dwindown/formipay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: add comprehensive audit report and architectural recommendation

Browse Source 
Checkpoint before implementation. Includes audit findings (FINDINGS.md),
architectural recommendation (RECOMMENDATION.md), and existing code changes
to Form, Order, Render, and form-action.js from recent development.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
dwindown
2026-04-17 17:00:47 +07:00
parent 0446eb1064
commit 35569923a5
6 changed files with 1014 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
includes/Order.php
View File

@@ -15,7 +15,9 @@ class Order {
private $order_details;
private $chosen_currency;
private $chosen_currency; // reserved (not used yet)
private $currency; // 3-letter currency code from request (e.g., IDR, USD)
/**
* Initializes the plugin by setting filters and administration functions.
@@ -90,7 +92,7 @@ class Order {
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
$order_meta_data = isset($_REQUEST['meta_data']) ? wp_unslash($_REQUEST['meta_data']) : [];
$purpose = isset($_REQUEST['purpose']) ? sanitize_text_field(wp_unslash($_REQUEST['purpose'])) : '';
$this->currency = isset($_REQUEST['currency']) ? wp_unslash($_REQUEST['currency']) : formipay_default_currency('symbol');
$this->currency = isset($_REQUEST['currency']) ? sanitize_text_field( wp_unslash($_REQUEST['currency']) ) : (string) formipay_default_currency('code');
$this->form_id = $form_id;
@@ -221,85 +223,49 @@ class Order {
$details = [];
// $product_price = floatval(formipay_get_post_meta($this->form_id, 'product_price'));
// $details[] = [
// 'item' => html_entity_decode(get_the_title($this->form_id)),
// 'amount' => $product_price,
// 'qty' => (int) $this->order_data['qty'],
// 'subtotal' => floatval($product_price) * intval($this->order_data['qty']),
// 'context' => 'main'
// ];
// $check_fields = formipay_get_post_meta($this->form_id, 'formipay_settings');
// if(!empty($check_fields['fields'])){
// foreach($check_fields['fields'] as $field){
// // if($field['field_type'] == 'select'){
// if(in_array($field['field_type'], ['select','checkbox', 'radio'])) {
// $options = $field['field_options'];
// if(!empty($options)){
// foreach($options as $option){
// $option_value = ($field['show_toggle']['value'] && '' !== $option['value']) ? $option['value'] : $option['label'];
// if(!empty($this->order_data[$field['field_id']])) {
// $field_value = $this->order_data[$field['field_id']];
// if($field['field_type'] == 'select'){
// $field_value = ($field['show_toggle']['value']) ?
// $this->order_data[$field['field_id']]['value'] :
// $this->order_data[$field['field_id']]['label'];
// }
// $field_value = explode(',', $field_value);
// $context = 'no-context';
// if(floatval($option['amount']) < 0){
// $context = 'sub';
// }elseif(floatval($option['amount']) > 0){
// $context = 'add';
// }
// if(!empty($field_value) && $field['show_toggle']['amount'] == 'yes'){
// foreach($field_value as $f_value){
// if($option_value == $f_value){
// $qty = ($option['qty'] == 'yes') ? $this->order_data['qty'] : 1;
// $details[] = [
// 'item' => $field['label'] .' - '. $option['label'],
// 'amount' => floatval($option['amount']),
// 'qty' => (int) $qty,
// 'subtotal' => floatval($option['amount']) * intval($qty),
// 'context' => $context
// ];
// }
// }
// }
// }
// }
// }
// }
// }
// }
/**
* Cart items (not implemented yet)
*/
/**
* Attached Product
*/
// Ensure currency code is present; fallback to form default currency code
if (empty($this->currency)) {
$default_currency_full = formipay_get_post_meta($this->form_id, 'default_currencies'); // e.g., "IDR:::Indonesian rupiah:::Rp"
$parts = explode(':::', (string) $default_currency_full);
$this->currency = $parts[0] ?? 'IDR';
}
// Attached static products (qty = 1 each in this case)
$products = formipay_get_post_meta($this->form_id, 'static_products');
if(!empty($products)){
$products = explode(',', $products);
foreach($products as $product_id){
$product_data = formipay_get_post_meta($product_id);
$regular_price = formipay_get_post_meta($product_id, 'setting_product_price_regular_'.$this->currency);
$sale_price = formipay_get_post_meta($product_id, 'setting_product_price_sale_'.$this->currency);
$this_item = [
'item' => html_entity_decode(get_the_title($product_id)),
'amount' => (float) $sale_price ?: $regular_price,
'qty' => 1,
'subtotal' => (float) $sale_price ?: $regular_price,
if (!empty($products)) {
$products = array_filter(array_map('absint', explode(',', (string) $products)));
foreach ($products as $product_id) {
$regular_key = 'setting_product_price_regular_' . $this->currency;
$sale_key = 'setting_product_price_sale_' . $this->currency;
$regular_price = formipay_get_post_meta($product_id, $regular_key);
$sale_price = formipay_get_post_meta($product_id, $sale_key);
$price = ($sale_price !== '' && $sale_price !== null) ? (float) $sale_price : (float) $regular_price;
$details[] = [
'item' => html_entity_decode(get_the_title($product_id)),
'amount' => $price,
'qty' => 1,
'subtotal' => $price,
'context' => 'product',
];
}
}
// Static items (fees/bonuses), currency-aware amounts
$raw_items = formipay_get_post_meta($this->form_id, 'static_items');
if (!empty($raw_items)) {
$items = json_decode((string) $raw_items, true) ?: [];
foreach ($items as $it) {
$label = $it['label'] ?? 'Item';
$qty = (int) ($it['quantity'] ?? 1);
$key = 'amount_' . $this->currency;
$amt = (float) ($it[$key] ?? 0);
$details[] = [
'item' => $label,
'amount' => $amt,
'qty' => $qty,
'subtotal' => $amt * $qty,
'context' => 'item',
];
}
}