function _get_purchased_contents($post_types, $id, $start, $rows, $gifted = false) { global $wpdb; // array or string if (!is_array($post_types)) { $post_types = array($post_types); } // impode $post_types_in = mgm_map_for_in($post_types); // gifted $gifted_sql = $gifted ? "AND is_gift = 'Y'" : "AND is_gift = 'N'"; // from $sql_from = " FROM " . $wpdb->posts . " A JOIN " . TBL_MGM_POST_PURCHASES . " B ON(A.ID = B.post_id) \r\r\n\t\t\t\t\t WHERE post_status = 'publish' AND post_type IN ( {$post_types_in} ) {$gifted_sql}"; // sql $sql = "SELECT DISTINCT(A.ID), post_type, post_title, post_date, post_content, user_id,guest_token {$sql_from} \r\r\n\t\t ORDER BY post_date DESC LIMIT {$start},{$rows}"; // get posts $results = $wpdb->get_results($sql); // init $posts = array(); // check if ($results) { // loop foreach ($results as $post) { // get object $post_obj = mgm_get_post($post->ID); // check if (mgm_post_is_purchasable($post->ID, $post_obj)) { // stip short code $post->post_content = mgm_strip_shortcode($post->post_content); // access type $access_types = $post_obj->get_access_membership_types(); // access delay $access_delays = $post_obj->get_access_delay(); // init $access_settings = array(); // loop foreach ($access_types as $access_type) { // delay $delay = isset($access_delays[$access_type]) ? (int) $access_delays[$access_type] : 0; // set $access_settings[] = array('membership_type' => array('code' => $access_type, 'name' => mgm_get_membership_type_name($access_type)), 'access_delay' => sprintf(__('%d day', 'mgm'), $delay)); } // access $post->access_settings = $access_settings; // user if ((int) $post->user_id > 0) { // user $user = get_userdata($post->user_id); $user_info = array('by' => 'user', 'id' => $post->user_id, 'username' => $user->user_login, 'email' => $user->user_email); // gifted if ($gifted) { $post->gift = array_slice($user_info, 1); } else { $post->purchase = $user_info; } } else { $post->purchase = array('by' => 'guest', 'token' => $post->guest_token); } // unset unset($post->guest_token, $post->user_id); // set $posts[] = $post; } } } // return return $posts; }
function mgm_replace_message_tags($message, $user_id = NULL) { // get user if (!$user_id) { // cusrrent user $current_user = wp_get_current_user(); // set $user_id = $current_user->ID; } // int $logged_in = isset($current_user) && $current_user->ID > 0 ? true : false; // user if ($user_id > 0) { // get user $user = get_userdata($user_id); // mgm member $member = mgm_get_member($user_id); // set $username = $user->user_login; $name = mgm_str_concat($user->first_name, $user->last_name); $email = $user->user_email; $url = $user->user_url; $display_name = $user->display_name; $first_name = $user->first_name; $last_name = $user->last_name; $description = $user->description; $nickname = $user->nickname; // get active custom fields $custom_fields = mgm_get_class('member_custom_fields')->get_fields_where(array('display' => array('on_register' => true, 'on_profile' => true, 'on_public_profile' => true))); // init $custom_field_tags = array(); // loop foreach ($custom_fields as $custom_field) { // if already set skip it if (!isset(${$custom_field['name']}) || isset(${$custom_field['name']}) && empty(${$custom_field['name']})) { // check if (isset($member->custom_fields->{$custom_field}['name'])) { // skip password always if ($custom_field['name'] == 'password') { continue; } // value $value = $member->custom_fields->{$custom_field}['name']; // country if ($custom_field['name'] == 'country') { $value = mgm_country_from_code($value); } // set $custom_field_tags[$custom_field['name']] = $value; } } } } else { // get active custom fields $custom_fields = mgm_get_class('member_custom_fields')->get_fields_where(array('display' => array('on_register' => true, 'on_profile' => true, 'on_public_profile' => true))); // init $custom_field_tags = array(); // loop foreach ($custom_fields as $custom_field) { // set $custom_field_tags[$custom_field['name']] = ''; } } /* * [[purchase_cost]] = Cost and currency of a purchasable post * [[login_register]] = Login or register form * [[login_register_links]] = Links for login and register * [[login_link]] = Login link only * [[facebook_login_button]] = Facebook login button * [[register_link]] = Register link only * [[membership_types]] = A list of membership levels that can see this post/page * [[duration]] = number of days that the user will have access for * [[username]] = username * [[name]] = name / username * [[register]] = register form */ // post $post_id = get_the_ID(); // vars $system_obj = mgm_get_class('system'); $currency = $system_obj->setting['currency']; $post_obj = mgm_get_post($post_id); $duration = $post_obj->get_access_duration(); if (!$duration) { $duration = __('unlimited', 'mgm'); } $purchase_cost = $post_obj->purchase_cost; $currency_sign = mgm_get_currency_symbols($system_obj->setting['currency']); // these function calls are called repeadtedly as filter is used in multiple places // call only when tag present in message // [login_register_links] if (preg_match('/[[login_register_links]]/', $message)) { $login_register_links = !$logged_in ? mgm_get_login_register_links() : ''; } // [login_link] if (preg_match('/[[login_link]]/', $message)) { $login_link = !$logged_in ? mgm_get_login_link() : ''; } // [facebook_login_button] if (preg_match('/[[facebook_login_button]]/', $message)) { $facebook_login_button = !$logged_in ? mgm_generate_facebook_login() : ''; } // [register_link] if (preg_match('/[[register_link]]/', $message)) { $register_link = !$logged_in ? mgm_get_register_link() : ''; } // [login_register] if (preg_match('/[[login_register]]/', $message)) { $login_register = !$logged_in ? mgm_sidebar_user_login_form(__('Register', 'mgm')) : ''; } // [register] if (preg_match('/[[register]]/', $message)) { $register = !$logged_in ? mgm_user_register_form() : ''; } // membership type if (!($membership_types = $post_obj->get_access_membership_types())) { // purchasble if (mgm_post_is_purchasable($post_id)) { $membership_types = 'Purchasable Only'; } else { // access $membership_types = 'No access'; } } else { // get object $membership_types_obj = mgm_get_class('membership_types'); // init array $ms_types_array = array(); // loop foreach ($membership_types as $membership_type) { // set if (isset($membership_types_obj->membership_types[$membership_type])) { $ms_types_array[] = $membership_types_obj->membership_types[$membership_type]; } } // reset $membership_types = implode(', ', $ms_types_array); // unset unset($ms_types_array); } // loop defined $tags = array('purchase_cost', 'login_register', 'login_register_links', 'login_link', 'register_link', 'membership_types', 'duration', 'register', 'username', 'name', 'email', 'url', 'display_name', 'first_name', 'last_name', 'description', 'nickname', 'facebook_login_button', 'currency_sign'); // loop foreach ($tags as $tag) { // check if (!isset(${$tag})) { ${$tag} = ''; } // set $message = str_replace('[[' . $tag . ']]', ${$tag}, $message); } // custom_field_tags if (is_array($custom_field_tags)) { // loop foreach ($custom_field_tags as $tag => $value) { // check if (!isset($value)) { $value = ''; } // set $message = str_replace('[[' . $tag . ']]', $value, $message); } } // return return $message; }
/** * url content protection */ function mgm_url_content_protection($content) { // return 'Protected'; $system_obj = mgm_get_class('system'); // check $current_user = wp_get_current_user(); // message code if ($current_user->ID) { // logged in user $message_code = mgm_post_is_purchasable() ? 'private_text_purchasable' : 'private_text_no_access'; } else { // logged out user $message_code = mgm_post_is_purchasable() ? 'private_text_purchasable_login' : 'private_text'; } // protected_message $protected_message = sprintf('<div class="mgm_private_no_access">%s</div>', mgm_private_text_tags(mgm_stripslashes_deep($system_obj->get_template($message_code, array(), true)))); // filter message $protected_message = mgm_replace_message_tags($protected_message); // return return $content = $protected_message; }
/** * check user access to post, uses rss_token form GET to restrict rss feed * * @package MagicMembers * @since 2.5 * @param int post id * @param boolen purchasable * @return boolen access */ function mgm_user_has_access($post_id = false, $allow_on_purchasable = false) { global $user_data, $wpdb; // current user $current_user = wp_get_current_user(); // get user by username if (isset($_GET['username']) && isset($_GET['password'])) { // ? who did this? and why $user = wp_authenticate(strip_tags($_GET['username']), strip_tags($_GET['password'])); } else { if (is_feed() && isset($_GET['token']) && mgm_use_rss_token()) { // added feed check while updating iss#676 // get user by rss token, only for feed $user = mgm_get_user_by_token(strip_tags($_GET['token'])); } else { // else get current use if logged in $user = $current_user; } } // default return $return = false; // post id if (!$post_id) { $post_id = get_the_id(); } // if post if ($post_id) { // get post data $post = get_post($post_id); // check if purchasable $purchasable = mgm_post_is_purchasable($post_id); // check publish status $is_published = $post->post_status == 'publish'; // allow if set if ($allow_on_purchasable && $purchasable) { // if purchasable $return = true; } else { if (isset($user->caps['administrator'])) { // if admin $return = true; } else { if (!$is_published) { // not published // Issue #1043. Allow access to the user with editor permissions $return = mgm_has_preview_permissions($user->ID, isset($post->post_type) ? $post->post_type : null); } else { // check other access // get mgm post data $post_obj = mgm_get_post($post_id); // allowed types $allowed_membership_types = $post_obj->get_access_membership_types(); // user membership types, including other membeship levels $user_membership_types = array(); // logged in user if ($user->ID > 0) { // current user type // $membership_type = mgm_get_user_membership_type($user->ID, 'code'); // status is implied through the type. $user_membership_types = mgm_get_subscribed_membershiptypes($user->ID); } // end user check // not defined, use guest if (empty($user_membership_types)) { $user_membership_types = array('guest'); } // check accessible membership types for current post first if (array_diff($allowed_membership_types, $user_membership_types) != $allowed_membership_types) { // if any match found // set access $return = true; // check hide content if ($user->ID > 0) { // get member $member = mgm_get_member($user->ID); // return on pack join - issue #1227 if (in_array(strtolower($member->membership_type), $allowed_membership_types)) { $return = mgm_check_post_packjoin($member, $post); } else { $return = false; } // no access if (!$return) { // check other memberships if any: if (isset($member->other_membership_types) && is_array($member->other_membership_types) && count($member->other_membership_types) > 0) { // loop foreach ($member->other_membership_types as $key => $other_membership_types) { // other membership types $other_membership_types = mgm_convert_array_to_memberobj($other_membership_types, $user->ID); // check status if (isset($other_membership_types->status) && in_array($other_membership_types->status, array(MGM_STATUS_ACTIVE, MGM_STATUS_AWAITING_CANCEL))) { // check pack again - issue #1227 $return = mgm_check_post_packjoin($other_membership_types, $post); //stop if any of the packs returned true if ($return === TRUE) { break; } } } } } } } // on access, also check duration and type if ($return == true && $user->ID > 0) { // check membership wise min duration $access_delay = $post_obj->access_delay; // check - issue #1227 if (in_array(strtolower($member->membership_type), $user_membership_types) && in_array($member->status, array(MGM_STATUS_ACTIVE, MGM_STATUS_AWAITING_CANCEL)) && in_array(strtolower($member->membership_type), $allowed_membership_types)) { $return = mgm_check_post_access_delay($member, $user, $access_delay); } else { $return = false; } // if no access if (!$return) { //check other memberships if any: if (isset($member->other_membership_types) && is_array($member->other_membership_types) && count($member->other_membership_types) > 0) { // loop foreach ($member->other_membership_types as $key => $other_membership_types) { // convert $other_membership_types = mgm_convert_array_to_memberobj($other_membership_types, $user->ID); // check - issue #1227 if (isset($other_membership_types->membership_type) && in_array(strtolower($other_membership_types->membership_type), $user_membership_types) && in_array($other_membership_types->status, array(MGM_STATUS_ACTIVE, MGM_STATUS_AWAITING_CANCEL)) && in_array(strtolower($other_membership_types->membership_type), $allowed_membership_types)) { // return $return = mgm_check_post_access_delay($other_membership_types, $user, $access_delay); //stop if any of the packs returned true if ($return === TRUE) { break; } } } } } } // if not accessible yet, check purchasable for logged in user/user by token ONLY! if (!$return) { // on purchasable, check user has purchased and access expired if ($purchasable) { // logged in user if ($user->ID > 0) { // true/false $return = mgm_user_has_purchased_post($post_id, $user->ID); } else { // guest token if (isset($_GET['guest_token'])) { $return = mgm_user_has_purchased_post($post_id, NULL, strip_tags($_GET['guest_token'])); } } } } } } } } // user id $user_id = isset($user->ID) ? $user->ID : 0; // apply filter and return return apply_filters('mgm_user_has_access_additional', $return, $post_id, $user_id, $allow_on_purchasable); }