描述
comitifact connects WooCommerce to COMITI’s CFDI 4.0 (Mexico) stamping services.
Key features
– Generate CFDI 4.0 (XML) and its printable representation (PDF).
– CFDI cancellation.
– File uploads attached to orders with size limits and a whitelist of extensions (CSD, XML, ZIP, PEM, etc.).
– Configurable HTTPS endpoints for production and sandbox environments.
– Multisite-aware (cleans up on uninstall per site).
– Internationalization ready (Text Domain: comitifact) and loads translations from /languages.
Security
– Nonces on AJAX actions.
– Capability checks (by default requires manage_woocommerce for admin actions).
– Input sanitization and output escaping.
– Uploads stored in a dedicated folder /wp-content/uploads/comitifact/ with MIME checks and size limits.
– No credentials or endpoints exposed on the front end.
Privacy
This plugin integrates with an external e-invoicing (timbrado) provider. Depending on your configuration, fiscal data from orders (RFC, legal name, CFDI use, tax address, etc.) may be sent to your provider over HTTPS. Review and accept the provider’s terms before use. If you process personal data, ensure you have a lawful basis and appropriate privacy notices.
Requirements
– WordPress ≥ 5.8
– PHP ≥ 7.4
– WooCommerce (a version compatible with your site)
Localization
This plugin is translation-ready. Text domain: comitifact, path: /languages. You can contribute translations via WordPress.org GlotPress once published.
Notes for Reviewers (WordPress.org)
- All AJAX actions that write files or data are protected by nonces and capability checks.
- External services are configurable and default to HTTPS endpoints.
- No external tracking; no personal data is transmitted unless configured by the site owner for invoicing purposes.
- Uninstall routine removes options, transients, prefixed tables, cron hooks, and
/uploads/comitifact/.
安装
- Upload the plugin or install it from the WordPress admin and activate it.
- Go to WooCommerce Settings Integrations / COMITI Invoice (or the plugin menu, if present) and configure:
- Credentials/keys required for stamping.
- Fiscal parameters: issuer regime, CFDI use, etc.
- Optional: adjust maximum file size and allowed extensions for uploads.
常见问题
-
Does the plugin require an external service?
-
Yes. You need an account at https://comiti.mx. The plugin itself does not perform stamping.
-
What data is sent to the external service?
-
Depending on your flow: issuer/receiver fiscal data, line items, taxes, totals, and related CFDI info. Consult your provider’s documentation and applicable law.
-
Where are uploaded files stored?
-
In /wp-content/uploads/comitifact/. Filenames are randomized and can be associated with the order ID. A reference is saved in the order (metadata).
-
Can it be used on the front end by unauthenticated users?
-
For security, uploads and administrative actions are limited to users with proper capabilities in wp-admin. Enabling sensitive actions for visitors is not recommended.
-
What capabilities are required?
-
By default
manage_woocommerce. You can adapt capabilities in your installation for more granular roles. -
Does the plugin clean up on uninstall?
-
Yes.
uninstall.phpremoves options, transients, plugin-prefixed tables, related cron events, and the/uploads/comitifact/folder on each site in a multisite (if applicable).
评价
此插件暂无评价。
贡献者及开发者
更新日志
1.0.118
- Initial public release candidate.
- Security: nonce + capability checks for AJAX upload.
- Uploads to dedicated
/uploads/comitifact/with MIME whitelist & size limit. - i18n ready (
Text Domain: comitifact). - Clean uninstall (
uninstall.php).