diff --git a/core.php b/core.php
index 449f192..a468fbc 100644
--- a/core.php
+++ b/core.php
@@ -51,9 +51,9 @@ public function load()
{
$self = new self();
- add_filter('plugin_action_links_wp-cpt-tables/wp-cpt-tables.php', [$this, 'add_action_links'], 10, 2);
- add_filter('network_admin_plugin_action_links_wp-cpt-tables/wp-cpt-tables.php', [$this, 'add_action_links_network'], 10, 2);
- add_filter('plugin_row_meta', array($this, 'filter_plugin_row_meta'), 10, 2);
+ add_filter('plugin_action_links_wp-cpt-tables/wp-cpt-tables.php', [$this, 'addActionLinks'], 10, 2);
+ add_filter('network_admin_plugin_action_links_wp-cpt-tables/wp-cpt-tables.php', [$this, 'addActionLinksNetwork'], 10, 2);
+ add_filter('plugin_row_meta', array($this, 'filterPluginRowMeta'), 10, 2);
$self->setupAdminFilters();
$self->setupQueryFilters();
@@ -98,6 +98,9 @@ private function setupSettingsPage()
);
}
+ /**
+ * @return void
+ */
private function setupHelper()
{
new WPCPT_Tables_Helper;
@@ -119,24 +122,14 @@ public function deactivate()
flush_rewrite_rules();
}
- /**
- * Gets the option that stores enabled post type tables and unserializes it
- *
- * @return array
- */
- private function getEnabledPostTypes(): array
- {
- return array_values(get_option($this->config['tables_enabled'], []));
- }
-
/**
* Filters the array of row meta for each plugin in the Plugins list table.
*
- * @param string[] $plugin_meta An array of the plugin's metadata.
+ * @param array $plugin_meta An array of the plugin's metadata.
* @param string $plugin_file Path to the plugin file relative to the plugins directory.
- * @return string[] An array of the plugin's metadata.
+ * @return array An array of the plugin's metadata.
*/
- public function filter_plugin_row_meta(array $plugin_meta, $plugin_file)
+ public function filterPluginRowMeta(array $plugin_meta, $plugin_file): array
{
if ('wp-cpt-tables/wp-cpt-tables.php' !== $plugin_file) {
return $plugin_meta;
@@ -145,7 +138,7 @@ public function filter_plugin_row_meta(array $plugin_meta, $plugin_file)
$plugin_meta[] = sprintf(
'%2$s',
'https://www.paypal.com/donate/?hosted_button_id=JNA8L66BWE2AA',
- esc_html_x('Sponsor', 'verb', 'query-monitor')
+ esc_html_x('Buy me a coffee', 'verb', 'wp-cpt-tables')
);
return $plugin_meta;
@@ -156,7 +149,7 @@ public function filter_plugin_row_meta(array $plugin_meta, $plugin_file)
* @param string $file
* @return array
*/
- public function add_action_links($links, $file)
+ public function addActionLinks($links, $file)
{
$settings = '' . __('Settings') . '';
array_unshift($links, $settings);
@@ -172,7 +165,7 @@ public function add_action_links($links, $file)
* @param string $file
* @return array
*/
- public function add_action_links_network($links, $file)
+ public function addActionLinksNetwork($links, $file)
{
$settings = '' . __('Settings') . '';
array_unshift($links, $settings);
diff --git a/lib/AdminFilters.php b/lib/AdminFilters.php
index 26431e4..8c98ea8 100644
--- a/lib/AdminFilters.php
+++ b/lib/AdminFilters.php
@@ -13,6 +13,7 @@ public function __construct()
/**
* Adds post type from GET/POST request to the url if it is an admin page
+ *
* @param string $url
* @return string
*/
@@ -21,7 +22,7 @@ public function updateAdminUrl(string $url): string
if ($this->isAdminPage($url)) {
$url .= sprintf(
'&post_type=%s',
- $_POST['post_type'] ?? $_GET['post_type'] ?? ''
+ esc_attr($_POST['post_type']) ?? esc_attr($_GET['post_type']) ?? ''
);
}
@@ -30,6 +31,7 @@ public function updateAdminUrl(string $url): string
/**
* Returns true is the current page is in the Wordpress admin
+ *
* @param string $url
* @return boolean
*/
diff --git a/lib/Helper.php b/lib/Helper.php
index d2bdddc..b124dca 100644
--- a/lib/Helper.php
+++ b/lib/Helper.php
@@ -19,10 +19,9 @@ public function __construct()
* Check if plugin is installed by getting all plugins from the plugins dir
*
* @param $plugin_slug
- *
* @return bool
*/
- public function checkPluginInstalled($plugin_slug): bool
+ public function checkPluginInstalled(string $plugin_slug): bool
{
$installed_plugins = get_plugins();
@@ -33,10 +32,9 @@ public function checkPluginInstalled($plugin_slug): bool
* Check if plugin is installed
*
* @param string $plugin_slug
- *
* @return bool
*/
- public function checkPluginActive($plugin_slug): bool
+ public function checkPluginActive(string $plugin_slug): bool
{
if (is_plugin_active($plugin_slug)) {
return true;
@@ -45,7 +43,15 @@ public function checkPluginActive($plugin_slug): bool
return false;
}
- public function getCount($table, $type = '')
+ /**
+ * Count the number of rows in a table
+ *
+ * @param string $table
+ * @param string $type
+ *
+ * @return int
+ */
+ public function getCount(string $table, string $type = '')
{
global $wpdb;
diff --git a/lib/Notices.php b/lib/Notices.php
index 8c85797..62ca352 100644
--- a/lib/Notices.php
+++ b/lib/Notices.php
@@ -66,7 +66,7 @@ public function displayFlashNotices()
'',
esc_attr($notice['type']),
esc_attr($notice['dismissible']),
- $notice['notice']
+ wp_kses_post($notice['notice'])
);
}
diff --git a/lib/QueryFilters.php b/lib/QueryFilters.php
index 59520fa..0471619 100644
--- a/lib/QueryFilters.php
+++ b/lib/QueryFilters.php
@@ -87,7 +87,7 @@ public function getPostTypeFromRequest(string $query)
preg_match("/`?post_type`?\s*=\s*'([a-zA-Z_]*)'/", $query, $postType);
if ($postType = array_pop($postType)) {
- if (isset($_GET['post_type']) && $_GET['post_type'] == $postType) {
+ if (isset($_GET['post_type']) && sanitize_key($_GET['post_type']) == $postType) {
return $postType;
}
}
@@ -162,7 +162,7 @@ public function getPostIdsFromQuery(string $query): ?string
* @param string $ids
* @return string
*/
- public function getPostTypeById($ids): ?string
+ public function getPostTypeById(string $ids): ?string
{
$key = __METHOD__ . $ids;
diff --git a/lib/SettingsPage.php b/lib/SettingsPage.php
index b88421a..39740b1 100644
--- a/lib/SettingsPage.php
+++ b/lib/SettingsPage.php
@@ -71,8 +71,10 @@ class WPCPT_Tables_SettingsPage
*
* @param WPCPT_Tables_Table $table
* @param WPCPT_Tables_Triggers $triggers
+ * @param array $config
+ * @return void
*/
- public function __construct(WPCPT_Tables_Table $table, WPCPT_Tables_Triggers $triggers, $config)
+ public function __construct(WPCPT_Tables_Table $table, WPCPT_Tables_Triggers $triggers, array $config)
{
// $this->enqueue_styles();
$this->notices = new WPCPT_Tables_Notices;
@@ -85,13 +87,13 @@ public function __construct(WPCPT_Tables_Table $table, WPCPT_Tables_Triggers $tr
$this->redirect_uri = admin_url('options-general.php?page=' . $this->config['plugin_slug']);
- if (isset($_GET['action']) && $_GET['action'] == 'migrate' && isset($_GET['type'])) {
- $this->startMigrateCustomPostType($_GET['type']);
+ if (isset($_GET['action']) && sanitize_key($_GET['action']) == 'migrate' && isset($_GET['type'])) {
+ $this->startMigrateCustomPostType(sanitize_key($_GET['type']));
exit;
}
- if (isset($_GET['action']) && $_GET['action'] == 'revert' && isset($_GET['type'])) {
- $this->startRevertCustomPostType($_GET['type']);
+ if (isset($_GET['action']) && sanitize_key($_GET['action']) == 'revert' && isset($_GET['type'])) {
+ $this->startRevertCustomPostType(sanitize_key($_GET['type']));
exit;
}
@@ -100,6 +102,8 @@ public function __construct(WPCPT_Tables_Table $table, WPCPT_Tables_Triggers $tr
/**
* Add settings page to admin settings menu
+ *
+ * @return void
*/
public function addSettingsPage()
{
@@ -141,13 +145,11 @@ public function showSettingsPage()
private function startRevertCustomPostType($postType)
{
$enabledPostTypes = $this->getEnabledPostTypes();
- error_log(print_r($enabledPostTypes, true));
if (($key = array_search($postType, $enabledPostTypes)) !== false) {
unset($enabledPostTypes[$key]);
$enabledPostTypes = array_values($enabledPostTypes);
update_option($this->config['tables_enabled'], $enabledPostTypes, true);
}
- error_log(print_r($enabledPostTypes, true));
$this->triggers->create($enabledPostTypes);
@@ -179,11 +181,11 @@ private function revertCustomPostType($postTypes)
*
* @return array
*/
- private function startMigrateCustomPostType($postType)
+ private function startMigrateCustomPostType(string $postType)
{
$enabledPostTypes = $this->getEnabledPostTypes();
if (!in_array($postType, $enabledPostTypes)) {
- $enabledPostTypes[] = $postType;
+ $enabledPostTypes[] = esc_attr($postType);
update_option($this->config['tables_enabled'], array_values($enabledPostTypes), true);
}
diff --git a/lib/Triggers.php b/lib/Triggers.php
index 686aa3f..d2026e5 100644
--- a/lib/Triggers.php
+++ b/lib/Triggers.php
@@ -68,8 +68,6 @@ public function create(array $tables)
*/
public function deleteAllTrigger(array $tables)
{
- global $wpdb;
-
$this->db->value("DROP TRIGGER IF EXISTS " . $this->db->escape($this->config['prefix'] . $this->insertPostTrigger));
$this->db->value("DROP TRIGGER IF EXISTS " . $this->db->escape($this->config['prefix'] . $this->insertMetaTrigger));
diff --git a/readme.txt b/readme.txt
index ea1c1fb..80f0103 100644
--- a/readme.txt
+++ b/readme.txt
@@ -3,7 +3,7 @@ Donate link: https://www.paypal.com/donate/?hosted_button_id=JNA8L66BWE2AA
Tags: custom post types, CPT, CMS, post, types, post type, custom, content types, custom content types, post types
Requires at least: 5.9
Tested up to: 6.1.1
-Stable tag: 1.0.4
+Stable tag: 1.0.5
Requires PHP: 7.1
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html
diff --git a/settings.php b/settings.php
index 8bd8b1e..2f08f08 100644
--- a/settings.php
+++ b/settings.php
@@ -159,11 +159,11 @@
else : $bgcolor = 'white';
endif; ?>
-
Name: |
- |
- |
- |
- Revert |
+
Name: |
+ |
+ |
+ |
+ Revert |
diff --git a/wp-cpt-tables.php b/wp-cpt-tables.php
index d6d67fe..ce41dd7 100644
--- a/wp-cpt-tables.php
+++ b/wp-cpt-tables.php
@@ -4,7 +4,7 @@
* Plugin Name: CPT Tables
* Plugin URI: https://wordpress.org/plugins/cpt-tables/
* Description: Allow storing custom post types in their own tables in order to make querying large datasets more efficient
- * Version: 1.0.4
+ * Version: 1.0.5
* Requires at least: 5.9
* Requires PHP: 7.1
* Author: Sebastian Klaus