From d8e845b153491b5a87545413787ef6a419b21aaa Mon Sep 17 00:00:00 2001 From: renventura Date: Wed, 24 Jan 2024 10:21:49 -0500 Subject: [PATCH] Use a previous state of the Coding Standards --- CHANGELOG.md | 12 + README.md | 114 ++- StellarWP/Sniff.php | 953 ------------------ .../Arrays/ArrayBracketSpacingSniff.php | 96 -- .../Classes/PropertyDeclarationSniff.php | 111 -- .../Sniffs/Classes/ValidClassNameSniff.php | 54 - .../CodeAnalysis/RedirectAndDieSniff.php | 89 -- .../Sniffs/Methods/MethodDeclarationSniff.php | 121 --- .../ValidFunctionNameSniff.php | 131 --- .../Sniffs/PHP/DeprecatedFunctionsSniff.php | 236 ----- StellarWP/Sniffs/PHP/EscjsFunctionSniff.php | 66 -- StellarWP/Sniffs/PHP/IsAFunctionSniff.php | 65 -- .../Whitespace/LogicalNotSpacingSniff.php | 71 -- StellarWP/Sniffs/XSS/EscapeOutputSniff.php | 331 ------ StellarWP/ruleset.xml | 95 -- TEC | 1 - TribalScents | 1 - bin/make-php-cs-fixer-config | 13 + bin/make-phpcs-config | 13 + bin/phpcs | 12 - composer.json | 61 +- find-deprecated-wp-functions.php | 54 - license.txt | 24 - {MAD => src/StellarWP}/ruleset.xml | 4 +- src/php-cs-fixer.php | 81 ++ stubs/php-cs-fixer.php | 38 + 26 files changed, 282 insertions(+), 2565 deletions(-) create mode 100644 CHANGELOG.md delete mode 100644 StellarWP/Sniff.php delete mode 100644 StellarWP/Sniffs/Arrays/ArrayBracketSpacingSniff.php delete mode 100755 StellarWP/Sniffs/Classes/PropertyDeclarationSniff.php delete mode 100755 StellarWP/Sniffs/Classes/ValidClassNameSniff.php delete mode 100755 StellarWP/Sniffs/CodeAnalysis/RedirectAndDieSniff.php delete mode 100755 StellarWP/Sniffs/Methods/MethodDeclarationSniff.php delete mode 100644 StellarWP/Sniffs/NamingConventions/ValidFunctionNameSniff.php delete mode 100755 StellarWP/Sniffs/PHP/DeprecatedFunctionsSniff.php delete mode 100644 StellarWP/Sniffs/PHP/EscjsFunctionSniff.php delete mode 100755 StellarWP/Sniffs/PHP/IsAFunctionSniff.php delete mode 100755 StellarWP/Sniffs/Whitespace/LogicalNotSpacingSniff.php delete mode 100644 StellarWP/Sniffs/XSS/EscapeOutputSniff.php delete mode 100644 StellarWP/ruleset.xml delete mode 120000 TEC delete mode 120000 TribalScents create mode 100755 bin/make-php-cs-fixer-config create mode 100755 bin/make-phpcs-config delete mode 100755 bin/phpcs delete mode 100644 find-deprecated-wp-functions.php delete mode 100644 license.txt rename {MAD => src/StellarWP}/ruleset.xml (97%) create mode 100644 src/php-cs-fixer.php create mode 100644 stubs/php-cs-fixer.php diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..b7cd530 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,12 @@ +# Changelog + +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [Version 1.0.0] + +Initial release. + +[Unreleased]: https://github.com/stellarwp/coding-standards/compare/main...develop +[Version 1.0.0]: https://github.com/stellarwp/coding-standards/releases/tag/v1.0.0 diff --git a/README.md b/README.md index 96ddff4..a839afb 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,107 @@ -Coding Standards -================== +# StellarWP Coding Standards -StellarWP standards for PHP CodeSniffer +This package contains a base set of coding standards for StellarWP package development. -StellarWP coding standards uses a combination of: -* Generic (part of PHP_CodeSniffer) -* PEAR (part of PHP_CodeSniffer) -* PSR2 (part of PHP_CodeSniffer) -* Squiz (part of PHP_CodeSniffer) -* Zend (part of PHP_CodeSniffer) -* Custom sniffs (a few based on [WordPress](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards)) +The rules are generally based on [the PSR-12 coding standard](https://www.php-fig.org/psr/psr-12/), which is generally recommended within the larger PHP community. +Additionally, since StellarWP is largely-focused on WordPress, our standards also include important WordPress-oriented rules (e.g. late-escaping of output, input sanitization, nonce usage, etc.). -## Important Notes +## What's included? -Make sure that the command `phpcs` is on version `3.4.2`+. In order to install it on that specifc version globally you can use: +There are two main tools included in this package: --- `composer global require "squizlabs/php_codesniffer=3.4.2"` +### PHP_CodeSniffer -## Setup on PHPStorm +[PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) is the de-facto linting tool for PHP, and there are a number of pre-configured standards available. -You can follow [this guide](https://confluence.jetbrains.com/display/PhpStorm/PHP+Code+Sniffer+in+PhpStorm#PHPCodeSnifferinPhpStorm-4.1.Obtainingcustomcodestyles) the only step you can replace is the one on **Installing via Composer** by the one above to install the 3.4.2 version instead. +This package includes PHP_CodeSniffer itself, along with [the WordPress Coding Standards ruleset](https://github.com/WordPress/WordPress-Coding-Standards), [PHP compatibility checks](https://github.com/PHPCompatibility/PHPCompatibility), and [Dealerdirect's Composer installer for PHP_CodeSniffer](https://github.com/DealerDirect/phpcodesniffer-composer-installer). + +### PHP-CS-Fixer + +[PHP-CS-Fixer](https://cs.symfony.com/) is an additional coding standards checker for PHP, maintained by several members of the Symfony team. It provides a bit more flexibility around more sophisticated checks and experiemental features. + +## Installation + +This package should be installed as a development dependency for your project: + +```sh +$ composer require --dev stellarwp/coding-standards +``` + +This will automatically expose the `phpcs`, `phpcbf`, and `php-cs-fixer` binaries in your project's `vendor/bin` directory. + +You may also wish to add the following Composer scripts to make it easier to run checks: + +```jsonc +# composer.json +{ + // ... + "scripts": { + // ... + "test:standards": [ + "phpcs --standard=StellarWP --cache ./src ./tests", + "php-cs-fixer fix --config=vendor/stellarwp/coding-standards/src/php-cs-fixer.php -v --diff --dry-run" + ], + "test:standards-fix": [ + "phpcbf --standard=StellarWP ./src ./tests", + "php-cs-fixer fix --config=vendor/stellarwp/coding-standards/src/php-cs-fixer.php -v --diff" + ] + }, + "scripts-descriptions": [ + "test:standards": "Check coding standards.", + "test:standards-fix": "Attempt to fix coding standards violations automatically.", + ] +} +``` + +> **Note:** You may need to adjust paths to suit your project, especially if [your Composer "vendor-dir" has been changed](https://getcomposer.org/doc/06-config.md#vendor-dir). + +## Project-specific configuration + +The default coding standards make a few assumptions about the project (all of which may be overwritten on a per-project basis): + +* Code should be compatible with PHP 5.6 or newer (to match [WordPress' minimum requirements](https://wordpress.org/about/requirements/)) +* Code should be compatible with the latest and previous major release WordPress (a.k.a. "current minus one") +* Anything passed through [WordPress' internationalization (i18n) functions](https://developer.wordpress.org/plugins/internationalization/how-to-internationalize-your-plugin/) should use the "stellarwp" text domain + +Rather than overwriting these values via command-line arguments, it's recommended to create a PHP_CodeSniffer configuration file in your project. [An annotated starter configuration](src/stubs/phpcs.xml) is included in this package, and can automatically be copied into the project root (`.phpcs.xml.dist`) by running the following command: + +```sh +$ vendor/bin/make-phpcs-config +``` + +Should you need to change the rules for PHP-CS-Fixer, you may publish a `.php-cs-fixer.dist.php` file by running the following: + +```sh +$ vendor/bin/make-php-cs-fixer-config +``` + +If you've copied the default `test:standards` and `test:standards-fix` scripts into your `composer.json` file, **please be sure to update their arguments!** + +```jsonc +# composer.json +{ + // ... + "scripts": { + // ... + "test:standards": [ + "phpcs --cache", + "php-cs-fixer fix --config=.php-cs-fixer.dist.php -v --diff --dry-run" + ], + "test:standards-fix": [ + "phpcbf", + "php-cs-fixer fix --config=.php-cs-fixer.dist.php -v --diff" + ] + }, +} +``` + +## License + +Copyright © 2022 StellarWP + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/StellarWP/Sniff.php b/StellarWP/Sniff.php deleted file mode 100644 index b3eada8..0000000 --- a/StellarWP/Sniff.php +++ /dev/null @@ -1,953 +0,0 @@ - true, - 'check_admin_referer' => true, - 'check_ajax_referer' => true, - ); - - /** - * Functions that escape values for display. - * - * @since 0.5.0 - * - * @var array - */ - public static $escapingFunctions = array( - 'absint' => true, - 'esc_attr__' => true, - 'esc_attr_e' => true, - 'esc_attr_x' => true, - 'esc_attr' => true, - 'esc_html__' => true, - 'esc_html_e' => true, - 'esc_html_x' => true, - 'esc_html' => true, - 'esc_js' => true, - 'esc_sql' => true, - 'esc_textarea' => true, - 'esc_url_raw' => true, - 'esc_url' => true, - 'filter_input' => true, - 'filter_var' => true, - 'intval' => true, - 'json_encode' => true, - 'like_escape' => true, - 'number_format' => true, - 'rawurlencode' => true, - 'sanitize_html_class' => true, - 'sanitize_user_field' => true, - 'tag_escape' => true, - 'urlencode_deep' => true, - 'urlencode' => true, - 'wp_json_encode' => true, - 'wp_kses_allowed_html' => true, - 'wp_kses_data' => true, - 'wp_kses_post' => true, - 'wp_kses' => true, - ); - - /** - * Functions whose output is automatically escaped for display. - * - * @since 0.5.0 - * - * @var array - */ - public static $autoEscapedFunctions = array( - 'allowed_tags' => true, - 'bloginfo' => true, - 'body_class' => true, - 'calendar_week_mod' => true, - 'cancel_comment_reply_link' => true, - 'category_description' => true, - 'checked' => true, - 'comment_author_email_link' => true, - 'comment_author_email' => true, - 'comment_author_IP' => true, - 'comment_author_link' => true, - 'comment_author_rss' => true, - 'comment_author_url_link' => true, - 'comment_author_url' => true, - 'comment_author' => true, - 'comment_class' => true, - 'comment_date' => true, - 'comment_excerpt' => true, - 'comment_form_title' => true, - 'comment_form' => true, - 'comment_id_fields' => true, - 'comment_ID' => true, - 'comment_reply_link' => true, - 'comment_text_rss' => true, - 'comment_text' => true, - 'comment_time' => true, - 'comment_type' => true, - 'comments_link' => true, - 'comments_number' => true, - 'comments_popup_link' => true, - 'comments_popup_script' => true, - 'comments_rss_link' => true, - 'delete_get_calendar_cache' => true, - 'disabled' => true, - 'do_shortcode_tag' => true, - 'edit_bookmark_link' => true, - 'edit_comment_link' => true, - 'edit_post_link' => true, - 'edit_tag_link' => true, - 'get_archives_link' => true, - 'get_attachment_link' => true, - 'get_avatar' => true, - 'get_bookmark_field' => true, - 'get_bookmark' => true, - 'get_calendar' => true, - 'get_comment_author_link' => true, - 'get_comment_date' => true, - 'get_comment_time' => true, - 'get_current_blog_id' => true, - 'get_delete_post_link' => true, - 'get_footer' => true, - 'get_header' => true, - 'get_search_form' => true, - 'get_search_query' => true, - 'get_sidebar' => true, - 'get_template_part' => true, - 'get_the_author_link' => true, - 'get_the_author' => true, - 'get_the_date' => true, - 'get_the_post_thumbnail' => true, - 'get_the_term_list' => true, - 'get_the_title' => true, - 'has_post_thumbnail' => true, - 'is_attachment' => true, - 'next_comments_link' => true, - 'next_image_link' => true, - 'next_post_link' => true, - 'next_posts_link' => true, - 'paginate_comments_links' => true, - 'permalink_anchor' => true, - 'post_class' => true, - 'post_password_required' => true, - 'post_type_archive_title' => true, - 'posts_nav_link' => true, - 'previous_comments_link' => true, - 'previous_image_link' => true, - 'previous_post_link' => true, - 'previous_posts_link' => true, - 'selected' => true, - 'single_cat_title' => true, - 'single_month_title' => true, - 'single_post_title' => true, - 'single_tag_title' => true, - 'single_term_title' => true, - 'sticky_class' => true, - 'tag_description' => true, - 'term_description' => true, - 'the_attachment_link' => true, - 'the_author_link' => true, - 'the_author_meta' => true, - 'the_author_posts_link' => true, - 'the_author_posts' => true, - 'the_author' => true, - 'the_category_rss' => true, - 'the_category' => true, - 'the_content_rss' => true, - 'the_content' => true, - 'the_date_xml' => true, - 'the_date' => true, - 'the_excerpt_rss' => true, - 'the_excerpt' => true, - 'the_feed_link' => true, - 'the_ID' => true, - 'the_meta' => true, - 'the_modified_author' => true, - 'the_modified_date' => true, - 'the_modified_time' => true, - 'the_permalink' => true, - 'the_post_thumbnail' => true, - 'the_search_query' => true, - 'the_shortlink' => true, - 'the_tags' => true, - 'the_taxonomies' => true, - 'the_terms' => true, - 'the_time' => true, - 'the_title_attribute' => true, - 'the_title_rss' => true, - 'the_title' => true, - 'vip_powered_wpcom' => true, - 'walk_nav_menu_tree' => true, - 'wp_attachment_is_image' => true, - 'wp_dropdown_categories' => true, - 'wp_dropdown_users' => true, - 'wp_enqueue_script' => true, - 'wp_generate_tag_cloud' => true, - 'wp_get_archives' => true, - 'wp_get_attachment_image' => true, - 'wp_get_attachment_link' => true, - 'wp_link_pages' => true, - 'wp_list_authors' => true, - 'wp_list_bookmarks' => true, - 'wp_list_categories' => true, - 'wp_list_comments' => true, - 'wp_login_form' => true, - 'wp_loginout' => true, - 'wp_meta' => true, - 'wp_nav_menu' => true, - 'wp_register' => true, - 'wp_shortlink_header' => true, - 'wp_shortlink_wp_head' => true, - 'wp_tag_cloud' => true, - 'wp_title' => true, - ); - - /** - * Functions that sanitize values. - * - * @since 0.5.0 - * - * @var array - */ - public static $sanitizingFunctions = array( - 'absint' => true, - 'filter_input' => true, - 'filter_var' => true, - 'in_array' => true, - 'intval' => true, - 'is_array' => true, - 'is_email' => true, - 'number_format' => true, - 'sanitize_bookmark_field' => true, - 'sanitize_bookmark' => true, - 'sanitize_email' => true, - 'sanitize_file_name' => true, - 'sanitize_html_class' => true, - 'sanitize_key' => true, - 'sanitize_meta' => true, - 'sanitize_mime_type' => true, - 'sanitize_option' => true, - 'sanitize_sql_orderby' => true, - 'sanitize_term_field' => true, - 'sanitize_term' => true, - 'sanitize_text_field' => true, - 'sanitize_title_for_query' => true, - 'sanitize_title_with_dashes' => true, - 'sanitize_title' => true, - 'sanitize_user_field' => true, - 'sanitize_user' => true, - 'validate_file' => true, - 'wp_kses_allowed_html' => true, - 'wp_kses_data' => true, - 'wp_kses_post' => true, - 'wp_kses' => true, - 'wp_parse_id_list' => true, - 'wp_redirect' => true, - 'wp_safe_redirect' => true, - ); - - /** - * Functions that format strings. - * - * These functions are often used for formatting values just before output, and - * it is common practice to escape the individual parameters passed to them as - * needed instead of escaping the entire result. This is especially true when the - * string being formatted contains HTML, which makes escaping the full result - * more difficult. - * - * @since 0.5.0 - * - * @var array - */ - public static $formattingFunctions = array( - 'ent2ncr' => true, - 'sprintf' => true, - 'vsprintf' => true, - 'wp_sprintf' => true, - ); - - - /** - * Functions which print output incorporating the values passed to them. - * - * @since 0.5.0 - * - * @var array - */ - public static $printingFunctions = array( - '_deprecated_argument' => true, - '_deprecated_file' => true, - '_deprecated_function' => true, - '_doing_it_wrong' => true, - '_e' => true, - '_ex' => true, - 'die' => true, - 'echo' => true, - 'exit' => true, - 'print' => true, - 'printf' => true, - 'trigger_error' => true, - 'user_error' => true, - 'vprintf' => true, - 'wp_die' => true, - ); - - /** - * The current file being sniffed. - * - * @since 0.4.0 - * - * @var File - */ - protected $phpcsFile; - - /** - * The list of tokens in the current file being sniffed. - * - * @since 0.4.0 - * - * @var array - */ - protected $tokens; - - /** - * A list of superglobals that incorporate user input. - * - * @since 0.4.0 - * - * @var string[] - */ - protected static $input_superglobals = array( '$_COOKIE', '$_GET', '$_FILES', '$_POST', '$_REQUEST', '$_SERVER' ); - - /** - * Initialize the class for the current process. - * - * This method must be called by child classes before using many of the methods - * below. - * - * @since 0.4.0 - * - * @param File $phpcsFile The file currently being processed. - */ - protected function init( File $phpcsFile ) { - $this->phpcsFile = $phpcsFile; - $this->tokens = $phpcsFile->getTokens(); - } - - /** - * Get the last pointer in a line. - * - * @since 0.4.0 - * - * @param integer $stackPtr The position of the current token in the stack passed - * in $tokens. - * - * @return integer Position of the last pointer on that line. - */ - protected function get_last_ptr_on_line( $stackPtr ) { - - $tokens = $this->tokens; - $currentLine = $tokens[ $stackPtr ]['line']; - $nextPtr = $stackPtr + 1; - - while ( isset( $tokens[ $nextPtr ] ) && $tokens[ $nextPtr ]['line'] === $currentLine ) { - $nextPtr++; - // Do nothing, we just want the last token of the line. - } - - // We've made it to the next line, back up one to the last in the previous line. - // We do this for micro-optimization of the above loop. - $lastPtr = $nextPtr - 1; - - return $lastPtr; - } - - /** - * Find whitelisting comment. - * - * Comment must be at the end of the line, and use // format. - * It can be prefixed or suffixed with anything e.g. "foobar" will match: - * ... // foobar okay - * ... // WPCS: foobar whitelist. - * - * There is an exception, and that is when PHP is being interspersed with HTML. - * In that case, the comment should come at the end of the statement (right - * before the closing tag, ?>). For example: - * - * - * - * @since 0.4.0 - * - * @param string $comment Comment to find. - * @param integer $stackPtr The position of the current token in the stack passed - * in $tokens. - * - * @return boolean True if whitelisting comment was found, false otherwise. - */ - protected function has_whitelist_comment( $comment, $stackPtr ) { - - $end_of_line = $lastPtr = $this->get_last_ptr_on_line( $stackPtr ); - - // There is a findEndOfStatement() method, but it considers more tokens than - // we need to here. - $end_of_statement = $this->phpcsFile->findNext( - array( T_CLOSE_TAG, T_SEMICOLON ) - , $stackPtr - ); - - // Check at the end of the statement if it comes before the end of the line. - if ( $end_of_statement < $end_of_line ) { - - // If the statement was ended by a semicolon, we find the next non- - // whitespace token. If the semicolon was left out and it was terminated - // by an ending tag, we need to look backwards. - if ( T_SEMICOLON === $this->tokens[ $end_of_statement ]['code'] ) { - $lastPtr = $this->phpcsFile->findNext( T_WHITESPACE, $end_of_statement + 1, null, true ); - } else { - $lastPtr = $this->phpcsFile->findPrevious( T_WHITESPACE, $end_of_statement - 1, null, true ); - } - } - - $last = $this->tokens[ $lastPtr ]; - - if ( T_COMMENT === $last['code'] ) { - return preg_match( '#' . preg_quote( $comment ) . '#i', $last['content'] ); - } else { - return false; - } - } - - /** - * Check if this variable is being assigned a value. - * - * E.g., $var = 'foo'; - * - * Also handles array assignments to arbitrary depth: - * - * $array['key'][ $foo ][ something() ] = $bar; - * - * @since 0.4.0 - * - * @param int $stackPtr The index of the token in the stack. This must points to - * either a T_VARIABLE or T_CLOSE_SQUARE_BRACKET token. - * - * @return bool Whether the token is a variable being assigned a value. - */ - protected function is_assignment( $stackPtr ) { - - $tokens = $this->phpcsFile->getTokens(); - - // Must be a variable or closing square bracket (see below). - if ( ! in_array( $tokens[ $stackPtr ]['code'], array( T_VARIABLE, T_CLOSE_SQUARE_BRACKET ) ) ) { - return false; - } - - $next_non_empty = $this->phpcsFile->findNext( - Tokens::$emptyTokens - , $stackPtr + 1 - , null - , true - , null - , true - ); - - // No token found. - if ( false === $next_non_empty ) { - return false; - } - - // If the next token is an assignment, that's all we need to know. - if ( in_array( $tokens[ $next_non_empty ]['code'], Tokens::$assignmentTokens ) ) { - return true; - } - - // Check if this is an array assignment, e.g., $var['key'] = 'val'; - if ( T_OPEN_SQUARE_BRACKET === $tokens[ $next_non_empty ]['code'] ) { - return $this->is_assignment( $tokens[ $next_non_empty ]['bracket_closer'] ); - } - - return false; - } - - /** - * Check if this token has an associated nonce check. - * - * @since 0.5.0 - * - * @param int $stackPtr The position of the current token in the stack of tokens. - * - * @return bool - */ - protected function has_nonce_check( $stackPtr ) { - - /** - * @var array { - * A cache of the scope that we last checked for nonce verification in. - * - * @var string $file The name of the file. - * @var int $start The index of the token where the scope started. - * @var int $end The index of the token where the scope ended. - * @var bool|int $nonce_check The index of the token where an nonce - * check was found, or false if none was found. - * } - */ - static $last; - - $start = 0; - $end = $stackPtr; - - $tokens = $this->phpcsFile->getTokens(); - - // If we're in a function, only look inside of it. - $f = $this->phpcsFile->getCondition( $stackPtr, T_FUNCTION ); - if ( $f ) { - $start = $tokens[ $f ]['scope_opener']; - } - - $in_isset = $this->is_in_isset_or_empty( $stackPtr ); - - // We allow for isset( $_POST['var'] ) checks to come before the nonce check. - // If this is inside an isset(), check after it as well, all the way to the - // end of the scope. - if ( $in_isset ) { - $end = ( 0 === $start ) ? count( $tokens ) : $tokens[ $start ]['scope_closer']; - } - - // Check if we've looked here before. - $filename = $this->phpcsFile->getFilename(); - - if ( - $filename === $last['file'] - && $start === $last['start'] - ) { - - if ( false !== $last['nonce_check'] ) { - // If we have already found an nonce check in this scope, we just - // need to check whether it comes before this token. It is OK if the - // check is after the token though, if this was only a isset() check. - return ( $in_isset || $last['nonce_check'] < $stackPtr ); - } elseif ( $end <= $last['end'] ) { - // If not, we can still go ahead and return false if we've already - // checked to the end of the search area. - return false; - } - - // We haven't checked this far yet, but we can still save work by - // skipping over the part we've already checked. - $start = $last['end']; - } else { - $last = array( - 'file' => $filename, - 'start' => $start, - 'end' => $end, - ); - } - - // Loop through the tokens looking for nonce verification functions. - for ( $i = $start; $i < $end; $i++ ) { - - // If this isn't a function name, skip it. - if ( T_STRING !== $tokens[ $i ]['code'] ) { - continue; - } - - // If this is one of the nonce verification functions, we can bail out. - if ( isset( self::$nonceVerificationFunctions[ $tokens[ $i ]['content'] ] ) ) { - $last['nonce_check'] = $i; - return true; - } - } - - // We're still here, so no luck. - $last['nonce_check'] = false; - - return false; - } - - /** - * Check if a token is inside of an isset() or empty() statement. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of the token in the stack. - * - * @return bool Whether the token is inside an isset() or empty() statement. - */ - protected function is_in_isset_or_empty( $stackPtr ) { - - if ( ! isset( $this->tokens[ $stackPtr ]['nested_parenthesis'] ) ) { - return false; - } - - end( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - $open_parenthesis = key( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - reset( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - - return in_array( $this->tokens[ $open_parenthesis - 1 ]['code'], array( T_ISSET, T_EMPTY ) ); - } - - /** - * Check if something is only being sanitized. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of the token in the stack. - * - * @return bool Whether the token is only within a sanitization. - */ - protected function is_only_sanitized( $stackPtr ) { - - // If it isn't being sanitized at all. - if ( ! $this->is_sanitized( $stackPtr ) ) { - return false; - } - - // If this isn't set, we know the value must have only been casted, because - // is_sanitized() would have returned false otherwise. - if ( ! isset( $this->tokens[ $stackPtr ]['nested_parenthesis'] ) ) { - return true; - } - - // At this point we're expecting the value to have not been casted. If it - // was, it wasn't *only* casted, because it's also in a function. - if ( $this->is_safe_casted( $stackPtr ) ) { - return false; - } - - // The only parentheses should belong to the sanitizing function. If there's - // more than one set, this isn't *only* sanitization. - return ( count( $this->tokens[ $stackPtr ]['nested_parenthesis'] ) === 1 ); - } - - /** - * Check if something is being casted to a safe value. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of the token in the stack. - * - * @return bool Whether the token being casted. - */ - protected function is_safe_casted( $stackPtr ) { - - // Get the last non-empty token. - $prev = $this->phpcsFile->findPrevious( - Tokens::$emptyTokens - , $stackPtr - 1 - , null - , true - ); - - // Check if it is a safe cast. - return in_array( - $this->tokens[ $prev ]['code'] - , array( T_INT_CAST, T_DOUBLE_CAST, T_BOOL_CAST ) - ); - } - - /** - * Check if something is being sanitized. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of the token in the stack. - * - * @return bool Whether the token being sanitized. - */ - protected function is_sanitized( $stackPtr ) { - - // First we check if it is being casted to a safe value. - if ( $this->is_safe_casted( $stackPtr ) ) { - return true; - } - - // If this isn't within a function call, we know already that it's not safe. - if ( ! isset( $this->tokens[ $stackPtr ]['nested_parenthesis'] ) ) { - return false; - } - - // Get the function that it's in. - $function_closer = end( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - $function_opener = key( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - $functionPtr = $function_opener - 1; - $function = $this->tokens[ $functionPtr ]; - - // If it is just being unset, the value isn't used at all, so it's safe. - if ( T_UNSET === $function['code'] ) { - return true; - } - - // If this isn't a call to a function, it sure isn't sanitizing function. - if ( T_STRING !== $function['code'] ) { - return false; - } - - $functionName = $function['content']; - - // Arrays might be sanitized via array_map(). - if ( 'array_map' === $functionName ) { - - // Get the first parameter (name of function being used on the array). - $mapped_function = $this->phpcsFile->findNext( - Tokens::$emptyTokens - , $function_opener + 1 - , $function_closer - , true - ); - - // If we're able to resolve the function name, do so. - if ( $mapped_function && T_CONSTANT_ENCAPSED_STRING === $this->tokens[ $mapped_function ]['code'] ) { - $functionName = trim( $this->tokens[ $mapped_function ]['content'], '\'' ); - } - } - - // Check if this is a sanitizing function. - return isset( self::$sanitizingFunctions[ $functionName ] ); - } - - /** - * Get the index key of an array variable. - * - * E.g., "bar" in $foo['bar']. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of the token in the stack. - * - * @return string|false The array index key whose value is being accessed. - */ - protected function get_array_access_key( $stackPtr ) { - - // Find the next non-empty token. - $open_bracket = $this->phpcsFile->findNext( - Tokens::$emptyTokens, - $stackPtr + 1, - null, - true - ); - - // If it isn't a bracket, this isn't an array-access. - if ( T_OPEN_SQUARE_BRACKET !== $this->tokens[ $open_bracket ]['code'] ) { - return false; - } - - $key = $this->phpcsFile->getTokensAsString( - $open_bracket + 1 - , $this->tokens[ $open_bracket ]['bracket_closer'] - $open_bracket - 1 - ); - - return trim( $key ); - } - - /** - * Check if the existence of a variable is validated with isset() or empty(). - * - * When $in_condition_only is false, (which is the default), this is considered - * valid: - * - * ```php - * if ( isset( $var ) ) { - * // Do stuff, like maybe return or exit (but could be anything) - * } - * - * foo( $var ); - * ``` - * - * When it is true, that would be invalid, the use of the variable must be within - * the scope of the validating condition, like this: - * - * ```php - * if ( isset( $var ) ) { - * foo( $var ); - * } - * ``` - * - * @since 0.5.0 - * - * @param int $stackPtr The index of this token in the stack. - * @param string $array_key An array key to check for ("bar" in $foo['bar']). - * @param bool $in_condition_only Whether to require that this use of the - * variable occur within the scope of the - * validating condition, or just in the same - * scope as it (default). - * - * @return bool Whether the var is validated. - */ - protected function is_validated( $stackPtr, $array_key = null, $in_condition_only = false ) { - - if ( $in_condition_only ) { - - // This is a stricter check, requiring the variable to be used only - // within the validation condition. - - // If there are no conditions, there's no validation. - if ( empty( $this->tokens[ $stackPtr ]['conditions'] ) ) { - return false; - } - - $conditions = $this->tokens[ $stackPtr ]['conditions']; - end( $conditions ); // Get closest condition - $conditionPtr = key( $conditions ); - $condition = $this->tokens[ $conditionPtr ]; - - if ( ! isset( $condition['parenthesis_opener'] ) ) { - - $this->phpcsFile->addError( - 'Possible parse error, condition missing open parenthesis.', - $conditionPtr, - 'IsValidatedMissingConditionOpener' - ); - - return false; - } - - $scope_start = $condition['parenthesis_opener']; - $scope_end = $condition['parenthesis_closer']; - - } else { - - // We are are more loose, requiring only that the variable be validated - // in the same function/file scope as it is used. - - // Check if we are in a function. - $function = $this->phpcsFile->findPrevious( T_FUNCTION, $stackPtr ); - - // If so, we check only within the function, otherwise the whole file. - if ( false !== $function && $stackPtr < $this->tokens[ $function ]['scope_closer'] ) { - $scope_start = $this->tokens[ $function ]['scope_opener']; - } else { - $scope_start = 0; - } - - $scope_end = $stackPtr; - } - - for ( $i = $scope_start + 1; $i < $scope_end; $i++ ) { - - if ( ! in_array( $this->tokens[ $i ]['code'], array( T_ISSET, T_EMPTY, T_UNSET ) ) ) { - continue; - } - - $issetOpener = $this->phpcsFile->findNext( T_OPEN_PARENTHESIS, $i ); - $issetCloser = $this->tokens[ $issetOpener ]['parenthesis_closer']; - - // Look for this variable. We purposely stomp $i from the parent loop. - for ( $i = $issetOpener + 1; $i < $issetCloser; $i++ ) { - - if ( T_VARIABLE !== $this->tokens[ $i ]['code'] ) { - continue; - } - - // If we're checking for a specific array key (ex: 'hello' in - // $_POST['hello']), that mush match too. - if ( $array_key && $this->get_array_access_key( $i ) !== $array_key ) { - continue; - } - - return true; - } - } - - return false; - } - - /** - * Check whether a variable is being compared to another value. - * - * E.g., $var === 'foo', 1 <= $var, etc. - * - * Also recognizes `switch ( $var )`. - * - * @since 0.5.0 - * - * @param int $stackPtr The index of this token in the stack. - * - * @return bool Whether this is a comparison. - */ - protected function is_comparison( $stackPtr ) { - - // We first check if this is a switch statement (switch ( $var )). - if ( isset( $this->tokens[ $stackPtr ]['nested_parenthesis'] ) ) { - $close_parenthesis = end( $this->tokens[ $stackPtr ]['nested_parenthesis'] ); - - if ( - isset( $this->tokens[ $close_parenthesis ]['parenthesis_owner'] ) - && T_SWITCH === $this->tokens[ $this->tokens[ $close_parenthesis ]['parenthesis_owner'] ]['code'] - ) { - return true; - } - } - - // Find the previous non-empty token. We check before the var first because - // yoda conditions are usually expected. - $previous_token = $this->phpcsFile->findPrevious( - Tokens::$emptyTokens, - $stackPtr - 1, - null, - true - ); - - if ( in_array( $this->tokens[ $previous_token ]['code'], Tokens::$comparisonTokens ) ) { - return true; - } - - // Maybe the comparison operator is after this. - $next_token = $this->phpcsFile->findNext( - Tokens::$emptyTokens, - $stackPtr + 1, - null, - true - ); - - // This might be an opening square bracket in the case of arrays ($var['a']). - while ( T_OPEN_SQUARE_BRACKET === $this->tokens[ $next_token ]['code'] ) { - - $next_token = $this->phpcsFile->findNext( - Tokens::$emptyTokens, - $this->tokens[ $next_token ]['bracket_closer'] + 1, - null, - true - ); - } - - if ( in_array( $this->tokens[ $next_token ]['code'], Tokens::$comparisonTokens ) ) { - return true; - } - - return false; - } -} - -// EOF diff --git a/StellarWP/Sniffs/Arrays/ArrayBracketSpacingSniff.php b/StellarWP/Sniffs/Arrays/ArrayBracketSpacingSniff.php deleted file mode 100644 index 6dc289c..0000000 --- a/StellarWP/Sniffs/Arrays/ArrayBracketSpacingSniff.php +++ /dev/null @@ -1,96 +0,0 @@ - and Marc McIntyre , - * but modified to match The Events Calendar standards. - * - * PHP version 5 - * - * @category PHP - * @package PHP_CodeSniffer - * @author Matthew Batchelder - * @author Zachary Tirrell - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @link http://pear.php.net/package/PHP_CodeSniffer - */ - -/** - * Squiz_Sniffs_Arrays_ArrayBracketSpacingSniff. - * - * Ensure that there are no spaces around square brackets. - * - * @category PHP - * @package PHP_CodeSniffer - * @author Matthew Batchelder - * @author Zachary Tirrell - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class ArrayBracketSpacingSniff implements Sniff -{ - /** - * Returns an array of tokens this test wants to listen for. - * - * @return array - */ - public function register() - { - return array( - T_OPEN_SQUARE_BRACKET, - T_CLOSE_SQUARE_BRACKET, - ); - - }//end register() - - - /** - * Processes this sniff, when one of its tokens is encountered. - * - * @param File $phpcsFile The current file being checked. - * @param int $stackPtr The position of the current token in the - * stack passed in $tokens. - * - * @return void - */ - public function process(File $phpcsFile, $stackPtr) - { - $tokens = $phpcsFile->getTokens(); - - // PHP 5.4 introduced a shorthand array declaration syntax, so we need - // to ignore the these type of array declarations because this sniff is - // only dealing with array usage. - if ($tokens[$stackPtr]['code'] === T_OPEN_SQUARE_BRACKET) { - $openBracket = $stackPtr; - } else { - $openBracket = $tokens[$stackPtr]['bracket_opener']; - } - - $prev = $phpcsFile->findPrevious(Tokens::$emptyTokens, ($openBracket - 1), null, true); - if ($tokens[$prev]['code'] === T_EQUAL) { - return; - } - - // Square brackets can not have a space before them. - $prevType = $tokens[($stackPtr - 1)]['code']; - if ('[' == $tokens[$stackPtr]['content'] && in_array($prevType, Tokens::$emptyTokens) === true) { - $nonSpace = $phpcsFile->findPrevious(Tokens::$emptyTokens, ($stackPtr - 2), null, true); - $expected = $tokens[$nonSpace]['content'].$tokens[$stackPtr]['content']; - $found = $phpcsFile->getTokensAsString($nonSpace, ($stackPtr - $nonSpace)).$tokens[$stackPtr]['content']; - $error = 'Space found before square bracket; expected "%s" but found "%s"'; - $data = array( - $expected, - $found, - ); - $phpcsFile->addError($error, $stackPtr, 'SpaceBeforeBracket', $data); - } - }//end process() -}//end class diff --git a/StellarWP/Sniffs/Classes/PropertyDeclarationSniff.php b/StellarWP/Sniffs/Classes/PropertyDeclarationSniff.php deleted file mode 100755 index 24804bc..0000000 --- a/StellarWP/Sniffs/Classes/PropertyDeclarationSniff.php +++ /dev/null @@ -1,111 +0,0 @@ - - * @copyright 2006-2012 Squiz Pty Ltd (ABN 77 084 670 600) - * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence - * @link http://pear.php.net/package/PHP_CodeSniffer - */ - -/** - * Verifies that properties are declared correctly. - * - * @category PHP - * @package PHP_CodeSniffer - * @author Greg Sherwood - * @copyright 2006-2012 Squiz Pty Ltd (ABN 77 084 670 600) - * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class PropertyDeclarationSniff extends Sniffs\AbstractVariableSniff -{ - - - /** - * Processes the function tokens within the class. - * - * @param File $phpcsFile The file where this token was found. - * @param int $stackPtr The position where the token was found. - * - * @return void - */ - protected function processMemberVar(File $phpcsFile, $stackPtr) - { - $tokens = $phpcsFile->getTokens(); - - // Detect multiple properties defined at the same time. Throw an error - // for this, but also only process the first property in the list so we don't - // repeat errors. - $find = Tokens::$scopeModifiers; - $find = array_merge($find, array(T_VARIABLE, T_VAR, T_SEMICOLON)); - $prev = $phpcsFile->findPrevious($find, ($stackPtr - 1)); - if ($tokens[$prev]['code'] === T_VARIABLE) { - return; - } - - if ($tokens[$prev]['code'] === T_VAR) { - $error = 'The var keyword must not be used to declare a property'; - $phpcsFile->addError($error, $stackPtr, 'VarUsed'); - } - - $next = $phpcsFile->findNext(array(T_VARIABLE, T_SEMICOLON), ($stackPtr + 1)); - if ($tokens[$next]['code'] === T_VARIABLE) { - $error = 'There must not be more than one property declared per statement'; - $phpcsFile->addError($error, $stackPtr, 'Multiple'); - } - - $modifier = $phpcsFile->findPrevious(Tokens::$scopeModifiers, $stackPtr); - if (($modifier === false) || ($tokens[$modifier]['line'] !== $tokens[$stackPtr]['line'])) { - $error = 'Visibility must be declared on property "%s"'; - $data = array($tokens[$stackPtr]['content']); - $phpcsFile->addError($error, $stackPtr, 'ScopeMissing', $data); - } - - }//end processMemberVar() - - - /** - * Processes normal variables. - * - * @param File $phpcsFile The file where this token was found. - * @param int $stackPtr The position where the token was found. - * - * @return void - */ - protected function processVariable(File $phpcsFile, $stackPtr) - { - // We don't care about normal variables. - return; - - }//end processVariable() - - - /** - * Processes variables in double quoted strings. - * - * @param File $phpcsFile The file where this token was found. - * @param int $stackPtr The position where the token was found. - * - * @return void - */ - protected function processVariableInString(File $phpcsFile, $stackPtr) - { - // We don't care about normal variables. - return; - - }//end processVariableInString() - - -}//end class diff --git a/StellarWP/Sniffs/Classes/ValidClassNameSniff.php b/StellarWP/Sniffs/Classes/ValidClassNameSniff.php deleted file mode 100755 index cc29a8a..0000000 --- a/StellarWP/Sniffs/Classes/ValidClassNameSniff.php +++ /dev/null @@ -1,54 +0,0 @@ -getTokens(); - - // Get the class name. - $className = $phpcsFile->findNext( T_STRING, $stackPtr ); - - // Check if the class name is in Capitalized_Snake_Case format where each word starts with a capital letter. - // This also allows for the older double-underscore method of namespacing. - if ( ! preg_match( '/^(?:[A-Z]+[a-z\d]*)(?:_[A-Z]+[a-z\d]*)*$/', $tokens[ $className ]['content'] ) ) { - $phpcsFile->addError( - 'Class name "%s" is not in Capitalized_Snake_Case format', - $stackPtr, - 'NotSnakeCase', - [ $tokens[ $className ]['content'] ] - ); - } - } -} diff --git a/StellarWP/Sniffs/CodeAnalysis/RedirectAndDieSniff.php b/StellarWP/Sniffs/CodeAnalysis/RedirectAndDieSniff.php deleted file mode 100755 index 2600a94..0000000 --- a/StellarWP/Sniffs/CodeAnalysis/RedirectAndDieSniff.php +++ /dev/null @@ -1,89 +0,0 @@ - - * @copyright 2014 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class RedirectAndDieSniff implements Sniff -{ - /** - * A list of tokenizers this sniff supports. - * - * @var array - */ - public $supportedTokenizers = array( - 'PHP', - ); - - /** - * Returns an array of tokens this test wants to listen for. - * - * @return array - */ - public function register() - { - return array( - T_STRING, - ); - }//end register - - /** - * Processes this test, when one of its tokens is encountered. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the current token in - * the stack passed in $tokens. - * - * @return void - */ - public function process( File $phpcsFile, $stackPtr ) - { - $tokens = $phpcsFile->getTokens(); - $token = $tokens[ $stackPtr ]; - $function = strtolower( $token['content'] ); - - $ignore = array( - T_DOUBLE_COLON, - T_OBJECT_OPERATOR, - T_FUNCTION, - T_CONST, - ); - - $prevToken = $phpcsFile->findPrevious( T_WHITESPACE, ( $stackPtr - 1 ), null, true ); - - if ( in_array( $tokens[ $prevToken ]['code'], $ignore ) === true ) - { - // Not a call to a PHP function. - return; - }//end if - - if ( ! in_array( $function, array( 'wp_redirect', 'wp_safe_redirect' ) ) ) - { - return; - }//end if - - $semicolon = $phpcsFile->findNext( T_SEMICOLON, $stackPtr ); - $next = $tokens[ $phpcsFile->findNext( T_WHITESPACE, $semicolon + 1, NULL, TRUE ) ]; - - if ( T_EXIT == $next['code'] || 'tribe_exit' == $next['content'] ) - { - return; - }//end if - - $data = array( $function ); - $type = 'Error'; - $error = "die must follow {$function}"; - $phpcsFile->addError( $error, $stackPtr, $type, $data ); - }//end process -}//end class diff --git a/StellarWP/Sniffs/Methods/MethodDeclarationSniff.php b/StellarWP/Sniffs/Methods/MethodDeclarationSniff.php deleted file mode 100755 index 170b72e..0000000 --- a/StellarWP/Sniffs/Methods/MethodDeclarationSniff.php +++ /dev/null @@ -1,121 +0,0 @@ - - * @copyright 2006-2012 Squiz Pty Ltd (ABN 77 084 670 600) - * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence - * @link http://pear.php.net/package/PHP_CodeSniffer - */ - -/** - * Checks that the method declaration is correct. - * - * @category PHP - * @package PHP_CodeSniffer - * @author Greg Sherwood - * @copyright 2006-2012 Squiz Pty Ltd (ABN 77 084 670 600) - * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class MethodDeclarationSniff extends Sniffs\AbstractScopeSniff -{ - /** - * Constructs a Squiz_Sniffs_Scope_MethodScopeSniff. - */ - public function __construct() - { - parent::__construct(array(T_CLASS, T_INTERFACE), array(T_FUNCTION)); - - }//end __construct() - - - /** - * Processes the function tokens within the class. - * - * @param File $phpcsFile The file where this token was found. - * @param int $stackPtr The position where the token was found. - * @param int $currScope The current scope opener token. - * - * @return void - */ - protected function processTokenWithinScope(File $phpcsFile, $stackPtr, $currScope) - { - $tokens = $phpcsFile->getTokens(); - - $methodName = $phpcsFile->getDeclarationName($stackPtr); - if ($methodName === null) { - // Ignore closures. - return; - } - - $visibility = 0; - $static = 0; - $abstract = 0; - $final = 0; - - $find = Tokens::$methodPrefixes; - $find[] = T_WHITESPACE; - $prev = $phpcsFile->findPrevious($find, ($stackPtr - 1), null, true); - - $prefix = $stackPtr; - while (($prefix = $phpcsFile->findPrevious(Tokens::$methodPrefixes, ($prefix - 1), $prev)) !== false) { - switch ($tokens[$prefix]['code']) { - case T_STATIC: - $static = $prefix; - break; - case T_ABSTRACT: - $abstract = $prefix; - break; - case T_FINAL: - $final = $prefix; - break; - default: - $visibility = $prefix; - break; - } - } - - if ($static !== 0 && $static < $visibility) { - $error = 'The static declaration must come after the visibility declaration'; - $phpcsFile->addError($error, $static, 'StaticBeforeVisibility'); - } - - if ($visibility !== 0 && $final > $visibility) { - $error = 'The final declaration must precede the visibility declaration'; - $phpcsFile->addError($error, $final, 'FinalAfterVisibility'); - } - - if ($visibility !== 0 && $abstract > $visibility) { - $error = 'The abstract declaration must precede the visibility declaration'; - $phpcsFile->addError($error, $abstract, 'AbstractAfterVisibility'); - } - - }//end processTokenWithinScope() - - /** - * Processes a token that is found outside the scope that this test is - * listening to. - * - * @param \PHP_CodeSniffer\Files\File $phpcsFile The file where this token was found. - * @param int $stackPtr The position in the stack where this - * token was found. - * - * @return void|int Optionally returns a stack pointer. The sniff will not be - * called again on the current file until the returned stack - * pointer is reached. Return (count($tokens) + 1) to skip - * the rest of the file. - */ - protected function processTokenOutsideScope(File $phpcsFile, $stackPtr) {} - - -}//end class diff --git a/StellarWP/Sniffs/NamingConventions/ValidFunctionNameSniff.php b/StellarWP/Sniffs/NamingConventions/ValidFunctionNameSniff.php deleted file mode 100644 index 1d2a928..0000000 --- a/StellarWP/Sniffs/NamingConventions/ValidFunctionNameSniff.php +++ /dev/null @@ -1,131 +0,0 @@ - - */ - -/** - * Enforces WordPress array format - * - * Blatant copy from WordPress coding standards repo - * - * @category PHP - * @package PHP_CodeSniffer - * @author John Godley - */ -class ValidFunctionNameSniff extends Sniffs\AbstractScopeSniff -{ - - private $_magicMethods = array( - 'construct', - 'destruct', - 'call', - 'callStatic', - 'get', - 'set', - 'isset', - 'unset', - 'sleep', - 'wakeup', - 'toString', - 'set_state', - 'clone', - 'invoke' - ); - - /** - * A list of all PHP magic functions. - * - * @var array - */ - protected $magicFunctions = array('autoload'); - - /** - * Constructs a PEAR_Sniffs_NamingConventions_ValidFunctionNameSniff. - */ - public function __construct() { - parent::__construct(array(T_CLASS, T_INTERFACE, T_TRAIT), array(T_FUNCTION), true); - }//end __construct() - - /** - * Processes the tokens within the scope. - * - * @param File $phpcsFile The file being processed. - * @param int $stackPtr The position where this token was - * found. - * @param int $currScope The position of the current scope. - * - * @return void - */ - protected function processTokenWithinScope(File $phpcsFile, $stackPtr, $currScope) { - $className = $phpcsFile->getDeclarationName($currScope); - $methodName = $phpcsFile->getDeclarationName($stackPtr); - - // Is this a magic method. IE. is prefixed with "__". - if (preg_match('|^__|', $methodName) !== 0) { - $magicPart = substr($methodName, 2); - if (in_array($magicPart, $this->_magicMethods) === false) { - $error = "Method name \"$className::$methodName\" is invalid; only PHP magic methods should be prefixed with a double underscore"; - $phpcsFile->addError($error, $stackPtr, 'MethodDoubleUnderscore'); - } - - return; - } - - // PHP4 constructors are allowed to break our rules. - if ($methodName === $className) { - return; - } - - // PHP4 destructors are allowed to break our rules. - if ($methodName === '_'.$className) { - return; - } - }//end processTokenWithinScope() - - /** - * Processes the tokens outside the scope. - * - * @param File $phpcsFile The file being processed. - * @param int $stackPtr The position where this token was - * found. - * - * @return void - */ - protected function processTokenOutsideScope(File $phpcsFile, $stackPtr) - { - $functionName = $phpcsFile->getDeclarationName($stackPtr); - if ($functionName === null) { - // Ignore closures. - return; - } - - if (ltrim($functionName, '_') === '') { - // Ignore special functions. - return; - } - - $errorData = array($functionName); - - // Is this a magic function. i.e., it is prefixed with "__". - if (preg_match('|^__|', $functionName) !== 0) { - $magicPart = strtolower(substr($functionName, 2)); - if (in_array($magicPart, $this->magicFunctions) === false) { - $error = 'Function name "%s" is invalid; only PHP magic methods should be prefixed with a double underscore'; - $phpcsFile->addError($error, $stackPtr, 'FunctionDoubleUnderscore', $errorData); - } - - return; - } - }//end processTokenOutsideScope() -}//end class diff --git a/StellarWP/Sniffs/PHP/DeprecatedFunctionsSniff.php b/StellarWP/Sniffs/PHP/DeprecatedFunctionsSniff.php deleted file mode 100755 index 874fef7..0000000 --- a/StellarWP/Sniffs/PHP/DeprecatedFunctionsSniff.php +++ /dev/null @@ -1,236 +0,0 @@ - and Marc McIntyre , - * but modified to match The Events Calendar standards. - * - * PHP version 5 - * - * @category PHP - * @package PHP_CodeSniffer - * @author Matthew Batchelder - * @author Zachary Tirrell - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @link http://pear.php.net/package/PHP_CodeSniffer - */ - -/** - * Discourages the use of deprecated WordPress functions that are kept in PHP for - * compatibility with older versions. - * - * @category PHP - * @package PHP_CodeSniffer - * @author Matthew Batchelder - * @author Zachary Tirrell - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class DeprecatedFunctionsSniff extends PHP\ForbiddenFunctionsSniff -{ - - /** - * A list of forbidden functions with their alternatives. - * - * The value is NULL if no alternative exists. IE, the - * function should just not be used. - * - * @var array(string => string|null) - */ - public $forbiddenFunctions = array( - "get_postdata" => "get_post()", - "start_wp" => "The Loop - {@link http://codex.wordpress.org/The_Loop Use new WordPress Loop}", - "the_category_ID" => "get_the_category()", - "the_category_head" => "get_the_category_by_ID()", - "previous_post" => "previous_post_link()", - "next_post" => "next_post_link()", - "user_can_create_post" => "current_user_can()", - "user_can_create_draft" => "current_user_can()", - "user_can_edit_post" => "current_user_can()", - "user_can_delete_post" => "current_user_can()", - "user_can_set_post_date" => "current_user_can()", - "user_can_edit_post_date" => "current_user_can()", - "user_can_edit_post_comments" => "current_user_can()", - "user_can_delete_post_comments" => "current_user_can()", - "user_can_edit_user" => "current_user_can()", - "get_linksbyname" => "get_bookmarks()", - "wp_get_linksbyname" => "wp_list_bookmarks()", - "get_linkobjectsbyname" => "get_bookmarks()", - "get_linkobjects" => "get_bookmarks()", - "get_linksbyname_withrating" => "get_bookmarks()", - "get_links_withrating" => "get_bookmarks()", - "get_autotoggle" => null, - "list_cats" => "wp_list_categories()", - "wp_list_cats" => "wp_list_categories()", - "dropdown_cats" => "wp_dropdown_categories()", - "list_authors" => "wp_list_authors()", - "wp_get_post_cats" => "wp_get_post_categories()", - "wp_set_post_cats" => "wp_set_post_categories()", - "get_archives" => "wp_get_archives()", - "get_author_link" => "get_author_posts_url()", - "link_pages" => "wp_link_pages()", - "get_settings" => "get_option()", - "permalink_link" => "the_permalink()", - "permalink_single_rss" => "the_permalink_rss()", - "wp_get_links" => "wp_list_bookmarks()", - "get_links" => "get_bookmarks()", - "get_links_list" => "wp_list_bookmarks()", - "links_popup_script" => null, - "get_linkrating" => "sanitize_bookmark_field()", - "get_linkcatname" => "get_category()", - "comments_rss_link" => "post_comments_feed_link()", - "get_category_rss_link" => "get_category_feed_link()", - "get_author_rss_link" => "get_author_feed_link()", - "comments_rss" => "get_post_comments_feed_link()", - "create_user" => "wp_create_user()", - "gzip_compression" => null, - "get_commentdata" => "get_comment()", - "get_catname" => "get_cat_name()", - "get_category_children" => "get_term_children()", - "get_the_author_description" => "get_the_author_meta('description')", - "the_author_description" => "the_author_meta('description')", - "get_the_author_login" => "get_the_author_meta('login')", - "the_author_login" => "the_author_meta('login')", - "get_the_author_firstname" => "get_the_author_meta('first_name')", - "the_author_firstname" => "the_author_meta('first_name')", - "get_the_author_lastname" => "get_the_author_meta('last_name')", - "the_author_lastname" => "the_author_meta('last_name')", - "get_the_author_nickname" => "get_the_author_meta('nickname')", - "the_author_nickname" => "the_author_meta('nickname')", - "get_the_author_email" => "get_the_author_meta('email')", - "the_author_email" => "the_author_meta('email')", - "get_the_author_icq" => "get_the_author_meta('icq')", - "the_author_icq" => "the_author_meta('icq')", - "get_the_author_yim" => "get_the_author_meta('yim')", - "the_author_yim" => "the_author_meta('yim')", - "get_the_author_msn" => "get_the_author_meta('msn')", - "the_author_msn" => "the_author_meta('msn')", - "get_the_author_aim" => "get_the_author_meta('aim')", - "the_author_aim" => "the_author_meta('aim')", - "get_author_name" => "get_the_author_meta('display_name')", - "get_the_author_url" => "get_the_author_meta('url')", - "the_author_url" => "the_author_meta('url')", - "get_the_author_ID" => "get_the_author_meta('ID')", - "the_author_ID" => "the_author_meta('ID')", - "the_content_rss" => "the_content_feed()", - "make_url_footnote" => null, - "_c" => "_x()", - "translate_with_context" => "_x()", - "_nc" => "_nx()", - "__ngettext" => "_n()", - "__ngettext_noop" => "_n_noop()", - "get_alloptions" => "wp_load_alloptions())", - "get_the_attachment_link" => "wp_get_attachment_link()", - "get_attachment_icon_src" => "wp_get_attachment_image_src()", - "get_attachment_icon" => "wp_get_attachment_image()", - "get_attachment_innerHTML" => "wp_get_attachment_image()", - "get_link" => "get_bookmark()", - "sanitize_url" => "esc_url_raw()", - "clean_url" => "esc_url()", - "js_escape" => "esc_js()", - "wp_specialchars" => "esc_html()", - "attribute_escape" => "esc_attr()", - "register_sidebar_widget" => "wp_register_sidebar_widget()", - "unregister_sidebar_widget" => "wp_unregister_sidebar_widget()", - "register_widget_control" => "wp_register_widget_control()", - "unregister_widget_control" => "wp_unregister_widget_control()", - "delete_usermeta" => "delete_user_meta()", - "get_usermeta" => "get_user_meta()", - "update_usermeta" => "update_user_meta()", - "get_users_of_blog" => null, - "automatic_feed_links" => "add_theme_support( 'automatic-feed-links' )", - "get_profile" => "get_the_author_meta()", - "get_usernumposts" => "count_user_posts()", - "funky_javascript_callback" => null, - "funky_javascript_fix" => null, - "is_taxonomy" => "taxonomy_exists()", - "is_term" => "term_exists()", - "is_plugin_page" => "global \$plugin_page and/or get_plugin_page_hookname() hooks.", - "update_category_cache" => null, - "wp_timezone_supported" => null, - "the_editor" => "wp_editor()", - "get_user_metavalues" => null, - "sanitize_user_object" => null, - "get_boundary_post_rel_link" => null, - "start_post_rel_link" => null, - "get_index_rel_link" => null, - "index_rel_link" => null, - "get_parent_post_rel_link" => null, - "parent_post_rel_link" => null, - "wp_admin_bar_dashboard_view_site_menu" => null, - "is_blog_user" => "is_user_member_of_blog()", - "debug_fopen" => "error_log()", - "debug_fwrite" => "error_log() instead.", - "debug_fclose" => "error_log()", - "get_themes" => "wp_get_themes()", - "get_theme" => "wp_get_theme()", - "get_current_theme" => "(string) wp_get_theme()", - "clean_pre" => null, - "add_custom_image_header" => "add_theme_support('custom-header', \$args)", - "remove_custom_image_header" => "remove_theme_support('custom-header')", - "add_custom_background" => "add_theme_support('custom-background, \$args)", - "remove_custom_background" => null, - "get_theme_data" => "wp_get_theme()", - "update_page_cache" => null, - "clean_page_cache" => null, - "wp_explain_nonce" => "wp_nonce_ays()", - "sticky_class" => "post_class()", - "_get_post_ancestors" => null, - "wp_load_image" => null, - "image_resize" => null, - "wp_get_single_post" => null, - "user_pass_ok" => "wp_authenticate()", - "_save_post_hook" => null, - "gd_edit_image_support" => null, - ); - - - /** - * Constructor. - * - * Uses the Reflection API to get a list of deprecated functions. - */ - public function __construct() - { - }//end __construct() - - - /** - * Generates the error or wanrning for this sniff. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the forbidden function - * in the token array. - * @param string $function The name of the forbidden function. - * @param string $pattern The pattern used for the match. - * - * @return void - */ - protected function addError($phpcsFile, $stackPtr, $function, $pattern=null) - { - $data = array($function); - $error = 'WordPress Function %s() has been deprecated.'; - - if ( $this->forbiddenFunctions[ $function ] ) { - $error .= ' Use ' . $this->forbiddenFunctions[ $function ] . ' instead.'; - }//end if - - $type = 'Deprecated'; - - if ($this->error === true) { - $phpcsFile->addError($error, $stackPtr, $type, $data); - } else { - $phpcsFile->addWarning($error, $stackPtr, $type, $data); - } - - }//end addError() - - -}//end class diff --git a/StellarWP/Sniffs/PHP/EscjsFunctionSniff.php b/StellarWP/Sniffs/PHP/EscjsFunctionSniff.php deleted file mode 100644 index 2515a3c..0000000 --- a/StellarWP/Sniffs/PHP/EscjsFunctionSniff.php +++ /dev/null @@ -1,66 +0,0 @@ - - * @author Zachary Tirrell - * @author Stephen Page - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class EscjsFunctionSniff extends PHP\ForbiddenFunctionsSniff -{ - /** - * A list of forbidden functions with their alternatives. - * - * The value is NULL if no alternative exists. IE, the - * function should just not be used. - * - * @var array(string => string|null) - */ - public $forbiddenFunctions = array( - 'esc_js' => 'json_encode', - ); - - /** - * Generates the error or wanrning for this sniff. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the forbidden function - * in the token array. - * @param string $function The name of the forbidden function. - * @param string $unused_pattern The pattern used for the match. - * - * @return void - */ - protected function addError( $phpcsFile, $stackPtr, $function, $unused_pattern = NULL ) - { - $data = array( $function ); - $error = 'Barf out, gag me with a spoon! esc_js()!'; - - if ( $this->forbiddenFunctions[ $function ] ) - { - $error .= 'This is for inline javascript, which is against our standards. Use ' . $this->forbiddenFunctions[ $function ] . ' instead.'; - }//end if - - $type = 'Found'; - - if ( TRUE === $this->error ) - { - $phpcsFile->addError( $error, $stackPtr, $type, $data ); - }//end if - else - { - $phpcsFile->addWarning( $error, $stackPtr, $type, $data ); - }//end else - }//end addError -}//end class diff --git a/StellarWP/Sniffs/PHP/IsAFunctionSniff.php b/StellarWP/Sniffs/PHP/IsAFunctionSniff.php deleted file mode 100755 index 5cdcfaf..0000000 --- a/StellarWP/Sniffs/PHP/IsAFunctionSniff.php +++ /dev/null @@ -1,65 +0,0 @@ - - * @author Zachary Tirrell - * @copyright 2012 The Events Calendar - * @license https://github.com/the-events-calendar/coding-standards/blob/master/licence.txt BSD Licence - * @version Release: 1.4.0 - * @link http://pear.php.net/package/PHP_CodeSniffer - */ -class IsAFunctionSniff extends PHP\ForbiddenFunctionsSniff -{ - /** - * A list of forbidden functions with their alternatives. - * - * The value is NULL if no alternative exists. IE, the - * function should just not be used. - * - * @var array(string => string|null) - */ - public $forbiddenFunctions = array( - 'is_a' => 'instanceof', - ); - - /** - * Generates the error or warning for this sniff. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the forbidden function - * in the token array. - * @param string $function The name of the forbidden function. - * @param string $unused_pattern The pattern used for the match. - * - * @return void - */ - protected function addError( $phpcsFile, $stackPtr, $function, $unused_pattern = NULL ) - { - $data = array( $function ); - $error = 'is_a()? Really?'; - - if ( $this->forbiddenFunctions[ $function ] ) - { - $error .= ' Use ' . $this->forbiddenFunctions[ $function ] . ' instead.'; - }//end if - - $type = 'Found'; - - if ( TRUE === $this->error ) - { - $phpcsFile->addError( $error, $stackPtr, $type, $data ); - }//end if - else - { - $phpcsFile->addWarning( $error, $stackPtr, $type, $data ); - }//end else - }//end addError -}//end class diff --git a/StellarWP/Sniffs/Whitespace/LogicalNotSpacingSniff.php b/StellarWP/Sniffs/Whitespace/LogicalNotSpacingSniff.php deleted file mode 100755 index bd31743..0000000 --- a/StellarWP/Sniffs/Whitespace/LogicalNotSpacingSniff.php +++ /dev/null @@ -1,71 +0,0 @@ - - * @author Greg Sherwood - * @author Marc McIntyre - */ - -/** - * @category PHP - * @package PHP_CodeSniffer - * @author John Godley - * @author Greg Sherwood - * @author Marc McIntyre - */ -class LogicalNotSpacingSniff implements Sniff -{ - /** - * A list of tokenizers this sniff supports. - * - * @var array - */ - public $supportedTokenizers = array( - 'PHP', - 'JS', - ); - - /** - * Returns an array of tokens this test wants to listen for. - * - * @return array - */ - public function register() - { - return array( - T_BOOLEAN_NOT, - ); - }//end register - - /** - * Processes this test, when one of its tokens is encountered. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the current token in the - * stack passed in $tokens. - * - * @return void - */ - public function process( File $phpcsFile, $stackPtr ) - { - $tokens = $phpcsFile->getTokens(); - $token = $tokens[ $stackPtr ]; - - if ( T_WHITESPACE === $tokens[ $stackPtr + 1 ]['code'] ) - { - return; - }//end if - - $phpcsFile->addError( '! must be followed by a single space', $stackPtr, 'invalidWhitespace' ); - }//end process -}//end class diff --git a/StellarWP/Sniffs/XSS/EscapeOutputSniff.php b/StellarWP/Sniffs/XSS/EscapeOutputSniff.php deleted file mode 100644 index 8ffc23a..0000000 --- a/StellarWP/Sniffs/XSS/EscapeOutputSniff.php +++ /dev/null @@ -1,331 +0,0 @@ - - */ - -/** - * Verifies that all outputted strings are escaped. - * - * Blatant copy from WordPress coding standards repo - * - * @category PHP - * @package PHP_CodeSniffer - * @author Weston Ruter - * @link http://codex.wordpress.org/Data_Validation Data Validation on WordPress Codex - */ -class EscapeOutputSniff extends Sniff -{ - - /** - * Custom list of functions which escape values for output. - * - * @since 0.5.0 - * - * @var string[] - */ - public $customEscapingFunctions = array(); - - /** - * Custom list of functions whose return values are pre-escaped for output. - * - * @since 0.3.0 - * - * @var string[] - */ - public $customAutoEscapedFunctions = array(); - - /** - * Custom list of functions which escape values for output. - * - * @since 0.3.0 - * @deprecated 0.5.0 Use $customEscapingFunctions instead. - * - * @var string[] - */ - public $customSanitizingFunctions = array(); - - /** - * Custom list of functions which print output incorporating the passed values. - * - * @since 0.4.0 - * - * @var string[] - */ - public $customPrintingFunctions = array(); - - /** - * Printing functions that incorporate unsafe values. - * - * @since 0.4.0 - * - * @var array - */ - public static $unsafePrintingFunctions = array( - '_e' => 'esc_html_e() or esc_attr_e()', - '_ex' => 'esc_html_ex() or esc_attr_ex()', - ); - - /** - * Whether the custom functions were added to the default lists yet. - * - * @var bool - */ - public static $addedCustomFunctions = false; - - /** - * Returns an array of tokens this test wants to listen for. - * - * @return array - */ - public function register() - { - return array( - T_ECHO, - T_PRINT, - T_EXIT, - T_STRING, - ); - - }//end register() - - - /** - * Processes this test, when one of its tokens is encountered. - * - * @param File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the current token - * in the stack passed in $tokens. - * - * @return int|void - */ - public function process( File $phpcsFile, $stackPtr ) - { - // Merge any custom functions with the defaults, if we haven't already. - if ( ! self::$addedCustomFunctions ) { - Sniff::$escapingFunctions = array_merge( Sniff::$escapingFunctions, array_flip( $this->customEscapingFunctions ) ); - Sniff::$autoEscapedFunctions = array_merge( Sniff::$autoEscapedFunctions, array_flip( $this->customAutoEscapedFunctions ) ); - Sniff::$printingFunctions = array_merge( Sniff::$printingFunctions, array_flip( $this->customPrintingFunctions ) ); - - if ( ! empty( $this->customSanitizingFunctions ) ) { - Sniff::$escapingFunctions = array_merge( Sniff::$escapingFunctions, array_flip( $this->customSanitizingFunctions ) ); - $phpcsFile->addWarning( 'The customSanitizingFunctions property is deprecated in favor of customEscapingFunctions.', 0, 'DeprecatedCustomSanitizingFunctions' ); - } - - self::$addedCustomFunctions = true; - } - - $this->init( $phpcsFile ); - $tokens = $phpcsFile->getTokens(); - - $function = $tokens[ $stackPtr ]['content']; - - // Find the opening parenthesis (if present; T_ECHO might not have it). - $open_paren = $phpcsFile->findNext( Tokens::$emptyTokens, $stackPtr + 1, null, true ); - - // If function, not T_ECHO nor T_PRINT - if ( $tokens[$stackPtr]['code'] == T_STRING ) { - // Skip if it is a function but is not of the printing functions. - if ( ! isset( self::$printingFunctions[ $tokens[ $stackPtr ]['content'] ] ) ) { - return; - } - - if ( isset( $tokens[ $open_paren ]['parenthesis_closer'] ) ) { - $end_of_statement = $tokens[ $open_paren ]['parenthesis_closer']; - } - - // These functions only need to have the first argument escaped. - if ( in_array( $function, array( 'trigger_error', 'user_error' ) ) ) { - $end_of_statement = $phpcsFile->findEndOfStatement( $open_paren + 1 ); - } - } - - // Checking for the ignore comment, ex: //xss ok - if ( $this->has_whitelist_comment( 'xss', $stackPtr ) ) { - return; - } - - if ( isset( $end_of_statement, self::$unsafePrintingFunctions[ $function ] ) ) { - $error = $phpcsFile->addWarning( "Expected next thing to be an escaping function (like %s), not '%s'", $stackPtr, 'UnsafePrintingFunction', array( self::$unsafePrintingFunctions[ $function ], $function ) ); - - // If the error was reported, don't bother checking the function's arguments. - if ( $error ) { - return $end_of_statement; - } - } - - $ternary = false; - - // This is already determined if this is a function and not T_ECHO. - if ( ! isset( $end_of_statement ) ) { - - $end_of_statement = $phpcsFile->findNext( array( T_SEMICOLON, T_CLOSE_TAG ), $stackPtr ); - $last_token = $phpcsFile->findPrevious( Tokens::$emptyTokens, $end_of_statement - 1, null, true ); - - // Check for the ternary operator. We only need to do this here if this - // echo is lacking parenthesis. Otherwise it will be handled below. - if ( T_OPEN_PARENTHESIS !== $tokens[ $open_paren ]['code'] || T_CLOSE_PARENTHESIS !== $tokens[ $last_token ]['code'] ) { - - $ternary = $phpcsFile->findNext( T_INLINE_THEN, $stackPtr, $end_of_statement ); - - // If there is a ternary skip over the part before the ?. However, if - // there is a closing parenthesis ending the statement, we only do - // this when the opening parenthesis comes after the ternary. If the - // ternary is within the parentheses, it will be handled in the loop. - if ( - $ternary - && ( - T_CLOSE_PARENTHESIS !== $tokens[ $last_token ]['code'] - || $ternary < $tokens[ $last_token ]['parenthesis_opener'] - ) - ) { - $stackPtr = $ternary; - } - } - } - - // Ignore the function itself. - $stackPtr++; - - $in_cast = false; - - // looping through echo'd components - $watch = true; - for ( $i = $stackPtr; $i < $end_of_statement; $i++ ) { - - // Ignore whitespaces and comments. - if ( in_array( $tokens[ $i ]['code'], array( T_WHITESPACE, T_COMMENT ) ) ) { - continue; - } - - if ( T_OPEN_PARENTHESIS === $tokens[ $i ]['code'] ) { - - if ( $in_cast ) { - - // Skip to the end of a function call if it has been casted to a safe value. - $i = $tokens[ $i ]['parenthesis_closer']; - $in_cast = false; - - } else { - - // Skip over the condition part of a ternary (i.e., to after the ?). - $ternary = $phpcsFile->findNext( T_INLINE_THEN, $i, $tokens[ $i ]['parenthesis_closer'] ); - - if ( $ternary ) { - - $next_paren = $phpcsFile->findNext( T_OPEN_PARENTHESIS, $i, $tokens[ $i ]['parenthesis_closer'] ); - - // We only do it if the ternary isn't within a subset of parentheses. - if ( ! $next_paren || $ternary > $tokens[ $next_paren ]['parenthesis_closer'] ) { - $i = $ternary; - } - } - } - - continue; - } - - // Handle arrays for those functions that accept them. - if ( $tokens[ $i ]['code'] === T_ARRAY ) { - $i++; // Skip the opening parenthesis. - continue; - } - - if ( in_array( $tokens[ $i ]['code'], array( T_DOUBLE_ARROW, T_CLOSE_PARENTHESIS ) ) ) { - continue; - } - - // Handle magic constants for debug functions. - if ( in_array( $tokens[ $i ]['code'], array( T_METHOD_C, T_FUNC_C, T_FILE, T_CLASS_C ) ) ) { - continue; - } - - // Wake up on concatenation characters, another part to check - if ( in_array( $tokens[$i]['code'], array( T_STRING_CONCAT ) ) ) { - $watch = true; - continue; - } - - // Wake up after a ternary else (:). - if ( $ternary && in_array( $tokens[$i]['code'], array( T_INLINE_ELSE ) ) ) { - $watch = true; - continue; - } - - // Wake up for commas. - if ( $tokens[ $i ]['code'] === T_COMMA ) { - $in_cast = false; - $watch = true; - continue; - } - - if ( $watch === false ) - continue; - - // Allow T_CONSTANT_ENCAPSED_STRING eg: echo 'Some String'; - // Also T_LNUMBER, e.g.: echo 45; exit -1; - if ( in_array( $tokens[$i]['code'], array( T_CONSTANT_ENCAPSED_STRING, T_LNUMBER, T_MINUS ) ) ) { - continue; - } - - $watch = false; - - // Allow int/double/bool casted variables - if ( in_array( $tokens[$i]['code'], array( T_INT_CAST, T_DOUBLE_CAST, T_BOOL_CAST ) ) ) { - $in_cast = true; - continue; - } - - // Now check that next token is a function call. - if ( T_STRING === $this->tokens[ $i ]['code'] ) { - - $functionName = $this->tokens[ $i ]['content']; - $is_formatting_function = isset( self::$formattingFunctions[ $functionName ] ); - - // Skip pointer to after the function. - if ( $_pos = $this->phpcsFile->findNext( array( T_OPEN_PARENTHESIS ), $i, null, null, null, true ) ) { - - // If this is a formatting function we just skip over the opening - // parenthesis. Otherwise we skip all the way to the closing. - if ( $is_formatting_function ) { - $i = $_pos + 1; - $watch = true; - } else { - $i = $this->tokens[ $_pos ]['parenthesis_closer']; - } - } - - // If this is a safe function, we don't flag it. - if ( - $is_formatting_function - || isset( self::$autoEscapedFunctions[ $functionName ] ) - || isset( self::$escapingFunctions[ $functionName ] ) - ) { - continue; - } - } - - $this->phpcsFile->addWarning( - "Expected next thing to be an escaping function (see Codex for 'Data Validation'), not '%s'", - $i, - 'OutputNotEscaped', - array( $this->tokens[ $i ]['content'] ) - ); - } - - return $end_of_statement; - - }//end process() - -}//end class diff --git a/StellarWP/ruleset.xml b/StellarWP/ruleset.xml deleted file mode 100644 index d11e967..0000000 --- a/StellarWP/ruleset.xml +++ /dev/null @@ -1,95 +0,0 @@ - - - The StellarWP coding standards. - - - - */tests/* - - - - - - - - - - - - - - */tests/* - - - - - - - - - - - - - - - - - - - - - - - */tests/* - - - - - - - - - - - - - - - - - - - - src/Test.php - - - - - - - - - - - - - - - - - - - - - - - - */tests/_support/_generated/* - - - */tests/**/_snapshots/* - - - */vendor/* - diff --git a/TEC b/TEC deleted file mode 120000 index a1bec5a..0000000 --- a/TEC +++ /dev/null @@ -1 +0,0 @@ -StellarWP \ No newline at end of file diff --git a/TribalScents b/TribalScents deleted file mode 120000 index 204ad9d..0000000 --- a/TribalScents +++ /dev/null @@ -1 +0,0 @@ -TEC \ No newline at end of file diff --git a/bin/make-php-cs-fixer-config b/bin/make-php-cs-fixer-config new file mode 100755 index 0000000..63248a9 --- /dev/null +++ b/bin/make-php-cs-fixer-config @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +root_dir="$(cd "$(dirname "$0")/../" || exit 2; pwd -P)" +src="${root_dir}/stubs/php-cs-fixer.php" +destination="${PWD}/.php-cs-fixer.dist.php" + +if [[ -f "$destination" ]]; then + echo -e "\033[0;33mDestination file ${destination} already exists!\033[0;0m" + exit 1 +fi + +cp "$src" "$destination" \ + && echo -e "\033[0;32mCopied template to ${destination}!\033[0;0m" diff --git a/bin/make-phpcs-config b/bin/make-phpcs-config new file mode 100755 index 0000000..2f055da --- /dev/null +++ b/bin/make-phpcs-config @@ -0,0 +1,13 @@ +#!/usr/bin/env bash + +root_dir="$(cd "$(dirname "$0")/../" || exit 2; pwd -P)" +src="${root_dir}/stubs/phpcs.xml" +destination="${PWD}/.phpcs.xml.dist" + +if [[ -f "$destination" ]]; then + echo -e "\033[0;33mDestination file ${destination} already exists!\033[0;0m" + exit 1 +fi + +cp "$src" "$destination" \ + && echo -e "\033[0;32mCopied template to ${destination}!\033[0;0m" diff --git a/bin/phpcs b/bin/phpcs deleted file mode 100755 index 5fe70f9..0000000 --- a/bin/phpcs +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash -# -# Run PHPCS against VIP Coding Standards. -# -# This ensures that the code in the Sniffs and Tests follow the rules -# defined in the custom ruleset for this repo, `.phpcs.xml.dist`. -# -# EXAMPLE TO RUN LOCALLY: -# -# ./bin/phpcs - -"$(pwd)/vendor/bin/phpcs" diff --git a/composer.json b/composer.json index f3c0ebb..92fc13f 100644 --- a/composer.json +++ b/composer.json @@ -1,56 +1,43 @@ { "name": "stellarwp/coding-standards", - "description": "Code sniffing rules for StellarWP", - "type": "phpcodesniffer-standard", - "license": "GPL-3.0+", - "keywords": [ - "phpcs", - "standards", - "WordPress" - ], + "description": "Centralized coding standards for StellarWP packages", + "type" : "phpcodesniffer-standard", + "license": "MIT", "authors": [ { "name": "StellarWP", - "email": "vendors@stellarwp.com" - }, - { - "name": "Matthew Batchelder", - "email": "borkweb@gmail.com" + "homepage": "https://stellarwp.com" } ], - "require": { - "automattic/vipwpcs": "^3.0", - "php": ">=7.4", - "slevomat/coding-standard": "^8.14.0", - "squizlabs/php_codesniffer": "^3.8.0", - "wp-coding-standards/wpcs": "^3.0.0" + "support": { + "issues": "https://github.com/stellarwp/coding-standards/issues", + "source": "https://github.com/stellarwp/coding-standards" }, - "require-dev": { + "minimum-stability": "stable", + "require": { + "php": "^5.6 | ^7.0 | ^8.0", "dealerdirect/phpcodesniffer-composer-installer": "*", - "phpcompatibility/php-compatibility": "^9" + "friendsofphp/php-cs-fixer": "^3.5", + "phpcompatibility/phpcompatibility-wp": "^2.1", + "wp-coding-standards/wpcs": "^2.3" }, - "suggest": { - "dealerdirect/phpcodesniffer-composer-installer": "^0.7 || This Composer plugin will sort out the PHPCS 'installed_paths' automatically." + "require-dev": { + "assertwell/shellcheck": "^1.0" }, + "bin": [ + "bin/make-php-cs-fixer-config", + "bin/make-phpcs-config" + ], "scripts": { - "install-codestandards": "Dealerdirect\\Composer\\Plugin\\Installers\\PHPCodeSniffer\\Plugin::run", - "ruleset": "bin/ruleset-tests", - "lint": [ - "bin/php-lint", - "bin/xml-lint" - ], - "phpcs": "bin/phpcs", - "phpunit": "bin/unit-tests", "test": [ - "@lint", - "@ruleset", - "@phpunit", - "@phpcs" + "phpcs --standard=./stubs/phpcs.xml --cache src/ stubs/", + "php-cs-fixer fix --config=./src/php-cs-fixer.php -v --diff --dry-run", + "vendor/bin/shellcheck bin/*" ] }, - "minimum-stability": "dev", - "prefer-stable": true, "config": { + "preferred-install": "dist", + "sort-packages": true, "allow-plugins": { "dealerdirect/phpcodesniffer-composer-installer": true } diff --git a/find-deprecated-wp-functions.php b/find-deprecated-wp-functions.php deleted file mode 100644 index a69d0b9..0000000 --- a/find-deprecated-wp-functions.php +++ /dev/null @@ -1,54 +0,0 @@ - $good ) -{ - $good = str_replace( '$', '\$', $good ); - if ( $good ) - { - echo "\"{$bad}\" => \"{$good}\",\n"; - }//end if - else - { - echo "\"{$bad}\" => null,\n"; - }//end else -}//end foreach diff --git a/license.txt b/license.txt deleted file mode 100644 index 77ea22f..0000000 --- a/license.txt +++ /dev/null @@ -1,24 +0,0 @@ -Copyright (c) 2015, The Events Calendar -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - * Neither the name of The Events Calendar nor the - names of its contributors may be used to endorse or promote products - derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/MAD/ruleset.xml b/src/StellarWP/ruleset.xml similarity index 97% rename from MAD/ruleset.xml rename to src/StellarWP/ruleset.xml index e1dc1de..255f634 100644 --- a/MAD/ruleset.xml +++ b/src/StellarWP/ruleset.xml @@ -1,6 +1,6 @@ - - Coding standards for MAD packages. + + Coding standards for StellarWP packages. diff --git a/src/php-cs-fixer.php b/src/php-cs-fixer.php new file mode 100644 index 0000000..e6cbed2 --- /dev/null +++ b/src/php-cs-fixer.php @@ -0,0 +1,81 @@ +exclude('node_modules') + ->in(getcwd()); + +return (new PhpCsFixer\Config()) + ->setFinder($finder) + ->setRules([ + '@PSR12' => true, + 'align_multiline_comment' => true, + 'array_indentation' => true, + 'class_definition' => [ + 'space_before_parenthesis' => true, + ], + 'comment_to_phpdoc' => false, + 'compact_nullable_typehint' => true, + 'concat_space' => [ + 'spacing' => 'one', + ], + 'declare_equal_normalize' => [ + 'space' => 'single', + ], + 'dir_constant' => true, + 'ereg_to_preg' => true, + 'function_typehint_space' => true, + 'include' => true, + 'increment_style' => [ + 'style' => 'post', + ], + 'is_null' => true, + 'linebreak_after_opening_tag' => true, + 'lowercase_cast' => true, + 'mb_str_functions' => true, + // This rule can cause issues with mixed PHP and HTML in templates. + 'method_argument_space' => false, + 'multiline_comment_opening_closing' => true, + 'native_function_casing' => true, + 'no_blank_lines_after_class_opening' => true, + 'no_empty_comment' => true, + 'no_empty_phpdoc' => true, + 'no_empty_statement' => true, + 'no_extra_blank_lines' => true, + 'no_leading_import_slash' => true, + 'no_leading_namespace_whitespace' => true, + 'no_mixed_echo_print' => [ + 'use' => 'echo', + ], + 'no_null_property_initialization' => true, + 'no_superfluous_elseif' => true, + 'no_trailing_comma_in_singleline_array' => true, + 'no_unused_imports' => true, + 'no_useless_else' => true, + 'no_useless_return' => true, + 'no_whitespace_in_blank_line' => true, + 'not_operator_with_successor_space' => true, + 'ordered_imports' => [ + 'sort_algorithm' => 'alpha', + 'imports_order' => ['class', 'function', 'const'], + ], + 'psr_autoloading' => true, + 'single_quote' => [ + 'strings_containing_single_quote_chars' => false, + ], + 'standardize_not_equals' => true, + 'strict_comparison' => true, + 'ternary_operator_spaces' => true, + 'visibility_required' => [ + 'elements' => ['method', 'property'], + ], + 'whitespace_after_comma_in_array' => true, + 'yoda_style' => true, + ]) + ->setRiskyAllowed(true) + ->setHideProgress(false); diff --git a/stubs/php-cs-fixer.php b/stubs/php-cs-fixer.php new file mode 100644 index 0000000..c473cb0 --- /dev/null +++ b/stubs/php-cs-fixer.php @@ -0,0 +1,38 @@ +getFinder() + * ->path('my-plugin.php'); + * + * @link https://symfony.com/doc/current/components/finder.html + */ + +/* + * Need to adjust the rules? Merge your overrides with the defaults! + * + * $config->setRules(array_merge($config->getRules(), [ + * // Your rules go here. + * ])); + * + * @link https://cs.symfony.com/doc/rules/index.html + */ + +/* + * IMPORTANT: the $config object must be returned from this file! + */ +return $config;