Skip to content

Commit

Permalink
Merge pull request #388 from lloc/raise-coverage
Browse files Browse the repository at this point in the history 
Ignore some escaping errors
  • Loading branch information
@lloc
lloc authored Sep 24, 2024
2 parents 7d34be3 + cd2d4fe commit f61e8a6
Show file tree
Hide file tree
Showing 23 changed files with 182 additions and 226 deletions.
1 change: 1 addition & 0 deletions MultisiteLanguageSwitcher.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,7 @@ function get_the_msls( $attr ): string {
* @param string[] $arr
*/
function the_msls( array $arr = array() ): void {
// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
echo get_the_msls( $arr );
}

Expand Down
19 changes: 19 additions & 0 deletions includes/Component/Wrapper.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
<?php

namespace lloc\Msls\Component;

class Wrapper {

protected string $element;

protected string $content;

public function __construct( string $element, string $content ) {
$this->element = $element;
$this->content = $content;
}

public function render(): string {
return sprintf( '<%1$s>%2$s</%1$s>', esc_html( $this->element ), wp_kses_post( $this->content ) );
}
}
11 changes: 7 additions & 4 deletions includes/ContentImport/ContentImporter.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
use lloc\Msls\MslsMain;
use lloc\Msls\MslsOptionsPost;
use lloc\Msls\MslsRegistryInstance;
use lloc\Msls\MslsRequest;

/**
* Class ContentImporter
Expand Down Expand Up @@ -166,11 +167,12 @@ protected function pre_flight_check( array $data = array() ) {
* @return array|bool
*/
public function parse_sources() {
if ( ! isset( $_POST['msls_import'] ) ) {
if ( ! MslsRequest::has_var( 'msls_import' ) ) {
return false;
}

$import_data = array_filter( explode( '|', trim( $_POST['msls_import'] ) ), 'is_numeric' );
$msls_import = MslsRequest::get_var( 'msls_import' );
$import_data = array_filter( explode( '|', trim( $msls_import ) ), 'is_numeric' );

if ( count( $import_data ) !== 2 ) {
return false;
Expand All @@ -195,8 +197,9 @@ protected function get_the_blog_post_ID( $blog_id ) {
return $id;
}

if ( isset( $_REQUEST['post'] ) && filter_var( $_REQUEST['post'], FILTER_VALIDATE_INT ) ) {
return (int) $_REQUEST['post'];
$request = MslsRequest::get_request( array( 'post' ) );
if ( ! empty( $request['post'] ) ) {
return (int) $request['post'];
}

$data = array(
Expand Down
11 changes: 5 additions & 6 deletions includes/ContentImport/Importers/WithRequestPostAttributes.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@

namespace lloc\Msls\ContentImport\Importers;

use lloc\Msls\MslsRequest;

/**
* Trait WithRequestPostAttributes
*
Expand All @@ -24,14 +26,11 @@ trait WithRequestPostAttributes {
* @param string $default The default post type to return if none is specified in the `$_REQUEST` super-global.
*
* @return string Either the post type read from the `$_REQUEST` super-global, or the default value.
* @since TBD
*
\ *
*/
protected function read_post_type_from_request( $default = 'post' ) {
if ( ! isset( $_REQUEST['post_type'] ) ) {
return $default;
}
$request = MslsRequest::get_request( array( 'post_type' ), $default );

return filter_var( $_REQUEST['post_type'], FILTER_SANITIZE_FULL_SPECIAL_CHARS ) ?: 'post';
return $request['post_type'];
}
}
2 changes: 1 addition & 1 deletion includes/ContentImport/LogWriters/AdminNoticeLogger.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,7 @@ public function show_last_log( $echo = true ): ?string {
}

if ( $echo ) {
echo $html;
echo wp_kses_post( $html );
}

// we've shown it, no reason to keep it
Expand Down
204 changes: 63 additions & 141 deletions includes/ContentImport/MetaBox.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

namespace lloc\Msls\ContentImport;

use lloc\Msls\ContentImport\Importers\ImportersFactory;
use lloc\Msls\Component\Wrapper;
use lloc\Msls\ContentImport\Importers\Map;
use lloc\Msls\MslsBlogCollection;
use lloc\Msls\MslsFields;
Expand Down Expand Up @@ -43,44 +43,50 @@ function ( $lang ) use ( $mydata ) {

/* translators: %s: language name */
$label_template = __( 'Import content from %s', 'multisite-language-switcher' );
$output = '<fieldset>';
$output .= '<legend>'
. esc_html__(
'Warning! This will override and replace all the post content with the content from the source post!',
'multisite-language-switcher'
)
. '</legend>';

$warning = esc_html__(
'Warning! This will override and replace all the post content with the content from the source post!',
'multisite-language-switcher'
);

$legend = ( new Wrapper( 'legend', $warning ) )->render();

$output = '';
foreach ( $languages as $language => $label ) {
$id = $mydata->{$language};
$blog = $blogs->get_blog_id( $language );
$label = sprintf( $label_template, $label );

if ( null === $id && $has_input && $input_lang === $language ) {
$id = $input_id;
$blog = $blogs->get_blog_id( $language );
}

if ( null !== $id ) {
$this->data = array(
'msls_import' => "{$blog}|{$id}",
);
$output .= sprintf(

$output .= sprintf(
'<a class="button button-primary thickbox" href="%s" title="%s">%s</a>',
$this->inline_thickbox_url( $this->data ),
$label,
$label
);
}
}
$output .= '</fieldset>';

$output = ( new Wrapper( 'fieldset', $legend . $output ) )->render();
} else {
$output = '<p>' .
esc_html__(
'No translated versions linked to this post: import content functionality is disabled.',
'multisite-language-switcher'
)
. '</p>';
$warning = esc_html__(
'No translated versions linked to this post: import content functionality is disabled.',
'multisite-language-switcher'
);

$output = ( new Wrapper( 'p', $warning ) )->render();
}

echo $output;
echo wp_kses_post( $output );
}

protected function inline_thickbox_url( array $data = array() ): string {
Expand All @@ -100,6 +106,7 @@ protected function inline_thickbox_url( array $data = array() ): string {
}

public function print_modal_html(): void {
// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
echo $this->inline_thickbox_html( true, $this->data );
}

Expand All @@ -112,145 +119,60 @@ protected function inline_thickbox_html( $echo = true, array $data = array() ):

ob_start();
?>
<div style="display: none;" id="msls-import-dialog-
<?php
echo esc_attr( $slug )
?>
">
<h3>
<?php
esc_html_e( 'Select what should be imported and how', 'multisite-language-switcher' )
?>
</h3>

<form action="
<?php
echo add_query_arg( array() )
?>
" method="post">

<?php
wp_nonce_field( MslsPlugin::path(), 'msls_noncename' );
?>

<?php
foreach ( $data as $key => $value ) :
?>
<input type="hidden" name="
<?php
echo esc_attr( $key )
?>
" value="
<?php
echo esc_attr( $value )
?>
">
<?php
endforeach;
?>

<?php
/** @var ImportersFactory $factory */
foreach ( Map::instance()->factories() as $slug => $factory ) :
?>
<?php
$details = $factory->details()
?>
<h4>
<?php
echo esc_html( $details->name )
?>
</h4>
<?php
if ( empty( $details->importers ) ) :
?>
<div style="display: none;" id="msls-import-dialog-<?php echo esc_attr( $slug ); ?>">
<h3><?php esc_html_e( 'Select what should be imported and how', 'multisite-language-switcher' ); ?></h3>
<form action="<?php echo esc_url( add_query_arg( array() ) ); ?>" method="post">
<?php wp_nonce_field( MslsPlugin::path(), 'msls_noncename' ); ?>
<?php foreach ( $data as $key => $value ) : ?>
<input type="hidden" name="<?php echo esc_attr( $key ); ?>" value="<?php echo esc_attr( $value ); ?>">
<?php endforeach; ?>
<?php foreach ( Map::instance()->factories() as $slug => $factory ) : ?>
<?php $details = $factory->details(); ?>
<h4><?php echo esc_html( $details->name ); ?></h4>
<?php if ( empty( $details->importers ) ) : ?>
<p>
<?php
esc_html_e(
'No importers available for this type of content.',
'multisite-language-switcher'
)
);
?>
</p>
<?php
else :
?>
<ul>
<li>
<label>
<input type="radio" name="msls_importers[
<?php
echo esc_attr( $details->slug )
?>
]">
<?php
esc_html_e(
'Off - Do not import this type of content in the destination post.',
'multisite-language-switcher'
)
?>
</label>
</li>
<?php
foreach ( $details->importers as $importer_slug => $importer_info ) :
?>
<li>
<label>
<input type="radio" name="msls_importers[
<?php
echo esc_attr( $details->slug )
?>
]"
value="
<?php
echo esc_attr( $importer_slug )
?>
"
<?php
checked( $details->selected, $importer_slug )
?>
>
<?php
echo( esc_html(
sprintf(
'%s - %s',
$importer_info->name,
$importer_info->description
)
) )
?>
</label>
</li>
</p>
<?php else : ?>
<ul>
<li>
<label>
<input type="radio" name="msls_importers[<?php echo esc_attr( $details->slug ); ?>]">
<?php
endforeach;
?>
</ul>
<?php
endif;
?>
<?php
endforeach;
?>

esc_html_e(
'Off - Do not import this type of content in the destination post.',
'multisite-language-switcher'
);
?>
</label>
</li>
<?php foreach ( $details->importers as $importer_slug => $importer_info ) : ?>
<li>
<label>
<input type="radio" name="msls_importers[<?php echo esc_attr( $details->slug ); ?>]" value="<?php echo esc_attr( $importer_slug ); ?>" <?php checked( $details->selected, $importer_slug ); ?>>
<?php echo( esc_html( sprintf( '%s - %s', $importer_info->name, $importer_info->description ) ) ); ?>
</label>
</li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php endforeach; ?>
<div>
<input
type="submit"
class="button button-primary"
value="
<?php
esc_html_e( 'Import Content', 'multisite-language-switcher' )
?>
"
>
<input type="submit" class="button button-primary" value="<?php esc_html_e( 'Import Content', 'multisite-language-switcher' ); ?>">
</div>
</form>
</div>

<?php

$html = ob_get_clean();

if ( $echo ) {
echo $html;
echo wp_kses_post( $html );
}

return $html;
Expand Down
Loading

0 comments on commit f61e8a6

Please sign in to comment.