From 7a861cf8cf5780687f17349d0e69bc2c26060ec5 Mon Sep 17 00:00:00 2001 From: Anton Date: Fri, 16 Jun 2023 11:45:55 +0530 Subject: [PATCH] Apply PHPCS and change some code according to coding standard --- .DS_Store | Bin 0 -> 6148 bytes includes/settings.php | 104 ++++++++++++++++++++-------------------- includes/shortcodes.php | 2 +- readme.txt | 2 +- wp-post-views.php | 74 ++++++++++++++++++---------- 5 files changed, 102 insertions(+), 80 deletions(-) create mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..d3f7e933e8a51933d55790f524ff9f7e5e723f3c GIT binary patch literal 6148 zcmeHKyH3ME5S%3`EYYM)dB4CPoTBgr`2j>sffSJd+MT<- zowGcJ*9*XQ*YN?^02t_wc=s?jKX;$mU1f|&=N(s!c)?}798a_A<%Dwwyy6WH!4M+=am{oX z*D*^Fn`tS2f;0V!~+ zz$&*J@BfeVALjpCl6F!+3j8YtY`s71cYLMlt+SW&UfbwTbg%iKyKx;9hG@scXvf@m fJKjc7)-_-AycbT1L1#YbMEwl7E;1?b*9v?Bhj$g0 literal 0 HcmV?d00001 diff --git a/includes/settings.php b/includes/settings.php index 87d5ba9..2360fb2 100755 --- a/includes/settings.php +++ b/includes/settings.php @@ -1,17 +1,15 @@ - > - + > + - > - + > + true, @@ -92,27 +90,27 @@ public static function select_post_type_callback( ) { - - name == @$checkbox_val[$post_type->name]), true ); ?>> + + name == @$checkbox_val[$post_type->name] ), true ); ?>> -
-

- -
- +
+

+ +
+ \ No newline at end of file +?> diff --git a/includes/shortcodes.php b/includes/shortcodes.php index 4174e03..be4d2af 100644 --- a/includes/shortcodes.php +++ b/includes/shortcodes.php @@ -37,4 +37,4 @@ function wppv_current_post_view_per_post_type_callback($atts = array() , $conten if( ! shortcode_exists( 'WPPV-TOTAL-VIEWS-PER-POST-TYPE' )){ add_shortcode( 'WPPV-TOTAL-VIEWS-PER-POST-TYPE', 'wppv_current_post_view_per_post_type_callback' ); } -} \ No newline at end of file +} diff --git a/readme.txt b/readme.txt index 5c4eb80..96d342c 100644 --- a/readme.txt +++ b/readme.txt @@ -1,5 +1,5 @@ === Wp Post Views - Wordpress Post views counter === -Contributors: vanpariyar, ankitatanti, Brijeshdhanani, piyushmultidots +Contributors: vanpariyar, ankitatanti, Brijeshdhanani, piyushmultidots, kajalgohel Tags: post views, count wordpress site views, show post views, post view counter, WP Post Views, post view count based on ip Requires at least: 5.0 Requires PHP: 5.3 diff --git a/wp-post-views.php b/wp-post-views.php index a4e3bea..e095a00 100644 --- a/wp-post-views.php +++ b/wp-post-views.php @@ -17,14 +17,14 @@ * Author: Ronak J Vanpariya * Author URI: https://vanpariyar.github.io * Text Domain: wppv - * Domain Path: /languages + * Domain Path: /languages * License: GPL v2 or later * License URI: http://www.gnu.org/licenses/gpl-2.0.txt -*/ + */ -// Make sure we don't expose any info if called directly -if ( !function_exists( 'add_action' ) ) { - echo __('Hi there! I\'m just a plugin, not much I can do when called directly.', 'wppv'); +// Make sure we don't expose any info if called directly. +if ( ! function_exists( 'add_action' ) ) { + echo esc_html__('Hi there! I\'m just a plugin, not much I can do when called directly.', 'wppv'); exit; } @@ -85,38 +85,62 @@ public function wppv_posts_custom_column_views( $column ) { if ( !empty($this->options['wppv_api_text_field_0']) ) { if ( $column === 'post_views') { $view_post_meta = get_post_meta(get_the_ID(), 'entry_views', true); - echo $view_post_meta; + echo esc_html( $view_post_meta ); } } } - public function get_ip_address() + public function get_ip_address() { - // check for shared internet/ISP IP - if (!empty($_SERVER['HTTP_CLIENT_IP']) && $this->validate_ip($_SERVER['HTTP_CLIENT_IP'])) - return $_SERVER['HTTP_CLIENT_IP']; - // check for IPs passing through proxies - if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { - // check if multiple ips exist in var - $iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); + // Check for shared internet/ISP IP + if (isset($_SERVER['HTTP_CLIENT_IP'])) { + $client_ip = filter_var($_SERVER['HTTP_CLIENT_IP'], FILTER_VALIDATE_IP); + if (!empty($client_ip) && $this->validate_ip($client_ip)) { + return $client_ip; + } + } + + // Sanitize HTTP_X_FORWARDED_FOR variable + $x_forwarded_for = filter_input(INPUT_SERVER, 'HTTP_X_FORWARDED_FOR', FILTER_SANITIZE_STRING); + if ($x_forwarded_for !== null) { + $iplist = explode(',', $x_forwarded_for); foreach ($iplist as $ip) { + $ip = trim($ip); // Remove any leading/trailing spaces if ($this->validate_ip($ip)) return $ip; } } - if (!empty($_SERVER['HTTP_X_FORWARDED']) && $this->validate_ip($_SERVER['HTTP_X_FORWARDED'])) - return $_SERVER['HTTP_X_FORWARDED']; - if (!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']) && $this->validate_ip($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) - return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP']; - if (!empty($_SERVER['HTTP_FORWARDED_FOR']) && $this->validate_ip($_SERVER['HTTP_FORWARDED_FOR'])) - return $_SERVER['HTTP_FORWARDED_FOR']; - if (!empty($_SERVER['HTTP_FORWARDED']) && $this->validate_ip($_SERVER['HTTP_FORWARDED'])) - return $_SERVER['HTTP_FORWARDED']; - // return unreliable ip since all else failed - return $_SERVER['REMOTE_ADDR']; + + // Check for IPs passing through proxies + $proxy_vars = array( + 'HTTP_X_FORWARDED', + 'HTTP_X_CLUSTER_CLIENT_IP', + 'HTTP_FORWARDED_FOR', + 'HTTP_FORWARDED' + ); + + foreach ($proxy_vars as $var) { + if (!empty($_SERVER[$var])) { + $ip = filter_var($_SERVER[$var], FILTER_VALIDATE_IP); + if ($ip !== false && $this->validate_ip($ip)) + return $ip; + } + } + + // Sanitize and validate REMOTE_ADDR variable + if (isset($_SERVER['REMOTE_ADDR'])) { + $remote_addr = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP); + if ($remote_addr !== false && $this->validate_ip($remote_addr)) { + return $remote_addr; + } + } + + // Return unreliable IP since all else failed + return ''; } + public function validate_ip($ip) { if ( filter_var( $ip, @@ -144,7 +168,7 @@ public function counter(){ $current_ip = $this->get_ip_address(); if( $stored_ip_addresses ) - { + { if(!in_array($current_ip, $stored_ip_addresses)) { $view_post_meta = get_post_meta(get_the_ID(), $this->meta_key, true);