REDROOM
PHP 8.2.31
Path:
Logout
Edit File
Size: 4.98 KB
Close
/home/nshryvcy/taramarriagebureau.com/wp-content/plugins/metform/core/entries/export.php
Text
Base64
<?php namespace MetForm\Core\Entries; use MetForm\Traits\Singleton; defined('ABSPATH') || exit; class Export { use Singleton; public function export_data($form_id) { if (!current_user_can('manage_options')) { return; } $fields = Action::instance()->get_fields($form_id); $title = get_the_title($form_id); global $wpdb; $entries = $wpdb->get_results($wpdb->prepare("SELECT `post_id` FROM `" . $wpdb->prefix . "postmeta` WHERE `meta_key` = 'metform_entries__form_id' AND `meta_value` = %d", $form_id), OBJECT); $entries = (is_array($entries)) ? $entries : []; $export = []; $header = []; foreach ($entries as $entry) { $entry_modify = []; $form_entry = get_post_meta($entry->post_id, 'metform_entries__form_data', true); $form_entry = (is_array($form_entry) ? $form_entry : []); $file_entry = get_post_meta($entry->post_id, 'metform_entries__file_upload_new', true); $file_entry = (is_array($file_entry) ? $file_entry : []); $entry_data = array_merge($form_entry, $file_entry); $entry_data = (is_array($entry_data)) ? $entry_data : []; $entry_modify['ID'] = $entry->post_id; $header['__id'] = 'ID'; foreach ($fields as $key => $value) { $header_key = (($value->mf_input_name != '') ? htmlspecialchars($value->mf_input_name) : $key); $header[$header_key] = empty($value->mf_input_label) ? $key : htmlspecialchars($value->mf_input_label); if ($value->widgetType == 'mf-file-upload' && isset($entry_data[$key])) { $entry_modify[$header_key] = (isset($entry_data[$key]) ? ((isset($entry_data[$key]['url'])) ? $entry_data[$key]['url'] : ' ') : ' '); for ($index = 0; $index < isset( $entry_data[$key] ) && is_array($entry_data[$key]) ? count($entry_data[$key]) : 0 ; $index++) { $entry_modify[$header_key] .= (esc_url($entry_data[$key][$index]['url']) . " \n"); } } else if ($value->widgetType == 'mf-simple-repeater') { $data_string = ''; if (is_array($entry_data[$key])) { foreach ($entry_data[$key] as $key => $value) { $data_string .= htmlspecialchars($key) . ": " . htmlspecialchars($value) . " \n"; } } $entry_modify[$header_key] = $data_string; } else { $entry_modify[$header_key] = (isset($entry_data[$key]) ? ((is_array($entry_data[$key])) ? implode(', ', $entry_data[$key]) : ($entry_data[$key])) : ' '); } // Prevent CSV injection by prefixing a single quote to values that begin with '=', '+', '-', '@' if (preg_match('/^(\=|\+|\-|\@)/', $entry_modify[$header_key])) { $entry_modify[$header_key] = "'" . ltrim($entry_modify[$header_key], '='); // ltrim remove the equal sign from the formula `=HYPERLINK()` will be `HYPERLINK()` } } $entry_modify['DATE'] = get_the_date('d-m-Y', $entry->post_id); $export[] = $entry_modify; $header['__dt'] = 'DATE'; } $file_name = $title . "-export-" . time() . ".csv"; // Sanitize the file name to prevent directory traversal $file_name = sanitize_file_name($file_name); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header('Content-Description: File Transfer'); header("Content-type: text/csv"); // Sanitize the file name to prevent CSV injection header("Content-Disposition: attachment; filename=\"" . str_replace(array('"', "'", "\\", "\0"), '', $file_name) . "\""); header("Expires: 0"); header("Pragma: public"); $file_pointer = @fopen('php://output', 'w'); $csv_header = false; // sort data usort($export, function ($item1, $item2) { return $item1['ID'] <=> $item2['ID']; }); foreach ($export as $data) { // Add a header row if it hasn't been added yet if (!$csv_header) { // Use the keys from $data as the titles // Sanitize the header row to prevent CSV injection fputcsv($file_pointer, array_map(function ($value) { return str_replace(array('"', "'", "\\", "\0"), '', $value); }, $header)); $csv_header = true; } // Sanitize the data to prevent CSV injection $sanitized_data = array_map(function ($value) { return str_replace(array('"', "'", "\\", "\0"), '', $value); }, $data); // Put the sanitized data into the stream fputcsv($file_pointer, $sanitized_data); } // Close the file fclose($file_pointer); exit; } }
Save
Close
Exit & Reset
Text mode: syntax highlighting auto-detects file type.
Directory Contents
Dirs: 0 × Files: 11
Delete Selected
Select All
Select None
Sort:
Name
Size
Modified
Enable drag-to-move
Name
Size
Perms
Modified
Actions
action.php
56.92 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
api.php
5.88 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
base.php
377 B
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
cpt.php
3.74 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
export.php
4.98 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
file-data-validation.php
8.61 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
form-data.php
34.01 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
hooks.php
6.01 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
map-el.php
3.65 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
meta-data.php
15.10 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
metform-shortcode.php
1.33 KB
lrw-r--r--
2025-05-02 01:52:50
Edit
Download
Rename
Chmod
Change Date
Delete
OK
Cancel
recursive
OK
Cancel
recursive
OK
Cancel
Zip Selected
If ZipArchive is unavailable, a
.tar
will be created (no compression).