Paid Memberships Pro - Version 1.8.4.4

Version Description

  • BUG: Fixed issue where subscriptions cancelled at Stripe wouldn't cancel the related PMPro membership if the membership was created after updating to v1.8. (Thank, Ninjami-Juho)
  • BUG: Now tracking "views" when the wp_head hook is fired instead of the "wp" hook. Previously page redirects and AJAX calls might have been counted as "views". Using wp_head will result in more accurate numbers (compared to something like Google Analytics, e.g.). Also note that the number of views will now be much much lower than before on some sites. (Thanks, Michael Cummings)
  • BUG: Fixed loading of email templates from language folders in themes, child themes, and languages folder. (Thanks, Karel Martens)
  • ENHANCEMENT: Added the pmpro_format_phone filter to change how phone numbers are formated. Param 1 is $r, the formatted phone number. Param 2 is $phone, the original phone number.
  • ENHANCEMENT: Added doc blocks to cleanPhone and formatPhone functions and the new pmpro_format_phone filter.
Download this release

Release Info

Developer strangerstudios
Plugin Icon 128x128 Paid Memberships Pro
Version 1.8.4.4
Comparing to
See all releases

Code changes from version 1.8.4.2 to 1.8.4.4

adminpages/advancedsettings.php CHANGED
@@ -227,10 +227,10 @@ if(pmpro_displayAds())
227
<th scope="row" valign="top">&nbsp;</th>
228
<td>
229
<label for="recaptcha_publickey"><?php _e('reCAPTCHA Public Key', 'pmpro');?>:</label>
230
- <input type="text" name="recaptcha_publickey" size="60" value="<?php echo $recaptcha_publickey?>" />
231
<br /><br />
232
<label for="recaptcha_privatekey"><?php _e('reCAPTCHA Private Key', 'pmpro');?>:</label>
233
- <input type="text" name="recaptcha_privatekey" size="60" value="<?php echo $recaptcha_privatekey?>" />
234
</td>
235
</tr>
236
<tr>
@@ -296,14 +296,14 @@ if(pmpro_displayAds())
296
<input id="<?php _e($field['field_name'], 'pmpro'); ?>"
297
name="<?php _e($field['field_name'], 'pmpro'); ?>"
298
type="<?php _e($field['field_type'], 'pmpro'); ?>"
299
- value="<?php echo pmpro_getOption($field['field_name']); ?> ">
300
<?php
301
break;
302
case 'textarea':
303
?>
304
<textarea id="<?php _e($field['field_name'], 'pmpro'); ?>"
305
name="<?php _e($field['field_name'], 'pmpro'); ?>">
306
- <?php echo pmpro_getOption($field['field_name']); ?>
307
</textarea>
308
<?php
309
break;
227
<th scope="row" valign="top">&nbsp;</th>
228
<td>
229
<label for="recaptcha_publickey"><?php _e('reCAPTCHA Public Key', 'pmpro');?>:</label>
230
+ <input type="text" name="recaptcha_publickey" size="60" value="<?php echo esc_attr($recaptcha_publickey);?>" />
231
<br /><br />
232
<label for="recaptcha_privatekey"><?php _e('reCAPTCHA Private Key', 'pmpro');?>:</label>
233
+ <input type="text" name="recaptcha_privatekey" size="60" value="<?php echo esc_attr($recaptcha_privatekey);?>" />
234
</td>
235
</tr>
236
<tr>
296
<input id="<?php _e($field['field_name'], 'pmpro'); ?>"
297
name="<?php _e($field['field_name'], 'pmpro'); ?>"
298
type="<?php _e($field['field_type'], 'pmpro'); ?>"
299
+ value="<?php echo esc_attr(pmpro_getOption($field['field_name'])); ?> ">
300
<?php
301
break;
302
case 'textarea':
303
?>
304
<textarea id="<?php _e($field['field_name'], 'pmpro'); ?>"
305
name="<?php _e($field['field_name'], 'pmpro'); ?>">
306
+ <?php echo esc_textarea(pmpro_getOption($field['field_name'])); ?>
307
</textarea>
308
<?php
309
break;
adminpages/discountcodes.php CHANGED
@@ -9,31 +9,31 @@
9
global $wpdb, $pmpro_currency_symbol;
10
11
if(isset($_REQUEST['edit']))
12
- $edit = $_REQUEST['edit'];
13
else
14
$edit = false;
15
16
if(isset($_REQUEST['delete']))
17
- $delete = $_REQUEST['delete'];
18
else
19
$delete = false;
20
21
if(isset($_REQUEST['saveid']))
22
- $saveid = $_POST['saveid'];
23
else
24
$saveid = false;
25
26
if($saveid)
27
{
28
//get vars
29
- $code = $_POST['code'];
30
- $starts_month = $_POST['starts_month'];
31
- $starts_day = $_POST['starts_day'];
32
- $starts_year = $_POST['starts_year'];
33
- $expires_month = $_POST['expires_month'];
34
- $expires_day = $_POST['expires_day'];
35
- $expires_year = $_POST['expires_year'];
36
- $uses = $_POST['uses'];
37
38
//fix up dates
39
$starts = date("Y-m-d", strtotime($starts_month . "/" . $starts_day . "/" . $starts_year, current_time("timestamp")));
@@ -110,7 +110,7 @@
110
{
111
//get the values ready
112
$n = array_search($level_id, $all_levels_a); //this is the key location of this level's values
113
- $initial_payment = $initial_payment_a[$n];
114
115
//is this recurring?
116
if(!empty($recurring_a))
@@ -125,10 +125,10 @@
125
126
if(!empty($recurring))
127
{
128
- $billing_amount = $billing_amount_a[$n];
129
- $cycle_number = $cycle_number_a[$n];
130
- $cycle_period = $cycle_period_a[$n];
131
- $billing_limit = $billing_limit_a[$n];
132
133
//custom trial
134
if(!empty($custom_trial_a))
@@ -143,8 +143,8 @@
143
144
if(!empty($custom_trial))
145
{
146
- $trial_amount = $trial_amount_a[$n];
147
- $trial_limit = $trial_limit_a[$n];
148
}
149
else
150
{
@@ -175,8 +175,8 @@
175
176
if(!empty($expiration))
177
{
178
- $expiration_number = $expiration_number_a[$n];
179
- $expiration_period = $expiration_period_a[$n];
180
}
181
else
182
{
9
global $wpdb, $pmpro_currency_symbol;
10
11
if(isset($_REQUEST['edit']))
12
+ $edit = intval($_REQUEST['edit']);
13
else
14
$edit = false;
15
16
if(isset($_REQUEST['delete']))
17
+ $delete = intval($_REQUEST['delete']);
18
else
19
$delete = false;
20
21
if(isset($_REQUEST['saveid']))
22
+ $saveid = intval($_POST['saveid']);
23
else
24
$saveid = false;
25
26
if($saveid)
27
{
28
//get vars
29
+ $code = sanitize_text_field($_POST['code']);
30
+ $starts_month = intval($_POST['starts_month']);
31
+ $starts_day = intval($_POST['starts_day']);
32
+ $starts_year = intval($_POST['starts_year']);
33
+ $expires_month = intval($_POST['expires_month']);
34
+ $expires_day = intval($_POST['expires_day']);
35
+ $expires_year = intval($_POST['expires_year']);
36
+ $uses = intval($_POST['uses']);
37
38
//fix up dates
39
$starts = date("Y-m-d", strtotime($starts_month . "/" . $starts_day . "/" . $starts_year, current_time("timestamp")));
110
{
111
//get the values ready
112
$n = array_search($level_id, $all_levels_a); //this is the key location of this level's values
113
+ $initial_payment = sanitize_text_field($initial_payment_a[$n]);
114
115
//is this recurring?
116
if(!empty($recurring_a))
125
126
if(!empty($recurring))
127
{
128
+ $billing_amount = sanitize_text_field($billing_amount_a[$n]);
129
+ $cycle_number = intval($cycle_number_a[$n]);
130
+ $cycle_period = sanitize_text_field($cycle_period_a[$n]);
131
+ $billing_limit = intval($billing_limit_a[$n]);
132
133
//custom trial
134
if(!empty($custom_trial_a))
143
144
if(!empty($custom_trial))
145
{
146
+ $trial_amount = sanitize_text_field($trial_amount_a[$n]);
147
+ $trial_limit = intval($trial_limit_a[$n]);
148
}
149
else
150
{
175
176
if(!empty($expiration))
177
{
178
+ $expiration_number = intval($expiration_number_a[$n]);
179
+ $expiration_period = sanitize_text_field($expiration_period_a[$n]);
180
}
181
else
182
{
adminpages/membershiplevels.php CHANGED
@@ -14,28 +14,28 @@
14
global $pmpro_stripe_error, $pmpro_braintree_error, $pmpro_payflow_error, $pmpro_twocheckout_error, $wp_version;
15
16
if(isset($_REQUEST['edit']))
17
- $edit = $_REQUEST['edit'];
18
else
19
$edit = false;
20
if(isset($_REQUEST['copy']))
21
- $copy = $_REQUEST['copy'];
22
if(isset($_REQUEST['s']))
23
- $s = $_REQUEST['s'];
24
else
25
$s = "";
26
27
if(isset($_REQUEST['action']))
28
- $action = $_REQUEST['action'];
29
else
30
$action = false;
31
32
if(isset($_REQUEST['saveandnext']))
33
- $saveandnext = $_REQUEST['saveandnext'];
34
35
if(isset($_REQUEST['saveid']))
36
- $saveid = $_REQUEST['saveid'];
37
if(isset($_REQUEST['deleteid']))
38
- $deleteid = $_REQUEST['deleteid'];
39
40
if($action == "save_membershiplevel")
41
{
@@ -155,7 +155,7 @@
155
{
156
global $wpdb;
157
158
- $ml_id = $_REQUEST['deleteid'];
159
160
if($ml_id > 0)
161
{
@@ -280,7 +280,7 @@
280
281
?>
282
<form action="" method="post" enctype="multipart/form-data">
283
- <input name="saveid" type="hidden" value="<?php echo $edit?>" />
284
<input type="hidden" name="action" value="save_membershiplevel" />
285
<table class="form-table">
286
<tbody>
@@ -571,7 +571,7 @@
571
<p class="search-box">
572
<label class="screen-reader-text" for="post-search-input"><?php _e('Search Levels', 'pmpro');?>:</label>
573
<input type="hidden" name="page" value="pmpro-membershiplevels" />
574
- <input id="post-search-input" type="text" value="<?php echo $s?>" name="s" size="30" />
575
<input class="button" type="submit" value="<?php _e('Search Levels', 'pmpro');?>" id="search-submit" />
576
</p>
577
</form>
@@ -657,7 +657,7 @@
657
</td>
658
<td><?php if($level->allow_signups) { ?><a href="<?php echo pmpro_url("checkout", "?level=" . $level->id);?>"><?php _e('Yes', 'pmpro');?></a><?php } else { ?><?php _e('No', 'pmpro');?><?php } ?></td>
659
660
- <td><a title="<?php _e('edit','pmpro'); ?>" href="admin.php?page=pmpro-membershiplevels&edit=<?php echo $level->id?>" class="button-primary"><?php _e('edit','pmpro'); ?></a>&nbsp;<a title="<?php _e('copy','pmpro'); ?>" href="admin.php?page=pmpro-membershiplevels&copy=<?php echo $level->id?>&edit=-1" class="button-secondary"><?php _e('copy','pmpro'); ?></a>&nbsp;<a title="<?php _e('delete','pmpro'); ?>" href="javascript: askfirst('<?php printf(__("Are you sure you want to delete membership level %s? All subscriptions will be cancelled.", "pmpro"), $level->name);?>','admin.php?page=pmpro-membershiplevels&action=delete_membership_level&deleteid=<?php echo $level->id?>'); void(0);" class="button-secondary"><?php _e('delete','pmpro'); ?></a></td>
661
</tr>
662
<?php
663
}
14
global $pmpro_stripe_error, $pmpro_braintree_error, $pmpro_payflow_error, $pmpro_twocheckout_error, $wp_version;
15
16
if(isset($_REQUEST['edit']))
17
+ $edit = intval($_REQUEST['edit']);
18
else
19
$edit = false;
20
if(isset($_REQUEST['copy']))
21
+ $copy = intval($_REQUEST['copy']);
22
if(isset($_REQUEST['s']))
23
+ $s = sanitize_text_field($_REQUEST['s']);
24
else
25
$s = "";
26
27
if(isset($_REQUEST['action']))
28
+ $action = sanitize_text_field($_REQUEST['action']);
29
else
30
$action = false;
31
32
if(isset($_REQUEST['saveandnext']))
33
+ $saveandnext = intval($_REQUEST['saveandnext']);
34
35
if(isset($_REQUEST['saveid']))
36
+ $saveid = intval($_REQUEST['saveid']);
37
if(isset($_REQUEST['deleteid']))
38
+ $deleteid = intval($_REQUEST['deleteid']);
39
40
if($action == "save_membershiplevel")
41
{
155
{
156
global $wpdb;
157
158
+ $ml_id = intval($_REQUEST['deleteid']);
159
160
if($ml_id > 0)
161
{
280
281
?>
282
<form action="" method="post" enctype="multipart/form-data">
283
+ <input name="saveid" type="hidden" value="<?php echo esc_attr($edit); ?>" />
284
<input type="hidden" name="action" value="save_membershiplevel" />
285
<table class="form-table">
286
<tbody>
571
<p class="search-box">
572
<label class="screen-reader-text" for="post-search-input"><?php _e('Search Levels', 'pmpro');?>:</label>
573
<input type="hidden" name="page" value="pmpro-membershiplevels" />
574
+ <input id="post-search-input" type="text" value="<?php echo esc_attr($s); ?>" name="s" size="30" />
575
<input class="button" type="submit" value="<?php _e('Search Levels', 'pmpro');?>" id="search-submit" />
576
</p>
577
</form>
657
</td>
658
<td><?php if($level->allow_signups) { ?><a href="<?php echo pmpro_url("checkout", "?level=" . $level->id);?>"><?php _e('Yes', 'pmpro');?></a><?php } else { ?><?php _e('No', 'pmpro');?><?php } ?></td>
659
660
+ <td><a title="<?php _e('edit','pmpro'); ?>" href="admin.php?page=pmpro-membershiplevels&edit=<?php echo $level->id?>" class="button-primary"><?php _e('edit','pmpro'); ?></a>&nbsp;<a title="<?php _e('copy','pmpro'); ?>" href="admin.php?page=pmpro-membershiplevels&copy=<?php echo $level->id?>&edit=-1" class="button-secondary"><?php _e('copy','pmpro'); ?></a>&nbsp;<a title="<?php _e('delete','pmpro'); ?>" href="javascript: askfirst('<?php echo str_replace("'", "\'", sprintf("Are you sure you want to delete membership level %s? All subscriptions will be cancelled.", "pmpro"), $level->name);?>','admin.php?page=pmpro-membershiplevels&action=delete_membership_level&deleteid=<?php echo $level->id?>'); void(0);" class="button-secondary"><?php _e('delete','pmpro'); ?></a></td>
661
</tr>
662
<?php
663
}
adminpages/memberslist-csv.php CHANGED
@@ -9,12 +9,12 @@
9
10
//get users
11
if(isset($_REQUEST['s']))
12
- $s = $_REQUEST['s'];
13
else
14
$s = "";
15
16
if(isset($_REQUEST['l']))
17
- $l = $_REQUEST['l'];
18
else
19
$l = false;
20
9
10
//get users
11
if(isset($_REQUEST['s']))
12
+ $s = sanitize_text_field($_REQUEST['s']);
13
else
14
$s = "";
15
16
if(isset($_REQUEST['l']))
17
+ $l = sanitize_text_field($_REQUEST['l']);
18
else
19
$l = false;
20
adminpages/memberslist.php CHANGED
@@ -8,12 +8,12 @@
8
//vars
9
global $wpdb;
10
if(isset($_REQUEST['s']))
11
- $s = trim($_REQUEST['s']);
12
else
13
$s = "";
14
15
if(isset($_REQUEST['l']))
16
- $l = $_REQUEST['l'];
17
else
18
$l = false;
19
@@ -23,7 +23,7 @@
23
<form id="posts-filter" method="get" action="">
24
<h2>
25
<?php _e('Members List', 'pmpro');?>
26
- <a target="_blank" href="<?php echo admin_url('admin-ajax.php');?>?action=memberslist_csv&s=<?php echo $s?>&l=<?php echo $l?>" class="add-new-h2"><?php _e('Export to CSV', 'pmpro');?></a>
27
</h2>
28
<ul class="subsubsub">
29
<li>
@@ -48,7 +48,7 @@
48
<p class="search-box">
49
<label class="hidden" for="post-search-input"><?php _e('Search Members', 'pmpro');?>:</label>
50
<input type="hidden" name="page" value="pmpro-memberslist" />
51
- <input id="post-search-input" type="text" value="<?php echo $s?>" name="s"/>
52
<input class="button" type="submit" value="<?php _e('Search Members', 'pmpro');?>"/>
53
</p>
54
<?php
@@ -211,7 +211,7 @@
211
</td>
212
<td><?php echo $theuser->first_name?></td>
213
<td><?php echo $theuser->last_name?></td>
214
- <td><a href="mailto:<?php echo $theuser->user_email?>"><?php echo $theuser->user_email?></a></td>
215
<?php do_action("pmpro_memberslist_extra_cols_body", $theuser);?>
216
<td>
217
<?php
@@ -248,7 +248,7 @@
248
{
249
?>
250
<tr>
251
- <td colspan="9"><p><?php _e("No members found.", "pmpro");?> <?php if($l) { ?><a href="?page=pmpro-memberslist&s=<?php echo $s?>"><?php _e("Search all levels", "pmpro");?></a>.<?php } ?></p></td>
252
</tr>
253
<?php
254
}
8
//vars
9
global $wpdb;
10
if(isset($_REQUEST['s']))
11
+ $s = sanitize_text_field(trim($_REQUEST['s']));
12
else
13
$s = "";
14
15
if(isset($_REQUEST['l']))
16
+ $l = sanitize_text_field($_REQUEST['l']);
17
else
18
$l = false;
19
23
<form id="posts-filter" method="get" action="">
24
<h2>
25
<?php _e('Members List', 'pmpro');?>
26
+ <a target="_blank" href="<?php echo admin_url('admin-ajax.php');?>?action=memberslist_csv&s=<?php echo esc_attr($s);?>&l=<?php echo $l?>" class="add-new-h2"><?php _e('Export to CSV', 'pmpro');?></a>
27
</h2>
28
<ul class="subsubsub">
29
<li>
48
<p class="search-box">
49
<label class="hidden" for="post-search-input"><?php _e('Search Members', 'pmpro');?>:</label>
50
<input type="hidden" name="page" value="pmpro-memberslist" />
51
+ <input id="post-search-input" type="text" value="<?php echo esc_attr($s);?>" name="s"/>
52
<input class="button" type="submit" value="<?php _e('Search Members', 'pmpro');?>"/>
53
</p>
54
<?php
211
</td>
212
<td><?php echo $theuser->first_name?></td>
213
<td><?php echo $theuser->last_name?></td>
214
+ <td><a href="mailto:<?php echo esc_attr($theuser->user_email)?>"><?php echo $theuser->user_email?></a></td>
215
<?php do_action("pmpro_memberslist_extra_cols_body", $theuser);?>
216
<td>
217
<?php
248
{
249
?>
250
<tr>
251
+ <td colspan="9"><p><?php _e("No members found.", "pmpro");?> <?php if($l) { ?><a href="?page=pmpro-memberslist&s=<?php echo esc_attr($s);?>"><?php _e("Search all levels", "pmpro");?></a>.<?php } ?></p></td>
252
</tr>
253
<?php
254
}
adminpages/orders-csv.php CHANGED
@@ -9,52 +9,52 @@
9
10
//get users
11
if(isset($_REQUEST['s']))
12
- $s = $_REQUEST['s'];
13
else
14
$s = "";
15
16
if(isset($_REQUEST['l']))
17
- $l = $_REQUEST['l'];
18
else
19
$l = false;
20
21
if(isset($_REQUEST['start-month']))
22
- $start_month = $_REQUEST['start-month'];
23
else
24
$start_month = "1";
25
26
if(isset($_REQUEST['start-day']))
27
- $start_day = $_REQUEST['start-day'];
28
else
29
$start_day = "1";
30
31
if(isset($_REQUEST['start-year']))
32
- $start_year = $_REQUEST['start-year'];
33
else
34
$start_year = date("Y");
35
36
if(isset($_REQUEST['end-month']))
37
- $end_month = $_REQUEST['end-month'];
38
else
39
$end_month = date("n");
40
41
if(isset($_REQUEST['end-day']))
42
- $end_day = $_REQUEST['end-day'];
43
else
44
$end_day = date("j");
45
46
if(isset($_REQUEST['end-year']))
47
- $end_year = $_REQUEST['end-year'];
48
else
49
$end_year = date("Y");
50
51
if(isset($_REQUEST['predefined-date']))
52
- $predefined_date = $_REQUEST['predefined-date'];
53
else
54
$predefined_date = "This Month";
55
56
if(isset($_REQUEST['status']))
57
- $status = $_REQUEST['status'];
58
else
59
$status = "";
60
9
10
//get users
11
if(isset($_REQUEST['s']))
12
+ $s = sanitize_text_field($_REQUEST['s']);
13
else
14
$s = "";
15
16
if(isset($_REQUEST['l']))
17
+ $l = intval($_REQUEST['l']);
18
else
19
$l = false;
20
21
if(isset($_REQUEST['start-month']))
22
+ $start_month = intval($_REQUEST['start-month']);
23
else
24
$start_month = "1";
25
26
if(isset($_REQUEST['start-day']))
27
+ $start_day = intval($_REQUEST['start-day']);
28
else
29
$start_day = "1";
30
31
if(isset($_REQUEST['start-year']))
32
+ $start_year = intval($_REQUEST['start-year']);
33
else
34
$start_year = date("Y");
35
36
if(isset($_REQUEST['end-month']))
37
+ $end_month = intval($_REQUEST['end-month']);
38
else
39
$end_month = date("n");
40
41
if(isset($_REQUEST['end-day']))
42
+ $end_day = intval($_REQUEST['end-day']);
43
else
44
$end_day = date("j");
45
46
if(isset($_REQUEST['end-year']))
47
+ $end_year = intval($_REQUEST['end-year']);
48
else
49
$end_year = date("Y");
50
51
if(isset($_REQUEST['predefined-date']))
52
+ $predefined_date = sanitize_text_field($_REQUEST['predefined-date']);
53
else
54
$predefined_date = "This Month";
55
56
if(isset($_REQUEST['status']))
57
+ $status = sanitize_text_field($_REQUEST['status']);
58
else
59
$status = "";
60
adminpages/orders.php CHANGED
@@ -8,52 +8,52 @@
8
//vars
9
global $wpdb;
10
if(isset($_REQUEST['s']))
11
- $s = trim($_REQUEST['s']);
12
else
13
$s = "";
14
15
if(isset($_REQUEST['l']))
16
- $l = $_REQUEST['l'];
17
else
18
$l = false;
19
20
if(isset($_REQUEST['start-month']))
21
- $start_month = $_REQUEST['start-month'];
22
else
23
$start_month = "1";
24
25
if(isset($_REQUEST['start-day']))
26
- $start_day = $_REQUEST['start-day'];
27
else
28
$start_day = "1";
29
30
if(isset($_REQUEST['start-year']))
31
- $start_year = $_REQUEST['start-year'];
32
else
33
$start_year = date("Y");
34
35
if(isset($_REQUEST['end-month']))
36
- $end_month = $_REQUEST['end-month'];
37
else
38
$end_month = date("n");
39
40
if(isset($_REQUEST['end-day']))
41
- $end_day = $_REQUEST['end-day'];
42
else
43
$end_day = date("j");
44
45
if(isset($_REQUEST['end-year']))
46
- $end_year = $_REQUEST['end-year'];
47
else
48
$end_year = date("Y");
49
50
if(isset($_REQUEST['predefined-date']))
51
- $predefined_date = $_REQUEST['predefined-date'];
52
else
53
$predefined_date = "This Month";
54
55
if(isset($_REQUEST['status']))
56
- $status = $_REQUEST['status'];
57
else
58
$status = "";
59
@@ -97,57 +97,57 @@
97
$order = new MemberOrder();
98
99
//update values
100
- if(!in_array("code", $read_only_fields))
101
$order->code = $_POST['code'];
102
- if(!in_array("user_id", $read_only_fields))
103
$order->user_id = intval($_POST['user_id']);
104
- if(!in_array("membership_id", $read_only_fields))
105
$order->membership_id = intval($_POST['membership_id']);
106
- if(!in_array("billing_name", $read_only_fields))
107
$order->billing->name = stripslashes($_POST['billing_name']);
108
- if(!in_array("billing_street", $read_only_fields))
109
$order->billing->street = stripslashes($_POST['billing_street']);
110
- if(!in_array("billing_city", $read_only_fields))
111
$order->billing->city = stripslashes($_POST['billing_city']);
112
- if(!in_array("billing_state", $read_only_fields))
113
$order->billing->state = stripslashes($_POST['billing_state']);
114
- if(!in_array("billing_zip", $read_only_fields))
115
$order->billing->zip = $_POST['billing_zip'];
116
- if(!in_array("billing_country", $read_only_fields))
117
$order->billing->country = stripslashes($_POST['billing_country']);
118
- if(!in_array("billing_phone", $read_only_fields))
119
$order->billing->phone = $_POST['billing_phone'];
120
- if(!in_array("subtotal", $read_only_fields))
121
$order->subtotal = $_POST['subtotal'];
122
- if(!in_array("tax", $read_only_fields))
123
$order->tax = $_POST['tax'];
124
- if(!in_array("couponamount", $read_only_fields))
125
$order->couponamount = $_POST['couponamount'];
126
- if(!in_array("total", $read_only_fields))
127
$order->total = $_POST['total'];
128
- if(!in_array("payment_type", $read_only_fields))
129
$order->payment_type = $_POST['payment_type'];
130
- if(!in_array("cardtype", $read_only_fields))
131
$order->cardtype = $_POST['cardtype'];
132
- if(!in_array("accountnumber", $read_only_fields))
133
$order->accountnumber = $_POST['accountnumber'];
134
- if(!in_array("expirationmonth", $read_only_fields))
135
$order->expirationmonth = $_POST['expirationmonth'];
136
- if(!in_array("expirationyear", $read_only_fields))
137
$order->expirationyear = $_POST['expirationyear'];
138
- if(!in_array("ExpirationDate", $read_only_fields))
139
$order->ExpirationDate = $order->expirationmonth . $order->expirationyear;
140
- if(!in_array("status", $read_only_fields))
141
$order->status = stripslashes($_POST['status']);
142
- if(!in_array("gateway", $read_only_fields))
143
$order->gateway = $_POST['gateway'];
144
- if(!in_array("gateway_environment", $read_only_fields))
145
$order->gateway_environment = $_POST['gateway_environment'];
146
- if(!in_array("payment_transaction_id", $read_only_fields))
147
$order->payment_transaction_id = $_POST['payment_transaction_id'];
148
- if(!in_array("subscription_transaction_id", $read_only_fields))
149
$order->subscription_transaction_id = $_POST['subscription_transaction_id'];
150
- if(!in_array("notes", $read_only_fields))
151
$order->notes = stripslashes($_POST['notes']);
152
153
//affiliate stuff
@@ -513,8 +513,8 @@
513
}
514
?>
515
</select>
516
- <input name="ts_day" type="text" size="2" value="<?php echo $day?>" />
517
- <input name="ts_year" type="text" size="4" value="<?php echo $year?>" />
518
<?php } ?>
519
</td>
520
</tr>
@@ -617,8 +617,8 @@
617
<?php } ?>
618
</select>
619
620
- <input id='start-day' name="start-day" type="text" size="2" value="<?php echo $start_day?>" />
621
- <input id='start-year' name="start-year" type="text" size="4" value="<?php echo $start_year?>" />
622
623
624
<span id="to"><?php _ex('To', 'Dropdown label', 'pmpro')?></span>
@@ -630,8 +630,8 @@
630
</select>
631
632
633
- <input id='end-day' name="end-day" type="text" size="2" value="<?php echo $end_day?>" />
634
- <input id='end-year' name="end-year" type="text" size="4" value="<?php echo $end_year?>" />
635
636
<span id="filterby"><?php _ex('filter by ', 'Dropdown label', 'pmpro')?></span>
637
@@ -776,7 +776,7 @@
776
<p class="search-box">
777
<label class="hidden" for="post-search-input"><?php _e('Search Orders', 'pmpro');?>:</label>
778
<input type="hidden" name="page" value="pmpro-orders" />
779
- <input id="post-search-input" type="text" value="<?php echo $s?>" name="s"/>
780
<input class="button" type="submit" value="<?php _e('Search Orders', 'pmpro');?>"/>
781
</p>
782
8
//vars
9
global $wpdb;
10
if(isset($_REQUEST['s']))
11
+ $s = sanitize_text_field(trim($_REQUEST['s']));
12
else
13
$s = "";
14
15
if(isset($_REQUEST['l']))
16
+ $l = intval($_REQUEST['l']);
17
else
18
$l = false;
19
20
if(isset($_REQUEST['start-month']))
21
+ $start_month = intval($_REQUEST['start-month']);
22
else
23
$start_month = "1";
24
25
if(isset($_REQUEST['start-day']))
26
+ $start_day = intval($_REQUEST['start-day']);
27
else
28
$start_day = "1";
29
30
if(isset($_REQUEST['start-year']))
31
+ $start_year = intval($_REQUEST['start-year']);
32
else
33
$start_year = date("Y");
34
35
if(isset($_REQUEST['end-month']))
36
+ $end_month = intval($_REQUEST['end-month']);
37
else
38
$end_month = date("n");
39
40
if(isset($_REQUEST['end-day']))
41
+ $end_day = intval($_REQUEST['end-day']);
42
else
43
$end_day = date("j");
44
45
if(isset($_REQUEST['end-year']))
46
+ $end_year = intval($_REQUEST['end-year']);
47
else
48
$end_year = date("Y");
49
50
if(isset($_REQUEST['predefined-date']))
51
+ $predefined_date = sanitize_text_field($_REQUEST['predefined-date']);
52
else
53
$predefined_date = "This Month";
54
55
if(isset($_REQUEST['status']))
56
+ $status = sanitize_text_field($_REQUEST['status']);
57
else
58
$status = "";
59
97
$order = new MemberOrder();
98
99
//update values
100
+ if(!in_array("code", $read_only_fields) && isset($_POST['code']))
101
$order->code = $_POST['code'];
102
+ if(!in_array("user_id", $read_only_fields) && isset($_POST['user_id']))
103
$order->user_id = intval($_POST['user_id']);
104
+ if(!in_array("membership_id", $read_only_fields) && isset($_POST['membership_id']))
105
$order->membership_id = intval($_POST['membership_id']);
106
+ if(!in_array("billing_name", $read_only_fields) && isset($_POST['billing_name']))
107
$order->billing->name = stripslashes($_POST['billing_name']);
108
+ if(!in_array("billing_street", $read_only_fields) && isset($_POST['billing_street']))
109
$order->billing->street = stripslashes($_POST['billing_street']);
110
+ if(!in_array("billing_city", $read_only_fields) && isset($_POST['billing_city']))
111
$order->billing->city = stripslashes($_POST['billing_city']);
112
+ if(!in_array("billing_state", $read_only_fields) && isset($_POST['billing_state']))
113
$order->billing->state = stripslashes($_POST['billing_state']);
114
+ if(!in_array("billing_zip", $read_only_fields) && isset($_POST['billing_zip']))
115
$order->billing->zip = $_POST['billing_zip'];
116
+ if(!in_array("billing_country", $read_only_fields) && isset($_POST['billing_country']))
117
$order->billing->country = stripslashes($_POST['billing_country']);
118
+ if(!in_array("billing_phone", $read_only_fields) && isset($_POST['billing_phone']))
119
$order->billing->phone = $_POST['billing_phone'];
120
+ if(!in_array("subtotal", $read_only_fields) && isset($_POST['subtotal']))
121
$order->subtotal = $_POST['subtotal'];
122
+ if(!in_array("tax", $read_only_fields) && isset($_POST['tax']))
123
$order->tax = $_POST['tax'];
124
+ if(!in_array("couponamount", $read_only_fields) && isset($_POST['couponamount']))
125
$order->couponamount = $_POST['couponamount'];
126
+ if(!in_array("total", $read_only_fields) && isset($_POST['total']))
127
$order->total = $_POST['total'];
128
+ if(!in_array("payment_type", $read_only_fields) && isset($_POST['payment_type']))
129
$order->payment_type = $_POST['payment_type'];
130
+ if(!in_array("cardtype", $read_only_fields) && isset($_POST['cardtype']))
131
$order->cardtype = $_POST['cardtype'];
132
+ if(!in_array("accountnumber", $read_only_fields) && isset($_POST['accountnumber']))
133
$order->accountnumber = $_POST['accountnumber'];
134
+ if(!in_array("expirationmonth", $read_only_fields) && isset($_POST['expirationmonth']))
135
$order->expirationmonth = $_POST['expirationmonth'];
136
+ if(!in_array("expirationyear", $read_only_fields) && isset($_POST['expirationyear']))
137
$order->expirationyear = $_POST['expirationyear'];
138
+ if(!in_array("ExpirationDate", $read_only_fields) && isset($_POST['ExpirationDate']))
139
$order->ExpirationDate = $order->expirationmonth . $order->expirationyear;
140
+ if(!in_array("status", $read_only_fields) && isset($_POST['status']))
141
$order->status = stripslashes($_POST['status']);
142
+ if(!in_array("gateway", $read_only_fields) && isset($_POST['gateway']))
143
$order->gateway = $_POST['gateway'];
144
+ if(!in_array("gateway_environment", $read_only_fields) && isset($_POST['gateway_environment']))
145
$order->gateway_environment = $_POST['gateway_environment'];
146
+ if(!in_array("payment_transaction_id", $read_only_fields) && isset($_POST['payment_transaction_id']))
147
$order->payment_transaction_id = $_POST['payment_transaction_id'];
148
+ if(!in_array("subscription_transaction_id", $read_only_fields) && isset($_POST['subscription_transaction_id']))
149
$order->subscription_transaction_id = $_POST['subscription_transaction_id'];
150
+ if(!in_array("notes", $read_only_fields) && isset($_POST['notes']))
151
$order->notes = stripslashes($_POST['notes']);
152
153
//affiliate stuff
513
}
514
?>
515
</select>
516
+ <input name="ts_day" type="text" size="2" value="<?php echo esc_attr($day);?>" />
517
+ <input name="ts_year" type="text" size="4" value="<?php echo esc_attr($year);?>" />
518
<?php } ?>
519
</td>
520
</tr>
617
<?php } ?>
618
</select>
619
620
+ <input id='start-day' name="start-day" type="text" size="2" value="<?php echo esc_attr($start_day);?>" />
621
+ <input id='start-year' name="start-year" type="text" size="4" value="<?php echo esc_attr($start_year);?>" />
622
623
624
<span id="to"><?php _ex('To', 'Dropdown label', 'pmpro')?></span>
630
</select>
631
632
633
+ <input id='end-day' name="end-day" type="text" size="2" value="<?php echo esc_attr($end_day);?>" />
634
+ <input id='end-year' name="end-year" type="text" size="4" value="<?php echo esc_attr($end_year);?>" />
635
636
<span id="filterby"><?php _ex('filter by ', 'Dropdown label', 'pmpro')?></span>
637
776
<p class="search-box">
777
<label class="hidden" for="post-search-input"><?php _e('Search Orders', 'pmpro');?>:</label>
778
<input type="hidden" name="page" value="pmpro-orders" />
779
+ <input id="post-search-input" type="text" value="<?php echo esc_attr($s);?>" name="s"/>
780
<input class="button" type="submit" value="<?php _e('Search Orders', 'pmpro');?>"/>
781
</p>
782
adminpages/reports.php CHANGED
@@ -54,7 +54,7 @@
54
else
55
{
56
//view a single report
57
- $report = $_REQUEST['report'];
58
call_user_func("pmpro_report_" . $report . "_page");
59
}
60
54
else
55
{
56
//view a single report
57
+ $report = sanitize_text_field($_REQUEST['report']);
58
call_user_func("pmpro_report_" . $report . "_page");
59
}
60
adminpages/reports/login.php CHANGED
@@ -1,420 +1,420 @@
1
- <?php
2
- /*
3
- PMPro Report
4
- Title: Logins
5
- Slug: login
6
-
7
- For each report, add a line like:
8
- global $pmpro_reports;
9
- $pmpro_reports['slug'] = 'Title';
10
-
11
- For each report, also write two functions:
12
- * pmpro_report_{slug}_widget() to show up on the report homepage.
13
- * pmpro_report_{slug}_page() to show up when users click on the report page widget.
14
- */
15
- global $pmpro_reports;
16
- $pmpro_reports['login'] = __('Visits, Views, and Logins', 'pmpro');
17
-
18
- function pmpro_report_login_widget()
19
- {
20
- global $wpdb;
21
- $now = current_time('timestamp');
22
- $visits = get_option("pmpro_visits", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
23
- $views = get_option("pmpro_views", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
24
- $logins = get_option("pmpro_logins", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
25
- ?>
26
- <div style="width: 33%; float: left;">
27
- <p><?php _e('Visits Today', 'pmpro')?>: <?php echo $visits['today'];?></p>
28
- <p><?php _e('Visits This Month', 'pmpro')?>: <?php echo $visits['month'];?></p>
29
- <p><?php _e('Visits All Time', 'pmpro')?>: <?php echo $visits['alltime'];?></p>
30
- </div>
31
- <div style="width: 33%; float: left;">
32
- <p><?php _e('Views Today', 'pmpro')?>: <?php echo $views['today'];?></p>
33
- <p><?php _e('Views This Month', 'pmpro')?>: <?php echo $views['month'];?></p>
34
- <p><?php _e('Views All Time', 'pmpro')?>: <?php echo $views['alltime'];?></p>
35
- </div>
36
- <div style="width: 33%; float: left;">
37
- <p><?php _e('Logins Today', 'pmpro')?>: <?php echo $logins['today'];?></p>
38
- <p><?php _e('Logins This Month', 'pmpro')?>: <?php echo $logins['month'];?></p>
39
- <p><?php _e('Logins All Time', 'pmpro')?>: <?php echo $logins['alltime'];?></p>
40
- </div>
41
- <div class="clear"></div>
42
- <?php
43
- }
44
-
45
- function pmpro_report_login_page()
46
- {
47
- global $wpdb;
48
- $now = current_time('timestamp');
49
-
50
- //vars
51
- if(!empty($_REQUEST['s']))
52
- $s = $_REQUEST['s'];
53
- else
54
- $s = "";
55
-
56
- if(!empty($_REQUEST['l']))
57
- $l = intval($_REQUEST['l']);
58
- else
59
- $l = "";
60
- ?>
61
- <form id="posts-filter" method="get" action="">
62
- <h2>
63
- <?php _e('Visits, Views, and Logins Report', 'pmpro');?>
64
- </h2>
65
- <ul class="subsubsub">
66
- <li>
67
- <?php _ex('Show', 'Dropdown label, e.g. Show All Users', 'pmpro')?> <select name="l" onchange="jQuery('#posts-filter').submit();">
68
- <option value="" <?php if(!$l) { ?>selected="selected"<?php } ?>><?php _e('All Users', 'pmpro')?></option>
69
- <option value="all" <?php if($l == "all") { ?>selected="selected"<?php } ?>><?php _e('All Levels', 'pmpro')?></option>
70
- <?php
71
- $levels = $wpdb->get_results("SELECT id, name FROM $wpdb->pmpro_membership_levels ORDER BY name");
72
- foreach($levels as $level)
73
- {
74
- ?>
75
- <option value="<?php echo $level->id?>" <?php if($l == $level->id) { ?>selected="selected"<?php } ?>><?php echo $level->name?></option>
76
- <?php
77
- }
78
- ?>
79
- </select>
80
- </li>
81
- </ul>
82
- <p class="search-box">
83
- <label class="hidden" for="post-search-input"><?php _ex('Search', 'Search form label', 'pmpro')?> <?php if(empty($l)) echo "Users"; else echo "Members";?>:</label>
84
- <input type="hidden" name="page" value="pmpro-reports" />
85
- <input type="hidden" name="report" value="login" />
86
- <input id="post-search-input" type="text" value="<?php echo esc_attr($s)?>" name="s"/>
87
- <input class="button" type="submit" value="Search Members"/>
88
- </p>
89
- <?php
90
- //some vars for the search
91
- if(isset($_REQUEST['pn']))
92
- $pn = intval($_REQUEST['pn']);
93
- else
94
- $pn = 1;
95
-
96
- if(isset($_REQUEST['limit']))
97
- $limit = intval($_REQUEST['limit']);
98
- else
99
- $limit = 15;
100
-
101
- $end = $pn * $limit;
102
- $start = $end - $limit;
103
-
104
- if($s)
105
- {
106
- $sqlQuery = "SELECT SQL_CALC_FOUND_ROWS u.ID, u.user_login, u.user_email, UNIX_TIMESTAMP(u.user_registered) as joindate, mu.membership_id, mu.initial_payment, mu.billing_amount, mu.cycle_period, mu.cycle_number, mu.billing_limit, mu.trial_amount, mu.trial_limit, UNIX_TIMESTAMP(mu.startdate) as startdate, UNIX_TIMESTAMP(mu.enddate) as enddate, m.name as membership FROM $wpdb->users u LEFT JOIN $wpdb->usermeta um ON u.ID = um.user_id LEFT JOIN $wpdb->pmpro_memberships_users mu ON u.ID = mu.user_id AND mu.status = 'active' LEFT JOIN $wpdb->pmpro_membership_levels m ON mu.membership_id = m.id WHERE (u.user_login LIKE '%" . esc_sql($s) . "%' OR u.user_email LIKE '%" . esc_sql($s) . "%' OR um.meta_value LIKE '%" . esc_sql($s) . "%') ";
107
-
108
- if($l == "all")
109
- $sqlQuery .= " AND mu.status = 'active' AND mu.membership_id > 0 ";
110
- elseif($l)
111
- $sqlQuery .= " AND mu.membership_id = '" . $l . "' ";
112
-
113
- $sqlQuery .= "GROUP BY u.ID ORDER BY user_registered DESC LIMIT $start, $limit";
114
- }
115
- else
116
- {
117
- $sqlQuery = "SELECT SQL_CALC_FOUND_ROWS u.ID, u.user_login, u.user_email, UNIX_TIMESTAMP(u.user_registered) as joindate, mu.membership_id, mu.initial_payment, mu.billing_amount, mu.cycle_period, mu.cycle_number, mu.billing_limit, mu.trial_amount, mu.trial_limit, UNIX_TIMESTAMP(mu.startdate) as startdate, UNIX_TIMESTAMP(mu.enddate) as enddate, m.name as membership FROM $wpdb->users u LEFT JOIN $wpdb->pmpro_memberships_users mu ON u.ID = mu.user_id AND mu.status = 'active' LEFT JOIN $wpdb->pmpro_membership_levels m ON mu.membership_id = m.id";
118
- $sqlQuery .= " WHERE 1=1 ";
119
-
120
- if($l == "all")
121
- $sqlQuery .= " AND mu.membership_id > 0 AND mu.status = 'active' ";
122
- elseif($l)
123
- $sqlQuery .= " AND mu.membership_id = '" . $l . "' ";
124
- $sqlQuery .= "GROUP BY u.ID ORDER BY user_registered DESC LIMIT $start, $limit";
125
- }
126
-
127
- $sqlQuery = apply_filters("pmpro_members_list_sql", $sqlQuery);
128
-
129
- $theusers = $wpdb->get_results($sqlQuery);
130
- $totalrows = $wpdb->get_var("SELECT FOUND_ROWS() as found_rows");
131
-
132
- if($theusers)
133
- {
134
- ?>
135
- <p class="clear"><?php echo strval($totalrows)?> <?php if(empty($l)) echo "users"; else echo "members";?> found.
136
- <?php
137
- }
138
- ?>
139
- <table class="widefat">
140
- <thead>
141
- <tr class="thead">
142
- <th><?php _e('ID', 'pmpro')?></th>
143
- <th><?php _e('User', 'pmpro')?></th>
144
- <th><?php _e('Name', 'pmpro')?></th>
145
- <th><?php _e('Membership', 'pmpro')?></th>
146
- <th><?php _e('Joined', 'pmpro')?></th>
147
- <th><?php _e('Expires', 'pmpro')?></th>
148
- <th><?php _e('Last Visit', 'pmpro')?></th>
149
- <th><?php _e('Visits This Month', 'pmpro')?></th>
150
- <th><?php _e('Total Visits', 'pmpro')?></th>
151
- <th><?php _e('Views This Month', 'pmpro')?></th>
152
- <th><?php _e('Total Views', 'pmpro')?></th>
153
- <th><?php _e('Last Login', 'pmpro')?></th>
154
- <th><?php _e('Logins This Month', 'pmpro')?></th>
155
- <th><?php _e('Total Logins', 'pmpro')?></th>
156
- </tr>
157
- </thead>
158
- <tbody id="users" class="list:user user-list">
159
- <?php
160
- $count = 0;
161
- foreach($theusers as $auser)
162
- {
163
- //get meta
164
- $theuser = get_userdata($auser->ID);
165
- $visits = get_user_meta($auser->ID, "pmpro_visits", true);
166
- $views = get_user_meta($auser->ID, "pmpro_views", true);
167
- $logins = get_user_meta($auser->ID, "pmpro_logins", true);
168
- if(empty($logins))
169
- $logins = array("last"=>"N/A", "month"=>"N/A", "alltime"=>"N/A");
170
- ?>
171
- <tr <?php if($count++ % 2 == 0) { ?>class="alternate"<?php } ?>>
172
- <td><?php echo $theuser->ID?></td>
173
- <td>
174
- <?php echo get_avatar($theuser->ID, 32)?>
175
- <strong>
176
- <?php
177
- $userlink = '<a href="user-edit.php?user_id=' . $theuser->ID . '">' . $theuser->user_login . '</a>';
178
- $userlink = apply_filters("pmpro_members_list_user_link", $userlink, $theuser);
179
- echo $userlink;
180
- ?>
181
- </strong>
182
- </td>
183
- <td>
184
- <?php echo $theuser->display_name;?>
185
- </td>
186
- <td><?php echo $auser->membership?></td>
187
- <td><?php echo date("m/d/Y", strtotime($theuser->user_registered, current_time("timestamp")))?></td>
188
- <td>
189
- <?php
190
- if($auser->enddate)
191
- echo date(get_option('date_format'), $auser->enddate);
192
- else
193
- echo "Never";
194
- ?>
195
- </td>
196
- <td><?php if(!empty($visits['last'])) echo $visits['last'];?></td>
197
- <td><?php if(!empty($visits['month']) && pmpro_isDateThisMonth($visits['last'])) echo $visits['month'];?></td>
198
- <td><?php if(!empty($visits['alltime'])) echo $visits['alltime'];?></td>
199
- <td><?php if(!empty($views['month']) && pmpro_isDateThisMonth($views['last'])) echo $views['month'];?></td>
200
- <td><?php if(!empty($views['alltime'])) echo $views['alltime'];?></td>
201
- <td><?php if(!empty($logins['last'])) echo $logins['last'];?></td>
202
- <td><?php if(!empty($logins['month']) && pmpro_isDateThisMonth($logins['last'])) echo $logins['month'];?></td>
203
- <td><?php if(!empty($logins['alltime'])) echo $logins['alltime'];?></td>
204
- </tr>
205
- <?php
206
- }
207
-
208
- if(!$theusers)
209
- {
210
- ?>
211
- <tr>
212
- <td colspan="9"><p><?php _e('No members found.', 'pmpro')?> <?php if($l) { ?><a href="?page=pmpro-memberslist&s=<?php echo esc_attr($s)?>"><?php _e('Search all levels', 'pmpro')?></a>.<?php } ?></p></td>
213
- </tr>
214
- <?php
215
- }
216
- ?>
217
- </tbody>
218
- </table>
219
- </form>
220
-
221
- <?php
222
- echo pmpro_getPaginationString($pn, $totalrows, $limit, 1, get_admin_url(NULL, "/admin.php?page=pmpro-reports&report=login&s=" . urlencode($s)), "&l=$l&limit=$limit&pn=");
223
- ?>
224
- <?php
225
- }
226
-
227
- /*
228
- Other code required for your reports. This file is loaded every time WP loads with PMPro enabled.
229
- */
230
-
231
- //track visits
232
- function pmpro_report_login_wp_visits()
233
- {
234
- //don't track admin
235
- if(is_admin())
236
- return;
237
-
238
- //only track logged in users
239
- if(!is_user_logged_in())
240
- return;
241
-
242
- //check for cookie
243
- if(!empty($_COOKIE['pmpro_visit']))
244
- return;
245
-
246
- $now = current_time('timestamp');
247
-
248
- //set cookie, then track
249
- setcookie("pmpro_visit", "1", NULL, COOKIEPATH, COOKIE_DOMAIN, false);
250
-
251
- global $current_user;
252
- //track for user
253
- if(!empty($current_user->ID))
254
- {
255
- $visits = $current_user->pmpro_visits;
256
- if(empty($visits))
257
- $visits = array("last"=>"N/A", "thisdate"=>NULL, "month"=>0, "thismonth"=>NULL, "alltime"=>0);
258
-
259
- //track logins for user
260
- $visits['last'] = date(get_option("date_format"));
261
- $visits['alltime']++;
262
- $thismonth = date("n", $now);
263
- if($thismonth == $visits['thismonth'])
264
- $visits['month']++;
265
- else
266
- {
267
- $visits['month'] = 1;
268
- $visits['thismonth'] = $thismonth;
269
- }
270
-
271
- //update user data
272
- update_user_meta($current_user->ID, "pmpro_visits", $visits);
273
- }
274
-
275
- //track for all
276
- $visits = get_option("pmpro_visits");
277
- if(empty($visits))
278
- $visits = array("today"=>0, "thisdate"=>NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
279
-
280
- $visits['alltime']++;
281
- $thisdate = date("Y-d-m", $now);
282
- if($thisdate == $visits['thisdate'])
283
- $visits['today']++;
284
- else
285
- {
286
- $visits['today'] = 1;
287
- $visits['thisdate'] = $thisdate;
288
- }
289
- if($thismonth == $visits['thismonth'])
290
- $visits['month']++;
291
- else
292
- {
293
- $visits['month'] = 1;
294
- $visits['thismonth'] = $thismonth;
295
- }
296
-
297
- update_option("pmpro_visits", $visits);
298
- }
299
- add_action("wp", "pmpro_report_login_wp_visits");
300
-
301
- //we want to clear the pmpro_visit cookie on login/logout
302
- function pmpro_report_login_clear_visit_cookie()
303
- {
304
- if(isset($_COOKIE['pmpro_visit']))
305
- unset($_COOKIE['pmpro_visit']);
306
- }
307
- add_action("wp_login", "pmpro_report_login_clear_visit_cookie");
308
- add_action("wp_logout", "pmpro_report_login_clear_visit_cookie");
309
-
310
- //track views
311
- function pmpro_report_login_wp_views()
312
- {
313
- //don't track admin
314
- if(is_admin())
315
- return;
316
-
317
- global $current_user;
318
- $now = current_time('timestamp');
319
-
320
- //track for user
321
- if(!empty($current_user->ID))
322
- {
323
- $views = $current_user->pmpro_views;
324
- if(empty($views))
325
- $views = array("last"=>"N/A", "month"=>0, "alltime"=>0);
326
-
327
- //track logins for user
328
- $views['last'] = date(get_option("date_format"), $now);
329
- $views['alltime']++;
330
- $thismonth = date("n", $now);
331
- if(isset($views['thismonth']) && $thismonth == $views['thismonth'])
332
- $views['month']++;
333
- else
334
- {
335
- $views['month'] = 1;
336
- $views['thismonth'] = $thismonth;
337
- }
338
-
339
- //update user data
340
- update_user_meta($current_user->ID, "pmpro_views", $views);
341
- }
342
-
343
- //track for all
344
- $views = get_option("pmpro_views");
345
- if(empty($views))
346
- $views = array("today"=>0, "thisdate"=> NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
347
-
348
- $views['alltime']++;
349
- $thisdate = date("Y-d-m", $now);
350
- if($thisdate == $views['thisdate'])
351
- $views['today']++;
352
- else
353
- {
354
- $views['today'] = 1;
355
- $views['thisdate'] = $thisdate;
356
- }
357
- $thismonth = date("n", $now);
358
- if(isset($views['thismonth']) && $thismonth == $views['thismonth'])
359
- $views['month']++;
360
- else
361
- {
362
- $views['month'] = 1;
363
- $views['thismonth'] = $thismonth;
364
- }
365
-
366
- update_option("pmpro_views", $views);
367
- }
368
- add_action("wp", "pmpro_report_login_wp_views");
369
-
370
- //track logins
371
- function pmpro_report_login_wp_login($user_login)
372
- {
373
- $now = current_time('timestamp');
374
-
375
- //get user data
376
- $user = get_user_by("login", $user_login);
377
- $logins = $user->pmpro_logins;
378
- if(empty($logins))
379
- $logins = array("last"=>"N/A", "thisdate"=>NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
380
-
381
- //track logins for user
382
- $logins['last'] = date(get_option("date_format"), $now);
383
- $logins['alltime']++;
384
- $thismonth = date("n", $now);
385
- if($thismonth == $logins['thismonth'])
386
- $logins['month']++;
387
- else
388
- {
389
- $logins['month'] = 1;
390
- $logins['thismonth'] = $thismonth;
391
- }
392
-
393
- //update user data
394
- update_user_meta($user->ID, "pmpro_logins", $logins);
395
-
396
- //track logins overall
397
- $logins = get_option("pmpro_logins");
398
- if(empty($logins))
399
- $logins = array("today"=>0, "thisdate"=>NULL, "month"=>0, "thismonth"=>NULL, "alltime"=>0);
400
-
401
- $logins['alltime']++;
402
- $thisdate = date("Y-d-m", $now);
403
- if($thisdate == $logins['thisdate'])
404
- $logins['today']++;
405
- else
406
- {
407
- $logins['today'] = 1;
408
- $logins['thisdate'] = $thisdate;
409
- }
410
- if($thismonth == $logins['thismonth'])
411
- $logins['month']++;
412
- else
413
- {
414
- $logins['month'] = 1;
415
- $logins['thismonth'] = $thismonth;
416
- }
417
-
418
- update_option("pmpro_logins", $logins);
419
- }
420
add_action("wp_login", "pmpro_report_login_wp_login");
1
+ <?php
2
+ /*
3
+ PMPro Report
4
+ Title: Logins
5
+ Slug: login
6
+
7
+ For each report, add a line like:
8
+ global $pmpro_reports;
9
+ $pmpro_reports['slug'] = 'Title';
10
+
11
+ For each report, also write two functions:
12
+ * pmpro_report_{slug}_widget() to show up on the report homepage.
13
+ * pmpro_report_{slug}_page() to show up when users click on the report page widget.
14
+ */
15
+ global $pmpro_reports;
16
+ $pmpro_reports['login'] = __('Visits, Views, and Logins', 'pmpro');
17
+
18
+ function pmpro_report_login_widget()
19
+ {
20
+ global $wpdb;
21
+ $now = current_time('timestamp');
22
+ $visits = get_option("pmpro_visits", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
23
+ $views = get_option("pmpro_views", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
24
+ $logins = get_option("pmpro_logins", array("today"=>0, "thisday"=>date("Y-m-d", $now), "alltime"=>0, "month"=>0, "thismonth"=>date("n", $now)));
25
+ ?>
26
+ <div style="width: 33%; float: left;">
27
+ <p><?php _e('Visits Today', 'pmpro')?>: <?php echo $visits['today'];?></p>
28
+ <p><?php _e('Visits This Month', 'pmpro')?>: <?php echo $visits['month'];?></p>
29
+ <p><?php _e('Visits All Time', 'pmpro')?>: <?php echo $visits['alltime'];?></p>
30
+ </div>
31
+ <div style="width: 33%; float: left;">
32
+ <p><?php _e('Views Today', 'pmpro')?>: <?php echo $views['today'];?></p>
33
+ <p><?php _e('Views This Month', 'pmpro')?>: <?php echo $views['month'];?></p>
34
+ <p><?php _e('Views All Time', 'pmpro')?>: <?php echo $views['alltime'];?></p>
35
+ </div>
36
+ <div style="width: 33%; float: left;">
37
+ <p><?php _e('Logins Today', 'pmpro')?>: <?php echo $logins['today'];?></p>
38
+ <p><?php _e('Logins This Month', 'pmpro')?>: <?php echo $logins['month'];?></p>
39
+ <p><?php _e('Logins All Time', 'pmpro')?>: <?php echo $logins['alltime'];?></p>
40
+ </div>
41
+ <div class="clear"></div>
42
+ <?php
43
+ }
44
+
45
+ function pmpro_report_login_page()
46
+ {
47
+ global $wpdb;
48
+ $now = current_time('timestamp');
49
+
50
+ //vars
51
+ if(!empty($_REQUEST['s']))
52
+ $s = $_REQUEST['s'];
53
+ else
54
+ $s = "";
55
+
56
+ if(!empty($_REQUEST['l']))
57
+ $l = intval($_REQUEST['l']);
58
+ else
59
+ $l = "";
60
+ ?>
61
+ <form id="posts-filter" method="get" action="">
62
+ <h2>
63
+ <?php _e('Visits, Views, and Logins Report', 'pmpro');?>
64
+ </h2>
65
+ <ul class="subsubsub">
66
+ <li>
67
+ <?php _ex('Show', 'Dropdown label, e.g. Show All Users', 'pmpro')?> <select name="l" onchange="jQuery('#posts-filter').submit();">
68
+ <option value="" <?php if(!$l) { ?>selected="selected"<?php } ?>><?php _e('All Users', 'pmpro')?></option>
69
+ <option value="all" <?php if($l == "all") { ?>selected="selected"<?php } ?>><?php _e('All Levels', 'pmpro')?></option>
70
+ <?php
71
+ $levels = $wpdb->get_results("SELECT id, name FROM $wpdb->pmpro_membership_levels ORDER BY name");
72
+ foreach($levels as $level)
73
+ {
74
+ ?>
75
+ <option value="<?php echo $level->id?>" <?php if($l == $level->id) { ?>selected="selected"<?php } ?>><?php echo $level->name?></option>
76
+ <?php
77
+ }
78
+ ?>
79
+ </select>
80
+ </li>
81
+ </ul>
82
+ <p class="search-box">
83
+ <label class="hidden" for="post-search-input"><?php _ex('Search', 'Search form label', 'pmpro')?> <?php if(empty($l)) echo "Users"; else echo "Members";?>:</label>
84
+ <input type="hidden" name="page" value="pmpro-reports" />
85
+ <input type="hidden" name="report" value="login" />
86
+ <input id="post-search-input" type="text" value="<?php echo esc_attr($s)?>" name="s"/>
87
+ <input class="button" type="submit" value="Search Members"/>
88
+ </p>
89
+ <?php
90
+ //some vars for the search
91
+ if(isset($_REQUEST['pn']))
92
+ $pn = intval($_REQUEST['pn']);
93
+ else
94
+ $pn = 1;
95
+
96
+ if(isset($_REQUEST['limit']))
97
+ $limit = intval($_REQUEST['limit']);
98
+ else
99
+ $limit = 15;
100
+
101
+ $end = $pn * $limit;
102
+ $start = $end - $limit;
103
+
104
+ if($s)
105
+ {
106
+ $sqlQuery = "SELECT SQL_CALC_FOUND_ROWS u.ID, u.user_login, u.user_email, UNIX_TIMESTAMP(u.user_registered) as joindate, mu.membership_id, mu.initial_payment, mu.billing_amount, mu.cycle_period, mu.cycle_number, mu.billing_limit, mu.trial_amount, mu.trial_limit, UNIX_TIMESTAMP(mu.startdate) as startdate, UNIX_TIMESTAMP(mu.enddate) as enddate, m.name as membership FROM $wpdb->users u LEFT JOIN $wpdb->usermeta um ON u.ID = um.user_id LEFT JOIN $wpdb->pmpro_memberships_users mu ON u.ID = mu.user_id AND mu.status = 'active' LEFT JOIN $wpdb->pmpro_membership_levels m ON mu.membership_id = m.id WHERE (u.user_login LIKE '%" . esc_sql($s) . "%' OR u.user_email LIKE '%" . esc_sql($s) . "%' OR um.meta_value LIKE '%" . esc_sql($s) . "%') ";
107
+
108
+ if($l == "all")
109
+ $sqlQuery .= " AND mu.status = 'active' AND mu.membership_id > 0 ";
110
+ elseif($l)
111
+ $sqlQuery .= " AND mu.membership_id = '" . $l . "' ";
112
+
113
+ $sqlQuery .= "GROUP BY u.ID ORDER BY user_registered DESC LIMIT $start, $limit";
114
+ }
115
+ else
116
+ {
117
+ $sqlQuery = "SELECT SQL_CALC_FOUND_ROWS u.ID, u.user_login, u.user_email, UNIX_TIMESTAMP(u.user_registered) as joindate, mu.membership_id, mu.initial_payment, mu.billing_amount, mu.cycle_period, mu.cycle_number, mu.billing_limit, mu.trial_amount, mu.trial_limit, UNIX_TIMESTAMP(mu.startdate) as startdate, UNIX_TIMESTAMP(mu.enddate) as enddate, m.name as membership FROM $wpdb->users u LEFT JOIN $wpdb->pmpro_memberships_users mu ON u.ID = mu.user_id AND mu.status = 'active' LEFT JOIN $wpdb->pmpro_membership_levels m ON mu.membership_id = m.id";
118
+ $sqlQuery .= " WHERE 1=1 ";
119
+
120
+ if($l == "all")
121
+ $sqlQuery .= " AND mu.membership_id > 0 AND mu.status = 'active' ";
122
+ elseif($l)
123
+ $sqlQuery .= " AND mu.membership_id = '" . $l . "' ";
124
+ $sqlQuery .= "GROUP BY u.ID ORDER BY user_registered DESC LIMIT $start, $limit";
125
+ }
126
+
127
+ $sqlQuery = apply_filters("pmpro_members_list_sql", $sqlQuery);
128
+
129
+ $theusers = $wpdb->get_results($sqlQuery);
130
+ $totalrows = $wpdb->get_var("SELECT FOUND_ROWS() as found_rows");
131
+
132
+ if($theusers)
133
+ {
134
+ ?>
135
+ <p class="clear"><?php echo strval($totalrows)?> <?php if(empty($l)) echo "users"; else echo "members";?> found.
136
+ <?php
137
+ }
138
+ ?>
139
+ <table class="widefat">
140
+ <thead>
141
+ <tr class="thead">
142
+ <th><?php _e('ID', 'pmpro')?></th>
143
+ <th><?php _e('User', 'pmpro')?></th>
144
+ <th><?php _e('Name', 'pmpro')?></th>
145
+ <th><?php _e('Membership', 'pmpro')?></th>
146
+ <th><?php _e('Joined', 'pmpro')?></th>
147
+ <th><?php _e('Expires', 'pmpro')?></th>
148
+ <th><?php _e('Last Visit', 'pmpro')?></th>
149
+ <th><?php _e('Visits This Month', 'pmpro')?></th>
150
+ <th><?php _e('Total Visits', 'pmpro')?></th>
151
+ <th><?php _e('Views This Month', 'pmpro')?></th>
152
+ <th><?php _e('Total Views', 'pmpro')?></th>
153
+ <th><?php _e('Last Login', 'pmpro')?></th>
154
+ <th><?php _e('Logins This Month', 'pmpro')?></th>
155
+ <th><?php _e('Total Logins', 'pmpro')?></th>
156
+ </tr>
157
+ </thead>
158
+ <tbody id="users" class="list:user user-list">
159
+ <?php
160
+ $count = 0;
161
+ foreach($theusers as $auser)
162
+ {
163
+ //get meta
164
+ $theuser = get_userdata($auser->ID);
165
+ $visits = get_user_meta($auser->ID, "pmpro_visits", true);
166
+ $views = get_user_meta($auser->ID, "pmpro_views", true);
167
+ $logins = get_user_meta($auser->ID, "pmpro_logins", true);
168
+ if(empty($logins))
169
+ $logins = array("last"=>"N/A", "month"=>"N/A", "alltime"=>"N/A");
170
+ ?>
171
+ <tr <?php if($count++ % 2 == 0) { ?>class="alternate"<?php } ?>>
172
+ <td><?php echo $theuser->ID?></td>
173
+ <td>
174
+ <?php echo get_avatar($theuser->ID, 32)?>
175
+ <strong>
176
+ <?php
177
+ $userlink = '<a href="user-edit.php?user_id=' . $theuser->ID . '">' . $theuser->user_login . '</a>';
178
+ $userlink = apply_filters("pmpro_members_list_user_link", $userlink, $theuser);
179
+ echo $userlink;
180
+ ?>
181
+ </strong>
182
+ </td>
183
+ <td>
184
+ <?php echo $theuser->display_name;?>
185
+ </td>
186
+ <td><?php echo $auser->membership?></td>
187
+ <td><?php echo date("m/d/Y", strtotime($theuser->user_registered, current_time("timestamp")))?></td>
188
+ <td>
189
+ <?php
190
+ if($auser->enddate)
191
+ echo date(get_option('date_format'), $auser->enddate);
192
+ else
193
+ echo "Never";
194
+ ?>
195
+ </td>
196
+ <td><?php if(!empty($visits['last'])) echo $visits['last'];?></td>
197
+ <td><?php if(!empty($visits['month']) && pmpro_isDateThisMonth($visits['last'])) echo $visits['month'];?></td>
198
+ <td><?php if(!empty($visits['alltime'])) echo $visits['alltime'];?></td>
199
+ <td><?php if(!empty($views['month']) && pmpro_isDateThisMonth($views['last'])) echo $views['month'];?></td>
200
+ <td><?php if(!empty($views['alltime'])) echo $views['alltime'];?></td>
201
+ <td><?php if(!empty($logins['last'])) echo $logins['last'];?></td>
202
+ <td><?php if(!empty($logins['month']) && pmpro_isDateThisMonth($logins['last'])) echo $logins['month'];?></td>
203
+ <td><?php if(!empty($logins['alltime'])) echo $logins['alltime'];?></td>
204
+ </tr>
205
+ <?php
206
+ }
207
+
208
+ if(!$theusers)
209
+ {
210
+ ?>
211
+ <tr>
212
+ <td colspan="9"><p><?php _e('No members found.', 'pmpro')?> <?php if($l) { ?><a href="?page=pmpro-memberslist&s=<?php echo esc_attr($s)?>"><?php _e('Search all levels', 'pmpro')?></a>.<?php } ?></p></td>
213
+ </tr>
214
+ <?php
215
+ }
216
+ ?>
217
+ </tbody>
218
+ </table>
219
+ </form>
220
+
221
+ <?php
222
+ echo pmpro_getPaginationString($pn, $totalrows, $limit, 1, get_admin_url(NULL, "/admin.php?page=pmpro-reports&report=login&s=" . urlencode($s)), "&l=$l&limit=$limit&pn=");
223
+ ?>
224
+ <?php
225
+ }
226
+
227
+ /*
228
+ Other code required for your reports. This file is loaded every time WP loads with PMPro enabled.
229
+ */
230
+
231
+ //track visits
232
+ function pmpro_report_login_wp_visits()
233
+ {
234
+ //don't track admin
235
+ if(is_admin())
236
+ return;
237
+
238
+ //only track logged in users
239
+ if(!is_user_logged_in())
240
+ return;
241
+
242
+ //check for cookie
243
+ if(!empty($_COOKIE['pmpro_visit']))
244
+ return;
245
+
246
+ $now = current_time('timestamp');
247
+
248
+ //set cookie, then track
249
+ setcookie("pmpro_visit", "1", NULL, COOKIEPATH, COOKIE_DOMAIN, false);
250
+
251
+ global $current_user;
252
+ //track for user
253
+ if(!empty($current_user->ID))
254
+ {
255
+ $visits = $current_user->pmpro_visits;
256
+ if(empty($visits))
257
+ $visits = array("last"=>"N/A", "thisdate"=>NULL, "month"=>0, "thismonth"=>NULL, "alltime"=>0);
258
+
259
+ //track logins for user
260
+ $visits['last'] = date(get_option("date_format"));
261
+ $visits['alltime']++;
262
+ $thismonth = date("n", $now);
263
+ if($thismonth == $visits['thismonth'])
264
+ $visits['month']++;
265
+ else
266
+ {
267
+ $visits['month'] = 1;
268
+ $visits['thismonth'] = $thismonth;
269
+ }
270
+
271
+ //update user data
272
+ update_user_meta($current_user->ID, "pmpro_visits", $visits);
273
+ }
274
+
275
+ //track for all
276
+ $visits = get_option("pmpro_visits");
277
+ if(empty($visits))
278
+ $visits = array("today"=>0, "thisdate"=>NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
279
+
280
+ $visits['alltime']++;
281
+ $thisdate = date("Y-d-m", $now);
282
+ if($thisdate == $visits['thisdate'])
283
+ $visits['today']++;
284
+ else
285
+ {
286
+ $visits['today'] = 1;
287
+ $visits['thisdate'] = $thisdate;
288
+ }
289
+ if($thismonth == $visits['thismonth'])
290
+ $visits['month']++;
291
+ else
292
+ {
293
+ $visits['month'] = 1;
294
+ $visits['thismonth'] = $thismonth;
295
+ }
296
+
297
+ update_option("pmpro_visits", $visits);
298
+ }
299
+ add_action("wp", "pmpro_report_login_wp_visits");
300
+
301
+ //we want to clear the pmpro_visit cookie on login/logout
302
+ function pmpro_report_login_clear_visit_cookie()
303
+ {
304
+ if(isset($_COOKIE['pmpro_visit']))
305
+ unset($_COOKIE['pmpro_visit']);
306
+ }
307
+ add_action("wp_login", "pmpro_report_login_clear_visit_cookie");
308
+ add_action("wp_logout", "pmpro_report_login_clear_visit_cookie");
309
+
310
+ //track views
311
+ function pmpro_report_login_wp_views()
312
+ {
313
+ //don't track admin
314
+ if(is_admin())
315
+ return;
316
+
317
+ global $current_user;
318
+ $now = current_time('timestamp');
319
+
320
+ //track for user
321
+ if(!empty($current_user->ID))
322
+ {
323
+ $views = $current_user->pmpro_views;
324
+ if(empty($views))
325
+ $views = array("last"=>"N/A", "month"=>0, "alltime"=>0);
326
+
327
+ //track logins for user
328
+ $views['last'] = date(get_option("date_format"), $now);
329
+ $views['alltime']++;
330
+ $thismonth = date("n", $now);
331
+ if(isset($views['thismonth']) && $thismonth == $views['thismonth'])
332
+ $views['month']++;
333
+ else
334
+ {
335
+ $views['month'] = 1;
336
+ $views['thismonth'] = $thismonth;
337
+ }
338
+
339
+ //update user data
340
+ update_user_meta($current_user->ID, "pmpro_views", $views);
341
+ }
342
+
343
+ //track for all
344
+ $views = get_option("pmpro_views");
345
+ if(empty($views))
346
+ $views = array("today"=>0, "thisdate"=> NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
347
+
348
+ $views['alltime']++;
349
+ $thisdate = date("Y-d-m", $now);
350
+ if($thisdate == $views['thisdate'])
351
+ $views['today']++;
352
+ else
353
+ {
354
+ $views['today'] = 1;
355
+ $views['thisdate'] = $thisdate;
356
+ }
357
+ $thismonth = date("n", $now);
358
+ if(isset($views['thismonth']) && $thismonth == $views['thismonth'])
359
+ $views['month']++;
360
+ else
361
+ {
362
+ $views['month'] = 1;
363
+ $views['thismonth'] = $thismonth;
364
+ }
365
+
366
+ update_option("pmpro_views", $views);
367
+ }
368
+ add_action("wp_head", "pmpro_report_login_wp_views");
369
+
370
+ //track logins
371
+ function pmpro_report_login_wp_login($user_login)
372
+ {
373
+ $now = current_time('timestamp');
374
+
375
+ //get user data
376
+ $user = get_user_by("login", $user_login);
377
+ $logins = $user->pmpro_logins;
378
+ if(empty($logins))
379
+ $logins = array("last"=>"N/A", "thisdate"=>NULL, "month"=>0, "thismonth"=> NULL, "alltime"=>0);
380
+
381
+ //track logins for user
382
+ $logins['last'] = date(get_option("date_format"), $now);
383
+ $logins['alltime']++;
384
+ $thismonth = date("n", $now);
385
+ if($thismonth == $logins['thismonth'])
386
+ $logins['month']++;
387
+ else
388
+ {
389
+ $logins['month'] = 1;
390
+ $logins['thismonth'] = $thismonth;
391
+ }
392
+
393
+ //update user data
394
+ update_user_meta($user->ID, "pmpro_logins", $logins);
395
+
396
+ //track logins overall
397
+ $logins = get_option("pmpro_logins");
398
+ if(empty($logins))
399
+ $logins = array("today"=>0, "thisdate"=>NULL, "month"=>0, "thismonth"=>NULL, "alltime"=>0);
400
+
401
+ $logins['alltime']++;
402
+ $thisdate = date("Y-d-m", $now);
403
+ if($thisdate == $logins['thisdate'])
404
+ $logins['today']++;
405
+ else
406
+ {
407
+ $logins['today'] = 1;
408
+ $logins['thisdate'] = $thisdate;
409
+ }
410
+ if($thismonth == $logins['thismonth'])
411
+ $logins['month']++;
412
+ else
413
+ {
414
+ $logins['month'] = 1;
415
+ $logins['thismonth'] = $thismonth;
416
+ }
417
+
418
+ update_option("pmpro_logins", $logins);
419
+ }
420
add_action("wp_login", "pmpro_report_login_wp_login");
classes/class.pmproemail.php CHANGED
@@ -48,30 +48,39 @@
48
49
//load the template
50
$locale = apply_filters("plugin_locale", get_locale(), "pmpro");
51
- if(file_exists(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"))
52
- $this->body = file_get_contents(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"); //email folder in pmpro folder in theme
53
elseif(file_exists(get_stylesheet_directory() . "/membership-email-" . $this->template . ".html"))
54
- $this->body = file_get_contents(get_stylesheet_directory() . "/membership-email-" . $this->template . ".html"); //membership- file in pmpro folder in theme
55
- elseif(file_exists(TEMPLATEPATH . "/membership-email-" . $this->template . ".html"))
56
- $this->body = file_get_contents(TEMPLATEPATH . "/membership-email-" . $this->template . ".html"); //membership- file in theme root
57
elseif(file_exists(WP_LANG_DIR . '/pmpro/email/' . $this->template . ".html"))
58
- $this->body = file_get_contents(WP_LANG_DIR . '/pmpro/email/' . $this->template . ".html"); //email folder in WP language folder
59
elseif(file_exists(PMPRO_DIR . "/languages/" . $locale . "/" . $this->template . ".html"))
60
- $this->body = file_get_contents(PMPRO_DIR . "/languages/" . $locale . "/" . $this->template . ".html"); //email folder in PMPro language folder
61
elseif(file_exists(PMPRO_DIR . "/email/" . $this->template . ".html"))
62
- $this->body = file_get_contents(PMPRO_DIR . "/email/" . $this->template . ".html"); //default template in plugin
63
elseif(!empty($this->data) && !empty($this->data['body']))
64
- $this->body = $this->data['body'];
65
66
//header and footer
67
/* This is handled for all emails via the pmpro_send_html function in paid-memberships-pro now
68
- if(file_exists(TEMPLATEPATH . "/email_header.html"))
69
{
70
- $this->body = file_get_contents(TEMPLATEPATH . "/email_header.html") . "\n" . $this->body;
71
}
72
- if(file_exists(TEMPLATEPATH . "/email_footer.html"))
73
{
74
- $this->body = $this->body . "\n" . file_get_contents(TEMPLATEPATH . "/email_footer.html");
75
}
76
*/
77
@@ -188,7 +197,7 @@
188
"membership_cost" => pmpro_getLevelCost($user->membership_level),
189
"login_link" => wp_login_url(pmpro_url("account")),
190
"display_name" => $user->display_name,
191
- "user_email" => $user->user_email,0
192
);
193
194
if(!empty($invoice) && !pmpro_isLevelFree($user->membership_level))
@@ -288,7 +297,7 @@
288
"membership_cost" => pmpro_getLevelCost($user->membership_level),
289
"login_link" => wp_login_url(pmpro_url("account")),
290
"display_name" => $user->display_name,
291
- "user_email" => $user->user_email,0
292
);
293
294
if(!empty($invoice) && !pmpro_isLevelFree($user->membership_level))
48
49
//load the template
50
$locale = apply_filters("plugin_locale", get_locale(), "pmpro");
51
+
52
+ if(file_exists(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $locale . "/" . $this->template . ".html"))
53
+ $this->body = file_get_contents(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $locale . "/" . $this->template . ".html"); //localized email folder in child theme
54
+ elseif(file_exists(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"))
55
+ $this->body = file_get_contents(get_stylesheet_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"); //email folder in child theme
56
elseif(file_exists(get_stylesheet_directory() . "/membership-email-" . $this->template . ".html"))
57
+ $this->body = file_get_contents(get_stylesheet_directory() . "/membership-email-" . $this->template . ".html"); //membership-email- file in child theme
58
+ elseif(file_exists(get_template_directory() . "/paid-memberships-pro/email/" . $locale . "/" . $this->template . ".html"))
59
+ $this->body = file_get_contents(get_template_directory() . "/paid-memberships-pro/email/" . $locale . "/" . $this->template . ".html"); //localized email folder in parent theme
60
+ elseif(file_exists(get_template_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"))
61
+ $this->body = file_get_contents(get_template_directory() . "/paid-memberships-pro/email/" . $this->template . ".html"); //email folder in parent theme
62
+ elseif(file_exists(get_template_directory() . "/membership-email-" . $this->template . ".html"))
63
+ $this->body = file_get_contents(get_template_directory() . "/membership-email-" . $this->template . ".html"); //membership-email- file in parent theme
64
+ elseif(file_exists(WP_LANG_DIR . '/pmpro/email/' . $locale . "/" . $this->template . ".html"))
65
+ $this->body = file_get_contents(WP_LANG_DIR . '/pmpro/email/' . $locale . "/" . $this->template . ".html"); //localized email folder in WP language folder
66
elseif(file_exists(WP_LANG_DIR . '/pmpro/email/' . $this->template . ".html"))
67
+ $this->body = file_get_contents(WP_LANG_DIR . '/pmpro/email/' . $this->template . ".html"); //email folder in WP language folder
68
elseif(file_exists(PMPRO_DIR . "/languages/" . $locale . "/" . $this->template . ".html"))
69
+ $this->body = file_get_contents(PMPRO_DIR . "/languages/" . $locale . "/" . $this->template . ".html"); //email folder in PMPro language folder
70
elseif(file_exists(PMPRO_DIR . "/email/" . $this->template . ".html"))
71
+ $this->body = file_get_contents(PMPRO_DIR . "/email/" . $this->template . ".html"); //default template in plugin
72
elseif(!empty($this->data) && !empty($this->data['body']))
73
+ $this->body = $this->data['body']; //data passed in
74
75
//header and footer
76
/* This is handled for all emails via the pmpro_send_html function in paid-memberships-pro now
77
+ if(file_exists(get_template_directory() . "/email_header.html"))
78
{
79
+ $this->body = file_get_contents(get_template_directory() . "/email_header.html") . "\n" . $this->body;
80
}
81
+ if(file_exists(get_template_directory() . "/email_footer.html"))
82
{
83
+ $this->body = $this->body . "\n" . file_get_contents(get_template_directory() . "/email_footer.html");
84
}
85
*/
86
197
"membership_cost" => pmpro_getLevelCost($user->membership_level),
198
"login_link" => wp_login_url(pmpro_url("account")),
199
"display_name" => $user->display_name,
200
+ "user_email" => $user->user_email,
201
);
202
203
if(!empty($invoice) && !pmpro_isLevelFree($user->membership_level))
297
"membership_cost" => pmpro_getLevelCost($user->membership_level),
298
"login_link" => wp_login_url(pmpro_url("account")),
299
"display_name" => $user->display_name,
300
+ "user_email" => $user->user_email,
301
);
302
303
if(!empty($invoice) && !pmpro_isLevelFree($user->membership_level))
includes/functions.php CHANGED
@@ -381,39 +381,62 @@ if(!function_exists("hideCardNumber"))
381
}
382
}
383
384
if(!function_exists("cleanPhone"))
385
{
386
function cleanPhone($phone)
387
{
388
//if a + is passed, just pass it along
389
if(strpos($phone, "+") !== false)
390
return $phone;
391
-
392
//clean the phone
393
$phone = str_replace("-", "", $phone);
394
$phone = str_replace(".", "", $phone);
395
$phone = str_replace("(", "", $phone);
396
$phone = str_replace(")", "", $phone);
397
$phone = str_replace(" ", "", $phone);
398
-
399
return $phone;
400
}
401
}
402
403
if(!function_exists("formatPhone"))
404
{
405
function formatPhone($phone)
406
{
407
- $phone = cleanPhone($phone);
408
409
- if(strlen($phone) == 11)
410
- return substr($phone, 0, 1) . " (" . substr($phone, 1, 3) . ") " . substr($phone, 4, 3) . "-" . substr($phone, 7, 4);
411
- elseif(strlen($phone) == 10)
412
- return "(" . substr($phone, 0, 3) . ") " . substr($phone, 3, 3) . "-" . substr($phone, 6, 4);
413
- elseif(strlen($phone) == 7)
414
- return substr($phone, 0, 3) . "-" . substr($phone, 3, 4);
415
- else
416
- return $phone;
417
}
418
}
419
381
}
382
}
383
384
+ //check for existing functions since we didn't use a prefix for this function
385
if(!function_exists("cleanPhone"))
386
{
387
+ /**
388
+ * Function to remove special characters from a phone number.
389
+ * NOTE: Could probably replace with preg_replace("[^0-9]", "", $phone)
390
+ *
391
+ * @since 1.0
392
+ *
393
+ * @param string $phone The phone number to clean.
394
+ */
395
function cleanPhone($phone)
396
{
397
//if a + is passed, just pass it along
398
if(strpos($phone, "+") !== false)
399
return $phone;
400
//clean the phone
401
$phone = str_replace("-", "", $phone);
402
$phone = str_replace(".", "", $phone);
403
$phone = str_replace("(", "", $phone);
404
$phone = str_replace(")", "", $phone);
405
$phone = str_replace(" ", "", $phone);
406
return $phone;
407
}
408
}
409
410
+ //check for existing functions since we didn't use a prefix for this function
411
if(!function_exists("formatPhone"))
412
{
413
+ /**
414
+ * Function to format a phone number.
415
+ *
416
+ * @since 1.0
417
+ *
418
+ * @param string $phone The phone number to format.
419
+ */
420
function formatPhone($phone)
421
{
422
+ $r = cleanPhone($phone);
423
424
+ if(strlen($r) == 11)
425
+ $r = substr($r, 0, 1) . " (" . substr($r, 1, 3) . ") " . substr($r, 4, 3) . "-" . substr($r, 7, 4);
426
+ elseif(strlen($r) == 10)
427
+ $r = "(" . substr($r, 0, 3) . ") " . substr($r, 3, 3) . "-" . substr($r, 6, 4);
428
+ elseif(strlen($r) == 7)
429
+ $r = substr($r, 0, 3) . "-" . substr($r, 3, 4);
430
+
431
+ /**
432
+ * Filter to do more or less cleaning of phone numbers.
433
+ *
434
+ * @since 1.8.4.4
435
+ *
436
+ * @param string $r The formatted phone number.
437
+ * @param string $phone The original phone number.
438
+ */
439
+ return apply_filters('pmpro_format_phone', $r, $phone);
440
}
441
}
442
includes/init.php CHANGED
@@ -129,6 +129,8 @@ function pmpro_wp()
129
ob_start();
130
if(file_exists(get_stylesheet_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php"))
131
include(get_stylesheet_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php");
132
else
133
include(PMPRO_DIR . "/pages/" . $pmpro_page_name . ".php");
134
129
ob_start();
130
if(file_exists(get_stylesheet_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php"))
131
include(get_stylesheet_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php");
132
+ elseif(file_exists(get_template_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php"))
133
+ include(get_template_directory() . "/paid-memberships-pro/pages/" . $pmpro_page_name . ".php");
134
else
135
include(PMPRO_DIR . "/pages/" . $pmpro_page_name . ".php");
136
paid-memberships-pro.php CHANGED
@@ -3,7 +3,7 @@
3
Plugin Name: Paid Memberships Pro
4
Plugin URI: http://www.paidmembershipspro.com
5
Description: Plugin to Handle Memberships
6
- Version: 1.8.4.2
7
Author: Stranger Studios
8
Author URI: http://www.strangerstudios.com
9
*/
@@ -13,7 +13,7 @@ Author URI: http://www.strangerstudios.com
13
*/
14
15
//version constant
16
- define("PMPRO_VERSION", "1.8.4.2");
17
18
//if the session has been started yet, start it (ignore if running from command line)
19
if(defined('STDIN') )
3
Plugin Name: Paid Memberships Pro
4
Plugin URI: http://www.paidmembershipspro.com
5
Description: Plugin to Handle Memberships
6
+ Version: 1.8.4.4
7
Author: Stranger Studios
8
Author URI: http://www.strangerstudios.com
9
*/
13
*/
14
15
//version constant
16
+ define("PMPRO_VERSION", "1.8.4.4");
17
18
//if the session has been started yet, start it (ignore if running from command line)
19
if(defined('STDIN') )
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: strangerstudios
3
Tags: memberships, membership, authorize.net, ecommerce, paypal, stripe, braintree, restrict access, restrict content, directory site, payflow
4
Requires at least: 3.5
5
Tested up to: 4.2.2
6
- Stable tag: 1.8.4.2
7
8
The easiest way to GET PAID with your WordPress site. Flexible content control by Membership Level, Reports, Affiliates and Discounts
9
@@ -102,6 +102,16 @@ Not sure? You can find out by doing a bit a research.
102
4. Offer Membership Discounts with specific price rules (restricted by level, unique pricing for each level, # of uses, expiration date.)
103
104
== Changelog ==
105
= 1.8.4.2 =
106
* BUG: Fixed bug where dropdown to set the account page in the page settings was showing up twice.
107
* BUG: Fixed warning in pmpro_account shortcode.
3
Tags: memberships, membership, authorize.net, ecommerce, paypal, stripe, braintree, restrict access, restrict content, directory site, payflow
4
Requires at least: 3.5
5
Tested up to: 4.2.2
6
+ Stable tag: 1.8.4.4
7
8
The easiest way to GET PAID with your WordPress site. Flexible content control by Membership Level, Reports, Affiliates and Discounts
9
102
4. Offer Membership Discounts with specific price rules (restricted by level, unique pricing for each level, # of uses, expiration date.)
103
104
== Changelog ==
105
+ = 1.8.4.4 =
106
+ * BUG: Fixed issue where subscriptions cancelled at Stripe wouldn't cancel the related PMPro membership if the membership was created after updating to v1.8. (Thank, Ninjami-Juho)
107
+ * BUG: Now tracking "views" when the wp_head hook is fired instead of the "wp" hook. Previously page redirects and AJAX calls might have been counted as "views". Using wp_head will result in more accurate numbers (compared to something like Google Analytics, e.g.). Also note that the number of views will now be much much lower than before on some sites. (Thanks, Michael Cummings)
108
+ * BUG: Fixed loading of email templates from language folders in themes, child themes, and languages folder. (Thanks, Karel Martens)
109
+ * ENHANCEMENT: Added the pmpro_format_phone filter to change how phone numbers are formated. Param 1 is $r, the formatted phone number. Param 2 is $phone, the original phone number.
110
+ * ENHANCEMENT: Added doc blocks to cleanPhone and formatPhone functions and the new pmpro_format_phone filter.
111
+
112
+ = 1.8.4.3 =
113
+ * SECURITY PATCH: Fixes to Cross Site Scripting vulnerabilities in the PMPro settings pages in the WordPress dashboard. [Advisory ID HTB23264](https://www.htbridge.com/advisory/HTB23264). (Thanks, High-Tech Bridge Security Research Lab)
114
+
115
= 1.8.4.2 =
116
* BUG: Fixed bug where dropdown to set the account page in the page settings was showing up twice.
117
* BUG: Fixed warning in pmpro_account shortcode.
services/stripe-webhook.php CHANGED
@@ -320,10 +320,11 @@
320
global $wpdb;
321
322
$customer_id = $event->data->object->customer;
323
$plan_id = $event->data->object->plan->id;
324
325
//look up the order
326
- $sqlQuery = "SELECT user_id FROM $wpdb->pmpro_membership_orders WHERE subscription_transaction_id = '" . esc_sql($customer_id) . "' ";
327
if($status)
328
$sqlQuery .= " AND status='" . esc_sql($status) . "' ";
329
if($checkplan)
320
global $wpdb;
321
322
$customer_id = $event->data->object->customer;
323
+ $subscription_id = $event->data->object->id;
324
$plan_id = $event->data->object->plan->id;
325
326
//look up the order
327
+ $sqlQuery = "SELECT user_id FROM $wpdb->pmpro_membership_orders WHERE (subscription_transaction_id = '" . esc_sql($customer_id) . "' OR subscription_transaction_id = '" . esc_sql($subscription_id) . "') ";
328
if($status)
329
$sqlQuery .= " AND status='" . esc_sql($status) . "' ";
330
if($checkplan)