Closed ndeet closed 5 years ago
NicolasDorier
commented
6 years ago Thanks for trying this. This is awesome. We should probably make a separate branch which comply with woocommerce guideline while keeping our current master working correctly.
I am a bit busy these days so I won't be able to concentrate on this, but I can easily test.
Eskyee
commented
6 years ago The WP Plugin admin team:
they did not mention replace all mentions of BitPay,
I think thats not whats stopping our listing.
they care more about Please sanitize, escape, and validate your POST calls in the PHP,
need some PHP expert on this to check the code.
as for the Read Me, that part I understand, and will post tonight here what I think it should look like to pass validation. happy to help out anyway possible to get this on the WP plugin listing. ASAP
Eskyee
commented
6 years ago https://wordpress.org/plugins/
I done a check to the Wordpress readme To validate , a few weeks ago. I add here. ps all Contributors need a Wordpress plugin users account to be included, to Contributors list.
And most url links changed will point to new locations. as needed. btcpayserver support email needed for Wordpress plugin. ??? or we can just point to Slack BTCPay Support
its a quick rough, to see what was needed.
WordPress Plugin readme.txt Validator Warnings:
1 BTCPay needs a Wordpress User Account to be included in Contributors. 2 Upgrade notice to be included, this upgrade has to come from the Wordpress plugin directory 3 donate link needed for btcpay server
The Readme code looks like this:
=== btcpay-for-woocommerce === Contributors: btcpay esky33 namehere namehere Tags: bitcoin, payments, btcpay, cryptocurrency, payment Requires at least: 4.3.1 Tested up to: 4.9.5 Requires PHP: 5.5 Stable tag: 2.2.24 License: MIT License (MIT) License URI: https://opensource.org/licenses/MIT
btcpay allows you to accept bitcoin payments on your WooCommerce store.
== Description ==
Use btcpay's plugin to accept Bitcoin payments from customers anywhere on earth.
Key features:
= Installation = This plugin requires Woocommerce. Please make sure you have Woocommerce installed.
= Connecting btcpay and Woocommerce = After you have installed the btcpay plugin, you can configure the plugin:
Pairing codes need to be used once and are only valid for 24 hours. If a code expires before you get to use it, you can always create a new one and pair with it.
Nice work! Your customers will now be able to check out with bitcoin on your WordPress site.
== Frequently Asked Questions ==
= How do I pay a btcpay invoice? = You can pay a btcpay invoice with a Bitcoin wallet. You can either scan the QR code or copy/paste the payment link in your Bitcoin wallet.
More information about paying a btcpay invoice can be found here.
= Does btcpay have a test environment? = btcpay allows you to create a test merchant account and a testnet Bitcoin wallet.
More information about the test environment can be found here.
= The btcpay plugin does not work = If btcpay invoices are not created, please check the following:
= I need support from btcpay = When contacting btcpay support, please describe your issue and attach screenshots and the btcpay logs.
btcpay logs can be retrieved in your Wordpress / Woocommerce environment:
You can email your issue report to support@btcpay.com
== Upgrade Notice ==
== Changelog ==
= 2.2.24 =
= 2.2.23 =
= 2.2.21 =
= 2.2.20 =
= 2.2.19 =
= 2.2.18 =
= 2.2.17 =
= 2.2.16 =
= 2.2.15 =
= 2.2.14 =
= 2.2.13 =
= Step-by-step guide with screenshots =
Having trouble setting it up? Check out the visual guide for installing the Bitcoin Payment Extension on a clean version of WooCommerce on our blog: https://github.com/btcpayserver/woocommerce-plugin
Plugin not working? Most common plugin issues ?? all links for plugs need to be download from Wordpress
== Screenshots ==
Kukks
commented
5 years ago @NicolasDorier Can you create a branch in here for the wp-plugin specific version?
Kukks
commented
5 years ago Do we want to update both github plugin and wordpress plugin repo version to replace all mentions of bitpay? One big issue I see is if someone tries to replace an existing installation with the new version. There are major breaking changes to be made and will only be viable for fresh installations
Just from a quick glance in the plugin:
woocommerce_bitpay conflicts with original bitpay plugin for surewoocommerce_update_options_payment_gateways_bitpayNicolasDorier
commented
5 years ago @Kukks no need of separate branch.
NicolasDorier
commented
5 years ago It might hurt to migrate but we can provide a step by step tutorial.
Esky33 tried to submit this fork to the official Wordpress plugin directory but they posponed the addition because of some violations of their guidelines. For reference see the thread here: https://forkbitpay.slack.com/archives/C6PSCRFAM/p1530048285000716
Summarized the following need to be fixed (detailed feedback at the bottom):
$_POSTI suggested the following additional changes here: To put a BTCPay version of the plugin into WP directory I see the following things todo:
Customnetclass to avoid maintaining another fork for nowFull feedback from WP team:
Thank you for uploading BTCPay for WooCommerce to the WordPress Plugin Directory. We will review your submission as soon as possible and send you a follow up email with the results.
Your plugin has been given the initial slug of btcpay-for-woocommerce, however this is subject to change based on the results of your review.
If there is a problem with this submission, such as an incorrect display name or slug, please reply to this email and let us know. In most cases, we can correct errors as long as the plugin has not yet been approved. Please do not submit your plugin multiple times in an attempt to correct the issue, just email us.
Remember to read the developer guidelines: https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/
Please make sure to follow our official blog: https://make.wordpress.org/plugins/
There are issues with your plugin code.
Please read this ENTIRE email, address all listed issues, and reply to this email with your corrected code attached (or linked). It is required for you to read and reply to these emails, and failure to do so will result in significant delays with your plugin being accepted.
Remember in addition to code quality, security and functionality, we require all plugins adhere to our guidelines. If you have not yet, please read them:
You will not be able to submit another plugin while this one is being reviewed, so please read the email carefully. We know it can be long, but you must follow the directions at the end as not doing so will result in your review being delayed. (bearbeitet)
Including your own update checker
Please remove the checks you have in your plugin to provide for updates from Github.
We do not permit plugins to phone home to other servers for updates, as we are providing that service for you with WordPress.org hosting. One of our guidelines is that you actually use our hosting, so we need you to remove that code.
Please sanitize, escape, and validate your POST calls
When you include POST/GET/REQUEST/FILE calls in your plugin, it's important to sanitize, validate, and escape them. The goal here is to prevent a user from accidentally sending trash data through the system, as well as protecting them from potential security issues.
SANITIZE: Data that is input (either by a user or automatically) must be sanitized. This lessens the possibility of XSS vulnerabilities and MITM attacks where posted data is subverted.
VALIDATE: All data should be validated as much as possible. Even when you sanitize, remember that you don’t want someone putting in ‘dog’ when the only valid values are numbers.
ESCAPE: Data that is output must be escaped properly, so it can't hijack admin screens. There are many esc_*() functions you can use to make sure you don't show people the wrong data.
To help you with this, WordPress comes with a number of sanitization and escaping functions. You can read about those here: https://developer.wordpress.org/plugins/security/securing-input/
Remember: You must use the MOST appropriate functions for the context. If you’re sanitizing email, use sanitize_email(), if you’re outputting HTML, use esc_html(), and so on.
Clean everything, check everything, escape everything, and never trust the users to always have input sane data.
Some examples from your plugin:
and
You want to use esc_url() or esc_url_raw() there - it's more robust.
Incomplete Readme
Plugins that send data to other servers, call js from other servers, and/or require passwords and APIs to function are required to have a full and complete Readme so we can make sure you're providing the users with all the information they need before they install your plugin. Our goal with this is to make sure everyone knows what they're installing and what they need to do before they install it. No surprises.
This is especially important if your plugin is making calls back to your own servers. For the most part, we do not permit offloading of images or code, however in the case where you are providing a service (like Disqus or Akismet or Twitter), we permit it. The catch is you have to actually explain this to the layman in your read me, so they know where data is going.
Your read me MUST validate per http://wordpress.org/plugins/about/validator/ or we will reject it. Keep in mind, we don't want to see a readme.MD. Among other things, the formatting for markup is different, and the filetype isn't read by our system. (And if you're thinking "Hey, I did submit a read me!" then it's likely we felt it wasn't informative enough.)
Please create your readme one based on this: https://wordpress.org/plugins/readme.txt
Please send a link so the completed plugin can be downloaded. Alternately you can reply to this and send a .zip file. Note: We would like you to send the whole plugin, not just the read me, as we will re-review your entire code as a whole.