Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/master' into fix-sanitize-filter…
Browse files Browse the repository at this point in the history 
…-request
  • Loading branch information
@DarrenWestwood
DarrenWestwood committed Jun 1, 2021
2 parents 80aa35c + 74d71d3 commit ca55fa3
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 48 deletions.
4 changes: 4 additions & 0 deletions HISTORY.md
View file
@@ -1,5 +1,9 @@
== Changelog ==

= 3.2 =
* Updated Test Setup logic
* Security fixes

= 3.1 =
* New Test Setup Interface with Currencies Tab
* Added Woocommerce filter to locate orders by txid/address
Expand Down
6 changes: 3 additions & 3 deletions README.md
View file
Expand Up @@ -3,7 +3,7 @@
**Tags:** bitcoin, accept bitcoin, bitcoin woocommerce, bitcoin wordpress plugin, bitcoin payments
**Requires at least:** 3.0.1
**Tested up to:** 5.7
**Stable tag:** 3.1
**Stable tag:** 3.2
**License:** MIT
**License URI:** http://opensource.org/licenses/MIT

Expand All @@ -22,7 +22,7 @@ Blockonomics is the only Bitcoin payment gateway that enables full decentralizat
- Payments are received **directly into your wallet**
- **No approvals** of API key/documentation required
- **Safe and secure** transactions
- Installation only takes **two minutes** - [Video Tutorial](https://www.youtube.com/watch?v=tysaHV2CxPI)
- Installation only takes **two minutes** - [Video Tutorial](https://www.youtube.com/watch?v=nFKzzMgdBpQ)
- Eliminate chargebacks and fraud
- **World-class** customer support team

Expand All @@ -45,7 +45,7 @@ You can operate the plugin in two different modes:
- To withdraw received funds, user has to change to *Direct to Wallet* mode

### Direct to Wallet Mode (Recommended) ###
[Video Tutorial](https://www.youtube.com/watch?v=uY44SYEdyI0) | [Blog Tutorial](https://blog.blockonomics.co/how-to-accept-bitcoin-payments-on-woocommerce-using-blockonomics-f18661819a62)
[Video Tutorial](https://www.youtube.com/watch?v=lNFBAk2x6ns) | [Blog Tutorial](https://blog.blockonomics.co/how-to-accept-bitcoin-payments-on-woocommerce-using-blockonomics-f18661819a62)

- Click on **Get Started For Free** on [Blockonomics > Merchants](https://www.blockonomics.co/merchants) and proceed to complete merchant wizard.
- Your API key should be now shown on the [merchants page](https://www.blockonomics.co/merchants)
Expand Down
2 changes: 1 addition & 1 deletion blockonomics-woocommerce.php
View file
Expand Up @@ -3,7 +3,7 @@
* Plugin Name: WordPress Bitcoin Payments - Blockonomics
* Plugin URI: https://github.com/blockonomics/woocommerce-plugin
* Description: Accept Bitcoin Payments on your WooCommerce-powered website with Blockonomics
* Version: 3.1
* Version: 3.2
* Author: Blockonomics
* Author URI: https://www.blockonomics.co
* License: MIT
Expand Down
86 changes: 43 additions & 43 deletions php/Blockonomics.php
View file
Expand Up @@ -132,58 +132,58 @@ public function check_get_callbacks_response_body ($response, $crypto){
$error_str = '';
$response_body = json_decode(wp_remote_retrieve_body($response));

$callback_secret = get_option('blockonomics_callback_secret');
$api_url = WC()->api_request_url('WC_Gateway_Blockonomics');
$callback_url = add_query_arg('secret', $callback_secret, $api_url);
$callback_url_without_schema = preg_replace('/https?:\/\//', '', $callback_url);

//if merchant doesn't have any xPubs on his Blockonomics account
if (!isset($response_body) || count($response_body) == 0)
{
$error_str = __('You have not entered an xPub', 'blockonomics-bitcoin-payments');
$error_str = __('Please add a new store on blockonomics website', 'blockonomics-bitcoin-payments');
}
elseif (count($response_body) == 1)
//if merchant has at least one xPub on his Blockonomics account
elseif (count($response_body) >= 1)
{
$response_callback = '';
$response_address = '';
if(isset($response_body[0])){
$response_callback = isset($response_body[0]->callback) ? $response_body[0]->callback : '';
$response_address = isset($response_body[0]->address) ? $response_body[0]->address : '';
}
$response_callback_without_schema = preg_replace('/https?:\/\//', '', $response_callback);
if(!$response_callback || $response_callback == null)
{
//No callback URL set, set one
$this->update_callback($callback_url, $crypto, $response_address);
$error_str = $this->examine_server_callback_urls($response_body, $crypto);
}
return $error_str;
}

// checks each existing xpub callback URL to update and/or use
public function examine_server_callback_urls($response_body, $crypto)
{
$callback_secret = get_option('blockonomics_callback_secret');
$api_url = WC()->api_request_url('WC_Gateway_Blockonomics');
$wordpress_callback_url = add_query_arg('secret', $callback_secret, $api_url);
$base_url = preg_replace('/https?:\/\//', '', $api_url);
$available_xpub = '';
$partial_match = '';
//Go through all xpubs on the server and examine their callback url
foreach($response_body as $one_response){
$server_callback_url = isset($one_response->callback) ? $one_response->callback : '';
$server_base_url = preg_replace('/https?:\/\//', '', $server_callback_url);
$xpub = isset($one_response->address) ? $one_response->address : '';
if(!$server_callback_url){
// No callback
$available_xpub = $xpub;
}else if($server_callback_url == $wordpress_callback_url){
// Exact match
return '';
}
elseif($response_callback_without_schema != $callback_url_without_schema)
{
$base_url = get_bloginfo('wpurl');
$base_url = preg_replace('/https?:\/\//', '', $base_url);
// Check if only secret differs
if(strpos($response_callback, $base_url) !== false)
{
//Looks like the user regenrated callback by mistake
//Just force Update_callback on server
$this->update_callback($callback_url, $crypto, $response_address);
}
else
{
$error_str = __("You have an existing callback URL", 'blockonomics-bitcoin-payments');
}

else if(strpos($server_base_url, $base_url) === 0 ){
// Partial Match - Only secret or protocol differ
$partial_match = $xpub;
}
}
else
{
$error_str = __("You have an existing callback URL", 'blockonomics-bitcoin-payments');
// Check if callback url is set
foreach ($response_body as $res_obj)
if(preg_replace('/https?:\/\//', '', $res_obj->callback) == $callback_url_without_schema)
$error_str = "";
}
// Use the available xpub
if($partial_match || $available_xpub){
$update_xpub = $partial_match ? $partial_match : $available_xpub;
$this->update_callback($wordpress_callback_url, $crypto, $update_xpub);
return '';
}
// No match and no empty callback
$error_str = __("Please add a new store on blockonomics website", 'blockonomics-bitcoin-payments');
return $error_str;
}



public function check_callback_urls_or_set_one($crypto, $response)
{
$api_key = get_option("blockonomics_api_key");
Expand Down Expand Up @@ -651,4 +651,4 @@ public function generate_qrcode($data) {
ob_end_clean();
QRcode::png($codeText);
}
}
}
2 changes: 1 addition & 1 deletion templates/blockonomics_checkout.php
View file
Expand Up @@ -27,7 +27,7 @@
<!-- Address Error -->
<div id="address-error-btc" ng-show="address_error_btc" ng-cloak>
<h2><?=__('Could not generate new Bitcoin address', 'blockonomics-bitcoin-payments')?></h2>
<p><?=__('Note to webmaster: Please login to your admin panel, navigate to Settings > Blockonomics and click <i>Test Setup</i> to diagnose the issue.', 'blockonomics-bitcoin-payments')?></p>
<p><?=__('Note to webmaster: Please login to your admin panel, navigate to Settings > Blockonomics > Currencies and click <i>Test Setup</i> to diagnose the issue.', 'blockonomics-bitcoin-payments')?></p>
</div>
<!-- Gap limit Error -->
<div id="address-error-btc-gaplimit" ng-show="btc_gaplimit_error" ng-cloak>
Expand Down

0 comments on commit ca55fa3

Please sign in to comment.