Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:woothemes/woocommerce

This commit is contained in:
Barry Kooij 2014-10-21 15:09:52 +02:00
parent e122cf482a 42820ea88d
commit 153664d1f1
10 changed files with 209 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
includes/class-wc-checkout.php
View File

@ -330,7 +330,9 @@ class WC_Checkout {
* @return void * @return void
*/ */
public function process_checkout() { public function process_checkout() {
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-process_checkout' ); if ( ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-process_checkout' ) ) {
return;
}
if ( ! defined( 'WOOCOMMERCE_CHECKOUT' ) ) if ( ! defined( 'WOOCOMMERCE_CHECKOUT' ) )
define( 'WOOCOMMERCE_CHECKOUT', true ); define( 'WOOCOMMERCE_CHECKOUT', true );

23
includes/class-wc-form-handler.php
View File

@ -48,7 +48,9 @@ class WC_Form_Handler {
return; return;
} }
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-edit_address' ); if ( ! wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-edit_address' ) ) {
return;
}
$user_id = get_current_user_id(); $user_id = get_current_user_id();
@ -143,12 +145,10 @@ class WC_Form_Handler {
return; return;
} }
if ( empty( $_POST[ 'action' ] ) || ( 'save_account_details' !== $_POST[ 'action' ] ) || empty( $_POST['_wpnonce'] ) ) { if ( empty( $_POST[ 'action' ] ) || ( 'save_account_details' !== $_POST[ 'action' ] ) || empty( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'save_account_details' ) ) {
return; return;
} }
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-save_account_details' );
$update = true; $update = true;
$errors = new WP_Error(); $errors = new WP_Error();
$user = new stdClass(); $user = new stdClass();
@ -733,9 +733,7 @@ class WC_Form_Handler {
* Process the login form. * Process the login form.
*/ */
public static function process_login() { public static function process_login() {
if ( ! empty( $_POST['login'] ) && ! empty( $_POST['_wpnonce'] ) ) { if ( ! empty( $_POST['login'] ) && ! empty( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-login' ) ) {
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-login' );
try { try {
$creds = array(); $creds = array();
@ -809,14 +807,13 @@ class WC_Form_Handler {
} }
// process lost password form // process lost password form
if ( isset( $_POST['user_login'] ) && isset( $_POST['_wpnonce'] ) ) { if ( isset( $_POST['user_login'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'lost_password' ) ) {
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-lost_password' );
WC_Shortcode_My_Account::retrieve_password(); WC_Shortcode_My_Account::retrieve_password();
} }
// process reset password form // process reset password form
if ( isset( $_POST['password_1'] ) && isset( $_POST['password_2'] ) && isset( $_POST['reset_key'] ) && isset( $_POST['reset_login'] ) && isset( $_POST['_wpnonce'] ) ) { if ( isset( $_POST['password_1'] ) && isset( $_POST['password_2'] ) && isset( $_POST['reset_key'] ) && isset( $_POST['reset_login'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'reset_password' ) ) {
// verify reset key again // verify reset key again
$user = WC_Shortcode_My_Account::check_password_reset_key( $_POST['reset_key'], $_POST['reset_login'] ); $user = WC_Shortcode_My_Account::check_password_reset_key( $_POST['reset_key'], $_POST['reset_login'] );
@ -827,8 +824,6 @@ class WC_Form_Handler {
$args['key'] = wc_clean( $_POST['reset_key'] ); $args['key'] = wc_clean( $_POST['reset_key'] );
$args['login'] = wc_clean( $_POST['reset_login'] ); $args['login'] = wc_clean( $_POST['reset_login'] );
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-reset_password' );
if ( empty( $_POST['password_1'] ) || empty( $_POST['password_2'] ) ) { if ( empty( $_POST['password_1'] ) || empty( $_POST['password_2'] ) ) {
wc_add_notice( __( 'Please enter your password.', 'woocommerce' ), 'error' ); wc_add_notice( __( 'Please enter your password.', 'woocommerce' ), 'error' );
$args['form'] = 'reset_password'; $args['form'] = 'reset_password';
@ -865,9 +860,7 @@ class WC_Form_Handler {
* Process the registration form. * Process the registration form.
*/ */
public static function process_registration() { public static function process_registration() {
if ( ! empty( $_POST['register'] ) ) { if ( ! empty( $_POST['register'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-register' ) ) {
wp_verify_nonce( $_POST['register'], 'woocommerce-register' );
if ( 'no' === get_option( 'woocommerce_registration_generate_username' ) ) { if ( 'no' === get_option( 'woocommerce_registration_generate_username' ) ) {
$_username = $_POST['username']; $_username = $_POST['username'];

21
includes/class-wc-product-variation.php
View File

@ -276,6 +276,27 @@ class WC_Product_Variation extends WC_Product {
return $this->variation_data; return $this->variation_data;
} }
/**
* Check if all variation's attributes are set
*
* @return boolean
*/
public function has_all_attributes_set() {
$set = true;
// undefined attributes have null strings as array values
foreach( $this->get_variation_attributes() as $att ){
if( ! $att ){
$set = false;
break;
}
}
return $set;
}
/** /**
* Get variation price HTML. Prices are not inherited from parents. * Get variation price HTML. Prices are not inherited from parents.
* *

6
includes/gateways/bacs/class-wc-gateway-bacs.php
View File

@ -127,9 +127,9 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
echo '<tr class="account"> echo '<tr class="account">
<td class="sort"></td> <td class="sort"></td>
<td><input type="text" value="' . esc_attr( $account['account_name'] ) . '" name="bacs_account_name[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( wp_unslash( $account['account_name'] ) ) . '" name="bacs_account_name[' . $i . ']" /></td>
<td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( $account['account_number'] ) . '" name="bacs_account_number[' . $i . ']" /></td>
<td><input type="text" value="' . esc_attr( $account['bank_name'] ) . '" name="bacs_bank_name[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( wp_unslash( $account['bank_name'] ) ) . '" name="bacs_bank_name[' . $i . ']" /></td>
<td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( $account['sort_code'] ) . '" name="bacs_sort_code[' . $i . ']" /></td>
<td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( $account['iban'] ) . '" name="bacs_iban[' . $i . ']" /></td>
<td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . $i . ']" /></td> <td><input type="text" value="' . esc_attr( $account['bic'] ) . '" name="bacs_bic[' . $i . ']" /></td>
@ -249,7 +249,7 @@ class WC_Gateway_BACS extends WC_Payment_Gateway {
$bacs_account = (object) $bacs_account; $bacs_account = (object) $bacs_account;
if ( $bacs_account->account_name || $bacs_account->bank_name ) { if ( $bacs_account->account_name || $bacs_account->bank_name ) {
echo '<h3>' . implode( ' - ', array_filter( array( $bacs_account->account_name, $bacs_account->bank_name ) ) ) . '</h3>' . PHP_EOL; echo '<h3>' . wp_unslash( implode( ' - ', array_filter( array( $bacs_account->account_name, $bacs_account->bank_name ) ) ) ) . '</h3>' . PHP_EOL;
} }
echo '<ul class="order_details bacs_details">' . PHP_EOL; echo '<ul class="order_details bacs_details">' . PHP_EOL;

4
includes/shortcodes/class-wc-shortcode-order-tracking.php
View File

@ -41,9 +41,7 @@ class WC_Shortcode_Order_Tracking {
global $post; global $post;
if ( ! empty( $_REQUEST['orderid'] ) ) { if ( ! empty( $_REQUEST['orderid'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-order_tracking' ) ) {
wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-order_tracking' );
$order_id = empty( $_REQUEST['orderid'] ) ? 0 : esc_attr( $_REQUEST['orderid'] ); $order_id = empty( $_REQUEST['orderid'] ) ? 0 : esc_attr( $_REQUEST['orderid'] );
$order_email = empty( $_REQUEST['order_email'] ) ? '' : esc_attr( $_REQUEST['order_email']) ; $order_email = empty( $_REQUEST['order_email'] ) ? '' : esc_attr( $_REQUEST['order_email']) ;

12
includes/wc-formatting-functions.php
View File

@ -589,3 +589,15 @@ function wc_format_phone_number( $tel ) {
$tel = str_replace( '.', '-', $tel ); $tel = str_replace( '.', '-', $tel );
return $tel; return $tel;
} }
/**
* Make a string lowercase.
* Try to use mb_strtolower() when available.
*
* @since 2.3
* @param string $string
* @return string
*/
function wc_strtolower( $string ) {
return function_exists( 'mb_strtolower' ) ? mb_strtolower( $string ) : strtolower( $string );
}

2
includes/wc-order-functions.php
View File

@ -56,7 +56,7 @@ function wc_get_order_status_name( $status ) {
$status = 'wc-' === substr( $status, 0, 3 ) ? substr( $status, 3 ) : $status; $status = 'wc-' === substr( $status, 0, 3 ) ? substr( $status, 3 ) : $status;
$status = isset( $statuses[ 'wc-' . $status ] ) ? $statuses[ 'wc-' . $status ] : $status; $status = isset( $statuses[ 'wc-' . $status ] ) ? $statuses[ 'wc-' . $status ] : $status;
return function_exists( 'mb_strtolower' ) ? mb_strtolower( $status ) : strtolower( $status ); return wc_strtolower( $status );
} }
/** /**

11
templates/content-product.php
View File

@ -67,6 +67,15 @@ if ( 0 == $woocommerce_loop['loop'] % $woocommerce_loop['columns'] )
</a> </a>
<?php do_action( 'woocommerce_after_shop_loop_item' ); ?> <?php
/**
* woocommerce_after_shop_loop_item hook
*
* @hooked woocommerce_template_loop_add_to_cart - 10
*/
do_action( 'woocommerce_after_shop_loop_item' );
?>
</li> </li>

4
templates/myaccount/form-login.php
View File

@ -4,7 +4,7 @@
* *
* @author WooThemes * @author WooThemes
* @package WooCommerce/Templates * @package WooCommerce/Templates
* @version 2.1.0 * @version 2.2.6
*/ */
if ( ! defined( 'ABSPATH' ) ) { if ( ! defined( 'ABSPATH' ) ) {
@ -99,7 +99,7 @@ if ( ! defined( 'ABSPATH' ) ) {
<?php do_action( 'register_form' ); ?> <?php do_action( 'register_form' ); ?>
<p class="form-row"> <p class="form-row">
<?php wp_nonce_field( 'woocommerce-register', 'register' ); ?> <?php wp_nonce_field( 'woocommerce-register' ); ?>
<input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" /> <input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" />
</p> </p>

4
woocommerce.php
View File

@ -385,7 +385,7 @@ final class WooCommerce {
} }
// Email Actions // Email Actions
$email_actions = array( $email_actions = apply_filters( 'woocommerce_email_actions', array(
'woocommerce_low_stock', 'woocommerce_low_stock',
'woocommerce_no_stock', 'woocommerce_no_stock',
'woocommerce_product_on_backorder', 'woocommerce_product_on_backorder',
@ -398,7 +398,7 @@ final class WooCommerce {
'woocommerce_order_status_completed', 'woocommerce_order_status_completed',
'woocommerce_new_customer_note', 'woocommerce_new_customer_note',
'woocommerce_created_customer' 'woocommerce_created_customer'
); ) );
foreach ( $email_actions as $action ) { foreach ( $email_actions as $action ) {
add_action( $action, array( $this, 'send_transactional_email' ), 10, 10 ); add_action( $action, array( $this, 'send_transactional_email' ), 10, 10 );