/**
* wpsc_display_form_fields()
*
* This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
* i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
* via 'wpsc_account_form_field_your-billing-details'.
*
* @global <type> $wpdb
* @global <type> $user_ID
* @global <type> $wpsc_purchlog_statuses
* @global <type> $gateway_checkout_form_fields
*/
function wpsc_display_form_fields()
{
// Field display and Data saving function
global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout;
if (empty($wpsc_checkout)) {
$wpsc_checkout = new wpsc_checout();
}
$meta_data = wpsc_get_customer_meta('checkout_details');
$meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID);
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_set`, `checkout_order`;";
$form_data = $wpdb->get_results($form_sql, ARRAY_A);
foreach ($form_data as $form_field) {
if (!empty($form_field['unique_name'])) {
$ff_tag = $form_field['unique_name'];
} else {
$ff_tag = esc_html(strtolower(str_replace(' ', '-', $form_field['name'])));
}
if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
$meta_data[$form_field['id']] = esc_html($meta_data[$form_field['id']]);
}
if ($form_field['type'] == 'heading') {
echo "\n <tr>\n <td colspan='2'>\n\r";
echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, esc_html($form_field['name'])) . "</strong>";
echo "\n </td>\n </tr>\n\r";
} else {
$display = '';
if (in_array($form_field['unique_name'], array('shippingstate', 'billingstate'))) {
if ($form_field['unique_name'] == 'shippingstate') {
$country_field_id = wpsc_get_country_form_id_by_type('delivery_country');
} else {
$country_field_id = wpsc_get_country_form_id_by_type('country');
}
$country = is_array($meta_data[$country_field_id]) ? $meta_data[$country_field_id][0] : $meta_data[$country_field_id];
if (wpsc_has_regions($country)) {
$display = ' style="display:none;"';
}
}
echo "\n\t\t <tr{$display}>\n \t\t <td align='left'>\n\r";
echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
if ($form_field['mandatory'] == 1) {
echo " *";
}
echo "\n \t\t</td>\n\r\n \t\t<td align='left'>\n\r";
switch ($form_field['type']) {
case "city":
case "delivery_city":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "address":
case "delivery_address":
case "textarea":
echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
break;
case "text":
$value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "region":
case "delivery_region":
echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
break;
case "country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
$html_id = 'wpsc-profile-billing-country';
$js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\"";
echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (wpsc_has_regions($country_code)) {
$region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : '';
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>";
}
break;
case "delivery_country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
$html_id = 'wpsc-profile-shipping-country';
$js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\"";
echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (wpsc_has_regions($country_code)) {
$region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : '';
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>";
}
break;
case "email":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "select":
$options = $wpsc_checkout->get_checkout_options($form_field['id']);
$selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null;
?>
<select name='collected_data[<?php
echo esc_attr($form_field['id']);
?>
]'>
<option value="-1"><?php
_ex('Select an Option', 'Dropdown default on user log page', 'wpsc');
?>
</option>
<?php
foreach ($options as $label => $value) {
?>
<option <?php
selected($value, $selected);
?>
value="<?php
echo esc_attr($value);
?>
"><?php
echo esc_html($label);
?>
</option>
<?php
}
?>
</select>
<?php
break;
case 'checkbox':
case 'radio':
$checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array();
$options = $wpsc_checkout->get_checkout_options($form_field['id']);
$field_name = "collected_data[{$form_field['id']}]";
if ($form_field['type'] == 'checkbox') {
$field_name .= '[]';
}
foreach ($options as $label => $value) {
?>
<label>
<input <?php
checked(in_array($value, $checked_values));
?>
type="<?php
echo $form_field['type'];
?>
" id="" name="collected_data[<?php
echo esc_attr($form_field['id']);
?>
][]" value="<?php
echo esc_attr($value);
?>
" />
<?php
echo esc_html($label);
?>
</label><br />
<?php
}
break;
default:
$value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
}
echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile');
echo "\n </td>\n </tr>\n\r";
}
}
/* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check
* functionality and PCI_DSS compliance
if ( isset( $gateway_checkout_form_fields ) )
{
echo $gateway_checkout_form_fields;
}
*/
}
/**
* form_field method, returns the form html
* @access public
*/
function form_field()
{
global $wpdb, $user_ID;
if ($user_ID > 0) {
if (!isset($_SESSION['wpsc_checkout_saved_values'])) {
$_SESSION['wpsc_checkout_saved_values'] = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
}
$delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
$billing_country_id = wpsc_get_country_form_id_by_type('country');
}
$saved_form_data = @htmlentities(stripslashes((string) $_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id]), ENT_QUOTES, 'UTF-8');
$an_array = '';
if (function_exists('wpsc_get_ticket_checkout_set')) {
if ($this->checkout_item->checkout_set == wpsc_get_ticket_checkout_set()) {
$an_array = '[]';
}
}
switch ($this->checkout_item->type) {
case "address":
case "delivery_address":
case "textarea":
$output = "<textarea title='" . $this->checkout_item->unique_name . "' class='text' id='" . $this->form_element_id() . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' rows='3' cols='40' >" . $saved_form_data . "</textarea>";
break;
case "checkbox":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
$i = mt_rand();
foreach ($options as $label => $value) {
$output .= "<input type='hidden' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "' value='-1' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/><input type='checkbox' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "' value='" . esc_attr($value) . "' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/> ";
$output .= "<label for='" . $this->form_element_id() . "'>" . $label . "</label>";
}
}
break;
case "country":
$output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_selected_country'], $_SESSION['wpsc_selected_region'], $this->form_element_id());
break;
case "delivery_country":
if (wpsc_uses_shipping()) {
$country_name = $wpdb->get_var("SELECT `country` FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `isocode`='" . $_SESSION['wpsc_delivery_country'] . "' LIMIT 1");
$output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_country' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_country']) . "' size='4' /><span class='shipping_country_name'>" . $country_name . "</span> ";
} else {
$checkoutfields = true;
$output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_delivery_country'], $_SESSION['wpsc_delivery_region'], $this->form_element_id(), $checkoutfields);
}
break;
case "select":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
$output = "<select name='collected_data[{$this->checkout_item->id}]" . $an_array . "'>";
$output .= "<option value='-1'>Select an Option</option>";
foreach ((array) $options as $label => $value) {
$value = esc_attr(str_replace(' ', '', $value));
$output .= "<option value='" . esc_attr($value) . "'>" . esc_html($label) . "</option>\n\r";
}
$output .= "</select>";
}
break;
case "radio":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
$i = mt_rand();
foreach ((array) $options as $label => $value) {
$output .= "<input type='radio' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "'value='" . esc_attr($value) . "' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/> ";
$output .= "<label for='" . $this->form_element_id() . "'>" . $label . "</label>";
}
}
break;
case "text":
case "city":
case "delivery_city":
case "email":
case "coupon":
default:
if ($this->checkout_item->unique_name == 'shippingstate') {
if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_delivery_country'])) {
$region_name = $wpdb->get_var("SELECT `name` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id`='" . $_SESSION['wpsc_delivery_region'] . "' LIMIT 1");
$output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_region' name='collected_data[{$this->checkout_item->id}]' value='" . $_SESSION['wpsc_delivery_region'] . "' size='4' /><span class='shipping_region_name'>" . $region_name . "</span> ";
} else {
$disabled = '';
if (wpsc_disregard_shipping_state_fields()) {
$disabled = 'disabled = "disabled"';
}
$output = "<input class='shipping_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />";
}
} elseif ($this->checkout_item->unique_name == 'billingstate') {
if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_selected_country'])) {
$output = '';
} else {
$disabled = '';
if (wpsc_disregard_billing_state_fields()) {
$disabled = 'disabled = "disabled"';
}
$output = "<input class='billing_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />";
}
} else {
$output = "<input title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' class='text' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' />";
}
break;
}
return $output;
}
/**
* validate_forms method, validates the input from the checkout page
* @access public
*/
function validate_forms()
{
global $wpsc_cart, $wpdb, $current_user, $user_ID, $wpsc_gateway_error_messages, $wpsc_checkout_error_messages, $wpsc_customer_checkout_details, $wpsc_registration_error_messages;
$any_bad_inputs = false;
$bad_input_message = '';
$wpsc_gateway_error_messages = array();
$wpsc_checkout_error_messages = array();
$wpsc_registration_error_messages = array();
// Credit Card Number Validation for PayPal Pro and maybe others soon
if (isset($_POST['card_number'])) {
//should do some php CC validation here~
} else {
$wpsc_gateway_error_messages['card_number'] = '';
}
if (isset($_POST['card_number1']) && isset($_POST['card_number2']) && isset($_POST['card_number3']) && isset($_POST['card_number4'])) {
if ($_POST['card_number1'] != '' && $_POST['card_number2'] != '' && $_POST['card_number3'] != '' && $_POST['card_number4'] != '' && is_numeric($_POST['card_number1']) && is_numeric($_POST['card_number2']) && is_numeric($_POST['card_number3']) && is_numeric($_POST['card_number4'])) {
$wpsc_gateway_error_messages['card_number'] = '';
} else {
$any_bad_inputs = true;
$bad_input = true;
$wpsc_gateway_error_messages['card_number'] = __('Please enter a valid card number.', 'wpsc');
$wpsc_customer_checkout_details['card_number'] = '';
}
}
if (isset($_POST['expiry'])) {
if (!empty($_POST['expiry']['month']) && !empty($_POST['expiry']['month']) && is_numeric($_POST['expiry']['month']) && is_numeric($_POST['expiry']['year'])) {
$wpsc_gateway_error_messages['expdate'] = '';
} else {
$any_bad_inputs = true;
$bad_input = true;
$wpsc_gateway_error_messages['expdate'] = __('Please enter a valid expiry date.', 'wpsc');
$wpsc_customer_checkout_details['expdate'] = '';
}
}
if (isset($_POST['card_code'])) {
if (empty($_POST['card_code']) || !is_numeric($_POST['card_code'])) {
$any_bad_inputs = true;
$bad_input = true;
$wpsc_gateway_error_messages['card_code'] = __('Please enter a valid CVV.', 'wpsc');
$wpsc_customer_checkout_details['card_code'] = '';
} else {
$wpsc_gateway_error_messages['card_code'] = '';
}
}
if (isset($_POST['cctype'])) {
if ($_POST['cctype'] == '') {
$any_bad_inputs = true;
$bad_input = true;
$wpsc_gateway_error_messages['cctype'] = __('Please enter a valid CVV.', 'wpsc');
$wpsc_customer_checkout_details['cctype'] = '';
} else {
$wpsc_gateway_error_messages['cctype'] = '';
}
}
if (isset($_POST['log']) || isset($_POST['pwd']) || isset($_POST['user_email'])) {
$results = wpsc_add_new_user($_POST['log'], $_POST['pwd'], $_POST['user_email']);
if (is_callable(array($results, "get_error_code")) && $results->get_error_code()) {
foreach ($results->get_error_codes() as $code) {
foreach ($results->get_error_messages($code) as $error) {
$wpsc_registration_error_messages[] = $error;
}
$any_bad_inputs = true;
}
}
if ($results->ID > 0) {
$our_user_id = $results->ID;
} else {
$any_bad_inputs = true;
$our_user_id = '';
}
}
if (isset($our_user_id) && $our_user_id < 1) {
$our_user_id = $user_ID;
}
// check we have a user id
if (isset($our_user_id) && $our_user_id > 0) {
$user_ID = $our_user_id;
}
$location_changed = false;
//Basic Form field validation for billing and shipping details
foreach ($this->checkout_items as $form_data) {
$value = '';
if (isset($_POST['collected_data'][$form_data->id])) {
$value = stripslashes_deep($_POST['collected_data'][$form_data->id]);
}
$wpsc_customer_checkout_details[$form_data->id] = $value;
$bad_input = false;
if ($form_data->mandatory == 1 || $form_data->type == "coupon") {
// dirty hack
if ($form_data->unique_name == 'billingstate' && empty($value)) {
$billing_country_id = $wpdb->get_var("SELECT `" . WPSC_TABLE_CHECKOUT_FORMS . "`.`id` FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `unique_name` = 'billingcountry' AND active = '1' ");
$value = $_POST['collected_data'][$billing_country_id][1];
}
switch ($form_data->type) {
case "email":
if (!preg_match("/^[a-zA-Z0-9._-]+@[a-zA-Z0-9-.]+\\.[a-zA-Z]{2,5}\$/", $value)) {
$any_bad_inputs = true;
$bad_input = true;
}
break;
case "delivery_country":
case "country":
case "heading":
break;
case "select":
if ($value == '-1') {
$any_bad_inputs = true;
$bad_input = true;
}
break;
default:
if ($value == null) {
$any_bad_inputs = true;
$bad_input = true;
}
break;
}
if ($bad_input === true) {
$wpsc_checkout_error_messages[$form_data->id] = sprintf(__('Please enter a valid <span class="wpsc_error_msg_field_name">%s</span>.', 'wpsc'), esc_attr($form_data->name));
$wpsc_customer_checkout_details[$form_data->id] = '';
}
}
if (!$bad_input) {
if ($form_data->unique_name == 'shippingstate') {
$shipping_country_field_id = wpsc_get_country_form_id_by_type('delivery_country');
$shipping_country = $_POST['collected_data'][$shipping_country_field_id];
if (!is_array($shipping_country) || !isset($shipping_country[1])) {
wpsc_update_customer_meta('billing_region', $value);
$location_changed = true;
}
} elseif ($form_data->unique_name == 'billingstate') {
$billing_country_field_id = wpsc_get_country_form_id_by_type('country');
$billing_country = $_POST['collected_data'][$billing_country_field_id];
if (!is_array($billing_country) || !isset($billing_country[1])) {
wpsc_update_customer_meta('billing_region', $value);
$location_changed = true;
}
}
}
}
wpsc_update_customer_meta('checkout_error_messages', $wpsc_checkout_error_messages);
wpsc_update_customer_meta('gateway_error_messages', $wpsc_gateway_error_messages);
wpsc_update_customer_meta('registration_error_messages', $wpsc_registration_error_messages);
$filtered_checkout_details = apply_filters('wpsc_update_customer_checkout_details', $wpsc_customer_checkout_details);
// legacy filter
if (is_user_logged_in()) {
$filtered_checkout_details = apply_filters('wpsc_checkout_user_profile_update', $wpsc_customer_checkout_details, get_current_user_id());
}
wpsc_update_customer_meta('checkout_details', $filtered_checkout_details);
if ($location_changed) {
$wpsc_cart->update_location();
}
$states = array('is_valid' => !$any_bad_inputs, 'error_messages' => $bad_input_message);
$states = apply_filters('wpsc_checkout_form_validation', $states);
return $states;
}
/**
* wpsc_display_form_fields()
*
* This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
* i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
* via 'wpsc_account_form_field_your-billing-details'.
*
* @global <type> $wpdb
* @global <type> $user_ID
* @global <type> $wpsc_purchlog_statuses
* @global <type> $gateway_checkout_form_fields
*/
function wpsc_display_form_fields()
{
// Field display and Data saving function
global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout;
if (empty($wpsc_checkout)) {
$wpsc_checkout = new WPSC_Checkout();
}
$meta_data = null;
$saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';";
$saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A);
$meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
$meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID);
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;";
$form_data = $wpdb->get_results($form_sql, ARRAY_A);
foreach ($form_data as $form_field) {
if (!empty($form_field['unique_name'])) {
$ff_tag = $form_field['unique_name'];
} else {
$ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8');
}
if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
$meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8');
}
if ($form_field['type'] == 'heading') {
echo "\n <tr>\n <td colspan='2'>\n\r";
echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>";
echo "\n </td>\n </tr>\n\r";
} else {
$continue = true;
if ($form_field['unique_name'] == 'billingstate') {
$selected_country_id = wpsc_get_country_form_id_by_type('country');
if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) {
$continue = false;
} else {
$continue = true;
}
}
if ($form_field['unique_name'] == 'shippingstate') {
$delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) {
$shipping_form_field = $form_field;
$continue = false;
} else {
$continue = true;
}
}
if ($continue) {
echo "\n\t\t\t <tr>\n\t \t\t <td align='left'>\n\r";
echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
if ($form_field['mandatory'] == 1) {
echo " *";
}
echo "\n\t \t\t</td>\n\r\n\t \t\t<td align='left'>\n\r";
}
switch ($form_field['type']) {
case "city":
case "delivery_city":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "address":
case "delivery_address":
case "textarea":
echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
break;
case "text":
$value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
if ($continue) {
echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
} elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($value)) {
}
break;
case "region":
case "delivery_region":
echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
break;
case "country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (isset($meta_data[$form_field['id']][1])) {
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
}
break;
case "delivery_country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (is_array($meta_data[$form_field['id']])) {
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
} elseif (isset($shipping_form_field)) {
echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>";
}
break;
case "email":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "select":
$options = $wpsc_checkout->get_checkout_options($form_field['id']);
$selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null;
?>
<select name='collected_data["<?php
echo esc_attr($form_field['id']);
?>
"]'>
<option value="-1"><?php
_ex('Select an Option', 'Dropdown default on user log page', 'wpsc');
?>
</option>
<?php
foreach ($options as $label => $value) {
?>
<option <?php
selected($value, $selected);
?>
value="<?php
echo esc_attr($value);
?>
"><?php
echo esc_html($label);
?>
</option>
<?php
}
?>
</select>
<?php
break;
case 'checkbox':
case 'radio':
$checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array();
$options = $wpsc_checkout->get_checkout_options($form_field['id']);
$field_name = "collected_data[{$form_field['id']}]";
if ($form_field['type'] == 'checkbox') {
$field_name .= '[]';
}
foreach ($options as $label => $value) {
?>
<label>
<input <?php
checked(in_array($value, $checked_values));
?>
type="<?php
echo $form_field['type'];
?>
" id="" name="collected_data[<?php
echo esc_attr($form_field['id']);
?>
][]" value="<?php
echo esc_attr($value);
?>
" />
<?php
echo esc_html($label);
?>
</label><br />
<?php
}
break;
default:
$value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
}
echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile');
echo "\n </td>\n </tr>\n\r";
}
}
/* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check
* functionality and PCI_DSS compliance
if ( isset( $gateway_checkout_form_fields ) )
{
echo $gateway_checkout_form_fields;
}
*/
}
/**
* wpsc_display_form_fields()
*
* This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
* i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
* via 'wpsc_account_form_field_your-billing-details'.
*
* @global <type> $wpdb
* @global <type> $user_ID
* @global <type> $wpsc_purchlog_statuses
* @global <type> $gateway_checkout_form_fields
*/
function wpsc_display_form_fields()
{
// Field display and Data saving function
global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields;
$meta_data = null;
$saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';";
$saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A);
$meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
$form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;";
$form_data = $wpdb->get_results($form_sql, ARRAY_A);
foreach ($form_data as $form_field) {
if (!empty($form_field['unique_name'])) {
$ff_tag = $form_field['unique_name'];
} else {
$ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8');
}
if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
$meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8');
}
if ($form_field['type'] == 'heading') {
echo "\n <tr>\n <td colspan='2'>\n\r";
echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>";
echo "\n </td>\n </tr>\n\r";
} else {
$continue = true;
if ($form_field['unique_name'] == 'billingstate') {
$selected_country_id = wpsc_get_country_form_id_by_type('country');
if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) {
$continue = false;
} else {
$continue = true;
}
}
if ($form_field['unique_name'] == 'shippingstate') {
$delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) {
$shipping_form_field = $form_field;
$continue = false;
} else {
$continue = true;
}
}
if ($continue) {
echo "\n\t\t\t <tr>\n\t \t\t <td align='left'>\n\r";
echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
if ($form_field['mandatory'] == 1) {
echo " *";
}
echo "\n\t \t\t</td>\n\r\n\t \t\t<td align='left'>\n\r";
}
switch ($form_field['type']) {
case "city":
case "delivery_city":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
case "address":
case "delivery_address":
case "textarea":
echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
break;
case "text":
if ($continue) {
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
} elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($meta_data[$form_field['id']])) {
}
break;
case "region":
case "delivery_region":
echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
break;
case "country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (isset($meta_data[$form_field['id']][1])) {
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
}
break;
case "delivery_country":
if (is_array($meta_data[$form_field['id']])) {
$country_code = $meta_data[$form_field['id']][0];
} else {
$country_code = $meta_data[$form_field['id']];
}
echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
if (is_array($meta_data[$form_field['id']])) {
echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
} elseif (isset($shipping_form_field)) {
echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>";
}
break;
case "email":
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
default:
echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
break;
}
echo "\n </td>\n </tr>\n\r";
}
}
/* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check
* functionality and PCI_DSS compliance
if ( isset( $gateway_checkout_form_fields ) )
{
echo $gateway_checkout_form_fields;
}
*/
}
/**
* form_field method, returns the form html
* @access public
*/
function form_field()
{
global $wpdb, $user_ID;
if ($user_ID > 0) {
if (!isset($_SESSION['wpsc_checkout_saved_values'])) {
$meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
$meta_data = apply_filters('wpsc_checkout_user_profile_get', $user_ID, $meta_data);
$_SESSION['wpsc_checkout_saved_values'] = $meta_data;
}
$delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
$billing_country_id = wpsc_get_country_form_id_by_type('country');
}
$saved_form_data = isset($_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id]) ? $_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id] : null;
$an_array = '';
if (function_exists('wpsc_get_ticket_checkout_set')) {
if ($this->checkout_item->checkout_set == wpsc_get_ticket_checkout_set()) {
$an_array = '[]';
}
}
$output = '';
switch ($this->checkout_item->type) {
case "address":
case "delivery_address":
case "textarea":
$output .= "<textarea title='" . $this->checkout_item->unique_name . "' class='text' id='" . $this->form_element_id() . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' rows='3' cols='40' >" . esc_html((string) $saved_form_data) . "</textarea>";
break;
case "checkbox":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
$i = mt_rand();
foreach ($options as $label => $value) {
?>
<label>
<input <?php
checked(in_array($value, (array) $saved_form_data));
?>
type="checkbox" name="collected_data[<?php
echo esc_attr($this->checkout_item->id);
?>
]<?php
echo $an_array;
?>
[]" value="<?php
echo esc_attr($value);
?>
" />
<?php
echo esc_html($label);
?>
</label>
<?php
}
}
break;
case "country":
$output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_selected_country'], $_SESSION['wpsc_selected_region'], $this->form_element_id());
break;
case "delivery_country":
if (wpsc_uses_shipping()) {
$country_name = $wpdb->get_var($wpdb->prepare("SELECT `country` FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `isocode`= %s LIMIT 1", $_SESSION['wpsc_delivery_country']));
$output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_country' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_country']) . "' size='4' /><span class='shipping_country_name'>" . $country_name . "</span> ";
} else {
$checkoutfields = true;
$output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_delivery_country'], $_SESSION['wpsc_delivery_region'], $this->form_element_id(), $checkoutfields);
}
break;
case "select":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
$output = "<select name='collected_data[{$this->checkout_item->id}]" . $an_array . "'>";
$output .= "<option value='-1'>" . _x('Select an Option', 'Dropdown default when called within checkout class', 'wpsc') . "</option>";
foreach ((array) $options as $label => $value) {
$value = esc_attr(str_replace(' ', '', $value));
$output .= "<option " . selected($value, $saved_form_data, false) . " value='" . esc_attr($value) . "'>" . esc_html($label) . "</option>\n\r";
}
$output .= "</select>";
}
break;
case "radio":
$options = $this->get_checkout_options($this->checkout_item->id);
if ($options != '') {
foreach ((array) $options as $label => $value) {
?>
<label>
<input type="radio" <?php
checked($value, $saved_form_data);
?>
name="collected_data[<?php
echo esc_attr($this->checkout_item->id);
?>
]<?php
echo $an_array;
?>
" value="<?php
echo esc_attr($value);
?>
" />
<?php
echo esc_html($label);
?>
</label>
<?php
}
}
break;
case "text":
case "city":
case "delivery_city":
case "email":
case "coupon":
default:
if ($this->checkout_item->unique_name == 'shippingstate') {
if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_delivery_country'])) {
$region_name = $wpdb->get_var($wpdb->prepare("SELECT `name` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id`= %d LIMIT 1", $_SESSION['wpsc_delivery_region']));
$output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_region' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_region']) . "' size='4' /><span class='shipping_region_name'>" . esc_html($region_name) . "</span> ";
} else {
$disabled = '';
if (wpsc_disregard_shipping_state_fields()) {
$disabled = 'disabled = "disabled"';
}
$output = "<input class='shipping_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />";
}
} elseif ($this->checkout_item->unique_name == 'billingstate') {
if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_selected_country'])) {
$output = '';
} else {
$disabled = '';
if (wpsc_disregard_billing_state_fields()) {
$disabled = 'disabled = "disabled"';
}
$output = "<input class='billing_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />";
}
} else {
$output = "<input title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' class='text' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' />";
}
break;
}
return $output;
}
