Skip to content

Commit

Permalink
["PO-252"]("WooCommerce : add isset validation for webhook payload") (#…
Browse files Browse the repository at this point in the history 
…579)

* ["PO-252"]("WooCommerce : add isset validation for webhook payload")

* reverting one change

* addressed review comment
  • Loading branch information
@rohitcbr
rohitcbr authored Dec 12, 2024
1 parent 5771979 commit 864d26a
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions includes/razorpay-webhook.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,13 @@ public function process()
return;
}

// Skip the webhook if not the valid data and event
if ($this->shouldConsumeWebhook($data) === false) {

rzpLogDebug("Invalid webhook trigger: " . json_encode($data));
return;
}

if (empty($data['event']) === false) {

$orderId = $data['payload']['payment']['entity']['notes']['woocommerce_order_number'];
Expand All @@ -107,13 +114,6 @@ public function process()
$razorpayOrderId = ($data['event'] == self::SUBSCRIPTION_CHARGED) ? $razorpayOrderId : "No payment id in subscription event";
}


// Skip the webhook if not the valid data and event
if ($this->shouldConsumeWebhook($data) === false) {
rzpLogInfo("Woocommerce orderId: $orderId webhook process exited in shouldConsumeWebhook function");

return;
}
if (isset($_SERVER['HTTP_X_RAZORPAY_SIGNATURE']) === true) {

$razorpayWebhookSecret = (empty($this->razorpay->getSetting('webhook_secret')) === false) ? $this->razorpay->getSetting('webhook_secret') : get_option('webhook_secret');
Expand Down

0 comments on commit 864d26a

Please sign in to comment.