🇮🇹Italy @antonio.bertolini

My bad.... incomplete library install...
Sorry!!!!!!
The patch works correctly!

Antonio

Hi all,
at line 47 of klaro.drupal.js

      // Store reference to manager once.
      if (!Drupal.behaviors.klaro.manager) {
        Drupal.behaviors.klaro.manager = klaro.getManager(Drupal.behaviors.klaro.config); //<--- HERE
      }

I've Uncaught ReferenceError: klaro is not defined.

Any ideas?

Hi all,
Works for me, thanks!!

Antonio

antonio.bertolini → created an issue.

antonio.bertolini → created an issue.

Hi all,
I modified the functions that generate/validate the token by adding a timestamp:

  /**
   * {@inheritdoc}
   */
  public function generate(ProductVariationInterface $variation): string {
    if (!$this->needsCsrfProtection($this->currentUser)) {
      return '';
    }
    $value = $this->generateTokenValue($variation);
    return substr(Crypt::hmacBase64($value, $this->privateKey->get() . $this->getHashSalt()), 0, 16) . date('U');
  }

  /**
   * {@inheritdoc}
   */
  public function validate(ProductVariationInterface $variation, string $token): bool {
    if (!$this->needsCsrfProtection($this->currentUser)) {
      return TRUE;
    }
    $value = $this->generate($variation); //token+time
    $value1 = substr($value, 0, 16); //token
    $time1 = substr($value, -10); //time

    $token2 = substr($token, 0, 16);
    $time2 = substr($token, -10);
    
    return (hash_equals($value1, $token2) && ($time1 <($time2 + 300))); //user has 5 minutes to click the link oterwise is an expired link
    
  }

in this way a user has to click 5 minutes after the page is created. This could be parameterized, in my case 5 minutes is enough...
If the maintainers could refine my code it would be greatly appreciated!

Thanks!!!

For whom hasn't composer and use ludwig...
ludwig.json:

{
    "require": {
        "html2text/html2text": {
            "version": "v4.3.1",
            "url": "https://github.com/mtibben/html2text/archive/4.3.1.zip"
        },    
        "getbrevo/brevo-php": {
            "version": "v2.0.4",
            "url": "https://github.com/getbrevo/brevo-php/archive/refs/tags/v2.0.4.zip"
        },
         "nyholm/psr7": {
            "version": "1.8.2",
            "url": "https://github.com/Nyholm/psr7/archive/refs/tags/1.8.2.zip"
        }
    }
}

and add this row to brevo.module

// Ludwig module integration.
if (\Drupal::hasService('ludwig.require_once')) {
  $ludwig_require_once = \Drupal::service('ludwig.require_once');
  $ludwig_require_once->requireOnce('html2text/html2text', 'src/Html2Text.php', dirname(__FILE__));  
}

Similar for me...
spider and bot crawl my product pages with add to cart link and now I've an average of 100-120 new carts by day... there's a way to add a timestamp verification inside token similar the one used by password reset?

In my scenario commerce is used by anonymous user for create request so it's important to avoid spider crowing...

thanks!

Similar for me:
try update from 2.0.0 to 3.0.1:
update.php => "The website encountered an unexpected error. Try again later.", Error: Class "Drupal\rat\v1\RenderArray" not found in inline_entity_form
try to edit product => form appear but can't add variations, Error: Class "CommerceGuys\Intl\Currency\CurrencyRepository" not found
try to add new product => "The website encountered an unexpected error. Try again later." Error: Class "CommerceGuys\Intl\Currency\CurrencyRepository" not found

try update from 2.0.0. to 3.0.0:
update.php => OK
try to edit product => OK
try to add new product => OK

antonio.bertolini → created an issue.

Here I'm, again.
This issue is due a conflict with Legal module. Tested in

Drupal 10.3.2
PHP 8.3.11
User_revision 2.0.0-alpha1
Legal ( https://www.drupal.org/project/legal → ) release 3.0.3 before and then 4.0.0-alpha1

in all test got error, uninstalling Legal error disappear.

antonio.bertolini → created an issue.

I confirm that this issue still exists in 2.0.3...

Hi all,
play attention that this fix was not applied in 8.x-10.2!

Hi all,
also $this->group->label must be translateable. That's done via language translation so I think that FieldGroupTable.php row 295:
- '#caption' => $this->getSetting('label_visibility') == self::DISPLAY_CAPTION ? $this->group->label : NULL,
+ '#caption' => $this->getSetting('label_visibility') == self::DISPLAY_CAPTION ? $this->t($this->group->label) : NULL,

and row 589:
- '#title' => $this->group->label,
+ '#title' => t($this->group->label),

has to be changed
Antonio

Why added to 8.x-1.x instead of 8.x-10.1? (I don't exactly know how commit system works...)
But changes are corrects.

Sorry, sorry, sorry...

this is a duplicate of https://www.drupal.org/project/bat/issues/3416113 🐛 Primary keys needed for bat_event Needs review but not ported to 8.x-10.1.

antonio.bertolini → created an issue.

antonio.bertolini → created an issue.

Hi,
https://www.drupal.org/project/drupal/issues/3384852#comment-15523776 🐛 Ajax Pager broken after upgrade 10.0.9 to 10.1.2 Needs work
works for me. Tested also with this module as pager
https://www.drupal.org/project/views_infinite_scroll →

tks ysamoylenko!

This problem is present in Webform 6.2.2 and patch in #11 works at line 366.

It' only 1 row.... why not apply it definitively?... I use entity print submission in 10+ sites it's a waste of time everytimes!

thanks!
A.

Hi,
to mitigate this gin theme issue I add this css class:

.paragraphs-tabs-wrapper .field-multiple-table > tbody > .draggable > td + td {
  vertical-align: top;
  width: auto;
}
.paragraphs-tabs-wrapper .field-multiple-table > tbody > .draggable > td + td, .js .field--widget-paragraphs .field-multiple-table, .field-multiple-table thead, .field-multiple-table tbody {display: block;}

.paragraphs-tabs-wrapper .field-multiple-table tr.draggable {display: flex;align-items: center;flex-wrap: nowrap;xjustify-content: flex-start;}

into my gin-custom.css file (see gin theme documentation about usage)

hope this helps,

antonio.bertolini → created an issue.

drupal 9.5.7,
same problem after updating form 8.x-1.0-beta6