Dokan PHP bugs

A shortcode cannot do a wp_redirect()

Since the Dokan dashboard is now a shortcode in the Dokan plugin version, this code is completely wrong:

wp_redirect( add_query_arg( array( ‘message’ => ‘profile_saved’ ), get_permalink() ) );

in classes/template-settings.php
in function insert_settings_info()
around line 138.

This generates errors like this:
Warning: Cannot modify header information – headers already sent by (output started at …/wp-includes/class.wp-styles.php:122) in …/wp-includes/pluggable.php on line 1121

When we try to save store settings in the dashboard / store configuration

This error is triggered by line 6 of the template/settings.php file that calls $dokan_template_settings->insert_settings_info(); and when at the end of this function there is an attempt to do a wp_redirect() we get those warnings. So this whole process workflow is wrong. It worked with the theme but cannot work with the plugin that uses a shortcode to include the dashboard tamplates. Please correct ASAP. This is a major bug of the Dokan plugin.

…here is how lines 135 to 137 of classes/template-settings.php have to be corrected for the Dokan plugin:

if ( !defined(‘DOING_AJAX’) || DOING_AJAX !== true ) {
$_GET[‘message’] = ‘profile_saved’;
}

Please include this fix ASAP in the next version of the Dokan plugin.

Dokan templates cannot be overriden.

This is due to a bug in the code of the Dokan plugin

in this file: /includes/theme-functions.php
in this function: dokan_get_template_part()

You check for the default templates (in the $dokan->plugin_path() directory) before you check the overridden templates ( in $dokan->template_path() ).

The default templates are always present in the plugin directory, so the overridden templates will never get loaded.

Lines 596-599 of the file need to be moved up before line 587 to correct this bug:

/**
* Get template part implementation for wedocs
*
* Looks at the theme directory first
*/
function dokan_get_template_part( $slug, $name = ” ) {
$dokan = WeDevs_Dokan::init();

$template = ”;

// Look in yourtheme/slug-name.php and yourtheme/dokan/slug-name.php
if ( $name ) {
$template = locate_template( array( “{$slug}-{$name}.php”, $dokan->template_path() . “{$slug}-{$name}.php” ) );
}

// If template file doesn’t exist, look in yourtheme/slug.php and yourtheme/dokan/slug.php
if ( ! $template ) {
$template = locate_template( array( “{$slug}.php”, $dokan->template_path() . “{$slug}.php” ) );
}

// Get default slug-name.php
if ( ! $template && $name && file_exists( $dokan->plugin_path() . “/templates/{$slug}-{$name}.php” ) ) {
$template = $dokan->plugin_path() . “/templates/{$slug}-{$name}.php”;
}

if ( ! $template && !$name && file_exists( $dokan->plugin_path() . “/templates/{$slug}.php” ) ) {
$template = $dokan->plugin_path() . “/templates/{$slug}.php”;
}

// Allow 3rd party plugin filter template file from their plugin
$template = apply_filters( ‘dokan_get_template_part’, $template, $slug, $name );

if ( $template ) {
load_template( $template, false );
}
}

messaged you.

Thanks Yann, these issues has been addressed and fixed. Thanks a bunch 🙂

Okay Yann,
I have added these to the queue too 😀

Thanks!

I will post again in this topic if I find any other bug.

Dashboard product listing pagination is broken in the Dokan plugin.

This is because you use a WordPress rewrite_endpoint to implement dashboard sub-pages URLs in the plugin, and WP endpoints do not support pagination. So again this is a major bug due to wrong implementation of shortcode/endpoint based dashboard admin pages in the plugin.

Since there is no way to implement pagination on WP endpoints, you have to add wp rewrite_rules somewhere to support pagination. Such as this:

/**
* Missing rewriterules for Dokan dashboard
*
*/
public function dokan_dashboard_pagination_rules() {
//@see http://wordpress.stackexchange.com/questions/67732/setting-a-custom-sub-path-for-blog-without-using-pages

add_rewrite_tag( ‘%fake_page%’, ‘([^&]+)’);

add_rewrite_rule(
‘[^/]+/products/page/?([0-9]+)/?$’,
‘index.php?fake_page=products&products=&paged=$matches[1]’,
‘top’
);
}
add_action( ‘init’, array( $this, ‘dokan_dashboard_pagination_rules’ ), 1 );

public function handle_redirect() {
global $wp;
$template = $wp->query_vars;
if (
array_key_exists( ‘fake_page’, $template ) &&
‘products’ == $template[‘fake_page’]
) {
//note: please replace with actual template used for dashboard!
include( get_stylesheet_directory() . ‘/dashboard.php’ );
exit;
}
}
add_action( ‘template_redirect’, array( $this, ‘handle_redirect’ ), 1 );

NOTE: this is just a rough code example, the rewrite rule could be better written to include the actual dashboard slug at the beginning, and there must be some way to determine the right template to use based on dokan_get_option( $page, ‘dokan_pages’ ) and the _wp_page_template meta… However I implemented it to fix our site and it works.

Product edit page in the dashboard is broken for published products.

This is because depending on the context, the product-edit.php template is either loaded inside the shortcode (when the product is not published) or standing alone by itself (when the product is published). Of course this is completely wrong. Since the dashboard is now loaded inside a page context in a shortcode, you should not load the product-edit template as a standalone page.

You have to correct this function:
function dokan_edit_product_url()
in this file:
includes/theme-functions.php
around line 701-713

We cannot use this kind of URL anymore :
trailingslashit( get_permalink( $product_id ) ). ‘edit/’;
…because it returns the product-edit template outside the dashboard.

We always have to load the product edit template inside the dashboard shortcode!

So you must correct the function to completely bypass the old kind of URL, even when the product is published:

/**
* Get edit product url
*
* @param type $product_id
* @return type
*/
function dokan_edit_product_url( $product_id ) {
if ( false && get_post_field( ‘post_status’, $product_id ) == ‘publish’ ) {
return trailingslashit( get_permalink( $product_id ) ). ‘edit/’;
}

return add_query_arg( array( ‘product_id’ => $product_id, ‘action’ => ‘edit’ ), dokan_get_navigation_url(‘products’) );
}

NOTICE the if( false &&… ) to bypass first test. We don’t want this!

You can also simply delete lines 708-710.

NOTE: I am not sure yet if this fix has consequences elsewhere on product edit links or buttons outside the dashboard. However it is not possible to edit products outside of the dashboard anymore because of the shortcode-based dashboard in the Dokan plugin. So this has to be fixed everywhere there is a product edit link anyway.

Dashboard reports page breaks when the dashboard template files are overridden

This is because of this include in the reports.php template:

require_once dirname( dirname(__FILE__) ) . ‘/includes/reports.php’;

This is wrong, because when the templates are overridden, they are no longer in the Dokan plugin directory, they are in a subdirectory of the theme, so this relative path-based include can never work!

It can be corrected this way:

require_once( WP_PLUGIN_DIR . ‘/dokan/includes/reports.php’ );

[suppressed]

Yann can add me on skype or facebook to help me in some thin in my site

@Mahmoud: please do not use this bug reporting topic for conversation.

Unfortunately I have no time to give free help.

One of your functions is just incredibly dangerous

http://wedevs.com/support/topic/warning-dokan-major-security-issue

You need to implement Nonces, check for appropriate user credentials when handling POST requests, etc.

http://codex.wordpress.org/WordPress_Nonces

As is, this code is totally unprofessional, and a tue security hazard for any user of the Dokan plugin. This needs to be patched ASAP, and all users must be warned!

Your plugin is a security threat fo the WordPress community. Totally unappropriate for e-commerce.

I have a fixed version of the function if needed. I cannot give any more details here because of the security threat if the exploit is revealed.

Added on the queue.