/** * AJAX submission from admin. * @return json response */ public static function maybe_create_client() { // form maybe be serialized if (isset($_REQUEST['serialized_fields'])) { foreach ($_REQUEST['serialized_fields'] as $key => $data) { $_REQUEST[$data['name']] = $data['value']; } } if (!isset($_REQUEST['sa_client_nonce'])) { self::ajax_fail('Forget something?'); } $nonce = $_REQUEST['sa_client_nonce']; if (!wp_verify_nonce($nonce, self::SUBMISSION_NONCE)) { /** * Sometimes the nonce is mixed with one that SI provides. * This is a bit of a hack to check to see if it validates * against SI before improperly failing. */ $compatibility_check_passed = false; if (class_exists('SI_Clients')) { if (wp_verify_nonce($nonce, SI_Clients::SUBMISSION_NONCE)) { $compatibility_check_passed = true; } } if (!$compatibility_check_passed) { self::ajax_fail('Not going to fall for it!'); } } if (!current_user_can('publish_posts')) { self::ajax_fail('User cannot create new posts!'); } if (!isset($_REQUEST['sa_client_name']) || '' === $_REQUEST['sa_client_name']) { self::ajax_fail('A company name is required'); } $user_id = 0; // Attempt to create a user if (isset($_REQUEST['sa_client_email']) && '' !== $_REQUEST['sa_client_email']) { $user_args = array('user_login' => self::esc__($_REQUEST['sa_client_email']), 'display_name' => isset($_REQUEST['sa_client_name']) ? self::esc__($_REQUEST['sa_client_name']) : self::esc__($_REQUEST['sa_client_email']), 'user_pass' => wp_generate_password(), 'user_email' => isset($_REQUEST['sa_client_email']) ? self::esc__($_REQUEST['sa_client_email']) : '', 'first_name' => isset($_REQUEST['sa_client_first_name']) ? self::esc__($_REQUEST['sa_client_first_name']) : '', 'last_name' => isset($_REQUEST['sa_client_last_name']) ? self::esc__($_REQUEST['sa_client_last_name']) : '', 'user_url' => isset($_REQUEST['sa_client_website']) ? self::esc__($_REQUEST['sa_client_website']) : ''); $user_id = self::create_user($user_args); } // Create the client $address = array('street' => isset($_REQUEST['sa_client_street']) ? self::esc__($_REQUEST['sa_client_street']) : '', 'city' => isset($_REQUEST['sa_client_city']) ? self::esc__($_REQUEST['sa_client_city']) : '', 'zone' => isset($_REQUEST['sa_client_zone']) ? self::esc__($_REQUEST['sa_client_zone']) : '', 'postal_code' => isset($_REQUEST['sa_client_postal_code']) ? self::esc__($_REQUEST['sa_client_postal_code']) : '', 'country' => isset($_REQUEST['sa_client_country']) ? self::esc__($_REQUEST['sa_client_country']) : ''); $args = array('company_name' => isset($_REQUEST['sa_client_name']) ? self::esc__($_REQUEST['sa_client_name']) : '', 'website' => isset($_REQUEST['sa_client_website']) ? self::esc__($_REQUEST['sa_client_website']) : '', 'address' => $address, 'user_id' => $user_id); $client_id = Sprout_Client::new_client($args); $response = array('id' => $client_id, 'title' => get_the_title($client_id)); header('Content-type: application/json'); if (self::DEBUG) { header('Access-Control-Allow-Origin: *'); } echo wp_json_encode($response); exit; }