| Current File : /home/kelaby89/jrncommunityhousing.charity/wp-content/plugins/give/includes/ajax-functions.php |
<?php
/**
* AJAX Functions
*
* Process the front-end AJAX actions.
*
* @package Give
* @subpackage Functions/AJAX
* @copyright Copyright (c) 2016, GiveWP
* @license https://opensource.org/licenses/gpl-license GNU Public License
* @since 1.0
*/
// Exit if accessed directly.
use Give\Helpers\Form\Template as FormTemplateUtils;
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Check if AJAX works as expected
* Note: Do not use this function before init hook.
*
* @since 1.0
*
* @param bool $force Flag to test ajax by discarding cache result
*
* @return bool True if AJAX works, false otherwise
*/
function give_test_ajax_works( $force = false ) {
// Handle ajax.
if ( doing_action( 'wp_ajax_nopriv_give_test_ajax' ) ) {
wp_die( 0, 200 );
}
// Check if the Airplane Mode plugin is installed.
if ( class_exists( 'Airplane_Mode_Core' ) ) {
$airplane = Airplane_Mode_Core::getInstance();
if ( method_exists( $airplane, 'enabled' ) ) {
if ( $airplane->enabled() ) {
return true;
}
} else {
if ( 'on' === $airplane->check_status() ) {
return true;
}
}
}
add_filter( 'block_local_requests', '__return_false' );
$works = Give_Cache::get( '_give_ajax_works', true );
if ( ! $works || $force ) {
$params = [
'sslverify' => false,
'timeout' => 30,
'body' => [
'action' => 'give_test_ajax',
],
];
$ajax = wp_remote_post( give_get_ajax_url(), $params );
$works = true;
if ( is_wp_error( $ajax ) ) {
$works = false;
} else {
if ( empty( $ajax['response'] ) ) {
$works = false;
}
if ( empty( $ajax['response']['code'] ) || 200 !== (int) $ajax['response']['code'] ) {
$works = false;
}
if ( empty( $ajax['response']['message'] ) || 'OK' !== $ajax['response']['message'] ) {
$works = false;
}
if ( ! isset( $ajax['body'] ) || 0 !== (int) $ajax['body'] ) {
$works = false;
}
}
if ( $works ) {
Give_Cache::set( '_give_ajax_works', '1', DAY_IN_SECONDS, true );
}
}
/**
* Filter the output
*
* @since 1.0
*/
return apply_filters( 'give_test_ajax_works', $works );
}
add_action( 'wp_ajax_nopriv_give_test_ajax', 'give_test_ajax_works' );
/**
* Get AJAX URL
*
* @since 1.0
*
* @param array $query
*
* @return string
*/
function give_get_ajax_url( $query = [] ) {
$scheme = defined( 'FORCE_SSL_ADMIN' ) && FORCE_SSL_ADMIN ? 'https' : 'admin';
$current_url = give_get_current_page_url();
$ajax_url = admin_url( 'admin-ajax.php', $scheme );
if ( preg_match( '/^https/', $current_url ) && ! preg_match( '/^https/', $ajax_url ) ) {
$ajax_url = preg_replace( '/^http/', 'https', $ajax_url );
}
if ( ! empty( $query ) ) {
$ajax_url = add_query_arg( $query, $ajax_url );
}
return esc_url_raw( apply_filters( 'give_ajax_url', $ajax_url ) );
}
/**
* Loads Checkout Login Fields via AJAX
*
* @since 1.0
*
* @return void
*/
function give_load_checkout_login_fields() {
/**
* Fire when render login fields via ajax.
*
* @since 1.7
*/
do_action( 'give_donation_form_login_fields' );
give_die();
}
add_action( 'wp_ajax_nopriv_give_checkout_login', 'give_load_checkout_login_fields' );
/**
* Load Checkout Fields
*
* @since 1.3.6
*
* @return void
*/
function give_load_checkout_fields() {
$form_id = isset( $_POST['form_id'] ) ? $_POST['form_id'] : '';
ob_start();
/**
* Fire to render registration/login form.
*
* @since 1.7
*/
do_action( 'give_donation_form_register_login_fields', $form_id );
$fields = ob_get_clean();
wp_send_json(
[
'fields' => wp_json_encode( $fields ),
'submit' => wp_json_encode( give_get_donation_form_submit_button( $form_id ) ),
]
);
}
add_action( 'wp_ajax_give_cancel_login', 'give_load_checkout_fields' );
add_action( 'wp_ajax_nopriv_give_cancel_login', 'give_load_checkout_fields' );
add_action( 'wp_ajax_nopriv_give_checkout_register', 'give_load_checkout_fields' );
/**
* Retrieve a states drop down
*
* @since 2.30.0 add 'state_label' & 'states' to response
* @since 1.0
*
* @return void
*/
function give_ajax_get_states_field() {
$states_found = false;
$show_field = true;
$states_require = true;
// Get the Country code from the $_POST.
$country = sanitize_text_field($_POST['country']);
// Get the field name from the $_POST.
$field_name = sanitize_text_field($_POST['field_name']);
$label = __('State', 'give');
$states_label = give_get_states_label();
$default_state = '';
if (give_get_country() === $country) {
$default_state = give_get_state();
}
// Check if $country code exists in the array key for states label.
if (array_key_exists($country, $states_label)) {
$label = $states_label[$country];
}
if (empty($country)) {
$country = give_get_country();
}
$states = give_get_states($country);
if (!empty($states)) {
$args = [
'name' => $field_name,
'id' => $field_name,
'class' => $field_name . ' give-select',
'options' => $states,
'show_option_all' => false,
'show_option_none' => false,
'placeholder' => $label,
'selected' => $default_state,
'autocomplete' => 'address-level1',
];
$data = Give()->html->select($args);
$states_found = true;
} else {
$data = 'nostates';
// Get the country list that does not have any states init.
$no_states_country = give_no_states_country_list();
// Check if $country code exists in the array key.
if (array_key_exists($country, $no_states_country)) {
$show_field = false;
}
// Get the country list that does not require states.
$states_not_required_country_list = give_states_not_required_country_list();
// Check if $country code exists in the array key.
if (array_key_exists($country, $states_not_required_country_list)) {
$states_require = false;
}
}
$response = [
'success' => true,
'states_found' => $states_found,
'states_label' => $label,
'show_field' => $show_field,
'states_require' => $states_require,
'data' => $data,
'default_state' => $default_state,
'city_require' => !array_key_exists($country, give_city_not_required_country_list()),
'zip_require' => !array_key_exists($country, give_get_country_list_without_postcodes()),
'state_label' => $label,
'states' => array_map(static function ($state) {
return html_entity_decode($state, ENT_QUOTES);
}, $states),
];
wp_send_json($response);
}
add_action( 'wp_ajax_give_get_states', 'give_ajax_get_states_field' );
add_action( 'wp_ajax_nopriv_give_get_states', 'give_ajax_get_states_field' );
/**
* Retrieve donation forms via AJAX for chosen dropdown search field.
*
* @since 1.0
*
* @return void
*/
function give_ajax_form_search() {
$results = [];
$search = esc_sql( sanitize_text_field( $_POST['s'] ) );
$args = [
'post_type' => 'give_forms',
's' => $search,
'update_post_term_cache' => false,
'update_post_meta_cache' => false,
'cache_results' => false,
'no_found_rows' => true,
'post_status' => 'publish',
'orderby' => 'title',
'order' => 'ASC',
'posts_per_page' => empty( $search ) ? 30 : -1,
];
/**
* Filter to modify Ajax form search args
*
* @since 2.1
*
* @param array $args Query argument for WP_query
*
* @return array $args Query argument for WP_query
*/
$args = (array) apply_filters( 'give_ajax_form_search_args', $args );
// get all the donation form.
$query = new WP_Query( $args );
if ( $query->have_posts() ) {
while ( $query->have_posts() ) {
$query->the_post();
global $post;
$results[] = [
'id' => $post->ID,
'name' => $post->post_title,
];
}
wp_reset_postdata();
}
/**
* Filter to modify Ajax form search result
*
* @since 2.1
*
* @param array $results Contain the Donation Form id
*
* @return array $results Contain the Donation Form id
*/
$results = (array) apply_filters( 'give_ajax_form_search_response', $results );
wp_send_json( $results );
}
add_action( 'wp_ajax_give_form_search', 'give_ajax_form_search' );
add_action( 'wp_ajax_nopriv_give_form_search', 'give_ajax_form_search' );
/**
* Search the donors database via Ajax
*
* @since 1.0
*
* @return void
*/
function give_ajax_donor_search() {
global $wpdb;
$search = esc_sql( sanitize_text_field( $_POST['s'] ) );
$results = [];
if ( ! current_user_can( 'view_give_reports' ) ) {
$donors = [];
} else {
$donors = $wpdb->get_results( "SELECT id,name,email FROM $wpdb->donors WHERE `name` LIKE '%$search%' OR `email` LIKE '%$search%' LIMIT 50" );
}
if ( $donors ) {
foreach ( $donors as $donor ) {
$results[] = [
'id' => $donor->id,
'name' => $donor->name . ' (' . $donor->email . ')',
];
}
}
wp_send_json( $results );
}
add_action( 'wp_ajax_give_donor_search', 'give_ajax_donor_search' );
/**
* Searches for users via ajax and returns a list of results
*
* @since 1.0
*
* @return void
*/
function give_ajax_search_users() {
$results = [];
if ( current_user_can( 'manage_give_settings' ) ) {
$search = esc_sql( sanitize_text_field( $_POST['s'] ) );
$get_users_args = [
'number' => 9999,
'search' => $search . '*',
];
$get_users_args = apply_filters( 'give_search_users_args', $get_users_args );
$found_users = apply_filters( 'give_ajax_found_users', get_users( $get_users_args ), $search );
$results = [];
if ( $found_users ) {
foreach ( $found_users as $user ) {
$results[] = [
'id' => $user->ID,
'name' => esc_html( $user->user_login . ' (' . $user->user_email . ')' ),
];
}
}
}// End if().
wp_send_json( $results );
}
add_action( 'wp_ajax_give_user_search', 'give_ajax_search_users' );
/**
* Queries page by title and returns page ID and title in JSON format.
*
* Note: this function in for internal use.
*
* @since 2.1
*
* @return string
*/
function give_ajax_pages_search() {
$data = [];
$args = [
'post_type' => 'page',
's' => give_clean( $_POST['s'] ),
];
$query = new WP_Query( $args );
// Query posts by title.
if ( $query->have_posts() ) {
while ( $query->have_posts() ) {
$query->the_post();
$data[] = [
'id' => get_the_ID(),
'name' => get_the_title(),
];
}
}
wp_send_json( $data );
}
add_action( 'wp_ajax_give_pages_search', 'give_ajax_pages_search' );
/**
* Retrieve Categories via AJAX for chosen dropdown search field.
*
* @since 2.1
*
* @return void
*/
function give_ajax_categories_search() {
$results = [];
/**
* Filter to modify Ajax tags search args
*
* @since 2.1
*
* @param array $args argument for get_terms
*
* @return array $args argument for get_terms
*/
$args = (array) apply_filters(
'give_forms_categories_dropdown_args',
[
'number' => 30,
'name__like' => esc_sql( sanitize_text_field( $_POST['s'] ) ),
]
);
$categories = get_terms( 'give_forms_category', $args );
foreach ( $categories as $category ) {
$results[] = [
'id' => $category->term_id,
'name' => $category->name,
];
}
/**
* Filter to modify Ajax tags search result
*
* @since 2.1
*
* @param array $results Contain the categories id and name
*
* @return array $results Contain the categories id and name
*/
$results = (array) apply_filters( 'give_forms_categories_dropdown_responce', $results );
wp_send_json( $results );
}
add_action( 'wp_ajax_give_categories_search', 'give_ajax_categories_search' );
/**
* Retrieve Tags via AJAX for chosen dropdown search field.
*
* @since 2.1
*
* @return void
*/
function give_ajax_tags_search() {
$results = [];
/**
* Filter to modify Ajax tags search args
*
* @since 2.1
*
* @param array $args argument for get_terms
*
* @return array $args argument for get_terms
*/
$args = (array) apply_filters(
'give_forms_tags_dropdown_args',
[
'number' => 30,
'name__like' => esc_sql( sanitize_text_field( $_POST['s'] ) ),
]
);
$categories = get_terms( 'give_forms_tag', $args );
foreach ( $categories as $category ) {
$results[] = [
'id' => $category->term_id,
'name' => $category->name,
];
}
/**
* Filter to modify Ajax tags search result
*
* @since 2.1
*
* @param array $results Contain the tags id and name
*
* @return array $results Contain the tags id and name
*/
$results = (array) apply_filters( 'give_forms_tags_dropdown_responce', $results );
wp_send_json( $results );
}
add_action( 'wp_ajax_give_tags_search', 'give_ajax_tags_search' );
/**
* Check for Price Variations (Multi-level donation forms)
*
* @since 1.5
*
* @return void
*/
function give_check_for_form_price_variations() {
if ( ! current_user_can( 'edit_give_forms', get_current_user_id() ) ) {
die( '-1' );
}
$form_id = absint( $_POST['form_id'] );
$form = get_post( $form_id );
if ( 'give_forms' !== $form->post_type ) {
die( '-2' );
}
if ( give_has_variable_prices( $form_id ) ) {
$variable_prices = give_get_variable_prices( $form_id );
if ( $variable_prices ) {
$ajax_response = '<select class="give_price_options_select give-select give-select" name="give_price_option">';
if ( isset( $_POST['all_prices'] ) ) {
$ajax_response .= '<option value="all">' . esc_html__( 'All Levels', 'give' ) . '</option>';
}
foreach ( $variable_prices as $key => $price ) {
$level_text = ! empty( $price['_give_text'] ) ? esc_html( $price['_give_text'] ) : give_currency_filter( give_format_amount( $price['_give_amount'], [ 'sanitize' => false ] ) );
$ajax_response .= '<option value="' . esc_attr( $price['_give_id']['level_id'] ) . '">' . $level_text . '</option>';
}
$ajax_response .= '</select>';
echo $ajax_response;
}
}
give_die();
}
add_action( 'wp_ajax_give_check_for_form_price_variations', 'give_check_for_form_price_variations' );
/**
* Check for Variation Prices HTML (Multi-level donation forms)
*
* @since 1.6
*
* @return void
*/
function give_check_for_form_price_variations_html() {
if ( ! current_user_can( 'edit_give_payments', get_current_user_id() ) ) {
wp_die();
}
$form_id = ! empty( $_POST['form_id'] ) ? absint( $_POST['form_id'] ) : false;
$payment_id = ! empty( $_POST['payment_id'] ) ? absint( $_POST['payment_id'] ) : false;
if ( empty( $form_id ) || empty( $payment_id ) ) {
wp_die();
}
$form = get_post( $form_id );
if ( ! empty( $form->post_type ) && 'give_forms' !== $form->post_type ) {
wp_die();
}
if ( ! give_has_variable_prices( $form_id ) || ! $form_id ) {
esc_html_e( 'n/a', 'give' );
} else {
$prices_atts = [];
if ( $variable_prices = give_get_variable_prices( $form_id ) ) {
foreach ( $variable_prices as $variable_price ) {
$prices_atts[ $variable_price['_give_id']['level_id'] ] = give_format_amount( $variable_price['_give_amount'], [ 'sanitize' => false ] );
}
}
// Variable price dropdown options.
$variable_price_dropdown_option = [
'id' => $form_id,
'name' => 'give-variable-price',
'chosen' => true,
'show_option_all' => '',
'show_option_none' => '',
'select_atts' => 'data-prices=' . esc_attr( json_encode( $prices_atts ) ),
];
if ( $payment_id ) {
// Payment object.
$payment = new Give_Payment( $payment_id );
// Payment meta.
$payment_meta = $payment->get_meta();
$variable_price_dropdown_option['selected'] = $payment_meta['price_id'];
}
// Render variable prices select tag html.
give_get_form_variable_price_dropdown( $variable_price_dropdown_option, true );
}
give_die();
}
add_action( 'wp_ajax_give_check_for_form_price_variations_html', 'give_check_for_form_price_variations_html' );
/**
* Send Confirmation Email For Complete Donation History Access.
*
* @since 1.8.17
*
* @return bool
*/
function give_confirm_email_for_donation_access() {
// Verify Security using Nonce.
if ( ! check_ajax_referer( 'give_ajax_nonce', 'nonce' ) ) {
return false;
}
// Bail Out, if email is empty.
if ( empty( $_POST['email'] ) ) {
return false;
}
$donor = Give()->donors->get_donor_by( 'email', give_clean( $_POST['email'] ) );
if ( Give()->email_access->can_send_email( $donor->id ) ) {
$return = [];
$email_sent = Give()->email_access->send_email( $donor->id, $donor->email );
$return['status'] = 'success';
if ( ! $email_sent ) {
$return['status'] = 'error';
$return['message'] = Give_Notices::print_frontend_notice(
__( 'Unable to send email. Please try again.', 'give' ),
false,
'error'
);
}
/**
* Filter to modify access mail send notice
*
* @since 2.1.3
*
* @param string Send notice message for email access.
*
* @return string $message Send notice message for email access.
*/
$message = (string) apply_filters( 'give_email_access_mail_send_notice', __( 'Please check your email and click on the link to access your complete donation history.', 'give' ) );
$return['message'] = Give_Notices::print_frontend_notice(
$message,
false,
'success'
);
} else {
$value = Give()->email_access->verify_throttle / 60;
$return['status'] = 'error';
/**
* Filter to modify email access exceed notices message.
*
* @since 2.1.3
*
* @param string $message email access exceed notices message
* @param int $value email access exceed times
*
* @return string $message email access exceed notices message
*/
$message = (string) apply_filters(
'give_email_access_requests_exceed_notice',
sprintf(
__( 'Too many access email requests detected. Please wait %s before requesting a new donation history access link.', 'give' ),
sprintf( _n( '%s minute', '%s minutes', $value, 'give' ), $value )
),
$value
);
$return['message'] = Give_Notices::print_frontend_notice(
$message,
false,
'error'
);
}
echo json_encode( $return );
give_die();
}
add_action( 'wp_ajax_nopriv_give_confirm_email_for_donations_access', 'give_confirm_email_for_donation_access' );
/**
* Render receipt by ajax
* Note: only for internal use
*
* @since 2.2.0
*/
function __give_get_receipt() {
$get_data = give_clean( filter_input_array( INPUT_GET ) );
if ( ! isset( $get_data['shortcode_atts'] ) ) {
give_die();
}
$atts = (array) json_decode( $get_data['shortcode_atts'] );
$data = give_receipt_shortcode( $atts );
wp_send_json( $data );
}
add_action( 'wp_ajax_get_receipt', '__give_get_receipt' );
add_action( 'wp_ajax_nopriv_get_receipt', '__give_get_receipt' );
/**
* Get ajax url to render content from other website into thickbox
* Note: only for internal use
*
* @param array $args
*
* @return string
* @since 2.5.0
*/
function give_modal_ajax_url( $args = [] ) {
$args = wp_parse_args(
$args,
[
'action' => 'give_get_content_by_ajax',
'_wpnonce' => wp_create_nonce( 'give_get_content_by_ajax' ),
]
);
return esc_url_raw( add_query_arg( $args, admin_url( '/admin-ajax.php' ) ) );
}
/**
* Return content from url
* Note: only for internal use
*
* @todo use get_version endpoint to read changelog or cache add-ons infro from update_plugins option
*
* @return string
* @since 2.5.0
*/
function give_get_content_by_ajax_handler() {
check_admin_referer( 'give_get_content_by_ajax' );
if ( empty( $_GET['url'] ) ) {
die();
}
/**
* Restrict requests to GiveWP.com plugin readme.txt file only.
* @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
*
* @since 2.25.2
*/
if(! preg_match('^https://givewp.com/downloads/plugins/(.*)/readme.txt$^', $_GET['url'])) {
die();
}
// Handle changelog render request.
if (
! empty( $_GET['show_changelog'] )
&& (int) give_clean( $_GET['show_changelog'] )
) {
$msg = __( 'Sorry, unable to load changelog.', 'give' );
$url = urldecode_deep( give_clean( $_GET['url'] ) );
$response = wp_remote_get( $url );
if ( is_wp_error( $response ) ) {
echo "$msg<br><br><code>Error: {$response->get_error_message()}</code>";
exit;
}
$response = wp_remote_retrieve_body( $response );
if ( false === strpos( $response, '== Changelog ==' ) ) {
echo $msg;
exit;
}
$changelog = explode( '== Changelog ==', $response );
$changelog = end( $changelog );
echo give_get_format_md( $changelog );
}
do_action( 'give_get_content_by_ajax_handler' );
exit;
}
add_action( 'wp_ajax_give_get_content_by_ajax', 'give_get_content_by_ajax_handler' );
/**
* Get form template for ajax request.
*
* Note: only for internal use
*
* @since 2.7.0
*/
function give_get_form_template_id() {
check_ajax_referer( 'give-donation-form-widget', 'security' );
$formId = isset( $_POST['formId'] ) ? absint( $_POST['formId'] ) : 0;
// Send error response if form id does not mentioned.
if ( ! $formId ) {
wp_send_json_error();
}
$templateID = FormTemplateUtils::getActiveID( $formId );
$templateID = $templateID ?: 'legacy';
wp_send_json_success( $templateID );
}
add_action( 'wp_ajax_give_get_form_template_id', 'give_get_form_template_id' );
add_action( 'wp_ajax_no_priv_give_get_form_template_id', 'give_get_form_template_id' );