r102819 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r102818‎ \| r102819 \| r102820 >
Date:	22:39, 11 November 2011
Author:	khorn
Status:	ok
Tags:
Comment:	Prevents logic on GlobalCollect's resultswitcher page from firing unless the user has an appropriate session key set, that matches the order_id they're trying to finish up as per the URL. This relates to the issue we're seeing, from people trying to donate who do not have cookies enabled. This should NOT be deployed before we fix them getting in, in the first place. Otherwise, they'll go through the cc submission process and get a forbidden error. Not quite complete yet: Still needs appropriate forbidden messages for all the languages.
Modified paths:	/trunk/extensions/DonationInterface/gateway_common/DonationData.php (modified) (history) /trunk/extensions/DonationInterface/gateway_common/gateway.adapter.php (modified) (history) /trunk/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php
—	—	@@ -38,6 +38,14 @@
39	39	public function execute( $par ) {
40	40	global $wgRequest, $wgOut, $wgExtensionAssetsPath;
41	41
	42	+ //no longer letting people in without these things. If this is
	43	+ //preventing you from doing something, you almost certainly want to be
	44	+ //somewhere else.
	45	+ if ( !isset($_GET['order_id']) \|\| !$this->adapter->hasDonorDataInSession( 'order_id', $_GET['order_id'] ) ){
	46	+ //TODO: i18n, apparently.
	47	+ wfHttpError( 403, 'Forbidden', 'You do not have permission to access this page.' );
	48	+ }
	49	+
42	50	$referrer = $wgRequest->getHeader( 'referer' );
43	51
44	52	global $wgServer;
—	—	@@ -45,11 +53,14 @@
46	54	//I didn't do this already, because this may turn out to be backwards anyway. It might be good to do the work in the iframe,
47	55	//and then pop out. Maybe. We're probably going to have to test it a couple different ways, for user experience.
48	56	//However, we're _definitely_ going to need to pop out _before_ we redirect to the thank you or fail pages.
49		~~- if ( strpos( $referrer, $wgServer ) === false ) {~~
	57	+ if ( strpos( $referrer, $wgServer ) === false ) {
50	58	$wgOut->allowClickjacking();
51	59	$wgOut->addModules( 'iframe.liberator' );
52	60	return;
53	61	}
	62	+
	63	+
	64	+
54	65
55	66	$wgOut->addExtensionStyle(
56	67	$wgExtensionAssetsPath . '/DonationInterface/gateway_forms/css/gateway.css?284' .
—	—	@@ -62,10 +73,9 @@
63	74	if ( $this->adapter->checkTokens() ) {
64	75	// Display form for the first time
65	76	$oid = $wgRequest->getText( 'order_id' );
66		~~- $adapter_oid = $this->adapter->getData_Raw( 'order_id' );~~
67	77
68	78	//this next block is for credit card coming back from GC. Only that. Nothing else, ever.
69		~~- if ( $this->adapter->getData_Raw( 'payment_method') === 'cc' && $oid && !empty( $oid ) && $oid === $adapter_oid ) {~~
	79	+ if ( $this->adapter->getData_Raw( 'payment_method') === 'cc' && $this->adapter->hasDonorDataInSession( 'order_id', $_GET['order_id'] ) ) {
70	80	if ( !array_key_exists( 'order_status', $_SESSION ) \|\| !array_key_exists( $oid, $_SESSION['order_status'] ) ) {
71	81	$_SESSION['order_status'][$oid] = $this->adapter->do_transaction( 'Confirm_CreditCard' );
72	82	$_SESSION['order_status'][$oid]['data']['count'] = 0;
—	—	@@ -93,7 +103,7 @@
94	104	$wgOut->redirect( $go );
95	105	} //TODO: There really should be an else here.
96	106	}
97		~~- }~~
	107	+ }
98	108	} else {
99	109	if ( !$this->adapter->isCaching() ) {
100	110	// if we're not caching, there's a token mismatch
Index: trunk/extensions/DonationInterface/gateway_common/gateway.adapter.php
—	—	@@ -289,7 +289,6 @@
290	290	$url = $url . "/$language";
291	291	}
292	292
293		~~- error_log("Position: " . strpos( $url, 'http' ));~~
294	293	if ( strpos( $url, 'http' ) === 0) {
295	294	return $url;
296	295	} else { //this isn't a url yet.
—	—	@@ -1920,5 +1919,24 @@
1921	1920	}
1922	1921	return $this->action;
1923	1922	}
	1923	+
	1924	+ /**
	1925	+ * Checks to see if we have donor data in our session.
	1926	+ * This can be useful for determining if a user should be at a certain point
	1927	+ * in the workflow for certain gateways. For example: This is used on the
	1928	+ * outside of the adapter in GlobalCollect's resultswitcher page, to
	1929	+ * determine if the user is actually in the process of making a credit card
	1930	+ * transaction.
	1931	+ * @param string $key Optional: A particular key to check against the
	1932	+ * donor data in session.
	1933	+ * @param string $value Optional (unless $key is set): A value that the $key
	1934	+ * should contain, in the donor session.
	1935	+ * @return boolean true if the session contains donor data (and if the data
	1936	+ * key matches, when key and value are set), and false if there is no donor
	1937	+ * data (or if the key and value do not match)
	1938	+ */
	1939	+ public function hasDonorDataInSession( $key = false, $value= '' ){
	1940	+ return $this->dataObj->hasDonorDataInSession( $key, $value );
	1941	+ }
1924	1942
1925	1943	}
\ No newline at end of file
Index: trunk/extensions/DonationInterface/gateway_common/DonationData.php
—	—	@@ -864,6 +864,7 @@
865	865	public function addDonorDataToSession() {
866	866	self::ensureSession();
867	867	$donordata = $this->getStompMessageFields();
	868	+ $donordata[] = 'order_id';
868	869
869	870	foreach ( $donordata as $item ) {
870	871	if ( $this->isSomething( $item ) ) {
—	—	@@ -871,6 +872,38 @@
872	873	}
873	874	}
874	875	}
	876	+
	877	+ /**
	878	+ * Checks to see if we have donor data in our session.
	879	+ * This can be useful for determining if a user should be at a certain point
	880	+ * in the workflow for certain gateways. For example: This is used on the
	881	+ * outside of the adapter in GlobalCollect's resultswitcher page, to
	882	+ * determine if the user is actually in the process of making a credit card
	883	+ * transaction.
	884	+ * @param string $key Optional: A particular key to check against the
	885	+ * donor data in session.
	886	+ * @param string $value Optional (unless $key is set): A value that the $key
	887	+ * should contain, in the donor session.
	888	+ * @return boolean true if the session contains donor data (and if the data
	889	+ * key matches, when key and value are set), and false if there is no donor
	890	+ * data (or if the key and value do not match)
	891	+ */
	892	+ public function hasDonorDataInSession( $key = false, $value= '' ) {
	893	+ if ( self::sessionExists() && array_key_exists( 'Donor', $_SESSION ) ) {
	894	+ if ( $key == false ){
	895	+ return true;
	896	+ }
	897	+ if ( array_key_exists($key, $_SESSION['Donor'] ) && $_SESSION['Donor'][$key] === $value ){
	898	+ return true;
	899	+ } else {
	900	+ return false;
	901	+ }
	902	+
	903	+
	904	+ } else {
	905	+ return false;
	906	+ }
	907	+ }
875	908
876	909	/**
877	910	* Unsets the session data, in the case that we've saved it for gateways

Follow-up revisions

Revision	Commit summary	Author	Date
r102842	MFT r102576, r102577, r102579, r102581, r102804, r102805, r102812, r102819, r...	awjrichards	02:20, 12 November 2011
r102844	MFT r102819, picking up missed revision merge	awjrichards	03:00, 12 November 2011
r102929	Re-attempting MFT r102576, r102577, r102578, r102579, r102581, r102689, r1027...	khorn	00:50, 14 November 2011
r104718	Followup r102819, adding http 403 error text to i18n	awjrichards	19:13, 30 November 2011

Status & tagging log

01:28, 12 November 2011 Awjrichards (talk | contribs) changed the status of r102819 [removed: new added: ok]