Issues in Manager.php - All Issues - Inspection of "Improved code quality" - amarkal/amarkal-metabox - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 9c0738...41953e )

by Askupa

created 2017-03-27 20:56 UTC

Manager.php (5 issues)

Labels

Severity

Major 5

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Amarkal\Metabox;

/**
 * Metabox Manager adds metaboxes to WordPress posts
 */
class Manager
{
    /**
     * @var Singleton The reference to *Singleton* instance of this class
     */
    private static $instance;
    
    /**
     * @var Array Stores all the registered metaboxes
     */
    private $metaboxes = array();
    
    /**
     * Security nonce action
     */
    const NONCE_ACTION = 'amarkal_metabox';
    
    /**
     * Returns the *Singleton* instance of this class.
     *
     * @return Singleton The *Singleton* instance.
     */
    public static function get_instance()
    {
        if( null === static::$instance ) 
class YourClass
{
    private static $someVariable;

    public static function getSomeVariable()
    {
        return static::$someVariable;
    }
}
        {
            static::$instance = new static();
class YourClass
{
    private static $someVariable;

    public static function getSomeVariable()
    {
        return static::$someVariable;
    }
}
        }
        return static::$instance;
class YourClass
{
    private static $someVariable;

    public static function getSomeVariable()
    {
        return static::$someVariable;
    }
}
    }
    
    /**
     * Private constructor to prevent instantiation
     */
    private function __construct() 
    {
        $this->init();
    }
    
    /**
     * Add a metabox.
     * 
     * @param string $id
     * @param array $args
     * @throws \RuntimeException if the given metabox id has already been registered
     */
    public function add( $id, array $args )
    {
        if( !in_array($id, $this->metaboxes) )
        {
            $this->metaboxes[$id] = array_merge($this->default_args(), $args);
        }
        else throw new \RuntimeException("A metabox with id '$id' has already been registered.");
    }
    
    /**
     * Render a metabox.
     * 
     * @param WP_Post $post
     * @param array $args
     */
    public function render( $post, $args )
    {
        $metabox = $this->metaboxes[$args['id']];
        wp_nonce_field(self::NONCE_ACTION, $args['id'].'_nonce');
        foreach( $metabox['fields'] as $field )
        {
            $field['post_id'] = $post->ID;
            $field_template = new Field($field);
            echo $field_template->render();
        }
    }
    
    /**
     * Internally used to register metaboxes.
     */
    public function add_meta_boxes()
    {
        foreach( $this->metaboxes as $id => $args )
        {
            \add_meta_box(
                $id,
                $args['title'],
                array($this, 'render'),
                $args['screen'],
                $args['context'],
                $args['priority']
            );
        }
    }
    
    /**
     * Save metaboxes data for a given page.
     * 
     * @param number $post_id
     */
    public function save_meta_boxes( $post_id )
    {
        /**
         * A note on security:
         * 
         * We need to verify this came from the our screen and with proper authorization,
         * because save_post can be triggered at other times. since metaboxes can 
         * be removed - by having a nonce field in only one metabox there is no 
         * guarantee the nonce will be there. By placing a nonce field in each 
         * metabox you can check if data from that metabox has been sent 
         * (and is actually from where you think it is) prior to processing any data.
         * @see http://wordpress.stackexchange.com/a/49460/25959
         */
 
        /*
         * If this is an autosave, our form has not been submitted,
         * so we don't want to do anything.
         */
        if( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE ) 
        {
            return $post_id;
        }

        // Check the user's permissions.
        $post_type = filter_input(INPUT_POST, 'post_type');
        if( null !== $post_type && !current_user_can('edit_'.$post_type, $post_id) )
        {
            return $post_id;
        }

        // Update the meta fields.
        foreach( $this->metaboxes as $id => $metabox )
        {
            $this->save_meta_box( $post_id, $id, $metabox );
        }
    }
    
    /**
     * Save the data of a single metabox.
     * 
     * @param number $post_id
     * @param string $id
     * @param array $metabox
     */
    public function save_meta_box( $post_id, $id, $metabox )
    {
        $nonce_name  = $id.'_nonce';
        $nonce_value = filter_input(INPUT_POST, $nonce_name);
        
        // Check if our nonce is set and verify it
        if( null === $nonce_value || !wp_verify_nonce($nonce_value, self::NONCE_ACTION) ) 
        {
            return $post_id;
        }
        
        foreach( $metabox['fields'] as $field )
        {
            $data = filter_input( INPUT_POST, $field['name'] );
            \update_post_meta( $post_id, $field['name'], $data );
        }
    }
    
    /**
     * Print custom metabox style.
     */
    public function print_style() 
    {
        $cs = get_current_screen();
        
        foreach( $this->metaboxes as $metabox )
        {
            if( $metabox['screen'] === $cs->id )
            {
                echo '<style>';
                include 'metabox.css';
                echo '</style>';
                return;
            }
        }
    }
    
    /**
     * Initiate the metaboxes by adding action hooks for printing and saving.
     */
    private function init()
    {
        \add_action( 'add_meta_boxes', array( $this, 'add_meta_boxes' ) );
        \add_action( 'save_post', array( $this, 'save_meta_boxes' ) );
        \add_action( 'admin_footer', array( $this, 'print_style' ) );
    }
    
    /**
     * Default arguments for the add() method.
     * 
     * @return array
     */
    private function default_args()
    {
        return array(
            'title'    => null,
            'screen'   => null,
            'context'  => 'advanced',
            'priority' => 'default',
            'fields'   => array()
        );
    }
}

1			<?php
2
3			namespace Amarkal\Metabox;
4
5			/**
6			* Metabox Manager adds metaboxes to WordPress posts
7			*/
8			class Manager
9			{
10			/**
11			* @var Singleton The reference to Singleton instance of this class
12			*/
13			private static $instance;
14
15			/**
16			* @var Array Stores all the registered metaboxes
17			*/
18			private $metaboxes = array();
19
20			/**
21			* Security nonce action
22			*/
23			const NONCE_ACTION = 'amarkal_metabox';
24
25			/**
26			* Returns the Singleton instance of this class.
27			*
28			* @return Singleton The Singleton instance.
29			*/
30			public static function get_instance()
31			{
32			if( null === static::$instance )
			0 ignored issues – show Bug introduced 2017-03-27 05:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this Since `$instance` is declared private, accessing it with `static` will lead to errors in possible sub-classes; consider using `self`, or increasing the visibility of `$instance` to at least protected. Let’s assume you have a class which uses late-static binding: class YourClass { private static $someVariable; public static function getSomeVariable() { return static::$someVariable; } } The code above will run fine in your PHP runtime. However, if you now create a sub-class and call the `getSomeVariable()` on that sub-class, you will receive a runtime error: class YourSubClass extends YourClass { } YourSubClass::getSomeVariable(); // Will cause an access error. In the case above, it makes sense to update `SomeClass` to use `self` instead: class SomeClass { private static $someVariable; public static function getSomeVariable() { return self::$someVariable; // self works fine with private. } } Loading history...
33			{
34			static::$instance = new static();
			0 ignored issues – show Bug introduced 2017-03-27 05:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this Since `$instance` is declared private, accessing it with `static` will lead to errors in possible sub-classes; consider using `self`, or increasing the visibility of `$instance` to at least protected. Let’s assume you have a class which uses late-static binding: class YourClass { private static $someVariable; public static function getSomeVariable() { return static::$someVariable; } } The code above will run fine in your PHP runtime. However, if you now create a sub-class and call the `getSomeVariable()` on that sub-class, you will receive a runtime error: class YourSubClass extends YourClass { } YourSubClass::getSomeVariable(); // Will cause an access error. In the case above, it makes sense to update `SomeClass` to use `self` instead: class SomeClass { private static $someVariable; public static function getSomeVariable() { return self::$someVariable; // self works fine with private. } } Loading history... Documentation Bug introduced 2017-03-27 05:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this It seems like `new static()` of type `this<Amarkal\Metabox\Manager>` is incompatible with the declared type `object<Amarkal\Metabox\Singleton>` of property `$instance`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
35			}
36			return static::$instance;
			0 ignored issues – show Bug introduced 2017-03-27 05:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this Since `$instance` is declared private, accessing it with `static` will lead to errors in possible sub-classes; consider using `self`, or increasing the visibility of `$instance` to at least protected. Let’s assume you have a class which uses late-static binding: class YourClass { private static $someVariable; public static function getSomeVariable() { return static::$someVariable; } } The code above will run fine in your PHP runtime. However, if you now create a sub-class and call the `getSomeVariable()` on that sub-class, you will receive a runtime error: class YourSubClass extends YourClass { } YourSubClass::getSomeVariable(); // Will cause an access error. In the case above, it makes sense to update `SomeClass` to use `self` instead: class SomeClass { private static $someVariable; public static function getSomeVariable() { return self::$someVariable; // self works fine with private. } } Loading history... Bug Compatibility introduced 2017-03-27 05:44 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `static::$instance;` of type `Amarkal\Metabox\Manager\|Amarkal\Metabox\Singleton` adds the type `Amarkal\Metabox\Manager` to the return on line 36 which is incompatible with the return type documented by `Amarkal\Metabox\Manager::get_instance` of type `Amarkal\Metabox\Singleton`. Loading history...
37			}
38
39			/**
40			* Private constructor to prevent instantiation
41			*/
42			private function __construct()
43			{
44			$this->init();
45			}
46
47			/**
48			* Add a metabox.
49			*
50			* @param string $id
51			* @param array $args
52			* @throws \RuntimeException if the given metabox id has already been registered
53			*/
54			public function add( $id, array $args )
55			{
56			if( !in_array($id, $this->metaboxes) )
57			{
58			$this->metaboxes[$id] = array_merge($this->default_args(), $args);
59			}
60			else throw new \RuntimeException("A metabox with id '$id' has already been registered.");
61			}
62
63			/**
64			* Render a metabox.
65			*
66			* @param WP_Post $post
67			* @param array $args
68			*/
69			public function render( $post, $args )
70			{
71			$metabox = $this->metaboxes[$args['id']];
72			wp_nonce_field(self::NONCE_ACTION, $args['id'].'_nonce');
73			foreach( $metabox['fields'] as $field )
74			{
75			$field['post_id'] = $post->ID;
76			$field_template = new Field($field);
77			echo $field_template->render();
78			}
79			}
80
81			/**
82			* Internally used to register metaboxes.
83			*/
84			public function add_meta_boxes()
85			{
86			foreach( $this->metaboxes as $id => $args )
87			{
88			\add_meta_box(
89			$id,
90			$args['title'],
91			array($this, 'render'),
92			$args['screen'],
93			$args['context'],
94			$args['priority']
95			);
96			}
97			}
98
99			/**
100			* Save metaboxes data for a given page.
101			*
102			* @param number $post_id
103			*/
104			public function save_meta_boxes( $post_id )
105			{
106			/**
107			* A note on security:
108			*
109			* We need to verify this came from the our screen and with proper authorization,
110			* because save_post can be triggered at other times. since metaboxes can
111			* be removed - by having a nonce field in only one metabox there is no
112			* guarantee the nonce will be there. By placing a nonce field in each
113			* metabox you can check if data from that metabox has been sent
114			* (and is actually from where you think it is) prior to processing any data.
115			* @see http://wordpress.stackexchange.com/a/49460/25959
116			*/
117
118			/*
119			* If this is an autosave, our form has not been submitted,
120			* so we don't want to do anything.
121			*/
122			if( defined( 'DOING_AUTOSAVE' ) && DOING_AUTOSAVE )
123			{
124			return $post_id;
125			}
126
127			// Check the user's permissions.
128			$post_type = filter_input(INPUT_POST, 'post_type');
129			if( null !== $post_type && !current_user_can('edit_'.$post_type, $post_id) )
130			{
131			return $post_id;
132			}
133
134			// Update the meta fields.
135			foreach( $this->metaboxes as $id => $metabox )
136			{
137			$this->save_meta_box( $post_id, $id, $metabox );
138			}
139			}
140
141			/**
142			* Save the data of a single metabox.
143			*
144			* @param number $post_id
145			* @param string $id
146			* @param array $metabox
147			*/
148			public function save_meta_box( $post_id, $id, $metabox )
149			{
150			$nonce_name = $id.'_nonce';
151			$nonce_value = filter_input(INPUT_POST, $nonce_name);
152
153			// Check if our nonce is set and verify it
154			if( null === $nonce_value \|\| !wp_verify_nonce($nonce_value, self::NONCE_ACTION) )
155			{
156			return $post_id;
157			}
158
159			foreach( $metabox['fields'] as $field )
160			{
161			$data = filter_input( INPUT_POST, $field['name'] );
162			\update_post_meta( $post_id, $field['name'], $data );
163			}
164			}
165
166			/**
167			* Print custom metabox style.
168			*/
169			public function print_style()
170			{
171			$cs = get_current_screen();
172
173			foreach( $this->metaboxes as $metabox )
174			{
175			if( $metabox['screen'] === $cs->id )
176			{
177			echo '<style>';
178			include 'metabox.css';
179			echo '</style>';
180			return;
181			}
182			}
183			}
184
185			/**
186			* Initiate the metaboxes by adding action hooks for printing and saving.
187			*/
188			private function init()
189			{
190			\add_action( 'add_meta_boxes', array( $this, 'add_meta_boxes' ) );
191			\add_action( 'save_post', array( $this, 'save_meta_boxes' ) );
192			\add_action( 'admin_footer', array( $this, 'print_style' ) );
193			}
194
195			/**
196			* Default arguments for the add() method.
197			*
198			* @return array
199			*/
200			private function default_args()
201			{
202			return array(
203			'title' => null,
204			'screen' => null,
205			'context' => 'advanced',
206			'priority' => 'default',
207			'fields' => array()
208			);
209			}
210			}

amarkal / amarkal-metabox

Push — master ( 9c0738...41953e )

Manager.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like