CVE-2021-4411: wpep_setup.php in wp-easy-pay/trunk – WordPress Plugin Repository

1<?php23/**4 * WP EASY PAY5 *6 * PHP version 77 *8 * @category Wordpress_Plugin9 * @package WP_Easy_Pay10 * @author Author [email protected]11 * @license https://opensource.org/licenses/MIT MIT License12 * @link http://wpeasypay.com/13 */1415add_action( 'init’, ‘wpep_create_payment_forms_post_type’ );16add_filter( 'manage_wp_easy_pay_posts_columns’, ‘wpep_modify_column_names_payment_forms’ );17add_action( 'manage_wp_easy_pay_posts_custom_column’, 'wpep_add_columns_data_add_form’, 10, 2 );1819add_action( 'init’, ‘wpep_create_reports_post_type’ );2021add_filter( 'manage_wpep_reports_posts_columns’, ‘wpep_modify_column_names_reports’ );22add_action( 'manage_wpep_reports_posts_custom_column’, 'wpep_add_columns_data_reports’, 9, 2 );2324add_action( 'admin_menu’, ‘wpep_add_submenu’ );2526add_action( 'post_edit_form_tag’, ‘wpep_post_edit_form_tag’ );2728function wpep_post_edit_form_tag() {29 echo ' enctype="multipart/form-data"’;30}3132// require WPEP_ROOT_PATH . 'premium-files/setup/wpep_old_payments.php’;33$filename = WPEP_ROOT_PATH . 'premium-files/setup/wpep_old_payments.php’;34if ( file_exists( $filename ) ) {35 require_once( $filename );36} else {37 $class = 'notice notice-error’;38 $message = __( ' To start using WP Easy Pay, please <a href="https://users.freemius.com" target="_blank"> login to your freemius account</a> in order to download the premium version <br /> For more details <a target="_blank" href="https://wpeasypay.com/documentation/#upgrade-to-wpeasy-pay-premium">Click here</a>!’, ‘woosquare’ );39 printf( ‘<br><div class="%1$s"><p>%2$s</p> <a href=’ . admin_url() . '>%3$s</a></div>’, esc_attr( $class ), $message, esc_html( ‘Back!’ ) );40 include_once( ABSPATH . ‘wp-includes/pluggable.php’ );41 deactivate_plugins( ‘wp-easy-pay-premium/wp-easy-pay.php’ );42 wp_die();4344}45if ( ! wepp_fs()->is_plan( 'wpep_basic’, true ) ) {46 require WPEP_ROOT_PATH . 'premium-files/setup/wpep_subscription.php’;47}484950function wpep_create_payment_forms_post_type() {51 $labels = array(5253 ‘name’ => _x( 'WP EASY PAY’, 'Post Type General Name’, ‘wp_easy_pay’ ),54 ‘singular_name’ => _x( 'WP EASY PAY’, 'Post Type Singular Name’, ‘wp_easy_pay’ ),55 ‘menu_name’ => __( 'WP EASY PAY’, ‘wp_easy_pay’ ),56 ‘name_admin_bar’ => __( 'Post Type’, ‘wp_easy_pay’ ),57 ‘archives’ => __( 'Item Archives’, ‘wp_easy_pay’ ),58 ‘attributes’ => __( 'Item Attributes’, ‘wp_easy_pay’ ),59 ‘parent_item_colon’ => __( 'Parent Item:’, ‘wp_easy_pay’ ),60 ‘all_items’ => __( 'All Forms’, ‘wp_easy_pay’ ),61 ‘add_new_item’ => __( 'Create Payment Form’, ‘wp_easy_pay’ ),62 ‘add_new’ => __( 'Create Payment Form’, ‘wp_easy_pay’ ),63 ‘new_item’ => __( 'New Item’, ‘wp_easy_pay’ ),64 ‘edit_item’ => __( 'Edit Item’, ‘wp_easy_pay’ ),65 ‘update_item’ => __( 'Update Item’, ‘wp_easy_pay’ ),66 ‘view_item’ => __( 'View Item’, ‘wp_easy_pay’ ),67 ‘view_items’ => __( 'View Items’, ‘wp_easy_pay’ ),68 ‘search_items’ => __( 'Search Item’, ‘wp_easy_pay’ ),69 ‘not_found’ => __( 'Not found’, ‘wp_easy_pay’ ),70 ‘not_found_in_trash’ => __( 'Not found in Trash’, ‘wp_easy_pay’ ),71 ‘featured_image’ => __( 'Featured Image (show on popup only)', ‘wp_easy_pay’ ),72 ‘set_featured_image’ => __( 'Set featured image’, ‘wp_easy_pay’ ),73 ‘remove_featured_image’ => __( 'Remove featured image’, ‘wp_easy_pay’ ),74 ‘use_featured_image’ => __( 'Use as featured image’, ‘wp_easy_pay’ ),75 ‘insert_into_item’ => __( 'Insert into item’, ‘wp_easy_pay’ ),76 ‘uploaded_to_this_item’ => __( 'Uploaded to this item’, ‘wp_easy_pay’ ),77 ‘items_list’ => __( 'Items list’, ‘wp_easy_pay’ ),78 ‘items_list_navigation’ => __( 'Items list navigation’, ‘wp_easy_pay’ ),79 ‘filter_items_list’ => __( 'Filter items list’, ‘wp_easy_pay’ ),80 );8182 $args = array(8384 ‘label’ => __( 'WP EASY PAY’, ‘wp_easy_pay’ ),85 ‘description’ => __( 'Post Type Description’, ‘wp_easy_pay’ ),86 ‘labels’ => $labels,87 ‘hierarchical’ => false,88 ‘public’ => true,89 ‘supports’ => array( ‘thumbnail’ ),90 ‘show_ui’ => true,91 ‘show_in_menu’ => true,92 ‘menu_position’ => 5,93 ‘menu_icon’ => WPEP_ROOT_URL . 'premium-files/assets/backend/img/square-logo.png’,94 ‘show_in_admin_bar’ => true,95 ‘show_in_nav_menus’ => true,96 ‘can_export’ => true,97 ‘has_archive’ => true,98 ‘exclude_from_search’ => false,99 ‘publicly_queryable’ => true,100 ‘capability_type’ => 'page’,101 );102103 register_post_type( 'wp_easy_pay’, $args );104105}106107function wpep_create_reports_post_type() {108 $labels = array(109 ‘name’ => _x( 'Reports’, 'Post Type General Name’, ‘wp_easy_pay’ ),110 ‘singular_name’ => _x( 'Reports’, 'Post Type Singular Name’, ‘wp_easy_pay’ ),111 ‘menu_name’ => __( 'Reports’, ‘wp_easy_pay’ ),112 ‘name_admin_bar’ => __( 'Post Type’, ‘wp_easy_pay’ ),113 ‘archives’ => __( 'Item Archives’, ‘wp_easy_pay’ ),114 ‘attributes’ => __( 'Item Attributes’, ‘wp_easy_pay’ ),115 ‘parent_item_colon’ => __( 'Parent Item:’, ‘wp_easy_pay’ ),116 ‘all_items’ => __( 'Reports’, ‘wp_easy_pay’ ),117 ‘add_new_item’ => __( 'Build Report’, ‘wp_easy_pay’ ),118 ‘add_new’ => __( 'Build Report’, ‘wp_easy_pay’ ),119 ‘new_item’ => __( 'New Item’, ‘wp_easy_pay’ ),120 ‘edit_item’ => __( 'Edit Item’, ‘wp_easy_pay’ ),121 ‘update_item’ => __( 'Update Item’, ‘wp_easy_pay’ ),122 ‘view_item’ => __( 'View Item’, ‘wp_easy_pay’ ),123 ‘view_items’ => __( 'View Items’, ‘wp_easy_pay’ ),124 ‘search_items’ => __( 'Search Item’, ‘wp_easy_pay’ ),125 ‘not_found’ => __( 'Not found’, ‘wp_easy_pay’ ),126 ‘not_found_in_trash’ => __( 'Not found in Trash’, ‘wp_easy_pay’ ),127 ‘featured_image’ => __( 'Featured Image’, ‘wp_easy_pay’ ),128 ‘set_featured_image’ => __( 'Set featured image’, ‘wp_easy_pay’ ),129 ‘remove_featured_image’ => __( 'Remove featured image’, ‘wp_easy_pay’ ),130 ‘use_featured_image’ => __( 'Use as featured image’, ‘wp_easy_pay’ ),131 ‘insert_into_item’ => __( 'Insert into item’, ‘wp_easy_pay’ ),132 ‘uploaded_to_this_item’ => __( 'Uploaded to this item’, ‘wp_easy_pay’ ),133 ‘items_list’ => __( 'Items list’, ‘wp_easy_pay’ ),134 ‘items_list_navigation’ => __( 'Items list navigation’, ‘wp_easy_pay’ ),135 ‘filter_items_list’ => __( 'Filter items list’, ‘wp_easy_pay’ ),136 );137138 $args = array(139140 ‘label’ => __( 'Reports’, ‘wp_easy_pay’ ),141 ‘description’ => __( 'Post Type Description’, ‘wp_easy_pay’ ),142 ‘labels’ => $labels,143 ‘hierarchical’ => false,144 ‘public’ => true,145 ‘supports’ => false,146 ‘show_ui’ => true,147 ‘show_in_menu’ => 'edit.php?post_type=wp_easy_pay’,148 ‘menu_position’ => 5,149 ‘show_in_admin_bar’ => true,150 ‘show_in_nav_menus’ => true,151 ‘can_export’ => true,152 ‘has_archive’ => true,153 ‘exclude_from_search’ => false,154 ‘publicly_queryable’ => true,155 ‘capability_type’ => 'post’,156157 );158159 register_post_type( 'wpep_reports’, $args );160161}162163function wpep_add_reports_metabox() {164 add_meta_box(165166 'wporg_box_id’,167 'Build Reports’,168 'wpep_render_reports_meta_html’,169 'wpep_reports’170 );171}172173add_action( 'admin_init’, ‘wpep_add_reports_metabox’ );174175function wpep_render_reports_meta_html( $post ) {176177 require_once WPEP_ROOT_PATH . 'premium-files/views/backend/reports_view_page.php’;178}179180function wpep_modify_column_names_reports( $columns ) {181 unset( $columns[‘date’] );182 unset( $columns[‘title’] );183 $columns[‘post_id’] = __( ‘ID’ );184 $columns[‘paid_by’] = __( ‘Paid By’ );185 $columns[‘type’] = __( ‘Type’ );186 $columns[‘date’] = __( ‘Date’ );187 $columns[‘actions’] = __( ‘Actions’ );188189 return $columns;190}191192add_filter(‘views_edit-wpep_reports’,’my_filter’);193add_filter(‘views_edit-wpep_reports’,’my_filter’);194195function my_filter($views){196 $views[‘import’] = '<a id="wpep-export-transactions" class="primary">Download CSV Report</a>’;197 return $views;198}199200function add_scripts_for_download_transaction_excel () {201 if ( get_post_type( get_the_ID() ) == ‘wpep_reports’ ) {202 //if is true203 wp_register_script( 'wpep_backend_download_transaction_excel’, WPEP_ROOT_URL . 'premium-files/assets/backend/js/wpep_backend_download_transaction_excel.js’, ‘3.0.0’ );204 wp_localize_script('wpep_backend_download_transaction_excel’, 'wpep_reports’, array(205 ‘ajaxUrl’ => admin_url(‘admin-ajax.php’),206 ‘action’ => ‘wpep_download_transaction_in_excel’,207 ‘nonce’ => wp_create_nonce(‘custom_nonce’),208 ‘post_type’ => ‘wpep_reports’,209 //’reports_download_url’ => WPEP_ROOT_PATH . "/premium-files/tmp/reports.csv",210 ‘reports_download_url’ => WPEP_ROOT_URL . “/premium-files/tmp/reports.csv",211 ));212 wp_enqueue_script(‘wpep_backend_download_transaction_excel’);213214 require_once WPEP_ROOT_PATH . 'premium-files/views/backend/reports_download_popup.php’;215 }216}217add_action('admin_enqueue_scripts’, ‘add_scripts_for_download_transaction_excel’);218219function wpep_download_transaction_in_excel () {220 221 if ( ! isset($_POST[‘nonce’]) && ! wp_verify_nonce( sanitize_key($_POST[‘nonce’]), ‘nonce’ ) ) {222 die(‘access denied! Nonce not verify.’);223 }224225 $labels = (isset($_POST[‘fields’]) && !empty($_POST[‘fields’])) ? $_POST[‘fields’] : ‘’;226227 $list = array ();228229 $path = WPEP_ROOT_PATH . "/premium-files/tmp/";230231 if ( ! is_dir ( $path ) ) {232233 mkdir( $path, 0777, true);234 chmod( $path, 0777);235 236 } else {237238 chmod( $path, 0777);239240 }241242 if ( !empty($labels) ) {243 $tmp = array();244 foreach ( $labels as $label ) {245 $tmp[] = $label[‘value’];246 }247 array_push($list, $tmp);248 } else {249 $list = array (250 array("First Name", "last Name", “user Email” ,"Payment Type", "Transaction ID", "Refund ID", "Payment Amount", “Payment Status", “FORM ID”) 251 );252 }253254 $posts = get_posts(array (255256 ‘post_type’ => 'wpep_reports’,257 ‘orderby’ => 'date’,258 ‘order’ => 'DESC’,259 ‘numberposts’ => -1260 261 ));262 263 foreach ( $posts as $key => $post ) {264 $current_post_id = $post->ID;265 $firstname = get_post_meta($current_post_id, 'wpep_first_name’, true);266 $lastname = get_post_meta($current_post_id, 'wpep_last_name’, true);267 $email =get_post_meta($current_post_id, 'wpep_email’, true);268 $charge_amount = get_post_meta($current_post_id, 'wpep_square_charge_amount’, true);269 $transaction_status = get_post_meta($current_post_id, 'wpep_transaction_status’, true);270 $transaction_id = get_the_title( $current_post_id );271 $transaction_type = get_post_meta($current_post_id, 'wpep_transaction_type’, true);272 $form_id = get_post_meta($current_post_id, 'wpep_form_id’, true);273 $form_values = get_post_meta($current_post_id, 'wpep_form_values’, true);274 $wpep_transaction_error = get_post_meta($current_post_id, 'wpep_transaction_error’, true);275 $wpep_refund_id = get_post_meta($current_post_id, 'wpep_square_refund_id’, true);276277 $data = array ();278279 foreach ( $tmp as $name ) {280 if ( ‘First_Name’ == $name ) {281 $data[] = $firstname;282 }283 if ( ‘Last_Name’ == $name ) {284 $data[] = $lastname;285 }286 if ( ‘Email_Address’ == $name ) {287 $data[] = $email;288 }289 if ( ‘Transaction_type’ == $name ) {290 $data[] = $transaction_type;291 }292 if ( ‘Transaction_ID’ == $name ) {293 $data[] = $transaction_id;294 }295 if ( ‘Refund_ID’ == $name ) {296 $data[] = $wpep_refund_id;297 }298 if ( ‘Charge_Amount’ == $name ) {299 $data[] = $charge_amount;300 }301 if ( ‘Transaction_Status’ == $name ) {302 $data[] = $transaction_status;303 }304 if ( ‘Form_ID’ == $name ) {305 $data[] = $form_id;306 }307 }308309 array_push($list, $data);310 }311312 $new_csv = fopen($path . '/reports.csv’, ‘w’); 313 foreach ($list as $row) {314 fputcsv($new_csv, $row);315 }316 $check = fclose($new_csv);317318 echo json_encode(array(‘status’ => $check));319320 wp_die();321}322add_action('wp_ajax_nopriv_wpep_download_transaction_in_excel’, ‘wpep_download_transaction_in_excel’);323add_action('wp_ajax_wpep_download_transaction_in_excel’, ‘wpep_download_transaction_in_excel’);324325function wpep_add_columns_data_reports ( $column, $postId ) {326327 $first_name = get_post_meta( $postId, 'wpep_first_name’, true );328 $last_name = get_post_meta( $postId, 'wpep_last_name’, true );329 $email = get_post_meta( $postId, 'wpep_email’, true );330 $charge_amount = get_post_meta( $postId, 'wpep_square_charge_amount’, true );331 $refund_id = get_post_meta( $postId, ‘wpep_square_refund_id’, false );332 $transaction_type = get_post_meta( $postId, ‘wpep_transaction_type’, true );333 $transaction_id = get_the_title( $postId );334335 switch ( $column ) {336337 case ‘post_id’ :338 echo “<a href=’” . get_edit_post_link( $postId ) . "’ class=’wpep-blue’ title=’Details’>” . ‘#’ . “$postId</a>";339 break;340 case ‘type’ :341 echo “<span class=’$transaction_type’>” . str_replace( '_’, ' ', $transaction_type ) . “</span>";342 break;343 case ‘paid_by’ :344 echo $first_name . ' ' . $last_name;345 break;346 case ‘actions’ :347348 if ( false !== $refund_id && isset( $refund_id ) && ! empty( $refund_id ) ) {349 echo '<button class="wpep_refunded” disabled> Refunded </button>’;350 } else {351 echo '<button class="give_refund_button” data-postid="’ . $postId . '” data-amount="’ . $charge_amount . ‘" data-transactionid="’ . $transaction_id . '"> Refund </button>’;352 }353354 echo ‘<a href="’ . get_delete_post_link( $postId ) . '" class="deleteIcon" title="Delete report"> Delete </a>’;355 break;356 }357358}359360361function wpep_modify_column_names_payment_forms( $columns ) {362 unset( $columns[‘title’] );363 unset( $columns[‘date’] );364 $columns[‘title’] = __( ‘Form Title’ );365 $columns[‘shortcode’] = __( ‘Shortcode’ );366 $columns[‘type’] = __( ‘Type’ );367 $columns[‘date’] = __( ‘Date’ );368 $columns[‘actions’] = __( ‘Actions’ );369370 return $columns;371}372373function wpep_add_columns_data_add_form( $column, $postId ) {374375 switch ( $column ) {376377 case ‘shortcode’ :378 echo ‘<span class="wpep_tags">[wpep-form id="’ . $postId . '"]</span>’;379 break;380 case ‘type’ :381 $form_type = get_post_meta( $postId, 'wpep_square_payment_type’, true );382 echo “<span class=’$form_type’>” . str_replace( '_’, ' ‘, $form_type ) . “</span>";383 break;384 case ‘actions’ :385 echo ‘<a href="’ . get_edit_post_link( $postId ) . '” class="editIcon" title="Edit form"> Edit </a> <a href="’ . get_delete_post_link( $postId ) . '" class="deleteIcon" title="Delete form"> Delete </a>’;386 break;387 }388389}390391function wpep_render_global_settings_page() {392 require_once 'premium-files/views/backend/global_settings_page.php’;393}394395function wpep_render_global_integrations_page() {396 require_once 'premium-files/views/backend/global_integrations_page.php’;397}398399400function wpep_render_rollback_page() {401 require_once 'premium-files/views/backend/rollback_version_page.php’;402}403404if ( ! function_exists( ‘wpep_add_submenu’ ) ) {405406 function wpep_add_submenu() {407408 add_submenu_page( 'edit.php?post_type=wp_easy_pay’, 'Square Connect’, 'Square Connect’, 'manage_options’, 'wpep-settings’, ‘wpep_render_global_settings_page’ );409 add_submenu_page( 'edit.php?post_type=wp_easy_pay’, 'Integrations’, 'Integrations’, 'manage_options’, 'wpep-integrations’, ‘wpep_render_global_integrations_page’ );410 411 add_submenu_page( 'edit.php?post_type=wp_easy_pay’, 'Submit Feature Idea’, 'Submit Feature Idea’, 'manage_options’, 'wpep-roadmap’, ‘wpep_render_road_map_page’ );412 413 $old_plugin_token_details = get_option( 'wpep_live_token_details’, false );414415 if ( $old_plugin_token_details ) {416417 add_submenu_page( 'edit.php?post_type=wp_easy_pay’, 'Rollback Update’, 'Rollback Update’, 'manage_options’, 'wpep_revert_to_old’, ‘wpep_render_rollback_page’ );418 }419420421 }422423}424425426function wpep_render_road_map_page() {427428 require_once 'premium-files/views/backend/roadmap_page.php’;429}430431function wpep_save_add_form_fields( $post_ID, $post, $update ) {432433 if ( isset( $_POST[‘wpep_tabular_product_hidden_image’] ) ) {434435 $wpep_tabular_product_hidden_image = $_POST[‘wpep_tabular_product_hidden_image’];436 437438 if ( isset( $_FILES[‘wpep_tabular_products_image’] ) ) {439440 $upload_overrides = array( ‘test_form’ => false );441 $products_url = array();442 foreach ( $_FILES[‘wpep_tabular_products_image’][‘tmp_name’] as $key => $tmp_name ) {443444 if ( ! empty( $_FILES[‘wpep_tabular_products_image’][‘name’][ $key ] ) ) {445446 $file = array(447 ‘name’ => $_FILES[‘wpep_tabular_products_image’][‘name’][ $key ],448 ‘type’ => $_FILES[‘wpep_tabular_products_image’][‘type’][ $key ],449 ‘tmp_name’ => $_FILES[‘wpep_tabular_products_image’][‘tmp_name’][ $key ],450 ‘error’ => $_FILES[‘wpep_tabular_products_image’][‘error’][ $key ],451 ‘size’ => $_FILES[‘wpep_tabular_products_image’][‘size’][ $key ]452 );453454 $movefile = wp_handle_upload( $file, $upload_overrides );455456 if ( $movefile && ! isset( $movefile[‘error’] ) ) {457 array_push( $products_url, $movefile[‘url’] );458459 } else {460 echo $movefile[‘error’];461 }462463 } else {464465 array_push( $products_url, $wpep_tabular_product_hidden_image[ $key ] );466 }467 }468 }469470}471472473 if ( ! empty( $_POST ) ) {474475 if ( isset( $_POST[‘wpep_radio_amounts’] ) ) {476 $radio_amounts = $_POST[‘wpep_radio_amounts’];477 }478479 if ( isset( $_POST[‘wpep_radio_amount_labels’] ) ) {480 $radio_labels = $_POST[‘wpep_radio_amount_labels’];481 }482483 if ( isset($_POST[‘wpep_dropdown_amounts’]) && !empty($_POST[‘wpep_dropdown_amounts’]) ) {484 $dropdown_amounts = $_POST[‘wpep_dropdown_amounts’];485 }486487 if ( isset($_POST[‘wpep_dropdown_amount_labels’]) && !empty($_POST[‘wpep_dropdown_amount_labels’]) ) {488 $dropdown_labels = $_POST[‘wpep_dropdown_amount_labels’];489 }490491 $radio_amounts_with_labels = array();492 $dropdown_amounts_with_labels = array();493 $tabular_products_with_labels = array();494495 if ( isset( $radio_amounts ) ) {496 foreach ( $radio_amounts as $key => $amount_rd ) {497498 $data[‘amount’] = $amount_rd;499 $data[‘label’] = $radio_labels[ $key ];500501 array_push( $radio_amounts_with_labels, $data );502 }503 }504505 if ( isset( $dropdown_amounts ) ) {506 foreach ( $dropdown_amounts as $key => $amount_dd ) {507508 $data[‘amount’] = $amount_dd;509 $data[‘label’] = $dropdown_labels[ $key ];510511 array_push( $dropdown_amounts_with_labels, $data );512 }513 }514515516 if ( $_POST[‘wpep_tabular_products_price’] ) {517 $tabular_product_price = $_POST[‘wpep_tabular_products_price’];518 }519520 if ( $_POST[‘wpep_tabular_products_label’] ) {521 $tabular_product_label = $_POST[‘wpep_tabular_products_label’];522 }523524 if ( $_POST[‘wpep_tabular_products_qty’] ) {525 $tabular_product_qty = $_POST[‘wpep_tabular_products_qty’];526 }527528529 if ( isset( $tabular_product_price ) ) {530531 foreach ( $tabular_product_price as $key => $product_price ) {532533 $data[‘amount’] = $product_price;534 $data[‘label’] = $tabular_product_label[ $key ];535 $data[‘quantity’] = $tabular_product_qty[ $key ];536 $data[‘products_url’] = isset( $products_url[ $key ] ) ? $products_url[ $key ] : '’;537538 array_push( $tabular_products_with_labels, $data );539 }540541 }542543 update_post_meta( $post_ID, 'wpep_square_test_location_id’, sanitize_text_field( isset( $_POST[‘wpep_square_test_location_id’] ) ? $_POST[‘wpep_square_test_location_id’] : ‘’ ) );544 update_post_meta( $post_ID, 'wpep_square_payment_type’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_type’] ) ? $_POST[‘wpep_square_payment_type’] : ‘’ ) );545 update_post_meta( $post_ID, 'wpep_square_payment_purpose’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_purpose’] ) ? $_POST[‘wpep_square_payment_purpose’] : ‘’ ) );546 update_post_meta( $post_ID, 'wpep_square_payment_success_url’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_success_url’] ) ? $_POST[‘wpep_square_payment_success_url’] : ‘’ ) );547 update_post_meta( $post_ID, 'wpep_payment_success_msg’, sanitize_text_field( isset( $_POST[‘wpep_payment_success_msg’] ) ? $_POST[‘wpep_payment_success_msg’] : ‘’ ) );548 update_post_meta( $post_ID, 'wpep_square_payment_success_label’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_success_label’] ) ? $_POST[‘wpep_square_payment_success_label’] : ‘’ ) );549 update_post_meta( $post_ID, 'wpep_square_payment_box_1’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_box_1’] ) ? $_POST[‘wpep_square_payment_box_1’] : ‘’ ) );550 update_post_meta( $post_ID, 'wpep_square_payment_box_2’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_box_2’] ) ? $_POST[‘wpep_square_payment_box_2’] : ‘’ ) );551 update_post_meta( $post_ID, 'wpep_square_payment_box_3’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_box_3’] ) ? $_POST[‘wpep_square_payment_box_3’] : ‘’ ) );552 update_post_meta( $post_ID, 'wpep_square_payment_box_4’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_box_4’] ) ? $_POST[‘wpep_square_payment_box_4’] : ‘’ ) );553 update_post_meta( $post_ID, 'defaultPriceSelected’, sanitize_text_field( isset( $_POST[‘defaultPriceSelected’] ) ? $_POST[‘defaultPriceSelected’] : ‘’ ) );554 update_post_meta( $post_ID, 'currencySymbolType’, sanitize_text_field( isset( $_POST[‘currencySymbolType’] ) ? $_POST[‘currencySymbolType’] : ‘code’ ) );555 update_post_meta( $post_ID, 'PriceSelected’, sanitize_text_field( isset( $_POST[‘PriceSelected’] ) ? $_POST[‘PriceSelected’] : ‘1’ ) );556 update_post_meta( $post_ID, 'wpep_square_form_builder_fields’, sanitize_text_field( isset( $_POST[‘wpep_square_form_builder_fields’] ) ? $_POST[‘wpep_square_form_builder_fields’] : ‘’ ) );557 update_post_meta( $post_ID, 'wpep_square_user_defined_amount’, sanitize_text_field( isset( $_POST[‘wpep_square_user_defined_amount’] ) ? $_POST[‘wpep_square_user_defined_amount’] : ‘’ ) );558 update_post_meta( $post_ID, 'wpep_transaction_notes_box’, sanitize_text_field( isset( $_POST[‘wpep_transaction_notes_box’] ) ? $_POST[‘wpep_transaction_notes_box’] : ‘’ ) );559 update_post_meta( $post_ID, 'wpep_square_admin_email_to_field’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_to_field’] ) ? $_POST[‘wpep_square_admin_email_to_field’] : ‘’ ) );560 update_post_meta( $post_ID, 'wpep_square_admin_email_cc_field’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_cc_field’] ) ? $_POST[‘wpep_square_admin_email_cc_field’] : ‘’ ) );561 update_post_meta( $post_ID, 'wpep_square_admin_email_bcc_field’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_bcc_field’] ) ? $_POST[‘wpep_square_admin_email_bcc_field’] : ‘’ ) );562 update_post_meta( $post_ID, 'wpep_square_admin_email_from_field’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_from_field’] ) ? $_POST[‘wpep_square_admin_email_from_field’] : ‘’ ) );563 update_post_meta( $post_ID, 'wpep_square_admin_email_subject_field’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_subject_field’] ) ? $_POST[‘wpep_square_admin_email_subject_field’] : ‘’ ) );564 update_post_meta( $post_ID, 'wpep_square_admin_email_content_field’, isset( $_POST[‘wpep_square_admin_email_content_field’] ) ? $_POST[‘wpep_square_admin_email_content_field’] : ‘’ );565 update_post_meta( $post_ID, 'wpep_square_admin_email_exclude_blank_tags_lines’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_exclude_blank_tags_lines’] ) ? $_POST[‘wpep_square_admin_email_exclude_blank_tags_lines’] : ‘’ ) );566 update_post_meta( $post_ID, 'wpep_square_admin_email_content_type_html’, sanitize_text_field( isset( $_POST[‘wpep_square_admin_email_content_type_html’] ) ? $_POST[‘wpep_square_admin_email_content_type_html’] : ‘’ ) );567 update_post_meta( $post_ID, 'wpep_save_card’, sanitize_text_field( isset( $_POST[‘wpep_save_card’] ) ? $_POST[‘wpep_save_card’] : ‘’ ) );568569570 update_post_meta( $post_ID, 'wpep_square_user_email_to_field’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_to_field’] ) ? $_POST[‘wpep_square_user_email_to_field’] : ‘’ ) );571572 update_post_meta( $post_ID, 'wpep_square_user_email_cc_field’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_cc_field’] ) ? $_POST[‘wpep_square_user_email_cc_field’] : ‘’ ) );573574 update_post_meta( $post_ID, 'wpep_square_user_email_bcc_field’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_bcc_field’] ) ? $_POST[‘wpep_square_user_email_bcc_field’] : ‘’ ) );575576 update_post_meta( $post_ID, 'wpep_square_user_email_from_field’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_from_field’] ) ? $_POST[‘wpep_square_user_email_from_field’] : ‘’ ) );577578 update_post_meta( $post_ID, 'wpep_square_user_email_subject_field’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_subject_field’] ) ? $_POST[‘wpep_square_user_email_subject_field’] : ‘’ ) );579580581 update_post_meta( $post_ID, 'wpep_square_user_email_content_field’, isset( $_POST[‘wpep_square_user_email_content_field’] ) ? $_POST[‘wpep_square_user_email_content_field’] : ‘’ );582 update_post_meta( $post_ID, 'wpep_square_user_email_exclude_blank_tags_lines’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_exclude_blank_tags_lines’] ) ? $_POST[‘wpep_square_user_email_exclude_blank_tags_lines’] : ‘’ ) );583584 update_post_meta( $post_ID, 'wpep_square_user_email_content_type_html’, sanitize_text_field( isset( $_POST[‘wpep_square_user_email_content_type_html’] ) ? $_POST[‘wpep_square_user_email_content_type_html’] : ‘’ ) );585 update_post_meta( $post_ID, 'wpep_button_title’, sanitize_text_field( isset( $_POST[‘wpep_button_title’] ) ? $_POST[‘wpep_button_title’] : ‘’ ) );586587 update_post_meta( $post_ID, 'wpep_square_location_id’, sanitize_text_field( isset( $_POST[‘wpep_square_location_id’] ) ? $_POST[‘wpep_square_location_id’] : ‘’ ) );588 update_post_meta( $post_ID, 'wpep_square_amount_type’, sanitize_text_field( isset( $_POST[‘wpep_square_amount_type’] ) ? $_POST[‘wpep_square_amount_type’] : ‘’ ) );589 update_post_meta( $post_ID, 'wpep_open_in_popup’, sanitize_text_field( isset( $_POST[‘wpep_open_in_popup’] ) ? $_POST[‘wpep_open_in_popup’] : ‘’ ) );590 update_post_meta( $post_ID, 'wpep_payment_mode’, sanitize_text_field( isset( $_POST[‘wpep_payment_mode’] ) ? $_POST[‘wpep_payment_mode’] : ‘’ ) );591592593 update_post_meta( $post_ID, 'wpep_square_google_pay’, sanitize_text_field( isset( $_POST[‘wpep_square_google_pay’] ) ? $_POST[‘wpep_square_google_pay’] : ‘’ ) );594 update_post_meta( $post_ID, 'wpep_individual_form_global’, sanitize_text_field( isset( $_POST[‘wpep_individual_form_global’] ) ? $_POST[‘wpep_individual_form_global’] : ‘’ ) );595 update_post_meta( $post_ID, 'wpep_subscription_cycle_interval’, sanitize_text_field( isset( $_POST[‘wpep_subscription_cycle_interval’] ) ? $_POST[‘wpep_subscription_cycle_interval’] : ‘’ ) );596 update_post_meta( $post_ID, 'wpep_subscription_cycle’, sanitize_text_field( isset( $_POST[‘wpep_subscription_cycle’] ) ? $_POST[‘wpep_subscription_cycle’] : ‘’ ) );597 update_post_meta( $post_ID, 'wpep_subscription_length’, sanitize_text_field( isset( $_POST[‘wpep_subscription_length’] ) ? $_POST[‘wpep_subscription_length’] : ‘’ ) );598 update_post_meta( $post_ID, 'wpep_organization_name’, sanitize_text_field( isset( $_POST[‘wpep_organization_name’] ) ? $_POST[‘wpep_organization_name’] : ‘’ ) );599600601 update_post_meta( $post_ID, 'wpep_dropdown_amounts’, isset( $dropdown_amounts_with_labels ) ? $dropdown_amounts_with_labels : ‘’ );602 update_post_meta( $post_ID, 'wpep_radio_amounts’, isset( $radio_amounts_with_labels ) ? $radio_amounts_with_labels : ‘’ );603 update_post_meta( $post_ID, 'wpep_products_with_labels’, isset( $tabular_products_with_labels ) ? $tabular_products_with_labels : ‘’ );604605 update_post_meta( $post_ID, 'wpep_square_payment_min’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_min’] ) ? $_POST[‘wpep_square_payment_min’] : ‘’ ) );606 update_post_meta( $post_ID, 'wpep_square_payment_max’, sanitize_text_field( isset( $_POST[‘wpep_square_payment_max’] ) ? $_POST[‘wpep_square_payment_max’] : ‘’ ) );607608 update_post_meta( $post_ID, 'wpep_show_wizard’, sanitize_text_field( isset( $_POST[‘wpep_show_wizard’] ) ? $_POST[‘wpep_show_wizard’] : ‘’ ) );609 update_post_meta( $post_ID, 'wpep_show_shadow’, sanitize_text_field( isset( $_POST[‘wpep_show_shadow’] ) ? $_POST[‘wpep_show_shadow’] : ‘’ ) );610 update_post_meta( $post_ID, 'wpep_btn_theme’, sanitize_text_field( isset( $_POST[‘wpep_btn_theme’] ) ? $_POST[‘wpep_btn_theme’] : ‘’ ) );611 update_post_meta( $post_ID, 'wpep_form_theme_color’, sanitize_text_field( isset( $_POST[‘wpep_form_theme_color’] ) ? $_POST[‘wpep_form_theme_color’] : ‘’ ) );612 update_post_meta( $post_ID, 'wpep_payment_btn_label’, sanitize_text_field( isset( $_POST[‘wpep_payment_btn_label’] ) ? $_POST[‘wpep_payment_btn_label’] : ‘’ ) );613614 /* adding redirection values */615 update_post_meta( $post_ID, 'wantRedirection’, sanitize_text_field( isset( $_POST[‘wantRedirection’] ) ? $_POST[‘wantRedirection’] : ‘No’ ) );616 update_post_meta( $post_ID, 'redirectionDelay’, sanitize_text_field( isset( $_POST[‘redirectionDelay’] ) ? $_POST[‘redirectionDelay’] : ‘’ ) );617618 /*term & condition Check */619 update_post_meta( $post_ID, 'enableTermsCondition’, sanitize_text_field( isset( $_POST[‘enableTermsCondition’] ) ? $_POST[‘enableTermsCondition’] : ‘’ ) );620 update_post_meta( $post_ID, 'termsLabel’, sanitize_text_field( isset( $_POST[‘termsLabel’] ) ? $_POST[‘termsLabel’] : ‘’ ) );621 update_post_meta( $post_ID, 'termsLink’, sanitize_text_field( isset( $_POST[‘termsLink’] ) ? $_POST[‘termsLink’] : ‘’ ) );622 update_post_meta( $post_ID, 'postalPh’, sanitize_text_field( isset( $_POST[‘postalPh’] ) ? $_POST[‘postalPh’] : ‘’ ) );623624 update_post_meta( $post_ID, 'enableQuantity’, sanitize_text_field( isset( $_POST[‘enableQuantity’] ) ? $_POST[‘enableQuantity’] : ‘’ ) );625626 global $wpdb;627 if ( get_post_type( $post_ID ) == ‘wp_easy_pay’ ) {628629 $title = sanitize_text_field( $_POST[‘post_title’] );630 $post_name = urlencode( $_POST[‘post_title’] );631 $post_content = sanitize_text_field( $_POST[‘post_content’] );632 $where = array( ‘ID’ => $post_ID );633 $wpdb->update( $wpdb->posts, array( ‘post_title’ => $title ), $where );634 $wpdb->update( $wpdb->posts, array( ‘post_content’ => $post_content ), $where );635636 }637638 }639640}641642add_action( 'save_post_wp_easy_pay’, 'wpep_save_add_form_fields’, 10, 3 );643644645function wpep_create_connect_url( $origin ) {646647 $URI_REQUESTED = $_SERVER[‘REQUEST_URI’];648649 /* Fetch GET parameters from URI */650 $parts = parse_url( $URI_REQUESTED );651 parse_str( $parts[‘query’], $url_identifiers );652653 /* Fetch Admin URL */654 $slash_exploded = explode( '/’, $URI_REQUESTED );655656 $question_mark_exploded = explode( '?’, $slash_exploded[2] );657 $url_identifiers[‘wpep_admin_url’] = $question_mark_exploded[0];658 $url_identifiers[‘wpep_post_type’] = 'wp_easy_pay’;659 $url_identifiers[‘wpep_prepare_connection_call’] = true;660661 if ( $origin == ‘individual_form’ ) {662663 if ( isset( $_GET[‘post’] ) && ! empty( $_GET[‘post’] ) ) {664665 $url_identifiers[‘wpep_page_post’] = $_GET[‘post’];666667 }668669670 }671672 if ( $origin == ‘global’ ) {673674 $url_identifiers[‘wpep_page_post’] = 'global’;675676 }677678 $connection_url = add_query_arg( $url_identifiers, $url_identifiers[‘wpep_admin_url’] );679680 return $connection_url;681682}683684685function wpep_create_connect_sandbox_url( $origin ) {686687 $URI_REQUESTED = $_SERVER[‘REQUEST_URI’];688689 /* Fetch GET parameters from URI */690 $parts = parse_url( $URI_REQUESTED );691 parse_str( $parts[‘query’], $url_identifiers );692693 /* Fetch Admin URL */694 $slash_exploded = explode( '/’, $URI_REQUESTED );695696 $question_mark_exploded = explode( '?’, $slash_exploded[2] );697 $url_identifiers[‘wpep_admin_url’] = $question_mark_exploded[0];698 $url_identifiers[‘wpep_post_type’] = 'wp_easy_pay’;699 $url_identifiers[‘wpep_prepare_connection_call’] = true;700701 if ( $origin == ‘individual_form’ ) {702703 if ( isset( $_GET[‘post’] ) && ! empty( $_GET[‘post’] ) ) {704705 $url_identifiers[‘wpep_page_post’] = $_GET[‘post’];706 $url_identifiers[‘wpep_sandbox’] = "yes";707708 }709710711 }712713 if ( $origin == ‘global’ ) {714715 $url_identifiers[‘wpep_page_post’] = 'global’;716 $url_identifiers[‘wpep_sandbox’] = "yes";717718 }719720 $connection_url = add_query_arg( $url_identifiers, $url_identifiers[‘wpep_admin_url’] );721722 return $connection_url;723724}725726727/*Mufaddal Added shortcode metabox in build form page*/728function wpep_add_form_shortcode_metabox() {729730 add_meta_box(731732 'wpep_form_shortcode_metabox’,733 'Shortcode’,734 'wpep_render_form_shortcode_meta_html’,735 'wp_easy_pay’,736 'side’,737 'high’738 );739740 add_meta_box(741742 'wpep_form_style_box’,743 'Form Style’,744 'wpep_render_form_style_meta_html’,745 'wp_easy_pay’,746 'side’747 );748}749750add_action( 'admin_init’, ‘wpep_add_form_shortcode_metabox’ );751752function wpep_render_form_shortcode_meta_html( $post ) {753754 require_once WPEP_ROOT_PATH . 'premium-files/views/backend/form_builder_settings/form_shortocde_metabox.php’;755}756757758function add_publish_meta_options( $post_obj ) {759760 global $post;761 $post_type = 'wp_easy_pay’; // If you want a specific post type762 $value = get_post_meta( $post_obj->ID, 'check_meta’, true ); // If saving value to post_meta763764 if ( $post_type == $post->post_type ) {765 echo 1;766 }767}768769add_action( 'post_submitbox_misc_actions’, ‘add_publish_meta_options’ );770771function wpep_render_form_style_meta_html( $post ) {772773 require_once WPEP_ROOT_PATH . 'premium-files/views/backend/form_builder_settings/wpep_render_form_style_meta_html.php’;774}775776777/*Mufaddal Added shortcode metabox in build form page*/778function wpep_add_form_currency_show_type_metabox() {779 add_meta_box(780781 'wpep_form_currency_show_type_metabox’,782 'Change Currency Symbol’,783 'wpep_render_form_change_currency_show_type_html’,784 'wp_easy_pay’,785 'side’,786 'high’787 );788}789790add_action( 'admin_init’, ‘wpep_add_form_currency_show_type_metabox’ );791792function wpep_render_form_change_currency_show_type_html( $post ) {793794 require_once WPEP_ROOT_PATH . 'premium-files/views/backend/form_builder_settings/form_currency_show_type_metabox.php’;795}