/**
* Perform the export
*
* @access public
* @since 1.5
* @return void
*/
public function export()
{
// Set headers
$this->headers();
give_die();
}
/**
* Output Query in either JSON/XML. The query data is outputted as JSON
* by default
*
* @since 1.1
* @global $wp_query
*
* @param int $status_code
*/
public function output($status_code = 200)
{
global $wp_query;
$format = $this->get_output_format();
status_header($status_code);
do_action('give_api_output_before', $this->data, $this, $format);
switch ($format) {
case 'xml':
require_once GIVE_PLUGIN_DIR . 'includes/libraries/array2xml.php';
$xml = Array2XML::createXML('give', $this->data);
echo $xml->saveXML();
break;
case 'json':
header('Content-Type: application/json');
if (!empty($this->pretty_print)) {
echo json_encode($this->data, $this->pretty_print);
} else {
echo json_encode($this->data);
}
break;
default:
// Allow other formats to be added via extensions
do_action('give_api_output_' . $format, $this->data, $this);
break;
}
do_action('give_api_output_after', $this->data, $this, $format);
give_die();
}
/**
* Send back to checkout.
*
* Used to redirect a user back to the purchase
* page if there are errors present.
*
* @param array $args
*
* @access public
* @since 1.0
* @return Void
*/
function give_send_back_to_checkout($args = array())
{
$redirect = isset($_POST['give-current-url']) ? $_POST['give-current-url'] : '';
$form_id = isset($_POST['give-form-id']) ? $_POST['give-form-id'] : 0;
$defaults = array('form-id' => (int) $form_id);
// Check for backward compatibility
if (is_string($args)) {
$args = str_replace('?', '', $args);
}
$args = wp_parse_args($args, $defaults);
$redirect = add_query_arg($args, $redirect) . '#give-form-' . $form_id . '-wrap';
wp_redirect(apply_filters('give_send_back_to_checkout', $redirect, $args));
give_die();
}
/**
* Send back to checkout.
*
* Used to redirect a user back to the purchase
* page if there are errors present.
*
* @param array $args
*
* @access public
* @since 1.0
* @return Void
*/
function give_send_back_to_checkout($args = array())
{
$redirect = isset($_POST['give-current-url']) ? $_POST['give-current-url'] : '';
if (!empty($args)) {
// Check for backward compatibility
if (is_string($args)) {
$args = str_replace('?', '', $args);
}
$args = wp_parse_args($args);
$redirect = esc_url(add_query_arg($args, $redirect));
}
wp_redirect(apply_filters('give_send_back_to_checkout', $redirect, $args));
give_die();
}
/**
* Search the donors database via Ajax
*
* @since 1.0
* @return void
*/
function give_ajax_donor_search()
{
global $wpdb;
$search = esc_sql(sanitize_text_field($_GET['s']));
$results = array();
if (!current_user_can('view_give_reports')) {
$donors = array();
} else {
$donors = $wpdb->get_results("SELECT id,name,email FROM {$wpdb->prefix}give_donors WHERE `name` LIKE '%{$search}%' OR `email` LIKE '%{$search}%' LIMIT 50");
}
if ($donors) {
foreach ($donors as $donor) {
$results[] = array('id' => $donor->id, 'name' => $donor->name . '(' . $donor->email . ')');
}
} else {
$donors[] = array('id' => 0, 'name' => __('No results found', 'give'));
}
echo json_encode($results);
give_die();
}
/**
* Process Profile Updater Form.
*
* Processes the profile updater form by updating the necessary fields.
*
* @since 1.0
*
* @param array $data Data sent from the profile editor.
*
* @return bool
*/
function give_process_profile_editor_updates($data)
{
// Profile field change request
if (empty($_POST['give_profile_editor_submit']) && !is_user_logged_in()) {
return false;
}
// Nonce security
if (!wp_verify_nonce($data['give_profile_editor_nonce'], 'give-profile-editor-nonce')) {
return false;
}
$user_id = get_current_user_id();
$old_user_data = get_userdata($user_id);
$display_name = isset($data['give_display_name']) ? sanitize_text_field($data['give_display_name']) : $old_user_data->display_name;
$first_name = isset($data['give_first_name']) ? sanitize_text_field($data['give_first_name']) : $old_user_data->first_name;
$last_name = isset($data['give_last_name']) ? sanitize_text_field($data['give_last_name']) : $old_user_data->last_name;
$email = isset($data['give_email']) ? sanitize_email($data['give_email']) : $old_user_data->user_email;
$line1 = isset($data['give_address_line1']) ? sanitize_text_field($data['give_address_line1']) : '';
$line2 = isset($data['give_address_line2']) ? sanitize_text_field($data['give_address_line2']) : '';
$city = isset($data['give_address_city']) ? sanitize_text_field($data['give_address_city']) : '';
$state = isset($data['give_address_state']) ? sanitize_text_field($data['give_address_state']) : '';
$zip = isset($data['give_address_zip']) ? sanitize_text_field($data['give_address_zip']) : '';
$country = isset($data['give_address_country']) ? sanitize_text_field($data['give_address_country']) : '';
$userdata = array('ID' => $user_id, 'first_name' => $first_name, 'last_name' => $last_name, 'display_name' => $display_name, 'user_email' => $email);
$address = array('line1' => $line1, 'line2' => $line2, 'city' => $city, 'state' => $state, 'zip' => $zip, 'country' => $country);
/**
* Fires before updating user profile.
*
* @since 1.0
*
* @param int $user_id The ID of the user.
* @param array $userdata User info, including ID, first name, last name, display name and email.
*/
do_action('give_pre_update_user_profile', $user_id, $userdata);
// New password
if (!empty($data['give_new_user_pass1'])) {
if ($data['give_new_user_pass1'] !== $data['give_new_user_pass2']) {
give_set_error('password_mismatch', esc_html__('The passwords you entered do not match. Please try again.', 'give'));
} else {
$userdata['user_pass'] = $data['give_new_user_pass1'];
}
}
if (empty($email)) {
// Make sure email should not be empty.
give_set_error('email_empty', esc_html__('The email you entered is empty.', 'give'));
} else {
if (!is_email($email)) {
// Make sure email should be valid.
give_set_error('email_not_valid', esc_html__('The email you entered is not valid. Please use another', 'give'));
} else {
if ($email != $old_user_data->user_email) {
// Make sure the new email doesn't belong to another user
if (email_exists($email)) {
give_set_error('email_exists', esc_html__('The email you entered belongs to another user. Please use another.', 'give'));
}
}
}
}
// Check for errors
$errors = give_get_errors();
if ($errors) {
// Send back to the profile editor if there are errors
wp_redirect($data['give_redirect']);
give_die();
}
// Update the user
$meta = update_user_meta($user_id, '_give_user_address', $address);
$updated = wp_update_user($userdata);
if ($updated) {
/**
* Fires after updating user profile.
*
* @since 1.0
*
* @param int $user_id The ID of the user.
* @param array $userdata User info, including ID, first name, last name, display name and email.
*/
do_action('give_user_profile_updated', $user_id, $userdata);
wp_redirect(add_query_arg('updated', 'true', $data['give_redirect']));
give_die();
}
return false;
}
/**
* Perform the export
*
* @access public
* @since 1.0
* @uses Give_Export::can_export()
* @uses Give_Export::headers()
* @uses Give_Export::csv_cols_out()
* @uses Give_Export::csv_rows_out()
* @return void
*/
public function export()
{
if (!$this->can_export()) {
wp_die(__('You do not have permission to export data.', 'give'), __('Error', 'give'), array('response' => 403));
}
// Set headers
$this->headers();
// Output CSV columns (headers)
$this->csv_cols_out();
// Output CSV rows
$this->csv_rows_out();
give_die();
}
/**
* Generates a System Info download file
*
* @since 1.0
* @return void
*/
function give_tools_sysinfo_download()
{
if (!current_user_can('manage_give_settings')) {
return;
}
nocache_headers();
header('Content-Type: text/plain');
header('Content-Disposition: attachment; filename="give-system-info.txt"');
echo wp_strip_all_tags($_POST['give-sysinfo']);
give_die();
}
/**
* Process the checkout login form
*
* @access private
* @since 1.0
* @return void
*/
function give_process_form_login()
{
$is_ajax = isset($_POST['give_ajax']);
$user_data = give_purchase_form_validate_user_login();
if (give_get_errors() || $user_data['user_id'] < 1) {
if ($is_ajax) {
do_action('give_ajax_checkout_errors');
give_die();
} else {
wp_redirect($_SERVER['HTTP_REFERER']);
exit;
}
}
give_log_user_in($user_data['user_id'], $user_data['user_login'], $user_data['user_pass']);
if ($is_ajax) {
echo 'success';
give_die();
} else {
wp_redirect($_SERVER['HTTP_REFERER']);
}
}
/**
* Grabs all of the selected date info and then redirects appropriately
*
* @since 1.0
*
* @param $data
*/
function give_parse_report_dates($data)
{
$dates = give_get_report_dates();
$view = give_get_reporting_view();
$id = isset($_GET['form-id']) ? $_GET['form-id'] : null;
wp_redirect(add_query_arg($dates, admin_url('edit.php?post_type=give_forms&page=give-reports&view=' . esc_attr($view) . '&form-id=' . absint($id))));
give_die();
}
/**
* Check for Variation Prices HTML (Multi-level donation forms)
*
* @since 1.6
*
* @return void
*/
function give_check_for_form_price_variations_html()
{
if (!current_user_can('edit_give_payments', get_current_user_id())) {
wp_die();
}
$form_id = intval($_POST['form_id']);
$payment_id = intval($_POST['payment_id']);
$form = get_post($form_id);
if ('give_forms' != $form->post_type) {
wp_die();
}
if (!give_has_variable_prices($form_id)) {
esc_html_e('n/a', 'give');
} else {
// Payment object.
$payment = new Give_Payment($payment_id);
// Payment meta.
$payment_meta = $payment->get_meta();
// Variable price dropdown options.
$variable_price_dropdown_option = array('id' => $form_id, 'name' => 'give-variable-price', 'chosen' => true, 'show_option_all' => '', 'selected' => $payment_meta['price_id']);
// Render variable prices select tag html.
give_get_form_variable_price_dropdown($variable_price_dropdown_option, true);
}
give_die();
}
/**
* Send back to donation form..
*
* Used to redirect a user back to the donation form if there are errors present.
*
* @param array $args
*
* @access public
* @since 1.0
* @return Void
*/
function give_send_back_to_checkout($args = array())
{
$url = isset($_POST['give-current-url']) ? sanitize_text_field($_POST['give-current-url']) : '';
//Set the form_id.
if (isset($_POST['give-form-id'])) {
$form_id = sanitize_text_field($_POST['give-form-id']);
} else {
$form_id = 0;
}
//Need a URL to continue. If none, redirect back to single form.
if (empty($url)) {
wp_safe_redirect(get_permalink($form_id));
give_die();
}
$defaults = array('form-id' => (int) $form_id);
// Check for backward compatibility.
if (is_string($args)) {
$args = str_replace('?', '', $args);
}
$args = wp_parse_args($args, $defaults);
// Merge URL query with $args to maintain third-party URL parameters after redirect.
$url_data = wp_parse_url($url);
//Check if an array to prevent notices before parsing.
if (isset($url_data['query']) && !empty($url_data['query'])) {
parse_str($url_data['query'], $query);
//Precaution: don't allow any CC info.
unset($query['card_number']);
unset($query['card_cvc']);
} else {
//No $url_data so pass empty array.
$query = array();
}
$new_query = array_merge($args, $query);
$new_query_string = http_build_query($new_query);
// Assemble URL parts.
$redirect = home_url('/' . $url_data['path'] . '?' . $new_query_string . '#give-form-' . $form_id . '-wrap');
//Redirect them.
wp_safe_redirect(apply_filters('give_send_back_to_checkout', $redirect, $args));
give_die();
}
/**
* Perform the export
*
* @access public
* @since 1.5
* @return void
*/
public function export()
{
// Set headers
$this->headers();
$file = $this->get_file();
@unlink($this->file);
echo $file;
give_die();
}
/**
* Trigger a Purchase Deletion
*
* @since 1.0
*
* @param $data Arguments passed
*
* @return void
*/
function give_trigger_purchase_delete($data)
{
if (wp_verify_nonce($data['_wpnonce'], 'give_payment_nonce')) {
$payment_id = absint($data['purchase_id']);
if (!current_user_can('edit_give_payments', $payment_id)) {
wp_die(__('You do not have permission to edit this payment record', 'give'), __('Error', 'give'), array('response' => 403));
}
give_delete_purchase($payment_id);
wp_redirect(admin_url('/edit.php?post_type=give_forms&page=give-payment-history&give-message=payment_deleted'));
give_die();
}
}
/**
* Process Register Form
*
* @since 2.0
*
* @param array $data Data sent from the register form
*
* @return void
*/
function give_process_register_form($data)
{
if (is_user_logged_in()) {
return;
}
if (empty($_POST['give_register_submit'])) {
return;
}
do_action('give_pre_process_register_form');
if (empty($data['give_user_login'])) {
give_set_error('empty_username', __('Invalid username', 'give'));
}
if (username_exists($data['give_user_login'])) {
give_set_error('username_unavailable', __('Username already taken', 'give'));
}
if (!validate_username($data['give_user_login'])) {
give_set_error('username_invalid', __('Invalid username', 'give'));
}
if (email_exists($data['give_user_email'])) {
give_set_error('email_unavailable', __('Email address already taken', 'give'));
}
if (empty($data['give_user_email']) || !is_email($data['give_user_email'])) {
give_set_error('email_invalid', __('Invalid email', 'give'));
}
if (!empty($data['give_payment_email']) && $data['give_payment_email'] != $data['give_user_email'] && !is_email($data['give_payment_email'])) {
give_set_error('payment_email_invalid', __('Invalid payment email', 'give'));
}
if (empty($_POST['give_user_pass'])) {
give_set_error('empty_password', __('Please enter a password', 'give'));
}
if (!empty($_POST['give_user_pass']) && empty($_POST['give_user_pass2']) || $_POST['give_user_pass'] !== $_POST['give_user_pass2']) {
give_set_error('password_mismatch', __('Passwords do not match', 'give'));
}
do_action('give_process_register_form');
// Check for errors and redirect if none present
$errors = give_get_errors();
if (empty($errors)) {
$redirect = apply_filters('give_register_redirect', $data['give_redirect']);
give_register_and_login_new_user(array('user_login' => $data['give_user_login'], 'user_pass' => $data['give_user_pass'], 'user_email' => $data['give_user_email'], 'user_registered' => date('Y-m-d H:i:s'), 'role' => get_option('default_role')));
wp_redirect($redirect);
give_die();
}
}