Jetpack_Simple_Payments_Widget::__construct() - Code Metrics - Inspection of "Customizer: adds basic validation to the Simple Pa..." - Automattic/jetpack - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — add/simple-payments-widget-for... ( ceac69...14612d )

unknown

created 2018-06-18 01:00 UTC

Jetpack_Simple_Payments_Widget::__construct() B

↳ Parent: Project

Complexity

Conditions	4
Paths	4

Size

Total Lines	24
Code Lines	15

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	4
eloc	15
nc	4
nop	0
dl	0
loc	24
rs	8.6845
c	0
b	0
f	0

<?php
/**
 * Disable direct access/execution to/of the widget code.
 */
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

if ( ! class_exists( 'Jetpack_Simple_Payments_Widget' ) ) {
	/**
	 * Simple Payments Button
	 *
	 * Display a Simple Payment Button as a Widget.
	 */
	class Jetpack_Simple_Payments_Widget extends WP_Widget {
		// https://developer.paypal.com/docs/integration/direct/rest/currency-codes/
		private static $supported_currency_list = array(
			'USD' => '$',
			'GBP' => '&#163;',
			'JPY' => '&#165;',
			'BRL' => 'R$',
			'EUR' => '&#8364;',
			'NZD' => 'NZ$',
			'AUD' => 'A$',
			'CAD' => 'C$',
			'INR' => '₹',
			'ILS' => '₪',
			'RUB' => '₽',
			'MXN' => 'MX$',
			'SEK' => 'Skr',
			'HUF' => 'Ft',
			'CHF' => 'CHF',
			'CZK' => 'Kč',
			'DKK' => 'Dkr',
			'HKD' => 'HK$',
			'NOK' => 'Kr',
			'PHP' => '₱',
			'PLN' => 'PLN',
			'SGD' => 'S$',
			'TWD' => 'NT$',
			'THB' => '฿',
		);

		/**
		 * Constructor.
		 */
		function __construct() {
			parent::__construct(
				'jetpack_simple_payments_widget',
				/** This filter is documented in modules/widgets/facebook-likebox.php */
				apply_filters( 'jetpack_widget_name', __( 'Simple Payments', 'jetpack' ) ),
				array(
					'classname' => 'jetpack-simple-payments',
					'description' => __( 'Add a Simple Payment Button as a Widget.', 'jetpack' ),
					'customize_selective_refresh' => true,
				)
			);

			if ( is_customize_preview() ) {
				add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue_styles_and_scripts' ) );

				add_filter( 'customize_refresh_nonces', array( $this, 'filter_nonces' ) );
				add_action( 'wp_ajax_customize-jetpack-simple-payments-button-save', array( $this, 'ajax_save_payment_button' ) );
				add_action( 'wp_ajax_customize-jetpack-simple-payments-button-delete', array( $this, 'ajax_delete_payment_button' ) );
			}

			if ( is_active_widget( false, false, $this->id_base ) || is_customize_preview() ) {
				add_action( 'wp_enqueue_scripts', array( $this, 'enqueue_style' ) );
			}
		}

		/**
		 * Return an associative array of default values.
		 *
		 * These values are used in new widgets.
		 *
		 * @return array Default values for the widget options.
		 */
		private function defaults() {
			$current_user = wp_get_current_user();

			return array(
				'title' => '',
				'product_post_id' => 0,
				'form_action' => '',
				'form_product_id' => 0,
				'form_product_title' => '',
				'form_product_description' => '',
				'form_product_image_id' => 0,
				'form_product_image_src' => '',
				'form_product_currency' => '',
				'form_product_price' => '',
				'form_product_multiple' => '',
				'form_product_email' => $current_user->user_email,
			);
		}

		/**
		 * Adds a nonce for customizing menus.
		 *
		 * @param array $nonces Array of nonces.
		 * @return array $nonces Modified array of nonces.
		 */
		function filter_nonces( $nonces ) {
			$nonces['customize-jetpack-simple-payments'] = wp_create_nonce( 'customize-jetpack-simple-payments' );
			return $nonces;
		}

		function enqueue_style() {
			wp_enqueue_style( 'jetpack-simple-payments-widget-style', plugins_url( 'simple-payments/style.css', __FILE__ ), array(), '20180518' );
		}

		function admin_enqueue_styles_and_scripts(){
				wp_enqueue_style( 'jetpack-simple-payments-widget-customizer', plugins_url( 'simple-payments/customizer.css', __FILE__ ) );

				wp_enqueue_media();
				wp_enqueue_script( 'jetpack-simple-payments-widget-customizer', plugins_url( '/simple-payments/customizer.js', __FILE__ ), array( 'jquery' ), false, true );
				wp_localize_script( 'jetpack-simple-payments-widget-customizer', 'jpSimplePaymentsStrings', array(
					'deleteConfirmation' => __( 'Are you sure you want to delete this item? It will be disabled and removed from all locations where it currently appears.', 'jetpack' )
				) );
		}

		public function ajax_save_payment_button() {
			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
				wp_send_json_error( 'bad_nonce', 400 );
			}

			if ( ! current_user_can( 'customize' ) ) {
				wp_send_json_error( 'customize_not_allowed', 403 );
			}

			$post_type_object = get_post_type_object( Jetpack_Simple_Payments::$post_type_product );
			if ( ! current_user_can( $post_type_object->cap->create_posts ) || ! current_user_can( $post_type_object->cap->publish_posts ) ) {
				wp_send_json_error( 'insufficient_post_permissions', 403 );
			}

			if ( empty( $_POST['params'] ) || ! is_array( $_POST['params'] ) ) {
				wp_send_json_error( 'missing_params', 400 );
			}

			$params = wp_unslash( $_POST['params'] );
			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
			if ( ! empty( $illegal_params ) ) {
				wp_send_json_error( 'illegal_params', 400 );
			}

			$errors = $this->validate_ajax_params( $params );
			if( is_wp_error( $errors ) ){
				wp_send_json_error( $errors );
			}

			$product_post_id = isset( $params['product_post_id'] ) ? intval( $params['product_post_id'] ) : 0;

			$product_post = array(
				'ID' => $product_post_id,
				'post_type' => Jetpack_Simple_Payments::$post_type_product,
				'post_status' => 'publish',
				'post_title' => $params['post_title'],
				'post_content' => $params['post_content'],
				'_thumbnail_id' => ! empty( $params['image_id'] ) ? $params['image_id'] : -1,
				'meta_input' => array(
					'spay_currency' => $params['currency'],
					'spay_price' => $params['price'],
					'spay_multiple' => isset( $params['multiple'] ) ? intval( $params['multiple'] ) : 0,
					'spay_email' => is_email( $params['email'] ),
				),
			);

			if ( empty( $product_post_id ) ) {
				$product_post_id = wp_insert_post( $product_post );
			} else {
				$product_post_id = wp_update_post( $product_post );
			}

			if ( ! $product_post_id || is_wp_error( $product_post_id ) ) {
				wp_send_json_error( $product_post_id );
			}

			wp_send_json_success( array(
				'product_post_id' => $product_post_id,
				'product_post_title' => $params['post_title'],
			 ) );
		}

		public function ajax_delete_payment_button() {
			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
				wp_send_json_error( 'bad_nonce', 400 );
			}

			if ( ! current_user_can( 'customize' ) ) {
				wp_send_json_error( 'customize_not_allowed', 403 );
			}

			if ( empty( $_POST['params'] ) || ! is_array( $_POST['params'] ) ) {
				wp_send_json_error( 'missing_params', 400 );
			}

			$params = wp_unslash( $_POST['params'] );
			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id' ) );
			if ( ! empty( $illegal_params ) ) {
				wp_send_json_error( 'illegal_params', 400 );
			}

			$product_id = ( int ) $params['product_post_id'];
			$product_post = get_post( $product_id );

			$return = array( 'status' => $product_post->post_status );

			wp_delete_post( $product_id, true );
			$status = get_post_status( $product_id );
			if ( false === $status ) {
				$return['status'] = 'deleted';
			}

			wp_send_json_success( $return );
		}

		public function ajax_save_payment_button() {
			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
				wp_send_json_error( 'bad_nonce', 400 );
			}

			if ( ! current_user_can( 'customize' ) ) {
				wp_send_json_error( 'customize_not_allowed', 403 );
			}

			$post_type_object = get_post_type_object( Jetpack_Simple_Payments::$post_type_product );
			if ( ! current_user_can( $post_type_object->cap->create_posts ) || ! current_user_can( $post_type_object->cap->publish_posts ) ) {
				wp_send_json_error( 'insufficient_post_permissions', 403 );
			}

			if ( empty( $_POST['params'] ) || ! is_array( $_POST['params'] ) ) {
				wp_send_json_error( 'missing_params', 400 );
			}

			$params = wp_unslash( $_POST['params'] );
			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
			if ( ! empty( $illegal_params ) ) {
				wp_send_json_error( 'illegal_params', 400 );
			}

			$product_post_id = isset( $params['product_post_id'] ) ? intval( $params['product_post_id'] ) : 0;

			$product_post = array(
				'ID' => $product_post_id,
				'post_type' => Jetpack_Simple_Payments::$post_type_product,
				'post_status' => 'publish',
				'post_title' => $params['post_title'],
				'post_content' => $params['post_content'],
				'_thumbnail_id' => ! empty( $params['image_id'] ) ? $params['image_id'] : -1,
				'meta_input' => array(
					'spay_currency' => $params['currency'],
					'spay_price' => $params['price'],
					'spay_multiple' => isset( $params['multiple'] ) ? intval( $params['multiple'] ) : 0,
					'spay_email' => is_email( $params['email'] ),
				),
			);

			if ( empty( $product_post_id ) ) {
				$product_post_id = wp_insert_post( $product_post );
			} else {
				$product_post_id = wp_update_post( $product_post );
			}

			if ( ! $product_post_id || is_wp_error( $product_post_id ) ) {
				wp_send_json_error( $product_post_id );
			}

			wp_send_json_success( [
				'product_post_id' => $product_post_id,
				'product_post_title' => $params['post_title'],
			] );
		}

		public function ajax_delete_payment_button() {
			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
				wp_send_json_error( 'bad_nonce', 400 );
			}

			if ( ! current_user_can( 'customize' ) ) {
				wp_send_json_error( 'customize_not_allowed', 403 );
			}

			if ( empty( $_POST['params'] ) || ! is_array( $_POST['params'] ) ) {
				wp_send_json_error( 'missing_params', 400 );
			}

			$params = wp_unslash( $_POST['params'] );
			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id' ) );
			if ( ! empty( $illegal_params ) ) {
				wp_send_json_error( 'illegal_params', 400 );
			}

			$product_id = ( int ) $params['product_post_id'];
			$product_post = get_post( $product_id );

			$return = array( 'status' => $product_post->post_status );

			wp_delete_post( $product_id, true );
			$status = get_post_status( $product_id );
			if ( false === $status ) {
				$return['status'] = 'deleted';
			}

			wp_send_json_success( $return );
		}

		public function validate_ajax_params( $params ) {
			$errors = new WP_Error();

			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
			if ( ! empty( $illegal_params ) ) {
				$errors.add( 'illegal_params' );
			}

			if ( empty( $params['post_title'] ) ) {
				$errors->add( 'post_title', __( 'People need to know what they\'re paying for! Please add a brief title.' ) );
			}

			if ( empty( $params['price'] ) || intval( $params['price'] ) > 0 ) {
				$errors->add( 'price', __( 'Everything comes with a price tag these days. Please add a your product price.' ) );
			}

			if ( empty( $params['email'] ) || ! is_email( $params['email'] ) ) {
				$errors->add( 'email', __( 'We want to make sure payments reach you, so please add an email address.' ) );
			}

			return $errors;
		}
		/**
		 * Front-end display of widget.
		 *
		 * @see WP_Widget::widget()
		 *
		 * @param array $args     Widget arguments.
		 * @param array $instance Saved values from database.
		 */
		function widget( $args, $instance ) {
			$instance = wp_parse_args( $instance, $this->defaults() );

			echo $args['before_widget'];

			/** This filter is documented in core/src/wp-includes/default-widgets.php */
			$title = apply_filters( 'widget_title', $instance['title'] );
			if ( ! empty( $title ) ) {
				echo $args['before_title'] . $title . $args['after_title'];
			}

			echo '<div class="jetpack-simple-payments-content">';

			if ( ! empty( $instance['form_action'] ) && in_array( $instance['form_action'], array( 'add', 'edit' ) ) && is_customize_preview() ) {
				require( dirname( __FILE__ ) . '/simple-payments/widget.php' );
			} else {
				if ( ! empty( $instance['product_post_id'] ) ) {
					$attrs = array( 'id' => $instance['product_post_id'] );
				} else {
					$product_posts = get_posts( array(
						'numberposts' => 1,
						'orderby' => 'date',
						'post_type' => Jetpack_Simple_Payments::$post_type_product,
						'post_status' => 'publish',
					 ) );
	
					$attrs = array( 'id' => $product_posts[0]->ID );
				}

				$jsp = Jetpack_Simple_Payments::getInstance();
				$simple_payments_button = $jsp->parse_shortcode( $attrs );
				if ( is_null( $simple_payments_button ) && ! is_customize_preview() ) {
					return;
				}

				echo $simple_payments_button;
			}

			echo '</div><!--simple-payments-->';

			echo $args['after_widget'];

			/** This action is already documented in modules/widgets/gravatar-profile.php */
			do_action( 'jetpack_stats_extra', 'widget_view', 'simple_payments' );
		}

		/**
		 * Gets the latests field value from either the old instance or the new instance.
		 *
		 * @param array $mixed Array of values for the new form instance.
		 * @param array $mixed Array of values for the old form instance.
		 * @return mixed $mixed Field value.
		 */
		private function get_latest_field_value( $new_instance, $old_instance, $field) {
			return ! empty( $new_instance[ $field ] )
				? sanitize_text_field( $new_instance[ $field ] )
				: $old_instance[ $field ];
		}

		/**
		 * Gets the product fields from the product post. If no post found
		 * it returns the default values.
		 *
		 * @param int Product Post ID.
		 * @return array $fields Product Fields from the Product Post.
		 */
		private function get_product_from_post( $product_post_id ) {
			$product_post = get_post( $product_post_id );
			$form_product_id = $product_post_id;
			if( ! empty( $product_post ) ) {
				$form_product_image_id = get_post_thumbnail_id( $product_post_id );

				return array(
					'form_product_id' => $form_product_id,
					'form_product_title' => get_the_title( $product_post ),
					'form_product_description' => $product_post->post_content,
					'form_product_image_id' => $form_product_image_id,
					'form_product_image_src' => wp_get_attachment_image_url( $form_product_image_id, 'thumbnail' ),
					'form_product_currency' => get_post_meta( $product_post_id, 'spay_currency', true ),
					'form_product_price' => get_post_meta( $product_post_id, 'spay_price', true ),
					'form_product_multiple' => get_post_meta( $product_post_id, 'spay_multiple', true ) || '0',
					'form_product_email' => get_post_meta( $product_post_id, 'spay_email', true ),
				);
			}

			return $this->defaults();
		}

		/**
		 * Sanitize widget form values as they are saved.
		 *
		 * @see WP_Widget::update()
		 *
		 * @param array $new_instance Values just sent to be saved.
		 * @param array $old_instance Previously saved values from database.
		 *
		 * @return array Updated safe values to be saved.
		 */
		function update( $new_instance, $old_instance ) {
			$new_instance = wp_parse_args( $new_instance, $this->defaults() );
			$old_instance = wp_parse_args( $old_instance, $this->defaults() );

			$required_widget_props = array(
				'title' => $this->get_latest_field_value( $new_instance, $old_instance, 'title' ),
				'product_post_id' => $this->get_latest_field_value( $new_instance, $old_instance, 'product_post_id' ),
				'form_action' => $this->get_latest_field_value( $new_instance, $old_instance, 'form_action' ),
			);

			if ( strcmp( $new_instance['form_action'], $old_instance['form_action'] ) !== 0 ) {
				if ( $new_instance['form_action'] == 'edit' ) {
					return array_merge( $this->get_product_from_post( ( int ) $old_instance['product_post_id'] ), $required_widget_props );
				}

				if ( $new_instance['form_action'] == 'clear' ) {
					return array_merge( $this->defaults(), $required_widget_props );
				}

			$form_product_image_id = (int) $new_instance['form_product_image_id'];

			$form_product_email = ! empty( $new_instance['form_product_email'] )
				? sanitize_text_field( $new_instance['form_product_email'] )
				: $this->defaults()['form_product_email'];

			return array_merge( $required_widget_props, array(
				'form_product_id' => ( int ) $new_instance['form_product_id'],
				'form_product_title' => sanitize_text_field( $new_instance['form_product_title'] ),
				'form_product_description' => sanitize_text_field( $new_instance['form_product_description'] ),
				'form_product_image_id' => $form_product_image_id,
				'form_product_image_src' => wp_get_attachment_image_url( $form_product_image_id, 'thumbnail' ),
				'form_product_currency' => sanitize_text_field( $new_instance['form_product_currency'] ),
				'form_product_price' => sanitize_text_field( $new_instance['form_product_price'] ),
				'form_product_multiple' => sanitize_text_field( $new_instance['form_product_multiple'] ),
				'form_product_email' => $form_product_email,
			) );
		}

		/**
		 * Back-end widget form.
		 *
		 * @see WP_Widget::form()
		 *
		 * @param array $instance Previously saved values from database.
		 */
		function form( $instance ) {
			$instance = wp_parse_args( $instance, $this->defaults() );

			$product_posts = get_posts( array(
				'numberposts' => 100,
				'orderby' => 'date',
				'post_type' => Jetpack_Simple_Payments::$post_type_product,
				'post_status' => 'publish',
			 ) );

			require( dirname( __FILE__ ) . '/simple-payments/form.php' );
		}
	}

	// Register Jetpack_Simple_Payments_Widget widget.
	function register_widget_jetpack_simple_payments() {
		if ( ! Jetpack::is_active() ) {
			return;
		}

		register_widget( 'Jetpack_Simple_Payments_Widget' );
	}
	add_action( 'widgets_init', 'register_widget_jetpack_simple_payments' );

}


1			<?php
2			/**
3			* Disable direct access/execution to/of the widget code.
4			*/
5			if ( ! defined( 'ABSPATH' ) ) {
6			exit;
7			}
8
9			if ( ! class_exists( 'Jetpack_Simple_Payments_Widget' ) ) {
10			/**
11			* Simple Payments Button
12			*
13			* Display a Simple Payment Button as a Widget.
14			*/
15			class Jetpack_Simple_Payments_Widget extends WP_Widget {
16			// https://developer.paypal.com/docs/integration/direct/rest/currency-codes/
17			private static $supported_currency_list = array(
18			'USD' => '$',
19			'GBP' => '£',
20			'JPY' => '¥',
21			'BRL' => 'R$',
22			'EUR' => '€',
23			'NZD' => 'NZ$',
24			'AUD' => 'A$',
25			'CAD' => 'C$',
26			'INR' => '₹',
27			'ILS' => '₪',
28			'RUB' => '₽',
29			'MXN' => 'MX$',
30			'SEK' => 'Skr',
31			'HUF' => 'Ft',
32			'CHF' => 'CHF',
33			'CZK' => 'Kč',
34			'DKK' => 'Dkr',
35			'HKD' => 'HK$',
36			'NOK' => 'Kr',
37			'PHP' => '₱',
38			'PLN' => 'PLN',
39			'SGD' => 'S$',
40			'TWD' => 'NT$',
41			'THB' => '฿',
42			);
43
44			/**
45			* Constructor.
46			*/
47			function __construct() {
48			parent::__construct(
49			'jetpack_simple_payments_widget',
50			/** This filter is documented in modules/widgets/facebook-likebox.php */
51			apply_filters( 'jetpack_widget_name', __( 'Simple Payments', 'jetpack' ) ),
52			array(
53			'classname' => 'jetpack-simple-payments',
54			'description' => __( 'Add a Simple Payment Button as a Widget.', 'jetpack' ),
55			'customize_selective_refresh' => true,
56			)
57			);
58
59			if ( is_customize_preview() ) {
60			add_action( 'admin_enqueue_scripts', array( $this, 'admin_enqueue_styles_and_scripts' ) );
61
62			add_filter( 'customize_refresh_nonces', array( $this, 'filter_nonces' ) );
63			add_action( 'wp_ajax_customize-jetpack-simple-payments-button-save', array( $this, 'ajax_save_payment_button' ) );
64			add_action( 'wp_ajax_customize-jetpack-simple-payments-button-delete', array( $this, 'ajax_delete_payment_button' ) );
65			}
66
67			if ( is_active_widget( false, false, $this->id_base ) \|\| is_customize_preview() ) {
68			add_action( 'wp_enqueue_scripts', array( $this, 'enqueue_style' ) );
69			}
70			}
71
72			/**
73			* Return an associative array of default values.
74			*
75			* These values are used in new widgets.
76			*
77			* @return array Default values for the widget options.
78			*/
79			private function defaults() {
80			$current_user = wp_get_current_user();
81
82			return array(
83			'title' => '',
84			'product_post_id' => 0,
85			'form_action' => '',
86			'form_product_id' => 0,
87			'form_product_title' => '',
88			'form_product_description' => '',
89			'form_product_image_id' => 0,
90			'form_product_image_src' => '',
91			'form_product_currency' => '',
92			'form_product_price' => '',
93			'form_product_multiple' => '',
94			'form_product_email' => $current_user->user_email,
95			);
96			}
97
98			/**
99			* Adds a nonce for customizing menus.
100			*
101			* @param array $nonces Array of nonces.
102			* @return array $nonces Modified array of nonces.
103			*/
104			function filter_nonces( $nonces ) {
105			$nonces['customize-jetpack-simple-payments'] = wp_create_nonce( 'customize-jetpack-simple-payments' );
106			return $nonces;
107			}
108
109			function enqueue_style() {
110			wp_enqueue_style( 'jetpack-simple-payments-widget-style', plugins_url( 'simple-payments/style.css', __FILE__ ), array(), '20180518' );
111			}
112
113			function admin_enqueue_styles_and_scripts(){
114			wp_enqueue_style( 'jetpack-simple-payments-widget-customizer', plugins_url( 'simple-payments/customizer.css', __FILE__ ) );
115
116			wp_enqueue_media();
117			wp_enqueue_script( 'jetpack-simple-payments-widget-customizer', plugins_url( '/simple-payments/customizer.js', __FILE__ ), array( 'jquery' ), false, true );
118			wp_localize_script( 'jetpack-simple-payments-widget-customizer', 'jpSimplePaymentsStrings', array(
119			'deleteConfirmation' => __( 'Are you sure you want to delete this item? It will be disabled and removed from all locations where it currently appears.', 'jetpack' )
120			) );
121			}
122
123			public function ajax_save_payment_button() {
124			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
125			wp_send_json_error( 'bad_nonce', 400 );
126			}
127
128			if ( ! current_user_can( 'customize' ) ) {
129			wp_send_json_error( 'customize_not_allowed', 403 );
130			}
131
132			$post_type_object = get_post_type_object( Jetpack_Simple_Payments::$post_type_product );
133			if ( ! current_user_can( $post_type_object->cap->create_posts ) \|\| ! current_user_can( $post_type_object->cap->publish_posts ) ) {
134			wp_send_json_error( 'insufficient_post_permissions', 403 );
135			}
136
137			if ( empty( $_POST['params'] ) \|\| ! is_array( $_POST['params'] ) ) {
138			wp_send_json_error( 'missing_params', 400 );
139			}
140
141			$params = wp_unslash( $_POST['params'] );
142			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
143			if ( ! empty( $illegal_params ) ) {
144			wp_send_json_error( 'illegal_params', 400 );
145			}
146
147			$errors = $this->validate_ajax_params( $params );
148			if( is_wp_error( $errors ) ){
149			wp_send_json_error( $errors );
150			}
151
152			$product_post_id = isset( $params['product_post_id'] ) ? intval( $params['product_post_id'] ) : 0;
153
154			$product_post = array(
155			'ID' => $product_post_id,
156			'post_type' => Jetpack_Simple_Payments::$post_type_product,
157			'post_status' => 'publish',
158			'post_title' => $params['post_title'],
159			'post_content' => $params['post_content'],
160			'_thumbnail_id' => ! empty( $params['image_id'] ) ? $params['image_id'] : -1,
161			'meta_input' => array(
162			'spay_currency' => $params['currency'],
163			'spay_price' => $params['price'],
164			'spay_multiple' => isset( $params['multiple'] ) ? intval( $params['multiple'] ) : 0,
165			'spay_email' => is_email( $params['email'] ),
166			),
167			);
168
169			if ( empty( $product_post_id ) ) {
170			$product_post_id = wp_insert_post( $product_post );
171			} else {
172			$product_post_id = wp_update_post( $product_post );
173			}
174
175			if ( ! $product_post_id \|\| is_wp_error( $product_post_id ) ) {
176			wp_send_json_error( $product_post_id );
177			}
178
179			wp_send_json_success( array(
180			'product_post_id' => $product_post_id,
181			'product_post_title' => $params['post_title'],
182			) );
183			}
184
185			public function ajax_delete_payment_button() {
186			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
187			wp_send_json_error( 'bad_nonce', 400 );
188			}
189
190			if ( ! current_user_can( 'customize' ) ) {
191			wp_send_json_error( 'customize_not_allowed', 403 );
192			}
193
194			if ( empty( $_POST['params'] ) \|\| ! is_array( $_POST['params'] ) ) {
195			wp_send_json_error( 'missing_params', 400 );
196			}
197
198			$params = wp_unslash( $_POST['params'] );
199			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id' ) );
200			if ( ! empty( $illegal_params ) ) {
201			wp_send_json_error( 'illegal_params', 400 );
202			}
203
204			$product_id = ( int ) $params['product_post_id'];
205			$product_post = get_post( $product_id );
206
207			$return = array( 'status' => $product_post->post_status );
208
209			wp_delete_post( $product_id, true );
210			$status = get_post_status( $product_id );
211			if ( false === $status ) {
212			$return['status'] = 'deleted';
213			}
214
215			wp_send_json_success( $return );
216			}
217
218			public function ajax_save_payment_button() {
219			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
220			wp_send_json_error( 'bad_nonce', 400 );
221			}
222
223			if ( ! current_user_can( 'customize' ) ) {
224			wp_send_json_error( 'customize_not_allowed', 403 );
225			}
226
227			$post_type_object = get_post_type_object( Jetpack_Simple_Payments::$post_type_product );
228			if ( ! current_user_can( $post_type_object->cap->create_posts ) \|\| ! current_user_can( $post_type_object->cap->publish_posts ) ) {
229			wp_send_json_error( 'insufficient_post_permissions', 403 );
230			}
231
232			if ( empty( $_POST['params'] ) \|\| ! is_array( $_POST['params'] ) ) {
233			wp_send_json_error( 'missing_params', 400 );
234			}
235
236			$params = wp_unslash( $_POST['params'] );
237			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
238			if ( ! empty( $illegal_params ) ) {
239			wp_send_json_error( 'illegal_params', 400 );
240			}
241
242			$product_post_id = isset( $params['product_post_id'] ) ? intval( $params['product_post_id'] ) : 0;
243
244			$product_post = array(
245			'ID' => $product_post_id,
246			'post_type' => Jetpack_Simple_Payments::$post_type_product,
247			'post_status' => 'publish',
248			'post_title' => $params['post_title'],
249			'post_content' => $params['post_content'],
250			'_thumbnail_id' => ! empty( $params['image_id'] ) ? $params['image_id'] : -1,
251			'meta_input' => array(
252			'spay_currency' => $params['currency'],
253			'spay_price' => $params['price'],
254			'spay_multiple' => isset( $params['multiple'] ) ? intval( $params['multiple'] ) : 0,
255			'spay_email' => is_email( $params['email'] ),
256			),
257			);
258
259			if ( empty( $product_post_id ) ) {
260			$product_post_id = wp_insert_post( $product_post );
261			} else {
262			$product_post_id = wp_update_post( $product_post );
263			}
264
265			if ( ! $product_post_id \|\| is_wp_error( $product_post_id ) ) {
266			wp_send_json_error( $product_post_id );
267			}
268
269			wp_send_json_success( [
270			'product_post_id' => $product_post_id,
271			'product_post_title' => $params['post_title'],
272			] );
273			}
274
275			public function ajax_delete_payment_button() {
276			if ( ! check_ajax_referer( 'customize-jetpack-simple-payments', 'customize-jetpack-simple-payments-nonce', false ) ) {
277			wp_send_json_error( 'bad_nonce', 400 );
278			}
279
280			if ( ! current_user_can( 'customize' ) ) {
281			wp_send_json_error( 'customize_not_allowed', 403 );
282			}
283
284			if ( empty( $_POST['params'] ) \|\| ! is_array( $_POST['params'] ) ) {
285			wp_send_json_error( 'missing_params', 400 );
286			}
287
288			$params = wp_unslash( $_POST['params'] );
289			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id' ) );
290			if ( ! empty( $illegal_params ) ) {
291			wp_send_json_error( 'illegal_params', 400 );
292			}
293
294			$product_id = ( int ) $params['product_post_id'];
295			$product_post = get_post( $product_id );
296
297			$return = array( 'status' => $product_post->post_status );
298
299			wp_delete_post( $product_id, true );
300			$status = get_post_status( $product_id );
301			if ( false === $status ) {
302			$return['status'] = 'deleted';
303			}
304
305			wp_send_json_success( $return );
306			}
307
308			public function validate_ajax_params( $params ) {
309			$errors = new WP_Error();
310
311			$illegal_params = array_diff( array_keys( $params ), array( 'product_post_id', 'post_title', 'post_content', 'image_id', 'currency', 'price', 'multiple', 'email' ) );
312			if ( ! empty( $illegal_params ) ) {
313			$errors.add( 'illegal_params' );
314			}
315
316			if ( empty( $params['post_title'] ) ) {
317			$errors->add( 'post_title', __( 'People need to know what they\'re paying for! Please add a brief title.' ) );
318			}
319
320			if ( empty( $params['price'] ) \|\| intval( $params['price'] ) > 0 ) {
321			$errors->add( 'price', __( 'Everything comes with a price tag these days. Please add a your product price.' ) );
322			}
323
324			if ( empty( $params['email'] ) \|\| ! is_email( $params['email'] ) ) {
325			$errors->add( 'email', __( 'We want to make sure payments reach you, so please add an email address.' ) );
326			}
327
328			return $errors;
329			}
330			/**
331			* Front-end display of widget.
332			*
333			* @see WP_Widget::widget()
334			*
335			* @param array $args Widget arguments.
336			* @param array $instance Saved values from database.
337			*/
338			function widget( $args, $instance ) {
339			$instance = wp_parse_args( $instance, $this->defaults() );
340
341			echo $args['before_widget'];
342
343			/** This filter is documented in core/src/wp-includes/default-widgets.php */
344			$title = apply_filters( 'widget_title', $instance['title'] );
345			if ( ! empty( $title ) ) {
346			echo $args['before_title'] . $title . $args['after_title'];
347			}
348
349			echo '<div class="jetpack-simple-payments-content">';
350
351			if ( ! empty( $instance['form_action'] ) && in_array( $instance['form_action'], array( 'add', 'edit' ) ) && is_customize_preview() ) {
352			require( dirname( __FILE__ ) . '/simple-payments/widget.php' );
353			} else {
354			if ( ! empty( $instance['product_post_id'] ) ) {
355			$attrs = array( 'id' => $instance['product_post_id'] );
356			} else {
357			$product_posts = get_posts( array(
358			'numberposts' => 1,
359			'orderby' => 'date',
360			'post_type' => Jetpack_Simple_Payments::$post_type_product,
361			'post_status' => 'publish',
362			) );
363
364			$attrs = array( 'id' => $product_posts[0]->ID );
365			}
366
367			$jsp = Jetpack_Simple_Payments::getInstance();
368			$simple_payments_button = $jsp->parse_shortcode( $attrs );
369			if ( is_null( $simple_payments_button ) && ! is_customize_preview() ) {
370			return;
371			}
372
373			echo $simple_payments_button;
374			}
375
376			echo '</div><!--simple-payments-->';
377
378			echo $args['after_widget'];
379
380			/** This action is already documented in modules/widgets/gravatar-profile.php */
381			do_action( 'jetpack_stats_extra', 'widget_view', 'simple_payments' );
382			}
383
384			/**
385			* Gets the latests field value from either the old instance or the new instance.
386			*
387			* @param array $mixed Array of values for the new form instance.
388			* @param array $mixed Array of values for the old form instance.
389			* @return mixed $mixed Field value.
390			*/
391			private function get_latest_field_value( $new_instance, $old_instance, $field) {
392			return ! empty( $new_instance[ $field ] )
393			? sanitize_text_field( $new_instance[ $field ] )
394			: $old_instance[ $field ];
395			}
396
397			/**
398			* Gets the product fields from the product post. If no post found
399			* it returns the default values.
400			*
401			* @param int Product Post ID.
402			* @return array $fields Product Fields from the Product Post.
403			*/
404			private function get_product_from_post( $product_post_id ) {
405			$product_post = get_post( $product_post_id );
406			$form_product_id = $product_post_id;
407			if( ! empty( $product_post ) ) {
408			$form_product_image_id = get_post_thumbnail_id( $product_post_id );
409
410			return array(
411			'form_product_id' => $form_product_id,
412			'form_product_title' => get_the_title( $product_post ),
413			'form_product_description' => $product_post->post_content,
414			'form_product_image_id' => $form_product_image_id,
415			'form_product_image_src' => wp_get_attachment_image_url( $form_product_image_id, 'thumbnail' ),
416			'form_product_currency' => get_post_meta( $product_post_id, 'spay_currency', true ),
417			'form_product_price' => get_post_meta( $product_post_id, 'spay_price', true ),
418			'form_product_multiple' => get_post_meta( $product_post_id, 'spay_multiple', true ) \|\| '0',
419			'form_product_email' => get_post_meta( $product_post_id, 'spay_email', true ),
420			);
421			}
422
423			return $this->defaults();
424			}
425
426			/**
427			* Sanitize widget form values as they are saved.
428			*
429			* @see WP_Widget::update()
430			*
431			* @param array $new_instance Values just sent to be saved.
432			* @param array $old_instance Previously saved values from database.
433			*
434			* @return array Updated safe values to be saved.
435			*/
436			function update( $new_instance, $old_instance ) {
437			$new_instance = wp_parse_args( $new_instance, $this->defaults() );
438			$old_instance = wp_parse_args( $old_instance, $this->defaults() );
439
440			$required_widget_props = array(
441			'title' => $this->get_latest_field_value( $new_instance, $old_instance, 'title' ),
442			'product_post_id' => $this->get_latest_field_value( $new_instance, $old_instance, 'product_post_id' ),
443			'form_action' => $this->get_latest_field_value( $new_instance, $old_instance, 'form_action' ),
444			);
445
446			if ( strcmp( $new_instance['form_action'], $old_instance['form_action'] ) !== 0 ) {
447			if ( $new_instance['form_action'] == 'edit' ) {
448			return array_merge( $this->get_product_from_post( ( int ) $old_instance['product_post_id'] ), $required_widget_props );
449			}
450
451			if ( $new_instance['form_action'] == 'clear' ) {
452			return array_merge( $this->defaults(), $required_widget_props );
453			}
454
455			$form_product_image_id = (int) $new_instance['form_product_image_id'];
456
457			$form_product_email = ! empty( $new_instance['form_product_email'] )
458			? sanitize_text_field( $new_instance['form_product_email'] )
459			: $this->defaults()['form_product_email'];
460
461			return array_merge( $required_widget_props, array(
462			'form_product_id' => ( int ) $new_instance['form_product_id'],
463			'form_product_title' => sanitize_text_field( $new_instance['form_product_title'] ),
464			'form_product_description' => sanitize_text_field( $new_instance['form_product_description'] ),
465			'form_product_image_id' => $form_product_image_id,
466			'form_product_image_src' => wp_get_attachment_image_url( $form_product_image_id, 'thumbnail' ),
467			'form_product_currency' => sanitize_text_field( $new_instance['form_product_currency'] ),
468			'form_product_price' => sanitize_text_field( $new_instance['form_product_price'] ),
469			'form_product_multiple' => sanitize_text_field( $new_instance['form_product_multiple'] ),
470			'form_product_email' => $form_product_email,
471			) );
472			}
473
474			/**
475			* Back-end widget form.
476			*
477			* @see WP_Widget::form()
478			*
479			* @param array $instance Previously saved values from database.
480			*/
481			function form( $instance ) {
482			$instance = wp_parse_args( $instance, $this->defaults() );
483
484			$product_posts = get_posts( array(
485			'numberposts' => 100,
486			'orderby' => 'date',
487			'post_type' => Jetpack_Simple_Payments::$post_type_product,
488			'post_status' => 'publish',
489			) );
490
491			require( dirname( __FILE__ ) . '/simple-payments/form.php' );
492			}
493			}
494
495			// Register Jetpack_Simple_Payments_Widget widget.
496			function register_widget_jetpack_simple_payments() {
497			if ( ! Jetpack::is_active() ) {
498			return;
499			}
500
501			register_widget( 'Jetpack_Simple_Payments_Widget' );
502			}
503			add_action( 'widgets_init', 'register_widget_jetpack_simple_payments' );
			0 ignored issues – show Bug introduced 2018-06-18 01:36 UTC by Report Bug Copy Issue Report This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST Loading history...
504			}
505

Automattic / jetpack

Push — add/simple-payments-widget-for... ( ceac69...14612d )

Jetpack_Simple_Payments_Widget::__construct() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like