prestashopcorp / brinkscheckout Goto Github PK
View Code? Open in Web Editor NEW2Checkout Payment API
brinkscheckout's People
Contributors
Stargazers
Watchers
brinkscheckout's Issues
Subcription on settings page
When I reach the module settings page, I see that the subscription part take a lot of space.
The merchant has two options to subscribe:
- Click on the "Start selling now" button at the top of the page
- Fill the integrated form
- Click on the "Sign up" button
I wonder if the form is really useful if the merchant can also fill it on your website. We currently need to scroll a lot to reach the setup form
Order confirmation message
When a customer complete an order, it would be good to show a few information on the order confirmation page.
In example, the order reference and the price.
Security review
XSS (low severity)
views/templates/hook/1.6/payment_return.tpl:32 $reference
views/templates/hook/1.5/payment_return.tpl:32 $reference
views/templates/hook/1.6/payment_execution.tpl:44;45 $twocheckout_sid $twocheckout_public_key
views/templates/hook/1.5/payment_execution.tpl:44;45 $twocheckout_sid $twocheckout_public_key
lib/Twocheckout/TwocheckoutCharge.php
:18 $type
:29 $key $value
:42 $type
brinkscheckout.php comments
- The variable
$$post_errorsseems to be unused - A bug has been discovered on different version of PS 1.5 with the ps_version_compliancy. Please comment it.
- function initConfigVars():
$this->public,$this->private,$this->sandboxseem to be not used in the whole file.$this->sandboxcan be overwritten twice with unrelated data
- function install():
- The value returned from
parent::install()should be checked before proceeding to the hooks registration.
- The value returned from
- function installDb():
- You can directly return Db::getInstance()->Execute(...)
- function processPayment():
- You should check with Validate::isLoadedObject() if addresses, customer and order are properly instanciated
- l.488: You can check directly
if (!empty($twocheckout_info[...])
Missing checks on hooks
During the tests, I did not have the Admin API Password. I am currently unable to complete the module setup.
But I tried anyway to create an order by paying with Brink's, which completed but with an error status.
It seems that you do not have enough checks on the different hooks. You should verify if the module is active and if the setup complete.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.