Skip to content

Commit 6976127

Browse files
author
Viktor Tymchynskyi
committed
Merge remote-tracking branch 'origin/MAGETWO-42818' into MAGETWO-MERGEFIX
2 parents e9b4cac + c07bcad commit 6976127

File tree

7 files changed

+329
-265
lines changed

7 files changed

+329
-265
lines changed

app/code/Magento/Braintree/view/adminhtml/templates/data_js.phtml

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,21 +7,20 @@
77
/**
88
* @var $block \Magento\Braintree\Block\Datajs
99
*/
10-
?>
11-
<?php
10+
1211
$arrayData = [
1312
"kountId" => $this->helper('Magento\Braintree\Helper\Data')->getKountId() ?
1413
$this->helper('Magento\Braintree\Helper\Data')->getKountId() : false,
1514
"formId" =>$block->getFormId(),
1615
"merchantId" => $block->getMerchantId(),
17-
"braintreeDataJs" => $block->getJsSrc(),
16+
"braintreeDataJs" => $block->escapeUrl($block->getJsSrc()),
1817
];
1918
$serializedFormData = $this->helper('Magento\Framework\Json\Helper\Data')->jsonEncode($arrayData);
2019
?>
2120
<script type="text/x-magento-init">
2221
{
2322
"body": {
24-
"braintreeDataJs": <?php /* @escapeNotVerified */ echo $serializedFormData ?>
23+
"braintreeDataJs": <?php /* @noEscape */ echo $serializedFormData ?>
2524
}
2625
}
2726
</script>

app/code/Magento/Braintree/view/adminhtml/templates/form.phtml

Lines changed: 97 additions & 64 deletions
Original file line numberDiff line numberDiff line change
@@ -7,110 +7,143 @@
77
// @codingStandardsIgnoreFile
88

99
/** @var \Magento\Braintree\Block\Form $block */
10-
$_form = $block;
11-
$_code = $_form->getMethodCode();
12-
$_storedCards = $this->helper('\Magento\Braintree\Helper\Createorder')->getLoggedInCustomerCards();
13-
$_useVault = $block->useVault();
14-
$_useCvv = $block->useCvv();
15-
$clientToken = $block->getClientToken();
10+
$code = $block->getMethodCode();
11+
$storedCards = $this->helper('\Magento\Braintree\Helper\Createorder')->getLoggedInCustomerCards();
12+
$useVault = $block->useVault();
13+
$useCvv = $block->useCvv();
14+
$clientToken = $block->escapeHtml($block->getClientToken());
1615
$isFraudDetectionEnabled = $block->isFraudDetectionEnabled();
1716
$braintreeDataJs = $block->getBraintreeDataJs();
1817
$formData = [
19-
"useVault" => $_useVault,
20-
"useCvv" => $_useCvv,
18+
"useVault" => $useVault,
19+
"useCvv" => $useCvv,
2120
"clientToken" => $clientToken,
22-
"code" => $_code,
21+
"code" => $code,
2322
"isFraudDetectionEnabled" => $isFraudDetectionEnabled,
2423
"braintreeDataJs"=> $braintreeDataJs,
2524
];
2625
$serializedFormData = $this->helper('Magento\Framework\Json\Helper\Data')->jsonEncode($formData);
26+
$ccType = $block->getInfoData('cc_type');
27+
$ccExpMonth = $block->getInfoData('cc_exp_month');
28+
$ccExpYear = $block->getInfoData('cc_exp_year');
2729
?>
28-
<input id="<?php /* @escapeNotVerified */ echo $_code ?>_payment_method" type="hidden" name="payment[method]" value="<?php /* @escapeNotVerified */ echo $_code ?>" />
29-
<div id="payment_form_<?php /* @escapeNotVerified */ echo $_code ?>" class="admin__page-section-item" style="display:none;"
30-
data-mage-init='{"braintreeCcForm":<?php /* @escapeNotVerified */ echo $serializedFormData ?>}'
30+
<input id="<?php /* @noEscape */ echo $code; ?>_payment_method" type="hidden" name="payment[method]"
31+
value="<?php /* @noEscape */ echo $code; ?>" />
32+
<div id="payment_form_<?php /* @noEscape */ echo $code; ?>" class="admin__page-section-item" style="display:none;"
33+
data-mage-init='{"braintreeCcForm":<?php /* @noEscape */ echo $serializedFormData; ?>}'
3134
>
3235
<input type="hidden" name="payment[payment_method_nonce]" id="braintree_nonce" value="" />
3336
<input type="hidden" name="payment[cc_last4]" id="cc_last4" value="" />
3437
<?php if ($isFraudDetectionEnabled): ?>
35-
<input type="hidden" name="payment[device_data]" id="braintree_device_id" value="" />
38+
<input type="hidden" name="payment[device_data]" id="braintree_device_id" value="" />
3639
<?php endif; ?>
37-
<?php if ($_storedCards): ?>
38-
<fieldset class="admin__fieldset">
39-
<div class="admin__field" id="<?php /* @escapeNotVerified */ echo $_code ?>_token_selector">
40-
<label class="admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_token"><?php /* @escapeNotVerified */ echo __('Payment Information') ?></label>
41-
<div class="admin__field-control control">
42-
<select id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_token" name="payment[cc_token]" class="select admin__control-select">
43-
<?php foreach ($_storedCards as $creditCard): ?>
44-
<option value="<?php /* @escapeNotVerified */ echo $creditCard->token?>" <?php echo $creditCard->default ? 'selected="selected"' : '' ?>>
45-
<?php /* @escapeNotVerified */ echo $creditCard->maskedNumber . ' - ' . $creditCard->cardType ?>
46-
</option>
47-
<?php endforeach; ?>
48-
<option value=''><?php /* @escapeNotVerified */ echo __('Add new card') ?></option>
49-
</select>
40+
<?php if ($storedCards): ?>
41+
<fieldset class="admin__fieldset">
42+
<div class="admin__field" id="<?php /* @noEscape */ echo $code; ?>_token_selector">
43+
<label class="admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_token">
44+
<?php echo $block->escapeHtml(__('Payment Information')); ?>
45+
</label>
46+
<div class="admin__field-control control">
47+
<select id="<?php /* @noEscape */ echo $code; ?>_cc_token" name="payment[cc_token]"
48+
class="select admin__control-select">
49+
<?php foreach ($storedCards as $creditCard): ?>
50+
<option value="<?php echo $block->escapeHtml($creditCard->token); ?>"
51+
<?php /* @noEscape */ echo $creditCard->default ? ' selected="selected"' : ''; ?>>
52+
<?php echo $block->escapeHtml($creditCard->maskedNumber); ?> - <?php echo $block->escapeHtml($creditCard->cardType); ?>
53+
</option>
54+
<?php endforeach; ?>
55+
<option value=''><?php echo $block->escapeHtml(__('Add new card')); ?></option>
56+
</select>
57+
</div>
5058
</div>
51-
</div>
52-
</fieldset>
59+
</fieldset>
5360
<?php endif; ?>
5461
<fieldset class="admin__fieldset hide_if_token_selected">
5562
<div class="admin__field">
56-
<label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type" ><?php /* @escapeNotVerified */ echo __('Credit Card Type') ?><span class="required">*</span></label>
63+
<label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_type" >
64+
<?php echo $block->escapeHtml(__('Credit Card Type')); ?><span class="required">*</span>
65+
</label>
5766
<div class="admin__field-control control">
58-
<select id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type" name="payment[cc_type]" class="required-entry _required select admin__control-select validate-cc-type-select">
59-
<option value="">--<?php /* @escapeNotVerified */ echo __('Please Select')?>--</option>
60-
<?php $_ccType = $_form->getInfoData('cc_type') ?>
61-
<?php foreach ($_form->getCcAvailableTypes() as $_typeCode => $_typeName): ?>
62-
<option value="<?php /* @escapeNotVerified */ echo $_typeCode ?>"<?php if($_typeCode==$_ccType): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $_typeName ?></option>
63-
<?php endforeach ?>
67+
<select id="<?php /* @noEscape */ echo $code; ?>_cc_type" name="payment[cc_type]"
68+
class="required-entry _required select admin__control-select validate-cc-type-select">
69+
<option value="">--<?php echo $block->escapeHtml(__('Please Select')); ?>--</option>
70+
<?php foreach ($block->getCcAvailableTypes() as $typeCode => $typeName): ?>
71+
<option value="<?php echo $block->escapeHtml($typeCode); ?>"
72+
<?php if($typeCode == $ccType): ?> selected="selected"<?php endif; ?>>
73+
<?php echo $block->escapeHtml($typeName); ?>
74+
</option>
75+
<?php endforeach; ?>
6476
</select>
6577
</div>
6678
</div>
6779
</fieldset>
6880
<fieldset class="admin__fieldset hide_if_token_selected">
6981
<div class="admin__field">
70-
<label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_number"><?php /* @escapeNotVerified */ echo __('Credit Card Number') ?><span class="required">*</span></label>
82+
<label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_number">
83+
<?php echo $block->escapeHtml(__('Credit Card Number')); ?><span class="required">*</span>
84+
</label>
7185
<div class="admin__field-control control">
72-
<input type="text" id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_number" data-encrypted-name="payment[cc_number]" title="<?php /* @escapeNotVerified */ echo __('Credit Card Number') ?>" class="input-text admin__control-text validate-cc-number validate-cc-type" value="" />
86+
<input type="text" id="<?php /* @noEscape */ echo $code; ?>_cc_number" data-encrypted-name="payment[cc_number]"
87+
title="<?php echo $block->escapeHtml(__('Credit Card Number')); ?>"
88+
class="input-text admin__control-text validate-cc-number validate-cc-type" value="" />
7389
</div>
7490
</div>
7591
</fieldset>
7692
<fieldset class="admin__fieldset hide_if_token_selected">
77-
<div id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type_exp_div" class="admin__field">
78-
<label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_expiration" ><?php /* @escapeNotVerified */ echo __('Expiration Date') ?><span class="required">*</span></label>
93+
<div id="<?php /* @noEscape */ echo $code; ?>_cc_type_exp_div" class="admin__field">
94+
<label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_expiration">
95+
<?php echo $block->escapeHtml(__('Expiration Date')); ?><span class="required">*</span>
96+
</label>
7997
<div class="admin__field-control control">
80-
<select id="<?php /* @escapeNotVerified */ echo $_code ?>_expiration" name="payment[cc_exp_month]" class="month validate-cc-exp required-entry _required select admin__control-select">
81-
<?php $_ccExpMonth = $_form->getInfoData('cc_exp_month') ?>
82-
<?php foreach ($_form->getCcMonths() as $k=>$v): ?>
83-
<option value="<?php echo $k?$k:'' ?>"<?php if($k==$_ccExpMonth): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $v ?></option>
84-
<?php endforeach ?>
98+
<select id="<?php /* @noEscape */ echo $code; ?>_expiration" name="payment[cc_exp_month]"
99+
class="month validate-cc-exp required-entry _required select admin__control-select">
100+
<?php foreach ($block->getCcMonths() as $k=>$v): ?>
101+
<option value="<?php /* @noEscape */ echo $k ? $block->escapeHtml($k) : ''; ?>"
102+
<?php if ($k == $ccExpMonth): ?> selected="selected"<?php endif; ?>>
103+
<?php echo $block->escapeHtml($v); ?></option>
104+
<?php endforeach; ?>
85105
</select>
86-
<?php $_ccExpYear = $_form->getInfoData('cc_exp_year') ?>
87-
<select id="<?php /* @escapeNotVerified */ echo $_code ?>_expiration_yr" name="payment[cc_exp_year]" class="year required-entry _required select admin__control-select">
88-
<?php foreach ($_form->getCcYears() as $k=>$v): ?>
89-
<option value="<?php echo $k?$k:'' ?>"<?php if($k==$_ccExpYear): ?> selected="selected"<?php endif ?>><?php /* @escapeNotVerified */ echo $v ?></option>
106+
<select id="<?php /* @noEscape */ echo $code; ?>_expiration_yr" name="payment[cc_exp_year]"
107+
class="year required-entry _required select admin__control-select">
108+
<?php foreach ($block->getCcYears() as $k => $v): ?>
109+
<option value="<?php /* @noEscape */ echo $k ? $block->escapeHtml($k) : ''; ?>"
110+
<?php if ($k == $ccExpYear): ?> selected="selected"<?php endif; ?>>
111+
<?php echo $block->escapeHtml($v); ?>
112+
</option>
90113
<?php endforeach ?>
91114
</select>
92115
</div>
93116
</div>
94117
</fieldset>
95-
<?php echo $_form->getChildHtml() ?>
96-
<?php if($_form->hasVerification()): ?>
97-
<fieldset class="admin__fieldset hide_if_token_selected">
98-
<div id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_type_cvv_div" class="admin__field">
99-
<label class="label admin__field-label" for="<?php /* @escapeNotVerified */ echo $_code ?>_cc_cid" ><?php /* @escapeNotVerified */ echo __('Card Verification Number') ?><span class="required">*</span></label>
100-
<div class="admin__field-control control">
101-
<div class="v-fix">
102-
<input type="text" title="<?php /* @escapeNotVerified */ echo __('Card Verification Number') ?>" class="input-text admin__control-text cvv required-entry validate-cc-cvn" id="<?php /* @escapeNotVerified */ echo $_code ?>_cc_cid" data-encrypted-name="payment[cc_cid]" value="" />
118+
<?php echo $block->getChildHtml(); ?>
119+
<?php if ($block->hasVerification()): ?>
120+
<fieldset class="admin__fieldset hide_if_token_selected">
121+
<div id="<?php /* @noEscape */ echo $code; ?>_cc_type_cvv_div" class="admin__field">
122+
<label class="label admin__field-label" for="<?php /* @noEscape */ echo $code; ?>_cc_cid">
123+
<?php echo $block->escapeHtml(__('Card Verification Number')); ?><span class="required">*</span>
124+
</label>
125+
126+
<div class="admin__field-control control">
127+
<div class="v-fix">
128+
<input type="text" title="<?php echo $block->escapeHtml(__('Card Verification Number')); ?>"
129+
class="input-text admin__control-text cvv required-entry validate-cc-cvn"
130+
id="<?php /* @noEscape */ echo $code; ?>_cc_cid" data-encrypted-name="payment[cc_cid]" value=""/>
131+
</div>
103132
</div>
104133
</div>
105-
</div>
106-
</fieldset>
134+
</fieldset>
107135
<?php endif; ?>
108136
<?php if($_useVault): ?>
109-
<fieldset class="admin__fieldset hide_if_token_selected">
110-
<div id="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault_div" style="text-align:left;" class="">
111-
<input type="checkbox" title="<?php /* @escapeNotVerified */ echo __('Save this card for future use') ?>" class="input-checkbox" id="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault" name="payment[store_in_vault]" value="1" />
112-
<label for="<?php /* @escapeNotVerified */ echo $_code ?>_store_in_vault" style="float:none;"><?php /* @escapeNotVerified */ echo __('Save this card for future use') ?></label>
113-
</div>
114-
</fieldset>
137+
<fieldset class="admin__fieldset hide_if_token_selected">
138+
<div id="<?php /* @noEscape */ echo $code; ?>_store_in_vault_div" style="text-align:left;" class="">
139+
<input type="checkbox" title="<?php echo $block->escapeHtml(__('Save this card for future use')); ?>"
140+
class="input-checkbox" id="<?php /* @noEscape */ echo $code; ?>_store_in_vault"
141+
name="payment[store_in_vault]" value="1"/>
142+
<label for="<?php /* @noEscape */ echo $code; ?>_store_in_vault" style="float:none;">
143+
<?php echo $block->escapeHtml(__('Save this card for future use')); ?>
144+
145+
</label>
146+
</div>
147+
</fieldset>
115148
<?php endif; ?>
116149
</div>

app/code/Magento/Braintree/view/frontend/templates/creditcard/delete.phtml

Lines changed: 22 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -6,46 +6,54 @@
66

77
// @codingStandardsIgnoreFile
88

9-
$creditCard = $block->creditCard();
10-
$token = $creditCard->token;
9+
/**
10+
* @var \Magento\Braintree\Block\Creditcard\Management $block
11+
*/
12+
$creditCard = $block->creditCard();
13+
$token = $block->escapeHtml($creditCard->token);
1114
?>
1215
<?php echo $block->getLayout()->getMessagesBlock()->getGroupedHtml();?>
13-
<form action="<?php /* @escapeNotVerified */ echo $block->getDeleteConfirmUrl() ?>" method="post" id="delete-form"
16+
<form action="<?php echo $block->escapeUrl($block->getDeleteConfirmUrl()); ?>" method="post" id="delete-form"
1417
xmlns="http://www.w3.org/1999/html">
1518
<fieldset class="fieldset info">
16-
<legend class="legend"><?php /* @escapeNotVerified */ echo __('Please confirm that you want to delete this credit card') ?></legend>
19+
<legend class="legend">
20+
<?php echo $block->escapeHtml(__('Please confirm that you want to delete this credit card')); ?>
21+
</legend>
1722
<div class="field">
1823
<ul>
1924
<li>
20-
<b><?php /* @escapeNotVerified */ echo __('Credit Card Number');?></b>
25+
<b><?php echo $block->escapeHtml(__('Credit Card Number'));?></b>
2126
</li>
2227
<li>
23-
<?php /* @escapeNotVerified */ echo $creditCard->maskedNumber;?>
28+
<?php echo $block->escapeHtml($creditCard->maskedNumber);?>
2429
</li>
2530
<li>
26-
<b><?php /* @escapeNotVerified */ echo __('Expiration Date');?></b>
31+
<b><?php echo $block->escapeHtml(__('Expiration Date'));?></b>
2732
</li>
2833
<li>
29-
<?php /* @escapeNotVerified */ echo $creditCard->expirationDate; ?>
34+
<?php echo $block->escapeHtml($creditCard->expirationDate); ?>
3035
</li>
3136
<li>
32-
<b><?php /* @escapeNotVerified */ echo __('Cardholder Name');?></b>
37+
<b><?php echo $block->escapeHtml(__('Cardholder Name'));?></b>
3338
</li>
3439
<li>
35-
<?php /* @escapeNotVerified */ echo $creditCard->cardholderName;?>
40+
<?php echo $block->escapeHtml($creditCard->cardholderName);?>
3641
</li>
3742
</ul>
3843
</div>
3944
</fieldset>
40-
<input type="hidden" name="token" value="<?php /* @escapeNotVerified */ echo $token ?>">
45+
<input type="hidden" name="token" value="<?php /* @noEscape */ echo $token; ?>">
4146
<div class="actions-toolbar">
4247
<div class="primary">
4348
<button type="submit" id="opc-submit" data-role="opc-submit" class="action save primary"
44-
title="<?php /* @escapeNotVerified */ echo __('Delete') ?>" ><?php /* @escapeNotVerified */ echo __('Delete') ?></span></button>
49+
title="<?php echo $block->escapeHtml(__('Delete')); ?>" >
50+
<?php echo $block->escapeHtml(__('Delete')); ?>
51+
</button>
4552
</div>
4653
<div class="secondary">
47-
<a class="action back" href="<?php /* @escapeNotVerified */ echo $block->getBackUrl() ?>"><span><span><small>&laquo; </small>
48-
<?php /* @escapeNotVerified */ echo __('Back') ?></span></a>
54+
<a class="action back" href="<?php echo $block->escapeUrl($block->getBackUrl()); ?>">
55+
<span><small>&laquo; </small><?php echo $block->escapeHtml(__('Back')); ?></span>
56+
</a>
4957
</div>
5058
</div>
5159

0 commit comments

Comments
 (0)