2012-12-31 18:25:09 +00:00
< ? php
/**
2015-11-03 13:53:50 +00:00
* My Account Shortcodes
2012-12-31 18:25:09 +00:00
*
* Shows the 'my account' section where the customer can view past orders and update their information .
*
* @ author WooThemes
* @ category Shortcodes
* @ package WooCommerce / Shortcodes / My_Account
* @ version 2.0 . 0
*/
class WC_Shortcode_My_Account {
/**
* Get the shortcode content .
*
* @ param array $atts
* @ return string
*/
public static function get ( $atts ) {
2013-08-09 16:11:15 +00:00
return WC_Shortcodes :: shortcode_wrapper ( array ( __CLASS__ , 'output' ), $atts );
2012-12-31 18:25:09 +00:00
}
/**
* Output the shortcode .
*
* @ param array $atts
*/
public static function output ( $atts ) {
2014-06-08 20:33:11 +00:00
global $wp ;
2012-12-31 18:25:09 +00:00
2014-02-26 15:27:26 +00:00
// Check cart class is loaded or abort
if ( is_null ( WC () -> cart ) ) {
return ;
}
2012-12-31 18:25:09 +00:00
if ( ! is_user_logged_in () ) {
2013-12-31 12:38:33 +00:00
$message = apply_filters ( 'woocommerce_my_account_message' , '' );
2013-07-30 12:38:45 +00:00
2014-04-23 10:35:43 +00:00
if ( ! empty ( $message ) ) {
2013-11-13 04:32:29 +00:00
wc_add_notice ( $message );
2014-04-23 10:35:43 +00:00
}
2013-07-30 12:38:45 +00:00
2013-07-23 16:05:01 +00:00
if ( isset ( $wp -> query_vars [ 'lost-password' ] ) ) {
self :: lost_password ();
} else {
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/form-login.php' );
2013-07-23 16:05:01 +00:00
}
2016-02-19 17:14:23 +00:00
} else {
// See if showing an account endpoint
2016-01-14 20:35:31 +00:00
foreach ( $wp -> query_vars as $key => $value ) {
// Ignore pagename param.
if ( 'pagename' === $key ) {
continue ;
}
2016-02-19 17:14:23 +00:00
if ( has_action ( 'woocommerce_account_' . $key . '_endpoint' ) ) {
do_action ( 'woocommerce_account_' . $key . '_endpoint' , $value );
return ;
}
2013-06-04 16:33:43 +00:00
}
2016-02-19 17:14:23 +00:00
// No endpoint? Show main account page.
self :: my_account ( $atts );
2012-12-31 18:25:09 +00:00
}
}
2013-06-04 16:33:43 +00:00
/**
2015-11-03 13:31:20 +00:00
* My account page .
2013-06-04 16:33:43 +00:00
*
2016-01-14 20:35:31 +00:00
* @ param array $atts
2013-06-04 16:33:43 +00:00
*/
2013-11-19 16:26:18 +00:00
private static function my_account ( $atts ) {
2013-06-04 16:33:43 +00:00
extract ( shortcode_atts ( array (
2016-01-19 21:02:26 +00:00
'order_count' => 15 // @deprecated 2.6.0. Keep for backward compatibility.
2013-06-04 16:33:43 +00:00
), $atts ) );
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/my-account.php' , array (
2016-01-19 21:02:26 +00:00
'current_user' => get_user_by ( 'id' , get_current_user_id () ),
'order_count' => 'all' == $order_count ? - 1 : $order_count
2013-06-04 16:33:43 +00:00
) );
}
/**
2015-11-03 13:31:20 +00:00
* View order page .
2013-06-04 16:33:43 +00:00
*
2016-01-14 20:35:31 +00:00
* @ param int $order_id
2013-06-04 16:33:43 +00:00
*/
2016-01-14 20:35:31 +00:00
public static function view_order ( $order_id ) {
2013-06-04 16:33:43 +00:00
2016-01-14 20:35:31 +00:00
$user_id = get_current_user_id ();
$order = wc_get_order ( $order_id );
2013-06-04 16:33:43 +00:00
2014-02-17 09:44:45 +00:00
if ( ! current_user_can ( 'view_order' , $order_id ) ) {
2015-02-15 19:13:22 +00:00
echo '<div class="woocommerce-error">' . __ ( 'Invalid order.' , 'woocommerce' ) . ' <a href="' . wc_get_page_permalink ( 'myaccount' ) . '" class="wc-forward">' . __ ( 'My Account' , 'woocommerce' ) . '</a>' . '</div>' ;
2013-06-04 16:33:43 +00:00
return ;
}
2014-05-30 16:43:21 +00:00
// Backwards compatibility
$status = new stdClass ();
$status -> name = wc_get_order_status_name ( $order -> get_status () );
2014-02-17 09:44:45 +00:00
wc_get_template ( 'myaccount/view-order.php' , array (
2014-05-30 16:43:21 +00:00
'status' => $status , // @deprecated 2.2
2014-08-15 12:29:21 +00:00
'order' => wc_get_order ( $order_id ),
2014-02-17 09:44:45 +00:00
'order_id' => $order_id
) );
2013-06-04 16:33:43 +00:00
}
2013-06-05 11:07:23 +00:00
/**
2015-11-03 13:31:20 +00:00
* Edit account details page .
2013-06-05 11:07:23 +00:00
*/
2016-01-14 20:35:31 +00:00
public static function edit_account () {
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/form-edit-account.php' , array ( 'user' => get_user_by ( 'id' , get_current_user_id () ) ) );
2013-06-05 11:07:23 +00:00
}
2013-07-23 16:05:01 +00:00
/**
* Edit address page .
*
* @ param string $load_address
*/
2016-01-14 20:35:31 +00:00
public static function edit_address ( $load_address = 'billing' ) {
2016-01-18 14:41:58 +00:00
$current_user = wp_get_current_user ();
2013-09-10 13:04:07 +00:00
$load_address = sanitize_key ( $load_address );
2013-07-23 16:05:01 +00:00
2013-11-25 14:01:32 +00:00
$address = WC () -> countries -> get_address_fields ( get_user_meta ( get_current_user_id (), $load_address . '_country' , true ), $load_address . '_' );
2013-07-23 16:05:01 +00:00
2013-12-27 12:20:51 +00:00
// Enqueue scripts
wp_enqueue_script ( 'wc-country-select' );
2014-01-08 14:38:17 +00:00
wp_enqueue_script ( 'wc-address-i18n' );
2013-12-27 12:20:51 +00:00
2013-09-19 13:39:49 +00:00
// Prepare values
foreach ( $address as $key => $field ) {
$value = get_user_meta ( get_current_user_id (), $key , true );
if ( ! $value ) {
switch ( $key ) {
case 'billing_email' :
case 'shipping_email' :
$value = $current_user -> user_email ;
break ;
case 'billing_country' :
case 'shipping_country' :
2013-11-25 14:01:32 +00:00
$value = WC () -> countries -> get_base_country ();
2013-09-19 13:39:49 +00:00
break ;
case 'billing_state' :
case 'shipping_state' :
2013-11-25 14:01:32 +00:00
$value = WC () -> countries -> get_base_state ();
2013-09-19 13:39:49 +00:00
break ;
}
}
$address [ $key ][ 'value' ] = apply_filters ( 'woocommerce_my_account_edit_address_field_value' , $value , $key , $load_address );
}
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/form-edit-address.php' , array (
2013-07-23 16:05:01 +00:00
'load_address' => $load_address ,
2013-09-04 13:52:36 +00:00
'address' => apply_filters ( 'woocommerce_address_to_edit' , $address )
2013-07-23 16:05:01 +00:00
) );
}
/**
2015-11-03 13:31:20 +00:00
* Lost password page .
2013-07-23 16:05:01 +00:00
*/
public static function lost_password () {
// arguments to pass to template
$args = array ( 'form' => 'lost_password' );
// process reset key / login from email confirmation link
2014-02-26 13:13:53 +00:00
if ( isset ( $_GET [ 'key' ] ) && isset ( $_GET [ 'login' ] ) ) {
2013-07-23 16:05:01 +00:00
$user = self :: check_password_reset_key ( $_GET [ 'key' ], $_GET [ 'login' ] );
// reset key / login is correct, display reset password form with hidden key / login values
2016-02-19 17:14:23 +00:00
if ( is_object ( $user ) ) {
$args [ 'form' ] = 'reset_password' ;
$args [ 'key' ] = esc_attr ( $_GET [ 'key' ] );
2013-07-23 16:05:01 +00:00
$args [ 'login' ] = esc_attr ( $_GET [ 'login' ] );
}
2014-02-26 13:13:53 +00:00
} elseif ( isset ( $_GET [ 'reset' ] ) ) {
2015-02-15 19:13:22 +00:00
wc_add_notice ( __ ( 'Your password has been reset.' , 'woocommerce' ) . ' <a href="' . wc_get_page_permalink ( 'myaccount' ) . '">' . __ ( 'Log in' , 'woocommerce' ) . '</a>' );
2013-07-23 16:05:01 +00:00
}
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/form-lost-password.php' , $args );
2013-07-23 16:05:01 +00:00
}
/**
* Handles sending password retrieval email to customer .
*
2015-11-03 13:31:20 +00:00
* Based on retrieve_password () in core wp - login . php .
2014-08-19 09:43:48 +00:00
*
2013-07-23 16:05:01 +00:00
* @ uses $wpdb WordPress Database object
* @ return bool True : when finish . False : on error
*/
public static function retrieve_password () {
2014-08-19 09:43:48 +00:00
global $wpdb , $wp_hasher ;
2013-07-23 16:05:01 +00:00
2015-09-07 22:08:32 +00:00
$login = trim ( $_POST [ 'user_login' ] );
if ( empty ( $login ) ) {
2013-07-23 16:05:01 +00:00
2013-11-13 04:29:03 +00:00
wc_add_notice ( __ ( 'Enter a username or e-mail address.' , 'woocommerce' ), 'error' );
2014-11-07 04:08:48 +00:00
return false ;
2013-07-23 16:05:01 +00:00
} else {
2014-08-08 06:07:11 +00:00
// Check on username first, as customers can use emails as usernames.
2014-02-25 11:40:49 +00:00
$user_data = get_user_by ( 'login' , $login );
2013-07-23 16:05:01 +00:00
}
2014-11-07 04:08:48 +00:00
// If no user found, check if it login is email and lookup user based on email.
2015-09-07 22:08:32 +00:00
if ( ! $user_data && is_email ( $login ) && apply_filters ( 'woocommerce_get_username_from_email' , true ) ) {
$user_data = get_user_by ( 'email' , $login );
2014-08-08 06:07:11 +00:00
}
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
do_action ( 'lostpassword_post' );
2013-07-23 16:05:01 +00:00
if ( ! $user_data ) {
2013-11-13 04:29:03 +00:00
wc_add_notice ( __ ( 'Invalid username or e-mail.' , 'woocommerce' ), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
}
2015-02-15 19:02:27 +00:00
if ( is_multisite () && ! is_user_member_of_blog ( $user_data -> ID , get_current_blog_id () ) ) {
2015-01-06 14:08:43 +00:00
wc_add_notice ( __ ( 'Invalid username or e-mail.' , 'woocommerce' ), 'error' );
return false ;
}
2013-07-23 16:05:01 +00:00
// redefining user_login ensures we return the right case in the email
$user_login = $user_data -> user_login ;
2014-08-08 06:07:11 +00:00
do_action ( 'retrieve_password' , $user_login );
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
$allow = apply_filters ( 'allow_password_reset' , true , $user_data -> ID );
2013-07-23 16:05:01 +00:00
if ( ! $allow ) {
2014-02-17 13:14:41 +00:00
wc_add_notice ( __ ( 'Password reset is not allowed for this user' , 'woocommerce' ), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
} elseif ( is_wp_error ( $allow ) ) {
2014-09-12 12:36:17 +00:00
wc_add_notice ( $allow -> get_error_message (), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
}
2014-08-19 09:43:48 +00:00
$key = wp_generate_password ( 20 , false );
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
do_action ( 'retrieve_password_key' , $user_login , $key );
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
// Now insert the key, hashed, into the DB.
if ( empty ( $wp_hasher ) ) {
require_once ABSPATH . 'wp-includes/class-phpass.php' ;
$wp_hasher = new PasswordHash ( 8 , true );
}
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
$hashed = $wp_hasher -> HashPassword ( $key );
2013-07-23 16:05:01 +00:00
2014-08-19 09:43:48 +00:00
$wpdb -> update ( $wpdb -> users , array ( 'user_activation_key' => $hashed ), array ( 'user_login' => $user_login ) );
2013-07-23 16:05:01 +00:00
// Send email notification
2014-12-16 12:10:25 +00:00
WC () -> mailer (); // load email classes
2013-07-23 16:05:01 +00:00
do_action ( 'woocommerce_reset_password_notification' , $user_login , $key );
2014-02-17 13:14:41 +00:00
wc_add_notice ( __ ( 'Check your e-mail for the confirmation link.' , 'woocommerce' ) );
2013-07-23 16:05:01 +00:00
return true ;
}
/**
2015-11-03 13:31:20 +00:00
* Retrieves a user row based on password reset key and login .
2013-07-23 16:05:01 +00:00
*
* @ uses $wpdb WordPress Database object
*
* @ param string $key Hash to validate sending user ' s password
* @ param string $login The user login
2015-01-19 10:53:33 +00:00
* @ return WP_USER | bool User ' s database row on success , false for invalid keys
2013-07-23 16:05:01 +00:00
*/
public static function check_password_reset_key ( $key , $login ) {
2014-09-12 13:03:39 +00:00
global $wpdb , $wp_hasher ;
2013-07-23 16:05:01 +00:00
$key = preg_replace ( '/[^a-z0-9]/i' , '' , $key );
if ( empty ( $key ) || ! is_string ( $key ) ) {
2013-11-13 04:29:03 +00:00
wc_add_notice ( __ ( 'Invalid key' , 'woocommerce' ), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
}
if ( empty ( $login ) || ! is_string ( $login ) ) {
2013-11-13 04:29:03 +00:00
wc_add_notice ( __ ( 'Invalid key' , 'woocommerce' ), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
}
2014-09-12 13:03:39 +00:00
$user = $wpdb -> get_row ( $wpdb -> prepare ( " SELECT * FROM $wpdb->users WHERE user_login = %s " , $login ) );
2014-09-12 13:18:11 +00:00
if ( ! empty ( $user ) ) {
2014-09-12 13:03:39 +00:00
if ( empty ( $wp_hasher ) ) {
require_once ABSPATH . 'wp-includes/class-phpass.php' ;
$wp_hasher = new PasswordHash ( 8 , true );
}
2014-09-12 13:18:11 +00:00
$valid = $wp_hasher -> CheckPassword ( $key , $user -> user_activation_key );
2014-09-12 13:03:39 +00:00
}
2013-07-23 16:05:01 +00:00
2014-09-15 13:57:46 +00:00
if ( empty ( $user ) || empty ( $valid ) ) {
2013-11-13 04:29:03 +00:00
wc_add_notice ( __ ( 'Invalid key' , 'woocommerce' ), 'error' );
2013-07-23 16:05:01 +00:00
return false ;
}
2015-01-19 10:53:33 +00:00
return get_userdata ( $user -> ID );
2013-07-23 16:05:01 +00:00
}
/**
* Handles resetting the user ' s password .
*
* @ param object $user The user
* @ param string $new_pass New password for the user in plaintext
*/
public static function reset_password ( $user , $new_pass ) {
do_action ( 'password_reset' , $user , $new_pass );
wp_set_password ( $new_pass , $user -> ID );
wp_password_change_notification ( $user );
}
2013-11-05 21:02:13 +00:00
/**
2015-11-03 13:31:20 +00:00
* Show the add payment method page .
2013-11-05 21:02:13 +00:00
*/
2016-01-14 20:35:31 +00:00
public static function add_payment_method () {
2013-11-05 21:02:13 +00:00
if ( ! is_user_logged_in () ) {
2015-02-15 19:13:22 +00:00
wp_safe_redirect ( wc_get_page_permalink ( 'myaccount' ) );
2013-11-05 21:02:13 +00:00
exit ();
} else {
do_action ( 'before_woocommerce_add_payment_method' );
2013-12-30 14:29:13 +00:00
wc_print_notices ();
2013-11-05 21:02:13 +00:00
2013-11-25 12:45:04 +00:00
wc_get_template ( 'myaccount/form-add-payment-method.php' );
2013-11-05 21:02:13 +00:00
do_action ( 'after_woocommerce_add_payment_method' );
}
}
2016-02-09 20:19:34 +00:00
/**
* Deletes a payment method from a users list and displays a message to the user
*
* @ since 2.6
* @ param int $id Payment Token ID
*/
private static function delete_payment_method ( $id ) {
$token = WC_Payment_Tokens :: get ( $id );
if ( is_null ( $token ) ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
if ( get_current_user_id () !== $token -> get_user_id () ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
if ( false === wp_verify_nonce ( $_REQUEST [ '_wpnonce' ], 'delete-payment-method-' . $id ) ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
WC_Payment_Tokens :: delete ( $id );
}
/**
* Sets a payment method as default and displays a message to the user
*
* @ since 2.6
* @ param int $id Payment Token ID
*/
private static function set_default_payment_method ( $id ) {
$token = WC_Payment_Tokens :: get ( $id );
if ( is_null ( $token ) ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
if ( get_current_user_id () !== $token -> get_user_id () ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
if ( false === wp_verify_nonce ( $_REQUEST [ '_wpnonce' ], 'set-default-payment-method-' . $id ) ) {
wc_add_notice ( __ ( 'Invalid payment method' , 'woocommerce' ), 'error' );
return false ;
}
WC_Payment_Tokens :: set_users_default ( $token -> get_user_id (), $id );
}
2013-11-19 16:26:18 +00:00
}