Changeset 2707831
- Timestamp:
- 04/11/2022 07:22:28 AM (4 years ago)
- Location:
- valuepay-for-givewp/trunk
- Files:
-
- 3 edited
-
includes/abstracts/abstract-valuepay-givewp-client.php (modified) (2 diffs)
-
readme.txt (modified) (2 diffs)
-
valuepay-givewp.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
valuepay-for-givewp/trunk/includes/abstracts/abstract-valuepay-givewp-client.php
r2705438 r2707831 95 95 96 96 if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) { 97 $ data= file_get_contents( 'php://input' );98 $ data = json_decode( $data, true );97 $response = file_get_contents( 'php://input' ); 98 $response = json_decode( $response, true ); 99 99 } else { 100 $data = $_REQUEST; 101 } 102 103 $data = is_array( $data ) ? $this->sanitize_array( $data ) : null; 104 105 if ( !$data ) { 106 return false; 107 } 108 109 if ( !$formatted_data = $this->get_valid_ipn_response( $data ) ) { 110 return false; 111 } 112 113 return $formatted_data; 114 115 } 116 117 // Sanitize IPN response data 118 private function sanitize_array( array $data ) { 119 120 $results = array(); 121 122 foreach ( $data as $key => $value ) { 123 if ( is_array( $value ) ) { 124 $results[ $key ] = $this->sanitize_array( $value ); 125 } else { 126 $results[ $key ] = sanitize_text_field( $value ); 127 } 128 } 129 130 return $results; 100 $response = $_REQUEST; 101 } 102 103 if ( !$response ) { 104 return false; 105 } 106 107 if ( !$formatted_response = $this->get_valid_ipn_response( $response ) ) { 108 return false; 109 } 110 111 return $formatted_response; 131 112 132 113 } 133 114 134 115 // Format IPN response data to only get accepted parameters 135 private function get_valid_ipn_response( array $ data) {116 private function get_valid_ipn_response( array $response ) { 136 117 137 118 if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) { … … 145 126 foreach ( $params as $param ) { 146 127 // Return false if required parameters is not passed to the URL 147 if ( !isset( $ data[ $param ] ) ) {128 if ( !isset( $response[ $param ] ) ) { 148 129 return false; 149 130 } 150 131 151 if ( is_array( $data[ $param ] ) ) { 152 $allowed_params[ $param ] = array_map( 'trim', $data[ $param ] ); 132 if ( is_array( $response[ $param ] ) ) { 133 $allowed_params[ $param ] = array_map( function( $value ) { 134 return trim( sanitize_text_field( $value ) ); 135 }, $response[ $param ] ); 153 136 } else { 154 $allowed_params[ $param ] = trim( $data[ $param ]);137 $allowed_params[ $param ] = trim( sanitize_text_field( $response[ $param ] ) ); 155 138 } 156 139 } -
valuepay-for-givewp/trunk/readme.txt
r2705438 r2707831 3 3 Tags: valuepay, givewp, dontation, payment 4 4 Requires at least: 4.6 5 Tested up to: 5.9. 16 Stable tag: 1.0. 35 Tested up to: 5.9.2 6 Stable tag: 1.0.4 7 7 Requires PHP: 7.0 8 8 License: GPLv2 or later … … 29 29 == Changelog == 30 30 31 = 1.0.4 - 2022-04-10 = 32 - Modified: Improve instant payment notification response data sanitization 33 31 34 = 1.0.3 - 2022-03-09 = 32 35 - Modified: Minor improvements -
valuepay-for-givewp/trunk/valuepay-givewp.php
r2705438 r2707831 3 3 * Plugin Name: ValuePay for GiveWP 4 4 * Description: Accept payment on GiveWP using ValuePay. 5 * Version: 1.0. 35 * Version: 1.0.4 6 6 * Requires at least: 4.6 7 7 * Requires PHP: 7.0 … … 20 20 define( 'VALUEPAY_GIVEWP_PATH', plugin_dir_path( VALUEPAY_GIVEWP_FILE ) ); 21 21 define( 'VALUEPAY_GIVEWP_BASENAME', plugin_basename( VALUEPAY_GIVEWP_FILE ) ); 22 define( 'VALUEPAY_GIVEWP_VERSION', '1.0. 3' );22 define( 'VALUEPAY_GIVEWP_VERSION', '1.0.4' ); 23 23 24 24 // Plugin core class
Note: See TracChangeset
for help on using the changeset viewer.