Changeset 3178280
- Timestamp:
- 10/29/2024 06:58:17 PM (17 months ago)
- Location:
- zoho-crm-forms/trunk
- Files:
-
- 15 edited
-
Readme.txt (modified) (2 diffs)
-
includes/crmconfigdefault.php (modified) (1 diff)
-
includes/crmcontactform7.php (modified) (2 diffs)
-
includes/crmcontactformfields.php (modified) (1 diff)
-
includes/crmcontactformfieldsmapping.php (modified) (1 diff)
-
includes/crmcontactformgenerator.php (modified) (1 diff)
-
includes/crmcustomfunctions.php (modified) (6 diffs)
-
includes/crmform-submitlogs.php (modified) (1 diff)
-
includes/crmoauthentication.php (modified) (1 diff)
-
includes/crmshortcodefunctions.php (modified) (7 diffs)
-
includes/crmwebformfields.php (modified) (2 diffs)
-
includes/crmwebformfieldsfuntions.php (modified) (1 diff)
-
includes/crmwebforms.php (modified) (5 diffs)
-
includes/crmwebformsfieldsmapping.php (modified) (7 diffs)
-
index.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
zoho-crm-forms/trunk/Readme.txt
r3177807 r3178280 7 7 Author: Zoho CRM 8 8 Tested up to: 6.5 9 Stable tag:1.7.9. 19 Stable tag:1.7.9.2 10 10 License: GPLv2 or later 11 Version: 1.7.9. 111 Version: 1.7.9.2 12 12 License URI: http://www.gnu.org/licenses/gpl-2.0.html 13 13 … … 289 289 1.7.9.1 290 290 Wordpress latest version compatibility check 291 1.7.9.2 292 Security review issue has been fixed 291 293 292 294 -
zoho-crm-forms/trunk/includes/crmconfigdefault.php
r2823084 r3178280 149 149 $disableTab = $disableAuthen."".$disabledMenu; 150 150 $admin_url = 'admin.php'; 151 $modulearray = $wpdb->get_results("select modifydate from zcf_zohocrm_list_module"); 151 $modulearrayquery = "SELECT modifydate FROM zcf_zohocrm_list_module WHERE modifydate != %s"; 152 $modulearray = $wpdb->get_results($wpdb->prepare($modulearrayquery, '')); 152 153 if (sanitize_text_field($_REQUEST['page']) == 'crmforms-builder' || sanitize_text_field($_REQUEST['page']) == 'formsettings-builder') { 153 154 echo '<div class="zoho-crm-form-builder"> -
zoho-crm-forms/trunk/includes/crmcontactform7.php
r2972118 r3178280 94 94 $user_value = sanitize_text_field(get_bloginfo()); 95 95 } 96 $queryresult = $wpdb->get_results("SELECT field_type FROM zcf_zohocrmform_field_manager WHERE field_name='" . $field_name . "' AND layoutId='" . $layoutid . "'"); 96 97 $resquery = "SELECT field_type FROM zcf_zohocrmform_field_manager WHERE field_name = %s AND layoutId =%s"; 98 $queryresult = $wpdb->get_results($wpdb->prepare($resquery, $field_name, $layoutid)); 97 99 if ($wpdb->last_error) { 98 100 }else{ … … 166 168 } 167 169 168 $mapping = $wpdb->get_results($wpdb->prepare("select crmformsfieldslable,thirdpartyfieldids from zcf_contactformrelation where thirdpartyformid=%d", $post_id) , ARRAY_A);170 $mapping = $wpdb->get_results($wpdb->prepare("select crmformsfieldslable,thirdpartyfieldids from zcf_contactformrelation where thirdpartyformid=%d", $post_id) ); 169 171 foreach ($mapping as $key => $value) { 170 172 $crmformsfieldslable[$key] = $value['crmformsfieldslable']; 171 173 $thirdpartyfieldids[$key] = $value['thirdpartyfieldids']; 172 174 } 173 $crmformsfieldName = $wpdb->get_results(" select a.field_name , a.field_values , a.field_type from zcf_zohocrmform_field_manager as a join zcf_zohocrm_formfield_manager as b join zcf_contactformrelation as c where b.field_id=a.field_id and c.crmformsfieldid=b.rel_id and thirdpartyformid='{$post_id}'", ARRAY_A); 175 $crmformsfieldquery = "SELECT a.field_name, a.field_values, a.field_type FROM zcf_zohocrmform_field_manager AS a JOIN zcf_zohocrm_formfield_manager AS b ON b.field_id = a.field_id JOIN zcf_contactformrelation AS c ON c.crmformsfieldid = b.rel_id WHERE c.thirdpartyformid = %d"; 176 177 $crmformsfieldName = $wpdb->get_results($wpdb->prepare($crmformsfieldquery, $post_id) ); 174 178 175 179 $thirdpartyfieldids = array_flip($thirdpartyfieldids); -
zoho-crm-forms/trunk/includes/crmcontactformfields.php
r2877298 r3178280 153 153 <input type="hidden" name="layoutname" id="layoutname" value="<?php echo esc_html($_REQUEST['layoutname']); ?>"> 154 154 <?php 155 $query_layout = "select layoutID from zcf_zohocrm_moduleLists where modulename='".$cform_module."' and Layoutname='".sanitize_text_field($_REQUEST['layoutname'])."'"; 156 $get_layoutjson_array = $wpdb->get_results($query_layout); 155 $cform_module_sanitized = sanitize_text_field($cform_module); 156 $layoutname_sanitized = sanitize_text_field($_REQUEST['layoutname']); 157 $query_layout = "SELECT layoutID FROM zcf_zohocrm_moduleLists WHERE modulename = %s AND Layoutname = %s"; 158 $get_layoutjson_array = $wpdb->get_results($wpdb->prepare($query_layout, $cform_module_sanitized, $layoutname_sanitized) ); 159 157 160 $layoutIDarray = $get_layoutjson_array[0]->layoutID; 158 161 ?> -
zoho-crm-forms/trunk/includes/crmcontactformfieldsmapping.php
r3177807 r3178280 27 27 return $webform_module; 28 28 } 29 30 public function zcfget_mapping_field_config1() { 31 global $wpdb; 32 $layoutarray = $wpdb->get_results("select distinct(api_name),plural_label from zcf_zohocrm_list_module where api_name !='' and api_name NOT IN('Visits','Vendors','Tasks','Social','Sales_Orders','Projects','Approvals','Products','Solution','Invoice','Estimate','Reports','Quotes','Purchase_Orders','WPjects','WPducts','Price_Books','Notes','Invoices','Home','Feeds','Events','Emails','Documents','Dashboards','Campaigns','Calls','Attachments','ApWPvals','Activities');"); 33 $rulearray = $resultaiss = $wpdb->get_results("select * from zcf_zohocrm_assignmentrule"); 34 $webform_layout_lists = ""; 35 $webform_layout_lists .= "<div> 36 <div class='form-group col-md-12 mt20'> <div class='exist_mapping col-md-6'> <label id='innertext' class='leads-builder-label'> Choose Your Module </label></div> 37 <div class='exist_mapping col-md-4'> <select id='map_thirdparty_module' class='selectpicker form-control' data-live-search='false' name='map_thirdparty_module' onchange='selectThirdModule(this,$siteurl)'><option value=''>Select Module</option>"; 38 foreach ($layoutarray as $key => $value) { 39 $webform_layout_lists .= "<option value='" . esc_html($value->api_name) . "'>" . $value->plural_label . "</option>"; 40 } 41 $webform_layout_lists .= "</select><span class='smaill-loading-image'></span></div></div><br><br>"; 42 43 44 45 $webform_layout_lists .= "<div id='layout-third-module'> 46 <div class='form-group col-md-12 mt20'> <div class='exist_mapping col-md-6'> <label id='innertext' class='leads-builder-label'> Select Layout </label></div> 47 <div class='exist_mapping col-md-4'> <select id='choose-thirdleads-layout' name='choose-thirdleads-layout' class='form-control' onchange='selectThirdlayout(this)'><option value=''>Select Layout</option>"; 48 49 $webform_layout_lists .= "</select></div></div><br><br>"; 50 $webform_layout_lists .= "<div class='form-group col-md-12 mb50' id='thirdparty-plugin-list'> <div class='exist_mapping col-md-6'> <label id='innertext' class='leads-builder-label'> Choose your Form Type </label></div> 51 <div class='exist_mapping col-md-4'> <select id='map_thirdparty_form' class='selectpicker form-control' data-live-search='false' name='map_thirdparty_form' onchange='getMappingConfiguration(this.value)'>"; 52 $webform_layout_lists .= "<option value='none'>None</option> 53 <option value='contactform'>Contact Form</option> 54 </select></div></div></div>"; 55 } 56 57 public function zcfget_mapping_field_config($tp_module, $cForm_namePlugin) { 29 public function zcfget_mapping_field_config($tp_module, $cForm_namePlugin) { 58 30 global $wpdb; 59 31 $zohocrmformname = 'crmformswpbuilder'; -
zoho-crm-forms/trunk/includes/crmcontactformgenerator.php
r3177807 r3178280 205 205 $count_error = 0; 206 206 for ($i = 0; $i < count($config_fields); $i++) { 207 if (array_key_exists($config_fields[$i]['name'], sanitize_text_field($_POST))) {207 if (array_key_exists($config_fields[$i]['name'], __($_POST))) { 208 208 209 209 if ($config_fields[$i]['zcf_mandatory'] == 1 && sanitize_text_field($_POST[$config_fields[$i]['name']]) == "") { -
zoho-crm-forms/trunk/includes/crmcustomfunctions.php
r3177807 r3178280 95 95 global $wpdb; 96 96 $modulemname = sanitize_text_field($_REQUEST['module']); 97 $layoutarray = $wpdb->get_results("select Layoutname,layoutID from zcf_zohocrm_moduleLists where modulename='" . $modulemname . "'"); 97 $query_layout = "SELECT Layoutname, layoutID FROM zcf_zohocrm_moduleLists WHERE modulename = %s"; 98 $layoutarray = $wpdb->get_results($wpdb->prepare($query_layout, $modulemname) ); 99 98 100 $content = "<option value=''>Select Layout</option>"; 99 101 foreach ($layoutarray as $key => $value) { … … 122 124 $shortcode = sanitize_text_field($_REQUEST['shortcode']); 123 125 $formTitle = sanitize_text_field($_REQUEST['formvalue']); 124 $wpdb->query("update zcf_zohoshortcode_manager set form_name = '".$formTitle."' where shortcode_name='".$shortcode."'"); 125 $shortcodemanager = $wpdb->get_results("select * from zcf_zohoshortcode_manager"); 126 $updatequery = "UPDATE zcf_zohoshortcode_manager SET form_name = %s WHERE shortcode_name = %s 127 "; 128 $result = $wpdb->query($wpdb->prepare($updatequery, $formTitle, $shortcode)); 129 $shortcodemanagerquery = $wpdb->prepare("SELECT * FROM zcf_zohoshortcode_manager"); 130 $shortcodemanager = $wpdb->get_results($shortcodemanagerquery ); 126 131 $namestr = sanitize_title_with_dashes($shortcode_fields->form_name); 127 132 … … 236 241 237 242 global $wpdb; 238 $get_existing_fields = $wpdb->get_results("select field_name from zcf_zohocrmform_field_manager where module_type ='" . $module . "' and Layout_Name ='" . $field_details['layout_name'] . "'"); 243 $fieldsexitsquery = " 244 SELECT field_name 245 FROM zcf_zohocrmform_field_manager 246 WHERE module_type = %s 247 AND Layout_Name = %s 248 "; 249 $get_existing_fields = $wpdb->get_results($wpdb->prepare($fieldsexitsquery, $module, $layout_name) ); 250 239 251 foreach ($get_existing_fields as $ex_key => $ex_val) { 240 252 $existing_fields[] = $ex_val->field_name; … … 364 376 365 377 case 'contactform': 366 $get_checkid = $wpdb->get_results("select thirdpartyformid from zcf_contactformrelation where crmformsshortcodename='{$shortcode}' and thirdpartypluginname='contactform'"); 378 $get_checkidquery = " 379 SELECT thirdpartyformid 380 FROM zcf_contactformrelation 381 WHERE crmformsshortcodename = %s 382 AND thirdpartypluginname = %s 383 "; 384 $get_checkid = $wpdb->get_results($wpdb->prepare($get_checkidquery, $shortcode,'contactform') ); 385 367 386 if (isset($get_checkid[0])) { 368 387 $checkid = $get_checkid[0]->thirdpartyformid; … … 441 460 442 461 $users_synced_count = sanitize_text_field($_POST['synced_count']); 443 $fetch_last_id = $wpdb->get_results("select ID from {$wpdb->prefix}users order by id desc limit 1"); 462 $fetch_last_idquery = $wpdb->prepare("SELECT ID FROM {$wpdb->prefix}users ORDER BY ID DESC LIMIT 1"); 463 $fetch_last_id = $wpdb->get_results($fetch_last_idquery ); 444 464 $last_user_id = $fetch_last_id[0]->ID; 445 465 $zcf_users_count = count(get_users()); … … 454 474 $FunctionsObj = new zcfcoreGetFields(); 455 475 global $wpdb; 456 $blogusers = $wpdb->get_results("select ID from " . $wpdb->prefix . "users limit $zcf_start, $zcf_offset"); 476 $blogusersquery = " 477 SELECT ID 478 FROM {$wpdb->prefix}users 479 LIMIT %d, %d 480 "; 481 $blogusers = $wpdb->get_results($wpdb->prepare($blogusersquery, $zcf_start, $zcf_offset) ); 482 457 483 $user = array(); 458 484 foreach ($blogusers as $users) { -
zoho-crm-forms/trunk/includes/crmform-submitlogs.php
r2823084 r3178280 18 18 <?php 19 19 global $wpdb; 20 $get_shortcode_id = $wpdb->get_results("select * from zcf_submitlogs ORDER BY id DESC;"); 20 $get_shortcode_idquery = $wpdb->prepare("SELECT * FROM zcf_submitlogs ORDER BY id DESC"); 21 $get_shortcode_id = $wpdb->get_results($get_shortcode_idquery ); 21 22 $i=1; 22 23 foreach ($get_shortcode_id as $value) { -
zoho-crm-forms/trunk/includes/crmoauthentication.php
r3050822 r3178280 118 118 $core->zcfgetUsersList(); 119 119 global $wpdb; 120 $resultaiss = $wpdb->get_results("select distinct(api_name),plural_label from zcf_zohocrm_list_module where api_name !='' and api_name NOT IN('Visits','Vendors','Tasks','Social','Sales_Orders','Reports','Quotes','Purchase_Orders','WPjects','WPducts','Price_Books','Deals','Notes','Invoices','Home','Feeds','Events','Accounts','Emails','Documents','Dashboards','Campaigns','Calls','Attachments','ApWPvals','Activities')"); 120 $resultquery = $wpdb->prepare(" 121 SELECT DISTINCT(api_name), plural_label 122 FROM zcf_zohocrm_list_module 123 WHERE api_name != '' 124 AND api_name NOT IN ( 125 'Visits', 'Vendors', 'Tasks', 'Social', 'Sales_Orders', 126 'Reports', 'Quotes', 'Purchase_Orders', 'WPjects', 127 'WPducts', 'Price_Books', 'Deals', 'Notes', 'Invoices', 128 'Home', 'Feeds', 'Events', 'Accounts', 'Emails', 129 'Documents', 'Dashboards', 'Campaigns', 'Calls', 130 'Attachments', 'ApWPvals', 'Activities' 131 ) 132 "); 133 $resultaiss = $wpdb->get_results($resultquery ); 134 121 135 foreach ($resultaiss as $key => $value) { 122 136 $client->zcfgetAssignmentRule($authtoken, $value->api_name); -
zoho-crm-forms/trunk/includes/crmshortcodefunctions.php
r3115294 r3178280 114 114 function zcfformFields($options, $onAction, $editShortCodes, $formtype = "post", $module, $layoutname) { 115 115 global $wpdb; 116 $fields = $wpdb->get_results("select * from zcf_zohocrmform_field_manager where module_type='" . $module . "' and Layout_Name ='" . $layoutname . "'"); 116 $fieldsquery = " 117 SELECT * 118 FROM zcf_zohocrmform_field_manager 119 WHERE module_type = %s 120 AND Layout_Name = %s 121 "; 122 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $module, $layoutname) ); 123 117 124 118 125 $siteurl = site_url(); … … 121 128 $htmlcontent1 = ''; 122 129 $config_leads_fields = $crmformsfieldData->zcfformfieldsPropsettings($editShortCodes); 123 124 $editupdatecount = $wpdb->get_results("select * from zcf_zohocrmform_field_manager fm join zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id join zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id where sm.shortcode_name='" . $editShortCodes . "' and fm.editupdate=1 and fm.viewcreate_type=1 group by fm.field_name"); 130 $resultsquery = "SELECT * 131 FROM zcf_zohocrmform_field_manager fm 132 JOIN zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id 133 JOIN zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id 134 WHERE sm.shortcode_name = %s 135 AND fm.editupdate = 1 136 AND fm.viewcreate_type = 1 137 GROUP BY fm.field_name 138 "; 139 $results = $wpdb->get_results($wpdb->prepare($resultsquery, $editShortCodes) ); 140 125 141 $imagepath = ZCF_BASE_DIR . 'assets/images/'; 126 142 $imagepath = esc_url($imagepath); … … 641 657 $users_list = get_option('crm_users'); 642 658 $assignee = $users_list['users'][0]['email']; 643 $fields = $wpdb->get_results("select *from zcf_zohoshortcode_manager where shortcode_name = '" . $shortcode . "'"); 659 $fieldsquery = "SELECT * 660 FROM zcf_zohoshortcode_manager 661 WHERE shortcode_name = %s 662 "; 663 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $shortcode) ); 644 664 $config_fields = $shortcodeObj->zcffieldsPropsettings($crmtype, $module, $layoutname); 645 665 foreach ($config_fields as $field) { … … 660 680 global $wpdb; 661 681 $formfieldsLength = $formfieldsLength + 1; 662 $shortcode_array = $wpdb->get_results("select * from zcf_zohocrm_formfield_manager where shortcode_id='" . $shortcode_id . "'"); 682 $shortcode_arrayquery = "SELECT * 683 FROM zcf_zohocrm_formfield_manager 684 WHERE shortcode_id = %s 685 "; 686 $shortcode_array = $wpdb->get_results($wpdb->prepare($shortcode_arrayquery, $shortcode_id_sanitized) ); 687 663 688 $shortcode_count = sizeof($shortcode_array) + 10; 664 689 … … 731 756 $data = array(); 732 757 $delete_short = $shortcode; 733 $deletedata = $wpdb->get_results("select shortcode_id from zcf_zohoshortcode_manager where shortcode_name = '$delete_short'"); 758 $deletedataquery = "SELECT shortcode_id FROM zcf_zohoshortcode_manager WHERE shortcode_name = %s"; 759 $deletedata = $wpdb->get_results($wpdb->prepare($deletedataquery, $delete_short) ); 760 734 761 $deleteid = $deletedata[0]->shortcode_id; 735 762 $delete_shortcode = $wpdb->query("delete from zcf_zohoshortcode_manager where shortcode_id = '$deleteid'"); … … 753 780 public function ZcfformatContactFields($thirdparty_form, $title, $shortcode) { 754 781 global $wpdb; 755 $word_form_enable_fields = $wpdb->get_results("select a.rel_id,a.zcf_field_mandatory,a.custom_field_type,a.custom_field_values,a.display_label,a.field_id,c.field_name ,a.defaultvalues,a.hiddenfield from zcf_zohocrm_formfield_manager as a join zcf_zohoshortcode_manager as b join zcf_zohocrmform_field_manager as c where b.shortcode_id=a.shortcode_id and b.shortcode_name='$shortcode' and a.state=1 and c.field_id=a.field_id order by form_field_sequence"); 782 $enablequery = " 783 SELECT a.rel_id, a.zcf_field_mandatory, a.custom_field_type, a.custom_field_values, 784 a.display_label, a.field_id, c.field_name, a.defaultvalues, a.hiddenfield 785 FROM zcf_zohocrm_formfield_manager AS a 786 JOIN zcf_zohoshortcode_manager AS b ON b.shortcode_id = a.shortcode_id 787 JOIN zcf_zohocrmform_field_manager AS c ON c.field_id = a.field_id 788 WHERE b.shortcode_name = %s 789 AND a.state = 1 790 ORDER BY a.form_field_sequence 791 "; 792 $word_form_enable_fields = $wpdb->get_results($wpdb->prepare($enablequery, $shortcode) ); 793 756 794 $checkid = $wpdb->get_var($wpdb->prepare("select thirdpartyformid from zcf_contactformrelation where crmformsshortcodename =%s and thirdpartypluginname=%s", $shortcode, 'contactform')); 757 795 … … 849 887 //$checkid = $wpdb->get_var($wpdb->prepare("select thirdpartyformid from zcf_contactformrelation inner join {$wpdb->prefix}posts on {$wpdb->prefix}posts.ID = zcf_contactformrelation.thirdpartyformid and {$wpdb->prefix}posts.post_status='publish' where crmformsshortcodename =%s and thirdpartypluginname=%s",'contactform')); 850 888 $dataQuery = "select thirdpartyformid from zcf_contactformrelation inner join {$wpdb->prefix}posts on {$wpdb->prefix}posts.ID = zcf_contactformrelation.thirdpartyformid and {$wpdb->prefix}posts.post_status='publish' where crmformsshortcodename ='".$shortcode."' and thirdpartypluginname='contactform'"; 851 $dataresult = $wpdb->get_row( $dataQuery , ARRAY_A);889 $dataresult = $wpdb->get_row( $dataQuery ); 852 890 853 891 if (empty($dataresult)) { -
zoho-crm-forms/trunk/includes/crmwebformfields.php
r3115294 r3178280 7 7 $module = sanitize_text_field($_REQUEST['module']); 8 8 $onAction = sanitize_text_field($_REQUEST['onAction']); 9 10 $data = $wpdb->get_results( "select *from zcf_zohoshortcode_manager");9 $dataquery = "SELECT * FROM zcf_zohoshortcode_manager"; 10 $data = $wpdb->get_results($wpdb->prepare($dataquery) ); 11 11 if ($result != '') { 12 12 $allowedposttags = zcf_allowed_tag(); … … 119 119 $shortcode = sanitize_text_field($_REQUEST['EditShortcode']); 120 120 $formName = sanitize_text_field($_REQUEST['formName']); 121 $formname = $wpdb->get_results("SELECT form_name FROM `zcf_zohoshortcode_manager` WHERE `shortcode_name` LIKE '" . esc_html__($shortcode) . "' "); 122 ?> 123 124 <input class="textField" type="text" data-value="<?php echo esc_html__($formname[0]->form_name); ?>" id="form-name" name="form-name" data-value="<?php echo esc_html__($formName); ?>" 125 value="<?php echo esc_html__($formName); ?>" onblur="formTitleupdate(this, '<?php sanitize_title_with_dashes($formname[0]->form_name); ?>', '<?php echo esc_url_raw($siteurl); ?>', '<?php echo sanitize_text_field($shortcode); ?>')"/> 121 $formnamequery = " 122 SELECT form_name 123 FROM zcf_zohoshortcode_manager 124 WHERE shortcode_name LIKE %s 125 "; 126 $formname = $wpdb->get_results($wpdb->prepare($formnamequery, $shortcode)); 127 ?> 128 <input class="textField" type="text" data-value="<?php echo esc_html__($formname[0]->form_name); ?>" id="form-name" name="form-name" data-value="<?php echo esc_html__($formname[0]->form_name); ?>" 129 value="<?php echo esc_html__($formname[0]->form_name); ?>" onblur="formTitleupdate(this, '<?php sanitize_title_with_dashes($formname[0]->form_name); ?>', '<?php echo esc_url_raw($siteurl); ?>', '<?php echo sanitize_text_field($shortcode); ?>')"/> 126 130 <input type='hidden' id='lead_crmtype' name="lead_crmtype" value="crmformswpbuilder"> 127 131 <input type="hidden" id="savefields" name="savefields" value="<?php echo esc_attr__('Apply', ZCF_PLUGIN_BASE_URL); ?>"/> -
zoho-crm-forms/trunk/includes/crmwebformfieldsfuntions.php
r3142240 r3178280 221 221 $config_underscored_fields = array(); 222 222 $moduleslug = $this->ModuleSlug = rtrim(strtolower($module), "s"); 223 $config_fieldlist = $wpdb->get_results("select * from zcf_zohocrmform_field_manager where module_type='{$module}' and layoutId='{$layoutID}'"); 224 223 $config_query = "SELECT * 224 FROM zcf_zohocrmform_field_manager 225 WHERE module_type = %s 226 AND layoutId = %s 227 "; 228 $config_fieldlist = $wpdb->get_results($wpdb->prepare($config_query, $module, $layoutID) ); 225 229 $config_fields = get_option("crmforms_{$activateplugin}_{$moduleslug}_fields-tmp"); 226 230 -
zoho-crm-forms/trunk/includes/crmwebforms.php
r2864993 r3178280 67 67 68 68 </tr></thead><tbody>"; 69 $shortcodemanager = $wpdb->get_results("select *from zcf_zohoshortcode_manager"); 69 $shortcodemanagerquery = $wpdb->prepare("SELECT * FROM zcf_zohoshortcode_manager"); 70 $shortcodemanager = $wpdb->get_results($shortcodemanagerquery ); 70 71 echo esc_html($shortcode_fields->form_name); 71 72 … … 154 155 $htmlcontent1 .= $existing_content; 155 156 $htmlcontent1 .= "</tbody></table></div>"; 156 $modulearray = $wpdb->get_results("select modifydate from zcf_zohocrm_list_module"); 157 $modulearrayquery = $wpdb->prepare("SELECT modifydate FROM zcf_zohocrm_list_module"); 158 $modulearray = $wpdb->get_results($modulearrayquery ); 159 157 160 $SettingsConfig = get_option("zcf_crmformswpbuilder_settings"); 158 161 $authtokens = $SettingsConfig['authtoken']; … … 169 172 </div> 170 173 <?php 171 $fields = $wpdb->get_results("select last_modified_date from zcf_zohocrmform_field_manager "); 174 $fieldsquery = $wpdb->prepare("SELECT last_modified_date FROM zcf_zohocrmform_field_manager"); 175 $fields = $wpdb->get_results($fieldsquery ); 172 176 ?> 173 177 … … 202 206 $authToken = base64_decode(base64_decode(base64_decode($authTokenConfig['authtoken']))); 203 207 $crmformsZohoapi->zcfGetModules($authToken); 204 $layoutarray = $wpdb->get_results("select distinct(api_name),plural_label from zcf_zohocrm_list_module where api_name !='' and api_name NOT IN('Visits','Vendors','Tasks','Social','Sales_Orders','Reports','Quotes','Purchase_Orders','Projects','Products','Price_Books','Notes','Invoices','Home','Feeds','Events','Emails','Documents','Dashboards','Campaigns','Calls','Attachments','Approvals','Activities');"); 208 $layoutarrayquery = $wpdb->prepare(" 209 SELECT DISTINCT(api_name), plural_label 210 FROM zcf_zohocrm_list_module 211 WHERE api_name != '' 212 AND api_name NOT IN ( 213 %s, %s, %s, %s, %s, 214 %s, %s, %s, %s, %s, 215 %s, %s, %s, %s, %s, 216 %s, %s, %s, %s, %s, 217 %s, %s, %s, %s 218 )", 'Visits', 'Vendors', 'Tasks', 'Social', 'Sales_Orders', 219 'Reports', 'Quotes', 'Purchase_Orders', 'Projects', 220 'Products', 'Price_Books', 'Notes', 'Invoices', 221 'Home', 'Feeds', 'Events', 'Emails', 'Documents', 222 'Dashboards', 'Campaigns', 'Calls', 'Attachments', 223 'Approvals', 'Activities'); 224 $layoutarray = $wpdb->get_results($layoutarrayquery ); 225 205 226 ?> 206 227 … … 263 284 <?php 264 285 global $wpdb; 265 $layoutarray = $wpdb->get_results("select distinct(api_name),plural_label from zcf_zohocrm_list_module where api_name !='' and api_name NOT IN('Visits','Vendors','Tasks','Social','Sales_Orders','Projects','Approvals','Products','Solution','Invoice','Estimate','Reports','Quotes','Purchase_Orders','WPjects','WPducts','Price_Books','Notes','Invoices','Home','Feeds','Events','Emails','Documents','Dashboards','Campaigns','Calls','Attachments','ApWPvals','Activities');"); 266 $rulearray = $wpdb->get_results("select * from zcf_zohocrm_assignmentrule"); 286 $layoutarrayquery = "SELECT DISTINCT(api_name), plural_label 287 FROM zcf_zohocrm_list_module 288 WHERE api_name != '' 289 AND api_name NOT IN ( 290 'Visits', 'Vendors', 'Tasks', 'Social', 'Sales_Orders', 291 'Projects', 'Approvals', 'Products', 'Solution', 'Invoice', 292 'Estimate', 'Reports', 'Quotes', 'Purchase_Orders', 293 'WPjects', 'WPducts', 'Price_Books', 'Notes', 294 'Invoices', 'Home', 'Feeds', 'Events', 'Emails', 295 'Documents', 'Dashboards', 'Campaigns', 'Calls', 296 'Attachments', 'ApWPvals', 'Activities' 297 ) 298 "; 299 $layoutarray = $wpdb->get_results($layoutarrayquery ); 300 $rulearrayquery = "SELECT * FROM zcf_zohocrm_assignmentrule"; 301 $rulearray = $wpdb->get_results($rulearrayquery ); 267 302 ?> 268 303 <div class='form-group col-md-12'> -
zoho-crm-forms/trunk/includes/crmwebformsfieldsmapping.php
r2917113 r3178280 55 55 $readonly = $data['readonly']; 56 56 $viewcreate_type = $data['viewcreate_type']; 57 $fields = $wpdb->get_results("select *from zcf_zohocrmform_field_manager where field_name='" . $field_name . "' and module_type='" . $module . "' and crm_type='" . $crm_type . "' and Layout_Name='" . $layoutname . "'"); 57 $fieldsquery = " 58 SELECT * 59 FROM zcf_zohocrmform_field_manager 60 WHERE field_name = %s 61 AND module_type = %s 62 AND crm_type = %s 63 AND Layout_Name = %s 64 "; 65 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $field_name, $module, $crm_type, $layoutname) ); 58 66 if (count($fields) == 0) { 59 67 $fields = $wpdb->insert('zcf_zohocrmform_field_manager', array('field_name' => "$field_name", 'field_label' => "$field_label", 'field_type' => "$field_type", 'field_values' => "$field_values", 'module_type' => "$module_type", 'field_mandatory' => $field_mandatory, 'crm_type' => "$crm_type", 'field_sequence' => $field_sequence, 'base_model' => "$base_model", 'last_modified_date' => date("Y-m-d H:i:s"), 'Layout_Name' => $layoutname, 'layoutId' => $layoutId, 'readonly' => $readonly, 'editupdate' => 0, 'viewcreate_type' => $viewcreate_type)); … … 78 86 $readonly = $data['readonly']; 79 87 $viewcreate_type = $data['viewcreate_type']; 80 $fields = $wpdb->get_results("select *from zcf_zohocrmform_field_manager where field_name='" . $field_name . "' and module_type='" . $module . "' and Layout_Name='" . $layoutname . "'"); 81 88 $fieldsquery = " 89 SELECT * 90 FROM zcf_zohocrmform_field_manager 91 WHERE field_name = %s 92 AND module_type = %s 93 AND Layout_Name = %s 94 "; 95 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $field_name, $module, $layoutname) ); 82 96 if (count($fields) == 0) { 83 97 $fields = $wpdb->insert('zcf_zohocrmform_field_manager', array('field_name' => "$field_name", 'field_label' => "$field_label", 'field_type' => "$field_type", 'field_values' => "$field_values", 'module_type' => "$module_type", 'field_mandatory' => $field_mandatory, 'crm_type' => "$crm_type", 'field_sequence' => $field_sequence, 'base_model' => "$base_model", 'last_modified_date' => date("Y-m-d H:i:s"), 'Layout_Name' => $layoutname, 'layoutId' => $layoutId, 'readonly' => $readonly, 'editupdate' => 1, 'viewcreate_type' => $viewcreate_type)); … … 118 132 $shortcodename = $shortcodedata->shortcode_name; 119 133 $shortcode_id = $shortcodedata->shortcode_id; 120 121 $fields = $wpdb->get_results("select ffm.* , sm.* from zcf_zohocrm_formfield_manager as ffm inner join zcf_zohocrmform_field_manager as fm on fm.field_id = ffm.field_id inner join zcf_zohoshortcode_manager as sm on sm.shortcode_id = ffm.shortcode_id where fm.field_name = '$field_name' and fm.module_type = '$module' and shortcode_name = '$shortcodename' and sm.crm_type = '$crm_type' "); 134 $fieldsquery = " 135 SELECT ffm.*, sm.* 136 FROM zcf_zohocrm_formfield_manager AS ffm 137 INNER JOIN zcf_zohocrmform_field_manager AS fm ON fm.field_id = ffm.field_id 138 INNER JOIN zcf_zohoshortcode_manager AS sm ON sm.shortcode_id = ffm.shortcode_id 139 WHERE fm.field_name = %s 140 AND fm.module_type = %s 141 AND sm.shortcode_name = %s 142 AND sm.crm_type = %s 143 "; 144 145 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $field_name, $module, $shortcodename, $crm_type) ); 122 146 $rel_id = isset($fields[0]) ? $fields[0]->rel_id : ""; 123 147 $field_id = isset($get_field_manager[0]) ? $get_field_manager[0]->field_id : ""; … … 163 187 $layout_name = $data['layout_name']; 164 188 $get_shortcodes = array(); 165 $get_shortcodes = $wpdb->get_results("select * from zcf_zohoshortcode_manager where module ='" . $module . "' "); 166 $get_field_manager = $wpdb->get_results("select * from zcf_zohocrmform_field_manager where module_type ='" . $module . "' and field_name ='" . $field_name . "' and Layout_Name ='" . $layout_name . "'"); 189 $module = sanitize_text_field($module); 190 $get_shortcodesquery = " 191 SELECT * 192 FROM zcf_zohoshortcode_manager 193 WHERE module = %s 194 "; 195 $get_shortcodes = $wpdb->get_results($wpdb->prepare($get_shortcodesquery, $module) ); 196 $field_name = sanitize_text_field($field_name); 197 $layout_name = sanitize_text_field($layout_name); 198 $get_field_managerquery = " 199 SELECT * 200 FROM zcf_zohocrmform_field_manager 201 WHERE module_type = %s 202 AND field_name = %s 203 AND Layout_Name = %s 204 "; 205 $get_field_manager = $wpdb->get_results($wpdb->prepare($get_field_managerquery, $module_sanitized, $field_name_sanitized, $layout_name_sanitized) ); 167 206 foreach ($get_shortcodes as $key => $shortcodedata) { 168 207 $fields = array(); 169 208 $shortcodename = $shortcodedata->shortcode_name; 170 209 $shortcode_id = $shortcodedata->shortcode_id; 171 $fields = $wpdb->get_results("select ffm.* , sm.* from zcf_zohocrm_formfield_manager as ffm inner join zcf_zohocrmform_field_manager as fm on fm.field_id = ffm.field_id inner join zcf_zohoshortcode_manager as sm on sm.shortcode_id = ffm.shortcode_id where fm.field_name = '$field_name' and fm.module_type = '$module' and sm.shortcode_name = '$shortcodename' "); 210 $field_name = sanitize_text_field($field_name); 211 $module = sanitize_text_field($module); 212 $shortcodename = sanitize_text_field($shortcodename); 213 $fieldsquery = " 214 SELECT ffm.*, sm.* 215 FROM zcf_zohocrm_formfield_manager AS ffm 216 INNER JOIN zcf_zohocrmform_field_manager AS fm ON fm.field_id = ffm.field_id 217 INNER JOIN zcf_zohoshortcode_manager AS sm ON sm.shortcode_id = ffm.shortcode_id 218 WHERE fm.field_name = %s 219 AND fm.module_type = %s 220 AND sm.shortcode_name = %s 221 "; 222 223 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $field_name, $module, $shortcodename) ); 172 224 $rel_id = isset($fields[0]) ? $fields[0]->rel_id : ""; 173 225 $field_id = isset($get_field_manager[0]) ? $get_field_manager[0]->field_id : ""; … … 250 302 function zcffieldsPropsettings($crmtype, $module, $layoutname) { 251 303 global $wpdb; 252 $fields = $wpdb->get_results("select *from zcf_zohocrmform_field_manager where crm_type = '" . $crmtype . "' and module_type = '" . $module . "' and Layout_Name = '" . $layoutname . "' and readonly != '1' and field_name !='Layout' and field_type NOT IN ('lookup','ownerlookup','multiselectlookup')"); 304 $fieldsquery = "SELECT * FROM zcf_zohocrmform_field_manager WHERE crm_type = %s AND module_type = %s AND Layout_Name = %s AND readonly != '1' AND field_name != 'Layout' AND field_type NOT IN ('lookup', 'ownerlookup', 'multiselectlookup')"; 305 $fields = $wpdb->get_results($wpdb->prepare($fieldsquery, $crmtype, $module, $layoutname) ); 306 253 307 return $fields; 254 308 } … … 257 311 global $wpdb; 258 312 $crm_type = 'crmformswpbuilder'; 259 $get_shortcode_id = $wpdb->get_results("select shortcode_id from zcf_zohoshortcode_manager where shortcode_name = '" . $shortcode_name . "' and crm_type ='" . $crm_type . "'"); 313 $shortcodequery = "SELECT shortcode_id FROM zcf_zohoshortcode_manager WHERE shortcode_name = %s AND crm_type =%s"; 314 $get_shortcode_id = $wpdb->get_results($wpdb->prepare($shortcodequery, $shortcode_name, $crm_type) ); 260 315 $shortcode_id = $get_shortcode_id[0]->shortcode_id; 261 $field = $wpdb->get_results("select fm.field_mandatory,ffm.defaultvalues,ffm.rel_id,ffm.hiddenfield,ffm.field_id,fm.field_name,ffm.zcf_field_mandatory,ffm.form_field_sequence,ffm.state,fm.editupdate,ffm.display_label,fm.field_label,fm.layoutId,ffm.custom_field_values,ffm.custom_field_type from zcf_zohocrmform_field_manager fm join zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id join zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id where sm.shortcode_id='{$shortcode_id}' and ffm.state=1 and fm.viewcreate_type=1 and fm.field_type NOT IN ('lookup','ownerlookup','multiselectlookup') group by fm.field_name order by ffm.form_field_sequence"); 262 $editupdatecount = $wpdb->get_results("select * from zcf_zohocrmform_field_manager fm join zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id join zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id where sm.shortcode_name='{$shortcode_name}' and fm.editupdate=1 and fm.viewcreate_type=1 group by fm.field_name"); 316 $fieldquery = "SELECT fm.field_mandatory,ffm.defaultvalues,ffm.rel_id,ffm.hiddenfield,ffm.field_id,fm.field_name,ffm.zcf_field_mandatory,ffm.form_field_sequence,ffm.state,fm.editupdate,ffm.display_label,fm.field_label,fm.layoutId,ffm.custom_field_values,ffm.custom_field_type FROM zcf_zohocrmform_field_manager fm JOIN zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id JOIN zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id 317 WHERE sm.shortcode_id = %d AND ffm.state = 1 AND fm.viewcreate_type = 1 AND fm.field_type NOT IN ('lookup', 'ownerlookup', 'multiselectlookup') GROUP BY fm.field_name ORDER BY ffm.form_field_sequence "; 318 319 $field = $wpdb->get_results($wpdb->prepare($fieldquery, $shortcode_id) ); 320 321 $editquery = "SELECT * 322 FROM zcf_zohocrmform_field_manager fm 323 JOIN zcf_zohocrm_formfield_manager ffm ON ffm.field_id = fm.field_id 324 JOIN zcf_zohoshortcode_manager sm ON sm.shortcode_id = ffm.shortcode_id 325 WHERE sm.shortcode_name = %s 326 AND fm.editupdate = 1 327 AND fm.viewcreate_type = 1 328 GROUP BY fm.field_name 329 "; 330 $editupdatecount = $wpdb->get_results($wpdb->prepare($editquery, $shortcode_name) ); 331 263 332 $i = 0; 264 333 $crmFields = array(); 265 334 266 335 foreach ($field as $newfields) { 336 337 267 338 $crmFields['fields'][$i]['field_id'] = $newfields->field_id; 268 339 $crmFields['fields'][$i]['name'] = $newfields->field_name; … … 296 367 } 297 368 $crmFields['fields']['editupdatecount'] = sizeof($editupdatecount); 298 299 369 return $crmFields; 300 370 } -
zoho-crm-forms/trunk/index.php
r3177807 r3178280 4 4 * Plugin Name: Zoho CRM Lead Magnet 5 5 * Description: Websites are one of the most important sources of leads for your business. That means your CRM system should be well integrated with your website to contextually capture each and every visitor to turn them into a lead.Introducing the Zoho CRM Lead Capture plugin for Wordpress. This lets you create webforms, embed them in your website, and automatically capture leads directly into your CRM with zero attenuation.Not only is the integration easy to set-up but it's also easy on your wallet. 6 * Version: 1.7.9. 16 * Version: 1.7.9.2 7 7 * ***************************************************************************************** */ 8 8 if (!defined('ABSPATH')) 9 9 exit; 10 10 11 define( 'ZCF_VERSION', '1.7.9. 1' );11 define( 'ZCF_VERSION', '1.7.9.2' ); 12 12 define( 'ZCF_LBPLUGINFILE', __FILE__ ); 13 13 define( 'ZCF_LBPLUGIN_URL', untrailingslashit( plugins_url( '', ZCF_LBPLUGINFILE ) ) );
Note: See TracChangeset
for help on using the changeset viewer.