/**
* Determines the receipt visibility status
*
* @since 1.3.2
*
* @param string $payment_key
*
* @return bool Whether the receipt is visible or not.
*/
function give_can_view_receipt($payment_key = '')
{
$return = false;
if (empty($payment_key)) {
return $return;
}
global $give_receipt_args;
$give_receipt_args['id'] = give_get_purchase_id_by_key($payment_key);
$user_id = (int) give_get_payment_user_id($give_receipt_args['id']);
$payment_meta = give_get_payment_meta($give_receipt_args['id']);
if (is_user_logged_in()) {
if ($user_id === (int) get_current_user_id()) {
$return = true;
} elseif (wp_get_current_user()->user_email === give_get_payment_user_email($give_receipt_args['id'])) {
$return = true;
} elseif (current_user_can('view_give_sensitive_data')) {
$return = true;
}
}
$session = give_get_purchase_session();
if (!empty($session) && !is_user_logged_in()) {
if ($session['purchase_key'] === $payment_meta['key']) {
$return = true;
}
}
return (bool) apply_filters('give_can_view_receipt', $return, $payment_key);
}
/**
* Receipt Shortcode.
*
* Shows a donation receipt.
*
* @since 1.0
*
* @param array $atts Shortcode attributes.
* @param string $content
*
* @return string
*/
function give_receipt_shortcode($atts, $content = null)
{
global $give_receipt_args, $payment;
$give_receipt_args = shortcode_atts(array('error' => esc_html__('Sorry, you are missing the payment key to view this donation receipt.', 'give'), 'price' => true, 'donor' => true, 'date' => true, 'payment_key' => false, 'payment_method' => true, 'payment_id' => true), $atts, 'give_receipt');
//set $session var
$session = give_get_purchase_session();
//set payment key var
if (isset($_GET['payment_key'])) {
$payment_key = urldecode($_GET['payment_key']);
} elseif ($session) {
$payment_key = $session['purchase_key'];
} elseif ($give_receipt_args['payment_key']) {
$payment_key = $give_receipt_args['payment_key'];
}
$email_access = give_get_option('email_access');
// No payment_key found & Email Access is Turned on:
if (!isset($payment_key) && $email_access == 'on' && !Give()->email_access->token_exists) {
ob_start();
give_get_template_part('email-login-form');
return ob_get_clean();
} elseif (!isset($payment_key)) {
return give_output_error($give_receipt_args['error'], false, 'error');
}
$payment_id = give_get_purchase_id_by_key($payment_key);
$user_can_view = give_can_view_receipt($payment_key);
// Key was provided, but user is logged out. Offer them the ability to login and view the receipt.
if (!$user_can_view && $email_access == 'on' && !Give()->email_access->token_exists) {
ob_start();
give_get_template_part('email-login-form');
return ob_get_clean();
} elseif (!$user_can_view) {
global $give_login_redirect;
$give_login_redirect = give_get_current_page_url();
ob_start();
give_output_error(apply_filters('give_must_be_logged_in_error_message', esc_html__('You must be logged in to view this donation payment receipt.', 'give')));
give_get_template_part('shortcode', 'login');
$login_form = ob_get_clean();
return $login_form;
}
/*
* Check if the user has permission to view the receipt.
*
* If user is logged in, user ID is compared to user ID of ID stored in payment meta
* or if user is logged out and purchase was made as a guest, the purchase session is checked for
* or if user is logged in and the user can view sensitive shop data.
*
*/
if (!apply_filters('give_user_can_view_receipt', $user_can_view, $give_receipt_args)) {
return give_output_error($give_receipt_args['error'], false, 'error');
}
ob_start();
give_get_template_part('shortcode', 'receipt');
$display = ob_get_clean();
return $display;
}
/**
* Receipt Shortcode
*
* Shows an order receipt.
*
* @since 1.0
*
* @param array $atts Shortcode attributes
* @param string $content
*
* @return string
*/
function give_receipt_shortcode($atts, $content = null)
{
global $give_receipt_args, $payment;
//set $session var
$session = give_get_purchase_session();
//set payment key var
if (isset($_GET['payment_key'])) {
$payment_key = urldecode($_GET['payment_key']);
} elseif ($give_receipt_args['payment_key']) {
$payment_key = $give_receipt_args['payment_key'];
} else {
if ($session) {
$payment_key = $session['purchase_key'];
}
}
ob_start();
//Check for payment key
if (empty($payment_key)) {
?>
<div class="give_errors">
<p class="give_error"><?php
echo apply_filters('give_receipt_no_payment_key', __('Sorry, there was a problem identifying this donation. Please contact the site owner for more information.', 'give'));
?>
</p>
</div>
<?php
return ob_get_clean();
//return error
}
//Set our important payment information variables
$give_receipt_args['id'] = give_get_purchase_id_by_key($payment_key);
$donor_id = give_get_payment_user_id($give_receipt_args['id']);
$payment = get_post($give_receipt_args['id']);
$give_receipt_args = shortcode_atts(array('error' => __('Sorry, it appears the viewing window for this donation receipt has expired or you do not have the permission to view this donation receipt.', 'give'), 'price' => true, 'date' => true, 'notes' => true, 'payment_key' => false, 'payment_method' => true, 'payment_id' => true), $atts, 'give_receipt');
//Is registration open? If so, add better error messaging to tell user their session expired
if (get_option('users_can_register')) {
$email = get_post_meta($payment->ID, '_give_payment_user_email', true);
$donation_history = get_permalink(give_get_option('history_page'));
$give_receipt_args['error'] .= sprintf(__(' To view your receipt, please <a href="%s">create an account</a> using the following email %s (the email attached to this donation) and visit the <a href="%s">donation history page</a>'), wp_registration_url(), '<strong>' . $email . '</strong>', $donation_history);
}
/*
* Check if the user has permission to view the receipt
*
* If user is logged in, user ID is compared to user ID of ID stored in payment meta
*
* Or if user is logged out and donation was made as a guest, the donation session is checked for
*
* Or if user is logged in and the user can view sensitive donor data
*/
$user_can_view = is_user_logged_in() && $donor_id == get_current_user_id() || ($donor_id == 0 || $donor_id == '-1') && !is_user_logged_in() && give_get_purchase_session() || current_user_can('view_give_sensitive_data');
if (!apply_filters('give_user_can_view_receipt', $user_can_view, $give_receipt_args)) {
?>
<div class="give_errors">
<p class="give_error"><?php
echo $give_receipt_args['error'];
?>
</p>
</div>
<?php
return ob_get_clean();
//
?>
<?php
}
give_get_template_part('shortcode', 'receipt');
$display = ob_get_clean();
return $display;
}
/**
* PayPal Success Page
*
* Shows "Donation Processing" message for PayPal payments that are still pending on site return
*
* @since 1.0
*
* @param $content
*
* @return string
*
*/
function give_paypal_success_page_content($content)
{
if (!isset($_GET['payment-id']) && !give_get_purchase_session()) {
return $content;
}
$payment_id = isset($_GET['payment-id']) ? absint($_GET['payment-id']) : false;
if (!$payment_id) {
$session = give_get_purchase_session();
$payment_id = give_get_purchase_id_by_key($session['purchase_key']);
}
$payment = get_post($payment_id);
if ($payment && 'pending' == $payment->post_status) {
// Payment is still pending so show processing indicator to fix the race condition.
ob_start();
give_get_template_part('payment', 'processing');
$content = ob_get_clean();
}
return $content;
}
/**
* Receipt Shortcode
*
* Shows an order receipt.
*
* @since 1.0
*
* @param array $atts Shortcode attributes
* @param string $content
*
* @return string
*/
function give_receipt_shortcode($atts, $content = null)
{
global $give_receipt_args, $payment;
$give_receipt_args = shortcode_atts(array('error' => __('Sorry, it appears the viewing window for this donation receipt has expired or you do not have the permission to view this donation receipt.', 'give'), 'price' => true, 'date' => true, 'payment_key' => false, 'payment_method' => true, 'payment_id' => true), $atts, 'give_receipt');
//set $session var
$session = give_get_purchase_session();
//set payment key var
if (isset($_GET['payment_key'])) {
$payment_key = urldecode($_GET['payment_key']);
} elseif ($session) {
$payment_key = $session['purchase_key'];
} elseif ($give_receipt_args['payment_key']) {
$payment_key = $give_receipt_args['payment_key'];
}
// No key found
if (!isset($payment_key)) {
return '<div class="give_errors"><p class="give_error">' . $give_receipt_args['error'] . '</p></div>';
}
$payment_id = give_get_purchase_id_by_key($payment_key);
$user_can_view = give_can_view_receipt($payment_key);
// Key was provided, but user is logged out. Offer them the ability to login and view the receipt
if (!$user_can_view && !empty($payment_key) && !is_user_logged_in() && !give_is_guest_payment($payment_id)) {
global $give_login_redirect;
$give_login_redirect = give_get_current_page_url();
ob_start();
echo '<div class="give_errors"><p class="give_error">' . __('You must be logged in to view this payment receipt.', 'give') . '</p></div>';
give_get_template_part('shortcode', 'login');
$login_form = ob_get_clean();
return $login_form;
}
/*
* Check if the user has permission to view the receipt
*
* If user is logged in, user ID is compared to user ID of ID stored in payment meta
*
* Or if user is logged out and purchase was made as a guest, the purchase session is checked for
*
* Or if user is logged in and the user can view sensitive shop data
*
*/
if (!apply_filters('give_user_can_view_receipt', $user_can_view, $give_receipt_args)) {
return '<p class="edd-alert edd-alert-error">' . $give_receipt_args['error'] . '</p>';
}
ob_start();
give_get_template_part('shortcode', 'receipt');
$display = ob_get_clean();
return $display;
}
