function cp_module_post_author_points_comment_remove($cid)
{
$cdata = get_comment($cid);
$pid = $cdata->comment_post_ID;
$pdata = get_post($pid);
// do not subtract points if comment is made by post author
if ($cdata->user_id != $pdata->post_author) {
cp_points('post_comment_remove', $pdata->post_author, -get_option('cp_post_author_points'), $cid);
}
}
function cp_module_youtube_shortcode($atts)
{
// return if no video id defined
if ($atts['id'] == '') {
return;
}
// get points from shortcode or use default
if (is_numeric($atts['points']) && (int) $atts['points'] >= 0) {
$points = (int) $atts['points'];
} else {
$points = get_option('cp_module_youtube_points');
}
// process any ajax request
$_POST['uuid'] = str_replace('__', '-', $_POST['uuid']);
if ($_POST['action'] == 'cp_youtube' && $_POST['uuid'] == $atts['id']) {
global $wpdb;
$data = $atts['id'];
$uid = cp_currentUser();
if ((int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `data`='{$data}' AND `type`='youtube'") == 0) {
cp_points('youtube', cp_currentUser(), $points, $atts['id']);
}
exit;
}
// get height and width from shortcode or use default
if (is_numeric($atts['height'])) {
$height = (int) $atts['height'];
} else {
$height = "315";
}
if (is_numeric($atts['width'])) {
$width = (int) $atts['width'];
} else {
$width = "560";
}
$uuid = str_replace('-', '__', $atts['id']);
$video = '<script type="text/javascript">
var params = { allowScriptAccess: "always", wmode: "transparent" };
swfobject.embedSWF("' . htmlentities('http://www.youtube.com/e/' . $atts['id'] . '?enablejsapi=1&version=3&playerapiid=' . $uuid . '&rel=0&controls=0&showinfo=0') . '", "' . $uuid . '", "' . $width . '", "' . $height . '", "9.0.0", null, null, params);
</script>
<div id="' . $uuid . '_container" class="cp_youtube">
<div id="' . $uuid . '"></div>
</div>';
$video .= '<script type="text/javascript">
function cp_youtube_' . $uuid . '_fn(state) {
cp_youtube_updateState("' . $uuid . '", state);
}
</script>';
return $video;
}
function cp_module_dailypoints_checkTimer()
{
if (!is_user_logged_in()) {
return;
}
$uid = cp_currentUser();
$time = get_option('cp_module_dailypoints_time');
$difference = time() - $time;
global $wpdb;
$count = (int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `timestamp`>{$difference} AND `type`='dailypoints'");
if ($count != 0) {
return;
}
cp_points('dailypoints', $uid, get_option('cp_module_dailypoints_points'), '');
}
function cp_add_points_user_update()
{
header("Content-Type: application/json");
if (!current_user_can('manage_options') || $_POST['id'] == '' || $_POST['points'] == '' || $_POST['description'] == '') {
$response = json_encode(array('status' => 'failed'));
echo $response;
exit;
}
cp_points('addpoints', (int) $_POST['id'], (int) $_POST['points'], htmlentities($_POST['description']));
$response = json_encode(array('status' => 'ok', 'newpoints' => cp_getPoints((int) $_POST['id'])));
echo $response;
exit;
}
function cp_api_do()
{
if (get_option('cp_auth_key') != $_REQUEST['cp_api_key']) {
$r['error'] = 'Invalid API key';
return $r;
}
$s = $_REQUEST['cp_api'];
$q = explode('/', $s);
switch ($q[0]) {
case 'user':
switch ($q[1]) {
case 'login':
$user = get_userdatabylogin($q[2]);
break;
case 'id':
$user = get_userdata($q[2]);
break;
default:
$r['error'] = 'Method not implemented';
return $r;
}
if ($user->ID == '') {
$r['error'] = 'Invalid user';
return $r;
}
switch ($q[3]) {
case '':
$r = $user;
return $r;
break;
case 'points':
switch ($q[4]) {
case '':
$r['points'] = cp_getPoints($user->ID);
return $r;
break;
case 'get':
$r['points'] = cp_getPoints($user->ID);
return $r;
break;
case 'set':
if (!is_numeric($q[5])) {
$r['error'] = 'Points must be integers';
return $r;
} else {
cp_updatePoints($user->ID, (int) $q[5]);
$r['points'] = cp_getPoints($user->ID);
$r['message'] = 'Points updated';
return $r;
}
break;
case 'add':
if (!is_numeric($q[5])) {
$r['error'] = 'Points must be integers';
return $r;
} else {
switch ($q[6]) {
case '':
cp_alterPoints($user->ID, $q[5]);
$r['points'] = cp_getPoints($user->ID);
$r['message'] = 'Points updated';
return $r;
break;
case 'log':
if ($q[7] == '') {
$r['error'] = 'Log item type must not be empty';
return $r;
}
$data = explode('/', $s, 9);
cp_points($q[7], $user->ID, $q[5], $data[8]);
$r['points'] = cp_getPoints($user->ID);
$r['message'] = 'Points updated';
return $r;
break;
default:
$r['error'] = 'Method not implemented';
return $r;
}
}
break;
default:
$r['error'] = 'Method not implemented';
return $r;
}
break;
default:
$r['error'] = 'Method not implemented';
return $r;
}
break;
default:
$r['error'] = 'Method not implemented';
return $r;
}
}
function cp_module_donate_do()
{
$recipient = $_POST['recipient'];
$points = $_POST['points'];
$message = htmlentities(stripslashes($_POST['message']), ENT_QUOTES, 'UTF-8');
$user = get_userdatabylogin($recipient);
if (!is_user_logged_in()) {
$r['success'] = false;
$r['message'] = __('You must be logged in to make a donation!', 'cp');
} else {
if ($recipient == '') {
$r['success'] = false;
$r['message'] = __('Please enter the username of the recipient!', 'cp');
} else {
if ($user->ID == '') {
$r['success'] = false;
$r['message'] = __('You have entered an invalid recipient!', 'cp');
} else {
if ($user->ID == cp_currentUser()) {
$r['success'] = false;
$r['message'] = __('You cannot donate to yourself!', 'cp');
} else {
if (!is_numeric($points)) {
$r['success'] = false;
$r['message'] = __('You have entered an invalid number of points!', 'cp');
} else {
if ((int) $points < 1) {
$r['success'] = false;
$r['message'] = __('You have to donate at least one point!', 'cp');
} else {
if ((int) $points != (double) $points) {
$r['success'] = false;
$r['message'] = __('You have entered an invalid number of points!', 'cp');
} else {
if ((int) $points > (int) cp_getPoints(cp_currentUser())) {
$r['success'] = false;
$r['message'] = __('You do not have that many points to donate!', 'cp');
} else {
if (strlen($message) > 160) {
$r['success'] = false;
$r['message'] = __('The message you have entered is too long!', 'cp');
} else {
$message = mb_convert_encoding($message, 'HTML-ENTITIES', 'UTF-8');
$r['success'] = true;
$r['message'] = __('Your donation is successful!', 'cp');
cp_points('donate_from', $user->ID, $points, serialize(array("from" => cp_currentUser(), "message" => $message)));
cp_points('donate_to', cp_currentUser(), -$points, serialize(array("to" => $user->ID, "message" => $message)));
$r['pointsd'] = cp_displayPoints(0, 1, 1);
$r['points'] = cp_displayPoints(0, 1, 0);
}
}
}
}
}
}
}
}
}
echo json_encode($r);
die;
}
function cp_module_pcontent_buy()
{
if (!isset($_POST['cp_module_pcontent_pay'])) {
return;
}
$pcontent_enabled = (bool) get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points_enable', 1);
if (!$pcontent_enabled) {
return;
}
$uid = cp_currentUser();
global $wpdb;
$pid = $_POST['cp_module_pcontent_pay'];
if ((int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `data`={$pid} AND `type`='pcontent'") != 0) {
return;
}
if (!is_user_logged_in()) {
add_filter('cp_module_pcontent_post_content_' . $_POST['cp_module_pcontent_pay'], create_function('$data', 'return "<p style=\\"color:red;\\">' . get_option('cp_module_pcontent_text_logout') . '</p>";'));
return;
}
if (cp_getPoints(cp_currentUser()) < get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1)) {
add_filter('cp_module_pcontent_post_content_' . $_POST['cp_module_pcontent_pay'], create_function('$data', 'return "<p style=\\"color:red;\\">' . get_option('cp_module_pcontent_text_insufficient') . '</p>";'));
return;
}
cp_points('pcontent', cp_currentUser(), -get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1), $_POST['cp_module_pcontent_pay']);
if (get_option('cp_module_pcontent_payauthor')) {
$post = get_post($_POST['cp_module_pcontent_pay']);
cp_points('pcontent_author', $post->post_author, get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1), serialize(array($_POST['cp_module_pcontent_pay'], cp_currentUser())));
}
}
function cp_module_paypal_ipn()
{
if (isset($_GET['cp_module_paypal_ipn']) && $_GET['cp_module_paypal_ipn'] != '') {
if (get_option('cp_module_paypal_sandbox')) {
$host = 'www.sandbox.paypal.com';
} else {
$host = 'www.paypal.com';
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=' . urlencode('_notify-validate');
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://' . $host . '/cgi-bin/webscr');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $req);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: ' . $host));
$res = curl_exec($ch);
curl_close($ch);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom'];
list($points, $uid) = explode('|', $custom);
if (strcmp($res, "VERIFIED") == 0) {
// check the payment_status is Completed
if ($payment_status != 'Completed') {
die;
}
// check that txn_id has not been previously processed
global $wpdb;
$results = $wpdb->get_results('SELECT * FROM `' . CP_DB . '` WHERE `type`=\'paypal\'');
foreach ($results as $result) {
$data = unserialize($result->data);
if ($data['txn_id'] == $txn_id) {
die;
}
}
// check that receiver_email is your Primary PayPal email
if ($receiver_email != trim(get_option('cp_module_paypal_account'))) {
die;
}
// check that payment_amount/payment_currency are correct
if ($payment_currency != get_option('cp_module_paypal_currency')) {
die;
}
if ((double) $payment_amount != (double) cp_module_paypal_round_up(get_option('cp_module_paypal_price') * (int) $points, 2)) {
die;
}
// process payment
cp_points('paypal', $uid, (int) $points, serialize(array('txn_id' => $txn_id, 'payer_email' => $payer_email, 'amt' => $payment_amount)));
} else {
if (strcmp($res, "INVALID") == 0) {
// invalid IPN
die;
}
}
exit;
}
}
function lhg_link_hwscan($uid, $sid)
{
#error_log("Create link for $uid with $sid");
global $lang;
if ($lang != "de") {
cp_points('addpoints', $uid, LHG_KARMA_POINTS_hwscan, 'Hardware scan added <a href="/hardware-profile/scan-' . $sid . '">' . $sid . '</a>');
}
if ($lang == "de") {
cp_points('addpoints', $uid, LHG_KARMA_POINTS_hwscan, 'Hardware Scan hinzugefügt <a href="/hardware-profile/scan-' . $sid . '">' . $sid . '</a>');
}
#error_log("Points added");
global $lhg_price_db;
$sql = "UPDATE `lhgscansessions` SET `karma`= \"linked\" WHERE sid = \"{$sid}\"";
$result = $lhg_price_db->query($sql);
# ToDo: if wp_uid is already set (e.g. by scan script), it is set again. This seems unnecessary.
if ($lang != "de") {
$sql = "UPDATE `lhgscansessions` SET `wp_uid` = \"" . $uid . "\" WHERE sid = \"{$sid}\"";
}
if ($lang == "de") {
$sql = "UPDATE `lhgscansessions` SET `wp_uid_de` = \"" . $uid . "\" WHERE sid = \"{$sid}\"";
}
$result = $lhg_price_db->query($sql);
}
function cp_module_paypal_ipn()
{
if ($_GET['cp_module_paypal_ipn'] != '') {
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&{$key}={$value}";
}
if (get_option('cp_module_paypal_sandbox')) {
$loc = 'ssl://www.sandbox.paypal.com';
} else {
$loc = 'ssl://www.paypal.com';
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen($loc, 443, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];
$custom = $_POST['custom'];
list($points, $uid) = explode('|', $custom);
if (!$fp) {
// HTTP ERROR
} else {
fputs($fp, $header . $req);
while (!feof($fp)) {
$res = fgets($fp, 1024);
if (strcmp($res, "VERIFIED") == 0) {
// check the payment_status is Completed
if ($payment_status != 'Completed') {
die;
}
// check that txn_id has not been previously processed
global $wpdb;
$results = $wpdb->get_results('SELECT * FROM `' . CP_DB . '` WHERE `tyle`=\'paypal\'');
foreach ($results as $result) {
$data = $result->data;
if ($data['txn_id'] == $txn_id) {
die;
}
}
// check that receiver_email is your Primary PayPal email
if ($receiver_email != get_option('cp_module_paypal_account')) {
die;
}
// check that payment_amount/payment_currency are correct
if ($payment_currency != get_option('cp_module_paypal_currency')) {
die;
}
if ((double) $payment_amount != (double) cp_module_paypal_round_up(get_option('cp_module_paypal_price') * (int) $points, 2)) {
die;
}
// process payment
cp_points('paypal', $uid, (int) $points, serialize(array('txn_id' => $txn_id, 'payer_email' => $payer_email, 'amt' => $payment_amount)));
} else {
if (strcmp($res, "INVALID") == 0) {
// invalid paypal return
die;
}
}
}
fclose($fp);
}
exit;
}
}
/**
* Use this to do the final payment. Create the order then process the payment. If
* you know the payment is successful right away go ahead and change the order status
* as well.
* Call $mp->cart_checkout_error($msg, $context); to handle errors. If no errors
* it will redirect to the next step.
*
* @param array $cart. Contains the cart contents for the current blog, global cart if $mp->global_cart is true
* @param array $shipping_info. Contains shipping info and email in case you need it
*/
function process_payment($cart, $shipping_info)
{
global $mp;
$settings = get_option('mp_settings');
$timestamp = time();
$totals = array();
foreach ($cart as $product_id => $variations) {
foreach ($variations as $data) {
$totals[] = $mp->before_tax_price($data['price'], $product_id) * $data['quantity'];
}
}
$total = array_sum($totals);
if ($coupon = $mp->coupon_value($mp->get_coupon_code(), $total)) {
$total = $coupon['new_total'];
}
//shipping line
if (($shipping_price = $mp->shipping_price()) !== false) {
$total = $total + $shipping_price;
}
//tax line
if (($tax_price = $mp->tax_price()) !== false) {
$total = $total + $tax_price;
}
//get CubePoints user
$uid = cp_currentUser();
//test for CubePoints amount
if (cp_getPoints(cp_currentUser()) >= $total) {
//subtract $total from user's CubePoints
cp_points('custom', $uid, -$total, sprintf(__('%s Store Purchase', 'mp'), get_bloginfo('name')));
//create MarketPress order
$order_id = $mp->generate_order_id();
$payment_info['gateway_public_name'] = $this->public_name;
$payment_info['gateway_private_name'] = $this->admin_name;
$payment_info['status'][$timestamp] = __("Paid", 'mp');
$payment_info['total'] = $total;
$payment_info['currency'] = $settings['currency'];
$payment_info['method'] = __('CubePoints', 'mp');
$payment_info['transaction_id'] = $order_id;
$paid = true;
//create our order now
$result = $mp->create_order($order_id, $cart, $shipping_info, $payment_info, $paid);
} else {
//insuffient CubePoints
$mp->cart_checkout_error(sprintf(__('Sorry, but you do not appear to have enough points to complete this purchase!', 'mp'), mp_checkout_step_url('checkout')));
}
}
/**
* my_bp_gallery_delete_add_cppoints()
*
* Remove Points for BP Gallery Delete
*
* @version 1.9.8
* @since 1.0
*/
function my_bp_gallery_delete_add_cppoints()
{
global $bp;
$bpcpspamlist = explode(',', get_option('bp_spammer_cp_bp'));
foreach ($bpcpspamlist as $spammer_id) {
if ($bp->loggedin_user->id == $spammer_id) {
$is_spammer = true;
break;
} else {
$is_spammer = false;
}
}
if ($is_spammer == false) {
cp_points('cp_bp_galery_delete', $bp->loggedin_user->id, get_option('bp_gallery_delete_cp_bp'), "");
}
}
