/** * Process registration * * @since 2.1 */ public function process_signup() { // setup the payment info in an array for storage $payment_data = array('subscription' => $this->subscription_name, 'payment_type' => 'manual', 'subscription_key' => $this->subscription_key, 'amount' => $this->amount, 'user_id' => $this->user_id, 'transaction_id' => $this->generate_transaction_id()); $rcp_payments = new RCP_Payments(); $rcp_payments->insert($payment_data); $this->renew_member(false, 'pending'); wp_redirect($this->return_url); exit; }
/** * Process registration * * @since 2.1 */ public function process_signup() { $member = new RCP_Member($this->user_id); $old_level = get_user_meta($member->ID, '_rcp_old_subscription_id', true); if (!empty($old_level) && $old_level == $this->subscription_id) { $expiration = $member->calculate_expiration(); } else { delete_user_meta($member->ID, 'rcp_pending_expiration_date'); $expiration = $member->calculate_expiration(true); } $member->renew(false, 'pending', $expiration); // setup the payment info in an array for storage $payment_data = array('subscription' => $this->subscription_name, 'payment_type' => 'manual', 'subscription_key' => $this->subscription_key, 'amount' => $this->amount + $this->signup_fee, 'user_id' => $this->user_id, 'transaction_id' => $this->generate_transaction_id()); $rcp_payments = new RCP_Payments(); $rcp_payments->insert($payment_data); wp_redirect($this->return_url); exit; }
/** * Proccess webhooks * * @since 2.3 */ public function process_webhooks() { if (isset($_GET['listener']) && $_GET['listener'] == '2checkout') { global $wpdb; $hash = strtoupper(md5($_POST['sale_id'] . $this->seller_id . $_POST['invoice_id'] . $this->secret_word)); if (!hash_equals($hash, $_POST['md5_hash'])) { die('-1'); } if (empty($_POST['message_type'])) { die('-2'); } if (empty($_POST['vendor_id'])) { die('-3'); } $subscription_key = sanitize_text_field($_POST['vendor_order_id']); $member_id = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'rcp_subscription_key' AND meta_value = %s LIMIT 1", $subscription_key)); if (!$member_id) { die('-4'); } $member = new RCP_Member($member_id); if (!rcp_is_2checkout_subscriber($member->ID)) { return; } $payments = new RCP_Payments(); switch (strtoupper($_POST['message_type'])) { case 'ORDER_CREATED': break; case 'REFUND_ISSUED': $payment = $payments->get_payment_by('transaction_id', $_POST['invoice_id']); $payments->update($payment->id, array('status' => 'refunded')); if (!empty($_POST['recurring'])) { $member->cancel(); $member->add_note(__('Subscription cancelled via refund 2Checkout', 'rcp')); } break; case 'RECURRING_INSTALLMENT_SUCCESS': $payment_data = array('date' => date('Y-m-d H:i:s', strtotime($_POST['timestamp'], current_time('timestamp'))), 'subscription' => $member->get_subscription_name(), 'payment_type' => sanitize_text_field($_POST['payment_type']), 'subscription_key' => $subscription_key, 'amount' => sanitize_text_field($_POST['item_list_amount_1']), 'user_id' => $member->ID, 'transaction_id' => sanitize_text_field($_POST['invoice_id'])); $recurring = !empty($_POST['recurring']); $member->renew($recurring); $payments->insert($payment_data); $member->add_note(__('Subscription renewed in 2Checkout', 'rcp')); break; case 'RECURRING_INSTALLMENT_FAILED': break; case 'RECURRING_STOPPED': if (!$member->just_upgraded()) { $member->cancel(); $member->add_note(__('Subscription cancelled in 2Checkout', 'rcp')); } break; case 'RECURRING_COMPLETE': break; case 'RECURRING_RESTARTED': $member->set_status('active'); $member->add_note(__('Subscription restarted in 2Checkout', 'rcp')); break; case 'FRAUD_STATUS_CHANGED': switch ($_POST['fraud_status']) { case 'pass': break; case 'fail': $member->set_status('pending'); $member->add_note(__('Payment flagged as fraudulent in 2Checkout', 'rcp')); break; case 'wait': break; } break; } do_action('rcp_2co_' . strtolower($_POST['message_type']) . '_ins', $member); die('success'); } }
public function process_webhooks() { if (!isset($_GET['listener']) || strtolower($_GET['listener']) != 'stripe') { return; } // Ensure listener URL is not cached by W3TC if (!defined('DONOTCACHEPAGE')) { define('DONOTCACHEPAGE', true); } \Stripe\Stripe::setApiKey($this->secret_key); // retrieve the request's body and parse it as JSON $body = @file_get_contents('php://input'); $event_json_id = json_decode($body); $expiration = ''; // for extra security, retrieve from the Stripe API if (isset($event_json_id->id)) { $rcp_payments = new RCP_Payments(); $event_id = $event_json_id->id; try { $event = \Stripe\Event::retrieve($event_id); $payment_event = $event->data->object; if (empty($payment_event->customer)) { die('no customer attached'); } // retrieve the customer who made this payment (only for subscriptions) $user = rcp_get_member_id_from_profile_id($payment_event->customer); if (empty($user)) { // Grab the customer ID from the old meta keys global $wpdb; $user = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = '_rcp_stripe_user_id' AND meta_value = %s LIMIT 1", $payment_event->customer)); } if (empty($user)) { die('no user ID found'); } $member = new RCP_Member($user); // check to confirm this is a stripe subscriber if ($member) { if (!$member->get_subscription_id()) { die('no subscription ID for member'); } if ($event->type == 'charge.succeeded' || $event->type == 'invoice.payment_succeeded') { // setup payment data $payment_data = array('date' => date_i18n('Y-m-d g:i:s', $event->created), 'payment_type' => 'Credit Card', 'user_id' => $member->ID, 'amount' => '', 'transaction_id' => ''); if ($event->type == 'charge.succeeded') { // Successful one-time payment if (empty($payment_event->invoice)) { $payment_data['amount'] = $payment_event->amount / rcp_stripe_get_currency_multiplier(); $payment_data['transaction_id'] = $payment_event->id; // Successful subscription payment } else { $invoice = \Stripe\Invoice::retrieve($payment_event->invoice); $payment_data['amount'] = $invoice->amount_due / rcp_stripe_get_currency_multiplier(); $payment_data['transaction_id'] = $payment_event->id; } // Successful subscription paid made with account credit where no charge is created } elseif ($event->type == 'invoice.payment_succeeded' && empty($payment_event->charge)) { $payment_data['amount'] = $payment_event->amount_due / rcp_stripe_get_currency_multiplier(); $payment_data['transaction_id'] = $payment_event->id; $invoice = $payment_event; } if (!empty($payment_data['transaction_id']) && !$rcp_payments->payment_exists($payment_data['transaction_id'])) { if (!empty($invoice->subscription)) { $customer = \Stripe\Customer::retrieve($member->get_payment_profile_id()); $subscription = $customer->subscriptions->retrieve($invoice->subscription); if (!empty($subscription)) { $expiration = date('Y-m-d 23:59:59', $subscription->current_period_end); $member->set_recurring(); } $member->set_merchant_subscription_id($subscription->id); } $member->renew($member->is_recurring(), 'active', $expiration); // These must be retrieved after the status is set to active in order for upgrades to work properly $payment_data['subscription'] = $member->get_subscription_name(); $payment_data['subscription_key'] = $member->get_subscription_key(); // record this payment if it hasn't been recorded yet $rcp_payments->insert($payment_data); do_action('rcp_stripe_charge_succeeded', $user, $payment_data); die('rcp_stripe_charge_succeeded action fired successfully'); } else { die('duplicate payment found'); } } // failed payment if ($event->type == 'charge.failed') { do_action('rcp_stripe_charge_failed', $invoice); die('rcp_stripe_charge_failed action fired successfully'); } // Cancelled / failed subscription if ($event->type == 'customer.subscription.deleted') { if (!$member->just_upgraded()) { $member->set_status('cancelled'); die('member cancelled successfully'); } } do_action('rcp_stripe_' . $event->type, $payment_event); } } catch (Exception $e) { // something failed die('PHP exception: ' . $e->getMessage()); } die('1'); } die('no event ID found'); }
function rcp_process_data() { if (!is_admin()) { return; } if (!empty($_POST)) { /**************************************** * subscription levels ****************************************/ // add a new subscription level if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'add-level') { if (!current_user_can('rcp_manage_levels')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $levels = new RCP_Levels(); $add = $levels->insert($_POST); if ($add) { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-member-levels&rcp_message=level_added'; } else { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-member-levels&rcp_message=level_not_added'; } wp_safe_redirect($url); exit; } // edit a subscription level if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'edit-subscription') { if (!current_user_can('rcp_manage_levels')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $levels = new RCP_Levels(); $update = $levels->update($_POST['subscription_id'], $_POST); if ($update) { // clear the cache $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-member-levels&rcp_message=level_updated'; } else { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-member-levels&rcp_message=level_not_updated'; } wp_safe_redirect($url); exit; } // add a subscription for an existing member if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'add-subscription') { if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } if (isset($_POST['expiration']) && strtotime('NOW') > strtotime($_POST['expiration']) && 'none' !== $_POST['expiration']) { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-members&rcp_message=user_not_added'; header("Location:" . $url); } else { $levels = new RCP_Levels(); $user = get_user_by('login', $_POST['user']); $expiration = isset($_POST['expiration']) ? sanitize_text_field($_POST['expiration']) : 'none'; $level_id = absint($_POST['level']); rcp_set_expiration_date($user->ID, $expiration); rcp_set_status($user->ID, 'active'); update_user_meta($user->ID, 'rcp_signup_method', 'manual'); // Add a role, if needed, to the user $subscription = $levels->get_level($level_id); update_user_meta($user->ID, 'rcp_subscription_level', $level_id); // Add the new user role $role = !empty($subscription->role) ? $subscription->role : 'subscriber'; $user->add_role($role); if (isset($_POST['recurring'])) { update_user_meta($user->ID, 'rcp_recurring', 'yes'); } else { delete_user_meta($user->ID, 'rcp_recurring'); } $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-members&rcp_message=user_added'; header("Location:" . $url); } } // bulk edit members if (isset($_POST['rcp-bulk-action']) && $_POST['rcp-bulk-action']) { if (!wp_verify_nonce($_POST['rcp_bulk_edit_nonce'], 'rcp_bulk_edit_nonce')) { wp_die(__('Nonce verification failed.', 'rcp')); } if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } if (empty($_POST['member-ids'])) { wp_die(__('Please select at least one member to edit.', 'rcp')); } $member_ids = array_map('absint', $_POST['member-ids']); $action = !empty($_POST['rcp-bulk-action']) ? sanitize_text_field($_POST['rcp-bulk-action']) : false; foreach ($member_ids as $member_id) { $member = new RCP_Member($member_id); if (!empty($_POST['expiration']) && 'delete' !== $action) { $member->set_expiration_date(date('Y-m-d H:i:s', strtotime($_POST['expiration']))); } if ($action) { switch ($action) { case 'mark-active': $member->set_status('active'); break; case 'mark-expired': $member->set_status('expired'); break; case 'mark-cancelled': $member->set_status('cancelled'); break; case 'delete': wp_delete_user($member->ID); break; } } } wp_redirect(admin_url('admin.php?page=rcp-members&rcp_message=members_updated')); exit; } // edit a member's subscription if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'edit-member') { if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $levels = new RCP_Levels(); $user_id = absint($_POST['user']); $member = new RCP_Member($user_id); $status = sanitize_text_field($_POST['status']); $level_id = absint($_POST['level']); $expiration = isset($_POST['expiration']) ? sanitize_text_field($_POST['expiration']) : 'none'; $expiration = 'none' !== $expiration ? date('Y-m-d 23:59:59', strtotime($_POST['expiration'])) : $expiration; if (!empty($_POST['expiration'])) { $member->set_expiration_date($expiration); } if (isset($_POST['level'])) { $current_id = rcp_get_subscription_id($user_id); $new_level = $levels->get_level($level_id); $old_level = $levels->get_level($current_id); if ($current_id != $level_id) { update_user_meta($user_id, 'rcp_subscription_level', $level_id); // Remove the old user role $role = !empty($old_level->role) ? $old_level->role : 'subscriber'; $member->remove_role($role); // Add the new user role $role = !empty($new_level->role) ? $new_level->role : 'subscriber'; $member->add_role($role); } } if (isset($_POST['recurring'])) { $member->set_recurring(true); } else { $member->set_recurring(false); } if (isset($_POST['trialing'])) { update_user_meta($user_id, 'rcp_is_trialing', 'yes'); } else { delete_user_meta($user_id, 'rcp_is_trialing'); } if (isset($_POST['signup_method'])) { update_user_meta($user_id, 'rcp_signup_method', $_POST['signup_method']); } if (isset($_POST['notes'])) { update_user_meta($user_id, 'rcp_notes', wp_kses($_POST['notes'], array())); } if (isset($_POST['status'])) { rcp_set_status($user_id, $status); } if (isset($_POST['payment-profile-id'])) { $member->set_payment_profile_id($_POST['payment-profile-id']); } do_action('rcp_edit_member', $user_id); wp_redirect(admin_url('admin.php?page=rcp-members&edit_member=' . $user_id . '&rcp_message=user_updated')); exit; } /**************************************** * discount codes ****************************************/ // add a new discount code if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'add-discount') { if (!current_user_can('rcp_manage_discounts')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $discounts = new RCP_Discounts(); // Setup unsanitized data $data = array('name' => $_POST['name'], 'description' => $_POST['description'], 'amount' => $_POST['amount'], 'unit' => isset($_POST['unit']) && $_POST['unit'] == '%' ? '%' : 'flat', 'code' => $_POST['code'], 'status' => 'active', 'expiration' => $_POST['expiration'], 'max_uses' => $_POST['max'], 'subscription_id' => $_POST['subscription']); $add = $discounts->insert($data); if ($add) { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-discounts&rcp_message=discount_added'; } else { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-discounts&rcp_message=discount_not_added'; } wp_safe_redirect($url); exit; } // edit a discount code if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'edit-discount') { if (!current_user_can('rcp_manage_discounts')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $discounts = new RCP_Discounts(); // Setup unsanitized data $data = array('name' => $_POST['name'], 'description' => $_POST['description'], 'amount' => $_POST['amount'], 'unit' => isset($_POST['unit']) && $_POST['unit'] == '%' ? '%' : 'flat', 'code' => $_POST['code'], 'status' => $_POST['status'], 'expiration' => $_POST['expiration'], 'max_uses' => $_POST['max'], 'subscription_id' => $_POST['subscription']); $update = $discounts->update($_POST['discount_id'], $data); if ($update) { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-discounts&discount-updated=1'; } else { $url = get_bloginfo('wpurl') . '/wp-admin/admin.php?page=rcp-discounts&discount-updated=0'; } wp_safe_redirect($url); exit; } // add a new manual payment if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'add-payment') { if (!current_user_can('rcp_manage_payments')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $payments = new RCP_Payments(); $user = get_user_by('login', $_POST['user']); if ($user) { $data = array('amount' => empty($_POST['amount']) ? 0.0 : sanitize_text_field($_POST['amount']), 'user_id' => $user->ID, 'date' => empty($_POST['date']) ? date('Y-m-d H:i:s', current_time('timestamp')) : date('Y-m-d', strtotime($_POST['date'], current_time('timestamp'))) . ' ' . date('H:i:s', current_time('timestamp')), 'payment_type' => 'manual', 'subscription' => rcp_get_subscription($user->ID), 'subscription_key' => rcp_get_subscription_key($user->ID), 'transaction_id' => sanitize_text_field($_POST['transaction-id']), 'status' => sanitize_text_field($_POST['status'])); $add = $payments->insert($data); } if (!empty($add)) { $cache_args = array('earnings' => 1, 'subscription' => 0, 'user_id' => 0, 'date' => ''); $cache_key = md5(implode(',', $cache_args)); delete_transient($cache_key); $url = admin_url('admin.php?page=rcp-payments&rcp_message=payment_added'); } else { $url = admin_url('admin.php?page=rcp-payments&rcp_message=payment_not_added'); } wp_safe_redirect($url); exit; } // edit a payment if (isset($_POST['rcp-action']) && $_POST['rcp-action'] == 'edit-payment') { if (!current_user_can('rcp_manage_payments')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $payments = new RCP_Payments(); $payment_id = absint($_POST['payment-id']); $user = get_user_by('login', $_POST['user']); if ($user && $payment_id) { $data = array('amount' => empty($_POST['amount']) ? 0.0 : sanitize_text_field($_POST['amount']), 'user_id' => $user->ID, 'date' => empty($_POST['date']) ? date('Y-m-d H:i:s', current_time('timestamp')) : date('Y-m-d', strtotime($_POST['date'], current_time('timestamp'))) . ' ' . date('H:i:s', current_time('timestamp')), 'subscription' => rcp_get_subscription($user->ID), 'subscription_key' => rcp_get_subscription_key($user->ID), 'transaction_id' => sanitize_text_field($_POST['transaction-id']), 'status' => sanitize_text_field($_POST['status'])); $update = $payments->update($payment_id, $data); } if (!empty($update)) { $cache_args = array('earnings' => 1, 'subscription' => 0, 'user_id' => 0, 'date' => ''); $cache_key = md5(implode(',', $cache_args)); delete_transient($cache_key); $url = admin_url('admin.php?page=rcp-payments&rcp_message=payment_updated'); } else { $url = admin_url('admin.php?page=rcp-payments&rcp_message=payment_not_updated'); } wp_safe_redirect($url); exit; } } /************************************* * delete data *************************************/ if (!empty($_GET)) { /* member processing */ if (isset($_GET['revoke_access'])) { if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } rcp_set_status(urldecode(absint($_GET['revoke_access'])), 'cancelled'); } if (isset($_GET['activate_member'])) { if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } rcp_set_status(urldecode(absint($_GET['activate_member'])), 'active'); } if (isset($_GET['cancel_member'])) { if (!current_user_can('rcp_manage_members')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } rcp_cancel_member_payment_profile(urldecode(absint($_GET['cancel_member']))); wp_safe_redirect(admin_url(add_query_arg('rcp_message', 'member_cancelled', 'admin.php?page=rcp-members'))); exit; } /* subscription processing */ if (isset($_GET['delete_subscription']) && $_GET['delete_subscription'] > 0) { if (!current_user_can('rcp_manage_levels')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $members_of_subscription = rcp_get_members_of_subscription(absint($_GET['delete_subscription'])); // cancel all active members of this subscription if ($members_of_subscription) { foreach ($members_of_subscription as $member) { rcp_set_status($member, 'cancelled'); } } $levels = new RCP_Levels(); $levels->remove($_GET['delete_subscription']); } if (isset($_GET['activate_subscription']) && $_GET['activate_subscription'] > 0) { if (!current_user_can('rcp_manage_levels')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $levels = new RCP_Levels(); $update = $levels->update(absint($_GET['activate_subscription']), array('status' => 'active')); delete_transient('rcp_subscription_levels'); } if (isset($_GET['deactivate_subscription']) && $_GET['deactivate_subscription'] > 0) { if (!current_user_can('rcp_manage_levels')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $levels = new RCP_Levels(); $update = $levels->update(absint($_GET['deactivate_subscription']), array('status' => 'inactive')); delete_transient('rcp_subscription_levels'); } /* discount processing */ if (!empty($_GET['delete_discount'])) { if (!current_user_can('rcp_manage_discounts')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $discounts = new RCP_Discounts(); $discounts->delete($_GET['delete_discount']); } if (!empty($_GET['activate_discount'])) { if (!current_user_can('rcp_manage_discounts')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $discounts = new RCP_Discounts(); $discounts->update($_GET['activate_discount'], array('status' => 'active')); } if (!empty($_GET['deactivate_discount'])) { if (!current_user_can('rcp_manage_discounts')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $discounts = new RCP_Discounts(); $discounts->update($_GET['deactivate_discount'], array('status' => 'disabled')); } if (!empty($_GET['rcp-action']) && $_GET['rcp-action'] == 'delete_payment' && wp_verify_nonce($_GET['_wpnonce'], 'rcp_delete_payment_nonce')) { if (!current_user_can('rcp_manage_payments')) { wp_die(__('You do not have permission to perform this action.', 'rcp')); } $payments = new RCP_Payments(); $payments->delete(absint($_GET['payment_id'])); wp_safe_redirect(admin_url(add_query_arg('rcp_message', 'payment_deleted', 'admin.php?page=rcp-payments'))); exit; } } }
/** * Process PayPal IPN * * @since 2.1 */ public function process_webhooks() { if (!isset($_GET['listener']) || strtoupper($_GET['listener']) != 'IPN') { return; } global $rcp_options; nocache_headers(); if (!class_exists('IpnListener')) { // instantiate the IpnListener class include RCP_PLUGIN_DIR . 'includes/gateways/paypal/paypal-ipnlistener.php'; } $listener = new IpnListener(); $verified = false; if ($this->test_mode) { $listener->use_sandbox = true; } /* if( isset( $rcp_options['ssl'] ) ) { $listener->use_ssl = true; } else { $listener->use_ssl = false; } */ //To post using the fsockopen() function rather than cURL, use: if (isset($rcp_options['disable_curl'])) { $listener->use_curl = false; } try { $listener->requirePostMethod(); $verified = $listener->processIpn(); } catch (Exception $e) { status_header(402); //die( 'IPN exception: ' . $e->getMessage() ); } /* The processIpn() method returned true if the IPN was "VERIFIED" and false if it was "INVALID". */ if ($verified || isset($_POST['verification_override']) || ($this->test_mode || isset($rcp_options['disable_ipn_verify']))) { status_header(200); $user_id = 0; $posted = apply_filters('rcp_ipn_post', $_POST); // allow $_POST to be modified if (!empty($posted['custom']) && is_numeric($posted['custom'])) { $user_id = absint($posted['custom']); } else { if (!empty($posted['subscr_id'])) { $user_id = rcp_get_member_id_from_profile_id($posted['subscr_id']); } else { if (!empty($posted['payer_email'])) { $user = get_user_by('email', $posted['payer_email']); $user_id = $user ? $user->ID : false; } } } $member = new RCP_Member($user_id); if (!$member || !$member->get_subscription_id()) { die('no member found'); } if (!rcp_get_subscription_details($member->get_subscription_id())) { die('no subscription level found'); } $subscription_name = $posted['item_name']; $subscription_key = $posted['item_number']; $amount = number_format((double) $posted['mc_gross'], 2); $amount2 = number_format((double) $posted['mc_amount3'], 2); $payment_status = $posted['payment_status']; $currency_code = $posted['mc_currency']; $subscription_price = number_format((double) rcp_get_subscription_price($member->get_subscription_id()), 2); // setup the payment info in an array for storage $payment_data = array('date' => date('Y-m-d g:i:s', strtotime($posted['payment_date'], current_time('timestamp'))), 'subscription' => $posted['item_name'], 'payment_type' => $posted['txn_type'], 'subscription_key' => $subscription_key, 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']); do_action('rcp_valid_ipn', $payment_data, $user_id, $posted); if ($posted['txn_type'] == 'web_accept' || $posted['txn_type'] == 'subscr_payment') { // only check for an existing payment if this is a payment IPD request if (rcp_check_for_existing_payment($posted['txn_type'], $posted['payment_date'], $subscription_key)) { $log_data = array('post_title' => __('Duplicate Payment', 'rcp'), 'post_content' => __('A duplicate payment was detected. The new payment was still recorded, so you may want to check into both payments.', 'rcp'), 'post_parent' => 0, 'log_type' => 'gateway_error'); $log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id); $log_entry = WP_Logging::insert_log($log_data, $log_meta); die('duplicate IPN detected'); } if (strtolower($currency_code) != strtolower($rcp_options['currency'])) { // the currency code is invalid $log_data = array('post_title' => __('Invalid Currency Code', 'rcp'), 'post_content' => sprintf(__('The currency code in an IPN request did not match the site currency code. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error'); $log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id); $log_entry = WP_Logging::insert_log($log_data, $log_meta); die('invalid currency code'); } } if (isset($rcp_options['email_ipn_reports'])) { wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport()); } /* now process the kind of subscription/payment */ $rcp_payments = new RCP_Payments(); // Subscriptions switch ($posted['txn_type']) { case "subscr_signup": // when a new user signs up // store the recurring payment ID update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); $member->set_payment_profile_id($posted['subscr_id']); do_action('rcp_ipn_subscr_signup', $user_id); die('successful subscr_signup'); break; case "subscr_payment": // when a user makes a recurring payment update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); $member->set_payment_profile_id($posted['subscr_id']); $member->renew(true); // record this payment in the database $rcp_payments->insert($payment_data); do_action('rcp_ipn_subscr_payment', $user_id); die('successful subscr_payment'); break; case "subscr_cancel": // user is marked as cancelled but retains access until end of term $member->set_status('cancelled'); // set the use to no longer be recurring delete_user_meta($user_id, 'rcp_paypal_subscriber'); do_action('rcp_ipn_subscr_cancel', $user_id); die('successful subscr_cancel'); break; case "subscr_failed": do_action('rcp_ipn_subscr_failed'); die('successful subscr_failed'); break; case "subscr_eot": // user's subscription has reached the end of its term if ('cancelled' !== $member->get_status($user_id)) { $member->set_status('expired'); } do_action('rcp_ipn_subscr_eot', $user_id); die('successful subscr_eot'); break; case "web_accept": switch (strtolower($payment_status)) { case 'completed': // set this user to active $member->renew(); $rcp_payments->insert($payment_data); break; case 'denied': case 'expired': case 'failed': case 'voided': $member->set_status('cancelled'); break; } die('successful web_accept'); break; case "cart": case "express_checkout": default: break; } } else { if (isset($rcp_options['email_ipn_reports'])) { // an invalid IPN attempt was made. Send an email to the admin account to investigate wp_mail(get_bloginfo('admin_email'), __('Invalid IPN', 'rcp'), $listener->getTextReport()); } status_header(400); die('invalid IPN'); } }
/** * Process PayPal IPN * * @since 2.1 */ public function process_webhooks() { if (!isset($_GET['listener']) || strtoupper($_GET['listener']) != 'EIPN') { return; } $posted = apply_filters('rcp_ipn_post', $_POST); // allow $_POST to be modified $user_id = absint($posted['custom']); $member = new RCP_Member($user_id); if (!$member || !$member->get_subscription_id()) { die('no member found'); } if (!rcp_get_subscription_details($member->get_subscription_id())) { die('no subscription level found'); } $amount = number_format((double) $posted['mc_gross'], 2); // setup the payment info in an array for storage $payment_data = array('date' => date('Y-m-d g:i:s', strtotime($posted['payment_date'])), 'subscription' => $member->get_subscription_name(), 'payment_type' => $posted['txn_type'], 'subscription_key' => $member->get_subscription_key(), 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']); do_action('rcp_valid_ipn', $payment_data, $user_id, $posted); if (isset($rcp_options['email_ipn_reports'])) { wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport()); } /* now process the kind of subscription/payment */ $rcp_payments = new RCP_Payments(); // Subscriptions switch ($posted['txn_type']) { case "recurring_payment": // when a user makes a recurring payment // record this payment in the database $rcp_payments->insert($payment_data); update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); $member->set_payment_profile_id($posted['recurring_payment_id']); $this->renew_member(true); do_action('rcp_ipn_subscr_payment', $user_id); die('successful recurring_payment'); break; case "recurring_payment_profile_cancel": // user is marked as cancelled but retains access until end of term $member->set_status('cancelled'); // set the use to no longer be recurring delete_user_meta($user_id, 'rcp_paypal_subscriber'); do_action('rcp_ipn_subscr_cancel', $user_id); die('successful recurring_payment_profile_cancel'); break; case "recurring_payment_failed": case "recurring_payment_suspended_due_to_max_failed_payment": if ('cancelled' !== $member->get_status($user_id)) { $member->set_status('expired'); } do_action('rcp_ipn_subscr_failed'); die('successful recurring_payment_failed or recurring_payment_suspended_due_to_max_failed_payment'); break; } }
function rcp_check_ipn() { global $rcp_options; if (!class_exists('IpnListener')) { // instantiate the IpnListener class include RCP_PLUGIN_DIR . 'includes/gateways/paypal/ipnlistener.php'; } $listener = new IpnListener(); if (isset($rcp_options['sandbox'])) { $listener->use_sandbox = true; } if (isset($rcp_options['ssl'])) { $listener->use_ssl = true; } else { $listener->use_ssl = false; } //To post using the fsockopen() function rather than cURL, use: if (isset($rcp_options['disable_curl'])) { $listener->use_curl = false; } try { $listener->requirePostMethod(); $verified = $listener->processIpn(); } catch (Exception $e) { //exit(0); } /* The processIpn() method returned true if the IPN was "VERIFIED" and false if it was "INVALID". */ if ($verified || isset($_POST['verification_override']) || (isset($rcp_options['sandbox']) || isset($rcp_options['disable_ipn_verify']))) { $posted = apply_filters('rcp_ipn_post', $_POST); // allow $_POST to be modified $user_id = $posted['custom']; $subscription_name = $posted['item_name']; $subscription_key = $posted['item_number']; $amount = number_format((double) $posted['mc_gross'], 2); $amount2 = number_format((double) $posted['mc_amount3'], 2); $payment_status = $posted['payment_status']; $currency_code = $posted['mc_currency']; $subscription_id = rcp_get_subscription_id($user_id); $subscription_price = number_format((double) rcp_get_subscription_price(rcp_get_subscription_id($user_id)), 2); $user_data = get_userdata($user_id); if (!$user_data || !$subscription_id) { return; } if (!rcp_get_subscription_details($subscription_id)) { return; } // setup the payment info in an array for storage $payment_data = array('date' => date('Y-m-d g:i:s', strtotime($posted['payment_date'])), 'subscription' => $posted['item_name'], 'payment_type' => $posted['txn_type'], 'subscription_key' => $subscription_key, 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']); do_action('rcp_valid_ipn', $payment_data, $user_id, $posted); if ($posted['txn_type'] == 'web_accept' || $posted['txn_type'] == 'subscr_payment') { // only check for an existing payment if this is a payment IPD request if (rcp_check_for_existing_payment($posted['txn_type'], $posted['payment_date'], $subscription_key)) { $log_data = array('post_title' => __('Duplicate Payment', 'rcp'), 'post_content' => __('A duplicate payment was detected. The new payment was still recorded, so you may want to check into both payments.', 'rcp'), 'post_parent' => 0, 'log_type' => 'gateway_error'); $log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id); $log_entry = WP_Logging::insert_log($log_data, $log_meta); return; // this IPN request has already been processed } /* do some quick checks to make sure all necessary data validates */ if ($amount < $subscription_price && $amount2 < $subscription_price) { /* // the subscription price doesn't match, so lets check to see if it matches with a discount code if( ! rcp_check_paypal_return_price_after_discount( $subscription_price, $amount, $amount2, $user_id ) ) { $log_data = array( 'post_title' => __( 'Price Mismatch', 'rcp' ), 'post_content' => sprintf( __( 'The price in an IPN request did not match the subscription price. Payment data: %s', 'rcp' ), json_encode( $payment_data ) ), 'post_parent' => 0, 'log_type' => 'gateway_error' ); $log_meta = array( 'user_subscription' => $posted['item_name'], 'user_id' => $user_id ); $log_entry = WP_Logging::insert_log( $log_data, $log_meta ); //return; } */ } if (strtolower($currency_code) != strtolower($rcp_options['currency'])) { // the currency code is invalid $log_data = array('post_title' => __('Invalid Currency Code', 'rcp'), 'post_content' => sprintf(__('The currency code in an IPN request did not match the site currency code. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error'); $log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id); $log_entry = WP_Logging::insert_log($log_data, $log_meta); return; } } if (isset($rcp_options['email_ipn_reports'])) { wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport()); } if (rcp_get_subscription_key($user_id) != $subscription_key) { // the subscription key is invalid $log_data = array('post_title' => __('Subscription Key Mismatch', 'rcp'), 'post_content' => sprintf(__('The subscription key in an IPN request did not match the subscription key recorded for the user. Payment data: %s', 'rcp'), json_encode($payment_data)), 'post_parent' => 0, 'log_type' => 'gateway_error'); $log_meta = array('user_subscription' => $posted['item_name'], 'user_id' => $user_id); $log_entry = WP_Logging::insert_log($log_data, $log_meta); return; } /* now process the kind of subscription/payment */ $rcp_payments = new RCP_Payments(); // Subscriptions switch ($posted['txn_type']) { case "subscr_signup": // when a new user signs up // store the recurring payment ID update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); // set the user's status to active rcp_set_status($user_id, 'active'); if (!isset($rcp_options['disable_new_user_notices'])) { wp_new_user_notification($user_id); } // send welcome email rcp_email_subscription_status($user_id, 'active'); update_user_meta($user_id, 'rcp_recurring', 'yes'); do_action('rcp_ipn_subscr_signup', $user_id); break; case "subscr_payment": // when a user makes a recurring payment // record this payment in the database $rcp_payments->insert($payment_data); $subscription = rcp_get_subscription_details(rcp_get_subscription_id($user_id)); // update the user's expiration to correspond with the new payment $member_new_expiration = date('Y-m-d H:i:s', strtotime('+' . $subscription->duration . ' ' . $subscription->duration_unit . ' 23:59:59')); rcp_set_expiration_date($user_id, $member_new_expiration); update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); // make sure the user's status is active rcp_set_status($user_id, 'active'); update_user_meta($user_id, 'rcp_recurring', 'yes'); delete_user_meta($user_id, '_rcp_expired_email_sent'); do_action('rcp_ipn_subscr_payment', $user_id); break; case "subscr_cancel": // user is marked as cancelled but retains access until end of term rcp_set_status($user_id, 'cancelled'); // set the use to no longer be recurring delete_user_meta($user_id, 'rcp_recurring'); delete_user_meta($user_id, 'rcp_paypal_subscriber'); // send sub cancelled email rcp_email_subscription_status($user_id, 'cancelled'); do_action('rcp_ipn_subscr_cancel', $user_id); break; case "subscr_failed": do_action('rcp_ipn_subscr_failed'); break; case "subscr_eot": // user's subscription has reach the end of its term // set the use to no longer be recurring delete_user_meta($user_id, 'rcp_recurring'); if ('cancelled' !== rcp_get_status($user_id)) { rcp_set_status($user_id, 'expired'); // send expired email rcp_email_subscription_status($user_id, 'expired'); } do_action('rcp_ipn_subscr_eot', $user_id); break; case "cart": return; // get out of here // get out of here case "express_checkout": return; // get out of here // get out of here case "web_accept": switch (strtolower($payment_status)) { case 'completed': if (isset($_POST['verification_override'])) { // this is a method for providing a new expiration if it doesn't exist $subscription = rcp_get_subscription_details_by_name($payment_data['subscription']); // update the user's expiration to correspond with the new payment $member_new_expiration = date('Y-m-d H:i:s', strtotime('+' . $subscription->duration . ' ' . $subscription->duration_unit . ' 23:59:59')); rcp_set_expiration_date($user_id, $member_new_expiration); } // set this user to active rcp_set_status($user_id, 'active'); $rcp_payments->insert($payment_data); rcp_email_subscription_status($user_id, 'active'); if (!isset($rcp_options['disable_new_user_notices'])) { // send welcome email here wp_new_user_notification($user_id); } delete_user_meta($user_id, '_rcp_expired_email_sent'); break; case 'denied': case 'expired': case 'failed': case 'voided': rcp_set_status($user_id, 'cancelled'); // send cancelled email here break; } break; default: break; } } else { if (isset($rcp_options['email_ipn_reports'])) { // an invalid IPN attempt was made. Send an email to the admin account to investigate wp_mail(get_bloginfo('admin_email'), __('Invalid IPN', 'rcp'), $listener->getTextReport()); } } }
public function process_webhooks() { if (!isset($_GET['listener']) || strtolower($_GET['listener']) != 'stripe') { return; } // Ensure listener URL is not cached by W3TC define('DONOTCACHEPAGE', true); \Stripe\Stripe::setApiKey($this->secret_key); // retrieve the request's body and parse it as JSON $body = @file_get_contents('php://input'); $event_json_id = json_decode($body); // for extra security, retrieve from the Stripe API if (isset($event_json_id->id)) { $rcp_payments = new RCP_Payments(); $event_id = $event_json_id->id; try { $event = \Stripe\Event::retrieve($event_id); $invoice = $event->data->object; if (empty($invoice->customer)) { die('no customer attached'); } // retrieve the customer who made this payment (only for subscriptions) $user = rcp_get_member_id_from_profile_id($invoice->customer); if (empty($user)) { // Grab the customer ID from the old meta keys global $wpdb; $user = $wpdb->get_var($wpdb->prepare("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = '_rcp_stripe_user_id' AND meta_value = %s LIMIT 1", $invoice->customer)); } if (empty($user)) { die('no user ID found'); } $member = new RCP_Member($user); // check to confirm this is a stripe subscriber if ($member) { // successful payment if ($event->type == 'charge.succeeded') { if (!$member->get_subscription_id()) { die('no subscription ID for member'); } $payment_data = array('date' => date('Y-m-d g:i:s', $event->created), 'subscription' => $member->get_subscription_name(), 'payment_type' => 'Credit Card', 'subscription_key' => $member->get_subscription_key(), 'amount' => $invoice->amount / 100, 'user_id' => $member->ID, 'transaction_id' => $invoice->id); if (!rcp_check_for_existing_payment($payment_data['payment_type'], $payment_data['date'], $payment_data['subscription_key'])) { // record this payment if it hasn't been recorded yet $rcp_payments->insert($payment_data); $member->renew($member->is_recurring()); do_action('rcp_stripe_charge_succeeded', $user, $payment_data); die('rcp_stripe_charge_succeeded action fired successfully'); } else { die('duplicate payment found'); } } // failed payment if ($event->type == 'charge.failed') { do_action('rcp_stripe_charge_failed', $invoice); die('rcp_stripe_charge_failed action fired successfully'); } // Cancelled / failed subscription if ($event->type == 'customer.subscription.deleted') { $member->set_status('cancelled'); die('member cancelled successfully'); } do_action('rcp_stripe_' . $event->type, $invoice); } } catch (Exception $e) { // something failed die('PHP exception: ' . $e->getMessage()); } die('1'); } die('no event ID found'); }
/** * Process PayPal IPN * * @since 2.1 */ public function process_webhooks() { if (!isset($_GET['listener']) || strtoupper($_GET['listener']) != 'EIPN') { return; } $user_id = 0; $posted = apply_filters('rcp_ipn_post', $_POST); // allow $_POST to be modified if (!empty($posted['recurring_payment_id'])) { $user_id = rcp_get_member_id_from_profile_id($posted['recurring_payment_id']); } if (empty($user_id) && !empty($posted['custom']) && is_numeric($posted['custom'])) { $user_id = absint($posted['custom']); } if (empty($user_id) && !empty($posted['payer_email'])) { $user = get_user_by('email', $posted['payer_email']); $user_id = $user ? $user->ID : false; } $member = new RCP_Member($user_id); if (!$member || !$member->ID > 0) { die('no member found'); } $subscription_id = $member->get_pending_subscription_id(); if (empty($subscription_id)) { $subscription_id = $member->get_subscription_id(); } if (!$subscription_id) { die('no subscription for member found'); } if (!rcp_get_subscription_details($subscription_id)) { die('no subscription level found'); } $amount = number_format((double) $posted['mc_gross'], 2); // setup the payment info in an array for storage $payment_data = array('date' => date('Y-m-d H:i:s', strtotime($posted['payment_date'])), 'subscription' => $member->get_subscription_name(), 'payment_type' => $posted['txn_type'], 'subscription_key' => $member->get_subscription_key(), 'amount' => $amount, 'user_id' => $user_id, 'transaction_id' => $posted['txn_id']); do_action('rcp_valid_ipn', $payment_data, $user_id, $posted); if (isset($rcp_options['email_ipn_reports'])) { wp_mail(get_bloginfo('admin_email'), __('IPN report', 'rcp'), $listener->getTextReport()); } /* now process the kind of subscription/payment */ $rcp_payments = new RCP_Payments(); // Subscriptions switch ($posted['txn_type']) { case "recurring_payment_profile_created": if (isset($posted['initial_payment_txn_id'])) { $transaction_id = 'Completed' == $posted['initial_payment_status'] ? $posted['initial_payment_txn_id'] : ''; } else { $transaction_id = $posted['ipn_track_id']; } if (empty($transaction_id) || $rcp_payments->payment_exists($transaction_id)) { break; } // setup the payment info in an array for storage $payment_data = array('date' => date('Y-m-d H:i:s', strtotime($posted['time_created'])), 'subscription' => $member->get_subscription_name(), 'payment_type' => $posted['txn_type'], 'subscription_key' => $member->get_subscription_key(), 'amount' => number_format((double) $posted['initial_payment_amount'], 2), 'user_id' => $user_id, 'transaction_id' => sanitize_text_field($transaction_id)); $rcp_payments->insert($payment_data); $expiration = date('Y-m-d 23:59:59', strtotime($posted['next_payment_date'])); $member->renew($member->is_recurring(), 'active', $expiration); break; case "recurring_payment": // when a user makes a recurring payment update_user_meta($user_id, 'rcp_paypal_subscriber', $posted['payer_id']); $member->set_payment_profile_id($posted['recurring_payment_id']); $member->renew(true); // record this payment in the database $rcp_payments->insert($payment_data); do_action('rcp_ipn_subscr_payment', $user_id); die('successful recurring_payment'); break; case "recurring_payment_profile_cancel": if (!$member->just_upgraded()) { // user is marked as cancelled but retains access until end of term $member->set_status('cancelled'); // set the use to no longer be recurring delete_user_meta($user_id, 'rcp_paypal_subscriber'); do_action('rcp_ipn_subscr_cancel', $user_id); die('successful recurring_payment_profile_cancel'); } break; case "recurring_payment_failed": case "recurring_payment_suspended_due_to_max_failed_payment": if ('cancelled' !== $member->get_status($user_id)) { $member->set_status('expired'); } do_action('rcp_ipn_subscr_failed'); die('successful recurring_payment_failed or recurring_payment_suspended_due_to_max_failed_payment'); break; case "web_accept": switch (strtolower($posted['payment_status'])) { case 'completed': if ($member->just_upgraded() && rcp_can_member_cancel($member->ID)) { $cancelled = rcp_cancel_member_payment_profile($member->ID, false); if ($cancelled) { $member->set_payment_profile_id(''); } } $payment_data = array('date' => date('Y-m-d H:i:s', strtotime($posted['payment_date'])), 'subscription' => $member->get_subscription_name(), 'payment_type' => $posted['txn_type'], 'subscription_key' => $member->get_subscription_key(), 'amount' => number_format((double) $posted['mc_gross'], 2), 'user_id' => $user_id, 'transaction_id' => sanitize_text_field($posted['txn_id'])); $rcp_payments->insert($payment_data); // set this user to active $member->renew(); break; case 'denied': case 'expired': case 'failed': case 'voided': $member->set_status('cancelled'); break; } die('successful web_accept'); break; } }