-
+
@@ -213,8 +213,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -240,15 +240,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
- ; ?>)
+ ); ?>)
+
- +
-
+
@@ -256,8 +256,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -283,15 +283,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
- ; ?>)
+ ); ?>)
+
- +
-
+
@@ -299,8 +299,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -326,15 +326,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
- ; ?>)
+ ); ?>)
+
- +
-
+
@@ -342,8 +342,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -369,15 +369,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
- ; ?>)
+ ); ?>)
+
- +
-
+
@@ -385,8 +385,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -412,15 +412,15 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
- ; ?>)
+ ); ?>)
+
- +
-
+
@@ -428,8 +428,8 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
@@ -481,6 +481,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
wp_enqueue_script('media');
wp_enqueue_script('wu-vue');
wp_enqueue_script('wu-selectizer');
+ wp_enqueue_script('wu-settings-loader', wu_get_asset('settings-loader.js', 'js'), ['wu-functions'], wu_get_version(), true);
do_action('wu_render_settings');
@@ -517,7 +518,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
public function default_handler(): void {
if ( ! current_user_can('wu_edit_settings')) {
- wp_die(__('You do not have the permissions required to change settings.', 'wp-multisite-waas'));
+ wp_die(esc_html__('You do not have the permissions required to change settings.', 'wp-multisite-waas'));
}
if ( ! isset($_POST['active_gateways']) && 'payment-gateways' === wu_request('tab')) {
@@ -526,7 +527,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
WP_Ultimo()->settings->save_settings($_POST);
- wp_redirect(add_query_arg('updated', 1, wu_get_current_url()));
+ wp_safe_redirect(add_query_arg('updated', 1, wu_get_current_url()));
exit;
}
@@ -577,7 +578,7 @@ class Settings_Admin_Page extends Wizard_Admin_Page {
'style' => '',
'data-on-load' => 'remove_block_ui',
'data-wu-app' => str_replace('-', '_', $section_slug),
- 'data-state' => json_encode(wu_array_map_keys('wu_replace_dashes', Settings::get_instance()->get_all(true))),
+ 'data-state' => wp_json_encode(wu_array_map_keys('wu_replace_dashes', Settings::get_instance()->get_all(true))),
],
]
);
diff --git a/inc/admin-pages/class-setup-wizard-admin-page.php b/inc/admin-pages/class-setup-wizard-admin-page.php
index 51e61a1..4cd5b75 100644
--- a/inc/admin-pages/class-setup-wizard-admin-page.php
+++ b/inc/admin-pages/class-setup-wizard-admin-page.php
@@ -219,7 +219,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
public function redirect_to_wizard(): void {
if ( ! \WP_Ultimo\Requirements::run_setup() && wu_request('page') !== 'wp-ultimo-setup') {
- wp_redirect(wu_network_admin_url('wp-ultimo-setup'));
+ wp_safe_redirect(wu_network_admin_url('wp-ultimo-setup'));
exit;
}
@@ -713,12 +713,12 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
public function handle_checks(): void {
if (\WP_Ultimo\Requirements::met() === false) {
- wp_redirect(add_query_arg());
+ wp_safe_redirect(add_query_arg());
exit;
}
- wp_redirect($this->get_next_section_link());
+ wp_safe_redirect($this->get_next_section_link());
exit;
}
@@ -747,7 +747,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
\WP_Ultimo\Settings::get_instance()->save_settings($settings_to_save);
- wp_redirect($this->get_next_section_link());
+ wp_safe_redirect($this->get_next_section_link());
exit;
}
@@ -772,7 +772,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
$url = add_query_arg('dry-run', 0);
}
- wp_redirect($url);
+ wp_safe_redirect($url);
exit;
}
@@ -790,7 +790,7 @@ class Setup_Wizard_Admin_Page extends Wizard_Admin_Page {
$redirect_url = $this->get_next_section_link();
- wp_redirect($redirect_url);
+ wp_safe_redirect($redirect_url);
exit;
}
diff --git a/inc/admin-pages/class-site-edit-admin-page.php b/inc/admin-pages/class-site-edit-admin-page.php
index 976fd35..a91cf96 100644
--- a/inc/admin-pages/class-site-edit-admin-page.php
+++ b/inc/admin-pages/class-site-edit-admin-page.php
@@ -227,7 +227,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'transfer_site',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'confirmed' => false,
]
@@ -414,7 +414,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
[
'html_attr' => [
'data-wu-app' => 'site_type',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'type' => $this->get_object()->get_type(),
'original_membership_id' => $this->get_object()->get_membership_id(),
@@ -487,7 +487,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
'data-label-field' => 'reference_code',
'data-search-field' => 'reference_code',
'data-max-items' => 1,
- 'data-selected' => json_encode($membership_selected),
+ 'data-selected' => wp_json_encode($membership_selected),
],
],
'transfer_note' => [
@@ -729,7 +729,7 @@ class Site_Edit_Admin_Page extends Edit_Admin_Page {
$item = wu_get_site($item_id);
if ( ! $item) {
- wp_redirect(wu_network_admin_url('wp-ultimo-sites'));
+ wp_safe_redirect(wu_network_admin_url('wp-ultimo-sites'));
exit;
}
diff --git a/inc/admin-pages/class-site-list-admin-page.php b/inc/admin-pages/class-site-list-admin-page.php
index 7451d79..8778e81 100644
--- a/inc/admin-pages/class-site-list-admin-page.php
+++ b/inc/admin-pages/class-site-list-admin-page.php
@@ -166,7 +166,7 @@ class Site_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'true',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'confirmed' => false,
]
@@ -420,7 +420,7 @@ class Site_List_Admin_Page extends List_Admin_Page {
'value' => $template_id,
'html_attr' => [
'data-model' => 'site',
- 'data-selected' => $site ? json_encode($site->to_search_results()) : '',
+ 'data-selected' => $site ? wp_json_encode($site->to_search_results()) : '',
'data-value-field' => 'blog_id',
'data-label-field' => 'title',
'data-search-field' => 'title',
diff --git a/inc/admin-pages/class-template-previewer-customize-admin-page.php b/inc/admin-pages/class-template-previewer-customize-admin-page.php
index 2bb915d..15fd8cb 100644
--- a/inc/admin-pages/class-template-previewer-customize-admin-page.php
+++ b/inc/admin-pages/class-template-previewer-customize-admin-page.php
@@ -233,7 +233,7 @@ class Template_Previewer_Customize_Admin_Page extends Customizer_Admin_Page {
'style' => 'margin-top: -6px;',
'data-wu-app' => 'site_template_customizer',
'data-wu-customizer-panel' => true,
- 'data-state' => json_encode($state),
+ 'data-state' => wp_json_encode($state),
],
]
);
@@ -308,7 +308,7 @@ class Template_Previewer_Customize_Admin_Page extends Customizer_Admin_Page {
$url = add_query_arg($array_params);
- wp_redirect($url);
+ wp_safe_redirect($url);
exit;
}
diff --git a/inc/admin-pages/class-top-admin-nav-menu.php b/inc/admin-pages/class-top-admin-nav-menu.php
index fb80654..f6e61fe 100644
--- a/inc/admin-pages/class-top-admin-nav-menu.php
+++ b/inc/admin-pages/class-top-admin-nav-menu.php
@@ -163,32 +163,32 @@ class Top_Admin_Nav_Menu {
if (current_user_can('wu_read_sites')) {
$wp_admin_bar->add_node($sites);
- } //end if;
+ }
if (current_user_can('wu_read_memberships')) {
$wp_admin_bar->add_node($memberships);
- } //end if;
+ }
if (current_user_can('wu_read_customers')) {
$wp_admin_bar->add_node($customers);
- } //end if;
+ }
if (current_user_can('wu_read_products')) {
$wp_admin_bar->add_node($products);
- } //end if;
+ }
if (current_user_can('wu_read_payments')) {
$wp_admin_bar->add_node($payments);
- } //end if;
+ }
if (current_user_can('wu_read_discount_codes')) {
$wp_admin_bar->add_node($discount_codes);
- } //end if;
+ }
if (current_user_can('wu_read_settings')) {
$wp_admin_bar->add_node($container);
$wp_admin_bar->add_node($settings);
- } //end if;
+ }
/*
* Add the sub-menus.
diff --git a/inc/admin-pages/class-view-logs-admin-page.php b/inc/admin-pages/class-view-logs-admin-page.php
index aa488fb..a3120ba 100644
--- a/inc/admin-pages/class-view-logs-admin-page.php
+++ b/inc/admin-pages/class-view-logs-admin-page.php
@@ -358,7 +358,7 @@ class View_Logs_Admin_Page extends Edit_Admin_Page {
$url = remove_query_arg('log_file');
- wp_redirect(add_query_arg('deleted', 1, $url));
+ wp_safe_redirect(add_query_arg('deleted', 1, $url));
exit;
}
diff --git a/inc/admin-pages/class-webhook-edit-admin-page.php b/inc/admin-pages/class-webhook-edit-admin-page.php
index 51a614f..8abc83b 100644
--- a/inc/admin-pages/class-webhook-edit-admin-page.php
+++ b/inc/admin-pages/class-webhook-edit-admin-page.php
@@ -259,7 +259,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$event = wu_get_event_type($object_event_slug);
- $payload = isset($event['payload']) ? json_encode(wu_maybe_lazy_load_payload($event['payload']), JSON_PRETTY_PRINT) : '{}';
+ $payload = isset($event['payload']) ? wp_json_encode(wu_maybe_lazy_load_payload($event['payload']), JSON_PRETTY_PRINT) : '{}';
wu_get_template(
'events/widget-payload',
@@ -357,7 +357,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$item = $query->get_item_by('id', wu_request('id'));
if ( ! $item) {
- wp_redirect(wu_network_admin_url('wp-ultimo-webhooks'));
+ wp_safe_redirect(wu_network_admin_url('wp-ultimo-webhooks'));
exit;
}
@@ -407,7 +407,7 @@ class Webhook_Edit_Admin_Page extends Edit_Admin_Page {
$url = add_query_arg($array_params);
- wp_redirect($url);
+ wp_safe_redirect($url);
exit;
}
diff --git a/inc/admin-pages/class-webhook-list-admin-page.php b/inc/admin-pages/class-webhook-list-admin-page.php
index 744fb88..72bbcf5 100644
--- a/inc/admin-pages/class-webhook-list-admin-page.php
+++ b/inc/admin-pages/class-webhook-list-admin-page.php
@@ -157,7 +157,7 @@ class Webhook_List_Admin_Page extends List_Admin_Page {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'edit_line_item',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'event' => '',
]
diff --git a/inc/admin-pages/class-wizard-admin-page.php b/inc/admin-pages/class-wizard-admin-page.php
index e86abb4..bdcd082 100644
--- a/inc/admin-pages/class-wizard-admin-page.php
+++ b/inc/admin-pages/class-wizard-admin-page.php
@@ -299,7 +299,7 @@ abstract class Wizard_Admin_Page extends Base_Admin_Page {
*/
public function default_handler(): void {
- wp_redirect($this->get_next_section_link());
+ wp_safe_redirect($this->get_next_section_link());
exit;
}
diff --git a/inc/api/class-register-endpoint.php b/inc/api/class-register-endpoint.php
index 8ed9a43..66b54b2 100644
--- a/inc/api/class-register-endpoint.php
+++ b/inc/api/class-register-endpoint.php
@@ -93,7 +93,7 @@ class Register_Endpoint {
* @since 2.0.0
*
* @param \WP_REST_Request $request WP Request Object.
- * @return array
+ * @return array|\WP_Error
*/
public function handle_endpoint($request) {
@@ -102,7 +102,7 @@ class Register_Endpoint {
$params = json_decode($request->get_body(), true);
if (\WP_Ultimo\API::get_instance()->should_log_api_calls()) {
- wu_log_add('api-calls', json_encode($params, JSON_PRETTY_PRINT));
+ wu_log_add('api-calls', wp_json_encode($params, JSON_PRETTY_PRINT));
}
$validation_errors = $this->validate($params);
diff --git a/inc/checkout/class-cart.php b/inc/checkout/class-cart.php
index 92dea43..c34c13d 100644
--- a/inc/checkout/class-cart.php
+++ b/inc/checkout/class-cart.php
@@ -1830,7 +1830,7 @@ class Cart implements \JsonSerializable {
$where_clauses[] = ['type', $type];
// Cast to array recursively
- $line_items = json_decode(json_encode($this->line_items), true);
+ $line_items = json_decode(wp_json_encode($this->line_items), true);
$line_items = Array_Search::find(
$line_items,
@@ -2353,7 +2353,7 @@ class Cart implements \JsonSerializable {
*/
public function jsonSerialize(): string {
- return json_encode($this->done());
+ return wp_json_encode($this->done());
}
/**
diff --git a/inc/checkout/class-checkout-pages.php b/inc/checkout/class-checkout-pages.php
index 89276c4..a942304 100644
--- a/inc/checkout/class-checkout-pages.php
+++ b/inc/checkout/class-checkout-pages.php
@@ -108,8 +108,8 @@ class Checkout_Pages {
- ; ?>)
+ ); ?>)
+
- +
name="_wu_force_elements_loading" />
@@ -243,7 +243,7 @@ class Checkout_Pages {
wp_login_url()
);
- wp_redirect($url);
+ wp_safe_redirect($url);
exit;
}
@@ -263,7 +263,7 @@ class Checkout_Pages {
public function maybe_redirect_to_confirm_screen(): void {
if (wu_request('redirect_to')) {
- wp_redirect(wu_request('redirect_to'));
+ wp_safe_redirect(wu_request('redirect_to'));
exit;
}
@@ -395,7 +395,7 @@ class Checkout_Pages {
return;
}
- wp_redirect($redirect_to);
+ wp_safe_redirect($redirect_to);
exit;
}
@@ -472,7 +472,7 @@ class Checkout_Pages {
die;
} else {
- wp_redirect($new_login_url);
+ wp_safe_redirect($new_login_url);
exit;
}
@@ -489,7 +489,7 @@ class Checkout_Pages {
$registration_url = $this->get_page_url('register');
if ($registration_url) {
- wp_redirect($registration_url);
+ wp_safe_redirect($registration_url);
exit;
}
diff --git a/inc/checkout/class-checkout.php b/inc/checkout/class-checkout.php
index 8b36dcb..987dc6d 100644
--- a/inc/checkout/class-checkout.php
+++ b/inc/checkout/class-checkout.php
@@ -1960,7 +1960,7 @@ class Checkout {
/*
* Redirect go burrr!
*/
- wp_redirect($redirect_url);
+ wp_safe_redirect($redirect_url);
exit;
}
@@ -2002,7 +2002,7 @@ class Checkout {
*/
$next_step = $this->get_next_step_name();
- wp_redirect(add_query_arg('step', $next_step));
+ wp_safe_redirect(add_query_arg('step', $next_step));
exit;
}
@@ -2165,7 +2165,7 @@ class Checkout {
);
}
- wp_redirect($redirect_url);
+ wp_safe_redirect($redirect_url);
exit;
} catch (\Throwable $e) {
@@ -2286,12 +2286,12 @@ class Checkout {
* @since 2.0.0
*
* @param string $key Key to retrieve the value for.
- * @param mixed $default The default value to return, when nothing is found.
+ * @param mixed $default_value The default value to return, when nothing is found.
* @return mixed
*/
- public function request_or_session($key, $default = false) {
+ public function request_or_session($key, $default_value = false) {
- $value = $default;
+ $value = $default_value;
if (null !== $this->session) {
$session = $this->session->get('signup');
diff --git a/inc/checkout/class-legacy-checkout.php b/inc/checkout/class-legacy-checkout.php
index dc72ed8..c228473 100644
--- a/inc/checkout/class-legacy-checkout.php
+++ b/inc/checkout/class-legacy-checkout.php
@@ -1018,7 +1018,7 @@ class Legacy_Checkout {
public function next_step($args = []): void {
/** Redirect the user to the next step */
- wp_redirect(esc_url_raw($this->get_next_step_link($args)));
+ wp_safe_redirect(esc_url_raw($this->get_next_step_link($args)));
/** Kill the execution after the redirect */
exit;
diff --git a/inc/checkout/class-line-item.php b/inc/checkout/class-line-item.php
index a7763af..807abe2 100644
--- a/inc/checkout/class-line-item.php
+++ b/inc/checkout/class-line-item.php
@@ -1079,6 +1079,13 @@ class Line_Item implements \JsonSerializable {
$this->tax_label = $tax_label;
}
+ /**
+ * @return string
+ */
+ public function get_date_created(): string {
+ return $this->date_created;
+ }
+
/**
* Returns the amount recurring in a human-friendly way.
*
@@ -1164,7 +1171,7 @@ class Line_Item implements \JsonSerializable {
}
// phpcs:disable;
- $query = $wpdb->prepare("
+ $query = $wpdb->prepare( "
SELECT m.wu_payment_id, m.meta_value as line_items, p.date_created
FROM {$wpdb->base_prefix}wu_paymentmeta as m
JOIN {$wpdb->base_prefix}wu_payments as p
diff --git a/inc/checkout/signup-fields/class-base-signup-field.php b/inc/checkout/signup-fields/class-base-signup-field.php
index 7e6730c..fe2c752 100644
--- a/inc/checkout/signup-fields/class-base-signup-field.php
+++ b/inc/checkout/signup-fields/class-base-signup-field.php
@@ -360,7 +360,7 @@ abstract class Base_Signup_Field {
$selected = array_filter($selected);
- $field['html_attr']['data-selected'] = json_encode($selected);
+ $field['html_attr']['data-selected'] = wp_json_encode($selected);
}
}
diff --git a/inc/checkout/signup-fields/class-signup-field-payment.php b/inc/checkout/signup-fields/class-signup-field-payment.php
index 5d0874b..97d619e 100644
--- a/inc/checkout/signup-fields/class-signup-field-payment.php
+++ b/inc/checkout/signup-fields/class-signup-field-payment.php
@@ -200,7 +200,7 @@ class Signup_Field_Payment extends Base_Signup_Field {
],
'wrapper_html_attr' => [
'v-cloak' => 1,
- 'v-show' => sprintf('%s.includes(gateway) && order.should_collect_payment && order.has_recurring', json_encode($auto_renewable_gateways)),
+ 'v-show' => sprintf('%s.includes(gateway) && order.should_collect_payment && order.has_recurring', wp_json_encode($auto_renewable_gateways)),
],
];
}
diff --git a/inc/checkout/signup-fields/class-signup-field-products.php b/inc/checkout/signup-fields/class-signup-field-products.php
index a9ca500..8a19c87 100644
--- a/inc/checkout/signup-fields/class-signup-field-products.php
+++ b/inc/checkout/signup-fields/class-signup-field-products.php
@@ -216,7 +216,7 @@ class Signup_Field_Products extends Base_Signup_Field {
});";
if (did_action('wu-checkout')) {
- wp_add_inline_script('wu-checkout', sprintf($script, json_encode($products)), 'before');
+ wp_add_inline_script('wu-checkout', sprintf($script, wp_json_encode($products)), 'before');
return;
}
@@ -225,7 +225,7 @@ class Signup_Field_Products extends Base_Signup_Field {
'wp_enqueue_scripts',
function () use ($script, $products) {
- wp_add_inline_script('wu-checkout', sprintf($script, json_encode($products)), 'before');
+ wp_add_inline_script('wu-checkout', sprintf($script, wp_json_encode($products)), 'before');
},
11
);
diff --git a/inc/class-admin-notices.php b/inc/class-admin-notices.php
index 9e02c4f..1b6904e 100644
--- a/inc/class-admin-notices.php
+++ b/inc/class-admin-notices.php
@@ -129,7 +129,7 @@ class Admin_Notices {
*/
public function enqueue_scripts(): void {
- wp_enqueue_script('wu-admin-notices', wu_get_asset('admin-notices.js', 'js'), ['jquery'], wu_get_version());
+ wp_enqueue_script('wu-admin-notices', wu_get_asset('admin-notices.js', 'js'), ['jquery'], wu_get_version(), true);
}
/**
diff --git a/inc/class-ajax.php b/inc/class-ajax.php
index 45b73b4..3835f9a 100644
--- a/inc/class-ajax.php
+++ b/inc/class-ajax.php
@@ -100,7 +100,7 @@ class Ajax {
}
$args = wp_parse_args(
- $_REQUEST,
+ $_REQUEST, // phpcs:ignore WordPress.Security.NonceVerification.Recommended
[
'model' => 'membership',
'query' => [],
diff --git a/inc/class-api.php b/inc/class-api.php
index 04f803d..b7706d4 100644
--- a/inc/class-api.php
+++ b/inc/class-api.php
@@ -96,12 +96,12 @@ class API {
return $result;
}
- $current_route = $_SERVER['REQUEST_URI'];
+ $current_route = sanitize_text_field(wp_unslash($_SERVER['REQUEST_URI'] ?? ''));
$rest_url = rest_url();
- $rest_path = rtrim(parse_url($rest_url, PHP_URL_PATH), '/');
+ $rest_path = rtrim(wp_parse_url($rest_url, PHP_URL_PATH), '/');
- if (! str_starts_with((string) $current_route, $rest_path . '/' . $this->get_namespace())) {
+ if (! str_starts_with($current_route, $rest_path . '/' . $this->get_namespace())) {
return $result;
}
@@ -324,7 +324,7 @@ class API {
*/
public function validate_credentials($api_key, $api_secret) {
- return compact('api_key', 'api_secret') === $this->get_auth(); // phpcs:ignore
+ return [$api_key, $api_secret] === $this->get_auth();
}
/**
@@ -355,7 +355,7 @@ class API {
'body_params' => $request->get_body(),
];
- wu_log_add('api-calls', json_encode($payload, JSON_PRETTY_PRINT));
+ wu_log_add('api-calls', wp_json_encode($payload, JSON_PRETTY_PRINT));
}
}
@@ -383,7 +383,7 @@ class API {
'body_params' => $request->get_body(),
];
- wu_log_add('api-errors', json_encode($payload, JSON_PRETTY_PRINT));
+ wu_log_add('api-errors', wp_json_encode($payload, JSON_PRETTY_PRINT));
}
wu_log_add('api-errors', $result);
@@ -401,9 +401,9 @@ class API {
*/
public function check_authorization($request) {
- if (isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER']) {
- $api_key = $_SERVER['PHP_AUTH_USER'];
- $api_secret = $_SERVER['PHP_AUTH_PW'];
+ if (! empty($_SERVER['PHP_AUTH_USER']) && ! empty($_SERVER['PHP_AUTH_PW'])) {
+ $api_key = sanitize_text_field(wp_unslash($_SERVER['PHP_AUTH_USER']));
+ $api_secret = sanitize_text_field(wp_unslash($_SERVER['PHP_AUTH_PW']));
} else {
$params = $request->get_params();
diff --git a/inc/class-async-calls.php b/inc/class-async-calls.php
index e410722..be8227c 100644
--- a/inc/class-async-calls.php
+++ b/inc/class-async-calls.php
@@ -38,13 +38,12 @@ class Async_Calls {
/**
* Registers a new listener.
*
+ * @since 2.0.7
* @param string $id The id of the listener.
* @param callable $callback A callback to be run.
* @param mixed ...$args Arguments to be passed to the callback.
*
* @return void
- *@since 2.0.7
- *
*/
public static function register_listener($id, $callback, ...$args): void {
diff --git a/inc/class-dashboard-widgets.php b/inc/class-dashboard-widgets.php
index 12a7992..286f603 100644
--- a/inc/class-dashboard-widgets.php
+++ b/inc/class-dashboard-widgets.php
@@ -281,7 +281,7 @@ class Dashboard_Widgets {
public function process_ajax_fetch_rss(): void {
$atts = wp_parse_args(
- $_GET,
+ $_GET, // phpcs:ignore WordPress.Security.NonceVerification.Recommended
[
'url' => 'https://community.wpultimo.com/topics/feed',
'title' => __('Forum Discussions', 'wp-multisite-waas'),
diff --git a/inc/class-domain-mapping.php b/inc/class-domain-mapping.php
index aafdb2a..d6e0caf 100644
--- a/inc/class-domain-mapping.php
+++ b/inc/class-domain-mapping.php
@@ -75,7 +75,7 @@ class Domain_Mapping {
/*
* Don't run during installation...
*/
- if (defined('WP_INSTALLING') && '/wp-activate.php' !== $_SERVER['SCRIPT_NAME']) {
+ if (defined('WP_INSTALLING') && '/wp-activate.php' !== $_SERVER['SCRIPT_NAME']) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput
return;
}
@@ -132,8 +132,6 @@ class Domain_Mapping {
*/
add_action('ms_loaded', [$this, 'register_mapped_filters'], 11);
- // add_action('allowed_http_origin', array($this, 'add_mapped_domains_as_allowed_origins'));
-
/**
* On WP Ultimo 1.X builds we used Mercator. The Mercator actions and filters are now deprecated.
*/
@@ -143,7 +141,7 @@ class Domain_Mapping {
add_action(
'wu_sso_site_allowed_domains',
- function ($list, $site_id): array {
+ function ($domain_list, $site_id): array {
$domains = wu_get_domains(
[
@@ -154,7 +152,7 @@ class Domain_Mapping {
]
);
- return array_merge($list, $domains);
+ return array_merge($domain_list, $domains);
},
10,
2
@@ -338,7 +336,7 @@ class Domain_Mapping {
/**
* Clear mappings for a site when it's deleted
*
- * @param WP_Site $site Site being deleted.
+ * @param \WP_Site $site Site being deleted.
*/
public function clear_mappings_on_delete($site): void {
@@ -356,7 +354,7 @@ class Domain_Mapping {
// translators: First placeholder is the mapping ID, second is the site ID.
$message = sprintf(__('Unable to delete mapping %1$d for site %2$d', 'wp-multisite-waas'), $mapping->get_id(), $site->blog_id);
- trigger_error($message, E_USER_WARNING);
+ trigger_error(esc_html($message), E_USER_WARNING); // phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_trigger_error
}
}
}
@@ -376,7 +374,7 @@ class Domain_Mapping {
}
$real_domain = $current_site->domain;
- $domain = $_SERVER['HTTP_HOST'];
+ $domain = $_SERVER['HTTP_HOST']; // phpcs:ignore
if ($domain === $real_domain) {
@@ -474,7 +472,7 @@ class Domain_Mapping {
}
// Replace the domain
- $domain_base = parse_url($url, PHP_URL_HOST);
+ $domain_base = wp_parse_url($url, PHP_URL_HOST);
$domain = rtrim($domain_base . '/' . $current_mapping->get_site()->get_path(), '/');
$regex = '#^(\w+://)' . preg_quote($domain, '#') . '#i';
$mangled = preg_replace($regex, '${1}' . $current_mapping->get_domain(), $url);
diff --git a/inc/class-faker.php b/inc/class-faker.php
index 0ed26b6..b1ed72c 100644
--- a/inc/class-faker.php
+++ b/inc/class-faker.php
@@ -351,7 +351,7 @@ class Faker {
);
if (is_wp_error($customer)) {
- throw new \Exception($customer->get_error_message());
+ throw new \Exception(esc_html($customer->get_error_message()));
} else {
$this->set_fake_data_generated('customers', $customer);
}
@@ -411,7 +411,7 @@ class Faker {
$product = wu_create_product($product_data);
if (is_wp_error($product)) {
- throw new \Exception($product->get_error_message());
+ throw new \Exception(esc_html($product->get_error_message()));
} else {
$this->set_fake_data_generated('products', $product);
}
@@ -460,7 +460,7 @@ class Faker {
$membership = wu_create_membership($membership_data);
if (is_wp_error($membership)) {
- throw new \Exception($membership->get_error_message());
+ throw new \Exception(esc_html($membership->get_error_message()));
} else {
$this->set_fake_data_generated('memberships', $membership);
}
@@ -502,7 +502,7 @@ class Faker {
);
if (is_wp_error($domain)) {
- throw new \Exception($domain->get_error_message());
+ throw new \Exception(esc_html($domain->get_error_message()));
} else {
$this->set_fake_data_generated('domains', $domain);
}
@@ -550,7 +550,7 @@ class Faker {
$event_data = wu_create_event($event_data);
if (is_wp_error($event_data)) {
- throw new \Exception($event_data->get_error_message());
+ throw new \Exception(esc_html($event_data->get_error_message()));
} else {
$this->set_fake_data_generated('events', $event_data);
}
@@ -599,7 +599,7 @@ class Faker {
);
if (is_wp_error($discount_code)) {
- throw new \Exception($discount_code->get_error_message());
+ throw new \Exception(esc_html($discount_code->get_error_message()));
} else {
$this->set_fake_data_generated('discount_codes', $discount_code);
}
@@ -635,7 +635,7 @@ class Faker {
$checkout_form = wu_create_checkout_form($checkout_form_data);
if (is_wp_error($checkout_form)) {
- throw new \Exception($checkout_form->get_error_message());
+ throw new \Exception(esc_html($checkout_form->get_error_message()));
} else {
$this->set_fake_data_generated('checkout_forms', $checkout_form);
}
@@ -691,7 +691,7 @@ class Faker {
$email = wu_create_email($email_data);
if (is_wp_error($email)) {
- throw new \Exception($email->get_error_message());
+ throw new \Exception(esc_html($email->get_error_message()));
} else {
$this->set_fake_data_generated('emails', $email);
}
@@ -734,7 +734,7 @@ class Faker {
$broadcast = wu_create_broadcast($broadcast_data);
if (is_wp_error($broadcast)) {
- throw new \Exception($broadcast->get_error_message());
+ throw new \Exception(esc_html($broadcast->get_error_message()));
} else {
$this->set_fake_data_generated('broadcasts', $broadcast);
}
@@ -777,7 +777,7 @@ class Faker {
$webhook = wu_create_webhook($webhook_data);
if (is_wp_error($webhook)) {
- throw new \Exception($webhook->get_error_message());
+ throw new \Exception(esc_html($webhook->get_error_message()));
} else {
$this->set_fake_data_generated('webhooks', $webhook);
}
@@ -839,7 +839,7 @@ class Faker {
$payment = wu_create_payment($payment_data);
if (is_wp_error($payment)) {
- throw new \Exception($payment->get_error_message());
+ throw new \Exception(esc_html($payment->get_error_message()));
} else {
$payment->recalculate_totals()->save();
@@ -892,7 +892,7 @@ class Faker {
$site = wu_create_site($site_data);
if (is_wp_error($site)) {
- throw new \Exception($site->get_error_message());
+ throw new \Exception(esc_html($site->get_error_message()));
} else {
$this->set_fake_data_generated('sites', $site);
}
diff --git a/inc/class-helper.php b/inc/class-helper.php
index e6f867a..58fe588 100644
--- a/inc/class-helper.php
+++ b/inc/class-helper.php
@@ -102,14 +102,14 @@ class Helper {
*
* @since 1.9.6
* @param string $option_name Option name.
- * @param mixed $default The default value.
+ * @param mixed $default_value The default value.
* @return mixed
*/
- public function get_option($option_name = 'settings', $default = []) {
+ public function get_option($option_name = 'settings', $default_value = []) {
_deprecated_function(__METHOD__, '2.0.11', 'wu_get_option');
- return wu_get_option($option_name, $default);
+ return wu_get_option($option_name, $default_value);
}
/**
diff --git a/inc/class-light-ajax.php b/inc/class-light-ajax.php
index ae3c763..34ff693 100644
--- a/inc/class-light-ajax.php
+++ b/inc/class-light-ajax.php
@@ -31,7 +31,7 @@ class Light_Ajax {
*/
public function __construct() {
- if (isset($_REQUEST['wu-ajax'])) {
+ if (isset($_REQUEST['wu-ajax'])) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
$action = $this->get_when_to_run();
wu_x_header("X-Ultimo-Ajax-When: $action");
@@ -101,7 +101,7 @@ class Light_Ajax {
]
);
- $action = isset($_REQUEST['wu-when']) ? base64_decode((string) $_REQUEST['wu-when']) : 'plugins_loaded';
+ $action = isset($_REQUEST['wu-when']) ? base64_decode((string) $_REQUEST['wu-when']) : 'plugins_loaded'; // phpcs:ignore WordPress
return in_array($action, $allowed_list, true) ? $action : 'plugins_loaded';
}
@@ -151,7 +151,7 @@ class Light_Ajax {
header('Pragma: no-cache');
- $action = esc_attr(trim((string) $_REQUEST['action']));
+ $action = esc_attr(trim((string) $_REQUEST['action'])); // phpcs:ignore
if (is_user_logged_in()) {
do_action('wu_ajax_' . $action); // phpcs:ignore
diff --git a/inc/class-logger.php b/inc/class-logger.php
index a4896a1..a896da6 100644
--- a/inc/class-logger.php
+++ b/inc/class-logger.php
@@ -65,7 +65,7 @@ class Logger extends AbstractLogger {
*
* Here we are converting the PHP error reporting level to the PSR-3 log level.
*/
- $reporting_level = error_reporting();
+ $reporting_level = error_reporting(); // phpcs:ignore WordPress.PHP
$psr_log_levels = [
E_ERROR => LogLevel::ERROR,
@@ -131,7 +131,7 @@ class Logger extends AbstractLogger {
}
// read file
- $content = file_get_contents($file);
+ $content = file_get_contents($file); // phpcs:ignore WordPress.WP.AlternativeFunctions
// split into lines
$arr_content = explode(PHP_EOL, $content);
@@ -280,13 +280,13 @@ class Logger extends AbstractLogger {
protected function write_to_file($message) {
if ( ! file_exists($this->log_file)) {
- touch($this->log_file);
+ touch($this->log_file); // phpcs:ignore WordPress.WP.AlternativeFunctions
}
- if ( ! is_writable($this->log_file)) {
+ if ( ! is_writable($this->log_file)) { // phpcs:ignore WordPress.WP.AlternativeFunctions
return;
}
- file_put_contents($this->log_file, $message, FILE_APPEND | LOCK_EX);
+ file_put_contents($this->log_file, $message, FILE_APPEND | LOCK_EX); // phpcs:ignore WordPress.WP.AlternativeFunctions
}
}
diff --git a/inc/class-maintenance-mode.php b/inc/class-maintenance-mode.php
index e79ce73..b4cdb54 100644
--- a/inc/class-maintenance-mode.php
+++ b/inc/class-maintenance-mode.php
@@ -71,7 +71,7 @@ class Maintenance_Mode {
* Add maintenance mode Notice to Admin Bar
*
* @since 2.0.0
- * @param WP_Admin_Bar $wp_admin_bar The Admin Bar class.
+ * @param \WP_Admin_Bar $wp_admin_bar The Admin Bar class.
* @return void
*/
public function add_notice_to_admin_bar($wp_admin_bar): void {
@@ -118,7 +118,7 @@ class Maintenance_Mode {
__('Under Maintenance', 'wp-multisite-waas')
);
- wp_die($text, $title, 503);
+ wp_die(esc_html($text), esc_html($title), 503);
}
/**
@@ -140,11 +140,18 @@ class Maintenance_Mode {
*/
public function toggle_maintenance_mode() {
- check_ajax_referer('wu_toggle_maintenance_mode', $_POST['_wpnonce']);
+ if ( ! check_ajax_referer('wu_toggle_maintenance_mode', '_wpnonce', false)) {
+ wp_send_json_error(
+ [
+ 'message' => __('Request failed, please refresh and try again.', 'wp-multisite-waas'),
+ 'value' => false,
+ ]
+ );
+ }
$site_id = \WP_Ultimo\Helpers\Hash::decode(wu_request('site_hash'), 'site');
- if ( ! current_user_can_for_blog($site_id, 'manage_options')) {
+ if ( ! current_user_can_for_site($site_id, 'manage_options')) {
wp_send_json_error(
[
'message' => __('You do not have the necessary permissions to perform this option.', 'wp-multisite-waas'),
diff --git a/inc/class-newsletter.php b/inc/class-newsletter.php
index 5a4ebd5..236ae5a 100644
--- a/inc/class-newsletter.php
+++ b/inc/class-newsletter.php
@@ -39,7 +39,7 @@ class Newsletter {
*/
public function maybe_update_newsletter_subscription($settings, $settings_to_save, $saved_settings) {
- if ( isset($settings_to_save[ self::SETTING_FIELD_SLUG ]) && $settings_to_save[ self::SETTING_FIELD_SLUG ] && $settings_to_save[ self::SETTING_FIELD_SLUG ] != $saved_settings[ self::SETTING_FIELD_SLUG ] ) {
+ if ( isset($settings_to_save[ self::SETTING_FIELD_SLUG ]) && $settings_to_save[ self::SETTING_FIELD_SLUG ] && $settings_to_save[ self::SETTING_FIELD_SLUG ] !== $saved_settings[ self::SETTING_FIELD_SLUG ] ) {
$response = wp_remote_post(
'https://wpmultisitewaas.org/wp-json/newsletter/v2/subscribers',
[
@@ -55,7 +55,7 @@ class Newsletter {
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/json',
- 'Authorization' => 'Basic ' . base64_encode('30220d7fb4ec49a7410b3a309b9346c18410bd56:0407cd731d6f074cd0b96f2643b7619e89af1ed2'),
+ 'Authorization' => 'Basic ' . base64_encode('30220d7fb4ec49a7410b3a309b9346c18410bd56:0407cd731d6f074cd0b96f2643b7619e89af1ed2'), // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
],
]
);
@@ -73,7 +73,7 @@ class Newsletter {
'headers' => [
'Accept' => 'application/json',
'Content-Type' => 'application/json',
- 'Authorization' => 'Basic ' . base64_encode('30220d7fb4ec49a7410b3a309b9346c18410bd56:0407cd731d6f074cd0b96f2643b7619e89af1ed2'),
+ 'Authorization' => 'Basic ' . base64_encode('30220d7fb4ec49a7410b3a309b9346c18410bd56:0407cd731d6f074cd0b96f2643b7619e89af1ed2'), // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
],
]
);
diff --git a/inc/class-requirements.php b/inc/class-requirements.php
index 4ac76d0..483f154 100644
--- a/inc/class-requirements.php
+++ b/inc/class-requirements.php
@@ -280,10 +280,19 @@ class Requirements {
*/
public static function notice_unsupported_php_version(): void {
- // translators: the %1$s placeholder is the required PHP version, while the %2$s is the current PHP version.
- $message = sprintf(__('WP Multisite WaaS requires at least PHP version %1$s to run. Your current PHP version is %2$s. Please, contact your hosting company support to upgrade your PHP version. If you want maximum performance consider upgrading your PHP to version 7.0 or later.', 'wp-multisite-waas'), self::$php_version, phpversion());
-
- printf('', $message);
+ printf(
+ '',
+ sprintf(
+ // translators: the %1$s placeholder is the required PHP version, while the %2$s is the current PHP version, and %3$s is the recommended PHP version.
+ esc_html__(
+ 'WP Multisite WaaS requires at least PHP version %1$s to run. Your current PHP version is %2$s. Please, contact your hosting company support to upgrade your PHP version. If you want maximum performance consider upgrading your PHP to version %3$s or later.',
+ 'wp-multisite-waas'
+ ),
+ esc_html(self::$php_version),
+ '' . esc_html(phpversion()) . '',
+ esc_html(self::$php_recommended_version)
+ )
+ );
}
/**
@@ -296,10 +305,18 @@ class Requirements {
global $wp_version;
- // translators: the %1$s placeholder is the required WP version, while the %2$s is the current WP version.
- $message = sprintf(__('WP Multisite WaaS requires at least WordPress version %1$s to run. Your current WordPress version is %2$s.', 'wp-multisite-waas'), self::$wp_version, $wp_version);
-
- printf('', $message);
+ printf(
+ '',
+ sprintf(
+ // translators: the %1$s placeholder is the required WP version, while the %2$s is the current WP version.
+ esc_html__(
+ 'WP Multisite WaaS requires at least WordPress version %1$s to run. Your current WordPress version is %2$s.',
+ 'wp-multisite-waas'
+ ),
+ esc_html(self::$wp_version),
+ '' . esc_html($wp_version) . ''
+ )
+ );
}
/**
@@ -310,9 +327,7 @@ class Requirements {
*/
public static function notice_not_multisite(): void {
- $message = __('WP Multisite WaaS requires a multisite install to run properly. To know more about WordPress Networks, visit this link: Create a Network →', 'wp-multisite-waas');
-
- printf('', $message);
+ printf('', esc_html__('WP Multisite WaaS requires a multisite install to run properly. To know more about WordPress Networks, visit this link:', 'wp-multisite-waas'), esc_html__('Create a Network', 'wp-multisite-waas'));
}
/**
@@ -323,9 +338,13 @@ class Requirements {
*/
public static function notice_not_network_active(): void {
- // translators: %s is a placeholder for the Network Admin plugins page URL.
- $message = sprintf(__('WP Multisite WaaS needs to be network active to run properly. You can "Network Activate" it here', 'wp-multisite-waas'), network_admin_url('plugins.php'));
-
- printf('', $message);
+ printf(
+ '',
+ sprintf(
+ // translators: %s is a placeholder for the Network Admin plugins page URL with link text.
+ esc_html__('WP Multisite WaaS needs to be network active to run properly. You can "Network Activate" it %s', 'wp-multisite-waas'),
+ '' . esc_html__('here', 'wp-multisite-waas') . ''
+ )
+ );
}
}
diff --git a/inc/class-session-cookie.php b/inc/class-session-cookie.php
index 31d6fcf..db42bd1 100644
--- a/inc/class-session-cookie.php
+++ b/inc/class-session-cookie.php
@@ -137,7 +137,7 @@ class Session_Cookie implements Session {
$expire = HOUR_IN_SECONDS;
}
- $value = json_encode($this->data, JSON_UNESCAPED_UNICODE);
+ $value = wp_json_encode($this->data, JSON_UNESCAPED_UNICODE);
$cookie = new Cookie($this->get_cookie_name());
$cookie->setValue($value);
diff --git a/inc/class-settings.php b/inc/class-settings.php
index 216b66c..2c1393e 100644
--- a/inc/class-settings.php
+++ b/inc/class-settings.php
@@ -178,7 +178,7 @@ class Settings {
$settings = $this->get_all();
if (str_contains($setting, '-')) {
- _doing_it_wrong($setting, __('Dashes are no longer supported when registering a setting. You should change it to underscores in later versions.', 'wp-multisite-waas'), '2.0.0');
+ _doing_it_wrong($setting, esc_html__('Dashes are no longer supported when registering a setting. You should change it to underscores in later versions.', 'wp-multisite-waas'), '2.0.0');
}
$setting_value = $settings[ $setting ] ?? $default_value;
@@ -388,6 +388,7 @@ class Settings {
* @param string $section_slug Section to which this field will be added to.
* @param string $field_slug ID of the field. This is used to later retrieve the value saved on this setting.
* @param array $atts Field attributes such as title, description, tooltip, default value, etc.
+ * @param int $priority Priority of the field. This is used to order the fields.
* @return void
*/
public function add_field($section_slug, $field_slug, $atts, $priority = 10): void {
@@ -401,7 +402,7 @@ class Settings {
* We no longer support settings with hyphens.
*/
if (str_contains($field_slug, '-')) {
- _doing_it_wrong($field_slug, __('Dashes are no longer supported when registering a setting. You should change it to underscores in later versions.', 'wp-multisite-waas'), '2.0.0');
+ _doing_it_wrong($field_slug, esc_html__('Dashes are no longer supported when registering a setting. You should change it to underscores in later versions.', 'wp-multisite-waas'), '2.0.0');
}
$default_order = (count($fields) + 1) * 10;
@@ -466,7 +467,7 @@ class Settings {
$new_attrs['data-selected'] = $data_selected->to_search_results();
}
- $new_attrs['data-selected'] = json_encode($new_attrs['data-selected']);
+ $new_attrs['data-selected'] = wp_json_encode($new_attrs['data-selected']);
return array_merge($original_html_attr, $new_attrs);
};
@@ -479,7 +480,7 @@ class Settings {
foreach ($atts['require'] as $attr => $value) {
$attr = str_replace('-', '_', $attr);
- $value = json_encode($value);
+ $value = wp_json_encode($value);
$require_rules[] = "require('{$attr}', {$value})";
}
@@ -496,6 +497,7 @@ class Settings {
);
$settings = $this->get_all();
+
/*
* Makes sure we install the default value if it is not set yet.
*/
@@ -633,7 +635,6 @@ class Settings {
[
'title' => __('Currency Position', 'wp-multisite-waas'),
'desc' => __('This setting affects all prices displayed across the plugin elements.', 'wp-multisite-waas'),
- 'desc' => '',
'type' => 'select',
'default' => '%s %v',
'options' => [
diff --git a/inc/class-sunrise.php b/inc/class-sunrise.php
index 80779ac..7c9d8b9 100644
--- a/inc/class-sunrise.php
+++ b/inc/class-sunrise.php
@@ -26,14 +26,15 @@ class Sunrise {
*
* @var string
*/
- static $version = '2.0.0.8';
+
+ public static $version = '2.0.0.8';
/**
* Keeps the sunrise meta cached after the first read.
*
* @var null|array
*/
- static $sunrise_meta;
+ public static $sunrise_meta;
/**
* Initializes sunrise and loads additional elements if needed.
@@ -104,6 +105,7 @@ class Sunrise {
*/
public static function load_dependencies(): void {
+ // We can't use JetPack autoloader because WordPress is not fully loaded yet.
require_once __DIR__ . '/deprecated/early-deprecated.php';
require_once __DIR__ . '/deprecated/mercator.php';
require_once __DIR__ . '/functions/site.php';
@@ -115,6 +117,8 @@ class Sunrise {
require_once __DIR__ . '/objects/class-limitations.php';
require_once __DIR__ . '/models/traits/trait-limitable.php';
require_once __DIR__ . '/models/traits/trait-notable.php';
+ require_once __DIR__ . '/models/traits/trait-billable.php';
+ require_once __DIR__ . '/traits/trait-wp-ultimo-subscription-deprecated.php';
require_once __DIR__ . '/traits/trait-wp-ultimo-site-deprecated.php';
require_once __DIR__ . '/database/engine/class-enum.php';
require_once __DIR__ . '/database/sites/class-site-type.php';
@@ -132,6 +136,8 @@ class Sunrise {
require_once __DIR__ . '/class-settings.php';
require_once __DIR__ . '/limits/class-plugin-limits.php';
require_once __DIR__ . '/limits/class-theme-limits.php';
+ require_once __DIR__ . '/limits/class-theme-limits.php';
+ require_once __DIR__ . '/models/class-membership.php';
}
/**
@@ -206,7 +212,7 @@ class Sunrise {
*/
add_filter('option_active_plugins', fn() => []);
- add_filter('site_option_active_sitewide_plugins', fn($plugins) => [basename(dirname(__DIR__)) . '/wp-ultimo.php' => 1]);
+ add_filter('site_option_active_sitewide_plugins', fn() => [basename(dirname(__DIR__)) . '/wp-ultimo.php' => 1], 10, 0);
}
}
}
@@ -255,7 +261,7 @@ class Sunrise {
*/
public static function try_upgrade() {
- $copy_results = @copy(
+ $copy_results = copy(
dirname(WP_ULTIMO_PLUGIN_FILE) . '/sunrise.php',
WP_CONTENT_DIR . '/sunrise.php'
); // phpcs:ignore
diff --git a/inc/class-views.php b/inc/class-views.php
index bc7809b..313eba1 100644
--- a/inc/class-views.php
+++ b/inc/class-views.php
@@ -42,10 +42,11 @@ class Views {
* @since 1.9.0
* @param string|array $template_names Template file(s) to search for, in order.
* @param bool $load If true the template file will be loaded if it is found.
- * @param bool $require_once Whether to require_once or require. Default true. Has no effect if $load is false.
+ * @param bool $use_require_once Whether to require_once or require. Default true. Has no effect if $load is false.
+ *
* @return string The template filename if one is located.
*/
- public function custom_locate_template($template_names, $load = false, $require_once = true) {
+ public function custom_locate_template($template_names, $load = false, $use_require_once = true) {
is_multisite() && switch_to_blog(get_current_site()->blog_id);
@@ -76,7 +77,7 @@ class Views {
}
if ($load && '' !== $located) {
- load_template($located, $require_once);
+ load_template($located, $use_require_once);
}
return $located;
diff --git a/inc/class-whitelabel.php b/inc/class-whitelabel.php
index bdbf918..200b0fa 100644
--- a/inc/class-whitelabel.php
+++ b/inc/class-whitelabel.php
@@ -84,7 +84,6 @@ class Whitelabel {
add_action('wp_user_dashboard_setup', [$this, 'remove_dashboard_widgets'], 11);
add_action('wp_dashboard_setup', [$this, 'remove_dashboard_widgets'], 11);
-
}
if (wu_get_setting('hide_sites_menu', true)) {
@@ -338,16 +337,11 @@ class Whitelabel {
global $menu;
- $index = '';
-
foreach ($menu as $i => $menu_item) {
if ('sites.php' === $menu_item[2]) {
- $index = $i;
-
- continue;
+ unset($menu[ $i ]);
+ break;
}
}
-
- unset($menu[ $index ]);
}
}
diff --git a/inc/debug/class-debug.php b/inc/debug/class-debug.php
index 6892864..0281510 100644
--- a/inc/debug/class-debug.php
+++ b/inc/debug/class-debug.php
@@ -72,37 +72,37 @@ class Debug {
-
+
-
+
-
+
-
+
'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'debug_generator',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'customers' => false,
'products' => false,
@@ -430,7 +430,7 @@ class Debug {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'debug_reset_database_form',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'reset_only' => true,
]
@@ -510,7 +510,7 @@ class Debug {
'field_wrapper_classes' => 'wu-w-full wu-box-border wu-items-center wu-flex wu-justify-between wu-p-4 wu-m-0 wu-border-t wu-border-l-0 wu-border-r-0 wu-border-b-0 wu-border-gray-300 wu-border-solid',
'html_attr' => [
'data-wu-app' => 'debug_drop_database_form',
- 'data-state' => json_encode(
+ 'data-state' => wp_json_encode(
[
'reset_only' => true,
]
diff --git a/inc/development/assets/development.css b/inc/development/assets/development.css
index b0e169c..e8e6fc3 100644
--- a/inc/development/assets/development.css
+++ b/inc/development/assets/development.css
@@ -9,7 +9,7 @@ body {
width: 200px;
content: " ";
position: absolute;
- top: 30;
+ top: 30px;
background: url("../../../assets/img/logo.webp");
background-size: contain;
height: 40px;
diff --git a/inc/development/assets/development.scss b/inc/development/assets/development.scss
index 29a5d83..b09a43e 100644
--- a/inc/development/assets/development.scss
+++ b/inc/development/assets/development.scss
@@ -20,7 +20,7 @@ body {
width: 200px;
content: " ";
position: absolute;
- top: 30;
+ top: 30px;
background: url("../../../assets/img/logo.webp");
background-size: contain;
height: 40px;
diff --git a/inc/development/class-toolkit.php b/inc/development/class-toolkit.php
index d4f6836..8dcd2ec 100644
--- a/inc/development/class-toolkit.php
+++ b/inc/development/class-toolkit.php
@@ -125,7 +125,7 @@ class Toolkit {
$args = $manager->get_arguments_schema('update' === $context);
- file_put_contents(wu_path("/mpb/data/endpoint/.endpoint-$class_name-$context"), json_encode($args)); // phpcs:ignore
+ file_put_contents(wu_path("/mpb/data/endpoint/.endpoint-$class_name-$context"), wp_json_encode($args)); // phpcs:ignore
}
/**
diff --git a/inc/functions/compatiblity.php b/inc/functions/compatiblity.php
new file mode 100644
index 0000000..9a465e8
--- /dev/null
+++ b/inc/functions/compatiblity.php
@@ -0,0 +1,35 @@
+ID );
+ * current_user_can_for_site( $site_id, 'edit_post_meta', $post->ID, $meta_key );
+ *
+ * @since 6.7.0
+ *
+ * @param int $site_id Site ID.
+ * @param string $capability Capability name.
+ * @param mixed ...$args Optional further parameters, typically starting with an object ID.
+ * @return bool Whether the user has the given capability.
+ */
+ function current_user_can_for_site($site_id, $capability, ...$args) { // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedFunctionFound
+ return current_user_can_for_blog($site_id, $capability, ...$args);
+ }
+}
diff --git a/inc/functions/date.php b/inc/functions/date.php
index 2b7d11d..bb00fcd 100644
--- a/inc/functions/date.php
+++ b/inc/functions/date.php
@@ -74,9 +74,9 @@ function wu_get_days_ago($date_1, $date_2 = false) {
$datetime_2 = wu_date($date_2);
- $dateIntervar = $datetime_1->diff($datetime_2, false);
+ $date_intervar = $datetime_1->diff($datetime_2, false);
- return - $dateIntervar->days;
+ return - $date_intervar->days;
}
/**
@@ -90,7 +90,7 @@ function wu_get_current_time($type = 'mysql', $gmt = false) {
switch_to_blog(wu_get_main_site_id());
- $time = current_time($type, $gmt); // phpcs:ignore
+ $time = current_time($type, $gmt); // phpcs:ignore
restore_current_blog();
@@ -121,7 +121,6 @@ function wu_filter_duration_unit($unit, $length) {
$new_unit = $length > 1 ? __('Years', 'wp-multisite-waas') : __('Year', 'wp-multisite-waas');
break;
default:
- $new_unit = $new_unit;
break;
}
@@ -181,10 +180,10 @@ function wu_convert_php_date_format_to_moment_js_format($php_date_format): strin
'g' => 'h',
'H' => 'HH',
'h' => 'hh',
- 'I' => '', // Daylight Saving Time? => moment().isDST();
+ 'I' => '', // Daylight Saving Time?: moment().isDST().
'i' => 'mm',
'j' => 'D',
- 'L' => '', // Leap year? => moment().isLeapYear();
+ 'L' => '', // Is Leap year?: moment().isLeapYear().
'l' => 'dddd',
'M' => 'MMM',
'm' => 'MM',
diff --git a/inc/functions/financial.php b/inc/functions/financial.php
index f300ca5..9a16806 100644
--- a/inc/functions/financial.php
+++ b/inc/functions/financial.php
@@ -358,7 +358,7 @@ function wu_calculate_taxes_by_day($start_date = false, $end_date = false, $incl
foreach ($line_items_groups as $line_items_group) {
foreach ($line_items_group as $line_item) {
- $date = gmdate('Y-m-d', strtotime((string) $line_item->date_created));
+ $date = gmdate('Y-m-d', strtotime($line_item->get_date_created()));
if ( ! wu_get_isset($data, $date)) {
$data[ $date ] = [
diff --git a/inc/functions/legacy.php b/inc/functions/legacy.php
index 4f6140d..edb2e51 100644
--- a/inc/functions/legacy.php
+++ b/inc/functions/legacy.php
@@ -149,7 +149,7 @@ function wu_print_signup_field($field_slug, $field, $results) {
diff --git a/views/base/wizard.php b/views/base/wizard.php
index 8317d16..0198f1b 100644
--- a/views/base/wizard.php
+++ b/views/base/wizard.php
@@ -8,26 +8,26 @@
%s
%s
%s
%s
%s
%s %s →
%s
%s
- +
-
+
; ?>)
-
+
-
+
-
+
@@ -35,11 +35,11 @@
-
+ labels['deleted_message']; ?>
+labels['deleted_message']); ?>
-
-
diff --git a/views/base/wizard/submit-box.php b/views/base/wizard/submit-box.php
index 01f2bf1..aa27836 100644
--- a/views/base/wizard/submit-box.php
+++ b/views/base/wizard/submit-box.php
@@ -9,13 +9,13 @@
+
- get_title(); ?>
+ get_title()); ?>
@@ -53,105 +53,105 @@
do_action('wu_page_wizard_after_title', $page);
?>
-
-
+
-
+
-
-
+
+ ?>
-
+
-
+
diff --git a/views/broadcast/emails/base.php b/views/broadcast/emails/base.php
index 2af4326..f992720 100644
--- a/views/broadcast/emails/base.php
+++ b/views/broadcast/emails/base.php
@@ -17,7 +17,7 @@
if ( ! defined('ABSPATH')) {
exit; // Exit if accessed directly
-} // end if;
+}
?>
@@ -78,7 +78,7 @@ if ( ! defined('ABSPATH')) {
-
@@ -89,7 +89,7 @@ if ( ! defined('ABSPATH')) {
-
-
+
+
+
diff --git a/views/broadcast/widget-targets.php b/views/broadcast/widget-targets.php index 698491c..c3a78cd 100644 --- a/views/broadcast/widget-targets.php +++ b/views/broadcast/widget-targets.php @@ -9,47 +9,47 @@ -
- diff --git a/views/checkout/fields/field-checkbox-multi.php b/views/checkout/fields/field-checkbox-multi.php index 37e53a3..79ed536 100644 --- a/views/checkout/fields/field-checkbox-multi.php +++ b/views/checkout/fields/field-checkbox-multi.php @@ -5,10 +5,9 @@ * @since 2.0.0 */ ?> -get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
options as $option_value => $option_name) : ?>
-
-
-
+
$field,
]
);
-
?>
diff --git a/views/checkout/fields/field-checkbox.php b/views/checkout/fields/field-checkbox.php
index 6ff28af..3a99a4c 100644
--- a/views/checkout/fields/field-checkbox.php
+++ b/views/checkout/fields/field-checkbox.php
@@ -5,22 +5,18 @@
* @since 2.0.0
*/
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
-
diff --git a/views/checkout/fields/field-group.php b/views/checkout/fields/field-group.php
index e9c7bfe..31e3e93 100644
--- a/views/checkout/fields/field-group.php
+++ b/views/checkout/fields/field-group.php
@@ -5,72 +5,57 @@
* @since 2.0.0
*/
?>
-get_wrapper_html_attributes(); ?>>
-
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
-
- $field,
- ]
- );
-
- ?>
-
- id,
- $field->fields,
- [
- 'views' => 'checkout/fields',
- 'classes' => 'wu-flex wu-my-1',
- 'field_wrapper_classes' => 'wu-bg-transparent',
- 'wrap_tag' => 'span',
- 'step' => (object) [
- 'classes' => '',
- ],
- ]
- );
-
- $form->render();
-
- /**
- * Adds the partial error template.
- *
- * @since 2.0.0
- */
- wu_get_template(
- 'checkout/fields/partials/field-errors',
- [
- 'field' => $field,
- ]
- );
-
- ?>
-
- desc) : ?>
-
-
-
- desc; ?>
-
-
-
+ $field,
+ ]
+ );
+ ?>
+ id,
+ $field->fields,
+ [
+ 'views' => 'checkout/fields',
+ 'classes' => 'wu-flex wu-my-1',
+ 'field_wrapper_classes' => 'wu-bg-transparent',
+ 'wrap_tag' => 'span',
+ 'step' => (object) [
+ 'classes' => '',
+ ],
+ ]
+ );
+ $form->render();
+ /**
+ * Adds the partial error template.
+ *
+ * @since 2.0.0
+ */
+ wu_get_template(
+ 'checkout/fields/partials/field-errors',
+ [
+ 'field' => $field,
+ ]
+ );
+ ?>
+ desc) : ?>
+
+ desc); ?>
+
-
-
diff --git a/views/checkout/fields/field-hidden.php b/views/checkout/fields/field-hidden.php
index d436e47..b4bb010 100644
--- a/views/checkout/fields/field-hidden.php
+++ b/views/checkout/fields/field-hidden.php
@@ -1,27 +1,12 @@
-
-
value)) : ?>
-
value as $index => $value) : ?>
-
- get_html_attributes(); ?>>
-
+ get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
-
-
- get_html_attributes(); ?>>
-
+ get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
diff --git a/views/checkout/fields/field-html.php b/views/checkout/fields/field-html.php
index 713e6ea..8016573 100644
--- a/views/checkout/fields/field-html.php
+++ b/views/checkout/fields/field-html.php
@@ -6,7 +6,7 @@
*/
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
@@ -24,41 +24,31 @@
]
);
- /**
- * Adds the partial description template.
- *
- * @since 2.0.0
- */
- wu_get_template(
- 'checkout/fields/partials/field-description',
- [
- 'field' => $field,
- ]
- );
+ /**
+ * Adds the partial description template.
+ *
+ * @since 2.0.0
+ */
+ wu_get_template(
+ 'checkout/fields/partials/field-description',
+ [
+ 'field' => $field,
+ ]
+ );
- ?>
+ /**
+ * Adds the partial errors template.
+ *
+ * @since 2.0.0
+ */
+ wu_get_template(
+ 'checkout/fields/partials/field-errors',
+ [
+ 'field' => $field,
+ ]
+ );
-
diff --git a/views/checkout/fields/field-note.php b/views/checkout/fields/field-note.php
index d503edb..32d1cdc 100644
--- a/views/checkout/fields/field-note.php
+++ b/views/checkout/fields/field-note.php
@@ -6,8 +6,8 @@
*/
?>
-
-
- content; ?>
-
-
-
- $field,
- ]
- );
-
- ?>
+ ?>
get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
- desc; ?>
+ desc; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
diff --git a/views/checkout/fields/field-password.php b/views/checkout/fields/field-password.php
index 8f6ccd9..eba3efe 100644
--- a/views/checkout/fields/field-password.php
+++ b/views/checkout/fields/field-password.php
@@ -5,10 +5,9 @@
* @since 2.0.0
*/
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
- get_html_attributes(); ?>>
+ get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
meter) : ?>
-
-
-
-
-
-
-
+
+
+
+
-
-
-
$field,
]
);
-
?>
-
-
diff --git a/views/checkout/fields/field-payment-methods.php b/views/checkout/fields/field-payment-methods.php
index dedb8ff..5232c67 100644
--- a/views/checkout/fields/field-payment-methods.php
+++ b/views/checkout/fields/field-payment-methods.php
@@ -8,7 +8,7 @@
$active_gateways = wu_get_active_gateway_as_options();
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
- get_html_attributes(); ?>
- >
+ get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
+ >
-
+
-
-
+
@@ -78,7 +78,7 @@ $active_gateways = wu_get_active_gateway_as_options();
/**
* Load Gateway fields
- *
+ *
* @since 2.0.0
*/
do_action('wu_checkout_gateway_fields');
diff --git a/views/checkout/fields/field-products.php b/views/checkout/fields/field-products.php
index c65d6b1..b36b1bc 100644
--- a/views/checkout/fields/field-products.php
+++ b/views/checkout/fields/field-products.php
@@ -5,10 +5,9 @@
* @since 2.0.0
*/
?>
-
get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
-
-
-
+
$field,
]
);
-
?>
-
diff --git a/views/checkout/fields/field-radio.php b/views/checkout/fields/field-radio.php
index 522ae88..edfd111 100644
--- a/views/checkout/fields/field-radio.php
+++ b/views/checkout/fields/field-radio.php
@@ -5,10 +5,9 @@
* @since 2.0.0
*/
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
$field,
]
);
-
?>
options as $option_value => $option_name) : ?>
-
-
-
+
$field,
]
);
-
?>
diff --git a/views/checkout/fields/field-select.php b/views/checkout/fields/field-select.php
index a37ea64..afba4a8 100644
--- a/views/checkout/fields/field-select.php
+++ b/views/checkout/fields/field-select.php
@@ -5,7 +5,7 @@
* @since 2.0.0
*/
?>
-get_wrapper_html_attributes(); ?>>
+
get_wrapper_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>>
id); ?>"
name="id); ?>"
value="value); ?>"
- get_html_attributes(); ?>
+ get_html_attributes(); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
>
placeholder) : ?>
-
+
@@ -43,14 +43,14 @@
value=""
value); ?>
>
-
+
options_template) : ?>
- options_template; ?>
+ options_template; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
diff --git a/views/checkout/fields/field-submit.php b/views/checkout/fields/field-submit.php
index 4247d21..dbd1396 100644
--- a/views/checkout/fields/field-submit.php
+++ b/views/checkout/fields/field-submit.php
@@ -5,12 +5,8 @@
* @since 2.0.0
*/
?>
-
get_wrapper_html_attributes(); ?>>
-
-