class-wc-shortcode-checkout.php — WooCommerce 7.6.0-rc.2

woocommerce / includes / shortcodes / class-wc-shortcode-checkout.php

woocommerce / includes / shortcodes Last commit date

class-wc-shortcode-cart.php 5 years ago class-wc-shortcode-checkout.php 3 years ago class-wc-shortcode-my-account.php 5 years ago class-wc-shortcode-order-tracking.php 3 years ago class-wc-shortcode-products.php 5 years ago

class-wc-shortcode-checkout.php

321 lines

1	<?php
2	/**
3	* Checkout Shortcode
4	*
5	* Used on the checkout page, the checkout shortcode displays the checkout process.
6	*
7	* @package WooCommerce\Shortcodes\Checkout
8	* @version 2.0.0
9	*/
10
11	defined( 'ABSPATH' ) \|\| exit;
12
13	/**
14	* Shortcode checkout class.
15	*/
16	class WC_Shortcode_Checkout {
17
18	/**
19	* Get the shortcode content.
20	*
21	* @param array $atts Shortcode attributes.
22	* @return string
23	*/
24	public static function get( $atts ) {
25	return WC_Shortcodes::shortcode_wrapper( array( __CLASS__, 'output' ), $atts );
26	}
27
28	/**
29	* Output the shortcode.
30	*
31	* @param array $atts Shortcode attributes.
32	*/
33	public static function output( $atts ) {
34	global $wp;
35
36	// Check cart class is loaded or abort.
37	if ( is_null( WC()->cart ) ) {
38	return;
39	}
40
41	// Backwards compatibility with old pay and thanks link arguments.
42	if ( isset( $_GET['order'] ) && isset( $_GET['key'] ) ) { // WPCS: input var ok, CSRF ok.
43	wc_deprecated_argument( __CLASS__ . '->' . __FUNCTION__, '2.1', '"order" is no longer used to pass an order ID. Use the order-pay or order-received endpoint instead.' );
44
45	// Get the order to work out what we are showing.
46	$order_id = absint( $_GET['order'] ); // WPCS: input var ok.
47	$order = wc_get_order( $order_id );
48
49	if ( $order && $order->has_status( 'pending' ) ) {
50	$wp->query_vars['order-pay'] = absint( $_GET['order'] ); // WPCS: input var ok.
51	} else {
52	$wp->query_vars['order-received'] = absint( $_GET['order'] ); // WPCS: input var ok.
53	}
54	}
55
56	// Handle checkout actions.
57	if ( ! empty( $wp->query_vars['order-pay'] ) ) {
58
59	self::order_pay( $wp->query_vars['order-pay'] );
60
61	} elseif ( isset( $wp->query_vars['order-received'] ) ) {
62
63	self::order_received( $wp->query_vars['order-received'] );
64
65	} else {
66
67	self::checkout();
68
69	}
70	}
71
72	/**
73	* Show the pay page.
74	*
75	* @throws Exception When validate fails.
76	* @param int $order_id Order ID.
77	*/
78	private static function order_pay( $order_id ) {
79
80	do_action( 'before_woocommerce_pay' );
81
82	$order_id = absint( $order_id );
83
84	// Pay for existing order.
85	if ( isset( $_GET['pay_for_order'], $_GET['key'] ) && $order_id ) { // WPCS: input var ok, CSRF ok.
86	try {
87	$order_key = isset( $_GET['key'] ) ? wc_clean( wp_unslash( $_GET['key'] ) ) : ''; // WPCS: input var ok, CSRF ok.
88	$order = wc_get_order( $order_id );
89
90	// Order or payment link is invalid.
91	if ( ! $order \|\| $order->get_id() !== $order_id \|\| ! hash_equals( $order->get_order_key(), $order_key ) ) {
92	throw new Exception( __( 'Sorry, this order is invalid and cannot be paid for.', 'woocommerce' ) );
93	}
94
95	// Logged out customer does not have permission to pay for this order.
96	if ( ! current_user_can( 'pay_for_order', $order_id ) && ! is_user_logged_in() ) {
97	echo '<div class="woocommerce-info">' . esc_html__( 'Please log in to your account below to continue to the payment form.', 'woocommerce' ) . '</div>';
98	woocommerce_login_form(
99	array(
100	'redirect' => $order->get_checkout_payment_url(),
101	)
102	);
103	return;
104	}
105
106	// Add notice if logged in customer is trying to pay for guest order.
107	if ( ! $order->get_user_id() && is_user_logged_in() ) {
108	// If order has does not have same billing email then current logged in user then show warning.
109	if ( $order->get_billing_email() !== wp_get_current_user()->user_email ) {
110	wc_print_notice( __( 'You are paying for a guest order. Please continue with payment only if you recognize this order.', 'woocommerce' ), 'error' );
111	}
112	}
113
114	// Logged in customer trying to pay for someone else's order.
115	if ( ! current_user_can( 'pay_for_order', $order_id ) ) {
116	throw new Exception( __( 'This order cannot be paid for. Please contact us if you need assistance.', 'woocommerce' ) );
117	}
118
119	// Does not need payment.
120	if ( ! $order->needs_payment() ) {
121	/* translators: %s: order status */
122	throw new Exception( sprintf( __( 'This order’s status is “%s”—it cannot be paid for. Please contact us if you need assistance.', 'woocommerce' ), wc_get_order_status_name( $order->get_status() ) ) );
123	}
124
125	// Ensure order items are still stocked if paying for a failed order. Pending orders do not need this check because stock is held.
126	if ( ! $order->has_status( wc_get_is_pending_statuses() ) ) {
127	$quantities = array();
128
129	foreach ( $order->get_items() as $item_key => $item ) {
130	if ( $item && is_callable( array( $item, 'get_product' ) ) ) {
131	$product = $item->get_product();
132
133	if ( ! $product ) {
134	continue;
135	}
136
137	$quantities[ $product->get_stock_managed_by_id() ] = isset( $quantities[ $product->get_stock_managed_by_id() ] ) ? $quantities[ $product->get_stock_managed_by_id() ] + $item->get_quantity() : $item->get_quantity();
138	}
139	}
140
141	// Stock levels may already have been adjusted for this order (in which case we don't need to worry about checking for low stock).
142	if ( ! $order->get_data_store()->get_stock_reduced( $order->get_id() ) ) {
143	foreach ( $order->get_items() as $item_key => $item ) {
144	if ( $item && is_callable( array( $item, 'get_product' ) ) ) {
145	$product = $item->get_product();
146
147	if ( ! $product ) {
148	continue;
149	}
150
151	if ( ! apply_filters( 'woocommerce_pay_order_product_in_stock', $product->is_in_stock(), $product, $order ) ) {
152	/* translators: %s: product name */
153	throw new Exception( sprintf( __( 'Sorry, "%s" is no longer in stock so this order cannot be paid for. We apologize for any inconvenience caused.', 'woocommerce' ), $product->get_name() ) );
154	}
155
156	// We only need to check products managing stock, with a limited stock qty.
157	if ( ! $product->managing_stock() \|\| $product->backorders_allowed() ) {
158	continue;
159	}
160
161	// Check stock based on all items in the cart and consider any held stock within pending orders.
162	$held_stock = wc_get_held_stock_quantity( $product, $order->get_id() );
163	$required_stock = $quantities[ $product->get_stock_managed_by_id() ];
164
165	if ( ! apply_filters( 'woocommerce_pay_order_product_has_enough_stock', ( $product->get_stock_quantity() >= ( $held_stock + $required_stock ) ), $product, $order ) ) {
166	/* translators: 1: product name 2: quantity in stock */
167	throw new Exception( sprintf( __( 'Sorry, we do not have enough "%1$s" in stock to fulfill your order (%2$s available). We apologize for any inconvenience caused.', 'woocommerce' ), $product->get_name(), wc_format_stock_quantity_for_display( $product->get_stock_quantity() - $held_stock, $product ) ) );
168	}
169	}
170	}
171	}
172	}
173
174	WC()->customer->set_props(
175	array(
176	'billing_country' => $order->get_billing_country() ? $order->get_billing_country() : null,
177	'billing_state' => $order->get_billing_state() ? $order->get_billing_state() : null,
178	'billing_postcode' => $order->get_billing_postcode() ? $order->get_billing_postcode() : null,
179	)
180	);
181	WC()->customer->save();
182
183	$available_gateways = WC()->payment_gateways->get_available_payment_gateways();
184
185	if ( count( $available_gateways ) ) {
186	current( $available_gateways )->set_current();
187	}
188
189	/**
190	* Allows the text of the submit button on the Pay for Order page to be changed.
191	*
192	* @param string $text The text of the button.
193	*
194	* @since 3.0.2
195	*/
196	$order_button_text = apply_filters( 'woocommerce_pay_order_button_text', __( 'Pay for order', 'woocommerce' ) );
197
198	/**
199	* Triggered right before the Pay for Order form, after validation of the order and customer.
200	*
201	* @param WC_Order $order The order that is being paid for.
202	* @param string $order_button_text The text for the submit button.
203	* @param array $available_gateways All available gateways.
204	*
205	* @since 6.6
206	*/
207	do_action( 'before_woocommerce_pay_form', $order, $order_button_text, $available_gateways );
208
209	wc_get_template(
210	'checkout/form-pay.php',
211	array(
212	'order' => $order,
213	'available_gateways' => $available_gateways,
214	'order_button_text' => $order_button_text,
215	)
216	);
217
218	} catch ( Exception $e ) {
219	wc_print_notice( $e->getMessage(), 'error' );
220	}
221	} elseif ( $order_id ) {
222
223	// Pay for order after checkout step.
224	$order_key = isset( $_GET['key'] ) ? wc_clean( wp_unslash( $_GET['key'] ) ) : ''; // WPCS: input var ok, CSRF ok.
225	$order = wc_get_order( $order_id );
226
227	if ( $order && $order->get_id() === $order_id && hash_equals( $order->get_order_key(), $order_key ) ) {
228
229	if ( $order->needs_payment() ) {
230
231	wc_get_template( 'checkout/order-receipt.php', array( 'order' => $order ) );
232
233	} else {
234	/* translators: %s: order status */
235	wc_print_notice( sprintf( __( 'This order’s status is “%s”—it cannot be paid for. Please contact us if you need assistance.', 'woocommerce' ), wc_get_order_status_name( $order->get_status() ) ), 'error' );
236	}
237	} else {
238	wc_print_notice( __( 'Sorry, this order is invalid and cannot be paid for.', 'woocommerce' ), 'error' );
239	}
240	} else {
241	wc_print_notice( __( 'Invalid order.', 'woocommerce' ), 'error' );
242	}
243
244	do_action( 'after_woocommerce_pay' );
245	}
246
247	/**
248	* Show the thanks page.
249	*
250	* @param int $order_id Order ID.
251	*/
252	private static function order_received( $order_id = 0 ) {
253	$order = false;
254
255	// Get the order.
256	$order_id = apply_filters( 'woocommerce_thankyou_order_id', absint( $order_id ) );
257	$order_key = apply_filters( 'woocommerce_thankyou_order_key', empty( $_GET['key'] ) ? '' : wc_clean( wp_unslash( $_GET['key'] ) ) ); // WPCS: input var ok, CSRF ok.
258
259	if ( $order_id > 0 ) {
260	$order = wc_get_order( $order_id );
261	if ( ! $order \|\| ! hash_equals( $order->get_order_key(), $order_key ) ) {
262	$order = false;
263	}
264	}
265
266	// Empty awaiting payment session.
267	unset( WC()->session->order_awaiting_payment );
268
269	// In case order is created from admin, but paid by the actual customer, store the ip address of the payer
270	// when they visit the payment confirmation page.
271	if ( $order && $order->is_created_via( 'admin' ) ) {
272	$order->set_customer_ip_address( WC_Geolocation::get_ip_address() );
273	$order->save();
274	}
275
276	// Empty current cart.
277	wc_empty_cart();
278
279	wc_get_template( 'checkout/thankyou.php', array( 'order' => $order ) );
280	}
281
282	/**
283	* Show the checkout.
284	*/
285	private static function checkout() {
286	// Show non-cart errors.
287	do_action( 'woocommerce_before_checkout_form_cart_notices' );
288
289	// Check cart has contents.
290	if ( WC()->cart->is_empty() && ! is_customize_preview() && apply_filters( 'woocommerce_checkout_redirect_empty_cart', true ) ) {
291	return;
292	}
293
294	// Check cart contents for errors.
295	do_action( 'woocommerce_check_cart_items' );
296
297	// Calc totals.
298	WC()->cart->calculate_totals();
299
300	// Get checkout object.
301	$checkout = WC()->checkout();
302
303	if ( empty( $_POST ) && wc_notice_count( 'error' ) > 0 ) { // WPCS: input var ok, CSRF ok.
304
305	wc_get_template( 'checkout/cart-errors.php', array( 'checkout' => $checkout ) );
306	wc_clear_notices();
307
308	} else {
309
310	$non_js_checkout = ! empty( $_POST['woocommerce_checkout_update_totals'] ); // WPCS: input var ok, CSRF ok.
311
312	if ( wc_notice_count( 'error' ) === 0 && $non_js_checkout ) {
313	wc_add_notice( __( 'The order totals have been updated. Please confirm your order by pressing the "Place order" button at the bottom of the page.', 'woocommerce' ) );
314	}
315
316	wc_get_template( 'checkout/form-checkout.php', array( 'checkout' => $checkout ) );
317
318	}
319	}
320	}
321