/**
 * wpsc_display_form_fields()
 *
 * This function displays each of the form fields.  Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
 * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
 * via 'wpsc_account_form_field_your-billing-details'.
 *
 * @global <type> $wpdb
 * @global <type> $user_ID
 * @global <type> $wpsc_purchlog_statuses
 * @global <type> $gateway_checkout_form_fields
 */
function wpsc_display_form_fields()
{
    // Field display and Data saving function
    global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout;
    if (empty($wpsc_checkout)) {
        $wpsc_checkout = new wpsc_checout();
    }
    $meta_data = wpsc_get_customer_meta('checkout_details');
    $meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID);
    $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_set`, `checkout_order`;";
    $form_data = $wpdb->get_results($form_sql, ARRAY_A);
    foreach ($form_data as $form_field) {
        if (!empty($form_field['unique_name'])) {
            $ff_tag = $form_field['unique_name'];
        } else {
            $ff_tag = esc_html(strtolower(str_replace(' ', '-', $form_field['name'])));
        }
        if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
            $meta_data[$form_field['id']] = esc_html($meta_data[$form_field['id']]);
        }
        if ($form_field['type'] == 'heading') {
            echo "\n    <tr>\n      <td colspan='2'>\n\r";
            echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, esc_html($form_field['name'])) . "</strong>";
            echo "\n      </td>\n    </tr>\n\r";
        } else {
            $display = '';
            if (in_array($form_field['unique_name'], array('shippingstate', 'billingstate'))) {
                if ($form_field['unique_name'] == 'shippingstate') {
                    $country_field_id = wpsc_get_country_form_id_by_type('delivery_country');
                } else {
                    $country_field_id = wpsc_get_country_form_id_by_type('country');
                }
                $country = is_array($meta_data[$country_field_id]) ? $meta_data[$country_field_id][0] : $meta_data[$country_field_id];
                if (wpsc_has_regions($country)) {
                    $display = ' style="display:none;"';
                }
            }
            echo "\n\t\t      <tr{$display}>\n    \t\t    <td align='left'>\n\r";
            echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
            if ($form_field['mandatory'] == 1) {
                echo " *";
            }
            echo "\n        \t\t</td>\n\r\n        \t\t<td  align='left'>\n\r";
            switch ($form_field['type']) {
                case "city":
                case "delivery_city":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "address":
                case "delivery_address":
                case "textarea":
                    echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
                    break;
                case "text":
                    $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
                    echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "region":
                case "delivery_region":
                    echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
                    break;
                case "country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    $html_id = 'wpsc-profile-billing-country';
                    $js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\"";
                    echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (wpsc_has_regions($country_code)) {
                        $region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : '';
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>";
                    }
                    break;
                case "delivery_country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    $html_id = 'wpsc-profile-shipping-country';
                    $js = "onchange=\"wpsc_set_profile_country('{$html_id}', '" . $form_field['id'] . "');\"";
                    echo "<select id='{$html_id}' {$js} name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (wpsc_has_regions($country_code)) {
                        $region = isset($meta_data[$form_field['id']][1]) ? $meta_data[$form_field['id']][1] : '';
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $region) . "</select>";
                    }
                    break;
                case "email":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "select":
                    $options = $wpsc_checkout->get_checkout_options($form_field['id']);
                    $selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null;
                    ?>
						<select name='collected_data[<?php 
                    echo esc_attr($form_field['id']);
                    ?>
]'>
							<option value="-1"><?php 
                    _ex('Select an Option', 'Dropdown default on user log page', 'wpsc');
                    ?>
</option>
							<?php 
                    foreach ($options as $label => $value) {
                        ?>
								<option <?php 
                        selected($value, $selected);
                        ?>
 value="<?php 
                        echo esc_attr($value);
                        ?>
"><?php 
                        echo esc_html($label);
                        ?>
</option>
							<?php 
                    }
                    ?>
						</select>
					<?php 
                    break;
                case 'checkbox':
                case 'radio':
                    $checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array();
                    $options = $wpsc_checkout->get_checkout_options($form_field['id']);
                    $field_name = "collected_data[{$form_field['id']}]";
                    if ($form_field['type'] == 'checkbox') {
                        $field_name .= '[]';
                    }
                    foreach ($options as $label => $value) {
                        ?>
							<label>
								<input <?php 
                        checked(in_array($value, $checked_values));
                        ?>
 type="<?php 
                        echo $form_field['type'];
                        ?>
" id="" name="collected_data[<?php 
                        echo esc_attr($form_field['id']);
                        ?>
][]" value="<?php 
                        echo esc_attr($value);
                        ?>
"  />
								<?php 
                        echo esc_html($label);
                        ?>
							</label><br />
						<?php 
                    }
                    break;
                default:
                    $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
                    echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
            }
            echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile');
            echo "\n        </td>\n      </tr>\n\r";
        }
    }
    /* Returns an empty array at this point, empty in regards to fields, does show the internalname though.  Needs to be reconsidered, even if it did work, need to check
    	 * functionality and PCI_DSS compliance
    
    	  if ( isset( $gateway_checkout_form_fields ) )
    	  {
    	  echo $gateway_checkout_form_fields;
    	  }
    	 */
}
function wpecom_user_mgmt()
{
    if (!current_user_can('edit_users')) {
        wp_die(__('You do not have sufficient permissions to access this page.'));
    }
    global $wpdb;
    echo "<p style='padding:20px 0 10px;'>";
    echo "<a href='admin.php?page=wpecomgmt&thepage=registered' style='float:left;'>";
    echo "Registered User Data</a>";
    echo "<a href='admin.php?page=wpecomgmt&thepage=unregistered' style='float:left;margin:0 0 0 20px;'>";
    echo "Unregistered User Data</a>";
    echo "</p>";
    echo "<hr style='width:100%;clear:both;' />";
    $thepage = $_GET["thepage"];
    $userinfo = $_GET["userinfo"];
    $runform = $_POST["runform"];
    $formids = $_POST["formids"];
    $log_id = $_POST["userinfo"];
    $formids = $wpdb->get_results("SELECT id,name,type FROM wp_wpsc_checkout_forms");
    if ($runform == 1) {
        foreach ($formids as $theids) {
            $id = $theids->id;
            $updateddata = $_POST[$id];
            $wpdb->query("UPDATE wp_wpsc_submited_form_data SET value='" . $updateddata . "' WHERE form_id=" . $id . " AND log_id=" . $log_id);
        }
    }
    if ($thepage == "registered") {
        /* If $userinfo hasn't filled with requested information, list all registered users */
        if ($userinfo < 1) {
            echo '<div class="wrap">';
            /* Checks how many registered users exist */
            $allUIDs = $wpdb->get_results("SELECT user_id FROM wp_usermeta");
            $allUIDs = max($allUIDs);
            $usercount = $allUIDs->user_id;
            $counter = 1;
            /* End Check */
            while ($counter <= $usercount) {
                $user_ID = $counter;
                $meta_data = get_usermeta($user_ID, 'wpshpcrt_usr_profile');
                if (isset($meta_data[2]) || isset($meta_data[3])) {
                    echo "<p style='padding:0 0 10px;'><a href='admin.php?page=wpecomgmt&thepage=registered&userinfo=" . $user_ID . "'>";
                    echo $meta_data[2] . " " . $meta_data[3];
                    echo "</a></p>";
                }
                $counter++;
            }
        } else {
            /* This displays individual user data */
            $user_ID = $userinfo;
            $any_bad_inputs = false;
            $changes_saved = false;
            $_SESSION['collected_data'] = null;
            if ($_POST['collected_data'] != null) {
                foreach ((array) $_POST['collected_data'] as $value_id => $value) {
                    $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `id` = '{$value_id}' LIMIT 1";
                    $form_data = $wpdb->get_results($form_sql, ARRAY_A);
                    $form_data = $form_data[0];
                    $bad_input = false;
                    if ($form_data['mandatory'] == 1) {
                        switch ($form_data['type']) {
                            case "email":
                                if (!preg_match("/^[a-zA-Z0-9._-]+@[a-zA-Z0-9-.]+\\.[a-zA-Z]{2,5}\$/", $value)) {
                                    $any_bad_inputs = true;
                                    $bad_input = true;
                                }
                                break;
                            case "delivery_country":
                                if ($value != null) {
                                    $_SESSION['delivery_country'] == $value;
                                }
                                break;
                            default:
                                break;
                        }
                        if ($bad_input === true) {
                            switch ($form_data['name']) {
                                case __('First Name', 'wpsc'):
                                    $bad_input_message .= __('Please enter a valid name', 'wpsc') . "";
                                    break;
                                case __('Last Name', 'wpsc'):
                                    $bad_input_message .= __('Please enter a valid surname', 'wpsc') . "";
                                    break;
                                case __('Email', 'wpsc'):
                                    $bad_input_message .= __('Please enter a valid email address', 'wpsc') . "";
                                    break;
                                case __('Address 1', 'wpsc'):
                                case __('Address 2', 'wpsc'):
                                    $bad_input_message .= __('Please enter a valid address', 'wpsc') . "";
                                    break;
                                case __('City', 'wpsc'):
                                    $bad_input_message .= __('Please enter your town or city.', 'wpsc') . "";
                                    break;
                                case __('Phone', 'wpsc'):
                                    $bad_input_message .= __('Please enter a valid phone number', 'wpsc') . "";
                                    break;
                                case __('Country', 'wpsc'):
                                    $bad_input_message .= __('Please select your country from the list.', 'wpsc') . "";
                                    break;
                                default:
                                    $bad_input_message .= __('Please enter a valid', 'wpsc') . " " . strtolower($form_data['name']) . ".";
                                    break;
                            }
                            $bad_input_message .= "<br />";
                        } else {
                            $meta_data[$value_id] = $value;
                        }
                    } else {
                        $meta_data[$value_id] = $value;
                    }
                }
                $new_meta_data = serialize($meta_data);
                update_usermeta($user_ID, 'wpshpcrt_usr_profile', $meta_data);
            }
            ?>
			<div class="wrap" style=''>
			<form method='post' action=''>
			<?php 
            if ($changes_saved == true) {
                echo __('Thanks, your changes have been saved.', 'wpsc');
            } else {
                echo $bad_input_message;
            }
            ?>
			<table>
			<?php 
            // arr, this here be where the data will be saved
            $meta_data = null;
            $saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';";
            $saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A);
            $meta_data = get_usermeta($user_ID, 'wpshpcrt_usr_profile');
            $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `order`;";
            $form_data = $wpdb->get_results($form_sql, ARRAY_A);
            foreach ($form_data as $form_field) {
                $meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES);
                if ($form_field['type'] == 'heading') {
                } else {
                    if ($form_field['type'] == "country") {
                        continue;
                    }
                    echo "\n\t\t\t      <tr>\n\t\t\t        <td align='left'>\n\r";
                    echo $form_field['name'];
                    if ($form_field['mandatory'] == 1) {
                        if (!($form_field['type'] == 'country' || $form_field['type'] == 'delivery_country')) {
                            echo "*";
                        }
                    }
                    echo "\n\t\t\t        </td>\n\r\n\t\t\t        <td  align='left'>\n\r";
                    switch ($form_field['type']) {
                        case "text":
                        case "city":
                        case "delivery_city":
                            echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                            break;
                        case "address":
                        case "delivery_address":
                        case "textarea":
                            echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
                            break;
                        case "region":
                        case "delivery_region":
                            echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
                            break;
                        case "country":
                            break;
                        case "delivery_country":
                            echo "<select name='collected_data[" . $form_field['id'] . "]' >" . nzshpcrt_country_list($meta_data[$form_field['id']]) . "</select>";
                            break;
                        case "email":
                            echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                            break;
                        default:
                            echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                            break;
                    }
                    echo "\n\t\t\t        </td>\n\t\t\t      </tr>\n\r";
                }
            }
            ?>
			    <?php 
            if (isset($gateway_checkout_form_fields)) {
                echo $gateway_checkout_form_fields;
            }
            ?>
			    <tr>
			      <td>
			      </td>
			      <td>
			      <input type='hidden' value='true' name='submitwpcheckout_profile' />
			      <input type='submit' value='<?php 
            echo __('Save Profile', 'wpsc');
            ?>
' name='submit' />
			      </td>
			    </tr>
			</table>
			</form>
			</div><?php 
        }
    } elseif ($thepage == "unregistered") {
        if ($userinfo < 1) {
            /* Checks how many unregistered users exist */
            $allUIDs = $wpdb->get_results("SELECT log_id FROM wp_wpsc_submited_form_data");
            $allUIDs = max($allUIDs);
            $usercount = $allUIDs->log_id;
            $counter = 1;
            /* End Check */
            while ($counter <= $usercount) {
                $user_ID = $counter;
                $firstname = $wpdb->get_results("SELECT value FROM wp_wpsc_submited_form_data WHERE log_id=" . $user_ID . " AND form_id=2");
                $lastname = $wpdb->get_results("SELECT value FROM wp_wpsc_submited_form_data WHERE log_id=" . $user_ID . " AND form_id=3");
                $firstname = $firstname[0]->value;
                $lastname = $lastname[0]->value;
                if (isset($firstname) || isset($lastname)) {
                    echo "<p style='padding:0 0 10px;'><a href='admin.php?page=wpecomgmt&thepage=unregistered&userinfo=" . $user_ID . "'>";
                    echo $firstname . " " . $lastname;
                    echo "</a></p>";
                }
                $counter++;
            }
        } else {
            $user_ID = $userinfo;
            $formids = $wpdb->get_results("SELECT id,name,type FROM wp_wpsc_checkout_forms");
            echo "<div style='width:350px;'><form method='post' action=''>";
            foreach ($formids as $theids) {
                $id = $theids->id;
                $name = $theids->name;
                $type = $theids->type;
                $formdata = $wpdb->get_results("SELECT value FROM wp_wpsc_submited_form_data WHERE log_id=" . $userinfo . " AND form_id=" . $id);
                $formdata = $formdata[0]->value;
                switch ($type) {
                    case "heading":
                        echo "<span style='float:left;clear:both;margin:10px 0 10px;'>" . $name . "</span>";
                        break;
                }
                switch ($name) {
                    case "First Name":
                    case "Last Name":
                    case "City":
                    case "Zip Code":
                    case "Email":
                        echo "<span style='float:left;clear:both;margin:0 0 10px;'>" . $name . "</span>";
                        echo "<span style='float:right;'><input type='text' name='" . $id . "' value='" . $formdata . "' onblur=\"if (this.value == '') {this.value = '" . $formdata . "'; this.style.color = '#000000';}\" onfocus=\"if (this.value == '" . $formdata . "') {this.value = ''; this.style.color = '#000000'; }\"></input></span>";
                        break;
                    default:
                        if ($type != "heading" && $name != "Country" && $name != "State") {
                            echo "<span style='float:left;clear:both;'>" . $name . "</span>";
                            echo "<span style='float:right;'><input type='text' name='" . $id . "' value='" . $formdata . "' onblur=\"if (this.value == '') {this.value = '" . $formdata . "'; this.style.color = '#000000';}\" onfocus=\"if (this.value == '" . $formdata . "') {this.value = ''; this.style.color = '#000000'; }\"></input></span>";
                        }
                        break;
                }
            }
            echo "<input type='hidden' value='1' name='runform' />";
            echo "<input type='hidden' value='" . $formids . "' name='formids' />";
            echo "<input type='hidden' value='" . $userinfo . "' name='userinfo' />";
            echo "<input type='submit' value='Submit' name='submit' style='clear:both;float:left;margin:15px 0 0;' />";
            echo "</form></div>";
        }
    }
}
Exemplo n.º 3
0
     }
     echo "\n        </td>\n\r\n        <td  align='left'>\n\r";
     switch ($form_field['type']) {
         case "text":
         case "city":
         case "delivery_city":
             echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
             break;
         case "address":
         case "delivery_address":
         case "textarea":
             echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
             break;
         case "region":
         case "delivery_region":
             echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
             break;
         case "country":
             break;
         case "delivery_country":
             echo "<select name='collected_data[" . $form_field['id'] . "]' >" . nzshpcrt_country_list($meta_data[$form_field['id']]) . "</select>";
             break;
         case "email":
             echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
             break;
         default:
             echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
             break;
     }
     echo "\n        </td>\n      </tr>\n\r";
 }
Exemplo n.º 4
0
function _wpsc_change_profile_country()
{
    global $wpdb;
    $country_field_id = $_REQUEST['form_id'];
    $country = $_REQUEST['country'];
    $sql = $wpdb->prepare('SELECT unique_name FROM `' . WPSC_TABLE_CHECKOUT_FORMS . '` WHERE `id`= %d', $country_field_id);
    $country_field_unique_name = $wpdb->get_var($sql);
    $has_regions = wpsc_has_regions($country);
    $response = array('has_regions' => $has_regions);
    $region_unique_name = 'shippingstate';
    if ($country_field_unique_name == 'billingcountry') {
        $region_unique_name = 'billingstate';
    }
    $sql = $wpdb->prepare('SELECT id FROM ' . WPSC_TABLE_CHECKOUT_FORMS . ' WHERE unique_name=%s AND active="1"', $region_unique_name);
    $response['region_field_id'] = $wpdb->get_var($sql);
    if ($has_regions) {
        $response['html'] = "<select name='collected_data[" . $country_field_id . "][1]'>" . nzshpcrt_region_list($country, '') . "</select>";
    }
    echo json_encode($response);
    exit;
}
/**
 * wpsc_display_form_fields()
 *
 * This function displays each of the form fields.  Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
 * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
 * via 'wpsc_account_form_field_your-billing-details'.
 *
 * @global <type> $wpdb
 * @global <type> $user_ID
 * @global <type> $wpsc_purchlog_statuses
 * @global <type> $gateway_checkout_form_fields
 */
function wpsc_display_form_fields()
{
    // Field display and Data saving function
    global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields, $wpsc_checkout;
    if (empty($wpsc_checkout)) {
        $wpsc_checkout = new WPSC_Checkout();
    }
    $meta_data = null;
    $saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';";
    $saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A);
    $meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
    $meta_data = apply_filters('wpsc_user_log_get', $meta_data, $user_ID);
    $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;";
    $form_data = $wpdb->get_results($form_sql, ARRAY_A);
    foreach ($form_data as $form_field) {
        if (!empty($form_field['unique_name'])) {
            $ff_tag = $form_field['unique_name'];
        } else {
            $ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8');
        }
        if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
            $meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8');
        }
        if ($form_field['type'] == 'heading') {
            echo "\n    <tr>\n      <td colspan='2'>\n\r";
            echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>";
            echo "\n      </td>\n    </tr>\n\r";
        } else {
            $continue = true;
            if ($form_field['unique_name'] == 'billingstate') {
                $selected_country_id = wpsc_get_country_form_id_by_type('country');
                if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) {
                    $continue = false;
                } else {
                    $continue = true;
                }
            }
            if ($form_field['unique_name'] == 'shippingstate') {
                $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
                if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) {
                    $shipping_form_field = $form_field;
                    $continue = false;
                } else {
                    $continue = true;
                }
            }
            if ($continue) {
                echo "\n\t\t\t      <tr>\n\t    \t\t    <td align='left'>\n\r";
                echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
                if ($form_field['mandatory'] == 1) {
                    echo " *";
                }
                echo "\n\t        \t\t</td>\n\r\n\t        \t\t<td  align='left'>\n\r";
            }
            switch ($form_field['type']) {
                case "city":
                case "delivery_city":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "address":
                case "delivery_address":
                case "textarea":
                    echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
                    break;
                case "text":
                    $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
                    if ($continue) {
                        echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
                    } elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($value)) {
                    }
                    break;
                case "region":
                case "delivery_region":
                    echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
                    break;
                case "country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (isset($meta_data[$form_field['id']][1])) {
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
                    }
                    break;
                case "delivery_country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (is_array($meta_data[$form_field['id']])) {
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
                    } elseif (isset($shipping_form_field)) {
                        echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>";
                    }
                    break;
                case "email":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "select":
                    $options = $wpsc_checkout->get_checkout_options($form_field['id']);
                    $selected = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : null;
                    ?>
						<select name='collected_data["<?php 
                    echo esc_attr($form_field['id']);
                    ?>
"]'>
							<option value="-1"><?php 
                    _ex('Select an Option', 'Dropdown default on user log page', 'wpsc');
                    ?>
</option>
							<?php 
                    foreach ($options as $label => $value) {
                        ?>
								<option <?php 
                        selected($value, $selected);
                        ?>
 value="<?php 
                        echo esc_attr($value);
                        ?>
"><?php 
                        echo esc_html($label);
                        ?>
</option>
							<?php 
                    }
                    ?>
						</select>
					<?php 
                    break;
                case 'checkbox':
                case 'radio':
                    $checked_values = isset($meta_data[$form_field['id']]) ? (array) $meta_data[$form_field['id']] : array();
                    $options = $wpsc_checkout->get_checkout_options($form_field['id']);
                    $field_name = "collected_data[{$form_field['id']}]";
                    if ($form_field['type'] == 'checkbox') {
                        $field_name .= '[]';
                    }
                    foreach ($options as $label => $value) {
                        ?>
							<label>
								<input <?php 
                        checked(in_array($value, $checked_values));
                        ?>
 type="<?php 
                        echo $form_field['type'];
                        ?>
" id="" name="collected_data[<?php 
                        echo esc_attr($form_field['id']);
                        ?>
][]" value="<?php 
                        echo esc_attr($value);
                        ?>
"  />
								<?php 
                        echo esc_html($label);
                        ?>
							</label><br />
						<?php 
                    }
                    break;
                default:
                    $value = isset($meta_data[$form_field['id']]) ? $meta_data[$form_field['id']] : '';
                    echo "<input type='text' value='" . $value . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
            }
            echo wp_nonce_field('wpsc_user_profile', '_wpsc_user_profile');
            echo "\n        </td>\n      </tr>\n\r";
        }
    }
    /* Returns an empty array at this point, empty in regards to fields, does show the internalname though.  Needs to be reconsidered, even if it did work, need to check
    	 * functionality and PCI_DSS compliance
    
    	  if ( isset( $gateway_checkout_form_fields ) )
    	  {
    	  echo $gateway_checkout_form_fields;
    	  }
    	 */
}
Exemplo n.º 6
0
/**
 * wpsc_display_form_fields()
 *
 * This function displays each of the form fields.  Each of them are filterable via 'wpsc_account_form_field_$tag' where tag is permalink-styled name or uniquename.
 * i.e. First Name under Shipping would be 'wpsc_account_form_field_shippingfirstname' - while Your Billing Details would be filtered
 * via 'wpsc_account_form_field_your-billing-details'.
 *
 * @global <type> $wpdb
 * @global <type> $user_ID
 * @global <type> $wpsc_purchlog_statuses
 * @global <type> $gateway_checkout_form_fields
 */
function wpsc_display_form_fields()
{
    // Field display and Data saving function
    global $wpdb, $user_ID, $wpsc_purchlog_statuses, $gateway_checkout_form_fields;
    $meta_data = null;
    $saved_data_sql = "SELECT * FROM `" . $wpdb->usermeta . "` WHERE `user_id` = '" . $user_ID . "' AND `meta_key` = 'wpshpcrt_usr_profile';";
    $saved_data = $wpdb->get_row($saved_data_sql, ARRAY_A);
    $meta_data = get_user_meta($user_ID, 'wpshpcrt_usr_profile', 1);
    $form_sql = "SELECT * FROM `" . WPSC_TABLE_CHECKOUT_FORMS . "` WHERE `active` = '1' ORDER BY `checkout_order`;";
    $form_data = $wpdb->get_results($form_sql, ARRAY_A);
    foreach ($form_data as $form_field) {
        if (!empty($form_field['unique_name'])) {
            $ff_tag = $form_field['unique_name'];
        } else {
            $ff_tag = htmlentities(stripslashes(strtolower(str_replace(' ', '-', $form_field['name']))), ENT_QUOTES, 'UTF-8');
        }
        if (!empty($meta_data[$form_field['id']]) && !is_array($meta_data[$form_field['id']])) {
            $meta_data[$form_field['id']] = htmlentities(stripslashes($meta_data[$form_field['id']]), ENT_QUOTES, 'UTF-8');
        }
        if ($form_field['type'] == 'heading') {
            echo "\n    <tr>\n      <td colspan='2'>\n\r";
            echo "<strong>" . apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']) . "</strong>";
            echo "\n      </td>\n    </tr>\n\r";
        } else {
            $continue = true;
            if ($form_field['unique_name'] == 'billingstate') {
                $selected_country_id = wpsc_get_country_form_id_by_type('country');
                if (is_array($meta_data[$selected_country_id]) && isset($meta_data[$selected_country_id][1])) {
                    $continue = false;
                } else {
                    $continue = true;
                }
            }
            if ($form_field['unique_name'] == 'shippingstate') {
                $delivery_country_id = wpsc_get_country_form_id_by_type('delivery_country');
                if (is_array($meta_data[$delivery_country_id]) && isset($meta_data[$delivery_country_id][1]) || is_numeric($meta_data[$form_field['id']])) {
                    $shipping_form_field = $form_field;
                    $continue = false;
                } else {
                    $continue = true;
                }
            }
            if ($continue) {
                echo "\n\t\t\t      <tr>\n\t    \t\t    <td align='left'>\n\r";
                echo apply_filters('wpsc_account_form_field_' . $ff_tag, $form_field['name']);
                if ($form_field['mandatory'] == 1) {
                    echo " *";
                }
                echo "\n\t        \t\t</td>\n\r\n\t        \t\t<td  align='left'>\n\r";
            }
            switch ($form_field['type']) {
                case "city":
                case "delivery_city":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                case "address":
                case "delivery_address":
                case "textarea":
                    echo "<textarea name='collected_data[" . $form_field['id'] . "]'>" . $meta_data[$form_field['id']] . "</textarea>";
                    break;
                case "text":
                    if ($continue) {
                        echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    } elseif ('shippingstate' == $form_field['unique_name'] && is_numeric($meta_data[$form_field['id']])) {
                    }
                    break;
                case "region":
                case "delivery_region":
                    echo "<select name='collected_data[" . $form_field['id'] . "]'>" . nzshpcrt_region_list($_SESSION['collected_data'][$form_field['id']]) . "</select>";
                    break;
                case "country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (isset($meta_data[$form_field['id']][1])) {
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
                    }
                    break;
                case "delivery_country":
                    if (is_array($meta_data[$form_field['id']])) {
                        $country_code = $meta_data[$form_field['id']][0];
                    } else {
                        $country_code = $meta_data[$form_field['id']];
                    }
                    echo "<select name='collected_data[" . $form_field['id'] . "][0]' >" . nzshpcrt_country_list($country_code) . "</select>";
                    if (is_array($meta_data[$form_field['id']])) {
                        echo "<br /><select name='collected_data[" . $form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$form_field['id']][1]) . "</select>";
                    } elseif (isset($shipping_form_field)) {
                        echo "<br /><select name='collected_data[" . $shipping_form_field['id'] . "][1]'>" . nzshpcrt_region_list($country_code, $meta_data[$shipping_form_field['id']]) . "</select>";
                    }
                    break;
                case "email":
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
                default:
                    echo "<input type='text' value='" . $meta_data[$form_field['id']] . "' name='collected_data[" . $form_field['id'] . "]' />";
                    break;
            }
            echo "\n        </td>\n      </tr>\n\r";
        }
    }
    /* Returns an empty array at this point, empty in regards to fields, does show the internalname though.  Needs to be reconsidered, even if it did work, need to check
    	 * functionality and PCI_DSS compliance
    
    	  if ( isset( $gateway_checkout_form_fields ) )
    	  {
    	  echo $gateway_checkout_form_fields;
    	  }
    	 */
}