login-button.php
122 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Premium Content Login Button Child Block. |
| 4 | * |
| 5 | * @package automattic/jetpack |
| 6 | */ |
| 7 | |
| 8 | namespace Automattic\Jetpack\Extensions\Premium_Content; |
| 9 | |
| 10 | use Automattic\Jetpack\Blocks; |
| 11 | use Automattic\Jetpack\Extensions\Premium_Content\Subscription_Service\Abstract_Token_Subscription_Service; |
| 12 | use Automattic\Jetpack\Status\Host; |
| 13 | use Jetpack_Gutenberg; |
| 14 | use Jetpack_Options; |
| 15 | |
| 16 | require_once dirname( __DIR__ ) . '/_inc/subscription-service/include.php'; |
| 17 | |
| 18 | const LOGIN_BUTTON_NAME = 'premium-content/login-button'; |
| 19 | |
| 20 | /** |
| 21 | * Registers the block for use in Gutenberg |
| 22 | * This is done via an action so that we can disable |
| 23 | * registration if we need to. |
| 24 | */ |
| 25 | function register_login_button_block() { |
| 26 | Blocks::jetpack_register_block( |
| 27 | LOGIN_BUTTON_NAME, |
| 28 | array( |
| 29 | 'render_callback' => __NAMESPACE__ . '\render_login_button_block', |
| 30 | 'render_email_callback' => __NAMESPACE__ . '\render_login_button_block_email', |
| 31 | ) |
| 32 | ); |
| 33 | } |
| 34 | add_action( 'init', __NAMESPACE__ . '\register_login_button_block' ); |
| 35 | |
| 36 | /** |
| 37 | * Returns current URL. |
| 38 | * |
| 39 | * @return string |
| 40 | */ |
| 41 | function get_current_url() { |
| 42 | if ( ! isset( $_SERVER['HTTP_HOST'] ) || ! isset( $_SERVER['REQUEST_URI'] ) ) { |
| 43 | return ''; |
| 44 | } |
| 45 | |
| 46 | return ( is_ssl() ? 'https://' : 'http://' ) . wp_unslash( $_SERVER['HTTP_HOST'] ) . wp_unslash( $_SERVER['REQUEST_URI'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized |
| 47 | } |
| 48 | |
| 49 | /** |
| 50 | * Returns subscriber log in URL. |
| 51 | * |
| 52 | * @param string $redirect Path to redirect to on login. |
| 53 | * |
| 54 | * @return string |
| 55 | */ |
| 56 | function get_subscriber_login_url( $redirect ) { |
| 57 | $redirect = ! empty( $redirect ) ? $redirect : get_site_url(); |
| 58 | |
| 59 | if ( ( new Host() )->is_wpcom_simple() ) { |
| 60 | // On WPCOM we will redirect immediately |
| 61 | return wpcom_logmein_redirect_url( $redirect, false, null, 'link', get_current_blog_id() ); |
| 62 | } |
| 63 | |
| 64 | // On self-hosted we will save and hide the token |
| 65 | $redirect_url = get_site_url() . '/wp-json/jetpack/v4/subscribers/auth'; |
| 66 | $redirect_url = add_query_arg( 'redirect_url', $redirect, $redirect_url ); |
| 67 | |
| 68 | return add_query_arg( |
| 69 | array( |
| 70 | 'site_id' => intval( Jetpack_Options::get_option( 'id' ) ), |
| 71 | 'redirect_url' => rawurlencode( $redirect_url ), |
| 72 | ), |
| 73 | 'https://subscribe.wordpress.com/memberships/jwt/' |
| 74 | ); |
| 75 | } |
| 76 | |
| 77 | /** |
| 78 | * Determines whether the current visitor is a logged in user or a subscriber. |
| 79 | * |
| 80 | * @return bool |
| 81 | */ |
| 82 | function is_subscriber_logged_in() { |
| 83 | return is_user_logged_in() || Abstract_Token_Subscription_Service::has_token_from_cookie(); |
| 84 | } |
| 85 | |
| 86 | /** |
| 87 | * Render callback. |
| 88 | * |
| 89 | * @param array $attributes Array containing the block attributes. |
| 90 | * @param string $content String containing the block content. |
| 91 | * |
| 92 | * @return string |
| 93 | */ |
| 94 | function render_login_button_block( $attributes, $content ) { |
| 95 | if ( ! pre_render_checks() ) { |
| 96 | return ''; |
| 97 | } |
| 98 | |
| 99 | // The viewer is logged it, so they shouldn't see the login button. |
| 100 | if ( is_subscriber_logged_in() ) { |
| 101 | return ''; |
| 102 | } |
| 103 | |
| 104 | Jetpack_Gutenberg::load_styles_as_required( LOGIN_BUTTON_NAME ); |
| 105 | |
| 106 | $redirect_url = get_current_url(); |
| 107 | $url = get_subscriber_login_url( $redirect_url ); |
| 108 | |
| 109 | return preg_replace( '/(<a\b[^><]*)>/i', '$1 href="' . esc_url( $url ) . '">', $content ); |
| 110 | } |
| 111 | |
| 112 | /** |
| 113 | * Render email callback. |
| 114 | * |
| 115 | * @return string |
| 116 | */ |
| 117 | function render_login_button_block_email() { |
| 118 | // We don't want to render the login button in emails. |
| 119 | // The subscriber is already considered logged in in emails. |
| 120 | return ''; |
| 121 | } |
| 122 |