PageRenderTime 47ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/index.php

https://gitlab.com/Blueprint-Marketing/helpscout-edd
PHP | 191 lines | 115 code | 33 blank | 43 comment | 19 complexity | ae1cc296cde54736d970c69dddb2f913 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * HelpScout EDD integration.
    4. 

  4.  *
    5. 

  5.  * This code is based in large part on an example provided by HelpScout and then modified for Easy Digital Downloads and WP.
    6. 

  6.  */
    7. 

  7. 

  8. // We use core, so we include it.
    9. 

  9. require '../wp-load.php';
    10. 

  10. 

  11. // Require the settings file for the secret key
    12. 

  12. require './settings.php';
    13. 

  13. 

  14. class PluginHandler {
    15. 

  15. 	private $input = false;
    16. 

  16. 

  17. 	/**
    18. 

  18. 	 * Returns the requested HTTP header.
    19. 

  19. 	 *
    20. 

  20. 	 * @param string $header
    21. 

  21. 	 * @return bool|string
    22. 

  22. 	 */
    23. 

  23. 	private function getHeader( $header ) {
    24. 

  24. 		if ( isset( $_SERVER[$header] ) ) {
    25. 

  25. 			return $_SERVER[$header];
    26. 

  26. 		}
    27. 

  27. 		return false;
    28. 

  28. 	}
    29. 

  29. 

  30. 	/**
    31. 

  31. 	 * Retrieve the JSON input
    32. 

  32. 	 *
    33. 

  33. 	 * @return bool|string
    34. 

  34. 	 */
    35. 

  35. 	private function getJsonString() {
    36. 

  36. 		if ( $this->input === false ) {
    37. 

  37. 			$this->input = @file_get_contents( 'php://input' );
    38. 

  38. 		}
    39. 

  39. 		return $this->input;
    40. 

  40. 	}
    41. 

  41. 

  42. 	/**
    43. 

  43. 	 * Generate the signature based on the secret key, to compare in isSignatureValid
    44. 

  44. 	 *
    45. 

  45. 	 * @return bool|string
    46. 

  46. 	 */
    47. 

  47. 	private function generateSignature() {
    48. 

  48. 		$str = $this->getJsonString();
    49. 

  49. 		if ( $str ) {
    50. 

  50. 			return base64_encode( hash_hmac( 'sha1', $str, HELPSCOUT_SECRET_KEY, true ) );
    51. 

  51. 		}
    52. 

  52. 		return false;
    53. 

  53. 	}
    54. 

  54. 

  55. 	/**
    56. 

  56. 	 * Returns true if the current request is a valid webhook issued from Help Scout, false otherwise.
    57. 

  57. 	 *
    58. 

  58. 	 * @return boolean
    59. 

  59. 	 */
    60. 

  60. 	private function isSignatureValid() {
    61. 

  61. 		$signature = $this->generateSignature();
    62. 

  62. 		return $signature == $this->getHeader( 'HTTP_X_HELPSCOUT_SIGNATURE' );
    63. 

  63. 	}
    64. 

  64. 

  65. 	/**
    66. 

  66. 	 * Create a response.
    67. 

  67. 	 *
    68. 

  68. 	 * @return array
    69. 

  69. 	 */
    70. 

  70. 	public function getResponse() {
    71. 

  71. 		$ret = array( 'html' => '' );
    72. 

  72. 

  73. 		if ( !$this->isSignatureValid() ) {
    74. 

  74. 			return array( 'html' => 'Invalid signature' );
    75. 

  75. 		}
    76. 

  76. 		$data = json_decode( $this->input, true );
    77. 

  77. 

  78. 		// do some stuff
    79. 

  79. 		$ret['html'] = $this->fetchHtml( $data );
    80. 

  80. 

  81. 		// Used for debugging
    82. 

  82. 		// $ret['html'] = '<pre>'.print_r($data,1).'</pre>' . $ret['html'];
    83. 

  83. 

  84. 		return $ret;
    85. 

  85. 	}
    86. 

  86. 

  87. 	/**
    88. 

  88. 	 * Generate output for the response.
    89. 

  89. 	 *
    90. 

  90. 	 * @param $data
    91. 

  91. 	 * @return string
    92. 

  92. 	 */
    93. 

  93. 	private function fetchHtml( $data ) {
    94. 

  94. 		global $wpdb;
    95. 

  95. 

  96. 		if ( isset( $data['customer']['emails'] ) && is_array( $data['customer']['emails'] ) ) {
    97. 

  97. 			$email_query = "IN (";
    98. 

  98. 			foreach ( $data['customer']['emails'] as $email ) {
    99. 

  99. 				$email_query .= "'" . $email . "',";
    100. 

  100. 			}
    101. 

  101. 			$email_query = rtrim( $email_query, ',' );
    102. 

  102. 			$email_query .= ')';
    103. 

  103. 		} else {
    104. 

  104. 			$email_query = "= '" . $data['customer']['email'] . "'";
    105. 

  105. 		}
    106. 

  106. 

  107. 		$query   = "SELECT pm2.post_id, pm2.meta_value, p.post_status FROM $wpdb->postmeta pm, $wpdb->postmeta pm2, $wpdb->posts p WHERE pm.meta_key = '_edd_payment_user_email' AND pm.meta_value $email_query AND pm.post_id = pm2.post_id AND pm2.meta_key = '_edd_payment_meta' AND pm.post_id = p.ID AND p.post_status NOT IN ('failed','revoked') ORDER BY pm.post_id DESC";
    108. 

  108. 		$results = $wpdb->get_results( $query );
    109. 

  109. 

  110. 		if ( !$results ) {
    111. 

  111. 			$query   = "SELECT pm.post_id, pm.meta_value, p.post_status FROM $wpdb->postmeta pm, $wpdb->posts p WHERE pm.meta_key = '_edd_payment_meta' AND pm.meta_value LIKE '%%" . $data['customer']['fname'] . "%%' AND pm.meta_value LIKE '%%" . $data['customer']['lname'] . "%%' AND pm.post_id = p.ID AND p.post_status NOT IN ('failed','revoked') ORDER BY pm.post_id DESC";
    112. 

  112. 			$results = $wpdb->get_results( $query );
    113. 

  113. 		}
    114. 

  114. 

  115. 		if ( !$results ) {
    116. 

  116. 			return 'No license data found.';
    117. 

  117. 		}
    118. 

  118. 

  119. 		$orders = array();
    120. 

  120. 		foreach ( $results as $result ) {
    121. 

  121. 			$order         = array();
    122. 

  122. 			$order['link'] = '<a target="_blank" href="' . get_admin_url( null, 'edit.php?post_type=download&page=edd-payment-history&view=edit-payment&purchase_id=' . $result->post_id ) . '">#' . $result->post_id . '</a>';
    123. 

  123. 

  124. 			$post = get_post( $result->post_id );
    125. 

  125. 

  126. 			$purchase = maybe_unserialize( $result->meta_value );
    127. 

  127. 

  128. 			$order['date'] = $post->post_date;
    129. 

  129. 			unset( $post );
    130. 

  130. 

  131. 			$order['id']             = $result->post_id;
    132. 

  132. 			$order['status']         = $result->post_status;
    133. 

  133. 			$order['amount']         = edd_get_payment_amount( $result->post_id );
    134. 

  134. 			$order['payment_method'] = edd_get_payment_gateway( $result->post_id );
    135. 

  135. 

  136. 			if ( 'paypal' == $order['payment_method'] ) {
    137. 

  137. 				// Grab the PayPal transaction ID and link the transaction to PayPal
    138. 

  138. 				$notes = edd_get_payment_notes( $result->post_id );
    139. 

  139. 				foreach ( $notes as $note ) {
    140. 

  140. 					if ( preg_match( '/^PayPal Transaction ID: ([^\s]+)/', $note->comment_content, $match ) )
    141. 

  141. 						$order['paypal_transaction_id'] = $match[1];
    142. 

  142. 				}
    143. 

  143. 

  144. 				$order['payment_method'] = '<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_view-a-trans&id=' . $order['paypal_transaction_id'] . '" target="_blank">PayPal</a>';
    145. 

  145. 			}
    146. 

  146. 

  147. 			$downloads = maybe_unserialize( $purchase['downloads'] );
    148. 

  148. 			if ( $downloads ) {
    149. 

  149. 				$license_keys = '';
    150. 

  150. 				foreach ( maybe_unserialize( $purchase['downloads'] ) as $download ) {
    151. 

  151. 

  152. 					$id = isset( $purchase['cart_details'] ) ? $download['id'] : $download;
    153. 

  153. 

  154. 					$licensing = new EDD_Software_Licensing();
    155. 

  155. 

  156. 					if ( get_post_meta( $id, '_edd_sl_enabled', true ) ) {
    157. 

  157. 						$license = $licensing->get_license_by_purchase( $order['id'], $id );
    158. 

  158. 						$license_keys .= '<strong>' . str_replace( " for WordPress", "", get_the_title( $id ) ) . "</strong><br/>"
    159. 

  159. 							. edd_get_price_option_name( $id, $download['options']['price_id'] ) . '<br/>'
    160. 

  160. 							. get_post_meta( $license->ID, '_edd_sl_key', true ) . '<br/><br/>';
    161. 

  161. 					}
    162. 

  162. 				}
    163. 

  163. 			}
    164. 

  164. 

  165. 			if ( isset( $license_keys ) )
    166. 

  166. 				$order['downloads'][] = $license_keys;
    167. 

  167. 			$orders[]             = $order;
    168. 

  168. 		}
    169. 

  169. 

  170. 		$output = '';
    171. 

  171. 		foreach ( $orders as $order ) {
    172. 

  172. 			$output .= '<strong><i class="icon-cart"></i> ' . $order['link'] . '</strong>';
    173. 

  173. 			if ( $order['status'] != 'publish' )
    174. 

  174. 				$output .= ' - <span style="color:orange;font-weight:bold;">' . $order['status'] . '</span>';
    175. 

  175. 			$output .= '<p><span class="muted">' . $order['date'] . '</span><br/>';
    176. 

  176. 			$output .= '$' . $order['amount'] . ' - ' . $order['payment_method'] . '</p>';
    177. 

  177. 			$output .= '<p><i class="icon-pointer"></i><a target="_blank" href="' . add_query_arg( array( 'edd-action' => 'email_links', 'purchase_id' => $order['id'] ), admin_url( 'edit.php?post_type=download&page=edd-payment-history' ) ) . '">' . __( 'Resend Purchase Receipt', 'edd' ) . '</a></p>';
    178. 

  178. 			$output .= '<ul>';
    179. 

  179. 			foreach ( $order['downloads'] as $download ) {
    180. 

  180. 				$output .= '<li>' . $download . '</li>';
    181. 

  181. 			}
    182. 

  182. 			$output .= '</ul>';
    183. 

  183. 		}
    184. 

  184. 

  185. 		return $output;
    186. 

  186. 	}
    187. 

  187. }
    188. 

  188. 

  189. $plugin = new PluginHandler();
    190. 

  190. 

  191. echo json_encode( $plugin->getResponse() );
    192. 

  192.