WordPress (not woocommerce) Request A Quote functionality

I’ve seen plugins for WooCommerce that provide Request A Quote functionality (turning their cart into a quote request) as well as plugins that are glorified forms (allowing you to select multiple products while ON the form) to submit a request for.

What would be the best solution (coded or plugin) to allow customers to click a button on item pages (custom post types currently) that would add that item’s data to the main contact form (We’re using Gravity Forms currently)?

I’ve looked through the GF docs and they have ways to programmatically add data to the fields.. but I need it to persist while the customer is browsing other pages on the site.

Recommendations?

Ex: Customer goes to four different pages, clicks the ‘Request A Quote’ button (we’ll show an alert after they do, that directs them to the Request Form or allows them to keep browsing). Once the customer is navigated to the Request Form, they see the info for the items (we can scrape the title, item #, etc from the post they click the button on) within the main forms Textarea.

Mysql Router not sending Write request to R/W instance

I am doing InnoDB Cluster Group Replication for the first time. I stuck at the last step Mysql Router. Mysql Router is configured with bootstrapping, But the main issue is MySQL router does not send the write request to the Primary R/W instance after failover. After failover primary become node instance and the Error says The MySQL server is running with the –super-read-only option so it cannot execute this statement

I am following this tutorial https://severalnines.com/database-blog/mysql-innodb-cluster-80-complete-deployment-walk-through-part-one.

Thanks in advance

Update woocommerce thankyou page based on API request result

I create a custom woocommerce payment gateway plugin. First, I call an API, I take the formUrl from the response result then I redirect users to this payment form. At this step everything is Ok.

After the user enter his credit cards info and click validate the system redirect him to the default "order-received" page.

Before loading this page, I want to call another API to check the payment status, if the response body has the orderStatus== 1: I want to show the description in the response body (description = "Request processed successfully"), I reduce order stock, I update the status of order then I display the Order details. If the orderStatus == 2: I want to change the order status to ‘failed’ manually to show the default woocommerce-thankyou-order-failed message (”Unfortunately your order cannot be processed…") in the file thankyou.php or I just show a simple error payment message in this case.

In the payment class constractor I tried adding: add_action( ‘woocommerce_thankyou’, ‘thank_you_page’, 20, 1 ); but I dont know how to add my custom function or how to adapt this requirement.

My plugin looks like this one : https://github.com/YTTechiePress/custom-woocommerce-payment-gateway/blob/master/lesson-1/noob-payment-for-woocommerce.php

DBC error: unknow reply: unable to complete request

I have been using the deathbycaptcha service perfectly for weeks, however, today I get the following error:
my credentials are ok, I have verified them several times, I have a balance in the platform and I have even recharged more credits, I have restarted my PC and nothing, I still get the message and it is not active, is it deathbycaptcha error or some GSA bug? any solution? 

Trying to run a add_action within a function to run a woocomerce function on a ajax request

I am able to get a ajax request to work properly on a woocommerce checkout form page, now I want to update the price of the checkout in that ajax request. My add_action is in the function that is fired by the ajax request.

This is all done in a custom plugin as well

Here is my code this far, it doesn’t seem like the function request_gift_card ever fires

 function gift_card_redeem(){      if(!empty($  _SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($  _SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {     error_log("test !empty");          add_action( 'woocommerce_before_calculate_totals', 'request_gift_card', 99 );      function request_gift_card($  cart_object){       if( !WC()->session->__isset( "reload_checkout" )) {           /* Gift wrap price */           $  additionalPrice = 5;           error_log($  cart_object);           foreach ( $  cart_object->cart_contents as $  key => $  value ) {               if( isset( $  value["embossing_fee"] ) ) {                   // Turn $  value['data']->price in to $  value['data']->get_price()                   $  orgPrice = floatval( $  value['data']->get_price() );                   $  discPrice = $  orgPrice + $  additionalPrice;                   $  value['data']->set_price($  discPrice);               }           }       }     }      $  result['type'] = "success";     $  result = json_encode($  result);     echo $  result;   }   else {     error_log("test else");       header("Location: ".$  _SERVER["HTTP_REFERER"]);   }    die(); } 

what wrong am i doing with SOAP request, getting error invalid timeout formats [closed]

<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><SecurityHeader xmlns="http://services.medconnect.net/submissionportal"><UserName>2143883</UserName><Password><![CDATA[I3zt!7&W]]></Password></SecurityHeader></soap:Header><soap:Body><SubmitSync xmlns="http://services.medconnect.net/submissionportal"><request><![CDATA[ISA*00*          *00*          *ZZ*EXPEDIUM       *30*204202692      *200904*0419*^*00501*007281118*0*P*:~GS*HS*EXPEDIUM*204202692*20200904*0419*7281119*X*005010X279A1~ST*270*007281120*005010X279A1~BHT*0022*13*7281120*20200904*0419~HL*1**20*1~NM1*PR*2*BCBS OF NORTH CAROLINA*****PI*10383~HL*2*1*21*1~NM1*1P*2*BEAUFORT COUNTY HEALTH DEPARTMENT*****XX*1679576763~REF*TJ*566001521~PRV*PE*PXC*261QP0905X~HL*3*2*22*0~TRN*1*1013076869*9919649646~NM1*IL*1*BROWN*JEAN*M***MI*KBOW1747326401~REF*SY*141117752~DMG*D8*19650504*F~DTP*291*D8*20200904~EQ*30~SE*16*007281120~GE*1*7281119~IEA*1*007281118]]></request><requestFormat>EDI</requestFormat><responseFormat>EDI</responseFormat><synchronousTimeout>00:01:00</synchronousTimeout><submissionTimeout>00:01:00</submissionTimeout></SubmitSync></soap:Body></soap:Envelope>  Response ----------- <faultstring>Invalid Timeout Format: , Valid Format: d.hh:mm:ss, Note: Hours &lt;= 23, Minutes &lt;= 59, Seconds &lt;= 59</faultstring>  please advise on this 

No route was found matching the URL and request method. I don’t understand where the problem is

When I send parameters, I get this: No route was found matching the URL and request method.

/**   * Add json data on plugin.  *   * */ add_action('rest_api_init', 'register_api_hooks'); function register_api_hooks() {   register_rest_route(     'passwordless_register/v0', '/register/(?P<name>[a-zA-Z0-9-]+)/(?P<email>[a-zA-Z0-9-]+)/?aam-jwt=(?P<token>[a-zA-Z0-9-]+)',     array(       'methods'  => 'POST',       'callback' => 'wc_rest_user_endpoint_handler',     )   ); }  /**  * Register a new user  *  * @param  WP_REST_Request $  request Full details about the request.  * @return array $  args.  **/ function wc_rest_user_endpoint_handler($  request) {   $  request = new WP_REST_Request( 'POST', 'passwordless_register/v0/register/(?P<name>[a-zA-Z0-9-]+)/(?P<email>[a-zA-Z0-9-]+)/?aam-jwt=(?P<token>[a-zA-Z0-9-]+)' );   $  username = $  request['name'];   $  email = $  request['email'];   $  response = array();   $  error = new WP_Error();   if (empty($  username)) {     $  error->add(400, __("name field 'username' is required.", 'wp-rest-user'), array('status' => 400));     return $  error;   }   if (empty($  email)) {     $  error->add(401, __("Email field 'email' is required.", 'wp-rest-user'), array('status' => 400));     return $  error;   }   $  user_id = username_exists($  username);   if (!$  user_id && email_exists($  email) == false) {       $  password = wp_generate_password( 20, false );     $  user_id = wp_create_user($  username, $  password, $  email);     if (!is_wp_error($  user_id)) {       // Ger User Meta Data (Sensitive, Password included. DO NOT pass to front end.)       $  user = get_user_by('id', $  user_id);       // $  user->set_role($  role);       $  user->set_role('subscriber');       // WooCommerce specific code       if (class_exists('WooCommerce')) {         $  user->set_role('customer');       }       // Ger User Data (Non-Sensitive, Pass to front end.)       wp_nonce_field( 'wpa_passwordless_login_request', 'nonce', false );       $  unique_url = wpa_generate_url( $  email , $  nonce );       $  response['code'] = 200;       $  response['message'] = __("User '" . $  username . "' Registration was Successful", "wp-rest-user");       $  response['mail'] = __("Mail '" . $  email . "' Registration was Successful", "wp-rest-email");       $  response['password'] =  __("Pass '" . $  password . "' Registration was Successful", "wp-rest-pass");       $  response['url'] =  __("Link '" . $  unique_url . "' Registration was Successful", "wp-rest-url");     } else {       return $  user_id;     }   } else {     $  error->add(406, __("Email already exists, please try 'Reset Password'", 'wp-rest-user'), array('status' => 400));     return $  error;   }   return new WP_REST_Response($  response, 123);           } add_action( 'after_setup_theme', 'passwordless_register/v0' ); 

HTTP Request Smuggling Basics

I am currently trying to learn HTTP Request Smuggling vulnerability to furthermore enhance my pen testing skill. I have watched a couple of videos on Youtube and read articles online regarding it but still have a couple of questions in mind. Question:

  • What are the attack vectors of HTTP Req Smuggling (Where should I look)?
  • What is the main way to provide PoC to companies with high traffic? I know that HTTP Smuggling could possibly steal people’s cookie, can this be used for the PoC or is this illegal?
  • Can this or other vulnerability be chained together? (e.g. self-xss & csrf)

Thank you everyone!

Information exposure through query strings in url of a POST request [duplicate]

I can’t seem to find any information online for when there is information exposure through query strings in URL of a POST request.

I understand it is an issue for when it’s sent in HTTP GET. Wondering if it would still be an issue for when it’s sent in POST?

e.g.

POST /api/view?username=USER