s2Member Framework (Member Roles, Capabilities, Membership, PayPal

Version Description

(s2Member) Bug fix / File Downloads. Use of PHP's fread() function has been updated to stream_get_contents() with a 2MB chunk size in order to satisfy the needs of site owners delivering VERY large files ( 500MB+ ) though simulated HTTP streams "inline". For instance, an MP4 video file into a FlowPlayer/JWPlayer or another Flash-based application. In addition, s2Member is now capable of output buffering its chunked file delivery, making it possible for s2Member to deliver VERY large files through most shared hosting platforms without needing to upgrade to a private server.
(s2Member) Bug fix / BuddyPress. Bug fix. New filter added in support of BuddyPress on a Multisite installation. add_filter ("bp_signup_usermeta", "ws_plugin__s2member_ms_process_signup_meta");
(s2Member) Bug fix / BuddyPress. Improved detection of BuddyPress activation/registration slugs using BP_ACTIVATION_SLUG, BP_REGISTER_SLUG in conjunction with improved routing of $usermeta data inside /s2member/includes/functions/config-user-registration.inc.php. This resolves an issue where s2Member was not properly applying Membership Levels ( e.g. an s2 Role ) with BuddyPress installed on a Multisite Network.
(s2Member) Custom Registration Fields. s2Member's API Notifications now support custom Replacement Codes for any Custom Registration Fields that you've configured with s2Member. This makes it easier for developers to integrate 3rd party services, because s2Member's API Notifications can now be configured to send additional information that may include data entered by your Customer into a Custom Registration Field. Also, s2Member still supports the custom="domain|cv1|cv2|cv3|etc..." Attribute in your Shortcode too. For full details, check your Dashboard under: s2Member -> API Notifications.
(s2Member) Improved documentation on various Replacement Codes available for s2Member. There are also some new Replacement Codes made available in various sections/integrations.
(s2Member) In WordPress, when you list all Users, you will find a search box in the upper right-hand corner of the screen. This search box now has the ability to find Members by Username, Display Name, Nickname, s2Member / Paid Subscr. ID, Custom String, and ANY Custom Registration Field value.
(s2Member) Advanced Content Dripping. A new PHP/API Constant has been made available for Content Dripping S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS ( note the addition of "PAID" ). Also, s2Member v3.3 includes an entirely new/alternative method for Dripping Content, using a new API Function called s2member_registration_time ([level]). You will find all of the information/documentation on this topic inside your Dashboard under: s2Member -> API Scripting -> Content Dripping. s2Member now has the ability to provide you with information about when a Member pays you at each specific Membership Level. That being said, there IS an issue with this... The new function s2member_registration_time () will NOT return data correctly for existing Members that paid you prior to you upgrading to s2Member v3.3+. This is because s2Member did NOT record all of this information in previous versions. So it can't give you what it doesn't have on any of your existing Members. Please check the forums for workarounds.
(s2Member) API Constants. s2Member v3.3 includes some new API Constants related to PayPal and PayPal Pro integration. Such as the configured PayPal API Username, Password, Signature, etc. These will make it easier for other extensions to be built on top of s2Member should the need arise.
(s2Member/s2Member Pro) Documentation updated throughout. Some minor wording changes were required here-and-there in order to prevent confusion with all of s2Member Pro's new Gateway integrations.
(s2Member/s2Member Pro) All of s2Member's Button Generators now give you the ability to set a Trial Period and a separate Trial Billing Amount. So instead of just offering a 100% free Trial Period, you can now offer an Initial Period at one price, but have the Subscription billed later at a different Regular Recurring rate.
(s2Member Pro) New configuration panel added to s2Member Pro. The new Other Gateways panel allows you to enable/disable other Payment Gateways that have been integrated with s2Member Pro.
(s2Member Pro) Google Checkout. s2Member Pro has been integrated with Google for Direct Payments and also for Recurring Billing. In order to take advantage of this new integration method, you will need to have a copy of s2Member Pro, and a Google Checkout Account. A Google Checkout account is free.
(s2Member Pro) ClickBank. s2Member Pro has now been integrated with ClickBank for Direct Payments and also for Recurring Billing. In order to take advantage of this new integration method, you will need to have a copy of s2Member Pro, and a ClickBank Merchant Account. Otherwise, you can just use the PayPal Standard integration that comes with the free version of s2Member.
(s2Member Pro) AliPay. s2Member Pro has been integrated with AliPay for Direct Payments. In order to take advantage of this new integration method, you will need to have an AliPay Merchant Account with Direct Pay enabled ( aka: -- ). This can sometimes take a couple of days to acquire. Once you've been approved at AliPay, you'll be given a Partner ID, and a Security Code; which you'll need to configure inside your s2Member -> AliPay Options.
(s2Member Pro) PayPal Pro integration with s2Member Pro, now supports Coupon Codes that can be configured to ONLY apply to (ta) Trial Amounts, or (ra) Regular Amounts. For further details and examples, please check your Dashboard under: s2Member -> Coupon Codes.
(s2Member Pro) PayPal Pro Forms with s2Member Pro, can now be configured to recur at these new intervals: Bi-Weekly, Bi-Monthly, and Quarterly recurring cycles.
(s2Member Pro) Documentation. New documentation on ALL of s2Member's Shortcode Attributes for Pro Forms, Standard Shortcodes, and other Payment Gateways; is now included inside your Dashboard. For each Payment Gateway that you enable, there will be a Button Generator available in the s2Member Menu panel. At the bottom of each Button Generating station, you'll find a detailed examination of s2Member's Shortcode Attributes. This should make s2Member even easier for developers to integrate.
(s2Member Pro) AliPay chinese documentation added to the /s2member-pro/extras/ folder in case developers would like to review the technical aspects. This is NOT required though.

Release Info

Developer	PriMoThemes
Plugin	s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version	3.3
Comparing to
See all releases

Code changes from version 3.2.9 to 3.3

Files changed (91) hide show

images/promos/shots/03_screenshot-1200x.jpg +0 -0
images/promos/shots/04_screenshot-1200x.jpg +0 -0
images/promos/shots/10_screenshot-1200x.jpg +0 -0
images/promos/shots/11_screenshot-1200x.jpg +0 -0
images/promos/shots/12_screenshot-1200x.jpg +0 -0
images/promos/shots/13_screenshot-1200x.jpg +0 -0
images/promos/shots/14_screenshot-1200x.jpg +0 -0
images/promos/shots/15_screenshot-1200x.jpg +0 -0
images/promos/shots/16_screenshot-1200x.jpg +0 -0
images/promos/shots/17_screenshot-1200x.jpg +0 -0
images/promos/shots/18_screenshot-1200x.jpg +0 -0
images/promos/shots/19_screenshot-1200x.jpg +0 -0
images/promos/shots/20_screenshot-1200x.jpg +0 -0
images/promos/shots/21_screenshot-1200x.jpg +0 -0
images/promos/shots/22_screenshot-1200x.jpg +0 -0
images/promos/shots/23_screenshot-1200x.jpg +0 -0
images/promos/shots/24_screenshot-1200x.jpg +0 -0
images/promos/shots/25_screenshot-1200x.jpg +0 -0
images/promos/shots/26_screenshot-1200x.jpg +0 -0
images/promos/shots/27_screenshot-1200x.jpg +0 -0
includes/dropins/bridges/_s2member-bbpress-bridge.php +8 -14
includes/functions/api-functions.inc.php +35 -0
includes/functions/auto-eots.inc.php +38 -15
includes/functions/catg-level-access.inc.php +5 -5
includes/functions/config-user-registration.inc.php +86 -30
includes/functions/constants.inc.php +12 -11
includes/functions/css-js-w-globals.inc.php +2 -0
includes/functions/file-download-access.inc.php +47 -35
includes/functions/force-ssl.inc.php +1 -1
includes/functions/ip-restrictions.inc.php +5 -4
includes/functions/is-systematic.inc.php +5 -5
includes/functions/list-servers.inc.php +3 -5
includes/functions/login-redirection.inc.php +9 -5
includes/functions/membership-options.inc.php +7 -3
includes/functions/menu-pages.inc.php +3 -3
includes/functions/nocache.inc.php +1 -0
includes/functions/page-level-access.inc.php +10 -10
includes/functions/paypal-button.inc.php +37 -19
includes/functions/paypal-utilities.inc.php +126 -30
includes/functions/post-level-access.inc.php +10 -10
includes/functions/ptag-level-access.inc.php +7 -7
includes/functions/register-access.inc.php +2 -2
includes/functions/registration-times.inc.php +66 -0
includes/functions/ruri-level-access.inc.php +4 -2
includes/functions/separates/paypal-notify.inc.php +461 -261
includes/functions/separates/paypal-return.inc.php +31 -15
includes/functions/sp-access.inc.php +1 -1
includes/functions/tracking-codes.inc.php +2 -2
includes/functions/translations.inc.php +2 -2
includes/functions/user-access-level.inc.php +3 -3
includes/functions/user-access-role.inc.php +36 -0
includes/functions/user-deletions.inc.php +27 -6
includes/functions/users-list.inc.php +88 -9
includes/functions/utilities.inc.php +1 -1
includes/hooks.inc.php +6 -3
includes/menu-pages/api-ops.inc.php +90 -46
includes/menu-pages/bridges.inc.php +8 -8
includes/menu-pages/code-samples/current-user-custom.php +1 -1
includes/menu-pages/code-samples/current-user-paid-registration-days-dripping.php +23 -0
includes/menu-pages/code-samples/current-user-paid-registration-days.php +28 -0
includes/menu-pages/code-samples/current-user-paid-registration-time.php +7 -0
includes/menu-pages/code-samples/current-user-registration-days-dripping.php +0 -23
includes/menu-pages/code-samples/current-user-registration-days.php +6 -6
includes/menu-pages/code-samples/current-user-subscr-id.php +2 -2
includes/menu-pages/code-samples/paypal-pdt-identity-token.php +7 -0
includes/menu-pages/code-samples/s2member-paid-registration-time-examples.php +31 -0
includes/menu-pages/code-samples/s2member-paid-registration-time.php +18 -0
includes/menu-pages/down-ops.inc.php +5 -5
includes/menu-pages/els-ops.inc.php +10 -10
includes/menu-pages/menu-pages-s-min.js +1 -1
includes/menu-pages/menu-pages-s.js +144 -134
includes/menu-pages/mms-options.inc.php +9 -9
includes/menu-pages/options.inc.php +5 -6
includes/menu-pages/paypal-buttons.inc.php +114 -33
includes/menu-pages/paypal-ops.inc.php +25 -25
includes/menu-pages/scripting.inc.php +41 -11
includes/menu-pages/start.inc.php +3 -3
includes/menu-pages/trk-ops.inc.php +13 -13
includes/s2member-min.js +1 -1
includes/s2member.js +7 -5
includes/syscon.inc.php +9 -13
includes/templates/buttons/paypal-cancellation-button.html +1 -1
includes/templates/buttons/paypal-checkout-button.html +2 -2
includes/templates/buttons/paypal-sp-checkout-button.html +2 -2
includes/templates/options/paypal-currencies.html +187 -24
includes/templates/options/paypal-membership-regular-terms.html +2 -0
includes/templates/shortcodes/paypal-cancellation-button-shortcode.html +1 -1
includes/templates/shortcodes/paypal-checkout-button-shortcode.html +1 -1
includes/templates/shortcodes/paypal-sp-checkout-button-shortcode.html +1 -1
readme.txt +40 -14
s2member.php +10 -4

images/promos/shots/03_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/04_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/10_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/11_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/12_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/13_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/14_screenshot-1200x.jpg CHANGED Viewed

Binary file

images/promos/shots/15_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/16_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/17_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/18_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/19_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/20_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/21_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/22_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/23_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/24_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/25_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/26_screenshot-1200x.jpg ADDED Viewed

Binary file

images/promos/shots/27_screenshot-1200x.jpg ADDED Viewed

Binary file

includes/dropins/bridges/_s2member-bbpress-bridge.php CHANGED Viewed

	@@ -27,7 +27,7 @@ Tags: membership, members, member, register, signup, paypal, pay pal, s2member,
27	Direct access denial.
28	*/
29	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
30	- exit("Do not access this file directly.");
31	/*
32	Filled by the s2Member installer. Or you can set this manually.
33	- If this is NOT set, it defaults to 0 = ( Free Subscribers ).
	@@ -46,15 +46,9 @@ function ws_plugin__s2member_bridge_bbpress_roles () /* On-the-fly. */
46	/**/
47	if (is_object ($user = bb_get_current_user ()) && $user->ID) /* Logged in? */
48	/**/
49	- if (empty ($user->roles)) /* Only when no bbPress® Role ~~has~~ ~~been~~ assigned ~~yet~~. */
50	/**/
51	- ~~foreach~~ ($user~~->$wp_capabilities~~ as ~~$wp_cap~~ => ~~$v)~~ /* ~~Check ^s2member_level[1-4]+~~ */
52	- /**/
53	- if (preg_match ("/^s2member_level[0-4]$/", $wp_cap)) /* An s2Member Role? */
54	- {
55	- bb_give_user_default_role($user);
56	- break; /* Now a Member! */
57	- }
58	}
59	/*
60	Deny all access to the bbPress® registration page.
	@@ -85,7 +79,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
85	wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
86	/**/
87	else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
88	- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
89	/**/
90	exit ();
91	}
	@@ -97,9 +91,9 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
97	/**/
98	if (preg_match ("/^(subscriber\|s2member_level[0-4])$/", $wp_cap)) /* Subscribers and/or s2Member Roles. */
99	/**/
100	- if (($wp_cap === "subscriber" && $min > 0) \|\| ($level = preg_replace ("/~~[^0-9]/~~", "", $wp_cap)) < $min)
101	/**/
102	- if ($url = bb_get_option ("wp_siteurl")) /* WordPress® is integrated? */
103	{
104	$bbPress = bb_get_option ("uri"); /* bbPress® location. */
105	/**/
	@@ -107,7 +101,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
107	wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
108	/**/
109	else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
110	- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
111	/**/
112	exit ();
113	}
	@@ -117,7 +111,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
117	{
118	if ($url = bb_get_option ("wp_siteurl")) /* The Front Page on the WordPress® installation. */
119	{
120	- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
121	exit (); /* Membership Options Page + s2member_level_req = $min. */
122	}
123	}


27	Direct access denial.
28	*/
29	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
30	+ exit ("Do not access this file directly.");
31	/*
32	Filled by the s2Member installer. Or you can set this manually.
33	- If this is NOT set, it defaults to 0 = ( Free Subscribers ).

46	/**/
47	if (is_object ($user = bb_get_current_user ()) && $user->ID) /* Logged in? */
48	/**/
49	+ if (empty ($user->roles)) /* Only if/when no bbPress® Role is assigned. */
50	/**/
51	+ bb_give_user_default_role($user); /* Assign a default Role. */






52	}
53	/*
54	Deny all access to the bbPress® registration page.

79	wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
80	/**/
81	else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
82	+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
83	/**/
84	exit ();
85	}

91	/**/
92	if (preg_match ("/^(subscriber\|s2member_level[0-4])$/", $wp_cap)) /* Subscribers and/or s2Member Roles. */
93	/**/
94	+ if (($wp_cap === "subscriber" && $min > 0) \|\| ($level = preg_replace ("/^s2member_level/", "", $wp_cap)) < $min)
95	/**/
96	+ if ($url = bb_get_option ("wp_siteurl")) /* Only if WordPress® is fully integrated? */
97	{
98	$bbPress = bb_get_option ("uri"); /* bbPress® location. */
99	/**/

101	wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
102	/**/
103	else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
104	+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
105	/**/
106	exit ();
107	}

111	{
112	if ($url = bb_get_option ("wp_siteurl")) /* The Front Page on the WordPress® installation. */
113	{
114	+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
115	exit (); /* Membership Options Page + s2member_level_req = $min. */
116	}
117	}

includes/functions/api-functions.inc.php CHANGED Viewed

@@ -430,6 +430,41 @@ if (!function_exists ("s2member_file_download_key"))
+            			}
+            	}
             /*
             Retrieves a Custom Field value.
             $field_id - required argument.
             $user_id - defaults to current user.


430	}
431	}
432	/*
433	+ Retrieves a Registration Time.
434	+ $user_id defaults to the current user; if logged in.
435	+ */
436	+ if (!function_exists ("s2member_registration_time"))
437	+ {
438	+ function s2member_registration_time ($user_id = FALSE)
439	+ {
440	+ return ws_plugin__s2member_registration_time ($user_id);
441	+ }
442	+ }
443	+ /*
444	+ Retrieves a Paid Registration Time.
445	+
446	+ The $level argument is optional. It defaults to the first/initial Paid Registration Time, regardless of Level#.
447	+ Or you could do this: s2member_paid_registration_time("level1"); which will give you the Registration Time at Level #1.
448	+ If a User/Member has never paid for Level #1 ( i.e. they signed up at Level#2 ), the function will return 0.
449	+
450	+ Here are some other examples:
451	+ $time = s2member_registration_time (); // ... first registration time ( free or otherwise ).
452	+ $time = s2member_paid_registration_time (); // ... first "paid" registration and/or upgrade time.
453	+ $time = s2member_paid_registration_time ("level1"); // ... first "paid" registration or upgrade time at Level#1.
454	+ $time = s2member_paid_registration_time ("level2"); // ... first "paid" registration or upgrade time at Level#2.
455	+ $time = s2member_paid_registration_time ("level3"); // ... first "paid" registration or upgrade time at Level#3.
456	+ $time = s2member_paid_registration_time ("level4"); // ... first "paid" registration or upgrade time at Level#4.
457	+
458	+ The argument $user_id defaults to the current user; if logged in.
459	+ */
460	+ if (!function_exists ("s2member_paid_registration_time"))
461	+ {
462	+ function s2member_paid_registration_time ($level = FALSE, $user_id = FALSE)
463	+ {
464	+ return ws_plugin__s2member_paid_registration_time ($level, $user_id);
465	+ }
466	+ }
467	+ /*
468	Retrieves a Custom Field value.
469	$field_id - required argument.
470	$user_id - defaults to current user.

includes/functions/auto-eots.inc.php CHANGED Viewed

	@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	- exit("Do not access this file directly.");
16	/*
17	Function processed by WP-Cron. This handles Auto-EOTs.
18
	@@ -51,8 +51,9 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
51	{
52	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "demote")
53	{
54	- $subscr_id = get_user_option ("s2member_subscr_id", $user_id);
55	$custom = get_user_option ("s2member_custom", $user_id);


56	/**/
57	$demotion_role = ws_plugin__s2member_force_demotion_role ("subscriber");
58	$user->set_role ($demotion_role); /* Defaults to Free Subscriber. */
	@@ -63,6 +64,10 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
63	/**/
64	delete_user_option ($user_id, "s2member_custom");
65	delete_user_option ($user_id, "s2member_subscr_id");




66	delete_user_option ($user_id, "s2member_last_payment_time");
67	delete_user_option ($user_id, "s2member_auto_eot_time");
68	/**/
	@@ -81,15 +86,22 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
81	if (($url = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_email)), $url)))
82	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_login)), $url)))
83	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
84	- ~~/**/~~
85	- if (($~~url~~ = ~~trim~~ ($~~url~~))~~) /* Empty? */~~
86	- ~~ws_plugin__s2member_remote~~($~~url~~);






87	}
88	/**/
89	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"] && is_array ($cv = preg_split ("/\\|/", $custom)))
90	{
91	$msg = $sbj = "( s2Member / API Notification Email ) - EOT/Deletion";
92	$msg .= "\n\n"; /* Spacing in the message body. */

93	$msg .= "subscr_id: %%subscr_id%%\n";
94	$msg .= "user_first_name: %%user_first_name%%\n";
95	$msg .= "user_last_name: %%user_last_name%%\n";
	@@ -97,6 +109,11 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
97	$msg .= "user_email: %%user_email%%\n";
98	$msg .= "user_login: %%user_login%%\n";
99	$msg .= "user_id: %%user_id%%\n";





100	$msg .= "cv0: %%cv0%%\n";
101	$msg .= "cv1: %%cv1%%\n";
102	$msg .= "cv2: %%cv2%%\n";
	@@ -114,13 +131,19 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
114	if (($msg = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds ($user->user_email), $msg)))
115	if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($user->user_login), $msg)))
116	if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
117	- ~~/**/~~
118	- ~~foreach~~ (~~ws_plugin__s2member_trim_deep~~ (~~preg_split ("/;+/",~~ $~~GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"]~~)) as $~~recipient~~)



119	/**/
120	- ($~~recipient)~~ ? ~~mail~~ (~~$recipient,~~ ~~$sbj, apply_filters~~ ("~~ws_plugin__s2member_eot_del_notification_email_msg", $msg, get_defined_vars~~ ()), "~~From: \"" . preg_replace ('/"/'~~, "'", $~~GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]~~) ~~. "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8"~~) ~~: null;~~



121	}
122	/**/
123	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
124	do_action ("ws_plugin__s2member_during_auto_eot_system_during_demote", get_defined_vars ());
125	unset ($__refs, $__v); /* Unset defined __refs, __v. */
126	}
	@@ -135,14 +158,14 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
135	/**/
136	else /* Otherwise, we can actually delete them. */
137	/* This will automatically trigger `eot_del_notification_urls` as well. */
138	- wp_delete_user($user_id); /* `ws_plugin__s2member_handle_user_deletions()` */
139	/**/
140	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
141	do_action ("ws_plugin__s2member_during_auto_eot_system_during_delete", get_defined_vars ());
142	unset ($__refs, $__v); /* Unset defined __refs, __v. */
143	}
144	/**/
145	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
146	do_action ("ws_plugin__s2member_during_auto_eot_system", get_defined_vars ());
147	unset ($__refs, $__v); /* Unset defined __refs, __v. */
148	}
	@@ -151,7 +174,7 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
151	}
152	}
153	/**/
154	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
155	do_action ("ws_plugin__s2member_after_auto_eot_system", get_defined_vars ());
156	unset ($__refs, $__v); /* Unset defined __refs, __v. */
157	/**/
	@@ -220,8 +243,8 @@ if (!function_exists ("ws_plugin__s2member_delete_auto_eot_system"))
220	/**/
221	if (function_exists ("wp_cron"))
222	{
223	- wp_clear_scheduled_hook("s2member_auto_eot_system"); /* This is for backward compatibility. */
224	- wp_clear_scheduled_hook("ws_plugin__s2member_auto_eot_system__schedule"); /* Since v3.0.3. */
225	/**/
226	return apply_filters ("ws_plugin__s2member_delete_auto_eot_system", true, get_defined_vars ());
227	}


12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	+ exit ("Do not access this file directly.");
16	/*
17	Function processed by WP-Cron. This handles Auto-EOTs.
18

51	{
52	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "demote")
53	{

54	$custom = get_user_option ("s2member_custom", $user_id);
55	+ $subscr_id = get_user_option ("s2member_subscr_id", $user_id);
56	+ $fields = get_user_option ("s2member_custom_fields", $user_id);
57	/**/
58	$demotion_role = ws_plugin__s2member_force_demotion_role ("subscriber");
59	$user->set_role ($demotion_role); /* Defaults to Free Subscriber. */

64	/**/
65	delete_user_option ($user_id, "s2member_custom");
66	delete_user_option ($user_id, "s2member_subscr_id");
67	+ /**/
68	+ if (!apply_filters ("ws_plugin__s2member_preserve_paid_registration_times", true, get_defined_vars ()))
69	+ delete_user_option ($user_id, "s2member_paid_registration_times");
70	+ /**/
71	delete_user_option ($user_id, "s2member_last_payment_time");
72	delete_user_option ($user_id, "s2member_auto_eot_time");
73	/**/

86	if (($url = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_email)), $url)))
87	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_login)), $url)))
88	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
89	+ {
90	+ if (is_array ($fields) && !empty ($fields))
91	+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
92	+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
93	+ break;
94	+ /**/
95	+ if (($url = trim (preg_replace ("/%%(.+?)%%/i", "", $url))))
96	+ ws_plugin__s2member_remote ($url);
97	+ }
98	}
99	/**/
100	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"] && is_array ($cv = preg_split ("/\\|/", $custom)))
101	{
102	$msg = $sbj = "( s2Member / API Notification Email ) - EOT/Deletion";
103	$msg .= "\n\n"; /* Spacing in the message body. */
104	+ /**/
105	$msg .= "subscr_id: %%subscr_id%%\n";
106	$msg .= "user_first_name: %%user_first_name%%\n";
107	$msg .= "user_last_name: %%user_last_name%%\n";

109	$msg .= "user_email: %%user_email%%\n";
110	$msg .= "user_login: %%user_login%%\n";
111	$msg .= "user_id: %%user_id%%\n";
112	+ /**/
113	+ if (is_array ($fields) && !empty ($fields))
114	+ foreach ($fields as $var => $val)
115	+ $msg .= $var . ": %%" . $var . "%%\n";
116	+ /**/
117	$msg .= "cv0: %%cv0%%\n";
118	$msg .= "cv1: %%cv1%%\n";
119	$msg .= "cv2: %%cv2%%\n";

131	if (($msg = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds ($user->user_email), $msg)))
132	if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($user->user_login), $msg)))
133	if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
134	+ {
135	+ if (is_array ($fields) && !empty ($fields))
136	+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
137	+ if (! ($msg = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (maybe_serialize ($val)), $msg)))
138	+ break;
139	/**/
140	+ if (($msg = trim (preg_replace ("/%%(.+?)%%/i", "", $msg))))
141	+ foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"])) as $recipient)
142	+ ($recipient) ? wp_mail ($recipient, apply_filters ("ws_plugin__s2member_eot_del_notification_email_sbj", $sbj, get_defined_vars ()), apply_filters ("ws_plugin__s2member_eot_del_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
143	+ }
144	}
145	/**/
146	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
147	do_action ("ws_plugin__s2member_during_auto_eot_system_during_demote", get_defined_vars ());
148	unset ($__refs, $__v); /* Unset defined __refs, __v. */
149	}

158	/**/
159	else /* Otherwise, we can actually delete them. */
160	/* This will automatically trigger `eot_del_notification_urls` as well. */
161	+ wp_delete_user ($user_id); /* `ws_plugin__s2member_handle_user_deletions()` */
162	/**/
163	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
164	do_action ("ws_plugin__s2member_during_auto_eot_system_during_delete", get_defined_vars ());
165	unset ($__refs, $__v); /* Unset defined __refs, __v. */
166	}
167	/**/
168	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
169	do_action ("ws_plugin__s2member_during_auto_eot_system", get_defined_vars ());
170	unset ($__refs, $__v); /* Unset defined __refs, __v. */
171	}

174	}
175	}
176	/**/
177	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
178	do_action ("ws_plugin__s2member_after_auto_eot_system", get_defined_vars ());
179	unset ($__refs, $__v); /* Unset defined __refs, __v. */
180	/**/

243	/**/
244	if (function_exists ("wp_cron"))
245	{
246	+ wp_clear_scheduled_hook ("s2member_auto_eot_system"); /* This is for backward compatibility. */
247	+ wp_clear_scheduled_hook ("ws_plugin__s2member_auto_eot_system__schedule"); /* Since v3.0.3. */
248	/**/
249	return apply_filters ("ws_plugin__s2member_delete_auto_eot_system", true, get_defined_vars ());
250	}

includes/functions/catg-level-access.inc.php CHANGED Viewed

	@@ -45,7 +45,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
45	/**/
46	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "$/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")))
47	{
48	- wp_redirect (add_query_arg ("~~s2member_level_req~~", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
49	exit ();
50	}
51	else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Do NOT protect Systematics. However, there is 1 exception above ^. */
	@@ -54,13 +54,13 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
54	{
55	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
56	{
57	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58	exit ();
59	}
60	/**/
61	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
62	{
63	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
64	exit ();
65	}
66	/**/
	@@ -68,7 +68,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
68	foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
69	if ($catg && cat_is_ancestor_of ($catg, $cat_id) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
70	{
71	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
72	exit ();
73	}
74	}
	@@ -79,7 +79,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
79	foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
80	if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
81	{
82	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83	exit ();
84	}
85	}


45	/**/
46	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "$/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")))
47	{
48	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
49	exit ();
50	}
51	else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Do NOT protect Systematics. However, there is 1 exception above ^. */

54	{
55	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
56	{
57	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58	exit ();
59	}
60	/**/
61	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
62	{
63	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
64	exit ();
65	}
66	/**/

68	foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
69	if ($catg && cat_is_ancestor_of ($catg, $cat_id) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
70	{
71	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
72	exit ();
73	}
74	}

79	foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
80	if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
81	{
82	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83	exit ();
84	}
85	}

includes/functions/config-user-registration.inc.php CHANGED Viewed

	@@ -18,6 +18,7 @@ Function that adds hidden fields to POST vars on signup.
18	Attach to: add_filter("signup_hidden_fields");
19
20	This can ONLY be fired through wp-signup.php on the front-side.

21	*/
22	if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
23	{
	@@ -26,7 +27,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
26	do_action ("ws_plugin__s2member_before_ms_process_signup_hidden_fields", get_defined_vars ());
27	/**/
28	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking, on a Blog Farm. */
29	- if (ws_plugin__s2member_is_multisite_farm () && is_main_site () && preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && $_POST["stage"] === "validate-user-signup")
30	{
31	foreach ((array)ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST)) as $key => $value)
32	if (preg_match ("/^ws_plugin__s2member_(custom_reg_field\|user_new)_/", $key))
	@@ -42,6 +43,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
42	/*
43	Function that adds customs fields to $meta on signup.
44	Attach to: add_filter("add_signup_meta");

45
46	This can be fired through wp-signup.php on the front-side,
47	or possibly through user-new.php in the admin.
	@@ -57,7 +59,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_meta"))
57	unset ($__refs, $__v); /* Unset defined __refs, __v. */
58	/**/
59	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. Either in the admin, or on a Blog Farm through wp-signup.php. */
60	- if ((is_admin () && $pagenow === "user-new.php") \|\| (ws_plugin__s2member_is_multisite_farm () && is_main_site () && preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && preg_match ("/^validate-(user\|blog)-signup$/", $_POST["stage"])))
61	{
62	ws_plugin__s2member_email_config (); /* Configures From: header that will be used in notifications. */
63	/**/
	@@ -83,8 +85,9 @@ However, a Super Admin CAN trigger this event by adding a new User through the U
83	~ If they choose to bypass activation; an activation IS fired immediately. Otherwise, it's delayed.
84	- via user-new.php.
85
86	- So this function may get fired inside the admin panel ( user-new.php ).
87	- Or also during an actual activation; through wp-activate.php.

88	*/
89	if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"))
90	{
	@@ -97,7 +100,7 @@ if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"
97	unset ($__refs, $__v); /* Unset defined __refs, __v. */
98	/**/
99	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
100	- if ((is_admin () && $pagenow === "user-new.php") \|\| (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])))
101	{
102	ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
103	delete_user_meta ($user_id, "s2member_ms_signup_meta");
	@@ -116,7 +119,8 @@ This does NOT fire for a Super Admin managing Network Blogs.
116	~ Actually they do; BUT it's blocked by the routine below.
117	Which is good. A Super Admin should NOT trigger this event.
118
119	- This function should ONLY be fired through wp-activate.php.

120	*/
121	if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"))
122	{
	@@ -127,7 +131,7 @@ if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"
127	unset ($__refs, $__v); /* Unset defined __refs, __v. */
128	/**/
129	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
130	- if (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) /* ~~ONLY~~ ~~`wp-activate~~.~~php`.~~ */
131	{
132	ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
133	delete_user_meta ($user_id, "s2member_ms_signup_meta");
	@@ -172,9 +176,10 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
172	&& (is_array ($_POST = ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST))) \|\| is_array (ws_plugin__s2member_trim_deep (stripslashes_deep ($meta))))/**/
173	/**/
174	/* These negative matches are designed to prevent this routine from running under certain conditions; where we need to wait for `wpmu_activate_user\|blog` instead. */
175	- && ! (is_admin () && is_multisite () && $pagenow === "user-new.php" && isset ($_POST["noconfirmation"]) && is_super_admin () && ~~empty~~ (~~$meta~~))/**/
176	- && ! (preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"]) && ~~empty~~ (~~$meta~~)) /* If activating; we MUST have a meta ~~array~~. */
177	- /* ~~The~~ ~~$meta~~ ~~array~~ is ~~ONLY~~ ~~filled~~ by ~~hand-offs~~ ~~from~~ ~~`wpmu_activate_user\|blog`.~~ So ~~this~~ is ~~how~~ we ~~check~~ ~~for~~ ~~these events. */~~

178	/**/
179	&& $user_id && is_object ($user = new WP_User ($user_id)) && $user->ID && ($processed = true)) /* Process only once. */
180	{
	@@ -187,16 +192,16 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
187	if (!is_admin () && ($_POST["ws_plugin__s2member_custom_reg_field_s2member_custom"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_subscr_id"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_ccaps"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_auto_eot_time"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_notes"]))
188	exit ("s2Member security violation. You attempted to POST variables that will NOT be trusted!");
189	/**/
190	- $_pm = array_merge ((array)$_POST, (array)$meta); /* Merge these two data sources together now. ~~However,~~ ALWAYS after the security routine above ^. */
191	/**/
192	if (!is_admin () /* Only run this particular routine whenever a Member [1-4] is registering themselves with cookies. */
193	&& ($subscr_id = ws_plugin__s2member_decrypt ($_COOKIE["s2member_subscr_id"])) && preg_match ("/^" . preg_quote (preg_replace ("/\:([0-9]+)$/", "", $_SERVER["HTTP_HOST"]), "/") . "/i", ($custom = ws_plugin__s2member_decrypt ($_COOKIE["s2member_custom"]))) && preg_match ("/^[1-4](\:\|$)([a-z_0-9,]+)?(\:)?([0-9]+ [A-Z])?$/", ($level = ws_plugin__s2member_decrypt ($_COOKIE["s2member_level"])))/**/
194	&& (!$usermeta = $wpdb->get_row ("SELECT `user_id` FROM `" . $wpdb->usermeta . "` WHERE `meta_key` = '" . $wpdb->prefix . "s2member_subscr_id' AND `meta_value` = '" . $wpdb->escape ($subscr_id) . "' LIMIT 1")))
195	/* ^ This is for security ^ It checks the database to make sure the User/Member has not already registered in the past, with the same Paid Subscr. ID. */
196	{ /*
197	- This routine could be processed through `wp-login.php?action=register` ~~- OR - through~~ `wp-activate.php`.

198	If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
199	- This may also be processed through BuddyPress, or another plugin calling `user_register`.
200	*/
201	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
202	/**/
	@@ -287,23 +292,32 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
287	/**/
288	if (($transient = md5 ("s2member_transient_ipn_subscr_payment_" . $subscr_id)) && is_array ($subscr_payment = get_transient ($transient)))
289	{
290	- $proxy = array ("s2member_paypal_notify" => "1", "s2member_paypal_proxy" => "s2member_transient_ipn_subscr_payment");
291	- ws_plugin__s2member_remote (add_query_arg ($proxy, get_bloginfo ("wpurl")), stripslashes_deep ($subscr_payment), array ("timeout" => 20));
292	- delete_transient($transient);
293	}
294	/**/
295	setcookie ("s2member_signup_tracking", ws_plugin__s2member_encrypt ($subscr_id), time () + 31556926, "/");
296	/**/








297	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');

298	do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
299	unset ($__refs, $__v); /* Unset defined __refs, __v. */
300	}
301	/**/
302	else if (!is_admin ()) /* Otherwise, if we are NOT inside the Dashboard during the creation of this account. */
303	{ /*
304	- This routine could be processed through `wp-login.php?action=register` ~~- OR - through~~ `wp-activate.php`.

305	If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
306	- This may also be processed through BuddyPress, or another plugin calling `user_register`.
307	*/
308	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
309	/**/
	@@ -400,14 +414,23 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
400	/**/
401	update_user_option ($user_id, "s2member_custom_fields", $fields);
402	/**/








403	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');

404	do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
405	unset ($__refs, $__v); /* Unset defined __refs, __v. */
406	}
407	/**/
408	else if (is_admin () && $pagenow === "user-new.php") /* Else, if we're on this page. */
409	{ /*
410	- This routine can ONLY be processed through `user-new.php` inside the Dashboard.
411	*/
412	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
413	/**/
	@@ -495,6 +518,14 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
495	/**/
496	update_user_option ($user_id, "s2member_custom_fields", $fields);
497	/**/








498	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
499	do_action ("ws_plugin__s2member_during_configure_user_registration_admin_side", get_defined_vars ());
500	unset ($__refs, $__v); /* Unset defined __refs, __v. */
	@@ -502,8 +533,6 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
502	/**/
503	if ($processed === "yes") /* If registration was processed by one of the routines above. */
504	{
505	- ws_plugin__s2member_process_list_servers ($level, $email, $fname, $lname, $ip, $opt_in);
506	- /**/
507	if ($urls = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_urls"])
508	/**/
509	foreach (preg_split ("/[\r\n\t]+/", $urls) as $url) /* Notify each of the urls. */
	@@ -518,14 +547,21 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
518	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
519	if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
520	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
521	- ~~/**/~~
522	- if (($~~url~~ = ~~trim~~ ($~~url~~))~~) /* Empty? */~~
523	- ~~ws_plugin__s2member_remote~~($~~url~~);






524	/**/
525	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])
526	{
527	$msg = $sbj = "( s2Member / API Notification Email ) - Registration";
528	$msg .= "\n\n"; /* Spacing in the message body. */

529	$msg .= "role: %%role%%\n";
530	$msg .= "level: %%level%%\n";
531	$msg .= "user_first_name: %%user_first_name%%\n";
	@@ -535,6 +571,11 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
535	$msg .= "user_login: %%user_login%%\n";
536	$msg .= "user_pass: %%user_pass%%\n";
537	$msg .= "user_id: %%user_id%%\n";





538	$msg .= "cv0: %%cv0%%\n";
539	$msg .= "cv1: %%cv1%%\n";
540	$msg .= "cv2: %%cv2%%\n";
	@@ -556,10 +597,16 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
556	if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($login), $msg)))
557	if (($msg = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds ($pass), $msg)))
558	if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
559	- ~~/**/~~
560	- ~~foreach~~ (~~ws_plugin__s2member_trim_deep~~ (~~preg_split ("/;+/",~~ $~~GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"]~~)) as $~~recipient~~)



561	/**/
562	- ($~~recipient)~~ ? ~~mail~~ (~~$recipient,~~ ~~$sbj, apply_filters~~ ("~~ws_plugin__s2member_registration_notification_email_msg", $msg, get_defined_vars~~ ()), "~~From: \"" . preg_replace ('/"/'~~, "'", $~~GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]~~) ~~. "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8"~~) ~~: null;~~



563	}
564	/**/
565	if ($url = $GLOBALS["ws_plugin__s2member_registration_return_url"])
	@@ -574,9 +621,18 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
574	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
575	if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
576	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
577	- ~~/**/~~
578	- if (($~~url~~ = ~~trim~~ ($~~url~~))~~) /* Empty? ... Otherwise, re-fill. */~~
579	- $~~GLOBALS["ws_plugin__s2member_registration_return_url"]~~ = $~~url;~~









580	/**/
581	setcookie ("s2member_subscr_id", "", time () + 31556926, "/");
582	setcookie ("s2member_custom", "", time () + 31556926, "/");


18	Attach to: add_filter("signup_hidden_fields");
19
20	This can ONLY be fired through wp-signup.php on the front-side.
21	+ Or through `/register` via BuddyPress.
22	*/
23	if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
24	{

27	do_action ("ws_plugin__s2member_before_ms_process_signup_hidden_fields", get_defined_vars ());
28	/**/
29	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking, on a Blog Farm. */
30	+ if (ws_plugin__s2member_is_multisite_farm () && is_main_site () && ( (preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && $_POST["stage"] === "validate-user-signup") \|\| (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_REGISTER_SLUG, "/") . "/", $_SERVER["REQUEST_URI"]))))
31	{
32	foreach ((array)ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST)) as $key => $value)
33	if (preg_match ("/^ws_plugin__s2member_(custom_reg_field\|user_new)_/", $key))

43	/*
44	Function that adds customs fields to $meta on signup.
45	Attach to: add_filter("add_signup_meta");
46	+ Attach to: add_filter("bp_signup_usermeta");
47
48	This can be fired through wp-signup.php on the front-side,
49	or possibly through user-new.php in the admin.

59	unset ($__refs, $__v); /* Unset defined __refs, __v. */
60	/**/
61	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. Either in the admin, or on a Blog Farm through wp-signup.php. */
62	+ if ((is_admin () && $pagenow === "user-new.php") \|\| (ws_plugin__s2member_is_multisite_farm () && is_main_site () && ( (preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && preg_match ("/^validate-(user\|blog)-signup$/", $_POST["stage"])) \|\| (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_REGISTER_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))))
63	{
64	ws_plugin__s2member_email_config (); /* Configures From: header that will be used in notifications. */
65	/**/

85	~ If they choose to bypass activation; an activation IS fired immediately. Otherwise, it's delayed.
86	- via user-new.php.
87
88	+ So this function may get fired inside the admin panel ( `user-new.php` ).
89	+ Or also during an actual activation; through `wp-activate.php`.
90	+ Or also during an actual activation; through `/activate` via BuddyPress.
91	*/
92	if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"))
93	{

100	unset ($__refs, $__v); /* Unset defined __refs, __v. */
101	/**/
102	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
103	+ if ((is_admin () && $pagenow === "user-new.php") \|\| (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) \|\| (!is_admin () && defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))
104	{
105	ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
106	delete_user_meta ($user_id, "s2member_ms_signup_meta");

119	~ Actually they do; BUT it's blocked by the routine below.
120	Which is good. A Super Admin should NOT trigger this event.
121
122	+ This function should ONLY be fired through `wp-activate.php`.
123	+ Or also through `/activate` via BuddyPress.
124	*/
125	if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"))
126	{

131	unset ($__refs, $__v); /* Unset defined __refs, __v. */
132	/**/
133	if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
134	+ if ((!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) \|\| (!is_admin () && defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))
135	{
136	ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
137	delete_user_meta ($user_id, "s2member_ms_signup_meta");

176	&& (is_array ($_POST = ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST))) \|\| is_array (ws_plugin__s2member_trim_deep (stripslashes_deep ($meta))))/**/
177	/**/
178	/* These negative matches are designed to prevent this routine from running under certain conditions; where we need to wait for `wpmu_activate_user\|blog` instead. */
179	+ && ! (is_admin () && is_multisite () && $pagenow === "user-new.php" && isset ($_POST["noconfirmation"]) && is_super_admin () && func_num_args () !== 3)/**/
180	+ && ! (preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"]) && func_num_args () !== 3) /* If activating; we MUST have a $meta arg to proceed. */
181	+ && ! (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"]) && func_num_args () !== 3)
182	+ /* The $meta argument is ONLY passed in by hand-offs from `wpmu_activate_user\|blog`. So this is how we check for these events. */
183	/**/
184	&& $user_id && is_object ($user = new WP_User ($user_id)) && $user->ID && ($processed = true)) /* Process only once. */
185	{

192	if (!is_admin () && ($_POST["ws_plugin__s2member_custom_reg_field_s2member_custom"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_subscr_id"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_ccaps"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_auto_eot_time"] \|\| $_POST["ws_plugin__s2member_custom_reg_field_s2member_notes"]))
193	exit ("s2Member security violation. You attempted to POST variables that will NOT be trusted!");
194	/**/
195	+ $_pm = array_merge ((array)$_POST, (array)$meta); /* Merge these two data sources together now; ALWAYS after the security routine above ^. */
196	/**/
197	if (!is_admin () /* Only run this particular routine whenever a Member [1-4] is registering themselves with cookies. */
198	&& ($subscr_id = ws_plugin__s2member_decrypt ($_COOKIE["s2member_subscr_id"])) && preg_match ("/^" . preg_quote (preg_replace ("/\:([0-9]+)$/", "", $_SERVER["HTTP_HOST"]), "/") . "/i", ($custom = ws_plugin__s2member_decrypt ($_COOKIE["s2member_custom"]))) && preg_match ("/^[1-4](\:\|$)([a-z_0-9,]+)?(\:)?([0-9]+ [A-Z])?$/", ($level = ws_plugin__s2member_decrypt ($_COOKIE["s2member_level"])))/**/
199	&& (!$usermeta = $wpdb->get_row ("SELECT `user_id` FROM `" . $wpdb->usermeta . "` WHERE `meta_key` = '" . $wpdb->prefix . "s2member_subscr_id' AND `meta_value` = '" . $wpdb->escape ($subscr_id) . "' LIMIT 1")))
200	/* ^ This is for security ^ It checks the database to make sure the User/Member has not already registered in the past, with the same Paid Subscr. ID. */
201	{ /*
202	+ This routine could be processed through `wp-login.php?action=register`, `wp-activate.php`, or `/activate` via BuddyPress`.
203	+ This may also be processed through a standard BuddyPress installation, or another plugin calling `user_register`.
204	If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.

205	*/
206	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
207	/**/

292	/**/
293	if (($transient = md5 ("s2member_transient_ipn_subscr_payment_" . $subscr_id)) && is_array ($subscr_payment = get_transient ($transient)))
294	{
295	+ $proxy = array ("s2member_paypal_notify" => "1", "s2member_paypal_proxy" => "s2member_transient_ipn_subscr_payment", "s2member_paypal_proxy_verification" => ws_plugin__s2member_paypal_proxy_key_gen ());
296	+ ws_plugin__s2member_remote (add_query_arg (urlencode_deep ($proxy), get_bloginfo ("wpurl")), stripslashes_deep ($subscr_payment), array ("timeout" => 20));
297	+ delete_transient ($transient);
298	}
299	/**/
300	setcookie ("s2member_signup_tracking", ws_plugin__s2member_encrypt ($subscr_id), time () + 31556926, "/");
301	/**/
302	+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
303	+ {
304	+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
305	+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
306	+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
307	+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
308	+ }
309	+ /**/
310	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
311	+ do_action ("ws_plugin__s2member_during_configure_user_registration_front_side_paid", get_defined_vars ());
312	do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
313	unset ($__refs, $__v); /* Unset defined __refs, __v. */
314	}
315	/**/
316	else if (!is_admin ()) /* Otherwise, if we are NOT inside the Dashboard during the creation of this account. */
317	{ /*
318	+ This routine could be processed through `wp-login.php?action=register`, `wp-activate.php`, or `/activate` via BuddyPress`.
319	+ This may also be processed through a standard BuddyPress installation, or another plugin calling `user_register`.
320	If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.

321	*/
322	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
323	/**/

414	/**/
415	update_user_option ($user_id, "s2member_custom_fields", $fields);
416	/**/
417	+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
418	+ {
419	+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
420	+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
421	+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
422	+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
423	+ }
424	+ /**/
425	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
426	+ do_action ("ws_plugin__s2member_during_configure_user_registration_front_side_free", get_defined_vars ());
427	do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
428	unset ($__refs, $__v); /* Unset defined __refs, __v. */
429	}
430	/**/
431	else if (is_admin () && $pagenow === "user-new.php") /* Else, if we're on this page. */
432	{ /*
433	+ This routine can ONLY be processed through `user-new.php` inside the backend Dashboard.
434	*/
435	$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
436	/**/

518	/**/
519	update_user_option ($user_id, "s2member_custom_fields", $fields);
520	/**/
521	+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
522	+ {
523	+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
524	+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
525	+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
526	+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
527	+ }
528	+ /**/
529	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
530	do_action ("ws_plugin__s2member_during_configure_user_registration_admin_side", get_defined_vars ());
531	unset ($__refs, $__v); /* Unset defined __refs, __v. */

533	/**/
534	if ($processed === "yes") /* If registration was processed by one of the routines above. */
535	{


536	if ($urls = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_urls"])
537	/**/
538	foreach (preg_split ("/[\r\n\t]+/", $urls) as $url) /* Notify each of the urls. */

547	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
548	if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
549	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
550	+ {
551	+ if (is_array ($fields) && !empty ($fields))
552	+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
553	+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
554	+ break;
555	+ /**/
556	+ if (($url = trim (preg_replace ("/%%(.+?)%%/i", "", $url))))
557	+ ws_plugin__s2member_remote ($url);
558	+ }
559	/**/
560	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])
561	{
562	$msg = $sbj = "( s2Member / API Notification Email ) - Registration";
563	$msg .= "\n\n"; /* Spacing in the message body. */
564	+ /**/
565	$msg .= "role: %%role%%\n";
566	$msg .= "level: %%level%%\n";
567	$msg .= "user_first_name: %%user_first_name%%\n";

571	$msg .= "user_login: %%user_login%%\n";
572	$msg .= "user_pass: %%user_pass%%\n";
573	$msg .= "user_id: %%user_id%%\n";
574	+ /**/
575	+ if (is_array ($fields) && !empty ($fields))
576	+ foreach ($fields as $var => $val)
577	+ $msg .= $var . ": %%" . $var . "%%\n";
578	+ /**/
579	$msg .= "cv0: %%cv0%%\n";
580	$msg .= "cv1: %%cv1%%\n";
581	$msg .= "cv2: %%cv2%%\n";

597	if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($login), $msg)))
598	if (($msg = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds ($pass), $msg)))
599	if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
600	+ {
601	+ if (is_array ($fields) && !empty ($fields))
602	+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
603	+ if (! ($msg = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (maybe_serialize ($val)), $msg)))
604	+ break;
605	/**/
606	+ if (($msg = trim (preg_replace ("/%%(.+?)%%/i", "", $msg))))
607	+ foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])) as $recipient)
608	+ ($recipient) ? wp_mail ($recipient, apply_filters ("ws_plugin__s2member_registration_notification_email_sbj", $sbj, get_defined_vars ()), apply_filters ("ws_plugin__s2member_registration_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
609	+ }
610	}
611	/**/
612	if ($url = $GLOBALS["ws_plugin__s2member_registration_return_url"])

621	if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
622	if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
623	if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
624	+ {
625	+ if (is_array ($fields) && !empty ($fields))
626	+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
627	+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
628	+ break;
629	+ /**/
630	+ if (($url = trim ($url))) /* Preserve remaining Replacements. */
631	+ /* Because the parent routine may perform replacements too. */
632	+ $GLOBALS["ws_plugin__s2member_registration_return_url"] = $url;
633	+ }
634	+ /**/
635	+ ws_plugin__s2member_process_list_servers ($role, $level, $email, $fname, $lname, $ip, $opt_in, $user_id);
636	/**/
637	setcookie ("s2member_subscr_id", "", time () + 31556926, "/");
638	setcookie ("s2member_custom", "", time () + 31556926, "/");

includes/functions/constants.inc.php CHANGED Viewed

	@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	- exit("Do not access this file directly.");
16	/*
17	Define several API Constants for s2Member.
18	Note that these are duplicated into the JavaScript API as well.
	@@ -27,29 +27,29 @@ if (!function_exists ("ws_plugin__s2member_constants"))
27	$links = ws_plugin__s2member_constant_links ();
28	$level = ws_plugin__s2member_user_access_level ();
29	$file_downloads = ws_plugin__s2member_user_downloads ();
30	- /**/
31	$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false;
32	- /**/
33	$subscr_id = ($current_user) ? get_user_option ("s2member_subscr_id", $current_user->ID) : "";
34	$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
35	$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
36	- ~~/**/~~
37	$login_redirection_url = ws_plugin__s2member_login_redirection_url ($current_user);
38	/**/
39	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
40	do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
41	unset ($__refs, $__v); /* Unset defined __refs, __v. */
42	/**/
43	- define ("S2MEMBER_VERSION", ($c[] = WS_PLUGIN__S2MEMBER_VERSION)); /* ~~Available~~ ~~since~~ 3.0. */
44	/**/
45	define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN", ($c[] = (($current_user) ? true : false)));
46	- define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN_AS_MEMBER", ($c[] = (($current_user && $level >= 1) ? true : false)));
47	define ("S2MEMBER_CURRENT_USER_ACCESS_LEVEL", ($c[] = (int)$level));
48	define ("S2MEMBER_CURRENT_USER_ACCESS_LABEL", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_label"]));
49	define ("S2MEMBER_CURRENT_USER_SUBSCR_ID", ($c[] = (($current_user) ? (($subscr_id) ? (string)$subscr_id : (string)$current_user->ID) : "")));
50	define ("S2MEMBER_CURRENT_USER_CUSTOM", ($c[] = (string)$custom));
51	- define ("S2MEMBER_CURRENT_USER_REGISTRATION_TIME", ($c[] = (($current_user) ? (int)strtotime ($current_user->user_registered) : 0)));
52	- define ("~~S2MEMBER_CURRENT_USER_REGISTRATION_DAYS~~", ($c[] = (($current_user) ? (int)~~floor ((strtotime (~~"~~now~~") - ~~strtotime~~ ($~~current_user->user_registered))~~ ~~/ 86400)~~ : 0)));


53	define ("S2MEMBER_CURRENT_USER_DISPLAY_NAME", ($c[] = (($current_user) ? (string)$current_user->display_name : "")));
54	define ("S2MEMBER_CURRENT_USER_FIRST_NAME", ($c[] = (($current_user) ? (string)$current_user->first_name : "")));
55	define ("S2MEMBER_CURRENT_USER_LAST_NAME", ($c[] = (($current_user) ? (string)$current_user->last_name : "")));
	@@ -60,7 +60,7 @@ if (!function_exists ("ws_plugin__s2member_constants"))
60	define ("S2MEMBER_CURRENT_USER_FIELDS", ($c[] = (($current_user) ? json_encode (array_merge (array ("id" => S2MEMBER_CURRENT_USER_ID, "ip" => S2MEMBER_CURRENT_USER_IP, "email" => S2MEMBER_CURRENT_USER_EMAIL, "login" => S2MEMBER_CURRENT_USER_LOGIN, "first_name" => S2MEMBER_CURRENT_USER_FIRST_NAME, "last_name" => S2MEMBER_CURRENT_USER_LAST_NAME, "display_name" => S2MEMBER_CURRENT_USER_DISPLAY_NAME, "subscr_id" => S2MEMBER_CURRENT_USER_SUBSCR_ID, "custom" => S2MEMBER_CURRENT_USER_CUSTOM), (array)$custom_fields)) : json_encode (array ()))));
61	/**/
62	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED", ($c[] = (int)$file_downloads["allowed"]));
63	- define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_IS_UNLIMITED", ($c[] = (($file_downloads["allowed"] >= 999999999) ? true : false)));
64	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_CURRENTLY", ($c[] = (int)$file_downloads["currently"]));
65	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_DAYS", ($c[] = (int)$file_downloads["allowed_days"]));
66	/**/
	@@ -100,8 +100,9 @@ if (!function_exists ("ws_plugin__s2member_constants"))
100	/**/
101	define ("S2MEMBER_PAYPAL_NOTIFY_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1"));
102	define ("S2MEMBER_PAYPAL_RETURN_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_return=1"));
103	- define ("S2MEMBER_PAYPAL_ENDPOINT", ($c[] = (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")));
104	define ("S2MEMBER_PAYPAL_BUSINESS", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]));

105	/**/
106	define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0", ($c[] = ((S2MEMBER_CURRENT_USER_SUBSCR_ID) ? "Updating Subscr. ID" : "")));
107	define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_OS0", ($c[] = ((S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0) ? S2MEMBER_CURRENT_USER_SUBSCR_ID : "")));


12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	+ exit ("Do not access this file directly.");
16	/*
17	Define several API Constants for s2Member.
18	Note that these are duplicated into the JavaScript API as well.

27	$links = ws_plugin__s2member_constant_links ();
28	$level = ws_plugin__s2member_user_access_level ();
29	$file_downloads = ws_plugin__s2member_user_downloads ();

30	$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false;

31	$subscr_id = ($current_user) ? get_user_option ("s2member_subscr_id", $current_user->ID) : "";
32	$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
33	$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
34	+ $paid_registration_times = ($current_user) ? get_user_option ("s2member_paid_registration_times", $current_user->ID) : array ();
35	$login_redirection_url = ws_plugin__s2member_login_redirection_url ($current_user);
36	/**/
37	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
38	do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
39	unset ($__refs, $__v); /* Unset defined __refs, __v. */
40	/**/
41	+ define ("S2MEMBER_VERSION", ($c[] = WS_PLUGIN__S2MEMBER_VERSION)); /* Since 3.0. */
42	/**/
43	define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN", ($c[] = (($current_user) ? true : false)));
44	+ define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN_AS_MEMBER", ($c[] = ( ($current_user && $level >= 1) ? true : false)));
45	define ("S2MEMBER_CURRENT_USER_ACCESS_LEVEL", ($c[] = (int)$level));
46	define ("S2MEMBER_CURRENT_USER_ACCESS_LABEL", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_label"]));
47	define ("S2MEMBER_CURRENT_USER_SUBSCR_ID", ($c[] = (($current_user) ? (($subscr_id) ? (string)$subscr_id : (string)$current_user->ID) : "")));
48	define ("S2MEMBER_CURRENT_USER_CUSTOM", ($c[] = (string)$custom));
49	+ define ("S2MEMBER_CURRENT_USER_REGISTRATION_TIME", ($c[] = ( ($current_user && $current_user->user_registered) ? (int)strtotime ($current_user->user_registered) : 0)));
50	+ define ("S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME", ($c[] = ( ($current_user && (int)$paid_registration_times["level"]) ? (int)$paid_registration_times["level"] : 0)));
51	+ define ("S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS", ($c[] = ( ($current_user && (int)$paid_registration_times["level"]) ? (int)floor ((strtotime ("now") - (int)$paid_registration_times["level"]) / 86400) : 0)));
52	+ define ("S2MEMBER_CURRENT_USER_REGISTRATION_DAYS", ($c[] = ( ($current_user && $current_user->user_registered) ? (int)floor ((strtotime ("now") - strtotime ($current_user->user_registered)) / 86400) : 0)));
53	define ("S2MEMBER_CURRENT_USER_DISPLAY_NAME", ($c[] = (($current_user) ? (string)$current_user->display_name : "")));
54	define ("S2MEMBER_CURRENT_USER_FIRST_NAME", ($c[] = (($current_user) ? (string)$current_user->first_name : "")));
55	define ("S2MEMBER_CURRENT_USER_LAST_NAME", ($c[] = (($current_user) ? (string)$current_user->last_name : "")));

60	define ("S2MEMBER_CURRENT_USER_FIELDS", ($c[] = (($current_user) ? json_encode (array_merge (array ("id" => S2MEMBER_CURRENT_USER_ID, "ip" => S2MEMBER_CURRENT_USER_IP, "email" => S2MEMBER_CURRENT_USER_EMAIL, "login" => S2MEMBER_CURRENT_USER_LOGIN, "first_name" => S2MEMBER_CURRENT_USER_FIRST_NAME, "last_name" => S2MEMBER_CURRENT_USER_LAST_NAME, "display_name" => S2MEMBER_CURRENT_USER_DISPLAY_NAME, "subscr_id" => S2MEMBER_CURRENT_USER_SUBSCR_ID, "custom" => S2MEMBER_CURRENT_USER_CUSTOM), (array)$custom_fields)) : json_encode (array ()))));
61	/**/
62	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED", ($c[] = (int)$file_downloads["allowed"]));
63	+ define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_IS_UNLIMITED", ($c[] = ( ($file_downloads["allowed"] >= 999999999) ? true : false)));
64	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_CURRENTLY", ($c[] = (int)$file_downloads["currently"]));
65	define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_DAYS", ($c[] = (int)$file_downloads["allowed_days"]));
66	/**/

100	/**/
101	define ("S2MEMBER_PAYPAL_NOTIFY_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1"));
102	define ("S2MEMBER_PAYPAL_RETURN_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_return=1"));
103	+ define ("S2MEMBER_PAYPAL_ENDPOINT", ($c[] = ( ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")));
104	define ("S2MEMBER_PAYPAL_BUSINESS", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]));
105	+ define ("S2MEMBER_PAYPAL_PDT_IDENTITY_TOKEN", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"]));
106	/**/
107	define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0", ($c[] = ((S2MEMBER_CURRENT_USER_SUBSCR_ID) ? "Updating Subscr. ID" : "")));
108	define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_OS0", ($c[] = ((S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0) ? S2MEMBER_CURRENT_USER_SUBSCR_ID : "")));

includes/functions/css-js-w-globals.inc.php CHANGED Viewed

	@@ -129,6 +129,8 @@ if (!function_exists ("ws_plugin__s2member_js_w_globals"))
129	$g .= "S2MEMBER_CURRENT_USER_SUBSCR_ID = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_SUBSCR_ID) . "',";
130	$g .= "S2MEMBER_CURRENT_USER_CUSTOM = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_CUSTOM) . "',";
131	$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_REGISTRATION_TIME . ",";


132	$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_REGISTRATION_DAYS . ",";
133	$g .= "S2MEMBER_CURRENT_USER_DISPLAY_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_DISPLAY_NAME) . "',";
134	$g .= "S2MEMBER_CURRENT_USER_FIRST_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_FIRST_NAME) . "',";


129	$g .= "S2MEMBER_CURRENT_USER_SUBSCR_ID = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_SUBSCR_ID) . "',";
130	$g .= "S2MEMBER_CURRENT_USER_CUSTOM = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_CUSTOM) . "',";
131	$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_REGISTRATION_TIME . ",";
132	+ $g .= "S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME . ",";
133	+ $g .= "S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS . ",";
134	$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_REGISTRATION_DAYS . ",";
135	$g .= "S2MEMBER_CURRENT_USER_DISPLAY_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_DISPLAY_NAME) . "',";
136	$g .= "S2MEMBER_CURRENT_USER_FIRST_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_FIRST_NAME) . "',";

includes/functions/file-download-access.inc.php CHANGED Viewed

	@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	- exit("Do not access this file directly.");
16	/*
17	Function determines the max period in days for download access.
18	Returns number of days, where 0 means no access to files has been allowed.
	@@ -35,7 +35,7 @@ if (!function_exists ("ws_plugin__s2member_max_download_period"))
35	if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
36	$max = ($max < $days) ? $days : $max;
37	/**/
38	- return apply_filters ("ws_plugin__s2member_max_download_period", (($max > 365) ? 365 : (int)$max), get_defined_vars ());
39	}
40	}
41	/*
	@@ -47,7 +47,7 @@ if (!function_exists ("ws_plugin__s2member_user_downloads"))
47	{
48	function ws_plugin__s2member_user_downloads ($not_counting_this_particular_file = false, $log = null)
49	{
50	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
51	do_action ("ws_plugin__s2member_before_user_downloads", get_defined_vars ());
52	unset ($__refs, $__v); /* Unset defined __refs, __v. */
53	/**/
	@@ -140,42 +140,42 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
140	/**/
141	$_GET["s2member_file_download_key"] = (!$_GET["s2member_file_download_key"] && $_GET["s2member_free_file_download_key"]) ? $_GET["s2member_free_file_download_key"] : $_GET["s2member_file_download_key"];
142	/**/
143	- if (!$excluded && (!$_GET["s2member_file_download_key"] \|\| ($_GET["s2member_file_download_key"] && !($file_download_key_is_valid = ($_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"]) \|\| $_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"], "cache-compatible"))))))
144	{
145	$_GET["s2member_file_download"] = trim ($_GET["s2member_file_download"], "/"); /* Trim slashes after Key comparison. */
146	/**/
147	if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
148	{
149	- header("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
150	- exit("404: Sorry, file not found. Please contact Support for assistance.");
151	}
152	else if ($_GET["s2member_file_download_key"] && !$file_download_key_is_valid) /* Was an invalid Key passed in? */
153	{
154	- header("HTTP/1.0 503 Service Temporarily Unavailable"); /* Invalid Download Keys are handled separately. */
155	- exit("503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.");
156	}
157	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Is a Membership Options Page configured? */
158	/* This file will be processed WITHOUT a Download Key, using Membership Level Access ( w/ possible Custom Capabilities ). */
159	{
160	if (($file_download_access_is_allowed = $min_level_4_downloads = ws_plugin__s2member_min_level_4_downloads ()) === false)
161	{
162	- header("HTTP/1.0 503 Service Temporarily Unavailable"); /* File downloads are NOT yet configured? */
163	- exit("503: Sorry, file downloads are NOT enabled yet. Please contact Support for assistance. If you are the site owner, please configure `s2Member -> Download Options`.");
164	}
165	/**/
166	- else if (!($current_user = (is_user_logged_in ()) ? wp_get_current_user () : false) /* NOT logged in? */
167	- && wp_redirect (add_query_arg (array ("~~s2member_level_req~~" => ~~(string)$min_level_4_downloads,~~ "~~s2member_file_download_req~~" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
168	exit ();
169	/**/
170	else if ((!is_array ($file_downloads = ws_plugin__s2member_user_downloads ()) \|\| !$file_downloads["allowed"] \|\| !$file_downloads["allowed_days"])/**/
171	- && wp_redirect (add_query_arg (array ("~~s2member_file_download_req~~" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
172	exit ();
173	/**/
174	else if (preg_match ("/^access[_\-]s2member[_\-]level([0-4])\//", $_GET["s2member_file_download"], $m))
175	{
176	$level_req = $m[1]; /* Which Level does this require? */
177	if (!$current_user->has_cap ("access_s2member_level" . $level_req) /* Does the User have access to this Level? */
178	- && wp_redirect (add_query_arg (array ("~~s2member_level_req~~" => ~~$level_req,~~ "~~s2member_file_download_req~~" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
179	exit ();
180	}
181	/**/
	@@ -183,7 +183,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
183	{
184	$ccap_req = preg_replace ("/-/", "_", $m[1]); /* Which Capability does this require? */
185	if (!$current_user->has_cap ("access_s2member_ccap_" . $ccap_req) /* Does the User have access to this Custom Capability? */
186	- && wp_redirect (add_query_arg (array ("~~s2member_ccap_req~~" => ~~$ccap_req,~~ "~~s2member_file_download_req~~" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
187	exit ();
188	}
189	/**/
	@@ -196,7 +196,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
196	{
197	if (strtotime ($file_download_access_log_entry["date"]) < strtotime ("-" . $max_days_logged . " days"))
198	{
199	- unset($file_download_access_log[$file_download_access_log_entry_key]);
200	$file_download_access_arc[] = $file_download_access_log_entry;
201	}
202	else if (strtotime ($file_download_access_log_entry["date"]) >= strtotime ("-" . $file_downloads["allowed_days"] . " days"))
	@@ -209,7 +209,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
209	}
210	/**/
211	if (!$already_downloaded && $previous_file_downloads >= $file_downloads["allowed"] /* They have NOT already downloaded this file, and they're over their limit. */
212	- && wp_redirect (add_query_arg (array ("~~s2member_file_download_req~~" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
213	exit ();
214	/**/
215	if (!$already_downloaded) /* Only add this file to the log if they have not already downloaded it. */
	@@ -225,8 +225,8 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
225	/**/
226	if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
227	{
228	- header("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
229	- exit("404: Sorry, file not found. Please contact Support for assistance.");
230	}
231	}
232	/*
	@@ -235,35 +235,47 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
235	$mimetypes = parse_ini_file (dirname (dirname (dirname (__FILE__))) . "/includes/mime-types.ini");
236	$pathinfo = pathinfo ($file = $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]);
237	$extension = strtolower ($pathinfo["extension"]); /* Convert file extension to lowercase format for MIME type lookup. */
238	- $inline = (in_array ($extension, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_inline_extensions"]))) ? true : false;
239	$mimetype = ($mimetypes[$extension]) ? $mimetypes[$extension] : "application/octet-stream"; /* Lookup MIME type. */
240	$basename = $pathinfo["basename"]; /* The actual file name, including its extension. */
241	$length = filesize ($file); /* The overall file size, in bytes. */
242	/**/
243	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
244	do_action ("ws_plugin__s2member_during_file_download_access", get_defined_vars ());
245	unset ($__refs, $__v); /* Unset defined __refs, __v. */
246	/*
247	- ~~Now~~ ~~send~~ the file to the browser.
248	- Be sure to turn off output compression.
249	*/
250	- set_time_limit(0); /* ~~Make time~~. */
251	ini_set ("zlib.output_compression", 0);
252	/**/
253	- header("~~Content~~-~~Encoding~~: none");
254	- header("Content-~~Type~~: " ~~. $mimetype~~);
255	- header("Content-~~Length~~: " . $~~length~~);

256	/**/
257	if (!$inline) /* If not inline, we default to serving the file as an attachment. */
258	- header('Content-Disposition: attachment; filename="' . $basename . '"');
259	/**/
260	- header("Expires: " . gmdate ("D, d M Y H:i:s", strtotime ("-1 week")) . " GMT");
261	- header("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
262	- header("Cache-Control: no-cache, must-revalidate, max-age=0");
263	header ("Cache-Control: post-check=0, pre-check=0", false);
264	- header("Pragma: no-cache");
265	/**/
266	- ~~ob_clean~~ () . ~~flush~~ () . ~~readfile~~ ($file);











267	/**/
268	exit ();
269	}
	@@ -283,7 +295,7 @@ if (!function_exists ("ws_plugin__s2member_file_download_key"))
283	{
284	function ws_plugin__s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
285	{
286	- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
287	do_action ("ws_plugin__s2member_before_file_download_key", get_defined_vars ());
288	unset ($__refs, $__v); /* Unset defined __refs, __v. */
289	/**/
	@@ -291,7 +303,7 @@ if (!function_exists ("ws_plugin__s2member_file_download_key"))
291	$key = md5 (ws_plugin__s2member_xencrypt ($salt)); /* Creates a site-specific/xencrytped hash of the salt.
292	/**/
293	if (!$cache_compatible) /* Disallow caching. */
294	- ws_plugin__s2member_nocache_constants(true);
295	/**/
296	return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
297	}


12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	+ exit ("Do not access this file directly.");
16	/*
17	Function determines the max period in days for download access.
18	Returns number of days, where 0 means no access to files has been allowed.

35	if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
36	$max = ($max < $days) ? $days : $max;
37	/**/
38	+ return apply_filters ("ws_plugin__s2member_max_download_period", ( ($max > 365) ? 365 : (int)$max), get_defined_vars ());
39	}
40	}
41	/*

47	{
48	function ws_plugin__s2member_user_downloads ($not_counting_this_particular_file = false, $log = null)
49	{
50	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
51	do_action ("ws_plugin__s2member_before_user_downloads", get_defined_vars ());
52	unset ($__refs, $__v); /* Unset defined __refs, __v. */
53	/**/

140	/**/
141	$_GET["s2member_file_download_key"] = (!$_GET["s2member_file_download_key"] && $_GET["s2member_free_file_download_key"]) ? $_GET["s2member_free_file_download_key"] : $_GET["s2member_file_download_key"];
142	/**/
143	+ if (!$excluded && (!$_GET["s2member_file_download_key"] \|\| ($_GET["s2member_file_download_key"] && ! ($file_download_key_is_valid = ($_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"]) \|\| $_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"], "cache-compatible"))))))
144	{
145	$_GET["s2member_file_download"] = trim ($_GET["s2member_file_download"], "/"); /* Trim slashes after Key comparison. */
146	/**/
147	if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
148	{
149	+ header ("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
150	+ exit ("404: Sorry, file not found. Please contact Support for assistance.");
151	}
152	else if ($_GET["s2member_file_download_key"] && !$file_download_key_is_valid) /* Was an invalid Key passed in? */
153	{
154	+ header ("HTTP/1.0 503 Service Temporarily Unavailable"); /* Invalid Download Keys are handled separately. */
155	+ exit ("503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.");
156	}
157	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Is a Membership Options Page configured? */
158	/* This file will be processed WITHOUT a Download Key, using Membership Level Access ( w/ possible Custom Capabilities ). */
159	{
160	if (($file_download_access_is_allowed = $min_level_4_downloads = ws_plugin__s2member_min_level_4_downloads ()) === false)
161	{
162	+ header ("HTTP/1.0 503 Service Temporarily Unavailable"); /* File downloads are NOT yet configured? */
163	+ exit ("503: Sorry, file downloads are NOT enabled yet. Please contact Support for assistance. If you are the site owner, please configure `s2Member -> Download Options`.");
164	}
165	/**/
166	+ else if (! ($current_user = (is_user_logged_in ()) ? wp_get_current_user () : false) /* NOT logged in? */
167	+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_level_req" => (string)$min_level_4_downloads)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
168	exit ();
169	/**/
170	else if ((!is_array ($file_downloads = ws_plugin__s2member_user_downloads ()) \|\| !$file_downloads["allowed"] \|\| !$file_downloads["allowed_days"])/**/
171	+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"])), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
172	exit ();
173	/**/
174	else if (preg_match ("/^access[_\-]s2member[_\-]level([0-4])\//", $_GET["s2member_file_download"], $m))
175	{
176	$level_req = $m[1]; /* Which Level does this require? */
177	if (!$current_user->has_cap ("access_s2member_level" . $level_req) /* Does the User have access to this Level? */
178	+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_level_req" => $level_req)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
179	exit ();
180	}
181	/**/

183	{
184	$ccap_req = preg_replace ("/-/", "_", $m[1]); /* Which Capability does this require? */
185	if (!$current_user->has_cap ("access_s2member_ccap_" . $ccap_req) /* Does the User have access to this Custom Capability? */
186	+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_ccap_req" => $ccap_req)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
187	exit ();
188	}
189	/**/

196	{
197	if (strtotime ($file_download_access_log_entry["date"]) < strtotime ("-" . $max_days_logged . " days"))
198	{
199	+ unset ($file_download_access_log[$file_download_access_log_entry_key]);
200	$file_download_access_arc[] = $file_download_access_log_entry;
201	}
202	else if (strtotime ($file_download_access_log_entry["date"]) >= strtotime ("-" . $file_downloads["allowed_days"] . " days"))

209	}
210	/**/
211	if (!$already_downloaded && $previous_file_downloads >= $file_downloads["allowed"] /* They have NOT already downloaded this file, and they're over their limit. */
212	+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"])), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
213	exit ();
214	/**/
215	if (!$already_downloaded) /* Only add this file to the log if they have not already downloaded it. */

225	/**/
226	if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
227	{
228	+ header ("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
229	+ exit ("404: Sorry, file not found. Please contact Support for assistance.");
230	}
231	}
232	/*

235	$mimetypes = parse_ini_file (dirname (dirname (dirname (__FILE__))) . "/includes/mime-types.ini");
236	$pathinfo = pathinfo ($file = $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]);
237	$extension = strtolower ($pathinfo["extension"]); /* Convert file extension to lowercase format for MIME type lookup. */
238	+ $inline = ($_GET["s2member_file_inline"] \|\| in_array ($extension, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_inline_extensions"]))) ? true : false;
239	$mimetype = ($mimetypes[$extension]) ? $mimetypes[$extension] : "application/octet-stream"; /* Lookup MIME type. */
240	$basename = $pathinfo["basename"]; /* The actual file name, including its extension. */
241	$length = filesize ($file); /* The overall file size, in bytes. */
242	/**/
243	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
244	do_action ("ws_plugin__s2member_during_file_download_access", get_defined_vars ());
245	unset ($__refs, $__v); /* Unset defined __refs, __v. */
246	/*
247	+ Send the file to the browser in chunks ( in support of larger files ).
248	+ Be sure to turn off output compression, as it DOES get in the way.
249	*/
250	+ set_time_limit (0); /* Unlimited. */
251	ini_set ("zlib.output_compression", 0);
252	/**/
253	+ header ("Accept-Ranges: none");
254	+ header ("Content-Encoding: none");
255	+ header ("Content-Type: " . $mimetype);
256	+ header ("Content-Length: " . $length);
257	/**/
258	if (!$inline) /* If not inline, we default to serving the file as an attachment. */
259	+ header ('Content-Disposition: attachment; filename="' . $basename . '"');
260	/**/
261	+ header ("Expires: " . gmdate ("D, d M Y H:i:s", strtotime ("-1 week")) . " GMT");
262	+ header ("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
263	+ header ("Cache-Control: no-cache, must-revalidate, max-age=0");
264	header ("Cache-Control: post-check=0, pre-check=0", false);
265	+ header ("Pragma: no-cache");
266	/**/
267	+ if ($length && ($stream = fopen ($file, "rb")))
268	+ {
269	+ @ob_end_clean (); /* End/clean any existing output buffer. */
270	+ /**/
271	+ while (strlen ($data = stream_get_contents ($stream, 2097152)))
272	+ {
273	+ echo $data; /* In 2MB chunks. */
274	+ @ob_end_flush () . @flush ();
275	+ }
276	+ /**/
277	+ fclose ($stream);
278	+ }
279	/**/
280	exit ();
281	}

295	{
296	function ws_plugin__s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
297	{
298	+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
299	do_action ("ws_plugin__s2member_before_file_download_key", get_defined_vars ());
300	unset ($__refs, $__v); /* Unset defined __refs, __v. */
301	/**/

303	$key = md5 (ws_plugin__s2member_xencrypt ($salt)); /* Creates a site-specific/xencrytped hash of the salt.
304	/**/
305	if (!$cache_compatible) /* Disallow caching. */
306	+ ws_plugin__s2member_nocache_constants (true);
307	/**/
308	return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
309	}

includes/functions/force-ssl.inc.php CHANGED Viewed

	@@ -92,7 +92,7 @@ if (!function_exists ("ws_plugin__s2member_check_force_ssl"))
92	if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
93	$c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
94	/**/
95	- return $c; /* Return string with conversions. */
96	}
97	/**/
98	ob_start ("_ws_plugin__s2member_force_ssl_buffer");


92	if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
93	$c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
94	/**/
95	+ return (strtolower ($m[1]) === "link" && preg_match ("/['\"]alternate['\"]/i", $m[0])) ? $m[0] : $c; /* Return string with conversions. */
96	}
97	/**/
98	ob_start ("_ws_plugin__s2member_force_ssl_buffer");

includes/functions/ip-restrictions.inc.php CHANGED Viewed

	@@ -47,7 +47,7 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
47	/**/
48	if (get_transient ($transient_security_breach)) /* Has this restriction already been breached? */
49	{
50	- ws_plugin__s2member_nocache_constants (true) . wp_clear_auth_cookie ();
51	/**/
52	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
53	/**/
	@@ -61,9 +61,10 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
61	}
62	else if (count ($entries) > $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction"])
63	{
64	- ws_plugin__s2member_nocache_constants (true) . wp_clear_auth_cookie ();
65	/**/
66	- set_transient ($transient_security_breach, 1, ~~$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction_time"]);~~

67	/**/
68	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
69	/**/
	@@ -75,7 +76,7 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
75	/**/
76	exit ();
77	}
78	- else /* OK, this looks legitimate. ~~Continue~~ ~~updating~~ ~~the~~ ~~Transient~~ ~~array~~ ~~of IP addresses~~. */
79	{
80	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
81	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_yes", get_defined_vars ());


47	/**/
48	if (get_transient ($transient_security_breach)) /* Has this restriction already been breached? */
49	{
50	+ ws_plugin__s2member_nocache_constants(true) . wp_clear_auth_cookie ();
51	/**/
52	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
53	/**/

61	}
62	else if (count ($entries) > $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction"])
63	{
64	+ ws_plugin__s2member_nocache_constants(true) . wp_clear_auth_cookie ();
65	/**/
66	+ set_transient ($transient_security_breach, 1, /* Lock down. */
67	+ $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction_time"]);
68	/**/
69	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
70	/**/

76	/**/
77	exit ();
78	}
79	+ else /* OK, this looks legitimate. Apply Filters here and return true. */
80	{
81	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
82	do_action ("ws_plugin__s2member_during_ip_restrictions_ok_yes", get_defined_vars ());

includes/functions/is-systematic.inc.php CHANGED Viewed

	@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	- exit("Do not access this file directly.");
16	/*
17	Function that determines whether we are on a Systematic Use Page.
18	*/
	@@ -30,15 +30,15 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
30	{
31	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32	}
33	- else if (preg_match ("/^CLI$/i", PHP_SAPI))
34	{
35	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
36	}
37	- else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !preg_match ("/^localhost(\:[0-9]+)?$/i", $_SERVER["HTTP_HOST"]))
38	{
39	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
40	}
41	- else if (preg_match ("/\/wp-(signup\|register\|activate\|login)\.php/", $_SERVER["REQUEST_URI"]))
42	{
43	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
44	}
	@@ -85,7 +85,7 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_specific_page"))
85	{
86	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
87	}
88	- else if ($uri && preg_match ("/\/wp-(signup\|register\|activate\|login)\.php/", $uri))
89	{
90	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
91	}


12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	+ exit ("Do not access this file directly.");
16	/*
17	Function that determines whether we are on a Systematic Use Page.
18	*/

30	{
31	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32	}
33	+ else if (preg_match ("/^CLI$/i", PHP_SAPI)) /* CLI = Command Line. Normally indicates a running cron job. */
34	{
35	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
36	}
37	+ else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !preg_match ("/^localhost(\:[0-9]+)?$/i", $_SERVER["HTTP_HOST"]) && (!defined ("LOCALHOST") \|\| !LOCALHOST))
38	{
39	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
40	}
41	+ else if (preg_match ("/\/wp-(signup\|register\|activate\|login)\.php/", $_SERVER["REQUEST_URI"]) \|\| (defined ("BP_VERSION") && preg_match ("/\/(" . preg_quote (BP_REGISTER_SLUG, "/") . "\|" . preg_quote (BP_ACTIVATION_SLUG, "/") . ")/", $_SERVER["REQUEST_URI"])))
42	{
43	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
44	}

85	{
86	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
87	}
88	+ else if ($uri && (preg_match ("/\/wp-(signup\|register\|activate\|login)\.php/", $uri) \|\| (defined ("BP_VERSION") && preg_match ("/\/(" . preg_quote (BP_REGISTER_SLUG, "/") . "\|" . preg_quote (BP_ACTIVATION_SLUG, "/") . ")/", $_SERVER["REQUEST_URI"]))))
89	{
90	return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
91	}

includes/functions/list-servers.inc.php CHANGED Viewed

	@@ -35,7 +35,7 @@ Function that process list server integrations for s2Member.
35	*/
36	if (!function_exists ("ws_plugin__s2member_process_list_servers"))
37	{
38	- function ws_plugin__s2member_process_list_servers ($level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE)
39	{
40	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
41	do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());
	@@ -52,15 +52,13 @@ if (!function_exists ("ws_plugin__s2member_process_list_servers"))
52	$MCAPI = new NC_MCAPI ($mailchimp_api_key); /* MailChimp® API class. */
53	/**/
54	foreach (preg_split ("/[\r\n\t\s;,]+/", $mailchimp_list_ids) as $mailchimp_list_id)
55	- $MCAPI->listSubscribe ($mailchimp_list_id, $email, array ("FNAME" => $fname, "LNAME" => $lname, "OPTINIP" => $ip));
56	}
57	/**/
58	if (($aweber_list_ids = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_aweber_list_ids"]))
59	{
60	foreach (preg_split ("/[\r\n\t\s;,]+/", $aweber_list_ids) as $aweber_list_id)
61	- ~~@mail~~ ($aweber_list_id . "@aweber.com", "s2Member Subscription Request"~~,/**/~~
62	- "s2Member Subscription Request\ns2Member w/ PayPal Email ID\nEMail Address: " . $email . "\nBuyer: " . $fname . " " . $lname . "\nFull Name: " . $fname . " " . $lname . "\nFirst Name: " . $fname . "\nLast Name: " . $lname . "\nIP Address: " . $ip . "\nLevel: " . $level . "\n - end.",/**/
63	- "From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");
64	}
65	/**/
66	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');


35	*/
36	if (!function_exists ("ws_plugin__s2member_process_list_servers"))
37	{
38	+ function ws_plugin__s2member_process_list_servers ($role = FALSE, $level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE, $user_id = FALSE)
39	{
40	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
41	do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());

52	$MCAPI = new NC_MCAPI ($mailchimp_api_key); /* MailChimp® API class. */
53	/**/
54	foreach (preg_split ("/[\r\n\t\s;,]+/", $mailchimp_list_ids) as $mailchimp_list_id)
55	+ $MCAPI->listSubscribe ($mailchimp_list_id, $email, apply_filters ("ws_plugin__s2member_mailchimp_array", array ("FNAME" => $fname, "LNAME" => $lname, "OPTINIP" => $ip), get_defined_vars ()));
56	}
57	/**/
58	if (($aweber_list_ids = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_aweber_list_ids"]))
59	{
60	foreach (preg_split ("/[\r\n\t\s;,]+/", $aweber_list_ids) as $aweber_list_id)
61	+ wp_mail ($aweber_list_id . "@aweber.com", apply_filters ("ws_plugin__s2member_aweber_sbj", "s2Member Subscription Request", get_defined_vars ()), apply_filters ("ws_plugin__s2member_aweber_msg", "s2Member Subscription Request\ns2Member w/ PayPal Email ID\nEMail Address: " . $email . "\nBuyer: " . $fname . " " . $lname . "\nFull Name: " . $fname . " " . $lname . "\nFirst Name: " . $fname . "\nLast Name: " . $lname . "\nIP Address: " . $ip . "\nUser ID: " . $user_id . "\nRole: " . $role . "\nLevel: " . $level . "\n - end.", get_defined_vars ()), "From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");


62	}
63	/**/
64	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');

includes/functions/login-redirection.inc.php CHANGED Viewed

	@@ -29,24 +29,26 @@ if (!function_exists ("ws_plugin__s2member_login_redirect"))
29	/* This additional check was added in case wp_signon() fires this event with empty $_POST credentials.
30	In this rare case, we can check to see if WordPress® is remembering a previously logged in User. */
31	/**/
32	- if (!is_object ($user = new WP_User ($username)) \|\| ! ($user_id = $user->ID) \|\| !$user->has_cap ("edit_posts"))

33	{
34	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
35	do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
36	unset ($__refs, $__v); /* Unset defined __refs, __v. */
37	/**/
38	- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"] && function_exists ("ws_plugin__s2member_generate_password"))
39	{
40	delete_user_setting ("default_password_nag"); /* setcookie() */
41	update_user_option ($user_id, "default_password_nag", false, true);
42	}
43	/**/
44	- if (strtolower ($username) === "demo" \|\| ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
45	{
46	if ($special_redirection_url = ws_plugin__s2member_login_redirection_url ($user))
47	- wp_redirect ($special_redirection_url);
48	/**/
49	- else ~~wp_redirect (get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));~~

50	}
51	/**/
52	exit ();
	@@ -90,10 +92,12 @@ if (!function_exists ("ws_plugin__s2member_fill_login_redirect_rc_vars"))
90	$user_login = (is_object ($user)) ? strtolower ($user->user_login) : "";
91	$user_id = (is_object ($user)) ? (string)$user->ID : "";
92	$user_level = (string)ws_plugin__s2member_user_access_level ($user);

93	/**/
94	$url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($user_login), $url);
95	$url = preg_replace ("/%%current_user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $url);
96	$url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($user_level), $url);

97	/**/
98	return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
99	}


29	/* This additional check was added in case wp_signon() fires this event with empty $_POST credentials.
30	In this rare case, we can check to see if WordPress® is remembering a previously logged in User. */
31	/**/
32	+ if (!is_object ($user = new WP_User ($username)) \|\| ! ($user_id = $user->ID) \|\| !$user->has_cap ("edit_posts")/**/
33	+ /* Now give Filters a chance also. */ \|\| apply_filters ("ws_plugin__s2member_login_redirect", false, get_defined_vars ()))
34	{
35	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
36	do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
37	unset ($__refs, $__v); /* Unset defined __refs, __v. */
38	/**/
39	+ if ($username && $user && $user_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"] && function_exists ("ws_plugin__s2member_generate_password"))
40	{
41	delete_user_setting ("default_password_nag"); /* setcookie() */
42	update_user_option ($user_id, "default_password_nag", false, true);
43	}
44	/**/
45	+ if (!$username \|\| !$user \|\| !$user_id \|\| strtolower ($username) === "demo" \|\| ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
46	{
47	if ($special_redirection_url = ws_plugin__s2member_login_redirection_url ($user))
48	+ wp_redirect($special_redirection_url);
49	/**/
50	+ else
51	+ wp_redirect (get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));
52	}
53	/**/
54	exit ();

92	$user_login = (is_object ($user)) ? strtolower ($user->user_login) : "";
93	$user_id = (is_object ($user)) ? (string)$user->ID : "";
94	$user_level = (string)ws_plugin__s2member_user_access_level ($user);
95	+ $user_role = (string)ws_plugin__s2member_user_access_role ($user);
96	/**/
97	$url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($user_login), $url);
98	$url = preg_replace ("/%%current_user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $url);
99	$url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($user_level), $url);
100	+ $url = preg_replace ("/%%current_user_role%%/i", ws_plugin__s2member_esc_ds ($user_role), $url);
101	/**/
102	return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
103	}

includes/functions/membership-options.inc.php CHANGED Viewed

	@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	- exit("Do not access this file directly.");
16	/*
17	This forces a redirection to the Membership Options Page for s2Member.
18	This can be used by 3rd party applications that are not aware of which
	@@ -31,8 +31,12 @@ if (!function_exists ("ws_plugin__s2member_membership_options_page"))
31	/**/
32	if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
33	{
34	- $~~_GET["s2member_level_req"]~~ = ~~(strlen~~ (~~$_GET["s2member_level_req"]~~)) ? ~~$_GET["s2member_level_req"]~~ : ~~"0";~~
35	- ~~wp_redirect(add_query_arg~~ (~~"s2member_level_req",~~ $_GET~~["s2member_level_req"],~~ ~~get_page_link~~ ($~~GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]~~)~~));~~




36	exit ();
37	}
38	/**/


12	Direct access denial.
13	*/
14	if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15	+ exit ("Do not access this file directly.");
16	/*
17	This forces a redirection to the Membership Options Page for s2Member.
18	This can be used by 3rd party applications that are not aware of which

31	/**/
32	if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
33	{
34	+ $query_args = array (); /* Initialize array. */
35	+ foreach ($_GET as $var => $val) /* Include any s2member_ vars. */
36	+ if (preg_match ("/^s2member_/", $var) && $var !== "s2member_membership_options_page")
37	+ $query_args[$var] = $val;
38	+ /**/
39	+ wp_redirect (add_query_arg (urlencode_deep ($query_args), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
40	exit ();
41	}
42	/**/

includes/functions/menu-pages.inc.php CHANGED Viewed

	@@ -20,7 +20,7 @@ Options can also be passed in directly.
20	*/
21	if (!function_exists ("ws_plugin__s2member_update_all_options"))
22	{
23	- function ws_plugin__s2member_update_all_options ($new_options = FALSE, $verified = FALSE, $update_other = TRUE, $display_notices = TRUE, $enqueue_notices = FALSE)
24	{
25	do_action ("ws_plugin__s2member_before_update_all_options", get_defined_vars ()); /* If you use this Hook, be sure to use `wp_verify_nonce()`. */
26	/**/
	@@ -57,7 +57,7 @@ if (!function_exists ("ws_plugin__s2member_update_all_options"))
57	if ($update_other === true \|\| in_array ("auto_eot_system", (array)$update_other)) /* Handle the Auto-EOT System now ( enable/disable ). */
58	($options["auto_eot_system_enabled"] == 1) ? ws_plugin__s2member_add_auto_eot_system () : ws_plugin__s2member_delete_auto_eot_system ();
59	/**/
60	- if (($display_notices === true \|\| in_array ("success", (array)$display_notices)) && ($notice = '<strong>Options saved~~.</~~strong>'))
61	($enqueue_notices === true \|\| in_array ("success", (array)$enqueue_notices)) ? ws_plugin__s2member_enqueue_admin_notice ($notice) : ws_plugin__s2member_display_admin_notice ($notice);
62	/**/
63	if (!$options["membership_options_page"] && ($display_notices === true \|\| in_array ("page-conflict-warnings", (array)$display_notices)) && ($notice = '<strong>NOTE:</strong> s2Member security restrictions will NOT be enforced until you\'ve configured a Membership Options Page. See: <code>s2Member -> General Options -> Membership Options Page</code>.'))
	@@ -390,7 +390,7 @@ if (!function_exists ("ws_plugin__s2member_paypal_ops_page"))
390	if (is_dir ($logs_dir) && is_writable ($logs_dir) && !file_exists ($htaccess))
391	file_put_contents ($htaccess, "deny from all") . clearstatcache ();
392	/**/
393	- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["~~paypal_debug~~"]) /* If ~~logging is~~ enabled. */
394	{
395	if (!is_dir ($logs_dir)) /* If the security-enabled logs directory does not exist yet. */
396	ws_plugin__s2member_display_admin_notice ("The security-enabled logs directory ( <code>" . preg_replace ("/^" . preg_quote ($_SERVER["DOCUMENT_ROOT"], "/") . "/", "", $logs_dir) . "</code> ) does not exist. Please create this directory manually & make it writable ( chmod 777 ).", true);


20	*/
21	if (!function_exists ("ws_plugin__s2member_update_all_options"))
22	{
23	+ function ws_plugin__s2member_update_all_options ($new_options = FALSE, $verified = FALSE, $update_other = TRUE, $display_notices = TRUE, $enqueue_notices = FALSE, $request_refresh = FALSE)
24	{
25	do_action ("ws_plugin__s2member_before_update_all_options", get_defined_vars ()); /* If you use this Hook, be sure to use `wp_verify_nonce()`. */
26	/**/

57	if ($update_other === true \|\| in_array ("auto_eot_system", (array)$update_other)) /* Handle the Auto-EOT System now ( enable/disable ). */
58	($options["auto_eot_system_enabled"] == 1) ? ws_plugin__s2member_add_auto_eot_system () : ws_plugin__s2member_delete_auto_eot_system ();
59	/**/
60	+ if (($display_notices === true \|\| in_array ("success", (array)$display_notices)) && ($notice = '<strong>Options saved.' . (($request_refresh) ? ' Please <a href="' . esc_attr ($_SERVER["REQUEST_URI"]) . '">refresh</a>.' : '') . '</strong>'))
61	($enqueue_notices === true \|\| in_array ("success", (array)$enqueue_notices)) ? ws_plugin__s2member_enqueue_admin_notice ($notice) : ws_plugin__s2member_display_admin_notice ($notice);
62	/**/
63	if (!$options["membership_options_page"] && ($display_notices === true \|\| in_array ("page-conflict-warnings", (array)$display_notices)) && ($notice = '<strong>NOTE:</strong> s2Member security restrictions will NOT be enforced until you\'ve configured a Membership Options Page. See: <code>s2Member -> General Options -> Membership Options Page</code>.'))

390	if (is_dir ($logs_dir) && is_writable ($logs_dir) && !file_exists ($htaccess))
391	file_put_contents ($htaccess, "deny from all") . clearstatcache ();
392	/**/
393	+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["gateway_debug_logs"]) /* Logging enabled? */
394	{
395	if (!is_dir ($logs_dir)) /* If the security-enabled logs directory does not exist yet. */
396	ws_plugin__s2member_display_admin_notice ("The security-enabled logs directory ( <code>" . preg_replace ("/^" . preg_quote ($_SERVER["DOCUMENT_ROOT"], "/") . "/", "", $logs_dir) . "</code> ) does not exist. Please create this directory manually & make it writable ( chmod 777 ).", true);

includes/functions/nocache.inc.php CHANGED Viewed

	@@ -55,6 +55,7 @@ These additional supplemental routines, include:
55	- ws_plugin__s2member_check_page_level_access()
56	- ws_plugin__s2member_ip_restrictions_ok()
57	- ws_plugin__s2member_file_download_key()

58	*/
59	if (!function_exists ("ws_plugin__s2member_nocache_constants"))
60	{


55	- ws_plugin__s2member_check_page_level_access()
56	- ws_plugin__s2member_ip_restrictions_ok()
57	- ws_plugin__s2member_file_download_key()
58	+ - Button/Shortcode Generators also call this.
59	*/
60	if (!function_exists ("ws_plugin__s2member_nocache_constants"))
61	{

includes/functions/page-level-access.inc.php CHANGED Viewed

	@@ -44,17 +44,17 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
44	/**/
45	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
46	{
47	- wp_redirect (add_query_arg ("~~s2member_level_req~~", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
48	exit ();
49	}
50	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "$/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
51	{
52	- wp_redirect (add_query_arg ("~~s2member_level_req~~", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
53	exit ();
54	}
55	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
56	{
57	- wp_redirect (add_query_arg ("~~s2member_level_req~~", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58	exit ();
59	}
60	else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict Systematic Use Pages. However, there are 3 exceptions above ^. */
	@@ -63,13 +63,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
63	{
64	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
65	{
66	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
67	exit ();
68	}
69	/**/
70	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
71	{
72	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
73	exit ();
74	}
75	}
	@@ -80,13 +80,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
80	{
81	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
82	{
83	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
84	exit ();
85	}
86	/**/
87	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] && has_tag (preg_split ("/[\r\n\t;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
88	{
89	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
90	exit ();
91	}
92	}
	@@ -98,7 +98,7 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
98	foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
99	if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
100	{
101	- wp_redirect (add_query_arg ("~~s2member_level_req~~", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
102	exit ();
103	}
104	}
	@@ -107,13 +107,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
107	foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. Stored as a serialized array. */
108	if (strlen ($ccap) && (!$current_user \|\| !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
109	{
110	- wp_redirect (add_query_arg ("~~s2member_ccap_req~~", $ccap, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
111	exit ();
112	}
113	/**/
114	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_id))
115	{
116	- wp_redirect (add_query_arg ("~~s2member_sp_req~~", $page_id, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
117	exit ();
118	}
119	}


44	/**/
45	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
46	{
47	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
48	exit ();
49	}
50	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "$/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
51	{
52	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
53	exit ();
54	}
55	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
56	{
57	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58	exit ();
59	}
60	else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict Systematic Use Pages. However, there are 3 exceptions above ^. */

63	{
64	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
65	{
66	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
67	exit ();
68	}
69	/**/
70	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
71	{
72	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
73	exit ();
74	}
75	}

80	{
81	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
82	{
83	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
84	exit ();
85	}
86	/**/
87	else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] && has_tag (preg_split ("/[\r\n\t;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
88	{
89	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
90	exit ();
91	}
92	}

98	foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
99	if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user \|\| !current_user_can ("access_s2member_level" . $i)))
100	{
101	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
102	exit ();
103	}
104	}

107	foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. Stored as a serialized array. */
108	if (strlen ($ccap) && (!$current_user \|\| !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
109	{
110	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_ccap_req" => $ccap)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
111	exit ();
112	}
113	/**/
114	if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_id))
115	{
116	+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_sp_req" => $page_id)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
117	exit ();
118	}
119	}

includes/functions/paypal-button.inc.php CHANGED Viewed

	@@ -16,14 +16,6 @@ if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
16	/*
17	Function that handles the Shortcode for [s2Member-PayPal-Button /].
18	Attach to: add_shortcode("s2Member-PayPal-Button");
19	-
20	- [s2Member-PayPal-Button level="1" ccaps="" desc="" ps="paypal" cc="USD" ns="1" custom="www.domain.com" ta="0" tp="0" tt="D" ra="0.01" rp="1" rt="M" rr="1" image="default" /]
21	- [s2Member-PayPal-Button page="0" exp="72" desc="Specific Post/Page Access" ps="paypal" cc="USD" ns="1" custom="www.domain.com" ra="0.01" sp="1" image="default" /]
22	- The image="" attribute will be used as a custom image; when provided; and not equal to "default".
23	-
24	- - PayPal® Cancellation Buttons are identified by cancel="1".
25	- - PayPal® Specific Post/Page Buttons are identified by sp="1".
26	- - PayPal® Modification Buttons are identified by modify="1".
27	*/
28	if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
29	{
	@@ -33,15 +25,17 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
33	do_action ("ws_plugin__s2member_before_sc_paypal_button", get_defined_vars ());
34	unset ($__refs, $__v); /* Unset defined __refs, __v. */
35	/**/


36	$attr = ws_plugin__s2member_trim_quot_deep ((array)$attr); /* Force array, and fix " in attrs. */
37	/**/
38	- $attr["tt"] = ~~strtoupper~~ ($~~attr~~["tt"]); /* ~~Term~~ ~~lengths~~ ~~absolutely~~ ~~must~~ be ~~provided~~ in ~~upper-case~~ ~~format~~. */
39	- $attr["rt"] = strtoupper ($attr["rt"]); /* Term lengths absolutely must be provided in upper-case format. */
40	- $attr["rr"] = strtoupper ($attr["rr"]); /* Must be provided in upper-case format. Numerical, or BN value. */
41	- $attr["ccaps"] = strtolower ($attr["ccaps"]); /* Custom Capabilities must be typed in lower-case format. */
42	- $attr["rr"] = ($attr["rt"] === "L") ? "BN" : $attr["rr"]; /* Lifetime Subscriptions require Buy Now. */
43	/**/
44	- $attr = ~~shortcode_atts~~ (~~array ("ids" => "0", "exp" => "72", "level" => "1", "ccaps" => "", "desc" => "", "ps" => "paypal", "cc" => "USD", "ns" => "1", "custom" =>~~ $~~_SERVER~~["~~HTTP_HOST~~"], ~~"ta"~~ => ~~"",~~ ~~"tp"~~ => ~~"0",~~ ~~"tt"~~ => ~~"D",~~ ~~"ra" => "0~~.~~01",~~ ~~"rp"~~ => ~~"1",~~ ~~"rt"~~ => ~~"M",~~ ~~"rr" => "1", "modify" => "0", "cancel" => "0", "sp" => "0", "image" => "default"~~), ~~$attr);~~




45	/**/
46	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
47	do_action ("ws_plugin__s2member_before_sc_paypal_button_after_shortcode_atts", get_defined_vars ());
	@@ -49,11 +43,19 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
49	/**/
50	if ($attr["cancel"]) /* This is a special routine for Cancellation Buttons. Cancellation Buttons use a different template. */
51	{


52	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-cancellation-button.html"));



53	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
54	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
55	/**/
56	- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;



57	/**/
58	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
59	do_action ("ws_plugin__s2member_during_sc_paypal_cancellation_button", get_defined_vars ());
	@@ -62,15 +64,20 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
62	/**/
63	else if ($attr["sp"]) /* This is a special routine for Specific Post/Page Buttons. Specific Post/Page Buttons use a different template. */
64	{


65	$attr["sp_ids_exp"] = "sp:" . $attr["ids"] . ":" . $attr["exp"]; /* Combined "sp:ids:expiration hours". */
66	/**/
67	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-sp-checkout-button.html"));



68	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
69	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
70	$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code);
71	$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
72	$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
73	- $code = preg_replace ("/%%~~domain~~%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
74	/**/
75	$code = preg_replace ('/ name\="no_shipping" value\="(.*?)"/', ' name="no_shipping" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ns"])) . '"', $code);
76	$code = preg_replace ('/ name\="item_name" value\="(.*?)"/', ' name="item_name" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["desc"])) . '"', $code);
	@@ -80,7 +87,10 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
80	$code = preg_replace ('/ name\="custom" value\="(.*?)"/', ' name="custom" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["custom"])) . '"', $code);
81	$code = preg_replace ('/ name\="amount" value\="(.*?)"/', ' name="amount" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ra"])) . '"', $code);
82	/**/
83	- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;



84	/**/
85	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
86	do_action ("ws_plugin__s2member_during_sc_paypal_sp_button", get_defined_vars ());
	@@ -88,19 +98,24 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
88	}
89	else /* Otherwise, we'll process this Button normally, using the Membership routines. Also handles Modification Buttons. */
90	{


91	$attr["desc"] = (!$attr["desc"]) ? $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"] : $attr["desc"];
92	/**/
93	$attr["level_ccaps_eotper"] = ($attr["rr"] === "BN" && $attr["rt"] !== "L") ? $attr["level"] . ":" . $attr["ccaps"] . ":" . $attr["rp"] . " " . $attr["rt"] : $attr["level"] . ":" . $attr["ccaps"];
94	$attr["level_ccaps_eotper"] = rtrim ($attr["level_ccaps_eotper"], ":"); /* Clean any trailing separators from this string. */
95	/**/
96	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-checkout-button.html"));



97	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
98	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
99	$code = preg_replace ("/%%level_label%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"])), $code);
100	$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code); /* This brings them back to Front Page. */
101	$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
102	$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
103	- $code = preg_replace ("/%%~~domain~~%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
104	$code = preg_replace ("/%%level%%/", ws_plugin__s2member_esc_ds (esc_attr ($attr["level"])), $code);
105	/**/
106	$code = preg_replace ('/ \<\!--(\<input type\="hidden" name\="(amount\|src\|sra\|a1\|p1\|t1\|a3\|p3\|t3)" value\="(.*?)" \/\>)--\>/', " $1", $code);
	@@ -128,7 +143,10 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
128	$code = preg_replace ('/ name\="p3" value\="(.*?)"/', ' name="p3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rp"])) . '"', $code);
129	$code = preg_replace ('/ name\="t3" value\="(.*?)"/', ' name="t3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rt"])) . '"', $code);
130	/**/
131	- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;



132	/**/
133	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
134	($attr["modify"]) ? do_action ("ws_plugin__s2member_during_sc_paypal_modification_button", get_defined_vars ()) : do_action ("ws_plugin__s2member_during_sc_paypal_button", get_defined_vars ());


16	/*
17	Function that handles the Shortcode for [s2Member-PayPal-Button /].
18	Attach to: add_shortcode("s2Member-PayPal-Button");








19	*/
20	if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
21	{

25	do_action ("ws_plugin__s2member_before_sc_paypal_button", get_defined_vars ());
26	unset ($__refs, $__v); /* Unset defined __refs, __v. */
27	/**/
28	+ ws_plugin__s2member_nocache_constants(true); /* No caching on pages that contain this Button. */
29	+ /**/
30	$attr = ws_plugin__s2member_trim_quot_deep ((array)$attr); /* Force array, and fix " in attrs. */
31	/**/
32	+ $attr = shortcode_atts (array ("ids" => "0", "exp" => "72", "level" => "1", "ccaps" => "", "desc" => "", "ps" => "paypal", "cc" => "USD", "ns" => "1", "custom" => $_SERVER["HTTP_HOST"], "ta" => "0", "tp" => "0", "tt" => "D", "ra" => "0.01", "rp" => "1", "rt" => "M", "rr" => "1", "modify" => "0", "cancel" => "0", "sp" => "0", "image" => "default", "output" => "button"), $attr);




33	/**/
34	+ $attr["tt"] = strtoupper ($attr["tt"]); /* Term lengths absolutely must be provided in upper-case format. Only perform this modification after running shortcode_atts(). */
35	+ $attr["rt"] = strtoupper ($attr["rt"]); /* Term lengths absolutely must be provided in upper-case format. Only perform this modification after running shortcode_atts(). */
36	+ $attr["rr"] = strtoupper ($attr["rr"]); /* Must be provided in upper-case format. Numerical, or BN value. Only perform this modification after running shortcode_atts(). */
37	+ $attr["ccaps"] = strtolower ($attr["ccaps"]); /* Custom Capabilities must be typed in lower-case format. Only perform this modification after running shortcode_atts(). */
38	+ $attr["rr"] = ($attr["rt"] === "L") ? "BN" : $attr["rr"]; /* Lifetime Subscriptions require Buy Now. Only perform this modification after running shortcode_atts(). */
39	/**/
40	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
41	do_action ("ws_plugin__s2member_before_sc_paypal_button_after_shortcode_atts", get_defined_vars ());

43	/**/
44	if ($attr["cancel"]) /* This is a special routine for Cancellation Buttons. Cancellation Buttons use a different template. */
45	{
46	+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_unsubscribe_LG.gif"; /* Default Image. */
47	+ /**/
48	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-cancellation-button.html"));
49	+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
50	+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
51	+ /**/
52	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
53	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
54	/**/
55	+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
56	+ /**/
57	+ $code = ($attr["output"] === "anchor") ? $code : $code; /* Cancellation Buttons are already in anchor format; Button format is not used in Cancellations. */
58	+ $code = ($attr["output"] === "url") ? "https://" . ( ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com") . "/cgi-bin/webscr?cmd=_subscr-find&alias=" . urlencode ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]) : $code;
59	/**/
60	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
61	do_action ("ws_plugin__s2member_during_sc_paypal_cancellation_button", get_defined_vars ());

64	/**/
65	else if ($attr["sp"]) /* This is a special routine for Specific Post/Page Buttons. Specific Post/Page Buttons use a different template. */
66	{
67	+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif"; /* Default Image. */
68	+ /**/
69	$attr["sp_ids_exp"] = "sp:" . $attr["ids"] . ":" . $attr["exp"]; /* Combined "sp:ids:expiration hours". */
70	/**/
71	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-sp-checkout-button.html"));
72	+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
73	+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
74	+ /**/
75	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
76	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
77	$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code);
78	$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
79	$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
80	+ $code = preg_replace ("/%%custom%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
81	/**/
82	$code = preg_replace ('/ name\="no_shipping" value\="(.*?)"/', ' name="no_shipping" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ns"])) . '"', $code);
83	$code = preg_replace ('/ name\="item_name" value\="(.*?)"/', ' name="item_name" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["desc"])) . '"', $code);

87	$code = preg_replace ('/ name\="custom" value\="(.*?)"/', ' name="custom" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["custom"])) . '"', $code);
88	$code = preg_replace ('/ name\="amount" value\="(.*?)"/', ' name="amount" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ra"])) . '"', $code);
89	/**/
90	+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
91	+ /**/
92	+ $code = ($attr["output"] === "anchor") ? '<a href="' . ws_plugin__s2member_form_whips_2_url ($code) . '"><img src="' . ( ($attr["image"] && $attr["image"] !== "default") ? esc_attr ($attr["image"]) : esc_attr ($default_image)) . '" style="width:auto; height:auto; border:0;" alt="PayPal®" /></a>' : $code;
93	+ $code = ($attr["output"] === "url") ? ws_plugin__s2member_form_whips_2_url ($code) : $code;
94	/**/
95	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
96	do_action ("ws_plugin__s2member_during_sc_paypal_sp_button", get_defined_vars ());

98	}
99	else /* Otherwise, we'll process this Button normally, using the Membership routines. Also handles Modification Buttons. */
100	{
101	+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif"; /* Default PayPal® Image. */
102	+ /**/
103	$attr["desc"] = (!$attr["desc"]) ? $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"] : $attr["desc"];
104	/**/
105	$attr["level_ccaps_eotper"] = ($attr["rr"] === "BN" && $attr["rt"] !== "L") ? $attr["level"] . ":" . $attr["ccaps"] . ":" . $attr["rp"] . " " . $attr["rt"] : $attr["level"] . ":" . $attr["ccaps"];
106	$attr["level_ccaps_eotper"] = rtrim ($attr["level_ccaps_eotper"], ":"); /* Clean any trailing separators from this string. */
107	/**/
108	$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-checkout-button.html"));
109	+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
110	+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
111	+ /**/
112	$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
113	$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
114	$code = preg_replace ("/%%level_label%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"])), $code);
115	$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code); /* This brings them back to Front Page. */
116	$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
117	$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
118	+ $code = preg_replace ("/%%custom%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
119	$code = preg_replace ("/%%level%%/", ws_plugin__s2member_esc_ds (esc_attr ($attr["level"])), $code);
120	/**/
121	$code = preg_replace ('/ \<\!--(\<input type\="hidden" name\="(amount\|src\|sra\|a1\|p1\|t1\|a3\|p3\|t3)" value\="(.*?)" \/\>)--\>/', " $1", $code);

143	$code = preg_replace ('/ name\="p3" value\="(.*?)"/', ' name="p3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rp"])) . '"', $code);
144	$code = preg_replace ('/ name\="t3" value\="(.*?)"/', ' name="t3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rt"])) . '"', $code);
145	/**/
146	+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
147	+ /**/
148	+ $code = ($attr["output"] === "anchor") ? '<a href="' . ws_plugin__s2member_form_whips_2_url ($code) . '"><img src="' . ( ($attr["image"] && $attr["image"] !== "default") ? esc_attr ($attr["image"]) : esc_attr ($default_image)) . '" style="width:auto; height:auto; border:0;" alt="PayPal®" /></a>' : $code;
149	+ $code = ($attr["output"] === "url") ? ws_plugin__s2member_form_whips_2_url ($code) : $code;
150	/**/
151	eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
152	($attr["modify"]) ? do_action ("ws_plugin__s2member_during_sc_paypal_modification_button", get_defined_vars ()) : do_action ("ws_plugin__s2member_during_sc_paypal_button", get_defined_vars ());

includes/functions/paypal-utilities.inc.php CHANGED Viewed

@@ -31,36 +31,35 @@ if (!function_exists ("ws_plugin__s2member_paypal_postvars"))
+            					{
             						unset ($__refs, $__v); /* Unset defined __refs, __v. */
             						/**/
-            -
            						if ($_GET["tx"]) /* PDT ( Payment Data Transfer ) with Auto-Return. */
+            							{
-            -
            								if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"])
+            									{
-            -
            										$postback["tx"] = $_GET["tx"];
-            -
            										$postback["cmd"] = "_notify-synch";
-            -
            										$postback["at"] = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"];
-            -
            										/**/
-            -
            										$endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
-            -
            										/**/
-            -
            										if (preg_match ("/^SUCCESS/i", ($response = trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20))))))
+            											{
-            -
            												foreach (preg_split ("/[\r\n]+/", preg_replace ("/^SUCCESS/i", "", $response)) as $varline)
-            -
            													{
-            -
            														list ($key, $value) = preg_split ("/\=/", $varline, 2);
-            -
            														if (strlen ($key = trim ($key)) && strlen ($value = trim ($value)))
-            -
            															$postvars[$key] = trim (stripslashes (urldecode ($value)));
-            -
            													}
-            -
            												/**/
-            -
            												return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
+            											}
-            -
            										else /* Nope. */
-            -
            											return false;
+            									}
             								else /* Nope. */
             									return false;
+            							}
-            -
            						else if (is_array ($postvars = stripslashes_deep ($_POST)))
+            							{
-            -
            								$postback = $postvars;
             								$postback["cmd"] = "_notify-validate";
             								/**/
             								$postvars = ws_plugin__s2member_trim_deep ($postvars);
@@ -68,7 +67,7 @@ if (!function_exists ("ws_plugin__s2member_paypal_postvars"))
             								$endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
             								/**/
             								if ($_GET["s2member_paypal_proxy"] && $_GET["s2member_paypal_proxy_verification"] === ws_plugin__s2member_paypal_proxy_key_gen ())
-            -
            									return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
             								/**/
             								else if (strtolower (trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20)))) === "verified")
             									return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
@@ -256,17 +255,17 @@ if (!function_exists ("ws_plugin__s2member_paypal_auto_eot_time"))
             								$p3_time = $p3_days * 86400;
+            							}
             						/**/
-            -
            						if (!$last_payment_time) /* If no payment yet.
-            -
            						EOT after p1, if there was a p1. Otherwise, now + 1 day grace. */
+            							{
             								$auto_eot_time = $registration_time + $p1_time + 86400;
+            							}
-            -
            						/* Else if p1, and last payment was within p1, last + p1 + 1 day grace. */
             						else if ($p1_time && $last_payment_time <= $registration_time + $p1_time)
+            							{
             								$auto_eot_time = $last_payment_time + $p1_time + 86400;
+            							}
-            -
            						else /* Otherwise, the EOT comes after last payment + p3 + 1 day grace. */
+            							{
             								$auto_eot_time = $last_payment_time + $p3_time + 86400;
+            							}
@@ -338,22 +337,109 @@ if (!function_exists ("ws_plugin__s2member_paypal_std_term"))
             Function converts a term [D,W,M,Y,L,Day,Week,Month,Year,Lifetime] into Daily, Weekly, Monthly, Yearly, Lifetime.
             This function can also handle "Period Term" combinations. Where the Period will be stripped automatically before conversion.
             For example, "1 D", would become, just "Daily". Another example, "3 Y" would become "Yearly"; and "1 L", would become "Lifetime".
             */
             if (!function_exists ("ws_plugin__s2member_paypal_term_cycle"))
+            	{
-            -
            		function ws_plugin__s2member_paypal_term_cycle ($term_or_period_term = FALSE)
+            			{
             				eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$$__v;');
             				do_action ("ws_plugin__s2member_before_paypal_term_cycle", get_defined_vars ());
             				unset ($__refs, $__v); /* Unset defined __refs, __v. */
             				/**/
-            -
            				$paypal_term_cycles = array ("D" => "Daily", "W" => "Weekly", "M" => "Monthly", "Y" => "Yearly", "L" => "Lifetime", "DAY" => "Daily", "WEEK" => "Weekly", "MONTH" => "Monthly", "YEAR" => "Yearly", "Lifetime" => "Lifetime");
             				/**/
-            -
            				$term_cycle = $paypal_term_cycles[strtoupper (preg_replace ("/^(.+?) /", "", $term_or_period_term))];
             				return apply_filters ("ws_plugin__s2member_paypal_term_cycle", $term_cycle, get_defined_vars ());
+            			}
+            	}
             /*
             Parse/validate item_name from either an array with recurring_payment_id, or use an existing string.
             */
             if (!function_exists ("ws_plugin__s2member_paypal_pro_subscr_id"))
@@ -449,6 +535,7 @@ Pro API with PROFILEREFERENCE|rp_invoice_id, or parse/validate an existing strin
             to make sure it is a valid "period term" combination.
             Note: This will also convert "1 Day", into "1 D".
             */
             if (!function_exists ("ws_plugin__s2member_paypal_pro_period1"))
+            	{
@@ -474,6 +561,10 @@ if (!function_exists ("ws_plugin__s2member_paypal_pro_period1"))
+            					{
             						list ($num, $span) = preg_split ("/ /", $period1, 2);
             						/**/
             						if (strlen ($span) !== 1) /* Convert to Standard format. */
             							$span = ws_plugin__s2member_paypal_std_term ($span);
             						/**/
@@ -493,7 +584,8 @@ Pro API with PROFILEREFERENCE|rp_invoice_id, or parse/validate an existing strin
             to make sure it is a valid "period term" combination.
             Note: This will also convert "1 Day", into "1 D".

s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 3.3

Version Description

Release Info

Code changes from version 3.2.9 to 3.3