Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Fix session form data being reset if throttling kicks in [MAILPOET-2015]

Browse Source
This commit is contained in:
wxa
2019-07-19 13:47:54 +03:00
committed by M. Shull
parent cfb108d240
commit 97f0b9104c
3 changed files with 38 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
assets/js/src/public.js
View File

@ -23,12 +23,18 @@ jQuery(function ($) { // eslint-disable-line func-names
} }
function updateCaptcha(e) { function updateCaptcha(e) {
var captcha = $('img.mailpoet_captcha'); var captcha;
var captchaSrc = captcha.attr('src'); var captchaSrc;
var hashPos = captchaSrc.indexOf('#'); var hashPos;
var newSrc = hashPos > 0 ? captchaSrc.substring(0, hashPos) : captchaSrc; var newSrc;
captcha = $('img.mailpoet_captcha');
if (!captcha.length) return false;
captchaSrc = captcha.attr('src');
hashPos = captchaSrc.indexOf('#');
newSrc = hashPos > 0 ? captchaSrc.substring(0, hashPos) : captchaSrc;
captcha.attr('src', newSrc + '#' + new Date().getTime()); captcha.attr('src', newSrc + '#' + new Date().getTime());
if (e) e.preventDefault(); if (e) e.preventDefault();
return true;
} }
$(function () { // eslint-disable-line func-names $(function () { // eslint-disable-line func-names

18
lib/API/JSON/v1/Subscribers.php
View File

@ -162,7 +162,7 @@ class Subscribers extends APIEndpoint {
$captcha_settings = $this->settings->get('captcha'); $captcha_settings = $this->settings->get('captcha');
if (!empty($captcha_settings['type']) && $captcha_settings['type'] === Captcha::TYPE_BUILTIN) { if (!empty($captcha_settings['type']) && $captcha_settings['type'] === Captcha::TYPE_BUILTIN) {
if (empty($data['captcha'])) { if (!isset($data['captcha'])) {
// Save form data to session // Save form data to session
$_SESSION[Captcha::SESSION_FORM_KEY] = array_merge($data, ['form_id' => $form_id]); $_SESSION[Captcha::SESSION_FORM_KEY] = array_merge($data, ['form_id' => $form_id]);
} elseif (!empty($_SESSION[Captcha::SESSION_FORM_KEY])) { } elseif (!empty($_SESSION[Captcha::SESSION_FORM_KEY])) {
@ -207,7 +207,11 @@ class Subscribers extends APIEndpoint {
if ($timeout > 0) { if ($timeout > 0) {
$time_to_wait = SubscriptionThrottling::secondsToTimeString($timeout); $time_to_wait = SubscriptionThrottling::secondsToTimeString($timeout);
throw new \Exception(sprintf(__('You need to wait %s before subscribing again.', 'mailpoet'), $time_to_wait)); $meta = [];
$meta['refresh_captcha'] = true;
return $this->badRequest([
APIError::BAD_REQUEST => sprintf(WPFunctions::get()->__('You need to wait %s before subscribing again.', 'mailpoet'), $time_to_wait),
], $meta);
} }
$subscriber = $this->subscriber_actions->subscribe($data, $segment_ids); $subscriber = $this->subscriber_actions->subscribe($data, $segment_ids);
@ -216,6 +220,12 @@ class Subscribers extends APIEndpoint {
if ($errors !== false) { if ($errors !== false) {
return $this->badRequest($errors); return $this->badRequest($errors);
} else { } else {
if (!empty($captcha_settings['type']) && $captcha_settings['type'] === Captcha::TYPE_BUILTIN) {
// Captcha has been verified, invalidate the session vars
$_SESSION[Captcha::SESSION_KEY] = null;
$_SESSION[Captcha::SESSION_FORM_KEY] = null;
}
$meta = []; $meta = [];
if ($form !== false) { if ($form !== false) {
@ -300,10 +310,6 @@ class Subscribers extends APIEndpoint {
return $this->badRequest([ return $this->badRequest([
APIError::BAD_REQUEST => WPFunctions::get()->__('The characters entered do not match with the previous captcha.', 'mailpoet'), APIError::BAD_REQUEST => WPFunctions::get()->__('The characters entered do not match with the previous captcha.', 'mailpoet'),
], $meta); ], $meta);
} else {
// Captcha has been verified, invalidate the session vars
$_SESSION[Captcha::SESSION_KEY] = null;
$_SESSION[Captcha::SESSION_FORM_KEY] = null;
} }
} }

36
tests/integration/API/JSON/v1/SubscribersTest.php
View File

@ -600,16 +600,14 @@ class SubscribersTest extends \MailPoetTest {
$this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id], $this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id],
]); ]);
try { $response = $this->endpoint->subscribe([
$this->endpoint->subscribe([ $this->obfuscatedEmail => 'tata@mailpoet.com',
$this->obfuscatedEmail => 'tata@mailpoet.com', 'form_id' => $this->form->id,
'form_id' => $this->form->id, $this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id],
$this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id], ]);
]);
$this->fail('It should not be possible to subscribe a second time so soon'); expect($response->status)->equals(APIResponse::STATUS_BAD_REQUEST);
} catch (\Exception $e) { expect($response->errors[0]['message'])->equals('You need to wait 1 minutes before subscribing again.');
expect($e->getMessage())->equals('You need to wait 1 minutes before subscribing again.');
}
} }
function testItCannotMassResubscribe() { function testItCannotMassResubscribe() {
@ -627,16 +625,14 @@ class SubscribersTest extends \MailPoetTest {
$subscriber->updated_at = Carbon::now(); $subscriber->updated_at = Carbon::now();
$subscriber->save(); $subscriber->save();
try { $response = $this->endpoint->subscribe([
$this->endpoint->subscribe([ $this->obfuscatedEmail => $subscriber->email,
$this->obfuscatedEmail => $subscriber->email, 'form_id' => $this->form->id,
'form_id' => $this->form->id, $this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id],
$this->obfuscatedSegments => [$this->segment_1->id, $this->segment_2->id], ]);
]);
$this->fail('It should not be possible to resubscribe a second time so soon'); expect($response->status)->equals(APIResponse::STATUS_BAD_REQUEST);
} catch (\Exception $e) { expect($response->errors[0]['message'])->equals('You need to wait 1 minutes before subscribing again.');
expect($e->getMessage())->equals('You need to wait 1 minutes before subscribing again.');
}
} }
function testItSchedulesWelcomeEmailNotificationWhenSubscriberIsAdded() { function testItSchedulesWelcomeEmailNotificationWhenSubscriberIsAdded() {