Merge pull request #89 from wp-blocks/beta3

Some missing stuff
wp-blocks · Jan 7, 2024 · a1355ee · a1355ee
2 parents 24f68b7 + 7362520
commit a1355ee
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 21 deletions.
diff --git a/admin/CF7_AntiSpam_Admin_Core.php b/admin/CF7_AntiSpam_Admin_Core.php
@@ -128,7 +128,7 @@ public function cf7a_display_notices() {
 		/* It checks if the settings have been updated, and if so, it displays a success message. */
 		$settings_updated = isset( $_REQUEST['settings-updated'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['settings-updated'] ) ) : false;
 		if ( 'true' === $settings_updated ) {
-			CF7_AntiSpam_Admin_Tools::cf7a_push_notice( __( 'Antispam setting updated with success', 'cf7-antispam' ), 'success' );
+			CF7_AntiSpam_Admin_Tools::cf7a_push_notice( esc_html__( 'Antispam setting updated with success', 'cf7-antispam' ), 'success' );
 		}
 
 		/* if there is a notice stored, print it then delete the transient */

diff --git a/admin/CF7_AntiSpam_Admin_Customizations.php b/admin/CF7_AntiSpam_Admin_Customizations.php
@@ -846,7 +846,7 @@ public function cf7a_print_honeyform() {
 	/** It prints the user protection info text */
 	public function cf7a_print_mailbox_protection() {
 		$expire = apply_filters( 'cf7a_resend_timeout', 5 );
-		printf( '<p>%s</p><p>%s%s</p>', esc_html__( 'When activated, this feature prevents consecutive email deliveries to the user\'s mailbox by imposing delay between each message.', 'cf7-antispam' ), $expire, __( ' seconds has been set as the resend timeout, check the documentation if you want to change it', 'cf7-antispam' ) );
+		printf( '<p>%s</p><p>%s%s</p>', esc_html__( 'When activated, this feature prevents consecutive email deliveries to the user\'s mailbox by imposing delay between each message.', 'cf7-antispam' ), esc_html( $expire ), esc_html__( ' seconds has been set as the resend timeout, check the documentation if you want to change it', 'cf7-antispam' ) );
 	}
 
 	/** It prints the user protection info text */
@@ -1552,10 +1552,10 @@ public function cf7a_honeyform_excluded_pages_callback() {
 							  </div>
 						 </div>
 					 </div>',
-			$options,
-			__( 'Add', 'cf7-antispam' ),
-			$str_excluded,
-			__( 'Remove', 'cf7-antispam' )
+			esc_html( $options ),
+			esc_html__( 'Add', 'cf7-antispam' ),
+			esc_html( $str_excluded ),
+			esc_html__( 'Remove', 'cf7-antispam' )
 		);
 	}
 

diff --git a/composer.json b/composer.json
@@ -31,7 +31,8 @@
 	"l3u/b8": "*"
   },
   "scripts": {
-	"PHPCS": "vendor/bin/phpcbf --standard=phpcs.ruleset.xml -s --report=full,summary,source",
+	"PHPCS": "vendor/bin/phpcs --standard=phpcs.ruleset.xml -s --report=full,summary,source",
+	"PHPCBF": "vendor/bin/phpcbf --standard=.phpcs.xml.dist --report=summary",
 	"test": "vendor/bin/phpunit -c phpunit.xml.dist",
 	"test-multisite": "WP_MULTISITE=1 vendor/bin/phpunit -c tests/multisite.xml --verbose"
   },

diff --git a/composer.lock b/composer.lock
diff --git a/core/CF7_AntiSpam_Frontend.php b/core/CF7_AntiSpam_Frontend.php
@@ -277,7 +277,8 @@ function generateHash( $length = 12 ) {
 		$hash       = '';
 
 		for ( $i = 0; $i < $length; $i++ ) {
-			$randIndex = random_int( 0, strlen( $characters ) - 1 );
+			// TODO: after upgrade to PHP>7.x, use random_int()
+			$randIndex = rand( 0, strlen( $characters ) - 1 );
 			$hash     .= $characters[ $randIndex ];
 		}
 
@@ -491,7 +492,12 @@ public function enqueue_scripts() {
 	public function cf7a_check_resend( $cf7, &$abort, $submission ) {
 
 		// Get the hash from the form data if it exists
-		$hash = sanitize_text_field( preg_replace( '/[^A-Za-z0-9 ]/', '', $_POST['_cf7a_hash'] ) );
+		$raw_hash = ! empty( $_POST['_cf7a_hash'] ) ? sanitize_text_field( $_POST['_cf7a_hash'] ) : false;
+		if ( ! $raw_hash ) {
+			return;
+		}
+
+		$hash = sanitize_text_field( preg_replace( '/[^A-Za-z0-9 ]/', '', $raw_hash ) );
 		// get the expiration time
 		$expire = apply_filters( 'cf7a_resend_timeout', 5 );
 

diff --git a/core/CF7_Antispam_Service.php b/core/CF7_Antispam_Service.php
@@ -246,13 +246,13 @@ public function display( $action = '' ) {
 		}
 
 		// Get the current checkbox status from the options
-		$checked = ! empty( $this->options['cf7a_enable'] ) ? 'Disable' : 'Enable';
+		$checked = ! empty( $this->options['cf7a_enable'] );
 		// Display the form
 		echo '<div class="wrap">';
 		echo '<form method="post" action="">';
-		echo '<input type="submit" name="cf7a_submit" class="button button-primary" value="' . $checked . '">';
-		if ( ! empty( $this->options['cf7a_enable'] ) ) {
-			echo '<a class="button" href="' . $_SERVER['PHP_SELF'] . '?page=cf7-antispam">Settings Page</a>';
+		echo '<input type="submit" name="cf7a_submit" class="button button-primary" value="' . $checked ? 'Disable' : 'Enable' . '">';
+		if ( $checked ) {
+			echo '<a class="button" href="' . esc_url_raw( admin_url( 'admin.php?page=cf7-antispam' ) ) . '">Settings Page</a>';
 		}
 		echo '</form>';
 		echo '</div>';

diff --git a/engine/CF7_AntiSpam_Updater.php b/engine/CF7_AntiSpam_Updater.php
@@ -50,7 +50,6 @@ public function may_do_updates() {
 	 * @return void|mixed
 	 */
 	public function update_db_procedure_to_0_6_0() {
-
 		if ( array_key_exists( 'languages', $this->current_options ) ) {
 			$this->current_options['cf7a_version']                    = $this->hc_version;
 			$this->current_options['languages_locales']['allowed']    = $this->current_options['languages']['allowed'];