/** * Handles validation when somebody is attempting to view an invoice. * If validation is passsed, we add the necessary * filters to display the invoice header and page content; * Global $invoice_id variable set by WPI_Functions::validate_page_hash(); */ function template_redirect() { global $invoice_id, $wpi_settings, $wpi_invoice_object, $post, $current_user; //** Alwys load styles without checking if given page has an invoice */ wp_enqueue_style('wpi-theme-specific'); wp_enqueue_style('wpi-default-style'); //** Determine if the current page is invoice's page */ if (empty($post->ID) || $wpi_settings['web_invoice_page'] != $post->ID) { return; } //** If invoice_id is passed, run validate_page_hash to make sure this is the right page and invoice_id exists */ if (isset($_GET['invoice_id'])) { if (WPI_Functions::validate_page_hash(esc_sql($_GET['invoice_id']))) { //** load global invoice object */ $post_id = wpi_invoice_id_to_post_id($invoice_id); $wpi_invoice_object = new WPI_Invoice(); $wpi_invoice_object->load_invoice("id={$post_id}"); add_filter('viewable_invoice_types', array($this, 'viewable_types')); //** Determine if current invoice object is "viewable" */ if (!in_array($wpi_invoice_object->data['post_status'], apply_filters('viewable_invoice_types', array('active')))) { return; } if (isset($wpi_settings['logged_in_only']) && $wpi_settings['logged_in_only'] == 'true') { if (!current_user_can(WPI_UI::get_capability_by_level($wpi_settings['user_level'])) && !WPI_Functions::user_is_invoice_recipient($wpi_invoice_object)) { //** Show 404 when invoice doesn't exist */ $not_found = get_query_template('404'); require_once $not_found; die; } } //** Load front end scripts */ wp_enqueue_script('jquery.validate'); wp_enqueue_script('wpi-gateways'); wp_enqueue_script('jquery.maskedinput'); wp_enqueue_script('wpi-frontend-scripts'); if (!empty($wpi_settings['ga_event_tracking']) && $wpi_settings['ga_event_tracking']['enabled'] == 'true') { wp_enqueue_script('wpi-ga-tracking', WPI_URL . "/core/js/wpi.ga.tracking.js", array('jquery')); } //** Apply Filters to the invoice description */ add_action('wpi_description', 'wpautop'); add_action('wpi_description', 'wptexturize'); add_action('wpi_description', 'shortcode_unautop'); add_action('wpi_description', 'convert_chars'); add_action('wpi_description', 'capital_P_dangit'); //** Declare the variable that will hold our AJAX url for JavaScript purposes */ wp_localize_script('wpi-gateways', 'wpi_ajax', array('url' => admin_url('admin-ajax.php'))); add_action('wp_head', array('WPI_UI', 'frontend_header')); if ($wpi_settings['replace_page_title_with_subject'] == 'true' || $wpi_settings['hide_page_title'] == 'true') { add_action('wp_title', array('WPI_UI', 'wp_title'), 0, 3); } if ($wpi_settings['replace_page_heading_with_subject'] == 'true' || $wpi_settings['hide_page_title'] == 'true') { add_action('the_title', array('WPI_UI', 'the_title'), 0, 2); } add_action('the_content', array('WPI_UI', 'the_content'), 20); } else { //** Show 404 when invoice doesn't exist */ $not_found = get_query_template('404'); require_once $not_found; die; } } //** Fixed WordPress filters if page is being opened in HTTPS mode */ if (isset($_SERVER['HTTPS']) && $_SERVER["HTTPS"] == "on") { if (function_exists('force_ssl')) { add_filter('option_siteurl', 'force_ssl'); add_filter('option_home', 'force_ssl'); add_filter('option_url', 'force_ssl'); add_filter('option_wpurl', 'force_ssl'); add_filter('option_stylesheet_url', 'force_ssl'); add_filter('option_template_url', 'force_ssl'); add_filter('script_loader_src', 'force_ssl'); } } //** Lookup functionality */ if (isset($_POST['wp_invoice_lookup_input'])) { if (!empty($current_user->ID)) { $id = get_invoice_id($_POST['wp_invoice_lookup_input']); if (empty($id)) { //** Show 404 when invoice doesn't exist */ $not_found = get_query_template('404'); require_once $not_found; die; } $invoice = get_invoice($id); if (current_user_can('level_10') || $current_user->data->user_email == $invoice['user_email']) { header("location:" . get_invoice_permalink($_POST['wp_invoice_lookup_input'])); die; } else { //** Show 404 when invoice doesn't exist */ $not_found = get_query_template('404'); require_once $not_found; die; } } else { //** Show 404 when invoice doesn't exist */ $not_found = get_query_template('404'); require_once $not_found; die; } } }
/** * Returns Invoice Permalink by invoice id * * @global array $wpi_settings * @global object $wpdb * * @param type $identificator * * @return boolean */ function get_invoice_permalink($identificator) { global $wpi_settings, $wpdb; $hash = ""; //** Check Invoice by ID and get hash */ if (empty($identificator)) { return false; } $id = get_invoice_id($identificator); //** Get hash by post ID */ if (!empty($id)) { $hash = $wpdb->get_var($wpdb->prepare("SELECT `meta_value` FROM `{$wpdb->postmeta}` WHERE `meta_key` = 'hash' AND `post_id` = '%d'", $id)); } if (empty($hash) || empty($wpi_settings['web_invoice_page'])) { return false; } if (get_option("permalink_structure")) { return get_permalink($wpi_settings['web_invoice_page']) . "?invoice_id=" . $hash; } else { //** check if page is on front-end */ if (get_option('page_on_front') == $wpi_settings['web_invoice_page']) { return get_permalink($wpi_settings['web_invoice_page']) . "?invoice_id=" . $hash; } else { return get_permalink($wpi_settings['web_invoice_page']) . "&invoice_id=" . $hash; } } }