From e02c1953086973f38c4535797dbfef806d3d52db Mon Sep 17 00:00:00 2001
From: Zed <ayub.zeitunli@gmail.com>
Date: Tue, 20 Sep 2022 23:21:14 +0430
Subject: [PATCH 1/3] fix: Limited address and name length

---
 inc/MetaBox.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/inc/MetaBox.php b/inc/MetaBox.php
index 7f6d40e..f8e9790 100644
--- a/inc/MetaBox.php
+++ b/inc/MetaBox.php
@@ -6,6 +6,10 @@
 use WP_Encryption\Encryption;
 
 class MetaBox {
+	private $address_length = 185;
+	private $name_length = 17;
+	private $comment_length = 60;
+
 	public function add_meta_boxes () {
 
 		if ( get_post_type() == 'shop_order' && isset( $_GET[ 'post' ] ) ) {
@@ -135,6 +139,8 @@ public function delivery_step_1( $order ) {
 		$destination_city = $order->get_shipping_city();
 		$destination_city = Location::get_city_by_name($destination_city);
 		$destination_address = $destination_city['name'] . ' ' . $order->get_billing_address_1() . ' ' . $order->get_billing_address_2();
+		if( mb_strlen($destination_address) > $this->address_length )
+			$destination_address = mb_substr($destination_address, 0, $this->address_length);
 		$store_address =  get_option( 'woocommerce_store_address' ) . get_option( 'woocommerce_store_address_2' );
 
 		$total_weight = 0;
@@ -301,10 +307,10 @@ public function ajax_saving_options_step_2() {
 				],
 			],
 			'receiver' => [
-				'name' => $order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name(),
+					'name' => ( (mb_strlen($order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name()) > $this->name_length) ? mb_substr($order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name(), 0, $this->name_length): $order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name()),
 				'contact' => [
 					'postal_code' => $order->get_shipping_postcode(),
-					'address' => $order->get_shipping_address_1(),
+						'address' => ( mb_strlen($order->get_shipping_address_1()) > $this->address_length) ? (mb_substr($order->get_shipping_address_1(), 0 , $this->address_length)): $order->get_shipping_address_1(),
 					'city' => $destination_city['code'],
 					'phone_number' => $order->get_billing_phone(),
 				],
@@ -323,7 +329,7 @@ public function ajax_saving_options_step_2() {
 				]
 			],
 			'payment_type' => 1,
-			'receiver_comment' => $order->get_customer_note(),
+				'receiver_comment' => ( mb_strlen($order->get_customer_note())> $this->comment_length ? mb_substr($order->get_customer_note(),0 , $this->comment_length): $order->get_customer_note()),
 			'service_type' => 'regular',
 			'provider_code' => sanitize_text_field( $_POST['provider_code'] ),
 		];

From 739463873773d75cb5bb549a2b55302ee9c0f0fe Mon Sep 17 00:00:00 2001
From: Zed <ayub.zeitunli@gmail.com>
Date: Fri, 23 Sep 2022 19:01:48 +0330
Subject: [PATCH 2/3] fix: Add new fields to metabox

add store name, customer name, description to metabox
make source and destination enabled
---
 assets/js/admin.js        | 11 +++++++
 inc/MetaBox.php           | 68 +++++++++++++++++++++++++++++++++++----
 inc/Podro_Order_Table.php |  2 ++
 3 files changed, 74 insertions(+), 7 deletions(-)

diff --git a/assets/js/admin.js b/assets/js/admin.js
index 17dc847..8e44763 100644
--- a/assets/js/admin.js
+++ b/assets/js/admin.js
@@ -95,9 +95,18 @@
 			height: $('input[name=pod_height]').val(),
 			depth: $('input[name=pod_depth]').val(),
 			order_id: $('input[name=pod_order_id]').val(),
+			pod_store_name: $('input[name=pod_store_name]').val(),
+			pod_source_city: $('textarea[name=pod_source_city]').val(),
+			pod_destination_city: $('textarea[name=pod_destination_city]').val(),
+			pod_user_billing_name: $('input[name=pod_user_billing_name]').val(),
+			pod_user_billing_family: $('input[name=pod_user_billing_family]').val(),
+			pod_customer_note: $('textarea[name=pod_customer_note]').val(),
+
+
 		};
 
 		if ( pod_validate_step_1( data ) ) {
+
 			pod_ajax( data, _callback_step_1 );
 		}
 	})
@@ -384,7 +393,9 @@
 	}
 
 	function _callback_step_1( response ) {
+
 		if ( response.success ) {
+
 			let data = {
 				weight: $('input[name=pod_weight]').val(),
 				totalprice: $('input[name=pod_totalprice]').val(),
diff --git a/inc/MetaBox.php b/inc/MetaBox.php
index f8e9790..e701a8f 100644
--- a/inc/MetaBox.php
+++ b/inc/MetaBox.php
@@ -176,19 +176,50 @@ public function delivery_step_1( $order ) {
 			$height = $dimensions['height'];
 			$length = $dimensions['length'];
 		}
+
+		$user_billing_name = $order->get_billing_first_name();
+		$user_billing_family = $order->get_billing_last_name();
+
+		$store_name = $this->get_store_name();
+		$customer_note = $order->get_customer_note();
+
+		$option_pod_source_city = get_option('pod_source_city');
+		$option_pod_store_name = get_option('pod_store_name');
+
+		$option_pod_source_city = ( false == $option_pod_source_city ) ? $store_address : $option_pod_source_city;
+		$option_pod_store_name = ( false == $option_pod_store_name ) ?  $store_name : $option_pod_store_name;
+
+
+
 			?>
 		<ul class="pod-delivery-step">
+			<li>
+				<label for="pod_store_name">نام فروشگاه</label>
+				<input type="text" name="pod_store_name" id="pod_store_name" maxlength="60" value="<?php echo $option_pod_store_name; ?>"  />
+			</li>
 			<li>
 				<label for="pod_source_city">مبدا</label>
-				<input type="text" name="pod_source_city" id="pod_source_city" value="<?php echo $store_address; ?>" disabled />
+				<textarea name="pod_source_city" id="pod_source_city" rows="6"><?php echo $option_pod_source_city; ?></textarea>
 				<?php if (empty($store_address)) echo '<p style="color:red">لطفا آدرس فروشگاه را از تنظیمات ووکامرس وارد کنید.</p>'; ?>
 				<input type="hidden" name="pod_source_city_code" value="<?php echo $source_city['code']; ?>">
 			</li>
 			<li>
 				<label for="pod_destination_city">مقصد</label>
-				<input type="text" name="pod_destination_city" id="pod_destination_city" value="<?php echo $destination_address; ?>" disabled />
+				<textarea name="pod_destination_city" id="pod_destination_city" rows="6" maxlength="186"><?php echo $destination_address; ?></textarea>
 				<input type="hidden" name="pod_destination_city_code" value="<?php echo $destination_city['code']; ?>">
 			</li>
+			<li>
+				<label for="pod_user_billing_name">نام </label>
+				<input type="text" name="pod_user_billing_name" id="pod_user_billing_name" maxlength="17" value="<?php echo $user_billing_name; ?>"  />
+			</li>
+			<li>
+				<label for="pod_user_billing_family"> نام خانوادگی</label>
+				<input type="text" name="pod_user_billing_family" id="pod_user_billing_family" maxlength="27" value="<?php echo $user_billing_family; ?>"  />
+			</li>
+			<li>
+				<label for="pod_comment">توضیحات</label>
+				<textarea name="pod_customer_note" id="pod_customer_note" rows="6" maxlength="60"><?php echo $customer_note; ?></textarea>
+			</li>
 			<li>
 				<label for="pod_weight">وزن مرسوله به گرم</label>
 				<input type="number" name="pod_weight" id="pod_weight" value="<?php echo $total_weight; ?>" />
@@ -227,6 +258,21 @@ public function ajax_saving_options_step_1() {
 		// checking for nonce
 		$this->validate_nonce( 'pod-options-nonce' );
 
+		$pod_store_name = sanitize_text_field($_POST['pod_store_name']?? '');
+		$pod_source_city = sanitize_text_field($_POST['pod_source_city']?? '');
+		$pod_destination_city = sanitize_text_field($_POST['pod_destination_city']?? '');
+		$pod_user_billing_name = sanitize_text_field($_POST['pod_user_billing_name']?? '');
+		$pod_user_billing_family = sanitize_text_field($_POST['pod_user_billing_family']?? '');
+		$pod_customer_note = sanitize_text_field($_POST['pod_customer_note']);
+
+		update_option('pod_store_name', $pod_store_name);
+		update_option('pod_source_city', $pod_source_city);
+		update_option('pod_destination_city',$pod_destination_city);
+		update_option('pod_user_billing_name',$pod_user_billing_name);
+		update_option('pod_user_billing_family',$pod_user_billing_family);
+		update_option('pod_customer_note',$pod_customer_note);
+
+
 		if (! isset($_POST['weight']) && ! isset($_POST['totalprice']) && ! isset($_POST['width']) && ! isset($_POST['height']) && ! isset($_POST['depth'])) {
 
 			wp_send_json_error( __('آیتم اشتباه شده است.', POD_TEXTDOMAIN), 400 );
@@ -234,6 +280,8 @@ public function ajax_saving_options_step_1() {
 
 		}
 
+
+
 		$order_id = $_POST['order_id'];
 		$order = \wc_get_order($order_id);
 
@@ -296,21 +344,26 @@ public function ajax_saving_options_step_2() {
 		$destination_city = $order->get_shipping_city();
 		$destination_city = Location::get_city_by_name($destination_city);
 
+		$pod_store_name = get_option('pod_store_name');
+		$pod_user_billing_name = get_option('pod_user_billing_name') . ' ' . get_option('pod_user_billing_family');
+		$pod_customer_note = get_option('pod_customer_note');
+		$pod_source_city = get_option('pod_source_city');
+		$pod_destination_city = get_option('pod_destination_city');
 		$data = [
 			'sender' => [
-				'name' => $this->get_store_name(),
+				'name' => $pod_store_name,
 				'contact' => [
 					'postal_code' => $this->get_store_postal_code(),
-					'address' => $this->get_store_address(),
+					'address' => $pod_source_city,
 					'city' => $source_city['code'],
 					'phone_number' => $this->get_store_phone_number(),
 				],
 			],
 			'receiver' => [
-					'name' => ( (mb_strlen($order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name()) > $this->name_length) ? mb_substr($order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name(), 0, $this->name_length): $order->get_shipping_first_name() . ' ' . $order->get_shipping_last_name()),
+					'name' => $pod_user_billing_name,
 				'contact' => [
 					'postal_code' => $order->get_shipping_postcode(),
-						'address' => ( mb_strlen($order->get_shipping_address_1()) > $this->address_length) ? (mb_substr($order->get_shipping_address_1(), 0 , $this->address_length)): $order->get_shipping_address_1(),
+					'address' => $pod_destination_city,
 					'city' => $destination_city['code'],
 					'phone_number' => $order->get_billing_phone(),
 				],
@@ -329,9 +382,10 @@ public function ajax_saving_options_step_2() {
 				]
 			],
 			'payment_type' => 1,
-				'receiver_comment' => ( mb_strlen($order->get_customer_note())> $this->comment_length ? mb_substr($order->get_customer_note(),0 , $this->comment_length): $order->get_customer_note()),
+			'receiver_comment' => $pod_customer_note,
 			'service_type' => 'regular',
 			'provider_code' => sanitize_text_field( $_POST['provider_code'] ),
+
 		];
 
 		$response = (new Orders)->submit_order($data);
diff --git a/inc/Podro_Order_Table.php b/inc/Podro_Order_Table.php
index b0e470a..d72700d 100644
--- a/inc/Podro_Order_Table.php
+++ b/inc/Podro_Order_Table.php
@@ -108,6 +108,8 @@ private function table_data()
 			$pod_order_id = get_post_meta( $order_id, 'pod_order_id', true );
 			$details = (new Orders)->get_order($pod_order_id);
 
+			if(!$details)
+				continue;
 
 			$pickup_time = new \DateTime( $details['pickup_time'] );
 			$pickup_time_S = (new SDate)->toShaDate( $pickup_time->format('Y-m-d') );

From 4f308906c355d48d4ef0debe830d1088906a21eb Mon Sep 17 00:00:00 2001
From: Zed <ayub.zeitunli@gmail.com>
Date: Sat, 24 Sep 2022 11:42:43 +0330
Subject: [PATCH 3/3] fix: Limitations added to data fileds

Address, Name, Store Name, Comment limitations added to server side
Origin field added to API request to distinguish requests from wp plugin
---
 assets/js/admin.js |  1 -
 inc/MetaBox.php    | 22 ++++++++++++----------
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/assets/js/admin.js b/assets/js/admin.js
index 8e44763..772cce7 100644
--- a/assets/js/admin.js
+++ b/assets/js/admin.js
@@ -409,7 +409,6 @@
 			$('.pod-delivery-step-button').removeClass('pod-delivery-step-1').addClass('pod-delivery-step-2').html('مرحله بعد')
 
 			const delivery_options = response.data.quotes;
-
 			let html = '<fildset class="pod-delivery-step-2-wrapper">';
 			for ( let i = 0; i < delivery_options.length; i++ ) {
 				let price = delivery_options[i].price
diff --git a/inc/MetaBox.php b/inc/MetaBox.php
index e701a8f..e722051 100644
--- a/inc/MetaBox.php
+++ b/inc/MetaBox.php
@@ -8,8 +8,10 @@
 class MetaBox {
 	private $address_length = 185;
 	private $name_length = 17;
+	private $family_length = 27;
+	private $store_name_length = 60;
 	private $comment_length = 60;
-
+	private $origin = 'WORDPRESS_PLUGIN';
 	public function add_meta_boxes () {
 
 		if ( get_post_type() == 'shop_order' && isset( $_GET[ 'post' ] ) ) {
@@ -258,12 +260,12 @@ public function ajax_saving_options_step_1() {
 		// checking for nonce
 		$this->validate_nonce( 'pod-options-nonce' );
 
-		$pod_store_name = sanitize_text_field($_POST['pod_store_name']?? '');
-		$pod_source_city = sanitize_text_field($_POST['pod_source_city']?? '');
-		$pod_destination_city = sanitize_text_field($_POST['pod_destination_city']?? '');
-		$pod_user_billing_name = sanitize_text_field($_POST['pod_user_billing_name']?? '');
-		$pod_user_billing_family = sanitize_text_field($_POST['pod_user_billing_family']?? '');
-		$pod_customer_note = sanitize_text_field($_POST['pod_customer_note']);
+		$pod_store_name = mb_substr(sanitize_text_field($_POST['pod_store_name']?? ''), 0, $this->store_name_length);
+		$pod_source_city = mb_substr(sanitize_text_field($_POST['pod_source_city']?? ''), 0, $this->address_length);
+		$pod_destination_city = mb_substr(sanitize_text_field($_POST['pod_destination_city']?? ''), 0, $this->address_length);
+		$pod_user_billing_name = mb_substr(sanitize_text_field($_POST['pod_user_billing_name']?? ''), 0, $this->name_length);
+		$pod_user_billing_family = mb_substr(sanitize_text_field($_POST['pod_user_billing_family']?? ''), 0, $this->family_length);
+		$pod_customer_note = mb_substr(sanitize_text_field($_POST['pod_customer_note']), 0, $this->comment_length);
 
 		update_option('pod_store_name', $pod_store_name);
 		update_option('pod_source_city', $pod_source_city);
@@ -385,7 +387,7 @@ public function ajax_saving_options_step_2() {
 			'receiver_comment' => $pod_customer_note,
 			'service_type' => 'regular',
 			'provider_code' => sanitize_text_field( $_POST['provider_code'] ),
-
+			'origin' => $this->origin,
 		];
 
 		$response = (new Orders)->submit_order($data);
@@ -442,12 +444,12 @@ public function ajax_saving_options_step_4() {
 
 		$order_id = sanitize_text_field( $_POST['delivery_order_id'] );
 		$post_id = sanitize_text_field( $_POST['pod_order_id'] );
-
+		$pod_customer_note = get_option('pod_customer_note');
 		$params = array(
 			'option_id' => sanitize_text_field( $_POST['option_id'] ),
 			'pickup_date' => sanitize_text_field( $_POST['pickup_date'] ),
 			'payment_approach' => sanitize_text_field( $_POST['payment_approach'] ),
-			'comment' => 'data',
+			'comment' => $pod_customer_note,
 		);
 
 		if ( isset($_POST['delivery_date']) ) {