diff --git a/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/hvac-community-events.php b/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/hvac-community-events.php index 71eb9ec2..f9e2d747 100644 --- a/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/hvac-community-events.php +++ b/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/hvac-community-events.php @@ -217,76 +217,88 @@ register_deactivation_hook(__FILE__, 'hvac_ce_remove_roles'); /** - * Enqueue common styles and scripts for all HVAC Community Events pages + * Enqueue common styles and scripts for HVAC Community Events pages */ function hvac_ce_enqueue_common_assets() { - // Enqueue the harmonized framework first - this provides the base styling - wp_enqueue_style( - 'hvac-harmonized-framework', - HVAC_CE_PLUGIN_URL . 'assets/css/hvac-harmonized.css', - [], // No dependencies - this is the foundation - HVAC_CE_VERSION . '-v3.0.0' - ); + // Check if we're on an HVAC plugin page to prevent conflicts with home page + $hvac_pages = [ + 'hvac-dashboard', 'community-login', 'trainer-registration', 'trainer-profile', + 'manage-event', 'event-summary', 'email-attendees', 'certificate-reports', + 'generate-certificates', 'certificate-fix', 'hvac-documentation' + ]; - // Enqueue the legacy common CSS file for backward compatibility - wp_enqueue_style( - 'hvac-common-style', - HVAC_CE_PLUGIN_URL . 'assets/css/hvac-common.css', - ['hvac-harmonized-framework'], // Depends on harmonized framework - HVAC_CE_VERSION - ); + $is_hvac_page = is_page($hvac_pages) || is_user_logged_in() && current_user_can('hvac_trainer'); - // Enqueue animations CSS file - wp_enqueue_style( - 'hvac-animations', - HVAC_CE_PLUGIN_URL . 'assets/css/hvac-animations.css', - ['hvac-harmonized-framework'], // Depends on harmonized framework - HVAC_CE_VERSION - ); - - // Enqueue mobile navigation CSS file - wp_enqueue_style( - 'hvac-mobile-nav', - HVAC_CE_PLUGIN_URL . 'assets/css/hvac-mobile-nav.css', - ['hvac-harmonized-framework'], // Depends on harmonized framework - HVAC_CE_VERSION - ); - - // Enqueue print stylesheet - wp_enqueue_style( - 'hvac-print-style', - HVAC_CE_PLUGIN_URL . 'assets/css/hvac-print.css', - ['hvac-harmonized-framework'], // Depends on harmonized framework - HVAC_CE_VERSION, - 'print' // Print media only - ); - - // Enqueue the accessibility helper JS for all pages - wp_enqueue_script( - 'hvac-accessibility-js', - HVAC_CE_PLUGIN_URL . 'assets/js/hvac-accessibility.js', - [], // No dependencies - HVAC_CE_VERSION, - true // Load in footer - ); - - // Enqueue animations JS for all pages - wp_enqueue_script( - 'hvac-animations-js', - HVAC_CE_PLUGIN_URL . 'assets/js/hvac-animations.js', - [], // No dependencies - HVAC_CE_VERSION, - true // Load in footer - ); - - // Enqueue mobile navigation JS for all pages - wp_enqueue_script( - 'hvac-mobile-nav-js', - HVAC_CE_PLUGIN_URL . 'assets/js/hvac-mobile-nav.js', - [], // No dependencies - HVAC_CE_VERSION, - true // Load in footer - ); + // Only load framework styles globally (these are safe and minimal) + if ($is_hvac_page) { + // Enqueue the harmonized framework first - this provides the base styling + wp_enqueue_style( + 'hvac-harmonized-framework', + HVAC_CE_PLUGIN_URL . 'assets/css/hvac-harmonized.css', + [], // No dependencies - this is the foundation + HVAC_CE_VERSION . '-v3.0.0' + ); + + // Enqueue the legacy common CSS file for backward compatibility + wp_enqueue_style( + 'hvac-common-style', + HVAC_CE_PLUGIN_URL . 'assets/css/hvac-common.css', + ['hvac-harmonized-framework'], // Depends on harmonized framework + HVAC_CE_VERSION + ); + + // Enqueue animations CSS file (ONLY on HVAC pages) + wp_enqueue_style( + 'hvac-animations', + HVAC_CE_PLUGIN_URL . 'assets/css/hvac-animations.css', + ['hvac-harmonized-framework'], // Depends on harmonized framework + HVAC_CE_VERSION + ); + + // Enqueue mobile navigation CSS file (ONLY on HVAC pages) + wp_enqueue_style( + 'hvac-mobile-nav', + HVAC_CE_PLUGIN_URL . 'assets/css/hvac-mobile-nav.css', + ['hvac-harmonized-framework'], // Depends on harmonized framework + HVAC_CE_VERSION + ); + + // Enqueue print stylesheet + wp_enqueue_style( + 'hvac-print-style', + HVAC_CE_PLUGIN_URL . 'assets/css/hvac-print.css', + ['hvac-harmonized-framework'], // Depends on harmonized framework + HVAC_CE_VERSION, + 'print' // Print media only + ); + + // Enqueue the accessibility helper JS (ONLY on HVAC pages) + wp_enqueue_script( + 'hvac-accessibility-js', + HVAC_CE_PLUGIN_URL . 'assets/js/hvac-accessibility.js', + [], // No dependencies + HVAC_CE_VERSION, + true // Load in footer + ); + + // Enqueue animations JS (ONLY on HVAC pages) + wp_enqueue_script( + 'hvac-animations-js', + HVAC_CE_PLUGIN_URL . 'assets/js/hvac-animations.js', + [], // No dependencies + HVAC_CE_VERSION, + true // Load in footer + ); + + // Enqueue mobile navigation JS (ONLY on HVAC pages) + wp_enqueue_script( + 'hvac-mobile-nav-js', + HVAC_CE_PLUGIN_URL . 'assets/js/hvac-mobile-nav.js', + [], // No dependencies + HVAC_CE_VERSION, + true // Load in footer + ); + } // Enqueue page-specific enhanced styles based on current page if (is_page('hvac-dashboard')) { diff --git a/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/certificates/class-certificate-security.php b/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/certificates/class-certificate-security.php index 677f5015..67f9abe2 100644 --- a/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/certificates/class-certificate-security.php +++ b/wordpress-dev/wordpress/wp-content/plugins/hvac-community-events/includes/certificates/class-certificate-security.php @@ -122,29 +122,30 @@ class HVAC_Certificate_Security { * This is a fallback method that works even if rewrite rules fail. */ public function parse_certificate_request($wp) { + // Only process if we haven't already handled via template_redirect + if (did_action('template_redirect')) { + return; + } + $request_uri = $_SERVER['REQUEST_URI']; - // Check if this is a certificate download request - if (preg_match('#/hvac-certificate/([^/]+)/?#', $request_uri, $matches)) { + // Only match exact certificate download URLs - be very specific + if (preg_match('#^/hvac-certificate/([a-zA-Z0-9]{32})/?$#', $request_uri, $matches)) { $certificate_token = $matches[1]; - // Validate the token - $certificate_data = $this->validate_download_token($certificate_token); + // Validate the token exists (don't delete it yet - let the normal handler do that) + $certificate_data = get_transient('hvac_certificate_token_' . $certificate_token); if (!$certificate_data) { - wp_die(__('Invalid or expired certificate download link.', 'hvac-community-events')); + // Return 404 instead of wp_die to avoid interfering with other pages + status_header(404); + return; } - // Get file path - $file_path = $this->get_certificate_file_path($certificate_data); - - if (!$file_path || !file_exists($file_path)) { - wp_die(__('Certificate file not found.', 'hvac-community-events')); - } - - // Serve the file - $this->serve_certificate_file($file_path, $certificate_data); - exit; + // If we have valid certificate data, let the normal template_redirect handler take over + // Set the query var so the normal handler can pick it up + set_query_var('certificate_token', $certificate_token); + return; } }