From 741400cd8767864901b9ccba26a2cd41dd46d5ea Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:18:45 +0000 Subject: [PATCH 01/18] Create a class to hold the insert rule data function --- admin/class-insert-rule-data.php | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 admin/class-insert-rule-data.php diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php new file mode 100644 index 00000000..07084330 --- /dev/null +++ b/admin/class-insert-rule-data.php @@ -0,0 +1,15 @@ + Date: Fri, 23 Feb 2024 23:20:21 +0000 Subject: [PATCH 02/18] Move code from `edac_insert_rule_data` to new class with method name `insert` --- admin/class-insert-rule-data.php | 94 ++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 07084330..87bb02d3 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -12,4 +12,98 @@ */ class Insert_Rule_Data { + /** + * Insert rule data into database + * + * @param object $post The post object. + * @param string $rule The rule. + * @param string $ruletype The rule type. + * @param string $rule_obj The object. + * + * @return void|int + */ + public function insert( $post, $rule, $ruletype, $rule_obj ) { + + global $wpdb; + $table_name = $wpdb->prefix . 'accessibility_checker'; + + // set up rule data array. + $rule_data = array( + 'postid' => $post->ID, + 'siteid' => get_current_blog_id(), + 'type' => $post->post_type, + 'rule' => $rule, + 'ruletype' => $ruletype, + 'object' => esc_attr( $rule_obj ), + 'recordcheck' => 1, + 'user' => get_current_user_id(), + 'ignre' => 0, + 'ignre_user' => null, + 'ignre_date' => null, + 'ignre_comment' => null, + 'ignre_global' => 0, + ); + + // return if revision. + if ( 'revision' === $rule_data['type'] ) { + return; + } + + // Check if exists. + // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation. + $results = $wpdb->get_results( + $wpdb->prepare( + 'SELECT postid, ignre FROM %i where type = %s and postid = %d and rule = %s and object = %s and siteid = %d', + $table_name, + $rule_data['type'], + $rule_data['postid'], + $rule_data['rule'], + $rule_data['object'], + $rule_data['siteid'] + ), + ARRAY_A + ); + + // Loop existing records. + if ( $results ) { + foreach ( $results as $row ) { + + // if being ignored, don't overwrite value. + if ( true === (bool) $row['ignre'] ) { + $rule_data['ignre'] = 1; + } + + // update existing record. + // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation. + $wpdb->query( + $wpdb->prepare( + 'UPDATE %i SET recordcheck = %d, ignre = %d WHERE siteid = %d and postid = %d and rule = %s and object = %s and type = %s', + $table_name, + 1, + $rule_data['ignre'], + $rule_data['siteid'], + $rule_data['postid'], + $rule_data['rule'], + $rule_data['object'], + $rule_data['type'] + ) + ); + + } + } + + // Insert new records. + if ( ! $results ) { + + // filter post types. + $rule_data = apply_filters( 'edac_filter_insert_rule_data', $rule_data ); + + // insert. + // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery -- Using direct query for adding data to database. + $wpdb->insert( $table_name, $rule_data ); + + // Return insert id or error. + return $wpdb->insert_id; + } + } } From 25e06d03a5926ff9ee97d10b21c149cf8429b407 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:21:18 +0000 Subject: [PATCH 03/18] Add type hints to the params passed to the `insert` method --- admin/class-insert-rule-data.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 87bb02d3..49f07454 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -22,7 +22,7 @@ class Insert_Rule_Data { * * @return void|int */ - public function insert( $post, $rule, $ruletype, $rule_obj ) { + public function insert( object $post, string $rule, string $ruletype, string $rule_obj ) { global $wpdb; $table_name = $wpdb->prefix . 'accessibility_checker'; From cfed3d4699a6b48938a487ff3cde20d7b4e46d70 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:22:12 +0000 Subject: [PATCH 04/18] Add an early bail to the `insert` method when all params are not passed in --- admin/class-insert-rule-data.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 49f07454..28a44a3f 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -24,6 +24,10 @@ class Insert_Rule_Data { */ public function insert( object $post, string $rule, string $ruletype, string $rule_obj ) { + if ( ! $post || ! $rule || ! $ruletype || ! $rule_obj ) { + return; + } + global $wpdb; $table_name = $wpdb->prefix . 'accessibility_checker'; From 6a786c9d2c6342d55086fdb6597bcae048ecb73b Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:25:09 +0000 Subject: [PATCH 05/18] Move the `edac_insert_rule_data` function to deprecated.php --- includes/deprecated/deprecated.php | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/includes/deprecated/deprecated.php b/includes/deprecated/deprecated.php index 9b69d2a4..145fae69 100644 --- a/includes/deprecated/deprecated.php +++ b/includes/deprecated/deprecated.php @@ -2,13 +2,15 @@ /** * Functions that have been deprecated and should not be used. * They are still kept here for backwards-compatibility. - * + * * @package Accessibility_Checker */ +use EDAC\Admin\Insert_Rule_Data; + /** * Alias of the is_plugin_active() function. - * + * * @deprecated 1.6.11 * * @param string $plugin_slug The plugin slug. @@ -21,7 +23,7 @@ function edac_check_plugin_active( $plugin_slug ) { /** * Summary Data - * + * * @deprecated 1.9.0 * * @param int $post_id ID of the post. @@ -32,3 +34,19 @@ function edac_summary( $post_id ) { return ( new EDAC\Inc\Summary_Generator( $post_id ) )->generate_summary(); } + +/** + * Insert rule date into database + * + * @deprecated 1.9.0 + * + * @param object $post The post object. + * @param string $rule The rule. + * @param string $ruletype The rule type. + * @param string $rule_obj The object. + * @return void|int + */ +function edac_insert_rule_data( $post, $rule, $ruletype, $rule_obj ) { + _deprecated_function( __FUNCTION__, '1.9.0', 'EDAC\Admin\Insert_Rule_Data' ); + return ( new Insert_Rule_Data() )->insert( $post, $rule, $ruletype, $rule_obj ); +} From c7087bfca85436eb9d2af0d9b25f3d4eaa253de3 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:26:19 +0000 Subject: [PATCH 06/18] Swap `edac_insert_rule_data` calls to use new class method --- includes/classes/class-rest-api.php | 5 +++-- includes/validate.php | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/includes/classes/class-rest-api.php b/includes/classes/class-rest-api.php index 7b783a45..5049b9ff 100644 --- a/includes/classes/class-rest-api.php +++ b/includes/classes/class-rest-api.php @@ -8,6 +8,7 @@ namespace EDAC\Inc; use EDAC\Admin\Helpers; +use EDAC\Admin\Insert_Rule_Data; use EDAC\Admin\Scans_Stats; use EDAC\Admin\Settings; @@ -195,7 +196,7 @@ public function set_post_scan_results( $request ) { // TODO: setup a rules class for loading/filtering rules. $rules = edac_register_rules(); $js_rule_ids = array(); - foreach ( $rules as $rule ) { + foreach ( $rules as $rule ) { if ( array_key_exists( 'ruleset', $rule ) && 'js' === $rule['ruleset'] ) { $js_rule_ids[] = $rule['slug']; } @@ -235,7 +236,7 @@ public function set_post_scan_results( $request ) { do_action( 'edac_before_rule', $post_id, $rule_id, 'js' ); - edac_insert_rule_data( $post, $rule_id, $impact, $html ); + ( new Insert_Rule_Data() )->insert( $post, $rule_id, $impact, $html ); do_action( 'edac_after_rule', $post_id, $rule_id, 'js' ); diff --git a/includes/validate.php b/includes/validate.php index be76b4d4..5b9ea259 100644 --- a/includes/validate.php +++ b/includes/validate.php @@ -6,6 +6,7 @@ */ use EDAC\Admin\Helpers; +use EDAC\Admin\Insert_Rule_Data; /** * Oxygen Builder on save @@ -146,7 +147,7 @@ function edac_validate( $post_ID, $post, $action ) { if ( $errors && is_array( $errors ) ) { do_action( 'edac_rule_errors', $post_ID, $rule, $errors, $action ); foreach ( $errors as $error ) { - edac_insert_rule_data( $post, $rule['slug'], $rule['rule_type'], $object = $error ); + ( new Insert_Rule_Data() )->insert( $post, $rule['slug'], $rule['rule_type'], $object = $error ); } } if ( EDAC_DEBUG === true ) { @@ -200,7 +201,7 @@ function edac_remove_corrected_posts( $post_ID, $type, $pre = 1, $ruleset = 'php if ( 0 === count( $rule_slugs ) ) { return; } - + if ( 1 === $pre ) { // Set record flag before validating content. From 6dabce7af3c0edc5a31681f617b995a69464ea17 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:36:02 +0000 Subject: [PATCH 07/18] Remove the insert.php file from the requires calls --- accessibility-checker.php | 1 - includes/insert.php | 100 --------------------------- tests/phpunit/InsertRuleDataTest.php | 0 3 files changed, 101 deletions(-) delete mode 100644 includes/insert.php create mode 100644 tests/phpunit/InsertRuleDataTest.php diff --git a/accessibility-checker.php b/accessibility-checker.php index b14bfe47..1c21de67 100644 --- a/accessibility-checker.php +++ b/accessibility-checker.php @@ -126,7 +126,6 @@ require_once plugin_dir_path( __FILE__ ) . 'includes/meta-boxes.php'; require_once plugin_dir_path( __FILE__ ) . 'includes/options-page.php'; require_once plugin_dir_path( __FILE__ ) . 'includes/validate.php'; -require_once plugin_dir_path( __FILE__ ) . 'includes/insert.php'; require_once plugin_dir_path( __FILE__ ) . 'includes/purge.php'; /** diff --git a/includes/insert.php b/includes/insert.php deleted file mode 100644 index 1ceef728..00000000 --- a/includes/insert.php +++ /dev/null @@ -1,100 +0,0 @@ -prefix . 'accessibility_checker'; - - // set up rule data array. - $rule_data = array( - 'postid' => $post->ID, - 'siteid' => get_current_blog_id(), - 'type' => $post->post_type, - 'rule' => $rule, - 'ruletype' => $ruletype, - 'object' => esc_attr( $rule_obj ), - 'recordcheck' => 1, - 'user' => get_current_user_id(), - 'ignre' => 0, - 'ignre_user' => null, - 'ignre_date' => null, - 'ignre_comment' => null, - 'ignre_global' => 0, - ); - - // return if revision. - if ( 'revision' === $rule_data['type'] ) { - return; - } - - // Check if exists. - // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation. - $results = $wpdb->get_results( - $wpdb->prepare( - 'SELECT postid, ignre FROM %i where type = %s and postid = %d and rule = %s and object = %s and siteid = %d', - $table_name, - $rule_data['type'], - $rule_data['postid'], - $rule_data['rule'], - $rule_data['object'], - $rule_data['siteid'] - ), - ARRAY_A - ); - - // Loop existing records. - if ( $results ) { - foreach ( $results as $row ) { - - // if being ignored, don't overwrite value. - if ( true === (bool) $row['ignre'] ) { - $rule_data['ignre'] = 1; - } - - // update existing record. - // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation. - $wpdb->query( - $wpdb->prepare( - 'UPDATE %i SET recordcheck = %d, ignre = %d WHERE siteid = %d and postid = %d and rule = %s and object = %s and type = %s', - $table_name, - 1, - $rule_data['ignre'], - $rule_data['siteid'], - $rule_data['postid'], - $rule_data['rule'], - $rule_data['object'], - $rule_data['type'] - ) - ); - - } - } - - // Insert new records. - if ( ! $results ) { - - // filter post types. - $rule_data = apply_filters( 'edac_filter_insert_rule_data', $rule_data ); - - // insert. - // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery -- Using direct query for adding data to database. - $wpdb->insert( $table_name, $rule_data ); - - // Return insert id or error. - return $wpdb->insert_id; - } -} diff --git a/tests/phpunit/InsertRuleDataTest.php b/tests/phpunit/InsertRuleDataTest.php new file mode 100644 index 00000000..e69de29b From 98803a933b4edc0f11538c3662b9436d7e8c7475 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Fri, 23 Feb 2024 23:46:07 +0000 Subject: [PATCH 08/18] Add a basic test for expected return types from rule data inserter --- tests/phpunit/InsertRuleDataTest.php | 37 ++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/tests/phpunit/InsertRuleDataTest.php b/tests/phpunit/InsertRuleDataTest.php index e69de29b..6cafb708 100644 --- a/tests/phpunit/InsertRuleDataTest.php +++ b/tests/phpunit/InsertRuleDataTest.php @@ -0,0 +1,37 @@ +factory()->post->create_and_get(); + $rule = 'rule'; + $ruletype = 'ruletype'; + $rule_obj = 'rule_obj'; + + $rule_inserter = new Insert_Rule_Data(); + + // first call should insert and return null. + $new_data = $rule_inserter->insert( $post, $rule, $ruletype, $rule_obj ); + $this->assertEquals( null, $new_data ); + // second call is a duplicate and should return the row id. + $duplicate_data = $rule_inserter->insert( $post, $rule, $ruletype, $rule_obj ); + $this->assertisInt( $duplicate_data ); + + // third call should throw an exception because of missing parameters. + $this->expectException( TypeError::class ); + $rule_inserter->insert(); + } +} From 227dcaa72ebccadac09a73483007401a62ef91ec Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Wed, 28 Feb 2024 19:59:16 +0000 Subject: [PATCH 09/18] Update test to verify when data goes into the database and that it is only inserted when expected --- tests/phpunit/InsertRuleDataTest.php | 71 +++++++++++++++++++++++++--- 1 file changed, 65 insertions(+), 6 deletions(-) diff --git a/tests/phpunit/InsertRuleDataTest.php b/tests/phpunit/InsertRuleDataTest.php index 6cafb708..43923425 100644 --- a/tests/phpunit/InsertRuleDataTest.php +++ b/tests/phpunit/InsertRuleDataTest.php @@ -12,6 +12,49 @@ */ class InsertRuleDataTest extends WP_UnitTestCase { + /** + * Create table to test against. + * + * @return void + */ + public function setUp(): void { + global $wpdb; + $this->table_name = $wpdb->prefix . 'accessibility_checker'; + $charset_collate = $wpdb->get_charset_collate(); + $sql = "CREATE TABLE $this->table_name ( + id bigint(20) NOT NULL AUTO_INCREMENT, + postid bigint(20) NOT NULL, + siteid text NOT NULL, + type text NOT NULL, + rule text NOT NULL, + ruletype text NOT NULL, + object mediumtext NOT NULL, + recordcheck mediumint(9) NOT NULL, + created timestamp NOT NULL default CURRENT_TIMESTAMP, + user bigint(20) NOT NULL, + ignre mediumint(9) NOT NULL, + ignre_global mediumint(9) NOT NULL, + ignre_user bigint(20) NULL, + ignre_date timestamp NULL, + ignre_comment mediumtext NULL, + UNIQUE KEY id (id), + KEY postid_index (postid) + ) $charset_collate;"; + + require_once ABSPATH . 'wp-admin/includes/upgrade.php'; + dbDelta( $sql ); + } + + /** + * Cleans up the table after each test. + * + * @return void + */ + public function tearDown(): void { + global $wpdb; + $wpdb->query( "DROP TABLE IF EXISTS $this->table_name" ); // phpcs:ignore WordPress.DB -- Table name is safe and not caching in a test. + } + /** * Tests the insert method would return expected data types. */ @@ -21,17 +64,33 @@ public function testRuleInserterReturnLogic() { $ruletype = 'ruletype'; $rule_obj = 'rule_obj'; - $rule_inserter = new Insert_Rule_Data(); + sleep( 2 ); + global $wpdb; + + $rule_inserter = new Insert_Rule_Data(); + $initial_row_count = $wpdb->get_var( "SELECT COUNT(*) FROM $this->table_name" ); // phpcs:ignore WordPress.DB -- caching not required for one time operation. - // first call should insert and return null. + // call should return int as a successful insert. $new_data = $rule_inserter->insert( $post, $rule, $ruletype, $rule_obj ); - $this->assertEquals( null, $new_data ); - // second call is a duplicate and should return the row id. + $this->assertIsInt( $new_data ); + // second call is a duplicate and should return null. $duplicate_data = $rule_inserter->insert( $post, $rule, $ruletype, $rule_obj ); - $this->assertisInt( $duplicate_data ); + $this->assertEquals( null, $duplicate_data ); - // third call should throw an exception because of missing parameters. + // check if the row count has increased by 1. + $current_row_count = $wpdb->get_var( "SELECT COUNT(*) FROM $this->table_name" ); // phpcs:ignore WordPress.DB -- caching not required for one time operation. + $this->assertEquals( $initial_row_count + 1, $current_row_count ); + + // should return null as ruletype is 'revision'. + $revision_type_return = $rule_inserter->insert( $post, $rule, 'revision', $rule_obj ); + $this->assertEquals( null, $revision_type_return ); + + // should throw an exception because of missing parameters. $this->expectException( TypeError::class ); $rule_inserter->insert(); + + // check that row count has not increased since last check. + $current_row_count = $wpdb->get_var( "SELECT COUNT(*) FROM $this->table_name" ); // phpcs:ignore WordPress.DB -- caching not required for one time operation. + $this->assertEquals( $initial_row_count + 1, $current_row_count ); } } From a347ac6785902851bc7f4f1fe04e3655e5f19ae8 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Wed, 28 Feb 2024 20:00:37 +0000 Subject: [PATCH 10/18] Add a phpcs comment indicating creation of the exception is intentional for testing --- tests/phpunit/InsertRuleDataTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/phpunit/InsertRuleDataTest.php b/tests/phpunit/InsertRuleDataTest.php index 43923425..f3b5c7d7 100644 --- a/tests/phpunit/InsertRuleDataTest.php +++ b/tests/phpunit/InsertRuleDataTest.php @@ -87,7 +87,7 @@ public function testRuleInserterReturnLogic() { // should throw an exception because of missing parameters. $this->expectException( TypeError::class ); - $rule_inserter->insert(); + $rule_inserter->insert(); // phpcs:ignore -- intentionally passing something that will cause an exception. // check that row count has not increased since last check. $current_row_count = $wpdb->get_var( "SELECT COUNT(*) FROM $this->table_name" ); // phpcs:ignore WordPress.DB -- caching not required for one time operation. From 34c28d5f2ea213b45a2ae771cf2a04f33d5d41db Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Wed, 28 Feb 2024 20:15:15 +0000 Subject: [PATCH 11/18] Use correct milestone in since and deprecated tagging --- admin/class-insert-rule-data.php | 6 ++++++ includes/deprecated/deprecated.php | 4 ++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 28a44a3f..8d9198f2 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -2,6 +2,8 @@ /** * Inserts rule data about a post to the database * + * @since 2.0.0 + * * @package Accessibility_Checker */ @@ -9,12 +11,16 @@ /** * Class for inserting rule data into the database + * + * @since 2.0.0 */ class Insert_Rule_Data { /** * Insert rule data into database * + * @since 2.0.0 + * * @param object $post The post object. * @param string $rule The rule. * @param string $ruletype The rule type. diff --git a/includes/deprecated/deprecated.php b/includes/deprecated/deprecated.php index 145fae69..3bc67f77 100644 --- a/includes/deprecated/deprecated.php +++ b/includes/deprecated/deprecated.php @@ -38,7 +38,7 @@ function edac_summary( $post_id ) { /** * Insert rule date into database * - * @deprecated 1.9.0 + * @deprecated 2.0.0 * * @param object $post The post object. * @param string $rule The rule. @@ -47,6 +47,6 @@ function edac_summary( $post_id ) { * @return void|int */ function edac_insert_rule_data( $post, $rule, $ruletype, $rule_obj ) { - _deprecated_function( __FUNCTION__, '1.9.0', 'EDAC\Admin\Insert_Rule_Data' ); + _deprecated_function( __FUNCTION__, '2.0.0', 'EDAC\Admin\Insert_Rule_Data' ); return ( new Insert_Rule_Data() )->insert( $post, $rule, $ruletype, $rule_obj ); } From 974f3ed57f752b55b5d48a83fc819def0d1934f9 Mon Sep 17 00:00:00 2001 From: William Patton Date: Wed, 28 Feb 2024 21:50:12 +0000 Subject: [PATCH 12/18] Remove sleep() from test case Don't really need to wait for any reason here --- tests/phpunit/InsertRuleDataTest.php | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/phpunit/InsertRuleDataTest.php b/tests/phpunit/InsertRuleDataTest.php index f3b5c7d7..a2cef58c 100644 --- a/tests/phpunit/InsertRuleDataTest.php +++ b/tests/phpunit/InsertRuleDataTest.php @@ -64,7 +64,6 @@ public function testRuleInserterReturnLogic() { $ruletype = 'ruletype'; $rule_obj = 'rule_obj'; - sleep( 2 ); global $wpdb; $rule_inserter = new Insert_Rule_Data(); From 058244750d2853d6e4fbf4b21a47510ee4a40cd4 Mon Sep 17 00:00:00 2001 From: William Patton Date: Wed, 13 Mar 2024 00:37:16 +0000 Subject: [PATCH 13/18] Use a more robust set of checks for early bail condition before reaching any insert --- admin/class-insert-rule-data.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 8d9198f2..cddb151c 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -30,7 +30,11 @@ class Insert_Rule_Data { */ public function insert( object $post, string $rule, string $ruletype, string $rule_obj ) { - if ( ! $post || ! $rule || ! $ruletype || ! $rule_obj ) { + if ( ! isset( $post->ID, $post->post_type ) + || empty( $rule ) + || empty( $ruletype ) + || empty( $rule_obj ) + ) { return; } From dfc56bf710195270a07ec54c9250702ca76dab83 Mon Sep 17 00:00:00 2001 From: William Patton Date: Fri, 15 Mar 2024 03:35:38 +0000 Subject: [PATCH 14/18] Update the `@ since` tags to v1.10.0 --- admin/class-insert-rule-data.php | 6 +++--- includes/deprecated/deprecated.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index cddb151c..6e803939 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -2,7 +2,7 @@ /** * Inserts rule data about a post to the database * - * @since 2.0.0 + * @since 1.10.0 * * @package Accessibility_Checker */ @@ -12,14 +12,14 @@ /** * Class for inserting rule data into the database * - * @since 2.0.0 + * @since 1.10.0 */ class Insert_Rule_Data { /** * Insert rule data into database * - * @since 2.0.0 + * @since 1.10.0 * * @param object $post The post object. * @param string $rule The rule. diff --git a/includes/deprecated/deprecated.php b/includes/deprecated/deprecated.php index 3bc67f77..434ca707 100644 --- a/includes/deprecated/deprecated.php +++ b/includes/deprecated/deprecated.php @@ -38,7 +38,7 @@ function edac_summary( $post_id ) { /** * Insert rule date into database * - * @deprecated 2.0.0 + * @deprecated 1.10.0 * * @param object $post The post object. * @param string $rule The rule. From f3f275783ff36f5a618d5749e88f2315a11d33aa Mon Sep 17 00:00:00 2001 From: William Patton Date: Fri, 15 Mar 2024 03:37:06 +0000 Subject: [PATCH 15/18] Improve some of the docblock descriptions --- admin/class-insert-rule-data.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 6e803939..05039d51 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -21,12 +21,13 @@ class Insert_Rule_Data { * * @since 1.10.0 * - * @param object $post The post object. + * @param object $post The post object. Must have a valid ID. * @param string $rule The rule. * @param string $ruletype The rule type. * @param string $rule_obj The object. * - * @return void|int + * @return void|int|\WP_Error The ID of the inserted record, void if no + * record was inserted or a WP_Error if the insert failed. */ public function insert( object $post, string $rule, string $ruletype, string $rule_obj ) { From c6762105a7a7484902a0fa0d047fc30d37d43727 Mon Sep 17 00:00:00 2001 From: William Patton Date: Fri, 15 Mar 2024 03:38:10 +0000 Subject: [PATCH 16/18] Sanitize rule data that comes back through filter to make sure it's still of valid content --- admin/class-insert-rule-data.php | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 05039d51..094de4d9 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -113,9 +113,27 @@ public function insert( object $post, string $rule, string $ruletype, string $ru // filter post types. $rule_data = apply_filters( 'edac_filter_insert_rule_data', $rule_data ); - // insert. + // Sanitize rule data since it is filtered, and we can't be sure + // the data is still as valid as it was when it was first set. + // Sanitize the filtered data. + $rule_data_sanitized = array( + 'postid' => absint( $rule_data['postid'] ), + 'siteid' => absint( $rule_data['siteid'] ), + 'type' => sanitize_text_field( $rule_data['type'] ), + 'rule' => sanitize_text_field( $rule_data['rule'] ), + 'ruletype' => sanitize_text_field( $rule_data['ruletype'] ), + 'object' => esc_attr( $rule_data['object'] ), + 'recordcheck' => absint( $rule_data['recordcheck'] ), + 'user' => absint( $rule_data['user'] ), + 'ignre' => absint( $rule_data['ignore'] ), + 'ignre_user' => isset( $rule_data['ignore_user'] ) ? absint( $rule_data['ignore_user'] ) : null, + 'ignre_date' => isset( $rule_data['ignore_date'] ) ? sanitize_text_field( $rule_data['ignore_date'] ) : null, + 'ignre_comment' => isset( $rule_data['ignore_comment'] ) ? sanitize_text_field( $rule_data['ignore_comment'] ) : null, + 'ignre_global' => absint( $rule_data['ignore_global'] ), + ); + // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery -- Using direct query for adding data to database. - $wpdb->insert( $table_name, $rule_data ); + $wpdb->insert( $table_name, $rule_data_sanitized ); // Return insert id or error. return $wpdb->insert_id; From 460ae3fc5f483d49efecc573d52b586e9d33fa17 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Mon, 18 Mar 2024 13:32:44 +0000 Subject: [PATCH 17/18] Fix ignore->ignre in sanitizer --- admin/class-insert-rule-data.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/admin/class-insert-rule-data.php b/admin/class-insert-rule-data.php index 094de4d9..600679b9 100644 --- a/admin/class-insert-rule-data.php +++ b/admin/class-insert-rule-data.php @@ -125,11 +125,11 @@ public function insert( object $post, string $rule, string $ruletype, string $ru 'object' => esc_attr( $rule_data['object'] ), 'recordcheck' => absint( $rule_data['recordcheck'] ), 'user' => absint( $rule_data['user'] ), - 'ignre' => absint( $rule_data['ignore'] ), - 'ignre_user' => isset( $rule_data['ignore_user'] ) ? absint( $rule_data['ignore_user'] ) : null, - 'ignre_date' => isset( $rule_data['ignore_date'] ) ? sanitize_text_field( $rule_data['ignore_date'] ) : null, - 'ignre_comment' => isset( $rule_data['ignore_comment'] ) ? sanitize_text_field( $rule_data['ignore_comment'] ) : null, - 'ignre_global' => absint( $rule_data['ignore_global'] ), + 'ignre' => absint( $rule_data['ignre'] ), + 'ignre_user' => isset( $rule_data['ignre_user'] ) ? absint( $rule_data['ignre_user'] ) : null, + 'ignre_date' => isset( $rule_data['ignre_date'] ) ? sanitize_text_field( $rule_data['ignre_date'] ) : null, + 'ignre_comment' => isset( $rule_data['ignre_comment'] ) ? sanitize_text_field( $rule_data['ignre_comment'] ) : null, + 'ignre_global' => absint( $rule_data['ignre_global'] ), ); // phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery -- Using direct query for adding data to database. From 23404069eecb2de8d597604e065ed4c554623936 Mon Sep 17 00:00:00 2001 From: pattonwebz Date: Mon, 18 Mar 2024 20:00:16 +0000 Subject: [PATCH 18/18] Update the deprecated version string thrown when called --- includes/deprecated/deprecated.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/deprecated/deprecated.php b/includes/deprecated/deprecated.php index 81182138..1210aa6e 100644 --- a/includes/deprecated/deprecated.php +++ b/includes/deprecated/deprecated.php @@ -87,6 +87,6 @@ function edac_delete_cpt_posts( $post_type ) { * @return void|int */ function edac_insert_rule_data( $post, $rule, $ruletype, $rule_obj ) { - _deprecated_function( __FUNCTION__, '2.0.0', 'EDAC\Admin\Insert_Rule_Data' ); + _deprecated_function( __FUNCTION__, '1.10.0', 'EDAC\Admin\Insert_Rule_Data' ); return ( new Insert_Rule_Data() )->insert( $post, $rule, $ruletype, $rule_obj ); }