| Index: trunk/extensions/DonationInterface/payflowpro_gateway/api_payflowpro_gateway.php |
| — | — | @@ -120,39 +120,8 @@ |
| 121 | 121 | * elements. |
| 122 | 122 | */ |
| 123 | 123 | protected function dispatch_get_required_dynamic_form_elements( $params ) { |
| 124 | | - global $wgPayflowGatewaySalt, $wgUseSquid; |
| | 124 | + global $wgPayflowGatewaySalt; |
| 125 | 125 | |
| 126 | | - /** |
| 127 | | - * if we are not Squid-caching, we do not want to generate the dynamic data via the API |
| 128 | | - * |
| 129 | | - * when non-squid caching, the data should be generated in payflowpro_gateway.body.php, so |
| 130 | | - * if we were to do it here as well, tracking information could be skewed. |
| 131 | | - * |
| 132 | | - * ths js to hit the api shouldn't even get loaded if squid is not enabled, but |
| 133 | | - * we do this just in case. |
| 134 | | - */ |
| 135 | | - if ( !$wgUseSquid ) { |
| 136 | | - return; |
| 137 | | - } |
| 138 | | - |
| 139 | | - // increse numattempt |
| 140 | | - $numAttempt = $params[ 'numAttempt' ] + 1; |
| 141 | | - |
| 142 | | - try { |
| 143 | | - $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'numAttempt', $numAttempt ); |
| 144 | | - $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'token', $token ); |
| 145 | | - } catch ( Exception $e ) {} |
| 146 | | - |
| 147 | | - |
| 148 | | - /** |
| 149 | | - * If this is not the first numAttempt AND we have a valid session, |
| 150 | | - * we do not need to load the dynamic values |
| 151 | | - */ |
| 152 | | - $token_match = PayflowProGateway::fnPayflowMatchEditToken( $params[ 'token' ], $wgpayflowGatewaySalt ); |
| 153 | | - if ( $numAttempt > 1 && $token_match ) { |
| 154 | | - return; |
| 155 | | - } |
| 156 | | - |
| 157 | 126 | // fetch the order_id |
| 158 | 127 | require_once( 'includes/payflowUser.inc' ); |
| 159 | 128 | $payflow_data = payflowUser(); |
| — | — | @@ -180,6 +149,7 @@ |
| 181 | 150 | try { |
| 182 | 151 | // add dynamic elements to result object |
| 183 | 152 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'orderid', $order_id ); |
| | 153 | + $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'token', $token ); |
| 184 | 154 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'contribution_tracking_id', $contribution_tracking_id ); |
| 185 | 155 | $this->getResult()->addValue( array( 'dynamic_form_elements' ), 'tracking_data', $tracking_data ); |
| 186 | 156 | } catch ( Exception $e ) { |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/payflowpro_gateway.body.php |
| — | — | @@ -108,19 +108,26 @@ |
| 109 | 109 | |
| 110 | 110 | $payflow_data = payflowUser(); |
| 111 | 111 | |
| 112 | | - // if we have squid caching enabled, set the maxage |
| 113 | | - global $wgUseSquid, $wgPayflowSMaxAge; |
| 114 | | - if ( $wgUseSquid ) { |
| 115 | | - $wgOut->setSquidMaxage( $wgPayflowSMaxAge ); |
| 116 | | - } |
| 117 | | - |
| 118 | | - // establish the edit token to prevent csrf |
| 119 | | - $token = self::fnPayflowEditToken( $wgPayflowGatewaySalt ); |
| | 112 | + // if _cache_ is requested by the user, do not set a session/token; dynamic data will be loaded via ajax |
| | 113 | + if ( $wgRequest->getText( '_cache_', false ) ) { |
| | 114 | + $cache = true; |
| | 115 | + $token = ''; |
| | 116 | + $token_match = false; |
| 120 | 117 | |
| 121 | | - // match token |
| 122 | | - $token_check = ( $wgRequest->getText( 'token' ) ) ? $wgRequest->getText( 'token' ) : $token; |
| 123 | | - $token_match = self::fnPayflowMatchEditToken( $token_check, $wgPayflowGatewaySalt ); |
| 124 | | - |
| | 118 | + // if we have squid caching enabled, set the maxage |
| | 119 | + global $wgUseSquid, $wgPayflowSMaxAge; |
| | 120 | + if ( $wgUseSquid ) $wgOut->setSquidMaxage( $wgPayflowSMaxAge ); |
| | 121 | + } else { |
| | 122 | + $cache = false; |
| | 123 | + |
| | 124 | + // establish the edit token to prevent csrf |
| | 125 | + $token = self::fnPayflowEditToken( $wgPayflowGatewaySalt ); |
| | 126 | + |
| | 127 | + // match token |
| | 128 | + $token_check = ( $wgRequest->getText( 'token' ) ) ? $wgRequest->getText( 'token' ) : $token; |
| | 129 | + $token_match = $this->fnPayflowMatchEditToken( $token_check, $wgPayflowGatewaySalt ); |
| | 130 | + } |
| | 131 | + |
| 125 | 132 | $this->setHeaders(); |
| 126 | 133 | |
| 127 | 134 | // Populate form data |
| — | — | @@ -141,9 +148,8 @@ |
| 142 | 149 | if ( $token_match ) { |
| 143 | 150 | |
| 144 | 151 | if ( $data['payment_method'] == 'processed' ) { |
| 145 | | - // increase the count of attempts (if we're not using Squid [which means we're using the API to control numAttempt] |
| 146 | | - global $wgUseSquid; |
| 147 | | - if ( !$wgUseSquid ) ++$data['numAttempt']; |
| | 152 | + // increase the count of attempts |
| | 153 | + ++$data['numAttempt']; |
| 148 | 154 | |
| 149 | 155 | // Check form for errors and redisplay with messages |
| 150 | 156 | $form_errors = $this->fnPayflowValidateForm( $data, $this->errors ); |
| — | — | @@ -189,7 +195,10 @@ |
| 190 | 196 | $this->fnPayflowDisplayForm( $data, $this->errors ); |
| 191 | 197 | } |
| 192 | 198 | } else { |
| 193 | | - $this->errors['general']['token-mismatch'] = wfMsg( 'payflowpro_gateway-token-mismatch' ); |
| | 199 | + if ( !$cache ) { |
| | 200 | + // if we're not caching, there's a token mismatch |
| | 201 | + $this->errors['general']['token-mismatch'] = wfMsg( 'payflowpro_gateway-token-mismatch' ); |
| | 202 | + } |
| 194 | 203 | $this->fnPayflowDisplayForm( $data, $this->errors ); |
| 195 | 204 | } |
| 196 | 205 | } |
| — | — | @@ -203,10 +212,10 @@ |
| 204 | 213 | * The message at the top of the form can be edited in the payflow_gateway.i18n.php file |
| 205 | 214 | */ |
| 206 | 215 | public function fnPayflowDisplayForm( &$data, &$error ) { |
| 207 | | - global $wgOut, $wgRequest, $wgUseSquid; |
| | 216 | + global $wgOut, $wgRequest; |
| 208 | 217 | |
| 209 | 218 | // save contrib tracking id early to track abondonment |
| 210 | | - if ( !$wgUseSquid && !is_null( $data[ 'contribution_tracking_id' ] )) { |
| | 219 | + if ( $data[ 'numAttempt' ] == '0' && ( !$wgRequest->getText( 'utm_source_id', false ) || $wgRequest->getText( '_nocache_' ) == 'true' ) ) { |
| 211 | 220 | $tracked = $this->fnPayflowSaveContributionTracking( $data ); |
| 212 | 221 | if ( !$tracked ) { |
| 213 | 222 | $when = time(); |
| — | — | @@ -880,7 +889,7 @@ |
| 881 | 890 | * @var mixed $salt |
| 882 | 891 | * @return bool |
| 883 | 892 | */ |
| 884 | | - public static function fnPayflowMatchEditToken( $val, $salt = '' ) { |
| | 893 | + function fnPayflowMatchEditToken( $val, $salt = '' ) { |
| 885 | 894 | // fetch a salted version of the session token |
| 886 | 895 | $sessionToken = self::fnPayflowEditToken( $salt ); |
| 887 | 896 | if ( $val != $sessionToken ) { |
| — | — | @@ -965,7 +974,7 @@ |
| 966 | 975 | 'email-opt' => $wgRequest->getText( 'email-opt' ), |
| 967 | 976 | 'test_string' => $wgRequest->getText( 'process' ), |
| 968 | 977 | 'token' => $token, |
| 969 | | - 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id', null ), |
| | 978 | + 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id' ), |
| 970 | 979 | 'data_hash' => $wgRequest->getText( 'data_hash' ), |
| 971 | 980 | 'action' => $wgRequest->getText( 'action' ), |
| 972 | 981 | 'gateway' => 'payflowpro', |
| — | — | @@ -1002,7 +1011,7 @@ |
| 1003 | 1012 | 'email-opt' => $wgRequest->getText( 'email-opt' ), |
| 1004 | 1013 | 'test_string' => $wgRequest->getText( 'process' ), // for showing payflow string during testing |
| 1005 | 1014 | 'token' => $token, |
| 1006 | | - 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id', null ), |
| | 1015 | + 'contribution_tracking_id' => $wgRequest->getText( 'contribution_tracking_id' ), |
| 1007 | 1016 | 'data_hash' => $wgRequest->getText( 'data_hash' ), |
| 1008 | 1017 | 'action' => $wgRequest->getText( 'action' ), |
| 1009 | 1018 | 'gateway' => 'payflowpro', // this may need to become dynamic in the future |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/TwoStepTwoColumn.php |
| — | — | @@ -10,8 +10,6 @@ |
| 11 | 11 | // we only want to load this JS if the form is being rendered |
| 12 | 12 | $this->loadValidateJs(); // validation JS |
| 13 | 13 | |
| 14 | | - if ( $WgUseSquid ) $this->loadApiJs(); // API/Ajax JS - only if we're caching |
| 15 | | - |
| 16 | 14 | // form placeholder values |
| 17 | 15 | $first = wfMsg( 'payflowpro_gateway-first' ); |
| 18 | 16 | $last = wfMsg( 'payflowpro_gateway-last' ); |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/OneStepTwoColumn.php |
| — | — | @@ -4,7 +4,7 @@ |
| 5 | 5 | public $paypal = false; // true for paypal only version |
| 6 | 6 | |
| 7 | 7 | public function __construct( &$form_data, &$form_errors ) { |
| 8 | | - global $wgOut, $wgUseSquid; |
| | 8 | + global $wgOut; |
| 9 | 9 | |
| 10 | 10 | parent::__construct( $form_data, $form_errors ); |
| 11 | 11 | |
| — | — | @@ -14,7 +14,7 @@ |
| 15 | 15 | // we only want to load this JS if the form is being rendered |
| 16 | 16 | $this->loadValidateJs(); // validation JS |
| 17 | 17 | |
| 18 | | - if ( $WgUseSquid ) $this->loadApiJs(); // API/Ajax JS - only if we're caching |
| | 18 | + $this->loadApiJs(); // API/Ajax JS |
| 19 | 19 | |
| 20 | 20 | // form placeholder values |
| 21 | 21 | $first = wfMsg( 'payflowpro_gateway-first' ); |
| Index: trunk/extensions/DonationInterface/payflowpro_gateway/pfp_api_controller.js |
| — | — | @@ -1,37 +1,23 @@ |
| 2 | 2 | ( function( $ ) { |
| 3 | 3 | $.getDynamicFormElements = function(){ |
| 4 | | - var numAttempt = $('input[name=numAttempt]').val(); |
| 5 | | - var token = $('input[name=token]').val(); |
| 6 | | - |
| 7 | | - var tracking_data = '{"url": "' + escape(window.location) + '",' + \ |
| 8 | | - '"pageref": "' + escape(document.referrer) + '",' + \ |
| 9 | | - '"token": "' + escape( token ) + '",' + \ |
| 10 | | - '"numAttempt": "' + escape( numAttempt ) + '"}'; |
| | 4 | + var tracking_data = {"url": escape(window.location), "pageref": escape(document.referrer)}; |
| 11 | 5 | |
| 12 | 6 | var processFormElements = function (data, status){ |
| 13 | | - // set the numAttempt and the token |
| 14 | | - $('input[name=numAttempt]').val(data['dynamic_form_elements']['numAttempt']); |
| 15 | | - $('input[name=token]').val(data['dynamic_form_elements']['token']); |
| 16 | | - |
| 17 | | - // early return if non-required dynamic form elements are set |
| 18 | | - if ( typeof data['dynamic_form_elements']['contribution_tracking_id'] == 'undefined' ) { |
| 19 | | - return; |
| 20 | | - } |
| 21 | | - $('input[name=orderid]').val(data['dynamic_form_elements']['orderid']); |
| 22 | | - $('input[name=token]').val(data['dynamic_form_elements']['token']); |
| 23 | | - $('input[name=contribution_tracking_id]').val(data['dynamic_form_elements']['contribution_tracking_id']); |
| 24 | | - $('input[name=utm_source]').val(data['dynamic_form_elements']['tracking_data']['utm_source']); |
| 25 | | - $('input[name=utm_medium]').val(data['dynamic_form_elements']['tracking_data']['utm_medium']); |
| 26 | | - $('input[name=utm_campaign]').val(data['dynamic_form_elements']['tracking_data']['utm_campaign']); |
| 27 | | - $('input[name=referrer]').val(data['dynamic_form_elements']['tracking_data']['referrer']); |
| 28 | | - $('input[name=language]').val(data['dynamic_form_elements']['tracking_data']['language']); |
| | 7 | + $('input[name=orderid]').val(data['dynamic_form_elements']['orderid']); |
| | 8 | + $('input[name=token]').val(data['dynamic_form_elements']['token']); |
| | 9 | + $('input[name=contribution_tracking_id]').val(data['dynamic_form_elements']['contribution_tracking_id']); |
| | 10 | + $('input[name=utm_source]').val(data['dynamic_form_elements']['tracking_data']['utm_source']); |
| | 11 | + $('input[name=utm_medium]').val(data['dynamic_form_elements']['tracking_data']['utm_medium']); |
| | 12 | + $('input[name=utm_campaign]').val(data['dynamic_form_elements']['tracking_data']['utm_campaign']); |
| | 13 | + $('input[name=referrer]').val(data['dynamic_form_elements']['tracking_data']['referrer']); |
| | 14 | + $('input[name=language]').val(data['dynamic_form_elements']['tracking_data']['language']); |
| 29 | 15 | }; |
| 30 | 16 | |
| 31 | 17 | $.post( wgScriptPath + '/api.php?' + Math.random() , { |
| 32 | 18 | 'action' : 'pfp', |
| 33 | 19 | 'dispatch' : 'get_required_dynamic_form_elements', |
| 34 | 20 | 'format' : 'json', |
| 35 | | - 'tracking_data' : tracking_data |
| | 21 | + 'tracking_data' : '{"url": "'+escape(window.location)+'", "pageref": "'+escape(document.referrer)+'"}' |
| 36 | 22 | }, processFormElements, 'json' ); |
| 37 | 23 | }; |
| 38 | 24 | |
| — | — | @@ -39,4 +25,7 @@ |
| 40 | 26 | |
| 41 | 27 | } )( jQuery ); |
| 42 | 28 | |
| 43 | | -jQuery( document ).ready( jQuery.getDynamicFormElements ); |
| \ No newline at end of file |
| | 29 | +// Do not fire the AJAX request if _nocache_ is set or we are not using a single-step form (known by lack of utm_source_id) |
| | 30 | +if( String(window.location).indexOf( '_cache_' ) != -1 && String(window.location).indexOf( 'utm_source_id' ) != -1){ |
| | 31 | + jQuery( document ).ready( jQuery.getDynamicFormElements ); |
| | 32 | +} |
| \ No newline at end of file |