/**
* Create/Update API key
*/
public static function update_api_key()
{
ob_start();
global $wpdb;
check_ajax_referer('update-api-key', 'security');
if (!current_user_can('manage_woocommerce')) {
die(-1);
}
try {
if (empty($_POST['description'])) {
throw new Exception(__('Description is missing.', 'woocommerce'));
}
if (empty($_POST['user'])) {
throw new Exception(__('User is missing.', 'woocommerce'));
}
if (empty($_POST['permissions'])) {
throw new Exception(__('Permissions is missing.', 'woocommerce'));
}
$key_id = absint($_POST['key_id']);
$description = sanitize_text_field($_POST['description']);
$permissions = in_array($_POST['permissions'], array('read', 'write', 'read_write')) ? sanitize_text_field($_POST['permissions']) : 'read';
$user_id = absint($_POST['user']);
if (0 < $key_id) {
$data = array('user_id' => $user_id, 'description' => $description, 'permissions' => $permissions);
$wpdb->update($wpdb->prefix . 'woocommerce_api_keys', $data, array('key_id' => $key_id), array('%d', '%s', '%s'), array('%d'));
$data['consumer_key'] = '';
$data['consumer_secret'] = '';
$data['message'] = __('API Key updated successfully.', 'woocommerce');
} else {
$status = 2;
$consumer_key = 'ck_' . wc_rand_hash();
$consumer_secret = 'cs_' . wc_rand_hash();
$data = array('user_id' => $user_id, 'description' => $description, 'permissions' => $permissions, 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7));
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $data, array('%d', '%s', '%s', '%s', '%s', '%s'));
$key_id = $wpdb->insert_id;
$data['consumer_key'] = $consumer_key;
$data['consumer_secret'] = $consumer_secret;
$data['message'] = __('API Key generated successfully. Make sure to copy your new API keys now. You won\'t be able to see it again!', 'woocommerce');
$data['revoke_url'] = '<a style="color: #a00; text-decoration: none;" href="' . esc_url(wp_nonce_url(add_query_arg(array('revoke-key' => $key_id), admin_url('admin.php?page=wc-settings&tab=api§ion=keys')), 'revoke')) . '">' . __('Revoke Key', 'woocommerce') . '</a>';
}
wp_send_json_success($data);
} catch (Exception $e) {
wp_send_json_error(array('message' => $e->getMessage()));
}
}
$shipping_method->settings[$option_id] = implode(' + ', array_filter($math_cost_string));
}
$shipping_method->settings['version'] = '2.4.0';
$shipping_method->settings['type'] = 'item' === $shipping_method->settings['type'] ? 'class' : $shipping_method->settings['type'];
update_option($shipping_method->plugin_id . $shipping_method->id . '_settings', $shipping_method->settings);
}
}
/**
* Update the old user API keys to the new Apps keys
*/
$api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'");
$apps_keys = array();
// Get user data
foreach ($api_users as $_user) {
$user = get_userdata($_user->user_id);
$apps_keys[] = array('user_id' => $user->ID, 'permissions' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret, 'truncated_key' => substr($user->woocommerce_api_consumer_secret, -7));
}
if (!empty($apps_keys)) {
// Create new apps
foreach ($apps_keys as $app) {
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s', '%s'));
}
// Delete old user keys from usermeta
foreach ($api_users as $_user) {
$user_id = intval($_user->user_id);
delete_user_meta($user_id, 'woocommerce_api_consumer_key');
delete_user_meta($user_id, 'woocommerce_api_consumer_secret');
delete_user_meta($user_id, 'woocommerce_api_key_permissions');
}
}
/**
/**
* Create keys.
*
* @since 2.4.0
*
* @param string $app_name
* @param string $app_user_id
* @param string $scope
*
* @return array
*/
protected function create_keys($app_name, $app_user_id, $scope)
{
global $wpdb;
$description = sprintf(__('%s - API %s (created on %s at %s).', 'woocommerce'), wc_clean($app_name), $this->get_i18n_scope($scope), date_i18n(wc_date_format()), date_i18n(wc_time_format()));
$user = wp_get_current_user();
// Created API keys.
$permissions = in_array($scope, array('read', 'write', 'read_write')) ? sanitize_text_field($scope) : 'read';
$consumer_key = 'ck_' . wc_rand_hash();
$consumer_secret = 'cs_' . wc_rand_hash();
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', array('user_id' => $user->ID, 'description' => $description, 'permissions' => $permissions, 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7)), array('%d', '%s', '%s', '%s', '%s', '%s'));
return array('key_id' => $wpdb->insert_id, 'user_id' => $app_user_id, 'consumer_key' => $consumer_key, 'consumer_secret' => $consumer_secret, 'key_permissions' => $permissions);
}
/**
* Return the keys for the given consumer key
*
* @since 2.4.0
* @param string $consumer_key
* @return array
* @throws Exception
*/
private function get_keys_by_consumer_key($consumer_key)
{
global $wpdb;
$consumer_key = wc_api_hash(sanitize_text_field($consumer_key));
$keys = $wpdb->get_row($wpdb->prepare("\n\t\t\tSELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces\n\t\t\tFROM {$wpdb->prefix}woocommerce_api_keys\n\t\t\tWHERE consumer_key = '%s'\n\t\t", $consumer_key), ARRAY_A);
if (empty($keys)) {
throw new Exception(__('Consumer Key is invalid', 'woocommerce'), 401);
}
return $keys;
}
/**
* Return the user data for the given consumer_key.
*
* @param string $consumer_key
* @return array
*/
private function get_user_data_by_consumer_key($consumer_key)
{
global $wpdb;
$consumer_key = wc_api_hash(sanitize_text_field($consumer_key));
$user = $wpdb->get_row($wpdb->prepare("\n\t\t\tSELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces\n\t\t\tFROM {$wpdb->prefix}woocommerce_api_keys\n\t\t\tWHERE consumer_key = %s\n\t\t", $consumer_key));
return $user;
}
$shipping_method->settings[$option_id] = implode(' + ', array_filter($math_cost_string));
}
$shipping_method->settings['version'] = '2.4.0';
$shipping_method->settings['type'] = 'item' === $shipping_method->settings['type'] ? 'class' : $shipping_method->settings['type'];
update_option($shipping_method->plugin_id . $shipping_method->id . '_settings', $shipping_method->settings);
}
}
/**
* Update the old user API keys to the new Apps keys
*/
$api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'");
$apps_keys = array();
// Get user data
foreach ($api_users as $_user) {
$user = get_userdata($_user->user_id);
$apps_keys[] = array('user_id' => $user->ID, 'permission' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret);
}
if (!empty($apps_keys)) {
// Create new apps
foreach ($apps_keys as $app) {
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s'));
}
// Delete old user keys from usermeta
foreach ($api_users as $_user) {
$user_id = intval($_user->user_id);
delete_user_meta($user_id, 'woocommerce_api_consumer_key');
delete_user_meta($user_id, 'woocommerce_api_consumer_secret');
delete_user_meta($user_id, 'woocommerce_api_key_permissions');
}
}
/**
function wc_update_240_api_keys()
{
global $wpdb;
/**
* Update the old user API keys to the new Apps keys.
*/
$api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'");
$apps_keys = array();
// Get user data
foreach ($api_users as $_user) {
$user = get_userdata($_user->user_id);
$apps_keys[] = array('user_id' => $user->ID, 'permissions' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret, 'truncated_key' => substr($user->woocommerce_api_consumer_secret, -7));
}
if (!empty($apps_keys)) {
// Create new apps
foreach ($apps_keys as $app) {
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s', '%s'));
}
// Delete old user keys from usermeta
foreach ($api_users as $_user) {
$user_id = intval($_user->user_id);
delete_user_meta($user_id, 'woocommerce_api_consumer_key');
delete_user_meta($user_id, 'woocommerce_api_consumer_secret');
delete_user_meta($user_id, 'woocommerce_api_key_permissions');
}
}
}
public function create_key()
{
include_once plugin_dir_path(dirname(__FILE__)) . '/vendor/tenbucks_registration_client/lib/TenbucksRegistrationClient.php';
$form_is_valid = true;
$required_fields = array('email', 'email_confirmation');
foreach ($required_fields as $key) {
if (!array_key_exists($key, $_POST) || empty($_POST[$key])) {
$format = __('Field %s is missing.', 'tenbucks');
return wp_send_json_error(array('message' => sprintf($format, $key), 'field' => $key));
}
}
$post_data = array_map('strtolower', $_POST);
$email = $post_data['email'];
$email_confirmation = $post_data['email_confirmation'];
$sponsor = empty($post_data['sponsor']) ? null : $post_data['sponsor'];
$error_msg = false;
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_msg = __('Invalid email.', 'tenbucks');
}
if ($email !== $email_confirmation) {
$error_msg = __('Email and confirmation are different.', 'tenbucks');
}
if ($error_msg) {
return wp_send_json_error(array('message' => $error_msg, 'field' => 'email'));
}
try {
global $wpdb;
// If API disabled, active it
if (get_option('woocommerce_api_enabled') !== 'yes') {
update_option('woocommerce_api_enabled', 'yes');
}
$key_id = (int) get_option('tenbucks_ak_id');
$consumer_key = 'ck_' . wc_rand_hash();
$consumer_secret = 'cs_' . wc_rand_hash();
$table = $wpdb->prefix . 'woocommerce_api_keys';
$data = array('user_id' => get_current_user_id(), 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7));
if (!$key_id) {
$data['description'] = 'tenbucks';
$data['permissions'] = 'read_write';
$wpdb->insert($table, $data, array('%d', '%s', '%s', '%s', '%s', '%s'));
update_option('tenbucks_ak_id', $wpdb->insert_id);
} else {
$updated_rows = $wpdb->update($table, $data, array('key_id' => $key_id), array('%d', '%s', '%s', '%s'), array('%d'));
if (!$updated_rows) {
update_option('tenbucks_ak_id', 0);
return wp_send_json_error(array('message' => __('Keys update failed, please try again.', 'tenbucks')));
}
}
unset($data);
$client = new TenbucksRegistrationClient();
$url = get_site_url();
$lang_infos = explode('_', get_locale());
$opts = array('email' => $email, 'sponsor' => $sponsor, 'company' => get_bloginfo('name'), 'platform' => 'WooCommerce', 'locale' => $lang_infos[0], 'country' => $lang_infos[1], 'url' => get_site_url(), 'credentials' => array('api_key' => $consumer_key, 'api_secret' => $consumer_secret));
$query = $client->send($opts);
$success = array_key_exists('success', $query) && (bool) $query['success'];
if ($success) {
// success
update_option('tenbucks_registration_complete', true);
if ($query['new_account']) {
$msg = __('New account created. Please check your emails to confirm your address and start using tenbucks.', 'tenbucks');
$need_reload = false;
} else {
$msg = __('Shop added to your existing account. Page will reload shortly.', 'tenbucks');
$need_reload = true;
}
return wp_send_json_success(array('message' => $msg, 'needReload' => $need_reload));
} else {
return wp_send_json_error(array('message' => __('Creation failed, please try again.', 'tenbucks')));
}
} catch (Exception $e) {
return wp_send_json_error(array('message' => $e->getMessage()));
}
}
/**
* Direct copy of how API keys are generated via AJAX in WooCommerce
*
* @return boolean
*/
private function generate_v2_api_keys($user_id)
{
global $wpdb;
$consumer_key = 'ck_' . wc_rand_hash();
$consumer_secret = 'cs_' . wc_rand_hash();
$data = array('user_id' => $user_id, 'description' => 'TaxJar', 'permissions' => 'read', 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7));
$wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $data, array('%d', '%s', '%s', '%s', '%s', '%s'));
$key_id = $wpdb->insert_id;
return array('consumer_key' => $consumer_key, 'consumer_secret' => $consumer_secret);
}
