OK progress, I simply forgot to make a $form = new Form ($array).
Now, I get the error
The CSRF token was invalid
which seems to be a topic already on the forum. Before moving the Uniform function that sends the email, I was able to double check for the token to be valid by doing && get('payment_method') === 'check'
1. Add this to the Uniform form:
<input type="hidden" name="payment_method" value="check">
2. Update the controller
if (r::is('POST') && get('payment_method') === 'check') {
$form->emailAction(...
see Cartkit & Uniform payment system - #7 by mzur
The reason the token becomes invalid (I think), is because I’m doing a page redirect to an external website, then redirecting back to a landing page and only then I trigger a bunch of functions, including the one to send an email through Uniform.
But I also read that as of kirby 2.5.5 tokens are valid for an entire session (How to reset form and send again? - #6 by mzur)
How to go with this?
Could this be related? Excluding URIs From CSRF Protection
Sometimes you may wish to exclude a set of URIs from CSRF protection. For example, if you are using Stripe to process payments and are utilizing their webhook system, you will need to exclude your Stripe webhook handler route from CSRF protection since Stripe will not know what CSRF token to send to your routes.
In my case I am redirecting the user to an external payment page… and then the user go back to the kirby website where some actions are triggered (including Uniform).