diff --git a/assets/js/admin/backbone-modal.js b/assets/js/admin/backbone-modal.js index ea5fe16baaf..7aa02f8a90f 100644 --- a/assets/js/admin/backbone-modal.js +++ b/assets/js/admin/backbone-modal.js @@ -79,7 +79,7 @@ render: function() { var template = wp.template( this._target ); - this.$el.attr( 'tabindex' , '0' ).append( + this.$el.append( template( this._string ) ); @@ -88,7 +88,8 @@ }).append( this.$el ); this.resizeContent(); - this.$el.focus(); + this.$( '.wc-backbone-modal-content' ).attr( 'tabindex' , '0' ).focus(); + $( document.body ).trigger( 'init_tooltips' ); $( document.body ).trigger( 'wc_backbone_modal_loaded', this._target ); diff --git a/includes/class-wc-cache-helper.php b/includes/class-wc-cache-helper.php index fb72f26b035..428be13601a 100644 --- a/includes/class-wc-cache-helper.php +++ b/includes/class-wc-cache-helper.php @@ -21,6 +21,7 @@ class WC_Cache_Helper { public static function init() { add_action( 'template_redirect', array( __CLASS__, 'geolocation_ajax_redirect' ) ); add_action( 'wp', array( __CLASS__, 'prevent_caching' ) ); + add_filter( 'nocache_headers', array( __CLASS__, 'set_nocache_constants' ) ); add_action( 'admin_notices', array( __CLASS__, 'notices' ) ); add_action( 'delete_version_transients', array( __CLASS__, 'delete_version_transients' ) ); } @@ -157,16 +158,20 @@ class WC_Cache_Helper { } $page_ids = array_filter( array( wc_get_page_id( 'cart' ), wc_get_page_id( 'checkout' ), wc_get_page_id( 'myaccount' ) ) ); - if ( isset( $_GET['download_file'] ) || is_page( $page_ids ) ) { - self::nocache(); + if ( isset( $_GET['download_file'] ) || isset( $_GET['add-to-cart'] ) || is_page( $page_ids ) ) { + nocache_headers(); } } /** - * Set nocache constants and headers. - * @access private + * Set constants to prevent caching by some plugins. + * + * Hooked into nocache_headers filter but does not change headers. + * + * @param array $value + * @return array */ - private static function nocache() { + public static function set_nocache_constants( $value ) { if ( ! defined( 'DONOTCACHEPAGE' ) ) { define( "DONOTCACHEPAGE", true ); } @@ -176,7 +181,7 @@ class WC_Cache_Helper { if ( ! defined( 'DONOTCACHEDB' ) ) { define( "DONOTCACHEDB", true ); } - nocache_headers(); + return $value; } /** diff --git a/includes/class-wc-form-handler.php b/includes/class-wc-form-handler.php index 25c7f750764..84235e9917e 100644 --- a/includes/class-wc-form-handler.php +++ b/includes/class-wc-form-handler.php @@ -67,6 +67,8 @@ class WC_Form_Handler { return; } + nocache_headers(); + $user_id = get_current_user_id(); if ( $user_id <= 0 ) { @@ -179,6 +181,8 @@ class WC_Form_Handler { return; } + nocache_headers(); + $errors = new WP_Error(); $user = new stdClass(); @@ -274,6 +278,7 @@ class WC_Form_Handler { */ public static function checkout_action() { if ( isset( $_POST['woocommerce_checkout_place_order'] ) || isset( $_POST['woocommerce_checkout_update_totals'] ) ) { + nocache_headers(); if ( WC()->cart->is_empty() ) { wp_redirect( wc_get_page_permalink( 'cart' ) ); @@ -295,7 +300,7 @@ class WC_Form_Handler { global $wp; if ( isset( $_POST['woocommerce_pay'] ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-pay' ) ) { - + nocache_headers(); ob_start(); // Pay for existing order @@ -374,7 +379,7 @@ class WC_Form_Handler { */ public static function add_payment_method_action() { if ( isset( $_POST['woocommerce_add_payment_method'], $_POST['payment_method'], $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-add-payment-method' ) ) { - + nocache_headers(); ob_start(); $payment_method = wc_clean( $_POST['payment_method'] ); @@ -404,6 +409,7 @@ class WC_Form_Handler { global $wp; if ( isset( $wp->query_vars['delete-payment-method'] ) ) { + nocache_headers(); $token_id = absint( $wp->query_vars['delete-payment-method'] ); $token = WC_Payment_Tokens::get( $token_id ); @@ -428,6 +434,7 @@ class WC_Form_Handler { global $wp; if ( isset( $wp->query_vars['set-default-payment-method'] ) ) { + nocache_headers(); $token_id = absint( $wp->query_vars['set-default-payment-method'] ); $token = WC_Payment_Tokens::get( $token_id ); @@ -449,20 +456,19 @@ class WC_Form_Handler { * Remove from cart/update. */ public static function update_cart_action() { + if ( ! ( isset( $_REQUEST['apply_coupon'] ) || isset( $_REQUEST['remove_coupon'] ) || isset( $_REQUEST['remove_item'] ) || isset( $_REQUEST['undo_item'] ) || isset( $_REQUEST['update_cart'] ) || isset( $_REQUEST['proceed'] ) ) ) { + return; + } + + nocache_headers(); if ( ! empty( $_POST['apply_coupon'] ) && ! empty( $_POST['coupon_code'] ) ) { - - // Add Discount WC()->cart->add_discount( sanitize_text_field( $_POST['coupon_code'] ) ); } elseif ( isset( $_GET['remove_coupon'] ) ) { - - // Remove Coupon Codes WC()->cart->remove_coupon( wc_clean( $_GET['remove_coupon'] ) ); - } elseif ( ! empty( $_GET['remove_item'] ) && isset( $_GET['_wpnonce'] ) && wp_verify_nonce( $_GET['_wpnonce'], 'woocommerce-cart' ) ) { - - // Remove from cart + } elseif ( ! empty( $_GET['remove_item'] ) && wp_verify_nonce( wc_get_var( $_REQUEST['_wpnonce'] ), 'woocommerce-cart' ) ) { $cart_item_key = sanitize_text_field( $_GET['remove_item'] ); if ( $cart_item = WC()->cart->get_cart_item( $cart_item_key ) ) { @@ -501,7 +507,7 @@ class WC_Form_Handler { } // Update Cart - checks apply_coupon too because they are in the same form - if ( ( ! empty( $_POST['apply_coupon'] ) || ! empty( $_POST['update_cart'] ) || ! empty( $_POST['proceed'] ) ) && isset( $_POST['_wpnonce'] ) && wp_verify_nonce( $_POST['_wpnonce'], 'woocommerce-cart' ) ) { + if ( ( ! empty( $_POST['apply_coupon'] ) || ! empty( $_POST['update_cart'] ) || ! empty( $_POST['proceed'] ) ) && wp_verify_nonce( wc_get_var( $_POST['_wpnonce'] ), 'woocommerce-cart' ) ) { $cart_updated = false; $cart_totals = isset( $_POST['cart'] ) ? $_POST['cart'] : ''; @@ -563,12 +569,13 @@ class WC_Form_Handler { * Place a previous order again. */ public static function order_again() { - // Nothing to do if ( ! isset( $_GET['order_again'] ) || ! is_user_logged_in() || ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], 'woocommerce-order_again' ) ) { return; } + nocache_headers(); + if ( apply_filters( 'woocommerce_empty_cart_when_order_again', true ) ) { WC()->cart->empty_cart(); } @@ -648,6 +655,7 @@ class WC_Form_Handler { */ public static function cancel_order() { if ( isset( $_GET['cancel_order'] ) && isset( $_GET['order'] ) && isset( $_GET['order_id'] ) ) { + nocache_headers(); $order_key = $_GET['order']; $order_id = absint( $_GET['order_id'] ); @@ -694,6 +702,8 @@ class WC_Form_Handler { return; } + nocache_headers(); + $product_id = apply_filters( 'woocommerce_add_to_cart_product_id', absint( $_REQUEST['add-to-cart'] ) ); $was_added_to_cart = false; $adding_to_cart = wc_get_product( $product_id ); diff --git a/includes/wc-core-functions.php b/includes/wc-core-functions.php index e0b52734630..3221f27da39 100644 --- a/includes/wc-core-functions.php +++ b/includes/wc-core-functions.php @@ -1690,5 +1690,17 @@ function wc_make_phone_clickable( $phone ) { * @return mixed value sanitized by wc_clean */ function wc_get_post_data_by_key( $key, $default = '' ) { - return wc_clean( isset( $_POST[ $key ] ) ? $_POST[ $key ] : $default ); + return wc_clean( wc_get_var( $_POST[ $key ], $default ) ); +} + +/** + * Get data if set, otherwise return a default value or null. Prevents notices when data is not set. + * + * @since 3.2.0 + * @param mixed $var + * @param string $default + * @return mixed value sanitized by wc_clean + */ +function wc_get_var( &$var, $default = null ) { + return isset( $var ) ? $var : $default; }