dwindown/formipay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13 Commits 1 Branch 0 Tags
200c349cf9f9e1aad8267d8124ee7abbfb965cb7
Commit Graph

13 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dwindown
200c349cf9 docs: mark Phase 1 (Week 1-2) tasks as complete in TASKLIST.md 
All critical bug fixes, performance improvements, and security
hardening tasks are now complete. Ready to proceed to Phase 2.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-17 19:55:38 +07:00
dwindown
66e7b37f92 fix: resolve all Week 2 performance & security issues (F1.10–F1.19) 
Security:
- Replace maybe_serialize() in cookies with json_encode() (PHP object injection fix)
- Add PayPal webhook signature verification
- Add current_user_can('manage_options') to all 18 admin-ajax handlers

Performance:
- Remove flush_rewrite_rules() from init hooks (Thankyou + Payment)
- Add activation/deactivation hooks for flush_rewrite_rules
- Cache currency, country, flags JSON reads in static variables
- Add server-side pagination to Customer::formipay_tabledata_customers()
- Optimize Order::formipay_tabledata_orders() with COUNT(*) GROUP BY

Cleanup:
- Delete Paypal.phpbak backup file
- Fix timezone hardcode Asia/Jakarta → wp_timezone_string()
- Create uninstall.php for proper cleanup on uninstall

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-17 19:52:01 +07:00
dwindown
be9a1a0a86 fix: resolve all Week 1 critical bugs (F1.1–F1.9) 
- Fix Customer::update() fatal error (undefined $table_name, $new_args)
- Fix Order::delete() using wrong variable $id instead of $order_id
- Fix Order::bulk_delete() using outer $order_id instead of loop $id
- Fix Email::send_email() calling non-existent class (use parent::)
- Add missing Order import in Paypal.php
- Fix BankTransfer unique_code triple DB call (call once, reuse result)
- Fix color field label showing "Number" instead of "Color"
- Add nonce verification to Customer::formipay_tabledata_customers()

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-17 19:40:12 +07:00
dwindown
4274be81a4 docs: add PRD and implementation task list 
PRD.md defines product requirements across 4 phases (critical fixes,
React admin, frontend enhancements, missing features). TASKLIST.md
breaks all work into checkable tasks with file references.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-17 17:05:32 +07:00
dwindown
35569923a5 docs: add comprehensive audit report and architectural recommendation 
Checkpoint before implementation. Includes audit findings (FINDINGS.md),
architectural recommendation (RECOMMENDATION.md), and existing code changes
to Form, Order, Render, and form-action.js from recent development.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-17 17:00:47 +07:00
dwindown
0446eb1064 Admin Settings in all CPTs are already set. Continue to frontend. 2025-10-13 15:20:14 +07:00
dwindown
6f6b039441 Finalize the backend for each coupon, customer and access functionalities 2025-09-24 21:46:03 +07:00
dwindown
4151ea3b9e fix Products, Coupons, and admin pages 2025-09-15 17:44:39 +07:00
dwindown
255da46509 fix wpcfto select and repeater related visibility and validation 2025-08-29 19:27:50 +07:00
dwindown
ccb2b1aea1 update multicurrencies functionality on global level 2025-08-25 19:55:38 +07:00
dwindown
38b6b5cddb add new classes License and LicenseAPI 2025-08-22 12:59:23 +07:00
dwindown
56ca12119c add gitignore 2025-08-21 20:40:49 +07:00
dwindown
58c1497171 first commit 2025-08-21 20:39:34 +07:00