From 13cf782522f26392319201369cbb643e32b142e1 Mon Sep 17 00:00:00 2001 From: "daan.rijpkema" Date: Sat, 2 Nov 2024 16:34:03 +0100 Subject: [PATCH] feat(1.3.23): remove parse_request hook everywhere --- bluem-idin.php | 9 - bluem-integrations.php | 16 - bluem-mandates-instant.php | 277 +++++++++--------- bluem-mandates-shortcode.php | 7 +- bluem.php | 79 ++++- gateways/Bluem_Bank_Based_Payment_Gateway.php | 3 - 6 files changed, 206 insertions(+), 185 deletions(-) diff --git a/bluem-idin.php b/bluem-idin.php index a0b61ba..3169953 100644 --- a/bluem-idin.php +++ b/bluem-idin.php @@ -915,16 +915,11 @@ function bluem_idin_shortcode_idin_execute(): void bluem_idin_execute(null, true, $goto); } -add_action('parse_request', 'bluem_idin_shortcode_callback'); /** * This function is executed at a callback GET request with a given mandateId. This is then, together with the entranceCode in user or Bluem session storage, sent for a SUD to the Bluem API. */ function bluem_idin_shortcode_callback(): void { - if (!str_contains(sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])), 'bluem-woocommerce/idin_shortcode_callback')) { - return; - } - $bluem_config = bluem_woocommerce_get_config(); // fallback until this is corrected in bluem-php @@ -1258,7 +1253,6 @@ function bluem_idin_shortcode_callback(): void exit; } -add_action('parse_request', 'bluem_idin_webhook'); /** * Identity webhook action * @@ -1266,9 +1260,6 @@ function bluem_idin_shortcode_callback(): void */ function bluem_idin_webhook(): void { - if (strpos(sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])), 'bluem-woocommerce/bluem_idin_webhook') === false) { - return; - } http_response_code(200); exit; } diff --git a/bluem-integrations.php b/bluem-integrations.php index d90c63e..39f8032 100644 --- a/bluem-integrations.php +++ b/bluem-integrations.php @@ -183,16 +183,11 @@ function bluem_woocommerce_integration_gform_javascript() * ContactForm 7 integration. * AJAX Form submissions. */ -add_action('parse_request', 'bluem_woocommerce_integration_wpcf7_ajax'); function bluem_woocommerce_integration_wpcf7_ajax() { $bluem_config = bluem_woocommerce_get_config(); - if (!isset($_SERVER['REQUEST_URI']) || strpos(sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])), 'bluem-woocommerce/bluem-integrations/wpcf7_mandate') === false) { - return; - } - $bluem_mandate_approve = !empty($_POST['bluem_mandate_approve']) ? sanitize_text_field(wp_unslash($_POST['bluem_mandate_approve'])) : ''; if ($bluem_config->wpcf7Active !== 'Y' || empty($bluem_mandate_approve)) { @@ -541,18 +536,12 @@ function bluem_woocommerce_integration_wpcf7_submit() * ContactForm 7 integration. * Callback for requests. */ -add_action('parse_request', 'bluem_woocommerce_integration_wpcf7_callback'); - function bluem_woocommerce_integration_wpcf7_callback() { $bluem_config = bluem_woocommerce_get_config(); $storage = bluem_db_get_storage(); - if (empty($_SERVER['REQUEST_URI']) || strpos(sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])), 'bluem-woocommerce/bluem-integrations/wpcf7_callback') === false) { - return; - } - if ($bluem_config->wpcf7Active !== 'Y') { return; } @@ -1025,7 +1014,6 @@ function bluem_woocommerce_integration_gform_submit($entry, $form) * Gravity Forms integration. * Callback after request */ -add_action('parse_request', 'bluem_woocommerce_integration_gform_callback'); function bluem_woocommerce_integration_gform_callback() { @@ -1033,10 +1021,6 @@ function bluem_woocommerce_integration_gform_callback() $storage = bluem_db_get_storage(); - if (strpos(sanitize_url(wp_unslash($_SERVER['REQUEST_URI'])), 'bluem-woocommerce/bluem-integrations/gform_callback') === false) { - return; - } - if ($bluem_config->gformActive !== 'Y') { return; } diff --git a/bluem-mandates-instant.php b/bluem-mandates-instant.php index dccc41c..7ab2bfc 100644 --- a/bluem-mandates-instant.php +++ b/bluem-mandates-instant.php @@ -6,155 +6,158 @@ use Bluem\BluemPHP\Bluem; -add_action( 'parse_request', 'bluem_mandates_instant_request' ); function bluem_mandates_instant_request(): void { - if ( empty( $_SERVER['REQUEST_URI'] ) || ! str_contains( sanitize_url( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'bluem-woocommerce/mandate_instant_request' ) ) { - return; - } - $bluem_config = bluem_woocommerce_get_config(); - $debtorReference = ! empty( $_GET['debtorreference'] ) ? sanitize_text_field( wp_unslash( $_GET['debtorreference'] ) ) : ''; - - if ( ! empty( $debtorReference ) ) { - $debtorReference = sanitize_text_field( $debtorReference ); - - $db_results = bluem_db_get_requests_by_keyvalues( - array( - 'debtor_reference' => $debtorReference, - 'status' => 'Success', - ) - ); - - // Check the sequence type or previous success results - if ( $bluem_config->sequenceType === 'OOFF' || sizeof( $db_results ) === 0 ) { - $bluem_config->merchantReturnURLBase = home_url( - 'bluem-woocommerce/mandates_instant_callback' - ); - - $preferences = get_option( 'bluem_woocommerce_options' ); - - // Convert UTF-8 to ISO - if ( ! empty( $bluem_config->eMandateReason ) ) { - $bluem_config->eMandateReason = mb_convert_encoding( $bluem_config->eMandateReason, 'ISO-8859-1', 'UTF-8' ); - } else { - $bluem_config->eMandateReason = esc_html__( 'Incasso machtiging ', 'bluem' ) . $debtorReference; - } - - $bluem = new Bluem( $bluem_config ); - - $mandate_id_counter = get_option( 'bluem_woocommerce_mandate_id_counter' ); - - if ( ! isset( $mandate_id_counter ) ) { - $mandate_id_counter = $preferences['mandate_id_counter']; - } - - $mandate_id = $mandate_id_counter + 1; - - update_option( 'bluem_woocommerce_mandate_id_counter', $mandate_id ); - - $request = $bluem->CreateMandateRequest( - $debtorReference, - $debtorReference, - $mandate_id - ); - - // Actually perform the request. - try { - $response = $bluem->PerformRequest( $request ); - - if ( ! isset( $response->EMandateTransactionResponse->TransactionURL ) ) { - $msg = esc_html__( - 'Er ging iets mis bij het aanmaken van de transactie.
- Vermeld onderstaande informatie aan het websitebeheer:', - 'bluem' - ); - - if ( isset( $response->EMandateTransactionResponse->Error->ErrorMessage ) ) { - $msg .= '
' . - $response->EMandateTransactionResponse->Error->ErrorMessage; - } elseif ( $response instanceof \Bluem\BluemPHP\ErrorBluemResponse ) { - $msg .= '
' . - $response->Error(); - } else { - $msg .= '
Algemene fout'; - } - bluem_error_report_email( - array( - 'service' => 'mandates', - 'function' => 'shortcode_execute', - 'message' => $msg, - ) - ); - bluem_dialogs_render_prompt( $msg ); - exit; - } - - $mandate_id = $response->EMandateTransactionResponse->MandateID . ''; - - // redirect cast to string, necessary for AJAX response handling - $transactionURL = ( $response->EMandateTransactionResponse->TransactionURL . '' ); - - bluem_db_insert_storage( - array( - 'bluem_mandate_transaction_id' => $mandate_id, - 'bluem_mandate_transaction_url' => $transactionURL, - 'bluem_mandate_entrance_code' => $request->entranceCode, - ) - ); - - $db_creation_result = bluem_db_create_request( - array( - 'entrance_code' => $request->entranceCode, - 'transaction_id' => $request->mandateID, - 'transaction_url' => $transactionURL, - 'user_id' => 0, - 'timestamp' => gmdate( 'Y-m-d H:i:s' ), - 'description' => 'Mandate request', - 'debtor_reference' => $debtorReference, - 'type' => 'mandates', - 'order_id' => '', - 'payload' => wp_json_encode( - array( - 'created_via' => 'instant_request', - 'environment' => $bluem->getConfig( 'environment' ), - 'created_mandate_id' => $mandate_id, - ) - ), - ) - ); - - if ( ob_get_length() !== false && ob_get_length() > 0 ) { - ob_clean(); - } - - ob_start(); - wp_redirect( $transactionURL ); - exit; - } catch ( \Exception $e ) { - - } - } else { - wp_redirect( $bluem_config->instantMandatesResponseURI . '?result=true' ); - exit; - } - } - exit; + $debtorReference = !empty( $_GET['debtorreference'] ) ? sanitize_text_field( wp_unslash( $_GET['debtorreference'] ) ) : ''; + // get from either casing for the key + if(empty($debtorReference)) { + $debtorReference = !empty( $_GET['debtorReference'] ) ? sanitize_text_field( wp_unslash( $_GET['debtorReference'] ) ) : ''; + } + + if ( empty( $debtorReference ) ) { + $errormessage = esc_html__( 'Fout: geen debtorReferentie opgegeven', 'bluem' ); + bluem_error_report_email( + array( + 'service' => 'mandates', + 'function' => 'shortcode_execute', + 'message' => $errormessage, + ) + ); + bluem_dialogs_render_prompt( $errormessage ); + exit; + } + + $debtorReference = sanitize_text_field( $debtorReference ); + + $db_results = bluem_db_get_requests_by_keyvalues( + array( + 'debtor_reference' => $debtorReference, + 'status' => 'Success', + ) + ); + + // Check the sequence type or previous success results + if ( $bluem_config->sequenceType === 'OOFF' || sizeof( $db_results ) === 0 ) { + $bluem_config->merchantReturnURLBase = home_url( + 'bluem-woocommerce/mandates_instant_callback' + ); + + $preferences = get_option( 'bluem_woocommerce_options' ); + + // Convert UTF-8 to ISO + if ( ! empty( $bluem_config->eMandateReason ) ) { + $bluem_config->eMandateReason = mb_convert_encoding( $bluem_config->eMandateReason, 'ISO-8859-1', 'UTF-8' ); + } else { + $bluem_config->eMandateReason = esc_html__( 'Incasso machtiging ', 'bluem' ) . $debtorReference; + } + + $bluem = new Bluem( $bluem_config ); + + $mandate_id_counter = get_option( 'bluem_woocommerce_mandate_id_counter' ); + + if ( ! isset( $mandate_id_counter ) ) { + $mandate_id_counter = $preferences['mandate_id_counter']; + } + + $mandate_id = $mandate_id_counter + 1; + + update_option( 'bluem_woocommerce_mandate_id_counter', $mandate_id ); + + $request = $bluem->CreateMandateRequest( + $debtorReference, + $debtorReference, + $mandate_id + ); + + // Actually perform the request. + try { + $response = $bluem->PerformRequest( $request ); + + if ( ! isset( $response->EMandateTransactionResponse->TransactionURL ) ) { + $msg = esc_html__( + 'Er ging iets mis bij het aanmaken van de transactie.
+ Vermeld onderstaande informatie aan het websitebeheer:', + 'bluem' + ); + + if ( isset( $response->EMandateTransactionResponse->Error->ErrorMessage ) ) { + $msg .= '
' . + $response->EMandateTransactionResponse->Error->ErrorMessage; + } elseif ( $response instanceof \Bluem\BluemPHP\ErrorBluemResponse ) { + $msg .= '
' . + $response->Error(); + } else { + $msg .= '
Algemene fout'; + } + bluem_error_report_email( + array( + 'service' => 'mandates', + 'function' => 'shortcode_execute', + 'message' => $msg, + ) + ); + bluem_dialogs_render_prompt( $msg ); + exit; + } + + $mandate_id = $response->EMandateTransactionResponse->MandateID . ''; + + // redirect cast to string, necessary for AJAX response handling + $transactionURL = ( $response->EMandateTransactionResponse->TransactionURL . '' ); + + bluem_db_insert_storage( + array( + 'bluem_mandate_transaction_id' => $mandate_id, + 'bluem_mandate_transaction_url' => $transactionURL, + 'bluem_mandate_entrance_code' => $request->entranceCode, + ) + ); + + $db_creation_result = bluem_db_create_request( + array( + 'entrance_code' => $request->entranceCode, + 'transaction_id' => $request->mandateID, + 'transaction_url' => $transactionURL, + 'user_id' => 0, + 'timestamp' => gmdate( 'Y-m-d H:i:s' ), + 'description' => 'Mandate request', + 'debtor_reference' => $debtorReference, + 'type' => 'mandates', + 'order_id' => '', + 'payload' => wp_json_encode( + array( + 'created_via' => 'instant_request', + 'environment' => $bluem->getConfig( 'environment' ), + 'created_mandate_id' => $mandate_id, + ) + ), + ) + ); + + if ( ob_get_length() !== false && ob_get_length() > 0 ) { + ob_clean(); + } + + ob_start(); + wp_redirect( $transactionURL ); + exit; + } catch ( \Exception $e ) { + + } + } else { + wp_redirect( $bluem_config->instantMandatesResponseURI . '?result=true' ); + exit; + } } -add_action( 'parse_request', 'bluem_mandates_instant_callback' ); - /** * This function is executed at a callback GET request with a given mandateId. This is then, together with the entranceCode in Cookie, sent for a SUD to the Bluem API. * * @return void */ function bluem_mandates_instant_callback() { - if ( empty( $_SERVER['REQUEST_URI'] ) || ( strpos( sanitize_url( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'bluem-woocommerce/mandates_instant_callback' ) === false ) ) { - return; - } - $bluem_config = bluem_woocommerce_get_config(); try { diff --git a/bluem-mandates-shortcode.php b/bluem-mandates-shortcode.php index 8cd7b74..c0bfcb7 100644 --- a/bluem-mandates-shortcode.php +++ b/bluem-mandates-shortcode.php @@ -262,17 +262,12 @@ function bluem_mandate_shortcode_execute(): void { exit; } -add_action( 'parse_request', 'bluem_mandate_mandate_shortcode_callback' ); /** * This function is executed at a callback GET request with a given mandateId. This is then, together with the entranceCode in Cookie, sent for a SUD to the Bluem API. * * @return void */ -function bluem_mandate_mandate_shortcode_callback(): void { - if ( strpos( sanitize_url( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 'bluem-woocommerce/mandate_shortcode_callback' ) === false ) { - return; - } - +function bluem_mandate_shortcode_callback(): void { global $current_user; $bluem_config = bluem_woocommerce_get_config(); diff --git a/bluem.php b/bluem.php index 88060f6..98291e5 100644 --- a/bluem.php +++ b/bluem.php @@ -146,7 +146,20 @@ function bluem_woocommerce_plugin_activate() // Rewrite rules: add_rewrite_rule('^bluem-woocommerce/idin_execute/?$', 'index.php?bluem_idin_shortcode_execute=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/idin_shortcode_callback/?$', 'index.php?bluem_idin_shortcode_callback=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/mandate_shortcode_execute/?$', 'index.php?bluem_mandate_shortcode_execute=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/mandate_shortcode_callback/?$', 'index.php?bluem_mandate_shortcode_callback=1', 'top'); + + add_rewrite_rule('^bluem-woocommerce/mandate_instant_request/?$', 'index.php?bluem_mandates_instant_request=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/mandates_instant_callback/?$', 'index.php?bluem_mandates_instant_callback=1', 'top'); + + add_rewrite_rule('^bluem-woocommerce/bluem_idin_webhook/?$', 'index.php?bluem_idin_webhook=1', 'top'); + + // Integrations + add_rewrite_rule('^bluem-woocommerce/bluem-integrations/wpcf7_mandate/?$', 'index.php?bluem_woocommerce_integration_wpcf7_ajax=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/bluem-integrations/wpcf7_callback/?$', 'index.php?bluem_woocommerce_integration_wpcf7_callback=1', 'top'); + add_rewrite_rule('^bluem-woocommerce/bluem-integrations/gform_callback/?$', 'index.php?bluem_woocommerce_integration_gform_callback=1', 'top'); // Flush the rules after adding them flush_rewrite_rules(); @@ -154,27 +167,65 @@ function bluem_woocommerce_plugin_activate() register_activation_hook(__FILE__, 'bluem_woocommerce_plugin_activate'); - - add_filter('query_vars', function ($vars) { - $vars[] = 'bluem_idin_shortcode_execute'; - $vars[] = 'bluem_mandate_shortcode_execute'; - return $vars; + $bluem_vars = [ + 'bluem_idin_shortcode_execute', + 'bluem_mandate_shortcode_execute', + 'bluem_mandates_instant_request', + 'bluem_idin_shortcode_callback', + 'bluem_mandate_shortcode_callback', + 'bluem_mandates_instant_callback', + 'bluem_idin_webhook', + 'bluem_woocommerce_integration_wpcf7_ajax', + 'bluem_woocommerce_integration_wpcf7_callback', + 'bluem_woocommerce_integration_gform_callback', + ]; + + return array_merge($vars, $bluem_vars); }); + + add_action('template_redirect', function () { - if (get_query_var('bluem_idin_shortcode_execute') == 1 && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') { - bluem_idin_shortcode_idin_execute(); + // POST requests + if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') { + + if (get_query_var('bluem_idin_shortcode_execute') == 1) { + bluem_idin_shortcode_idin_execute(); + } elseif (get_query_var('bluem_mandate_shortcode_execute') == 1) { + bluem_mandate_shortcode_execute(); + } return; } - elseif (get_query_var('bluem_mandate_shortcode_execute') == 1 && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') { - bluem_mandate_shortcode_execute(); - return; + + // GET requests + if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'GET') { + if (get_query_var('bluem_mandates_instant_request') == 1) { + bluem_mandates_instant_request(); + } elseif (get_query_var('bluem_mandates_instant_callback') == 1) { + bluem_mandates_instant_callback(); + } elseif (get_query_var('bluem_idin_shortcode_callback') == 1) { + bluem_idin_shortcode_callback(); + } elseif (get_query_var('bluem_mandate_shortcode_callback') == 1) { + bluem_mandate_shortcode_callback(); + } elseif (get_query_var('bluem_idin_webhook') == 1) { + bluem_idin_webhook(); + } + + if(get_query_var('bluem_woocommerce_integration_wpcf7_ajax') == 1) { + bluem_woocommerce_integration_wpcf7_ajax(); + } + if(get_query_var('bluem_woocommerce_integration_wpcf7_callback') == 1) { + bluem_woocommerce_integration_wpcf7_callback(); + } + if(get_query_var('bluem_woocommerce_integration_gform_callback') == 1) { + bluem_woocommerce_integration_gform_callback(); + } } }); - // Plug-in deactivation -function bluem_woocommerce_plugin_deactivate() { +function bluem_woocommerce_plugin_deactivate() +{ // Flush to remove custom rules added by us flush_rewrite_rules(); } @@ -1105,7 +1156,7 @@ function bluem_woocommerce_init(): void /** * Initialize session for public pages */ - if(!is_admin()) { + if (!is_admin()) { bluem_db_initialize_session_storage(); } } @@ -2119,7 +2170,7 @@ function bluem_admin_importexport() $options_json = wp_json_encode($options); } - $form_nonce = wp_create_nonce( 'bluem_importexport_nonce' ); + $form_nonce = wp_create_nonce('bluem_importexport_nonce'); // @todo: improve this by creating a renderer function and passing the renderdata // @todo: then generalise this to other parts of the plugin diff --git a/gateways/Bluem_Bank_Based_Payment_Gateway.php b/gateways/Bluem_Bank_Based_Payment_Gateway.php index d3766a7..84f2953 100644 --- a/gateways/Bluem_Bank_Based_Payment_Gateway.php +++ b/gateways/Bluem_Bank_Based_Payment_Gateway.php @@ -354,9 +354,6 @@ private function getOrder(string $transactionID) */ public function bluem_bank_payments_callback(): void { - - echo "Called bluem_bank_payments_callback"; - die(); if (!isset($_GET['entranceCode'])) { $errormessage = esc_html__("Fout: geen juiste entranceCode teruggekregen bij payment_callback. Neem contact op met de webshop en vermeld je contactgegevens.", 'bluem'); bluem_error_report_email(