From c24675bb9cfc40360bf2f9dcf4c312078850f13c Mon Sep 17 00:00:00 2001
From: Dan Phiffer <dan@phiffer.org>
Date: Mon, 23 Sep 2024 10:53:09 -0400
Subject: [PATCH 1/2] update acf

---
 composer.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/composer.lock b/composer.lock
index 2a616e0..180eca3 100644
--- a/composer.lock
+++ b/composer.lock
@@ -154,10 +154,10 @@
         },
         {
             "name": "wpengine/advanced-custom-fields-pro",
-            "version": "6.3.5",
+            "version": "6.3.6",
             "dist": {
                 "type": "zip",
-                "url": "https://connect.advancedcustomfields.com/v2/plugins/composer_download?p=pro&t=6.3.5"
+                "url": "https://connect.advancedcustomfields.com/v2/plugins/composer_download?p=pro&t=6.3.6"
             },
             "require": {
                 "composer/installers": "~1.0 || ~2.0"

From 42fa94cf35a0a6dd0afa74fed6816860945241ab Mon Sep 17 00:00:00 2001
From: Dan Phiffer <dan@phiffer.org>
Date: Mon, 23 Sep 2024 10:53:33 -0400
Subject: [PATCH 2/2] use admin-ajax instead of rest api

---
 src/API.php        | 42 ++++++++++++++----------------------------
 src/Assets.php     |  4 ++--
 src/split-tests.js | 24 +++++++++++++++++-------
 3 files changed, 33 insertions(+), 37 deletions(-)

diff --git a/src/API.php b/src/API.php
index d0ca9cf..989475a 100644
--- a/src/API.php
+++ b/src/API.php
@@ -27,15 +27,8 @@ class API {
      */
     function __construct($plugin) {
         $this->plugin = $plugin;
-
-        add_action('rest_api_init', function() {
-            // Setup events route: /wp-json/split-tests/v1/events
-            register_rest_route('split-tests/v1', 'events', [
-                'methods' => 'POST',
-                'callback' => [$this, 'rest_api_events'],
-                'permission_callback' => '__return_true',
-          ]);
-        });
+        add_action('wp_ajax_split_tests', [$this, 'ajax_handler']);
+        add_action('wp_ajax_nopriv_split_tests', [$this, 'ajax_handler']);
     }
 
     /**
@@ -43,27 +36,20 @@ function __construct($plugin) {
      *
      * @return array
      */
-    function rest_api_events($request) {
+    function ajax_handler() {
         $ok_rsp = true;
         try {
-            $nonce = $request->get_param('_wpnonce');
-            $events = json_decode($request->get_body(), 'as array');
-            if (! wp_verify_nonce($nonce, 'wp_rest')) {
-                throw new \Exception("rest_api_events: invalid nonce '$nonce'");
-            }
-            foreach ($events as $event) {
-                if (count($event) != 3) {
-                    continue;
-                }
-                list($test_or_convert, $split_test_id, $variant_index) = $event;
-                $test_type = get_field('test_type', $split_test_id);
-                $this->plugin->insert_split_test_event(
-                    $test_or_convert,
-                    $split_test_id,
-                    $test_type,
-                    $variant_index
-                );
-            }
+            check_ajax_referer('split_tests_event', 'n');
+            $test_or_convert = $_POST['t'];
+            $split_test_id = intval($_POST['i']);
+            $variant_index = intval($_POST['v']);
+            $test_type = get_field('test_type', $split_test_id);
+            $this->plugin->insert_split_test_event(
+                $test_or_convert,
+                $split_test_id,
+                $test_type,
+                $variant_index
+            );
         } catch(\Exception $err) {
             $ok_rsp = false;
             error_log($err);
diff --git a/src/Assets.php b/src/Assets.php
index 6413b28..bc0d4aa 100644
--- a/src/Assets.php
+++ b/src/Assets.php
@@ -65,8 +65,8 @@ function get_script_details() {
             'url' => $url,
             ... $asset,
             'localize' => [
-                'endpoint_url' => apply_filters('split_tests_endpoint_url', '/wp-json/split-tests/v1/events'),
-                'nonce' => wp_create_nonce('wp_rest'),
+                'endpoint_url' => admin_url('admin-ajax.php') . '?action=split_tests',
+                'nonce' => wp_create_nonce('split_tests_event'),
                 'onload' => $this->plugin->onload_events,
                 'dom' => $this->plugin->dom_tests->get_variants()
             ]
diff --git a/src/split-tests.js b/src/split-tests.js
index 3afaf19..0bbfe06 100644
--- a/src/split-tests.js
+++ b/src/split-tests.js
@@ -8,13 +8,23 @@ export default function split_tests_init() {
         if (!events || events.length < 1) {
             return;
         }
-        return fetch(`${split_tests.endpoint_url}?_wpnonce=${split_tests.nonce}`, {
-            method: 'POST',
-            headers: {
-                'Content-Type': 'application/json'
-            },
-            body: JSON.stringify(events)
-        });
+        let promises = [];
+        for (let e of events) {
+            let response = fetch(split_tests.endpoint_url, {
+                method: 'POST',
+                headers:{
+                    'Content-Type': 'application/x-www-form-urlencoded'
+                },
+                body: new URLSearchParams({
+                    t: e[0],             // type (test or convert)
+                    i: e[1],             // post ID
+                    v: e[2],             // variant
+                    n: split_tests.nonce // nonce
+                })
+            });
+            promises.push(response);
+        }
+        return Promise.all(promises);
     }
 
     if (split_tests.onload) {