FIX: phpcs & enable workflows

Crocoblock · Aug 9, 2023 · 839a038 · 839a038
1 parent ab57541
commit 839a038
Show file tree

Hide file tree

Showing 73 changed files with 256 additions and 133 deletions.
diff --git a/.github/workflows/php.lint.test.yml b/.github/workflows/php.lint.test.yml
@@ -3,16 +3,16 @@ name: PHP Lint & Test
 on:
     # allow to manually run this workflow from the UI
     workflow_dispatch:
-#    push:
-#        paths:
-#            - '**.php'
-#        branches:
-#            - main
-#    pull_request:
-#        paths:
-#            - '**.php'
-#        branches:
-#            - main
+    push:
+        paths:
+            - '**.php'
+        branches:
+            - main
+    pull_request:
+        paths:
+            - '**.php'
+        branches:
+            - main
 
 env:
     DB_HOST: 127.0.0.1

diff --git a/compatibility/jet-engine/preset-sources/preset-source-options-page.php b/compatibility/jet-engine/preset-sources/preset-source-options-page.php
@@ -32,7 +32,12 @@ public function query_source() {
 		$item = jet_engine()->options_pages->registered_pages[ $this->page ] ?? false;
 
 		if ( ! $item ) {
-			throw new Preset_Exception( "Undefined option page: {$this->page}" );
+			throw new Preset_Exception(
+				sprintf(
+					'Undefined option page: %s',
+					esc_html( $this->page )
+				)
+			);
 		}
 
 		return $item;

diff --git a/...ility/woocommerce/methods/wc-product-modification/product-catalog-visibility-property.php b/...ility/woocommerce/methods/wc-product-modification/product-catalog-visibility-property.php
@@ -44,7 +44,7 @@ public function get_value( Abstract_Modifier $modifier ) {
 		try {
 			$product->set_catalog_visibility( $this->value );
 		} catch ( \WC_Data_Exception $exception ) {
-			throw new Action_Exception( $exception->getMessage() );
+			throw new Action_Exception( esc_html( $exception->getMessage() ) );
 		}
 	}
 

diff --git a/compatibility/woocommerce/methods/wc-product-modification/product-id-property.php b/compatibility/woocommerce/methods/wc-product-modification/product-id-property.php
@@ -25,7 +25,7 @@ public function do_before( string $key, $value, Abstract_Modifier $modifier ) {
 		try {
 			$this->value = new \WC_Product( $value );
 		} catch ( \Exception $exception ) {
-			throw new Action_Exception( $exception->getMessage() );
+			throw new Action_Exception( esc_html( $exception->getMessage() ) );
 		}
 	}
 

diff --git a/compatibility/woocommerce/methods/wc-product-modification/product-sku-property.php b/compatibility/woocommerce/methods/wc-product-modification/product-sku-property.php
@@ -34,7 +34,7 @@ public function get_value( Abstract_Modifier $modifier ) {
 		try {
 			$product->set_sku( $this->value );
 		} catch ( \WC_Data_Exception $exception ) {
-			throw new Action_Exception( $exception->getMessage() );
+			throw new Action_Exception( esc_html( $exception->getMessage() ) );
 		}
 	}
 }
diff --git a/compatibility/woocommerce/methods/wc-product-modification/product-tax-status-property.php b/compatibility/woocommerce/methods/wc-product-modification/product-tax-status-property.php
@@ -36,7 +36,7 @@ public function get_value( Abstract_Modifier $modifier ) {
 		try {
 			$product->set_tax_status( $this->value );
 		} catch ( \WC_Data_Exception $exception ) {
-			throw new Action_Exception( $exception->getMessage() );
+			throw new Action_Exception( esc_html( $exception->getMessage() ) );
 		}
 	}
 

diff --git a/components/repository/repository-aborts-trait.php b/components/repository/repository-aborts-trait.php
@@ -1,5 +1,4 @@
-<?php
-
+<?php // phpcs:ignore Internal.Exception
 
 namespace JFB_Components\Repository;
 
@@ -10,10 +9,10 @@
 	die;
 }
 
-// phpcs:disable PSR2.Methods.MethodDeclaration.Underscore
-
 trait Repository_Aborts_Trait {
 
+	// phpcs:disable PSR2.Methods.MethodDeclaration.Underscore
+
 	/**
 	 * @throws Repository_Exception
 	 */
@@ -47,4 +46,6 @@ final public function _rep_abort_and_die_code() {
 		return 3;
 	}
 
+	// phpcs:enable PSR2.Methods.MethodDeclaration.Underscore
+
 }
diff --git a/components/repository/repository-pattern-trait.php b/components/repository/repository-pattern-trait.php
@@ -1,9 +1,7 @@
-<?php
-
+<?php // phpcs:ignore Internal.Exception
 
 namespace JFB_Components\Repository;
 
-use Jet_Form_Builder\Exceptions\Handler_Exception;
 use Jet_Form_Builder\Exceptions\Repository_Exception;
 
 // If this file is called directly, abort.
@@ -47,6 +45,7 @@ public function rep_install( $instances = array() ) {
 						esc_html( $exception->getMessage() ),
 						'2.0.0'
 					);
+					break;
 			}
 		}
 

diff --git a/includes/actions/conditions/condition-manager.php b/includes/actions/conditions/condition-manager.php
@@ -127,13 +127,17 @@ public function check_all() {
 						return;
 					case self::THROW_IF_ONE_WRONG:
 					default:
-						throw new Condition_Exception( $exception->getMessage(), ...$exception->get_additional() );
+						throw new Condition_Exception(
+							esc_html( $exception->getMessage() ),
+							// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+							...$exception->get_additional()
+						);
 				}
 			}
 		}
 
 		if ( 'or' === $this->operator ) {
-			throw new Condition_Exception( 'None of the conditions are met' );
+			throw new Condition_Exception( esc_html__( 'None of the conditions are met', 'jet-form-builder' ) );
 		}
 	}
 
@@ -168,16 +172,18 @@ public function throw_by_method( $is_success, ...$additional ) {
 			case 'or':
 				if ( $is_success ) {
 					throw new Condition_Silence_Exception(
+						// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 						self::THROW_IF_ONE_MATCH,
-						...$additional
+						...$additional // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 					);
 				}
 				break;
 			case 'and':
 				if ( ! $is_success ) {
 					throw new Condition_Silence_Exception(
+						// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 						self::THROW_IF_ONE_WRONG,
-						...$additional
+						...$additional // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 					);
 				}
 				break;

diff --git a/includes/actions/events/default-process/default-with-gateway-executor.php b/includes/actions/events/default-process/default-with-gateway-executor.php
@@ -1,10 +1,10 @@
-<?php
+<?php // phpcs:ignore Internal.Exception
 
 
 namespace Jet_Form_Builder\Actions\Events\Default_Process;
 
 use Jet_Form_Builder\Actions\Types\Base;
-use Jet_Form_Builder\Actions\Types\Save_Record;
+use JFB_Modules\Form_Record\Action_Types\Save_Record;
 use Jet_Form_Builder\Exceptions\Action_Exception;
 use Jet_Form_Builder\Exceptions\Gateway_Exception;
 use Jet_Form_Builder\Exceptions\Repository_Exception;

diff --git a/includes/actions/methods/post-modification/insert-action.php b/includes/actions/methods/post-modification/insert-action.php
@@ -37,7 +37,7 @@ public function do_action() {
 
 		throw new Action_Exception(
 			'failed',
-			$this->inserted_id->get_error_message()
+			esc_html( $this->inserted_id->get_error_message() )
 		);
 	}
 }
diff --git a/includes/actions/methods/post-modification/post-id-property.php b/includes/actions/methods/post-modification/post-id-property.php
@@ -34,7 +34,7 @@ public function can_attach( string $key, $value ): bool {
 			return false;
 		}
 		if ( empty( $value ) ) {
-			throw new Action_Exception( 'empty_field', $key );
+			throw new Action_Exception( 'empty_field', esc_html( $key ) );
 		}
 
 		$post = get_post( (int) $value );
@@ -50,7 +50,7 @@ public function can_attach( string $key, $value ): bool {
 			throw new Action_Exception(
 				'failed',
 				array(
-					'post' => $post,
+					'post' => $post, // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 				)
 			);
 		}

diff --git a/includes/actions/methods/post-modification/update-action.php b/includes/actions/methods/post-modification/update-action.php
@@ -37,7 +37,7 @@ public function do_action() {
 
 		throw new Action_Exception(
 			'failed',
-			$this->inserted_id->get_error_message()
+			esc_html( $this->inserted_id->get_error_message() )
 		);
 	}
 }
diff --git a/includes/actions/methods/update-user/update-action.php b/includes/actions/methods/update-user/update-action.php
@@ -26,8 +26,8 @@ public function do_action() {
 
 		if ( is_wp_error( $response ) ) {
 			throw new Action_Exception(
-				$response->get_error_message(),
-				$response->get_error_data()
+				esc_html( $response->get_error_message() ),
+				esc_html( $response->get_error_data() )
 			);
 		}
 	}

diff --git a/includes/actions/methods/update-user/user-id-property.php b/includes/actions/methods/update-user/user-id-property.php
@@ -55,6 +55,7 @@ public function do_before( string $key, $value, Abstract_Modifier $modifier ) {
 		$this->user = get_user_by( 'ID', $this->value );
 
 		if ( ! is_a( $this->user, \WP_User::class ) ) {
+			// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 			throw new Action_Exception( 'internal_error', $this->user, $this->value );
 		}
 	}

diff --git a/includes/actions/types/call-hook.php b/includes/actions/types/call-hook.php
@@ -43,7 +43,10 @@ public function action_attributes() {
 	public function do_action( array $request, Action_Handler $handler ) {
 
 		if ( empty( $this->settings['hook_name'] ) ) {
-			throw new Action_Exception( 'failed', $this->settings );
+			throw new Action_Exception(
+				'failed',
+				esc_html__( 'Empty hook name', 'jet-form-builder' )
+			);
 		}
 
 		/**

diff --git a/includes/actions/types/call-webhook.php b/includes/actions/types/call-webhook.php
@@ -37,7 +37,10 @@ public function do_action( array $request, Action_Handler $handler ) {
 		$webhook_url = ! empty( $this->settings['webhook_url'] ) ? trim( $this->settings['webhook_url'] ) : false;
 
 		if ( ! $webhook_url ) {
-			throw new Action_Exception( 'failed', $this->settings );
+			throw new Action_Exception(
+				'failed',
+				esc_html__( 'Empty webhook url', 'jet-form-builder' )
+			);
 		}
 
 		$args = array(
@@ -71,7 +74,11 @@ public function do_action( array $request, Action_Handler $handler ) {
 		$response = wp_remote_post( $webhook_url, $args );
 
 		if ( $response instanceof \WP_Error ) {
-			throw new Action_Exception( 'failed', $response );
+			throw new Action_Exception(
+				'failed',
+				esc_html__( 'Remote request returned error', 'jet-form-builder' ),
+				$response // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+			);
 		}
 		/**
 		 * Fires whe webhook response received

diff --git a/includes/actions/types/getresponse.php b/includes/actions/types/getresponse.php
@@ -121,7 +121,7 @@ public function do_action( array $request, Action_Handler $handler ) {
 			throw new Action_Exception(
 				'empty_field',
 				array(
-					'email' => $body_args['email'],
+					'email' => esc_html( $body_args['email'] ),
 				)
 			);
 		}
@@ -139,7 +139,11 @@ public function do_action( array $request, Action_Handler $handler ) {
 
 		// Error response
 		if ( isset( $response['httpStatus'] ) && isset( $response['code'] ) ) {
-			throw new Action_Exception( "derror|{$response['message']}", $response );
+			throw new Action_Exception(
+				esc_html( "derror|{$response['message']}" ),
+				// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+				$response
+			);
 		}
 	}
 

diff --git a/includes/actions/types/mailchimp.php b/includes/actions/types/mailchimp.php
@@ -1,4 +1,4 @@
-<?php
+<?php // phpcs:ignore Internal.Exception
 
 namespace Jet_Form_Builder\Actions\Types;
 
@@ -299,6 +299,7 @@ private function get_body_args( $fields_map ) {
 					break;
 				default:
 					$body_args['merge_fields'][ $param ] = $this->request[ $field ];
+					break;
 			}
 		}
 

diff --git a/includes/actions/types/redirect-to-page.php b/includes/actions/types/redirect-to-page.php
@@ -127,6 +127,7 @@ public function do_action( array $request, Action_Handler $handler ) {
 		$to_url = $this->get_redirect_url();
 
 		if ( ! $to_url ) {
+			// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 			throw new Action_Exception( 'failed', $this->settings );
 		}
 

diff --git a/includes/actions/types/register-user.php b/includes/actions/types/register-user.php
@@ -284,6 +284,7 @@ public function do_action( array $request, Action_Handler $handler ) {
 				jet_fb_context()->update_request( $user_id, 'user_id' );
 			}
 		} else {
+			// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 			throw new Action_Exception( 'failed', $userarr );
 		}
 	}

diff --git a/includes/actions/types/send-email.php b/includes/actions/types/send-email.php
@@ -2,13 +2,13 @@
 
 namespace Jet_Form_Builder\Actions\Types;
 
-// If this file is called directly, abort.
 use Jet_Form_Builder\Actions\Action_Handler;
 use Jet_Form_Builder\Classes\Tools;
 use Jet_Form_Builder\Dev_Mode;
 use Jet_Form_Builder\Exceptions\Action_Exception;
 use Jet_Form_Builder\Request\Request_Tools;
 
+// If this file is called directly, abort.
 if ( ! defined( 'WPINC' ) ) {
 	die;
 }
@@ -254,10 +254,10 @@ function ( \WP_Error $wp_error ) {
 			throw new Action_Exception(
 				'failed',
 				array(
-					'to'      => $this->get_mail_to(),
-					'subject' => $this->get_subject(),
-					'message' => $message,
-					'headers' => $this->get_headers(),
+					'to'      => $this->get_mail_to(), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+					'subject' => $this->get_subject(), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+					'message' => $message, // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+					'headers' => $this->get_headers(), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 				)
 			);
 		}

diff --git a/includes/admin/single-pages/base-single-page.php b/includes/admin/single-pages/base-single-page.php
@@ -73,7 +73,9 @@ public function query_id(): int {
 	 */
 	public function set_id( int $id ): Base_Single_Page {
 		if ( ! $id ) {
-			throw new Not_Found_Page_Exception( 'Item id is empty: ' . $id . ' in ' . static::class );
+			throw new Not_Found_Page_Exception(
+				esc_html( 'Item id is empty: ' . $id . ' in ' . static::class )
+			);
 		}
 		$this->id = $id;
 

diff --git a/includes/admin/single-pages/meta-boxes/base-meta-box.php b/includes/admin/single-pages/meta-boxes/base-meta-box.php
@@ -87,7 +87,11 @@ public function to_array(): array {
 		try {
 			$this->prepare_dependencies();
 		} catch ( Sql_Exception $exception ) {
-			throw new Empty_Box_Exception( $exception->getMessage(), ...$exception->get_additional() );
+			throw new Empty_Box_Exception(
+				esc_html( $exception->getMessage() ),
+				// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+				...$exception->get_additional()
+			);
 		}
 
 		return array(

diff --git a/includes/admin/single-pages/meta-containers/base-meta-container.php b/includes/admin/single-pages/meta-containers/base-meta-container.php
@@ -77,7 +77,7 @@ public function get_box_by_scope( string $scoped_slug ): Base_Meta_Box {
 			}
 		}
 
-		throw new Repository_Exception( 'Undefined ' . $scoped_slug );
+		throw new Repository_Exception( esc_html( 'Undefined ' . $scoped_slug ) );
 	}
 
 	public function get_migrations(): \Generator {
-Original file line number
+Diff line change
@@ Expand Up @@
     			}
     		}
-    		throw new Repository_Exception( 'Undefined ' . $scoped_slug );
+    		throw new Repository_Exception( esc_html( 'Undefined ' . $scoped_slug ) );
     	}
     	public function get_migrations(): \Generator {
@@ Expand Down @@