/** * Renders the customer view wrapper * * @since 1.0 * * @param string $view The View being requested * @param array $callbacks The Registered views and their callback functions * * @return void */ function give_render_customer_view($view, $callbacks) { $render = true; $customer_view_role = apply_filters('give_view_customers_role', 'view_give_reports'); if (!current_user_can($customer_view_role)) { give_set_error('give-no-access', __('You are not permitted to view this data.', 'give')); $render = false; } if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { give_set_error('give-invalid_customer', __('Invalid Donor ID Provided.', 'give')); $render = false; } $customer_id = (int) $_GET['id']; $customer = new Give_Customer($customer_id); if (empty($customer->id)) { give_set_error('give-invalid_customer', __('Invalid Donor ID Provided.', 'give')); $render = false; } $customer_tabs = give_customer_tabs(); ?> <div class='wrap'> <?php if (give_get_errors()) { ?> <div class="error settings-error"> <?php give_print_errors(0); ?> </div> <?php } ?> <?php if ($customer && $render) { ?> <div id="customer-tab-wrapper"> <ul id="customer-tab-wrapper-list" class="nav-tab-wrapper"> <?php foreach ($customer_tabs as $key => $tab) { ?> <?php $active = $key === $view ? true : false; ?> <?php $class = $active ? 'active' : 'inactive'; ?> <li class="<?php echo sanitize_html_class($class); ?> "> <?php if (!$active) { ?> <a title="<?php echo esc_attr($tab['title']); ?> " aria-label="<?php echo esc_attr($tab['title']); ?> " href="<?php echo esc_url(admin_url('edit.php?post_type=give_forms&page=give-donors&view=' . $key . '&id=' . $customer->id)); ?> "> <?php } ?> <span class="dashicons <?php echo sanitize_html_class($tab['dashicon']); ?> "></span> <?php echo esc_attr($tab['title']); ?> <?php if (!$active) { ?> </a> <?php } ?> </li> <?php } ?> </ul> </div> <div id="give-customer-card-wrapper"> <?php $callbacks[$view]($customer); ?> </div> <?php } ?> </div> <?php }
/** * Process Profile Updater Form. * * Processes the profile updater form by updating the necessary fields. * * @since 1.0 * * @param array $data Data sent from the profile editor. * * @return bool */ function give_process_profile_editor_updates($data) { // Profile field change request if (empty($_POST['give_profile_editor_submit']) && !is_user_logged_in()) { return false; } // Nonce security if (!wp_verify_nonce($data['give_profile_editor_nonce'], 'give-profile-editor-nonce')) { return false; } $user_id = get_current_user_id(); $old_user_data = get_userdata($user_id); $display_name = isset($data['give_display_name']) ? sanitize_text_field($data['give_display_name']) : $old_user_data->display_name; $first_name = isset($data['give_first_name']) ? sanitize_text_field($data['give_first_name']) : $old_user_data->first_name; $last_name = isset($data['give_last_name']) ? sanitize_text_field($data['give_last_name']) : $old_user_data->last_name; $email = isset($data['give_email']) ? sanitize_email($data['give_email']) : $old_user_data->user_email; $line1 = isset($data['give_address_line1']) ? sanitize_text_field($data['give_address_line1']) : ''; $line2 = isset($data['give_address_line2']) ? sanitize_text_field($data['give_address_line2']) : ''; $city = isset($data['give_address_city']) ? sanitize_text_field($data['give_address_city']) : ''; $state = isset($data['give_address_state']) ? sanitize_text_field($data['give_address_state']) : ''; $zip = isset($data['give_address_zip']) ? sanitize_text_field($data['give_address_zip']) : ''; $country = isset($data['give_address_country']) ? sanitize_text_field($data['give_address_country']) : ''; $userdata = array('ID' => $user_id, 'first_name' => $first_name, 'last_name' => $last_name, 'display_name' => $display_name, 'user_email' => $email); $address = array('line1' => $line1, 'line2' => $line2, 'city' => $city, 'state' => $state, 'zip' => $zip, 'country' => $country); /** * Fires before updating user profile. * * @since 1.0 * * @param int $user_id The ID of the user. * @param array $userdata User info, including ID, first name, last name, display name and email. */ do_action('give_pre_update_user_profile', $user_id, $userdata); // New password if (!empty($data['give_new_user_pass1'])) { if ($data['give_new_user_pass1'] !== $data['give_new_user_pass2']) { give_set_error('password_mismatch', esc_html__('The passwords you entered do not match. Please try again.', 'give')); } else { $userdata['user_pass'] = $data['give_new_user_pass1']; } } if (empty($email)) { // Make sure email should not be empty. give_set_error('email_empty', esc_html__('The email you entered is empty.', 'give')); } else { if (!is_email($email)) { // Make sure email should be valid. give_set_error('email_not_valid', esc_html__('The email you entered is not valid. Please use another', 'give')); } else { if ($email != $old_user_data->user_email) { // Make sure the new email doesn't belong to another user if (email_exists($email)) { give_set_error('email_exists', esc_html__('The email you entered belongs to another user. Please use another.', 'give')); } } } } // Check for errors $errors = give_get_errors(); if ($errors) { // Send back to the profile editor if there are errors wp_redirect($data['give_redirect']); give_die(); } // Update the user $meta = update_user_meta($user_id, '_give_user_address', $address); $updated = wp_update_user($userdata); if ($updated) { /** * Fires after updating user profile. * * @since 1.0 * * @param int $user_id The ID of the user. * @param array $userdata User info, including ID, first name, last name, display name and email. */ do_action('give_user_profile_updated', $user_id, $userdata); wp_redirect(add_query_arg('updated', 'true', $data['give_redirect'])); give_die(); } return false; }
/** * Removes (unsets) a stored error * * @since 1.0 * @uses Give_Session::set() * * @param int $error_id ID of the error being set * * @return string */ function give_unset_error($error_id) { $errors = give_get_errors(); if ($errors) { unset($errors[$error_id]); Give()->session->set('give_errors', $errors); } }
} } else { give_set_error('give_no_donor_email_exists', apply_filters('give_no_donor_email_exists_message', __('Sorry, it looks like that donor email address does not exist', 'give'))); } } } //Print any messages & errors give_print_errors(0); //Show the email login form? if ($show_form) { ?> <div class="give-form"> <?php if (!give_get_errors()) { give_output_error(__('Please enter the email address you used for your donation. A verification email containing an access link will be sent to you.', 'give'), true); } ?> <form method="post" action="" id="give-email-access-form"> <label for="give_email"><?php __('Donation Email:', 'give'); ?> </label> <input id="give-email" type="email" name="give_email" value="" placeholder="<?php _e('Your donation email', 'give'); ?> "/> <input type="hidden" name="_wpnonce" value="<?php echo wp_create_nonce('give');
/** * Test that a error is displayed when the email is already taken. * Test that a error is displayed when the payment email is incorrect. * * @since 1.3.2 */ public function test_process_register_form_payment_email_incorrect() { $_POST['give_register_submit'] = 1; $_POST['give_user_pass'] = ''; $_POST['give_user_pass2'] = ''; give_process_register_form(array('give_register_submit' => 1, 'give_user_login' => 'random_username', 'give_user_email' => '*****@*****.**', 'give_payment_email' => 'someotheradminexample.org')); $this->assertArrayHasKey('email_unavailable', give_get_errors()); $this->assertArrayHasKey('payment_email_invalid', give_get_errors()); // Clear errors for other test give_clear_errors(); }
/** * Profile Editor * * @description This template is used to display the profile editor with [give_profile_editor] * @copyright Copyright (c) 2015, WordImpress * @license http://opensource.org/licenses/gpl-2.0.php GNU Public License */ global $current_user; if (is_user_logged_in()) { $user_id = get_current_user_id(); $first_name = get_user_meta($user_id, 'first_name', true); $last_name = get_user_meta($user_id, 'last_name', true); $display_name = $current_user->display_name; $address = give_get_donor_address($user_id); if (isset($_GET['updated']) && $_GET['updated'] == true && !give_get_errors()) { ?> <p class="give_success"> <strong><?php _e('Success', 'give'); ?> :</strong> <?php _e('Your profile has been edited successfully.', 'give'); ?> </p> <?php } ?> <?php give_print_errors(0);
/** * Register And Login New User * * @param array $user_data * * @access private * @since 1.0 * @return integer */ function give_register_and_login_new_user($user_data = array()) { // Verify the array if (empty($user_data)) { return -1; } if (give_get_errors()) { return -1; } $user_args = apply_filters('give_insert_user_args', array('user_login' => isset($user_data['user_login']) ? $user_data['user_login'] : '', 'user_pass' => isset($user_data['user_pass']) ? $user_data['user_pass'] : '', 'user_email' => isset($user_data['user_email']) ? $user_data['user_email'] : '', 'first_name' => isset($user_data['user_first']) ? $user_data['user_first'] : '', 'last_name' => isset($user_data['user_last']) ? $user_data['user_last'] : '', 'user_registered' => date('Y-m-d H:i:s'), 'role' => get_option('default_role')), $user_data); // Insert new user $user_id = wp_insert_user($user_args); // Validate inserted user if (is_wp_error($user_id)) { return -1; } // Allow themes and plugins to filter the user data $user_data = apply_filters('give_insert_user_data', $user_data, $user_args); // Allow themes and plugins to hook do_action('give_insert_user', $user_id, $user_data); // Login new user give_log_user_in($user_id, $user_data['user_login'], $user_data['user_pass']); // Return user id return $user_id; }
/** * Delete a customer * * @since 1.0 * * @param array $args The $_POST array being passeed * * @return int Wether it was a successful deletion */ function give_customer_delete($args) { $customer_edit_role = apply_filters('give_edit_customers_role', 'edit_give_payments'); if (!is_admin() || !current_user_can($customer_edit_role)) { wp_die(__('You do not have permission to delete this donor.', 'give')); } if (empty($args)) { return; } $customer_id = (int) $args['customer_id']; $confirm = !empty($args['give-customer-delete-confirm']) ? true : false; $remove_data = !empty($args['give-customer-delete-records']) ? true : false; $nonce = $args['_wpnonce']; if (!wp_verify_nonce($nonce, 'delete-customer')) { wp_die(__('Cheatin\' eh?!', 'give')); } if (!$confirm) { give_set_error('customer-delete-no-confirm', __('Please confirm you want to delete this donor', 'give')); } if (give_get_errors()) { wp_redirect(admin_url('edit.php?post_type=give_forms&page=give-donors&view=overview&id=' . $customer_id)); exit; } $customer = new Give_Customer($customer_id); do_action('give_pre_delete_customer', $customer_id, $confirm, $remove_data); $success = false; if ($customer->id > 0) { $payments_array = explode(',', $customer->payment_ids); $success = Give()->customers->delete($customer->id); if ($success) { if ($remove_data) { // Remove all payments, logs, etc foreach ($payments_array as $payment_id) { give_delete_purchase($payment_id, false, true); } } else { // Just set the payments to customer_id of 0 foreach ($payments_array as $payment_id) { give_update_payment_meta($payment_id, '_give_payment_customer_id', 0); } } $redirect = admin_url('edit.php?post_type=give_forms&page=give-donors&give-message=customer-deleted'); } else { give_set_error('give-donor-delete-failed', __('Error deleting donor', 'give')); $redirect = admin_url('edit.php?post_type=give_forms&page=give-donors&view=delete&id=' . $customer_id); } } else { give_set_error('give-customer-delete-invalid-id', __('Invalid Donor ID', 'give')); $redirect = admin_url('edit.php?post_type=give_forms&page=give-donors'); } wp_redirect($redirect); exit; }
/** * Authorize.net Payments * * @param $purchase_data */ public function give_process_authorize_net_payment($purchase_data) { if (!isset($_POST['card_number']) || $_POST['card_number'] == '') { give_set_error('empty_card', __('You must enter a card number', 'give')); } if (!isset($_POST['card_name']) || $_POST['card_name'] == '') { give_set_error('empty_card_name', __('You must enter the name on your card', 'give')); } if (!isset($_POST['card_exp_month']) || $_POST['card_exp_month'] == '') { give_set_error('empty_month', __('You must enter an expiration month', 'give')); } if (!isset($_POST['card_exp_year']) || $_POST['card_exp_year'] == '') { give_set_error('empty_year', __('You must enter an expiration year', 'give')); } if (!isset($_POST['card_cvc']) || $_POST['card_cvc'] == '' || strlen($_POST['card_cvc']) < 3) { give_set_error('empty_cvc', __('You must enter a valid CVC', 'give')); } $errors = give_get_errors(); //No errors: Continue with payment processing if (!$errors) { //Include Authorize SDK require_once GIVE_AUTHORIZE_PLUGIN_DIR . '/includes/anet_php_sdk/AuthorizeNet.php'; if (!give_is_test_mode()) { //LIVE: $authorize_api_login = give_get_option('give_api_login'); $authorize_trans_key = give_get_option('give_transaction_key'); } else { //SANDBOX $authorize_api_login = give_get_option('give_authorize_sandbox_api_login'); $authorize_trans_key = give_get_option('give_authorize_sandbox_transaction_key'); } //Check for credentials entered if (empty($authorize_api_login) || empty($authorize_trans_key)) { give_set_error('error_id_here', __('Error: Missing API Login or Transaction key. Please enter them in the plugin settings.', 'give-authorize')); return; } //Proceed with Authorize AIM $transaction = new AuthorizeNetAIM($authorize_api_login, $authorize_trans_key); $transaction->VERIFY_PEER = false; //Sandbox or not? if (give_is_test_mode()) { $transaction->setSandbox(true); } else { $transaction->setSandbox(false); } $card_info = $purchase_data['card_info']; $card_names = explode(' ', $card_info['card_name']); $first_name = isset($card_names[0]) ? $card_names[0] : $purchase_data['user_info']['first_name']; if (!empty($card_names[1])) { unset($card_names[0]); $last_name = implode(' ', $card_names); } else { $last_name = $purchase_data['user_info']['last_name']; } $transaction->amount = $purchase_data['price']; $transaction->card_num = strip_tags(trim($card_info['card_number'])); $transaction->card_code = strip_tags(trim($card_info['card_cvc'])); $transaction->exp_date = strip_tags(trim($card_info['card_exp_month'])) . '/' . strip_tags(trim($card_info['card_exp_year'])); $transaction->description = give_get_purchase_summary($purchase_data); $transaction->first_name = $first_name; $transaction->last_name = $last_name; $transaction->address = $card_info['card_address'] . ' ' . $card_info['card_address_2']; $transaction->city = $card_info['card_city']; $transaction->country = $card_info['card_country']; $transaction->state = $card_info['card_state']; $transaction->zip = $card_info['card_zip']; $transaction->customer_ip = give_get_ip(); $transaction->email = $purchase_data['user_email']; $transaction->invoice_num = $purchase_data['purchase_key']; try { $response = $transaction->authorizeAndCapture(); if ($response->approved) { $payment_data = array('price' => $purchase_data['price'], 'give_form_title' => $purchase_data['post_data']['give-form-title'], 'give_form_id' => intval($purchase_data['post_data']['give-form-id']), 'price_id' => isset($purchase_data['post_data']['give-price-id']) ? intval($purchase_data['post_data']['give-price-id']) : '', 'date' => $purchase_data['date'], 'user_email' => $purchase_data['user_email'], 'purchase_key' => $purchase_data['purchase_key'], 'currency' => give_get_currency(), 'user_info' => $purchase_data['user_info'], 'status' => 'pending', 'gateway' => 'authorizenet'); $payment = give_insert_payment($payment_data); if ($payment) { give_update_payment_status($payment, 'publish'); give_send_to_success_page(); } else { give_set_error('authorize_error', __('Error: your payment could not be recorded. Please try again', 'give')); give_send_back_to_checkout('?payment-mode=' . $purchase_data['post_data']['give-gateway']); } } else { if (isset($response->response_reason_text)) { $error = $response->response_reason_text; } elseif (isset($response->error_message)) { $error = $response->error_message; } else { $error = ''; } if (strpos(strtolower($error), 'the credit card number is invalid') !== false) { give_set_error('invalid_card', __('Your card number is invalid', 'give')); } elseif (strpos(strtolower($error), 'this transaction has been declined') !== false) { give_set_error('invalid_card', __('Your card has been declined', 'give')); } elseif (isset($response->response_reason_text)) { give_set_error('api_error', $response->response_reason_text); } elseif (isset($response->error_message)) { give_set_error('api_error', $response->error_message); } else { give_set_error('api_error', sprintf(__('An error occurred. Error data: %s', 'give'), print_r($response, true))); } give_send_back_to_checkout('?payment-mode=' . $purchase_data['post_data']['give-gateway']); } } catch (AuthorizeNetException $e) { give_set_error('request_error', $e->getMessage()); give_send_back_to_checkout('?payment-mode=' . $purchase_data['post_data']['give-gateway']); } } else { give_send_back_to_checkout('?payment-mode=' . $purchase_data['post_data']['give-gateway']); } }
/** * Process Register Form * * @since 2.0 * * @param array $data Data sent from the register form * * @return void */ function give_process_register_form($data) { if (is_user_logged_in()) { return; } if (empty($_POST['give_register_submit'])) { return; } do_action('give_pre_process_register_form'); if (empty($data['give_user_login'])) { give_set_error('empty_username', __('Invalid username', 'give')); } if (username_exists($data['give_user_login'])) { give_set_error('username_unavailable', __('Username already taken', 'give')); } if (!validate_username($data['give_user_login'])) { give_set_error('username_invalid', __('Invalid username', 'give')); } if (email_exists($data['give_user_email'])) { give_set_error('email_unavailable', __('Email address already taken', 'give')); } if (empty($data['give_user_email']) || !is_email($data['give_user_email'])) { give_set_error('email_invalid', __('Invalid email', 'give')); } if (!empty($data['give_payment_email']) && $data['give_payment_email'] != $data['give_user_email'] && !is_email($data['give_payment_email'])) { give_set_error('payment_email_invalid', __('Invalid payment email', 'give')); } if (empty($_POST['give_user_pass'])) { give_set_error('empty_password', __('Please enter a password', 'give')); } if (!empty($_POST['give_user_pass']) && empty($_POST['give_user_pass2']) || $_POST['give_user_pass'] !== $_POST['give_user_pass2']) { give_set_error('password_mismatch', __('Passwords do not match', 'give')); } do_action('give_process_register_form'); // Check for errors and redirect if none present $errors = give_get_errors(); if (empty($errors)) { $redirect = apply_filters('give_register_redirect', $data['give_redirect']); give_register_and_login_new_user(array('user_login' => $data['give_user_login'], 'user_pass' => $data['give_user_pass'], 'user_email' => $data['give_user_email'], 'user_registered' => date('Y-m-d H:i:s'), 'role' => get_option('default_role'))); wp_redirect($redirect); give_die(); } }