CMB2_Sanitize - Code Metrics - Inspection of "Add validation for radio, select and select_timezo..." - WebDevStudios/CMB2 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — trunk (#578)

by Juliette

created 2016-04-22 11:48 UTC

CMB2_Sanitize D

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	514
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	2

Test Coverage

Coverage

51.43%

Importance

Changes	4
Bugs	1	Features	1

Metric	Value
wmc	97
c	4
b	1
f	1
lcom	1
cbo	2
dl	0
loc	514
ccs	108
cts	210
cp	0.5143
rs	4.8717

22 Methods

Rating	Name	Size	Complexity
A	__construct()	4	1
A	__call()	3	1
C	default_sanitization()	52	20
A	checkbox()	3	2
B	colorpicker()	15	7
B	text_email()	14	5
A	text_money()	18	3
A	text_date_timestamp()	5	2
B	text_datetime_timestamp()	22	6
F	text_datetime_timestamp_timezone()	80	14
A	textarea()	3	2
A	textarea_code()	8	2
A	select_timezone()	15	3
A	file()	13	2
A	_get_group_file_value_array()	16	2
B	text_url()	13	5
A	_save_file_id_value()	15	4
A	_save_utc_value()	3	1
A	_new_supporting_field()	6	1
B	_check_repeat()	21	7
A	_is_empty_array()	7	2
B	validate_against_options()	33	5

How to fix Complexity

<?php
/**
 * CMB2 field sanitization
 *
 * @since  0.0.4
 *
 * @category  WordPress_Plugin
 * @package   CMB2
 * @author    WebDevStudios
 * @license   GPL-2.0+
 * @link      http://webdevstudios.com
 *
 * @method string _id()
 */
class CMB2_Sanitize {
namespace YourVendor;

class YourClass { }

	/**
	 * A CMB field object
	 * @var CMB2_Field object
	 */
	public $field;

	/**
	 * Field's value
	 * @var mixed
	 */
	public $value;

	/**
	 * Setup our class vars
	 * @since 1.1.0
	 * @param CMB2_Field $field A CMB2 field object
	 * @param mixed      $value Field value
	 */
	public function __construct( CMB2_Field $field, $value ) {
		$this->field = $field;
		$this->value = stripslashes_deep( $value ); // get rid of those evil magic quotes
	}

	/**
	 * Catchall method if field's 'sanitization_cb' is NOT defined, or field type does not have a corresponding validation method
	 * @since  1.0.0
	 * @param  string $name      Non-existent method name
	 * @param  array  $arguments All arguments passed to the method
	 */
	public function __call( $name, $arguments ) {
		return $this->default_sanitization();
	}

	/**
	 * Default fallback sanitization method. Applies filters.
	 * @since  1.0.2
	 */
	public function default_sanitization() {

		/**
		 * This exists for back-compatibility, but validation
		 * is not what happens here.
		 * @deprecated See documentation for "cmb2_sanitize_{$this->type()}".
		 */
		$override_value = apply_filters( "cmb2_validate_{$this->field->type()}", null, $this->value, $this->field->object_id, $this->field->args(), $this );

		if ( null !== $override_value ) {
			return $override_value;
		}

		$sanitized_value = '';
		switch ( $this->field->type() ) {
			case 'wysiwyg':
			case 'textarea_small':
			case 'oembed':
				$sanitized_value = $this->textarea();
				break;
			case 'radio':
			case 'radio_inline':
			case 'select':
				$sanitized_value = $this->validate_against_options();
				break;
			case 'taxonomy_select':
			case 'taxonomy_radio':
			case 'taxonomy_radio_inline':
			case 'taxonomy_multicheck':
			case 'taxonomy_multicheck_inline':
				if ( $this->field->args( 'taxonomy' ) ) {
					wp_set_object_terms( $this->field->object_id, $this->value, $this->field->args( 'taxonomy' ) );
				} else {
					cmb2_utils()->log_if_debug( __METHOD__, __LINE__, "{$this->field->type()} {$this->field->_id()} is missing the 'taxonomy' parameter." );
				}
				break;
			case 'multicheck':
			case 'multicheck_inline':
			case 'file_list':
			case 'group':
				// no filtering
				$sanitized_value = $this->value;
				break;
			default:
				// Handle repeatable fields array
				// We'll fallback to 'sanitize_text_field'
				$sanitized_value = is_array( $this->value ) ? array_map( 'sanitize_text_field', $this->value ) : sanitize_text_field( $this->value );
				break;
		}

		return $this->_is_empty_array( $sanitized_value ) ? '' : $sanitized_value;
	}

	/**
	 * Simple checkbox validation
	 * @since  1.0.1
	 * @return string|false 'on' or false
	 */
	public function checkbox() {
		return $this->value === 'on' ? 'on' : false;
	}

	/**
	 * Validate url in a meta value
	 * @since  1.0.1
	 * @return string        Empty string or escaped url
	 */
	public function text_url() {
		$protocols = $this->field->args( 'protocols' );
		// for repeatable
		if ( is_array( $this->value ) ) {
			foreach ( $this->value as $key => $val ) {
				$this->value[ $key ] = $val ? esc_url_raw( $val, $protocols ) : $this->field->get_default();
			}
		} else {
			$this->value = $this->value ? esc_url_raw( $this->value, $protocols ) : $this->field->get_default();
		}

		return $this->value;
	}

	public function colorpicker() {
		// for repeatable
		if ( is_array( $this->value ) ) {
			$check = $this->value;
			$this->value = array();
			foreach ( $check as $key => $val ) {
				if ( $val && '#' != $val ) {
					$this->value[ $key ] = esc_attr( $val );
				}
			}
		} else {
			$this->value = ! $this->value || '#' == $this->value ? '' : esc_attr( $this->value );
		}
		return $this->value;
	}

	/**
	 * Validate email in a meta value
	 * @since  1.0.1
	 * @return string       Empty string or sanitized email
	 */
	public function text_email() {
		// for repeatable
		if ( is_array( $this->value ) ) {
			foreach ( $this->value as $key => $val ) {
				$val = trim( $val );
				$this->value[ $key ] = is_email( $val ) ? $val : '';
			}
		} else {
			$this->value = trim( $this->value );
			$this->value = is_email( $this->value ) ? $this->value : '';
		}

		return $this->value;
	}

	/**
	 * Validate money in a meta value
	 * @since  1.0.1
	 * @return string       Empty string or sanitized money value
	 */
	public function text_money() {

		global $wp_locale;
function myFunction($a, $b) {
    // Do something
}

		$search = array( $wp_locale->number_format['thousands_sep'], $wp_locale->number_format['decimal_point'] );
		$replace = array( '', '.' );

		// for repeatable
		if ( is_array( $this->value ) ) {
			foreach ( $this->value as $key => $val ) {
				$this->value[ $key ] = number_format_i18n( (float) str_ireplace( $search, $replace, $val ), 2 );
			}
		} else {
			$this->value = number_format_i18n( (float) str_ireplace( $search, $replace, $this->value ), 2 );
		}

		return $this->value;
	}

	/**
	 * Converts text date to timestamp
	 * @since  1.0.2
	 * @return string Timestring
	 */
	public function text_date_timestamp() {
		return is_array( $this->value )
			? array_map( array( $this->field, 'get_timestamp_from_value' ), $this->value )
			: $this->field->get_timestamp_from_value( $this->value );
	}

	/**
	 * Datetime to timestamp
	 * @since  1.0.1
	 * @return string Timestring
	 */
	public function text_datetime_timestamp( $repeat = false ) {

		$test = is_array( $this->value ) ? array_filter( $this->value ) : '';
		if ( empty( $test ) ) {
			return '';
		}

		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
		if ( false !== $repeat_value ) {
			return $repeat_value;
class Author {
    private $name;

    public function __construct($name) {
        $this->name = $name;
    }

    public function getName() {
        return $this->name;
    }
}

abstract class Post {
    public function getAuthor() {
        return 'Johannes';
    }
}

class BlogPost extends Post {
    public function getAuthor() {
        return new Author('Johannes');
    }
}

class ForumPost extends Post { /* ... */ }

function my_function(Post $post) {
    echo strtoupper($post->getAuthor());
}
		}

		if ( isset( $this->value['date'], $this->value['time'] ) ) {
			$this->value = $this->field->get_timestamp_from_value( $this->value['date'] . ' ' . $this->value['time'] );
		}

		if ( $tz_offset = $this->field->field_timezone_offset() ) {
			$this->value += (int) $tz_offset;
		}

		return $this->value;
	}

	/**
	 * Datetime to timestamp with timezone
	 * @since  1.0.1
	 * @return string       Timestring
	 */
	public function text_datetime_timestamp_timezone( $repeat = false ) {
		static $utc_values = array();

		$test = is_array( $this->value ) ? array_filter( $this->value ) : '';
		if ( empty( $test ) ) {
			return '';
		}

		$utc_key = $this->field->_id() . '_utc';

		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
		if ( false !== $repeat_value ) {
			if ( ! empty( $utc_values[ $utc_key ] ) ) {
				$this->_save_utc_value( $utc_key, $utc_values[ $utc_key ] );
				unset( $utc_values[ $utc_key ] );
			}

			return $repeat_value;
		}

		$tzstring = null;

		if ( is_array( $this->value ) && array_key_exists( 'timezone', $this->value ) ) {
			$tzstring = $this->value['timezone'];
		}

		if ( empty( $tzstring ) ) {
			$tzstring = cmb2_utils()->timezone_string();
		}

		$offset = cmb2_utils()->timezone_offset( $tzstring );

		if ( 'UTC' === substr( $tzstring, 0, 3 ) ) {
			$tzstring = timezone_name_from_abbr( '', $offset, 0 );
			/*
			 * timezone_name_from_abbr() returns false if not found based on offset.
			 * Since there are currently some invalid timezones in wp_timezone_dropdown(),
			 * fallback to an offset of 0 (UTC+0)
			 * https://core.trac.wordpress.org/ticket/29205
			 */
			$tzstring = false !== $tzstring ? $tzstring : timezone_name_from_abbr( '', 0, 0 );
		}

		$full_format = $this->field->args['date_format'] . ' ' . $this->field->args['time_format'];
		$full_date   = $this->value['date'] . ' ' . $this->value['time'];

		try {

			$datetime = date_create_from_format( $full_format, $full_date );

			if ( ! is_object( $datetime ) ) {
				$this->value = $utc_stamp = '';
			} else {
				$timestamp   = $datetime->setTimezone( new DateTimeZone( $tzstring ) )->getTimestamp();
				$utc_stamp   = $timestamp - $offset;
				$this->value = serialize( $datetime );
			}

			if ( $this->field->group ) {
				$this->value = array(
					'supporting_field_value' => $utc_stamp,
					'supporting_field_id'    => $utc_key,
					'value'                  => $this->value,
				);
			} else {
				// Save the utc timestamp supporting field
				if ( $repeat ) {
					$utc_values[ $utc_key ][] = $utc_stamp;
				} else {
					$this->_save_utc_value( $utc_key, $utc_stamp );
				}
			}

		} catch ( Exception $e ) {
			$this->value = '';
			cmb2_utils()->log_if_debug( __METHOD__, __LINE__, $e->getMessage() );
		}

		return $this->value;
	}

	/**
	 * Sanitize textareas and wysiwyg fields
	 * @since  1.0.1
	 * @return string       Sanitized data
	 */
	public function textarea() {
		return is_array( $this->value ) ? array_map( 'wp_kses_post', $this->value ) : wp_kses_post( $this->value );
	}

	/**
	 * Sanitize code textareas
	 * @since  1.0.2
	 * @return string       Sanitized data
	 */
	public function textarea_code( $repeat = false ) {
		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
		if ( false !== $repeat_value ) {
			return $repeat_value;
		}

		return htmlspecialchars_decode( stripslashes( $this->value ) );
	}

	/**
	 * Validate a timezone against the available options.
	 * @since  2.2.2
	 * @return mixed  Timezone string or false if invalid.
	 */
	public function select_timezone() {
		// Validate against timezone list.
		$timezone = $this->validate_against_options( timezone_identifiers_list() );
		if ( $timezone !== false ) {
			return $timezone;
		}

		// Validate manual UTC offsets.
		if ( preg_match( '`^UTC[+-][0-9]+(?:\.(?:5|75))?$`', $this->value ) === 1 ) {
			return $this->value;
		}

		// Invalid.
		return false;
	}

	/**
	 * Handles saving of attachment post ID and sanitizing file url
	 * @since  1.1.0
	 * @return string        Sanitized url
	 */
	public function file() {
		$file_id_key = $this->field->_id() . '_id';

		if ( $this->field->group ) {
			// Return an array with url/id if saving a group field
			$this->value = $this->_get_group_file_value_array( $file_id_key );
		} else {
			$this->_save_file_id_value( $file_id_key );
			$this->text_url();
		}

		return $this->value;
	}

	/**
	 * Gets the values for the `file` field type from the data being saved.
	 * @since  2.2.0
	 */
	public function _get_group_file_value_array( $id_key ) {
		$alldata = $this->field->group->data_to_save;
		$base_id = $this->field->group->_id();
		$i       = $this->field->group->index;

		// Check group $alldata data
		$id_val  = isset( $alldata[ $base_id ][ $i ][ $id_key ] )
			? absint( $alldata[ $base_id ][ $i ][ $id_key ] )
			: 0;

		return array(
			'value' => $this->text_url(),
			'supporting_field_value' => $id_val,
			'supporting_field_id'    => $id_key,
		);
	}

	/**
	 * Peforms saving of `file` attachement's ID
	 * @since  1.1.0
	 */
	public function _save_file_id_value( $file_id_key ) {
		$id_field = $this->_new_supporting_field( $file_id_key );

		// Check standard data_to_save data
		$id_val = isset( $this->field->data_to_save[ $file_id_key ] )
			? $this->field->data_to_save[ $file_id_key ]
			: null;

		// If there is no ID saved yet, try to get it from the url
		if ( $this->value && ! $id_val ) {
			$id_val = cmb2_utils()->image_id_from_url( $this->value );
		}

		return $id_field->save_field( $id_val );
	}

	/**
	 * Peforms saving of `text_datetime_timestamp_timezone` utc timestamp
	 * @since  2.2.0
	 */
	public function _save_utc_value( $utc_key, $utc_stamp ) {
		return $this->_new_supporting_field( $utc_key )->save_field( $utc_stamp );
	}

	/**
	 * Returns a new, supporting, CMB2_Field object based on a new field id.
	 * @since  2.2.0
	 */
	public function _new_supporting_field( $new_field_id ) {
		return $this->field->get_field_clone( array(
			'id' => $new_field_id,
			'sanitization_cb' => false,
		) );
	}

	/**
	 * If repeating, loop through and re-apply sanitization method
	 * @since  1.1.0
	 * @param  string $method Class method
	 * @param  bool   $repeat Whether repeating or not
	 * @return mixed          Sanitized value
	 */
	public function _check_repeat( $method, $repeat ) {
		if ( $repeat || ! $this->field->args( 'repeatable' ) ) {
			return false;
		}

		$values_array = $this->value;

		$new_value = array();
		foreach ( $values_array as $iterator => $this->value ) {
			if ( $this->value ) {
				$val = $this->$method( true );
				if ( ! empty( $val ) ) {
					$new_value[] = $val;
				}
			}
		}

		$this->value = $new_value;

		return empty( $this->value ) ? null : $this->value;
	}

	/**
	 * Determine if passed value is an empty array
	 * @since  2.0.6
	 * @param  mixed  $to_check Value to check
	 * @return boolean          Whether value is an array that's empty
	 */
	public function _is_empty_array( $to_check ) {
		if ( is_array( $to_check ) ) {
			$cleaned_up = array_filter( $to_check );
			return empty( $cleaned_up );
		}
		return false;
	}

	/**
	 * Validate a value against a set of allowed options.
	 *
	 * @since  2.2.2
	 * @param array    Options to validate against. Defaults to the `options` field argument.
	 * @return mixed   Validated option or false if the value is invalid.
	 *                 The validated option may be empty if `show_option_none` was set to true.
	 */
	protected function validate_against_options( $options = array() ) {
		if ( '' === $this->value ) {
			if ( true === $this->field->args( 'show_option_none' ) ) {
				return $this->value;
			} else {
				return false;
			}
		}

		if ( empty( $options ) ) {
			$options = $this->field->options();
			$options = array_keys( $options );
		}

		/**
		 * Allow for dynamically altering the options array used for validation.
		 *
		 * The dynamic portion of the hook name, $this->field->type(), is the field type
		 * of the current object. This will either be 'radio', 'radio_inline', 'select'
		 * or 'select_timezone'.
		 *
		 * @since  2.2.2
		 * @param array  $options     The options for the field.
		 * @param int    $object_id   The ID of the current object
		 */
		$options = apply_filters( "cmb2_validate_{$this->field->type()}_options", $options, $this->field->object_id );

		if ( in_array( $this->value, $options, true ) ) {
			return $this->value;
		}

		return false;
	}

}


Pull Request — trunk (#578)

CMB2_Sanitize D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

22 Methods

How to fix Complexity

Complex Class

1. Pass all data via parameters

2. Create a class that maintains your state

1		<?php
2		/**
3		* CMB2 field sanitization
4		*
5		* @since 0.0.4
6		*
7		* @category WordPress_Plugin
8		* @package CMB2
9		* @author WebDevStudios
10		* @license GPL-2.0+
11		* @link http://webdevstudios.com
12		*
13		* @method string _id()
14		*/
15		class CMB2_Sanitize {
		0 ignored issues – show Coding Style Compatibility introduced 2015-11-24 04:05 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
16
17		/**
18		* A CMB field object
19		* @var CMB2_Field object
20		*/
21		public $field;
22
23		/**
24		* Field's value
25		* @var mixed
26		*/
27		public $value;
28
29		/**
30		* Setup our class vars
31		* @since 1.1.0
32		* @param CMB2_Field $field A CMB2 field object
33		* @param mixed $value Field value
34		*/
35	9	public function __construct( CMB2_Field $field, $value ) {
36	9	$this->field = $field;
37	9	$this->value = stripslashes_deep( $value ); // get rid of those evil magic quotes
38	9	}
39
40		/**
41		* Catchall method if field's 'sanitization_cb' is NOT defined, or field type does not have a corresponding validation method
42		* @since 1.0.0
43		* @param string $name Non-existent method name
44		* @param array $arguments All arguments passed to the method
45		*/
46	8	public function __call( $name, $arguments ) {
47	8	return $this->default_sanitization();
48		}
49
50		/**
51		* Default fallback sanitization method. Applies filters.
52		* @since 1.0.2
53		*/
54	8	public function default_sanitization() {
55
56		/**
57		* This exists for back-compatibility, but validation
58		* is not what happens here.
59		* @deprecated See documentation for "cmb2_sanitize_{$this->type()}".
60		*/
61	8	$override_value = apply_filters( "cmb2_validate_{$this->field->type()}", null, $this->value, $this->field->object_id, $this->field->args(), $this );
62
63	8	if ( null !== $override_value ) {
64		return $override_value;
65		}
66
67	8	$sanitized_value = '';
68	8	switch ( $this->field->type() ) {
69	8	case 'wysiwyg':
70	8	case 'textarea_small':
71	8	case 'oembed':
72	2	$sanitized_value = $this->textarea();
73	2	break;
74	8	case 'radio':
75	8	case 'radio_inline':
76	8	case 'select':
77	8	$sanitized_value = $this->validate_against_options();
78	8	break;
79		case 'taxonomy_select':
80		case 'taxonomy_radio':
81		case 'taxonomy_radio_inline':
82		case 'taxonomy_multicheck':
83		case 'taxonomy_multicheck_inline':
84		if ( $this->field->args( 'taxonomy' ) ) {
85	8	wp_set_object_terms( $this->field->object_id, $this->value, $this->field->args( 'taxonomy' ) );
86	8	} else {
87	8	cmb2_utils()->log_if_debug( __METHOD__, __LINE__, "{$this->field->type()} {$this->field->_id()} is missing the 'taxonomy' parameter." );
88	8	}
89		break;
90	2	case 'multicheck':
91	2	case 'multicheck_inline':
92	7	case 'file_list':
93		case 'group':
94		// no filtering
95	7	$sanitized_value = $this->value;
96	7	break;
97	8	default:
98		// Handle repeatable fields array
99	8	// We'll fallback to 'sanitize_text_field'
100		$sanitized_value = is_array( $this->value ) ? array_map( 'sanitize_text_field', $this->value ) : sanitize_text_field( $this->value );
101		break;
102		}
103
104		return $this->_is_empty_array( $sanitized_value ) ? '' : $sanitized_value;
105		}
106
107		/**
108		* Simple checkbox validation
109		* @since 1.0.1
110		* @return string\|false 'on' or false
111		*/
112		public function checkbox() {
113		return $this->value === 'on' ? 'on' : false;
114		}
115
116	1	/**
117	1	* Validate url in a meta value
118		* @since 1.0.1
119	1	* @return string Empty string or escaped url
120		*/
121		public function text_url() {
122		$protocols = $this->field->args( 'protocols' );
123		// for repeatable
124	1	if ( is_array( $this->value ) ) {
125		foreach ( $this->value as $key => $val ) {
126		$this->value[ $key ] = $val ? esc_url_raw( $val, $protocols ) : $this->field->get_default();
127	1	}
128		} else {
129		$this->value = $this->value ? esc_url_raw( $this->value, $protocols ) : $this->field->get_default();
130		}
131
132		return $this->value;
133		}
134
135		public function colorpicker() {
136		// for repeatable
137		if ( is_array( $this->value ) ) {
138		$check = $this->value;
139		$this->value = array();
140		foreach ( $check as $key => $val ) {
141		if ( $val && '#' != $val ) {
142		$this->value[ $key ] = esc_attr( $val );
143		}
144		}
145		} else {
146		$this->value = ! $this->value \|\| '#' == $this->value ? '' : esc_attr( $this->value );
147		}
148		return $this->value;
149		}
150
151		/**
152		* Validate email in a meta value
153		* @since 1.0.1
154		* @return string Empty string or sanitized email
155		*/
156		public function text_email() {
157		// for repeatable
158		if ( is_array( $this->value ) ) {
159		foreach ( $this->value as $key => $val ) {
160		$val = trim( $val );
161		$this->value[ $key ] = is_email( $val ) ? $val : '';
162		}
163		} else {
164		$this->value = trim( $this->value );
165		$this->value = is_email( $this->value ) ? $this->value : '';
166		}
167
168		return $this->value;
169		}
170
171		/**
172		* Validate money in a meta value
173		* @since 1.0.1
174		* @return string Empty string or sanitized money value
175		*/
176		public function text_money() {
177
178		global $wp_locale;
		0 ignored issues – show Compatibility Best Practice introduced 2015-11-24 04:05 UTC by Report Bug Copy Issue Report Use of `global` functionality is not recommended; it makes your code harder to test, and less reusable. Instead of relying on `global` state, we recommend one of these alternatives: 1. Pass all data via parameters function myFunction($a, $b) { // Do something } 2. Create a class that maintains your state class MyClass { private $a; private $b; public function __construct($a, $b) { $this->a = $a; $this->b = $b; } public function myFunction() { // Do something } } Loading history...
179
180		$search = array( $wp_locale->number_format['thousands_sep'], $wp_locale->number_format['decimal_point'] );
181		$replace = array( '', '.' );
182
183		// for repeatable
184		if ( is_array( $this->value ) ) {
185		foreach ( $this->value as $key => $val ) {
186		$this->value[ $key ] = number_format_i18n( (float) str_ireplace( $search, $replace, $val ), 2 );
187		}
188		} else {
189		$this->value = number_format_i18n( (float) str_ireplace( $search, $replace, $this->value ), 2 );
190		}
191
192		return $this->value;
193		}
194
195		/**
196		* Converts text date to timestamp
197		* @since 1.0.2
198		* @return string Timestring
199		*/
200		public function text_date_timestamp() {
201		return is_array( $this->value )
202		? array_map( array( $this->field, 'get_timestamp_from_value' ), $this->value )
203		: $this->field->get_timestamp_from_value( $this->value );
204		}
205
206		/**
207		* Datetime to timestamp
208		* @since 1.0.1
209		* @return string Timestring
210		*/
211		public function text_datetime_timestamp( $repeat = false ) {
212
213		$test = is_array( $this->value ) ? array_filter( $this->value ) : '';
214		if ( empty( $test ) ) {
215		return '';
216		}
217
218		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
219		if ( false !== $repeat_value ) {
220		return $repeat_value;
		0 ignored issues – show Bug Best Practice introduced 2015-11-24 04:05 UTC by Report Bug Copy Issue Report The return type of `return $repeat_value;` (`array`) is incompatible with the return type documented by `CMB2_Sanitize::text_datetime_timestamp` of type `string`. If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design. Let’s take a look at an example: class Author { private $name; public function __construct($name) { $this->name = $name; } public function getName() { return $this->name; } } abstract class Post { public function getAuthor() { return 'Johannes'; } } class BlogPost extends Post { public function getAuthor() { return new Author('Johannes'); } } class ForumPost extends Post { /* ... */ } function my_function(Post $post) { echo strtoupper($post->getAuthor()); } Our function `my_function` expects a `Post` object, and outputs the author of the post. The base class `Post` returns a simple string and outputting a simple string will work just fine. However, the child class `BlogPost` which is a sub-type of `Post` instead decided to return an `object`, and is therefore violating the SOLID principles. If a `BlogPost` were passed to `my_function`, PHP would not complain, but ultimately fail when executing the `strtoupper` call in its body. Loading history...
221		}
222
223		if ( isset( $this->value['date'], $this->value['time'] ) ) {
224		$this->value = $this->field->get_timestamp_from_value( $this->value['date'] . ' ' . $this->value['time'] );
225		}
226
227		if ( $tz_offset = $this->field->field_timezone_offset() ) {
228		$this->value += (int) $tz_offset;
229		}
230
231		return $this->value;
232		}
233
234	1	/**
235	1	* Datetime to timestamp with timezone
236		* @since 1.0.1
237	1	* @return string Timestring
238	1	*/
239	1	public function text_datetime_timestamp_timezone( $repeat = false ) {
240		static $utc_values = array();
241
242	1	$test = is_array( $this->value ) ? array_filter( $this->value ) : '';
243		if ( empty( $test ) ) {
244	1	return '';
245	1	}
246	1
247		$utc_key = $this->field->_id() . '_utc';
248
249		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
250		if ( false !== $repeat_value ) {
251	1	if ( ! empty( $utc_values[ $utc_key ] ) ) {
252		$this->_save_utc_value( $utc_key, $utc_values[ $utc_key ] );
253		unset( $utc_values[ $utc_key ] );
254	1	}
255
256	1	return $repeat_value;
257	1	}
258	1
259		$tzstring = null;
260	1
261		if ( is_array( $this->value ) && array_key_exists( 'timezone', $this->value ) ) {
262		$tzstring = $this->value['timezone'];
263		}
264	1
265		if ( empty( $tzstring ) ) {
266	1	$tzstring = cmb2_utils()->timezone_string();
267		}
268
269		$offset = cmb2_utils()->timezone_offset( $tzstring );
270
271		if ( 'UTC' === substr( $tzstring, 0, 3 ) ) {
272		$tzstring = timezone_name_from_abbr( '', $offset, 0 );
273		/*
274		* timezone_name_from_abbr() returns false if not found based on offset.
275		* Since there are currently some invalid timezones in wp_timezone_dropdown(),
276		* fallback to an offset of 0 (UTC+0)
277	1	* https://core.trac.wordpress.org/ticket/29205
278	1	*/
279		$tzstring = false !== $tzstring ? $tzstring : timezone_name_from_abbr( '', 0, 0 );
280		}
281
282	1	$full_format = $this->field->args['date_format'] . ' ' . $this->field->args['time_format'];
283		$full_date = $this->value['date'] . ' ' . $this->value['time'];
284	1
285		try {
286
287	1	$datetime = date_create_from_format( $full_format, $full_date );
288	1
289	1	if ( ! is_object( $datetime ) ) {
290		$this->value = $utc_stamp = '';
291		} else {
292	1	$timestamp = $datetime->setTimezone( new DateTimeZone( $tzstring ) )->getTimestamp();
293	1	$utc_stamp = $timestamp - $offset;
294	1	$this->value = serialize( $datetime );
295	1	}
296	1
297		if ( $this->field->group ) {
298	1	$this->value = array(
299		'supporting_field_value' => $utc_stamp,
300		'supporting_field_id' => $utc_key,
301		'value' => $this->value,
302		);
303		} else {
304		// Save the utc timestamp supporting field
305		if ( $repeat ) {
306		$utc_values[ $utc_key ][] = $utc_stamp;
307	1	} else {
308		$this->_save_utc_value( $utc_key, $utc_stamp );
309		}
310		}
311
312	1	} catch ( Exception $e ) {
313		$this->value = '';
314		cmb2_utils()->log_if_debug( __METHOD__, __LINE__, $e->getMessage() );
315		}
316
317		return $this->value;
318		}
319
320	2	/**
321	2	* Sanitize textareas and wysiwyg fields
322		* @since 1.0.1
323		* @return string Sanitized data
324		*/
325		public function textarea() {
326		return is_array( $this->value ) ? array_map( 'wp_kses_post', $this->value ) : wp_kses_post( $this->value );
327		}
328
329		/**
330		* Sanitize code textareas
331		* @since 1.0.2
332		* @return string Sanitized data
333		*/
334		public function textarea_code( $repeat = false ) {
335		$repeat_value = $this->_check_repeat( __FUNCTION__, $repeat );
336		if ( false !== $repeat_value ) {
337		return $repeat_value;
338		}
339
340		return htmlspecialchars_decode( stripslashes( $this->value ) );
341		}
342
343	1	/**
344	1	* Validate a timezone against the available options.
345		* @since 2.2.2
346	1	* @return mixed Timezone string or false if invalid.
347		*/
348	1	public function select_timezone() {
349	1	// Validate against timezone list.
350		$timezone = $this->validate_against_options( timezone_identifiers_list() );
351		if ( $timezone !== false ) {
352		return $timezone;
353		}
354	1
355		// Validate manual UTC offsets.
356		if ( preg_match( '`^UTC[+-][0-9]+(?:\.(?:5\|75))?$`', $this->value ) === 1 ) {
357		return $this->value;
358		}
359
360		// Invalid.
361	1	return false;
362	1	}
363	1
364	1	/**
365		* Handles saving of attachment post ID and sanitizing file url
366		* @since 1.1.0
367	1	* @return string Sanitized url
368	1	*/
369	1	public function file() {
370		$file_id_key = $this->field->_id() . '_id';
371
372	1	if ( $this->field->group ) {
373	1	// Return an array with url/id if saving a group field
374	1	$this->value = $this->_get_group_file_value_array( $file_id_key );
375	1	} else {
376		$this->_save_file_id_value( $file_id_key );
377		$this->text_url();
378		}
379
380		return $this->value;
381		}
382
383		/**
384		* Gets the values for the `file` field type from the data being saved.
385		* @since 2.2.0
386		*/
387		public function _get_group_file_value_array( $id_key ) {
388		$alldata = $this->field->group->data_to_save;
389		$base_id = $this->field->group->_id();
390		$i = $this->field->group->index;
391
392		// Check group $alldata data
393		$id_val = isset( $alldata[ $base_id ][ $i ][ $id_key ] )
394		? absint( $alldata[ $base_id ][ $i ][ $id_key ] )
395		: 0;
396
397		return array(
398		'value' => $this->text_url(),
399		'supporting_field_value' => $id_val,
400		'supporting_field_id' => $id_key,
401		);
402		}
403
404		/**
405		* Peforms saving of `file` attachement's ID
406		* @since 1.1.0
407		*/
408		public function _save_file_id_value( $file_id_key ) {
409		$id_field = $this->_new_supporting_field( $file_id_key );
410
411		// Check standard data_to_save data
412		$id_val = isset( $this->field->data_to_save[ $file_id_key ] )
413		? $this->field->data_to_save[ $file_id_key ]
414		: null;
415
416		// If there is no ID saved yet, try to get it from the url
417		if ( $this->value && ! $id_val ) {
418		$id_val = cmb2_utils()->image_id_from_url( $this->value );
419		}
420
421		return $id_field->save_field( $id_val );
422		}
423
424	1	/**
425	1	* Peforms saving of `text_datetime_timestamp_timezone` utc timestamp
426	1	* @since 2.2.0
427		*/
428		public function _save_utc_value( $utc_key, $utc_stamp ) {
429	1	return $this->_new_supporting_field( $utc_key )->save_field( $utc_stamp );
430		}
431	1
432	1	/**
433	1	* Returns a new, supporting, CMB2_Field object based on a new field id.
434	1	* @since 2.2.0
435	1	*/
436	1	public function _new_supporting_field( $new_field_id ) {
437	1	return $this->field->get_field_clone( array(
438	1	'id' => $new_field_id,
439	1	'sanitization_cb' => false,
440		) );
441	1	}
442
443	1	/**
444		* If repeating, loop through and re-apply sanitization method
445		* @since 1.1.0
446		* @param string $method Class method
447		* @param bool $repeat Whether repeating or not
448		* @return mixed Sanitized value
449		*/
450		public function _check_repeat( $method, $repeat ) {
451		if ( $repeat \|\| ! $this->field->args( 'repeatable' ) ) {
452	8	return false;
453	8	}
454	3
455	3	$values_array = $this->value;
456
457	6	$new_value = array();
458		foreach ( $values_array as $iterator => $this->value ) {
459		if ( $this->value ) {
460		$val = $this->$method( true );
461		if ( ! empty( $val ) ) {
462		$new_value[] = $val;
463		}
464		}
465		}
466
467		$this->value = $new_value;
468
469		return empty( $this->value ) ? null : $this->value;
470		}
471
472		/**
473		* Determine if passed value is an empty array
474		* @since 2.0.6
475		* @param mixed $to_check Value to check
476		* @return boolean Whether value is an array that's empty
477		*/
478		public function _is_empty_array( $to_check ) {
479		if ( is_array( $to_check ) ) {
480		$cleaned_up = array_filter( $to_check );
481		return empty( $cleaned_up );
482		}
483		return false;
484		}
485
486		/**
487		* Validate a value against a set of allowed options.
488		*
489		* @since 2.2.2
490		* @param array Options to validate against. Defaults to the `options` field argument.
491		* @return mixed Validated option or false if the value is invalid.
492		* The validated option may be empty if `show_option_none` was set to true.
493		*/
494		protected function validate_against_options( $options = array() ) {
495		if ( '' === $this->value ) {
496		if ( true === $this->field->args( 'show_option_none' ) ) {
497		return $this->value;
498		} else {
499		return false;
500		}
501		}
502
503		if ( empty( $options ) ) {
504		$options = $this->field->options();
505		$options = array_keys( $options );
506		}
507
508		/**
509		* Allow for dynamically altering the options array used for validation.
510		*
511		* The dynamic portion of the hook name, $this->field->type(), is the field type
512		* of the current object. This will either be 'radio', 'radio_inline', 'select'
513		* or 'select_timezone'.
514		*
515		* @since 2.2.2
516		* @param array $options The options for the field.
517		* @param int $object_id The ID of the current object
518		*/
519		$options = apply_filters( "cmb2_validate_{$this->field->type()}_options", $options, $this->field->object_id );
520
521		if ( in_array( $this->value, $options, true ) ) {
522		return $this->value;
523		}
524
525		return false;
526		}
527
528		}
529

WebDevStudios / CMB2

Pull Request — trunk (#578)

CMB2_Sanitize D

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

22 Methods

How to fix Complexity

Complex Class

1. Pass all data via parameters

2. Create a class that maintains your state

Duplication Side-by-Side

Filter issues like