r102844 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r102843‎ \| r102844 \| r102845 >
Date:	03:00, 12 November 2011
Author:	awjrichards
Status:	reverted
Tags:
Comment:	MFT r102819, picking up missed revision merge
Modified paths:	/branches/fundraising/deployment/payments_1.17/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php (modified) (history)

Diff [purge]

Index: branches/fundraising/deployment/payments_1.17/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php
—	—	@@ -38,6 +38,14 @@
39	39	public function execute( $par ) {
40	40	global $wgRequest, $wgOut, $wgExtensionAssetsPath;
41	41
	42	+ //no longer letting people in without these things. If this is
	43	+ //preventing you from doing something, you almost certainly want to be
	44	+ //somewhere else.
	45	+ if ( !isset($_GET['order_id']) \|\| !$this->adapter->hasDonorDataInSession( 'order_id', $_GET['order_id'] ) ){
	46	+ //TODO: i18n, apparently.
	47	+ wfHttpError( 403, 'Forbidden', 'You do not have permission to access this page.' );
	48	+ }
	49	+
42	50	$referrer = $wgRequest->getHeader( 'referer' );
43	51
44	52	global $wgServer;
—	—	@@ -45,11 +53,14 @@
46	54	//I didn't do this already, because this may turn out to be backwards anyway. It might be good to do the work in the iframe,
47	55	//and then pop out. Maybe. We're probably going to have to test it a couple different ways, for user experience.
48	56	//However, we're _definitely_ going to need to pop out _before_ we redirect to the thank you or fail pages.
49		~~- if ( strpos( $referrer, $wgServer ) === false ) {~~
	57	+ if ( strpos( $referrer, $wgServer ) === false ) {
50	58	$wgOut->allowClickjacking();
51	59	$wgOut->addModules( 'iframe.liberator' );
52	60	return;
53	61	}
	62	+
	63	+
	64	+
54	65
55	66	$wgOut->addExtensionStyle(
56	67	$wgExtensionAssetsPath . '/DonationInterface/gateway_forms/css/gateway.css?284' .
—	—	@@ -62,10 +73,9 @@
63	74	if ( $this->adapter->checkTokens() ) {
64	75	// Display form for the first time
65	76	$oid = $wgRequest->getText( 'order_id' );
66		~~- $adapter_oid = $this->adapter->getData_Raw( 'order_id' );~~
67	77
68	78	//this next block is for credit card coming back from GC. Only that. Nothing else, ever.
69		~~- if ( $this->adapter->getData_Raw( 'payment_method') === 'cc' && $oid && !empty( $oid ) && $oid === $adapter_oid ) {~~
	79	+ if ( $this->adapter->getData_Raw( 'payment_method') === 'cc' && $this->adapter->hasDonorDataInSession( 'order_id', $_GET['order_id'] ) ) {
70	80	if ( !array_key_exists( 'order_status', $_SESSION ) \|\| !array_key_exists( $oid, $_SESSION['order_status'] ) ) {
71	81	$_SESSION['order_status'][$oid] = $this->adapter->do_transaction( 'Confirm_CreditCard' );
72	82	$_SESSION['order_status'][$oid]['data']['count'] = 0;
—	—	@@ -93,7 +103,7 @@
94	104	$wgOut->redirect( $go );
95	105	} //TODO: There really should be an else here.
96	106	}
97		~~- }~~
	107	+ }
98	108	} else {
99	109	if ( !$this->adapter->isCaching() ) {
100	110	// if we're not caching, there's a token mismatch
Property changes on: branches/fundraising/deployment/payments_1.17/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php
___________________________________________________________________
Added: svn:mergeinfo
101	111	Merged /trunk/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php:r75657-77440,77442-79147,79149-79286,79288-79296,79298-79299,79301-79303,79305-86440,90286,92825,96120-96121,96125,97945-99042,99045-99408,99503,99555,99568,99570-101026,101056,101060,101063-101064,101071-101074,101076,101099,101109,101112,101163,101180,101192,101200,101205,101207,101217,101230,101232,101236,101335,101382,101399,101441,101501-101504,101512,101541,101547,101549,101553-101555,101557,101559,101561,101563,101576,101578-101579,101631,101633,101638,101669,101676,101679,101689,101700,101706,101719,101740,101747,101757,101764,101778-101779,101781,101785-101789,101798,101823,101826,101837,101846,101852,101870-101872,101878,101882,101890,101892,101910,101917,101929,101947,101949-101951,101955-101960,101962,101964-101966,101996,102003,102011-102012,102030,102032-102033,102047,102050-102052,102054,102056,102058,102065,102076,102081,102085-102087,102118,102120,102123-102127,102130,102134,102140,102147,102151-102152,102155-102156,102186,102188-102242,102252,102258-102261,102263,102267,102269,102307-102309,102313,102318,102332,102341-102342,102345,102364,102419,102424-102425,102445,102463,102467-102468,102470,102476,102479-102480,102549-102550,102580,102590,102594,102596,102611,102639,102664,102698,102700-102703,102707,102711-102712,102714,102729,102733,102740,102819
102	112	Merged /branches/fundraising/deployment/payments_1.17/extensions/DonationInterface/globalcollect_gateway/globalcollect_resultswitcher.body.php:r99568

Follow-up revisions

Revision	Commit summary	Author	Date
r102908	Reverting r102842, r102844, r102845, due to some post-MFT wonkiness. Redo fou...	khorn	21:31, 13 November 2011

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r102819	Prevents logic on GlobalCollect's resultswitcher page from firing unless the ...	khorn	22:39, 11 November 2011

Status & tagging log

21:32, 13 November 2011 Khorn (WMF) (talk | contribs) changed the status of r102844 [removed: new added: reverted]