Fix: Plugin test security issue fixes.

awsmin · Dec 31, 2024 · 7c15bde · 7c15bde
1 parent 79ba5e4
commit 7c15bde
Show file tree

Hide file tree

Showing 12 changed files with 71 additions and 59 deletions.
diff --git a/admin/class-awsm-job-openings-overview.php b/admin/class-awsm-job-openings-overview.php
@@ -179,8 +179,8 @@ public static function get_jobs( $args ) {
 
 		$values = array();
 		//$join   = "LEFT JOIN {$wpdb->posts} AS applications ON {$wpdb->posts}.ID = applications.post_parent AND applications.post_type = 'awsm_job_application'";
-		$join   = "LEFT JOIN {$wpdb->posts} AS applications ON {$wpdb->posts}.ID = applications.post_parent AND applications.post_type = 'awsm_job_application' AND applications.post_status != 'trash'";
-		$where  = 'WHERE 1=1';
+		$join  = "LEFT JOIN {$wpdb->posts} AS applications ON {$wpdb->posts}.ID = applications.post_parent AND applications.post_type = 'awsm_job_application' AND applications.post_status != 'trash'";
+		$where = 'WHERE 1=1';
 		if ( isset( $parsed_args['tax_query'] ) && is_array( $parsed_args['tax_query'] ) ) {
 			$in       = array();
 			$term_ids = array();
@@ -300,5 +300,5 @@ public static function get_applications_analytics_data( $date_query = array(), $
 		}
 		return $analytics_data;
 	}
-	
+
 }
diff --git a/admin/templates/meta/get-pro.php b/admin/templates/meta/get-pro.php
@@ -13,7 +13,7 @@
 		<li><?php esc_html_e( 'Shortlist, Reject and Select Applicants', 'wp-job-openings' ); ?></li>
 		<li><?php esc_html_e( 'Rate and Filter Applications', 'wp-job-openings' ); ?></li>
 		<li><?php esc_html_e( 'Custom Email Notifications &amp; Templates', 'wp-job-openings' ); ?></li>
-		<li><?php esc_html_e( 'Notes, Activity Log and more!', 'wp-job-openings' ); ?></li>
+		<li><?php esc_html_e( 'Remarks, Activity Log and more!', 'wp-job-openings' ); ?></li>
 	</ul>
 	<div class="awsm-job-get-pro-now-btn-wrapper">
 		<a href="<?php echo esc_url( 'https://awsm.in/get/wpjo-pro/' ); ?>" class="button button-large"><?php esc_html_e( 'View Pricing', 'wp-job-openings' ); ?></a>

diff --git a/admin/templates/meta/resume-preview.php b/admin/templates/meta/resume-preview.php
@@ -13,30 +13,40 @@
 <?php
 		$awsm_attachment_id = get_post_meta( $post->ID, 'awsm_attachment_id', true );
 		$attachment_url     = wp_get_attachment_url( intval( $awsm_attachment_id ) );
-	if ( $attachment_url ) :
-		$file_extension = strtolower( pathinfo( $attachment_url, PATHINFO_EXTENSION ) );
+if ( $attachment_url ) :
+	$file_extension = strtolower( pathinfo( $attachment_url, PATHINFO_EXTENSION ) );
 
-		// Supported office formats
-		$supported_office_formats = array(
-			'doc', 'docx',      // Word documents
-			'ppt', 'pptx',      // PowerPoint presentations
-			'xls', 'xlsx'       // Excel spreadsheets
-		);
+	// Supported office formats
+	$supported_office_formats = array(
+		'doc',
+		'docx',      // Word documents
+		'ppt',
+		'pptx',      // PowerPoint presentations
+		'xls',
+		'xlsx',       // Excel spreadsheets
+	);
 
-		// Formats supported by Google Docs Viewer
-		$google_docs_formats = array(
-			'csv',              // CSV files
-			'odt', 'ods', 'odp' // OpenDocument formats
-		);
+	// Formats supported by Google Docs Viewer
+	$google_docs_formats = array(
+		'csv',              // CSV files
+		'odt',
+		'ods',
+		'odp', // OpenDocument formats
+	);
 
-		// Supported image formats
-		$supported_image_formats = array(
-			'jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp' // Common image formats
-		);
+	// Supported image formats
+	$supported_image_formats = array(
+		'jpg',
+		'jpeg',
+		'png',
+		'gif',
+		'bmp',
+		'webp', // Common image formats
+	);
 
-		?>
+	?>
 			<div class="awsm-document-preview">
-			<?php if ( $file_extension === 'pdf' ) : ?>
+		<?php if ( $file_extension === 'pdf' ) : ?>
 				<iframe 
 					src="<?php echo esc_url( $attachment_url ); ?>" 
 					style="width: 100%; height: 400px; border: none;" 
@@ -69,8 +79,8 @@
 			<div class="awsm-resume-none">
 				<h2><strong><?php esc_html_e( 'No resume to preview. File not found!', 'wp-job-openings' ); ?></strong></h2>
 			</div>
-		<?php
+			<?php
 	endif;
-?>
+		?>
 
 </div>
diff --git a/admin/templates/overview/main.php b/admin/templates/overview/main.php
@@ -10,7 +10,7 @@
 $new_applications          = intval( $overview_data['new_applications'] );
 $total_applications        = intval( $overview_data['total_applications'] );
 $total_active_applications = intval( $overview_data['active_applications'] );
-$applications_count = intval( $overview_data['unread_applications'] );
+$applications_count        = intval( $overview_data['unread_applications'] );
 // Enable meta-box support.
 do_action( 'add_meta_boxes_' . AWSM_Job_Openings_Overview::$screen_id, null );
 
@@ -80,7 +80,7 @@
 							<li>
 								<img src="<?php echo esc_url( AWSM_JOBS_PLUGIN_URL . '/assets/img/icon-3.svg' ); ?>" align="Icon">
 								<?php esc_html_e( 'Total Applications', 'wp-job-openings' ); ?>
-								<span><?php echo esc_html( $total_active_applications  ); ?></span>
+								<span><?php echo esc_html( $total_active_applications ); ?></span>
 							</li>
 							<?php endif; ?>
 						</ul>
@@ -107,19 +107,21 @@
 
 						// Set the unique ID for which you want the template path
 						$unique_id = 'awsm-jobs-overview-applications-by-status';
-						
+
 						// Create a template args array to pass variables to the template
 						$template_args = array(
-							'widget_id' => $unique_id // Pass the unique_id as widget_id
+							'widget_id' => $unique_id, // Pass the unique_id as widget_id
 						);
 
 						// Get the template path
 						$template_path = $overview_instance->pro_widget_template_path( '', $unique_id );
 
 						// Include the template file if it exists
 						if ( file_exists( $template_path ) ) {
-							// Extract template args to make them available as variables in the template
-							extract( $template_args );
+
+							foreach ( $template_args as $key => $value ) {
+								${$key} = $value;
+							}
 							include $template_path;
 						} else {
 							echo '<p>' . esc_html__( 'Template not found.', 'wp-job-openings' ) . '</p>';
@@ -258,9 +260,11 @@
 					</div><!-- .awsm-jobs-overview-col-head -->
 
 					<?php
-					if ( ! empty( $jobs ) ) : ?>
+					if ( ! empty( $jobs ) ) :
+						?>
 					<div class="awsm-jobs-overview-col-content">
-						<?php foreach ( $jobs as $job ) :
+						<?php
+						foreach ( $jobs as $job ) :
 							$jobmeta     = get_post_meta( $job->ID );
 							$expiry_date = isset( $jobmeta['awsm_job_expiry'][0] ) ? $jobmeta['awsm_job_expiry'][0] : null;
 
@@ -270,7 +274,7 @@
 								$published_date = get_the_date( 'F j, Y', $job->ID );
 								?>
 									<a href="<?php echo esc_url( get_edit_post_link( $job->ID ) ); ?>" class="awsm-jobs-overview-list-item">
-										<span class="count"><?php echo esc_html( $job->applications_count );  ?></span>
+										<span class="count"><?php echo esc_html( $job->applications_count ); ?></span>
 										<p>
 											<strong>
 										<?php
@@ -289,9 +293,11 @@
 									</a>
 									<?php
 								endif;
-							endforeach; ?>
+							endforeach;
+						?>
 							</div>
-						<?php else :
+						<?php
+						else :
 							?>
 							<div class="awsm-jobs-overview-empty-wrapper">
 								<p><img src="<?php echo esc_url( AWSM_JOBS_PLUGIN_URL . '/assets/img/icon-1.svg' ); ?>" align="Icon">

diff --git a/admin/templates/overview/widgets/applications-analytics.php b/admin/templates/overview/widgets/applications-analytics.php
@@ -15,7 +15,7 @@
 <div class="awsm-jobs-overview-col-content">
 <div class="<?php echo esc_attr( "awsm-jobs-overview-widget-wrapper awsm-jobs-overview-{$widget_id}-widget-wrapper" ); ?>">
 	<?php
-	
+
 
 		$analytics_data = AWSM_Job_Openings_Overview::get_applications_analytics_data();
 

diff --git a/inc/class-awsm-job-openings-block.php b/inc/class-awsm-job-openings-block.php
@@ -451,14 +451,13 @@ public function awsm_block_posts_filters() {
 	public static function awsm_block_job_query_args( $filters = array(), $attributes = array(), $is_term_or_slug = array() ) {
 		$args = array();
 		if ( is_tax() ) {
-			$q_obj    = get_queried_object();
-			$taxonomy = $q_obj->taxonomy;
-			$term_id  = $q_obj->term_id;
-			$filters  = array( $taxonomy => $term_id );
+			$q_obj                        = get_queried_object();
+			$taxonomy                     = $q_obj->taxonomy;
+			$term_id                      = $q_obj->term_id;
+			$filters                      = array( $taxonomy => $term_id );
 			$is_term_or_slug[ $taxonomy ] = 'term_id';
 		}
 
-
 		if ( ! empty( $filters ) ) {
 			foreach ( $filters as $taxonomy => $value ) {
 				if ( ! empty( $value ) ) {

diff --git a/inc/class-awsm-job-openings-core.php b/inc/class-awsm-job-openings-core.php
@@ -25,8 +25,6 @@ public function __construct() {
 		add_filter( 'woocommerce_disable_admin_bar', array( $this, 'woocommerce_disable_backend_access' ) );
 		add_filter( 'woocommerce_prevent_admin_access', array( $this, 'woocommerce_disable_backend_access' ) );
 
-
-
 	}
 
 	public static function init() {
@@ -467,6 +465,6 @@ public function woocommerce_disable_backend_access( $disable ) {
 		return $disable;
 	}
 
-	
-	
+
+
 }
diff --git a/inc/template-functions-block.php b/inc/template-functions-block.php
@@ -34,7 +34,7 @@ function awsm_block_job_filters_explode( $filter_data ) {
 if ( ! function_exists( 'get_block_filtered_job_terms' ) ) {
 	function get_block_filtered_job_terms( $attributes ) {
 		$filter_suffix  = '_spec';
-		$filters        = explode(',', $attributes["filter_options"]);
+		$filters        = explode( ',', $attributes['filter_options'] );
 		$filtered_terms = array();
 
 		error_log( json_encode( 'enters get_block_filtered_job_terms', JSON_PRETTY_PRINT ) );
@@ -66,9 +66,8 @@ function awsm_block_jobs_query( $attributes = array() ) {
 		$is_term_or_slug = array();
 		$filter_suffix   = '_spec';
 
-
-		$filter_options_array = explode(',', $attributes["filter_options"]);
-
+		$filter_options_array = explode( ',', $attributes['filter_options'] );
+
 		if ( ! empty( $filter_options_array ) ) {
 			foreach ( $filter_options_array as $filter ) {
 				$current_filter_key = str_replace( '-', '__', $filter ) . $filter_suffix;

diff --git a/inc/template-functions.php b/inc/template-functions.php
@@ -285,7 +285,7 @@ function awsm_jobs_load_more( $query, $shortcode_atts = array() ) {
 					echo apply_filters( 'awsm_jobs_load_more_content', $load_more_content, $query, $shortcode_atts ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 				}
 			} else {
-				echo awsm_jobs_paginate_links( $query );
+				echo awsm_jobs_paginate_links( $query ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 			}
 		}
 	}

diff --git a/inc/templates/block-files/block-job-openings-view.php b/inc/templates/block-files/block-job-openings-view.php
@@ -57,12 +57,12 @@
 					do_action( 'awsm_block_form_outside', $attributes );
 				?>
 				<?php
-				get_block_filtered_job_terms( $attributes);
+				get_block_filtered_job_terms( $attributes );
 				$no_jobs_content = sprintf(
 					'<div class="awsm-jobs-pagination awsm-load-more-main awsm-no-more-jobs-container awsm-b-job-no-more-jobs-get"><p>%s</p></div>',
 					esc_html__( 'Sorry! No jobs to show.', 'wp-job-openings' )
 				);
-				echo $no_jobs_content;
+				echo $no_jobs_content; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 				?>
 				<div <?php awsm_block_jobs_view_class( '', $attributes ); ?><?php awsm_block_jobs_data_attrs( array(), $attributes ); ?>>
 					<?php

diff --git a/inc/templates/job-openings-view.php b/inc/templates/job-openings-view.php
@@ -62,7 +62,7 @@
 		foreach ( $_GET as $key => $value ) {
 			if ( substr( $key, -strlen( $filter_suffix ) ) === $filter_suffix ) {
 				$job_spec[ $key ] = sanitize_text_field( $value );
-			}
+			} // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 		}
 	}
 
@@ -79,7 +79,7 @@
 					'<div class="awsm-jobs-pagination awsm-load-more-main awsm-no-more-jobs-container awsm-job-no-more-jobs-get"><p>%s</p></div>',
 					esc_html__( 'Sorry! No jobs to show.', 'wp-job-openings' )
 				);
-				echo $no_jobs_content;
+				echo $no_jobs_content; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 				?>
 				<div <?php awsm_jobs_view_class( '', $shortcode_atts ); ?><?php awsm_jobs_data_attrs( array(), $shortcode_atts ); ?>>
 					<?php include get_awsm_jobs_template_path( 'main', 'job-openings' ); ?>

diff --git a/wp-job-openings.php b/wp-job-openings.php
@@ -781,10 +781,10 @@ public static function get_overview_data() {
 		$total_jobs         = array_sum( $jobs_count );
 		$total_applications = array_sum( $applications_count );
 		// Exclude trashed applications to get active applications.
-		$trashed_applications = isset( $applications_count['trash'] ) ? $applications_count['trash'] : 0;
-		$active_applications  = $total_applications - $trashed_applications;
+		$trashed_applications   = isset( $applications_count['trash'] ) ? $applications_count['trash'] : 0;
+		$active_applications    = $total_applications - $trashed_applications;
 		$new_applications_count = AWSM_Job_Openings_Core::get_unviewed_applications_count();
-		$data               = array(
+		$data                   = array(
 			'active_jobs'         => $jobs_count['publish'],
 			'total_jobs'          => $total_jobs,
 			'new_applications'    => $applications_count['publish'],
@@ -1147,7 +1147,7 @@ public function awsm_admin_enqueue_scripts() {
 			array(
 				'screen_id'      => AWSM_Job_Openings_Overview::$screen_id,
 				'analytics_data' => AWSM_Job_Openings_Overview::get_applications_analytics_data(),
-				'default_option' => get_option('awsm_jobs_analytics_data', 'year'),
+				'default_option' => get_option( 'awsm_jobs_analytics_data', 'year' ),
 				'i18n'           => array(
 					'chart_label' => esc_html__( 'Applications', 'wp-job-openings' ),
 				),
-Original file line number
+Diff line change
@@ Expand Up / @@ -15,7 +15,7 @@ @@
     <div class="awsm-jobs-overview-col-content">
     <div class="<?php echo esc_attr( "awsm-jobs-overview-widget-wrapper awsm-jobs-overview-{$widget_id}-widget-wrapper" ); ?>">
     	<?php
     		$analytics_data = AWSM_Job_Openings_Overview::get_applications_analytics_data();
@@ Expand Down @@