Merge pull request #363 from Automattic/fix/lint-errors

Lint: now clean
This commit is contained in:
Matthias Pfefferle 2023-07-19 09:38:58 +02:00 committed by GitHub
commit 3eab03225b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 42 additions and 21 deletions

View file

@ -109,6 +109,7 @@ if ( \WP_DEBUG && file_exists( $debug_file ) && is_readable( $debug_file ) ) {
* Add plugin settings link
*/
function plugin_settings_link( $actions ) {
$settings_link = array();
$settings_link[] = \sprintf(
'<a href="%1s">%2s</a>',
\menu_page_url( 'activitypub', false ),

View file

@ -205,13 +205,17 @@ class Admin {
if ( ! isset( $_REQUEST['_apnonce'] ) ) {
return false;
}
$nonce = sanitize_text_field( wp_unslash( $_REQUEST['_apnonce'] ) );
if (
! wp_verify_nonce( $_REQUEST['_apnonce'], 'activitypub-user-description' ) ||
! wp_verify_nonce( $nonce, 'activitypub-user-description' ) ||
! current_user_can( 'edit_user', $user_id )
) {
return false;
}
update_user_meta( $user_id, 'activitypub_user_description', sanitize_text_field( $_POST['activitypub-user-description'] ) );
$description = ! empty( $_POST['activitypub-user-description'] ) ? sanitize_text_field( wp_unslash( $_POST['activitypub-user-description'] ) ) : false;
if ( $description ) {
update_user_meta( $user_id, 'activitypub_user_description', $description );
}
}
public static function enqueue_scripts( $hook_suffix ) {

View file

@ -125,7 +125,7 @@ class Health_Check {
\sprintf(
// translators: %s: Author URL
\__(
'<p>Your author URL <code>%s</code> was replaced, this is often done by plugins.</p>',
'Your author URL <code>%s</code> was replaced, this is often done by plugins.',
'activitypub'
),
$author_url
@ -148,7 +148,7 @@ class Health_Check {
\sprintf(
// translators: %s: Author URL
\__(
'<p>Your author URL <code>%s</code> is not accessible. Please check your WordPress setup or permalink structure. If the setup seems fine, maybe check if a plugin might restrict the access.</p>',
'Your author URL <code>%s</code> is not accessible. Please check your WordPress setup or permalink structure. If the setup seems fine, maybe check if a plugin might restrict the access.',
'activitypub'
),
$author_url
@ -165,7 +165,7 @@ class Health_Check {
\sprintf(
// translators: %s: Author URL
\__(
'<p>Your author URL <code>%s</code> is redirecting to another page, this is often done by SEO plugins like "Yoast SEO".</p>',
'Your author URL <code>%s</code> is redirecting to another page, this is often done by SEO plugins like "Yoast SEO".',
'activitypub'
),
$author_url
@ -182,7 +182,7 @@ class Health_Check {
\sprintf(
// translators: %s: Author URL
\__(
'<p>Your author URL <code>%s</code> does not return valid JSON for <code>application/activity+json</code>. Please check if your hosting supports alternate <code>Accept</code> headers.</p>',
'Your author URL <code>%s</code> does not return valid JSON for <code>application/activity+json</code>. Please check if your hosting supports alternate <code>Accept</code> headers.',
'activitypub'
),
$author_url
@ -204,21 +204,32 @@ class Health_Check {
$url = \Activitypub\Webfinger::resolve( $account );
if ( \is_wp_error( $url ) ) {
$allowed = array( 'code' => array() );
$not_accessible = wp_kses(
// translators: %s: Author URL
\__(
'Your WebFinger endpoint <code>%s</code> is not accessible. Please check your WordPress setup or permalink structure.',
'activitypub'
),
$allowed
);
$invalid_response = wp_kses(
// translators: %s: Author URL
\__(
'Your WebFinger endpoint <code>%s</code> does not return valid JSON for <code>application/jrd+json</code>.',
'activitypub'
),
$allowed
);
$health_messages = array(
'webfinger_url_not_accessible' => \sprintf(
// translators: %s: Author URL
\__(
'<p>Your WebFinger endpoint <code>%s</code> is not accessible. Please check your WordPress setup or permalink structure.</p>',
'activitypub'
),
$not_accessible,
$url->get_error_data()
),
'webfinger_url_invalid_response' => \sprintf(
// translators: %s: Author URL
\__(
'<p>Your WebFinger endpoint <code>%s</code> does not return valid JSON for <code>application/jrd+json</code>.</p>',
'activitypub'
),
$invalid_response,
$url->get_error_data()
),
);

View file

@ -256,7 +256,7 @@ function is_activitypub_request() {
* is to send an Accept header.
*/
if ( isset( $_SERVER['HTTP_ACCEPT'] ) ) {
$accept = $_SERVER['HTTP_ACCEPT'];
$accept = sanitize_text_field( wp_unslash( $_SERVER['HTTP_ACCEPT'] ) );
/*
* $accept can be a single value, or a comma separated list of values.
@ -347,7 +347,7 @@ if ( ! function_exists( 'get_self_link' ) ) {
*/
function get_self_link() {
$host = wp_parse_url( home_url() );
return esc_url( apply_filters( 'self_link', set_url_scheme( 'http://' . $host['host'] . wp_unslash( $_SERVER['REQUEST_URI'] ) ) ) );
$path = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '';
return esc_url( apply_filters( 'self_link', set_url_scheme( 'http://' . $host['host'] . $path ) ) );
}
}

View file

@ -119,8 +119,8 @@ class Followers extends WP_List_Table {
if ( ! isset( $_REQUEST['followers'] ) || ! isset( $_REQUEST['_apnonce'] ) ) {
return false;
}
if ( ! wp_verify_nonce( $_REQUEST['_apnonce'], 'activitypub-followers-list' ) ) {
$nonce = sanitize_text_field( wp_unslash( $_REQUEST['_apnonce'] ) );
if ( ! wp_verify_nonce( $nonce, 'activitypub-followers-list' ) ) {
return false;
}

View file

@ -1,3 +1,6 @@
<?php
// phpcs:disable VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable
?>
<div class="activitypub-settings-header">
<div class="activitypub-settings-title-section">
<h1><?php \esc_html_e( 'ActivityPub', 'activitypub' ); ?></h1>

View file

@ -1,4 +1,6 @@
<?php $user = \Activitypub\Collection\Users::get_by_id( \get_current_user_id() ); ?>
<?php
// phpcs:disable VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable
$user = \Activitypub\Collection\Users::get_by_id( \get_current_user_id() ); ?>
<h2 id="activitypub"><?php \esc_html_e( 'ActivityPub', 'activitypub' ); ?></h2>
<table class="form-table">