Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/gg.corals.io/wp-content/plugins/quickcal/includes/ajax/admin/ |
<?php
do_action('booked_before_creating_appointment');
$date = isset($_POST['date']) ? esc_html( $_POST['date'] ) : '';
$title = isset($_POST['title']) ? esc_html( $_POST['title'] ) : '';
$timestamp = isset($_POST['timestamp']) ? esc_html( $_POST['timestamp'] ) : '';
$timeslot = isset($_POST['timeslot']) ? esc_html( $_POST['timeslot'] ) : '';
$customer_type = isset($_POST['customer_type']) ? esc_html( $_POST['customer_type'] ) : '';
$hide_end_times = get_option('booked_hide_end_times',false);
$calendar_id = (isset($_POST['calendar_id']) ? $_POST['calendar_id'] : false);
$calendar_id_for_cf = $calendar_id;
if ($calendar_id):
$calendar_id = array($calendar_id);
$calendar_id = array_map( 'intval', $calendar_id );
$calendar_id = array_unique( $calendar_id );
endif;
$time_format = get_option('time_format');
$date_format = get_option('date_format');
// Get custom field data (new in v1.2)
$custom_fields = array();
if ( $calendar_id_for_cf ) {
$custom_fields = json_decode(stripslashes(get_option('booked_custom_fields_'.$calendar_id_for_cf)),true);
}
if ( !$custom_fields ) {
$custom_fields = json_decode(stripslashes(get_option('booked_custom_fields')),true);
}
$custom_field_data = array();
$cf_meta_value = '';
if (!empty($custom_fields)):
$previous_field = false;
foreach($custom_fields as $key => $field):
$field_name = $field['name'];
$field_title = $field['value'];
$field_title_parts = explode('---',$field_name);
if ($field_title_parts[0] == 'radio-buttons-label' || $field_title_parts[0] == 'checkboxes-label'):
$current_group_name = $field_title;
elseif ($field_title_parts[0] == 'single-radio-button' || $field_title_parts[0] == 'single-checkbox'):
// Don't change the group name yet
else :
$current_group_name = $field_title;
endif;
if ($field_name != $previous_field){
if (isset($_POST[$field_name]) && $_POST[$field_name]):
$field_value = $_POST[$field_name];
if (is_array($field_value)){
$field_value = implode(', ',$field_value);
}
$custom_field_data[$key] = array(
'label' => $current_group_name,
'value' => $field_value
);
endif;
$previous_field = $field_name;
}
endforeach;
$custom_field_data = apply_filters('booked_custom_field_data', $custom_field_data);
if (!empty($custom_field_data)):
foreach($custom_field_data as $key => $data):
$cf_meta_value .= '<p class="cf-meta-value"><strong>'.$data['label'].'</strong><br>'.$data['value'].'</p>';
endforeach;
endif;
endif;
// END Get custom field data
if ($customer_type == 'guest'):
$name = esc_attr($_POST['guest_name']);
$surname = isset($_POST['guest_surname']) ? esc_attr($_POST['guest_surname']) : false;
$fullname = ( $surname ? $name . ' ' . $surname : $name );
$email = isset($_POST['guest_email']) ? esc_attr($_POST['guest_email']) : false;
$email_required = get_option('booked_require_guest_email_address',false);
if ( $email_required && $email && is_email($email) && $name || !$email_required && !$email && $name):
// Create a new appointment post for a current customer
$new_post = apply_filters('booked_new_appointment_args', array(
'post_title' => date_i18n($date_format,$timestamp).' @ '.date_i18n($time_format,$timestamp).' (User: Guest)',
'post_content' => '',
'post_status' => 'publish',
'post_date' => date_i18n('Y',strtotime($date)).'-'.date_i18n('m',strtotime($date)).'-01 00:00:00',
'post_type' => 'booked_appointments'
));
$post_id = wp_insert_post($new_post);
update_post_meta($post_id, '_appointment_title', $title);
update_post_meta($post_id, '_appointment_guest_name', $name);
update_post_meta($post_id, '_appointment_guest_surname', $surname);
update_post_meta($post_id, '_appointment_guest_email', $email);
update_post_meta($post_id, '_appointment_timestamp', $timestamp);
update_post_meta($post_id, '_appointment_timeslot', $timeslot);
wp_publish_post($post_id);
if (apply_filters('booked_update_cf_meta_value', true)) {
update_post_meta($post_id, '_cf_meta_value', $cf_meta_value);
}
if (apply_filters('booked_update_appointment_calendar', true)) {
if (isset($calendar_id) && $calendar_id): wp_set_object_terms($post_id,$calendar_id,'booked_custom_calendars'); endif;
}
$email_content = get_option('booked_approval_email_content');
$email_subject = get_option('booked_approval_email_subject');
if ($email && $email_content && $email_subject):
$token_replacements = quickcal_get_appointment_tokens( $post_id );
$email_content = quickcal_token_replacement( $email_content,$token_replacements );
$email_subject = quickcal_token_replacement( $email_subject,$token_replacements );
do_action( 'booked_approved_email', $email, $email_subject, $email_content );
endif;
echo 'success###'.$date;
do_action('booked_new_appointment_created', $post_id);
else:
if ( !is_email($email) ):
echo 'error###' . esc_html__( 'That email does not appear to be valid.','booked');
endif;
endif;
elseif ($customer_type == 'current'):
$user_id = esc_html( $_POST['user_id'] );
// Create a new appointment post for a current customer
$new_post = apply_filters('booked_new_appointment_args', array(
'post_title' => date_i18n($date_format,$timestamp).' @ '.date_i18n($time_format,$timestamp).' (User: '.$user_id.')',
'post_content' => '',
'post_status' => 'publish',
'post_date' => date_i18n('Y',strtotime($date)).'-'.date_i18n('m',strtotime($date)).'-01 00:00:00',
'post_author' => $user_id,
'post_type' => 'booked_appointments'
));
$post_id = wp_insert_post($new_post);
update_post_meta($post_id, '_appointment_title', $title);
update_post_meta($post_id, '_appointment_timestamp', $timestamp);
update_post_meta($post_id, '_appointment_timeslot', $timeslot);
update_post_meta($post_id, '_appointment_user', $user_id);
wp_publish_post($post_id);
if (apply_filters('booked_update_cf_meta_value', true)) {
update_post_meta($post_id, '_cf_meta_value', $cf_meta_value);
}
if (apply_filters('booked_update_appointment_calendar', true)) {
if (isset($calendar_id) && $calendar_id): wp_set_object_terms($post_id,$calendar_id,'booked_custom_calendars'); endif;
}
// Send an email to the User?
$user_data = get_userdata( $user_id );
$email = $user_data->user_email;
$email_content = get_option('booked_approval_email_content');
$email_subject = get_option('booked_approval_email_subject');
if ($email_content && $email_subject):
$token_replacements = quickcal_get_appointment_tokens( $post_id );
$email_content = quickcal_token_replacement( $email_content,$token_replacements );
$email_subject = quickcal_token_replacement( $email_subject,$token_replacements );
do_action( 'booked_approved_email', $email, $email_subject, $email_content );
endif;
echo 'success###'.$date;
do_action('booked_new_appointment_created', $post_id);
else:
$name = esc_attr($_POST['name']);
$surname = ( isset($_POST['surname']) && $_POST['surname'] ? esc_attr($_POST['surname']) : false );
$fullname = ( $surname ? $name . ' ' . $surname : $name );
$email = esc_attr( $_POST['email'] );
$password = ($_POST['password'] ? esc_attr( $_POST['password'] ) : wp_generate_password());
$errors = quickcal_registration_validation($email,$password);
if (empty($errors)):
$userdata = array(
'user_login' => $email,
'user_email' => $email,
'user_pass' => $password,
'first_name' => $name,
'last_name' => $surname
);
$user_id = wp_insert_user( $userdata );
update_user_meta( $user_id, 'nickname', $name );
wp_update_user( array ('ID' => $user_id, 'display_name' => $name ) );
// Send a registration welcome email to the new user?
$email_content = get_option('booked_registration_email_content');
$email_subject = get_option('booked_registration_email_subject');
if ($email_content && $email_subject):
$token_replacements = array(
'name' => $fullname,
'email' => $email,
'password' => $password
);
$email_content = quickcal_token_replacement( $email_content,$token_replacements,'user' );
$email_subject = quickcal_token_replacement( $email_subject,$token_replacements,'user' );
do_action( 'booked_registration_email',$email, $email_subject, $email_content );
endif;
// Create a new appointment post for this new customer
$new_post = apply_filters('booked_new_appointment_args', array(
'post_title' => date_i18n($date_format,$timestamp).' @ '.date_i18n($time_format,$timestamp).' (User: '.$user_id.')',
'post_content' => '',
'post_status' => 'publish',
'post_date' => date_i18n('Y',strtotime($date)).'-'.date_i18n('m',strtotime($date)).'-01 00:00:00',
'post_author' => $user_id,
'post_type' => 'booked_appointments'
));
$post_id = wp_insert_post($new_post);
update_post_meta($post_id, '_appointment_title', $title);
update_post_meta($post_id, '_appointment_timestamp', $timestamp);
update_post_meta($post_id, '_appointment_timeslot', $timeslot);
update_post_meta($post_id, '_appointment_user', $user_id);
wp_publish_post($post_id);
if (apply_filters('booked_update_cf_meta_value', true)) {
update_post_meta($post_id, '_cf_meta_value', $cf_meta_value);
}
if (apply_filters('booked_update_appointment_calendar', true)) {
if (isset($calendar_id) && $calendar_id): wp_set_object_terms($post_id,$calendar_id,'booked_custom_calendars'); endif;
}
// Send an email to the user?
$email_content = get_option('booked_approval_email_content');
$email_subject = get_option('booked_approval_email_subject');
if ($email_content && $email_subject):
$token_replacements = quickcal_get_appointment_tokens( $post_id );
$email_content = quickcal_token_replacement( $email_content,$token_replacements );
$email_subject = quickcal_token_replacement( $email_subject,$token_replacements );
do_action( 'booked_approved_email',$email, $email_subject, $email_content );
endif;
echo 'success###'.$date;
do_action('booked_new_appointment_created', $post_id);
else :
echo 'error###'.implode('
',$errors);
endif;
endif;