Merge remote-tracking branch 'origin/master'

# Conflicts: # includes/class-wc-cache-helper.php
2017-08-07 17:11:26 +01:00 · 2017-08-07 17:11:26 +01:00 · 299fcc327c
parent e4fd620214 f7ef7588b9
commit 299fcc327c
4 changed files with 48 additions and 20 deletions
--- a/assets/js/admin/backbone-modal.js
+++ b/assets/js/admin/backbone-modal.js
@ -79,7 +79,7 @@
 		render: function() {
 			var template = wp.template( this._target );

-			this.$el.attr( 'tabindex' , '0' ).append(
+			this.$el.append(
 				template( this._string )
 			);

@ -88,7 +88,8 @@
 			}).append( this.$el );

 			this.resizeContent();
-			this.$el.focus();
+			this.$( '.wc-backbone-modal-content' ).attr( 'tabindex' , '0' ).focus();
+
 			$( document.body ).trigger( 'init_tooltips' );

 			$( document.body ).trigger( 'wc_backbone_modal_loaded', this._target );
--- a/includes/class-wc-cache-helper.php
+++ b/includes/class-wc-cache-helper.php
@ -21,6 +21,7 @@ class WC_Cache_Helper {
 	public static function init() {
 		add_action( 'template_redirect', array( __CLASS__, 'geolocation_ajax_redirect' ) );
 		add_action( 'wp', array( __CLASS__, 'prevent_caching' ) );
+		add_filter( 'nocache_headers', array( __CLASS__, 'set_nocache_constants' ) );
 		add_action( 'admin_notices', array( __CLASS__, 'notices' ) );
 		add_action( 'delete_version_transients', array( __CLASS__, 'delete_version_transients' ) );
 	}
@ -157,16 +158,20 @@ class WC_Cache_Helper {
 		}
 		$page_ids = array_filter( array( wc_get_page_id( 'cart' ), wc_get_page_id( 'checkout' ), wc_get_page_id( 'myaccount' ) ) );

-		if ( isset( $_GET['download_file'] ) || is_page( $page_ids ) ) {
-			self::nocache();
+		if ( isset( $_GET['download_file'] ) || isset( $_GET['add-to-cart'] ) || is_page( $page_ids ) ) {
+			nocache_headers();
 		}
 	}

 	/**
-	 * Set nocache constants and headers.
-	 * @access private
+	 * Set constants to prevent caching by some plugins.
+	 *
+	 * Hooked into nocache_headers filter but does not change headers.
+	 *
+	 * @param  array $value
+	 * @return array
 	 */
-	private static function nocache() {
+	public static function set_nocache_constants( $value ) {
 		if ( ! defined( 'DONOTCACHEPAGE' ) ) {
 			define( "DONOTCACHEPAGE", true );
 		}
@ -176,7 +181,7 @@ class WC_Cache_Helper {
 		if ( ! defined( 'DONOTCACHEDB' ) ) {
 			define( "DONOTCACHEDB", true );
 		}
-		nocache_headers();
+		return $value;
 	}

 	/**
--- a/includes/class-wc-form-handler.php
+++ b/includes/class-wc-form-handler.php
@ -67,6 +67,8 @@ class WC_Form_Handler {
 			return;
 		}

+		nocache_headers();
+
 		$user_id = get_current_user_id();

 		if ( $user_id <= 0 ) {
@ -179,6 +181,8 @@ class WC_Form_Handler {
 			return;
 		}

+		nocache_headers();
+
 		$errors       = new WP_Error();
 		$user         = new stdClass();

@ -274,6 +278,7 @@ class WC_Form_Handler {
 	 */
 	public static function checkout_action() {
 		if ( isset( $_POST['woocommerce_checkout_place_order'] ) || isset( $_POST['woocommerce_checkout_update_totals'] ) ) {
+			nocache_headers();

 			if ( WC()->cart->is_empty() ) {
 				wp_redirect( wc_get_page_permalink( 'cart' ) );
@ -295,7 +300,7 @@ class WC_Form_Handler {
 		global $wp;

 		if ( isset( $_POST['woocommerce_pay'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-pay' ) ) {
-
+			nocache_headers();
 			ob_start();

 			// Pay for existing order
@ -374,7 +379,7 @@ class WC_Form_Handler {
 	 */
 	public static function add_payment_method_action() {
 		if ( isset( $_POST['woocommerce_add_payment_method'], $_POST['payment_method'], $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-add-payment-method' ) ) {
-
+			nocache_headers();
 			ob_start();

 			$payment_method = wc_clean( $_POST['payment_method'] );
@ -404,6 +409,7 @@ class WC_Form_Handler {
 		global $wp;

 		if ( isset( $wp->query_vars['delete-payment-method'] ) ) {
+			nocache_headers();

 			$token_id = absint( $wp->query_vars['delete-payment-method'] );
 			$token    = WC_Payment_Tokens::get( $token_id );
@ -428,6 +434,7 @@ class WC_Form_Handler {
 		global $wp;

 		if ( isset( $wp->query_vars['set-default-payment-method'] ) ) {
+			nocache_headers();

 			$token_id = absint( $wp->query_vars['set-default-payment-method'] );
 			$token    = WC_Payment_Tokens::get( $token_id );
@ -449,20 +456,19 @@ class WC_Form_Handler {
 	 * Remove from cart/update.
 	 */
 	public static function update_cart_action() {
+		if ( ! ( isset( $_REQUEST['apply_coupon'] ) || isset( $_REQUEST['remove_coupon'] ) || isset( $_REQUEST['remove_item'] ) || isset( $_REQUEST['undo_item'] ) || isset( $_REQUEST['update_cart'] ) || isset( $_REQUEST['proceed'] ) ) ) {
+			return;
+		}
+
+		nocache_headers();

 		if ( ! empty( $_POST['apply_coupon'] ) && ! empty( $_POST['coupon_code'] ) ) {
-
-			// Add Discount
 			WC()->cart->add_discount( sanitize_text_field( $_POST['coupon_code'] ) );

 		} elseif ( isset( $_GET['remove_coupon'] ) ) {
-
-			// Remove Coupon Codes
 			WC()->cart->remove_coupon( wc_clean( $_GET['remove_coupon'] ) );

-		} elseif ( ! empty( $_GET['remove_item'] ) && isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], 'woocommerce-cart' ) ) {
-
-			// Remove from cart
+		} elseif ( ! empty( $_GET['remove_item'] ) && wp_verify_nonce( wc_get_var( $_REQUEST['_wpnonce'] ), 'woocommerce-cart' ) ) {
 			$cart_item_key = sanitize_text_field( $_GET['remove_item'] );

 			if ( $cart_item = WC()->cart->get_cart_item( $cart_item_key ) ) {
@ -501,7 +507,7 @@ class WC_Form_Handler {
 		}

 		// Update Cart - checks apply_coupon too because they are in the same form
-		if ( ( ! empty( $_POST['apply_coupon'] ) || ! empty( $_POST['update_cart'] ) || ! empty( $_POST['proceed'] ) ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-cart' ) ) {
+		if ( ( ! empty( $_POST['apply_coupon'] ) || ! empty( $_POST['update_cart'] ) || ! empty( $_POST['proceed'] ) ) && wp_verify_nonce( wc_get_var( $_POST['_wpnonce'] ), 'woocommerce-cart' ) ) {

 			$cart_updated = false;
 			$cart_totals  = isset( $_POST['cart'] ) ? $_POST['cart'] : '';
@ -563,12 +569,13 @@ class WC_Form_Handler {
 	 * Place a previous order again.
 	 */
 	public static function order_again() {
-
 		// Nothing to do
 		if ( ! isset( $_GET['order_again'] ) || ! is_user_logged_in() || ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], 'woocommerce-order_again' ) ) {
 			return;
 		}

+		nocache_headers();
+
 		if ( apply_filters( 'woocommerce_empty_cart_when_order_again', true ) ) {
 			WC()->cart->empty_cart();
 		}
@ -648,6 +655,7 @@ class WC_Form_Handler {
 	 */
 	public static function cancel_order() {
 		if ( isset( $_GET['cancel_order'] ) && isset( $_GET['order'] ) && isset( $_GET['order_id'] ) ) {
+			nocache_headers();

 			$order_key        = $_GET['order'];
 			$order_id         = absint( $_GET['order_id'] );
@ -694,6 +702,8 @@ class WC_Form_Handler {
 			return;
 		}

+		nocache_headers();
+
 		$product_id          = apply_filters( 'woocommerce_add_to_cart_product_id', absint( $_REQUEST['add-to-cart'] ) );
 		$was_added_to_cart   = false;
 		$adding_to_cart      = wc_get_product( $product_id );
--- a/includes/wc-core-functions.php
+++ b/includes/wc-core-functions.php
@ -1690,5 +1690,17 @@ function wc_make_phone_clickable( $phone ) {
 * @return mixed value sanitized by wc_clean
 */
 function wc_get_post_data_by_key( $key, $default = '' ) {
-	return wc_clean( isset( $_POST[ $key ] ) ? $_POST[ $key ] : $default );
+	return wc_clean( wc_get_var( $_POST[ $key ], $default ) );
+}
+
+/**
+ * Get data if set, otherwise return a default value or null. Prevents notices when data is not set.
+ *
+ * @since  3.2.0
+ * @param  mixed $var
+ * @param  string $default
+ * @return mixed value sanitized by wc_clean
+ */
+function wc_get_var( &$var, $default = null ) {
+	return isset( $var ) ? $var : $default;
 }