/** * wpsc_display_form_fields() * * This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename. * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered * via 'wpsc_account_form_field_your-billing-details'. * * @global <type> $wpdb * @global <type> $user_ID * @global <type> $wpsc_purchlog_statuses * @global <type> $gateway_checkout_form_fields */ function wpsc_display_form_fields() { // Field display and Data saving function global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout; if (empty($wpsc_checkout)) { $wpsc_checkout = new wpsc_checout(); } $meta_data = wpsc_get_customer_meta('checkout_details'); $meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID); $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_set`, `checkout_order`;"; $form_data = $wpdb->get_results($form_sql, ARRAY_A); foreach ($form_data as $form_field) { if (!empty($form_field['unique_name'])) { $ff_tag = $form_field['unique_name']; } else { $ff_tag = esc_html(strtolower(str_replace(' ', '-', $form_field['name']))); } if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) { $meta_data[$form_field['id']] = esc_html($meta_data[$form_field['id']]); } if ($form_field['type'] == 'heading') { echo "\n <tr>\n <td colspan='2'>\n\r"; echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, esc_html($form_field['name'])) . "</strong>"; echo "\n </td>\n </tr>\n\r"; } else { $display = ''; if (in_array($form_field['unique_name'], array('shippingstate', 'billingstate'))) { if ($form_field['unique_name'] == 'shippingstate') { $country_field_id = wpsc_get_country_form_id_by_type('delivery_country'); } else { $country_field_id = wpsc_get_country_form_id_by_type('country'); } $country = is_array($meta_data[$country_field_id]) ? $meta_data[$country_field_id][0] : $meta_data[$country_field_id]; if (wpsc_has_regions($country)) { $display = ' style="display:none;"'; } } echo "\n\t\t <tr{$display}>\n \t\t <td align='left'>\n\r"; echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']); if ($form_field['mandatory'] == 1) { echo " *"; } echo "\n \t\t</td>\n\r\n \t\t<td align='left'>\n\r"; switch ($form_field['type']) { case "city": case "delivery_city": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "address": case "delivery_address": case "textarea": echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>"; break; case "text": $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : ''; echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "region": case "delivery_region": echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>"; break; case "country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } $html_id = 'wpsc-profile-billing-country'; $js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\""; echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (wpsc_has_regions($country_code)) { $region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : ''; echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>"; } break; case "delivery_country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } $html_id = 'wpsc-profile-shipping-country'; $js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\""; echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (wpsc_has_regions($country_code)) { $region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : ''; echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>"; } break; case "email": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "select": $options = $wpsc_checkout->get_checkout_options($form_field['id']); $selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null; ?> <select name='collected_data[<?php echo esc_attr($form_field['id']); ?> ]'> <option value="-1"><?php _ex('Select an Option', 'Dropdown default on user log page', 'wpsc'); ?> </option> <?php foreach ($options as $label => $value) { ?> <option <?php selected($value, $selected); ?> value="<?php echo esc_attr($value); ?> "><?php echo esc_html($label); ?> </option> <?php } ?> </select> <?php break; case 'checkbox': case 'radio': $checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array(); $options = $wpsc_checkout->get_checkout_options($form_field['id']); $field_name = "collected_data[{$form_field['id']}]"; if ($form_field['type'] == 'checkbox') { $field_name .= '[]'; } foreach ($options as $label => $value) { ?> <label> <input <?php checked(in_array($value, $checked_values)); ?> type="<?php echo $form_field['type']; ?> " id="" name="collected_data[<?php echo esc_attr($form_field['id']); ?> ][]" value="<?php echo esc_attr($value); ?> " /> <?php echo esc_html($label); ?> </label><br /> <?php } break; default: $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : ''; echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />"; break; } echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile'); echo "\n </td>\n </tr>\n\r"; } } /* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check * functionality and PCI_DSS compliance if ( isset( $gateway_checkout_form_fields ) ) { echo $gateway_checkout_form_fields; } */ }
/** * form_field method, returns the form html * @access public */ function form_field() { global $wpdb, $user_ID; if ($user_ID > 0) { if (!isset($_SESSION['wpsc_checkout_saved_values'])) { $_SESSION['wpsc_checkout_saved_values'] = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1); } $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country'); $billing_country_id = wpsc_get_country_form_id_by_type('country'); } $saved_form_data = @htmlentities(stripslashes((string) $_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id]), ENT_QUOTES, 'UTF-8'); $an_array = ''; if (function_exists('wpsc_get_ticket_checkout_set')) { if ($this->checkout_item->checkout_set == wpsc_get_ticket_checkout_set()) { $an_array = '[]'; } } switch ($this->checkout_item->type) { case "address": case "delivery_address": case "textarea": $output = "<textarea title='" . $this->checkout_item->unique_name . "' class='text' id='" . $this->form_element_id() . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' rows='3' cols='40' >" . $saved_form_data . "</textarea>"; break; case "checkbox": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { $i = mt_rand(); foreach ($options as $label => $value) { $output .= "<input type='hidden' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "' value='-1' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/><input type='checkbox' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "' value='" . esc_attr($value) . "' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/> "; $output .= "<label for='" . $this->form_element_id() . "'>" . $label . "</label>"; } } break; case "country": $output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_selected_country'], $_SESSION['wpsc_selected_region'], $this->form_element_id()); break; case "delivery_country": if (wpsc_uses_shipping()) { $country_name = $wpdb->get_var("SELECT `country` FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `isocode`='" . $_SESSION['wpsc_delivery_country'] . "' LIMIT 1"); $output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_country' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_country']) . "' size='4' /><span class='shipping_country_name'>" . $country_name . "</span> "; } else { $checkoutfields = true; $output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_delivery_country'], $_SESSION['wpsc_delivery_region'], $this->form_element_id(), $checkoutfields); } break; case "select": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { $output = "<select name='collected_data[{$this->checkout_item->id}]" . $an_array . "'>"; $output .= "<option value='-1'>Select an Option</option>"; foreach ((array) $options as $label => $value) { $value = esc_attr(str_replace(' ', '', $value)); $output .= "<option value='" . esc_attr($value) . "'>" . esc_html($label) . "</option>\n\r"; } $output .= "</select>"; } break; case "radio": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { $i = mt_rand(); foreach ((array) $options as $label => $value) { $output .= "<input type='radio' title='" . $this->checkout_item->unique_name . "' id='" . $this->form_element_id() . "'value='" . esc_attr($value) . "' name='collected_data[{$this->checkout_item->id}][" . $i . "]'/> "; $output .= "<label for='" . $this->form_element_id() . "'>" . $label . "</label>"; } } break; case "text": case "city": case "delivery_city": case "email": case "coupon": default: if ($this->checkout_item->unique_name == 'shippingstate') { if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_delivery_country'])) { $region_name = $wpdb->get_var("SELECT `name` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id`='" . $_SESSION['wpsc_delivery_region'] . "' LIMIT 1"); $output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_region' name='collected_data[{$this->checkout_item->id}]' value='" . $_SESSION['wpsc_delivery_region'] . "' size='4' /><span class='shipping_region_name'>" . $region_name . "</span> "; } else { $disabled = ''; if (wpsc_disregard_shipping_state_fields()) { $disabled = 'disabled = "disabled"'; } $output = "<input class='shipping_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />"; } } elseif ($this->checkout_item->unique_name == 'billingstate') { if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_selected_country'])) { $output = ''; } else { $disabled = ''; if (wpsc_disregard_billing_state_fields()) { $disabled = 'disabled = "disabled"'; } $output = "<input class='billing_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />"; } } else { $output = "<input title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' class='text' value='" . $saved_form_data . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' />"; } break; } return $output; }
/** * validate_forms method, validates the input from the checkout page * @access public */ function validate_forms() { global $wpsc_cart, $wpdb, $current_user, $user_ID, $wpsc_gateway_error_messages, $wpsc_checkout_error_messages, $wpsc_customer_checkout_details, $wpsc_registration_error_messages; $any_bad_inputs = false; $bad_input_message = ''; $wpsc_gateway_error_messages = array(); $wpsc_checkout_error_messages = array(); $wpsc_registration_error_messages = array(); // Credit Card Number Validation for PayPal Pro and maybe others soon if (isset($_POST['card_number'])) { //should do some php CC validation here~ } else { $wpsc_gateway_error_messages['card_number'] = ''; } if (isset($_POST['card_number1']) && isset($_POST['card_number2']) && isset($_POST['card_number3']) && isset($_POST['card_number4'])) { if ($_POST['card_number1'] != '' && $_POST['card_number2'] != '' && $_POST['card_number3'] != '' && $_POST['card_number4'] != '' && is_numeric($_POST['card_number1']) && is_numeric($_POST['card_number2']) && is_numeric($_POST['card_number3']) && is_numeric($_POST['card_number4'])) { $wpsc_gateway_error_messages['card_number'] = ''; } else { $any_bad_inputs = true; $bad_input = true; $wpsc_gateway_error_messages['card_number'] = __('Please enter a valid card number.', 'wpsc'); $wpsc_customer_checkout_details['card_number'] = ''; } } if (isset($_POST['expiry'])) { if (!empty($_POST['expiry']['month']) && !empty($_POST['expiry']['month']) && is_numeric($_POST['expiry']['month']) && is_numeric($_POST['expiry']['year'])) { $wpsc_gateway_error_messages['expdate'] = ''; } else { $any_bad_inputs = true; $bad_input = true; $wpsc_gateway_error_messages['expdate'] = __('Please enter a valid expiry date.', 'wpsc'); $wpsc_customer_checkout_details['expdate'] = ''; } } if (isset($_POST['card_code'])) { if (empty($_POST['card_code']) || !is_numeric($_POST['card_code'])) { $any_bad_inputs = true; $bad_input = true; $wpsc_gateway_error_messages['card_code'] = __('Please enter a valid CVV.', 'wpsc'); $wpsc_customer_checkout_details['card_code'] = ''; } else { $wpsc_gateway_error_messages['card_code'] = ''; } } if (isset($_POST['cctype'])) { if ($_POST['cctype'] == '') { $any_bad_inputs = true; $bad_input = true; $wpsc_gateway_error_messages['cctype'] = __('Please enter a valid CVV.', 'wpsc'); $wpsc_customer_checkout_details['cctype'] = ''; } else { $wpsc_gateway_error_messages['cctype'] = ''; } } if (isset($_POST['log']) || isset($_POST['pwd']) || isset($_POST['user_email'])) { $results = wpsc_add_new_user($_POST['log'], $_POST['pwd'], $_POST['user_email']); if (is_callable(array($results, "get_error_code")) && $results->get_error_code()) { foreach ($results->get_error_codes() as $code) { foreach ($results->get_error_messages($code) as $error) { $wpsc_registration_error_messages[] = $error; } $any_bad_inputs = true; } } if ($results->ID > 0) { $our_user_id = $results->ID; } else { $any_bad_inputs = true; $our_user_id = ''; } } if (isset($our_user_id) && $our_user_id < 1) { $our_user_id = $user_ID; } // check we have a user id if (isset($our_user_id) && $our_user_id > 0) { $user_ID = $our_user_id; } $location_changed = false; //Basic Form field validation for billing and shipping details foreach ($this->checkout_items as $form_data) { $value = ''; if (isset($_POST['collected_data'][$form_data->id])) { $value = stripslashes_deep($_POST['collected_data'][$form_data->id]); } $wpsc_customer_checkout_details[$form_data->id] = $value; $bad_input = false; if ($form_data->mandatory == 1 || $form_data->type == "coupon") { // dirty hack if ($form_data->unique_name == 'billingstate' && empty($value)) { $billing_country_id = $wpdb->get_var("SELECT `" . WPSC_TABLE_CHECKOUT_FORMS . "`.`id` FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `unique_name` = 'billingcountry' AND active = '1' "); $value = $_POST['collected_data'][$billing_country_id][1]; } switch ($form_data->type) { case "email": if (!preg_match("/^[a-zA-Z0-9._-]+@[a-zA-Z0-9-.]+\\.[a-zA-Z]{2,5}\$/", $value)) { $any_bad_inputs = true; $bad_input = true; } break; case "delivery_country": case "country": case "heading": break; case "select": if ($value == '-1') { $any_bad_inputs = true; $bad_input = true; } break; default: if ($value == null) { $any_bad_inputs = true; $bad_input = true; } break; } if ($bad_input === true) { $wpsc_checkout_error_messages[$form_data->id] = sprintf(__('Please enter a valid <span class="wpsc_error_msg_field_name">%s</span>.', 'wpsc'), esc_attr($form_data->name)); $wpsc_customer_checkout_details[$form_data->id] = ''; } } if (!$bad_input) { if ($form_data->unique_name == 'shippingstate') { $shipping_country_field_id = wpsc_get_country_form_id_by_type('delivery_country'); $shipping_country = $_POST['collected_data'][$shipping_country_field_id]; if (!is_array($shipping_country) || !isset($shipping_country[1])) { wpsc_update_customer_meta('billing_region', $value); $location_changed = true; } } elseif ($form_data->unique_name == 'billingstate') { $billing_country_field_id = wpsc_get_country_form_id_by_type('country'); $billing_country = $_POST['collected_data'][$billing_country_field_id]; if (!is_array($billing_country) || !isset($billing_country[1])) { wpsc_update_customer_meta('billing_region', $value); $location_changed = true; } } } } wpsc_update_customer_meta('checkout_error_messages', $wpsc_checkout_error_messages); wpsc_update_customer_meta('gateway_error_messages', $wpsc_gateway_error_messages); wpsc_update_customer_meta('registration_error_messages', $wpsc_registration_error_messages); $filtered_checkout_details = apply_filters('wpsc_update_customer_checkout_details', $wpsc_customer_checkout_details); // legacy filter if (is_user_logged_in()) { $filtered_checkout_details = apply_filters('wpsc_checkout_user_profile_update', $wpsc_customer_checkout_details, get_current_user_id()); } wpsc_update_customer_meta('checkout_details', $filtered_checkout_details); if ($location_changed) { $wpsc_cart->update_location(); } $states = array('is_valid' => !$any_bad_inputs, 'error_messages' => $bad_input_message); $states = apply_filters('wpsc_checkout_form_validation', $states); return $states; }
/** * wpsc_display_form_fields() * * This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename. * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered * via 'wpsc_account_form_field_your-billing-details'. * * @global <type> $wpdb * @global <type> $user_ID * @global <type> $wpsc_purchlog_statuses * @global <type> $gateway_checkout_form_fields */ function wpsc_display_form_fields() { // Field display and Data saving function global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout; if (empty($wpsc_checkout)) { $wpsc_checkout = new WPSC_Checkout(); } $meta_data = null; $saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';"; $saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A); $meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1); $meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID); $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;"; $form_data = $wpdb->get_results($form_sql, ARRAY_A); foreach ($form_data as $form_field) { if (!empty($form_field['unique_name'])) { $ff_tag = $form_field['unique_name']; } else { $ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8'); } if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) { $meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8'); } if ($form_field['type'] == 'heading') { echo "\n <tr>\n <td colspan='2'>\n\r"; echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>"; echo "\n </td>\n </tr>\n\r"; } else { $continue = true; if ($form_field['unique_name'] == 'billingstate') { $selected_country_id = wpsc_get_country_form_id_by_type('country'); if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) { $continue = false; } else { $continue = true; } } if ($form_field['unique_name'] == 'shippingstate') { $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country'); if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) { $shipping_form_field = $form_field; $continue = false; } else { $continue = true; } } if ($continue) { echo "\n\t\t\t <tr>\n\t \t\t <td align='left'>\n\r"; echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']); if ($form_field['mandatory'] == 1) { echo " *"; } echo "\n\t \t\t</td>\n\r\n\t \t\t<td align='left'>\n\r"; } switch ($form_field['type']) { case "city": case "delivery_city": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "address": case "delivery_address": case "textarea": echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>"; break; case "text": $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : ''; if ($continue) { echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />"; } elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($value)) { } break; case "region": case "delivery_region": echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>"; break; case "country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (isset($meta_data[$form_field['id']][1])) { echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>"; } break; case "delivery_country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (is_array($meta_data[$form_field['id']])) { echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>"; } elseif (isset($shipping_form_field)) { echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>"; } break; case "email": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "select": $options = $wpsc_checkout->get_checkout_options($form_field['id']); $selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null; ?> <select name='collected_data["<?php echo esc_attr($form_field['id']); ?> "]'> <option value="-1"><?php _ex('Select an Option', 'Dropdown default on user log page', 'wpsc'); ?> </option> <?php foreach ($options as $label => $value) { ?> <option <?php selected($value, $selected); ?> value="<?php echo esc_attr($value); ?> "><?php echo esc_html($label); ?> </option> <?php } ?> </select> <?php break; case 'checkbox': case 'radio': $checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array(); $options = $wpsc_checkout->get_checkout_options($form_field['id']); $field_name = "collected_data[{$form_field['id']}]"; if ($form_field['type'] == 'checkbox') { $field_name .= '[]'; } foreach ($options as $label => $value) { ?> <label> <input <?php checked(in_array($value, $checked_values)); ?> type="<?php echo $form_field['type']; ?> " id="" name="collected_data[<?php echo esc_attr($form_field['id']); ?> ][]" value="<?php echo esc_attr($value); ?> " /> <?php echo esc_html($label); ?> </label><br /> <?php } break; default: $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : ''; echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />"; break; } echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile'); echo "\n </td>\n </tr>\n\r"; } } /* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check * functionality and PCI_DSS compliance if ( isset( $gateway_checkout_form_fields ) ) { echo $gateway_checkout_form_fields; } */ }
/** * wpsc_display_form_fields() * * This function displays each of the form fields. Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename. * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered * via 'wpsc_account_form_field_your-billing-details'. * * @global <type> $wpdb * @global <type> $user_ID * @global <type> $wpsc_purchlog_statuses * @global <type> $gateway_checkout_form_fields */ function wpsc_display_form_fields() { // Field display and Data saving function global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields; $meta_data = null; $saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';"; $saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A); $meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1); $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;"; $form_data = $wpdb->get_results($form_sql, ARRAY_A); foreach ($form_data as $form_field) { if (!empty($form_field['unique_name'])) { $ff_tag = $form_field['unique_name']; } else { $ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8'); } if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) { $meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8'); } if ($form_field['type'] == 'heading') { echo "\n <tr>\n <td colspan='2'>\n\r"; echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>"; echo "\n </td>\n </tr>\n\r"; } else { $continue = true; if ($form_field['unique_name'] == 'billingstate') { $selected_country_id = wpsc_get_country_form_id_by_type('country'); if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) { $continue = false; } else { $continue = true; } } if ($form_field['unique_name'] == 'shippingstate') { $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country'); if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) { $shipping_form_field = $form_field; $continue = false; } else { $continue = true; } } if ($continue) { echo "\n\t\t\t <tr>\n\t \t\t <td align='left'>\n\r"; echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']); if ($form_field['mandatory'] == 1) { echo " *"; } echo "\n\t \t\t</td>\n\r\n\t \t\t<td align='left'>\n\r"; } switch ($form_field['type']) { case "city": case "delivery_city": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; case "address": case "delivery_address": case "textarea": echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>"; break; case "text": if ($continue) { echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; } elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($meta_data[$form_field['id']])) { } break; case "region": case "delivery_region": echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>"; break; case "country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (isset($meta_data[$form_field['id']][1])) { echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>"; } break; case "delivery_country": if (is_array($meta_data[$form_field['id']])) { $country_code = $meta_data[$form_field['id']][0]; } else { $country_code = $meta_data[$form_field['id']]; } echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>"; if (is_array($meta_data[$form_field['id']])) { echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>"; } elseif (isset($shipping_form_field)) { echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>"; } break; case "email": echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; default: echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />"; break; } echo "\n </td>\n </tr>\n\r"; } } /* Returns an empty array at this point, empty in regards to fields, does show the internalname though. Needs to be reconsidered, even if it did work, need to check * functionality and PCI_DSS compliance if ( isset( $gateway_checkout_form_fields ) ) { echo $gateway_checkout_form_fields; } */ }
/** * form_field method, returns the form html * @access public */ function form_field() { global $wpdb, $user_ID; if ($user_ID > 0) { if (!isset($_SESSION['wpsc_checkout_saved_values'])) { $meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1); $meta_data = apply_filters('wpsc_checkout_user_profile_get', $user_ID, $meta_data); $_SESSION['wpsc_checkout_saved_values'] = $meta_data; } $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country'); $billing_country_id = wpsc_get_country_form_id_by_type('country'); } $saved_form_data = isset($_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id]) ? $_SESSION['wpsc_checkout_saved_values'][$this->checkout_item->id] : null; $an_array = ''; if (function_exists('wpsc_get_ticket_checkout_set')) { if ($this->checkout_item->checkout_set == wpsc_get_ticket_checkout_set()) { $an_array = '[]'; } } $output = ''; switch ($this->checkout_item->type) { case "address": case "delivery_address": case "textarea": $output .= "<textarea title='" . $this->checkout_item->unique_name . "' class='text' id='" . $this->form_element_id() . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' rows='3' cols='40' >" . esc_html((string) $saved_form_data) . "</textarea>"; break; case "checkbox": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { $i = mt_rand(); foreach ($options as $label => $value) { ?> <label> <input <?php checked(in_array($value, (array) $saved_form_data)); ?> type="checkbox" name="collected_data[<?php echo esc_attr($this->checkout_item->id); ?> ]<?php echo $an_array; ?> []" value="<?php echo esc_attr($value); ?> " /> <?php echo esc_html($label); ?> </label> <?php } } break; case "country": $output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_selected_country'], $_SESSION['wpsc_selected_region'], $this->form_element_id()); break; case "delivery_country": if (wpsc_uses_shipping()) { $country_name = $wpdb->get_var($wpdb->prepare("SELECT `country` FROM `" . WPSC_TABLE_CURRENCY_LIST . "` WHERE `isocode`= %s LIMIT 1", $_SESSION['wpsc_delivery_country'])); $output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_country' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_country']) . "' size='4' /><span class='shipping_country_name'>" . $country_name . "</span> "; } else { $checkoutfields = true; $output = wpsc_country_region_list($this->checkout_item->id, false, $_SESSION['wpsc_delivery_country'], $_SESSION['wpsc_delivery_region'], $this->form_element_id(), $checkoutfields); } break; case "select": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { $output = "<select name='collected_data[{$this->checkout_item->id}]" . $an_array . "'>"; $output .= "<option value='-1'>" . _x('Select an Option', 'Dropdown default when called within checkout class', 'wpsc') . "</option>"; foreach ((array) $options as $label => $value) { $value = esc_attr(str_replace(' ', '', $value)); $output .= "<option " . selected($value, $saved_form_data, false) . " value='" . esc_attr($value) . "'>" . esc_html($label) . "</option>\n\r"; } $output .= "</select>"; } break; case "radio": $options = $this->get_checkout_options($this->checkout_item->id); if ($options != '') { foreach ((array) $options as $label => $value) { ?> <label> <input type="radio" <?php checked($value, $saved_form_data); ?> name="collected_data[<?php echo esc_attr($this->checkout_item->id); ?> ]<?php echo $an_array; ?> " value="<?php echo esc_attr($value); ?> " /> <?php echo esc_html($label); ?> </label> <?php } } break; case "text": case "city": case "delivery_city": case "email": case "coupon": default: if ($this->checkout_item->unique_name == 'shippingstate') { if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_delivery_country'])) { $region_name = $wpdb->get_var($wpdb->prepare("SELECT `name` FROM `" . WPSC_TABLE_REGION_TAX . "` WHERE `id`= %d LIMIT 1", $_SESSION['wpsc_delivery_region'])); $output = "<input title='" . $this->checkout_item->unique_name . "' type='hidden' id='" . $this->form_element_id() . "' class='shipping_region' name='collected_data[{$this->checkout_item->id}]' value='" . esc_attr($_SESSION['wpsc_delivery_region']) . "' size='4' /><span class='shipping_region_name'>" . esc_html($region_name) . "</span> "; } else { $disabled = ''; if (wpsc_disregard_shipping_state_fields()) { $disabled = 'disabled = "disabled"'; } $output = "<input class='shipping_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />"; } } elseif ($this->checkout_item->unique_name == 'billingstate') { if (wpsc_uses_shipping() && wpsc_has_regions($_SESSION['wpsc_selected_country'])) { $output = ''; } else { $disabled = ''; if (wpsc_disregard_billing_state_fields()) { $disabled = 'disabled = "disabled"'; } $output = "<input class='billing_region text' title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' " . $disabled . " />"; } } else { $output = "<input title='" . $this->checkout_item->unique_name . "' type='text' id='" . $this->form_element_id() . "' class='text' value='" . esc_attr($saved_form_data) . "' name='collected_data[{$this->checkout_item->id}]" . $an_array . "' />"; } break; } return $output; }