Hi there @treibalen,
I have already contacted in the first instance the plugin developers, plugin included in the WP theme developed by the same developers of privacy plugin, they suggested me before identifying the conflict with plugins, at the same time I wrote to you about the issue, which I repeat only occurs when user is public and not logged on.
The php script that saves user privacy preferences, if the user is logged in, we save consent to user meta, also when it’s public it should save the consents off and on in a cookie.
Which setup of your plugin WooCommerce PayPal Checkout Payment Gateway could not allow the cookie to be saved for reasons (if I understood correctly) token security?
This is the php code for public user and user logged in,
if anyone can help understand what’s wrong:
/**
* Update the user allowed types of consent.
* If the user is logged in, we also save consent to user meta.
*/
public function update_privacy_preferences() {
if ( ! isset( $_POST[ 'update-privacy-preferences-nonce' ] ) || ! wp_verify_nonce( sanitize_key( $_POST[ 'update-privacy-preferences-nonce' ] ), 'uncode-privacy-update_privacy_preferences' ) ) {
wp_die( esc_html__( 'We could not verify the the security token. Please try again.', 'uncode-privacy' ) );
}
$consents_default_on_list = array_map( 'sanitize_text_field', (array) $_POST[ 'consents_default_on_list' ] );
$consents = array_map( 'sanitize_text_field', (array) $_POST[ 'user_consents' ] );
$consents_to_save = array();
// First save all consents that are on by default to off (if unchecked)
foreach ( $consents_default_on_list as $consents_on ) {
if ( ! in_array( $consents_on, $consents ) ) {
$consents_to_save[] = $consents_on . '-off';
}
}
// Then save the other consents
foreach ( $consents as $consent_id ) {
if ( in_array( $consent_id, $consents_default_on_list ) ) {
$consents_to_save[] = $consent_id . '-on';
} else {
$consents_to_save[] = $consent_id;
}
}
$consents_as_json = json_encode( $consents_to_save );
setcookie( "uncode_privacy[consent_types]", $consents_as_json, time() + YEAR_IN_SECONDS, "/" );
if ( is_user_logged_in() ) {
$user = wp_get_current_user();
if ( ! empty( $consents_to_save ) ) {
delete_user_meta( $user->ID, 'uncode_privacy_consents' );
foreach ( $consents_to_save as $consent ) {
$consent = sanitize_text_field( wp_unslash( $consent ) );
add_user_meta( $user->ID, 'uncode_privacy_consents', $consent );
}
}
}
wp_safe_redirect( esc_url_raw( wp_get_referer() ) );
exit;
}
}
endif;
Thanks in advance for support.