Paid Memberships Pro - Version 2.3.3

Version Description

  • 2020-05-13 =
  • SECURITY: Fixed SQL injection vulnerability when logged in as an administrator and adding new orders in the dashboard. JVN#20248858 (Thanks, Kenichi Okuno of Mitsui Bussan Secure Directions, Inc)
  • SECURITY: Making sure to properly escape all values on the add/edit order form in the dashboard.
  • BUG FIX: Now properly setting the order status to "error" when an initial payment fails when using PayPal Express. Before the order status would be set as "cancelled", which would count the order toward reports and make it harder to find orders that had errors. (Thanks, Mirco Babini)
  • BUG FIX: Fixed issue with the PMPro logo and some other assets loading over the wrong schema (http vs https) in some cases.
  • BUG FIX: Fixed issue where the chosen discount code was not shown after submitting when adding a new order through the dashboard.
  • BUG FIX/ENHANCEMENT: Using "PMPro" in the admin activity email subject to keep the line shorter and avoid issues when replacing the word "member" via gettext.
  • ENHANCEMENT: Added a pmpro_allow_weak_passwords filter. You can set this to return true (like this https://gist.github.com/ideadude/5a12119b9ce1c2aad87b2d69cb8f9505) to allow weak passwords on the change password and reset password pages. Note that at this time, weak passwords are still allowed on the checkout page no matter the value of this filter. We expect to change that in the future. For now, you can use our PMPro Strong Passwords plugin to force strong passwords at checkout.
  • REFACTOR: Updated the logic around checking the PMPRO_IPN_DEBUG constant in the IPN handler. (Thanks, Mirco Babini)
Download this release

Release Info

Developer strangerstudios
Plugin Icon 128x128 Paid Memberships Pro
Version 2.3.3
Comparing to
See all releases

Code changes from version 2.3.2 to 2.3.3

CHANGELOG.txt CHANGED
@@ -1,11 +1,22 @@
1
== Changelog ==
2
- = 2.3.2 2020-05-07 =
3
* BUG FIX: Fixed errors calling is_main_query() that came up with certain themes.
4
* BUG FIX: Fixed typo in the pmpro_account_profile_action_links filter.
5
* BUG FIX/ENHANCEMENT: Added a new force parameter to the pmpro_getAllLevels() function. This is used by the Multisite Membership Add On to fix an issue where levels were missing or incorrect on the subsites.
6
* ENHANCEMENT: Removed mention of the ezAdsense plugin, which has been discontinued.
7
8
- = 2.3.1 2020-05-01 =
9
* BUG FIX: Fixed infinite redirect issue if no account page was set. Fixed a few other places where we do is_page() type checks just in case.
10
* BUG FIX: Fixed issue where all pages were retitled to Welcome when logged in, if no login page was set.
11
* BUG FIX: Fixed issue with BuddyBoss and other themes/plugins that use the_title filter with only one parameter.
1
== Changelog ==
2
+ = 2.3.3 - 2020-05-13 =
3
+ * SECURITY: Fixed SQL injection vulnerability when logged in as an administrator and adding new orders in the dashboard. JVN#20248858 (Thanks, Kenichi Okuno of Mitsui Bussan Secure Directions, Inc)
4
+ * SECURITY: Making sure to properly escape all values on the add/edit order form in the dashboard.
5
+ * BUG FIX: Now properly setting the order status to "error" when an initial payment fails when using PayPal Express. Before the order status would be set as "cancelled", which would count the order toward reports and make it harder to find orders that had errors. (Thanks, Mirco Babini)
6
+ * BUG FIX: Fixed issue with the PMPro logo and some other assets loading over the wrong schema (http vs https) in some cases.
7
+ * BUG FIX: Fixed issue where the chosen discount code was not shown after submitting when adding a new order through the dashboard.
8
+ * BUG FIX/ENHANCEMENT: Using "PMPro" in the admin activity email subject to keep the line shorter and avoid issues when replacing the word "member" via gettext.
9
+ * ENHANCEMENT: Added a pmpro_allow_weak_passwords filter. You can set this to return true (like this https://gist.github.com/ideadude/5a12119b9ce1c2aad87b2d69cb8f9505) to allow weak passwords on the change password and reset password pages. Note that at this time, weak passwords are still allowed on the checkout page no matter the value of this filter. We expect to change that in the future. For now, you can use our PMPro Strong Passwords plugin to force strong passwords at checkout.
10
+ * REFACTOR: Updated the logic around checking the PMPRO_IPN_DEBUG constant in the IPN handler. (Thanks, Mirco Babini)
11
+
12
+ = 2.3.2 - 2020-05-07 =
13
* BUG FIX: Fixed errors calling is_main_query() that came up with certain themes.
14
* BUG FIX: Fixed typo in the pmpro_account_profile_action_links filter.
15
* BUG FIX/ENHANCEMENT: Added a new force parameter to the pmpro_getAllLevels() function. This is used by the Multisite Membership Add On to fix an issue where levels were missing or incorrect on the subsites.
16
* ENHANCEMENT: Removed mention of the ezAdsense plugin, which has been discontinued.
17
+ * ENHANCEMENT: Added $recipient param in sendAdminActivity() function so you can send additional activity emails like this https://gist.github.com/dparker1005/6bf650370a12aef44adf8c8c26d3e906
18
19
+ = 2.3.1 - 2020-05-01 =
20
* BUG FIX: Fixed infinite redirect issue if no account page was set. Fixed a few other places where we do is_page() type checks just in case.
21
* BUG FIX: Fixed issue where all pages were retitled to Welcome when logged in, if no login page was set.
22
* BUG FIX: Fixed issue with BuddyBoss and other themes/plugins that use the_title filter with only one parameter.
adminpages/orders.php CHANGED
@@ -291,11 +291,8 @@ if ( ! empty( $_REQUEST['save'] ) ) {
291
292
// save
293
if ( $order->saveOrder() !== false && $nonceokay ) {
294
- // also update the discount code if needed
295
- if( isset( $_REQUEST['discount_code_id'] ) ) {
296
- $order->updateDiscountCode( intval( $_REQUEST['discount_code_id'] ) );
297
- }
298
-
299
// handle timestamp
300
if ( $order->updateTimestamp( intval( $_POST['ts_year'] ), intval( $_POST['ts_month'] ), intval( $_POST['ts_day'] ), intval( $_POST['ts_hour'] ) . ':' . intval( $_POST['ts_minute'] ) . ':00' ) !== false ) {
301
$pmpro_msg = __( 'Order saved successfully.', 'paid-memberships-pro' );
@@ -308,6 +305,11 @@ if ( ! empty( $_REQUEST['save'] ) ) {
308
$pmpro_msg = __( 'Error saving order.', 'paid-memberships-pro' );
309
$pmpro_msgt = 'error';
310
}
311
} else {
312
// order passed?
313
if ( ! empty( $_REQUEST['order'] ) ) {
@@ -371,9 +373,9 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
371
<?php if ( ! empty( $order ) ) { ?>
372
373
<?php if ( ! empty( $order->id ) ) { ?>
374
- <h1 class="wp-heading-inline"><?php esc_html_e( 'Order', 'paid-memberships-pro' ); ?> #<?php echo $order->id; ?>: <?php echo $order->code; ?></h1>
375
- <a title="<?php _e( 'Print', 'paid-memberships-pro' ); ?>" href="<?php echo add_query_arg( array( 'action' => 'pmpro_orders_print_view', 'order' => $order->id ), admin_url('admin-ajax.php' ) ); ?>" class="page-title-action" target="_blank" ><?php _e( 'Print', 'paid-memberships-pro' ); ?></a>
376
- <a title="<?php _e( 'Email', 'paid-memberships-pro' ); ?>" href="#TB_inline?width=600&height=200&inlineId=email_invoice" class="thickbox email_link page-title-action" data-order="<?php echo $order->id; ?>"><?php _e( 'Email', 'paid-memberships-pro' ); ?></a>
377
<?php } else { ?>
378
<h1 class="wp-heading-inline"><?php esc_html_e( 'New Order', 'paid-memberships-pro' ); ?></h1>
379
<?php } ?>
@@ -401,7 +403,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
401
<td>
402
<?php
403
if ( ! empty( $order->id ) ) {
404
- echo $order->id;
405
} else {
406
echo '<p class="description">' . __( 'This will be generated when you save.', 'paid-memberships-pro' ) . '</p>';
407
}
@@ -414,14 +416,14 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
414
<td>
415
<?php
416
if ( in_array( 'code', $read_only_fields ) ) {
417
- echo $order->code;
418
} else { ?>
419
<input id="code" name="code" type="text" value="<?php echo esc_attr( $order->code ); ?>" class="regular-text" />
420
<?php
421
}
422
?>
423
<?php if ( $order_id < 0 ) { ?>
424
- <p class="description"><?php _e( 'Randomly generated for you.', 'paid-memberships-pro' ); ?></p>
425
<?php } ?>
426
</td>
427
</tr>
@@ -430,7 +432,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
430
<td>
431
<?php
432
if ( in_array( 'user_id', $read_only_fields ) && $order_id > 0 ) {
433
- echo $order->user_id;
434
} else { ?>
435
<input id="user_id" name="user_id" type="text" value="<?php echo esc_attr( $order->user_id ); ?>" class="regular-text" />
436
<?php
@@ -439,11 +441,11 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
439
</td>
440
</tr>
441
<tr>
442
- <th scope="row" valign="top"><label for="membership_id"><?php _e( 'Membership Level ID', 'paid-memberships-pro' ); ?>:</label></th>
443
<td>
444
<?php
445
if ( in_array( 'membership_id', $read_only_fields ) && $order_id > 0 ) {
446
- echo $order->membership_id;
447
} else { ?>
448
<input id="membership_id" name="membership_id" type="text" value="<?php echo esc_attr( $order->membership_id ); ?>" class="regular-text" />
449
<?php
@@ -452,12 +454,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
452
</td>
453
</tr>
454
<tr>
455
- <th scope="row" valign="top"><label for="billing_name"><?php _e( 'Billing Name', 'paid-memberships-pro' ); ?>:</label>
456
</th>
457
<td>
458
<?php
459
if ( in_array( 'billing_name', $read_only_fields ) && $order_id > 0 ) {
460
- echo $order->billing_name;
461
} else {
462
?>
463
<input id="billing_name" name="billing_name" type="text" size="50"
@@ -466,12 +468,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
466
</td>
467
</tr>
468
<tr>
469
- <th scope="row" valign="top"><label for="billing_street"><?php _e( 'Billing Street', 'paid-memberships-pro' ); ?>
470
:</label></th>
471
<td>
472
<?php
473
if ( in_array( 'billing_street', $read_only_fields ) && $order_id > 0 ) {
474
- echo $order->billing_street;
475
} else {
476
?>
477
<input id="billing_street" name="billing_street" type="text" size="50"
@@ -479,12 +481,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
479
<?php } ?>
480
</tr>
481
<tr>
482
- <th scope="row" valign="top"><label for="billing_city"><?php _e( 'Billing City', 'paid-memberships-pro' ); ?>:</label>
483
</th>
484
<td>
485
<?php
486
if ( in_array( 'billing_city', $read_only_fields ) && $order_id > 0 ) {
487
- echo $order->billing_city;
488
} else {
489
?>
490
<input id="billing_city" name="billing_city" type="text" size="50"
@@ -492,12 +494,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
492
<?php } ?>
493
</tr>
494
<tr>
495
- <th scope="row" valign="top"><label for="billing_state"><?php _e( 'Billing State', 'paid-memberships-pro' ); ?>
496
:</label></th>
497
<td>
498
<?php
499
if ( in_array( 'billing_state', $read_only_fields ) && $order_id > 0 ) {
500
- echo $order->billing_state;
501
} else {
502
?>
503
<input id="billing_state" name="billing_state" type="text" size="50"
@@ -505,12 +507,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
505
<?php } ?>
506
</tr>
507
<tr>
508
- <th scope="row" valign="top"><label for="billing_zip"><?php _e( 'Billing Postal Code', 'paid-memberships-pro' ); ?>
509
:</label></th>
510
<td>
511
<?php
512
if ( in_array( 'billing_zip', $read_only_fields ) && $order_id > 0 ) {
513
- echo $order->billing_zip;
514
} else {
515
?>
516
<input id="billing_zip" name="billing_zip" type="text" size="50"
@@ -518,12 +520,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
518
<?php } ?>
519
</tr>
520
<tr>
521
- <th scope="row" valign="top"><label for="billing_country"><?php _e( 'Billing Country', 'paid-memberships-pro' ); ?>
522
:</label></th>
523
<td>
524
<?php
525
if ( in_array( 'billing_country', $read_only_fields ) && $order_id > 0 ) {
526
- echo $order->billing_country;
527
} else {
528
?>
529
<input id="billing_country" name="billing_country" type="text" size="50"
@@ -532,12 +534,12 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
532
</td>
533
</tr>
534
<tr>
535
- <th scope="row" valign="top"><label for="billing_phone"><?php _e( 'Billing Phone', 'paid-memberships-pro' ); ?>
536
:</label></th>
537
<td>
538
<?php
539
if ( in_array( 'billing_phone', $read_only_fields ) && $order_id > 0 ) {
540
- echo $order->billing_phone;
541
} else {
542
?>
543
<input id="billing_phone" name="billing_phone" type="text" size="50"
@@ -562,7 +564,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
562
$codes = $wpdb->get_results($sqlQuery, OBJECT);
563
if ( ! empty( $codes ) ) { ?>
564
<tr>
565
- <th scope="row" valign="top"><label for="discount_code_id"><?php _e( 'Discount Code', 'paid-memberships-pro' ); ?>:</label></th>
566
<td>
567
<?php
568
if ( in_array( 'discount_code_id', $read_only_fields ) && $order_id > 0 ) {
@@ -588,7 +590,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
588
<td>
589
<?php
590
if ( in_array( 'subtotal', $read_only_fields ) && $order_id > 0 ) {
591
- echo $order->subtotal;
592
} else {
593
?>
594
<input id="subtotal" name="subtotal" type="text" size="10"
@@ -597,11 +599,11 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
597
</td>
598
</tr>
599
<tr>
600
- <th scope="row" valign="top"><label for="tax"><?php _e( 'Tax', 'paid-memberships-pro' ); ?>:</label></th>
601
<td>
602
<?php
603
if ( in_array( 'tax', $read_only_fields ) && $order_id > 0 ) {
604
- echo $order->tax;
605
} else {
606
?>
607
<input id="tax" name="tax" type="text" size="10"
@@ -610,86 +612,85 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
610
</td>
611
</tr>
612
<tr>
613
- <th scope="row" valign="top"><label for="couponamount"><?php _e( 'Coupon Amount', 'paid-memberships-pro' ); ?>:</label>
614
</th>
615
<td>
616
<?php
617
if ( in_array( 'couponamount', $read_only_fields ) && $order_id > 0 ) {
618
- echo $order->couponamount;
619
} else {
620
- ?>
621
- <input id="couponamount" name="couponamount" type="text" size="10"
622
- value="<?php echo esc_attr( $order->couponamount ); ?>"/>
623
<?php } ?>
624
</td>
625
</tr>
626
<tr>
627
- <th scope="row" valign="top"><label for="total"><?php _e( 'Total', 'paid-memberships-pro' ); ?>:</label></th>
628
<td>
629
<?php
630
if ( in_array( 'total', $read_only_fields ) && $order_id > 0 ) {
631
- echo $order->total;
632
} else {
633
?>
634
<input id="total" name="total" type="text" size="10"
635
value="<?php echo esc_attr( $order->total ); ?>"/>
636
<?php } ?>
637
- <p class="description"><?php _e( 'Should be subtotal + tax - couponamount.', 'paid-memberships-pro' ); ?></p>
638
</td>
639
</tr>
640
641
<tr>
642
- <th scope="row" valign="top"><label for="payment_type"><?php _e( 'Payment Type', 'paid-memberships-pro' ); ?>:</label>
643
</th>
644
<td>
645
<?php
646
if ( in_array( 'payment_type', $read_only_fields ) && $order_id > 0 ) {
647
- echo $order->payment_type;
648
} else {
649
?>
650
<input id="payment_type" name="payment_type" type="text" size="50"
651
value="<?php echo esc_attr( $order->payment_type ); ?>"/>
652
<?php } ?>
653
- <p class="description"><?php _e( 'e.g. PayPal Express, PayPal Standard, Credit Card.', 'paid-memberships-pro' ); ?></p>
654
</td>
655
</tr>
656
<tr>
657
- <th scope="row" valign="top"><label for="cardtype"><?php _e( 'Card Type', 'paid-memberships-pro' ); ?></label></th>
658
<td>
659
<?php
660
if ( in_array( 'cardtype', $read_only_fields ) && $order_id > 0 ) {
661
- echo $order->cardtype;
662
} else {
663
?>
664
<input id="cardtype" name="cardtype" type="text" size="50"
665
value="<?php echo esc_attr( $order->cardtype ); ?>"/>
666
<?php } ?>
667
- <p class="description"><?php _e( 'e.g. Visa, MasterCard, AMEX, etc', 'paid-memberships-pro' ); ?></p>
668
</td>
669
</tr>
670
<tr>
671
- <th scope="row" valign="top"><label for="accountnumber"><?php _e( 'Account Number', 'paid-memberships-pro' ); ?>
672
:</label></th>
673
<td>
674
<?php
675
if ( in_array( 'accountnumber', $read_only_fields ) && $order_id > 0 ) {
676
- echo $order->accountnumber;
677
} else {
678
?>
679
<input id="accountnumber" name="accountnumber" type="text" size="50"
680
value="<?php echo esc_attr( $order->accountnumber ); ?>"/>
681
<?php } ?>
682
- <p class="description"><?php _e( 'Obscure all but last 4 digits.', 'paid-memberships-pro' ); ?></p>
683
</td>
684
</tr>
685
<?php
686
if ( in_array( 'ExpirationDate', $read_only_fields ) && $order_id > 0 ) {
687
- echo $order->ExpirationDate;
688
} else {
689
?>
690
<tr>
691
<th scope="row" valign="top"><label
692
- for="expirationmonth"><?php _e( 'Expiration Month', 'paid-memberships-pro' ); ?>:</label></th>
693
<td>
694
<input id="expirationmonth" name="expirationmonth" type="text" size="10"
695
value="<?php echo esc_attr( $order->expirationmonth ); ?>"/>
@@ -697,7 +698,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
697
</td>
698
</tr>
699
<tr>
700
- <th scope="row" valign="top"><label for="expirationyear"><?php _e( 'Expiration Year', 'paid-memberships-pro' ); ?>
701
:</label></th>
702
<td>
703
<input id="expirationyear" name="expirationyear" type="text" size="10"
@@ -707,11 +708,11 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
707
</tr>
708
<?php } ?>
709
<tr>
710
- <th scope="row" valign="top"><label for="status"><?php _e( 'Status', 'paid-memberships-pro' ); ?>:</label></th>
711
<td>
712
<?php
713
if ( in_array( 'status', $read_only_fields ) && $order_id > 0 ) {
714
- echo $order->status;
715
} else { ?>
716
<?php
717
$statuses = pmpro_getOrderStatuses();
@@ -719,7 +720,7 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
719
<select id="status" name="status">
720
<?php foreach ( $statuses as $status ) { ?>
721
<option
722
- value="<?php echo esc_attr( $status ); ?>" <?php selected( $order->status, $status ); ?>><?php echo $status; ?></option>
723
<?php } ?>
724
</select>
725
<?php
@@ -729,47 +730,39 @@ if ( function_exists( 'pmpro_add_email_order_modal' ) ) {
729
</tr>
730
731
<tr>
732
- <th scope="row" valign="top"><label for="gateway"><?php _e( 'Gateway', 'paid-memberships-pro' ); ?>:</label></th>
733
<td>
734
<?php
735
if ( in_array( 'gateway', $read_only_fields ) && $order_id > 0 ) {
736
- echo $order->gateway;
737
} else {
738
- ?>
739
- <select id="gateway" name="gateway" onchange="pmpro_changeGateway(jQuery(this).val());">
740
- <?php
741
- $pmpro_gateways = pmpro_gateways();
742
- foreach ( $pmpro_gateways as $pmpro_gateway_name => $pmpro_gateway_label ) {
743
- ?>
744
- <option
745
- value="<?php echo esc_attr( $pmpro_gateway_name ); ?>" <?php selected( $order->gateway, $pmpro_gateway_name ); ?>><?php echo $pmpro_gateway_label; ?></option>
746
- <?php
747
- }
748
- ?>
749
- </select>
750
- <?php } ?>
751
</td>
752
</tr>
753
<tr>
754
<th scope="row" valign="top"><label
755
- for="gateway_environment"><?php _e( 'Gateway Environment', 'paid-memberships-pro' ); ?>:</label></th>
756
<td>
757
<?php
758
if ( in_array( 'gateway_environment', $read_only_fields ) && $order_id > 0 ) {
759
- echo $order->gateway_environment;
760
} else {
761
- ?>
762
- <select name="gateway_environment">
763
- <option value="sandbox"
764
- <?php
765
- if ( $order->gateway_environment == 'sandbox' ) {
766
?>
767
- selected="selected"<?php } ?>><?php _e( 'Sandbox/Testing', 'paid-memberships-pro' ); ?></option>
768
- <option value="live"
769
- <?php
770
- if ( $order->gateway_environment == 'live' ) {
771
- ?>
772
- selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro' ); ?></option>
773
</select>
774
<?php } ?>
775
</td>
@@ -781,18 +774,18 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
781
<td>
782
<?php
783
if ( in_array( 'payment_transaction_id', $read_only_fields ) && $order_id > 0 ) {
784
- echo $order->payment_transaction_id;
785
} else {
786
?>
787
<input id="payment_transaction_id" name="payment_transaction_id" type="text" size="50"
788
value="<?php echo esc_attr( $order->payment_transaction_id ); ?>"/>
789
<?php } ?>
790
- <p class="description"><?php _e( 'Generated by the gateway. Useful to cross reference orders.', 'paid-memberships-pro' ); ?></p>
791
</td>
792
</tr>
793
<tr>
794
<th scope="row" valign="top"><label
795
- for="subscription_transaction_id"><?php _e( 'Subscription Transaction ID', 'paid-memberships-pro' ); ?>
796
:</label></th>
797
<td>
798
<?php
@@ -803,43 +796,41 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
803
<input id="subscription_transaction_id" name="subscription_transaction_id" type="text" size="50"
804
value="<?php echo esc_attr( $order->subscription_transaction_id ); ?>"/>
805
<?php } ?>
806
- <p class="description"><?php _e( 'Generated by the gateway. Useful to cross reference subscriptions.', 'paid-memberships-pro' ); ?></p>
807
</td>
808
</tr>
809
810
<tr>
811
- <th scope="row" valign="top"><label for="ts_month"><?php _e( 'Date', 'paid-memberships-pro' ); ?>:</label></th>
812
<td>
813
<?php
814
if ( in_array( 'timestamp', $read_only_fields ) && $order_id > 0 ) {
815
- echo date_i18n( get_option( 'date_format' ) . ' ' . get_option( 'time_format' ), $order->timestamp );
816
} else {
817
- ?>
818
- <?php
819
- // set up date vars
820
- if ( ! empty( $order->timestamp ) ) {
821
- $timestamp = $order->timestamp;
822
- } else {
823
- $timestamp = current_time( 'timestamp' );
824
- }
825
-
826
- $year = date( 'Y', $timestamp );
827
- $month = date( 'n', $timestamp );
828
- $day = date( 'j', $timestamp );
829
- $hour = date( 'H', $timestamp );
830
- $minute = date( 'i', $timestamp );
831
- $second = date( 's', $timestamp );
832
- ?>
833
- <select id="ts_month" name="ts_month">
834
- <?php
835
- for ( $i = 1; $i < 13; $i ++ ) {
836
- ?>
837
- <option value="<?php echo esc_attr( $i ); ?>" <?php selected( $i, $month ); ?>>
838
- <?php echo esc_html( date_i18n( 'F', mktime( 0, 0, 0, $i, 2 ) ) ); ?>
839
- </option>
840
- <?php
841
- }
842
- ?>
843
</select>
844
<input name="ts_day" type="text" size="2" value="<?php echo esc_attr( $day ); ?>"/>
845
<input name="ts_year" type="text" size="4" value="<?php echo esc_attr( $year ); ?>"/>
@@ -855,30 +846,28 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
855
if ( ! empty( $affiliates ) ) {
856
?>
857
<tr>
858
- <th scope="row" valign="top"><label for="affiliate_id"><?php _e( 'Affiliate ID', 'paid-memberships-pro' ); ?>
859
:</label></th>
860
<td>
861
<?php
862
if ( in_array( 'affiliate_id', $read_only_fields ) && $order_id > 0 ) {
863
- echo $order->affiliate_id;
864
} else {
865
- ?>
866
- <input id="affiliate_id" name="affiliate_id" type="text" size="50"
867
- value="<?php echo esc_attr( $order->affiliate_id ); ?>"/>
868
<?php } ?>
869
</td>
870
</tr>
871
<tr>
872
- <th scope="row" valign="top"><label for="affiliate_subid"><?php _e( 'Affiliate SubID', 'paid-memberships-pro' ); ?>
873
:</label></th>
874
<td>
875
<?php
876
if ( in_array( 'affiliate_subid', $read_only_fields ) && $order_id > 0 ) {
877
- echo $order->affiliate_subid;
878
} else {
879
- ?>
880
- <input id="affiliate_subid" name="affiliate_subid" type="text" size="50"
881
- value="<?php echo esc_attr( $order->affiliate_subid ); ?>"/>
882
<?php } ?>
883
</td>
884
</tr>
@@ -891,14 +880,13 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
891
if( !empty( $tospage_id ) || !empty( $consent_entry ) ) {
892
?>
893
<tr>
894
- <th scope="row" valign="top"><label for="tos_consent"><?php _e( 'TOS Consent', 'paid-memberships-pro' ); ?>:</label></th>
895
<td id="tos_consent">
896
<?php
897
-
898
if( !empty( $consent_entry ) ) {
899
- echo pmpro_consent_to_text( $consent_entry );
900
} else {
901
- echo __( 'N/A' );
902
}
903
?>
904
</td>
@@ -906,17 +894,15 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
906
<?php
907
}
908
?>
909
-
910
<tr>
911
- <th scope="row" valign="top"><label for="notes"><?php _e( 'Notes', 'paid-memberships-pro' ); ?>:</label></th>
912
<td>
913
<?php
914
- if ( in_array( 'notes', $read_only_fields ) && $order_id > 0 ) {
915
- echo $order->notes;
916
} else {
917
- ?>
918
- <textarea id="notes" name="notes" rows="5"
919
- cols="80"><?php echo esc_textarea( $order->notes ); ?></textarea>
920
<?php } ?>
921
</td>
922
</tr>
@@ -930,15 +916,15 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
930
<input name="order" type="hidden" value="
931
<?php
932
if ( ! empty( $order->id ) ) {
933
- echo $order->id;
934
} else {
935
- echo $order_id;
936
}
937
?>
938
"/>
939
- <input name="save" type="submit" class="button-primary" value="<?php _e( 'Save Order', 'paid-memberships-pro' ); ?>"/>
940
- <input name="cancel" type="button" class="cancel button-secondary" value="<?php _e( 'Cancel', 'paid-memberships-pro' ); ?>"
941
- onclick="location.href='<?php echo get_admin_url( null, '/admin.php?page=pmpro-orders' ); ?>';"/>
942
</p>
943
944
</form>
@@ -948,7 +934,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
948
<form id="posts-filter" method="get" action="">
949
950
<h1 class="wp-heading-inline"><?php esc_html_e( 'Orders', 'paid-memberships-pro' ); ?></h1>
951
- <a href="<?php echo add_query_arg( array( 'page' => 'pmpro-orders', 'order' => -1 ), get_admin_url(null, 'admin.php' ) ); ?>" class="page-title-action"><?php esc_html_e( 'Add New Order', 'paid-memberships-pro' ); ?></a>
952
953
<?php
954
// build the export URL
@@ -969,7 +955,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
969
);
970
$export_url = add_query_arg( $url_params, $export_url );
971
?>
972
- <a target="_blank" href="<?php echo $export_url; ?>" class="page-title-action"><?php _e( 'Export to CSV', 'paid-memberships-pro' ); ?></a>
973
974
<hr class="wp-header-end">
975
@@ -989,31 +975,31 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
989
990
<ul class="subsubsub">
991
<li>
992
- <?php _e( 'Show', 'paid-memberships-pro' ); ?>
993
<select id="filter" name="filter">
994
- <option value="all" <?php selected( $filter, 'all' ); ?>><?php _e( 'All', 'paid-memberships-pro' ); ?></option>
995
<option
996
- value="within-a-date-range" <?php selected( $filter, 'within-a-date-range' ); ?>><?php _e( 'Within a Date Range', 'paid-memberships-pro' ); ?></option>
997
<option
998
- value="predefined-date-range" <?php selected( $filter, 'predefined-date-range' ); ?>><?php _e( 'Predefined Date Range', 'paid-memberships-pro' ); ?></option>
999
<option
1000
- value="within-a-level" <?php selected( $filter, 'within-a-level' ); ?>><?php _e( 'Within a Level', 'paid-memberships-pro' ); ?></option>
1001
<option
1002
- value="with-discount-code" <?php selected( $filter, 'with-discount-code' ); ?>><?php _e( 'With a Discount Code', 'paid-memberships-pro' ); ?></option>
1003
<option
1004
- value="within-a-status" <?php selected( $filter, 'within-a-status' ); ?>><?php _e( 'Within a Status', 'paid-memberships-pro' ); ?></option>
1005
<option
1006
- value="only-paid" <?php selected( $filter, 'only-paid' ); ?>><?php _e( 'Only Paid Orders', 'paid-memberships-pro' ); ?></option>
1007
<option
1008
- value="only-free" <?php selected( $filter, 'only-free' ); ?>><?php _e( 'Only Free Orders', 'paid-memberships-pro' ); ?></option>
1009
1010
<?php $custom_filters = apply_filters( 'pmpro_admin_orders_filters', array() ); ?>
1011
<?php foreach( $custom_filters as $value => $name ) { ?>
1012
- <option value="<?php esc_attr_e( $value ); ?>" <?php selected( $filter, $value ); ?>><?php esc_html_e( $name ); ?></option>
1013
<?php } ?>
1014
</select>
1015
1016
- <span id="from"><?php _e( 'From', 'paid-memberships-pro' ); ?></span>
1017
1018
<select id="start-month" name="start-month">
1019
<?php for ( $i = 1; $i < 13; $i ++ ) { ?>
@@ -1028,7 +1014,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1028
value="<?php echo esc_attr( $start_year ); ?>"/>
1029
1030
1031
- <span id="to"><?php _e( 'To', 'paid-memberships-pro' ); ?></span>
1032
1033
<select id="end-month" name="end-month">
1034
<?php for ( $i = 1; $i < 13; $i ++ ) { ?>
@@ -1041,18 +1027,18 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1041
<input id='end-day' name="end-day" type="text" size="2" value="<?php echo esc_attr( $end_day ); ?>"/>
1042
<input id='end-year' name="end-year" type="text" size="4" value="<?php echo esc_attr( $end_year ); ?>"/>
1043
1044
- <span id="filterby"><?php _e( 'filter by ', 'paid-memberships-pro' ); ?></span>
1045
1046
<select id="predefined-date" name="predefined-date">
1047
1048
<option
1049
- value="<?php echo 'This Month'; ?>" <?php selected( $predefined_date, 'This Month' ); ?>><?php echo 'This Month'; ?></option>
1050
<option
1051
- value="<?php echo 'Last Month'; ?>" <?php selected( $predefined_date, 'Last Month' ); ?>><?php echo 'Last Month'; ?></option>
1052
<option
1053
- value="<?php echo 'This Year'; ?>" <?php selected( $predefined_date, 'This Year' ); ?>><?php echo 'This Year'; ?></option>
1054
<option
1055
- value="<?php echo 'Last Year'; ?>" <?php selected( $predefined_date, 'Last Year' ); ?>><?php echo 'Last Year'; ?></option>
1056
1057
</select>
1058
@@ -1063,7 +1049,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1063
<select id="l" name="l">
1064
<?php foreach ( $levels as $level ) { ?>
1065
<option
1066
- value="<?php echo $level->id; ?>" <?php selected( $l, $level->id ); ?>><?php echo $level->name; ?></option>
1067
<?php } ?>
1068
1069
</select>
@@ -1076,7 +1062,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1076
<select id="discount_code" name="discount_code">
1077
<?php foreach ( $codes as $code ) { ?>
1078
<option
1079
- value="<?php echo $code->id; ?>" <?php selected( $discount_code, $code->id ); ?>><?php echo $code->code; ?></option>
1080
<?php } ?>
1081
</select>
1082
<?php } ?>
@@ -1087,11 +1073,11 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1087
<select id="status" name="status">
1088
<?php foreach ( $statuses as $the_status ) { ?>
1089
<option
1090
- value="<?php echo esc_attr( $the_status ); ?>" <?php selected( $the_status, $status ); ?>><?php echo $the_status; ?></option>
1091
<?php } ?>
1092
</select>
1093
1094
- <input id="submit" class="button" type="submit" value="<?php _e( 'Filter', 'paid-memberships-pro' ); ?>"/>
1095
</li>
1096
</ul>
1097
@@ -1225,10 +1211,10 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1225
</script>
1226
1227
<p class="search-box">
1228
- <label class="hidden" for="post-search-input"><?php _e( 'Search Orders', 'paid-memberships-pro' ); ?>:</label>
1229
<input type="hidden" name="page" value="pmpro-orders"/>
1230
<input id="post-search-input" type="text" value="<?php echo esc_attr( $s ); ?>" name="s"/>
1231
- <input class="button" type="submit" value="<?php _e( 'Search Orders', 'paid-memberships-pro' ); ?>"/>
1232
</p>
1233
1234
<?php
@@ -1276,7 +1262,7 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1276
$fields = apply_filters( 'pmpro_orders_search_fields', $fields );
1277
1278
foreach ( $fields as $field ) {
1279
- $sqlQuery .= ' OR ' . $field . " LIKE '%" . esc_sql( $s ) . "%' ";
1280
}
1281
$sqlQuery .= ') ';
1282
@@ -1308,18 +1294,18 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1308
<table class="widefat">
1309
<thead>
1310
<tr class="thead">
1311
- <th><?php _e( 'ID', 'paid-memberships-pro' ); ?></th>
1312
- <th><?php _e( 'Code', 'paid-memberships-pro' ); ?></th>
1313
- <th><?php _e( 'Username', 'paid-memberships-pro' ); ?></th>
1314
<?php do_action( 'pmpro_orders_extra_cols_header', $order_ids ); ?>
1315
- <th><?php _e( 'Level', 'paid-memberships-pro' ); ?></th>
1316
- <th><?php _e( 'Total', 'paid-memberships-pro' ); ?></th>
1317
- <th><?php _e( 'Payment', 'paid-memberships-pro' ); ?></th>
1318
- <th><?php _e( 'Gateway', 'paid-memberships-pro' ); ?></th>
1319
- <th><?php _e( 'Transaction IDs', 'paid-memberships-pro' ); ?></th>
1320
- <th><?php _e( 'Status', 'paid-memberships-pro' ); ?></th>
1321
- <th><?php _e( 'Date', 'paid-memberships-pro' ); ?></th>
1322
- <th><?php _e( 'Discount Code', 'paid-memberships-pro' );?></th>
1323
</tr>
1324
</thead>
1325
<tbody id="orders" class="list:order orders-list">
@@ -1331,33 +1317,31 @@ selected="selected"<?php } ?>><?php _e( 'Live/Production', 'paid-memberships-pro
1331
$order->getMemberOrderByID( $order_id );
1332
$order->getUser();
1333
?>
1334
- <tr
1335
- <?php
1336
- if ( $count ++ % 2 == 0 ) {
1337
- ?>
1338
- class="alternate"<?php } ?>>
1339
<td>
1340
- <a href="admin.php?page=pmpro-orders&order=<?php echo $order->id; ?>"><?php echo $order->id; ?></a>
1341
</td>
1342
<td class="order_code column-order_code has-row-actions">
1343
- <a href="admin.php?page=pmpro-orders&order=<?php echo $order->id; ?>"><?php echo $order->code; ?></a>
1344
<br />
1345
<div class="row-actions">
1346
<span class="edit">
1347
- <a title="<?php _e( 'Edit', 'paid-memberships-pro' ); ?>" href="<?php echo add_query_arg( array( 'page' => 'pmpro-orders', 'order' => $order->id ), admin_url('admin.php' ) ); ?>"><?php _e( 'Edit', 'paid-memberships-pro' ); ?></a>
1348
</span> |
1349
<span class="copy">
1350
- <a title="<?php _e( 'Copy', 'paid-memberships-pro' ); ?>" href="<?php echo add_query_arg( array( 'page' => 'pmpro-orders', 'order' => '-1', 'copy' => $order->id ), admin_url('admin.php' ) ); ?>"><?php _e( 'Copy', 'paid-memberships-pro' ); ?></a>
1351
</span> |
1352
<span class="delete">
1353
- <a href="javascript:pmpro_askfirst('<?php echo str_replace( "'", "\'", sprintf( __( 'Deleting orders is permanent and can affect active users. Are you sure you want to delete order %s?', 'paid-memberships-pro' ), str_replace( "'", '', $order->code ) ) ); ?>', 'admin.php?page=pmpro-orders&delete=<?php echo $order->id; ?>'); void(0);"><?php _e( 'Delete', 'paid-memberships-pro' ); ?></a>
1354
</span> |
1355
<span class="print">
1356
- <a target="_blank" title="<?php _e( 'Print', 'paid-memberships-pro' ); ?>" href="<?php echo add_query_arg( array( 'action' => 'pmpro_orders_print_view', 'order' => $order->id ), admin_url('admin-ajax.php' ) ); ?>"><?php _e( 'Print', 'paid-memberships-pro' ); ?></a>
1357
</span> |
1358
<span class="email">
1359
<a href="#TB_inline?width=600&height=200&inlineId=email_invoice" class="thickbox email_link"
1360
- data-order="<?php echo $order->id; ?>"><?php _e( 'Email', 'paid-memberships-pro' ); ?></a>
1361
</span>
1362
<?php
1363
// Set up the hover actions for this user
@@ -1369,7 +1353,7 @@ class="alternate"<?php } ?>>
1369
foreach ( $actions as $action => $link ) {
1370
++ $i;
1371
( $i == $action_count ) ? $sep = '' : $sep = ' | ';
1372
- $out .= "<span class='$action'>$link$sep</span>";
1373
}
1374
echo $out;
1375
}
@@ -1379,11 +1363,11 @@ class="alternate"<?php } ?>>
1379
<td class="username column-username">
1380
<?php $order->getUser(); ?>
1381
<?php if ( ! empty( $order->user ) ) { ?>
1382
- <a href="user-edit.php?user_id=<?php echo $order->user->ID; ?>"><?php echo $order->user->user_login; ?></a>
1383
<?php } elseif ( $order->user_id > 0 ) { ?>
1384
- [<?php _e( 'deleted', 'paid-memberships-pro' ); ?>]
1385
<?php } else { ?>
1386
- [<?php _e( 'none', 'paid-memberships-pro' ); ?>]
1387
<?php } ?>
1388
</td>
1389
<?php do_action( 'pmpro_orders_extra_cols_body', $order ); ?>
@@ -1391,80 +1375,80 @@ class="alternate"<?php } ?>>
1391
<?php
1392
$level = pmpro_getLevel( $order->membership_id );
1393
if ( ! empty( $level ) ) {
1394
- echo $level->name;
1395
} elseif ( $order->membership_id > 0 ) { ?>
1396
- [<?php _e( 'deleted', 'paid-memberships-pro' ); ?>]
1397
<?php } else { ?>
1398
- [<?php _e( 'none', 'paid-memberships-pro' ); ?>]
1399
<?php }
1400
?>
1401
</td>
1402
- <td><?php echo pmpro_formatPrice( $order->total ); ?></td>
1403
<td>
1404
<?php
1405
if ( ! empty( $order->payment_type ) ) {
1406
- echo $order->payment_type . '<br />';
1407
}
1408
?>
1409
<?php if ( ! empty( $order->accountnumber ) ) { ?>
1410
- <?php echo $order->cardtype; ?>: x<?php echo last4( $order->accountnumber ); ?><br/>
1411
<?php } ?>
1412
<?php if ( ! empty( $order->billing->name ) ) { ?>
1413
- <?php echo $order->billing->name; ?><br/>
1414
<?php } ?>
1415
<?php if ( ! empty( $order->billing->street ) ) { ?>
1416
- <?php echo $order->billing->street; ?><br/>
1417
<?php if ( $order->billing->city && $order->billing->state ) { ?>
1418
- <?php echo $order->billing->city; ?>, <?php echo $order->billing->state; ?><?php echo $order->billing->zip; ?>
1419
- <?php
1420
- if ( ! empty( $order->billing->country ) ) {
1421
- echo $order->billing->country; }
1422
?>
1423
<br/>
1424
<?php } ?>
1425
<?php } ?>
1426
<?php
1427
if ( ! empty( $order->billing->phone ) ) {
1428
- echo formatPhone( $order->billing->phone );
1429
}
1430
?>
1431
</td>
1432
<td><?php echo $order->gateway; ?>
1433
- <?php
1434
- if ( $order->gateway_environment == 'test' ) {
1435
- echo '(test)';
1436
- }
1437
?>
1438
- </td>
1439
<td>
1440
- <?php _e( 'Payment', 'paid-memberships-pro' ); ?>:
1441
- <?php
1442
- if ( ! empty( $order->payment_transaction_id ) ) {
1443
- echo $order->payment_transaction_id;
1444
- } else {
1445
- _e( 'N/A', 'paid-memberships-pro' );
1446
- }
1447
?>
1448
<br/>
1449
- <?php _e( 'Subscription', 'paid-memberships-pro' ); ?>
1450
:
1451
<?php
1452
if ( ! empty( $order->subscription_transaction_id ) ) {
1453
- echo $order->subscription_transaction_id;
1454
} else {
1455
- _e( 'N/A', 'paid-memberships-pro' );
1456
}
1457
?>
1458
</td>
1459
- <td><?php echo $order->status; ?></td>
1460
<td>
1461
- <?php echo date_i18n( get_option( 'date_format' ), $order->timestamp ); ?><br/>
1462
- <?php echo date_i18n( get_option( 'time_format' ), $order->timestamp ); ?>
1463
</td>
1464
<td>
1465
<?php if ( $order->getDiscountCode() ) { ?>
1466
- <a title="<?php _e('edit', 'paid-memberships-pro' ); ?>" href="<?php echo add_query_arg( array( 'page' => 'pmpro-discountcodes', 'edit' => $order->discount_code->id ), admin_url('admin.php' ) ); ?>">
1467
- <?php echo $order->discount_code->code; ?>
1468
</a>
1469
<?php } ?>
1470
</td>
@@ -1475,7 +1459,7 @@ class="alternate"<?php } ?>>
1475
if ( ! $order_ids ) {
1476
?>
1477
<tr>
1478
- <td colspan="9"><p><?php _e( 'No orders found.', 'paid-memberships-pro' ); ?></p></td>
1479
</tr>
1480
<?php
1481
}
@@ -1485,7 +1469,7 @@ class="alternate"<?php } ?>>
1485
</form>
1486
<?php
1487
// add normal args
1488
- $pagination_url = add_query_arg( $url_params, get_admin_url( null, '/admin.php?page=pmpro-orders' ) );
1489
echo pmpro_getPaginationString( $pn, $totalrows, $limit, 1, $pagination_url, "&limit=$limit&pn=" );
1490
?>
1491
291
292
// save
293
if ( $order->saveOrder() !== false && $nonceokay ) {
294
+ $order_id = $order->id;
295
+
296
// handle timestamp
297
if ( $order->updateTimestamp( intval( $_POST['ts_year'] ), intval( $_POST['ts_month'] ), intval( $_POST['ts_day'] ), intval( $_POST['ts_hour'] ) . ':' . intval( $_POST['ts_minute'] ) . ':00' ) !== false ) {
298
$pmpro_msg = __( 'Order saved successfully.', 'paid-memberships-pro' );
305
$pmpro_msg = __( 'Error saving order.', 'paid-memberships-pro' );
306
$pmpro_msgt = 'error';
307
}
308
+
309
+ // also update the discount code if needed
310
+ if( isset( $_REQUEST['discount_code_id'] ) ) {
311
+ $order->updateDiscountCode( intval( $_REQUEST['discount_code_id'] ) );
312
+ }
313
} else {
314
// order passed?
315
if ( ! empty( $_REQUEST['order'] ) ) {
373
<?php if ( ! empty( $order ) ) { ?>
374
375
<?php if ( ! empty( $order->id ) ) { ?>
376
+ <h1 class="wp-heading-inline"><?php esc_html_e( 'Order', 'paid-memberships-pro' ); ?> #<?php echo esc_html( $order->id ); ?>: <?php echo esc_html( $order->code ); ?></h1>
377
+ <a title="<?php esc_attr_e( 'Print', 'paid-memberships-pro' ); ?>" href="<?php echo esc_url( add_query_arg( array( 'action' => 'pmpro_orders_print_view', 'order' => $order->id ), admin_url( 'admin-ajax.php' ) ) ); ?>" class="page-title-action" target="_blank" ><?php esc_html_e( 'Print', 'paid-memberships-pro' ); ?></a>
378
+ <a title="<?php esc_attr_e( 'Email', 'paid-memberships-pro' ); ?>" href="#TB_inline?width=600&height=200&inlineId=email_invoice" class="thickbox email_link page-title-action" data-order="<?php echo esc_html( $order->id ); ?>"><?php esc_html_e( 'Email', 'paid-memberships-pro' ); ?></a>
379
<?php } else { ?>
380
<h1 class="wp-heading-inline"><?php esc_html_e( 'New Order', 'paid-memberships-pro' ); ?></h1>
381
<?php } ?>
403
<td>
404
<?php
405
if ( ! empty( $order->id ) ) {
406
+ echo esc_html( $order->id );
407
} else {
408
echo '<p class="description">' . __( 'This will be generated when you save.', 'paid-memberships-pro' ) . '</p>';
409
}
416
<td>
417
<?php
418
if ( in_array( 'code', $read_only_fields ) ) {
419
+ echo esc_html( $order->code );
420
} else { ?>
421
<input id="code" name="code" type="text" value="<?php echo esc_attr( $order->code ); ?>" class="regular-text" />
422
<?php
423
}
424
?>
425
<?php if ( $order_id < 0 ) { ?>
426
+ <p class="description"><?php esc_html_e( 'Randomly generated for you.', 'paid-memberships-pro' ); ?></p>
427
<?php } ?>
428
</td>
429
</tr>
432
<td>
433
<?php
434
if ( in_array( 'user_id', $read_only_fields ) && $order_id > 0 ) {
435
+ echo esc_html( $order->user_id );
436
} else { ?>
437
<input id="user_id" name="user_id" type="text" value="<?php echo esc_attr( $order->user_id ); ?>" class="regular-text" />
438
<?php
441
</td>
442
</tr>
443
<tr>
444
+ <th scope="row" valign="top"><label for="membership_id"><?php esc_html_e( 'Membership Level ID', 'paid-memberships-pro' ); ?>:</label></th>
445
<td>
446
<?php
447
if ( in_array( 'membership_id', $read_only_fields ) && $order_id > 0 ) {
448
+ echo esc_html( $order->membership_id );
449
} else { ?>
450
<input id="membership_id" name="membership_id" type="text" value="<?php echo esc_attr( $order->membership_id ); ?>" class="regular-text" />
451
<?php
454
</td>
455
</tr>
456
<tr>
457
+ <th scope="row" valign="top"><label for="billing_name"><?php esc_html_e( 'Billing Name', 'paid-memberships-pro' ); ?>:</label>
458
</th>
459
<td>
460
<?php
461
if ( in_array( 'billing_name', $read_only_fields ) && $order_id > 0 ) {
462
+ echo esc_html( $order->billing_name );
463
} else {
464
?>
465
<input id="billing_name" name="billing_name" type="text" size="50"
468
</td>
469
</tr>
470
<tr>
471
+ <th scope="row" valign="top"><label for="billing_street"><?php esc_html_e( 'Billing Street', 'paid-memberships-pro' ); ?>
472
:</label></th>
473
<td>
474
<?php
475
if ( in_array( 'billing_street', $read_only_fields ) && $order_id > 0 ) {
476
+ echo esc_html( $order->billing_street );
477
} else {
478
?>
479
<input id="billing_street" name="billing_street" type="text" size="50"
481
<?php } ?>
482
</tr>
483
<tr>
484
+ <th scope="row" valign="top"><label for="billing_city"><?php esc_html_e( 'Billing City', 'paid-memberships-pro' ); ?>:</label>
485
</th>
486
<td>
487
<?php
488
if ( in_array( 'billing_city', $read_only_fields ) && $order_id > 0 ) {
489
+ echo esc_html( $order->billing_city );
490
} else {
491
?>
492
<input id="billing_city" name="billing_city" type="text" size="50"
494
<?php } ?>
495
</tr>
496
<tr>
497
+ <th scope="row" valign="top"><label for="billing_state"><?php esc_html_e( 'Billing State', 'paid-memberships-pro' ); ?>
498
:</label></th>
499
<td>
500
<?php
501
if ( in_array( 'billing_state', $read_only_fields ) && $order_id > 0 ) {
502
+ echo esc_html( $order->billing_state );
503
} else {
504
?>
505
<input id="billing_state" name="billing_state" type="text" size="50"
507
<?php } ?>
508
</tr>
509
<tr>
510
+ <th scope="row" valign="top"><label for="billing_zip"><?php esc_html_e( 'Billing Postal Code', 'paid-memberships-pro' ); ?>
511
:</label></th>
512
<td>
513
<?php
514
if ( in_array( 'billing_zip', $read_only_fields ) && $order_id > 0 ) {
515
+ echo esc_html( $order->billing_zip );
516
} else {
517
?>
518
<input id="billing_zip" name="billing_zip" type="text" size="50"
520
<?php } ?>
521
</tr>
522
<tr>
523
+ <th scope="row" valign="top"><label for="billing_country"><?php esc_html_e( 'Billing Country', 'paid-memberships-pro' ); ?>
524
:</label></th>
525
<td>
526
<?php
527
if ( in_array( 'billing_country', $read_only_fields ) && $order_id > 0 ) {
528
+ echo esc_html( $order->billing_country );
529
} else {
530
?>
531
<input id="billing_country" name="billing_country" type="text" size="50"
534
</td>
535
</tr>
536
<tr>
537
+ <th scope="row" valign="top"><label for="billing_phone"><?php esc_html_e( 'Billing Phone', 'paid-memberships-pro' ); ?>
538
:</label></th>
539
<td>
540
<?php
541
if ( in_array( 'billing_phone', $read_only_fields ) && $order_id > 0 ) {
542
+ echo esc_html( $order->billing_phone );
543
} else {
544
?>
545
<input id="billing_phone" name="billing_phone" type="text" size="50"
564
$codes = $wpdb->get_results($sqlQuery, OBJECT);
565
if ( ! empty( $codes ) ) { ?>
566
<tr>
567
+ <th scope="row" valign="top"><label for="discount_code_id"><?php esc_html_e( 'Discount Code', 'paid-memberships-pro' ); ?>:</label></th>
568
<td>
569
<?php
570
if ( in_array( 'discount_code_id', $read_only_fields ) && $order_id > 0 ) {
590
<td>
591
<?php
592
if ( in_array( 'subtotal', $read_only_fields ) && $order_id > 0 ) {
593
+ echo esc_html( $order->subtotal );
594
} else {
595
?>
596
<input id="subtotal" name="subtotal" type="text" size="10"
599
</td>
600
</tr>
601
<tr>
602
+ <th scope="row" valign="top"><label for="tax"><?php esc_html_e( 'Tax', 'paid-memberships-pro' ); ?>:</label></th>
603
<td>
604
<?php
605
if ( in_array( 'tax', $read_only_fields ) && $order_id > 0 ) {
606
+ echo esc_html( $order->tax );
607
} else {
608
?>
609
<input id="tax" name="tax" type="text" size="10"
612
</td>
613
</tr>
614
<tr>
615
+ <th scope="row" valign="top"><label for="couponamount"><?php esc_html_e( 'Coupon Amount', 'paid-memberships-pro' ); ?>:</label>
616
</th>
617
<td>
618
<?php
619
if ( in_array( 'couponamount', $read_only_fields ) && $order_id > 0 ) {
620
+ echo esc_html( $order->couponamount );
621
} else {
622
+ ?>
623
+ <input id="couponamount" name="couponamount" type="text" size="10" value="<?php echo esc_attr( $order->couponamount ); ?>"/>
624
<?php } ?>
625
</td>
626
</tr>
627
<tr>
628
+ <th scope="row" valign="top"><label for="total"><?php esc_html_e( 'Total', 'paid-memberships-pro' ); ?>:</label></th>
629
<td>
630
<?php
631
if ( in_array( 'total', $read_only_fields ) && $order_id > 0 ) {
632
+ echo esc_html( $order->total );
633
} else {
634
?>
635
<input id="total" name="total" type="text" size="10"
636
value="<?php echo esc_attr( $order->total ); ?>"/>
637
<?php } ?>
638
+ <p class="description"><?php esc_html_e( 'Should be subtotal + tax - couponamount.', 'paid-memberships-pro' ); ?></p>
639
</td>
640
</tr>
641
642
<tr>
643
+ <th scope="row" valign="top"><label for="payment_type"><?php esc_html_e( 'Payment Type', 'paid-memberships-pro' ); ?>:</label>
644
</th>
645
<td>
646
<?php
647
if ( in_array( 'payment_type', $read_only_fields ) && $order_id > 0 ) {
648
+ echo esc_html( $order->payment_type );
649
} else {
650
?>
651
<input id="payment_type" name="payment_type" type="text" size="50"
652
value="<?php echo esc_attr( $order->payment_type ); ?>"/>
653
<?php } ?>
654
+ <p class="description"><?php esc_html_e( 'e.g. PayPal Express, PayPal Standard, Credit Card.', 'paid-memberships-pro' ); ?></p>
655
</td>
656
</tr>
657
<tr>
658
+ <th scope="row" valign="top"><label for="cardtype"><?php esc_html_e( 'Card Type', 'paid-memberships-pro' ); ?></label></th>
659
<td>
660
<?php
661
if ( in_array( 'cardtype', $read_only_fields ) && $order_id > 0 ) {
662
+ echo esc_html( $order->cardtype );
663
} else {
664
?>
665
<input id="cardtype" name="cardtype" type="text" size="50"
666
value="<?php echo esc_attr( $order->cardtype ); ?>"/>
667
<?php } ?>
668
+ <p class="description"><?php esc_html_e( 'e.g. Visa, MasterCard, AMEX, etc', 'paid-memberships-pro' ); ?></p>
669
</td>
670
</tr>
671
<tr>
672
+ <th scope="row" valign="top"><label for="accountnumber"><?php esc_html_e( 'Account Number', 'paid-memberships-pro' ); ?>
673
:</label></th>
674
<td>
675
<?php
676
if ( in_array( 'accountnumber', $read_only_fields ) && $order_id > 0 ) {
677
+ echo esc_html( $order->accountnumber );
678
} else {
679
?>
680
<input id="accountnumber" name="accountnumber" type="text" size="50"
681
value="<?php echo esc_attr( $order->accountnumber ); ?>"/>
682
<?php } ?>
683
+ <p class="description"><?php esc_html_e( 'Obscure all but last 4 digits.', 'paid-memberships-pro' ); ?></p>
684
</td>
685
</tr>
686
<?php
687
if ( in_array( 'ExpirationDate', $read_only_fields ) && $order_id > 0 ) {
688
+ echo esc_html( $order->ExpirationDate );
689
} else {
690
?>
691
<tr>
692
<th scope="row" valign="top"><label
693
+ for="expirationmonth"><?php esc_html_e( 'Expiration Month', 'paid-memberships-pro' ); ?>:</label></th>
694
<td>
695
<input id="expirationmonth" name="expirationmonth" type="text" size="10"
696
value="<?php echo esc_attr( $order->expirationmonth ); ?>"/>
698
</td>
699
</tr>
700
<tr>
701
+ <th scope="row" valign="top"><label for="expirationyear"><?php esc_html_e( 'Expiration Year', 'paid-memberships-pro' ); ?>
702
:</label></th>
703
<td>
704
<input id="expirationyear" name="expirationyear" type="text" size="10"
708
</tr>
709
<?php } ?>
710
<tr>
711
+ <th scope="row" valign="top"><label for="status"><?php esc_html_e( 'Status', 'paid-memberships-pro' ); ?>:</label></th>
712
<td>
713
<?php
714
if ( in_array( 'status', $read_only_fields ) && $order_id > 0 ) {
715
+ echo esc_html( $order->status );
716
} else { ?>
717
<?php
718
$statuses = pmpro_getOrderStatuses();
720
<select id="status" name="status">
721
<?php foreach ( $statuses as $status ) { ?>
722
<option
723
+ value="<?php echo esc_attr( $status ); ?>" <?php selected( $order->status, $status ); ?>><?php echo esc_html( $status ); ?></option>
724
<?php } ?>
725
</select>
726
<?php
730
</tr>
731
732
<tr>
733
+ <th scope="row" valign="top"><label for="gateway"><?php esc_html_e( 'Gateway', 'paid-memberships-pro' ); ?>:</label></th>
734
<td>
735
<?php
736
if ( in_array( 'gateway', $read_only_fields ) && $order_id > 0 ) {
737
+ echo esc_html( $order->gateway );
738
} else {
739
+ ?>
740
+ <select id="gateway" name="gateway" onchange="pmpro_changeGateway(jQuery(this).val());">
741
+ <?php
742
+ $pmpro_gateways = pmpro_gateways();
743
+ foreach ( $pmpro_gateways as $pmpro_gateway_name => $pmpro_gateway_label ) {
744
+ ?>
745
+ <option
746
+ value="<?php echo esc_attr( $pmpro_gateway_name ); ?>" <?php selected( $order->gateway, $pmpro_gateway_name ); ?>><?php echo esc_html( $pmpro_gateway_label ); ?></option>
747
+ <?php
748
+ }
749
+ ?>
750
+ </select>
751
+ <?php } ?>
752
</td>
753
</tr>
754
<tr>
755
<th scope="row" valign="top"><label
756
+ for="gateway_environment"><?php esc_html_e( 'Gateway Environment', 'paid-memberships-pro' ); ?>:</label></th>
757
<td>
758
<?php
759
if ( in_array( 'gateway_environment', $read_only_fields ) && $order_id > 0 ) {
760
+ echo esc_html( $order->gateway_environment );
761
} else {
762
?>
763
+ <select name="gateway_environment">
764
+ <option value="sandbox" <?php if ( $order->gateway_environment == 'sandbox' ) { ?>selected="selected"<?php } ?>><?php esc_html_e( 'Sandbox/Testing', 'paid-memberships-pro' ); ?></option>
765
+ <option value="live" <?php if ( $order->gateway_environment == 'live' ) { ?>selected="selected"<?php } ?>><?php esc_html_e( 'Live/Production', 'paid-memberships-pro' ); ?></option>
766
</select>
767
<?php } ?>
768
</td>
774
<td>
775
<?php
776
if ( in_array( 'payment_transaction_id', $read_only_fields ) && $order_id > 0 ) {
777
+ echo esc_html( $order->payment_transaction_id );
778
} else {
779
?>
780
<input id="payment_transaction_id" name="payment_transaction_id" type="text" size="50"
781
value="<?php echo esc_attr( $order->payment_transaction_id ); ?>"/>
782
<?php } ?>
783
+ <p class="description"><?php esc_html_e( 'Generated by the gateway. Useful to cross reference orders.', 'paid-memberships-pro' ); ?></p>
784
</td>
785
</tr>
786
<tr>
787
<th scope="row" valign="top"><label
788
+ for="subscription_transaction_id"><?php esc_html_e( 'Subscription Transaction ID', 'paid-memberships-pro' ); ?>
789
:</label></th>
790
<td>
791
<?php
796
<input id="subscription_transaction_id" name="subscription_transaction_id" type="text" size="50"
797
value="<?php echo esc_attr( $order->subscription_transaction_id ); ?>"/>
798
<?php } ?>
799
+ <p class="description"><?php esc_html_e( 'Generated by the gateway. Useful to cross reference subscriptions.', 'paid-memberships-pro' ); ?></p>
800
</td>
801
</tr>
802
803
<tr>
804
+ <th scope="row" valign="top"><label for="ts_month"><?php esc_html_e( 'Date', 'paid-memberships-pro' ); ?>:</label></th>
805
<td>
806
<?php
807
if ( in_array( 'timestamp', $read_only_fields ) && $order_id > 0 ) {
808
+ echo esc_html( date_i18n( get_option( 'date_format' ) . ' ' . get_option( 'time_format' ), $order->timestamp ) );
809
} else {
810
+ // set up date vars
811
+ if ( ! empty( $order->timestamp ) ) {
812
+ $timestamp = $order->timestamp;
813
+ } else {
814
+ $timestamp = current_time( 'timestamp' );
815
+ }
816
+
817
+ $year = date( 'Y', $timestamp );
818
+ $month = date( 'n', $timestamp );
819
+ $day = date( 'j', $timestamp );
820
+ $hour = date( 'H', $timestamp );
821
+ $minute = date( 'i', $timestamp );
822
+ $second = date( 's', $timestamp );
823
+ ?>
824
+ <select id="ts_month" name="ts_month">
825
+ <?php
826
+ for ( $i = 1; $i < 13; $i ++ ) {
827
+ ?>
828
+ <option value="<?php echo esc_attr( $i ); ?>" <?php selected( $i, $month ); ?>>
829
+ <?php echo esc_html( date_i18n( 'F', mktime( 0, 0, 0, $i, 2 ) ) ); ?>
830
+ </option>
831
+ <?php
832
+ }
833
+ ?>
834
</select>
835
<input name="ts_day" type="text" size="2" value="<?php echo esc_attr( $day ); ?>"/>
836
<input name="ts_year" type="text" size="4" value="<?php echo esc_attr( $year ); ?>"/>
846
if ( ! empty( $affiliates ) ) {
847
?>
848
<tr>
849
+ <th scope="row" valign="top"><label for="affiliate_id"><?php esc_html_e( 'Affiliate ID', 'paid-memberships-pro' ); ?>
850
:</label></th>
851
<td>
852
<?php
853
if ( in_array( 'affiliate_id', $read_only_fields ) && $order_id > 0 ) {
854
+ echo esc_html( $order->affiliate_id );
855
} else {
856
+ ?>
857
+ <input id="affiliate_id" name="affiliate_id" type="text" size="50" value="<?php echo esc_attr( $order->affiliate_id ); ?>"/>
858
<?php } ?>
859
</td>
860
</tr>
861
<tr>
862
+ <th scope="row" valign="top"><label for="affiliate_subid"><?php esc_html_e( 'Affiliate SubID', 'paid-memberships-pro' ); ?>
863
:</label></th>
864
<td>
865
<?php
866
if ( in_array( 'affiliate_subid', $read_only_fields ) && $order_id > 0 ) {
867
+ echo esc_html( $order->affiliate_subid );
868
} else {
869
+ ?>
870
+ <input id="affiliate_subid" name="affiliate_subid" type="text" size="50" value="<?php echo esc_attr( $order->affiliate_subid ); ?>"/>
871
<?php } ?>
872
</td>
873
</tr>
880
if( !empty( $tospage_id ) || !empty( $consent_entry ) ) {
881
?>
882
<tr>
883
+ <th scope="row" valign="top"><label for="tos_consent"><?php esc_html_e( 'TOS Consent', 'paid-memberships-pro' ); ?>:</label></th>
884
<td id="tos_consent">
885
<?php
886
if( !empty( $consent_entry ) ) {
887
+ echo esc_html( pmpro_consent_to_text( $consent_entry ) );
888
} else {
889
+ esc_html_e( 'N/A' );
890
}
891
?>
892
</td>
894
<?php
895
}
896
?>
897
<tr>
898
+ <th scope="row" valign="top"><label for="notes"><?php esc_html_e( 'Notes', 'paid-memberships-pro' ); ?>:</label></th>
899
<td>
900
<?php
901
+ if ( in_array( 'notes', $read_only_fields ) && $order_id > 0 ) {
902
+ echo wp_kses_post( $order->notes );
903
} else {
904
+ ?>
905
+ <textarea id="notes" name="notes" rows="5" cols="80"><?php echo esc_textarea( $order->notes ); ?></textarea>
906
<?php } ?>
907
</td>
908
</tr>
916
<input name="order" type="hidden" value="
917
<?php
918
if ( ! empty( $order->id ) ) {
919
+ echo esc_html( $order->id );
920
} else {
921
+ echo esc_html( $order_id );
922
}
923
?>
924
"/>
925
+ <input name="save" type="submit" class="button-primary" value="<?php esc_attr_e( 'Save Order', 'paid-memberships-pro' ); ?>"/>
926
+ <input name="cancel" type="button" class="cancel button-secondary" value="<?php esc_attr_e( 'Cancel', 'paid-memberships-pro' ); ?>"
927
+ onclick="location.href='<?php echo esc_url( get_admin_url( null, '/admin.php?page=pmpro-orders' ) ); ?>';"/>
928
</p>
929
930
</form>
934
<form id="posts-filter" method="get" action="">
935
936
<h1 class="wp-heading-inline"><?php esc_html_e( 'Orders', 'paid-memberships-pro' ); ?></h1>
937
+ <a href="<?php echo esc_url( add_query_arg( array( 'page' => 'pmpro-orders', 'order' => -1 ), get_admin_url(null, 'admin.php' ) ) ); ?>" class="page-title-action"><?php esc_html_e( 'Add New Order', 'paid-memberships-pro' ); ?></a>
938
939
<?php
940
// build the export URL
955
);
956
$export_url = add_query_arg( $url_params, $export_url );
957
?>
958
+ <a target="_blank" href="<?php echo esc_url( $export_url ); ?>" class="page-title-action"><?php esc_html_e( 'Export to CSV', 'paid-memberships-pro' ); ?></a>
959
960
<hr class="wp-header-end">
961
975
976
<ul class="subsubsub">
977
<li>
978
+ <?php esc_html_e( 'Show', 'paid-memberships-pro' ); ?>
979
<select id="filter" name="filter">
980
+ <option value="all" <?php selected( $filter, 'all' ); ?>><?php esc_html_e( 'All', 'paid-memberships-pro' ); ?></option>
981
<option
982
+ value="within-a-date-range" <?php selected( $filter, 'within-a-date-range' ); ?>><?php esc_html_e( 'Within a Date Range', 'paid-memberships-pro' ); ?></option>
983
<option
984
+ value="predefined-date-range" <?php selected( $filter, 'predefined-date-range' ); ?>><?php esc_html_e( 'Predefined Date Range', 'paid-memberships-pro' ); ?></option>
985
<option
986
+ value="within-a-level" <?php selected( $filter, 'within-a-level' ); ?>><?php esc_html_e( 'Within a Level', 'paid-memberships-pro' ); ?></option>
987
<option
988
+ value="with-discount-code" <?php selected( $filter, 'with-discount-code' ); ?>><?php esc_html_e( 'With a Discount Code', 'paid-memberships-pro' ); ?></option>
989
<option
990
+ value="within-a-status" <?php selected( $filter, 'within-a-status' ); ?>><?php esc_html_e( 'Within a Status', 'paid-memberships-pro' ); ?></option>
991
<option
992
+ value="only-paid" <?php selected( $filter, 'only-paid' ); ?>><?php esc_html_e( 'Only Paid Orders', 'paid-memberships-pro' ); ?></option>
993
<option
994
+ value="only-free" <?php selected( $filter, 'only-free' ); ?>><?php esc_html_e( 'Only Free Orders', 'paid-memberships-pro' ); ?></option>
995
996
<?php $custom_filters = apply_filters( 'pmpro_admin_orders_filters', array() ); ?>
997
<?php foreach( $custom_filters as $value => $name ) { ?>
998
+ <option value="<?php echo esc_attr( $value ); ?>" <?php selected( $filter, $value ); ?>><?php esc_html_e( $name ); ?></option>
999
<?php } ?>
1000
</select>
1001
1002
+ <span id="from"><?php esc_html_e( 'From', 'paid-memberships-pro' ); ?></span>
1003
1004
<select id="start-month" name="start-month">
1005
<?php for ( $i = 1; $i < 13; $i ++ ) { ?>
1014
value="<?php echo esc_attr( $start_year ); ?>"/>
1015
1016
1017
+ <span id="to"><?php esc_html_e( 'To', 'paid-memberships-pro' ); ?></span>
1018
1019
<select id="end-month" name="end-month">
1020
<?php for ( $i = 1; $i < 13; $i ++ ) { ?>
1027
<input id='end-day' name="end-day" type="text" size="2" value="<?php echo esc_attr( $end_day ); ?>"/>
1028
<input id='end-year' name="end-year" type="text" size="4" value="<?php echo esc_attr( $end_year ); ?>"/>
1029
1030
+ <span id="filterby"><?php esc_html_e( 'filter by ', 'paid-memberships-pro' ); ?></span>
1031
1032
<select id="predefined-date" name="predefined-date">
1033
1034
<option
1035
+ value="<?php echo 'This Month'; ?>" <?php selected( $predefined_date, 'This Month' ); ?>><?php esc_html_e( 'This Month', 'paid-memberships-pro' ); ?></option>
1036
<option
1037
+ value="<?php echo 'Last Month'; ?>" <?php selected( $predefined_date, 'Last Month' ); ?>><?php esc_html_e( 'Last Month', 'paid-memberships-pro' ); ?></option>
1038
<option
1039
+ value="<?php echo 'This Year'; ?>" <?php selected( $predefined_date, 'This Year' ); ?>><?php esc_html_e( 'This Year', 'paid-memberships-pro' ); ?></option>
1040
<option
1041
+ value="<?php echo 'Last Year'; ?>" <?php selected( $predefined_date, 'Last Year' ); ?>><?php esc_html_e( 'Last Year', 'paid-memberships-pro' ); ?></option>
1042
1043
</select>
1044
1049
<select id="l" name="l">
1050
<?php foreach ( $levels as $level ) { ?>
1051
<option
1052
+ value="<?php echo esc_attr( $level->id ); ?>" <?php selected( $l, $level->id ); ?>><?php echo esc_html( $level->name ); ?></option>
1053
<?php } ?>
1054
1055
</select>
1062
<select id="discount_code" name="discount_code">
1063
<?php foreach ( $codes as $code ) { ?>
1064
<option
1065
+ value="<?php echo esc_attr( $code->id ); ?>" <?php selected( $discount_code, $code->id ); ?>><?php echo esc_html( $code->code ); ?></option>
1066
<?php } ?>
1067
</select>
1068
<?php } ?>
1073
<select id="status" name="status">
1074
<?php foreach ( $statuses as $the_status ) { ?>
1075
<option
1076
+ value="<?php echo esc_attr( $the_status ); ?>" <?php selected( $the_status, $status ); ?>><?php echo esc_html( $the_status ); ?></option>
1077
<?php } ?>
1078
</select>
1079
1080
+ <input id="submit" class="button" type="submit" value="<?php esc_attr_e( 'Filter', 'paid-memberships-pro' ); ?>"/>
1081
</li>
1082
</ul>
1083
1211
</script>
1212
1213
<p class="search-box">
1214
+ <label class="hidden" for="post-search-input"><?php esc_html_e( 'Search Orders', 'paid-memberships-pro' ); ?>:</label>
1215
<input type="hidden" name="page" value="pmpro-orders"/>
1216
<input id="post-search-input" type="text" value="<?php echo esc_attr( $s ); ?>" name="s"/>
1217
+ <input class="button" type="submit" value="<?php esc_attr_e( 'Search Orders', 'paid-memberships-pro' ); ?>"/>
1218
</p>
1219
1220
<?php
1262
$fields = apply_filters( 'pmpro_orders_search_fields', $fields );
1263
1264
foreach ( $fields as $field ) {
1265
+ $sqlQuery .= ' OR ' . esc_sql( $field ) . " LIKE '%" . esc_sql( $s ) . "%' ";
1266
}
1267
$sqlQuery .= ') ';
1268
1294
<table class="widefat">
1295
<thead>
1296
<tr class="thead">
1297
+ <th><?php esc_html_e( 'ID', 'paid-memberships-pro' ); ?></th>
1298
+ <th><?php esc_html_e( 'Code', 'paid-memberships-pro' ); ?></th>
1299
+ <th><?php esc_html_e( 'Username', 'paid-memberships-pro' ); ?></th>
1300
<?php do_action( 'pmpro_orders_extra_cols_header', $order_ids ); ?>
1301
+ <th><?php esc_html_e( 'Level', 'paid-memberships-pro' ); ?></th>
1302
+ <th><?php esc_html_e( 'Total', 'paid-memberships-pro' ); ?></th>
1303
+ <th><?php esc_html_e( 'Payment', 'paid-memberships-pro' ); ?></th>
1304
+ <th><?php esc_html_e( 'Gateway', 'paid-memberships-pro' ); ?></th>
1305
+ <th><?php esc_html_e( 'Transaction IDs', 'paid-memberships-pro' ); ?></th>
1306
+ <th><?php esc_html_e( 'Status', 'paid-memberships-pro' ); ?></th>
1307
+ <th><?php esc_html_e( 'Date', 'paid-memberships-pro' ); ?></th>
1308
+ <th><?php esc_html_e( 'Discount Code', 'paid-memberships-pro' );?></th>
1309
</tr>
1310
</thead>
1311
<tbody id="orders" class="list:order orders-list">
1317
$order->getMemberOrderByID( $order_id );
1318
$order->getUser();
1319
?>
1320
+ <tr <?php if ( $count ++ % 2 == 0 ) { ?>
1321
+ class="alternate"<?php } ?>>
1322
<td>
1323
+ <a href="admin.php?page=pmpro-orders&order=<?php echo esc_attr( $order->id ); ?>"><?php echo esc_html( $order->id ); ?></a>
1324
</td>
1325
<td class="order_code column-order_code has-row-actions">
1326
+ <a href="admin.php?page=pmpro-orders&order=<?php echo esc_attr( $order->id ); ?>"><?php echo esc_html( $order->code ); ?></a>
1327
<br />
1328
<div class="row-actions">
1329
<span class="edit">
1330
+ <a title="<?php esc_attr_e( 'Edit', 'paid-memberships-pro' ); ?>" href="<?php echo esc_url( add_query_arg( array( 'page' => 'pmpro-orders', 'order' => $order->id ), admin_url('admin.php' ) ) ); ?>"><?php esc_html_e( 'Edit', 'paid-memberships-pro' ); ?></a>
1331
</span> |
1332
<span class="copy">
1333
+ <a title="<?php esc_attr_e( 'Copy', 'paid-memberships-pro' ); ?>" href="<?php echo esc_url( add_query_arg( array( 'page' => 'pmpro-orders', 'order' => '-1', 'copy' => $order->id ), admin_url('admin.php' ) ) ); ?>"><?php esc_html_e( 'Copy', 'paid-memberships-pro' ); ?></a>
1334
</span> |
1335
<span class="delete">
1336
+ <a href="javascript:pmpro_askfirst('<?php echo esc_attr
1337
+ ( sprintf( __( 'Deleting orders is permanent and can affect active users. Are you sure you want to delete order %s?', 'paid-memberships-pro' ), str_replace( "'", '', $order->code ) ) ); ?>', 'admin.php?page=pmpro-orders&delete=<?php echo $order->id; ?>'); void(0);"><?php esc_html_e( 'Delete', 'paid-memberships-pro' ); ?></a>
1338
</span> |
1339
<span class="print">
1340
+ <a target="_blank" title="<?php esc_attr_e( 'Print', 'paid-memberships-pro' ); ?>" href="<?php echo esc_url( add_query_arg( array( 'action' => 'pmpro_orders_print_view', 'order' => $order->id ), admin_url('admin-ajax.php' ) ) ); ?>"><?php esc_html_e( 'Print', 'paid-memberships-pro' ); ?></a>
1341
</span> |
1342
<span class="email">
1343
<a href="#TB_inline?width=600&height=200&inlineId=email_invoice" class="thickbox email_link"
1344
+ data-order="<?php echo esc_attr( $order->id ); ?>"><?php esc_html_e( 'Email', 'paid-memberships-pro' ); ?></a>
1345
</span>
1346
<?php
1347
// Set up the hover actions for this user
1353
foreach ( $actions as $action => $link ) {
1354
++ $i;
1355
( $i == $action_count ) ? $sep = '' : $sep = ' | ';
1356
+ $out .= "<span class='" . esc_attr( $action ) . "'>" . esc_html( $link ) . $sep . "</span>";
1357
}
1358
echo $out;
1359
}
1363
<td class="username column-username">
1364
<?php $order->getUser(); ?>
1365
<?php if ( ! empty( $order->user ) ) { ?>
1366
+ <a href="user-edit.php?user_id=<?php echo esc_attr( $order->user->ID ); ?>"><?php echo esc_html( $order->user->user_login ); ?></a>
1367
<?php } elseif ( $order->user_id > 0 ) { ?>
1368
+ [<?php esc_html_e( 'deleted', 'paid-memberships-pro' ); ?>]
1369
<?php } else { ?>
1370
+ [<?php esc_html_e( 'none', 'paid-memberships-pro' ); ?>]
1371
<?php } ?>
1372
</td>
1373
<?php do_action( 'pmpro_orders_extra_cols_body', $order ); ?>
1375
<?php
1376
$level = pmpro_getLevel( $order->membership_id );
1377
if ( ! empty( $level ) ) {
1378
+ echo esc_html( $level->name );
1379
} elseif ( $order->membership_id > 0 ) { ?>
1380
+ [<?php esc_html_e( 'deleted', 'paid-memberships-pro' ); ?>]
1381
<?php } else { ?>
1382
+ [<?php esc_html_e( 'none', 'paid-memberships-pro' ); ?>]
1383
<?php }
1384
?>
1385
</td>
1386
+ <td><?php echo esc_html( pmpro_formatPrice( $order->total ) ); ?></td>
1387
<td>
1388
<?php
1389
if ( ! empty( $order->payment_type ) ) {
1390
+ echo esc_html( $order->payment_type ) . '<br />';
1391
}
1392
?>
1393
<?php if ( ! empty( $order->accountnumber ) ) { ?>
1394
+ <?php echo esc_html( $order->cardtype ); ?>: x<?php echo esc_html( last4( $order->accountnumber ) ); ?><br/>
1395
<?php } ?>
1396
<?php if ( ! empty( $order->billing->name ) ) { ?>
1397
+ <?php echo esc_html( $order->billing->name ); ?><br/>
1398
<?php } ?>
1399
<?php if ( ! empty( $order->billing->street ) ) { ?>
1400
+ <?php echo esc_html( $order->billing->street ); ?><br/>
1401
<?php if ( $order->billing->city && $order->billing->state ) { ?>
1402
+ <?php echo esc_html( $order->billing->city ); ?>, <?php echo esc_html( $order->billing->state ); ?><?php echo esc_html( $order->billing->zip ); ?>
1403
+ <?php
1404
+ if ( ! empty( $order->billing->country ) ) {
1405
+ echo esc_html( $order->billing->country ); }
1406
?>
1407
<br/>
1408
<?php } ?>
1409
<?php } ?>
1410
<?php
1411
if ( ! empty( $order->billing->phone ) ) {
1412
+ echo esc_html( formatPhone( $order->billing->phone ) );
1413
}
1414
?>
1415
</td>
1416
<td><?php echo $order->gateway; ?>
1417
+ <?php
1418
+ if ( $order->gateway_environment == 'test' ) {
1419
+ echo '(test)';
1420
+ }
1421
?>
1422
+ </td>
1423
<td>
1424
+ <?php esc_html_e( 'Payment', 'paid-memberships-pro' ); ?>:
1425
+ <?php
1426
+ if ( ! empty( $order->payment_transaction_id ) ) {
1427
+ echo esc_html( $order->payment_transaction_id );
1428
+ } else {
1429
+ esc_html_e( 'N/A', 'paid-memberships-pro' );
1430
+ }
1431
?>
1432
<br/>
1433
+ <?php esc_html_e( 'Subscription', 'paid-memberships-pro' ); ?>
1434
:
1435
<?php
1436
if ( ! empty( $order->subscription_transaction_id ) ) {
1437
+ echo esc_html( $order->subscription_transaction_id );
1438
} else {
1439
+ esc_html_e( 'N/A', 'paid-memberships-pro' );
1440
}
1441
?>
1442
</td>
1443
+ <td><?php echo esc_html( $order->status ); ?></td>
1444
<td>
1445
+ <?php echo esc_html( date_i18n( get_option( 'date_format' ), $order->timestamp ) ); ?><br/>
1446
+ <?php echo esc_html( date_i18n( get_option( 'time_format' ), $order->timestamp ) ); ?>
1447
</td>
1448
<td>
1449
<?php if ( $order->getDiscountCode() ) { ?>
1450
+ <a title="<?php esc_attr_e('edit', 'paid-memberships-pro' ); ?>" href="<?php echo esc_url( add_query_arg( array( 'page' => 'pmpro-discountcodes', 'edit' => $order->discount_code->id ), admin_url('admin.php' ) ) ); ?>">
1451
+ <?php echo esc_html( $order->discount_code->code ); ?>
1452
</a>
1453
<?php } ?>
1454
</td>
1459
if ( ! $order_ids ) {
1460
?>
1461
<tr>
1462
+ <td colspan="9"><p><?php esc_html_e( 'No orders found.', 'paid-memberships-pro' ); ?></p></td>
1463
</tr>
1464
<?php
1465
}
1469
</form>
1470
<?php
1471
// add normal args
1472
+ $pagination_url = esc_url( add_query_arg( $url_params, get_admin_url( null, '/admin.php?page=pmpro-orders' ) ) );
1473
echo pmpro_getPaginationString( $pn, $totalrows, $limit, 1, $pagination_url, "&limit=$limit&pn=" );
1474
?>
1475
classes/class-pmpro-admin-activity-email.php CHANGED
@@ -405,7 +405,7 @@ class PMPro_Admin_Activity_Email extends PMProEmail {
405
}
406
$this->email = $recipient;
407
408
- $this->subject = sprintf( __( '[%1$s] Paid Memberships Pro Activity for %2$s: %3$s', 'paid-memberships-pro' ), get_bloginfo( 'name' ), ucwords( $term ), $date_range );
409
$this->template = 'admin_activity_email';
410
$this->body = $admin_activity_email_body;
411
$this->from = pmpro_getOption( 'from' );
405
}
406
$this->email = $recipient;
407
408
+ $this->subject = sprintf( __( '[%1$s] PMPro Activity for %2$s: %3$s', 'paid-memberships-pro' ), get_bloginfo( 'name' ), ucwords( $term ), $date_range );
409
$this->template = 'admin_activity_email';
410
$this->body = $admin_activity_email_body;
411
$this->from = pmpro_getOption( 'from' );
classes/class.memberorder.php CHANGED
@@ -654,11 +654,11 @@
654
$after_action = "pmpro_updated_order";
655
//update
656
$this->sqlQuery = "UPDATE $wpdb->pmpro_membership_orders
657
- SET `code` = '" . $this->code . "',
658
- `session_id` = '" . $this->session_id . "',
659
`user_id` = " . intval($this->user_id) . ",
660
`membership_id` = " . intval($this->membership_id) . ",
661
- `paypal_token` = '" . $this->paypal_token . "',
662
`billing_name` = '" . esc_sql($this->billing->name) . "',
663
`billing_street` = '" . esc_sql($this->billing->street) . "',
664
`billing_city` = '" . esc_sql($this->billing->city) . "',
@@ -666,20 +666,20 @@
666
`billing_zip` = '" . esc_sql($this->billing->zip) . "',
667
`billing_country` = '" . esc_sql($this->billing->country) . "',
668
`billing_phone` = '" . esc_sql($this->billing->phone) . "',
669
- `subtotal` = '" . $this->subtotal . "',
670
- `tax` = '" . $this->tax . "',
671
- `couponamount` = '" . $this->couponamount . "',
672
`certificate_id` = " . intval($this->certificate_id) . ",
673
- `certificateamount` = '" . $this->certificateamount . "',
674
- `total` = '" . $this->total . "',
675
- `payment_type` = '" . $this->payment_type . "',
676
- `cardtype` = '" . $this->cardtype . "',
677
- `accountnumber` = '" . $this->accountnumber . "',
678
- `expirationmonth` = '" . $this->expirationmonth . "',
679
- `expirationyear` = '" . $this->expirationyear . "',
680
`status` = '" . esc_sql($this->status) . "',
681
- `gateway` = '" . $this->gateway . "',
682
- `gateway_environment` = '" . $this->gateway_environment . "',
683
`payment_transaction_id` = '" . esc_sql($this->payment_transaction_id) . "',
684
`subscription_transaction_id` = '" . esc_sql($this->subscription_transaction_id) . "',
685
`timestamp` = '" . esc_sql($this->datetime) . "',
@@ -687,7 +687,7 @@
687
`affiliate_subid` = '" . esc_sql($this->affiliate_subid) . "',
688
`notes` = '" . esc_sql($this->notes) . "',
689
`checkout_id` = " . intval($this->checkout_id) . "
690
- WHERE id = '" . $this->id . "'
691
LIMIT 1";
692
}
693
else
@@ -705,32 +705,32 @@
705
//insert
706
$this->sqlQuery = "INSERT INTO $wpdb->pmpro_membership_orders
707
(`code`, `session_id`, `user_id`, `membership_id`, `paypal_token`, `billing_name`, `billing_street`, `billing_city`, `billing_state`, `billing_zip`, `billing_country`, `billing_phone`, `subtotal`, `tax`, `couponamount`, `certificate_id`, `certificateamount`, `total`, `payment_type`, `cardtype`, `accountnumber`, `expirationmonth`, `expirationyear`, `status`, `gateway`, `gateway_environment`, `payment_transaction_id`, `subscription_transaction_id`, `timestamp`, `affiliate_id`, `affiliate_subid`, `notes`, `checkout_id`)
708
- VALUES('" . $this->code . "',
709
- '" . session_id() . "',
710
" . intval($this->user_id) . ",
711
" . intval($this->membership_id) . ",
712
- '" . $this->paypal_token . "',
713
'" . esc_sql(trim($this->billing->name)) . "',
714
'" . esc_sql(trim($this->billing->street)) . "',
715
'" . esc_sql($this->billing->city) . "',
716
'" . esc_sql($this->billing->state) . "',
717
'" . esc_sql($this->billing->zip) . "',
718
'" . esc_sql($this->billing->country) . "',
719
- '" . cleanPhone($this->billing->phone) . "',
720
- '" . $this->subtotal . "',
721
- '" . $tax . "',
722
- '" . $this->couponamount. "',
723
" . intval($this->certificate_id) . ",
724
- '" . $this->certificateamount . "',
725
- '" . $total . "',
726
- '" . $this->payment_type . "',
727
- '" . $this->cardtype . "',
728
- '" . hideCardNumber($this->accountnumber, false) . "',
729
- '" . $this->expirationmonth . "',
730
- '" . $this->expirationyear . "',
731
'" . esc_sql($this->status) . "',
732
- '" . $this->gateway . "',
733
- '" . $this->gateway_environment . "',
734
'" . esc_sql($this->payment_transaction_id) . "',
735
'" . esc_sql($this->subscription_transaction_id) . "',
736
'" . esc_sql($this->datetime) . "',
654
$after_action = "pmpro_updated_order";
655
//update
656
$this->sqlQuery = "UPDATE $wpdb->pmpro_membership_orders
657
+ SET `code` = '" . esc_sql( $this->code ) . "',
658
+ `session_id` = '" . esc_sql( $this->session_id ) . "',
659
`user_id` = " . intval($this->user_id) . ",
660
`membership_id` = " . intval($this->membership_id) . ",
661
+ `paypal_token` = '" . esc_sql( $this->paypal_token ) . "',
662
`billing_name` = '" . esc_sql($this->billing->name) . "',
663
`billing_street` = '" . esc_sql($this->billing->street) . "',
664
`billing_city` = '" . esc_sql($this->billing->city) . "',
666
`billing_zip` = '" . esc_sql($this->billing->zip) . "',
667
`billing_country` = '" . esc_sql($this->billing->country) . "',
668
`billing_phone` = '" . esc_sql($this->billing->phone) . "',
669
+ `subtotal` = '" . esc_sql( $this->subtotal ) . "',
670
+ `tax` = '" . esc_sql( $this->tax ) . "',
671
+ `couponamount` = '" . esc_sql( $this->couponamount ) . "',
672
`certificate_id` = " . intval($this->certificate_id) . ",
673
+ `certificateamount` = '" . esc_sql( $this->certificateamount ) . "',
674
+ `total` = '" . esc_sql( $this->total ) . "',
675
+ `payment_type` = '" . esc_sql( $this->payment_type ) . "',
676
+ `cardtype` = '" . esc_sql( $this->cardtype ) . "',
677
+ `accountnumber` = '" . esc_sql( $this->accountnumber ) . "',
678
+ `expirationmonth` = '" . esc_sql( $this->expirationmonth ) . "',
679
+ `expirationyear` = '" . esc_sql( $this->expirationyear ) . "',
680
`status` = '" . esc_sql($this->status) . "',
681
+ `gateway` = '" . esc_sql( $this->gateway ) . "',
682
+ `gateway_environment` = '" . esc_sql( $this->gateway_environment ) . "',
683
`payment_transaction_id` = '" . esc_sql($this->payment_transaction_id) . "',
684
`subscription_transaction_id` = '" . esc_sql($this->subscription_transaction_id) . "',
685
`timestamp` = '" . esc_sql($this->datetime) . "',
687
`affiliate_subid` = '" . esc_sql($this->affiliate_subid) . "',
688
`notes` = '" . esc_sql($this->notes) . "',
689
`checkout_id` = " . intval($this->checkout_id) . "
690
+ WHERE id = '" . esc_sql( $this->id ) . "'
691
LIMIT 1";
692
}
693
else
705
//insert
706
$this->sqlQuery = "INSERT INTO $wpdb->pmpro_membership_orders
707
(`code`, `session_id`, `user_id`, `membership_id`, `paypal_token`, `billing_name`, `billing_street`, `billing_city`, `billing_state`, `billing_zip`, `billing_country`, `billing_phone`, `subtotal`, `tax`, `couponamount`, `certificate_id`, `certificateamount`, `total`, `payment_type`, `cardtype`, `accountnumber`, `expirationmonth`, `expirationyear`, `status`, `gateway`, `gateway_environment`, `payment_transaction_id`, `subscription_transaction_id`, `timestamp`, `affiliate_id`, `affiliate_subid`, `notes`, `checkout_id`)
708
+ VALUES('" . esc_sql( $this->code ) . "',
709
+ '" . esc_sql( session_id() ) . "',
710
" . intval($this->user_id) . ",
711
" . intval($this->membership_id) . ",
712
+ '" . esc_sql( $this->paypal_token ) . "',
713
'" . esc_sql(trim($this->billing->name)) . "',
714
'" . esc_sql(trim($this->billing->street)) . "',
715
'" . esc_sql($this->billing->city) . "',
716
'" . esc_sql($this->billing->state) . "',
717
'" . esc_sql($this->billing->zip) . "',
718
'" . esc_sql($this->billing->country) . "',
719
+ '" . esc_sql( cleanPhone($this->billing->phone) ) . "',
720
+ '" . esc_sql( $this->subtotal ) . "',
721
+ '" . esc_sql( $tax ) . "',
722
+ '" . esc_sql( $this->couponamount ). "',
723
" . intval($this->certificate_id) . ",
724
+ '" . esc_sql( $this->certificateamount ) . "',
725
+ '" . esc_sql( $total ) . "',
726
+ '" . esc_sql( $this->payment_type ) . "',
727
+ '" . esc_sql( $this->cardtype ) . "',
728
+ '" . esc_sql( hideCardNumber($this->accountnumber, false) ) . "',
729
+ '" . esc_sql( $this->expirationmonth ) . "',
730
+ '" . esc_sql( $this->expirationyear ) . "',
731
'" . esc_sql($this->status) . "',
732
+ '" . esc_sql( $this->gateway ) . "',
733
+ '" . esc_sql( $this->gateway_environment ) . "',
734
'" . esc_sql($this->payment_transaction_id) . "',
735
'" . esc_sql($this->subscription_transaction_id) . "',
736
'" . esc_sql($this->datetime) . "',
includes/admin.php CHANGED
@@ -32,7 +32,13 @@ add_action( 'admin_init', 'pmpro_admin_init_redirect_to_dashboard' );
32
function pmpro_block_dashboard() {
33
global $current_user;
34
$block_dashboard = pmpro_getOption( 'block_dashboard' );
35
- if ( ! wp_doing_ajax() && ! empty( $block_dashboard ) && in_array( 'subscriber', (array) $current_user->roles ) ) {
36
$block = true;
37
} else {
38
$block = false;
32
function pmpro_block_dashboard() {
33
global $current_user;
34
$block_dashboard = pmpro_getOption( 'block_dashboard' );
35
+
36
+ if ( ! wp_doing_ajax()
37
+ && ! empty( $block_dashboard )
38
+ && ! current_user_can( 'manage_options' )
39
+ && ! current_user_can( 'edit_users' )
40
+ && ! current_user_can( 'edit_posts' )
41
+ && in_array( 'subscriber', (array) $current_user->roles ) ) {
42
$block = true;
43
} else {
44
$block = false;
includes/functions.php CHANGED
@@ -1074,6 +1074,10 @@ function pmpro_changeMembershipLevel( $level, $user_id = null, $old_level_status
1074
1075
if ( ! empty( $c_order->error ) ) {
1076
$pmpro_error = $c_order->error;
1077
}
1078
}
1079
}
@@ -3255,4 +3259,4 @@ function pmpro_int_compare( $a, $b, $operator ) {
3255
}
3256
3257
return $r;
3258
- }
1074
1075
if ( ! empty( $c_order->error ) ) {
1076
$pmpro_error = $c_order->error;
1077
+ } else {
1078
+ if( $old_level_status == 'error' ) {
1079
+ $c_order->updateStatus("error");
1080
+ }
1081
}
1082
}
1083
}
3259
}
3260
3261
return $r;
3262
+ }
includes/scripts.php CHANGED
@@ -69,10 +69,22 @@ function pmpro_enqueue_scripts() {
69
array( 'jquery', 'password-strength-meter' ),
70
PMPRO_VERSION );
71
72
wp_localize_script( 'pmpro_login', 'pmpro', array(
73
'pmpro_login_page' => 'changepassword',
74
'strength_indicator_text' => __( 'Strength Indicator', 'paid-memberships-pro' ),
75
- ));
76
wp_enqueue_script( 'pmpro_login' );
77
}
78
}
69
array( 'jquery', 'password-strength-meter' ),
70
PMPRO_VERSION );
71
72
+ /**
73
+ * Filter to allow weak passwords on the
74
+ * change password and reset password forms.
75
+ * At this time, this only disables the JS check on the frontend.
76
+ * There is no backend check for weak passwords on those forms.
77
+ *
78
+ * @since 2.3.3
79
+ *
80
+ * @param bool $allow_weak_passwords Whether to allow weak passwords.
81
+ */
82
+ $allow_weak_passwords = apply_filters( 'pmpro_allow_weak_passwords', false );
83
+
84
wp_localize_script( 'pmpro_login', 'pmpro', array(
85
'pmpro_login_page' => 'changepassword',
86
'strength_indicator_text' => __( 'Strength Indicator', 'paid-memberships-pro' ),
87
+ 'allow_weak_passwords' => $allow_weak_passwords ) );
88
wp_enqueue_script( 'pmpro_login' );
89
}
90
}
js/pmpro-login.js CHANGED
@@ -29,11 +29,15 @@ jQuery(document).ready(function(){
29
switch ( strength ) {
30
case -1:
31
indicator.addClass( 'empty' ).html( '&nbsp;' );
32
- submitbutton.prop( 'disabled', true );
33
break;
34
case 2:
35
indicator.addClass( 'bad' ).html( pwsL10n.bad );
36
- submitbutton.prop( 'disabled', true );
37
break;
38
case 3:
39
indicator.addClass( 'good' ).html( pwsL10n.good );
@@ -49,7 +53,9 @@ jQuery(document).ready(function(){
49
break;
50
default:
51
indicator.addClass( 'short' ).html( pwsL10n['short'] );
52
- submitbutton.prop( 'disabled', true );
53
}
54
}
55
29
switch ( strength ) {
30
case -1:
31
indicator.addClass( 'empty' ).html( '&nbsp;' );
32
+ if ( pmpro.allow_weak_passwords === '' ) {
33
+ submitbutton.prop( 'disabled', true );
34
+ }
35
break;
36
case 2:
37
indicator.addClass( 'bad' ).html( pwsL10n.bad );
38
+ if ( pmpro.allow_weak_passwords === '' ) {
39
+ submitbutton.prop( 'disabled', true );
40
+ }
41
break;
42
case 3:
43
indicator.addClass( 'good' ).html( pwsL10n.good );
53
break;
54
default:
55
indicator.addClass( 'short' ).html( pwsL10n['short'] );
56
+ if ( pmpro.allow_weak_passwords === '' ) {
57
+ submitbutton.prop( 'disabled', true );
58
+ }
59
}
60
}
61
paid-memberships-pro.php CHANGED
@@ -3,7 +3,7 @@
3
* Plugin Name: Paid Memberships Pro
4
* Plugin URI: https://www.paidmembershipspro.com
5
* Description: The most complete member management and membership subscriptions plugin for WordPress.
6
- * Version: 2.3.2
7
* Author: Stranger Studios
8
* Author URI: https://www.strangerstudios.com
9
* Text Domain: paid-memberships-pro
@@ -16,7 +16,7 @@
16
*/
17
18
// version constant
19
- define( 'PMPRO_VERSION', '2.3.2' );
20
define( 'PMPRO_USER_AGENT', 'Paid Memberships Pro v' . PMPRO_VERSION . '; ' . site_url() );
21
define( 'PMPRO_MIN_PHP_VERSION', '5.6' );
22
@@ -139,7 +139,7 @@ if ( ! defined( 'SITEURL' ) ) {
139
if ( ! defined( 'SECUREURL' ) ) {
140
define( 'SECUREURL', str_replace( 'http://', 'https://', get_bloginfo( 'wpurl' ) ) );
141
}
142
- define( 'PMPRO_URL', WP_PLUGIN_URL . '/paid-memberships-pro' );
143
define( 'PMPRO_DOMAIN', pmpro_getDomainFromURL( site_url() ) );
144
define( 'PAYPAL_BN_CODE', 'PaidMembershipsPro_SP' );
145
3
* Plugin Name: Paid Memberships Pro
4
* Plugin URI: https://www.paidmembershipspro.com
5
* Description: The most complete member management and membership subscriptions plugin for WordPress.
6
+ * Version: 2.3.3
7
* Author: Stranger Studios
8
* Author URI: https://www.strangerstudios.com
9
* Text Domain: paid-memberships-pro
16
*/
17
18
// version constant
19
+ define( 'PMPRO_VERSION', '2.3.3' );
20
define( 'PMPRO_USER_AGENT', 'Paid Memberships Pro v' . PMPRO_VERSION . '; ' . site_url() );
21
define( 'PMPRO_MIN_PHP_VERSION', '5.6' );
22
139
if ( ! defined( 'SECUREURL' ) ) {
140
define( 'SECUREURL', str_replace( 'http://', 'https://', get_bloginfo( 'wpurl' ) ) );
141
}
142
+ define( 'PMPRO_URL', plugins_url( '', PMPRO_BASE_FILE ) );
143
define( 'PMPRO_DOMAIN', pmpro_getDomainFromURL( site_url() ) );
144
define( 'PAYPAL_BN_CODE', 'PaidMembershipsPro_SP' );
145
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: strangerstudios, kimannwall, andrewza, dlparker1005
3
Tags: memberships, members, subscriptions, ecommerce, user registration, member, membership, e-commerce, paypal, stripe, braintree, authorize.net, payflow, restrict access, restrict content, directory
4
Requires at least: 4
5
Tested up to: 5.4.1
6
- Stable tag: 2.3.2
7
8
Get Paid with Paid Memberships Pro: The most complete member management and membership subscriptions plugin for your WordPress site.
9
@@ -153,13 +153,24 @@ Not sure? You can find out by doing a bit a research.
153
8. Membership Account page, display all sections or show specific sections using shortcode attributes.
154
155
== Changelog ==
156
- = 2.3.2 2020-05-07 =
157
* BUG FIX: Fixed errors calling is_main_query() that came up with certain themes.
158
* BUG FIX: Fixed typo in the pmpro_account_profile_action_links filter.
159
* BUG FIX/ENHANCEMENT: Added a new force parameter to the pmpro_getAllLevels() function. This is used by the Multisite Membership Add On to fix an issue where levels were missing or incorrect on the subsites.
160
* ENHANCEMENT: Removed mention of the ezAdsense plugin, which has been discontinued.
161
162
- = 2.3.1 2020-05-01 =
163
* BUG FIX: Fixed infinite redirect issue if no account page was set. Fixed a few other places where we do is_page() type checks just in case.
164
* BUG FIX: Fixed issue where all pages were retitled to Welcome when logged in, if no login page was set.
165
* BUG FIX: Fixed issue with BuddyBoss and other themes/plugins that use the_title filter with only one parameter.
3
Tags: memberships, members, subscriptions, ecommerce, user registration, member, membership, e-commerce, paypal, stripe, braintree, authorize.net, payflow, restrict access, restrict content, directory
4
Requires at least: 4
5
Tested up to: 5.4.1
6
+ Stable tag: 2.3.3
7
8
Get Paid with Paid Memberships Pro: The most complete member management and membership subscriptions plugin for your WordPress site.
9
153
8. Membership Account page, display all sections or show specific sections using shortcode attributes.
154
155
== Changelog ==
156
+ = 2.3.3 - 2020-05-13 =
157
+ * SECURITY: Fixed SQL injection vulnerability when logged in as an administrator and adding new orders in the dashboard. JVN#20248858 (Thanks, Kenichi Okuno of Mitsui Bussan Secure Directions, Inc)
158
+ * SECURITY: Making sure to properly escape all values on the add/edit order form in the dashboard.
159
+ * BUG FIX: Now properly setting the order status to "error" when an initial payment fails when using PayPal Express. Before the order status would be set as "cancelled", which would count the order toward reports and make it harder to find orders that had errors. (Thanks, Mirco Babini)
160
+ * BUG FIX: Fixed issue with the PMPro logo and some other assets loading over the wrong schema (http vs https) in some cases.
161
+ * BUG FIX: Fixed issue where the chosen discount code was not shown after submitting when adding a new order through the dashboard.
162
+ * BUG FIX/ENHANCEMENT: Using "PMPro" in the admin activity email subject to keep the line shorter and avoid issues when replacing the word "member" via gettext.
163
+ * ENHANCEMENT: Added a pmpro_allow_weak_passwords filter. You can set this to return true (like this https://gist.github.com/ideadude/5a12119b9ce1c2aad87b2d69cb8f9505) to allow weak passwords on the change password and reset password pages. Note that at this time, weak passwords are still allowed on the checkout page no matter the value of this filter. We expect to change that in the future. For now, you can use our PMPro Strong Passwords plugin to force strong passwords at checkout.
164
+ * REFACTOR: Updated the logic around checking the PMPRO_IPN_DEBUG constant in the IPN handler. (Thanks, Mirco Babini)
165
+
166
+ = 2.3.2 - 2020-05-07 =
167
* BUG FIX: Fixed errors calling is_main_query() that came up with certain themes.
168
* BUG FIX: Fixed typo in the pmpro_account_profile_action_links filter.
169
* BUG FIX/ENHANCEMENT: Added a new force parameter to the pmpro_getAllLevels() function. This is used by the Multisite Membership Add On to fix an issue where levels were missing or incorrect on the subsites.
170
* ENHANCEMENT: Removed mention of the ezAdsense plugin, which has been discontinued.
171
+ * ENHANCEMENT: Added $recipient param in sendAdminActivity() function so you can send additional activity emails like this https://gist.github.com/dparker1005/6bf650370a12aef44adf8c8c26d3e906
172
173
+ = 2.3.1 - 2020-05-01 =
174
* BUG FIX: Fixed infinite redirect issue if no account page was set. Fixed a few other places where we do is_page() type checks just in case.
175
* BUG FIX: Fixed issue where all pages were retitled to Welcome when logged in, if no login page was set.
176
* BUG FIX: Fixed issue with BuddyBoss and other themes/plugins that use the_title filter with only one parameter.
services/ipnhandler.php CHANGED
@@ -361,22 +361,27 @@ function pmpro_ipnExit() {
361
362
echo $logstr;
363
364
- //log in file or email?
365
- if ( defined( 'PMPRO_IPN_DEBUG' ) && PMPRO_IPN_DEBUG === "log" ) {
366
- //file
367
- $loghandle = fopen( dirname( __FILE__ ) . "/../logs/ipn.txt", "a+" );
368
- fwrite( $loghandle, $logstr );
369
- fclose( $loghandle );
370
- } elseif ( defined( 'PMPRO_IPN_DEBUG' ) ) {
371
- //email
372
- if ( strpos( PMPRO_IPN_DEBUG, "@" ) ) {
373
- $log_email = PMPRO_IPN_DEBUG;
374
- } //constant defines a specific email address
375
- else {
376
- $log_email = get_option( "admin_email" );
377
}
378
-
379
- wp_mail( $log_email, get_option( "blogname" ) . " IPN Log", nl2br( $logstr ) );
380
}
381
}
382
361
362
echo $logstr;
363
364
+ //log or dont log? log in file or email?
365
+ //- dont log if constant is undefined or defined but false
366
+ //- log to file if constant is set to TRUE or 'log'
367
+ //- log to file if constant is defined to a valid email address
368
+ if ( defined( 'PMPRO_IPN_DEBUG' ) ) {
369
+ if( PMPRO_IPN_DEBUG === false ){
370
+ //dont log here. false mean no.
371
+ //should avoid counterintuitive interpretation of false.
372
+ } elseif ( PMPRO_IPN_DEBUG === "log" ) {
373
+ //file
374
+ $logfile = apply_filters( 'pmpro_ipn_logfile', dirname( __FILE__ ) . "/../logs/ipn.txt" );
375
+ $loghandle = fopen( $logfile, "a+" );
376
+ fwrite( $loghandle, $logstr );
377
+ fclose( $loghandle );
378
+ } elseif ( is_email( PMPRO_IPN_DEBUG ) ) {
379
+ //email to specified address
380
+ wp_mail( PMPRO_IPN_DEBUG, get_option( "blogname" ) . " IPN Log", nl2br( $logstr ) );
381
+ } else {
382
+ //email to admin
383
+ wp_mail( get_option( "admin_email" ), get_option( "blogname" ) . " IPN Log", nl2br( $logstr ) );
384
}
385
}
386
}
387