Skip to content

Commit

Permalink
Fixed display shortcode php buffer due to invalid quiz id
Browse files Browse the repository at this point in the history
  • Loading branch information
@randhirexpresstech
randhirexpresstech committed May 1, 2024
1 parent 02603c1 commit 3f1080e
Show file tree
Hide file tree
Showing 3 changed files with 284 additions and 0 deletions.
66 changes: 66 additions & 0 deletions php/classes/class-qmn-plugin-helper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,72 @@ public function __construct() {
add_filter( 'qsm_language_support', array( $this, 'qsm_language_support' ), 10, 3 );
}

/**
* Calls all class functions to check if quiz is setup properly
*
* @param int $quiz_id The ID of the quiz or survey to load.
* @return array An array which contains boolean result of has_proper_quiz, message and/or qmn_quiz_options
*/
public function has_proper_quiz( $quiz_id ) {
if ( empty( $quiz_id ) ) {
return array(
'res' => false,
'message' => __( 'Empty Quiz ID.', 'quiz-master-next' ),
);
}

$quiz_id = intval( $quiz_id );

// Tries to load quiz name to ensure this is a valid ID.
global $mlwQuizMasterNext, $qmn_allowed_visit, $qmn_json_data;
$qmn_json_data = array();
$qmn_allowed_visit = true;
if ( false === $this->prepare_quiz( $quiz_id ) ) {
return array(
'res' => false,
'message' => __( 'It appears that this quiz is not set up correctly.', 'quiz-master-next' ),
);
}

$has_result_id = ( ! isset( $_GET['result_id'] ) || '' === $_GET['result_id'] );

if ( $has_result_id ) {
global $mlw_qmn_quiz;
$mlw_qmn_quiz = $quiz_id;
}

$qmn_quiz_options = $mlwQuizMasterNext->quiz_settings->get_quiz_options();

if ( $has_result_id ) {
/**
* Filter Quiz Options before Quiz Display
*/
$qmn_quiz_options = apply_filters( 'qsm_shortcode_quiz_options', $qmn_quiz_options );
}

// If quiz options isn't found, stop function.
if ( is_null( $qmn_quiz_options ) || ( ! empty( $qmn_quiz_options->deleted ) && 1 == $qmn_quiz_options->deleted ) ) {
return array(
'res' => false,
'message' => __( 'This quiz is no longer available.', 'quiz-master-next' ),
);
}

// If quiz options isn't found, stop function.
if ( is_null( $qmn_quiz_options ) || empty( $qmn_quiz_options->quiz_name ) ) {
return array(
'res' => false,
'message' => __( 'It appears that this quiz is not set up correctly.', 'quiz-master-next' ),
);
}

return array(
'res' => true,
'message' => __( 'Quiz is setup properly.', 'quiz-master-next' ),
'qmn_quiz_options' => $qmn_quiz_options,
);
}

/**
* Calls all class functions to initialize quiz
*
Expand Down
215 changes: 215 additions & 0 deletions php/classes/class-qmn-quiz-manager.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -331,6 +331,221 @@ public function qsm_clear_audit_data() {
* @return string The content for the shortcode
*/
public function display_shortcode( $atts ) {
global $wpdb, $mlwQuizMasterNext;
$shortcode_args = shortcode_atts(
array(
'quiz' => 0,
'question_amount' => 0,
),
$atts
);

// Quiz ID.
$quiz = intval( $shortcode_args['quiz'] );
$question_amount = intval( $shortcode_args['question_amount'] );

// Check, if quiz is setup properly.
$has_proper_quiz = $mlwQuizMasterNext->pluginHelper->has_proper_quiz( $quiz );
if ( false === $has_proper_quiz['res'] ) {
return $has_proper_quiz['message'];
}

$qmn_quiz_options = $has_proper_quiz['qmn_quiz_options'];

ob_start();
if ( isset( $_GET['result_id'] ) && '' !== $_GET['result_id'] ) {
$result_unique_id = sanitize_text_field( wp_unslash( $_GET['result_id'] ) );
$result = $wpdb->get_row( $wpdb->prepare( "SELECT `result_id`, `quiz_id` FROM {$wpdb->prefix}mlw_results WHERE unique_id = %s", $result_unique_id ), ARRAY_A );
if ( ! empty( $result ) && isset( $result['result_id'] ) ) {

wp_enqueue_style( 'qmn_quiz_common_style', $this->common_css, array(), $mlwQuizMasterNext->version );
wp_style_add_data( 'qmn_quiz_common_style', 'rtl', 'replace' );
wp_enqueue_style( 'dashicons' );
wp_enqueue_script( 'jquery' );
wp_enqueue_script( 'jquery-ui-tooltip' );
wp_enqueue_script( 'qsm_quiz', QSM_PLUGIN_JS_URL . '/qsm-quiz.js', array( 'wp-util', 'underscore', 'jquery', 'jquery-ui-tooltip' ), $mlwQuizMasterNext->version, false );
wp_enqueue_script( 'qsm_common', QSM_PLUGIN_JS_URL . '/qsm-common.js', array(), $mlwQuizMasterNext->version, true );
$disable_mathjax = isset( $qmn_quiz_options->disable_mathjax ) ? $qmn_quiz_options->disable_mathjax : '';
if ( 1 != $disable_mathjax ) {
wp_enqueue_script( 'math_jax', $this->mathjax_url, false, $this->mathjax_version, true );
wp_add_inline_script( 'math_jax', self::$default_MathJax_script, 'before' );
}

$result_id = $result['result_id'];
$return_display = do_shortcode( '[qsm_result id="' . $result_id . '"]' );
$return_display = str_replace( '%FB_RESULT_ID%', $result_unique_id, $return_display );
} else {
$return_display = 'Result id is wrong!';
}
$return_display .= ob_get_clean();
} else {
global $qmn_allowed_visit, $qmn_json_data, $mlw_qmn_quiz;

// Loads Quiz Template.
wp_enqueue_style( 'qmn_quiz_animation_style', QSM_PLUGIN_CSS_URL . '/animate.css', array(), $mlwQuizMasterNext->version );
wp_enqueue_style( 'qmn_quiz_common_style', $this->common_css, array(), $mlwQuizMasterNext->version );
wp_style_add_data( 'qmn_quiz_common_style', 'rtl', 'replace' );
wp_enqueue_style( 'dashicons' );
// The quiz_stye is misspelled because it has always been misspelled and fixing it would break many sites :(.
if ( 'default' == $qmn_quiz_options->theme_selected ) {
$return_display .= '<style type="text/css">' . preg_replace( '#<script(.*?)>(.*?)</script>#is', '', htmlspecialchars_decode( $qmn_quiz_options->quiz_stye, ENT_QUOTES) ) . '</style>';
wp_enqueue_style( 'qmn_quiz_style', QSM_PLUGIN_CSS_URL . '/qmn_quiz.css', array(), $mlwQuizMasterNext->version );
wp_style_add_data( 'qmn_quiz_style', 'rtl', 'replace' );
} else {
$registered_template = $mlwQuizMasterNext->pluginHelper->get_quiz_templates( $qmn_quiz_options->theme_selected );
// Check direct file first, then check templates folder in plugin, then check templates file in theme.
// If all fails, then load custom styling instead.
if ( $registered_template && file_exists( ABSPATH . $registered_template['path'] ) ) {
wp_enqueue_style( 'qmn_quiz_template', site_url( $registered_template['path'] ), array(), $mlwQuizMasterNext->version );
} elseif ( $registered_template && file_exists( plugin_dir_path( __FILE__ ) . '../../templates/' . $registered_template['path'] ) ) {
wp_enqueue_style( 'qmn_quiz_template', plugins_url( '../../templates/' . $registered_template['path'], __FILE__ ), array(), $mlwQuizMasterNext->version );
} elseif ( $registered_template && file_exists( get_theme_file_path( '/templates/' . $registered_template['path'] ) ) ) {
wp_enqueue_style( 'qmn_quiz_template', get_stylesheet_directory_uri() . '/templates/' . $registered_template['path'], array(), $mlwQuizMasterNext->version );
}
if ( ! empty( $qmn_quiz_options->quiz_stye ) ) {
echo "<style type='text/css' id='qmn_quiz_template-css'>" . wp_kses_post( htmlspecialchars_decode( $qmn_quiz_options->quiz_stye ) ) . '</style>';
}
}
$saved_quiz_theme = $mlwQuizMasterNext->theme_settings->get_active_quiz_theme_path( $quiz );
$folder_name = QSM_THEME_PATH . $saved_quiz_theme . '/';
if ( file_exists( $folder_name . 'functions.php' ) ) {
include_once $folder_name . 'functions.php';
}
do_action( 'qsm_enqueue_script_style', $qmn_quiz_options );

// Starts to prepare variable array for filters.
$qmn_array_for_variables = array(
'quiz_id' => $qmn_quiz_options->quiz_id,
'quiz_name' => $qmn_quiz_options->quiz_name,
'quiz_system' => $qmn_quiz_options->system,
'user_ip' => $this->get_user_ip(),
);
$return_display .= '<script>
if (window.qmn_quiz_data === undefined) {
window.qmn_quiz_data = new Object();
}
</script>';
$qpages = array();
$qpages_arr = $mlwQuizMasterNext->pluginHelper->get_quiz_setting( 'qpages', array() );
if ( ! empty( $qpages_arr ) ) {
foreach ( $qpages_arr as $key => $qpage ) {
unset( $qpage['questions'] );
if ( isset( $qpage['id'] ) ) {
$qpages[ $qpage['id'] ] = $qpage;
}
}
}
$correct_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_correct_answer_text );
$correct_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $correct_answer_text, "quiz_quick_result_correct_answer_text-{$qmn_array_for_variables['quiz_id']}" );
$wrong_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_wrong_answer_text );
$wrong_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $wrong_answer_text, "quiz_quick_result_wrong_answer_text-{$qmn_array_for_variables['quiz_id']}" );
$quiz_processing_message = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->quiz_processing_message, "quiz_quiz_processing_message-{$qmn_array_for_variables['quiz_id']}" );
$quiz_limit_choice = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->quiz_limit_choice, "quiz_quiz_limit_choice-{$qmn_array_for_variables['quiz_id']}" );
$qmn_json_data = array(
'quiz_id' => $qmn_array_for_variables['quiz_id'],
'quiz_name' => $qmn_array_for_variables['quiz_name'],
'disable_answer' => $qmn_quiz_options->disable_answer_onselect,
'ajax_show_correct' => $qmn_quiz_options->ajax_show_correct,
'progress_bar' => $qmn_quiz_options->progress_bar,
'contact_info_location' => $qmn_quiz_options->contact_info_location,
'qpages' => $qpages,
'skip_validation_time_expire' => $qmn_quiz_options->skip_validation_time_expire,
'timer_limit_val' => $qmn_quiz_options->timer_limit,
'disable_scroll_next_previous_click' => $qmn_quiz_options->disable_scroll_next_previous_click,
'disable_first_page' => $qmn_quiz_options->disable_first_page,
'enable_result_after_timer_end' => isset( $qmn_quiz_options->enable_result_after_timer_end ) ? $qmn_quiz_options->enable_result_after_timer_end : '',
'enable_quick_result_mc' => isset( $qmn_quiz_options->enable_quick_result_mc ) ? $qmn_quiz_options->enable_quick_result_mc : '',
'end_quiz_if_wrong' => isset( $qmn_quiz_options->end_quiz_if_wrong ) ? $qmn_quiz_options->end_quiz_if_wrong : 0,
'form_disable_autofill' => isset( $qmn_quiz_options->form_disable_autofill ) ? $qmn_quiz_options->form_disable_autofill : '',
'disable_mathjax' => isset( $qmn_quiz_options->disable_mathjax ) ? $qmn_quiz_options->disable_mathjax : '',
'enable_quick_correct_answer_info' => isset( $qmn_quiz_options->enable_quick_correct_answer_info ) ? $qmn_quiz_options->enable_quick_correct_answer_info : 0,
'quick_result_correct_answer_text' => $correct_answer_text,
'quick_result_wrong_answer_text' => $wrong_answer_text,
'quiz_processing_message' => $quiz_processing_message,
'quiz_limit_choice' => $quiz_limit_choice,
'not_allow_after_expired_time' => $qmn_quiz_options->not_allow_after_expired_time,
'scheduled_time_end' => strtotime( $qmn_quiz_options->scheduled_time_end ),
);

$return_display = apply_filters( 'qmn_begin_shortcode', $return_display, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );

// Checks if we should be showing quiz or results page.
if ( $qmn_allowed_visit && ! isset( $_POST['complete_quiz'] ) && ! empty( $qmn_quiz_options->quiz_name ) ) {
$return_display .= $this->display_quiz( $qmn_quiz_options, $qmn_array_for_variables, $question_amount, $shortcode_args );
} elseif ( isset( $_POST['complete_quiz'], $_POST['qmn_quiz_id'] ) && 'confirmation' == sanitize_text_field( wp_unslash( $_POST['complete_quiz'] ) ) && sanitize_text_field( wp_unslash( $_POST['qmn_quiz_id'] ) ) == $qmn_array_for_variables['quiz_id'] ) {
$return_display .= $this->display_results( $qmn_quiz_options, $qmn_array_for_variables );
}

$qmn_filtered_json = apply_filters( 'qmn_json_data', $qmn_json_data, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );
$qmn_settings_array = maybe_unserialize( $qmn_quiz_options->quiz_settings );
$quiz_options = maybe_unserialize( $qmn_settings_array['quiz_options'] );
$correct_answer_logic = ! empty( $quiz_options['correct_answer_logic'] ) ? $quiz_options['correct_answer_logic'] : '';
$encryption['correct_answer_logic'] = $correct_answer_logic;
$enc_questions = array();
if ( ! empty( $qpages_arr ) ) {
foreach ( $qpages_arr as $item ) {
$enc_questions = array_merge($enc_questions, $item['questions']);
}
}
$enc_questions = implode(',', $enc_questions);
$question_array = $wpdb->get_results(
"SELECT quiz_id, question_id, answer_array, question_answer_info, question_type_new, question_settings
FROM {$wpdb->prefix}mlw_questions
WHERE question_id IN ($enc_questions)", ARRAY_A);
foreach ( $question_array as $key => $question ) {
$encryption[ $question['question_id'] ]['question_type_new'] = $question['question_type_new'];
$encryption[ $question['question_id'] ]['answer_array'] = maybe_unserialize( $question['answer_array'] );
$encryption[ $question['question_id'] ]['settings'] = maybe_unserialize( $question['question_settings'] );
$encryption[ $question['question_id'] ]['correct_info_text'] = isset( $question['question_answer_info'] ) ? html_entity_decode( $question['question_answer_info'] ) : '';
$encryption[ $question['question_id'] ]['correct_info_text'] = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $encryption[ $question['question_id'] ]['correct_info_text'], "correctanswerinfo-{$question['question_id']}" );
}
if ( ( isset($qmn_json_data['end_quiz_if_wrong']) && 0 < $qmn_json_data['end_quiz_if_wrong'] ) || ( ! empty( $qmn_json_data['enable_quick_result_mc'] ) && 1 == $qmn_json_data['enable_quick_result_mc'] ) || ( ! empty( $qmn_json_data['ajax_show_correct'] ) && 1 == $qmn_json_data['ajax_show_correct'] ) ) {
$quiz_id = $qmn_json_data['quiz_id'];
$qsm_inline_encrypt_js = '
if (encryptionKey === undefined) {
var encryptionKey = {};
}
if (data === undefined) {
var data = {};
}
if (jsonString === undefined) {
var jsonString = {};
}
if (encryptedData === undefined) {
var encryptedData = {};
}
encryptionKey['.$quiz_id.'] = "'.hash('sha256',time().$quiz_id).'";
data['.$quiz_id.'] = '.wp_json_encode($encryption).';
jsonString['.$quiz_id.'] = JSON.stringify(data['.$quiz_id.']);
encryptedData['.$quiz_id.'] = CryptoJS.AES.encrypt(jsonString['.$quiz_id.'], encryptionKey['.$quiz_id.']).toString();';
wp_add_inline_script('qsm_encryption', $qsm_inline_encrypt_js, 'after');
}

$return_display .= '<script>window.qmn_quiz_data["' . $qmn_json_data['quiz_id'] . '"] = ' . wp_json_encode( $qmn_filtered_json ) . '
</script>';

$return_display .= ob_get_clean();
$return_display = apply_filters( 'qmn_end_shortcode', $return_display, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );

}
return $return_display;
}

/**
* Generates Content For Quiz Shortcode
*
* Generates the content for the [mlw_quizmaster] shortcode
*
* @since 4.0.0
* @param array $atts The attributes passed from the shortcode.
* @uses QMNQuizManager:load_questions() Loads questions
* @uses QMNQuizManager:create_answer_array() Prepares answers
* @uses QMNQuizManager:display_quiz() Generates and prepares quiz page
* @uses QMNQuizManager:display_results() Generates and prepares results page
* @return string The content for the shortcode
*/
public function display_shortcode_old( $atts ) {
$shortcode_args = shortcode_atts(
array(
'quiz' => 0,
Expand Down
3 changes: 3 additions & 0 deletions readme.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,9 @@ This is usually a theme conflict. You can [checkout out our common conflict solu
18. Database

== Changelog ==
= 9.0.2 ( Beta ) =
* Bug: Fixed display shortcode php buffer due to invalid quiz id

= 9.0.1 (April 25, 2024) =
* Bug: Fixed date format in %ANSWER_X% variable
* Bug: Resolved PHP warning in Quiz Block editor
Expand Down

0 comments on commit 3f1080e

Please sign in to comment.