Claudio Sanches
65608d3fd0
Added nonces and check capability to copy or delete email templates, closes #5
2015-06-01 13:12:25 +01:00
Claudio Sanches
5b00dee203
Implemented wp_safe_remote_* functions for webhooks requests #10
2015-06-01 13:09:21 +01:00
Claudio Sanches
166ec607c0
Escape columns
2015-06-01 13:08:33 +01:00
Alexander Concha
f194330aeb
Escape properly echoed values
...
The variables $base_slug/$structures may contain unsafe values due to
the use of urldecode. For example if the post slug is '%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E'
2015-06-01 12:59:03 +01:00
Alexander Concha
f38bc86c5d
Escape properly the metadata to be copied.
...
Fixes a SQL injection because the meta key can contain arbitrary values.
2015-06-01 12:58:56 +01:00
Alexander Concha
3c1b14d00d
Escape properly the provided array of post codes
...
The callers only run wc_clean/esc_attr on the provided values which are
not functions meant to protect against SQL injections.
2015-06-01 12:58:51 +01:00
Ben Bidner
7d8db595f2
Fixes an (admin) SQLi when setting stock levels for product variations
2015-06-01 12:58:38 +01:00
Alexander Concha
7896b49684
fclose requires a resource, not a string.
2015-06-01 12:58:06 +01:00
Ben Bidner
2740db17c0
Merge conflict - esc customer data
2015-06-01 12:57:48 +01:00
Ben Bidner
f46060a0dd
Remove call to `wp_specialchars_decode()` in `wc_get_price_thousand_separator()` and `wc_get_price_decimal_separator()`.
...
Closes #6
2015-06-01 12:54:23 +01:00
Ben Bidner
f3e3b5c209
add `$args` arguments to `WC_Product_Factory->get_product_class()` to allow `$product_type` to be overwritten by `$args['product_type']`
2015-06-01 12:54:18 +01:00
Ben Bidner
7b9a22208e
readds the `$the_product` global variable
2015-06-01 12:54:14 +01:00
Ben Bidner
f066a7bb21
pass correct number of arguments to `wc_lostpassword_url()`, `wc_nav_menu_items()`, `wc_nav_menu_item_classes()`, and `wc_change_term_counts()`
2015-06-01 12:53:51 +01:00
Ben Bidner
32e37b57d0
fixes too many arguments in function or method call: WC_Shortcode_My_Account::add_payment_method($wp->query_vars['add-payment-method'])
2015-06-01 12:52:10 +01:00
Ben Bidner
1aa020ca57
fixes undefined constant ('error_code' > '$error' typo)
2015-06-01 12:52:01 +01:00
Ben Bidner
5e22e13975
set default currency position format string (in case of missing or invalid `woocommerce_currency_pos` option value)
2015-06-01 12:51:56 +01:00
Mike Jolley
3d049ff379
[2.3] Clear expired transients on update
2015-06-01 11:39:03 +01:00
Mike Jolley
1ce272b385
[2.3] Tweak transient clear SQL
2015-06-01 11:38:43 +01:00
Mike Jolley
b9708c4df9
Show refunded total shipping and taxes
...
Closes #8222
2015-06-01 11:06:11 +01:00
Mike Jolley
bd7624e5b7
Check template code isset
2015-05-29 17:40:53 +01:00
Mike Jolley
1e3fcd0e6d
[2.3] Avoid initialising classes when saving
2015-05-29 17:38:25 +01:00
Mike Jolley
803f4a9e85
[2.3] Delete correct transient when linking variations
...
Closes #8241
2015-05-29 15:34:27 +01:00
Mike Jolley
3222d1473e
Merge pull request #8242 from n-dawson/master
...
Add a filter to override needs_shipping_address order method.
2015-05-29 15:28:49 +01:00
Mike Jolley
a7a290e12a
Merge pull request #8250 from kilbot/patch-1
...
Add capability_type to product_variation
2015-05-29 15:27:41 +01:00
Mike Jolley
0a3defd798
Move tax enabled check
2015-05-29 14:55:57 +01:00
Claudio Sanches
b2711f3d64
[API] Fixed products tags in write-mode
2015-05-29 10:05:15 -03:00
Claudio Sanches
88003436a6
[API] Add properly sanitization for categories and tags in products endpoint, closes #8251
2015-05-29 10:04:02 -03:00
Paul Kilmurray
b16d443709
fix missing comma
2015-05-29 19:35:31 +08:00
Paul Kilmurray
b158d517e9
Add capability_type to product_variation
...
By default the product_variation has `capability_type = 'post'` which means that users need `edit_post` capability to edit. This change will make variation capabilities consistent with products, ie: `edit_product`
2015-05-29 17:42:33 +08:00
roykho
b9eefa58fa
use esc_textarea function
2015-05-28 16:08:22 -07:00
roykho
54b0a0ca54
changed dynamic variation description to allow limited HTML and some sanitized tweaks
2015-05-28 14:31:45 -07:00
Mike Jolley
e51eae80c6
Merge pull request #8167 from roykho/dynamic-variation-description
...
Dynamic variation description
2015-05-28 15:53:03 +01:00
Nathan Dawson
e535e005b7
Add a filter to override needs_shipping_address order method.
...
If an order doesn't have any shipping methods it's not possible to set needs_shipping_address to true. When 'woocommerce_cart_needs_shipping_address' is set to true the address needs to be shown on the front end and in confirmation emails.
2015-05-28 15:48:37 +01:00
Mike Jolley
4e5091adda
Merge remote-tracking branch 'origin/master'
2015-05-28 14:42:45 +01:00
Mike Jolley
5cac639cff
Merge branch 'improve-refund-reporting' Closes #8028
...
Conflicts:
includes/admin/reports/class-wc-report-sales-by-date.php
includes/updates/woocommerce-update-2.4.php
2015-05-28 14:41:20 +01:00
Claudio Sanches
903cb817f0
Fixed WC_Install::get_schema for woocommerce_api_keys table
2015-05-28 10:36:25 -03:00
Mike Jolley
5ef335b169
Merge pull request #8215 from JeroenSormani/order-tests
...
Order tests
2015-05-28 12:44:17 +01:00
Mike Jolley
b77755af5c
Merge pull request #8236 from n-dawson/master
...
[2.3] Resolve blank shipping information bug. Fixes #8235
2015-05-28 12:21:38 +01:00
Mike Jolley
4a9971193f
Only track product views when widget is active
...
Closes #8212
2015-05-28 11:49:10 +01:00
James Koster
8c1e452514
proceed to checkout button template. closes #7507
2015-05-28 11:48:37 +01:00
Mike Jolley
ba2e638e54
nocache download_file requests
...
Closes #8162
2015-05-28 11:44:47 +01:00
Nathan Dawson
f9e43b874c
Resolve blank shipping information bug. Fixes #8235
...
Setting the 'woocommerce_cart_needs_shipping' filter to true means the shipping fields can be shown for virtual products. Whether to check shipping details should be based on whether they're shown and not whether the cart needs shipping.
2015-05-28 00:54:05 +01:00
Claudio Sanches
a76aa5218b
Improved the new order and cancelled order emails descriptions, closes #8195
2015-05-27 16:57:57 -03:00
Claudio Sanches
676e09fdd3
Added new woocommerce_api_keys table in wpmu exclude and in status report
2015-05-27 16:46:43 -03:00
Claudio Sanches
ebdcb0d9e8
[2.3] [API] Fixed subtotal_tax round and decimal dp, closes #8140
2015-05-27 16:18:02 -03:00
Claudio Sanches
f503cda874
Improved hold stock input width, closes 8233
2015-05-27 14:26:12 -03:00
Claudio Sanches
169e72b824
Added extra arg to all woocommerce_order_item_name filters #8159
2015-05-27 13:29:15 -03:00
Claudio Sanches
88596b595e
Improved PayPal get_icon_url() method
2015-05-27 13:23:21 -03:00
Claudio Sanches
6ff7215f3c
Improved the error display for #7959
2015-05-27 13:19:44 -03:00
Mike Jolley
4fd9e1daf2
[2.3] Improved get_icon_url()
...
Closes #8211
2015-05-27 17:13:36 +01:00
Claudio Sanches
5c2b14d89f
Standardise case of some strings closes #8125
2015-05-27 12:53:04 -03:00
Claudio Sanches
989dd5d88e
Improved exclude_from_order_webhook check #8146
2015-05-27 12:46:44 -03:00
Claudio Sanches
bc7d73f81f
Merge pull request #8146 from mattallan/order_args_exclude_webhooks
...
New order post type param: exclude_from_order_webhook
2015-05-27 12:29:49 -03:00
Claudio Sanches
cc9721ed9d
Merge pull request #7959 from tivnet/patch-4
...
Check for non-existing attribute ID
2015-05-27 12:24:40 -03:00
Mike Jolley
5920b88d5d
Add classes to tax and shipping labels/notices
...
Closes #8189
2015-05-27 16:17:36 +01:00
Mike Jolley
915342f38b
[2.3] Only clear in delete_version_transients when version is set
2015-05-27 15:56:49 +01:00
Claudio Sanches
267c481d86
Improved admin bar visit store link #8196
2015-05-27 11:55:32 -03:00
Claudio Sanches
e5e81e5516
Merge pull request #8196 from corsonr/visit_store_link
...
Added visit store link in admin bar
2015-05-27 11:35:49 -03:00
Nicola Mustone
b5e193956b
added action woocommerce_refund_deleted
2015-05-27 15:23:59 +02:00
Mike Jolley
e383889957
[2.3] Optimise delete_version_transients
...
1. WC does not work network wide so _site_transient does not need
checking
2. The LIKE matches timeout and transient keys
2015-05-27 12:03:46 +01:00
Claudio Sanches
1caa5ebcee
Improved WC_Geolocation support for IPv6 #8184
2015-05-26 17:32:47 -03:00
Claudio Sanches
fcc9542608
Merge branch 'master' of github.com:woothemes/woocommerce
2015-05-26 14:41:24 -03:00
Claudio Sanches
44dba5036c
Added geolocate IPv6 support, closes #8184
2015-05-26 14:41:13 -03:00
Mike Jolley
15e3d23022
Merge pull request #8209 from ChromeOrange/master
...
Update html-admin-page-status-report.php
2015-05-26 17:50:37 +01:00
Mike Jolley
f1af777368
[2.3] Fix typo in validate_maximum_amount
...
Closes #8207
2015-05-26 17:40:07 +01:00
Claudio Sanches
d53d21781b
[2.3] Fixed product category media upload modal and some coding standards, closes #8227
2015-05-26 10:24:49 -03:00
Mike Jolley
28d838c5cd
[2.3] Related posts tweaks
...
Remove real randomness and add transient caching to improve performance.
The above was not worth the cost of the query - only users refreshing a
product page would see a difference.
2015-05-25 15:40:28 +01:00
Claudio Sanches
9c5cd0e525
[API] Accept dashes in products/sku endpoint, closes #8220
2015-05-25 10:22:59 -03:00
Claudio Sanches
70b33b7919
Merge pull request #8221 from shivapoudel/settings-api
...
Introduce get_field_key method
2015-05-25 09:55:45 -03:00
Shiva Poudel
cadc1ab301
Add id for title
...
Fixes scrutinizer issues for not having param
2015-05-25 17:32:30 +05:45
Shiva Poudel
9a818503b9
Updated blockUI Version
2015-05-25 17:03:41 +05:45
Shiva Poudel
2871df7451
Move the validate checkbox method above select
2015-05-25 16:58:08 +05:45
Shiva Poudel
4d46b35590
Clean settings-api docblock
2015-05-25 16:56:44 +05:45
Shiva Poudel
d90bb50c20
Use get_field_key for validate_*_field
2015-05-25 16:41:08 +05:45
Shiva Poudel
3b9124e0cf
Use get_field_key for generate_*_html
2015-05-25 16:28:19 +05:45
Shiva Poudel
597b152407
Introduce get_field_key method for settings API
2015-05-25 16:18:28 +05:45
Mike Jolley
b8bcd24edd
[2.3] Combine transients for get_rating_count
...
@claudiosmweb
2015-05-25 02:00:20 +01:00
Mike Jolley
62c70603ec
[2.3] When updating transients, clear previous version of transients
...
Closes #8131 @claudiosmweb
2015-05-25 01:48:17 +01:00
Mike Jolley
1b73322874
[2.3] Replace max_related_posts_query with wp_count_posts
2015-05-25 01:20:31 +01:00
JeroenSormani
b95b22d144
Add wc_get_order() tests + Order helper class
2015-05-23 10:48:07 +02:00
Andrew Benbow
79d4d921fd
Update html-admin-page-status-report.php
2015-05-23 07:22:12 +01:00
Andrew Benbow
54437afc5c
Update html-admin-page-status-report.php
2015-05-22 19:33:59 +01:00
Claudio Sanches
be0f93f112
[2.3] Fixed theme check notice for core supported themes, closes #8208
2015-05-22 13:52:18 -03:00
Fulvio Notarstefano
c0dda8c582
Typos conditonal_includes -> conditional_includes
...
I believe you meant 'conditional' - I don't think it's referenced elsewhere so it should be safe to rename
2015-05-22 16:01:55 +02:00
Remi Corson
611765e0da
added comparison with home url
2015-05-22 13:59:51 +02:00
mehulkaklotar
05d5b421d6
filter when cart item remove notice item title, issue : #8204
2015-05-22 14:15:11 +05:30
Remi Corson
db0ee68886
Added visit store link in admin bar
2015-05-21 10:57:50 +02:00
Mike Jolley
779b53b2bc
Merge pull request #8187 from lukasjuhas/master
...
#8186 memory exhausted problem fix
2015-05-20 13:48:01 -04:00
Claudio Sanches
95535ea47d
Removed sslverify=false and used wp_safe_remote_post() in WC_Auth
2015-05-20 14:24:44 -03:00
Mike Jolley
2763175d3e
[2.3] Bump prettyphoto version to prevent caching
2015-05-20 10:56:45 -04:00
James Koster
6389e5defa
related products / upsets. closes #7873
2015-05-19 13:07:00 -04:00
Mike Jolley
c01bc43369
Adjust #8165 to deal with 0
2015-05-19 12:53:03 -04:00
Claudio Sanches
79a5c2e98d
Moved the order type verification to WC_Order_Factory::get_order() #8180
2015-05-19 13:51:04 -03:00
Mike Jolley
6bdd713112
return true if cats get displayed only
...
Closes #8172
2015-05-19 12:49:34 -04:00
Mike Jolley
a08b2e5968
Loop over all posted attributes by referencing max posted key
...
Closes #8165
2015-05-19 12:46:32 -04:00
Claudio Sanches
ece787686d
Added order type validation in wc_get_order() function, closes #8180
2015-05-19 13:21:47 -03:00
Lukas Juhas
21bda86baa
#8186 memory exhausted problem fix
...
#8186 issue
2015-05-19 17:16:41 +01:00
Mike Jolley
0b58a840e2
Merge pull request #8168 from Nikker/master
...
Added method to check if cart is empty
2015-05-19 11:41:48 -04:00
Claudio Sanches
e106d57947
Merged #8021
2015-05-18 16:53:04 -03:00
Claudio Sanches
db87add809
Updated the auth endpoint to works with the new woocommerce_api_keys database
2015-05-18 16:46:52 -03:00