Inspection of "Daily Inspection: Added a new class to escape mult..." - eventespresso/event-espresso-core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — fix/kses-11 (9d0fb3)

unknown

created 2022-05-24 21:14 UTC

Status

Indentation +56 added lines, -56 removed lines patch added patch discarded remove patch

@@ -11,60 +11,60 @@
 block discarded – undo
  */
 class ServerSanitizer
 {
-    /**
-     * @param string $key
-     * @param string $value
-     * @return mixed|string
-     */
-    public function clean($key, $value)
-    {
-        switch ($key) {
-            case 'AUTH_TYPE':
-                $valid_types = [
-                    'Basic',
-                    'Bearer',
-                    'Digest',
-                    'HOBA',
-                    'Mutual',
-                    'Negotiate',
-                    'OAuth',
-                    'SCRAM-SHA-1',
-                    'SCRAM-SHA-256',
-                    'vapid',
-                ];
-                return in_array($value, $valid_types, true) ? $value : 'Basic';
-            case 'argc':
-            case 'HTTP_DNT':
-            case 'HTTP_UPGRADE_INSECURE_REQUESTS':
-            case 'SERVER_PORT':
-            case 'REMOTE_PORT':
-            case 'REQUEST_TIME':
-                return (int) filter_var($value, FILTER_SANITIZE_NUMBER_INT);
-            case 'REQUEST_TIME_FLOAT':
-                return (float) filter_var($value, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
-            case 'REQUEST_METHOD':
-                $valid_types = [
-                    'CONNECT',
-                    'DELETE',
-                    'GET',
-                    'HEAD',
-                    'OPTIONS',
-                    'PATCH',
-                    'POST',
-                    'PUT',
-                    'TRACE',
-                ];
-                return in_array($value, $valid_types, true) ? $value : 'GET';
-            case 'HTTP_HOST':
-            case 'QUERY_STRING':
-            case 'REQUEST_URI':
-            case 'SCRIPT_NAME':
-            case 'SERVER_NAME':
-                return filter_var($value, FILTER_SANITIZE_URL);
-            case 'SERVER_ADMIN':
-                return filter_var($value, FILTER_SANITIZE_EMAIL);
-            default:
-                return filter_var($value, FILTER_SANITIZE_STRING);
-        }
-    }
+	/**
+	 * @param string $key
+	 * @param string $value
+	 * @return mixed|string
+	 */
+	public function clean($key, $value)
+	{
+		switch ($key) {
+			case 'AUTH_TYPE':
+				$valid_types = [
+					'Basic',
+					'Bearer',
+					'Digest',
+					'HOBA',
+					'Mutual',
+					'Negotiate',
+					'OAuth',
+					'SCRAM-SHA-1',
+					'SCRAM-SHA-256',
+					'vapid',
+				];
+				return in_array($value, $valid_types, true) ? $value : 'Basic';
+			case 'argc':
+			case 'HTTP_DNT':
+			case 'HTTP_UPGRADE_INSECURE_REQUESTS':
+			case 'SERVER_PORT':
+			case 'REMOTE_PORT':
+			case 'REQUEST_TIME':
+				return (int) filter_var($value, FILTER_SANITIZE_NUMBER_INT);
+			case 'REQUEST_TIME_FLOAT':
+				return (float) filter_var($value, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
+			case 'REQUEST_METHOD':
+				$valid_types = [
+					'CONNECT',
+					'DELETE',
+					'GET',
+					'HEAD',
+					'OPTIONS',
+					'PATCH',
+					'POST',
+					'PUT',
+					'TRACE',
+				];
+				return in_array($value, $valid_types, true) ? $value : 'GET';
+			case 'HTTP_HOST':
+			case 'QUERY_STRING':
+			case 'REQUEST_URI':
+			case 'SCRIPT_NAME':
+			case 'SERVER_NAME':
+				return filter_var($value, FILTER_SANITIZE_URL);
+			case 'SERVER_ADMIN':
+				return filter_var($value, FILTER_SANITIZE_EMAIL);
+			default:
+				return filter_var($value, FILTER_SANITIZE_STRING);
+		}
+	}
 }

Please login to merge, or discard this patch.

core/services/request/sanitizers/MultipleAttributes.php 2 patches

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

@@ -11,25 +11,25 @@
 block discarded – undo
  */
 class MultipleAttributes
 {
-    /**
-     * @param string $attributes
-     * @param array $allowed_tags
-     * @param string $tag
-     * @return mixed|string
-     */
-    public static function clean(string $attributes, array $allowed_tags, string $tag = 'div')
-    {
-        if (trim($attributes) === '') {
-            return '';
-        }
-        $html = '<' . $tag . ' ' . $attributes . '>';
-        $escaped = wp_kses($html, $allowed_tags);
-        $start = strpos($escaped, ' ');
-        $end = strpos($escaped, '>');
-        if ($start === false || $end === false) {
-            return '';
-        }
-        $length = $end - $start;
-        return trim(substr($escaped, $start, $length));
-    }
+	/**
+	 * @param string $attributes
+	 * @param array $allowed_tags
+	 * @param string $tag
+	 * @return mixed|string
+	 */
+	public static function clean(string $attributes, array $allowed_tags, string $tag = 'div')
+	{
+		if (trim($attributes) === '') {
+			return '';
+		}
+		$html = '<' . $tag . ' ' . $attributes . '>';
+		$escaped = wp_kses($html, $allowed_tags);
+		$start = strpos($escaped, ' ');
+		$end = strpos($escaped, '>');
+		if ($start === false || $end === false) {
+			return '';
+		}
+		$length = $end - $start;
+		return trim(substr($escaped, $start, $length));
+	}
 }

Please login to merge, or discard this patch.

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

@@ -22,7 +22,7 @@
 block discarded – undo
         if (trim($attributes) === '') {
             return '';
         }
-        $html = '<' . $tag . ' ' . $attributes . '>';
+        $html = '<'.$tag.' '.$attributes.'>';
         $escaped = wp_kses($html, $allowed_tags);
         $start = strpos($escaped, ' ');
         $end = strpos($escaped, '>');

Please login to merge, or discard this patch.

admin/new/pricing/templates/event_tickets_metabox_main.template.php 1 patch

Indentation +29 added lines, -29 removed lines patch added patch discarded remove patch

@@ -27,11 +27,11 @@  discard block
 block discarded – undo
               class="clickable ee-collapsible <?php echo sanitize_html_class($ee_collapsible_status); ?>">
             <span class="dashicons dashicons-clock ee-icon-size-20"></span>
             <?php
-                esc_html_e(
-                    'Event Datetimes',
-                    'event_espresso'
-                );
-                ?>
+				esc_html_e(
+					'Event Datetimes',
+					'event_espresso'
+				);
+				?>
         </span>
     </h3>
     <?php echo wp_kses($event_datetime_help_link, AllowedTags::getAllowedTags()); ?>
@@ -68,10 +68,10 @@  discard block
 block discarded – undo
     </div> <!-- end .event-datetimes-container -->
     <div id="add-event-datetime" class="event-datetime-row add-dtt-row" style="display:none;">
         <h4 class="datetime-tickets-heading"><?php
-            esc_html_e(
-                'Add New Datetime',
-                'event_espresso'
-            ); ?></h4><?php echo wp_kses($add_new_dtt_help_link, AllowedTags::getAllowedTags()); ?>
+			esc_html_e(
+				'Add New Datetime',
+				'event_espresso'
+			); ?></h4><?php echo wp_kses($add_new_dtt_help_link, AllowedTags::getAllowedTags()); ?>
         <div>
             <table id="add-new-event-datetime-table" class="datetime-edit-table">
                 <tr>
@@ -85,10 +85,10 @@  discard block
 block discarded – undo
                     <td class="event-datetime-column date-column">
                         <label class="add-new-event-datetime-DTT_EVT_start_label"
                                for="add-new-event-datetime-DTT_EVT_start"><?php
-                                esc_html_e(
-                                    'Event Start',
-                                    'event_espresso'
-                                ); ?></label>
+								esc_html_e(
+									'Event Start',
+									'event_espresso'
+								); ?></label>
                         <input type="text" name="add_new_datetime[DTT_EVT_start]"
                                id="add-new-event-datetime-DTT_EVT_start" class="ee-text-inp ee-datepicker"
                                data-context="start-dtt" data-date-field-context="#add-event-datetime"
@@ -98,10 +98,10 @@  discard block
 block discarded – undo
                     <td class="event-datetime-column date-column">
                         <label class="add-new-event-datetime-DTT_EVT_end_label"
                                for="add-new-event-datetime-DTT_EVT_end"><?php
-                                esc_html_e(
-                                    'Event End',
-                                    'event_espresso'
-                                ); ?></label>
+								esc_html_e(
+									'Event End',
+									'event_espresso'
+								); ?></label>
                         <input type="text" name="add_new_datetime[DTT_EVT_end]" id="add-new-event-datetime-DTT_EVT_end"
                                class="ee-text-inp ee-datepicker" data-context="end-dtt"
                                data-date-field-context="#add-event-datetime"
@@ -111,10 +111,10 @@  discard block
 block discarded – undo
                     <td class="event-datetime-column reg-limit-column">
                         <label class="add-new-event-datetime-DTT_EVT_end_label"
                                for="add-new-event-datetime-DTT_reg_limit"><?php
-                                esc_html_e(
-                                    'Limit',
-                                    'event_espresso'
-                                ); ?></label>
+								esc_html_e(
+									'Limit',
+									'event_espresso'
+								); ?></label>
                         <input type="text" name="add_new_datetime[DTT_reg_limit]"
                                id="add-new-event-datetime-DTT_reg_limit" class="ee-numeric ee-small-text-inp">
                     </td>
@@ -137,16 +137,16 @@  discard block
 block discarded – undo
         <h3 class="event-tickets-datetimes-title"><span data-target=".event-tickets-container"
                                                         class="clickable ee-collapsible <?php echo sanitize_html_class($ee_collapsible_status); ?>"><span
                     class="ee-icon ee-icon-tickets ee-icon-size-20"></span><?php
-                    esc_html_e(
-                        'Available Tickets',
-                        'event_espresso'
-                    ); ?></span></h3>
+					esc_html_e(
+						'Available Tickets',
+						'event_espresso'
+					); ?></span></h3>
         <div class="event-tickets-container ee-create-ticket-button" <?php echo MultipleAttributes::clean($show_tickets_container, AllowedTags::getAllowedTags()); ?>>
             <button class="ee-create-ticket-button button-secondary ee-create-button" data-context="ticket"><?php
-                esc_html_e(
-                    'Create Ticket',
-                    'event_espresso'
-                ); ?></button>
+				esc_html_e(
+					'Create Ticket',
+					'event_espresso'
+				); ?></button>
         </div>
         <div style="clear:both"></div>
         <div class="event-tickets-container" <?php echo MultipleAttributes::clean($show_tickets_container, AllowedTags::getAllowedTags()); ?>>

Please login to merge, or discard this patch.

		@@ -11,60 +11,60 @@
		block discarded – undo
11	11	*/
12	12	class ServerSanitizer
13	13	{
14		- /**
15		- * @param string $key
16		- * @param string $value
17		- * @return mixed\|string
18		- */
19		- public function clean($key, $value)
20		- {
21		- switch ($key) {
22		- case 'AUTH_TYPE':
23		- $valid_types = [
24		- 'Basic',
25		- 'Bearer',
26		- 'Digest',
27		- 'HOBA',
28		- 'Mutual',
29		- 'Negotiate',
30		- 'OAuth',
31		- 'SCRAM-SHA-1',
32		- 'SCRAM-SHA-256',
33		- 'vapid',
34		- ];
35		- return in_array($value, $valid_types, true) ? $value : 'Basic';
36		- case 'argc':
37		- case 'HTTP_DNT':
38		- case 'HTTP_UPGRADE_INSECURE_REQUESTS':
39		- case 'SERVER_PORT':
40		- case 'REMOTE_PORT':
41		- case 'REQUEST_TIME':
42		- return (int) filter_var($value, FILTER_SANITIZE_NUMBER_INT);
43		- case 'REQUEST_TIME_FLOAT':
44		- return (float) filter_var($value, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
45		- case 'REQUEST_METHOD':
46		- $valid_types = [
47		- 'CONNECT',
48		- 'DELETE',
49		- 'GET',
50		- 'HEAD',
51		- 'OPTIONS',
52		- 'PATCH',
53		- 'POST',
54		- 'PUT',
55		- 'TRACE',
56		- ];
57		- return in_array($value, $valid_types, true) ? $value : 'GET';
58		- case 'HTTP_HOST':
59		- case 'QUERY_STRING':
60		- case 'REQUEST_URI':
61		- case 'SCRIPT_NAME':
62		- case 'SERVER_NAME':
63		- return filter_var($value, FILTER_SANITIZE_URL);
64		- case 'SERVER_ADMIN':
65		- return filter_var($value, FILTER_SANITIZE_EMAIL);
66		- default:
67		- return filter_var($value, FILTER_SANITIZE_STRING);
68		- }
69		- }
	14	+ /**
	15	+ * @param string $key
	16	+ * @param string $value
	17	+ * @return mixed\|string
	18	+ */
	19	+ public function clean($key, $value)
	20	+ {
	21	+ switch ($key) {
	22	+ case 'AUTH_TYPE':
	23	+ $valid_types = [
	24	+ 'Basic',
	25	+ 'Bearer',
	26	+ 'Digest',
	27	+ 'HOBA',
	28	+ 'Mutual',
	29	+ 'Negotiate',
	30	+ 'OAuth',
	31	+ 'SCRAM-SHA-1',
	32	+ 'SCRAM-SHA-256',
	33	+ 'vapid',
	34	+ ];
	35	+ return in_array($value, $valid_types, true) ? $value : 'Basic';
	36	+ case 'argc':
	37	+ case 'HTTP_DNT':
	38	+ case 'HTTP_UPGRADE_INSECURE_REQUESTS':
	39	+ case 'SERVER_PORT':
	40	+ case 'REMOTE_PORT':
	41	+ case 'REQUEST_TIME':
	42	+ return (int) filter_var($value, FILTER_SANITIZE_NUMBER_INT);
	43	+ case 'REQUEST_TIME_FLOAT':
	44	+ return (float) filter_var($value, FILTER_SANITIZE_NUMBER_FLOAT, FILTER_FLAG_ALLOW_FRACTION);
	45	+ case 'REQUEST_METHOD':
	46	+ $valid_types = [
	47	+ 'CONNECT',
	48	+ 'DELETE',
	49	+ 'GET',
	50	+ 'HEAD',
	51	+ 'OPTIONS',
	52	+ 'PATCH',
	53	+ 'POST',
	54	+ 'PUT',
	55	+ 'TRACE',
	56	+ ];
	57	+ return in_array($value, $valid_types, true) ? $value : 'GET';
	58	+ case 'HTTP_HOST':
	59	+ case 'QUERY_STRING':
	60	+ case 'REQUEST_URI':
	61	+ case 'SCRIPT_NAME':
	62	+ case 'SERVER_NAME':
	63	+ return filter_var($value, FILTER_SANITIZE_URL);
	64	+ case 'SERVER_ADMIN':
	65	+ return filter_var($value, FILTER_SANITIZE_EMAIL);
	66	+ default:
	67	+ return filter_var($value, FILTER_SANITIZE_STRING);
	68	+ }
	69	+ }
70	70	}

		@@ -11,25 +11,25 @@
		block discarded – undo
11	11	*/
12	12	class MultipleAttributes
13	13	{
14		- /**
15		- * @param string $attributes
16		- * @param array $allowed_tags
17		- * @param string $tag
18		- * @return mixed\|string
19		- */
20		- public static function clean(string $attributes, array $allowed_tags, string $tag = 'div')
21		- {
22		- if (trim($attributes) === '') {
23		- return '';
24		- }
25		- $html = '<' . $tag . ' ' . $attributes . '>';
26		- $escaped = wp_kses($html, $allowed_tags);
27		- $start = strpos($escaped, ' ');
28		- $end = strpos($escaped, '>');
29		- if ($start === false \|\| $end === false) {
30		- return '';
31		- }
32		- $length = $end - $start;
33		- return trim(substr($escaped, $start, $length));
34		- }
	14	+ /**
	15	+ * @param string $attributes
	16	+ * @param array $allowed_tags
	17	+ * @param string $tag
	18	+ * @return mixed\|string
	19	+ */
	20	+ public static function clean(string $attributes, array $allowed_tags, string $tag = 'div')
	21	+ {
	22	+ if (trim($attributes) === '') {
	23	+ return '';
	24	+ }
	25	+ $html = '<' . $tag . ' ' . $attributes . '>';
	26	+ $escaped = wp_kses($html, $allowed_tags);
	27	+ $start = strpos($escaped, ' ');
	28	+ $end = strpos($escaped, '>');
	29	+ if ($start === false \|\| $end === false) {
	30	+ return '';
	31	+ }
	32	+ $length = $end - $start;
	33	+ return trim(substr($escaped, $start, $length));
	34	+ }
35	35	}

		@@ -22,7 +22,7 @@
		block discarded – undo
22	22	if (trim($attributes) === '') {
23	23	return '';
24	24	}
25		- $html = '<' . $tag . ' ' . $attributes . '>';
	25	+ $html = '<'.$tag.' '.$attributes.'>';
26	26	$escaped = wp_kses($html, $allowed_tags);
27	27	$start = strpos($escaped, ' ');
28	28	$end = strpos($escaped, '>');

		@@ -27,11 +27,11 @@ discard block
		block discarded – undo
27	27	class="clickable ee-collapsible <?php echo sanitize_html_class($ee_collapsible_status); ?>">
28	28	<span class="dashicons dashicons-clock ee-icon-size-20"></span>
29	29	<?php
30		- esc_html_e(
31		- 'Event Datetimes',
32		- 'event_espresso'
33		- );
34		- ?>
	30	+ esc_html_e(
	31	+ 'Event Datetimes',
	32	+ 'event_espresso'
	33	+ );
	34	+ ?>
35	35	</span>
36	36	</h3>
37	37	<?php echo wp_kses($event_datetime_help_link, AllowedTags::getAllowedTags()); ?>
		@@ -68,10 +68,10 @@ discard block
		block discarded – undo
68	68	</div> <!-- end .event-datetimes-container -->
69	69	<div id="add-event-datetime" class="event-datetime-row add-dtt-row" style="display:none;">
70	70	<h4 class="datetime-tickets-heading"><?php
71		- esc_html_e(
72		- 'Add New Datetime',
73		- 'event_espresso'
74		- ); ?></h4><?php echo wp_kses($add_new_dtt_help_link, AllowedTags::getAllowedTags()); ?>
	71	+ esc_html_e(
	72	+ 'Add New Datetime',
	73	+ 'event_espresso'
	74	+ ); ?></h4><?php echo wp_kses($add_new_dtt_help_link, AllowedTags::getAllowedTags()); ?>
75	75	<div>
76	76	<table id="add-new-event-datetime-table" class="datetime-edit-table">
77	77	<tr>
		@@ -85,10 +85,10 @@ discard block
		block discarded – undo
85	85	<td class="event-datetime-column date-column">
86	86	<label class="add-new-event-datetime-DTT_EVT_start_label"
87	87	for="add-new-event-datetime-DTT_EVT_start"><?php
88		- esc_html_e(
89		- 'Event Start',
90		- 'event_espresso'
91		- ); ?></label>
	88	+ esc_html_e(
	89	+ 'Event Start',
	90	+ 'event_espresso'
	91	+ ); ?></label>
92	92	<input type="text" name="add_new_datetime[DTT_EVT_start]"
93	93	id="add-new-event-datetime-DTT_EVT_start" class="ee-text-inp ee-datepicker"
94	94	data-context="start-dtt" data-date-field-context="#add-event-datetime"
		@@ -98,10 +98,10 @@ discard block
		block discarded – undo
98	98	<td class="event-datetime-column date-column">
99	99	<label class="add-new-event-datetime-DTT_EVT_end_label"
100	100	for="add-new-event-datetime-DTT_EVT_end"><?php
101		- esc_html_e(
102		- 'Event End',
103		- 'event_espresso'
104		- ); ?></label>
	101	+ esc_html_e(
	102	+ 'Event End',
	103	+ 'event_espresso'
	104	+ ); ?></label>
105	105	<input type="text" name="add_new_datetime[DTT_EVT_end]" id="add-new-event-datetime-DTT_EVT_end"
106	106	class="ee-text-inp ee-datepicker" data-context="end-dtt"
107	107	data-date-field-context="#add-event-datetime"
		@@ -111,10 +111,10 @@ discard block
		block discarded – undo
111	111	<td class="event-datetime-column reg-limit-column">
112	112	<label class="add-new-event-datetime-DTT_EVT_end_label"
113	113	for="add-new-event-datetime-DTT_reg_limit"><?php
114		- esc_html_e(
115		- 'Limit',
116		- 'event_espresso'
117		- ); ?></label>
	114	+ esc_html_e(
	115	+ 'Limit',
	116	+ 'event_espresso'
	117	+ ); ?></label>
118	118	<input type="text" name="add_new_datetime[DTT_reg_limit]"
119	119	id="add-new-event-datetime-DTT_reg_limit" class="ee-numeric ee-small-text-inp">
120	120	</td>
		@@ -137,16 +137,16 @@ discard block
		block discarded – undo
137	137	<h3 class="event-tickets-datetimes-title"><span data-target=".event-tickets-container"
138	138	class="clickable ee-collapsible <?php echo sanitize_html_class($ee_collapsible_status); ?>"><span
139	139	class="ee-icon ee-icon-tickets ee-icon-size-20"></span><?php
140		- esc_html_e(
141		- 'Available Tickets',
142		- 'event_espresso'
143		- ); ?></span></h3>
	140	+ esc_html_e(
	141	+ 'Available Tickets',
	142	+ 'event_espresso'
	143	+ ); ?></span></h3>
144	144	<div class="event-tickets-container ee-create-ticket-button" <?php echo MultipleAttributes::clean($show_tickets_container, AllowedTags::getAllowedTags()); ?>>
145	145	<button class="ee-create-ticket-button button-secondary ee-create-button" data-context="ticket"><?php
146		- esc_html_e(
147		- 'Create Ticket',
148		- 'event_espresso'
149		- ); ?></button>
	146	+ esc_html_e(
	147	+ 'Create Ticket',
	148	+ 'event_espresso'
	149	+ ); ?></button>
150	150	</div>
151	151	<div style="clear:both"></div>
152	152	<div class="event-tickets-container" <?php echo MultipleAttributes::clean($show_tickets_container, AllowedTags::getAllowedTags()); ?>>

eventespresso / event-espresso-core

Branch — fix/kses-11 (9d0fb3)

Status

Category

Indentation +56 added lines, -56 removed lines patch added patch discarded remove patch

Indentation +21 added lines, -21 removed lines patch added patch discarded remove patch

Spacing +1 added lines, -1 removed lines patch added patch discarded remove patch

Indentation +29 added lines, -29 removed lines patch added patch discarded remove patch