Fix WC Review comments

README.md

@@ -6,7 +6,7 @@ Tags: inacademia, student validation, student discount, student, discount, valid
 
 Requires at least: 8.4.0
 
-Tested up to: 8.9.1
+Tested up to: 9.1.4
 
 Stable tag: 1.0
 

changelog.txt

@@ -1,4 +1,4 @@
 *** Student Discount for WooCommerce Changelog ***
 
-2024-06-25 - version 1.0
+2024-08-07 - version 1.0
 * First release.

class-inacademia-blocks-integration.php

@@ -91,7 +91,7 @@ public function get_script_data() {
 	 * @param int $c coupon id.
 	 */
 	private function excluded_ids( $c ) {
-		if ( ! WC()->cart || iS_api() ) {
+		if ( ! WC()->cart || inacademia_is_api() ) {
 			return false;
 		}
 		$coupon = new \WC_Coupon( $c );
@@ -105,7 +105,7 @@ private function excluded_ids( $c ) {
 	 * @param int $c coupon id.
 	 */
 	private function coupon_ids( $c ) {
-		if ( ! WC()->cart || iS_api() ) {
+		if ( ! WC()->cart || inacademia_is_api() ) {
 			return false;
 		}
 		$coupon = new \WC_Coupon( $c );

composer.json

@@ -0,0 +1,19 @@
+{
+    "name": "martin/wc-inacademia",
+    "description": "WooCommerce InAcademia plugin",
+    "type": "wordpress-plugin",
+    "require": {
+        "jumbojett/openid-connect-php": "^1.0"
+    },
+    "autoload": {
+        "psr-4": {
+            "Martin\\WcInacademia\\": "src/"
+        }
+    },
+    "authors": [
+        {
+            "name": "Martin van Es",
+            "email": "[email protected]"
+        }
+    ]
+}

inacademia.php

@@ -5,8 +5,6 @@
  * @package InAcademia
  */
 
-session_start();
-
 /**
  * Autoload OpenOIConnectClient
  *
@@ -18,9 +16,16 @@
 /**
  * Redirect URL.
  */
-function redirect_url() {
-	$host = isset( $_SERVER['HTTP_HOST'] ) ? filter_input( INPUT_SERVER, 'HTTP_HOST' ) : '';
-	$script = isset( $_SERVER['SCRIPT_NAME'] ) ? filter_input( INPUT_SERVER, 'SCRIPT_NAME' ) : '/start.php';
+function create_redirect_url() {
+	$host = filter_input( INPUT_SERVER, 'HTTP_HOST', FILTER_VALIDATE_DOMAIN, array( 'options' => array( 'default' => '' ) ) );
+	$options = array(
+		'options' => array(
+			'default' => '/start.php',
+			'regexp' => '/^\/.+\.php/',
+		),
+	);
+	$script = filter_input( INPUT_SERVER, 'SCRIPT_NAME', FILTER_VALIDATE_REGEXP, $options );
+
 	$url = 'http';
 	$url .= isset( $_SERVER['HTTPS'] ) ? 's' : '';
 	$url .= '://' . $host . str_replace( 'start.php', 'redirect.php', $script );
@@ -31,6 +36,12 @@ function redirect_url() {
  * Authenticate
  */
 function inacademia_authenticate() {
+	session_start( array( 'name' => 'inacademia' ) );
+
+	if ( ! isset( $_SESSION['inacademia_referrer'] ) && isset( $_SERVER['HTTP_REFERER'] ) ) {
+		$_SESSION['inacademia_referrer'] = filter_input( INPUT_SERVER, 'HTTP_REFERER', FILTER_VALIDATE_URL );
+	}
+
 	/*
 	 * Bikeshed
 	// $op_url = $_SESSION['inacademia_op_url']; // https://op.inacademia.local/
@@ -62,7 +73,7 @@ function inacademia_authenticate() {
 	 * Bikeshed
 	// $oidc->setAllowImplicitFlow(true);
 	*/
-	$oidc->setRedirectURL( redirect_url() );
+	$oidc->setRedirectURL( create_redirect_url() );
 
 	$claims = isset( $_SESSION['inacademia_claims'] ) ? filter_var( $_SESSION['inacademia_claims'], FILTER_SANITIZE_STRING ) : null;
 	$validated = false;
@@ -81,4 +92,10 @@ function inacademia_authenticate() {
 	}
 
 	$_SESSION['inacademia_validated'] = $validated;
+
+	if ( isset( $_SESSION['inacademia_referrer'] ) ) {
+		$location = filter_var( $_SESSION['inacademia_referrer'], FILTER_SANITIZE_URL );
+		unset( $_SESSION['inacademia_referrer'] );
+		header( 'Location: ' . $location, true );
+	}
 }

redirect.php

@@ -13,6 +13,3 @@
 require 'inacademia.php';
 inacademia_authenticate();
 
-if ( isset( $_SESSION['inacademia_referrer'] ) ) {
-	header( 'Location: ' . filter_var( $_SESSION['inacademia_referrer'], FILTER_SANITIZE_URL ), true );
-}

start.php

@@ -11,16 +11,10 @@
  * @package InAcademia
  */
 require 'inacademia.php';
-if ( isset( $_SERVER['HTTP_REFERER'] ) ) {
-	$_SESSION['inacademia_referrer'] = filter_input( INPUT_SERVER, 'HTTP_REFERER' );
-}
 
 /*
  * Bikeshed
 $_SESSION['inacademia_validated'] = True;
  */
 inacademia_authenticate();
 
-if ( isset( $_SESSION['inacademia_referrer'] ) ) {
-	header( 'Location: ' . filter_var( $_SESSION['inacademia_referrer'], FILTER_SANITIZE_URL ), true );
-}

wc-inacademia-admin.php

@@ -10,14 +10,14 @@
 /**
  * Register our inacademia_settings plugin link
  */
-add_filter( 'plugin_action_links_student-discount-for-woocommerce/wc-inacademia.php', 'inac_settings_link' );
+add_filter( 'plugin_action_links_student-discount-for-woocommerce/wc-inacademia.php', 'inacademia_settings_link' );
 
 /**
  * Settings_link
  *
  * @param array $links links.
  */
-function inac_settings_link( $links ) {
+function inacademia_settings_link( $links ) {
 	// Build and escape the URL.
 	$url = esc_url(
 		add_query_arg(
@@ -27,7 +27,7 @@ function inac_settings_link( $links ) {
 		)
 	);
 	// Create the link.
-	$settings_link = "<a href='$url'>" . __( 'Settings' ) . '</a>';
+	$settings_link = "<a href='$url'>Settings</a>";
 	// Adds the link to the end of the array.
 	array_push(
 		$links,
@@ -49,23 +49,23 @@ function inacademia_settings_init() {
 
 	// Register a new setting for "inacademia" page.
 	$args = array(
-		'sanitize_callback' => 'sanitize_inacademia_options',
+		'sanitize_callback' => 'inacademia_sanitize_options',
 	);
 
 	register_setting( 'inacademia', 'inacademia_options', $args );
 
 	// Register a new section in the "inacademia" page.
 	add_settings_section(
 		'inacademia_section_settings',
-		__( 'InAcademia settings.', 'inacademia' ),
+		'InAcademia settings.',
 		'inacademia_section_settings_callback',
 		'inacademia'
 	);
 
 	// Register a new field in the "inacademia_section_settings" section, inside the "inacademia" page.
 	add_settings_field(
 		'coupon_name',
-		__( 'Coupon', 'inacademia' ),
+		'Coupon',
 		'inacademia_coupon_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -79,7 +79,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'redirect_uri',
-		__( 'Redirect URI', 'inacademia' ),
+		'Redirect URI',
 		'inacademia_redirect_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -88,7 +88,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'redirect_uri_done',
-		__( 'Redirect URI Done', 'inacademia' ),
+		'Redirect URI Done',
 		'inacademia_redirect_done_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -105,7 +105,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'client_id',
-		__( 'ClientID', 'inacademia' ),
+		'ClientID',
 		'inacademia_clientid_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -120,7 +120,7 @@ function inacademia_settings_init() {
 	*/
 	add_settings_field(
 		'client_secret',
-		__( 'ClientSecret', 'inacademia' ),
+		'ClientSecret',
 		'inacademia_clientsecret_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -136,7 +136,7 @@ function inacademia_settings_init() {
 	 * Bikeshed
 	add_settings_field(
 		'scope',
-		__( 'User role', 'inacademia' ),
+		'User role',
 		'inacademia_scope_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -148,7 +148,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'op_url',
-		__( 'OP URL', 'inacademia' ),
+		'OP URL',
 		'inacademia_opurl_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -169,7 +169,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'notification',
-		__( 'Publish Notice', 'inacademia' ),
+		'Publish Notice',
 		'inacademia_notify_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -180,7 +180,7 @@ function inacademia_settings_init() {
 
 	add_settings_field(
 		'button',
-		__( 'Publish Button', 'inacademia' ),
+		'Publish Button',
 		'inacademia_button_cb',
 		'inacademia',
 		'inacademia_section_settings',
@@ -198,7 +198,7 @@ function inacademia_settings_init() {
  *
  * @param array $options options.
  */
-function sanitize_inacademia_options( $options ) {
+function inacademia_sanitize_options( $options ) {
 	if ( is_array( $options ) && isset( $options['coupon_name'] ) ) {
 		$options['coupon_name'] = strtolower( $options['coupon_name'] );
 	}
@@ -212,7 +212,7 @@ function sanitize_inacademia_options( $options ) {
 			$wrong_client_id = true;
 		}
 		if ( $wrong_client_id ) {
-			add_settings_error( 'inacademia', 'inacademia_message', __( 'ClientID must match the ClientID allocated by your subscription', 'inacademia' ), 'error' );
+			add_settings_error( 'inacademia', 'inacademia_message', 'ClientID must match the ClientID allocated by your subscription', 'error' );
 			unset( $options['client_id'] );
 		}
 	}
@@ -223,7 +223,7 @@ function sanitize_inacademia_options( $options ) {
 			$wrong_client_secret = true;
 		}
 		if ( $wrong_client_secret ) {
-			add_settings_error( 'inacademia', 'inacademia_message', __( 'ClientID must match the Client Secret allocated by your subscription', 'inacademia' ), 'error' );
+			add_settings_error( 'inacademia', 'inacademia_message', 'ClientID must match the Client Secret allocated by your subscription', 'error' );
 			unset( $options['client_secret'] );
 		}
 	}
@@ -238,7 +238,7 @@ function sanitize_inacademia_options( $options ) {
 function inacademia_section_settings_callback( $args ) {
 	?>
 	<p id="<?php echo esc_attr( $args['id'] ); ?>">
-		<?php echo esc_html( settings_text() ); ?>
+		<?php echo esc_html( inacademia_settings_text() ); ?>
 	<p>
 	<?php
 }
@@ -541,18 +541,18 @@ function inacademia_options_page_html() {
 					do_settings_sections( 'inacademia' );
 					// Output save settings button when client_secret has been set.
 					if ( @$options['client_secret'] ) {
-						echo esc_html( submit_text() );
+						echo esc_html( inacademia_submit_text() );
 					}
 					submit_button( $button_text );
 					?>
 				</form>
 				<?php
 			break;
 		case 'support':
-			echo esc_html( support_text() );
+			echo esc_html( inacademia_support_text() );
 			break;
 		default:
-			echo esc_html( welcome_text() );
+			echo esc_html( inacademia_welcome_text() );
 			break;
 			endswitch;
 	?>
@@ -564,7 +564,7 @@ function inacademia_options_page_html() {
 /**
  * Welcome text
  */
-function welcome_text() {
+function inacademia_welcome_text() {
 
 	?>
 	<h2>Important Information</h2>
@@ -592,7 +592,7 @@ function welcome_text() {
 /**
  * Settings text
  */
-function settings_text() {
+function inacademia_settings_text() {
 
 	?>
 	<p>Inputting the required data on this page will finalise the configuration of your shop's access to the InAcademia service and will deploy either a button or notice to your checkout, so please follow each step carefully before proceeding to 'Save Settings'. Merchants are strongly advised to test their settings in a WordPress development environment prior to deploying to production.</p>
@@ -606,7 +606,7 @@ function settings_text() {
 /**
  * Support text
  */
-function support_text() {
+function inacademia_support_text() {
 
 	?>
 	<h2>Request Support</h2>
@@ -620,7 +620,7 @@ function support_text() {
 /**
  * Submit text
  */
-function submit_text() {
+function inacademia_submit_text() {
 
 	?>
   <p>It's allowable to use either or both.<p>