Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move edac_insert_rule_data to an inserter class #513

Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
741400c
Create a class to hold the insert rule data function
pattonwebz Feb 23, 2024
6cc95e4
Move code from `edac_insert_rule_data` to new class with method name …
pattonwebz Feb 23, 2024
25e06d0
Add type hints to the params passed to the `insert` method
pattonwebz Feb 23, 2024
cfed3d4
Add an early bail to the `insert` method when all params are not pass…
pattonwebz Feb 23, 2024
6a786c9
Move the `edac_insert_rule_data` function to deprecated.php
pattonwebz Feb 23, 2024
c7087bf
Swap `edac_insert_rule_data` calls to use new class method
pattonwebz Feb 23, 2024
6dabce7
Remove the insert.php file from the requires calls
pattonwebz Feb 23, 2024
98803a9
Add a basic test for expected return types from rule data inserter
pattonwebz Feb 23, 2024
227dcaa
Update test to verify when data goes into the database and that it is…
pattonwebz Feb 28, 2024
a347ac6
Add a phpcs comment indicating creation of the exception is intention…
pattonwebz Feb 28, 2024
34c28d5
Use correct milestone in since and deprecated tagging
pattonwebz Feb 28, 2024
974f3ed
Remove sleep() from test case
pattonwebz Feb 28, 2024
0582447
Use a more robust set of checks for early bail condition before reach…
pattonwebz Mar 13, 2024
dfc56bf
Update the `@ since` tags to v1.10.0
pattonwebz Mar 15, 2024
f3f2757
Improve some of the docblock descriptions
pattonwebz Mar 15, 2024
c676210
Sanitize rule data that comes back through filter to make sure it's s…
pattonwebz Mar 15, 2024
460ae3f
Fix ignore->ignre in sanitizer
pattonwebz Mar 18, 2024
76b3dfb
Merge branch 'develop' into william/464/move-edac_insert_rule_data-to…
pattonwebz Mar 18, 2024
b3ca3d7
Merge branch 'develop' into william/464/move-edac_insert_rule_data-to…
pattonwebz Mar 18, 2024
2340406
Update the deprecated version string thrown when called
pattonwebz Mar 18, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions accessibility-checker.php
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,6 @@
require_once plugin_dir_path( __FILE__ ) . 'includes/meta-boxes.php';
require_once plugin_dir_path( __FILE__ ) . 'includes/options-page.php';
require_once plugin_dir_path( __FILE__ ) . 'includes/validate.php';
require_once plugin_dir_path( __FILE__ ) . 'includes/insert.php';

/**
* Filters and Actions
*/
Expand Down
142 changes: 142 additions & 0 deletions admin/class-insert-rule-data.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
<?php
/**
* Inserts rule data about a post to the database
*
* @since 1.10.0
*
* @package Accessibility_Checker
*/

namespace EDAC\Admin;

/**
* Class for inserting rule data into the database
*
* @since 1.10.0
*/
class Insert_Rule_Data {

/**
* Insert rule data into database
*
* @since 1.10.0
*
* @param object $post The post object. Must have a valid ID.
* @param string $rule The rule.
* @param string $ruletype The rule type.
* @param string $rule_obj The object.
*
* @return void|int|\WP_Error The ID of the inserted record, void if no
* record was inserted or a WP_Error if the insert failed.
*/
public function insert( object $post, string $rule, string $ruletype, string $rule_obj ) {

if ( ! isset( $post->ID, $post->post_type )
|| empty( $rule )
|| empty( $ruletype )
|| empty( $rule_obj )
) {
return;
}

global $wpdb;
$table_name = $wpdb->prefix . 'accessibility_checker';

// set up rule data array.
$rule_data = array(
'postid' => $post->ID,
'siteid' => get_current_blog_id(),
'type' => $post->post_type,
'rule' => $rule,
'ruletype' => $ruletype,
'object' => esc_attr( $rule_obj ),
'recordcheck' => 1,
'user' => get_current_user_id(),
'ignre' => 0,
'ignre_user' => null,
'ignre_date' => null,
'ignre_comment' => null,
'ignre_global' => 0,
SteveJonesDev marked this conversation as resolved.
Show resolved Hide resolved
);

// return if revision.
if ( 'revision' === $rule_data['type'] ) {
return;
}

// Check if exists.
// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation.
$results = $wpdb->get_results(
$wpdb->prepare(
'SELECT postid, ignre FROM %i where type = %s and postid = %d and rule = %s and object = %s and siteid = %d',
$table_name,
$rule_data['type'],
$rule_data['postid'],
$rule_data['rule'],
$rule_data['object'],
$rule_data['siteid']
),
ARRAY_A
);

// Loop existing records.
if ( $results ) {
foreach ( $results as $row ) {

// if being ignored, don't overwrite value.
if ( true === (bool) $row['ignre'] ) {
$rule_data['ignre'] = 1;
}

// update existing record.
// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery, WordPress.DB.DirectDatabaseQuery.NoCaching -- Using direct query for adding data to database, caching not required for one time operation.
$wpdb->query(
$wpdb->prepare(
'UPDATE %i SET recordcheck = %d, ignre = %d WHERE siteid = %d and postid = %d and rule = %s and object = %s and type = %s',
$table_name,
1,
$rule_data['ignre'],
$rule_data['siteid'],
$rule_data['postid'],
$rule_data['rule'],
$rule_data['object'],
$rule_data['type']
)
);

}
}

// Insert new records.
if ( ! $results ) {

// filter post types.
$rule_data = apply_filters( 'edac_filter_insert_rule_data', $rule_data );
Copy link
Member

@SteveJonesDev SteveJonesDev Mar 12, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pattonwebz, should we sanitize this data to ensure it's been filtered in a safe manner?

Example:

// Apply filters to allow modification of the rule data.
$rule_data = apply_filters( 'edac_filter_insert_rule_data', $rule_data );

// Sanitize the filtered data.
$rule_data_sanitized = array(
    'postid'        => absint( $rule_data['postid'] ),
    'siteid'        => absint( $rule_data['siteid'] ),
    'type'          => sanitize_text_field( $rule_data['type'] ),
    'rule'          => sanitize_text_field( $rule_data['rule'] ),
    'ruletype'      => sanitize_text_field( $rule_data['ruletype'] ),
    'object'        => sanitize_text_field( $rule_data['object'] ),
    'recordcheck'   => absint( $rule_data['recordcheck'] ),
    'user'          => absint( $rule_data['user'] ),
    'ignre'         => absint( $rule_data['ignre'] ),
    'ignore_user'   => isset( $rule_data['ignore_user'] ) ? absint( $rule_data['ignore_user'] ) : null,
    'ignore_date'   => isset( $rule_data['ignore_date'] ) ? sanitize_text_field( $rule_data['ignore_date'] ) : null,
    'ignore_comment'=> isset( $rule_data['ignore_comment'] ) ? sanitize_text_field( $rule_data['ignore_comment'] ) : null,
    'ignore_global' => absint( $rule_data['ignore_global'] ),
);

// Now, $rule_data_sanitized contains the sanitized data ready for insertion.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that you fixed the ignre to ignore, but we can't do that without first remapping the columns in the table. Would you like me to make an issue to tackle that in the future?


// Sanitize rule data since it is filtered, and we can't be sure
// the data is still as valid as it was when it was first set.
// Sanitize the filtered data.
$rule_data_sanitized = array(
'postid' => absint( $rule_data['postid'] ),
'siteid' => absint( $rule_data['siteid'] ),
'type' => sanitize_text_field( $rule_data['type'] ),
'rule' => sanitize_text_field( $rule_data['rule'] ),
'ruletype' => sanitize_text_field( $rule_data['ruletype'] ),
'object' => esc_attr( $rule_data['object'] ),
'recordcheck' => absint( $rule_data['recordcheck'] ),
'user' => absint( $rule_data['user'] ),
'ignre' => absint( $rule_data['ignre'] ),
'ignre_user' => isset( $rule_data['ignre_user'] ) ? absint( $rule_data['ignre_user'] ) : null,
'ignre_date' => isset( $rule_data['ignre_date'] ) ? sanitize_text_field( $rule_data['ignre_date'] ) : null,
'ignre_comment' => isset( $rule_data['ignre_comment'] ) ? sanitize_text_field( $rule_data['ignre_comment'] ) : null,
'ignre_global' => absint( $rule_data['ignre_global'] ),
);

// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery -- Using direct query for adding data to database.
$wpdb->insert( $table_name, $rule_data_sanitized );

// Return insert id or error.
return $wpdb->insert_id;
}
}
}
5 changes: 3 additions & 2 deletions includes/classes/class-rest-api.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
namespace EDAC\Inc;

use EDAC\Admin\Helpers;
use EDAC\Admin\Insert_Rule_Data;
use EDAC\Admin\Scans_Stats;
use EDAC\Admin\Settings;

Expand Down Expand Up @@ -195,7 +196,7 @@ public function set_post_scan_results( $request ) {
// TODO: setup a rules class for loading/filtering rules.
$rules = edac_register_rules();
$js_rule_ids = array();
foreach ( $rules as $rule ) {
foreach ( $rules as $rule ) {
if ( array_key_exists( 'ruleset', $rule ) && 'js' === $rule['ruleset'] ) {
$js_rule_ids[] = $rule['slug'];
}
Expand Down Expand Up @@ -235,7 +236,7 @@ public function set_post_scan_results( $request ) {

do_action( 'edac_before_rule', $post_id, $rule_id, 'js' );

edac_insert_rule_data( $post, $rule_id, $impact, $html );
( new Insert_Rule_Data() )->insert( $post, $rule_id, $impact, $html );

do_action( 'edac_after_rule', $post_id, $rule_id, 'js' );

Expand Down
17 changes: 17 additions & 0 deletions includes/deprecated/deprecated.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
* @package Accessibility_Checker
*/

use EDAC\Admin\Insert_Rule_Data;
use EDAC\Admin\Purge_Post_Data;

/**
Expand Down Expand Up @@ -73,3 +74,19 @@ function edac_delete_cpt_posts( $post_type ) {
_deprecated_function( __FUNCTION__, '1.10.0', 'EDAC\Admin\Purge_Post_Data::delete_cpt_posts' );
Purge_Post_Data::delete_cpt_posts( $post_type );
}

/**
* Insert rule date into database
*
* @deprecated 1.10.0
*
* @param object $post The post object.
* @param string $rule The rule.
* @param string $ruletype The rule type.
* @param string $rule_obj The object.
* @return void|int
*/
function edac_insert_rule_data( $post, $rule, $ruletype, $rule_obj ) {
_deprecated_function( __FUNCTION__, '1.10.0', 'EDAC\Admin\Insert_Rule_Data' );
return ( new Insert_Rule_Data() )->insert( $post, $rule, $ruletype, $rule_obj );
}
100 changes: 0 additions & 100 deletions includes/insert.php

This file was deleted.

5 changes: 3 additions & 2 deletions includes/validate.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
*/

use EDAC\Admin\Helpers;
use EDAC\Admin\Insert_Rule_Data;

/**
* Oxygen Builder on save
Expand Down Expand Up @@ -146,7 +147,7 @@ function edac_validate( $post_ID, $post, $action ) {
if ( $errors && is_array( $errors ) ) {
do_action( 'edac_rule_errors', $post_ID, $rule, $errors, $action );
foreach ( $errors as $error ) {
edac_insert_rule_data( $post, $rule['slug'], $rule['rule_type'], $object = $error );
( new Insert_Rule_Data() )->insert( $post, $rule['slug'], $rule['rule_type'], $object = $error );
}
}
if ( EDAC_DEBUG === true ) {
Expand Down Expand Up @@ -200,7 +201,7 @@ function edac_remove_corrected_posts( $post_ID, $type, $pre = 1, $ruleset = 'php
if ( 0 === count( $rule_slugs ) ) {
return;
}

if ( 1 === $pre ) {

// Set record flag before validating content.
Expand Down
Loading
Loading