I've been using the open source AbanteCart E-Commerce for selling productus and was wondering if someone knew there was a way to redirect the template for use of a mobile template instead.
i guess the easiest way is hook of all controllers and adding new variable into request (sf) which contains template_text_id... plus using cookie about template mode(desktop or mobile).
/**
* redirect to mobile template if we load page in mobile device
**/
public function onAHook_InitEnd() {
if ( $this->_processHooks() ) return;
$device = $this->baseObject->request->getDeviceType();
if ( !empty($device) && empty( $this->baseObject->request->cookie['abantecart_mobile_redirect'] ) ) {
//set flag that redirect was done
setcookie("abantecart_mobile_redirect", "1", time() + 3600*24);
//set template to mobile
$url = $this->baseObject->html->removeQueryVar($_SERVER['REQUEST_URI'], 'sf');
$url .= '&sf=your_mobile_template_text_id';
header ( 'Location: '. $url );
}
}
private function _processHooks(){
return $this->registry->get('config')->get('config_storefront_template') == 'your_mobile_template_text_id';
}
That variable (sf) processed by engine in core/init.php file and switch desktop template to mobile.
Related
I am building a bilingual website using WordPress and WPML(the translation plugin WPML), also to handle login and registration I used Theme my login, however since it's not compatible with WPML, I had to find an alternative (tried clean-login ) but still no luck.
The problem I faced with theme my login; it's not supporting templates for both languages only the English part (the other language is Arabic), while using clean-login you can't modify it's templates (while I needed to add some fields to user registration).
Finally I followed the tutorial in this link to build my own login and registration plugin, the problem I'm facing now is that each time a login is made, I'm being redirected to the user profile (which is the correct behavior) but instead of keeping the same language from the login page, it redirects to the user profile with the default language although I was trying to login from the Arabic login page.
I tried several fixes for the language redirection problem; like trying to modify the locale using wp locale filter through a custom function, or by using a conditional on the $_GET['lang'], unfortunately nothing worked.
An example for the various solutions I tried using the $_GET['lang'] parameter;
setting a public variable ($site_lang) in the custom plugin class:
public $site_lang;
public function __construct() {
global $sitepress;
$current_lang = $sitepress->get_current_language();
if ( isset($_GET['lang']) && $_GET['lang'] == 'ar'){
$this->site_lang = 'ar';
}else{
$this->site_lang = 'en_US';
}
}
Another variation using session through the plugin WP_SESSION
global $sitepress;
$current_lang = $sitepress->get_current_language();
$wp_session = WP_Session::get_instance();
$wp_session['act_lang'] = 'ar';
if (!isset($_GET['lang'])){
$wp_session['act_lang'] = 'en';
}else{
$wp_session['act_lang'] = 'ar';
}
$this->site_lang = $wp_session['act_lang'];
and the redirect on registration error function, which is one of many functions that deals with redirect, I'm putting it here as an example on how I'm using the public variable for redirection
public function maybe_redirect_at_authenticate( $user, $username, $password ) {
if( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
$login_url = ($this->site_lang == 'ar') ? site_url( 'تسجيل-الدخول/?lang=ar' )
: home_url( 'member-login' );
$login_url = add_query_arg( array('login' => $error_codes), $login_url );
wp_redirect( $login_url );
}
}
If anyone has a solution on how to keep the language the same after redirection, I really do appreciate the help.
I'm working on a front-end app which ties into wordpress API which sits on a seperate domain.
I'm wanting to retrieve a post draft so when the user clicks "Preview Post" in the wordpress admin panel, it opens my app with the correct content.
I'm loading some Javascript into the WP Admin so I can amend all "Preview Post" links in the admin panel with a wp_nonce token for authentication purposes. This is done using the below snippet, which tweaks the preview post link into for example: http://example.com/blog?p=127&preview=true&auth=16045802ee
function admin_inline_js(){
// Grab URL
echo '
<script>
document.addEventListener("DOMContentLoaded", function() {
// Grab all preview anchors
var anchors = document.querySelectorAll("a[href*=\'preview=true\']"), i;
// Loop through and amend to remove the trailing slash, as WP doesnt provide any easy method to achieve this.
for(i = 0; i < anchors.length; i++) {
anchors[i].href = anchors[i].href.replace("blog/", "blog") + \'&auth=' . wp_create_nonce('wp_rest') .'\';
}
});
</script>
';
}
add_action( 'admin_print_scripts', 'admin_inline_js' );
At http://example.com/blog?p=127&preview=true&auth=16045802ee, the auth parameter is then used to post a request back to wordpress to retrieve the draft with an ID of 127, with a nonce token of 16045802ee. However this isn't working, and I'm getting this response:
object(stdClass)#459 (3) { ["code"]=> string(25) "rest_cookie_invalid_nonce" ["message"]=> string(23) "Cookie nonce is invalid" ["data"]=> object(stdClass)#532 (1) { ["status"]=> int(403) } }
Can anybody spot what I'm doing wrong here? :/
Thanks.
There are two issues you are facing:
A Wordpress "nonce" is a tool that is only intended to protect against CSRF tokens. Really useful when writing plugins for the admin panel, but not useful for authenticating against the API.
Passing authentication details over the API is blocked by the default-prescribed .htaccess file.
You need to pass authentication details over the API in order to receive the responses containing the protected data. For simplicity, I recommend using HTTP Basic Auth to get it working first, optionally enhancing your code with more secure authentication methods such as OAuth in the future.
I recommend creating a new user specifically for API usage, rather than passing admin details around in text files on your server.
Once you have your user created, you can request the draft post using simple cURL in PHP as follows:
$apiUsername = "apiuser";
$apiPassword = "sup3r-s3cr3t-p455w0rd";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://example.com/wp-json/wp/v2/posts/127");
curl_setopt($ch, CURLOPT_USERPWD, "$apiUsername:$apiPassword");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$json = curl_exec($ch);
$postObject = json_decode($json);
This will set request header containing the username and password, and as long as nothing interferes with this header before it gets to Wordpress, you will receive your post details in $postObject and you can stop reading here. You're done.
However, for a bit of extra fun, the Wordpress-prescribed default .htaccess file drops HTTP headers, so if you're using that you'll need to fix it yourself. Basically, the Wordpress scripts need to see PHP_AUTH_USER and PHP_AUTH_PW keys within the $_SERVER variable for this to work.
A quick fix is to include the following rule as the first RewriteRule in .htaccess:
RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
which will split the headers into variables prefixed with "REMOTE_USER", and the following PHP can be used to populate the expected fields back again (perhaps this can go in index.php).
$userPass = $_SERVER["REDIRECT_REMOTE_USER"];
if(!empty($userPass)
&& strstr($userPass, "Basic")) {
$userPass = substr($userPass, strpos($userPass, " ") + 1);
$userPass = base64_decode($userPass);
$userPass = explode(":", $userPass);
$_SERVER['PHP_AUTH_USER'] = $userPass[0];
$_SERVER['PHP_AUTH_PW'] = $userPass[1];
}
I debbuged the code and think that the cookie is corrupted.
In the code snippet below, we can see.
// Check the nonce.
$result = wp_verify_nonce( $nonce, 'wp_rest' );
if ( ! $result ) {
return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie nonce is invalid' ), array( 'status' => 403 ) );
}
For me, this issue has solved when I clear browser cookies for my domain.
I found this Error [{"code":"json_cookie_invalid_nonce","message":"Cookie nonce is invalid"}]
after I install WP POS , When the POS page opening time ERROR "forbidden"
after expand the error
I get this message [{"code":"json_cookie_invalid_nonce","message":"Cookie nonce is invalid"}]
After little while I found solution. I deactivate newly installed plugins one by one , the i found problem in "Yoast SEO" plugin after deactivation it is POS plugins working fine , then again I activate Yoast SEO plugin no problem it is working fine
You need to add the permission "promote_users" to the POS role. I used "User Role Editor" plugin to do this but you can also add the following to your functions.php:
$pos_role = get_role( 'pos' ); // Or whatever role you want to add it to
$pos_role->add_cap( 'promote_users' );
Something that happened to me and can be useful: assuming that you are properly passing the auth details to API, this error can be triggered if you create the nonce with a not logged user, login in, and checking it after, and that's explained because the nonce is created using user ID.
From file: wp-includes/pluggable.php
function wp_create_nonce( $action = -1 ) {
$user = wp_get_current_user();
$uid = (int) $user->ID;
if ( ! $uid ) {
/** This filter is documented in wp-includes/pluggable.php */
$uid = apply_filters( 'nonce_user_logged_out', $uid, $action );
}
$token = wp_get_session_token();
$i = wp_nonce_tick();
return substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce' ), -12, 10 );
}
I am trying to add a custom URL structure to a WordPress based website.
for example:
example.com/machines //list all machines in a table
example.com/machines?some=params //list filtered machines in a table
example.com/machines/1 //show single machine
The data will come from an external api i have already developed, via curl.
I cannot import the data into a custom post type as it is normalized over many tables, the business logic is complicated and the api is used by other devices anyway.
I have looked at the docs for add_rewrite_rule, but the second parameter has me stumped:
$redirect
(string) (required) The URL you would like to actually fetch
Well I don't have a url to fetch, I want to run a function, that will act as a simple router - take the url parts, call the external api and return a template with the correct data.
Calling the API will be simple, but how i actually route the url to the function, and how I then load a template (utilizing existing WordPress header.php and footer.php) has me stumped.
After much googling and reading a few good resources, I have found the solution.
Step 1: Use add_rewrite_endpoint to create a base url that will be mapped to a query variable:
add_action( 'init', function(){
add_rewrite_endpoint( 'machines', EP_ROOT );
} );
Step 2: Visit the permalinks settings page and click "Save Changes" to flush the rewrite rules.
Step 3: Hook into the action 'template_redirect' to actually do something when the url is hit:
add_action( 'template_redirect', function() {
if ( $machinesUrl = get_query_var( 'machines' ) ) {
// var_dump($machinesUrl, $_GET);
// $machinesURl contains the url part after example.com/machines
// e.g. if url is example.com/machines/some/thing/else
// then $machinesUrl == 'some/thing/else'
// and params can be retrieved via $_GET
// after parsing url and calling api, it's just a matter of loading a template:
locate_template( 'singe-machine.php', TRUE, TRUE );
// then stop processing
die();
}
});
Step 4: The only other thing to do is handle a hit to a url with no further parts to it e.g. example.com/machines.
It turns out that at some point within WordPress's guts, the empty string gets evaluated to false and thus skipped, so the final step is to hook into the filter 'request' and set a default value:
add_filter( 'request', function( $vars = [] ) {
if ( isset( $vars['machines'] ) && empty( $vars['machines'] ) ) {
$vars['machines'] = 'default';
}
return $vars;
});
This can easily be improved by wrapping it all in a class(es).
The url parsing and template loading logic can be passed to a basic router, even a rudimentary MVC setup, loading routes from a file etc, but the above is the starting point.
A simplier solution is to just create a new template redirect.
So assuming you loading example.com/custom-url
/**
* Process the requests that comes to custom url.
*/
function process_request() {
// Check if we're on the correct url
global $wp;
$current_slug = add_query_arg( array(), $wp->request );
if($current_slug !== 'custom-url') {
return false;
}
// Check if it's a valid request.
$nonce = filter_input(INPUT_GET, '_wpnonce', FILTER_SANITIZE_STRING);
if ( ! wp_verify_nonce( $nonce, 'NONCE_KEY')) {
die( __( 'Security check', 'textdomain' ) );
}
// Do your stuff here
//
die('Process completed' );
}
add_action( 'template_redirect', 'process_request', 0);
I am studying how to make a plugin for wordpress, I could make a plugin that adds shortcodes to place on my page and it generates the form.
function mf_container($atts, $content = null) {
$content = do_shortcode($content);
$content = str_replace("<br />","",$content);
$content = str_replace("<p>","",$content);
$content = str_replace("</p>","",$content);
return
"<form action='".plugin_dir_url( __FILE__ )."mult-form-submit.php' method='POST'>" . $content . "</form>";
}
add_shortcode('mult_form','mf_container');
Now precisso make this form is saved in the bank related to the logged in User.
The way that the code above when I click submit it redirects me to a page to "multi-form-submit.php". However when I get on that page I have the following code in it:
<?php if ( ! defined( 'ABSPATH' ) ) die("Not permited");
global $wpdb, $current_user;
$current_user = wp_get_current_user();
however she has not returned since this more in the context of worpress, anyone can do it?
I managed to find a reference that has a light and after many attempts found how to do. That was the reference: link
I am using a plugin structure generated by WORDPRESS PLUGIN BOILERPLATE GENERATOR
In it you should put what started in public view within the function: define_public_hooks(). In this role I had a stretch that was checked that enabled the option to use my plugin:
/** Set build form by shorcodes*/
if($this->get_option('mult_form')){
$this->loader->add_action('init', $plugin_public, 'mult_form');
}
this section redirects me to a function of a class that controls all my public actions:
public function mult_form(){
if(isset ( $_REQUEST['action']) and $_REQUEST['action'] == 'mult_form_submited'){
$this->mult_form_submit();
}
$this->mult_form_shortcode();
}
call it two private functions, where do some treatments that will not show the code, and if all goes well, make a include_once('partials / my_file.php');, ed a flame a different file of course, being first where do all the treatments to generate the shortcode and the second where I will put all my treatments submission form.
Is it possible using php, for a user to click on a english/french toggle button, that would then read the current url, and match it to the french version of the page?
Thank you for your time.
When the users clicks the button, populate a session variable with the selected language:
session_start();
$_SESSION['language'] = 'FR'; // Or 'EN', etc
Then use templates to store your language-specific information. When you load the template, include the language code
// Load a template
Template::load( '<page_name>', $_SESSION['language'] );
// Where the `load()` method looks something like this:
public function load( $page_name, $language ) {
// Construct the path to the template
$file_handle = fopen( PATH_TO_TEMPLATES . $language . "/" . $page_name );
// Do something with the template here.
}