Ensure that snippets currently being saved are not executed twice.

codesnippetspro · May 19, 2023 · 17f6308 · 17f6308
1 parent c931d92
commit 17f6308
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 35 deletions.
diff --git a/php/class-admin.php b/php/class-admin.php
@@ -56,10 +56,6 @@ public function run() {
 		add_filter( 'plugin_row_meta', array( $this, 'plugin_meta_links' ), 10, 2 );
 		add_filter( 'debug_information', array( $this, 'debug_information' ) );
 		add_action( 'code_snippets/admin/manage', array( $this, 'print_notices' ) );
-
-		if ( ! empty( $_POST['save_snippet'] ) ) {
-			add_action( 'code_snippets/allow_execute_snippet', array( $this, 'prevent_exec_on_save' ), 10, 3 );
-		}
 	}
 
 	/**
@@ -82,36 +78,6 @@ public function mu_menu_items( array $menu_items ): array {
 		return $menu_items;
 	}
 
-	/**
-	 * Prevent the snippet currently being saved from being executed
-	 * so that it is not run twice (once normally, once when validated)
-	 *
-	 * @param bool   $exec       Whether the snippet will be executed.
-	 * @param int    $exec_id    ID of the snippet being executed.
-	 * @param string $table_name Name of the database table the snippet is stored in.
-	 *
-	 * @return bool Whether the snippet will be executed.
-	 */
-	public function prevent_exec_on_save( bool $exec, int $exec_id, string $table_name ): bool {
-
-		// TODO: make this work for AJAX method.
-		if ( ! isset( $_POST['save_snippet'], $_POST['snippet_id'] ) ) {
-			return $exec;
-		}
-
-		if ( code_snippets()->db->get_table_name() !== $table_name ) {
-			return $exec;
-		}
-
-		$id = intval( $_POST['snippet_id'] );
-
-		if ( $id === $exec_id ) {
-			return false;
-		}
-
-		return $exec;
-	}
-
 	/**
 	 * Adds a link pointing to the Manage Snippets page
 	 *

diff --git a/php/rest-api/class-snippets-rest-controller.php b/php/rest-api/class-snippets-rest-controller.php
@@ -59,6 +59,15 @@ public static function get_base_route(): string {
 		return REST_API_NAMESPACE . self::VERSION . '/' . self::BASE_ROUTE;
 	}
 
+	/**
+	 * Retrieve the full base route including the REST API prefix.
+	 *
+	 * @return string
+	 */
+	public static function get_prefixed_base_route(): string {
+		return '/' . rtrim( rest_get_url_prefix(), '/\\' ) . '/' . self::get_base_route();
+	}
+
 	/**
 	 * Register REST routes.
 	 */

diff --git a/php/snippet-ops.php b/php/snippet-ops.php
@@ -7,6 +7,7 @@
 
 namespace Code_Snippets;
 
+use Code_Snippets\REST_API\Snippets_REST_Controller;
 use ParseError;
 
 /**
@@ -610,6 +611,22 @@ function execute_active_snippets(): bool {
 	$scopes = array( 'global', 'single-use', is_admin() ? 'admin' : 'front-end' );
 	$data = $db->fetch_active_snippets( $scopes );
 
+	// Detect if a snippet is currently being edited, and if so, spare it from execution.
+	$edit_id = 0;
+	$edit_table = '';
+
+	if ( wp_is_json_request() && ! empty( $_SERVER['REQUEST_URI'] ) ) {
+		$url = wp_parse_url( esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
+
+		if ( false !== strpos( $url['path'], Snippets_REST_Controller::get_prefixed_base_route() ) ) {
+			$path_parts = explode( '/', $url['path'] );
+			wp_parse_str( $url['query'], $path_params );
+			$edit_id = intval( end( $path_parts ) );
+			$edit_table = isset( $path_params['network'] ) && rest_sanitize_boolean( $path_params['network'] ) ?
+				$db->ms_table : $db->table;
+		}
+	}
+
 	foreach ( $data as $table_name => $active_snippets ) {
 
 		// Loop through the returned snippets and execute the PHP code.
@@ -638,7 +655,8 @@ function execute_active_snippets(): bool {
 				}
 			}
 
-			if ( apply_filters( 'code_snippets/allow_execute_snippet', true, $snippet_id, $table_name ) ) {
+			if ( apply_filters( 'code_snippets/allow_execute_snippet', true, $snippet_id, $table_name ) &&
+			     ! ( $edit_id === $snippet_id && $table_name === $edit_table ) ) {
 				execute_snippet( $code, $snippet_id );
 			}
 		}