Permalink
Browse files

Fix bugs with registration.

  • Loading branch information...
1 parent 39a2d98 commit 1bb26c0103b6f46500e396672c0192067e821a0e @dlongley dlongley committed Mar 4, 2012
Showing with 34 additions and 17 deletions.
  1. +19 −10 payswarm-admin.inc
  2. +5 −1 payswarm-article.inc
  3. +8 −3 payswarm-client.inc
  4. +2 −3 payswarm-register.php
View
@@ -137,7 +137,11 @@ function payswarm_setup_register_page() {
*/
function payswarm_init_registration() {
// do nonce security check (dies on failure)
- check_admin_referer('update');
+ $valid_nonce = wp_verify_nonce(
+ $_POST['_wpnonce'], 'payswarm_register-options');
+ if(!$valid_nonce) {
+ wp_die(__('Access denied.'));
+ }
try {
// validate authority host
@@ -146,26 +150,25 @@ function payswarm_init_registration() {
throw new Exception('Invalid PaySwarm Authority host.');
}
$host = $_POST['payswarm_authority_host'];
+ update_option('payswarm_authority_host', $host);
// sanitize overwrite key pair
$overwrite = isset($_POST['payswarm_overwrite_key_pair']);
+ update_option('payswarm_overwrite_key_pair', $overwrite);
// get register vendor url
$callback = plugins_url() . '/payswarm/payswarm-register.php';
$url = payswarm_get_register_vendor_url($host, $callback, $overwrite);
- // save settings
- update_option('payswarm_authority_host', $host);
- update_option('payswarm_overwrite_key_pair', $overwrite);
-
// redirect to the PaySwarm Authority registration URL
header('HTTP/1.1 303 See Other');
header("Location: $url");
}
catch(Exception $e) {
// close the popup and report an error
$url = admin_url() . 'plugins.php?page=payswarm&error=config';
- payswarm_close_register_popup($url);
+ print_r($e);
+ //payswarm_close_register_popup($url);
}
}
@@ -214,7 +217,11 @@ function payswarm_complete_registration($response) {
* @param string $url the URL to load in the parent window.
*/
function payswarm_close_register_popup($url) {
- echo "<script type=\"text/javascript\">closePopup('$url');</script>";
+ $script = PAYSWARM_PLUGIN_URL . 'payswarm.js';
+ ?>
+ <script type="text/javascript" src="<?php echo $script; ?>"></script>
+ <script type="text/javascript">closePopup('<?php echo $url; ?>');</script>
+ <?php
}
/**
@@ -228,8 +235,10 @@ function payswarm_close_register_popup($url) {
function payswarm_admin_warning($warning) {
?>
<div id='payswarm-admin-warning' class='updated fade'>
- <p><?php __($warning); ?>
- You still need to <a href="plugins.php?page=payswarm">configure PaySwarm</a>
+ <p>
+ <?php _e($warning); ?>
+ You still need to
+ <a href="plugins.php?page=payswarm">configure PaySwarm</a>.
</p>
</div>
<?php
@@ -247,7 +256,7 @@ function payswarm_render_register_page() {
<div class="wrap">
<?php screen_icon('options-general'); ?>
<h2>PaySwarm</h2>
- <form action="$register_url" method="post"
+ <form action="<?php echo $register_url; ?>" method="post"
onsubmit="javascript:showAuthorityPopup(this);">
<?php settings_fields('payswarm_register'); ?>
<?php do_settings_sections('payswarm_register'); ?>
View
@@ -96,7 +96,11 @@ function payswarm_complete_purchase($response) {
* @param string $url the URL to load in the parent window.
*/
function payswarm_close_purchase_popup($url) {
- echo "<script type=\"text/javascript\">closePopup('$url');</script>";
+ $script = PAYSWARM_PLUGIN_URL . 'payswarm.js';
+ ?>
+ <script type="text/javascript" src="<?php echo $script; ?>"></script>
+ <script type="text/javascript">closePopup('<?php echo $url; ?>');</script>
+ <?php
}
/**
View
@@ -293,7 +293,7 @@ function payswarm_get_jsonld($url, $cache) {
if($rval === false) {
// retrieve response
$rval = call_user_func($payswarm_hooks['get_jsonld'], $url);
- payswarm_jsonld_decode($rval);
+ $rval = payswarm_jsonld_decode($rval);
if($rval === null) {
throw new Exception("Invalid response from '$url': Malformed JSON.");
}
@@ -324,11 +324,11 @@ function payswarm_post_jsonld($url, $obj) {
}
catch(Exception $e) {
throw new Exception('PaySwarm Exception: ' .
- "Error while trying to POST to '$url': " + $e->getMessage());
+ "Error while trying to POST to '$url': " . $e->getMessage());
}
// decode response
- payswarm_jsonld_decode($rval);
+ $rval = payswarm_jsonld_decode($rval);
if($rval === null) {
throw new Exception("Invalid response from '$url': Malformed JSON.");
}
@@ -372,6 +372,11 @@ function payswarm_get_cached_jsonld($id) {
* @return stdClass the JSON-LD context.
*/
function payswarm_jsonld_resolve($url) {
+ // FIXME: hack until http://purl.org/payswarm/v1 is ready
+ if($url === 'http://purl.org/payswarm/v1') {
+ return (object)array(
+ '@context' => payswarm_create_default_jsonld_context());
+ }
return payswarm_get_jsonld($url, true);
}
View
@@ -3,9 +3,8 @@
require_once('../../../wp-config.php');
require_once('payswarm-admin.inc');
-if(!is_admin() or
- (is_multisite() and !is_super_admin())) {
- wp_die(__('You must be an admin to register.'));
+if(!current_user_can('manage_options')) {
+ wp_die(__('Access denied.'));
}
// see if a registration response is available

0 comments on commit 1bb26c0

Please sign in to comment.