Plugin Support
qtwrk
(@qtwrk)
could you please ask them what is the nonce name they used ?
Thread Starter
Sn00z389
(@webmakers2011)
Hi it seems that the nonce name is this: wck_ajax_object._wck_ajax_nonce
Best Regards,
Plugin Support
qtwrk
(@qtwrk)
I don’t think people will usually put . inside of nonce name
could you please share the PHP code that generate it ?
it should be like wp_create_nonce or wp_nonce_field function
Thread Starter
Sn00z389
(@webmakers2011)
Well maybe it is only _wck_ajax_nonce
I think this is it:
'_wck_ajax_nonce' => wp_create_nonce(Ajax::NONCE),
Plugin Support
qtwrk
(@qtwrk)
eh ? looks like dynamic name ?
please try backtrace to what is the value of this Ajax::NONCE
Thread Starter
Sn00z389
(@webmakers2011)
Does this help:
public static function wckalkulator_calculate_price()
{
if (!wp_verify_nonce($_POST['_wck_ajax_nonce'], Ajax::NONCE) || !isset($_POST["_wck_product_id"]) || !isset($_POST["_wck_hash"])) {
wp_die('Bad request!');
}
if (wp_hash($_POST["_wck_product_id"]) !== $_POST["_wck_hash"]) {
wp_die('Bad hash!');
}
public static function enqueue_scripts()
{
$fieldset = FieldsetProduct::getInstance();
if ($fieldset->has_fieldset('current')/* && $fieldset->has_expression('current')*/) {
$fieldset->init();
$formula_parameters = $fieldset->set_additional_input_variables(true);
wp_enqueue_script(
'wck-ajax-script',
Plugin::url() . '/assets/js/wckalkulator.min.js',
['jquery'],
Plugin::VERSION
);
wp_add_inline_script(
'wck-ajax-script',
'var wck_ajax_object = ' . wp_json_encode(
array(
'ajax_url' => admin_url('admin-ajax.php'),
'_wck_ajax_nonce' => wp_create_nonce(Ajax::NONCE),
'_wck_has_expression' => $fieldset->has_expression('current') ? '1' : '0',
'_wck_i18n_required' => __('You should check at least one option.', 'wc-kalkulator'),
'_wck_i18n_maxfilesize' => __('This file is too big!', 'wc-kalkulator'),
'form' => Settings::get('form_css_selector'),
'_wck_visibility_rules' => $fieldset->visibility_rules(),
'_wck_additional_parameters' => ($formula_parameters)
)
) . ';'
);
$fieldset->js_api();
}
}
Thread Starter
Sn00z389
(@webmakers2011)
var data = 'action=wckalkulator_fieldset_post_type_toggle_publish' +
'&_wck_ajax_nonce=' + wck_ajax_fieldset._wck_ajax_nonce +
'&post_id=' + $(this).data("post-id");
function calculatePrice() {
if (shouldCalculatePrice) {
var data = $(_form).serialize().replace('add-to-cart', 'atc') + '&action=wckalkulator_calculate_price' + '&_wck_ajax_nonce=' + wck_ajax_object._wck_ajax_nonce;
$.each($(_form + " input[type=file].wck_imageupload:enabled"), function () {
data += "&" + $(this).attr("name") + "=" + (($(this)[0].files.length === 1) ? $(this)[0].files[0].size : 0);
});
$("form.cart [name^=wck]:disabled").each(function(){
data += "&" + $(this).attr("name") + "=0";
});
$.post(wck_ajax_object.ajax_url, data, function (response) {
if (response) {
$("#wckalkulator-price").html(response);
}
});
}
}
Plugin Support
qtwrk
(@qtwrk)
Ajax::NONCE
you may need to look into Ajax class of this plugin , and find the definition on NONCE constant
Thread Starter
Sn00z389
(@webmakers2011)
I am not very sure what am i looking for but can this be it:
class Ajax
{
public const NONCE = "wckalkulator-ajax-nonce";
Plugin Support
qtwrk
(@qtwrk)
yes, now please go to LiteSpeed Cache -> Cache -> ESI , enable ESI, add wckalkulator-ajax-nonce into ESI nonce list , save and purge all
Thread Starter
Sn00z389
(@webmakers2011)
Thank you! Done, now we will wait to see if it fix the issue 🙂
Plugin Support
qtwrk
(@qtwrk)
yes , let’s give it a day or two , see how thing goes
Hi, same problem here, but caching is executed by Kinsta and they can not do this:” yes, now please go to LiteSpeed Cache -> Cache -> ESI , enable ESI, add wckalkulator-ajax-nonce into ESI nonce list , save and purge all”
Is there a possibility to modificate the plugin?
