· 7 years ago · Nov 15, 2018, 02:06 PM
1<?php
2/**
3 * Plugin Name: Xclusive Custom Features
4 * Description: A plugin handles login into the xclusive website as well as display of events listing from event vendors .
5 * Version: 1.0.0
6 * Author: Rightclick (A-sin Cole)
7 * License: GPL-2.0+
8 * Text Domain: xclusive
9 */
10
11
12 class Xclusive_Plugin
13 {
14 /**
15 * Creates the plugin class.
16 *
17 * To keep the initialization fast, only add filter and action
18 * hooks in the constructor.
19 */
20 public function __construct()
21 {
22 // the code below registers the shortcode for the login form in the plugin
23 add_shortcode('xclusive-login-form', array( $this, 'render_login_form' ));
24 // code below redirects user to our custom login page
25 add_action('login_form_login', array( $this, 'redirect_to_custom_login' ));
26 add_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
27 add_filter('authenticate', 'wp_authenticate_spam_check', 99);
28 add_filter('authenticate', array( $this, 'maybe_redirect_at_authenticate' ), 101, 3);
29 add_action('wp_logout', array( $this, 'redirect_after_logout' ));
30 add_filter('login_redirect', array( $this, 'redirect_after_login' ), 10, 3);
31 // the code below registers the shortcode for the registeration form in the plugin
32 add_shortcode('xclusive-register-form', array( $this, 'render_register_form' ));
33 // code below redirects user to our custom registration page
34 add_action('login_form_register', array( $this, 'redirect_to_custom_register' ));
35 // call registration function when user submits the form
36 add_action('login_form_register', array( $this, 'do_register_user' ));
37
38 // the code below registers the shortcode for the events page in the plugin
39 add_shortcode('nairabox-events', array($this, 'render_events_page' ));
40 // the code below registers the shortcode for the movies page in the plugin
41 add_shortcode('nairabox-movies', array($this, 'render_movies_page'));
42 // the code below registers the shortcode for the afri tickets event page in the plugin
43 add_shortcode('afritickets-events', array($this, 'render_afrievents_page'));
44 // add filter for ajax calls to increment and edit data for movies tickets quota
45 add_action('wp_ajax_my_action', array($this,'update_nairabox_movies_quota'));
46 // add filter for ajax calls to increment and edit data for events tickets quota
47 add_action('wp_ajax_my_action_events', array($this,'update_nairabox_events_quota'));
48 add_action('wp_ajax_get_nairabox_event_quota', array($this,'get_nairabox_event_quota'));
49 // register cron job
50 add_action('monthly_quota_event', array($this, 'update_tickets_quota_monthly' ));
51 }
52
53
54 /**
55 * Plugin activation hook.
56 *
57 * Creates all WordPress pages needed by the plugin.
58 * this code runs once when plugin is activated
59 */
60 public static function plugin_activated()
61 {
62 // Information needed for creating the plugin's pages
63 $page_definitions = array(
64 'member-login' => array(
65 'title' => __('Sign In', 'xclusive'),
66 'content' => '[xclusive-login-form]'
67 ),
68 'member-account' => array(
69 'title' => __('Your Account', 'xclusive'),
70 'content' => '[account-info]'
71 ),
72 'events-listing' => $arrayName = array(
73 'title' => __('Events', 'xclusive'),
74 'content' => '[nairabox-events]'
75 ),
76 'afrievents-listing' => $arrayName = array(
77 'title' => __('Events', 'xclusive'),
78 'content' => '[afritickets-events]'
79 ),
80 'movies-listing' => $arrayName = array(
81 'title' => __('Movies', 'xclusive'),
82 'content' => '[nairabox-movies]'
83 ),
84 'member-register' => array(
85 'title' => __('Register', 'xclusive'),
86 'content' => '[xclusive-register-form]'
87 ),
88 );
89
90 foreach ($page_definitions as $slug => $page) {
91 // Check that the page doesn't exist already
92 $query = new WP_Query('pagename=' . $slug);
93 if (! $query->have_posts()) {
94 // Add the page using the data from the array above
95 wp_insert_post(
96 array(
97 'post_content' => $page['content'],
98 'post_name' => $slug,
99 'post_title' => $page['title'],
100 'post_status' => 'publish',
101 'post_type' => 'page',
102 'ping_status' => 'closed',
103 'comment_status' => 'closed',
104 )
105 );
106 }
107 }
108
109 // create movies ticket count in wordpress options table
110 update_option("monthly_movies_ticket_count", 1500);
111 // create events ticket count in wordpress options table
112 update_option("quarterly_events_ticket_count", 1500);
113 }
114
115 public function update_nairabox_events_quota()
116 {
117 // number of tickets retrieved from API call
118 $value = intval(sanitize_text_field($_POST['value']));
119 // retrieve user id
120 $user_id = get_current_user_id();
121 // get number of tickets user has left for the period
122 $events_ticket_quota_left = get_user_meta($user_id, 'events_ticket_quota_left', true);
123 // check last month user redeemed ticket
124 $events_ticket_last_redeemed_month = get_user_meta($user_id, 'events_ticket_last_redeemed_month', true);
125 // current month value
126 $current_month = date('m');
127 $current_monthly_events_ticket_count = get_option("quarterly_events_ticket_count");
128 if ($current_month != $events_ticket_last_redeemed_month) {
129 update_user_meta($user_id, 'events_ticket_last_redeemed_month', $current_month);
130 update_user_meta($user_id, 'events_ticket_quota_left', $value);
131 $new_monthly_events_ticket_count = $current_monthly_events_ticket_count - $value;
132 update_option("quarterly_events_ticket_count", $new_monthly_events_ticket_count);
133
134 wp_die(); // this is required to terminate immediately and return a proper response
135 } elseif ($current_month == $events_ticket_last_redeemed_month && $events_ticket_quota_left > 0) {
136 update_user_meta($user_id, 'events_ticket_quota_left', ($events_ticket_quota_left - $value));
137 $new_monthly_events_ticket_count = $current_monthly_events_ticket_count - $value;
138 update_option("quarterly_events_ticket_count", $new_monthly_events_ticket_count);
139 wp_die(); // this is required to terminate immediately and return a proper response
140 } elseif ($current_month == $events_ticket_last_redeemed_month && $events_ticket_quota_left == 0) {
141 wp_die(); // this is required to terminate immediately and return a proper response
142 }
143 }
144
145 public function update_nairabox_movies_quota()
146 {
147 $value = intval(sanitize_text_field($_POST['value']));
148 $user_id = get_current_user_id();
149 $movies_ticket_quota_left = get_user_meta($user_id, 'movies_ticket_quota_left', true);
150 $movies_ticket_last_redeemed_month = get_user_meta($user_id, 'movies_ticket_last_redeemed_month', true);
151 $current_month = date('m');
152 $current_monthly_movies_ticket_count = get_option("monthly_movies_ticket_count");
153 if ($current_month != $movies_ticket_last_redeemed_month) {
154 update_user_meta($user_id, 'movies_ticket_last_redeemed_month', $current_month);
155 update_user_meta($user_id, 'movies_ticket_quota_left', $value);
156 $new_monthly_movies_ticket_count = $current_monthly_movies_ticket_count - $value;
157 update_option("monthly_movies_ticket_count", $new_monthly_movies_ticket_count);
158
159 wp_die(); // this is required to terminate immediately and return a proper response
160 } elseif ($current_month == $movies_ticket_last_redeemed_month && $movies_ticket_quota_left > 0) {
161 update_user_meta($user_id, 'movies_ticket_quota_left', ($movies_ticket_quota_left - $value));
162 $new_monthly_movies_ticket_count = $current_monthly_movies_ticket_count - $value;
163 update_option("monthly_movies_ticket_count", $new_monthly_movies_ticket_count);
164 wp_die(); // this is required to terminate immediately and return a proper response
165 } elseif ($current_month == $movies_ticket_last_redeemed_month && $movies_ticket_quota_left == 0) {
166 wp_die(); // this is required to terminate immediately and return a proper response
167 }
168 }
169
170 public function get_nairabox_event_quota()
171 {
172 $user_id = get_current_user_id();
173 $quota_used = get_user_meta($user_id, 'movies_ticket_quota_left', true);
174 echo $quota_used;
175
176 wp_die();
177 }
178
179
180
181 /**
182 * A shortcode for rendering the new user registration form.
183 *
184 * @param array $attributes Shortcode attributes.
185 * @param string $content The text content for shortcode. Not used.
186 *
187 * @return string The shortcode output
188 */
189 public function render_register_form($attributes, $content = null)
190 {
191 // Parse shortcode attributes
192 $default_attributes = array( 'show_title' => false );
193 $attributes = shortcode_atts($default_attributes, $attributes);
194
195 if (is_user_logged_in()) {
196 return __('You are already signed in.', 'xclusive');
197 } elseif (! get_option('users_can_register')) {
198 return __('Registering new users is currently not allowed.', 'xclusive');
199 } else {
200 // Retrieve possible errors from request parameters
201 $attributes['errors'] = array();
202 if (isset($_REQUEST['register-errors'])) {
203 $error_codes = explode(',', $_REQUEST['register-errors']);
204
205 foreach ($error_codes as $error_code) {
206 $attributes['errors'] []= $this->get_error_message($error_code);
207 }
208 }
209 return $this->get_template_html('register_form', $attributes);
210 }
211 }
212
213 /**
214 * Redirects the user to the custom registration page instead
215 * of wp-login.php?action=register.
216 */
217 public function redirect_to_custom_register()
218 {
219 if ('GET' == $_SERVER['REQUEST_METHOD']) {
220 if (is_user_logged_in()) {
221 $this->redirect_logged_in_user();
222 } else {
223 wp_redirect(home_url('member-register'));
224 }
225 exit;
226 }
227 }
228
229 /**
230 * Validates and then completes the new user signup process if all went well.
231 *
232 * @param string $email The new user's email address
233 * @param string $first_name The new user's first name
234 * @param string $last_name The new user's last name
235 * @param string $phone The user's phone number
236 *
237 * @return int|WP_Error The id of the user that was created, or error if failed.
238 */
239 private function register_user($email, $first_name, $last_name, $phone)
240 {
241 $errors = new WP_Error();
242
243 // Email address is used as both username and email. It is also the only
244 // parameter we need to validate
245 if (! is_email($email)) {
246 $errors->add('email', $this->get_error_message('email'));
247 return $errors;
248 }
249
250 if (username_exists($email) || email_exists($email)) {
251 // $errors->add( 'email_exists', $this->get_error_message( 'email_exists') );
252 $creds = array(
253 'user_login' => $email,
254 'user_password' => 'Vu0bqg^h1P7pECozLLLabILp766dssjbHH',
255 'remember' => true
256 );
257 $user = wp_signon($creds, false);
258 return $user;
259 }
260
261 // Generate the password so that the subscriber will have to check email...
262 $password = 'Vu0bqg^h1P7pECozLLLabILp766dssjbHH';
263
264 $user_data = array(
265 'user_login' => $email,
266 'user_email' => $email,
267 'user_pass' => $password,
268 'first_name' => $first_name,
269 'last_name' => $last_name,
270 'nickname' => $first_name,
271 );
272
273 $user_id = wp_insert_user($user_data);
274 add_user_meta($user_id, 'phone', $phone);
275 // wp_new_user_notification( $user_id, $password );
276
277 // set current month as last time user redeemed movies ticket in wordpress options table
278 update_user_meta($user_id, 'movies_ticket_last_redeemed_month', date('m'));
279 // set users movies ticket quota to 2
280 update_user_meta($user_id, 'movies_ticket_quota_left', 2);
281 // set current month as last time user redeemed event ticket in wordpress options table
282 update_user_meta($user_id, 'events_ticket_last_redeemed_month', date('m'));
283 // set users event ticket quota to 1
284 update_user_meta($user_id, 'events_ticket_quota_left', 1);
285
286 // redirect_after_login(get_home_url());
287 return $user_id;
288 }
289
290 /**
291 * Handles the registration of a new user.
292 *
293 * Used through the action hook "login_form_register" activated on wp-login.php
294 * when accessed through the registration action.
295 */
296 public function do_register_user()
297 {
298 if ('POST' == $_SERVER['REQUEST_METHOD']) {
299 $redirect_url = home_url('member-register');
300
301 if (! get_option('users_can_register')) {
302 // Registration closed, display error
303 $redirect_url = add_query_arg('register-errors', 'closed', $redirect_url);
304 } else {
305 $email = $_POST['email'];
306 $first_name = sanitize_text_field($_POST['first_name']);
307 $last_name = sanitize_text_field($_POST['last_name']);
308 $phone = sanitize_text_field(($_POST['phone']));
309
310 $result = $this->register_user($email, $first_name, $last_name, $phone);
311
312 if (is_wp_error($result)) {
313 // Parse errors into a string and append as parameter to redirect
314 $errors = join(',', $result->get_error_codes());
315 $redirect_url = add_query_arg('register-errors', $errors, $redirect_url);
316 } else {
317 // Success, redirect to home page.
318 $redirect_url = home_url();
319 $redirect_url = add_query_arg('registered', $email, $redirect_url);
320 }
321 }
322
323 wp_redirect($redirect_url);
324 exit;
325 }
326 }
327
328
329 /**
330 * A shortcode for rendering the movies page.
331 *
332 * @param array $attributes Shortcode attributes.
333 * @param string $content The text content for shortcode. Not used.
334 *
335 * @return string The shortcode output
336 */
337 public function render_movies_page($attributes, $content = null)
338 {
339 // Parse shortcode attributes
340 $default_attributes = array( 'show_title' => false );
341 $attributes = shortcode_atts($default_attributes, $attributes);
342 $show_title = $attributes['show_title'];
343
344
345
346 // Pass the redirect parameter to the WordPress login functionality: by default,
347 // don't specify a redirect, but if a valid redirect URL has been passed as
348 // request parameter, use it.
349 $attributes['redirect'] = '';
350 if (isset($_REQUEST['redirect_to'])) {
351 $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
352 }
353 // Error messages
354 $errors = array();
355 if (isset($_REQUEST['login'])) {
356 $error_codes = explode(',', $_REQUEST['login']);
357
358 foreach ($error_codes as $code) {
359 $errors []= $this->get_error_message($code);
360 }
361 }
362 $attributes['errors'] = $errors;
363
364 // Check if user just logged out
365 $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;
366
367 // Render the login form using an external template
368 return $this->get_template_html('movies', $attributes);
369 }
370
371
372 /**
373 * A shortcode for rendering the events page.
374 *
375 * @param array $attributes Shortcode attributes.
376 * @param string $content The text content for shortcode. Not used.
377 *
378 * @return string The shortcode output
379 */
380 public function render_events_page($attributes, $content = null)
381 {
382 // Parse shortcode attributes
383 $default_attributes = array( 'show_title' => false );
384 $attributes = shortcode_atts($default_attributes, $attributes);
385 $show_title = $attributes['show_title'];
386
387
388 // Pass the redirect parameter to the WordPress login functionality: by default,
389 // don't specify a redirect, but if a valid redirect URL has been passed as
390 // request parameter, use it.
391 $attributes['redirect'] = '';
392 if (isset($_REQUEST['redirect_to'])) {
393 $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
394 }
395 // Error messages
396 $errors = array();
397 if (isset($_REQUEST['login'])) {
398 $error_codes = explode(',', $_REQUEST['login']);
399
400 foreach ($error_codes as $code) {
401 $errors []= $this->get_error_message($code);
402 }
403 }
404 $attributes['errors'] = $errors;
405
406 // Check if user just logged out
407 $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;
408
409 // Render the login form using an external template
410 return $this->get_template_html('events', $attributes);
411 }
412
413 /**
414 * A shortcode for rendering the events page.
415 *
416 * @param array $attributes Shortcode attributes.
417 * @param string $content The text content for shortcode. Not used.
418 *
419 * @return string The shortcode output
420 */
421 public function render_afrievents_page($attributes, $content = null)
422 {
423 // Parse shortcode attributes
424 $default_attributes = array( 'show_title' => false );
425 $attributes = shortcode_atts($default_attributes, $attributes);
426 $show_title = $attributes['show_title'];
427
428
429 // Pass the redirect parameter to the WordPress login functionality: by default,
430 // don't specify a redirect, but if a valid redirect URL has been passed as
431 // request parameter, use it.
432 $attributes['redirect'] = '';
433 if (isset($_REQUEST['redirect_to'])) {
434 $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
435 }
436 // Error messages
437 $errors = array();
438 if (isset($_REQUEST['login'])) {
439 $error_codes = explode(',', $_REQUEST['login']);
440
441 foreach ($error_codes as $code) {
442 $errors []= $this->get_error_message($code);
443 }
444 }
445 $attributes['errors'] = $errors;
446
447 // Check if user just logged out
448 $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;
449
450 // Render the login form using an external template
451 return $this->get_template_html('afritickets_events', $attributes);
452 }
453
454
455 /**
456 * A shortcode for rendering the login form.
457 *
458 * @param array $attributes Shortcode attributes.
459 * @param string $content The text content for shortcode. Not used.
460 *
461 * @return string The shortcode output
462 */
463 public function render_login_form($attributes, $content = null)
464 {
465 // Parse shortcode attributes
466 $default_attributes = array( 'show_title' => false );
467 $attributes = shortcode_atts($default_attributes, $attributes);
468 $show_title = $attributes['show_title'];
469
470 if (is_user_logged_in()) {
471 return __('You are already signed in.', 'xclusive');
472 }
473
474 // Pass the redirect parameter to the WordPress login functionality: by default,
475 // don't specify a redirect, but if a valid redirect URL has been passed as
476 // request parameter, use it.
477 $attributes['redirect'] = home_url();
478 if (isset($_REQUEST['redirect_to'])) {
479 $attributes['redirect'] = wp_validate_redirect($_REQUEST['redirect_to'], $attributes['redirect']);
480 }
481 // Error messages
482 $errors = array();
483 if (isset($_REQUEST['login'])) {
484 $error_codes = explode(',', $_REQUEST['login']);
485
486 foreach ($error_codes as $code) {
487 $errors []= $this->get_error_message($code);
488 }
489 }
490 $attributes['errors'] = $errors;
491
492 // Check if user just logged out
493 $attributes['logged_out'] = isset($_REQUEST['logged_out']) && $_REQUEST['logged_out'] == true;
494
495 // Render the login form using an external template
496 return $this->get_template_html('login_form', $attributes);
497 }
498
499 /**
500 * Renders the contents of the given template to a string and returns it.
501 *
502 * @param string $template_name The name of the template to render (without .php)
503 * @param array $attributes The PHP variables for the template
504 *
505 * @return string The contents of the template.
506 */
507 private function get_template_html($template_name, $attributes = null)
508 {
509 if (! $attributes) {
510 $attributes = array();
511 }
512
513 ob_start();
514
515 do_action('xclusive_before_' . $template_name);
516
517 require('templates/' . $template_name . '.php');
518
519 do_action('xclusive_after_' . $template_name);
520
521 $html = ob_get_contents();
522 ob_end_clean();
523
524 return $html;
525 }
526
527 /**
528 * Redirect the user to the custom login page instead of wp-login.php.
529 */
530 public function redirect_to_custom_login()
531 {
532 $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null;
533
534 if ($_SERVER['REQUEST_METHOD'] == 'GET') {
535 $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : null;
536
537 if (is_user_logged_in()) {
538 $this->redirect_logged_in_user($redirect_to);
539 exit;
540 }
541
542 // The rest are redirected to the login page
543 $login_url = home_url('member-register');
544 if (! empty($redirect_to)) {
545 $login_url = add_query_arg('redirect_to', $redirect_to, $login_url);
546 }
547
548 wp_redirect($login_url);
549 exit;
550 }
551 }
552
553 /**
554 * Redirects the user to the correct page depending on whether he / she
555 * is an admin or not.
556 *
557 * @param string $redirect_to An optional redirect_to URL for admin users
558 */
559 private function redirect_logged_in_user($redirect_to = null)
560 {
561 $user = wp_get_current_user();
562 if (user_can($user, 'manage_options')) {
563 if ($redirect_to) {
564 wp_safe_redirect($redirect_to);
565 } else {
566 wp_redirect(admin_url());
567 }
568 } else {
569 wp_redirect(home_url('member-account'));
570 }
571 }
572
573 /**
574 * Redirect the user after authentication if there were any errors.
575 *
576 * @param Wp_User|Wp_Error $user The signed in user, or the errors that have occurred during login.
577 * @param string $username The user name used to log in.
578 * @param string $password The password used to log in.
579 *
580 * @return Wp_User|Wp_Error The logged in user, or error information if there were errors.
581 */
582 public function maybe_redirect_at_authenticate($user, $username, $password)
583 {
584 // Check if the earlier authenticate filter (most likely,
585 // the default WordPress authentication) functions have found errors
586 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
587 if (is_wp_error($user)) {
588 $error_codes = join(',', $user->get_error_codes());
589
590 $login_url = home_url('member-login');
591 $login_url = add_query_arg('login', $error_codes, $login_url);
592
593 wp_redirect($login_url);
594 exit;
595 }
596 }
597
598 return $user;
599 }
600
601 /**
602 * Finds and returns a matching error message for the given error code.
603 *
604 * @param string $error_code The error code to look up.
605 *
606 * @return string An error message.
607 */
608 private function get_error_message($error_code)
609 {
610 switch ($error_code) {
611 case 'empty_username':
612 return __('You do have an email address, right?', 'xclusive');
613
614 case 'empty_password':
615 return __('You need to enter a password to login.', 'xclusive');
616
617 case 'invalid_username':
618 return __(
619 "We don't have any users with that email address. Maybe you used a different one when signing up?",
620 'xclusive'
621 );
622
623 case 'incorrect_password':
624 $err = __(
625 "The password you entered wasn't quite right. <a href='%s'>Did you forget your password</a>?",
626 'xclusive'
627 );
628 return sprintf($err, wp_lostpassword_url());
629 // Registration errors
630
631 case 'email':
632 return __('The email address you entered is not valid.', 'xclusive');
633
634 case 'email_exists':
635 return __('An account exists with this email address.', 'xclusive');
636
637 case 'closed':
638 return __('Registering new users is currently not allowed.', 'xclusive');
639
640 default:
641 break;
642 }
643
644 return __('An unknown error occurred. Please try again later.', 'xclusive');
645 }
646
647 /**
648 * Redirect to custom login page after the user has been logged out.
649 */
650 public function redirect_after_logout()
651 {
652 $redirect_url = home_url('login?logged_out=true');
653 wp_safe_redirect($redirect_url);
654 exit;
655 }
656
657 /**
658 * Returns the URL to which the user should be redirected after the (successful) login.
659 *
660 * @param string $redirect_to The redirect destination URL.
661 * @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
662 * @param WP_User|WP_Error $user WP_User object if login was successful, WP_Error object otherwise.
663 *
664 * @return string Redirect URL
665 */
666 public function redirect_after_login($redirect_to, $request, $user)
667 {
668 $redirect_to = $_GET['redirect_to'];
669
670 if(!isset($user -> ID)){
671 return $redirect_to;
672 }
673
674 if(user_can($user, 'manage_options')){
675 $redirect_to = admin_url();
676 } else {
677 return $redirect_to;
678 }
679
680 return $redirect_to;
681 }
682 }
683
684 // Initialize the plugin class
685$xclusive_pages_plugin = new Xclusive_Plugin();
686
687// Create the custom pages on plugin activation
688register_activation_hook(__FILE__, array( 'Xclusive_Plugin', 'plugin_activated' ));