From d9b28186859718a15af6ad9af0ace9306e0ec1e7 Mon Sep 17 00:00:00 2001
From: David Remer <webmaster@websupporter.net>
Date: Fri, 2 Oct 2020 12:28:40 +0300
Subject: [PATCH] redirect when POST request with the error-get-parameter, so
 no error message will be shown later on

---
 .../src/Settings/class-settingslistener.php       |  6 ++++++
 .../src/Settings/class-settingsrenderer.php       | 15 +++++++++++----
 2 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php b/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
index b2a33d100..1f7500d7d 100644
--- a/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
+++ b/modules/ppcp-wc-gateway/src/Settings/class-settingslistener.php
@@ -168,6 +168,12 @@ class SettingsListener {
 			$this->cache->delete( PayPalBearer::CACHE_KEY );
 		}
 
+		if ( isset( $_GET['ppcp-onboarding-error'] ) ) {
+			$url = remove_query_arg( 'ppcp-onboarding-error' );
+			wp_safe_redirect( $url, 302 );
+			exit;
+		}
+
 		// phpcs:enable WordPress.Security.NonceVerification.Missing
 		// phpcs:enable WordPress.Security.NonceVerification.Recommended
 	}
diff --git a/modules/ppcp-wc-gateway/src/Settings/class-settingsrenderer.php b/modules/ppcp-wc-gateway/src/Settings/class-settingsrenderer.php
index 44c3eef05..6039b2a29 100644
--- a/modules/ppcp-wc-gateway/src/Settings/class-settingsrenderer.php
+++ b/modules/ppcp-wc-gateway/src/Settings/class-settingsrenderer.php
@@ -98,10 +98,14 @@ class SettingsRenderer {
 	 * @return array
 	 */
 	public function messages() : array {
-	    //phpcs:ignore WordPress.Security.NonceVerification.Recommended
-		if ( ! isset( $_GET['ppcp-onboarding-error'] ) ) {
+
+        //phpcs:disable WordPress.Security.NonceVerification.Recommended
+        //phpcs:disable WordPress.Security.NonceVerification.Missing
+		if ( ! isset( $_GET['ppcp-onboarding-error'] ) || ! empty( $_POST ) ) {
 			return array();
 		}
+		//phpcs:enable WordPress.Security.NonceVerification.Recommended
+		//phpcs:enable WordPress.Security.NonceVerification.Missing
 
 		$messages = array(
 			new Message(
@@ -250,9 +254,12 @@ class SettingsRenderer {
 	 */
 	public function render() {
 
-	    //phpcs:ignore WordPress.Security.NonceVerification.Recommended
+		//phpcs:disable WordPress.Security.NonceVerification.Recommended
+		//phpcs:disable WordPress.Security.NonceVerification.Missing
 		$is_dcc = isset( $_GET[ SectionsRenderer::KEY ] ) && CreditCardGateway::ID === sanitize_text_field( wp_unslash( $_GET[ SectionsRenderer::KEY ] ) );
-		$nonce  = wp_create_nonce( SettingsListener::NONCE );
+		//phpcs:enable WordPress.Security.NonceVerification.Recommended
+		//phpcs:enable WordPress.Security.NonceVerification.Missing
+		$nonce = wp_create_nonce( SettingsListener::NONCE );
 		?>
 		<input type="hidden" name="ppcp-nonce" value="<?php echo esc_attr( $nonce ); ?>">
 		<?php