forked from uncatcrea/q-android
-
Notifications
You must be signed in to change notification settings - Fork 2
/
forms.php
90 lines (69 loc) · 3.63 KB
/
forms.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
/**
* (To put in a php file (eg forms.php) created in WP-AppKit theme's "php" folder)
*
* Handle form submission on PHP side.
* App form submission is made using the WP-AppKit "liveQuery" webservice.
* Here we handle this webservice call, check which form was sent, sanitize posted data,
* then send an email to the website admin.
*/
//Hook into liveQuery webservice to handle form submit
add_filter( 'wpak_live_query', 'wpak_handle_forms_submit', 10, 2 );
function wpak_handle_forms_submit( $service_answer, $query_params ) {
//$query_params contains what was passed in liveQuery's "query_args"
//Check that the 'form_action' action (set on app side) is 'submit':
if ( isset( $query_params['form_action'] ) && $query_params['form_action'] === 'submit' ) {
//Prepare our answer:
$result = array( 'ok' => 0, 'error' => '' );
//Check passed form data:
if ( !empty( $query_params['form_id'] ) && !empty( $query_params['form_data'] ) ) {
$form_data = $query_params['form_data'];
$form_id = $query_params['form_id'];
//This handles the form with id "contact" as defined on app side.
//Any other form submission can be handled here by adding an "if" case following this one.
if ( $form_id === 'contact' ) {
//Sanitize inputs
$firstname = sanitize_text_field( $form_data['firstname'] );
$lastname = sanitize_text_field( $form_data['lastname'] );
$email = sanitize_text_field( $form_data['email'] ); //email is validated hereunder
$message = sanitize_textarea_field( $form_data['message'] );
//For more sanitize functions see:
//https://codex.wordpress.org/Validating_Sanitizing_and_Escaping_User_Data
//Check sent data
//Check not empty:
if ( empty( $firstname ) || empty( $lastname ) || empty( $email ) || empty( $message ) ) {
$result['error'] = 'Please provide all fields';
$service_answer['form_result'] = $result;
return $service_answer;
}
//Check email validity:
if ( !filter_var( $email, FILTER_VALIDATE_EMAIL ) ) {
$result['error'] = 'Please provide a valid email';
$service_answer['form_result'] = $result;
return $service_answer;
}
//Data check went ok. Now send email to website admin with contact form data:
$mail_to = get_bloginfo( 'admin_email' );
$subject = "Contact form submission from app ". wpak_get_current_app_slug();
$body = "First name: ". $firstname ."\n".
"Last name: ". $lastname ."\n".
"Email: ". $email ."\n\n".
"Message: \n". $message ."\n";
wp_mail( $mail_to, $subject, $body );
//If you need to do other treatments (save form data in database, etc)
//you can do it here
//Tell the app that everything went ok
$result['ok'] = 1;
} else {
$result['error'] = 'Form ['. $form_id .'] not found';
}
$form_data = $query_params['form_data'];
} else {
$result['error'] = 'Wrong form';
}
//Add our result to the web service answer:
$service_answer['form_result'] = $result;
}
return $service_answer;
//This webservice answer is then handled on app side in the "success" callback in forms.js
}