Skip to content

Commit

Permalink
Merge pull request #101 from favicode/fix/plugin-checker-report
Browse files Browse the repository at this point in the history 
Improvement related to plugin checker report
  • Loading branch information
@vvuksan
vvuksan authored May 6, 2024
2 parents 9754ae3 + 847d62a commit 716d16e
Show file tree
Hide file tree
Showing 10 changed files with 273 additions and 208 deletions.
19 changes: 11 additions & 8 deletions purgely.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
Plugin URI: http://fastly.com/
Description: Configuration and cache purging for the Fastly CDN.
Authors: Zack Tollman (github.com/tollmanz), WIRED Tech Team (github.com/CondeNast) & Fastly
Version: 1.2.25
Version: 1.2.26
Author URI: http://fastly.com/
*/

Expand Down Expand Up @@ -62,7 +62,7 @@ class Purgely
*
* @var string Plugin version.
*/
var $version = '1.2.25';
var $version = '1.2.26';

/**
* Currently installed plugin version.
Expand Down Expand Up @@ -190,10 +190,6 @@ public function __construct()
}
}

if (is_admin()) {
include $this->src_dir . '/settings-page.php';
}

// First install DB schema changes
$upgrades = new Upgrades($this);
$upgrades->check_and_run_upgrades();
Expand Down Expand Up @@ -248,6 +244,7 @@ public function __construct()

// Load the textdomain.
add_action('plugins_loaded', array($this, 'load_plugin_textdomain'));
add_action('plugins_loaded', array($this, 'load_admin_settings'));

// Load custom JS for EdgeModules
add_action( 'admin_enqueue_scripts', array($this, 'enqueue_admin_script_edgemodules'));
Expand Down Expand Up @@ -370,6 +367,13 @@ public function load_plugin_textdomain()
load_plugin_textdomain('purgely', false, basename(dirname(__FILE__)) . '/languages/');
}

public function load_admin_settings()
{
if (is_admin()) {
include $this->src_dir . '/settings-page.php';
}
}

/**
* Initialize Fastly custom cache tags taxonomy
*/
Expand Down Expand Up @@ -561,8 +565,7 @@ function fastly_io_pixel_ratios_the_content_filter($content) {
function fastly_edge_modules() {
$result = [];
foreach ( glob( $this->edge_modules_dir . "/*.json" ) as $file ) {
if (is_file($file) && $contents = file_get_contents($file)) {
$json = json_decode($contents);
if (is_file($file) && $json = wp_json_file_decode($file)) {
$result[$json->id] = $json;
}
}
Expand Down
8 changes: 6 additions & 2 deletions readme.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
Contributors: Fastly, Inchoo, CondeNast
Tags: fastly, cdn, performance, speed, spike, spike-protection, caching, dynamic, comments, ddos
Requires at least: 4.6.2
Tested up to: 6.4.2
Stable tag: trunk
Tested up to: 6.5.2
Stable tag: 1.2.26
License: GPLv2

Integrates Fastly with WordPress publishing tools.
Expand Down Expand Up @@ -118,6 +118,10 @@ Note: you may have to disable other caching plugins like W3TotalCache to avoid g

== Changelog ==

= 1.2.26

* Code cleanup, improvements in data sanitization and escaping input

= 1.2.25

* Assignment fix for constants https://github.com/fastly/WordPress-Plugin/pull/99
Expand Down
2 changes: 1 addition & 1 deletion src/classes/api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ public function error_notice()
{
?>
<div class="error notice">
<p><?php _e( $this->error_message); ?></p>
<p><?php esc_html( $this->error_message ); ?></p>
</div>
<?php
}
Expand Down
116 changes: 62 additions & 54 deletions src/classes/edgemodules.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,8 @@ public function renderSettings()
<div class="wrap">
<div id="fastly-admin" class="wrap">
<h1>
<img alt="fastly" src="<?php echo FASTLY_PLUGIN_URL . 'static/logo_white.gif'; ?>"><br>
<span style="font-size: x-small;">version: <?php echo FASTLY_VERSION; ?></span>
<img alt="fastly" src="<?php echo esc_attr( FASTLY_PLUGIN_URL . 'static/logo_white.gif' ); ?>"><br>
<span style="font-size: x-small;">version: <?php echo esc_html( FASTLY_VERSION ); ?></span>
</h1>
</div>
Fastly Edge Modules is a framework that allows you to enable specific functionality on Fastly without needing to write any VCL code.
Expand All @@ -50,19 +50,20 @@ public function renderSettings()
<?php foreach ($modules as $module): ?>
<tr>
<td>
<strong><?php echo $module->name; ?></strong><br>
<strong><?php echo esc_html( $module->name ); ?></strong><br>
<p>
<em><?php echo $module->description; ?></em>
<em><?php echo esc_html( $module->description ); ?></em>
</p>
</td>
<td nowrap="nowrap">
<em>
<strong><?php echo (isset($module->enabled) && $module->enabled) ? __('Enabled') : __('Disabled'); ?></strong><br>
Uploaded: <?php echo isset($module->data['uploaded_at']) ? date ( 'Y/m/d' , strtotime($module->data['uploaded_at'])) : __('never'); ?>
<strong><?php echo (isset($module->enabled) && $module->enabled) ? esc_html__('Enabled', 'purgely') : esc_html__('Disabled', 'purgely'); ?></strong><br>
Uploaded: <?php echo isset($module->data['uploaded_at']) ? esc_html( gmdate('Y/m/d' , strtotime($module->data['uploaded_at'] ) ) ) : esc_html__('never', 'purgely'); ?>
</em>
</td>
<td nowrap="nowrap">
<a href="#TB_inline?&width=800&inlineId=fastly-edge-module-<?php echo $module->id; ?>" title="<?php echo $module->name; ?>" class="button thickbox">Manage</a>
<a href="#TB_inline?&width=800&inlineId=fastly-edge-module-<?php echo esc_attr( $module->id ); ?>"
title="<?php echo esc_attr( $module->name ); ?>" class="button thickbox">Manage</a>
</td>
</tr>
<?php endforeach; ?>
Expand All @@ -71,15 +72,15 @@ public function renderSettings()
<span class="spinner" id="html-popup-spinner" style="position: absolute; top:0;left:0;width:100%;height:100%;margin:0; background-color: #fff; background-position:center;"></span>
</div>
<?php foreach ($modules as $module): ?>
<div id="fastly-edge-module-<?php echo $module->id; ?>"style="display:none;">
<div id="fastly-edge-module-<?php echo esc_attr( $module->id ); ?>" style="display:none;">
<form action="<?php menu_page_url( 'fastly-edge-modules' ) ?>" onsubmit="return EdgeModules.submit(this)" method="post">
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('fastly-edge-modules'); ?>">
<input type="hidden" id="<?php echo "{$module->id}-key"; ?>" value='<?php echo $module->id; ?>'>
<input type="hidden" id="<?php echo "{$module->id}-vcl"; ?>" value='<?php echo rawurlencode(json_encode($module->vcl)); ?>'>
<input type="hidden" id="<?php echo "{$module->id}-snippet"; ?>" name="<?php echo "{$module->id}[snippet]"; ?>">
<input type="hidden" name="nonce" value="<?php echo esc_attr( wp_create_nonce('fastly-edge-modules') ); ?>">
<input type="hidden" id="<?php echo esc_attr( "$module->id-key" ); ?>" value='<?php echo esc_attr( $module->id ); ?>'>
<input type="hidden" id="<?php echo esc_attr( "$module->id-vcl" ); ?>" value='<?php echo rawurlencode( wp_json_encode($module->vcl) ); ?>'>
<input type="hidden" id="<?php echo esc_attr( "$module->id-snippet" ); ?>" name="<?php echo esc_attr( "$module->id[snippet]" ); ?>">
<table class="form-table">
<tbody>
<?php if($module->properties): ?>
<?php if( !empty($module->properties) ): ?>
<?php foreach($module->properties as $property): ?>
<?php if($property->type === 'group'): ?>
<?php $this->renderGroup($property, (isset($module->data[$property->name])) ? $module->data[$property->name] : null, $module->id); ?>
Expand All @@ -93,7 +94,7 @@ public function renderSettings()
<tr>
<td>
<span class="submitbox">
<a class="submitdelete" href="#" onclick="return EdgeModules.disableModule('<?php echo $module->id; ?>')">Disable</a>
<a class="submitdelete" href="#" onclick="return EdgeModules.disableModule('<?php echo esc_attr( $module->id ); ?>')">Disable</a>
</span>
</td>
<td>
Expand All @@ -103,12 +104,12 @@ public function renderSettings()
</tfoot>
</table>
</form>
<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" id="<?php echo "{$module->id}-disable-form"; ?>" method="post" style="display: none;">
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('fastly-edge-modules-disable'); ?>">
<form action="<?php echo esc_url( admin_url( 'admin-post.php' ) ); ?>" id="<?php echo esc_attr( "$module->id-disable-form" ); ?>" method="post" style="display: none;">
<input type="hidden" name="nonce" value="<?php echo esc_attr( wp_create_nonce('fastly-edge-modules-disable') ); ?>">
<input type="hidden" name="action" value="fastly_module_disable_form">
<input type="hidden" name="module_name" value='<?php echo $module->id; ?>'>
<input type="hidden" name="module_name" value='<?php echo esc_attr( $module->id ); ?>'>
<?php for ($i = 0; $i < count($module->vcl); $i++): ?>
<input type="hidden" name="types[<?php echo $i; ?>]" value='<?php echo $module->vcl[$i]->type; ?>'>
<input type="hidden" name="types[<?php echo esc_attr( $i ); ?>]" value='<?php echo esc_attr( $module->vcl[$i]->type ); ?>'>
<?php endfor; ?>
</form>
</div>
Expand All @@ -121,7 +122,7 @@ protected function getModulesWithData()
$apiData = fastly_api()->get_all_snippets();
$localData = get_option(self::SETTINGS, []);
return array_map(function ($module) use ($apiData, $localData) {
$module->data = isset($localData[$module->id]) ? $localData[$module->id] : [];
$module->data = $localData[$module->id] ?? [];
$query = self::EDGE_PREFIX.'_'.$module->id;
foreach ($apiData as $apiModule) {
if (substr($apiModule->name, 0, strlen($query)) === $query) {
Expand All @@ -141,19 +142,19 @@ protected function renderGroup($group, $values, $suffix)
<tr>
<th rowspan="2">
<label>
<?php echo __($group->label); ?>
<?php echo esc_html( $group->label ); ?>
</label>
</th>
<td>
<a href="#" title="Add group" class="button" onclick="return EdgeModules.addGroup('<?php echo $suffix; ?>', '<?php echo $name; ?>')">Add group</a>
<a href="#" title="Add group" class="button" onclick="return EdgeModules.addGroup('<?php echo esc_attr( $suffix ); ?>', '<?php echo esc_attr( $name ); ?>')">Add group</a>
</td>
</tr>
<tr>
<td>
<?php for ($i = 0; $i < count($values); $i++): ?>
<?php $this->renderGroupProperties($group->properties, $values[$i], "{$name}[$i]", "{$suffix}-{$i}"); ?>
<?php endfor; ?>
<template id="<?php echo $suffix.'-template'; ?>">
<?php foreach ($values as $key => $value): ?>
<?php $this->renderGroupProperties($group->properties, $value, "{$name}[$key]", "{$suffix}-{$key}"); ?>
<?php endforeach; ?>
<template id="<?php echo esc_attr( "$suffix-template" ); ?>">
<?php $this->renderGroupProperties($group->properties, [], "{$name}[x]", 'container'); ?>
</template>
</td>
Expand All @@ -164,11 +165,11 @@ protected function renderGroup($group, $values, $suffix)
protected function renderGroupProperties($properties, $values, $name, $id)
{
?>
<div id="<?php echo $id; ?>">
<div id="<?php echo esc_attr( $id ); ?>">
<table class="form-table">
<tbody>
<?php foreach($properties as $property): ?>
<?php $this->renderProperty($name, $property, $values[$property->name]); ?>
<?php $this->renderProperty($name, $property, $values[$property->name] ?? ""); ?>
<?php endforeach; ?>
</tbody>
</table>
Expand All @@ -185,13 +186,13 @@ protected function renderProperty($name, $property, $value)
?>
<tr>
<th>
<label for="<?php echo $property->name; ?>">
<?php echo __($property->label); ?>
<label for="<?php echo esc_attr( $property->name ); ?>">
<?php echo esc_html( $property->label ); ?>
</label>
</th>
<td>
<?php echo $this->renderField($name, $property, $value); ?>
<p><small><em><?php echo $property->description; ?></em></small></p>
<?php $this->renderField($name, $property, $value); ?>
<p><small><em><?php echo esc_html( $property->description ?? "" ); ?></em></small></p>
</td>
</tr>
<?php
Expand All @@ -211,42 +212,49 @@ protected function renderField($name, $property, $value = null)

switch ($property->type) {
case 'acl':
$options = '';
echo "<select style='width: 100%;' id=' " . esc_attr($id) . "' name='" . esc_attr($name) . "' " . esc_attr($required) . ">";
foreach ($this->getAcls() as $acl) {
$selected = $acl->name === $value ? 'selected' : '';
$options .= "<option value='$acl->name' {$selected}>{$acl->name}</option>";
};
return "<select style='width: 100%;' id='{$id}' name='{$name}' {$required}>{$options}</select>";
echo "<option value='" . esc_attr($acl->name) . "' " . esc_attr($selected) . ">" . esc_html($acl->name) . "</option>";
}
echo "</select>";
break;
case 'dict':
$options = '';
echo "<select style='width: 100%;' id=' " . esc_attr($id) . "' name='" . esc_attr($name) . "' " . esc_attr($required) . ">";
foreach ($this->getDictionaries() as $dictionary) {
$selected = $dictionary->name === $value ? 'selected' : '';
$options .= "<option value='$dictionary->name' {$selected}>{$dictionary->name}</option>";
};
return "<select style='width: 100%;' id='{$id}' name='{$name}' {$required}>{$options}</select>";
echo "<option value='" . esc_attr($dictionary->name) . "' " . esc_attr($selected) . ">" . esc_html($dictionary->name) . "</option>";
}
echo "</select>";
break;
case 'select':
$options = '';
echo "<select style='width: 100%;' id=' " . esc_attr($id) . "' name='" . esc_attr($name) . "' " . esc_attr($required) . ">";
foreach ((array) $property->options as $k => $label) {
$selected = $k === $value ? 'selected' : '';
$options .= "<option value='{$k}' {$selected}>{$label}</option>";
};
return "<select style='width: 100%;' id='{$id}' name='{$name}' {$required}>{$options}</select>";
echo "<option value='" . esc_attr($k). "' " . esc_attr($selected) . ">" . esc_html($label) . "</option>";

}
echo "</select>";
break;
case 'boolean':
$value = $value === 'true';
$options = implode('', [
"<option value='' ".(!$value ? 'selected' : '').">No</option>",
"<option value='1' ".($value ? 'selected' : '').">Yes</option>",
]);
return "<select style='width: 100%;' id='{$id}' name='{$name}'>{$options}</select>";
echo "<select style='width: 100%;' id=' " . esc_attr($id) . "' name='" . esc_attr($name) . "' " . esc_attr($required) . ">";

echo"<option value='0' ".(!$value ? 'selected' : '').">No</option>" .
"<option value='1' ".($value ? 'selected' : '').">Yes</option>";
echo "</select>";
break;
case 'integer':
case 'float':
$type = 'number';
return "<input style='width: 100%;' type='{$type}' id='{$id}' name='{$name}' value='{$value}' {$required}/>";
echo "<input style='width: 100%;' type='number' id='" . esc_attr($id) . "' name='" . esc_attr($name) .
"' value='" . esc_attr($value) . "'" . esc_attr($required) . "/>";
break;
case 'string':
case 'path':
default:
$type = 'text';
return "<input style='width: 100%;' type='{$type}' id='{$id}' name='{$name}' value='{$value}' {$required}/>";

echo "<input style='width: 100%;' type='text' id='" . esc_attr($id) . "' name='" . esc_attr($name) .
"' value='" . esc_attr($value) . "'" . esc_attr($required) . "/>";
break;
}
}

Expand Down Expand Up @@ -294,7 +302,7 @@ public function processFormSubmission($data)
$currentData = get_option(self::SETTINGS, []);
$data = array_merge($currentData , array_map(function ($d) {
unset($d['snippet']);
$d['uploaded_at'] = date(DATE_ISO8601);
$d['uploaded_at'] = gmdate(DATE_ISO8601);
return $d;
}, $data));
update_option(self::SETTINGS, $data);
Expand Down
3 changes: 0 additions & 3 deletions src/classes/purge-request.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,13 +120,10 @@ protected function _build_request_uri_for_purge($type)
switch ($type) {
case 'key-collection':
return trailingslashit($api_endpoint) . 'service/' . $fastly_service_id . '/purge';
break;
case 'url':
return $this->get_thing();
break;
case 'all':
return trailingslashit($api_endpoint) . 'service/' . $fastly_service_id . '/purge_all';
break;
default :
return false;
}
Expand Down
1 change: 0 additions & 1 deletion src/classes/related-surrogate-keys.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,6 @@ public function locate_author_surrogate_key($post_id)
{

if ($post = $this->get_post($post_id)) {
$post->post_author;
$key = 'a-' . absint($post->post_author);
$this->_collection[] = $key;
}
Expand Down
6 changes: 4 additions & 2 deletions src/classes/vcl-handler.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ public function __construct($data)

$connection = test_fastly_api_connection($this->_hostname, $this->_service_id, $this->_api_key);
if (!$connection['status']) {
$this->add_error(__($connection['message']));
$this->add_error($connection['message']);
return;
}

Expand Down Expand Up @@ -252,7 +252,9 @@ public function prepare_vcl()
}

if (file_exists($single_vcl_data['vcl_dir'] . DIRECTORY_SEPARATOR . $single_vcl_data['type'] . '.vcl')) {
$single_vcl_data['content'] = file_get_contents($single_vcl_data['vcl_dir'] . DIRECTORY_SEPARATOR . $single_vcl_data['type'] . '.vcl');
global $wp_filesystem;
WP_Filesystem();
$single_vcl_data['content'] = $wp_filesystem->get_contents( ($single_vcl_data['vcl_dir'] . DIRECTORY_SEPARATOR . $single_vcl_data['type'] . '.vcl') );
unset($single_vcl_data['vcl_dir']);
} else {
$this->add_error(__('VCL file does not exist.'));
Expand Down
Loading

0 comments on commit 716d16e

Please sign in to comment.