PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 2.0.2
GiveWP – Donation Plugin and Fundraising Platform v2.0.2
4.16.3 4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / ajax-functions.php
give / includes Last commit date
admin 8 years ago api 8 years ago deprecated 8 years ago donors 8 years ago emails 8 years ago forms 8 years ago gateways 8 years ago libraries 8 years ago payments 8 years ago actions.php 8 years ago ajax-functions.php 8 years ago class-give-async-process.php 8 years ago class-give-background-updater.php 8 years ago class-give-cache.php 8 years ago class-give-cli-commands.php 8 years ago class-give-cron.php 8 years ago class-give-db-donor-meta.php 8 years ago class-give-db-donors.php 8 years ago class-give-db-form-meta.php 8 years ago class-give-db-logs-meta.php 8 years ago class-give-db-logs.php 8 years ago class-give-db-meta.php 8 years ago class-give-db-payment-meta.php 8 years ago class-give-db.php 8 years ago class-give-donate-form.php 8 years ago class-give-donor.php 8 years ago class-give-email-access.php 8 years ago class-give-gravatars.php 8 years ago class-give-html-elements.php 8 years ago class-give-license-handler.php 8 years ago class-give-logging.php 8 years ago class-give-roles.php 8 years ago class-give-session.php 8 years ago class-give-stats.php 8 years ago class-give-template-loader.php 9 years ago class-give-tooltips.php 8 years ago class-give-translation.php 8 years ago class-notices.php 8 years ago country-functions.php 8 years ago currency-functions.php 8 years ago error-tracking.php 8 years ago filters.php 8 years ago formatting.php 8 years ago import-functions.php 8 years ago install.php 8 years ago login-register.php 8 years ago misc-functions.php 8 years ago plugin-compatibility.php 8 years ago post-types.php 8 years ago price-functions.php 8 years ago process-donation.php 8 years ago scripts.php 8 years ago shortcodes.php 8 years ago template-functions.php 8 years ago user-functions.php 8 years ago
ajax-functions.php
589 lines
1 <?php
2 /**
3 * AJAX Functions
4 *
5 * Process the front-end AJAX actions.
6 *
7 * @package Give
8 * @subpackage Functions/AJAX
9 * @copyright Copyright (c) 2016, WordImpress
10 * @license https://opensource.org/licenses/gpl-license GNU Public License
11 * @since 1.0
12 */
13
14 // Exit if accessed directly.
15 if ( ! defined( 'ABSPATH' ) ) {
16 exit;
17 }
18
19 /**
20 * Check if AJAX works as expected
21 * Note: Do not use this function before init hook.
22 *
23 * @since 1.0
24 *
25 * @return bool True if AJAX works, false otherwise
26 */
27 function give_test_ajax_works() {
28 // Handle ajax.
29 if ( doing_action( 'wp_ajax_nopriv_give_test_ajax' ) ) {
30 wp_die( 0, 200 );
31 }
32
33 // Check if the Airplane Mode plugin is installed.
34 if ( class_exists( 'Airplane_Mode_Core' ) ) {
35
36 $airplane = Airplane_Mode_Core::getInstance();
37
38 if ( method_exists( $airplane, 'enabled' ) ) {
39
40 if ( $airplane->enabled() ) {
41 return true;
42 }
43 } else {
44
45 if ( 'on' === $airplane->check_status() ) {
46 return true;
47 }
48 }
49 }
50
51 add_filter( 'block_local_requests', '__return_false' );
52
53 if ( Give_Cache::get( '_give_ajax_works', true ) ) {
54 return true;
55 }
56
57 $params = array(
58 'sslverify' => false,
59 'timeout' => 30,
60 'body' => array(
61 'action' => 'give_test_ajax',
62 ),
63 );
64
65 $ajax = wp_remote_post( give_get_ajax_url(), $params );
66
67 $works = true;
68
69 if ( is_wp_error( $ajax ) ) {
70
71 $works = false;
72
73 } else {
74
75 if ( empty( $ajax['response'] ) ) {
76 $works = false;
77 }
78
79 if ( empty( $ajax['response']['code'] ) || 200 !== (int) $ajax['response']['code'] ) {
80 $works = false;
81 }
82
83 if ( empty( $ajax['response']['message'] ) || 'OK' !== $ajax['response']['message'] ) {
84 $works = false;
85 }
86
87 if ( ! isset( $ajax['body'] ) || 0 !== (int) $ajax['body'] ) {
88 $works = false;
89 }
90 }
91
92 if ( $works ) {
93 Give_Cache::set( '_give_ajax_works', '1', DAY_IN_SECONDS, true );
94 }
95
96 return apply_filters( 'give_test_ajax_works', $works );
97 }
98
99 add_action( 'wp_ajax_nopriv_give_test_ajax', 'give_test_ajax_works' );
100
101 /**
102 * Get AJAX URL
103 *
104 * @since 1.0
105 *
106 * @param array $query
107 *
108 * @return string
109 */
110 function give_get_ajax_url( $query = array() ) {
111 $scheme = defined( 'FORCE_SSL_ADMIN' ) && FORCE_SSL_ADMIN ? 'https' : 'admin';
112
113 $current_url = give_get_current_page_url();
114 $ajax_url = admin_url( 'admin-ajax.php', $scheme );
115
116 if ( preg_match( '/^https/', $current_url ) && ! preg_match( '/^https/', $ajax_url ) ) {
117 $ajax_url = preg_replace( '/^http/', 'https', $ajax_url );
118 }
119
120 if ( ! empty( $query ) ) {
121 $ajax_url = add_query_arg( $query, $ajax_url );
122 }
123
124 return apply_filters( 'give_ajax_url', $ajax_url );
125 }
126
127 /**
128 * Loads Checkout Login Fields via AJAX
129 *
130 * @since 1.0
131 *
132 * @return void
133 */
134 function give_load_checkout_login_fields() {
135 /**
136 * Fire when render login fields via ajax.
137 *
138 * @since 1.7
139 */
140 do_action( 'give_donation_form_login_fields' );
141
142 give_die();
143 }
144
145 add_action( 'wp_ajax_nopriv_give_checkout_login', 'give_load_checkout_login_fields' );
146
147 /**
148 * Load Checkout Fields
149 *
150 * @since 1.3.6
151 *
152 * @return void
153 */
154 function give_load_checkout_fields() {
155 $form_id = isset( $_POST['form_id'] ) ? $_POST['form_id'] : '';
156
157 ob_start();
158
159 /**
160 * Fire to render registration/login form.
161 *
162 * @since 1.7
163 */
164 do_action( 'give_donation_form_register_login_fields', $form_id );
165
166 $fields = ob_get_clean();
167
168 wp_send_json( array(
169 'fields' => wp_json_encode( $fields ),
170 'submit' => wp_json_encode( give_get_donation_form_submit_button( $form_id ) ),
171 ) );
172 }
173
174 add_action( 'wp_ajax_nopriv_give_cancel_login', 'give_load_checkout_fields' );
175 add_action( 'wp_ajax_nopriv_give_checkout_register', 'give_load_checkout_fields' );
176
177 /**
178 * Get Form Title via AJAX (used only in WordPress Admin)
179 *
180 * @since 1.0
181 *
182 * @return void
183 */
184 function give_ajax_get_form_title() {
185 if ( isset( $_POST['form_id'] ) ) {
186 $title = get_the_title( $_POST['form_id'] );
187 if ( $title ) {
188 echo $title;
189 } else {
190 echo 'fail';
191 }
192 }
193 give_die();
194 }
195
196 add_action( 'wp_ajax_give_get_form_title', 'give_ajax_get_form_title' );
197 add_action( 'wp_ajax_nopriv_give_get_form_title', 'give_ajax_get_form_title' );
198
199 /**
200 * Retrieve a states drop down
201 *
202 * @since 1.0
203 *
204 * @return void
205 */
206 function give_ajax_get_states_field() {
207 $states_found = false;
208 $show_field = true;
209 $states_require = true;
210 // Get the Country code from the $_POST.
211 $country = sanitize_text_field( $_POST['country'] );
212
213 // Get the field name from the $_POST.
214 $field_name = sanitize_text_field( $_POST['field_name'] );
215
216 $label = __( 'State', 'give' );
217 $states_label = give_get_states_label();
218
219 $default_state = '';
220 if ( $country === give_get_country() ) {
221 $default_state = give_get_state();
222 }
223
224 // Check if $country code exists in the array key for states label.
225 if ( array_key_exists( $country, $states_label ) ) {
226 $label = $states_label[ $country ];
227 }
228
229 if ( empty( $country ) ) {
230 $country = give_get_country();
231 }
232
233 $states = give_get_states( $country );
234 if ( ! empty( $states ) ) {
235 $args = array(
236 'name' => $field_name,
237 'id' => $field_name,
238 'class' => $field_name . ' give-select',
239 'options' => $states,
240 'show_option_all' => false,
241 'show_option_none' => false,
242 'placeholder' => $label,
243 'selected' => $default_state,
244 );
245 $data = Give()->html->select( $args );
246 $states_found = true;
247 } else {
248 $data = 'nostates';
249
250 // Get the country list that does not have any states init.
251 $no_states_country = give_no_states_country_list();
252
253 // Check if $country code exists in the array key.
254 if ( array_key_exists( $country, $no_states_country ) ) {
255 $show_field = false;
256 }
257
258 // Get the country list that does not require states.
259 $states_not_required_country_list = give_states_not_required_country_list();
260
261 // Check if $country code exists in the array key.
262 if ( array_key_exists( $country, $states_not_required_country_list ) ) {
263 $states_require = false;
264 }
265 }
266 $response = array(
267 'success' => true,
268 'states_found' => $states_found,
269 'states_label' => $label,
270 'show_field' => $show_field,
271 'states_require' => $states_require,
272 'data' => $data,
273 'default_state' => $default_state,
274 );
275 wp_send_json( $response );
276 }
277
278 add_action( 'wp_ajax_give_get_states', 'give_ajax_get_states_field' );
279 add_action( 'wp_ajax_nopriv_give_get_states', 'give_ajax_get_states_field' );
280
281 /**
282 * Retrieve donation forms via AJAX for chosen dropdown search field.
283 *
284 * @since 1.0
285 *
286 * @return void
287 */
288 function give_ajax_form_search() {
289 global $wpdb;
290
291 $search = esc_sql( sanitize_text_field( $_GET['s'] ) );
292 $excludes = ( isset( $_GET['current_id'] ) ? (array) $_GET['current_id'] : array() );
293
294 $results = array();
295 if ( current_user_can( 'edit_give_forms' ) ) {
296 $items = $wpdb->get_results( "SELECT ID,post_title FROM $wpdb->posts WHERE `post_type` = 'give_forms' AND `post_title` LIKE '%$search%' LIMIT 50" );
297 } else {
298 $items = $wpdb->get_results( "SELECT ID,post_title FROM $wpdb->posts WHERE `post_type` = 'give_forms' AND `post_status` = 'publish' AND `post_title` LIKE '%$search%' LIMIT 50" );
299 }
300
301 if ( $items ) {
302
303 foreach ( $items as $item ) {
304
305 $results[] = array(
306 'id' => $item->ID,
307 'name' => $item->post_title,
308 );
309 }
310 } else {
311
312 $items[] = array(
313 'id' => 0,
314 'name' => __( 'No forms found.', 'give' ),
315 );
316
317 }
318
319 echo json_encode( $results );
320
321 give_die();
322 }
323
324 add_action( 'wp_ajax_give_form_search', 'give_ajax_form_search' );
325 add_action( 'wp_ajax_nopriv_give_form_search', 'give_ajax_form_search' );
326
327 /**
328 * Search the donors database via Ajax
329 *
330 * @since 1.0
331 *
332 * @return void
333 */
334 function give_ajax_donor_search() {
335 global $wpdb;
336
337 $search = esc_sql( sanitize_text_field( $_GET['s'] ) );
338 $results = array();
339 if ( ! current_user_can( 'view_give_reports' ) ) {
340 $donors = array();
341 } else {
342 $donors = $wpdb->get_results( "SELECT id,name,email FROM $wpdb->donors WHERE `name` LIKE '%$search%' OR `email` LIKE '%$search%' LIMIT 50" );
343 }
344
345 if ( $donors ) {
346
347 foreach ( $donors as $donor ) {
348
349 $results[] = array(
350 'id' => $donor->id,
351 'name' => $donor->name . ' (' . $donor->email . ')',
352 );
353 }
354 } else {
355
356 $donors[] = array(
357 'id' => 0,
358 'name' => __( 'No donors found.', 'give' ),
359 );
360
361 }
362
363 echo json_encode( $results );
364
365 give_die();
366 }
367
368 add_action( 'wp_ajax_give_donor_search', 'give_ajax_donor_search' );
369
370
371 /**
372 * Searches for users via ajax and returns a list of results
373 *
374 * @since 1.0
375 *
376 * @return void
377 */
378 function give_ajax_search_users() {
379
380 if ( current_user_can( 'manage_give_settings' ) ) {
381
382 $search = esc_sql( sanitize_text_field( $_GET['s'] ) );
383
384 $get_users_args = array(
385 'number' => 9999,
386 'search' => $search . '*',
387 );
388
389 $get_users_args = apply_filters( 'give_search_users_args', $get_users_args );
390
391 $found_users = apply_filters( 'give_ajax_found_users', get_users( $get_users_args ), $search );
392 $results = array();
393
394 if ( $found_users ) {
395
396 foreach ( $found_users as $user ) {
397
398 $results[] = array(
399 'id' => $user->ID,
400 'name' => esc_html( $user->user_login . ' (' . $user->user_email . ')' ),
401 );
402 }
403 } else {
404
405 $results[] = array(
406 'id' => 0,
407 'name' => __( 'No users found.', 'give' ),
408 );
409
410 }
411
412 echo json_encode( $results );
413
414 }// End if().
415
416 give_die();
417
418 }
419
420 add_action( 'wp_ajax_give_user_search', 'give_ajax_search_users' );
421
422
423 /**
424 * Check for Price Variations (Multi-level donation forms)
425 *
426 * @since 1.5
427 *
428 * @return void
429 */
430 function give_check_for_form_price_variations() {
431
432 if ( ! current_user_can( 'edit_give_forms', get_current_user_id() ) ) {
433 die( '-1' );
434 }
435
436 $form_id = intval( $_POST['form_id'] );
437 $form = get_post( $form_id );
438
439 if ( 'give_forms' !== $form->post_type ) {
440 die( '-2' );
441 }
442
443 if ( give_has_variable_prices( $form_id ) ) {
444 $variable_prices = give_get_variable_prices( $form_id );
445
446 if ( $variable_prices ) {
447 $ajax_response = '<select class="give_price_options_select give-select give-select" name="give_price_option">';
448
449 if ( isset( $_POST['all_prices'] ) ) {
450 $ajax_response .= '<option value="all">' . esc_html__( 'All Levels', 'give' ) . '</option>';
451 }
452
453 foreach ( $variable_prices as $key => $price ) {
454
455 $level_text = ! empty( $price['_give_text'] ) ? esc_html( $price['_give_text'] ) : give_currency_filter( give_format_amount( $price['_give_amount'], array( 'sanitize' => false ) ) );
456
457 $ajax_response .= '<option value="' . esc_attr( $price['_give_id']['level_id'] ) . '">' . $level_text . '</option>';
458 }
459 $ajax_response .= '</select>';
460 echo $ajax_response;
461 }
462 }
463
464 give_die();
465 }
466
467 add_action( 'wp_ajax_give_check_for_form_price_variations', 'give_check_for_form_price_variations' );
468
469
470 /**
471 * Check for Variation Prices HTML (Multi-level donation forms)
472 *
473 * @since 1.6
474 *
475 * @return void
476 */
477 function give_check_for_form_price_variations_html() {
478 if ( ! current_user_can( 'edit_give_payments', get_current_user_id() ) ) {
479 wp_die();
480 }
481
482 $form_id = ! empty( $_POST['form_id'] ) ? intval( $_POST['form_id'] ) : false;
483 $payment_id = ! empty( $_POST['payment_id'] ) ? intval( $_POST['payment_id'] ) : false;
484 if ( empty( $form_id ) || empty( $payment_id ) ) {
485 wp_die();
486 }
487
488 $form = get_post( $form_id );
489 if ( ! empty( $form->post_type ) && 'give_forms' !== $form->post_type ) {
490 wp_die();
491 }
492
493 if ( ! give_has_variable_prices( $form_id ) || ! $form_id ) {
494 esc_html_e( 'n/a', 'give' );
495 } else {
496 $prices_atts = array();
497 if ( $variable_prices = give_get_variable_prices( $form_id ) ) {
498 foreach ( $variable_prices as $variable_price ) {
499 $prices_atts[ $variable_price['_give_id']['level_id'] ] = give_format_amount( $variable_price['_give_amount'], array( 'sanitize' => false ) );
500 }
501 }
502
503 // Variable price dropdown options.
504 $variable_price_dropdown_option = array(
505 'id' => $form_id,
506 'name' => 'give-variable-price',
507 'chosen' => true,
508 'show_option_all' => '',
509 'show_option_none' => '',
510 'select_atts' => 'data-prices=' . esc_attr( json_encode( $prices_atts ) ),
511 );
512
513 if ( $payment_id ) {
514 // Payment object.
515 $payment = new Give_Payment( $payment_id );
516
517 // Payment meta.
518 $payment_meta = $payment->get_meta();
519 $variable_price_dropdown_option['selected'] = $payment_meta['price_id'];
520 }
521
522 // Render variable prices select tag html.
523 give_get_form_variable_price_dropdown( $variable_price_dropdown_option, true );
524 }
525
526 give_die();
527 }
528
529 add_action( 'wp_ajax_give_check_for_form_price_variations_html', 'give_check_for_form_price_variations_html' );
530
531 /**
532 * Send Confirmation Email For Complete Donation History Access.
533 *
534 * @since 1.8.17
535 *
536 * @return bool
537 */
538 function give_confirm_email_for_donation_access() {
539
540 // Verify Security using Nonce.
541 if ( ! check_ajax_referer( 'give_ajax_nonce', 'nonce' ) ) {
542 return false;
543 }
544
545 // Bail Out, if email is empty.
546 if ( empty( $_POST['email'] ) ) {
547 return false;
548 }
549
550 $donor = Give()->donors->get_donor_by( 'email', give_clean( $_POST['email'] ) );
551 if ( Give()->email_access->can_send_email( $donor->id ) ) {
552 $return = array();
553 $email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
554
555 if ( ! $email_sent ) {
556 $return['status'] = 'error';
557 $return['message'] = Give()->notices->print_frontend_notice(
558 __( 'Unable to send email. Please try again.', 'give' ),
559 false,
560 'error'
561 );
562 }
563
564 $return['status'] = 'success';
565 $return['message'] = Give()->notices->print_frontend_notice(
566 __( 'Please check your email and click on the link to access your complete donation history.', 'give' ),
567 false,
568 'success'
569 );
570
571
572 } else {
573 $value = Give()->email_access->verify_throttle / 60;
574 $return['status'] = 'error';
575 $return['message'] = Give()->notices->print_frontend_notice(
576 sprintf(
577 __( 'Too many access email requests detected. Please wait %s before requesting a new donation history access link.', 'give' ),
578 sprintf( _n( '%s minute', '%s minutes', $value, 'give' ), $value )
579 ),
580 false,
581 'error'
582 );
583 }
584
585 echo json_encode( $return );
586 give_die();
587 }
588
589 add_action( 'wp_ajax_nopriv_give_confirm_email_for_donations_access', 'give_confirm_email_for_donation_access' );