Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Abstracted nonce helper to class #3282

This commit is contained in:
Coen Jacobs 2013-06-05 15:43:24 +02:00
parent b3f05bdd66
commit 88a7f0f720
16 changed files with 77 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classes/class-wc-cart.php
View File

@ -682,7 +682,7 @@ class WC_Cart {
global $woocommerce; global $woocommerce;
$cart_page_id = woocommerce_get_page_id('cart'); $cart_page_id = woocommerce_get_page_id('cart');
if ($cart_page_id) if ($cart_page_id)
return apply_filters( 'woocommerce_get_remove_url', $woocommerce->nonce_url( 'cart', add_query_arg( 'remove_item', $cart_item_key, get_permalink($cart_page_id) ) ) ); return apply_filters( 'woocommerce_get_remove_url', $woocommerce->get_helper( 'nonce' )->nonce_url( 'cart', add_query_arg( 'remove_item', $cart_item_key, get_permalink($cart_page_id) ) ) );
} }
/** /**

2
classes/class-wc-order.php
View File

@ -1147,7 +1147,7 @@ class WC_Order {
*/ */
public function get_cancel_order_url() { public function get_cancel_order_url() {
global $woocommerce; global $woocommerce;
return apply_filters('woocommerce_get_cancel_order_url', $woocommerce->nonce_url( 'cancel_order', add_query_arg('cancel_order', 'true', add_query_arg('order', $this->order_key, add_query_arg('order_id', $this->id, trailingslashit( home_url() )))))); return apply_filters('woocommerce_get_cancel_order_url', $woocommerce->get_helper( 'nonce' )->nonce_url( 'cancel_order', add_query_arg('cancel_order', 'true', add_query_arg('order', $this->order_key, add_query_arg('order_id', $this->id, trailingslashit( home_url() ))))));
} }

31
classes/helpers/class-wc-nonce-helper.php Normal file
View File

@ -0,0 +1,31 @@
<?php
return new WC_Nonce_Helper();
class WC_Nonce_Helper extends WC_Helper {
/**
* Return a nonce field.
*
* @access public
* @param mixed $action
* @param bool $referer (default: true)
* @param bool $echo (default: true)
* @return void
*/
public function nonce_field( $action, $referer = true , $echo = true ) {
return wp_nonce_field('woocommerce-' . $action, '_n', $referer, $echo );
}
/**
* Return a url with a nonce appended.
*
* @access public
* @param mixed $action
* @param string $url (default: '')
* @return string
*/
public function nonce_url( $action, $url = '' ) {
return add_query_arg( '_n', wp_create_nonce( 'woocommerce-' . $action ), $url );
}
}

2
templates/cart/cart.php
View File

@ -135,7 +135,7 @@ $woocommerce->show_messages();
<?php do_action('woocommerce_proceed_to_checkout'); ?> <?php do_action('woocommerce_proceed_to_checkout'); ?>
<?php $woocommerce->nonce_field('cart') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('cart') ?>
</td> </td>
</tr> </tr>

2
templates/cart/shipping-calculator.php
View File

@ -84,7 +84,7 @@ if ( get_option('woocommerce_enable_shipping_calc')=='no' || ! $woocommerce->car
<p><button type="submit" name="calc_shipping" value="1" class="button"><?php _e( 'Update Totals', 'woocommerce' ); ?></button></p> <p><button type="submit" name="calc_shipping" value="1" class="button"><?php _e( 'Update Totals', 'woocommerce' ); ?></button></p>
<?php $woocommerce->nonce_field('cart') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('cart') ?>
</section> </section>
</form> </form>

2
templates/checkout/form-pay.php
View File

@ -83,7 +83,7 @@ global $woocommerce;
<?php endif; ?> <?php endif; ?>
<div class="form-row"> <div class="form-row">
<?php $woocommerce->nonce_field('pay')?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('pay')?>
<input type="submit" class="button alt" id="place_order" value="<?php _e( 'Pay for order', 'woocommerce' ); ?>" /> <input type="submit" class="button alt" id="place_order" value="<?php _e( 'Pay for order', 'woocommerce' ); ?>" />
<input type="hidden" name="woocommerce_pay" value="1" /> <input type="hidden" name="woocommerce_pay" value="1" />
</div> </div>

2
templates/checkout/review-order.php
View File

@ -184,7 +184,7 @@ $available_methods = $woocommerce->shipping->get_available_shipping_methods();
<noscript><?php _e( 'Since your browser does not support JavaScript, or it is disabled, please ensure you click the <em>Update Totals</em> button before placing your order. You may be charged more than the amount stated above if you fail to do so.', 'woocommerce' ); ?><br/><input type="submit" class="button alt" name="woocommerce_checkout_update_totals" value="<?php _e( 'Update totals', 'woocommerce' ); ?>" /></noscript> <noscript><?php _e( 'Since your browser does not support JavaScript, or it is disabled, please ensure you click the <em>Update Totals</em> button before placing your order. You may be charged more than the amount stated above if you fail to do so.', 'woocommerce' ); ?><br/><input type="submit" class="button alt" name="woocommerce_checkout_update_totals" value="<?php _e( 'Update totals', 'woocommerce' ); ?>" /></noscript>
<?php $woocommerce->nonce_field('process_checkout')?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('process_checkout')?>
<?php do_action( 'woocommerce_review_order_before_submit' ); ?> <?php do_action( 'woocommerce_review_order_before_submit' ); ?>

2
templates/myaccount/form-change-password.php
View File

@ -28,7 +28,7 @@ global $woocommerce;
<p><input type="submit" class="button" name="change_password" value="<?php _e( 'Save', 'woocommerce' ); ?>" /></p> <p><input type="submit" class="button" name="change_password" value="<?php _e( 'Save', 'woocommerce' ); ?>" /></p>
<?php $woocommerce->nonce_field('change_password')?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('change_password')?>
<input type="hidden" name="action" value="change_password" /> <input type="hidden" name="action" value="change_password" />
</form> </form>

2
templates/myaccount/form-edit-address.php
View File

@ -41,7 +41,7 @@ get_currentuserinfo();
<p> <p>
<input type="submit" class="button" name="save_address" value="<?php _e( 'Save Address', 'woocommerce' ); ?>" /> <input type="submit" class="button" name="save_address" value="<?php _e( 'Save Address', 'woocommerce' ); ?>" />
<?php $woocommerce->nonce_field('edit_address') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('edit_address') ?>
<input type="hidden" name="action" value="edit_address" /> <input type="hidden" name="action" value="edit_address" />
</p> </p>

4
templates/myaccount/form-login.php
View File

@ -36,7 +36,7 @@ global $woocommerce; ?>
<div class="clear"></div> <div class="clear"></div>
<p class="form-row"> <p class="form-row">
<?php $woocommerce->nonce_field('login', 'login') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('login', 'login') ?>
<input type="submit" class="button" name="login" value="<?php _e( 'Login', 'woocommerce' ); ?>" /> <input type="submit" class="button" name="login" value="<?php _e( 'Login', 'woocommerce' ); ?>" />
<a class="lost_password" href="<?php <a class="lost_password" href="<?php
@ -97,7 +97,7 @@ global $woocommerce; ?>
<?php do_action( 'register_form' ); ?> <?php do_action( 'register_form' ); ?>
<p class="form-row"> <p class="form-row">
<?php $woocommerce->nonce_field('register', 'register') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('register', 'register') ?>
<input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" /> <input type="submit" class="button" name="register" value="<?php _e( 'Register', 'woocommerce' ); ?>" />
</p> </p>

2
templates/myaccount/form-lost-password.php
View File

@ -43,6 +43,6 @@ global $woocommerce, $post;
<div class="clear"></div> <div class="clear"></div>
<p class="form-row"><input type="submit" class="button" name="reset" value="<?php echo 'lost_password' == $args['form'] ? __( 'Reset Password', 'woocommerce' ) : __( 'Save', 'woocommerce' ); ?>" /></p> <p class="form-row"><input type="submit" class="button" name="reset" value="<?php echo 'lost_password' == $args['form'] ? __( 'Reset Password', 'woocommerce' ) : __( 'Save', 'woocommerce' ); ?>" /></p>
<?php $woocommerce->nonce_field( $args['form'] ); ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field( $args['form'] ); ?>
</form> </form>

2
templates/order/form-tracking.php
View File

@ -21,6 +21,6 @@ global $woocommerce, $post;
<div class="clear"></div> <div class="clear"></div>
<p class="form-row"><input type="submit" class="button" name="track" value="<?php _e( 'Track', 'woocommerce' ); ?>" /></p> <p class="form-row"><input type="submit" class="button" name="track" value="<?php _e( 'Track', 'woocommerce' ); ?>" /></p>
<?php $woocommerce->nonce_field('order_tracking') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('order_tracking') ?>
</form> </form>

2
templates/order/order-details.php
View File

@ -87,7 +87,7 @@ $order = new WC_Order( $order_id );
<?php if ( get_option('woocommerce_allow_customers_to_reorder') == 'yes' && $order->status=='completed' ) : ?> <?php if ( get_option('woocommerce_allow_customers_to_reorder') == 'yes' && $order->status=='completed' ) : ?>
<p class="order-again"> <p class="order-again">
<a href="<?php echo esc_url( $woocommerce->nonce_url( 'order_again', add_query_arg( 'order_again', $order->id, add_query_arg( 'order', $order->id, get_permalink( woocommerce_get_page_id( 'view_order' ) ) ) ) ) ); ?>" class="button"><?php _e( 'Order Again', 'woocommerce' ); ?></a> <a href="<?php echo esc_url( $woocommerce->get_helper( 'nonce' )->nonce_url( 'order_again', add_query_arg( 'order_again', $order->id, add_query_arg( 'order', $order->id, get_permalink( woocommerce_get_page_id( 'view_order' ) ) ) ) ) ); ?>" class="button"><?php _e( 'Order Again', 'woocommerce' ); ?></a>
</p> </p>
<?php endif; ?> <?php endif; ?>

2
templates/shop/form-login.php
View File

@ -27,7 +27,7 @@ if (is_user_logged_in()) return;
<div class="clear"></div> <div class="clear"></div>
<p class="form-row"> <p class="form-row">
<?php $woocommerce->nonce_field('login', 'login') ?> <?php $woocommerce->get_helper( 'nonce' )->nonce_field('login', 'login') ?>
<input type="submit" class="button" name="login" value="<?php _e( 'Login', 'woocommerce' ); ?>" /> <input type="submit" class="button" name="login" value="<?php _e( 'Login', 'woocommerce' ); ?>" />
<input type="hidden" name="redirect" value="<?php echo esc_url( $redirect ) ?>" /> <input type="hidden" name="redirect" value="<?php echo esc_url( $redirect ) ?>" />
<a class="lost_password" href="<?php echo esc_url( wp_lostpassword_url( home_url() ) ); ?>"><?php _e( 'Lost Password?', 'woocommerce' ); ?></a> <a class="lost_password" href="<?php echo esc_url( wp_lostpassword_url( home_url() ) ); ?>"><?php _e( 'Lost Password?', 'woocommerce' ); ?></a>

2
templates/single-product-reviews.php
View File

@ -104,7 +104,7 @@ if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
} }
$comment_form['comment_field'] .= '<p class="comment-form-comment"><label for="comment">' . __( 'Your Review', 'woocommerce' ) . '</label><textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p>' . $woocommerce->nonce_field('comment_rating', true, false); $comment_form['comment_field'] .= '<p class="comment-form-comment"><label for="comment">' . __( 'Your Review', 'woocommerce' ) . '</label><textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea></p>' . $woocommerce->get_helper( 'nonce' )->nonce_field('comment_rating', true, false);
comment_form( apply_filters( 'woocommerce_product_review_comment_form_args', $comment_form ) ); comment_form( apply_filters( 'woocommerce_product_review_comment_form_args', $comment_form ) );

60
woocommerce.php
View File

@ -1342,35 +1342,6 @@ class Woocommerce {
if ( isset( $types[$type] ) ) return $types[$type]; if ( isset( $types[$type] ) ) return $types[$type];
} }
/** Nonces ****************************************************************/
/**
* Return a nonce field.
*
* @access public
* @param mixed $action
* @param bool $referer (default: true)
* @param bool $echo (default: true)
* @return void
*/
public function nonce_field( $action, $referer = true , $echo = true ) {
return wp_nonce_field('woocommerce-' . $action, '_n', $referer, $echo );
}
/**
* Return a url with a nonce appended.
*
* @access public
* @param mixed $action
* @param string $url (default: '')
* @return string
*/
public function nonce_url( $action, $url = '' ) {
return add_query_arg( '_n', wp_create_nonce( 'woocommerce-' . $action ), $url );
}
/** /**
* Check a nonce and sets woocommerce error in case it is invalid. * Check a nonce and sets woocommerce error in case it is invalid.
* *
@ -1568,6 +1539,37 @@ class Woocommerce {
$helper = $this->get_helper( 'inline-javascript' ); $helper = $this->get_helper( 'inline-javascript' );
$helper->output_inline_js(); $helper->output_inline_js();
} }
/**
* Return a nonce field.
*
* @deprecated 2.1.0 Access via the helpers
* @access public
* @param mixed $action
* @param bool $referer (default: true)
* @param bool $echo (default: true)
* @return void
*/
public function nonce_field( $action, $referer = true , $echo = true ) {
_deprecated_function( 'Woocommerce->nonce_field', '2.1', 'WC_Nonce_Helper->nonce_field' );
$helper = $this->get_helper( 'nonce' );
return $helper->nonce_field( $action, $referer = true , $echo = true );
}
/**
* Return a url with a nonce appended.
*
* @deprecated 2.1.0 Access via the helpers
* @access public
* @param mixed $action
* @param string $url (default: '')
* @return string
*/
public function nonce_url( $action, $url = '' ) {
_deprecated_function( 'Woocommerce->nonce_url', '2.1', 'WC_Nonce_Helper->nonce_url' );
$helper = $this->get_helper( 'nonce' );
return $helper->nonce_url( $action, $url = '' );
}
} }
/** /**