Merge branch 'master' of github.com:woothemes/woocommerce
This commit is contained in:
commit
153664d1f1
|
@ -330,7 +330,9 @@ class WC_Checkout {
|
||||||
* @return void
|
* @return void
|
||||||
*/
|
*/
|
||||||
public function process_checkout() {
|
public function process_checkout() {
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-process_checkout' );
|
if ( ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-process_checkout' ) ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if ( ! defined( 'WOOCOMMERCE_CHECKOUT' ) )
|
if ( ! defined( 'WOOCOMMERCE_CHECKOUT' ) )
|
||||||
define( 'WOOCOMMERCE_CHECKOUT', true );
|
define( 'WOOCOMMERCE_CHECKOUT', true );
|
||||||
|
|
|
@ -48,7 +48,9 @@ class WC_Form_Handler {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-edit_address' );
|
if ( ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-edit_address' ) ) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$user_id = get_current_user_id();
|
$user_id = get_current_user_id();
|
||||||
|
|
||||||
|
@ -143,12 +145,10 @@ class WC_Form_Handler {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( empty( $_POST[ 'action' ] ) || ( 'save_account_details' !== $_POST[ 'action' ] ) || empty( $_POST['_wpnonce'] ) ) {
|
if ( empty( $_POST[ 'action' ] ) || ( 'save_account_details' !== $_POST[ 'action' ] ) || empty( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'save_account_details' ) ) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-save_account_details' );
|
|
||||||
|
|
||||||
$update = true;
|
$update = true;
|
||||||
$errors = new WP_Error();
|
$errors = new WP_Error();
|
||||||
$user = new stdClass();
|
$user = new stdClass();
|
||||||
|
@ -733,9 +733,7 @@ class WC_Form_Handler {
|
||||||
* Process the login form.
|
* Process the login form.
|
||||||
*/
|
*/
|
||||||
public static function process_login() {
|
public static function process_login() {
|
||||||
if ( ! empty( $_POST['login'] ) && ! empty( $_POST['_wpnonce'] ) ) {
|
if ( ! empty( $_POST['login'] ) && ! empty( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-login' ) ) {
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-login' );
|
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$creds = array();
|
$creds = array();
|
||||||
|
@ -809,14 +807,13 @@ class WC_Form_Handler {
|
||||||
}
|
}
|
||||||
|
|
||||||
// process lost password form
|
// process lost password form
|
||||||
if ( isset( $_POST['user_login'] ) && isset( $_POST['_wpnonce'] ) ) {
|
if ( isset( $_POST['user_login'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'lost_password' ) ) {
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-lost_password' );
|
|
||||||
|
|
||||||
WC_Shortcode_My_Account::retrieve_password();
|
WC_Shortcode_My_Account::retrieve_password();
|
||||||
}
|
}
|
||||||
|
|
||||||
// process reset password form
|
// process reset password form
|
||||||
if ( isset( $_POST['password_1'] ) && isset( $_POST['password_2'] ) && isset( $_POST['reset_key'] ) && isset( $_POST['reset_login'] ) && isset( $_POST['_wpnonce'] ) ) {
|
if ( isset( $_POST['password_1'] ) && isset( $_POST['password_2'] ) && isset( $_POST['reset_key'] ) && isset( $_POST['reset_login'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'reset_password' ) ) {
|
||||||
|
|
||||||
// verify reset key again
|
// verify reset key again
|
||||||
$user = WC_Shortcode_My_Account::check_password_reset_key( $_POST['reset_key'], $_POST['reset_login'] );
|
$user = WC_Shortcode_My_Account::check_password_reset_key( $_POST['reset_key'], $_POST['reset_login'] );
|
||||||
|
@ -827,8 +824,6 @@ class WC_Form_Handler {
|
||||||
$args['key'] = wc_clean( $_POST['reset_key'] );
|
$args['key'] = wc_clean( $_POST['reset_key'] );
|
||||||
$args['login'] = wc_clean( $_POST['reset_login'] );
|
$args['login'] = wc_clean( $_POST['reset_login'] );
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-reset_password' );
|
|
||||||
|
|
||||||
if ( empty( $_POST['password_1'] ) || empty( $_POST['password_2'] ) ) {
|
if ( empty( $_POST['password_1'] ) || empty( $_POST['password_2'] ) ) {
|
||||||
wc_add_notice( __( 'Please enter your password.', 'woocommerce' ), 'error' );
|
wc_add_notice( __( 'Please enter your password.', 'woocommerce' ), 'error' );
|
||||||
$args['form'] = 'reset_password';
|
$args['form'] = 'reset_password';
|
||||||
|
@ -865,9 +860,7 @@ class WC_Form_Handler {
|
||||||
* Process the registration form.
|
* Process the registration form.
|
||||||
*/
|
*/
|
||||||
public static function process_registration() {
|
public static function process_registration() {
|
||||||
if ( ! empty( $_POST['register'] ) ) {
|
if ( ! empty( $_POST['register'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-register' ) ) {
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['register'], 'woocommerce-register' );
|
|
||||||
|
|
||||||
if ( 'no' === get_option( 'woocommerce_registration_generate_username' ) ) {
|
if ( 'no' === get_option( 'woocommerce_registration_generate_username' ) ) {
|
||||||
$_username = $_POST['username'];
|
$_username = $_POST['username'];
|
||||||
|
|
|
@ -276,6 +276,27 @@ class WC_Product_Variation extends WC_Product {
|
||||||
return $this->variation_data;
|
return $this->variation_data;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if all variation's attributes are set
|
||||||
|
*
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function has_all_attributes_set() {
|
||||||
|
|
||||||
|
$set = true;
|
||||||
|
|
||||||
|
// undefined attributes have null strings as array values
|
||||||
|
foreach( $this->get_variation_attributes() as $att ){
|
||||||
|
if( ! $att ){
|
||||||
|
$set = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $set;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get variation price HTML. Prices are not inherited from parents.
|
* Get variation price HTML. Prices are not inherited from parents.
|
||||||
*
|
*
|
||||||
|
|
|
@ -127,9 +127,9 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
|
||||||
|
|
||||||
echo '<tr class="account">
|
echo '<tr class="account">
|
||||||
<td class="sort"></td>
|
<td class="sort"></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['account_name'] ) . '" name="bacs_account_name[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( wp_unslash( $account['account_name'] ) ) . '" name="bacs_account_name[' . $i . ']" /></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . $i . ']" /></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['bank_name'] ) . '" name="bacs_bank_name[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( wp_unslash( $account['bank_name'] ) ) . '" name="bacs_bank_name[' . $i . ']" /></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . $i . ']" /></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . $i . ']" /></td>
|
||||||
<td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . $i . ']" /></td>
|
<td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . $i . ']" /></td>
|
||||||
|
@ -249,7 +249,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
|
||||||
$bacs_account = (object) $bacs_account;
|
$bacs_account = (object) $bacs_account;
|
||||||
|
|
||||||
if ( $bacs_account->account_name || $bacs_account->bank_name ) {
|
if ( $bacs_account->account_name || $bacs_account->bank_name ) {
|
||||||
echo '<h3>' . implode( ' - ', array_filter( array( $bacs_account->account_name, $bacs_account->bank_name ) ) ) . '</h3>' . PHP_EOL;
|
echo '<h3>' . wp_unslash( implode( ' - ', array_filter( array( $bacs_account->account_name, $bacs_account->bank_name ) ) ) ) . '</h3>' . PHP_EOL;
|
||||||
}
|
}
|
||||||
|
|
||||||
echo '<ul class="order_details bacs_details">' . PHP_EOL;
|
echo '<ul class="order_details bacs_details">' . PHP_EOL;
|
||||||
|
|
|
@ -41,9 +41,7 @@ class WC_Shortcode_Order_Tracking {
|
||||||
|
|
||||||
global $post;
|
global $post;
|
||||||
|
|
||||||
if ( ! empty( $_REQUEST['orderid'] ) ) {
|
if ( ! empty( $_REQUEST['orderid'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-order_tracking' ) ) {
|
||||||
|
|
||||||
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-order_tracking' );
|
|
||||||
|
|
||||||
$order_id = empty( $_REQUEST['orderid'] ) ? 0 : esc_attr( $_REQUEST['orderid'] );
|
$order_id = empty( $_REQUEST['orderid'] ) ? 0 : esc_attr( $_REQUEST['orderid'] );
|
||||||
$order_email = empty( $_REQUEST['order_email'] ) ? '' : esc_attr( $_REQUEST['order_email']) ;
|
$order_email = empty( $_REQUEST['order_email'] ) ? '' : esc_attr( $_REQUEST['order_email']) ;
|
||||||
|
|
|
@ -589,3 +589,15 @@ function wc_format_phone_number( $tel ) {
|
||||||
$tel = str_replace( '.', '-', $tel );
|
$tel = str_replace( '.', '-', $tel );
|
||||||
return $tel;
|
return $tel;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Make a string lowercase.
|
||||||
|
* Try to use mb_strtolower() when available.
|
||||||
|
*
|
||||||
|
* @since 2.3
|
||||||
|
* @param string $string
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
function wc_strtolower( $string ) {
|
||||||
|
return function_exists( 'mb_strtolower' ) ? mb_strtolower( $string ) : strtolower( $string );
|
||||||
|
}
|
||||||
|
|
|
@ -56,7 +56,7 @@ function wc_get_order_status_name( $status ) {
|
||||||
$status = 'wc-' === substr( $status, 0, 3 ) ? substr( $status, 3 ) : $status;
|
$status = 'wc-' === substr( $status, 0, 3 ) ? substr( $status, 3 ) : $status;
|
||||||
$status = isset( $statuses[ 'wc-' . $status ] ) ? $statuses[ 'wc-' . $status ] : $status;
|
$status = isset( $statuses[ 'wc-' . $status ] ) ? $statuses[ 'wc-' . $status ] : $status;
|
||||||
|
|
||||||
return function_exists( 'mb_strtolower' ) ? mb_strtolower( $status ) : strtolower( $status );
|
return wc_strtolower( $status );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -67,6 +67,15 @@ if ( 0 == $woocommerce_loop['loop'] % $woocommerce_loop['columns'] )
|
||||||
|
|
||||||
</a>
|
</a>
|
||||||
|
|
||||||
<?php do_action( 'woocommerce_after_shop_loop_item' ); ?>
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* woocommerce_after_shop_loop_item hook
|
||||||
|
*
|
||||||
|
* @hooked woocommerce_template_loop_add_to_cart - 10
|
||||||
|
*/
|
||||||
|
do_action( 'woocommerce_after_shop_loop_item' );
|
||||||
|
|
||||||
|
?>
|
||||||
|
|
||||||
</li>
|
</li>
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
*
|
*
|
||||||
* @author WooThemes
|
* @author WooThemes
|
||||||
* @package WooCommerce/Templates
|
* @package WooCommerce/Templates
|
||||||
* @version 2.1.0
|
* @version 2.2.6
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if ( ! defined( 'ABSPATH' ) ) {
|
if ( ! defined( 'ABSPATH' ) ) {
|
||||||
|
@ -99,7 +99,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
||||||
<?php do_action( 'register_form' ); ?>
|
<?php do_action( 'register_form' ); ?>
|
||||||
|
|
||||||
<p class="form-row">
|
<p class="form-row">
|
||||||
<?php wp_nonce_field( 'woocommerce-register', 'register' ); ?>
|
<?php wp_nonce_field( 'woocommerce-register' ); ?>
|
||||||
<input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" />
|
<input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" />
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
|
|
|
@ -385,7 +385,7 @@ final class WooCommerce {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Email Actions
|
// Email Actions
|
||||||
$email_actions = array(
|
$email_actions = apply_filters( 'woocommerce_email_actions', array(
|
||||||
'woocommerce_low_stock',
|
'woocommerce_low_stock',
|
||||||
'woocommerce_no_stock',
|
'woocommerce_no_stock',
|
||||||
'woocommerce_product_on_backorder',
|
'woocommerce_product_on_backorder',
|
||||||
|
@ -398,7 +398,7 @@ final class WooCommerce {
|
||||||
'woocommerce_order_status_completed',
|
'woocommerce_order_status_completed',
|
||||||
'woocommerce_new_customer_note',
|
'woocommerce_new_customer_note',
|
||||||
'woocommerce_created_customer'
|
'woocommerce_created_customer'
|
||||||
);
|
) );
|
||||||
|
|
||||||
foreach ( $email_actions as $action ) {
|
foreach ( $email_actions as $action ) {
|
||||||
add_action( $action, array( $this, 'send_transactional_email' ), 10, 10 );
|
add_action( $action, array( $this, 'send_transactional_email' ), 10, 10 );
|
||||||
|
|
Loading…
Reference in New Issue