function handle_members_updates() { global $action, $page; wp_reset_vars(array('action', 'page')); if (isset($_GET['doaction']) || isset($_GET['doaction2'])) { if (addslashes($_GET['action']) == 'toggle' || addslashes($_GET['action2']) == 'toggle') { $action = 'bulk-toggle'; } } switch (addslashes($action)) { case 'removeheader': $this->dismiss_user_help($page); wp_safe_redirect(remove_query_arg('action')); break; case 'toggle': if (isset($_GET['member_id'])) { $user_id = (int) $_GET['member_id']; check_admin_referer('toggle-member_' . $user_id); $member = new M_Membership($user_id); if ($member->toggle_activation()) { wp_safe_redirect(add_query_arg('msg', 7, wp_get_referer())); } else { wp_safe_redirect(add_query_arg('msg', 8, wp_get_referer())); } } break; case 'bulk-toggle': check_admin_referer('bulk-members'); foreach ($_GET['users'] as $value) { if (is_numeric($value)) { $user_id = (int) $value; $member = new M_Membership($user_id); $member->toggle_activation(); } } wp_safe_redirect(add_query_arg('msg', 7, wp_get_referer())); break; case 'bulkaddlevel-level-complete': case 'addlevel-level-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $tolevel_id = (int) $_POST['tolevel_id']; if ($tolevel_id) { $member->add_level($tolevel_id); } } } $this->update_levelcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkdroplevel-level-complete': case 'droplevel-level-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $fromlevel_id = (int) $_POST['fromlevel_id']; if ($fromlevel_id) { $member->drop_level($fromlevel_id); } } } $this->update_levelcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkmovelevel-level-complete': case 'movelevel-level-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $fromlevel_id = (int) $_POST['fromlevel_id']; $tolevel_id = (int) $_POST['tolevel_id']; if ($fromlevel_id && $tolevel_id) { $member->move_level($fromlevel_id, $tolevel_id); } } } $this->update_levelcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkaddsub-sub-complete': case 'addsub-sub-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $tosub_id = $_POST['tosub_id']; if ($tosub_id) { $subs = explode('-', $tosub_id); if (count($subs) == 3) { $member->add_subscription($subs[0], $subs[1], $subs[2]); } } } } $this->update_levelcounts(); $this->update_subcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkdropsub-sub-complete': case 'dropsub-sub-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $fromsub_id = (int) $_POST['fromsub_id']; if ($fromsub_id) { $member->drop_subscription($fromsub_id); } } } $this->update_levelcounts(); $this->update_subcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkmovesub-sub-complete': case 'movesub-sub-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $fromsub_id = (int) $_POST['fromsub_id']; $tosub_id = $_POST['tosub_id']; if ($fromsub_id && $tosub_id) { $subs = explode('-', $tosub_id); if (count($subs) == 3) { $member->move_subscription($fromsub_id, $subs[0], $subs[1], $subs[2]); } } } } $this->update_levelcounts(); $this->update_subcounts(); wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; case 'bulkmovegateway-gateway-complete': case 'movegateway-gateway-complete': check_admin_referer($action); $members_id = $_POST['member_id']; $members = explode(',', $members_id); if ($members) { foreach ($members as $member_id) { $member = new M_Membership($member_id); $fromgateway = $_POST['fromgateway']; $togateway = $_POST['togateway']; if (!empty($fromgateway) && !empty($togateway)) { $relationships = $member->get_relationships(); foreach ($relationships as $rel) { if ($rel->usinggateway == $fromgateway) { $member->update_relationship_gateway($rel->rel_id, $fromgateway, $togateway); } } } } } wp_safe_redirect(add_query_arg('msg', 3, wp_get_original_referer())); break; } }
function handle_paypal_return() { // PayPal IPN handling code if ((isset($_POST['payment_status']) || isset($_POST['txn_type'])) && isset($_POST['custom'])) { if (get_option($this->gateway . "_paypal_status") == 'live') { $domain = 'https://www.paypal.com'; } else { $domain = 'https://www.sandbox.paypal.com'; } $req = 'cmd=_notify-validate'; if (!isset($_POST)) { $_POST = $HTTP_POST_VARS; } foreach ($_POST as $k => $v) { if (get_magic_quotes_gpc()) { $v = stripslashes($v); } $req .= '&' . $k . '=' . $v; } $header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n" . 'Content-Type: application/x-www-form-urlencoded' . "\r\n" . 'Content-Length: ' . strlen($req) . "\r\n" . "\r\n"; @set_time_limit(60); if ($conn = @fsockopen($domain, 80, $errno, $errstr, 30)) { fputs($conn, $header . $req); socket_set_timeout($conn, 30); $response = ''; $close_connection = false; while (true) { if (feof($conn) || $close_connection) { fclose($conn); break; } $st = @fgets($conn, 4096); if ($st === false) { $close_connection = true; continue; } $response .= $st; } $error = ''; $lines = explode("\n", str_replace("\r\n", "\n", $response)); // looking for: HTTP/1.1 200 OK if (count($lines) == 0) { $error = 'Response Error: Header not found'; } else { if (substr($lines[0], -7) != ' 200 OK') { $error = 'Response Error: Unexpected HTTP response'; } else { // remove HTTP header while (count($lines) > 0 && trim($lines[0]) != '') { array_shift($lines); } // first line will be empty, second line will have the result if (count($lines) < 2) { $error = 'Response Error: No content found in transaction response'; } else { if (strtoupper(trim($lines[1])) != 'VERIFIED') { $error = 'Response Error: Unexpected transaction response'; } } } } if ($error != '') { echo $error; exit; } } // handle cases that the system must ignore //if ($_POST['payment_status'] == 'In-Progress' || $_POST['payment_status'] == 'Partially-Refunded') exit; $new_status = false; // process PayPal response switch ($_POST['payment_status']) { case 'Partially-Refunded': break; case 'In-Progress': break; case 'Completed': case 'Processed': // case: successful payment $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], ''); // Added for affiliate system link do_action('membership_payment_processed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Reversed': // case: charge back $note = 'Last transaction has been reversed. Reason: Payment has been reversed (charge back)'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); $member->deactivate(); } do_action('membership_payment_reversed', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Refunded': // case: refund $note = 'Last transaction has been reversed. Reason: Payment has been refunded'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); } do_action('membership_payment_refunded', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Denied': // case: denied $note = 'Last transaction has been reversed. Reason: Payment Denied'; $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); $member = new M_Membership($user_id); if ($member) { $member->expire_subscription($sub_id); $member->deactivate(); } do_action('membership_payment_denied', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; case 'Pending': // case: payment is pending $pending_str = array('address' => 'Customer did not include a confirmed shipping address', 'authorization' => 'Funds not captured yet', 'echeck' => 'eCheck that has not cleared yet', 'intl' => 'Payment waiting for aproval by service provider', 'multi-currency' => 'Payment waiting for service provider to handle multi-currency process', 'unilateral' => 'Customer did not register or confirm his/her email yet', 'upgrade' => 'Waiting for service provider to upgrade the PayPal account', 'verify' => 'Waiting for service provider to verify his/her PayPal account', '*' => ''); $reason = @$_POST['pending_reason']; $note = 'Last transaction is pending. Reason: ' . (isset($pending_str[$reason]) ? $pending_str[$reason] : $pending_str['*']); $amount = $_POST['mc_gross']; $currency = $_POST['mc_currency']; list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $this->record_transaction($user_id, $sub_id, $amount, $currency, $timestamp, $_POST['txn_id'], $_POST['payment_status'], $note); do_action('membership_payment_pending', $user_id, $sub_id, $amount, $currency, $_POST['txn_id']); break; default: // case: various error cases } //check for subscription details switch ($_POST['txn_type']) { case 'subscr_signup': // start the subscription list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); // create_subscription $member = new M_Membership($user_id); if ($member) { $member->create_subscription($sub_id, $this->gateway); } do_action('membership_payment_subscr_signup', $user_id, $sub_id); break; case 'subscr_modify': // modify the subscription list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); // create_subscription $member = new M_Membership($user_id); if ($member) { // Remove the old subscription $member->drop_subscription($sub_id); // Join the new subscription $member->create_subscription((int) $_POST['item_number'], $this->gateway); // Timestamp the update update_user_meta($user_id, '_membership_last_upgraded', time()); } do_action('membership_payment_subscr_signup', $user_id, $sub_id); break; case 'subscr_cancel': // mark for removal list($timestamp, $user_id, $sub_id, $key) = explode(':', $_POST['custom']); $member = new M_Membership($user_id); if ($member) { $member->mark_for_expire($sub_id); } do_action('membership_payment_subscr_cancel', $user_id, $sub_id); break; case 'new_case': // a dispute if ($_POST['case_type'] == 'dispute') { // immediately suspend the account $member = new M_Membership($user_id); if ($member) { $member->deactivate(); } } do_action('membership_payment_new_case', $user_id, $sub_id, $_POST['case_type']); break; } } else { // Did not find expected POST variables. Possible access attempt from a non PayPal site. header('Status: 404 Not Found'); echo 'Error: Missing POST variables. Identification is not possible.'; exit; } }