Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

191 test helper php 81 improvements #192

Merged
merged 23 commits into from
Aug 24, 2023
Merged

191 test helper php 81 improvements #192

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
a2d35ca
php 8.1 improvements - removed filter_input
vraja-pro Jul 25, 2023
8f5b5d4
php 8.1 improvements - removed filter_input
vraja-pro Jul 25, 2023
b37826f
Improved function doc comment
vraja-pro Jul 25, 2023
8509d2d
php 8.1 improvements - removed filter_input
vraja-pro Jul 25, 2023
9296a6d
php 8.1 improvements - removed filter_input
vraja-pro Jul 25, 2023
a48fa97
php 8.1 improvements - removed filter_input
vraja-pro Jul 25, 2023
4266cdc
php 8.1 improvements - removed filter_var
vraja-pro Jul 25, 2023
4cf3226
update ignore for launch.json vscode debug file
vraja-pro Jul 25, 2023
58fd03f
replace filter_input for php 8.1
vraja-pro Aug 23, 2023
3ab21c5
php fix cs
vraja-pro Jul 25, 2023
a931376
refactor vscode position
vraja-pro Aug 22, 2023
d1a32ae
refactor target_version
vraja-pro Aug 22, 2023
89132e4
refactor ajax_toggle_plugin
vraja-pro Aug 22, 2023
c438246
no need to sanitize nonce
vraja-pro Aug 22, 2023
8832fa2
Update src/domain-dropdown.php
vraja-pro Aug 22, 2023
bdf1ebc
Update src/xml-sitemaps.php
vraja-pro Aug 22, 2023
2fb414a
removed unnecessary sanitisation
vraja-pro Aug 22, 2023
d707698
Merge branch '191-test-helper' into 191-test-helper-php-81-improvements
vraja-pro Aug 23, 2023
ff16949
Update src/inline-script.php
vraja-pro Aug 23, 2023
e5b6fb0
Update src/inline-script.php
vraja-pro Aug 23, 2023
6193b46
Update src/plugin-toggler.php
vraja-pro Aug 23, 2023
fd53497
Update src/plugin-toggler.php
vraja-pro Aug 23, 2023
1dfe0f7
add php cs ignore comment for nonce sanitization
vraja-pro Aug 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
/vendor/
/node_modules/
.idea/
.vscode/
artifact.zip
/artifact/
yarn-error.log
Expand All @@ -16,4 +17,4 @@ phpcs.xml
[Tt]humbs.db
[Dd]esktop.ini
*.DS_store
.DS_store?
.DS_store?
10 changes: 7 additions & 3 deletions src/domain-dropdown.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,13 @@ public function get_controls() {
* @return void
*/
public function handle_submit() {
if ( \check_admin_referer( 'yoast_seo_domain_dropdown' ) !== false ) {
// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged -- This deprecation will be addressed later.
$this->option->set( 'myyoast_test_domain', \filter_input( \INPUT_POST, 'myyoast_test_domain', @\FILTER_SANITIZE_STRING ) );
if ( ! \check_admin_referer( 'yoast_seo_domain_dropdown' ) && ! isset( $_POST['myyoast_test_domain'] ) ) {
return;
}

if ( isset( $_POST['myyoast_test_domain'] ) && \is_string( $_POST['myyoast_test_domain'] ) ) {
$myyoast_test_domain = \sanitize_text_field( \wp_unslash( $_POST['myyoast_test_domain'] ) );
$this->option->set( 'myyoast_test_domain', $myyoast_test_domain );
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
Expand Down
5 changes: 3 additions & 2 deletions src/downgrader.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,11 +54,12 @@ public function handle_submit() {
if ( ! \check_admin_referer( 'yoast_rollback_control' ) ) {
return;
}
if ( ! isset( $_POST['target_version'] ) ) {
if ( ! isset( $_POST['target_version'] ) || ! \is_string( $_POST['target_version'] ) ) {
return;
}

$target_version = \filter_var( \wp_unslash( $_POST['target_version'] ) );
$target_version = \sanitize_text_field( \wp_unslash( $_POST['target_version'] ) );

try {
$this->downgrade( $target_version );
\do_action(
Expand Down
15 changes: 10 additions & 5 deletions src/inline-script.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,17 +74,22 @@ public function get_controls() {
}

/**
* Handles the form submit.
* Handles the form submit for adding inline script.
*
* @return void
*/
public function handle_submit() {
if ( \check_admin_referer( 'yoast_seo_test_inline_script' ) !== false ) {
$this->option->set( 'add_inline_script', isset( $_POST['add_inline_script'] ) );
// phpcs:disable WordPress.PHP.NoSilencedErrors.Discouraged -- These deprecations will be addressed later.
$this->option->set( 'inline_script_handle', \filter_input( \INPUT_POST, 'inline_script_handle', @\FILTER_SANITIZE_STRING ) );
$this->option->set( 'inline_script', \filter_input( \INPUT_POST, 'inline_script', @\FILTER_SANITIZE_STRING ) );
// phpcs:enable

if ( isset( $_POST['inline_script_handle'] ) && \is_string( $_POST['inline_script_handle'] ) ) {
$inline_script_handle = \sanitize_text_field( \wp_unslash( $_POST['inline_script_handle'] ) );
$this->option->set( 'inline_script_handle', $inline_script_handle );
}
if ( isset( $_POST['inline_script'] ) && \is_string( $_POST['inline_script'] ) ) {
$inline_script = \sanitize_text_field( \wp_unslash( $_POST['inline_script'] ) );
$this->option->set( 'inline_script', $inline_script );
}
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
Expand Down
15 changes: 9 additions & 6 deletions src/plugin-toggler.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,9 +177,13 @@ public function ajax_toggle_plugin() {
$response = [];

// If nonce is valid.
if ( $this->verify_nonce() ) {
$group = \filter_input( \INPUT_GET, 'group' );
$plugin = \filter_input( \INPUT_GET, 'plugin' );
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified in a different method.
if ( $this->verify_nonce() && isset( $_GET['group'] ) && \is_string( $_GET['group'] && isset( $_GET['plugin'] ) && \is_string( $_GET['plugin'] ) ) ) {

// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified above.
$group = \sanitize_text_field( \wp_unslash( $_GET['group'] ) );
// phpcs:ignore WordPress.Security.NonceVerification.Recommended -- The nonce is verified above.
$plugin = \sanitize_text_field( \wp_unslash( $_GET['plugin'] ) );

// First deactivate the current plugin.
$this->deactivate_plugin_group( $group );
Expand Down Expand Up @@ -421,11 +425,10 @@ private function deactivate_plugin_group( $group ) {
* @return bool True if verified.
*/
private function verify_nonce() {
// Get the nonce value.
$ajax_nonce = \filter_input( \INPUT_GET, 'ajax_nonce' );

// If nonce is valid return true.
if ( \wp_verify_nonce( $ajax_nonce, 'yoast-plugin-toggle' ) ) {
// phpcs:ignore WordPress.Security.NonceVerification.Recommended, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized, WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- The nonce does not need sanitization.
if ( isset( $_GET['ajax_nonce'] ) && \wp_verify_nonce( $_GET['ajax_nonce'], 'yoast-plugin-toggle' ) ) {
return true;
}
}
Expand Down
14 changes: 10 additions & 4 deletions src/schema.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,11 +142,17 @@ public function handle_submit() {
$this->option->set( 'enable_schema_endpoint', isset( $_POST['enable_schema_endpoint'] ) );
}

$is_needed_breadcrumb = $this->validate_submit( \filter_input( \INPUT_POST, 'is_needed_breadcrumb' ) );
$is_needed_webpage = $this->validate_submit( \filter_input( \INPUT_POST, 'is_needed_webpage' ) );
if ( isset( $_POST['is_needed_breadcrumb'] ) ) {
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- validation is done in validate_submit.
$validated_is_needed_breadcrumb = $this->validate_submit( $_POST['is_needed_breadcrumb'] );
$this->option->set( 'is_needed_breadcrumb', $validated_is_needed_breadcrumb );
}

$this->option->set( 'is_needed_breadcrumb', $is_needed_breadcrumb );
$this->option->set( 'is_needed_webpage', $is_needed_webpage );
if ( isset( $_POST['is_needed_webpage'] ) ) {
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized,WordPress.Security.ValidatedSanitizedInput.MissingUnslash -- validation is done in validate_submit.
$validated_is_needed_webpage = $this->validate_submit( $_POST['is_needed_webpage'] );
$this->option->set( 'is_needed_webpage', $validated_is_needed_webpage );
}

\wp_safe_redirect( \self_admin_url( 'tools.php?page=' . \apply_filters( 'Yoast\WP\Test_Helper\admin_page', '' ) ) );
}
Expand Down
2 changes: 1 addition & 1 deletion src/xml-sitemaps.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ public function handle_submit() {
$this->option->set( 'disable_xml_sitemap_cache', isset( $_POST['disable_xml_sitemap_cache'] ) );
$xml_sitemap_entries = null;
if ( isset( $_POST['xml_sitemap_entries'] ) ) {
$xml_sitemap_entries = \filter_input( \INPUT_POST, 'xml_sitemap_entries', \FILTER_SANITIZE_NUMBER_INT );
$xml_sitemap_entries = \intval( \wp_unslash( $_POST['xml_sitemap_entries'] ) );
}
$this->option->set( 'xml_sitemap_entries', $xml_sitemap_entries );
}
Expand Down