Version Description
- Removed "v" from the version number.
- Added robust price validation checks.
Download this release
Release Info
| Developer | wptipsntricks |
| Plugin |  WordPress Simple PayPal Shopping Cart |
| Version | 4.1.0 |
| Comparing to | |
| See all releases | |
Code changes from version 4.0.8 to 4.1.0
- includes/wspsc-cart-functions.php +2 -2
- paypal.php +137 -118
- readme.txt +9 -2
- wp_shopping_cart.php +40 -14
- wp_shopping_cart_misc_functions.php +4 -0
includes/wspsc-cart-functions.php
CHANGED
|
@@ -107,11 +107,11 @@ function print_wp_shopping_cart($args = array()) {
|
|
| 107 |
$output .= '</td>';
|
| 108 |
|
| 109 |
$output .= "<td style='text-align: center'><form method=\"post\" action=\"\" name='pcquantity' style='display: inline'>
|
| 110 |
-
<input type=\"hidden\" name=\"
|
| 111 |
<input type='hidden' name='cquantity' value='1' /><input type='text' name='quantity' value='" . $item['quantity'] . "' size='1' onchange='document.pcquantity.submit();' onkeypress='document.getElementById(\"pinfo\").style.display = \"\";' /></form></td>
|
| 112 |
<td style='text-align: center'>" . print_payment_currency(($item['price'] * $item['quantity']), $paypal_symbol, $decimal) . "</td>
|
| 113 |
<td><form method=\"post\" action=\"\" class=\"wp_cart_remove_item_form\">
|
| 114 |
-
<input type=\"hidden\" name=\"
|
| 115 |
<input type='hidden' name='delcart' value='1' />
|
| 116 |
<input type='image' src='" . WP_CART_URL . "/images/Shoppingcart_delete.png' value='" . (__("Remove", "WSPSC")) . "' title='" . (__("Remove", "WSPSC")) . "' /></form></td></tr>
|
| 117 |
";
|
| 107 |
$output .= '</td>';
|
| 108 |
|
| 109 |
$output .= "<td style='text-align: center'><form method=\"post\" action=\"\" name='pcquantity' style='display: inline'>
|
| 110 |
+
<input type=\"hidden\" name=\"wspsc_product\" value=\"" . htmlspecialchars($item['name']) . "\" />
|
| 111 |
<input type='hidden' name='cquantity' value='1' /><input type='text' name='quantity' value='" . $item['quantity'] . "' size='1' onchange='document.pcquantity.submit();' onkeypress='document.getElementById(\"pinfo\").style.display = \"\";' /></form></td>
|
| 112 |
<td style='text-align: center'>" . print_payment_currency(($item['price'] * $item['quantity']), $paypal_symbol, $decimal) . "</td>
|
| 113 |
<td><form method=\"post\" action=\"\" class=\"wp_cart_remove_item_form\">
|
| 114 |
+
<input type=\"hidden\" name=\"wspsc_product\" value=\"" . $item['name'] . "\" />
|
| 115 |
<input type='hidden' name='delcart' value='1' />
|
| 116 |
<input type='image' src='" . WP_CART_URL . "/images/Shoppingcart_delete.png' value='" . (__("Remove", "WSPSC")) . "' title='" . (__("Remove", "WSPSC")) . "' /></form></td></tr>
|
| 117 |
";
|
paypal.php
CHANGED
|
@@ -102,6 +102,7 @@ class paypal_ipn_handler {
|
|
| 102 |
|
| 103 |
$payment_currency = get_option('cart_payment_currency');
|
| 104 |
|
|
|
|
| 105 |
foreach ($cart_items as $current_cart_item)
|
| 106 |
{
|
| 107 |
$cart_item_data_num = $current_cart_item['item_number'];
|
|
@@ -109,6 +110,7 @@ class paypal_ipn_handler {
|
|
| 109 |
$cart_item_data_quantity = $current_cart_item['quantity'];
|
| 110 |
$cart_item_data_total = $current_cart_item['mc_gross'];
|
| 111 |
$cart_item_data_currency = $current_cart_item['mc_currency'];
|
|
|
|
| 112 |
|
| 113 |
$this->debug_log('Item Number: '.$cart_item_data_num,true);
|
| 114 |
$this->debug_log('Item Name: '.$cart_item_data_name,true);
|
|
@@ -116,146 +118,163 @@ class paypal_ipn_handler {
|
|
| 116 |
$this->debug_log('Item Total: '.$cart_item_data_total,true);
|
| 117 |
$this->debug_log('Item Currency: '.$cart_item_data_currency,true);
|
| 118 |
|
| 119 |
-
// Compare the values
|
| 120 |
if ($payment_currency != $cart_item_data_currency)
|
| 121 |
{
|
| 122 |
-
|
| 123 |
-
|
| 124 |
}
|
| 125 |
}
|
| 126 |
|
| 127 |
$post_id = $custom_values['wp_cart_id'];
|
|
|
|
| 128 |
$ip_address = $custom_values['ip'];
|
| 129 |
$applied_coupon_code = $custom_values['coupon_code'];
|
| 130 |
$currency_symbol = get_option('cart_currency_symbol');
|
| 131 |
$this->debug_log('custom values',true);
|
| 132 |
$this->debug_log_array($custom_values,true);
|
| 133 |
-
|
| 134 |
-
|
| 135 |
-
|
| 136 |
-
|
| 137 |
-
|
| 138 |
-
|
| 139 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 140 |
return;
|
| 141 |
}
|
| 142 |
-
|
| 143 |
-
|
| 144 |
-
{
|
| 145 |
-
$seller_paypal_email = get_option('cart_paypal_email');
|
| 146 |
-
if ($seller_paypal_email != $this->ipn_data['receiver_email']){
|
| 147 |
-
$error_msg .= 'Invalid Seller Paypal Email Address : '.$this->ipn_data['receiver_email'];
|
| 148 |
-
$this->debug_log($error_msg, false);
|
| 149 |
-
return;
|
| 150 |
-
}
|
| 151 |
-
else{
|
| 152 |
-
$this->debug_log('Seller Paypal Email Address is Valid: '.$this->ipn_data['receiver_email'],true);
|
| 153 |
-
}
|
| 154 |
}
|
| 155 |
-
|
| 156 |
-
|
| 157 |
-
|
|
|
|
|
|
|
|
|
|
| 158 |
{
|
| 159 |
-
|
| 160 |
-
|
| 161 |
-
$this->debug_log('This transaction has been already processed once. Transaction ID: '.$transaction_id, false);
|
| 162 |
-
return;
|
| 163 |
-
}
|
| 164 |
}
|
| 165 |
-
|
| 166 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 167 |
|
| 168 |
-
|
| 169 |
-
|
| 170 |
-
|
| 171 |
-
|
| 172 |
-
);
|
| 173 |
-
|
| 174 |
-
|
| 175 |
-
|
| 176 |
-
|
| 177 |
-
|
| 178 |
-
|
| 179 |
-
|
| 180 |
-
|
| 181 |
-
|
| 182 |
-
|
| 183 |
-
|
| 184 |
-
|
| 185 |
-
|
| 186 |
-
|
| 187 |
-
|
| 188 |
-
|
| 189 |
-
|
| 190 |
-
|
| 191 |
-
|
| 192 |
-
|
| 193 |
-
|
| 194 |
-
|
| 195 |
-
|
| 196 |
-
|
| 197 |
-
|
| 198 |
-
|
| 199 |
-
|
| 200 |
-
|
| 201 |
-
|
| 202 |
-
|
| 203 |
-
$shipping += $item['shipping'] * $item['quantity'];
|
| 204 |
-
}
|
| 205 |
-
$item_counter++;
|
| 206 |
}
|
| 207 |
-
|
| 208 |
-
|
| 209 |
-
$
|
| 210 |
-
|
| 211 |
-
|
| 212 |
-
$baseShipping = get_option('cart_base_shipping_cost');
|
| 213 |
-
$shipping = $shipping + $baseShipping;
|
| 214 |
-
$shipping = wpspsc_number_format_price($shipping);
|
| 215 |
-
}
|
| 216 |
-
update_post_meta( $post_id, 'wpsc_shipping_amount', $shipping);
|
| 217 |
-
$args = array();
|
| 218 |
-
$args['product_details'] = $product_details;
|
| 219 |
-
update_post_meta($post_id, 'wpspsc_items_ordered', $product_details);
|
| 220 |
-
$from_email = get_option('wpspc_buyer_from_email');
|
| 221 |
-
$subject = get_option('wpspc_buyer_email_subj');
|
| 222 |
-
$body = get_option('wpspc_buyer_email_body');
|
| 223 |
-
$args['email_body'] = $body;
|
| 224 |
-
$args['coupon_code'] = $applied_coupon_code;
|
| 225 |
-
$body = wpspc_apply_dynamic_tags_on_email_body($this->ipn_data, $args);
|
| 226 |
-
|
| 227 |
-
$this->debug_log('Applying filter - wspsc_buyer_notification_email_body', true);
|
| 228 |
-
$body = apply_filters('wspsc_buyer_notification_email_body', $body, $this->ipn_data, $cart_items);
|
| 229 |
-
|
| 230 |
-
$headers = 'From: '.$from_email . "\r\n";
|
| 231 |
-
if(!empty($buyer_email)){
|
| 232 |
-
$args['payer_email'] = $buyer_email;
|
| 233 |
-
if(get_option('wpspc_send_buyer_email'))
|
| 234 |
-
{
|
| 235 |
-
wp_mail($buyer_email, $subject, $body, $headers);
|
| 236 |
-
$this->debug_log('Product Email successfully sent to '.$buyer_email,true);
|
| 237 |
-
update_post_meta( $post_id, 'wpsc_buyer_email_sent', 'Email sent to: '.$buyer_email);
|
| 238 |
}
|
| 239 |
-
|
| 240 |
-
|
| 241 |
-
$seller_email_subject = get_option('wpspc_seller_email_subj');
|
| 242 |
-
$seller_email_body = get_option('wpspc_seller_email_body');
|
| 243 |
-
$args['email_body'] = $seller_email_body;
|
| 244 |
-
$args['order_id'] = $post_id;
|
| 245 |
-
$args['coupon_code'] = $applied_coupon_code;
|
| 246 |
-
$seller_email_body = wpspc_apply_dynamic_tags_on_email_body($this->ipn_data, $args);
|
| 247 |
-
|
| 248 |
-
$this->debug_log('Applying filter - wspsc_seller_notification_email_body', true);
|
| 249 |
-
$seller_email_body = apply_filters('wspsc_seller_notification_email_body', $seller_email_body, $this->ipn_data, $cart_items);
|
| 250 |
-
|
| 251 |
-
if(!empty($notify_email)){
|
| 252 |
-
if(get_option('wpspc_send_seller_email'))
|
| 253 |
-
{
|
| 254 |
-
wp_mail($notify_email, $seller_email_subject, $seller_email_body, $headers);
|
| 255 |
-
$this->debug_log('Notify Email successfully sent to '.$notify_email,true);
|
| 256 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 257 |
}
|
| 258 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 259 |
|
| 260 |
/**** Affiliate plugin integratin ****/
|
| 261 |
$this->debug_log('Updating Affiliate Database Table with Sales Data if Using the WP Affiliate Platform Plugin.',true);
|
| 102 |
|
| 103 |
$payment_currency = get_option('cart_payment_currency');
|
| 104 |
|
| 105 |
+
$individual_paid_item_total = 0;
|
| 106 |
foreach ($cart_items as $current_cart_item)
|
| 107 |
{
|
| 108 |
$cart_item_data_num = $current_cart_item['item_number'];
|
| 110 |
$cart_item_data_quantity = $current_cart_item['quantity'];
|
| 111 |
$cart_item_data_total = $current_cart_item['mc_gross'];
|
| 112 |
$cart_item_data_currency = $current_cart_item['mc_currency'];
|
| 113 |
+
$individual_paid_item_total += $cart_item_data_total;
|
| 114 |
|
| 115 |
$this->debug_log('Item Number: '.$cart_item_data_num,true);
|
| 116 |
$this->debug_log('Item Name: '.$cart_item_data_name,true);
|
| 118 |
$this->debug_log('Item Total: '.$cart_item_data_total,true);
|
| 119 |
$this->debug_log('Item Currency: '.$cart_item_data_currency,true);
|
| 120 |
|
| 121 |
+
// Compare the currency values to make sure it is correct.
|
| 122 |
if ($payment_currency != $cart_item_data_currency)
|
| 123 |
{
|
| 124 |
+
$this->debug_log('Invalid Product Currency : '.$payment_currency,false);
|
| 125 |
+
return false;
|
| 126 |
}
|
| 127 |
}
|
| 128 |
|
| 129 |
$post_id = $custom_values['wp_cart_id'];
|
| 130 |
+
$orig_cart_items = get_post_meta( $post_id, 'wpsc_cart_items', true );
|
| 131 |
$ip_address = $custom_values['ip'];
|
| 132 |
$applied_coupon_code = $custom_values['coupon_code'];
|
| 133 |
$currency_symbol = get_option('cart_currency_symbol');
|
| 134 |
$this->debug_log('custom values',true);
|
| 135 |
$this->debug_log_array($custom_values,true);
|
| 136 |
+
$this->debug_log('Order post id: '.$post_id,true);
|
| 137 |
+
|
| 138 |
+
//*** Do security checks ***
|
| 139 |
+
if(empty($post_id)){
|
| 140 |
+
$this->debug_log('Order ID '.$post_id.' does not exist in the IPN notification. This request will not be processed.', false);
|
| 141 |
+
return;
|
| 142 |
+
}
|
| 143 |
+
|
| 144 |
+
if(!get_post_status($post_id))
|
| 145 |
+
{
|
| 146 |
+
$this->debug_log('Order ID '.$post_id.' does not exist in the database. This is not a Simple PayPal Shopping Cart order', false);
|
| 147 |
+
return;
|
| 148 |
+
}
|
| 149 |
+
|
| 150 |
+
if (get_option('wp_shopping_cart_strict_email_check') != '')
|
| 151 |
+
{
|
| 152 |
+
$seller_paypal_email = get_option('cart_paypal_email');
|
| 153 |
+
if ($seller_paypal_email != $this->ipn_data['receiver_email']){
|
| 154 |
+
$error_msg .= 'Invalid Seller Paypal Email Address : '.$this->ipn_data['receiver_email'];
|
| 155 |
+
$this->debug_log($error_msg, false);
|
| 156 |
return;
|
| 157 |
}
|
| 158 |
+
else{
|
| 159 |
+
$this->debug_log('Seller Paypal Email Address is Valid: '.$this->ipn_data['receiver_email'],true);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 160 |
}
|
| 161 |
+
}
|
| 162 |
+
|
| 163 |
+
$transaction_id = get_post_meta( $post_id, 'wpsc_txn_id', true );
|
| 164 |
+
if(!empty($transaction_id))
|
| 165 |
+
{
|
| 166 |
+
if($transaction_id == $txn_id) //this transaction has been already processed once
|
| 167 |
{
|
| 168 |
+
$this->debug_log('This transaction has been already processed once. Transaction ID: '.$transaction_id, false);
|
| 169 |
+
return;
|
|
|
|
|
|
|
|
|
|
| 170 |
}
|
| 171 |
+
}
|
| 172 |
+
|
| 173 |
+
//Validate prices
|
| 174 |
+
$orig_individual_item_total = 0;
|
| 175 |
+
foreach ($orig_cart_items as $item){
|
| 176 |
+
$orig_individual_item_total += $item['price'] * $item['quantity'];
|
| 177 |
+
}
|
| 178 |
|
| 179 |
+
$orig_individual_item_total = round($orig_individual_item_total,2);
|
| 180 |
+
$individual_paid_item_total = round($individual_paid_item_total,2);
|
| 181 |
+
if($orig_individual_item_total < $individual_paid_item_total){
|
| 182 |
+
$this->debug_log('Error! Post payment price validation failed. The price amount may have been altered. This transaction will not be processed.', false);
|
| 183 |
+
$this->debug_log('Original total price: ' . $orig_individual_item_total . '. Paid total price: '.$individual_paid_item_total, false);
|
| 184 |
+
return;
|
| 185 |
+
}
|
| 186 |
+
//*** End of security check ***
|
| 187 |
+
|
| 188 |
+
$updated_wpsc_order = array(
|
| 189 |
+
'ID' => $post_id,
|
| 190 |
+
'post_status' => 'publish',
|
| 191 |
+
'post_type' => 'wpsc_cart_orders',
|
| 192 |
+
);
|
| 193 |
+
wp_update_post($updated_wpsc_order);
|
| 194 |
+
|
| 195 |
+
update_post_meta( $post_id, 'wpsc_first_name', $first_name );
|
| 196 |
+
update_post_meta( $post_id, 'wpsc_last_name', $last_name );
|
| 197 |
+
update_post_meta( $post_id, 'wpsc_email_address', $buyer_email );
|
| 198 |
+
update_post_meta( $post_id, 'wpsc_txn_id', $txn_id );
|
| 199 |
+
$mc_gross = $this->ipn_data['mc_gross'];
|
| 200 |
+
update_post_meta( $post_id, 'wpsc_total_amount', $mc_gross);
|
| 201 |
+
update_post_meta( $post_id, 'wpsc_ipaddress', $ip_address );
|
| 202 |
+
update_post_meta( $post_id, 'wpsc_address', $address );
|
| 203 |
+
update_post_meta( $post_id, 'wpspsc_phone', $phone );
|
| 204 |
+
$status = "Paid";
|
| 205 |
+
update_post_meta( $post_id, 'wpsc_order_status', $status );
|
| 206 |
+
update_post_meta( $post_id, 'wpsc_applied_coupon', $applied_coupon_code );
|
| 207 |
+
$product_details = "";
|
| 208 |
+
$item_counter = 1;
|
| 209 |
+
$shipping = "";
|
| 210 |
+
if($orig_cart_items){
|
| 211 |
+
foreach ($orig_cart_items as $item){
|
| 212 |
+
if($item_counter != 1){
|
| 213 |
+
$product_details .= "\n";
|
|
|
|
|
|
|
|
|
|
| 214 |
}
|
| 215 |
+
$item_total = $item['price'] * $item['quantity'];
|
| 216 |
+
$product_details .= $item['name']." x ".$item['quantity']." - ".$currency_symbol.wpspsc_number_format_price($item_total)."\n";
|
| 217 |
+
if($item['file_url']){
|
| 218 |
+
$file_url = base64_decode($item['file_url']);
|
| 219 |
+
$product_details .= "Download Link: ".$file_url."\n";
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 220 |
}
|
| 221 |
+
if(!empty($item['shipping'])){
|
| 222 |
+
$shipping += $item['shipping'] * $item['quantity'];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 223 |
}
|
| 224 |
+
$item_counter++;
|
| 225 |
+
}
|
| 226 |
+
}
|
| 227 |
+
if(empty($shipping)){
|
| 228 |
+
$shipping = "0.00";
|
| 229 |
+
}
|
| 230 |
+
else{
|
| 231 |
+
$baseShipping = get_option('cart_base_shipping_cost');
|
| 232 |
+
$shipping = $shipping + $baseShipping;
|
| 233 |
+
$shipping = wpspsc_number_format_price($shipping);
|
| 234 |
+
}
|
| 235 |
+
update_post_meta( $post_id, 'wpsc_shipping_amount', $shipping);
|
| 236 |
+
$args = array();
|
| 237 |
+
$args['product_details'] = $product_details;
|
| 238 |
+
update_post_meta($post_id, 'wpspsc_items_ordered', $product_details);
|
| 239 |
+
$from_email = get_option('wpspc_buyer_from_email');
|
| 240 |
+
$subject = get_option('wpspc_buyer_email_subj');
|
| 241 |
+
$body = get_option('wpspc_buyer_email_body');
|
| 242 |
+
$args['email_body'] = $body;
|
| 243 |
+
$args['coupon_code'] = $applied_coupon_code;
|
| 244 |
+
$body = wpspc_apply_dynamic_tags_on_email_body($this->ipn_data, $args);
|
| 245 |
+
|
| 246 |
+
$this->debug_log('Applying filter - wspsc_buyer_notification_email_body', true);
|
| 247 |
+
$body = apply_filters('wspsc_buyer_notification_email_body', $body, $this->ipn_data, $cart_items);
|
| 248 |
+
|
| 249 |
+
$headers = 'From: '.$from_email . "\r\n";
|
| 250 |
+
if(!empty($buyer_email)){
|
| 251 |
+
$args['payer_email'] = $buyer_email;
|
| 252 |
+
if(get_option('wpspc_send_buyer_email'))
|
| 253 |
+
{
|
| 254 |
+
wp_mail($buyer_email, $subject, $body, $headers);
|
| 255 |
+
$this->debug_log('Product Email successfully sent to '.$buyer_email,true);
|
| 256 |
+
update_post_meta( $post_id, 'wpsc_buyer_email_sent', 'Email sent to: '.$buyer_email);
|
| 257 |
}
|
| 258 |
}
|
| 259 |
+
$notify_email = get_option('wpspc_notify_email_address');
|
| 260 |
+
$seller_email_subject = get_option('wpspc_seller_email_subj');
|
| 261 |
+
$seller_email_body = get_option('wpspc_seller_email_body');
|
| 262 |
+
$args['email_body'] = $seller_email_body;
|
| 263 |
+
$args['order_id'] = $post_id;
|
| 264 |
+
$args['coupon_code'] = $applied_coupon_code;
|
| 265 |
+
$seller_email_body = wpspc_apply_dynamic_tags_on_email_body($this->ipn_data, $args);
|
| 266 |
+
|
| 267 |
+
$this->debug_log('Applying filter - wspsc_seller_notification_email_body', true);
|
| 268 |
+
$seller_email_body = apply_filters('wspsc_seller_notification_email_body', $seller_email_body, $this->ipn_data, $cart_items);
|
| 269 |
+
|
| 270 |
+
if(!empty($notify_email)){
|
| 271 |
+
if(get_option('wpspc_send_seller_email'))
|
| 272 |
+
{
|
| 273 |
+
wp_mail($notify_email, $seller_email_subject, $seller_email_body, $headers);
|
| 274 |
+
$this->debug_log('Notify Email successfully sent to '.$notify_email,true);
|
| 275 |
+
}
|
| 276 |
+
}
|
| 277 |
+
|
| 278 |
|
| 279 |
/**** Affiliate plugin integratin ****/
|
| 280 |
$this->debug_log('Updating Affiliate Database Table with Sales Data if Using the WP Affiliate Platform Plugin.',true);
|
readme.txt
CHANGED
|
@@ -3,8 +3,8 @@ Contributors: Tips and Tricks HQ, Ruhul Amin, wptipsntricks, mbrsolution
|
|
| 3 |
Donate link: https://www.tipsandtricks-hq.com
|
| 4 |
Tags: cart, shopping cart, WordPress shopping cart, Paypal shopping cart, sell, selling, sell products, online shop, shop, e-commerce, wordpress ecommerce, wordpress store, store, PayPal cart widget, sell digital products, sell service, digital downloads, paypal, paypal cart, e-shop, compact cart, coupon, discount
|
| 5 |
Requires at least: 3.0
|
| 6 |
-
Tested up to: 4.
|
| 7 |
-
Stable tag: 4.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Very easy to use Simple WordPress Paypal Shopping Cart Plugin. Great for selling products online in one click from your WordPress site.
|
|
@@ -177,6 +177,13 @@ None
|
|
| 177 |
|
| 178 |
== Changelog ==
|
| 179 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 180 |
= 4.0.8 =
|
| 181 |
- Added Turkish Language translation to the plugin. The Turkish translation file was submitted by Vural Pamir.
|
| 182 |
- WordPress 4.2 compatibility
|
| 3 |
Donate link: https://www.tipsandtricks-hq.com
|
| 4 |
Tags: cart, shopping cart, WordPress shopping cart, Paypal shopping cart, sell, selling, sell products, online shop, shop, e-commerce, wordpress ecommerce, wordpress store, store, PayPal cart widget, sell digital products, sell service, digital downloads, paypal, paypal cart, e-shop, compact cart, coupon, discount
|
| 5 |
Requires at least: 3.0
|
| 6 |
+
Tested up to: 4.3
|
| 7 |
+
Stable tag: 4.1.0
|
| 8 |
License: GPLv2 or later
|
| 9 |
|
| 10 |
Very easy to use Simple WordPress Paypal Shopping Cart Plugin. Great for selling products online in one click from your WordPress site.
|
| 177 |
|
| 178 |
== Changelog ==
|
| 179 |
|
| 180 |
+
= 4.1.0 =
|
| 181 |
+
- Removed "v" from the version number.
|
| 182 |
+
- Added robust price validation checks.
|
| 183 |
+
|
| 184 |
+
= 4.0.9 =
|
| 185 |
+
- Changed the input slug of "product" name to be more specific.
|
| 186 |
+
|
| 187 |
= 4.0.8 =
|
| 188 |
- Added Turkish Language translation to the plugin. The Turkish translation file was submitted by Vural Pamir.
|
| 189 |
- WordPress 4.2 compatibility
|
wp_shopping_cart.php
CHANGED
|
@@ -1,7 +1,7 @@
|
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: WP Simple Paypal Shopping cart
|
| 4 |
-
Version:
|
| 5 |
Plugin URI: https://www.tipsandtricks-hq.com/wordpress-simple-paypal-shopping-cart-plugin-768
|
| 6 |
Author: Tips and Tricks HQ, Ruhul Amin
|
| 7 |
Author URI: https://www.tipsandtricks-hq.com/
|
|
@@ -22,7 +22,7 @@ if (version_compare(PHP_VERSION, '5.4.0') >= 0) {
|
|
| 22 |
}
|
| 23 |
}
|
| 24 |
|
| 25 |
-
define('WP_CART_VERSION', '4.0
|
| 26 |
define('WP_CART_FOLDER', dirname(plugin_basename(__FILE__)));
|
| 27 |
define('WP_CART_PATH', plugin_dir_path(__FILE__));
|
| 28 |
define('WP_CART_URL', plugins_url('', __FILE__));
|
|
@@ -112,10 +112,18 @@ function wpspc_cart_actions_handler() {
|
|
| 112 |
}
|
| 113 |
|
| 114 |
//sanitize data
|
| 115 |
-
$_POST['
|
| 116 |
$_POST['item_number'] = strip_tags($_POST['item_number']);
|
| 117 |
-
if (isset($_POST['price']))
|
| 118 |
$_POST['price'] = strip_tags($_POST['price']);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 119 |
isset($_POST['shipping']) ? $_POST['shipping'] = strip_tags($_POST['shipping']) : $_POST['shipping'] = '';
|
| 120 |
isset($_POST['cartLink']) ? $_POST['cartLink'] = strip_tags($_POST['cartLink']) : $_POST['cartLink'] = '';
|
| 121 |
isset($_POST['stamp_pdf']) ? $_POST['stamp_pdf'] = strip_tags($_POST['stamp_pdf']) : $_POST['stamp_pdf'] = '';
|
|
@@ -126,7 +134,7 @@ function wpspc_cart_actions_handler() {
|
|
| 126 |
$products = $_SESSION['simpleCart'];
|
| 127 |
if (is_array($products)) {
|
| 128 |
foreach ($products as $key => $item) {
|
| 129 |
-
if ($item['name'] == stripslashes($_POST['
|
| 130 |
$count += $item['quantity'];
|
| 131 |
$item['quantity']++;
|
| 132 |
unset($products[$key]);
|
|
@@ -139,8 +147,8 @@ function wpspc_cart_actions_handler() {
|
|
| 139 |
}
|
| 140 |
|
| 141 |
if ($count == 1) {
|
| 142 |
-
if (!empty($_POST[$_POST['
|
| 143 |
-
$price = $_POST[$_POST['
|
| 144 |
} else {
|
| 145 |
$price = $_POST['price'];
|
| 146 |
}
|
|
@@ -151,7 +159,7 @@ function wpspc_cart_actions_handler() {
|
|
| 151 |
$shipping = $_POST['shipping'];
|
| 152 |
$shipping = str_replace($default_cur_symbol, "", $shipping);
|
| 153 |
|
| 154 |
-
$product = array('name' => stripslashes($_POST['
|
| 155 |
if (isset($_POST['file_url']) && !empty($_POST['file_url'])) {
|
| 156 |
$file_url = strip_tags($_POST['file_url']);
|
| 157 |
$product['file_url'] = $file_url;
|
|
@@ -197,11 +205,11 @@ function wpspc_cart_actions_handler() {
|
|
| 197 |
} else if (isset($_POST['cquantity'])) {
|
| 198 |
$products = $_SESSION['simpleCart'];
|
| 199 |
foreach ($products as $key => $item) {
|
| 200 |
-
if ((stripslashes($item['name']) == stripslashes($_POST['
|
| 201 |
$item['quantity'] = $_POST['quantity'];
|
| 202 |
unset($products[$key]);
|
| 203 |
array_push($products, $item);
|
| 204 |
-
} else if (($item['name'] == stripslashes($_POST['
|
| 205 |
unset($products[$key]);
|
| 206 |
}
|
| 207 |
}
|
|
@@ -216,7 +224,7 @@ function wpspc_cart_actions_handler() {
|
|
| 216 |
} else if (isset($_POST['delcart'])) {
|
| 217 |
$products = $_SESSION['simpleCart'];
|
| 218 |
foreach ($products as $key => $item) {
|
| 219 |
-
if ($item['name'] == stripslashes($_POST['
|
| 220 |
unset($products[$key]);
|
| 221 |
}
|
| 222 |
$_SESSION['simpleCart'] = $products;
|
|
@@ -356,12 +364,21 @@ function print_wp_cart_button_new($content) {
|
|
| 356 |
$replacement .= '<input type="submit" value="' . $addcart . '" />';
|
| 357 |
}
|
| 358 |
|
| 359 |
-
$replacement .= '<input type="hidden" name="
|
| 360 |
$replacement .= '<input type="hidden" name="product_tmp" value="' . $pieces['0'] . '" />';
|
| 361 |
if (sizeof($pieces) > 2) {
|
| 362 |
//we have shipping
|
| 363 |
$replacement .= '<input type="hidden" name="shipping" value="' . $pieces['2'] . '" />';
|
| 364 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 365 |
$replacement .= '<input type="hidden" name="cartLink" value="' . cart_current_page_url() . '" />';
|
| 366 |
$replacement .= '<input type="hidden" name="addcart" value="1" /></form>';
|
| 367 |
$replacement .= '</div>';
|
|
@@ -399,7 +416,7 @@ function wp_cart_add_read_form_javascript() {
|
|
| 399 |
}
|
| 400 |
// Now summarize everything we have processed above
|
| 401 |
val_total = obj1.product_tmp.value + val_combo;
|
| 402 |
-
obj1.
|
| 403 |
}
|
| 404 |
//-->
|
| 405 |
</script>';
|
|
@@ -460,7 +477,7 @@ function print_wp_cart_button_for_product($name, $price, $shipping = 0, $var1 =
|
|
| 460 |
}
|
| 461 |
}
|
| 462 |
|
| 463 |
-
$replacement .= '<input type="hidden" name="
|
| 464 |
$replacement .= '<input type="hidden" name="product_tmp" value="' . $name . '" />';
|
| 465 |
isset($atts['item_number']) ? $item_num = $atts['item_number'] : $item_num = '';
|
| 466 |
$replacement .= '<input type="hidden" name="item_number" value="' . $item_num . '" />';
|
|
@@ -476,6 +493,15 @@ function print_wp_cart_button_for_product($name, $price, $shipping = 0, $var1 =
|
|
| 476 |
if (isset($atts['stamp_pdf'])) {
|
| 477 |
$replacement .= '<input type="hidden" name="stamp_pdf" value="' . $atts['stamp_pdf'] . '" />';
|
| 478 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 479 |
$replacement .= '</form>';
|
| 480 |
$replacement .= '</div>';
|
| 481 |
return $replacement;
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: WP Simple Paypal Shopping cart
|
| 4 |
+
Version: 4.1.0
|
| 5 |
Plugin URI: https://www.tipsandtricks-hq.com/wordpress-simple-paypal-shopping-cart-plugin-768
|
| 6 |
Author: Tips and Tricks HQ, Ruhul Amin
|
| 7 |
Author URI: https://www.tipsandtricks-hq.com/
|
| 22 |
}
|
| 23 |
}
|
| 24 |
|
| 25 |
+
define('WP_CART_VERSION', '4.1.0');
|
| 26 |
define('WP_CART_FOLDER', dirname(plugin_basename(__FILE__)));
|
| 27 |
define('WP_CART_PATH', plugin_dir_path(__FILE__));
|
| 28 |
define('WP_CART_URL', plugins_url('', __FILE__));
|
| 112 |
}
|
| 113 |
|
| 114 |
//sanitize data
|
| 115 |
+
$_POST['wspsc_product'] = strip_tags($_POST['wspsc_product']); //for PHP5.2 use filter_var($_POST['wspsc_product'], FILTER_SANITIZE_STRING);
|
| 116 |
$_POST['item_number'] = strip_tags($_POST['item_number']);
|
| 117 |
+
if (isset($_POST['price'])){
|
| 118 |
$_POST['price'] = strip_tags($_POST['price']);
|
| 119 |
+
//Validate price
|
| 120 |
+
$hash_once_p = strip_tags($_POST['hash_one']);
|
| 121 |
+
$p_key = get_option('wspsc_private_key_one');
|
| 122 |
+
$hash_one_cm = md5($p_key.'|'.$_POST['price']);
|
| 123 |
+
if($hash_once_p != $hash_one_cm){//Validation failed
|
| 124 |
+
wp_die('Error! The price validation failed.');
|
| 125 |
+
}
|
| 126 |
+
}
|
| 127 |
isset($_POST['shipping']) ? $_POST['shipping'] = strip_tags($_POST['shipping']) : $_POST['shipping'] = '';
|
| 128 |
isset($_POST['cartLink']) ? $_POST['cartLink'] = strip_tags($_POST['cartLink']) : $_POST['cartLink'] = '';
|
| 129 |
isset($_POST['stamp_pdf']) ? $_POST['stamp_pdf'] = strip_tags($_POST['stamp_pdf']) : $_POST['stamp_pdf'] = '';
|
| 134 |
$products = $_SESSION['simpleCart'];
|
| 135 |
if (is_array($products)) {
|
| 136 |
foreach ($products as $key => $item) {
|
| 137 |
+
if ($item['name'] == stripslashes($_POST['wspsc_product'])) {
|
| 138 |
$count += $item['quantity'];
|
| 139 |
$item['quantity']++;
|
| 140 |
unset($products[$key]);
|
| 147 |
}
|
| 148 |
|
| 149 |
if ($count == 1) {
|
| 150 |
+
if (!empty($_POST[$_POST['wspsc_product']])) {
|
| 151 |
+
$price = $_POST[$_POST['wspsc_product']];
|
| 152 |
} else {
|
| 153 |
$price = $_POST['price'];
|
| 154 |
}
|
| 159 |
$shipping = $_POST['shipping'];
|
| 160 |
$shipping = str_replace($default_cur_symbol, "", $shipping);
|
| 161 |
|
| 162 |
+
$product = array('name' => stripslashes($_POST['wspsc_product']), 'price' => $price, 'price_orig' => $price, 'quantity' => $count, 'shipping' => $shipping, 'cartLink' => $_POST['cartLink'], 'item_number' => $_POST['item_number']);
|
| 163 |
if (isset($_POST['file_url']) && !empty($_POST['file_url'])) {
|
| 164 |
$file_url = strip_tags($_POST['file_url']);
|
| 165 |
$product['file_url'] = $file_url;
|
| 205 |
} else if (isset($_POST['cquantity'])) {
|
| 206 |
$products = $_SESSION['simpleCart'];
|
| 207 |
foreach ($products as $key => $item) {
|
| 208 |
+
if ((stripslashes($item['name']) == stripslashes($_POST['wspsc_product'])) && $_POST['quantity']) {
|
| 209 |
$item['quantity'] = $_POST['quantity'];
|
| 210 |
unset($products[$key]);
|
| 211 |
array_push($products, $item);
|
| 212 |
+
} else if (($item['name'] == stripslashes($_POST['wspsc_product'])) && !$_POST['quantity']) {
|
| 213 |
unset($products[$key]);
|
| 214 |
}
|
| 215 |
}
|
| 224 |
} else if (isset($_POST['delcart'])) {
|
| 225 |
$products = $_SESSION['simpleCart'];
|
| 226 |
foreach ($products as $key => $item) {
|
| 227 |
+
if ($item['name'] == stripslashes($_POST['wspsc_product']))
|
| 228 |
unset($products[$key]);
|
| 229 |
}
|
| 230 |
$_SESSION['simpleCart'] = $products;
|
| 364 |
$replacement .= '<input type="submit" value="' . $addcart . '" />';
|
| 365 |
}
|
| 366 |
|
| 367 |
+
$replacement .= '<input type="hidden" name="wspsc_product" value="' . $pieces['0'] . '" /><input type="hidden" name="price" value="' . $pieces['1'] . '" />';
|
| 368 |
$replacement .= '<input type="hidden" name="product_tmp" value="' . $pieces['0'] . '" />';
|
| 369 |
if (sizeof($pieces) > 2) {
|
| 370 |
//we have shipping
|
| 371 |
$replacement .= '<input type="hidden" name="shipping" value="' . $pieces['2'] . '" />';
|
| 372 |
}
|
| 373 |
+
|
| 374 |
+
$p_key = get_option('wspsc_private_key_one');
|
| 375 |
+
if(empty($p_key)){
|
| 376 |
+
$p_key = uniqid();
|
| 377 |
+
update_option('wspsc_private_key_one',$p_key);
|
| 378 |
+
}
|
| 379 |
+
$hash_one = md5($p_key.'|'.$pieces['1']);
|
| 380 |
+
$replacement .= '<input type="hidden" name="hash_one" value="' . $hash_one . '" />';
|
| 381 |
+
|
| 382 |
$replacement .= '<input type="hidden" name="cartLink" value="' . cart_current_page_url() . '" />';
|
| 383 |
$replacement .= '<input type="hidden" name="addcart" value="1" /></form>';
|
| 384 |
$replacement .= '</div>';
|
| 416 |
}
|
| 417 |
// Now summarize everything we have processed above
|
| 418 |
val_total = obj1.product_tmp.value + val_combo;
|
| 419 |
+
obj1.wspsc_product.value = val_total;
|
| 420 |
}
|
| 421 |
//-->
|
| 422 |
</script>';
|
| 477 |
}
|
| 478 |
}
|
| 479 |
|
| 480 |
+
$replacement .= '<input type="hidden" name="wspsc_product" value="' . $name . '" /><input type="hidden" name="price" value="' . $price . '" /><input type="hidden" name="shipping" value="' . $shipping . '" /><input type="hidden" name="addcart" value="1" /><input type="hidden" name="cartLink" value="' . cart_current_page_url() . '" />';
|
| 481 |
$replacement .= '<input type="hidden" name="product_tmp" value="' . $name . '" />';
|
| 482 |
isset($atts['item_number']) ? $item_num = $atts['item_number'] : $item_num = '';
|
| 483 |
$replacement .= '<input type="hidden" name="item_number" value="' . $item_num . '" />';
|
| 493 |
if (isset($atts['stamp_pdf'])) {
|
| 494 |
$replacement .= '<input type="hidden" name="stamp_pdf" value="' . $atts['stamp_pdf'] . '" />';
|
| 495 |
}
|
| 496 |
+
|
| 497 |
+
$p_key = get_option('wspsc_private_key_one');
|
| 498 |
+
if(empty($p_key)){
|
| 499 |
+
$p_key = uniqid();
|
| 500 |
+
update_option('wspsc_private_key_one',$p_key);
|
| 501 |
+
}
|
| 502 |
+
$hash_one = md5($p_key.'|'.$price);
|
| 503 |
+
$replacement .= '<input type="hidden" name="hash_one" value="' . $hash_one . '" />';
|
| 504 |
+
|
| 505 |
$replacement .= '</form>';
|
| 506 |
$replacement .= '</div>';
|
| 507 |
return $replacement;
|
wp_shopping_cart_misc_functions.php
CHANGED
|
@@ -191,6 +191,10 @@ function wpspc_run_activation()
|
|
| 191 |
$seller_email_body .= "\n\nThe sale was made to {first_name} {last_name} ({payer_email})";
|
| 192 |
$seller_email_body .= "\n\nThanks";
|
| 193 |
add_option('wpspc_seller_email_body', $seller_email_body);
|
|
|
|
|
|
|
|
|
|
|
|
|
| 194 |
}
|
| 195 |
|
| 196 |
function wpspsc_settings_menu_footer()
|
| 191 |
$seller_email_body .= "\n\nThe sale was made to {first_name} {last_name} ({payer_email})";
|
| 192 |
$seller_email_body .= "\n\nThanks";
|
| 193 |
add_option('wpspc_seller_email_body', $seller_email_body);
|
| 194 |
+
|
| 195 |
+
//Generate and save a private key for this site
|
| 196 |
+
$unique_id = uniqid();
|
| 197 |
+
add_option('wspsc_private_key_one',$unique_id);
|
| 198 |
}
|
| 199 |
|
| 200 |
function wpspsc_settings_menu_footer()
|
