Last active
July 1, 2020 19:27
-
-
Save jpgninja/ee62b4cf3f9c757119d3b495b2c627a9 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Process profile edit submissions. | |
| */ | |
| function process_edit_profile_submission() { | |
| // Verify nonce, redirect, and exit. | |
| $bad_nonce = ( ! isset( $_POST['cc_profile_edit_nonce'] ) || ! wp_verify_nonce( sanitize_key( $_POST['cc_profile_edit_nonce'] ), 'cc_profile_edit' ) ); | |
| if ( $bad_nonce ) { | |
| // Flash error message. | |
| $flash_msg = [ | |
| 'state' => 'error', | |
| 'message' => 'Invalid security token, please try again.', | |
| ]; | |
| Flash\add_message( $flash_msg ); | |
| // Redirect. | |
| wp_safe_redirect( get_permalink( get_page_by_path( 'profile' ) ) ); | |
| exit; | |
| } | |
| // Setup our member. | |
| $user = wp_get_current_user(); | |
| $member = get_member( $user ); | |
| $post_data = array_map( 'trim', wp_unslash( $_POST ) ); | |
| // Check we have a valid Birthday date. | |
| if ( ! empty( $post_data['date_of_birth'] ) ) { | |
| $dob = explode( '-', $post_data['date_of_birth'] ); // Break. | |
| $valid_dob = ( ( 3 === count( $dob ) ) && checkdate( $dob[1], $dob[2], $dob[0] ) ); | |
| if ( ! $valid_dob ) { | |
| // Flash error message. | |
| $flash_msg = [ | |
| 'state' => 'error', | |
| 'message' => '🤔 Um, that\'s not a valid date for your birthday. Want to try again?', | |
| ]; | |
| Flash\add_message( $flash_msg ); | |
| // Redirect. | |
| wp_safe_redirect( get_permalink( get_page_by_path( 'profile' ) ) ); | |
| exit; | |
| } | |
| // Calculate age. | |
| $dob = new DateTime( sprintf( "%d-%d-%d", $dob[0], $dob[1], $dob[2] ) ); | |
| $today = new DateTime('now'); | |
| $age = date_diff( $today, $dob ); | |
| $is_minor = ( $age->y < AGE_RESTRICTION ); | |
| if ( $is_minor ) { | |
| // Error message. | |
| // Redirect. | |
| wp_safe_redirect( get_permalink( get_page_by_path( 'profile' ) ) ); | |
| exit; | |
| } | |
| } | |
| // Image handling. | |
| if ( isset( $_FILES['file'] ) && ( 0 < $_FILES['file']['size'] ) ) { | |
| $_FILES['file']['name'] = sanitize_file_name( wp_unslash( $_FILES['file']['name'] ) ); | |
| $image_id = save_uploaded_profile_image( wp_unslash( $_FILES['file'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput | |
| $post_data['image_id'] = $image_id; | |
| } | |
| // Format the data in preparation for the DB. | |
| // Setup our vars. | |
| $member_data = format_form_data( $post_data ); | |
| // Store data. | |
| $stored = store_member_data( $user, $member_data ); | |
| if ( false === $stored ) { | |
| // Error: Flash message & redirect. | |
| // Redirect & exit. | |
| wp_safe_redirect( get_permalink( get_page_by_path( 'profile' ) ) ); | |
| exit; | |
| } else { | |
| // Success. | |
| // Redirect & exit. | |
| wp_safe_redirect( get_permalink( get_page_by_path( 'profile' ) ) ); | |
| exit; | |
| } | |
| // Continue. | |
| return $member_data; | |
| } | |
| /** | |
| * Save submitted image on profile page. | |
| * | |
| * @param array $file Is a file from form upload. | |
| */ | |
| function save_uploaded_profile_image( $file = '' ) { | |
| global $post_id; | |
| // Default error messaging & redirect. | |
| $img_upload_failed_msg_args = [ | |
| 'state' => 'error', | |
| 'message' => 'Wierd… we never got that pic, could you try again?', | |
| ]; | |
| $redirect_url = get_permalink( get_page_by_path( 'profile' ) ); | |
| // No image provided. | |
| if ( ! is_array( $file ) ) { | |
| // Redirect. | |
| wp_safe_redirect( $redirect_url ); | |
| exit; | |
| } | |
| // Allowed image types. | |
| $allowed_filetypes = [ | |
| 'image/jpeg', | |
| 'image/gif', | |
| 'image/png', | |
| ]; | |
| // Setup image checks. | |
| $file['name'] = sanitize_file_name( $file['name'] ); | |
| $max_filesize = 1 * MB_IN_BYTES; // File size in bytes (~ 1MB). | |
| $image_exists = isset( $file['size'] ); | |
| $image_not_empty = ( $file['size'] > 0 ); | |
| // Check if there's an image. | |
| if ( $image_exists && $image_not_empty ) { | |
| // Setup conditions. | |
| $filetype_ok = in_array( sanitize_text_field( $file['type'] ), $allowed_filetypes, true ); | |
| $filesize_ok = ( (int) $file['size'] <= $max_filesize ); | |
| // Check filetype. | |
| if ( ! $filetype_ok ) { | |
| // Error. | |
| // Redirect. | |
| wp_safe_redirect( $redirect_url ); | |
| exit; | |
| } | |
| // Check filesize. | |
| if ( ! $filesize_ok ) { | |
| // Set Flash message. | |
| $img_upload_failed_msg_args['message'] = 'Woah… that file type was too big, could you try something smaller than a megabyte?'; | |
| Flash\add_message( $img_upload_failed_msg_args ); | |
| // Redirect. | |
| wp_safe_redirect( $redirect_url ); | |
| exit; | |
| } | |
| // Check conditions. | |
| if ( $filetype_ok && $filesize_ok ) { | |
| // These files need to be included as dependencies when on the front end. | |
| require_once ABSPATH . 'wp-admin/includes/image.php'; | |
| require_once ABSPATH . 'wp-admin/includes/file.php'; | |
| require_once ABSPATH . 'wp-admin/includes/media.php'; | |
| // Let WordPress handle the upload. | |
| $attachment_id = media_handle_upload( 'file', $post_id ); | |
| if ( is_wp_error( $attachment_id ) || ( empty( $attachment_id ) ) ) { | |
| // There was an error uploading the image. | |
| $img_upload_failed_msg_args['message'] = $attachment_id->get_error_message(); | |
| // Set Flash message. | |
| Flash\add_message( $img_upload_failed_msg_args ); | |
| // Redirect. | |
| wp_safe_redirect( $redirect_url ); | |
| exit; | |
| } else { | |
| // Success! | |
| add_post_meta( $post_id, 'post_image', $attachment_id, true ); | |
| return $attachment_id; | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment