ben/upskill-event-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
320 commits 2 branches 0 tags 132 MiB
Commit graph

4 commits

Author SHA1 Message Date
ben
f464224cd8 Fix find trainer map: remove safari blocker, largely increase safety timeouts, update status 2025-12-20 11:26:59 -04:00
ben
5a55b78d03 fix: Use HVAC_Secure_Storage consistently for Zoho credentials 
- Fix Client ID regex to allow lowercase letters
- Update HVAC_Zoho_CRM_Auth to use encrypted storage for all operations
- Update class-zoho-admin.php to use HVAC_Secure_Storage for credential retrieval
- Update OAuth callback to use secure storage for token storage
- Update Status.md with blocking production issue (400 Bad Request)

Note: Issue persists on production - needs further investigation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2025-12-16 15:28:16 -04:00
ben
b19f1c8e79 security: Address code review findings for Zoho CRM integration 
1. OAuth CSRF Protection:
   - Added state parameter to OAuth authorization URL
   - Generate and store state in transient (10 min expiry)
   - Validate state on callback with timing-safe comparison

2. Debug Log Sanitization:
   - Added sanitize_log_message() to mask credentials in logs
   - Patterns mask client_id, client_secret, access_token, refresh_token
   - Error handlers only expose file paths in WP_DEBUG mode

3. Move Inline JS to External File:
   - Moved ~100 lines of inline JS to assets/js/zoho-admin.js
   - Added redirectUri and oauthUrl to wp_localize_script
   - Better CSP compliance and caching

4. Updated .gitignore to track includes/admin/ and includes/zoho/

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2025-12-16 14:59:11 -04:00
bengizmo
37f4180e1c feat: Add massive missing plugin infrastructure to repository 
🚨 CRITICAL: Fixed deployment blockers by adding missing core directories:

**Community System (CRITICAL)**
- includes/community/ - Login_Handler and all community classes
- templates/community/ - Community login forms

**Certificate System (CRITICAL)**
- includes/certificates/ - 8+ certificate classes and handlers
- templates/certificates/ - Certificate reports and generation templates

**Core Individual Classes (CRITICAL)**
- includes/class-hvac-event-summary.php
- includes/class-hvac-trainer-profile-manager.php
- includes/class-hvac-master-dashboard-data.php
- Plus 40+ other individual HVAC classes

**Major Feature Systems (HIGH)**
- includes/database/ - Training leads database tables
- includes/find-trainer/ - Find trainer directory and MapGeo integration
- includes/google-sheets/ - Google Sheets integration system
- includes/zoho/ - Complete Zoho CRM integration
- includes/communication/ - Communication templates system

**Template Infrastructure**
- templates/attendee/, templates/email-attendees/
- templates/event-summary/, templates/status/
- templates/template-parts/ - Shared template components

**Impact:**
- 70+ files added covering 10+ missing directories
- Resolves ALL deployment blockers and feature breakdowns
- Plugin activation should now work correctly
- Multi-machine deployment fully supported

🔧 Generated with Claude Code

Co-Authored-By: Ben Reed <ben@tealmaker.com>
 2025-08-11 13:30:11 -03:00