Remove some PII from paypal logs and avoid storing custom meta from responses
This commit is contained in:
Mike Jolley
parent
59866b679c
commit
d14e59cdb0
|
|
@ -99,16 +99,15 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
|
|||
// Post back to get a response.
|
||||
$response = wp_safe_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $params );
|
||||
|
||||
WC_Gateway_Paypal::log( 'IPN Request: ' . wc_print_r( $params, true ) );
|
||||
WC_Gateway_Paypal::log( 'IPN Response: ' . wc_print_r( $response, true ) );
|
||||
|
||||
// Check to see if the request was valid.
|
||||
if ( ! is_wp_error( $response ) && $response['response']['code'] >= 200 && $response['response']['code'] < 300 && strstr( $response['body'], 'VERIFIED' ) ) {
|
||||
WC_Gateway_Paypal::log( 'Received valid response from PayPal' );
|
||||
WC_Gateway_Paypal::log( 'Received valid response from PayPal IPN' );
|
||||
return true;
|
||||
}
|
||||
|
||||
WC_Gateway_Paypal::log( 'Received invalid response from PayPal' );
|
||||
WC_Gateway_Paypal::log( 'Received invalid response from PayPal IPN' );
|
||||
|
||||
if ( is_wp_error( $response ) ) {
|
||||
WC_Gateway_Paypal::log( 'Error response: ' . $response->get_error_message() );
|
||||
|
|
@ -347,15 +346,6 @@ class WC_Gateway_Paypal_IPN_Handler extends WC_Gateway_Paypal_Response {
|
|||
* @param array $posted Posted data.
|
||||
*/
|
||||
protected function save_paypal_meta_data( $order, $posted ) {
|
||||
if ( ! empty( $posted['payer_email'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer PayPal address', wc_clean( $posted['payer_email'] ) );
|
||||
}
|
||||
if ( ! empty( $posted['first_name'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer first name', wc_clean( $posted['first_name'] ) );
|
||||
}
|
||||
if ( ! empty( $posted['last_name'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer last name', wc_clean( $posted['last_name'] ) );
|
||||
}
|
||||
if ( ! empty( $posted['payment_type'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payment type', wc_clean( $posted['payment_type'] ) );
|
||||
}
|
||||
|
|
|
|||
|
|
@ -83,16 +83,15 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
|
|||
* Check Response for PDT.
|
||||
*/
|
||||
public function check_response() {
|
||||
if ( empty( $_REQUEST['cm'] ) || empty( $_REQUEST['tx'] ) || empty( $_REQUEST['st'] ) ) {
|
||||
if ( empty( $_REQUEST['cm'] ) || empty( $_REQUEST['tx'] ) || empty( $_REQUEST['st'] ) ) { // WPCS: Input var ok, CSRF ok, sanitization ok.
|
||||
return;
|
||||
}
|
||||
|
||||
$order_id = wc_clean( wp_unslash( $_REQUEST['cm'] ) );
|
||||
$status = wc_clean( strtolower( wp_unslash( $_REQUEST['st'] ) ) ); // phpcs:ignore WordPress.VIP.ValidatedSanitizedInput.InputNotSanitized
|
||||
$amount = wc_clean( wp_unslash( $_REQUEST['amt'] ) ); // phpcs:ignore WordPress.VIP.ValidatedSanitizedInput.InputNotValidated
|
||||
$transaction = wc_clean( wp_unslash( $_REQUEST['tx'] ) );
|
||||
|
||||
$order = $this->get_paypal_order( $order_id );
|
||||
$order_id = wc_clean( wp_unslash( $_REQUEST['cm'] ) ); // WPCS: input var ok, CSRF ok, sanitization ok.
|
||||
$status = wc_clean( strtolower( wp_unslash( $_REQUEST['st'] ) ) ); // WPCS: input var ok, CSRF ok, sanitization ok.
|
||||
$amount = wc_clean( wp_unslash( $_REQUEST['amt'] ) ); // WPCS: input var ok, CSRF ok, sanitization ok.
|
||||
$transaction = wc_clean( wp_unslash( $_REQUEST['tx'] ) ); // WPCS: input var ok, CSRF ok, sanitization ok.
|
||||
$order = $this->get_paypal_order( $order_id );
|
||||
|
||||
if ( ! $order || ! $order->has_status( 'pending' ) ) {
|
||||
return false;
|
||||
|
|
@ -101,7 +100,7 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
|
|||
$transaction_result = $this->validate_transaction( $transaction );
|
||||
|
||||
if ( $transaction_result ) {
|
||||
WC_Gateway_Paypal::log( 'PDT Transaction Result: ' . wc_print_r( $transaction_result, true ) );
|
||||
WC_Gateway_Paypal::log( 'PDT Transaction Status: ' . wc_print_r( $status, true ) );
|
||||
|
||||
update_post_meta( $order->get_id(), '_paypal_status', $status );
|
||||
update_post_meta( $order->get_id(), '_transaction_id', $transaction );
|
||||
|
|
@ -114,19 +113,10 @@ class WC_Gateway_Paypal_PDT_Handler extends WC_Gateway_Paypal_Response {
|
|||
} else {
|
||||
$this->payment_complete( $order, $transaction, __( 'PDT payment completed', 'woocommerce' ) );
|
||||
|
||||
// Log paypal transaction fee and other meta data.
|
||||
// Log paypal transaction fee and payment type.
|
||||
if ( ! empty( $transaction_result['mc_fee'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'PayPal Transaction Fee', $transaction_result['mc_fee'] );
|
||||
}
|
||||
if ( ! empty( $transaction_result['payer_email'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer PayPal address', $transaction_result['payer_email'] );
|
||||
}
|
||||
if ( ! empty( $transaction_result['first_name'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer first name', $transaction_result['first_name'] );
|
||||
}
|
||||
if ( ! empty( $transaction_result['last_name'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payer last name', $transaction_result['last_name'] );
|
||||
}
|
||||
if ( ! empty( $transaction_result['payment_type'] ) ) {
|
||||
update_post_meta( $order->get_id(), 'Payment type', $transaction_result['payment_type'] );
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue