s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 150203

Version Description

= v150203 =

(Maintenance Release) Upgrade immediately.

Download this release

Release Info

Developer JasWSInc
Plugin Icon 128x128 s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version 150203
Comparing to
See all releases

Code changes from version 150102 to 150203

Files changed (209) hide show
  1. changelog.md +18 -0
  2. checksum.txt +1 -1
  3. includes/classes/access-cap-times.inc.php +1 -1
  4. includes/classes/admin-css-js-in.inc.php +1 -1
  5. includes/classes/admin-css-js.inc.php +1 -1
  6. includes/classes/admin-lockouts.inc.php +1 -1
  7. includes/classes/admin-notices.inc.php +1 -1
  8. includes/classes/auto-eots.inc.php +279 -277
  9. includes/classes/aweber-e.inc.php +1 -1
  10. includes/classes/aweber.inc.php +1 -1
  11. includes/classes/brute-force.inc.php +1 -1
  12. includes/classes/cache.inc.php +1 -1
  13. includes/classes/catgs-sp.inc.php +1 -1
  14. includes/classes/catgs.inc.php +1 -1
  15. includes/classes/check-activation.inc.php +1 -1
  16. includes/classes/constants.inc.php +1 -1
  17. includes/classes/cron-jobs-in.inc.php +1 -1
  18. includes/classes/cron-jobs.inc.php +1 -1
  19. includes/classes/css-js-in.inc.php +1 -1
  20. includes/classes/css-js-themes.inc.php +1 -1
  21. includes/classes/css-js.inc.php +1 -1
  22. includes/classes/custom-reg-fields-4bp.inc.php +1 -1
  23. includes/classes/custom-reg-fields.inc.php +1 -1
  24. includes/classes/database.inc.php +1 -1
  25. includes/classes/email-configs.inc.php +1 -1
  26. includes/classes/files-in.inc.php +182 -23
  27. includes/classes/files.inc.php +374 -356
  28. includes/classes/getresponse.inc.php +1 -1
  29. includes/classes/installation.inc.php +10 -4
  30. includes/classes/ip-restrictions.inc.php +1 -1
  31. includes/classes/labels.inc.php +1 -1
  32. includes/classes/list-server-base.inc.php +1 -1
  33. includes/classes/list-servers.inc.php +1 -1
  34. includes/classes/login-checks.inc.php +1 -1
  35. includes/classes/login-customizations.inc.php +1 -1
  36. includes/classes/login-redirects-r.inc.php +1 -1
  37. includes/classes/login-redirects.inc.php +1 -1
  38. includes/classes/mailchimp-o.inc.php +1 -1
  39. includes/classes/mailchimp.inc.php +1 -1
  40. includes/classes/menu-pages-rs.inc.php +1 -1
  41. includes/classes/menu-pages-tb.inc.php +75 -74
  42. includes/classes/menu-pages.inc.php +1 -1
  43. includes/classes/meta-box-saves.inc.php +1 -1
  44. includes/classes/meta-box-security.inc.php +1 -1
  45. includes/classes/meta-boxes.inc.php +1 -1
  46. includes/classes/mms-patches.inc.php +1 -1
  47. includes/classes/mo-page-in.inc.php +1 -1
  48. includes/classes/mo-page.inc.php +1 -1
  49. includes/classes/no-cache.inc.php +23 -8
  50. includes/classes/op-notices.inc.php +1 -1
  51. includes/classes/option-forces.inc.php +1 -1
  52. includes/classes/pages-sp.inc.php +1 -1
  53. includes/classes/pages.inc.php +1 -1
  54. includes/classes/paypal-notify-in-billing-agreement-signup.inc.php +1 -1
  55. includes/classes/paypal-notify-in-cart.inc.php +1 -1
  56. includes/classes/paypal-notify-in-express-checkout.inc.php +1 -1
  57. includes/classes/paypal-notify-in-rec-profile-creation-w-level.inc.php +1 -1
  58. includes/classes/paypal-notify-in-send-money.inc.php +1 -1
  59. includes/classes/paypal-notify-in-sp-refund-reversal.inc.php +1 -1
  60. includes/classes/paypal-notify-in-subscr-modify-w-level.inc.php +1 -1
  61. includes/classes/paypal-notify-in-subscr-or-rp-cancellation-w-level.inc.php +1 -1
  62. includes/classes/paypal-notify-in-subscr-or-rp-eots-w-level.inc.php +3 -4
  63. includes/classes/paypal-notify-in-subscr-or-rp-payment-failed-w-level.inc.php +1 -1
  64. includes/classes/paypal-notify-in-subscr-or-rp-payment-w-level.inc.php +1 -1
  65. includes/classes/paypal-notify-in-subscr-or-wa-w-level.inc.php +20 -1
  66. includes/classes/paypal-notify-in-virtual-terminal.inc.php +1 -1
  67. includes/classes/paypal-notify-in-wa-ccaps-wo-level.inc.php +12 -1
  68. includes/classes/paypal-notify-in-web-accept-sp.inc.php +12 -1
  69. includes/classes/paypal-notify-in.inc.php +1 -1
  70. includes/classes/paypal-notify.inc.php +1 -1
  71. includes/classes/paypal-return-in-no-tx-data.inc.php +1 -1
  72. includes/classes/paypal-return-in-proxy-ty-email.inc.php +1 -1
  73. includes/classes/paypal-return-in-proxy-x-preview.inc.php +1 -1
  74. includes/classes/paypal-return-in-subscr-modify-w-level.inc.php +1 -1
  75. includes/classes/paypal-return-in-subscr-or-wa-w-level.inc.php +1 -1
  76. includes/classes/paypal-return-in-wa-ccaps-wo-level.inc.php +1 -1
  77. includes/classes/paypal-return-in-web-accept-sp.inc.php +1 -1
  78. includes/classes/paypal-return-in.inc.php +1 -1
  79. includes/classes/paypal-return.inc.php +1 -1
  80. includes/classes/paypal-utilities.inc.php +1 -1
  81. includes/classes/posts-sp.inc.php +1 -1
  82. includes/classes/posts.inc.php +1 -1
  83. includes/classes/profile-in.inc.php +1 -1
  84. includes/classes/profile-mods-4bp-in.inc.php +1 -1
  85. includes/classes/profile-mods-4bp.inc.php +1 -1
  86. includes/classes/profile-mods-in.inc.php +2 -2
  87. includes/classes/profile-mods.inc.php +1 -1
  88. includes/classes/profile.inc.php +1 -1
  89. includes/classes/ptags-sp.inc.php +1 -1
  90. includes/classes/ptags.inc.php +1 -1
  91. includes/classes/querys.inc.php +1 -1
  92. includes/classes/readmes.inc.php +1 -1
  93. includes/classes/register-access.inc.php +1 -1
  94. includes/classes/register-in.inc.php +1 -1
  95. includes/classes/register.inc.php +1 -1
  96. includes/classes/registration-times.inc.php +1 -1
  97. includes/classes/registrations.inc.php +16 -15
  98. includes/classes/return-templates.inc.php +1 -1
  99. includes/classes/roles-caps.inc.php +1 -1
  100. includes/classes/ruris-sp.inc.php +1 -1
  101. includes/classes/ruris.inc.php +1 -1
  102. includes/classes/s-badge-status-in.inc.php +1 -1
  103. includes/classes/s-badge-status.inc.php +1 -1
  104. includes/classes/sc-files-in.inc.php +1 -1
  105. includes/classes/sc-files.inc.php +1 -1
  106. includes/classes/sc-gets-in.inc.php +1 -1
  107. includes/classes/sc-gets.inc.php +1 -1
  108. includes/classes/sc-if-conds-in.inc.php +1 -1
  109. includes/classes/sc-if-conds.inc.php +1 -1
  110. includes/classes/sc-keys-in.inc.php +1 -1
  111. includes/classes/sc-keys.inc.php +1 -1
  112. includes/classes/sc-paypal-button-e.inc.php +1 -1
  113. includes/classes/sc-paypal-button-in.inc.php +1 -1
  114. includes/classes/sc-paypal-button.inc.php +1 -1
  115. includes/classes/sc-profile-in.inc.php +1 -1
  116. includes/classes/sc-profile.inc.php +1 -1
  117. includes/classes/sc-s-badge-in.inc.php +1 -1
  118. includes/classes/sc-s-badge.inc.php +1 -1
  119. includes/classes/security.inc.php +1 -1
  120. includes/classes/sp-access.inc.php +3 -3
  121. includes/classes/ssl-in.inc.php +1 -1
  122. includes/classes/ssl.inc.php +1 -1
  123. includes/classes/systematics-sp.inc.php +1 -1
  124. includes/classes/systematics.inc.php +1 -1
  125. includes/classes/tracking-codes.inc.php +1 -1
  126. includes/classes/tracking-cookies-in.inc.php +1 -1
  127. includes/classes/tracking-cookies.inc.php +1 -1
  128. includes/classes/translations.inc.php +1 -1
  129. includes/classes/user-access.inc.php +159 -162
  130. includes/classes/user-deletions.inc.php +2 -1
  131. includes/classes/user-new-in.inc.php +1 -1
  132. includes/classes/user-new.inc.php +1 -1
  133. includes/classes/user-notes.inc.php +1 -1
  134. includes/classes/user-securities.inc.php +1 -1
  135. includes/classes/users-list-in.inc.php +527 -529
  136. includes/classes/users-list.inc.php +1 -1
  137. includes/classes/utilities.inc.php +208 -201
  138. includes/classes/utils-arrays.inc.php +1 -1
  139. includes/classes/utils-captchas.inc.php +1 -1
  140. includes/classes/utils-conds.inc.php +1 -1
  141. includes/classes/utils-css.inc.php +1 -1
  142. includes/classes/utils-cur.inc.php +1 -1
  143. includes/classes/utils-dirs.inc.php +1 -1
  144. includes/classes/utils-encryption.inc.php +215 -167
  145. includes/classes/utils-forms.inc.php +1 -1
  146. includes/classes/utils-gets.inc.php +1 -1
  147. includes/classes/utils-html.inc.php +1 -1
  148. includes/classes/utils-logs.inc.php +1 -1
  149. includes/classes/utils-s2o.inc.php +127 -121
  150. includes/classes/utils-strings.inc.php +623 -533
  151. includes/classes/utils-time.inc.php +1 -1
  152. includes/classes/utils-urls.inc.php +1 -3
  153. includes/classes/utils-users.inc.php +1 -1
  154. includes/classes/wp-footer.inc.php +1 -1
  155. includes/codes.inc.php +1 -1
  156. includes/funcs.inc.php +1 -1
  157. includes/functions/api-functions.inc.php +1 -1
  158. includes/functions/class-autoloader.inc.php +1 -1
  159. includes/functions/deprecated.inc.php +1 -1
  160. includes/functions/pluggables.inc.php +1 -1
  161. includes/hooks.inc.php +1 -1
  162. includes/menu-pages/api-ops.inc.php +1 -1
  163. includes/menu-pages/down-ops.inc.php +111 -84
  164. includes/menu-pages/els-ops.inc.php +1 -1
  165. includes/menu-pages/gen-ops.inc.php +1 -1
  166. includes/menu-pages/info.inc.php +1 -1
  167. includes/menu-pages/integrations.inc.php +1 -1
  168. includes/menu-pages/logs.inc.php +1 -1
  169. includes/menu-pages/menu-pages.css +87 -4
  170. includes/menu-pages/mms-ops.inc.php +1 -1
  171. includes/menu-pages/paypal-buttons.inc.php +1 -1
  172. includes/menu-pages/paypal-ops.inc.php +1 -1
  173. includes/menu-pages/res-ops.inc.php +1 -1
  174. includes/menu-pages/scripting.inc.php +2 -2
  175. includes/menu-pages/start.inc.php +1 -1
  176. includes/menu-pages/trk-ops.inc.php +1 -1
  177. includes/menu-pages/updates.inc.php +1 -1
  178. includes/syscon.inc.php +6 -5
  179. includes/templates/badges/s-badge.php +1 -1
  180. includes/templates/buttons/paypal-cancellation-button.php +1 -1
  181. includes/templates/buttons/paypal-ccaps-checkout-button.php +1 -1
  182. includes/templates/buttons/paypal-checkout-button.php +1 -1
  183. includes/templates/buttons/paypal-sp-checkout-button.php +1 -1
  184. includes/templates/cfg-files/s2-cross-xml.php +2 -2
  185. includes/templates/cfg-files/s2member-files-no-gzip.php +3 -3
  186. includes/templates/cfg-files/s2member-files.php +4 -7
  187. includes/templates/cfg-files/s2member-logs.php +3 -6
  188. includes/templates/cfg-files/s2o-mu-plugins.php +18 -18
  189. includes/templates/cfg-files/s2o-nw-plugins.php +8 -8
  190. includes/templates/cfg-files/s2o-st-plugins.php +8 -8
  191. includes/templates/cfg-files/s2o-th-funcs.php +2 -2
  192. includes/templates/errors/ip-restrictions.php +1 -1
  193. includes/templates/options/paypal-currencies.php +1 -1
  194. includes/templates/options/paypal-membership-ccap-terms.php +1 -1
  195. includes/templates/options/paypal-membership-regular-terms.php +1 -1
  196. includes/templates/options/paypal-membership-trial-terms.php +1 -1
  197. includes/templates/options/paypal-sp-hours.php +1 -1
  198. includes/templates/players/jwplayer-v6-rtmp-only.php +1 -1
  199. includes/templates/players/jwplayer-v6-rtmp.php +1 -1
  200. includes/templates/players/jwplayer-v6.php +1 -1
  201. includes/templates/returns/default-return.php +1 -1
  202. includes/templates/shortcodes/paypal-cancellation-button-shortcode.php +1 -1
  203. includes/templates/shortcodes/paypal-ccaps-checkout-button-shortcode.php +1 -1
  204. includes/templates/shortcodes/paypal-checkout-button-shortcode.php +1 -1
  205. includes/templates/shortcodes/paypal-sp-checkout-button-shortcode.php +1 -1
  206. includes/translations/s2member.pot +483 -3641
  207. readme.txt +23 -4
  208. s2member-o.php +5 -1
  209. s2member.php +14 -14
changelog.md CHANGED
@@ -1,3 +1,21 @@
1
= v150102 =
2
3
- (s2Member/s2Member Pro) **Custom Field Mapping:** This release of s2Member adds an internal mapping from s2Member's Custom Field values for each user, to the `get_user_option()` function in the WordPress core. This makes it possible to retrieve user custom field values like always via `get_user_field()` or now through the native `get_user_option()` function also. The benefit of this is that s2Member's custom fields are now more compatible with other themes/plugins for WordPress.
1
+ = v150203 =
2
+
3
+ - (s2Member Pro) **Gift/Redemption Codes:** This release adds a powerful new shortcode: `[s2Member-Gift-Codes /]`. This makes it easy to generate and sell access to gift codes (i.e. gift certificates) and/or to a list of redemption codes. For instance, where a single team leader might like to purchase multiple accounts they can distribute to others on a team, or in a group. Video demo here: https://www.youtube.com/watch?v=T3N_vygowbM&feature=youtu.be ~ See also: [this GitHub issue](https://github.com/websharks/s2member/issues/386) for additional technical details.
4
+ - (s2Member Pro) **User-Specific Coupon Codes:** This release of s2Member makes it possible to configure Pro Form Coupon Codes that are connected (i.e. only valid) when entered by specific Users/Members who are logged into the site. See: `Dashboard ⥱ s2Member ⥱ Pro Coupon Codes`. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/403) for additional technical details.
5
+ - (s2Member Pro) **Coupon Code Max Uses:** This release of s2Member Pro adds the ability to set a maximum number of times that a Coupon Code can be used. This makes it easy to create Coupon Codes that are designed to be used only one time, for instance; or for X number of times. After a Coupon Code is used X number of times, it will expire automatically. See: `Dashboard ⥱ s2Member ⥱ Pro Coupon Codes`. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/285) for technical details.
6
+ - (s2Member Pro) **Coupon Code Usage Tracking:** This release of s2Member Pro adds the ability to track the number of times that each of your Coupon Codes have been used. It is also possible to alter the number of uses, and/or set a maximum number of uses. See: `Dashboard ⥱ s2Member ⥱ Pro Coupon Codes`. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/285) for technical details.
7
+ - (s2Member Pro) **Coupon Code Active/Expires Dates:** This release of s2Member Pro makes it possible to establish both a start and end time for each of your Pro Coupon Codes. In previous versions of s2Member, it was only possible to set an expiration date. You can now create Coupon Codes that will become active at some point in the future automatically. See: `Dashboard ⥱ s2Member ⥱ Pro Coupon Codes`. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/285) for technical details.
8
+ - (s2Member Pro) **Coupon Code UI Enhancements:** This release of s2Member Pro comes with an updated UI that makes it easier to manage your Pro Coupon Codes. See: `Dashboard ⥱ s2Member ⥱ Pro Coupon Codes`. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/285) for technical details.
9
+ - (s2Member Pro) **Store Coupon Codes for Each User:** s2Member Pro now stores a list of all coupon codes that a customer has used on your site. See: `Dashboard ⥱ Users ⥱ Choose User [Edit]`. Scrolling down to the set of s2-related fields will reveal a new list of coupon codes. This list will be filled for new customers only; i.e. s2Member does not have this data for past purchases; only for new customers that you acquire after updating to the latest release. See also [this GitHub issue](https://github.com/websharks/s2member/issues/462) if you'd additional details.
10
+ - (s2Member/s2Member Pro) **EOT Custom Value:** In this release of s2Member, the `get_user_option('s2member_custom')` value is preserved after an EOT has taken place, making it possible for site owners to continue to read this value (along with any custom pipe-delimited values they have injected there), even after an EOT has taken place. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/449).
11
+ - (s2Member/s2Member Pro) **JW Player Broken Links:** This release corrects some broken links referenced by the inline documentation for s2Member in the WordPress Dashboard. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/448) if you'd like further details.
12
+ - (s2Member/s2Member Pro) **Security:** This release of s2Member checks for the existence of the WordPress PHP Constant: `WPINC` instead of looking for the less reliable `$_SERVER['SCRIPT_FILENAME']`. Some site owners reported this was causing trouble in a localhost environment during testing, or when running s2Member on some hosts that are missing the `SCRIPT_FILENAME` environment variable; e.g. some Windows servers. Fixed in this release. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/454) if you'd like additional details.
13
+ - (s2Member Pro) **Advanced Import/Export Compat:** This release of s2Member Pro includes compatibility and a bug fix when running on WordPress v4.1+. Three PHP notices during importation, along with some quirky behavior associated with the `role` CSV column have been corrected. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/455) for technical details.
14
+ - (s2Member Pro) **`[s2Member-List /]` Bug Fix:** This release resolves an issue with pagination in the `[s2Member-List /]` shortcode after recent improvements to the search functionality. See [this GitHub issue](https://github.com/websharks/s2member/issues/155#issuecomment-69403120) if you'd like additional details.
15
+ - (s2Member Pro) **`[s2Member-List /]` Enhancement:** This release improves search functionality in the `[s2Member-List /]` shortcode, making it so that all searches default to `*[query]*`; i.e. are automatically wrapped by wildcards. If a user enters a wildcard explicitly (or a double quote), this default behavior is overridden and the search query is taken as given in such a scenario. This makes the search functionality easier for end-users to work with, since it no longer requires an exact match. Default behavior is now a fuzzy match. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/394) if you'd like further details.
16
+ - (s2Member/s2Member Pro) **AWS v4 Authentication:** This release of s2Member adds AWS v4 Authentication support for Amazon Web Service Regions that only accept the AWS v4 authentication scheme. If you had trouble in the recent past when attempting to integrate s2Member with S3 Buckets (or with CloudFront) in regions outside the USA, this release should resolve those issues for you. See also: [this GitHub issue](https://github.com/websharks/s2member/issues/440) if you'd like additional technical details.
17
+ - (s2Member Pro) **Bug Fix:** Pro Form Checkout Options not working in all cases whenever they are used together with Free Registration Forms. Resolved in this release.
18
+
19
= v150102 =
20
21
- (s2Member/s2Member Pro) **Custom Field Mapping:** This release of s2Member adds an internal mapping from s2Member's Custom Field values for each user, to the `get_user_option()` function in the WordPress core. This makes it possible to retrieve user custom field values like always via `get_user_field()` or now through the native `get_user_option()` function also. The benefit of this is that s2Member's custom fields are now more compatible with other themes/plugins for WordPress.
checksum.txt CHANGED
@@ -1 +1 @@
1
- a1daeda86ea085763a0951505fad6b5f
1
+ 84638519eea37bbc521b44a83b66c496
includes/classes/access-cap-times.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\CCAPS
15
* @since 140514
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_access_cap_times'))
14
* @package s2Member\CCAPS
15
* @since 140514
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_access_cap_times'))
includes/classes/admin-css-js-in.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Admin_CSS_JS
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_admin_css_js_in"))
14
* @package s2Member\Admin_CSS_JS
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_admin_css_js_in"))
includes/classes/admin-css-js.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Admin_CSS_JS
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_admin_css_js"))
14
* @package s2Member\Admin_CSS_JS
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_admin_css_js"))
includes/classes/admin-lockouts.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Admin_Lockouts
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_admin_lockouts'))
14
* @package s2Member\Admin_Lockouts
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_admin_lockouts'))
includes/classes/admin-notices.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Admin_Notices
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_admin_notices'))
14
* @package s2Member\Admin_Notices
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_admin_notices'))
includes/classes/auto-eots.inc.php CHANGED
@@ -1,298 +1,300 @@
1
<?php
2
/**
3
- * s2Member's Auto-EOT System *(EOT = End Of Term)*.
4
- *
5
- * Copyright: © 2009-2011
6
- * {@link http://www.websharks-inc.com/ WebSharks, Inc.}
7
- * (coded in the USA)
8
- *
9
- * Released under the terms of the GNU General Public License.
10
- * You should have received a copy of the GNU General Public License,
11
- * along with this software. In the main directory, see: /licensing/
12
- * If not, see: {@link http://www.gnu.org/licenses/}.
13
- *
14
- * @package s2Member\Auto_EOT_System
15
- * @since 3.5
16
- */
17
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
- exit ("Do not access this file directly.");
19
-
20
- if (!class_exists ("c_ws_plugin__s2member_auto_eots"))
21
{
22
/**
23
- * s2Member's Auto-EOT System *(EOT = End Of Term)*.
24
- *
25
- * @package s2Member\Auto_EOT_System
26
- * @since 3.5
27
- */
28
- class c_ws_plugin__s2member_auto_eots
29
{
30
- /**
31
- * Adds a scheduled task for s2Member's Auto-EOT System.
32
- *
33
- * @package s2Member\Auto_EOT_System
34
- * @since 3.5
35
- *
36
- * @return bool True if able to add Auto-EOT System schedule, else false.
37
- */
38
- public static function add_auto_eot_system ()
39
- {
40
- do_action("ws_plugin__s2member_before_add_auto_eot_system", get_defined_vars ());
41
-
42
- if (!c_ws_plugin__s2member_auto_eots::delete_auto_eot_system ())
43
- {
44
- return apply_filters("ws_plugin__s2member_add_auto_eot_system", false, get_defined_vars ());
45
- }
46
- else if /* Otherwise, we can schedule? */ (function_exists ("wp_cron"))
47
- {
48
- wp_schedule_event (time (), "every10m", "ws_plugin__s2member_auto_eot_system__schedule");
49
-
50
- return apply_filters("ws_plugin__s2member_add_auto_eot_system", true, get_defined_vars ());
51
- }
52
- else // Otherwise, it would appear that WP-Cron is not available.
53
- {
54
- return apply_filters("ws_plugin__s2member_add_auto_eot_system", false, get_defined_vars ());
55
- }
56
- }
57
- /**
58
- * Deletes all scheduled tasks for s2Member's Auto-EOT System.
59
- *
60
- * @package s2Member\Auto_EOT_System
61
- * @since 3.5
62
- *
63
- * @return bool True if able to delete Auto-EOT System schedule, else false.
64
- */
65
- public static function delete_auto_eot_system ()
66
- {
67
- do_action("ws_plugin__s2member_before_delete_auto_eot_system", get_defined_vars ());
68
69
- if /* Is `wp_cron()` even available? */ (function_exists ("wp_cron"))
70
- {
71
- wp_clear_scheduled_hook /* Since v3.0.3. */ ("ws_plugin__s2member_auto_eot_system__schedule");
72
73
- return apply_filters("ws_plugin__s2member_delete_auto_eot_system", true, get_defined_vars ());
74
- }
75
- else // Otherwise, it would appear that WP-Cron is not available.
76
- {
77
- return apply_filters("ws_plugin__s2member_delete_auto_eot_system", false, get_defined_vars ());
78
- }
79
- }
80
- /**
81
- * Processed by WP_Cron; this handles Auto-EOTs *(EOT = End Of Term)*.
82
- *
83
- * If you have a HUGE userbase, increase the max EOTs per process.
84
- * But NOTE, this runs ``$per_process`` *(per Blog)* on a Multisite Network.
85
- * To increase, use: ``add_filter ("ws_plugin__s2member_auto_eot_system_per_process");``.
86
- *
87
- * This function makes an important Hook available: `ws_plugin__s2member_after_auto_eot_system`.
88
- * This Hook is used by some of s2Member Pro's Gateway integrations; allowing CRON processing
89
- * to run for important communications; which poll Payment Gateway APIs for possible EOTs.
90
- *
91
- * @package s2Member\Auto_EOT_System
92
- * @since 3.5
93
- *
94
- * @param int $per_process Number of database records to process each time.
95
- * Can also be Filtered with `ws_plugin__s2member_auto_eot_system_per_process`.
96
- * @return null
97
- */
98
- public static function auto_eot_system ($per_process = 6)
99
- {
100
- global /* Need global DB obj. */ $wpdb;
101
- global /* Multisite. */ $current_site, $current_blog;
102
103
- include_once ABSPATH . "wp-admin/includes/admin.php";
104
105
- @set_time_limit /* Make time for processing a larger userbase. */ (0);
106
- @ini_set ("memory_limit", apply_filters("admin_memory_limit", WP_MAX_MEMORY_LIMIT));
107
108
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
109
- do_action("ws_plugin__s2member_before_auto_eot_system", get_defined_vars ());
110
- unset($__refs, $__v);
111
112
- if /* Enabled? */($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["auto_eot_system_enabled"])
113
{
114
- $per_process = apply_filters("ws_plugin__s2member_auto_eot_system_per_process", $per_process, get_defined_vars ());
115
-
116
- if (is_array($eots = $wpdb->get_results ("SELECT `user_id` AS `ID` FROM `" . $wpdb->usermeta . "` WHERE `meta_key` = '" . $wpdb->prefix . "s2member_auto_eot_time' AND `meta_value` != '' AND `meta_value` <= '" . esc_sql(strtotime ("now")) . "' LIMIT " . $per_process)))
117
{
118
- foreach /* Go through the array of EOTS. We need to (demote|delete) each of them. */ ($eots as $eot)
119
- {
120
- if (($user_id = $eot->ID) && is_object ($user = new WP_User ($user_id)) && $user->ID)
121
- {
122
- delete_user_option /* Always delete. */ ($user_id, "s2member_auto_eot_time");
123
-
124
- if /* Do NOT process Administrator accounts. */(!$user->has_cap ("administrator"))
125
- {
126
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "demote")
127
{
128
- $eot_del_type = /* Set EOT/Del type. */ "auto-eot-cancellation-expiration-demotion";
129
-
130
- $custom = get_user_option ("s2member_custom", $user_id);
131
- $subscr_gateway = get_user_option ("s2member_subscr_gateway", $user_id);
132
- $subscr_id = get_user_option ("s2member_subscr_id", $user_id);
133
- $subscr_baid = get_user_option ("s2member_subscr_baid", $user_id);
134
- $subscr_cid = get_user_option ("s2member_subscr_cid", $user_id);
135
- $fields = get_user_option ("s2member_custom_fields", $user_id);
136
- $user_reg_ip = get_user_option ("s2member_registration_ip", $user_id);
137
-
138
- $demotion_role = c_ws_plugin__s2member_option_forces::force_demotion_role ("subscriber");
139
- $existing_role = c_ws_plugin__s2member_user_access::user_access_role ($user);
140
-
141
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
142
- do_action("ws_plugin__s2member_during_auto_eot_system_during_before_demote", get_defined_vars ());
143
- do_action("ws_plugin__s2member_during_collective_mods", $user_id, get_defined_vars (), $eot_del_type, "modification", $demotion_role);
144
- do_action("ws_plugin__s2member_during_collective_eots", $user_id, get_defined_vars (), $eot_del_type, "modification");
145
- unset($__refs, $__v);
146
-
147
- if /* Only if NOT the existing Role. */($existing_role !== $demotion_role)
148
- $user->set_role /* Give User the demotion Role. */ ($demotion_role);
149
-
150
- if(apply_filters("ws_plugin__s2member_remove_ccaps_during_eot_events",
151
- (bool)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eots_remove_ccaps"], get_defined_vars()))
152
- foreach ($user->allcaps as $cap => $cap_enabled)
153
- if (preg_match ("/^access_s2member_ccap_/", $cap))
154
- $user->remove_cap ($ccap = $cap);
155
-
156
- delete_user_option ($user_id, "s2member_custom");
157
- delete_user_option ($user_id, "s2member_subscr_gateway");
158
- delete_user_option ($user_id, "s2member_subscr_id");
159
- delete_user_option ($user_id, "s2member_subscr_baid");
160
- delete_user_option ($user_id, "s2member_subscr_cid");
161
-
162
- delete_user_option ($user_id, "s2member_ipn_signup_vars");
163
- if (!apply_filters("ws_plugin__s2member_preserve_paid_registration_times", true, get_defined_vars ()))
164
- delete_user_option ($user_id, "s2member_paid_registration_times");
165
-
166
- delete_user_option ($user_id, "s2member_last_status_scan");
167
- delete_user_option ($user_id, "s2member_first_payment_txn_id");
168
- delete_user_option ($user_id, "s2member_last_payment_time");
169
- delete_user_option ($user_id, "s2member_auto_eot_time");
170
-
171
- delete_user_option ($user_id, "s2member_file_download_access_log");
172
- delete_user_option ($user_id, "s2member_authnet_payment_failures");
173
-
174
- c_ws_plugin__s2member_user_notes::append_user_notes ($user_id, "Demoted by s2Member: " . date ("D M j, Y g:i a T"));
175
-
176
- if($subscr_gateway && $subscr_id) // Also note the Paid Subscr. Gateway/ID so there is a reference left behind here.
177
- c_ws_plugin__s2member_user_notes::append_user_notes ($user_id, "Paid Subscr. ID @ time of demotion: ".$subscr_gateway." -› ".$subscr_id);
178
-
179
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_urls"] && is_array($cv = preg_split ("/\|/", $custom)))
180
- {
181
- foreach (preg_split ("/[\r\n\t]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_urls"]) as $url) // Handle EOT Notifications.
182
-
183
- if (($url = preg_replace ("/%%cv([0-9]+)%%/ei", 'urlencode(trim(@$cv[$1]))', $url)) && ($url = preg_replace ("/%%eot_del_type%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ("auto-eot-cancellation-expiration-demotion")), $url)) && ($url = preg_replace ("/%%subscr_id%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($subscr_id)), $url)))
184
- if (($url = preg_replace ("/%%user_first_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user->first_name)), $url)) && ($url = preg_replace ("/%%user_last_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user->last_name)), $url)))
185
- if (($url = preg_replace ("/%%user_full_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode (trim ($user->first_name . " " . $user->last_name))), $url)))
186
- if (($url = preg_replace ("/%%user_email%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user->user_email)), $url)))
187
- if (($url = preg_replace ("/%%user_login%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user->user_login)), $url)))
188
- if (($url = preg_replace ("/%%user_ip%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user_reg_ip)), $url)))
189
- if (($url = preg_replace ("/%%user_id%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode ($user_id)), $url)))
190
- {
191
- if (is_array($fields) && !empty($fields))
192
- foreach /* Custom Registration/Profile Fields. */ ($fields as $var => $val)
193
- if (!($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (urlencode (maybe_serialize ($val))), $url)))
194
- break;
195
-
196
- if (($url = trim (preg_replace ("/%%(.+?)%%/i", "", $url))))
197
- c_ws_plugin__s2member_utils_urls::remote ($url);
198
- }
199
- }
200
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"] && is_array($cv = preg_split ("/\|/", $custom)))
201
- {
202
- $email_configs_were_on = c_ws_plugin__s2member_email_configs::email_config_status ();
203
- c_ws_plugin__s2member_email_configs::email_config_release ();
204
-
205
- $msg = $sbj = "(s2Member / API Notification Email) - EOT/Deletion";
206
- $msg .= /* Spacing in the message body. */"\n\n";
207
-
208
- $msg .= "eot_del_type: %%eot_del_type%%\n";
209
- $msg .= "subscr_id: %%subscr_id%%\n";
210
- $msg .= "subscr_baid: %%subscr_baid%%\n";
211
- $msg .= "subscr_cid: %%subscr_cid%%\n";
212
- $msg .= "user_first_name: %%user_first_name%%\n";
213
- $msg .= "user_last_name: %%user_last_name%%\n";
214
- $msg .= "user_full_name: %%user_full_name%%\n";
215
- $msg .= "user_email: %%user_email%%\n";
216
- $msg .= "user_login: %%user_login%%\n";
217
- $msg .= "user_ip: %%user_ip%%\n";
218
- $msg .= "user_id: %%user_id%%\n";
219
-
220
- if (is_array($fields) && !empty($fields))
221
- foreach ($fields as $var => $val)
222
- $msg .= $var . ": %%" . $var . "%%\n";
223
-
224
- $msg .= "cv0: %%cv0%%\n";
225
- $msg .= "cv1: %%cv1%%\n";
226
- $msg .= "cv2: %%cv2%%\n";
227
- $msg .= "cv3: %%cv3%%\n";
228
- $msg .= "cv4: %%cv4%%\n";
229
- $msg .= "cv5: %%cv5%%\n";
230
- $msg .= "cv6: %%cv6%%\n";
231
- $msg .= "cv7: %%cv7%%\n";
232
- $msg .= "cv8: %%cv8%%\n";
233
- $msg .= "cv9: %%cv9%%";
234
-
235
- if (($msg = preg_replace ("/%%cv([0-9]+)%%/ei", 'trim(@$cv[$1])', $msg)) && ($msg = preg_replace ("/%%eot_del_type%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ("auto-eot-cancellation-expiration-demotion"), $msg)) && ($msg = preg_replace ("/%%subscr_id%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($subscr_id), $msg)))
236
- if (($msg = preg_replace ("/%%subscr_baid%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($subscr_baid), $msg)) && ($msg = preg_replace ("/%%subscr_cid%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($subscr_cid), $msg)))
237
- if (($msg = preg_replace ("/%%user_first_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user->first_name), $msg)) && ($msg = preg_replace ("/%%user_last_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user->last_name), $msg)))
238
- if (($msg = preg_replace ("/%%user_full_name%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (trim ($user->first_name . " " . $user->last_name)), $msg)))
239
- if (($msg = preg_replace ("/%%user_email%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user->user_email), $msg)))
240
- if (($msg = preg_replace ("/%%user_login%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user->user_login), $msg)))
241
- if (($msg = preg_replace ("/%%user_ip%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user_reg_ip), $msg)))
242
- if (($msg = preg_replace ("/%%user_id%%/i", c_ws_plugin__s2member_utils_strings::esc_refs ($user_id), $msg)))
243
- {
244
- if (is_array($fields) && !empty($fields))
245
- foreach /* Custom Registration/Profile Fields. */($fields as $var => $val)
246
- if (!($msg = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", c_ws_plugin__s2member_utils_strings::esc_refs (maybe_serialize ($val)), $msg)))
247
- break;
248
-
249
- if /* Still have a ``$sbj`` and a ``$msg``? */ ($sbj && ($msg = trim (preg_replace ("/%%(.+?)%%/i", "", $msg))))
250
-
251
- foreach (c_ws_plugin__s2member_utils_strings::parse_emails ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"]) as $recipient)
252
- wp_mail ($recipient, apply_filters("ws_plugin__s2member_eot_del_notification_email_sbj", $sbj, get_defined_vars ()), apply_filters("ws_plugin__s2member_eot_del_notification_email_msg", $msg, get_defined_vars ()), "Content-Type: text/plain; charset=UTF-8");
253
- }
254
- if($email_configs_were_on) c_ws_plugin__s2member_email_configs::email_config ();
255
- }
256
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
257
- do_action("ws_plugin__s2member_during_auto_eot_system_during_demote", get_defined_vars ());
258
- unset($__refs, $__v);
259
}
260
- else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "delete")
261
{
262
- $eot_del_type = $GLOBALS["ws_plugin__s2member_eot_del_type"] = "auto-eot-cancellation-expiration-deletion";
263
-
264
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
265
- do_action("ws_plugin__s2member_during_auto_eot_system_during_before_delete", get_defined_vars ());
266
- do_action("ws_plugin__s2member_during_collective_eots", $user_id, get_defined_vars (), $eot_del_type, "removal-deletion");
267
- unset($__refs, $__v);
268
-
269
- if /* Multisite does NOT actually delete; ONLY removes. */(is_multisite ())
270
- {
271
- remove_user_from_blog ($user_id, $current_blog->blog_id);
272
- // This will automatically trigger `eot_del_notification_urls`.
273
- c_ws_plugin__s2member_user_deletions::handle_ms_user_deletions ($user_id, $current_blog->blog_id, "s2says");
274
- }
275
- else // Otherwise, we can actually delete them.
276
- // This will automatically trigger `eot_del_notification_urls`
277
- wp_delete_user /* `c_ws_plugin__s2member_user_deletions::handle_user_deletions()` */ ($user_id);
278
-
279
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
280
- do_action("ws_plugin__s2member_during_auto_eot_system_during_delete", get_defined_vars ());
281
- unset($__refs, $__v);
282
}
283
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
284
- do_action("ws_plugin__s2member_during_auto_eot_system", get_defined_vars ());
285
- unset($__refs, $__v);
286
- }
287
- }
288
- }
289
}
290
}
291
- c_ws_plugin__s2member_utils_logs::cleanup_expired_s2m_transients();
292
-
293
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
294
- do_action("ws_plugin__s2member_after_auto_eot_system", get_defined_vars ());
295
- unset($__refs, $__v);
296
}
297
}
298
- }
1
<?php
2
/**
3
+ * s2Member's Auto-EOT System *(EOT = End Of Term)*.
4
+ *
5
+ * Copyright: © 2009-2011
6
+ * {@link http://www.websharks-inc.com/ WebSharks, Inc.}
7
+ * (coded in the USA)
8
+ *
9
+ * Released under the terms of the GNU General Public License.
10
+ * You should have received a copy of the GNU General Public License,
11
+ * along with this software. In the main directory, see: /licensing/
12
+ * If not, see: {@link http://www.gnu.org/licenses/}.
13
+ *
14
+ * @package s2Member\Auto_EOT_System
15
+ * @since 3.5
16
+ */
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
+ exit ('Do not access this file directly.');
19
+
20
+ if(!class_exists('c_ws_plugin__s2member_auto_eots'))
21
+ {
22
+ /**
23
+ * s2Member's Auto-EOT System *(EOT = End Of Term)*.
24
+ *
25
+ * @package s2Member\Auto_EOT_System
26
+ * @since 3.5
27
+ */
28
+ class c_ws_plugin__s2member_auto_eots
29
{
30
/**
31
+ * Adds a scheduled task for s2Member's Auto-EOT System.
32
+ *
33
+ * @package s2Member\Auto_EOT_System
34
+ * @since 3.5
35
+ *
36
+ * @return bool True if able to add Auto-EOT System schedule, else false.
37
+ */
38
+ public static function add_auto_eot_system()
39
+ {
40
+ do_action('ws_plugin__s2member_before_add_auto_eot_system', get_defined_vars());
41
+
42
+ if(!c_ws_plugin__s2member_auto_eots::delete_auto_eot_system())
43
{
44
+ return apply_filters('ws_plugin__s2member_add_auto_eot_system', FALSE, get_defined_vars());
45
+ }
46
+ else if(function_exists('wp_cron') /* Otherwise, we can schedule? */)
47
+ {
48
+ wp_schedule_event(time(), 'every10m', 'ws_plugin__s2member_auto_eot_system__schedule');
49
50
+ return apply_filters('ws_plugin__s2member_add_auto_eot_system', TRUE, get_defined_vars());
51
+ }
52
+ else // Otherwise, it would appear that WP-Cron is not available.
53
+ {
54
+ return apply_filters('ws_plugin__s2member_add_auto_eot_system', FALSE, get_defined_vars());
55
+ }
56
+ }
57
58
+ /**
59
+ * Deletes all scheduled tasks for s2Member's Auto-EOT System.
60
+ *
61
+ * @package s2Member\Auto_EOT_System
62
+ * @since 3.5
63
+ *
64
+ * @return bool True if able to delete Auto-EOT System schedule, else false.
65
+ */
66
+ public static function delete_auto_eot_system()
67
+ {
68
+ do_action('ws_plugin__s2member_before_delete_auto_eot_system', get_defined_vars());
69
+
70
+ if(function_exists('wp_cron') /* Is `wp_cron()` even available? */)
71
+ {
72
+ wp_clear_scheduled_hook('ws_plugin__s2member_auto_eot_system__schedule' /* Since v3.0.3. */);
73
74
+ return apply_filters('ws_plugin__s2member_delete_auto_eot_system', TRUE, get_defined_vars());
75
+ }
76
+ else // Otherwise, it would appear that WP-Cron is not available.
77
+ {
78
+ return apply_filters('ws_plugin__s2member_delete_auto_eot_system', FALSE, get_defined_vars());
79
+ }
80
+ }
81
82
+ /**
83
+ * Processed by WP_Cron; this handles Auto-EOTs *(EOT = End Of Term)*.
84
+ *
85
+ * If you have a HUGE userbase, increase the max EOTs per process.
86
+ * But NOTE, this runs ``$per_process`` *(per Blog)* on a Multisite Network.
87
+ * To increase, use: ``add_filter ('ws_plugin__s2member_auto_eot_system_per_process');``.
88
+ *
89
+ * This function makes an important Hook available: `ws_plugin__s2member_after_auto_eot_system`.
90
+ * This Hook is used by some of s2Member Pro's Gateway integrations; allowing CRON processing
91
+ * to run for important communications; which poll Payment Gateway APIs for possible EOTs.
92
+ *
93
+ * @package s2Member\Auto_EOT_System
94
+ * @since 3.5
95
+ *
96
+ * @param int $per_process Number of database records to process each time.
97
+ * Can also be Filtered with `ws_plugin__s2member_auto_eot_system_per_process`.
98
+ *
99
+ * @return null
100
+ */
101
+ public static function auto_eot_system($per_process = 6)
102
+ {
103
+ global $wpdb;
104
+ /** @var $wpdb \wpdb */
105
+ global $current_site, $current_blog;
106
+
107
+ include_once ABSPATH.'wp-admin/includes/admin.php';
108
+
109
+ @set_time_limit(0); // Make time for processing a larger userbase.
110
+ @ini_set('memory_limit', apply_filters('admin_memory_limit', WP_MAX_MEMORY_LIMIT));
111
+
112
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
113
+ do_action('ws_plugin__s2member_before_auto_eot_system', get_defined_vars());
114
+ unset($__refs, $__v);
115
+
116
+ if($GLOBALS['WS_PLUGIN__']['s2member']['o']['auto_eot_system_enabled'] /* Enabled? */)
117
+ {
118
+ $per_process = apply_filters('ws_plugin__s2member_auto_eot_system_per_process', $per_process, get_defined_vars());
119
120
+ if(is_array($eots = $wpdb->get_results("SELECT `user_id` AS `ID` FROM `".$wpdb->usermeta."` WHERE `meta_key` = '".$wpdb->prefix."s2member_auto_eot_time' AND `meta_value` != '' AND `meta_value` <= '".esc_sql(strtotime("now"))."' LIMIT ".$per_process)))
121
+ {
122
+ foreach($eots as $eot) // Go through the array of EOTS. We need to (demote|delete) each of them.
123
+ {
124
+ if(($user_id = $eot->ID) && is_object($user = new WP_User ($user_id)) && $user->ID)
125
+ {
126
+ delete_user_option($user_id, 's2member_auto_eot_time'); // Always delete.
127
128
+ if(!$user->has_cap('administrator') /* Do NOT process Administrator accounts. */)
129
{
130
+ if($GLOBALS['WS_PLUGIN__']['s2member']['o']['membership_eot_behavior'] === 'demote')
131
+ {
132
+ $eot_del_type = 'auto-eot-cancellation-expiration-demotion'; // Set EOT/Del type.
133
+
134
+ $custom = get_user_option('s2member_custom', $user_id);
135
+ $subscr_gateway = get_user_option('s2member_subscr_gateway', $user_id);
136
+ $subscr_id = get_user_option('s2member_subscr_id', $user_id);
137
+ $subscr_baid = get_user_option('s2member_subscr_baid', $user_id);
138
+ $subscr_cid = get_user_option('s2member_subscr_cid', $user_id);
139
+ $fields = get_user_option('s2member_custom_fields', $user_id);
140
+ $user_reg_ip = get_user_option('s2member_registration_ip', $user_id);
141
+
142
+ $demotion_role = c_ws_plugin__s2member_option_forces::force_demotion_role('subscriber');
143
+ $existing_role = c_ws_plugin__s2member_user_access::user_access_role($user);
144
+
145
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
146
+ do_action('ws_plugin__s2member_during_auto_eot_system_during_before_demote', get_defined_vars());
147
+ do_action('ws_plugin__s2member_during_collective_mods', $user_id, get_defined_vars(), $eot_del_type, 'modification', $demotion_role);
148
+ do_action('ws_plugin__s2member_during_collective_eots', $user_id, get_defined_vars(), $eot_del_type, 'modification');
149
+ unset($__refs, $__v);
150
+
151
+ if($existing_role !== $demotion_role /* Only if NOT the existing Role. */)
152
+ $user->set_role($demotion_role /* Give User the demotion Role. */);
153
+
154
+ if(apply_filters('ws_plugin__s2member_remove_ccaps_during_eot_events', (bool)$GLOBALS['WS_PLUGIN__']['s2member']['o']['eots_remove_ccaps'], get_defined_vars()))
155
+ foreach($user->allcaps as $cap => $cap_enabled)
156
+ if(preg_match('/^access_s2member_ccap_/', $cap))
157
+ $user->remove_cap($ccap = $cap);
158
+
159
+ delete_user_option($user_id, 's2member_subscr_gateway');
160
+ delete_user_option($user_id, 's2member_subscr_id');
161
+ delete_user_option($user_id, 's2member_subscr_baid');
162
+ delete_user_option($user_id, 's2member_subscr_cid');
163
+
164
+ delete_user_option($user_id, 's2member_ipn_signup_vars');
165
+ if(!apply_filters('ws_plugin__s2member_preserve_paid_registration_times', TRUE, get_defined_vars()))
166
+ delete_user_option($user_id, 's2member_paid_registration_times');
167
+
168
+ delete_user_option($user_id, 's2member_last_status_scan');
169
+ delete_user_option($user_id, 's2member_first_payment_txn_id');
170
+ delete_user_option($user_id, 's2member_last_payment_time');
171
+ delete_user_option($user_id, 's2member_auto_eot_time');
172
+
173
+ delete_user_option($user_id, 's2member_file_download_access_log');
174
+ delete_user_option($user_id, 's2member_authnet_payment_failures');
175
+
176
+ c_ws_plugin__s2member_user_notes::append_user_notes($user_id, 'Demoted by s2Member: '.date('D M j, Y g:i a T'));
177
+
178
+ if($subscr_gateway && $subscr_id) // Also note the Paid Subscr. Gateway/ID so there is a reference left behind here.
179
+ c_ws_plugin__s2member_user_notes::append_user_notes($user_id, 'Paid Subscr. ID @ time of demotion: '.$subscr_gateway.' -› '.$subscr_id);
180
+
181
+ if($GLOBALS['WS_PLUGIN__']['s2member']['o']['eot_del_notification_urls'] && is_array($cv = preg_split('/\|/', $custom)))
182
{
183
+ foreach(preg_split('/['."\r\n\t".']+/', $GLOBALS['WS_PLUGIN__']['s2member']['o']['eot_del_notification_urls']) as $url) // Handle EOT Notifications.
184
+
185
+ if(($url = preg_replace('/%%cv([0-9]+)%%/ei', 'urlencode(trim(@$cv[$1]))', $url)) && ($url = preg_replace('/%%eot_del_type%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode('auto-eot-cancellation-expiration-demotion')), $url)) && ($url = preg_replace('/%%subscr_id%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($subscr_id)), $url)))
186
+ if(($url = preg_replace('/%%user_first_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user->first_name)), $url)) && ($url = preg_replace('/%%user_last_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user->last_name)), $url)))
187
+ if(($url = preg_replace('/%%user_full_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode(trim($user->first_name.' '.$user->last_name))), $url)))
188
+ if(($url = preg_replace('/%%user_email%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user->user_email)), $url)))
189
+ if(($url = preg_replace('/%%user_login%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user->user_login)), $url)))
190
+ if(($url = preg_replace('/%%user_ip%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user_reg_ip)), $url)))
191
+ if(($url = preg_replace('/%%user_id%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode($user_id)), $url)))
192
{
193
+ if(is_array($fields) && !empty($fields))
194
+ foreach($fields as $var => $val /* Custom Registration/Profile Fields. */)
195
+ if(!($url = preg_replace('/%%'.preg_quote($var, '/').'%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(urlencode(maybe_serialize($val))), $url)))
196
+ break;
197
+
198
+ if(($url = trim(preg_replace('/%%(.+?)%%/i', '', $url))))
199
+ c_ws_plugin__s2member_utils_urls::remote($url);
200
}
201
+ }
202
+ if($GLOBALS['WS_PLUGIN__']['s2member']['o']['eot_del_notification_recipients'] && is_array($cv = preg_split('/\|/', $custom)))
203
+ {
204
+ $email_configs_were_on = c_ws_plugin__s2member_email_configs::email_config_status();
205
+ c_ws_plugin__s2member_email_configs::email_config_release();
206
+
207
+ $msg = $sbj = '(s2Member / API Notification Email) - EOT/Deletion';
208
+ $msg .= "\n\n"; // Spacing in the message body.
209
+
210
+ $msg .= 'eot_del_type: %%eot_del_type%%'."\n";
211
+ $msg .= 'subscr_id: %%subscr_id%%'."\n";
212
+ $msg .= 'subscr_baid: %%subscr_baid%%'."\n";
213
+ $msg .= 'subscr_cid: %%subscr_cid%%'."\n";
214
+ $msg .= 'user_first_name: %%user_first_name%%'."\n";
215
+ $msg .= 'user_last_name: %%user_last_name%%'."\n";
216
+ $msg .= 'user_full_name: %%user_full_name%%'."\n";
217
+ $msg .= 'user_email: %%user_email%%'."\n";
218
+ $msg .= 'user_login: %%user_login%%'."\n";
219
+ $msg .= 'user_ip: %%user_ip%%'."\n";
220
+ $msg .= 'user_id: %%user_id%%'."\n";
221
+
222
+ if(is_array($fields) && !empty($fields))
223
+ foreach($fields as $var => $val)
224
+ $msg .= $var.': %%'.$var.'%%'."\n";
225
+
226
+ $msg .= 'cv0: %%cv0%%'."\n";
227
+ $msg .= 'cv1: %%cv1%%'."\n";
228
+ $msg .= 'cv2: %%cv2%%'."\n";
229
+ $msg .= 'cv3: %%cv3%%'."\n";
230
+ $msg .= 'cv4: %%cv4%%'."\n";
231
+ $msg .= 'cv5: %%cv5%%'."\n";
232
+ $msg .= 'cv6: %%cv6%%'."\n";
233
+ $msg .= 'cv7: %%cv7%%'."\n";
234
+ $msg .= 'cv8: %%cv8%%'."\n";
235
+ $msg .= 'cv9: %%cv9%%';
236
+
237
+ if(($msg = preg_replace('/%%cv([0-9]+)%%/ei', 'trim(@$cv[$1])', $msg)) && ($msg = preg_replace('/%%eot_del_type%%/i', c_ws_plugin__s2member_utils_strings::esc_refs('auto-eot-cancellation-expiration-demotion'), $msg)) && ($msg = preg_replace('/%%subscr_id%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($subscr_id), $msg)))
238
+ if(($msg = preg_replace('/%%subscr_baid%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($subscr_baid), $msg)) && ($msg = preg_replace('/%%subscr_cid%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($subscr_cid), $msg)))
239
+ if(($msg = preg_replace('/%%user_first_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user->first_name), $msg)) && ($msg = preg_replace('/%%user_last_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user->last_name), $msg)))
240
+ if(($msg = preg_replace('/%%user_full_name%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(trim($user->first_name.' '.$user->last_name)), $msg)))
241
+ if(($msg = preg_replace('/%%user_email%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user->user_email), $msg)))
242
+ if(($msg = preg_replace('/%%user_login%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user->user_login), $msg)))
243
+ if(($msg = preg_replace('/%%user_ip%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user_reg_ip), $msg)))
244
+ if(($msg = preg_replace('/%%user_id%%/i', c_ws_plugin__s2member_utils_strings::esc_refs($user_id), $msg)))
245
{
246
+ if(is_array($fields) && !empty($fields))
247
+ foreach($fields as $var => $val /* Custom Registration/Profile Fields. */)
248
+ if(!($msg = preg_replace('/%%'.preg_quote($var, '/').'%%/i', c_ws_plugin__s2member_utils_strings::esc_refs(maybe_serialize($val)), $msg)))
249
+ break;
250
+
251
+ if($sbj && ($msg = trim(preg_replace('/%%(.+?)%%/i', '', $msg))) /* Still have a ``$sbj`` and a ``$msg``? */)
252
+
253
+ foreach(c_ws_plugin__s2member_utils_strings::parse_emails($GLOBALS['WS_PLUGIN__']['s2member']['o']['eot_del_notification_recipients']) as $recipient)
254
+ wp_mail($recipient, apply_filters('ws_plugin__s2member_eot_del_notification_email_sbj', $sbj, get_defined_vars()), apply_filters('ws_plugin__s2member_eot_del_notification_email_msg', $msg, get_defined_vars()), 'Content-Type: text/plain; charset=UTF-8');
255
}
256
+ if($email_configs_were_on) c_ws_plugin__s2member_email_configs::email_config();
257
+ }
258
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
259
+ do_action('ws_plugin__s2member_during_auto_eot_system_during_demote', get_defined_vars());
260
+ unset($__refs, $__v);
261
+ }
262
+ else if($GLOBALS['WS_PLUGIN__']['s2member']['o']['membership_eot_behavior'] === 'delete')
263
+ {
264
+ $eot_del_type = $GLOBALS['ws_plugin__s2member_eot_del_type'] = 'auto-eot-cancellation-expiration-deletion';
265
+
266
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
267
+ do_action('ws_plugin__s2member_during_auto_eot_system_during_before_delete', get_defined_vars());
268
+ do_action('ws_plugin__s2member_during_collective_eots', $user_id, get_defined_vars(), $eot_del_type, 'removal-deletion');
269
+ unset($__refs, $__v);
270
+
271
+ if(is_multisite()/* Multisite does NOT actually delete; ONLY removes. */)
272
+ {
273
+ remove_user_from_blog($user_id, $current_blog->blog_id);
274
+ // This will automatically trigger `eot_del_notification_urls`.
275
+ c_ws_plugin__s2member_user_deletions::handle_ms_user_deletions($user_id, $current_blog->blog_id, 's2says');
276
}
277
+ else // Otherwise, we can actually delete them.
278
+ // This will automatically trigger `eot_del_notification_urls`
279
+ wp_delete_user($user_id /* `c_ws_plugin__s2member_user_deletions::handle_user_deletions()` */);
280
+
281
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
282
+ do_action('ws_plugin__s2member_during_auto_eot_system_during_delete', get_defined_vars());
283
+ unset($__refs, $__v);
284
+ }
285
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
286
+ do_action('ws_plugin__s2member_during_auto_eot_system', get_defined_vars());
287
+ unset($__refs, $__v);
288
}
289
+ }
290
}
291
+ }
292
}
293
+ c_ws_plugin__s2member_utils_logs::cleanup_expired_s2m_transients();
294
+
295
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
296
+ do_action('ws_plugin__s2member_after_auto_eot_system', get_defined_vars());
297
+ unset($__refs, $__v);
298
+ }
299
+ }
300
+ }
includes/classes/aweber-e.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @since 141004
15
* @package s2Member\List_Servers
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_aweber_e'))
14
* @since 141004
15
* @package s2Member\List_Servers
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_aweber_e'))
includes/classes/aweber.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @since 141004
15
* @package s2Member\List_Servers
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_aweber'))
14
* @since 141004
15
* @package s2Member\List_Servers
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_aweber'))
includes/classes/brute-force.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Brute_Force
15
* @since 3.5
16
*/
17
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
exit("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_brute_force"))
14
* @package s2Member\Brute_Force
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_brute_force"))
includes/classes/cache.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Cache
15
* @since 3.5
16
*/
17
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
exit("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_cache"))
14
* @package s2Member\Cache
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_cache"))
includes/classes/catgs-sp.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Categories
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_catgs_sp'))
14
* @package s2Member\Categories
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_catgs_sp'))
includes/classes/catgs.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Categories
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_catgs'))
14
* @package s2Member\Categories
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_catgs'))
includes/classes/check-activation.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Installation
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_check_activation"))
14
* @package s2Member\Installation
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_check_activation"))
includes/classes/constants.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\API_Constants
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_constants'))
14
* @package s2Member\API_Constants
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_constants'))
includes/classes/cron-jobs-in.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Cron_Jobs
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_cron_jobs_in"))
14
* @package s2Member\Cron_Jobs
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_cron_jobs_in"))
includes/classes/cron-jobs.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Cron_Jobs
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_cron_jobs"))
14
* @package s2Member\Cron_Jobs
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_cron_jobs"))
includes/classes/css-js-in.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_css_js_in"))
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_css_js_in"))
includes/classes/css-js-themes.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_css_js_themes'))
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_css_js_themes'))
includes/classes/css-js.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_css_js"))
14
* @package s2Member\CSS_JS
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_css_js"))
includes/classes/custom-reg-fields-4bp.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Custom_Reg_Fields
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_custom_reg_fields_4bp'))
14
* @package s2Member\Custom_Reg_Fields
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_custom_reg_fields_4bp'))
includes/classes/custom-reg-fields.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Custom_Reg_Fields
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_custom_reg_fields"))
14
* @package s2Member\Custom_Reg_Fields
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit("Do not access this file directly.");
19
20
if(!class_exists("c_ws_plugin__s2member_custom_reg_fields"))
includes/classes/database.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Database
15
* @since 130625
16
*/
17
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_database"))
14
* @package s2Member\Database
15
* @since 130625
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_database"))
includes/classes/email-configs.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Email_Configs
15
* @since 3.5
16
*/
17
- if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
18
exit ("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_email_configs"))
14
* @package s2Member\Email_Configs
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit ("Do not access this file directly.");
19
20
if (!class_exists ("c_ws_plugin__s2member_email_configs"))
includes/classes/files-in.inc.php CHANGED
@@ -14,7 +14,7 @@
14
* @package s2Member\Files
15
* @since 3.5
16
*/
17
- if(realpath(__FILE__) === realpath($_SERVER['SCRIPT_FILENAME']))
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_files_in'))
@@ -310,9 +310,9 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
310
else if($using_amazon_storage && $using_amazon_s3_storage && ($serving || ($creating && $url_to_storage_source)))
311
{
312
if($serving) // We only need this section when/if we're actually serving.
313
- wp_redirect(c_ws_plugin__s2member_files_in::amazon_s3_url($req['file_download'], $stream, $inline, $ssl, $basename, $mimetype)).exit();
314
315
- return apply_filters('ws_plugin__s2member_file_download_access_url', c_ws_plugin__s2member_files_in::amazon_s3_url($req['file_download'], $stream, $inline, $ssl, $basename, $mimetype), get_defined_vars());
316
}
317
else if($creating && $rewriting) // Creating a rewrite URL, pointing to local storage.
318
{ // Note: we don't URL encode unreserved chars. Improves media player compatibility.
@@ -538,7 +538,7 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
538
539
$extension = strtolower(substr($config['file_download'], strrpos($config['file_download'], '.') + 1));
540
$streaming = (isset($config['file_stream'])) ? filter_var($config['file_stream'], FILTER_VALIDATE_BOOLEAN) : ((in_array($extension, preg_split('/['."\r\n\t".'\s;,]+/', $GLOBALS['WS_PLUGIN__']['s2member']['o']['file_download_stream_extensions']))) ? TRUE : FALSE);
541
- $ssl = (isset($config['file_ssl'])) ? filter_var($config['file_ssl'], FILTER_VALIDATE_BOOLEAN) : ((is_ssl()) ? TRUE : FALSE);
542
543
if($get_streamer_array && $streaming && ($cfx = '/cfx/st') && ($cfx_pos = strpos($url_, $cfx)) !== FALSE && ($streamer = substr($url_, 0, $cfx_pos + strlen($cfx))) && ($url = c_ws_plugin__s2member_files_in::check_file_download_access(array_merge($config, array('file_stream' => FALSE, 'check_user' => FALSE, 'count_against_user' => FALSE)))))
544
$return = array('streamer' => $streamer, 'prefix' => $extension.':', 'file' => preg_replace('/^'.preg_quote($streamer, '/').'\//', '', $url_), 'url' => preg_replace('/^.+?\:/', (($ssl) ? 'https:' : 'http:'), $url));
@@ -573,7 +573,7 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
573
do_action('ws_plugin__s2member_before_check_file_remote_authorization', get_defined_vars());
574
unset($__refs, $__v); // Housekeeping.
575
576
- $_g = c_ws_plugin__s2member_utils_strings::trim_deep(stripslashes_deep(((!empty($_GET)) ? $_GET : array())));
577
578
if(!is_object($user) && isset($_g['s2member_file_remote']) && filter_var($_g['s2member_file_remote'], FILTER_VALIDATE_BOOLEAN))
579
{
@@ -653,6 +653,114 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
653
return c_ws_plugin__s2member_utils_strings::hmac_sha1_sign((string)$string, $s3c['secret_key']);
654
}
655
656
/**
657
* Creates an Amazon S3 HMAC-SHA1 signature URL.
658
*
@@ -689,6 +797,51 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
689
return add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array('AWSAccessKeyId' => $s3c['access_key'], 'Expires' => $s3c['expires'], 'Signature' => $s3_signature))), $s3_url);
690
}
691
692
/**
693
* Auto-configures an Amazon S3 Bucket's ACLs.
694
*
@@ -708,35 +861,41 @@ if(!class_exists('c_ws_plugin__s2member_files_in'))
708
709
if(!empty($s3c) && $s3c['bucket'] && $s3c['access_key'] && $s3c['secret_key']) // Must have Amazon S3 Bucket/Keys.
710
{
711
- $s3_date = gmdate('D, d M Y H:i:s').' GMT';
712
- $s3_location = ((strtolower($s3c['bucket']) !== $s3c['bucket'])) ? '/'.$s3c['bucket'].'/?acl' : '/?acl';
713
- $s3_domain = ((strtolower($s3c['bucket']) !== $s3c['bucket'])) ? 's3.amazonaws.com' : $s3c['bucket'].'.s3.amazonaws.com';
714
- $s3_signature = base64_encode(c_ws_plugin__s2member_files_in::amazon_s3_sign('GET'."\n\n\n".$s3_date."\n".'/'.$s3c['bucket'].'/?acl'));
715
- $s3_args = array('method' => 'GET', 'redirection' => 5, 'headers' => array('Host' => $s3_domain, 'Date' => $s3_date, 'Authorization' => 'AWS '.$s3c['access_key'].':'.$s3_signature));
716
717
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
718
{
719
if(preg_match('/\<Owner\>(.+?)\<\/Owner\>/is', $s3_response['body'], $s3_owner_tag) && preg_match('/\<ID\>(.+?)\<\/ID\>/is', $s3_owner_tag[1], $s3_owner_id_tag) && (preg_match('/\<DisplayName\>(.*?)\<\/DisplayName\>/is', $s3_owner_tag[1], $s3_owner_display_name_tag) || ($s3_owner_display_name_tag = array('-', 'Owner'))))
720
{
721
- $s3_owner = array('access_id' => trim($s3_owner_id_tag[1]), 'display_name' => trim($s3_owner_display_name_tag[1]));
722
- $s3_acls_xml = '<AccessControlPolicy><Owner><ID>'.esc_html($s3_owner['access_id']).'</ID><DisplayName>'.esc_html($s3_owner['display_name']).'</DisplayName></Owner><AccessControlList><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>'.esc_html($s3_owner['access_id']).'</ID><DisplayName>'.esc_html($s3_owner['display_name']).'</DisplayName></Grantee><Permission>FULL_CONTROL</Permission></Grant>'.(($cfc['distros_s3_access_id']) ? '<Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>'.esc_html($cfc['distros_s3_access_id']).'</ID><DisplayName>s2Member/CloudFront</DisplayName></Grantee><Permission>READ</Permission></Grant>' : '').'</AccessControlList></AccessControlPolicy>';
723
- $s3_signature = base64_encode(c_ws_plugin__s2member_files_in::amazon_s3_sign('PUT'."\n\n".'application/xml'."\n".$s3_date."\n".'/'.$s3c['bucket'].'/?acl'));
724
- $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_acls_xml, 'headers' => array('Host' => $s3_domain, 'Content-Type' => 'application/xml', 'Date' => $s3_date, 'Authorization' => 'AWS '.$s3c['access_key'].':'.$s3_signature));
725
726
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
727
{
728
- $s3_location = ((strtolower($s3c['bucket']) !== $s3c['bucket'])) ? '/'.$s3c['bucket'].'/?policy' : '/?policy';
729
- ($s3_policy_id = md5(uniqid('s2Member/CloudFront:', TRUE))).($s3_policy_sid = md5(uniqid('s2Member/CloudFront:', TRUE)));
730
- $s3_policy_json = '{"Version":"2008-10-17","Id":"'.c_ws_plugin__s2member_utils_strings::esc_dq($s3_policy_id).'","Statement":[{"Sid":"'.c_ws_plugin__s2member_utils_strings::esc_dq($s3_policy_sid).'","Effect":"Allow","Principal":{"CanonicalUser":"'.c_ws_plugin__s2member_utils_strings::esc_dq($cfc['distros_s3_access_id']).'"},"Action":"s3:GetObject","Resource":"arn:aws:s3:::'.c_ws_plugin__s2member_utils_strings::esc_dq($s3c['bucket']).'/*"}]}';
731
- $s3_signature = base64_encode(c_ws_plugin__s2member_files_in::amazon_s3_sign('PUT'."\n\n".'application/json'."\n".$s3_date."\n".'/'.$s3c['bucket'].'/?policy'));
732
- $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_policy_json, 'headers' => array('Host' => $s3_domain, 'Content-Type' => 'application/json', 'Date' => $s3_date, 'Authorization' => 'AWS '.$s3c['access_key'].':'.$s3_signature));
733
734
if(!$cfc['distros_s3_access_id'] || (($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && ($s3_response['code'] === 200 || $s3_response['code'] === 204)))
735
{
736
- $s3_location = ((strtolower($s3c['bucket']) !== $s3c['bucket'])) ? '/'.$s3c['bucket'].'/crossdomain.xml' : '/crossdomain.xml';
737
- $s3_policy_xml = trim(c_ws_plugin__s2member_utilities::evl(file_get_contents(dirname(dirname(__FILE__)).'/templates/cfg-files/s2-cross-xml.php')));
738
- $s3_signature = base64_encode(c_ws_plugin__s2member_files_in::amazon_s3_sign('PUT'."\n\n".'text/xml'."\n".$s3_date."\n".'x-amz-acl:public-read'."\n".'/'.$s3c['bucket'].'/crossdomain.xml'));
739
- $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_policy_xml, 'headers' => array('Host' => $s3_domain, 'Content-Type' => 'text/xml', 'Date' => $s3_date, 'X-Amz-Acl' => 'public-read', 'Authorization' => 'AWS '.$s3c['access_key'].':'.$s3_signature));
740
741
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
742
return array('success' => TRUE, 'code' => NULL, 'message' => NULL); // Successfully configured Amazon S3 Bucket ACLs and Policy.
14
* @package s2Member\Files
15
* @since 3.5
16
*/
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
exit('Do not access this file directly.');
19
20
if(!class_exists('c_ws_plugin__s2member_files_in'))
310
else if($using_amazon_storage && $using_amazon_s3_storage && ($serving || ($creating && $url_to_storage_source)))
311
{
312
if($serving) // We only need this section when/if we're actually serving.
313
+ wp_redirect(c_ws_plugin__s2member_files_in::amazon_s34_url($req['file_download'], $stream, $inline, $ssl, $basename, $mimetype)).exit();
314
315
+ return apply_filters('ws_plugin__s2member_file_download_access_url', c_ws_plugin__s2member_files_in::amazon_s34_url($req['file_download'], $stream, $inline, $ssl, $basename, $mimetype), get_defined_vars());
316
}
317
else if($creating && $rewriting) // Creating a rewrite URL, pointing to local storage.
318
{ // Note: we don't URL encode unreserved chars. Improves media player compatibility.
538
539
$extension = strtolower(substr($config['file_download'], strrpos($config['file_download'], '.') + 1));
540
$streaming = (isset($config['file_stream'])) ? filter_var($config['file_stream'], FILTER_VALIDATE_BOOLEAN) : ((in_array($extension, preg_split('/['."\r\n\t".'\s;,]+/', $GLOBALS['WS_PLUGIN__']['s2member']['o']['file_download_stream_extensions']))) ? TRUE : FALSE);
541
+ $ssl = (isset($config['file_ssl'])) ? filter_var($config['file_ssl'], FILTER_VALIDATE_BOOLEAN) : (is_ssl() ? TRUE : FALSE);
542
543
if($get_streamer_array && $streaming && ($cfx = '/cfx/st') && ($cfx_pos = strpos($url_, $cfx)) !== FALSE && ($streamer = substr($url_, 0, $cfx_pos + strlen($cfx))) && ($url = c_ws_plugin__s2member_files_in::check_file_download_access(array_merge($config, array('file_stream' => FALSE, 'check_user' => FALSE, 'count_against_user' => FALSE)))))
544
$return = array('streamer' => $streamer, 'prefix' => $extension.':', 'file' => preg_replace('/^'.preg_quote($streamer, '/').'\//', '', $url_), 'url' => preg_replace('/^.+?\:/', (($ssl) ? 'https:' : 'http:'), $url));
573
do_action('ws_plugin__s2member_before_check_file_remote_authorization', get_defined_vars());
574
unset($__refs, $__v); // Housekeeping.
575
576
+ $_g = c_ws_plugin__s2member_utils_strings::trim_deep(stripslashes_deep(!empty($_GET) ? $_GET : array()));
577
578
if(!is_object($user) && isset($_g['s2member_file_remote']) && filter_var($_g['s2member_file_remote'], FILTER_VALIDATE_BOOLEAN))
579
{
653
return c_ws_plugin__s2member_utils_strings::hmac_sha1_sign((string)$string, $s3c['secret_key']);
654
}
655
656
+ /**
657
+ * Creates an Amazon S3 AWS4-HMAC-SHA256 signature.
658
+ *
659
+ * @package s2Member\Files
660
+ * @since 150108
661
+ *
662
+ * @param string $string Input string/data, to be signed by this routine.
663
+ *
664
+ * @return string An AWS4-HMAC-SHA256 signature for Amazon S3.
665
+ */
666
+ public static function amazon_s34_sign($string = '')
667
+ {
668
+ $s3c = array(); // Initialize config. keys.
669
+ foreach($GLOBALS['WS_PLUGIN__']['s2member']['o'] as $option => $option_value)
670
+ if(preg_match('/^amazon_s3_files_/', $option) && ($option = preg_replace('/^amazon_s3_files_/', '', $option)))
671
+ $s3c[$option] = $option_value;
672
+
673
+ $s3_date_key = c_ws_plugin__s2member_utils_strings::hmac_sha256_sign(gmdate('Ymd'), 'AWS4'.$s3c['secret_key'], TRUE);
674
+ $s3_date_region_key = c_ws_plugin__s2member_utils_strings::hmac_sha256_sign($s3c['bucket_region'], $s3_date_key, TRUE);
675
+ $s3_date_region_service_key = c_ws_plugin__s2member_utils_strings::hmac_sha256_sign('s3', $s3_date_region_key, TRUE);
676
+ $s3_signing_key = c_ws_plugin__s2member_utils_strings::hmac_sha256_sign('aws4_request', $s3_date_region_service_key, TRUE);
677
+
678
+ return c_ws_plugin__s2member_utils_strings::hmac_sha256_sign((string)$string, $s3_signing_key);
679
+ }
680
+
681
+ /**
682
+ * Creates an Amazon S3 AWS4-HMAC-SHA256 signature/authorization header.
683
+ *
684
+ * @package s2Member\Files
685
+ * @since 150108
686
+ *
687
+ * @param string $s3_date The date header; e.g. `YYYYMMDD'T'HHMMSS'Z'`.
688
+ * @param string $s3_domain The API endpoint domain; e.g. `[bucket].s3.amazonaws.com`.
689
+ * @param string $s3_location The API endpoint URI; e.g. `/?acl`.
690
+ * @param string $s3_method The request method; e.g. `GET`, `PUT`, `POST`, etc.
691
+ * @param array $s3_headers An associative array of all headers.
692
+ * @param string $s3_body Any input data sent with the request.
693
+ * @param boolean $sig_only Return signature only?
694
+ *
695
+ * @return string An AWS4-HMAC-SHA256 signature/authorization header for Amazon S3.
696
+ */
697
+ public static function amazon_s34_authorization($s3_date = '',
698
+ $s3_domain = 's3.amazonaws.com',
699
+ $s3_location = '/', $s3_method = 'GET',
700
+ $s3_headers = array(), $s3_body = '', $sig_only = FALSE)
701
+ {
702
+ $s3_date = trim((string)$s3_date);
703
+ $s3_domain = trim(strtolower((string)$s3_domain));
704
+ $s3_location = trim((string)$s3_location);
705
+ $s3_method = trim(strtoupper((string)$s3_method));
706
+ $s3_headers = (array)$s3_headers;
707
+ $s3_body = trim((string)$s3_body);
708
+
709
+ $s3c = array(); // Initialize config. keys.
710
+ foreach($GLOBALS['WS_PLUGIN__']['s2member']['o'] as $option => $option_value)
711
+ if(preg_match('/^amazon_s3_files_/', $option) && ($option = preg_replace('/^amazon_s3_files_/', '', $option)))
712
+ $s3c[$option] = $option_value;
713
+
714
+ $s3_iso8601_date = gmdate('Ymd\THis\Z');
715
+ $s3_location_parts = parse_url($s3_location);
716
+ $s3_canonical_path = !empty($s3_location_parts['path']) ? '/'.ltrim($s3_location_parts['path'], '/') : '/';
717
+ $s3_scope = gmdate('Ymd').'/'.$s3c['bucket_region'].'/s3/aws4_request';
718
+
719
+ $s3_canonical_query = ''; // Initialize.
720
+ wp_parse_str((string)@$s3_location_parts['query'], $query_args);
721
+ ksort($query_args, SORT_STRING);
722
+
723
+ foreach($query_args as $_key => $_value)
724
+ $s3_canonical_query .= '&'.c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(rawurlencode($_key)).
725
+ '='.c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(rawurlencode($_value));
726
+ $s3_canonical_query = ltrim($s3_canonical_query, '&');
727
+ unset($_key, $_value); // Housekeeping.
728
+
729
+ $s3_canonical_headers = '';
730
+ $s3_canonical_header_keys = array();
731
+ ksort($s3_headers, SORT_STRING);
732
+
733
+ foreach($s3_headers as $_key => $_value)
734
+ if(is_string($_key) && ($_key = strtolower($_key)))
735
+ if(in_array($_key, array('host', 'content-type'), TRUE) || stripos($_key, 'X-Amz-') === 0)
736
+ {
737
+ $s3_canonical_headers .= strtolower($_key).':'.trim($_value)."\n";
738
+ $s3_canonical_header_keys[] = strtolower($_key);
739
+ }
740
+ unset($_key, $_value); // Housekeeping.
741
+
742
+ $s3_canonicial_request = $s3_method."\n".
743
+ $s3_canonical_path."\n".
744
+ $s3_canonical_query."\n".
745
+ $s3_canonical_headers."\n".
746
+ implode(';', $s3_canonical_header_keys)."\n".
747
+ ($s3_body === 'UNSIGNED-PAYLOAD' ? $s3_body : hash('sha256', $s3_body));
748
+ $s3_string_to_sign = 'AWS4-HMAC-SHA256'."\n".
749
+ $s3_date."\n".
750
+ $s3_scope."\n".
751
+ hash('sha256', $s3_canonicial_request);
752
+ $s3_signature = self::amazon_s34_sign($s3_string_to_sign);
753
+
754
+ // header('Content-Type: text/plain; charset=UTF-8');
755
+ // echo $s3_canonicial_request."\n\n".$s3_string_to_sign."\n\n"; exit;
756
+
757
+ $s3_authorization_header_signature = 'AWS4-HMAC-SHA256 Credential='.$s3c['access_key'].'/'.$s3_scope.','.
758
+ 'SignedHeaders='.implode(';', $s3_canonical_header_keys).','.
759
+ 'Signature='.$s3_signature;
760
+
761
+ return $sig_only ? $s3_signature : $s3_authorization_header_signature;
762
+ }
763
+
764
/**
765
* Creates an Amazon S3 HMAC-SHA1 signature URL.
766
*
797
return add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array('AWSAccessKeyId' => $s3c['access_key'], 'Expires' => $s3c['expires'], 'Signature' => $s3_signature))), $s3_url);
798
}
799
800
+ /**
801
+ * Creates an Amazon S3 AWS4-HMAC-SHA256 signature URL.
802
+ *
803
+ * @package s2Member\Files
804
+ * @since 150122
805
+ *
806
+ * @param string $file Input file path, to be signed by this routine.
807
+ * @param bool $stream Is this resource file to be served as streaming media?
808
+ * @param bool $inline Is this resource file to be served inline, or no?
809
+ * @param bool $ssl Is this resource file to be served via SSL, or no?
810
+ * @param string $basename The absolute basename of the resource file.
811
+ * @param string $mimetype The MIME content-type of the resource file.
812
+ *
813
+ * @return string An AWS4-HMAC-SHA256 signature URL for Amazon S3.
814
+ */
815
+ public static function amazon_s34_url($file = '', $stream = FALSE, $inline = FALSE, $ssl = FALSE, $basename = '', $mimetype = '')
816
+ {
817
+ $file = trim((string)$file, '/'); // Trim / force string.
818
+ $url_e_file = c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode($file));
819
+ $url_e_file = str_ireplace('%2F', '/', $url_e_file);
820
+
821
+ $s3c = array(); // Initialize config. keys.
822
+ foreach($GLOBALS['WS_PLUGIN__']['s2member']['o'] as $option => $option_value)
823
+ if(preg_match('/^amazon_s3_files_/', $option) && ($option = preg_replace('/^amazon_s3_files_/', '', $option)))
824
+ $s3c[$option] = $option_value;
825
+
826
+ if(!$s3c['bucket_region']) // No region configured; not possible.
827
+ return self::amazon_s3_url($file, $stream, $inline, $ssl, $basename, $mimetype);
828
+
829
+ $s3_date_ymd = date('Ymd');
830
+ $s3_iso8601_date = gmdate('Ymd\THis\Z');
831
+ $s3_date = gmdate('D, d M Y H:i:s').' GMT';
832
+ $s3_algo = 'AWS4-HMAC-SHA256'; // AWS v4 authentication.
833
+ $s3_credential = $s3c['access_key'].'/'.$s3_date_ymd.'/'.$s3c['bucket_region'].'/s3/aws4_request';
834
+ $s3_expires = strtotime('+'.apply_filters('ws_plugin__s2member_amazon_s3_file_expires_time', '24 hours', get_defined_vars())) - time();
835
+ $s3_domain = strtolower($s3c['bucket']) !== $s3c['bucket'] ? 's3.amazonaws.com' : $s3c['bucket'].'.s3.amazonaws.com';
836
+
837
+ $s3_args = array('X-Amz-Algorithm' => $s3_algo, 'X-Amz-Credential' => $s3_credential, 'X-Amz-Date' => $s3_iso8601_date, 'X-Amz-Expires' => $s3_expires, 'X-Amz-SignedHeaders' => 'host');
838
+ $s3_location = add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array_merge($s3_args, array('response-cache-control' => 'no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0', 'response-content-disposition' => ((bool)$inline ? 'inline' : 'attachment').'; filename="'.(string)$basename.'"', 'response-content-type' => (string)$mimetype, 'response-expires' => gmdate('D, d M Y H:i:s', strtotime('-1 week')).' GMT')))), '/'.$url_e_file);
839
+ $s3_url = strtolower($s3c['bucket']) !== $s3c['bucket'] ? 'http'.($ssl ? 's' : '').'://s3.amazonaws.com/'.$s3c['bucket'].$s3_location : 'http'.($ssl ? 's' : '').'://'.$s3c['bucket'].'.s3.amazonaws.com'.$s3_location;
840
+ $s3_sig = self::amazon_s34_authorization($s3_iso8601_date, $s3_domain, $s3_location, 'GET', array('Host' => $s3_domain), 'UNSIGNED-PAYLOAD', TRUE);
841
+
842
+ return add_query_arg(c_ws_plugin__s2member_utils_strings::urldecode_ur_chars_deep(urlencode_deep(array('X-Amz-Signature' => $s3_sig))), $s3_url);
843
+ }
844
+
845
/**
846
* Auto-configures an Amazon S3 Bucket's ACLs.
847
*
861
862
if(!empty($s3c) && $s3c['bucket'] && $s3c['access_key'] && $s3c['secret_key']) // Must have Amazon S3 Bucket/Keys.
863
{
864
+ $s3_iso8601_date = gmdate('Ymd\THis\Z');
865
+ $s3_date = gmdate('D, d M Y H:i:s').' GMT';
866
+ $s3_location = strtolower($s3c['bucket']) !== $s3c['bucket'] ? '/'.$s3c['bucket'].'/?acl' : '/?acl';
867
+ $s3_domain = strtolower($s3c['bucket']) !== $s3c['bucket'] ? 's3.amazonaws.com' : $s3c['bucket'].'.s3.amazonaws.com';
868
+ $s3_headers = array('Host' => $s3_domain, 'Date' => $s3_date, 'x-amz-date' => $s3_iso8601_date, 'x-amz-content-sha256' => hash('sha256', ''));
869
+ $s3_headers['Authorization'] = self::amazon_s34_authorization($s3_iso8601_date, $s3_domain, $s3_location, 'GET', $s3_headers, '');
870
+ $s3_args = array('method' => 'GET', 'redirection' => 5, 'headers' => $s3_headers);
871
872
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
873
{
874
if(preg_match('/\<Owner\>(.+?)\<\/Owner\>/is', $s3_response['body'], $s3_owner_tag) && preg_match('/\<ID\>(.+?)\<\/ID\>/is', $s3_owner_tag[1], $s3_owner_id_tag) && (preg_match('/\<DisplayName\>(.*?)\<\/DisplayName\>/is', $s3_owner_tag[1], $s3_owner_display_name_tag) || ($s3_owner_display_name_tag = array('-', 'Owner'))))
875
{
876
+ $s3_owner = array('access_id' => trim($s3_owner_id_tag[1]), 'display_name' => trim($s3_owner_display_name_tag[1]));
877
+ $s3_acls_xml = '<AccessControlPolicy><Owner><ID>'.esc_html($s3_owner['access_id']).'</ID><DisplayName>'.esc_html($s3_owner['display_name']).'</DisplayName></Owner><AccessControlList><Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>'.esc_html($s3_owner['access_id']).'</ID><DisplayName>'.esc_html($s3_owner['display_name']).'</DisplayName></Grantee><Permission>FULL_CONTROL</Permission></Grant>'.(($cfc['distros_s3_access_id']) ? '<Grant><Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser"><ID>'.esc_html($cfc['distros_s3_access_id']).'</ID><DisplayName>s2Member/CloudFront</DisplayName></Grantee><Permission>READ</Permission></Grant>' : '').'</AccessControlList></AccessControlPolicy>';
878
+ $s3_headers = array('Host' => $s3_domain, 'Date' => $s3_date, 'x-amz-date' => $s3_iso8601_date, 'Content-Type' => 'application/xml', 'x-amz-content-sha256' => hash('sha256', $s3_acls_xml));
879
+ $s3_headers['Authorization'] = self::amazon_s34_authorization($s3_iso8601_date, $s3_domain, $s3_location, 'PUT', $s3_headers, $s3_acls_xml);
880
+ $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_acls_xml, 'headers' => $s3_headers);
881
882
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
883
{
884
+ $s3_policy_id = md5(uniqid('s2Member/CloudFront:', TRUE));
885
+ $s3_policy_sid = md5(uniqid('s2Member/CloudFront:', TRUE));
886
+ $s3_location = strtolower($s3c['bucket']) !== $s3c['bucket'] ? '/'.$s3c['bucket'].'/?policy' : '/?policy';
887
+ $s3_policy_json = '{"Version":"2008-10-17","Id":"'.c_ws_plugin__s2member_utils_strings::esc_dq($s3_policy_id).'","Statement":[{"Sid":"'.c_ws_plugin__s2member_utils_strings::esc_dq($s3_policy_sid).'","Effect":"Allow","Principal":{"CanonicalUser":"'.c_ws_plugin__s2member_utils_strings::esc_dq($cfc['distros_s3_access_id']).'"},"Action":"s3:GetObject","Resource":"arn:aws:s3:::'.c_ws_plugin__s2member_utils_strings::esc_dq($s3c['bucket']).'/*"}]}';
888
+ $s3_headers = array('Host' => $s3_domain, 'Date' => $s3_date, 'x-amz-date' => $s3_iso8601_date, 'Content-Type' => 'application/json', 'x-amz-content-sha256' => hash('sha256', $s3_policy_json));
889
+ $s3_headers['Authorization'] = self::amazon_s34_authorization($s3_iso8601_date, $s3_domain, $s3_location, 'PUT', $s3_headers, $s3_policy_json);
890
+ $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_policy_json, 'headers' => $s3_headers);
891
892
if(!$cfc['distros_s3_access_id'] || (($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && ($s3_response['code'] === 200 || $s3_response['code'] === 204)))
893
{
894
+ $s3_location = strtolower($s3c['bucket']) !== $s3c['bucket'] ? '/'.$s3c['bucket'].'/crossdomain.xml' : '/crossdomain.xml';
895
+ $s3_policy_xml = trim(c_ws_plugin__s2member_utilities::evl(file_get_contents(dirname(dirname(__FILE__)).'/templates/cfg-files/s2-cross-xml.php')));
896
+ $s3_headers = array('Host' => $s3_domain, 'Date' => $s3_date, 'x-amz-date' => $s3_iso8601_date, 'Content-Type' => 'text/xml', 'X-Amz-Acl' => 'public-read', 'x-amz-content-sha256' => hash('sha256', $s3_policy_xml));
897
+ $s3_headers['Authorization'] = self::amazon_s34_authorization($s3_iso8601_date, $s3_domain, $s3_location, 'PUT', $s3_headers, $s3_policy_xml);
898
+ $s3_args = array('method' => 'PUT', 'redirection' => 5, 'body' => $s3_policy_xml, 'headers' => $s3_headers);
899
900
if(($s3_response = c_ws_plugin__s2member_utils_urls::remote('https://'.$s3_domain.$s3_location, FALSE, array_merge($s3_args, array('timeout' => 20)), 'array')) && $s3_response['code'] === 200)
901
return array('success' => TRUE, 'code' => NULL, 'message' => NULL); // Successfully configured Amazon S3 Bucket ACLs and Policy.
includes/classes/files.inc.php CHANGED
@@ -1,377 +1,395 @@
1
<?php
2
/**
3
- * File Download routines for s2Member.
4
- *
5
- * Copyright: © 2009-2011
6
- * {@link http://www.websharks-inc.com/ WebSharks, Inc.}
7
- * (coded in the USA)
8
- *
9
- * Released under the terms of the GNU General Public License.
10
- * You should have received a copy of the GNU General Public License,
11
- * along with this software. In the main directory, see: /licensing/
12
- * If not, see: {@link http://www.gnu.org/licenses/}.
13
- *
14
- * @package s2Member\Files
15
- * @since 3.5
16
- */
17
- if(realpath(__FILE__) === realpath($_SERVER["SCRIPT_FILENAME"]))
18
- exit("Do not access this file directly.");
19
-
20
- if(!class_exists("c_ws_plugin__s2member_files"))
21
{
22
/**
23
- * File Download routines for s2Member.
24
- *
25
- * @package s2Member\Files
26
- * @since 3.5
27
- */
28
- class c_ws_plugin__s2member_files
29
{
30
- /**
31
- * Handles Download Access permissions.
32
- *
33
- * @package s2Member\Files
34
- * @since 110524RC
35
- *
36
- * @attaches-to ``add_action("init");``
37
- * @also-called-by API Function {@link s2Member\API_Functions\s2member_file_download_url()}, w/ ``$create_file_download_url`` param.
38
- *
39
- * @param array $create_file_download_url Optional. If this function is called directly, we can pass arguments through this array.
40
- * Possible array elements: `file_download` *(required)*, `file_download_key`, `file_stream`, `file_inline`, `file_storage`, `file_remote`, `file_ssl`, `file_rewrite`, `file_rewrite_base`, `skip_confirmation`, `url_to_storage_source`, `count_against_user`, `check_user`.
41
- * @return null|str If called directly with ``$create_file_download_url``, returns a string with the URL, based on configuration.
42
- * Else, this function may exit script execution after serving a File Download.
43
- */
44
- public static function check_file_download_access($create_file_download_url = FALSE)
45
{
46
- if(is_array($create_file_download_url) || !empty($_GET["s2member_file_download"]))
47
- {
48
- return c_ws_plugin__s2member_files_in::check_file_download_access($create_file_download_url);
49
- }
50
}
51
- /**
52
- * Generates a File Download URL for access to a file protected by s2Member.
53
- *
54
- * @package s2Member\Files
55
- * @since 110926
56
- *
57
- * @param array $config Required. This is an array of configuration options associated with permissions being checked against the current User/Member; and also the actual URL generated by this routine.
58
- * Possible ``$config`` array elements: `file_download` *(required)*, `file_download_key`, `file_stream`, `file_inline`, `file_storage`, `file_remote`, `file_ssl`, `file_rewrite`, `file_rewrite_base`, `skip_confirmation`, `url_to_storage_source`, `count_against_user`, `check_user`.
59
- * @param bool $get_streamer_array Optional. Defaults to `false`. If `true`, this function will return an array with the following elements: `streamer`, `file`, `url`. For further details, please review this section in your Dashboard: `s2Member -› Download Options -› JW Player & RTMP Protocol Examples`.
60
- * @return string A File Download URL string on success; or an array on success, with elements `streamer`, `file`, `url` when/if ``$get_streamer_array`` is true; else false on any type of failure.
61
- *
62
- * @see s2Member\API_Functions\s2member_file_download_url()
63
- */
64
- public static function create_file_download_url($config = FALSE, $get_streamer_array = FALSE)
65
- {
66
- return c_ws_plugin__s2member_files_in::create_file_download_url($config, $get_streamer_array);
67
- }
68
- /**
69
- * Auto-configures an Amazon S3 Bucket's ACLs.
70
- *
71
- * @package s2Member\Files
72
- * @since 110926
73
- *
74
- * @return bool|array True on success, else array on failure.
75
- * Failure array will contain a failure `code`, and a failure `message`.
76
- */
77
- public static function amazon_s3_auto_configure_acls()
78
- {
79
- return c_ws_plugin__s2member_files_in::amazon_s3_auto_configure_acls();
80
- }
81
- /**
82
- * Auto-configures Amazon CloudFront distros.
83
- *
84
- * @package s2Member\Files
85
- * @since 130209
86
- *
87
- * @return bool|array True on success, else array on failure.
88
- * Failure array will contain a failure `code`, and a failure `message`.
89
- */
90
- public static function amazon_cf_auto_configure_distros()
91
- {
92
- return c_ws_plugin__s2member_files_in::amazon_cf_auto_configure_distros();
93
- }
94
- /**
95
- * Determines the max period (in days), for Download Access.
96
- *
97
- * @package s2Member\Files
98
- * @since 3.5
99
- *
100
- * @return int Number of days, where 0 means no access to files is allowed.
101
- * Will not return a value > `365`, because this routine also controls the age of download logs to archives.
102
- *
103
- * @deprecated Deprecated in v111029. This function is no longer used by s2Member.
104
- */
105
- public static function max_download_period /* No longer used by s2Member. */()
106
- {
107
- do_action("ws_plugin__s2member_before_max_download_period", get_defined_vars());
108
109
- for($n = 0, $max = 0; $n <= $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["levels"]; $n++)
110
- if(!empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed"]))
111
- if(!empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed_days"]))
112
- if(($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed_days"]))
113
- $max = ($max < $days) ? $days : $max;
114
115
- return apply_filters("ws_plugin__s2member_max_download_period", (($max > 365) ? 365 : $max), get_defined_vars());
116
- }
117
- /**
118
- * Determines the minimum Level required for File Download Access.
119
- *
120
- * @package s2Member\Files
121
- * @since 3.5
122
- *
123
- * @return bool|int False if no access is allowed, else Level number (int) 0+.
124
- */
125
- public static function min_level_4_downloads()
126
- {
127
- do_action("ws_plugin__s2member_before_min_level_4_downloads", get_defined_vars());
128
129
- for($n = 0, $min = false; $n <= $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["levels"]; $n++)
130
- if(!empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed"]))
131
- if(!empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed_days"]))
132
- if(($min = $n) >= 0)
133
- break;
134
135
- return apply_filters("ws_plugin__s2member_min_level_4_downloads", ((is_int($min)) ? $min : false), get_defined_vars());
136
- }
137
- /**
138
- * Creates a File Download Key.
139
- *
140
- * Builds a hash of: ``date("Y-m-d") . $_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"] . $file``.
141
- *
142
- * @package s2Member\Files
143
- * @since 3.5
144
- *
145
- * @param string $file Location of your protected file, relative to the `/s2member-files/` directory.
146
- * In other words, just the name of the file *(i.e. `file.zip` )*.
147
- * @param string $directive Optional. One of `ip-forever|universal|cache-compatible`.
148
- * `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address.
149
- * `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk.
150
- * @return string A Download Key. MD5 hash, 32 characters, URL-safe.
151
- */
152
- public static function file_download_key($file = FALSE, $directive = FALSE)
153
- {
154
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
155
- do_action("ws_plugin__s2member_before_file_download_key", get_defined_vars());
156
- unset($__refs, $__v);
157
158
- $file = ($file && is_string($file) && ($file = trim($file, "/"))) ? $file : "";
159
160
- if($directive === "ip-forever" && c_ws_plugin__s2member_no_cache::no_cache_constants(true))
161
- $salt = $file.$_SERVER["REMOTE_ADDR"];
162
163
- else if($directive === "universal" || $directive === "cache-compatible" || $directive)
164
- $salt = /* Just the file name. This IS cacheable. */ $file;
165
166
- else if(c_ws_plugin__s2member_no_cache::no_cache_constants(true))
167
- $salt = date("Y-m-d").$_SERVER["REMOTE_ADDR"].$_SERVER["HTTP_USER_AGENT"].$file;
168
169
- $key = (!empty($salt)) ? md5(c_ws_plugin__s2member_utils_encryption::xencrypt($salt, false, false)) : "";
170
171
- return apply_filters("ws_plugin__s2member_file_download_key", $key, get_defined_vars());
172
- }
173
- /**
174
- * Download details on a per-User basis.
175
- *
176
- * @package s2Member\Files
177
- * @since 3.5
178
- *
179
- * @param object $user Optional. A `WP_User` object. Defaults to the current User's object.
180
- * @param string $not_counting_this_particular_file Optional. If you want to exclude a particular file,
181
- * relative to the `/s2member-files/` directory, or relative to the root of your Amazon S3 Bucket *(when applicable)*.
182
- * @param array $user_log Optional. Prevents another database connection *(i.e. the User's log does not need to be pulled again)*.
183
- * @param array $user_arc Optional. Prevents another database connection *(i.e. the User's archive does not need to be pulled again)*.
184
- * @return array An array with the following elements... File Downloads allowed for this User: (int)`allowed`, Download Period for this User in days: (int)`allowed_days`, Files downloaded by this User in the current Period: (int)`currently`, log of all Files downloaded in the current Period, with file names/dates: (array)`log`, archive of all Files downloaded in prior Periods, with file names/dates: (array)`archive`.
185
- *
186
- * @note Calculations returned by this function do NOT include File Downloads that were accessed with an Advanced File Download Key.
187
- * @todo Make it possible for s2Member to keep a count of files downloaded with an Advanced Download Key.
188
- */
189
- public static function user_downloads($user = FALSE, $not_counting_this_particular_file = FALSE, $user_log = FALSE, $user_arc = FALSE)
190
- {
191
- foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;
192
- do_action("ws_plugin__s2member_before_user_downloads", get_defined_vars());
193
- unset($__refs, $__v);
194
-
195
- $allowed = $allowed_days = $currently = /* Initialize these to zero. */ 0;
196
- $log = $arc = /* Initialize these to a default empty array value. */ array();
197
-
198
- if((is_object($user) || is_object($user = (is_user_logged_in()) ? wp_get_current_user() : false)) && !empty($user->ID) && ($user_id = $user->ID))
199
- {
200
- for($n = 0; $n <= $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["levels"]; $n++)
201
- {
202
- if /* Do they have access? */($user->has_cap("access_s2member_level".$n))
203
- {
204
- if(!empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed"]) && !empty($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed_days"]))
205
- {
206
- $allowed = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed"];
207
- $allowed_days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level".$n."_file_downloads_allowed_days"];
208
- }
209
- if /* We can stop now, if this is their Role. */($user->has_cap("s2member_level".$n))
210
- break /* Break now. */;
211
- }
212
- }
213
- $log = (is_array($user_log)) ? $user_log : ((is_array($log = get_user_option("s2member_file_download_access_log", $user_id)) && $log !== array(false)) ? $log : array());
214
- $arc = (is_array($user_arc)) ? $user_arc : ((is_array($arc = get_user_option("s2member_file_download_access_arc", $user_id)) && $arc !== array(false)) ? $arc : array());
215
-
216
- foreach(($user_file_download_access_log = $log) as $user_file_download_access_log_entry_key => $user_file_download_access_log_entry)
217
- if(isset($user_file_download_access_log_entry["date"]) && strtotime($user_file_download_access_log_entry["date"]) >= strtotime("-".$allowed_days." days"))
218
- if(isset($user_file_download_access_log_entry["file"]) && $user_file_download_access_log_entry["file"] !== $not_counting_this_particular_file)
219
- $currently = $currently + 1;
220
- }
221
-
222
- return apply_filters("ws_plugin__s2member_user_downloads", array("allowed" => $allowed, "allowed_days" => $allowed_days, "currently" => $currently, "log" => $log, "archive" => $arc), get_defined_vars());
223
- }
224
- /**
225
- * Total downloads of a particular file; possibly by a particular User.
226
- *
227
- * @package s2Member\Files
228
- * @since 111026
229
- *
230
- * @param string $file Required. Location of the file, relative to the `/s2member-files/` directory, or relative to the root of your Amazon S3 Bucket *(when applicable)*.
231
- * @param string|int $user_id Optional. If specified, s2Member will return total downloads by a particular User/Member, instead of collectively *(i.e among all Users/Members)*.
232
- * @param bool $check_archives_too Optional. Defaults to true. When true, s2Member checks its File Download Archive too, instead of ONLY looking at Files downloaded in the current Period. Period is based on your Basic Download Restrictions setting of allowed days across various Levels of Membership, for each respective User/Member. Or, if ``$user_id`` is specified, based solely on a specific User's `allowed_days`, configured in your Basic Download Restrictions, at the User's current Membership Level.
233
- * @return int The total for this particular ``$file``, based on configuration of function arguments.
234
- *
235
- * @note Calculations returned by this function do NOT include File Downloads that were accessed with an Advanced File Download Key.
236
- * @todo Make it possible for s2Member to keep a count of files downloaded with an Advanced Download Key.
237
- */
238
- public static function total_downloads_of($file = FALSE, $user_id = FALSE, $check_archives_too = TRUE)
239
- {
240
- global /* Global database object reference. */ $wpdb;
241
-
242
- if /* Was ``$file`` passed in properly? */($file && is_string($file))
243
- {
244
- if(is_array($results = $wpdb->get_results("SELECT `meta_key`, `meta_value` FROM `".$wpdb->usermeta."` WHERE ".((is_numeric($user_id)) ? "`user_id` = '".esc_sql($user_id)."' AND " : "")."(`meta_key` = '".$wpdb->prefix."s2member_file_download_access_log'".(($check_archives_too) ? " OR `meta_key` = '".$wpdb->prefix."s2member_file_download_access_arc'" : "").") AND `meta_value` REGEXP '.*\"file\";s:[0-9]+:\"".esc_sql($file)."\".*'")))
245
- {
246
- foreach($results as $r /* Go through the entire array of results found in the `REGEXP` database query above. */)
247
- if(is_array($la_entries = /* Unserialize the array. */ maybe_unserialize($r->meta_value)) && !empty($la_entries))
248
-
249
- foreach($la_entries as $la_entry /* Go through all of the entries in each result ``$r``; collecting `counter` values. */)
250
- if(!empty($la_entry["file"]) && $la_entry["file"] === $file && /* Back compatibility. Is `counter` even set? */ (!empty($la_entry["counter"]) || ($la_entry["counter"] = 1)))
251
- {
252
- $total = (!empty($total)) ? $total + (int)$la_entry["counter"] : (int)$la_entry["counter"];
253
- break /* Break now. No need to continue looping; ``$file`` found in these entries. */;
254
- }
255
- }
256
- }
257
- return (!empty($total)) ? $total : /* Else return zero by default. */ 0;
258
- }
259
- /**
260
- * Total unique downloads of a particular file; possibly by a particular User.
261
- *
262
- * @package s2Member\Files
263
- * @since 111026
264
- *
265
- * @param string $file Required. Location of the file, relative to the `/s2member-files/` directory, or relative to the root of your Amazon S3 Bucket *(when applicable)*.
266
- * @param string|int $user_id Optional. If specified, s2Member will return total downloads by a particular User/Member, instead of collectively *(i.e among all Users/Members)*.
267
- * @param bool $check_archives_too Optional. Defaults to true. When true, s2Member checks its File Download Archive too, instead of ONLY looking at Files downloaded in the current Period. Period is based on your Basic Download Restrictions setting of allowed days across various Levels of Membership, for each respective User/Member. Or, if ``$user_id`` is specified, based solely on a specific User's `allowed_days`, configured in your Basic Download Restrictions, at the User's current Membership Level.
268
- * @return int The total for this particular ``$file``, based on configuration of function arguments.
269
- *
270
- * @note Calculations returned by this function do NOT include File Downloads that were accessed with an Advanced File Download Key.
271
- * @todo Make it possible for s2Member to keep a count of files downloaded with an Advanced Download Key.
272
- */
273
- public static function total_unique_downloads_of($file = FALSE, $user_id = FALSE, $check_archives_too = TRUE)
274
- {
275
- global /* Global database object reference. */ $wpdb;
276
-
277
- if /* Was ``$file`` passed in properly? */($file && is_string($file))
278
- {
279
- if(is_array($results = $wpdb->get_results("SELECT `meta_key`, `meta_value` FROM `".$wpdb->usermeta."` WHERE ".((is_numeric($user_id)) ? "`user_id` = '".esc_sql($user_id)."' AND " : "")."(`meta_key` = '".$wpdb->prefix."s2member_file_download_access_log'".(($check_archives_too) ? " OR `meta_key` = '".$wpdb->prefix."s2member_file_download_access_arc'" : "").") AND `meta_value` REGEXP '.*\"file\";s:[0-9]+:\"".esc_sql($file)."\".*'")))
280
- {
281
- foreach($results as $r /* Go through the entire array of results found in the `REGEXP` database query above. */)
282
- if(is_array($la_entries = /* Unserialize the array. */ maybe_unserialize($r->meta_value)) && !empty($la_entries))
283
-
284
- foreach($la_entries as $la_entry /* Go through all of the entries in each result ``$r``; collecting `counter` values. */)
285
- if(!empty($la_entry["file"]) && $la_entry["file"] === $file && /* Back compatibility. Is `counter` even set? */ (!empty($la_entry["counter"]) || ($la_entry["counter"] = 1)))
286
- {
287
- $total = (!empty($total)) ? /* Only count `1` here (i.e. unique downloads). */ $total + 1 : 1;
288
- break /* Break now. No need to continue looping; ``$file`` found in these entries. */;
289
- }
290
- }
291
- }
292
- return (!empty($total)) ? $total : /* Else return zero by default. */ 0;
293
- }
294
- /**
295
- * Checks for GZIP rules in root `.htaccess` file.
296
- *
297
- * @package s2Member\Files
298
- * @since 120212
299
- *
300
- * @return bool True if rules exist, else false.
301
- */
302
- public static function no_gzip_rules_in_root_htaccess()
303
- {
304
- $start_line = /* Beginning line for this entry. */ "# BEGIN s2Member GZIP exclusions";
305
- $end_line = /* Identifying end line for this entry. */ "# END s2Member GZIP exclusions";
306
- $htaccess = /* Location of this `.htaccess` file. */ ABSPATH.".htaccess";
307
308
- if(file_exists($htaccess) && is_readable($htaccess) && ($htaccess_contents = file_get_contents($htaccess)) !== false && is_string($htaccess_contents = trim($htaccess_contents)))
309
- return preg_match("/".preg_quote($start_line, "/")."[\r\n]+.*?[\r\n]+".preg_quote($end_line, "/")."[\r\n]{0,2}/is", $htaccess_contents);
310
311
- return /* Default return `false`. */ false;
312
- }
313
- /**
314
- * Writes no GZIP rules into root `.htaccess` file.
315
- *
316
- * @package s2Member\Files
317
- * @since 120212
318
- *
319
- * @return bool True if successfull, else false on any type of failure.
320
- */
321
- public static function write_no_gzip_into_root_htaccess()
322
- {
323
- if(c_ws_plugin__s2member_files::remove_no_gzip_from_root_htaccess() /* Must first be able to remove any existing entry. */)
324
- {
325
- $start_line = /* Beginning line for this entry. */ "# BEGIN s2Member GZIP exclusions";
326
- $end_line = /* Identifying end line for this entry. */ "# END s2Member GZIP exclusions";
327
- $htaccess = /* Location of this `.htaccess` file we need to write in. */ ABSPATH.".htaccess";
328
- $ideally_position_before = /* Ideally, we can position before this entry. */ "# BEGIN WordPress";
329
-
330
- $no_gzip = $start_line."\n".trim(c_ws_plugin__s2member_utilities::evl(file_get_contents($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_no_gzip_htaccess"])))."\n".$end_line;
331
-
332
- if(file_exists($htaccess) && is_readable($htaccess) && is_writable($htaccess) && ($htaccess_contents = file_get_contents($htaccess)) !== false && is_string($htaccess_contents = trim($htaccess_contents)))
333
- {
334
- if(stripos /* If we can position in the ideal location, that's awesome. Let's do that now. */($htaccess_contents, $ideally_position_before) !== false)
335
- $htaccess_contents = trim(str_ireplace($ideally_position_before, $no_gzip."\n\n".$ideally_position_before, $htaccess_contents));
336
-
337
- else // Else, let's put it at the very top of the file by default.
338
- $htaccess_contents = trim($no_gzip."\n\n".$htaccess_contents);
339
-
340
- return file_put_contents($htaccess, $htaccess_contents);
341
- }
342
- else if(!file_exists($htaccess) && is_writable(dirname($htaccess)))
343
- {
344
- return file_put_contents($htaccess, $no_gzip);
345
- }
346
- }
347
- return /* Default return `false`. */ false;
348
- }
349
- /**
350
- * Removes no GZIP rules in root `.htaccess` file.
351
- *
352
- * @package s2Member\Files
353
- * @since 120212
354
- *
355
- * @return bool True if successful, else false on any type of failure.
356
- */
357
- public static function remove_no_gzip_from_root_htaccess()
358
- {
359
- $start_line = /* Beginning line for this entry. */ "# BEGIN s2Member GZIP exclusions";
360
- $end_line = /* Identifying end line for this entry. */ "# END s2Member GZIP exclusions";
361
- $htaccess = /* Location of this `.htaccess` file we need to write in. */ ABSPATH.".htaccess";
362
-
363
- if(file_exists($htaccess) && is_readable($htaccess) && is_writable($htaccess) && ($htaccess_contents = file_get_contents($htaccess)) !== false && is_string($htaccess_contents = trim($htaccess_contents)))
364
- {
365
- $htaccess_contents = trim(preg_replace("/".preg_quote($start_line, "/")."[\r\n]+.*?[\r\n]+".preg_quote($end_line, "/")."[\r\n]{0,2}/is", "", $htaccess_contents));
366
-
367
- return /* Check for `false`, because this could return `0` if the file is now empty. */ (file_put_contents($htaccess, $htaccess_contents) !== false);
368
- }
369
- else if(!file_exists($htaccess) /* Return `true` here, we're OK. */)
370
- {
371
- return true;
372
- }
373
- return /* Default return `false`. */ false;
374
- }
375
}
376
}
377
- ?>
1
<?php
2
/**
3
+ * File Download routines for s2Member.
4
+ *
5
+ * Copyright: © 2009-2011
6
+ * {@link http://www.websharks-inc.com/ WebSharks, Inc.}
7
+ * (coded in the USA)
8
+ *
9
+ * Released under the terms of the GNU General Public License.
10
+ * You should have received a copy of the GNU General Public License,
11
+ * along with this software. In the main directory, see: /licensing/
12
+ * If not, see: {@link http://www.gnu.org/licenses/}.
13
+ *
14
+ * @package s2Member\Files
15
+ * @since 3.5
16
+ */
17
+ if(!defined('WPINC')) // MUST have WordPress.
18
+ exit('Do not access this file directly.');
19
+
20
+ if(!class_exists('c_ws_plugin__s2member_files'))
21
+ {
22
+ /**
23
+ * File Download routines for s2Member.
24
+ *
25
+ * @package s2Member\Files
26
+ * @since 3.5
27
+ */
28
+ class c_ws_plugin__s2member_files
29
{
30
/**
31
+ * Handles Download Access permissions.
32
+ *
33
+ * @package s2Member\Files
34
+ * @since 110524RC
35
+ *
36
+ * @attaches-to ``add_action('init');``
37
+ * @also-called-by API Function {@link s2Member\API_Functions\s2member_file_download_url()}, w/ ``$create_file_download_url`` param.
38
+ *
39
+ * @param array $create_file_download_url Optional. If this function is called directly, we can pass arguments through this array.
40
+ * Possible array elements: `file_download` *(required)*, `file_download_key`, `file_stream`, `file_inline`, `file_storage`, `file_remote`, `file_ssl`, `file_rewrite`, `file_rewrite_base`, `skip_confirmation`, `url_to_storage_source`, `count_against_user`, `check_user`.
41
+ *
42
+ * @return null|string If called directly with ``$create_file_download_url``, returns a string with the URL, based on configuration.
43
+ * Else, this function may exit script execution after serving a File Download.
44
+ */
45
+ public static function check_file_download_access($create_file_download_url = NULL)
46
+ {
47
+ if(is_array($create_file_download_url) || !empty($_GET['s2member_file_download']))
48
+ return c_ws_plugin__s2member_files_in::check_file_download_access($create_file_download_url);
49
+ return NULL; // Default return value.
50
+ }
51
+
52
+ /**
53
+ * Generates a File Download URL for access to a file protected by s2Member.
54
+ *
55
+ * @package s2Member\Files
56
+ * @since 110926
57
+ *
58
+ * @param array $config Required. This is an array of configuration options associated with permissions being checked against the current User/Member; and also the actual URL generated by this routine.
59
+ * Possible ``$config`` array elements: `file_download` *(required)*, `file_download_key`, `file_stream`, `file_inline`, `file_storage`, `file_remote`, `file_ssl`, `file_rewrite`, `file_rewrite_base`, `skip_confirmation`, `url_to_storage_source`, `count_against_user`, `check_user`.
60
+ * @param bool $get_streamer_array Optional. Defaults to `false`. If `true`, this function will return an array with the following elements: `streamer`, `file`, `url`. For further details, please review this section in your Dashboard: `s2Member -› Download Options -› JW Player & RTMP Protocol Examples`.
61
+ *
62
+ * @return string A File Download URL string on success; or an array on success, with elements `streamer`, `file`, `url` when/if ``$get_streamer_array`` is true; else false on any type of failure.
63
+ *
64
+ * @see s2Member\API_Functions\s2member_file_download_url()
65
+ */
66
+ public static function create_file_download_url($config = NULL, $get_streamer_array = FALSE)
67
+ {
68
+ return c_ws_plugin__s2member_files_in::create_file_download_url($config, $get_streamer_array);
69
+ }
70
+
71
+ /**
72
+ * Auto-configures an Amazon S3 Bucket's ACLs.
73
+ *
74
+ * @package s2Member\Files
75
+ * @since 110926
76
+ *
77
+ * @return bool|array True on success, else array on failure.
78
+ * Failure array will contain a failure `code`, and a failure `message`.
79
+ */
80
+ public static function amazon_s3_auto_configure_acls()
81
+ {
82
+ return c_ws_plugin__s2member_files_in::amazon_s3_auto_configure_acls();
83
+ }
84
+
85
+ /**
86
+ * Auto-configures Amazon CloudFront distros.
87
+ *
88
+ * @package s2Member\Files
89
+ * @since 130209
90
+ *
91
+ * @return bool|array True on success, else array on failure.
92
+ * Failure array will contain a failure `code`, and a failure `message`.
93
+ */
94
+ public static function amazon_cf_auto_configure_distros()
95
+ {
96
+ return c_ws_plugin__s2member_files_in::amazon_cf_auto_configure_distros();
97
+ }
98
+
99
+ /**
100
+ * Determines the max period (in days), for Download Access.
101
+ *
102
+ * @package s2Member\Files
103
+ * @since 3.5
104
+ *
105
+ * @return int Number of days, where 0 means no access to files is allowed.
106
+ * Will not return a value > `365`, because this routine also controls the age of download logs to archives.
107
+ *
108
+ * @deprecated Deprecated in v111029. This function is no longer used by s2Member.
109
+ */
110
+ public static function max_download_period(/* No longer used by s2Member. */)
111
+ {
112
+ do_action('ws_plugin__s2member_before_max_download_period', get_defined_vars());
113
+
114
+ for($n = 0, $max = 0; $n <= $GLOBALS['WS_PLUGIN__']['s2member']['c']['levels']; $n++)
115
+ if(!empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed']))
116
+ if(!empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed_days']))
117
+ if(($days = $GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed_days']))
118
+ $max = ($max < $days) ? $days : $max;
119
+
120
+ return apply_filters('ws_plugin__s2member_max_download_period', (($max > 365) ? 365 : $max), get_defined_vars());
121
+ }
122
+
123
+ /**
124
+ * Determines the minimum Level required for File Download Access.
125
+ *
126
+ * @package s2Member\Files
127
+ * @since 3.5
128
+ *
129
+ * @return bool|int False if no access is allowed, else Level number (int) 0+.
130
+ */
131
+ public static function min_level_4_downloads()
132
+ {
133
+ do_action('ws_plugin__s2member_before_min_level_4_downloads', get_defined_vars());
134
+
135
+ for($n = 0, $min = FALSE; $n <= $GLOBALS['WS_PLUGIN__']['s2member']['c']['levels']; $n++)
136
+ if(!empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed']))
137
+ if(!empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed_days']))
138
+ if(($min = $n) >= 0) break; // Break now.
139
+
140
+ return apply_filters('ws_plugin__s2member_min_level_4_downloads', ((is_int($min)) ? $min : FALSE), get_defined_vars());
141
+ }
142
+
143
+ /**
144
+ * Creates a File Download Key.
145
+ *
146
+ * Builds a hash of: ``date('Y-m-d') . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $file``.
147
+ *
148
+ * @package s2Member\Files
149
+ * @since 3.5
150
+ *
151
+ * @param string $file Location of your protected file, relative to the `/s2member-files/` directory.
152
+ * In other words, just the name of the file *(i.e. `file.zip` )*.
153
+ * @param string $directive Optional. One of `ip-forever|universal|cache-compatible`.
154
+ * `ip-forever` = a Download Key that never expires, tied only to a specific file and IP address.
155
+ * `universal` and/or `cache-compatible` = a Download Key which never expires, and is NOT tied to any specific User. Use at your own risk.
156
+ *
157
+ * @return string A Download Key. MD5 hash, 32 characters, URL-safe.
158
+ */
159
+ public static function file_download_key($file = NULL, $directive = NULL)
160
+ {
161
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
162
+ do_action('ws_plugin__s2member_before_file_download_key', get_defined_vars());
163
+ unset($__refs, $__v);
164
+
165
+ $file = ($file && is_string($file) && ($file = trim($file, '/'))) ? $file : '';
166
+
167
+ if($directive === 'ip-forever' && c_ws_plugin__s2member_no_cache::no_cache_constants(TRUE))
168
+ $salt = $file.$_SERVER['REMOTE_ADDR'];
169
+
170
+ else if($directive === 'universal' || $directive === 'cache-compatible' || $directive)
171
+ $salt = $file; // Just the file name. This IS cacheable.
172
+
173
+ else if(c_ws_plugin__s2member_no_cache::no_cache_constants(TRUE))
174
+ $salt = date('Y-m-d').$_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT'].$file;
175
+
176
+ $key = (!empty($salt)) ? md5(c_ws_plugin__s2member_utils_encryption::xencrypt($salt, FALSE, FALSE)) : '';
177
+
178
+ return apply_filters('ws_plugin__s2member_file_download_key', $key, get_defined_vars());
179
+ }
180
+
181
+ /**
182
+ * Download details on a per-User basis.
183
+ *
184
+ * @package s2Member\Files
185
+ * @since 3.5
186
+ *
187
+ * @param object $user Optional. A `WP_User` object. Defaults to the current User's object.
188
+ * @param string $not_counting_this_particular_file Optional. If you want to exclude a particular file,
189
+ * relative to the `/s2member-files/` directory, or relative to the root of your Amazon S3 Bucket *(when applicable)*.
190
+ * @param array $user_log Optional. Prevents another database connection *(i.e. the User's log does not need to be pulled again)*.
191
+ * @param array $user_arc Optional. Prevents another database connection *(i.e. the User's archive does not need to be pulled again)*.
192
+ *
193
+ * @return array An array with the following elements... File Downloads allowed for this User: (int)`allowed`, Download Period for this User in days: (int)`allowed_days`, Files downloaded by this User in the current Period: (int)`currently`, log of all Files downloaded in the current Period, with file names/dates: (array)`log`, archive of all Files downloaded in prior Periods, with file names/dates: (array)`archive`.
194
+ *
195
+ * @note Calculations returned by this function do NOT include File Downloads that were accessed with an Advanced File Download Key.
196
+ *
197
+ * @todo Make it possible for s2Member to keep a count of files downloaded with an Advanced Download Key.
198
+ */
199
+ public static function user_downloads($user = NULL, $not_counting_this_particular_file = NULL, $user_log = NULL, $user_arc = NULL)
200
+ {
201
+ foreach(array_keys(get_defined_vars()) as $__v) $__refs[$__v] =& $__v;
202
+ do_action('ws_plugin__s2member_before_user_downloads', get_defined_vars());
203
+ unset($__refs, $__v);
204
+
205
+ $allowed = $allowed_days = $currently = 0; // Initialize these to zero.
206
+ $log = $arc = array(); // Initialize these to a default empty array value.
207
+
208
+ if((is_object($user) || is_object($user = (is_user_logged_in()) ? wp_get_current_user() : FALSE)) && !empty($user->ID) && ($user_id = $user->ID))
209
{
210
+ for($n = 0; $n <= $GLOBALS['WS_PLUGIN__']['s2member']['c']['levels']; $n++)
211
+ {
212
+ if($user->has_cap('access_s2member_level'.$n) /* Do they have access? */)
213
{
214
+ if(!empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed']) && !empty($GLOBALS['WS_PLUGIN__']['s2member']['o']['level'.$n.'_file_downloads_allowed_days']))
215
+ {
216