Skip to content

Commit

Permalink
Check api keys before saving when not in db
Browse files Browse the repository at this point in the history
  • Loading branch information
@mmaymo
mmaymo committed Nov 4, 2024
1 parent d6e04c3 commit fcc181f
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 37 deletions.
73 changes: 38 additions & 35 deletions src/Settings/MollieSettingsPage.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,43 +199,46 @@ protected function saveApiKeys($settings)
if (!$isNonceValid) {
return $settings;
}
$liveKeyName = 'mollie-payments-for-woocommerce_live_api_key';
$testKeyName = 'mollie-payments-for-woocommerce_test_api_key';
$liveValueInDb = get_option($liveKeyName);
$testValueInDb = get_option($testKeyName);
$postedLiveValue = isset($_POST[$liveKeyName]) ? sanitize_text_field(wp_unslash($_POST[$liveKeyName])) : '';
$postedTestValue = isset($_POST[$testKeyName]) ? sanitize_text_field(wp_unslash($_POST[$testKeyName])) : '';
$apiKeys = [
'live' => [
'keyName' => 'mollie-payments-for-woocommerce_live_api_key',
'pattern' => '/^live_\w{30,}$/',
'valueInDb' => get_option('mollie-payments-for-woocommerce_live_api_key'),
'postedValue' => isset($_POST['mollie-payments-for-woocommerce_live_api_key'])
? sanitize_text_field(wp_unslash($_POST['mollie-payments-for-woocommerce_live_api_key']))
: ''
],
'test' => [
'keyName' => 'mollie-payments-for-woocommerce_test_api_key',
'pattern' => '/^test_\w{30,}$/',
'valueInDb' => get_option('mollie-payments-for-woocommerce_test_api_key'),
'postedValue' => isset($_POST['mollie-payments-for-woocommerce_test_api_key'])
? sanitize_text_field(wp_unslash($_POST['mollie-payments-for-woocommerce_test_api_key']))
: ''
]
];

foreach ($settings as $setting) {
if (
$setting['id']
=== $liveKeyName
&& $liveValueInDb
) {
if ($postedLiveValue === '**********') {
$_POST[$liveKeyName] = $liveValueInDb;
} else {
$pattern = '/^live_\w{30,}$/';
$this->validateApiKeyOrRemove(
$pattern,
$postedLiveValue,
$liveKeyName
);
}
} elseif (
$setting['id']
=== $testKeyName
&& $testValueInDb
) {
if ($postedTestValue === '**********') {
$_POST[$testKeyName] = $testValueInDb;
} else {
$pattern = '/^test_\w{30,}$/';
$this->validateApiKeyOrRemove(
$pattern,
$postedTestValue,
$testKeyName
);
foreach ($apiKeys as $type => $apiKey) {
if ($setting['id'] === $apiKey['keyName']) {
if ($apiKey['postedValue'] === '**********') {
// If placeholder is detected but no DB value, validate as new key
if (!$apiKey['valueInDb']) {
$this->validateApiKeyOrRemove(
$apiKey['pattern'],
'', // No DB value; treat as new
$apiKey['keyName']
);
} else {
$_POST[$apiKey['keyName']] = $apiKey['valueInDb'];
}
} else {
$this->validateApiKeyOrRemove(
$apiKey['pattern'],
$apiKey['postedValue'],
$apiKey['keyName']
);
}
}
}
}
Expand Down
4 changes: 2 additions & 2 deletions src/Shared/Data.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -113,9 +113,9 @@ public function isTestModeEnabled(): bool
/**
* @param bool $overrideTestMode
*
* @return null|string
* @return false|string
*/
public function getApiKey($overrideTestMode = 2): ?string
public function getApiKey($overrideTestMode = 2)
{
return $this->settingsHelper->getApiKey($overrideTestMode);
}
Expand Down

0 comments on commit fcc181f

Please sign in to comment.