Inspection of "Feature/edit locking [WIP]" - gravityview/GravityView - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — develop (#1378)

by Zack

created 2019-11-21 01:13 UTC

Status

Doc Comments +1 added lines, -2 removed lines patch added patch discarded remove patch

@@ -222,7 +222,6 @@  discard block
 block discarded – undo
 	 *
 	 * @since 1.5.1
 	 * @param  array 	   $visibility_caps        Array of capabilities to display in field dropdown.
-	 * @param  string      $field_type  Type of field options to render (`field` or `widget`)
 	 * @param  string      $template_id Table slug
 	 * @param  float       $field_id    GF Field ID - Example: `3`, `5.2`, `entry_link`, `created_by`
 	 * @param  string      $context     What context are we in? Example: `single` or `directory`
@@ -651,7 +650,7 @@  discard block
 block discarded – undo
 	 *
 	 * @param  array $entry Gravity Forms entry array
 	 * @param array $field Field settings (optional)
-	 * @param int|\GV\View $view Pass a View ID to check caps against. If not set, check against current View (@deprecated no longer optional)
+	 * @param integer $view Pass a View ID to check caps against. If not set, check against current View (@deprecated no longer optional)
 	 * @return bool
 	 */
 	public static function check_user_cap_delete_entry( $entry, $field = array(), $view = 0 ) {

Please login to merge, or discard this patch.

includes/extensions/edit-entry/class-edit-entry.php 1 patch

Indentation +159 added lines, -159 removed lines patch added patch discarded remove patch

@@ -18,84 +18,84 @@  discard block
 block discarded – undo
 
 class GravityView_Edit_Entry {
 
-    /**
-     * @var string
-     */
+	/**
+	 * @var string
+	 */
 	static $file;
 
 	static $instance;
 
-    /**
-     * Component instances.
-     * @var array
-     */
-    public $instances = array();
+	/**
+	 * Component instances.
+	 * @var array
+	 */
+	public $instances = array();
 
 
 	function __construct() {
 
-        self::$file = plugin_dir_path( __FILE__ );
+		self::$file = plugin_dir_path( __FILE__ );
 
-        if( is_admin() ) {
-            $this->load_components( 'admin' );
-        }
+		if( is_admin() ) {
+			$this->load_components( 'admin' );
+		}
 
 
-        $this->load_components( 'render' );
+		$this->load_components( 'render' );
 
-        $this->load_components( 'locking' );
+		$this->load_components( 'locking' );
 
-        // If GF User Registration Add-on exists
-        $this->load_components( 'user-registration' );
+		// If GF User Registration Add-on exists
+		$this->load_components( 'user-registration' );
 
-        $this->add_hooks();
+		$this->add_hooks();
 
 		// Process hooks for addons that may or may not be present
 		$this->addon_specific_hooks();
 	}
 
 
-    static function getInstance() {
+	static function getInstance() {
 
-        if( empty( self::$instance ) ) {
-            self::$instance = new GravityView_Edit_Entry;
-        }
+		if( empty( self::$instance ) ) {
+			self::$instance = new GravityView_Edit_Entry;
+		}
 
-        return self::$instance;
-    }
+		return self::$instance;
+	}
 
 
-    private function load_components( $component ) {
+	private function load_components( $component ) {
 
-        $dir = trailingslashit( self::$file );
+		$dir = trailingslashit( self::$file );
 
-        $filename  = $dir . 'class-edit-entry-' . $component . '.php';
-        $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
+		$filename  = $dir . 'class-edit-entry-' . $component . '.php';
+		$classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
 
-        // Loads component and pass extension's instance so that component can
-        // talk each other.
-        require_once $filename;
-        $this->instances[ $component ] = new $classname( $this );
-        $this->instances[ $component ]->load();
+		// Loads component and pass extension's instance so that component can
+		// talk each other.
+		require_once $filename;
+		$this->instances[ $component ] = new $classname( $this );
+		$this->instances[ $component ]->load();
 
-    }
+	}
 
-    private function add_hooks() {
+	private function add_hooks() {
 
-        // Add front-end access to Gravity Forms delete file action
-        add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
+		// Add front-end access to Gravity Forms delete file action
+		add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
 
-        // Make sure this hook is run for non-admins
-        add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
+		// Make sure this hook is run for non-admins
+		add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
 
-        add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
+		add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
 
-        // add template path to check for field
-        add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
+		// add template path to check for field
+		add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
 
 		add_filter( 'gravityview/field/is_visible', array( $this, 'maybe_not_visible' ), 10, 3 );
 
-    }
+	}
 
 	/**
 	 * Trigger hooks that are normally run in the admin for Addons, but need to be triggered manually because we're not in the admin
@@ -153,77 +153,77 @@  discard block
 block discarded – undo
 		return false;
 	}
 
-    /**
-     * Include this extension templates path
-     * @param array $file_paths List of template paths ordered
-     */
-    public function add_template_path( $file_paths ) {
-
-        // Index 100 is the default GravityView template path.
-        $file_paths[ 110 ] = self::$file;
-
-        return $file_paths;
-    }
-
-    /**
-     *
-     * Return a well formatted nonce key according to GravityView Edit Entry protocol
-     *
-     * @param $view_id int GravityView view id
-     * @param $form_id int Gravity Forms form id
-     * @param $entry_id int Gravity Forms entry id
-     * @return string
-     */
-    public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
-        return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
-    }
-
-
-    /**
-     * The edit entry link creates a secure link with a nonce
-     *
-     * It also mimics the URL structure Gravity Forms expects to have so that
-     * it formats the display of the edit form like it does in the backend, like
-     * "You can edit this post from the post page" fields, for example.
-     *
-     * @param $entry array Gravity Forms entry object
-     * @param $view_id int GravityView view id
-     * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
-     * @param string|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
-     * @return string
-     */
-    public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
-
-        $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id']  );
-
-        $base = gv_entry_link( $entry, $post_id ? : $view_id  );
-
-        $url = add_query_arg( array(
-            'edit' => wp_create_nonce( $nonce_key )
-        ), $base );
-
-        if( $post_id ) {
-	        $url = add_query_arg( array( 'gvid' => $view_id ), $url );
-        }
-
-	    /**
-	     * Allow passing params to dynamically populate entry with values
-	     * @since 1.9.2
-	     */
-	    if( !empty( $field_values ) ) {
-
-		    if( is_array( $field_values ) ) {
-			    // If already an array, no parse_str() needed
-			    $params = $field_values;
-		    } else {
-			    parse_str( $field_values, $params );
-		    }
-
-		    $url = add_query_arg( $params, $url );
-	    }
-
-        return $url;
-    }
+	/**
+	 * Include this extension templates path
+	 * @param array $file_paths List of template paths ordered
+	 */
+	public function add_template_path( $file_paths ) {
+
+		// Index 100 is the default GravityView template path.
+		$file_paths[ 110 ] = self::$file;
+
+		return $file_paths;
+	}
+
+	/**
+	 *
+	 * Return a well formatted nonce key according to GravityView Edit Entry protocol
+	 *
+	 * @param $view_id int GravityView view id
+	 * @param $form_id int Gravity Forms form id
+	 * @param $entry_id int Gravity Forms entry id
+	 * @return string
+	 */
+	public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
+		return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
+	}
+
+
+	/**
+	 * The edit entry link creates a secure link with a nonce
+	 *
+	 * It also mimics the URL structure Gravity Forms expects to have so that
+	 * it formats the display of the edit form like it does in the backend, like
+	 * "You can edit this post from the post page" fields, for example.
+	 *
+	 * @param $entry array Gravity Forms entry object
+	 * @param $view_id int GravityView view id
+	 * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
+	 * @param string|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
+	 * @return string
+	 */
+	public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
+
+		$nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id']  );
+
+		$base = gv_entry_link( $entry, $post_id ? : $view_id  );
+
+		$url = add_query_arg( array(
+			'edit' => wp_create_nonce( $nonce_key )
+		), $base );
+
+		if( $post_id ) {
+			$url = add_query_arg( array( 'gvid' => $view_id ), $url );
+		}
+
+		/**
+		 * Allow passing params to dynamically populate entry with values
+		 * @since 1.9.2
+		 */
+		if( !empty( $field_values ) ) {
+
+			if( is_array( $field_values ) ) {
+				// If already an array, no parse_str() needed
+				$params = $field_values;
+			} else {
+				parse_str( $field_values, $params );
+			}
+
+			$url = add_query_arg( $params, $url );
+		}
+
+		return $url;
+	}
 
 	/**
 	 * Edit mode doesn't allow certain field types.
@@ -278,19 +278,19 @@  discard block
 block discarded – undo
 	}
 
 
-    /**
-     * checks if user has permissions to edit a specific entry
-     *
-     * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
-     *
-     * @param  array $entry Gravity Forms entry array
-     * @param \GV\View int $view_id ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
-     * @return bool
-     */
-    public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
+	/**
+	 * checks if user has permissions to edit a specific entry
+	 *
+	 * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
+	 *
+	 * @param  array $entry Gravity Forms entry array
+	 * @param \GV\View int $view_id ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
+	 * @return bool
+	 */
+	public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
 
-        // No permission by default
-        $user_can_edit = false;
+		// No permission by default
+		$user_can_edit = false;
 
 		// get user_edit setting
 		if ( empty( $view ) ) {
@@ -308,59 +308,59 @@  discard block
 block discarded – undo
 			$user_edit = GVCommon::get_template_setting( $view_id, 'user_edit' );
 		}
 
-        // If they can edit any entries (as defined in Gravity Forms)
-        // Or if they can edit other people's entries
-        // Then we're good.
-        if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
+		// If they can edit any entries (as defined in Gravity Forms)
+		// Or if they can edit other people's entries
+		// Then we're good.
+		if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
 
-            gravityview()->log->debug( 'User has ability to edit all entries.' );
+			gravityview()->log->debug( 'User has ability to edit all entries.' );
 
-            $user_can_edit = true;
+			$user_can_edit = true;
 
-        } else if( !isset( $entry['created_by'] ) ) {
+		} else if( !isset( $entry['created_by'] ) ) {
 
-            gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
+			gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
 
-            $user_can_edit = false;
+			$user_can_edit = false;
 
-        } else {
+		} else {
 
 
-            $current_user = wp_get_current_user();
+			$current_user = wp_get_current_user();
 
-            // User edit is disabled
-            if( empty( $user_edit ) ) {
+			// User edit is disabled
+			if( empty( $user_edit ) ) {
 
-                gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
+				gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
 
-                $user_can_edit = false;
-            }
+				$user_can_edit = false;
+			}
 
-            // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
-            else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
+			// User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
+			else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
 
-                gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
+				gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
 
-                $user_can_edit = true;
+				$user_can_edit = true;
 
-            } else if( ! is_user_logged_in() ) {
+			} else if( ! is_user_logged_in() ) {
 
-                gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
-            }
+				gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
+			}
 
-        }
+		}
 
-        /**
-         * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
-         * @since 1.15 Added `$entry` and `$view_id` parameters
-         * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
-         * @param[in] array $entry Gravity Forms entry array {@since 1.15}
-         * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
-         */
-        $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
+		/**
+		 * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
+		 * @since 1.15 Added `$entry` and `$view_id` parameters
+		 * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
+		 * @param[in] array $entry Gravity Forms entry array {@since 1.15}
+		 * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
+		 */
+		$user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
 
-        return (bool)$user_can_edit;
-    }
+		return (bool)$user_can_edit;
+	}
 
 
 

Please login to merge, or discard this patch.

		@@ -222,7 +222,6 @@ discard block
		block discarded – undo
222	222	*
223	223	* @since 1.5.1
224	224	* @param array $visibility_caps Array of capabilities to display in field dropdown.
225		- * @param string $field_type Type of field options to render (`field` or `widget`)
226	225	* @param string $template_id Table slug
227	226	* @param float $field_id GF Field ID - Example: `3`, `5.2`, `entry_link`, `created_by`
228	227	* @param string $context What context are we in? Example: `single` or `directory`
		@@ -651,7 +650,7 @@ discard block
		block discarded – undo
651	650	*
652	651	* @param array $entry Gravity Forms entry array
653	652	* @param array $field Field settings (optional)
654		- * @param int\|\GV\View $view Pass a View ID to check caps against. If not set, check against current View (@deprecated no longer optional)
	653	+ * @param integer $view Pass a View ID to check caps against. If not set, check against current View (@deprecated no longer optional)
655	654	* @return bool
656	655	*/
657	656	public static function check_user_cap_delete_entry( $entry, $field = array(), $view = 0 ) {

		@@ -18,84 +18,84 @@ discard block
		block discarded – undo
18	18
19	19	class GravityView_Edit_Entry {
20	20
21		- /**
22		- * @var string
23		- */
	21	+ /**
	22	+ * @var string
	23	+ */
24	24	static $file;
25	25
26	26	static $instance;
27	27
28		- /**
29		- * Component instances.
30		- * @var array
31		- */
32		- public $instances = array();
	28	+ /**
	29	+ * Component instances.
	30	+ * @var array
	31	+ */
	32	+ public $instances = array();
33	33
34	34
35	35	function __construct() {
36	36
37		- self::$file = plugin_dir_path( __FILE__ );
	37	+ self::$file = plugin_dir_path( __FILE__ );
38	38
39		- if( is_admin() ) {
40		- $this->load_components( 'admin' );
41		- }
	39	+ if( is_admin() ) {
	40	+ $this->load_components( 'admin' );
	41	+ }
42	42
43	43
44		- $this->load_components( 'render' );
	44	+ $this->load_components( 'render' );
45	45
46		- $this->load_components( 'locking' );
	46	+ $this->load_components( 'locking' );
47	47
48		- // If GF User Registration Add-on exists
49		- $this->load_components( 'user-registration' );
	48	+ // If GF User Registration Add-on exists
	49	+ $this->load_components( 'user-registration' );
50	50
51		- $this->add_hooks();
	51	+ $this->add_hooks();
52	52
53	53	// Process hooks for addons that may or may not be present
54	54	$this->addon_specific_hooks();
55	55	}
56	56
57	57
58		- static function getInstance() {
	58	+ static function getInstance() {
59	59
60		- if( empty( self::$instance ) ) {
61		- self::$instance = new GravityView_Edit_Entry;
62		- }
	60	+ if( empty( self::$instance ) ) {
	61	+ self::$instance = new GravityView_Edit_Entry;
	62	+ }
63	63
64		- return self::$instance;
65		- }
	64	+ return self::$instance;
	65	+ }
66	66
67	67
68		- private function load_components( $component ) {
	68	+ private function load_components( $component ) {
69	69
70		- $dir = trailingslashit( self::$file );
	70	+ $dir = trailingslashit( self::$file );
71	71
72		- $filename = $dir . 'class-edit-entry-' . $component . '.php';
73		- $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
	72	+ $filename = $dir . 'class-edit-entry-' . $component . '.php';
	73	+ $classname = 'GravityView_Edit_Entry_' . str_replace( ' ', '_', ucwords( str_replace( '-', ' ', $component ) ) );
74	74
75		- // Loads component and pass extension's instance so that component can
76		- // talk each other.
77		- require_once $filename;
78		- $this->instances[ $component ] = new $classname( $this );
79		- $this->instances[ $component ]->load();
	75	+ // Loads component and pass extension's instance so that component can
	76	+ // talk each other.
	77	+ require_once $filename;
	78	+ $this->instances[ $component ] = new $classname( $this );
	79	+ $this->instances[ $component ]->load();
80	80
81		- }
	81	+ }
82	82
83		- private function add_hooks() {
	83	+ private function add_hooks() {
84	84
85		- // Add front-end access to Gravity Forms delete file action
86		- add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
	85	+ // Add front-end access to Gravity Forms delete file action
	86	+ add_action( 'wp_ajax_nopriv_rg_delete_file', array( 'GFForms', 'delete_file') );
87	87
88		- // Make sure this hook is run for non-admins
89		- add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
	88	+ // Make sure this hook is run for non-admins
	89	+ add_action( 'wp_ajax_rg_delete_file', array( 'GFForms', 'delete_file') );
90	90
91		- add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
	91	+ add_filter( 'gravityview_blacklist_field_types', array( $this, 'modify_field_blacklist' ), 10, 2 );
92	92
93		- // add template path to check for field
94		- add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
	93	+ // add template path to check for field
	94	+ add_filter( 'gravityview_template_paths', array( $this, 'add_template_path' ) );
95	95
96	96	add_filter( 'gravityview/field/is_visible', array( $this, 'maybe_not_visible' ), 10, 3 );
97	97
98		- }
	98	+ }
99	99
100	100	/**
101	101	* Trigger hooks that are normally run in the admin for Addons, but need to be triggered manually because we're not in the admin
		@@ -153,77 +153,77 @@ discard block
		block discarded – undo
153	153	return false;
154	154	}
155	155
156		- /**
157		- * Include this extension templates path
158		- * @param array $file_paths List of template paths ordered
159		- */
160		- public function add_template_path( $file_paths ) {
161		-
162		- // Index 100 is the default GravityView template path.
163		- $file_paths[ 110 ] = self::$file;
164		-
165		- return $file_paths;
166		- }
167		-
168		- /**
169		- *
170		- * Return a well formatted nonce key according to GravityView Edit Entry protocol
171		- *
172		- * @param $view_id int GravityView view id
173		- * @param $form_id int Gravity Forms form id
174		- * @param $entry_id int Gravity Forms entry id
175		- * @return string
176		- */
177		- public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
178		- return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
179		- }
180		-
181		-
182		- /**
183		- * The edit entry link creates a secure link with a nonce
184		- *
185		- * It also mimics the URL structure Gravity Forms expects to have so that
186		- * it formats the display of the edit form like it does in the backend, like
187		- * "You can edit this post from the post page" fields, for example.
188		- *
189		- * @param $entry array Gravity Forms entry object
190		- * @param $view_id int GravityView view id
191		- * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
192		- * @param string\|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
193		- * @return string
194		- */
195		- public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
196		-
197		- $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id'] );
198		-
199		- $base = gv_entry_link( $entry, $post_id ? : $view_id );
200		-
201		- $url = add_query_arg( array(
202		- 'edit' => wp_create_nonce( $nonce_key )
203		- ), $base );
204		-
205		- if( $post_id ) {
206		- $url = add_query_arg( array( 'gvid' => $view_id ), $url );
207		- }
208		-
209		- /**
210		- * Allow passing params to dynamically populate entry with values
211		- * @since 1.9.2
212		- */
213		- if( !empty( $field_values ) ) {
214		-
215		- if( is_array( $field_values ) ) {
216		- // If already an array, no parse_str() needed
217		- $params = $field_values;
218		- } else {
219		- parse_str( $field_values, $params );
220		- }
221		-
222		- $url = add_query_arg( $params, $url );
223		- }
224		-
225		- return $url;
226		- }
	156	+ /**
	157	+ * Include this extension templates path
	158	+ * @param array $file_paths List of template paths ordered
	159	+ */
	160	+ public function add_template_path( $file_paths ) {
	161	+
	162	+ // Index 100 is the default GravityView template path.
	163	+ $file_paths[ 110 ] = self::$file;
	164	+
	165	+ return $file_paths;
	166	+ }
	167	+
	168	+ /**
	169	+ *
	170	+ * Return a well formatted nonce key according to GravityView Edit Entry protocol
	171	+ *
	172	+ * @param $view_id int GravityView view id
	173	+ * @param $form_id int Gravity Forms form id
	174	+ * @param $entry_id int Gravity Forms entry id
	175	+ * @return string
	176	+ */
	177	+ public static function get_nonce_key( $view_id, $form_id, $entry_id ) {
	178	+ return sprintf( 'edit_%d_%d_%d', $view_id, $form_id, $entry_id );
	179	+ }
	180	+
	181	+
	182	+ /**
	183	+ * The edit entry link creates a secure link with a nonce
	184	+ *
	185	+ * It also mimics the URL structure Gravity Forms expects to have so that
	186	+ * it formats the display of the edit form like it does in the backend, like
	187	+ * "You can edit this post from the post page" fields, for example.
	188	+ *
	189	+ * @param $entry array Gravity Forms entry object
	190	+ * @param $view_id int GravityView view id
	191	+ * @param $post_id int GravityView Post ID where View may be embedded {@since 1.9.2}
	192	+ * @param string\|array $field_values Parameters to pass in to the Edit Entry form to prefill data. Uses the same format as Gravity Forms "Allow field to be populated dynamically" {@since 1.9.2} {@see https://www.gravityhelp.com/documentation/article/allow-field-to-be-populated-dynamically/ }
	193	+ * @return string
	194	+ */
	195	+ public static function get_edit_link( $entry, $view_id, $post_id = null, $field_values = '' ) {
	196	+
	197	+ $nonce_key = self::get_nonce_key( $view_id, $entry['form_id'], $entry['id'] );
	198	+
	199	+ $base = gv_entry_link( $entry, $post_id ? : $view_id );
	200	+
	201	+ $url = add_query_arg( array(
	202	+ 'edit' => wp_create_nonce( $nonce_key )
	203	+ ), $base );
	204	+
	205	+ if( $post_id ) {
	206	+ $url = add_query_arg( array( 'gvid' => $view_id ), $url );
	207	+ }
	208	+
	209	+ /**
	210	+ * Allow passing params to dynamically populate entry with values
	211	+ * @since 1.9.2
	212	+ */
	213	+ if( !empty( $field_values ) ) {
	214	+
	215	+ if( is_array( $field_values ) ) {
	216	+ // If already an array, no parse_str() needed
	217	+ $params = $field_values;
	218	+ } else {
	219	+ parse_str( $field_values, $params );
	220	+ }
	221	+
	222	+ $url = add_query_arg( $params, $url );
	223	+ }
	224	+
	225	+ return $url;
	226	+ }
227	227
228	228	/**
229	229	* Edit mode doesn't allow certain field types.
		@@ -278,19 +278,19 @@ discard block
		block discarded – undo
278	278	}
279	279
280	280
281		- /**
282		- * checks if user has permissions to edit a specific entry
283		- *
284		- * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
285		- *
286		- * @param array $entry Gravity Forms entry array
287		- * @param \GV\View int $view_id ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
288		- * @return bool
289		- */
290		- public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
	281	+ /**
	282	+ * checks if user has permissions to edit a specific entry
	283	+ *
	284	+ * Needs to be used combined with GravityView_Edit_Entry::user_can_edit_entry for maximum security!!
	285	+ *
	286	+ * @param array $entry Gravity Forms entry array
	287	+ * @param \GV\View int $view_id ID of the view you want to check visibility against {@since 1.9.2}. Required since 2.0
	288	+ * @return bool
	289	+ */
	290	+ public static function check_user_cap_edit_entry( $entry, $view = 0 ) {
291	291
292		- // No permission by default
293		- $user_can_edit = false;
	292	+ // No permission by default
	293	+ $user_can_edit = false;
294	294
295	295	// get user_edit setting
296	296	if ( empty( $view ) ) {
		@@ -308,59 +308,59 @@ discard block
		block discarded – undo
308	308	$user_edit = GVCommon::get_template_setting( $view_id, 'user_edit' );
309	309	}
310	310
311		- // If they can edit any entries (as defined in Gravity Forms)
312		- // Or if they can edit other people's entries
313		- // Then we're good.
314		- if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
	311	+ // If they can edit any entries (as defined in Gravity Forms)
	312	+ // Or if they can edit other people's entries
	313	+ // Then we're good.
	314	+ if( GVCommon::has_cap( array( 'gravityforms_edit_entries', 'gravityview_edit_others_entries' ), $entry['id'] ) ) {
315	315
316		- gravityview()->log->debug( 'User has ability to edit all entries.' );
	316	+ gravityview()->log->debug( 'User has ability to edit all entries.' );
317	317
318		- $user_can_edit = true;
	318	+ $user_can_edit = true;
319	319
320		- } else if( !isset( $entry['created_by'] ) ) {
	320	+ } else if( !isset( $entry['created_by'] ) ) {
321	321
322		- gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
	322	+ gravityview()->log->error( 'Entry `created_by` doesn\'t exist.');
323	323
324		- $user_can_edit = false;
	324	+ $user_can_edit = false;
325	325
326		- } else {
	326	+ } else {
327	327
328	328
329		- $current_user = wp_get_current_user();
	329	+ $current_user = wp_get_current_user();
330	330
331		- // User edit is disabled
332		- if( empty( $user_edit ) ) {
	331	+ // User edit is disabled
	332	+ if( empty( $user_edit ) ) {
333	333
334		- gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
	334	+ gravityview()->log->debug( 'User Edit is disabled. Returning false.' );
335	335
336		- $user_can_edit = false;
337		- }
	336	+ $user_can_edit = false;
	337	+ }
338	338
339		- // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
340		- else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
	339	+ // User edit is enabled and the logged-in user is the same as the user who created the entry. We're good.
	340	+ else if( is_user_logged_in() && intval( $current_user->ID ) === intval( $entry['created_by'] ) ) {
341	341
342		- gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
	342	+ gravityview()->log->debug( 'User {user_id} created the entry.', array( 'user_id', $current_user->ID ) );
343	343
344		- $user_can_edit = true;
	344	+ $user_can_edit = true;
345	345
346		- } else if( ! is_user_logged_in() ) {
	346	+ } else if( ! is_user_logged_in() ) {
347	347
348		- gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
349		- }
	348	+ gravityview()->log->debug( 'No user defined; edit entry requires logged in user' );
	349	+ }
350	350
351		- }
	351	+ }
352	352
353		- /**
354		- * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
355		- * @since 1.15 Added `$entry` and `$view_id` parameters
356		- * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
357		- * @param[in] array $entry Gravity Forms entry array {@since 1.15}
358		- * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
359		- */
360		- $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
	353	+ /**
	354	+ * @filter `gravityview/edit_entry/user_can_edit_entry` Modify whether user can edit an entry.
	355	+ * @since 1.15 Added `$entry` and `$view_id` parameters
	356	+ * @param[in,out] boolean $user_can_edit Can the current user edit the current entry? (Default: false)
	357	+ * @param[in] array $entry Gravity Forms entry array {@since 1.15}
	358	+ * @param[in] int $view_id ID of the view you want to check visibility against {@since 1.15}
	359	+ */
	360	+ $user_can_edit = apply_filters( 'gravityview/edit_entry/user_can_edit_entry', $user_can_edit, $entry, $view_id );
361	361
362		- return (bool)$user_can_edit;
363		- }
	362	+ return (bool)$user_can_edit;
	363	+ }
364	364
365	365
366	366

gravityview / GravityView

Pull Request — develop (#1378)

Status

Category

Doc Comments +1 added lines, -2 removed lines patch added patch discarded remove patch

Indentation +159 added lines, -159 removed lines patch added patch discarded remove patch