| Current File : /home/kelaby89/jrncommunityhousing.charity/wp-content/plugins/give/includes/api/class-give-api.php |
<?php
/**
* Give API
*
* A front-facing JSON/XML API that makes it possible to query donation data.
*
* @package Give
* @subpackage Classes/API
* @copyright Copyright (c) 2016, GiveWP
* @license https://opensource.org/licenses/gpl-license GNU Public License
* @since 1.1
*/
// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Give_API Class
*
* Renders API returns as a JSON/XML array
*
* @since 1.1
*/
class Give_API {
/**
* Latest API Version
*/
const VERSION = 1;
/**
* Pretty Print?
*
* @var bool
* @access private
* @since 1.1
*/
private $pretty_print = false;
/**
* Log API requests?
*
* @var bool
* @access public
* @since 1.1
*/
public $log_requests = true;
/**
* Is this a valid request?
*
* @var bool
* @access private
* @since 1.1
*/
private $is_valid_request = false;
/**
* User ID Performing the API Request
*
* @var int
* @access public
* @since 1.1
*/
public $user_id = 0;
/**
* Instance of Give Stats class
*
* @var object
* @access private
* @since 1.1
*/
private $stats;
/**
* Response data to return
*
* @var array
* @access private
* @since 1.1
*/
private $data = array();
/**
* Whether or not to override api key validation.
*
* @var bool
* @access public
* @since 1.1
*/
public $override = true;
/**
* Version of the API queried
*
* @var string
* @access public
* @since 1.1
*/
private $queried_version;
/**
* All versions of the API
*
* @var array
* @access protected
* @since 1.1
*/
protected $versions = array();
/**
* Queried endpoint
*
* @var string
* @access private
* @since 1.1
*/
private $endpoint;
/**
* Endpoints routes
*
* @var object
* @access private
* @since 1.1
*/
private $routes;
/**
* Setup the Give API
*
* @since 1.1
* @access public
*/
public function __construct() {
$this->versions = array(
'v1' => 'GIVE_API_V1',
);
foreach ( $this->get_versions() as $version => $class ) {
require_once GIVE_PLUGIN_DIR . 'includes/api/class-give-api-' . $version . '.php';
}
add_action( 'init', array( $this, 'add_endpoint' ) );
add_action( 'wp', array( $this, 'process_query' ), - 1 );
add_filter( 'query_vars', array( $this, 'query_vars' ) );
add_action( 'show_user_profile', array( $this, 'user_key_field' ) );
add_action( 'edit_user_profile', array( $this, 'user_key_field' ) );
add_action( 'personal_options_update', array( $this, 'generate_api_key' ) );
add_action( 'edit_user_profile_update', array( $this, 'generate_api_key' ) );
add_action( 'give_process_api_key', array( $this, 'process_api_key' ) );
// Setup a backwards compatibility check for user API Keys
add_filter( 'get_user_metadata', array( $this, 'api_key_backwards_compat' ), 10, 4 );
// Determine if JSON_PRETTY_PRINT is available
$this->pretty_print = defined( 'JSON_PRETTY_PRINT' ) ? JSON_PRETTY_PRINT : null;
// Allow API request logging to be turned off
$this->log_requests = apply_filters( 'give_api_log_requests', $this->log_requests );
// Setup Give_Payment_Stats instance
$this->stats = new Give_Payment_Stats();
}
/**
* There are certain responsibility of this function:
* 1. handle backward compatibility for deprecated functions
*
* @since 2.0
*
* @param $name
* @param $arguments
*
* @return mixed
*/
public function __call( $name, $arguments ) {
$deprecated_function_arr = array(
'get_customers',
);
if ( in_array( $name, $deprecated_function_arr, true ) ) {
switch ( $name ) {
case 'get_customers':
$args = ! empty( $arguments[0] ) ? $arguments[0] : array();
return $this->get_donors( $args );
}
}
}
/**
* Registers a new rewrite endpoint for accessing the API
*
* @access public
*
* @since 1.1
*/
public function add_endpoint() {
add_rewrite_endpoint( 'give-api', EP_ALL );
}
/**
* Registers query vars for API access
*
* @access public
* @since 1.1
*
* @param array $vars Query vars
*
* @return string[] $vars New query vars
*/
public function query_vars( $vars ) {
$vars[] = 'token';
$vars[] = 'key';
$vars[] = 'query';
$vars[] = 'type';
$vars[] = 'form';
$vars[] = 'number';
$vars[] = 'date';
$vars[] = 'startdate';
$vars[] = 'enddate';
$vars[] = 'donor';
$vars[] = 'format';
$vars[] = 'id';
$vars[] = 'purchasekey';
$vars[] = 'email';
return $vars;
}
/**
* Retrieve the API versions
*
* @access public
* @since 1.1
* @return array
*/
public function get_versions() {
return $this->versions;
}
/**
* Retrieve the API version that was queried
*
* @access public
* @since 1.1
* @return string
*/
public function get_queried_version() {
return $this->queried_version;
}
/**
* Retrieves the default version of the API to use
*
* @access public
* @since 1.1
* @return string
*/
public function get_default_version() {
$version = get_option( 'give_default_api_version' );
if ( defined( 'GIVE_API_VERSION' ) ) {
$version = GIVE_API_VERSION;
} elseif ( ! $version ) {
$version = 'v1';
}
return $version;
}
/**
* Sets the version of the API that was queried.
*
* Falls back to the default version if no version is specified
*
* @access private
* @since 1.1
*/
private function set_queried_version() {
global $wp_query;
$version = $wp_query->query_vars['give-api'];
if ( strpos( $version, '/' ) ) {
$version = explode( '/', $version );
$version = strtolower( $version[0] );
$wp_query->query_vars['give-api'] = str_replace( $version . '/', '', $wp_query->query_vars['give-api'] );
if ( array_key_exists( $version, $this->versions ) ) {
$this->queried_version = $version;
} else {
$this->is_valid_request = false;
$this->invalid_version();
}
} else {
$this->queried_version = $this->get_default_version();
}
}
/**
* Validate the API request
*
* Checks for the user's public key and token against the secret key.
*
* @access private
* @global object $wp_query WordPress Query
* @uses Give_API::get_user()
* @uses Give_API::invalid_key()
* @uses Give_API::invalid_auth()
* @since 1.1
* @return bool
*/
private function validate_request() {
global $wp_query;
$this->override = false;
// Make sure we have both user and api key
if ( ! empty( $wp_query->query_vars['give-api'] ) && ( $wp_query->query_vars['give-api'] !== 'forms' || ! empty( $wp_query->query_vars['token'] ) ) ) {
if ( empty( $wp_query->query_vars['token'] ) || empty( $wp_query->query_vars['key'] ) ) {
$this->missing_auth();
return false;
}
// Retrieve the user by public API key and ensure they exist
if ( ! preg_match( '/^[a-f0-9]{32}$/i', $wp_query->query_vars['key'] ) || ! ( $user = $this->get_user( $wp_query->query_vars['key'] ) ) ) {
$this->invalid_key();
return false;
} else {
$token = urldecode( $wp_query->query_vars['token'] );
$secret = $this->get_user_secret_key( $user );
$public = urldecode( $wp_query->query_vars['key'] );
// Verify that if user has secret key or not
if ( ! $secret ) {
$this->invalid_auth();
}
if ( hash_equals( md5( $secret . $public ), $token ) ) {
$this->is_valid_request = true;
} else {
$this->invalid_auth();
return false;
}
}
} elseif ( ! empty( $wp_query->query_vars['give-api'] ) && $wp_query->query_vars['give-api'] === 'forms' ) {
$this->is_valid_request = true;
$wp_query->set( 'key', 'public' );
}
}
/**
* Retrieve the user ID based on the public key provided
*
* @access public
* @since 1.1
* @global WPDB $wpdb Used to query the database using the WordPress
* Database API
*
* @param string $key Public Key
*
* @return bool if user ID is found, false otherwise
*/
public function get_user( $key = '' ) {
global $wpdb, $wp_query;
if ( empty( $key ) ) {
$key = urldecode( $wp_query->query_vars['key'] );
}
if ( empty( $key ) ) {
return false;
}
$user = Give_Cache::get( md5( 'give_api_user_' . $key ), true );
if ( false === $user ) {
$user = $wpdb->get_var( $wpdb->prepare( "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value=%s LIMIT 1", $key, 'give_user_public_key' ) );
Give_Cache::set( md5( 'give_api_user_' . $key ), $user, DAY_IN_SECONDS, true );
}
if ( $user != null ) {
$this->user_id = $user;
return $user;
}
return false;
}
/**
* Get user public key.
*
* @param int $user_id
*
* @return mixed|null|string
*/
public function get_user_public_key( $user_id = 0 ) {
global $wpdb;
if ( empty( $user_id ) ) {
return '';
}
$cache_key = md5( 'give_api_user_public_key' . $user_id );
$user_public_key = Give_Cache::get( $cache_key, true );
if ( empty( $user_public_key ) ) {
$user_public_key = $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->usermeta WHERE meta_value = 'give_user_public_key' AND user_id = %d", $user_id ) );
Give_Cache::set( $cache_key, $user_public_key, HOUR_IN_SECONDS, true );
}
return $user_public_key;
}
/**
* Get user secret key.
*
* @param int $user_id
*
* @return mixed|null|string
*/
public function get_user_secret_key( $user_id = 0 ) {
global $wpdb;
if ( empty( $user_id ) ) {
return '';
}
$cache_key = md5( 'give_api_user_secret_key' . $user_id );
$user_secret_key = Give_Cache::get( $cache_key, true );
if ( empty( $user_secret_key ) ) {
$user_secret_key = $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->usermeta WHERE meta_value = 'give_user_secret_key' AND user_id = %d", $user_id ) );
Give_Cache::set( $cache_key, $user_secret_key, HOUR_IN_SECONDS, true );
}
return $user_secret_key;
}
/**
* Displays a missing authentication error if all the parameters are not met.
* provided
*
* @access private
* @uses Give_API::output()
* @since 1.1
*/
private function missing_auth() {
$error = array();
$error['error'] = __( 'You must specify both a token and API key.', 'give' );
$this->data = $error;
$this->output( 401 );
}
/**
* Displays an authentication failed error if the user failed to provide valid
* credentials
*
* @access private
* @since 1.1
* @uses Give_API::output()
* @return void
*/
private function invalid_auth() {
$error = array();
$error['error'] = __( 'Your request could not be authenticated.', 'give' );
$this->data = $error;
$this->output( 403 );
}
/**
* Displays an invalid API key error if the API key provided couldn't be
* validated
*
* @access private
* @since 1.1
* @uses Give_API::output()
* @return void
*/
private function invalid_key() {
$error = array();
$error['error'] = __( 'Invalid API key.', 'give' );
$this->data = $error;
$this->output( 403 );
}
/**
* Displays an invalid version error if the version number passed isn't valid
*
* @access private
* @since 1.1
* @uses Give_API::output()
* @return void
*/
private function invalid_version() {
$error = array();
$error['error'] = __( 'Invalid API version.', 'give' );
$this->data = $error;
$this->output( 404 );
}
/**
* Listens for the API and then processes the API requests
*
* @access public
* @global $wp_query
* @since 1.1
* @return void
*/
public function process_query() {
global $wp_query;
// Start logging how long the request takes for logging
$before = microtime( true );
// Check for give-api var. Get out if not present
if ( empty( $wp_query->query_vars['give-api'] ) ) {
return;
}
// Determine which version was queried
$this->set_queried_version();
// Determine the kind of query
$this->set_query_mode();
// Check for a valid user and set errors if necessary
$this->validate_request();
// Only proceed if no errors have been noted
if ( ! $this->is_valid_request ) {
return;
}
if ( ! defined( 'GIVE_DOING_API' ) ) {
define( 'GIVE_DOING_API', true );
}
$data = array();
$this->routes = new $this->versions[ $this->get_queried_version() ];
$this->routes->validate_request();
switch ( $this->endpoint ) :
case 'stats':
$data = $this->routes->get_stats(
array(
'type' => isset( $wp_query->query_vars['type'] ) ? $wp_query->query_vars['type'] : null,
'form' => isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null,
'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null,
'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null,
'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null,
)
);
break;
case 'forms':
$form = isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null;
$data = $this->routes->get_forms( $form );
break;
case 'donors':
$donor = isset( $wp_query->query_vars['donor'] ) ? $wp_query->query_vars['donor'] : null;
$data = $this->routes->get_donors( $donor );
break;
case 'donations':
/**
* Call to get recent donations
*
* @params text date | today, yesterday or range
* @params date startdate | required when date = range and format to be YYYYMMDD (i.e. 20170524)
* @params date enddate | required when date = range and format to be YYYYMMDD (i.e. 20170524)
*/
$data = $this->routes->get_recent_donations(
array(
'id' => isset( $wp_query->query_vars['id'] ) ? $wp_query->query_vars['id'] : null,
'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null,
'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null,
'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null,
)
);
break;
endswitch;
// Allow extensions to setup their own return data
$this->data = apply_filters( 'give_api_output_data', $data, $this->endpoint, $this );
$after = microtime( true );
$request_time = ( $after - $before );
$this->data['request_speed'] = $request_time;
// Log this API request, if enabled. We log it here because we have access to errors.
$this->log_request( $this->data );
// Send out data to the output function
$this->output();
}
/**
* Returns the API endpoint requested
*
* @access public
* @since 1.1
* @return string $query Query mode
*/
public function get_query_mode() {
return $this->endpoint;
}
/**
* Determines the kind of query requested and also ensure it is a valid query
*
* @access public
* @since 1.1
* @global $wp_query
*/
public function set_query_mode() {
global $wp_query;
// Whitelist our query options
$accepted = apply_filters(
'give_api_valid_query_modes',
array(
'stats',
'forms',
'donors',
'donations',
)
);
$query = isset( $wp_query->query_vars['give-api'] ) ? $wp_query->query_vars['give-api'] : null;
$query = str_replace( $this->queried_version . '/', '', $query );
$error = array();
// Make sure our query is valid
if ( ! in_array( $query, $accepted ) ) {
$error['error'] = __( 'Invalid query.', 'give' );
$this->data = $error;
// 400 is Bad Request
$this->output( 400 );
}
$this->endpoint = $query;
}
/**
* Get page number
*
* @access public
* @since 1.1
* @global $wp_query
* @return int $wp_query->query_vars['page'] if page number returned (default: 1)
*/
public function get_paged() {
global $wp_query;
return isset( $wp_query->query_vars['page'] ) ? $wp_query->query_vars['page'] : 1;
}
/**
* Number of results to display per page
*
* @access public
* @since 1.1
* @global $wp_query
* @return int $per_page Results to display per page (default: 10)
*/
public function per_page() {
global $wp_query;
$per_page = isset( $wp_query->query_vars['number'] ) ? $wp_query->query_vars['number'] : 10;
if ( $per_page < 0 && $this->get_query_mode() == 'donors' ) {
$per_page = 99999999;
} // End if().
return apply_filters( 'give_api_results_per_page', $per_page );
}
/**
* Sets up the dates used to retrieve earnings/donations
*
* @access public
* @since 1.2
*
* @param array $args Arguments to override defaults
*
* @return array $dates
*/
public function get_dates( $args = array() ) {
$dates = array();
$defaults = array(
'type' => '',
'form' => null,
'date' => null,
'startdate' => null,
'enddate' => null,
);
$args = wp_parse_args( $args, $defaults );
$current_time = current_time( 'timestamp' );
if ( 'range' === $args['date'] ) {
$startdate = strtotime( $args['startdate'] );
$enddate = strtotime( $args['enddate'] );
$dates['day_start'] = date( 'd', $startdate );
$dates['day_end'] = date( 'd', $enddate );
$dates['m_start'] = date( 'n', $startdate );
$dates['m_end'] = date( 'n', $enddate );
$dates['year'] = date( 'Y', $startdate );
$dates['year_end'] = date( 'Y', $enddate );
} else {
// Modify dates based on predefined ranges
switch ( $args['date'] ) :
case 'this_month':
$dates['day'] = null;
$dates['m_start'] = date( 'n', $current_time );
$dates['m_end'] = date( 'n', $current_time );
$dates['year'] = date( 'Y', $current_time );
break;
case 'last_month':
$dates['day'] = null;
$dates['m_start'] = date( 'n', $current_time ) == 1 ? 12 : date( 'n', $current_time ) - 1;
$dates['m_end'] = $dates['m_start'];
$dates['year'] = date( 'n', $current_time ) == 1 ? date( 'Y', $current_time ) - 1 : date( 'Y', $current_time );
break;
case 'today':
$dates['day'] = date( 'd', $current_time );
$dates['m_start'] = date( 'n', $current_time );
$dates['m_end'] = date( 'n', $current_time );
$dates['year'] = date( 'Y', $current_time );
break;
case 'yesterday':
$year = date( 'Y', $current_time );
$month = date( 'n', $current_time );
$day = date( 'd', $current_time );
if ( $month == 1 && $day == 1 ) {
$year -= 1;
$month = 12;
$day = cal_days_in_month( CAL_GREGORIAN, $month, $year );
} elseif ( $month > 1 && $day == 1 ) {
$month -= 1;
$day = cal_days_in_month( CAL_GREGORIAN, $month, $year );
} else {
$day -= 1;
}
$dates['day'] = $day;
$dates['m_start'] = $month;
$dates['m_end'] = $month;
$dates['year'] = $year;
break;
case 'this_quarter':
$month_now = date( 'n', $current_time );
$dates['day'] = null;
if ( $month_now <= 3 ) {
$dates['m_start'] = 1;
$dates['m_end'] = 3;
$dates['year'] = date( 'Y', $current_time );
} elseif ( $month_now <= 6 ) {
$dates['m_start'] = 4;
$dates['m_end'] = 6;
$dates['year'] = date( 'Y', $current_time );
} elseif ( $month_now <= 9 ) {
$dates['m_start'] = 7;
$dates['m_end'] = 9;
$dates['year'] = date( 'Y', $current_time );
} else {
$dates['m_start'] = 10;
$dates['m_end'] = 12;
$dates['year'] = date( 'Y', $current_time );
}
break;
case 'last_quarter':
$month_now = date( 'n', $current_time );
$dates['day'] = null;
if ( $month_now <= 3 ) {
$dates['m_start'] = 10;
$dates['m_end'] = 12;
$dates['year'] = date( 'Y', $current_time ) - 1; // Previous year
} elseif ( $month_now <= 6 ) {
$dates['m_start'] = 1;
$dates['m_end'] = 3;
$dates['year'] = date( 'Y', $current_time );
} elseif ( $month_now <= 9 ) {
$dates['m_start'] = 4;
$dates['m_end'] = 6;
$dates['year'] = date( 'Y', $current_time );
} else {
$dates['m_start'] = 7;
$dates['m_end'] = 9;
$dates['year'] = date( 'Y', $current_time );
}
break;
case 'this_year':
$dates['day'] = null;
$dates['m_start'] = null;
$dates['m_end'] = null;
$dates['year'] = date( 'Y', $current_time );
break;
case 'last_year':
$dates['day'] = null;
$dates['m_start'] = null;
$dates['m_end'] = null;
$dates['year'] = date( 'Y', $current_time ) - 1;
break;
endswitch;
}// End if().
/**
* Returns the filters for the dates used to retrieve earnings.
*
* @since 1.2
*
* @param array $dates The dates used for retrieving earnings.
*/
return apply_filters( 'give_api_stat_dates', $dates );
}
/**
* Process Get Donors API Request.
*
* @access public
* @since 1.1
* @global WPDB $wpdb Used to query the database using the WordPress Database API.
*
* @param int $donor Donor ID.
*
* @return array $donors Multidimensional array of the donors.
*/
public function get_donors( $donor = null ) {
$donors = array();
$error = array();
if ( ! user_can( $this->user_id, 'view_give_sensitive_data' ) && ! $this->override ) {
return $donors;
}
$paged = $this->get_paged();
$per_page = $this->per_page();
$offset = $per_page * ( $paged - 1 );
if ( is_numeric( $donor ) ) {
$field = 'id';
} else {
$field = 'email';
}
$donor_query = Give()->donors->get_donors(
array(
'number' => $per_page,
'offset' => $offset,
$field => $donor,
)
);
$donor_count = 0;
if ( $donor_query ) {
foreach ( $donor_query as $donor_obj ) {
$names = explode( ' ', $donor_obj->name );
$first_name = ! empty( $names[0] ) ? $names[0] : '';
$last_name = '';
if ( ! empty( $names[1] ) ) {
unset( $names[0] );
$last_name = implode( ' ', $names );
}
$title_prefix = Give()->donor_meta->get_meta( $donor_obj->id, '_give_donor_title_prefix', true );
// Set title prefix empty, if not available in db.
if ( empty( $title_prefix ) ) {
$title_prefix = '';
}
$donors['donors'][ $donor_count ]['info']['user_id'] = '';
$donors['donors'][ $donor_count ]['info']['username'] = '';
$donors['donors'][ $donor_count ]['info']['display_name'] = '';
$donors['donors'][ $donor_count ]['info']['donor_id'] = $donor_obj->id;
$donors['donors'][ $donor_count ]['info']['title_prefix'] = $title_prefix;
$donors['donors'][ $donor_count ]['info']['first_name'] = $first_name;
$donors['donors'][ $donor_count ]['info']['last_name'] = $last_name;
$donors['donors'][ $donor_count ]['info']['email'] = $donor_obj->email;
if ( ! empty( $donor_obj->user_id ) ) {
$user_data = get_userdata( $donor_obj->user_id );
// Donor with registered account.
$donors['donors'][ $donor_count ]['info']['user_id'] = $donor_obj->user_id;
$donors['donors'][ $donor_count ]['info']['username'] = $user_data->user_login;
$donors['donors'][ $donor_count ]['info']['display_name'] = $user_data->display_name;
}
$donors['donors'][ $donor_count ]['stats']['total_donations'] = $donor_obj->purchase_count;
$donors['donors'][ $donor_count ]['stats']['total_spent'] = $donor_obj->purchase_value;
$donor = new Give_Donor( $donor_obj->id );
// Get donor's addresses.
$donors['donors'][ $donor_count ]['address'] = $donor->address;
$donor_count ++;
} // End foreach().
} elseif ( $donor ) {
$error['error'] = sprintf(
/* translators: %s: donor */
__( 'Donor %s not found.', 'give' ),
$donor
);
return $error;
} else {
$error['error'] = __( 'No donors found.', 'give' );
return $error;
} // End if().
return $donors;
}
/**
* Process Get Donation Forms API Request
*
* @access public
* @since 1.1
*
* @param int $form Give Form ID.
*
* @return array $donors Multidimensional array of the forms.
*/
public function get_forms( $form = null ) {
$forms = array();
$error = array();
if ( $form == null ) {
$forms['forms'] = array();
$form_list = get_posts(
array(
'post_type' => 'give_forms',
'posts_per_page' => $this->per_page(),
'suppress_filters' => true,
'paged' => $this->get_paged(),
)
);
if ( $form_list ) {
$i = 0;
foreach ( $form_list as $form_info ) {
$forms['forms'][ $i ] = $this->get_form_data( $form_info );
$i ++;
}
}
} else {
if ( get_post_type( $form ) == 'give_forms' ) {
$form_info = get_post( $form );
$forms['forms'][0] = $this->get_form_data( $form_info );
} else {
$error['error'] = sprintf( /* translators: %s: form */
__( 'Form %s not found.', 'give' ),
$form
);
return $error;
}
}
return $forms;
}
/**
* Given a give_forms post object, generate the data for the API output
*
* @since 1.1
*
* @param object $form_info The Give Form's Post Object.
*
* @return array Array of post data to return back in the API.
*/
private function get_form_data( $form_info ) {
$form = array();
$currency = give_get_option( 'currency' );
$form['info']['id'] = $form_info->ID;
$form['info']['slug'] = $form_info->post_name;
$form['info']['title'] = $form_info->post_title;
$form['info']['create_date'] = $form_info->post_date;
$form['info']['modified_date'] = $form_info->post_modified;
$form['info']['status'] = $form_info->post_status;
$form['info']['link'] = html_entity_decode( $form_info->guid );
$form['info']['content'] = give_get_meta( $form_info->ID, '_give_form_content', true );
$form['info']['thumbnail'] = wp_get_attachment_url( get_post_thumbnail_id( $form_info->ID ) );
if ( give_is_setting_enabled( give_get_option( 'categories', 'disabled' ) ) ) {
$form['info']['category'] = get_the_terms( $form_info, 'give_forms_category' );
$form['info']['tags'] = get_the_terms( $form_info, 'give_forms_tag' );
}
if ( give_is_setting_enabled( give_get_option( 'tags', 'disabled' ) ) ) {
$form['info']['tags'] = get_the_terms( $form_info, 'give_forms_tag' );
}
// Check whether any goal is to be achieved for the donation form.
$goal_option = give_get_meta( $form_info->ID, '_give_goal_option', true );
$goal_amount = give_get_meta( $form_info->ID, '_give_set_goal', true );
if ( give_is_setting_enabled( $goal_option ) && $goal_amount ) {
$total_income = give_get_form_earnings_stats( $form_info->ID );
$goal_percentage_completed = ( $total_income < $goal_amount ) ? round( ( $total_income / $goal_amount ) * 100, 2 ) : 100;
$form['goal']['amount'] = isset( $goal_amount ) ? give_format_decimal(
array(
'amount' => $goal_amount,
'currency' => $currency,
)
) : '';
$form['goal']['percentage_completed'] = isset( $goal_percentage_completed ) ? $goal_percentage_completed : '';
}
if ( user_can( $this->user_id, 'view_give_reports' ) || $this->override ) {
$form['stats']['total']['donations'] = give_get_form_sales_stats( $form_info->ID );
$form['stats']['total']['earnings'] = give_format_decimal(
array(
'amount' => give_get_form_earnings_stats( $form_info->ID ),
'currency' => $currency,
)
);
$form['stats']['monthly_average']['donations'] = give_get_average_monthly_form_sales( $form_info->ID );
$form['stats']['monthly_average']['earnings'] = give_format_decimal(
array(
'amount' => give_get_average_monthly_form_earnings( $form_info->ID ),
'currency' => $currency,
)
);
}
$counter = 0;
if ( give_has_variable_prices( $form_info->ID ) ) {
foreach ( give_get_variable_prices( $form_info->ID ) as $price ) {
$counter ++;
// multi-level item
$level = isset( $price['_give_text'] ) ? $price['_give_text'] : 'level-' . $counter;
$form['pricing'][ sanitize_key( $level ) ] = give_format_decimal(
array(
'amount' => $price['_give_amount'],
'currency' => $currency,
)
);
}
} else {
$form['pricing']['amount'] = give_format_decimal(
array(
'amount' => give_get_form_price( $form_info->ID ),
'currency' => $currency,
)
);
}
if ( user_can( $this->user_id, 'view_give_sensitive_data' ) || $this->override ) {
/**
* Fires when generating API sensitive data.
*
* @since 1.1
*/
do_action( 'give_api_sensitive_data' );
}
return apply_filters( 'give_api_forms_form', $form );
}
/**
* Process Get Stats API Request
*
* @since 1.1
*
* @global WPDB $wpdb Used to query the database using the WordPress.
*
* @param array $args Arguments provided by API Request.
*
* @return array
*/
public function get_stats( $args = array() ) {
$defaults = array(
'type' => null,
'form' => null,
'date' => null,
'startdate' => null,
'enddate' => null,
);
$args = wp_parse_args( $args, $defaults );
$dates = $this->get_dates( $args );
$currency = give_get_option( 'currency' );
$stats = array();
$earnings = array(
'earnings' => array(),
);
$donations = array(
'donations' => array(),
);
$error = array();
if ( ! user_can( $this->user_id, 'view_give_reports' ) && ! $this->override ) {
return $stats;
}
if ( $args['type'] == 'donations' ) {
if ( $args['form'] == null ) {
if ( $args['date'] == null ) {
$donations = $this->get_default_sales_stats();
} elseif ( $args['date'] === 'range' ) {
// Return donations for a date range.
// Ensure the end date is later than the start date.
if ( $args['enddate'] < $args['startdate'] ) {
$error['error'] = __( 'The end date must be later than the start date.', 'give' );
}
// Ensure both the start and end date are specified
if ( empty( $args['startdate'] ) || empty( $args['enddate'] ) ) {
$error['error'] = __( 'Invalid or no date range specified.', 'give' );
}
$total = 0;
// Loop through the years
$y = $dates['year'];
while ( $y <= $dates['year_end'] ) :
if ( $dates['year'] == $dates['year_end'] ) {
$month_start = $dates['m_start'];
$month_end = $dates['m_end'];
} elseif ( $y == $dates['year'] && $dates['year_end'] > $dates['year'] ) {
$month_start = $dates['m_start'];
$month_end = 12;
} elseif ( $y == $dates['year_end'] ) {
$month_start = 1;
$month_end = $dates['m_end'];
} else {
$month_start = 1;
$month_end = 12;
}
$i = $month_start;
while ( $i <= $month_end ) :
if ( $i == $dates['m_start'] ) {
$d = $dates['day_start'];
} else {
$d = 1;
}
if ( $i == $dates['m_end'] ) {
$num_of_days = $dates['day_end'];
} else {
$num_of_days = cal_days_in_month( CAL_GREGORIAN, $i, $y );
}
while ( $d <= $num_of_days ) :
$sale_count = give_get_sales_by_date( $d, $i, $y );
$date_key = date( 'Ymd', strtotime( $y . '/' . $i . '/' . $d ) );
if ( ! isset( $donations['sales'][ $date_key ] ) ) {
$donations['sales'][ $date_key ] = 0;
}
$donations['sales'][ $date_key ] += $sale_count;
$total += $sale_count;
$d ++;
endwhile;
$i ++;
endwhile;
$y ++;
endwhile;
$donations['totals'] = $total;
} else {
if ( $args['date'] == 'this_quarter' || $args['date'] == 'last_quarter' ) {
$donations_count = 0;
// Loop through the months
$month = $dates['m_start'];
while ( $month <= $dates['m_end'] ) :
$donations_count += give_get_sales_by_date( null, $month, $dates['year'] );
$month ++;
endwhile;
$donations['donations'][ $args['date'] ] = $donations_count;
} else {
$donations['donations'][ $args['date'] ] = give_get_sales_by_date( $dates['day'], $dates['m_start'], $dates['year'] );
}
}// End if().
} elseif ( $args['form'] == 'all' ) {
$forms = get_posts(
array(
'post_type' => 'give_forms',
'nopaging' => true,
)
);
$i = 0;
foreach ( $forms as $form_info ) {
$donations['donations'][ $i ] = array(
$form_info->post_name => $this->stats->get_sales(
$form_info->ID,
is_numeric( $args['startdate'] )
? strtotime( $args['startdate'] )
: $args['startdate'],
is_numeric( $args['enddate'] )
? strtotime( $args['enddate'] )
: $args['enddate']
),
);
$i ++;
}
} else {
if ( get_post_type( $args['form'] ) == 'give_forms' ) {
$form_info = get_post( $args['form'] );
$donations['donations'][0] = array(
$form_info->post_name => $this->stats->get_sales(
$args['form'],
is_numeric( $args['startdate'] )
? strtotime( $args['startdate'] )
: $args['startdate'],
is_numeric( $args['enddate'] )
? strtotime( $args['enddate'] )
: $args['enddate']
),
);
} else {
$error['error'] = sprintf( /* translators: %s: form */
__( 'Form %s not found.', 'give' ),
$args['form']
);
}
}// End if().
if ( ! empty( $error ) ) {
return $error;
}
return $donations;
} elseif ( $args['type'] == 'earnings' ) {
if ( $args['form'] == null ) {
if ( $args['date'] == null ) {
$earnings = $this->get_default_earnings_stats();
} elseif ( $args['date'] === 'range' ) {
// Return sales for a date range
// Ensure the end date is later than the start date
if ( $args['enddate'] < $args['startdate'] ) {
$error['error'] = __( 'The end date must be later than the start date.', 'give' );
}
// Ensure both the start and end date are specified
if ( empty( $args['startdate'] ) || empty( $args['enddate'] ) ) {
$error['error'] = __( 'Invalid or no date range specified.', 'give' );
}
$total = (float) 0.00;
// Loop through the years
$y = $dates['year'];
if ( ! isset( $earnings['earnings'] ) ) {
$earnings['earnings'] = array();
}
while ( $y <= $dates['year_end'] ) :
if ( $dates['year'] == $dates['year_end'] ) {
$month_start = $dates['m_start'];
$month_end = $dates['m_end'];
} elseif ( $y == $dates['year'] && $dates['year_end'] > $dates['year'] ) {
$month_start = $dates['m_start'];
$month_end = 12;
} elseif ( $y == $dates['year_end'] ) {
$month_start = 1;
$month_end = $dates['m_end'];
} else {
$month_start = 1;
$month_end = 12;
}
$i = $month_start;
while ( $i <= $month_end ) :
if ( $i == $dates['m_start'] ) {
$d = $dates['day_start'];
} else {
$d = 1;
}
if ( $i == $dates['m_end'] ) {
$num_of_days = $dates['day_end'];
} else {
$num_of_days = cal_days_in_month( CAL_GREGORIAN, $i, $y );
}
while ( $d <= $num_of_days ) :
$earnings_stat = give_get_earnings_by_date( $d, $i, $y );
$date_key = date( 'Ymd', strtotime( $y . '/' . $i . '/' . $d ) );
if ( ! isset( $earnings['earnings'][ $date_key ] ) ) {
$earnings['earnings'][ $date_key ] = 0;
}
$earnings['earnings'][ $date_key ] += give_format_decimal(
array(
'amount' => $earnings_stat,
'currency' => $currency,
)
);
$total += $earnings_stat;
$d ++;
endwhile;
$i ++;
endwhile;
$y ++;
endwhile;
$earnings['totals'] = give_format_decimal(
array(
'amount' => $total,
'currency' => $currency,
)
);
} else {
if ( $args['date'] == 'this_quarter' || $args['date'] == 'last_quarter' ) {
$earnings_count = (float) 0.00;
// Loop through the months
$month = $dates['m_start'];
while ( $month <= $dates['m_end'] ) :
$earnings_count += give_get_earnings_by_date( null, $month, $dates['year'] );
$month ++;
endwhile;
$earnings['earnings'][ $args['date'] ] = give_format_decimal(
array(
'amount' => $earnings_count,
'currency' => $currency,
)
);
} else {
$earnings['earnings'][ $args['date'] ] = give_format_decimal(
array(
'amount' => give_get_earnings_by_date( $dates['day'], $dates['m_start'], $dates['year'] ),
'currency' => $currency,
)
);
}
}// End if().
} elseif ( $args['form'] == 'all' ) {
$forms = get_posts(
array(
'post_type' => 'give_forms',
'nopaging' => true,
)
);
$i = 0;
foreach ( $forms as $form_info ) {
$earnings['earnings'][ $i ] = array(
$form_info->post_name => give_format_decimal(
array(
'amount' => give_get_form_earnings_stats( $form_info->ID ),
'currency' => $currency,
)
),
);
$i ++;
}
} else {
if ( get_post_type( $args['form'] ) == 'give_forms' ) {
$form_info = get_post( $args['form'] );
$earnings['earnings'][0] = array(
$form_info->post_name => give_format_decimal(
array(
'amount' => $this->stats->get_earnings(
$args['form'],
is_numeric( $args['startdate'] )
? strtotime( $args['startdate'] )
: $args['startdate'],
is_numeric( $args['enddate'] )
? strtotime( $args['enddate'] )
: $args['enddate']
),
'currency' => $currency,
)
),
);
} else {
$error['error'] = sprintf( /* translators: %s: form */
__( 'Form %s not found.', 'give' ),
$args['form']
);
}
}// End if().
if ( ! empty( $error ) ) {
return $error;
}
return $earnings;
} elseif ( $args['type'] == 'donors' ) {
$donors = new Give_DB_Donors();
$stats['donations']['total_donors'] = $donors->count();
return $stats;
} elseif ( empty( $args['type'] ) ) {
$stats = array_merge( $stats, $this->get_default_sales_stats() );
$stats = array_merge( $stats, $this->get_default_earnings_stats() );
return array(
'stats' => $stats,
);
}// End if().
}
/**
* Retrieves Recent Donations
*
* @access public
* @since 1.1
*
* @param $args array
*
* @return array
*/
public function get_recent_donations( $args = array() ) {
global $wp_query;
$defaults = array(
'id' => null,
'date' => null,
'startdate' => null,
'enddate' => null,
);
$args = wp_parse_args( $args, $defaults );
$donations = array();
if ( ! user_can( $this->user_id, 'view_give_reports' ) && ! $this->override ) {
return $donations;
}
if ( isset( $wp_query->query_vars['id'] ) ) {
$query = array();
$query[] = new Give_Payment( $wp_query->query_vars['id'] );
} elseif ( isset( $wp_query->query_vars['purchasekey'] ) ) {
$query = array();
$query[] = give_get_payment_by( 'key', $wp_query->query_vars['purchasekey'] );
} elseif ( isset( $wp_query->query_vars['email'] ) ) {
$args = array(
'fields' => 'ids',
'meta_key' => '_give_payment_donor_email',
'meta_value' => $wp_query->query_vars['email'],
'number' => $this->per_page(),
'page' => $this->get_paged(),
);
$query = give_get_payments( $args );
} elseif ( isset( $wp_query->query_vars['date'] ) ) {
$current_time = current_time( 'timestamp' );
$dates = $this->get_dates( $args );
$start_date = '';
$end_date = '';
/**
* Switch case for date query argument
*
* @since 1.8.8
*
* @params text date | today, yesterday or range
* @params date startdate | required when date = range and format to be YYYYMMDD (i.e. 20170524)
* @params date enddate | required when date = range and format to be YYYYMMDD (i.e. 20170524)
*/
switch ( $wp_query->query_vars['date'] ) {
case 'today':
// Set and Format Start and End Date to be date of today.
$start_date = $end_date = date( 'Y/m/d', $current_time );
break;
case 'yesterday':
// Set and Format Start and End Date to be date of yesterday.
$start_date = $end_date = date( 'Y/m', $current_time ) . '/' . ( date( 'd', $current_time ) - 1 );
break;
case 'range':
// Format Start Date and End Date for filtering payment based on date range.
$start_date = $dates['year'] . '/' . $dates['m_start'] . '/' . $dates['day_start'];
$end_date = $dates['year_end'] . '/' . $dates['m_end'] . '/' . $dates['day_end'];
break;
}
$args = array(
'fields' => 'ids',
'start_date' => $start_date,
'end_date' => $end_date,
'number' => $this->per_page(),
'page' => $this->get_paged(),
);
$query = give_get_payments( $args );
} else {
$args = array(
'fields' => 'ids',
'number' => $this->per_page(),
'page' => $this->get_paged(),
);
$query = give_get_payments( $args );
}// End if().
if ( $query ) {
$i = 0;
foreach ( $query as $payment ) {
if ( is_numeric( $payment ) ) {
$payment = new Give_Payment( $payment );
}
$payment_meta = $payment->get_meta();
$user_info = $payment->user_info;
$first_name = isset( $user_info['first_name'] ) ? $user_info['first_name'] : '';
$last_name = isset( $user_info['last_name'] ) ? $user_info['last_name'] : '';
$donations['donations'][ $i ]['ID'] = $payment->ID;
$donations['donations'][ $i ]['number'] = $payment->number;
$donations['donations'][ $i ]['transaction_id'] = $payment->transaction_id;
$donations['donations'][ $i ]['key'] = $payment->key;
$donations['donations'][ $i ]['total'] = give_format_decimal(
array(
'donation_id' => $payment->ID,
'dp' => true,
)
);
$donations['donations'][ $i ]['status'] = give_get_payment_status( $payment, true );
$donations['donations'][ $i ]['gateway'] = $payment->gateway;
$donations['donations'][ $i ]['name'] = trim( "{$first_name} {$last_name}" );
$donations['donations'][ $i ]['fname'] = $first_name;
$donations['donations'][ $i ]['lname'] = $last_name;
$donations['donations'][ $i ]['email'] = $payment->email;
$donations['donations'][ $i ]['date'] = $payment->date;
$donations['donations'][ $i ]['payment_meta'] = array();
$form_id = isset( $payment_meta['form_id'] ) ? $payment_meta['form_id'] : $payment_meta;
$price = isset( $payment_meta['form_id'] ) ? give_get_form_price( $payment_meta['form_id'] ) : false;
$price_id = isset( $payment_meta['price_id'] ) ? $payment_meta['price_id'] : null;
$donations['donations'][ $i ]['form']['id'] = $form_id;
$donations['donations'][ $i ]['form']['name'] = get_the_title( $payment_meta['form_id'] );
$donations['donations'][ $i ]['form']['price'] = give_format_decimal(
array(
'amount' => $price,
'currency' => give_get_option( 'currency' ),
'dp' => true,
)
);
if ( give_has_variable_prices( $form_id ) ) {
if ( isset( $payment_meta['price_id'] ) ) {
$price_name = give_get_price_option_name( $form_id, $payment_meta['price_id'], $payment->ID );
$donations['donations'][ $i ]['form']['price_name'] = $price_name;
$donations['donations'][ $i ]['form']['price_id'] = $price_id;
$donations['donations'][ $i ]['form']['price'] = give_format_decimal(
array(
'amount' => give_get_price_option_amount( $form_id, $price_id ),
'currency' => give_get_option( 'currency' ),
'dp' => true,
)
);
}
}
if ( ! empty( $payment_meta ) ) {
// Add custom meta to API
foreach ( $payment_meta as $meta_key => $meta_value ) {
$exceptions = array(
'_give_payment_form_title',
'form_title',
'_give_payment_form_id',
'form_id',
'_give_payment_price_id',
'price_id',
'user_info',
'_give_payment_purchase_key',
'key',
'email',
'date',
'currency',
'_give_payment_total',
'_give_payment_date',
);
// Don't clutter up results with dupes
if ( ! is_string( $meta_value ) || in_array( $meta_key, $exceptions ) ) {
continue;
}
// Meta key can contain price value like _give_fee_amount, so convert them to standard format.
if ( give_is_amount_sanitized( $meta_value ) ) {
$meta_value = give_format_decimal(
array(
'amount' => $meta_value,
'currency' => give_get_option( 'currency' ),
'dp' => true,
)
);
}
$donations['donations'][ $i ]['payment_meta'][ $meta_key ] = $meta_value;
}
}
$i ++;
}// End foreach().
}// End if().
return apply_filters( 'give_api_donations_endpoint', $donations );
}
/**
* Retrieve the output format.
*
* Determines whether results should be displayed in XML or JSON.
*
* @since 1.1
* @access public
*
* @return mixed
*/
public function get_output_format() {
global $wp_query;
$format = isset( $wp_query->query_vars['format'] ) ? $wp_query->query_vars['format'] : 'json';
return apply_filters( 'give_api_output_format', $format );
}
/**
* Log each API request, if enabled.
*
* @access private
* @since 1.1
*
* @global WP_Query $wp_query
*
* @param array $data
*
* @return void
*/
private function log_request( $data = array() ) {
if ( ! $this->log_requests ) {
return;
}
/**
* @var WP_Query $wp_query
*/
global $wp_query;
$query = array(
'give-api' => $wp_query->query_vars['give-api'],
'key' => isset( $wp_query->query_vars['key'] ) ? $wp_query->query_vars['key'] : null,
'token' => isset( $wp_query->query_vars['token'] ) ? $wp_query->query_vars['token'] : null,
'query' => isset( $wp_query->query_vars['query'] ) ? $wp_query->query_vars['query'] : null,
'type' => isset( $wp_query->query_vars['type'] ) ? $wp_query->query_vars['type'] : null,
'form' => isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null,
'donor' => isset( $wp_query->query_vars['donor'] ) ? $wp_query->query_vars['donor'] : null,
'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null,
'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null,
'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null,
'id' => isset( $wp_query->query_vars['id'] ) ? $wp_query->query_vars['id'] : null,
'purchasekey' => isset( $wp_query->query_vars['purchasekey'] ) ? $wp_query->query_vars['purchasekey'] : null,
'email' => isset( $wp_query->query_vars['email'] ) ? $wp_query->query_vars['email'] : null,
);
$log_data = array(
'log_type' => 'api_request',
'post_excerpt' => http_build_query( $query ),
'post_content' => ! empty( $data['error'] ) ? $data['error'] : '',
);
$log_meta = array(
'api_query' => http_build_query( $query ),
'request_ip' => give_get_ip(),
'user' => $this->user_id,
'key' => isset( $wp_query->query_vars['key'] ) ? $wp_query->query_vars['key'] : null,
'token' => isset( $wp_query->query_vars['token'] ) ? $wp_query->query_vars['token'] : null,
'time' => $data['request_speed'],
'version' => $this->get_queried_version(),
);
Give()->logs->insert_log( $log_data, $log_meta );
}
/**
* Retrieve the output data.
*
* @access public
* @since 1.1
* @return array
*/
public function get_output() {
return $this->data;
}
/**
* Output Query in either JSON/XML.
* The query data is outputted as JSON by default.
*
* @since 1.1
* @global WP_Query $wp_query
*
* @param int $status_code
*/
public function output( $status_code = 200 ) {
$format = $this->get_output_format();
status_header( $status_code );
/**
* Fires before outputting the API.
*
* @since 1.1
*
* @param array $data Response data to return.
* @param Give_API $this The Give_API object.
* @param string $format Output format, XML or JSON. Default is JSON.
*/
do_action( 'give_api_output_before', $this->data, $this, $format );
switch ( $format ) :
case 'xml':
require_once GIVE_PLUGIN_DIR . 'includes/libraries/array2xml.php';
$xml = Array2XML::createXML( 'give', $this->data );
echo $xml->saveXML();
break;
case 'json':
header( 'Content-Type: application/json' );
if ( ! empty( $this->pretty_print ) ) {
echo json_encode( $this->data, $this->pretty_print );
} else {
echo json_encode( $this->data );
}
break;
default:
/**
* Fires by the API while outputting other formats.
*
* @since 1.1
*
* @param array $data Response data to return.
* @param Give_API $this The Give_API object.
*/
do_action( "give_api_output_{$format}", $this->data, $this );
break;
endswitch;
/**
* Fires after outputting the API.
*
* @since 1.1
*
* @param array $data Response data to return.
* @param Give_API $this The Give_API object.
* @param string $format Output format, XML or JSON. Default is JSON.
*/
do_action( 'give_api_output_after', $this->data, $this, $format );
give_die();
}
/**
* Modify User Profile
*
* Modifies the output of profile.php to add key generation/revocation.
*
* @access public
* @since 1.1
*
* @param object $user Current user info
*
* @return void
*/
function user_key_field( $user ) {
if ( ( give_get_option( 'api_allow_user_keys', false ) || current_user_can( 'manage_give_settings' ) ) && current_user_can( 'edit_user', $user->ID ) ) {
$user = get_userdata( $user->ID );
?>
<table class="form-table">
<tbody>
<tr>
<th>
<?php _e( 'GiveWP API Keys', 'give' ); ?>
</th>
<td>
<?php
$public_key = $this->get_user_public_key( $user->ID );
$secret_key = $this->get_user_secret_key( $user->ID );
?>
<?php if ( empty( $user->give_user_public_key ) ) { ?>
<input name="give_set_api_key" type="checkbox" id="give_set_api_key" />
<span class="description"><label for="give_set_api_key"><?php _e( 'Generate API Key', 'give' ); ?></label></span>
<?php } else { ?>
<strong style="display:inline-block; width: 125px;"><?php _e( 'Public key:', 'give' ); ?>
</strong>
<input type="text" disabled="disabled" class="regular-text" id="publickey" value="<?php echo esc_attr( $public_key ); ?>" />
<br />
<strong style="display:inline-block; width: 125px;"><?php _e( 'Secret key:', 'give' ); ?>
</strong>
<input type="text" disabled="disabled" class="regular-text" id="privatekey" value="<?php echo esc_attr( $secret_key ); ?>" />
<br />
<strong style="display:inline-block; width: 125px;"><?php _e( 'Token:', 'give' ); ?>
</strong>
<input type="text" disabled="disabled" class="regular-text" id="token" value="<?php echo esc_attr( $this->get_token( $user->ID ) ); ?>" />
<br />
<input name="give_revoke_api_key" type="checkbox" id="give_revoke_api_key" />
<span class="description"><label for="give_revoke_api_key"><?php _e( 'Revoke API Keys', 'give' ); ?></label></span>
<?php } ?>
</td>
</tr>
</tbody>
</table>
<?php
}// End if().
}
/**
* Process an API key generation/revocation
*
* @access public
* @since 1.1
*
* @param array $args
*
* @return void
*/
public function process_api_key( $args ) {
if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'give-api-nonce' ) ) {
wp_die(
__( 'We\'re unable to recognize your session. Please refresh the screen to try again; otherwise contact your website administrator for assistance.', 'give' ),
__( 'Error', 'give' ),
array(
'response' => 403,
)
);
}
if ( empty( $args['user_id'] ) ) {
wp_die(
__( 'User ID Required.', 'give' ),
__( 'Error', 'give' ),
array(
'response' => 401,
)
);
}
if ( is_numeric( $args['user_id'] ) ) {
$user_id = isset( $args['user_id'] ) ? absint( $args['user_id'] ) : get_current_user_id();
} else {
$userdata = get_user_by( 'login', $args['user_id'] );
$user_id = $userdata->ID;
}
$process = isset( $args['give_api_process'] ) ? strtolower( $args['give_api_process'] ) : false;
if ( $user_id == get_current_user_id() && ! give_get_option( 'allow_user_api_keys' ) && ! current_user_can( 'manage_give_settings' ) ) {
wp_die(
sprintf( /* translators: %s: process */
__( 'You do not have permission to %s API keys for this user.', 'give' ),
$process
),
__( 'Error', 'give' ),
array(
'response' => 403,
)
);
} elseif ( ! current_user_can( 'manage_give_settings' ) ) {
wp_die(
sprintf( /* translators: %s: process */
__( 'You do not have permission to %s API keys for this user.', 'give' ),
$process
),
__( 'Error', 'give' ),
array(
'response' => 403,
)
);
}
switch ( $process ) {
case 'generate':
if ( $this->generate_api_key( $user_id ) ) {
Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) );
wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-generated', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) );
exit();
} else {
wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-failed', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) );
exit();
}
break;
case 'regenerate':
$this->generate_api_key( $user_id, true );
Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) );
wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-regenerated', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) );
exit();
break;
case 'revoke':
$this->revoke_api_key( $user_id );
Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) );
wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-revoked', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) );
exit();
break;
default;
break;
}
}
/**
* Generate new API keys for a user
*
* @param int $user_id User ID the key is being generated for.
* @param boolean $regenerate Regenerate the key for the user.
*
* @access public
* @since 1.1
*
* @return boolean True if (re)generated successfully, false otherwise.
*/
public function generate_api_key( $user_id = 0, $regenerate = false ) {
// Bail out, if user doesn't exists.
if ( empty( $user_id ) ) {
return false;
}
$user = get_userdata( $user_id );
// Bail Out, if user object doesn't exists.
if ( ! $user ) {
return false;
}
$new_public_key = '';
$new_secret_key = '';
if ( ! empty( $_POST['from'] ) && 'profile' === $_POST['from'] ) {
// For User Profile Page.
if ( ! empty( $_POST['give_set_api_key'] ) ) {
// Generate API Key from User Profile page.
$new_public_key = $this->generate_public_key( $user->user_email );
$new_secret_key = $this->generate_private_key( $user->ID );
} elseif ( ! empty( $_POST['give_revoke_api_key'] ) ) {
// Revoke API Key from User Profile page.
$this->revoke_api_key( $user->ID );
} else {
return false;
}
} else {
// For Tools > API page.
$public_key = $this->get_user_public_key( $user_id );
if ( empty( $public_key ) && ! $regenerate ) {
// Generating API for first time.
$new_public_key = $this->generate_public_key( $user->user_email );
$new_secret_key = $this->generate_private_key( $user->ID );
} elseif ( $public_key && $regenerate ) {
// API Key already exists and Regenerating API Key.
$this->revoke_api_key( $user->ID );
$new_public_key = $this->generate_public_key( $user->user_email );
$new_secret_key = $this->generate_private_key( $user->ID );
} elseif ( ! empty( $public_key ) && ! $regenerate ) {
// Doing nothing, when API Key exists but still try to generate again instead of regenerating.
return false;
} else {
// Revoke API Key.
$this->revoke_api_key( $user->ID );
}
}
update_user_meta( $user_id, $new_public_key, 'give_user_public_key' );
update_user_meta( $user_id, $new_secret_key, 'give_user_secret_key' );
return true;
}
/**
* Revoke a users API keys
*
* @access public
* @since 1.1
*
* @param int $user_id User ID of user to revoke key for
*
* @return bool
*/
public function revoke_api_key( $user_id = 0 ) {
if ( empty( $user_id ) ) {
return false;
}
$user = get_userdata( $user_id );
if ( ! $user ) {
return false;
}
$public_key = $this->get_user_public_key( $user_id );
$secret_key = $this->get_user_secret_key( $user_id );
if ( ! empty( $public_key ) ) {
Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_' . $public_key ) ) );
Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_public_key' . $user_id ) ) );
Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_secret_key' . $user_id ) ) );
delete_user_meta( $user_id, $public_key );
delete_user_meta( $user_id, $secret_key );
} else {
return false;
}
return true;
}
public function get_version() {
return self::VERSION;
}
/**
* Generate the public key for a user
*
* @access private
* @since 1.1
*
* @param string $user_email
*
* @return string
*/
private function generate_public_key( $user_email = '' ) {
$auth_key = defined( 'AUTH_KEY' ) ? AUTH_KEY : '';
$public = hash( 'md5', $user_email . $auth_key . date( 'U' ) );
return $public;
}
/**
* Generate the secret key for a user
*
* @access private
* @since 1.1
*
* @param int $user_id
*
* @return string
*/
private function generate_private_key( $user_id = 0 ) {
$auth_key = defined( 'AUTH_KEY' ) ? AUTH_KEY : '';
$secret = hash( 'md5', $user_id . $auth_key . date( 'U' ) );
return $secret;
}
/**
* Retrieve the user's token
*
* @access private
* @since 1.1
*
* @param int $user_id
*
* @return string
*/
public function get_token( $user_id = 0 ) {
return hash( 'md5', $this->get_user_secret_key( $user_id ) . $this->get_user_public_key( $user_id ) );
}
/**
* Generate the default donation stats returned by the 'stats' endpoint
*
* @access private
* @since 1.1
* @return array default sales statistics
*/
private function get_default_sales_stats() {
// Default sales return
$donations = array();
$donations['donations']['today'] = $this->stats->get_sales( 0, 'today' );
$donations['donations']['current_month'] = $this->stats->get_sales( 0, 'this_month' );
$donations['donations']['last_month'] = $this->stats->get_sales( 0, 'last_month' );
$donations['donations']['totals'] = give_get_total_donations();
return $donations;
}
/**
* Generate the default earnings stats returned by the 'stats' endpoint
*
* @access private
* @return array default earnings statistics
* @since 1.1
*/
private function get_default_earnings_stats() {
$currency = give_get_option( 'currency' );
// Default earnings return
$earnings = array();
$earnings['earnings']['today'] = give_format_decimal(
array(
'amount' => $this->stats->get_earnings( 0, 'today' ),
'currency' => $currency,
)
);
$earnings['earnings']['current_month'] = give_format_decimal(
array(
'amount' => $this->stats->get_earnings( 0, 'this_month' ),
'currency' => $currency,
)
);
$earnings['earnings']['last_month'] = give_format_decimal(
array(
'amount' => $this->stats->get_earnings( 0, 'last_month' ),
'currency' => $currency,
)
);
$earnings['earnings']['totals'] = give_format_decimal(
array(
'amount' => give_get_total_earnings(),
'currency' => $currency,
)
);
return $earnings;
}
/**
* API Key Backwards Compatibility
*
* A Backwards Compatibility call for the change of meta_key/value for users API Keys.
*
* @since 1.3.6
*
* @param string $check Whether to check the cache or not
* @param int $object_id The User ID being passed
* @param string $meta_key The user meta key
* @param bool $single If it should return a single value or array
*
* @return string The API key/secret for the user supplied
*/
public function api_key_backwards_compat( $check, $object_id, $meta_key, $single ) {
if ( $meta_key !== 'give_user_public_key' && $meta_key !== 'give_user_secret_key' ) {
return $check;
}
$return = $check;
switch ( $meta_key ) {
case 'give_user_public_key':
$return = Give()->api->get_user_public_key( $object_id );
break;
case 'give_user_secret_key':
$return = Give()->api->get_user_secret_key( $object_id );
break;
}
if ( ! $single ) {
$return = array( $return );
}
return $return;
}
}