search

woocommerce / woocommerce-gateway-stripe

The official Stripe Payment Gateway for WooCommerce
https://wordpress.org/plugins/woocommerce-gateway-stripe/
228 stars 201 forks source link

Express Checkout: amount displayed does not match charged amount #2304

Open jonas-hoebenreich opened 2 years ago

jonas-hoebenreich commented 2 years ago

Describe the bug I am currently trying to make a plugin of mine (https://wordpress.org/plugins/wc-donation-platform/) compatible with Stripe Express Checkout. In the process, I've stumbled across an issue that is causing an incorrect amount to be charged.

When Express Checkout is enabled on the product page, every time the product selection field is changed, the total amount is calculated using an AJAX request (stripe-payment-request.js, wc-ajax=wc_stripe_get_selected_product_data). When someone clicks on the payment button, the total amount is calculated one more time (stripe-payment-request.js, wc-ajax=wc_stripe_add_to_cart). The payment modal displays the amount calculated using wc_stripe_get_selected_product_data, but the amount calculated using wc_stripe_add_to_cart is actually charged. Normally this is not a problem, because the two amounts are the same, but if the amounts differ the user's trust in the Google Pay modal is betrayed.

To Reproduce Steps to reproduce the behavior:

  1. Activate Stripe Express Checkout for Product Pages

  2. Add the following PHP code:

    add_action( 'woocommerce_before_calculate_totals', function($cart_object) {
foreach ( $cart_object->cart_contents as $key => $value ) {
    $value['data']->set_price(9999);
}
} );

  3. Click the Google Pay button on a product page. In this example, the product costs $1 (Screenshot 1)

  4. The wrong amount is charged (Screenshot 2)

Expected behavior The amount displayed in the Google Pay window matches the charged amount. At the very least, some form of error message should pop up.

Screenshots Screenshot 1: Clipboard01

Screenshot 2: Clipboard02

Environment (please complete the following information):

Additional context By the way, the Express Checkout handling is implemented much more elegantly by the official PayPal plugin (the amount is calculated only once when clicking the button, which saves server resources.) In addition, it is easier to pass additional individual parameters, because PayPal sends all parameters matching "[name^='attribute_']". Stripe uses $(".variations_form").find(".variations select") here, which makes it much more difficult, because the same selectors are also used by WooCommerce itself, which causes conflicts if you want to sneak additional parameters along. This makes it much easier to make WooCommerce PayPal Payments compatible with other plugins.

PoeHaH commented 2 years ago

This issue is related to the one I describe here: https://github.com/woocommerce/woocommerce-gateway-stripe/issues/2322