Autofills the URL for the material contribution

[tarunnjoshi]

Autofills the URL for the material contribution.

Fix for the point Shivangi mentioned

In the Contribution form (QR code flow) in the search while filling the material contribution form; In normal cases; when the mobile numbers is entered and not present then it goes to next page and auto fills the mobile number. But there were some cases across India when the next form had mobile number set to 0

Summary by CodeRabbit

• New Features

  • Enhanced user redirection logic for various purposes.
  • Introduced new shortcodes for custom messages and landing pages.
  • Added a new query variable for improved URL data handling.
  • Implemented redirection based on individual creation flow.

• Bug Fixes

  • Improved error handling during contact retrieval processes.

[coderabbitai]

Walkthrough

The pull request introduces several modifications to the functions.php file of the Goonj CRM theme. Key updates include enhancements to user redirection logic, improved error handling, the addition of new shortcodes, and the registration of a new query variable. A new function for redirection after individual creation has also been added, while existing functions have been updated to refine their logic and error management.

Changes

File Path

Change Summary

wp-content/themes/goonj-crm/functions.php

- Added functions: goonj_custom_message_placeholder, goonj_collection_camp_landing_page, goonj_redirect_after_individual_creation - Updated functions: goonj_handle_user_identification_form, goonj_check_user_action, goonj_redirect_logged_in_user_to_civi_dashboard - Enhanced user redirection logic and error handling - Added shortcodes: goonj_volunteer_message, goonj_collection_landing_page - Registered new query variable target_id

Possibly related PRs

• redirection to correct flow after new individual creation #299: Introduces the goonj_redirect_after_individual_creation function, directly related to the new function in this PR.
• Fix/redirection for new individual signup for pu visit #311: Modifies the goonj_redirect_after_individual_creation function, which is updated in the main PR for improved redirection logic.
• Removed email & phone #328: Includes modifications to the goonj_handle_user_identification_form function, significantly updated in the main PR.

Suggested labels

in review

Suggested reviewers

• pokhiii

Poem

In the land of Goonj where changes bloom,
Functions dance and errors zoom.
Redirects flow like a gentle stream,
Shortcodes added to enhance the dream.
With every tweak, our work is bright,
Hop along, for all feels right! 🐰✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (7)

wp-content/themes/goonj-crm/functions.php (7)

Line range hint 277-281: Potential Redundancy in Query Parameters for Material Contribution

In the redirect URL for material contributions, both Material_Contribution.Delivered_By_Contact and Material_Contribution.Collection_Camp are included as query parameters. According to the PR objectives and AI-generated summary, Material_Contribution.Delivered_By_Contact is intended to replace Material_Contribution.Collection_Camp to fix the issue where the mobile number is displayed as 0.

Including both parameters might cause confusion or unexpected behavior. Consider removing Material_Contribution.Collection_Camp if it is no longer needed, ensuring that the URL correctly autofills the mobile number.

Apply this diff to modify the URL:

$material_contribution_form_path = sprintf(
-    '/material-contribution/#?email=%s&Material_Contribution.Delivered_By_Contact=%s&Material_Contribution.Collection_Camp=%s&source_contact_id=%s',
-    $email,
-    $phone,
-    $target_id,
-    $found_contacts['id']
+    '/material-contribution/#?email=%s&Material_Contribution.Delivered_By_Contact=%s&source_contact_id=%s',
+    $email,
+    $phone,
+    $found_contacts['id']
);

---

Line range hint 326-329: Ensure Proper Error Handling and Termination in Exception Catch Block

In the exception handling block, the script echoes an error message to the user but does not terminate execution. This may lead to unexpected behavior or security issues. Consider the following improvements:

• Avoid directly echoing error messages; instead, display a user-friendly error page or message using wp_die() or a custom template.
• After handling the error, ensure that the script execution is terminated by adding exit;.

Apply this diff to improve error handling:

} catch ( Exception $e ) {
    error_log( 'Error: ' . $e->getMessage() );
-   echo 'An error occurred. Please try again later.';
+   wp_die( 'An error occurred. Please try again later.' );
+   exit;
}

---

Line range hint 700-728: Missing break Statements Leading to Potential Fall-through in Switch Cases

In the goonj_redirect_after_individual_creation function, within the switch statement for $creationFlow, the case 'material-contribution' may unintentionally fall through to the next case if the condition ! empty( $collectionCamp['id'] ) is false because there is no break; statement outside the if block.

This could lead to unexpected redirections for users whose $creationFlow is 'material-contribution' but do not have a corresponding $collectionCamp['id'].

Apply this diff to add the missing break; statement:

case 'material-contribution':
    // Existing code
    if ( ! empty( $collectionCamp['id'] ) ) {
        $redirectPath = sprintf(
            '/material-contribution/#?Material_Contribution.Collection_Camp=%s&source_contact_id=%s',
            $collectionCamp['id'],
            $individual['id']
        );
        break;
    }
+   break;

---

Line range hint 105-150: Ensure URL Parameters Are Properly Encoded

When constructing URLs with sprintf, user-provided data like $email, $phone, and $source are inserted directly into query parameters. To prevent issues with special characters and ensure the integrity of the URLs, consider URL-encoding these variables.

Apply this diff to encode query parameters:

$volunteer_registration_form_path = sprintf(
    '/volunteer-registration/form/#?email=%s&phone=%s&message=%s&Volunteer_fields.Which_activities_are_you_interested_in_=%s',
-   $email,
-   $phone,
-   'not-inducted-volunteer',
-   '9', // Activity to create collection camp.
+   urlencode( $email ),
+   urlencode( $phone ),
+   urlencode( 'not-inducted-volunteer' ),
+   urlencode( '9' ), // Activity to create collection camp.
);

$individual_volunteer_registration_form_path = sprintf(
    '/individual-registration-with-volunteer-option/#?email=%s&phone=%s&Source_Tracking.Event=%s',
-   $email,
-   $phone,
-   $target_id,
+   urlencode( $email ),
+   urlencode( $phone ),
+   urlencode( $target_id ),
);

// Apply similar changes to other sprintf calls where user input is included in URLs

---

Line range hint 616-620: Consider Validating or Sanitizing User Input When Fetching Organization Name

When fetching the organization name based on $target_id, the code uses user-provided data directly in the query:

$organizationName = \Civi\Api4\Organization::get(FALSE)
    ->addSelect('display_name')
    ->addWhere('id', '=', $target_id)
    ->execute()->single();

Ensure that $target_id is validated or sanitized to prevent potential security risks such as injection attacks.

[security]

Consider casting $target_id to an integer:

$organizationName = \Civi\Api4\Organization::get(FALSE)
    ->addSelect('display_name')
-   ->addWhere('id', '=', $target_id)
+   ->addWhere('id', '=', (int) $target_id)
    ->execute()->single();

---

Line range hint 740-745: Add Missing Return Statement After Redirect

In the goonj_redirect_after_individual_creation function, after calling wp_safe_redirect(), it's a good practice to include an exit; or return; statement to prevent further code execution.

Apply this diff:

if ( empty( $redirectPath ) ) {
    return;
}

wp_safe_redirect( $redirectPath );
+ exit;
}

---

Potential Issue: 'Material_Contribution.Delivered_By_Contact' not properly handled in form processing

The Material_Contribution.Delivered_By_Contact parameter is included in the URL and retrieved in the service, but there is no evidence of its processing within the form handling logic. This could lead to issues in how the form processes this parameter.

🔗 Analysis chain

Line range hint 277-281: Verify Impact of Changes on Material Contribution Form

Please ensure that the changes made to the query parameters in the material contribution URL are correctly reflected in the form handling logic on the target page. Specifically, verify that the form correctly receives and processes the Material_Contribution.Delivered_By_Contact parameter.

Run the following script to search for instances where Material_Contribution.Delivered_By_Contact is used in the codebase:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Find occurrences of 'Material_Contribution.Delivered_By_Contact' in PHP files.

# Test: Search for the parameter usage. Expect: Ensure it's handled properly in form processing.
rg --type php 'Material_Contribution\.Delivered_By_Contact'

Length of output: 692

---

Script:

#!/bin/bash
# Description: Find how 'Material_Contribution.Delivered_By_Contact' is processed in form handling.

# Search for usage within form processing functions in PHP files.
rg --type php 'Material_Contribution\.Delivered_By_Contact' | rg 'function|method|process|handle'

Length of output: 290

---

Script:

#!/bin/bash
# Description: Find all usages of 'Material_Contribution.Delivered_By_Contact' in the PHP codebase for comprehensive verification.

# Search for all instances of the parameter in PHP files.
rg --type php 'Material_Contribution\.Delivered_By_Contact'

Length of output: 692

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e74f698 and 15990de.

📒 Files selected for processing (1)

• wp-content/themes/goonj-crm/functions.php (1 hunks)

🧰 Additional context used

[tarunnjoshi]

Closing as not needed.