function cp_module_post_author_points_comment_remove($cid) { $cdata = get_comment($cid); $pid = $cdata->comment_post_ID; $pdata = get_post($pid); // do not subtract points if comment is made by post author if ($cdata->user_id != $pdata->post_author) { cp_points('post_comment_remove', $pdata->post_author, -get_option('cp_post_author_points'), $cid); } }
function cp_module_youtube_shortcode($atts) { // return if no video id defined if ($atts['id'] == '') { return; } // get points from shortcode or use default if (is_numeric($atts['points']) && (int) $atts['points'] >= 0) { $points = (int) $atts['points']; } else { $points = get_option('cp_module_youtube_points'); } // process any ajax request $_POST['uuid'] = str_replace('__', '-', $_POST['uuid']); if ($_POST['action'] == 'cp_youtube' && $_POST['uuid'] == $atts['id']) { global $wpdb; $data = $atts['id']; $uid = cp_currentUser(); if ((int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `data`='{$data}' AND `type`='youtube'") == 0) { cp_points('youtube', cp_currentUser(), $points, $atts['id']); } exit; } // get height and width from shortcode or use default if (is_numeric($atts['height'])) { $height = (int) $atts['height']; } else { $height = "315"; } if (is_numeric($atts['width'])) { $width = (int) $atts['width']; } else { $width = "560"; } $uuid = str_replace('-', '__', $atts['id']); $video = '<script type="text/javascript"> var params = { allowScriptAccess: "always", wmode: "transparent" }; swfobject.embedSWF("' . htmlentities('http://www.youtube.com/e/' . $atts['id'] . '?enablejsapi=1&version=3&playerapiid=' . $uuid . '&rel=0&controls=0&showinfo=0') . '", "' . $uuid . '", "' . $width . '", "' . $height . '", "9.0.0", null, null, params); </script> <div id="' . $uuid . '_container" class="cp_youtube"> <div id="' . $uuid . '"></div> </div>'; $video .= '<script type="text/javascript"> function cp_youtube_' . $uuid . '_fn(state) { cp_youtube_updateState("' . $uuid . '", state); } </script>'; return $video; }
function cp_module_dailypoints_checkTimer() { if (!is_user_logged_in()) { return; } $uid = cp_currentUser(); $time = get_option('cp_module_dailypoints_time'); $difference = time() - $time; global $wpdb; $count = (int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `timestamp`>{$difference} AND `type`='dailypoints'"); if ($count != 0) { return; } cp_points('dailypoints', $uid, get_option('cp_module_dailypoints_points'), ''); }
function cp_add_points_user_update() { header("Content-Type: application/json"); if (!current_user_can('manage_options') || $_POST['id'] == '' || $_POST['points'] == '' || $_POST['description'] == '') { $response = json_encode(array('status' => 'failed')); echo $response; exit; } cp_points('addpoints', (int) $_POST['id'], (int) $_POST['points'], htmlentities($_POST['description'])); $response = json_encode(array('status' => 'ok', 'newpoints' => cp_getPoints((int) $_POST['id']))); echo $response; exit; }
function cp_api_do() { if (get_option('cp_auth_key') != $_REQUEST['cp_api_key']) { $r['error'] = 'Invalid API key'; return $r; } $s = $_REQUEST['cp_api']; $q = explode('/', $s); switch ($q[0]) { case 'user': switch ($q[1]) { case 'login': $user = get_userdatabylogin($q[2]); break; case 'id': $user = get_userdata($q[2]); break; default: $r['error'] = 'Method not implemented'; return $r; } if ($user->ID == '') { $r['error'] = 'Invalid user'; return $r; } switch ($q[3]) { case '': $r = $user; return $r; break; case 'points': switch ($q[4]) { case '': $r['points'] = cp_getPoints($user->ID); return $r; break; case 'get': $r['points'] = cp_getPoints($user->ID); return $r; break; case 'set': if (!is_numeric($q[5])) { $r['error'] = 'Points must be integers'; return $r; } else { cp_updatePoints($user->ID, (int) $q[5]); $r['points'] = cp_getPoints($user->ID); $r['message'] = 'Points updated'; return $r; } break; case 'add': if (!is_numeric($q[5])) { $r['error'] = 'Points must be integers'; return $r; } else { switch ($q[6]) { case '': cp_alterPoints($user->ID, $q[5]); $r['points'] = cp_getPoints($user->ID); $r['message'] = 'Points updated'; return $r; break; case 'log': if ($q[7] == '') { $r['error'] = 'Log item type must not be empty'; return $r; } $data = explode('/', $s, 9); cp_points($q[7], $user->ID, $q[5], $data[8]); $r['points'] = cp_getPoints($user->ID); $r['message'] = 'Points updated'; return $r; break; default: $r['error'] = 'Method not implemented'; return $r; } } break; default: $r['error'] = 'Method not implemented'; return $r; } break; default: $r['error'] = 'Method not implemented'; return $r; } break; default: $r['error'] = 'Method not implemented'; return $r; } }
function cp_module_donate_do() { $recipient = $_POST['recipient']; $points = $_POST['points']; $message = htmlentities(stripslashes($_POST['message']), ENT_QUOTES, 'UTF-8'); $user = get_userdatabylogin($recipient); if (!is_user_logged_in()) { $r['success'] = false; $r['message'] = __('You must be logged in to make a donation!', 'cp'); } else { if ($recipient == '') { $r['success'] = false; $r['message'] = __('Please enter the username of the recipient!', 'cp'); } else { if ($user->ID == '') { $r['success'] = false; $r['message'] = __('You have entered an invalid recipient!', 'cp'); } else { if ($user->ID == cp_currentUser()) { $r['success'] = false; $r['message'] = __('You cannot donate to yourself!', 'cp'); } else { if (!is_numeric($points)) { $r['success'] = false; $r['message'] = __('You have entered an invalid number of points!', 'cp'); } else { if ((int) $points < 1) { $r['success'] = false; $r['message'] = __('You have to donate at least one point!', 'cp'); } else { if ((int) $points != (double) $points) { $r['success'] = false; $r['message'] = __('You have entered an invalid number of points!', 'cp'); } else { if ((int) $points > (int) cp_getPoints(cp_currentUser())) { $r['success'] = false; $r['message'] = __('You do not have that many points to donate!', 'cp'); } else { if (strlen($message) > 160) { $r['success'] = false; $r['message'] = __('The message you have entered is too long!', 'cp'); } else { $message = mb_convert_encoding($message, 'HTML-ENTITIES', 'UTF-8'); $r['success'] = true; $r['message'] = __('Your donation is successful!', 'cp'); cp_points('donate_from', $user->ID, $points, serialize(array("from" => cp_currentUser(), "message" => $message))); cp_points('donate_to', cp_currentUser(), -$points, serialize(array("to" => $user->ID, "message" => $message))); $r['pointsd'] = cp_displayPoints(0, 1, 1); $r['points'] = cp_displayPoints(0, 1, 0); } } } } } } } } } echo json_encode($r); die; }
function cp_module_pcontent_buy() { if (!isset($_POST['cp_module_pcontent_pay'])) { return; } $pcontent_enabled = (bool) get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points_enable', 1); if (!$pcontent_enabled) { return; } $uid = cp_currentUser(); global $wpdb; $pid = $_POST['cp_module_pcontent_pay']; if ((int) $wpdb->get_var("SELECT COUNT(*) FROM " . CP_DB . " WHERE `uid`={$uid} AND `data`={$pid} AND `type`='pcontent'") != 0) { return; } if (!is_user_logged_in()) { add_filter('cp_module_pcontent_post_content_' . $_POST['cp_module_pcontent_pay'], create_function('$data', 'return "<p style=\\"color:red;\\">' . get_option('cp_module_pcontent_text_logout') . '</p>";')); return; } if (cp_getPoints(cp_currentUser()) < get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1)) { add_filter('cp_module_pcontent_post_content_' . $_POST['cp_module_pcontent_pay'], create_function('$data', 'return "<p style=\\"color:red;\\">' . get_option('cp_module_pcontent_text_insufficient') . '</p>";')); return; } cp_points('pcontent', cp_currentUser(), -get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1), $_POST['cp_module_pcontent_pay']); if (get_option('cp_module_pcontent_payauthor')) { $post = get_post($_POST['cp_module_pcontent_pay']); cp_points('pcontent_author', $post->post_author, get_post_meta($_POST['cp_module_pcontent_pay'], 'cp_pcontent_points', 1), serialize(array($_POST['cp_module_pcontent_pay'], cp_currentUser()))); } }
function cp_module_paypal_ipn() { if (isset($_GET['cp_module_paypal_ipn']) && $_GET['cp_module_paypal_ipn'] != '') { if (get_option('cp_module_paypal_sandbox')) { $host = 'www.sandbox.paypal.com'; } else { $host = 'www.paypal.com'; } // read the post from PayPal system and add 'cmd' $req = 'cmd=' . urlencode('_notify-validate'); foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://' . $host . '/cgi-bin/webscr'); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $req); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Host: ' . $host)); $res = curl_exec($ch); curl_close($ch); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $custom = $_POST['custom']; list($points, $uid) = explode('|', $custom); if (strcmp($res, "VERIFIED") == 0) { // check the payment_status is Completed if ($payment_status != 'Completed') { die; } // check that txn_id has not been previously processed global $wpdb; $results = $wpdb->get_results('SELECT * FROM `' . CP_DB . '` WHERE `type`=\'paypal\''); foreach ($results as $result) { $data = unserialize($result->data); if ($data['txn_id'] == $txn_id) { die; } } // check that receiver_email is your Primary PayPal email if ($receiver_email != trim(get_option('cp_module_paypal_account'))) { die; } // check that payment_amount/payment_currency are correct if ($payment_currency != get_option('cp_module_paypal_currency')) { die; } if ((double) $payment_amount != (double) cp_module_paypal_round_up(get_option('cp_module_paypal_price') * (int) $points, 2)) { die; } // process payment cp_points('paypal', $uid, (int) $points, serialize(array('txn_id' => $txn_id, 'payer_email' => $payer_email, 'amt' => $payment_amount))); } else { if (strcmp($res, "INVALID") == 0) { // invalid IPN die; } } exit; } }
function lhg_link_hwscan($uid, $sid) { #error_log("Create link for $uid with $sid"); global $lang; if ($lang != "de") { cp_points('addpoints', $uid, LHG_KARMA_POINTS_hwscan, 'Hardware scan added <a href="/hardware-profile/scan-' . $sid . '">' . $sid . '</a>'); } if ($lang == "de") { cp_points('addpoints', $uid, LHG_KARMA_POINTS_hwscan, 'Hardware Scan hinzugefügt <a href="/hardware-profile/scan-' . $sid . '">' . $sid . '</a>'); } #error_log("Points added"); global $lhg_price_db; $sql = "UPDATE `lhgscansessions` SET `karma`= \"linked\" WHERE sid = \"{$sid}\""; $result = $lhg_price_db->query($sql); # ToDo: if wp_uid is already set (e.g. by scan script), it is set again. This seems unnecessary. if ($lang != "de") { $sql = "UPDATE `lhgscansessions` SET `wp_uid` = \"" . $uid . "\" WHERE sid = \"{$sid}\""; } if ($lang == "de") { $sql = "UPDATE `lhgscansessions` SET `wp_uid_de` = \"" . $uid . "\" WHERE sid = \"{$sid}\""; } $result = $lhg_price_db->query($sql); }
function cp_module_paypal_ipn() { if ($_GET['cp_module_paypal_ipn'] != '') { // read the post from PayPal system and add 'cmd' $req = 'cmd=_notify-validate'; foreach ($_POST as $key => $value) { $value = urlencode(stripslashes($value)); $req .= "&{$key}={$value}"; } if (get_option('cp_module_paypal_sandbox')) { $loc = 'ssl://www.sandbox.paypal.com'; } else { $loc = 'ssl://www.paypal.com'; } // post back to PayPal system to validate $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n"; $header .= "Content-Type: application/x-www-form-urlencoded\r\n"; $header .= "Content-Length: " . strlen($req) . "\r\n\r\n"; $fp = fsockopen($loc, 443, $errno, $errstr, 30); // assign posted variables to local variables $item_name = $_POST['item_name']; $item_number = $_POST['item_number']; $payment_status = $_POST['payment_status']; $payment_amount = $_POST['mc_gross']; $payment_currency = $_POST['mc_currency']; $txn_id = $_POST['txn_id']; $receiver_email = $_POST['receiver_email']; $payer_email = $_POST['payer_email']; $custom = $_POST['custom']; list($points, $uid) = explode('|', $custom); if (!$fp) { // HTTP ERROR } else { fputs($fp, $header . $req); while (!feof($fp)) { $res = fgets($fp, 1024); if (strcmp($res, "VERIFIED") == 0) { // check the payment_status is Completed if ($payment_status != 'Completed') { die; } // check that txn_id has not been previously processed global $wpdb; $results = $wpdb->get_results('SELECT * FROM `' . CP_DB . '` WHERE `tyle`=\'paypal\''); foreach ($results as $result) { $data = $result->data; if ($data['txn_id'] == $txn_id) { die; } } // check that receiver_email is your Primary PayPal email if ($receiver_email != get_option('cp_module_paypal_account')) { die; } // check that payment_amount/payment_currency are correct if ($payment_currency != get_option('cp_module_paypal_currency')) { die; } if ((double) $payment_amount != (double) cp_module_paypal_round_up(get_option('cp_module_paypal_price') * (int) $points, 2)) { die; } // process payment cp_points('paypal', $uid, (int) $points, serialize(array('txn_id' => $txn_id, 'payer_email' => $payer_email, 'amt' => $payment_amount))); } else { if (strcmp($res, "INVALID") == 0) { // invalid paypal return die; } } } fclose($fp); } exit; } }
/** * Use this to do the final payment. Create the order then process the payment. If * you know the payment is successful right away go ahead and change the order status * as well. * Call $mp->cart_checkout_error($msg, $context); to handle errors. If no errors * it will redirect to the next step. * * @param array $cart. Contains the cart contents for the current blog, global cart if $mp->global_cart is true * @param array $shipping_info. Contains shipping info and email in case you need it */ function process_payment($cart, $shipping_info) { global $mp; $settings = get_option('mp_settings'); $timestamp = time(); $totals = array(); foreach ($cart as $product_id => $variations) { foreach ($variations as $data) { $totals[] = $mp->before_tax_price($data['price'], $product_id) * $data['quantity']; } } $total = array_sum($totals); if ($coupon = $mp->coupon_value($mp->get_coupon_code(), $total)) { $total = $coupon['new_total']; } //shipping line if (($shipping_price = $mp->shipping_price()) !== false) { $total = $total + $shipping_price; } //tax line if (($tax_price = $mp->tax_price()) !== false) { $total = $total + $tax_price; } //get CubePoints user $uid = cp_currentUser(); //test for CubePoints amount if (cp_getPoints(cp_currentUser()) >= $total) { //subtract $total from user's CubePoints cp_points('custom', $uid, -$total, sprintf(__('%s Store Purchase', 'mp'), get_bloginfo('name'))); //create MarketPress order $order_id = $mp->generate_order_id(); $payment_info['gateway_public_name'] = $this->public_name; $payment_info['gateway_private_name'] = $this->admin_name; $payment_info['status'][$timestamp] = __("Paid", 'mp'); $payment_info['total'] = $total; $payment_info['currency'] = $settings['currency']; $payment_info['method'] = __('CubePoints', 'mp'); $payment_info['transaction_id'] = $order_id; $paid = true; //create our order now $result = $mp->create_order($order_id, $cart, $shipping_info, $payment_info, $paid); } else { //insuffient CubePoints $mp->cart_checkout_error(sprintf(__('Sorry, but you do not appear to have enough points to complete this purchase!', 'mp'), mp_checkout_step_url('checkout'))); } }
/** * my_bp_gallery_delete_add_cppoints() * * Remove Points for BP Gallery Delete * * @version 1.9.8 * @since 1.0 */ function my_bp_gallery_delete_add_cppoints() { global $bp; $bpcpspamlist = explode(',', get_option('bp_spammer_cp_bp')); foreach ($bpcpspamlist as $spammer_id) { if ($bp->loggedin_user->id == $spammer_id) { $is_spammer = true; break; } else { $is_spammer = false; } } if ($is_spammer == false) { cp_points('cp_bp_galery_delete', $bp->loggedin_user->id, get_option('bp_gallery_delete_cp_bp'), ""); } }