Code Coverage for projects/packages/forms/src/contact-form/class-contact-form.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	68.62% covered (warning)	68.62%	1021 / 1488	39.71% covered (danger)	39.71%	27 / 68	CRAP	0.00% covered (danger)	0.00%	0 / 1
Contact_Form	68.62% covered (warning)	68.62%	1019 / 1485	39.71% covered (danger)	39.71%	27 / 68	7815.86	0.00% covered (danger)	0.00%	0 / 1
set_ref_id	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
clear_ref_id	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
__construct	93.42% covered (success)	93.42%	71 / 76	0.00% covered (danger)	0.00%	0 / 1	18.09
get_instance_from_jwt	69.74% covered (warning)	69.74%	53 / 76	0.00% covered (danger)	0.00%	0 / 1	35.41
set_source	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
get_context	90.00% covered (success)	90.00%	9 / 10	0.00% covered (danger)	0.00%	0 / 1	8.06
increment_form_context_count	60.00% covered (warning)	60.00%	3 / 5	0.00% covered (danger)	0.00%	0 / 1	2.26
register_post_type	100.00% covered (success)	100.00%	69 / 69	100.00% covered (success)	100.00%	1 / 1	1
get_forms_count	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
compute_id	100.00% covered (success)	100.00%	8 / 8	100.00% covered (success)	100.00%	1 / 1	3
get_secret	90.91% covered (success)	90.91%	10 / 11	0.00% covered (danger)	0.00%	0 / 1	5.02
get_default_thank_you_heading	28.57% covered (danger)	28.57%	2 / 7	0.00% covered (danger)	0.00%	0 / 1	6.28
get_attributes	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
get_jwt	91.38% covered (success)	91.38%	53 / 58	0.00% covered (danger)	0.00%	0 / 1	9.05
get_source	50.00% covered (danger)	50.00%	2 / 4	0.00% covered (danger)	0.00%	0 / 1	2.50
get_forms_context_count	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	2
get_default_to	90.91% covered (success)	90.91%	10 / 11	0.00% covered (danger)	0.00%	0 / 1	5.02
get_default_to_for_editor	92.31% covered (success)	92.31%	12 / 13	0.00% covered (danger)	0.00%	0 / 1	6.02
get_post_property	100.00% covered (success)	100.00%	7 / 7	100.00% covered (success)	100.00%	1 / 1	6
get_default_subject	100.00% covered (success)	100.00%	13 / 13	100.00% covered (success)	100.00%	1 / 1	6
store_shortcode		n/a	0 / 0		n/a	0 / 0	1
style	0.00% covered (danger)	0.00%	0 / 3	0.00% covered (danger)	0.00%	0 / 1	2
style_on	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	2
add_quick_link_to_admin_bar	0.00% covered (danger)	0.00%	0 / 12	0.00% covered (danger)	0.00%	0 / 1	6
parse	72.11% covered (warning)	72.11%	137 / 190	0.00% covered (danger)	0.00%	0 / 1	176.36
prepare_submit_button	0.00% covered (danger)	0.00%	0 / 27	0.00% covered (danger)	0.00%	0 / 1	42
render_noscript_success_message	0.00% covered (danger)	0.00%	0 / 17	0.00% covered (danger)	0.00%	0 / 1	12
format_submission_data	0.00% covered (danger)	0.00%	0 / 12	0.00% covered (danger)	0.00%	0 / 1	12
get_url	0.00% covered (danger)	0.00%	0 / 7	0.00% covered (danger)	0.00%	0 / 1	56
render_error_wrapper	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
render_ajax_success_wrapper	33.33% covered (danger)	33.33%	24 / 72	0.00% covered (danger)	0.00%	0 / 1	151.67
success_message	100.00% covered (success)	100.00%	25 / 25	100.00% covered (success)	100.00%	1 / 1	4
get_compiled_form	73.68% covered (warning)	73.68%	14 / 19	0.00% covered (danger)	0.00%	0 / 1	5.46
get_json_data		n/a	0 / 0		n/a	0 / 0	3
get_raw_compiled_form_data	66.67% covered (warning)	66.67%	4 / 6	0.00% covered (danger)	0.00%	0 / 1	3.33
get_compiled_form_for_email	76.19% covered (warning)	76.19%	16 / 21	0.00% covered (danger)	0.00%	0 / 1	5.34
escape_and_sanitize_field_value	100.00% covered (success)	100.00%	20 / 20	100.00% covered (success)	100.00%	1 / 1	10
remove_empty	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
get_file_upload_fields	0.00% covered (danger)	0.00%	0 / 7	0.00% covered (danger)	0.00%	0 / 1	20
delete_feedback_files	0.00% covered (danger)	0.00%	0 / 2	0.00% covered (danger)	0.00%	0 / 1	6
esc_shortcode_val	100.00% covered (success)	100.00%	13 / 13	100.00% covered (success)	100.00%	1 / 1	3
parse_contact_field	77.36% covered (warning)	77.36%	41 / 53	0.00% covered (danger)	0.00%	0 / 1	43.89
is_file_upload_field	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	5
get_default_label_from_type	44.68% covered (danger)	44.68%	21 / 47	0.00% covered (danger)	0.00%	0 / 1	65.92
get_field_ids	72.97% covered (warning)	72.97%	27 / 37	0.00% covered (danger)	0.00%	0 / 1	16.34
process_submission	85.65% covered (warning)	85.65%	197 / 230	0.00% covered (danger)	0.00%	0 / 1	83.06
has_custom_redirect	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
get_redirect_url	88.89% covered (warning)	88.89%	16 / 18	0.00% covered (danger)	0.00%	0 / 1	6.05
get_permalink	80.00% covered (warning)	80.00%	4 / 5	0.00% covered (danger)	0.00%	0 / 1	3.07
wp_mail	100.00% covered (success)	100.00%	6 / 6	100.00% covered (success)	100.00%	1 / 1	1
add_name_to_address	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	2
get_mail_content_type	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
wrap_message_in_html_tags	97.73% covered (success)	97.73%	43 / 44	0.00% covered (danger)	0.00%	0 / 1	3
add_plain_text_alternative	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
addslashes_deep	50.00% covered (danger)	50.00%	4 / 8	0.00% covered (danger)	0.00%	0 / 1	6.00
get_block_alignment_class	85.71% covered (warning)	85.71%	6 / 7	0.00% covered (danger)	0.00%	0 / 1	3.03
process_file_upload_field	0.00% covered (danger)	0.00%	0 / 29	0.00% covered (danger)	0.00%	0 / 1	90
maybe_add_colon_to_label	100.00% covered (success)	100.00%	3 / 3	100.00% covered (success)	100.00%	1 / 1	3
maybe_transform_value	0.00% covered (danger)	0.00%	0 / 20	0.00% covered (danger)	0.00%	0 / 1	240
get_images	0.00% covered (danger)	0.00%	0 / 16	0.00% covered (danger)	0.00%	0 / 1	42
escape_and_sanitize_field_label	66.67% covered (warning)	66.67%	2 / 3	0.00% covered (danger)	0.00%	0 / 1	2.15
add_theme_json_data_for_classic_themes	0.00% covered (danger)	0.00%	0 / 59	0.00% covered (danger)	0.00%	0 / 1	12
validate	90.00% covered (success)	90.00%	9 / 10	0.00% covered (danger)	0.00%	0 / 1	7.05
validate_ref	71.43% covered (warning)	71.43%	5 / 7	0.00% covered (danger)	0.00%	0 / 1	4.37
reset_errors	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
add_error	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	2
has_errors	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
get_error_messages	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	2
get_confirmation_type	100.00% covered (success)	100.00%	4 / 4	100.00% covered (success)	100.00%	1 / 1	3
get_disable_summary	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	3

1	<?php
2	/**
3	* Contact_Form class.
4	*
5	* @package automattic/jetpack-forms
6	*/
7
8	namespace Automattic\Jetpack\Forms\ContactForm;
9
10	use Automattic\Jetpack\Connection\Tokens;
11	use Automattic\Jetpack\Forms\Dashboard\Dashboard as Forms_Dashboard;
12	use Automattic\Jetpack\JWT;
13	use Automattic\Jetpack\Sync\Settings;
14	use Jetpack_Tracks_Event;
15	use PHPMailer\PHPMailer\PHPMailer;
16	use WP_Block;
17	use WP_Error;
18	use WP_Post;
19
20	// Load the Form_Submission_Error class.
21	require_once __DIR__ . '/class-form-submission-error.php';
22
23	if ( ! defined( 'ABSPATH' ) ) {
24	exit( 0 );
25	}
26
27	/**
28	* Class for the contact-form shortcode.
29	* Parses shortcode to output the contact form as HTML
30	* Sends email and stores the contact form response (a.k.a. "feedback")
31	*/
32	class Contact_Form extends Contact_Form_Shortcode {
33
34	/**
35	* The shortcode name.
36	*
37	* @var string
38	*/
39	public $shortcode_name = 'contact-form';
40
41	/**
42	* The custom post type for forms.
43	*
44	* @var string
45	*/
46	const POST_TYPE = 'jetpack_form';
47
48	/**
49	* Meta key for the source post ID.
50	*
51	* @var string
52	*/
53	const SOURCE_META_KEY = '_jetpack_forms_source_post_id';
54
55	/**
56	*
57	* Stores form submission errors.
58	*
59	* @var WP_Error
60	*/
61	public $errors;
62
63	/**
64	* The SHA1 hash of the attributes that comprise the form.
65	*
66	* @var string
67	*/
68	public $hash;
69
70	/**
71	* The most recent (inclusive) contact-form shortcode processed.
72	*
73	* @var Contact_Form\|null
74	*/
75	public static $last;
76
77	/**
78	* Form we are currently looking at. If processed, will become $last
79	*
80	* @var Contact_Form\|null
81	*/
82	public static $current_form;
83
84	/**
85	* All found forms, indexed by hash.
86	*
87	* @var array
88	*/
89	public static $forms = array();
90
91	/**
92	* The context for the forms, indexed by context.
93	* This is used to keep track of how many forms are in a specific context.
94	*
95	* @var array
96	*/
97	public static $forms_context = array();
98
99	/**
100	* Array of WP_Error objects that are keyed by form id.
101	*
102	* @var array
103	*/
104	public static $static_errors = array();
105
106	/**
107	* Whether to print the grunion.css style when processing the contact-form shortcode
108	*
109	* @var bool
110	*/
111	public static $style = false;
112
113	/**
114	* When printing the submit button, what tags are allowed
115	*
116	* @var array
117	*/
118	public static $allowed_html_tags_for_submit_button = array( 'br' => array() );
119
120	/**
121	* Whether to enable response without reloading the page.
122	*
123	* @var bool
124	*/
125	public $is_response_without_reload_enabled = true;
126
127	/**
128	* The current post object for this form.
129	*
130	* @var WP_Post\|null
131	*/
132	public $current_post;
133
134	/**
135	* Whether the form has a verified JWT token.
136	*
137	* @var bool
138	*/
139	public $has_verified_jwt = false;
140
141	/**
142	* The source of the feedback entry.
143	*
144	* @var Feedback_Source
145	*/
146	private $source;
147
148	/**
149	* The reference ID for the contact form.
150	*
151	* @var int\|null
152	*/
153	private static $ref_id = null;
154
155	/**
156	* Set the reference ID for the contact form.
157	*
158	* @param int $ref_id The reference ID.
159	*/
160	public static function set_ref_id( $ref_id ) {
161	self::$ref_id = $ref_id;
162	}
163
164	/**
165	* Clear the reference ID for the contact form.
166	*/
167	public static function clear_ref_id() {
168	self::$ref_id = null;
169	}
170
171	/**
172	* Construction function.
173	*
174	* @param array $attributes - the attributes.
175	* @param string $content - the content.
176	* @param bool $set_id - whether to set the ID for the form.
177	*/
178	public function __construct( $attributes, $content = null, $set_id = true ) {
179	global $post, $page;
180
181	// AJAX requests don't have a post object, so we need to get the post object from the $_POST['contact-form-id']
182	$this->current_post = $post;
183
184	// phpcs:disable WordPress.Security.NonceVerification.Missing -- Nonce verification happens in process_form_submission() for logged-in users
185	if ( ! $this->current_post && isset( $_POST['contact-form-id'] ) ) {
186	$contact_form_id = sanitize_text_field( wp_unslash( $_POST['contact-form-id'] ) );
187	$this->current_post = get_post( $contact_form_id );
188	}
189	// phpcs:enable
190
191	$this->is_response_without_reload_enabled = apply_filters( 'jetpack_forms_enable_ajax_submission', true );
192
193	// Initialize the source before setting defaults
194	if ( ! $this->source ) {
195	$attributes = is_array( $attributes ) ? $attributes : array();
196	$this->source = Feedback_Source::get_current( $attributes );
197	}
198
199	// Set up the default subject and recipient for this form.
200	$post_author_id = self::get_post_property( $this->current_post, 'post_author' );
201	$default_to = self::get_default_to( $post_author_id, $this->source );
202	$default_subject = self::get_default_subject( $attributes, $this->current_post );
203
204	if ( ! isset( $attributes ) \|\| ! is_array( $attributes ) ) {
205	$attributes = array();
206	}
207
208	if ( $set_id ) {
209	$page_number = is_numeric( $page ) ? intval( $page ) : 1;
210	$attributes['id'] = self::compute_id( $attributes, $this->current_post, $page_number );
211	}
212	$this->hash = sha1(
213	wp_json_encode(
214	$attributes,
215	0 // phpcs:ignore Jetpack.Functions.JsonEncodeFlags.ZeroFound -- No `json_encode()` flags because we don't want to disrupt the current hash index.
216	)
217	);
218
219	if ( $set_id ) {
220	self::$forms[ $this->hash ] = $this; // This increments the form count.
221	self::increment_form_context_count( $attributes, $this->current_post );
222	}
223
224	// Keep reference to $this for parsing form fields.
225	self::$current_form = $this;
226
227	$this->defaults = array(
228	'to' => $default_to,
229	'subject' => $default_subject,
230	'show_subject' => 'no', // only used in back-compat mode
231	'widget' => 0, // Not exposed to the user. Works with Contact_Form_Plugin::widget_atts()
232	'block_template' => null, // Not exposed to the user. Works with template_loader
233	'block_template_part' => null, // Not exposed to the user. Works with Contact_Form::parse()
234	'id' => null, // Not exposed to the user. Set above.
235	'ref' => null, // Not exposed to the user. Set above if applicable.
236	'submit_button_text' => __( 'Submit', 'jetpack-forms' ),
237	// These attributes come from the block editor, so use camel case instead of snake case.
238	'customThankyou' => '', // Whether to show a custom thankyou response after submitting a form. '' for no, 'noSummary' to disable the summary, 'message' for a custom message, 'redirect' to redirect to a new URL. Deprecated.
239	'customThankyouHeading' => self::get_default_thank_you_heading(), // The text to show above customThankyouMessage.
240	'customThankyouMessage' => '', // The message to show when customThankyou is set to 'message'.
241	'customThankyouRedirect' => '', // The URL to redirect to when confirmationType is set to 'redirect'.
242	'confirmationType' => null, // The type of confirmation to show after submitting a form. 'text' for a text message, 'redirect' for a redirect link.
243	'jetpackCRM' => true, // Whether Jetpack CRM should store the form submission.
244	'mailpoet' => null,
245	'hostingerReach' => null,
246	'className' => null,
247	'postToUrl' => null,
248	'salesforceData' => null,
249	'hiddenFields' => null,
250	'stepTransition' => 'fade-slide', // The transition style for multi-step forms. Options: none, fade, slide, fade-slide
251	'saveResponses' => 'yes',
252	'emailNotifications' => 'yes',
253	'notificationRecipients' => array(), // Array of user IDs who should receive form response notifications.
254	'webhooks' => array(), // Array of webhooks to send the form data to.
255	'disableGoBack' => $attributes['disableGoBack'] ?? false,
256	'disableSummary' => $attributes['disableSummary'] ?? false,
257	'formTitle' => $attributes['formTitle'] ?? '',
258	);
259
260	$attributes = shortcode_atts( $this->defaults, $attributes, 'contact-form' );
261
262	// Transform boolean saveResponses to string for backend compatibility
263	if ( isset( $attributes['saveResponses'] ) && is_bool( $attributes['saveResponses'] ) ) {
264	$attributes['saveResponses'] = $attributes['saveResponses'] ? 'yes' : 'no';
265	}
266
267	// Transform boolean emailNotifications to string for backend compatibility
268	if ( isset( $attributes['emailNotifications'] ) && is_bool( $attributes['emailNotifications'] ) ) {
269	$attributes['emailNotifications'] = $attributes['emailNotifications'] ? 'yes' : 'no';
270	}
271
272	// We only enable the contact-field shortcode temporarily while processing the contact-form shortcode.
273	Contact_Form_Plugin::$using_contact_form_field = true;
274
275	parent::__construct( $attributes, $content );
276
277	// There were no fields in the contact form. The form was probably just [contact-form /]. Build a default form.
278	if ( empty( $this->fields ) ) {
279	// same as the original Grunion v1 form.
280	$default_form = '
281	[contact-field label="' . __( 'Name', 'jetpack-forms' ) . '" type="name" required="true" /]
282	[contact-field label="' . __( 'Email', 'jetpack-forms' ) . '" type="email" required="true" /]
283	[contact-field label="' . __( 'Website', 'jetpack-forms' ) . '" type="url" /]';
284
285	if ( 'yes' === strtolower( $this->get_attribute( 'show_subject' ) ) ) {
286	$default_form .= '
287	[contact-field label="' . __( 'Subject', 'jetpack-forms' ) . '" type="subject" /]';
288	}
289
290	$default_form .= '
291	[contact-field label="' . __( 'Message', 'jetpack-forms' ) . '" type="textarea" /]';
292
293	$this->parse_content( $default_form );
294	}
295
296	// $this->body and $this->fields have been setup. We no longer need the contact-field shortcode.
297	Contact_Form_Plugin::$using_contact_form_field = false;
298	}
299	/**
300	* Get the instance of the contact form from a JWT token.
301	*
302	* @param string $jwt_token The JWT token.
303	* @param bool $throw_exception Whether to throw an exception if the JWT token is invalid or cannot be decoded.
304	*
305	* @return Contact_Form\|null The contact form instance, or null if decoding fails and $throw_exception is false.
306	* @throws \Exception If the JWT token is invalid or cannot be decoded and $throw_exception is true.
307	*/
308	public static function get_instance_from_jwt( $jwt_token, $throw_exception = false ) {
309	$secret = self::get_secret();
310
311	// Derive separate keys using HKDF for proper key separation and context binding
312	$jwt_signing_key = hash_hkdf( 'sha256', $secret, 32, 'jetpack-forms-jwt-hmac-v2' );
313	$encryption_key = hash_hkdf( 'sha256', $secret, 32, 'jetpack-forms-aes-gcm-v2' );
314
315	try {
316	$data = JWT::decode( $jwt_token, $jwt_signing_key, array( 'HS256' ), true );
317	} catch ( \Exception $e ) {
318	try {
319	// Retry to decode the token using the secret key instead of the derived key
320	$data = JWT::decode( $jwt_token, $secret, array( 'HS256' ), true );
321	} catch ( \Exception $e ) {
322	// Re-throw with more context about the failure.
323	if ( $throw_exception ) {
324	/**
325	* Filter the failure to decode a JWT token for a contact form.
326	*
327	* @param null $value The value to return. Default null.
328	* @param string $jwt_token The JWT token that failed to decode.
329	* @param \Exception $e The exception that was thrown during decoding.
330	*
331	* @return Contact_Form\|null The value to return.
332	*/
333	$filtered = apply_filters( 'jetpack_forms_jwt_decode_failure', null, $jwt_token, $e );
334	if ( $filtered !== null ) {
335	return $filtered;
336	}
337	throw new \Exception(
338	sprintf(
339	/* translators: %s is the original exception message */
340	__( 'Failed to decode JWT token: %s', 'jetpack-forms' ),
341	$e->getMessage()
342	),
343	0,
344	$e
345	);
346	}
347	return apply_filters( 'jetpack_forms_jwt_decode_failure', null, $jwt_token, $e );
348	}
349	}
350
351	$version = isset( $data['version'] ) ? absint( $data['version'] ) : 1;
352
353	if ( 2 === $version ) {
354	if ( ! isset( $data['encrypted_attributes'] ) ) {
355	throw new \Exception( 'Invalid JWT format - encrypted attributes required' );
356	}
357
358	// phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_decode -- Base64 decoding required for encrypted data
359	$encrypted_blob = base64_decode( $data['encrypted_attributes'], true ); // Strict mode
360	if ( $encrypted_blob === false ) {
361	throw new \Exception( 'Invalid base64 encoding in encrypted data' );
362	}
363
364	// Determine which cipher was used (stored in JWT or default to GCM)
365	$cipher = isset( $data['cipher'] ) ? $data['cipher'] : 'aes-256-gcm';
366
367	// Check if the cipher is available on this server
368	$available_cipher_methods = array_map( 'strtolower', openssl_get_cipher_methods() );
369	if ( ! in_array( strtolower( $cipher ), $available_cipher_methods, true ) ) {
370	throw new \Exception( 'Required encryption cipher ' . $cipher . ' is not available on this server' );
371	}
372
373	// Determine IV and tag sizes based on cipher
374	$is_gcm = stripos( $cipher, 'gcm' ) !== false;
375	if ( $is_gcm ) {
376	// GCM: 12-byte IV + 16-byte tag + ciphertext
377	if ( strlen( $encrypted_blob ) < 29 ) { // 12 + 16 + at least 1 byte
378	throw new \Exception( 'Invalid encrypted data format - too short for GCM' );
379	}
380	$iv = substr( $encrypted_blob, 0, 12 ); // 12-byte IV (96-bit)
381	$tag = substr( $encrypted_blob, 12, 16 ); // 16-byte auth tag
382	$encrypted = substr( $encrypted_blob, 28 ); // Remaining ciphertext
383	} else {
384	// CBC: 16-byte IV + ciphertext (no tag)
385	if ( strlen( $encrypted_blob ) < 17 ) { // 16 + at least 1 byte
386	throw new \Exception( 'Invalid encrypted data format - too short for CBC' );
387	}
388	$iv = substr( $encrypted_blob, 0, 16 ); // 16-byte IV (128-bit)
389	$tag = null; // No tag for CBC
390	$encrypted = substr( $encrypted_blob, 16 ); // Remaining ciphertext
391	}
392
393	$decrypted = openssl_decrypt(
394	$encrypted,
395	$cipher,
396	$encryption_key,
397	OPENSSL_RAW_DATA, // Expect raw binary data
398	$iv,
399	$tag ?? ''
400	);
401
402	if ( $decrypted === false ) {
403	throw new \Exception( 'Decryption failed - invalid token' );
404	}
405
406	$decrypted_attributes = json_decode( $decrypted, true );
407	if ( $decrypted_attributes === null ) {
408	throw new \Exception( 'Invalid attributes format' );
409	}
410
411	// Reconstruct data with decrypted attributes and unencrypted fields
412	$data['attributes'] = $decrypted_attributes;
413	// content, hash, and source are already in $data (unencrypted)
414	} elseif ( ! in_array( $version, array( 0, 1 ), true ) ) {
415	throw new \Exception( 'Unsupported JWT version' );
416	}
417
418	$source = $data['source'] ?? array();
419
420	if ( empty( $source ) ) {
421	// phpcs:ignore WordPress.Security.NonceVerification.Missing -- check done by caller process_form_submission()
422	$source_post_id = ! empty( $_POST['contact-form-id'] ) && is_numeric( $_POST['contact-form-id'] ) ? absint( wp_unslash( $_POST['contact-form-id'] ) ) : 0;
423	$post = get_post( $source_post_id );
424
425	if ( $post !== null && $source_post_id > 0 ) {
426	// create a fallback source
427	$source = array(
428	'source_id' => $post->ID,
429	'entry_title' => html_entity_decode( $post->post_title, ENT_QUOTES \| ENT_HTML5, 'UTF-8' ),
430	'entry_page' => 1,
431	'source_type' => 'single',
432	'request_url' => get_permalink( $post ),
433	);
434	}
435	}
436
437	$form = new self( $data['attributes'], $data['content'], empty( $data['attributes']['id'] ) );
438	$form->source = Feedback_Source::from_serialized( $source );
439	$form->hash = $data['hash'];
440	$form->has_verified_jwt = true;
441
442	return $form;
443	}
444
445	/**
446	* Set the source object for the contact form.
447	*
448	* @param Feedback_Source $source The source object.
449	*
450	* @return void
451	*/
452	public function set_source( $source ) {
453	$this->source = $source;
454	}
455
456	/**
457	* Get the context for the contact form based on the attributes and post.
458	*
459	* @param array $attributes The attributes of the contact form.
460	* @param WP_Post\|null $post The post object, if available.
461	*
462	* @return string The context for the contact form.
463	*/
464	public static function get_context( $attributes, $post = null ) {
465	$context = 'jp-form';
466	if ( ! empty( $attributes['widget'] ) && $attributes['widget'] ) {
467	$context = 'widget-' . $attributes['widget'];
468	} elseif ( ! empty( $attributes['block_template'] ) && $attributes['block_template'] ) {
469	$context = 'block-template-' . $attributes['block_template'];
470	} elseif ( ! empty( $attributes['block_template_part'] ) && $attributes['block_template_part'] ) {
471	$context = 'block-template-part-' . $attributes['block_template_part'];
472	} elseif ( $post instanceof WP_Post ) {
473	$context = (string) $post->ID;
474	}
475
476	return $context;
477	}
478
479	/**
480	* Increment the count of forms for a specific context.
481	*
482	* @param array $attributes The attributes of the contact form.
483	* @param WP_Post\|null $post The post object, if available.
484	*
485	* @return void
486	*/
487	public static function increment_form_context_count( $attributes, $post ) {
488	$context = self::get_context( $attributes, $post );
489	if ( ! isset( self::$forms_context[ $context ] ) ) {
490	self::$forms_context[ $context ] = 1;
491	return;
492	}
493	self::$forms_context[ $context ] = self::get_forms_context_count( $context ) + 1;
494	}
495
496	/**
497	* Register the jetpack_form custom post type.
498	*/
499	public static function register_post_type() {
500
501	$labels = array(
502	'name' => __( 'Forms', 'jetpack-forms' ),
503	'singular_name' => __( 'Form', 'jetpack-forms' ),
504	'add_new' => __( 'Add Form', 'jetpack-forms' ),
505	'add_new_item' => __( 'Add Form', 'jetpack-forms' ),
506	'new_item' => __( 'New Form', 'jetpack-forms' ),
507	'edit_item' => __( 'Edit Block Form', 'jetpack-forms' ),
508	'view_item' => __( 'View Form', 'jetpack-forms' ),
509	'view_items' => __( 'View Forms', 'jetpack-forms' ),
510	'all_items' => __( 'All Forms', 'jetpack-forms' ),
511	'search_items' => __( 'Search Forms', 'jetpack-forms' ),
512	'not_found' => __( 'No forms found.', 'jetpack-forms' ),
513	'not_found_in_trash' => __( 'No forms found in Trash.', 'jetpack-forms' ),
514	'filter_items_list' => __( 'Filter forms list', 'jetpack-forms' ),
515	'items_list_navigation' => __( 'Forms list navigation', 'jetpack-forms' ),
516	'items_list' => __( 'Forms list', 'jetpack-forms' ),
517	'item_published' => __( 'Form published.', 'jetpack-forms' ),
518	'item_published_privately' => __( 'Form published privately.', 'jetpack-forms' ),
519	'item_reverted_to_draft' => __( 'Form reverted to draft.', 'jetpack-forms' ),
520	'item_scheduled' => __( 'Form scheduled.', 'jetpack-forms' ),
521	'item_updated' => __( 'Form updated.', 'jetpack-forms' ),
522	);
523
524	$capabilities = array(
525	// You need to be able to edit posts, in order to read blocks in their raw form.
526	'read' => 'edit_posts',
527	// You need to be able to publish posts, in order to create blocks.
528	'create_posts' => 'publish_posts',
529	'edit_posts' => 'edit_posts',
530	'edit_published_posts' => 'edit_published_posts',
531	'delete_published_posts' => 'delete_published_posts',
532	// Enables trashing draft posts as well.
533	'delete_posts' => 'delete_posts',
534	'edit_others_posts' => 'edit_others_posts',
535	'delete_others_posts' => 'delete_others_posts',
536	);
537
538	$args = array(
539	'public' => false,
540	'show_ui' => true, // not sure we need this.
541	'show_in_menu' => false,
542	'rewrite' => false,
543	'query_var' => false,
544	'show_in_rest' => true,
545	'rest_base' => 'jetpack-forms',
546	'rest_controller_class' => 'Automattic\Jetpack\Forms\ContactForm\Jetpack_Form_Endpoint',
547	'capability_type' => 'post',
548	'capabilities' => $capabilities,
549	'map_meta_cap' => true,
550	'labels' => $labels,
551	'hierarchical' => false,
552	'template' => array( array( 'jetpack/contact-form' ) ),
553	'supports' => array(
554	'title',
555	'editor',
556	'revisions',
557	'author',
558	'custom-fields',
559	),
560	);
561
562	register_post_type( self::POST_TYPE, $args );
563
564	// Register post meta for tracking the source post that created this form.
565	register_post_meta(
566	self::POST_TYPE,
567	self::SOURCE_META_KEY,
568	array(
569	'type' => 'integer',
570	'single' => true,
571	'show_in_rest' => true,
572	'sanitize_callback' => 'absint',
573	'auth_callback' => function () {
574	return current_user_can( 'edit_posts' );
575	},
576	)
577	);
578	}
579
580	/**
581	* Get the count of forms.
582	*
583	* @return int The count of forms.
584	*/
585	public static function get_forms_count() {
586	return count( self::$forms );
587	}
588
589	/**
590	* Compute the ID for the contact form based on the attributes and post.
591	*
592	* @param array $attributes The attributes of the contact form.
593	* @param WP_Post\|null $post The post object, if available.
594	* @param int $page_number The page number, if available.
595	*
596	* @return string The ID for the contact form.
597	*/
598	public static function compute_id( $attributes, $post = null, $page_number = 1 ) {
599
600	$context = self::get_context( $attributes, $post );
601	$id_part = array( $context );
602
603	if ( self::get_forms_context_count( $context ) > 0 ) {
604	$id_part[] = self::get_forms_context_count( $context );
605	}
606
607	$page_num = max( 1, intval( $page_number ) );
608	if ( $page_num > 1 ) {
609	$id_part[] = $page_num;
610	}
611
612	return implode( '-', $id_part );
613	}
614
615	/**
616	* Helper function to get the secret from the Tokens class.
617	*
618	* @return string The secret from the Tokens class, or a default secret if not available.
619	*/
620	private static function get_secret() {
621
622	/**
623	* Filter the secret used for signing contact form JWT tokens.
624	*
625	* @param string $secret Passes a empty string by default so that we can fall back to other methods if the filter is not used.
626	*
627	* @return string The secret used for signing contact form JWT tokens.
628	*/
629	$secret = apply_filters( 'jetpack_forms_secret_jwt', '' );
630	if ( is_string( $secret ) && ! empty( $secret ) ) {
631	return $secret;
632	}
633
634	$token = ( new Tokens() )->get_access_token();
635
636	if ( ! empty( $token->secret ) ) {
637	return $token->secret;
638	}
639
640	$secret = get_option( 'jetpack_forms_secret_key', false );
641	if ( empty( $secret ) ) {
642	// Generate a fallback secret if we don't have one from Tokens.
643	$secret = wp_generate_password( 64, true, true );
644	update_option( 'jetpack_forms_secret_key', $secret );
645	}
646
647	return $secret;
648	}
649
650	/**
651	* Get the default thank you heading with conditional sparkle.
652	*
653	* Returns the new copy with sparkle emoji if translated, otherwise
654	* falls back to the old copy without sparkle.
655	*
656	* TEMPORARY: This method can be removed once the new copy has been translated.
657	* Replace the call with: __( 'Thank you for your response.', 'jetpack-forms' ) . ' ✨'
658	*
659	* @return string The translated heading.
660	*/
661	private static function get_default_thank_you_heading() {
662	// English locales always get the new copy with sparkle.
663	if ( str_starts_with( get_locale(), 'en' ) ) {
664	return __( 'Thank you for your response.', 'jetpack-forms' ) . ' ✨';
665	}
666
667	// Check if new string has a translation by comparing with the original.
668	$original = 'Thank you for your response.';
669	$translated = __( 'Thank you for your response.', 'jetpack-forms' );
670
671	if ( $translated !== $original ) {
672	return $translated . ' ✨';
673	}
674
675	// Fall back to old string without sparkle.
676	return __( 'Your message has been sent', 'jetpack-forms' );
677	}
678
679	/**
680	* Helper function to get the attributes of the contact form.
681	*
682	* @return array The attributes of the contact form.
683	*/
684	public function get_attributes() {
685	return $this->attributes;
686	}
687
688	/**
689	* Get the JWT token for the contact form instance.
690	*
691	* @return string The JWT token.
692	* @throws \Exception If encryption fails.
693	*/
694	public function get_jwt() {
695	$secret = self::get_secret();
696
697	// Derive separate keys using HKDF for proper key separation and context binding
698	$jwt_signing_key = hash_hkdf( 'sha256', $secret, 32, 'jetpack-forms-jwt-hmac-v2' );
699	$encryption_key = hash_hkdf( 'sha256', $secret, 32, 'jetpack-forms-aes-gcm-v2' );
700
701	$attributes = $this->attributes;
702	$this->source = Feedback_Source::get_current( $attributes );
703
704	// Only encrypt the attributes field as it contains sensitive information
705	// Content, hash, and source are not sensitive and can remain unencrypted
706
707	// Check cipher availability with fallback support
708	$available_cipher_methods = openssl_get_cipher_methods();
709	$cipher = null;
710	$cipher_fallback = null;
711	$use_encryption = false;
712	$iv_length = 12; // Default for GCM
713
714	// Try to find AES-256-GCM first (case-insensitive search)
715	foreach ( $available_cipher_methods as $method ) {
716	if ( strtolower( $method ) === 'aes-256-gcm' ) {
717	$cipher = $method; // Use the actual name with original casing
718	$use_encryption = true;
719	// IV length already set to 12 (NIST recommended for AES-GCM)
720	break;
721	}
722	// If AES-256-GCM not found, try fallback to AES-256-CBC
723	if ( strtolower( $method ) === 'aes-256-cbc' ) {
724	$cipher_fallback = $method; // Use the actual name with original casing
725	$use_encryption = true;
726	}
727	}
728
729	// Use the fallback cipher if the primary cipher is not available.
730	if ( $cipher === null && $cipher_fallback !== null ) {
731	$cipher = $cipher_fallback;
732	$iv_length = 16; // 16-byte (128-bit) IV for AES-CBC
733	}
734
735	// Lazy fallback payload in case encryption fails or is unavailable.
736	$unencrypted_payload = array(
737	'attributes' => $attributes,
738	'content' => $this->content,
739	'hash' => $this->hash,
740	'source' => $this->source->serialize(),
741	// No version field = version 1 (unencrypted)
742	);
743
744	if ( $use_encryption ) {
745	$iv = random_bytes( $iv_length );
746	$tag = ''; // Will be populated by openssl_encrypt for GCM
747	$encrypted = openssl_encrypt(
748	wp_json_encode(
749	$attributes,
750	JSON_UNESCAPED_SLASHES
751	),
752	$cipher,
753	$encryption_key,
754	OPENSSL_RAW_DATA, // Return raw binary data, not base64
755	$iv,
756	$tag
757	);
758
759	if ( $encrypted === false ) {
760	do_action( 'jetpack_forms_log', 'jwt_encryption_failed', openssl_error_string() );
761	return JWT::encode( $unencrypted_payload, $jwt_signing_key );
762	}
763	// For GCM, include the authentication tag; for CBC, tag will be empty
764	$encrypted_blob = stripos( $cipher, 'GCM' ) !== false ? $iv . $tag . $encrypted : $iv . $encrypted;
765
766	return JWT::encode(
767	array(
768	'encrypted_attributes' => base64_encode( $encrypted_blob ), // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode -- Base64 encoding required for encrypted data storage
769	'content' => $this->content,
770	'hash' => $this->hash,
771	'source' => $this->source->serialize(),
772	'version' => 2,
773	'cipher' => $cipher, // Store which cipher was used
774	),
775	$jwt_signing_key
776	);
777	}
778
779	// No encryption available - fall back to version 1 format (unencrypted)
780	return JWT::encode( $unencrypted_payload, $jwt_signing_key );
781	}
782
783	/**
784	* Get the current source obejct. That is relevent to the form and there current request.
785	*
786	* @return Feedback_Source Return the current feedback source object.
787	*/
788	public function get_source() {
789	if ( ! $this->source ) {
790	$attributes = $this->attributes;
791	$this->source = Feedback_Source::get_current( $attributes );
792	}
793	return $this->source;
794	}
795
796	/**
797	* Get the count of forms.
798	*
799	* @param string $context The context for which to get the count of forms.
800	*
801	* @return int The count of forms.
802	*/
803	public static function get_forms_context_count( $context ) {
804	if ( ! isset( self::$forms_context[ $context ] ) ) {
805	self::$forms_context[ $context ] = 0;
806	return 0;
807	}
808
809	return self::$forms_context[ $context ];
810	}
811
812	/**
813	* Get the default recipient email address for the contact form.
814	*
815	* @param int\|null $post_author_id The ID of the post author. If provided, will return the author's email.
816	* @param Feedback_Source\|null $source The source of the feedback entry. Optional, not used currently.
817	*
818	* @return string The default recipient email address.
819	*/
820	public static function get_default_to( $post_author_id = null, $source = null ) {
821	// Get the default recipient email address.
822	$default_to = get_option( 'admin_email' );
823	// Check that the user has edit permissions for this blog and has an email address
824	if ( ! $post_author_id ) {
825	return $default_to;
826	}
827
828	// Check that source is of type Feedback_Source
829	if ( ! $source instanceof Feedback_Source ) {
830	return $default_to;
831	}
832
833	if ( absint( $source->get_id() ) === 0 ) {
834	return $default_to;
835	}
836
837	$post = get_post( $source->get_id() );
838	if ( ! $post ) {
839	return $default_to;
840	}
841
842	return self::get_default_to_for_editor( $post );
843	}
844
845	/**
846	* Get the default recipient email address for the contact form based on post data.
847	*
848	* This is used when we load the post or page in the editor, and we don't have the post author ID directly.
849	*
850	* @param mixed\|null $post Optional post data (object or array).
851	*
852	* @return string The default recipient email address.
853	*/
854	public static function get_default_to_for_editor( $post = null ) {
855	$default_to = get_option( 'admin_email' );
856
857	if ( empty( $post ) ) {
858	return $default_to;
859	}
860
861	$post_author_id = self::get_post_property( $post, 'post_author' );
862	$post_id = self::get_post_property( $post, 'ID' );
863	$post_author = get_user( $post_author_id );
864
865	// Check that the user has edit permissions for this blog and has an email address
866	if ( empty( $post_author ) \|\| empty( $post_author->user_email ) ) {
867	return $default_to;
868	}
869
870	// Check that the user is still a member of the blog.
871	if ( ! is_user_member_of_blog( $post_author_id ) ) {
872	return $default_to;
873	}
874
875	// Check that the author can still edit the post or page.
876	if ( user_can( $post_author_id, 'edit_post', $post_id ) ) {
877	return $post_author->user_email;
878	}
879
880	return $default_to;
881	}
882
883	/**
884	* Safely get a property from post data (object or array).
885	*
886	* @param mixed $post_data Post data (object or array).
887	* @param string $property Property name to get.
888	*
889	* @return mixed\|null The property value or null if not found.
890	*/
891	public static function get_post_property( $post_data, $property ) {
892	if ( ! $post_data ) {
893	return null;
894	}
895
896	if ( is_object( $post_data ) && isset( $post_data->$property ) ) {
897	return $post_data->$property;
898	} elseif ( is_array( $post_data ) && isset( $post_data[ $property ] ) ) {
899	return $post_data[ $property ];
900	}
901
902	return null;
903	}
904
905	/**
906	* Get the default subject for the contact form.
907	*
908	* @param array $attributes The attributes of the contact form.
909	* @param mixed $post_data Optional post data (object or array).
910	*
911	* @return string The default subject for the contact form.
912	*/
913	public static function get_default_subject( $attributes, $post_data = null ) {
914	global $post;
915	// Get the default subject for the contact form.
916	$default_subject = '[' . get_option( 'blogname' ) . ']';
917
918	// Get post title safely
919	$post_title = self::get_post_property( $post_data, 'post_title' );
920
921	if ( ! $post_title && $post ) {
922	$post_title = self::get_post_property( $post, 'post_title' );
923	}
924
925	if ( $post_title ) {
926	$default_subject = sprintf(
927	// translators: the blog name and post title.
928	_x( '%1$s %2$s', '%1$s = blog name, %2$s = post title', 'jetpack-forms' ),
929	$default_subject,
930	Contact_Form_Plugin::strip_tags( $post_title )
931	);
932	}
933
934	if ( ! empty( $attributes['widget'] ) && $attributes['widget'] ) {
935	// translators: '%1$s the blog name
936	$default_subject = sprintf( _x( '%1$s Sidebar', '%1$s = blog name', 'jetpack-forms' ), $default_subject );
937	}
938
939	return $default_subject;
940	}
941
942	/**
943	* Store shortcode content for recall later
944	* - used to receate shortcode when user uses do_shortcode
945	*
946	* @deprecated 5.0.0
947	*/
948	public static function store_shortcode() {
949	_deprecated_function( __METHOD__, '5.0.0', 'Contact_Form_Plugin::store_shortcode()' );
950	}
951
952	/**
953	* Toggle for printing the grunion.css stylesheet
954	*
955	* @param bool $style - the CSS style.
956	*
957	* @return bool
958	*/
959	public static function style( $style ) {
960	$previous_style = self::$style;
961	self::$style = (bool) $style;
962	return $previous_style;
963	}
964
965	/**
966	* Turn on printing of grunion.css stylesheet
967	*
968	* @see ::style()
969	*
970	* @return bool
971	*/
972	public static function style_on() {
973	return self::style( true );
974	}
975	/**
976	* Adds a quick link to the admin bar for the contact form entries.
977	*
978	* @param \WP_Admin_Bar $admin_bar The admin bar object.
979	*/
980	public static function add_quick_link_to_admin_bar( \WP_Admin_Bar $admin_bar ) {
981
982	if ( ! current_user_can( 'edit_pages' ) ) {
983	return;
984	}
985
986	$url = Forms_Dashboard::get_forms_admin_url();
987
988	$admin_bar->add_menu(
989	array(
990	'id' => 'jetpack-forms',
991	'parent' => null,
992	'group' => null,
993	'title' => '<span class="dashicons dashicons-feedback ab-icon" style="top: 2px;"></span><span class="ab-label">' . esc_html__( 'Form Responses', 'jetpack-forms' ) . '</span>',
994	'href' => $url,
995	)
996	);
997	}
998
999	/**
1000	* The contact-form shortcode processor
1001	*
1002	* @param array $attributes Key => Value pairs as parsed by shortcode_parse_atts().
1003	* @param string\|null $content The shortcode's inner content: [contact-form]$content[/contact-form].
1004	* @param array $context An array of context data for the form.
1005	*
1006	* @return string HTML for the concat form.
1007	*/
1008	public static function parse( $attributes, $content, $context = array() ) {
1009	global $post, $page, $multipage; // $page is used in the contact-form submission redirect
1010	if ( Settings::is_syncing() ) {
1011	return '';
1012	}
1013	if ( isset( $GLOBALS['grunion_block_template_part_id'] ) ) {
1014	self::style_on();
1015	if ( is_array( $attributes ) ) {
1016	$attributes['block_template_part'] = $GLOBALS['grunion_block_template_part_id'];
1017	}
1018	}
1019
1020	if ( is_singular() ) {
1021	add_action( 'admin_bar_menu', array( __CLASS__, 'add_quick_link_to_admin_bar' ), 100 ); // We use priority 100 so that the link that is added gets added after the "Edit Page" link.
1022	}
1023	$plugin = Contact_Form_Plugin::init();
1024	$attributes['widget'] = $plugin->get_current_widget_context();
1025	// Create a new Contact_Form object (this class)
1026	if ( self::$ref_id ) {
1027	$attributes['ref'] = self::$ref_id;
1028	}
1029
1030	$form = new Contact_Form( $attributes, $content );
1031	Contact_Form_Plugin::reset_step();
1032
1033	$id = $form->get_attribute( 'id' );
1034
1035	if ( ! $id ) { // something terrible has happened
1036	return '[contact-form]';
1037	}
1038
1039	if ( is_feed() ) {
1040	return '[contact-form]';
1041	}
1042
1043	self::$last = $form;
1044
1045	// Enqueue the grunion.css stylesheet if self::$style allows it
1046	if ( self::$style && ( empty( $_REQUEST['action'] ) \|\| $_REQUEST['action'] !== 'grunion_shortcode_to_json' ) ) {
1047	// Enqueue the style here instead of printing it, because if some other plugin has run the_post()+rewind_posts(),
1048	// (like VideoPress does), the style tag gets "printed" the first time and discarded, leaving the contact form unstyled.
1049	// when WordPress does the real loop.
1050	wp_enqueue_style( 'grunion.css' );
1051	wp_enqueue_script( 'accessible-form' );
1052	}
1053
1054	$version = \JETPACK__VERSION;
1055
1056	// Extra cache busting strategy for view.js, seems they are left out of cache clearing on deploys
1057	$asset_file = plugin_dir_path( __FILE__ ) . 'dist/modules/form/view.asset.php';
1058	$asset = file_exists( $asset_file ) ? require $asset_file : null;
1059
1060	if ( $asset && isset( $asset['version'] ) ) {
1061	$version = $asset['version'];
1062	}
1063
1064	$config = array(
1065	'error_types' => array(
1066	'is_required' => __( 'This field is required.', 'jetpack-forms' ),
1067	'invalid_form_empty' => __( 'The form you are trying to submit is empty.', 'jetpack-forms' ),
1068	'invalid_form' => __( 'Please fill out the form correctly.', 'jetpack-forms' ),
1069	'network_error' => __( 'Connection issue while submitting the form. Check that you are connected to the Internet and try again.', 'jetpack-forms' ),
1070	),
1071	'admin_ajax_url' => admin_url( 'admin-ajax.php' ),
1072	);
1073	wp_interactivity_config( 'jetpack/form', $config );
1074	\wp_enqueue_script_module(
1075	'jp-forms-view',
1076	plugins_url( 'dist/modules/form/view.js', dirname( __DIR__ ) ),
1077	array( '@wordpress/interactivity' ),
1078	$version
1079	);
1080
1081	$is_single_input_form = is_array( $form->fields ) && count( $form->fields ) === 1;
1082
1083	$container_classes = array( 'wp-block-jetpack-contact-form-container' );
1084
1085	if ( $is_single_input_form ) {
1086	$container_classes[] = 'is-single-input-form';
1087	}
1088
1089	$container_classes[] = self::get_block_alignment_class( $attributes );
1090	$container_classes_string = implode( ' ', $container_classes );
1091
1092	$is_reload_after_success = isset( $_GET['contact-form-id'] )
1093	&& (int) $_GET['contact-form-id'] === (int) self::$last->get_attribute( 'id' )
1094	&& isset( $_GET['contact-form-sent'] )
1095	&& isset( $_GET['contact-form-hash'] )
1096	&& is_string( $_GET['contact-form-hash'] )
1097	&& hash_equals( $form->hash, wp_unslash( $_GET['contact-form-hash'] ) ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1098
1099	$feedback_id = 0;
1100	$is_reload_nonce_valid = false;
1101
1102	if ( $is_reload_after_success ) {
1103	$feedback_id = (int) $_GET['contact-form-sent'];
1104	$is_reload_nonce_valid = isset( $_GET['_wpnonce'] )
1105	&& wp_verify_nonce( sanitize_key( wp_unslash( $_GET['_wpnonce'] ) ), "contact-form-sent-{$feedback_id}" );
1106	}
1107
1108	$max_steps = 0;
1109	if ( preg_match_all( '/data-wp-context=[\'"]?{"step":(\d+)}[\'"]?/', $content, $matches ) ) {
1110	if ( ! empty( $matches[1] ) ) {
1111	$max_steps = max( array_map( 'intval', $matches[1] ) );
1112	}
1113	}
1114
1115	$is_multistep = $max_steps > 0;
1116	$element_id = 'jp-form-' . esc_attr( $form->hash );
1117
1118	// Initial data used to render the success message when the page is reloaded after a successful submission
1119	// Don't show the feedback details unless the nonce matches
1120	$submission_data = null;
1121
1122	if ( $is_reload_after_success && $is_reload_nonce_valid ) {
1123	$response = Feedback::get( (int) $_GET['contact-form-sent'] );
1124
1125	if ( $response ) {
1126	$submission_data = $response->get_compiled_fields( 'web', 'label\|value' );
1127	}
1128	}
1129
1130	$formatted_submission_data = $submission_data ? self::format_submission_data( $submission_data ) : array();
1131	$submission_success = $form->is_response_without_reload_enabled && $is_reload_after_success;
1132	$has_custom_redirect = $form->has_custom_redirect();
1133
1134	$default_context = array(
1135	'formId' => $id,
1136	'formHash' => $form->hash,
1137	'showErrors' => $form->has_errors(), // We toggle this to true when we want to show the user errors right away.
1138	'errors' => array(), // This should be a associative array.
1139	'fields' => array(),
1140	'isMultiStep' => $is_multistep, // Whether the form is a multistep form.
1141	'useAjax' => $form->is_response_without_reload_enabled && ! $has_custom_redirect,
1142	'submissionData' => $submission_data,
1143	'formattedSubmissionData' => $formatted_submission_data,
1144	'submissionSuccess' => $submission_success,
1145	'submissionError' => null,
1146	'elementId' => $element_id,
1147	'isSingleInputForm' => $is_single_input_form,
1148	);
1149
1150	if ( $is_multistep ) {
1151	$multistep_context = array(
1152	'currentStep' => isset( $_GET[ $id . '-step' ] ) ? absint( $_GET[ $id . '-step' ] ) : 1, // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1153	'maxSteps' => $max_steps,
1154	'direction' => 'forward', // Default direction for animations
1155	'transition' => $form->get_attribute( 'stepTransition' ) ? $form->get_attribute( 'stepTransition' ) : 'fade-slide', // Transition style for step animations
1156	);
1157
1158	if ( ! is_array( $context ) ) {
1159	$context = array();
1160	}
1161	$context = array_merge( $context, $multistep_context );
1162	}
1163
1164	$context = is_array( $context ) ? array_merge( $default_context, $context ) : $default_context;
1165
1166	$r = '';
1167	$r .= "<div data-test='contact-form'
1168	id='contact-form-$id'
1169	class='{$container_classes_string}'
1170	data-wp-interactive='jetpack/form' " . wp_interactivity_data_wp_context( $context ) . "
1171	data-wp-watch--scroll-to-wrapper=\"callbacks.scrollToWrapper\"
1172	>\n";
1173
1174	if ( $form->is_response_without_reload_enabled ) {
1175	$r .= self::render_ajax_success_wrapper( $form, $submission_success, $formatted_submission_data );
1176	}
1177
1178	if ( $form->has_errors() ) {
1179	// There are errors. Display them
1180	$r .= "<div class='form-error'>\n<h3>" . __( 'Error!', 'jetpack-forms' ) . "</h3>\n<ul class='form-errors'>\n";
1181	foreach ( $form->get_error_messages() as $message ) {
1182	$r .= "\t<li class='form-error-message'>" . esc_html( $message ) . "</li>\n";
1183	}
1184	$r .= "</ul>\n</div>\n\n";
1185	}
1186
1187	if ( $is_reload_after_success && $form->is_response_without_reload_enabled ) {
1188	$r .= '<noscript>';
1189	$r .= self::render_noscript_success_message( $is_reload_nonce_valid, $feedback_id, $form );
1190	$r .= '</noscript>';
1191	}
1192
1193	if ( $is_reload_after_success && ! $form->is_response_without_reload_enabled ) {
1194	// The contact form was submitted. Show the success message/results.
1195	$r .= self::render_noscript_success_message( $is_reload_nonce_valid, $feedback_id, $form );
1196	} else {
1197	// Nothing special - show the normal contact form
1198	if ( $form->get_attribute( 'widget' )
1199	\|\| $form->get_attribute( 'block_template' )
1200	\|\| $form->get_attribute( 'block_template_part' ) ) {
1201	// Submit form to the current URL
1202	$url = remove_query_arg( array( 'contact-form-id', 'contact-form-sent', 'action', '_wpnonce' ) );
1203	} else {
1204	// Submit form to the post permalink
1205	$url = get_permalink();
1206	if ( $multipage && $page ) {
1207	$url = add_query_arg( 'page', $page, $url );
1208	}
1209	}
1210
1211	// For SSL/TLS page. See RFC 3986 Section 4.2
1212	$url = set_url_scheme( $url );
1213
1214	// May eventually want to send this to admin-post.php...
1215	/**
1216	* Filter the contact form action URL.
1217	*
1218	* @module contact-form
1219	*
1220	* @since 1.3.1
1221	*
1222	* @param string $contact_form_id Contact form post URL.
1223	* @param $post $GLOBALS['post'] Post global variable.
1224	* @param int $id Contact Form ID.
1225	*/
1226	$url = apply_filters( 'grunion_contact_form_form_action', $url, $GLOBALS['post'], $id, $page );
1227	$has_submit_button_block = str_contains( $content, 'wp-block-jetpack-button' ) \|\| str_contains( $content, 'wp-block-button' );
1228	$form_classes = 'contact-form commentsblock';
1229	if ( $submission_success ) {
1230	$form_classes .= ' submission-success';
1231	}
1232	$post_title = $post->post_title ?? '';
1233	$form_accessible_name = ! empty( $attributes['formTitle'] ) ? $attributes['formTitle'] : $post_title;
1234	$form_aria_label = isset( $form_accessible_name ) && ! empty( $form_accessible_name ) ? 'aria-label="' . esc_attr( $form_accessible_name ) . '"' : '';
1235
1236	if ( $has_submit_button_block ) {
1237	$form_classes .= ' wp-block-jetpack-contact-form';
1238	}
1239
1240	$r .= "<form action='" . esc_url( $url ) . "'
1241	id='" . $element_id . "'
1242	method='post'
1243	class='" . esc_attr( $form_classes ) . "' $form_aria_label
1244	data-wp-on--submit=\"actions.onFormSubmit\"
1245	data-wp-on--reset=\"actions.onFormReset\"
1246	data-wp-class--submission-success=\"context.submissionSuccess\"
1247	data-wp-class--is-first-step=\"state.isFirstStep\"
1248	data-wp-class--is-last-step=\"state.isLastStep\"
1249	data-wp-class--is-ajax-form=\"context.useAjax\"
1250	novalidate >\n";
1251
1252	if ( $is_multistep ) { // This makes the "enter" key work in multi-step forms as expected.
1253	$r .= '<input type="submit" style="display: none;" />';
1254	}
1255	$r .= "<input type='hidden' name='jetpack_contact_form_jwt' value='" . esc_attr( $form->get_jwt() ) . "' />\n";
1256	$r .= $form->body;
1257
1258	if ( $is_multistep ) {
1259	$r = preg_replace( '/<div class="wp-block-jetpack-form-step-navigation__wrapper/', self::render_error_wrapper() . ' <div class="wp-block-jetpack-form-step-navigation__wrapper', $r, 1 );
1260	} elseif ( $has_submit_button_block && ! $is_single_input_form ) {
1261	// Place the error wrapper before the FIRST button block only to avoid duplicates (e.g., navigation buttons in multistep forms).
1262	// Replace only the first occurrence of a wp-block-jetpack-button prepending it with the error wrapper.
1263	// Fallback with same strategy for new core button blocks.
1264	$r = preg_replace( '/<div class="wp-block-jetpack-button/', self::render_error_wrapper() . ' <div class="wp-block-jetpack-button', $r, 1 );
1265	if ( str_contains( $r, 'wp-block-button' ) ) {
1266	$r = preg_replace( '/<div class="wp-block-button/', self::render_error_wrapper() . ' <div class="wp-block-button', $r, 1 );
1267	}
1268	}
1269
1270	if ( $has_submit_button_block ) {
1271	$r = self::prepare_submit_button( $r );
1272	}
1273
1274	// In new versions of the contact form block the button is an inner block
1275	// so the button does not need to be constructed server-side.
1276	if ( ! $has_submit_button_block ) {
1277	$r .= "\t<p class='contact-submit'>\n";
1278
1279	$gutenberg_submit_button_classes = '';
1280	if ( ! empty( $attributes['submitButtonClasses'] ) ) {
1281	$gutenberg_submit_button_classes = ' ' . $attributes['submitButtonClasses'];
1282	}
1283
1284	/**
1285	* Filter the contact form submit button class attribute.
1286	*
1287	* @module contact-form
1288	*
1289	* @since 6.6.0
1290	*
1291	* @param string $class Additional CSS classes for button attribute.
1292	*/
1293	$submit_button_class = apply_filters( 'jetpack_contact_form_submit_button_class', 'pushbutton-wide' . $gutenberg_submit_button_classes );
1294
1295	$submit_button_styles = '';
1296	if ( ! empty( $attributes['customBackgroundButtonColor'] ) ) {
1297	$submit_button_styles .= 'background-color: ' . $attributes['customBackgroundButtonColor'] . '; ';
1298	}
1299	if ( ! empty( $attributes['customTextButtonColor'] ) ) {
1300	$submit_button_styles .= 'color: ' . $attributes['customTextButtonColor'] . ';';
1301	}
1302	if ( ! empty( $attributes['submitButtonText'] ) ) {
1303	$submit_button_text = $attributes['submitButtonText'];
1304	} else {
1305	$submit_button_text = $form->get_attribute( 'submit_button_text' );
1306	}
1307
1308	$r .= self::render_error_wrapper();
1309	$r .= "\t\t<button type='submit' class='" . esc_attr( $submit_button_class ) . "'";
1310	if ( ! empty( $submit_button_styles ) ) {
1311	$r .= " style='" . esc_attr( $submit_button_styles ) . "'";
1312	}
1313	$r .= '>';
1314	$r .= wp_kses(
1315	$submit_button_text,
1316	self::$allowed_html_tags_for_submit_button
1317	) . '</button>';
1318	}
1319
1320	if ( is_user_logged_in() ) {
1321	$r .= "\t\t" . wp_nonce_field( 'contact-form_' . $id, '_wpnonce', true, false ) . "\n"; // nonce and referer
1322	}
1323
1324	if ( isset( $attributes['hasFormSettingsSet'] ) && $attributes['hasFormSettingsSet'] ) {
1325	$r .= "\t\t<input type='hidden' name='is_block' value='1' />\n";
1326	}
1327	$r .= "\t\t<input type='hidden' name='contact-form-id' value='$id' />\n";
1328	$r .= "\t\t<input type='hidden' name='action' value='grunion-contact-form' />\n";
1329	$r .= "\t\t<input type='hidden' name='contact-form-hash' value='" . esc_attr( $form->hash ) . "' />\n";
1330
1331	if ( ! $has_submit_button_block ) {
1332	$r .= "\t</p>\n";
1333	}
1334
1335	$r .= "</form>\n";
1336	}
1337
1338	$r .= '</div>';
1339
1340	/**
1341	* Filter the contact form, allowing plugins to modify the HTML.
1342	*
1343	* @module contact-form
1344	*
1345	* @since 10.2.0
1346	*
1347	* @param string $r The contact form HTML.
1348	*/
1349	return apply_filters( 'jetpack_contact_form_html', $r );
1350	}
1351
1352	/**
1353	* Prepare the submit button for the contact form.
1354	* Add interactivity attributes to the LAST submit button found in the content.
1355	*
1356	* @param string $content - the content of the submit button.
1357	*
1358	* @return string - the prepared content of the submit button.
1359	*/
1360	private static function prepare_submit_button( $content ) {
1361	if ( ! class_exists( \WP_HTML_Tag_Processor::class ) ) {
1362	return $content;
1363	}
1364	$button_count = 0;
1365	$p = new \WP_HTML_Tag_Processor( $content );
1366	while ( $p->next_tag(
1367	array(
1368	'tag_name' => 'button',
1369	'type' => 'submit',
1370	)
1371	) ) {
1372	++$button_count;
1373	}
1374	if ( $button_count === 0 ) {
1375	return $content;
1376	}
1377	$occurrence = 0;
1378	$p = new \WP_HTML_Tag_Processor( $content );
1379	while ( $p->next_tag(
1380	array(
1381	'tag_name' => 'button',
1382	'type' => 'submit',
1383	)
1384	) ) {
1385	if ( $occurrence === $button_count - 1 ) {
1386	$p->set_attribute( 'data-wp-class--is-submitting', 'state.isSubmitting' );
1387	$p->set_attribute( 'data-wp-bind--aria-disabled', 'state.isAriaDisabled' );
1388	$p->set_attribute( 'data-wp-bind--disabled', 'state.isAriaDisabled' );
1389	}
1390	++$occurrence;
1391	}
1392	return $p->get_updated_html();
1393	}
1394
1395	/**
1396	* Renders the success message for the contact form when js is disabled or not desired.
1397	*
1398	* @param bool $is_reload_nonce_valid - whether the nonce is valid.
1399	* @param int $feedback_id - the feedback ID.
1400	* @param Contact_Form $form - the contact form.
1401	*
1402	* @return string HTML string for the success message.
1403	*/
1404	private static function render_noscript_success_message( $is_reload_nonce_valid, $feedback_id, $form ) {
1405	$back_url = remove_query_arg( array( 'contact-form-id', 'contact-form-sent', '_wpnonce', 'contact-form-hash' ) );
1406	$contact_form_id = sanitize_text_field( wp_unslash( $_GET['contact-form-id'] ?? '' ) ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended
1407	$disable_go_back = $form->get_attribute( 'disableGoBack' );
1408
1409	$message = '';
1410
1411	$message .= '<style>
1412	.contact-form-ajax-submission {
1413	display: none;
1414	}
1415
1416	#contact-form-' . $contact_form_id . ' form.contact-form {
1417	display: none;
1418	}
1419	</style>';
1420
1421	$message .= '<div class="contact-form-submission">';
1422	$success_message = '';
1423
1424	if ( ! $disable_go_back ) {
1425	$success_message = '<p class="go-back-message"> <a class="link" href="' . esc_url( $back_url ) . '">' . esc_html__( '← Back', 'jetpack-forms' ) . '</a> </p>';
1426	}
1427
1428	$success_message .= '<h4 id="contact-form-success-header">' . esc_html( $form->get_attribute( 'customThankyouHeading' ) ) . "</h4>\n\n";
1429
1430	// Don't show the feedback details unless the nonce matches
1431	if ( $is_reload_nonce_valid ) {
1432	$success_message .= self::success_message( $feedback_id, $form );
1433	}
1434
1435	/**
1436	* Filter the message returned after a successful contact form submission.
1437	*
1438	* @module contact-form
1439	*
1440	* @since 1.3.1
1441	*
1442	* @param string $message Success message.
1443	*/
1444	$message .= apply_filters( 'grunion_contact_form_success_message', $success_message );
1445	$message .= '</div>';
1446
1447	return $message;
1448	}
1449
1450	/**
1451	* Helper function to format the submission data for the success message.
1452	*
1453	* @param array $data The submission data.
1454	*
1455	* @return array The formatted submission data.
1456	*/
1457	private static function format_submission_data( $data ) {
1458	$formatted_submission_data = array();
1459
1460	foreach ( $data as $field_data ) {
1461	$url = self::get_url( $field_data['value'] );
1462	$images = self::get_images( $field_data['value'] );
1463
1464	$formatted_submission_data[] = array(
1465	'label' => self::maybe_add_colon_to_label( $field_data['label'] ),
1466	'value' => self::maybe_transform_value( $field_data['value'] ),
1467	'images' => $images,
1468	'url' => $url,
1469	'showPlainValue' => empty( $url ) && empty( $images ),
1470	);
1471	}
1472
1473	return $formatted_submission_data;
1474	}
1475
1476	/**
1477	* Get the URL from a URL field value if present.
1478	*
1479	* @param mixed $value The field value.
1480	*
1481	* @return string\|null The URL if this is a URL field, null otherwise.
1482	*/
1483	private static function get_url( $value ) {
1484	if ( is_array( $value ) && isset( $value['type'] ) && $value['type'] === 'url' && ! empty( $value['url'] ) ) {
1485	$url = $value['url'];
1486
1487	// Prepend https:// if no protocol is specified.
1488	if ( ! preg_match( '#^https?://#i', $url ) ) {
1489	$url = 'https://' . $url;
1490	}
1491
1492	// Validate URL - only http and https protocols are allowed for safety.
1493	$url = esc_url( $url, array( 'http', 'https' ) );
1494	return ! empty( $url ) ? $url : null;
1495	}
1496	return null;
1497	}
1498
1499	/**
1500	* Helper function that display the error wrapper.
1501	*
1502	* @return string HTML string for the error wrapper.
1503	*/
1504	private static function render_error_wrapper() {
1505	$html = '<div class="contact-form__error" data-wp-class--show-errors="state.showFormErrors">';
1506	$html .= '<span class="contact-form__warning-icon"><span class="visually-hidden">' . __( 'Warning.', 'jetpack-forms' ) . '</span><i aria-hidden="true"></i></span>
1507	<span data-wp-text="state.getFormErrorMessage"></span>
1508	<ul>
1509	<template data-wp-each="state.getErrorList" data-wp-key="context.item.id">
1510	<li><a data-wp-bind--href="context.item.anchor" data-wp-on--click="actions.scrollIntoView" data-wp-text="context.item.label"></a></li>
1511	</template>
1512	</ul>';
1513	$html .= '</div>';
1514
1515	$html .= '<div class="contact-form__error" data-wp-class--show-errors="state.showSubmissionError" data-wp-text="context.submissionError"></div>';
1516	return $html;
1517	}
1518
1519	/**
1520	* Renders the success wrapper after a form is submitted without reloading the page.
1521	*
1522	* @param Contact_Form $form - the contact form.
1523	* @param bool $submission_success - whether the form has already been submitted.
1524	* @param array $formatted_submission_data - the formatted submission data.
1525	*
1526	* @return string HTML string for the success wrapper.
1527	*/
1528	private static function render_ajax_success_wrapper( $form, $submission_success = false, $formatted_submission_data = array() ) {
1529	$classes = 'contact-form-submission contact-form-ajax-submission';
1530
1531	if ( $submission_success ) {
1532	$classes .= ' submission-success';
1533	}
1534
1535	$back_url = remove_query_arg( array( 'contact-form-id', 'contact-form-sent', '_wpnonce', 'contact-form-hash' ) );
1536	$disable_go_back = $form->get_attribute( 'disableGoBack' );
1537	$disable_summary = $form->get_disable_summary();
1538	$confirmation_type = $form->get_confirmation_type();
1539
1540	if ( $confirmation_type === 'redirect' ) {
1541	return '';
1542	}
1543
1544	$html = '<div class="' . esc_attr( $classes ) . '" data-wp-class--submission-success="context.submissionSuccess">';
1545
1546	if ( ! $disable_go_back ) {
1547	$html .= '<p class="go-back-message">';
1548	$html .= '<a class="link" role="button" tabindex="0" data-wp-on--click="actions.goBack" href="' . esc_url( $back_url ) . '">' . esc_html__( '← Back', 'jetpack-forms' ) . '</a>';
1549	$html .= '</p>';
1550	}
1551
1552	$html .=
1553	'<h4 id="contact-form-success-header">' . esc_html( $form->get_attribute( 'customThankyouHeading' ) ) .
1554	"</h4>\n\n";
1555
1556	if ( 'text' === $confirmation_type ) {
1557	$raw_message = $form->get_attribute( 'customThankyouMessage' );
1558
1559	if ( $raw_message !== '' ) {
1560	// Add more allowed HTML elements for file download links
1561	$allowed_html = array(
1562	'br' => array(),
1563	'blockquote' => array( 'class' => array() ),
1564	'p' => array(),
1565	'div' => array(
1566	'class' => array(),
1567	'style' => array(),
1568	),
1569	'span' => array(
1570	'class' => array(),
1571	'style' => array(),
1572	),
1573	);
1574
1575	$message = wp_kses( $raw_message, $allowed_html );
1576	$message = '<div class="jetpack_forms_contact-form-custom-success-message">' . $message . '</div>';
1577
1578	$html .= $message;
1579	}
1580
1581	if ( ! $disable_summary ) {
1582	$html .= '<template data-wp-each--submission="context.formattedSubmissionData">
1583	<div class="jetpack_forms_contact-form-success-summary">
1584	<div class="field-name" data-wp-text="context.submission.label" data-wp-bind--hidden="!context.submission.label"></div>
1585	<div class="field-value" data-wp-text="context.submission.value" data-wp-bind--hidden="!context.submission.showPlainValue"></div>
1586	<a class="field-url" data-wp-bind--href="context.submission.url" data-wp-text="context.submission.value" data-wp-bind--hidden="!context.submission.url" target="_blank" rel="noopener noreferrer"></a>
1587	<div class="field-images" data-wp-bind--hidden="!context.submission.images">
1588	<template data-wp-each--image="context.submission.images">
1589	<div class="field-image-option" data-wp-class--is-empty="!context.image.src">
1590	<figure class="field-image-option__image" data-wp-class--is-empty="!context.image.src">
1591	<img data-wp-bind--src="context.image.src" data-wp-bind--hidden="!context.image.src" />
1592	<img src="data:image/gif;base64,R0lGODlhAQABAAD/ACwAAAAAAQABAAACADs=" data-wp-bind--hidden="context.image.src" />
1593	</figure>
1594	<div class="field-image-option__label-wrapper">
1595	<span class="field-image-option__label-code" data-wp-text="context.image.letterCode"></span>
1596	<span class="field-image-option__label" data-wp-text="context.image.label" data-wp-bind--hidden="!context.image.label"></span>
1597	</div>
1598	</div>
1599	</template>
1600	</div>
1601	</div>
1602	</template>';
1603
1604	// For each entry in the submission data array, render a div with the label and value.
1605	// Structure must match the template above for proper hydration.
1606	foreach ( $formatted_submission_data as $submission ) {
1607	$has_url = ! empty( $submission['url'] );
1608	$has_images = ! empty( $submission['images'] );
1609	$show_plain_val = ! $has_url && ! $has_images;
1610
1611	$html .= '<div data-wp-each-child class="jetpack_forms_contact-form-success-summary">';
1612
1613	// field-name: always present.
1614	$html .= '<div class="field-name" data-wp-text="context.submission.label" data-wp-bind--hidden="!context.submission.label">' . esc_html( $submission['label'] ) . '</div>';
1615
1616	// field-value: always present, hidden when URL or images exist.
1617	$html .= '<div class="field-value" data-wp-text="context.submission.value" data-wp-bind--hidden="!context.submission.showPlainValue"';
1618	$html .= $show_plain_val ? '' : ' hidden';
1619	$html .= '>' . ( $show_plain_val ? esc_html( $submission['value'] ) : '' ) . '</div>';
1620
1621	// field-url: always present, hidden when no URL.
1622	$html .= '<a class="field-url" data-wp-bind--href="context.submission.url" data-wp-text="context.submission.value" data-wp-bind--hidden="!context.submission.url" target="_blank" rel="noopener noreferrer"';
1623	$html .= $has_url ? ' href="' . esc_attr( $submission['url'] ) . '"' : ' hidden';
1624	$html .= '>' . ( $has_url ? esc_html( $submission['value'] ) : '' ) . '</a>';
1625
1626	// field-images: always present, hidden when no images.
1627	$html .= '<div class="field-images" data-wp-bind--hidden="!context.submission.images"';
1628	$html .= $has_images ? '' : ' hidden';
1629	$html .= '>';
1630
1631	if ( $has_images ) {
1632	foreach ( $submission['images'] as $image ) {
1633	$image_src = $image['src'] ?? '';
1634	$image_letter_code = $image['letterCode'] ?? '';
1635	$image_label = $image['label'] ?? '';
1636
1637	$html .= '<div data-wp-each-child class="field-image-option ' . ( empty( $image_src ) ? 'is-empty' : '' ) . '" data-wp-class--is-empty="!context.image.src">';
1638	$html .= '<figure class="field-image-option__image ' . ( empty( $image_src ) ? 'is-empty' : '' ) . '" data-wp-class--is-empty="!context.image.src">';
1639	$html .= '<img data-wp-bind--src="context.image.src" src="' . esc_attr( $image_src ) . '" data-wp-bind--hidden="!context.image.src"' . ( empty( $image_src ) ? ' hidden' : '' ) . '/>';
1640	$html .= '<img src="data:image/gif;base64,R0lGODlhAQABAAD/ACwAAAAAAQABAAACADs=" data-wp-bind--hidden="context.image.src"' . ( empty( $image_src ) ? '' : ' hidden' ) . '/>';
1641	$html .= '</figure>';
1642	$html .= '<div class="field-image-option__label-wrapper">';
1643	$html .= '<span class="field-image-option__label-code" data-wp-text="context.image.letterCode">' . esc_html( $image_letter_code ) . '</span>';
1644	$html .= '<span class="field-image-option__label" data-wp-text="context.image.label" data-wp-bind--hidden="!context.image.label"' . ( empty( $image_label ) ? ' hidden' : '' ) . '>' . esc_html( $image_label ) . '</span>';
1645	$html .= '</div></div>';
1646	}
1647	} else {
1648	// Empty template for hydration when no images.
1649	$html .= '<template data-wp-each--image="context.submission.images"></template>';
1650	}
1651
1652	$html .= '</div></div>'; // Close field-images and summary.
1653	}
1654	}
1655	}
1656
1657	$html .= '</div>';
1658	return $html;
1659	}
1660
1661	/**
1662	* Returns a success message to be returned if the form is sent via AJAX.
1663	*
1664	* @param int $feedback_id - the feedback ID.
1665	* @param Contact_Form $form - the contact form.
1666	*
1667	* @return string $message
1668	*/
1669	public static function success_message( $feedback_id, $form ) {
1670	$message = '';
1671	$disable_summary = $form->get_disable_summary();
1672	$confirmation_type = $form->get_confirmation_type();
1673
1674	if ( 'text' === $confirmation_type ) {
1675	$raw_message = $form->get_attribute( 'customThankyouMessage' );
1676
1677	if ( $raw_message !== '' ) {
1678	// Add more allowed HTML elements for file download links
1679	$allowed_html = array(
1680	'br' => array(),
1681	'blockquote' => array( 'class' => array() ),
1682	'p' => array(),
1683	'div' => array(
1684	'class' => array(),
1685	'style' => array(),
1686	),
1687	'span' => array(
1688	'class' => array(),
1689	'style' => array(),
1690	),
1691	);
1692
1693	$message = wp_kses( $raw_message, $allowed_html );
1694	$message = '<div class="jetpack_forms_contact-form-custom-success-message">' . $message . '</div>';
1695	}
1696
1697	if ( ! $disable_summary ) {
1698	$compiled_form = self::get_compiled_form( $feedback_id );
1699
1700	$message .= '<div class="jetpack_forms_contact-form-success-summary"><p>' . implode( '</p><p>', $compiled_form ) . '</p></div>';
1701	}
1702	}
1703
1704	return $message;
1705	}
1706
1707	/**
1708	* Returns a compiled form with labels and values in a form of an array
1709	* of lines.
1710	*
1711	* @param int $feedback_id - the feedback ID.
1712	* @param Contact_Form $form - the form. This parameter is deprecated and will be removed in the next version.
1713	*
1714	* @return array $lines
1715	*/
1716	public static function get_compiled_form( $feedback_id, $form = null ) {
1717
1718	if ( $form ) {
1719	_deprecated_argument( __METHOD__, '5.1.0', '$form is deprecated' );
1720	}
1721	$compiled_form = self::get_raw_compiled_form_data( $feedback_id );
1722
1723	foreach ( $compiled_form as $field_index => $data ) {
1724	$safe_display_value = self::escape_and_sanitize_field_value( $data['value'] );
1725
1726	if ( '' === $safe_display_value ) {
1727	$safe_display_value = '-';
1728	}
1729
1730	if ( ! empty( $data['label'] ) ) {
1731	$safe_display_label = self::escape_and_sanitize_field_label( $data['label'] );
1732	$compiled_form[ $field_index ] = sprintf(
1733	'<div class="field-name">%1$s</div> <div class="field-value">%2$s</div>',
1734	self::maybe_add_colon_to_label( $safe_display_label ),
1735	$safe_display_value
1736	);
1737	} else {
1738	// If there is no label, only output the field value, wrapped in its div.
1739	$compiled_form[ $field_index ] = sprintf(
1740	'<div class="field-value">%s</div>',
1741	$safe_display_value
1742	);
1743	}
1744	}
1745
1746	return $compiled_form;
1747	}
1748
1749	/**
1750	* Returns the JSON data for the form submission.
1751	*
1752	* @param int $feedback_id - the feedback ID.
1753	* @param Contact_Form $form - the form. This parameter is deprecated and will be removed in the next version.
1754	*
1755	* @deprecated 5.1.0
1756	*
1757	* @return array $json_data
1758	*/
1759	public static function get_json_data( $feedback_id, $form = null ) {
1760	_deprecated_function( __METHOD__, '5.1.0', 'Feedback::get( $feedback_id )->get_compiled_fields(\'ajax\', \'label\|value\' )' );
1761
1762	if ( $form ) {
1763	_deprecated_argument( __METHOD__, '5.1.0', '$form is deprecated' );
1764	}
1765
1766	$response = Feedback::get( $feedback_id );
1767	if ( ! $response ) {
1768	return array();
1769	}
1770
1771	return $response->get_compiled_fields( 'ajax', 'label\|value' );
1772	}
1773
1774	/**
1775	* Retrieves raw compiled form data.
1776	*
1777	* @param int $feedback_id - the feedback ID.
1778	* @param Contact_Form $form - the form. This parameter is deprecated and will be removed in the next version.
1779	*
1780	* @return array $raw_data Associative array where keys are field_index and values are arrays with 'label' and 'value'.
1781	*/
1782	private static function get_raw_compiled_form_data( $feedback_id, $form = null ) {
1783
1784	if ( $form ) {
1785	_deprecated_argument( __METHOD__, '5.1.0', '$form is deprecated' );
1786	}
1787
1788	$response = Feedback::get( $feedback_id );
1789	if ( $response instanceof Feedback ) {
1790	// If the response is an instance of Feedback, we can use its method to get compiled fields.
1791	return $response->get_compiled_fields( 'web', 'all' );
1792	}
1793
1794	return array();
1795	}
1796
1797	/**
1798	* Returns a compiled form with labels and values formatted for the email response
1799	* in a form of an array of lines.
1800	*
1801	* @param int $feedback_id - the feedback ID.
1802	* @param Contact_Form $form - the form.
1803	*
1804	* @return array $lines
1805	*/
1806	public static function get_compiled_form_for_email( $feedback_id, $form ) {
1807	$compiled_form = array();
1808	$response = Feedback::get( $feedback_id );
1809
1810	if ( $response instanceof Feedback ) {
1811	// If the response is an instance of Feedback, we can use its method to get compiled fields.
1812	$compiled_form = $response->get_compiled_fields( 'email', 'all' );
1813	}
1814
1815	/**
1816	* This filter allows a site owner to customize the response to be emailed, by adding their own HTML around it for example.
1817	*
1818	* @module contact-form
1819	*
1820	* @since 0.18.0
1821	*
1822	* @param array $compiled_form the form response to be filtered
1823	* @param int $feedback_id the ID of the feedback form
1824	* @param Contact_Form $form a copy of this object
1825	*/
1826	$updated_compiled_form = apply_filters( 'jetpack_forms_response_email', $compiled_form, $feedback_id, $form );
1827	if ( $updated_compiled_form !== $compiled_form ) {
1828	$compiled_form = $updated_compiled_form;
1829	} else {
1830	// add styling to the array
1831	foreach ( $compiled_form as $key => $value ) {
1832	$safe_display_label = self::escape_and_sanitize_field_label( $value['label'] );
1833	$safe_display_value = self::escape_and_sanitize_field_value( $value['value'] );
1834
1835	if ( ! empty( $safe_display_label ) ) {
1836	$compiled_form[ $key ] = sprintf(
1837	'<p><strong>%1$s</strong><br /><span>%2$s</span></p>',
1838	self::maybe_add_colon_to_label( $safe_display_label ),
1839	$safe_display_value
1840	);
1841	} else {
1842	$compiled_form[ $key ] = sprintf(
1843	'<p><span>%s</span></p>',
1844	$safe_display_value
1845	);
1846	}
1847	}
1848	}
1849
1850	return $compiled_form;
1851	}
1852
1853	/**
1854	* Escape and sanitize a field value.
1855	*
1856	* @param mixed $value - the value to sanitize.
1857	*
1858	* @return mixed\|string
1859	*/
1860	public static function escape_and_sanitize_field_value( $value ) {
1861	if ( empty( $value ) ) {
1862	return '';
1863	}
1864
1865	// Handle file upload field (new structure with field_id and files array)
1866	if ( self::is_file_upload_field( $value ) ) {
1867	$files = $value['files'];
1868	if ( empty( $files ) ) {
1869	return '';
1870	}
1871
1872	$file_links = array();
1873	foreach ( $files as $file ) {
1874	if ( ! empty( $file['file_id'] ) ) {
1875	$file_name = isset( $file['name'] ) ? $file['name'] : __( 'Attached file', 'jetpack-forms' );
1876	$file_size = isset( $file['size'] ) ? size_format( $file['size'] ) : '';
1877
1878	$html = esc_html( $file_name );
1879	if ( ! empty( $file_size ) ) {
1880	$html .= sprintf( ' <span class="jetpack-forms-file-size">(%s)</span>', esc_html( $file_size ) );
1881	}
1882
1883	$file_links[] = $html;
1884	}
1885	}
1886
1887	return implode( '<br>', $file_links );
1888	}
1889
1890	if ( is_array( $value ) ) {
1891	return implode( ', ', array_map( array( __CLASS__, 'escape_and_sanitize_field_value' ), $value ) );
1892	}
1893
1894	$value = str_replace( array( '[', ']' ), array( '[', ']' ), $value );
1895	return nl2br( wp_kses( $value, array() ) );
1896	}
1897
1898	/**
1899	* Only strip out empty string values and keep all the other values as they are.
1900	*
1901	* @param string $single_value - the single value.
1902	*
1903	* @return bool
1904	*/
1905	public static function remove_empty( $single_value ) {
1906	return ( $single_value !== '' );
1907	}
1908
1909	/**
1910	* Get file upload fields
1911	*
1912	* @param int $post_id The feedback post ID.
1913	* @return array Array of file attachments or empty array.
1914	*/
1915	public static function get_file_upload_fields( $post_id ) {
1916	$content_fields = Contact_Form_Plugin::parse_fields_from_content( $post_id );
1917	$file_upload_fields = array();
1918	if ( isset( $content_fields['_feedback_all_fields'] ) ) {
1919	foreach ( $content_fields['_feedback_all_fields'] as $field_value ) {
1920	if ( self::is_file_upload_field( $field_value ) ) {
1921	$file_upload_fields[] = $field_value;
1922	}
1923	}
1924	}
1925
1926	return $file_upload_fields;
1927	}
1928
1929	/**
1930	* Delete files
1931	*
1932	* @param int $post_id The post ID being deleted.
1933	* @return void
1934	*/
1935	public static function delete_feedback_files( $post_id ) {
1936	if ( get_post_type( $post_id ) !== 'feedback' ) {
1937	return;
1938	}
1939	// $file_upload_fields = self::get_file_upload_fields( $post_id );
1940	// TODO: Implement delete_feedback_files() method.
1941	}
1942
1943	/**
1944	* Escape a shortcode value.
1945	*
1946	* Shortcode attribute values have a number of unfortunate restrictions, which fortunately we
1947	* can get around by adding some extra HTML encoding.
1948	*
1949	* The output HTML will have a few extra escapes, but that makes no functional difference.
1950	*
1951	* @since 9.1.0
1952	* @param string\|array $val Value to escape.
1953	* @return string
1954	*/
1955	public static function esc_shortcode_val( $val ) {
1956	// Sometimes we provide attributes in the form of a collection, hence making the value an array.
1957	// The above case triggers a warning about array to string conversion on formatting.php:1096.
1958	// This chunk will try to get the value from the usual label\|value structure. Otherwise, it will try
1959	// recursively to get the first value from the array.
1960	if ( is_array( $val ) ) {
1961	if ( isset( $val['value'] ) ) {
1962	$val = $val['value'];
1963	} else {
1964	return self::esc_shortcode_val( array_shift( $val ) );
1965	}
1966	}
1967
1968	return strtr(
1969	esc_html( $val ),
1970	array(
1971	// Brackets in attribute values break the shortcode parser.
1972	'[' => '[',
1973	']' => ']',
1974	// Shortcode parser screws up backslashes too, thanks to calls to `stripcslashes`.
1975	'\\' => '\',
1976	// The existing code here represents arrays as comma-separated strings.
1977	// Rather than trying to change representations now, just escape the commas in values.
1978	',' => ',',
1979	)
1980	);
1981	}
1982
1983	/**
1984	* The contact-field shortcode processor.
1985	* We use an object method here instead of a static Contact_Form_Field class method to parse contact-field shortcodes so that we can tie them to the contact-form object.
1986	*
1987	* @param array $attributes Key => Value pairs as parsed by shortcode_parse_atts().
1988	* @param string\|null $content The shortcode's inner content: [contact-field]$content[/contact-field].
1989	* @param WP_Block\|null $block The field block object.
1990	* @return string HTML for the contact form field
1991	*/
1992	public static function parse_contact_field( $attributes, $content, $block = null ) {
1993	if ( $block ) {
1994	$type = null;
1995	}
1996
1997	// Don't try to parse contact form fields if not inside a contact form (????)
1998	if ( ! Contact_Form_Plugin::$using_contact_form_field ) {
1999	$type = isset( $attributes['type'] ) ? $attributes['type'] : null;
2000
2001	if ( $type === 'checkbox-multiple' \|\| $type === 'radio' ) {
2002	preg_match_all( '/' . get_shortcode_regex() . '/s', $content, $matches );
2003
2004	if ( ! empty( $matches[0] ) ) {
2005	$options = array();
2006	foreach ( $matches[0] as $shortcode ) {
2007	$attr = shortcode_parse_atts( $shortcode );
2008	if ( ! empty( $attr['label'] ) ) {
2009	$options[] = $attr['label'];
2010	}
2011	}
2012
2013	$attributes['options'] = $options;
2014	}
2015	}
2016
2017	if ( ! isset( $attributes['label'] ) ) {
2018	$attributes['label'] = self::get_default_label_from_type( $type );
2019	}
2020
2021	$att_strs = array();
2022	foreach ( $attributes as $att => $val ) {
2023	if ( is_numeric( $att ) ) { // Is a valueless attribute
2024	$att_strs[] = self::esc_shortcode_val( $val );
2025	} elseif ( isset( $val ) ) { // A regular attr - value pair
2026	if ( ( $att === 'options' \|\| $att === 'values' ) && is_string( $val ) ) { // remove any empty strings
2027	$val = explode( ',', $val );
2028	}
2029	if ( is_array( $val ) ) {
2030	$val = array_filter( $val, array( __CLASS__, 'remove_empty' ) ); // removes any empty strings
2031	$att_strs[] = esc_html( $att ) . '="' . implode( ',', array_map( array( __CLASS__, 'esc_shortcode_val' ), $val ) ) . '"';
2032	} elseif ( is_bool( $val ) ) {
2033	$att_strs[] = esc_html( $att ) . '="' . ( $val ? '1' : '' ) . '"';
2034	} else {
2035	// Allow CSS in known style attributes byut sanitize with safecss_filter_attr.
2036	$allowed_style_keys = array( 'labelstyles', 'inputstyles', 'optionstyles', 'optionsstyles', 'stylevariationstyles' );
2037	if ( in_array( $att, $allowed_style_keys, true ) ) {
2038	$sanitized = safecss_filter_attr( (string) $val );
2039	$att_strs[] = esc_attr( $att ) . '="' . esc_html( $sanitized ) . '"';
2040	} else {
2041	$att_strs[] = esc_attr( $att ) . '="' . self::esc_shortcode_val( $val ) . '"';
2042	}
2043	}
2044	}
2045	}
2046
2047	$shortcode_type = 'contact-field';
2048	if ( $type === 'field-option' ) {
2049	$shortcode_type = 'contact-field-option';
2050	}
2051
2052	$html = '[' . $shortcode_type . ' ' . implode( ' ', $att_strs );
2053	$trimmed_content = isset( $content ) ? trim( $content ) : '';
2054
2055	if ( ! empty( $trimmed_content ) ) { // If there is content, let's add a closing tag
2056	$html .= ']' . esc_html( $trimmed_content ) . '[/contact-field]';
2057	} else { // Otherwise let's add a closing slash in the first tag
2058	$html .= '/]';
2059	}
2060
2061	return $html;
2062	}
2063
2064	// What does this actually means? What is the case where this is used?
2065	$form = self::$current_form;
2066
2067	$field = new Contact_Form_Field( $attributes, $content, $form );
2068
2069	$field_id = $field->get_attribute( 'id' );
2070	if ( $field_id ) {
2071	$form->fields[ $field_id ] = $field;
2072	} else {
2073	$form->fields[] = $field;
2074	}
2075
2076	if ( // phpcs:disable WordPress.Security.NonceVerification.Missing
2077	! isset( $_POST['jetpack_contact_form_jwt'] )
2078	&&
2079	isset( $_POST['action'] ) && 'grunion-contact-form' === $_POST['action']
2080	&&
2081	isset( $_POST['contact-form-id'] ) && (string) $form->get_attribute( 'id' ) === $_POST['contact-form-id']
2082	&&
2083	isset( $_POST['contact-form-hash'] ) && is_string( $_POST['contact-form-hash'] ) && hash_equals( $form->hash, wp_unslash( $_POST['contact-form-hash'] ) )
2084	) { // phpcs:enable
2085	// If we're processing a POST submission for this contact form, validate the field value so we can show errors as necessary.
2086	$field->validate();
2087	}
2088
2089	// Output HTML
2090	return $field->render();
2091	}
2092
2093	/**
2094	* Check if the field is a file upload field.
2095	*
2096	* @param array $field The field to check.
2097	* @return bool True if the field is a file upload field, false otherwise.
2098	*/
2099	public static function is_file_upload_field( $field ) {
2100	return ( is_array( $field ) &&
2101	! empty( $field ) &&
2102	isset( $field['field_id'] ) &&
2103	isset( $field['files'] ) &&
2104	is_array( $field['files'] ) );
2105	}
2106
2107	/**
2108	* Get the default label from type.
2109	*
2110	* @param string $type - the type of label.
2111	*
2112	* @return string
2113	*/
2114	public static function get_default_label_from_type( $type ) {
2115	switch ( $type ) {
2116	case 'text':
2117	$str = __( 'Text', 'jetpack-forms' );
2118	break;
2119	case 'name':
2120	$str = __( 'Name', 'jetpack-forms' );
2121	break;
2122	case 'number':
2123	$str = __( 'Number', 'jetpack-forms' );
2124	break;
2125	case 'email':
2126	$str = __( 'Email', 'jetpack-forms' );
2127	break;
2128	case 'url':
2129	$str = __( 'Website', 'jetpack-forms' );
2130	break;
2131	case 'date':
2132	$str = __( 'Date', 'jetpack-forms' );
2133	break;
2134	case 'telephone':
2135	$str = __( 'Phone', 'jetpack-forms' );
2136	break;
2137	case 'textarea':
2138	$str = __( 'Message', 'jetpack-forms' );
2139	break;
2140	case 'checkbox-multiple':
2141	$str = __( 'Choose several options', 'jetpack-forms' );
2142	break;
2143	case 'radio':
2144	$str = __( 'Choose one option', 'jetpack-forms' );
2145	break;
2146	case 'select':
2147	$str = __( 'Select one', 'jetpack-forms' );
2148	break;
2149	case 'consent':
2150	$str = __( 'Consent', 'jetpack-forms' );
2151	break;
2152	case 'file':
2153	$str = __( 'Upload a file', 'jetpack-forms' );
2154	break;
2155	case 'time':
2156	$str = __( 'Time', 'jetpack-forms' );
2157	break;
2158	case 'image-select':
2159	$str = __( 'Select an image', 'jetpack-forms' );
2160	break;
2161	default:
2162	$str = null;
2163	}
2164	return $str;
2165	}
2166
2167	/**
2168	* Loops through $this->fields to generate a (structured) list of field IDs.
2169	*
2170	* Important: Currently the allowed fields are defined as follows:
2171	* `name`, `email`, `url`, `subject`, `textarea`
2172	*
2173	* If you need to add new fields to the Contact Form, please don't add them
2174	* to the allowed fields and leave them as extra fields.
2175	*
2176	* The reasoning behind this is that both the admin Feedback view and the CSV
2177	* export will not include any fields that are added to the list of
2178	* allowed fields without taking proper care to add them to all the
2179	* other places where they accessed/used/saved.
2180	*
2181	* The safest way to add new fields is to add them to the dropdown and the
2182	* HTML list ( @see Contact_Form_Field::render ) and don't add them
2183	* to the list of allowed fields. This way they will become a part of the
2184	* `extra fields` which are saved in the post meta and will be properly
2185	* handled by the admin Feedback view and the CSV Export without any extra
2186	* work.
2187	*
2188	* If there is need to add a field to the allowed fields, then please
2189	* take proper care to add logic to handle the field in the following places:
2190	*
2191	* - Below in the switch statement - so the field is recognized as allowed.
2192	*
2193	* - Contact_Form::process_submission - validation and logic.
2194	*
2195	* - Contact_Form::process_submission - add the field as an additional
2196	* field in the `post_content` when saving the feedback content.
2197	*
2198	* - Contact_Form_Plugin::parse_fields_from_content - add mapping
2199	* for the field, defined in the above method.
2200	*
2201	* - Contact_Form_Plugin::map_parsed_field_contents_of_post_to_field_names -
2202	* add mapping of the field for the CSV Export. Otherwise it will be missing
2203	* from the exported data.
2204	*
2205	* - admin.php / grunion_manage_post_columns - add the field to the render logic.
2206	* Otherwise it will be missing from the admin Feedback view.
2207	*
2208	* @return array
2209	*/
2210	public function get_field_ids() {
2211	$field_ids = array(
2212	'all' => array(), // array of all field_ids.
2213	'extra' => array(), // array of all non-allowed field IDs.
2214
2215	// Allowed "standard" field IDs:
2216	// 'email' => field_id,
2217	// 'name' => field_id,
2218	// 'url' => field_id,
2219	// 'subject' => field_id,
2220	// 'textarea' => field_id,
2221	);
2222
2223	// Initialize marketing consent
2224	$field_ids['email_marketing_consent'] = null;
2225	$field_ids['email_marketing_consent_field'] = null;
2226
2227	foreach ( $this->fields as $id => $field ) {
2228	$type = $field->get_attribute( 'type' );
2229
2230	// If the field is not renderable, skip it.
2231	if ( ! $field->is_field_renderable( $type ) ) {
2232	continue;
2233	}
2234
2235	$field_ids['all'][] = $id;
2236
2237	if ( isset( $field_ids[ $type ] ) ) {
2238	// This type of field is already present in our allowed list of "standard" fields for this form
2239	// Put it in extra
2240	$field_ids['extra'][] = $id;
2241	continue;
2242	}
2243
2244	/**
2245	* See method description before modifying the switch cases.
2246	*/
2247	switch ( $type ) {
2248	case 'email':
2249	case 'name':
2250	case 'url':
2251	case 'subject':
2252	case 'textarea':
2253	$field_ids[ $type ] = $id;
2254	break;
2255	case 'consent':
2256	// Set email marketing consent for the first Consent type field
2257	if ( null === $field_ids['email_marketing_consent'] ) {
2258	$field_ids['email_marketing_consent_field'] = $id;
2259	if ( $field->value ) {
2260	$field_ids['email_marketing_consent'] = true;
2261	} else {
2262	$field_ids['email_marketing_consent'] = false;
2263	}
2264	}
2265	$field_ids['extra'][] = $id;
2266	break;
2267	default:
2268	// Put everything else in extra
2269	$field_ids['extra'][] = $id;
2270	}
2271	}
2272
2273	return $field_ids;
2274	}
2275
2276	/**
2277	* Process the contact form's POST submission
2278	* Stores feedback. Sends email.
2279	*/
2280	public function process_submission() {
2281
2282	$response = Feedback::from_submission( $_POST, $this ); // phpcs:Ignore WordPress.Security.NonceVerification.Missing
2283	$response->set_source( $this->get_source() );
2284	$plugin = Contact_Form_Plugin::init();
2285
2286	$id = $this->get_attribute( 'id' );
2287	$to = $this->get_attribute( 'to' );
2288	$widget = $this->get_attribute( 'widget' );
2289	$block_template = $this->get_attribute( 'block_template' );
2290	$block_template_part = $this->get_attribute( 'block_template_part' );
2291
2292	$contact_form_subject = $this->get_attribute( 'subject' );
2293
2294	$to = str_replace( ' ', '', $to );
2295	$emails = explode( ',', $to );
2296
2297	$valid_emails = array();
2298
2299	foreach ( $emails as $email ) {
2300	if ( ! is_email( $email ) ) {
2301	continue;
2302	}
2303
2304	if ( function_exists( 'is_email_address_unsafe' ) && is_email_address_unsafe( $email ) ) {
2305	continue;
2306	}
2307
2308	$valid_emails[] = $email;
2309	}
2310
2311	// No one to send it to, which means none of the "to" attributes are valid emails.
2312	// Use default email instead.
2313	if ( ! $valid_emails ) {
2314	$valid_emails = $this->defaults['to'];
2315	}
2316
2317	$to = $valid_emails;
2318
2319	// Last ditch effort to set a recipient if somehow none have been set.
2320	if ( empty( $to ) ) {
2321	$to = get_option( 'admin_email' );
2322	}
2323
2324	if ( ! $this->has_verified_jwt ) {
2325	// Make sure we're processing the form we think we're processing... probably a redundant check.
2326	if ( $widget ) {
2327	if ( isset( $_POST['contact-form-id'] ) && 'widget-' . $widget !== $_POST['contact-form-id'] ) { // phpcs:Ignore WordPress.Security.NonceVerification.Missing -- check done by caller process_form_submission()
2328	return Form_Submission_Error::system_error( 'form_id_mismatch_widget', __( 'Form ID mismatch.', 'jetpack-forms' ) );
2329	}
2330	} elseif ( $block_template ) {
2331	if ( isset( $_POST['contact-form-id'] ) && 'block-template-' . $block_template !== $_POST['contact-form-id'] ) { // phpcs:Ignore WordPress.Security.NonceVerification.Missing -- check done by caller process_form_submission()
2332	return Form_Submission_Error::system_error( 'form_id_mismatch_block_template', __( 'Form ID mismatch.', 'jetpack-forms' ) );
2333	}
2334	} elseif ( $block_template_part ) {
2335	if ( isset( $_POST['contact-form-id'] ) && 'block-template-part-' . $block_template_part !== $_POST['contact-form-id'] ) { // phpcs:Ignore WordPress.Security.NonceVerification.Missing -- check done by caller process_form_submission()
2336	return Form_Submission_Error::system_error( 'form_id_mismatch_block_template_part', __( 'Form ID mismatch.', 'jetpack-forms' ) );
2337	}
2338	} elseif ( isset( $_POST['contact-form-id'] ) && ( empty( $this->current_post ) \|\| self::get_post_property( $this->current_post, 'ID' ) !== (int) sanitize_text_field( wp_unslash( $_POST['contact-form-id'] ) ) ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Missing -- check done by caller process_form_submission()
2339	return Form_Submission_Error::system_error( 'form_id_mismatch_post', __( 'Form ID mismatch.', 'jetpack-forms' ) );
2340	}
2341	}
2342
2343	// Initialize all these "standard" fields to null
2344	$comment_author_email = $response->get_author_email();
2345	$comment_author = $response->get_author();
2346
2347	$contact_form_subject = $response->get_subject();
2348
2349	// Set marketing consent
2350	$email_marketing_consent = $response->has_consent();
2351
2352	if ( null === $email_marketing_consent ) {
2353	$email_marketing_consent = false;
2354	}
2355
2356	$all_values = $response->get_all_values( 'submit' );
2357	$extra_values = $response->get_legacy_extra_values( 'submit' );
2358
2359	if ( ! empty( $_REQUEST['is_block'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- not changing the site.
2360	$extra_values['is_block'] = true;
2361	}
2362
2363	$contact_form_subject = trim( $contact_form_subject );
2364
2365	$comment_author_ip = Contact_Form_Plugin::get_ip_address();
2366
2367	// Ensure that Akismet gets all of the relevant information from the contact form,
2368	// not just the textarea field and predetermined subject.
2369	$akismet_vars = $response->get_akismet_vars();
2370
2371	$spam = '';
2372	$akismet_values = $plugin->prepare_for_akismet( $akismet_vars );
2373
2374	// Is it spam?
2375	/** This filter is already documented in \Automattic\Jetpack\Forms\ContactForm\Admin */
2376	$is_spam = apply_filters( 'jetpack_contact_form_is_spam', false, $akismet_values );
2377	if ( is_wp_error( $is_spam ) ) { // WP_Error to abort
2378	return $is_spam; // abort
2379	} elseif ( $is_spam === true ) { // TRUE to flag a spam
2380	$spam = '*SPAM* ';
2381	}
2382
2383	/**
2384	* Filter whether a submitted contact form is in the comment disallowed list.
2385	*
2386	* @module contact-form
2387	*
2388	* @since 8.9.0
2389	*
2390	* @param bool $result Is the submitted feedback in the disallowed list.
2391	* @param array $akismet_values Feedack values returned by the Akismet plugin.
2392	*/
2393	$in_comment_disallowed_list = apply_filters( 'jetpack_contact_form_in_comment_disallowed_list', false, $akismet_values );
2394
2395	if ( ! $comment_author ) {
2396	$comment_author = $comment_author_email;
2397	}
2398
2399	/**
2400	* Filter the email where a submitted feedback is sent.
2401	*
2402	* @module contact-form
2403	*
2404	* @since 1.3.1
2405	*
2406	* @param string\|array $to Array of valid email addresses, or single email address.
2407	* @param array $all_values Contact form fields
2408	*/
2409	$to = (array) apply_filters( 'contact_form_to', $to, $all_values );
2410	$reply_to_addr = $to[0]; // get just the address part before the name part is added
2411
2412	foreach ( $to as $to_key => $to_value ) {
2413	$to[ $to_key ] = Contact_Form_Plugin::strip_tags( $to_value );
2414	$to[ $to_key ] = self::add_name_to_address( $to_value );
2415	}
2416
2417	// Get the site domain and get rid of www.
2418	$sitename = wp_parse_url( site_url(), PHP_URL_HOST );
2419	$from_email_addr = 'wordpress@';
2420
2421	if ( null !== $sitename ) {
2422	if ( str_starts_with( $sitename, 'www.' ) ) {
2423	$sitename = substr( $sitename, 4 );
2424	}
2425
2426	$from_email_addr .= $sitename;
2427	}
2428
2429	if ( ! empty( $comment_author_email ) ) {
2430	$reply_to_addr = $comment_author_email;
2431	}
2432
2433	/*
2434	* The email headers here are formatted in a format
2435	* that is the most likely to be accepted by wp_mail(),
2436	* without escaping.
2437	* More info: https://github.com/Automattic/jetpack/pull/19727
2438	*/
2439	$headers = 'From: ' . $comment_author . ' <' . $from_email_addr . ">\r\n" .
2440	'Reply-To: ' . $comment_author . ' <' . $reply_to_addr . ">\r\n";
2441
2442	/**
2443	* Allow customizing the email headers.
2444	*
2445	* Warning: DO NOT add headers or header data from the form submission without proper
2446	* escaping and validation, or you're liable to allow abusers to use your site to send spam.
2447	*
2448	* Especially DO NOT take email addresses from the form data to add as CC or BCC headers
2449	* without strictly validating each address against a list of allowed addresses.
2450	*
2451	* @module contact-form
2452	*
2453	* @since 10.2.0
2454	*
2455	* @param string\|array $headers Email headers.
2456	* @param string $comment_author Name of the author of the submitted feedback, if provided in form.
2457	* @param string $reply_to_addr Email of the author of the submitted feedback, if provided in form.
2458	* @param string\|array $to Array of valid email addresses, or single email address, where the form is sent.
2459	*/
2460	$headers = apply_filters(
2461	'jetpack_contact_form_email_headers',
2462	$headers,
2463	$comment_author,
2464	$reply_to_addr,
2465	$to
2466	);
2467
2468	$all_values['email_marketing_consent'] = $email_marketing_consent;
2469
2470	$entry_values = $response->get_entry_values();
2471
2472	/** This filter is already documented in \Automattic\Jetpack\Forms\ContactForm\Admin */
2473	$subject = apply_filters( 'contact_form_subject', $contact_form_subject, $all_values );
2474
2475	/*
2476	* Links to the feedback and the post.
2477	*/
2478	if ( $block_template \|\| $block_template_part \|\| $widget ) {
2479	$url = home_url( '/' );
2480	} else {
2481	$url = self::get_permalink( $this->current_post ? self::get_post_property( $this->current_post, 'ID' ) : 0 );
2482	}
2483
2484	// translators: the time of the form submission.
2485	$date_time_format = _x( '%1$s \a\t %2$s', '{$date_format} \a\t {$time_format}', 'jetpack-forms' );
2486	$date_time_format = sprintf( $date_time_format, get_option( 'date_format' ), get_option( 'time_format' ) );
2487	$time = wp_date( $date_time_format );
2488
2489	// Keep a copy of the feedback as a custom post type.
2490	if ( $in_comment_disallowed_list ) {
2491	$feedback_status = 'trash';
2492	} elseif ( $is_spam ) {
2493	$feedback_status = 'spam';
2494	} elseif ( 'no' === $this->get_attribute( 'saveResponses' ) ) {
2495	$feedback_status = 'jp-temp-feedback';
2496	} else {
2497	$feedback_status = 'publish';
2498	}
2499	$response->set_status( $feedback_status );
2500
2501	foreach ( (array) $akismet_values as $av_key => $av_value ) {
2502	$akismet_values[ $av_key ] = Contact_Form_Plugin::strip_tags( $av_value );
2503	}
2504
2505	foreach ( $all_values as $all_key => $all_value ) {
2506	$all_values[ $all_key ] = Contact_Form_Plugin::strip_tags( $all_value );
2507	}
2508
2509	foreach ( $extra_values as $ev_key => $ev_value ) {
2510	$extra_values[ $ev_key ] = Contact_Form_Plugin::strip_tags( $ev_value );
2511	}
2512
2513	/*
2514	* We need to make sure that the post author is always zero for contact
2515	* form submissions. This prevents export/import from trying to create
2516	* new users based on form submissions from people who were logged in
2517	* at the time.
2518	*
2519	* Unfortunately wp_insert_post() tries very hard to make sure the post
2520	* author gets the currently logged in user id. That is how we ended up
2521	* with this work around.
2522	*/
2523	add_filter( 'wp_insert_post_data', array( $plugin, 'insert_feedback_filter' ), 10, 2 );
2524
2525	/**
2526	* Allows site owners to not include IP addresses in the saved form response.
2527	*
2528	* The IP address is still used as part of spam filtering, if enabled, but it is removed when this filter
2529	* is set to true before saving to the database and e-mailing the form recipients.
2530
2531	* @module contact-form
2532	*
2533	* @param bool $remove_ip_address Should the IP address be removed. Default false.
2534	* @param string $ip_address IP address of the form submission.
2535	*
2536	* @since 0.33.0
2537	*/
2538	if ( apply_filters( 'jetpack_contact_form_forget_ip_address', false, $comment_author_ip ) ) {
2539	$comment_author_ip = null;
2540	}
2541
2542	$post_id = 0;
2543	$feedback_post = $response->save();
2544	if ( $feedback_post instanceof WP_Post ) {
2545	$post_id = $feedback_post->ID;
2546	}
2547
2548	// once insert has finished we don't need this filter any more
2549	remove_filter( 'wp_insert_post_data', array( $plugin, 'insert_feedback_filter' ), 10 );
2550
2551	update_post_meta( $post_id, '_feedback_extra_fields', $this->addslashes_deep( $extra_values ) );
2552
2553	if ( 'publish' === $feedback_status ) {
2554	Contact_Form_Plugin::recalculate_unread_count();
2555	}
2556
2557	if ( defined( 'AKISMET_VERSION' ) ) {
2558	update_post_meta( $post_id, '_feedback_akismet_values', $this->addslashes_deep( $akismet_values ) );
2559	}
2560
2561	/**
2562	* Fires after the feedback post for the contact form submission has been inserted.
2563	*
2564	* @module contact-form
2565	*
2566	* @since 8.6.0
2567	*
2568	* @param integer $post_id The post id that contains the contact form data.
2569	* @param array $this->fields An array containg the form's Contact_Form_Field objects.
2570	* @param boolean $is_spam Whether the form submission has been identified as spam.
2571	* @param array $entry_values The feedback entry values.
2572	*/
2573	do_action( 'grunion_after_feedback_post_inserted', $post_id, $this->fields, $is_spam, $entry_values );
2574
2575	/**
2576	* Filter the title used in the response email.
2577	*
2578	* @module contact-form
2579	*
2580	* @since 0.18.0
2581	*
2582	* @param string the title of the email
2583	*/
2584	$title = (string) apply_filters( 'jetpack_forms_response_email_title', '' );
2585	$message = self::get_compiled_form_for_email( $post_id, $this );
2586
2587	if ( is_user_logged_in() ) {
2588	$sent_by_text = sprintf(
2589	// translators: the name of the site.
2590	'<br />' . esc_html__( 'Sent by a verified %s user.', 'jetpack-forms' ) . '<br />',
2591	isset( $GLOBALS['current_site']->site_name ) && $GLOBALS['current_site']->site_name ? $GLOBALS['current_site']->site_name : '"' . get_option( 'blogname' ) . '"'
2592	);
2593	} else {
2594	$sent_by_text = '<br />' . esc_html__( 'Sent by an unverified visitor to your site.', 'jetpack-forms' ) . '<br />';
2595	}
2596
2597	$footer_time = sprintf(
2598	/* translators: Placeholder is the date and time when a form was submitted. */
2599	esc_html__( 'Time: %1$s', 'jetpack-forms' ),
2600	$time
2601	);
2602	$footer_ip = null;
2603	if ( $comment_author_ip ) {
2604	$ip_lookup_url = sprintf( 'https://jetpack.com/redirect/?source=ip-lookup&path=%s', rawurlencode( $comment_author_ip ) );
2605	$comment_author_ip_with_link = '<a href="' . esc_url( $ip_lookup_url ) . '">' . esc_html( $comment_author_ip ) . '</a>';
2606	$comment_author_ip_with_flag = ( $response->get_country_flag() ? $response->get_country_flag() . ' ' : '' ) . $comment_author_ip_with_link;
2607	$footer_ip = sprintf(
2608	/* translators: Placeholder is the IP address of the person who submitted a form. */
2609	esc_html__( 'IP Address: %1$s', 'jetpack-forms' ),
2610	$comment_author_ip_with_flag
2611	);
2612	}
2613	$footer_browser = null;
2614	if ( $response->get_browser() ) {
2615	$footer_browser = sprintf(
2616	/* translators: Placeholder is the browser and platform used to submit a form. */
2617	esc_html__( 'Browser: %1$s', 'jetpack-forms' ),
2618	$response->get_browser()
2619	) . '<br />';
2620	}
2621
2622	$footer_url = sprintf(
2623	/* translators: Placeholder is the URL of the page where a form was submitted. */
2624	__( 'Source URL: %1$s', 'jetpack-forms' ),
2625	esc_url( $url )
2626	);
2627
2628	// Get the status of the feedback
2629	$status = $is_spam ? 'spam' : 'inbox';
2630
2631	// Build the dashboard URL with the status and the feedback's post id if we have a post id
2632	$dashboard_url = '';
2633	$footer_mark_as_spam_url = '';
2634	if ( $feedback_status !== 'jp-temp-feedback' ) {
2635	$dashboard_url = Forms_Dashboard::get_forms_admin_url( $status ) . '&r=' . $post_id;
2636	$mark_as_spam_url = $dashboard_url . '&mark_as_spam';
2637	$footer_mark_as_spam_url = sprintf(
2638	'<a href="%1$s">%2$s</a>',
2639	esc_url( $mark_as_spam_url ),
2640	__( 'Mark as spam', 'jetpack-forms' )
2641	);
2642	}
2643
2644	$footer = implode(
2645	'',
2646	/**
2647	* Filter the footer used in the response email.
2648	*
2649	* @module contact-form
2650	*
2651	* @since 0.18.0
2652	*
2653	* @param array the lines of the footer, one line per array element.
2654	*/
2655	apply_filters(
2656	'jetpack_forms_response_email_footer',
2657	array_filter(
2658	array(
2659	'<span style="font-size: 12px">',
2660	$footer_time . '<br />',
2661	$footer_ip ? $footer_ip . '<br />' : null,
2662	$footer_browser ? $footer_browser . '<br />' : null,
2663	$footer_url . '<br /><br />',
2664	$footer_mark_as_spam_url ? $footer_mark_as_spam_url . '<br />' : null,
2665	$sent_by_text,
2666	'</span>',
2667	)
2668	)
2669	)
2670	);
2671
2672	// Build the actions url if we have a dashboard url
2673	$actions = '';
2674	if ( $dashboard_url ) {
2675	$actions = sprintf(
2676	'<table class="button_block" border="0" cellpadding="0" cellspacing="0" role="presentation">
2677	<tr>
2678	<td class="pad" align="center">
2679	<a rel="noopener" target="_blank" href="%1$s" data-tracks-link-desc="">
2680	<!--[if mso]>
2681	<i style="mso-text-raise: 30pt;"> </i>
2682	<![endif]-->
2683	<span>%2$s</span>
2684	<!--[if mso]>
2685	<i> </i>
2686	<![endif]-->
2687	</a>
2688	</td>
2689	</tr>
2690	</table>',
2691	esc_url( $dashboard_url ),
2692	__( 'View in dashboard', 'jetpack-forms' )
2693	);
2694	}
2695
2696	/**
2697	* Filters the message sent via email after a successful form submission.
2698	*
2699	* @module contact-form
2700	*
2701	* @since 1.3.1
2702	*
2703	* @param string $message Feedback email message.
2704	* @param string $message Feedback email message as an array
2705	*/
2706	$message = apply_filters( 'contact_form_message', implode( '', $message ), $message );
2707
2708	// This is called after `contact_form_message`, in order to preserve back-compat
2709	$message = self::wrap_message_in_html_tags( $title, $message, $footer, $actions );
2710
2711	update_post_meta( $post_id, '_feedback_email', $this->addslashes_deep( compact( 'to', 'message' ) ) );
2712
2713	/**
2714	* Fires right before the contact form message is sent via email to
2715	* the recipient specified in the contact form.
2716	*
2717	* @module contact-form
2718	*
2719	* @since 1.3.1
2720	*
2721	* @param integer $post_id Post contact form lives on
2722	* @param array $all_values Contact form fields
2723	* @param array $extra_values Contact form fields not included in $all_values
2724	*/
2725	do_action( 'grunion_pre_message_sent', $post_id, $all_values, $extra_values );
2726
2727	// schedule deletes of old spam feedbacks
2728	if ( ! wp_next_scheduled( 'grunion_scheduled_delete' ) ) {
2729	wp_schedule_event( time() + 250, 'daily', 'grunion_scheduled_delete' );
2730	}
2731
2732	// schedule deletes of old temp feedbacks
2733	if ( ! wp_next_scheduled( 'grunion_scheduled_delete_temp' ) ) {
2734	wp_schedule_event( time() + 250, 'daily', 'grunion_scheduled_delete_temp' );
2735	}
2736
2737	/**
2738	* Filter to choose whether an email should be sent after each successful contact form submission.
2739	* This filter takes precedence over the emailNotifications attribute.
2740	*
2741	* @module contact-form
2742	*
2743	* @since 2.6.0
2744	*
2745	* @param bool\|null $should_send Should an email be sent after a form submission.
2746	* - true: Send email regardless of emailNotifications setting
2747	* - false: Don't send email regardless of emailNotifications setting
2748	* - null: Use emailNotifications attribute to determine (default behavior)
2749	* @param int $post_id Post ID.
2750	*/
2751	$should_send_email = apply_filters( 'grunion_should_send_email', null, $post_id );
2752
2753	// Determine if email should be sent based on filter precedence
2754	if ( $should_send_email === true ) {
2755	// Filter explicitly says to send email
2756	$send_email = true;
2757	} elseif ( $should_send_email === false ) {
2758	// Filter explicitly says not to send email
2759	$send_email = false;
2760	} else {
2761	// Filter is null (default), use emailNotifications attribute
2762	$send_email = ( $this->get_attribute( 'emailNotifications' ) !== 'no' );
2763	}
2764
2765	if (
2766	$is_spam !== true &&
2767	$send_email
2768	) {
2769	self::wp_mail( $to, "{$spam}{$subject}", $message, $headers );
2770	} elseif (
2771	true === $is_spam &&
2772	/**
2773	* Choose whether an email should be sent for each spam contact form submission.
2774	*
2775	* @module contact-form
2776	*
2777	* @since 1.3.1
2778	*
2779	* @param bool false Should an email be sent after a spam form submission. Default to false.
2780	*/
2781	apply_filters( 'grunion_still_email_spam', false )
2782	) { // don't send spam by default. Filterable.
2783	self::wp_mail( $to, "{$spam}{$subject}", $message, $headers );
2784	}
2785
2786	/**
2787	* Fires an action hook right after the email(s) have been sent.
2788	*
2789	* @module contact-form
2790	*
2791	* @since 7.3.0
2792	*
2793	* @param int $post_id Post contact form lives on.
2794	* @param string\|array $to Array of valid email addresses, or single email address.
2795	* @param string $subject Feedback email subject.
2796	* @param string $message Feedback email message.
2797	* @param string\|array $headers Optional. Additional headers.
2798	* @param array $all_values Contact form fields.
2799	* @param array $extra_values Contact form fields not included in $all_values
2800	*/
2801	do_action( 'grunion_after_message_sent', $post_id, $to, $subject, $message, $headers, $all_values, $extra_values );
2802
2803	$refresh_args = array(
2804	'contact-form-id' => $id,
2805	'contact-form-sent' => $post_id,
2806	'contact-form-hash' => $this->hash,
2807	'_wpnonce' => wp_create_nonce( "contact-form-sent-{$post_id}" ), // wp_nonce_url HTMLencodes :( .
2808	);
2809
2810	// If the request accepts JSON, return a JSON response instead of redirecting
2811	$accepts_json = isset( $_SERVER['HTTP_ACCEPT'] ) && false !== strpos( strtolower( sanitize_text_field( wp_unslash( $_SERVER['HTTP_ACCEPT'] ) ) ), 'application/json' );
2812
2813	if ( $this->is_response_without_reload_enabled && $accepts_json ) {
2814	$data = array();
2815	if ( $response instanceof Feedback ) {
2816	$data = $response->get_compiled_fields( 'ajax', 'label\|value' );
2817	}
2818	wp_send_json(
2819	array(
2820	'success' => true,
2821	'data' => $data,
2822	'refreshArgs' => $refresh_args,
2823	),
2824	null, // @phan-suppress-current-line PhanTypeMismatchArgumentProbablyReal -- It takes null, but its phpdoc only says int.
2825	JSON_UNESCAPED_SLASHES
2826	);
2827	}
2828
2829	if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
2830	return self::success_message( $post_id, $this );
2831	}
2832
2833	$redirect = $this->get_redirect_url( $refresh_args, $id, $post_id );
2834
2835	// phpcs:ignore WordPress.Security.SafeRedirect.wp_redirect_wp_redirect -- We intentially allow external redirects here.
2836	wp_redirect( $redirect );
2837	exit( 0 );
2838	}
2839
2840	/**
2841	* Check if the contact form has a custom redirect.
2842	*
2843	* @return bool True if the contact form has a custom redirect, false otherwise.
2844	*/
2845	public function has_custom_redirect() {
2846	$confirmation_type = $this->get_confirmation_type();
2847
2848	if ( ! empty( $this->get_attribute( 'customThankyouRedirect' ) ) && 'redirect' === $confirmation_type ) {
2849	return true;
2850	}
2851	/**
2852	* Filter to check if the contact form has a redirect filter.
2853	*
2854	* @module contact-form
2855	*
2856	* @since 1.9.0
2857	*
2858	* @param bool $has_redirect True if the contact form has a redirect filter, false otherwise.
2859	*/
2860	return (bool) has_filter( 'grunion_contact_form_redirect_url' );
2861	}
2862
2863	/**
2864	* Get the URL where the reader is redirected after submitting a form.
2865	*
2866	* @param array $refresh_args The arguments to be added to the redirect URL.
2867	* @param int $id Contact Form ID.
2868	* @param int $post_id Post ID.
2869	*
2870	* @return string The redirect URL.
2871	*/
2872	public function get_redirect_url( $refresh_args, $id, $post_id ) {
2873	$confirmation_type = $this->get_confirmation_type();
2874	$redirect = '';
2875	$custom_redirect = false;
2876
2877	if ( 'redirect' === $confirmation_type ) {
2878	$custom_redirect = true;
2879	$redirect = esc_url_raw( $this->get_attribute( 'customThankyouRedirect' ) );
2880	}
2881
2882	if ( ! $redirect ) {
2883	$custom_redirect = false;
2884	$redirect = wp_get_referer();
2885	}
2886
2887	if ( ! $redirect ) { // wp_get_referer() returns false if the referer is the same as the current page.
2888	$custom_redirect = false;
2889	$redirect = isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '';
2890	}
2891
2892	if ( ! $custom_redirect ) {
2893	$redirect = add_query_arg(
2894	urlencode_deep( $refresh_args ),
2895	$redirect
2896	);
2897	}
2898
2899	/**
2900	* Filter the URL where the reader is redirected after submitting a form.
2901	*
2902	* @module contact-form
2903	*
2904	* @since 1.9.0
2905	*
2906	* @param string $redirect Post submission URL.
2907	* @param int $id Contact Form ID.
2908	* @param int $post_id Post ID.
2909	*/
2910	return apply_filters( 'grunion_contact_form_redirect_url', $redirect, $id, $post_id );
2911	}
2912
2913	/**
2914	* Get the permalink for the post ID that include the page query parameter if it was set.
2915	*
2916	* @param int $post_id The post ID.
2917	*
2918	* return string The permalink for the post ID.
2919	*/
2920	public static function get_permalink( $post_id ) {
2921	$url = get_permalink( $post_id );
2922	$page = isset( $_POST['page'] ) ? absint( wp_unslash( $_POST['page'] ) ) : null; // phpcs:Ignore WordPress.Security.NonceVerification.Missing
2923	if ( $page ) {
2924	return add_query_arg( 'page', $page, $url );
2925	}
2926	return $url;
2927	}
2928
2929	/**
2930	* Wrapper for wp_mail() that enables HTML messages with text alternatives
2931	*
2932	* @param string\|array $to Array or comma-separated list of email addresses to send message.
2933	* @param string $subject Email subject.
2934	* @param string $message Message contents.
2935	* @param string\|array $headers Optional. Additional headers.
2936	* @param string\|array $attachments Optional. Files to attach.
2937	*
2938	* @return bool Whether the email contents were sent successfully.
2939	*/
2940	public static function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) {
2941	add_filter( 'wp_mail_content_type', __CLASS__ . '::get_mail_content_type' );
2942	add_action( 'phpmailer_init', __CLASS__ . '::add_plain_text_alternative' );
2943
2944	$result = wp_mail( $to, $subject, $message, $headers, $attachments );
2945
2946	remove_filter( 'wp_mail_content_type', __CLASS__ . '::get_mail_content_type' );
2947	remove_action( 'phpmailer_init', __CLASS__ . '::add_plain_text_alternative' );
2948
2949	return $result;
2950	}
2951
2952	/**
2953	* Add a display name part to an email address
2954	*
2955	* SpamAssassin doesn't like addresses in HTML messages that are missing display names (e.g., `foo@bar.org`
2956	* instead of `Foo Bar <foo@bar.org>`.
2957	*
2958	* @param string $address - the email address.
2959	*
2960	* @return string
2961	*/
2962	public function add_name_to_address( $address ) {
2963	// If it's just the address, without a display name
2964	if ( is_email( $address ) ) {
2965	$address_parts = explode( '@', $address );
2966
2967	/*
2968	* The email address format here is formatted in a format
2969	* that is the most likely to be accepted by wp_mail(),
2970	* without escaping.
2971	* More info: https://github.com/Automattic/jetpack/pull/19727
2972	*/
2973	$address = sprintf( '%s <%s>', $address_parts[0], $address );
2974	}
2975
2976	return $address;
2977	}
2978
2979	/**
2980	* Get the content type that should be assigned to outbound emails
2981	*
2982	* @return string
2983	*/
2984	public static function get_mail_content_type() {
2985	return 'text/html';
2986	}
2987
2988	/**
2989	* Wrap a message body with the appropriate in HTML tags
2990	*
2991	* This helps to ensure correct parsing by clients, and also helps avoid triggering spam filtering rules
2992	*
2993	* @param string $title - title of the email.
2994	* @param string $body - the message body.
2995	* @param string $footer - the footer containing meta information.
2996	* @param string $actions - HTML for actions displayed in the email.
2997	*
2998	* @return string
2999	*/
3000	public static function wrap_message_in_html_tags( $title, $body, $footer, $actions = '' ) {
3001	// Don't do anything if the message was already wrapped in HTML tags
3002	// That could have be done by a plugin via filters
3003	if ( str_contains( $body, '<html' ) ) {
3004	return $body;
3005	}
3006
3007	$template = '';
3008	$style = '';
3009
3010	// The hash is just used to anonymize the admin email and have a unique identifier for the event.
3011	// The secret key used could have been a random string, but it's better to use the version number to make it easier to track.
3012	$event = new Jetpack_Tracks_Event(
3013	(object) array(
3014	'_en' => 'jetpack_forms_email_open',
3015	'_ui' => hash_hmac( 'md5', get_option( 'admin_email' ), JETPACK__VERSION ),
3016	'_ut' => 'anon',
3017	)
3018	);
3019
3020	$tracking_pixel = '<img src="' . $event->build_pixel_url() . '" alt="" width="1" height="1" />';
3021
3022	/**
3023	* Filter the filename of the template HTML surrounding the response email. The PHP file will return the template in a variable called $template.
3024	*
3025	* @module contact-form
3026	*
3027	* @since 0.18.0
3028	*
3029	* @param string the filename of the HTML template used for response emails to the form owner.
3030	*/
3031	require apply_filters( 'jetpack_forms_response_email_template', __DIR__ . '/templates/email-response.php' );
3032
3033	/**
3034	* Filter the HTML for the powered by section in the email.
3035	*
3036	* @module contact-form
3037	*
3038	* @since 7.2.0
3039	*
3040	* @param string $powered_by_html The HTML for the powered by section in the email.
3041	*/
3042	$powered_by_html = apply_filters(
3043	'jetpack_forms_email_powered_by_html',
3044	str_replace(
3045	"\t",
3046	'',
3047	'
3048	<tr>
3049	<td class="content-block powered-by">
3050	' .
3051	sprintf(
3052	// translators: %1$s is a link to the Jetpack Forms page.
3053	__( 'Powered by %1$s', 'jetpack-forms' ),
3054	'<a href="https://jetpack.com/forms/?utm_source=jetpack-forms&utm_medium=email&utm_campaign=form-submissions">Jetpack Forms</a>'
3055	) . '
3056	</td>
3057	</tr>'
3058	)
3059	);
3060
3061	$html_message = sprintf(
3062	// The tabs are just here so that the raw code is correctly formatted for developers
3063	// They're removed so that they don't affect the final message sent to users
3064	str_replace(
3065	"\t",
3066	'',
3067	$template
3068	),
3069	( $title !== '' ? '<h1>' . $title . '</h1>' : '' ),
3070	$body,
3071	'',
3072	'',
3073	$footer,
3074	$style,
3075	$tracking_pixel,
3076	$actions,
3077	$powered_by_html
3078	);
3079
3080	return $html_message;
3081	}
3082
3083	/**
3084	* Add a plain-text alternative part to an outbound email
3085	*
3086	* This makes the message more accessible to mail clients that aren't HTML-aware, and decreases the likelihood
3087	* that the message will be flagged as spam.
3088	*
3089	* @param PHPMailer $phpmailer - the phpmailer.
3090	*/
3091	public static function add_plain_text_alternative( $phpmailer ) {
3092	// phpcs:disable WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase
3093
3094	// Add an extra break so that the extra space above the <p> is preserved after the <p> is stripped out
3095	$alt_body = str_replace( '<p>', '<p><br />', $phpmailer->Body );
3096
3097	// Convert <br> to \n breaks, to preserve the space between lines that we want to keep
3098	$alt_body = str_replace( array( '<br>', '<br />' ), "\n", $alt_body );
3099
3100	// Convert <div> to \n breaks, to preserve space between lines for new email formatting.
3101	$alt_body = str_replace( '<div', "\n<div", $alt_body );
3102
3103	// Convert <hr> to an plain-text equivalent, to preserve the integrity of the message
3104	$alt_body = str_replace( array( '<hr>', '<hr />' ), "----\n", $alt_body );
3105
3106	// Trim the plain text message to remove the \n breaks that were after <doctype>, <html>, and <body>
3107	$phpmailer->AltBody = trim( wp_strip_all_tags( $alt_body ) );
3108	// phpcs:enable WordPress.NamingConventions.ValidVariableName.UsedPropertyNotSnakeCase
3109	}
3110
3111	/**
3112	* Add deepslashes.
3113	*
3114	* @param array $value - the value.
3115	* @return array The value, with slashes added.
3116	*/
3117	public function addslashes_deep( $value ) {
3118	if ( is_array( $value ) ) {
3119	return array_map( array( $this, 'addslashes_deep' ), $value );
3120	} elseif ( is_object( $value ) ) {
3121	$vars = get_object_vars( $value );
3122	foreach ( $vars as $key => $data ) {
3123	$value->{$key} = $this->addslashes_deep( $data );
3124	}
3125	return (array) $value;
3126	}
3127
3128	return addslashes( $value );
3129	}
3130
3131	/**
3132	* Rough implementation of Gutenberg's align-attribute-to-css-class map.
3133	* Only allowin "wide" and "full" as "center", "left" and "right" don't
3134	* make much sense for the form.
3135	*
3136	* @param array $attributes Block attributes.
3137	* @return string The CSS alignment class: alignfull \| alignwide.
3138	*/
3139	public static function get_block_alignment_class( $attributes = array() ) {
3140	$align_to_class_map = array(
3141	'wide' => 'alignwide',
3142	'full' => 'alignfull',
3143	);
3144	if ( empty( $attributes['align'] ) \|\| ! array_key_exists( $attributes['align'], $align_to_class_map ) ) {
3145	return '';
3146	}
3147	return $align_to_class_map[ $attributes['align'] ];
3148	}
3149
3150	/**
3151	* Process a file upload field.
3152	*
3153	* @param string $field_id The field ID.
3154	* @param object $field The field object.
3155	*
3156	* @return array A structured array with field_id and files array.
3157	*/
3158	public function process_file_upload_field( $field_id, $field ) {
3159	$field_id = sanitize_key( $field_id );
3160
3161	$raw_data = array();
3162	// phpcs:ignore WordPress.Security.NonceVerification.Missing
3163	if ( isset( $_POST[ $field_id ] ) ) {
3164
3165	// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.NonceVerification.Missing
3166	$raw_post_data = wp_unslash( $_POST[ $field_id ] );
3167	if ( is_array( $raw_post_data ) ) {
3168	$raw_data = array_map( 'sanitize_text_field', $raw_post_data );
3169	}
3170	}
3171
3172	$file_data_array = is_array( $raw_data )
3173	? array_map(
3174	function ( $json_str ) {
3175	$decoded = json_decode( $json_str, true );
3176	return array(
3177	'file_id' => isset( $decoded['file_id'] ) ? sanitize_text_field( $decoded['file_id'] ) : '',
3178	'name' => isset( $decoded['name'] ) ? sanitize_text_field( $decoded['name'] ) : '',
3179	'size' => isset( $decoded['size'] ) ? absint( $decoded['size'] ) : 0,
3180	'type' => isset( $decoded['type'] ) ? sanitize_text_field( $decoded['type'] ) : '',
3181	);
3182	},
3183	$raw_data
3184	) : array();
3185
3186	if ( empty( $file_data_array ) ) {
3187	$field->add_error( __( 'Failed to upload file.', 'jetpack-forms' ) );
3188	return array(
3189	'field_id' => $field_id,
3190	'files' => array(),
3191	);
3192	}
3193
3194	return array(
3195	'field_id' => $field_id,
3196	'files' => $file_data_array,
3197	);
3198	}
3199
3200	/**
3201	* Ensures a field label ends with a colon, unless it ends with a question mark.
3202	*
3203	* @param string $label The field label.
3204	* @return string The formatted label.
3205	*/
3206	private static function maybe_add_colon_to_label( $label ) {
3207	$formatted_label = $label ? $label : '';
3208	// Special case for the Terms consent field block which a period after the label.
3209	$formatted_label = str_ends_with( $formatted_label, '?' ) ? $formatted_label : rtrim( $formatted_label, ':.' ) . ':';
3210
3211	return $formatted_label;
3212	}
3213
3214	/**
3215	* Ensures a value is formatted as a string, taking into account file upload fields.
3216	*
3217	* @param mixed $value The value to transform.
3218	* @return mixed The transformed value.
3219	*/
3220	private static function maybe_transform_value( $value ) {
3221	if ( is_array( $value ) && isset( $value['type'] ) && $value['type'] === 'image-select' ) {
3222	return implode(
3223	', ',
3224	array_map(
3225	function ( $choice ) {
3226	$value = $choice['perceived'];
3227
3228	if ( $choice['showLabels'] && ! empty( $choice['label'] ) ) {
3229	$value .= ' - ' . $choice['label'];
3230	}
3231
3232	return $value;
3233	},
3234	$value['choices']
3235	)
3236	);
3237	}
3238
3239	// For URL fields, extract the display text value (original user input without auto-added protocol).
3240	if ( is_array( $value ) && isset( $value['type'] ) && $value['type'] === 'url' ) {
3241	// Prefer displayValue (raw input) over url (which may have https:// prepended).
3242	return isset( $value['displayValue'] ) ? $value['displayValue'] : ( isset( $value['url'] ) ? $value['url'] : '' );
3243	}
3244
3245	// For file upload fields, we want to show the file name and size
3246	if ( is_array( $value ) && isset( $value['name'] ) && isset( $value['size'] ) ) {
3247	$file_name = $value['name'];
3248	$file_size = $value['size'];
3249	return empty( $file_size ) ? $file_name : $file_name . ' (' . $file_size . ')';
3250	}
3251
3252	return $value;
3253	}
3254
3255	/**
3256	* Helper method to get the images from an image select field.
3257	*
3258	* Returns an array of image choice objects, each containing:
3259	* - src: The image URL
3260	* - letterCode: The letter code (e.g., 'A', 'B', 'C')
3261	* - label: The choice label text (empty string if showLabels is false)
3262	*
3263	* @param array $value The value to get the images from.
3264	* @return array\|null The images with metadata, or null if not an image-select field.
3265	*/
3266	private static function get_images( $value ) {
3267	if ( is_array( $value ) && isset( $value['type'] ) && $value['type'] === 'image-select' ) {
3268	return array_map(
3269	function ( $choice ) {
3270	$letter_code = $choice['perceived'] ?? '';
3271	$label = '';
3272
3273	if ( ! empty( $choice['showLabels'] ) && ! empty( $choice['label'] ) ) {
3274	$label = $choice['label'];
3275	}
3276
3277	return array(
3278	'src' => $choice['image']['src'] ?? '',
3279	'letterCode' => $letter_code,
3280	'label' => $label,
3281	);
3282	},
3283	$value['choices']
3284	);
3285	}
3286
3287	return null;
3288	}
3289
3290	/**
3291	* Helper method to format a raw label string for display, including kses sanitization.
3292	*
3293	* @param string\|null $raw_label The raw label input.
3294	* @return string The formatted and kses'd label string, or an empty string if raw_label is empty.
3295	*/
3296	private static function escape_and_sanitize_field_label( $raw_label ) {
3297	if ( empty( $raw_label ) ) {
3298	return ''; // kses the empty string
3299	}
3300	return wp_kses( (string) $raw_label, array() );
3301	}
3302
3303	/**
3304	* Enforce required block supports UIs for Classic themes.
3305	*
3306	* @param \WP_Theme_JSON_Data $theme_json_data Theme JSON data object.
3307	*
3308	* @return \WP_Theme_JSON_Data Updated theme JSON settings.
3309	*/
3310	public static function add_theme_json_data_for_classic_themes( $theme_json_data ) {
3311	if ( wp_is_block_theme() ) {
3312	return $theme_json_data;
3313	}
3314
3315	$data = $theme_json_data->get_data();
3316
3317	if ( ! isset( $data['settings']['blocks'] ) ) {
3318	$data['settings']['blocks'] = array();
3319	}
3320
3321	$data['settings']['blocks']['jetpack/input'] = array(
3322	'color' => array(
3323	'text' => true,
3324	'background' => false,
3325	),
3326	'border' => array(
3327	'color' => true,
3328	'radius' => true,
3329	'style' => true,
3330	'width' => true,
3331	),
3332	'typography' => array(
3333	'fontFamily' => true,
3334	'fontSize' => true,
3335	'fontStyle' => true,
3336	'fontWeight' => true,
3337	'letterSpacing' => true,
3338	'lineHeight' => true,
3339	'textDecoration' => true,
3340	'textTransform' => true,
3341	),
3342	);
3343
3344	// maybe need to add support for jetpack/phone-input
3345
3346	$data['settings']['blocks']['jetpack/options'] = array(
3347	'color' => array(
3348	'text' => true,
3349	'background' => true,
3350	),
3351	'border' => array(
3352	'color' => true,
3353	'radius' => true,
3354	'style' => true,
3355	'width' => true,
3356	),
3357	);
3358
3359	$shared_settings = array(
3360	'color' => array(
3361	'text' => true,
3362	'background' => false,
3363	),
3364	'typography' => array(
3365	'fontFamily' => true,
3366	'fontSize' => true,
3367	'fontStyle' => true,
3368	'fontWeight' => true,
3369	'letterSpacing' => true,
3370	'lineHeight' => true,
3371	'textDecoration' => true,
3372	'textTransform' => true,
3373	),
3374	);
3375	$data['settings']['blocks']['jetpack/label'] = $shared_settings;
3376	$data['settings']['blocks']['jetpack/option'] = $shared_settings;
3377
3378	$theme_json_class = get_class( $theme_json_data );
3379	return new $theme_json_class( $data, 'default' );
3380	}
3381
3382	/**
3383	* Validate the contact form fields.
3384	*
3385	* This method checks each field for errors and ensures that at least one field has a value.
3386	* If no fields have values and there are no errors, it adds an error indicating that the form is empty.
3387	*/
3388	public function validate() {
3389	$has_value = false;
3390	// Validate the form fields before processing the form.
3391	foreach ( $this->fields as $field ) {
3392	$field->validate();
3393	if ( ! $has_value && $field->has_value() ) {
3394	$has_value = true;
3395	}
3396	}
3397
3398	if ( ! $has_value && ! $this->has_errors() ) {
3399	$this->add_error( 'empty', __( 'Please fill out at least one field.', 'jetpack-forms' ) );
3400	}
3401
3402	$ref_id = $this->get_attribute( 'ref' );
3403	if ( ! empty( $ref_id ) ) {
3404	$this->validate_ref( $ref_id );
3405	}
3406	}
3407
3408	/**
3409	* Validate the form reference.
3410	*
3411	* @param int $ref The form reference ID.
3412	*/
3413	public function validate_ref( $ref ) {
3414	$form_post = get_post( $ref );
3415	if ( ! $form_post \|\| self::POST_TYPE !== $form_post->post_type ) {
3416	$this->add_error( 'invalid_ref', __( 'Invalid form reference.', 'jetpack-forms' ) );
3417	return;
3418	}
3419	if ( $form_post->post_status !== 'publish' ) {
3420	$this->add_error( 'unpublished_form', __( 'Invalid form reference.', 'jetpack-forms' ) );
3421	return;
3422	}
3423	}
3424
3425	/**
3426	* Reset the static errors for the contact form.
3427	*
3428	* @param string $id The ID of the contact form to reset errors for. If null, resets all static errors.
3429	*
3430	* This method is used to clear the static errors stored in the class.
3431	*/
3432	public static function reset_errors( $id = null ) {
3433	if ( $id && isset( self::$static_errors[ $id ] ) ) {
3434	unset( self::$static_errors[ $id ] );
3435	return;
3436	}
3437	self::$static_errors = array();
3438	}
3439
3440	/**
3441	* Add an error to the contact form.
3442	*
3443	* @param string $error_code The error code.
3444	* @param string $error_message The error message.
3445	*/
3446	public function add_error( $error_code, $error_message ) {
3447	$id = $this->get_attribute( 'id' );
3448	if ( ! isset( self::$static_errors[ $id ] ) ) {
3449	self::$static_errors[ $id ] = Form_Submission_Error::validation_error( $error_code, $error_message );
3450	} else {
3451	// If we already have errors, add this error to the existing Form_Submission_Error
3452	self::$static_errors[ $id ]->add( $error_code, $error_message );
3453	}
3454	$this->errors = self::$static_errors[ $id ];
3455	}
3456	/**
3457	* Check if the contact form has errors.
3458	*
3459	* @return bool True if the contact form has errors, false otherwise.
3460	*/
3461	public function has_errors() {
3462	$id = $this->get_attribute( 'id' );
3463	if ( ! isset( self::$static_errors[ $id ] ) ) {
3464	return false;
3465	}
3466	return is_wp_error( self::$static_errors[ $id ] ) && ! empty( self::$static_errors[ $id ]->get_error_codes() );
3467	}
3468
3469	/**
3470	* Get the error messages of the contact form.
3471	*
3472	* @return array The errors of the contact form.
3473	*/
3474	public function get_error_messages() {
3475	if ( ! $this->has_errors() ) {
3476	return array();
3477	}
3478	$id = $this->get_attribute( 'id' );
3479	return self::$static_errors[ $id ]->get_error_messages();
3480	}
3481
3482	/**
3483	* Get the confirmation type of the contact form from the deprecated customThankyou attribute.
3484	*
3485	* @return string The confirmation type of the contact form.
3486	*/
3487	public function get_confirmation_type() {
3488	$confirmation_type = $this->get_attribute( 'confirmationType' );
3489
3490	if ( '' === $confirmation_type ) {
3491	$confirmation_type = 'redirect' === $this->get_attribute( 'customThankyou' ) ? 'redirect' : 'text';
3492	}
3493
3494	return $confirmation_type;
3495	}
3496
3497	/**
3498	* Get the disable summary of the contact form from the deprecated customThankyou attribute.
3499	*
3500	* @return string The disable summary of the contact form.
3501	*/
3502	public function get_disable_summary() {
3503	$disable_summary = $this->get_attribute( 'disableSummary' );
3504	$custom_thankyou = $this->get_attribute( 'customThankyou' );
3505
3506	if ( '' === $disable_summary ) {
3507	$disable_summary = 'noSummary' === $custom_thankyou \|\| 'message' === $custom_thankyou;
3508	}
3509
3510	return $disable_summary;
3511	}
3512	}