During migration $wpdb->prepare would force null and empty values to be zero for %f placeholder. This was causing verification logic to fail, which is being addressed in this commit.
The alternative was to insert null values without running them via $wpdb->prepare, but that seemed less safer than converting to zero because it would have to done manually since $wpdb->prepare wouldn't support it.
This commit adds documentation for WooCommerce's client component commands. This should make it easier to know what commands to run to work in these components.
This commit changes it to woocommerce/client/admin. This is an invalid NPM package name and an invalid Composer package name. This will prevent conflicts but also identify it as a component of Core.
In line with the fact that it's a component of WooCommerce rather than a standalone package, `woocommerce-legacy-assets` has been renamed `woocommerce/client/legacy`.
* Trigger the hook that record the track events
once the option settings are updated:navigation and analytics. Tracks do not include yes/no properties, so we record the latter as _disabled.
* Changelog
* Prevent reloading of page immediately after feature updates
* Remove feature specific code in tracks class
Co-authored-by: Joshua Flowers <joshuatf@gmail.com>
* Changes the frequency at which the Reports API cache can be invalidated via the cache version number to be at most once every 10 minutes, instead of with every change to the store.
* Changes the TTL of Reports API cache entries so that they expire after an hour instead of after a week.
The goal of these changes is to increase the chance that a request to the Reports API for store stats will result in a cache hit, thus avoiding expensive, slow queries. The reason for lowering the TTL is so that if multiple store changes are made within the new 10-minute frequency window, the cache data will only be stale for up to an hour. With #33325 users will be able to refresh entries in the cache manually if they think something is stale.
Closes#33315
Make sure payment gateway title is a string before sanitizing.
* Add changelog
* Drop type-hint in `validate_safe_text_field()`
* Update plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php
Co-authored-by: Barry Hughes <3594411+barryhughes@users.noreply.github.com>
* Add `OrdersTableDataStoreMeta` to handle metadata for orders
* Add `OrdersTableDataStoreHelper` with various helper functions used in the COT datastore
* Pass some helper classes as args to the COT datastore
* Use `OrdersTableDataStoreMeta` for meta in COT datastore
* Minor fixes to columns definition in COT datastore
* First pass at update() in the COT datastore
* PHPCS fixes
* Remove duplicate `read_meta` calls.
* Register `OrdersTableDataStore` earlier to make container happy
* Do not hardcode table metadata in `OrdersTableDataStoreMeta`
* Correctly format decimals for storing in the db
* read() shouldn’t success on non-existing orders
* Rework persisting to db in OrdersTableDataStore
* Correctly handle some props in OrdersTableDataStore
* Add changelog
* Add missing TODOs
* Remove unused variables
* No need to query db before deleting meta in `OrdersTableDataStoreMeta`
* Simplify OrdersTableDataStoreMeta::update_meta()
* Explicitly enumerate columns in OrdersTableDataStoreMeta::get_metadata_by_id()
* Make COT metadata implementation more generic
* Do not use property_exists() to determine existence of meta value
* Move some methods over to DatabaseUtil and get rid of COT datastore helper
* Rename `CustomDataStoreMeta` to `CustomMetaDataStore`
* Make PHPCS happy
* Add unit test.
* Correct arg passed to persist_order_to_db()
* Remove comment
* Split conditional on multiple lines
Co-authored-by: vedanshujain <vedanshu.jain.2012@gmail.com>
Adds a new collection parameter to all Reports API endpoints that utilize caching, `force_cache_refresh`, which will cause the current request to bypass the cache, re-run the queries for the requested data, and overwrite the previous cache entry with the new results.
Note that this doesn't invalidate the entire cache, only the entry for the particular set of collection parameters and values specified in the request.
This also adds a way to include debugging information related to the cache in the API response. Modeled after the way the Query Monitor plugin adds such information, you can get this by including an `_envelope` parameter in your API request. The debugging info includes whether the cache has been disabled via filter (`should_use_cache`), whether the `force_cache_refresh` parameter was used, whether the returned data was a `cache_hit` or not, and an array of the query parameters that were actually used to create the cache key.
Closes#33221
* Introduce a 'safe_text' field that allows a reduced subset of HTML tags.
* Escape on input as well as output; generalize sanitization function.
* Set reasonable default rules.
* Guard against invalid callbacks (escaping/sanitizing) functions.
* Update plugins/woocommerce/src/Internal/Utilities/HtmlSanitizer.php
Co-authored-by: Peter Fabian <peter.fabian.github@gmail.com>
* Allow alt (accessibility) for img tags; allow class attributes for img and span tags.
* Allow class attr for p tags.
* Use safe_text for payment gateway titles.
* Make HtmlSanitizer available through Utils service provider.
* Update settings code to pull HtmlSanitizer as a service and to use the new sanitize() method.
* Remove `style` from list of allowed attributes.
Allowing arbitrary CSS rules through style could undo the intent of this change, since that would allow a range of positioning and sizing changes to be effected.
* Remove unusued import.
* If no (KSES) rules are specifed, then strip all tags (this is a safer default strategy).
* For better safety, only apply pre-processor callbacks; remove responsibility for trimming of strings.
Applying callbacks to a string after it ahs passed through wp_kses() could (potentially) undo the work done by that function, and result in unexpected tags in the sanitizer's output.
Co-authored-by: barryhughes <3594411+barryhughes@users.noreply.github.com>
Co-authored-by: Peter Fabian <peter.fabian.github@gmail.com>
* Update WooStep to have name in meta
* Add useProductStepChange hook and use it to detect form value changes in product tourkit, added tracking for tour view, tour dismiss, tour complete, and step complete
* Add tour view, tour dismiss, tour completion track to old product walkthrough
* Changelog
* Fix test
* Add listener to publish button for product spotlight tour
* Add track for old walkthrough publish button
This replaces all `nx` commands with `turbo` commands and removes Nx from the repository. All of the `project.json` files have been removed and any commands that broke with Turborepo have been adjusted.
This new method is syntactic sugar for array_map. It scans an array
of arrays and/or objects and selects one value from each using
an array key name, an object method, or an object property.
* Add optional usage of database transactions for orders sync.
Includes a new setting in Advanced - Custom data stores to enable
or disable transactions usage and to select the transaction
isolation level.
* Improve the selection of data to be updated when syncing orders.
The SQL query that chooses records to be migrated to core tables
now explicitly excludes unchanged records based on the column mappings.
Also when syncing meta tables with single meta values, records for
which the value hasn't changed are now excluded from the update.
* Fix MetaToCustomTableMigrator to work with order addresses table.
* Add unit tests for db transactions on PostsToOrdersMigrationController
Also add the DynamicDecorator::call_original_method method
* Add product-tour admin script
* Update class-wc-admin-pointers.php to show experimental product tour
* Remove unnecessary window.onload
* Replace add new button with Enable guided mode button for product editing
* Show tour when tutorial query = true
* Add logic to show new tour only when a user select the physical product template
* Update product tour last step button text
* Add auto-scroll effect
* Fix i18n text
* Use bottom-start placement and align the arrow to the left
* Update pnpm-lock.yaml
* Update product tour effects
* Add changelog
* Add doc comments & check for tour-kit
* Add focus elements to product tour and wait initial element for tour showup
* Use spotlight query param to toggle new product tour feature
* Update wait seconds
* Update border style for product description & short description when editor is focused
* Add experimental-product-tour feature flag
* Refactor product-tour and support html editor focus style
Co-authored-by: moon <moon.kyong@automattic.com>
* Fix root namespace indicator in parameter
For LookupDataStore::on_product_created_or_updated_via_rest_api.
This was preventing the v1 REST API endpoint for batch insert of
products from working.
Co-authored-by: barryhughes <3594411+barryhughes@users.noreply.github.com>
Add individual analytics leaderboard endpoints
Register routes for each of the individual leaderboards.
These leaderboards can be pretty expensive to generate. If you only need
to data from one of them, it can be a pretty significant performance
boost to avoid generating all the leaderboards.
* Add e2e tests to check consistency in shipping costs for cart and checkout pages
Goal of these tests it to check if the cart and checkout pages are
consistent in calculuating shipping costs. Three tests added:
- shipping available to country with states
- shipping available to country without states
- no shipping available (fails, see issue #33205)
Reason to add these tests is PR #25916, which reverted PR #25128,
because the original PR worked for the cart page, but not for the
checkout page.
* Update e2e-core-tests changelog
* Skip failing e2e-core-test
* Fix incorrect URL for the wcAdminAssetUrl and deprecate both wcAdminAssetUrl and WC_ADMIN_IMAGES_FOLDER_URL
* Remove unused wcAdminAssetUrl var
* Remove use of wcAdminAssetUrl
* Add changelog
* Ignore hook PHPCS error -- they are pre-existing
* Add method to get total sales for a timeframe
* Add total payments volume rule processor
* Use start and end dates for total sales method
* Add method to get start and end dates from timeframe
* Update processor rule to use timeframes
* Fix up method calls
* Add tests for timeframes
* Add tests around getting total sales by date
* Add changelog entry
* Use revenue query instead of custom query for total sales
* Update since tag on hook
* Remove orderCount and publishedProductCount setting and make use of data stores
* Add test
* Add changelog
* Make use of orders data store instead of items data store
* Add users param to reports customers API params to allow filtering by user_id
* Fix invalidateResolution call that was misspelled
In order to ease the identification of private packages within the monorepo, this adds an `internal-` prefix to all of the current private packages. This makes it immediately clear when reviewing `packages/js` what is and isn't a private package.
* Add initial tracking for categories, tracks, and attribute product pages
* Update list action tracks that add new items without page refresh
* Add changelog
* Add extra category tracks
* Rename constant for add a new tag button
* Remove unneeded props from track
* Add logs for the attributes and tags on the product page
* Only trigger attributes_add on product screen when user hits save
* Add extra props to attribute add track
* Add tags delete track and fix count of tags add track
* Update use of wp_localize_script
* Fix completed card button
* Update sectioned task list to use onboarding data store
Co-authored-by: Fernando Marichal <contacto@fernandomarichal.com>
Co-authored-by: Joshua Flowers <joshuatf@gmail.com>
* Add infrastructure for mocking globals in unit tests.
- 'get_global' method in LegacyProxy, MockableLegacyProxy and WC().
- 'register_global_mocks' method in MockableLegacyProxy.
- 'register_legacy_proxy_global_mocks' method in WC_Unit_Test_Case.
* Add the DynamicDecorator class, and unit tests for it.
* Add the StringUtil::contains method
* Add unit tests for error logging on PostsToOrdersMigrationController
* Update README file to mention improvements in unit testing infrastructure
- Mention the mechanism to mock globals using the LegacyProxy
- Mention the code hacker and the DynamicDecorator
* Add changelog file
* Set timezone before calling get_weekstartend and after to preserve original timezone
* Add test for timezone check
* Update calculation to be timezone agnostic and add tests
* Changelog
Allow filtering of cookie flags, which enables setting of `samesite`.
* Break out filter so the same filter can be used for any version of PHP.
* Add docblocks and other linting fixes; add changelog.
Props: David Anderson <DavidAnderson684@users.noreply.github.com>
Cleanup twentytwenty notice notices. Closes#29529.
* Increase width of border for notices
* Make notice buttons black to provide sufficient contrast
* Add changelog.
saboanca
Dharmesh Patel
Vedanshu Jain
Christopher Allford
Chi-Hsuan Huang
Moon
jonathansadowski
Heba Fareed
Jorge A. Torres
RJ
Ilyas Foo
AnnaMag
Corey McKrill
Joshua T Flowers
Niels Lange
Paul Sealock
Joel Thiessen
Daniel Morell
Luigi Teschio
mrleemon
Adrian Duffell
Kathy
Adp5067
Sakri Koskimies
Néstor Soriano
Barry Hughes
Josh Betz
Deiva Magalhaes
Joep Schuurkes
Albert Juhé Lluveras
Tung Du
Hugo Derre
Fernando
louwie17
Roy Ho
Viktor Szépe
erikdemarco
Ninos Ego
Ian Forrest
Matt Harrison
Jonathan Lane
“Chris
AnnaMag
Jonathan Sadowski
Peter Fabian
Rodel
Joel T