r97019 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r97018‎ \| r97019 \| r97020 >
Date:	22:37, 13 September 2011
Author:	awjrichards
Status:	reverted (Comments)
Tags:
Comment:	Fixed key-mapping for currency code in rapid html system
Modified paths:	/trunk/extensions/DonationInterface/payflowpro_gateway/forms/RapidHtml.php.orig (added) (history)

Diff [purge]

Index: trunk/extensions/DonationInterface/payflowpro_gateway/forms/RapidHtml.php.orig
—	—	@@ -0,0 +1,256 @@
	2	+<?php
	3	+
	4	+class PayflowProGateway_Form_RapidHtml extends PayflowProGateway_Form {
	5	+
	6	+ /**
	7	+ * Full path of HTML form to load
	8	+ * @var string
	9	+ */
	10	+ protected $html_file_path = '';
	11	+
	12	+ /**
	13	+ * Tokens used in HTML form for data replacement
	14	+ *
	15	+ * Note that these NEED to be in the same order as the variables in $data in
	16	+ * order for str_replace to work as expected
	17	+ * @var array
	18	+ */
	19	+ protected $data_tokens = array(
	20	+ '@amount', // => $amount,
	21	+ '@amountOther', // => $wgRequest->getText( 'amountOther' ),
	22	+ '@emailAdd', //'email' => $wgRequest->getText( 'emailAdd' ),
	23	+ '@fname', // => $wgRequest->getText( 'fname' ),
	24	+ '@mname', // => $wgRequest->getText( 'mname' ),
	25	+ '@lname', // => $wgRequest->getText( 'lname' ),
	26	+ '@street', // => $wgRequest->getText( 'street' ),
	27	+ '@city', // => $wgRequest->getText( 'city' ),
	28	+ '@state', // => $wgRequest->getText( 'state' ),
	29	+ '@zip', // => $wgRequest->getText( 'zip' ),
	30	+ '@country', // => $wgRequest->getText( 'country' ),
	31	+ '@card_num', // => str_replace( ' ', '', $wgRequest->getText( 'card_num' ) ),
	32	+ '@card', // => $wgRequest->getText( 'card' ),
	33	+ '@expiration', // => $wgRequest->getText( 'mos' ) . substr( $wgRequest->getText( 'year' ), 2, 2 ),
	34	+ '@cvv', // => $wgRequest->getText( 'cvv' ),
	35	+ '@currency_code', //'currency' => $wgRequest->getText( 'currency_code' ),
	36	+ '@payment_method', // => $wgRequest->getText( 'payment_method' ),
	37	+ '@order_id', // => $order_id,
	38	+ '@numAttempt', // => $numAttempt,
	39	+ '@referrer', // => ( $wgRequest->getVal( 'referrer' ) ) ? $wgRequest->getVal( 'referrer' ) : $wgRequest->getHeader( 'referer' ),
	40	+ '@utm_source', // => self::getUtmSource(),
	41	+ '@utm_medium', // => $wgRequest->getText( 'utm_medium' ),
	42	+ '@utm_campaign', // => $wgRequest->getText( 'utm_campaign' ),
	43	+ // try to honr the user-set language (uselang), otherwise the language set in the URL (language)
	44	+ '@language', // => $wgRequest->getText( 'uselang', $wgRequest->getText( 'language' ) ),
	45	+ '@comment-option', // => $wgRequest->getText( 'comment-option' ),
	46	+ '@comment', // => $wgRequest->getText( 'comment' ),
	47	+ '@email-opt', // => $wgRequest->getText( 'email-opt' ),
	48	+ '@test_string', // => $wgRequest->getText( 'process' ), // for showing payflow string during testing
	49	+ '@token', // => $token,
	50	+ '@contribution_tracking_id', // => $wgRequest->getText( 'contribution_tracking_id' ),
	51	+ '@data_hash', // => $wgRequest->getText( 'data_hash' ),
	52	+ '@action', // => $wgRequest->getText( 'action' ),
	53	+ '@gateway', // => 'payflowpro', // this may need to become dynamic in the future
	54	+ '@owa_session', // => $wgRequest->getText( 'owa_session', null ),
	55	+ '@owa_ref', // => $owa_ref,
	56	+ // Not actually data tokens, but available to you in html form:
	57	+ // @captcha -> the captcha form
	58	+ // @script_path -> maps to $wgScriptPath
	59	+ // @action -> generate correct form action for this form
	60	+ );
	61	+
	62	+ /**
	63	+ * Error field names used as tokens
	64	+ * @var array
	65	+ */
	66	+ protected $error_tokens = array(
	67	+ '#general',
	68	+ '#retryMsg',
	69	+ '#amount',
	70	+ '#card_num',
	71	+ '#card',
	72	+ '#cvv',
	73	+ '#fname',
	74	+ '#lname',
	75	+ '#city',
	76	+ '#country',
	77	+ '#street',
	78	+ '#state',
	79	+ '#zip',
	80	+ '#emailAdd',
	81	+ );
	82	+
	83	+ public function __construct( &$form_data, &$form_errors ) {
	84	+ global $wgRequest;
	85	+ parent::__construct( $form_data, $form_errors );
	86	+
	87	+ $this->loadValidateJs();
	88	+
	89	+ // set html-escaped filename.
	90	+ $this->set_html_file_path( htmlspecialchars( $wgRequest->getText( 'ffname', 'default' )));
	91	+
	92	+ // fix general form error messages so it's not an array of msgs
	93	+ if ( is_array( $form_errors[ 'general' ] ) && count( $form_errors[ 'general' ] )) {
	94	+ $general_errors = "";
	95	+ foreach ( $form_errors[ 'general' ] as $general_error ) {
	96	+ $general_errors .= "<p class='creditcard'>$general_error</p>";
	97	+ }
	98	+ $form_errors[ 'general' ] = $general_errors;
	99	+ }
	100	+ }
	101	+
	102	+ /**
	103	+ * Return the HTML form with data added
	104	+ */
	105	+ public function getForm() {
	106	+ $html = $this->load_html();
	107	+ return $this->add_data( $html );
	108	+ }
	109	+
	110	+ /**
	111	+ * Load the HTML form from a file into a string
	112	+ * @return string
	113	+ */
	114	+ public function load_html() {
	115	+ return file_get_contents( $this->html_file_path );
	116	+ }
	117	+
	118	+ /**
	119	+ * Add data into the HTML form
	120	+ *
	121	+ * @param string $html Form with tokens as placehodlers for data
	122	+ * @return string The HTML form with real data in it
	123	+ */
	124	+ public function add_data( $html ) {
	125	+ global $wgScriptPath;
	126	+
	127	+ /**
	128	+ * This is a hack and should be replaced with something more performant.
	129	+ */
	130	+ $form = $html;
	131	+
	132	+ // handle form action
	133	+ $form = str_replace( "@action", $this->getNoCacheAction(), $form );
	134	+
	135	+ // replace data
	136	+ foreach ( $this->data_tokens as $token ) {
	137	+ $key = substr( $token, 1, strlen( $token )); //get the token string w/o the '@'
	138	+ if ( $key == 'emailAdd' ) $key = 'email';
	139	+ if ( $key == 'currency_code' ) $key = 'currency';
	140	+<<<<<<< HEAD
	141	+ if ( array_key_exists( $key, $this->form_data )) {
	142	+=======
	143	+ if ( array_key_exists( $this->form_data[ $key ] )) {
	144	+>>>>>>> Fixed key-mapping for currency code in rapid html system
	145	+ $replace = $this->form_data[ $key ];
	146	+ } else {
	147	+ $replace = '';
	148	+ }
	149	+ $form = str_replace( $token, $replace, $form );
	150	+ }
	151	+
	152	+ // replace errors
	153	+ $form = str_replace( $this->error_tokens, $this->form_errors, $form );
	154	+
	155	+ // handle captcha
	156	+ $form = str_replace( "@captcha", $this->getCaptchaHtml(), $form );
	157	+
	158	+ // handle script path
	159	+ $form = str_replace( "@script_path", $wgScriptPath, $form );
	160	+
	161	+ $form = $this->fix_dropdowns( $form );
	162	+
	163	+ return $form;
	164	+ }
	165	+
	166	+ /**
	167	+ * Set dropdowns to 'selected' where appropriate
	168	+ *
	169	+ * This is basically a hackish fix to make sure that dropdowns stay
	170	+ * 'sticky' on form submit. This could no doubt be better.
	171	+ * @param $html
	172	+ * @return string
	173	+ */
	174	+ public function fix_dropdowns( $html ) {
	175	+ // currency code
	176	+ $start = strpos( $html, 'name="currency_code"' );
	177	+ if ( $start ) {
	178	+ $currency_code = $this->form_data[ 'currency' ];
	179	+ $end = strpos( $html, '</select>', $start );
	180	+ $str = substr( $html, $start, ( $end - $start ));
	181	+ $str = str_replace( 'value="' . $currency_code . '"', 'value="' . $currency_code . '" selected="selected"', $str );
	182	+ $html = substr_replace( $html, $str, $start, $end-$start );
	183	+ }
	184	+
	185	+ // mos
	186	+ $month = substr( $this->form_data[ 'expiration' ], 0, 2 );
	187	+ $start = strpos( $html, 'name="mos"' );
	188	+ if ( $start ) {
	189	+ $end = strpos( $html, '</select>', $start );
	190	+ $str = substr( $html, $start, ( $end - $start ));
	191	+ $str = str_replace( 'value="' . $month . '"', 'value="' . $month . '" selected="selected"', $str );
	192	+ $html = substr_replace( $html, $str, $start, $end-$start );
	193	+ }
	194	+
	195	+ // year
	196	+ $year = substr( $this->form_data[ 'expiration' ], 2, 2 );
	197	+ $start = strpos( $html, 'name="year"' );
	198	+ if ( $start ) {
	199	+ $end = strpos( $html, '</select>', $start );
	200	+ $str = substr( $html, $start, ( $end - $start ));
	201	+ // dbl extra huge hack alert! note the '20' prefix...
	202	+ $str = str_replace( 'value="20' . $year . '"', 'value="20' . $year . '" selected="selected"', $str );
	203	+ $html = substr_replace( $html, $str, $start, $end-$start );
	204	+ }
	205	+
	206	+ // state
	207	+ $state = $this->form_data[ 'state' ];
	208	+ $start = strpos( $html, 'name="state"' );
	209	+ if ( $start ) {
	210	+ $end = strpos( $html, '</select>', $start );
	211	+ $str = substr( $html, $start, ( $end - $start ));
	212	+ $str = str_replace( 'value="' . $state . '"', 'value="' . $state . '" selected="selected"', $str );
	213	+ $html = substr_replace( $html, $str, $start, $end-$start );
	214	+ }
	215	+
	216	+ //country
	217	+ $country = $this->form_data[ 'country' ];
	218	+ $start = strpos( $html, 'name="country"' );
	219	+ if ( $start ) {
	220	+ $end = strpos( $html, '</select>', $start );
	221	+ $str = substr( $html, $start, ( $end - $start ));
	222	+ $str = str_replace( 'value="' . $country . '"', 'value="' . $country . '" selected="selected"', $str );
	223	+ $html = substr_replace( $html, $str, $start, $end-$start );
	224	+ }
	225	+
	226	+ return $html;
	227	+ }
	228	+
	229	+ /**
	230	+ * Validate and set the path to the HTML file
	231	+ *
	232	+ * @param string $file_name
	233	+ */
	234	+ public function set_html_file_path( $file_name ) {
	235	+ global $wgPayflowHtmlFormDir, $wgPayflowAllowedHtmlForms;
	236	+
	237	+ // Get the dirname - the "/." helps ensure we get a consistent path name with no trailing slash
	238	+ $html_dir = dirname( $wgPayflowHtmlFormDir . "/." );
	239	+
	240	+ if ( !is_dir( $html_dir )) {
	241	+ throw new MWException( 'Requested form directory does not exist.' );
	242	+ }
	243	+
	244	+ // make sure our file name is clean - strip extension and any other cruft like relpaths, dirs, etc
	245	+ $file_info = pathinfo( $file_name );
	246	+ $file_name = $file_info[ 'filename' ];
	247	+
	248	+ $full_path = $html_dir . '/' . $file_name . '.html';
	249	+
	250	+ // ensure that the full file path is actually whitelisted and exists
	251	+ if ( !in_array( $full_path, $wgPayflowAllowedHtmlForms ) \|\| !file_exists( $full_path ) ) {
	252	+ throw new MWException( 'Requested an unavailable or non-existent form.' );
	253	+ }
	254	+
	255	+ $this->html_file_path = $full_path;
	256	+ }
	257	+}

Follow-up revisions

Revision	Commit summary	Author	Date
r97072	Reverting erroneously added file in r97019	awjrichards	16:52, 14 September 2011

Comments

#Comment by Nikerabbit (talk | contribs) 06:40, 14 September 2011

Merge conflicts:

+<<<<<<< HEAD
+			if ( array_key_exists( $key, $this->form_data )) {
+=======
+			if ( array_key_exists( $this->form_data[ $key ] )) {
+>>>>>>> Fixed key-mapping for currency code in rapid html system

#Comment by Catrope (talk | contribs) 11:55, 14 September 2011

.orig?

#Comment by Awjrichards (talk | contribs) 16:52, 14 September 2011

Huh - this must've been a result of me improperly using git-svn. I must've accidentally added this file. Reverted in r97072

Status & tagging log

16:52, 14 September 2011 Awjrichards (talk | contribs) changed the status of r97019 [removed: fixme added: reverted]
06:40, 14 September 2011 Nikerabbit (talk | contribs) changed the status of r97019 [removed: new added: fixme]