Example #1
0
 /**
  * Handles validation when somebody is attempting to view an invoice.
  * If validation is passsed, we add the necessary
  * filters to display the invoice header and page content;
  * Global $invoice_id variable set by WPI_Functions::validate_page_hash();
  */
 function template_redirect()
 {
     global $invoice_id, $wpi_settings, $wpi_invoice_object, $post, $current_user;
     //** Alwys load styles without checking if given page has an invoice */
     wp_enqueue_style('wpi-theme-specific');
     wp_enqueue_style('wpi-default-style');
     //** Determine if the current page is invoice's page */
     if (empty($post->ID) || $wpi_settings['web_invoice_page'] != $post->ID) {
         return;
     }
     //** If invoice_id is passed, run validate_page_hash  to make sure this is the right page and invoice_id exists */
     if (isset($_GET['invoice_id'])) {
         if (WPI_Functions::validate_page_hash(esc_sql($_GET['invoice_id']))) {
             //** load global invoice object */
             $post_id = wpi_invoice_id_to_post_id($invoice_id);
             $wpi_invoice_object = new WPI_Invoice();
             $wpi_invoice_object->load_invoice("id={$post_id}");
             add_filter('viewable_invoice_types', array($this, 'viewable_types'));
             //** Determine if current invoice object is "viewable" */
             if (!in_array($wpi_invoice_object->data['post_status'], apply_filters('viewable_invoice_types', array('active')))) {
                 return;
             }
             if (isset($wpi_settings['logged_in_only']) && $wpi_settings['logged_in_only'] == 'true') {
                 if (!current_user_can(WPI_UI::get_capability_by_level($wpi_settings['user_level'])) && !WPI_Functions::user_is_invoice_recipient($wpi_invoice_object)) {
                     //** Show 404 when invoice doesn't exist */
                     $not_found = get_query_template('404');
                     require_once $not_found;
                     die;
                 }
             }
             //** Load front end scripts */
             wp_enqueue_script('jquery.validate');
             wp_enqueue_script('wpi-gateways');
             wp_enqueue_script('jquery.maskedinput');
             wp_enqueue_script('wpi-frontend-scripts');
             if (!empty($wpi_settings['ga_event_tracking']) && $wpi_settings['ga_event_tracking']['enabled'] == 'true') {
                 wp_enqueue_script('wpi-ga-tracking', WPI_URL . "/core/js/wpi.ga.tracking.js", array('jquery'));
             }
             //** Apply Filters to the invoice description */
             add_action('wpi_description', 'wpautop');
             add_action('wpi_description', 'wptexturize');
             add_action('wpi_description', 'shortcode_unautop');
             add_action('wpi_description', 'convert_chars');
             add_action('wpi_description', 'capital_P_dangit');
             //** Declare the variable that will hold our AJAX url for JavaScript purposes */
             wp_localize_script('wpi-gateways', 'wpi_ajax', array('url' => admin_url('admin-ajax.php')));
             add_action('wp_head', array('WPI_UI', 'frontend_header'));
             if ($wpi_settings['replace_page_title_with_subject'] == 'true' || $wpi_settings['hide_page_title'] == 'true') {
                 add_action('wp_title', array('WPI_UI', 'wp_title'), 0, 3);
             }
             if ($wpi_settings['replace_page_heading_with_subject'] == 'true' || $wpi_settings['hide_page_title'] == 'true') {
                 add_action('the_title', array('WPI_UI', 'the_title'), 0, 2);
             }
             add_action('the_content', array('WPI_UI', 'the_content'), 20);
         } else {
             //** Show 404 when invoice doesn't exist */
             $not_found = get_query_template('404');
             require_once $not_found;
             die;
         }
     }
     //** Fixed WordPress filters if page is being opened in HTTPS mode */
     if (isset($_SERVER['HTTPS']) && $_SERVER["HTTPS"] == "on") {
         if (function_exists('force_ssl')) {
             add_filter('option_siteurl', 'force_ssl');
             add_filter('option_home', 'force_ssl');
             add_filter('option_url', 'force_ssl');
             add_filter('option_wpurl', 'force_ssl');
             add_filter('option_stylesheet_url', 'force_ssl');
             add_filter('option_template_url', 'force_ssl');
             add_filter('script_loader_src', 'force_ssl');
         }
     }
     //** Lookup functionality */
     if (isset($_POST['wp_invoice_lookup_input'])) {
         if (!empty($current_user->ID)) {
             $id = get_invoice_id($_POST['wp_invoice_lookup_input']);
             if (empty($id)) {
                 //** Show 404 when invoice doesn't exist */
                 $not_found = get_query_template('404');
                 require_once $not_found;
                 die;
             }
             $invoice = get_invoice($id);
             if (current_user_can('level_10') || $current_user->data->user_email == $invoice['user_email']) {
                 header("location:" . get_invoice_permalink($_POST['wp_invoice_lookup_input']));
                 die;
             } else {
                 //** Show 404 when invoice doesn't exist */
                 $not_found = get_query_template('404');
                 require_once $not_found;
                 die;
             }
         } else {
             //** Show 404 when invoice doesn't exist */
             $not_found = get_query_template('404');
             require_once $not_found;
             die;
         }
     }
 }
Example #2
0
/**
 * Returns Invoice Permalink by invoice id
 *
 * @global array $wpi_settings
 * @global object $wpdb
 *
 * @param type $identificator
 *
 * @return boolean
 */
function get_invoice_permalink($identificator)
{
    global $wpi_settings, $wpdb;
    $hash = "";
    //** Check Invoice by ID and get hash */
    if (empty($identificator)) {
        return false;
    }
    $id = get_invoice_id($identificator);
    //** Get hash by post ID */
    if (!empty($id)) {
        $hash = $wpdb->get_var($wpdb->prepare("SELECT `meta_value` FROM `{$wpdb->postmeta}` WHERE `meta_key` = 'hash' AND `post_id` = '%d'", $id));
    }
    if (empty($hash) || empty($wpi_settings['web_invoice_page'])) {
        return false;
    }
    if (get_option("permalink_structure")) {
        return get_permalink($wpi_settings['web_invoice_page']) . "?invoice_id=" . $hash;
    } else {
        //** check if page is on front-end */
        if (get_option('page_on_front') == $wpi_settings['web_invoice_page']) {
            return get_permalink($wpi_settings['web_invoice_page']) . "?invoice_id=" . $hash;
        } else {
            return get_permalink($wpi_settings['web_invoice_page']) . "&invoice_id=" . $hash;
        }
    }
}