Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Put order on-hold which fail email address validation, rather than reject IPN completely. Closes #2653.

This commit is contained in:
Mike Jolley 2013-03-10 13:51:59 +00:00
parent afc6a55a45
commit 2cb9363c22
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
classes/gateways/paypal/class-wc-gateway-paypal.php
View File

@ -504,13 +504,6 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
// Get recieved values from post data
$received_values = (array) stripslashes_deep( $_POST );
// Check email address to make sure that IPN response is not a spoof
if ( strcasecmp( trim( $received_values['receiver_email'] ), trim( $this->email ) ) != 0 ) {
if ( 'yes' == $this->debug )
$this->log->add( 'paypal', "IPN Response is for another one: {$received_values['receiver_email']} our email is {$this->email}" );
return false;
}
// Add cmd to the post array
$received_values['cmd'] = '_notify-validate';
@ -636,6 +629,17 @@ class WC_Gateway_Paypal extends WC_Payment_Gateway {
exit;
}
// Validate Email Address
if ( strcasecmp( trim( $posted['receiver_email'] ), trim( $this->email ) ) != 0 ) {
if ( 'yes' == $this->debug )
$this->log->add( 'paypal', "IPN Response is for another one: {$posted['receiver_email']} our email is {$this->email}" );
// Put this order on-hold for manual checking
$order->update_status( 'on-hold', sprintf( __( 'Validation error: PayPal IPN response from a different email address (%s).', 'woocommerce' ), $posted['receiver_email'] ) );
exit;
}
// Store PP Details
if ( ! empty( $posted['payer_email'] ) )
update_post_meta( $order_id, 'Payer PayPal address', $posted['payer_email'] );

1
readme.txt
View File

@ -173,6 +173,7 @@ Yes you can! Join in on our [GitHub repository](http://github.com/woothemes/wooc
* Tweak - woocommerce_valid_order_statuses_for_payment and woocommerce_valid_order_statuses_for_cancel hooks for pay pages/my account.
* Tweak - WC_START in checkout json requests to prevent notices breaking checkout.
* Tweak - Add filters to product images and thumbnails.
* Tweak - IPN email mismatch puts order on-hold.
* Fix - Samoa -> Western Samoa
* Fix - Re-applied image setting tooltips
* Fix - Post code ranges (taxes) on insert.