/**
* Actions run on plugin initialization.
*
* A certain number of things can possibly run after
* the plugin initialized. Those actions are fired from here
* if the trigger is present.
*
* @since 3.0.0
* @return void
*/
public function init()
{
/**
* Log user in.
*
* If we have a login in the post data we try to log the user in.
* The login process relies on the WordPress core functions. If the login
* is successful, the user is redirected to the page he was requesting,
* otherwise the standard WordPress error messages are returned.
*
* @since 3.0.0
*/
if (isset($_POST['wpas_login'])) {
add_action('wp', 'wpas_try_login');
}
/**
* Register a new account.
*
* If wpas_registration is passed we trigger the account registration function.
* The registration function will do a certain number of checks and if all of them
* are successful, a new user is created using the WordPress core functions.
*
* The reason why we are not using a simpler process is to keep full control over
* what's returned to the user and where the user is returned.
*
* @since 3.0.0
*/
if (isset($_POST['wpas_registration'])) {
add_action('wp', 'wpas_register_account', 10, 0);
}
/**
* Run custom actions.
*
* The plugin can run a number of custom actions triggered by a URL parameter.
* If the $action parameter is set in the URL we run this method.
*
* @since 3.0.0
*/
if (isset($_GET['action'])) {
add_action('wp', array($this, 'custom_actions'));
}
/**
* Open a new ticket.
*
* If a ticket title is passed in the post we trigger the function that adds
* new tickets. The function does a certain number of checks and has several
* action hooks and filters. Post-insertion actions like adding post metas
* and redirecting the user are run from here.
*
* @since 3.0.0
*/
if (isset($_POST['wpas_title'])) {
// Verify the nonce first
if (!isset($_POST['wpas_nonce']) || !wp_verify_nonce($_POST['wpas_nonce'], 'new_ticket')) {
/* Save the input */
wpas_save_values();
// Redirect to submit page
wp_redirect(add_query_arg(array('message' => 4), get_permalink(wpas_get_option('ticket_submit'))));
exit;
}
$ticket_id = wpas_open_ticket(array('title' => $_POST['wpas_title'], 'message' => $_POST['wpas_message']));
/* Submission failure */
if (false === $ticket_id) {
/* Save the input */
wpas_save_values();
/**
* Redirect to the newly created ticket
*/
$submit = wpas_get_option('ticket_submit');
wpas_redirect('ticket_added_failed', add_query_arg(array('message' => 6), get_permalink($submit)), $submit);
exit;
} else {
/**
* Empty the temporary sessions
*/
unset($_SESSION['wpas_submission_form']);
unset($_SESSION['wpas_submission_error']);
/**
* Redirect to the newly created ticket
*/
wpas_redirect('ticket_added', get_permalink($ticket_id), $ticket_id);
exit;
}
}
/**
* Save a new reply.
*
* This adds a new reply to an existing ticket. The ticket
* can possibly be closed by the user in which case we update
* the post meta if the reply submission is successful.
*
* @since 3.0.0
*/
if (isset($_POST['wpas_user_reply'])) {
/**
* Define if the reply can be submitted empty or not.
*
* @since 3.0.0
* @var boolean
*/
$can_submit_empty = apply_filters('wpas_can_reply_be_empty', false);
/**
* Get the parent ticket ID.
*/
$parent_id = intval($_POST['ticket_id']);
if (empty($_POST['wpas_user_reply']) && false === $can_submit_empty) {
wpas_redirect('reply_not_added', add_query_arg(array('message' => wpas_create_notification(__('You cannot submit an empty reply.', 'wpas'))), get_permalink($parent_id)), $parent_id);
exit;
}
/* Sanitize the data */
$data = array('post_content' => wp_kses($_POST['wpas_user_reply'], wp_kses_allowed_html('post')));
/* Add the reply */
$reply_id = wpas_add_reply($data, $parent_id);
/* Possibly close the ticket */
if (isset($_POST['wpas_close_ticket']) && false !== $reply_id) {
wpas_close_ticket(intval($_POST['ticket_id']));
}
if (false === $reply_id) {
wpas_redirect('reply_added_failed', add_query_arg(array('message' => '7'), get_permalink($parent_id)));
exit;
} else {
/**
* Delete the activity transient.
*/
delete_transient("wpas_activity_meta_post_{$parent_id}");
wpas_redirect('reply_added', add_query_arg(array('message' => '8'), get_permalink($parent_id)) . "#reply-{$reply_id}", $parent_id);
exit;
}
}
}
/**
* Change the redirection URL.
*
* In case the upload fails we want to notify the user.
* We change the redirection URL and integrate a custom message
* encoded in base64 that will be interpreted by the notification class.
*
* @since 3.0.0
*
* @param string $location Original redirection URL
*
* @return string New redirection URL
*/
public function redirect_error($location)
{
$url = remove_query_arg('message', $location);
$message = wpas_create_notification(sprintf(__('Your reply has been correctly submitted but the attachment was not uploaded. %s', 'wpas'), $this->error_message));
$location = add_query_arg(array('message' => $message), $url);
return $location;
}
/**
* Register user account.
*
* @param array|bool $data User data
*
* @since 1.0.0
* @return void
*/
function wpas_register_account($data = false)
{
global $post;
/* Make sure registrations are open */
$registration = boolval(wpas_get_option('allow_registrations', true));
if (true !== $registration) {
wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('Registrations are currently not allowed.', 'wpas')), get_permalink($post->ID))));
exit;
}
if (false === $data) {
$data = $_POST;
}
$email = isset($data['email']) && !empty($data['email']) ? sanitize_email($data['email']) : false;
$first_name = isset($data['first_name']) && !empty($data['first_name']) ? sanitize_text_field($data['first_name']) : false;
$last_name = isset($data['last_name']) && !empty($data['last_name']) ? sanitize_text_field($data['last_name']) : false;
$pwd = isset($data['pwd']) && !empty($data['pwd']) ? $data['pwd'] : false;
/* Save the user information in session to pre populate the form in case of error. */
$_SESSION['wpas_registration_form'] = array('first_name' => $first_name, 'last_name' => $last_name, 'email' => $email);
/**
* wpas_pre_register_account hook
*
* This hook is triggered all the time
* even if the checks don't pass.
*
* @since 3.0.1
*/
do_action('wpas_pre_register_account', $data);
if (wpas_get_option('terms_conditions', false) && !isset($data['terms'])) {
wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('You did not accept the terms and conditions.', 'wpas')), get_permalink($post->ID))));
exit;
}
/* Make sure we have all the necessary data. */
if (false === ($email || $first_name || $last_name || $pwd)) {
wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('You didn\'t correctly fill all the fields.', 'wpas')), get_permalink($post->ID))));
exit;
}
$username = sanitize_user(strtolower($first_name) . strtolower($last_name));
$user = get_user_by('login', $username);
/* Check for existing username */
if (is_a($user, 'WP_User')) {
$suffix = 1;
do {
$alt_username = sanitize_user($username . $suffix);
$user = get_user_by('login', $alt_username);
$suffix++;
} while (is_a($user, 'WP_User'));
$username = $alt_username;
}
/**
* wpas_insert_user_data filter
*
* @since 3.1.5
* @var array User account arguments
*/
$args = apply_filters('wpas_insert_user_data', array('user_login' => $username, 'user_email' => $email, 'first_name' => $first_name, 'last_name' => $last_name, 'display_name' => "{$first_name} {$last_name}", 'user_pass' => $pwd, 'role' => 'wpas_user'));
/**
* wpas_register_account_before hook
*
* Fired right before the user is added to the database.
*/
do_action('wpas_register_account_before', $args);
$user_id = wp_insert_user(apply_filters('wpas_user_registration_data', $args));
if (is_wp_error($user_id)) {
/**
* wpas_register_account_before hook
*
* Fired right after a failed attempt to register a user.
*
* @since 3.0.1
*/
do_action('wpas_register_account_failed', $user_id, $args);
$error = $user_id->get_error_message();
wp_redirect(add_query_arg(array('message' => wpas_create_notification($error), get_permalink($post->ID))));
exit;
} else {
/**
* wpas_register_account_before hook
*
* Fired right after the user is successfully added to the database.
*
* @since 3.0.1
*/
do_action('wpas_register_account_after', $user_id, $args);
/* Delete the user information data from session. */
unset($_SESSION['wpas_registration_form']);
wp_new_user_notification($user_id, $pwd);
if (headers_sent()) {
wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('Your account has been created. Please log-in.', 'wpas')), get_permalink($post->ID))));
exit;
}
if (!is_user_logged_in()) {
/* Automatically log the user in */
wp_set_current_user($user_id, $email);
wp_set_auth_cookie($user_id);
wp_redirect(get_permalink($post->ID));
exit;
}
}
}
/**
* Open a new ticket.
*
* @since 3.0.0
* @param array $data Ticket data
* @return boolean
*/
function wpas_open_ticket($data)
{
$title = isset($data['title']) ? wp_strip_all_tags($data['title']) : false;
$content = isset($data['message']) ? wp_kses($data['message'], wp_kses_allowed_html('post')) : false;
/**
* Prepare vars
*/
$submit = wpas_get_option('ticket_submit');
// ID of the submission page
// Verify user capability
if (!current_user_can('create_ticket')) {
// Save the input
wpas_save_values();
// Redirect to submit page
wp_redirect(add_query_arg(array('message' => 11), get_permalink($submit)));
// Break
exit;
}
// Make sure we have at least a title and a message
if (false === $title || empty($title)) {
// Save the input
wpas_save_values();
// Redirect to submit page
wp_redirect(add_query_arg(array('message' => 3), get_permalink($submit)));
// Break
exit;
}
if (true === ($description_mandatory = apply_filters('wpas_ticket_submission_description_mandatory', true)) && (false === $content || empty($content))) {
// Save the input
wpas_save_values();
// Redirect to submit page
wp_redirect(add_query_arg(array('message' => 10), get_permalink($submit)));
// Break
exit;
}
/**
* Allow the submission.
*
* This variable is used to add additional checks in the submission process.
* If the $go var is set to true, it gives a green light to this method
* and the ticket will be submitted. If the var is set to false, the process
* will be aborted.
*
* @since 3.0.0
*/
$go = apply_filters('wpas_before_submit_new_ticket_checks', true);
/* Check for the green light */
if (is_wp_error($go)) {
/* Retrieve error messages. */
$messages = $go->get_error_messages();
/* Save the input */
wpas_save_values();
/* Redirect to submit page */
wp_redirect(add_query_arg(array('message' => wpas_create_notification($messages)), get_permalink($submit)));
exit;
}
/**
* Gather current user info
*/
if (is_user_logged_in()) {
global $current_user;
$user_id = $current_user->ID;
} else {
// Save the input
wpas_save_values();
// Redirect to submit page
wp_redirect(add_query_arg(array('message' => 5), get_permalink($submit)));
// Break
exit;
}
/**
* Submit the ticket.
*
* Now that all the verifications are passed
* we can proceed to the actual ticket submission.
*/
$post = array('post_content' => $content, 'post_name' => $title, 'post_title' => $title, 'post_status' => 'queued', 'post_type' => 'ticket', 'post_author' => $user_id, 'ping_status' => 'closed', 'comment_status' => 'closed');
return wpas_insert_ticket($post, false, false);
}
