[FIX] Last Wordpress fixes

HelloAsso · Mar 26, 2024 · 0e0f270 · 0e0f270
1 parent 20b1e95
commit 0e0f270
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/helloasso-woocommerce-gateway.php b/helloasso-woocommerce-gateway.php
@@ -151,7 +151,7 @@ public function admin_options()
 				$isConnected = true;
 			}
 
-			if (isset($_GET['nonce']) || wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['nonce'])), 'helloasso_connect')) {
+			if (isset($_GET['nonce']) && wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['nonce'])), 'helloasso_connect')) {
 
 				if (isset($_GET['msg'])) {
 					$msg = sanitize_text_field($_GET['msg']);
@@ -323,7 +323,7 @@ public function admin_options()
 			echo '<script defer>
             jQuery(document).ready(function($) {
 	
-                $(".woocommerce-save-button").html(`   <img src="' . plugins_url('asset/logo-ha.svg', __FILE__) . '" alt=""
+                $(".woocommerce-save-button").html(`   <img src="' . plugins_url('assets/logo-ha.svg', __FILE__) . '" alt=""
                 class="HaAuthorizeButtonLogo">
                 <span class="HaAuthorizeButtonTitle">' . esc_html($btnText) . '</span>`);
                 $(".woocommerce-save-button").addClass("HaAuthorizeButton");
@@ -491,7 +491,7 @@ public function validate_fields()
 
 
 				if (!isset($_POST['woocommerce-process-checkout-nonce']) || !wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['woocommerce-process-checkout-nonce'])), 'woocommerce-process_checkout')) {
-					wc_add_notice('Le nonce est pas ok', 'error');
+					wc_add_notice('La commande ne peut être finalisé', 'error');
 				}
 
 
@@ -594,7 +594,7 @@ public function process_payment($order_id)
 
 
 					if (!isset($_POST['woocommerce-process-checkout-nonce']) || !wp_verify_nonce(sanitize_text_field(wp_unslash($_POST['woocommerce-process-checkout-nonce'])), 'woocommerce-process_checkout')) {
-						wc_add_notice('Le nonce est pas ok', 'error');
+						wc_add_notice('La commande ne peut être finalisé', 'error');
 					}
 
 

diff --git a/wc-api/helloasso-woocommerce-wc-api.php b/wc-api/helloasso-woocommerce-wc-api.php
@@ -12,6 +12,8 @@ function helloasso_endpoint() {
 	if (!isset($_GET['nonce']) || !wp_verify_nonce(sanitize_text_field(wp_unslash($_GET['nonce'])), 'helloasso_connect_return')) {
 		wp_safe_redirect(get_site_url());
 		exit;
+	} else {
+		$nonceRequest = sanitize_text_field(wp_unslash($_GET['nonce']));
 	}
 
 
@@ -57,7 +59,7 @@ function helloasso_endpoint() {
 
 
 	$response = wp_remote_post($url, helloasso_get_args_post_urlencode($data));
-
+	
 	$status_code = wp_remote_retrieve_response_code($response);
 	if (200 !== $status_code) {
 		wp_safe_redirect(get_site_url() . '/wp-admin/admin.php?page=wc-settings&tab=checkout&section=helloasso&msg=error_connect&status_code=' . $status_code . '&nonce=' . $nonce);