PluginProbe ʕ •ᴥ•ʔ
Tutor LMS – eLearning and online course solution / 1.7.8
Tutor LMS – eLearning and online course solution v1.7.8
4.0.0 3.9.15 3.9.14 3.9.13 3.9.12 3.9.11 trunk 1.0.0 1.0.0-alpha 1.0.1 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9 1.1.0 1.1.1 1.2.0 1.2.1 1.2.11 1.2.12 1.2.13 1.2.20 1.3.0 1.3.1 1.3.2 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8 1.4.9 1.5.0 1.5.1 1.5.2 1.5.3 1.5.4 1.5.5 1.5.6 1.5.7 1.5.8 1.5.9 1.6.0 1.6.1 1.6.2 1.6.3 1.6.4 1.6.5 1.6.6 1.6.7 1.6.8 1.6.9 1.7.0 1.7.1 1.7.2 1.7.3 1.7.4 1.7.5 1.7.6 1.7.7 1.7.8 1.7.9 1.8.0 1.8.1 1.8.10 1.8.2 1.8.3 1.8.4 1.8.5 1.8.6 1.8.7 1.8.8 1.8.9 1.9.0 1.9.1 1.9.10 1.9.11 1.9.12 1.9.13 1.9.14 1.9.15 1.9.16 1.9.2 1.9.3 1.9.4 1.9.5 1.9.6 1.9.7 1.9.8 1.9.9 2.0.0 2.0.1 2.0.10 2.0.2 2.0.3 2.0.4 2.0.5 2.0.6 2.0.7 2.0.8 2.0.9 2.1.0 2.1.1 2.1.10 2.1.2 2.1.3 2.1.4 2.1.5 2.1.6 2.1.7 2.1.8 2.1.9 2.2.0 2.2.1 2.2.2 2.2.3 2.2.4 2.3.0 2.4.0 2.5.0 2.6.0 2.6.1 2.6.2 2.7.0 2.7.1 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 3.0.0 3.0.1 3.0.2 3.1.0 3.2.0 3.2.1 3.2.2 3.2.3 3.3.0 3.3.1 3.4.0 3.4.1 3.4.2 3.5.0 3.6.0 3.6.1 3.6.2 3.6.3 3.6.4 3.7.0 3.7.1 3.7.2 3.7.3 3.7.4 3.8.0 3.8.1 3.8.2 3.8.3 3.9.0 3.9.1 3.9.10 3.9.2 3.9.3 3.9.4 3.9.5 3.9.6 3.9.7 3.9.8 3.9.9
tutor / classes / Ajax.php
tutor / classes Last commit date
Addons.php 5 years ago Admin.php 5 years ago Ajax.php 5 years ago Assets.php 5 years ago Course.php 5 years ago Course_Filter.php 5 years ago Course_Settings_Tabs.php 5 years ago Course_Widget.php 5 years ago Custom_Validation.php 5 years ago Dashboard.php 5 years ago Delete_Enrollment_With_Order.php 5 years ago Email.php 5 years ago FormHandler.php 5 years ago Frontend.php 5 years ago Gutenberg.php 5 years ago Instructor.php 5 years ago Instructors_List.php 5 years ago Lesson.php 5 years ago Options.php 5 years ago Post_types.php 5 years ago Private_Course_Access.php 5 years ago Q_and_A.php 5 years ago Question_Answers_List.php 5 years ago Quiz.php 5 years ago Quiz_Attempts_List.php 5 years ago RestAPI.php 5 years ago Rewrite_Rules.php 5 years ago Shortcode.php 5 years ago Student.php 5 years ago Students_List.php 5 years ago Taxonomies.php 5 years ago Template.php 5 years ago Theme_Compatibility.php 5 years ago Tools.php 5 years ago Tutor.php 5 years ago TutorEDD.php 5 years ago Tutor_Base.php 5 years ago Tutor_List_Table.php 5 years ago Tutor_Setup.php 5 years ago Upgrader.php 5 years ago User.php 5 years ago Utils.php 5 years ago Video_Stream.php 5 years ago Withdraw.php 5 years ago Withdraw_Requests_List.php 5 years ago WooCommerce.php 5 years ago
Ajax.php
389 lines
1 <?php
2 namespace TUTOR;
3
4 if ( ! defined( 'ABSPATH' ) )
5 exit;
6
7 class Ajax{
8 public function __construct() {
9
10 add_action('wp_ajax_sync_video_playback', array($this, 'sync_video_playback'));
11 add_action('wp_ajax_nopriv_sync_video_playback', array($this, 'sync_video_playback_noprev'));
12 add_action('wp_ajax_tutor_place_rating', array($this, 'tutor_place_rating'));
13
14 add_action('wp_ajax_tutor_ask_question', array($this, 'tutor_ask_question'));
15 add_action('wp_ajax_tutor_add_answer', array($this, 'tutor_add_answer'));
16
17 add_action('wp_ajax_tutor_course_add_to_wishlist', array($this, 'tutor_course_add_to_wishlist'));
18 add_action('wp_ajax_nopriv_tutor_course_add_to_wishlist', array($this, 'tutor_course_add_to_wishlist'));
19
20 /**
21 * Addon Enable Disable Control
22 */
23 add_action('wp_ajax_addon_enable_disable', array($this, 'addon_enable_disable'));
24
25 /**
26 * Update Rating/review
27 * @since v.1.4.0
28 */
29 add_action('wp_ajax_tutor_load_edit_review_modal', array($this, 'tutor_load_edit_review_modal'));
30 add_action('wp_ajax_tutor_update_review_modal', array($this, 'tutor_update_review_modal'));
31
32 /**
33 * Ajax login
34 * @since v.1.6.3
35 */
36 add_action('wp_ajax_nopriv_tutor_user_login', array($this, 'process_ajax_login'));
37 }
38
39
40
41 /**
42 * Update video information and data when necessary
43 *
44 * @since v.1.0.0
45 */
46 public function sync_video_playback(){
47 tutor_utils()->checking_nonce();
48
49 $duration = sanitize_text_field($_POST['duration']);
50 $currentTime = sanitize_text_field($_POST['currentTime']);
51 $post_id = isset($_POST['post_id']) ? sanitize_text_field($_POST['post_id']) : 0;
52
53 /**
54 * Update posts attached video
55 */
56 $video = tutor_utils()->get_video($post_id);
57
58 if ($duration) {
59 $video['duration_sec'] = $duration; //secs
60 $video['playtime'] = tutor_utils()->playtime_string( $duration );
61 $video['runtime'] = tutor_utils()->playtime_array( $duration );
62 }
63 tutor_utils()->update_video($post_id, $video);
64
65 /**
66 * Sync Lesson Reading Info by Users
67 */
68
69 $user_id = get_current_user_id();
70
71 $best_watch_time = tutor_utils()->get_lesson_reading_info($post_id, $user_id, 'video_best_watched_time');
72 if ($best_watch_time < $currentTime){
73 tutor_utils()->update_lesson_reading_info($post_id, $user_id, 'video_best_watched_time', $currentTime);
74 }
75
76 if (tutor_utils()->avalue_dot('is_ended', $_POST)){
77 tutor_utils()->mark_lesson_complete($post_id);
78 }
79 exit();
80 }
81
82 public function sync_video_playback_noprev(){
83
84 }
85
86
87 public function tutor_place_rating(){
88 global $wpdb;
89
90 //TODO: Check nonce
91
92 $rating = sanitize_text_field(tutor_utils()->avalue_dot('rating', $_POST));
93 $course_id = sanitize_text_field(tutor_utils()->avalue_dot('course_id', $_POST));
94 $review = wp_kses_post(tutor_utils()->avalue_dot('review', $_POST));
95
96 $user_id = get_current_user_id();
97 $user = get_userdata($user_id);
98 $date = date("Y-m-d H:i:s", tutor_time());
99
100 do_action('tutor_before_rating_placed');
101
102 $previous_rating_id = $wpdb->get_var($wpdb->prepare("select comment_ID from {$wpdb->comments} WHERE comment_post_ID=%d AND user_id = %d AND comment_type = 'tutor_course_rating' LIMIT 1;", $course_id, $user_id));
103
104 $review_ID = $previous_rating_id;
105 if ( $previous_rating_id){
106 $wpdb->update( $wpdb->comments, array('comment_content' => esc_sql( $review ) ),
107 array('comment_ID' => $previous_rating_id)
108 );
109
110 $rating_info = $wpdb->get_row($wpdb->prepare("SELECT * FROM {$wpdb->commentmeta} WHERE comment_id = %d AND meta_key = 'tutor_rating'; ", $previous_rating_id));
111 if ($rating_info){
112 $wpdb->update( $wpdb->commentmeta, array('meta_value' => $rating), array('comment_id' => $previous_rating_id, 'meta_key' => 'tutor_rating') );
113 }else{
114 $wpdb->insert( $wpdb->commentmeta, array('comment_id' => $previous_rating_id, 'meta_key' => 'tutor_rating', 'meta_value' => $rating) );
115 }
116 }else{
117 $data = array(
118 'comment_post_ID' => esc_sql( $course_id ) ,
119 'comment_approved' => 'approved',
120 'comment_type' => 'tutor_course_rating',
121 'comment_date' => $date,
122 'comment_date_gmt' => get_gmt_from_date($date),
123 'user_id' => $user_id,
124 'comment_author' => $user->user_login,
125 'comment_agent' => 'TutorLMSPlugin',
126 );
127 if ($review){
128 $data['comment_content'] = $review;
129 }
130
131 $wpdb->insert($wpdb->comments, $data);
132 $comment_id = (int) $wpdb->insert_id;
133 $review_ID = $comment_id;
134
135 if ($comment_id && $rating){
136 $result = $wpdb->insert( $wpdb->commentmeta, array(
137 'comment_id' => $comment_id,
138 'meta_key' => 'tutor_rating',
139 'meta_value' => $rating
140 ) );
141
142 do_action('tutor_after_rating_placed', $comment_id);
143 }
144 }
145
146 $data = array('msg' => __('Rating placed success', 'tutor'), 'review_id' => $review_ID, 'review' => $review);
147 wp_send_json_success($data);
148 }
149
150 public function tutor_ask_question(){
151 tutor_utils()->checking_nonce();
152
153 global $wpdb;
154
155 $course_id = (int) sanitize_text_field($_POST['tutor_course_id']);
156 $question_title = sanitize_text_field($_POST['question_title']);
157 $question = wp_kses_post($_POST['question']);
158
159 if (empty($question) || empty($question_title)){
160 wp_send_json_error(__('Empty question title or body', 'tutor'));
161 }
162
163 $user_id = get_current_user_id();
164 $user = get_userdata($user_id);
165 $date = date("Y-m-d H:i:s", tutor_time());
166
167 do_action('tutor_before_add_question', $course_id);
168 $data = apply_filters('tutor_add_question_data', array(
169 'comment_post_ID' => $course_id,
170 'comment_author' => $user->user_login,
171 'comment_date' => $date,
172 'comment_date_gmt' => get_gmt_from_date($date),
173 'comment_content' => $question,
174 'comment_approved' => 'waiting_for_answer',
175 'comment_agent' => 'TutorLMSPlugin',
176 'comment_type' => 'tutor_q_and_a',
177 'user_id' => $user_id,
178 ));
179
180 $wpdb->insert($wpdb->comments, $data);
181 $comment_id = (int) $wpdb->insert_id;
182
183 if ($comment_id){
184 $result = $wpdb->insert( $wpdb->commentmeta, array(
185 'comment_id' => $comment_id,
186 'meta_key' => 'tutor_question_title',
187 'meta_value' => $question_title
188 ) );
189 }
190 do_action('tutor_after_add_question', $course_id, $comment_id);
191
192 wp_send_json_success(__('Question has been added successfully', 'tutor'));
193 }
194
195
196 public function tutor_add_answer(){
197 tutor_utils()->checking_nonce();
198 global $wpdb;
199
200 $answer = wp_kses_post($_POST['answer']);
201 if ( ! $answer){
202 wp_send_json_error(__('Please write answer', 'tutor'));
203 }
204
205 $question_id = (int) sanitize_text_field($_POST['question_id']);
206 $question = tutor_utils()->get_qa_question($question_id);
207
208 $user_id = get_current_user_id();
209 $user = get_userdata($user_id);
210 $date = date("Y-m-d H:i:s", tutor_time());
211
212 do_action('tutor_before_answer_to_question');
213 $data = apply_filters('tutor_add_answer_data', array(
214 'comment_post_ID' => $question->comment_post_ID,
215 'comment_author' => $user->user_login,
216 'comment_date' => $date,
217 'comment_date_gmt' => get_gmt_from_date($date),
218 'comment_content' => $answer,
219 'comment_approved' => 'approved',
220 'comment_agent' => 'TutorLMSPlugin',
221 'comment_type' => 'tutor_q_and_a',
222 'comment_parent' => $question_id,
223 'user_id' => $user_id,
224 ));
225
226 $wpdb->insert($wpdb->comments, $data);
227 $comment_id = (int) $wpdb->insert_id;
228 do_action('tutor_after_answer_to_question', $comment_id);
229
230 wp_send_json_success(__('Answer has been added successfully', 'tutor'));
231 }
232
233
234 public function tutor_course_add_to_wishlist(){
235 $course_id = (int) sanitize_text_field($_POST['course_id']);
236 if ( ! is_user_logged_in()){
237 wp_send_json_error(array('redirect_to' => wp_login_url( wp_get_referer() ) ) );
238 }
239 global $wpdb;
240
241 $user_id = get_current_user_id();
242 $if_added_to_list = $wpdb->get_row("select * from {$wpdb->usermeta} WHERE user_id = {$user_id} AND meta_key = '_tutor_course_wishlist' AND meta_value = {$course_id} ;");
243
244 if ( $if_added_to_list){
245 $wpdb->delete($wpdb->usermeta, array('user_id' => $user_id, 'meta_key' => '_tutor_course_wishlist', 'meta_value' => $course_id ));
246 wp_send_json_success(array('status' => 'removed', 'msg' => __('Course removed from wish list', 'tutor')));
247 }else{
248 add_user_meta($user_id, '_tutor_course_wishlist', $course_id);
249 wp_send_json_success(array('status' => 'added', 'msg' => __('Course added to wish list', 'tutor')));
250 }
251 }
252
253 /**
254 * Method for enable / disable addons
255 */
256 public function addon_enable_disable(){
257
258 if(!current_user_can( 'manage_options' )) {
259 wp_send_json_error( array('message'=>__('Access Denied', 'tutor')) );
260 }
261
262 $addonsConfig = maybe_unserialize(get_option('tutor_addons_config'));
263
264 $isEnable = (bool) sanitize_text_field(tutor_utils()->avalue_dot('isEnable', $_POST));
265 $addonFieldName = sanitize_text_field(tutor_utils()->avalue_dot('addonFieldName', $_POST));
266
267 do_action('tutor_addon_before_enable_disable');
268 if ($isEnable){
269 do_action("tutor_addon_before_enable_{$addonFieldName}");
270 do_action('tutor_addon_before_enable', $addonFieldName);
271 $addonsConfig[$addonFieldName]['is_enable'] = 1;
272 update_option('tutor_addons_config', $addonsConfig);
273
274 do_action('tutor_addon_after_enable', $addonFieldName);
275 do_action("tutor_addon_after_enable_{$addonFieldName}");
276 }else{
277 do_action("tutor_addon_before_disable_{$addonFieldName}");
278 do_action('tutor_addon_before_disable', $addonFieldName);
279 $addonsConfig[$addonFieldName]['is_enable'] = 0;
280 update_option('tutor_addons_config', $addonsConfig);
281
282 do_action('tutor_addon_after_disable', $addonFieldName);
283 do_action("tutor_addon_after_disable_{$addonFieldName}");
284 }
285
286 do_action('tutor_addon_after_enable_disable');
287 wp_send_json_success();
288 }
289
290 /**
291 * Load review edit form
292 * @since v.1.4.0
293 */
294 public function tutor_load_edit_review_modal(){
295 tutor_utils()->checking_nonce();
296
297 $review_id = (int) sanitize_text_field(tutils()->array_get('review_id', $_POST));
298 $rating = tutils()->get_rating_by_id($review_id);
299
300 ob_start();
301 tutor_load_template('dashboard.reviews.edit-review-form', array('rating' => $rating));
302 $output = ob_get_clean();
303
304 wp_send_json_success(array('output' => $output));
305 }
306
307 public function tutor_update_review_modal(){
308 global $wpdb;
309
310 tutor_utils()->checking_nonce();
311
312 $review_id = (int) sanitize_text_field(tutils()->array_get('review_id', $_POST));
313 $rating = sanitize_text_field(tutor_utils()->avalue_dot('rating', $_POST));
314 $review = wp_kses_post(tutor_utils()->avalue_dot('review', $_POST));
315
316 $is_exists = $wpdb->get_var("select comment_ID from {$wpdb->comments} WHERE comment_ID={$review_id} AND comment_type = 'tutor_course_rating' ;");
317
318 if ( $is_exists) {
319 $wpdb->update( $wpdb->comments, array( 'comment_content' => $review ),
320 array( 'comment_ID' => $review_id )
321 );
322 $wpdb->update( $wpdb->commentmeta, array( 'meta_value' => $rating ),
323 array( 'comment_id' => $review_id, 'meta_key' => 'tutor_rating' )
324 );
325
326 do_action('tutor_after_review_update', $review_id, $is_exists);
327
328 wp_send_json_success();
329 }
330 wp_send_json_error();
331 }
332
333 /**
334 * Process ajax login
335 * @since v.1.6.3
336 */
337 public function process_ajax_login(){
338 tutils()->checking_nonce();
339
340 $username = tutils()->array_get('log', $_POST);
341 $password = tutils()->array_get('pwd', $_POST);
342 $redirect_to = tutils()->array_get('redirect_to', $_POST);
343
344 try {
345 $creds = array(
346 'user_login' => trim( wp_unslash( $username ) ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
347 'user_password' => $password, // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash
348 'remember' => isset( $_POST['rememberme'] ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
349 );
350
351 $validation_error = new \WP_Error();
352 $validation_error = apply_filters( 'tutor_process_login_errors', $validation_error, $creds['user_login'], $creds['user_password'] );
353
354 if ( $validation_error->get_error_code() ) {
355 wp_send_json_error( '<strong>' . __( 'ERROR:', 'tutor' ) . '</strong> ' . $validation_error->get_error_message() );
356 }
357
358 if ( empty( $creds['user_login'] ) ) {
359 wp_send_json_error( '<strong>' . __( 'ERROR:', 'tutor' ) . '</strong> ' . __( 'Username is required.', 'tutor' ) );
360 }
361
362 // On multisite, ensure user exists on current site, if not add them before allowing login.
363 if ( is_multisite() ) {
364 $user_data = get_user_by( is_email( $creds['user_login'] ) ? 'email' : 'login', $creds['user_login'] );
365
366 if ( $user_data && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) {
367 add_user_to_blog( get_current_blog_id(), $user_data->ID, 'customer' );
368 }
369 }
370
371 // Perform the login.
372 $user = wp_signon( apply_filters( 'tutor_login_credentials', $creds ), is_ssl() );
373
374 if ( is_wp_error( $user ) ) {
375 $message = $user->get_error_message();
376 $message = str_replace( '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', $message );
377
378 wp_send_json_error( $message );
379 } else {
380 wp_send_json_success([
381 'redirect' => apply_filters('tutor_login_redirect_url', $redirect_to)
382 ]);
383 }
384 } catch ( \Exception $e ) {
385 wp_send_json_error( apply_filters( 'login_errors', $e->getMessage()) );
386 do_action( 'tutor_login_failed' );
387 }
388 }
389 }