fifthcloud
Forum Replies Created
-
Forum: Plugins
In reply to: [Donation Button] Adding note field to PayPal screenI am in the same position. A client has asked for the exact same requirement. Their old (non-Wordpress) website had that exact behavior and I am trying to replicate it on WordPress using this Plugin.
Any ideas on to get to get that feature enabled? Is it in the Pro version?
Thank you for your help so far. It seems as though there are a few obstacles with the plugin that still need to fleshed out.
But I decided upon going making the changes directly by using the PayPal API, namely, using their RESTful API. From the trial that I have done, I was able to achieve the results I wanted.
Further, I was not able to dive too deeply into your code, but I have a suspicion that your hashing may not be the best way to see if people are tampering with the price amount. Just have this feeling that if someone can put the correct the hash and price they can successfully modify that value. Again, I have not looked to deeply at your code, but that was one thing that stood out at me as not liking that way for security.
Thanks for the suggestion. Tried using your suggestion and I get this error.
Call to undefined function print_wp_cart_button_for_product() in...I thought then if I were to include your php file where it is defined and took me some time to figure out why nothing is happening. Looks like it was exiting and not executing anymore. It turns out in your code…
if (!defined('ABSPATH')) {//Exit if accessed directly exit; }Do you have any other suggestions?
To be complete I forgot to post my code that I am reproducing in yours.
//$totalprice is the value from database for the users selection. $unique_id_price = uniqid('', true); $hash_one_cm = md5($unique_id_price . '|' . $totalprice); $unique_id_shipping = uniqid('', true); $hash_two_cm = md5($unique_id_shipping . '|' . 0); return "<div class=\"wp_cart_button_wrapper\"><form method=\"post\" class=\"wp-cart-button-form\" action=\"\" style=\"display:inline\" onsubmit=\"return ReadForm(this, true);\"><input type=\"hidden\" id=\"_wpnonce\" name=\"_wpnonce\" value=\"ae57cedc7d\"><input type=\"hidden\" name=\"_wp_http_referer\" value=\"$returnURL/\"><input type=\"submit\" class=\"wspsc_add_cart_submit\" name=\"wspsc_add_cart_submit\" value=\"Add to Cart\"><input type=\"hidden\" name=\"wspsc_product\" value=\"Diamond\"><input type=\"hidden\" name=\"price\" value=\"$totalprice\"><input type=\"hidden\" name=\"shipping\" value=\"0\"><input type=\"hidden\" name=\"addcart\" value=\"1\"><input type=\"hidden\" name=\"cartLink\" value=\"$myURL\"><input type=\"hidden\" name=\"product_tmp\" value=\"PRODUCTNAME\"><input type=\"hidden\" name=\"item_number\" value=\"\"><input type=\"hidden\" name=\"hash_one\" value=\"$hash_one_cm\"><input type=\"hidden\" name=\"hash_two\" value=\"$hash_two_cm\"></form></div>"This DIV is then returned into my wordpress and does indeed render the add button. But upon button event click I get the error. Hopefully, this will help you to see why I can’t get those hashes to match up. What am I missing?
Very sleep deprived at the moment.
Thank you.
I am so close, but I am not figuring out this last bit. I have taken a look at your code and tried recreating the shortcode into html as you have done. My only issue is the hash. I am following how you create the hash but they are not matching up for some reason. I don’t know why. I have spent hours just trying to figure this out to no avail.
Are you storing the hash values in order to compare against? Or are you re-creating them and comparing them that they should match? I am not understanding.
Basically have created the hashes as you have and posted the html into my form. This is the line of code I keep failing at in your plugin. Don’t know how to make them equal. Any thoughts?
if ($hash_once_p != $hash_one_cm) {//Security check failed. Price field has been tampered. Fail validation. wp_die('Error! The price field may have been tampered. Security check failed.'); }