From 7e304fd4f9ba7686cb9eb71c81722f5963c06acd Mon Sep 17 00:00:00 2001 From: Mike Jolley Date: Thu, 23 Apr 2015 16:45:47 +0100 Subject: [PATCH] [2.3][api] Prevent variable overwrite in save_product_meta Closes #8011 --- includes/api/class-wc-api-products.php | 162 ++++++++++++------------- 1 file changed, 81 insertions(+), 81 deletions(-) diff --git a/includes/api/class-wc-api-products.php b/includes/api/class-wc-api-products.php index 6b6a62159a6..036ded6425a 100644 --- a/includes/api/class-wc-api-products.php +++ b/includes/api/class-wc-api-products.php @@ -681,20 +681,20 @@ class WC_API_Products extends WC_API_Resource { * Save product meta * * @since 2.2 - * @param int $id + * @param int $product_id * @param array $data * @return bool */ - protected function save_product_meta( $id, $data ) { + protected function save_product_meta( $product_id, $data ) { global $wpdb; // Product Type $product_type = null; if ( isset( $data['type'] ) ) { $product_type = wc_clean( $data['type'] ); - wp_set_object_terms( $id, $product_type, 'product_type' ); + wp_set_object_terms( $product_id, $product_type, 'product_type' ); } else { - $_product_type = get_the_terms( $id, 'product_type' ); + $_product_type = get_the_terms( $product_id, 'product_type' ); if ( is_array( $_product_type ) ) { $_product_type = current( $_product_type ); $product_type = $_product_type->slug; @@ -703,54 +703,54 @@ class WC_API_Products extends WC_API_Resource { // Virtual if ( isset( $data['virtual'] ) ) { - update_post_meta( $id, '_virtual', ( true === $data['virtual'] ) ? 'yes' : 'no' ); + update_post_meta( $product_id, '_virtual', ( true === $data['virtual'] ) ? 'yes' : 'no' ); } // Tax status if ( isset( $data['tax_status'] ) ) { - update_post_meta( $id, '_tax_status', wc_clean( $data['tax_status'] ) ); + update_post_meta( $product_id, '_tax_status', wc_clean( $data['tax_status'] ) ); } // Tax Class if ( isset( $data['tax_class'] ) ) { - update_post_meta( $id, '_tax_class', wc_clean( $data['tax_class'] ) ); + update_post_meta( $product_id, '_tax_class', wc_clean( $data['tax_class'] ) ); } // Catalog Visibility if ( isset( $data['catalog_visibility'] ) ) { - update_post_meta( $id, '_visibility', wc_clean( $data['catalog_visibility'] ) ); + update_post_meta( $product_id, '_visibility', wc_clean( $data['catalog_visibility'] ) ); } // Purchase Note if ( isset( $data['purchase_note'] ) ) { - update_post_meta( $id, '_purchase_note', wc_clean( $data['purchase_note'] ) ); + update_post_meta( $product_id, '_purchase_note', wc_clean( $data['purchase_note'] ) ); } // Featured Product if ( isset( $data['featured'] ) ) { - update_post_meta( $id, '_featured', ( true === $data['featured'] ) ? 'yes' : 'no' ); + update_post_meta( $product_id, '_featured', ( true === $data['featured'] ) ? 'yes' : 'no' ); } // Shipping data - $this->save_product_shipping_data( $id, $data ); + $this->save_product_shipping_data( $product_id, $data ); // SKU if ( isset( $data['sku'] ) ) { - $sku = get_post_meta( $id, '_sku', true ); + $sku = get_post_meta( $product_id, '_sku', true ); $new_sku = wc_clean( $data['sku'] ); if ( '' == $new_sku ) { - update_post_meta( $id, '_sku', '' ); + update_post_meta( $product_id, '_sku', '' ); } elseif ( $new_sku !== $sku ) { if ( ! empty( $new_sku ) ) { - $unique_sku = wc_product_has_unique_sku( $id, $new_sku ); + $unique_sku = wc_product_has_unique_sku( $product_id, $new_sku ); if ( ! $unique_sku ) { throw new WC_API_Exception( 'woocommerce_api_product_sku_already_exists', __( 'The SKU already exists on another product', 'woocommerce' ), 400 ); } else { - update_post_meta( $id, '_sku', $new_sku ); + update_post_meta( $product_id, '_sku', $new_sku ); } } else { - update_post_meta( $id, '_sku', '' ); + update_post_meta( $product_id, '_sku', '' ); } } } @@ -797,7 +797,7 @@ class WC_API_Products extends WC_API_Resource { // Update post terms if ( taxonomy_exists( $taxonomy ) ) { - wp_set_object_terms( $id, $values, $taxonomy ); + wp_set_object_terms( $product_id, $values, $taxonomy ); } if ( $values ) { @@ -845,82 +845,82 @@ class WC_API_Products extends WC_API_Resource { } uasort( $attributes, 'attributes_cmp' ); - update_post_meta( $id, '_product_attributes', $attributes ); + update_post_meta( $product_id, '_product_attributes', $attributes ); } // Sales and prices if ( in_array( $product_type, array( 'variable', 'grouped' ) ) ) { // Variable and grouped products have no prices - update_post_meta( $id, '_regular_price', '' ); - update_post_meta( $id, '_sale_price', '' ); - update_post_meta( $id, '_sale_price_dates_from', '' ); - update_post_meta( $id, '_sale_price_dates_to', '' ); - update_post_meta( $id, '_price', '' ); + update_post_meta( $product_id, '_regular_price', '' ); + update_post_meta( $product_id, '_sale_price', '' ); + update_post_meta( $product_id, '_sale_price_dates_from', '' ); + update_post_meta( $product_id, '_sale_price_dates_to', '' ); + update_post_meta( $product_id, '_price', '' ); } else { // Regular Price if ( isset( $data['regular_price'] ) ) { $regular_price = ( '' === $data['regular_price'] ) ? '' : wc_format_decimal( $data['regular_price'] ); - update_post_meta( $id, '_regular_price', $regular_price ); + update_post_meta( $product_id, '_regular_price', $regular_price ); } else { - $regular_price = get_post_meta( $id, '_regular_price', true ); + $regular_price = get_post_meta( $product_id, '_regular_price', true ); } // Sale Price if ( isset( $data['sale_price'] ) ) { $sale_price = ( '' === $data['sale_price'] ) ? '' : wc_format_decimal( $data['sale_price'] ); - update_post_meta( $id, '_sale_price', $sale_price ); + update_post_meta( $product_id, '_sale_price', $sale_price ); } else { - $sale_price = get_post_meta( $id, '_sale_price', true ); + $sale_price = get_post_meta( $product_id, '_sale_price', true ); } - $date_from = isset( $data['sale_price_dates_from'] ) ? $data['sale_price_dates_from'] : get_post_meta( $id, '_sale_price_dates_from', true ); - $date_to = isset( $data['sale_price_dates_to'] ) ? $data['sale_price_dates_to'] : get_post_meta( $id, '_sale_price_dates_to', true ); + $date_from = isset( $data['sale_price_dates_from'] ) ? $data['sale_price_dates_from'] : get_post_meta( $product_id, '_sale_price_dates_from', true ); + $date_to = isset( $data['sale_price_dates_to'] ) ? $data['sale_price_dates_to'] : get_post_meta( $product_id, '_sale_price_dates_to', true ); // Dates if ( $date_from ) { - update_post_meta( $id, '_sale_price_dates_from', strtotime( $date_from ) ); + update_post_meta( $product_id, '_sale_price_dates_from', strtotime( $date_from ) ); } else { - update_post_meta( $id, '_sale_price_dates_from', '' ); + update_post_meta( $product_id, '_sale_price_dates_from', '' ); } if ( $date_to ) { - update_post_meta( $id, '_sale_price_dates_to', strtotime( $date_to ) ); + update_post_meta( $product_id, '_sale_price_dates_to', strtotime( $date_to ) ); } else { - update_post_meta( $id, '_sale_price_dates_to', '' ); + update_post_meta( $product_id, '_sale_price_dates_to', '' ); } if ( $date_to && ! $date_from ) { - update_post_meta( $id, '_sale_price_dates_from', strtotime( 'NOW', current_time( 'timestamp' ) ) ); + update_post_meta( $product_id, '_sale_price_dates_from', strtotime( 'NOW', current_time( 'timestamp' ) ) ); } // Update price if on sale if ( '' !== $sale_price && '' == $date_to && '' == $date_from ) { - update_post_meta( $id, '_price', wc_format_decimal( $sale_price ) ); + update_post_meta( $product_id, '_price', wc_format_decimal( $sale_price ) ); } else { - update_post_meta( $id, '_price', $regular_price ); + update_post_meta( $product_id, '_price', $regular_price ); } if ( '' !== $sale_price && $date_from && strtotime( $date_from ) < strtotime( 'NOW', current_time( 'timestamp' ) ) ) { - update_post_meta( $id, '_price', wc_format_decimal( $sale_price ) ); + update_post_meta( $product_id, '_price', wc_format_decimal( $sale_price ) ); } if ( $date_to && strtotime( $date_to ) < strtotime( 'NOW', current_time( 'timestamp' ) ) ) { - update_post_meta( $id, '_price', $regular_price ); - update_post_meta( $id, '_sale_price_dates_from', '' ); - update_post_meta( $id, '_sale_price_dates_to', '' ); + update_post_meta( $product_id, '_price', $regular_price ); + update_post_meta( $product_id, '_sale_price_dates_from', '' ); + update_post_meta( $product_id, '_sale_price_dates_to', '' ); } } // Product parent ID for groups if ( isset( $data['parent_id'] ) ) { - wp_update_post( array( 'ID' => $id, 'post_parent' => absint( $data['parent_id'] ) ) ); + wp_update_post( array( 'ID' => $product_id, 'post_parent' => absint( $data['parent_id'] ) ) ); } // Update parent if grouped so price sorting works and stays in sync with the cheapest child - $_product = wc_get_product( $id ); + $_product = wc_get_product( $product_id ); if ( $_product->post->post_parent > 0 || $product_type == 'grouped' ) { $clear_parent_ids = array(); @@ -930,7 +930,7 @@ class WC_API_Products extends WC_API_Resource { } if ( $product_type == 'grouped' ) { - $clear_parent_ids[] = $id; + $clear_parent_ids[] = $product_id; } if ( $clear_parent_ids ) { @@ -958,14 +958,14 @@ class WC_API_Products extends WC_API_Resource { // Sold Individually if ( isset( $data['sold_individually'] ) ) { - update_post_meta( $id, '_sold_individually', ( true === $data['sold_individually'] ) ? 'yes' : '' ); + update_post_meta( $product_id, '_sold_individually', ( true === $data['sold_individually'] ) ? 'yes' : '' ); } // Stock status if ( isset( $data['in_stock'] ) ) { $stock_status = ( true === $data['in_stock'] ) ? 'instock' : 'outofstock'; } else { - $stock_status = get_post_meta( $id, '_stock_status', true ); + $stock_status = get_post_meta( $product_id, '_stock_status', true ); if ( '' === $stock_status ) { $stock_status = 'instock'; @@ -977,9 +977,9 @@ class WC_API_Products extends WC_API_Resource { // Manage stock if ( isset( $data['managing_stock'] ) ) { $managing_stock = ( true === $data['managing_stock'] ) ? 'yes' : 'no'; - update_post_meta( $id, '_manage_stock', $managing_stock ); + update_post_meta( $product_id, '_manage_stock', $managing_stock ); } else { - $managing_stock = get_post_meta( $id, '_manage_stock', true ); + $managing_stock = get_post_meta( $product_id, '_manage_stock', true ); } // Backorders @@ -990,48 +990,48 @@ class WC_API_Products extends WC_API_Resource { $backorders = ( true === $data['backorders'] ) ? 'yes' : 'no'; } - update_post_meta( $id, '_backorders', $backorders ); + update_post_meta( $product_id, '_backorders', $backorders ); } else { - $backorders = get_post_meta( $id, '_backorders', true ); + $backorders = get_post_meta( $product_id, '_backorders', true ); } if ( 'grouped' == $product_type ) { - update_post_meta( $id, '_manage_stock', 'no' ); - update_post_meta( $id, '_backorders', 'no' ); - update_post_meta( $id, '_stock', '' ); + update_post_meta( $product_id, '_manage_stock', 'no' ); + update_post_meta( $product_id, '_backorders', 'no' ); + update_post_meta( $product_id, '_stock', '' ); - wc_update_product_stock_status( $id, $stock_status ); + wc_update_product_stock_status( $product_id, $stock_status ); } elseif ( 'external' == $product_type ) { - update_post_meta( $id, '_manage_stock', 'no' ); - update_post_meta( $id, '_backorders', 'no' ); - update_post_meta( $id, '_stock', '' ); + update_post_meta( $product_id, '_manage_stock', 'no' ); + update_post_meta( $product_id, '_backorders', 'no' ); + update_post_meta( $product_id, '_stock', '' ); - wc_update_product_stock_status( $id, 'instock' ); + wc_update_product_stock_status( $product_id, 'instock' ); } elseif ( 'yes' == $managing_stock ) { - update_post_meta( $id, '_backorders', $backorders ); + update_post_meta( $product_id, '_backorders', $backorders ); - wc_update_product_stock_status( $id, $stock_status ); + wc_update_product_stock_status( $product_id, $stock_status ); // Stock quantity if ( isset( $data['stock_quantity'] ) ) { - wc_update_product_stock( $id, intval( $data['stock_quantity'] ) ); + wc_update_product_stock( $product_id, intval( $data['stock_quantity'] ) ); } } else { // Don't manage stock - update_post_meta( $id, '_manage_stock', 'no' ); - update_post_meta( $id, '_backorders', $backorders ); - update_post_meta( $id, '_stock', '' ); + update_post_meta( $product_id, '_manage_stock', 'no' ); + update_post_meta( $product_id, '_backorders', $backorders ); + update_post_meta( $product_id, '_stock', '' ); - wc_update_product_stock_status( $id, $stock_status ); + wc_update_product_stock_status( $product_id, $stock_status ); } } else { - wc_update_product_stock_status( $id, $stock_status ); + wc_update_product_stock_status( $product_id, $stock_status ); } // Upsells @@ -1046,9 +1046,9 @@ class WC_API_Products extends WC_API_Resource { } } - update_post_meta( $id, '_upsell_ids', $upsells ); + update_post_meta( $product_id, '_upsell_ids', $upsells ); } else { - delete_post_meta( $id, '_upsell_ids' ); + delete_post_meta( $product_id, '_upsell_ids' ); } } @@ -1064,30 +1064,30 @@ class WC_API_Products extends WC_API_Resource { } } - update_post_meta( $id, '_crosssell_ids', $crosssells ); + update_post_meta( $product_id, '_crosssell_ids', $crosssells ); } else { - delete_post_meta( $id, '_crosssell_ids' ); + delete_post_meta( $product_id, '_crosssell_ids' ); } } // Product categories if ( isset( $data['categories'] ) && is_array( $data['categories'] ) ) { $terms = array_map( 'wc_clean', $data['categories'] ); - wp_set_object_terms( $id, $terms, 'product_cat' ); + wp_set_object_terms( $product_id, $terms, 'product_cat' ); } // Product tags if ( isset( $data['tags'] ) && is_array( $data['tags'] ) ) { $terms = array_map( 'wc_clean', $data['tags'] ); - wp_set_object_terms( $id, $terms, 'product_tag' ); + wp_set_object_terms( $product_id, $terms, 'product_tag' ); } // Downloadable if ( isset( $data['downloadable'] ) ) { $is_downloadable = ( true === $data['downloadable'] ) ? 'yes' : 'no'; - update_post_meta( $id, '_downloadable', $is_downloadable ); + update_post_meta( $product_id, '_downloadable', $is_downloadable ); } else { - $is_downloadable = get_post_meta( $id, '_downloadable', true ); + $is_downloadable = get_post_meta( $product_id, '_downloadable', true ); } // Downloadable options @@ -1095,33 +1095,33 @@ class WC_API_Products extends WC_API_Resource { // Downloadable files if ( isset( $data['downloads'] ) && is_array( $data['downloads'] ) ) { - $this->save_downloadable_files( $id, $data['downloads'] ); + $this->save_downloadable_files( $product_id, $data['downloads'] ); } // Download limit if ( isset( $data['download_limit'] ) ) { - update_post_meta( $id, '_download_limit', ( '' === $data['download_limit'] ) ? '' : absint( $data['download_limit'] ) ); + update_post_meta( $product_id, '_download_limit', ( '' === $data['download_limit'] ) ? '' : absint( $data['download_limit'] ) ); } // Download expiry if ( isset( $data['download_expiry'] ) ) { - update_post_meta( $id, '_download_expiry', ( '' === $data['download_expiry'] ) ? '' : absint( $data['download_expiry'] ) ); + update_post_meta( $product_id, '_download_expiry', ( '' === $data['download_expiry'] ) ? '' : absint( $data['download_expiry'] ) ); } // Download type if ( isset( $data['download_type'] ) ) { - update_post_meta( $id, '_download_type', wc_clean( $data['download_type'] ) ); + update_post_meta( $product_id, '_download_type', wc_clean( $data['download_type'] ) ); } } // Product url if ( $product_type == 'external' ) { if ( isset( $data['product_url'] ) ) { - update_post_meta( $id, '_product_url', wc_clean( $data['product_url'] ) ); + update_post_meta( $product_id, '_product_url', wc_clean( $data['product_url'] ) ); } if ( isset( $data['button_text'] ) ) { - update_post_meta( $id, '_button_text', wc_clean( $data['button_text'] ) ); + update_post_meta( $product_id, '_button_text', wc_clean( $data['button_text'] ) ); } } @@ -1129,11 +1129,11 @@ class WC_API_Products extends WC_API_Resource { if ( isset( $data['reviews_allowed'] ) ) { $reviews_allowed = ( true === $data['reviews_allowed'] ) ? 'open' : 'closed'; - $wpdb->update( $wpdb->posts, array( 'comment_status' => $reviews_allowed ), array( 'ID' => $id ) ); + $wpdb->update( $wpdb->posts, array( 'comment_status' => $reviews_allowed ), array( 'ID' => $product_id ) ); } // Do action for product type - do_action( 'woocommerce_api_process_product_meta_' . $product_type, $id, $data ); + do_action( 'woocommerce_api_process_product_meta_' . $product_type, $product_id, $data ); return true; }