WC_AJAX

WooCommerce WC_AJAX.

Defined (1)

The class is defined in the following location(s).

/includes/class-wc-ajax.php  
  1. class WC_AJAX { 
  2.  
  3. /** 
  4. * Hook in ajax handlers. 
  5. */ 
  6. public static function init() { 
  7. add_action( 'init', array( __CLASS__, 'define_ajax' ), 0 ); 
  8. add_action( 'template_redirect', array( __CLASS__, 'do_wc_ajax' ), 0 ); 
  9. self::add_ajax_events(); 
  10.  
  11. /** 
  12. * Get WC Ajax Endpoint. 
  13. * @param string $request Optional 
  14. * @return string 
  15. */ 
  16. public static function get_endpoint( $request = '' ) { 
  17. return esc_url_raw( apply_filters( 'woocommerce_ajax_get_endpoint', add_query_arg( 'wc-ajax', $request, remove_query_arg( array( 'remove_item', 'add-to-cart', 'added-to-cart' ) ) ), $request ) ); 
  18.  
  19. /** 
  20. * Set WC AJAX constant and headers. 
  21. */ 
  22. public static function define_ajax() { 
  23. if ( ! empty( $_GET['wc-ajax'] ) ) { 
  24. wc_maybe_define_constant( 'DOING_AJAX', true ); 
  25. wc_maybe_define_constant( 'WC_DOING_AJAX', true ); 
  26. if ( ! WP_DEBUG || ( WP_DEBUG && ! WP_DEBUG_DISPLAY ) ) { 
  27. @ini_set( 'display_errors', 0 ); // Turn off display_errors during AJAX events to prevent malformed JSON 
  28. $GLOBALS['wpdb']->hide_errors(); 
  29.  
  30. /** 
  31. * Send headers for WC Ajax Requests. 
  32. * @since 2.5.0 
  33. */ 
  34. private static function wc_ajax_headers() { 
  35. send_origin_headers(); 
  36. @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); 
  37. @header( 'X-Robots-Tag: noindex' ); 
  38. send_nosniff_header(); 
  39. nocache_headers(); 
  40. status_header( 200 ); 
  41.  
  42. /** 
  43. * Check for WC Ajax request and fire action. 
  44. */ 
  45. public static function do_wc_ajax() { 
  46. global $wp_query; 
  47.  
  48. if ( ! empty( $_GET['wc-ajax'] ) ) { 
  49. $wp_query->set( 'wc-ajax', sanitize_text_field( $_GET['wc-ajax'] ) ); 
  50.  
  51. if ( $action = $wp_query->get( 'wc-ajax' ) ) { 
  52. self::wc_ajax_headers(); 
  53. do_action( 'wc_ajax_' . sanitize_text_field( $action ) ); 
  54. wp_die(); 
  55.  
  56. /** 
  57. * Hook in methods - uses WordPress ajax handlers (admin-ajax). 
  58. */ 
  59. public static function add_ajax_events() { 
  60. // woocommerce_EVENT => nopriv 
  61. $ajax_events = array( 
  62. 'get_refreshed_fragments' => true,  
  63. 'apply_coupon' => true,  
  64. 'remove_coupon' => true,  
  65. 'update_shipping_method' => true,  
  66. 'get_cart_totals' => true,  
  67. 'update_order_review' => true,  
  68. 'add_to_cart' => true,  
  69. 'checkout' => true,  
  70. 'get_variation' => true,  
  71. 'get_customer_location' => true,  
  72. 'feature_product' => false,  
  73. 'mark_order_status' => false,  
  74. 'add_attribute' => false,  
  75. 'add_new_attribute' => false,  
  76. 'remove_variation' => false,  
  77. 'remove_variations' => false,  
  78. 'save_attributes' => false,  
  79. 'add_variation' => false,  
  80. 'link_all_variations' => false,  
  81. 'revoke_access_to_download' => false,  
  82. 'grant_access_to_download' => false,  
  83. 'get_customer_details' => false,  
  84. 'add_order_item' => false,  
  85. 'add_order_fee' => false,  
  86. 'add_order_shipping' => false,  
  87. 'add_order_tax' => false,  
  88. 'remove_order_item' => false,  
  89. 'remove_order_tax' => false,  
  90. 'reduce_order_item_stock' => false,  
  91. 'increase_order_item_stock' => false,  
  92. 'add_order_item_meta' => false,  
  93. 'remove_order_item_meta' => false,  
  94. 'calc_line_taxes' => false,  
  95. 'save_order_items' => false,  
  96. 'load_order_items' => false,  
  97. 'add_order_note' => false,  
  98. 'delete_order_note' => false,  
  99. 'json_search_products' => false,  
  100. 'json_search_products_and_variations' => false,  
  101. 'json_search_downloadable_products_and_variations' => false,  
  102. 'json_search_customers' => false,  
  103. 'term_ordering' => false,  
  104. 'product_ordering' => false,  
  105. 'refund_line_items' => false,  
  106. 'delete_refund' => false,  
  107. 'rated' => false,  
  108. 'update_api_key' => false,  
  109. 'load_variations' => false,  
  110. 'save_variations' => false,  
  111. 'bulk_edit_variations' => false,  
  112. 'tax_rates_save_changes' => false,  
  113. 'shipping_zones_save_changes' => false,  
  114. 'shipping_zone_add_method' => false,  
  115. 'shipping_zone_methods_save_changes' => false,  
  116. 'shipping_zone_methods_save_settings' => false,  
  117. 'shipping_classes_save_changes' => false,  
  118. ); 
  119.  
  120. foreach ( $ajax_events as $ajax_event => $nopriv ) { 
  121. add_action( 'wp_ajax_woocommerce_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  122.  
  123. if ( $nopriv ) { 
  124. add_action( 'wp_ajax_nopriv_woocommerce_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  125.  
  126. // WC AJAX can be used for frontend ajax requests. 
  127. add_action( 'wc_ajax_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  128.  
  129. /** 
  130. * Get a refreshed cart fragment, including the mini cart HTML. 
  131. */ 
  132. public static function get_refreshed_fragments() { 
  133. ob_start(); 
  134.  
  135. woocommerce_mini_cart(); 
  136.  
  137. $mini_cart = ob_get_clean(); 
  138.  
  139. $data = array( 
  140. 'fragments' => apply_filters( 'woocommerce_add_to_cart_fragments', array( 
  141. 'div.widget_shopping_cart_content' => '<div class="widget_shopping_cart_content">' . $mini_cart . '</div>',  
  142. ),  
  143. 'cart_hash' => apply_filters( 'woocommerce_add_to_cart_hash', WC()->cart->get_cart_for_session() ? md5( json_encode( WC()->cart->get_cart_for_session() ) ) : '', WC()->cart->get_cart_for_session() ),  
  144. ); 
  145.  
  146. wp_send_json( $data ); 
  147.  
  148. /** 
  149. * AJAX apply coupon on checkout page. 
  150. */ 
  151. public static function apply_coupon() { 
  152.  
  153. check_ajax_referer( 'apply-coupon', 'security' ); 
  154.  
  155. if ( ! empty( $_POST['coupon_code'] ) ) { 
  156. WC()->cart->add_discount( sanitize_text_field( $_POST['coupon_code'] ) ); 
  157. } else { 
  158. wc_add_notice( WC_Coupon::get_generic_coupon_error( WC_Coupon::E_WC_COUPON_PLEASE_ENTER ), 'error' ); 
  159.  
  160. wc_print_notices(); 
  161. wp_die(); 
  162.  
  163. /** 
  164. * AJAX remove coupon on cart and checkout page. 
  165. */ 
  166. public static function remove_coupon() { 
  167. check_ajax_referer( 'remove-coupon', 'security' ); 
  168.  
  169. $coupon = isset( $_POST['coupon'] ) ? wc_clean( $_POST['coupon'] ) : false; 
  170.  
  171. if ( empty( $coupon ) ) { 
  172. wc_add_notice( __( 'Sorry there was a problem removing this coupon.', 'woocommerce' ), 'error' ); 
  173. } else { 
  174. WC()->cart->remove_coupon( $coupon ); 
  175. wc_add_notice( __( 'Coupon has been removed.', 'woocommerce' ) ); 
  176.  
  177. wc_print_notices(); 
  178. wp_die(); 
  179.  
  180. /** 
  181. * AJAX update shipping method on cart page. 
  182. */ 
  183. public static function update_shipping_method() { 
  184. check_ajax_referer( 'update-shipping-method', 'security' ); 
  185.  
  186. wc_maybe_define_constant( 'WOOCOMMERCE_CART', true ); 
  187.  
  188. $chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' ); 
  189.  
  190. if ( isset( $_POST['shipping_method'] ) && is_array( $_POST['shipping_method'] ) ) { 
  191. foreach ( $_POST['shipping_method'] as $i => $value ) { 
  192. $chosen_shipping_methods[ $i ] = wc_clean( $value ); 
  193.  
  194. WC()->session->set( 'chosen_shipping_methods', $chosen_shipping_methods ); 
  195.  
  196. self::get_cart_totals(); 
  197.  
  198. /** 
  199. * AJAX receive updated cart_totals div. 
  200. */ 
  201. public static function get_cart_totals() { 
  202. wc_maybe_define_constant( 'WOOCOMMERCE_CART', true ); 
  203. WC()->cart->calculate_totals(); 
  204. woocommerce_cart_totals(); 
  205. wp_die(); 
  206.  
  207. /** 
  208. * Session has expired. 
  209. */ 
  210. private static function update_order_review_expired() { 
  211. wp_send_json( array( 
  212. 'fragments' => apply_filters( 'woocommerce_update_order_review_fragments', array( 
  213. 'form.woocommerce-checkout' => '<div class="woocommerce-error">' . __( 'Sorry, your session has expired.', 'woocommerce' ) . ' <a href="' . esc_url( wc_get_page_permalink( 'shop' ) ) . '" class="wc-backward">' . __( 'Return to shop', 'woocommerce' ) . '</a></div>',  
  214. ) ),  
  215. ) ); 
  216.  
  217. /** 
  218. * AJAX update order review on checkout. 
  219. */ 
  220. public static function update_order_review() { 
  221. check_ajax_referer( 'update-order-review', 'security' ); 
  222.  
  223. wc_maybe_define_constant( 'WOOCOMMERCE_CHECKOUT', true ); 
  224.  
  225. if ( WC()->cart->is_empty() ) { 
  226. self::update_order_review_expired(); 
  227.  
  228. do_action( 'woocommerce_checkout_update_order_review', $_POST['post_data'] ); 
  229.  
  230. $chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' ); 
  231.  
  232. if ( isset( $_POST['shipping_method'] ) && is_array( $_POST['shipping_method'] ) ) { 
  233. foreach ( $_POST['shipping_method'] as $i => $value ) { 
  234. $chosen_shipping_methods[ $i ] = wc_clean( $value ); 
  235.  
  236. WC()->session->set( 'chosen_shipping_methods', $chosen_shipping_methods ); 
  237. WC()->session->set( 'chosen_payment_method', empty( $_POST['payment_method'] ) ? '' : $_POST['payment_method'] ); 
  238. WC()->customer->set_props( array( 
  239. 'billing_country' => isset( $_POST['country'] ) ? $_POST['country'] : null,  
  240. 'billing_state' => isset( $_POST['state'] ) ? $_POST['state'] : null,  
  241. 'billing_postcode' => isset( $_POST['postcode'] ) ? $_POST['postcode'] : null,  
  242. 'billing_city' => isset( $_POST['city'] ) ? $_POST['city'] : null,  
  243. 'billing_address_1' => isset( $_POST['address'] ) ? $_POST['address'] : null,  
  244. 'billing_address_2' => isset( $_POST['address_2'] ) ? $_POST['address_2'] : null,  
  245. ) ); 
  246.  
  247. if ( wc_ship_to_billing_address_only() ) { 
  248. WC()->customer->set_props( array( 
  249. 'shipping_country' => isset( $_POST['country'] ) ? $_POST['country'] : null,  
  250. 'shipping_state' => isset( $_POST['state'] ) ? $_POST['state'] : null,  
  251. 'shipping_postcode' => isset( $_POST['postcode'] ) ? $_POST['postcode'] : null,  
  252. 'shipping_city' => isset( $_POST['city'] ) ? $_POST['city'] : null,  
  253. 'shipping_address_1' => isset( $_POST['address'] ) ? $_POST['address'] : null,  
  254. 'shipping_address_2' => isset( $_POST['address_2'] ) ? $_POST['address_2'] : null,  
  255. ) ); 
  256. if ( ! empty( $_POST['country'] ) ) { 
  257. WC()->customer->set_calculated_shipping( true ); 
  258. } else { 
  259. WC()->customer->set_props( array( 
  260. 'shipping_country' => isset( $_POST['s_country'] ) ? $_POST['s_country'] : null,  
  261. 'shipping_state' => isset( $_POST['s_state'] ) ? $_POST['s_state'] : null,  
  262. 'shipping_postcode' => isset( $_POST['s_postcode'] ) ? $_POST['s_postcode'] : null,  
  263. 'shipping_city' => isset( $_POST['s_city'] ) ? $_POST['s_city'] : null,  
  264. 'shipping_address_1' => isset( $_POST['s_address'] ) ? $_POST['s_address'] : null,  
  265. 'shipping_address_2' => isset( $_POST['s_address_2'] ) ? $_POST['s_address_2'] : null,  
  266. ) ); 
  267. if ( ! empty( $_POST['s_country'] ) ) { 
  268. WC()->customer->set_calculated_shipping( true ); 
  269.  
  270. WC()->customer->save(); 
  271. WC()->cart->calculate_totals(); 
  272.  
  273. // Get order review fragment 
  274. ob_start(); 
  275. woocommerce_order_review(); 
  276. $woocommerce_order_review = ob_get_clean(); 
  277.  
  278. // Get checkout payment fragment 
  279. ob_start(); 
  280. woocommerce_checkout_payment(); 
  281. $woocommerce_checkout_payment = ob_get_clean(); 
  282.  
  283. // Get messages if reload checkout is not true 
  284. $messages = ''; 
  285. if ( ! isset( WC()->session->reload_checkout ) ) { 
  286. ob_start(); 
  287. wc_print_notices(); 
  288. $messages = ob_get_clean(); 
  289.  
  290. unset( WC()->session->refresh_totals, WC()->session->reload_checkout ); 
  291.  
  292. wp_send_json( array( 
  293. 'result' => empty( $messages ) ? 'success' : 'failure',  
  294. 'messages' => $messages,  
  295. 'reload' => isset( WC()->session->reload_checkout ) ? 'true' : 'false',  
  296. 'fragments' => apply_filters( 'woocommerce_update_order_review_fragments', array( 
  297. '.woocommerce-checkout-review-order-table' => $woocommerce_order_review,  
  298. '.woocommerce-checkout-payment' => $woocommerce_checkout_payment,  
  299. ) ),  
  300. ) ); 
  301.  
  302. /** 
  303. * AJAX add to cart. 
  304. */ 
  305. public static function add_to_cart() { 
  306. ob_start(); 
  307.  
  308. $product_id = apply_filters( 'woocommerce_add_to_cart_product_id', absint( $_POST['product_id'] ) ); 
  309. $quantity = empty( $_POST['quantity'] ) ? 1 : wc_stock_amount( $_POST['quantity'] ); 
  310. $passed_validation = apply_filters( 'woocommerce_add_to_cart_validation', true, $product_id, $quantity ); 
  311. $product_status = get_post_status( $product_id ); 
  312.  
  313. if ( $passed_validation && false !== WC()->cart->add_to_cart( $product_id, $quantity ) && 'publish' === $product_status ) { 
  314.  
  315. do_action( 'woocommerce_ajax_added_to_cart', $product_id ); 
  316.  
  317. if ( get_option( 'woocommerce_cart_redirect_after_add' ) == 'yes' ) { 
  318. wc_add_to_cart_message( array( $product_id => $quantity ), true ); 
  319.  
  320. // Return fragments 
  321. self::get_refreshed_fragments(); 
  322.  
  323. } else { 
  324.  
  325. // If there was an error adding to the cart, redirect to the product page to show any errors 
  326. $data = array( 
  327. 'error' => true,  
  328. 'product_url' => apply_filters( 'woocommerce_cart_redirect_after_error', get_permalink( $product_id ), $product_id ),  
  329. ); 
  330.  
  331. wp_send_json( $data ); 
  332.  
  333. /** 
  334. * Process ajax checkout form. 
  335. */ 
  336. public static function checkout() { 
  337. wc_maybe_define_constant( 'WOOCOMMERCE_CHECKOUT', true ); 
  338. WC()->checkout()->process_checkout(); 
  339. wp_die( 0 ); 
  340.  
  341. /** 
  342. * Get a matching variation based on posted attributes. 
  343. */ 
  344. public static function get_variation() { 
  345. ob_start(); 
  346.  
  347. if ( empty( $_POST['product_id'] ) || ! ( $variable_product = wc_get_product( absint( $_POST['product_id'] ) ) ) ) { 
  348. wp_die(); 
  349.  
  350. $data_store = WC_Data_Store::load( 'product' ); 
  351. $variation_id = $data_store->find_matching_product_variation( $variable_product, wp_unslash( $_POST ) ); 
  352. $variation = $variation_id ? $variable_product->get_available_variation( $variation_id ) : false; 
  353. wp_send_json( $variation ); 
  354.  
  355. /** 
  356. * Locate user via AJAX. 
  357. */ 
  358. public static function get_customer_location() { 
  359. $location_hash = WC_Cache_Helper::geolocation_ajax_get_location_hash(); 
  360. wp_send_json_success( array( 'hash' => $location_hash ) ); 
  361.  
  362. /** 
  363. * Toggle Featured status of a product from admin. 
  364. */ 
  365. public static function feature_product() { 
  366. if ( current_user_can( 'edit_products' ) && check_admin_referer( 'woocommerce-feature-product' ) ) { 
  367. $product = wc_get_product( absint( $_GET['product_id'] ) ); 
  368.  
  369. if ( $product ) { 
  370. $product->set_featured( ! $product->get_featured() ); 
  371. $product->save(); 
  372.  
  373. wp_safe_redirect( wp_get_referer() ? remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'ids' ), wp_get_referer() ) : admin_url( 'edit.php?post_type=product' ) ); 
  374. exit; 
  375.  
  376. /** 
  377. * Mark an order with a status. 
  378. */ 
  379. public static function mark_order_status() { 
  380. if ( current_user_can( 'edit_shop_orders' ) && check_admin_referer( 'woocommerce-mark-order-status' ) ) { 
  381. $status = sanitize_text_field( $_GET['status'] ); 
  382. $order = wc_get_order( absint( $_GET['order_id'] ) ); 
  383.  
  384. if ( wc_is_order_status( 'wc-' . $status ) && $order ) { 
  385. $order->update_status( $status, '', true ); 
  386. do_action( 'woocommerce_order_edit_status', $order->get_id(), $status ); 
  387.  
  388. wp_safe_redirect( wp_get_referer() ? wp_get_referer() : admin_url( 'edit.php?post_type=shop_order' ) ); 
  389. exit; 
  390.  
  391. /** 
  392. * Add an attribute row. 
  393. */ 
  394. public static function add_attribute() { 
  395. ob_start(); 
  396.  
  397. check_ajax_referer( 'add-attribute', 'security' ); 
  398.  
  399. if ( ! current_user_can( 'edit_products' ) ) { 
  400. wp_die( -1 ); 
  401.  
  402. $i = absint( $_POST['i'] ); 
  403. $metabox_class = array(); 
  404. $attribute = new WC_Product_Attribute(); 
  405.  
  406. $attribute->set_id( wc_attribute_taxonomy_id_by_name( sanitize_text_field( $_POST['taxonomy'] ) ) ); 
  407. $attribute->set_name( sanitize_text_field( $_POST['taxonomy'] ) ); 
  408. $attribute->set_visible( apply_filters( 'woocommerce_attribute_default_visibility', 1 ) ); 
  409. $attribute->set_variation( apply_filters( 'woocommerce_attribute_default_is_variation', 0 ) ); 
  410.  
  411. if ( $attribute->is_taxonomy() ) { 
  412. $metabox_class[] = 'taxonomy'; 
  413. $metabox_class[] = $attribute->get_name(); 
  414.  
  415. include( 'admin/meta-boxes/views/html-product-attribute.php' ); 
  416. wp_die(); 
  417.  
  418. /** 
  419. * Add a new attribute via ajax function. 
  420. */ 
  421. public static function add_new_attribute() { 
  422. check_ajax_referer( 'add-attribute', 'security' ); 
  423.  
  424. if ( current_user_can( 'manage_product_terms' ) ) { 
  425. $taxonomy = esc_attr( $_POST['taxonomy'] ); 
  426. $term = wc_clean( $_POST['term'] ); 
  427.  
  428. if ( taxonomy_exists( $taxonomy ) ) { 
  429.  
  430. $result = wp_insert_term( $term, $taxonomy ); 
  431.  
  432. if ( is_wp_error( $result ) ) { 
  433. wp_send_json( array( 
  434. 'error' => $result->get_error_message(),  
  435. ) ); 
  436. } else { 
  437. $term = get_term_by( 'id', $result['term_id'], $taxonomy ); 
  438. wp_send_json( array( 
  439. 'term_id' => $term->term_id,  
  440. 'name' => $term->name,  
  441. 'slug' => $term->slug,  
  442. ) ); 
  443. wp_die( -1 ); 
  444.  
  445. /** 
  446. * Delete variations via ajax function. 
  447. */ 
  448. public static function remove_variations() { 
  449. check_ajax_referer( 'delete-variations', 'security' ); 
  450.  
  451. if ( current_user_can( 'edit_products' ) ) { 
  452. $variation_ids = (array) $_POST['variation_ids']; 
  453.  
  454. foreach ( $variation_ids as $variation_id ) { 
  455. if ( 'product_variation' === get_post_type( $variation_id ) ) { 
  456. $variation = wc_get_product( $variation_id ); 
  457. $variation->delete( true ); 
  458.  
  459. wp_die( -1 ); 
  460.  
  461. /** 
  462. * Save attributes via ajax. 
  463. */ 
  464. public static function save_attributes() { 
  465. check_ajax_referer( 'save-attributes', 'security' ); 
  466.  
  467. if ( ! current_user_can( 'edit_products' ) ) { 
  468. wp_die( -1 ); 
  469.  
  470. parse_str( $_POST['data'], $data ); 
  471.  
  472. $attributes = WC_Meta_Box_Product_Data::prepare_attributes( $data ); 
  473. $product_id = absint( $_POST['post_id'] ); 
  474. $product_type = ! empty( $_POST['product_type'] ) ? wc_clean( $_POST['product_type'] ) : 'simple'; 
  475. $classname = WC_Product_Factory::get_product_classname( $product_id, $product_type ); 
  476. $product = new $classname( $product_id ); 
  477.  
  478. $product->set_attributes( $attributes ); 
  479. $product->save(); 
  480. wp_die(); 
  481.  
  482. /** 
  483. * Add variation via ajax function. 
  484. */ 
  485. public static function add_variation() { 
  486.  
  487. check_ajax_referer( 'add-variation', 'security' ); 
  488.  
  489. if ( ! current_user_can( 'edit_products' ) ) { 
  490. wp_die( -1 ); 
  491.  
  492. global $post; // Set $post global so its available, like within the admin screens 
  493.  
  494. $product_id = intval( $_POST['post_id'] ); 
  495. $post = get_post( $product_id ); 
  496. $loop = intval( $_POST['loop'] ); 
  497. $product_object = wc_get_product( $product_id ); 
  498. $variation_object = new WC_Product_Variation(); 
  499. $variation_object->set_parent_id( $product_id ); 
  500. $variation_id = $variation_object->save(); 
  501. $variation = get_post( $variation_id ); 
  502. $variation_data = array_merge( array_map( 'maybe_unserialize', get_post_custom( $variation_id ) ), wc_get_product_variation_attributes( $variation_id ) ); // kept for BW compat. 
  503. include( 'admin/meta-boxes/views/html-variation-admin.php' ); 
  504. wp_die(); 
  505.  
  506. /** 
  507. * Link all variations via ajax function. 
  508. */ 
  509. public static function link_all_variations() { 
  510. check_ajax_referer( 'link-variations', 'security' ); 
  511.  
  512. if ( ! current_user_can( 'edit_products' ) ) { 
  513. wp_die( -1 ); 
  514.  
  515. wc_maybe_define_constant( 'WC_MAX_LINKED_VARIATIONS', 49 ); 
  516. wc_set_time_limit( 0 ); 
  517.  
  518. $post_id = intval( $_POST['post_id'] ); 
  519.  
  520. if ( ! $post_id ) { 
  521. wp_die(); 
  522.  
  523. $variations = array(); 
  524. $product = wc_get_product( $post_id ); 
  525. $attributes = wc_list_pluck( array_filter( $product->get_attributes(), 'wc_attributes_array_filter_variation' ), 'get_slugs' ); 
  526.  
  527. if ( ! empty( $attributes ) ) { 
  528. // Get existing variations so we don't create duplicates. 
  529. $existing_variations = array_map( 'wc_get_product', $product->get_children() ); 
  530. $existing_attributes = array(); 
  531.  
  532. foreach ( $existing_variations as $existing_variation ) { 
  533. $existing_attributes[] = $existing_variation->get_attributes(); 
  534.  
  535. $added = 0; 
  536. $possible_attributes = wc_array_cartesian( $attributes ); 
  537.  
  538. foreach ( $possible_attributes as $possible_attribute ) { 
  539. if ( in_array( $possible_attribute, $existing_attributes ) ) { 
  540. continue; 
  541. $variation = new WC_Product_Variation(); 
  542. $variation->set_parent_id( $post_id ); 
  543. $variation->set_attributes( $possible_attribute ); 
  544.  
  545. do_action( 'product_variation_linked', $variation->save() ); 
  546.  
  547. if ( ( $added ++ ) > WC_MAX_LINKED_VARIATIONS ) { 
  548. break; 
  549.  
  550. echo $added; 
  551.  
  552. $data_store = $product->get_data_store(); 
  553. $data_store->sort_all_product_variations( $product->get_id() ); 
  554. wp_die(); 
  555.  
  556. /** 
  557. * Delete download permissions via ajax function. 
  558. */ 
  559. public static function revoke_access_to_download() { 
  560. check_ajax_referer( 'revoke-access', 'security' ); 
  561.  
  562. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  563. wp_die( -1 ); 
  564. $download_id = $_POST['download_id']; 
  565. $product_id = intval( $_POST['product_id'] ); 
  566. $order_id = intval( $_POST['order_id'] ); 
  567. $permission_id = absint( $_POST['permission_id'] ); 
  568. $data_store = WC_Data_Store::load( 'customer-download' ); 
  569. $data_store->delete_by_id( $permission_id ); 
  570.  
  571. do_action( 'woocommerce_ajax_revoke_access_to_product_download', $download_id, $product_id, $order_id, $permission_id ); 
  572.  
  573. wp_die(); 
  574.  
  575. /** 
  576. * Grant download permissions via ajax function. 
  577. */ 
  578. public static function grant_access_to_download() { 
  579.  
  580. check_ajax_referer( 'grant-access', 'security' ); 
  581.  
  582. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  583. wp_die( -1 ); 
  584.  
  585. global $wpdb; 
  586.  
  587. $wpdb->hide_errors(); 
  588.  
  589. $order_id = intval( $_POST['order_id'] ); 
  590. $product_ids = $_POST['product_ids']; 
  591. $loop = intval( $_POST['loop'] ); 
  592. $file_counter = 0; 
  593. $order = wc_get_order( $order_id ); 
  594.  
  595. if ( ! is_array( $product_ids ) ) { 
  596. $product_ids = array( $product_ids ); 
  597.  
  598. foreach ( $product_ids as $product_id ) { 
  599. $product = wc_get_product( $product_id ); 
  600. $files = $product->get_downloads(); 
  601.  
  602. if ( ! $order->get_billing_email() ) { 
  603. wp_die(); 
  604.  
  605. if ( ! empty( $files ) ) { 
  606. foreach ( $files as $download_id => $file ) { 
  607. if ( $inserted_id = wc_downloadable_file_permission( $download_id, $product_id, $order ) ) { 
  608. $download = new WC_Customer_Download( $inserted_id ); 
  609. $loop ++; 
  610. $file_counter ++; 
  611.  
  612. if ( $file->get_name() ) { 
  613. $file_count = $file->get_name(); 
  614. } else { 
  615. $file_count = sprintf( __( 'File %d', 'woocommerce' ), $file_counter ); 
  616. include( 'admin/meta-boxes/views/html-order-download-permission.php' ); 
  617. wp_die(); 
  618.  
  619. /** 
  620. * Get customer details via ajax. 
  621. */ 
  622. public static function get_customer_details() { 
  623. check_ajax_referer( 'get-customer-details', 'security' ); 
  624.  
  625. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  626. wp_die( -1 ); 
  627.  
  628. $user_id = absint( $_POST['user_id'] ); 
  629. $customer = new WC_Customer( $user_id ); 
  630.  
  631. if ( has_filter( 'woocommerce_found_customer_details' ) ) { 
  632. wc_deprecated_function( 'The woocommerce_found_customer_details filter', '3.0', 'woocommerce_ajax_get_customer_details' ); 
  633.  
  634. $data = $customer->get_data(); 
  635. $data['date_created'] = $data['date_created'] ? $data['date_created']->getTimestamp() : null; 
  636. $data['date_modified'] = $data['date_modified'] ? $data['date_modified']->getTimestamp() : null; 
  637.  
  638. $customer_data = apply_filters( 'woocommerce_ajax_get_customer_details', $data, $customer, $user_id ); 
  639. wp_send_json( $customer_data ); 
  640.  
  641. /** 
  642. * Add order item via ajax. 
  643. */ 
  644. public static function add_order_item() { 
  645. check_ajax_referer( 'order-item', 'security' ); 
  646.  
  647. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  648. wp_die( -1 ); 
  649.  
  650. try { 
  651. $order_id = absint( $_POST['order_id'] ); 
  652. $order = wc_get_order( $order_id ); 
  653. $items_to_add = wp_parse_id_list( is_array( $_POST['item_to_add'] ) ? $_POST['item_to_add'] : array( $_POST['item_to_add'] ) ); 
  654.  
  655. if ( ! $order ) { 
  656. throw new Exception( __( 'Invalid order', 'woocommerce' ) ); 
  657.  
  658. ob_start(); 
  659.  
  660. foreach ( $items_to_add as $item_to_add ) { 
  661. if ( ! in_array( get_post_type( $item_to_add ), array( 'product', 'product_variation' ) ) ) { 
  662. continue; 
  663. $item_id = $order->add_product( wc_get_product( $item_to_add ) ); 
  664. $item = apply_filters( 'woocommerce_ajax_order_item', $order->get_item( $item_id ), $item_id ); 
  665. $order_taxes = $order->get_taxes(); 
  666. $class = 'new_row'; 
  667.  
  668. do_action( 'woocommerce_ajax_add_order_item_meta', $item_id, $item ); 
  669. include( 'admin/meta-boxes/views/html-order-item.php' ); 
  670.  
  671. wp_send_json_success( array( 
  672. 'html' => ob_get_clean(),  
  673. ) ); 
  674. } catch ( Exception $e ) { 
  675. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  676.  
  677. /** 
  678. * Add order fee via ajax. 
  679. */ 
  680. public static function add_order_fee() { 
  681. check_ajax_referer( 'order-item', 'security' ); 
  682.  
  683. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  684. wp_die( -1 ); 
  685.  
  686. try { 
  687. $order_id = absint( $_POST['order_id'] ); 
  688. $order = wc_get_order( $order_id ); 
  689. $order_taxes = $order->get_taxes(); 
  690. $item = new WC_Order_Item_Fee(); 
  691. $item->set_order_id( $order_id ); 
  692. $item_id = $item->save(); 
  693.  
  694. ob_start(); 
  695. include( 'admin/meta-boxes/views/html-order-fee.php' ); 
  696.  
  697. wp_send_json_success( array( 
  698. 'html' => ob_get_clean(),  
  699. ) ); 
  700. } catch ( Exception $e ) { 
  701. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  702.  
  703. /** 
  704. * Add order shipping cost via ajax. 
  705. */ 
  706. public static function add_order_shipping() { 
  707. check_ajax_referer( 'order-item', 'security' ); 
  708.  
  709. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  710. wp_die( -1 ); 
  711.  
  712. try { 
  713. $order_id = absint( $_POST['order_id'] ); 
  714. $order = wc_get_order( $order_id ); 
  715. $order_taxes = $order->get_taxes(); 
  716. $shipping_methods = WC()->shipping() ? WC()->shipping->load_shipping_methods() : array(); 
  717.  
  718. // Add new shipping 
  719. $item = new WC_Order_Item_Shipping(); 
  720. $item->set_shipping_rate( new WC_Shipping_Rate() ); 
  721. $item->set_order_id( $order_id ); 
  722. $item_id = $item->save(); 
  723.  
  724. ob_start(); 
  725. include( 'admin/meta-boxes/views/html-order-shipping.php' ); 
  726.  
  727. wp_send_json_success( array( 
  728. 'html' => ob_get_clean(),  
  729. ) ); 
  730. } catch ( Exception $e ) { 
  731. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  732.  
  733. /** 
  734. * Add order tax column via ajax. 
  735. */ 
  736. public static function add_order_tax() { 
  737. check_ajax_referer( 'order-item', 'security' ); 
  738.  
  739. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  740. wp_die( -1 ); 
  741.  
  742. try { 
  743. $order_id = absint( $_POST['order_id'] ); 
  744. $rate_id = absint( $_POST['rate_id'] ); 
  745. $order = wc_get_order( $order_id ); 
  746. $data = get_post_meta( $order_id ); 
  747.  
  748. // Add new tax 
  749. $item = new WC_Order_Item_Tax(); 
  750. $item->set_rate( $rate_id ); 
  751. $item->set_order_id( $order_id ); 
  752. $item->save(); 
  753.  
  754. ob_start(); 
  755. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  756.  
  757. wp_send_json_success( array( 
  758. 'html' => ob_get_clean(),  
  759. ) ); 
  760. } catch ( Exception $e ) { 
  761. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  762.  
  763. /** 
  764. * Remove an order item. 
  765. */ 
  766. public static function remove_order_item() { 
  767. check_ajax_referer( 'order-item', 'security' ); 
  768.  
  769. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  770. wp_die( -1 ); 
  771.  
  772. $order_item_ids = $_POST['order_item_ids']; 
  773.  
  774. if ( ! is_array( $order_item_ids ) && is_numeric( $order_item_ids ) ) { 
  775. $order_item_ids = array( $order_item_ids ); 
  776.  
  777. if ( sizeof( $order_item_ids ) > 0 ) { 
  778. foreach ( $order_item_ids as $id ) { 
  779. wc_delete_order_item( absint( $id ) ); 
  780. wp_die(); 
  781.  
  782. /** 
  783. * Remove an order tax. 
  784. */ 
  785. public static function remove_order_tax() { 
  786. check_ajax_referer( 'order-item', 'security' ); 
  787.  
  788. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  789. wp_die( -1 ); 
  790.  
  791. $order_id = absint( $_POST['order_id'] ); 
  792. $rate_id = absint( $_POST['rate_id'] ); 
  793.  
  794. wc_delete_order_item( $rate_id ); 
  795.  
  796. // Return HTML items 
  797. $order = wc_get_order( $order_id ); 
  798. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  799. wp_die(); 
  800.  
  801. /** 
  802. * Reduce order item stock. 
  803. */ 
  804. public static function reduce_order_item_stock() { 
  805. check_ajax_referer( 'order-item', 'security' ); 
  806. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  807. wp_die( -1 ); 
  808. $order_id = absint( $_POST['order_id'] ); 
  809. $order_item_ids = isset( $_POST['order_item_ids'] ) ? $_POST['order_item_ids'] : array(); 
  810. $order_item_qty = isset( $_POST['order_item_qty'] ) ? $_POST['order_item_qty'] : array(); 
  811. $order = wc_get_order( $order_id ); 
  812. $order_items = $order->get_items(); 
  813. $return = array(); 
  814. if ( $order && ! empty( $order_items ) && sizeof( $order_item_ids ) > 0 ) { 
  815. foreach ( $order_items as $item_id => $order_item ) { 
  816. // Only reduce checked items 
  817. if ( ! in_array( $item_id, $order_item_ids ) ) { 
  818. continue; 
  819. $_product = $order_item->get_product(); 
  820. if ( $_product && $_product->exists() && $_product->managing_stock() && isset( $order_item_qty[ $item_id ] ) && $order_item_qty[ $item_id ] > 0 ) { 
  821. $stock_change = apply_filters( 'woocommerce_reduce_order_stock_quantity', $order_item_qty[ $item_id ], $item_id ); 
  822. $new_stock = wc_update_product_stock( $_product, $stock_change, 'decrease' ); 
  823. $item_name = $_product->get_sku() ? $_product->get_sku() : $_product->get_id(); 
  824. $note = sprintf( __( 'Item %1$s stock reduced from %2$s to %3$s.', 'woocommerce' ), $item_name, $new_stock + $stock_change, $new_stock ); 
  825. $return[] = $note; 
  826. $order->add_order_note( $note ); 
  827. do_action( 'woocommerce_reduce_order_stock', $order ); 
  828. if ( empty( $return ) ) { 
  829. $return[] = __( 'No products had their stock reduced - they may not have stock management enabled.', 'woocommerce' ); 
  830. echo wp_kses_post( implode( ', ', $return ) ); 
  831. wp_die(); 
  832.  
  833. /** 
  834. * Increase order item stock. 
  835. */ 
  836. public static function increase_order_item_stock() { 
  837. check_ajax_referer( 'order-item', 'security' ); 
  838. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  839. wp_die( -1 ); 
  840. $order_id = absint( $_POST['order_id'] ); 
  841. $order_item_ids = isset( $_POST['order_item_ids'] ) ? $_POST['order_item_ids'] : array(); 
  842. $order_item_qty = isset( $_POST['order_item_qty'] ) ? $_POST['order_item_qty'] : array(); 
  843. $order = wc_get_order( $order_id ); 
  844. $order_items = $order->get_items(); 
  845. $return = array(); 
  846. if ( $order && ! empty( $order_items ) && sizeof( $order_item_ids ) > 0 ) { 
  847. foreach ( $order_items as $item_id => $order_item ) { 
  848. // Only reduce checked items 
  849. if ( ! in_array( $item_id, $order_item_ids ) ) { 
  850. continue; 
  851. $_product = $order_item->get_product(); 
  852. if ( $_product && $_product->exists() && $_product->managing_stock() && isset( $order_item_qty[ $item_id ] ) && $order_item_qty[ $item_id ] > 0 ) { 
  853. $old_stock = $_product->get_stock_quantity(); 
  854. $stock_change = apply_filters( 'woocommerce_restore_order_stock_quantity', $order_item_qty[ $item_id ], $item_id ); 
  855. $new_quantity = wc_update_product_stock( $_product, $stock_change, 'increase' ); 
  856. $item_name = $_product->get_sku() ? $_product->get_sku() : $_product->get_id(); 
  857. $note = sprintf( __( 'Item %1$s stock increased from %2$s to %3$s.', 'woocommerce' ), $item_name, $old_stock, $new_quantity ); 
  858. $return[] = $note; 
  859. $order->add_order_note( $note ); 
  860. do_action( 'woocommerce_restore_order_stock', $order ); 
  861. if ( empty( $return ) ) { 
  862. $return[] = __( 'No products had their stock increased - they may not have stock management enabled.', 'woocommerce' ); 
  863. echo wp_kses_post( implode( ', ', $return ) ); 
  864. wp_die(); 
  865.  
  866. /** 
  867. * Calc line tax. 
  868. */ 
  869. public static function calc_line_taxes() { 
  870. check_ajax_referer( 'calc-totals', 'security' ); 
  871.  
  872. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  873. wp_die( -1 ); 
  874.  
  875. $order_id = absint( $_POST['order_id'] ); 
  876. $calculate_tax_args = array( 
  877. 'country' => strtoupper( wc_clean( $_POST['country'] ) ),  
  878. 'state' => strtoupper( wc_clean( $_POST['state'] ) ),  
  879. 'postcode' => strtoupper( wc_clean( $_POST['postcode'] ) ),  
  880. 'city' => strtoupper( wc_clean( $_POST['city'] ) ),  
  881. ); 
  882.  
  883. // Parse the jQuery serialized items 
  884. $items = array(); 
  885. parse_str( $_POST['items'], $items ); 
  886.  
  887. // Save order items first 
  888. wc_save_order_items( $order_id, $items ); 
  889.  
  890. // Grab the order and recalc taxes 
  891. $order = wc_get_order( $order_id ); 
  892. $order->calculate_taxes( $calculate_tax_args ); 
  893. $order->calculate_totals( false ); 
  894. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  895. wp_die(); 
  896.  
  897. /** 
  898. * Save order items via ajax. 
  899. */ 
  900. public static function save_order_items() { 
  901. check_ajax_referer( 'order-item', 'security' ); 
  902.  
  903. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  904. wp_die( -1 ); 
  905.  
  906. if ( isset( $_POST['order_id'], $_POST['items'] ) ) { 
  907. $order_id = absint( $_POST['order_id'] ); 
  908.  
  909. // Parse the jQuery serialized items 
  910. $items = array(); 
  911. parse_str( $_POST['items'], $items ); 
  912.  
  913. // Save order items 
  914. wc_save_order_items( $order_id, $items ); 
  915.  
  916. // Return HTML items 
  917. $order = wc_get_order( $order_id ); 
  918. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  919. wp_die(); 
  920.  
  921. /** 
  922. * Load order items via ajax. 
  923. */ 
  924. public static function load_order_items() { 
  925. check_ajax_referer( 'order-item', 'security' ); 
  926.  
  927. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  928. wp_die( -1 ); 
  929.  
  930. // Return HTML items 
  931. $order_id = absint( $_POST['order_id'] ); 
  932. $order = wc_get_order( $order_id ); 
  933. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  934. wp_die(); 
  935.  
  936. /** 
  937. * Add order note via ajax. 
  938. */ 
  939. public static function add_order_note() { 
  940. check_ajax_referer( 'add-order-note', 'security' ); 
  941.  
  942. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  943. wp_die( -1 ); 
  944.  
  945. $post_id = absint( $_POST['post_id'] ); 
  946. $note = wp_kses_post( trim( stripslashes( $_POST['note'] ) ) ); 
  947. $note_type = $_POST['note_type']; 
  948.  
  949. $is_customer_note = ( 'customer' === $note_type ) ? 1 : 0; 
  950.  
  951. if ( $post_id > 0 ) { 
  952. $order = wc_get_order( $post_id ); 
  953. $comment_id = $order->add_order_note( $note, $is_customer_note, true ); 
  954.  
  955. echo '<li rel="' . esc_attr( $comment_id ) . '" class="note '; 
  956. if ( $is_customer_note ) { 
  957. echo 'customer-note'; 
  958. echo '"><div class="note_content">'; 
  959. echo wpautop( wptexturize( $note ) ); 
  960. echo '</div><p class="meta"><a href="#" class="delete_note">' . __( 'Delete note', 'woocommerce' ) . '</a></p>'; 
  961. echo '</li>'; 
  962. wp_die(); 
  963.  
  964. /** 
  965. * Delete order note via ajax. 
  966. */ 
  967. public static function delete_order_note() { 
  968. check_ajax_referer( 'delete-order-note', 'security' ); 
  969.  
  970. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  971. wp_die( -1 ); 
  972.  
  973. $note_id = (int) $_POST['note_id']; 
  974.  
  975. if ( $note_id > 0 ) { 
  976. wp_delete_comment( $note_id ); 
  977. wp_die(); 
  978.  
  979. /** 
  980. * Search for products and echo json. 
  981. * @param string $term (default: '') 
  982. * @param bool $include_variations in search or not 
  983. */ 
  984. public static function json_search_products( $term = '', $include_variations = false ) { 
  985. check_ajax_referer( 'search-products', 'security' ); 
  986.  
  987. $term = wc_clean( empty( $term ) ? stripslashes( $_GET['term'] ) : $term ); 
  988.  
  989. if ( empty( $term ) ) { 
  990. wp_die(); 
  991.  
  992. $data_store = WC_Data_Store::load( 'product' ); 
  993. $ids = $data_store->search_products( $term, '', (bool) $include_variations ); 
  994.  
  995. if ( ! empty( $_GET['exclude'] ) ) { 
  996. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  997.  
  998. if ( ! empty( $_GET['include'] ) ) { 
  999. $ids = array_intersect( $ids, (array) $_GET['include'] ); 
  1000.  
  1001. if ( ! empty( $_GET['limit'] ) ) { 
  1002. $ids = array_slice( $ids, 0, absint( $_GET['limit'] ) ); 
  1003.  
  1004. $product_objects = array_filter( array_map( 'wc_get_product', $ids ), 'wc_products_array_filter_editable' ); 
  1005. $products = array(); 
  1006.  
  1007. foreach ( $product_objects as $product_object ) { 
  1008. $products[ $product_object->get_id() ] = rawurldecode( $product_object->get_formatted_name() ); 
  1009.  
  1010. wp_send_json( apply_filters( 'woocommerce_json_search_found_products', $products ) ); 
  1011.  
  1012. /** 
  1013. * Search for product variations and return json. 
  1014. * @see WC_AJAX::json_search_products() 
  1015. */ 
  1016. public static function json_search_products_and_variations() { 
  1017. self::json_search_products( '', true ); 
  1018.  
  1019. /** 
  1020. * Search for downloadable product variations and return json. 
  1021. * @see WC_AJAX::json_search_products() 
  1022. */ 
  1023. public static function json_search_downloadable_products_and_variations() { 
  1024. check_ajax_referer( 'search-products', 'security' ); 
  1025.  
  1026. $term = (string) wc_clean( stripslashes( $_GET['term'] ) ); 
  1027. $data_store = WC_Data_Store::load( 'product' ); 
  1028. $ids = $data_store->search_products( $term, 'downloadable', true ); 
  1029.  
  1030. if ( ! empty( $_GET['exclude'] ) ) { 
  1031. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  1032.  
  1033. if ( ! empty( $_GET['include'] ) ) { 
  1034. $ids = array_intersect( $ids, (array) $_GET['include'] ); 
  1035.  
  1036. if ( ! empty( $_GET['limit'] ) ) { 
  1037. $ids = array_slice( $ids, 0, absint( $_GET['limit'] ) ); 
  1038.  
  1039. $product_objects = array_filter( array_map( 'wc_get_product', $ids ), 'wc_products_array_filter_editable' ); 
  1040. $products = array(); 
  1041.  
  1042. foreach ( $product_objects as $product_object ) { 
  1043. $products[ $product_object->get_id() ] = rawurldecode( $product_object->get_formatted_name() ); 
  1044.  
  1045. wp_send_json( $products ); 
  1046.  
  1047. /** 
  1048. * Search for customers and return json. 
  1049. */ 
  1050. public static function json_search_customers() { 
  1051. ob_start(); 
  1052.  
  1053. check_ajax_referer( 'search-customers', 'security' ); 
  1054.  
  1055. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1056. wp_die( -1 ); 
  1057.  
  1058. $term = wc_clean( stripslashes( $_GET['term'] ) ); 
  1059. $exclude = array(); 
  1060.  
  1061. if ( empty( $term ) ) { 
  1062. wp_die(); 
  1063.  
  1064. // Stop if it is not numeric and smaller than 3 characters. 
  1065. if ( ! is_numeric( $term ) && 2 >= strlen( $term ) ) { 
  1066. wp_die(); 
  1067.  
  1068. // Search by ID. 
  1069. if ( is_numeric( $term ) ) { 
  1070. $customer = new WC_Customer( intval( $term ) ); 
  1071.  
  1072. // Customer does not exists. 
  1073. if ( 0 === $customer->get_id() ) { 
  1074. wp_die(); 
  1075.  
  1076. $ids = array( $customer->get_id() ); 
  1077. } else { 
  1078. $data_store = WC_Data_Store::load( 'customer' ); 
  1079. $ids = $data_store->search_customers( $term ); 
  1080.  
  1081. $found_customers = array(); 
  1082.  
  1083. if ( ! empty( $_GET['exclude'] ) ) { 
  1084. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  1085.  
  1086. foreach ( $ids as $id ) { 
  1087. $customer = new WC_Customer( $id ); 
  1088. /** translators: 1: user display name 2: user ID 3: user email */ 
  1089. $found_customers[ $id ] = sprintf( 
  1090. esc_html__( '%1$s (#%2$s – %3$s)', 'woocommerce' ),  
  1091. $customer->get_first_name() . ' ' . $customer->get_last_name(),  
  1092. $customer->get_id(),  
  1093. $customer->get_email() 
  1094. ); 
  1095.  
  1096. wp_send_json( apply_filters( 'woocommerce_json_search_found_customers', $found_customers ) ); 
  1097.  
  1098. /** 
  1099. * Ajax request handling for categories ordering. 
  1100. */ 
  1101. public static function term_ordering() { 
  1102.  
  1103. // check permissions again and make sure we have what we need 
  1104. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['id'] ) ) { 
  1105. wp_die( -1 ); 
  1106.  
  1107. $id = (int) $_POST['id']; 
  1108. $next_id = isset( $_POST['nextid'] ) && (int) $_POST['nextid'] ? (int) $_POST['nextid'] : null; 
  1109. $taxonomy = isset( $_POST['thetaxonomy'] ) ? esc_attr( $_POST['thetaxonomy'] ) : null; 
  1110. $term = get_term_by( 'id', $id, $taxonomy ); 
  1111.  
  1112. if ( ! $id || ! $term || ! $taxonomy ) { 
  1113. wp_die( 0 ); 
  1114.  
  1115. wc_reorder_terms( $term, $next_id, $taxonomy ); 
  1116.  
  1117. $children = get_terms( $taxonomy, "child_of=$id&menu_order=ASC&hide_empty=0" ); 
  1118.  
  1119. if ( $term && sizeof( $children ) ) { 
  1120. echo 'children'; 
  1121. wp_die(); 
  1122.  
  1123. /** 
  1124. * Ajax request handling for product ordering. 
  1125. * Based on Simple Page Ordering by 10up (https://wordpress.org/plugins/simple-page-ordering/). 
  1126. */ 
  1127. public static function product_ordering() { 
  1128. global $wpdb; 
  1129.  
  1130. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['id'] ) ) { 
  1131. wp_die( -1 ); 
  1132.  
  1133. $sorting_id = absint( $_POST['id'] ); 
  1134. $previd = absint( isset( $_POST['previd'] ) ? $_POST['previd'] : 0 ); 
  1135. $nextid = absint( isset( $_POST['nextid'] ) ? $_POST['nextid'] : 0 ); 
  1136. $menu_orders = wp_list_pluck( $wpdb->get_results( "SELECT ID, menu_order FROM {$wpdb->posts} WHERE post_type = 'product' ORDER BY menu_order ASC, post_title ASC" ), 'menu_order', 'ID' ); 
  1137. $index = 0; 
  1138.  
  1139. foreach ( $menu_orders as $id => $menu_order ) { 
  1140. $id = absint( $id ); 
  1141.  
  1142. if ( $sorting_id === $id ) { 
  1143. continue; 
  1144. if ( $nextid === $id ) { 
  1145. $index ++; 
  1146. $index ++; 
  1147. $menu_orders[ $id ] = $index; 
  1148. $wpdb->update( $wpdb->posts, array( 'menu_order' => $index ), array( 'ID' => $id ) ); 
  1149.  
  1150. if ( isset( $menu_orders[ $previd ] ) ) { 
  1151. $menu_orders[ $sorting_id ] = $menu_orders[ $previd ] + 1; 
  1152. } elseif ( isset( $menu_orders[ $nextid ] ) ) { 
  1153. $menu_orders[ $sorting_id ] = $menu_orders[ $nextid ] - 1; 
  1154. } else { 
  1155. $menu_orders[ $sorting_id ] = 0; 
  1156.  
  1157. $wpdb->update( $wpdb->posts, array( 'menu_order' => $menu_orders[ $sorting_id ] ), array( 'ID' => $sorting_id ) ); 
  1158.  
  1159. do_action( 'woocommerce_after_product_ordering' ); 
  1160. wp_send_json( $menu_orders ); 
  1161.  
  1162. /** 
  1163. * Handle a refund via the edit order screen. 
  1164. */ 
  1165. public static function refund_line_items() { 
  1166. ob_start(); 
  1167.  
  1168. check_ajax_referer( 'order-item', 'security' ); 
  1169.  
  1170. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1171. wp_die( -1 ); 
  1172.  
  1173. $order_id = absint( $_POST['order_id'] ); 
  1174. $refund_amount = wc_format_decimal( sanitize_text_field( $_POST['refund_amount'] ), wc_get_price_decimals() ); 
  1175. $refund_reason = sanitize_text_field( $_POST['refund_reason'] ); 
  1176. $line_item_qtys = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_qtys'] ) ), true ); 
  1177. $line_item_totals = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_totals'] ) ), true ); 
  1178. $line_item_tax_totals = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_tax_totals'] ) ), true ); 
  1179. $api_refund = 'true' === $_POST['api_refund']; 
  1180. $restock_refunded_items = 'true' === $_POST['restock_refunded_items']; 
  1181. $refund = false; 
  1182. $response_data = array(); 
  1183.  
  1184. try { 
  1185. $order = wc_get_order( $order_id ); 
  1186. $order_items = $order->get_items(); 
  1187. $max_refund = wc_format_decimal( $order->get_total() - $order->get_total_refunded(), wc_get_price_decimals() ); 
  1188.  
  1189. if ( ! $refund_amount || $max_refund < $refund_amount || 0 > $refund_amount ) { 
  1190. throw new exception( __( 'Invalid refund amount', 'woocommerce' ) ); 
  1191.  
  1192. // Prepare line items which we are refunding 
  1193. $line_items = array(); 
  1194. $item_ids = array_unique( array_merge( array_keys( $line_item_qtys, $line_item_totals ) ) ); 
  1195.  
  1196. foreach ( $item_ids as $item_id ) { 
  1197. $line_items[ $item_id ] = array( 'qty' => 0, 'refund_total' => 0, 'refund_tax' => array() ); 
  1198. foreach ( $line_item_qtys as $item_id => $qty ) { 
  1199. $line_items[ $item_id ]['qty'] = max( $qty, 0 ); 
  1200. foreach ( $line_item_totals as $item_id => $total ) { 
  1201. $line_items[ $item_id ]['refund_total'] = wc_format_decimal( $total ); 
  1202. foreach ( $line_item_tax_totals as $item_id => $tax_totals ) { 
  1203. $line_items[ $item_id ]['refund_tax'] = array_filter( array_map( 'wc_format_decimal', $tax_totals ) ); 
  1204.  
  1205. // Create the refund object. 
  1206. $refund = wc_create_refund( array( 
  1207. 'amount' => $refund_amount,  
  1208. 'reason' => $refund_reason,  
  1209. 'order_id' => $order_id,  
  1210. 'line_items' => $line_items,  
  1211. 'refund_payment' => $api_refund,  
  1212. 'restock_items' => $restock_refunded_items,  
  1213. ) ); 
  1214.  
  1215. if ( is_wp_error( $refund ) ) { 
  1216. throw new Exception( $refund->get_error_message() ); 
  1217.  
  1218. if ( did_action( 'woocommerce_order_fully_refunded' ) ) { 
  1219. $response_data['status'] = 'fully_refunded'; 
  1220.  
  1221. wp_send_json_success( $response_data ); 
  1222.  
  1223. } catch ( Exception $e ) { 
  1224. if ( $refund && is_a( $refund, 'WC_Order_Refund' ) ) { 
  1225. wp_delete_post( $refund->get_id(), true ); 
  1226. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  1227.  
  1228. /** 
  1229. * Delete a refund. 
  1230. */ 
  1231. public static function delete_refund() { 
  1232. check_ajax_referer( 'order-item', 'security' ); 
  1233.  
  1234. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1235. wp_die( -1 ); 
  1236.  
  1237. $refund_ids = array_map( 'absint', is_array( $_POST['refund_id'] ) ? $_POST['refund_id'] : array( $_POST['refund_id'] ) ); 
  1238. foreach ( $refund_ids as $refund_id ) { 
  1239. if ( $refund_id && 'shop_order_refund' === get_post_type( $refund_id ) ) { 
  1240. $refund = wc_get_order( $refund_id ); 
  1241. $order_id = $refund->get_parent_id(); 
  1242. $refund->delete( true ); 
  1243. do_action( 'woocommerce_refund_deleted', $refund_id, $order_id ); 
  1244. wp_die(); 
  1245.  
  1246. /** 
  1247. * Triggered when clicking the rating footer. 
  1248. */ 
  1249. public static function rated() { 
  1250. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1251. wp_die( -1 ); 
  1252. update_option( 'woocommerce_admin_footer_text_rated', 1 ); 
  1253. wp_die(); 
  1254.  
  1255. /** 
  1256. * Create/Update API key. 
  1257. */ 
  1258. public static function update_api_key() { 
  1259. ob_start(); 
  1260.  
  1261. global $wpdb; 
  1262.  
  1263. check_ajax_referer( 'update-api-key', 'security' ); 
  1264.  
  1265. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1266. wp_die( -1 ); 
  1267.  
  1268. try { 
  1269. if ( empty( $_POST['description'] ) ) { 
  1270. throw new Exception( __( 'Description is missing.', 'woocommerce' ) ); 
  1271. if ( empty( $_POST['user'] ) ) { 
  1272. throw new Exception( __( 'User is missing.', 'woocommerce' ) ); 
  1273. if ( empty( $_POST['permissions'] ) ) { 
  1274. throw new Exception( __( 'Permissions is missing.', 'woocommerce' ) ); 
  1275.  
  1276. $key_id = absint( $_POST['key_id'] ); 
  1277. $description = sanitize_text_field( wp_unslash( $_POST['description'] ) ); 
  1278. $permissions = ( in_array( $_POST['permissions'], array( 'read', 'write', 'read_write' ) ) ) ? sanitize_text_field( $_POST['permissions'] ) : 'read'; 
  1279. $user_id = absint( $_POST['user'] ); 
  1280.  
  1281. if ( 0 < $key_id ) { 
  1282. $data = array( 
  1283. 'user_id' => $user_id,  
  1284. 'description' => $description,  
  1285. 'permissions' => $permissions,  
  1286. ); 
  1287.  
  1288. $wpdb->update( 
  1289. $wpdb->prefix . 'woocommerce_api_keys',  
  1290. $data,  
  1291. array( 'key_id' => $key_id ),  
  1292. array( 
  1293. '%d',  
  1294. '%s',  
  1295. '%s',  
  1296. ),  
  1297. array( '%d' ) 
  1298. ); 
  1299.  
  1300. $data['consumer_key'] = ''; 
  1301. $data['consumer_secret'] = ''; 
  1302. $data['message'] = __( 'API Key updated successfully.', 'woocommerce' ); 
  1303. } else { 
  1304. $consumer_key = 'ck_' . wc_rand_hash(); 
  1305. $consumer_secret = 'cs_' . wc_rand_hash(); 
  1306.  
  1307. $data = array( 
  1308. 'user_id' => $user_id,  
  1309. 'description' => $description,  
  1310. 'permissions' => $permissions,  
  1311. 'consumer_key' => wc_api_hash( $consumer_key ),  
  1312. 'consumer_secret' => $consumer_secret,  
  1313. 'truncated_key' => substr( $consumer_key, -7 ),  
  1314. ); 
  1315.  
  1316. $wpdb->insert( 
  1317. $wpdb->prefix . 'woocommerce_api_keys',  
  1318. $data,  
  1319. array( 
  1320. '%d',  
  1321. '%s',  
  1322. '%s',  
  1323. '%s',  
  1324. '%s',  
  1325. '%s',  
  1326. ); 
  1327.  
  1328. $key_id = $wpdb->insert_id; 
  1329. $data['consumer_key'] = $consumer_key; 
  1330. $data['consumer_secret'] = $consumer_secret; 
  1331. $data['message'] = __( 'API Key generated successfully. Make sure to copy your new API keys now. You won\'t be able to see it again!', 'woocommerce' ); 
  1332. $data['revoke_url'] = '<a style="color: #a00; text-decoration: none;" href="' . esc_url( wp_nonce_url( add_query_arg( array( 'revoke-key' => $key_id ), admin_url( 'admin.php?page=wc-settings&tab=api§ion=keys' ) ), 'revoke' ) ) . '">' . __( 'Revoke key', 'woocommerce' ) . '</a>'; 
  1333.  
  1334. wp_send_json_success( $data ); 
  1335. } catch ( Exception $e ) { 
  1336. wp_send_json_error( array( 'message' => $e->getMessage() ) ); 
  1337.  
  1338. /** 
  1339. * Load variations via AJAX. 
  1340. */ 
  1341. public static function load_variations() { 
  1342. ob_start(); 
  1343.  
  1344. check_ajax_referer( 'load-variations', 'security' ); 
  1345.  
  1346. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['product_id'] ) ) { 
  1347. wp_die( -1 ); 
  1348.  
  1349. // Set $post global so its available, like within the admin screens 
  1350. global $post; 
  1351.  
  1352. $loop = 0; 
  1353. $product_id = absint( $_POST['product_id'] ); 
  1354. $post = get_post( $product_id ); 
  1355. $product_object = wc_get_product( $product_id ); 
  1356. $per_page = ! empty( $_POST['per_page'] ) ? absint( $_POST['per_page'] ) : 10; 
  1357. $page = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1; 
  1358. $variations = wc_get_products( array( 
  1359. 'status' => array( 'private', 'publish' ),  
  1360. 'type' => 'variation',  
  1361. 'parent' => $product_id,  
  1362. 'limit' => $per_page,  
  1363. 'page' => $page,  
  1364. 'orderby' => array( 
  1365. 'menu_order' => 'ASC',  
  1366. 'ID' => 'DESC',  
  1367. ),  
  1368. 'return' => 'objects',  
  1369. ) ); 
  1370.  
  1371. if ( $variations ) { 
  1372. foreach ( $variations as $variation_object ) { 
  1373. $variation_id = $variation_object->get_id(); 
  1374. $variation = get_post( $variation_id ); 
  1375. $variation_data = array_merge( array_map( 'maybe_unserialize', get_post_custom( $variation_id ) ), wc_get_product_variation_attributes( $variation_id ) ); // kept for BW compat. 
  1376. include( 'admin/meta-boxes/views/html-variation-admin.php' ); 
  1377. $loop++; 
  1378. wp_die(); 
  1379.  
  1380. /** 
  1381. * Save variations via AJAX. 
  1382. */ 
  1383. public static function save_variations() { 
  1384. ob_start(); 
  1385.  
  1386. check_ajax_referer( 'save-variations', 'security' ); 
  1387.  
  1388. // Check permissions again and make sure we have what we need 
  1389. if ( ! current_user_can( 'edit_products' ) || empty( $_POST ) || empty( $_POST['product_id'] ) ) { 
  1390. wp_die( -1 ); 
  1391.  
  1392. $product_id = absint( $_POST['product_id'] ); 
  1393. WC_Admin_Meta_Boxes::$meta_box_errors = array(); 
  1394. WC_Meta_Box_Product_Data::save_variations( $product_id, get_post( $product_id ) ); 
  1395.  
  1396. do_action( 'woocommerce_ajax_save_product_variations', $product_id ); 
  1397.  
  1398. if ( $errors = WC_Admin_Meta_Boxes::$meta_box_errors ) { 
  1399. echo '<div class="error notice is-dismissible">'; 
  1400.  
  1401. foreach ( $errors as $error ) { 
  1402. echo '<p>' . wp_kses_post( $error ) . '</p>'; 
  1403.  
  1404. echo '<button type="button" class="notice-dismiss"><span class="screen-reader-text">' . __( 'Dismiss this notice.', 'woocommerce' ) . '</span></button>'; 
  1405. echo '</div>'; 
  1406.  
  1407. delete_option( 'woocommerce_meta_box_errors' ); 
  1408.  
  1409. wp_die(); 
  1410.  
  1411. /** 
  1412. * Bulk action - Toggle Enabled. 
  1413. * @access private 
  1414. * @used-by bulk_edit_variations 
  1415. * @param array $variations 
  1416. * @param array $data 
  1417. */ 
  1418. private static function variation_bulk_action_toggle_enabled( $variations, $data ) { 
  1419. foreach ( $variations as $variation_id ) { 
  1420. $variation = wc_get_product( $variation_id ); 
  1421. $variation->set_status( 'private' === $variation->get_status( 'edit' ) ? 'publish' : 'private' ); 
  1422. $variation->save(); 
  1423.  
  1424. /** 
  1425. * Bulk action - Toggle Downloadable Checkbox. 
  1426. * @access private 
  1427. * @used-by bulk_edit_variations 
  1428. * @param array $variations 
  1429. * @param array $data 
  1430. */ 
  1431. private static function variation_bulk_action_toggle_downloadable( $variations, $data ) { 
  1432. self::variation_bulk_toggle( $variations, 'downloadable' ); 
  1433.  
  1434. /** 
  1435. * Bulk action - Toggle Virtual Checkbox. 
  1436. * @access private 
  1437. * @used-by bulk_edit_variations 
  1438. * @param array $variations 
  1439. * @param array $data 
  1440. */ 
  1441. private static function variation_bulk_action_toggle_virtual( $variations, $data ) { 
  1442. self::variation_bulk_toggle( $variations, 'virtual' ); 
  1443.  
  1444. /** 
  1445. * Bulk action - Toggle Manage Stock Checkbox. 
  1446. * @access private 
  1447. * @used-by bulk_edit_variations 
  1448. * @param array $variations 
  1449. * @param array $data 
  1450. */ 
  1451. private static function variation_bulk_action_toggle_manage_stock( $variations, $data ) { 
  1452. self::variation_bulk_toggle( $variations, 'manage_stock' ); 
  1453.  
  1454. /** 
  1455. * Bulk action - Set Regular Prices. 
  1456. * @access private 
  1457. * @used-by bulk_edit_variations 
  1458. * @param array $variations 
  1459. * @param array $data 
  1460. */ 
  1461. private static function variation_bulk_action_variable_regular_price( $variations, $data ) { 
  1462. self::variation_bulk_set( $variations, 'regular_price', $data['value'] ); 
  1463.  
  1464. /** 
  1465. * Bulk action - Set Sale Prices. 
  1466. * @access private 
  1467. * @used-by bulk_edit_variations 
  1468. * @param array $variations 
  1469. * @param array $data 
  1470. */ 
  1471. private static function variation_bulk_action_variable_sale_price( $variations, $data ) { 
  1472. self::variation_bulk_set( $variations, 'sale_price', $data['value'] ); 
  1473.  
  1474. /** 
  1475. * Bulk action - Set Stock. 
  1476. * @access private 
  1477. * @used-by bulk_edit_variations 
  1478. * @param array $variations 
  1479. * @param array $data 
  1480. */ 
  1481. private static function variation_bulk_action_variable_stock( $variations, $data ) { 
  1482. if ( ! isset( $data['value'] ) ) { 
  1483. return; 
  1484.  
  1485. $quantity = wc_stock_amount( wc_clean( $data['value'] ) ); 
  1486.  
  1487. foreach ( $variations as $variation_id ) { 
  1488. $variation = wc_get_product( $variation_id ); 
  1489. if ( $variation->managing_stock() ) { 
  1490. $variation->set_stock_quantity( $quantity ); 
  1491. } else { 
  1492. $variation->set_stock_quantity( null ); 
  1493. $variation->save(); 
  1494.  
  1495. /** 
  1496. * Bulk action - Set Weight. 
  1497. * @access private 
  1498. * @used-by bulk_edit_variations 
  1499. * @param array $variations 
  1500. * @param array $data 
  1501. */ 
  1502. private static function variation_bulk_action_variable_weight( $variations, $data ) { 
  1503. self::variation_bulk_set( $variations, 'weight', $data['value'] ); 
  1504.  
  1505. /** 
  1506. * Bulk action - Set Length. 
  1507. * @access private 
  1508. * @used-by bulk_edit_variations 
  1509. * @param array $variations 
  1510. * @param array $data 
  1511. */ 
  1512. private static function variation_bulk_action_variable_length( $variations, $data ) { 
  1513. self::variation_bulk_set( $variations, 'length', $data['value'] ); 
  1514.  
  1515. /** 
  1516. * Bulk action - Set Width. 
  1517. * @access private 
  1518. * @used-by bulk_edit_variations 
  1519. * @param array $variations 
  1520. * @param array $data 
  1521. */ 
  1522. private static function variation_bulk_action_variable_width( $variations, $data ) { 
  1523. self::variation_bulk_set( $variations, 'width', $data['value'] ); 
  1524.  
  1525. /** 
  1526. * Bulk action - Set Height. 
  1527. * @access private 
  1528. * @used-by bulk_edit_variations 
  1529. * @param array $variations 
  1530. * @param array $data 
  1531. */ 
  1532. private static function variation_bulk_action_variable_height( $variations, $data ) { 
  1533. self::variation_bulk_set( $variations, 'height', $data['value'] ); 
  1534.  
  1535. /** 
  1536. * Bulk action - Set Download Limit. 
  1537. * @access private 
  1538. * @used-by bulk_edit_variations 
  1539. * @param array $variations 
  1540. * @param array $data 
  1541. */ 
  1542. private static function variation_bulk_action_variable_download_limit( $variations, $data ) { 
  1543. self::variation_bulk_set( $variations, 'download_limit', $data['value'] ); 
  1544.  
  1545. /** 
  1546. * Bulk action - Set Download Expiry. 
  1547. * @access private 
  1548. * @used-by bulk_edit_variations 
  1549. * @param array $variations 
  1550. * @param array $data 
  1551. */ 
  1552. private static function variation_bulk_action_variable_download_expiry( $variations, $data ) { 
  1553. self::variation_bulk_set( $variations, 'download_expiry', $data['value'] ); 
  1554.  
  1555. /** 
  1556. * Bulk action - Delete all. 
  1557. * @access private 
  1558. * @used-by bulk_edit_variations 
  1559. * @param array $variations 
  1560. * @param array $data 
  1561. */ 
  1562. private static function variation_bulk_action_delete_all( $variations, $data ) { 
  1563. if ( isset( $data['allowed'] ) && 'true' === $data['allowed'] ) { 
  1564. foreach ( $variations as $variation_id ) { 
  1565. $variation = wc_get_product( $variation_id ); 
  1566. $variation->delete( true ); 
  1567.  
  1568. /** 
  1569. * Bulk action - Sale Schedule. 
  1570. * @access private 
  1571. * @used-by bulk_edit_variations 
  1572. * @param array $variations 
  1573. * @param array $data 
  1574. */ 
  1575. private static function variation_bulk_action_variable_sale_schedule( $variations, $data ) { 
  1576. if ( ! isset( $data['date_from'] ) && ! isset( $data['date_to'] ) ) { 
  1577. return; 
  1578.  
  1579. foreach ( $variations as $variation_id ) { 
  1580. $variation = wc_get_product( $variation_id ); 
  1581.  
  1582. if ( 'false' !== $data['date_from'] ) { 
  1583. $variation->set_date_on_sale_from( wc_clean( $data['date_from'] ) ); 
  1584.  
  1585. if ( 'false' !== $data['date_to'] ) { 
  1586. $variation->set_date_on_sale_to( wc_clean( $data['date_to'] ) ); 
  1587.  
  1588. $variation->save(); 
  1589.  
  1590. /** 
  1591. * Bulk action - Increase Regular Prices. 
  1592. * @access private 
  1593. * @used-by bulk_edit_variations 
  1594. * @param array $variations 
  1595. * @param array $data 
  1596. */ 
  1597. private static function variation_bulk_action_variable_regular_price_increase( $variations, $data ) { 
  1598. self::variation_bulk_adjust_price( $variations, 'regular_price', '+', wc_clean( $data['value'] ) ); 
  1599.  
  1600. /** 
  1601. * Bulk action - Decrease Regular Prices. 
  1602. * @access private 
  1603. * @used-by bulk_edit_variations 
  1604. * @param array $variations 
  1605. * @param array $data 
  1606. */ 
  1607. private static function variation_bulk_action_variable_regular_price_decrease( $variations, $data ) { 
  1608. self::variation_bulk_adjust_price( $variations, 'regular_price', '-', wc_clean( $data['value'] ) ); 
  1609.  
  1610. /** 
  1611. * Bulk action - Increase Sale Prices. 
  1612. * @access private 
  1613. * @used-by bulk_edit_variations 
  1614. * @param array $variations 
  1615. * @param array $data 
  1616. */ 
  1617. private static function variation_bulk_action_variable_sale_price_increase( $variations, $data ) { 
  1618. self::variation_bulk_adjust_price( $variations, 'sale_price', '+', wc_clean( $data['value'] ) ); 
  1619.  
  1620. /** 
  1621. * Bulk action - Decrease Sale Prices. 
  1622. * @access private 
  1623. * @used-by bulk_edit_variations 
  1624. * @param array $variations 
  1625. * @param array $data 
  1626. */ 
  1627. private static function variation_bulk_action_variable_sale_price_decrease( $variations, $data ) { 
  1628. self::variation_bulk_adjust_price( $variations, 'sale_price', '-', wc_clean( $data['value'] ) ); 
  1629.  
  1630. /** 
  1631. * Bulk action - Set Price. 
  1632. * @access private 
  1633. * @used-by bulk_edit_variations 
  1634. * @param array $variations 
  1635. * @param string $operator + or - 
  1636. * @param string $field price being adjusted _regular_price or _sale_price 
  1637. * @param string $value Price or Percent 
  1638. */ 
  1639. private static function variation_bulk_adjust_price( $variations, $field, $operator, $value ) { 
  1640. foreach ( $variations as $variation_id ) { 
  1641. $variation = wc_get_product( $variation_id ); 
  1642. $field_value = $variation->{"get_$field"}( 'edit' ); 
  1643.  
  1644. if ( '%' === substr( $value, -1 ) ) { 
  1645. $percent = wc_format_decimal( substr( $value, 0, -1 ) ); 
  1646. $field_value += ( ( $field_value / 100 ) * $percent ) * "{$operator}1"; 
  1647. } else { 
  1648. $field_value += $value * "{$operator}1"; 
  1649.  
  1650. $variation->{"set_$field"}( $field_value ); 
  1651. $variation->save(); 
  1652.  
  1653. /** 
  1654. * Bulk set convenience function. 
  1655. * @access private 
  1656. * @param array $variations 
  1657. * @param string $field 
  1658. * @param string $value 
  1659. */ 
  1660. private static function variation_bulk_set( $variations, $field, $value ) { 
  1661. foreach ( $variations as $variation_id ) { 
  1662. $variation = wc_get_product( $variation_id ); 
  1663. $variation->{ "set_$field" }( wc_clean( $value ) ); 
  1664. $variation->save(); 
  1665.  
  1666. /** 
  1667. * Bulk toggle convenience function. 
  1668. * @access private 
  1669. * @param array $variations 
  1670. * @param string $field 
  1671. */ 
  1672. private static function variation_bulk_toggle( $variations, $field ) { 
  1673. foreach ( $variations as $variation_id ) { 
  1674. $variation = wc_get_product( $variation_id ); 
  1675. $prev_value = $variation->{ "get_$field" }( 'edit' ); 
  1676. $variation->{ "set_$field" }( ! $prev_value ); 
  1677. $variation->save(); 
  1678.  
  1679. /** 
  1680. * Bulk edit variations via AJAX. 
  1681. * @uses WC_AJAX::variation_bulk_set() 
  1682. * @uses WC_AJAX::variation_bulk_adjust_price() 
  1683. * @uses WC_AJAX::variation_bulk_action_variable_sale_price_decrease() 
  1684. * @uses WC_AJAX::variation_bulk_action_variable_sale_price_increase() 
  1685. * @uses WC_AJAX::variation_bulk_action_variable_regular_price_decrease() 
  1686. * @uses WC_AJAX::variation_bulk_action_variable_regular_price_increase() 
  1687. * @uses WC_AJAX::variation_bulk_action_variable_sale_schedule() 
  1688. * @uses WC_AJAX::variation_bulk_action_delete_all() 
  1689. * @uses WC_AJAX::variation_bulk_action_variable_download_expiry() 
  1690. * @uses WC_AJAX::variation_bulk_action_variable_download_limit() 
  1691. * @uses WC_AJAX::variation_bulk_action_variable_height() 
  1692. * @uses WC_AJAX::variation_bulk_action_variable_width() 
  1693. * @uses WC_AJAX::variation_bulk_action_variable_length() 
  1694. * @uses WC_AJAX::variation_bulk_action_variable_weight() 
  1695. * @uses WC_AJAX::variation_bulk_action_variable_stock() 
  1696. * @uses WC_AJAX::variation_bulk_action_variable_sale_price() 
  1697. * @uses WC_AJAX::variation_bulk_action_variable_regular_price() 
  1698. * @uses WC_AJAX::variation_bulk_action_toggle_manage_stock() 
  1699. * @uses WC_AJAX::variation_bulk_action_toggle_virtual() 
  1700. * @uses WC_AJAX::variation_bulk_action_toggle_downloadable() 
  1701. * @uses WC_AJAX::variation_bulk_action_toggle_enabled 
  1702. */ 
  1703. public static function bulk_edit_variations() { 
  1704. ob_start(); 
  1705.  
  1706. check_ajax_referer( 'bulk-edit-variations', 'security' ); 
  1707.  
  1708. // Check permissions again and make sure we have what we need 
  1709. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['product_id'] ) || empty( $_POST['bulk_action'] ) ) { 
  1710. wp_die( -1 ); 
  1711.  
  1712. $product_id = absint( $_POST['product_id'] ); 
  1713. $bulk_action = wc_clean( $_POST['bulk_action'] ); 
  1714. $data = ! empty( $_POST['data'] ) ? array_map( 'wc_clean', $_POST['data'] ) : array(); 
  1715. $variations = array(); 
  1716.  
  1717. if ( apply_filters( 'woocommerce_bulk_edit_variations_need_children', true ) ) { 
  1718. $variations = get_posts( array( 
  1719. 'post_parent' => $product_id,  
  1720. 'posts_per_page' => -1,  
  1721. 'post_type' => 'product_variation',  
  1722. 'fields' => 'ids',  
  1723. 'post_status' => array( 'publish', 'private' ),  
  1724. ) ); 
  1725.  
  1726. if ( method_exists( __CLASS__, "variation_bulk_action_$bulk_action" ) ) { 
  1727. call_user_func( array( __CLASS__, "variation_bulk_action_$bulk_action" ), $variations, $data ); 
  1728. } else { 
  1729. do_action( 'woocommerce_bulk_edit_variations_default', $bulk_action, $data, $product_id, $variations ); 
  1730.  
  1731. do_action( 'woocommerce_bulk_edit_variations', $bulk_action, $data, $product_id, $variations ); 
  1732. WC_Product_Variable::sync( $product_id ); 
  1733. wc_delete_product_transients( $product_id ); 
  1734. wp_die(); 
  1735.  
  1736. /** 
  1737. * Handle submissions from assets/js/settings-views-html-settings-tax.js Backbone model. 
  1738. */ 
  1739. public static function tax_rates_save_changes() { 
  1740. if ( ! isset( $_POST['wc_tax_nonce'], $_POST['changes'] ) ) { 
  1741. wp_send_json_error( 'missing_fields' ); 
  1742. exit; 
  1743.  
  1744. $current_class = ! empty( $_POST['current_class'] ) ? $_POST['current_class'] : ''; // This is sanitized seven lines later. 
  1745.  
  1746. if ( ! wp_verify_nonce( $_POST['wc_tax_nonce'], 'wc_tax_nonce-class:' . $current_class ) ) { 
  1747. wp_send_json_error( 'bad_nonce' ); 
  1748. exit; 
  1749.  
  1750. $current_class = WC_Tax::format_tax_rate_class( $current_class ); 
  1751.  
  1752. // Check User Caps 
  1753. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1754. wp_send_json_error( 'missing_capabilities' ); 
  1755. exit; 
  1756.  
  1757. $changes = $_POST['changes']; 
  1758. foreach ( $changes as $tax_rate_id => $data ) { 
  1759. if ( isset( $data['deleted'] ) ) { 
  1760. if ( isset( $data['newRow'] ) ) { 
  1761. // So the user added and deleted a new row. 
  1762. // That's fine, it's not in the database anyways. NEXT! 
  1763. continue; 
  1764. WC_Tax::_delete_tax_rate( $tax_rate_id ); 
  1765.  
  1766. $tax_rate = array_intersect_key( $data, array( 
  1767. 'tax_rate_country' => 1,  
  1768. 'tax_rate_state' => 1,  
  1769. 'tax_rate' => 1,  
  1770. 'tax_rate_name' => 1,  
  1771. 'tax_rate_priority' => 1,  
  1772. 'tax_rate_compound' => 1,  
  1773. 'tax_rate_shipping' => 1,  
  1774. 'tax_rate_order' => 1,  
  1775. ) ); 
  1776.  
  1777. if ( isset( $data['newRow'] ) ) { 
  1778. // Hurrah, shiny and new! 
  1779. $tax_rate['tax_rate_class'] = $current_class; 
  1780. $tax_rate_id = WC_Tax::_insert_tax_rate( $tax_rate ); 
  1781. } else { 
  1782. // Updating an existing rate ... 
  1783. if ( ! empty( $tax_rate ) ) { 
  1784. WC_Tax::_update_tax_rate( $tax_rate_id, $tax_rate ); 
  1785.  
  1786. if ( isset( $data['postcode'] ) ) { 
  1787. $postcode = array_map( 'wc_clean', $data['postcode'] ); 
  1788. $postcode = array_map( 'wc_normalize_postcode', $postcode ); 
  1789. WC_Tax::_update_tax_rate_postcodes( $tax_rate_id, $postcode ); 
  1790. if ( isset( $data['city'] ) ) { 
  1791. WC_Tax::_update_tax_rate_cities( $tax_rate_id, array_map( 'wc_clean', $data['city'] ) ); 
  1792.  
  1793. wp_send_json_success( array( 
  1794. 'rates' => WC_Tax::get_rates_for_tax_class( $current_class ),  
  1795. ) ); 
  1796.  
  1797. /** 
  1798. * Handle submissions from assets/js/wc-shipping-zones.js Backbone model. 
  1799. */ 
  1800. public static function shipping_zones_save_changes() { 
  1801. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['changes'] ) ) { 
  1802. wp_send_json_error( 'missing_fields' ); 
  1803. exit; 
  1804.  
  1805. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1806. wp_send_json_error( 'bad_nonce' ); 
  1807. exit; 
  1808.  
  1809. // Check User Caps 
  1810. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1811. wp_send_json_error( 'missing_capabilities' ); 
  1812. exit; 
  1813.  
  1814. $changes = $_POST['changes']; 
  1815. foreach ( $changes as $zone_id => $data ) { 
  1816. if ( isset( $data['deleted'] ) ) { 
  1817. if ( isset( $data['newRow'] ) ) { 
  1818. // So the user added and deleted a new row. 
  1819. // That's fine, it's not in the database anyways. NEXT! 
  1820. continue; 
  1821. WC_Shipping_Zones::delete_zone( $zone_id ); 
  1822. continue; 
  1823.  
  1824. $zone_data = array_intersect_key( $data, array( 
  1825. 'zone_id' => 1,  
  1826. 'zone_order' => 1,  
  1827. ) ); 
  1828.  
  1829. if ( isset( $zone_data['zone_id'] ) ) { 
  1830. $zone = new WC_Shipping_Zone( $zone_data['zone_id'] ); 
  1831.  
  1832. if ( isset( $zone_data['zone_order'] ) ) { 
  1833. $zone->set_zone_order( $zone_data['zone_order'] ); 
  1834.  
  1835. $zone->save(); 
  1836.  
  1837. wp_send_json_success( array( 
  1838. 'zones' => WC_Shipping_Zones::get_zones(),  
  1839. ) ); 
  1840.  
  1841. /** 
  1842. * Handle submissions from assets/js/wc-shipping-zone-methods.js Backbone model. 
  1843. */ 
  1844. public static function shipping_zone_add_method() { 
  1845. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['zone_id'], $_POST['method_id'] ) ) { 
  1846. wp_send_json_error( 'missing_fields' ); 
  1847. exit; 
  1848.  
  1849. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1850. wp_send_json_error( 'bad_nonce' ); 
  1851. exit; 
  1852.  
  1853. // Check User Caps 
  1854. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1855. wp_send_json_error( 'missing_capabilities' ); 
  1856. exit; 
  1857.  
  1858. $zone_id = wc_clean( $_POST['zone_id'] ); 
  1859. $zone = new WC_Shipping_Zone( $zone_id ); 
  1860. $instance_id = $zone->add_shipping_method( wc_clean( $_POST['method_id'] ) ); 
  1861.  
  1862. wp_send_json_success( array( 
  1863. 'instance_id' => $instance_id,  
  1864. 'zone_id' => $zone->get_id(),  
  1865. 'zone_name' => $zone->get_zone_name(),  
  1866. 'methods' => $zone->get_shipping_methods(),  
  1867. ) ); 
  1868.  
  1869. /** 
  1870. * Handle submissions from assets/js/wc-shipping-zone-methods.js Backbone model. 
  1871. */ 
  1872. public static function shipping_zone_methods_save_changes() { 
  1873. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['zone_id'], $_POST['changes'] ) ) { 
  1874. wp_send_json_error( 'missing_fields' ); 
  1875. exit; 
  1876.  
  1877. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1878. wp_send_json_error( 'bad_nonce' ); 
  1879. exit; 
  1880.  
  1881. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1882. wp_send_json_error( 'missing_capabilities' ); 
  1883. exit; 
  1884.  
  1885. global $wpdb; 
  1886.  
  1887. $zone_id = wc_clean( $_POST['zone_id'] ); 
  1888. $zone = new WC_Shipping_Zone( $zone_id ); 
  1889. $changes = $_POST['changes']; 
  1890.  
  1891. if ( isset( $changes['zone_name'] ) ) { 
  1892. $zone->set_zone_name( wc_clean( $changes['zone_name'] ) ); 
  1893.  
  1894. if ( isset( $changes['zone_locations'] ) ) { 
  1895. $zone->clear_locations( array( 'state', 'country', 'continent' ) ); 
  1896. $locations = array_filter( array_map( 'wc_clean', (array) $changes['zone_locations'] ) ); 
  1897. foreach ( $locations as $location ) { 
  1898. // Each posted location will be in the format type:code 
  1899. $location_parts = explode( ':', $location ); 
  1900. switch ( $location_parts[0] ) { 
  1901. case 'state' : 
  1902. $zone->add_location( $location_parts[1] . ':' . $location_parts[2], 'state' ); 
  1903. break; 
  1904. case 'country' : 
  1905. $zone->add_location( $location_parts[1], 'country' ); 
  1906. break; 
  1907. case 'continent' : 
  1908. $zone->add_location( $location_parts[1], 'continent' ); 
  1909. break; 
  1910.  
  1911. if ( isset( $changes['zone_postcodes'] ) ) { 
  1912. $zone->clear_locations( 'postcode' ); 
  1913. $postcodes = array_filter( array_map( 'strtoupper', array_map( 'wc_clean', explode( "\n", $changes['zone_postcodes'] ) ) ) ); 
  1914. foreach ( $postcodes as $postcode ) { 
  1915. $zone->add_location( $postcode, 'postcode' ); 
  1916.  
  1917. if ( isset( $changes['methods'] ) ) { 
  1918. foreach ( $changes['methods'] as $instance_id => $data ) { 
  1919. $method_id = $wpdb->get_var( $wpdb->prepare( "SELECT method_id FROM {$wpdb->prefix}woocommerce_shipping_zone_methods WHERE instance_id = %d", $instance_id ) ); 
  1920.  
  1921. if ( isset( $data['deleted'] ) ) { 
  1922. $shipping_method = WC_Shipping_Zones::get_shipping_method( $instance_id ); 
  1923. $option_key = $shipping_method->get_instance_option_key(); 
  1924. if ( $wpdb->delete( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'instance_id' => $instance_id ) ) ) { 
  1925. delete_option( $option_key ); 
  1926. do_action( 'woocommerce_shipping_zone_method_deleted', $instance_id, $method_id, $zone_id ); 
  1927. continue; 
  1928.  
  1929. $method_data = array_intersect_key( $data, array( 
  1930. 'method_order' => 1,  
  1931. 'enabled' => 1,  
  1932. ) ); 
  1933.  
  1934. if ( isset( $method_data['method_order'] ) ) { 
  1935. $wpdb->update( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'method_order' => absint( $method_data['method_order'] ) ), array( 'instance_id' => absint( $instance_id ) ) ); 
  1936.  
  1937. if ( isset( $method_data['enabled'] ) ) { 
  1938. $is_enabled = absint( 'yes' === $method_data['enabled'] ); 
  1939. if ( $wpdb->update( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'is_enabled' => $is_enabled ), array( 'instance_id' => absint( $instance_id ) ) ) ) { 
  1940. do_action( 'woocommerce_shipping_zone_method_status_toggled', $instance_id, $method_id, $zone_id, $is_enabled ); 
  1941.  
  1942. $zone->save(); 
  1943.  
  1944. wp_send_json_success( array( 
  1945. 'zone_id' => $zone->get_id(),  
  1946. 'zone_name' => $zone->get_zone_name(),  
  1947. 'methods' => $zone->get_shipping_methods(),  
  1948. ) ); 
  1949.  
  1950. /** 
  1951. * Save method settings 
  1952. */ 
  1953. public static function shipping_zone_methods_save_settings() { 
  1954. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['instance_id'], $_POST['data'] ) ) { 
  1955. wp_send_json_error( 'missing_fields' ); 
  1956. exit; 
  1957.  
  1958. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1959. wp_send_json_error( 'bad_nonce' ); 
  1960. exit; 
  1961.  
  1962. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1963. wp_send_json_error( 'missing_capabilities' ); 
  1964. exit; 
  1965.  
  1966. $instance_id = absint( $_POST['instance_id'] ); 
  1967. $zone = WC_Shipping_Zones::get_zone_by( 'instance_id', $instance_id ); 
  1968. $shipping_method = WC_Shipping_Zones::get_shipping_method( $instance_id ); 
  1969. $shipping_method->set_post_data( $_POST['data'] ); 
  1970. $shipping_method->process_admin_options(); 
  1971.  
  1972. wp_send_json_success( array( 
  1973. 'zone_id' => $zone->get_id(),  
  1974. 'zone_name' => $zone->get_zone_name(),  
  1975. 'methods' => $zone->get_shipping_methods(),  
  1976. 'errors' => $shipping_method->get_errors(),  
  1977. ) ); 
  1978.  
  1979. /** 
  1980. * Handle submissions from assets/js/wc-shipping-classes.js Backbone model. 
  1981. */ 
  1982. public static function shipping_classes_save_changes() { 
  1983. if ( ! isset( $_POST['wc_shipping_classes_nonce'], $_POST['changes'] ) ) { 
  1984. wp_send_json_error( 'missing_fields' ); 
  1985. exit; 
  1986.  
  1987. if ( ! wp_verify_nonce( $_POST['wc_shipping_classes_nonce'], 'wc_shipping_classes_nonce' ) ) { 
  1988. wp_send_json_error( 'bad_nonce' ); 
  1989. exit; 
  1990.  
  1991. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1992. wp_send_json_error( 'missing_capabilities' ); 
  1993. exit; 
  1994.  
  1995. $changes = $_POST['changes']; 
  1996.  
  1997. foreach ( $changes as $term_id => $data ) { 
  1998. $term_id = absint( $term_id ); 
  1999.  
  2000. if ( isset( $data['deleted'] ) ) { 
  2001. if ( isset( $data['newRow'] ) ) { 
  2002. // So the user added and deleted a new row. 
  2003. // That's fine, it's not in the database anyways. NEXT! 
  2004. continue; 
  2005. wp_delete_term( $term_id, 'product_shipping_class' ); 
  2006. continue; 
  2007.  
  2008. $update_args = array(); 
  2009.  
  2010. if ( isset( $data['name'] ) ) { 
  2011. $update_args['name'] = wc_clean( $data['name'] ); 
  2012.  
  2013. if ( isset( $data['slug'] ) ) { 
  2014. $update_args['slug'] = wc_clean( $data['slug'] ); 
  2015.  
  2016. if ( isset( $data['description'] ) ) { 
  2017. $update_args['description'] = wc_clean( $data['description'] ); 
  2018.  
  2019. if ( isset( $data['newRow'] ) ) { 
  2020. $update_args = array_filter( $update_args ); 
  2021. if ( empty( $update_args['name'] ) ) { 
  2022. continue; 
  2023. $term_id = wp_insert_term( $update_args['name'], 'product_shipping_class', $update_args ); 
  2024. } else { 
  2025. wp_update_term( $term_id, 'product_shipping_class', $update_args ); 
  2026.  
  2027. do_action( 'woocommerce_shipping_classes_save_class', $term_id, $data ); 
  2028.  
  2029. $wc_shipping = WC_Shipping::instance(); 
  2030.  
  2031. wp_send_json_success( array( 
  2032. 'shipping_classes' => $wc_shipping->get_shipping_classes(),  
  2033. ) );