From 67b7a6acbca5257e35c84dd4ee729b8e5f09638a Mon Sep 17 00:00:00 2001
From: trgino <trgino@trgino.com>
Date: Tue, 25 Jul 2023 21:14:21 +0300
Subject: [PATCH] v3.7.4 released

Redundant card informations requests blocked.
jquery.ajax has been update with jquery.post.
Added sslverify argument to wp_remote_post.
Added result check to all wp_remote_post requests.
---
 assets/moka-admin.js                        | 71 ++++++++-----------
 assets/moka.js                              | 71 ++++++++-----------
 composer.json                               |  8 ++-
 core/library/Moka_Core.php                  | 47 ++++++++-----
 core/library/Moka_Init.php                  |  5 --
 core/library/Optimisthub_Ajax.php           | 78 ++++++++++++---------
 core/library/Optimisthub_Update_Checker.php | 24 +++----
 index.php                                   | 12 ++--
 readme.md                                   |  6 +-
 9 files changed, 158 insertions(+), 164 deletions(-)

diff --git a/assets/moka-admin.js b/assets/moka-admin.js
index bc9e438..cdbdd97 100644
--- a/assets/moka-admin.js
+++ b/assets/moka-admin.js
@@ -1,7 +1,4 @@
-$ = jQuery;
-$.ajaxSetup({cache: false});
-
-$(document).ready(function () {
+jQuery(document).ready(function ($) {
     console.log('Moka Pay js loaded.');
 
     /**
@@ -9,26 +6,20 @@ $(document).ready(function () {
      */
 
     $('.js-update-comission-rates').click(function(e){
-        var  r=prompt("Bu işlemi yaptığınızda, girmiş olduğunuz taksit verilerinin tamamı silinir. Ve Moka Pay sunucularından güncel olanları üzerine yazılır. Ve işlem geri alınamaz. Devam etmek için lütfen alttaki alana 'onay' yazıp işleme devam ediniz.Aksi halde işlemniz devam etmeyecektir.");
+        var r = prompt("Bu işlemi yaptığınızda, girmiş olduğunuz taksit verilerinin tamamı silinir. Ve Moka Pay sunucularından güncel olanları üzerine yazılır. Ve işlem geri alınamaz. Devam etmek için lütfen alttaki alana 'onay' yazıp işleme devam ediniz.Aksi halde işlemniz devam etmeyecektir.");
         if(r && r == 'onay'){
-            $.ajax({
-                method: "POST",
-                dataType: "json",
-                url: moka_ajax.ajax_url,
-                data: {
-                    action : 'optimisthub_ajax',
-                    method : 'clear_installment'
-                },
-                success: function(response) {
-                    if(response.data.data.message == 'ok')
-                    {
-                        alert('İşleminiz başarılı bir şekilde tamamlandı. 2 Saniye içerisinde sayfa yenilecektir.')
-                        setTimeout(function(){
-                            window.location.reload();
-                        },2000);
-                    }   
-                }
-            });
+            $.post(moka_ajax.ajax_url + '?_=' + Date.now(), {
+                action : 'optimisthub_ajax',
+                method : 'clear_installment'
+            }, function(response) {
+                if(response.data.data.message == 'ok')
+                {
+                    alert('İşleminiz başarılı bir şekilde tamamlandı. 2 Saniye içerisinde sayfa yenilecektir.')
+                    setTimeout(function(){
+                        window.location.reload();
+                    }, 2e3);
+                }  
+            }, 'json');
         }
     });
 
@@ -37,27 +28,21 @@ $(document).ready(function () {
         let $orderId = jQuery(this).attr('data-order-id');
         var cancelSubscription = window.confirm("Onaylıyor iseniz, aboneliğiniz iptal edilecek ve ödemesi yenilenmeyecek.Ancak; aboneliğinizi üyelik sonlanma tarihine dek kullanmaya devam edebileceksiniz.");
         if (cancelSubscription) {
-            jQuery.ajax({
-                method: "POST",
-                dataType: "json",
-                url: moka_ajax.ajax_url,
-                data: {
-                    action  : 'optimisthub_ajax',
-                    method  : 'cancel_subscription',
-                    orderId : $orderId, 
-                },
-                success: function(response){
-                    if(response.data)
-                    {
-                        if(response.data.data.error) {
-                            alert(response.data.data.error);
-                        } else { 
-                            alert(response.data.data.messsage); 
-                            window.location.reload();
-                        }
+            $.post(moka_ajax.ajax_url + '?_=' + Date.now(), {
+                action  : 'optimisthub_ajax',
+                method  : 'cancel_subscription',
+                orderId : $orderId, 
+            }, function(response) {
+                if(response.data)
+                {
+                    if(response.data.data.error) {
+                        alert(response.data.data.error);
+                    } else { 
+                        alert(response.data.data.messsage); 
+                        window.location.reload();
                     }
-                }
-            });
+                } 
+            }, 'json');
         }  
     });
 });
\ No newline at end of file
diff --git a/assets/moka.js b/assets/moka.js
index 3eaef35..8a9ba16 100644
--- a/assets/moka.js
+++ b/assets/moka.js
@@ -1,32 +1,24 @@
-jQuery.ajaxSetup({cache: false});
-
 jQuery(document).ready(function () {
-    console.info('Moka PAY Core Js File loaded, successfully. Version 3.7.3');
-    
+    console.info('Moka PAY Core Js File loaded, successfully. Version 3.7.4');
+    let binCache = '';
+
     /**
      * Bin Number Request 
      */
-    jQuery(document).on('blur keyup click change','input#mokapay-card-number',function( e ) {  
-        e.preventDefault();
+    jQuery(document).on('blur keyup click change','input#mokapay-card-number', function( e ) {  
         let binValue = jQuery(this).val();
         let total = jQuery('#mokapay-current-order-total').val();
         binValue = binValue.replace(/\s/g, '');
-        if(binValue.length >= 6) {
-            jQuery.ajax({
-                method: "POST",
-                dataType: "json",
-                url: moka_ajax.ajax_url,
-                data: {
-                    action : 'optimisthub_ajax',
-                    method : 'validate_bin',
-                    binNumber : binValue,
-                    total : total 
-                },
-                success: function(response){
-                    jQuery('#ajaxify-installment-table').html('');
-                    jQuery('#ajaxify-installment-table').html(response.data.data.renderedHtml); 
-                }
-            });
+        if(binValue.length >= 6 && binValue.substr(0, 6) != binCache) {
+            binCache = binValue.substr(0, 6);
+            jQuery.post(moka_ajax.ajax_url + '?_=' + Date.now(), {
+                action : 'optimisthub_ajax',
+                method : 'validate_bin',
+                binNumber : binValue,
+                total : total,
+            }, function(response) {
+                jQuery('#ajaxify-installment-table').html(response.data.data.renderedHtml); 
+            }, 'json');
         } 
     }); 
 
@@ -39,29 +31,22 @@ jQuery(document).ready(function () {
         let $orderId = jQuery(this).attr('data-order-id');
         var cancelSubscription = window.confirm("Onaylıyor iseniz, aboneliğiniz iptal edilecek ve ödemesi yenilenmeyecek.Ancak; aboneliğinizi üyelik sonlanma tarihine dek kullanmaya devam edebileceksiniz.");
         if (cancelSubscription) {
-            jQuery.ajax({
-                method: "POST",
-                dataType: "json",
-                url: moka_ajax.ajax_url,
-                data: {
-                    action  : 'optimisthub_ajax',
-                    method  : 'cancel_subscription',
-                    orderId : $orderId, 
-                },
-                success: function(response){
-                    if(response.data)
-                    {
-                        if(response.data.data.error) {
-                            jQuery('#subscription_ajax_response').html(`<p>${response.data.data.error}</p>`);
-                        } else {
-                            jQuery('#subscription_ajax_response').html(`<p class="message">${response.data.data.messsage}</p>`);
-                            setTimeout(function(){
-                                window.location.reload();
-                            },3000);
-                        }
+            jQuery.post(moka_ajax.ajax_url + '?_=' + Date.now(), {
+                action  : 'optimisthub_ajax',
+                method  : 'cancel_subscription',
+                orderId : $orderId, 
+            }, function(response){
+                if(response.data) {
+                    if(response.data.data.error) {
+                        jQuery('#subscription_ajax_response').html(`<p>${response.data.data.error}</p>`);
+                    } else {
+                        jQuery('#subscription_ajax_response').html(`<p class="message">${response.data.data.messsage}</p>`);
+                        setTimeout(function(){
+                            window.location.reload();
+                        }, 3e3);
                     }
                 }
-            });
+            }, 'json');
         }  
     });
  
diff --git a/composer.json b/composer.json
index b963ce6..18339f7 100644
--- a/composer.json
+++ b/composer.json
@@ -22,7 +22,12 @@
             "name": "Fatih Toprak",
             "email": "patron@fatihtoprak.com",
             "homepage": "https://github.com/optimisthub"
-        } 
+        },
+        {
+            "name": "Cüneyt Çil",
+            "email": "trgino@trgino.com",
+            "homepage": "https://github.com/optimisthub"
+        }
     ],
     "support": {
         "email": "hi@optimisthub.com"
@@ -31,7 +36,6 @@
         "php": ">=7.1",
         "rappasoft/laravel-helpers": "^2.0",
         "tightenco/collect": "^8.68",
-        "spatie/ray": "^1.33",
         "nesbot/carbon": "^2.62"
     },
     "autoload": {
diff --git a/core/library/Moka_Core.php b/core/library/Moka_Core.php
index 31b0140..a0a9750 100644
--- a/core/library/Moka_Core.php
+++ b/core/library/Moka_Core.php
@@ -49,12 +49,13 @@ public function initializePayment($params)
  
         $paymentRequest = self::doRequest($method, $postParams);
  
-        if(data_get($paymentRequest, 'response.code') && data_get($paymentRequest, 'response.code') == 200)
+        if($paymentRequest && data_get($paymentRequest, 'response.code') && data_get($paymentRequest, 'response.code') == 200)
         {
             $responseBody = data_get($paymentRequest, 'body');
             $responseBody = json_decode($responseBody, true);
             return $responseBody;
         }
+        return $paymentRequest;
     }
 
     /**
@@ -96,7 +97,7 @@ public function requestBin($params)
 
         $response = self::doRequest('/PaymentDealer/GetBankCardInformation',$postParams);
         
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($response && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
@@ -132,7 +133,7 @@ public function getDealerInformation()
 
         $response = self::doRequest('/Dealer/GetDealer',$postParams);
 
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($response && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
@@ -338,20 +339,30 @@ private function apiHost($params)
      */
     private function doRequest($method, $params)
     {
-        return wp_remote_post($this->apiHost.$method,
+        $remote_request = wp_remote_post($this->apiHost.$method,
             [
-                'method'      => 'POST',
-                'timeout'     => 45,
-                'redirection' => 5,
-                'httpversion' => '1.0',
-                'blocking'    => true,
-                'headers'     => [
-                    'Content-Type' => 'application/json'
+                'method'        => 'POST',
+                'timeout'       => 45,
+                'redirection'   => 5,
+                'httpversion'   => '1.0',
+                'blocking'      => true,
+                'headers'       => 
+                [
+                    'Content-Type'  => 'application/json'
                 ],
-                'body'        => json_encode($params),
-                'cookies'     => [],
+                'body'          => json_encode($params),
+                'cookies'       => [],
+                'sslverify'     => false,
             ]
-        );   
+        );
+        if(
+        !is_wp_error( $remote_request ) && 
+        200 == wp_remote_retrieve_response_code( $remote_request ) && 
+        !empty( wp_remote_retrieve_body( $remote_request ) )
+        ) {
+            return $remote_request;
+        }
+        return false;  
     }
 
     /**
@@ -454,7 +465,7 @@ public function addCustomerWithCard($params)
         $response = self::doRequest('/DealerCustomer/AddCustomerWithCard',$postParams);
  
 
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($response && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
@@ -514,7 +525,7 @@ public function getCustomerByCustomerCode($params)
 
         $response = self::doRequest('/DealerCustomer/GetCustomer',$postParams);
         
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($resposne && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
@@ -557,7 +568,7 @@ public function addCard($params)
 
         $response = self::doRequest('/DealerCustomer/AddCard',$postParams);
         
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($response && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
@@ -596,7 +607,7 @@ public function removeCard($params)
 
         $response = self::doRequest('/DealerCustomer/RemoveCard',$postParams);
         
-        if(data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
+        if($response && data_get($response, 'response.code') && data_get($response, 'response.code') == 200)
         {
             $responseBody = data_get($response, 'body');
             $responseBody = json_decode($responseBody, true);
diff --git a/core/library/Moka_Init.php b/core/library/Moka_Init.php
index 6176407..ee2b1ee 100644
--- a/core/library/Moka_Init.php
+++ b/core/library/Moka_Init.php
@@ -3,11 +3,6 @@
 	exit;
 }
 
-define('OPTIMISTHUB_MOKA_PAY_VERSION', '3.7.3');
-
-global $mokaVersion;
-$mokaVersion = OPTIMISTHUB_MOKA_PAY_VERSION;
-
 /**
  * Init Moka POS Confiuration and Gateway Class for WooCommerce
  * @since 2.2
diff --git a/core/library/Optimisthub_Ajax.php b/core/library/Optimisthub_Ajax.php
index e614473..5ae471c 100644
--- a/core/library/Optimisthub_Ajax.php
+++ b/core/library/Optimisthub_Ajax.php
@@ -24,6 +24,8 @@ public function __construct()
      */
     public function validate_bin($params)
     { 
+        $avaliableInstallment = null;
+
         $postData = $params;
  
         $action = data_get($postData, 'action');
@@ -39,13 +41,29 @@ public function validate_bin($params)
         $mokaPay = new MokaPayment();
         $response = $mokaPay->requestBin(['binNumber' => $binNumber]);
 
+        if( !$response )
+        {
+            $error = new WP_Error( '002', 'Response Could Not Fetched.' );
+
+            $data = [
+                'error_message'     => $error,
+                'cardInformation'   => $response, 
+                'installments'      => $avaliableInstallment,
+                'renderedHtml'      => self::renderedHtml($response, []),
+            ]; 
+            wp_send_json_error( [
+                'binNumber' => $binNumber, 
+                'time'      => time(), 
+                'data'      => $data,
+            ] );
+        }
+
         ## installments
         $bankCode = mb_strtolower(data_get($response, 'BankCode')); 
         $bankGroup = mb_strtolower(data_get($response, 'GroupName')); 
 
         $installments = self::fetchInstallment();
         
-        $avaliableInstallment = null;
         if($bankGroup)
         { 
             foreach($installments as $perInstallment)
@@ -58,28 +76,20 @@ public function validate_bin($params)
         }    
         
         ## installments
-        $data= [
+        $data = [
             'cardInformation' => $response, 
             'installments' => $avaliableInstallment,
-            'renderedHtml' => self::renderedHtml(['card' => $response, 'installments' => $avaliableInstallment, 'total' => data_get($postData, 'total')]),
+            'renderedHtml' => self::renderedHtml($response, [
+                'card'          => $response, 
+                'installments'  => $avaliableInstallment, 
+                'total'         => data_get($postData, 'total'),
+            ]),
         ];  
 
-        if(!$response)
-        {
-            $error = new WP_Error( '002', 'Response Could Not Fetched.' );
-
-            $data['error_message'] = $error; 
-            wp_send_json_error( [
-                'binNumber' => $binNumber, 
-                'time' => time(), 
-                'data' => $data,
-            ] );
-        }
-
         wp_send_json_success( [
             'binNumber' => $binNumber, 
-            'time' => time(), 
-            'data' => $data,
+            'time'      => time(), 
+            'data'      => $data,
         ], 200 );
 
         wp_die();
@@ -199,30 +209,29 @@ private function fetchInstallment()
      * @param [array] $params
      * @return void
      */
-    private function renderedHtml( $params )
+    private function renderedHtml( $response, $params )
     {
-        $total = data_get($params, 'total');
-        $maxInstallment = data_get($params, 'card.MaxInstallmentNumber');
-        $installmentRates = data_get($params, 'installments.rates');
-        $orderTotal = $total;
-
-        ### Disable rate for 1 installment
-        $installmentRates[1]=[
-            'active' => 1,
-            'value' => 0,
+        $installmentRates = [
+            1 => [
+                'active' => 1,
+                'value' => 0,
+            ],
         ];
-        ### Disable rate for 1 installment
 
         $formHtml = ''; 
         $formHtml.='<input type="hidden" name="mokapay-order-total" value="'.$orderTotal.'">';
         $formHtml.='<input type="hidden" name="mokapay-installment-rates" value="'.urlencode(json_encode($installmentRates)).'">';
- 
-        
-        if(!$this->enableInstallment)
-        {
-            return $formHtml.='<input type="hidden" name="mokapay-installment" value="1">';
+
+        if( !$response || !$this->enableInstallment ) {
+            $formHtml.='<input type="hidden" name="mokapay-installment" value="1">';
+            return $formHtml;
         }
 
+        $total = data_get($params, 'total');
+        $maxInstallment = data_get($params, 'card.MaxInstallmentNumber');
+        $installmentRates = data_get($params, 'installments.rates');
+        $orderTotal = $total;
+
         if($installmentRates)
         {
             $formHtml .='<fieldset style="padding-bottom:30px"><p class="form-row form-row-wide">';
@@ -274,7 +283,8 @@ private function renderedHtml( $params )
 
         if(!$installmentRates)
         {
-            return $formHtml.='<input type="hidden" name="mokapay-installment" value="1">';
+            $formHtml.='<input type="hidden" name="mokapay-installment" value="1">';
+            return $formHtml;
         } 
         return $formHtml;
     }
diff --git a/core/library/Optimisthub_Update_Checker.php b/core/library/Optimisthub_Update_Checker.php
index 03ce9d0..5101ee0 100644
--- a/core/library/Optimisthub_Update_Checker.php
+++ b/core/library/Optimisthub_Update_Checker.php
@@ -17,9 +17,8 @@ class Optimisthub_Update_Checker
 
     public function __construct()
     {
-        global $mokaVersion;  
         $this->plugin_slug      = 'moka-woocommerce-master';
-        $this->version          = $mokaVersion;
+        $this->version          = OPTIMISTHUB_MOKA_PAY_VERSION;
         $this->cache_key        = 'moka_worker_update_check';
         $this->cache_allowed    = true;
         $this->endpoint         = 'https://moka.wooxup.com/check';
@@ -42,18 +41,19 @@ public function request()
         {    
             $remote = wp_remote_post( $this->endpoint,
                 [
-                    'method'      => 'POST',
-                    'timeout'     => 45,
-                    'redirection' => 5,
-                    'httpversion' => '1.0',
-                    'blocking'    => true,
-                    'headers'     => [],
-                    'body'        => 
+                    'method'        => 'POST',
+                    'timeout'       => 45,
+                    'redirection'   => 5,
+                    'httpversion'   => '1.0',
+                    'blocking'      => true,
+                    'headers'       => [],
+                    'body'          => 
                     [
-                        'platform'  =>  $this->platform,
-                        'version'   =>  $this->version,
+                        'platform'  => $this->platform,
+                        'version'   => $this->version,
                     ],
-                    'cookies'     => [],
+                    'cookies'       => [],
+                    'sslverify'     => false,
                 ]
             );    
 
diff --git a/index.php b/index.php
index b374a80..b90a769 100644
--- a/index.php
+++ b/index.php
@@ -3,7 +3,7 @@
  * Plugin Name: Moka Payment Gateway for WooCommerce
  * Plugin URI: https://github.com/optimisthub/moka-woocommerce
  * Description: Moka Payment gateway for woocommerce
- * Version: 3.7.3
+ * Version: 3.7.4
  * Author: Optimist Hub
  * Author URI: https://optimisthub.com?ref=mokaPayment
  * Domain Path: /languages/ 
@@ -14,6 +14,8 @@
     exit;
 }
 
+define('OPTIMISTHUB_MOKA_PAY_VERSION', '3.7.4');
+
 require __DIR__ . '/vendor/autoload.php';    
 
 /**
@@ -40,7 +42,6 @@ function loadOptimisthubMokaTranslations()
 function mokaPaySqlTables() 
 {
 	global $wpdb;
-	global $mokaVersion;
 
 	$tableNames = [
 		$wpdb->prefix . 'moka_transactions',
@@ -93,14 +94,17 @@ function mokaPaySqlTables()
 
 	];
 
-	require( ABSPATH . 'wp-admin/includes/upgrade.php' );
+	if( !function_exists( 'dbDelta' ))
+	{
+		require_once( ABSPATH . 'wp-admin/includes/upgrade.php' );
+	}
 
 	foreach($createTableQuery as $perQuery )
 	{  
 		dbDelta( $perQuery ); 
 	} 
 
-	add_option( 'moka_transactions', $mokaVersion );
+	add_option( 'moka_transactions', OPTIMISTHUB_MOKA_PAY_VERSION );
 }
 
 register_activation_hook(__FILE__, 'mokaPaySqlTables');
diff --git a/readme.md b/readme.md
index 8f030a9..021b137 100644
--- a/readme.md
+++ b/readme.md
@@ -20,10 +20,10 @@
 
 Moka Pos, Moka Pay plugin;
 
-- Minimum PHP 7.1> requirement is required.
+- Minimum PHP 7.4+ requirement is required.
 - PHP cURL extension is required.
-- Tried with MYSQL 8.0+.
-- Tested with PHP versions 7.1,7.4,8.x>.
+- Tried with MYSQL 5.7.43, 8.0.
+- Tested with PHP versions 7.4, 8.1.
 - Fully compatible with WooCommerce version 6.0+.
 - Fully compatible with WordPress 5.8.2+.