PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / 3.19.3
GiveWP – Donation Plugin and Fundraising Platform v3.19.3
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / admin / payments / actions.php
give / includes / admin / payments Last commit date
actions.php 3 years ago class-payments-table.php 2 years ago payments-history.php 4 years ago view-payment-details.php 2 years ago
actions.php
483 lines
1 <?php
2 /**
3 * Admin Payment Actions
4 *
5 * @package Give
6 * @subpackage Admin/Payments
7 * @copyright Copyright (c) 2016, GiveWP
8 * @license https://opensource.org/licenses/gpl-license GNU Public License
9 * @since 1.0
10 */
11
12 // Exit if accessed directly.
13 use Give\Donations\ValueObjects\DonationMetaKeys;
14
15 if (!defined('ABSPATH')) {
16 exit;
17 }
18
19 /**
20 *
21 * Process the payment details edit
22 *
23 * @since 2.27.0 Change to save comment to donations meta table
24 * @since 1.0
25 *
26 * @access private
27 *
28 * @param array $data Donation data.
29 *
30 * @return void
31 */
32 function give_update_payment_details( $data ) {
33
34 if ( ! current_user_can( 'edit_give_payments', $data['give_payment_id'] ) ) {
35 wp_die( __( 'You do not have permission to edit payments.', 'give' ), __( 'Error', 'give' ), array( 'response' => 403 ) );
36 }
37
38 check_admin_referer( 'give_update_payment_details_nonce' );
39
40 // Retrieve the payment ID.
41 $payment_id = absint( $data['give_payment_id'] );
42
43 /* @var Give_Payment $payment */
44 $payment = new Give_Payment( $payment_id );
45
46 $status = $data['give-payment-status'];
47 $hour = sanitize_text_field( $data['give-payment-time-hour'] );
48
49 // Restrict to our high and low.
50 if ( $hour > 23 ) {
51 $hour = 23;
52 } elseif ( $hour < 0 ) {
53 $hour = 00;
54 }
55
56 $minute = sanitize_text_field( $data['give-payment-time-min'] );
57
58 // Restrict to our high and low.
59 if ( $minute > 59 ) {
60 $minute = 59;
61 } elseif ( $minute < 0 ) {
62 $minute = 00;
63 }
64
65 $address = give_clean( $data['give-payment-address'][0] );
66
67 $curr_total = $payment->total;
68 $new_total = give_maybe_sanitize_amount( ( ! empty( $data['give-payment-total'] ) ? $data['give-payment-total'] : 0 ) );
69 $date = date( 'Y-m-d', strtotime( give_clean( $data['give-payment-date'] ) ) ) . ' ' . $hour . ':' . $minute . ':00';
70
71 $curr_donor_id = sanitize_text_field( $data['give-current-donor'] );
72 $new_donor_id = sanitize_text_field( $data['donor-id'] );
73
74 /**
75 * Fires before updating edited donation.
76 *
77 * @since 1.0
78 * @since 1.8.9 Changes hook name give_update_edited_purchase -> give_update_edited_donation
79 *
80 * @param int $payment_id The ID of the payment.
81 */
82 do_action( 'give_update_edited_donation', $payment_id );
83
84 $payment->date = $date;
85 $payment->anonymous = isset( $data['give_anonymous_donation'] ) ? absint( $data['give_anonymous_donation'] ) : 0;
86
87 $updated = $payment->save();
88
89 if ( 0 === $updated ) {
90 wp_die( __( 'Error Updating Donation.', 'give' ), __( 'Error', 'give' ), array( 'response' => 400 ) );
91 }
92
93 $donor_changed = false;
94
95 if ( isset( $data['give-new-donor'] ) && $data['give-new-donor'] == '1' ) {
96
97 $email = ! empty( $data['give-new-donor-email'] ) ? sanitize_text_field( $data['give-new-donor-email'] ) : '';
98 $first_name = ! empty( $data['give-new-donor-first-name'] ) ? sanitize_text_field( $data['give-new-donor-first-name'] ) : '';
99 $last_name = ! empty( $data['give-new-donor-last-name'] ) ? sanitize_text_field( $data['give-new-donor-last-name'] ) : '';
100 $names = strip_tags( wp_unslash( trim( "{$first_name} {$last_name}" ) ) );
101
102 if ( empty( $email ) || empty( $first_name ) ) {
103 wp_die( __( 'New Donor requires first name and email address.', 'give' ), __( 'Error', 'give' ), array( 'response' => 400 ) );
104 }
105
106 $donor = new Give_Donor( $email );
107 if ( empty( $donor->id ) ) {
108 $donor_data = array(
109 'name' => $names,
110 'email' => $email,
111 );
112 $user_id = email_exists( $email );
113 if ( false !== $user_id ) {
114 $donor_data['user_id'] = $user_id;
115 }
116
117 if ( ! $donor->create( $donor_data ) ) {
118 // Failed to create the new donor, assume the previous donor.
119 $donor_changed = false;
120 $donor = new Give_Donor( $curr_donor_id );
121 give_set_error( 'give-payment-new-donor-fail', __( 'Error creating new donor.', 'give' ) );
122 }
123 }
124
125 // Create and Update Donor First Name and Last Name in Meta Fields.
126 $donor->update_meta( '_give_donor_first_name', $first_name );
127 $donor->update_meta( '_give_donor_last_name', $last_name );
128
129 $new_donor_id = $donor->id;
130
131 $previous_donor = new Give_Donor( $curr_donor_id );
132
133 $donor_changed = true;
134
135 } elseif ( $curr_donor_id !== $new_donor_id ) {
136
137 $donor = new Give_Donor( $new_donor_id );
138 $email = $donor->email;
139 $names = $donor->name;
140
141 $previous_donor = new Give_Donor( $curr_donor_id );
142
143 $donor_changed = true;
144
145 } else {
146 $donor = new Give_Donor( $curr_donor_id );
147 $email = $donor->email;
148 $names = $donor->name;
149 }
150
151 if ( $donor_changed ) {
152
153 // Setup first and last name from input values.
154 $first_name = $donor->get_first_name();
155 $last_name = $donor->get_last_name();
156
157 $payment->first_name = $first_name;
158 $payment->last_name = $last_name;
159
160 // Remove the stats and payment from the previous donor and attach it to the new donor.
161 $previous_donor->remove_payment( $payment_id, false );
162 $donor->attach_payment( $payment_id, false );
163
164 if ( 'publish' == $status ) {
165
166 // Reduce previous user donation count and amount.
167 $previous_donor->decrease_donation_count();
168 $previous_donor->decrease_value( $curr_total );
169
170 // If donation was completed adjust stats of new donors.
171 $donor->increase_purchase_count();
172 $donor->increase_value( $new_total );
173 }
174
175 $payment->customer_id = $donor->id;
176 } else {
177
178 if ( 'publish' === $status ) {
179 // Update user donation stat.
180 $donor->update_donation_value( $curr_total, $new_total );
181 }
182 }
183
184 // Set new meta values.
185 $payment->user_id = $donor->user_id;
186 $payment->email = $donor->email;
187 $payment->address = $address;
188 $payment->total = $new_total;
189
190 // Check for payment notes.
191 if ( ! empty( $data['give-payment-note'] ) ) {
192
193 $note = wp_kses( $data['give-payment-note'], array() );
194 give_insert_payment_note( $payment_id, $note );
195
196 }
197
198 // Set new status.
199 $payment->status = $status;
200
201 // Adjust total store earnings if the payment total has been changed.
202 if ( $new_total !== $curr_total && 'publish' == $status ) {
203
204 if ( $new_total > $curr_total ) {
205 // Increase if our new total is higher.
206 $difference = $new_total - $curr_total;
207 give_increase_total_earnings( $difference );
208
209 // Increase form earnings.
210 give_increase_earnings( $payment->form_id, $difference, $payment->ID );
211 } elseif ( $curr_total > $new_total ) {
212 // Decrease if our new total is lower.
213 $difference = $curr_total - $new_total;
214 give_decrease_total_earnings( $difference );
215
216 // Decrease form earnings.
217 give_decrease_form_earnings( $payment->form_id, $difference, $payment->ID );
218 }
219 }
220
221 $payment->save();
222
223 // Get new give form ID.
224 $new_form_id = absint( $data['give-payment-form-select'] );
225 $current_form_id = absint( $payment->get_meta( '_give_payment_form_id' ) );
226
227 // We are adding payment transfer code in last to remove any conflict with above functionality.
228 // For example: above code will automatically handle form stat (increase/decrease) when payment status changes.
229 // Check if user want to transfer current payment to new give form id.
230 if ( $new_form_id && $new_form_id != $current_form_id ) {
231
232 // Get new give form title.
233 $new_form_title = get_the_title( $new_form_id );
234
235 // Update payment give form meta data.
236 $payment->update_meta( '_give_payment_form_id', $new_form_id );
237 $payment->update_meta( '_give_payment_form_title', $new_form_title );
238
239 // Update price id payment metadata.
240 if ( ! give_has_variable_prices( $new_form_id ) ) {
241 $payment->update_meta( '_give_payment_price_id', '' );
242 }
243
244 // If donation was completed, adjust stats of forms.
245 if ( 'publish' == $status ) {
246
247 // Decrease sale of old give form. For other payment status.
248 $current_form = new Give_Donate_Form( $current_form_id );
249 $current_form->decrease_sales();
250 $current_form->decrease_earnings( $curr_total, $payment->ID );
251
252 // Increase sale of new give form.
253 $new_form = new Give_Donate_Form( $new_form_id );
254 $new_form->increase_sales();
255 $new_form->increase_earnings( $new_total, $payment->ID );
256 }
257
258 // Re setup payment to update new meta value in object.
259 $payment->update_payment_setup( $payment->ID );
260
261 // Update form id in payment logs.
262 Give()->async_process->data(
263 array(
264 'data' => array( $new_form_id, $payment_id ),
265 'hook' => 'give_update_log_form_id',
266 )
267 )->dispatch();
268 }
269
270 // Update price id if current form is variable form.
271 /* @var Give_Donate_Form $form */
272 $form = new Give_Donate_Form( $payment->form_id );
273
274 if ( isset( $data['give-variable-price'] ) && $form->has_variable_prices() ) {
275
276 // Get payment meta data.
277 $payment_meta = $payment->get_meta();
278
279 $price_info = array();
280 $price_id = '';
281
282 // Get price info
283 if ( 0 <= $data['give-variable-price'] ) {
284 foreach ( $form->prices as $variable_price ) {
285 if ( $new_total === give_maybe_sanitize_amount( $variable_price['_give_amount'] ) ) {
286 $price_info = $variable_price;
287 break;
288 }
289 }
290 }
291
292 // Set price id.
293 if ( ! empty( $price_info ) ) {
294 $price_id = $data['give-variable-price'];
295
296 if ( $data['give-variable-price'] !== $price_info['_give_id']['level_id'] ) {
297 // Set price id to amount match.
298 $price_id = $price_info['_give_id']['level_id'];
299 }
300 } elseif ( $form->is_custom_price_mode() ) {
301 $price_id = 'custom';
302 }
303
304 // Update payment meta data.
305 $payment_meta['price_id'] = $price_id;
306
307 // Update payment give form meta data.
308 $payment->update_meta( '_give_payment_price_id', $price_id );
309 $payment->update_meta( '_give_payment_meta', $payment_meta );
310
311 // Re setup payment to update new meta value in object.
312 $payment->update_payment_setup( $payment->ID );
313 }
314
315 $comment_id = isset( $data['give_comment_id'] ) ? absint( $data['give_comment_id'] ) : 0;
316 $has_anonymous_setting_field = give_is_anonymous_donation_field_enabled( $payment->form_id );
317
318 if ( $has_anonymous_setting_field ) {
319 give_update_meta( $payment->ID, '_give_anonymous_donation', $payment->anonymous );
320 }
321
322 // Update comment.
323 if ( give_is_donor_comment_field_enabled( $payment->form_id ) ) {
324 // We are access comment directly from $_POST because comment formatting remove because of give_clean in give_post_actions.
325 $data['give_comment'] = trim($_POST['give_comment']);
326 $payment->update_meta(DonationMetaKeys::COMMENT, sanitize_textarea_field($data['give_comment']));
327 }
328
329 // Check if payment status is not completed then update the goal progress for donation form.
330 if ( 'publish' !== $status ) {
331 give_update_goal_progress( $form->ID );
332 }
333
334 /**
335 * Fires after updating edited donation.
336 *
337 * @since 1.0
338 * @since 1.8.9 Changes hook name give_updated_edited_purchase -> give_updated_edited_donation
339 *
340 * @param int $payment_id The ID of the payment.
341 */
342 do_action( 'give_updated_edited_donation', $payment_id );
343
344 wp_safe_redirect( admin_url( 'edit.php?post_type=give_forms&page=give-payment-history&view=view-payment-details&give-messages[]=payment-updated&id=' . $payment_id ) );
345 exit;
346 }
347
348 add_action( 'give_update_payment_details', 'give_update_payment_details' );
349
350 /**
351 * Trigger a Donation Deletion.
352 *
353 * @since 1.0
354 *
355 * @param array $data Arguments passed.
356 *
357 * @return void
358 */
359 function give_trigger_donation_delete( $data ) {
360 if ( wp_verify_nonce( $data['_wpnonce'], 'give_donation_nonce' ) ) {
361
362 $payment_id = absint( $data['purchase_id'] );
363
364 if ( ! current_user_can( 'edit_give_payments', $payment_id ) ) {
365 wp_die( __( 'You do not have permission to edit payments.', 'give' ), __( 'Error', 'give' ), array( 'response' => 403 ) );
366 }
367
368 give_delete_donation( $payment_id );
369 wp_redirect( admin_url( 'edit.php?post_type=give_forms&page=give-payment-history&give-messages[]=donation-deleted' ) );
370 give_die();
371 }
372 }
373
374 add_action( 'give_delete_payment', 'give_trigger_donation_delete' );
375
376 /**
377 * AJAX Store Donation Note
378 *
379 * @since 2.25.3 Add nonce check.
380 */
381 function give_ajax_store_payment_note() {
382 check_ajax_referer('give_insert_payment_note');
383
384 $payment_id = absint($_POST['payment_id']);
385 $note = wp_kses($_POST['note'], []);
386 $note_type = give_clean($_POST['type']);
387
388 if ( ! current_user_can('edit_give_payments', $payment_id)) {
389 wp_die(__('You do not have permission to edit payments.', 'give'), __('Error', 'give'), ['response' => 403]);
390 }
391
392 if ( empty( $payment_id ) || empty( $note ) ) {
393 die( '-1' );
394 }
395
396 if ( ! give_has_upgrade_completed( 'v230_move_donor_note' ) ) {
397 // Backward compatibility.
398 $note_id = give_insert_payment_note( $payment_id, $note );
399 } else {
400 $note_id = Give()->comment->db->add(
401 array(
402 'comment_parent' => $payment_id,
403 'user_id' => get_current_user_id(),
404 'comment_content' => $note,
405 'comment_type' => 'donation',
406 )
407 );
408 }
409
410 if ( $note_id && $note_type ) {
411
412 if ( ! give_has_upgrade_completed( 'v230_move_donor_note' ) ) {
413 add_comment_meta( $note_id, 'note_type', $note_type, true );
414 } else {
415 Give()->comment->db_meta->update_meta( $note_id, 'note_type', $note_type );
416 }
417
418 /**
419 * Fire the action
420 *
421 * @since 2.3.0
422 */
423 do_action( 'give_donor-note_email_notification', $note_id, $payment_id );
424 }
425
426 die( give_get_payment_note_html( $note_id ) );
427 }
428
429 add_action( 'wp_ajax_give_insert_payment_note', 'give_ajax_store_payment_note' );
430
431 /**
432 * Triggers a donation note deletion without ajax
433 *
434 * @since 1.0
435 *
436 * @param array $data Arguments passed
437 *
438 * @return void
439 */
440 function give_trigger_payment_note_deletion( $data ) {
441
442 if ( ! wp_verify_nonce( $data['_wpnonce'], 'give_delete_payment_note_' . $data['note_id'] ) ) {
443 return;
444 }
445
446 if ( ! current_user_can( 'edit_give_payments', $data['payment_id'] ) ) {
447 wp_die( __( 'You do not have permission to edit payments.', 'give' ), __( 'Error', 'give' ), array( 'response' => 403 ) );
448 }
449
450 $edit_order_url = admin_url( 'edit.php?post_type=give_forms&page=give-payment-history&view=view-payment-details&give-messages[]=donation-note-deleted&id=' . absint( $data['payment_id'] ) );
451
452 give_delete_payment_note( $data['note_id'], $data['payment_id'] );
453
454 wp_redirect( $edit_order_url );
455 }
456
457 add_action( 'give_delete_payment_note', 'give_trigger_payment_note_deletion' );
458
459 /**
460 * Delete a payment note deletion with ajax
461 *
462 * @since 2.25.3 Add nonce check.
463 * @since 1.0
464 *
465 * @return void
466 */
467 function give_ajax_delete_payment_note() {
468 check_ajax_referer('give_delete_payment_note');
469
470 if ( ! current_user_can( 'edit_give_payments', $_POST['payment_id'] ) ) {
471 wp_die( __( 'You do not have permission to edit payments.', 'give' ), __( 'Error', 'give' ), array( 'response' => 403 ) );
472 }
473
474 if ( give_delete_payment_note( $_POST['note_id'], $_POST['payment_id'] ) ) {
475 die( '1' );
476 } else {
477 die( '-1' );
478 }
479
480 }
481
482 add_action( 'wp_ajax_give_delete_payment_note', 'give_ajax_delete_payment_note' );
483