From 226b50642af0895948fbaa623a9b7180399a63b6 Mon Sep 17 00:00:00 2001
From: Jake Vanderwerf <get@jakevanderwerf.ca>
Date: Wed, 13 May 2026 19:15:48 +0000
Subject: [PATCH] =Queue fixes

---
 inc/rest/routes/FormRoutes.php |  127 +++++++++++++++++++++---------------------
 1 files changed, 63 insertions(+), 64 deletions(-)

diff --git a/inc/rest/routes/FormRoutes.php b/inc/rest/routes/FormRoutes.php
index c5c0d36..1cf8b23 100644
--- a/inc/rest/routes/FormRoutes.php
+++ b/inc/rest/routes/FormRoutes.php
@@ -1,12 +1,14 @@
 <?php
 namespace JVBase\rest\routes;
 
-use JVBase\rest\RestRouteManager;
-use JVBase\managers\CacheManager;
-use JVBase\meta\MetaManager;
-use JVBase\managers\CloudflareTurnstile;
+use JVBase\meta\Sanitizer;
+use JVBase\meta\Validator;
+use JVBase\rest\PermissionHandler;
+use JVBase\rest\Rest;
+use JVBase\managers\Cache;
 use JVBase\blocks\FormBlock;
-use JVBase\utility\Features;
+use JVBase\rest\Route;
+use JVBase\base\Site;
 use WP_REST_Request;
 use WP_REST_Response;
 use WP_Error;
@@ -21,18 +23,15 @@
  *
  * Handles REST API endpoints for form submissions
  */
-class FormRoutes extends RestRouteManager
+class FormRoutes extends Rest
 {
-	protected CacheManager $cache;
 	protected FormBlock $form_block;
-	protected CloudflareTurnstile|null $turnstile;
 
 	public function __construct()
 	{
+		$this->cacheName = 'forms';
+		$this->cacheTtl = HOUR_IN_SECONDS;
 		parent::__construct();
-		$this->action = 'form-';
-		$this->cache = CacheManager::for('forms', HOUR_IN_SECONDS);
-
 
 		// Add query vars
 		add_filter('query_vars', [$this, 'addQueryVars']);
@@ -45,35 +44,29 @@
 	 */
 	public function registerRoutes(): void
 	{
-		// Form submission endpoint
-		register_rest_route($this->namespace, '/forms', [
-			[
-				'methods' => 'POST',
-				'callback' => [$this, 'submitForm'],
-				'permission_callback' => [$this, 'checkRateLimit'], // Public endpoint, rate limited
-			],
-			[
-				'methods' => 'GET',
-				'callback' => [$this, 'getForms'],
-				'permission_callback' => [$this, 'checkPermission']
-			]
-		]);
+		// ['actionNonce'=>'dash-']
+		Route::for('forms')
+			->post([$this, 'submitForm'])
+			->args([
+				'form_type' => 'string|required',
+				'form_id' => 'string|required',
+				'timestamp' => 'string',
+				'cf-turnstile-response' => 'string',
+			])
+			->auth('public')
+			->rateLimit(5) // 5 submissions per minute
+			->get([$this, 'getForms'])
+			->auth(PermissionHandler::combine(['logged_in', ['actionNonce'=>'dash-']]))
+			->rateLimit(30)
+			->register();
 
 		// Get specific form configuration
-		register_rest_route($this->namespace, '/forms/(?P<form_type>[a-zA-Z0-9_-]+)', [
-			[
-				'methods' => 'GET',
-				'callback' => [$this, 'getForm'],
-				'permission_callback' => [$this, 'checkPermission'],
-				'args' => [
-					'form_type' => [
-						'required' => true,
-						'type' => 'string',
-						'sanitize_callback' => 'sanitize_text_field'
-					]
-				]
-			]
-		]);
+		Route::for(Route::pattern('forms/{form_type}'))
+			->get([$this, 'getForm'])
+			->arg('form_type', 'string|required')
+			->auth('logged_in')
+			->rateLimit(30)
+			->register();
 	}
 
 	/**
@@ -100,31 +93,35 @@
 			$result = $this->handleFormSubmission($form_type, $form_id, $form_data, $files);
 
 			if (is_wp_error($result)) {
-				return new WP_REST_Response([
-					'success'	=> false,
-					'message'	=> $result->get_error_message()
-				]);
+				return $this->error(
+					$result->get_error_message(),
+					$result->get_error_code(),
+					400
+				);
 			}
 			if (array_key_exists('success', $result)){
-				return new WP_REST_Response($result);
+				return $this->validationError($result);
 			}
 
-			return new WP_REST_Response([
-				'success' => true,
-				'data'	=> $result
-			], 200);
+			return $this->success($result);
 
 		} catch (Exception $e) {
-			return new WP_REST_Response([
-				'success' => false,
-				'message' => 'An error occurred while processing your submission.'
-			], 500);
+			$this->logError('Form submission error', [
+				'message' => $e->getMessage(),
+				'trace' => $e->getTraceAsString()
+			]);
+
+			return $this->error(
+				'An error occurred while processing your submission.',
+				'submission_error',
+				500
+			);
 		}
 	}
 
 	protected function verifyTurnstile(string $token): bool
 	{
-		if (!Features::hasIntegration('cloudflare') || !JVB()->connect('cloudflare')->isSetUp()) {
+		if (!Site::hasIntegration('cloudflare') || !JVB()->connect('cloudflare')->isSetUp()) {
 			return true;
 		}
 
@@ -168,7 +165,6 @@
 		} catch (\Exception $e) {
 			return new WP_Error('validation_failed', 'Data validation error: ' . $e->getMessage());
 		}
-
 		if (array_key_exists('success', $processed_data) && $processed_data['success'] === false) {
 			return $processed_data;
 		}
@@ -201,7 +197,9 @@
 	 */
 	protected function validateAndSanitizeData(array $form_config, array $form_data): array|WP_REST_Response
 	{
-		$meta = new MetaManager(null, 'form');
+		$validator = new Validator();
+		$sanitizer = new Sanitizer();
+
 		$processed_data = [];
 		$errors = [];
 
@@ -242,7 +240,7 @@
 			$field_config['name'] = $field_name;
 
 			// Validate field
-			if (!$meta->validator->validate($value, $field_config)) {
+			if (!$validator->validate($value, $field_config)) {
 				$label = $field_config['label'] ?? ucfirst(str_replace('_', ' ', $field_name));
 				$errors['errors'][$field_name] = [
 					'message' => sprintf('Field "%s" contains invalid data.', $label)
@@ -251,7 +249,7 @@
 			}
 
 			// Sanitize field
-			$processed_data[$field_name] = $meta->sanitizer->sanitize($value, $field_config);
+			$processed_data[$field_name] = $sanitizer->sanitize($value, $field_config);
 		}
 
 		if (!empty($errors)) {
@@ -281,16 +279,19 @@
 			$submitter_name = $form_data['name'];
 		}
 
-		if (!array_key_exists('preheader', $form_config)) {
+		if (array_key_exists('preheader', $form_config)) {
 			$preheader = $form_config['preheader'];
 		} else {
+			$submitter_name = $submitter_name?:'website visitor';
 			$preheader = sprintf(
 				'New %s submission from %s',
 				$form_config['title'],
-				$submitter_name ?: ($submitter_name ?: 'website visitor')
+				$submitter_name
 			);
 		}
 
+		$subject .= ' ' . $submitter_name;
+
 
 		// Email headers
 		$headers = [];
@@ -712,7 +713,7 @@
 			];
 		}
 
-		return new WP_REST_Response($public_forms, 200);
+		return $this->success($public_forms);
 	}
 
 	/**
@@ -720,18 +721,16 @@
 	 */
 	public function getForm(WP_REST_Request $request): WP_REST_Response
 	{
-		$form_type = $request->get_param('form_type');
+		$form_type = sanitize_text_field($request->get_param('form_type'));
 		$form_config = FormBlock::getForm($form_type);
 
 		if (!$form_config) {
-			return new WP_REST_Response([
-				'error' => 'Form not found'
-			], 404);
+			return $this->notFound('Form not found');
 		}
 
 		// Remove sensitive data
 		unset($form_config['email_to']);
 
-		return new WP_REST_Response($form_config, 200);
+		return $this->success($form_config);
 	}
 }

--
Gitblit v1.10.0