 #1 SMP Debian 5.10.244-1 (2025-09-29) x86_64
User: innocamp (1028)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Upload Files
File: /home/guardian/public_html/wp-content/plugins/mailchimp-for-wp/includes/forms/class-form.php
<?php

/**
 * Class MC4WP_Form
 *
 * Represents a Form object.
 *
 * To get a form instance, use `mc4wp_get_form( $id );` where `$id` is the post ID.
 *
 * @access public
 * @since 3.0
 */
class MC4WP_Form
{
    /**
     * @var array Array of instantiated form objects.
     */
    public static $instances = array();

    /**
     * @param int $post_id
     * @throws Exception
     */
    public static function throw_not_found_exception($post_id)
    {
        $message = sprintf(__('There is no form with ID %d, perhaps it was deleted?', 'mailchimp-for-wp'), $post_id);
        throw new Exception($message);
    }

    /**
     * Get a shared form instance.
     *
     * @param WP_Post|int $post Post instance or post ID.
     * @return MC4WP_Form
     * @throws Exception
     */
    public static function get_instance($post = 0)
    {
        if ($post instanceof WP_Post) {
            $post_id = $post->ID;
        } else {
            $post_id = (int) $post;

            if ($post_id === 0) {
                $post_id = (int) get_option('mc4wp_default_form_id', 0);
            }
        }

        if ($post_id === 0) {
            self::throw_not_found_exception($post_id);
        }

        if (isset(self::$instances[ $post_id ])) {
            return self::$instances[ $post_id ];
        }

        // get post object if we don't have it by now
        if (! $post instanceof WP_Post) {
            $post = get_post($post_id);
        }

        // check post object
        if (! $post instanceof WP_Post || $post->post_type !== 'mc4wp-form') {
            self::throw_not_found_exception($post_id);
        }

        // get all post meta in single call for performance
        $post_meta = (array) get_post_meta($post_id);
        $form      = new MC4WP_Form($post_id, $post, $post_meta);

        // store instance
        self::$instances[ $post_id ] = $form;

        return $form;
    }

    /**
     * @var int The form ID, matches the underlying post its ID
     */
    public $ID = 0;

    /**
     * @var string The form name
     */
    public $name = 'Default Form';

    /**
     * @var string The form HTML content
     */
    public $content = '';

    /**
     * @var array Array of settings
     */
    public $settings = array();

    /**
     * @var array Array of messages
     */
    public $messages = array();

    /**
     * @var array Array of notices to be shown when this form is rendered
     */
    public $notices = array();

    /**
     * @var array Array of error codes
     */
    public $errors = array();

    /**
     * @var bool Was this form submitted?
     */
    public $is_submitted = false;

    /**
     * @var array Array of the data that was submitted, in name => value pairs.
     *
     * Keys in this array are uppercased and keys starting with _ are stripped.
     */
    private $data = array();

    /**
     * @var array Array of the raw form data that was submitted.
     */
    public $raw_data = array();

    /**
     * @var array
     */
    public $config = array(
        'action'     => 'subscribe',
        'lists'      => array(),
        'email_type' => '',
        'element_id' => '',
    );

    /**
    * @var string
    */
    public $last_event = '';

    /**
    * @var string
    */
    public $status;

    /**
     * @param int $id The post ID
     * @param WP_Post $post
     * @param array $post_meta
     */
    public function __construct($id, WP_Post $post, array $post_meta = array())
    {
        $this->ID       = (int) $id;
        $this->name     = $post->post_title;
        $this->content  = $post->post_content;
        $this->status   = $post->post_status;
        $this->settings = $this->load_settings($post_meta);
        $this->messages = $this->load_messages($post_meta);

        // update config from settings
        $this->config['lists'] = $this->settings['lists'];
    }

    /**
     * @param string $name
     *
     * @return mixed
     */
    public function __get($name)
    {
        $method_name = sprintf('get_%s', $name);
        if (method_exists($this, $method_name)) {
            return $this->$method_name();
        }
    }


    /**
     * Gets the form response string
     *
     * This does not take the submitted form element into account.
     *
     * @see MC4WP_Form_Element::get_response_html()
     *
     * @return string
     */
    public function get_response_html()
    {
        return $this->get_element()->get_response_html(true);
    }

    /**
     * @param string $element_id
     * @param array $config
     * @return MC4WP_Form_element
     */
    public function get_element($element_id = 'mc4wp-form', array $config = array())
    {
        return new MC4WP_Form_Element($this, $element_id, $config);
    }

    /**
     * Get HTML string for this form.
     *
     * If you want to output a form, use `mc4wp_show_form` instead as it.
     *
     * @param string $element_id
     * @param array $config
     *
     * @return string
     */
    public function get_html($element_id = 'mc4wp-form', array $config = array())
    {
        $element = $this->get_element($element_id, $config);
        $html    = $element->generate_html();
        return $html;
    }


    /**
     * @param array $post_meta
     * @return array
     */
    protected function load_settings(array $post_meta = array())
    {
        $form             = $this;
        $default_settings = include MC4WP_PLUGIN_DIR . '/config/default-form-settings.php';

        // start with defaults
        $settings = $default_settings;

        // get custom settings from meta
        if (! empty($post_meta['_mc4wp_settings'])) {
            $meta = $post_meta['_mc4wp_settings'][0];
            $meta = (array) maybe_unserialize($meta);

            // ensure lists is an array
            if (empty($meta['lists'])) {
                $meta['lists'] = array();
            }

            // merge with current settings (defaults)
            $settings = array_merge($settings, $meta);
        }

        /**
         * Filters the form settings
         *
         * @since 3.0
         *
         * @param array $settings
         * @param MC4WP_Form $form
         */
        $settings = (array) apply_filters('mc4wp_form_settings', $settings, $form);

        return $settings;
    }

    /**
     * @param array $post_meta
     * @return array
     */
    protected function load_messages(array $post_meta = array())
    {
        $form = $this;

        // get default messages
        $default_messages = include MC4WP_PLUGIN_DIR . '/config/default-form-messages.php';

        // start with default messages
        $messages = $default_messages;

        /**
         * Filters the form messages
         *
         * @since 3.0
         *
         * @param array $registered_messages
         * @param MC4WP_Form $form
         */
        $messages = (array) apply_filters('mc4wp_form_messages', $messages, $form);

        // for backwards compatiblity, grab text of each message (if is array)
        foreach ($messages as $key => $message) {
            if (is_array($message) && isset($message['text'])) {
                $messages[ $key ] = $message['text'];
            }
        }

        foreach ($messages as $key => $message_text) {
            // overwrite default text with text in form meta.
            if (isset($post_meta[ 'text_' . $key ][0])) {
                $message_text = $post_meta[ 'text_' . $key ][0];
            }

            $messages[ $key ] = $message_text;
        }

        return $messages;
    }

    /**
     * Does this form has a field of the given type?
     *
     * @param string $type
     *
     * @return bool
     */
    public function has_field_type($type)
    {
        return in_array(strtolower($type), $this->get_field_types(), true);
    }

    /**
     * Get an array of field types which are present in this form.
     *
     * @return array
     */
    public function get_field_types()
    {
        preg_match_all('/type=\"(\w+)?\"/', strtolower($this->content), $result);
        $field_types = $result[1];
        return $field_types;
    }

    /**
    * Add notice to this form when it is rendered
    * @param string $text
    * @param string $type
    */
    public function add_notice($text, $type = 'notice')
    {
        $this->notices[] = new MC4WP_Form_Notice($text, $type);
    }

    /**
     * Output this form
     *
     * @return string
     */
    public function __toString()
    {
        return mc4wp_show_form($this->ID, array(), false);
    }

    /**
     * Get "redirect to url after success" setting for this form
     *
     * @return string
     */
    public function get_redirect_url()
    {
        $form = $this;
        $url  = trim($this->settings['redirect']);

        /**
         * Filters the redirect URL setting
         *
         * @since 3.0
         *
         * @param string $url
         * @param MC4WP_Form $form
         */
        $url = (string) apply_filters('mc4wp_form_redirect_url', $url, $form);
        return $url;
    }

    /**
     * Is this form valid?
     *
     * Will always return true if the form is not yet submitted. Otherwise, it will run validation and store any errors.
     * This method should be called before `get_errors()`
     *
     * @return bool
     */
    public function validate()
    {
        if (! $this->is_submitted) {
            return true;
        }

        $form   = $this;
        $errors = array();

        if (empty($this->config['lists'])) {
            $errors[] = 'no_lists_selected';
        }

        // perform some basic anti-spam checks
        // User-Agent header should be set and not bot-like
	    if (empty($_SERVER['HTTP_USER_AGENT']) || preg_match('/bot|crawl|spider|seo|lighthouse|facebookexternalhit|preview/i', $_SERVER['HTTP_USER_AGENT'])) {
	       	$errors[] = 'spam';
	    // _mc4wp_timestamp field should be between 1 week old (to deal with aggressively cached pages) and 2 seconds ago
	    } elseif (! isset($this->raw_data['_mc4wp_timestamp']) || $this->raw_data['_mc4wp_timestamp'] < (time() - DAY_IN_SECONDS * 7) || $this->raw_data['_mc4wp_timestamp'] > ( time() - 2 )) {
            $errors[] = 'spam';
        // _mc4wp_honeypot field should be submitted and empty
        } elseif (! isset($this->raw_data['_mc4wp_honeypot']) || '' !== $this->raw_data['_mc4wp_honeypot']) {
            $errors[] = 'spam';
        }

        if (empty($errors)) {
            // validate email field
            if (empty($this->data['EMAIL']) || ! is_email($this->data['EMAIL'])) {
                $errors[] = 'invalid_email';
            }

            // validate other required fields
            foreach ($this->get_required_fields() as $field) {
                $value = mc4wp_array_get($this->data, $field);

                // check for empty string or array here instead of empty() since we want to allow for "0" values.
                if ($value === '' || $value === array()) {
                    $errors[] = 'required_field_missing';
                    break;
                }
            }
        }

        /**
         * Filters whether this form has errors. Runs only when a form is submitted.
         * Expects an array of message keys with an error type (string).
         *
         * Beware: all non-string values added to this array will be filtered out.
         *
         * @since 3.0
         *
         * @param array $errors
         * @param MC4WP_Form $form
         */
        $errors = (array) apply_filters('mc4wp_form_errors', $errors, $form);

        // filter out all non-string values
        $this->errors = array_filter($errors, 'is_string');

        // return whether we have errors
        return ! $this->has_errors();
    }

    /**
     * Handle an incoming request. Should be called before calling validate() method.
     *
     * @see MC4WP_Form::validate
     * @param array $data
     * @return void
     */
    public function handle_request(array $data)
    {
        $this->is_submitted = true;
        $this->raw_data     = $data;
        $this->data         = $this->parse_request_data($data);
        $this->last_event   = '';

        // update form configuration from given data
        $config = array();
        $map    = array(
            '_mc4wp_lists'           => 'lists',
            '_mc4wp_action'          => 'action',
            '_mc4wp_form_element_id' => 'element_id',
            '_mc4wp_email_type'      => 'email_type',
        );

        // use isset here to allow empty lists (which should show a notice)
        foreach ($map as $param_key => $config_key) {
            if (isset($this->raw_data[ $param_key ])) {
                $value = $this->raw_data[ $param_key ];
                if (is_array($value)) {
                    $value = array_filter($value);
                }

                $config[ $config_key ] = $value;
            }
        }

        if (! empty($config)) {
            $this->set_config($config);
        }
    }

    /**
     * Parse a request for data which should be binded to `$data` property.
     *
     * This does the following on all post data.
     *
     * - Removes fields starting with an underscore.
     * - Remove fields which are set to be ignored.
     * - Uppercase all field names
     *
     * @param array $data
     *
     * @return array
     */
    protected function parse_request_data(array $data)
    {
        $form                = $this;
        $filtered            = array();
        $ignored_field_names = array();

        /**
        * Filters field names which should be ignored when showing data.
        *
        * @since 3.0
        *
        * @param array $ignored_field_names Array of ignored field names
        * @param MC4WP_Form $form The form instance.
        */
        $ignored_field_names = apply_filters('mc4wp_form_ignored_field_names', $ignored_field_names, $form);

        foreach ($data as $key => $value) {
            // skip fields in ignored field names
            if ($key[0] === '_' || in_array($key, $ignored_field_names, true)) {
                continue;
            }

            // uppercase key
            $key = strtoupper($key);

            // filter empty array values
            if (is_array($value)) {
                $value = array_filter($value);
            }

            $filtered[ $key ] = $value;
        }

        return $filtered;
    }

    /**
     * Update configuration for this form
     *
     * @param array $config
     * @return array
     */
    public function set_config(array $config)
    {
        $this->config = array_merge($this->config, $config);

        // make sure lists is an array
        if (! is_array($this->config['lists'])) {
            $this->config['lists'] = array_map('trim', explode(',', $this->config['lists']));
        }

        // make sure action is valid
        if (! in_array($this->config['action'], array( 'subscribe', 'unsubscribe' ), true)) {
            $this->config['action'] = 'subscribe';
        }

        // email_type should be a valid value
        if (! in_array($this->config['email_type'], array( 'html', 'text' ), true)) {
            $this->config['email_type'] = '';
        }

        return $this->config;
    }

    /**
     * Get ID's of Mailchimp lists this form subscribes to
     *
     * @return array
     */
    public function get_lists()
    {
        $lists = $this->config['lists'];
        $form  = $this;

        /**
         * Filters Mailchimp lists new subscribers should be added to.
         *
         * @param array $lists
         */
        $lists = (array) apply_filters('mc4wp_lists', $lists);

        /**
         * Filters Mailchimp lists new subscribers coming from this form should be added to.
         *
         * @param array $lists
         * @param MC4WP_Form $form
         */
        $lists = (array) apply_filters('mc4wp_form_lists', $lists, $form);

        // filter out empty array elements
        $lists = array_filter($lists);

        return $lists;
    }

    /**
     * Does this form have errors?
     *
     * Should always evaluate to false when form has not been submitted.
     *
     * @see `mc4wp_form_errors` filter.
     * @return bool
     */
    public function has_errors()
    {
        return count($this->errors) > 0;
    }

    /**
     * Add an error to this form
     *
     * @param string $error_code
     */
    public function add_error($error_code)
    {
        // only add each error once
        if (! in_array($error_code, $this->errors, true)) {
            $this->errors[] = $error_code;
        }
    }

    /**
     * Get the form action
     *
     * Valid return values are "subscribe" and "unsubscribe"
     *
     * @return string
     */
    public function get_action()
    {
        return $this->config['action'];
    }

    /**
     * @return array
     */
    public function get_data()
    {
        $data = $this->data;
        $form = $this;

        /**
         * Filters the form data.
         *
         * @param array $data
         * @param MC4WP_Form $form
         */
        $data = apply_filters('mc4wp_form_data', $data, $form);

        return $data;
    }

    /**
     * @return array
     */
    public function get_raw_data()
    {
        return $this->raw_data;
    }

    /**
     * Get array of name attributes for the required fields in this form.
     *
     * @return array
     */
    public function get_required_fields()
    {
        $form = $this;

        // explode required fields (generated in JS) to an array (uppercased)
        $required_fields_string = strtoupper($this->settings['required_fields']);

        // remove array-formatted fields
        // workaround for #261 (https://github.com/ibericode/mailchimp-for-wordpress/issues/261)
        $required_fields_string = preg_replace('/\[\w+\]/', '', $required_fields_string);

        // turn into an array
        $required_fields = explode(',', $required_fields_string);

        // EMAIL is not a required field as it has its own validation rules
        $required_fields = array_diff($required_fields, array( 'EMAIL' ));

        // filter duplicate & empty values
        $required_fields = array_unique($required_fields);
        $required_fields = array_filter($required_fields);

        // fix uppercased subkeys, see https://github.com/ibericode/mailchimp-for-wordpress/issues/516
        foreach ($required_fields as $key => $value) {
            $pos = strpos($value, '.');
            if ($pos > 0) {
                $required_fields[ $key ] = substr($value, 0, $pos) . strtolower(substr($value, $pos));
            }
        }

        /**
         * Filters the required fields for a form
         *
         * By default, this holds the following fields.
         *
         * - All fields which are required for the selected Mailchimp lists
         * - All fields in the form with a `required` attribute.
         *
         * @param array $required_fields
         * @param MC4WP_Form $form
         */
        $required_fields = (array) apply_filters('mc4wp_form_required_fields', $required_fields, $form);

        return $required_fields;
    }

    /**
     * Get "email_type" setting for new Mailchimp subscribers added by this form.
     *
     * @return string
     */
    public function get_email_type()
    {
        $email_type = $this->config['email_type'];

        if (empty($email_type)) {
            $email_type = mc4wp_get_email_type();
        }

        return $email_type;
    }

    /**
     * Gets the filename of the stylesheet to load for this form.
     *
     * @return string
     */
    public function get_stylesheet()
    {
        $stylesheet = $this->settings['css'];

        if (empty($stylesheet)) {
            return '';
        }

        // form themes live in the same stylesheet
        if (strpos($stylesheet, 'theme-') !== false) {
            $stylesheet = 'themes';
        }

        return $stylesheet;
    }

    /**
    * @param string $key
    * @return string
    */
    public function get_message($key)
    {
        $message = isset($this->messages[ $key ]) ? $this->messages[ $key ] : $this->messages['error'];

        if ($key === 'no_lists_selected' && current_user_can('manage_options')) {
            $message .= sprintf(' (<a href="%s">%s</a>)', mc4wp_get_edit_form_url($this->ID, 'settings'), 'edit form settings');
        }

        return $message;
    }

    /**
     * @since 4.4
     * @return array
     */
    public function get_subscriber_tags()
    {
        if (empty($this->settings['subscriber_tags'])) {
            return array();
        }

        $tags = explode(',', $this->settings['subscriber_tags']);
        $tags = array_map('trim', $tags);

        // remove empty tag values
        foreach ($tags as $i => $tag) {
            if ($tag === '') {
                unset($tags[ $i ]);
            }
        }

        return array_values($tags);
    }
}