Prep Plugin for release on WordPress.org (#23)

* Update translation text domain * Escape everything that should be escaped. * Add nonce checks where needed. * Sanitize all inputs. * Apply Code style changes across the codebase. * Correct many deprecation notices. * Optimize load order of many filters. * Add Proper Build script * Use emojii flags * Fix i18n deprecation notice for translating too early * Put all scripts in footer and load async
2025-04-14 11:36:46 -06:00
parent a31cfcb565
commit d88e50df38
1087 changed files with 12586 additions and 18535 deletions
--- a/views/shortcodes/shortcodes.php
+++ b/views/shortcodes/shortcodes.php
@ -8,7 +8,7 @@

 <div id="wp-ultimo-wrap" class="<?php wu_wrap_use_container(); ?> wrap">

-	<h1 class="wp-heading-inline"><?php _e('Available Shortcodes', 'wp-ultimo'); ?></h1>
+	<h1 class="wp-heading-inline"><?php esc_html_e('Available Shortcodes', 'wp-multisite-waas'); ?></h1>

 	<div id="poststuff">
 	<div id="post-body" class="">
@ -22,19 +22,19 @@

 				<div class="wu-bg-gray-100 wu-py-4 wu-w-full wu-box-border wu-p-4 wu-py-5 wu-m-0 wu-border-b wu-border-l-0 wu-border-r-0 wu-border-t-0 wu-border-gray-300 wu-border-solid">
 					<a  
-					href="<?php echo $shortcode['generator_form_url']; ?>" 
+					href="<?php echo esc_url($shortcode['generator_form_url']); ?>" 
 					class="wu-float-right wubox wu-no-underline wu-text-gray-600"
-					title="<?php _e('Generator', 'wp-ultimo'); ?>"
+					title="<?php esc_html_e('Generator', 'wp-multisite-waas'); ?>"
 					>
 					<span class="dashicons-wu-rocket"></span>
-					<?php _e('Generator', 'wp-ultimo'); ?>
+					<?php esc_html_e('Generator', 'wp-multisite-waas'); ?>
 					</a>  
 					<div class="wu-block">
 					<h3 class="wu-my-1 wu-text-base wu-text-gray-800">
-						<?php echo $shortcode['title']; ?> <code>[<?php echo $shortcode['shortcode']; ?>]</code>
+						<?php echo esc_html($shortcode['title']); ?> <code>[<?php echo esc_html($shortcode['shortcode']); ?>]</code>
 					</h3>
 					<p class="wu-mt-1 wu-mb-0 wu-text-gray-700">
-						<?php echo $shortcode['description']; ?>
+						<?php echo $shortcode['description']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
 					</p>
 					</div>
 				</div>
@ -43,31 +43,31 @@
 					<table class="wu-table-auto striped wu-w-full">
 					<tr>
 						<th class="wu-px-4 wu-py-2 wu-w-3/12 wu-text-left">
-						<?php _e('Parameter', 'wp-ultimo'); ?>
+						<?php esc_html_e('Parameter', 'wp-multisite-waas'); ?>
 						</th>
 						<th class="wu-px-4 wu-py-2 wu-w-4/12 wu-text-left">
-						<?php _e('Description', 'wp-ultimo'); ?>
+						<?php esc_html_e('Description', 'wp-multisite-waas'); ?>
 						</th>
 						<th class="wu-px-4 wu-py-2 wu-w-3/12 wu-text-left">
-						<?php _e('Accepted Values', 'wp-ultimo'); ?>
+						<?php esc_html_e('Accepted Values', 'wp-multisite-waas'); ?>
 						</th>
 						<th class="wu-px-4 wu-py-2 wu-w-2/12 wu-text-left">
-						<?php _e('Default Value', 'wp-ultimo'); ?>
+						<?php esc_html_e('Default Value', 'wp-multisite-waas'); ?>
 						</th>
 					</tr>
 					<?php foreach ($shortcode['params'] as $param => $value) { ?>
 						<tr>
 						<td class="wu-px-4 wu-py-2 wu-text-left">
-							<?php echo $param; ?>
+							<?php echo esc_html($param); ?>
 						</td>
 						<td class="wu-px-4 wu-py-2 wu-text-left">
-							<?php echo $value['desc']; ?>
+							<?php echo $value['desc']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped ?>
 						</td>
 						<td class="wu-px-4 wu-py-2 wu-text-left">
-							<?php echo $value['options']; ?>
+							<?php echo esc_html($value['options']); ?>
 						</td>
 						<td class="wu-px-4 wu-py-2 wu-text-left">
-							<?php echo $value['default']; ?>
+							<?php echo esc_html($value['default']); ?>
 						</td>
 						</tr>
 					<?php } ?>