/** * Create/Update API key */ public static function update_api_key() { ob_start(); global $wpdb; check_ajax_referer('update-api-key', 'security'); if (!current_user_can('manage_woocommerce')) { die(-1); } try { if (empty($_POST['description'])) { throw new Exception(__('Description is missing.', 'woocommerce')); } if (empty($_POST['user'])) { throw new Exception(__('User is missing.', 'woocommerce')); } if (empty($_POST['permissions'])) { throw new Exception(__('Permissions is missing.', 'woocommerce')); } $key_id = absint($_POST['key_id']); $description = sanitize_text_field($_POST['description']); $permissions = in_array($_POST['permissions'], array('read', 'write', 'read_write')) ? sanitize_text_field($_POST['permissions']) : 'read'; $user_id = absint($_POST['user']); if (0 < $key_id) { $data = array('user_id' => $user_id, 'description' => $description, 'permissions' => $permissions); $wpdb->update($wpdb->prefix . 'woocommerce_api_keys', $data, array('key_id' => $key_id), array('%d', '%s', '%s'), array('%d')); $data['consumer_key'] = ''; $data['consumer_secret'] = ''; $data['message'] = __('API Key updated successfully.', 'woocommerce'); } else { $status = 2; $consumer_key = 'ck_' . wc_rand_hash(); $consumer_secret = 'cs_' . wc_rand_hash(); $data = array('user_id' => $user_id, 'description' => $description, 'permissions' => $permissions, 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7)); $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $data, array('%d', '%s', '%s', '%s', '%s', '%s')); $key_id = $wpdb->insert_id; $data['consumer_key'] = $consumer_key; $data['consumer_secret'] = $consumer_secret; $data['message'] = __('API Key generated successfully. Make sure to copy your new API keys now. You won\'t be able to see it again!', 'woocommerce'); $data['revoke_url'] = '<a style="color: #a00; text-decoration: none;" href="' . esc_url(wp_nonce_url(add_query_arg(array('revoke-key' => $key_id), admin_url('admin.php?page=wc-settings&tab=api§ion=keys')), 'revoke')) . '">' . __('Revoke Key', 'woocommerce') . '</a>'; } wp_send_json_success($data); } catch (Exception $e) { wp_send_json_error(array('message' => $e->getMessage())); } }
$shipping_method->settings[$option_id] = implode(' + ', array_filter($math_cost_string)); } $shipping_method->settings['version'] = '2.4.0'; $shipping_method->settings['type'] = 'item' === $shipping_method->settings['type'] ? 'class' : $shipping_method->settings['type']; update_option($shipping_method->plugin_id . $shipping_method->id . '_settings', $shipping_method->settings); } } /** * Update the old user API keys to the new Apps keys */ $api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'"); $apps_keys = array(); // Get user data foreach ($api_users as $_user) { $user = get_userdata($_user->user_id); $apps_keys[] = array('user_id' => $user->ID, 'permissions' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret, 'truncated_key' => substr($user->woocommerce_api_consumer_secret, -7)); } if (!empty($apps_keys)) { // Create new apps foreach ($apps_keys as $app) { $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s', '%s')); } // Delete old user keys from usermeta foreach ($api_users as $_user) { $user_id = intval($_user->user_id); delete_user_meta($user_id, 'woocommerce_api_consumer_key'); delete_user_meta($user_id, 'woocommerce_api_consumer_secret'); delete_user_meta($user_id, 'woocommerce_api_key_permissions'); } } /**
/** * Create keys. * * @since 2.4.0 * * @param string $app_name * @param string $app_user_id * @param string $scope * * @return array */ protected function create_keys($app_name, $app_user_id, $scope) { global $wpdb; $description = sprintf(__('%s - API %s (created on %s at %s).', 'woocommerce'), wc_clean($app_name), $this->get_i18n_scope($scope), date_i18n(wc_date_format()), date_i18n(wc_time_format())); $user = wp_get_current_user(); // Created API keys. $permissions = in_array($scope, array('read', 'write', 'read_write')) ? sanitize_text_field($scope) : 'read'; $consumer_key = 'ck_' . wc_rand_hash(); $consumer_secret = 'cs_' . wc_rand_hash(); $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', array('user_id' => $user->ID, 'description' => $description, 'permissions' => $permissions, 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7)), array('%d', '%s', '%s', '%s', '%s', '%s')); return array('key_id' => $wpdb->insert_id, 'user_id' => $app_user_id, 'consumer_key' => $consumer_key, 'consumer_secret' => $consumer_secret, 'key_permissions' => $permissions); }
/** * Return the keys for the given consumer key * * @since 2.4.0 * @param string $consumer_key * @return array * @throws Exception */ private function get_keys_by_consumer_key($consumer_key) { global $wpdb; $consumer_key = wc_api_hash(sanitize_text_field($consumer_key)); $keys = $wpdb->get_row($wpdb->prepare("\n\t\t\tSELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces\n\t\t\tFROM {$wpdb->prefix}woocommerce_api_keys\n\t\t\tWHERE consumer_key = '%s'\n\t\t", $consumer_key), ARRAY_A); if (empty($keys)) { throw new Exception(__('Consumer Key is invalid', 'woocommerce'), 401); } return $keys; }
/** * Return the user data for the given consumer_key. * * @param string $consumer_key * @return array */ private function get_user_data_by_consumer_key($consumer_key) { global $wpdb; $consumer_key = wc_api_hash(sanitize_text_field($consumer_key)); $user = $wpdb->get_row($wpdb->prepare("\n\t\t\tSELECT key_id, user_id, permissions, consumer_key, consumer_secret, nonces\n\t\t\tFROM {$wpdb->prefix}woocommerce_api_keys\n\t\t\tWHERE consumer_key = %s\n\t\t", $consumer_key)); return $user; }
$shipping_method->settings[$option_id] = implode(' + ', array_filter($math_cost_string)); } $shipping_method->settings['version'] = '2.4.0'; $shipping_method->settings['type'] = 'item' === $shipping_method->settings['type'] ? 'class' : $shipping_method->settings['type']; update_option($shipping_method->plugin_id . $shipping_method->id . '_settings', $shipping_method->settings); } } /** * Update the old user API keys to the new Apps keys */ $api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'"); $apps_keys = array(); // Get user data foreach ($api_users as $_user) { $user = get_userdata($_user->user_id); $apps_keys[] = array('user_id' => $user->ID, 'permission' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret); } if (!empty($apps_keys)) { // Create new apps foreach ($apps_keys as $app) { $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s')); } // Delete old user keys from usermeta foreach ($api_users as $_user) { $user_id = intval($_user->user_id); delete_user_meta($user_id, 'woocommerce_api_consumer_key'); delete_user_meta($user_id, 'woocommerce_api_consumer_secret'); delete_user_meta($user_id, 'woocommerce_api_key_permissions'); } } /**
function wc_update_240_api_keys() { global $wpdb; /** * Update the old user API keys to the new Apps keys. */ $api_users = $wpdb->get_results("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'woocommerce_api_consumer_key'"); $apps_keys = array(); // Get user data foreach ($api_users as $_user) { $user = get_userdata($_user->user_id); $apps_keys[] = array('user_id' => $user->ID, 'permissions' => $user->woocommerce_api_key_permissions, 'consumer_key' => wc_api_hash($user->woocommerce_api_consumer_key), 'consumer_secret' => $user->woocommerce_api_consumer_secret, 'truncated_key' => substr($user->woocommerce_api_consumer_secret, -7)); } if (!empty($apps_keys)) { // Create new apps foreach ($apps_keys as $app) { $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $app, array('%d', '%s', '%s', '%s', '%s')); } // Delete old user keys from usermeta foreach ($api_users as $_user) { $user_id = intval($_user->user_id); delete_user_meta($user_id, 'woocommerce_api_consumer_key'); delete_user_meta($user_id, 'woocommerce_api_consumer_secret'); delete_user_meta($user_id, 'woocommerce_api_key_permissions'); } } }
public function create_key() { include_once plugin_dir_path(dirname(__FILE__)) . '/vendor/tenbucks_registration_client/lib/TenbucksRegistrationClient.php'; $form_is_valid = true; $required_fields = array('email', 'email_confirmation'); foreach ($required_fields as $key) { if (!array_key_exists($key, $_POST) || empty($_POST[$key])) { $format = __('Field %s is missing.', 'tenbucks'); return wp_send_json_error(array('message' => sprintf($format, $key), 'field' => $key)); } } $post_data = array_map('strtolower', $_POST); $email = $post_data['email']; $email_confirmation = $post_data['email_confirmation']; $sponsor = empty($post_data['sponsor']) ? null : $post_data['sponsor']; $error_msg = false; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error_msg = __('Invalid email.', 'tenbucks'); } if ($email !== $email_confirmation) { $error_msg = __('Email and confirmation are different.', 'tenbucks'); } if ($error_msg) { return wp_send_json_error(array('message' => $error_msg, 'field' => 'email')); } try { global $wpdb; // If API disabled, active it if (get_option('woocommerce_api_enabled') !== 'yes') { update_option('woocommerce_api_enabled', 'yes'); } $key_id = (int) get_option('tenbucks_ak_id'); $consumer_key = 'ck_' . wc_rand_hash(); $consumer_secret = 'cs_' . wc_rand_hash(); $table = $wpdb->prefix . 'woocommerce_api_keys'; $data = array('user_id' => get_current_user_id(), 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7)); if (!$key_id) { $data['description'] = 'tenbucks'; $data['permissions'] = 'read_write'; $wpdb->insert($table, $data, array('%d', '%s', '%s', '%s', '%s', '%s')); update_option('tenbucks_ak_id', $wpdb->insert_id); } else { $updated_rows = $wpdb->update($table, $data, array('key_id' => $key_id), array('%d', '%s', '%s', '%s'), array('%d')); if (!$updated_rows) { update_option('tenbucks_ak_id', 0); return wp_send_json_error(array('message' => __('Keys update failed, please try again.', 'tenbucks'))); } } unset($data); $client = new TenbucksRegistrationClient(); $url = get_site_url(); $lang_infos = explode('_', get_locale()); $opts = array('email' => $email, 'sponsor' => $sponsor, 'company' => get_bloginfo('name'), 'platform' => 'WooCommerce', 'locale' => $lang_infos[0], 'country' => $lang_infos[1], 'url' => get_site_url(), 'credentials' => array('api_key' => $consumer_key, 'api_secret' => $consumer_secret)); $query = $client->send($opts); $success = array_key_exists('success', $query) && (bool) $query['success']; if ($success) { // success update_option('tenbucks_registration_complete', true); if ($query['new_account']) { $msg = __('New account created. Please check your emails to confirm your address and start using tenbucks.', 'tenbucks'); $need_reload = false; } else { $msg = __('Shop added to your existing account. Page will reload shortly.', 'tenbucks'); $need_reload = true; } return wp_send_json_success(array('message' => $msg, 'needReload' => $need_reload)); } else { return wp_send_json_error(array('message' => __('Creation failed, please try again.', 'tenbucks'))); } } catch (Exception $e) { return wp_send_json_error(array('message' => $e->getMessage())); } }
/** * Direct copy of how API keys are generated via AJAX in WooCommerce * * @return boolean */ private function generate_v2_api_keys($user_id) { global $wpdb; $consumer_key = 'ck_' . wc_rand_hash(); $consumer_secret = 'cs_' . wc_rand_hash(); $data = array('user_id' => $user_id, 'description' => 'TaxJar', 'permissions' => 'read', 'consumer_key' => wc_api_hash($consumer_key), 'consumer_secret' => $consumer_secret, 'truncated_key' => substr($consumer_key, -7)); $wpdb->insert($wpdb->prefix . 'woocommerce_api_keys', $data, array('%d', '%s', '%s', '%s', '%s', '%s')); $key_id = $wpdb->insert_id; return array('consumer_key' => $consumer_key, 'consumer_secret' => $consumer_secret); }