1: <?php
 2: 
 3: /**
 4:  * @copyright Copyright (c) 2009-2022 ThemeCatcher (https://www.themecatcher.net)
 5:  */
 6: class Quform_Entry_UserSearcher
 7: {
 8:     /**
 9:      * Handle the request to search users via Ajax
10:      */
11:     public function search()
12:     {
13:         $this->validateSearchRequest();
14: 
15:         $search = sanitize_text_field(wp_unslash($_GET['search']));
16:         $results = array();
17: 
18:         foreach (Quform::searchUsers($search) as $user) {
19:             $results[] = array('id' => $user->ID, 'text' => $user->user_login);
20:         }
21: 
22:         wp_send_json(array(
23:             'type' => 'success',
24:             'results' => $results
25:         ));
26:     }
27: 
28:     protected function validateSearchRequest()
29:     {
30:         if ( ! Quform::isGetRequest() || ! isset($_GET['search']) || ! is_string($_GET['search'])) {
31:             wp_send_json(array(
32:                 'type'    => 'error',
33:                 'message' => __('Bad request', 'quform')
34:             ));
35:         }
36: 
37:         if ( ! current_user_can('quform_edit_entries')) {
38:             wp_send_json(array(
39:                 'type'    => 'error',
40:                 'message' => __('Insufficient permissions', 'quform')
41:             ));
42:         }
43: 
44:         if ( ! check_ajax_referer('quform_entries_search_users', false, false)) {
45:             wp_send_json(array(
46:                 'type'    => 'error',
47:                 'message' => __('Nonce check failed', 'quform')
48:             ));
49:         }
50:     }
51: }
52: