Support » Plugin: Photo Reviews for WooCommerce » When I Write a review ‘The security check failed!’ Error occurs.

  • Resolved bsc0227

    (@bsc0227)


    Hi. My name is BSC.
    Thank you for creating a cool plugin that lets I attach photos to reviews.
    I think that plugin is very useful. but as long as there is no error…

    I have correctly set up the plugin,
    but when i write review in my site, the ‘The security check failed!’ Error occurs.
    If you don’t mind, can you check this error please?

    Thank you in advance.

    Best Regards,
    BSC

    The page I need help with: [log in to see the link]

Viewing 13 replies - 1 through 13 (of 13 total)
  • In addition, no photos can be attached.
    If when I attach a photo, I get an error ‘photo is required’.

    and In order to use the ‘Coupons for reviews’ feature, I modified the ‘Email Content’ in the wordpress admin page and tested the email sending.

    I received an email after posting a review to a test account.

    I thought it would be the same as the Email Content I modified,
    But, The line break didn’t work and it came out so not clean.

    I’ve tested ‘<br>’ and ‘\n’ but it had no effect….

    To summarize, here are some things to fix in this plugin:

    1. ‘The security check failed!’ error
    – I think there is a problem with the nonce checking of this plugin code.

    2. Photo upload error
    – In the plugin code
        $ im = $ _FILES [‘my_image_upload’];
        print_r ($ im); <- I tested this but only ‘1’ was printed.

    3. Line feed error in ‘Email Content’

    I hope you don’t mind, Please take care debugging for the upgrade of ‘Woocommerce Photo Reviews’.

    Thank you so much.

    Best Regards,
    BSC

    I found the cause of the error in uploading photos.
    The form code to upload review was missing ‘multipart/form-data’.
    I added ‘multipart/form-data’ as use jquery, so Photo upload functionality has been fixed.

    Please modify your code to add ‘multipart/form-data’ for ‘comment-form’.

    Plugin Author kimvt1991

    (@kimvt1991)

    Hi BSC,
    i’m Kim from Villatheme support team.
    I am really sorry for this late reply.
    Thank you so much for your very constructive feedback.
    As I check on your website at https://ohrora.co.kr, my js file is loaded successfully but the code inside the js file is unable to run(you can see in the js file that i’ve added enctype=”multipart/form-data” to #commentform already), which is the cause of the 1st and 2nd bug that you said. I think my plugin can be conflicted with another one or maybe some code in your website prevents my js file from doing its job. Please recheck and tell me if you figure something out.
    To the Email content error, I’m going to replace the Email content textarea field with a text editor field in a recent coming upgrade.
    Thank you so much once again.
    Best regards,
    Kim

    Hi Kim.
    Thank you for your reply!

    Your code is great.
    It’s scalable and easy to modify.
    So I am using a little modification.

    your plugin working properly in my site.
    But I have not yet fully solved the problem.

    There are some things to check, such as pop-ups and email line breaks.
    If I have problems while using it, I will post it on the forum again for this plugin’s development.

    ah, Are you Korean?
    I thought your name was Kim and I thought it was Korean.
    만약 한국사람이라면 한글로 답변해주세요 🙂 감사합니다.

    Thank you so much.

    Best Regards,
    BSC

    Plugin Author kimvt1991

    (@kimvt1991)

    Hi BSC,
    thank you for all your feedback and we always welcome them here.
    By the way, i’m not Korean :), i’m from Vietnam.
    Thank you so much!
    Best regards,
    Kim

    Hello Kim!
    Thank you for your reply!

    I changed the source for this plugin.
    I have modified the function part to send coupon code by email.
    If you do not mind, can you take a look at my code?

    If the customer is logged in and wrote a photo review,
    I set the generated coupons using ‘set_email_restrictions ($ array)’ so that they can be used only by the this email’s account.

    and

    If the customer is not logged in and wrote a review,
    I got the email value I entered when I created it and set it using ‘set_email_restrictions ($ array)’.

    
    include_once( WC_ABSPATH . 'includes/class-wc-coupon.php' );
    

    ////code////
    ///is logged in///

    
    if(!function_exists('nkt_send_coupon_after_reviews')) {
    	function nkt_send_coupon_after_reviews( $comment_id, $commentdata ) {
    		$product_id = get_comment( $comment_id )->comment_post_ID;
    		$pgc        = get_option( '_nkt_products_gen_coupon' );
    		$fl         = 0;
    		if ( count( $pgc ) ) {
    			foreach ( $pgc as $p_id ) {
    				if ( $product_id == $p_id ) {
    					$fl ++;
    					break;
    				}
    			}
    		} else {
    			$fl ++;
    		}
    		if ( $fl == 0 ) {
    			return;
    		}
    		if ( is_user_logged_in() ) {
    			$code          = nkt_generate_coupon( $product_id, $comment_id );
    			$user_id       = get_current_user_id();
    			$user_data     = get_userdata( $user_id );
    			$user_email    = $user_data->user_email;
    			$customer_name = $user_data->first_name;
    			$c             = new WC_Coupon( $code );
     
                            // new added code by bsc
    			if(isset($user_email)) {
    				$email_array = array($user_email);
    				if(is_array($email_array)){
    					$c->set_email_restrictions($email_array); 
    					$c->save();
    				}
    			}
    			//
    
    			$coupon_code   = $c->get_code();
    			$date_expires  = $c->get_date_expires();
    			nkt_send_email( $user_email, $customer_name, $coupon_code, $date_expires );
    			add_comment_meta( $comment_id, 'coupon_email', 'sent' );
    		} else {                             
    			add_comment_meta( $comment_id, 'coupon_for_reviews', 0 );
    		}
    	}
    }
    

    //// is not logged in ////

    
    if(!function_exists('nkt_coupon_for_not_logged_in')) {
    	function nkt_coupon_for_not_logged_in( $comment_id ) {
    		if ( "0" === get_comment_meta( $comment_id, 'coupon_for_reviews', true ) ) {
    			$comment = get_comment( $comment_id );
    			if ( $comment->comment_approved == 1 ) {
    				update_comment_meta( $comment_id, 'coupon_for_reviews', 1 );
    				$code          = nkt_generate_coupon( $comment->comment_post_ID, $comment_id );
    				$user_email    = $comment->comment_author_email;
    				$customer_name = $comment->comment_author;
    				$c             = new WC_Coupon( $code );
    				
                                    /// new added code by bsc
    				if(isset($user_email)) {
    					$email_array = array($user_email);
    					if(is_array($email_array)){
    						$c->set_email_restrictions($email_array); // 해당 이메일전용 쿠폰 지정. 방신철
    						$c->save();
    					}
    				}
    				///
    
    				$coupon_code   = $c->get_code();
    				$date_expires  = $c->get_date_expires();
    				nkt_send_email( $user_email, $customer_name, $coupon_code, $date_expires );
    			}
    		}
    	}
    }
    

    The reason for modifying this code is to prevent others from using the coupon if they did not leave a review when they knew the coupon code.

    And how do I fix a bug that does not applyed line breaks to email content when emails are sent?
    I think, If only this part is fixed, it will be a perfect plug-in!
    I’ll help you catch a bug in your plugin.
    If you don’t mind, please give me advice.

    Thank you in advance.

    Best Regards,
    BSC

    • This reply was modified 2 years, 3 months ago by bsc0227.
    • This reply was modified 2 years, 3 months ago by bsc0227.
    Plugin Author kimvt1991

    (@kimvt1991)

    Dear BSC,
    to preserve linebreak in email content, you can replace function nkt_send_email as below:

    if(!function_exists('nkt_send_email')) {
    	function nkt_send_email( $user_email, $customer_name, $coupon_code, $date_expires ) {
    		$email_temp                  = get_option( '_nkt_email_template' );
    		$headers = array( 'Content-Type: text/html; charset=UTF-8' );
    		$subject=$email_temp['email_subject'];
    		$content = nl2br(stripslashes( $email_temp['email_content'] ));
    		$content = str_replace( '{customer_name}', $customer_name, $content );
    		$content = str_replace( '{coupon_code}', $coupon_code, $content );
    		$content = str_replace( '{date_expires}', empty( $date_expires ) ? 'never expires' : date( 'Y-m-d', strtotime( $date_expires ) ), $content);
    		$mail                       = new WC_Emails();
    		$mail->send( $user_email, $subject, $content,$headers );
    	}
    }
    

    This time I’m quite busy so please pardon me for not having time to view your new code.
    Thank you so much.
    Best regards,
    Kim

    Hi Kim.

    Thank you for your reply and solution!
    Your code works perfectly!
    Now your plugin is working neatly.
    I really appreciate your solution!

    By the way, there is one problem.
    Users can write javascript or jquery in a review.
    This means that sites can receive xss attacks through reviews.
    Do you know how to solve this problem?
    If you do not mind, I’d like you to think about this problem.

    Thank you in advance.

    Best Regards,
    BSC

    Plugin Author kimvt1991

    (@kimvt1991)

    Hi BSC,
    i’m sorry that there’s nothing i can do with the problem that users can write javascript or jquery in a review. I think it’s wordpress’s problem, not the plugin’s.
    Thank you so much.
    Best regards,
    Kim

    silveryangel

    (@silveryangel)

    Hello! I had the same error. when I write a review of the product – everything works well. but when I write a comment to the post in blog – “The security check failed!”.
    I checked. even when I disable all the plugins except yours – it does not work.
    How can I fix this problem?

    Plugin Author kimvt1991

    (@kimvt1991)

    I don’t quite understand your case yet. What’s your site? I will check your problem.

    rfmizo

    (@rfmizo)

    same here
    “The security check failed” when leaving a comment on a post

    Plugin Author kimvt1991

    (@kimvt1991)

    Please give me access info so i can check your problem.

Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘When I Write a review ‘The security check failed!’ Error occurs.’ is closed to new replies.