diff --git a/adminpages/orders.php b/adminpages/orders.php index e24227f55b..59da933fed 100644 --- a/adminpages/orders.php +++ b/adminpages/orders.php @@ -9,151 +9,6 @@ $now = current_time( 'timestamp' ); -if ( isset( $_REQUEST['s'] ) ) { - $s = trim( sanitize_text_field( $_REQUEST['s'] ) ); -} else { - $s = ''; -} - -if ( isset( $_REQUEST['l'] ) ) { - $l = intval( $_REQUEST['l'] ); -} else { - $l = false; -} - -if ( isset( $_REQUEST['discount-code'] ) ) { - $discount_code = intval( $_REQUEST['discount-code'] ); -} else { - $discount_code = false; -} - -if ( isset( $_REQUEST['start-month'] ) ) { - $start_month = intval( $_REQUEST['start-month'] ); -} else { - $start_month = '1'; -} - -if ( isset( $_REQUEST['start-day'] ) ) { - $start_day = intval( $_REQUEST['start-day'] ); -} else { - $start_day = '1'; -} - -if ( isset( $_REQUEST['start-year'] ) ) { - $start_year = intval( $_REQUEST['start-year'] ); -} else { - $start_year = date( 'Y', $now ); -} - -if ( isset( $_REQUEST['end-month'] ) ) { - $end_month = intval( $_REQUEST['end-month'] ); -} else { - $end_month = date( 'n', $now ); -} - -if ( isset( $_REQUEST['end-day'] ) ) { - $end_day = intval( $_REQUEST['end-day'] ); -} else { - $end_day = date( 'j', $now ); -} - -if ( isset( $_REQUEST['end-year'] ) ) { - $end_year = intval( $_REQUEST['end-year'] ); -} else { - $end_year = date( 'Y', $now ); -} - -if ( isset( $_REQUEST['predefined-date'] ) ) { - $predefined_date = sanitize_text_field( $_REQUEST['predefined-date'] ); -} else { - $predefined_date = 'This Month'; -} - -if ( isset( $_REQUEST['status'] ) ) { - $status = sanitize_text_field( $_REQUEST['status'] ); -} else { - $status = ''; -} - -if ( isset( $_REQUEST['filter'] ) ) { - $filter = sanitize_text_field( $_REQUEST['filter'] ); -} else { - $filter = 'all'; -} - -// some vars for the search -if ( isset( $_REQUEST['pn'] ) ) { - $pn = intval( $_REQUEST['pn'] ); -} else { - $pn = 1; -} - -if ( isset( $_REQUEST['limit'] ) ) { - $limit = intval( $_REQUEST['limit'] ); -} else { - /** - * Filter to set the default number of items to show per page - * on the Orders page in the admin. - * - * @since 1.8.4.5 - * - * @param int $limit The number of items to show per page. - */ - $limit = apply_filters( 'pmpro_orders_per_page', 15 ); -} - -$end = $pn * $limit; -$start = $end - $limit; - -// filters -if ( empty( $filter ) || $filter === 'all' ) { - $condition = '1=1'; - $filter = 'all'; -} elseif ( $filter == 'within-a-date-range' ) { - $start_date = $start_year . '-' . $start_month . '-' . $start_day; - $end_date = $end_year . '-' . $end_month . '-' . $end_day; - - // add times to dates and localize - $start_date = get_gmt_from_date( $start_date . ' 00:00:00' ); - $end_date = get_gmt_from_date( $end_date . ' 23:59:59' ); - - $condition = "o.timestamp BETWEEN '" . esc_sql( $start_date ) . "' AND '" . esc_sql( $end_date ) . "'"; -} elseif ( $filter == 'predefined-date-range' ) { - if ( $predefined_date == 'Last Month' ) { - $start_date = date( 'Y-m-d', strtotime( 'first day of last month', $now ) ); - $end_date = date( 'Y-m-d', strtotime( 'last day of last month', $now ) ); - } elseif ( $predefined_date == 'This Month' ) { - $start_date = date( 'Y-m-d', strtotime( 'first day of this month', $now ) ); - $end_date = date( 'Y-m-d', strtotime( 'last day of this month', $now ) ); - } elseif ( $predefined_date == 'This Year' ) { - $year = date( 'Y', $now ); - $start_date = date( 'Y-m-d', strtotime( "first day of January $year", $now ) ); - $end_date = date( 'Y-m-d', strtotime( "last day of December $year", $now ) ); - } elseif ( $predefined_date == 'Last Year' ) { - $year = date( 'Y', $now ) - 1; - $start_date = date( 'Y-m-d', strtotime( "first day of January $year", $now ) ); - $end_date = date( 'Y-m-d', strtotime( "last day of December $year", $now ) ); - } - - // add times to dates and localize - $start_date = get_gmt_from_date( $start_date . ' 00:00:00' ); - $end_date = get_gmt_from_date( $end_date . ' 23:59:59' ); - - $condition = "o.timestamp BETWEEN '" . esc_sql( $start_date ) . "' AND '" . esc_sql( $end_date ) . "'"; -} elseif ( $filter == 'within-a-level' ) { - $condition = 'o.membership_id = ' . (int) $l ; -} elseif ( $filter == 'with-discount-code' ) { - $condition = 'dc.code_id = ' . (int) $discount_code; -} elseif ( $filter == 'within-a-status' ) { - $condition = "o.status = '" . esc_sql( $status ) . "' "; -} elseif ( $filter == 'only-paid' ) { - $condition = "o.total > 0"; -} elseif( $filter == 'only-free' ) { - $condition = "o.total = 0"; -} - -$condition = apply_filters( 'pmpro_admin_orders_query_condition', $condition, $filter ); - // deleting? if ( ! empty( $_REQUEST['delete'] ) ) { // Check nonce for deleting. @@ -210,7 +65,8 @@ ); // if this is a new order or copy of one, let's make all fields editable -if ( ! empty( $_REQUEST['order'] ) && $_REQUEST['order'] < 0 ) { +// Checking orderby as order could be the order ID or whether the List Table should be sorted ascending or descending. +if ( ( ! empty( $_REQUEST['order'] ) && $_REQUEST['order'] < 0 ) && ! isset( $_REQUEST['orderby'] ) ) { $read_only_fields = array(); } @@ -352,7 +208,8 @@ } } else { // order passed? - if ( ! empty( $_REQUEST['order'] ) ) { + // Checking orderby as order could be the order ID or whether the List Table should be sorted ascending or descending. + if ( ! empty( $_REQUEST['order'] ) && ! isset( $_REQUEST['orderby'] ) ) { $order_id = intval( $_REQUEST['order'] ); if ( $order_id > 0 ) { $order = new MemberOrder( $order_id ); @@ -1060,18 +917,18 @@ // build the export URL $export_url = admin_url( 'admin-ajax.php?action=orders_csv' ); $url_params = array( - 'filter' => $filter, - 's' => $s, - 'l' => $l, - 'start-month' => $start_month, - 'start-day' => $start_day, - 'start-year' => $start_year, - 'end-month' => $end_month, - 'end-day' => $end_day, - 'end-year' => $end_year, - 'predefined-date' => $predefined_date, - 'discount-code' => $discount_code, - 'status' => $status, + 'filter' => isset( $_REQUEST['filter'] ) ? trim( sanitize_text_field( $_REQUEST['filter'] ) ) : 'all', + 's' => isset( $_REQUEST['s'] ) ? sanitize_text_field( $_REQUEST['s'] ) : '', + 'l' => isset( $_REQUEST['l'] ) ? sanitize_text_field( $_REQUEST['l'] ) : false, + 'start-month' => isset( $_REQUEST['start-month'] ) ? intval( $_REQUEST['start-month'] ) : '1', + 'start-day' => isset( $_REQUEST['start-day'] ) ? intval( $_REQUEST['start-day'] ) : '1', + 'start-year' => isset( $_REQUEST['start-year'] ) ? intval( $_REQUEST['start-year'] ) : date( 'Y', $now ), + 'end-month' => isset( $_REQUEST['end-month'] ) ? intval( $_REQUEST['end-month'] ) : date( 'n', $now ), + 'end-day' => isset( $_REQUEST['end-day'] ) ? intval( $_REQUEST['end-day'] ) : date( 'j', $now ), + 'end-year' => isset( $_REQUEST['end-year'] ) ? intval( $_REQUEST['end-year'] ) : date( 'Y', $now ), + 'predefined-date' => isset( $_REQUEST['predefined-date'] ) ? sanitize_text_field( $_REQUEST['predefined-date'] ) : 'This Month', + 'discount-code' => isset( $_REQUEST['discount-code'] ) ? intval( $_REQUEST['discount-code'] ) : false, + 'status' => isset( $_REQUEST['status'] ) ? sanitize_text_field( $_REQUEST['status'] ) : '', ); $export_url = add_query_arg( $url_params, $export_url ); ?> @@ -1087,677 +944,14 @@ } ?> ">
- - -- - - - -
- -- | - - | - | - | - | - | - | - | - - | - - |
---|---|---|---|---|---|---|---|---|---|
- code ); ?>
-
- code )
- )
- );
-
- $delete_nonce_url = wp_nonce_url(
- add_query_arg(
- [
- 'page' => 'pmpro-orders',
- 'action' => 'delete_order',
- 'delete' => $order->id,
- ],
- admin_url( 'admin.php' )
- ),
- 'delete_order',
- 'pmpro_orders_nonce'
- );
-
- $refund_text = esc_html(
- sprintf(
- // translators: %s is the Order Code.
- __( 'Refund order %s at the payment gateway. This action is permanent. The user and admin will receive an email confirmation after the refund is processed. Are you sure you want to refund this order?', 'paid-memberships-pro' ),
- str_replace( "'", '', $order->code )
- )
- );
-
- $refund_nonce_url = wp_nonce_url(
- add_query_arg(
- [
- 'page' => 'pmpro-orders',
- 'action' => 'refund_order',
- 'refund' => $order->id,
- ],
- admin_url( 'admin.php' )
- ),
- 'refund_order',
- 'pmpro_orders_nonce'
- );
-
- $actions = [
- 'id' => sprintf(
- // translators: %s is the Order ID.
- __( 'ID: %s', 'paid-memberships-pro' ),
- esc_attr( $order->id )
- ),
- 'edit' => sprintf(
- '%3$s',
- esc_attr__( 'Edit', 'paid-memberships-pro' ),
- esc_url(
- add_query_arg(
- [
- 'page' => 'pmpro-orders',
- 'order' => $order->id,
- ],
- admin_url( 'admin.php' )
- )
- ),
- esc_html__( 'Edit', 'paid-memberships-pro' )
- ),
- 'copy' => sprintf(
- '%3$s',
- esc_attr__( 'Copy', 'paid-memberships-pro' ),
- esc_url(
- add_query_arg(
- [
- 'page' => 'pmpro-orders',
- 'order' => - 1,
- 'copy' => $order->id,
- ],
- admin_url( 'admin.php' )
- )
- ),
- esc_html__( 'Copy', 'paid-memberships-pro' )
- ),
- 'delete' => sprintf(
- '%3$s',
- esc_attr__( 'Delete', 'paid-memberships-pro' ),
- 'javascript:pmpro_askfirst(\'' . esc_js( $delete_text ) . '\', \'' . esc_js( $delete_nonce_url ) . '\'); void(0);',
- esc_html__( 'Delete', 'paid-memberships-pro' )
- ),
- 'print' => sprintf(
- '%3$s',
- esc_attr__( 'Print', 'paid-memberships-pro' ),
- esc_url(
- add_query_arg(
- [
- 'action' => 'pmpro_orders_print_view',
- 'order' => $order->id,
- ],
- admin_url( 'admin-ajax.php' )
- )
- ),
- esc_html__( 'Print', 'paid-memberships-pro' )
- ),
- 'email' => sprintf(
- '%4$s',
- esc_attr__( 'Email', 'paid-memberships-pro' ),
- '#TB_inline?width=600&height=200&inlineId=email_invoice',
- esc_attr( $order->id ),
- esc_html__( 'Email', 'paid-memberships-pro' )
- ),
- ];
-
- if( pmpro_allowed_refunds( $order ) ) {
- $actions['refund'] = sprintf(
- '%3$s',
- esc_attr__( 'Refund', 'paid-memberships-pro' ),
- esc_js( 'javascript:pmpro_askfirst(' . wp_json_encode( $refund_text ) . ', ' . wp_json_encode( $refund_nonce_url ) . '); void(0);' ),
- esc_html__( 'Refund', 'paid-memberships-pro' )
- );
- }
-
- /**
- * Filter the extra actions for this user on this order.
- *
- * @param array $actions The list of actions.
- * @param object $user The user data.
- * @param MemberOrder $order The current order.
- */
- $actions = apply_filters( 'pmpro_orders_user_row_actions', $actions, $order->user, $order );
-
- $actions_html = [];
-
- foreach ( $actions as $action => $link ) {
- $actions_html[] = sprintf(
- '%2$s',
- esc_attr( $action ),
- $link
- );
- }
-
- if ( ! empty( $actions_html ) ) {
- echo implode( ' | ', $actions_html );
- }
- ?>
-
- |
-
- getUser(); ?>
- user ) ) { ?>
- user->user_login ); ?> - user->user_email ); ?> - user_id > 0 ) { ?> - [] - - [] - - |
-
- - membership_id ); - if ( ! empty( $level ) ) { - echo esc_html( $level->name ); - } elseif ( $order->membership_id > 0 ) { ?> - [] - - | -total ) ); ?> | -
- payment_type ) ) {
- if ( in_array( $order->payment_type, array( 'PayPal Standard', 'PayPal Express' ) ) ) {
- $r .= esc_html__( 'PayPal', 'paid-memberships-pro' );
- } else {
- $r .= esc_html( ucwords( $order->payment_type ) );
- }
- $r .= ' '; - } - - if ( ! empty( $order->accountnumber ) ) { - $r .= esc_html( $order->cardtype ) . ': x' . esc_html( last4( $order->accountnumber ) ) . ' '; - } - - if ( ! empty( $order->billing->name ) ) { - $r .= esc_html( $order->billing->name ) . ' '; - } - - if ( ! empty( $order->billing->street ) ) { - $r .= esc_html( $order->billing->street ) . ' '; - } - - if ( $order->billing->city && $order->billing->state ) { - $r .= esc_html( $order->billing->city ) . ', '; - $r .= esc_html( $order->billing->state ) . ' '; - $r .= esc_html( $order->billing->zip ) . ' '; - if ( ! empty( $order->billing->country ) ) { - $r .= esc_html( $order->billing->country ); - } - } - - if ( ! empty( $order->billing->phone ) ) { - $r .= ' ' . esc_html( formatPhone( $order->billing->phone ) ); - } - - // If this column is completely empty, set $r to a dash. - if ( empty( $r ) ) { - $r .= esc_html__( '—', 'paid-memberships-pro' ); - } - - // Echo the data for this column. - echo $r; - ?> - |
- - gateway ) ) { - if ( ! empty( $pmpro_gateways[$order->gateway] ) ) { - echo $pmpro_gateways[$order->gateway]; - } else { - esc_html_e( ucwords( $order->gateway ) ); - } - if ( $order->gateway_environment == 'sandbox' ) { - echo ' (test)'; - } - } else { - esc_html_e( '—', 'paid-memberships-pro' ); - } - ?> - | -
- :
- payment_transaction_id ) ) {
- echo esc_html( $order->payment_transaction_id );
- } else {
- esc_html_e( 'N/A', 'paid-memberships-pro' );
- }
- ?>
- - : - subscription_transaction_id ) ) { - echo esc_html( $order->subscription_transaction_id ); - } else { - esc_html_e( 'N/A', 'paid-memberships-pro' ); - } - ?> - |
- - - status, array( 'success', 'cancelled' ) ) ) { - esc_html_e( 'Paid', 'paid-memberships-pro' ); - } else { - esc_html_e( ucwords( $order->status ) ); - } ?> - - is_renewal() ) { ?> - - - | -- getTimestamp() ) ), - esc_html( date_i18n( get_option( 'time_format' ), $order->getTimestamp() ) ) - ) ); ?> - | - -- getDiscountCode() ) { ?> - - discount_code->code ); ?> - - - | - -
- |