/** * Actions run on plugin initialization. * * A certain number of things can possibly run after * the plugin initialized. Those actions are fired from here * if the trigger is present. * * @since 3.0.0 * @return void */ public function init() { /** * Log user in. * * If we have a login in the post data we try to log the user in. * The login process relies on the WordPress core functions. If the login * is successful, the user is redirected to the page he was requesting, * otherwise the standard WordPress error messages are returned. * * @since 3.0.0 */ if (isset($_POST['wpas_login'])) { add_action('wp', 'wpas_try_login'); } /** * Register a new account. * * If wpas_registration is passed we trigger the account registration function. * The registration function will do a certain number of checks and if all of them * are successful, a new user is created using the WordPress core functions. * * The reason why we are not using a simpler process is to keep full control over * what's returned to the user and where the user is returned. * * @since 3.0.0 */ if (isset($_POST['wpas_registration'])) { add_action('wp', 'wpas_register_account', 10, 0); } /** * Run custom actions. * * The plugin can run a number of custom actions triggered by a URL parameter. * If the $action parameter is set in the URL we run this method. * * @since 3.0.0 */ if (isset($_GET['action'])) { add_action('wp', array($this, 'custom_actions')); } /** * Open a new ticket. * * If a ticket title is passed in the post we trigger the function that adds * new tickets. The function does a certain number of checks and has several * action hooks and filters. Post-insertion actions like adding post metas * and redirecting the user are run from here. * * @since 3.0.0 */ if (isset($_POST['wpas_title'])) { // Verify the nonce first if (!isset($_POST['wpas_nonce']) || !wp_verify_nonce($_POST['wpas_nonce'], 'new_ticket')) { /* Save the input */ wpas_save_values(); // Redirect to submit page wp_redirect(add_query_arg(array('message' => 4), get_permalink(wpas_get_option('ticket_submit')))); exit; } $ticket_id = wpas_open_ticket(array('title' => $_POST['wpas_title'], 'message' => $_POST['wpas_message'])); /* Submission failure */ if (false === $ticket_id) { /* Save the input */ wpas_save_values(); /** * Redirect to the newly created ticket */ $submit = wpas_get_option('ticket_submit'); wpas_redirect('ticket_added_failed', add_query_arg(array('message' => 6), get_permalink($submit)), $submit); exit; } else { /** * Empty the temporary sessions */ unset($_SESSION['wpas_submission_form']); unset($_SESSION['wpas_submission_error']); /** * Redirect to the newly created ticket */ wpas_redirect('ticket_added', get_permalink($ticket_id), $ticket_id); exit; } } /** * Save a new reply. * * This adds a new reply to an existing ticket. The ticket * can possibly be closed by the user in which case we update * the post meta if the reply submission is successful. * * @since 3.0.0 */ if (isset($_POST['wpas_user_reply'])) { /** * Define if the reply can be submitted empty or not. * * @since 3.0.0 * @var boolean */ $can_submit_empty = apply_filters('wpas_can_reply_be_empty', false); /** * Get the parent ticket ID. */ $parent_id = intval($_POST['ticket_id']); if (empty($_POST['wpas_user_reply']) && false === $can_submit_empty) { wpas_redirect('reply_not_added', add_query_arg(array('message' => wpas_create_notification(__('You cannot submit an empty reply.', 'wpas'))), get_permalink($parent_id)), $parent_id); exit; } /* Sanitize the data */ $data = array('post_content' => wp_kses($_POST['wpas_user_reply'], wp_kses_allowed_html('post'))); /* Add the reply */ $reply_id = wpas_add_reply($data, $parent_id); /* Possibly close the ticket */ if (isset($_POST['wpas_close_ticket']) && false !== $reply_id) { wpas_close_ticket(intval($_POST['ticket_id'])); } if (false === $reply_id) { wpas_redirect('reply_added_failed', add_query_arg(array('message' => '7'), get_permalink($parent_id))); exit; } else { /** * Delete the activity transient. */ delete_transient("wpas_activity_meta_post_{$parent_id}"); wpas_redirect('reply_added', add_query_arg(array('message' => '8'), get_permalink($parent_id)) . "#reply-{$reply_id}", $parent_id); exit; } } }
/** * Change the redirection URL. * * In case the upload fails we want to notify the user. * We change the redirection URL and integrate a custom message * encoded in base64 that will be interpreted by the notification class. * * @since 3.0.0 * * @param string $location Original redirection URL * * @return string New redirection URL */ public function redirect_error($location) { $url = remove_query_arg('message', $location); $message = wpas_create_notification(sprintf(__('Your reply has been correctly submitted but the attachment was not uploaded. %s', 'wpas'), $this->error_message)); $location = add_query_arg(array('message' => $message), $url); return $location; }
/** * Register user account. * * @param array|bool $data User data * * @since 1.0.0 * @return void */ function wpas_register_account($data = false) { global $post; /* Make sure registrations are open */ $registration = boolval(wpas_get_option('allow_registrations', true)); if (true !== $registration) { wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('Registrations are currently not allowed.', 'wpas')), get_permalink($post->ID)))); exit; } if (false === $data) { $data = $_POST; } $email = isset($data['email']) && !empty($data['email']) ? sanitize_email($data['email']) : false; $first_name = isset($data['first_name']) && !empty($data['first_name']) ? sanitize_text_field($data['first_name']) : false; $last_name = isset($data['last_name']) && !empty($data['last_name']) ? sanitize_text_field($data['last_name']) : false; $pwd = isset($data['pwd']) && !empty($data['pwd']) ? $data['pwd'] : false; /* Save the user information in session to pre populate the form in case of error. */ $_SESSION['wpas_registration_form'] = array('first_name' => $first_name, 'last_name' => $last_name, 'email' => $email); /** * wpas_pre_register_account hook * * This hook is triggered all the time * even if the checks don't pass. * * @since 3.0.1 */ do_action('wpas_pre_register_account', $data); if (wpas_get_option('terms_conditions', false) && !isset($data['terms'])) { wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('You did not accept the terms and conditions.', 'wpas')), get_permalink($post->ID)))); exit; } /* Make sure we have all the necessary data. */ if (false === ($email || $first_name || $last_name || $pwd)) { wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('You didn\'t correctly fill all the fields.', 'wpas')), get_permalink($post->ID)))); exit; } $username = sanitize_user(strtolower($first_name) . strtolower($last_name)); $user = get_user_by('login', $username); /* Check for existing username */ if (is_a($user, 'WP_User')) { $suffix = 1; do { $alt_username = sanitize_user($username . $suffix); $user = get_user_by('login', $alt_username); $suffix++; } while (is_a($user, 'WP_User')); $username = $alt_username; } /** * wpas_insert_user_data filter * * @since 3.1.5 * @var array User account arguments */ $args = apply_filters('wpas_insert_user_data', array('user_login' => $username, 'user_email' => $email, 'first_name' => $first_name, 'last_name' => $last_name, 'display_name' => "{$first_name} {$last_name}", 'user_pass' => $pwd, 'role' => 'wpas_user')); /** * wpas_register_account_before hook * * Fired right before the user is added to the database. */ do_action('wpas_register_account_before', $args); $user_id = wp_insert_user(apply_filters('wpas_user_registration_data', $args)); if (is_wp_error($user_id)) { /** * wpas_register_account_before hook * * Fired right after a failed attempt to register a user. * * @since 3.0.1 */ do_action('wpas_register_account_failed', $user_id, $args); $error = $user_id->get_error_message(); wp_redirect(add_query_arg(array('message' => wpas_create_notification($error), get_permalink($post->ID)))); exit; } else { /** * wpas_register_account_before hook * * Fired right after the user is successfully added to the database. * * @since 3.0.1 */ do_action('wpas_register_account_after', $user_id, $args); /* Delete the user information data from session. */ unset($_SESSION['wpas_registration_form']); wp_new_user_notification($user_id, $pwd); if (headers_sent()) { wp_redirect(add_query_arg(array('message' => wpas_create_notification(__('Your account has been created. Please log-in.', 'wpas')), get_permalink($post->ID)))); exit; } if (!is_user_logged_in()) { /* Automatically log the user in */ wp_set_current_user($user_id, $email); wp_set_auth_cookie($user_id); wp_redirect(get_permalink($post->ID)); exit; } } }
/** * Open a new ticket. * * @since 3.0.0 * @param array $data Ticket data * @return boolean */ function wpas_open_ticket($data) { $title = isset($data['title']) ? wp_strip_all_tags($data['title']) : false; $content = isset($data['message']) ? wp_kses($data['message'], wp_kses_allowed_html('post')) : false; /** * Prepare vars */ $submit = wpas_get_option('ticket_submit'); // ID of the submission page // Verify user capability if (!current_user_can('create_ticket')) { // Save the input wpas_save_values(); // Redirect to submit page wp_redirect(add_query_arg(array('message' => 11), get_permalink($submit))); // Break exit; } // Make sure we have at least a title and a message if (false === $title || empty($title)) { // Save the input wpas_save_values(); // Redirect to submit page wp_redirect(add_query_arg(array('message' => 3), get_permalink($submit))); // Break exit; } if (true === ($description_mandatory = apply_filters('wpas_ticket_submission_description_mandatory', true)) && (false === $content || empty($content))) { // Save the input wpas_save_values(); // Redirect to submit page wp_redirect(add_query_arg(array('message' => 10), get_permalink($submit))); // Break exit; } /** * Allow the submission. * * This variable is used to add additional checks in the submission process. * If the $go var is set to true, it gives a green light to this method * and the ticket will be submitted. If the var is set to false, the process * will be aborted. * * @since 3.0.0 */ $go = apply_filters('wpas_before_submit_new_ticket_checks', true); /* Check for the green light */ if (is_wp_error($go)) { /* Retrieve error messages. */ $messages = $go->get_error_messages(); /* Save the input */ wpas_save_values(); /* Redirect to submit page */ wp_redirect(add_query_arg(array('message' => wpas_create_notification($messages)), get_permalink($submit))); exit; } /** * Gather current user info */ if (is_user_logged_in()) { global $current_user; $user_id = $current_user->ID; } else { // Save the input wpas_save_values(); // Redirect to submit page wp_redirect(add_query_arg(array('message' => 5), get_permalink($submit))); // Break exit; } /** * Submit the ticket. * * Now that all the verifications are passed * we can proceed to the actual ticket submission. */ $post = array('post_content' => $content, 'post_name' => $title, 'post_title' => $title, 'post_status' => 'queued', 'post_type' => 'ticket', 'post_author' => $user_id, 'ping_status' => 'closed', 'comment_status' => 'closed'); return wpas_insert_ticket($post, false, false); }