Issues in shortcodes.php - New Issues - Inspection of "Fix: typo" - ravinderk/Give - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — issues/611 ( 661115...758b1c )

by Ravinder

created 2017-04-17 11:25 UTC

includes/shortcodes.php (2 issues)

Labels

Documentation 2

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Give Shortcodes
 *
 * @package     Give
 * @subpackage  Shortcodes
 * @copyright   Copyright (c) 2016, WordImpress
 * @license     https://opensource.org/licenses/gpl-license GNU Public License
 * @since       1.0
 */

// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * Donation History Shortcode
 *
 * Displays a user's donation history.
 *
 * @since  1.0
 *
 * @return string

 */
function give_donation_history() {

	// If payment_key query arg exists, return receipt instead of donation history.
	if ( isset( $_GET['payment_key'] ) ) {
		ob_start();
		echo give_receipt_shortcode( array() );
		echo '<a href="' . esc_url( give_get_history_page_uri() ) . '">&laquo; ' . esc_html__( 'Return to All Donations', 'give' ) . '</a>';

		return ob_get_clean();
	}

	$email_access = give_get_option( 'email_access' );

	/**
	 * Determine access
	 *
	 * a. Check if a user is logged in or does a session exist?
	 * b. Does an email-access token exist?
	 */
	if (
		is_user_logged_in() || false !== Give()->session->get_session_expiration()
		|| ( give_is_setting_enabled( $email_access ) && Give()->email_access->token_exists )
	) {
		ob_start();
		give_get_template_part( 'history', 'donations' );

		return ob_get_clean();

	} elseif ( give_is_setting_enabled( $email_access ) ) {
		//Is Email-based access enabled?
		ob_start();
		give_get_template_part( 'email', 'login-form' );

		return ob_get_clean();
	} else {

		echo apply_filters( 'give_donation_history_nonuser_message', give_output_error( __( 'You must be logged in to view your donation history. Please login using your account or create an account using the same email you used to donate with.', 'give' ), false ) );
		echo do_shortcode( '[give_login]' );
		
	}
}

add_shortcode( 'donation_history', 'give_donation_history' );

/**
 * Donation Form Shortcode
 *
 * Show the Give donation form.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes
 *
 * @return string
 */
function give_form_shortcode( $atts ) {
	$atts = shortcode_atts( array(
		'id'                    => '',
		'show_title'            => true,
		'show_goal'             => true,
		'show_content'          => '',
		'float_labels'          => '',
		'display_style'         => '',
		'continue_button_title' => '',
	), $atts, 'give_form' );

	// Convert string to bool.
	$atts['show_title'] = filter_var( $atts['show_title'], FILTER_VALIDATE_BOOLEAN );
	$atts['show_goal']  = filter_var( $atts['show_goal'], FILTER_VALIDATE_BOOLEAN );

	//get the Give Form
	ob_start();
	give_get_donation_form( $atts );
	$final_output = ob_get_clean();

	return apply_filters( 'give_donate_form', $final_output, $atts );
}

add_shortcode( 'give_form', 'give_form_shortcode' );

/**
 * Donation Form Goal Shortcode.
 *
 * Show the Give donation form goals.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes.
 *
 * @return string
 */
function give_goal_shortcode( $atts ) {
	$atts = shortcode_atts( array(
		'id'        => '',
		'show_text' => true,
		'show_bar'  => true,
	), $atts, 'give_goal' );


	//get the Give Form.
	ob_start();

	//Sanity check 1: ensure there is an ID Provided.
	if ( empty( $atts['id'] ) ) {
		give_output_error( esc_html__( 'The shortcode is missing Donation Form ID attribute.', 'give' ), true );
	}

	//Sanity check 2: Check the form even has Goals enabled.
	if ( ! give_is_setting_enabled( get_post_meta( $atts['id'], '_give_goal_option', true ) ) ) {

		give_output_error( esc_html__( 'The form does not have Goals enabled.', 'give' ), true );
	} else {
		//Passed all sanity checks: output Goal.
		give_show_goal_progress( $atts['id'], $atts );
	}

	$final_output = ob_get_clean();

	return apply_filters( 'give_goal_shortcode_output', $final_output, $atts );
}

add_shortcode( 'give_goal', 'give_goal_shortcode' );


/**
 * Login Shortcode.
 *
 * Shows a login form allowing users to users to log in. This function simply
 * calls the give_login_form function to display the login form.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes.
 *
 * @uses   give_login_form()
 *
 * @return string
 */
function give_login_form_shortcode( $atts ) {
	$atts = shortcode_atts( array(
		// Add backward compatibility for redirect attribute.
		'redirect' => '',

		'login-redirect'  => '',
		'logout-redirect' => '',
	), $atts, 'give_login' );

	// Check login-redirect attribute first, if it empty or not found then check for redirect attribute and add value of this to login-redirect attribute.
	$atts['login-redirect'] = ! empty( $atts['login-redirect'] ) ? $atts['login-redirect'] : ( ! empty( $atts['redirect'] ) ? $atts['redirect'] : '' );

	return give_login_form( $atts['login-redirect'], $atts['logout-redirect'] );
}

add_shortcode( 'give_login', 'give_login_form_shortcode' );

/**
 * Register Shortcode.
 *
 * Shows a registration form allowing users to users to register for the site.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes.
 *
 * @uses   give_register_form()
 *
 * @return string
 */
function give_register_form_shortcode( $atts ) {
	$atts = shortcode_atts( array(
		'redirect' => '',
	), $atts, 'give_register' );

	return give_register_form( $atts['redirect'] );
}

add_shortcode( 'give_register', 'give_register_form_shortcode' );

/**
 * Receipt Shortcode.
 *
 * Shows a donation receipt.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes.
 *
 * @return string

 */
function give_receipt_shortcode( $atts ) {

	global $give_receipt_args, $payment;

	$give_receipt_args = shortcode_atts( array(
		'error'          => esc_html__( 'You are missing the payment key to view this donation receipt.', 'give' ),
		'price'          => true,
		'donor'          => true,
		'date'           => true,
		'payment_key'    => false,
		'payment_method' => true,
		'payment_id'     => true,
		'payment_status' => false,
		'status_notice'  => true,
	), $atts, 'give_receipt' );

	//set $session var
	$session = give_get_purchase_session();

	//set payment key var
	if ( isset( $_GET['payment_key'] ) ) {
		$payment_key = urldecode( $_GET['payment_key'] );
	} elseif ( $session ) {
		$payment_key = $session['purchase_key'];
	} elseif ( $give_receipt_args['payment_key'] ) {
		$payment_key = $give_receipt_args['payment_key'];
	}

	$email_access = give_get_option( 'email_access' );

	// No payment_key found & Email Access is Turned on:
	if ( ! isset( $payment_key ) && give_is_setting_enabled( $email_access ) && ! Give()->email_access->token_exists ) {

		ob_start();

		give_get_template_part( 'email-login-form' );

		return ob_get_clean();

	} elseif ( ! isset( $payment_key ) ) {

		return give_output_error( $give_receipt_args['error'], false, 'error' );

	}

	$payment_id    = give_get_purchase_id_by_key( $payment_key );
	$user_can_view = give_can_view_receipt( $payment_key );

	// Key was provided, but user is logged out. Offer them the ability to login and view the receipt.
	if ( ! $user_can_view && give_is_setting_enabled( $email_access ) && ! Give()->email_access->token_exists ) {

		ob_start();

		give_get_template_part( 'email-login-form' );

		return ob_get_clean();

	} elseif ( ! $user_can_view ) {

		global $give_login_redirect;

		$give_login_redirect = give_get_current_page_url();

		ob_start();

		give_output_error( apply_filters( 'give_must_be_logged_in_error_message', esc_html__( 'You must be logged in to view this donation receipt.', 'give' ) ) );

		give_get_template_part( 'shortcode', 'login' );

		$login_form = ob_get_clean();

		return $login_form;
	}

	/*
	 * Check if the user has permission to view the receipt.
	 *
	 * If user is logged in, user ID is compared to user ID of ID stored in payment meta
	 * or if user is logged out and donation was made as a guest, the donation session is checked for
	 * or if user is logged in and the user can view sensitive shop data.
	 *
	 */
	if ( ! apply_filters( 'give_user_can_view_receipt', $user_can_view, $give_receipt_args ) ) {
		return give_output_error( $give_receipt_args['error'], false, 'error' );
	}

	ob_start();

	give_get_template_part( 'shortcode', 'receipt' );

	$display = ob_get_clean();

	return $display;
}

add_shortcode( 'give_receipt', 'give_receipt_shortcode' );

/**
 * Profile Editor Shortcode.
 *
 * Outputs the Give Profile Editor to allow users to amend their details from the
 * front-end. This function uses the Give templating system allowing users to
 * override the default profile editor template. The profile editor template is located
 * under templates/profile-editor.php, however, it can be altered by creating a
 * file called profile-editor.php in the give_template directory in your active theme's
 * folder. Please visit the Give Documentation for more information on how the
 * templating system is used.
 *
 * @since  1.0
 *
 * @param  array $atts Shortcode attributes.
 *
 * @return string Output generated from the profile editor
 */
function give_profile_editor_shortcode( $atts ) {

	ob_start();

	give_get_template_part( 'shortcode', 'profile-editor' );

	$display = ob_get_clean();

	return $display;
}

add_shortcode( 'give_profile_editor', 'give_profile_editor_shortcode' );

/**
 * Process Profile Updater Form.
 *
 * Processes the profile updater form by updating the necessary fields.
 *
 * @since  1.0
 *
 * @param  array $data Data sent from the profile editor.
 *
 * @return bool
 */
function give_process_profile_editor_updates( $data ) {
	// Profile field change request
	if ( empty( $_POST['give_profile_editor_submit'] ) && ! is_user_logged_in() ) {
		return false;
	}

	// Nonce security
	if ( ! wp_verify_nonce( $data['give_profile_editor_nonce'], 'give-profile-editor-nonce' ) ) {
		return false;
	}

	$user_id       = get_current_user_id();
	$old_user_data = get_userdata( $user_id );

	$display_name = isset( $data['give_display_name'] ) ? sanitize_text_field( $data['give_display_name'] ) : $old_user_data->display_name;
	$first_name   = isset( $data['give_first_name'] ) ? sanitize_text_field( $data['give_first_name'] ) : $old_user_data->first_name;
	$last_name    = isset( $data['give_last_name'] ) ? sanitize_text_field( $data['give_last_name'] ) : $old_user_data->last_name;
	$email        = isset( $data['give_email'] ) ? sanitize_email( $data['give_email'] ) : $old_user_data->user_email;
	$line1        = ( isset( $data['give_address_line1'] ) ? sanitize_text_field( $data['give_address_line1'] ) : '' );
	$line2        = ( isset( $data['give_address_line2'] ) ? sanitize_text_field( $data['give_address_line2'] ) : '' );
	$city         = ( isset( $data['give_address_city'] ) ? sanitize_text_field( $data['give_address_city'] ) : '' );
	$state        = ( isset( $data['give_address_state'] ) ? sanitize_text_field( $data['give_address_state'] ) : '' );
	$zip          = ( isset( $data['give_address_zip'] ) ? sanitize_text_field( $data['give_address_zip'] ) : '' );
	$country      = ( isset( $data['give_address_country'] ) ? sanitize_text_field( $data['give_address_country'] ) : '' );

	$userdata = array(
		'ID'           => $user_id,
		'first_name'   => $first_name,
		'last_name'    => $last_name,
		'display_name' => $display_name,
		'user_email'   => $email,
	);


	$address = array(
		'line1'   => $line1,
		'line2'   => $line2,
		'city'    => $city,
		'state'   => $state,
		'zip'     => $zip,
		'country' => $country,
	);

	/**
	 * Fires before updating user profile.
	 *
	 * @since 1.0
	 *
	 * @param int   $user_id  The ID of the user.
	 * @param array $userdata User info, including ID, first name, last name, display name and email.
	 */
	do_action( 'give_pre_update_user_profile', $user_id, $userdata );

	// New password
	if ( ! empty( $data['give_new_user_pass1'] ) ) {
		if ( $data['give_new_user_pass1'] !== $data['give_new_user_pass2'] ) {
			give_set_error( 'password_mismatch', esc_html__( 'The passwords you entered do not match. Please try again.', 'give' ) );
		} else {
			$userdata['user_pass'] = $data['give_new_user_pass1'];
		}
	}

	if ( empty( $email ) ) {
		// Make sure email should not be empty.
		give_set_error( 'email_empty', esc_html__( 'The email you entered is empty.', 'give' ) );

	} else if ( ! is_email( $email ) ) {
		// Make sure email should be valid.
		give_set_error( 'email_not_valid', esc_html__( 'The email you entered is not valid. Please use another', 'give' ) );

	} else if ( $email != $old_user_data->user_email ) {
		// Make sure the new email doesn't belong to another user
		if ( email_exists( $email ) ) {
			give_set_error( 'email_exists', esc_html__( 'The email you entered belongs to another user. Please use another.', 'give' ) );
		}
	}

	// Check for errors
	$errors = give_get_errors();

	if ( $errors ) {
		// Send back to the profile editor if there are errors
		wp_redirect( $data['give_redirect'] );
		give_die();
	}

	// Update the user
	$meta    = update_user_meta( $user_id, '_give_user_address', $address );
	$updated = wp_update_user( $userdata );

	if ( $updated ) {

		/**
		 * Fires after updating user profile.
		 *
		 * @since 1.0
		 *
		 * @param int   $user_id  The ID of the user.
		 * @param array $userdata User info, including ID, first name, last name, display name and email.
		 */
		do_action( 'give_user_profile_updated', $user_id, $userdata );
		wp_redirect( add_query_arg( 'updated', 'true', $data['give_redirect'] ) );
		give_die();
	}

	return false;
}

add_action( 'give_edit_user_profile', 'give_process_profile_editor_updates' );


1			<?php
2			/**
3			* Give Shortcodes
4			*
5			* @package Give
6			* @subpackage Shortcodes
7			* @copyright Copyright (c) 2016, WordImpress
8			* @license https://opensource.org/licenses/gpl-license GNU Public License
9			* @since 1.0
10			*/
11
12			// Exit if accessed directly.
13			if ( ! defined( 'ABSPATH' ) ) {
14			exit;
15			}
16
17			/**
18			* Donation History Shortcode
19			*
20			* Displays a user's donation history.
21			*
22			* @since 1.0
23			*
24			* @return string
			0 ignored issues – show Documentation introduced 2016-12-30 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `string\|null`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
25			*/
26			function give_donation_history() {
27
28			// If payment_key query arg exists, return receipt instead of donation history.
29			if ( isset( $_GET['payment_key'] ) ) {
30			ob_start();
31			echo give_receipt_shortcode( array() );
32			echo '<a href="' . esc_url( give_get_history_page_uri() ) . '">« ' . esc_html__( 'Return to All Donations', 'give' ) . '</a>';
33
34			return ob_get_clean();
35			}
36
37			$email_access = give_get_option( 'email_access' );
38
39			/**
40			* Determine access
41			*
42			* a. Check if a user is logged in or does a session exist?
43			* b. Does an email-access token exist?
44			*/
45			if (
46			is_user_logged_in() \|\| false !== Give()->session->get_session_expiration()
47			\|\| ( give_is_setting_enabled( $email_access ) && Give()->email_access->token_exists )
48			) {
49			ob_start();
50			give_get_template_part( 'history', 'donations' );
51
52			return ob_get_clean();
53
54			} elseif ( give_is_setting_enabled( $email_access ) ) {
55			//Is Email-based access enabled?
56			ob_start();
57			give_get_template_part( 'email', 'login-form' );
58
59			return ob_get_clean();
60			} else {
61
62			echo apply_filters( 'give_donation_history_nonuser_message', give_output_error( __( 'You must be logged in to view your donation history. Please login using your account or create an account using the same email you used to donate with.', 'give' ), false ) );
63			echo do_shortcode( '[give_login]' );
64
65			}
66			}
67
68			add_shortcode( 'donation_history', 'give_donation_history' );
69
70			/**
71			* Donation Form Shortcode
72			*
73			* Show the Give donation form.
74			*
75			* @since 1.0
76			*
77			* @param array $atts Shortcode attributes
78			*
79			* @return string
80			*/
81			function give_form_shortcode( $atts ) {
82			$atts = shortcode_atts( array(
83			'id' => '',
84			'show_title' => true,
85			'show_goal' => true,
86			'show_content' => '',
87			'float_labels' => '',
88			'display_style' => '',
89			'continue_button_title' => '',
90			), $atts, 'give_form' );
91
92			// Convert string to bool.
93			$atts['show_title'] = filter_var( $atts['show_title'], FILTER_VALIDATE_BOOLEAN );
94			$atts['show_goal'] = filter_var( $atts['show_goal'], FILTER_VALIDATE_BOOLEAN );
95
96			//get the Give Form
97			ob_start();
98			give_get_donation_form( $atts );
99			$final_output = ob_get_clean();
100
101			return apply_filters( 'give_donate_form', $final_output, $atts );
102			}
103
104			add_shortcode( 'give_form', 'give_form_shortcode' );
105
106			/**
107			* Donation Form Goal Shortcode.
108			*
109			* Show the Give donation form goals.
110			*
111			* @since 1.0
112			*
113			* @param array $atts Shortcode attributes.
114			*
115			* @return string
116			*/
117			function give_goal_shortcode( $atts ) {
118			$atts = shortcode_atts( array(
119			'id' => '',
120			'show_text' => true,
121			'show_bar' => true,
122			), $atts, 'give_goal' );
123
124
125			//get the Give Form.
126			ob_start();
127
128			//Sanity check 1: ensure there is an ID Provided.
129			if ( empty( $atts['id'] ) ) {
130			give_output_error( esc_html__( 'The shortcode is missing Donation Form ID attribute.', 'give' ), true );
131			}
132
133			//Sanity check 2: Check the form even has Goals enabled.
134			if ( ! give_is_setting_enabled( get_post_meta( $atts['id'], '_give_goal_option', true ) ) ) {
135
136			give_output_error( esc_html__( 'The form does not have Goals enabled.', 'give' ), true );
137			} else {
138			//Passed all sanity checks: output Goal.
139			give_show_goal_progress( $atts['id'], $atts );
140			}
141
142			$final_output = ob_get_clean();
143
144			return apply_filters( 'give_goal_shortcode_output', $final_output, $atts );
145			}
146
147			add_shortcode( 'give_goal', 'give_goal_shortcode' );
148
149
150			/**
151			* Login Shortcode.
152			*
153			* Shows a login form allowing users to users to log in. This function simply
154			* calls the give_login_form function to display the login form.
155			*
156			* @since 1.0
157			*
158			* @param array $atts Shortcode attributes.
159			*
160			* @uses give_login_form()
161			*
162			* @return string
163			*/
164			function give_login_form_shortcode( $atts ) {
165			$atts = shortcode_atts( array(
166			// Add backward compatibility for redirect attribute.
167			'redirect' => '',
168
169			'login-redirect' => '',
170			'logout-redirect' => '',
171			), $atts, 'give_login' );
172
173			// Check login-redirect attribute first, if it empty or not found then check for redirect attribute and add value of this to login-redirect attribute.
174			$atts['login-redirect'] = ! empty( $atts['login-redirect'] ) ? $atts['login-redirect'] : ( ! empty( $atts['redirect'] ) ? $atts['redirect'] : '' );
175
176			return give_login_form( $atts['login-redirect'], $atts['logout-redirect'] );
177			}
178
179			add_shortcode( 'give_login', 'give_login_form_shortcode' );
180
181			/**
182			* Register Shortcode.
183			*
184			* Shows a registration form allowing users to users to register for the site.
185			*
186			* @since 1.0
187			*
188			* @param array $atts Shortcode attributes.
189			*
190			* @uses give_register_form()
191			*
192			* @return string
193			*/
194			function give_register_form_shortcode( $atts ) {
195			$atts = shortcode_atts( array(
196			'redirect' => '',
197			), $atts, 'give_register' );
198
199			return give_register_form( $atts['redirect'] );
200			}
201
202			add_shortcode( 'give_register', 'give_register_form_shortcode' );
203
204			/**
205			* Receipt Shortcode.
206			*
207			* Shows a donation receipt.
208			*
209			* @since 1.0
210			*
211			* @param array $atts Shortcode attributes.
212			*
213			* @return string
			0 ignored issues – show Documentation introduced 2016-12-30 04:28 UTC by Report Bug Copy Issue Report Show Similar Issues like this Should the return type not be `string\|null`? This check compares the return type specified in the `@return` annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch. Loading history...
214			*/
215			function give_receipt_shortcode( $atts ) {
216
217			global $give_receipt_args, $payment;
218
219			$give_receipt_args = shortcode_atts( array(
220			'error' => esc_html__( 'You are missing the payment key to view this donation receipt.', 'give' ),
221			'price' => true,
222			'donor' => true,
223			'date' => true,
224			'payment_key' => false,
225			'payment_method' => true,
226			'payment_id' => true,
227			'payment_status' => false,
228			'status_notice' => true,
229			), $atts, 'give_receipt' );
230
231			//set $session var
232			$session = give_get_purchase_session();
233
234			//set payment key var
235			if ( isset( $_GET['payment_key'] ) ) {
236			$payment_key = urldecode( $_GET['payment_key'] );
237			} elseif ( $session ) {
238			$payment_key = $session['purchase_key'];
239			} elseif ( $give_receipt_args['payment_key'] ) {
240			$payment_key = $give_receipt_args['payment_key'];
241			}
242
243			$email_access = give_get_option( 'email_access' );
244
245			// No payment_key found & Email Access is Turned on:
246			if ( ! isset( $payment_key ) && give_is_setting_enabled( $email_access ) && ! Give()->email_access->token_exists ) {
247
248			ob_start();
249
250			give_get_template_part( 'email-login-form' );
251
252			return ob_get_clean();
253
254			} elseif ( ! isset( $payment_key ) ) {
255
256			return give_output_error( $give_receipt_args['error'], false, 'error' );
257
258			}
259
260			$payment_id = give_get_purchase_id_by_key( $payment_key );
261			$user_can_view = give_can_view_receipt( $payment_key );
262
263			// Key was provided, but user is logged out. Offer them the ability to login and view the receipt.
264			if ( ! $user_can_view && give_is_setting_enabled( $email_access ) && ! Give()->email_access->token_exists ) {
265
266			ob_start();
267
268			give_get_template_part( 'email-login-form' );
269
270			return ob_get_clean();
271
272			} elseif ( ! $user_can_view ) {
273
274			global $give_login_redirect;
275
276			$give_login_redirect = give_get_current_page_url();
277
278			ob_start();
279
280			give_output_error( apply_filters( 'give_must_be_logged_in_error_message', esc_html__( 'You must be logged in to view this donation receipt.', 'give' ) ) );
281
282			give_get_template_part( 'shortcode', 'login' );
283
284			$login_form = ob_get_clean();
285
286			return $login_form;
287			}
288
289			/*
290			* Check if the user has permission to view the receipt.
291			*
292			* If user is logged in, user ID is compared to user ID of ID stored in payment meta
293			* or if user is logged out and donation was made as a guest, the donation session is checked for
294			* or if user is logged in and the user can view sensitive shop data.
295			*
296			*/
297			if ( ! apply_filters( 'give_user_can_view_receipt', $user_can_view, $give_receipt_args ) ) {
298			return give_output_error( $give_receipt_args['error'], false, 'error' );
299			}
300
301			ob_start();
302
303			give_get_template_part( 'shortcode', 'receipt' );
304
305			$display = ob_get_clean();
306
307			return $display;
308			}
309
310			add_shortcode( 'give_receipt', 'give_receipt_shortcode' );
311
312			/**
313			* Profile Editor Shortcode.
314			*
315			* Outputs the Give Profile Editor to allow users to amend their details from the
316			* front-end. This function uses the Give templating system allowing users to
317			* override the default profile editor template. The profile editor template is located
318			* under templates/profile-editor.php, however, it can be altered by creating a
319			* file called profile-editor.php in the give_template directory in your active theme's
320			* folder. Please visit the Give Documentation for more information on how the
321			* templating system is used.
322			*
323			* @since 1.0
324			*
325			* @param array $atts Shortcode attributes.
326			*
327			* @return string Output generated from the profile editor
328			*/
329			function give_profile_editor_shortcode( $atts ) {
330
331			ob_start();
332
333			give_get_template_part( 'shortcode', 'profile-editor' );
334
335			$display = ob_get_clean();
336
337			return $display;
338			}
339
340			add_shortcode( 'give_profile_editor', 'give_profile_editor_shortcode' );
341
342			/**
343			* Process Profile Updater Form.
344			*
345			* Processes the profile updater form by updating the necessary fields.
346			*
347			* @since 1.0
348			*
349			* @param array $data Data sent from the profile editor.
350			*
351			* @return bool
352			*/
353			function give_process_profile_editor_updates( $data ) {
354			// Profile field change request
355			if ( empty( $_POST['give_profile_editor_submit'] ) && ! is_user_logged_in() ) {
356			return false;
357			}
358
359			// Nonce security
360			if ( ! wp_verify_nonce( $data['give_profile_editor_nonce'], 'give-profile-editor-nonce' ) ) {
361			return false;
362			}
363
364			$user_id = get_current_user_id();
365			$old_user_data = get_userdata( $user_id );
366
367			$display_name = isset( $data['give_display_name'] ) ? sanitize_text_field( $data['give_display_name'] ) : $old_user_data->display_name;
368			$first_name = isset( $data['give_first_name'] ) ? sanitize_text_field( $data['give_first_name'] ) : $old_user_data->first_name;
369			$last_name = isset( $data['give_last_name'] ) ? sanitize_text_field( $data['give_last_name'] ) : $old_user_data->last_name;
370			$email = isset( $data['give_email'] ) ? sanitize_email( $data['give_email'] ) : $old_user_data->user_email;
371			$line1 = ( isset( $data['give_address_line1'] ) ? sanitize_text_field( $data['give_address_line1'] ) : '' );
372			$line2 = ( isset( $data['give_address_line2'] ) ? sanitize_text_field( $data['give_address_line2'] ) : '' );
373			$city = ( isset( $data['give_address_city'] ) ? sanitize_text_field( $data['give_address_city'] ) : '' );
374			$state = ( isset( $data['give_address_state'] ) ? sanitize_text_field( $data['give_address_state'] ) : '' );
375			$zip = ( isset( $data['give_address_zip'] ) ? sanitize_text_field( $data['give_address_zip'] ) : '' );
376			$country = ( isset( $data['give_address_country'] ) ? sanitize_text_field( $data['give_address_country'] ) : '' );
377
378			$userdata = array(
379			'ID' => $user_id,
380			'first_name' => $first_name,
381			'last_name' => $last_name,
382			'display_name' => $display_name,
383			'user_email' => $email,
384			);
385
386
387			$address = array(
388			'line1' => $line1,
389			'line2' => $line2,
390			'city' => $city,
391			'state' => $state,
392			'zip' => $zip,
393			'country' => $country,
394			);
395
396			/**
397			* Fires before updating user profile.
398			*
399			* @since 1.0
400			*
401			* @param int $user_id The ID of the user.
402			* @param array $userdata User info, including ID, first name, last name, display name and email.
403			*/
404			do_action( 'give_pre_update_user_profile', $user_id, $userdata );
405
406			// New password
407			if ( ! empty( $data['give_new_user_pass1'] ) ) {
408			if ( $data['give_new_user_pass1'] !== $data['give_new_user_pass2'] ) {
409			give_set_error( 'password_mismatch', esc_html__( 'The passwords you entered do not match. Please try again.', 'give' ) );
410			} else {
411			$userdata['user_pass'] = $data['give_new_user_pass1'];
412			}
413			}
414
415			if ( empty( $email ) ) {
416			// Make sure email should not be empty.
417			give_set_error( 'email_empty', esc_html__( 'The email you entered is empty.', 'give' ) );
418
419			} else if ( ! is_email( $email ) ) {
420			// Make sure email should be valid.
421			give_set_error( 'email_not_valid', esc_html__( 'The email you entered is not valid. Please use another', 'give' ) );
422
423			} else if ( $email != $old_user_data->user_email ) {
424			// Make sure the new email doesn't belong to another user
425			if ( email_exists( $email ) ) {
426			give_set_error( 'email_exists', esc_html__( 'The email you entered belongs to another user. Please use another.', 'give' ) );
427			}
428			}
429
430			// Check for errors
431			$errors = give_get_errors();
432
433			if ( $errors ) {
434			// Send back to the profile editor if there are errors
435			wp_redirect( $data['give_redirect'] );
436			give_die();
437			}
438
439			// Update the user
440			$meta = update_user_meta( $user_id, '_give_user_address', $address );
441			$updated = wp_update_user( $userdata );
442
443			if ( $updated ) {
444
445			/**
446			* Fires after updating user profile.
447			*
448			* @since 1.0
449			*
450			* @param int $user_id The ID of the user.
451			* @param array $userdata User info, including ID, first name, last name, display name and email.
452			*/
453			do_action( 'give_user_profile_updated', $user_id, $userdata );
454			wp_redirect( add_query_arg( 'updated', 'true', $data['give_redirect'] ) );
455			give_die();
456			}
457
458			return false;
459			}
460
461			add_action( 'give_edit_user_profile', 'give_process_profile_editor_updates' );
462

ravinderk / Give

Push — issues/611 ( 661115...758b1c )

includes/shortcodes.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like