diff --git a/composer.json b/composer.json index b2771bb69a..44bf8271c2 100755 --- a/composer.json +++ b/composer.json @@ -15,7 +15,7 @@ "composer/installers": "^1.0 || ^2.0" }, "require-dev": { - "alleyinteractive/alley-coding-standards": "^1.0", + "alleyinteractive/alley-coding-standards": "^2.0", "mantle-framework/testkit": "^1.3" }, "scripts": { diff --git a/fieldmanager.php b/fieldmanager.php index d639c0e6b4..2d6be18f23 100644 --- a/fieldmanager.php +++ b/fieldmanager.php @@ -23,7 +23,7 @@ /** * Filesystem path to Fieldmanager. */ -define( 'FM_BASE_DIR', dirname( __FILE__ ) ); +define( 'FM_BASE_DIR', __DIR__ ); /** * Default version number for static assets registered via Fieldmanager. @@ -116,7 +116,7 @@ function fieldmanager_load_class( $class ) { function fieldmanager_load_file( $file ) { $file = FM_BASE_DIR . '/php/' . $file; if ( ! file_exists( $file ) ) { - throw new FM_Class_Not_Found_Exception( $file ); + throw new FM_Class_Not_Found_Exception( esc_html( $file ) ); } // phpcs:ignore WordPressVIPMinimum.Files.IncludingFile.UsingVariable -- baseline require_once $file; @@ -184,7 +184,7 @@ function fieldmanager_get_template( $tpl_slug ) { * Default none. * @param bool $admin Deprecated. */ -function fm_add_script( $handle, $path = false, $deps = array(), $ver = false, $in_footer = false, $data_object = '', $data = array(), $plugin_dir = '', $admin = true ) { +function fm_add_script( $handle, $path = false, $deps = array(), $ver = false, $in_footer = false, $data_object = '', $data = array(), $plugin_dir = '', $admin = true ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed -- $admin is deprecated; other params used via compact() // Ensure the Fieldmanager loader has been enqueued. Fieldmanager_Util_Assets::instance()->add_script( array( @@ -212,7 +212,7 @@ function fm_add_script( $handle, $path = false, $deps = array(), $ver = false, $ * @param string $media Optional. Media for this stylesheet. Default 'all'. * @param bool $admin Deprecated. */ -function fm_add_style( $handle, $path = false, $deps = array(), $ver = false, $media = 'all', $admin = true ) { +function fm_add_style( $handle, $path = false, $deps = array(), $ver = false, $media = 'all', $admin = true ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed -- $admin is deprecated; other params used via compact() Fieldmanager_Util_Assets::instance()->add_style( compact( 'handle', 'path', 'deps', 'ver', 'media' ) ); } @@ -554,7 +554,7 @@ function fm_register_submenu_page( $group_name, $parent_slug, $page_title, $menu } if ( isset( $submenus[ $group_name ] ) ) { /* translators: %s: group name */ - throw new FM_Duplicate_Submenu_Name_Exception( sprintf( esc_html__( '%s is already in use as a submenu name', 'fieldmanager' ), $group_name ) ); + throw new FM_Duplicate_Submenu_Name_Exception( esc_html( sprintf( __( '%s is already in use as a submenu name', 'fieldmanager' ), $group_name ) ) ); } if ( ! $menu_title ) { diff --git a/php/class-fieldmanager-autocomplete.php b/php/class-fieldmanager-autocomplete.php index 8144e2e964..d4acb32aa6 100644 --- a/php/class-fieldmanager-autocomplete.php +++ b/php/class-fieldmanager-autocomplete.php @@ -87,11 +87,10 @@ public function __construct( $label = '', $options = array() ) { ); if ( empty( $this->datasource ) ) { - $message = esc_html__( 'You must supply a datasource for the autocomplete field', 'fieldmanager' ); if ( Fieldmanager_Field::$debug ) { - throw new FM_Developer_Exception( $message ); + throw new FM_Developer_Exception( esc_html__( 'You must supply a datasource for the autocomplete field', 'fieldmanager' ) ); } else { - wp_die( esc_html( $message ), esc_html__( 'No Datasource', 'fieldmanager' ) ); + wp_die( esc_html__( 'You must supply a datasource for the autocomplete field', 'fieldmanager' ), esc_html__( 'No Datasource', 'fieldmanager' ) ); } } $this->datasource->allow_optgroups = false; diff --git a/php/class-fieldmanager-checkbox.php b/php/class-fieldmanager-checkbox.php index d9b816bdff..fa8b9a8559 100644 --- a/php/class-fieldmanager-checkbox.php +++ b/php/class-fieldmanager-checkbox.php @@ -60,7 +60,7 @@ public function form_element( $value = null ) { esc_attr( $this->get_form_name() ), esc_attr( (string) $this->checked_value ), $this->get_element_attributes(), - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual -- baseline ( $value == $this->checked_value ) ? 'checked="checked"' : '', esc_attr( $this->get_element_id() ), $this->unchecked_value @@ -75,7 +75,7 @@ public function form_element( $value = null ) { * @return mixed Proper value. */ public function presave( $value = null, $current_value = array() ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual -- baseline if ( $value == $this->checked_value || $value === $this->unchecked_value ) { return $value; } elseif ( empty( $value ) ) { diff --git a/php/class-fieldmanager-checkboxes.php b/php/class-fieldmanager-checkboxes.php index c87d4db94a..4fc7047a4f 100644 --- a/php/class-fieldmanager-checkboxes.php +++ b/php/class-fieldmanager-checkboxes.php @@ -52,12 +52,11 @@ public function form_element( $value = array() ) { * @return string $attribute on match, empty on failure. */ public function option_selected( $current_option, $options, $attribute ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline if ( ( ( null !== $options && ! empty( $options ) ) && in_array( $current_option, $options ) ) || ( 'checked' == $this->default_value && in_array( $this->default_value, $options ) ) ) { return $attribute; } else { return ''; } } - } diff --git a/php/class-fieldmanager-datepicker.php b/php/class-fieldmanager-datepicker.php index c4e4d95cb0..80c783f038 100644 --- a/php/class-fieldmanager-datepicker.php +++ b/php/class-fieldmanager-datepicker.php @@ -171,5 +171,4 @@ public function get_minute( $value ) { public function get_am_pm( $value ) { return ! empty( $value ) ? gmdate( 'a', $value ) : ''; } - } diff --git a/php/class-fieldmanager-field.php b/php/class-fieldmanager-field.php index 0be1885d00..e7f15bd76b 100644 --- a/php/class-fieldmanager-field.php +++ b/php/class-fieldmanager-field.php @@ -386,7 +386,7 @@ abstract class Fieldmanager_Field { * @param mixed $value The value of the element. * @return string HTML for the element. */ - public function form_element( $value ) { + public function form_element( $value ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found -- $value is used by the included template if ( ! $this->template ) { $tpl_slug = strtolower( str_replace( 'Fieldmanager_', '', get_class( $this ) ) ); $this->template = fieldmanager_get_template( $tpl_slug ); @@ -458,7 +458,7 @@ public function set_options( $label, $options ) { } // If this is a single field with a limit of 1, serialize_data has no impact. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ! $this->serialize_data && ! $this->is_group() && 1 == $this->limit ) { $this->serialize_data = true; } @@ -483,7 +483,7 @@ public function set_options( $label, $options ) { */ public function element_markup( $values = array() ) { $values = $this->preload_alter_values( $values ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit ) { // count() generates a warning when passed non-countable values in PHP 7.2. if ( is_scalar( $values ) ) { @@ -527,14 +527,14 @@ public function element_markup( $values = array() ) { // Find the array position of the "counter" (e.g. in element[0], [0] is the counter, thus the position is 1). $html_array_position = 0; // default is no counter; i.e. if $this->limit = 0. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit ) { $html_array_position = 1; // base situation is formname[0], so the counter is in position 1. if ( $this->parent ) { $parent = $this->parent; while ( $parent ) { $html_array_position++; // one more for having a parent (e.g. parent[this][0]). - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $parent->limit ) { // and another for the parent having multiple (e.g. parent[0][this][0]). $html_array_position++; } @@ -594,18 +594,18 @@ public function element_markup( $values = array() ) { */ $out = apply_filters( "fm_element_markup_start_{$this->name}", $out, $this, $values ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ( 0 == $this->limit || ( $this->limit > 1 && $this->limit > $this->minimum_count ) ) && 'top' == $this->add_more_position ) { $out .= $this->add_another(); } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit ) { $out .= $this->single_element_markup( null, true ); } for ( $i = 0; $i < $max; $i++ ) { $this->seq = $i; - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 == $this->limit ) { $value = $values; } else { @@ -613,7 +613,7 @@ public function element_markup( $values = array() ) { } $out .= $this->single_element_markup( $value ); } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ( 0 == $this->limit || ( $this->limit > 1 && $this->limit > $this->minimum_count ) ) && 'bottom' == $this->add_more_position ) { $out .= $this->add_another(); } @@ -715,7 +715,7 @@ public function single_element_markup( $value = null, $is_proto = false ) { * the title from the tab label. */ if ( ! empty( $this->label ) && ! $this->is_tab && $this->one_label_per_item ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit ) { $out .= $this->wrap_with_multi_tools( $label, array( 'fmjs-removable-label' ) ); } elseif ( ! $this->label_after_element ) { @@ -735,7 +735,7 @@ public function single_element_markup( $value = null, $is_proto = false ) { $form_element = $this->form_element( $value ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit && ( ! $this->one_label_per_item || empty( $this->label ) ) ) { $out .= $this->wrap_with_multi_tools( $form_element ); } else { @@ -790,7 +790,7 @@ public function wrap_with_multi_tools( $html, $classes = array() ) { $out .= $html; $out .= ''; - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 == $this->limit || $this->limit > $this->minimum_count ) { $out .= $this->get_remove_handle(); } @@ -809,13 +809,13 @@ public function get_form_name( $multiple = '' ) { $tree = $this->get_form_tree(); $name = ''; foreach ( $tree as $level => $branch ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 == $level ) { $name .= $branch->name; } else { $name .= '[' . $branch->name . ']'; } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $branch->limit ) { $name .= '[' . $branch->get_seq() . ']'; } @@ -862,7 +862,7 @@ public function get_element_id() { public function get_element_key() { $el = $this; $key = $el->name; - // phpcs:ignore WordPress.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition -- baseline + // phpcs:ignore Generic.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition -- baseline while ( $el = $el->parent ) { if ( $el->add_to_prefix ) { $key = "{$el->name}_{$key}"; @@ -877,7 +877,7 @@ public function get_element_key() { * @return bool True if yes, false if no. */ public function is_repeatable() { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit ) { return true; } elseif ( $this->parent ) { @@ -905,7 +905,7 @@ public function is_group() { * @return mixed Sanitized values. */ public function presave_all( $values, $current_values ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 == $this->limit && empty( $this->multiple ) ) { $values = $this->presave_alter_values( array( $values ), array( $current_values ) ); if ( ! empty( $values ) ) { @@ -920,7 +920,7 @@ public function presave_all( $values, $current_values ) { } // If $this->limit != 1, and $values is not an array, that'd just be wrong, and possibly an attack, so... - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 != $this->limit && ! is_array( $values ) ) { // EXCEPT maybe this is a request to remove indices. @@ -985,7 +985,7 @@ public function presave_all( $values, $current_values ) { // Remove empty values. $values = array_filter( $values, - function( $value ) { + function ( $value ) { if ( is_array( $value ) ) { return ! empty( $value ); } elseif ( null === $value ) { @@ -1017,7 +1017,7 @@ function( $value ) { * @param array $current_values The current values. */ protected function save_index( $values, $current_values ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 'post' != $this->data_type || empty( $this->data_id ) ) { return; } @@ -1100,7 +1100,7 @@ protected function presave_alter_values( $values, $current_values = array() ) { * @param array $current_value The current values. * @return array The sanitized values. */ - public function presave( $value, $current_value = array() ) { + public function presave( $value, $current_value = array() ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed -- $current_value is required by the interface and used by subclasses // It's possible that some elements (Grid is one) would be arrays at // this point, but those elements must override this function. Let's // make sure we're dealing with one value here. @@ -1416,7 +1416,7 @@ public function _unauthorized_access( $debug_message = '' ) { // phpcs:ignore PS */ protected function _failed_validation( $debug_message = '' ) { // phpcs:ignore PSR2.Methods.MethodDeclaration.Underscore -- baseline if ( self::$debug ) { - throw new FM_Validation_Exception( $debug_message ); + throw new FM_Validation_Exception( esc_html( $debug_message ) ); } else { wp_die( esc_html( diff --git a/php/class-fieldmanager-grid.php b/php/class-fieldmanager-grid.php index 933062f618..90b11d1fb5 100644 --- a/php/class-fieldmanager-grid.php +++ b/php/class-fieldmanager-grid.php @@ -49,7 +49,7 @@ public function __construct( $label = '', $options = array() ) { 'size' => '50', ); parent::__construct( $label, $options ); - $this->sanitize = function( $row, $col, $values ) { + $this->sanitize = function ( $row, $col, $values ) { foreach ( $values as $k => $val ) { $values[ $k ] = sanitize_text_field( $val ); } @@ -116,5 +116,4 @@ public function presave( $value, $current_value = array() ) { } return $rows; } - } diff --git a/php/class-fieldmanager-group.php b/php/class-fieldmanager-group.php index 8311a27192..8f8005c430 100644 --- a/php/class-fieldmanager-group.php +++ b/php/class-fieldmanager-group.php @@ -147,7 +147,7 @@ public function __construct( $label = '', $options = array() ) { parent::__construct( $label, $options ); // Repeatable groups cannot used unserialized data. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline $is_repeatable = ( 1 != $this->limit ); if ( ! $this->serialize_data && $is_repeatable ) { throw new FM_Developer_Exception( esc_html__( 'You cannot use `"serialize_data" => false` with repeating groups', 'fieldmanager' ) ); @@ -161,9 +161,9 @@ public function __construct( $label = '', $options = array() ) { // Convenient naming of child elements via their keys. foreach ( $this->children as $name => $element ) { // if the array key is not an int, and the name attr is set, and they don't match, we got a problem. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $element->name && ! is_int( $name ) && $element->name != $name ) { - throw new FM_Developer_Exception( esc_html__( 'Group child name conflict: ', 'fieldmanager' ) . $name . ' / ' . $element->name ); + throw new FM_Developer_Exception( esc_html( __( 'Group child name conflict: ', 'fieldmanager' ) . $name . ' / ' . $element->name ) ); } elseif ( ! $element->name ) { $element->name = $name; } @@ -246,11 +246,11 @@ public function form_element( $value = null ) { // Set default classes to display the first tab content and hide others. $tab_classes = array( 'fm-tab' ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline $tab_classes[] = ( 0 == $this->child_count ) ? 'wp-tab-active' : 'hide-if-no-js'; // Generate output for the tab. Depends on whether or not there is a tab limit in place. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 == $this->tab_limit || $this->child_count < $this->tab_limit ) { $tab_group .= sprintf( '
  • %s
    • ', @@ -258,13 +258,13 @@ public function form_element( $value = null ) { esc_attr( $element->get_element_id() ), $element->escape( 'label' ) ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline } elseif ( 0 != $this->tab_limit && $this->child_count >= $this->tab_limit ) { $submenu_item_classes = array( 'fm-submenu-item' ); $submenu_item_link_class = ''; // Create the More tab when first hitting the tab limit. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $this->child_count == $this->tab_limit ) { // Create the tab. $tab_group_submenu .= sprintf( @@ -325,7 +325,7 @@ public function form_element( $value = null ) { } // If the display output for this group is set to tabs, build the tab group for navigation. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 != $this->tab_limit && $this->child_count >= $this->tab_limit ) { $tab_group_submenu .= ''; } @@ -397,7 +397,7 @@ public function presave( $values, $current_values = array() ) { $child_value = empty( $values[ $element->name ] ) ? null : $values[ $element->name ]; $current_child_value = ! isset( $current_values[ $element->name ] ) ? array() : $current_values[ $element->name ]; $values[ $element->name ] = $element->presave_all( $values[ $element->name ], $current_child_value ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ! $this->save_empty && 1 != $this->limit ) { if ( is_array( $values[ $element->name ] ) ) { if ( empty( $values[ $element->name ] ) ) { @@ -473,7 +473,7 @@ public function get_element_label( $classes = array() ) { } $remove = ''; - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $this->one_label_per_item && ( 0 == $this->limit || ( $this->limit > 1 && $this->limit > $this->minimum_count ) ) ) { $remove = $this->get_remove_handle(); } @@ -540,5 +540,4 @@ protected function add_meta_boxes_to_remove( &$meta_boxes_to_remove ) { $child->add_meta_boxes_to_remove( $meta_boxes_to_remove ); } } - } diff --git a/php/class-fieldmanager-hidden.php b/php/class-fieldmanager-hidden.php index 4ee0e5097c..402c26e12f 100644 --- a/php/class-fieldmanager-hidden.php +++ b/php/class-fieldmanager-hidden.php @@ -32,5 +32,4 @@ public function form_element( $value = '' ) { $this->get_element_attributes() ); } - } diff --git a/php/class-fieldmanager-link.php b/php/class-fieldmanager-link.php index 1f64795879..19017645b5 100644 --- a/php/class-fieldmanager-link.php +++ b/php/class-fieldmanager-link.php @@ -21,5 +21,4 @@ public function __construct( $label = '', $options = array() ) { $this->template = fieldmanager_get_template( 'textfield' ); parent::__construct( $label, $options ); } - } diff --git a/php/class-fieldmanager-media.php b/php/class-fieldmanager-media.php index cb595557aa..a9d74424f0 100644 --- a/php/class-fieldmanager-media.php +++ b/php/class-fieldmanager-media.php @@ -139,7 +139,7 @@ public function admin_print_scripts() { * @return int The sanitized value. */ public function presave( $value, $current_value = array() ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 == $value || ! is_numeric( $value ) ) { return null; } @@ -176,7 +176,8 @@ public function form_element( $value = array() ) { ) . ''; // phpcs:ignore PEAR.Functions.FunctionCallSignature.ContentAfterOpenBracket -- baseline - $preview .= sprintf( '
    %1$s

    %2$s

    %3$s
    ', + $preview .= sprintf( + '
    %1$s

    %2$s

    %3$s
    ', esc_html( $file_label ), wp_get_attachment_link( $value, $this->preview_size, true, true, $attachment->post_title ), esc_html( $attachment->post_mime_type ) @@ -218,5 +219,4 @@ public function form_element( $value = array() ) { $this->get_element_attributes() ); } - } diff --git a/php/class-fieldmanager-options.php b/php/class-fieldmanager-options.php index 6a5a702224..f36aff8192 100644 --- a/php/class-fieldmanager-options.php +++ b/php/class-fieldmanager-options.php @@ -154,11 +154,11 @@ public function form_data_elements( $value ) { // If grouped display is desired, check where to add the start and end points // Note we are assuming the data has come pre-sorted into groups. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $this->grouped && ( $current_group != $data_element['group'] ) ) { // Append the end for the previous group unless this is the first group. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( '' != $current_group ) { $form_data_elements_html .= $this->form_data_end_group(); } @@ -181,7 +181,6 @@ public function form_data_elements( $value ) { } return $form_data_elements_html; - } /** @@ -211,7 +210,7 @@ public function form_data_element( $data_row, $value ) { * @return string $attribute On match, empty On failure. */ public function option_selected( $current_option, $options, $attribute ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline if ( ( null != $options && ! empty( $options ) ) && in_array( $current_option, $options ) ) { return $attribute; } diff --git a/php/class-fieldmanager-password.php b/php/class-fieldmanager-password.php index 61a93c7736..5658bd8ce8 100644 --- a/php/class-fieldmanager-password.php +++ b/php/class-fieldmanager-password.php @@ -38,5 +38,4 @@ public function __construct( $label = '', $options = array() ) { ); parent::__construct( $label, $options ); } - } diff --git a/php/class-fieldmanager-richtextarea.php b/php/class-fieldmanager-richtextarea.php index c84f477224..36dadb7835 100644 --- a/php/class-fieldmanager-richtextarea.php +++ b/php/class-fieldmanager-richtextarea.php @@ -155,7 +155,7 @@ public function form_element( $value = '' ) { if ( ! isset( $settings['default_editor'] ) ) { $settings['default_editor'] = 'tinymce'; - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline } elseif ( 'cookie' == $settings['default_editor'] ) { if ( $proto ) { $settings['default_editor'] = 'tinymce'; @@ -339,5 +339,4 @@ protected function array_merge_deep() { } return $result; } - } diff --git a/php/class-fieldmanager-select.php b/php/class-fieldmanager-select.php index 8975498c02..8a8ec7b7d4 100644 --- a/php/class-fieldmanager-select.php +++ b/php/class-fieldmanager-select.php @@ -84,7 +84,6 @@ public function __construct( $label = '', $options = array() ) { fm_add_script( 'fm_chosen', 'js/chosen/chosen.jquery.min.js', array( 'jquery' ), '1.8.2' ); fm_add_style( 'fm_chosen_css', 'js/chosen/chosen.min.css', array(), '1.8.2' ); } - } /** @@ -153,7 +152,6 @@ public function form_data_element( $data_row, $value = array() ) { $option_selected, esc_html( $data_row['name'] ) ); - } /** diff --git a/php/class-fieldmanager-textarea.php b/php/class-fieldmanager-textarea.php index 6932140443..d51e4f30c9 100644 --- a/php/class-fieldmanager-textarea.php +++ b/php/class-fieldmanager-textarea.php @@ -57,5 +57,4 @@ public function form_element( $value = '' ) { esc_textarea( $value ) ); } - } diff --git a/php/class-fieldmanager-textfield.php b/php/class-fieldmanager-textfield.php index 304db3cdf5..fd96ce84b0 100644 --- a/php/class-fieldmanager-textfield.php +++ b/php/class-fieldmanager-textfield.php @@ -29,5 +29,4 @@ public function __construct( $label = '', $options = array() ) { ); parent::__construct( $label, $options ); } - } diff --git a/php/context/class-fieldmanager-context-page.php b/php/context/class-fieldmanager-context-page.php index 5ade4732c3..cc4af1e781 100644 --- a/php/context/class-fieldmanager-context-page.php +++ b/php/context/class-fieldmanager-context-page.php @@ -40,8 +40,8 @@ public function __construct( $uniqid, $fm ) { $this->uniqid = $uniqid; // since this should be set up in init, check for submit now. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.DeprecatedWhitelistCommentFound, WordPress.Security.ValidatedSanitizedInput.DeprecatedWhitelistCommentFound -- baseline - if ( ! empty( $_POST ) && ! empty( $_POST['fm-page-action'] ) && esc_html( $_POST['fm-page-action'] ) == $uniqid ) { // WPCS: input var okay. CSRF ok. sanitization ok. + // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- baseline: deprecated method, nonce is checked in save_page_form() + if ( ! empty( $_POST ) && ! empty( $_POST['fm-page-action'] ) && sanitize_text_field( wp_unslash( $_POST['fm-page-action'] ) ) === $uniqid ) { $this->save_page_form(); } } @@ -53,16 +53,16 @@ public function save_page_form() { _deprecated_function( __METHOD__, '1.2.0' ); if ( - isset( $_POST[ 'fieldmanager-' . $this->fm->name . '-nonce' ] ) // WPCS: input var okay. - // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.DeprecatedWhitelistCommentFound -- baseline - && ! wp_verify_nonce( $_POST[ 'fieldmanager-' . $this->fm->name . '-nonce' ], 'fieldmanager-save-' . $this->fm->name ) // WPCS: input var okay. sanitization ok. + isset( $_POST[ 'fieldmanager-' . $this->fm->name . '-nonce' ] ) + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- wp_verify_nonce handles nonce value safely + && ! wp_verify_nonce( $_POST[ 'fieldmanager-' . $this->fm->name . '-nonce' ], 'fieldmanager-save-' . $this->fm->name ) ) { $this->fm->_unauthorized_access( __( 'Nonce validation failed', 'fieldmanager' ) ); } // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable -- baseline $this->fm->data_id = $user_id; - // phpcs:ignore Generic.Formatting.MultipleStatementAlignment.IncorrectWarning, WordPress.Security.ValidatedSanitizedInput.DeprecatedWhitelistCommentFound -- baseline - $value = isset( $_POST[ $this->fm->name ] ) ? $_POST[ $this->fm->name ] : ''; // WPCS: input var okay. sanitization ok. + // phpcs:ignore Generic.Formatting.MultipleStatementAlignment.IncorrectWarning, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- baseline: raw form data is sanitized later in the processing pipeline + $value = isset( $_POST[ $this->fm->name ] ) ? $_POST[ $this->fm->name ] : ''; if ( empty( $this->fm->data_type ) ) { $this->fm->data_type = 'page'; } @@ -87,10 +87,10 @@ public function render_page_form() { echo '
    '; echo '
    '; // phpcs:ignore WordPress.Security.EscapeOutput.DeprecatedWhitelistCommentFound -- baseline - printf( '', sanitize_title( $this->uniqid ) ); // WPCS: XSS ok. + printf( '', esc_attr( sanitize_title( $this->uniqid ) ) ); wp_nonce_field( 'fieldmanager-save-' . $this->fm->name, 'fieldmanager-' . $this->fm->name . '-nonce' ); - // phpcs:ignore WordPress.Security.EscapeOutput.DeprecatedWhitelistCommentFound -- baseline - echo $this->fm->element_markup( $current ); // WPCS: XSS ok. + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- HTML markup generated by element_markup() + echo $this->fm->element_markup( $current ); echo '
    '; printf( '', esc_attr( $this->fm->submit_button_label ) ?: esc_attr__( 'Save Options', 'fieldmanager' ) ); echo '
    '; @@ -112,7 +112,6 @@ public static function get_form( $uniqid ) { return self::$forms[ $uniqid ]; } - } /** diff --git a/php/context/class-fieldmanager-context-post.php b/php/context/class-fieldmanager-context-post.php index 180a223b0c..1ec31e32d0 100644 --- a/php/context/class-fieldmanager-context-post.php +++ b/php/context/class-fieldmanager-context-post.php @@ -180,7 +180,7 @@ public function save_fields_for_post( $post_id ) { // phpcs:ignore WordPress.Security.NonceVerification.Missing -- baseline empty( $_POST['post_ID'] ) || ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline || ( isset( $_POST['action'] ) && 'editpost' != $_POST['action'] ) ) { return; @@ -193,7 +193,7 @@ public function save_fields_for_post( $post_id ) { } // Prevent saving the same post twice; FM does not yet use revisions. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( get_post_type( $post_id ) == 'revision' ) { return; } @@ -205,7 +205,7 @@ public function save_fields_for_post( $post_id ) { } // Do not handle quickedit in this context. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline if ( 'inline-save' == $_POST['action'] ) { return; } @@ -218,7 +218,7 @@ public function save_fields_for_post( $post_id ) { } // Make sure the current user is authorized to save this post. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline if ( isset( $_POST['post_type'] ) && 'post' == $_POST['post_type'] ) { if ( ! current_user_can( 'edit_post', $post_id ) ) { $this->fm->_unauthorized_access( __( 'User cannot edit this post', 'fieldmanager' ) ); @@ -337,5 +337,4 @@ protected function update_data( $post_id, $meta_key, $meta_value, $data_prev_val protected function delete_data( $post_id, $meta_key, $meta_value = '' ) { return delete_post_meta( $post_id, $meta_key, $meta_value ); } - } diff --git a/php/context/class-fieldmanager-context-quickedit.php b/php/context/class-fieldmanager-context-quickedit.php index 473a9ef58c..1b46f3810f 100644 --- a/php/context/class-fieldmanager-context-quickedit.php +++ b/php/context/class-fieldmanager-context-quickedit.php @@ -120,7 +120,7 @@ public function add_custom_columns( $columns ) { * @param int $post_id The post ID. */ public function manage_custom_columns( $column_name, $post_id ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $column_name != $this->fm->name ) { return; } @@ -140,7 +140,7 @@ public function manage_custom_columns( $column_name, $post_id ) { * @param array $values The current values. */ public function add_quickedit_box( $column_name, $post_type, $values = array() ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $column_name != $this->fm->name ) { return; } @@ -173,7 +173,7 @@ public function render_ajax_form() { return; } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Recommended -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Recommended -- baseline if ( 'fm_quickedit_render' != $_GET['action'] ) { return; } @@ -183,7 +183,7 @@ public function render_ajax_form() { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- baseline $post_id = intval( $_GET['post_id'] ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ! $post_id || $column_name != $this->fm->name ) { return; } @@ -210,7 +210,7 @@ public function save_fields_for_quickedit( $post_id ) { // phpcs:ignore WordPress.Security.NonceVerification.Missing -- baseline ! isset( $_POST['post_type'] ) || ( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline || ( isset( $_POST['action'] ) && 'inline-save' != $_POST['action'] ) ) { return; @@ -218,7 +218,7 @@ public function save_fields_for_quickedit( $post_id ) { $use_this_post_type = false; foreach ( $this->post_types as $type ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline if ( $type == $_POST['post_type'] ) { $use_this_post_type = true; break; @@ -234,7 +234,7 @@ public function save_fields_for_quickedit( $post_id ) { } // Make sure the current user can save this post. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Missing -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Missing -- baseline if ( 'post' == $_POST['post_type'] ) { if ( ! current_user_can( 'edit_post', $post_id ) ) { $this->fm->_unauthorized_access( __( 'User cannot edit this post', 'fieldmanager' ) ); @@ -316,5 +316,4 @@ protected function update_data( $post_id, $meta_key, $meta_value, $data_prev_val protected function delete_data( $post_id, $meta_key, $meta_value = '' ) { return delete_post_meta( $post_id, $meta_key, $meta_value ); } - } diff --git a/php/context/class-fieldmanager-context-storable.php b/php/context/class-fieldmanager-context-storable.php index d6da35a5a9..6cf9eaa58e 100644 --- a/php/context/class-fieldmanager-context-storable.php +++ b/php/context/class-fieldmanager-context-storable.php @@ -112,7 +112,7 @@ protected function save_field( $field, $data ) { if ( isset( $this->save_keys[ $field->get_element_key() ] ) ) { /* translators: %s: element key for the field */ - throw new FM_Developer_Exception( sprintf( esc_html__( 'You have two fields in this group saving to the same key: %s', 'fieldmanager' ), $field->get_element_key() ) ); + throw new FM_Developer_Exception( esc_html( sprintf( __( 'You have two fields in this group saving to the same key: %s', 'fieldmanager' ), $field->get_element_key() ) ) ); } else { $this->save_keys[ $field->get_element_key() ] = true; } @@ -276,5 +276,4 @@ abstract protected function update_data( $data_id, $data_key, $data_value, $data * {@see delete_post_meta()}. */ abstract protected function delete_data( $data_id, $data_key, $data_value = '' ); - } diff --git a/php/context/class-fieldmanager-context-submenu.php b/php/context/class-fieldmanager-context-submenu.php index b81ee401f6..661dc79af4 100644 --- a/php/context/class-fieldmanager-context-submenu.php +++ b/php/context/class-fieldmanager-context-submenu.php @@ -111,7 +111,7 @@ public function render_submenu_page() { ?>

    updated_message ); ?>

    @@ -144,7 +144,7 @@ public function render_submenu_page() { * Save a submenu page */ public function handle_submenu_save() { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison, WordPress.Security.NonceVerification.Recommended -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons, WordPress.Security.NonceVerification.Recommended -- baseline if ( empty( $_GET['page'] ) || $_GET['page'] != $this->menu_slug ) { return; } diff --git a/php/context/class-fieldmanager-context-term.php b/php/context/class-fieldmanager-context-term.php index 6f9ce6a5ec..ce19dc57e0 100644 --- a/php/context/class-fieldmanager-context-term.php +++ b/php/context/class-fieldmanager-context-term.php @@ -223,7 +223,7 @@ public function add_term_fields( $taxonomy ) { */ public function edit_term_fields( $term, $taxonomy ) { // Check if this term's parent matches the specified term if it is set. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 !== strlen( $this->parent ) && $this->parent != $term->parent ) { return; } @@ -500,5 +500,4 @@ protected function delete_data( $term_id, $meta_key, $meta_value = '' ) { return delete_term_meta( $term_id, $meta_key, $meta_value ); } } - } diff --git a/php/datasource/class-fieldmanager-datasource-post.php b/php/datasource/class-fieldmanager-datasource-post.php index 730c32f11d..a8be668feb 100644 --- a/php/datasource/class-fieldmanager-datasource-post.php +++ b/php/datasource/class-fieldmanager-datasource-post.php @@ -158,9 +158,9 @@ public function get_items( $fragment = null ) { if ( $post_id ) { $exact_post = get_post( $post_id ); if ( $exact_post && ( - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline 'any' == $post_args['post_type'] || - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline $post_args['post_type'] == $exact_post->post_type || // phpcs:ignore WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline in_array( $exact_post->post_type, $post_args['post_type'] ) @@ -242,7 +242,7 @@ public function title_like( $where, $wp_query ) { * @param array $current_values Existing post values. */ public function presave_alter_values( Fieldmanager_Field $field, $values, $current_values ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 'post' == $field->data_type && ! empty( $this->reciprocal ) && ! empty( $current_values ) && is_array( $current_values ) ) { foreach ( $current_values as $reciprocal_post_id ) { delete_post_meta( $reciprocal_post_id, $this->reciprocal, $field->data_id ); @@ -281,7 +281,7 @@ public function presave( Fieldmanager_Field $field, $value, $current_value ) { } } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $this->save_to_post_parent && 1 == $field->limit && 'post' == $field->data_type ) { if ( ! wp_is_post_revision( $field->data_id ) ) { Fieldmanager_Context_Post::safe_update_post( @@ -331,7 +331,7 @@ public function preload_alter_values( Fieldmanager_Field $field, $values ) { if ( $this->only_save_to_post_parent ) { $post_parent = wp_get_post_parent_id( $field->data_id ); if ( $post_parent ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline return ( 1 == $field->limit && empty( $field->multiple ) ) ? $post_parent : array( $post_parent ); } } @@ -367,7 +367,6 @@ public function get_edit_link( $value ) { esc_html__( 'Edit', 'fieldmanager' ) ); } - } /** @@ -446,7 +445,7 @@ function fm_url_to_post_id( $url ) { foreach ( (array) $rewrite as $match => $query ) { // If the requesting file is the anchor of the match, prepend it // to the path info. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ! empty( $url ) && ( $url != $request ) && ( strpos( $match, $url ) === 0 ) ) { $request_match = $url . '/' . $request; } diff --git a/php/datasource/class-fieldmanager-datasource-term.php b/php/datasource/class-fieldmanager-datasource-term.php index 7006937de0..a8dae279cd 100644 --- a/php/datasource/class-fieldmanager-datasource-term.php +++ b/php/datasource/class-fieldmanager-datasource-term.php @@ -156,7 +156,7 @@ public function preload_alter_values( Fieldmanager_Field $field, $values ) { } if ( count( $terms ) > 0 ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 1 == $field->limit && empty( $field->multiple ) ) { return $terms[0]->term_id; } else { @@ -390,8 +390,8 @@ protected function build_hierarchical_term_data( $parent_terms, $tax_args, $dept if ( ! empty( $pattern ) ) { $tax_args['search'] = $pattern; } - $child_terms = get_terms( $this->get_taxonomies(), $tax_args ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + $child_terms = get_terms( array_merge( $tax_args, array( 'taxonomy' => $this->get_taxonomies() ) ) ); + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 == $this->taxonomy_hierarchical_depth || $depth + 1 < $this->taxonomy_hierarchical_depth ) { if ( ! empty( $child_terms ) ) { $stack = $this->build_hierarchical_term_data( $child_terms, $this->taxonomy_args, $depth + 1, $stack ); @@ -447,8 +447,8 @@ private function get_term( $term_id ) { return $term; } else { $terms = get_terms( - $this->get_taxonomies(), array( + 'taxonomy' => $this->get_taxonomies(), 'hide_empty' => false, 'include' => array( $term_id ), 'number' => 1, @@ -492,5 +492,4 @@ public function get_edit_link( $value ) { esc_html__( 'Edit', 'fieldmanager' ) ); } - } diff --git a/php/datasource/class-fieldmanager-datasource-user.php b/php/datasource/class-fieldmanager-datasource-user.php index 8a73040b03..e1f9b2df11 100644 --- a/php/datasource/class-fieldmanager-datasource-user.php +++ b/php/datasource/class-fieldmanager-datasource-user.php @@ -96,29 +96,33 @@ public function __construct( $options = array() ) { // phpcs:ignore WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline if ( ! in_array( $this->store_property, $this->allowed_store_properties ) ) { throw new FM_Developer_Exception( - sprintf( - /* translators: 1: stored property, 2: allowed store properties */ - __( 'Store property %1$s is invalid. Must be one of %2$s.', 'fieldmanager' ), - $this->store_property, - implode( ', ', $this->allowed_store_properties ) + esc_html( + sprintf( + /* translators: 1: stored property, 2: allowed store properties */ + __( 'Store property %1$s is invalid. Must be one of %2$s.', 'fieldmanager' ), + $this->store_property, + implode( ', ', $this->allowed_store_properties ) + ) ) ); } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( ! empty( $this->reciprocal ) && 'ID' != $this->store_property ) { - throw new FM_Developer_Exception( __( 'You cannot use reciprocal relationships with FM_Datasource_User if store_property is not set to ID.', 'fieldmanager' ) ); + throw new FM_Developer_Exception( esc_html__( 'You cannot use reciprocal relationships with FM_Datasource_User if store_property is not set to ID.', 'fieldmanager' ) ); } // Validate improper usage of display property. // phpcs:ignore WordPress.PHP.StrictInArray.MissingTrueStrict -- baseline if ( ! in_array( $this->display_property, $this->allowed_display_properties ) ) { throw new FM_Developer_Exception( - sprintf( - /* translators: 1: display property, 2: allowed display properties */ - __( 'Display property %1$s is invalid. Must be one of %2$s.', 'fieldmanager' ), - $this->display_property, - implode( ', ', $this->allowed_display_properties ) + esc_html( + sprintf( + /* translators: 1: display property, 2: allowed display properties */ + __( 'Display property %1$s is invalid. Must be one of %2$s.', 'fieldmanager' ), + $this->display_property, + implode( ', ', $this->allowed_display_properties ) + ) ) ); } @@ -208,7 +212,7 @@ public function get_ajax_action() { * @return string Sanitized values. */ public function presave_alter_values( Fieldmanager_Field $field, $values, $current_values ) { - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 'post' != $field->data_type || ! $this->reciprocal || 'ID' != $this->store_property ) { return $values; } @@ -265,7 +269,7 @@ public function presave( Fieldmanager_Field $field, $value, $current_value ) { /* translators: %s: user id */ wp_die( esc_html( sprintf( __( 'Tried to refer to user "%s" which current user cannot edit.', 'fieldmanager' ), $v ) ) ); } - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( $this->reciprocal && 'ID' == $this->store_property ) { call_user_func( /** diff --git a/php/datasource/class-fieldmanager-datasource.php b/php/datasource/class-fieldmanager-datasource.php index 9392fe0d0d..75c8e3989f 100644 --- a/php/datasource/class-fieldmanager-datasource.php +++ b/php/datasource/class-fieldmanager-datasource.php @@ -98,11 +98,10 @@ public function __construct( $options = array() ) { } if ( get_class( $this ) === __CLASS__ && empty( $options ) ) { - $message = __( 'Invalid options for Datasource; must use the options parameter to supply an array.', 'fieldmanager' ); if ( Fieldmanager_Field::$debug ) { - throw new FM_Developer_Exception( $message ); + throw new FM_Developer_Exception( esc_html__( 'Invalid options for Datasource; must use the options parameter to supply an array.', 'fieldmanager' ) ); } else { - wp_die( esc_html( $message ), esc_html__( 'Invalid Datasource Options', 'fieldmanager' ) ); + wp_die( esc_html__( 'Invalid options for Datasource; must use the options parameter to supply an array.', 'fieldmanager' ), esc_html__( 'Invalid Datasource Options', 'fieldmanager' ) ); } } @@ -209,7 +208,7 @@ public function autocomplete_search() { * @param mixed $current_values Current value. * @return string $values Cleaned value. */ - public function presave_alter_values( Fieldmanager_Field $field, $values, $current_values ) { + public function presave_alter_values( Fieldmanager_Field $field, $values, $current_values ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed -- $current_values is required by the interface and used by subclasses // nothing here, but some child classes need this method. return $values; } @@ -233,7 +232,7 @@ public function preload_alter_values( Fieldmanager_Field $field, $values ) { * @param mixed $current_value Current value. * @return string $values Cleaned value. */ - public function presave( Fieldmanager_Field $field, $value, $current_value ) { + public function presave( Fieldmanager_Field $field, $value, $current_value ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed -- $current_value is required by the interface and used by subclasses if ( is_array( $value ) ) { return array_map( 'sanitize_text_field', $value ); } @@ -246,7 +245,7 @@ public function presave( Fieldmanager_Field $field, $value, $current_value ) { * @param mixed $value The current value. * @return string HTML string. */ - public function get_view_link( $value ) { + public function get_view_link( $value ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found -- $value is required by the interface and used by subclasses return ''; } @@ -256,8 +255,7 @@ public function get_view_link( $value ) { * @param int|string $value The current value. * @return string HTML string. */ - public function get_edit_link( $value ) { + public function get_edit_link( $value ) { // phpcs:ignore Generic.CodeAnalysis.UnusedFunctionParameter.Found -- $value is required by the interface and used by subclasses return ''; } - } diff --git a/php/util/class-fieldmanager-util-assets.php b/php/util/class-fieldmanager-util-assets.php index 27ec652f89..36eecbcb86 100644 --- a/php/util/class-fieldmanager-util-assets.php +++ b/php/util/class-fieldmanager-util-assets.php @@ -212,7 +212,7 @@ public function add_script( $args ) { } // Set the default directory. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( '' == $args['plugin_dir'] ) { $args['plugin_dir'] = fieldmanager_get_baseurl(); // Allow overrides for child plugins. } @@ -272,7 +272,7 @@ public function add_style( $args ) { } // Set the default directory. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( '' == $args['plugin_dir'] ) { $args['plugin_dir'] = fieldmanager_get_baseurl(); // Allow overrides for child plugins. } diff --git a/php/util/class-fieldmanager-util-term-meta.php b/php/util/class-fieldmanager-util-term-meta.php index a91e5ddd99..bc2fa8d7e0 100644 --- a/php/util/class-fieldmanager-util-term-meta.php +++ b/php/util/class-fieldmanager-util-term-meta.php @@ -292,7 +292,7 @@ public function add_term_meta_post( $term_id, $taxonomy ) { ); // Check the result. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 0 != $result ) { return $result; } else { @@ -327,7 +327,7 @@ public function collect_garbage( $term_id, $tt_id, $taxonomy ) { */ public function split_shared_term( $old_term_id, $new_term_id, $term_taxonomy_id, $taxonomy ) { $post_id = $this->get_term_meta_post_id( $old_term_id, $taxonomy ); - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( false != $post_id ) { wp_update_post( array( @@ -422,4 +422,3 @@ function fm_update_term_meta( $term_id, $taxonomy, $meta_key, $meta_value, $meta function fm_delete_term_meta( $term_id, $taxonomy, $meta_key, $meta_value = '' ) { return Fieldmanager_Util_Term_Meta()->delete_term_meta( $term_id, $taxonomy, $meta_key, $meta_value ); } - diff --git a/php/util/class-fieldmanager-util-validation.php b/php/util/class-fieldmanager-util-validation.php index 31a07adf24..c2f8b72174 100644 --- a/php/util/class-fieldmanager-util-validation.php +++ b/php/util/class-fieldmanager-util-validation.php @@ -107,7 +107,7 @@ private function setup( $form_id, $context ) { // Add the appropriate action hook to finalize and output validation JS. // Also determine where the jQuery validation script needs to be added. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 'page' == $context ) { // Currently only the page context outputs to the frontend. $action = 'wp_footer'; @@ -168,11 +168,8 @@ public function add_field( &$fm ) { // This is not a rule available in jQuery validation. /* translators: %s: validation key */ $fm->_invalid_definition( sprintf( __( 'The validation rule "%s" does not exist.', 'fieldmanager' ), $validation_key ) ); - } else { - // This rule is valid so check for any messages. - if ( isset( $fm->validation_messages[ $validation_key ] ) ) { - $messages[ $validation_key ] = $fm->validation_messages[ $validation_key ]; - } + } elseif ( isset( $fm->validation_messages[ $validation_key ] ) ) { + $messages[ $validation_key ] = $fm->validation_messages[ $validation_key ]; } } } @@ -180,7 +177,7 @@ public function add_field( &$fm ) { // If this is the term context and the field is required, modify the original element to have the required property. // This is necessary because it is the only way validation is supported on the term add form. // Other validation methods won't work and will just fail gracefully. - // phpcs:ignore WordPress.PHP.StrictComparisons.LooseComparison -- baseline + // phpcs:ignore Universal.Operators.StrictComparisons -- baseline if ( 'term' == $this->context && isset( $fm->validation_rules['required'] ) && $fm->validation_rules['required'] ) { $fm->required = true; } @@ -244,12 +241,12 @@ public function add_validation() { // Add the Fieldmanager validation script and CSS. // This is not done via the normal enqueue process since there is no way to know at that point if any fields will require validation. // Doing this here avoids loading JS/CSS for validation if not in use. - echo sprintf( + printf( "\n", 'stylesheet', esc_url( fieldmanager_get_baseurl() ) ); - echo sprintf( + printf( "<%s type='%s' src='%sjs/validation/fieldmanager-validation.js?ver=0.3'>\n", 'script', 'text/javascript', @@ -257,7 +254,7 @@ public function add_validation() { ); // Add the jQuery validation script. - echo sprintf( + printf( "<%s type='%s' src='%sjs/validation/jquery.validate.min.js'>\n", 'script', 'text/javascript', @@ -265,7 +262,7 @@ public function add_validation() { ); // Add the ignore, rules and messages to final validate method with form ID, wrap in script tags and output. - echo sprintf( + printf( "\t\n", esc_attr( $this->form_id ), esc_js( $ignore_js ), diff --git a/phpcs.xml b/phpcs.xml index 6bab965b5c..0f654fd773 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -12,6 +12,26 @@ + + + + + + + + + + @@ -47,7 +67,13 @@ - + + + + + + +