r75993 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r75992‎ | r75993 | r75994 >
Date:04:42, 4 November 2010
Author:awjrichards
Status:deferred
Tags:
Comment:
Updated to payflowpro gateway code to allow for more robust squid caching - now offloading all dynamic form element generation to ajax/api method if caching is enabled
Modified paths:
  • /trunk/extensions/DonationInterface/payflowpro_gateway/api_payflowpro_gateway.php (modified) (history)
  • /trunk/extensions/DonationInterface/payflowpro_gateway/forms/OneStepTwoColumn.php (modified) (history)
  • /trunk/extensions/DonationInterface/payflowpro_gateway/forms/TwoStepTwoColumn.php (modified) (history)
  • /trunk/extensions/DonationInterface/payflowpro_gateway/payflowpro_gateway.body.php (modified) (history)
  • /trunk/extensions/DonationInterface/payflowpro_gateway/pfp_api_controller.js (modified) (history)

Diff [purge]

Index: trunk/extensions/DonationInterface/payflowpro_gateway/api_payflowpro_gateway.php
@@ -120,8 +120,39 @@
121121 * elements.
122122 */
123123 protected function dispatch_get_required_dynamic_form_elements( $params ) {
124 - global $wgPayflowGatewaySalt;
 124+ global $wgPayflowGatewaySalt, $wgUseSquid;
125125
 126+ /**
 127+ * if we are not Squid-caching, we do not want to generate the dynamic data via the API
 128+ *
 129+ * when non-squid caching, the data should be generated in payflowpro_gateway.body.php, so
 130+ * if we were to do it here as well, tracking information could be skewed.
 131+ *
 132+ * ths js to hit the api shouldn't even get loaded if squid is not enabled, but
 133+ * we do this just in case.
 134+ */
 135+ if ( !$wgUseSquid ) {
 136+ return;
 137+ }
 138+
 139+ // increse numattempt
 140+ $numAttempt = $params[ 'numAttempt' ] + 1;
 141+
 142+ try {
 143+ $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'numAttempt', $numAttempt );
 144+ $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'token', $token );
 145+ } catch ( Exception $e ) {}
 146+
 147+
 148+ /**
 149+ * If this is not the first numAttempt AND we have a valid session,
 150+ * we do not need to load the dynamic values
 151+ */
 152+ $token_match = PayflowProGateway::fnPayflowMatchEditToken( $params[ 'token' ], $wgpayflowGatewaySalt );
 153+ if ( $numAttempt > 1 && $token_match ) {
 154+ return;
 155+ }
 156+
126157 // fetch the order_id
127158 require_once( 'includes/payflowUser.inc' );
128159 $payflow_data = payflowUser();
@@ -149,7 +180,6 @@
150181 try {
151182 // add dynamic elements to result object
152183 $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'orderid', $order_id );
153 - $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'token', $token );
154184 $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'contribution_tracking_id', $contribution_tracking_id );
155185 $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'tracking_data', $tracking_data );
156186 } catch ( Exception $e ) {
Index: trunk/extensions/DonationInterface/payflowpro_gateway/payflowpro_gateway.body.php
@@ -108,26 +108,19 @@
109109
110110 $payflow_data = payflowUser();
111111
112 - // if _cache_ is requested by the user, do not set a session/token; dynamic data will be loaded via ajax
113 - if ( $wgRequest->getText( '_cache_', false ) ) {
114 - $cache = true;
115 - $token = '';
116 - $token_match = false;
 112+ // if we have squid caching enabled, set the maxage
 113+ global $wgUseSquid, $wgPayflowSMaxAge;
 114+ if ( $wgUseSquid ) {
 115+ $wgOut->setSquidMaxage( $wgPayflowSMaxAge );
 116+ }
 117+
 118+ // establish the edit token to prevent csrf
 119+ $token = self::fnPayflowEditToken( $wgPayflowGatewaySalt );
117120
118 - // if we have squid caching enabled, set the maxage
119 - global $wgUseSquid, $wgPayflowSMaxAge;
120 - if ( $wgUseSquid ) $wgOut->setSquidMaxage( $wgPayflowSMaxAge );
121 - } else {
122 - $cache = false;
123 -
124 - // establish the edit token to prevent csrf
125 - $token = self::fnPayflowEditToken( $wgPayflowGatewaySalt );
126 -
127 - // match token
128 - $token_check = ( $wgRequest->getText( 'token' ) ) ? $wgRequest->getText( 'token' ) : $token;
129 - $token_match = $this->fnPayflowMatchEditToken( $token_check, $wgPayflowGatewaySalt );
130 - }
131 -
 121+ // match token
 122+ $token_check = ( $wgRequest->getText( 'token' ) ) ? $wgRequest->getText( 'token' ) : $token;
 123+ $token_match = self::fnPayflowMatchEditToken( $token_check, $wgPayflowGatewaySalt );
 124+
132125 $this->setHeaders();
133126
134127 // Populate form data
@@ -148,8 +141,9 @@
149142 if ( $token_match ) {
150143
151144 if ( $data['payment_method'] == 'processed' ) {
152 - // increase the count of attempts
153 - ++$data['numAttempt'];
 145+ // increase the count of attempts (if we're not using Squid [which means we're using the API to control numAttempt]
 146+ global $wgUseSquid;
 147+ if ( !$wgUseSquid ) ++$data['numAttempt'];
154148
155149 // Check form for errors and redisplay with messages
156150 $form_errors = $this->fnPayflowValidateForm( $data, $this->errors );
@@ -195,10 +189,7 @@
196190 $this->fnPayflowDisplayForm( $data, $this->errors );
197191 }
198192 } else {
199 - if ( !$cache ) {
200 - // if we're not caching, there's a token mismatch
201 - $this->errors['general']['token-mismatch'] = wfMsg( 'payflowpro_gateway-token-mismatch' );
202 - }
 193+ $this->errors['general']['token-mismatch'] = wfMsg( 'payflowpro_gateway-token-mismatch' );
203194 $this->fnPayflowDisplayForm( $data, $this->errors );
204195 }
205196 }
@@ -212,10 +203,10 @@
213204 * The message at the top of the form can be edited in the payflow_gateway.i18n.php file
214205 */
215206 public function fnPayflowDisplayForm( &$data, &$error ) {
216 - global $wgOut, $wgRequest;
 207+ global $wgOut, $wgRequest, $wgUseSquid;
217208
218209 // save contrib tracking id early to track abondonment
219 - if ( $data[ 'numAttempt' ] == '0' && ( !$wgRequest->getText( 'utm_source_id', false ) || $wgRequest->getText( '_nocache_' ) == 'true' ) ) {
 210+ if ( !$wgUseSquid && !is_null( $data[ 'contribution_tracking_id' ] )) {
220211 $tracked = $this->fnPayflowSaveContributionTracking( $data );
221212 if ( !$tracked ) {
222213 $when = time();
@@ -889,7 +880,7 @@
890881 * @var mixed $salt
891882 * @return bool
892883 */
893 - function fnPayflowMatchEditToken( $val, $salt = '' ) {
 884+ public static function fnPayflowMatchEditToken( $val, $salt = '' ) {
894885 // fetch a salted version of the session token
895886 $sessionToken = self::fnPayflowEditToken( $salt );
896887 if ( $val != $sessionToken ) {
@@ -974,7 +965,7 @@
975966 'email-opt' => $wgRequest->getText( 'email-opt' ),
976967 'test_string' => $wgRequest->getText( 'process' ),
977968 'token' => $token,
978 - 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id' ),
 969+ 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id', null ),
979970 'data_hash' => $wgRequest->getText( 'data_hash' ),
980971 'action' => $wgRequest->getText( 'action' ),
981972 'gateway' => 'payflowpro',
@@ -1011,7 +1002,7 @@
10121003 'email-opt' => $wgRequest->getText( 'email-opt' ),
10131004 'test_string' => $wgRequest->getText( 'process' ), // for showing payflow string during testing
10141005 'token' => $token,
1015 - 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id' ),
 1006+ 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id', null ),
10161007 'data_hash' => $wgRequest->getText( 'data_hash' ),
10171008 'action' => $wgRequest->getText( 'action' ),
10181009 'gateway' => 'payflowpro', // this may need to become dynamic in the future
Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/TwoStepTwoColumn.php
@@ -10,6 +10,8 @@
1111 // we only want to load this JS if the form is being rendered
1212 $this->loadValidateJs(); // validation JS
1313
 14+ if ( $WgUseSquid ) $this->loadApiJs(); // API/Ajax JS - only if we're caching
 15+
1416 // form placeholder values
1517 $first = wfMsg( 'payflowpro_gateway-first' );
1618 $last = wfMsg( 'payflowpro_gateway-last' );
Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/OneStepTwoColumn.php
@@ -4,7 +4,7 @@
55 public $paypal = false; // true for paypal only version
66
77 public function __construct( &$form_data, &$form_errors ) {
8 - global $wgOut;
 8+ global $wgOut, $wgUseSquid;
99
1010 parent::__construct( $form_data, $form_errors );
1111
@@ -14,7 +14,7 @@
1515 // we only want to load this JS if the form is being rendered
1616 $this->loadValidateJs(); // validation JS
1717
18 - $this->loadApiJs(); // API/Ajax JS
 18+ if ( $WgUseSquid ) $this->loadApiJs(); // API/Ajax JS - only if we're caching
1919
2020 // form placeholder values
2121 $first = wfMsg( 'payflowpro_gateway-first' );
Index: trunk/extensions/DonationInterface/payflowpro_gateway/pfp_api_controller.js
@@ -1,23 +1,37 @@
22 ( function( $ ) {
33 $.getDynamicFormElements = function(){
4 - var tracking_data = {"url": escape(window.location), "pageref": escape(document.referrer)};
 4+ var numAttempt = $('input[name=numAttempt]').val();
 5+ var token = $('input[name=token]').val();
 6+
 7+ var tracking_data = '{"url": "' + escape(window.location) + '",' + \
 8+ '"pageref": "' + escape(document.referrer) + '",' + \
 9+ '"token": "' + escape( token ) + '",' + \
 10+ '"numAttempt": "' + escape( numAttempt ) + '"}';
511
612 var processFormElements = function (data, status){
7 - $('input[name=orderid]').val(data['dynamic_form_elements']['orderid']);
8 - $('input[name=token]').val(data['dynamic_form_elements']['token']);
9 - $('input[name=contribution_tracking_id]').val(data['dynamic_form_elements']['contribution_tracking_id']);
10 - $('input[name=utm_source]').val(data['dynamic_form_elements']['tracking_data']['utm_source']);
11 - $('input[name=utm_medium]').val(data['dynamic_form_elements']['tracking_data']['utm_medium']);
12 - $('input[name=utm_campaign]').val(data['dynamic_form_elements']['tracking_data']['utm_campaign']);
13 - $('input[name=referrer]').val(data['dynamic_form_elements']['tracking_data']['referrer']);
14 - $('input[name=language]').val(data['dynamic_form_elements']['tracking_data']['language']);
 13+ // set the numAttempt and the token
 14+ $('input[name=numAttempt]').val(data['dynamic_form_elements']['numAttempt']);
 15+ $('input[name=token]').val(data['dynamic_form_elements']['token']);
 16+
 17+ // early return if non-required dynamic form elements are set
 18+ if ( typeof data['dynamic_form_elements']['contribution_tracking_id'] == 'undefined' ) {
 19+ return;
 20+ }
 21+ $('input[name=orderid]').val(data['dynamic_form_elements']['orderid']);
 22+ $('input[name=token]').val(data['dynamic_form_elements']['token']);
 23+ $('input[name=contribution_tracking_id]').val(data['dynamic_form_elements']['contribution_tracking_id']);
 24+ $('input[name=utm_source]').val(data['dynamic_form_elements']['tracking_data']['utm_source']);
 25+ $('input[name=utm_medium]').val(data['dynamic_form_elements']['tracking_data']['utm_medium']);
 26+ $('input[name=utm_campaign]').val(data['dynamic_form_elements']['tracking_data']['utm_campaign']);
 27+ $('input[name=referrer]').val(data['dynamic_form_elements']['tracking_data']['referrer']);
 28+ $('input[name=language]').val(data['dynamic_form_elements']['tracking_data']['language']);
1529 };
1630
1731 $.post( wgScriptPath + '/api.php?' + Math.random() , {
1832 'action' : 'pfp',
1933 'dispatch' : 'get_required_dynamic_form_elements',
2034 'format' : 'json',
21 - 'tracking_data' : '{"url": "'+escape(window.location)+'", "pageref": "'+escape(document.referrer)+'"}'
 35+ 'tracking_data' : tracking_data
2236 }, processFormElements, 'json' );
2337 };
2438
@@ -25,7 +39,4 @@
2640
2741 } )( jQuery );
2842
29 -// Do not fire the AJAX request if _nocache_ is set or we are not using a single-step form (known by lack of utm_source_id)
30 -if( String(window.location).indexOf( '_cache_' ) != -1 && String(window.location).indexOf( 'utm_source_id' ) != -1){
31 - jQuery( document ).ready( jQuery.getDynamicFormElements );
32 -}
\ No newline at end of file
 43+jQuery( document ).ready( jQuery.getDynamicFormElements );
\ No newline at end of file

Follow-up revisions

RevisionCommit summaryAuthorDate
r76018Reverting changes from r75993 back to r75991 to keep potentially broken Squid...awjrichards17:50, 4 November 2010

Status & tagging log