Set file upload limits.

Kendysond · Kendysond · commit 550d8be29fd5 · 2016-09-11T23:49:11.000+01:00
diff --git a/admin/class-paystack-forms-admin.php b/admin/class-paystack-forms-admin.php
@@ -284,7 +284,10 @@ function help_metabox_details( $post ) {
 			<div class="awesome-meta-admin">
 				Email field is added automatically, no need to include that.<br /><br />
 				To make an input field compulsory add <code> required="required" </code> to the shortcode <br /><br />
-				It should look like this <code> [text name="Full Name" required="required" ]</code>
+				It should look like this <code> [text name="Full Name" required="required" ]</code><br /><br />
+
+				<b style="color:red;">Warning:</b> Using the file input field may cause data overload on your server.
+				 Be sure you have enough server space before using it. You also have the ability to set file upload limits.
 
 			</div>
 
@@ -311,9 +314,11 @@ function wpt_form_data() {
 			$successmsg = get_post_meta($post->ID, '_successmsg', true);
 			$txncharge = get_post_meta($post->ID, '_txncharge', true);
 			$loggedin = get_post_meta($post->ID, '_loggedin', true);
-	    $currency = get_post_meta($post->ID, '_currency', true);
+			$currency = get_post_meta($post->ID, '_currency', true);
+	    $filelimit = get_post_meta($post->ID, '_filelimit', true);
 
 			if ($amount == "") {$amount = 0;}
+			if ($filelimit == "") {$filelimit = 2;}
 			if ($paybtn == "") {$paybtn = 'Pay';}
 			if ($successmsg == "") {$successmsg = 'Thank you for paying!';}
 			if ($currency == "") {$currency = 'NGN';}
@@ -337,6 +342,8 @@ function wpt_form_data() {
 						</select>';
 	  	echo '<p>Success Message after Payment</p>';
 	    echo '<textarea rows="3"  name="_successmsg"  class="widefat" >'.$successmsg.'</textarea>';
+			echo '<p>File Upload Limit(MB):</p>';
+	  	echo '<input ttype="number" name="_filelimit" value="' . $filelimit  . '" class="widefat  pf-number" />';
 
 	  }
 
@@ -355,16 +362,17 @@ function wpt_form_data_meta($post_id, $post) {
 			// OK, we're authenticated: we need to find and save the data
 			// We'll put it into an array to make it easier to loop though.
 
-		  $events_meta['_amount'] = $_POST['_amount'];
-			$events_meta['_paybtn'] = $_POST['_paybtn'];
-			$events_meta['_currency'] = $_POST['_currency'];
-			$events_meta['_successmsg'] = $_POST['_successmsg'];
-			$events_meta['_txncharge'] = $_POST['_txncharge'];
-			$events_meta['_loggedin'] = $_POST['_loggedin'];
+		  $$form_meta['_amount'] = $_POST['_amount'];
+			$$form_meta['_paybtn'] = $_POST['_paybtn'];
+			$$form_meta['_currency'] = $_POST['_currency'];
+			$$form_meta['_successmsg'] = $_POST['_successmsg'];
+			$$form_meta['_txncharge'] = $_POST['_txncharge'];
+			$$form_meta['_loggedin'] = $_POST['_loggedin'];
+			$$form_meta['_filelimit'] = $_POST['_filelimit'];
 
-			// Add values of $events_meta as custom fields
+			// Add values of $$form_meta as custom fields
 
-			foreach ($events_meta as $key => $value) { // Cycle through the $events_meta array!
+			foreach ($$form_meta as $key => $value) { // Cycle through the $$form_meta array!
 				if( $post->post_type == 'revision' ) return; // Don't store custom data twice
 				$value = implode(',', (array)$value); // If $value is an array, make it a CSV (unlikely)
 				if(get_post_meta($post->ID, $key, FALSE)) { // If the custom field already has a value
diff --git a/public/class-paystack-forms-public.php b/public/class-paystack-forms-public.php
@@ -308,8 +308,8 @@ function get_the_user_ip() {
 add_action( 'wp_ajax_nopriv_paystack_submit_action', 'paystack_submit_action' );
 function paystack_submit_action() {
   if (trim($_POST['pf-pemail']) == '') {
-    $response['error'] = true;
-  	$response['error_message'] = 'Email is required';
+    $response['result'] = 'failed';
+  	$response['message'] = 'Email is required';
 
   	// Exit here, for not processing further because of the error
   	exit(json_encode($response));
@@ -330,18 +330,27 @@ function paystack_submit_action() {
 
 	$fixedmetadata = paystack_meta_as_custom_fields($metadata);
 
+	$filelimit = get_post_meta($_POST["pf-id"],'_filelimit',true);
+
+	$maxFileSize = $filelimit * 1024 * 1024;
+
 	if(!empty($_FILES)){
 		foreach ($_FILES as $keyname => $value) {
 			if ($value['size'] > 0) {
-				$attachment_id = media_handle_upload($keyname, $_POST["pf-id"]);
-				$url = wp_get_attachment_url( $attachment_id);
-				// $metadata[$keyname] = $url;
-				$fixedmetadata[] = [
-					'display_name' => ucwords(str_replace("_", " ", $keyname)),
-					'variable_name' => $keyname,
-		      'type' => 'link',
-		      'value' => $url
-				];
+				if ($value['size'] > $maxFileSize) {
+					$response['result'] = 'failed';
+			  	$response['message'] = 'Max upload size is '.$filelimit."MB";
+					exit(json_encode($response));
+				}else{
+					$attachment_id = media_handle_upload($keyname, $_POST["pf-id"]);
+					$url = wp_get_attachment_url( $attachment_id);
+					$fixedmetadata[] = [
+						'display_name' => ucwords(str_replace("_", " ", $keyname)),
+						'variable_name' => $keyname,
+			      'type' => 'link',
+			      'value' => $url
+					];
+				}
 			}else{
 				$fixedmetadata[] = [
 					'display_name' => ucwords(str_replace("_", " ", $keyname)),
diff --git a/public/js/paystack-forms-public.js b/public/js/paystack-forms-public.js
@@ -77,69 +77,59 @@
 				e.preventDefault();
 
 				$.blockUI({ message: 'Please wait...' });
-	// 			$.ajax({
-	// 				 type: 'POST',
-	// 				 url: $form.attr('action'),
-	// 				 data: fd,
-	// 				 contentType: false,
-	// 				 processData: false,
-	// dataType: "json",
-	// 				 success: function(response){
-	//
-	//  $('#image_gallery').val(response['attachment_idss']);
-	//
-	// 				 }
-	// 		 });
-	var formdata = new FormData(this);
 
-	$.ajax({
-     url: $form.attr('action'),
-     type: "POST",
-     data: formdata,
-     mimeTypes:"multipart/form-data",
-     contentType: false,
-     cache: false,
-     processData: false,
-		 dataType:"JSON",
-     success: function(data){
-			$.unblockUI();
-		// console.log(data);
- 			if (data.result == 'success'){
-	 				var handler = PaystackPop.setup({
-	 					key: settings.key,
-	 					email: data.email,
-	 					amount: data.total,
-	 					ref: data.code,
-	 					metadata: {'custom_fields': data.custom_fields},
-	 					callback: function(response){
-	 						$.blockUI({ message: 'Please wait...' });
-	 						$.post($form.attr('action'), {'action':'paystack_confirm_payment','code':response.trxref}, function(newdata) {
-	 									data = JSON.parse(newdata);
-	 									if (data.result == 'success'){
-	 										$('.paystack-form')[0].reset();
-	 										$('html,body').animate({ scrollTop: $('.paystack-form').offset().top - 110 }, 500);
+				var formdata = new FormData(this);
 
-	 										self.before('<pre>'+data.message+'</pre>');
-	 										$(this).find("input, select, textarea").each(function() {
-	 												$(this).css({ "border-color":"#d1d1d1" });
-	 										});
+				$.ajax({
+			     url: $form.attr('action'),
+			     type: "POST",
+			     data: formdata,
+			     mimeTypes:"multipart/form-data",
+			     contentType: false,
+			     cache: false,
+			     processData: false,
+					 dataType:"JSON",
+			     success: function(data){
+							$.unblockUI();
+							if (data.result == 'success'){
+								var handler = PaystackPop.setup({
+				 					key: settings.key,
+				 					email: data.email,
+				 					amount: data.total,
+				 					ref: data.code,
+				 					metadata: {'custom_fields': data.custom_fields},
+				 					callback: function(response){
+				 						$.blockUI({ message: 'Please wait...' });
+				 						$.post($form.attr('action'), {'action':'paystack_confirm_payment','code':response.trxref}, function(newdata) {
+				 									data = JSON.parse(newdata);
+				 									if (data.result == 'success'){
+				 										$('.paystack-form')[0].reset();
+				 										$('html,body').animate({ scrollTop: $('.paystack-form').offset().top - 110 }, 500);
 
-	 										$.unblockUI();
-	 									}else{
-	 										self.before('<pre>'+data.message+'</pre>');
-	 										$.unblockUI();
-	 									}
-	 							});
-	 					},
-	 					onClose: function(){
+				 										self.before('<pre>'+data.message+'</pre>');
+				 										$(this).find("input, select, textarea").each(function() {
+				 												$(this).css({ "border-color":"#d1d1d1" });
+				 										});
 
-	 					 }
-	 				});
-	 				handler.openIframe();
-	 			}
-			}
-     });
-			});
+				 										$.unblockUI();
+				 									}else{
+				 										self.before('<pre>'+data.message+'</pre>');
+				 										$.unblockUI();
+				 									}
+				 							});
+				 					},
+				 					onClose: function(){
+
+				 					 }
+				 				});
+				 				handler.openIframe();
+				 			}else{
+									alert(data.message);
+							}
+						}
+
+			     });
+				});
 
 		});
 
