GravityView  2.17
The best, easiest way to display Gravity Forms entries on your website.
class-delete-entry.php
Go to the documentation of this file.
1 <?php
2 /**
3  * The GravityView Delete Entry Extension
4  *
5  * Delete entries in GravityView.
6  *
7  * @since 1.5.1
8  * @package GravityView
9  * @license GPL2+
10  * @author GravityView <[email protected]>
11  * @link http://gravityview.co
12  * @copyright Copyright 2014, Katz Web Services, Inc.
13  */
14 
15 if ( ! defined( 'WPINC' ) ) {
16  die;
17 }
18 
19 /**
20  * @since 1.5.1
21  */
22 final class GravityView_Delete_Entry {
23 
24  static $file;
25  static $instance;
26  var $entry;
27  var $form;
28  var $view_id;
29  var $is_valid = null;
30 
31  /**
32  * Component instances.
33  * @var array
34  * @since 2.9.2
35  */
36  public $instances = array();
37 
38  /**
39  * The value of the `delete_redirect` option when the setting is to redirect to Multiple Entries after delete
40  * @since 2.9.2
41  */
42  const REDIRECT_TO_MULTIPLE_ENTRIES_VALUE = 1;
43 
44  /**
45  * The value of the `delete_redirect` option when the setting is to redirect to URL
46  * @since 2.9.2
47  */
48  const REDIRECT_TO_URL_VALUE = 2;
49 
50  function __construct() {
51 
52  self::$file = plugin_dir_path( __FILE__ );
53 
54  if ( is_admin() ) {
55  $this->load_components( 'admin' );
56  }
57 
58  $this->add_hooks();
59  }
60 
61  /**
62  * Load other files related to Delete Entry functionality
63  *
64  * @since 2.9.2
65  *
66  * @param $component
67  */
68  private function load_components( $component ) {
69 
70  $dir = trailingslashit( self::$file );
71 
72  $filename = $dir . 'class-delete-entry-' . $component . '.php';
73  $classname = 'GravityView_Delete_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
74 
75  // Loads component and pass extension's instance so that component can talk each other.
76  require_once $filename;
77 
78  $this->instances[ $component ] = new $classname( $this );
79  $this->instances[ $component ]->load();
80  }
81 
82  /**
83  * @since 1.9.2
84  */
85  private function add_hooks() {
86 
87  add_action( 'wp', array( $this, 'process_delete' ), 10000 );
88 
89  add_action( 'gravityview_before', array( $this, 'maybe_display_message' ) );
90 
91  // add template path to check for field
92  add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
93 
94  add_action( 'gravityview/edit-entry/publishing-action/after', array( $this, 'add_delete_button' ), 10, 4 );
95 
96  add_action( 'gravityview/delete-entry/deleted', array( $this, 'process_connected_posts' ), 10, 2 );
97  add_action( 'gravityview/delete-entry/trashed', array( $this, 'process_connected_posts' ), 10, 2 );
98 
99  add_filter( 'gravityview/field/is_visible', array( $this, 'maybe_not_visible' ), 10, 3 );
100 
101  add_filter( 'gravityview/api/reserved_query_args', array( $this, 'add_reserved_arg' ) );
102  }
103 
104  /**
105  * Adds "delete" to the list of internal reserved query args
106  *
107  * @since 2.10
108  *
109  * @param array $args Existing reserved args
110  *
111  * @return array
112  */
113  public function add_reserved_arg( $args ) {
114 
115  $args[] = 'delete';
116 
117  return $args;
118  }
119 
120  /**
121  * Return the instantiated class object
122  *
123  * @since 1.5.1
124  * @return GravityView_Delete_Entry
125  */
126  static function getInstance() {
127 
128  if ( empty( self::$instance ) ) {
129  self::$instance = new self();
130  }
131 
132  return self::$instance;
133  }
134 
135  /**
136  * Hide the field or not.
137  *
138  * For non-logged in users.
139  * For users that have no delete rights on any of the current entries.
140  *
141  * @param bool $visible Visible or not.
142  * @param \GV\Field $field The field.
143  * @param \GV\View $view The View context.
144  *
145  * @return bool
146  */
147  public function maybe_not_visible( $visible, $field, $view ) {
148  if ( 'delete_link' !== $field->ID ) {
149  return $visible;
150  }
151 
152  if ( ! $view ) {
153  return $visible;
154  }
155 
156  static $visibility_cache_for_view = array();
157 
158  if ( ! is_null( $result = \GV\Utils::get( $visibility_cache_for_view, $view->ID, null ) ) ) {
159  return $result;
160  }
161 
162  foreach ( $view->get_entries()->all() as $entry ) {
163  if ( self::check_user_cap_delete_entry( $entry->as_entry(), $field->as_configuration(), $view ) ) {
164  // At least one entry is deletable for this user
165  $visibility_cache_for_view[ $view->ID ] = true;
166  return true;
167  }
168  }
169 
170  $visibility_cache_for_view[ $view->ID ] = false;
171 
172  return false;
173  }
174 
175  /**
176  * Include this extension templates path
177  *
178  * @since 1.5.1
179  * @param array $file_paths List of template paths ordered
180  */
181  function add_template_path( $file_paths ) {
182 
183  // Index 100 is the default GravityView template path.
184  // Index 110 is Edit Entry link
185  $file_paths[115] = self::$file;
186 
187  return $file_paths;
188  }
189 
190  /**
191  * Make sure there's an entry
192  *
193  * @since 1.5.1
194  * @param [type] $entry [description]
195  */
196  function set_entry( $entry = null ) {
197  _deprecated_function( __METHOD__, '2.9.2' );
198  }
199 
200  /**
201  * Generate a consistent nonce key based on the Entry ID
202  *
203  * @since 1.5.1
204  * @param int $entry_id Entry ID
205  * @return string Key used to validate request
206  */
207  public static function get_nonce_key( $entry_id ) {
208  return sprintf( 'delete_%s', $entry_id );
209  }
210 
211  /**
212  * Generate a nonce link with the base URL of the current View embed
213  *
214  * We don't want to link to the single entry, because when deleted, there would be nothing to return to.
215  *
216  * @since 1.5.1
217  * @param array $entry Gravity Forms entry array
218  * @param int $view_id The View id. Not optional since 2.0
219  * @return string|null If directory link is valid, the URL to process the delete request. Otherwise, `NULL`.
220  */
221  public static function get_delete_link( $entry, $view_id = 0, $post_id = null ) {
222  if ( ! $view_id ) {
223  /** @deprecated path */
224  $view_id = gravityview_get_view_id();
225  }
226 
227  $base = GravityView_API::directory_link( $post_id ?: $view_id, true );
228 
229  if ( empty( $base ) ) {
230  gravityview()->log->error( 'Post ID does not exist: {post_id}', array( 'post_id' => $post_id ) );
231 
232  return null;
233  }
234 
235  $gv_entry = \GV\GF_Entry::from_entry( $entry );
236 
237  // Use the slug instead of the ID for consistent security
238  $entry_slug = $gv_entry->get_slug();
239 
240  /**
241  * @filter `gravityview/delete-entry/add_query_args` Modify whether to include passed $_GET parameters to the end of the url
242  * @since 2.10
243  * @param bool $add_query_params Whether to include passed $_GET parameters to the end of the Delete Link URL. Default: true.
244  */
245  $add_query_args = apply_filters( 'gravityview/delete-entry/add_query_args', true );
246 
247  if ( $add_query_args ) {
248  $base = add_query_arg( gv_get_query_args(), $base );
249  }
250 
251  $actionurl = add_query_arg(
252  array(
253  'action' => 'delete',
254  'entry_id' => $entry_slug,
255  'gvid' => $view_id,
256  'view_id' => $view_id,
257  ),
258  remove_query_arg( 'message', $base )
259  );
260 
261  $url = wp_nonce_url( $actionurl, 'delete_' . $entry_slug, 'delete' );
262 
263  return $url;
264  }
265 
266 
267  /**
268  * Add a Delete button to the "#publishing-action" section of the Delete Entry form
269  *
270  * @since 1.5.1
271  * @since 2.0.13 Added $post_id
272  *
273  * @param array $form Gravity Forms form array
274  * @param array $entry Gravity Forms entry array
275  * @param int $view_id GravityView View ID
276  * @param int $post_id Current post ID. May be same as View ID.
277  *
278  * @return void
279  */
280  public function add_delete_button( $form = array(), $entry = array(), $view_id = null, $post_id = null ) {
281 
282  // Only show the link to those who are allowed to see it.
283  if ( ! self::check_user_cap_delete_entry( $entry, array(), $view_id ) ) {
284  return;
285  }
286 
287  /**
288  * @filter `gravityview/delete-entry/show-delete-button` Should the Delete button be shown in the Edit Entry screen?
289  * @param boolean $show_entry Default: true
290  */
291  $show_delete_button = apply_filters( 'gravityview/delete-entry/show-delete-button', true );
292 
293  // If the button is hidden by the filter, don't show.
294  if ( ! $show_delete_button ) {
295  return;
296  }
297 
298  $attributes = array(
299  'class' => 'btn btn-sm button button-small alignright pull-right btn-danger gv-button-delete',
300  'tabindex' => ( GFCommon::$tab_index ++ ),
301  'onclick' => self::get_confirm_dialog(),
302  );
303 
304  $View = \GV\View::by_id( $view_id );
305 
306  $delete_label = __( 'Delete', 'Button label to delete an entry from the Edit Entry screen', 'gk-gravityview' );
307 
308  if ( $View ) {
309  $delete_label = $View->settings->get( 'action_label_delete', $delete_label );
310  }
311 
312  $delete_label = GFCommon::replace_variables( $delete_label, $form, $entry );
313 
314  echo gravityview_get_link( self::get_delete_link( $entry, $view_id, $post_id ), esc_html( $delete_label ), $attributes );
315  }
316 
317  /**
318  * Handle the deletion request, if $_GET['action'] is set to "delete"
319  *
320  * 1. Check referrer validity
321  * 2. Make sure there's an entry with the slug of $_GET['entry_id']
322  * 3. If so, attempt to delete the entry. If not, set the error status
323  * 4. Remove `action=delete` from the URL
324  * 5. Redirect to the page using `wp_redirect()`
325  *
326  * @since 1.5.1
327  * @uses wp_redirect()
328  * @return void
329  */
330  public function process_delete() {
331 
332  /* Unslash and Parse $_GET array. */
333  $get_fields = wp_parse_args(
334  wp_unslash( $_GET ),
335  array(
336  'action' => '',
337  'entry_id' => '',
338  'gvid' => '',
339  'view_id' => '',
340  'delete' => '',
341  )
342  );
343 
344  // If the form is not submitted, return early
345  if ( 'delete' !== $get_fields['action'] || empty( $get_fields['entry_id'] ) ) {
346  return;
347  }
348 
349  // Make sure it's a GravityView request
350  $valid_nonce_key = wp_verify_nonce( $get_fields['delete'], self::get_nonce_key( $get_fields['entry_id'] ) );
351 
352  if ( ! $valid_nonce_key ) {
353  gravityview()->log->debug( 'Delete entry not processed: nonce validation failed.' );
354 
355  return;
356  }
357 
358  // Get the entry slug
359  $entry_slug = esc_attr( $get_fields['entry_id'] );
360 
361  // Redirect after deleting the entry.
362  $view = \GV\View::by_id( $get_fields['view_id'] );
363 
364  // See if there's an entry there
365  $entry = gravityview_get_entry( $entry_slug, true, false, $view );
366 
367  $delete_redirect_base = esc_url_raw( remove_query_arg( array( 'action', 'gvid', 'entry_id' ) ) );
368 
369  if ( ! $entry ) {
370 
371  gravityview()->log->debug( 'Delete entry failed: there was no entry with the entry slug {entry_slug}', array( 'entry_slug' => $entry_slug ) );
372 
373  $this->_redirect_and_exit( $delete_redirect_base, __( 'The entry does not exist.', 'gk-gravityview' ), 'error' );
374  }
375 
376  $has_permission = $this->user_can_delete_entry( $entry, \GV\Utils::_GET( 'gvid', \GV\Utils::_GET( 'view_id' ) ) );
377 
378  if ( is_wp_error( $has_permission ) ) {
379  $this->_redirect_and_exit( $delete_redirect_base, $has_permission->get_error_message(), 'error' );
380  }
381 
382  // Delete the entry
383  $delete_response = $this->delete_or_trash_entry( $entry );
384 
385  if ( is_wp_error( $delete_response ) ) {
386  $this->_redirect_and_exit( $delete_redirect_base, $delete_response->get_error_message(), 'error' );
387  }
388 
389  if ( (int) $view->settings->get( 'delete_redirect' ) === self::REDIRECT_TO_URL_VALUE ) {
390 
391  $form = GFAPI::get_form( $entry['form_id'] );
392  $redirect_url_setting = $view->settings->get( 'delete_redirect_url' );
393  $redirect_url = GFCommon::replace_variables( $redirect_url_setting, $form, $entry, false, false, false, 'text' );
394 
395  $this->_redirect_and_exit( $redirect_url, '', '', false );
396  }
397 
398  // Redirect to multiple entries
399  $this->_redirect_and_exit( $delete_redirect_base, '', $delete_response, true );
400  }
401 
402  /**
403  * Redirects the user to a URL and exits.
404  *
405  * @since 2.9.2
406  *
407  * @param string $url The URL to redirect to.
408  * @param string $message Message to pass through URL.
409  * @param string $status The deletion status ("deleted", "trashed", or "error").
410  * @param bool $safe_redirect Whether to use wp_safe_redirect() or not.
411  */
412  private function _redirect_and_exit( $url, $message = '', $status = '', $safe_redirect = true ) {
413 
414  $delete_redirect_args = array(
415  'status' => $status,
416  'message' => $message,
417  );
418 
419  $delete_redirect_args = array_filter( $delete_redirect_args );
420 
421  /**
422  * @filter `gravityview/delete-entry/redirect-args` Modify the query args added to the delete entry redirect
423  * @since 2.9.2
424  *
425  * @param array $delete_redirect_args Array with `_delete_nonce`, `message` and `status` keys
426  */
427  $delete_redirect_args = apply_filters( 'gravityview/delete-entry/redirect-args', $delete_redirect_args );
428 
429  $delete_redirect_url = add_query_arg( $delete_redirect_args, $url );
430 
431  if ( $safe_redirect ) {
432  wp_safe_redirect( $delete_redirect_url );
433  } else {
434  wp_redirect( $delete_redirect_url );
435  }
436 
437  exit();
438  }
439 
440  /**
441  * Delete mode: permanently delete, or move to trash?
442  *
443  * @return string `delete` or `trash`
444  */
445  private function get_delete_mode() {
446 
447  /**
448  * @filter `gravityview/delete-entry/mode` Delete mode: permanently delete, or move to trash?
449  * @since 1.13.1
450  * @param string $delete_mode Delete mode: `trash` or `delete`. Default: `delete`
451  */
452  $delete_mode = apply_filters( 'gravityview/delete-entry/mode', 'delete' );
453 
454  return ( 'trash' === $delete_mode ) ? 'trash' : 'delete';
455  }
456 
457  /**
458  * @since 1.13.1
459  *
460  * @uses GFAPI::delete_entry()
461  * @uses GFAPI::update_entry_property()
462  *
463  * @return WP_Error|string "deleted" or "trashed" if successful, WP_Error if GFAPI::delete_entry() or updating entry failed.
464  */
465  private function delete_or_trash_entry( $entry ) {
466 
467  $entry_id = $entry['id'];
468 
469  $mode = $this->get_delete_mode();
470 
471  if ( 'delete' === $mode ) {
472 
473  gravityview()->log->debug( 'Starting delete entry: {entry_id}', array( 'entry_id' => $entry_id ) );
474 
475  // Delete the entry
476  $delete_response = GFAPI::delete_entry( $entry_id );
477 
478  if ( ! is_wp_error( $delete_response ) ) {
479  $delete_response = 'deleted';
480 
481  /**
482  * @action `gravityview/delete-entry/deleted` Triggered when an entry is deleted
483  * @since 1.16.4
484  * @param int $entry_id ID of the Gravity Forms entry
485  * @param array $entry Deleted entry array
486  */
487  do_action( 'gravityview/delete-entry/deleted', $entry_id, $entry );
488  }
489 
490  gravityview()->log->debug( 'Delete response: {delete_response}', array( 'delete_response' => $delete_response ) );
491 
492  } else {
493 
494  gravityview()->log->debug( 'Starting trash entry: {entry_id}', array( 'entry_id' => $entry_id ) );
495 
496  $trashed = GFAPI::update_entry_property( $entry_id, 'status', 'trash' );
497  new GravityView_Cache();
498 
499  if ( ! $trashed ) {
500  $delete_response = new WP_Error( 'trash_entry_failed', __( 'Moving the entry to the trash failed.', 'gk-gravityview' ) );
501  } else {
502 
503  /**
504  * @action `gravityview/delete-entry/trashed` Triggered when an entry is trashed
505  * @since 1.16.4
506  * @param int $entry_id ID of the Gravity Forms entry
507  * @param array $entry Deleted entry array
508  */
509  do_action( 'gravityview/delete-entry/trashed', $entry_id, $entry );
510 
511  $delete_response = 'trashed';
512  }
513 
514  gravityview()->log->debug( ' Trashed? {delete_response}', array( 'delete_response' => $delete_response ) );
515  }
516 
517  return $delete_response;
518  }
519 
520  /**
521  * Delete or trash a post connected to an entry
522  *
523  * @since 1.17
524  *
525  * @param int $entry_id ID of entry being deleted/trashed
526  * @param array $entry Array of the entry being deleted/trashed
527  */
528  public function process_connected_posts( $entry_id = 0, $entry = array() ) {
529 
530  // The entry had no connected post
531  if ( empty( $entry['post_id'] ) ) {
532  return;
533  }
534 
535  /**
536  * @filter `gravityview/delete-entry/delete-connected-post` Should posts connected to an entry be deleted when the entry is deleted?
537  * @since 1.17
538  * @param boolean $delete_post If trashing an entry, trash the post. If deleting an entry, delete the post. Default: true
539  */
540  $delete_post = apply_filters( 'gravityview/delete-entry/delete-connected-post', true );
541 
542  if ( false === $delete_post ) {
543  return;
544  }
545 
546  $action = current_action();
547 
548  if ( 'gravityview/delete-entry/deleted' === $action ) {
549  $result = wp_delete_post( $entry['post_id'], true );
550  } else {
551  $result = wp_trash_post( $entry['post_id'] );
552  }
553 
554  if ( false === $result ) {
555  gravityview()->log->error(
556  '(called by {action}): Error processing the Post connected to the entry.',
557  array(
558  'action' => $action,
559  'data' => $entry,
560  )
561  );
562  } else {
563  gravityview()->log->debug(
564  '(called by {action}): Successfully processed Post connected to the entry.',
565  array(
566  'action' => $action,
567  'data' => $entry,
568  )
569  );
570  }
571  }
572 
573  /**
574  * Is the current nonce valid for editing the entry?
575  *
576  * @since 1.5.1
577  * @return boolean
578  */
579  public function verify_nonce() {
580 
581  // No delete entry request was made
582  if ( empty( $_GET['entry_id'] ) || empty( $_GET['delete'] ) ) {
583  return false;
584  }
585 
586  $nonce_key = self::get_nonce_key( $_GET['entry_id'] );
587 
588  $valid = wp_verify_nonce( $_GET['delete'], $nonce_key );
589 
590  /**
591  * @filter `gravityview/delete-entry/verify_nonce` Override Delete Entry nonce validation. Return true to declare nonce valid.
592  * @since 1.15.2
593  * @see wp_verify_nonce()
594  * @param int|boolean $valid False if invalid; 1 or 2 when nonce was generated
595  * @param string $nonce_key Name of nonce action used in wp_verify_nonce. $_GET['delete'] holds the nonce value itself. Default: `delete_{entry_id}`
596  */
597  $valid = apply_filters( 'gravityview/delete-entry/verify_nonce', $valid, $nonce_key );
598 
599  return $valid;
600  }
601 
602  /**
603  * Get the onclick attribute for the confirm dialogs that warns users before they delete an entry
604  *
605  * @since 1.5.1
606  * @return string HTML `onclick` attribute
607  */
608  public static function get_confirm_dialog() {
609 
610  $confirm = __( 'Are you sure you want to delete this entry? This cannot be undone.', 'gk-gravityview' );
611 
612  /**
613  * @filter `gravityview/delete-entry/confirm-text` Modify the Delete Entry Javascript confirmation text
614  * @param string $confirm Default: "Are you sure you want to delete this entry? This cannot be undone."
615  */
616  $confirm = apply_filters( 'gravityview/delete-entry/confirm-text', $confirm );
617 
618  return 'return window.confirm(\'' . esc_js( $confirm ) . '\');';
619  }
620 
621  /**
622  * Check if the user can edit the entry
623  *
624  * - Is the nonce valid?
625  * - Does the user have the right caps for the entry
626  * - Is the entry in the trash?
627  *
628  * @since 1.5.1
629  * @param array $entry Gravity Forms entry array
630  * @return boolean|WP_Error True: can edit form. WP_Error: nope.
631  */
632  function user_can_delete_entry( $entry = array(), $view_id = null ) {
633 
634  $error = null;
635 
636  if ( ! $this->verify_nonce() ) {
637  $error = __( 'The link to delete this entry is not valid; it may have expired.', 'gk-gravityview' );
638  }
639 
640  if ( ! self::check_user_cap_delete_entry( $entry, array(), $view_id ) ) {
641  $error = __( 'You do not have permission to delete this entry.', 'gk-gravityview' );
642  }
643 
644  if ( $entry['status'] === 'trash' ) {
645  if ( 'trash' === $this->get_delete_mode() ) {
646  $error = __( 'The entry is already in the trash.', 'gk-gravityview' );
647  } else {
648  $error = __( 'You cannot delete the entry; it is already in the trash.', 'gk-gravityview' );
649  }
650  }
651 
652  // No errors; everything's fine here!
653  if ( empty( $error ) ) {
654  return true;
655  }
656 
657  gravityview()->log->error( '{error}', array( 'erorr' => $error ) );
658 
659  return new WP_Error( 'gravityview-delete-entry-permissions', $error );
660  }
661 
662 
663  /**
664  * checks if user has permissions to view the link or delete a specific entry
665  *
666  * @since 1.5.1
667  * @since 1.15 Added `$view_id` param
668  *
669  * @param array $entry Gravity Forms entry array
670  * @param array $field Field settings (optional)
671  * @param int|\GV\View $view Pass a View ID to check caps against. If not set, check against current View (@deprecated no longer optional)
672  * @return bool
673  */
674  public static function check_user_cap_delete_entry( $entry, $field = array(), $view = 0 ) {
675  if ( ! $view ) {
676  /** @deprecated path */
677  $view_id = GravityView_View::getInstance()->getViewId();
678  $view = \GV\View::by_id( $view_id );
679  } else {
680  if ( ! $view instanceof \GV\View ) {
681  $view = \GV\View::by_id( $view );
682  }
683  $view_id = $view->ID;
684  }
685 
686  $current_user = wp_get_current_user();
687 
688  $entry_id = isset( $entry['id'] ) ? $entry['id'] : null;
689 
690  // Or if they can delete any entries (as defined in Gravity Forms), we're good.
691  if ( GVCommon::has_cap( array( 'gravityforms_delete_entries', 'gravityview_delete_others_entries' ), $entry_id ) ) {
692 
693  gravityview()->log->debug( 'Current user has `gravityforms_delete_entries` or `gravityview_delete_others_entries` capability.' );
694 
695  return true;
696  }
697 
698  // If field options are passed, check if current user can view the link
699  if ( ! empty( $field ) ) {
700 
701  // If capability is not defined, something is not right!
702  if ( empty( $field['allow_edit_cap'] ) ) {
703 
704  gravityview()->log->error( 'Cannot read delete entry field caps', array( 'data' => $field ) );
705 
706  return false;
707  }
708 
709  if ( GVCommon::has_cap( $field['allow_edit_cap'] ) ) {
710 
711  // Do not return true if cap is read, as we need to check if the current user created the entry
712  if ( $field['allow_edit_cap'] !== 'read' ) {
713  return true;
714  }
715  } else {
716 
717  gravityview()->log->debug( 'User {user_id} is not authorized to view delete entry link ', array( 'user_id' => $current_user->ID ) );
718 
719  return false;
720  }
721  }
722 
723  if ( ! isset( $entry['created_by'] ) ) {
724 
725  gravityview()->log->error( 'Entry `created_by` doesn\'t exist.' );
726 
727  return false;
728  }
729 
730  $user_delete = $view->settings->get( 'user_delete' );
731 
732  // Only checks user_delete view option if view is already set
733  if ( $view && empty( $user_delete ) ) {
734  gravityview()->log->debug( 'User Delete is disabled. Returning false.' );
735  return false;
736  }
737 
738  // If the logged-in user is the same as the user who created the entry, we're good.
739  if ( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
740 
741  gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id' => $current_user->ID ) );
742 
743  return true;
744  }
745 
746  return false;
747  }
748 
749 
750  /**
751  * After processing delete entry, the user will be redirected to the referring View or embedded post/page. Display a message on redirection.
752  *
753  * If success, there will be `status` URL parameters `status=>success`
754  * If an error, there will be `status` and `message` URL parameters `status=>error&message=example`
755  *
756  * @since 1.15.2 Only show message when the URL parameter's View ID matches the current View ID
757  * @since 1.5.1
758  *
759  * @param int $current_view_id The ID of the View being rendered
760  * @return void
761  */
762  public function maybe_display_message( $current_view_id = 0 ) {
763 
764  if ( empty( $_GET['status'] ) || ! self::verify_nonce() ) {
765  return;
766  }
767 
768  // Entry wasn't deleted from current View
769  if ( isset( $_GET['view_id'] ) && intval( $_GET['view_id'] ) !== intval( $current_view_id ) ) {
770  return;
771  }
772 
773  $this->display_message();
774  }
775 
776  public function display_message() {
777 
778  if ( empty( $_GET['status'] ) || empty( $_GET['delete'] ) ) {
779  return;
780  }
781 
782  $status = esc_attr( $_GET['status'] );
783  $message_from_url = \GV\Utils::_GET( 'message', '' );
784  $message_from_url = rawurldecode( stripslashes_deep( $message_from_url ) );
785  $class = '';
786 
787  switch ( $status ) {
788  case 'error':
789  $class = ' gv-error error';
790  $error_message = __( 'There was an error deleting the entry: %s', 'gk-gravityview' );
791  $message = sprintf( $error_message, $message_from_url );
792  break;
793  case 'trashed':
794  $message = __( 'The entry was successfully moved to the trash.', 'gk-gravityview' );
795  break;
796  default:
797  $message = __( 'The entry was successfully deleted.', 'gk-gravityview' );
798  break;
799  }
800 
801  /**
802  * @filter `gravityview/delete-entry/message` Modify the Delete Entry messages
803  * @since 1.13.1
804  * @param string $message Message to be displayed
805  * @param string $status Message status (`error` or `success`)
806  * @param string $message_from_url The original error message, if any, without the "There was an error deleting the entry:" prefix
807  */
808  $message = apply_filters( 'gravityview/delete-entry/message', esc_attr( $message ), $status, $message_from_url );
809 
810  echo GVCommon::generate_notice( $message, $class );
811  }
812 
813 
814 } // end class
815 
816 GravityView_Delete_Entry::getInstance();
817 
GravityView_Delete_Entry\process_connected_posts
process_connected_posts( $entry_id=0, $entry=array())
Delete or trash a post connected to an entry.
Definition: class-delete-entry.php:528
gravityview_get_view_id
gravityview_get_view_id()
Get the current View ID being rendered.
Definition: class-api.php:1308
$url
$url
Definition: post_image.php:25
GravityView_Delete_Entry\$is_valid
$is_valid
Definition: class-delete-entry.php:29
GravityView_Delete_Entry\verify_nonce
verify_nonce()
Is the current nonce valid for editing the entry?
Definition: class-delete-entry.php:579
GravityView_Delete_Entry\get_delete_link
static get_delete_link( $entry, $view_id=0, $post_id=null)
Generate a nonce link with the base URL of the current View embed.
Definition: class-delete-entry.php:221
GV\Utils\_GET
static _GET( $name, $default=null)
Grab a value from the _GET superglobal or default.
Definition: class-gv-utils.php:21
GravityView_Delete_Entry\user_can_delete_entry
user_can_delete_entry( $entry=array(), $view_id=null)
Check if the user can edit the entry.
Definition: class-delete-entry.php:632
GravityView_View\getInstance
static getInstance( $passed_post=NULL)
Definition: class-template.php:195
GravityView_Delete_Entry\_redirect_and_exit
_redirect_and_exit( $url, $message='', $status='', $safe_redirect=true)
Redirects the user to a URL and exits.
Definition: class-delete-entry.php:412
GravityView_Cache
new GravityView_Cache
Definition: class-cache.php:666
$add_query_args
$add_query_args
Definition: field-entry_link-html.php:46
GravityView_Delete_Entry\load_components
load_components( $component)
Load other files related to Delete Entry functionality.
Definition: class-delete-entry.php:68
GravityView_Delete_Entry\process_delete
process_delete()
Handle the deletion request, if $_GET[&#39;action&#39;] is set to "delete".
Definition: class-delete-entry.php:330
GravityView_Delete_Entry\$entry
$entry
Definition: class-delete-entry.php:26
GravityView_Delete_Entry\$form
$form
Definition: class-delete-entry.php:27
GravityView_Delete_Entry\display_message
display_message()
Definition: class-delete-entry.php:776
GravityView_Delete_Entry\$instance
static $instance
Definition: class-delete-entry.php:25
$class
$class
Definition: entry_approval.php:24
GVCommon\generate_notice
static generate_notice( $notice, $class='', $cap='', $object_id=null)
Display updated/error notice.
Definition: class-common.php:1857
gravityview_get_link
gravityview_get_link( $href='', $anchor_text='', $atts=array())
Generate an HTML anchor tag with a list of supported attributes.
Definition: class-common.php:1931
gravityview_get_entry
gravityview_get_entry( $entry_slug, $force_allow_ids=false, $check_entry_display=true, $view=null)
Return a single entry object.
Definition: connector-functions.php:119
GV\GF_Entry\from_entry
static from_entry( $entry)
Construct a instance from a Gravity Forms entry array.
Definition: class-gv-entry-gravityforms.php:108
GravityView_API\directory_link
static directory_link( $post_id=NULL, $add_query_args=true, $context=null)
Generate a URL to the Directory context.
Definition: class-api.php:399
GravityView_Delete_Entry\__construct
__construct()
Definition: class-delete-entry.php:50
GravityView_Delete_Entry
Definition: class-delete-entry.php:22
GravityView_Delete_Entry\get_confirm_dialog
static get_confirm_dialog()
Get the onclick attribute for the confirm dialogs that warns users before they delete an entry...
Definition: class-delete-entry.php:608
GravityView_Delete_Entry\check_user_cap_delete_entry
static check_user_cap_delete_entry( $entry, $field=array(), $view=0)
checks if user has permissions to view the link or delete a specific entry
Definition: class-delete-entry.php:674
GravityView_Delete_Entry\maybe_not_visible
maybe_not_visible( $visible, $field, $view)
Hide the field or not.
Definition: class-delete-entry.php:147
GravityView_Delete_Entry\add_delete_button
add_delete_button( $form=array(), $entry=array(), $view_id=null, $post_id=null)
Add a Delete button to the "#publishing-action" section of the Delete Entry form. ...
Definition: class-delete-entry.php:280
GravityView_Delete_Entry\delete_or_trash_entry
delete_or_trash_entry( $entry)
Definition: class-delete-entry.php:465
GV\View\by_id
static by_id( $post_id)
Construct a instance from a post ID.
Definition: class-gv-view.php:818
GravityView_Delete_Entry\$instances
$instances
Definition: class-delete-entry.php:36
GravityView_Delete_Entry\set_entry
set_entry( $entry=null)
Make sure there&#39;s an entry.
Definition: class-delete-entry.php:196
GravityView_Delete_Entry\getInstance
static getInstance()
Return the instantiated class object.
Definition: class-delete-entry.php:126
GravityView_Delete_Entry\add_template_path
add_template_path( $file_paths)
Include this extension templates path.
Definition: class-delete-entry.php:181
GravityView_Delete_Entry\REDIRECT_TO_URL_VALUE
const REDIRECT_TO_URL_VALUE
The value of the delete_redirect option when the setting is to redirect to URL.
Definition: class-delete-entry.php:48
GravityView_Delete_Entry\add_hooks
add_hooks()
Definition: class-delete-entry.php:85
gravityview
gravityview()
The main GravityView wrapper function.
Definition: future/gravityview.php:26
gv_get_query_args
gv_get_query_args()
Returns query parameters from $_GET with reserved internal GravityView keys removed.
Definition: class-api.php:793
GravityView_Delete_Entry\$file
static $file
Definition: class-delete-entry.php:24
$entry_slug
$entry_slug
Definition: notes.php:30
GVCommon\has_cap
static has_cap( $caps='', $object_id=null, $user_id=null)
Alias of GravityView_Roles_Capabilities::has_cap()
Definition: class-common.php:77
GravityView_Delete_Entry\get_delete_mode
get_delete_mode()
Delete mode: permanently delete, or move to trash?
Definition: class-delete-entry.php:445
$attributes
$attributes
Definition: delete_link.php:25
GravityView_Delete_Entry\maybe_display_message
maybe_display_message( $current_view_id=0)
After processing delete entry, the user will be redirected to the referring View or embedded post/pag...
Definition: class-delete-entry.php:762
GravityView_Delete_Entry\$view_id
$view_id
Definition: class-delete-entry.php:28
GravityView_Delete_Entry\get_nonce_key
static get_nonce_key( $entry_id)
Generate a consistent nonce key based on the Entry ID.
Definition: class-delete-entry.php:207
GravityView_Delete_Entry\REDIRECT_TO_MULTIPLE_ENTRIES_VALUE
const REDIRECT_TO_MULTIPLE_ENTRIES_VALUE
The value of the delete_redirect option when the setting is to redirect to Multiple Entries after del...
Definition: class-delete-entry.php:42
GravityView_Delete_Entry\add_reserved_arg
add_reserved_arg( $args)
Adds "delete" to the list of internal reserved query args.
Definition: class-delete-entry.php:113