Advertisement
Guest User

wp-customer-reviews (random testimonials)

a guest
Feb 13th, 2013
193
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 59.40 KB | None | 0 0
  1. <?php
  2. /*
  3.  * Plugin Name: WP Customer Reviews
  4.  * Plugin URI: http://www.gowebsolutions.com/plugins/wp-customer-reviews/
  5.  * Description: WP Customer Reviews allows your customers and visitors to leave reviews or testimonials of your services. Reviews are Microformat enabled (hReview).
  6.  * Version: 2.4.5
  7.  * Revision Date: June 7, 2012
  8.  * Requires at least: WP 2.8.6
  9.  * Tested up to: WP 3.4
  10.  * Author: Go Web Solutions
  11.  * Author URI: http://www.gowebsolutions.com/
  12.  * License: GNU General Public License
  13.  *
  14.  * This program is free software; you can redistribute it and/or modify
  15.  * it under the terms of the GNU General Public License as published by
  16.  * the Free Software Foundation; either version 2 of the License, or
  17.  * (at your option) any later version.
  18.  *
  19.  * This program is distributed in the hope that it will be useful,
  20.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  22.  * GNU General Public License for more details.
  23.  *
  24.  * You should have received a copy of the GNU General Public License
  25.  * along with this program; if not, write to the Free Software
  26.  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  27.  *
  28.  */
  29.  
  30. class WPCustomerReviews {
  31.  
  32.     var $dbtable = 'wpcreviews';
  33.     var $force_active_page = false;
  34.     var $got_aggregate = false;
  35.     var $options = array();
  36.     var $p = '';
  37.     var $page = 1;
  38.     var $plugin_version = '0.0.0';
  39.     var $shown_form = false;
  40.     var $shown_hcard = false;
  41.     var $status_msg = '';
  42.  
  43.     function WPCustomerReviews() {
  44.         global $wpdb;
  45.  
  46.         define('IN_WPCR', 1);
  47.        
  48.         /* uncomment the below block to display strict/notice errors */
  49.         /*
  50.         restore_error_handler();
  51.         error_reporting(E_ALL);
  52.         ini_set('error_reporting', E_ALL);
  53.         ini_set('html_errors',TRUE);
  54.         ini_set('display_errors',TRUE);
  55.         */
  56.  
  57.         $this->dbtable = $wpdb->prefix . $this->dbtable;
  58.         $this->plugin_version = $this->plugin_get_version();
  59.  
  60.         add_action('the_content', array(&$this, 'do_the_content'), 10); /* prio 10 prevents a conflict with some odd themes */
  61.         add_action('init', array(&$this, 'init')); /* init also tries to insert script/styles */
  62.         add_action('admin_init', array(&$this, 'admin_init'));
  63.                
  64.         /* try multiple methods of inserting our scripts and styles */
  65.         /*
  66.         add_action('wp_print_styles',array(&$this, 'add_style_script'));
  67.         add_action('wp_print_scripts',array(&$this, 'add_style_script'));
  68.         add_action('wp_head',array(&$this, 'add_style_script'), 0);
  69.         */
  70.        
  71.         add_action('template_redirect',array(&$this, 'template_redirect')); /* handle redirects and form posts, and add style/script if needed */
  72.        
  73.         add_action('admin_menu', array(&$this, 'addmenu'));
  74.         add_action('wp_ajax_update_field', array(&$this, 'admin_view_reviews')); /* special ajax stuff */
  75.         add_action('save_post', array(&$this, 'admin_save_post'), 10, 2); /* 2 arguments */
  76.        
  77.         add_filter('plugin_action_links_' . plugin_basename(__FILE__), array(&$this, 'plugin_settings_link'));
  78.     }
  79.  
  80.     /* keep out of admin file */
  81.     function plugin_settings_link($links) {
  82.         $url = get_admin_url().'options-general.php?page=wpcr_options';
  83.         $settings_link = '<a href="'.$url.'"><img src="' . $this->getpluginurl() . 'star.png" />&nbsp;Settings</a>';
  84.         array_unshift($links, $settings_link);
  85.         return $links;
  86.     }
  87.  
  88.     /* keep out of admin file */
  89.     function addmenu() {
  90.         add_options_page('Customer Reviews', '<img src="' . $this->getpluginurl() . 'star.png" />&nbsp;Customer Reviews', 'manage_options', 'wpcr_options', array(&$this, 'admin_options'));
  91.         add_menu_page('Customer Reviews', 'Customer Reviews', 'edit_others_posts', 'wpcr_view_reviews', array(&$this, 'admin_view_reviews'), $this->getpluginurl() . 'star.png', 50); /* 50 should be underneath comments */
  92.  
  93.         global $WPCustomerReviewsAdmin;
  94.         $this->include_admin(); /* include admin functions */
  95.         $WPCustomerReviewsAdmin->wpcr_add_meta_box();
  96.     }
  97.  
  98.     /* forward to admin file */
  99.     function admin_options() {
  100.         global $WPCustomerReviewsAdmin;
  101.         $this->include_admin(); /* include admin functions */
  102.         $WPCustomerReviewsAdmin->real_admin_options();
  103.     }
  104.  
  105.     /* forward to admin file */
  106.     function admin_save_post($post_id, $post) {
  107.         global $WPCustomerReviewsAdmin;
  108.         $this->include_admin(); /* include admin functions */
  109.         $WPCustomerReviewsAdmin->real_admin_save_post($post_id);
  110.     }
  111.  
  112.     /* forward to admin file */
  113.     function admin_view_reviews() {
  114.         global $WPCustomerReviewsAdmin;
  115.         $this->include_admin(); /* include admin functions */
  116.         $WPCustomerReviewsAdmin->real_admin_view_reviews();
  117.     }
  118.    
  119.     /* returns current plugin version */
  120.     function plugin_get_version() {
  121.         require_once( ABSPATH . 'wp-admin/includes/plugin.php');
  122.         $plugin_data = get_plugin_data( __FILE__ );
  123.         $plugin_version = $plugin_data['Version'];
  124.         return $plugin_version;
  125.     }
  126.    
  127.     function get_jumplink_for_review($review,$page) {
  128.         /* $page will be 1 for shortcode usage since it pulls most recent, which SHOULD all be on page 1 */
  129.         $link = get_permalink( $review->page_id );
  130.        
  131.         if (strpos($link,'?') === false) {
  132.             $link = trailingslashit($link) . "?wpcrp=$page#hreview-$review->id";
  133.         } else {
  134.             $link = $link . "&wpcrp=$page#hreview-$review->id";
  135.         }
  136.        
  137.         return $link;
  138.     }
  139.  
  140.     function get_options() {
  141.         $home_domain = @parse_url(get_home_url());
  142.         $home_domain = $home_domain['scheme'] . "://" . $home_domain['host'] . '/';
  143.  
  144.         $default_options = array(
  145.             'act_email' => '',
  146.             'act_uniq' => '',
  147.             'activate' => 0,
  148.             'ask_custom' => array(),
  149.             'ask_fields' => array('fname' => 1, 'femail' => 1, 'fwebsite' => 1, 'ftitle' => 1, 'fage' => 0, 'fgender' => 0),
  150.             'business_city' => '',
  151.             'business_country' => 'USA',
  152.             'business_email' => get_bloginfo('admin_email'),
  153.             'business_name' => get_bloginfo('name'),
  154.             'business_phone' => '',
  155.             'business_state' => '',
  156.             'business_street' => '',
  157.             'business_url' => $home_domain,
  158.             'business_zip' => '',
  159.             'dbversion' => 0,
  160.             'enable_posts_default' => 0,
  161.             'enable_pages_default' => 0,
  162.             'field_custom' => array(),
  163.             'form_location' => 0,
  164.             'goto_leave_text' => 'Click here to submit your review.',
  165.             'goto_show_button' => 1,
  166.             'hreview_type' => 'business',
  167.             'leave_text' => 'Submit your review',
  168.             'require_custom' => array(),
  169.             'require_fields' => array('fname' => 1, 'femail' => 1, 'fwebsite' => 0, 'ftitle' => 0, 'fage' => 0, 'fgender' => 0),
  170.             'reviews_per_page' => 10,
  171.             'show_custom' => array(),
  172.             'show_fields' => array('fname' => 1, 'femail' => 0, 'fwebsite' => 0, 'ftitle' => 1, 'fage' => 0, 'fgender' => 0),
  173.             'show_hcard' => 1,
  174.             'show_hcard_on' => 1,
  175.             'submit_button_text' => 'Submit your review',
  176.             'support_us' => 1,
  177.             'title_tag' => 'h2'
  178.         );
  179.        
  180.         $this->options = get_option('wpcr_options', $default_options);
  181.  
  182.         /* magically easy migrations to newer versions */
  183.         $has_new = false;
  184.         foreach ($default_options as $col => $def_val) {
  185.  
  186.             if (!isset($this->options[$col])) {
  187.                 $this->options[$col] = $def_val;
  188.                 $has_new = true;
  189.             }
  190.  
  191.             if (is_array($def_val)) {
  192.                 foreach ($def_val as $acol => $aval) {
  193.                     if (!isset($this->options[$col][$acol])) {
  194.                         $this->options[$col][$acol] = $aval;
  195.                         $has_new = true;
  196.                     }
  197.                 }
  198.             }
  199.         }
  200.  
  201.         if ($has_new) {
  202.             update_option('wpcr_options', $this->options);
  203.         }
  204.     }
  205.  
  206.     function make_p_obj() {
  207.         $this->p = new stdClass();
  208.  
  209.         foreach ($_GET as $c => $val) {
  210.             if (is_array($val)) {
  211.                 $this->p->$c = $val;
  212.             } else {
  213.                 $this->p->$c = trim(stripslashes($val));
  214.             }
  215.         }
  216.  
  217.         foreach ($_POST as $c => $val) {
  218.             if (is_array($val)) {
  219.                 $this->p->$c = $val;
  220.             } else {
  221.                 $this->p->$c = trim(stripslashes($val));
  222.             }
  223.         }
  224.     }
  225.  
  226.     function check_migrate() {
  227.         global $wpdb;
  228.         $migrated = false;
  229.  
  230.         /* remove me after official release */
  231.         $current_dbversion = intval(str_replace('.', '', $this->options['dbversion']));
  232.         $plugin_db_version = intval(str_replace('.', '', $this->plugin_version));
  233.  
  234.         if ($current_dbversion == $plugin_db_version) {
  235.             return false;
  236.         }
  237.        
  238.         global $WPCustomerReviewsAdmin;
  239.         $this->include_admin(); /* include admin functions */
  240.         $WPCustomerReviewsAdmin->createUpdateReviewtable(); /* creates AND updates table */
  241.  
  242.         /* initial installation */
  243.         if ($current_dbversion == 0) {
  244.             $this->options['dbversion'] = $plugin_db_version;
  245.             $current_dbversion = $plugin_db_version;
  246.             update_option('wpcr_options', $this->options);
  247.             return false;
  248.         }
  249.  
  250.         /* check for upgrades if needed */
  251.  
  252.         /* upgrade to 2.0.0 */
  253.         if ($current_dbversion < 200) {
  254.             /* add multiple page support to database */
  255.  
  256.             /* change all current reviews to use the selected page id */
  257.             $pageID = intval($this->options['selected_pageid']);
  258.             $wpdb->query("UPDATE `$this->dbtable` SET `page_id`=$pageID WHERE `page_id`=0");
  259.  
  260.             /* add new meta to existing selected page */
  261.             update_post_meta($pageID, 'wpcr_enable', 1);
  262.  
  263.             $this->options['dbversion'] = 200;
  264.             $current_dbversion = 200;
  265.             update_option('wpcr_options', $this->options);
  266.             $migrated = true;
  267.         }
  268.  
  269.         /* done with all migrations, push dbversion to current version */
  270.         if ($current_dbversion != $plugin_db_version || $migrated == true) {
  271.             $this->options['dbversion'] = $plugin_db_version;
  272.             $current_dbversion = $plugin_db_version;
  273.             update_option('wpcr_options', $this->options);
  274.  
  275.             global $WPCustomerReviewsAdmin;
  276.             $this->include_admin(); /* include admin functions */
  277.             $WPCustomerReviewsAdmin->notify_activate(3);
  278.             $WPCustomerReviewsAdmin->force_update_cache(); /* update any caches */
  279.  
  280.             return true;
  281.         }
  282.  
  283.         return false;
  284.     }
  285.    
  286.     function is_active_page() {
  287.         global $post;
  288.        
  289.         $has_shortcode = $this->force_active_page;
  290.         if ( $has_shortcode !== false ) {
  291.             return 'shortcode';
  292.         }
  293.        
  294.         if ( !isset($post) || !isset($post->ID) || intval($post->ID) == 0 ) {
  295.             return false; /* we can only use the plugin if we have a valid post ID */
  296.         }
  297.        
  298.         if (!is_singular()) {
  299.             return false; /* not on a single post/page view */
  300.         }
  301.        
  302.         $wpcr_enabled_post = get_post_meta($post->ID, 'wpcr_enable', true);
  303.         if ( $wpcr_enabled_post ) {
  304.             return 'enabled';
  305.         }
  306.        
  307.         return false;
  308.     }
  309.    
  310.     function add_style_script() {
  311.         /* to prevent compatibility issues and for shortcodes, add to every page */
  312.         wp_enqueue_style('wp-customer-reviews');
  313.         wp_enqueue_script('wp-customer-reviews');
  314.     }
  315.    
  316.     function template_redirect() {
  317.    
  318.         /* do this in template_redirect so we can try to redirect cleanly */
  319.         global $post;
  320.         if (!isset($post) || !isset($post->ID)) {
  321.             $post = new stdClass();
  322.             $post->ID = 0;
  323.         }
  324.        
  325.         if (isset($_COOKIE['wpcr_status_msg'])) {
  326.             $this->status_msg = $_COOKIE['wpcr_status_msg'];
  327.             if ( !headers_sent() ) {
  328.                 setcookie('wpcr_status_msg', '', time() - 3600); /* delete the cookie */
  329.                 unset($_COOKIE['wpcr_status_msg']);
  330.             }
  331.         }
  332.        
  333.         $GET_P = "submitwpcr_$post->ID";
  334.  
  335.         if ($post->ID > 0 && isset($this->p->$GET_P) && $this->p->$GET_P == $this->options['submit_button_text'])
  336.         {
  337.             $msg = $this->add_review($post->ID);
  338.             $has_error = $msg[0];
  339.             $status_msg = $msg[1];
  340.             $url = get_permalink($post->ID);
  341.             $cookie = array('wpcr_status_msg' => $status_msg);
  342.             $this->wpcr_redirect($url, $cookie);
  343.         }
  344.     }
  345.    
  346.     function rand_string($length) {
  347.         $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
  348.         $str = '';
  349.  
  350.         $size = strlen($chars);
  351.         for ($i = 0; $i < $length; $i++) {
  352.             $str .= $chars[rand(0, $size - 1)];
  353.         }
  354.  
  355.         return $str;
  356.     }
  357.  
  358.     function get_aggregate_reviews($pageID) {
  359.         if ($this->got_aggregate !== false) {
  360.             return $this->got_aggregate;
  361.         }
  362.  
  363.         global $wpdb;
  364.  
  365.         $pageID = intval($pageID);
  366.         $row = $wpdb->get_results("SELECT COUNT(*) AS `total`,AVG(review_rating) AS `aggregate_rating`,MAX(review_rating) AS `max_rating` FROM `$this->dbtable` WHERE `page_id`=$pageID AND `status`=1");
  367.  
  368.         /* make sure we have at least one review before continuing below */
  369.         if ($wpdb->num_rows == 0 || $row[0]->total == 0) {
  370.             $this->got_aggregate = array("aggregate" => 0, "max" => 0, "total" => 0, "text" => 'Reviews for my site');
  371.             return false;
  372.         }
  373.  
  374.         $aggregate_rating = $row[0]->aggregate_rating;
  375.         $max_rating = $row[0]->max_rating;
  376.         $total_reviews = $row[0]->total;
  377.  
  378.         $row = $wpdb->get_results("SELECT `review_text` FROM `$this->dbtable` WHERE `page_id`=$pageID AND `status`=1 ORDER BY `date_time` DESC LIMIT 1");
  379.         $sample_text = substr($row[0]->review_text, 0, 180);
  380.  
  381.         $this->got_aggregate = array("aggregate" => $aggregate_rating, "max" => $max_rating, "total" => $total_reviews, "text" => $sample_text);
  382.         return true;
  383.     }
  384.  
  385.     function get_reviews($postID, $startpage, $perpage, $status, $random) {
  386.         global $wpdb;
  387.  
  388.         $startpage = $startpage - 1; /* mysql starts at 0 instead of 1, so reduce them all by 1 */
  389.         if ($startpage < 0) { $startpage = 0; }
  390.  
  391.         $limit = 'LIMIT ' . $startpage * $perpage . ',' . $perpage;
  392.  
  393.         if ($status == -1) {
  394.             $qry_status = '1=1';
  395.         } else {
  396.             $qry_status = "`status`=$status";
  397.         }
  398.  
  399.         $postID = intval($postID);
  400.         if ($postID == -1) {
  401.             $and_post = '';
  402.         } else {
  403.             $and_post = "AND `page_id`=$postID";
  404.         }
  405.  
  406. if ( $random ) {
  407.         $reviews = $wpdb->get_results("SELECT
  408.            `id`,
  409.            `date_time`,
  410.            `reviewer_name`,
  411.            `reviewer_email`,
  412.            `review_title`,
  413.            `review_text`,
  414.            `review_response`,
  415.            `review_rating`,
  416.            `reviewer_url`,
  417.            `reviewer_ip`,
  418.            `status`,
  419.            `page_id`,
  420.            `custom_fields`
  421.            FROM `$this->dbtable` WHERE $qry_status $and_post ORDER BY RAND() DESC $limit
  422.            ");
  423. }
  424. else {
  425.         $reviews = $wpdb->get_results("SELECT
  426.            `id`,
  427.            `date_time`,
  428.            `reviewer_name`,
  429.            `reviewer_email`,
  430.            `review_title`,
  431.            `review_text`,
  432.            `review_response`,
  433.            `review_rating`,
  434.            `reviewer_url`,
  435.            `reviewer_ip`,
  436.            `status`,
  437.            `page_id`,
  438.            `custom_fields`
  439.            FROM `$this->dbtable` WHERE $qry_status $and_post ORDER BY `date_time` DESC $limit
  440.            ");
  441. }
  442.  
  443.         $total_reviews = $wpdb->get_results("SELECT COUNT(*) AS `total` FROM `$this->dbtable` WHERE $qry_status $and_post");
  444.         $total_reviews = $total_reviews[0]->total;
  445.  
  446.         return array($reviews, $total_reviews);
  447.     }
  448.  
  449.     function aggregate_footer() {
  450.        
  451.         $aggregate_footer_output = '';
  452.        
  453.         if ($this->options['show_hcard_on'] != 0 && $this->shown_hcard === false) {
  454.  
  455.             $this->shown_hcard = true;
  456.  
  457.             /* start - make sure we should continue */
  458.             $show = false;
  459.  
  460.             if ( $this->options['show_hcard_on'] == 1 ) {
  461.                 $show = true;
  462.             } else if ( $this->options['show_hcard_on'] == 2 && ( is_home() || is_front_page() ) ) {
  463.                 $show = true;
  464.             } else if ( $this->options['show_hcard_on'] == 3 && $this->is_active_page() ) {
  465.                 $show = true;
  466.             }
  467.             /* end - make sure we should continue */
  468.            
  469.             $div_id = "wpcr_hcard_h";
  470.             if ( $this->is_active_page() ) {
  471.                 if ( $this->options['show_hcard'] == 1 ) {
  472.                     $div_id = "wpcr_hcard_s";
  473.                 }
  474.             }
  475.  
  476.             if ($show) { /* we append like this to prevent newlines and wpautop issues */
  477.                
  478.                 $aggregate_footer_output = '<div id="' . $div_id . '" class="vcard">';
  479.                 $aggregate_footer_output .= '<a class="url fn org" href="' . $this->options['business_url'] . '">' . $this->options['business_name'] . '</a><br />';
  480.                
  481.                 if (
  482.                         $this->options['business_street'] != '' ||
  483.                         $this->options['business_city'] != '' ||
  484.                         $this->options['business_state'] != '' ||
  485.                         $this->options['business_zip'] != '' ||
  486.                         $this->options['business_country'] != ''
  487.                    )
  488.                 {
  489.                     $aggregate_footer_output .= '<span class="adr">';
  490.                     if ($this->options['business_street'] != '') {
  491.                         $aggregate_footer_output .= '<span class="street-address">' . $this->options['business_street'] . '</span>&nbsp;';
  492.                     }
  493.                     if ($this->options['business_city'] != '') {
  494.                         $aggregate_footer_output .='<span class="locality">' . $this->options['business_city'] . '</span>,&nbsp;';
  495.                     }
  496.                     if ($this->options['business_state'] != '') {
  497.                         $aggregate_footer_output .='<span class="region">' . $this->options['business_state'] . '</span>,&nbsp;';
  498.                     }
  499.                     if ($this->options['business_zip'] != '') {
  500.                         $aggregate_footer_output .='<span class="postal-code">' . $this->options['business_zip'] . '</span>&nbsp;';
  501.                     }
  502.                     if ($this->options['business_country'] != '') {
  503.                         $aggregate_footer_output .='<span class="country-name">' . $this->options['business_country'] . '</span>&nbsp;';
  504.                     }
  505.  
  506.                     $aggregate_footer_output .= '</span>';
  507.                 }
  508.  
  509.                 if ($this->options['business_email'] != '' && $this->options['business_phone'] != '') {
  510.                     $aggregate_footer_output .= '<br />';
  511.                 }
  512.  
  513.                 if ($this->options['business_email'] != '') {
  514.                     $aggregate_footer_output .= '<a class="email" href="mailto:' . $this->options['business_email'] . '">' . $this->options['business_email'] . '</a>';
  515.                 }
  516.                 if ($this->options['business_email'] != '' && $this->options['business_phone'] != '') {
  517.                     $aggregate_footer_output .= '&nbsp;&bull;&nbsp';
  518.                 }
  519.                 if ($this->options['business_phone'] != '') {
  520.                     $aggregate_footer_output .= '<span class="tel">' . $this->options['business_phone'] . '</span>';
  521.                 }
  522.  
  523.                 $aggregate_footer_output .= '</div>';
  524.             }
  525.         }
  526.  
  527.         return $aggregate_footer_output;
  528.     }
  529.  
  530.     function iso8601($time=false) {
  531.         if ($time === false)
  532.             $time = time();
  533.         $date = date('Y-m-d\TH:i:sO', $time);
  534.         return (substr($date, 0, strlen($date) - 2) . ':' . substr($date, -2));
  535.     }
  536.  
  537.     function pagination($total_results, $reviews_per_page) {
  538.         global $post; /* will exist if on a post */
  539.  
  540.         $out = '';
  541.         $uri = false;
  542.         $pretty = false;
  543.  
  544.         $range = 2;
  545.         $showitems = ($range * 2) + 1;
  546.  
  547.         $paged = $this->page;
  548.         if ($paged == 0) { $paged = 1; }
  549.        
  550.         if (!isset($this->p->review_status)) { $this->p->review_status = 0; }
  551.  
  552.         $pages = ceil($total_results / $reviews_per_page);
  553.  
  554.         if ($pages > 1) {
  555.             if (is_admin()) {
  556.                 $url = '?page=wpcr_view_reviews&amp;review_status=' . $this->p->review_status . '&amp;';
  557.             } else {
  558.                 $uri = trailingslashit(get_permalink($post->ID));
  559.                 if (strpos($uri, '?') === false) {
  560.                     $url = $uri . '?';
  561.                     $pretty = true;
  562.                 } /* page is using pretty permalinks */ else {
  563.                     $url = $uri . '&amp;';
  564.                     $pretty = false;
  565.                 } /* page is using get variables for pageid */
  566.             }
  567.  
  568.             $out .= '<div id="wpcr_pagination"><div id="wpcr_pagination_page">Page: </div>';
  569.  
  570.             if ($paged > 2 && $paged > $range + 1 && $showitems < $pages) {
  571.                 if ($uri && $pretty) {
  572.                     $url2 = $uri;
  573.                 } /* not in admin AND using pretty permalinks */ else {
  574.                     $url2 = $url;
  575.                 }
  576.                 $out .= '<a href="' . $url2 . '">&laquo;</a>';
  577.             }
  578.  
  579.             if ($paged > 1 && $showitems < $pages) {
  580.                 $out .= '<a href="' . $url . 'wpcrp=' . ($paged - 1) . '">&lsaquo;</a>';
  581.             }
  582.  
  583.             for ($i = 1; $i <= $pages; $i++) {
  584.                 if ($i == $paged) {
  585.                     $out .= '<span class="wpcr_current">' . $paged . '</span>';
  586.                 } else if (!($i >= $paged + $range + 1 || $i <= $paged - $range - 1) || $pages <= $showitems) {
  587.                     if ($i == 1) {
  588.                         if ($uri && $pretty) {
  589.                             $url2 = $uri;
  590.                         } /* not in admin AND using pretty permalinks */ else {
  591.                             $url2 = $url;
  592.                         }
  593.                         $out .= '<a href="' . $url2 . '" class="wpcr_inactive">' . $i . '</a>';
  594.                     } else {
  595.                         $out .= '<a href="' . $url . 'wpcrp=' . $i . '" class="wpcr_inactive">' . $i . '</a>';
  596.                     }
  597.                 }
  598.             }
  599.  
  600.             if ($paged < $pages && $showitems < $pages) {
  601.                 $out .= '<a href="' . $url . 'wpcrp=' . ($paged + 1) . '">&rsaquo;</a>';
  602.             }
  603.             if ($paged < $pages - 1 && $paged + $range - 1 < $pages && $showitems < $pages) {
  604.                 $out .= '<a href="' . $url . 'wpcrp=' . $pages . '">&raquo;</a>';
  605.             }
  606.             $out .= '</div>';
  607.             $out .= '<div class="wpcr_clear wpcr_pb5"></div>';
  608.  
  609.             return $out;
  610.         }
  611.     }
  612.        
  613.     function output_reviews_show($inside_div, $postid, $perpage, $max, $hide_custom = 0, $hide_response = 0, $snippet_length = 0, $show_morelink = '', $random = 0) {
  614.        
  615.         if ($max != -1) {
  616.             $thispage = 1;
  617.         } else {
  618.             $thispage = $this->page;
  619.         }
  620.                
  621.         $arr_Reviews = $this->get_reviews($postid, $thispage, $perpage, 1, $random);
  622.        
  623.         $reviews = $arr_Reviews[0];
  624.         $total_reviews = intval($arr_Reviews[1]);
  625.  
  626.         $reviews_content = '';
  627.         $hidesummary = '';
  628.         $title_tag = $this->options['title_tag'];
  629.  
  630.         /* trying to access a page that does not exists -- send to main page */
  631.         if ( isset($this->p->wpcrp) && $this->p->wpcrp != 1 && count($reviews) == 0 ) {
  632.             $url = get_permalink($postid);
  633.             $this->wpcr_redirect($url);
  634.         }
  635.        
  636.         if ($postid == 0) {
  637.             /* NOTE: if using shortcode to show reviews for all pages, could do weird things when using product type */
  638.             $postid = $reviews[0]->page_id;
  639.         }
  640.  
  641.         $meta_product_name = get_post_meta($postid, 'wpcr_product_name', true);
  642.         if (!$meta_product_name) {
  643.             $meta_product_name = get_the_title($postid);
  644.         }
  645.  
  646.         $meta_product_desc = get_post_meta($postid, 'wpcr_product_desc', true);
  647.         $meta_product_brand = get_post_meta($postid, 'wpcr_product_brand', true);
  648.         $meta_product_upc = get_post_meta($postid, 'wpcr_product_upc', true);
  649.         $meta_product_sku = get_post_meta($postid, 'wpcr_product_sku', true);
  650.         $meta_product_model = get_post_meta($postid, 'wpcr_product_model', true);
  651.  
  652.         if (!$inside_div) {
  653.             $reviews_content .= '<div id="wpcr_respond_1">';
  654.         }
  655.        
  656.         if (count($reviews) == 0) {
  657.             /* $reviews_content .= '<p>There are no reviews yet. Be the first to leave yours!</p>'; */
  658.         } else {
  659.  
  660.             $this->get_aggregate_reviews($postid);
  661.  
  662.             $summary = $this->got_aggregate["text"];
  663.             $best_score = number_format($this->got_aggregate["max"], 1);
  664.             $average_score = number_format($this->got_aggregate["aggregate"], 1);
  665.  
  666.             if ($this->options['hreview_type'] == 'product') {
  667.                 $reviews_content .= '
  668.                    <span class="item hproduct" id="hproduct-' . $postid . '">
  669.                        <span class="wpcr_hide">
  670.                            <span class="brand">' . $meta_product_brand . '</span>
  671.                            <span class="fn">' . $meta_product_name . '</span>
  672.                            <span class="description">' . $meta_product_desc . '</span>
  673.                            <span class="identifier">
  674.                                <span class="type">SKU</span>
  675.                                <span class="value">' . $meta_product_sku . '</span>
  676.                            </span>
  677.                            <span class="identifier">
  678.                                <span class="type">UPC</span>
  679.                                <span class="value">' . $meta_product_upc . '</span>
  680.                            </span>
  681.                            <span class="identifier">
  682.                                <span class="type">Model</span>
  683.                                <span class="value">' . $meta_product_model . '</span>
  684.                            </span>
  685.                        </span>
  686.                    ';
  687.             }
  688.  
  689.             foreach ($reviews as $review) {
  690.                
  691.                 if ($snippet_length > 0)
  692.                 {
  693.                     $review->review_text = $this->trim_text_to_word($review->review_text,$snippet_length);
  694.                 }
  695.                
  696.                 $review->review_text .= '<br />';
  697.  
  698.                 $hide_name = '';
  699.                 if ($this->options['show_fields']['fname'] == 0) {
  700.                     $review->reviewer_name = 'Anonymous';
  701.                     $hide_name = 'wpcr_hide';
  702.                 }
  703.                 if ($review->reviewer_name == '') {
  704.                     $review->reviewer_name = 'Anonymous';
  705.                 }
  706.  
  707.                 if ($this->options['show_fields']['fwebsite'] == 1 && $review->reviewer_url != '') {
  708.                     $review->review_text .= '<br /><small><a href="' . $review->reviewer_url . '">' . $review->reviewer_url . '</a></small>';
  709.                 }
  710.                 if ($this->options['show_fields']['femail'] == 1 && $review->reviewer_email != '') {
  711.                     $review->review_text .= '<br /><small>' . $review->reviewer_email . '</small>';
  712.                 }
  713.                 if ($this->options['show_fields']['ftitle'] == 1) {
  714.                     /* do nothing */
  715.                 } else {
  716.                     $review->review_title = substr($review->review_text, 0, 150);
  717.                     $hidesummary = 'wpcr_hide';
  718.                 }
  719.                
  720.                 if ($show_morelink != '') {
  721.                     $review->review_text .= " <a href='".$this->get_jumplink_for_review($review,1)."'>$show_morelink</a>";
  722.                 }
  723.                
  724.                 $review->review_text = nl2br($review->review_text);
  725.                 $review_response = '';
  726.                
  727.                 if ($hide_response == 0)
  728.                 {
  729.                     if (strlen($review->review_response) > 0) {
  730.                         $review_response = '<p class="response"><strong>Response:</strong> ' . nl2br($review->review_response) . '</p>';
  731.                     }
  732.                 }
  733.  
  734.                 $custom_shown = '';
  735.                 if ($hide_custom == 0)
  736.                 {
  737.                     $custom_fields_unserialized = @unserialize($review->custom_fields);
  738.                     if (!is_array($custom_fields_unserialized)) {
  739.                         $custom_fields_unserialized = array();
  740.                     }
  741.                    
  742.                     foreach ($this->options['field_custom'] as $i => $val) {  
  743.                         if ( isset($custom_fields_unserialized[$val]) ) {
  744.                             $show = $this->options['show_custom'][$i];                         
  745.                             if ($show == 1 && $custom_fields_unserialized[$val] != '') {
  746.                                 $custom_shown .= "<div class='wpcr_fl'>" . $val . ': ' . $custom_fields_unserialized[$val] . '&nbsp;&bull;&nbsp;</div>';
  747.                             }
  748.                         }
  749.                     }
  750.  
  751.                     $custom_shown = preg_replace("%&bull;&nbsp;</div>$%si","</div><div class='wpcr_clear'></div>",$custom_shown);
  752.                 }
  753.  
  754.                 $name_block = '' .
  755.                     '<div class="wpcr_fl wpcr_rname">' .
  756.                     '<abbr title="' . $this->iso8601(strtotime($review->date_time)) . '" class="dtreviewed">' . date("M d, Y", strtotime($review->date_time)) . '</abbr>&nbsp;' .
  757.                     '<span class="' . $hide_name . '">by</span>&nbsp;' .
  758.                     '<span class="reviewer vcard" id="hreview-wpcr-reviewer-' . $review->id . '">' .
  759.                     '<span class="fn ' . $hide_name . '">' . $review->reviewer_name . '</span>' .
  760.                     '</span>' .
  761.                     '<div class="wpcr_clear"></div>' .
  762.                     $custom_shown .
  763.                     '</div>';
  764.  
  765.                 if ($this->options['hreview_type'] == 'product') {
  766.                     $reviews_content .= '
  767.                        <div class="hreview" id="hreview-' . $review->id . '">
  768.                            <' . $title_tag . ' class="summary ' . $hidesummary . '">' . $review->review_title . '</' . $title_tag . '>
  769.                            <span class="item" id="hreview-wpcr-hproduct-for-' . $review->id . '" style="display:none;">
  770.                                <span class="fn">' . $meta_product_name . '</span>
  771.                            </span>
  772.                            <div class="wpcr_fl wpcr_sc">
  773.                                <abbr class="rating" title="' . $review->review_rating . '"></abbr>
  774.                                <div class="wpcr_rating">
  775.                                    ' . $this->output_rating($review->review_rating, false) . '
  776.                                 </div>                 
  777.                            </div>
  778.                            ' . $name_block . '
  779.                            <div class="wpcr_clear wpcr_spacing1"></div>
  780.                            <blockquote class="description"><p>' . $review->review_text . '</p></blockquote>
  781.                            ' . $review_response . '
  782.                            <span style="display:none;" class="type">product</span>
  783.                            <span style="display:none;" class="version">0.3</span>
  784.                        </div>
  785.                        <hr />';
  786.                 } else if ($this->options['hreview_type'] == 'business') {
  787.                     $reviews_content .= '
  788.                        <div class="hreview" id="hreview-' . $review->id . '">
  789.                            <' . $title_tag . ' class="summary ' . $hidesummary . '">' . $review->review_title . '</' . $title_tag . '>
  790.                            <div class="wpcr_fl wpcr_sc">
  791.                                <abbr class="rating" title="' . $review->review_rating . '"></abbr>
  792.                                <div class="wpcr_rating">
  793.                                    ' . $this->output_rating($review->review_rating, false) . '
  794.                                 </div>                 
  795.                            </div>
  796.                            ' . $name_block . '
  797.                            <div class="wpcr_clear wpcr_spacing1"></div>
  798.                            <span class="item vcard" id="hreview-wpcr-hcard-for-' . $review->id . '" style="display:none;">
  799.                                <a class="url fn org" href="' . $this->options['business_url'] . '">' . $this->options['business_name'] . '</a>
  800.                                <span class="tel">' . $this->options['business_phone'] . '</span>
  801.                                <span class="adr">
  802.                                    <span class="street-address">' . $this->options['business_street'] . '</span>
  803.                                    <span class="locality">' . $this->options['business_city'] . '</span>
  804.                                    <span class="region">' . $this->options['business_state'] . '</span>, <span class="postal-code">' . $this->options['business_zip'] . '</span>
  805.                                    <span class="country-name">' . $this->options['business_country'] . '</span>
  806.                                </span>
  807.                            </span>
  808.                            <blockquote class="description"><p>' . $review->review_text . '</p></blockquote>
  809.                            ' . $review_response . '
  810.                            <span style="display:none;" class="type">business</span>
  811.                            <span style="display:none;" class="version">0.3</span>
  812.                       </div>
  813.                       <hr />';
  814.                 }
  815.             }
  816.  
  817.             if ($this->options['hreview_type'] == 'product') {
  818.                 $reviews_content .= '
  819.                    <span class="hreview-aggregate haggregatereview" id="hreview-wpcr-aggregate">
  820.                       <span style="display:none;">
  821.                           <span class="rating">
  822.                             <span class="average">' . $average_score . '</span>
  823.                             <span class="best">' . $best_score . '</span>
  824.                           </span>  
  825.                           <span class="votes">' . $this->got_aggregate["total"] . '</span>
  826.                           <span class="count">' . $this->got_aggregate["total"] . '</span>
  827.                           <span class="summary">' . $summary . '</span>
  828.                           <span class="item" id="hreview-wpcr-vcard">
  829.                            <span class="fn">' . $meta_product_name . '</span>
  830.                           </span>
  831.                       </span>
  832.                    </span>';
  833.                 $reviews_content .= '</span>'; /* end hProduct */
  834.             } else if ($this->options['hreview_type'] == 'business') {
  835.                 $reviews_content .= '
  836.                    <span class="hreview-aggregate" id="hreview-wpcr-aggregate">
  837.                       <span style="display:none;">
  838.                            <span class="item vcard" id="hreview-wpcr-vcard">
  839.                                <a class="url fn org" href="' . $this->options['business_url'] . '">' . $this->options['business_name'] . '</a>
  840.                                <span class="tel">' . $this->options['business_phone'] . '</span>
  841.                                <span class="adr">
  842.                                    <span class="street-address">' . $this->options['business_street'] . '</span>
  843.                                    <span class="locality">' . $this->options['business_city'] . '</span>
  844.                                    <span class="region">' . $this->options['business_state'] . '</span>, <span class="postal-code">' . $this->options['business_zip'] . '</span>
  845.                                    <span class="country-name">' . $this->options['business_country'] . '</span>
  846.                                </span>
  847.                            </span>
  848.                           <span class="rating">
  849.                                 <span class="average">' . $average_score . '</span>
  850.                                 <span class="best">' . $best_score . '</span>
  851.                           </span>  
  852.                           <span class="votes">' . $this->got_aggregate["total"] . '</span>
  853.                           <span class="count">' . $this->got_aggregate["total"] . '</span>
  854.                           <span class="summary">' . $summary . '</span>
  855.                       </span>
  856.                    </span>
  857.                    ';
  858.             }
  859.         }
  860.        
  861.         if (!$inside_div) {
  862.             $reviews_content .= '</div>'; /* wpcr_respond_1 */
  863.         }
  864.        
  865.         return array($reviews_content, $total_reviews);
  866.     }
  867.    
  868.     /* trims text, but does not break up a word */
  869.     function trim_text_to_word($text,$len) {
  870.         if(strlen($text) > $len) {
  871.           $matches = array();
  872.           preg_match("/^(.{1,$len})[\s]/i", $text, $matches);
  873.           $text = $matches[0];
  874.         }
  875.         return $text.'... ';
  876.     }
  877.  
  878.     function do_the_content($original_content) {
  879.         global $post;
  880.        
  881.         $using_shortcode_insert = false;
  882.         if ($original_content == 'shortcode_insert') {
  883.             $original_content = '';
  884.             $using_shortcode_insert = true;
  885.         }
  886.        
  887.         $the_content = '';
  888.         $is_active_page = $this->is_active_page();
  889.        
  890.         /* return normal content if this is not an enabled page, or if this is a post not on single post view */
  891.         if (!$is_active_page) {
  892.             $the_content .= '<div id="wpcr_respond_1">';
  893.             $the_content .= $this->aggregate_footer(); /* check if we need to show something in the footer then */
  894.             $the_content .= '</div>';
  895.             return $original_content . $the_content;
  896.         }
  897.        
  898.         $the_content .= '<div id="wpcr_respond_1">'; /* start the div */
  899.         $inside_div = true;
  900.        
  901.         if ($this->options['form_location'] == 0) {
  902.             $the_content .= $this->show_reviews_form();
  903.         }
  904.  
  905.         $ret_Arr = $this->output_reviews_show( $inside_div, $post->ID, $this->options['reviews_per_page'], -1 );
  906.         $the_content .= $ret_Arr[0];
  907.         $total_reviews = $ret_Arr[1];
  908.        
  909.         $the_content .= $this->pagination($total_reviews, $this->options['reviews_per_page']);
  910.  
  911.         if ($this->options['form_location'] == 1) {
  912.             $the_content .= $this->show_reviews_form();
  913.         }
  914.  
  915.         if ($this->options['support_us'] == 1) {
  916.             $the_content .= '<div class="wpcr_clear wpcr_power">Powered by <strong><a href="http://www.gowebsolutions.com/plugins/wp-customer-reviews/">WP Customer Reviews</a></strong></div>';
  917.         }
  918.        
  919.         $the_content .= $this->aggregate_footer(); /* check if we need to show something in the footer also */
  920.        
  921.         $the_content .= '</div>'; /* wpcr_respond_1 */
  922.  
  923.         //$the_content = preg_replace('/\n\r|\r\n|\n|\r|\t|\s{2}/', '', $the_content); /* minify to prevent automatic line breaks */
  924.         $the_content = preg_replace('/\n\r|\r\n|\n|\r|\t/', '', $the_content); /* minify to prevent automatic line breaks, not removing double spaces */
  925.  
  926.         return $original_content . $the_content;
  927.     }
  928.  
  929.     function output_rating($rating, $enable_hover) {
  930.         $out = '';
  931.  
  932.         $rating_width = 20 * $rating; /* 20% for each star if having 5 stars */
  933.  
  934.         $out .= '<div class="sp_rating">';
  935.  
  936.         if ($enable_hover) {
  937.             $out .= '<div class="status"><div class="score"><a class="score1">1</a><a class="score2">2</a><a class="score3">3</a><a class="score4">4</a><a class="score5">5</a></div></div>';
  938.         }
  939.  
  940.         $out .= '<div class="base"><div class="average" style="width:' . $rating_width . '%"></div></div>';
  941.         $out .= '</div>';
  942.  
  943.         return $out;
  944.     }
  945.  
  946.     function show_reviews_form() {
  947.         global $post, $current_user;
  948.  
  949.         $fields = '';
  950.         $out = '';
  951.         $req_js = "<script type='text/javascript'>";
  952.  
  953.         if ( isset($_COOKIE['wpcr_status_msg']) ) {
  954.             $this->status_msg = $_COOKIE['wpcr_status_msg'];
  955.         }
  956.        
  957.         if ($this->status_msg != '') {
  958.             $req_js .= "wpcr_del_cookie('wpcr_status_msg');";
  959.         }
  960.  
  961.         /* a silly and crazy but effective antispam measure.. bots wont have a clue */
  962.         $rand_prefixes = array();
  963.         for ($i = 0; $i < 15; $i++) {
  964.             $rand_prefixes[] = $this->rand_string(mt_rand(1, 8));
  965.         }
  966.        
  967.         if (!isset($this->p->fname)) { $this->p->fname = ''; }
  968.         if (!isset($this->p->femail)) { $this->p->femail = ''; }
  969.         if (!isset($this->p->fwebsite)) { $this->p->fwebsite = ''; }
  970.         if (!isset($this->p->ftitle)) { $this->p->ftitle = ''; }
  971.         if (!isset($this->p->ftext)) { $this->p->ftext = ''; }
  972.  
  973.         if ($this->options['ask_fields']['fname'] == 1) {
  974.             if ($this->options['require_fields']['fname'] == 1) {
  975.                 $req = '*';
  976.             } else {
  977.                 $req = '';
  978.             }
  979.             $fields .= '<tr><td><label for="' . $rand_prefixes[0] . '-fname" class="comment-field">Name: ' . $req . '</label></td><td><input class="text-input" type="text" id="' . $rand_prefixes[0] . '-fname" name="' . $rand_prefixes[0] . '-fname" value="' . $this->p->fname . '" /></td></tr>';
  980.         }
  981.         if ($this->options['ask_fields']['femail'] == 1) {
  982.             if ($this->options['require_fields']['femail'] == 1) {
  983.                 $req = '*';
  984.             } else {
  985.                 $req = '';
  986.             }
  987.             $fields .= '<tr><td><label for="' . $rand_prefixes[1] . '-femail" class="comment-field">Email: ' . $req . '</label></td><td><input class="text-input" type="text" id="' . $rand_prefixes[1] . '-femail" name="' . $rand_prefixes[1] . '-femail" value="' . $this->p->femail . '" /></td></tr>';
  988.         }
  989.         if ($this->options['ask_fields']['fwebsite'] == 1) {
  990.             if ($this->options['require_fields']['fwebsite'] == 1) {
  991.                 $req = '*';
  992.             } else {
  993.                 $req = '';
  994.             }
  995.             $fields .= '<tr><td><label for="' . $rand_prefixes[2] . '-fwebsite" class="comment-field">Website: ' . $req . '</label></td><td><input class="text-input" type="text" id="' . $rand_prefixes[2] . '-fwebsite" name="' . $rand_prefixes[2] . '-fwebsite" value="' . $this->p->fwebsite . '" /></td></tr>';
  996.         }
  997.         if ($this->options['ask_fields']['ftitle'] == 1) {
  998.             if ($this->options['require_fields']['ftitle'] == 1) {
  999.                 $req = '*';
  1000.             } else {
  1001.                 $req = '';
  1002.             }
  1003.             $fields .= '<tr><td><label for="' . $rand_prefixes[3] . '-ftitle" class="comment-field">Review Title: ' . $req . '</label></td><td><input class="text-input" type="text" id="' . $rand_prefixes[3] . '-ftitle" name="' . $rand_prefixes[3] . '-ftitle" maxlength="150" value="' . $this->p->ftitle . '" /></td></tr>';
  1004.         }
  1005.  
  1006.         $custom_fields = array(); /* used for insert as well */
  1007.         $custom_count = count($this->options['field_custom']); /* used for insert as well */
  1008.         for ($i = 0; $i < $custom_count; $i++) {
  1009.             $custom_fields[$i] = $this->options['field_custom'][$i];
  1010.         }
  1011.  
  1012.         foreach ($this->options['ask_custom'] as $i => $val) {
  1013.             if ( isset($this->options['ask_custom'][$i]) ) {
  1014.                 if ($val == 1) {
  1015.                     if ($this->options['require_custom'][$i] == 1) {
  1016.                         $req = '*';
  1017.                     } else {
  1018.                         $req = '';
  1019.                     }
  1020.  
  1021.                     $custom_i = "custom_$i";
  1022.                     if (!isset($this->p->$custom_i)) { $this->p->$custom_i = ''; }
  1023.                     $fields .= '<tr><td><label for="custom_' . $i . '" class="comment-field">' . $custom_fields[$i] . ': ' . $req . '</label></td><td><input class="text-input" type="text" id="custom_' . $i . '" name="custom_' . $i . '" maxlength="150" value="' . $this->p->$custom_i . '" /></td></tr>';
  1024.                 }
  1025.             }
  1026.         }
  1027.  
  1028.         $some_required = '';
  1029.        
  1030.         foreach ($this->options['require_fields'] as $col => $val) {
  1031.             if ($val == 1) {
  1032.                 $col = str_replace("'","\'",$col);
  1033.                 $req_js .= "wpcr_req.push('$col');";
  1034.                 $some_required = '<small>* Required Field</small>';
  1035.             }
  1036.         }
  1037.  
  1038.         foreach ($this->options['require_custom'] as $i => $val) {
  1039.             if ($val == 1) {
  1040.                 $req_js .= "wpcr_req.push('custom_$i');";
  1041.                 $some_required = '<small>* Required Field</small>';
  1042.             }
  1043.         }
  1044.        
  1045.         $req_js .= "</script>\n";
  1046.        
  1047.         if ($this->options['goto_show_button'] == 1) {
  1048.             $button_html = '<div class="wpcr_status_msg">' . $this->status_msg . '</div>'; /* show errors or thank you message here */
  1049.             $button_html .= '<p><a id="wpcr_button_1" href="javascript:void(0);">' . $this->options['goto_leave_text'] . '</a></p><hr />';
  1050.             $out .= $button_html;
  1051.         }
  1052.  
  1053.         /* different output variables make it easier to debug this section */
  1054.         $out .= '<div id="wpcr_respond_2">' . $req_js . '
  1055.                    <form class="wpcrcform" id="wpcr_commentform" method="post" action="javascript:void(0);">
  1056.                        <div id="wpcr_div_2">
  1057.                            <input type="hidden" id="frating" name="frating" />
  1058.                            <table id="wpcr_table_2">
  1059.                                <tbody>
  1060.                                    <tr><td colspan="2"><div id="wpcr_postcomment">' . $this->options["leave_text"] . '</div></td></tr>
  1061.                                    ' . $fields;
  1062.  
  1063.         $out2 = '  
  1064.            <tr>
  1065.                <td><label class="comment-field">Rating:</label></td>
  1066.                <td><div class="wpcr_rating">' . $this->output_rating(0, true) . '</div></td>
  1067.            </tr>';
  1068.  
  1069.         $out3 = '
  1070.                            <tr><td colspan="2"><label for="' . $rand_prefixes[5] . '-ftext" class="comment-field">Review:</label></td></tr>
  1071.                            <tr><td colspan="2"><textarea id="' . $rand_prefixes[5] . '-ftext" name="' . $rand_prefixes[5] . '-ftext" rows="8" cols="50">' . $this->p->ftext . '</textarea></td></tr>
  1072.                            <tr>
  1073.                                <td colspan="2" id="wpcr_check_confirm">
  1074.                                    ' . $some_required . '
  1075.                                    <div class="wpcr_clear"></div>    
  1076.                                    <input type="checkbox" name="' . $rand_prefixes[6] . '-fconfirm1" id="fconfirm1" value="1" />
  1077.                                    <div class="wpcr_fl"><input type="checkbox" name="' . $rand_prefixes[7] . '-fconfirm2" id="fconfirm2" value="1" /></div><div class="wpcr_fl" style="margin:-2px 0px 0px 5px"><label for="fconfirm2">Check this box to confirm you are human.</label></div>
  1078.                                    <div class="wpcr_clear"></div>
  1079.                                    <input type="checkbox" name="' . $rand_prefixes[8] . '-fconfirm3" id="fconfirm3" value="1" />
  1080.                                </td>
  1081.                            </tr>
  1082.                            <tr><td colspan="2"><input id="wpcr_submit_btn" name="submitwpcr_' . $post->ID . '" type="submit" value="' . $this->options['submit_button_text'] . '" /></td></tr>
  1083.                        </tbody>
  1084.                    </table>
  1085.                </div>
  1086.            </form>';
  1087.  
  1088.         $out4 = '<hr /></div>';
  1089.         $out4 .= '<div class="wpcr_clear wpcr_pb5"></div>';
  1090.  
  1091.         return $out . $out2 . $out3 . $out4;
  1092.     }
  1093.  
  1094.     function add_review($pageID) {
  1095.         global $wpdb;
  1096.  
  1097.         /* begin - some antispam magic */
  1098.         $this->newp = new stdClass();
  1099.  
  1100.         foreach ($this->p as $col => $val) {
  1101.             $pos = strpos($col, '-');
  1102.             if ($pos !== false) {
  1103.                 $col = substr($col, $pos + 1); /* off by one */
  1104.             }
  1105.             $this->newp->$col = $val;
  1106.         }
  1107.  
  1108.         $this->p = $this->newp;
  1109.         unset($this->newp);
  1110.         /* end - some antispam magic */
  1111.  
  1112.         /* some sanitation */
  1113.         $date_time = date('Y-m-d H:i:s');
  1114.         $ip = $_SERVER['REMOTE_ADDR'];
  1115.        
  1116.         if (!isset($this->p->fname)) { $this->p->fname = ''; }
  1117.         if (!isset($this->p->femail)) { $this->p->femail = ''; }
  1118.         if (!isset($this->p->fwebsite)) { $this->p->fwebsite = ''; }
  1119.         if (!isset($this->p->ftitle)) { $this->p->ftitle = ''; }
  1120.         if (!isset($this->p->ftext)) { $this->p->ftext = ''; }
  1121.         if (!isset($this->p->femail)) { $this->p->femail = ''; }
  1122.         if (!isset($this->p->fwebsite)) { $this->p->fwebsite = ''; }
  1123.         if (!isset($this->p->frating)) { $this->p->frating = 0; } /* default to 0 */
  1124.         if (!isset($this->p->fconfirm1)) { $this->p->fconfirm1 = 0; } /* default to 0 */
  1125.         if (!isset($this->p->fconfirm2)) { $this->p->fconfirm2 = 0; } /* default to 0 */
  1126.         if (!isset($this->p->fconfirm3)) { $this->p->fconfirm3 = 0; } /* default to 0 */
  1127.        
  1128.         $this->p->fname = trim(strip_tags($this->p->fname));
  1129.         $this->p->femail = trim(strip_tags($this->p->femail));
  1130.         $this->p->ftitle = trim(strip_tags($this->p->ftitle));
  1131.         $this->p->ftext = trim(strip_tags($this->p->ftext));
  1132.         $this->p->frating = intval($this->p->frating);
  1133.  
  1134.         /* begin - server-side validation */
  1135.         $errors = '';
  1136.  
  1137.         foreach ($this->options['require_fields'] as $col => $val) {
  1138.             if ($val == 1) {
  1139.                 if (!isset($this->p->$col) || $this->p->$col == '') {
  1140.                     $nice_name = ucfirst(substr($col, 1));
  1141.                     $errors .= 'You must include your ' . $nice_name . '.<br />';
  1142.                 }
  1143.             }
  1144.         }
  1145.  
  1146.         $custom_fields = array(); /* used for insert as well */
  1147.         $custom_count = count($this->options['field_custom']); /* used for insert as well */
  1148.         for ($i = 0; $i < $custom_count; $i++) {
  1149.             $custom_fields[$i] = $this->options['field_custom'][$i];
  1150.         }
  1151.  
  1152.         foreach ($this->options['require_custom'] as $i => $val) {
  1153.             if ($val == 1) {
  1154.                 $custom_i = "custom_$i";
  1155.                 if (!isset($this->p->$custom_i) || $this->p->$custom_i == '') {
  1156.                     $nice_name = $custom_fields[$i];
  1157.                     $errors .= 'You must include your ' . $nice_name . '.<br />';
  1158.                 }
  1159.             }
  1160.         }
  1161.        
  1162.         /* only do regex matching if not blank */
  1163.         if ($this->p->femail != '' && $this->options['ask_fields']['femail'] == 1) {
  1164.             if (!preg_match('/^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/', $this->p->femail)) {
  1165.                 $errors .= 'The email address provided is not valid.<br />';
  1166.             }
  1167.         }
  1168.  
  1169.         /* only do regex matching if not blank */
  1170.         if ($this->p->fwebsite != '' && $this->options['ask_fields']['fwebsite'] == 1) {
  1171.             if (!preg_match('/^\S+:\/\/\S+\.\S+.+$/', $this->p->fwebsite)) {
  1172.                 $errors .= 'The website provided is not valid. Be sure to include http://<br />';
  1173.             }
  1174.         }
  1175.  
  1176.         if (intval($this->p->fconfirm1) == 1 || intval($this->p->fconfirm3) == 1) {
  1177.             $errors .= 'You have triggered our anti-spam system. Please try again. Code 001.<br />';
  1178.         }
  1179.  
  1180.         if (intval($this->p->fconfirm2) != 1) {
  1181.             $errors .= 'You have triggered our anti-spam system. Please try again. Code 002<br />';
  1182.         }
  1183.  
  1184.         if ($this->p->frating < 1 || $this->p->frating > 5) {
  1185.             $errors .= 'You have triggered our anti-spam system. Please try again. Code 003<br />';
  1186.         }
  1187.  
  1188.         if (strlen(trim($this->p->ftext)) < 30) {
  1189.             $errors .= 'You must include a review. Please make reviews at least a couple of sentences.<br />';
  1190.         }
  1191.  
  1192.         /* returns true for errors */
  1193.         if ($errors) {
  1194.             return array(true, "<div>$errors</div>");
  1195.         }
  1196.         /* end - server-side validation */
  1197.  
  1198.         $custom_insert = array();      
  1199.         for ($i = 0; $i < $custom_count; $i++) {       
  1200.             if ($this->options['ask_custom'][$i] == 1) {
  1201.                 $name = $custom_fields[$i];
  1202.                 $custom_i = "custom_$i";               
  1203.                 if ( isset($this->p->$custom_i) ) {
  1204.                     $custom_insert[$name] = ucfirst($this->p->$custom_i);
  1205.                 }
  1206.             }
  1207.         }
  1208.         $custom_insert = serialize($custom_insert);
  1209.  
  1210.         $query = $wpdb->prepare("INSERT INTO `$this->dbtable`
  1211.                (`date_time`, `reviewer_name`, `reviewer_email`, `reviewer_ip`, `review_title`, `review_text`, `status`, `review_rating`, `reviewer_url`, `custom_fields`, `page_id`)
  1212.                VALUES (%s, %s, %s, %s, %s, %s, %d, %d, %s, %s, %d)", $date_time, $this->p->fname, $this->p->femail, $ip, $this->p->ftitle, $this->p->ftext, 0, $this->p->frating, $this->p->fwebsite, $custom_insert, $pageID);
  1213.  
  1214.         $wpdb->query($query);
  1215.  
  1216.         $admin_link = get_admin_url().'admin.php?page=wpcr_view_reviews';
  1217.         $admin_link = "Link to admin approval page: $admin_link";
  1218.  
  1219.         @wp_mail(get_bloginfo('admin_email'), "WP Customer Reviews: New Review Posted on " . date('m/d/Y h:i'), "A new review has been posted for " . $this->options['business_name'] . " via WP Customer Reviews. \n\nYou will need to login to the admin area and approve this review before it will appear on your site.\n\n{$admin_link}");
  1220.  
  1221.         /* returns false for no error */
  1222.         return array(false, '<div>Thank you for your comments. All submissions are moderated and if approved, yours will appear soon.</div>');
  1223.     }
  1224.  
  1225.     function deactivate() {
  1226.         /* do not fire on upgrading plugin or upgrading WP - only on true manual deactivation */
  1227.         if (isset($this->p->action) && $this->p->action == 'deactivate') {
  1228.             $this->options['activate'] = 0;
  1229.             update_option('wpcr_options', $this->options);
  1230.             global $WPCustomerReviewsAdmin;
  1231.             $this->include_admin(); /* include admin functions */
  1232.             $WPCustomerReviewsAdmin->notify_activate(2);
  1233.         }
  1234.     }
  1235.  
  1236.     function wpcr_redirect($url, $cookie = array()) {
  1237.        
  1238.         $headers_sent = headers_sent();
  1239.        
  1240.         if ($headers_sent == true) {
  1241.             /* use JS redirect and add cookie before redirect */
  1242.             /* we do not html comment script blocks here - to prevent any issues with other plugins adding content to newlines, etc */
  1243.             $out = "<html><head><title>Redirecting...</title></head><body><div style='clear:both;text-align:center;padding:10px;'>" .
  1244.                     "Processing... Please wait..." .
  1245.                     "<script type='text/javascript'>";
  1246.             foreach ($cookie as $col => $val) {
  1247.                 $val = preg_replace("/\r?\n/", "\\n", addslashes($val));
  1248.                 $out .= "document.cookie=\"$col=$val\";";
  1249.             }
  1250.             $out .= "window.location='$url';";
  1251.             $out .= "</script>";
  1252.             $out .= "</div></body></html>";
  1253.             echo $out;
  1254.         } else {
  1255.             foreach ($cookie as $col => $val) {
  1256.                 setcookie($col, $val); /* add cookie via headers */
  1257.             }
  1258.             ob_end_clean();
  1259.             wp_redirect($url); /* nice redirect */
  1260.         }
  1261.        
  1262.         exit();
  1263.     }
  1264.  
  1265.     function init() { /* used for admin_init also */
  1266.         $this->make_p_obj(); /* make P variables object */
  1267.         $this->get_options(); /* populate the options array */
  1268.         $this->check_migrate(); /* call on every instance to see if we have upgraded in any way */
  1269.  
  1270.         if ( !isset($this->p->wpcrp) ) { $this->p->wpcrp = 1; }
  1271.        
  1272.         $this->page = intval($this->p->wpcrp);
  1273.         if ($this->page < 1) { $this->page = 1; }
  1274.        
  1275.         add_shortcode( 'WPCR_INSERT', array(&$this, 'shortcode_wpcr_insert') );
  1276.         add_shortcode( 'WPCR_SHOW', array(&$this, 'shortcode_wpcr_show') );
  1277.        
  1278.         wp_register_style('wp-customer-reviews', $this->getpluginurl() . 'wp-customer-reviews.css', array(), $this->plugin_version);
  1279.         wp_register_script('wp-customer-reviews', $this->getpluginurl() . 'wp-customer-reviews.js', array('jquery'), $this->plugin_version);
  1280.         /* add style and script here if needed for some theme compatibility */
  1281.         $this->add_style_script();
  1282.     }
  1283.    
  1284.     function shortcode_wpcr_insert() {
  1285.         $this->force_active_page = 1;
  1286.         return $this->do_the_content('shortcode_insert');        
  1287.     }
  1288.    
  1289.     function shortcode_wpcr_show($atts) {
  1290.         $this->force_active_page = 1;
  1291.        
  1292.         extract( shortcode_atts( array('postid' => 'all','num' => '3','hidecustom' => '0','hideresponse' => '0', 'snippet' => '0','more' => '', 'random' => '0'), $atts ) );
  1293.        
  1294.         if (strtolower($postid) == 'all') { $postid = -1; /* -1 queries all reviews */ }
  1295.         $postid = intval($postid);
  1296.         $num = intval($num);
  1297.         $hidecustom = intval($hidecustom);
  1298.         $hideresponse = intval($hideresponse);
  1299.         $snippet = intval($snippet);
  1300.         $more = $more;
  1301.         $random = intval($random);
  1302.  
  1303.         if ($postid < -1) { $postid = -1; }
  1304.         if ($num < 1) { $num = 3; }
  1305.         if ($hidecustom < 0 || $hidecustom > 1) { $hidecustom = 0; }
  1306.         if ($hideresponse < 0 || $hideresponse > 1) { $hideresponse = 0; }
  1307.         if ($snippet < 0) { $snippet = 0; }
  1308.        
  1309.         $inside_div = false;
  1310.        
  1311.         $ret_Arr = $this->output_reviews_show( $inside_div, $postid, $num, $num, $hidecustom, $hideresponse, $snippet, $more, $random );
  1312.         return $ret_Arr[0];
  1313.     }
  1314.  
  1315.     function activate() {
  1316.         register_setting('wpcr_gotosettings', 'wpcr_gotosettings');
  1317.         add_option('wpcr_gotosettings', true); /* used for redirecting to settings page upon initial activation */
  1318.     }
  1319.  
  1320.     function include_admin() {
  1321.         global $WPCustomerReviewsAdmin;
  1322.         require_once($this->getplugindir() . 'wp-customer-reviews-admin.php'); /* include admin functions */
  1323.     }
  1324.  
  1325.     function admin_init() {
  1326.         global $WPCustomerReviewsAdmin;
  1327.         $this->include_admin(); /* include admin functions */
  1328.         $WPCustomerReviewsAdmin->real_admin_init();
  1329.     }
  1330.  
  1331.     function getpluginurl() {
  1332.         return trailingslashit(plugins_url(basename(dirname(__FILE__))));
  1333.     }
  1334.  
  1335.     function getplugindir() {
  1336.         return trailingslashit(WP_PLUGIN_DIR . '/' . str_replace(basename(__FILE__), "", plugin_basename(__FILE__)));
  1337.     }
  1338.  
  1339. }
  1340.  
  1341. if (!defined('IN_WPCR')) {
  1342.     global $WPCustomerReviews;
  1343.     $WPCustomerReviews = new WPCustomerReviews();
  1344.     register_activation_hook(__FILE__, array(&$WPCustomerReviews, 'activate'));
  1345.     register_deactivation_hook(__FILE__, array(&$WPCustomerReviews, 'deactivate'));
  1346. }
  1347. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement