diff --git a/includes/admin/settings/class-wc-settings-tax.php b/includes/admin/settings/class-wc-settings-tax.php index 53248b4b4d2..f360456f84a 100644 --- a/includes/admin/settings/class-wc-settings-tax.php +++ b/includes/admin/settings/class-wc-settings-tax.php @@ -555,21 +555,22 @@ class WC_Settings_Tax extends WC_Settings_Page { if ( $state == '*' ) $state = ''; - $wpdb->insert( - $wpdb->prefix . "woocommerce_tax_rates", - array( - 'tax_rate_country' => $country, - 'tax_rate_state' => $state, - 'tax_rate' => $rate, - 'tax_rate_name' => $name, - 'tax_rate_priority' => $priority, - 'tax_rate_compound' => $compound, - 'tax_rate_shipping' => $shipping, - 'tax_rate_order' => $i, - 'tax_rate_class' => sanitize_title( $current_class ) - ) + $tax_rate = array( + 'tax_rate_country' => $country, + 'tax_rate_state' => $state, + 'tax_rate' => $rate, + 'tax_rate_name' => $name, + 'tax_rate_priority' => $priority, + 'tax_rate_compound' => $compound, + 'tax_rate_shipping' => $shipping, + 'tax_rate_order' => $i, + 'tax_rate_class' => sanitize_title( $current_class ) ); + do_action( 'woocommerce_tax_rate_added', $tax_rate ); + + $wpdb->insert( $wpdb->prefix . "woocommerce_tax_rates", $tax_rate ); + $tax_rate_id = $wpdb->insert_id; if ( ! empty( $postcode ) ) { @@ -589,7 +590,7 @@ class WC_Settings_Tax extends WC_Settings_Page { if ( strlen( $i ) < strlen( $postcode_parts[0] ) ) $i = str_pad( $i, strlen( $postcode_parts[0] ), "0", STR_PAD_LEFT ); - + $postcode_query[] = "( '" . esc_sql( $i ) . "', $tax_rate_id, 'postcode' )"; } } @@ -625,8 +626,11 @@ class WC_Settings_Tax extends WC_Settings_Page { $tax_rate_id = absint( $key ); if ( $_POST['remove_tax_rate'][ $key ] == 1 ) { + do_action( 'woocommerce_tax_rate_deleted', $tax_rate_id ); + $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->prefix}woocommerce_tax_rate_locations WHERE tax_rate_id = %d;", $tax_rate_id ) ); $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->prefix}woocommerce_tax_rates WHERE tax_rate_id = %d;", $tax_rate_id ) ); + continue; } @@ -648,21 +652,25 @@ class WC_Settings_Tax extends WC_Settings_Page { if ( $state == '*' ) $state = ''; + $tax_rate = array( + 'tax_rate_country' => $country, + 'tax_rate_state' => $state, + 'tax_rate' => $rate, + 'tax_rate_name' => $name, + 'tax_rate_priority' => $priority, + 'tax_rate_compound' => $compound, + 'tax_rate_shipping' => $shipping, + 'tax_rate_order' => $i, + 'tax_rate_class' => sanitize_title( $current_class ) + ); + + do_action( 'woocommerce_tax_rate_updated', $tax_rate ); + $wpdb->update( $wpdb->prefix . "woocommerce_tax_rates", + $tax_rate, array( - 'tax_rate_country' => $country, - 'tax_rate_state' => $state, - 'tax_rate' => $rate, - 'tax_rate_name' => $name, - 'tax_rate_priority' => $priority, - 'tax_rate_compound' => $compound, - 'tax_rate_shipping' => $shipping, - 'tax_rate_order' => $i, - 'tax_rate_class' => sanitize_title( $current_class ) - ), - array( - 'tax_rate_id' => $tax_rate_id + 'tax_rate_id' => $tax_rate_id ) ); @@ -688,7 +696,7 @@ class WC_Settings_Tax extends WC_Settings_Page { if ( strlen( $i ) < strlen( $postcode_parts[0] ) ) $i = str_pad( $i, strlen( $postcode_parts[0] ), "0", STR_PAD_LEFT ); - + $postcode_query[] = "( '" . esc_sql( $i ) . "', $tax_rate_id, 'postcode' )"; } } @@ -732,4 +740,4 @@ class WC_Settings_Tax extends WC_Settings_Page { endif; -return new WC_Settings_Tax(); \ No newline at end of file +return new WC_Settings_Tax(); diff --git a/includes/class-wc-checkout.php b/includes/class-wc-checkout.php index b2f3d96562d..4173a065fca 100644 --- a/includes/class-wc-checkout.php +++ b/includes/class-wc-checkout.php @@ -644,7 +644,7 @@ class WC_Checkout { WC()->session->set( 'reload_checkout', true ); // Also, recalculate cart totals to reveal any role-based discounts that were unavailable before registering - WC()->cart->calculate_totals(); + WC()->cart->calculate_totals(); // Add customer info from other billing fields if ( $this->posted['billing_first_name'] && apply_filters( 'woocommerce_checkout_update_customer_data', true, $this ) ) { diff --git a/includes/class-wc-session-handler.php b/includes/class-wc-session-handler.php index 01f5dbeea1b..29fbe6a69c9 100644 --- a/includes/class-wc-session-handler.php +++ b/includes/class-wc-session-handler.php @@ -69,6 +69,10 @@ class WC_Session_Handler extends WC_Session { add_action( 'woocommerce_set_cart_cookies', array( $this, 'set_customer_session_cookie' ), 10 ); add_action( 'woocommerce_cleanup_sessions', array( $this, 'cleanup_sessions' ), 10 ); add_action( 'shutdown', array( $this, 'save_data' ), 20 ); + add_action( 'clear_auth_cookie', array( $this, 'destroy_session' ) ); + if ( ! is_user_logged_in() ) { + add_action( 'woocommerce_thankyou', array( $this, 'destroy_session' ) ); + } } /** @@ -111,16 +115,20 @@ class WC_Session_Handler extends WC_Session { } /** - * generate_customer_id function. + * Generate a unique customer ID for guests, or return user ID if logged in. + * + * Uses Portable PHP password hashing framework to generate a unique cryptographically strong ID. * * @access public - * @return mixed + * @return int|string */ public function generate_customer_id() { if ( is_user_logged_in() ) { return get_current_user_id(); } else { - return wp_generate_password( 32, false ); + require_once( ABSPATH . 'wp-includes/class-phpass.php'); + $hasher = new PasswordHash( 8, false ); + return md5( $hasher->get_random_bytes( 32 ) ); } } @@ -180,6 +188,29 @@ class WC_Session_Handler extends WC_Session { } } + /** + * Destroy all session data + */ + public function destroy_session() { + // Clear cookie + wc_setcookie( $this->_cookie, '', time() - YEAR_IN_SECONDS, apply_filters( 'wc_session_use_secure_cookie', false ) ); + + // Delete session + $session_option = '_wc_session_' . $this->_customer_id; + $session_expiry_option = '_wc_session_expires_' . $this->_customer_id; + + delete_option( $session_option ); + delete_option( $session_expiry_option ); + + // Clear cart + wc_empty_cart(); + + // Clear data + $this->_data = array(); + $this->_dirty = false; + $this->_customer_id = $this->generate_customer_id(); + } + /** * cleanup_sessions function. * diff --git a/includes/wc-cart-functions.php b/includes/wc-cart-functions.php index 421b6a94df1..a65d437da14 100644 --- a/includes/wc-cart-functions.php +++ b/includes/wc-cart-functions.php @@ -34,13 +34,11 @@ add_filter( 'woocommerce_add_to_cart_validation', 'wc_protected_product_add_to_c * @return void */ function wc_empty_cart() { - if ( ! isset( WC()->cart ) || WC()->cart == '' ) + if ( ! isset( WC()->cart ) || WC()->cart == '' ) { WC()->cart = new WC_Cart(); - + } WC()->cart->empty_cart( false ); } -add_action( 'wp_logout', 'wc_empty_cart' ); - /** * Load the cart upon login diff --git a/readme.txt b/readme.txt index 99f57b2adb0..051d16abc2e 100644 --- a/readme.txt +++ b/readme.txt @@ -136,6 +136,7 @@ Yes you can! Join in on our [GitHub repository](http://github.com/woothemes/wooc * Tweak - Added the possibility to translate the edit-address endpoint slug. * Tweak - Removed all the_content filter in favor to wpautop() and do_shortcode(). * Tweak - Send IPN email notifications to new order email. +* Tweak - Clear and wipe session data on logout and end of checkout for guests. * Dev - Introduce `woocommerce_valid_order_statuses_for_payment_complete` filter. * Dev - Introduce `woocommerce_thankyou_order_received_text` filter. * Dev - Introduce `woocommerce_product_backorders_allowed` filter.