Delete duplicates

akirk · Dec 10, 2024 · f66e67d · f66e67d
1 parent 7c130e8
commit f66e67d
Show file tree

Hide file tree

Showing 2 changed files with 57 additions and 8 deletions.
diff --git a/includes/class-admin.php b/includes/class-admin.php
@@ -2616,6 +2616,34 @@ public function process_admin_import_export() {
 	}
 
 	public function process_admin_duplicate_remover() {
+		$friend = $this->check_admin_duplicate_remover();
+
+		// Nonce verification done in check_admin_duplicate_remover.
+		// phpcs:disable WordPress.Security.NonceVerification.Missing
+
+		// We iterate over this array and then we sanitize _id.
+		// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+		if ( empty( $_POST['deleteduplicate'] ) || ! is_array( $_POST['deleteduplicate'] ) ) {
+			return;
+		}
+
+		$deleted = 0;
+		foreach ( array_keys( wp_unslash( $_POST['deleteduplicate'] ) ) as $_id ) {
+			if ( ! is_numeric( $_id ) ) {
+				continue;
+			}
+
+			if ( wp_delete_post( intval( $_id ) ) ) {
+				++$deleted;
+			}
+		}
+		// phpcs:enable WordPress.Security.NonceVerification.Missing
+		// phpcs:enable WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
+
+		if ( $deleted ) {
+			wp_safe_redirect( add_query_arg( 'deleted', $deleted ) );
+			exit;
+		}
 	}
 	public function check_admin_duplicate_remover() {
 		if ( ! Friends::is_main_user() ) {
@@ -2650,7 +2678,28 @@ public function check_admin_duplicate_remover() {
 	 * Render the duplicates remover
 	 */
 	public function render_admin_duplicate_remover() {
-		$friend    = $this->check_admin_duplicate_remover();
+		$friend = $this->check_admin_duplicate_remover();
+
+		$this->header_edit_friend( $friend, 'duplicate-remover' );
+		// phpcs:disable WordPress.Security.NonceVerification
+		if ( isset( $_GET['deleted'] ) ) {
+			?>
+			<div id="message" class="updated notice is-dismissible"><p>
+				<?php
+				$deleted = intval( $_GET['deleted'] );
+				echo esc_html(
+					sprintf(
+						// translators: %d is the number of duplicates deleted.
+						_n( 'Deleted %d selected duplicate.', 'Deleted %d selected duplicates.', $deleted, 'friends' ),
+						$deleted
+					)
+				);
+				?>
+			</p></div>
+			<?php
+		}
+		// phpcs:enable WordPress.Security.NonceVerification
+
 		$friend_posts = new \WP_Query();
 
 		$friend_posts->set( 'post_type', Friends::CPT );
@@ -3423,10 +3472,10 @@ public function render_dashboard_widget_controls( $id, $widget = false ) {
 			if ( isset( $_POST['delete'] ) ) {
 				unset( $widgets[ $id ] );
 			}
-			// phpcs:enable WordPress.Security.NonceVerification.Missing
 
 			update_user_option( $user_id, 'friends_dashboard_widgets', $widgets );
 		}
+		// phpcs:enable WordPress.Security.NonceVerification.Missing
 		$args = array();
 		if ( isset( $widgets[ $id ] ) ) {
 			$args = $widgets[ $id ];

diff --git a/templates/admin/duplicates.php b/templates/admin/duplicates.php
@@ -9,22 +9,22 @@
 
 ?>
 <h2><?php esc_html_e( 'Duplicates', 'friends' ); ?></h2>
-<form>
+<form method="post">
 	<p>
 		<?php
 
 		$duplicate_count = 0;
 		foreach ( $args['friend_posts']->get_posts() as $_post ) {
 			if ( ! isset( $args['uniques'][ $_post->ID ] ) ) {
-				$duplicate_count++;
+				++$duplicate_count;
 			}
 		}
 
 		echo esc_html(
 			sprintf(
 			// translators: %d is the number of duplicates.
-			_n( '%d post was identified as aduplicate.', '%d posts were identified as duplicate.', $duplicate_count, 'friends' ),
-			$duplicate_count
+				_n( '%d post was identified as aduplicate.', '%d posts were identified as duplicate.', $duplicate_count, 'friends' ),
+				$duplicate_count
 			)
 		);
 		echo ' ';
@@ -51,14 +51,14 @@
 
 			?>
 	<tr>
-		<td class="duplicate"><input type="checkbox" <?php checked( ! isset( $args['uniques'][ $_post->ID ] ) ); ?>></td>
+		<td class="duplicate"><input type="checkbox" name="deleteduplicate[<?php echo esc_attr( $_post->ID ); ?>]" <?php checked( ! isset( $args['uniques'][ $_post->ID ] ) ); ?>></td>
 		<td class="title column-title column-primary" data-colname="<?php /* phpcs:ignore WordPress.WP.I18n.MissingArgDomain */ esc_attr_e( 'Title' ); ?>">
 			<?php
 			// show the post format as a label.
 			$post_format = get_post_format( $_post );
 			if ( ! empty( $post_format ) ) {
 				?>
-				<span class="post-format-icon post-format-<?php echo esc_attr( $post_format ); ?>" title="<?php echo esc_attr( get_post_format_string( $post_format ) );  ?>"></span>
+				<span class="post-format-icon post-format-<?php echo esc_attr( $post_format ); ?>" title="<?php echo esc_attr( get_post_format_string( $post_format ) ); ?>"></span>
 				<?php
 			}
 			?>