s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members) - Version 3.3

Version Description

  • (s2Member) Bug fix / File Downloads. Use of PHP's fread() function has been updated to stream_get_contents() with a 2MB chunk size in order to satisfy the needs of site owners delivering VERY large files ( 500MB+ ) though simulated HTTP streams "inline". For instance, an MP4 video file into a FlowPlayer/JWPlayer or another Flash-based application. In addition, s2Member is now capable of output buffering its chunked file delivery, making it possible for s2Member to deliver VERY large files through most shared hosting platforms without needing to upgrade to a private server.
  • (s2Member) Bug fix / BuddyPress. Bug fix. New filter added in support of BuddyPress on a Multisite installation. add_filter ("bp_signup_usermeta", "ws_plugin__s2member_ms_process_signup_meta");
  • (s2Member) Bug fix / BuddyPress. Improved detection of BuddyPress activation/registration slugs using BP_ACTIVATION_SLUG, BP_REGISTER_SLUG in conjunction with improved routing of $usermeta data inside /s2member/includes/functions/config-user-registration.inc.php. This resolves an issue where s2Member was not properly applying Membership Levels ( e.g. an s2 Role ) with BuddyPress installed on a Multisite Network.
  • (s2Member) Custom Registration Fields. s2Member's API Notifications now support custom Replacement Codes for any Custom Registration Fields that you've configured with s2Member. This makes it easier for developers to integrate 3rd party services, because s2Member's API Notifications can now be configured to send additional information that may include data entered by your Customer into a Custom Registration Field. Also, s2Member still supports the custom="domain|cv1|cv2|cv3|etc..." Attribute in your Shortcode too. For full details, check your Dashboard under: s2Member -> API Notifications.
  • (s2Member) Improved documentation on various Replacement Codes available for s2Member. There are also some new Replacement Codes made available in various sections/integrations.
  • (s2Member) In WordPress, when you list all Users, you will find a search box in the upper right-hand corner of the screen. This search box now has the ability to find Members by Username, Display Name, Nickname, s2Member / Paid Subscr. ID, Custom String, and ANY Custom Registration Field value.
  • (s2Member) Advanced Content Dripping. A new PHP/API Constant has been made available for Content Dripping S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS ( note the addition of "PAID" ). Also, s2Member v3.3 includes an entirely new/alternative method for Dripping Content, using a new API Function called s2member_registration_time ([level]). You will find all of the information/documentation on this topic inside your Dashboard under: s2Member -> API Scripting -> Content Dripping. s2Member now has the ability to provide you with information about when a Member pays you at each specific Membership Level. That being said, there IS an issue with this... The new function s2member_registration_time () will NOT return data correctly for existing Members that paid you prior to you upgrading to s2Member v3.3+. This is because s2Member did NOT record all of this information in previous versions. So it can't give you what it doesn't have on any of your existing Members. Please check the forums for workarounds.
  • (s2Member) API Constants. s2Member v3.3 includes some new API Constants related to PayPal and PayPal Pro integration. Such as the configured PayPal API Username, Password, Signature, etc. These will make it easier for other extensions to be built on top of s2Member should the need arise.
  • (s2Member/s2Member Pro) Documentation updated throughout. Some minor wording changes were required here-and-there in order to prevent confusion with all of s2Member Pro's new Gateway integrations.
  • (s2Member/s2Member Pro) All of s2Member's Button Generators now give you the ability to set a Trial Period and a separate Trial Billing Amount. So instead of just offering a 100% free Trial Period, you can now offer an Initial Period at one price, but have the Subscription billed later at a different Regular Recurring rate.
  • (s2Member Pro) New configuration panel added to s2Member Pro. The new Other Gateways panel allows you to enable/disable other Payment Gateways that have been integrated with s2Member Pro.
  • (s2Member Pro) Google Checkout. s2Member Pro has been integrated with Google for Direct Payments and also for Recurring Billing. In order to take advantage of this new integration method, you will need to have a copy of s2Member Pro, and a Google Checkout Account. A Google Checkout account is free.
  • (s2Member Pro) ClickBank. s2Member Pro has now been integrated with ClickBank for Direct Payments and also for Recurring Billing. In order to take advantage of this new integration method, you will need to have a copy of s2Member Pro, and a ClickBank Merchant Account. Otherwise, you can just use the PayPal Standard integration that comes with the free version of s2Member.
  • (s2Member Pro) AliPay. s2Member Pro has been integrated with AliPay for Direct Payments. In order to take advantage of this new integration method, you will need to have an AliPay Merchant Account with Direct Pay enabled ( aka: -- ). This can sometimes take a couple of days to acquire. Once you've been approved at AliPay, you'll be given a Partner ID, and a Security Code; which you'll need to configure inside your s2Member -> AliPay Options.
  • (s2Member Pro) PayPal Pro integration with s2Member Pro, now supports Coupon Codes that can be configured to ONLY apply to (ta) Trial Amounts, or (ra) Regular Amounts. For further details and examples, please check your Dashboard under: s2Member -> Coupon Codes.
  • (s2Member Pro) PayPal Pro Forms with s2Member Pro, can now be configured to recur at these new intervals: Bi-Weekly, Bi-Monthly, and Quarterly recurring cycles.
  • (s2Member Pro) Documentation. New documentation on ALL of s2Member's Shortcode Attributes for Pro Forms, Standard Shortcodes, and other Payment Gateways; is now included inside your Dashboard. For each Payment Gateway that you enable, there will be a Button Generator available in the s2Member Menu panel. At the bottom of each Button Generating station, you'll find a detailed examination of s2Member's Shortcode Attributes. This should make s2Member even easier for developers to integrate.
  • (s2Member Pro) AliPay chinese documentation added to the /s2member-pro/extras/ folder in case developers would like to review the technical aspects. This is NOT required though.
Download this release

Release Info

Developer PriMoThemes
Plugin Icon 128x128 s2Member Framework (Member Roles, Capabilities, Membership, PayPal Members)
Version 3.3
Comparing to
See all releases

Code changes from version 3.2.9 to 3.3

Files changed (91) hide show
  1. images/promos/shots/03_screenshot-1200x.jpg +0 -0
  2. images/promos/shots/04_screenshot-1200x.jpg +0 -0
  3. images/promos/shots/10_screenshot-1200x.jpg +0 -0
  4. images/promos/shots/11_screenshot-1200x.jpg +0 -0
  5. images/promos/shots/12_screenshot-1200x.jpg +0 -0
  6. images/promos/shots/13_screenshot-1200x.jpg +0 -0
  7. images/promos/shots/14_screenshot-1200x.jpg +0 -0
  8. images/promos/shots/15_screenshot-1200x.jpg +0 -0
  9. images/promos/shots/16_screenshot-1200x.jpg +0 -0
  10. images/promos/shots/17_screenshot-1200x.jpg +0 -0
  11. images/promos/shots/18_screenshot-1200x.jpg +0 -0
  12. images/promos/shots/19_screenshot-1200x.jpg +0 -0
  13. images/promos/shots/20_screenshot-1200x.jpg +0 -0
  14. images/promos/shots/21_screenshot-1200x.jpg +0 -0
  15. images/promos/shots/22_screenshot-1200x.jpg +0 -0
  16. images/promos/shots/23_screenshot-1200x.jpg +0 -0
  17. images/promos/shots/24_screenshot-1200x.jpg +0 -0
  18. images/promos/shots/25_screenshot-1200x.jpg +0 -0
  19. images/promos/shots/26_screenshot-1200x.jpg +0 -0
  20. images/promos/shots/27_screenshot-1200x.jpg +0 -0
  21. includes/dropins/bridges/_s2member-bbpress-bridge.php +8 -14
  22. includes/functions/api-functions.inc.php +35 -0
  23. includes/functions/auto-eots.inc.php +38 -15
  24. includes/functions/catg-level-access.inc.php +5 -5
  25. includes/functions/config-user-registration.inc.php +86 -30
  26. includes/functions/constants.inc.php +12 -11
  27. includes/functions/css-js-w-globals.inc.php +2 -0
  28. includes/functions/file-download-access.inc.php +47 -35
  29. includes/functions/force-ssl.inc.php +1 -1
  30. includes/functions/ip-restrictions.inc.php +5 -4
  31. includes/functions/is-systematic.inc.php +5 -5
  32. includes/functions/list-servers.inc.php +3 -5
  33. includes/functions/login-redirection.inc.php +9 -5
  34. includes/functions/membership-options.inc.php +7 -3
  35. includes/functions/menu-pages.inc.php +3 -3
  36. includes/functions/nocache.inc.php +1 -0
  37. includes/functions/page-level-access.inc.php +10 -10
  38. includes/functions/paypal-button.inc.php +37 -19
  39. includes/functions/paypal-utilities.inc.php +126 -30
  40. includes/functions/post-level-access.inc.php +10 -10
  41. includes/functions/ptag-level-access.inc.php +7 -7
  42. includes/functions/register-access.inc.php +2 -2
  43. includes/functions/registration-times.inc.php +66 -0
  44. includes/functions/ruri-level-access.inc.php +4 -2
  45. includes/functions/separates/paypal-notify.inc.php +461 -261
  46. includes/functions/separates/paypal-return.inc.php +31 -15
  47. includes/functions/sp-access.inc.php +1 -1
  48. includes/functions/tracking-codes.inc.php +2 -2
  49. includes/functions/translations.inc.php +2 -2
  50. includes/functions/user-access-level.inc.php +3 -3
  51. includes/functions/user-access-role.inc.php +36 -0
  52. includes/functions/user-deletions.inc.php +27 -6
  53. includes/functions/users-list.inc.php +88 -9
  54. includes/functions/utilities.inc.php +1 -1
  55. includes/hooks.inc.php +6 -3
  56. includes/menu-pages/api-ops.inc.php +90 -46
  57. includes/menu-pages/bridges.inc.php +8 -8
  58. includes/menu-pages/code-samples/current-user-custom.php +1 -1
  59. includes/menu-pages/code-samples/current-user-paid-registration-days-dripping.php +23 -0
  60. includes/menu-pages/code-samples/current-user-paid-registration-days.php +28 -0
  61. includes/menu-pages/code-samples/current-user-paid-registration-time.php +7 -0
  62. includes/menu-pages/code-samples/current-user-registration-days-dripping.php +0 -23
  63. includes/menu-pages/code-samples/current-user-registration-days.php +6 -6
  64. includes/menu-pages/code-samples/current-user-subscr-id.php +2 -2
  65. includes/menu-pages/code-samples/paypal-pdt-identity-token.php +7 -0
  66. includes/menu-pages/code-samples/s2member-paid-registration-time-examples.php +31 -0
  67. includes/menu-pages/code-samples/s2member-paid-registration-time.php +18 -0
  68. includes/menu-pages/down-ops.inc.php +5 -5
  69. includes/menu-pages/els-ops.inc.php +10 -10
  70. includes/menu-pages/menu-pages-s-min.js +1 -1
  71. includes/menu-pages/menu-pages-s.js +144 -134
  72. includes/menu-pages/mms-options.inc.php +9 -9
  73. includes/menu-pages/options.inc.php +5 -6
  74. includes/menu-pages/paypal-buttons.inc.php +114 -33
  75. includes/menu-pages/paypal-ops.inc.php +25 -25
  76. includes/menu-pages/scripting.inc.php +41 -11
  77. includes/menu-pages/start.inc.php +3 -3
  78. includes/menu-pages/trk-ops.inc.php +13 -13
  79. includes/s2member-min.js +1 -1
  80. includes/s2member.js +7 -5
  81. includes/syscon.inc.php +9 -13
  82. includes/templates/buttons/paypal-cancellation-button.html +1 -1
  83. includes/templates/buttons/paypal-checkout-button.html +2 -2
  84. includes/templates/buttons/paypal-sp-checkout-button.html +2 -2
  85. includes/templates/options/paypal-currencies.html +187 -24
  86. includes/templates/options/paypal-membership-regular-terms.html +2 -0
  87. includes/templates/shortcodes/paypal-cancellation-button-shortcode.html +1 -1
  88. includes/templates/shortcodes/paypal-checkout-button-shortcode.html +1 -1
  89. includes/templates/shortcodes/paypal-sp-checkout-button-shortcode.html +1 -1
  90. readme.txt +40 -14
  91. s2member.php +10 -4
images/promos/shots/03_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/04_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/10_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/11_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/12_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/13_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/14_screenshot-1200x.jpg CHANGED
Binary file
images/promos/shots/15_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/16_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/17_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/18_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/19_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/20_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/21_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/22_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/23_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/24_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/25_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/26_screenshot-1200x.jpg ADDED
Binary file
images/promos/shots/27_screenshot-1200x.jpg ADDED
Binary file
includes/dropins/bridges/_s2member-bbpress-bridge.php CHANGED
@@ -27,7 +27,7 @@ Tags: membership, members, member, register, signup, paypal, pay pal, s2member,
27
Direct access denial.
28
*/
29
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
30
- exit("Do not access this file directly.");
31
/*
32
Filled by the s2Member installer. Or you can set this manually.
33
- If this is NOT set, it defaults to 0 = ( Free Subscribers ).
@@ -46,15 +46,9 @@ function ws_plugin__s2member_bridge_bbpress_roles () /* On-the-fly. */
46
/**/
47
if (is_object ($user = bb_get_current_user ()) && $user->ID) /* Logged in? */
48
/**/
49
- if (empty ($user->roles)) /* Only when no bbPress® Role has been assigned yet. */
50
/**/
51
- foreach ($user->$wp_capabilities as $wp_cap => $v) /* Check ^s2member_level[1-4]+ */
52
- /**/
53
- if (preg_match ("/^s2member_level[0-4]#x2F;", $wp_cap)) /* An s2Member Role? */
54
- {
55
- bb_give_user_default_role($user);
56
- break; /* Now a Member! */
57
- }
58
}
59
/*
60
Deny all access to the bbPress® registration page.
@@ -85,7 +79,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
85
wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
86
/**/
87
else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
88
- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
89
/**/
90
exit ();
91
}
@@ -97,9 +91,9 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
97
/**/
98
if (preg_match ("/^(subscriber|s2member_level[0-4])#x2F;", $wp_cap)) /* Subscribers and/or s2Member Roles. */
99
/**/
100
- if (($wp_cap === "subscriber" && $min > 0) || ($level = preg_replace ("/[^0-9]/", "", $wp_cap)) < $min)
101
/**/
102
- if ($url = bb_get_option ("wp_siteurl")) /* WordPress® is integrated? */
103
{
104
$bbPress = bb_get_option ("uri"); /* bbPress® location. */
105
/**/
@@ -107,7 +101,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
107
wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
108
/**/
109
else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
110
- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
111
/**/
112
exit ();
113
}
@@ -117,7 +111,7 @@ function ws_plugin__s2member_bridge_bbpress_access () /* Check Access. */
117
{
118
if ($url = bb_get_option ("wp_siteurl")) /* The Front Page on the WordPress® installation. */
119
{
120
- wp_redirect($url . "/?s2member_membership_options_page=1&s2member_level_req=" . urlencode ($min));
121
exit (); /* Membership Options Page + s2member_level_req = $min. */
122
}
123
}
27
Direct access denial.
28
*/
29
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
30
+ exit ("Do not access this file directly.");
31
/*
32
Filled by the s2Member installer. Or you can set this manually.
33
- If this is NOT set, it defaults to 0 = ( Free Subscribers ).
46
/**/
47
if (is_object ($user = bb_get_current_user ()) && $user->ID) /* Logged in? */
48
/**/
49
+ if (empty ($user->roles)) /* Only if/when no bbPress® Role is assigned. */
50
/**/
51
+ bb_give_user_default_role($user); /* Assign a default Role. */
52
}
53
/*
54
Deny all access to the bbPress® registration page.
79
wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
80
/**/
81
else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
82
+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
83
/**/
84
exit ();
85
}
91
/**/
92
if (preg_match ("/^(subscriber|s2member_level[0-4])#x2F;", $wp_cap)) /* Subscribers and/or s2Member Roles. */
93
/**/
94
+ if (($wp_cap === "subscriber" && $min > 0) || ($level = preg_replace ("/^s2member_level/", "", $wp_cap)) < $min)
95
/**/
96
+ if ($url = bb_get_option ("wp_siteurl")) /* Only if WordPress® is fully integrated? */
97
{
98
$bbPress = bb_get_option ("uri"); /* bbPress® location. */
99
/**/
101
wp_redirect($url); /* Referred locally. Let's go back to the Front Page. */
102
/**/
103
else /* Otherwise, trigger the Membership Options Page + s2member_level_req = $min. */
104
+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
105
/**/
106
exit ();
107
}
111
{
112
if ($url = bb_get_option ("wp_siteurl")) /* The Front Page on the WordPress® installation. */
113
{
114
+ wp_redirect ($url . "/?s2member_membership_options_page=1&s2member_seeking=bbpress&s2member_level_req=" . urlencode ($min));
115
exit (); /* Membership Options Page + s2member_level_req = $min. */
116
}
117
}
includes/functions/api-functions.inc.php CHANGED
@@ -430,6 +430,41 @@ if (!function_exists ("s2member_file_download_key"))
430
}
431
}
432
/*
433
Retrieves a Custom Field value.
434
$field_id - required argument.
435
$user_id - defaults to current user.
430
}
431
}
432
/*
433
+ Retrieves a Registration Time.
434
+ $user_id defaults to the current user; if logged in.
435
+ */
436
+ if (!function_exists ("s2member_registration_time"))
437
+ {
438
+ function s2member_registration_time ($user_id = FALSE)
439
+ {
440
+ return ws_plugin__s2member_registration_time ($user_id);
441
+ }
442
+ }
443
+ /*
444
+ Retrieves a Paid Registration Time.
445
+
446
+ The $level argument is optional. It defaults to the first/initial Paid Registration Time, regardless of Level#.
447
+ Or you could do this: s2member_paid_registration_time("level1"); which will give you the Registration Time at Level #1.
448
+ If a User/Member has never paid for Level #1 ( i.e. they signed up at Level#2 ), the function will return 0.
449
+
450
+ Here are some other examples:
451
+ $time = s2member_registration_time (); // ... first registration time ( free or otherwise ).
452
+ $time = s2member_paid_registration_time (); // ... first "paid" registration and/or upgrade time.
453
+ $time = s2member_paid_registration_time ("level1"); // ... first "paid" registration or upgrade time at Level#1.
454
+ $time = s2member_paid_registration_time ("level2"); // ... first "paid" registration or upgrade time at Level#2.
455
+ $time = s2member_paid_registration_time ("level3"); // ... first "paid" registration or upgrade time at Level#3.
456
+ $time = s2member_paid_registration_time ("level4"); // ... first "paid" registration or upgrade time at Level#4.
457
+
458
+ The argument $user_id defaults to the current user; if logged in.
459
+ */
460
+ if (!function_exists ("s2member_paid_registration_time"))
461
+ {
462
+ function s2member_paid_registration_time ($level = FALSE, $user_id = FALSE)
463
+ {
464
+ return ws_plugin__s2member_paid_registration_time ($level, $user_id);
465
+ }
466
+ }
467
+ /*
468
Retrieves a Custom Field value.
469
$field_id - required argument.
470
$user_id - defaults to current user.
includes/functions/auto-eots.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Function processed by WP-Cron. This handles Auto-EOTs.
18
@@ -51,8 +51,9 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
51
{
52
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "demote")
53
{
54
- $subscr_id = get_user_option ("s2member_subscr_id", $user_id);
55
$custom = get_user_option ("s2member_custom", $user_id);
56
/**/
57
$demotion_role = ws_plugin__s2member_force_demotion_role ("subscriber");
58
$user->set_role ($demotion_role); /* Defaults to Free Subscriber. */
@@ -63,6 +64,10 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
63
/**/
64
delete_user_option ($user_id, "s2member_custom");
65
delete_user_option ($user_id, "s2member_subscr_id");
66
delete_user_option ($user_id, "s2member_last_payment_time");
67
delete_user_option ($user_id, "s2member_auto_eot_time");
68
/**/
@@ -81,15 +86,22 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
81
if (($url = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_email)), $url)))
82
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_login)), $url)))
83
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
84
- /**/
85
- if (($url = trim ($url))) /* Empty? */
86
- ws_plugin__s2member_remote($url);
87
}
88
/**/
89
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"] && is_array ($cv = preg_split ("/\|/", $custom)))
90
{
91
$msg = $sbj = "( s2Member / API Notification Email ) - EOT/Deletion";
92
$msg .= "\n\n"; /* Spacing in the message body. */
93
$msg .= "subscr_id: %%subscr_id%%\n";
94
$msg .= "user_first_name: %%user_first_name%%\n";
95
$msg .= "user_last_name: %%user_last_name%%\n";
@@ -97,6 +109,11 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
97
$msg .= "user_email: %%user_email%%\n";
98
$msg .= "user_login: %%user_login%%\n";
99
$msg .= "user_id: %%user_id%%\n";
100
$msg .= "cv0: %%cv0%%\n";
101
$msg .= "cv1: %%cv1%%\n";
102
$msg .= "cv2: %%cv2%%\n";
@@ -114,13 +131,19 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
114
if (($msg = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds ($user->user_email), $msg)))
115
if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($user->user_login), $msg)))
116
if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
117
- /**/
118
- foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"])) as $recipient)
119
/**/
120
- ($recipient) ? mail ($recipient, $sbj, apply_filters ("ws_plugin__s2member_eot_del_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
121
}
122
/**/
123
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
124
do_action ("ws_plugin__s2member_during_auto_eot_system_during_demote", get_defined_vars ());
125
unset ($__refs, $__v); /* Unset defined __refs, __v. */
126
}
@@ -135,14 +158,14 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
135
/**/
136
else /* Otherwise, we can actually delete them. */
137
/* This will automatically trigger `eot_del_notification_urls` as well. */
138
- wp_delete_user($user_id); /* `ws_plugin__s2member_handle_user_deletions()` */
139
/**/
140
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
141
do_action ("ws_plugin__s2member_during_auto_eot_system_during_delete", get_defined_vars ());
142
unset ($__refs, $__v); /* Unset defined __refs, __v. */
143
}
144
/**/
145
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
146
do_action ("ws_plugin__s2member_during_auto_eot_system", get_defined_vars ());
147
unset ($__refs, $__v); /* Unset defined __refs, __v. */
148
}
@@ -151,7 +174,7 @@ if (!function_exists ("ws_plugin__s2member_auto_eot_system"))
151
}
152
}
153
/**/
154
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
155
do_action ("ws_plugin__s2member_after_auto_eot_system", get_defined_vars ());
156
unset ($__refs, $__v); /* Unset defined __refs, __v. */
157
/**/
@@ -220,8 +243,8 @@ if (!function_exists ("ws_plugin__s2member_delete_auto_eot_system"))
220
/**/
221
if (function_exists ("wp_cron"))
222
{
223
- wp_clear_scheduled_hook("s2member_auto_eot_system"); /* This is for backward compatibility. */
224
- wp_clear_scheduled_hook("ws_plugin__s2member_auto_eot_system__schedule"); /* Since v3.0.3. */
225
/**/
226
return apply_filters ("ws_plugin__s2member_delete_auto_eot_system", true, get_defined_vars ());
227
}
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Function processed by WP-Cron. This handles Auto-EOTs.
18
51
{
52
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_eot_behavior"] === "demote")
53
{
54
$custom = get_user_option ("s2member_custom", $user_id);
55
+ $subscr_id = get_user_option ("s2member_subscr_id", $user_id);
56
+ $fields = get_user_option ("s2member_custom_fields", $user_id);
57
/**/
58
$demotion_role = ws_plugin__s2member_force_demotion_role ("subscriber");
59
$user->set_role ($demotion_role); /* Defaults to Free Subscriber. */
64
/**/
65
delete_user_option ($user_id, "s2member_custom");
66
delete_user_option ($user_id, "s2member_subscr_id");
67
+ /**/
68
+ if (!apply_filters ("ws_plugin__s2member_preserve_paid_registration_times", true, get_defined_vars ()))
69
+ delete_user_option ($user_id, "s2member_paid_registration_times");
70
+ /**/
71
delete_user_option ($user_id, "s2member_last_payment_time");
72
delete_user_option ($user_id, "s2member_auto_eot_time");
73
/**/
86
if (($url = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_email)), $url)))
87
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($user->user_login)), $url)))
88
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
89
+ {
90
+ if (is_array ($fields) && !empty ($fields))
91
+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
92
+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
93
+ break;
94
+ /**/
95
+ if (($url = trim (preg_replace ("/%%(.+?)%%/i", "", $url))))
96
+ ws_plugin__s2member_remote ($url);
97
+ }
98
}
99
/**/
100
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"] && is_array ($cv = preg_split ("/\|/", $custom)))
101
{
102
$msg = $sbj = "( s2Member / API Notification Email ) - EOT/Deletion";
103
$msg .= "\n\n"; /* Spacing in the message body. */
104
+ /**/
105
$msg .= "subscr_id: %%subscr_id%%\n";
106
$msg .= "user_first_name: %%user_first_name%%\n";
107
$msg .= "user_last_name: %%user_last_name%%\n";
109
$msg .= "user_email: %%user_email%%\n";
110
$msg .= "user_login: %%user_login%%\n";
111
$msg .= "user_id: %%user_id%%\n";
112
+ /**/
113
+ if (is_array ($fields) && !empty ($fields))
114
+ foreach ($fields as $var => $val)
115
+ $msg .= $var . ": %%" . $var . "%%\n";
116
+ /**/
117
$msg .= "cv0: %%cv0%%\n";
118
$msg .= "cv1: %%cv1%%\n";
119
$msg .= "cv2: %%cv2%%\n";
131
if (($msg = preg_replace ("/%%user_email%%/i", ws_plugin__s2member_esc_ds ($user->user_email), $msg)))
132
if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($user->user_login), $msg)))
133
if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
134
+ {
135
+ if (is_array ($fields) && !empty ($fields))
136
+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
137
+ if (! ($msg = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (maybe_serialize ($val)), $msg)))
138
+ break;
139
/**/
140
+ if (($msg = trim (preg_replace ("/%%(.+?)%%/i", "", $msg))))
141
+ foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["eot_del_notification_recipients"])) as $recipient)
142
+ ($recipient) ? wp_mail ($recipient, apply_filters ("ws_plugin__s2member_eot_del_notification_email_sbj", $sbj, get_defined_vars ()), apply_filters ("ws_plugin__s2member_eot_del_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
143
+ }
144
}
145
/**/
146
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
147
do_action ("ws_plugin__s2member_during_auto_eot_system_during_demote", get_defined_vars ());
148
unset ($__refs, $__v); /* Unset defined __refs, __v. */
149
}
158
/**/
159
else /* Otherwise, we can actually delete them. */
160
/* This will automatically trigger `eot_del_notification_urls` as well. */
161
+ wp_delete_user ($user_id); /* `ws_plugin__s2member_handle_user_deletions()` */
162
/**/
163
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
164
do_action ("ws_plugin__s2member_during_auto_eot_system_during_delete", get_defined_vars ());
165
unset ($__refs, $__v); /* Unset defined __refs, __v. */
166
}
167
/**/
168
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
169
do_action ("ws_plugin__s2member_during_auto_eot_system", get_defined_vars ());
170
unset ($__refs, $__v); /* Unset defined __refs, __v. */
171
}
174
}
175
}
176
/**/
177
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
178
do_action ("ws_plugin__s2member_after_auto_eot_system", get_defined_vars ());
179
unset ($__refs, $__v); /* Unset defined __refs, __v. */
180
/**/
243
/**/
244
if (function_exists ("wp_cron"))
245
{
246
+ wp_clear_scheduled_hook ("s2member_auto_eot_system"); /* This is for backward compatibility. */
247
+ wp_clear_scheduled_hook ("ws_plugin__s2member_auto_eot_system__schedule"); /* Since v3.0.3. */
248
/**/
249
return apply_filters ("ws_plugin__s2member_delete_auto_eot_system", true, get_defined_vars ());
250
}
includes/functions/catg-level-access.inc.php CHANGED
@@ -45,7 +45,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
45
/**/
46
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")))
47
{
48
- wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
49
exit ();
50
}
51
else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Do NOT protect Systematics. However, there is 1 exception above ^. */
@@ -54,13 +54,13 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
54
{
55
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
56
{
57
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
exit ();
59
}
60
/**/
61
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
62
{
63
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
64
exit ();
65
}
66
/**/
@@ -68,7 +68,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
68
foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
69
if ($catg && cat_is_ancestor_of ($catg, $cat_id) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
70
{
71
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
72
exit ();
73
}
74
}
@@ -79,7 +79,7 @@ if (!function_exists ("ws_plugin__s2member_check_catg_level_access"))
79
foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
80
if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
81
{
82
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83
exit ();
84
}
85
}
45
/**/
46
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")))
47
{
48
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
49
exit ();
50
}
51
else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Do NOT protect Systematics. However, there is 1 exception above ^. */
54
{
55
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
56
{
57
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
exit ();
59
}
60
/**/
61
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"] && in_array ($cat_id, ($catgs = preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]))) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
62
{
63
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
64
exit ();
65
}
66
/**/
68
foreach (preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_catgs"]) as $catg)
69
if ($catg && cat_is_ancestor_of ($catg, $cat_id) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
70
{
71
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
72
exit ();
73
}
74
}
79
foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
80
if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
81
{
82
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "catg-" . $cat_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
83
exit ();
84
}
85
}
includes/functions/config-user-registration.inc.php CHANGED
@@ -18,6 +18,7 @@ Function that adds hidden fields to POST vars on signup.
18
Attach to: add_filter("signup_hidden_fields");
19
20
This can ONLY be fired through wp-signup.php on the front-side.
21
*/
22
if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
23
{
@@ -26,7 +27,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
26
do_action ("ws_plugin__s2member_before_ms_process_signup_hidden_fields", get_defined_vars ());
27
/**/
28
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking, on a Blog Farm. */
29
- if (ws_plugin__s2member_is_multisite_farm () && is_main_site () && preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && $_POST["stage"] === "validate-user-signup")
30
{
31
foreach ((array)ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST)) as $key => $value)
32
if (preg_match ("/^ws_plugin__s2member_(custom_reg_field|user_new)_/", $key))
@@ -42,6 +43,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
42
/*
43
Function that adds customs fields to $meta on signup.
44
Attach to: add_filter("add_signup_meta");
45
46
This can be fired through wp-signup.php on the front-side,
47
or possibly through user-new.php in the admin.
@@ -57,7 +59,7 @@ if (!function_exists ("ws_plugin__s2member_ms_process_signup_meta"))
57
unset ($__refs, $__v); /* Unset defined __refs, __v. */
58
/**/
59
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. Either in the admin, or on a Blog Farm through wp-signup.php. */
60
- if ((is_admin () && $pagenow === "user-new.php") || (ws_plugin__s2member_is_multisite_farm () && is_main_site () && preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && preg_match ("/^validate-(user|blog)-signup#x2F;", $_POST["stage"])))
61
{
62
ws_plugin__s2member_email_config (); /* Configures From: header that will be used in notifications. */
63
/**/
@@ -83,8 +85,9 @@ However, a Super Admin CAN trigger this event by adding a new User through the U
83
~ If they choose to bypass activation; an activation IS fired immediately. Otherwise, it's delayed.
84
- via user-new.php.
85
86
- So this function may get fired inside the admin panel ( user-new.php ).
87
- Or also during an actual activation; through wp-activate.php.
88
*/
89
if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"))
90
{
@@ -97,7 +100,7 @@ if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"
97
unset ($__refs, $__v); /* Unset defined __refs, __v. */
98
/**/
99
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
100
- if ((is_admin () && $pagenow === "user-new.php") || (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])))
101
{
102
ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
103
delete_user_meta ($user_id, "s2member_ms_signup_meta");
@@ -116,7 +119,8 @@ This does NOT fire for a Super Admin managing Network Blogs.
116
~ Actually they do; BUT it's blocked by the routine below.
117
Which is good. A Super Admin should NOT trigger this event.
118
119
- This function should ONLY be fired through wp-activate.php.
120
*/
121
if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"))
122
{
@@ -127,7 +131,7 @@ if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"
127
unset ($__refs, $__v); /* Unset defined __refs, __v. */
128
/**/
129
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
130
- if (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) /* ONLY `wp-activate.php`. */
131
{
132
ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
133
delete_user_meta ($user_id, "s2member_ms_signup_meta");
@@ -172,9 +176,10 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
172
&& (is_array ($_POST = ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST))) || is_array (ws_plugin__s2member_trim_deep (stripslashes_deep ($meta))))/**/
173
/**/
174
/* These negative matches are designed to prevent this routine from running under certain conditions; where we need to wait for `wpmu_activate_user|blog` instead. */
175
- && ! (is_admin () && is_multisite () && $pagenow === "user-new.php" && isset ($_POST["noconfirmation"]) && is_super_admin () && empty ($meta))/**/
176
- && ! (preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"]) && empty ($meta)) /* If activating; we MUST have a meta array. */
177
- /* The $meta array is ONLY filled by hand-offs from `wpmu_activate_user|blog`. So this is how we check for these events. */
178
/**/
179
&& $user_id && is_object ($user = new WP_User ($user_id)) && $user->ID && ($processed = true)) /* Process only once. */
180
{
@@ -187,16 +192,16 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
187
if (!is_admin () && ($_POST["ws_plugin__s2member_custom_reg_field_s2member_custom"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_subscr_id"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_ccaps"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_auto_eot_time"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_notes"]))
188
exit ("s2Member security violation. You attempted to POST variables that will NOT be trusted!");
189
/**/
190
- $_pm = array_merge ((array)$_POST, (array)$meta); /* Merge these two data sources together now. However, ALWAYS after the security routine above ^. */
191
/**/
192
if (!is_admin () /* Only run this particular routine whenever a Member [1-4] is registering themselves with cookies. */
193
&& ($subscr_id = ws_plugin__s2member_decrypt ($_COOKIE["s2member_subscr_id"])) && preg_match ("/^" . preg_quote (preg_replace ("/\:([0-9]+)#x2F;", "", $_SERVER["HTTP_HOST"]), "/") . "/i", ($custom = ws_plugin__s2member_decrypt ($_COOKIE["s2member_custom"]))) && preg_match ("/^[1-4](\:|$)([a-z_0-9,]+)?(\:)?([0-9]+ [A-Z])?#x2F;", ($level = ws_plugin__s2member_decrypt ($_COOKIE["s2member_level"])))/**/
194
&& (!$usermeta = $wpdb->get_row ("SELECT `user_id` FROM `" . $wpdb->usermeta . "` WHERE `meta_key` = '" . $wpdb->prefix . "s2member_subscr_id' AND `meta_value` = '" . $wpdb->escape ($subscr_id) . "' LIMIT 1")))
195
/* ^ This is for security ^ It checks the database to make sure the User/Member has not already registered in the past, with the same Paid Subscr. ID. */
196
{ /*
197
- This routine could be processed through `wp-login.php?action=register` - OR - through `wp-activate.php`.
198
If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
199
- This may also be processed through BuddyPress, or another plugin calling `user_register`.
200
*/
201
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
202
/**/
@@ -287,23 +292,32 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
287
/**/
288
if (($transient = md5 ("s2member_transient_ipn_subscr_payment_" . $subscr_id)) && is_array ($subscr_payment = get_transient ($transient)))
289
{
290
- $proxy = array ("s2member_paypal_notify" => "1", "s2member_paypal_proxy" => "s2member_transient_ipn_subscr_payment");
291
- ws_plugin__s2member_remote (add_query_arg ($proxy, get_bloginfo ("wpurl")), stripslashes_deep ($subscr_payment), array ("timeout" => 20));
292
- delete_transient($transient);
293
}
294
/**/
295
setcookie ("s2member_signup_tracking", ws_plugin__s2member_encrypt ($subscr_id), time () + 31556926, "/");
296
/**/
297
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
298
do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
299
unset ($__refs, $__v); /* Unset defined __refs, __v. */
300
}
301
/**/
302
else if (!is_admin ()) /* Otherwise, if we are NOT inside the Dashboard during the creation of this account. */
303
{ /*
304
- This routine could be processed through `wp-login.php?action=register` - OR - through `wp-activate.php`.
305
If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
306
- This may also be processed through BuddyPress, or another plugin calling `user_register`.
307
*/
308
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
309
/**/
@@ -400,14 +414,23 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
400
/**/
401
update_user_option ($user_id, "s2member_custom_fields", $fields);
402
/**/
403
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
404
do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
405
unset ($__refs, $__v); /* Unset defined __refs, __v. */
406
}
407
/**/
408
else if (is_admin () && $pagenow === "user-new.php") /* Else, if we're on this page. */
409
{ /*
410
- This routine can ONLY be processed through `user-new.php` inside the Dashboard.
411
*/
412
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
413
/**/
@@ -495,6 +518,14 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
495
/**/
496
update_user_option ($user_id, "s2member_custom_fields", $fields);
497
/**/
498
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
499
do_action ("ws_plugin__s2member_during_configure_user_registration_admin_side", get_defined_vars ());
500
unset ($__refs, $__v); /* Unset defined __refs, __v. */
@@ -502,8 +533,6 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
502
/**/
503
if ($processed === "yes") /* If registration was processed by one of the routines above. */
504
{
505
- ws_plugin__s2member_process_list_servers ($level, $email, $fname, $lname, $ip, $opt_in);
506
- /**/
507
if ($urls = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_urls"])
508
/**/
509
foreach (preg_split ("/[\r\n\t]+/", $urls) as $url) /* Notify each of the urls. */
@@ -518,14 +547,21 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
518
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
519
if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
520
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
521
- /**/
522
- if (($url = trim ($url))) /* Empty? */
523
- ws_plugin__s2member_remote($url);
524
/**/
525
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])
526
{
527
$msg = $sbj = "( s2Member / API Notification Email ) - Registration";
528
$msg .= "\n\n"; /* Spacing in the message body. */
529
$msg .= "role: %%role%%\n";
530
$msg .= "level: %%level%%\n";
531
$msg .= "user_first_name: %%user_first_name%%\n";
@@ -535,6 +571,11 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
535
$msg .= "user_login: %%user_login%%\n";
536
$msg .= "user_pass: %%user_pass%%\n";
537
$msg .= "user_id: %%user_id%%\n";
538
$msg .= "cv0: %%cv0%%\n";
539
$msg .= "cv1: %%cv1%%\n";
540
$msg .= "cv2: %%cv2%%\n";
@@ -556,10 +597,16 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
556
if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($login), $msg)))
557
if (($msg = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds ($pass), $msg)))
558
if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
559
- /**/
560
- foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])) as $recipient)
561
/**/
562
- ($recipient) ? mail ($recipient, $sbj, apply_filters ("ws_plugin__s2member_registration_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
563
}
564
/**/
565
if ($url = $GLOBALS["ws_plugin__s2member_registration_return_url"])
@@ -574,9 +621,18 @@ if (!function_exists ("ws_plugin__s2member_configure_user_registration"))
574
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
575
if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
576
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
577
- /**/
578
- if (($url = trim ($url))) /* Empty? ... Otherwise, re-fill. */
579
- $GLOBALS["ws_plugin__s2member_registration_return_url"] = $url;
580
/**/
581
setcookie ("s2member_subscr_id", "", time () + 31556926, "/");
582
setcookie ("s2member_custom", "", time () + 31556926, "/");
18
Attach to: add_filter("signup_hidden_fields");
19
20
This can ONLY be fired through wp-signup.php on the front-side.
21
+ Or through `/register` via BuddyPress.
22
*/
23
if (!function_exists ("ws_plugin__s2member_ms_process_signup_hidden_fields"))
24
{
27
do_action ("ws_plugin__s2member_before_ms_process_signup_hidden_fields", get_defined_vars ());
28
/**/
29
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking, on a Blog Farm. */
30
+ if (ws_plugin__s2member_is_multisite_farm () && is_main_site () && ( (preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && $_POST["stage"] === "validate-user-signup") || (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_REGISTER_SLUG, "/") . "/", $_SERVER["REQUEST_URI"]))))
31
{
32
foreach ((array)ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST)) as $key => $value)
33
if (preg_match ("/^ws_plugin__s2member_(custom_reg_field|user_new)_/", $key))
43
/*
44
Function that adds customs fields to $meta on signup.
45
Attach to: add_filter("add_signup_meta");
46
+ Attach to: add_filter("bp_signup_usermeta");
47
48
This can be fired through wp-signup.php on the front-side,
49
or possibly through user-new.php in the admin.
59
unset ($__refs, $__v); /* Unset defined __refs, __v. */
60
/**/
61
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. Either in the admin, or on a Blog Farm through wp-signup.php. */
62
+ if ((is_admin () && $pagenow === "user-new.php") || (ws_plugin__s2member_is_multisite_farm () && is_main_site () && ( (preg_match ("/\/wp-signup\.php/", $_SERVER["REQUEST_URI"]) && preg_match ("/^validate-(user|blog)-signup#x2F;", $_POST["stage"])) || (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_REGISTER_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))))
63
{
64
ws_plugin__s2member_email_config (); /* Configures From: header that will be used in notifications. */
65
/**/
85
~ If they choose to bypass activation; an activation IS fired immediately. Otherwise, it's delayed.
86
- via user-new.php.
87
88
+ So this function may get fired inside the admin panel ( `user-new.php` ).
89
+ Or also during an actual activation; through `wp-activate.php`.
90
+ Or also during an actual activation; through `/activate` via BuddyPress.
91
*/
92
if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_user_activation"))
93
{
100
unset ($__refs, $__v); /* Unset defined __refs, __v. */
101
/**/
102
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
103
+ if ((is_admin () && $pagenow === "user-new.php") || (!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) || (!is_admin () && defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))
104
{
105
ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
106
delete_user_meta ($user_id, "s2member_ms_signup_meta");
119
~ Actually they do; BUT it's blocked by the routine below.
120
Which is good. A Super Admin should NOT trigger this event.
121
122
+ This function should ONLY be fired through `wp-activate.php`.
123
+ Or also through `/activate` via BuddyPress.
124
*/
125
if (!function_exists ("ws_plugin__s2member_configure_user_on_ms_blog_activation"))
126
{
131
unset ($__refs, $__v); /* Unset defined __refs, __v. */
132
/**/
133
if (is_multisite ()) /* This event should ONLY be processed with Multisite Networking. */
134
+ if ((!is_admin () && preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"])) || (!is_admin () && defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"])))
135
{
136
ws_plugin__s2member_configure_user_registration ($user_id, $password, $meta["s2member_ms_signup_meta"]);
137
delete_user_meta ($user_id, "s2member_ms_signup_meta");
176
&& (is_array ($_POST = ws_plugin__s2member_trim_deep (stripslashes_deep ($_POST))) || is_array (ws_plugin__s2member_trim_deep (stripslashes_deep ($meta))))/**/
177
/**/
178
/* These negative matches are designed to prevent this routine from running under certain conditions; where we need to wait for `wpmu_activate_user|blog` instead. */
179
+ && ! (is_admin () && is_multisite () && $pagenow === "user-new.php" && isset ($_POST["noconfirmation"]) && is_super_admin () && func_num_args () !== 3)/**/
180
+ && ! (preg_match ("/\/wp-activate\.php/", $_SERVER["REQUEST_URI"]) && func_num_args () !== 3) /* If activating; we MUST have a $meta arg to proceed. */
181
+ && ! (defined ("BP_VERSION") && preg_match ("/\/" . preg_quote (BP_ACTIVATION_SLUG, "/") . "/", $_SERVER["REQUEST_URI"]) && func_num_args () !== 3)
182
+ /* The $meta argument is ONLY passed in by hand-offs from `wpmu_activate_user|blog`. So this is how we check for these events. */
183
/**/
184
&& $user_id && is_object ($user = new WP_User ($user_id)) && $user->ID && ($processed = true)) /* Process only once. */
185
{
192
if (!is_admin () && ($_POST["ws_plugin__s2member_custom_reg_field_s2member_custom"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_subscr_id"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_ccaps"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_auto_eot_time"] || $_POST["ws_plugin__s2member_custom_reg_field_s2member_notes"]))
193
exit ("s2Member security violation. You attempted to POST variables that will NOT be trusted!");
194
/**/
195
+ $_pm = array_merge ((array)$_POST, (array)$meta); /* Merge these two data sources together now; ALWAYS after the security routine above ^. */
196
/**/
197
if (!is_admin () /* Only run this particular routine whenever a Member [1-4] is registering themselves with cookies. */
198
&& ($subscr_id = ws_plugin__s2member_decrypt ($_COOKIE["s2member_subscr_id"])) && preg_match ("/^" . preg_quote (preg_replace ("/\:([0-9]+)#x2F;", "", $_SERVER["HTTP_HOST"]), "/") . "/i", ($custom = ws_plugin__s2member_decrypt ($_COOKIE["s2member_custom"]))) && preg_match ("/^[1-4](\:|$)([a-z_0-9,]+)?(\:)?([0-9]+ [A-Z])?#x2F;", ($level = ws_plugin__s2member_decrypt ($_COOKIE["s2member_level"])))/**/
199
&& (!$usermeta = $wpdb->get_row ("SELECT `user_id` FROM `" . $wpdb->usermeta . "` WHERE `meta_key` = '" . $wpdb->prefix . "s2member_subscr_id' AND `meta_value` = '" . $wpdb->escape ($subscr_id) . "' LIMIT 1")))
200
/* ^ This is for security ^ It checks the database to make sure the User/Member has not already registered in the past, with the same Paid Subscr. ID. */
201
{ /*
202
+ This routine could be processed through `wp-login.php?action=register`, `wp-activate.php`, or `/activate` via BuddyPress`.
203
+ This may also be processed through a standard BuddyPress installation, or another plugin calling `user_register`.
204
If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
205
*/
206
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
207
/**/
292
/**/
293
if (($transient = md5 ("s2member_transient_ipn_subscr_payment_" . $subscr_id)) && is_array ($subscr_payment = get_transient ($transient)))
294
{
295
+ $proxy = array ("s2member_paypal_notify" => "1", "s2member_paypal_proxy" => "s2member_transient_ipn_subscr_payment", "s2member_paypal_proxy_verification" => ws_plugin__s2member_paypal_proxy_key_gen ());
296
+ ws_plugin__s2member_remote (add_query_arg (urlencode_deep ($proxy), get_bloginfo ("wpurl")), stripslashes_deep ($subscr_payment), array ("timeout" => 20));
297
+ delete_transient ($transient);
298
}
299
/**/
300
setcookie ("s2member_signup_tracking", ws_plugin__s2member_encrypt ($subscr_id), time () + 31556926, "/");
301
/**/
302
+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
303
+ {
304
+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
305
+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
306
+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
307
+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
308
+ }
309
+ /**/
310
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
311
+ do_action ("ws_plugin__s2member_during_configure_user_registration_front_side_paid", get_defined_vars ());
312
do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
313
unset ($__refs, $__v); /* Unset defined __refs, __v. */
314
}
315
/**/
316
else if (!is_admin ()) /* Otherwise, if we are NOT inside the Dashboard during the creation of this account. */
317
{ /*
318
+ This routine could be processed through `wp-login.php?action=register`, `wp-activate.php`, or `/activate` via BuddyPress`.
319
+ This may also be processed through a standard BuddyPress installation, or another plugin calling `user_register`.
320
If processed through `wp-activate.php`, it could've originated inside the admin, via `user-new.php`.
321
*/
322
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
323
/**/
414
/**/
415
update_user_option ($user_id, "s2member_custom_fields", $fields);
416
/**/
417
+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
418
+ {
419
+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
420
+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
421
+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
422
+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
423
+ }
424
+ /**/
425
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
426
+ do_action ("ws_plugin__s2member_during_configure_user_registration_front_side_free", get_defined_vars ());
427
do_action ("ws_plugin__s2member_during_configure_user_registration_front_side", get_defined_vars ());
428
unset ($__refs, $__v); /* Unset defined __refs, __v. */
429
}
430
/**/
431
else if (is_admin () && $pagenow === "user-new.php") /* Else, if we're on this page. */
432
{ /*
433
+ This routine can ONLY be processed through `user-new.php` inside the backend Dashboard.
434
*/
435
$processed = "yes"; /* Mark this as yes, to indicate that a routine was processed. */
436
/**/
518
/**/
519
update_user_option ($user_id, "s2member_custom_fields", $fields);
520
/**/
521
+ if ($level > 0) /* We ONLY process this if they are higher than Level#0. */
522
+ {
523
+ $pr_times = get_user_option ("s2member_paid_registration_times", $user_id);
524
+ $pr_times["level"] = (!$pr_times["level"]) ? time () : $pr_times["level"]; /* Preserve. */
525
+ $pr_times["level" . $level] = (!$pr_times["level" . $level]) ? time () : $pr_times["level" . $level];
526
+ update_user_option ($user_id, "s2member_paid_registration_times", $pr_times); /* Update now. */
527
+ }
528
+ /**/
529
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
530
do_action ("ws_plugin__s2member_during_configure_user_registration_admin_side", get_defined_vars ());
531
unset ($__refs, $__v); /* Unset defined __refs, __v. */
533
/**/
534
if ($processed === "yes") /* If registration was processed by one of the routines above. */
535
{
536
if ($urls = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_urls"])
537
/**/
538
foreach (preg_split ("/[\r\n\t]+/", $urls) as $url) /* Notify each of the urls. */
547
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
548
if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
549
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
550
+ {
551
+ if (is_array ($fields) && !empty ($fields))
552
+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
553
+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
554
+ break;
555
+ /**/
556
+ if (($url = trim (preg_replace ("/%%(.+?)%%/i", "", $url))))
557
+ ws_plugin__s2member_remote ($url);
558
+ }
559
/**/
560
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])
561
{
562
$msg = $sbj = "( s2Member / API Notification Email ) - Registration";
563
$msg .= "\n\n"; /* Spacing in the message body. */
564
+ /**/
565
$msg .= "role: %%role%%\n";
566
$msg .= "level: %%level%%\n";
567
$msg .= "user_first_name: %%user_first_name%%\n";
571
$msg .= "user_login: %%user_login%%\n";
572
$msg .= "user_pass: %%user_pass%%\n";
573
$msg .= "user_id: %%user_id%%\n";
574
+ /**/
575
+ if (is_array ($fields) && !empty ($fields))
576
+ foreach ($fields as $var => $val)
577
+ $msg .= $var . ": %%" . $var . "%%\n";
578
+ /**/
579
$msg .= "cv0: %%cv0%%\n";
580
$msg .= "cv1: %%cv1%%\n";
581
$msg .= "cv2: %%cv2%%\n";
597
if (($msg = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds ($login), $msg)))
598
if (($msg = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds ($pass), $msg)))
599
if (($msg = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $msg)))
600
+ {
601
+ if (is_array ($fields) && !empty ($fields))
602
+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
603
+ if (! ($msg = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (maybe_serialize ($val)), $msg)))
604
+ break;
605
/**/
606
+ if (($msg = trim (preg_replace ("/%%(.+?)%%/i", "", $msg))))
607
+ foreach (ws_plugin__s2member_trim_deep (preg_split ("/;+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["registration_notification_recipients"])) as $recipient)
608
+ ($recipient) ? wp_mail ($recipient, apply_filters ("ws_plugin__s2member_registration_notification_email_sbj", $sbj, get_defined_vars ()), apply_filters ("ws_plugin__s2member_registration_notification_email_msg", $msg, get_defined_vars ()), "From: \"" . preg_replace ('/"/', "'", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_name"]) . "\" <" . $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["reg_email_from_email"] . ">\r\nContent-Type: text/plain; charset=utf-8") : null;
609
+ }
610
}
611
/**/
612
if ($url = $GLOBALS["ws_plugin__s2member_registration_return_url"])
621
if (($url = preg_replace ("/%%user_login%%/i", ws_plugin__s2member_esc_ds (urlencode ($login)), $url)))
622
if (($url = preg_replace ("/%%user_pass%%/i", ws_plugin__s2member_esc_ds (urlencode ($pass)), $url)))
623
if (($url = preg_replace ("/%%user_id%%/i", ws_plugin__s2member_esc_ds (urlencode ($user_id)), $url)))
624
+ {
625
+ if (is_array ($fields) && !empty ($fields))
626
+ foreach ($fields as $var => $val) /* Custom Registration Fields. */
627
+ if (! ($url = preg_replace ("/%%" . preg_quote ($var, "/") . "%%/i", ws_plugin__s2member_esc_ds (urlencode (maybe_serialize ($val))), $url)))
628
+ break;
629
+ /**/
630
+ if (($url = trim ($url))) /* Preserve remaining Replacements. */
631
+ /* Because the parent routine may perform replacements too. */
632
+ $GLOBALS["ws_plugin__s2member_registration_return_url"] = $url;
633
+ }
634
+ /**/
635
+ ws_plugin__s2member_process_list_servers ($role, $level, $email, $fname, $lname, $ip, $opt_in, $user_id);
636
/**/
637
setcookie ("s2member_subscr_id", "", time () + 31556926, "/");
638
setcookie ("s2member_custom", "", time () + 31556926, "/");
includes/functions/constants.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Define several API Constants for s2Member.
18
Note that these are duplicated into the JavaScript API as well.
@@ -27,29 +27,29 @@ if (!function_exists ("ws_plugin__s2member_constants"))
27
$links = ws_plugin__s2member_constant_links ();
28
$level = ws_plugin__s2member_user_access_level ();
29
$file_downloads = ws_plugin__s2member_user_downloads ();
30
- /**/
31
$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false;
32
- /**/
33
$subscr_id = ($current_user) ? get_user_option ("s2member_subscr_id", $current_user->ID) : "";
34
$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
35
$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
36
- /**/
37
$login_redirection_url = ws_plugin__s2member_login_redirection_url ($current_user);
38
/**/
39
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
40
do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
41
unset ($__refs, $__v); /* Unset defined __refs, __v. */
42
/**/
43
- define ("S2MEMBER_VERSION", ($c[] = WS_PLUGIN__S2MEMBER_VERSION)); /* Available since 3.0. */
44
/**/
45
define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN", ($c[] = (($current_user) ? true : false)));
46
- define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN_AS_MEMBER", ($c[] = (($current_user && $level >= 1) ? true : false)));
47
define ("S2MEMBER_CURRENT_USER_ACCESS_LEVEL", ($c[] = (int)$level));
48
define ("S2MEMBER_CURRENT_USER_ACCESS_LABEL", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_label"]));
49
define ("S2MEMBER_CURRENT_USER_SUBSCR_ID", ($c[] = (($current_user) ? (($subscr_id) ? (string)$subscr_id : (string)$current_user->ID) : "")));
50
define ("S2MEMBER_CURRENT_USER_CUSTOM", ($c[] = (string)$custom));
51
- define ("S2MEMBER_CURRENT_USER_REGISTRATION_TIME", ($c[] = (($current_user) ? (int)strtotime ($current_user->user_registered) : 0)));
52
- define ("S2MEMBER_CURRENT_USER_REGISTRATION_DAYS", ($c[] = (($current_user) ? (int)floor ((strtotime ("now") - strtotime ($current_user->user_registered)) / 86400) : 0)));
53
define ("S2MEMBER_CURRENT_USER_DISPLAY_NAME", ($c[] = (($current_user) ? (string)$current_user->display_name : "")));
54
define ("S2MEMBER_CURRENT_USER_FIRST_NAME", ($c[] = (($current_user) ? (string)$current_user->first_name : "")));
55
define ("S2MEMBER_CURRENT_USER_LAST_NAME", ($c[] = (($current_user) ? (string)$current_user->last_name : "")));
@@ -60,7 +60,7 @@ if (!function_exists ("ws_plugin__s2member_constants"))
60
define ("S2MEMBER_CURRENT_USER_FIELDS", ($c[] = (($current_user) ? json_encode (array_merge (array ("id" => S2MEMBER_CURRENT_USER_ID, "ip" => S2MEMBER_CURRENT_USER_IP, "email" => S2MEMBER_CURRENT_USER_EMAIL, "login" => S2MEMBER_CURRENT_USER_LOGIN, "first_name" => S2MEMBER_CURRENT_USER_FIRST_NAME, "last_name" => S2MEMBER_CURRENT_USER_LAST_NAME, "display_name" => S2MEMBER_CURRENT_USER_DISPLAY_NAME, "subscr_id" => S2MEMBER_CURRENT_USER_SUBSCR_ID, "custom" => S2MEMBER_CURRENT_USER_CUSTOM), (array)$custom_fields)) : json_encode (array ()))));
61
/**/
62
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED", ($c[] = (int)$file_downloads["allowed"]));
63
- define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_IS_UNLIMITED", ($c[] = (($file_downloads["allowed"] >= 999999999) ? true : false)));
64
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_CURRENTLY", ($c[] = (int)$file_downloads["currently"]));
65
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_DAYS", ($c[] = (int)$file_downloads["allowed_days"]));
66
/**/
@@ -100,8 +100,9 @@ if (!function_exists ("ws_plugin__s2member_constants"))
100
/**/
101
define ("S2MEMBER_PAYPAL_NOTIFY_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1"));
102
define ("S2MEMBER_PAYPAL_RETURN_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_return=1"));
103
- define ("S2MEMBER_PAYPAL_ENDPOINT", ($c[] = (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")));
104
define ("S2MEMBER_PAYPAL_BUSINESS", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]));
105
/**/
106
define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0", ($c[] = ((S2MEMBER_CURRENT_USER_SUBSCR_ID) ? "Updating Subscr. ID" : "")));
107
define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_OS0", ($c[] = ((S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0) ? S2MEMBER_CURRENT_USER_SUBSCR_ID : "")));
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Define several API Constants for s2Member.
18
Note that these are duplicated into the JavaScript API as well.
27
$links = ws_plugin__s2member_constant_links ();
28
$level = ws_plugin__s2member_user_access_level ();
29
$file_downloads = ws_plugin__s2member_user_downloads ();
30
$current_user = (is_user_logged_in ()) ? wp_get_current_user () : false;
31
$subscr_id = ($current_user) ? get_user_option ("s2member_subscr_id", $current_user->ID) : "";
32
$custom = ($current_user) ? get_user_option ("s2member_custom", $current_user->ID) : "";
33
$custom_fields = ($current_user) ? get_user_option ("s2member_custom_fields", $current_user->ID) : array ();
34
+ $paid_registration_times = ($current_user) ? get_user_option ("s2member_paid_registration_times", $current_user->ID) : array ();
35
$login_redirection_url = ws_plugin__s2member_login_redirection_url ($current_user);
36
/**/
37
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
38
do_action ("ws_plugin__s2member_during_constants", get_defined_vars ());
39
unset ($__refs, $__v); /* Unset defined __refs, __v. */
40
/**/
41
+ define ("S2MEMBER_VERSION", ($c[] = WS_PLUGIN__S2MEMBER_VERSION)); /* Since 3.0. */
42
/**/
43
define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN", ($c[] = (($current_user) ? true : false)));
44
+ define ("S2MEMBER_CURRENT_USER_IS_LOGGED_IN_AS_MEMBER", ($c[] = ( ($current_user && $level >= 1) ? true : false)));
45
define ("S2MEMBER_CURRENT_USER_ACCESS_LEVEL", ($c[] = (int)$level));
46
define ("S2MEMBER_CURRENT_USER_ACCESS_LABEL", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_label"]));
47
define ("S2MEMBER_CURRENT_USER_SUBSCR_ID", ($c[] = (($current_user) ? (($subscr_id) ? (string)$subscr_id : (string)$current_user->ID) : "")));
48
define ("S2MEMBER_CURRENT_USER_CUSTOM", ($c[] = (string)$custom));
49
+ define ("S2MEMBER_CURRENT_USER_REGISTRATION_TIME", ($c[] = ( ($current_user && $current_user->user_registered) ? (int)strtotime ($current_user->user_registered) : 0)));
50
+ define ("S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME", ($c[] = ( ($current_user && (int)$paid_registration_times["level"]) ? (int)$paid_registration_times["level"] : 0)));
51
+ define ("S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS", ($c[] = ( ($current_user && (int)$paid_registration_times["level"]) ? (int)floor ((strtotime ("now") - (int)$paid_registration_times["level"]) / 86400) : 0)));
52
+ define ("S2MEMBER_CURRENT_USER_REGISTRATION_DAYS", ($c[] = ( ($current_user && $current_user->user_registered) ? (int)floor ((strtotime ("now") - strtotime ($current_user->user_registered)) / 86400) : 0)));
53
define ("S2MEMBER_CURRENT_USER_DISPLAY_NAME", ($c[] = (($current_user) ? (string)$current_user->display_name : "")));
54
define ("S2MEMBER_CURRENT_USER_FIRST_NAME", ($c[] = (($current_user) ? (string)$current_user->first_name : "")));
55
define ("S2MEMBER_CURRENT_USER_LAST_NAME", ($c[] = (($current_user) ? (string)$current_user->last_name : "")));
60
define ("S2MEMBER_CURRENT_USER_FIELDS", ($c[] = (($current_user) ? json_encode (array_merge (array ("id" => S2MEMBER_CURRENT_USER_ID, "ip" => S2MEMBER_CURRENT_USER_IP, "email" => S2MEMBER_CURRENT_USER_EMAIL, "login" => S2MEMBER_CURRENT_USER_LOGIN, "first_name" => S2MEMBER_CURRENT_USER_FIRST_NAME, "last_name" => S2MEMBER_CURRENT_USER_LAST_NAME, "display_name" => S2MEMBER_CURRENT_USER_DISPLAY_NAME, "subscr_id" => S2MEMBER_CURRENT_USER_SUBSCR_ID, "custom" => S2MEMBER_CURRENT_USER_CUSTOM), (array)$custom_fields)) : json_encode (array ()))));
61
/**/
62
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED", ($c[] = (int)$file_downloads["allowed"]));
63
+ define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_IS_UNLIMITED", ($c[] = ( ($file_downloads["allowed"] >= 999999999) ? true : false)));
64
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_CURRENTLY", ($c[] = (int)$file_downloads["currently"]));
65
define ("S2MEMBER_CURRENT_USER_DOWNLOADS_ALLOWED_DAYS", ($c[] = (int)$file_downloads["allowed_days"]));
66
/**/
100
/**/
101
define ("S2MEMBER_PAYPAL_NOTIFY_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1"));
102
define ("S2MEMBER_PAYPAL_RETURN_URL", ($c[] = get_bloginfo ("wpurl") . "/?s2member_paypal_return=1"));
103
+ define ("S2MEMBER_PAYPAL_ENDPOINT", ($c[] = ( ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")));
104
define ("S2MEMBER_PAYPAL_BUSINESS", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]));
105
+ define ("S2MEMBER_PAYPAL_PDT_IDENTITY_TOKEN", ($c[] = (string)$GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"]));
106
/**/
107
define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0", ($c[] = ((S2MEMBER_CURRENT_USER_SUBSCR_ID) ? "Updating Subscr. ID" : "")));
108
define ("S2MEMBER_CURRENT_USER_VALUE_FOR_PP_OS0", ($c[] = ((S2MEMBER_CURRENT_USER_VALUE_FOR_PP_ON0) ? S2MEMBER_CURRENT_USER_SUBSCR_ID : "")));
includes/functions/css-js-w-globals.inc.php CHANGED
@@ -129,6 +129,8 @@ if (!function_exists ("ws_plugin__s2member_js_w_globals"))
129
$g .= "S2MEMBER_CURRENT_USER_SUBSCR_ID = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_SUBSCR_ID) . "',";
130
$g .= "S2MEMBER_CURRENT_USER_CUSTOM = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_CUSTOM) . "',";
131
$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_REGISTRATION_TIME . ",";
132
$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_REGISTRATION_DAYS . ",";
133
$g .= "S2MEMBER_CURRENT_USER_DISPLAY_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_DISPLAY_NAME) . "',";
134
$g .= "S2MEMBER_CURRENT_USER_FIRST_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_FIRST_NAME) . "',";
129
$g .= "S2MEMBER_CURRENT_USER_SUBSCR_ID = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_SUBSCR_ID) . "',";
130
$g .= "S2MEMBER_CURRENT_USER_CUSTOM = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_CUSTOM) . "',";
131
$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_REGISTRATION_TIME . ",";
132
+ $g .= "S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME = " . S2MEMBER_CURRENT_USER_PAID_REGISTRATION_TIME . ",";
133
+ $g .= "S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_PAID_REGISTRATION_DAYS . ",";
134
$g .= "S2MEMBER_CURRENT_USER_REGISTRATION_DAYS = " . S2MEMBER_CURRENT_USER_REGISTRATION_DAYS . ",";
135
$g .= "S2MEMBER_CURRENT_USER_DISPLAY_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_DISPLAY_NAME) . "',";
136
$g .= "S2MEMBER_CURRENT_USER_FIRST_NAME = '" . ws_plugin__s2member_esc_sq (S2MEMBER_CURRENT_USER_FIRST_NAME) . "',";
includes/functions/file-download-access.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Function determines the max period in days for download access.
18
Returns number of days, where 0 means no access to files has been allowed.
@@ -35,7 +35,7 @@ if (!function_exists ("ws_plugin__s2member_max_download_period"))
35
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
36
$max = ($max < $days) ? $days : $max;
37
/**/
38
- return apply_filters ("ws_plugin__s2member_max_download_period", (($max > 365) ? 365 : (int)$max), get_defined_vars ());
39
}
40
}
41
/*
@@ -47,7 +47,7 @@ if (!function_exists ("ws_plugin__s2member_user_downloads"))
47
{
48
function ws_plugin__s2member_user_downloads ($not_counting_this_particular_file = false, $log = null)
49
{
50
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
51
do_action ("ws_plugin__s2member_before_user_downloads", get_defined_vars ());
52
unset ($__refs, $__v); /* Unset defined __refs, __v. */
53
/**/
@@ -140,42 +140,42 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
140
/**/
141
$_GET["s2member_file_download_key"] = (!$_GET["s2member_file_download_key"] && $_GET["s2member_free_file_download_key"]) ? $_GET["s2member_free_file_download_key"] : $_GET["s2member_file_download_key"];
142
/**/
143
- if (!$excluded && (!$_GET["s2member_file_download_key"] || ($_GET["s2member_file_download_key"] && !($file_download_key_is_valid = ($_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"]) || $_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"], "cache-compatible"))))))
144
{
145
$_GET["s2member_file_download"] = trim ($_GET["s2member_file_download"], "/"); /* Trim slashes after Key comparison. */
146
/**/
147
if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
148
{
149
- header("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
150
- exit("404: Sorry, file not found. Please contact Support for assistance.");
151
}
152
else if ($_GET["s2member_file_download_key"] && !$file_download_key_is_valid) /* Was an invalid Key passed in? */
153
{
154
- header("HTTP/1.0 503 Service Temporarily Unavailable"); /* Invalid Download Keys are handled separately. */
155
- exit("503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.");
156
}
157
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Is a Membership Options Page configured? */
158
/* This file will be processed WITHOUT a Download Key, using Membership Level Access ( w/ possible Custom Capabilities ). */
159
{
160
if (($file_download_access_is_allowed = $min_level_4_downloads = ws_plugin__s2member_min_level_4_downloads ()) === false)
161
{
162
- header("HTTP/1.0 503 Service Temporarily Unavailable"); /* File downloads are NOT yet configured? */
163
- exit("503: Sorry, file downloads are NOT enabled yet. Please contact Support for assistance. If you are the site owner, please configure `s2Member -> Download Options`.");
164
}
165
/**/
166
- else if (!($current_user = (is_user_logged_in ()) ? wp_get_current_user () : false) /* NOT logged in? */
167
- && wp_redirect (add_query_arg (array ("s2member_level_req" => (string)$min_level_4_downloads, "s2member_file_download_req" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
168
exit ();
169
/**/
170
else if ((!is_array ($file_downloads = ws_plugin__s2member_user_downloads ()) || !$file_downloads["allowed"] || !$file_downloads["allowed_days"])/**/
171
- && wp_redirect (add_query_arg (array ("s2member_file_download_req" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
172
exit ();
173
/**/
174
else if (preg_match ("/^access[_\-]s2member[_\-]level([0-4])\//", $_GET["s2member_file_download"], $m))
175
{
176
$level_req = $m[1]; /* Which Level does this require? */
177
if (!$current_user->has_cap ("access_s2member_level" . $level_req) /* Does the User have access to this Level? */
178
- && wp_redirect (add_query_arg (array ("s2member_level_req" => $level_req, "s2member_file_download_req" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
179
exit ();
180
}
181
/**/
@@ -183,7 +183,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
183
{
184
$ccap_req = preg_replace ("/-/", "_", $m[1]); /* Which Capability does this require? */
185
if (!$current_user->has_cap ("access_s2member_ccap_" . $ccap_req) /* Does the User have access to this Custom Capability? */
186
- && wp_redirect (add_query_arg (array ("s2member_ccap_req" => $ccap_req, "s2member_file_download_req" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
187
exit ();
188
}
189
/**/
@@ -196,7 +196,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
196
{
197
if (strtotime ($file_download_access_log_entry["date"]) < strtotime ("-" . $max_days_logged . " days"))
198
{
199
- unset($file_download_access_log[$file_download_access_log_entry_key]);
200
$file_download_access_arc[] = $file_download_access_log_entry;
201
}
202
else if (strtotime ($file_download_access_log_entry["date"]) >= strtotime ("-" . $file_downloads["allowed_days"] . " days"))
@@ -209,7 +209,7 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
209
}
210
/**/
211
if (!$already_downloaded && $previous_file_downloads >= $file_downloads["allowed"] /* They have NOT already downloaded this file, and they're over their limit. */
212
- && wp_redirect (add_query_arg (array ("s2member_file_download_req" => $_GET["s2member_file_download"]), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
213
exit ();
214
/**/
215
if (!$already_downloaded) /* Only add this file to the log if they have not already downloaded it. */
@@ -225,8 +225,8 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
225
/**/
226
if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
227
{
228
- header("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
229
- exit("404: Sorry, file not found. Please contact Support for assistance.");
230
}
231
}
232
/*
@@ -235,35 +235,47 @@ if (!function_exists ("ws_plugin__s2member_check_file_download_access"))
235
$mimetypes = parse_ini_file (dirname (dirname (dirname (__FILE__))) . "/includes/mime-types.ini");
236
$pathinfo = pathinfo ($file = $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]);
237
$extension = strtolower ($pathinfo["extension"]); /* Convert file extension to lowercase format for MIME type lookup. */
238
- $inline = (in_array ($extension, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_inline_extensions"]))) ? true : false;
239
$mimetype = ($mimetypes[$extension]) ? $mimetypes[$extension] : "application/octet-stream"; /* Lookup MIME type. */
240
$basename = $pathinfo["basename"]; /* The actual file name, including its extension. */
241
$length = filesize ($file); /* The overall file size, in bytes. */
242
/**/
243
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
244
do_action ("ws_plugin__s2member_during_file_download_access", get_defined_vars ());
245
unset ($__refs, $__v); /* Unset defined __refs, __v. */
246
/*
247
- Now send the file to the browser.
248
- Be sure to turn off output compression.
249
*/
250
- set_time_limit(0); /* Make time. */
251
ini_set ("zlib.output_compression", 0);
252
/**/
253
- header("Content-Encoding: none");
254
- header("Content-Type: " . $mimetype);
255
- header("Content-Length: " . $length);
256
/**/
257
if (!$inline) /* If not inline, we default to serving the file as an attachment. */
258
- header('Content-Disposition: attachment; filename="' . $basename . '"');
259
/**/
260
- header("Expires: " . gmdate ("D, d M Y H:i:s", strtotime ("-1 week")) . " GMT");
261
- header("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
262
- header("Cache-Control: no-cache, must-revalidate, max-age=0");
263
header ("Cache-Control: post-check=0, pre-check=0", false);
264
- header("Pragma: no-cache");
265
/**/
266
- ob_clean () . flush () . readfile ($file);
267
/**/
268
exit ();
269
}
@@ -283,7 +295,7 @@ if (!function_exists ("ws_plugin__s2member_file_download_key"))
283
{
284
function ws_plugin__s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
285
{
286
- eval('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
287
do_action ("ws_plugin__s2member_before_file_download_key", get_defined_vars ());
288
unset ($__refs, $__v); /* Unset defined __refs, __v. */
289
/**/
@@ -291,7 +303,7 @@ if (!function_exists ("ws_plugin__s2member_file_download_key"))
291
$key = md5 (ws_plugin__s2member_xencrypt ($salt)); /* Creates a site-specific/xencrytped hash of the salt.
292
/**/
293
if (!$cache_compatible) /* Disallow caching. */
294
- ws_plugin__s2member_nocache_constants(true);
295
/**/
296
return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
297
}
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Function determines the max period in days for download access.
18
Returns number of days, where 0 means no access to files has been allowed.
35
if ($days = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level4_file_downloads_allowed_days"])
36
$max = ($max < $days) ? $days : $max;
37
/**/
38
+ return apply_filters ("ws_plugin__s2member_max_download_period", ( ($max > 365) ? 365 : (int)$max), get_defined_vars ());
39
}
40
}
41
/*
47
{
48
function ws_plugin__s2member_user_downloads ($not_counting_this_particular_file = false, $log = null)
49
{
50
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
51
do_action ("ws_plugin__s2member_before_user_downloads", get_defined_vars ());
52
unset ($__refs, $__v); /* Unset defined __refs, __v. */
53
/**/
140
/**/
141
$_GET["s2member_file_download_key"] = (!$_GET["s2member_file_download_key"] && $_GET["s2member_free_file_download_key"]) ? $_GET["s2member_free_file_download_key"] : $_GET["s2member_file_download_key"];
142
/**/
143
+ if (!$excluded && (!$_GET["s2member_file_download_key"] || ($_GET["s2member_file_download_key"] && ! ($file_download_key_is_valid = ($_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"]) || $_GET["s2member_file_download_key"] === ws_plugin__s2member_file_download_key ($_GET["s2member_file_download"], "cache-compatible"))))))
144
{
145
$_GET["s2member_file_download"] = trim ($_GET["s2member_file_download"], "/"); /* Trim slashes after Key comparison. */
146
/**/
147
if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
148
{
149
+ header ("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
150
+ exit ("404: Sorry, file not found. Please contact Support for assistance.");
151
}
152
else if ($_GET["s2member_file_download_key"] && !$file_download_key_is_valid) /* Was an invalid Key passed in? */
153
{
154
+ header ("HTTP/1.0 503 Service Temporarily Unavailable"); /* Invalid Download Keys are handled separately. */
155
+ exit ("503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.");
156
}
157
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]) /* Is a Membership Options Page configured? */
158
/* This file will be processed WITHOUT a Download Key, using Membership Level Access ( w/ possible Custom Capabilities ). */
159
{
160
if (($file_download_access_is_allowed = $min_level_4_downloads = ws_plugin__s2member_min_level_4_downloads ()) === false)
161
{
162
+ header ("HTTP/1.0 503 Service Temporarily Unavailable"); /* File downloads are NOT yet configured? */
163
+ exit ("503: Sorry, file downloads are NOT enabled yet. Please contact Support for assistance. If you are the site owner, please configure `s2Member -> Download Options`.");
164
}
165
/**/
166
+ else if (! ($current_user = (is_user_logged_in ()) ? wp_get_current_user () : false) /* NOT logged in? */
167
+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_level_req" => (string)$min_level_4_downloads)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
168
exit ();
169
/**/
170
else if ((!is_array ($file_downloads = ws_plugin__s2member_user_downloads ()) || !$file_downloads["allowed"] || !$file_downloads["allowed_days"])/**/
171
+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"])), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
172
exit ();
173
/**/
174
else if (preg_match ("/^access[_\-]s2member[_\-]level([0-4])\//", $_GET["s2member_file_download"], $m))
175
{
176
$level_req = $m[1]; /* Which Level does this require? */
177
if (!$current_user->has_cap ("access_s2member_level" . $level_req) /* Does the User have access to this Level? */
178
+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_level_req" => $level_req)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
179
exit ();
180
}
181
/**/
183
{
184
$ccap_req = preg_replace ("/-/", "_", $m[1]); /* Which Capability does this require? */
185
if (!$current_user->has_cap ("access_s2member_ccap_" . $ccap_req) /* Does the User have access to this Custom Capability? */
186
+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"], "s2member_ccap_req" => $ccap_req)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))) !== "nill")
187
exit ();
188
}
189
/**/
196
{
197
if (strtotime ($file_download_access_log_entry["date"]) < strtotime ("-" . $max_days_logged . " days"))
198
{
199
+ unset ($file_download_access_log[$file_download_access_log_entry_key]);
200
$file_download_access_arc[] = $file_download_access_log_entry;
201
}
202
else if (strtotime ($file_download_access_log_entry["date"]) >= strtotime ("-" . $file_downloads["allowed_days"] . " days"))
209
}
210
/**/
211
if (!$already_downloaded && $previous_file_downloads >= $file_downloads["allowed"] /* They have NOT already downloaded this file, and they're over their limit. */
212
+ && wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "file-" . $_GET["s2member_file_download"])), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"]))) !== "nill")
213
exit ();
214
/**/
215
if (!$already_downloaded) /* Only add this file to the log if they have not already downloaded it. */
225
/**/
226
if (!file_exists ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]))
227
{
228
+ header ("HTTP/1.0 404 Not Found"); /* The file does NOT even exist. */
229
+ exit ("404: Sorry, file not found. Please contact Support for assistance.");
230
}
231
}
232
/*
235
$mimetypes = parse_ini_file (dirname (dirname (dirname (__FILE__))) . "/includes/mime-types.ini");
236
$pathinfo = pathinfo ($file = $GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["files_dir"] . "/" . $_GET["s2member_file_download"]);
237
$extension = strtolower ($pathinfo["extension"]); /* Convert file extension to lowercase format for MIME type lookup. */
238
+ $inline = ($_GET["s2member_file_inline"] || in_array ($extension, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_inline_extensions"]))) ? true : false;
239
$mimetype = ($mimetypes[$extension]) ? $mimetypes[$extension] : "application/octet-stream"; /* Lookup MIME type. */
240
$basename = $pathinfo["basename"]; /* The actual file name, including its extension. */
241
$length = filesize ($file); /* The overall file size, in bytes. */
242
/**/
243
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
244
do_action ("ws_plugin__s2member_during_file_download_access", get_defined_vars ());
245
unset ($__refs, $__v); /* Unset defined __refs, __v. */
246
/*
247
+ Send the file to the browser in chunks ( in support of larger files ).
248
+ Be sure to turn off output compression, as it DOES get in the way.
249
*/
250
+ set_time_limit (0); /* Unlimited. */
251
ini_set ("zlib.output_compression", 0);
252
/**/
253
+ header ("Accept-Ranges: none");
254
+ header ("Content-Encoding: none");
255
+ header ("Content-Type: " . $mimetype);
256
+ header ("Content-Length: " . $length);
257
/**/
258
if (!$inline) /* If not inline, we default to serving the file as an attachment. */
259
+ header ('Content-Disposition: attachment; filename="' . $basename . '"');
260
/**/
261
+ header ("Expires: " . gmdate ("D, d M Y H:i:s", strtotime ("-1 week")) . " GMT");
262
+ header ("Last-Modified: " . gmdate ("D, d M Y H:i:s") . " GMT");
263
+ header ("Cache-Control: no-cache, must-revalidate, max-age=0");
264
header ("Cache-Control: post-check=0, pre-check=0", false);
265
+ header ("Pragma: no-cache");
266
/**/
267
+ if ($length && ($stream = fopen ($file, "rb")))
268
+ {
269
+ @ob_end_clean (); /* End/clean any existing output buffer. */
270
+ /**/
271
+ while (strlen ($data = stream_get_contents ($stream, 2097152)))
272
+ {
273
+ echo $data; /* In 2MB chunks. */
274
+ @ob_end_flush () . @flush ();
275
+ }
276
+ /**/
277
+ fclose ($stream);
278
+ }
279
/**/
280
exit ();
281
}
295
{
296
function ws_plugin__s2member_file_download_key ($file = FALSE, $cache_compatible = FALSE)
297
{
298
+ eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
299
do_action ("ws_plugin__s2member_before_file_download_key", get_defined_vars ());
300
unset ($__refs, $__v); /* Unset defined __refs, __v. */
301
/**/
303
$key = md5 (ws_plugin__s2member_xencrypt ($salt)); /* Creates a site-specific/xencrytped hash of the salt.
304
/**/
305
if (!$cache_compatible) /* Disallow caching. */
306
+ ws_plugin__s2member_nocache_constants (true);
307
/**/
308
return apply_filters ("ws_plugin__s2member_file_download_key", $key, get_defined_vars ());
309
}
includes/functions/force-ssl.inc.php CHANGED
@@ -92,7 +92,7 @@ if (!function_exists ("ws_plugin__s2member_check_force_ssl"))
92
if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
93
$c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
94
/**/
95
- return $c; /* Return string with conversions. */
96
}
97
/**/
98
ob_start ("_ws_plugin__s2member_force_ssl_buffer");
92
if (_ws_plugin__s2member_force_ssl_port && _ws_plugin__s2member_force_ssl_host && _ws_plugin__s2member_force_ssl_host_port) /* Do we ALSO need port conversions? */
93
$c = preg_replace ("/\/" . preg_quote (_ws_plugin__s2member_force_ssl_host, "/") . "(\:[0-9]+)?\//i", "/" . _ws_plugin__s2member_force_ssl_host_port . "/", $c);
94
/**/
95
+ return (strtolower ($m[1]) === "link" && preg_match ("/['\"]alternate['\"]/i", $m[0])) ? $m[0] : $c; /* Return string with conversions. */
96
}
97
/**/
98
ob_start ("_ws_plugin__s2member_force_ssl_buffer");
includes/functions/ip-restrictions.inc.php CHANGED
@@ -47,7 +47,7 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
47
/**/
48
if (get_transient ($transient_security_breach)) /* Has this restriction already been breached? */
49
{
50
- ws_plugin__s2member_nocache_constants (true) . wp_clear_auth_cookie ();
51
/**/
52
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
53
/**/
@@ -61,9 +61,10 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
61
}
62
else if (count ($entries) > $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction"])
63
{
64
- ws_plugin__s2member_nocache_constants (true) . wp_clear_auth_cookie ();
65
/**/
66
- set_transient ($transient_security_breach, 1, $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction_time"]);
67
/**/
68
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
69
/**/
@@ -75,7 +76,7 @@ if (!function_exists ("ws_plugin__s2member_ip_restrictions_ok"))
75
/**/
76
exit ();
77
}
78
- else /* OK, this looks legitimate. Continue updating the Transient array of IP addresses. */
79
{
80
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
81
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_yes", get_defined_vars ());
47
/**/
48
if (get_transient ($transient_security_breach)) /* Has this restriction already been breached? */
49
{
50
+ ws_plugin__s2member_nocache_constants(true) . wp_clear_auth_cookie ();
51
/**/
52
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
53
/**/
61
}
62
else if (count ($entries) > $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction"])
63
{
64
+ ws_plugin__s2member_nocache_constants(true) . wp_clear_auth_cookie ();
65
/**/
66
+ set_transient ($transient_security_breach, 1, /* Lock down. */
67
+ $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["max_ip_restriction_time"]);
68
/**/
69
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_no", get_defined_vars ());
70
/**/
76
/**/
77
exit ();
78
}
79
+ else /* OK, this looks legitimate. Apply Filters here and return true. */
80
{
81
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
82
do_action ("ws_plugin__s2member_during_ip_restrictions_ok_yes", get_defined_vars ());
includes/functions/is-systematic.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
Function that determines whether we are on a Systematic Use Page.
18
*/
@@ -30,15 +30,15 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_page"))
30
{
31
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32
}
33
- else if (preg_match ("/^CLI#x2F;i", PHP_SAPI))
34
{
35
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
36
}
37
- else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !preg_match ("/^localhost(\:[0-9]+)?#x2F;i", $_SERVER["HTTP_HOST"]))
38
{
39
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
40
}
41
- else if (preg_match ("/\/wp-(signup|register|activate|login)\.php/", $_SERVER["REQUEST_URI"]))
42
{
43
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
44
}
@@ -85,7 +85,7 @@ if (!function_exists ("ws_plugin__s2member_is_systematic_use_specific_page"))
85
{
86
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
87
}
88
- else if ($uri && preg_match ("/\/wp-(signup|register|activate|login)\.php/", $uri))
89
{
90
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
91
}
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
Function that determines whether we are on a Systematic Use Page.
18
*/
30
{
31
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
32
}
33
+ else if (preg_match ("/^CLI#x2F;i", PHP_SAPI)) /* CLI = Command Line. Normally indicates a running cron job. */
34
{
35
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
36
}
37
+ else if ($_SERVER["REMOTE_ADDR"] === $_SERVER["SERVER_ADDR"] && !preg_match ("/^localhost(\:[0-9]+)?#x2F;i", $_SERVER["HTTP_HOST"]) && (!defined ("LOCALHOST") || !LOCALHOST))
38
{
39
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
40
}
41
+ else if (preg_match ("/\/wp-(signup|register|activate|login)\.php/", $_SERVER["REQUEST_URI"]) || (defined ("BP_VERSION") && preg_match ("/\/(" . preg_quote (BP_REGISTER_SLUG, "/") . "|" . preg_quote (BP_ACTIVATION_SLUG, "/") . ")/", $_SERVER["REQUEST_URI"])))
42
{
43
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_page", true, get_defined_vars ()));
44
}
85
{
86
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
87
}
88
+ else if ($uri && (preg_match ("/\/wp-(signup|register|activate|login)\.php/", $uri) || (defined ("BP_VERSION") && preg_match ("/\/(" . preg_quote (BP_REGISTER_SLUG, "/") . "|" . preg_quote (BP_ACTIVATION_SLUG, "/") . ")/", $_SERVER["REQUEST_URI"]))))
89
{
90
return ($is_systematic = apply_filters ("ws_plugin__s2member_is_systematic_use_specific_page", true, get_defined_vars ()));
91
}
includes/functions/list-servers.inc.php CHANGED
@@ -35,7 +35,7 @@ Function that process list server integrations for s2Member.
35
*/
36
if (!function_exists ("ws_plugin__s2member_process_list_servers"))
37
{
38
- function ws_plugin__s2member_process_list_servers ($level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE)
39
{
40
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
41
do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());
@@ -52,15 +52,13 @@ if (!function_exists ("ws_plugin__s2member_process_list_servers"))
52
$MCAPI = new NC_MCAPI ($mailchimp_api_key); /* MailChimp® API class. */
53
/**/
54
foreach (preg_split ("/[\r\n\t\s;,]+/", $mailchimp_list_ids) as $mailchimp_list_id)
55
- $MCAPI->listSubscribe ($mailchimp_list_id, $email, array ("FNAME" => $fname, "LNAME" => $lname, "OPTINIP" => $ip));
56
}
57
/**/
58
if (($aweber_list_ids = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_aweber_list_ids"]))
59
{
60
foreach (preg_split ("/[\r\n\t\s;,]+/", $aweber_list_ids) as $aweber_list_id)
61
- @mail ($aweber_list_id . "@aweber.com", "s2Member Subscription Request",/**/
62
- "s2Member Subscription Request\ns2Member w/ PayPal Email ID\nEMail Address: " . $email . "\nBuyer: " . $fname . " " . $lname . "\nFull Name: " . $fname . " " . $lname . "\nFirst Name: " . $fname . "\nLast Name: " . $lname . "\nIP Address: " . $ip . "\nLevel: " . $level . "\n - end.",/**/
63
- "From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");
64
}
65
/**/
66
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
35
*/
36
if (!function_exists ("ws_plugin__s2member_process_list_servers"))
37
{
38
+ function ws_plugin__s2member_process_list_servers ($role = FALSE, $level = FALSE, $email = FALSE, $fname = FALSE, $lname = FALSE, $ip = FALSE, $opt_in = FALSE, $user_id = FALSE)
39
{
40
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
41
do_action ("ws_plugin__s2member_before_process_list_servers", get_defined_vars ());
52
$MCAPI = new NC_MCAPI ($mailchimp_api_key); /* MailChimp® API class. */
53
/**/
54
foreach (preg_split ("/[\r\n\t\s;,]+/", $mailchimp_list_ids) as $mailchimp_list_id)
55
+ $MCAPI->listSubscribe ($mailchimp_list_id, $email, apply_filters ("ws_plugin__s2member_mailchimp_array", array ("FNAME" => $fname, "LNAME" => $lname, "OPTINIP" => $ip), get_defined_vars ()));
56
}
57
/**/
58
if (($aweber_list_ids = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $level . "_aweber_list_ids"]))
59
{
60
foreach (preg_split ("/[\r\n\t\s;,]+/", $aweber_list_ids) as $aweber_list_id)
61
+ wp_mail ($aweber_list_id . "@aweber.com", apply_filters ("ws_plugin__s2member_aweber_sbj", "s2Member Subscription Request", get_defined_vars ()), apply_filters ("ws_plugin__s2member_aweber_msg", "s2Member Subscription Request\ns2Member w/ PayPal Email ID\nEMail Address: " . $email . "\nBuyer: " . $fname . " " . $lname . "\nFull Name: " . $fname . " " . $lname . "\nFirst Name: " . $fname . "\nLast Name: " . $lname . "\nIP Address: " . $ip . "\nUser ID: " . $user_id . "\nRole: " . $role . "\nLevel: " . $level . "\n - end.", get_defined_vars ()), "From: \"" . preg_replace ("/\"/", "", $fname . " " . $lname) . "\" <" . $email . ">\r\nContent-Type: text/plain; charset=utf-8");
62
}
63
/**/
64
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
includes/functions/login-redirection.inc.php CHANGED
@@ -29,24 +29,26 @@ if (!function_exists ("ws_plugin__s2member_login_redirect"))
29
/* This additional check was added in case wp_signon() fires this event with empty $_POST credentials.
30
In this rare case, we can check to see if WordPress® is remembering a previously logged in User. */
31
/**/
32
- if (!is_object ($user = new WP_User ($username)) || ! ($user_id = $user->ID) || !$user->has_cap ("edit_posts"))
33
{
34
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
35
do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
36
unset ($__refs, $__v); /* Unset defined __refs, __v. */
37
/**/
38
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"] && function_exists ("ws_plugin__s2member_generate_password"))
39
{
40
delete_user_setting ("default_password_nag"); /* setcookie() */
41
update_user_option ($user_id, "default_password_nag", false, true);
42
}
43
/**/
44
- if (strtolower ($username) === "demo" || ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
45
{
46
if ($special_redirection_url = ws_plugin__s2member_login_redirection_url ($user))
47
- wp_redirect ($special_redirection_url);
48
/**/
49
- else wp_redirect (get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));
50
}
51
/**/
52
exit ();
@@ -90,10 +92,12 @@ if (!function_exists ("ws_plugin__s2member_fill_login_redirect_rc_vars"))
90
$user_login = (is_object ($user)) ? strtolower ($user->user_login) : "";
91
$user_id = (is_object ($user)) ? (string)$user->ID : "";
92
$user_level = (string)ws_plugin__s2member_user_access_level ($user);
93
/**/
94
$url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($user_login), $url);
95
$url = preg_replace ("/%%current_user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $url);
96
$url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($user_level), $url);
97
/**/
98
return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
99
}
29
/* This additional check was added in case wp_signon() fires this event with empty $_POST credentials.
30
In this rare case, we can check to see if WordPress® is remembering a previously logged in User. */
31
/**/
32
+ if (!is_object ($user = new WP_User ($username)) || ! ($user_id = $user->ID) || !$user->has_cap ("edit_posts")/**/
33
+ /* Now give Filters a chance also. */ || apply_filters ("ws_plugin__s2member_login_redirect", false, get_defined_vars ()))
34
{
35
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
36
do_action ("ws_plugin__s2member_during_login_redirect", get_defined_vars ());
37
unset ($__refs, $__v); /* Unset defined __refs, __v. */
38
/**/
39
+ if ($username && $user && $user_id && $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["custom_reg_password"] && function_exists ("ws_plugin__s2member_generate_password"))
40
{
41
delete_user_setting ("default_password_nag"); /* setcookie() */
42
update_user_option ($user_id, "default_password_nag", false, true);
43
}
44
/**/
45
+ if (!$username || !$user || !$user_id || strtolower ($username) === "demo" || ws_plugin__s2member_ip_restrictions_ok ($_SERVER["REMOTE_ADDR"], strtolower ($username)))
46
{
47
if ($special_redirection_url = ws_plugin__s2member_login_redirection_url ($user))
48
+ wp_redirect($special_redirection_url);
49
/**/
50
+ else
51
+ wp_redirect (get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"]));
52
}
53
/**/
54
exit ();
92
$user_login = (is_object ($user)) ? strtolower ($user->user_login) : "";
93
$user_id = (is_object ($user)) ? (string)$user->ID : "";
94
$user_level = (string)ws_plugin__s2member_user_access_level ($user);
95
+ $user_role = (string)ws_plugin__s2member_user_access_role ($user);
96
/**/
97
$url = preg_replace ("/%%current_user_login%%/i", ws_plugin__s2member_esc_ds ($user_login), $url);
98
$url = preg_replace ("/%%current_user_id%%/i", ws_plugin__s2member_esc_ds ($user_id), $url);
99
$url = preg_replace ("/%%current_user_level%%/i", ws_plugin__s2member_esc_ds ($user_level), $url);
100
+ $url = preg_replace ("/%%current_user_role%%/i", ws_plugin__s2member_esc_ds ($user_role), $url);
101
/**/
102
return apply_filters ("ws_plugin__s2member_fill_login_redirect_rc_vars", $url, get_defined_vars ());
103
}
includes/functions/membership-options.inc.php CHANGED
@@ -12,7 +12,7 @@ If not, see: <http://www.gnu.org/licenses/>.
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
- exit("Do not access this file directly.");
16
/*
17
This forces a redirection to the Membership Options Page for s2Member.
18
This can be used by 3rd party applications that are not aware of which
@@ -31,8 +31,12 @@ if (!function_exists ("ws_plugin__s2member_membership_options_page"))
31
/**/
32
if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
33
{
34
- $_GET["s2member_level_req"] = (strlen ($_GET["s2member_level_req"])) ? $_GET["s2member_level_req"] : "0";
35
- wp_redirect(add_query_arg ("s2member_level_req", $_GET["s2member_level_req"], get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
36
exit ();
37
}
38
/**/
12
Direct access denial.
13
*/
14
if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
15
+ exit ("Do not access this file directly.");
16
/*
17
This forces a redirection to the Membership Options Page for s2Member.
18
This can be used by 3rd party applications that are not aware of which
31
/**/
32
if ($_GET["s2member_membership_options_page"] && !is_page ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"]))
33
{
34
+ $query_args = array (); /* Initialize array. */
35
+ foreach ($_GET as $var => $val) /* Include any s2member_ vars. */
36
+ if (preg_match ("/^s2member_/", $var) && $var !== "s2member_membership_options_page")
37
+ $query_args[$var] = $val;
38
+ /**/
39
+ wp_redirect (add_query_arg (urlencode_deep ($query_args), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
40
exit ();
41
}
42
/**/
includes/functions/menu-pages.inc.php CHANGED
@@ -20,7 +20,7 @@ Options can also be passed in directly.
20
*/
21
if (!function_exists ("ws_plugin__s2member_update_all_options"))
22
{
23
- function ws_plugin__s2member_update_all_options ($new_options = FALSE, $verified = FALSE, $update_other = TRUE, $display_notices = TRUE, $enqueue_notices = FALSE)
24
{
25
do_action ("ws_plugin__s2member_before_update_all_options", get_defined_vars ()); /* If you use this Hook, be sure to use `wp_verify_nonce()`. */
26
/**/
@@ -57,7 +57,7 @@ if (!function_exists ("ws_plugin__s2member_update_all_options"))
57
if ($update_other === true || in_array ("auto_eot_system", (array)$update_other)) /* Handle the Auto-EOT System now ( enable/disable ). */
58
($options["auto_eot_system_enabled"] == 1) ? ws_plugin__s2member_add_auto_eot_system () : ws_plugin__s2member_delete_auto_eot_system ();
59
/**/
60
- if (($display_notices === true || in_array ("success", (array)$display_notices)) && ($notice = '<strong>Options saved.</strong>'))
61
($enqueue_notices === true || in_array ("success", (array)$enqueue_notices)) ? ws_plugin__s2member_enqueue_admin_notice ($notice) : ws_plugin__s2member_display_admin_notice ($notice);
62
/**/
63
if (!$options["membership_options_page"] && ($display_notices === true || in_array ("page-conflict-warnings", (array)$display_notices)) && ($notice = '<strong>NOTE:</strong> s2Member security restrictions will NOT be enforced until you\'ve configured a Membership Options Page. See: <code>s2Member -> General Options -> Membership Options Page</code>.'))
@@ -390,7 +390,7 @@ if (!function_exists ("ws_plugin__s2member_paypal_ops_page"))
390
if (is_dir ($logs_dir) && is_writable ($logs_dir) && !file_exists ($htaccess))
391
file_put_contents ($htaccess, "deny from all") . clearstatcache ();
392
/**/
393
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_debug"]) /* If logging is enabled. */
394
{
395
if (!is_dir ($logs_dir)) /* If the security-enabled logs directory does not exist yet. */
396
ws_plugin__s2member_display_admin_notice ("The security-enabled logs directory ( <code>" . preg_replace ("/^" . preg_quote ($_SERVER["DOCUMENT_ROOT"], "/") . "/", "", $logs_dir) . "</code> ) does not exist. Please create this directory manually &amp; make it writable ( chmod 777 ).", true);
20
*/
21
if (!function_exists ("ws_plugin__s2member_update_all_options"))
22
{
23
+ function ws_plugin__s2member_update_all_options ($new_options = FALSE, $verified = FALSE, $update_other = TRUE, $display_notices = TRUE, $enqueue_notices = FALSE, $request_refresh = FALSE)
24
{
25
do_action ("ws_plugin__s2member_before_update_all_options", get_defined_vars ()); /* If you use this Hook, be sure to use `wp_verify_nonce()`. */
26
/**/
57
if ($update_other === true || in_array ("auto_eot_system", (array)$update_other)) /* Handle the Auto-EOT System now ( enable/disable ). */
58
($options["auto_eot_system_enabled"] == 1) ? ws_plugin__s2member_add_auto_eot_system () : ws_plugin__s2member_delete_auto_eot_system ();
59
/**/
60
+ if (($display_notices === true || in_array ("success", (array)$display_notices)) && ($notice = '<strong>Options saved.' . (($request_refresh) ? ' Please <a href="' . esc_attr ($_SERVER["REQUEST_URI"]) . '">refresh</a>.' : '') . '</strong>'))
61
($enqueue_notices === true || in_array ("success", (array)$enqueue_notices)) ? ws_plugin__s2member_enqueue_admin_notice ($notice) : ws_plugin__s2member_display_admin_notice ($notice);
62
/**/
63
if (!$options["membership_options_page"] && ($display_notices === true || in_array ("page-conflict-warnings", (array)$display_notices)) && ($notice = '<strong>NOTE:</strong> s2Member security restrictions will NOT be enforced until you\'ve configured a Membership Options Page. See: <code>s2Member -> General Options -> Membership Options Page</code>.'))
390
if (is_dir ($logs_dir) && is_writable ($logs_dir) && !file_exists ($htaccess))
391
file_put_contents ($htaccess, "deny from all") . clearstatcache ();
392
/**/
393
+ if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["gateway_debug_logs"]) /* Logging enabled? */
394
{
395
if (!is_dir ($logs_dir)) /* If the security-enabled logs directory does not exist yet. */
396
ws_plugin__s2member_display_admin_notice ("The security-enabled logs directory ( <code>" . preg_replace ("/^" . preg_quote ($_SERVER["DOCUMENT_ROOT"], "/") . "/", "", $logs_dir) . "</code> ) does not exist. Please create this directory manually &amp; make it writable ( chmod 777 ).", true);
includes/functions/nocache.inc.php CHANGED
@@ -55,6 +55,7 @@ These additional supplemental routines, include:
55
- ws_plugin__s2member_check_page_level_access()
56
- ws_plugin__s2member_ip_restrictions_ok()
57
- ws_plugin__s2member_file_download_key()
58
*/
59
if (!function_exists ("ws_plugin__s2member_nocache_constants"))
60
{
55
- ws_plugin__s2member_check_page_level_access()
56
- ws_plugin__s2member_ip_restrictions_ok()
57
- ws_plugin__s2member_file_download_key()
58
+ - Button/Shortcode Generators also call this.
59
*/
60
if (!function_exists ("ws_plugin__s2member_nocache_constants"))
61
{
includes/functions/page-level-access.inc.php CHANGED
@@ -44,17 +44,17 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
44
/**/
45
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
46
{
47
- wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
48
exit ();
49
}
50
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
51
{
52
- wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
53
exit ();
54
}
55
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
56
{
57
- wp_redirect (add_query_arg ("s2member_level_req", 0, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
exit ();
59
}
60
else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict Systematic Use Pages. However, there are 3 exceptions above ^. */
@@ -63,13 +63,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
63
{
64
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
65
{
66
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
67
exit ();
68
}
69
/**/
70
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
71
{
72
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
73
exit ();
74
}
75
}
@@ -80,13 +80,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
80
{
81
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
82
{
83
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
84
exit ();
85
}
86
/**/
87
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] && has_tag (preg_split ("/[\r\n\t;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
88
{
89
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
90
exit ();
91
}
92
}
@@ -98,7 +98,7 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
98
foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
99
if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
100
{
101
- wp_redirect (add_query_arg ("s2member_level_req", $i, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
102
exit ();
103
}
104
}
@@ -107,13 +107,13 @@ if (!function_exists ("ws_plugin__s2member_check_page_level_access"))
107
foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. Stored as a serialized array. */
108
if (strlen ($ccap) && (!$current_user || !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
109
{
110
- wp_redirect (add_query_arg ("s2member_ccap_req", $ccap, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
111
exit ();
112
}
113
/**/
114
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_id))
115
{
116
- wp_redirect (add_query_arg ("s2member_sp_req", $page_id, get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
117
exit ();
118
}
119
}
44
/**/
45
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_welcome_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
46
{
47
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
48
exit ();
49
}
50
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["login_redirection_override"] && ($login_redirection_uri = ws_plugin__s2member_login_redirection_uri ($current_user)) && preg_match ("/^" . preg_quote ($login_redirection_uri, "/") . "#x2F;", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
51
{
52
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
53
exit ();
54
}
55
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && $page_id == $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["file_download_limit_exceeded_page"] && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level0")) && $page_id != $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])
56
{
57
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => "0")), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
58
exit ();
59
}
60
else if (!ws_plugin__s2member_is_systematic_use_page ()) /* Never restrict Systematic Use Pages. However, there are 3 exceptions above ^. */
63
{
64
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
65
{
66
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
67
exit ();
68
}
69
/**/
70
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_pages"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
71
{
72
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
73
exit ();
74
}
75
}
80
{
81
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] === "all" && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
82
{
83
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
84
exit ();
85
}
86
/**/
87
else if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"] && has_tag (preg_split ("/[\r\n\t;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ptags"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
88
{
89
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
90
exit ();
91
}
92
}
98
foreach (preg_split ("/[\r\n\t]+/", ws_plugin__s2member_fill_ruri_level_access_rc_vars ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $i . "_ruris"], $current_user)) as $str)
99
if ($str && preg_match ("/" . preg_quote ($str, "/") . "/", $_SERVER["REQUEST_URI"]) && ws_plugin__s2member_nocache_constants (true) !== "nill" && (!$current_user || !current_user_can ("access_s2member_level" . $i)))
100
{
101
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_level_req" => $i)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
102
exit ();
103
}
104
}
107
foreach ($ccaps_req as $ccap) /* The $current_user MUST satisfy ALL Custom Capability requirements. Stored as a serialized array. */
108
if (strlen ($ccap) && (!$current_user || !$current_user->has_cap ("access_s2member_ccap_" . $ccap)))
109
{
110
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_ccap_req" => $ccap)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
111
exit ();
112
}
113
/**/
114
if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"] && in_array ($page_id, preg_split ("/[\r\n\t\s;,]+/", $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["specific_ids"])) && ws_plugin__s2member_nocache_constants (true) !== "nill" && !ws_plugin__s2member_sp_access ($page_id))
115
{
116
+ wp_redirect (add_query_arg (urlencode_deep (array ("s2member_seeking" => "page-" . $page_id, "s2member_sp_req" => $page_id)), get_page_link ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["membership_options_page"])));
117
exit ();
118
}
119
}
includes/functions/paypal-button.inc.php CHANGED
@@ -16,14 +16,6 @@ if (realpath (__FILE__) === realpath ($_SERVER["SCRIPT_FILENAME"]))
16
/*
17
Function that handles the Shortcode for [s2Member-PayPal-Button /].
18
Attach to: add_shortcode("s2Member-PayPal-Button");
19
-
20
- [s2Member-PayPal-Button level="1" ccaps="" desc="" ps="paypal" cc="USD" ns="1" custom="www.domain.com" ta="0" tp="0" tt="D" ra="0.01" rp="1" rt="M" rr="1" image="default" /]
21
- [s2Member-PayPal-Button page="0" exp="72" desc="Specific Post/Page Access" ps="paypal" cc="USD" ns="1" custom="www.domain.com" ra="0.01" sp="1" image="default" /]
22
- The image="" attribute will be used as a custom image; when provided; and not equal to "default".
23
-
24
- - PayPal® Cancellation Buttons are identified by cancel="1".
25
- - PayPal® Specific Post/Page Buttons are identified by sp="1".
26
- - PayPal® Modification Buttons are identified by modify="1".
27
*/
28
if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
29
{
@@ -33,15 +25,17 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
33
do_action ("ws_plugin__s2member_before_sc_paypal_button", get_defined_vars ());
34
unset ($__refs, $__v); /* Unset defined __refs, __v. */
35
/**/
36
$attr = ws_plugin__s2member_trim_quot_deep ((array)$attr); /* Force array, and fix &quot; in attrs. */
37
/**/
38
- $attr["tt"] = strtoupper ($attr["tt"]); /* Term lengths absolutely must be provided in upper-case format. */
39
- $attr["rt"] = strtoupper ($attr["rt"]); /* Term lengths absolutely must be provided in upper-case format. */
40
- $attr["rr"] = strtoupper ($attr["rr"]); /* Must be provided in upper-case format. Numerical, or BN value. */
41
- $attr["ccaps"] = strtolower ($attr["ccaps"]); /* Custom Capabilities must be typed in lower-case format. */
42
- $attr["rr"] = ($attr["rt"] === "L") ? "BN" : $attr["rr"]; /* Lifetime Subscriptions require Buy Now. */
43
/**/
44
- $attr = shortcode_atts (array ("ids" => "0", "exp" => "72", "level" => "1", "ccaps" => "", "desc" => "", "ps" => "paypal", "cc" => "USD", "ns" => "1", "custom" => $_SERVER["HTTP_HOST"], "ta" => "", "tp" => "0", "tt" => "D", "ra" => "0.01", "rp" => "1", "rt" => "M", "rr" => "1", "modify" => "0", "cancel" => "0", "sp" => "0", "image" => "default"), $attr);
45
/**/
46
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
47
do_action ("ws_plugin__s2member_before_sc_paypal_button_after_shortcode_atts", get_defined_vars ());
@@ -49,11 +43,19 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
49
/**/
50
if ($attr["cancel"]) /* This is a special routine for Cancellation Buttons. Cancellation Buttons use a different template. */
51
{
52
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-cancellation-button.html"));
53
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
54
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
55
/**/
56
- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;
57
/**/
58
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
59
do_action ("ws_plugin__s2member_during_sc_paypal_cancellation_button", get_defined_vars ());
@@ -62,15 +64,20 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
62
/**/
63
else if ($attr["sp"]) /* This is a special routine for Specific Post/Page Buttons. Specific Post/Page Buttons use a different template. */
64
{
65
$attr["sp_ids_exp"] = "sp:" . $attr["ids"] . ":" . $attr["exp"]; /* Combined "sp:ids:expiration hours". */
66
/**/
67
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-sp-checkout-button.html"));
68
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
69
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
70
$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code);
71
$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
72
$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
73
- $code = preg_replace ("/%%domain%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
74
/**/
75
$code = preg_replace ('/ name\="no_shipping" value\="(.*?)"/', ' name="no_shipping" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ns"])) . '"', $code);
76
$code = preg_replace ('/ name\="item_name" value\="(.*?)"/', ' name="item_name" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["desc"])) . '"', $code);
@@ -80,7 +87,10 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
80
$code = preg_replace ('/ name\="custom" value\="(.*?)"/', ' name="custom" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["custom"])) . '"', $code);
81
$code = preg_replace ('/ name\="amount" value\="(.*?)"/', ' name="amount" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ra"])) . '"', $code);
82
/**/
83
- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;
84
/**/
85
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
86
do_action ("ws_plugin__s2member_during_sc_paypal_sp_button", get_defined_vars ());
@@ -88,19 +98,24 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
88
}
89
else /* Otherwise, we'll process this Button normally, using the Membership routines. Also handles Modification Buttons. */
90
{
91
$attr["desc"] = (!$attr["desc"]) ? $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"] : $attr["desc"];
92
/**/
93
$attr["level_ccaps_eotper"] = ($attr["rr"] === "BN" && $attr["rt"] !== "L") ? $attr["level"] . ":" . $attr["ccaps"] . ":" . $attr["rp"] . " " . $attr["rt"] : $attr["level"] . ":" . $attr["ccaps"];
94
$attr["level_ccaps_eotper"] = rtrim ($attr["level_ccaps_eotper"], ":"); /* Clean any trailing separators from this string. */
95
/**/
96
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-checkout-button.html"));
97
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
98
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
99
$code = preg_replace ("/%%level_label%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"])), $code);
100
$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code); /* This brings them back to Front Page. */
101
$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
102
$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
103
- $code = preg_replace ("/%%domain%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
104
$code = preg_replace ("/%%level%%/", ws_plugin__s2member_esc_ds (esc_attr ($attr["level"])), $code);
105
/**/
106
$code = preg_replace ('/ \<\!--(\<input type\="hidden" name\="(amount|src|sra|a1|p1|t1|a3|p3|t3)" value\="(.*?)" \/\>)--\>/', " $1", $code);
@@ -128,7 +143,10 @@ if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
128
$code = preg_replace ('/ name\="p3" value\="(.*?)"/', ' name="p3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rp"])) . '"', $code);
129
$code = preg_replace ('/ name\="t3" value\="(.*?)"/', ' name="t3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rt"])) . '"', $code);
130
/**/
131
- $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : $code;
132
/**/
133
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
134
($attr["modify"]) ? do_action ("ws_plugin__s2member_during_sc_paypal_modification_button", get_defined_vars ()) : do_action ("ws_plugin__s2member_during_sc_paypal_button", get_defined_vars ());
16
/*
17
Function that handles the Shortcode for [s2Member-PayPal-Button /].
18
Attach to: add_shortcode("s2Member-PayPal-Button");
19
*/
20
if (!function_exists ("ws_plugin__s2member_sc_paypal_button"))
21
{
25
do_action ("ws_plugin__s2member_before_sc_paypal_button", get_defined_vars ());
26
unset ($__refs, $__v); /* Unset defined __refs, __v. */
27
/**/
28
+ ws_plugin__s2member_nocache_constants(true); /* No caching on pages that contain this Button. */
29
+ /**/
30
$attr = ws_plugin__s2member_trim_quot_deep ((array)$attr); /* Force array, and fix &quot; in attrs. */
31
/**/
32
+ $attr = shortcode_atts (array ("ids" => "0", "exp" => "72", "level" => "1", "ccaps" => "", "desc" => "", "ps" => "paypal", "cc" => "USD", "ns" => "1", "custom" => $_SERVER["HTTP_HOST"], "ta" => "0", "tp" => "0", "tt" => "D", "ra" => "0.01", "rp" => "1", "rt" => "M", "rr" => "1", "modify" => "0", "cancel" => "0", "sp" => "0", "image" => "default", "output" => "button"), $attr);
33
/**/
34
+ $attr["tt"] = strtoupper ($attr["tt"]); /* Term lengths absolutely must be provided in upper-case format. Only perform this modification after running shortcode_atts(). */
35
+ $attr["rt"] = strtoupper ($attr["rt"]); /* Term lengths absolutely must be provided in upper-case format. Only perform this modification after running shortcode_atts(). */
36
+ $attr["rr"] = strtoupper ($attr["rr"]); /* Must be provided in upper-case format. Numerical, or BN value. Only perform this modification after running shortcode_atts(). */
37
+ $attr["ccaps"] = strtolower ($attr["ccaps"]); /* Custom Capabilities must be typed in lower-case format. Only perform this modification after running shortcode_atts(). */
38
+ $attr["rr"] = ($attr["rt"] === "L") ? "BN" : $attr["rr"]; /* Lifetime Subscriptions require Buy Now. Only perform this modification after running shortcode_atts(). */
39
/**/
40
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
41
do_action ("ws_plugin__s2member_before_sc_paypal_button_after_shortcode_atts", get_defined_vars ());
43
/**/
44
if ($attr["cancel"]) /* This is a special routine for Cancellation Buttons. Cancellation Buttons use a different template. */
45
{
46
+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_unsubscribe_LG.gif"; /* Default Image. */
47
+ /**/
48
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-cancellation-button.html"));
49
+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
50
+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
51
+ /**/
52
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
53
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
54
/**/
55
+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
56
+ /**/
57
+ $code = ($attr["output"] === "anchor") ? $code : $code; /* Cancellation Buttons are already in anchor format; Button format is not used in Cancellations. */
58
+ $code = ($attr["output"] === "url") ? "https://" . ( ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com") . "/cgi-bin/webscr?cmd=_subscr-find&alias=" . urlencode ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"]) : $code;
59
/**/
60
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
61
do_action ("ws_plugin__s2member_during_sc_paypal_cancellation_button", get_defined_vars ());
64
/**/
65
else if ($attr["sp"]) /* This is a special routine for Specific Post/Page Buttons. Specific Post/Page Buttons use a different template. */
66
{
67
+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif"; /* Default Image. */
68
+ /**/
69
$attr["sp_ids_exp"] = "sp:" . $attr["ids"] . ":" . $attr["exp"]; /* Combined "sp:ids:expiration hours". */
70
/**/
71
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-sp-checkout-button.html"));
72
+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
73
+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
74
+ /**/
75
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
76
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
77
$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code);
78
$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
79
$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
80
+ $code = preg_replace ("/%%custom%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
81
/**/
82
$code = preg_replace ('/ name\="no_shipping" value\="(.*?)"/', ' name="no_shipping" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ns"])) . '"', $code);
83
$code = preg_replace ('/ name\="item_name" value\="(.*?)"/', ' name="item_name" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["desc"])) . '"', $code);
87
$code = preg_replace ('/ name\="custom" value\="(.*?)"/', ' name="custom" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["custom"])) . '"', $code);
88
$code = preg_replace ('/ name\="amount" value\="(.*?)"/', ' name="amount" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["ra"])) . '"', $code);
89
/**/
90
+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
91
+ /**/
92
+ $code = ($attr["output"] === "anchor") ? '<a href="' . ws_plugin__s2member_form_whips_2_url ($code) . '"><img src="' . ( ($attr["image"] && $attr["image"] !== "default") ? esc_attr ($attr["image"]) : esc_attr ($default_image)) . '" style="width:auto; height:auto; border:0;" alt="PayPal®" /></a>' : $code;
93
+ $code = ($attr["output"] === "url") ? ws_plugin__s2member_form_whips_2_url ($code) : $code;
94
/**/
95
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
96
do_action ("ws_plugin__s2member_during_sc_paypal_sp_button", get_defined_vars ());
98
}
99
else /* Otherwise, we'll process this Button normally, using the Membership routines. Also handles Modification Buttons. */
100
{
101
+ $default_image = "https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif"; /* Default PayPal® Image. */
102
+ /**/
103
$attr["desc"] = (!$attr["desc"]) ? $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"] : $attr["desc"];
104
/**/
105
$attr["level_ccaps_eotper"] = ($attr["rr"] === "BN" && $attr["rt"] !== "L") ? $attr["level"] . ":" . $attr["ccaps"] . ":" . $attr["rp"] . " " . $attr["rt"] : $attr["level"] . ":" . $attr["ccaps"];
106
$attr["level_ccaps_eotper"] = rtrim ($attr["level_ccaps_eotper"], ":"); /* Clean any trailing separators from this string. */
107
/**/
108
$code = trim (file_get_contents (dirname (dirname (__FILE__)) . "/templates/buttons/paypal-checkout-button.html"));
109
+ $code = preg_replace ("/%%images%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["c"]["dir_url"] . "/images")), $code);
110
+ $code = preg_replace ("/%%wpurl%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl"))), $code);
111
+ /**/
112
$code = preg_replace ("/%%endpoint%%/", ws_plugin__s2member_esc_ds (esc_attr (($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com")), $code);
113
$code = preg_replace ("/%%paypal_business%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_business"])), $code);
114
$code = preg_replace ("/%%level_label%%/", ws_plugin__s2member_esc_ds (esc_attr ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["level" . $attr["level"] . "_label"])), $code);
115
$code = preg_replace ("/%%cancel_return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("url"))), $code); /* This brings them back to Front Page. */
116
$code = preg_replace ("/%%notify_url%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_notify=1")), $code);
117
$code = preg_replace ("/%%return%%/", ws_plugin__s2member_esc_ds (esc_attr (get_bloginfo ("wpurl") . "/?s2member_paypal_return=1")), $code);
118
+ $code = preg_replace ("/%%custom%%/", ws_plugin__s2member_esc_ds (esc_attr ($_SERVER["HTTP_HOST"])), $code);
119
$code = preg_replace ("/%%level%%/", ws_plugin__s2member_esc_ds (esc_attr ($attr["level"])), $code);
120
/**/
121
$code = preg_replace ('/ \<\!--(\<input type\="hidden" name\="(amount|src|sra|a1|p1|t1|a3|p3|t3)" value\="(.*?)" \/\>)--\>/', " $1", $code);
143
$code = preg_replace ('/ name\="p3" value\="(.*?)"/', ' name="p3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rp"])) . '"', $code);
144
$code = preg_replace ('/ name\="t3" value\="(.*?)"/', ' name="t3" value="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["rt"])) . '"', $code);
145
/**/
146
+ $code = ($attr["image"] && $attr["image"] !== "default") ? preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($attr["image"])) . '"', $code) : preg_replace ('/ src\="(.*?)"/', ' src="' . ws_plugin__s2member_esc_ds (esc_attr ($default_image)) . '"', $code);
147
+ /**/
148
+ $code = ($attr["output"] === "anchor") ? '<a href="' . ws_plugin__s2member_form_whips_2_url ($code) . '"><img src="' . ( ($attr["image"] && $attr["image"] !== "default") ? esc_attr ($attr["image"]) : esc_attr ($default_image)) . '" style="width:auto; height:auto; border:0;" alt="PayPal®" /></a>' : $code;
149
+ $code = ($attr["output"] === "url") ? ws_plugin__s2member_form_whips_2_url ($code) : $code;
150
/**/
151
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
152
($attr["modify"]) ? do_action ("ws_plugin__s2member_during_sc_paypal_modification_button", get_defined_vars ()) : do_action ("ws_plugin__s2member_during_sc_paypal_button", get_defined_vars ());
includes/functions/paypal-utilities.inc.php CHANGED
@@ -31,36 +31,35 @@ if (!function_exists ("ws_plugin__s2member_paypal_postvars"))
31
{
32
unset ($__refs, $__v); /* Unset defined __refs, __v. */
33
/**/
34
- if ($_GET["tx"]) /* PDT ( Payment Data Transfer ) with Auto-Return. */
35
{
36
- if ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"])
37
{
38
- $postback["tx"] = $_GET["tx"];
39
- $postback["cmd"] = "_notify-synch";
40
- $postback["at"] = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"];
41
- /**/
42
- $endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
43
- /**/
44
- if (preg_match ("/^SUCCESS/i", ($response = trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20))))))
45
{
46
- foreach (preg_split ("/[\r\n]+/", preg_replace ("/^SUCCESS/i", "", $response)) as $varline)
47
- {
48
- list ($key, $value) = preg_split ("/\=/", $varline, 2);
49
- if (strlen ($key = trim ($key)) && strlen ($value = trim ($value)))
50
- $postvars[$key] = trim (stripslashes (urldecode ($value)));
51
- }
52
- /**/
53
- return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
54
}
55
- else /* Nope. */
56
- return false;
57
}
58
else /* Nope. */
59
return false;
60
}
61
- else if (is_array ($postvars = stripslashes_deep ($_POST)))
62
{
63
- $postback = $postvars;
64
$postback["cmd"] = "_notify-validate";
65
/**/
66
$postvars = ws_plugin__s2member_trim_deep ($postvars);
@@ -68,7 +67,7 @@ if (!function_exists ("ws_plugin__s2member_paypal_postvars"))
68
$endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
69
/**/
70
if ($_GET["s2member_paypal_proxy"] && $_GET["s2member_paypal_proxy_verification"] === ws_plugin__s2member_paypal_proxy_key_gen ())
71
- return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
72
/**/
73
else if (strtolower (trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20)))) === "verified")
74
return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
@@ -256,17 +255,17 @@ if (!function_exists ("ws_plugin__s2member_paypal_auto_eot_time"))
256
$p3_time = $p3_days * 86400;
257
}
258
/**/
259
- if (!$last_payment_time) /* If no payment yet.
260
- EOT after p1, if there was a p1. Otherwise, now + 1 day grace. */
261
{
262
$auto_eot_time = $registration_time + $p1_time + 86400;
263
}
264
- /* Else if p1, and last payment was within p1, last + p1 + 1 day grace. */
265
else if ($p1_time && $last_payment_time <= $registration_time + $p1_time)
266
{
267
$auto_eot_time = $last_payment_time + $p1_time + 86400;
268
}
269
- else /* Otherwise, the EOT comes after last payment + p3 + 1 day grace. */
270
{
271
$auto_eot_time = $last_payment_time + $p3_time + 86400;
272
}
@@ -338,22 +337,109 @@ if (!function_exists ("ws_plugin__s2member_paypal_std_term"))
338
Function converts a term [D,W,M,Y,L,Day,Week,Month,Year,Lifetime] into Daily, Weekly, Monthly, Yearly, Lifetime.
339
This function can also handle "Period Term" combinations. Where the Period will be stripped automatically before conversion.
340
For example, "1 D", would become, just "Daily". Another example, "3 Y" would become "Yearly"; and "1 L", would become "Lifetime".
341
*/
342
if (!function_exists ("ws_plugin__s2member_paypal_term_cycle"))
343
{
344
- function ws_plugin__s2member_paypal_term_cycle ($term_or_period_term = FALSE)
345
{
346
eval ('foreach(array_keys(get_defined_vars())as$__v)$__refs[$__v]=&$__v;');
347
do_action ("ws_plugin__s2member_before_paypal_term_cycle", get_defined_vars ());
348
unset ($__refs, $__v); /* Unset defined __refs, __v. */
349
/**/
350
- $paypal_term_cycles = array ("D" => "Daily", "W" => "Weekly", "M" => "Monthly", "Y" => "Yearly", "L" => "Lifetime", "DAY" => "Daily", "WEEK" => "Weekly", "MONTH" => "Monthly", "YEAR" => "Yearly", "Lifetime" => "Lifetime");
351
/**/
352
- $term_cycle = $paypal_term_cycles[strtoupper (preg_replace ("/^(.+?) /", "", $term_or_period_term))];
353
return apply_filters ("ws_plugin__s2member_paypal_term_cycle", $term_cycle, get_defined_vars ());
354
}
355
}
356
/*
357
Parse/validate item_name from either an array with recurring_payment_id, or use an existing string.
358
*/
359
if (!function_exists ("ws_plugin__s2member_paypal_pro_subscr_id"))
@@ -449,6 +535,7 @@ Pro API with PROFILEREFERENCE|rp_invoice_id, or parse/validate an existing strin
449
to make sure it is a valid "period term" combination.
450
451
Note: This will also convert "1 Day", into "1 D".
452
*/
453
if (!function_exists ("ws_plugin__s2member_paypal_pro_period1"))
454
{
@@ -474,6 +561,10 @@ if (!function_exists ("ws_plugin__s2member_paypal_pro_period1"))
474
{
475
list ($num, $span) = preg_split ("/ /", $period1, 2);
476
/**/
477
if (strlen ($span) !== 1) /* Convert to Standard format. */
478
$span = ws_plugin__s2member_paypal_std_term ($span);
479
/**/
@@ -493,7 +584,8 @@ Pro API with PROFILEREFERENCE|rp_invoice_id, or parse/validate an existing strin
493
to make sure it is a valid "period term" combination.
494
495
Note: This will also convert "1 Day", into "1 D".
496
- Note: The regular period can never be less than 1 day ( 1 D ).
497
*/
498
if (!function_exists ("ws_plugin__s2member_paypal_pro_period3"))
499
{
@@ -519,6 +611,10 @@ if (!function_exists ("ws_plugin__s2member_paypal_pro_period3"))
519
{
520
list ($num, $span) = preg_split ("/ /", $period3, 2);
521
/**/
522
if (strlen ($span) !== 1) /* Convert to Standard format. */
523
$span = ws_plugin__s2member_paypal_std_term ($span);
524
/**/
31
{
32
unset ($__refs, $__v); /* Unset defined __refs, __v. */
33
/**/
34
+ if ($_GET["tx"] && !$_GET["s2member_paypal_proxy"]) /* Auto-Return w/PDT. */
35
{
36
+ $postback["tx"] = $_GET["tx"];
37
+ $postback["cmd"] = "_notify-synch";
38
+ $postback["at"] = $GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_identity_token"];
39
+ /**/
40
+ $endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
41
+ /**/
42
+ if (preg_match ("/^SUCCESS/i", ($response = trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20))))))
43
{
44
+ foreach (preg_split ("/[\r\n]+/", preg_replace ("/^SUCCESS/i", "", $response)) as $varline)
45
{
46
+ list ($key, $value) = preg_split ("/\=/", $varline, 2);
47
+ if (strlen ($key = trim ($key)) && strlen ($value = trim ($value)))
48
+ $postvars[$key] = trim (stripslashes (urldecode ($value)));
49
}
50
+ /**/
51
+ return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
52
}
53
else /* Nope. */
54
return false;
55
}
56
+ else if (is_array ($postvars = stripslashes_deep ($_REQUEST)))
57
{
58
+ foreach ($postvars as $key => $value)
59
+ if (preg_match ("/^s2member_/", $key))
60
+ unset ($postvars[$key]);
61
+ /**/
62
+ $postback = $postvars; /* Copy. */
63
$postback["cmd"] = "_notify-validate";
64
/**/
65
$postvars = ws_plugin__s2member_trim_deep ($postvars);
67
$endpoint = ($GLOBALS["WS_PLUGIN__"]["s2member"]["o"]["paypal_sandbox"]) ? "www.sandbox.paypal.com" : "www.paypal.com";
68
/**/
69
if ($_GET["s2member_paypal_proxy"] && $_GET["s2member_paypal_proxy_verification"] === ws_plugin__s2member_paypal_proxy_key_gen ())
70
+ return apply_filters ("ws_plugin__s2member_paypal_postvars", array_merge ($postvars, array ("proxy_verified" => $_GET["s2member_paypal_proxy"])), get_defined_vars ());
71
/**/
72
else if (strtolower (trim (ws_plugin__s2member_remote ("https://" . $endpoint . "/cgi-bin/webscr", $postback, array ("timeout" => 20)))) === "verified")
73
return apply_filters ("ws_plugin__s2member_paypal_postvars", $postvars, get_defined_vars ());
255
$p3_time = $p3_days * 86400;
256
}
257
/**/
258
+ if (!$last_payment_time) /* If there's been no payment yet.
259
+ After p1, if there was a p1. Otherwise, reg. time + 1 day grace. */
260
{
261
$auto_eot_time = $registration_time + $p1_time + 86400;
262
}
263
+ /* Else if p1, and last payment within p1, last + p1 + 1 day grace. */
264
else if ($p1_time && $last_payment_time <= $registration_time + $p1_time)
265
{
266
$auto_eot_time = $last_payment_time + $p1_time + 86400;
267
}
268
+ else /* Otherwise, after last payment + p3 + 1 day grace. */
269
{
270
$auto_eot_time = $last_payment_time + $p3_time + 86400;
271
}
337
Function converts a term [D,W,M,Y,L,Day,Week,Month,Year,Lifetime] into Daily, Weekly, Monthly, Yearly, Lifetime.
338