Skip to content

Commit

Permalink
Merge branch '191-test-helper' into 191-test-helper-php-81-improvements
Browse files Browse the repository at this point in the history
  • Loading branch information
@vraja-pro
vraja-pro committed Aug 23, 2023
2 parents 83f8b4d + 2fb414a commit d707698
Show file tree
Hide file tree
Showing 7 changed files with 41 additions and 22 deletions.
3 changes: 2 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
/vendor/
/node_modules/
.idea/
.vscode/
artifact.zip
/artifact/
yarn-error.log
Expand All @@ -16,4 +17,4 @@ phpcs.xml
[Tt]humbs.db
[Dd]esktop.ini
*.DS_store
.DS_store?
.DS_store?
10 changes: 7 additions & 3 deletions src/domain-dropdown.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,13 @@ public function get_controls() {
* @return void
*/
public function handle_submit() {
if ( \check_admin_referer( 'yoast_seo_domain_dropdown' ) !== false ) {
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged -- This deprecation will be addressed later.
$this->option->set( 'myyoast_test_domain', \filter_input( \INPUT_POST, 'myyoast_test_domain', @\FILTER_SANITIZE_STRING ) );
if ( ! \check_admin_referer( 'yoast_seo_domain_dropdown' ) && ! isset( $_POST['myyoast_test_domain'] ) ) {
return;
}

if ( isset( $_POST['myyoast_test_domain'] ) && \is_string( $_POST['myyoast_test_domain'] ) ) {
$myyoast_test_domain = \sanitize_text_field( \wp_unslash( $_POST['myyoast_test_domain'] ) );
$this->option->set( 'myyoast_test_domain', $myyoast_test_domain );
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
Expand Down
5 changes: 3 additions & 2 deletions src/downgrader.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,12 @@ public function handle_submit() {
if ( ! \check_admin_referer( 'yoast_rollback_control' ) ) {
return;
}
if ( ! isset( $_POST['target_version'] ) ) {
if ( ! isset( $_POST['target_version'] ) || ! \is_string( $_POST['target_version'] ) ) {
return;
}

$target_version = \filter_var( \wp_unslash( $_POST['target_version'] ) );
$target_version = \sanitize_text_field( \wp_unslash( $_POST['target_version'] ) );

try {
$this->downgrade( $target_version );
\do_action(
Expand Down
15 changes: 10 additions & 5 deletions src/inline-script.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,17 +74,22 @@ public function get_controls() {
}

/**
* Handles the form submit.
* Handles the form submit for adding inline script.
*
* @return void
*/
public function handle_submit() {
if ( \check_admin_referer( 'yoast_seo_test_inline_script' ) !== false ) {
$this->option->set( 'add_inline_script', isset( $_POST['add_inline_script'] ) );
// phpcs:disable WordPress.PHP.NoSilencedErrors.Discouraged -- These deprecations will be addressed later.
$this->option->set( 'inline_script_handle', \filter_input( \INPUT_POST, 'inline_script_handle', @\FILTER_SANITIZE_STRING ) );
$this->option->set( 'inline_script', \filter_input( \INPUT_POST, 'inline_script', @\FILTER_SANITIZE_STRING ) );
// phpcs:enable

if ( isset( $_POST['inline_script_handle'] ) && is_string( $_POST['inline_script_handle'] ) ) {
$inline_script_handle = \sanitize_text_field( \wp_unslash( $_POST['inline_script_handle'] ) );
$this->option->set( 'inline_script_handle', $inline_script_handle );
}
if ( isset( $_POST['inline_script'] ) && is_string( $_POST['inline_script'] ) ) {
$inline_script = \sanitize_text_field( \wp_unslash( $_POST['inline_script'] ) );
$this->option->set( 'inline_script', $inline_script );
}
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
Expand Down
14 changes: 8 additions & 6 deletions src/plugin-toggler.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,9 +177,13 @@ public function ajax_toggle_plugin() {
$response = [];

// If nonce is valid.
if ( $this->verify_nonce() ) {
$group = \filter_input( \INPUT_GET, 'group' );
$plugin = \filter_input( \INPUT_GET, 'plugin' );
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified in a different method.
if ( $this->verify_nonce() && isset( $_GET['group'] ) && is_string( $_GET['group'] && isset( $_GET['plugin'] ) && is_string( $_GET['plugin'] ) ) ) {

// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified above.
$group = \sanitize_text_field( \wp_unslash( $_GET['group'] ) );
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified above.
$plugin = \sanitize_text_field( \wp_unslash( $_GET['plugin'] ) );

// First deactivate the current plugin.
$this->deactivate_plugin_group( $group );
Expand Down Expand Up @@ -421,11 +425,9 @@ private function deactivate_plugin_group( $group ) {
* @return bool True if verified.
*/
private function verify_nonce() {
// Get the nonce value.
$ajax_nonce = \filter_input( \INPUT_GET, 'ajax_nonce' );

// If nonce is valid return true.
if ( \wp_verify_nonce( $ajax_nonce, 'yoast-plugin-toggle' ) ) {
if ( isset( $_GET['ajax_nonce'] ) && \wp_verify_nonce( $ajax_nonce, 'yoast-plugin-toggle' ) ) {
return true;
}
}
Expand Down
14 changes: 10 additions & 4 deletions src/schema.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,11 +142,17 @@ public function handle_submit() {
$this->option->set( 'enable_schema_endpoint', isset( $_POST['enable_schema_endpoint'] ) );
}

$is_needed_breadcrumb = $this->validate_submit( \filter_input( \INPUT_POST, 'is_needed_breadcrumb' ) );
$is_needed_webpage = $this->validate_submit( \filter_input( \INPUT_POST, 'is_needed_webpage' ) );
if ( isset( $_POST['is_needed_breadcrumb'] ) ) {
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- validation is done in validate_submit.
$validated_is_needed_breadcrumb = $this->validate_submit( $_POST['is_needed_breadcrumb'] );
$this->option->set( 'is_needed_breadcrumb', $validated_is_needed_breadcrumb );
}

$this->option->set( 'is_needed_breadcrumb', $is_needed_breadcrumb );
$this->option->set( 'is_needed_webpage', $is_needed_webpage );
if ( isset( $_POST['is_needed_webpage'] ) ) {
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- validation is done in validate_submit.
$validated_is_needed_webpage = $this->validate_submit( $_POST['is_needed_webpage'] );
$this->option->set( 'is_needed_webpage', $validated_is_needed_webpage );
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
}
Expand Down
2 changes: 1 addition & 1 deletion src/xml-sitemaps.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ public function handle_submit() {
$this->option->set( 'disable_xml_sitemap_cache', isset( $_POST['disable_xml_sitemap_cache'] ) );
$xml_sitemap_entries = null;
if ( isset( $_POST['xml_sitemap_entries'] ) ) {
$xml_sitemap_entries = \filter_input( \INPUT_POST, 'xml_sitemap_entries', \FILTER_SANITIZE_NUMBER_INT );
$xml_sitemap_entries = \intval( \wp_unslash( $_POST['xml_sitemap_entries'] ) );
}
$this->option->set( 'xml_sitemap_entries', $xml_sitemap_entries );
}
Expand Down

0 comments on commit d707698

Please sign in to comment.