Exemplo n.º 1
0
function fflcommerce_cart($atts)
{
    unset(fflcommerce_session::instance()->selected_rate_id);
    // Process Discount Codes
    if (isset($_POST['apply_coupon']) && $_POST['apply_coupon'] && fflcommerce::verify_nonce('cart')) {
        $coupon_code = sanitize_title($_POST['coupon_code']);
        fflcommerce_cart::add_discount($coupon_code);
    } elseif (isset($_POST['calc_shipping']) && $_POST['calc_shipping'] && fflcommerce::verify_nonce('cart')) {
        // Update Shipping
        unset(fflcommerce_session::instance()->chosen_shipping_method_id);
        $country = $_POST['calc_shipping_country'];
        $state = $_POST['calc_shipping_state'];
        $postcode = $_POST['calc_shipping_postcode'];
        if ($postcode && !fflcommerce_validation::is_postcode($postcode, $country)) {
            fflcommerce::add_error(__('Please enter a valid postcode/ZIP.', 'fflcommerce'));
            $postcode = '';
        } elseif ($postcode) {
            $postcode = fflcommerce_validation::format_postcode($postcode, $country);
        }
        if ($country) {
            // Update customer location
            fflcommerce_customer::set_location($country, $state, $postcode);
            fflcommerce_customer::set_shipping_location($country, $state, $postcode);
            fflcommerce::add_message(__('Shipping costs updated.', 'fflcommerce'));
        } else {
            fflcommerce_customer::set_shipping_location('', '', '');
            fflcommerce::add_message(__('Shipping costs updated.', 'fflcommerce'));
        }
    } elseif (isset($_POST['shipping_rates'])) {
        $rates_params = explode(":", $_POST['shipping_rates']);
        $available_methods = fflcommerce_shipping::get_available_shipping_methods();
        $shipping_method = $available_methods[$rates_params[0]];
        if ($rates_params[1] != null) {
            fflcommerce_session::instance()->selected_rate_id = $rates_params[1];
        }
        $shipping_method->choose();
        // chooses the method selected by user.
    }
    // Re-Calc prices. This needs to happen every time the cart page is loaded and after checking post results.
    fflcommerce_cart::calculate_totals();
    $result = fflcommerce_cart::check_cart_item_stock();
    if (is_wp_error($result)) {
        fflcommerce::add_error($result->get_error_message());
    }
    fflcommerce_render('shortcode/cart', array('cart' => fflcommerce_cart::get_cart(), 'coupons' => fflcommerce_cart::get_coupons()));
}
 /**
  * Validate the checkout
  */
 public function validate_checkout()
 {
     if (fflcommerce_cart::is_empty()) {
         fflcommerce::add_error(sprintf(__('Sorry, your session has expired. <a href="%s">Return to homepage &rarr;</a>', 'fflcommerce'), home_url()));
     }
     // Process Discount Codes
     if (!empty($_POST['coupon_code'])) {
         $coupon = sanitize_title($_POST['coupon_code']);
         fflcommerce_cart::add_discount($coupon);
     }
     foreach (fflcommerce_cart::get_coupons() as $coupon) {
         fflcommerce_cart::is_valid_coupon($coupon);
     }
     // Checkout fields
     $this->posted['shipping_method'] = '';
     $this->posted['shipping_service'] = '';
     if (isset($_POST['shipping_method'])) {
         $shipping_method = fflcommerce_clean($_POST['shipping_method']);
         $shipping_data = explode(':', $shipping_method);
         $this->posted['shipping_method'] = $shipping_data[0];
         $this->posted['shipping_service'] = $shipping_data[1];
     }
     $this->posted['shiptobilling'] = isset($_POST['shiptobilling']) ? fflcommerce_clean($_POST['shiptobilling']) : '';
     $this->posted['payment_method'] = isset($_POST['payment_method']) ? fflcommerce_clean($_POST['payment_method']) : '';
     $this->posted['order_comments'] = isset($_POST['order_comments']) ? fflcommerce_clean($_POST['order_comments']) : '';
     $this->posted['terms'] = isset($_POST['terms']) ? fflcommerce_clean($_POST['terms']) : '';
     $this->posted['create_account'] = isset($_POST['create_account']) ? fflcommerce_clean($_POST['create_account']) : '';
     $this->posted['account_username'] = isset($_POST['account_username']) ? fflcommerce_clean($_POST['account_username']) : '';
     $this->posted['account_password'] = isset($_POST['account_password']) ? fflcommerce_clean($_POST['account_password']) : '';
     $this->posted['account_password_2'] = isset($_POST['account_password_2']) ? fflcommerce_clean($_POST['account_password_2']) : '';
     if (fflcommerce_cart::get_total(false) == 0) {
         $this->posted['payment_method'] = 'no_payment';
     }
     // establish customer billing and shipping locations
     if (fflcommerce_cart::ship_to_billing_address_only()) {
         $this->posted['shiptobilling'] = 'true';
     }
     $country = isset($_POST['billing_country']) ? fflcommerce_clean($_POST['billing_country']) : '';
     $state = isset($_POST['billing_state']) ? fflcommerce_clean($_POST['billing_state']) : '';
     $allowed_countries = FFLCommerce_Base::get_options()->get('fflcommerce_allowed_countries');
     if ($allowed_countries === 'specific') {
         $specific_countries = FFLCommerce_Base::get_options()->get('fflcommerce_specific_allowed_countries');
         if (!in_array($country, $specific_countries)) {
             fflcommerce::add_error(__('Invalid billing country.', 'fflcommerce'));
             return;
         }
     }
     if (fflcommerce_countries::country_has_states($country)) {
         $states = fflcommerce_countries::get_states($country);
         if (!in_array($state, array_keys($states))) {
             fflcommerce::add_error(__('Invalid billing state.', 'fflcommerce'));
             return;
         }
     }
     $postcode = isset($_POST['billing_postcode']) ? fflcommerce_clean($_POST['billing_postcode']) : '';
     $ship_to_billing = FFLCommerce_Base::get_options()->get('fflcommerce_ship_to_billing_address_only') == 'yes';
     fflcommerce_customer::set_location($country, $state, $postcode);
     if (FFLCommerce_Base::get_options()->get('fflcommerce_calc_shipping') == 'yes') {
         if ($ship_to_billing || !empty($_POST['shiptobilling'])) {
             fflcommerce_customer::set_shipping_location($country, $state, $postcode);
         } else {
             $country = isset($_POST['shipping_country']) ? fflcommerce_clean($_POST['shipping_country']) : '';
             $state = isset($_POST['shipping_state']) ? fflcommerce_clean($_POST['shipping_state']) : '';
             $postcode = isset($_POST['shipping_postcode']) ? fflcommerce_clean($_POST['shipping_postcode']) : '';
             if ($allowed_countries === 'specific') {
                 $specific_countries = FFLCommerce_Base::get_options()->get('fflcommerce_specific_allowed_countries');
                 if (!in_array($country, $specific_countries)) {
                     fflcommerce::add_error(__('Invalid shipping country.', 'fflcommerce'));
                     return;
                 }
             }
             if (fflcommerce_countries::country_has_states($country)) {
                 $states = fflcommerce_countries::get_states($country);
                 if (!in_array($state, array_keys($states))) {
                     fflcommerce::add_error(__('Invalid shipping state.', 'fflcommerce'));
                     return;
                 }
             }
             fflcommerce_customer::set_shipping_location($country, $state, $postcode);
         }
     }
     // Billing Information
     foreach ($this->billing_fields as $field) {
         $field = apply_filters('fflcommerce_billing_field', $field);
         $this->posted[$field['name']] = isset($_POST[$field['name']]) ? fflcommerce_clean($_POST[$field['name']]) : '';
         // Format
         if (isset($field['format'])) {
             switch ($field['format']) {
                 case 'postcode':
                     $this->posted[$field['name']] = strtolower(str_replace(' ', '', $this->posted[$field['name']]));
                     break;
             }
         }
         // Required
         if ($field['name'] == 'billing_state' && fflcommerce_customer::has_valid_shipping_state()) {
             $field['required'] = false;
         }
         if (isset($field['required']) && $field['required'] && empty($this->posted[$field['name']])) {
             fflcommerce::add_error($field['label'] . __(' (billing) is a required field.', 'fflcommerce'));
         }
         if ($field['name'] == 'billing_euvatno') {
             $vatno = isset($this->posted['billing_euvatno']) ? $this->posted['billing_euvatno'] : '';
             $vatno = str_replace(' ', '', $vatno);
             $country = fflcommerce_tax::get_customer_country();
             // strip any country code from the beginning of the number
             if (strpos($vatno, $country) === 0) {
                 $vatno = substr($vatno, strlen($country));
             }
             if ($vatno != '') {
                 $url = 'http://isvat.appspot.com/' . $country . '/' . $vatno . '/';
                 $httpRequest = curl_init();
                 curl_setopt($httpRequest, CURLOPT_FAILONERROR, true);
                 curl_setopt($httpRequest, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($httpRequest, CURLOPT_HEADER, false);
                 curl_setopt($httpRequest, CURLOPT_URL, $url);
                 $result = curl_exec($httpRequest);
                 curl_close($httpRequest);
                 if ($result === 'false') {
                     fflcommerce_log('EU VAT validation error with URL: ' . $url);
                     fflcommerce::add_error($field['label'] . __(' (billing) is not a valid VAT Number.  Leave it blank to disable VAT validation. (VAT may be charged depending on your location)', 'fflcommerce'));
                 } else {
                     $this->valid_euvatno = fflcommerce_countries::get_base_country() != fflcommerce_tax::get_customer_country() && fflcommerce_countries::is_eu_country(fflcommerce_tax::get_customer_country());
                 }
             }
         }
         // Validation
         if (isset($field['validate']) && !empty($this->posted[$field['name']])) {
             switch ($field['validate']) {
                 case 'phone':
                     if (!fflcommerce_validation::is_phone($this->posted[$field['name']])) {
                         fflcommerce::add_error($field['label'] . __(' (billing) is not a valid number.', 'fflcommerce'));
                     }
                     break;
                 case 'email':
                     if (!fflcommerce_validation::is_email($this->posted[$field['name']])) {
                         fflcommerce::add_error($field['label'] . __(' (billing) is not a valid email address.', 'fflcommerce'));
                     }
                     break;
                 case 'postcode':
                     if (!fflcommerce_validation::is_postcode($this->posted[$field['name']], $_POST['billing_country'])) {
                         fflcommerce::add_error($field['label'] . __(' (billing) is not a valid postcode/ZIP.', 'fflcommerce'));
                     } else {
                         $this->posted[$field['name']] = fflcommerce_validation::format_postcode($this->posted[$field['name']], $_POST['billing_country']);
                     }
                     break;
             }
         }
     }
     // Shipping Information
     if (fflcommerce_shipping::is_enabled() && !fflcommerce_cart::ship_to_billing_address_only() && empty($this->posted['shiptobilling'])) {
         foreach ($this->shipping_fields as $field) {
             $field = apply_filters('fflcommerce_shipping_field', $field);
             if (isset($_POST[$field['name']])) {
                 $this->posted[$field['name']] = fflcommerce_clean($_POST[$field['name']]);
             } else {
                 $this->posted[$field['name']] = '';
             }
             // Format
             if (isset($field['format'])) {
                 switch ($field['format']) {
                     case 'postcode':
                         $this->posted[$field['name']] = strtolower(str_replace(' ', '', $this->posted[$field['name']]));
                         break;
                 }
             }
             // Required
             if ($field['name'] == 'shipping_state' && fflcommerce_customer::has_valid_shipping_state()) {
                 $field['required'] = false;
             }
             if (isset($field['required']) && $field['required'] && empty($this->posted[$field['name']])) {
                 fflcommerce::add_error($field['label'] . __(' (shipping) is a required field.', 'fflcommerce'));
             }
             // Validation
             if (isset($field['validate']) && !empty($this->posted[$field['name']])) {
                 switch ($field['validate']) {
                     case 'postcode':
                         if (!fflcommerce_validation::is_postcode($this->posted[$field['name']], $country)) {
                             fflcommerce::add_error($field['label'] . __(' (shipping) is not a valid postcode/ZIP.', 'fflcommerce'));
                         } else {
                             $this->posted[$field['name']] = fflcommerce_validation::format_postcode($this->posted[$field['name']], $country);
                         }
                         break;
                 }
             }
         }
     }
     if ($this->must_register && empty($this->posted['create_account'])) {
         fflcommerce::add_error(__('Sorry, you must agree to creating an account', 'fflcommerce'));
     }
     if ($this->must_register || empty($user_id) && $this->posted['create_account']) {
         if (!$this->show_signup) {
             fflcommerce::add_error(__('Sorry, the shop owner has disabled guest purchases.', 'fflcommerce'));
         }
         if (empty($this->posted['account_username'])) {
             fflcommerce::add_error(__('Please enter an account username.', 'fflcommerce'));
         }
         if (empty($this->posted['account_password'])) {
             fflcommerce::add_error(__('Please enter an account password.', 'fflcommerce'));
         }
         if ($this->posted['account_password_2'] !== $this->posted['account_password']) {
             fflcommerce::add_error(__('Passwords do not match.', 'fflcommerce'));
         }
         // Check the username
         if (!validate_username($this->posted['account_username'])) {
             fflcommerce::add_error(__('Invalid email/username.', 'fflcommerce'));
         } elseif (username_exists($this->posted['account_username'])) {
             fflcommerce::add_error(__('An account is already registered with that username. Please choose another.', 'fflcommerce'));
         }
         // Check the e-mail address
         if (email_exists($this->posted['billing_email'])) {
             fflcommerce::add_error(__('An account is already registered with your email address. Please login.', 'fflcommerce'));
         }
     }
     // Terms
     if (!isset($_POST['update_totals']) && empty($this->posted['terms']) && fflcommerce_get_page_id('terms') > 0) {
         fflcommerce::add_error(__('You must accept our Terms &amp; Conditions.', 'fflcommerce'));
     }
     if (fflcommerce_cart::needs_shipping()) {
         // Shipping Method
         $available_methods = fflcommerce_shipping::get_available_shipping_methods();
         if (!isset($available_methods[$this->posted['shipping_method']])) {
             fflcommerce::add_error(__('Invalid shipping method.', 'fflcommerce'));
         }
     }
 }
 /**
  * Validate settings
  *
  * @since 1.3
  */
 public function validate_settings($input)
 {
     if (empty($_POST)) {
         return $input;
     }
     $defaults = $this->our_parser->these_options;
     $options = self::get_options();
     $current_options = $options->get_current_options();
     $valid_input = $current_options;
     // we start with the current options
     if (isset($_POST['fflcommerce_options_processed']) && wp_verify_nonce($_POST['fflcommerce_options_processed'], 'fflcommerce_options_processed')) {
         return $valid_input;
     }
     // Find the current TAB we are working with and use it's option settings
     $this_section = $this->get_current_tab_name();
     $tab = $this->our_parser->tabs[sanitize_title($this_section)];
     // with each option, get it's type and validate it
     if (!empty($tab)) {
         foreach ($tab as $setting) {
             if (isset($setting['id'])) {
                 // special case tax classes should be updated, they will do nothing if this is not the right TAB
                 if ($setting['id'] == 'fflcommerce_tax_rates') {
                     $valid_input['fflcommerce_tax_rates'] = $this->get_updated_tax_classes();
                     $options->set('fflcommerce_tax_rates', $valid_input['fflcommerce_tax_rates']);
                     continue;
                 }
                 // get this settings options
                 $option = array();
                 foreach ($defaults as $default_options) {
                     if (in_array($setting['id'], $default_options, true)) {
                         $option = $default_options;
                         break;
                     }
                 }
                 $value = isset($input[$setting['id']]) ? $input[$setting['id']] : false;
                 // we have a $setting
                 // $value has the WordPress user submitted value for this $setting
                 // $option has this $setting parameters
                 // validate for $option 'type' checking for a submitted $value
                 switch ($option['type']) {
                     case 'user_defined':
                         if (isset($option['update'])) {
                             if (is_callable($option['update'], true)) {
                                 $result = call_user_func($option['update']);
                                 $valid_input[$setting['id']] = $result;
                             }
                         }
                         break;
                     case 'multi_select_countries':
                         $countries = fflcommerce_countries::get_countries();
                         asort($countries);
                         $selected = array();
                         foreach ($countries as $key => $val) {
                             if (in_array($key, (array) $value)) {
                                 $selected[] = $key;
                             }
                         }
                         $valid_input[$setting['id']] = $selected;
                         break;
                     case 'checkbox':
                         // there will be no $value for a false checkbox, set it now
                         $valid_input[$setting['id']] = $value !== false ? 'yes' : 'no';
                         break;
                     case 'multicheck':
                         $selected = array();
                         foreach ($option['choices'] as $key => $val) {
                             if (isset($value[$key])) {
                                 $selected[$key] = true;
                             } else {
                                 $selected[$key] = false;
                             }
                         }
                         $valid_input[$setting['id']] = $selected;
                         break;
                     case 'text':
                     case 'longtext':
                     case 'textarea':
                         $valid_input[$setting['id']] = esc_attr(fflcommerce_clean($value));
                         break;
                     case 'codeblock':
                         $allowedtags = array('a' => array('href' => true, 'title' => true), 'img' => array('src' => true, 'title' => true, 'alt' => true), 'abbr' => array('title' => true), 'acronym' => array('title' => true), 'b' => array(), 'blockquote' => array('cite' => true), 'cite' => array(), 'code' => array(), 'script' => array('src' => true, 'language' => true, 'type' => true), 'del' => array('datetime' => true), 'em' => array(), 'i' => array(), 'q' => array('cite' => true), 'strike' => array(), 'strong' => array());
                         $valid_input[$setting['id']] = wp_kses($value, $allowedtags);
                         break;
                     case 'email':
                         $email = sanitize_email($value);
                         if ($email != $value) {
                             add_settings_error($setting['id'], 'fflcommerce_email_error', sprintf(__('You entered "%s" as the value for "%s" and it was not a valid email address.  It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name']), 'error');
                             $valid_input[$setting['id']] = $current_options[$setting['id']];
                         } else {
                             $valid_input[$setting['id']] = esc_attr(fflcommerce_clean($email));
                         }
                         break;
                     case 'decimal':
                         $cleaned = fflcommerce_clean($value);
                         if (!fflcommerce_validation::is_decimal($cleaned) && $cleaned != '') {
                             add_settings_error($setting['id'], 'fflcommerce_decimal_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid decimal number (may have leading negative sign, with optional decimal point, numbers 0-9).  It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error');
                             $valid_input[$setting['id']] = $current_options[$setting['id']];
                         } else {
                             $valid_input[$setting['id']] = $cleaned;
                         }
                         break;
                     case 'integer':
                         $cleaned = fflcommerce_clean($value);
                         if (!fflcommerce_validation::is_integer($cleaned) && $cleaned != '') {
                             add_settings_error($setting['id'], 'fflcommerce_integer_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid integer number (may have leading negative sign, numbers 0-9).  It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error');
                             $valid_input[$setting['id']] = $current_options[$setting['id']];
                         } else {
                             $valid_input[$setting['id']] = $cleaned;
                         }
                         break;
                     case 'natural':
                         $cleaned = fflcommerce_clean($value);
                         if (!fflcommerce_validation::is_natural($cleaned) && $cleaned != '') {
                             add_settings_error($setting['id'], 'fflcommerce_natural_error', sprintf(__('You entered "%s" as the value for "%s" in "%s" and it was not a valid natural number (numbers 0-9).  It was not saved and the original is still in use.', 'fflcommerce'), $value, $setting['name'], $setting['section']), 'error');
                             $valid_input[$setting['id']] = $current_options[$setting['id']];
                         } else {
                             $valid_input[$setting['id']] = $cleaned;
                         }
                         break;
                     default:
                         if (isset($value)) {
                             $valid_input[$setting['id']] = $value;
                         }
                         break;
                 }
                 if (isset($valid_input[$setting['id']])) {
                     $options->set($setting['id'], $valid_input[$setting['id']]);
                 }
             }
         }
     }
     // remove all fflcommerce_update_options actions on shipping classes when not on the shipping tab
     if ($this_section != __('Shipping', 'fflcommerce')) {
         $this->remove_update_options(fflcommerce_shipping::get_all_methods());
     }
     if ($this_section != __('Payment Gateways', 'fflcommerce')) {
         $this->remove_update_options(fflcommerce_payment_gateways::payment_gateways());
     }
     // Allow any hooked in option updating
     do_action('fflcommerce_update_options');
     $errors = get_settings_errors();
     if (empty($errors)) {
         add_settings_error('', 'settings_updated', sprintf(__('"%s" settings were updated successfully.', 'fflcommerce'), $this_section), 'updated');
     }
     foreach ($valid_input as $key => $value) {
         if (is_numeric($key)) {
             unset($valid_input[$key]);
         }
     }
     $_POST['fflcommerce_options_processed'] = wp_create_nonce('fflcommerce_options_processed');
     return $valid_input;
 }
Exemplo n.º 4
0
/**
 * AJAX validate postcode
 */
function fflcommerce_validate_postcode()
{
    check_ajax_referer('update-order-review', 'security');
    $postcode = (string) urldecode(stripslashes(strip_tags($_GET['postcode'])));
    if (empty($postcode)) {
        echo '0';
        exit;
    }
    $country = (string) urldecode(stripslashes(strip_tags($_GET['country'])));
    if (empty($country)) {
        echo '0';
        exit;
    }
    echo fflcommerce_validation::is_postcode($postcode, $country) ? '1' : '0';
    exit;
}