search

mailchimp / mc-woocommerce

MailChimp for Woocommerce Integration. Syncs all data (subscriber, customers, orders, products) and enables marketing automation with email campaigns, automations, ads, postcards and more.
https://wordpress.org/plugins/mailchimp-for-woocommerce/
GNU General Public License v2.0
82 stars 66 forks source link

Abandond Cart not working for Logged-In Users #238

Closed TimBHowe closed 6 years ago

TimBHowe commented 6 years ago

While working with the plugin we notice that we where receiving a 440 error for an unsafe URL when making the https://localhost.test/wp-admin/admin-ajax.php?action=mailchimp_set_user_by_email&email=test@test.com request to the admin-ajax.php URL.

This issue appears to only happen when users are logged in to the site regardless of role. We tested as an admin and customer.

It looks like the plugin calls the This issue appears the when it calls the add_action('wp_ajax_nopriv_mailchimp_set_user_by_email', $service, 'set_user_by_email'); in the /includes/class-mailchimp-woocommerce.php you have the wp_ajaxnopriv{$_REQUEST['action']} for firing non-authenticated Ajax actions for logged-out users but you don't have the wpajax{$_REQUEST['action']} for authenticated Ajax actions for logged-in users.

We would suggest just adding the [wpajax{$_REQUEST['action']}] action for the function. We have tested this locally and it should work.

Below is the status report. Please let me know if this will be patched or if you need any additional information.

Thanks Tim

WooCommcer Status Report

WordPress Environment

Home URL: https://localhost.test Site URL: https://localhost.test WC Version: 3.3.5 Log Directory Writable: ✔ WP Version: 4.9.5 WP Multisite: – WP Memory Limit: 256 MB WP Debug Mode: ✔ WP Cron: ✔ Language: en_US

Server Environment

Server Info: Apache/2.4.33 (Unix) OpenSSL/1.1.0h PHP/7.2.5 PHP Version: 7.2.5 PHP Post Max Size: 8 MB PHP Time Limit: 30 PHP Max Input Vars: 1000 cURL Version: 7.59.0 OpenSSL/1.1.0h

SUHOSIN Installed: – Max Upload Size: 2 MB Default Timezone is UTC: ✔ fsockopen/cURL: ✔ SoapClient: ❌ Your server does not have the SoapClient class enabled - some gateway plugins which use SOAP may not work as expected. DOMDocument: ✔ GZip: ✔ Multibyte String: ✔ Remote Post: ✔ Remote Get: ✔

Database

WC Database Version: 3.3.5 WC Database Prefix: localhost_ MaxMind GeoIP Database: ✔ Total Database Size: 1830.75MB Database Data Size: 1046.37MB Database Index Size: 784.38MB localhost_woocommerce_sessions: Data: 5.33MB + Index: 0.08MB localhost_woocommerce_api_keys: Data: 0.02MB + Index: 0.03MB localhost_woocommerce_attribute_taxonomies: Data: 0.02MB + Index: 0.02MB localhost_woocommerce_downloadable_product_permissions: Data: 0.02MB + Index: 0.05MB localhost_woocommerce_order_items: Data: 8.52MB + Index: 3.52MB localhost_woocommerce_order_itemmeta: Data: 149.61MB + Index: 51.16MB localhost_woocommerce_tax_rates: Data: 0.02MB + Index: 0.06MB localhost_woocommerce_tax_rate_locations: Data: 0.02MB + Index: 0.03MB localhost_woocommerce_shipping_zones: Data: 0.02MB + Index: 0.00MB localhost_woocommerce_shipping_zone_locations: Data: 0.02MB + Index: 0.03MB localhost_woocommerce_shipping_zone_methods: Data: 0.02MB + Index: 0.00MB localhost_woocommerce_payment_tokens: Data: 0.02MB + Index: 0.02MB localhost_woocommerce_payment_tokenmeta: Data: 0.02MB + Index: 0.03MB localhost_woocommerce_log: Data: 0.02MB + Index: 0.02MB customers: Data: 11.89MB + Index: 1.49MB errors: Data: 0.13MB + Index: 0.01MB questions: Data: 2.65MB + Index: 1.06MB localhost_aiowps_events: Data: 0.00MB + Index: 0.00MB localhost_aiowps_failed_logins: Data: 0.08MB + Index: 0.03MB localhost_aiowps_global_meta: Data: 0.00MB + Index: 0.00MB localhost_aiowps_login_activity: Data: 0.02MB + Index: 0.01MB localhost_aiowps_login_lockdown: Data: 0.01MB + Index: 0.00MB localhost_aiowps_permanent_block: Data: 0.00MB + Index: 0.00MB localhost_cf7dbplugin_st: Data: 3.52MB + Index: 0.00MB localhost_cf7dbplugin_submits: Data: 95.63MB + Index: 0.00MB localhost_commentmeta: Data: 0.13MB + Index: 0.14MB localhost_comments: Data: 44.58MB + Index: 35.09MB localhost_conversio_carts: Data: 28.61MB + Index: 2.52MB localhost_crosspeak_pending_updates: Data: 0.02MB + Index: 0.00MB localhost_failed_jobs: Data: 0.02MB + Index: 0.00MB localhost_gf_addon_feed: Data: 0.02MB + Index: 0.02MB localhost_helpful: Data: 0.06MB + Index: 0.00MB localhost_links: Data: 0.00MB + Index: 0.00MB localhost_mailchimp_carts: Data: 3.52MB + Index: 0.00MB localhost_options: Data: 2.19MB + Index: 0.13MB localhost_phppc_functions: Data: 0.00MB + Index: 0.00MB localhost_postmeta: Data: 340.92MB + Index: 280.84MB localhost_posts: Data: 16.42MB + Index: 11.06MB localhost_queue: Data: 0.02MB + Index: 0.00MB localhost_redirection_404: Data: 1.17MB + Index: 1.70MB localhost_redirection_groups: Data: 0.02MB + Index: 0.03MB localhost_redirection_items: Data: 0.02MB + Index: 0.08MB localhost_redirection_logs: Data: 0.02MB + Index: 0.08MB localhost_rg_form: Data: 0.02MB + Index: 0.00MB localhost_rg_form_meta: Data: 0.03MB + Index: 0.00MB localhost_rg_form_view: Data: 0.06MB + Index: 0.03MB localhost_rg_incomplete_submissions: Data: 0.02MB + Index: 0.02MB localhost_rg_lead: Data: 25.56MB + Index: 4.03MB localhost_rg_lead_detail: Data: 24.56MB + Index: 45.14MB localhost_rg_lead_detail_long: Data: 0.02MB + Index: 0.00MB localhost_rg_lead_meta: Data: 7.52MB + Index: 9.55MB localhost_rg_lead_notes: Data: 0.08MB + Index: 0.03MB localhost_smush_dir_images: Data: 0.02MB + Index: 0.03MB localhost_stream: Data: 48.59MB + Index: 57.13MB localhost_stream_meta: Data: 131.67MB + Index: 183.97MB localhost_termmeta: Data: 0.02MB + Index: 0.03MB localhost_terms: Data: 0.02MB + Index: 0.03MB localhost_term_relationships: Data: 0.02MB + Index: 0.02MB localhost_term_taxonomy: Data: 0.02MB + Index: 0.03MB localhost_usermeta: Data: 86.63MB + Index: 90.31MB localhost_users: Data: 4.52MB + Index: 4.55MB localhost_wc_deposits_payment_plans: Data: 0.02MB + Index: 0.00MB localhost_wc_deposits_payment_plans_schedule: Data: 0.02MB + Index: 0.02MB localhost_wc_download_log: Data: 0.02MB + Index: 0.03MB localhost_wc_warranty_products: Data: 0.02MB + Index: 0.05MB localhost_wc_webhooks: Data: 0.02MB + Index: 0.02MB localhost_wpmm_subscribers: Data: 0.00MB + Index: 0.00MB localhost_yoast_seo_links: Data: 0.02MB + Index: 0.02MB localhost_yoast_seo_meta: Data: 1.52MB + Index: 0.00MB

Post Type Counts

attachment: 187 faq: 15 ibx_wpfomo: 1 image_grid: 7 landing: 34 nav_menu_item: 16 omapi: 1 page: 26 payment_retry: 2175 post: 42 product: 8 product_variation: 2 revision: 527 scheduled-action: 1281 shop_coupon: 44 shop_order: 36529 shop_order_refund: 2 shop_subscription: 12149 warranty_request: 25 wpcf7_contact_form: 2

Security

Secure connection (HTTPS): ✔ Hide errors from visitors: ❌Error messages should not be shown to visitors.

Active Plugins (48)

Akismet Anti-Spam: by Automattic – 4.0.3 bMighty2 Slider, Carousel and Grid: by James Dvorak – 2.0.6 CLI Wrapper: by YOUR NAME HERE – 0.1.0 Contact Form DB: by Michael Simpson – 2.10.26 Contact Form 7: by Takayuki Miyoshi – 5.0.1 Conversio for WooCommerce Hall Fork: by Receiptful – 1.3.6 – Not tested with the active version of WooCommerce Crazy Egg: by Crazy Egg – 2.1 CrossPeak OMS for WooCommerce: by CrossPeak OMS – 1.4.0 – Not tested with the active version of WooCommerce Google Tag Manager for Wordpress: by Thomas Geiger – 1.7.2 Featured Video Plus: by Alexander Höreth – 2.3.3 GeoIP Detection: by Yellow Tree (Benjamin Pick) – 2.8.2 Google XML Sitemaps: by Arne Brachhold – 4.0.9 Gravity Forms: by rocketgenius – 2.2.6.5 Gravity Forms MailChimp Add-On: by rocketgenius – 4.3 MailChimp Checker: by Hall Internet Marketing – 1.2.0 MailChimp for WooCommerce: by MailChimp – 2.1.5 – Not tested with the active version of WooCommerce OptinMonster API: by OptinMonster Team – 1.3.5 PHP Code Widget: by Otto – 2.3 Redirection: by John Godley – 3.2 Regenerate Thumbnails: by Alex Mills (Viper007Bond) – 3.0.2 RX Form: by Hall Internet Marketing – 1.5.0 Simple Custom Post Order: by Colorlib – 2.3.2 Stream: by XWP – 3.2.3 User Switching: by John Blackbourn – 1.3.0 WC Variations Radio Buttons: by 8manos – 2.0.1 – Not tested with the active version of WooCommerce Widget Context: by Kaspars Dambis – 1.0.6 Woo Preview Emails: by Digamber Pradhan – 1.4.0 WooCommerce Custom: by Hall Internet Marketing – 1.0.0 – Not tested with the active version of WooCommerce WooCommerce Customer/Order CSV Export: by SkyVerge – 4.4.4 – 4.4.5 is available WooCommerce Deposits: by Automattic – 1.4.0 WooCommerce Authorize.Net CIM Gateway: by SkyVerge – 2.10.0 WooCommerce Max Quantity: by Isabel Castillo – 1.5.1 – Not tested with the active version of WooCommerce WooCommerce Pixeleze Integration: by Hall Internet Marketing – 1.0.0 – Not tested with the active version of WooCommerce WooCommerce SteelHouse Integration: by Hall Internet Marketing – 1.0.0 – Not tested with the active version of WooCommerce WooCommerce Subscribe All the Things: by Prospress Inc. – 2.1.0-beta.1 WooCommerce Subscriptions: by Prospress Inc. – 2.2.19 WooCommerce URL Coupons: by SkyVerge – 2.6.1 WooCommerce Warranty Requests: by WooCommerce – 1.8.11 WooCommerce: by Automattic – 3.3.5 Yoast SEO: by Team Yoast – 7.3 WP Maintenance Mode: by Designmodo – 2.1.2 WP Smush Pro: by WPMU DEV – 2.7.8 WPfomify - WooCommerce Add-on: by IdeaBox Creations – 1.0.1 – Not tested with the active version of WooCommerce WPfomify: by IdeaBox Creations – 1.2 WPMU DEV Dashboard: by WPMU DEV – 4.5.1

Settings

API Enabled: ✔ Force SSL: – Currency: USD ($) Currency Position: left Thousand Separator: , Decimal Separator: . Number of Decimals: 2 Taxonomies: Product Types: external (external) grouped (grouped) simple (simple) subscription (subscription) variable (variable) variable subscription (variable-subscription)

Taxonomies: Product Visibility: exclude-from-catalog (exclude-from-catalog) exclude-from-search (exclude-from-search) featured (featured) outofstock (outofstock) rated-1 (rated-1) rated-2 (rated-2) rated-3 (rated-3) rated-4 (rated-4) rated-5 (rated-5)

WC Pages

Shop base: #972 - /shop/ Cart: #973 - /cart/ Checkout: #974 - /checkout/ My account: #975 - /my-account/ Terms and conditions: #406 - /terms/

Theme

Name: bMighty2 Version: 1.0.0 Author URL: http://bMighty2.com Child Theme: ❌ – If you are modifying WooCommerce on a parent theme that you did not build personally we recommend using a child theme. See: How to create a child theme WooCommerce Support: ✔

Templates

Overrides: bmighty2/woocommerce/myaccount/view-order.php

subscriptions

WCS_DEBUG: ✔ No Subscriptions Mode: ❌ Staging Subscriptions Template Theme Overrides: bmighty2/woocommerce/checkout/recurring-totals.php version 2.0 is out of date. The core version is 2.0.0

                    Learn how to update

Report Cache Enabled: ✔ Yes Cache Update Failures: ✔ 0 failure

Customer/Order CSV Export

Order Export Format: custom Customer Export Format: import Automatically Export Orders: email Export Trigger: schedule Export Start Time: 1:00am Export Interval: 1440 Next Export: Scheduled on May 17 2018 2:00 am

Order Statuses: Product Categories: Products: Automatically Export Customers: disabled

Authorize.Net CIM

Environment: Production Tokenization Enabled: Debug Mode: Off Webhooks Enabled: ❌ No signature key configured

ryanhungate commented 6 years ago

@TimBHowe thanks for the report - we'll look into this in our next release cycle and report back.

khungate-zz commented 6 years ago

Patched in 2.1.8 #246