Prep Plugin for release on WordPress.org
Escape everything that should be escaped. Add nonce checks where needed. Sanitize all inputs. Apply Code style changes across the codebase. Correct many deprecation notices. Optimize load order of many filters.
This commit is contained in:
David Stone
@ -1830,7 +1830,7 @@ class Cart implements \JsonSerializable {
|
||||
$where_clauses[] = ['type', $type];
|
||||
|
||||
// Cast to array recursively
|
||||
$line_items = json_decode(json_encode($this->line_items), true);
|
||||
$line_items = json_decode(wp_json_encode($this->line_items), true);
|
||||
|
||||
$line_items = Array_Search::find(
|
||||
$line_items,
|
||||
@ -2353,7 +2353,7 @@ class Cart implements \JsonSerializable {
|
||||
*/
|
||||
public function jsonSerialize(): string {
|
||||
|
||||
return json_encode($this->done());
|
||||
return wp_json_encode($this->done());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -108,8 +108,8 @@ class Checkout_Pages {
|
||||
|
||||
<div class="misc-pub-section misc-pub-section-last" style="margin-top: 12px; margin-bottom: 6px; display: flex; align-items: center;">
|
||||
<label for="wu-compat-mode">
|
||||
<span style="display: block; font-weight: 600; margin-bottom: 3px;"><?php _e('WP Multisite WaaS Compatibility Mode', 'wp-multisite-waas'); ?></span>
|
||||
<small style="display: block; line-height: 1.8em;"><?php _e('Toggle this option on if WP Multisite WaaS elements are not loading correctly or at all.', 'wp-multisite-waas'); ?></small>
|
||||
<span style="display: block; font-weight: 600; margin-bottom: 3px;"><?php esc_html_e('WP Multisite WaaS Compatibility Mode', 'wp-multisite-waas'); ?></span>
|
||||
<small style="display: block; line-height: 1.8em;"><?php esc_html_e('Toggle this option on if WP Multisite WaaS elements are not loading correctly or at all.', 'wp-multisite-waas'); ?></small>
|
||||
</label>
|
||||
<div style="margin-left: 6px;">
|
||||
<input id="wu-compat-mode" type="checkbox" value="1" <?php checked($value, true, true); ?> name="_wu_force_elements_loading" />
|
||||
@ -243,7 +243,7 @@ class Checkout_Pages {
|
||||
wp_login_url()
|
||||
);
|
||||
|
||||
wp_redirect($url);
|
||||
wp_safe_redirect($url);
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -263,7 +263,7 @@ class Checkout_Pages {
|
||||
public function maybe_redirect_to_confirm_screen(): void {
|
||||
|
||||
if (wu_request('redirect_to')) {
|
||||
wp_redirect(wu_request('redirect_to'));
|
||||
wp_safe_redirect(wu_request('redirect_to'));
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -395,7 +395,7 @@ class Checkout_Pages {
|
||||
return;
|
||||
}
|
||||
|
||||
wp_redirect($redirect_to);
|
||||
wp_safe_redirect($redirect_to);
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -472,7 +472,7 @@ class Checkout_Pages {
|
||||
|
||||
die;
|
||||
} else {
|
||||
wp_redirect($new_login_url);
|
||||
wp_safe_redirect($new_login_url);
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -489,7 +489,7 @@ class Checkout_Pages {
|
||||
$registration_url = $this->get_page_url('register');
|
||||
|
||||
if ($registration_url) {
|
||||
wp_redirect($registration_url);
|
||||
wp_safe_redirect($registration_url);
|
||||
|
||||
exit;
|
||||
}
|
||||
|
||||
@ -1960,7 +1960,7 @@ class Checkout {
|
||||
/*
|
||||
* Redirect go burrr!
|
||||
*/
|
||||
wp_redirect($redirect_url);
|
||||
wp_safe_redirect($redirect_url);
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -2002,7 +2002,7 @@ class Checkout {
|
||||
*/
|
||||
$next_step = $this->get_next_step_name();
|
||||
|
||||
wp_redirect(add_query_arg('step', $next_step));
|
||||
wp_safe_redirect(add_query_arg('step', $next_step));
|
||||
|
||||
exit;
|
||||
}
|
||||
@ -2165,7 +2165,7 @@ class Checkout {
|
||||
);
|
||||
}
|
||||
|
||||
wp_redirect($redirect_url);
|
||||
wp_safe_redirect($redirect_url);
|
||||
|
||||
exit;
|
||||
} catch (\Throwable $e) {
|
||||
@ -2286,12 +2286,12 @@ class Checkout {
|
||||
* @since 2.0.0
|
||||
*
|
||||
* @param string $key Key to retrieve the value for.
|
||||
* @param mixed $default The default value to return, when nothing is found.
|
||||
* @param mixed $default_value The default value to return, when nothing is found.
|
||||
* @return mixed
|
||||
*/
|
||||
public function request_or_session($key, $default = false) {
|
||||
public function request_or_session($key, $default_value = false) {
|
||||
|
||||
$value = $default;
|
||||
$value = $default_value;
|
||||
|
||||
if (null !== $this->session) {
|
||||
$session = $this->session->get('signup');
|
||||
|
||||
@ -1018,7 +1018,7 @@ class Legacy_Checkout {
|
||||
public function next_step($args = []): void {
|
||||
|
||||
/** Redirect the user to the next step */
|
||||
wp_redirect(esc_url_raw($this->get_next_step_link($args)));
|
||||
wp_safe_redirect(esc_url_raw($this->get_next_step_link($args)));
|
||||
|
||||
/** Kill the execution after the redirect */
|
||||
exit;
|
||||
|
||||
@ -1079,6 +1079,13 @@ class Line_Item implements \JsonSerializable {
|
||||
$this->tax_label = $tax_label;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function get_date_created(): string {
|
||||
return $this->date_created;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the amount recurring in a human-friendly way.
|
||||
*
|
||||
@ -1164,7 +1171,7 @@ class Line_Item implements \JsonSerializable {
|
||||
}
|
||||
|
||||
// phpcs:disable;
|
||||
$query = $wpdb->prepare("
|
||||
$query = $wpdb->prepare( "
|
||||
SELECT m.wu_payment_id, m.meta_value as line_items, p.date_created
|
||||
FROM {$wpdb->base_prefix}wu_paymentmeta as m
|
||||
JOIN {$wpdb->base_prefix}wu_payments as p
|
||||
|
||||
@ -360,7 +360,7 @@ abstract class Base_Signup_Field {
|
||||
|
||||
$selected = array_filter($selected);
|
||||
|
||||
$field['html_attr']['data-selected'] = json_encode($selected);
|
||||
$field['html_attr']['data-selected'] = wp_json_encode($selected);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -200,7 +200,7 @@ class Signup_Field_Payment extends Base_Signup_Field {
|
||||
],
|
||||
'wrapper_html_attr' => [
|
||||
'v-cloak' => 1,
|
||||
'v-show' => sprintf('%s.includes(gateway) && order.should_collect_payment && order.has_recurring', json_encode($auto_renewable_gateways)),
|
||||
'v-show' => sprintf('%s.includes(gateway) && order.should_collect_payment && order.has_recurring', wp_json_encode($auto_renewable_gateways)),
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
@ -216,7 +216,7 @@ class Signup_Field_Products extends Base_Signup_Field {
|
||||
});";
|
||||
|
||||
if (did_action('wu-checkout')) {
|
||||
wp_add_inline_script('wu-checkout', sprintf($script, json_encode($products)), 'before');
|
||||
wp_add_inline_script('wu-checkout', sprintf($script, wp_json_encode($products)), 'before');
|
||||
|
||||
return;
|
||||
}
|
||||
@ -225,7 +225,7 @@ class Signup_Field_Products extends Base_Signup_Field {
|
||||
'wp_enqueue_scripts',
|
||||
function () use ($script, $products) {
|
||||
|
||||
wp_add_inline_script('wu-checkout', sprintf($script, json_encode($products)), 'before');
|
||||
wp_add_inline_script('wu-checkout', sprintf($script, wp_json_encode($products)), 'before');
|
||||
},
|
||||
11
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user