Showing with 239 additions and 153 deletions.
  1. +6 −0 CHANGELOG.md
  2. +6 −6 composer.lock
  3. +6 −1 inc/files.php
  4. +41 −10 inc/functions.php
  5. +7 −13 inc/woocommerce.php
  6. +104 −119 js/file-upload.js
  7. +1 −1 package.json
  8. +10 −1 readme.txt
  9. +56 −0 tests/test-functions.php
  10. +2 −2 woocommerce-product-addon.php
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
##### [Version 32.0.23](https://github.com/Codeinwp/woocommerce-product-addon/compare/v32.0.22...v32.0.23) (2024-07-01)

- Fixed hard rejection of cart items when HTML is present in the input value
- Fixed infinite popup for file uploads under visibility conditions
- Fixed .ai files to be allowed for upload

##### [Version 32.0.22](https://github.com/Codeinwp/woocommerce-product-addon/compare/v32.0.21...v32.0.22) (2024-05-20)

- Fixed error when products with PPOM fields are not added to the cart
Expand Down
12 changes: 6 additions & 6 deletions composer.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 6 additions & 1 deletion inc/files.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,8 +168,13 @@ function ppom_upload_file() {

$file_name = apply_filters( 'ppom_uploaded_filename', $file_name );

$additional_mime_types = apply_filters( 'ppom_custom_allowed_mime_types', array( 'ai' => 'application/postscript' ) );

$allowed_mime_types = array_merge( get_allowed_mime_types(), $additional_mime_types );

/* ========== Invalid File type checking ========== */
$file_type = wp_check_filetype_and_ext( $file_dir_path . $file_name, $file_name );
$file_type = wp_check_filetype_and_ext( $file_dir_path . $file_name, $file_name, $allowed_mime_types );

$extension = $file_type['ext'];


Expand Down
51 changes: 41 additions & 10 deletions inc/functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,12 +249,12 @@ function ppom_get_product_regular_price( $product ) {
/*
if( has_filter('woocs_exchange_value') ) {
global $WOOCS;
if($WOOCS->current_currency != $WOOCS->default_currency ) {
if($WOOCS->is_multiple_allowed) {
$product_price = apply_filters('woocs_raw_woocommerce_price', $product_price);
} else {
$product_price = apply_filters('woocs_exchange_value', $product_price);
}
}
Expand All @@ -272,6 +272,26 @@ function ppom_get_product_regular_price( $product ) {
return apply_filters( 'ppom_product_regular_price', $product_price, $product );
}

/**
* Sanitize the input fields.
*
* @param mixed $field_value Field value to sanitize.
* @return mixed|string Sanitized field value.
*/
function ppom_recursive_sanitization( $field_value ) {
if ( is_string( $field_value ) ) {
$field_value = sanitize_textarea_field( wp_strip_all_tags( $field_value ) );
}

if ( is_array( $field_value ) ) {
foreach ($field_value as $key => $val ) {
$field_value[ $key ] = ppom_recursive_sanitization( $val );
}
}

return $field_value;
}

/**
* adding cart items to order
*
Expand All @@ -282,6 +302,7 @@ function ppom_make_meta_data( $cart_item, $context = 'cart' ) {
if ( ! isset( $cart_item['ppom']['fields'] ) ) {
return $cart_item;
}

$ppom_meta_ids = '';
// removing id field
if ( ! empty( $cart_item ['ppom'] ['fields']['id'] ) ) {
Expand All @@ -296,6 +317,16 @@ function ppom_make_meta_data( $cart_item, $context = 'cart' ) {
}

$product_id = ppom_get_product_id( $cart_item['data'] );

// Fields sanitization.
$ppom = new PPOM_Meta( $product_id );
foreach( $ppom->fields as $field ) {
$data_name = sanitize_key( $field['data_name'] );
if ( isset( $cart_item['ppom']['fields'][$data_name] ) ) {
$cart_item['ppom']['fields'][$data_name] = ppom_recursive_sanitization( $cart_item['ppom']['fields'][$data_name] );
}
}

$ppom_meta = array();
$ppom_cart_fields = $cart_item ['ppom'];
$ppom_meta_ids = apply_filters( 'ppom_meta_ids_in_cart', null, $cart_item );
Expand Down Expand Up @@ -477,7 +508,7 @@ function ppom_generate_cart_meta( $ppom_cart_items, $product_id, $ppom_meta_ids
if ( ! empty( $quantity ) ) {
$meta_display[] = "{$ticket_variations} = {$quantity}";
$total_qty += intval( $quantity );
}
}
}
}
}
Expand Down Expand Up @@ -1177,7 +1208,7 @@ function ppom_convert_options_to_key_val( $options, $meta, $product ) {
'imageselect',
'image',
'audio',
)
)
);
if ( in_array( $meta_type, $option_with_titles_keys ) ) {

Expand Down Expand Up @@ -1235,9 +1266,9 @@ function ppom_convert_options_to_key_val( $options, $meta, $product ) {
// $show_option_price = apply_filters('ppom_show_option_price', $show_price, $meta);
/*
if( !empty($option_price) ) {
// $option_price = $option['price'];
// check if price in percent
if(strpos($option_price,'%') !== false){
$option_price = ppom_get_amount_after_percentage($product_price, $option_price);
Expand All @@ -1249,15 +1280,15 @@ function ppom_convert_options_to_key_val( $options, $meta, $product ) {
$option_label = ppom_generate_option_label($option, $option_price, $meta);
$option_percent = $option['price'];
} else {
// check if price is fixed and taxable
if(isset($meta['onetime']) && $meta['onetime'] == 'on' && isset($meta['onetime_taxable']) && $meta['onetime_taxable'] == 'on') {
$option_price_without_tax = $option_price;
$option_price = ppom_get_price_including_tax($option_price, $product);
}
$option_label = ppom_generate_option_label($option, $option_price, $meta);
}
}*/

// ppom_pa($option);
Expand Down Expand Up @@ -1341,7 +1372,7 @@ function ppom_generate_option_label( $option, $price, $meta ) {

switch ( $meta_type ) {

// No span/html in Select DOM
// No span/html in Select DOM
case 'selectqty':
case 'select':
case 'multiple_select':
Expand Down Expand Up @@ -2350,4 +2381,4 @@ function ppom_check_pro_compatibility($feature_slug) {
}

return isset( PPOM_PRO_COMPATIBILITY_FEATURES[ $feature_slug ] ) && PPOM_PRO_COMPATIBILITY_FEATURES[ $feature_slug ];
}
}
20 changes: 7 additions & 13 deletions inc/woocommerce.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,24 +230,18 @@ function ppom_check_validation( $product_id, $post_data, $passed = true ) {

$passed = apply_filters( 'ppom_before_fields_validation', $passed, $field, $post_data, $product_id );

if ( empty( $field['data_name'] ) ) {
continue;
}

$data_name = sanitize_key( $field['data_name'] );

if ( ! empty($ppom_posted_fields[$data_name]) && is_string( $ppom_posted_fields[$data_name] ) && $ppom_posted_fields[$data_name] !== strip_tags( $ppom_posted_fields[$data_name] ) ) {
$passed = false;
}

if ( empty( $field['required'] ) && ( empty( $field['min_checked'] ) && empty( $field['max_checked'] ) )
if (
empty( $field['data_name'] ) &&
empty( $field['required'] ) &&
empty( $field['min_checked'] ) &&
empty( $field['max_checked'] )
) {
continue;
}

$data_name = sanitize_key( $field['data_name'] );

$title = isset( $field['title'] ) ? $field['title'] : '';
$type = isset( $field['type'] ) ? $field['type'] : '';
$title = isset( $field['title'] ) ? $field['title'] : '';

// var_dump($data_name, ppom_is_field_hidden_by_condition($data_name));
// Check if field is required by hidden by condition
Expand Down
Loading