Experimental disable wc checkout endpoint

README.md

@@ -40,6 +40,11 @@
 
 ### Fluent Forms
 
+## Advance Features
+
+* Able to trigger adCAPTCHA on the "Place order" button.
+* Able to disable the WooCommerce checkout endpoint. This will help prevent unauthorised request, for example stopping credit card fraud.
+
 ## Privacy Notices
 
 adCAPTCHA adheres to GDPR regulations.

adcaptcha.php

@@ -2,7 +2,7 @@
 /**
  * Plugin Name: adCAPTCHA for WordPress
  * Description: Secure your site. Elevate your brand. Boost Ad Revenue.
- * Version: 1.5.5
+ * Version: 1.6.0
  * Requires at least: 6.4.2
  * Requires PHP: 7.4
  * Author: adCAPTCHA
@@ -21,18 +21,22 @@
 
 use AdCaptcha\Instantiate;
 
-const PLUGIN_VERSION_ADCAPTCHA = '1.5.5';
+const PLUGIN_VERSION_ADCAPTCHA = '1.6.0';
 define('ADCAPTCHA_ERROR_MESSAGE', __( 'Please complete the I am human box.', 'adcaptcha' ));
 
-// Deletes data saved in the wp db on plugin uninstall
-register_uninstall_hook( __FILE__, 'adcaptcha_uninstall' );
-
-function adcaptcha_uninstall() {
-    delete_option( 'adcaptcha_api_key' );
-    delete_option( 'adcaptcha_placement_id' );
-    delete_option( 'adcaptcha_render_captcha' );
-    delete_option( 'adcaptcha_selected_plugins' );
+if ( ! function_exists( 'adcaptcha_uninstall' ) ) {
+    // Deletes data saved in the wp db on plugin uninstall
+    function adcaptcha_uninstall() {
+        delete_option( 'adcaptcha_api_key' );
+        delete_option( 'adcaptcha_placement_id' );
+        delete_option( 'adcaptcha_render_captcha' );
+        delete_option( 'adcaptcha_selected_plugins' );
+        delete_option( 'experimental_disable_wc_checkout_endpoint' );
+        delete_option( 'adcaptcha_wc_checkout_optional_trigger' );
+    }
 }
 
+register_uninstall_hook( __FILE__, 'adcaptcha_uninstall' );
+
 $instantiate = new Instantiate();
 $instantiate->setup();

readme.txt

@@ -4,7 +4,7 @@ Contributors: adCAPTCHA
 Tags: spam, anti-spam, block bots, security, adCAPTCHA
 Requires at least: 6.0
 Tested up to: 6.5.2
-Stable tag: 1.5.5
+Stable tag: 1.6.0
 Requires PHP: 7.4
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
@@ -46,6 +46,13 @@ adCAPTCHA offers a unique proposition in the digital space by combining Security
 
 **Fluent Forms**
 
+== Advance Features ==
+
+**Woocommerce**
+
+* Able to trigger adCAPTCHA on the "Place order" button.
+* Able to disable the WooCommerce checkout endpoint. This will help prevent unauthorised request, for example stopping credit card fraud.
+
 == Installation ==
 
 **Installation**
@@ -147,3 +154,6 @@ During verification, the adCAPTCHA service may briefly receive the user's IP add
 = 1.5.5 =
 - Minor update to ContactForm7: Added the ability to manually place adCAPTCHA. 
 - If not configured manually, it will default to appearing above the submit button.
+
+= 1.6.0 =
+- Added feature to disable the WooCommerce checkout endpoint.

src/Plugin/Woocommerce/Checkout.php

@@ -26,8 +26,20 @@ public function setup() {
         add_action( 'woocommerce_review_order_before_submit', [ AdCaptcha::class, 'captcha_trigger' ] );
         add_action('woocommerce_payment_complete', [ $this, 'reset_hasVerified' ]);
         add_action( 'woocommerce_checkout_process', [ $this, 'verify' ] );
+        if (get_option('experimental_disable_wc_checkout_endpoint')) {
+            add_action('rest_api_init', [ $this, 'disable_wc_endpoint_v1' ]);
+        }
     }
 
+    public function disable_wc_endpoint_v1() {
+        $current_url = $_SERVER['REQUEST_URI'];
+        if (strpos($current_url, '/wp-json/wc/store/v1/checkout') !== false || strpos($current_url, '/wp-json/wc/store/checkout') !== false) {
+            wp_redirect(home_url('/404.php'));
+            exit;
+        }
+    }
+
+
     public function verify() {
         $session = WC()->session;
         $hasVerified = $session->get('hasVerified');

src/Settings/Advanced.php

@@ -14,6 +14,9 @@ public function render_advance_settings() {
 
             $wc_checkout = isset($_POST['adcaptcha_advance']['wc-checkout']) ? sanitize_text_field(wp_unslash($_POST['adcaptcha_advance']['wc-checkout'])) : '';
             update_option('adcaptcha_wc_checkout_optional_trigger', $wc_checkout);
+
+            $experimental_disable_wc_checkout_endpoint = isset($_POST['adcaptcha_advance']['experimental_disable_wc_checkout_endpoint']) ? sanitize_text_field(wp_unslash($_POST['adcaptcha_advance']['experimental_disable_wc_checkout_endpoint'])) : '';
+            update_option('experimental_disable_wc_checkout_endpoint', $experimental_disable_wc_checkout_endpoint);
         }
 
         ?>
@@ -25,13 +28,19 @@ public function render_advance_settings() {
                             <div class="advance-item-container">
                                     <?php
                                         $checked = get_option('adcaptcha_wc_checkout_optional_trigger') ? 'checked' : '';
+                                        $checked_experimental = get_option('experimental_disable_wc_checkout_endpoint') ? 'checked' : '';
                                     ?>
                                     <h2 style="font-size:x-large;">Woocommerce</h2>
                                     <div class="checkbox-container">
                                         <h4 style="padding-right: 20px; font-size:medium;">Checkout:</h4>
                                         <input type="checkbox" id="wc-checkout" name="adcaptcha_advance[wc-checkout]" value="wc-checkout" <?php echo $checked; ?>>
                                         <label class="checkbox-label" for="wc-checkout">Enable to trigger adCAPTCHA on the "Place order" button.</label><br>
                                     </div>
+                                    <div class="checkbox-container">
+                                        <h4 style="padding-right: 20px; font-size:medium;">Disable Checkout Endpoint:</h4>
+                                        <input type="checkbox" id="wc-checkout" name="adcaptcha_advance[experimental_disable_wc_checkout_endpoint]" value="experimental_disable_wc_checkout_endpoint" <?php echo $checked_experimental; ?>>
+                                        <label class="checkbox-label" for="wc-checkout">Enable to disable the WooCommerce checkout endpoint. This will help prevent unauthorised request, for example stopping credit card fraud.</label><br>
+                                    </div>
                             </div>
                         </div>
                         <?php wp_nonce_field('adcaptcha_form_action'); ?>

src/Settings/Settings.php

@@ -81,6 +81,6 @@ public function change_admin_footer_text() {
     }
 
     public function change_admin_footer_version() {
-        return 'Version 1.5.5';
+        return 'Version 1.6.0';
     }
 }