woocommerce/woocommerce-paypal-payments
2
0
Fork 0
mirror of https://github.com/woocommerce/woocommerce-paypal-payments.git synced 2025-09-06 18:16:38 +08:00
Code Issues Projects Packages Wiki Activity Actions

Merge pull request #1510 from woocommerce/PCP-1873-complex-form-fields

Browse source 
Handle complex form fields when submitting checkout form
This commit is contained in:
Emili Castells 2023-07-18 15:37:57 +02:00 committed by GitHub
commit 24a40a283c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 29 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/ppcp-button/resources/js/modules/ActionHandler/CheckoutActionHandler.js
View file

@ -50,8 +50,6 @@ class CheckoutActionHandler {
const formSelector = this.config.context === 'checkout' ? 'form.checkout' : 'form#order_review'; const formSelector = this.config.context === 'checkout' ? 'form.checkout' : 'form#order_review';
const formData = new FormData(document.querySelector(formSelector)); const formData = new FormData(document.querySelector(formSelector));
// will not handle fields with multiple values (checkboxes, <select multiple>), but we do not care about this here
const formJsonObj = Object.fromEntries(formData.entries());
const createaccount = jQuery('#createaccount').is(":checked") ? true : false; const createaccount = jQuery('#createaccount').is(":checked") ? true : false;
@ -72,7 +70,8 @@ class CheckoutActionHandler {
order_id:this.config.order_id, order_id:this.config.order_id,
payment_method: paymentMethod, payment_method: paymentMethod,
funding_source: fundingSource, funding_source: fundingSource,
form: formJsonObj, // send as urlencoded string to handle complex fields via PHP functions the same as normal form submit
form_encoded: new URLSearchParams(formData).toString(),
createaccount: createaccount createaccount: createaccount
}) })
}).then(function (res) { }).then(function (res) {

3
modules/ppcp-button/resources/js/modules/Helper/FormValidator.js
View file

@ -6,7 +6,6 @@ export default class FormValidator {
async validate(form) { async validate(form) {
const formData = new FormData(form); const formData = new FormData(form);
const formJsonObj = Object.fromEntries(formData.entries());
const res = await fetch(this.url, { const res = await fetch(this.url, {
method: 'POST', method: 'POST',
@ -16,7 +15,7 @@ export default class FormValidator {
credentials: 'same-origin', credentials: 'same-origin',
body: JSON.stringify({ body: JSON.stringify({
nonce: this.nonce, nonce: this.nonce,
form: formJsonObj, form_encoded: new URLSearchParams(formData).toString(),
}), }),
}); });

27
modules/ppcp-button/src/Endpoint/CreateOrderEndpoint.php
View file

@ -166,6 +166,13 @@ class CreateOrderEndpoint implements EndpointInterface {
*/ */
protected $logger; protected $logger;
/**
* The form data, or empty if not available.
*
* @var array
*/
private $form = array();
/** /**
* CreateOrderEndpoint constructor. * CreateOrderEndpoint constructor.
* *
@ -282,18 +289,20 @@ class CreateOrderEndpoint implements EndpointInterface {
$this->set_bn_code( $data ); $this->set_bn_code( $data );
$form_fields = $data['form'] ?? null; if ( isset( $data['form'] ) ) {
$this->form = $data['form'];
}
if ( $this->early_validation_enabled if ( $this->early_validation_enabled
&& is_array( $form_fields ) && $this->form
&& 'checkout' === $data['context'] && 'checkout' === $data['context']
&& in_array( $payment_method, array( PayPalGateway::ID, CardButtonGateway::ID ), true ) && in_array( $payment_method, array( PayPalGateway::ID, CardButtonGateway::ID ), true )
) { ) {
$this->validate_form( $form_fields ); $this->validate_form( $this->form );
} }
if ( 'pay-now' === $data['context'] && is_array( $form_fields ) && get_option( 'woocommerce_terms_page_id', '' ) !== '' ) { if ( 'pay-now' === $data['context'] && $this->form && get_option( 'woocommerce_terms_page_id', '' ) !== '' ) {
$this->validate_paynow_form( $form_fields ); $this->validate_paynow_form( $this->form );
} }
try { try {
@ -516,11 +525,9 @@ class CreateOrderEndpoint implements EndpointInterface {
$payer = $this->payer_factory->from_paypal_response( json_decode( wp_json_encode( $data['payer'] ) ) ); $payer = $this->payer_factory->from_paypal_response( json_decode( wp_json_encode( $data['payer'] ) ) );
} }
if ( ! $payer && isset( $data['form'] ) ) { if ( ! $payer && $this->form ) {
$form_fields = $data['form']; if ( isset( $this->form['billing_email'] ) && '' !== $this->form['billing_email'] ) {
return $this->payer_factory->from_checkout_form( $this->form );
if ( is_array( $form_fields ) && isset( $form_fields['billing_email'] ) && '' !== $form_fields['billing_email'] ) {
return $this->payer_factory->from_checkout_form( $form_fields );
} }
} }

9
modules/ppcp-button/src/Endpoint/RequestData.php
View file

@ -53,6 +53,11 @@ class RequestData {
} }
$this->dequeue_nonce_fix(); $this->dequeue_nonce_fix();
if ( isset( $json['form_encoded'] ) ) {
$json['form'] = array();
parse_str( $json['form_encoded'], $json['form'] );
}
$sanitized = $this->sanitize( $json ); $sanitized = $this->sanitize( $json );
return $sanitized; return $sanitized;
} }
@ -80,6 +85,10 @@ class RequestData {
private function sanitize( array $assoc_array ): array { private function sanitize( array $assoc_array ): array {
$data = array(); $data = array();
foreach ( (array) $assoc_array as $raw_key => $raw_value ) { foreach ( (array) $assoc_array as $raw_key => $raw_value ) {
if ( $raw_key === 'form_encoded' ) {
$data[ $raw_key ] = $raw_value;
continue;
}
if ( ! is_array( $raw_value ) ) { if ( ! is_array( $raw_value ) ) {
// Not sure if it is a good idea to sanitize everything at this level, // Not sure if it is a good idea to sanitize everything at this level,
// but should be fine for now since we do not send any HTML or multi-line texts via ajax. // but should be fine for now since we do not send any HTML or multi-line texts via ajax.