????

Your IP : 3.15.3.153


Current Path : /home/innovagencyco/www/statxpress/wp-content/plugins/wpforms-lite/src/Db/Payments/
Upload File :
Current File : //home/innovagencyco/www/statxpress/wp-content/plugins/wpforms-lite/src/Db/Payments/Payment.php

<?php

namespace WPForms\Db\Payments;

use WPForms_DB;

/**
 * Class for the Payments database table.
 *
 * @since 1.8.2
 */
class Payment extends WPForms_DB {

	/**
	 * Primary class constructor.
	 *
	 * @since 1.8.2
	 */
	public function __construct() {

		parent::__construct();

		$this->table_name  = self::get_table_name();
		$this->primary_key = 'id';
		$this->type        = 'payment';
	}

	/**
	 * Get the table name.
	 *
	 * @since 1.8.2
	 *
	 * @return string
	 */
	public static function get_table_name() {

		global $wpdb;

		return $wpdb->prefix . 'wpforms_payments';
	}

	/**
	 * Get table columns.
	 *
	 * @since 1.8.2
	 *
	 * @return array
	 */
	public function get_columns() {

		return [
			'id'                  => '%d',
			'form_id'             => '%d',
			'status'              => '%s',
			'subtotal_amount'     => '%f',
			'discount_amount'     => '%f',
			'total_amount'        => '%f',
			'currency'            => '%s',
			'entry_id'            => '%d',
			'gateway'             => '%s',
			'type'                => '%s',
			'mode'                => '%s',
			'transaction_id'      => '%s',
			'customer_id'         => '%s',
			'subscription_id'     => '%s',
			'subscription_status' => '%s',
			'title'               => '%s',
			'date_created_gmt'    => '%s',
			'date_updated_gmt'    => '%s',
			'is_published'        => '%d',
		];
	}

	/**
	 * Default column values.
	 *
	 * @since 1.8.2
	 *
	 * @return array
	 */
	public function get_column_defaults() {

		$date = gmdate( 'Y-m-d H:i:s' );

		return [
			'form_id'             => 0,
			'status'              => '',
			'subtotal_amount'     => 0,
			'discount_amount'     => 0,
			'total_amount'        => 0,
			'currency'            => '',
			'entry_id'            => 0,
			'gateway'             => '',
			'type'                => '',
			'mode'                => '',
			'transaction_id'      => '',
			'customer_id'         => '',
			'subscription_id'     => '',
			'subscription_status' => '',
			'title'               => '',
			'date_created_gmt'    => $date,
			'date_updated_gmt'    => $date,
			'is_published'        => 1,
		];
	}

	/**
	 * Insert a new payment into the database.
	 *
	 * @since 1.8.2
	 *
	 * @param array  $data Column data.
	 * @param string $type Optional. Data type context.
	 *
	 * @return int ID for the newly inserted payment. Zero otherwise.
	 */
	public function add( $data, $type = '' ) {

		// Return early if the status is not allowed.
		// TODO: consider validating other properties as well or get rid of it.
		if ( isset( $data['status'] ) && ! ValueValidator::is_valid( $data['status'], 'status' ) ) {
			return 0;
		}

		// Use database type identifier if a context is empty.
		$type = empty( $type ) ? $this->type : $type;

		return parent::add( $data, $type );
	}

	/**
	 * Retrieve a payment from the database based on a given payment ID.
	 *
	 * @since 1.8.2
	 *
	 * @param int   $payment_id Payment ID.
	 * @param array $args       Additional arguments.
	 *
	 * @return object|null
	 */
	public function get( $payment_id, $args = [] ) {

		if ( ! $this->current_user_can( $payment_id, $args ) && wpforms()->obj( 'access' )->init_allowed() ) {
			return null;
		}

		$payment = parent::get( $payment_id );

		return $payment ? $this->cast_amounts_to_float( $payment ) : null;
	}

	/**
	 * Retrieve a row based on column value.
	 *
	 * @since 1.8.7
	 *
	 * @param string     $column Column name.
	 * @param int|string $value  Column value.
	 *
	 * @return object|null Database query result, object or null on failure.
	 */
	public function get_by( $column, $value ) {

		$payment = parent::get_by( $column, $value );

		return $payment ? $this->cast_amounts_to_float( $payment ) : null;
	}

	/**
	 * Cast amounts to float in the given payment data object.
	 *
	 * @since 1.8.7
	 *
	 * @param object $payment Payment ID.
	 *
	 * @return object
	 */
	private function cast_amounts_to_float( $payment ) {

		if ( empty( $payment ) || ! is_object( $payment ) ) {
			return $payment;
		}

		// Amounts is stored in DB as decimal(26,8), but appear here as strings.
		// Therefore, they should be cast to float to avoid further multi-time currency conversion.
		$payment->subtotal_amount = $payment->subtotal_amount ? (float) $payment->subtotal_amount : 0;
		$payment->discount_amount = $payment->discount_amount ? (float) $payment->discount_amount : 0;
		$payment->total_amount    = $payment->total_amount ? (float) $payment->total_amount : 0;

		return $payment;
	}

	/**
	 * Update an existing payment in the database.
	 *
	 * @since 1.8.2
	 *
	 * @param string $payment_id Payment ID.
	 * @param array  $data       Array of columns and associated data to update.
	 * @param string $where      Column to match against in the WHERE clause. If empty, $primary_key will be used.
	 * @param string $type       Data type context.
	 * @param array  $args       Additional arguments.
	 *
	 * @return bool
	 */
	public function update( $payment_id, $data = [], $where = '', $type = '', $args = [] ) {

		if ( ! $this->current_user_can( $payment_id, $args ) ) {
			return false;
		}

		// TODO: consider validating other properties as well or get rid of it.
		if ( isset( $data['status'] ) && ! ValueValidator::is_valid( $data['status'], 'status' ) ) {
			return false;
		}

		// Use database type identifier if a context is empty.
		$type = empty( $type ) ? $this->type : $type;

		return parent::update( $payment_id, $data, $where, $type );
	}

	/**
	 * Delete a payment from the database, also removes payment meta.
	 *
	 * @since 1.8.2
	 *
	 * @param int   $payment_id Payment ID.
	 * @param array $args       Additional arguments.
	 *
	 * @return bool False if the payment and meta could not be deleted, true otherwise.
	 */
	public function delete( $payment_id = 0, $args = [] ): bool {

		if ( ! $this->current_user_can( $payment_id, $args ) ) {
			return false;
		}

		$is_payment_deleted = parent::delete( $payment_id );
		$is_meta_deleted    = wpforms()->obj( 'payment_meta' )->delete_by( 'payment_id', $payment_id );

		return $is_payment_deleted && $is_meta_deleted;
	}

	/**
	 * Retrieve a list of payments.
	 *
	 * @since 1.8.2
	 *
	 * @param array $args Arguments.
	 *
	 * @return array
	 */
	public function get_payments( $args = [] ) {

		global $wpdb;

		$args = $this->sanitize_get_payments_args( $args );

		if ( ! $this->current_user_can( 0, $args ) ) {
			return [];
		}

		// Prepare query.
		$query[] = "SELECT p.* FROM {$this->table_name} as p";

		/**
		 * Filter the query for get_payments method before the WHERE clause.
		 *
		 * @since 1.8.2
		 *
		 * @param string $where Before the WHERE clause in DB query.
		 * @param array  $args  Query arguments.
		 *
		 * @return string
		 */
		$query[] = apply_filters( 'wpforms_db_payments_payment_get_payments_query_before_where', '', $args );
		$query[] = 'WHERE 1=1';
		$query[] = $this->add_columns_where_conditions( $args );
		$query[] = $this->add_secondary_where_conditions( $args );

		/**
		 * Extend the query for the get_payments method after the WHERE clause.
		 *
		 * This hook provides the flexibility to modify the SQL query by appending custom conditions
		 * right after the WHERE clause.
		 *
		 * @since 1.8.4
		 *
		 * @param string $where After the WHERE clause in the database query.
		 * @param array  $args  Query arguments.
		 *
		 * @return string
		 */
		$query[] = apply_filters( 'wpforms_db_payments_payment_get_payments_query_after_where', '', $args );

		// Order.
		$query[] = sprintf( 'ORDER BY %s', sanitize_sql_orderby( "{$args['orderby']} {$args['order']}" ) );

		// Limit.
		$query[] = $wpdb->prepare( 'LIMIT %d, %d', $args['offset'], $args['number'] );

		// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching, WordPress.DB.PreparedSQL.NotPrepared
		$result = $wpdb->get_results( implode( ' ', $query ), ARRAY_A );

		// Get results.
		return ! $result ? [] : $result;
	}

	/**
	 * Create the table.
	 *
	 * @since 1.8.2
	 */
	public function create_table() {

		global $wpdb;

		$charset_collate = $wpdb->get_charset_collate();

		/**
		 * To avoid any possible issues during migration from entries to payments' table,
		 * all data types are preserved.
		 *
		 * Note: there must be two spaces between the words PRIMARY KEY and the definition of primary key.
		 *
		 * @link https://codex.wordpress.org/Creating_Tables_with_Plugins#Creating_or_Updating_the_Table
		 */
		$query = "CREATE TABLE $this->table_name (
			id bigint(20) NOT NULL AUTO_INCREMENT,
			form_id bigint(20) NOT NULL,
			status varchar(10) NOT NULL DEFAULT '',
			subtotal_amount decimal(26,8) NOT NULL DEFAULT 0,
			discount_amount decimal(26,8) NOT NULL DEFAULT 0,
			total_amount decimal(26,8) NOT NULL DEFAULT 0,
			currency varchar(3) NOT NULL DEFAULT '',
			entry_id bigint(20) NOT NULL DEFAULT 0,
			gateway varchar(20) NOT NULL DEFAULT '',
			type varchar(12) NOT NULL DEFAULT '',
			mode varchar(4) NOT NULL DEFAULT '',
			transaction_id varchar(40) NOT NULL DEFAULT '',
			customer_id varchar(40) NOT NULL DEFAULT '',
			subscription_id varchar(40) NOT NULL DEFAULT '',
			subscription_status varchar(10) NOT NULL DEFAULT '',
			title varchar(255) NOT NULL DEFAULT '',
			date_created_gmt datetime NOT NULL,
			date_updated_gmt datetime NOT NULL,
			is_published tinyint(1) NOT NULL DEFAULT 1,
			PRIMARY KEY  (id),
			KEY form_id (form_id),
			KEY status (status(8)),
			KEY total_amount (total_amount),
			KEY type (type(8)),
			KEY transaction_id (transaction_id(32)),
			KEY customer_id (customer_id(32)),
			KEY subscription_id (subscription_id(32)),
			KEY subscription_status (subscription_status(8)),
			KEY title (title(64))
		) $charset_collate;";

		require_once ABSPATH . 'wp-admin/includes/upgrade.php';
		dbDelta( $query );
	}

	/**
	 * Check if the current user has capabilities to manage payments.
	 *
	 * @since 1.8.2
	 *
	 * @param int   $payment_id Payment ID.
	 * @param array $args       Additional arguments.
	 *
	 * @return bool
	 * @noinspection IfReturnReturnSimplificationInspection
	 */
	private function current_user_can( $payment_id, $args = [] ) {

		$manage_cap = wpforms_get_capability_manage_options();

		if ( ! isset( $args['cap'] ) ) {
			$args['cap'] = $manage_cap;
		}

		if ( ! empty( $args['cap'] ) && ! wpforms_current_user_can( $args['cap'], $payment_id ) ) {
			return false;
		}

		return true;
	}

	/**
	 * Construct where clauses for selected columns.
	 *
	 * @since 1.8.4
	 *
	 * @param array $args Query arguments.
	 *
	 * @return string
	 */
	public function add_columns_where_conditions( $args = [] ) {

		// Allowed columns for filtering.
		$allowed_cols = [
			'form_id',
			'entry_id',
			'status',
			'subscription_status',
			'type',
			'gateway',
		];

		$where = '';

		// Determine if this is a table query.
		$is_table_query   = ! empty( $args['table_query'] );
		$keys_to_validate = [ 'status', 'subscription_status', 'type', 'gateway' ];

		foreach ( $args as $key => $value ) {
			if ( empty( $value ) || ! in_array( $key, $allowed_cols, true ) ) {
				continue;
			}

			// Explode values if needed.
			$values = explode( '|', $value );

			// Run some keys through the "ValueValidator" class to make sure they are valid.
			if ( in_array( $key, $keys_to_validate, true ) ) {
				$values = array_filter(
					$values,
					static function ( $v ) use ( $key ) {

						return ValueValidator::is_valid( $v, $key );
					}
				);
			}

			// Skip if no valid values found.
			if ( empty( $values ) ) {
				continue;
			}

			// Merge "Partially Refunded" status with "Refunded" status.
			if ( $is_table_query && $key === 'status' && in_array( 'refunded', $values, true ) ) {
				$values[] = 'partrefund';
			}

			$placeholders = wpforms_wpdb_prepare_in( $values );

			// Prepare and add to WHERE clause.
			$where .= " AND {$key} IN ({$placeholders})";
		}

		return $where;
	}

	/**
	 * Construct secondary where clauses.
	 *
	 * @since 1.8.2
	 *
	 * @param array $args Query arguments.
	 *
	 * @return string
	 */
	public function add_secondary_where_conditions( $args = [] ) {

		global $wpdb;

		/**
		 * Filter arguments needed for all query.
		 *
		 * @since 1.8.2
		 *
		 * @param array $args Query arguments.
		 */
		$args = (array) apply_filters( 'wpforms_db_payments_payment_add_secondary_where_conditions_args', $args );
		$args = wp_parse_args(
			(array) $args,
			[
				'currency'     => wpforms_get_currency(),
				'mode'         => 'live',
				'is_published' => 1,
			]
		);

		$where = '';

		// If it's a valid mode, add it to a WHERE clause.
		if ( ValueValidator::is_valid( $args['mode'], 'mode' ) ) {
			$where .= $wpdb->prepare( ' AND mode = %s', $args['mode'] );
		}

		$where .= $wpdb->prepare( ' AND currency = %s', $args['currency'] );
		$where .= $wpdb->prepare( ' AND is_published = %d', $args['is_published'] );

		return $where;
	}

	/**
	 * Sanitize query arguments for get_payments() method.
	 *
	 * @since 1.8.2
	 *
	 * @param array $args Query arguments.
	 *
	 * @return array
	 */
	private function sanitize_get_payments_args( $args ) {

		$defaults = [
			'number'  => 20,
			'offset'  => 0,
			'orderby' => 'id',
			'order'   => 'DESC',
		];

		$args = wp_parse_args( (array) $args, $defaults );

		// Sanitize.
		$args['number'] = absint( $args['number'] );
		$args['offset'] = absint( $args['offset'] );

		if ( $args['number'] === 0 ) {
			$args['number'] = $defaults['number'];
		}

		return $args;
	}
}