Context Navigation

← Previous Changeset
Next Changeset →

Changeset 2783062

Timestamp:

09/12/2022 12:14:24 AM (4 years ago)

Author:

payadvantage

Message:

Publish 3.2.2

Location:

pay-advantage/trunk

Files:

: 7 edited

README.txt (modified) (2 diffs)
admin/options-ajax.php (modified) (2 diffs)
payadvantage.php (modified) (2 diffs)
public/ajax-payadvantage-creditcard.php (modified) (1 diff)
public/ajax-payadvantage-customer.php (modified) (1 diff)
public/ajax-payadvantage-woocommerce.php (modified) (1 diff)
public/js/common.js (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

pay-advantage/trunk/README.txt

-                      r2745606
+                      r2783062
 Tags: credit cards, payment gateway, online payments, e-commerce
 Requires at least: 5.2
 Tested up to: 6.0.0
+Tested up to: 6.0.2
 Stable tag: 3.2.1
 Requires PHP: 7.0
 …
 = 3.2.0 =
 * If you have 3.1, you must upgrade to this version to continue processing payments.
 * Bux fixes
+* Bug fixes
 * Security improvements
 * Increased supported Wordpress version to 5.9.1

pay-advantage/trunk/admin/options-ajax.php

-                      r2708855
+                      r2783062
  */
 function save_pay_advantage_settings_handler() {
+    check_ajax_referer( 'pay_advantage_nonce', 'security' );
+    try {
+        check_ajax_referer( 'pay_advantage_nonce', 'security' );
     if ( ! is_admin() ) {
         pay_advantage_write_error_to_response( 'Failed, user is not an admin.' );
         wp_die();
+    }
+        if ( ! is_admin() ) {
+            pay_advantage_write_error_to_response( 'Failed, user is not an admin.' );
+            wp_die();
+        }
     $require_mobile               = filter_var( $_POST['payadvantagerequiremobile'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $require_address              = filter_var( $_POST['payadvantagerequireaddress'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $show_credit_card             = filter_var( $_POST['payadvantageshowbcreditcard'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $oncharge_credit_card_fees    = filter_var( $_POST['payadvantageonchargecreditcardfees'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $wc_oncharge_credit_card_fees = filter_var( $_POST['payadvantagewconchargecreditcardfees'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $show_bpay                    = filter_var( $_POST['payadvantageshowbpay'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $description                  = sanitize_text_field( $_POST['payadvantagecarddescription'] );
     $anonymous_permission         = filter_var( $_POST['payadvantageanonymouspermission'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
     $register_credit_card_button  = sanitize_text_field( $_POST['payadvantagemakepaymentbutton'] );
     $wc_paid_status               = sanitize_text_field( $_POST['payadvantagewcpaidstatus'] );
     $wc_cancel_status             = sanitize_text_field( $_POST['payadvantagewccancelstatus'] );
+        $require_mobile               = filter_var( $_POST['payadvantagerequiremobile'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $require_address              = filter_var( $_POST['payadvantagerequireaddress'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $show_credit_card             = filter_var( $_POST['payadvantageshowbcreditcard'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $oncharge_credit_card_fees    = filter_var( $_POST['payadvantageonchargecreditcardfees'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $wc_oncharge_credit_card_fees = filter_var( $_POST['payadvantagewconchargecreditcardfees'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $show_bpay                    = filter_var( $_POST['payadvantageshowbpay'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $description                  = sanitize_text_field( $_POST['payadvantagecarddescription'] );
+        $anonymous_permission         = filter_var( $_POST['payadvantageanonymouspermission'], FILTER_VALIDATE_BOOLEAN ) ? 1 : 0;
+        $register_credit_card_button  = sanitize_text_field( $_POST['payadvantagemakepaymentbutton'] );
+        $wc_paid_status               = sanitize_text_field( $_POST['payadvantagewcpaidstatus'] );
+        $wc_cancel_status             = sanitize_text_field( $_POST['payadvantagewccancelstatus'] );
     update_option( 'pay_advantage_credit_card_description', $description );
     update_option( 'pay_advantage_show_widget_to_users_not_logged_in', $anonymous_permission );
     update_option( 'pay_advantage_require_mobile', $require_mobile );
     update_option( 'pay_advantage_require_address', $require_address );
     update_option( 'pay_advantage_show_credit_card', $show_credit_card );
     update_option( 'pay_advantage_oncharge_credit_card_fees', $oncharge_credit_card_fees );
     update_option( 'pay_advantage_wc_oncharge_credit_card_fees', $wc_oncharge_credit_card_fees );
     update_option( 'pay_advantage_show_bpay', $show_bpay );
     update_option( 'pay_advantage_make_payment_button', $register_credit_card_button );
     update_option( 'pay_advantage_wc_paid_status', $wc_paid_status );
     update_option( 'pay_advantage_wc_cancel_status', $wc_cancel_status );
+        update_option( 'pay_advantage_credit_card_description', $description );
+        update_option( 'pay_advantage_show_widget_to_users_not_logged_in', $anonymous_permission );
+        update_option( 'pay_advantage_require_mobile', $require_mobile );
+        update_option( 'pay_advantage_require_address', $require_address );
+        update_option( 'pay_advantage_show_credit_card', $show_credit_card );
+        update_option( 'pay_advantage_oncharge_credit_card_fees', $oncharge_credit_card_fees );
+        update_option( 'pay_advantage_wc_oncharge_credit_card_fees', $wc_oncharge_credit_card_fees );
+        update_option( 'pay_advantage_show_bpay', $show_bpay );
+        update_option( 'pay_advantage_make_payment_button', $register_credit_card_button );
+        update_option( 'pay_advantage_wc_paid_status', $wc_paid_status );
+        update_option( 'pay_advantage_wc_cancel_status', $wc_cancel_status );
+    pay_advantage_send_response( array() );
+    wp_die();
+        pay_advantage_send_response( array() );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
+        wp_die();
+    }
+}
 …
 add_action( 'wp_ajax_pay_advantage_connect_action', 'pay_advantage_connect_handler' );
 function pay_advantage_connect_handler() {
+    if ( ! is_admin() ) {
+        pay_advantage_write_error_to_response( 'Not authorised.' );
+        wp_die();
+    }
+    try {
+        if ( ! is_admin() ) {
+            pay_advantage_write_error_to_response( 'Not authorised.' );
+            wp_die();
+        }
     $env = sanitize_text_field( $_POST['payadvantageenv'] );
     update_option( 'pay_advantage_env', $env );
     update_option( 'pay_advantage_url', $env == "live" ? PAYADV_API_URL_LIVE : PAYADV_API_URL_SANDBOX );
+        $env = sanitize_text_field( $_POST['payadvantageenv'] );
+        update_option( 'pay_advantage_env', $env );
+        update_option( 'pay_advantage_url', $env == "live" ? PAYADV_API_URL_LIVE : PAYADV_API_URL_SANDBOX );
     // Use a specific instance for the connection. This allows the user to manage various installations of the plugin.
     $instance_id = get_option( 'pay_advantage_instance_id' );
+        // Use a specific instance for the connection. This allows the user to manage various installations of the plugin.
+        $instance_id = get_option( 'pay_advantage_instance_id' );
     // create a nonce state and append. Pick up nonce and compare on registration callback.
     $nonce = wp_create_nonce( 'pay_advantage_connect_nonce' );
+        // create a nonce state and append. Pick up nonce and compare on registration callback.
+        $nonce = wp_create_nonce( 'pay_advantage_connect_nonce' );
     $client_id      = 'D69CB714EC1E4B9781C48D9B980FBD36';
     $code_verifier  = pay_advantage_create_code_code_verifier();
     $code_challenge = base64_encode( hash( 'sha256', $code_verifier, true ) );
     update_option( 'pay_advantage_app_client_id', $client_id );
     update_option( 'pay_advantage_app_code_verifier', $code_verifier );
+        $client_id      = 'D69CB714EC1E4B9781C48D9B980FBD36';
+        $code_verifier  = pay_advantage_create_code_code_verifier();
+        $code_challenge = base64_encode( hash( 'sha256', $code_verifier, true ) );
+        update_option( 'pay_advantage_app_client_id', $client_id );
+        update_option( 'pay_advantage_app_code_verifier', $code_verifier );
     global $wp;
     $redirect_uri = get_site_url() . '/wp-admin/options-general.php?page=PayAdvantage';
+        global $wp;
+        $redirect_uri = get_site_url() . '/wp-admin/options-general.php?page=PayAdvantage';
+    // redirect.
+    pay_advantage_send_response( array(
+        'RedirectTo' => (
+            $env == "live" ? PAYADV_REGISTRATION_URL_LIVE : PAYADV_REGISTRATION_URL_SANDBOX ) .
+            "?client_id=" . urlencode( $client_id ) .
+            "&code_challenge=" . urlencode( $code_challenge ) .
+            "&code_challenge_method=S256" .
+            "&state=" . urlencode( $nonce ) .
+            "&redirect_uri=" . urlencode( $redirect_uri ) .
+            "&response_type=code" .
+            "&response_mode=query" .
+            "&instance_id=" . urlencode( $instance_id ) .
+            "&instance_name=" . rawurlencode( get_bloginfo( 'name' ) )
+    ) );
+    wp_die();
+        // redirect.
+        pay_advantage_send_response( array(
+            'RedirectTo' => (
+                $env == "live" ? PAYADV_REGISTRATION_URL_LIVE : PAYADV_REGISTRATION_URL_SANDBOX ) .
+                "?client_id=" . urlencode( $client_id ) .
+                "&code_challenge=" . urlencode( $code_challenge ) .
+                "&code_challenge_method=S256" .
+                "&state=" . urlencode( $nonce ) .
+                "&redirect_uri=" . urlencode( $redirect_uri ) .
+                "&response_type=code" .
+                "&response_mode=query" .
+                "&instance_id=" . urlencode( $instance_id ) .
+                "&instance_name=" . rawurlencode( get_bloginfo( 'name' ) )
+        ) );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
+        wp_die();
+    }
+}
 add_action( 'wp_ajax_pay_advantage_disconnect_action', 'pay_advantage_disconnect_handler' );
 function pay_advantage_disconnect_handler() {
+    if ( ! is_admin() ) {
+        pay_advantage_write_error_to_response( 'Not authorised.' );
+        wp_die();
+    }
+    try {
+        if ( ! is_admin() ) {
+            pay_advantage_write_error_to_response( 'Not authorised.' );
+            wp_die();
+        }
+    pay_advantage_send_response( ( new Pay_Advantage_Api() )->delete_refresh_token() );
+    wp_die();
+        pay_advantage_send_response( ( new Pay_Advantage_Api() )->delete_refresh_token() );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
+        wp_die();
+    }
+}
 ?>

pay-advantage/trunk/payadvantage.php

-                      r2745605
+                      r2783062
  * Text Domain:       PayAdvantage
  * Domain Path:       /languages
  * WC tested up to: 6.5.1
+ * WC tested up to: 6.8.2
  * WC requires at least: 3.7
  */
 …
  * Current plugin version.
  */
 define( 'PayAdvantagePluginVersion', '3.2.1' );
+define( 'PayAdvantagePluginVersion', '3.2.2' );
 include( plugin_dir_path( __FILE__ ) . '/includes/payadvantage-files.php' );

pay-advantage/trunk/public/ajax-payadvantage-creditcard.php

-                      r2721266
+                      r2783062
 //Extracts the data from the widget api call and sends it to pay advantage.
 function pay_advantage_credit_card_handler() {
+    $pay_advantage_api = new Pay_Advantage_Api();
+    try {
+        $pay_advantage_api = new Pay_Advantage_Api();
     check_ajax_referer( 'pay_advantage_nonce', 'security' );
+        check_ajax_referer( 'pay_advantage_nonce', 'security' );
+    if ( current_user_can( 'read' ) == 0 && get_option( 'pay_advantage_show_widget_to_users_not_logged_in' ) == "0" ) {
+        pay_advantage_write_error_to_response( 'Please login to use this service.' );
+        if ( current_user_can( 'read' ) == 0 && get_option( 'pay_advantage_show_widget_to_users_not_logged_in' ) == "0" ) {
+            pay_advantage_write_error_to_response( 'Please login to use this service.' );
+            wp_die();
+        }
+        if ( ! get_option( 'pay_advantage_refresh_token' ) ) {
+            pay_advantage_write_error_to_response( 'Not connected to Pay Advantage.' );
+            wp_die();
+        }
+        if ( ! get_option( 'pay_advantage_verified' ) ) {
+            pay_advantage_write_error_to_response( 'Your business has not been verified. Please complete your pending verification(s).' );
+            wp_die();
+        }
+        $payment_amount            = sanitize_text_field( $_POST['paymentamount'] );
+        $payment_description       = sanitize_text_field( $_POST['paymentdescription'] );
+        $customer_code             = sanitize_text_field( $_POST['customercode'] );
+        $oncharge_credit_card_fees = get_option( 'pay_advantage_oncharge_credit_card_fees' );
+        $validation_messages = array();
+        if ( empty( $payment_amount ) ) {
+            array_push( $validation_messages, 'Amount is required.' );
+        } else if ( $payment_amount < 1 || $payment_amount > 99999.00 ) {
+            array_push( $validation_messages, 'Enter an amount between $1.00 and $99,999.00.' );
+        }
+        if ( empty( $payment_description ) ) {
+            array_push( $validation_messages, 'Description is required.' );
+        }
+        if ( empty( $customer_code ) ) {
+            array_push( $validation_messages, 'Customer is required.' );
+        }
+        if ( count( $validation_messages ) > 0 ) {
+            pay_advantage_write_error_to_response( $validation_messages );
+            wp_die();
+        }
+        $onchargedFees = 0;
+        if ( $oncharge_credit_card_fees ) {
+            $onchargedFeesResult = $pay_advantage_api->calculate_oncharge_fees( $payment_amount );
+            if ( isset( $onchargedFeesResult['Status'] ) && $onchargedFeesResult['Status'] != 200 ) {
+                pay_advantage_write_error_to_response( 'Failed to calculate the fees.' );
+                wp_die();
+            }
+            $onchargedFees = round( $onchargedFeesResult['AttemptFee'] + $onchargedFeesResult['AttemptFeeGST'] + $onchargedFeesResult['MSF'] + $onchargedFeesResult['MSFGST'], 2 );
+        }
+        $iframe_url_response = $pay_advantage_api->get_cc_iframe_url( $customer_code, $payment_amount, $payment_description, null, $onchargedFees );
+        if ( isset( $iframe_url_response['Status'] ) && $iframe_url_response['Status'] != 200 ) {
+            pay_advantage_write_error_to_response( 'Failed to prepare the payment.' );
+            wp_die();
+        }
+        pay_advantage_send_response( array(
+            "IFrameUrl"            => $iframe_url_response['IFrameUrl'],
+            "ExpectedOnchargedFee" => $onchargedFees
+        ) );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
         wp_die();
+    }
-    if ( ! get_option( 'pay_advantage_refresh_token' ) ) {
-        pay_advantage_write_error_to_response( 'Not connected to Pay Advantage.' );
-        wp_die();
+    }
-    if ( ! get_option( 'pay_advantage_verified' ) ) {
-        pay_advantage_write_error_to_response( 'Your business has not been verified. Please complete your pending verification(s).' );
-        wp_die();
+    }
-    $payment_amount            = sanitize_text_field( $_POST['paymentamount'] );
-    $payment_description       = sanitize_text_field( $_POST['paymentdescription'] );
-    $customer_code             = sanitize_text_field( $_POST['customercode'] );
-    $oncharge_credit_card_fees = get_option( 'pay_advantage_oncharge_credit_card_fees' );
-    $validation_messages = array();
-    if ( empty( $payment_amount ) ) {
-        array_push( $validation_messages, 'Amount is required.' );
-    } else if ( $payment_amount < 1 || $payment_amount > 99999.00 ) {
-        array_push( $validation_messages, 'Enter an amount between $1.00 and $99,999.00.' );
+    }
-    if ( empty( $payment_description ) ) {
-        array_push( $validation_messages, 'Description is required.' );
+    }
-    if ( empty( $customer_code ) ) {
-        array_push( $validation_messages, 'Customer is required.' );
+    }
-    if ( count( $validation_messages ) > 0 ) {
-        pay_advantage_write_error_to_response( $validation_messages );
-        wp_die();
+    }
-    $onchargedFees = 0;
-    if ($oncharge_credit_card_fees) {
-        $onchargedFeesResult = $pay_advantage_api->calculate_oncharge_fees($payment_amount);
-        if (isset($onchargedFeesResult['Status']) && $onchargedFeesResult['Status'] != 200) {
-            pay_advantage_write_error_to_response('Failed to calculate the fees.');
-            wp_die();
+        }
-        $onchargedFees = round( $onchargedFeesResult['AttemptFee'] + $onchargedFeesResult['AttemptFeeGST'] + $onchargedFeesResult['MSF'] + $onchargedFeesResult['MSFGST'], 2);
+    }
-    $iframe_url_response = $pay_advantage_api->get_cc_iframe_url( $customer_code, $payment_amount, $payment_description, null, $onchargedFees );
-    if ( isset( $iframe_url_response['Status'] ) && $iframe_url_response['Status'] != 200 ) {
-        pay_advantage_write_error_to_response( 'Failed to prepare the payment.' );
-        wp_die();
+    }
-    pay_advantage_send_response( array(
-        "IFrameUrl" => $iframe_url_response['IFrameUrl'],
-        "ExpectedOnchargedFee" => $onchargedFees
-    ) );
-    wp_die();
+}

pay-advantage/trunk/public/ajax-payadvantage-customer.php

-                      r2721266
+                      r2783062
  */
 function pay_advantage_create_customer_handler() {
+    check_ajax_referer( 'pay_advantage_nonce', 'security' );
+    try {
+        check_ajax_referer( 'pay_advantage_nonce', 'security' );
+    if ( ! get_option( 'pay_advantage_refresh_token' ) ) {
+        pay_advantage_write_error_to_response( 'Not connected to Pay Advantage.' );
+        if ( ! get_option( 'pay_advantage_refresh_token' ) ) {
+            pay_advantage_write_error_to_response( 'Not connected to Pay Advantage.' );
+            wp_die();
+        }
+        if ( ! get_option( 'pay_advantage_verified' ) ) {
+            pay_advantage_write_error_to_response( 'Your business has not been verified. Please complete your pending verification(s).' );
+            wp_die();
+        }
+        $validator         = new Pay_Advantage_Validator();
+        $pay_advantage_api = new Pay_Advantage_Api();
+        $create_bpay = isset( $_POST['payadvantagecreatebpay'] ) ? $_POST['payadvantagecreatebpay'] === 'true' : 0;
+        $customer_data = Pay_Advantage_Data_Mapper::get_customer_data_from_post();
+        $validation_messages = $validator->validate_customer_register( $customer_data, $create_bpay );
+        if ( count( $validation_messages ) > 0 ) {
+            pay_advantage_write_error_to_response( $validation_messages );
+            wp_die();
+        }
+        pay_advantage_send_response( $pay_advantage_api->create_customer( $customer_data, $create_bpay ) );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
         wp_die();
+    }
-    if ( ! get_option( 'pay_advantage_verified' ) ) {
-        pay_advantage_write_error_to_response( 'Your business has not been verified. Please complete your pending verification(s).' );
-        wp_die();
+    }
-    $validator         = new Pay_Advantage_Validator();
-    $pay_advantage_api = new Pay_Advantage_Api();
-    $create_bpay = isset( $_POST['payadvantagecreatebpay'] ) ? $_POST['payadvantagecreatebpay'] === 'true' : 0;
-    $customer_data = Pay_Advantage_Data_Mapper::get_customer_data_from_post();
-    $validation_messages = $validator->validate_customer_register( $customer_data, $create_bpay );
-    if ( count( $validation_messages ) > 0 ) {
-        pay_advantage_write_error_to_response( $validation_messages );
-        wp_die();
+    }
-    pay_advantage_send_response( $pay_advantage_api->create_customer( $customer_data, $create_bpay ) );
-    wp_die();
+}
 ?>

pay-advantage/trunk/public/ajax-payadvantage-woocommerce.php

-                      r2708855
+                      r2783062
 function pay_advantage_mark_order_as_paid_handler() {
+    check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
+    try {
+        check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
+    $order_id = sanitize_text_field( $_POST['orderid'] );
+    if ( empty( $order_id ) ) {
+        pay_advantage_write_error_to_response( 'Invalid order id.' );
+        $order_id = sanitize_text_field( $_POST['orderid'] );
+        if ( empty( $order_id ) ) {
+            pay_advantage_write_error_to_response( 'Invalid order id.' );
+            wp_die();
+        }
+        $payment_code = sanitize_text_field( $_POST['paymentcode'] );
+        if ( empty( $payment_code ) ) {
+            pay_advantage_write_error_to_response( 'Invalid payment code.' );
+            wp_die();
+        }
+        $order = new WC_Order( $order_id );
+        // The order id being completed needs to be verified against the payment to ensure the correct order is completed. If this is not the case then the merchant must investigate as it is possibly due to tampering.
+        $pay_advantage_api = new Pay_Advantage_Api();
+        $receipt           = $pay_advantage_api->get_payment( $payment_code );
+        if ( ! isset( $receipt['ExternalID'] ) || $receipt['ExternalID'] != 'wc-' . $order_id ) {
+            pay_advantage_write_error_to_response( 'Payment was not for this order.' );
+            wp_die();
+        }
+        $paid_status = get_option( 'pay_advantage_wc_paid_status' );
+        if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
+            pay_advantage_write_error_to_response( 'Failed to record the order as ' . $paid_status . '. Order does not have a status of pending or failed.' );
+            wp_die();
+        }
+        $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', $paid_status, $order ), __( 'Payment received.', 'woocommerce' ) );
+        WC()->cart->empty_cart();
+        pay_advantage_send_response( array(
+            'result'   => 'success',
+            'redirect' => apply_filters( 'woocommerce_get_return_url', $order->get_checkout_order_received_url(), $order )
+        ) );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
         wp_die();
+    }
-    $payment_code = sanitize_text_field( $_POST['paymentcode'] );
-    if ( empty( $payment_code ) ) {
-        pay_advantage_write_error_to_response( 'Invalid payment code.' );
-        wp_die();
+    }
-    try {
-        $order = new WC_Order($order_id);
-    } catch ( Exception $e ) {
-        pay_advantage_write_error_to_response( $e->getMessage() );
-        wp_die();
+    }
-    // The order id being completed needs to be verified against the payment to ensure the correct order is completed. If this is not the case then the merchant must investigate as it is possibly due to tampering.
-    $pay_advantage_api = new Pay_Advantage_Api();
-    $receipt           = $pay_advantage_api->get_payment( $payment_code );
-    if ( ! isset( $receipt['ExternalID'] ) || $receipt['ExternalID'] != 'wc-' . $order_id ) {
-        pay_advantage_write_error_to_response( 'Payment was not for this order.' );
-        wp_die();
+    }
-    $paid_status = get_option( 'pay_advantage_wc_paid_status' );
-    if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
-        pay_advantage_write_error_to_response( 'Failed to record the order as ' . $paid_status . '. Order does not have a status of pending or failed.' );
-        wp_die();
+    }
-    $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', $paid_status, $order ), __( 'Payment received.', 'woocommerce' ) );
-    WC()->cart->empty_cart();
-    pay_advantage_send_response( array(
-        'result'   => 'success',
-        'redirect' => apply_filters( 'woocommerce_get_return_url', $order->get_checkout_order_received_url(), $order )
-    ) );
-    wp_die();
+}
 function pay_advantage_mark_order_as_cancelled_handler() {
+    check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
+    try {
+        check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
     $order_id = sanitize_text_field( $_POST['orderid'] );
     if ( empty( $order_id ) ) {
         pay_advantage_write_error_to_response( 'Invalid order id.' );
         wp_die();
+    }
+        $order_id = sanitize_text_field( $_POST['orderid'] );
+        if ( empty( $order_id ) ) {
+            pay_advantage_write_error_to_response( 'Invalid order id.' );
+            wp_die();
+        }
+    try {
+        $order = new WC_Order($order_id);
+    } catch ( Exception $e ) {
+        pay_advantage_write_error_to_response( $e->getMessage() );
+        wp_die();
+    }
+        $order = new WC_Order( $order_id );
     $cancel_status = get_option( 'pay_advantage_wc_cancel_status' );
+        $cancel_status = get_option( 'pay_advantage_wc_cancel_status' );
     if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
         pay_advantage_write_error_to_response( 'Failed to record the order as ' . $cancel_status . '. Order does not have a status of pending or failed.' );
         wp_die();
+    }
+        if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
+            pay_advantage_write_error_to_response( 'Failed to record the order as ' . $cancel_status . '. Order does not have a status of pending or failed.' );
+            wp_die();
+        }
     $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', $cancel_status, $order ), __( 'Payment cancelled.', 'woocommerce' ) );
+        $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', $cancel_status, $order ), __( 'Payment cancelled.', 'woocommerce' ) );
+    pay_advantage_send_response( array(
+        'result'   => 'success'
+    ) );
+    wp_die();
+        pay_advantage_send_response( array(
+            'result' => 'success'
+        ) );
+        wp_die();
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
+        pay_advantage_write_error_to_response( $e->getMessage() );
+        wp_die();
+    }
+}
 function pay_advantage_mark_order_as_failed_handler() {
+    check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
+    try {
+        check_ajax_referer( 'pay_advantage_paid_nonce', 'security' );
+    $order_id = sanitize_text_field( $_POST['orderid'] );
+    if ( empty( $order_id ) ) {
+        pay_advantage_write_error_to_response( 'Invalid order id.' );
+        $order_id = sanitize_text_field( $_POST['orderid'] );
+        if ( empty( $order_id ) ) {
+            pay_advantage_write_error_to_response( 'Invalid order id.' );
+            wp_die();
+        }
+        $order = new WC_Order($order_id);
+        if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
+            pay_advantage_write_error_to_response( 'Failed to record the order as failed. Order does not have a status of pending or failed.' );
+            wp_die();
+        }
+        $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', 'failed', $order ), __( 'Payment failed.', 'woocommerce' ) );
+        pay_advantage_send_response( array(
+            'result'   => 'success'
+        ) );
         wp_die();
+    }
+    try {
+        $order = new WC_Order($order_id);
+    } catch ( Exception $e ) {
+    } catch (Exception $e) {
+        Pay_Advantage_Api_Error_Handler::log_error( $e->getMessage() . ' ' . $e->getTraceAsString() );
         pay_advantage_write_error_to_response( $e->getMessage() );
         wp_die();
+    }
-    if ( $order->get_status() != 'pending' && $order->get_status() != 'failed' ) {
-        pay_advantage_write_error_to_response( 'Failed to record the order as failed. Order does not have a status of pending or failed.' );
-        wp_die();
+    }
-    $order->update_status( apply_filters( 'woocommerce_pay_advantage_process_payment_order_status', 'failed', $order ), __( 'Payment failed.', 'woocommerce' ) );
-    pay_advantage_send_response( array(
-        'result'   => 'success'
-    ) );
-    wp_die();
+}

pay-advantage/trunk/public/js/common.js

-                      r2708315
+                      r2783062
                 error: function (response) {
                     console.log(response);
+                    reject(response);
+                    if (response.message) {
+                        reject(response);
+                    } else if (response.responseText) {
+                        reject(new Error(response.responseText));
+                    } else {
+                        reject(new Error('An unexpected error occurred. Check the browsers console log for more information.'));
+                    }
+                }
             });

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: