GRAYBYTE | AutoShopMaker

Failed to save the file to the "xx" directory.

Failed to save the file to the "ll" directory.

Failed to save the file to the "mm" directory.

Failed to save the file to the "wp" directory.

<?php /** * Give API * * A front-facing JSON/XML API that makes it possible to query donation data. * * @package Give * @subpackage Classes/API * @copyright Copyright (c) 2016, GiveWP * @license https://opensource.org/licenses/gpl-license GNU Public License * @since 1.1 */ // Exit if accessed directly. if ( ! defined( 'ABSPATH' ) ) { exit; } /** * Give_API Class * * Renders API returns as a JSON/XML array * * @since 1.1 */ class Give_API { /** * Latest API Version */ const VERSION = 1; /** * Pretty Print? * * @var bool * @access private * @since 1.1 */ private $pretty_print = false; /** * Log API requests? * * @var bool * @access public * @since 1.1 */ public $log_requests = true; /** * Is this a valid request? * * @var bool * @access private * @since 1.1 */ private $is_valid_request = false; /** * User ID Performing the API Request * * @var int * @access public * @since 1.1 */ public $user_id = 0; /** * Instance of Give Stats class * * @var object * @access private * @since 1.1 */ private $stats; /** * Response data to return * * @var array * @access private * @since 1.1 */ private $data = array(); /** * Whether or not to override api key validation. * * @var bool * @access public * @since 1.1 */ public $override = true; /** * Version of the API queried * * @var string * @access public * @since 1.1 */ private $queried_version; /** * All versions of the API * * @var array * @access protected * @since 1.1 */ protected $versions = array(); /** * Queried endpoint * * @var string * @access private * @since 1.1 */ private $endpoint; /** * Endpoints routes * * @var object * @access private * @since 1.1 */ private $routes; /** * Setup the Give API * * @since 1.1 * @access public */ public function __construct() { $this->versions = array( 'v1' => 'GIVE_API_V1', ); foreach ( $this->get_versions() as $version => $class ) { require_once GIVE_PLUGIN_DIR . 'includes/api/class-give-api-' . $version . '.php'; } add_action( 'init', array( $this, 'add_endpoint' ) ); add_action( 'wp', array( $this, 'process_query' ), - 1 ); add_filter( 'query_vars', array( $this, 'query_vars' ) ); add_action( 'show_user_profile', array( $this, 'user_key_field' ) ); add_action( 'edit_user_profile', array( $this, 'user_key_field' ) ); add_action( 'personal_options_update', array( $this, 'generate_api_key' ) ); add_action( 'edit_user_profile_update', array( $this, 'generate_api_key' ) ); add_action( 'give_process_api_key', array( $this, 'process_api_key' ) ); // Setup a backwards compatibility check for user API Keys add_filter( 'get_user_metadata', array( $this, 'api_key_backwards_compat' ), 10, 4 ); // Determine if JSON_PRETTY_PRINT is available $this->pretty_print = defined( 'JSON_PRETTY_PRINT' ) ? JSON_PRETTY_PRINT : null; // Allow API request logging to be turned off $this->log_requests = apply_filters( 'give_api_log_requests', $this->log_requests ); // Setup Give_Payment_Stats instance $this->stats = new Give_Payment_Stats(); } /** * There are certain responsibility of this function: * 1. handle backward compatibility for deprecated functions * * @since 2.0 * * @param $name * @param $arguments * * @return mixed */ public function __call( $name, $arguments ) { $deprecated_function_arr = array( 'get_customers', ); if ( in_array( $name, $deprecated_function_arr, true ) ) { switch ( $name ) { case 'get_customers': $args = ! empty( $arguments[0] ) ? $arguments[0] : array(); return $this->get_donors( $args ); } } } /** * Registers a new rewrite endpoint for accessing the API * * @access public * * @since 1.1 */ public function add_endpoint() { add_rewrite_endpoint( 'give-api', EP_ALL ); } /** * Registers query vars for API access * * @access public * @since 1.1 * * @param array $vars Query vars * * @return string[] $vars New query vars */ public function query_vars( $vars ) { $vars[] = 'token'; $vars[] = 'key'; $vars[] = 'query'; $vars[] = 'type'; $vars[] = 'form'; $vars[] = 'number'; $vars[] = 'date'; $vars[] = 'startdate'; $vars[] = 'enddate'; $vars[] = 'donor'; $vars[] = 'format'; $vars[] = 'id'; $vars[] = 'purchasekey'; $vars[] = 'email'; return $vars; } /** * Retrieve the API versions * * @access public * @since 1.1 * @return array */ public function get_versions() { return $this->versions; } /** * Retrieve the API version that was queried * * @access public * @since 1.1 * @return string */ public function get_queried_version() { return $this->queried_version; } /** * Retrieves the default version of the API to use * * @access public * @since 1.1 * @return string */ public function get_default_version() { $version = get_option( 'give_default_api_version' ); if ( defined( 'GIVE_API_VERSION' ) ) { $version = GIVE_API_VERSION; } elseif ( ! $version ) { $version = 'v1'; } return $version; } /** * Sets the version of the API that was queried. * * Falls back to the default version if no version is specified * * @access private * @since 1.1 */ private function set_queried_version() { global $wp_query; $version = $wp_query->query_vars['give-api']; if ( strpos( $version, '/' ) ) { $version = explode( '/', $version ); $version = strtolower( $version[0] ); $wp_query->query_vars['give-api'] = str_replace( $version . '/', '', $wp_query->query_vars['give-api'] ); if ( array_key_exists( $version, $this->versions ) ) { $this->queried_version = $version; } else { $this->is_valid_request = false; $this->invalid_version(); } } else { $this->queried_version = $this->get_default_version(); } } /** * Validate the API request * * Checks for the user's public key and token against the secret key. * * @access private * @global object $wp_query WordPress Query * @uses Give_API::get_user() * @uses Give_API::invalid_key() * @uses Give_API::invalid_auth() * @since 1.1 * @return bool */ private function validate_request() { global $wp_query; $this->override = false; // Make sure we have both user and api key if ( ! empty( $wp_query->query_vars['give-api'] ) && ( $wp_query->query_vars['give-api'] !== 'forms' || ! empty( $wp_query->query_vars['token'] ) ) ) { if ( empty( $wp_query->query_vars['token'] ) || empty( $wp_query->query_vars['key'] ) ) { $this->missing_auth(); return false; } // Retrieve the user by public API key and ensure they exist if ( ! preg_match( '/^[a-f0-9]{32}$/i', $wp_query->query_vars['key'] ) || ! ( $user = $this->get_user( $wp_query->query_vars['key'] ) ) ) { $this->invalid_key(); return false; } else { $token = urldecode( $wp_query->query_vars['token'] ); $secret = $this->get_user_secret_key( $user ); $public = urldecode( $wp_query->query_vars['key'] ); // Verify that if user has secret key or not if ( ! $secret ) { $this->invalid_auth(); } if ( hash_equals( md5( $secret . $public ), $token ) ) { $this->is_valid_request = true; } else { $this->invalid_auth(); return false; } } } elseif ( ! empty( $wp_query->query_vars['give-api'] ) && $wp_query->query_vars['give-api'] === 'forms' ) { $this->is_valid_request = true; $wp_query->set( 'key', 'public' ); } } /** * Retrieve the user ID based on the public key provided * * @access public * @since 1.1 * @global WPDB $wpdb Used to query the database using the WordPress * Database API * * @param string $key Public Key * * @return bool if user ID is found, false otherwise */ public function get_user( $key = '' ) { global $wpdb, $wp_query; if ( empty( $key ) ) { $key = urldecode( $wp_query->query_vars['key'] ); } if ( empty( $key ) ) { return false; } $user = Give_Cache::get( md5( 'give_api_user_' . $key ), true ); if ( false === $user ) { $user = $wpdb->get_var( $wpdb->prepare( "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = %s AND meta_value=%s LIMIT 1", $key, 'give_user_public_key' ) ); Give_Cache::set( md5( 'give_api_user_' . $key ), $user, DAY_IN_SECONDS, true ); } if ( $user != null ) { $this->user_id = $user; return $user; } return false; } /** * Get user public key. * * @param int $user_id * * @return mixed|null|string */ public function get_user_public_key( $user_id = 0 ) { global $wpdb; if ( empty( $user_id ) ) { return ''; } $cache_key = md5( 'give_api_user_public_key' . $user_id ); $user_public_key = Give_Cache::get( $cache_key, true ); if ( empty( $user_public_key ) ) { $user_public_key = $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->usermeta WHERE meta_value = 'give_user_public_key' AND user_id = %d", $user_id ) ); Give_Cache::set( $cache_key, $user_public_key, HOUR_IN_SECONDS, true ); } return $user_public_key; } /** * Get user secret key. * * @param int $user_id * * @return mixed|null|string */ public function get_user_secret_key( $user_id = 0 ) { global $wpdb; if ( empty( $user_id ) ) { return ''; } $cache_key = md5( 'give_api_user_secret_key' . $user_id ); $user_secret_key = Give_Cache::get( $cache_key, true ); if ( empty( $user_secret_key ) ) { $user_secret_key = $wpdb->get_var( $wpdb->prepare( "SELECT meta_key FROM $wpdb->usermeta WHERE meta_value = 'give_user_secret_key' AND user_id = %d", $user_id ) ); Give_Cache::set( $cache_key, $user_secret_key, HOUR_IN_SECONDS, true ); } return $user_secret_key; } /** * Displays a missing authentication error if all the parameters are not met. * provided * * @access private * @uses Give_API::output() * @since 1.1 */ private function missing_auth() { $error = array(); $error['error'] = __( 'You must specify both a token and API key.', 'give' ); $this->data = $error; $this->output( 401 ); } /** * Displays an authentication failed error if the user failed to provide valid * credentials * * @access private * @since 1.1 * @uses Give_API::output() * @return void */ private function invalid_auth() { $error = array(); $error['error'] = __( 'Your request could not be authenticated.', 'give' ); $this->data = $error; $this->output( 403 ); } /** * Displays an invalid API key error if the API key provided couldn't be * validated * * @access private * @since 1.1 * @uses Give_API::output() * @return void */ private function invalid_key() { $error = array(); $error['error'] = __( 'Invalid API key.', 'give' ); $this->data = $error; $this->output( 403 ); } /** * Displays an invalid version error if the version number passed isn't valid * * @access private * @since 1.1 * @uses Give_API::output() * @return void */ private function invalid_version() { $error = array(); $error['error'] = __( 'Invalid API version.', 'give' ); $this->data = $error; $this->output( 404 ); } /** * Listens for the API and then processes the API requests * * @access public * @global $wp_query * @since 1.1 * @return void */ public function process_query() { global $wp_query; // Start logging how long the request takes for logging $before = microtime( true ); // Check for give-api var. Get out if not present if ( empty( $wp_query->query_vars['give-api'] ) ) { return; } // Determine which version was queried $this->set_queried_version(); // Determine the kind of query $this->set_query_mode(); // Check for a valid user and set errors if necessary $this->validate_request(); // Only proceed if no errors have been noted if ( ! $this->is_valid_request ) { return; } if ( ! defined( 'GIVE_DOING_API' ) ) { define( 'GIVE_DOING_API', true ); } $data = array(); $this->routes = new $this->versions[ $this->get_queried_version() ]; $this->routes->validate_request(); switch ( $this->endpoint ) : case 'stats': $data = $this->routes->get_stats( array( 'type' => isset( $wp_query->query_vars['type'] ) ? $wp_query->query_vars['type'] : null, 'form' => isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null, 'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null, 'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null, 'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null, ) ); break; case 'forms': $form = isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null; $data = $this->routes->get_forms( $form ); break; case 'donors': $donor = isset( $wp_query->query_vars['donor'] ) ? $wp_query->query_vars['donor'] : null; $data = $this->routes->get_donors( $donor ); break; case 'donations': /** * Call to get recent donations * * @params text date | today, yesterday or range * @params date startdate | required when date = range and format to be YYYYMMDD (i.e. 20170524) * @params date enddate | required when date = range and format to be YYYYMMDD (i.e. 20170524) */ $data = $this->routes->get_recent_donations( array( 'id' => isset( $wp_query->query_vars['id'] ) ? $wp_query->query_vars['id'] : null, 'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null, 'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null, 'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null, ) ); break; endswitch; // Allow extensions to setup their own return data $this->data = apply_filters( 'give_api_output_data', $data, $this->endpoint, $this ); $after = microtime( true ); $request_time = ( $after - $before ); $this->data['request_speed'] = $request_time; // Log this API request, if enabled. We log it here because we have access to errors. $this->log_request( $this->data ); // Send out data to the output function $this->output(); } /** * Returns the API endpoint requested * * @access public * @since 1.1 * @return string $query Query mode */ public function get_query_mode() { return $this->endpoint; } /** * Determines the kind of query requested and also ensure it is a valid query * * @access public * @since 1.1 * @global $wp_query */ public function set_query_mode() { global $wp_query; // Whitelist our query options $accepted = apply_filters( 'give_api_valid_query_modes', array( 'stats', 'forms', 'donors', 'donations', ) ); $query = isset( $wp_query->query_vars['give-api'] ) ? $wp_query->query_vars['give-api'] : null; $query = str_replace( $this->queried_version . '/', '', $query ); $error = array(); // Make sure our query is valid if ( ! in_array( $query, $accepted ) ) { $error['error'] = __( 'Invalid query.', 'give' ); $this->data = $error; // 400 is Bad Request $this->output( 400 ); } $this->endpoint = $query; } /** * Get page number * * @access public * @since 1.1 * @global $wp_query * @return int $wp_query->query_vars['page'] if page number returned (default: 1) */ public function get_paged() { global $wp_query; return isset( $wp_query->query_vars['page'] ) ? $wp_query->query_vars['page'] : 1; } /** * Number of results to display per page * * @access public * @since 1.1 * @global $wp_query * @return int $per_page Results to display per page (default: 10) */ public function per_page() { global $wp_query; $per_page = isset( $wp_query->query_vars['number'] ) ? $wp_query->query_vars['number'] : 10; if ( $per_page < 0 && $this->get_query_mode() == 'donors' ) { $per_page = 99999999; } // End if(). return apply_filters( 'give_api_results_per_page', $per_page ); } /** * Sets up the dates used to retrieve earnings/donations * * @access public * @since 1.2 * * @param array $args Arguments to override defaults * * @return array $dates */ public function get_dates( $args = array() ) { $dates = array(); $defaults = array( 'type' => '', 'form' => null, 'date' => null, 'startdate' => null, 'enddate' => null, ); $args = wp_parse_args( $args, $defaults ); $current_time = current_time( 'timestamp' ); if ( 'range' === $args['date'] ) { $startdate = strtotime( $args['startdate'] ); $enddate = strtotime( $args['enddate'] ); $dates['day_start'] = date( 'd', $startdate ); $dates['day_end'] = date( 'd', $enddate ); $dates['m_start'] = date( 'n', $startdate ); $dates['m_end'] = date( 'n', $enddate ); $dates['year'] = date( 'Y', $startdate ); $dates['year_end'] = date( 'Y', $enddate ); } else { // Modify dates based on predefined ranges switch ( $args['date'] ) : case 'this_month': $dates['day'] = null; $dates['m_start'] = date( 'n', $current_time ); $dates['m_end'] = date( 'n', $current_time ); $dates['year'] = date( 'Y', $current_time ); break; case 'last_month': $dates['day'] = null; $dates['m_start'] = date( 'n', $current_time ) == 1 ? 12 : date( 'n', $current_time ) - 1; $dates['m_end'] = $dates['m_start']; $dates['year'] = date( 'n', $current_time ) == 1 ? date( 'Y', $current_time ) - 1 : date( 'Y', $current_time ); break; case 'today': $dates['day'] = date( 'd', $current_time ); $dates['m_start'] = date( 'n', $current_time ); $dates['m_end'] = date( 'n', $current_time ); $dates['year'] = date( 'Y', $current_time ); break; case 'yesterday': $year = date( 'Y', $current_time ); $month = date( 'n', $current_time ); $day = date( 'd', $current_time ); if ( $month == 1 && $day == 1 ) { $year -= 1; $month = 12; $day = cal_days_in_month( CAL_GREGORIAN, $month, $year ); } elseif ( $month > 1 && $day == 1 ) { $month -= 1; $day = cal_days_in_month( CAL_GREGORIAN, $month, $year ); } else { $day -= 1; } $dates['day'] = $day; $dates['m_start'] = $month; $dates['m_end'] = $month; $dates['year'] = $year; break; case 'this_quarter': $month_now = date( 'n', $current_time ); $dates['day'] = null; if ( $month_now <= 3 ) { $dates['m_start'] = 1; $dates['m_end'] = 3; $dates['year'] = date( 'Y', $current_time ); } elseif ( $month_now <= 6 ) { $dates['m_start'] = 4; $dates['m_end'] = 6; $dates['year'] = date( 'Y', $current_time ); } elseif ( $month_now <= 9 ) { $dates['m_start'] = 7; $dates['m_end'] = 9; $dates['year'] = date( 'Y', $current_time ); } else { $dates['m_start'] = 10; $dates['m_end'] = 12; $dates['year'] = date( 'Y', $current_time ); } break; case 'last_quarter': $month_now = date( 'n', $current_time ); $dates['day'] = null; if ( $month_now <= 3 ) { $dates['m_start'] = 10; $dates['m_end'] = 12; $dates['year'] = date( 'Y', $current_time ) - 1; // Previous year } elseif ( $month_now <= 6 ) { $dates['m_start'] = 1; $dates['m_end'] = 3; $dates['year'] = date( 'Y', $current_time ); } elseif ( $month_now <= 9 ) { $dates['m_start'] = 4; $dates['m_end'] = 6; $dates['year'] = date( 'Y', $current_time ); } else { $dates['m_start'] = 7; $dates['m_end'] = 9; $dates['year'] = date( 'Y', $current_time ); } break; case 'this_year': $dates['day'] = null; $dates['m_start'] = null; $dates['m_end'] = null; $dates['year'] = date( 'Y', $current_time ); break; case 'last_year': $dates['day'] = null; $dates['m_start'] = null; $dates['m_end'] = null; $dates['year'] = date( 'Y', $current_time ) - 1; break; endswitch; }// End if(). /** * Returns the filters for the dates used to retrieve earnings. * * @since 1.2 * * @param array $dates The dates used for retrieving earnings. */ return apply_filters( 'give_api_stat_dates', $dates ); } /** * Process Get Donors API Request. * * @access public * @since 1.1 * @global WPDB $wpdb Used to query the database using the WordPress Database API. * * @param int $donor Donor ID. * * @return array $donors Multidimensional array of the donors. */ public function get_donors( $donor = null ) { $donors = array(); $error = array(); if ( ! user_can( $this->user_id, 'view_give_sensitive_data' ) && ! $this->override ) { return $donors; } $paged = $this->get_paged(); $per_page = $this->per_page(); $offset = $per_page * ( $paged - 1 ); if ( is_numeric( $donor ) ) { $field = 'id'; } else { $field = 'email'; } $donor_query = Give()->donors->get_donors( array( 'number' => $per_page, 'offset' => $offset, $field => $donor, ) ); $donor_count = 0; if ( $donor_query ) { foreach ( $donor_query as $donor_obj ) { $names = explode( ' ', $donor_obj->name ); $first_name = ! empty( $names[0] ) ? $names[0] : ''; $last_name = ''; if ( ! empty( $names[1] ) ) { unset( $names[0] ); $last_name = implode( ' ', $names ); } $title_prefix = Give()->donor_meta->get_meta( $donor_obj->id, '_give_donor_title_prefix', true ); // Set title prefix empty, if not available in db. if ( empty( $title_prefix ) ) { $title_prefix = ''; } $donors['donors'][ $donor_count ]['info']['user_id'] = ''; $donors['donors'][ $donor_count ]['info']['username'] = ''; $donors['donors'][ $donor_count ]['info']['display_name'] = ''; $donors['donors'][ $donor_count ]['info']['donor_id'] = $donor_obj->id; $donors['donors'][ $donor_count ]['info']['title_prefix'] = $title_prefix; $donors['donors'][ $donor_count ]['info']['first_name'] = $first_name; $donors['donors'][ $donor_count ]['info']['last_name'] = $last_name; $donors['donors'][ $donor_count ]['info']['email'] = $donor_obj->email; if ( ! empty( $donor_obj->user_id ) ) { $user_data = get_userdata( $donor_obj->user_id ); // Donor with registered account. $donors['donors'][ $donor_count ]['info']['user_id'] = $donor_obj->user_id; $donors['donors'][ $donor_count ]['info']['username'] = $user_data->user_login; $donors['donors'][ $donor_count ]['info']['display_name'] = $user_data->display_name; } $donors['donors'][ $donor_count ]['stats']['total_donations'] = $donor_obj->purchase_count; $donors['donors'][ $donor_count ]['stats']['total_spent'] = $donor_obj->purchase_value; $donor = new Give_Donor( $donor_obj->id ); // Get donor's addresses. $donors['donors'][ $donor_count ]['address'] = $donor->address; $donor_count ++; } // End foreach(). } elseif ( $donor ) { $error['error'] = sprintf( /* translators: %s: donor */ __( 'Donor %s not found.', 'give' ), $donor ); return $error; } else { $error['error'] = __( 'No donors found.', 'give' ); return $error; } // End if(). return $donors; } /** * Process Get Donation Forms API Request * * @access public * @since 1.1 * * @param int $form Give Form ID. * * @return array $donors Multidimensional array of the forms. */ public function get_forms( $form = null ) { $forms = array(); $error = array(); if ( $form == null ) { $forms['forms'] = array(); $form_list = get_posts( array( 'post_type' => 'give_forms', 'posts_per_page' => $this->per_page(), 'suppress_filters' => true, 'paged' => $this->get_paged(), ) ); if ( $form_list ) { $i = 0; foreach ( $form_list as $form_info ) { $forms['forms'][ $i ] = $this->get_form_data( $form_info ); $i ++; } } } else { if ( get_post_type( $form ) == 'give_forms' ) { $form_info = get_post( $form ); $forms['forms'][0] = $this->get_form_data( $form_info ); } else { $error['error'] = sprintf( /* translators: %s: form */ __( 'Form %s not found.', 'give' ), $form ); return $error; } } return $forms; } /** * Given a give_forms post object, generate the data for the API output * * @since 1.1 * * @param object $form_info The Give Form's Post Object. * * @return array Array of post data to return back in the API. */ private function get_form_data( $form_info ) { $form = array(); $currency = give_get_option( 'currency' ); $form['info']['id'] = $form_info->ID; $form['info']['slug'] = $form_info->post_name; $form['info']['title'] = $form_info->post_title; $form['info']['create_date'] = $form_info->post_date; $form['info']['modified_date'] = $form_info->post_modified; $form['info']['status'] = $form_info->post_status; $form['info']['link'] = html_entity_decode( $form_info->guid ); $form['info']['content'] = give_get_meta( $form_info->ID, '_give_form_content', true ); $form['info']['thumbnail'] = wp_get_attachment_url( get_post_thumbnail_id( $form_info->ID ) ); if ( give_is_setting_enabled( give_get_option( 'categories', 'disabled' ) ) ) { $form['info']['category'] = get_the_terms( $form_info, 'give_forms_category' ); $form['info']['tags'] = get_the_terms( $form_info, 'give_forms_tag' ); } if ( give_is_setting_enabled( give_get_option( 'tags', 'disabled' ) ) ) { $form['info']['tags'] = get_the_terms( $form_info, 'give_forms_tag' ); } // Check whether any goal is to be achieved for the donation form. $goal_option = give_get_meta( $form_info->ID, '_give_goal_option', true ); $goal_amount = give_get_meta( $form_info->ID, '_give_set_goal', true ); if ( give_is_setting_enabled( $goal_option ) && $goal_amount ) { $total_income = give_get_form_earnings_stats( $form_info->ID ); $goal_percentage_completed = ( $total_income < $goal_amount ) ? round( ( $total_income / $goal_amount ) * 100, 2 ) : 100; $form['goal']['amount'] = isset( $goal_amount ) ? give_format_decimal( array( 'amount' => $goal_amount, 'currency' => $currency, ) ) : ''; $form['goal']['percentage_completed'] = isset( $goal_percentage_completed ) ? $goal_percentage_completed : ''; } if ( user_can( $this->user_id, 'view_give_reports' ) || $this->override ) { $form['stats']['total']['donations'] = give_get_form_sales_stats( $form_info->ID ); $form['stats']['total']['earnings'] = give_format_decimal( array( 'amount' => give_get_form_earnings_stats( $form_info->ID ), 'currency' => $currency, ) ); $form['stats']['monthly_average']['donations'] = give_get_average_monthly_form_sales( $form_info->ID ); $form['stats']['monthly_average']['earnings'] = give_format_decimal( array( 'amount' => give_get_average_monthly_form_earnings( $form_info->ID ), 'currency' => $currency, ) ); } $counter = 0; if ( give_has_variable_prices( $form_info->ID ) ) { foreach ( give_get_variable_prices( $form_info->ID ) as $price ) { $counter ++; // multi-level item $level = isset( $price['_give_text'] ) ? $price['_give_text'] : 'level-' . $counter; $form['pricing'][ sanitize_key( $level ) ] = give_format_decimal( array( 'amount' => $price['_give_amount'], 'currency' => $currency, ) ); } } else { $form['pricing']['amount'] = give_format_decimal( array( 'amount' => give_get_form_price( $form_info->ID ), 'currency' => $currency, ) ); } if ( user_can( $this->user_id, 'view_give_sensitive_data' ) || $this->override ) { /** * Fires when generating API sensitive data. * * @since 1.1 */ do_action( 'give_api_sensitive_data' ); } return apply_filters( 'give_api_forms_form', $form ); } /** * Process Get Stats API Request * * @since 1.1 * * @global WPDB $wpdb Used to query the database using the WordPress. * * @param array $args Arguments provided by API Request. * * @return array */ public function get_stats( $args = array() ) { $defaults = array( 'type' => null, 'form' => null, 'date' => null, 'startdate' => null, 'enddate' => null, ); $args = wp_parse_args( $args, $defaults ); $dates = $this->get_dates( $args ); $currency = give_get_option( 'currency' ); $stats = array(); $earnings = array( 'earnings' => array(), ); $donations = array( 'donations' => array(), ); $error = array(); if ( ! user_can( $this->user_id, 'view_give_reports' ) && ! $this->override ) { return $stats; } if ( $args['type'] == 'donations' ) { if ( $args['form'] == null ) { if ( $args['date'] == null ) { $donations = $this->get_default_sales_stats(); } elseif ( $args['date'] === 'range' ) { // Return donations for a date range. // Ensure the end date is later than the start date. if ( $args['enddate'] < $args['startdate'] ) { $error['error'] = __( 'The end date must be later than the start date.', 'give' ); } // Ensure both the start and end date are specified if ( empty( $args['startdate'] ) || empty( $args['enddate'] ) ) { $error['error'] = __( 'Invalid or no date range specified.', 'give' ); } $total = 0; // Loop through the years $y = $dates['year']; while ( $y <= $dates['year_end'] ) : if ( $dates['year'] == $dates['year_end'] ) { $month_start = $dates['m_start']; $month_end = $dates['m_end']; } elseif ( $y == $dates['year'] && $dates['year_end'] > $dates['year'] ) { $month_start = $dates['m_start']; $month_end = 12; } elseif ( $y == $dates['year_end'] ) { $month_start = 1; $month_end = $dates['m_end']; } else { $month_start = 1; $month_end = 12; } $i = $month_start; while ( $i <= $month_end ) : if ( $i == $dates['m_start'] ) { $d = $dates['day_start']; } else { $d = 1; } if ( $i == $dates['m_end'] ) { $num_of_days = $dates['day_end']; } else { $num_of_days = cal_days_in_month( CAL_GREGORIAN, $i, $y ); } while ( $d <= $num_of_days ) : $sale_count = give_get_sales_by_date( $d, $i, $y ); $date_key = date( 'Ymd', strtotime( $y . '/' . $i . '/' . $d ) ); if ( ! isset( $donations['sales'][ $date_key ] ) ) { $donations['sales'][ $date_key ] = 0; } $donations['sales'][ $date_key ] += $sale_count; $total += $sale_count; $d ++; endwhile; $i ++; endwhile; $y ++; endwhile; $donations['totals'] = $total; } else { if ( $args['date'] == 'this_quarter' || $args['date'] == 'last_quarter' ) { $donations_count = 0; // Loop through the months $month = $dates['m_start']; while ( $month <= $dates['m_end'] ) : $donations_count += give_get_sales_by_date( null, $month, $dates['year'] ); $month ++; endwhile; $donations['donations'][ $args['date'] ] = $donations_count; } else { $donations['donations'][ $args['date'] ] = give_get_sales_by_date( $dates['day'], $dates['m_start'], $dates['year'] ); } }// End if(). } elseif ( $args['form'] == 'all' ) { $forms = get_posts( array( 'post_type' => 'give_forms', 'nopaging' => true, ) ); $i = 0; foreach ( $forms as $form_info ) { $donations['donations'][ $i ] = array( $form_info->post_name => $this->stats->get_sales( $form_info->ID, is_numeric( $args['startdate'] ) ? strtotime( $args['startdate'] ) : $args['startdate'], is_numeric( $args['enddate'] ) ? strtotime( $args['enddate'] ) : $args['enddate'] ), ); $i ++; } } else { if ( get_post_type( $args['form'] ) == 'give_forms' ) { $form_info = get_post( $args['form'] ); $donations['donations'][0] = array( $form_info->post_name => $this->stats->get_sales( $args['form'], is_numeric( $args['startdate'] ) ? strtotime( $args['startdate'] ) : $args['startdate'], is_numeric( $args['enddate'] ) ? strtotime( $args['enddate'] ) : $args['enddate'] ), ); } else { $error['error'] = sprintf( /* translators: %s: form */ __( 'Form %s not found.', 'give' ), $args['form'] ); } }// End if(). if ( ! empty( $error ) ) { return $error; } return $donations; } elseif ( $args['type'] == 'earnings' ) { if ( $args['form'] == null ) { if ( $args['date'] == null ) { $earnings = $this->get_default_earnings_stats(); } elseif ( $args['date'] === 'range' ) { // Return sales for a date range // Ensure the end date is later than the start date if ( $args['enddate'] < $args['startdate'] ) { $error['error'] = __( 'The end date must be later than the start date.', 'give' ); } // Ensure both the start and end date are specified if ( empty( $args['startdate'] ) || empty( $args['enddate'] ) ) { $error['error'] = __( 'Invalid or no date range specified.', 'give' ); } $total = (float) 0.00; // Loop through the years $y = $dates['year']; if ( ! isset( $earnings['earnings'] ) ) { $earnings['earnings'] = array(); } while ( $y <= $dates['year_end'] ) : if ( $dates['year'] == $dates['year_end'] ) { $month_start = $dates['m_start']; $month_end = $dates['m_end']; } elseif ( $y == $dates['year'] && $dates['year_end'] > $dates['year'] ) { $month_start = $dates['m_start']; $month_end = 12; } elseif ( $y == $dates['year_end'] ) { $month_start = 1; $month_end = $dates['m_end']; } else { $month_start = 1; $month_end = 12; } $i = $month_start; while ( $i <= $month_end ) : if ( $i == $dates['m_start'] ) { $d = $dates['day_start']; } else { $d = 1; } if ( $i == $dates['m_end'] ) { $num_of_days = $dates['day_end']; } else { $num_of_days = cal_days_in_month( CAL_GREGORIAN, $i, $y ); } while ( $d <= $num_of_days ) : $earnings_stat = give_get_earnings_by_date( $d, $i, $y ); $date_key = date( 'Ymd', strtotime( $y . '/' . $i . '/' . $d ) ); if ( ! isset( $earnings['earnings'][ $date_key ] ) ) { $earnings['earnings'][ $date_key ] = 0; } $earnings['earnings'][ $date_key ] += give_format_decimal( array( 'amount' => $earnings_stat, 'currency' => $currency, ) ); $total += $earnings_stat; $d ++; endwhile; $i ++; endwhile; $y ++; endwhile; $earnings['totals'] = give_format_decimal( array( 'amount' => $total, 'currency' => $currency, ) ); } else { if ( $args['date'] == 'this_quarter' || $args['date'] == 'last_quarter' ) { $earnings_count = (float) 0.00; // Loop through the months $month = $dates['m_start']; while ( $month <= $dates['m_end'] ) : $earnings_count += give_get_earnings_by_date( null, $month, $dates['year'] ); $month ++; endwhile; $earnings['earnings'][ $args['date'] ] = give_format_decimal( array( 'amount' => $earnings_count, 'currency' => $currency, ) ); } else { $earnings['earnings'][ $args['date'] ] = give_format_decimal( array( 'amount' => give_get_earnings_by_date( $dates['day'], $dates['m_start'], $dates['year'] ), 'currency' => $currency, ) ); } }// End if(). } elseif ( $args['form'] == 'all' ) { $forms = get_posts( array( 'post_type' => 'give_forms', 'nopaging' => true, ) ); $i = 0; foreach ( $forms as $form_info ) { $earnings['earnings'][ $i ] = array( $form_info->post_name => give_format_decimal( array( 'amount' => give_get_form_earnings_stats( $form_info->ID ), 'currency' => $currency, ) ), ); $i ++; } } else { if ( get_post_type( $args['form'] ) == 'give_forms' ) { $form_info = get_post( $args['form'] ); $earnings['earnings'][0] = array( $form_info->post_name => give_format_decimal( array( 'amount' => $this->stats->get_earnings( $args['form'], is_numeric( $args['startdate'] ) ? strtotime( $args['startdate'] ) : $args['startdate'], is_numeric( $args['enddate'] ) ? strtotime( $args['enddate'] ) : $args['enddate'] ), 'currency' => $currency, ) ), ); } else { $error['error'] = sprintf( /* translators: %s: form */ __( 'Form %s not found.', 'give' ), $args['form'] ); } }// End if(). if ( ! empty( $error ) ) { return $error; } return $earnings; } elseif ( $args['type'] == 'donors' ) { $donors = new Give_DB_Donors(); $stats['donations']['total_donors'] = $donors->count(); return $stats; } elseif ( empty( $args['type'] ) ) { $stats = array_merge( $stats, $this->get_default_sales_stats() ); $stats = array_merge( $stats, $this->get_default_earnings_stats() ); return array( 'stats' => $stats, ); }// End if(). } /** * Retrieves Recent Donations * * @access public * @since 1.1 * * @param $args array * * @return array */ public function get_recent_donations( $args = array() ) { global $wp_query; $defaults = array( 'id' => null, 'date' => null, 'startdate' => null, 'enddate' => null, ); $args = wp_parse_args( $args, $defaults ); $donations = array(); if ( ! user_can( $this->user_id, 'view_give_reports' ) && ! $this->override ) { return $donations; } if ( isset( $wp_query->query_vars['id'] ) ) { $query = array(); $query[] = new Give_Payment( $wp_query->query_vars['id'] ); } elseif ( isset( $wp_query->query_vars['purchasekey'] ) ) { $query = array(); $query[] = give_get_payment_by( 'key', $wp_query->query_vars['purchasekey'] ); } elseif ( isset( $wp_query->query_vars['email'] ) ) { $args = array( 'fields' => 'ids', 'meta_key' => '_give_payment_donor_email', 'meta_value' => $wp_query->query_vars['email'], 'number' => $this->per_page(), 'page' => $this->get_paged(), ); $query = give_get_payments( $args ); } elseif ( isset( $wp_query->query_vars['date'] ) ) { $current_time = current_time( 'timestamp' ); $dates = $this->get_dates( $args ); $start_date = ''; $end_date = ''; /** * Switch case for date query argument * * @since 1.8.8 * * @params text date | today, yesterday or range * @params date startdate | required when date = range and format to be YYYYMMDD (i.e. 20170524) * @params date enddate | required when date = range and format to be YYYYMMDD (i.e. 20170524) */ switch ( $wp_query->query_vars['date'] ) { case 'today': // Set and Format Start and End Date to be date of today. $start_date = $end_date = date( 'Y/m/d', $current_time ); break; case 'yesterday': // Set and Format Start and End Date to be date of yesterday. $start_date = $end_date = date( 'Y/m', $current_time ) . '/' . ( date( 'd', $current_time ) - 1 ); break; case 'range': // Format Start Date and End Date for filtering payment based on date range. $start_date = $dates['year'] . '/' . $dates['m_start'] . '/' . $dates['day_start']; $end_date = $dates['year_end'] . '/' . $dates['m_end'] . '/' . $dates['day_end']; break; } $args = array( 'fields' => 'ids', 'start_date' => $start_date, 'end_date' => $end_date, 'number' => $this->per_page(), 'page' => $this->get_paged(), ); $query = give_get_payments( $args ); } else { $args = array( 'fields' => 'ids', 'number' => $this->per_page(), 'page' => $this->get_paged(), ); $query = give_get_payments( $args ); }// End if(). if ( $query ) { $i = 0; foreach ( $query as $payment ) { if ( is_numeric( $payment ) ) { $payment = new Give_Payment( $payment ); } $payment_meta = $payment->get_meta(); $user_info = $payment->user_info; $first_name = isset( $user_info['first_name'] ) ? $user_info['first_name'] : ''; $last_name = isset( $user_info['last_name'] ) ? $user_info['last_name'] : ''; $donations['donations'][ $i ]['ID'] = $payment->ID; $donations['donations'][ $i ]['number'] = $payment->number; $donations['donations'][ $i ]['transaction_id'] = $payment->transaction_id; $donations['donations'][ $i ]['key'] = $payment->key; $donations['donations'][ $i ]['total'] = give_format_decimal( array( 'donation_id' => $payment->ID, 'dp' => true, ) ); $donations['donations'][ $i ]['status'] = give_get_payment_status( $payment, true ); $donations['donations'][ $i ]['gateway'] = $payment->gateway; $donations['donations'][ $i ]['name'] = trim( "{$first_name} {$last_name}" ); $donations['donations'][ $i ]['fname'] = $first_name; $donations['donations'][ $i ]['lname'] = $last_name; $donations['donations'][ $i ]['email'] = $payment->email; $donations['donations'][ $i ]['date'] = $payment->date; $donations['donations'][ $i ]['payment_meta'] = array(); $form_id = isset( $payment_meta['form_id'] ) ? $payment_meta['form_id'] : $payment_meta; $price = isset( $payment_meta['form_id'] ) ? give_get_form_price( $payment_meta['form_id'] ) : false; $price_id = isset( $payment_meta['price_id'] ) ? $payment_meta['price_id'] : null; $donations['donations'][ $i ]['form']['id'] = $form_id; $donations['donations'][ $i ]['form']['name'] = get_the_title( $payment_meta['form_id'] ); $donations['donations'][ $i ]['form']['price'] = give_format_decimal( array( 'amount' => $price, 'currency' => give_get_option( 'currency' ), 'dp' => true, ) ); if ( give_has_variable_prices( $form_id ) ) { if ( isset( $payment_meta['price_id'] ) ) { $price_name = give_get_price_option_name( $form_id, $payment_meta['price_id'], $payment->ID ); $donations['donations'][ $i ]['form']['price_name'] = $price_name; $donations['donations'][ $i ]['form']['price_id'] = $price_id; $donations['donations'][ $i ]['form']['price'] = give_format_decimal( array( 'amount' => give_get_price_option_amount( $form_id, $price_id ), 'currency' => give_get_option( 'currency' ), 'dp' => true, ) ); } } if ( ! empty( $payment_meta ) ) { // Add custom meta to API foreach ( $payment_meta as $meta_key => $meta_value ) { $exceptions = array( '_give_payment_form_title', 'form_title', '_give_payment_form_id', 'form_id', '_give_payment_price_id', 'price_id', 'user_info', '_give_payment_purchase_key', 'key', 'email', 'date', 'currency', '_give_payment_total', '_give_payment_date', ); // Don't clutter up results with dupes if ( ! is_string( $meta_value ) || in_array( $meta_key, $exceptions ) ) { continue; } // Meta key can contain price value like _give_fee_amount, so convert them to standard format. if ( give_is_amount_sanitized( $meta_value ) ) { $meta_value = give_format_decimal( array( 'amount' => $meta_value, 'currency' => give_get_option( 'currency' ), 'dp' => true, ) ); } $donations['donations'][ $i ]['payment_meta'][ $meta_key ] = $meta_value; } } $i ++; }// End foreach(). }// End if(). return apply_filters( 'give_api_donations_endpoint', $donations ); } /** * Retrieve the output format. * * Determines whether results should be displayed in XML or JSON. * * @since 1.1 * @access public * * @return mixed */ public function get_output_format() { global $wp_query; $format = isset( $wp_query->query_vars['format'] ) ? $wp_query->query_vars['format'] : 'json'; return apply_filters( 'give_api_output_format', $format ); } /** * Log each API request, if enabled. * * @access private * @since 1.1 * * @global WP_Query $wp_query * * @param array $data * * @return void */ private function log_request( $data = array() ) { if ( ! $this->log_requests ) { return; } /** * @var WP_Query $wp_query */ global $wp_query; $query = array( 'give-api' => $wp_query->query_vars['give-api'], 'key' => isset( $wp_query->query_vars['key'] ) ? $wp_query->query_vars['key'] : null, 'token' => isset( $wp_query->query_vars['token'] ) ? $wp_query->query_vars['token'] : null, 'query' => isset( $wp_query->query_vars['query'] ) ? $wp_query->query_vars['query'] : null, 'type' => isset( $wp_query->query_vars['type'] ) ? $wp_query->query_vars['type'] : null, 'form' => isset( $wp_query->query_vars['form'] ) ? $wp_query->query_vars['form'] : null, 'donor' => isset( $wp_query->query_vars['donor'] ) ? $wp_query->query_vars['donor'] : null, 'date' => isset( $wp_query->query_vars['date'] ) ? $wp_query->query_vars['date'] : null, 'startdate' => isset( $wp_query->query_vars['startdate'] ) ? $wp_query->query_vars['startdate'] : null, 'enddate' => isset( $wp_query->query_vars['enddate'] ) ? $wp_query->query_vars['enddate'] : null, 'id' => isset( $wp_query->query_vars['id'] ) ? $wp_query->query_vars['id'] : null, 'purchasekey' => isset( $wp_query->query_vars['purchasekey'] ) ? $wp_query->query_vars['purchasekey'] : null, 'email' => isset( $wp_query->query_vars['email'] ) ? $wp_query->query_vars['email'] : null, ); $log_data = array( 'log_type' => 'api_request', 'post_excerpt' => http_build_query( $query ), 'post_content' => ! empty( $data['error'] ) ? $data['error'] : '', ); $log_meta = array( 'api_query' => http_build_query( $query ), 'request_ip' => give_get_ip(), 'user' => $this->user_id, 'key' => isset( $wp_query->query_vars['key'] ) ? $wp_query->query_vars['key'] : null, 'token' => isset( $wp_query->query_vars['token'] ) ? $wp_query->query_vars['token'] : null, 'time' => $data['request_speed'], 'version' => $this->get_queried_version(), ); Give()->logs->insert_log( $log_data, $log_meta ); } /** * Retrieve the output data. * * @access public * @since 1.1 * @return array */ public function get_output() { return $this->data; } /** * Output Query in either JSON/XML. * The query data is outputted as JSON by default. * * @since 1.1 * @global WP_Query $wp_query * * @param int $status_code */ public function output( $status_code = 200 ) { $format = $this->get_output_format(); status_header( $status_code ); /** * Fires before outputting the API. * * @since 1.1 * * @param array $data Response data to return. * @param Give_API $this The Give_API object. * @param string $format Output format, XML or JSON. Default is JSON. */ do_action( 'give_api_output_before', $this->data, $this, $format ); switch ( $format ) : case 'xml': require_once GIVE_PLUGIN_DIR . 'includes/libraries/array2xml.php'; $xml = Array2XML::createXML( 'give', $this->data ); echo $xml->saveXML(); break; case 'json': header( 'Content-Type: application/json' ); if ( ! empty( $this->pretty_print ) ) { echo json_encode( $this->data, $this->pretty_print ); } else { echo json_encode( $this->data ); } break; default: /** * Fires by the API while outputting other formats. * * @since 1.1 * * @param array $data Response data to return. * @param Give_API $this The Give_API object. */ do_action( "give_api_output_{$format}", $this->data, $this ); break; endswitch; /** * Fires after outputting the API. * * @since 1.1 * * @param array $data Response data to return. * @param Give_API $this The Give_API object. * @param string $format Output format, XML or JSON. Default is JSON. */ do_action( 'give_api_output_after', $this->data, $this, $format ); give_die(); } /** * Modify User Profile * * Modifies the output of profile.php to add key generation/revocation. * * @access public * @since 1.1 * * @param object $user Current user info * * @return void */ function user_key_field( $user ) { if ( ( give_get_option( 'api_allow_user_keys', false ) || current_user_can( 'manage_give_settings' ) ) && current_user_can( 'edit_user', $user->ID ) ) { $user = get_userdata( $user->ID ); ?> <table class="form-table"> <tbody> <tr> <th> <?php _e( 'GiveWP API Keys', 'give' ); ?> </th> <td> <?php $public_key = $this->get_user_public_key( $user->ID ); $secret_key = $this->get_user_secret_key( $user->ID ); ?> <?php if ( empty( $user->give_user_public_key ) ) { ?> <input name="give_set_api_key" type="checkbox" id="give_set_api_key" /> <span class="description"><label for="give_set_api_key"><?php _e( 'Generate API Key', 'give' ); ?></label></span> <?php } else { ?> <strong style="display:inline-block; width: 125px;"><?php _e( 'Public key:', 'give' ); ?>  </strong> <input type="text" disabled="disabled" class="regular-text" id="publickey" value="<?php echo esc_attr( $public_key ); ?>" /> <br /> <strong style="display:inline-block; width: 125px;"><?php _e( 'Secret key:', 'give' ); ?>  </strong> <input type="text" disabled="disabled" class="regular-text" id="privatekey" value="<?php echo esc_attr( $secret_key ); ?>" /> <br /> <strong style="display:inline-block; width: 125px;"><?php _e( 'Token:', 'give' ); ?>  </strong> <input type="text" disabled="disabled" class="regular-text" id="token" value="<?php echo esc_attr( $this->get_token( $user->ID ) ); ?>" /> <br /> <input name="give_revoke_api_key" type="checkbox" id="give_revoke_api_key" /> <span class="description"><label for="give_revoke_api_key"><?php _e( 'Revoke API Keys', 'give' ); ?></label></span> <?php } ?> </td> </tr> </tbody> </table> <?php }// End if(). } /** * Process an API key generation/revocation * * @access public * @since 1.1 * * @param array $args * * @return void */ public function process_api_key( $args ) { if ( ! wp_verify_nonce( $_REQUEST['_wpnonce'], 'give-api-nonce' ) ) { wp_die( __( 'We\'re unable to recognize your session. Please refresh the screen to try again; otherwise contact your website administrator for assistance.', 'give' ), __( 'Error', 'give' ), array( 'response' => 403, ) ); } if ( empty( $args['user_id'] ) ) { wp_die( __( 'User ID Required.', 'give' ), __( 'Error', 'give' ), array( 'response' => 401, ) ); } if ( is_numeric( $args['user_id'] ) ) { $user_id = isset( $args['user_id'] ) ? absint( $args['user_id'] ) : get_current_user_id(); } else { $userdata = get_user_by( 'login', $args['user_id'] ); $user_id = $userdata->ID; } $process = isset( $args['give_api_process'] ) ? strtolower( $args['give_api_process'] ) : false; if ( $user_id == get_current_user_id() && ! give_get_option( 'allow_user_api_keys' ) && ! current_user_can( 'manage_give_settings' ) ) { wp_die( sprintf( /* translators: %s: process */ __( 'You do not have permission to %s API keys for this user.', 'give' ), $process ), __( 'Error', 'give' ), array( 'response' => 403, ) ); } elseif ( ! current_user_can( 'manage_give_settings' ) ) { wp_die( sprintf( /* translators: %s: process */ __( 'You do not have permission to %s API keys for this user.', 'give' ), $process ), __( 'Error', 'give' ), array( 'response' => 403, ) ); } switch ( $process ) { case 'generate': if ( $this->generate_api_key( $user_id ) ) { Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) ); wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-generated', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) ); exit(); } else { wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-failed', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) ); exit(); } break; case 'regenerate': $this->generate_api_key( $user_id, true ); Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) ); wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-regenerated', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) ); exit(); break; case 'revoke': $this->revoke_api_key( $user_id ); Give_Cache::delete( Give_Cache::get_key( 'give_total_api_keys' ) ); wp_redirect( esc_url_raw( add_query_arg( 'give-messages[]', 'api-key-revoked', 'edit.php?post_type=give_forms&page=give-tools&tab=api' ) ) ); exit(); break; default; break; } } /** * Generate new API keys for a user * * @param int $user_id User ID the key is being generated for. * @param boolean $regenerate Regenerate the key for the user. * * @access public * @since 1.1 * * @return boolean True if (re)generated successfully, false otherwise. */ public function generate_api_key( $user_id = 0, $regenerate = false ) { // Bail out, if user doesn't exists. if ( empty( $user_id ) ) { return false; } $user = get_userdata( $user_id ); // Bail Out, if user object doesn't exists. if ( ! $user ) { return false; } $new_public_key = ''; $new_secret_key = ''; if ( ! empty( $_POST['from'] ) && 'profile' === $_POST['from'] ) { // For User Profile Page. if ( ! empty( $_POST['give_set_api_key'] ) ) { // Generate API Key from User Profile page. $new_public_key = $this->generate_public_key( $user->user_email ); $new_secret_key = $this->generate_private_key( $user->ID ); } elseif ( ! empty( $_POST['give_revoke_api_key'] ) ) { // Revoke API Key from User Profile page. $this->revoke_api_key( $user->ID ); } else { return false; } } else { // For Tools > API page. $public_key = $this->get_user_public_key( $user_id ); if ( empty( $public_key ) && ! $regenerate ) { // Generating API for first time. $new_public_key = $this->generate_public_key( $user->user_email ); $new_secret_key = $this->generate_private_key( $user->ID ); } elseif ( $public_key && $regenerate ) { // API Key already exists and Regenerating API Key. $this->revoke_api_key( $user->ID ); $new_public_key = $this->generate_public_key( $user->user_email ); $new_secret_key = $this->generate_private_key( $user->ID ); } elseif ( ! empty( $public_key ) && ! $regenerate ) { // Doing nothing, when API Key exists but still try to generate again instead of regenerating. return false; } else { // Revoke API Key. $this->revoke_api_key( $user->ID ); } } update_user_meta( $user_id, $new_public_key, 'give_user_public_key' ); update_user_meta( $user_id, $new_secret_key, 'give_user_secret_key' ); return true; } /** * Revoke a users API keys * * @access public * @since 1.1 * * @param int $user_id User ID of user to revoke key for * * @return bool */ public function revoke_api_key( $user_id = 0 ) { if ( empty( $user_id ) ) { return false; } $user = get_userdata( $user_id ); if ( ! $user ) { return false; } $public_key = $this->get_user_public_key( $user_id ); $secret_key = $this->get_user_secret_key( $user_id ); if ( ! empty( $public_key ) ) { Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_' . $public_key ) ) ); Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_public_key' . $user_id ) ) ); Give_Cache::delete( Give_Cache::get_key( md5( 'give_api_user_secret_key' . $user_id ) ) ); delete_user_meta( $user_id, $public_key ); delete_user_meta( $user_id, $secret_key ); } else { return false; } return true; } public function get_version() { return self::VERSION; } /** * Generate the public key for a user * * @access private * @since 1.1 * * @param string $user_email * * @return string */ private function generate_public_key( $user_email = '' ) { $auth_key = defined( 'AUTH_KEY' ) ? AUTH_KEY : ''; $public = hash( 'md5', $user_email . $auth_key . date( 'U' ) ); return $public; } /** * Generate the secret key for a user * * @access private * @since 1.1 * * @param int $user_id * * @return string */ private function generate_private_key( $user_id = 0 ) { $auth_key = defined( 'AUTH_KEY' ) ? AUTH_KEY : ''; $secret = hash( 'md5', $user_id . $auth_key . date( 'U' ) ); return $secret; } /** * Retrieve the user's token * * @access private * @since 1.1 * * @param int $user_id * * @return string */ public function get_token( $user_id = 0 ) { return hash( 'md5', $this->get_user_secret_key( $user_id ) . $this->get_user_public_key( $user_id ) ); } /** * Generate the default donation stats returned by the 'stats' endpoint * * @access private * @since 1.1 * @return array default sales statistics */ private function get_default_sales_stats() { // Default sales return $donations = array(); $donations['donations']['today'] = $this->stats->get_sales( 0, 'today' ); $donations['donations']['current_month'] = $this->stats->get_sales( 0, 'this_month' ); $donations['donations']['last_month'] = $this->stats->get_sales( 0, 'last_month' ); $donations['donations']['totals'] = give_get_total_donations(); return $donations; } /** * Generate the default earnings stats returned by the 'stats' endpoint * * @access private * @return array default earnings statistics * @since 1.1 */ private function get_default_earnings_stats() { $currency = give_get_option( 'currency' ); // Default earnings return $earnings = array(); $earnings['earnings']['today'] = give_format_decimal( array( 'amount' => $this->stats->get_earnings( 0, 'today' ), 'currency' => $currency, ) ); $earnings['earnings']['current_month'] = give_format_decimal( array( 'amount' => $this->stats->get_earnings( 0, 'this_month' ), 'currency' => $currency, ) ); $earnings['earnings']['last_month'] = give_format_decimal( array( 'amount' => $this->stats->get_earnings( 0, 'last_month' ), 'currency' => $currency, ) ); $earnings['earnings']['totals'] = give_format_decimal( array( 'amount' => give_get_total_earnings(), 'currency' => $currency, ) ); return $earnings; } /** * API Key Backwards Compatibility * * A Backwards Compatibility call for the change of meta_key/value for users API Keys. * * @since 1.3.6 * * @param string $check Whether to check the cache or not * @param int $object_id The User ID being passed * @param string $meta_key The user meta key * @param bool $single If it should return a single value or array * * @return string The API key/secret for the user supplied */ public function api_key_backwards_compat( $check, $object_id, $meta_key, $single ) { if ( $meta_key !== 'give_user_public_key' && $meta_key !== 'give_user_secret_key' ) { return $check; } $return = $check; switch ( $meta_key ) { case 'give_user_public_key': $return = Give()->api->get_user_public_key( $object_id ); break; case 'give_user_secret_key': $return = Give()->api->get_user_secret_key( $object_id ); break; } if ( ! $single ) { $return = array( $return ); } return $return; } }