PageRenderTime 50ms CodeModel.GetById 23ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-content/plugins/foxyshop/datafeedfunctions.php

https://gitlab.com/Lidbary/foxyshop
PHP | 336 lines | 213 code | 45 blank | 78 comment | 26 complexity | 2e1b5d4c73f6e27d1b54bb2d5e0eae66 MD5 | raw file
    

  1. <?php
    2. 

  2. //Exit if not called in proper context
    3. 

  3. if (!defined('ABSPATH')) exit();
    4. 

  4. 

  5. //Decrypt Data From Source
    6. 

  6. function foxyshop_decrypt($src) {
    7. 

  7. 	global $foxyshop_settings;
    8. 

  8. 	return rc4crypt::decrypt($foxyshop_settings['api_key'],urldecode($src));
    9. 

  9. }
    10. 

  10. 

  11. 

  12. //Push Feed to External Datafeeds
    13. 

  13. function foxyshop_run_external_datafeeds($external_datafeeds) {
    14. 

  14. 	global $foxyshop_settings;
    15. 

  15. 	if ($foxyshop_settings["orderdesk_url"]) {
    16. 

  16. 		//Check Referer to make sure we aren't coming from Order Desk and thus creating a loop
    17. 

  17. 		if ($_SERVER['REMOTE_ADDR'] == "216.70.96.51") {
    18. 

  18. 			die("It looks like you have a potential datafeed loop with FoxyShop and Order Desk. You can't send the datafeed to Order Desk and then have Order Desk send it back to FoxyShop or you'll have a never-ending loop. It's recommended that you uncheck the 'Send to Order Desk' feature in your FoxyShop Settings.");
    19. 

  19. 		}
    20. 

  20. 		$external_datafeeds[] = $foxyshop_settings["orderdesk_url"];
    21. 

  21. 	}
    22. 

  22. 	if (!defined('FOXYSHOP_CURL_CONNECTTIMEOUT')) define('FOXYSHOP_CURL_CONNECTTIMEOUT', 10); //10
    23. 

  23. 	if (!defined('FOXYSHOP_CURL_TIMEOUT')) define('FOXYSHOP_CURL_TIMEOUT', 15); //15
    24. 

  24. 	if (!isset($_POST["FoxyData"]) && !isset($_POST["FoxySubscriptionData"])) return;
    25. 

  25. 

  26. 	foreach($external_datafeeds as $feedurl) {
    27. 

  27. 		if ($feedurl) {
    28. 

  28. 			$ch = curl_init();
    29. 

  29. 			curl_setopt($ch, CURLOPT_URL, $feedurl);
    30. 

  30. 			if (isset($_POST["FoxyData"])) {
    31. 

  31. 				curl_setopt($ch, CURLOPT_POSTFIELDS, array("FoxyData" => $_POST["FoxyData"]));
    32. 

  32. 			} elseif (isset($_POST["FoxySubscriptionData"])) {
    33. 

  33. 				curl_setopt($ch, CURLOPT_POSTFIELDS, array("FoxySubscriptionData" => $_POST["FoxySubscriptionData"]));
    34. 

  34. 			}
    35. 

  35. 			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    36. 

  36. 			curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, FOXYSHOP_CURL_CONNECTTIMEOUT);
    37. 

  37. 			curl_setopt($ch, CURLOPT_TIMEOUT, FOXYSHOP_CURL_TIMEOUT);
    38. 

  38. 			if (defined('FOXYSHOP_CURL_SSL_VERIFYPEER')) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FOXYSHOP_CURL_SSL_VERIFYPEER);
    39. 

  39. 			$response = trim(curl_exec($ch));
    40. 

  40. 

  41. 			//If Error, Send Email and Kill Process
    42. 

  42. 			if ($response != 'foxy' && $response != 'foxysub') {
    43. 

  43. 				$error_msg = (!$response ? "Datafeed Processing Error: " . curl_error($ch) : $response);
    44. 

  44. 				$to_email = get_bloginfo('admin_email');
    45. 

  45. 				$message = "A FoxyCart datafeed error was encountered at " . date("F j, Y, g:i a") . ".\n\n";
    46. 

  46. 				$message .= "The feed that failed was $feedurl\n\n";
    47. 

  47. 				$message .= "The error is listed below:\n\n";
    48. 

  48. 				$message .= $error_msg;
    49. 

  49. 				//$message .= "\n\n" . print_r($_POST, 1);
    50. 

  50. 				//$message .= "\n\n" . print_r($_SERVER, 1);
    51. 

  51. 				$message .= "\n\n" . foxyshop_decrypt($_POST["FoxyData"]);
    52. 

  52. 				$headers = 'From: ' . get_bloginfo('name') . ' Server Admin <' . $to_email . '>' . "\r\n";
    53. 

  53. 				mail($to_email, 'Data Feed Error on ' . get_bloginfo('name'), $message, $headers);
    54. 

  54. 				curl_close($ch);
    55. 

  55. 				die($error_msg);
    56. 

  56. 			} else {
    57. 

  57. 				curl_close($ch);
    58. 

  58. 			}
    59. 

  59. 		}
    60. 

  60. 	}
    61. 

  61. }
    62. 

  62. 

  63. 

  64. 

  65. //Update the FoxyShop Inventory
    66. 

  66. function foxyshop_datafeed_inventory_update($xml) {
    67. 

  67. 	global $wpdb, $foxyshop_settings;
    68. 

  68. 

  69. 	//For Each Transaction
    70. 

  70. 	foreach($xml->transactions->transaction as $transaction) {
    71. 

  71. 

  72. 		//For Each Transaction Detail
    73. 

  73. 		foreach($transaction->transaction_details->transaction_detail as $transactiondetails) {
    74. 

  74. 			if ((int)$transactiondetails->is_future_line_item == 1) continue;
    75. 

  75. 			$product_name = (string)$transactiondetails->product_name;
    76. 

  76. 			$product_code = (string)$transactiondetails->product_code;
    77. 

  77. 			$product_quantity = (int)$transactiondetails->product_quantity;
    78. 

  78. 

  79. 			//Skip if there's no product code
    80. 

  80. 			if (!$product_code) continue;
    81. 

  81. 

  82. 			//Get List of Target ID's for Inventory Update
    83. 

  83. 			$meta_list = $wpdb->get_results("SELECT post_id, meta_id, meta_value FROM $wpdb->postmeta WHERE meta_key = '_inventory_levels' AND meta_value LIKE '%" . esc_sql($product_code) . "%'");
    84. 

  84. 			foreach ($meta_list as $meta) {
    85. 

  85. 				$productID = $meta->post_id;
    86. 

  86. 				$val = unserialize($meta->meta_value);
    87. 

  87. 				if (!is_array($val)) $val = array();
    88. 

  88. 				foreach ($val as $ivcode => $iv) {
    89. 

  89. 					if ($ivcode == $product_code) {
    90. 

  90. 						$original_count = $iv['count'];
    91. 

  91. 						$new_count = $original_count - $product_quantity;
    92. 

  92. 						$alert_level = ($iv['alert'] == '' ? $foxyshop_settings['inventory_alert_level'] : $iv['alert']);
    93. 

  93. 						$val[$ivcode]['count'] = $new_count;
    94. 

  94. 

  95. 						//Send Email Alert Email
    96. 

  96. 						if ($foxyshop_settings['inventory_alert_email'] && $new_count <= $alert_level) {
    97. 

  97. 							$subject_line = "Inventory Alert: " . $product_name;
    98. 

  98. 							$to_email = apply_filters('foxyshop_inventory_alert_email', get_bloginfo('admin_email'));
    99. 

  99. 							$message = "The inventory for one of your products is getting low:\n\n";
    100. 

  100. 							$message .= "Product Name: $product_name\n";
    101. 

  101. 							$message .= "Product Code: $product_code\n";
    102. 

  102. 							$message .= "Current Inventory Level: $new_count\n";
    103. 

  103. 							$message .= "Inventory Alert Level: $alert_level\n";
    104. 

  104. 							$message .= "\n". get_bloginfo('wpurl') . "/wp-admin/edit.php?post_type=foxyshop_product\n";
    105. 

  105. 							$headers = 'From: ' . get_bloginfo('name') . ' <' . $to_email . '>' . "\r\n";
    106. 

  106. 							wp_mail($to_email, $subject_line, $message, $headers);
    107. 

  107. 						}
    108. 

  108. 

  109. 					}
    110. 

  110. 				}
    111. 

  111. 				//Run the Update
    112. 

  112. 				foxyshop_inventory_count_update($product_code, $new_count, $productID, 0);
    113. 

  113. 			}
    114. 

  114. 		}
    115. 

  115. 	}
    116. 

  116. }
    117. 

  117. 

  118. 

  119. //Update the WordPress Customer's Subscription List
    120. 

  120. function foxyshop_datafeed_sso_update($xml) {
    121. 

  121. 	global $wpdb;
    122. 

  122. 

  123. 	//For Each Transaction
    124. 

  124. 	foreach($xml->transactions->transaction as $transaction) {
    125. 

  125. 

  126. 		//Get FoxyCart Transaction Information
    127. 

  127. 		$transaction_id = (string)$transaction->id;
    128. 

  128. 		$customer_id = (string)$transaction->customer_id;
    129. 

  129. 

  130. 		//For Each Transaction Detail
    131. 

  131. 		foreach($transaction->transaction_details->transaction_detail as $transactiondetails) {
    132. 

  132. 			$product_code = (string)$transactiondetails->product_code;
    133. 

  133. 			$sub_token_url = (string)$transactiondetails->sub_token_url;
    134. 

  134. 

  135. 			//Set Subscription Features if using SSO
    136. 

  136. 			if ($sub_token_url != "") {
    137. 

  137. 

  138. 				//Get WordPress User ID
    139. 

  139. 				$select_user = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = 'foxycart_customer_id' AND meta_value = '$customer_id'";
    140. 

  140. 				$user_id = $wpdb->get_var($select_user);
    141. 

  141. 				if ($user_id) {
    142. 

  142. 

  143. 					//Get User's Subscription Array
    144. 

  144. 					$foxyshop_subscription = get_user_meta($user_id, 'foxyshop_subscription', true);
    145. 

  145. 					if (!is_array($foxyshop_subscription)) $foxyshop_subscription = array();
    146. 

  146. 

  147. 					//Add On To Array
    148. 

  148. 					$foxyshop_subscription[$product_code] = array(
    149. 

  149. 						"is_active" => 1,
    150. 

  150. 						"sub_token_url" => $sub_token_url
    151. 

  151. 					);
    152. 

  152. 

  153. 					//Write Array Back to DB
    154. 

  154. 					update_user_meta($user_id, 'foxyshop_subscription', $foxyshop_subscription);
    155. 

  155. 				}
    156. 

  156. 

  157. 

  158. 			}
    159. 

  159. 		}
    160. 

  160. 	}
    161. 

  161. }
    162. 

  162. 

  163. //Update or Create a WordPress User After Checkout
    164. 

  164. function foxyshop_datafeed_user_update($xml) {
    165. 

  165. 	global $wpdb, $foxyshop_new_password_hash;
    166. 

  166. 

  167. 	//For Each Transaction
    168. 

  168. 	foreach($xml->transactions->transaction as $transaction) {
    169. 

  169. 

  170. 		//Get FoxyCart Transaction Information
    171. 

  171. 		$customer_id = (string)$transaction->customer_id;
    172. 

  172. 		$customer_first_name = (string)$transaction->customer_first_name;
    173. 

  173. 		$customer_last_name = (string)$transaction->customer_last_name;
    174. 

  174. 		$customer_email = (string)$transaction->customer_email;
    175. 

  175. 		$customer_password = (string)$transaction->customer_password;
    176. 

  176. 		$is_anonymous = (int)$transaction->is_anonymous;
    177. 

  177. 

  178. 		//Add or Update WordPress User If Not Guest Checkout
    179. 

  179. 		if ($customer_id != '0' && $is_anonymous == 0) {
    180. 

  180. 

  181. 			//Check To See if WordPress User Already Exists
    182. 

  182. 			$current_user = get_user_by("email", $customer_email);
    183. 

  183. 			$foxyshop_new_password_hash = $customer_password;
    184. 

  184. 

  185. 			//No Return, Add New User, Username will be email address
    186. 

  186. 			if (!$current_user) {
    187. 

  187. 				remove_action('user_register', 'foxyshop_profile_add', 5);
    188. 

  188. 				$new_user_id = wp_insert_user(array(
    189. 

  189. 					'user_login' => $customer_email,
    190. 

  190. 					'user_email' => $customer_email,
    191. 

  191. 					'first_name' => $customer_first_name,
    192. 

  192. 					'last_name' => $customer_last_name,
    193. 

  193. 					'user_email' => $customer_email,
    194. 

  194. 					'user_pass' => wp_generate_password(),
    195. 

  195. 					'user_nicename' => $customer_first_name . ' ' . $customer_last_name,
    196. 

  196. 					'display_name' => $customer_first_name . ' ' . $customer_last_name,
    197. 

  197. 					'nickname' => $customer_first_name . ' ' . $customer_last_name,
    198. 

  198. 					'role' => apply_filters('foxyshop_default_user_role', 'subscriber'),
    199. 

  199. 				));
    200. 

  200. 				add_user_meta($new_user_id, 'foxycart_customer_id', $customer_id, true);
    201. 

  201. 

  202. 				//Set Password In WordPress Database
    203. 

  203. 				$wpdb->query("UPDATE $wpdb->users SET user_pass = '" . esc_sql($customer_password) . "' WHERE ID = $new_user_id");
    204. 

  204. 

  205. 				//Set Original Password at FoxyCart
    206. 

  206. 				//foxyshop_get_foxycart_data(array("api_action" => "customer_save", "customer_id" => $customer_id, "customer_password_hash" => $customer_password));
    207. 

  207. 

  208. 				//Run Your Custom Actions Here with add_action()
    209. 

  209. 				do_action("foxyshop_datafeed_add_wp_user", $xml, $new_user_id);
    210. 

  210. 

  211. 			//Update User
    212. 

  212. 			} else {
    213. 

  213. 

  214. 				//Set Password
    215. 

  215. 				$wpdb->query("UPDATE $wpdb->users SET user_pass = '" . esc_sql($customer_password) . "' WHERE ID = " . $current_user->ID);
    216. 

  216. 

  217. 				//Update First Name and Last Name
    218. 

  218. 				$updated_user_id = wp_update_user(array(
    219. 

  219. 					'ID' => $current_user->ID,
    220. 

  220. 					'first_name' => $customer_first_name,
    221. 

  221. 					'last_name' => $customer_last_name
    222. 

  222. 				));
    223. 

  223. 

  224. 				//Reset Password Again
    225. 

  225. 				$wpdb->query("UPDATE $wpdb->users SET user_pass = '" . esc_sql($customer_password) . "' WHERE ID = " . $current_user->ID);
    226. 

  226. 

  227. 				//Add FoxyCart User ID if not added before
    228. 

  228. 				add_user_meta($current_user->ID, 'foxycart_customer_id', $customer_id, true);
    229. 

  229. 

  230. 				//Run Your Custom Actions Here with add_action()
    231. 

  231. 				do_action("foxyshop_datafeed_update_wp_user", $xml, $current_user->ID);
    232. 

  232. 			}
    233. 

  233. 		}
    234. 

  234. 	}
    235. 

  235. }
    236. 

  236. 

  237. 

  238. 

  239. //ConsoliBYTE Inventory Processor
    240. 

  240. function foxyshop_consolibyte_inventory_process() {
    241. 

  241. 

  242. 	//DECRYPT (required)
    243. 

  243. 	//-----------------------------------------------------
    244. 

  244. 	$FoxyData_decrypted = foxyshop_decrypt($_POST["FoxyInventory"]);
    245. 

  245. 	$xml = simplexml_load_string($FoxyData_decrypted, NULL, LIBXML_NOCDATA);
    246. 

  246. 

  247. 	//For Each Item
    248. 

  248. 	foreach($xml->foxyinventory->item as $item) {
    249. 

  249. 

  250. 		//Set Variables
    251. 

  251. 		$product_code = (string)$item->product_code;
    252. 

  252. 		$quantity_on_hand = (int)$item->quantity_on_hand;
    253. 

  253. 

  254. 		//Update Inventory
    255. 

  255. 		foxyshop_inventory_count_update($product_code, $quantity_on_hand, 0);
    256. 

  256. 	}
    257. 

  257. 

  258. 

  259. 	//All Done!
    260. 

  260. 	die("foxyinventory");
    261. 

  261. }
    262. 

  262. 

  263. 

  264. 

  265. // ======================================================================================
    266. 

  266. // RC4 ENCRYPTION CLASS
    267. 

  267. // Do not modify.
    268. 

  268. // ======================================================================================
    269. 

  269. /**
    270. 

  270.  * RC4Crypt 3.2
    271. 

  271.  *
    272. 

  272.  * RC4Crypt is a petite library that allows you to use RC4
    273. 

  273.  * encryption easily in PHP. It's OO and can produce outputs
    274. 

  274.  * in binary and hex.
    275. 

  275.  *
    276. 

  276.  * (C) Copyright 2006 Mukul Sabharwal [http://mjsabby.com]
    277. 

  277.  *     All Rights Reserved
    278. 

  278.  *
    279. 

  279.  * @link http://rc4crypt.devhome.org
    280. 

  280.  * @author Mukul Sabharwal <mjsabby@gmail.com>
    281. 

  281.  * @version $Id: class.rc4crypt.php,v 3.2 2006/03/10 05:47:24 mukul Exp $
    282. 

  282.  * @copyright Copyright &copy; 2006 Mukul Sabharwal
    283. 

  283.  * @license http://www.gnu.org/copyleft/gpl.html
    284. 

  284.  * @package RC4Crypt
    285. 

  285.  */
    286. 

  286. class rc4crypt {
    287. 

  287. 	/**
    288. 

  288. 	 * The symmetric encryption function
    289. 

  289. 	 *
    290. 

  290. 	 * @param string $pwd Key to encrypt with (can be binary of hex)
    291. 

  291. 	 * @param string $data Content to be encrypted
    292. 

  292. 	 * @param bool $ispwdHex Key passed is in hexadecimal or not
    293. 

  293. 	 * @access public
    294. 

  294. 	 * @return string
    295. 

  295. 	 */
    296. 

  296. 	public static function encrypt ($pwd, $data, $ispwdHex = 0) {
    297. 

  297. 		if ($ispwdHex) $pwd = @pack('H*', $pwd); // valid input, please!
    298. 

  298.  		$key[] = '';
    299. 

  299. 		$box[] = '';
    300. 

  300. 		$cipher = '';
    301. 

  301. 		$pwd_length = strlen($pwd);
    302. 

  302. 		$data_length = strlen($data);
    303. 

  303. 		for ($i = 0; $i < 256; $i++) {
    304. 

  304. 			$key[$i] = ord($pwd[$i % $pwd_length]);
    305. 

  305. 			$box[$i] = $i;
    306. 

  306. 		}
    307. 

  307. 		for ($j = $i = 0; $i < 256; $i++) {
    308. 

  308. 			$j = ($j + $box[$i] + $key[$i]) % 256;
    309. 

  309. 			$tmp = $box[$i];
    310. 

  310. 			$box[$i] = $box[$j];
    311. 

  311. 			$box[$j] = $tmp;
    312. 

  312. 		}
    313. 

  313. 		for ($a = $j = $i = 0; $i < $data_length; $i++) {
    314. 

  314. 			$a = ($a + 1) % 256;
    315. 

  315. 			$j = ($j + $box[$a]) % 256;
    316. 

  316. 			$tmp = $box[$a];
    317. 

  317. 			$box[$a] = $box[$j];
    318. 

  318. 			$box[$j] = $tmp;
    319. 

  319. 			$k = $box[(($box[$a] + $box[$j]) % 256)];
    320. 

  320. 			$cipher .= chr(ord($data[$i]) ^ $k);
    321. 

  321. 		}
    322. 

  322. 		return $cipher;
    323. 

  323. 	}
    324. 

  324. 	/**
    325. 

  325. 	 * Decryption, recall encryption
    326. 

  326. 	 *
    327. 

  327. 	 * @param string $pwd Key to decrypt with (can be binary of hex)
    328. 

  328. 	 * @param string $data Content to be decrypted
    329. 

  329. 	 * @param bool $ispwdHex Key passed is in hexadecimal or not
    330. 

  330. 	 * @access public
    331. 

  331. 	 * @return string
    332. 

  332. 	 */
    333. 

  333. 	public static function decrypt ($pwd, $data, $ispwdHex = 0) {
    334. 

  334. 		return rc4crypt::encrypt($pwd, $data, $ispwdHex);
    335. 

  335. 	}
    336. 

  336. }
    337. 

  337.