Add notice when "redirect only" download method is selected.

This download is insecure as it reveals the original file location. We will try to nudge user to use any of the other download method instead.

includes/admin/class-wc-admin-notices.php

@@ -38,6 +38,7 @@ class WC_Admin_Notices {
 		'no_secure_connection'         => 'secure_connection_notice',
 		WC_PHP_MIN_REQUIREMENTS_NOTICE => 'wp_php_min_requirements_notice',
 		'maxmind_license_key'          => 'maxmind_missing_license_key_notice',
+		'wc_redirect_download_method'  => 'wc_redirect_download_method_notice',
 	);
 
 	/**
@@ -48,6 +49,7 @@ class WC_Admin_Notices {
 
 		add_action( 'switch_theme', array( __CLASS__, 'reset_admin_notices' ) );
 		add_action( 'woocommerce_installed', array( __CLASS__, 'reset_admin_notices' ) );
+		add_action( 'wp_loaded', array( __CLASS__, 'add_redirect_download_method_notice' ) );
 		add_action( 'wp_loaded', array( __CLASS__, 'hide_notices' ) );
 		// @TODO: This prevents Action Scheduler async jobs from storing empty list of notices during WC installation.
 		// That could lead to OBW not starting and 'Run setup wizard' notice not appearing in WP admin, which we want
@@ -422,6 +424,18 @@ class WC_Admin_Notices {
 		$integration_options = get_option( 'woocommerce_maxmind_geolocation_settings' );
 		if ( empty( $integration_options['license_key'] ) ) {
 			self::add_notice( 'maxmind_license_key' );
+
+		}
+	}
+
+	/**
+	 *  Add notice about Redirect-only download method, nudging user to switch to a different method instead.
+	 */
+	public static function add_redirect_download_method_notice() {
+		if ( 'redirect' === get_option( 'woocommerce_file_download_method' ) ) {
+			self::add_notice( 'wc_redirect_download_method' );
+		} else {
+			self::remove_notice( 'wc_redirect_download_method' );
 		}
 	}
 
@@ -442,6 +456,20 @@ class WC_Admin_Notices {
 		include dirname( __FILE__ ) . '/views/html-notice-maxmind-license-key.php';
 	}
 
+	/**
+	 * Notice about Redirect-Only download method.
+	 *
+	 * @since 3.10.0
+	 */
+	public static function wc_redirect_download_method_notice() {
+		if ( apply_filters( 'woocommerce_hide_redirect_method_nag', get_user_meta( get_current_user_id(), 'dismissed_wc_redirect_download_method_notice', true ) ) ) {
+			self::remove_notice( 'wc_redirect_download_method' );
+			return;
+		}
+
+		include dirname( __FILE__ ) . '/views/html-notice-redirect-only-download.php';
+	}
+
 	/**
 	 * Determine if the store is running SSL.
 	 *

includes/admin/views/html-notice-redirect-only-download.php

@@ -0,0 +1,24 @@
+<?php
+/**
+ * Admin View: Notice - Redirect only download method is selected.
+ *
+ * @package WooCommerce\Admin\Notices
+ */
+
+defined( 'ABSPATH' ) || exit;
+
+?>
+<div class="updated woocommerce-message">
+	<a class="woocommerce-message-close notice-dismiss" href="<?php echo esc_url( wp_nonce_url( add_query_arg( 'wc-hide-notice', 'wc_redirect_download_method' ), 'woocommerce_hide_notices_nonce', '_wc_notice_nonce' ) ); ?>"><?php esc_html_e( 'Dismiss', 'woocommerce' ); ?></a>
+	<p>
+		<?php
+		echo wp_kses_post(
+			sprintf(
+				/* translators: %s: Link to settings page. */
+				__( 'Your store is configured to serve digital products using "Redirect only" method. This method is deprecated, <a href="%s">please switch to  a different method instead.</a>', 'woocommerce' ),
+				'/wp-admin/admin.php?page=wc-settings&tab=products&section=downloadable'
+			)
+		);
+		?>
+	</p>
+</div>