Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3399128

Timestamp:

11/19/2025 04:35:24 PM (4 months ago)

Author:

peachpay

Message:

1.118.5

Location:

peachpay-for-woocommerce

Files:

: 918 added
: 9 edited

Legend:

: Unmodified
: Added
: Removed

peachpay-for-woocommerce/trunk/changelog.txt

r3395317	r3399128
1	1	* PeachPay for WooCommerce Changelog *
	2
	3	2025-11-19 - version 1.118.5
	4	* CPay/BTCPay payment initialization fix
2	5
3	6	2025-11-13 - version 1.118.4

peachpay-for-woocommerce/trunk/core/payments/convesiopay/assets/js/convesiopay-unified-blocks.js

-                      r3395317
+                      r3399128
     // Get active payment methods from settings
     const activeMethods = settings.active_methods || [];
+    // Helper: determine if BTCPay/crypto is enabled according to the
+    // unified gateway configuration. This is the client-side source of
+    // truth for deciding whether any BTCPay sessions/intents should be
+    // created.
+    //
+    // STRICT CHECK: Only returns true if 'crypto' is explicitly in active_methods,
+    // which should only happen when the BTC Pay gateway is enabled in WooCommerce.
+    const isBtcpayEnabled = () => {
+        // Only return true if 'crypto' is explicitly in the array
+        // This ensures BTC Pay is only enabled when the gateway is actually enabled
+        const isEnabled = activeMethods.includes('crypto') || activeMethods.includes('btcpay');
+        // Additional safety: if active_methods is empty or doesn't include crypto, BTC Pay is disabled
+        if (activeMethods.length === 0) {
+            return false;
+        }
+        return isEnabled;
+    };
     // Global state management
 …
      */
     const setupBTCPayMessageListener = () => {
+        // If BTCPay is disabled, do not attach any listeners.
+        if (!isBtcpayEnabled()) {
+            return;
+        }
         window.addEventListener('message', (event) => {
             // Verify the origin is from BTCPay
 …
+            }
+            // Step 6: Create BTCPay session and intent if it was previously active
+            if (hadBtcPaySession) {
+            // Step 6: Create BTCPay session and intent if it was previously active (only if BTC Pay is enabled)
+            // GUARD: Only create BTC Pay session and intent if BTC Pay is enabled
+            if (hadBtcPaySession && isBtcpayEnabled()) {
                 try {
                     // Create new BTCPay session with updated amount
                     const sessionResult = await createBTCPaySession();
+                    if (sessionResult.success && sessionResult.session) {
+                    // Only proceed if session creation was successful
+                    // If disabled or failed, continue without BTC Pay session
+                    if (sessionResult.success && sessionResult.session && !sessionResult.disabled) {
                         // Update the global session variable
                         btcPaySession = sessionResult.session;
 …
                         // Re-setup the message listener
                         setupBTCPayMessageListener();
+                    } else if (sessionResult.disabled) {
+                        // BTC Pay is disabled - continue without BTC Pay session
+                        // Component will work with Card and Apple Pay only
+                    } else {
+                        // Session creation failed but BTC Pay should be enabled
+                        // Log error but continue - component will work without BTC Pay
+                        console.warn('[ConvesioPay Blocks] BTCPay session creation failed during amount update:', sessionResult.message);
+                    }
                 } catch (btcPayError) {
+                    // BTCPay session/intent recreation failed
+                }
+                    // Silently fail if BTC Pay intent creation fails when BTC Pay is disabled
+                    // Only log error if BTC Pay should be enabled
+                    if (isBtcpayEnabled()) {
+                        console.warn('[ConvesioPay Blocks] BTCPay session/intent recreation failed:', btcPayError);
+                    }
+                }
+            } else if (hadBtcPaySession && !isBtcpayEnabled()) {
+                // BTC Pay was previously active but is now disabled - skip session/intent creation
+            }
 …
     /**
      * Create BTCPay session via AJAX call
+     *
+     * STRICT GUARD: Returns early with success:false (not an error) when disabled
+     * to prevent any error messages from being shown.
      */
     const createBTCPaySession = async () => {
+        // STRICT CHECK: Do not create BTCPay sessions when the method is disabled in
+        // PeachPay/WooCommerce settings. This prevents unnecessary
+        // ConvesioPay API calls and avoids leaking BTCPay behaviour
+        // into sites that have explicitly disabled crypto.
+        if (!isBtcpayEnabled()) {
+            // Return success:false with a message indicating it's disabled
+            // This is NOT an error - it's expected behavior when disabled
+            return { success: false, message: 'BTCPay payment method is disabled', disabled: true };
+        }
+        // If session already created and exists, return it
         if (isSessionCreated && btcPaySession) {
             return { success: true, session: btcPaySession };
 …
             if (!sessionResponse.success || !sessionResponse.data?.session) {
+                throw new Error(sessionResponse.message || 'Failed to create BTCPay session');
+                // Extract message from WordPress AJAX response structure
+                // WordPress error responses have message in data.message or directly in message
+                const errorMessage = sessionResponse.data?.message || sessionResponse.message || 'Failed to create BTCPay session';
+                // Check if the error is because BTC Pay is disabled
+                const isDisabled = errorMessage.toLowerCase().includes('disabled') ||
+                                 errorMessage.toLowerCase().includes('btcpay payment method is disabled');
+                // Return with disabled flag so error won't be shown
+                return {
+                    success: false,
+                    message: errorMessage,
+                    disabled: isDisabled
+                };
+            }
 …
         } catch (error) {
+            return { success: false, message: error.message };
+            // On error, check if BTC Pay is still enabled before reporting error
+            // If disabled, this is expected behavior
+            const isDisabled = !isBtcpayEnabled();
+            return {
+                success: false,
+                message: error.message,
+                disabled: isDisabled
+            };
+        }
     };
 …
                 } else if (event.type === 'btcpay') {
                     // Handle BTCPay payments directly when event.type is btcpay
+                    handleBTCPayPayment(event);
+                    // GUARD: Only handle BTC Pay events if BTC Pay is enabled
+                    if (isBtcpayEnabled()) {
+                        handleBTCPayPayment(event);
+                    } else {
+                        // BTC Pay is disabled - ignore BTC Pay events
+                        console.warn('[ConvesioPay Blocks] Received BTC Pay event but BTC Pay is disabled');
+                    }
                 } else if (event.type === 'applepay') {
                     // Handle ApplePay payments with auto-submit when successful
 …
                         handleCardPayment(component, event);
                     } else if (paymentMethod === 'btcpay' && event.isValid === true && event.isSuccessful === true) {
+                        handleBTCPayPayment(event);
+                        // GUARD: Only handle BTC Pay payments if BTC Pay is enabled
+                        if (isBtcpayEnabled()) {
+                            handleBTCPayPayment(event);
+                        } else {
+                            // BTC Pay is disabled - ignore BTC Pay payment events
+                            console.warn('[ConvesioPay Blocks] Received BTC Pay payment but BTC Pay is disabled');
+                        }
                     } else if (paymentMethod === 'applepay' && event.isValid === true && event.isSuccessful === true) {
                         handleApplePayPayment(component, event);
 …
                 // Create BTCPay intent using the mounted component (following BTCPay blocks pattern)
+                // Include required address fields for ConvesioPay API
+                await convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+                // Set up postMessage listener for iframe communication
+                setupBTCPayMessageListener();
+                // Check again after BTCPay intent is created
+                setTimeout(() => {
+                    updateSubmitButtonState();
+                }, 1000);
+                // Include required address fields for ConvesioPay API. Only do this
+                // when BTCPay is actually enabled for the site and we have a session.
+                // GUARD: Check if BTC Pay is enabled and we have a session before attempting to create intent
+                if (isBtcpayEnabled() && btcPaySession) {
+                    try {
+                        await convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+                        // Set up postMessage listener for iframe communication
+                        setupBTCPayMessageListener();
+                        // Check again after BTCPay intent is created
+                        setTimeout(() => {
+                            updateSubmitButtonState();
+                        }, 1000);
+                    } catch (error) {
+                        // Silently fail if BTC Pay intent creation fails when BTC Pay is disabled
+                        // Only log error if BTC Pay should be enabled
+                        if (isBtcpayEnabled()) {
+                            console.error('[ConvesioPay Blocks] BTCPay intent creation failed:', error);
+                        }
+                    }
+                } else {
+                    // BTC Pay is disabled or no session - do not create intent or set up listeners
+                    // Component will work with Card and Apple Pay only
+                }
 …
             // Disable submit button initially until payment methods are confirmed available
             disableSubmitButtonUnified();
+            // If BTCPay is disabled in the unified configuration, skip the
+            // BTCPay session entirely and just mount the component for
+            // card/Apple Pay.
+            if (!isBtcpayEnabled()) {
+                // BTC Pay is disabled - mount component without BTC Pay session
+                setTimeout(() => {
+                    mountConvesioPayComponent();
+                }, 100);
+                return;
+            }
             // Create BTCPay session immediately when radio button is selected
+            createBTCPaySession().then(sessionResult => {
+                if (sessionResult.success) {
+                    // After session is created, mount the ConvesioPay component
+            // Only attempt session creation if BTC Pay is enabled
+            if (isBtcpayEnabled()) {
+                createBTCPaySession().then(sessionResult => {
+                    if (sessionResult.success) {
+                        // After session is created, mount the ConvesioPay component
+                        setTimeout(() => {
+                            mountConvesioPayComponent();
+                        }, 100); // Small delay to ensure DOM is ready
+                    } else {
+                        // BTC Pay session creation failed - mount component anyway so Card and Apple Pay can work
+                        // Only show a warning (not blocking error) if BTC Pay was supposed to be enabled
+                        // The component will work with Card and Apple Pay even without BTC Pay session
+                        if (sessionResult.disabled || sessionResult.message?.toLowerCase().includes('disabled')) {
+                            // BTC Pay is intentionally disabled - this is expected, don't log as error
+                            console.log('[ConvesioPay Blocks] BTC Pay is disabled, mounting component for Card/Apple Pay only');
+                        } else if (isBtcpayEnabled() && sessionResult.message && !sessionResult.disabled) {
+                            // BTC Pay session failed but it should be enabled - log warning but still mount
+                            console.warn('[ConvesioPay Blocks] BTC Pay session creation failed, but mounting component for Card/Apple Pay:', sessionResult.message);
+                        }
+                        // Always mount the component so Card and Apple Pay can work
+                        // BTC Pay will simply not be available if session creation failed
+                        setTimeout(() => {
+                            mountConvesioPayComponent();
+                        }, 100);
+                    }
+                }).catch(error => {
+                    // BTC Pay session creation error - mount component anyway so Card and Apple Pay can work
+                    // Log the error but don't block the component from mounting
+                    if (isBtcpayEnabled()) {
+                        console.warn('[ConvesioPay Blocks] BTC Pay session creation error, but mounting component for Card/Apple Pay:', error);
+                    }
+                    // Always mount the component so Card and Apple Pay can work
+                    // BTC Pay will simply not be available if session creation failed
                     setTimeout(() => {
                         mountConvesioPayComponent();
+                    }, 100); // Small delay to ensure DOM is ready
+                } else {
+                    // Session creation failed, ensure button is disabled
+                    disableSubmitButtonUnified();
+                }
+            }).catch(error => {
+                // Error creating session, ensure button is disabled
+                disableSubmitButtonUnified();
+            });
+                    }, 100);
+                });
+            } else {
+                // Double-check: if somehow we got here but BTC Pay is disabled, just mount
+                mountConvesioPayComponent();
+            }
         }, []);

peachpay-for-woocommerce/trunk/core/payments/convesiopay/assets/js/convesiopay-unified-classic.js

-                      r3393772
+                      r3399128
         const config = window.peachpay_convesiopay_unified_data || {};
         return config;
+    }
+    /**
+     * Determine if BTCPay/crypto is enabled for this site based on the
+     * unified gateway configuration. This is the client-side source of
+     * truth for deciding whether any BTCPay sessions/intents should be
+     * created.
+     *
+     * STRICT CHECK: Only returns true if 'crypto' is explicitly in active_methods,
+     * which should only happen when the BTC Pay gateway is enabled in WooCommerce.
+     */
+    function isBtcpayEnabled() {
+        const config = getConfig();
+        const activeMethods = config.active_methods || [];
+        // Only return true if 'crypto' is explicitly in the array
+        // This ensures BTC Pay is only enabled when the gateway is actually enabled
+        const isEnabled = activeMethods.includes('crypto') || activeMethods.includes('btcpay');
+        // Additional safety: if active_methods is empty or doesn't include crypto, BTC Pay is disabled
+        if (activeMethods.length === 0) {
+            return false;
+        }
+        return isEnabled;
+    }
 …
+        }
+        // If BTCPay is disabled in the unified configuration, mount the
+        // component for card/Apple Pay only and completely skip BTCPay
+        // session creation. This avoids unnecessary API calls and
+        // prevents the "Failed to create BTCPay session" error when
+        // crypto is intentionally turned off.
+        if (!isBtcpayEnabled()) {
+            // BTC Pay is disabled - mount component without BTC Pay session
+            mountConvesioPayComponent();
+            return;
+        }
         // Create BTCPay session first, then mount component (following blocks pattern)
+        createBTCPaySession().then(sessionResult => {
+            if (sessionResult.success) {
+                // After session is created, mount the ConvesioPay component
+                setTimeout(() => {
+        // Only attempt session creation if BTC Pay is enabled
+        if (isBtcpayEnabled()) {
+            createBTCPaySession().then(sessionResult => {
+                if (sessionResult.success) {
+                    // After session is created, mount the ConvesioPay component
+                    setTimeout(() => {
+                        mountConvesioPayComponent();
+                    }, 100);
+                } else {
+                    // BTC Pay session creation failed - mount component anyway so Card and Apple Pay can work
+                    // Only show a warning (not blocking error) if BTC Pay was supposed to be enabled
+                    // The component will work with Card and Apple Pay even without BTC Pay session
+                    if (sessionResult.disabled || sessionResult.message?.toLowerCase().includes('disabled')) {
+                        // BTC Pay is intentionally disabled - this is expected, don't log as error
+                        console.log('[ConvesioPay Classic] BTC Pay is disabled, mounting component for Card/Apple Pay only');
+                    } else if (isBtcpayEnabled() && sessionResult.message && !sessionResult.disabled) {
+                        // BTC Pay session failed but it should be enabled - log warning but still mount
+                        console.warn('[ConvesioPay Classic] BTC Pay session creation failed, but mounting component for Card/Apple Pay:', sessionResult.message);
+                    }
+                    // Always mount the component so Card and Apple Pay can work
+                    // BTC Pay will simply not be available if session creation failed
                     mountConvesioPayComponent();
+                }, 100);
+            } else {
+                container.innerHTML = '<p style="color: red;">Failed to create payment session: ' + (sessionResult.message || 'Unknown error') + '</p>';
+            }
+        }).catch(error => {
+            container.innerHTML = '<p style="color: red;">Failed to create payment session. Please refresh and try again.</p>';
+        });
+                }
+            }).catch(error => {
+                // BTC Pay session creation error - mount component anyway so Card and Apple Pay can work
+                // Log the error but don't block the component from mounting
+                if (isBtcpayEnabled()) {
+                    console.warn('[ConvesioPay Classic] BTC Pay session creation error, but mounting component for Card/Apple Pay:', error);
+                }
+                // Always mount the component so Card and Apple Pay can work
+                // BTC Pay will simply not be available if session creation failed
+                mountConvesioPayComponent();
+            });
+        } else {
+            // Double-check: if somehow we got here but BTC Pay is disabled, just mount
+            mountConvesioPayComponent();
+        }
+    }
 …
                 } else if (event.type === 'btcpay') {
                     // Handle BTCPay payments directly when event.type is btcpay
+                    handleBTCPayPayment(event);
+                    // GUARD: Only handle BTC Pay events if BTC Pay is enabled
+                    if (isBtcpayEnabled()) {
+                        handleBTCPayPayment(event);
+                    } else {
+                        // BTC Pay is disabled - ignore BTC Pay events
+                        console.warn('[ConvesioPay Classic] Received BTC Pay event but BTC Pay is disabled');
+                    }
                 } else if (event.type === 'applepay') {
                     // Handle ApplePay payments with auto-submit when successful
 …
                         handleCardPayment(component, event);
                     } else if (paymentMethod === 'btcpay' && event.isValid === true && event.isSuccessful === true) {
+                        handleBTCPayPayment(event);
+                        // GUARD: Only handle BTC Pay payments if BTC Pay is enabled
+                        if (isBtcpayEnabled()) {
+                            handleBTCPayPayment(event);
+                        } else {
+                            // BTC Pay is disabled - ignore BTC Pay payment events
+                            console.warn('[ConvesioPay Classic] Received BTC Pay payment but BTC Pay is disabled');
+                        }
                     } else if (paymentMethod === 'applepay' && event.isValid === true && event.isSuccessful === true) {
                         handleApplePayPayment(component, event);
 …
             }, 2500);
-            // Create BTCPay intent using the mounted component (following blocks pattern)
-            // const orderData = getOrderData();
-            const btcPayIntentData = {
-                session: btcPaySession
-            };
             // Get order data
             const orderData = getOrderData();
 …
                 return;
+            }
+            // Create Apple Pay session (always available when component is mounted)
             const applePaySession = await component.createApplePaySession({
                 integration: integrationName,
 …
             });
+            // Create BTCPay intent
+            convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+            // Set up postMessage listener for iframe communication
+            setupBTCPayMessageListener();
+            // Only create BTCPay intent if BTC Pay is enabled and we have a session
+            // GUARD: Check if BTC Pay is enabled before attempting to create intent
+            if (isBtcpayEnabled() && btcPaySession) {
+                try {
+                    const btcPayIntentData = {
+                        session: btcPaySession
+                    };
+                    // Create BTCPay intent using the mounted component (following blocks pattern)
+                    convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+                    // Set up postMessage listener for iframe communication
+                    setupBTCPayMessageListener();
+                } catch (error) {
+                    // Silently fail if BTC Pay intent creation fails when BTC Pay is disabled
+                    // Only log error if BTC Pay should be enabled
+                    if (isBtcpayEnabled()) {
+                        console.error('[ConvesioPay Classic] BTCPay intent creation failed:', error);
+                    }
+                }
+            } else {
+                // BTC Pay is disabled - do not create intent or set up listeners
+                // Component will work with Card and Apple Pay only
+            }
             // Check again after BTCPay intent is created
 …
             btcPaySession = null;
+            // Step 3: Create new BTCPay session with updated amount
+            const sessionResult = await createBTCPaySession();
+            if (!sessionResult.success) {
+                return;
+            }
+            btcPaySession = sessionResult.session;
+            // Step 3: Create new BTCPay session with updated amount (only if BTC Pay is enabled)
+            // GUARD: Only create BTC Pay session if BTC Pay is enabled
+            if (isBtcpayEnabled()) {
+                const sessionResult = await createBTCPaySession();
+                // Only proceed if session creation was successful
+                // If disabled or failed, continue without BTC Pay session
+                if (sessionResult.success && !sessionResult.disabled) {
+                    btcPaySession = sessionResult.session;
+                } else if (sessionResult.disabled) {
+                    // BTC Pay is disabled - continue without BTC Pay session
+                    // Component will work with Card and Apple Pay only
+                } else {
+                    // Session creation failed but BTC Pay should be enabled
+                    // Log error but continue - component will work without BTC Pay
+                    console.warn('[ConvesioPay Classic] BTCPay session creation failed during amount update:', sessionResult.message);
+                }
+            } else {
+                // BTC Pay is disabled - skip session creation
+            }
             // Step 4: Create and mount new component
 …
+            }
+            // Step 7: Create BTCPay intent with new session
+            try {
+                // Prepare BTCPay intent data
+                const btcPayIntentData = {
+                    session: btcPaySession
+                };
+                // Create the BTCPay intent with the new session
+                await convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+                // Re-setup the message listener
+                setupBTCPayMessageListener();
+            } catch (btcPayError) {
+                // BTCPay intent creation failed
+            // Step 7: Create BTCPay intent with new session (only if BTC Pay is enabled and session exists)
+            // GUARD: Only create BTC Pay intent if BTC Pay is enabled and we have a session
+            if (isBtcpayEnabled() && btcPaySession) {
+                try {
+                    // Prepare BTCPay intent data
+                    const btcPayIntentData = {
+                        session: btcPaySession
+                    };
+                    // Create the BTCPay intent with the new session
+                    await convesioPayComponent.createBTCPayIntent(btcPayIntentData);
+                    // Re-setup the message listener
+                    setupBTCPayMessageListener();
+                } catch (btcPayError) {
+                    // Silently fail if BTC Pay intent creation fails when BTC Pay is disabled
+                    // Only log error if BTC Pay should be enabled
+                    if (isBtcpayEnabled()) {
+                        console.warn('[ConvesioPay Classic] BTCPay intent creation failed during amount update:', btcPayError);
+                    }
+                }
+            } else {
+                // BTC Pay is disabled or no session - skip intent creation
+            }
 …
     /**
      * Create BTCPay session via AJAX call (following blocks pattern)
+     *
+     * STRICT GUARD: Returns early with success:false (not an error) when disabled
+     * to prevent any error messages from being shown.
      */
     function createBTCPaySession() {
+        // STRICT CHECK: Do not create BTCPay sessions when the method is disabled in
+        // PeachPay/WooCommerce settings. This prevents unnecessary
+        // ConvesioPay API calls and avoids BTCPay behaviour on sites
+        // that have explicitly disabled crypto.
+        if (!isBtcpayEnabled()) {
+            // Return success:false with a message indicating it's disabled
+            // This is NOT an error - it's expected behavior when disabled
+            return Promise.resolve({ success: false, message: 'BTCPay payment method is disabled', disabled: true });
+        }
+        // If session already created and exists, return it
         if (isSessionCreated && btcPaySession) {
             return Promise.resolve({ success: true, session: btcPaySession });
 …
                             resolve({ success: true, session: btcPaySession });
                         } else {
+                            resolve({ success: false, message: sessionResponse.message || 'Failed to create BTCPay session' });
+                            // Extract message from WordPress AJAX response structure
+                            // WordPress error responses have message in data.message or directly in message
+                            const errorMessage = sessionResponse.data?.message || sessionResponse.message || 'Failed to create BTCPay session';
+                            // Check if the error is because BTC Pay is disabled
+                            const isDisabled = errorMessage.toLowerCase().includes('disabled') ||
+                                             errorMessage.toLowerCase().includes('btcpay payment method is disabled');
+                            // If disabled, mark it as such so the error won't be shown
+                            resolve({
+                                success: false,
+                                message: errorMessage,
+                                disabled: isDisabled
+                            });
+                        }
                     },
                     error: function(xhr, status, error) {
+                        resolve({ success: false, message: 'AJAX request failed: ' + error });
+                        // On AJAX error, check if BTC Pay is still enabled before reporting error
+                        // If disabled, this is expected behavior
+                        const isDisabled = !isBtcpayEnabled();
+                        resolve({
+                            success: false,
+                            message: 'AJAX request failed: ' + error,
+                            disabled: isDisabled
+                        });
+                    }
                 });
 …
      */
     function setupBTCPayMessageListener() {
+        // If BTCPay is disabled, do not attach any listeners.
+        if (!isBtcpayEnabled()) {
+            return;
+        }
         window.addEventListener('message', (event) => {
             // Verify the origin is from BTCPay

peachpay-for-woocommerce/trunk/core/payments/convesiopay/class-peachpay-convesiopay-integration.php

-                      r3385397
+                      r3399128
         $capabilities = array(
             'card' => true,
+            'card'     => true,
             'applepay' => true,
             'btcpay' => true,
+            'btcpay'   => true,
         );
         return isset( $capabilities[ $payment_key ] ) && $capabilities[ $payment_key ];
+    }
+    /**
+     * Check if a specific ConvesioPay WooCommerce gateway is enabled.
+     *
+     * This is used as the server-side source of truth for whether a
+     * payment method such as BTCPay should be allowed to process orders
+     * or create sessions/intents.
+     *
+     * @param string $gateway_id WooCommerce gateway ID.
+     * @return boolean
+     */
+    public static function is_gateway_enabled( $gateway_id ) {
+        if ( ! function_exists( 'WC' ) || ! WC()->payment_gateways ) {
+            return false;
+        }
+        $gateways       = WC()->payment_gateways->payment_gateways();
+        $target_gateway = $gateways[ $gateway_id ] ?? null;
+        if ( ! $target_gateway ) {
+            return false;
+        }
+        $enabled_option   = method_exists( $target_gateway, 'get_option' ) ? $target_gateway->get_option( 'enabled', 'no' ) : 'no';
+        $enabled_property = isset( $target_gateway->enabled ) ? $target_gateway->enabled : 'no';
+        return ( 'yes' === $enabled_option || 'yes' === $enabled_property );
+    }
+    /**
+     * Convenience wrapper: is BTCPay gateway enabled in WooCommerce.
+     *
+     * @return boolean
+     */
+    public static function is_btcpay_enabled() {
+        return self::is_gateway_enabled( 'peachpay_convesiopay_btcpay' );
+    }

peachpay-for-woocommerce/trunk/core/payments/convesiopay/gateways/class-peachpay-convesiopay-btcpay-gateway.php

-                      r3394603
+                      r3399128
      */
     public function is_available( $skip_cart_check = false ) {
+        return false;
+        // Keep this gateway hidden in the standard WooCommerce list (the
+        // unified gateway is the public entry point), but still provide a
+        // reliable enabled check for server-side guards.
+        if ( ! PeachPay_ConvesioPay_Integration::is_btcpay_enabled() ) {
+            return false;
+        }
         // Check if gateway is properly initialized
         if ( ! $this->initialized ) {
 …
      */
     public function process_payment( $order_id ) {
+        // SERVER-SIDE SAFETY CHECK: never process BTCPay payments when the
+        // method is disabled in WooCommerce/PeachPay settings.
+        if ( ! PeachPay_ConvesioPay_Integration::is_btcpay_enabled() ) {
+            return array(
+                'result'  => 'failure',
+                'message' => __( 'BTCPay payment method is disabled.', 'peachpay-for-woocommerce' ),
+            );
+        }
         $transaction_id = null;
         $payment_token = null;

peachpay-for-woocommerce/trunk/core/payments/convesiopay/gateways/class-peachpay-convesiopay-unified-gateway.php

-                      r3395317
+                      r3399128
         $btcpay_gateway = $gateways['peachpay_convesiopay_btcpay'];
+        // SERVER-SIDE SAFETY CHECK: if BTCPay is disabled in WooCommerce /
+        // PeachPay settings, abort before any processing. This ensures that
+        // even if the frontend sends BTCPay data, no BTCPay order can be
+        // created when the method is disabled.
+        if ( ! PeachPay_ConvesioPay_Integration::is_btcpay_enabled() ) {
+            throw new Exception( 'ConvesioPay BTCPay payment method is disabled' );
+        }
         // Store original payment method before redirecting

peachpay-for-woocommerce/trunk/core/payments/convesiopay/hooks.php

-                      r3385397
+                      r3399128
     if (empty($integration) || empty($order_number) || $amount <= 0) {
         wp_send_json_error(array('message' => 'Missing required parameters'));
+        return;
+    }
+    // SERVER-SIDE SAFETY CHECK: if BTCPay is disabled in WooCommerce /
+    // PeachPay settings, do not create sessions at all. This prevents
+    // rogue or crafted requests from enabling BTCPay.
+    if ( ! PeachPay_ConvesioPay_Integration::is_btcpay_enabled() ) {
+        wp_send_json_error( array( 'message' => 'BTCPay payment method is disabled' ) );
         return;
+    }
 …
     if (empty($session_id)) {
         wp_send_json_error(array('message' => 'Session ID is required'));
+        return;
+    }
+    // SERVER-SIDE SAFETY CHECK: if BTCPay is disabled, do not attempt to
+    // create new intents.
+    if ( ! PeachPay_ConvesioPay_Integration::is_btcpay_enabled() ) {
+        wp_send_json_error( array( 'message' => 'BTCPay payment method is disabled' ) );
         return;
+    }

peachpay-for-woocommerce/trunk/peachpay.php

r3395317	r3399128
4	4	* Plugin URI: https://woocommerce.com/products/peachpay
5	5	* Description: Connect and manage all your payment methods, offer shoppers a beautiful Express Checkout, and reduce cart abandonment.
6		* Version: 1.118.4
	6	* Version: 1.118.5
7	7	* Text Domain: peachpay-for-woocommerce
8	8	* Domain Path: /languages

peachpay-for-woocommerce/trunk/readme.txt

-                      r3395317
+                      r3399128
 Requires at least: 5.8
 Tested up to: 6.8.1
 Stable tag: 1.118.4
+Stable tag: 1.118.5
 Requires PHP: 7.0
 License: GPLv2 or later
 …
 == Changelog ==
+= 1.118.5 =
+* CPay/BTCPay payment initialization fix
 = 1.118.4 =

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 3399128

Legend:

peachpay-for-woocommerce/trunk/changelog.txt

peachpay-for-woocommerce/trunk/core/payments/convesiopay/assets/js/convesiopay-unified-blocks.js

peachpay-for-woocommerce/trunk/core/payments/convesiopay/assets/js/convesiopay-unified-classic.js

peachpay-for-woocommerce/trunk/core/payments/convesiopay/class-peachpay-convesiopay-integration.php

peachpay-for-woocommerce/trunk/core/payments/convesiopay/gateways/class-peachpay-convesiopay-btcpay-gateway.php

peachpay-for-woocommerce/trunk/core/payments/convesiopay/gateways/class-peachpay-convesiopay-unified-gateway.php

peachpay-for-woocommerce/trunk/core/payments/convesiopay/hooks.php

peachpay-for-woocommerce/trunk/peachpay.php

peachpay-for-woocommerce/trunk/readme.txt

Download in other formats: