WC_AJAX

WooCommerce WC_AJAX.

Defined (1)

The class is defined in the following location(s).

/includes/class-wc-ajax.php  
  1. class WC_AJAX { 
  2.  
  3. /** 
  4. * Hook in ajax handlers. 
  5. */ 
  6. public static function init() { 
  7. add_action( 'init', array( __CLASS__, 'define_ajax' ), 0 ); 
  8. add_action( 'template_redirect', array( __CLASS__, 'do_wc_ajax' ), 0 ); 
  9. self::add_ajax_events(); 
  10.  
  11. /** 
  12. * Get WC Ajax Endpoint. 
  13. * @param string $request Optional 
  14. * @return string 
  15. */ 
  16. public static function get_endpoint( $request = '' ) { 
  17. return esc_url_raw( apply_filters( 'woocommerce_ajax_get_endpoint', add_query_arg( 'wc-ajax', $request, remove_query_arg( array( 'remove_item', 'add-to-cart', 'added-to-cart' ) ) ), $request ) ); 
  18.  
  19. /** 
  20. * Set WC AJAX constant and headers. 
  21. */ 
  22. public static function define_ajax() { 
  23. if ( ! empty( $_GET['wc-ajax'] ) ) { 
  24. wc_maybe_define_constant( 'DOING_AJAX', true ); 
  25. wc_maybe_define_constant( 'WC_DOING_AJAX', true ); 
  26. if ( ! WP_DEBUG || ( WP_DEBUG && ! WP_DEBUG_DISPLAY ) ) { 
  27. @ini_set( 'display_errors', 0 ); // Turn off display_errors during AJAX events to prevent malformed JSON 
  28. $GLOBALS['wpdb']->hide_errors(); 
  29.  
  30. /** 
  31. * Send headers for WC Ajax Requests. 
  32. * @since 2.5.0 
  33. */ 
  34. private static function wc_ajax_headers() { 
  35. send_origin_headers(); 
  36. @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); 
  37. @header( 'X-Robots-Tag: noindex' ); 
  38. send_nosniff_header(); 
  39. nocache_headers(); 
  40. status_header( 200 ); 
  41.  
  42. /** 
  43. * Check for WC Ajax request and fire action. 
  44. */ 
  45. public static function do_wc_ajax() { 
  46. global $wp_query; 
  47.  
  48. if ( ! empty( $_GET['wc-ajax'] ) ) { 
  49. $wp_query->set( 'wc-ajax', sanitize_text_field( $_GET['wc-ajax'] ) ); 
  50.  
  51. if ( $action = $wp_query->get( 'wc-ajax' ) ) { 
  52. self::wc_ajax_headers(); 
  53. do_action( 'wc_ajax_' . sanitize_text_field( $action ) ); 
  54. wp_die(); 
  55.  
  56. /** 
  57. * Hook in methods - uses WordPress ajax handlers (admin-ajax). 
  58. */ 
  59. public static function add_ajax_events() { 
  60. // woocommerce_EVENT => nopriv 
  61. $ajax_events = array( 
  62. 'get_refreshed_fragments' => true,  
  63. 'apply_coupon' => true,  
  64. 'remove_coupon' => true,  
  65. 'update_shipping_method' => true,  
  66. 'get_cart_totals' => true,  
  67. 'update_order_review' => true,  
  68. 'add_to_cart' => true,  
  69. 'checkout' => true,  
  70. 'get_variation' => true,  
  71. 'get_customer_location' => true,  
  72. 'feature_product' => false,  
  73. 'mark_order_status' => false,  
  74. 'add_attribute' => false,  
  75. 'add_new_attribute' => false,  
  76. 'remove_variation' => false,  
  77. 'remove_variations' => false,  
  78. 'save_attributes' => false,  
  79. 'add_variation' => false,  
  80. 'link_all_variations' => false,  
  81. 'revoke_access_to_download' => false,  
  82. 'grant_access_to_download' => false,  
  83. 'get_customer_details' => false,  
  84. 'add_order_item' => false,  
  85. 'add_order_fee' => false,  
  86. 'add_order_shipping' => false,  
  87. 'add_order_tax' => false,  
  88. 'remove_order_item' => false,  
  89. 'remove_order_tax' => false,  
  90. 'reduce_order_item_stock' => false,  
  91. 'increase_order_item_stock' => false,  
  92. 'add_order_item_meta' => false,  
  93. 'remove_order_item_meta' => false,  
  94. 'calc_line_taxes' => false,  
  95. 'save_order_items' => false,  
  96. 'load_order_items' => false,  
  97. 'add_order_note' => false,  
  98. 'delete_order_note' => false,  
  99. 'json_search_products' => false,  
  100. 'json_search_products_and_variations' => false,  
  101. 'json_search_downloadable_products_and_variations' => false,  
  102. 'json_search_customers' => false,  
  103. 'term_ordering' => false,  
  104. 'product_ordering' => false,  
  105. 'refund_line_items' => false,  
  106. 'delete_refund' => false,  
  107. 'rated' => false,  
  108. 'update_api_key' => false,  
  109. 'load_variations' => false,  
  110. 'save_variations' => false,  
  111. 'bulk_edit_variations' => false,  
  112. 'tax_rates_save_changes' => false,  
  113. 'shipping_zones_save_changes' => false,  
  114. 'shipping_zone_add_method' => false,  
  115. 'shipping_zone_methods_save_changes' => false,  
  116. 'shipping_zone_methods_save_settings' => false,  
  117. 'shipping_classes_save_changes' => false,  
  118. ); 
  119.  
  120. foreach ( $ajax_events as $ajax_event => $nopriv ) { 
  121. add_action( 'wp_ajax_woocommerce_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  122.  
  123. if ( $nopriv ) { 
  124. add_action( 'wp_ajax_nopriv_woocommerce_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  125.  
  126. // WC AJAX can be used for frontend ajax requests. 
  127. add_action( 'wc_ajax_' . $ajax_event, array( __CLASS__, $ajax_event ) ); 
  128.  
  129. /** 
  130. * Get a refreshed cart fragment, including the mini cart HTML. 
  131. */ 
  132. public static function get_refreshed_fragments() { 
  133. ob_start(); 
  134.  
  135. woocommerce_mini_cart(); 
  136.  
  137. $mini_cart = ob_get_clean(); 
  138.  
  139. $data = array( 
  140. 'fragments' => apply_filters( 'woocommerce_add_to_cart_fragments', array( 
  141. 'div.widget_shopping_cart_content' => '<div class="widget_shopping_cart_content">' . $mini_cart . '</div>',  
  142. ),  
  143. 'cart_hash' => apply_filters( 'woocommerce_add_to_cart_hash', WC()->cart->get_cart_for_session() ? md5( json_encode( WC()->cart->get_cart_for_session() ) ) : '', WC()->cart->get_cart_for_session() ),  
  144. ); 
  145.  
  146. wp_send_json( $data ); 
  147.  
  148. /** 
  149. * AJAX apply coupon on checkout page. 
  150. */ 
  151. public static function apply_coupon() { 
  152.  
  153. check_ajax_referer( 'apply-coupon', 'security' ); 
  154.  
  155. if ( ! empty( $_POST['coupon_code'] ) ) { 
  156. WC()->cart->add_discount( sanitize_text_field( $_POST['coupon_code'] ) ); 
  157. } else { 
  158. wc_add_notice( WC_Coupon::get_generic_coupon_error( WC_Coupon::E_WC_COUPON_PLEASE_ENTER ), 'error' ); 
  159.  
  160. wc_print_notices(); 
  161. wp_die(); 
  162.  
  163. /** 
  164. * AJAX remove coupon on cart and checkout page. 
  165. */ 
  166. public static function remove_coupon() { 
  167. check_ajax_referer( 'remove-coupon', 'security' ); 
  168.  
  169. $coupon = isset( $_POST['coupon'] ) ? wc_clean( $_POST['coupon'] ) : false; 
  170.  
  171. if ( empty( $coupon ) ) { 
  172. wc_add_notice( __( 'Sorry there was a problem removing this coupon.', 'woocommerce' ), 'error' ); 
  173. } else { 
  174. WC()->cart->remove_coupon( $coupon ); 
  175. wc_add_notice( __( 'Coupon has been removed.', 'woocommerce' ) ); 
  176.  
  177. wc_print_notices(); 
  178. wp_die(); 
  179.  
  180. /** 
  181. * AJAX update shipping method on cart page. 
  182. */ 
  183. public static function update_shipping_method() { 
  184. check_ajax_referer( 'update-shipping-method', 'security' ); 
  185.  
  186. wc_maybe_define_constant( 'WOOCOMMERCE_CART', true ); 
  187.  
  188. $chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' ); 
  189.  
  190. if ( isset( $_POST['shipping_method'] ) && is_array( $_POST['shipping_method'] ) ) { 
  191. foreach ( $_POST['shipping_method'] as $i => $value ) { 
  192. $chosen_shipping_methods[ $i ] = wc_clean( $value ); 
  193.  
  194. WC()->session->set( 'chosen_shipping_methods', $chosen_shipping_methods ); 
  195.  
  196. self::get_cart_totals(); 
  197.  
  198. /** 
  199. * AJAX receive updated cart_totals div. 
  200. */ 
  201. public static function get_cart_totals() { 
  202. wc_maybe_define_constant( 'WOOCOMMERCE_CART', true ); 
  203. WC()->cart->calculate_totals(); 
  204. woocommerce_cart_totals(); 
  205. wp_die(); 
  206.  
  207. /** 
  208. * Session has expired. 
  209. */ 
  210. private static function update_order_review_expired() { 
  211. wp_send_json( array( 
  212. 'fragments' => apply_filters( 'woocommerce_update_order_review_fragments', array( 
  213. 'form.woocommerce-checkout' => '<div class="woocommerce-error">' . __( 'Sorry, your session has expired.', 'woocommerce' ) . ' <a href="' . esc_url( wc_get_page_permalink( 'shop' ) ) . '" class="wc-backward">' . __( 'Return to shop', 'woocommerce' ) . '</a></div>',  
  214. ) ),  
  215. ) ); 
  216.  
  217. /** 
  218. * AJAX update order review on checkout. 
  219. */ 
  220. public static function update_order_review() { 
  221. check_ajax_referer( 'update-order-review', 'security' ); 
  222.  
  223. wc_maybe_define_constant( 'WOOCOMMERCE_CHECKOUT', true ); 
  224.  
  225. if ( WC()->cart->is_empty() ) { 
  226. self::update_order_review_expired(); 
  227.  
  228. do_action( 'woocommerce_checkout_update_order_review', $_POST['post_data'] ); 
  229.  
  230. $chosen_shipping_methods = WC()->session->get( 'chosen_shipping_methods' ); 
  231.  
  232. if ( isset( $_POST['shipping_method'] ) && is_array( $_POST['shipping_method'] ) ) { 
  233. foreach ( $_POST['shipping_method'] as $i => $value ) { 
  234. $chosen_shipping_methods[ $i ] = wc_clean( $value ); 
  235.  
  236. WC()->session->set( 'chosen_shipping_methods', $chosen_shipping_methods ); 
  237. WC()->session->set( 'chosen_payment_method', empty( $_POST['payment_method'] ) ? '' : $_POST['payment_method'] ); 
  238. WC()->customer->set_props( array( 
  239. 'billing_country' => isset( $_POST['country'] ) ? $_POST['country'] : null,  
  240. 'billing_state' => isset( $_POST['state'] ) ? $_POST['state'] : null,  
  241. 'billing_postcode' => isset( $_POST['postcode'] ) ? $_POST['postcode'] : null,  
  242. 'billing_city' => isset( $_POST['city'] ) ? $_POST['city'] : null,  
  243. 'billing_address_1' => isset( $_POST['address'] ) ? $_POST['address'] : null,  
  244. 'billing_address_2' => isset( $_POST['address_2'] ) ? $_POST['address_2'] : null,  
  245. ) ); 
  246.  
  247. if ( wc_ship_to_billing_address_only() ) { 
  248. WC()->customer->set_props( array( 
  249. 'shipping_country' => isset( $_POST['country'] ) ? $_POST['country'] : null,  
  250. 'shipping_state' => isset( $_POST['state'] ) ? $_POST['state'] : null,  
  251. 'shipping_postcode' => isset( $_POST['postcode'] ) ? $_POST['postcode'] : null,  
  252. 'shipping_city' => isset( $_POST['city'] ) ? $_POST['city'] : null,  
  253. 'shipping_address_1' => isset( $_POST['address'] ) ? $_POST['address'] : null,  
  254. 'shipping_address_2' => isset( $_POST['address_2'] ) ? $_POST['address_2'] : null,  
  255. ) ); 
  256. if ( ! empty( $_POST['country'] ) ) { 
  257. WC()->customer->set_calculated_shipping( true ); 
  258. } else { 
  259. WC()->customer->set_props( array( 
  260. 'shipping_country' => isset( $_POST['s_country'] ) ? $_POST['s_country'] : null,  
  261. 'shipping_state' => isset( $_POST['s_state'] ) ? $_POST['s_state'] : null,  
  262. 'shipping_postcode' => isset( $_POST['s_postcode'] ) ? $_POST['s_postcode'] : null,  
  263. 'shipping_city' => isset( $_POST['s_city'] ) ? $_POST['s_city'] : null,  
  264. 'shipping_address_1' => isset( $_POST['s_address'] ) ? $_POST['s_address'] : null,  
  265. 'shipping_address_2' => isset( $_POST['s_address_2'] ) ? $_POST['s_address_2'] : null,  
  266. ) ); 
  267. if ( ! empty( $_POST['s_country'] ) ) { 
  268. WC()->customer->set_calculated_shipping( true ); 
  269.  
  270. WC()->customer->save(); 
  271. WC()->cart->calculate_totals(); 
  272.  
  273. // Get order review fragment 
  274. ob_start(); 
  275. woocommerce_order_review(); 
  276. $woocommerce_order_review = ob_get_clean(); 
  277.  
  278. // Get checkout payment fragment 
  279. ob_start(); 
  280. woocommerce_checkout_payment(); 
  281. $woocommerce_checkout_payment = ob_get_clean(); 
  282.  
  283. // Get messages if reload checkout is not true 
  284. $messages = ''; 
  285. if ( ! isset( WC()->session->reload_checkout ) ) { 
  286. ob_start(); 
  287. wc_print_notices(); 
  288. $messages = ob_get_clean(); 
  289.  
  290. unset( WC()->session->refresh_totals, WC()->session->reload_checkout ); 
  291.  
  292. wp_send_json( array( 
  293. 'result' => empty( $messages ) ? 'success' : 'failure',  
  294. 'messages' => $messages,  
  295. 'reload' => isset( WC()->session->reload_checkout ) ? 'true' : 'false',  
  296. 'fragments' => apply_filters( 'woocommerce_update_order_review_fragments', array( 
  297. '.woocommerce-checkout-review-order-table' => $woocommerce_order_review,  
  298. '.woocommerce-checkout-payment' => $woocommerce_checkout_payment,  
  299. ) ),  
  300. ) ); 
  301.  
  302. /** 
  303. * AJAX add to cart. 
  304. */ 
  305. public static function add_to_cart() { 
  306. ob_start(); 
  307.  
  308. $product_id = apply_filters( 'woocommerce_add_to_cart_product_id', absint( $_POST['product_id'] ) ); 
  309. $quantity = empty( $_POST['quantity'] ) ? 1 : wc_stock_amount( $_POST['quantity'] ); 
  310. $passed_validation = apply_filters( 'woocommerce_add_to_cart_validation', true, $product_id, $quantity ); 
  311. $product_status = get_post_status( $product_id ); 
  312.  
  313. if ( $passed_validation && false !== WC()->cart->add_to_cart( $product_id, $quantity ) && 'publish' === $product_status ) { 
  314.  
  315. do_action( 'woocommerce_ajax_added_to_cart', $product_id ); 
  316.  
  317. if ( get_option( 'woocommerce_cart_redirect_after_add' ) == 'yes' ) { 
  318. wc_add_to_cart_message( array( $product_id => $quantity ), true ); 
  319.  
  320. // Return fragments 
  321. self::get_refreshed_fragments(); 
  322.  
  323. } else { 
  324.  
  325. // If there was an error adding to the cart, redirect to the product page to show any errors 
  326. $data = array( 
  327. 'error' => true,  
  328. 'product_url' => apply_filters( 'woocommerce_cart_redirect_after_error', get_permalink( $product_id ), $product_id ),  
  329. ); 
  330.  
  331. wp_send_json( $data ); 
  332.  
  333. /** 
  334. * Process ajax checkout form. 
  335. */ 
  336. public static function checkout() { 
  337. wc_maybe_define_constant( 'WOOCOMMERCE_CHECKOUT', true ); 
  338. WC()->checkout()->process_checkout(); 
  339. wp_die( 0 ); 
  340.  
  341. /** 
  342. * Get a matching variation based on posted attributes. 
  343. */ 
  344. public static function get_variation() { 
  345. ob_start(); 
  346.  
  347. if ( empty( $_POST['product_id'] ) || ! ( $variable_product = wc_get_product( absint( $_POST['product_id'] ) ) ) ) { 
  348. wp_die(); 
  349.  
  350. $data_store = WC_Data_Store::load( 'product' ); 
  351. $variation_id = $data_store->find_matching_product_variation( $variable_product, wp_unslash( $_POST ) ); 
  352. $variation = $variation_id ? $variable_product->get_available_variation( $variation_id ) : false; 
  353. wp_send_json( $variation ); 
  354.  
  355. /** 
  356. * Locate user via AJAX. 
  357. */ 
  358. public static function get_customer_location() { 
  359. $location_hash = WC_Cache_Helper::geolocation_ajax_get_location_hash(); 
  360. wp_send_json_success( array( 'hash' => $location_hash ) ); 
  361.  
  362. /** 
  363. * Toggle Featured status of a product from admin. 
  364. */ 
  365. public static function feature_product() { 
  366. if ( current_user_can( 'edit_products' ) && check_admin_referer( 'woocommerce-feature-product' ) ) { 
  367. $product = wc_get_product( absint( $_GET['product_id'] ) ); 
  368.  
  369. if ( $product ) { 
  370. $product->set_featured( ! $product->get_featured() ); 
  371. $product->save(); 
  372.  
  373. wp_safe_redirect( wp_get_referer() ? remove_query_arg( array( 'trashed', 'untrashed', 'deleted', 'ids' ), wp_get_referer() ) : admin_url( 'edit.php?post_type=product' ) ); 
  374. exit; 
  375.  
  376. /** 
  377. * Mark an order with a status. 
  378. */ 
  379. public static function mark_order_status() { 
  380. if ( current_user_can( 'edit_shop_orders' ) && check_admin_referer( 'woocommerce-mark-order-status' ) ) { 
  381. $status = sanitize_text_field( $_GET['status'] ); 
  382. $order = wc_get_order( absint( $_GET['order_id'] ) ); 
  383.  
  384. if ( wc_is_order_status( 'wc-' . $status ) && $order ) { 
  385. $order->update_status( $status, '', true ); 
  386. do_action( 'woocommerce_order_edit_status', $order->get_id(), $status ); 
  387.  
  388. wp_safe_redirect( wp_get_referer() ? wp_get_referer() : admin_url( 'edit.php?post_type=shop_order' ) ); 
  389. exit; 
  390.  
  391. /** 
  392. * Add an attribute row. 
  393. */ 
  394. public static function add_attribute() { 
  395. ob_start(); 
  396.  
  397. check_ajax_referer( 'add-attribute', 'security' ); 
  398.  
  399. if ( ! current_user_can( 'edit_products' ) ) { 
  400. wp_die( -1 ); 
  401.  
  402. $i = absint( $_POST['i'] ); 
  403. $metabox_class = array(); 
  404. $attribute = new WC_Product_Attribute(); 
  405.  
  406. $attribute->set_id( wc_attribute_taxonomy_id_by_name( sanitize_text_field( $_POST['taxonomy'] ) ) ); 
  407. $attribute->set_name( sanitize_text_field( $_POST['taxonomy'] ) ); 
  408. $attribute->set_visible( apply_filters( 'woocommerce_attribute_default_visibility', 1 ) ); 
  409. $attribute->set_variation( apply_filters( 'woocommerce_attribute_default_is_variation', 0 ) ); 
  410.  
  411. if ( $attribute->is_taxonomy() ) { 
  412. $metabox_class[] = 'taxonomy'; 
  413. $metabox_class[] = $attribute->get_name(); 
  414.  
  415. include( 'admin/meta-boxes/views/html-product-attribute.php' ); 
  416. wp_die(); 
  417.  
  418. /** 
  419. * Add a new attribute via ajax function. 
  420. */ 
  421. public static function add_new_attribute() { 
  422. check_ajax_referer( 'add-attribute', 'security' ); 
  423.  
  424. if ( current_user_can( 'manage_product_terms' ) ) { 
  425. $taxonomy = esc_attr( $_POST['taxonomy'] ); 
  426. $term = wc_clean( $_POST['term'] ); 
  427.  
  428. if ( taxonomy_exists( $taxonomy ) ) { 
  429.  
  430. $result = wp_insert_term( $term, $taxonomy ); 
  431.  
  432. if ( is_wp_error( $result ) ) { 
  433. wp_send_json( array( 
  434. 'error' => $result->get_error_message(),  
  435. ) ); 
  436. } else { 
  437. $term = get_term_by( 'id', $result['term_id'], $taxonomy ); 
  438. wp_send_json( array( 
  439. 'term_id' => $term->term_id,  
  440. 'name' => $term->name,  
  441. 'slug' => $term->slug,  
  442. ) ); 
  443. wp_die( -1 ); 
  444.  
  445. /** 
  446. * Delete variations via ajax function. 
  447. */ 
  448. public static function remove_variations() { 
  449. check_ajax_referer( 'delete-variations', 'security' ); 
  450.  
  451. if ( current_user_can( 'edit_products' ) ) { 
  452. $variation_ids = (array) $_POST['variation_ids']; 
  453.  
  454. foreach ( $variation_ids as $variation_id ) { 
  455. if ( 'product_variation' === get_post_type( $variation_id ) ) { 
  456. $variation = wc_get_product( $variation_id ); 
  457. $variation->delete( true ); 
  458.  
  459. wp_die( -1 ); 
  460.  
  461. /** 
  462. * Save attributes via ajax. 
  463. */ 
  464. public static function save_attributes() { 
  465. check_ajax_referer( 'save-attributes', 'security' ); 
  466.  
  467. if ( ! current_user_can( 'edit_products' ) ) { 
  468. wp_die( -1 ); 
  469.  
  470. parse_str( $_POST['data'], $data ); 
  471.  
  472. $attributes = WC_Meta_Box_Product_Data::prepare_attributes( $data ); 
  473. $product_id = absint( $_POST['post_id'] ); 
  474. $product_type = ! empty( $_POST['product_type'] ) ? wc_clean( $_POST['product_type'] ) : 'simple'; 
  475. $classname = WC_Product_Factory::get_product_classname( $product_id, $product_type ); 
  476. $product = new $classname( $product_id ); 
  477.  
  478. $product->set_attributes( $attributes ); 
  479. $product->save(); 
  480. wp_die(); 
  481.  
  482. /** 
  483. * Add variation via ajax function. 
  484. */ 
  485. public static function add_variation() { 
  486.  
  487. check_ajax_referer( 'add-variation', 'security' ); 
  488.  
  489. if ( ! current_user_can( 'edit_products' ) ) { 
  490. wp_die( -1 ); 
  491.  
  492. global $post; // Set $post global so its available, like within the admin screens 
  493.  
  494. $product_id = intval( $_POST['post_id'] ); 
  495. $post = get_post( $product_id ); 
  496. $loop = intval( $_POST['loop'] ); 
  497. $product_object = wc_get_product( $product_id ); 
  498. $variation_object = new WC_Product_Variation(); 
  499. $variation_object->set_parent_id( $product_id ); 
  500. $variation_id = $variation_object->save(); 
  501. $variation = get_post( $variation_id ); 
  502. $variation_data = array_merge( array_map( 'maybe_unserialize', get_post_custom( $variation_id ) ), wc_get_product_variation_attributes( $variation_id ) ); // kept for BW compat. 
  503. include( 'admin/meta-boxes/views/html-variation-admin.php' ); 
  504. wp_die(); 
  505.  
  506. /** 
  507. * Link all variations via ajax function. 
  508. */ 
  509. public static function link_all_variations() { 
  510. check_ajax_referer( 'link-variations', 'security' ); 
  511.  
  512. if ( ! current_user_can( 'edit_products' ) ) { 
  513. wp_die( -1 ); 
  514.  
  515. wc_maybe_define_constant( 'WC_MAX_LINKED_VARIATIONS', 49 ); 
  516. wc_set_time_limit( 0 ); 
  517.  
  518. $post_id = intval( $_POST['post_id'] ); 
  519.  
  520. if ( ! $post_id ) { 
  521. wp_die(); 
  522.  
  523. $variations = array(); 
  524. $product = wc_get_product( $post_id ); 
  525. $attributes = wc_list_pluck( array_filter( $product->get_attributes(), 'wc_attributes_array_filter_variation' ), 'get_slugs' ); 
  526.  
  527. if ( ! empty( $attributes ) ) { 
  528. // Get existing variations so we don't create duplicates. 
  529. $existing_variations = array_map( 'wc_get_product', $product->get_children() ); 
  530. $existing_attributes = array(); 
  531.  
  532. foreach ( $existing_variations as $existing_variation ) { 
  533. $existing_attributes[] = $existing_variation->get_attributes(); 
  534.  
  535. $added = 0; 
  536. $possible_attributes = wc_array_cartesian( $attributes ); 
  537.  
  538. foreach ( $possible_attributes as $possible_attribute ) { 
  539. if ( in_array( $possible_attribute, $existing_attributes ) ) { 
  540. continue; 
  541. $variation = new WC_Product_Variation(); 
  542. $variation->set_parent_id( $post_id ); 
  543. $variation->set_attributes( $possible_attribute ); 
  544.  
  545. do_action( 'product_variation_linked', $variation->save() ); 
  546.  
  547. if ( ( $added ++ ) > WC_MAX_LINKED_VARIATIONS ) { 
  548. break; 
  549.  
  550. echo $added; 
  551.  
  552. $data_store = $product->get_data_store(); 
  553. $data_store->sort_all_product_variations( $product->get_id() ); 
  554. wp_die(); 
  555.  
  556. /** 
  557. * Delete download permissions via ajax function. 
  558. */ 
  559. public static function revoke_access_to_download() { 
  560. check_ajax_referer( 'revoke-access', 'security' ); 
  561.  
  562. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  563. wp_die( -1 ); 
  564. $download_id = $_POST['download_id']; 
  565. $product_id = intval( $_POST['product_id'] ); 
  566. $order_id = intval( $_POST['order_id'] ); 
  567. $permission_id = absint( $_POST['permission_id'] ); 
  568. $data_store = WC_Data_Store::load( 'customer-download' ); 
  569. $data_store->delete_by_id( $permission_id ); 
  570.  
  571. do_action( 'woocommerce_ajax_revoke_access_to_product_download', $download_id, $product_id, $order_id, $permission_id ); 
  572.  
  573. wp_die(); 
  574.  
  575. /** 
  576. * Grant download permissions via ajax function. 
  577. */ 
  578. public static function grant_access_to_download() { 
  579.  
  580. check_ajax_referer( 'grant-access', 'security' ); 
  581.  
  582. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  583. wp_die( -1 ); 
  584.  
  585. global $wpdb; 
  586.  
  587. $wpdb->hide_errors(); 
  588.  
  589. $order_id = intval( $_POST['order_id'] ); 
  590. $product_ids = $_POST['product_ids']; 
  591. $loop = intval( $_POST['loop'] ); 
  592. $file_counter = 0; 
  593. $order = wc_get_order( $order_id ); 
  594.  
  595. if ( ! is_array( $product_ids ) ) { 
  596. $product_ids = array( $product_ids ); 
  597.  
  598. foreach ( $product_ids as $product_id ) { 
  599. $product = wc_get_product( $product_id ); 
  600. $files = $product->get_downloads(); 
  601.  
  602. if ( ! $order->get_billing_email() ) { 
  603. wp_die(); 
  604.  
  605. if ( ! empty( $files ) ) { 
  606. foreach ( $files as $download_id => $file ) { 
  607. if ( $inserted_id = wc_downloadable_file_permission( $download_id, $product_id, $order ) ) { 
  608. $download = new WC_Customer_Download( $inserted_id ); 
  609. $loop ++; 
  610. $file_counter ++; 
  611.  
  612. if ( $file->get_name() ) { 
  613. $file_count = $file->get_name(); 
  614. } else { 
  615. $file_count = sprintf( __( 'File %d', 'woocommerce' ), $file_counter ); 
  616. include( 'admin/meta-boxes/views/html-order-download-permission.php' ); 
  617. wp_die(); 
  618.  
  619. /** 
  620. * Get customer details via ajax. 
  621. */ 
  622. public static function get_customer_details() { 
  623. check_ajax_referer( 'get-customer-details', 'security' ); 
  624.  
  625. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  626. wp_die( -1 ); 
  627.  
  628. $user_id = absint( $_POST['user_id'] ); 
  629. $customer = new WC_Customer( $user_id ); 
  630.  
  631. if ( has_filter( 'woocommerce_found_customer_details' ) ) { 
  632. wc_deprecated_function( 'The woocommerce_found_customer_details filter', '3.0', 'woocommerce_ajax_get_customer_details' ); 
  633.  
  634. $data = $customer->get_data(); 
  635. $data['date_created'] = $data['date_created'] ? $data['date_created']->getTimestamp() : null; 
  636. $data['date_modified'] = $data['date_modified'] ? $data['date_modified']->getTimestamp() : null; 
  637.  
  638. $customer_data = apply_filters( 'woocommerce_ajax_get_customer_details', $data, $customer, $user_id ); 
  639. wp_send_json( $customer_data ); 
  640.  
  641. /** 
  642. * Add order item via ajax. 
  643. */ 
  644. public static function add_order_item() { 
  645. check_ajax_referer( 'order-item', 'security' ); 
  646.  
  647. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  648. wp_die( -1 ); 
  649.  
  650. try { 
  651. $order_id = absint( $_POST['order_id'] ); 
  652. $order = wc_get_order( $order_id ); 
  653. $items_to_add = wp_parse_id_list( is_array( $_POST['item_to_add'] ) ? $_POST['item_to_add'] : array( $_POST['item_to_add'] ) ); 
  654.  
  655. if ( ! $order ) { 
  656. throw new Exception( __( 'Invalid order', 'woocommerce' ) ); 
  657.  
  658. ob_start(); 
  659.  
  660. foreach ( $items_to_add as $item_to_add ) { 
  661. if ( ! in_array( get_post_type( $item_to_add ), array( 'product', 'product_variation' ) ) ) { 
  662. continue; 
  663. $item_id = $order->add_product( wc_get_product( $item_to_add ) ); 
  664. $item = apply_filters( 'woocommerce_ajax_order_item', $order->get_item( $item_id ), $item_id ); 
  665. $order_taxes = $order->get_taxes(); 
  666. $class = 'new_row'; 
  667.  
  668. do_action( 'woocommerce_ajax_add_order_item_meta', $item_id, $item ); 
  669. include( 'admin/meta-boxes/views/html-order-item.php' ); 
  670.  
  671. wp_send_json_success( array( 
  672. 'html' => ob_get_clean(),  
  673. ) ); 
  674. } catch ( Exception $e ) { 
  675. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  676.  
  677. /** 
  678. * Add order fee via ajax. 
  679. */ 
  680. public static function add_order_fee() { 
  681. check_ajax_referer( 'order-item', 'security' ); 
  682.  
  683. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  684. wp_die( -1 ); 
  685.  
  686. try { 
  687. $order_id = absint( $_POST['order_id'] ); 
  688. $order = wc_get_order( $order_id ); 
  689. $order_taxes = $order->get_taxes(); 
  690. $item = new WC_Order_Item_Fee(); 
  691. $item->set_order_id( $order_id ); 
  692. $item_id = $item->save(); 
  693.  
  694. ob_start(); 
  695. include( 'admin/meta-boxes/views/html-order-fee.php' ); 
  696.  
  697. wp_send_json_success( array( 
  698. 'html' => ob_get_clean(),  
  699. ) ); 
  700. } catch ( Exception $e ) { 
  701. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  702.  
  703. /** 
  704. * Add order shipping cost via ajax. 
  705. */ 
  706. public static function add_order_shipping() { 
  707. check_ajax_referer( 'order-item', 'security' ); 
  708.  
  709. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  710. wp_die( -1 ); 
  711.  
  712. try { 
  713. $order_id = absint( $_POST['order_id'] ); 
  714. $order = wc_get_order( $order_id ); 
  715. $order_taxes = $order->get_taxes(); 
  716. $shipping_methods = WC()->shipping() ? WC()->shipping->load_shipping_methods() : array(); 
  717.  
  718. // Add new shipping 
  719. $item = new WC_Order_Item_Shipping(); 
  720. $item->set_shipping_rate( new WC_Shipping_Rate() ); 
  721. $item->set_order_id( $order_id ); 
  722. $item_id = $item->save(); 
  723.  
  724. ob_start(); 
  725. include( 'admin/meta-boxes/views/html-order-shipping.php' ); 
  726.  
  727. wp_send_json_success( array( 
  728. 'html' => ob_get_clean(),  
  729. ) ); 
  730. } catch ( Exception $e ) { 
  731. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  732.  
  733. /** 
  734. * Add order tax column via ajax. 
  735. */ 
  736. public static function add_order_tax() { 
  737. check_ajax_referer( 'order-item', 'security' ); 
  738.  
  739. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  740. wp_die( -1 ); 
  741.  
  742. try { 
  743. $order_id = absint( $_POST['order_id'] ); 
  744. $rate_id = absint( $_POST['rate_id'] ); 
  745. $order = wc_get_order( $order_id ); 
  746. $data = get_post_meta( $order_id ); 
  747.  
  748. // Add new tax 
  749. $item = new WC_Order_Item_Tax(); 
  750. $item->set_rate( $rate_id ); 
  751. $item->set_order_id( $order_id ); 
  752. $item->save(); 
  753.  
  754. ob_start(); 
  755. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  756.  
  757. wp_send_json_success( array( 
  758. 'html' => ob_get_clean(),  
  759. ) ); 
  760. } catch ( Exception $e ) { 
  761. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  762.  
  763. /** 
  764. * Remove an order item. 
  765. */ 
  766. public static function remove_order_item() { 
  767. check_ajax_referer( 'order-item', 'security' ); 
  768.  
  769. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  770. wp_die( -1 ); 
  771.  
  772. $order_item_ids = $_POST['order_item_ids']; 
  773.  
  774. if ( ! is_array( $order_item_ids ) && is_numeric( $order_item_ids ) ) { 
  775. $order_item_ids = array( $order_item_ids ); 
  776.  
  777. if ( sizeof( $order_item_ids ) > 0 ) { 
  778. foreach ( $order_item_ids as $id ) { 
  779. wc_delete_order_item( absint( $id ) ); 
  780. wp_die(); 
  781.  
  782. /** 
  783. * Remove an order tax. 
  784. */ 
  785. public static function remove_order_tax() { 
  786. check_ajax_referer( 'order-item', 'security' ); 
  787.  
  788. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  789. wp_die( -1 ); 
  790.  
  791. $order_id = absint( $_POST['order_id'] ); 
  792. $rate_id = absint( $_POST['rate_id'] ); 
  793.  
  794. wc_delete_order_item( $rate_id ); 
  795.  
  796. // Return HTML items 
  797. $order = wc_get_order( $order_id ); 
  798. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  799. wp_die(); 
  800.  
  801. /** 
  802. * Reduce order item stock. 
  803. */ 
  804. public static function reduce_order_item_stock() { 
  805. check_ajax_referer( 'order-item', 'security' ); 
  806. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  807. wp_die( -1 ); 
  808. $order_id = absint( $_POST['order_id'] ); 
  809. $order_item_ids = isset( $_POST['order_item_ids'] ) ? $_POST['order_item_ids'] : array(); 
  810. $order_item_qty = isset( $_POST['order_item_qty'] ) ? $_POST['order_item_qty'] : array(); 
  811. $order = wc_get_order( $order_id ); 
  812. $order_items = $order->get_items(); 
  813. $return = array(); 
  814. if ( $order && ! empty( $order_items ) && sizeof( $order_item_ids ) > 0 ) { 
  815. foreach ( $order_items as $item_id => $order_item ) { 
  816. // Only reduce checked items 
  817. if ( ! in_array( $item_id, $order_item_ids ) ) { 
  818. continue; 
  819. $_product = $order_item->get_product(); 
  820. if ( $_product && $_product->exists() && $_product->managing_stock() && isset( $order_item_qty[ $item_id ] ) && $order_item_qty[ $item_id ] > 0 ) { 
  821. $stock_change = apply_filters( 'woocommerce_reduce_order_stock_quantity', $order_item_qty[ $item_id ], $item_id ); 
  822. $new_stock = wc_update_product_stock( $_product, $stock_change, 'decrease' ); 
  823. $item_name = $_product->get_sku() ? $_product->get_sku() : $_product->get_id(); 
  824. $note = sprintf( __( 'Item %1$s stock reduced from %2$s to %3$s.', 'woocommerce' ), $item_name, $new_stock + $stock_change, $new_stock ); 
  825. $return[] = $note; 
  826. $order->add_order_note( $note ); 
  827. do_action( 'woocommerce_reduce_order_stock', $order ); 
  828. if ( empty( $return ) ) { 
  829. $return[] = __( 'No products had their stock reduced - they may not have stock management enabled.', 'woocommerce' ); 
  830. echo wp_kses_post( implode( ', ', $return ) ); 
  831. wp_die(); 
  832.  
  833. /** 
  834. * Increase order item stock. 
  835. */ 
  836. public static function increase_order_item_stock() { 
  837. check_ajax_referer( 'order-item', 'security' ); 
  838. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  839. wp_die( -1 ); 
  840. $order_id = absint( $_POST['order_id'] ); 
  841. $order_item_ids = isset( $_POST['order_item_ids'] ) ? $_POST['order_item_ids'] : array(); 
  842. $order_item_qty = isset( $_POST['order_item_qty'] ) ? $_POST['order_item_qty'] : array(); 
  843. $order = wc_get_order( $order_id ); 
  844. $order_items = $order->get_items(); 
  845. $return = array(); 
  846. if ( $order && ! empty( $order_items ) && sizeof( $order_item_ids ) > 0 ) { 
  847. foreach ( $order_items as $item_id => $order_item ) { 
  848. // Only reduce checked items 
  849. if ( ! in_array( $item_id, $order_item_ids ) ) { 
  850. continue; 
  851. $_product = $order_item->get_product(); 
  852. if ( $_product && $_product->exists() && $_product->managing_stock() && isset( $order_item_qty[ $item_id ] ) && $order_item_qty[ $item_id ] > 0 ) { 
  853. $old_stock = $_product->get_stock_quantity(); 
  854. $stock_change = apply_filters( 'woocommerce_restore_order_stock_quantity', $order_item_qty[ $item_id ], $item_id ); 
  855. $new_quantity = wc_update_product_stock( $_product, $stock_change, 'increase' ); 
  856. $item_name = $_product->get_sku() ? $_product->get_sku() : $_product->get_id(); 
  857. $note = sprintf( __( 'Item %1$s stock increased from %2$s to %3$s.', 'woocommerce' ), $item_name, $old_stock, $new_quantity ); 
  858. $return[] = $note; 
  859. $order->add_order_note( $note ); 
  860. do_action( 'woocommerce_restore_order_stock', $order ); 
  861. if ( empty( $return ) ) { 
  862. $return[] = __( 'No products had their stock increased - they may not have stock management enabled.', 'woocommerce' ); 
  863. echo wp_kses_post( implode( ', ', $return ) ); 
  864. wp_die(); 
  865.  
  866. /** 
  867. * Calc line tax. 
  868. */ 
  869. public static function calc_line_taxes() { 
  870. check_ajax_referer( 'calc-totals', 'security' ); 
  871.  
  872. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  873. wp_die( -1 ); 
  874.  
  875. $order_id = absint( $_POST['order_id'] ); 
  876. $calculate_tax_args = array( 
  877. 'country' => strtoupper( wc_clean( $_POST['country'] ) ),  
  878. 'state' => strtoupper( wc_clean( $_POST['state'] ) ),  
  879. 'postcode' => strtoupper( wc_clean( $_POST['postcode'] ) ),  
  880. 'city' => strtoupper( wc_clean( $_POST['city'] ) ),  
  881. ); 
  882.  
  883. // Parse the jQuery serialized items 
  884. $items = array(); 
  885. parse_str( $_POST['items'], $items ); 
  886.  
  887. // Save order items first 
  888. wc_save_order_items( $order_id, $items ); 
  889.  
  890. // Grab the order and recalc taxes 
  891. $order = wc_get_order( $order_id ); 
  892. $order->calculate_taxes( $calculate_tax_args ); 
  893.  
  894. // Return HTML items 
  895. $order = wc_get_order( $order_id ); 
  896. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  897. wp_die(); 
  898.  
  899. /** 
  900. * Save order items via ajax. 
  901. */ 
  902. public static function save_order_items() { 
  903. check_ajax_referer( 'order-item', 'security' ); 
  904.  
  905. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  906. wp_die( -1 ); 
  907.  
  908. if ( isset( $_POST['order_id'], $_POST['items'] ) ) { 
  909. $order_id = absint( $_POST['order_id'] ); 
  910.  
  911. // Parse the jQuery serialized items 
  912. $items = array(); 
  913. parse_str( $_POST['items'], $items ); 
  914.  
  915. // Save order items 
  916. wc_save_order_items( $order_id, $items ); 
  917.  
  918. // Return HTML items 
  919. $order = wc_get_order( $order_id ); 
  920. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  921. wp_die(); 
  922.  
  923. /** 
  924. * Load order items via ajax. 
  925. */ 
  926. public static function load_order_items() { 
  927. check_ajax_referer( 'order-item', 'security' ); 
  928.  
  929. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  930. wp_die( -1 ); 
  931.  
  932. // Return HTML items 
  933. $order_id = absint( $_POST['order_id'] ); 
  934. $order = wc_get_order( $order_id ); 
  935. include( 'admin/meta-boxes/views/html-order-items.php' ); 
  936. wp_die(); 
  937.  
  938. /** 
  939. * Add order note via ajax. 
  940. */ 
  941. public static function add_order_note() { 
  942. check_ajax_referer( 'add-order-note', 'security' ); 
  943.  
  944. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  945. wp_die( -1 ); 
  946.  
  947. $post_id = absint( $_POST['post_id'] ); 
  948. $note = wp_kses_post( trim( stripslashes( $_POST['note'] ) ) ); 
  949. $note_type = $_POST['note_type']; 
  950.  
  951. $is_customer_note = ( 'customer' === $note_type ) ? 1 : 0; 
  952.  
  953. if ( $post_id > 0 ) { 
  954. $order = wc_get_order( $post_id ); 
  955. $comment_id = $order->add_order_note( $note, $is_customer_note, true ); 
  956.  
  957. echo '<li rel="' . esc_attr( $comment_id ) . '" class="note '; 
  958. if ( $is_customer_note ) { 
  959. echo 'customer-note'; 
  960. echo '"><div class="note_content">'; 
  961. echo wpautop( wptexturize( $note ) ); 
  962. echo '</div><p class="meta"><a href="#" class="delete_note">' . __( 'Delete note', 'woocommerce' ) . '</a></p>'; 
  963. echo '</li>'; 
  964. wp_die(); 
  965.  
  966. /** 
  967. * Delete order note via ajax. 
  968. */ 
  969. public static function delete_order_note() { 
  970. check_ajax_referer( 'delete-order-note', 'security' ); 
  971.  
  972. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  973. wp_die( -1 ); 
  974.  
  975. $note_id = (int) $_POST['note_id']; 
  976.  
  977. if ( $note_id > 0 ) { 
  978. wp_delete_comment( $note_id ); 
  979. wp_die(); 
  980.  
  981. /** 
  982. * Search for products and echo json. 
  983. * @param string $term (default: '') 
  984. * @param bool $include_variations in search or not 
  985. */ 
  986. public static function json_search_products( $term = '', $include_variations = false ) { 
  987. check_ajax_referer( 'search-products', 'security' ); 
  988.  
  989. $term = wc_clean( empty( $term ) ? stripslashes( $_GET['term'] ) : $term ); 
  990.  
  991. if ( empty( $term ) ) { 
  992. wp_die(); 
  993.  
  994. $data_store = WC_Data_Store::load( 'product' ); 
  995. $ids = $data_store->search_products( $term, '', (bool) $include_variations ); 
  996.  
  997. if ( ! empty( $_GET['exclude'] ) ) { 
  998. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  999.  
  1000. if ( ! empty( $_GET['include'] ) ) { 
  1001. $ids = array_intersect( $ids, (array) $_GET['include'] ); 
  1002.  
  1003. if ( ! empty( $_GET['limit'] ) ) { 
  1004. $ids = array_slice( $ids, 0, absint( $_GET['limit'] ) ); 
  1005.  
  1006. $product_objects = array_filter( array_map( 'wc_get_product', $ids ), 'wc_products_array_filter_editable' ); 
  1007. $products = array(); 
  1008.  
  1009. foreach ( $product_objects as $product_object ) { 
  1010. $products[ $product_object->get_id() ] = rawurldecode( $product_object->get_formatted_name() ); 
  1011.  
  1012. wp_send_json( apply_filters( 'woocommerce_json_search_found_products', $products ) ); 
  1013.  
  1014. /** 
  1015. * Search for product variations and return json. 
  1016. * @see WC_AJAX::json_search_products() 
  1017. */ 
  1018. public static function json_search_products_and_variations() { 
  1019. self::json_search_products( '', true ); 
  1020.  
  1021. /** 
  1022. * Search for downloadable product variations and return json. 
  1023. * @see WC_AJAX::json_search_products() 
  1024. */ 
  1025. public static function json_search_downloadable_products_and_variations() { 
  1026. check_ajax_referer( 'search-products', 'security' ); 
  1027.  
  1028. $term = (string) wc_clean( stripslashes( $_GET['term'] ) ); 
  1029. $data_store = WC_Data_Store::load( 'product' ); 
  1030. $ids = $data_store->search_products( $term, 'downloadable', true ); 
  1031.  
  1032. if ( ! empty( $_GET['exclude'] ) ) { 
  1033. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  1034.  
  1035. if ( ! empty( $_GET['include'] ) ) { 
  1036. $ids = array_intersect( $ids, (array) $_GET['exclude'] ); 
  1037.  
  1038. if ( ! empty( $_GET['limit'] ) ) { 
  1039. $ids = array_slice( $ids, 0, absint( $_GET['limit'] ) ); 
  1040.  
  1041. $product_objects = array_filter( array_map( 'wc_get_product', $ids ), 'wc_products_array_filter_editable' ); 
  1042. $products = array(); 
  1043.  
  1044. foreach ( $product_objects as $product_object ) { 
  1045. $products[ $product_object->get_id() ] = rawurldecode( $product_object->get_formatted_name() ); 
  1046.  
  1047. wp_send_json( $products ); 
  1048.  
  1049. /** 
  1050. * Search for customers and return json. 
  1051. */ 
  1052. public static function json_search_customers() { 
  1053. ob_start(); 
  1054.  
  1055. check_ajax_referer( 'search-customers', 'security' ); 
  1056.  
  1057. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1058. wp_die( -1 ); 
  1059.  
  1060. $term = wc_clean( stripslashes( $_GET['term'] ) ); 
  1061. $exclude = array(); 
  1062.  
  1063. if ( empty( $term ) ) { 
  1064. wp_die(); 
  1065.  
  1066. // Stop if it is not numeric and smaller than 3 characters. 
  1067. if ( ! is_numeric( $term ) && 2 >= strlen( $term ) ) { 
  1068. wp_die(); 
  1069.  
  1070. // Search by ID. 
  1071. if ( is_numeric( $term ) ) { 
  1072. $customer = new WC_Customer( intval( $term ) ); 
  1073.  
  1074. // Customer does not exists. 
  1075. if ( 0 === $customer->get_id() ) { 
  1076. wp_die(); 
  1077.  
  1078. $ids = array( $customer->get_id() ); 
  1079. } else { 
  1080. $data_store = WC_Data_Store::load( 'customer' ); 
  1081. $ids = $data_store->search_customers( $term ); 
  1082.  
  1083. $found_customers = array(); 
  1084.  
  1085. if ( ! empty( $_GET['exclude'] ) ) { 
  1086. $ids = array_diff( $ids, (array) $_GET['exclude'] ); 
  1087.  
  1088. foreach ( $ids as $id ) { 
  1089. $customer = new WC_Customer( $id ); 
  1090. /** translators: 1: user display name 2: user ID 3: user email */ 
  1091. $found_customers[ $id ] = sprintf( 
  1092. esc_html__( '%1$s (#%2$s – %3$s)', 'woocommerce' ),  
  1093. $customer->get_first_name() . ' ' . $customer->get_last_name(),  
  1094. $customer->get_id(),  
  1095. $customer->get_email() 
  1096. ); 
  1097.  
  1098. wp_send_json( apply_filters( 'woocommerce_json_search_found_customers', $found_customers ) ); 
  1099.  
  1100. /** 
  1101. * Ajax request handling for categories ordering. 
  1102. */ 
  1103. public static function term_ordering() { 
  1104.  
  1105. // check permissions again and make sure we have what we need 
  1106. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['id'] ) ) { 
  1107. wp_die( -1 ); 
  1108.  
  1109. $id = (int) $_POST['id']; 
  1110. $next_id = isset( $_POST['nextid'] ) && (int) $_POST['nextid'] ? (int) $_POST['nextid'] : null; 
  1111. $taxonomy = isset( $_POST['thetaxonomy'] ) ? esc_attr( $_POST['thetaxonomy'] ) : null; 
  1112. $term = get_term_by( 'id', $id, $taxonomy ); 
  1113.  
  1114. if ( ! $id || ! $term || ! $taxonomy ) { 
  1115. wp_die( 0 ); 
  1116.  
  1117. wc_reorder_terms( $term, $next_id, $taxonomy ); 
  1118.  
  1119. $children = get_terms( $taxonomy, "child_of=$id&menu_order=ASC&hide_empty=0" ); 
  1120.  
  1121. if ( $term && sizeof( $children ) ) { 
  1122. echo 'children'; 
  1123. wp_die(); 
  1124.  
  1125. /** 
  1126. * Ajax request handling for product ordering. 
  1127. * Based on Simple Page Ordering by 10up (https://wordpress.org/plugins/simple-page-ordering/). 
  1128. */ 
  1129. public static function product_ordering() { 
  1130. global $wpdb; 
  1131.  
  1132. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['id'] ) ) { 
  1133. wp_die( -1 ); 
  1134.  
  1135. $sorting_id = absint( $_POST['id'] ); 
  1136. $previd = absint( isset( $_POST['previd'] ) ? $_POST['previd'] : 0 ); 
  1137. $nextid = absint( isset( $_POST['nextid'] ) ? $_POST['nextid'] : 0 ); 
  1138. $menu_orders = wp_list_pluck( $wpdb->get_results( "SELECT ID, menu_order FROM {$wpdb->posts} WHERE post_type = 'product' ORDER BY menu_order ASC, post_title ASC" ), 'menu_order', 'ID' ); 
  1139. $index = 0; 
  1140.  
  1141. foreach ( $menu_orders as $id => $menu_order ) { 
  1142. $id = absint( $id ); 
  1143.  
  1144. if ( $sorting_id === $id ) { 
  1145. continue; 
  1146. if ( $nextid === $id ) { 
  1147. $index ++; 
  1148. $index ++; 
  1149. $menu_orders[ $id ] = $index; 
  1150. $wpdb->update( $wpdb->posts, array( 'menu_order' => $index ), array( 'ID' => $id ) ); 
  1151.  
  1152. if ( isset( $menu_orders[ $previd ] ) ) { 
  1153. $menu_orders[ $sorting_id ] = $menu_orders[ $previd ] + 1; 
  1154. } elseif ( isset( $menu_orders[ $nextid ] ) ) { 
  1155. $menu_orders[ $sorting_id ] = $menu_orders[ $nextid ] - 1; 
  1156. } else { 
  1157. $menu_orders[ $sorting_id ] = 0; 
  1158.  
  1159. $wpdb->update( $wpdb->posts, array( 'menu_order' => $menu_orders[ $sorting_id ] ), array( 'ID' => $sorting_id ) ); 
  1160.  
  1161. do_action( 'woocommerce_after_product_ordering' ); 
  1162. wp_send_json( $menu_orders ); 
  1163.  
  1164. /** 
  1165. * Handle a refund via the edit order screen. 
  1166. */ 
  1167. public static function refund_line_items() { 
  1168. ob_start(); 
  1169.  
  1170. check_ajax_referer( 'order-item', 'security' ); 
  1171.  
  1172. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1173. wp_die( -1 ); 
  1174.  
  1175. $order_id = absint( $_POST['order_id'] ); 
  1176. $refund_amount = wc_format_decimal( sanitize_text_field( $_POST['refund_amount'] ), wc_get_price_decimals() ); 
  1177. $refund_reason = sanitize_text_field( $_POST['refund_reason'] ); 
  1178. $line_item_qtys = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_qtys'] ) ), true ); 
  1179. $line_item_totals = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_totals'] ) ), true ); 
  1180. $line_item_tax_totals = json_decode( sanitize_text_field( stripslashes( $_POST['line_item_tax_totals'] ) ), true ); 
  1181. $api_refund = 'true' === $_POST['api_refund']; 
  1182. $restock_refunded_items = 'true' === $_POST['restock_refunded_items']; 
  1183. $refund = false; 
  1184. $response_data = array(); 
  1185.  
  1186. try { 
  1187. $order = wc_get_order( $order_id ); 
  1188. $order_items = $order->get_items(); 
  1189. $max_refund = wc_format_decimal( $order->get_total() - $order->get_total_refunded(), wc_get_price_decimals() ); 
  1190.  
  1191. if ( ! $refund_amount || $max_refund < $refund_amount || 0 > $refund_amount ) { 
  1192. throw new exception( __( 'Invalid refund amount', 'woocommerce' ) ); 
  1193.  
  1194. // Prepare line items which we are refunding 
  1195. $line_items = array(); 
  1196. $item_ids = array_unique( array_merge( array_keys( $line_item_qtys, $line_item_totals ) ) ); 
  1197.  
  1198. foreach ( $item_ids as $item_id ) { 
  1199. $line_items[ $item_id ] = array( 'qty' => 0, 'refund_total' => 0, 'refund_tax' => array() ); 
  1200. foreach ( $line_item_qtys as $item_id => $qty ) { 
  1201. $line_items[ $item_id ]['qty'] = max( $qty, 0 ); 
  1202. foreach ( $line_item_totals as $item_id => $total ) { 
  1203. $line_items[ $item_id ]['refund_total'] = wc_format_decimal( $total ); 
  1204. foreach ( $line_item_tax_totals as $item_id => $tax_totals ) { 
  1205. $line_items[ $item_id ]['refund_tax'] = array_filter( array_map( 'wc_format_decimal', $tax_totals ) ); 
  1206.  
  1207. // Create the refund object. 
  1208. $refund = wc_create_refund( array( 
  1209. 'amount' => $refund_amount,  
  1210. 'reason' => $refund_reason,  
  1211. 'order_id' => $order_id,  
  1212. 'line_items' => $line_items,  
  1213. 'refund_payment' => $api_refund,  
  1214. 'restock_items' => $restock_refunded_items,  
  1215. ) ); 
  1216.  
  1217. if ( is_wp_error( $refund ) ) { 
  1218. throw new Exception( $refund->get_error_message() ); 
  1219.  
  1220. if ( did_action( 'woocommerce_order_fully_refunded' ) ) { 
  1221. $response_data['status'] = 'fully_refunded'; 
  1222.  
  1223. wp_send_json_success( $response_data ); 
  1224.  
  1225. } catch ( Exception $e ) { 
  1226. if ( $refund && is_a( $refund, 'WC_Order_Refund' ) ) { 
  1227. wp_delete_post( $refund->get_id(), true ); 
  1228. wp_send_json_error( array( 'error' => $e->getMessage() ) ); 
  1229.  
  1230. /** 
  1231. * Delete a refund. 
  1232. */ 
  1233. public static function delete_refund() { 
  1234. check_ajax_referer( 'order-item', 'security' ); 
  1235.  
  1236. if ( ! current_user_can( 'edit_shop_orders' ) ) { 
  1237. wp_die( -1 ); 
  1238.  
  1239. $refund_ids = array_map( 'absint', is_array( $_POST['refund_id'] ) ? $_POST['refund_id'] : array( $_POST['refund_id'] ) ); 
  1240. foreach ( $refund_ids as $refund_id ) { 
  1241. if ( $refund_id && 'shop_order_refund' === get_post_type( $refund_id ) ) { 
  1242. $refund = wc_get_order( $refund_id ); 
  1243. $order_id = $refund->get_parent_id(); 
  1244. $refund->delete( true ); 
  1245. do_action( 'woocommerce_refund_deleted', $refund_id, $order_id ); 
  1246. wp_die(); 
  1247.  
  1248. /** 
  1249. * Triggered when clicking the rating footer. 
  1250. */ 
  1251. public static function rated() { 
  1252. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1253. wp_die( -1 ); 
  1254. update_option( 'woocommerce_admin_footer_text_rated', 1 ); 
  1255. wp_die(); 
  1256.  
  1257. /** 
  1258. * Create/Update API key. 
  1259. */ 
  1260. public static function update_api_key() { 
  1261. ob_start(); 
  1262.  
  1263. global $wpdb; 
  1264.  
  1265. check_ajax_referer( 'update-api-key', 'security' ); 
  1266.  
  1267. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1268. wp_die( -1 ); 
  1269.  
  1270. try { 
  1271. if ( empty( $_POST['description'] ) ) { 
  1272. throw new Exception( __( 'Description is missing.', 'woocommerce' ) ); 
  1273. if ( empty( $_POST['user'] ) ) { 
  1274. throw new Exception( __( 'User is missing.', 'woocommerce' ) ); 
  1275. if ( empty( $_POST['permissions'] ) ) { 
  1276. throw new Exception( __( 'Permissions is missing.', 'woocommerce' ) ); 
  1277.  
  1278. $key_id = absint( $_POST['key_id'] ); 
  1279. $description = sanitize_text_field( wp_unslash( $_POST['description'] ) ); 
  1280. $permissions = ( in_array( $_POST['permissions'], array( 'read', 'write', 'read_write' ) ) ) ? sanitize_text_field( $_POST['permissions'] ) : 'read'; 
  1281. $user_id = absint( $_POST['user'] ); 
  1282.  
  1283. if ( 0 < $key_id ) { 
  1284. $data = array( 
  1285. 'user_id' => $user_id,  
  1286. 'description' => $description,  
  1287. 'permissions' => $permissions,  
  1288. ); 
  1289.  
  1290. $wpdb->update( 
  1291. $wpdb->prefix . 'woocommerce_api_keys',  
  1292. $data,  
  1293. array( 'key_id' => $key_id ),  
  1294. array( 
  1295. '%d',  
  1296. '%s',  
  1297. '%s',  
  1298. ),  
  1299. array( '%d' ) 
  1300. ); 
  1301.  
  1302. $data['consumer_key'] = ''; 
  1303. $data['consumer_secret'] = ''; 
  1304. $data['message'] = __( 'API Key updated successfully.', 'woocommerce' ); 
  1305. } else { 
  1306. $consumer_key = 'ck_' . wc_rand_hash(); 
  1307. $consumer_secret = 'cs_' . wc_rand_hash(); 
  1308.  
  1309. $data = array( 
  1310. 'user_id' => $user_id,  
  1311. 'description' => $description,  
  1312. 'permissions' => $permissions,  
  1313. 'consumer_key' => wc_api_hash( $consumer_key ),  
  1314. 'consumer_secret' => $consumer_secret,  
  1315. 'truncated_key' => substr( $consumer_key, -7 ),  
  1316. ); 
  1317.  
  1318. $wpdb->insert( 
  1319. $wpdb->prefix . 'woocommerce_api_keys',  
  1320. $data,  
  1321. array( 
  1322. '%d',  
  1323. '%s',  
  1324. '%s',  
  1325. '%s',  
  1326. '%s',  
  1327. '%s',  
  1328. ); 
  1329.  
  1330. $key_id = $wpdb->insert_id; 
  1331. $data['consumer_key'] = $consumer_key; 
  1332. $data['consumer_secret'] = $consumer_secret; 
  1333. $data['message'] = __( 'API Key generated successfully. Make sure to copy your new API keys now. You won\'t be able to see it again!', 'woocommerce' ); 
  1334. $data['revoke_url'] = '<a style="color: #a00; text-decoration: none;" href="' . esc_url( wp_nonce_url( add_query_arg( array( 'revoke-key' => $key_id ), admin_url( 'admin.php?page=wc-settings&tab=api§ion=keys' ) ), 'revoke' ) ) . '">' . __( 'Revoke key', 'woocommerce' ) . '</a>'; 
  1335.  
  1336. wp_send_json_success( $data ); 
  1337. } catch ( Exception $e ) { 
  1338. wp_send_json_error( array( 'message' => $e->getMessage() ) ); 
  1339.  
  1340. /** 
  1341. * Load variations via AJAX. 
  1342. */ 
  1343. public static function load_variations() { 
  1344. ob_start(); 
  1345.  
  1346. check_ajax_referer( 'load-variations', 'security' ); 
  1347.  
  1348. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['product_id'] ) ) { 
  1349. wp_die( -1 ); 
  1350.  
  1351. // Set $post global so its available, like within the admin screens 
  1352. global $post; 
  1353.  
  1354. $loop = 0; 
  1355. $product_id = absint( $_POST['product_id'] ); 
  1356. $post = get_post( $product_id ); 
  1357. $product_object = wc_get_product( $product_id ); 
  1358. $per_page = ! empty( $_POST['per_page'] ) ? absint( $_POST['per_page'] ) : 10; 
  1359. $page = ! empty( $_POST['page'] ) ? absint( $_POST['page'] ) : 1; 
  1360. $variations = wc_get_products( array( 
  1361. 'status' => array( 'private', 'publish' ),  
  1362. 'type' => 'variation',  
  1363. 'parent' => $product_id,  
  1364. 'limit' => $per_page,  
  1365. 'page' => $page,  
  1366. 'orderby' => array( 
  1367. 'menu_order' => 'ASC',  
  1368. 'ID' => 'DESC',  
  1369. ),  
  1370. 'return' => 'objects',  
  1371. ) ); 
  1372.  
  1373. if ( $variations ) { 
  1374. foreach ( $variations as $variation_object ) { 
  1375. $variation_id = $variation_object->get_id(); 
  1376. $variation = get_post( $variation_id ); 
  1377. $variation_data = array_merge( array_map( 'maybe_unserialize', get_post_custom( $variation_id ) ), wc_get_product_variation_attributes( $variation_id ) ); // kept for BW compat. 
  1378. include( 'admin/meta-boxes/views/html-variation-admin.php' ); 
  1379. $loop++; 
  1380. wp_die(); 
  1381.  
  1382. /** 
  1383. * Save variations via AJAX. 
  1384. */ 
  1385. public static function save_variations() { 
  1386. ob_start(); 
  1387.  
  1388. check_ajax_referer( 'save-variations', 'security' ); 
  1389.  
  1390. // Check permissions again and make sure we have what we need 
  1391. if ( ! current_user_can( 'edit_products' ) || empty( $_POST ) || empty( $_POST['product_id'] ) ) { 
  1392. wp_die( -1 ); 
  1393.  
  1394. $product_id = absint( $_POST['product_id'] ); 
  1395. WC_Admin_Meta_Boxes::$meta_box_errors = array(); 
  1396. WC_Meta_Box_Product_Data::save_variations( $product_id, get_post( $product_id ) ); 
  1397.  
  1398. do_action( 'woocommerce_ajax_save_product_variations', $product_id ); 
  1399.  
  1400. if ( $errors = WC_Admin_Meta_Boxes::$meta_box_errors ) { 
  1401. echo '<div class="error notice is-dismissible">'; 
  1402.  
  1403. foreach ( $errors as $error ) { 
  1404. echo '<p>' . wp_kses_post( $error ) . '</p>'; 
  1405.  
  1406. echo '<button type="button" class="notice-dismiss"><span class="screen-reader-text">' . __( 'Dismiss this notice.', 'woocommerce' ) . '</span></button>'; 
  1407. echo '</div>'; 
  1408.  
  1409. delete_option( 'woocommerce_meta_box_errors' ); 
  1410.  
  1411. wp_die(); 
  1412.  
  1413. /** 
  1414. * Bulk action - Toggle Enabled. 
  1415. * @access private 
  1416. * @used-by bulk_edit_variations 
  1417. * @param array $variations 
  1418. * @param array $data 
  1419. */ 
  1420. private static function variation_bulk_action_toggle_enabled( $variations, $data ) { 
  1421. foreach ( $variations as $variation_id ) { 
  1422. $variation = wc_get_product( $variation_id ); 
  1423. $variation->set_status( 'private' === $variation->get_status( 'edit' ) ? 'publish' : 'private' ); 
  1424. $variation->save(); 
  1425.  
  1426. /** 
  1427. * Bulk action - Toggle Downloadable Checkbox. 
  1428. * @access private 
  1429. * @used-by bulk_edit_variations 
  1430. * @param array $variations 
  1431. * @param array $data 
  1432. */ 
  1433. private static function variation_bulk_action_toggle_downloadable( $variations, $data ) { 
  1434. self::variation_bulk_toggle( $variations, 'downloadable' ); 
  1435.  
  1436. /** 
  1437. * Bulk action - Toggle Virtual Checkbox. 
  1438. * @access private 
  1439. * @used-by bulk_edit_variations 
  1440. * @param array $variations 
  1441. * @param array $data 
  1442. */ 
  1443. private static function variation_bulk_action_toggle_virtual( $variations, $data ) { 
  1444. self::variation_bulk_toggle( $variations, 'virtual' ); 
  1445.  
  1446. /** 
  1447. * Bulk action - Toggle Manage Stock Checkbox. 
  1448. * @access private 
  1449. * @used-by bulk_edit_variations 
  1450. * @param array $variations 
  1451. * @param array $data 
  1452. */ 
  1453. private static function variation_bulk_action_toggle_manage_stock( $variations, $data ) { 
  1454. self::variation_bulk_toggle( $variations, 'manage_stock' ); 
  1455.  
  1456. /** 
  1457. * Bulk action - Set Regular Prices. 
  1458. * @access private 
  1459. * @used-by bulk_edit_variations 
  1460. * @param array $variations 
  1461. * @param array $data 
  1462. */ 
  1463. private static function variation_bulk_action_variable_regular_price( $variations, $data ) { 
  1464. self::variation_bulk_set( $variations, 'regular_price', $data['value'] ); 
  1465.  
  1466. /** 
  1467. * Bulk action - Set Sale Prices. 
  1468. * @access private 
  1469. * @used-by bulk_edit_variations 
  1470. * @param array $variations 
  1471. * @param array $data 
  1472. */ 
  1473. private static function variation_bulk_action_variable_sale_price( $variations, $data ) { 
  1474. self::variation_bulk_set( $variations, 'sale_price', $data['value'] ); 
  1475.  
  1476. /** 
  1477. * Bulk action - Set Stock. 
  1478. * @access private 
  1479. * @used-by bulk_edit_variations 
  1480. * @param array $variations 
  1481. * @param array $data 
  1482. */ 
  1483. private static function variation_bulk_action_variable_stock( $variations, $data ) { 
  1484. if ( ! isset( $data['value'] ) ) { 
  1485. return; 
  1486.  
  1487. $quantity = wc_stock_amount( wc_clean( $data['value'] ) ); 
  1488.  
  1489. foreach ( $variations as $variation_id ) { 
  1490. $variation = wc_get_product( $variation_id ); 
  1491. if ( $variation->managing_stock() ) { 
  1492. $variation->set_stock_quantity( $quantity ); 
  1493. } else { 
  1494. $variation->set_stock_quantity( null ); 
  1495. $variation->save(); 
  1496.  
  1497. /** 
  1498. * Bulk action - Set Weight. 
  1499. * @access private 
  1500. * @used-by bulk_edit_variations 
  1501. * @param array $variations 
  1502. * @param array $data 
  1503. */ 
  1504. private static function variation_bulk_action_variable_weight( $variations, $data ) { 
  1505. self::variation_bulk_set( $variations, 'weight', $data['value'] ); 
  1506.  
  1507. /** 
  1508. * Bulk action - Set Length. 
  1509. * @access private 
  1510. * @used-by bulk_edit_variations 
  1511. * @param array $variations 
  1512. * @param array $data 
  1513. */ 
  1514. private static function variation_bulk_action_variable_length( $variations, $data ) { 
  1515. self::variation_bulk_set( $variations, 'length', $data['value'] ); 
  1516.  
  1517. /** 
  1518. * Bulk action - Set Width. 
  1519. * @access private 
  1520. * @used-by bulk_edit_variations 
  1521. * @param array $variations 
  1522. * @param array $data 
  1523. */ 
  1524. private static function variation_bulk_action_variable_width( $variations, $data ) { 
  1525. self::variation_bulk_set( $variations, 'width', $data['value'] ); 
  1526.  
  1527. /** 
  1528. * Bulk action - Set Height. 
  1529. * @access private 
  1530. * @used-by bulk_edit_variations 
  1531. * @param array $variations 
  1532. * @param array $data 
  1533. */ 
  1534. private static function variation_bulk_action_variable_height( $variations, $data ) { 
  1535. self::variation_bulk_set( $variations, 'height', $data['value'] ); 
  1536.  
  1537. /** 
  1538. * Bulk action - Set Download Limit. 
  1539. * @access private 
  1540. * @used-by bulk_edit_variations 
  1541. * @param array $variations 
  1542. * @param array $data 
  1543. */ 
  1544. private static function variation_bulk_action_variable_download_limit( $variations, $data ) { 
  1545. self::variation_bulk_set( $variations, 'download_limit', $data['value'] ); 
  1546.  
  1547. /** 
  1548. * Bulk action - Set Download Expiry. 
  1549. * @access private 
  1550. * @used-by bulk_edit_variations 
  1551. * @param array $variations 
  1552. * @param array $data 
  1553. */ 
  1554. private static function variation_bulk_action_variable_download_expiry( $variations, $data ) { 
  1555. self::variation_bulk_set( $variations, 'download_expiry', $data['value'] ); 
  1556.  
  1557. /** 
  1558. * Bulk action - Delete all. 
  1559. * @access private 
  1560. * @used-by bulk_edit_variations 
  1561. * @param array $variations 
  1562. * @param array $data 
  1563. */ 
  1564. private static function variation_bulk_action_delete_all( $variations, $data ) { 
  1565. if ( isset( $data['allowed'] ) && 'true' === $data['allowed'] ) { 
  1566. foreach ( $variations as $variation_id ) { 
  1567. $variation = wc_get_product( $variation_id ); 
  1568. $variation->delete( true ); 
  1569.  
  1570. /** 
  1571. * Bulk action - Sale Schedule. 
  1572. * @access private 
  1573. * @used-by bulk_edit_variations 
  1574. * @param array $variations 
  1575. * @param array $data 
  1576. */ 
  1577. private static function variation_bulk_action_variable_sale_schedule( $variations, $data ) { 
  1578. if ( ! isset( $data['date_from'] ) && ! isset( $data['date_to'] ) ) { 
  1579. return; 
  1580.  
  1581. foreach ( $variations as $variation_id ) { 
  1582. $variation = wc_get_product( $variation_id ); 
  1583.  
  1584. if ( 'false' !== $data['date_from'] ) { 
  1585. $variation->set_date_on_sale_from( wc_clean( $data['date_from'] ) ); 
  1586.  
  1587. if ( 'false' !== $data['date_to'] ) { 
  1588. $variation->set_date_on_sale_to( wc_clean( $data['date_to'] ) ); 
  1589.  
  1590. $variation->save(); 
  1591.  
  1592. /** 
  1593. * Bulk action - Increase Regular Prices. 
  1594. * @access private 
  1595. * @used-by bulk_edit_variations 
  1596. * @param array $variations 
  1597. * @param array $data 
  1598. */ 
  1599. private static function variation_bulk_action_variable_regular_price_increase( $variations, $data ) { 
  1600. self::variation_bulk_adjust_price( $variations, 'regular_price', '+', wc_clean( $data['value'] ) ); 
  1601.  
  1602. /** 
  1603. * Bulk action - Decrease Regular Prices. 
  1604. * @access private 
  1605. * @used-by bulk_edit_variations 
  1606. * @param array $variations 
  1607. * @param array $data 
  1608. */ 
  1609. private static function variation_bulk_action_variable_regular_price_decrease( $variations, $data ) { 
  1610. self::variation_bulk_adjust_price( $variations, 'regular_price', '-', wc_clean( $data['value'] ) ); 
  1611.  
  1612. /** 
  1613. * Bulk action - Increase Sale Prices. 
  1614. * @access private 
  1615. * @used-by bulk_edit_variations 
  1616. * @param array $variations 
  1617. * @param array $data 
  1618. */ 
  1619. private static function variation_bulk_action_variable_sale_price_increase( $variations, $data ) { 
  1620. self::variation_bulk_adjust_price( $variations, 'sale_price', '+', wc_clean( $data['value'] ) ); 
  1621.  
  1622. /** 
  1623. * Bulk action - Decrease Sale Prices. 
  1624. * @access private 
  1625. * @used-by bulk_edit_variations 
  1626. * @param array $variations 
  1627. * @param array $data 
  1628. */ 
  1629. private static function variation_bulk_action_variable_sale_price_decrease( $variations, $data ) { 
  1630. self::variation_bulk_adjust_price( $variations, 'sale_price', '-', wc_clean( $data['value'] ) ); 
  1631.  
  1632. /** 
  1633. * Bulk action - Set Price. 
  1634. * @access private 
  1635. * @used-by bulk_edit_variations 
  1636. * @param array $variations 
  1637. * @param string $operator + or - 
  1638. * @param string $field price being adjusted _regular_price or _sale_price 
  1639. * @param string $value Price or Percent 
  1640. */ 
  1641. private static function variation_bulk_adjust_price( $variations, $field, $operator, $value ) { 
  1642. foreach ( $variations as $variation_id ) { 
  1643. $variation = wc_get_product( $variation_id ); 
  1644. $field_value = $variation->{"get_$field"}( 'edit' ); 
  1645.  
  1646. if ( '%' === substr( $value, -1 ) ) { 
  1647. $percent = wc_format_decimal( substr( $value, 0, -1 ) ); 
  1648. $field_value += ( ( $field_value / 100 ) * $percent ) * "{$operator}1"; 
  1649. } else { 
  1650. $field_value += $value * "{$operator}1"; 
  1651.  
  1652. $variation->{"set_$field"}( $field_value ); 
  1653. $variation->save(); 
  1654.  
  1655. /** 
  1656. * Bulk set convenience function. 
  1657. * @access private 
  1658. * @param array $variations 
  1659. * @param string $field 
  1660. * @param string $value 
  1661. */ 
  1662. private static function variation_bulk_set( $variations, $field, $value ) { 
  1663. foreach ( $variations as $variation_id ) { 
  1664. $variation = wc_get_product( $variation_id ); 
  1665. $variation->{ "set_$field" }( wc_clean( $value ) ); 
  1666. $variation->save(); 
  1667.  
  1668. /** 
  1669. * Bulk toggle convenience function. 
  1670. * @access private 
  1671. * @param array $variations 
  1672. * @param string $field 
  1673. */ 
  1674. private static function variation_bulk_toggle( $variations, $field ) { 
  1675. foreach ( $variations as $variation_id ) { 
  1676. $variation = wc_get_product( $variation_id ); 
  1677. $prev_value = $variation->{ "get_$field" }( 'edit' ); 
  1678. $variation->{ "set_$field" }( ! $prev_value ); 
  1679. $variation->save(); 
  1680.  
  1681. /** 
  1682. * Bulk edit variations via AJAX. 
  1683. * @uses WC_AJAX::variation_bulk_set() 
  1684. * @uses WC_AJAX::variation_bulk_adjust_price() 
  1685. * @uses WC_AJAX::variation_bulk_action_variable_sale_price_decrease() 
  1686. * @uses WC_AJAX::variation_bulk_action_variable_sale_price_increase() 
  1687. * @uses WC_AJAX::variation_bulk_action_variable_regular_price_decrease() 
  1688. * @uses WC_AJAX::variation_bulk_action_variable_regular_price_increase() 
  1689. * @uses WC_AJAX::variation_bulk_action_variable_sale_schedule() 
  1690. * @uses WC_AJAX::variation_bulk_action_delete_all() 
  1691. * @uses WC_AJAX::variation_bulk_action_variable_download_expiry() 
  1692. * @uses WC_AJAX::variation_bulk_action_variable_download_limit() 
  1693. * @uses WC_AJAX::variation_bulk_action_variable_height() 
  1694. * @uses WC_AJAX::variation_bulk_action_variable_width() 
  1695. * @uses WC_AJAX::variation_bulk_action_variable_length() 
  1696. * @uses WC_AJAX::variation_bulk_action_variable_weight() 
  1697. * @uses WC_AJAX::variation_bulk_action_variable_stock() 
  1698. * @uses WC_AJAX::variation_bulk_action_variable_sale_price() 
  1699. * @uses WC_AJAX::variation_bulk_action_variable_regular_price() 
  1700. * @uses WC_AJAX::variation_bulk_action_toggle_manage_stock() 
  1701. * @uses WC_AJAX::variation_bulk_action_toggle_virtual() 
  1702. * @uses WC_AJAX::variation_bulk_action_toggle_downloadable() 
  1703. * @uses WC_AJAX::variation_bulk_action_toggle_enabled 
  1704. */ 
  1705. public static function bulk_edit_variations() { 
  1706. ob_start(); 
  1707.  
  1708. check_ajax_referer( 'bulk-edit-variations', 'security' ); 
  1709.  
  1710. // Check permissions again and make sure we have what we need 
  1711. if ( ! current_user_can( 'edit_products' ) || empty( $_POST['product_id'] ) || empty( $_POST['bulk_action'] ) ) { 
  1712. wp_die( -1 ); 
  1713.  
  1714. $product_id = absint( $_POST['product_id'] ); 
  1715. $bulk_action = wc_clean( $_POST['bulk_action'] ); 
  1716. $data = ! empty( $_POST['data'] ) ? array_map( 'wc_clean', $_POST['data'] ) : array(); 
  1717. $variations = array(); 
  1718.  
  1719. if ( apply_filters( 'woocommerce_bulk_edit_variations_need_children', true ) ) { 
  1720. $variations = get_posts( array( 
  1721. 'post_parent' => $product_id,  
  1722. 'posts_per_page' => -1,  
  1723. 'post_type' => 'product_variation',  
  1724. 'fields' => 'ids',  
  1725. 'post_status' => array( 'publish', 'private' ),  
  1726. ) ); 
  1727.  
  1728. if ( method_exists( __CLASS__, "variation_bulk_action_$bulk_action" ) ) { 
  1729. call_user_func( array( __CLASS__, "variation_bulk_action_$bulk_action" ), $variations, $data ); 
  1730. } else { 
  1731. do_action( 'woocommerce_bulk_edit_variations_default', $bulk_action, $data, $product_id, $variations ); 
  1732.  
  1733. do_action( 'woocommerce_bulk_edit_variations', $bulk_action, $data, $product_id, $variations ); 
  1734. WC_Product_Variable::sync( $product_id ); 
  1735. wc_delete_product_transients( $product_id ); 
  1736. wp_die(); 
  1737.  
  1738. /** 
  1739. * Handle submissions from assets/js/settings-views-html-settings-tax.js Backbone model. 
  1740. */ 
  1741. public static function tax_rates_save_changes() { 
  1742. if ( ! isset( $_POST['wc_tax_nonce'], $_POST['changes'] ) ) { 
  1743. wp_send_json_error( 'missing_fields' ); 
  1744. exit; 
  1745.  
  1746. $current_class = ! empty( $_POST['current_class'] ) ? $_POST['current_class'] : ''; // This is sanitized seven lines later. 
  1747.  
  1748. if ( ! wp_verify_nonce( $_POST['wc_tax_nonce'], 'wc_tax_nonce-class:' . $current_class ) ) { 
  1749. wp_send_json_error( 'bad_nonce' ); 
  1750. exit; 
  1751.  
  1752. $current_class = WC_Tax::format_tax_rate_class( $current_class ); 
  1753.  
  1754. // Check User Caps 
  1755. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1756. wp_send_json_error( 'missing_capabilities' ); 
  1757. exit; 
  1758.  
  1759. $changes = $_POST['changes']; 
  1760. foreach ( $changes as $tax_rate_id => $data ) { 
  1761. if ( isset( $data['deleted'] ) ) { 
  1762. if ( isset( $data['newRow'] ) ) { 
  1763. // So the user added and deleted a new row. 
  1764. // That's fine, it's not in the database anyways. NEXT! 
  1765. continue; 
  1766. WC_Tax::_delete_tax_rate( $tax_rate_id ); 
  1767.  
  1768. $tax_rate = array_intersect_key( $data, array( 
  1769. 'tax_rate_country' => 1,  
  1770. 'tax_rate_state' => 1,  
  1771. 'tax_rate' => 1,  
  1772. 'tax_rate_name' => 1,  
  1773. 'tax_rate_priority' => 1,  
  1774. 'tax_rate_compound' => 1,  
  1775. 'tax_rate_shipping' => 1,  
  1776. 'tax_rate_order' => 1,  
  1777. ) ); 
  1778.  
  1779. if ( isset( $data['newRow'] ) ) { 
  1780. // Hurrah, shiny and new! 
  1781. $tax_rate['tax_rate_class'] = $current_class; 
  1782. $tax_rate_id = WC_Tax::_insert_tax_rate( $tax_rate ); 
  1783. } else { 
  1784. // Updating an existing rate ... 
  1785. if ( ! empty( $tax_rate ) ) { 
  1786. WC_Tax::_update_tax_rate( $tax_rate_id, $tax_rate ); 
  1787.  
  1788. if ( isset( $data['postcode'] ) ) { 
  1789. $postcode = array_map( 'wc_clean', $data['postcode'] ); 
  1790. $postcode = array_map( 'wc_normalize_postcode', $postcode ); 
  1791. WC_Tax::_update_tax_rate_postcodes( $tax_rate_id, $postcode ); 
  1792. if ( isset( $data['city'] ) ) { 
  1793. WC_Tax::_update_tax_rate_cities( $tax_rate_id, array_map( 'wc_clean', $data['city'] ) ); 
  1794.  
  1795. wp_send_json_success( array( 
  1796. 'rates' => WC_Tax::get_rates_for_tax_class( $current_class ),  
  1797. ) ); 
  1798.  
  1799. /** 
  1800. * Handle submissions from assets/js/wc-shipping-zones.js Backbone model. 
  1801. */ 
  1802. public static function shipping_zones_save_changes() { 
  1803. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['changes'] ) ) { 
  1804. wp_send_json_error( 'missing_fields' ); 
  1805. exit; 
  1806.  
  1807. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1808. wp_send_json_error( 'bad_nonce' ); 
  1809. exit; 
  1810.  
  1811. // Check User Caps 
  1812. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1813. wp_send_json_error( 'missing_capabilities' ); 
  1814. exit; 
  1815.  
  1816. $changes = $_POST['changes']; 
  1817. foreach ( $changes as $zone_id => $data ) { 
  1818. if ( isset( $data['deleted'] ) ) { 
  1819. if ( isset( $data['newRow'] ) ) { 
  1820. // So the user added and deleted a new row. 
  1821. // That's fine, it's not in the database anyways. NEXT! 
  1822. continue; 
  1823. WC_Shipping_Zones::delete_zone( $zone_id ); 
  1824. continue; 
  1825.  
  1826. $zone_data = array_intersect_key( $data, array( 
  1827. 'zone_id' => 1,  
  1828. 'zone_order' => 1,  
  1829. ) ); 
  1830.  
  1831. if ( isset( $zone_data['zone_id'] ) ) { 
  1832. $zone = new WC_Shipping_Zone( $zone_data['zone_id'] ); 
  1833.  
  1834. if ( isset( $zone_data['zone_order'] ) ) { 
  1835. $zone->set_zone_order( $zone_data['zone_order'] ); 
  1836.  
  1837. $zone->save(); 
  1838.  
  1839. wp_send_json_success( array( 
  1840. 'zones' => WC_Shipping_Zones::get_zones(),  
  1841. ) ); 
  1842.  
  1843. /** 
  1844. * Handle submissions from assets/js/wc-shipping-zone-methods.js Backbone model. 
  1845. */ 
  1846. public static function shipping_zone_add_method() { 
  1847. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['zone_id'], $_POST['method_id'] ) ) { 
  1848. wp_send_json_error( 'missing_fields' ); 
  1849. exit; 
  1850.  
  1851. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1852. wp_send_json_error( 'bad_nonce' ); 
  1853. exit; 
  1854.  
  1855. // Check User Caps 
  1856. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1857. wp_send_json_error( 'missing_capabilities' ); 
  1858. exit; 
  1859.  
  1860. $zone_id = wc_clean( $_POST['zone_id'] ); 
  1861. $zone = new WC_Shipping_Zone( $zone_id ); 
  1862. $instance_id = $zone->add_shipping_method( wc_clean( $_POST['method_id'] ) ); 
  1863.  
  1864. wp_send_json_success( array( 
  1865. 'instance_id' => $instance_id,  
  1866. 'zone_id' => $zone->get_id(),  
  1867. 'zone_name' => $zone->get_zone_name(),  
  1868. 'methods' => $zone->get_shipping_methods(),  
  1869. ) ); 
  1870.  
  1871. /** 
  1872. * Handle submissions from assets/js/wc-shipping-zone-methods.js Backbone model. 
  1873. */ 
  1874. public static function shipping_zone_methods_save_changes() { 
  1875. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['zone_id'], $_POST['changes'] ) ) { 
  1876. wp_send_json_error( 'missing_fields' ); 
  1877. exit; 
  1878.  
  1879. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1880. wp_send_json_error( 'bad_nonce' ); 
  1881. exit; 
  1882.  
  1883. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1884. wp_send_json_error( 'missing_capabilities' ); 
  1885. exit; 
  1886.  
  1887. global $wpdb; 
  1888.  
  1889. $zone_id = wc_clean( $_POST['zone_id'] ); 
  1890. $zone = new WC_Shipping_Zone( $zone_id ); 
  1891. $changes = $_POST['changes']; 
  1892.  
  1893. if ( isset( $changes['zone_name'] ) ) { 
  1894. $zone->set_zone_name( wc_clean( $changes['zone_name'] ) ); 
  1895.  
  1896. if ( isset( $changes['zone_locations'] ) ) { 
  1897. $zone->clear_locations( array( 'state', 'country', 'continent' ) ); 
  1898. $locations = array_filter( array_map( 'wc_clean', (array) $changes['zone_locations'] ) ); 
  1899. foreach ( $locations as $location ) { 
  1900. // Each posted location will be in the format type:code 
  1901. $location_parts = explode( ':', $location ); 
  1902. switch ( $location_parts[0] ) { 
  1903. case 'state' : 
  1904. $zone->add_location( $location_parts[1] . ':' . $location_parts[2], 'state' ); 
  1905. break; 
  1906. case 'country' : 
  1907. $zone->add_location( $location_parts[1], 'country' ); 
  1908. break; 
  1909. case 'continent' : 
  1910. $zone->add_location( $location_parts[1], 'continent' ); 
  1911. break; 
  1912.  
  1913. if ( isset( $changes['zone_postcodes'] ) ) { 
  1914. $zone->clear_locations( 'postcode' ); 
  1915. $postcodes = array_filter( array_map( 'strtoupper', array_map( 'wc_clean', explode( "\n", $changes['zone_postcodes'] ) ) ) ); 
  1916. foreach ( $postcodes as $postcode ) { 
  1917. $zone->add_location( $postcode, 'postcode' ); 
  1918.  
  1919. if ( isset( $changes['methods'] ) ) { 
  1920. foreach ( $changes['methods'] as $instance_id => $data ) { 
  1921. $method_id = $wpdb->get_var( $wpdb->prepare( "SELECT method_id FROM {$wpdb->prefix}woocommerce_shipping_zone_methods WHERE instance_id = %d", $instance_id ) ); 
  1922.  
  1923. if ( isset( $data['deleted'] ) ) { 
  1924. $shipping_method = WC_Shipping_Zones::get_shipping_method( $instance_id ); 
  1925. $option_key = $shipping_method->get_instance_option_key(); 
  1926. if ( $wpdb->delete( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'instance_id' => $instance_id ) ) ) { 
  1927. delete_option( $option_key ); 
  1928. do_action( 'woocommerce_shipping_zone_method_deleted', $instance_id, $method_id, $zone_id ); 
  1929. continue; 
  1930.  
  1931. $method_data = array_intersect_key( $data, array( 
  1932. 'method_order' => 1,  
  1933. 'enabled' => 1,  
  1934. ) ); 
  1935.  
  1936. if ( isset( $method_data['method_order'] ) ) { 
  1937. $wpdb->update( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'method_order' => absint( $method_data['method_order'] ) ), array( 'instance_id' => absint( $instance_id ) ) ); 
  1938.  
  1939. if ( isset( $method_data['enabled'] ) ) { 
  1940. $is_enabled = absint( 'yes' === $method_data['enabled'] ); 
  1941. if ( $wpdb->update( "{$wpdb->prefix}woocommerce_shipping_zone_methods", array( 'is_enabled' => $is_enabled ), array( 'instance_id' => absint( $instance_id ) ) ) ) { 
  1942. do_action( 'woocommerce_shipping_zone_method_status_toggled', $instance_id, $method_id, $zone_id, $is_enabled ); 
  1943.  
  1944. $zone->save(); 
  1945.  
  1946. wp_send_json_success( array( 
  1947. 'zone_id' => $zone->get_id(),  
  1948. 'zone_name' => $zone->get_zone_name(),  
  1949. 'methods' => $zone->get_shipping_methods(),  
  1950. ) ); 
  1951.  
  1952. /** 
  1953. * Save method settings 
  1954. */ 
  1955. public static function shipping_zone_methods_save_settings() { 
  1956. if ( ! isset( $_POST['wc_shipping_zones_nonce'], $_POST['instance_id'], $_POST['data'] ) ) { 
  1957. wp_send_json_error( 'missing_fields' ); 
  1958. exit; 
  1959.  
  1960. if ( ! wp_verify_nonce( $_POST['wc_shipping_zones_nonce'], 'wc_shipping_zones_nonce' ) ) { 
  1961. wp_send_json_error( 'bad_nonce' ); 
  1962. exit; 
  1963.  
  1964. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1965. wp_send_json_error( 'missing_capabilities' ); 
  1966. exit; 
  1967.  
  1968. $instance_id = absint( $_POST['instance_id'] ); 
  1969. $zone = WC_Shipping_Zones::get_zone_by( 'instance_id', $instance_id ); 
  1970. $shipping_method = WC_Shipping_Zones::get_shipping_method( $instance_id ); 
  1971. $shipping_method->set_post_data( $_POST['data'] ); 
  1972. $shipping_method->process_admin_options(); 
  1973.  
  1974. wp_send_json_success( array( 
  1975. 'zone_id' => $zone->get_id(),  
  1976. 'zone_name' => $zone->get_zone_name(),  
  1977. 'methods' => $zone->get_shipping_methods(),  
  1978. 'errors' => $shipping_method->get_errors(),  
  1979. ) ); 
  1980.  
  1981. /** 
  1982. * Handle submissions from assets/js/wc-shipping-classes.js Backbone model. 
  1983. */ 
  1984. public static function shipping_classes_save_changes() { 
  1985. if ( ! isset( $_POST['wc_shipping_classes_nonce'], $_POST['changes'] ) ) { 
  1986. wp_send_json_error( 'missing_fields' ); 
  1987. exit; 
  1988.  
  1989. if ( ! wp_verify_nonce( $_POST['wc_shipping_classes_nonce'], 'wc_shipping_classes_nonce' ) ) { 
  1990. wp_send_json_error( 'bad_nonce' ); 
  1991. exit; 
  1992.  
  1993. if ( ! current_user_can( 'manage_woocommerce' ) ) { 
  1994. wp_send_json_error( 'missing_capabilities' ); 
  1995. exit; 
  1996.  
  1997. $changes = $_POST['changes']; 
  1998.  
  1999. foreach ( $changes as $term_id => $data ) { 
  2000. $term_id = absint( $term_id ); 
  2001.  
  2002. if ( isset( $data['deleted'] ) ) { 
  2003. if ( isset( $data['newRow'] ) ) { 
  2004. // So the user added and deleted a new row. 
  2005. // That's fine, it's not in the database anyways. NEXT! 
  2006. continue; 
  2007. wp_delete_term( $term_id, 'product_shipping_class' ); 
  2008. continue; 
  2009.  
  2010. $update_args = array(); 
  2011.  
  2012. if ( isset( $data['name'] ) ) { 
  2013. $update_args['name'] = wc_clean( $data['name'] ); 
  2014.  
  2015. if ( isset( $data['slug'] ) ) { 
  2016. $update_args['slug'] = wc_clean( $data['slug'] ); 
  2017.  
  2018. if ( isset( $data['description'] ) ) { 
  2019. $update_args['description'] = wc_clean( $data['description'] ); 
  2020.  
  2021. if ( isset( $data['newRow'] ) ) { 
  2022. $update_args = array_filter( $update_args ); 
  2023. if ( empty( $update_args['name'] ) ) { 
  2024. continue; 
  2025. $term_id = wp_insert_term( $update_args['name'], 'product_shipping_class', $update_args ); 
  2026. } else { 
  2027. wp_update_term( $term_id, 'product_shipping_class', $update_args ); 
  2028.  
  2029. do_action( 'woocommerce_shipping_classes_save_class', $term_id, $data ); 
  2030.  
  2031. $wc_shipping = WC_Shipping::instance(); 
  2032.  
  2033. wp_send_json_success( array( 
  2034. 'shipping_classes' => $wc_shipping->get_shipping_classes(),  
  2035. ) );