PluginProbe ʕ •ᴥ•ʔ
GiveWP – Donation Plugin and Fundraising Platform / trunk
GiveWP – Donation Plugin and Fundraising Platform vtrunk
4.16.2 4.16.1 4.16.0 4.15.5 4.15.4 4.15.3 4.15.2 4.15.1 4.15.0 2.3.0 2.3.1 2.3.2 2.30.0 2.31.0 2.31.1 2.32.0 2.33.0 2.33.1 2.33.2 2.33.3 2.33.4 2.33.5 2.4.0 2.4.1 2.4.2 2.4.3 2.4.4 2.4.5 2.4.6 2.4.7 2.5.0 2.5.1 2.5.10 2.5.11 2.5.12 2.5.13 2.5.2 2.5.3 2.5.4 2.5.5 2.5.6 2.5.7 2.5.8 2.5.9 2.6.0 2.6.1 2.6.2 2.6.3 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.8.0 2.8.1 2.9.0 2.9.1 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 3.0.0 3.0.1 3.0.2 3.0.3 3.0.4 3.1.0 3.1.1 3.1.2 3.10.0 3.11.0 3.12.0 3.12.1 3.12.2 3.12.3 3.13.0 3.14.0 3.14.1 3.14.2 3.15.0 3.15.1 3.16.0 3.16.1 3.16.2 3.16.3 3.16.4 3.16.5 3.17.0 3.17.1 3.17.2 3.18.0 3.19.0 3.19.1 3.19.2 3.19.3 3.19.4 3.2.0 3.2.1 3.2.2 3.20.0 3.21.0 3.21.1 3.22.0 3.22.1 3.22.2 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.5.1 3.6.0 3.6.1 3.6.2 3.7.0 3.8.0 3.9.0 4.0.0 4.1.0 4.1.1 4.10.0 4.10.1 4.11.0 4.12.0 4.13.0 4.13.1 4.13.2 4.14.0 4.14.1 4.14.2 4.14.3 4.14.4 4.14.5 4.14.6 4.2.0 4.2.1 4.3.0 4.3.1 4.3.2 4.4.0 4.5.0 4.6.1 4.7.0 4.7.1 4.8.0 4.8.1 4.9.0 trunk 1.9.0 2.0.0 2.0.1 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.1.0 2.1.1 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.11.0 2.11.1 2.11.2 2.11.3 2.12.0 2.12.1 2.12.2 2.12.3 2.13.0 2.13.1 2.13.2 2.13.3 2.13.4 2.14.0 2.15.0 2.16.0 2.16.1 2.17.0 2.17.1 2.17.3 2.18.0 2.18.1 2.19.1 2.19.2 2.19.3 2.19.4 2.19.5 2.19.6 2.19.7 2.19.8 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.2.5 2.2.6 2.20.0 2.20.1 2.20.2 2.21.0 2.21.1 2.21.2 2.21.3 2.21.4 2.22.0 2.22.1 2.22.2 2.22.3 2.23.0 2.23.1 2.23.2 2.24.0 2.24.1 2.24.2 2.25.0 2.25.1 2.25.2 2.25.3 2.26.0 2.27.0 2.27.1 2.27.2 2.27.3 2.28.0 2.29.0 2.29.1 2.29.2
give / includes / ajax-functions.php
give / includes Last commit date
admin 19 hours ago api 3 years ago database 5 months ago deprecated 1 month ago donors 5 months ago emails 9 months ago forms 19 hours ago frontend 6 years ago gateways 9 months ago libraries 9 months ago payments 2 months ago actions.php 9 months ago ajax-functions.php 2 days ago class-give-async-process.php 1 year ago class-give-background-updater.php 9 months ago class-give-cache-setting.php 1 year ago class-give-cache.php 9 months ago class-give-cli-commands.php 1 year ago class-give-comment.php 9 months ago class-give-cron.php 9 months ago class-give-donate-form.php 1 year ago class-give-donor.php 2 years ago class-give-email-access.php 5 years ago class-give-license-handler.php 1 month ago class-give-logging.php 9 months ago class-give-readme-parser.php 4 years ago class-give-roles.php 5 months ago class-give-scripts.php 2 weeks ago class-give-session.php 9 months ago class-give-stats.php 6 years ago class-give-template-loader.php 6 years ago class-give-tooltips.php 6 years ago class-give-translation.php 4 years ago class-notices.php 9 months ago country-functions.php 7 months ago currencies-list.php 7 months ago currency-functions.php 3 years ago error-tracking.php 6 years ago filters.php 9 months ago formatting.php 9 months ago install.php 9 months ago login-register.php 2 years ago misc-functions.php 1 month ago plugin-compatibility.php 6 years ago post-types.php 1 year ago price-functions.php 6 years ago process-donation.php 1 year ago setting-functions.php 6 years ago shortcodes.php 1 year ago template-functions.php 1 year ago user-functions.php 3 years ago
ajax-functions.php
854 lines
1 <?php
2 /**
3 * AJAX Functions
4 *
5 * Process the front-end AJAX actions.
6 *
7 * @package Give
8 * @subpackage Functions/AJAX
9 * @copyright Copyright (c) 2016, GiveWP
10 * @license https://opensource.org/licenses/gpl-license GNU Public License
11 * @since 1.0
12 */
13
14 // Exit if accessed directly.
15 use Give\Helpers\Form\Template as FormTemplateUtils;
16
17 if ( ! defined( 'ABSPATH' ) ) {
18 exit;
19 }
20
21 /**
22 * Check if AJAX works as expected
23 * Note: Do not use this function before init hook.
24 *
25 * @since 1.0
26 *
27 * @param bool $force Flag to test ajax by discarding cache result
28 *
29 * @return bool True if AJAX works, false otherwise
30 */
31 function give_test_ajax_works( $force = false ) {
32 // Handle ajax.
33 if ( doing_action( 'wp_ajax_nopriv_give_test_ajax' ) ) {
34 wp_die( 0, 200 );
35 }
36
37 // Check if the Airplane Mode plugin is installed.
38 if ( class_exists( 'Airplane_Mode_Core' ) ) {
39
40 $airplane = Airplane_Mode_Core::getInstance();
41
42 if ( method_exists( $airplane, 'enabled' ) ) {
43
44 if ( $airplane->enabled() ) {
45 return true;
46 }
47 } else {
48
49 if ( 'on' === $airplane->check_status() ) {
50 return true;
51 }
52 }
53 }
54
55 add_filter( 'block_local_requests', '__return_false' );
56
57 $works = Give_Cache::get( '_give_ajax_works', true );
58
59 if ( ! $works || $force ) {
60 $params = [
61 'sslverify' => false,
62 'timeout' => 30,
63 'body' => [
64 'action' => 'give_test_ajax',
65 ],
66 ];
67
68 $ajax = wp_remote_post( give_get_ajax_url(), $params );
69
70 $works = true;
71
72 if ( is_wp_error( $ajax ) ) {
73
74 $works = false;
75
76 } else {
77
78 if ( empty( $ajax['response'] ) ) {
79 $works = false;
80 }
81
82 if ( empty( $ajax['response']['code'] ) || 200 !== (int) $ajax['response']['code'] ) {
83 $works = false;
84 }
85
86 if ( empty( $ajax['response']['message'] ) || 'OK' !== $ajax['response']['message'] ) {
87 $works = false;
88 }
89
90 if ( ! isset( $ajax['body'] ) || 0 !== (int) $ajax['body'] ) {
91 $works = false;
92 }
93 }
94
95 if ( $works ) {
96 Give_Cache::set( '_give_ajax_works', '1', DAY_IN_SECONDS, true );
97 }
98 }
99
100 /**
101 * Filter the output
102 *
103 * @since 1.0
104 */
105 return apply_filters( 'give_test_ajax_works', $works );
106 }
107
108 add_action( 'wp_ajax_nopriv_give_test_ajax', 'give_test_ajax_works' );
109
110 /**
111 * Get AJAX URL
112 *
113 * @since 1.0
114 *
115 * @param array $query
116 *
117 * @return string
118 */
119 function give_get_ajax_url( $query = [] ) {
120 $scheme = defined( 'FORCE_SSL_ADMIN' ) && FORCE_SSL_ADMIN ? 'https' : 'admin';
121
122 $current_url = give_get_current_page_url();
123 $ajax_url = admin_url( 'admin-ajax.php', $scheme );
124
125 if ( preg_match( '/^https/', $current_url ) && ! preg_match( '/^https/', $ajax_url ) ) {
126 $ajax_url = preg_replace( '/^http/', 'https', $ajax_url );
127 }
128
129 if ( ! empty( $query ) ) {
130 $ajax_url = add_query_arg( $query, $ajax_url );
131 }
132
133 return esc_url_raw( apply_filters( 'give_ajax_url', $ajax_url ) );
134 }
135
136 /**
137 * Loads Checkout Login Fields via AJAX
138 *
139 * @since 1.0
140 *
141 * @return void
142 */
143 function give_load_checkout_login_fields() {
144 /**
145 * Fire when render login fields via ajax.
146 *
147 * @since 1.7
148 */
149 do_action( 'give_donation_form_login_fields' );
150
151 give_die();
152 }
153
154 add_action( 'wp_ajax_nopriv_give_checkout_login', 'give_load_checkout_login_fields' );
155
156 /**
157 * Load Checkout Fields
158 *
159 * @since 1.3.6
160 *
161 * @return void
162 */
163 function give_load_checkout_fields() {
164 $form_id = isset( $_POST['form_id'] ) ? $_POST['form_id'] : '';
165
166 ob_start();
167
168 /**
169 * Fire to render registration/login form.
170 *
171 * @since 1.7
172 */
173 do_action( 'give_donation_form_register_login_fields', $form_id );
174
175 $fields = ob_get_clean();
176
177 wp_send_json(
178 [
179 'fields' => wp_json_encode( $fields ),
180 'submit' => wp_json_encode( give_get_donation_form_submit_button( $form_id ) ),
181 ]
182 );
183 }
184
185 add_action( 'wp_ajax_give_cancel_login', 'give_load_checkout_fields' );
186 add_action( 'wp_ajax_nopriv_give_cancel_login', 'give_load_checkout_fields' );
187 add_action( 'wp_ajax_nopriv_give_checkout_register', 'give_load_checkout_fields' );
188
189
190 /**
191 * Retrieve a states drop down
192 *
193 * @since 2.30.0 add 'state_label' & 'states' to response
194 * @since 1.0
195 *
196 * @return void
197 */
198 function give_ajax_get_states_field() {
199 $states_found = false;
200 $show_field = true;
201 $states_require = true;
202 // Get the Country code from the $_POST.
203 $country = sanitize_text_field($_POST['country']);
204
205 // Get the field name from the $_POST.
206 $field_name = sanitize_text_field($_POST['field_name']);
207
208 $label = __('State', 'give');
209 $states_label = give_get_states_label();
210
211 $default_state = '';
212 if (give_get_country() === $country) {
213 $default_state = give_get_state();
214 }
215
216 // Check if $country code exists in the array key for states label.
217 if (array_key_exists($country, $states_label)) {
218 $label = $states_label[$country];
219 }
220
221 if (empty($country)) {
222 $country = give_get_country();
223 }
224
225 $states = give_get_states($country);
226 if (!empty($states)) {
227 $args = [
228 'name' => $field_name,
229 'id' => $field_name,
230 'class' => $field_name . ' give-select',
231 'options' => $states,
232 'show_option_all' => false,
233 'show_option_none' => false,
234 'placeholder' => $label,
235 'selected' => $default_state,
236 'autocomplete' => 'address-level1',
237 ];
238 $data = Give()->html->select($args);
239 $states_found = true;
240 } else {
241 $data = 'nostates';
242
243 // Get the country list that does not have any states init.
244 $no_states_country = give_no_states_country_list();
245
246 // Check if $country code exists in the array key.
247 if (array_key_exists($country, $no_states_country)) {
248 $show_field = false;
249 }
250
251 // Get the country list that does not require states.
252 $states_not_required_country_list = give_states_not_required_country_list();
253
254 // Check if $country code exists in the array key.
255 if (array_key_exists($country, $states_not_required_country_list)) {
256 $states_require = false;
257 }
258 }
259
260 $response = [
261 'success' => true,
262 'states_found' => $states_found,
263 'states_label' => $label,
264 'show_field' => $show_field,
265 'states_require' => $states_require,
266 'data' => $data,
267 'default_state' => $default_state,
268 'city_require' => !array_key_exists($country, give_city_not_required_country_list()),
269 'zip_require' => !array_key_exists($country, give_get_country_list_without_postcodes()),
270 'state_label' => $label,
271 'states' => array_map(static function ($state) {
272 return html_entity_decode($state, ENT_QUOTES);
273 }, $states),
274 ];
275 wp_send_json($response);
276 }
277
278 add_action( 'wp_ajax_give_get_states', 'give_ajax_get_states_field' );
279 add_action( 'wp_ajax_nopriv_give_get_states', 'give_ajax_get_states_field' );
280
281 /**
282 * Retrieve donation forms via AJAX for chosen dropdown search field.
283 *
284 * @since 1.0
285 *
286 * @return void
287 */
288 function give_ajax_form_search() {
289 $results = [];
290 $search = esc_sql( sanitize_text_field( $_POST['s'] ) );
291
292 $args = [
293 'post_type' => 'give_forms',
294 's' => $search,
295 'update_post_term_cache' => false,
296 'update_post_meta_cache' => false,
297 'cache_results' => false,
298 'no_found_rows' => true,
299 'post_status' => 'publish',
300 'orderby' => 'title',
301 'order' => 'ASC',
302 'posts_per_page' => empty( $search ) ? 30 : -1,
303 ];
304
305 /**
306 * Filter to modify Ajax form search args
307 *
308 * @since 2.1
309 *
310 * @param array $args Query argument for WP_query
311 *
312 * @return array $args Query argument for WP_query
313 */
314 $args = (array) apply_filters( 'give_ajax_form_search_args', $args );
315
316 // get all the donation form.
317 $query = new WP_Query( $args );
318 if ( $query->have_posts() ) {
319 while ( $query->have_posts() ) {
320 $query->the_post();
321 global $post;
322
323 $results[] = [
324 'id' => $post->ID,
325 'name' => $post->post_title,
326 ];
327 }
328 wp_reset_postdata();
329 }
330
331 /**
332 * Filter to modify Ajax form search result
333 *
334 * @since 2.1
335 *
336 * @param array $results Contain the Donation Form id
337 *
338 * @return array $results Contain the Donation Form id
339 */
340 $results = (array) apply_filters( 'give_ajax_form_search_response', $results );
341
342 wp_send_json( $results );
343 }
344
345 add_action( 'wp_ajax_give_form_search', 'give_ajax_form_search' );
346 add_action( 'wp_ajax_nopriv_give_form_search', 'give_ajax_form_search' );
347
348 /**
349 * Search the donors database via Ajax
350 *
351 * @since 1.0
352 *
353 * @return void
354 */
355 function give_ajax_donor_search() {
356 global $wpdb;
357
358 $search = esc_sql( sanitize_text_field( $_POST['s'] ) );
359 $results = [];
360 if ( ! current_user_can( 'view_give_reports' ) ) {
361 $donors = [];
362 } else {
363 $donors = $wpdb->get_results( "SELECT id,name,email FROM $wpdb->donors WHERE `name` LIKE '%$search%' OR `email` LIKE '%$search%' LIMIT 50" );
364 }
365
366 if ( $donors ) {
367 foreach ( $donors as $donor ) {
368
369 $results[] = [
370 'id' => $donor->id,
371 'name' => $donor->name . ' (' . $donor->email . ')',
372 ];
373 }
374 }
375
376 wp_send_json( $results );
377 }
378
379 add_action( 'wp_ajax_give_donor_search', 'give_ajax_donor_search' );
380
381
382 /**
383 * Searches for users via ajax and returns a list of results
384 *
385 * @since 1.0
386 *
387 * @return void
388 */
389 function give_ajax_search_users() {
390 $results = [];
391
392 if ( current_user_can( 'manage_give_settings' ) ) {
393
394 $search = esc_sql( sanitize_text_field( $_POST['s'] ) );
395
396 $get_users_args = [
397 'number' => 9999,
398 'search' => $search . '*',
399 ];
400
401 $get_users_args = apply_filters( 'give_search_users_args', $get_users_args );
402
403 $found_users = apply_filters( 'give_ajax_found_users', get_users( $get_users_args ), $search );
404 $results = [];
405
406 if ( $found_users ) {
407
408 foreach ( $found_users as $user ) {
409
410 $results[] = [
411 'id' => $user->ID,
412 'name' => esc_html( $user->user_login . ' (' . $user->user_email . ')' ),
413 ];
414 }
415 }
416 }// End if().
417
418 wp_send_json( $results );
419
420 }
421
422 add_action( 'wp_ajax_give_user_search', 'give_ajax_search_users' );
423
424
425 /**
426 * Queries page by title and returns page ID and title in JSON format.
427 *
428 * Note: this function in for internal use.
429 *
430 * @since 2.1
431 *
432 * @return string
433 */
434 function give_ajax_pages_search() {
435 $data = [];
436 $args = [
437 'post_type' => 'page',
438 's' => give_clean( $_POST['s'] ),
439 ];
440
441 $query = new WP_Query( $args );
442
443 // Query posts by title.
444 if ( $query->have_posts() ) {
445 while ( $query->have_posts() ) {
446 $query->the_post();
447
448 $data[] = [
449 'id' => get_the_ID(),
450 'name' => get_the_title(),
451 ];
452 }
453 }
454
455 wp_send_json( $data );
456 }
457
458 add_action( 'wp_ajax_give_pages_search', 'give_ajax_pages_search' );
459
460 /**
461 * Retrieve Categories via AJAX for chosen dropdown search field.
462 *
463 * @since 2.1
464 *
465 * @return void
466 */
467 function give_ajax_categories_search() {
468 $results = [];
469
470 /**
471 * Filter to modify Ajax tags search args
472 *
473 * @since 2.1
474 *
475 * @param array $args argument for get_terms
476 *
477 * @return array $args argument for get_terms
478 */
479 $args = (array) apply_filters(
480 'give_forms_categories_dropdown_args',
481 [
482 'number' => 30,
483 'name__like' => esc_sql( sanitize_text_field( $_POST['s'] ) ),
484 ]
485 );
486
487 $categories = get_terms( 'give_forms_category', $args );
488
489 foreach ( $categories as $category ) {
490 $results[] = [
491 'id' => $category->term_id,
492 'name' => $category->name,
493 ];
494 }
495
496 /**
497 * Filter to modify Ajax tags search result
498 *
499 * @since 2.1
500 *
501 * @param array $results Contain the categories id and name
502 *
503 * @return array $results Contain the categories id and name
504 */
505 $results = (array) apply_filters( 'give_forms_categories_dropdown_responce', $results );
506
507 wp_send_json( $results );
508 }
509
510 add_action( 'wp_ajax_give_categories_search', 'give_ajax_categories_search' );
511
512 /**
513 * Retrieve Tags via AJAX for chosen dropdown search field.
514 *
515 * @since 2.1
516 *
517 * @return void
518 */
519 function give_ajax_tags_search() {
520 $results = [];
521
522 /**
523 * Filter to modify Ajax tags search args
524 *
525 * @since 2.1
526 *
527 * @param array $args argument for get_terms
528 *
529 * @return array $args argument for get_terms
530 */
531 $args = (array) apply_filters(
532 'give_forms_tags_dropdown_args',
533 [
534 'number' => 30,
535 'name__like' => esc_sql( sanitize_text_field( $_POST['s'] ) ),
536 ]
537 );
538
539 $categories = get_terms( 'give_forms_tag', $args );
540
541 foreach ( $categories as $category ) {
542 $results[] = [
543 'id' => $category->term_id,
544 'name' => $category->name,
545 ];
546 }
547
548 /**
549 * Filter to modify Ajax tags search result
550 *
551 * @since 2.1
552 *
553 * @param array $results Contain the tags id and name
554 *
555 * @return array $results Contain the tags id and name
556 */
557 $results = (array) apply_filters( 'give_forms_tags_dropdown_responce', $results );
558
559 wp_send_json( $results );
560 }
561
562 add_action( 'wp_ajax_give_tags_search', 'give_ajax_tags_search' );
563
564 /**
565 * Check for Price Variations (Multi-level donation forms)
566 *
567 * @since 1.5
568 *
569 * @return void
570 */
571 function give_check_for_form_price_variations() {
572
573 if ( ! current_user_can( 'edit_give_forms', get_current_user_id() ) ) {
574 die( '-1' );
575 }
576
577 $form_id = absint( $_POST['form_id'] );
578 $form = get_post( $form_id );
579
580 if ( 'give_forms' !== $form->post_type ) {
581 die( '-2' );
582 }
583
584 if ( give_has_variable_prices( $form_id ) ) {
585 $variable_prices = give_get_variable_prices( $form_id );
586
587 if ( $variable_prices ) {
588 $ajax_response = '<select class="give_price_options_select give-select give-select" name="give_price_option">';
589
590 if ( isset( $_POST['all_prices'] ) ) {
591 $ajax_response .= '<option value="all">' . esc_html__( 'All Levels', 'give' ) . '</option>';
592 }
593
594 foreach ( $variable_prices as $key => $price ) {
595
596 $level_text = ! empty( $price['_give_text'] ) ? esc_html( $price['_give_text'] ) : give_currency_filter( give_format_amount( $price['_give_amount'], [ 'sanitize' => false ] ) );
597
598 $ajax_response .= '<option value="' . esc_attr( $price['_give_id']['level_id'] ) . '">' . $level_text . '</option>';
599 }
600 $ajax_response .= '</select>';
601 echo $ajax_response;
602 }
603 }
604
605 give_die();
606 }
607
608 add_action( 'wp_ajax_give_check_for_form_price_variations', 'give_check_for_form_price_variations' );
609
610
611 /**
612 * Check for Variation Prices HTML (Multi-level donation forms)
613 *
614 * @since 1.6
615 *
616 * @return void
617 */
618 function give_check_for_form_price_variations_html() {
619 if ( ! current_user_can( 'edit_give_payments', get_current_user_id() ) ) {
620 wp_die();
621 }
622
623 $form_id = ! empty( $_POST['form_id'] ) ? absint( $_POST['form_id'] ) : false;
624 $payment_id = ! empty( $_POST['payment_id'] ) ? absint( $_POST['payment_id'] ) : false;
625 if ( empty( $form_id ) || empty( $payment_id ) ) {
626 wp_die();
627 }
628
629 $form = get_post( $form_id );
630 if ( ! empty( $form->post_type ) && 'give_forms' !== $form->post_type ) {
631 wp_die();
632 }
633
634 if ( ! give_has_variable_prices( $form_id ) || ! $form_id ) {
635 esc_html_e( 'n/a', 'give' );
636 } else {
637 $prices_atts = [];
638 if ( $variable_prices = give_get_variable_prices( $form_id ) ) {
639 foreach ( $variable_prices as $variable_price ) {
640 $prices_atts[ $variable_price['_give_id']['level_id'] ] = give_format_amount( $variable_price['_give_amount'], [ 'sanitize' => false ] );
641 }
642 }
643
644 // Variable price dropdown options.
645 $variable_price_dropdown_option = [
646 'id' => $form_id,
647 'name' => 'give-variable-price',
648 'chosen' => true,
649 'show_option_all' => '',
650 'show_option_none' => '',
651 'select_atts' => 'data-prices=' . esc_attr( json_encode( $prices_atts ) ),
652 ];
653
654 if ( $payment_id ) {
655 // Payment object.
656 $payment = new Give_Payment( $payment_id );
657
658 // Payment meta.
659 $payment_meta = $payment->get_meta();
660 $variable_price_dropdown_option['selected'] = $payment_meta['price_id'];
661 }
662
663 // Render variable prices select tag html.
664 give_get_form_variable_price_dropdown( $variable_price_dropdown_option, true );
665 }
666
667 give_die();
668 }
669
670 add_action( 'wp_ajax_give_check_for_form_price_variations_html', 'give_check_for_form_price_variations_html' );
671
672 /**
673 * Send Confirmation Email For Complete Donation History Access.
674 *
675 * @since 4.16.1 Always return a uniform success response regardless of donor existence or throttle state.
676 * @since 1.8.17
677 *
678 * @return bool
679 */
680 function give_confirm_email_for_donation_access() {
681
682 // Verify Security using Nonce.
683 if ( ! check_ajax_referer( 'give_ajax_nonce', 'nonce' ) ) {
684 return false;
685 }
686
687 // Bail Out, if email is empty.
688 if ( empty( $_POST['email'] ) ) {
689 return false;
690 }
691
692 $donor = Give()->donors->get_donor_by( 'email', give_clean( $_POST['email'] ) );
693 if ( is_object( $donor ) && Give()->email_access->can_send_email( $donor->id ) ) {
694 Give()->email_access->send_email( $donor->id, $donor->email );
695 }
696
697 $return = [];
698 $return['status'] = 'success';
699
700 /**
701 * Filter to modify access mail send notice
702 *
703 * @since 2.1.3
704 *
705 * @param string Send notice message for email access.
706 *
707 * @return string $message Send notice message for email access.
708 */
709 $message = (string) apply_filters( 'give_email_access_mail_send_notice', __( 'Please check your email and click on the link to access your complete donation history.', 'give' ) );
710
711 $return['message'] = Give_Notices::print_frontend_notice(
712 $message,
713 false,
714 'success'
715 );
716
717 echo json_encode( $return );
718 give_die();
719 }
720
721 add_action( 'wp_ajax_nopriv_give_confirm_email_for_donations_access', 'give_confirm_email_for_donation_access' );
722
723 /**
724 * Render receipt by ajax
725 * Note: only for internal use
726 *
727 * @since 4.9.0 rename function - PHP 8 compatibility
728 * @since 2.2.0
729 */
730 function give_get_receipt() {
731
732 $get_data = give_clean( filter_input_array( INPUT_GET ) );
733
734 if ( ! isset( $get_data['shortcode_atts'] ) ) {
735 give_die();
736 }
737
738 $atts = (array) json_decode( $get_data['shortcode_atts'] );
739 $data = give_receipt_shortcode( $atts );
740
741 wp_send_json( $data );
742 }
743 add_action( 'wp_ajax_get_receipt', 'give_get_receipt');
744 add_action( 'wp_ajax_nopriv_get_receipt', 'give_get_receipt');
745
746 /**
747 * Get ajax url to render content from other website into thickbox
748 * Note: only for internal use
749 *
750 * @param array $args
751 *
752 * @return string
753 * @since 2.5.0
754 */
755 function give_modal_ajax_url( $args = [] ) {
756 $args = wp_parse_args(
757 $args,
758 [
759 'action' => 'give_get_content_by_ajax',
760 '_wpnonce' => wp_create_nonce( 'give_get_content_by_ajax' ),
761 ]
762 );
763
764 return esc_url_raw( add_query_arg( $args, admin_url( '/admin-ajax.php' ) ) );
765 }
766
767
768 /**
769 * Return content from url
770 * Note: only for internal use
771 *
772 * @todo use get_version endpoint to read changelog or cache add-ons infro from update_plugins option
773 *
774 * @return string
775 * @since 2.5.0
776 */
777 function give_get_content_by_ajax_handler() {
778 check_admin_referer( 'give_get_content_by_ajax' );
779
780 if ( empty( $_GET['url'] ) ) {
781 die();
782 }
783
784 /**
785 * Restrict requests to GiveWP.com plugin readme.txt file only.
786 * @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
787 *
788 * @since 2.25.2
789 */
790 if(! preg_match('^https://givewp.com/downloads/plugins/(.*)/readme.txt$^', $_GET['url'])) {
791 die();
792 }
793
794 // Handle changelog render request.
795 if (
796 ! empty( $_GET['show_changelog'] )
797 && (int) give_clean( $_GET['show_changelog'] )
798 ) {
799 $msg = __( 'Sorry, unable to load changelog.', 'give' );
800 $url = urldecode_deep( give_clean( $_GET['url'] ) );
801
802 $response = wp_remote_get( $url );
803
804 if ( is_wp_error( $response ) ) {
805 echo "$msg<br><br><code>Error: {$response->get_error_message()}</code>";
806 exit;
807 }
808
809 $response = wp_remote_retrieve_body( $response );
810
811 if ( false === strpos( $response, '== Changelog ==' ) ) {
812 echo $msg;
813 exit;
814 }
815
816 $changelog = explode( '== Changelog ==', $response );
817 $changelog = end( $changelog );
818
819 echo give_get_format_md( $changelog );
820 }
821
822 do_action( 'give_get_content_by_ajax_handler' );
823
824 exit;
825 }
826
827 add_action( 'wp_ajax_give_get_content_by_ajax', 'give_get_content_by_ajax_handler' );
828
829
830 /**
831 * Get form template for ajax request.
832 *
833 * Note: only for internal use
834 *
835 * @since 2.7.0
836 */
837 function give_get_form_template_id() {
838 check_ajax_referer( 'give-donation-form-widget', 'security' );
839
840 $formId = isset( $_POST['formId'] ) ? absint( $_POST['formId'] ) : 0;
841
842 // Send error response if form id does not mentioned.
843 if ( ! $formId ) {
844 wp_send_json_error();
845 }
846
847 $templateID = FormTemplateUtils::getActiveID( $formId );
848 $templateID = $templateID ?: 'legacy';
849
850 wp_send_json_success( $templateID );
851 }
852 add_action( 'wp_ajax_give_get_form_template_id', 'give_get_form_template_id' );
853 add_action( 'wp_ajax_no_priv_give_get_form_template_id', 'give_get_form_template_id' );
854