fix(form): verify nonce when changing payment method #2580
Assignees
Milestone
Comments
kevinwhoffman
changed the title
ravinderk
added a commit
that referenced
this issue
Aug 1, 2018
5 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue Overview
Adding Nonce fields when changing the Gateway
Expected Behavior
Nonce Should add at the time of changing the Gateway
Current Behavior
Not using the Nonce
Steps to Reproduce (for bugs)
Related Issues and/or PRs
#2568
#2579
Todos
WordPress Environment
Home URL: http://give.local
Site URL: http://give.local
WP Version: 4.9.1
WP Multisite: –
WP Memory Limit: 256 MB
WP Debug Mode: ✔
WP Cron: ✔
Language: en_US
Permalink Structure: /%postname%/
Show on Front: posts
Table Prefix Length: 3
Table Prefix Status: Acceptable
Admin AJAX: Inaccessible
Registered Post Statuses: publish, future, draft, pending, private, trash, auto-draft, inherit, refunded, failed, revoked, cancelled, abandoned, processing, preapproval, give_subscription
Server Environment
Hosting Provider: DBH: localhost, SRV: give.local
TLS Connection:
TLS Connection:
Server Info: nginx/1.10.1
PHP Version: 7.0.3
PHP Post Max Size: 1,000 MB
PHP Time Limit: 900
PHP Max Input Vars: 3000
PHP Max Upload Size: 1,000 MB
cURL Version: ❌ 7.38.0, OpenSSL/1.0.1t - We recommend a minimum cURL version of 7.40.
SUHOSIN Installed: –
MySQL Version: ❌ 5.5.55 - We recommend a minimum MySQL version of 5.6. See: WordPress Requirements
Default Timezone is UTC: ✔
fsockopen/cURL: ✔
SoapClient: ✔
DOMDocument: ✔
gzip: ✔
GD Graphics Library: ✔
Multibyte String: ✔
Remote Post: ✔
Remote Get: ✔
Give Configuration
Give Version: 2.0.0
Give Cache: Enabled
Database Updates: All DB Updates Completed.
Give Cache: Enabled
Give Cache: ✔New Donation✔Donation Receipt❌New Offline Donation❌Offline Donation Instruction✔New Donor Register✔Donor Register✔Email access
Upgraded From: –
Test Mode: Disabled
Currency Code: USD
Currency Position: Before
Decimal Separator: .
Thousands Separator: ,
Success Page: http://give.local/donation-confirmation/
Failure Page: http://give.local/donation-failed/
Donation History Page: http://give.local/donation-history/
Give Forms Slug: /donations/
Enabled Payment Gateways: Stripe - ACH, Test Donation, Stripe - Credit Card
Default Payment Gateway: Stripe - Credit Card
PayPal IPN Verification: Enabled
PayPal IPN Notifications: N/A
Admin Email Notifications: Disabled
Donor Email Access: Enabled
Session Configuration
Give Use Sessions: Enabled
Session: Disabled
Active Give Add-ons
Give - Email Reports: ❌ Unlicensed – by WordImpress – 1.0.1
Give - Fee Recovery: ❌ Unlicensed – by WordImpress – 1.3.5
Give - Form Field Manager: ❌ Unlicensed – by WordImpress – 1.2.4
Give - Manual Donations: ❌ Unlicensed – by WordImpress – 1.2.2
Give - PDF Receipts: ❌ Unlicensed – by WordImpress – 2.2.2
Give - Recurring Donations: ❌ Unlicensed – by WordImpress – 1.5
Give - Stripe Gateway: ❌ Unlicensed – by WordImpress – 1.5.2
Give - Tributes: ❌ Unlicensed – by WordImpress – 1.3.2
Other Active Plugins
Duplicate Post: by Enrico Battocchi – 3.2.1
Inactive Plugins
Give - 2Checkout Gateway: by WordImpress – 1.0.2
Give - Authorize.net Gateway: by WordImpress – 1.3.2
Give - AWeber: by WordImpress – 1.0.2
Give - Braintree Gateway: by WordImpress – 1.1.1
Give - CCAvenue Gateway: by WordImpress – 1.0
Give - ConvertKit: by WordImpress – 1.0.1
Give - CSV Toolbox: by WordImpress – 1.0
Give - Display Donors: by WordImpress, LLC – 1.0
Give - Dwolla Gateway: by WordImpress – 1.1.2
Give - Form Countdown: by WordImpress – 1.0
Give - Gift Aid: by WordImpress – 1.0.0
Give - Google Analytics Donation Tracking: by WordImpress – 1.1.1
Give - iATS Payment Solutions: by WordImpress – 1.0.1
Give - Paymill Gateway: by WordImpress – 1.1
Theme
Name: Twenty Sixteen
Version: 1.4
Author URL: https://wordpress.org/
Child Theme: No – If you're modifying Give on a parent theme you didn't build personally, then we recommend using a child theme. See: How to Create a Child Theme
The text was updated successfully, but these errors were encountered: