API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 19th, 2011
180
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.90 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*
  4. Plugin Name: Send E-mail
  5. Description: Add a contact form to any post, page or text widget. Messages will be sent to any email address you choose. As seen on wordpress.com with added i18n.
  6. Plugin URI: http://www.paulox.net/software-libero/send-e-mail
  7. Author: Paolo Melchiorre
  8. Author URI: http://www.paulox.net
  9. Version: 1.3
  10. */
  11.  
  12. function contact_form_shortcode( $atts ) {
  13. global $post;
  14.  
  15. $default_to = get_option( 'admin_email' );
  16. $default_subject = "[" . get_option( 'blogname' ) . "]";
  17.  
  18. if ( $atts['widget'] ) {
  19. $default_subject .= " Sidebar";
  20. } elseif ( $post->ID ) {
  21. $default_subject .= " ". wp_kses( $post->post_title, array() );
  22. $post_author = get_userdata( $post->post_author );
  23. $default_to = $post_author->user_email;
  24. }
  25.  
  26. extract( shortcode_atts( array(
  27. 'to' => $default_to,
  28. 'subject' => $default_subject,
  29. 'show_subject' => 'no',
  30. 'widget' => 0 //This is not exposed to the user. Works with contact_form_widget_atts
  31. ), $atts ) );
  32.  
  33. if ( ( function_exists( 'faux_faux' ) && faux_faux() ) || is_feed() )
  34. return '[contact-form]';
  35.  
  36. global $wp_query, $contact_form_errors, $contact_form_values, $user_identity, $contact_form_last_id;
  37.  
  38. if ( $widget )
  39. $id = 'widget-' . $widget;
  40. elseif ( is_singular() )
  41. $id = $wp_query->get_queried_object_id();
  42. else
  43. $id = $GLOBALS['post']->ID;
  44. if ( !$id ) // something terrible has happened
  45. return '[contact-form]';
  46.  
  47. if ( $id == $contact_form_last_id )
  48. return;
  49. else
  50. $contact_form_last_id = $id;
  51.  
  52. ob_start();
  53. wp_nonce_field( 'contact-form_' . $id );
  54. $nonce = ob_get_contents();
  55. ob_end_clean();
  56.  
  57. $message_sent = contact_form_send_message( $to, $subject, $widget );
  58.  
  59. if ( is_array( $contact_form_values ) )
  60. extract( $contact_form_values );
  61.  
  62. foreach ( array( 'comment_author', 'comment_author_email', 'comment_author_url' ) as $k )
  63. if ( !isset( $$k ) )
  64. $$k = '';
  65. else
  66. $$k = attribute_escape( $$k );
  67. $comment_author_url = $comment_author_url ? $comment_author_url : 'http://';
  68.  
  69. if ( !isset( $comment_content ) )
  70. $comment_content = '';
  71. else
  72. $comment_content = wp_specialchars( $comment_content );
  73.  
  74. $emails = str_replace( ' ', '', $to );
  75. $emails = explode( ',', $emails );
  76. foreach ( (array) $emails as $email ) {
  77. if ( is_email( $email ) && ( !function_exists( 'is_email_address_unsafe' ) || !is_email_address_unsafe( $email ) ) )
  78. $valid_emails[] = $email;
  79. }
  80. $to = ( $valid_emails ) ? $valid_emails : $default_to;
  81.  
  82. $r = "<div id='contact-form-$id'>\n";
  83.  
  84. $errors = array();
  85. if ( is_wp_error( $contact_form_errors ) && $errors = (array) $contact_form_errors->get_error_codes() ) :
  86. $r .= "<div class='form-error'>\n<h3>" . __( "Caution:" ) . "</h3>\n<p>\n";
  87. foreach ( $contact_form_errors->get_error_messages() as $message )
  88. $r .= "\t$message<br />\n";
  89. $r .= "</p>\n</div>\n\n";
  90. elseif ( $message_sent ) :
  91. $r .= "<h3>" . __( 'Success!' ) . "</h3>\n\n";
  92. $r .= wpautop( $comment_content ) . "</div>";
  93.  
  94. // Reset for multiple contact forms. Hacky
  95. $contact_form_values['comment_content'] = '';
  96.  
  97. return $r;
  98. endif;
  99.  
  100. $r .= "<form action='#contact-form-$id' method='post' class='contact-form commentsblock'>\n";
  101. if ( is_user_logged_in() ) :
  102. $r .= "\t<p>" . sprintf( __('Logged in as <a href="%1$s">%2$s</a>.'), get_option('siteurl') . '/wp-admin/profile.php', $user_identity ) . " <a href='" . wp_logout_url(get_permalink()) . "' title='" . __('Log out of this account') . "'>" . __('Log out &raquo;') . "</a></p>\n";
  103. else :
  104. $r .= "\n<p>\n";
  105. $r .= "\t\t<input type='text' name='comment_author' id='name-$id' value='$comment_author' class='textbox' size='35' tabindex='1' />\n";
  106. $r .= "\t\t<label for='name-$id' class='name" . ( in_array( 'comment_author', $errors ) ? ' form-error' : '' ) . "'>" . __('Name') ." <small><em>" . __('(required)') . "</em></small></label>\n";
  107. $r .= "\t</p>\n";
  108. $r .= "\n<p>\n";
  109. $r .= "\t\t<input type='text' name='comment_author_email' id='email-$id' value='$comment_author_email' class='textbox' size='35' tabindex='2' />\n";
  110. $r .= "\t\t<label for='email-$id' class='email" . ( in_array( 'comment_author_email', $errors ) ? ' form-error' : '' ) . "'>" . __('E-mail') ." <small><em>" . __('(required)') . "</em></small></label>\n";
  111. $r .= "\t</p>\n";
  112. $r .= "\n<p>\n";
  113. $r .= "\t\t<input type='text' name='comment_author_url' id='url-$id' value='$comment_author_url' class='textbox' size='35' tabindex='3' />\n";
  114. $r .= "\t\t<label for='url-$id' class='url'>" . __( 'Website' ) . "</label>\n";
  115. $r .= "\t</p>\n";
  116. endif;
  117. if ( 'yes' == strtolower( $show_subject ) ) {
  118. $r .= "\n<p>\n";
  119. $r .= "\t\t<input type='text' name='contact_form_subject' id='subject-$id' value='" . esc_attr( $subject ) . "' class='textbox'/>\n";
  120. $r .= "\t\t<label for='subject-$id' class='subject'>" . __( 'Subject' ) . "</label>\n";
  121. $r .= "\t</p>\n";
  122. }
  123. $r .= "\n<p>\n";
  124. $r .= "\t\t<textarea name='comment_content' id='contact-form-comment-$id' cols='60' rows='10' tabindex='4'>$comment_content</textarea>\n";
  125. $r .= "\t</p>\n";
  126. $r .= "\t<p class='contact-submit'>\n";
  127. $r .= "\t\t<input style='text-transform:capitalize' type='submit' tabindex='5' value='" . __( "send e-mail" ) . "' class='pushbutton-wide'/>\n";
  128. $r .= "\t\t$nonce\n";
  129. $r .= "\t\t<input type='hidden' name='contact-form-id' value='$id' />\n";
  130. $r .= "\t</p>\n";
  131. $r .= "</form>\n</div>";
  132.  
  133. return $r;
  134. }
  135. add_shortcode( 'contact-form', 'contact_form_shortcode' );
  136.  
  137. function contact_form_send_message( $to, $subject, $widget ) {
  138. global $post;
  139.  
  140. if ( !isset( $_POST['contact-form-id'] ) )
  141. return;
  142.  
  143. if ( ( $widget && 'widget-' . $widget != $_POST['contact-form-id'] ) || ( !$widget && $post->ID != $_POST['contact-form-id'] ) )
  144. return;
  145.  
  146. if ( $widget )
  147. check_admin_referer( 'contact-form_widget-' . $widget );
  148. else
  149. check_admin_referer( 'contact-form_' . $post->ID );
  150.  
  151. global $contact_form_values, $contact_form_errors, $current_user, $user_identity;
  152.  
  153. $contact_form_values = array();
  154. $contact_form_errors = new WP_Error();
  155.  
  156. list($comment_author, $comment_author_email, $comment_author_url) = is_user_logged_in() ?
  157. add_magic_quotes( array( $user_identity, $current_user->data->user_email, $current_user->data->user_url ) ) :
  158. array( $_POST['comment_author'], $_POST['comment_author_email'], $_POST['comment_author_url'] );
  159.  
  160. if ( !$comment_author = stripslashes( apply_filters( 'pre_comment_author_name', $comment_author ) ) )
  161. $contact_form_errors->add( 'comment_author', __('Error: please fill the required fields (name, email).') );
  162.  
  163. $comment_author_email = stripslashes( apply_filters( 'pre_comment_author_email', $comment_author_email ) );
  164. if ( !is_email( $comment_author_email ) )
  165. $contact_form_errors->add( 'comment_author_email', __( 'Error: please enter a valid email address.' ) );
  166.  
  167. $comment_author_url = stripslashes( apply_filters( 'pre_comment_author_url', $comment_author_url ) );
  168. if ( 'http://' == $comment_author_url )
  169. $comment_author_url = '';
  170.  
  171. $comment_content = stripslashes( $_POST['comment_content'] );
  172. $comment_content = trim( wp_kses( $comment_content, array() ) );
  173. if ( !$comment_content )
  174. $contact_form_errors->add( 'comment_content', __( 'Error: please type a comment.' ) );
  175.  
  176. $contact_form_subject = stripslashes( $_POST['contact_form_subject'] );
  177. $contact_form_subject = trim( wp_kses( $contact_form_subject, array() ) );
  178. if ( !$contact_form_subject )
  179. $contact_form_subject = $subject;
  180.  
  181. $vars = array( 'comment_author', 'comment_author_email', 'comment_author_url', 'contact_form_subject' );
  182. foreach ( $vars as $var )
  183. $$var = str_replace( array("\n", "\r" ), '', $$var ); // I don't know if it's possible to inject this
  184. $vars[] = 'comment_content';
  185.  
  186. $contact_form_values = compact( $vars );
  187.  
  188. if ( $contact_form_errors->get_error_codes() )
  189. return;
  190.  
  191. $spam = '';
  192. $is_spam = contact_form_is_spam( $contact_form_values );
  193. if ( is_wp_error( $is_spam ) )
  194. return; // abort
  195. else if ( $is_spam )
  196. $spam = '***SPAM*** ';
  197.  
  198. $headers = "From: $comment_author <$comment_author_email>\n" .
  199. "Reply-To: $comment_author_email\n" .
  200. "Content-Type: text/plain; charset=\"" . get_option('blog_charset') . "\"\n";
  201.  
  202. $subject = apply_filters( 'contact_form_subject', $spam . $contact_form_subject );
  203. $time_string = __('Y-m-d G:i:s');
  204. $time = date_i18n( __($time_string), current_time( 'timestamp' ) );
  205. $ip = preg_replace( '/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR'] );
  206.  
  207. $message = "$comment_content
  208.  
  209. --
  210. ";
  211. $message .= __("Name");
  212. $message .= ": $comment_author (";
  213. $message .= is_user_logged_in() ?
  214. __( "OK" ) :
  215. __( "Invalid user ID." );
  216. $message .= ")
  217. ";
  218. $message .= __("E-mail");
  219. $message .= ": $comment_author_email
  220. ";
  221. $message .= __("Website");
  222. $message .= ": $comment_author_url
  223. ";
  224. $message .= __("IP");
  225. $message .= ": $ip
  226. ";
  227.  
  228. $message = apply_filters( 'contact_form_message', $message );
  229.  
  230. $to = apply_filters( 'contact_form_to', $to );
  231.  
  232. return wp_mail( $to, $subject, $message, $headers );
  233. }
  234.  
  235. /*
  236. * @return true: it's spam, mark it as such
  237. * false: it's not spam, let it ride
  238. * WP_Error: it's spam, abort
  239. */
  240. function contact_form_is_spam( $form ) {
  241. return apply_filters( 'contact_form_is_spam', false, $form );
  242. }
  243.  
  244. function contact_form_is_spam_akismet( $return, $form ) {
  245. global $akismet_api_host, $akismet_api_port;
  246.  
  247. $form['comment_type'] = 'contact_form';
  248. $form['user_ip'] = preg_replace( '/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR'] );
  249. $form['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
  250. $form['referrer'] = $_SERVER['HTTP_REFERER'];
  251. $form['blog'] = get_option( 'home' );
  252.  
  253. $ignore = array( 'HTTP_COOKIE' );
  254.  
  255. foreach ( $_SERVER as $k => $value )
  256. if ( !in_array( $k, $ignore ) && is_string( $value ) )
  257. $form["$k"] = $value;
  258.  
  259. $query_string = '';
  260. foreach ( array_keys( $form ) as $k )
  261. $query_string .= $k . '=' . urlencode( $form[$k] ) . '&';
  262.  
  263. $response = akismet_http_post( $query_string, $akismet_api_host, '/1.1/comment-check', $akismet_api_port );
  264. if ( 'true' == trim( $response[1] ) ) // 'true' is spam
  265. return new WP_Error( 'akismet' ); // abort
  266. return $return;
  267. }
  268.  
  269. function contact_form_widget_atts( $text ) {
  270. static $widget = 0;
  271.  
  272. $widget++;
  273.  
  274. return str_replace( '[contact-form', '[contact-form widget="' . $widget . '"', $text );
  275. }
  276. add_filter( 'widget_text', 'contact_form_widget_atts', 0 );
  277.  
  278. function contact_form_widget_shortcode_hack( $text ) {
  279. $old = $GLOBALS['shortcode_tags'];
  280. remove_all_shortcodes();
  281. add_shortcode( 'contact-form', 'contact_form_shortcode' );
  282. $text = do_shortcode( $text );
  283. $GLOBALS['shortcode_tags'] = $old;
  284. return $text;
  285. }
  286.  
  287. function contact_form_init() {
  288. if ( function_exists( 'akismet_http_post' ) )
  289. add_filter( 'contact_form_is_spam', 'contact_form_is_spam_akismet', 10, 2 );
  290. if ( !has_filter( 'widget_text', 'do_shortcode' ) )
  291. add_filter( 'widget_text', 'contact_form_widget_shortcode_hack', 5 );
  292. }
  293. add_action( 'init', 'contact_form_init' );
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!