Preparing release v1.6.5

gmn42 · Oct 25, 2023 · de924d2 · de924d2
1 parent a6c825c
commit de924d2
Show file tree

Hide file tree

Showing 7 changed files with 67 additions and 43 deletions.
diff --git a/composer.lock b/composer.lock
diff --git a/languages/wc-serial-numbers.pot b/languages/wc-serial-numbers.pot
@@ -2,9 +2,9 @@
 # This file is distributed under the GPLv2+.
 msgid ""
 msgstr ""
-"Project-Id-Version: Serial Numbers for WooCommerce 1.6.3\n"
+"Project-Id-Version: Serial Numbers for WooCommerce 1.6.4\n"
 "Report-Msgid-Bugs-To: https://pluginever.com/plugins/wc-serial-numbers/\n"
-"POT-Creation-Date: 2023-10-25 08:52:01+00:00\n"
+"POT-Creation-Date: 2023-10-25 09:14:40+00:00\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=utf-8\n"
 "Content-Transfer-Encoding: 8bit\n"
@@ -1734,11 +1734,11 @@ msgstr ""
 msgid "This is a dummy theme"
 msgstr ""
 
-#: vendor/wp-cli/wp-cli/php/utils-wp.php:238
+#: vendor/wp-cli/wp-cli/php/utils-wp.php:246
 msgid "Inactive Widgets"
 msgstr ""
 
-#: vendor/wp-cli/wp-cli/php/utils-wp.php:241
+#: vendor/wp-cli/wp-cli/php/utils-wp.php:249
 msgid "Drag widgets here to remove them from the sidebar but keep their settings."
 msgstr ""
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "wc-serial-numbers",
   "title": "Serial Numbers for WooCommerce",
-  "version": "1.6.4",
+  "version": "1.6.5",
   "description": "The best WooCommerce extension to sell license & serial keys, gift cards and other secret numbers!",
   "homepage": "https://pluginever.com/plugins/wc-serial-numbers/",
   "license": "GPL-3.0+",

diff --git a/readme.txt b/readme.txt
@@ -4,7 +4,7 @@ Tags: license manager, license, license number, serial number, activation number
 Requires at least: 5.0
 Tested up to: 6.3
 Requires PHP: 5.6
-Stable tag: 1.6.4
+Stable tag: 1.6.5
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 
@@ -252,6 +252,9 @@ Yes, you are always welcome to [provide suggestions](https://github.com/pluginev
 
 
 == Changelog ==
+= 1.6.5 (25 Oct 2023) =
+* Fix: API request is not working.
+
 = 1.6.4 (25 Oct 2023) =
 * Enhance: Optimize and improve code for better performance & security.
 

diff --git a/src/API.php b/src/API.php
@@ -21,6 +21,8 @@ class API {
 	 * @since 1.0.0
 	 */
 	public function __construct() {
+		// add query vars.
+		add_filter( 'query_vars', array( __CLASS__, 'add_query_vars' ), 0 );
 		add_action( 'woocommerce_api_serial-numbers-api', array( __CLASS__, 'process_request' ) );
 		add_action( 'wc_serial_numbers_api_action_check', array( __CLASS__, 'validate_key' ) );
 		add_action( 'wc_serial_numbers_api_action_validate', array( __CLASS__, 'validate_key' ) );
@@ -29,38 +31,37 @@ public function __construct() {
 		add_action( 'wc_serial_numbers_api_action_version_check', array( __CLASS__, 'check_version' ) );
 	}
 
+	/**
+	 * Add query vars.
+	 *
+	 * @param array $vars Query vars.
+	 *
+	 * @since 1.0.0
+	 *
+	 * @return array
+	 */
+	public static function add_query_vars( $vars ) {
+		$vars[] = 'product_id';
+		$vars[] = 'serial_key';
+		$vars[] = 'request';
+		$vars[] = 'email';
+		$vars[] = 'instance';
+		$vars[] = 'platform';
+
+		return $vars;
+	}
+
 	/**
 	 * Process request.
 	 *
 	 * @since 1.0.0
 	 */
 	public static function process_request() {
-		$method = filter_input( INPUT_SERVER, 'REQUEST_METHOD', FILTER_SANITIZE_SPECIAL_CHARS );
-		if ( 'POST' === strtoupper( $method ) ) {
-			$product_id = filter_input( INPUT_POST, 'product_id', FILTER_SANITIZE_NUMBER_INT );
-			$key        = filter_input( INPUT_POST, 'serial_key', FILTER_SANITIZE_SPECIAL_CHARS );
-			$action     = filter_input( INPUT_POST, 'request', FILTER_SANITIZE_SPECIAL_CHARS );
-			$email      = filter_input( INPUT_POST, 'email', FILTER_SANITIZE_SPECIAL_CHARS );
-		} elseif ( 'GET' === strtoupper( $method ) ) {
-			$product_id = filter_input( INPUT_GET, 'product_id', FILTER_SANITIZE_NUMBER_INT );
-			$key        = filter_input( INPUT_GET, 'serial_key', FILTER_SANITIZE_SPECIAL_CHARS );
-			$action     = filter_input( INPUT_GET, 'request', FILTER_SANITIZE_SPECIAL_CHARS );
-			$email      = filter_input( INPUT_GET, 'email', FILTER_SANITIZE_SPECIAL_CHARS );
-		} else {
-			// its unknown request method.
-			wp_send_json_error(
-				array(
-					'code'    => 'invalid_request_method',
-					'message' => __( 'Invalid request method.', 'wc-serial-numbers' ),
-				)
-			);
-		}
+		$product_id = self::get_query_var( 'product_id', 'absint' );
+		$key        = self::get_query_var( 'serial_key' );
+		$action     = self::get_query_var( 'request' );
+		$email      = strtolower( self::get_query_var( 'email' ) );
 
-		// Clean up properties.
-		$product_id = absint( $product_id );
-		$key        = sanitize_text_field( wp_unslash( $key ) );
-		$action     = sanitize_key( wp_unslash( $action ) );
-		$email      = strtolower( sanitize_email( wp_unslash( $email ) ) );
 		WCSN()->log(
 			'API request',
 			'debug',
@@ -230,8 +231,8 @@ public static function validate_key( $serial_key ) {
 	 */
 	public static function activate_key( $serial_key ) {
 		$user_agent = ! empty( $_SERVER['HTTP_USER_AGENT'] ) ? md5( sanitize_textarea_field( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ) ) . time() ) : md5( time() );
-		$instance   = ! empty( $_REQUEST['instance'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['instance'] ) ) : $user_agent; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
-		$platform   = ! empty( $_REQUEST['platform'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['platform'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+		$instance   = self::get_query_var( 'instance', 'sanitize_text_field', $user_agent );
+		$platform   = self::get_query_var( 'platform' );
 
 		// Check if instance key is valid.
 		if ( empty( $instance ) ) {
@@ -332,7 +333,7 @@ public static function activate_key( $serial_key ) {
 	 * @since 1.0.0
 	 */
 	public static function deactivate_key( $serial_key ) {
-		$instance = ! empty( $_REQUEST['instance'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['instance'] ) ) : ''; // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+		$instance = self::get_query_var( 'instance' );
 
 		// Check if instance key is valid.
 		if ( empty( $instance ) ) {
@@ -412,4 +413,24 @@ public static function check_version( $serial_key ) {
 			)
 		);
 	}
+
+	/**
+	 * Get query var.
+	 *
+	 * @param string $key Query var key.
+	 * @param string $sanitize Sanitize method.
+	 * @param mixed  $fallback Fallback value.
+	 *
+	 * @since 1.0.0
+	 * @return mixed
+	 */
+	public static function get_query_var( $key, $sanitize = 'sanitize_text_field', $fallback = null ) {
+		global $wp;
+
+		if ( isset( $wp->query_vars[ $key ] ) ) {
+			return call_user_func( $sanitize, wp_unslash( $wp->query_vars[ $key ] ) );
+		}
+
+		return $fallback;
+	}
 }
diff --git a/wc-serial-numbers.php b/wc-serial-numbers.php
@@ -3,7 +3,7 @@
  * Plugin Name: WC Serial Numbers
  * Plugin URI:  https://www.pluginever.com/plugins/wocommerce-serial-numbers-pro/
  * Description: Sell and manage license keys/ serial numbers/ secret keys easily within your WooCommerce store.
- * Version:     1.6.4
+ * Version: 1.6.5
  * Author:      PluginEver
  * Author URI:  http://pluginever.com
  * License:     GPLv2+