From fb010f37fe040ad527734472f24062db04bf8f94 Mon Sep 17 00:00:00 2001
From: Erik Golinelli <erik@codekraft.it>
Date: Fri, 26 Jan 2024 19:43:23 +0100
Subject: [PATCH] linting / wpcs

---
 admin/CF7_AntiSpam_Admin_Customizations.php |  5 +--
 admin/CF7_AntiSpam_Admin_Display.php        |  2 +-
 composer.lock                               | 47 +++++++++++----------
 core/CF7_AntiSpam_Filters.php               | 12 +++---
 core/CF7_AntiSpam_Flamingo.php              |  4 +-
 core/CF7_AntiSpam_Frontend.php              |  4 +-
 core/CF7_Antispam_Service.php               | 10 ++---
 7 files changed, 43 insertions(+), 41 deletions(-)

diff --git a/admin/CF7_AntiSpam_Admin_Customizations.php b/admin/CF7_AntiSpam_Admin_Customizations.php
index 9c2f25d..743ad3c 100644
--- a/admin/CF7_AntiSpam_Admin_Customizations.php
+++ b/admin/CF7_AntiSpam_Admin_Customizations.php
@@ -1050,9 +1050,9 @@ private function cf7a_clean_recursive( $json_data ) {
 	public function cf7a_sanitize_options( $input ) {
 		/* get the import options */
 		$new_input   = $this->options;
-		$import_data = isset( $_POST['to-import'] ) ? $_POST['to-import'] : false;
+		$import_data = isset( $_POST['to-import'] ) ? sanitize_text_field( $_POST['to-import'] ) : false;
 		if ( ! empty( $import_data ) ) {
-			$json_data = json_decode( wp_unslash( $_POST['to-import'] ) );
+			$json_data = json_decode( wp_unslash( $import_data ) );
 			$input     = $this->cf7a_clean_recursive( $json_data );
 			// monkey pathing arrays that needs to be imploded
 			$input['bad_ip_list']                     = implode( ',', $input['bad_ip_list'] );
@@ -1068,7 +1068,6 @@ public function cf7a_sanitize_options( $input ) {
 			$input['cf7a_enable']                     = 1;
 			$input['cf7a_version']                    = CF7ANTISPAM_VERSION;
 		}
-		error_log( print_r( $input, true ) );
 
 		$new_input['cf7a_enabled'] = isset( $input['cf7a_enabled'] ) ? 1 : 0;
 
diff --git a/admin/CF7_AntiSpam_Admin_Display.php b/admin/CF7_AntiSpam_Admin_Display.php
index f8a332e..ea051be 100644
--- a/admin/CF7_AntiSpam_Admin_Display.php
+++ b/admin/CF7_AntiSpam_Admin_Display.php
@@ -196,7 +196,7 @@ private function cf7a_export_options() {
 		?>
 		<div id="cf7a_export_import" class="cf7-antispam card">
 			<h3><?php esc_html_e( 'Export/Import Options', 'cf7-antispam' ); ?></h3>
-			<form id="import-export-options" method="post" action="<?php echo admin_url( 'options.php' ); ?>">
+			<form id="import-export-options" method="post" action="<?php echo esc_url( admin_url( 'options.php' ) ); ?>">
 				<?php
 				$option_group = 'cf7_antispam_options';
 				wp_nonce_field( "$option_group-options" );
diff --git a/composer.lock b/composer.lock
index 27b9069..37f26d2 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "fb13b92ba8c92b03aeb5c49e221f385a",
+    "content-hash": "3e7338049a31dbce7667fad9e96e54a2",
     "packages": [
         {
             "name": "composer/ca-bundle",
@@ -678,16 +678,16 @@
         },
         {
             "name": "friendsofphp/php-cs-fixer",
-            "version": "v3.46.0",
+            "version": "v3.48.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer.git",
-                "reference": "be6831c9af1740470d2a773119b9273f8ac1c3d2"
+                "reference": "a92472c6fb66349de25211f31c77eceae3df024e"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/be6831c9af1740470d2a773119b9273f8ac1c3d2",
-                "reference": "be6831c9af1740470d2a773119b9273f8ac1c3d2",
+                "url": "https://api.github.com/repos/PHP-CS-Fixer/PHP-CS-Fixer/zipball/a92472c6fb66349de25211f31c77eceae3df024e",
+                "reference": "a92472c6fb66349de25211f31c77eceae3df024e",
                 "shasum": ""
             },
             "require": {
@@ -757,7 +757,7 @@
             ],
             "support": {
                 "issues": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/issues",
-                "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.46.0"
+                "source": "https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/tree/v3.48.0"
             },
             "funding": [
                 {
@@ -765,7 +765,7 @@
                     "type": "github"
                 }
             ],
-            "time": "2024-01-03T21:38:46+00:00"
+            "time": "2024-01-19T21:44:39+00:00"
         },
         {
             "name": "myclabs/deep-copy",
@@ -1490,16 +1490,16 @@
         },
         {
             "name": "phpunit/phpunit",
-            "version": "9.6.15",
+            "version": "9.6.16",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/phpunit.git",
-                "reference": "05017b80304e0eb3f31d90194a563fd53a6021f1"
+                "reference": "3767b2c56ce02d01e3491046f33466a1ae60a37f"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/05017b80304e0eb3f31d90194a563fd53a6021f1",
-                "reference": "05017b80304e0eb3f31d90194a563fd53a6021f1",
+                "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/3767b2c56ce02d01e3491046f33466a1ae60a37f",
+                "reference": "3767b2c56ce02d01e3491046f33466a1ae60a37f",
                 "shasum": ""
             },
             "require": {
@@ -1573,7 +1573,7 @@
             "support": {
                 "issues": "https://github.com/sebastianbergmann/phpunit/issues",
                 "security": "https://github.com/sebastianbergmann/phpunit/security/policy",
-                "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.15"
+                "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.16"
             },
             "funding": [
                 {
@@ -1589,7 +1589,7 @@
                     "type": "tidelift"
                 }
             ],
-            "time": "2023-12-01T16:55:19+00:00"
+            "time": "2024-01-19T07:03:14+00:00"
         },
         {
             "name": "psr/container",
@@ -2763,16 +2763,16 @@
         },
         {
             "name": "squizlabs/php_codesniffer",
-            "version": "3.8.0",
+            "version": "3.8.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/PHPCSStandards/PHP_CodeSniffer.git",
-                "reference": "5805f7a4e4958dbb5e944ef1e6edae0a303765e7"
+                "reference": "14f5fff1e64118595db5408e946f3a22c75807f7"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/5805f7a4e4958dbb5e944ef1e6edae0a303765e7",
-                "reference": "5805f7a4e4958dbb5e944ef1e6edae0a303765e7",
+                "url": "https://api.github.com/repos/PHPCSStandards/PHP_CodeSniffer/zipball/14f5fff1e64118595db5408e946f3a22c75807f7",
+                "reference": "14f5fff1e64118595db5408e946f3a22c75807f7",
                 "shasum": ""
             },
             "require": {
@@ -2782,11 +2782,11 @@
                 "php": ">=5.4.0"
             },
             "require-dev": {
-                "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0 || ^8.0 || ^9.0"
+                "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0 || ^8.0 || ^9.3.4"
             },
             "bin": [
-                "bin/phpcs",
-                "bin/phpcbf"
+                "bin/phpcbf",
+                "bin/phpcs"
             ],
             "type": "library",
             "extra": {
@@ -2839,7 +2839,7 @@
                     "type": "open_collective"
                 }
             ],
-            "time": "2023-12-08T12:32:31+00:00"
+            "time": "2024-01-11T20:47:48+00:00"
         },
         {
             "name": "symfony/console",
@@ -4446,7 +4446,10 @@
     "stability-flags": [],
     "prefer-stable": true,
     "prefer-lowest": false,
-    "platform": [],
+    "platform": {
+        "ext-json": "*",
+        "ext-openssl": "*"
+    },
     "platform-dev": {
         "php": ">=7.4",
         "ext-dom": "*",
diff --git a/core/CF7_AntiSpam_Filters.php b/core/CF7_AntiSpam_Filters.php
index 84ba6fd..648889d 100644
--- a/core/CF7_AntiSpam_Filters.php
+++ b/core/CF7_AntiSpam_Filters.php
@@ -244,15 +244,15 @@ public function cf7a_cron_unban() {
 	public function cf7a_check_length_exclusive( $el, $n ) {
 		if ( strlen( $el ) >= 5 ) {
 			$l = explode( '-', $el );
-			if ( $n == 0 ) {
+			if ( 0 == $n ) {
 				return strtolower( $l[0] );
-			} elseif ( $n == 1 ) {
+			} elseif ( 1 == $n ) {
 				return strtoupper( $l[1] );
 			}
 		} elseif ( strlen( $el ) === 2 && ctype_alpha( $el ) ) {
-			if ( $n == 0 && ctype_lower( $el ) ) {
+			if ( 0 == $n && ctype_lower( $el ) ) {
 				return $el;
-			} elseif ( $n == 1 && ctype_upper( $el ) ) {
+			} elseif ( 1 == $n && ctype_upper( $el ) ) {
 				return $el;
 			}
 		}
@@ -270,9 +270,9 @@ public function cf7a_check_length_exclusive( $el, $n ) {
 	public function cf7a_get_languages_or_locales( $option, $key ) {
 		$languages = array();
 		foreach ( $option as $item ) {
-			if ( $key == 'languages' ) {
+			if ( 'languages' === $key ) {
 				$l = $this->cf7a_check_length_exclusive( $item, 0 );
-			} elseif ( $key == 'locales' ) {
+			} elseif ( 'locales' === $key ) {
 				$l = $this->cf7a_check_length_exclusive( $item, 1 );
 			}
 			if ( ! empty( $l ) ) {
diff --git a/core/CF7_AntiSpam_Flamingo.php b/core/CF7_AntiSpam_Flamingo.php
index 1d80bd0..7f62153 100644
--- a/core/CF7_AntiSpam_Flamingo.php
+++ b/core/CF7_AntiSpam_Flamingo.php
@@ -241,9 +241,9 @@ public function cf7a_resend_mail( $mail_id ) {
 		$recipient  = $form_props['mail']['recipient'];
 		if ( $form_props['mail']['recipient'] || ! empty( $flamingo_data->meta['recipient'] ) ) {
 			if ( ! filter_var( $recipient, FILTER_VALIDATE_EMAIL ) || ! empty( $recipient ) ) {
-				if ( $recipient === '[_site_admin_email]' ) {
+				if ( '[_site_admin_email]' === $recipient ) {
 					$recipient = $flamingo_data->meta['site_admin_email'];
-				} elseif ( $recipient === '[_post_author]' ) {
+				} elseif ( '[_post_author]' === $recipient ) {
 					$recipient = get_option( 'post_author_email' ); // check this, not sure 🤔
 				} else {
 					$recipient = get_option( 'admin_email' );
diff --git a/core/CF7_AntiSpam_Frontend.php b/core/CF7_AntiSpam_Frontend.php
index 44751ea..7f64a4f 100644
--- a/core/CF7_AntiSpam_Frontend.php
+++ b/core/CF7_AntiSpam_Frontend.php
@@ -277,8 +277,8 @@ function generateHash( $length = 12 ) {
 
 		for ( $i = 0; $i < $length; $i++ ) {
 			// TODO: after upgrade to PHP>7.x, use random_int()
-			$randIndex = rand( 0, strlen( $characters ) - 1 );
-			$hash     .= $characters[ $randIndex ];
+			$rand_index = wp_rand( 0, strlen( $characters ) - 1 );
+			$hash      .= $characters[ $rand_index ];
 		}
 
 		return $hash;
diff --git a/core/CF7_Antispam_Service.php b/core/CF7_Antispam_Service.php
index 1acf4f8..5ad5c76 100644
--- a/core/CF7_Antispam_Service.php
+++ b/core/CF7_Antispam_Service.php
@@ -202,9 +202,6 @@ public function load( $action = '' ) {
 	/**
 	 * The `display` function is used to display information about the Antispam plugin and provide options for
 	 * setup integration.
-	 *
-	 * @param string The "action" parameter is used to determine the specific action to be performed in the
-	 * "display" function. It is a string that can have two possible values:
 	 */
 	public function display( $action = '' ) {
 		echo sprintf(
@@ -252,9 +249,12 @@ public function display( $action = '' ) {
 		// Display the form
 		echo '<div class="wrap">';
 		echo '<form method="post" action="">';
-		printf( '<input type="submit" name="cf7a_submit" class="button button-primary" value="%s">', $checked ? __( 'Disable', 'cf7-antispam' ) : __( 'Enable', 'cf7-antispam' ) );
+		printf(
+			'<input type="submit" name="cf7a_submit" class="button button-primary" value="%s">',
+			$checked ? esc_html__( 'Disable', 'cf7-antispam' ) : esc_html__( 'Enable', 'cf7-antispam' )
+		);
 		if ( $checked ) {
-			echo '<a class="button" href="' . esc_url_raw( admin_url( 'admin.php?page=cf7-antispam' ) ) . '">Settings Page</a>';
+			printf( '<a class="button" href="%s">Settings Page</a>', esc_url_raw( admin_url( 'admin.php?page=cf7-antispam' ) ) );
 		}
 		echo '</form>';
 		echo '</div>';