From 29393ebd81d82745fa7dbbaf177924e54d94bef7 Mon Sep 17 00:00:00 2001
From: Nikola Petrov <nikola@petrovv.com>
Date: Wed, 6 May 2026 18:43:03 +0200
Subject: [PATCH] opt settings page

---
 go-form-plugin/go-form-plugin.php           | 78 ++++++++++++++-------
 go-form-plugin/templates/form-shortcode.php |  2 +-
 go-form-plugin/templates/table.php          |  7 +-
 3 files changed, 53 insertions(+), 34 deletions(-)

diff --git a/go-form-plugin/go-form-plugin.php b/go-form-plugin/go-form-plugin.php
index 2f063ad..62b123d 100644
--- a/go-form-plugin/go-form-plugin.php
+++ b/go-form-plugin/go-form-plugin.php
@@ -106,8 +106,19 @@ function go_form_handle_submission()
     wp_die('Security check failed');
 
   global $wpdb;
+  $form_id = isset($_POST['form_id']) ? intval($_POST['form_id']) : 1;
+
+  // Check if form exists
+  $form_exists = $wpdb->get_var($wpdb->prepare(
+    "SELECT COUNT(*) FROM {$wpdb->prefix}go_form_forms WHERE id = %d",
+    $form_id
+  ));
+  if (!$form_exists) {
+    $form_id = 1; // Fallback to default form
+  }
+
   $data = [
-    'form_id' => isset($_POST['form_id']) ? intval($_POST['form_id']) : 1,
+    'form_id' => $form_id,
     'first_name' => sanitize_text_field($_POST['first_name']),
     'last_name' => sanitize_text_field($_POST['last_name']),
     'country' => sanitize_text_field($_POST['country'] ?? ''),
@@ -131,7 +142,7 @@ function go_form_handle_submission()
   wp_redirect($_SERVER['HTTP_REFERER']);
   exit;
 }
-add_action('admin_post_go_form_submit', 'go_form_handle_submission');
+add_action('admin_post_go_form_handle_submission', 'go_form_handle_submission');
 
 // ========== Shortcode ==========
 function go_form_shortcode($atts)
@@ -157,12 +168,13 @@ function go_form_admin_action($type)
 
 function go_form_delete_entry()
 {
-  go_form_admin_action('delete');
-  if (isset($_POST['entry_id'])) {
+  go_form_admin_action('delete_entry');
+  if (isset($_POST['value_one'])) {
     global $wpdb;
-    $entry = $wpdb->get_row($wpdb->prepare("SELECT form_id FROM {$wpdb->prefix}go_form_entries WHERE id = %d", intval($_POST['entry_id'])));
+    $entry_id = intval($_POST['value_one']);
+    $entry = $wpdb->get_row($wpdb->prepare("SELECT form_id FROM {$wpdb->prefix}go_form_entries WHERE id = %d", $entry_id));
     $form_id = $entry ? $entry->form_id : 0;
-    $wpdb->delete("{$wpdb->prefix}go_form_entries", ['id' => intval($_POST['entry_id'])]);
+    $wpdb->delete("{$wpdb->prefix}go_form_entries", ['id' => $entry_id]);
     $redirect_url = add_query_arg(array('page' => 'go-form-settings', 'form_id' => $form_id, 'deleted' => 1), admin_url('admin.php'));
     wp_redirect($redirect_url);
     exit;
@@ -175,7 +187,7 @@ add_action('admin_post_go_form_delete_entry', 'go_form_delete_entry');
 
 function go_form_create_form()
 {
-  go_form_admin_action('create');
+  go_form_admin_action('create_form');
   if (isset($_POST['form_name']) && !empty($_POST['form_name'])) {
     global $wpdb;
     $wpdb->insert("{$wpdb->prefix}go_form_forms", ['name' => sanitize_text_field($_POST['form_name'])]);
@@ -193,11 +205,13 @@ add_action('admin_post_go_form_create_form', 'go_form_create_form');
 function go_form_delete_form()
 {
   go_form_admin_action('delete_form');
-  if (isset($_POST['form_id'])) {
+  if (isset($_POST['value_one'])) {
     global $wpdb;
-    $id = intval($_POST['form_id']);
-    $wpdb->delete("{$wpdb->prefix}go_form_entries", ['form_id' => $id]);
-    $wpdb->delete("{$wpdb->prefix}go_form_forms", ['id' => $id]);
+    $id = intval($_POST['value_one']);
+    if ($id > 1) {
+      $wpdb->delete("{$wpdb->prefix}go_form_entries", ['form_id' => $id]);
+      $wpdb->delete("{$wpdb->prefix}go_form_forms", ['id' => $id]);
+    }
   }
   $redirect_url = add_query_arg(array('page' => 'go-form-settings', 'deleted' => 1), admin_url('admin.php'));
   wp_redirect($redirect_url);
@@ -208,12 +222,12 @@ add_action('admin_post_go_form_delete_form', 'go_form_delete_form');
 function go_form_export()
 {
   go_form_admin_action('export');
-  if (!isset($_POST['form_id'])) {
+  if (!isset($_POST['value_one'])) {
     wp_redirect(admin_url('admin.php?page=go-form-settings'));
     exit;
   }
 
-  $form_id = intval($_POST['form_id']);
+  $form_id = intval($_POST['value_one']);
   $form_name = go_form_get_form_name($form_id);
   $entries = go_form_get_entries($form_id);
 
@@ -251,6 +265,17 @@ function go_form_admin_menu()
 }
 add_action('admin_menu', 'go_form_admin_menu');
 
+function action_button($action, $name, $confirm_massage, $value_one)
+{
+  echo '
+  <form method="post" action="' . admin_url('admin-post.php') . '">
+    '. wp_nonce_field($action . '_action', $action . '_nonce', true, false) .'
+    <input type="hidden" name="action" value="'.$action.'">
+    <input type="hidden" name="value_one" value="'. $value_one . '">
+    <input type="submit" value="'.$name .'" class="button" onclick="return confirm(\''.$confirm_massage .'\')">
+  </form>';
+}
+
 function go_form_settings_page()
 {
   if (!current_user_can('manage_options'))
@@ -265,10 +290,17 @@ function go_form_settings_page()
 
     <h2>Create New Form</h2>
     <form method="post" action="' . admin_url('admin-post.php') . '">
-        ' . wp_nonce_field('go_form_create_action', 'go_form_create_nonce', true, false) . '
+        ' . wp_nonce_field('go_form_create_form_action', 'go_form_create_form_nonce', true, false) . '
         <input type="hidden" name="action" value="go_form_create_form">
         <table class="form-table">
-            <tr><th><label for="form_name">Form Name:</label></th><td><input type="text" name="form_name" id="form_name" required></td></tr>
+            <tr>
+              <th>
+                <label for="form_name">Form Name:</label>
+              </th>
+              <td>
+                <input type="text" name="form_name" id="form_name" required>
+              </td>
+            </tr>
         </table>
         <p class="submit"><input type="submit" class="button button-primary" value="Create Form"></p>
     </form>
@@ -281,18 +313,10 @@ function go_form_settings_page()
     $form_name = go_form_get_form_name($selected_form_id);
     echo "<h3> $form_name Entries</h3>";
     echo '<div style="margin-bottom:15px">';
-    echo '<form method="post" action="' . admin_url('admin-post.php') . '" style="display:inline-block;margin-right:10px">
-          ' . wp_nonce_field('go_form_delete_form_action', 'go_form_delete_form_nonce', true, false) . '
-          <input type="hidden" name="action" value="go_form_delete_form">
-          <input type="hidden" name="form_id" value="' . esc_attr($selected_form_id) . '">
-          <input type="submit" value="Delete Form" class="button delete" onclick="return confirm(\'Delete this form and ALL entries?\')">
-      </form>';
-    echo '<form method="post" action="' . admin_url('admin-post.php') . '" style="display:inline-block">
-          ' . wp_nonce_field('go_form_export_action', 'go_form_export_nonce', true, false) . '
-          <input type="hidden" name="action" value="go_form_export">
-          <input type="hidden" name="form_id" value="' . esc_attr($selected_form_id) . '">
-          <input type="submit" value="Export to CSV" class="button button-primary">
-      </form>';
+
+    action_button('go_form_delete_form','Delete Form', 'Delete this form and ALL entries?', $selected_form_id);
+    action_button('go_form_export', 'Export to CSV', 'Confrm Export', $selected_form_id);
+    
     echo '</div>';
     $entries = go_form_get_entries($selected_form_id);
     go_form_render_entries_table($entries, true);
diff --git a/go-form-plugin/templates/form-shortcode.php b/go-form-plugin/templates/form-shortcode.php
index 1b63226..64190a4 100644
--- a/go-form-plugin/templates/form-shortcode.php
+++ b/go-form-plugin/templates/form-shortcode.php
@@ -59,7 +59,7 @@
 <div id="form">
   <form method="post" action="<?php echo admin_url('admin-post.php'); ?>">
     <?php echo wp_nonce_field('go_form_action', 'go_form_nonce', true, false); ?>
-    <input type="hidden" name="action" value="go_form_submit">
+    <input type="hidden" name="action" value="go_form_handle_submission">
     <input type="hidden" name="form_id" value="<?php echo esc_attr($form_id); ?>">
 
     <div class="go-form-grid">
diff --git a/go-form-plugin/templates/table.php b/go-form-plugin/templates/table.php
index 6478872..50d2197 100644
--- a/go-form-plugin/templates/table.php
+++ b/go-form-plugin/templates/table.php
@@ -32,12 +32,7 @@
           <td> <?= esc_html($e->email) ?> </td>
           <td> <?= esc_html($e->created_at) ?> </td>
           <td>
-            <form method="post" action=" <?= admin_url('admin-post.php') ?> ">
-              <?= wp_nonce_field('go_form_delete_action', 'go_form_delete_nonce', true, false) ?>
-              <input type="hidden" name="action" value="go_form_delete_entry">
-              <input type="hidden" name="entry_id" value=" <?= esc_attr($e->id) ?> ">
-              <input type="submit" value="Delete" class="button delete" onclick="return confirm('Delete this entry?')">
-            </form>
+            <?php action_button('go_form_delete_entry', 'Delete', 'Delete this entry?', $e->id); ?>
           </td>
           <td> <?= esc_html($e->comment) ?> </td>