diff --git a/.github/workflows/pr-code-sniff.yml b/.github/workflows/pr-code-sniff.yml index 7578e652db6..e02c5437a66 100644 --- a/.github/workflows/pr-code-sniff.yml +++ b/.github/workflows/pr-code-sniff.yml @@ -9,8 +9,6 @@ defaults: concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true -env: - PHPCS: ./plugins/woocommerce/vendor/bin/phpcs # Run WooCommerce phpcs setup in phpcs-changed instead of default permissions: {} @@ -30,6 +28,7 @@ jobs: id: changed-files uses: tj-actions/changed-files@v32 with: + path: plugins/woocommerce files: | **/*.php @@ -41,6 +40,7 @@ jobs: - name: Tool versions if: steps.changed-files.outputs.any_changed == 'true' + working-directory: plugins/woocommerce run: | php --version composer --version @@ -48,6 +48,7 @@ jobs: - name: Run PHPCS if: steps.changed-files.outputs.any_changed == 'true' + working-directory: plugins/woocommerce run: | HEAD_REF=$(git rev-parse HEAD) git checkout $HEAD_REF diff --git a/.github/workflows/release-wc-beta-tester.yml b/.github/workflows/release-wc-beta-tester.yml index c2e6c7adf45..84ed3387e46 100644 --- a/.github/workflows/release-wc-beta-tester.yml +++ b/.github/workflows/release-wc-beta-tester.yml @@ -20,6 +20,10 @@ jobs: - name: Setup WooCommerce Monorepo uses: ./.github/actions/setup-woocommerce-monorepo + - name: Lint + working-directory: plugins/woocommerce-beta-tester + run: composer run phpcs + - name: Build WooCommerce Beta Tester Zip working-directory: plugins/woocommerce-beta-tester run: pnpm build:zip diff --git a/plugins/woocommerce-beta-tester/.wp-env.json b/plugins/woocommerce-beta-tester/.wp-env.json new file mode 100644 index 00000000000..f763aafbaf7 --- /dev/null +++ b/plugins/woocommerce-beta-tester/.wp-env.json @@ -0,0 +1,7 @@ +{ + "phpVersion": "7.4", + "plugins": [ + ".", + "https://downloads.wordpress.org/plugin/woocommerce.zip" + ] +} diff --git a/plugins/woocommerce-beta-tester/api/admin-notes/add-note.php b/plugins/woocommerce-beta-tester/api/admin-notes/add-note.php index ef693750289..bf5d85a6377 100644 --- a/plugins/woocommerce-beta-tester/api/admin-notes/add-note.php +++ b/plugins/woocommerce-beta-tester/api/admin-notes/add-note.php @@ -1,4 +1,7 @@ get_param( 'type' ); - $layout = $request->get_param( 'layout' ); + $type = $request->get_param( 'type' ); + $layout = $request->get_param( 'layout' ); $note->set_name( $request->get_param( 'name' ) ); $note->set_title( $request->get_param( 'title' ) ); - $note->set_content( $mock_note_data[ 'content' ] ); + $note->set_content( $mock_note_data['content'] ); $note->set_image( $mock_note_data[ $type ][ $layout ] ); $note->set_layout( $layout ); $note->set_type( $type ); possibly_add_action( $note ); - + if ( 'email' === $type ) { add_email_note_params( $note ); } @@ -30,6 +37,11 @@ function admin_notes_add_note( $request ) { return true; } +/** + * Adds an email note parameter. + * + * @param Note $note The note to add parameters to. + */ function add_email_note_params( $note ) { $additional_data = array( 'role' => 'administrator', @@ -37,6 +49,11 @@ function add_email_note_params( $note ) { $note->set_content_data( (object) $additional_data ); } +/** + * Possibly adds an action to a note. + * + * @param Note $note The note to check and add an action to. + */ function possibly_add_action( $note ) { if ( $note->get_type() === 'info' ) { return; @@ -48,20 +65,23 @@ function possibly_add_action( $note ) { $note->add_action( $action_name, 'Test action', wc_admin_url() ); } +/** + * Gets mock note data. + */ function get_mock_note_data() { $plugin_url = site_url() . '/wp-content/plugins/woocommerce-admin-test-helper/'; return array( - 'content' => 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud.', - 'info' => array( + 'content' => 'Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud.', + 'info' => array( 'banner' => $plugin_url . 'images/admin-notes/banner.jpg', 'thumbnail' => $plugin_url . 'images/admin-notes/thumbnail.jpg', - 'plain' => '' + 'plain' => '', ), - 'email' => array( - 'plain' => $plugin_url . 'images/admin-notes/woocommerce-logo-vector.png' + 'email' => array( + 'plain' => $plugin_url . 'images/admin-notes/woocommerce-logo-vector.png', + ), + 'update' => array( + 'plain' => '', ), - 'update' => array( - 'plain' => '' - ) ); } diff --git a/plugins/woocommerce-beta-tester/api/admin-notes/delete-all-notes.php b/plugins/woocommerce-beta-tester/api/admin-notes/delete-all-notes.php index 38195c63c66..300d732408f 100644 --- a/plugins/woocommerce-beta-tester/api/admin-notes/delete-all-notes.php +++ b/plugins/woocommerce-beta-tester/api/admin-notes/delete-all-notes.php @@ -1,12 +1,18 @@ query( "DELETE FROM {$wpdb->prefix}wc_admin_notes" ); $deleted_action_count = $wpdb->query( "DELETE FROM {$wpdb->prefix}wc_admin_note_actions" ); diff --git a/plugins/woocommerce-beta-tester/api/api.php b/plugins/woocommerce-beta-tester/api/api.php index aa5438c8f73..f6087492d23 100644 --- a/plugins/woocommerce-beta-tester/api/api.php +++ b/plugins/woocommerce-beta-tester/api/api.php @@ -5,6 +5,8 @@ * @package WC_Beta_Tester */ +defined( 'ABSPATH' ) || exit; + /** * Register the test helper route. * @@ -23,7 +25,7 @@ function register_woocommerce_admin_test_helper_rest_route( $route, $callback, $ if ( ! wc_rest_check_manager_permissions( 'settings', 'edit' ) ) { return new \WP_Error( 'woocommerce_rest_cannot_edit', - __( 'Sorry, you cannot perform this action', 'woocommerce' ) + __( 'Sorry, you cannot perform this action', 'woocommerce-beta-tester' ) ); } return true; @@ -52,7 +54,7 @@ require 'tools/disable-wc-email.php'; require 'tools/trigger-update-callbacks.php'; require 'tracks/class-tracks-debug-log.php'; require 'features/features.php'; -require 'rest-api-filters/rest-api-filters.php'; +require 'rest-api-filters/class-wca-test-helper-rest-api-filters.php'; require 'rest-api-filters/hook.php'; require 'live-branches/manifest.php'; require 'live-branches/install.php'; diff --git a/plugins/woocommerce-beta-tester/api/features/features.php b/plugins/woocommerce-beta-tester/api/features/features.php index f19db0cb94f..4beaa6cfab8 100644 --- a/plugins/woocommerce-beta-tester/api/features/features.php +++ b/plugins/woocommerce-beta-tester/api/features/features.php @@ -1,12 +1,13 @@ [a-z0-9_\-]+)/toggle', 'toggle_feature', - array( + array( 'methods' => 'POST', ) ); @@ -27,33 +28,44 @@ register_woocommerce_admin_test_helper_rest_route( ) ); +/** + * Toggles a feature. + * + * @param WP_REST_Request $request Full data about the request. + */ function toggle_feature( $request ) { - $features = get_features(); - $custom_feature_values = get_option( OPTION_NAME_PREFIX, array() ); - $feature_name = $request->get_param( 'feature_name' ); + $features = get_features(); + $custom_feature_values = get_option( OPTION_NAME_PREFIX, array() ); + $feature_name = $request->get_param( 'feature_name' ); - if ( ! isset( $features[$feature_name ]) ) { - return new WP_REST_Response( $features, 204 ); - } - - if ( isset( $custom_feature_values[$feature_name] ) ) { - unset( $custom_feature_values[$feature_name] ); - } else { - $custom_feature_values[$feature_name] = ! $features[ $feature_name ]; - } + if ( ! isset( $features[ $feature_name ] ) ) { + return new WP_REST_Response( $features, 204 ); + } - update_option(OPTION_NAME_PREFIX, $custom_feature_values ); + if ( isset( $custom_feature_values[ $feature_name ] ) ) { + unset( $custom_feature_values[ $feature_name ] ); + } else { + $custom_feature_values[ $feature_name ] = ! $features[ $feature_name ]; + } + + update_option( OPTION_NAME_PREFIX, $custom_feature_values ); return new WP_REST_Response( get_features(), 200 ); } +/** + * Resets all features to their default values. + */ function reset_features() { - delete_option( OPTION_NAME_PREFIX ); - return new WP_REST_Response( get_features(), 200 ); + delete_option( OPTION_NAME_PREFIX ); + return new WP_REST_Response( get_features(), 200 ); } +/** + * Gets all features. + */ function get_features() { - if ( function_exists( 'wc_admin_get_feature_config' ) ) { - return apply_filters( 'woocommerce_admin_get_feature_config', wc_admin_get_feature_config() ); - } - return array(); + if ( function_exists( 'wc_admin_get_feature_config' ) ) { + return apply_filters( 'woocommerce_admin_get_feature_config', wc_admin_get_feature_config() ); + } + return array(); } diff --git a/plugins/woocommerce-beta-tester/api/live-branches/install.php b/plugins/woocommerce-beta-tester/api/live-branches/install.php index 11143154634..62b3721a3d2 100644 --- a/plugins/woocommerce-beta-tester/api/live-branches/install.php +++ b/plugins/woocommerce-beta-tester/api/live-branches/install.php @@ -1,10 +1,12 @@ - 'GET', - 'args' => array( + 'args' => array( 'page' => array( 'description' => 'Current page of the collection.', 'type' => 'integer', @@ -32,28 +36,39 @@ register_woocommerce_admin_test_helper_rest_route( 'wca_test_helper_delete_option', array( 'methods' => 'DELETE', - 'args' => array( + 'args' => array( 'option_names' => array( - 'type' => 'string', + 'type' => 'string', ), ), ) ); +/** + * A helper to delete options. + * + * @param WP_REST_Request $request The full request data. + */ function wca_test_helper_delete_option( $request ) { global $wpdb; - $option_names = explode( ',', $request->get_param( 'option_names' ) ); - $option_names = array_map( function( $option_name ) { - return "'" . $option_name . "'"; - }, $option_names ); + $option_names = explode( ',', $request->get_param( 'option_names' ) ); + $option_tokens = implode( ',', array_fill( 0, count( $option_names ), '%s' ) ); - $option_names = implode( ',', $option_names ); - $query = "delete from {$wpdb->prefix}options where option_name in ({$option_names})"; - $wpdb->query( $query ); + $wpdb->query( + $wpdb->prepare( + "DELETE FROM {$wpdb->prefix}options WHERE option_name IN ({$option_tokens})", // phpcs:ignore WordPress.DB.PreparedSQL.InterpolatedNotPrepared,WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare + ...$option_names, + ) + ); return new WP_REST_RESPONSE( null, 204 ); } +/** + * A helper to get options. + * + * @param WP_REST_Request $request The full request data. + */ function wca_test_helper_get_options( $request ) { global $wpdb; @@ -61,18 +76,23 @@ function wca_test_helper_get_options( $request ) { $page = $request->get_param( 'page' ); $search = $request->get_param( 'search' ); - $query = " - select option_id, option_name, option_value, autoload - from {$wpdb->prefix}options - "; + $query = "SELECT option_id, option_name, option_value, autoload FROM {$wpdb->prefix}options"; if ( $search ) { - $query .= "where option_name like '%{$search}%'"; + $search = $wpdb->esc_like( $search ); + $query .= ' WHERE option_name LIKE %s'; } - $query .= ' order by option_id desc limit 30'; + $query .= ' ORDER BY option_id DESC LIMIT %d OFFSET %d'; + $offset = ( $page - 1 ) * $per_page; - $options = $wpdb->get_results( $query ); + if ( $search ) { + $query = $wpdb->prepare( $query, $search, $per_page, $offset ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + } else { + $query = $wpdb->prepare( $query, $per_page, $offset ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared + } + + $options = $wpdb->get_results( $query ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared return new WP_REST_Response( $options, 200 ); } diff --git a/plugins/woocommerce-beta-tester/api/rest-api-filters/rest-api-filters.php b/plugins/woocommerce-beta-tester/api/rest-api-filters/class-wca-test-helper-rest-api-filters.php similarity index 97% rename from plugins/woocommerce-beta-tester/api/rest-api-filters/rest-api-filters.php rename to plugins/woocommerce-beta-tester/api/rest-api-filters/class-wca-test-helper-rest-api-filters.php index c2cefb6158e..8a2f4a1faa1 100644 --- a/plugins/woocommerce-beta-tester/api/rest-api-filters/rest-api-filters.php +++ b/plugins/woocommerce-beta-tester/api/rest-api-filters/class-wca-test-helper-rest-api-filters.php @@ -1,5 +1,7 @@ 1 ) { - $key = array_shift($keys); - if (! isset($array[$key]) || ! is_array($array[$key]) ) { - $array[$key] = []; - } - $array = &$array[$key]; - } + $key_count = count( $keys ); + while ( $key_count > 1 ) { + $key = array_shift( $keys ); + if ( ! isset( $array[ $key ] ) || ! is_array( $array[ $key ] ) ) { + $array[ $key ] = array(); + } + $array = &$array[ $key ]; - $array[ array_shift($keys) ] = $value; - return $array; + --$key_count; + } + + $array[ array_shift( $keys ) ] = $value; + return $array; } add_filter( - 'rest_request_after_callbacks', - function ( $response, array $handler, \WP_REST_Request $request ) use ( $filters ) { - if (! $response instanceof \WP_REST_Response ) { - return $response; - } - $route = $request->get_route(); - $filters = array_filter( - $filters, function ( $filter ) use ( $request, $route ) { - if ($filter['enabled'] && $filter['endpoint'] == $route ) { - return true; - } - return false; - } - ); + 'rest_request_after_callbacks', + function ( $response, array $handler, \WP_REST_Request $request ) use ( $filters ) { + if ( ! $response instanceof \WP_REST_Response ) { + return $response; + } + $route = $request->get_route(); + $filters = array_filter( + $filters, + function ( $filter ) use ( $request, $route ) { + if ( $filter['enabled'] && $filter['endpoint'] === $route ) { + return true; + } + return false; + } + ); - $data = $response->get_data(); + $data = $response->get_data(); - foreach ( $filters as $filter ) { - array_dot_set($data, $filter['dot_notation'], $filter['replacement']); - } + foreach ( $filters as $filter ) { + array_dot_set( $data, $filter['dot_notation'], $filter['replacement'] ); + } - $response->set_data($data); + $response->set_data( $data ); - return $response; - }, - 10, - 3 -); \ No newline at end of file + return $response; + }, + 10, + 3 +); diff --git a/plugins/woocommerce-beta-tester/api/tools/delete-all-products.php b/plugins/woocommerce-beta-tester/api/tools/delete-all-products.php index 953f7e11e3b..9d6f6daef72 100644 --- a/plugins/woocommerce-beta-tester/api/tools/delete-all-products.php +++ b/plugins/woocommerce-beta-tester/api/tools/delete-all-products.php @@ -1,9 +1,15 @@ get_products(); diff --git a/plugins/woocommerce-beta-tester/api/tools/disable-wc-email.php b/plugins/woocommerce-beta-tester/api/tools/disable-wc-email.php index 7997195fbc7..5ab3aaad2ad 100644 --- a/plugins/woocommerce-beta-tester/api/tools/disable-wc-email.php +++ b/plugins/woocommerce-beta-tester/api/tools/disable-wc-email.php @@ -1,4 +1,7 @@ 'POST', - 'args' => array( - 'hook' => array( + 'args' => array( + 'hook' => array( 'description' => 'Name of the cron that will be triggered.', 'type' => 'string', 'sanitize_callback' => 'sanitize_text_field', @@ -26,6 +29,9 @@ register_woocommerce_admin_test_helper_rest_route( ) ); +/** + * A tool to list the crons for WooCommerce Admin. + */ function tools_get_cron_list() { $crons = _get_cron_array(); $events = array(); @@ -47,6 +53,11 @@ function tools_get_cron_list() { return new WP_REST_Response( $events, 200 ); } +/** + * A tool to trigger a selected cron. + * + * @param WP_REST_Request $request The full request data. + */ function trigger_selected_cron( $request ) { $hook = $request->get_param( 'hook' ); $signature = $request->get_param( 'signature' ); @@ -66,10 +77,13 @@ function trigger_selected_cron( $request ) { return $scheduled; } - add_filter( 'cron_request', function( array $cron_request ) { - $cron_request['url'] = add_query_arg( 'run-cron', 1, $cron_request['url'] ); - return $cron_request; - } ); + add_filter( + 'cron_request', + function( array $cron_request ) { + $cron_request['url'] = add_query_arg( 'run-cron', 1, $cron_request['url'] ); + return $cron_request; + } + ); spawn_cron(); sleep( 1 ); @@ -79,6 +93,12 @@ function trigger_selected_cron( $request ) { return false; } +/** + * Schedules a cron event. + * + * @param string $hook The hook to schedule. + * @param array $args The arguments to use for the event. + */ function schedule_event( $hook, $args = array() ) { $event = (object) array( 'hook' => $hook, @@ -87,7 +107,8 @@ function schedule_event( $hook, $args = array() ) { 'args' => $args, ); $crons = (array) _get_cron_array(); - $key = md5( serialize( $event->args ) ); + // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.serialize_serialize + $key = md5( serialize( $event->args ) ); $crons[ $event->timestamp ][ $event->hook ][ $key ] = array( 'schedule' => $event->schedule, diff --git a/plugins/woocommerce-beta-tester/api/tools/trigger-update-callbacks.php b/plugins/woocommerce-beta-tester/api/tools/trigger-update-callbacks.php index 3d1c0d103f3..0a06bbb237c 100644 --- a/plugins/woocommerce-beta-tester/api/tools/trigger-update-callbacks.php +++ b/plugins/woocommerce-beta-tester/api/tools/trigger-update-callbacks.php @@ -1,6 +1,6 @@ 'POST', - 'args' => array( - 'version' => array( + 'args' => array( + 'version' => array( 'description' => 'Name of the update version', 'type' => 'string', 'sanitize_callback' => 'sanitize_text_field', - ) + ), ), ) ); +/** + * A tool to get the list of WooCommerce Admin update versions. + */ function tools_get_wc_admin_versions() { - $db_updates = \WC_Install::get_db_update_callbacks(); + $db_updates = \WC_Install::get_db_update_callbacks(); return new WP_REST_Response( array_keys( $db_updates ), 200 ); } +/** + * Triggers the selected version update callback. + * + * @param WP_REST_Request $request The full request data. + */ function trigger_selected_update_callbacks( $request ) { $version = $request->get_param( 'version' ); if ( ! isset( $version ) ) { return; } - $db_updates = \WC_Install::get_db_update_callbacks(); + $db_updates = \WC_Install::get_db_update_callbacks(); $update_callbacks = $db_updates[ $version ]; foreach ( $update_callbacks as $update_callback ) { diff --git a/plugins/woocommerce-beta-tester/api/tools/trigger-wca-install.php b/plugins/woocommerce-beta-tester/api/tools/trigger-wca-install.php index 43c1121f577..506fb720054 100644 --- a/plugins/woocommerce-beta-tester/api/tools/trigger-wca-install.php +++ b/plugins/woocommerce-beta-tester/api/tools/trigger-wca-install.php @@ -1,9 +1,15 @@ plugin_url() . '/assets/css/admin.css', array( 'woocommerce_admin_styles' ) ); + wp_register_style( 'wc-beta-tester-admin', WC_Beta_Tester::instance()->plugin_url() . '/assets/css/admin.css', array( 'woocommerce_admin_styles' ), WC_BETA_TESTER_VERSION ); // Register scripts. - wp_register_script( 'wc-beta-tester-version-info', WC_Beta_Tester::instance()->plugin_url() . '/assets/js/version-information' . $suffix . '.js', array( 'wc-backbone-modal' ), WC_BETA_TESTER_VERSION ); - wp_register_script( 'wc-beta-tester-version-picker', WC_Beta_Tester::instance()->plugin_url() . '/assets/js/version-picker' . $suffix . '.js', array( 'wc-backbone-modal' ), WC_BETA_TESTER_VERSION ); + wp_register_script( 'wc-beta-tester-version-info', WC_Beta_Tester::instance()->plugin_url() . '/assets/js/version-information' . $suffix . '.js', array( 'wc-backbone-modal' ), WC_BETA_TESTER_VERSION, false ); + wp_register_script( 'wc-beta-tester-version-picker', WC_Beta_Tester::instance()->plugin_url() . '/assets/js/version-picker' . $suffix . '.js', array( 'wc-backbone-modal' ), WC_BETA_TESTER_VERSION, false ); wp_localize_script( 'wc-beta-tester-version-info', @@ -54,7 +54,7 @@ class WC_Beta_Tester_Admin_Assets { ) ); - if ( in_array( $screen_id, array( 'plugins_page_wc-beta-tester', 'plugins_page_wc-beta-tester-version-picker' ) ) ) { + if ( in_array( $screen_id, array( 'plugins_page_wc-beta-tester', 'plugins_page_wc-beta-tester-version-picker' ), true ) ) { wp_enqueue_style( 'wc-beta-tester-admin' ); wp_enqueue_script( 'wc-beta-tester-version-info' ); wp_enqueue_script( 'wc-beta-tester-version-picker' ); diff --git a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-channel.php b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-channel.php index bb27b88bfe4..1be003d916a 100644 --- a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-channel.php +++ b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-channel.php @@ -10,7 +10,7 @@ defined( 'ABSPATH' ) || exit; /** * Settings Class. */ -class WC_Beta_Tester_Settings { +class WC_Beta_Tester_Channel { /** * Constructor @@ -62,9 +62,9 @@ class WC_Beta_Tester_Settings { * @param array $args Arguments. */ public function update_section_html( $args ) { - ?> + ?>

- message ) ) { ?> -
message['type'] ) ? esc_attr( $this->message['type'] ) : ''; - ?>">message['message'] ); ?>
+ ?> + ">message['message'] ); ?>

- + + +
- +

- - + ?> + +
add_message( __( 'Invalid submission', 'woocommerce-beta-tester' ) ); return; } @@ -142,7 +152,8 @@ class WC_Beta_Tester_Import_Export { return; } - $tmp_file = $_FILES[ static::IMPORT_FILENAME ]['tmp_name']; + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + $tmp_file = wp_unslash( $_FILES[ static::IMPORT_FILENAME ]['tmp_name'] ); if ( empty( $tmp_file ) ) { $this->add_message( __( 'No file uploaded.', 'woocommerce-beta-tester' ) ); return; @@ -153,9 +164,10 @@ class WC_Beta_Tester_Import_Export { return; } + // phpcs:ignore WordPress.WP.AlternativeFunctions.file_get_contents_file_get_contents $maybe_json = file_get_contents( $tmp_file ); - $settings = json_decode( $maybe_json, true ); - if ( $settings !== null ) { + $settings = json_decode( $maybe_json, true ); + if ( null !== $settings ) { foreach ( $this->get_setting_list() as $option_name ) { if ( ! isset( $settings[ $option_name ] ) ) { continue; @@ -184,6 +196,7 @@ class WC_Beta_Tester_Import_Export { if ( false === $setting ) { $setting = null; } + // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.serialize_serialize $settings[ $option_name ] = is_string( $setting ) ? $setting : serialize( $setting ); } } @@ -199,7 +212,7 @@ class WC_Beta_Tester_Import_Export { protected function add_message( $message, $type = 'error' ) { $this->message = array( 'message' => $message, - 'type' => $type + 'type' => $type, ); } @@ -207,7 +220,7 @@ class WC_Beta_Tester_Import_Export { * Get the WooCommerce settings list keys. */ private function get_setting_list() { - require_once( dirname(__FILE__ ) . '/wc-beta-tester-settings-list.php'); + require_once dirname( __FILE__ ) . '/wc-beta-tester-settings-list.php'; return wc_beta_tester_setting_list(); } } diff --git a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-live-branches.php b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-live-branches.php index 03a8d0b7bd3..85b88aaeaf8 100644 --- a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-live-branches.php +++ b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-live-branches.php @@ -72,7 +72,6 @@ class WC_Beta_Tester_Live_Branches { wc_admin_register_page( array( 'id' => 'woocommerce-beta-tester-live-branches', - // phpcs:disable 'title' => __( 'Live Branches', 'woocommerce-beta-tester' ), 'path' => '/live-branches', 'parent' => 'woocommerce', diff --git a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-version-picker.php b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-version-picker.php index 5c4007aca24..f33687d6d79 100644 --- a/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-version-picker.php +++ b/plugins/woocommerce-beta-tester/includes/class-wc-beta-tester-version-picker.php @@ -33,15 +33,16 @@ class WC_Beta_Tester_Version_Picker { * @throws Exception On update error. */ public function handle_version_switch() { - if ( ! isset( $_GET['wcbt_switch_to_version'], $_GET['_wpnonce'] ) ) { // WPCS: Input var ok. + if ( ! isset( $_GET['wcbt_switch_to_version'], $_GET['_wpnonce'] ) ) { return; } - if ( ! wp_verify_nonce( wp_unslash( $_GET['_wpnonce'] ), 'wcbt_switch_version_nonce' ) ) { // WPCS: Input var ok, sanitization ok. + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + if ( ! wp_verify_nonce( wp_unslash( $_GET['_wpnonce'] ), 'wcbt_switch_version_nonce' ) ) { wp_die( esc_html__( 'Action failed. Please refresh the page and retry.', 'woocommerce-beta-tester' ) ); } - $version = isset( $_GET['wcbt_switch_to_version'] ) ? sanitize_text_field( wp_unslash( $_GET['wcbt_switch_to_version'] ) ) : ''; // WPCS: Input var ok, sanitization ok. + $version = isset( $_GET['wcbt_switch_to_version'] ) ? sanitize_text_field( wp_unslash( $_GET['wcbt_switch_to_version'] ) ) : ''; if ( empty( $version ) ) { return; @@ -58,7 +59,7 @@ class WC_Beta_Tester_Version_Picker { 'title' => 'Version switch result', 'plugin' => $plugin_name, 'version' => $version, - 'nonce' => wp_unslash( $_GET['_wpnonce'] ), // WPCS: Input var ok, sanitization ok. + 'nonce' => wp_unslash( $_GET['_wpnonce'] ), // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized ); $skin = new Automatic_Upgrader_Skin( $skin_args ); @@ -128,9 +129,11 @@ class WC_Beta_Tester_Version_Picker { $tags = array_reverse( $tags ); $versions_html = ''; - if ( ! empty( $_GET['switched'] ) ) { // WPCS: input var ok, CSRF ok. + // The nonce is validated upstream. + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + if ( ! empty( $_GET['switched'] ) ) { /* translators: %s: WooCoomerce version */ - $versions_html .= '

' . sprintf( esc_html__( 'Successfully switched version to %s.', 'woocommerce-beta-tester' ), esc_html( sanitize_text_field( wp_unslash( $_GET['switched'] ) ) ) ) . '

'; // WPCS: input var ok, CSRF ok. + $versions_html .= '

' . sprintf( esc_html__( 'Successfully switched version to %s.', 'woocommerce-beta-tester' ), esc_html( sanitize_text_field( wp_unslash( $_GET['switched'] ) ) ) ) . '

'; // phpcs:ignore WordPress.Security.NonceVerification.Recommended } $versions_html .= '