/includes/shortcodes/class-wc-shortcode-my-account.php

  1. <?php 
  2. /** 
  3. * My Account Shortcodes 
  4. * 
  5. * Shows the 'my account' section where the customer can view past orders and update their information. 
  6. * 
  7. * @author WooThemes 
  8. * @category Shortcodes 
  9. * @package WooCommerce/Shortcodes/My_Account 
  10. * @version 2.0.0 
  11. */ 
  12. class WC_Shortcode_My_Account { 
  13.  
  14. /** 
  15. * Get the shortcode content. 
  16. * 
  17. * @param array $atts 
  18. * @return string 
  19. */ 
  20. public static function get( $atts ) { 
  21. return WC_Shortcodes::shortcode_wrapper( array( __CLASS__, 'output' ), $atts ); 
  22.  
  23. /** 
  24. * Output the shortcode. 
  25. * 
  26. * @param array $atts 
  27. */ 
  28. public static function output( $atts ) { 
  29. global $wp; 
  30.  
  31. // Check cart class is loaded or abort 
  32. if ( is_null( WC()->cart ) ) { 
  33. return; 
  34.  
  35. if ( ! is_user_logged_in() ) { 
  36. $message = apply_filters( 'woocommerce_my_account_message', '' ); 
  37.  
  38. if ( ! empty( $message ) ) { 
  39. wc_add_notice( $message ); 
  40.  
  41. // After password reset, add confirmation message. 
  42. if ( ! empty( $_GET['password-reset'] ) ) { 
  43. wc_add_notice( __( 'Your password has been reset successfully.', 'woocommerce' ) ); 
  44.  
  45. if ( isset( $wp->query_vars['lost-password'] ) ) { 
  46. self::lost_password(); 
  47. } else { 
  48. wc_get_template( 'myaccount/form-login.php' ); 
  49. } else { 
  50. // Start output buffer since the html may need discarding for BW compatibility 
  51. ob_start(); 
  52.  
  53. // Collect notices before output 
  54. $notices = wc_get_notices(); 
  55.  
  56. // Output the new account page 
  57. self::my_account( $atts ); 
  58.  
  59. /** 
  60. * Deprecated my-account.php template handling. This code should be 
  61. * removed in a future release. 
  62. * 
  63. * If woocommerce_account_content did not run, this is an old template 
  64. * so we need to render the endpoint content again. 
  65. */ 
  66. if ( ! did_action( 'woocommerce_account_content' ) ) { 
  67. foreach ( $wp->query_vars as $key => $value ) { 
  68. if ( 'pagename' === $key ) { 
  69. continue; 
  70. if ( has_action( 'woocommerce_account_' . $key . '_endpoint' ) ) { 
  71. ob_clean(); // Clear previous buffer 
  72. wc_set_notices( $notices ); 
  73. wc_print_notices(); 
  74. do_action( 'woocommerce_account_' . $key . '_endpoint', $value ); 
  75. break; 
  76.  
  77. wc_deprecated_function( 'Your theme version of my-account.php template', '2.6', 'the latest version, which supports multiple account pages and navigation, from WC 2.6.0' ); 
  78.  
  79. // Send output buffer 
  80. ob_end_flush(); 
  81.  
  82. /** 
  83. * My account page. 
  84. * 
  85. * @param array $atts 
  86. */ 
  87. private static function my_account( $atts ) { 
  88. extract( shortcode_atts( array( 
  89. 'order_count' => 15, // @deprecated 2.6.0. Keep for backward compatibility. 
  90. ), $atts, 'woocommerce_my_account' ) ); 
  91.  
  92. wc_get_template( 'myaccount/my-account.php', array( 
  93. 'current_user' => get_user_by( 'id', get_current_user_id() ),  
  94. 'order_count' => 'all' == $order_count ? -1 : $order_count,  
  95. ) ); 
  96.  
  97. /** 
  98. * View order page. 
  99. * 
  100. * @param int $order_id 
  101. */ 
  102. public static function view_order( $order_id ) { 
  103. $order = wc_get_order( $order_id ); 
  104.  
  105. if ( ! current_user_can( 'view_order', $order_id ) ) { 
  106. echo '<div class="woocommerce-error">' . __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . wc_get_page_permalink( 'myaccount' ) . '" class="wc-forward">' . __( 'My account', 'woocommerce' ) . '</a>' . '</div>'; 
  107. return; 
  108.  
  109. // Backwards compatibility 
  110. $status = new stdClass(); 
  111. $status->name = wc_get_order_status_name( $order->get_status() ); 
  112.  
  113. wc_get_template( 'myaccount/view-order.php', array( 
  114. 'status' => $status, // @deprecated 2.2 
  115. 'order' => wc_get_order( $order_id ),  
  116. 'order_id' => $order_id,  
  117. ) ); 
  118.  
  119. /** 
  120. * Edit account details page. 
  121. */ 
  122. public static function edit_account() { 
  123. wc_get_template( 'myaccount/form-edit-account.php', array( 'user' => get_user_by( 'id', get_current_user_id() ) ) ); 
  124.  
  125. /** 
  126. * Edit address page. 
  127. * 
  128. * @param string $load_address 
  129. */ 
  130. public static function edit_address( $load_address = 'billing' ) { 
  131. $current_user = wp_get_current_user(); 
  132. $load_address = sanitize_key( $load_address ); 
  133.  
  134. $address = WC()->countries->get_address_fields( get_user_meta( get_current_user_id(), $load_address . '_country', true ), $load_address . '_' ); 
  135.  
  136. // Enqueue scripts 
  137. wp_enqueue_script( 'wc-country-select' ); 
  138. wp_enqueue_script( 'wc-address-i18n' ); 
  139.  
  140. // Prepare values 
  141. foreach ( $address as $key => $field ) { 
  142.  
  143. $value = get_user_meta( get_current_user_id(), $key, true ); 
  144.  
  145. if ( ! $value ) { 
  146. switch ( $key ) { 
  147. case 'billing_email' : 
  148. case 'shipping_email' : 
  149. $value = $current_user->user_email; 
  150. break; 
  151. case 'billing_country' : 
  152. case 'shipping_country' : 
  153. $value = WC()->countries->get_base_country(); 
  154. break; 
  155. case 'billing_state' : 
  156. case 'shipping_state' : 
  157. $value = WC()->countries->get_base_state(); 
  158. break; 
  159.  
  160. $address[ $key ]['value'] = apply_filters( 'woocommerce_my_account_edit_address_field_value', $value, $key, $load_address ); 
  161.  
  162. wc_get_template( 'myaccount/form-edit-address.php', array( 
  163. 'load_address' => $load_address,  
  164. 'address' => apply_filters( 'woocommerce_address_to_edit', $address, $load_address ),  
  165. ) ); 
  166.  
  167. /** 
  168. * Lost password page handling. 
  169. */ 
  170. public static function lost_password() { 
  171. /** 
  172. * After sending the reset link, don't show the form again. 
  173. */ 
  174. if ( ! empty( $_GET['reset-link-sent'] ) ) { 
  175. return wc_get_template( 'myaccount/lost-password-confirmation.php' ); 
  176.  
  177. /** 
  178. * Process reset key / login from email confirmation link 
  179. */ 
  180. } elseif ( ! empty( $_GET['show-reset-form'] ) ) { 
  181. if ( isset( $_COOKIE[ 'wp-resetpass-' . COOKIEHASH ] ) && 0 < strpos( $_COOKIE[ 'wp-resetpass-' . COOKIEHASH ], ':' ) ) { 
  182. list( $rp_login, $rp_key ) = array_map( 'wc_clean', explode( ':', wp_unslash( $_COOKIE[ 'wp-resetpass-' . COOKIEHASH ] ), 2 ) ); 
  183. $user = self::check_password_reset_key( $rp_key, $rp_login ); 
  184.  
  185. // reset key / login is correct, display reset password form with hidden key / login values 
  186. if ( is_object( $user ) ) { 
  187. return wc_get_template( 'myaccount/form-reset-password.php', array( 
  188. 'key' => $rp_key,  
  189. 'login' => $rp_login,  
  190. ) ); 
  191. } else { 
  192. self::set_reset_password_cookie(); 
  193.  
  194. // Show lost password form by default 
  195. wc_get_template( 'myaccount/form-lost-password.php', array( 
  196. 'form' => 'lost_password',  
  197. ) ); 
  198.  
  199. /** 
  200. * Handles sending password retrieval email to customer. 
  201. * 
  202. * Based on retrieve_password() in core wp-login.php. 
  203. * 
  204. * @uses $wpdb WordPress Database object 
  205. * @return bool True: when finish. False: on error 
  206. */ 
  207. public static function retrieve_password() { 
  208. global $wpdb, $wp_hasher; 
  209.  
  210. $login = trim( $_POST['user_login'] ); 
  211.  
  212. if ( empty( $login ) ) { 
  213.  
  214. wc_add_notice( __( 'Enter a username or email address.', 'woocommerce' ), 'error' ); 
  215. return false; 
  216.  
  217. } else { 
  218. // Check on username first, as customers can use emails as usernames. 
  219. $user_data = get_user_by( 'login', $login ); 
  220.  
  221. // If no user found, check if it login is email and lookup user based on email. 
  222. if ( ! $user_data && is_email( $login ) && apply_filters( 'woocommerce_get_username_from_email', true ) ) { 
  223. $user_data = get_user_by( 'email', $login ); 
  224.  
  225. $errors = new WP_Error(); 
  226.  
  227. do_action( 'lostpassword_post', $errors ); 
  228.  
  229. if ( $errors->get_error_code() ) { 
  230. wc_add_notice( $errors->get_error_message(), 'error' ); 
  231. return false; 
  232.  
  233. if ( ! $user_data ) { 
  234. wc_add_notice( __( 'Invalid username or email.', 'woocommerce' ), 'error' ); 
  235. return false; 
  236.  
  237. if ( is_multisite() && ! is_user_member_of_blog( $user_data->ID, get_current_blog_id() ) ) { 
  238. wc_add_notice( __( 'Invalid username or email.', 'woocommerce' ), 'error' ); 
  239. return false; 
  240.  
  241. // redefining user_login ensures we return the right case in the email 
  242. $user_login = $user_data->user_login; 
  243.  
  244. do_action( 'retrieve_password', $user_login ); 
  245.  
  246. $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); 
  247.  
  248. if ( ! $allow ) { 
  249.  
  250. wc_add_notice( __( 'Password reset is not allowed for this user', 'woocommerce' ), 'error' ); 
  251. return false; 
  252.  
  253. } elseif ( is_wp_error( $allow ) ) { 
  254.  
  255. wc_add_notice( $allow->get_error_message(), 'error' ); 
  256. return false; 
  257.  
  258. // Get password reset key (function introduced in WordPress 4.4). 
  259. $key = get_password_reset_key( $user_data ); 
  260.  
  261. // Send email notification 
  262. WC()->mailer(); // load email classes 
  263. do_action( 'woocommerce_reset_password_notification', $user_login, $key ); 
  264.  
  265. return true; 
  266.  
  267. /** 
  268. * Retrieves a user row based on password reset key and login. 
  269. * 
  270. * @uses $wpdb WordPress Database object 
  271. * 
  272. * @param string $key Hash to validate sending user's password 
  273. * @param string $login The user login 
  274. * @return WP_User|bool User's database row on success, false for invalid keys 
  275. */ 
  276. public static function check_password_reset_key( $key, $login ) { 
  277. // Check for the password reset key. 
  278. // Get user data or an error message in case of invalid or expired key. 
  279. $user = check_password_reset_key( $key, $login ); 
  280.  
  281. if ( is_wp_error( $user ) ) { 
  282. wc_add_notice( $user->get_error_message(), 'error' ); 
  283. return false; 
  284.  
  285. return $user; 
  286.  
  287. /** 
  288. * Handles resetting the user's password. 
  289. * 
  290. * @param object $user The user 
  291. * @param string $new_pass New password for the user in plaintext 
  292. */ 
  293. public static function reset_password( $user, $new_pass ) { 
  294. do_action( 'password_reset', $user, $new_pass ); 
  295.  
  296. wp_set_password( $new_pass, $user->ID ); 
  297. self::set_reset_password_cookie(); 
  298.  
  299. wp_password_change_notification( $user ); 
  300.  
  301. /** 
  302. * Set or unset the cookie. 
  303. */ 
  304. public static function set_reset_password_cookie( $value = '' ) { 
  305. $rp_cookie = 'wp-resetpass-' . COOKIEHASH; 
  306. $rp_path = current( explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) ) ); 
  307.  
  308. if ( $value ) { 
  309. setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 
  310. } else { 
  311. setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 
  312.  
  313. /** 
  314. * Show the add payment method page. 
  315. */ 
  316. public static function add_payment_method() { 
  317.  
  318. if ( ! is_user_logged_in() ) { 
  319.  
  320. wp_safe_redirect( wc_get_page_permalink( 'myaccount' ) ); 
  321. exit(); 
  322.  
  323. } else { 
  324.  
  325. do_action( 'before_woocommerce_add_payment_method' ); 
  326.  
  327. wc_print_notices(); 
  328.  
  329. wc_get_template( 'myaccount/form-add-payment-method.php' ); 
  330.  
  331. do_action( 'after_woocommerce_add_payment_method' ); 
  332.  
.