1 <?php
  2 /**
  3  * My Account Shortcodes
  4  *
  5  * Shows the 'my account' section where the customer can view past orders and update their information.
  6  *
  7  * @author      WooThemes
  8  * @category    Shortcodes
  9  * @package     WooCommerce/Shortcodes/My_Account
 10  * @version     2.0.0
 11  */
 12 class WC_Shortcode_My_Account {
 13 
 14     /**
 15      * Get the shortcode content.
 16      *
 17      * @access public
 18      * @param array $atts
 19      * @return string
 20      */
 21     public static function get( $atts ) {
 22         return WC_Shortcodes::shortcode_wrapper( array( __CLASS__, 'output' ), $atts );
 23     }
 24 
 25     /**
 26      * Output the shortcode.
 27      *
 28      * @access public
 29      * @param array $atts
 30      * @return void
 31      */
 32     public static function output( $atts ) {
 33         global $woocommerce, $wp;
 34 
 35         // Check cart class is loaded or abort
 36         if ( is_null( WC()->cart ) ) {
 37             return;
 38         }
 39 
 40         if ( ! is_user_logged_in() ) {
 41 
 42             $message = apply_filters( 'woocommerce_my_account_message', '' );
 43 
 44             if ( ! empty( $message ) ) {
 45                 wc_add_notice( $message );
 46             }
 47 
 48             if ( isset( $wp->query_vars['lost-password'] ) ) {
 49 
 50                 self::lost_password();
 51 
 52             } else {
 53 
 54                 wc_get_template( 'myaccount/form-login.php' );
 55 
 56             }
 57 
 58         } else {
 59 
 60             if ( ! empty( $wp->query_vars['view-order'] ) ) {
 61 
 62                 self::view_order( absint( $wp->query_vars['view-order'] ) );
 63 
 64             } elseif ( isset( $wp->query_vars['edit-account'] ) ) {
 65 
 66                 self::edit_account();
 67 
 68             } elseif ( isset( $wp->query_vars['edit-address'] ) ) {
 69 
 70                 self::edit_address( sanitize_title( $wp->query_vars['edit-address'] ) );
 71 
 72             } elseif ( isset( $wp->query_vars['add-payment-method'] ) ) {
 73 
 74                 self::add_payment_method( $wp->query_vars['add-payment-method'] );
 75 
 76             } else {
 77 
 78                 self::my_account( $atts );
 79 
 80             }
 81         }
 82     }
 83 
 84     /**
 85      * My account page
 86      *
 87      * @param  array $atts
 88      */
 89     private static function my_account( $atts ) {
 90         extract( shortcode_atts( array(
 91             'order_count' => 15
 92         ), $atts ) );
 93 
 94         wc_get_template( 'myaccount/my-account.php', array(
 95             'current_user'  => get_user_by( 'id', get_current_user_id() ),
 96             'order_count'   => 'all' == $order_count ? -1 : $order_count
 97         ) );
 98     }
 99 
100     /**
101      * View order page
102      *
103      * @param  int $order_id
104      */
105     private static function view_order( $order_id ) {
106 
107         $user_id        = get_current_user_id();
108         $order          = new WC_Order( $order_id );
109 
110         if ( ! current_user_can( 'view_order', $order_id ) ) {
111             echo '<div class="woocommerce-error">' . __( 'Invalid order.', 'woocommerce' ) . ' <a href="' . get_permalink( wc_get_page_id( 'myaccount' ) ).'" class="wc-forward">'. __( 'My Account', 'woocommerce' ) .'</a>' . '</div>';
112             return;
113         }
114 
115         wc_get_template( 'myaccount/view-order.php', array(
116             'status'    => get_term_by( 'slug', $order->status, 'shop_order_status' ),
117             'order'     => new WC_Order( $order_id ),
118             'order_id'  => $order_id
119         ) );
120     }
121 
122     /**
123      * Edit account details page
124      */
125     private static function edit_account() {
126         wc_get_template( 'myaccount/form-edit-account.php', array( 'user' => get_user_by( 'id', get_current_user_id() ) ) );
127     }
128 
129     /**
130      * Edit address page.
131      *
132      * @access public
133      * @param string $load_address
134      */
135     private static function edit_address( $load_address = 'billing' ) {
136 
137         // Current user
138         global $current_user;
139         get_currentuserinfo();
140 
141         $load_address = sanitize_key( $load_address );
142 
143         $address = WC()->countries->get_address_fields( get_user_meta( get_current_user_id(), $load_address . '_country', true ), $load_address . '_' );
144 
145         // Enqueue scripts
146         wp_enqueue_script( 'wc-country-select' );
147         wp_enqueue_script( 'wc-address-i18n' );
148 
149         // Prepare values
150         foreach ( $address as $key => $field ) {
151 
152             $value = get_user_meta( get_current_user_id(), $key, true );
153 
154             if ( ! $value ) {
155                 switch( $key ) {
156                     case 'billing_email' :
157                     case 'shipping_email' :
158                         $value = $current_user->user_email;
159                     break;
160                     case 'billing_country' :
161                     case 'shipping_country' :
162                         $value = WC()->countries->get_base_country();
163                     break;
164                     case 'billing_state' :
165                     case 'shipping_state' :
166                         $value = WC()->countries->get_base_state();
167                     break;
168                 }
169             }
170 
171             $address[ $key ]['value'] = apply_filters( 'woocommerce_my_account_edit_address_field_value', $value, $key, $load_address );
172         }
173 
174         wc_get_template( 'myaccount/form-edit-address.php', array(
175             'load_address'  => $load_address,
176             'address'       => apply_filters( 'woocommerce_address_to_edit', $address )
177         ) );
178     }
179 
180     /**
181      * Lost password page
182      */
183     public static function lost_password() {
184 
185         global $post;
186 
187         // arguments to pass to template
188         $args = array( 'form' => 'lost_password' );
189 
190         // process reset key / login from email confirmation link
191         if ( isset( $_GET['key'] ) && isset( $_GET['login'] ) ) {
192 
193             $user = self::check_password_reset_key( $_GET['key'], $_GET['login'] );
194 
195             // reset key / login is correct, display reset password form with hidden key / login values
196             if( is_object( $user ) ) {
197                 $args['form'] = 'reset_password';
198                 $args['key'] = esc_attr( $_GET['key'] );
199                 $args['login'] = esc_attr( $_GET['login'] );
200             }
201         } elseif ( isset( $_GET['reset'] ) ) {
202             wc_add_notice( __( 'Your password has been reset.', 'woocommerce' ) . ' <a href="' . get_permalink( wc_get_page_id( 'myaccount' ) ) . '">' . __( 'Log in', 'woocommerce' ) . '</a>' );
203         }
204 
205         wc_get_template( 'myaccount/form-lost-password.php', $args );
206     }
207 
208     /**
209      * Handles sending password retrieval email to customer.
210      *
211      * @access public
212      * @uses $wpdb WordPress Database object
213      * @return bool True: when finish. False: on error
214      */
215     public static function retrieve_password() {
216         global $woocommerce,$wpdb;
217 
218         if ( empty( $_POST['user_login'] ) ) {
219 
220             wc_add_notice( __( 'Enter a username or e-mail address.', 'woocommerce' ), 'error' );
221 
222         } elseif ( strpos( $_POST['user_login'], '@' ) && apply_filters( 'woocommerce_get_username_from_email', true ) ) {
223 
224             $user_data = get_user_by( 'email', trim( $_POST['user_login'] ) );
225 
226             if ( empty( $user_data ) )
227                 wc_add_notice( __( 'There is no user registered with that email address.', 'woocommerce' ), 'error' );
228 
229         } else {
230 
231             $login = trim( $_POST['user_login'] );
232 
233             $user_data = get_user_by( 'login', $login );
234         }
235 
236         do_action('lostpassword_post');
237 
238         if( wc_notice_count( 'error' ) > 0 )
239             return false;
240 
241         if ( ! $user_data ) {
242             wc_add_notice( __( 'Invalid username or e-mail.', 'woocommerce' ), 'error' );
243             return false;
244         }
245 
246         // redefining user_login ensures we return the right case in the email
247         $user_login = $user_data->user_login;
248         $user_email = $user_data->user_email;
249 
250         do_action('retrieve_password', $user_login);
251 
252         $allow = apply_filters('allow_password_reset', true, $user_data->ID);
253 
254         if ( ! $allow ) {
255 
256             wc_add_notice( __( 'Password reset is not allowed for this user', 'woocommerce' ), 'error' );
257 
258             return false;
259 
260         } elseif ( is_wp_error( $allow ) ) {
261 
262             wc_add_notice( $allow->get_error_message, 'error' );
263 
264             return false;
265         }
266 
267         $key = $wpdb->get_var( $wpdb->prepare( "SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login ) );
268 
269         if ( empty( $key ) ) {
270 
271             // Generate something random for a key...
272             $key = wp_generate_password( 20, false );
273 
274             do_action('retrieve_password_key', $user_login, $key);
275 
276             // Now insert the new md5 key into the db
277             $wpdb->update( $wpdb->users, array( 'user_activation_key' => $key ), array( 'user_login' => $user_login ) );
278         }
279 
280         // Send email notification
281         $mailer = WC()->mailer();
282         do_action( 'woocommerce_reset_password_notification', $user_login, $key );
283 
284         wc_add_notice( __( 'Check your e-mail for the confirmation link.', 'woocommerce' ) );
285         return true;
286     }
287 
288     /**
289      * Retrieves a user row based on password reset key and login
290      *
291      * @uses $wpdb WordPress Database object
292      *
293      * @access public
294      * @param string $key Hash to validate sending user's password
295      * @param string $login The user login
296      * @return object|bool User's database row on success, false for invalid keys
297      */
298     public static function check_password_reset_key( $key, $login ) {
299         global $woocommerce,$wpdb;
300 
301         $key = preg_replace( '/[^a-z0-9]/i', '', $key );
302 
303         if ( empty( $key ) || ! is_string( $key ) ) {
304             wc_add_notice( __( 'Invalid key', 'woocommerce' ), 'error' );
305             return false;
306         }
307 
308         if ( empty( $login ) || ! is_string( $login ) ) {
309             wc_add_notice( __( 'Invalid key', 'woocommerce' ), 'error' );
310             return false;
311         }
312 
313         $user = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM $wpdb->users WHERE user_activation_key = %s AND user_login = %s", $key, $login ) );
314 
315         if ( empty( $user ) ) {
316             wc_add_notice( __( 'Invalid key', 'woocommerce' ), 'error' );
317             return false;
318         }
319 
320         return $user;
321     }
322 
323     /**
324      * Handles resetting the user's password.
325      *
326      * @access public
327      * @param object $user The user
328      * @param string $new_pass New password for the user in plaintext
329      * @return void
330      */
331     public static function reset_password( $user, $new_pass ) {
332         do_action( 'password_reset', $user, $new_pass );
333 
334         wp_set_password( $new_pass, $user->ID );
335 
336         wp_password_change_notification( $user );
337     }
338 
339     /**
340      * Show the add payment method page
341      */
342     private static function add_payment_method() {
343 
344         if ( ! is_user_logged_in() ) {
345 
346             wp_safe_redirect( get_permalink( wc_get_page_id( 'myaccount' ) ) );
347             exit();
348 
349         } else {
350 
351             do_action( 'before_woocommerce_add_payment_method' );
352 
353             wc_add_notice( __( 'Add a new payment method.', 'woocommerce' ), 'notice'  );
354 
355             wc_print_notices();
356 
357             // Add payment method form
358             wc_get_template( 'myaccount/form-add-payment-method.php' );
359 
360             wc_print_notices();
361 
362             do_action( 'after_woocommerce_add_payment_method' );
363 
364         }
365 
366     }
367 }
368
WooCommerce API documentation generated by ApiGen 2.8.0