woocommerce/woocommerce-paypal-payments
2
0
Fork 0
mirror of https://github.com/woocommerce/woocommerce-paypal-payments.git synced 2025-09-05 08:59:14 +08:00
Code Issues Projects Packages Wiki Activity Actions 11

Send form data as json object to fix decoding

Browse source 
was decoded twice, in RequestData and by parse_str
This commit is contained in:
Alex P 2022-06-08 15:53:30 +03:00
parent 77230fefa8
commit fdbbe6afb3
3 changed files with 9 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/ppcp-button/resources/js/modules/ActionHandler/CheckoutActionHandler.js
View file

@ -20,7 +20,9 @@ class CheckoutActionHandler {
const errorHandler = this.errorHandler; const errorHandler = this.errorHandler;
const formSelector = this.config.context === 'checkout' ? 'form.checkout' : 'form#order_review'; const formSelector = this.config.context === 'checkout' ? 'form.checkout' : 'form#order_review';
const formValues = jQuery(formSelector).serialize(); const formData = new FormData(document.querySelector(formSelector));
// will not handle fields with multiple values (checkboxes, <select multiple>), but we do not care about this here
const formJsonObj = Object.fromEntries(formData);
const createaccount = jQuery('#createaccount').is(":checked") ? true : false; const createaccount = jQuery('#createaccount').is(":checked") ? true : false;
@ -34,7 +36,7 @@ class CheckoutActionHandler {
order_id:this.config.order_id, order_id:this.config.order_id,
payment_method: getCurrentPaymentMethod(), payment_method: getCurrentPaymentMethod(),
funding_source: window.ppcpFundingSource, funding_source: window.ppcpFundingSource,
form:formValues, form: formJsonObj,
createaccount: createaccount createaccount: createaccount
}) })
}).then(function (res) { }).then(function (res) {

4
modules/ppcp-button/src/Endpoint/CreateOrderEndpoint.php
View file

@ -403,9 +403,9 @@ class CreateOrderEndpoint implements EndpointInterface {
} }
if ( ! $payer && isset( $data['form'] ) ) { if ( ! $payer && isset( $data['form'] ) ) {
parse_str( $data['form'], $form_fields ); $form_fields = $data['form'];
if ( isset( $form_fields['billing_email'] ) && '' !== $form_fields['billing_email'] ) { if ( is_array( $form_fields ) && isset( $form_fields['billing_email'] ) && '' !== $form_fields['billing_email'] ) {
return $this->payer_factory->from_checkout_form( $form_fields ); return $this->payer_factory->from_checkout_form( $form_fields );
} }
} }

12
modules/ppcp-button/src/Endpoint/RequestData.php
View file

@ -81,15 +81,9 @@ class RequestData {
$data = array(); $data = array();
foreach ( (array) $assoc_array as $raw_key => $raw_value ) { foreach ( (array) $assoc_array as $raw_key => $raw_value ) {
if ( ! is_array( $raw_value ) ) { if ( ! is_array( $raw_value ) ) {
/** // Not sure if it is a good idea to sanitize everything at this level,
* The 'form' key is preserved for url encoded data and needs different // but should be fine for now since we do not send any HTML or multi-line texts via ajax.
* sanitization. $data[ sanitize_text_field( (string) $raw_key ) ] = sanitize_text_field( (string) $raw_value );
*/
if ( 'form' !== $raw_key ) {
$data[ sanitize_text_field( (string) $raw_key ) ] = sanitize_text_field( (string) $raw_value );
} else {
$data[ sanitize_text_field( (string) $raw_key ) ] = sanitize_text_field( urldecode( (string) $raw_value ) );
}
continue; continue;
} }
$data[ sanitize_text_field( (string) $raw_key ) ] = $this->sanitize( $raw_value ); $data[ sanitize_text_field( (string) $raw_key ) ] = $this->sanitize( $raw_value );