public function edit_level($id)
{
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('membership level edit');
//Check nonce
if (!isset($_POST['_wpnonce_edit_swpmlevel_admin_end']) || !wp_verify_nonce($_POST['_wpnonce_edit_swpmlevel_admin_end'], 'edit_swpmlevel_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for membership level edit from admin end."));
}
global $wpdb;
$query = $wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "swpm_membership_tbl WHERE id = %d", $id);
$level = $wpdb->get_row($query, ARRAY_A);
$form = new SwpmLevelForm($level);
if ($form->is_valid()) {
$wpdb->update($wpdb->prefix . "swpm_membership_tbl", $form->get_sanitized(), array('id' => $id));
//@todo meta table and collect all relevant info and pass as argument
$custom = apply_filters('swpm_admin_edit_membership_level', array(), $id);
$this->save_custom_fields($id, $custom);
$message = array('succeeded' => true, 'message' => '<p>' . SwpmUtils::_('Membership Level Updated Successfully.') . '</p>');
SwpmTransfer::get_instance()->set('status', $message);
wp_redirect('admin.php?page=simple_wp_membership_levels');
exit(0);
}
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $form->get_errors());
SwpmTransfer::get_instance()->set('status', $message);
}
public function edit_admin_end($id)
{
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('member edit by admin');
//Check nonce
if (!isset($_POST['_wpnonce_edit_swpmuser_admin_end']) || !wp_verify_nonce($_POST['_wpnonce_edit_swpmuser_admin_end'], 'edit_swpmuser_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for user edit from admin end."));
}
global $wpdb;
$query = $wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "swpm_members_tbl WHERE member_id = %d", $id);
$member = $wpdb->get_row($query, ARRAY_A);
$email_address = $member['email'];
$user_name = $member['user_name'];
unset($member['member_id']);
unset($member['user_name']);
$form = new SwpmForm($member);
if ($form->is_valid()) {
$member = $form->get_sanitized();
$plain_password = isset($member['plain_password']) ? $member['plain_password'] : "";
SwpmUtils::update_wp_user($user_name, $member);
unset($member['plain_password']);
$wpdb->update($wpdb->prefix . "swpm_members_tbl", $member, array('member_id' => $id));
$message = array('succeeded' => true, 'message' => '<p>Member profile updated successfully.</p>');
$error = apply_filters('swpm_admin_edit_custom_fields', array(), $member + array('member_id' => $id));
if (!empty($error)) {
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $error);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
SwpmTransfer::get_instance()->set('status', $message);
$send_notification = filter_input(INPUT_POST, 'account_status_change');
if (!empty($send_notification)) {
$settings = SwpmSettings::get_instance();
$from_address = $settings->get_value('email-from');
$headers = 'From: ' . $from_address . "\r\n";
$subject = filter_input(INPUT_POST, 'notificationmailhead');
$body = filter_input(INPUT_POST, 'notificationmailbody');
$settings->set_value('account-change-email-body', $body)->set_value('account-change-email-subject', $subject)->save();
$member['login_link'] = $settings->get_value('login-page-url');
$member['user_name'] = $user_name;
$member['password'] = empty($plain_password) ? SwpmUtils::_("Your current password") : $plain_password;
$values = array_values($member);
$keys = array_map('swpm_enclose_var', array_keys($member));
$body = html_entity_decode(str_replace($keys, $values, $body));
wp_mail($email_address, $subject, $body, $headers);
}
wp_redirect('admin.php?page=simple_wp_membership');
exit(0);
}
$message = array('succeeded' => false, 'message' => SwpmUtils::_('Please correct the following:'), 'extra' => $form->get_errors());
SwpmTransfer::get_instance()->set('status', $message);
}
protected function send_reg_email()
{
global $wpdb;
if (empty($this->member_info)) {
return false;
}
$member_info = $this->member_info;
$settings = SwpmSettings::get_instance();
$subject = $settings->get_value('reg-complete-mail-subject');
$body = $settings->get_value('reg-complete-mail-body');
$from_address = $settings->get_value('email-from');
$login_link = $settings->get_value('login-page-url');
$headers = 'From: ' . $from_address . "\r\n";
$member_info['membership_level_name'] = SwpmPermission::get_instance($member_info['membership_level'])->get('alias');
$member_info['password'] = $member_info['plain_password'];
$member_info['login_link'] = $login_link;
$values = array_values($member_info);
$keys = array_map('swpm_enclose_var', array_keys($member_info));
$body = html_entity_decode($body);
$body = str_replace($keys, $values, $body);
$swpm_user = SwpmMemberUtils::get_user_by_user_name($member_info['user_name']);
$member_id = $swpm_user->member_id;
$body = SwpmMiscUtils::replace_dynamic_tags($body, $member_id);
//Do the standard merge var replacement.
$email = sanitize_email(filter_input(INPUT_POST, 'email', FILTER_UNSAFE_RAW));
//Send notification email to the member
wp_mail(trim($email), $subject, $body, $headers);
SwpmLog::log_simple_debug('Member notification email sent to: ' . $email, true);
if ($settings->get_value('enable-admin-notification-after-reg')) {
//Send notification email to the site admin
$admin_notification = $settings->get_value('admin-notification-email');
$admin_notification = empty($admin_notification) ? $from_address : $admin_notification;
$notify_emails_array = explode(",", $admin_notification);
$headers = 'From: ' . $from_address . "\r\n";
$subject = "Notification of New Member Registration";
$admin_notify_body = $settings->get_value('reg-complete-mail-body-admin');
if (empty($admin_notify_body)) {
$admin_notify_body = "A new member has completed the registration.\n\n" . "Username: {user_name}\n" . "Email: {email}\n\n" . "Please login to the admin dashboard to view details of this user.\n\n" . "You can customize this email message from the Email Settings menu of the plugin.\n\n" . "Thank You";
}
$admin_notify_body = SwpmMiscUtils::replace_dynamic_tags($admin_notify_body, $member_id);
//Do the standard merge var replacement.
foreach ($notify_emails_array as $to_email) {
$to_email = trim($to_email);
wp_mail($to_email, $subject, $admin_notify_body, $headers);
SwpmLog::log_simple_debug('Admin notification email sent to: ' . $to_email, true);
}
}
return true;
}
public static function update_category_list()
{
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('category protection update');
$selected = filter_input(INPUT_POST, 'membership_level_id');
$selected_level_id = empty($selected) ? 1 : $selected;
$category = $selected_level_id == 1 ? SwpmProtection::get_instance() : SwpmPermission::get_instance($selected_level_id);
$args = array('ids' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY));
$filtered = filter_input_array(INPUT_POST, $args);
$ids = $filtered['ids'];
$args = array('ids_in_page' => array('filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_ARRAY));
$filtered = filter_input_array(INPUT_POST, $args);
$ids_in_page = $filtered['ids_in_page'];
$category->remove($ids_in_page, 'category')->apply($ids, 'category')->save();
$message = array('succeeded' => true, 'message' => '<p>' . SwpmUtils::_('Category protection updated!') . '</p>');
SwpmTransfer::get_instance()->set('status', $message);
}
public static function initdb()
{
$settings = SwpmSettings::get_instance();
$installed_version = $settings->get_value('swpm-active-version');
//Set other default settings values
$reg_prompt_email_subject = "Complete your registration";
$reg_prompt_email_body = "Dear {first_name} {last_name}" . "\n\nThank you for joining us!" . "\n\nPlease complete your registration by visiting the following link:" . "\n\n{reg_link}" . "\n\nThank You";
$reg_email_subject = "Your registration is complete";
$reg_email_body = "Dear {first_name} {last_name}\n\n" . "Your registration is now complete!\n\n" . "Registration details:\n" . "Username: {user_name}\n" . "Password: {password}\n\n" . "Please login to the member area at the following URL:\n\n" . "{login_link}\n\n" . "Thank You";
$upgrade_email_subject = "Subject for email sent after account upgrade";
$upgrade_email_body = "Dear {first_name} {last_name}" . "\n\nYour Account Has Been Upgraded." . "\n\nThank You";
$reset_email_subject = get_bloginfo('name') . ": New Password";
$reset_email_body = "Dear {first_name} {last_name}" . "\n\nHere is your new password:"******"\n\nUsername: {user_name}" . "\nPassword: {password}" . "\n\nYou can change the password from the edit profile section of the site (after you log into the site)" . "\n\nThank You";
$status_change_email_subject = "Account Updated!";
$status_change_email_body = "Dear {first_name} {last_name}," . "\n\nYour account status has been updated!" . " Please login to the member area at the following URL:" . "\n\n {login_link}" . "\n\nThank You";
$bulk_activate_email_subject = "Account Activated!";
$bulk_activate_email_body = "Hi," . "\n\nYour account has been activated!" . "\n\nYou can now login to the member area." . "\n\nThank You";
if (empty($installed_version)) {
//Do fresh install tasks
//Create the mandatory pages (if they are not there)
SwpmMiscUtils::create_mandatory_wp_pages();
//End of page creation
$settings->set_value('reg-complete-mail-subject', stripslashes($reg_email_subject))->set_value('reg-complete-mail-body', stripslashes($reg_email_body))->set_value('reg-prompt-complete-mail-subject', stripslashes($reg_prompt_email_subject))->set_value('reg-prompt-complete-mail-body', stripslashes($reg_prompt_email_body))->set_value('upgrade-complete-mail-subject', stripslashes($upgrade_email_subject))->set_value('upgrade-complete-mail-body', stripslashes($upgrade_email_body))->set_value('reset-mail-subject', stripslashes($reset_email_subject))->set_value('reset-mail-body', stripslashes($reset_email_body))->set_value('account-change-email-subject', stripslashes($status_change_email_subject))->set_value('account-change-email-body', stripslashes($status_change_email_body))->set_value('email-from', trim(get_option('admin_email')));
$settings->set_value('bulk-activate-notify-mail-subject', stripslashes($bulk_activate_email_subject));
$settings->set_value('bulk-activate-notify-mail-body', stripslashes($bulk_activate_email_body));
}
if (version_compare($installed_version, SIMPLE_WP_MEMBERSHIP_VER) == -1) {
//Do upgrade tasks
}
$settings->set_value('swpm-active-version', SIMPLE_WP_MEMBERSHIP_VER)->save();
//save everything.
}
public function handle_stripe_ipn()
{
SwpmLog::log_simple_debug("Stripe Buy Now IPN received. Processing request...", true);
//SwpmLog::log_simple_debug(print_r($_REQUEST, true), true);//Useful for debugging purpose
//Include the Stripe library.
include SIMPLE_WP_MEMBERSHIP_PATH . 'lib/stripe-gateway/init.php';
//Read and sanitize the request parameters.
$button_id = sanitize_text_field($_REQUEST['item_number']);
$button_id = absint($button_id);
$button_title = sanitize_text_field($_REQUEST['item_name']);
$payment_amount = sanitize_text_field($_REQUEST['item_price']);
$price_in_cents = $payment_amount * 100;
//The amount (in cents). This value is used in Stripe API.
$currency_code = sanitize_text_field($_REQUEST['currency_code']);
$stripe_token = sanitize_text_field($_POST['stripeToken']);
$stripe_token_type = sanitize_text_field($_POST['stripeTokenType']);
$stripe_email = sanitize_email($_POST['stripeEmail']);
//Retrieve the CPT for this button
$button_cpt = get_post($button_id);
if (!$button_cpt) {
//Fatal error. Could not find this payment button post object.
SwpmLog::log_simple_debug("Fatal Error! Failed to retrieve the payment button post object for the given button ID: " . $button_id, false);
wp_die("Fatal Error! Payment button (ID: " . $button_id . ") does not exist. This request will fail.");
}
$membership_level_id = get_post_meta($button_id, 'membership_level_id', true);
//Validate and verify some of the main values.
$true_payment_amount = get_post_meta($button_id, 'payment_amount', true);
if ($payment_amount != $true_payment_amount) {
//Fatal error. Payment amount may have been tampered with.
$error_msg = 'Fatal Error! Received payment amount (' . $payment_amount . ') does not match with the original amount (' . $true_payment_amount . ')';
SwpmLog::log_simple_debug($error_msg, false);
wp_die($error_msg);
}
$true_currency_code = get_post_meta($button_id, 'payment_currency', true);
if ($currency_code != $true_currency_code) {
//Fatal error. Currency code may have been tampered with.
$error_msg = 'Fatal Error! Received currency code (' . $currency_code . ') does not match with the original code (' . $true_currency_code . ')';
SwpmLog::log_simple_debug($error_msg, false);
wp_die($error_msg);
}
//Validation passed. Go ahead with the charge.
//Sandbox and other settings
$settings = SwpmSettings::get_instance();
$sandbox_enabled = $settings->get_value('enable-sandbox-testing');
if ($sandbox_enabled) {
SwpmLog::log_simple_debug("Sandbox payment mode is enabled. Using test API key details.", true);
$secret_key = get_post_meta($button_id, 'stripe_test_secret_key', true);
//Use sandbox API key
} else {
$secret_key = get_post_meta($button_id, 'stripe_live_secret_key', true);
//Use live API key
}
//Set secret API key in the Stripe library
\Stripe\Stripe::setApiKey($secret_key);
// Get the credit card details submitted by the form
$token = $stripe_token;
// Create the charge on Stripe's servers - this will charge the user's card
try {
$charge = \Stripe\Charge::create(array("amount" => $price_in_cents, "currency" => strtolower($currency_code), "source" => $token, "description" => $button_title));
} catch (\Stripe\Error\Card $e) {
// The card has been declined
SwpmLog::log_simple_debug("Stripe Charge Error! The card has been declined. " . $e->getMessage(), false);
$body = $e->getJsonBody();
$error = $body['error'];
$error_string = print_r($error, true);
SwpmLog::log_simple_debug("Error details: " . $error_string, false);
wp_die("Stripe Charge Error! Card charge has been declined. " . $e->getMessage() . $error_string);
}
//Everything went ahead smoothly with the charge.
SwpmLog::log_simple_debug("Stripe Buy Now charge successful.", true);
//Grab the charge ID and set it as the transaction ID.
$txn_id = $charge->id;
//$charge->balance_transaction;
//The charge ID can be used to retrieve the transaction details using hte following call.
//\Stripe\Charge::retrieve($charge->id);
$custom = sanitize_text_field($_REQUEST['custom']);
$custom_var = SwpmTransactions::parse_custom_var($custom);
$swpm_id = isset($custom_var['swpm_id']) ? $custom_var['swpm_id'] : '';
//Create the $ipn_data array.
$ipn_data = array();
$ipn_data['mc_gross'] = $payment_amount;
$ipn_data['first_name'] = '';
$ipn_data['last_name'] = '';
$ipn_data['payer_email'] = $stripe_email;
$ipn_data['membership_level'] = $membership_level_id;
$ipn_data['txn_id'] = $txn_id;
$ipn_data['subscr_id'] = $txn_id;
$ipn_data['swpm_id'] = $swpm_id;
$ipn_data['ip'] = $custom_var['user_ip'];
$ipn_data['custom'] = $custom;
$ipn_data['gateway'] = 'stripe';
$ipn_data['status'] = 'completed';
$ipn_data['address_street'] = '';
$ipn_data['address_city'] = '';
$ipn_data['address_state'] = '';
$ipn_data['address_zipcode'] = '';
$ipn_data['country'] = '';
//Handle the membership signup related tasks.
swpm_handle_subsc_signup_stand_alone($ipn_data, $membership_level_id, $txn_id, $swpm_id);
//Save the transaction record
SwpmTransactions::save_txn_record($ipn_data);
SwpmLog::log_simple_debug('Transaction data saved.', true);
//Trigger the stripe IPN processed action hook (so other plugins can can listen for this event).
do_action('swpm_stripe_ipn_processed', $ipn_data);
do_action('swpm_payment_ipn_processed', $ipn_data);
//Redirect the user to the return URL (or to the homepage if a return URL is not specified for this payment button).
$return_url = get_post_meta($button_id, 'return_url', true);
if (empty($return_url)) {
$return_url = SIMPLE_WP_MEMBERSHIP_SITE_HOME_URL;
}
SwpmLog::log_simple_debug("Redirecting customer to: " . $return_url, true);
SwpmLog::log_simple_debug("End of Stripe Buy Now IPN processing.", true, true);
SwpmMiscUtils::redirect_to_url($return_url);
}
function delete_level()
{
global $wpdb;
if (isset($_REQUEST['id'])) {
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('membership level delete');
//Check nonce
if (!isset($_REQUEST['delete_swpmlevel_nonce']) || !wp_verify_nonce($_REQUEST['delete_swpmlevel_nonce'], 'nonce_delete_swpmlevel_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for membership level delete from admin end."));
}
$id = sanitize_text_field($_REQUEST['id']);
$id = absint($id);
$query = $wpdb->prepare("DELETE FROM " . $wpdb->prefix . "swpm_membership_tbl WHERE id = %d", $id);
$wpdb->query($query);
echo '<div id="message" class="updated fade"><p>Selected record deleted successfully!</p></div>';
}
}
function swpm_save_new_pp_subscription_button_data()
{
if (isset($_REQUEST['swpm_pp_subscription_save_submit'])) {
//This is a PayPal subscription button save event. Process the submission.
$button_id = wp_insert_post(array('post_title' => sanitize_text_field($_REQUEST['button_name']), 'post_type' => 'swpm_payment_button', 'post_content' => '', 'post_status' => 'publish'));
$button_type = sanitize_text_field($_REQUEST['button_type']);
add_post_meta($button_id, 'button_type', $button_type);
add_post_meta($button_id, 'membership_level_id', sanitize_text_field($_REQUEST['membership_level_id']));
add_post_meta($button_id, 'payment_currency', sanitize_text_field($_REQUEST['payment_currency']));
add_post_meta($button_id, 'return_url', trim(sanitize_text_field($_REQUEST['return_url'])));
add_post_meta($button_id, 'paypal_email', trim(sanitize_email($_REQUEST['paypal_email'])));
add_post_meta($button_id, 'button_image_url', trim(sanitize_text_field($_REQUEST['button_image_url'])));
//Subscription billing details
add_post_meta($button_id, 'billing_amount', sanitize_text_field($_REQUEST['billing_amount']));
add_post_meta($button_id, 'billing_cycle', sanitize_text_field($_REQUEST['billing_cycle']));
add_post_meta($button_id, 'billing_cycle_term', sanitize_text_field($_REQUEST['billing_cycle_term']));
add_post_meta($button_id, 'billing_cycle_count', sanitize_text_field($_REQUEST['billing_cycle_count']));
add_post_meta($button_id, 'billing_reattempt', isset($_REQUEST['billing_reattempt']) ? '1' : '');
//Trial billing details
add_post_meta($button_id, 'trial_billing_amount', sanitize_text_field($_REQUEST['trial_billing_amount']));
add_post_meta($button_id, 'trial_billing_cycle', sanitize_text_field($_REQUEST['trial_billing_cycle']));
add_post_meta($button_id, 'trial_billing_cycle_term', sanitize_text_field($_REQUEST['trial_billing_cycle_term']));
//Redirect to the edit interface of this button with $button_id
$url = admin_url() . 'admin.php?page=simple_wp_membership_payments&tab=edit_button&button_id=' . $button_id . '&button_type=' . $button_type;
SwpmMiscUtils::redirect_to_url($url);
}
}
public function reset_password($email)
{
$email = sanitize_email($email);
if (!is_email($email)) {
$message = '<div class="swpm-reset-pw-error">' . SwpmUtils::_("Email address not valid.") . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
global $wpdb;
$query = 'SELECT member_id,user_name,first_name, last_name FROM ' . $wpdb->prefix . 'swpm_members_tbl ' . ' WHERE email = %s';
$user = $wpdb->get_row($wpdb->prepare($query, $email));
if (empty($user)) {
$message = '<div class="swpm-reset-pw-error">' . SwpmUtils::_("No user found with that email address.") . '</div>';
$message .= '<div class="swpm-reset-pw-error-email">' . SwpmUtils::_("Email Address: ") . $email . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
return;
}
$settings = SwpmSettings::get_instance();
$password = wp_generate_password();
$password_hash = SwpmUtils::encrypt_password(trim($password));
//should use $saned??;
$wpdb->update($wpdb->prefix . "swpm_members_tbl", array('password' => $password_hash), array('member_id' => $user->member_id));
//Update wp user password
add_filter('send_password_change_email', array(&$this, 'dont_send_password_change_email'), 1, 3);
//Stop wordpress from sending a reset password email to admin.
SwpmUtils::update_wp_user($user->user_name, array('plain_password' => $password));
$body = $settings->get_value('reset-mail-body');
$subject = $settings->get_value('reset-mail-subject');
$body = html_entity_decode($body);
$additional_args = array('password' => $password);
$body = SwpmMiscUtils::replace_dynamic_tags($body, $user->member_id, $additional_args);
$from = $settings->get_value('email-from');
$headers = "From: " . $from . "\r\n";
wp_mail($email, $subject, $body, $headers);
SwpmLog::log_simple_debug("Member password has been reset. Password reset email sent to: " . $email, true);
$message = '<div class="swpm-reset-pw-success">' . SwpmUtils::_("New password has been sent to your email address.") . '</div>';
$message .= '<div class="swpm-reset-pw-success-email">' . SwpmUtils::_("Email Address: ") . $email . '</div>';
$message = array('succeeded' => false, 'message' => $message);
SwpmTransfer::get_instance()->set('status', $message);
}
function swpm_handle_subsc_signup_stand_alone($ipn_data, $subsc_ref, $unique_ref, $swpm_id = '')
{
global $wpdb;
$settings = SwpmSettings::get_instance();
$members_table_name = $wpdb->prefix . "swpm_members_tbl";
$membership_level_table = $wpdb->prefix . "swpm_membership_tbl";
$membership_level = $subsc_ref;
$subscr_id = $unique_ref;
swpm_debug_log_subsc("swpm_handle_subsc_signup_stand_alone(). Custom value: " . $ipn_data['custom'] . ", Unique reference: " . $unique_ref, true);
$custom_vars = parse_str($ipn_data['custom']);
if (empty($swpm_id)) {
//Lets try to find an existing user profile for this payment
$email = $ipn_data['payer_email'];
$query_db = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$members_table_name} WHERE email = %s", $email), OBJECT);
if (!$query_db) {
//try to retrieve the member details based on the unique_ref
swpm_debug_log_subsc("Could not find any record using the given email address (" . $email . "). Attempting to query database using the unique reference: " . $unique_ref, true);
if (!empty($unique_ref)) {
$query_db = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$members_table_name} WHERE subscr_id = %s", $unique_ref), OBJECT);
if ($query_db) {
$swpm_id = $query_db->member_id;
swpm_debug_log_subsc("Found a match in the member database using unique reference. Member ID: " . $swpm_id, true);
} else {
swpm_debug_log_subsc("Did not find a match for an existing member profile for the given reference. This must me a new payment from a new member.", true);
}
} else {
swpm_debug_log_subsc("Unique reference is missing in the notification so we have to assume that this is not a payment for an existing member.", true);
}
} else {
$swpm_id = $query_db->member_id;
swpm_debug_log_subsc("Found a match in the member database. Member ID: " . $swpm_id, true);
}
}
if (!empty($swpm_id)) {
//This is payment from an existing member/user. Update the existing member account
swpm_debug_log_subsc("Modifying the existing membership profile... Member ID: " . $swpm_id, true);
//Upgrade the member account
$account_state = 'active';
//This is renewal or upgrade of a previously active account. So the status should be set to active
$subscription_starts = date("Y-m-d");
$resultset = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$members_table_name} where member_id=%d", $swpm_id), OBJECT);
if (!$resultset) {
swpm_debug_log_subsc("ERROR! Could not find a member account record for the given Member ID: " . $swpm_id, false);
return;
}
$old_membership_level = $resultset->membership_level;
swpm_debug_log_subsc("Upgrading the current membership level (" . $old_membership_level . ") of this member to the newly paid level (" . $membership_level . ")", true);
$updatedb = $wpdb->prepare("UPDATE {$members_table_name} SET account_state=%s, membership_level=%d,subscription_starts=%s,subscr_id=%s WHERE member_id=%d", $account_state, $membership_level, $subscription_starts, $subscr_id, $swpm_id);
$results = $wpdb->query($updatedb);
do_action('swpm_membership_changed', array('member_id' => $swpm_id, 'from_level' => $old_membership_level, 'to_level' => $membership_level));
//Set Email details for the account upgrade notification
$email = $ipn_data['payer_email'];
$subject = $settings->get_value('upgrade-complete-mail-subject');
if (empty($subject)) {
$subject = "Member Account Upgraded";
}
$body = $settings->get_value('upgrade-complete-mail-body');
if (empty($body)) {
$body = "Your account has been upgraded successfully";
}
$from_address = $settings->get_value('email-from');
$additional_args = array();
$email_body = SwpmMiscUtils::replace_dynamic_tags($body, $swpm_id, $additional_args);
$headers = 'From: ' . $from_address . "\r\n";
} else {
// create new member account
$default_account_status = $settings->get_value('default-account-status', 'active');
$data = array();
$data['user_name'] = '';
$data['password'] = '';
$data['first_name'] = $ipn_data['first_name'];
$data['last_name'] = $ipn_data['last_name'];
$data['email'] = $ipn_data['payer_email'];
$data['membership_level'] = $membership_level;
$data['subscr_id'] = $unique_ref;
$data['gender'] = 'not specified';
swpm_debug_log_subsc("Creating new member account. Membership level ID: " . $membership_level, true);
$data['address_street'] = $ipn_data['address_street'];
$data['address_city'] = $ipn_data['address_city'];
$data['address_state'] = $ipn_data['address_state'];
$data['address_zipcode'] = isset($ipn_data['address_zip']) ? $ipn_data['address_zip'] : '';
$data['country'] = isset($ipn_data['address_country']) ? $ipn_data['address_country'] : '';
$data['member_since'] = $data['subscription_starts'] = $data['last_accessed'] = date("Y-m-d");
$data['account_state'] = $default_account_status;
$reg_code = uniqid();
$md5_code = md5($reg_code);
$data['reg_code'] = $md5_code;
$data['referrer'] = $data['extra_info'] = $data['txn_id'] = '';
$data['subscr_id'] = $subscr_id;
$data['last_accessed_from_ip'] = isset($user_ip) ? $user_ip : '';
//Save the users IP address
$data = array_filter($data);
//Remove any null values.
$wpdb->insert($members_table_name, $data);
//Create the member record
$results = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$members_table_name} where subscr_id=%s and reg_code=%s", $subscr_id, $md5_code), OBJECT);
$id = $results->member_id;
//Alternatively use $wpdb->insert_id;
if (empty($id)) {
swpm_debug_log_subsc("Error! Failed to insert a new member record. This request will fail.", false);
return;
}
$separator = '?';
$url = $settings->get_value('registration-page-url');
if (strpos($url, '?') !== false) {
$separator = '&';
}
$reg_url = $url . $separator . 'member_id=' . $id . '&code=' . $md5_code;
swpm_debug_log_subsc("Member signup URL: " . $reg_url, true);
$subject = $settings->get_value('reg-prompt-complete-mail-subject');
if (empty($subject)) {
$subject = "Please complete your registration";
}
$body = $settings->get_value('reg-prompt-complete-mail-body');
if (empty($body)) {
$body = "Please use the following link to complete your registration. \n {reg_link}";
}
$from_address = $settings->get_value('email-from');
$body = html_entity_decode($body);
$additional_args = array('reg_link' => $reg_url);
$email_body = SwpmMiscUtils::replace_dynamic_tags($body, $id, $additional_args);
$headers = 'From: ' . $from_address . "\r\n";
}
wp_mail($email, $subject, $email_body, $headers);
swpm_debug_log_subsc("Member signup/upgrade completion email successfully sent to: " . $email, true);
}
function swpm_save_new_pp_buy_now_button_data()
{
if (isset($_REQUEST['swpm_pp_buy_now_save_submit'])) {
//This is a PayPal buy now button save event. Process the submission.
//TODO - Do some extra validation check?
//Save the button data
$button_id = wp_insert_post(array('post_title' => sanitize_text_field($_REQUEST['button_name']), 'post_type' => 'swpm_payment_button', 'post_content' => '', 'post_status' => 'publish'));
$button_type = sanitize_text_field($_REQUEST['button_type']);
add_post_meta($button_id, 'button_type', $button_type);
add_post_meta($button_id, 'membership_level_id', sanitize_text_field($_REQUEST['membership_level_id']));
add_post_meta($button_id, 'payment_amount', trim(sanitize_text_field($_REQUEST['payment_amount'])));
add_post_meta($button_id, 'payment_currency', sanitize_text_field($_REQUEST['payment_currency']));
add_post_meta($button_id, 'return_url', trim(sanitize_text_field($_REQUEST['return_url'])));
add_post_meta($button_id, 'paypal_email', trim(sanitize_email($_REQUEST['paypal_email'])));
add_post_meta($button_id, 'button_image_url', trim(sanitize_text_field($_REQUEST['button_image_url'])));
//Redirect to the edit interface of this button with $button_id
//$url = admin_url() . 'admin.php?page=simple_wp_membership_payments&tab=edit_button&button_id=' . $button_id . '&button_type=' . $button_type;
//Redirect to the manage payment buttons interface
$url = admin_url() . 'admin.php?page=simple_wp_membership_payments&tab=payment_buttons';
SwpmMiscUtils::redirect_to_url($url);
}
}
public static function is_current_url_a_system_page()
{
$current_page_url = SwpmMiscUtils::get_current_page_url();
//Check if the current page is the membership renewal page.
$renewal_url = SwpmSettings::get_instance()->get_value('renewal-page-url');
if (empty($renewal_url)) {
return false;
}
if (SwpmMiscUtils::compare_url($renewal_url, $current_page_url)) {
return true;
}
//Check if the current page is the membership logn page.
$login_page_url = SwpmSettings::get_instance()->get_value('login-page-url');
if (empty($login_page_url)) {
return false;
}
if (SwpmMiscUtils::compare_url($login_page_url, $current_page_url)) {
return true;
}
//Check if the current page is the membership join page.
$registration_page_url = SwpmSettings::get_instance()->get_value('registration-page-url');
if (empty($registration_page_url)) {
return false;
}
if (SwpmMiscUtils::compare_url($registration_page_url, $current_page_url)) {
return true;
}
return false;
}
function swpm_alr_append_query_arg_if_applicable($login_url)
{
//Check if the redirect to last page settings is enabled.
$swpm_alr_settings = get_option('swpm_alr_settings');
if (empty($swpm_alr_settings['redirect_to_last_page_enabled'])) {
$swpm_alr_settings['redirect_to_last_page_enabled'] = '';
}
if ($swpm_alr_settings['redirect_to_last_page_enabled'] != '1') {
//The redirect to last page option is disabled. No need to add the query arg.
return $login_url;
}
//The feature is enabled. Lets add the necessary query arg to the login url.
$current_url = SwpmMiscUtils::get_current_page_url();
if (!empty($current_url)) {
//Add this URL to the redirect to query arg.
$current_url = urlencode($current_url);
$login_url = add_query_arg('swpm_redirect_to', $current_url, $login_url);
}
return $login_url;
}
public function do_admin_notices()
{
$this->notices();
//Show any execution specific notices in the admin interface.
//Show any other general warnings/notices to the admin.
if (SwpmMiscUtils::is_swpm_admin_page()) {
//we are in an admin page for SWPM plugin.
$msg = '';
//Show notice if running in sandbox mode.
$settings = SwpmSettings::get_instance();
$sandbox_enabled = $settings->get_value('enable-sandbox-testing');
if ($sandbox_enabled) {
$msg .= '<p>' . SwpmUtils::_('You have the sandbox payment mode enabled in plugin settings. Make sure to turn off the sandbox mode when you want to do live transactions.') . '</p>';
}
if (!empty($msg)) {
//Show warning messages if any.
echo '<div id="message" class="error">';
echo $msg;
echo '</div>';
}
}
}
function delete()
{
if (isset($_REQUEST['member_id'])) {
//Check we are on the admin end and user has management permission
SwpmMiscUtils::check_user_permission_and_is_admin('member deletion by admin');
//Check nonce
if (!isset($_REQUEST['delete_swpmuser_nonce']) || !wp_verify_nonce($_REQUEST['delete_swpmuser_nonce'], 'delete_swpmuser_admin_end')) {
//Nonce check failed.
wp_die(SwpmUtils::_("Error! Nonce verification failed for user delete from admin end."));
}
$id = sanitize_text_field($_REQUEST['member_id']);
$id = absint($id);
SwpmMembers::delete_user_by_id($id);
}
}