Issues in ivycat-ajax-testimonials.php (development) - Issues in development - ivycat/ivycat-ajax-testimonials - Measure and Improve Code Quality continuously with Scrutinizer

Issues (10)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

ivycat-ajax-testimonials.php (5 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @package     IvyCat AJAX Testimonials
 * @author      Eric Amundson <[email protected]>
 * @copyright   2017 IvyCat, Inc.
 * @license     GPL-2.0+
 *
 * @wordpress-plugin
 * Plugin Name: IvyCat AJAX Testimonials
 * Plugin URI: https://ivycat.com/wordpress/wordpress-plugins/ivycat-ajax-testimonials/
 * Description: Simply add dynamic testimonials to your site.
 * Author: IvyCat, Inc.
 * Author URI: https://ivycat.com
 * Version: 1.5.2
 * Text Domain: ivycat-ajax-testimonials
 * Domain Path: /languages
 * License:     GPL-2.0+
 * License URI: http://www.gnu.org/licenses/gpl-2.0.txt
 */

if ( ! defined( 'ICTESTI_DIR' ) ) {
	define( 'ICTESTI_DIR', plugin_dir_path( __FILE__ ) );
}
if ( ! defined( 'ICTESTI_URL' ) ) {
	define( 'ICTESTI_URL', plugin_dir_url( __FILE__ ) );
}

// Load the class for displaying testimonials_in_page
if ( ! class_exists( 'ICTestimonialPosts' ) ) {
	require_once( 'lib/IvyCatTestimonialsPosts.php' );
}

$GLOBALS['ivycat_testimonials'] = new IvyCatTestimonials();
add_action( 'plugins_loaded', array( $GLOBALS['ivycat_testimonials'], 'start' ) );
load_plugin_textdomain( 'ivycat-ajax-testimonials', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );

class IvyCatTestimonials {

	public $more_tag;
	public $num_words;

	public function start() {
		add_action( 'init', array( $this, 'init' ) );
		add_action( 'widgets_init', array( $this, 'register_widgets' ) );
	}

	public function init() {
		$labels = array(
			'name'               => _x( 'Testimonials', 'post format general name', 'ivycat-ajax-testimonials' ),
			'singular_name'      => _x( 'Testimonial', 'post format singular name', 'ivycat-ajax-testimonials' ),
			'add_new'            => _x( 'Add New', 'testimonials', 'ivycat-ajax-testimonials' ),
			'add_new_item'       => __( 'Add New Testimonial', 'ivycat-ajax-testimonials' ),
			'edit_item'          => __( 'Edit Testimonial', 'ivycat-ajax-testimonials' ),
			'new_item'           => __( 'New Testimonial', 'ivycat-ajax-testimonials' ),
			'view_item'          => __( 'View Testimonial', 'ivycat-ajax-testimonials' ),
			'search_items'       => __( 'Search Testimonials', 'ivycat-ajax-testimonials' ),
			'not_found'          => __( 'No testimonials found.', 'ivycat-ajax-testimonials' ),
			'not_found_in_trash' => __( 'No testimonials found in Trash.', 'ivycat-ajax-testimonials' ),
			'all_items'          => __( 'All Testimonials', 'ivycat-ajax-testimonials' ),
			'menu_name'          => __( 'Testimonials', 'ivycat-ajax-testimonials' )
		);

		$args = apply_filters( 'ic_testimonials_post_type_args', array(
			'labels'               => $labels,
			'public'               => true,
			'publicly_queryable'   => true,
			'show_ui'              => true,
			'query_var'            => true,
			'register_meta_box_cb' => array( $this, 'register_testimonial_meta_boxes' ),
			'rewrite'              => true,
			'capability_type'      => 'post',
			'hierarchical'         => false,
			'menu_position'        => 4,
			'supports'             => array( 'title', 'editor', 'excerpt', 'thumbnail' )
		) );

		register_post_type( 'testimonials', $args );

		$tax_labels = array(
			'name'                       => _x( 'Testimonial Groups', 'taxonomy general name', 'ivycat-ajax-testimonials' ),
			'singular_name'              => _x( 'Testimonial Group', 'taxonomy singular name', 'ivycat-ajax-testimonials' ),
			'search_items'               => __( 'Search Testimonial Groups', 'ivycat-ajax-testimonials' ),
			'popular_items'              => __( 'Popular Testimonial Groups', 'ivycat-ajax-testimonials' ),
			'all_items'                  => __( 'All Testimonial Groups', 'ivycat-ajax-testimonials' ),
			'parent_item'                => __( 'Parent Testimonial Groups', 'ivycat-ajax-testimonials' ),
			'parent_item_colon'          => __( 'Parent Testimonial Group:', 'ivycat-ajax-testimonials' ),
			'edit_item'                  => __( 'Edit Testimonial Group', 'ivycat-ajax-testimonials' ),
			'view_item'                  => __( 'View Testimonial Group', 'ivycat-ajax-testimonials' ),
			'update_item'                => __( 'Update Testimonial Group', 'ivycat-ajax-testimonials' ),
			'add_new_item'               => __( 'Add New Testimonial Group', 'ivycat-ajax-testimonials' ),
			'new_item_name'              => __( 'New Testimonial Group Name', 'ivycat-ajax-testimonials' ),
			'separate_items_with_commas' => __( 'Separate testimonial groups with commas', 'ivycat-ajax-testimonials' ),
			'add_or_remove_items'        => __( 'Add or remove testimonial groups', 'ivycat-ajax-testimonials' ),
			'choose_from_most_used'      => __( 'Choose from most used testimonial groups', 'ivycat-ajax-testimonials' )
		);

		$tax_args = apply_filters( 'ic_testimonials_register_tax_args', array(
			'hierarchical'      => true,
			'labels'            => $tax_labels,
			'rewrite'           => true,
			'show_admin_column' => true,
		) );

		register_taxonomy( 'testimonial-group', 'testimonials', $tax_args );

		add_action( 'wp_ajax_nopriv_get-testimonials', array( $this, 'more_testimonials' ) );
		add_action( 'wp_ajax_get-testimonials', array( $this, 'more_testimonials' ) );
		add_action( 'save_post', array( $this, 'save_testimonial_metadata' ), 10, 2 );
		add_filter( 'post_updated_messages', array( $this, 'testimonial_update_messages' ) );

		add_shortcode( 'ic_do_testimonials', array( $this, 'do_testimonials' ) );

		wp_register_script( 'ict-ajax-scripts', ICTESTI_URL . 'assets/ivycat-testimonials-scripts.js', array(
			'jquery',
			'jquery-migrate'
		) );
	}

	public function register_widgets() {
		require_once( ICTESTI_DIR . 'lib/IvyCatTestimonialsWidget.php' );
		register_widget( 'IvyCatTestimonialsWidget' );
	}

	public function testimonial_update_messages( $messages ) {
		global $post;

		$messages['testimonials'] = array(
			0  => '', // Unused. Messages start at index 1.
			1  => sprintf( __( 'Testimonial updated. <a href="%s">View Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( get_permalink( $post->ID ) ) ),
			2  => __( 'Custom field updated.', 'ivycat-ajax-testimonials' ),
			3  => __( 'Custom field deleted.', 'ivycat-ajax-testimonials' ),
			4  => __( 'Testimonial updated.', 'ivycat-ajax-testimonials' ),
			/* translators: %s: date and time of the revision */
			5  => isset( $_GET['revision'] ) ? sprintf( __( 'Testimonial restored to revision from %s', 'ivycat-ajax-testimonials' ), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
			6  => sprintf( __( 'Testimonial published. <a href="%s">View Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( get_permalink( $post->ID ) ) ),
			7  => __( 'Testimonial saved.', 'ivycat-ajax-testimonials' ),
			8  => sprintf( __( 'Testimonial submitted. <a target="_blank" href="%s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) ) ),
			9  => sprintf( __( 'Testimonial scheduled for: <strong>%1$s</strong>. <a target="_blank" href="%2$s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ),
				// translators: Publish box date format, see http://php.net/date
				date_i18n( __( 'M j, Y @ G:i', 'ivycat-ajax-testimonials' ), strtotime( $post->post_date ) ), esc_url( get_permalink( $post->ID ) ) ),
			10 => sprintf( __( 'Testimonial draft updated. <a target="_blank" href="%s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) ) ),
		);

		return apply_filters( 'ic_testimonials_update_messages', $messages );
	}

	public function register_testimonial_meta_boxes() {
		add_meta_box(
			'Testimonialinfo-meta',
			__( 'Testimonial Data', 'ivycat-ajax-testimonials' ),
			array( $this, 'testimonial_metabox' ),
			'testimonials',
			'side',
			'high'
		);
	}

	public function testimonial_metabox( $post ) {
		$testimonial_order = get_post_meta( $post->ID, 'ivycat_testimonial_order', true );
		wp_nonce_field( 'save-testimonial-order_' . $post->ID, 'ivycat_testimonial_order_nonce' );
		?>
        <p>
            <label for="test-order"><?php _e( 'Order:', 'ivycat-ajax-testimonials' ); ?></label>
            <input id="test-order" type="text" name="testimonial_order"
                   value="<?php echo absint( $testimonial_order ); ?>"/>
        </p>
		<?php
		do_action( 'ic_testimonials_testimonial_metabox', $post );
	}

	public function save_testimonial_metadata( $post_id, $post ) {
		if ( ! isset( $_POST['ivycat_testimonial_order_nonce'] ) || ! wp_verify_nonce( $_POST['ivycat_testimonial_order_nonce'], 'save-testimonial-order_' . $post_id ) ) {
			return;
		}
		do_action( 'ic_testimonials_save_metadata', $post_id, $post );
		update_post_meta( $post_id, 'ivycat_testimonial_order', $_POST['testimonial_order'] );
	}

	public function do_testimonials( $args, $content = null ) {

		// fix for camel case previous verions
		if ( isset( $args['fadein'] ) ) {
			$args['fade_in'] = $args['fadein'];
		}
		if ( isset( $args['fadeout'] ) ) {
			$args['fade_out'] = $args['fadeout'];
		}
		$atts = wp_parse_args( $args, array(
			'quantity'          => 3,
			'title'             => false,
			'link_testimonials' => false,
			'group'             => false,
			'num_words'         => false,
			'more_tag'          => false,
			'ajax_on'           => 'yes',
			'all_title'         => false,
			'all_url'           => false,
			'fade_in'           => 500,
			'fade_out'          => 300,
			'speed'             => 8000,
			'display'           => 'single'
		) );
		extract( apply_filters( 'ic_testimonials_args', $atts ) );

		$testimonials = apply_filters(
			'ic_testimonials_data',
			$this->get_testimonials( 1, $group, $num_words, $more_tag, $ajax_on, $link_testimonials )
		);
		$this->more_tag  = $atts['more_tag'];
		$this->num_words = $atts['num_words'];

		if ( count( $testimonials ) == 0 ) {
			return '';
		}
		// check for display option set to list
		if ( 'list' == $display ) :
			// turn off ajax
			$ajax_on = 'no';
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
			// pagination
			$atts['paginate'] = true;
			// if user set a number of posts to show pass it on
			if ( '3' != $atts['quantity'] ) :
				$atts['showposts'] = $atts['quantity'];
			endif;

			// if more tag is set add the filter
			if ( false !== $more_tag ) :
				add_filter( 'excerpt_more', array( $this, 'ivycat_custom_excerpt_more' ) );
			endif;

			// if num words is set add the filter
			if ( false !== $num_words ) :
				add_filter( 'excerpt_length', array( $this, 'ivycat_custom_excerpt_length' ), 999 );
			endif;

			// call the class
			$new_output = new ICTestimonialPosts( $atts );

			// display loop in our page/post
			return $new_output->output_testimonials();
		endif;

		if ( 'yes' == $ajax_on ):
			wp_enqueue_script( 'ict-ajax-scripts' );
			wp_localize_script( 'ict-ajax-scripts', 'ICTaconn',
				apply_filters( 'ICTaconn-variables', array(
					'ajaxurl'           => admin_url( 'admin-ajax.php' ),
					'themeurl'          => get_bloginfo( 'stylesheet_directory' ) . '/',
					'pluginurl'         => ICTESTI_URL,
					'ict_quantity'      => $quantity,
					'ict_group'         => $group,
					'num_words'         => $num_words,
					'more_tag'          => $more_tag,
					'all_title'         => $all_title,
					'all_url'           => $all_url,
					'fade_in'           => $fade_in,
					'fade_out'          => $fade_out,
					'speed'             => $speed,
					'link_testimonials' => $link_testimonials,
				) )
			);
		endif;
		$testimonial_id = ( 'yes' == $ajax_on ) ? 'ivycat-testimonial' : 'ivycat-testimonial-static';
		$contents       = '<div id="' . $testimonial_id . '">';
		$contents       .= ( $title ) ? '<h3>' . $title . '</h3>' : '';
		$contents       .= '<blockquote class="testimonial-content">
			<div class="ict-content">' . $testimonials[0]['testimonial_content'] . '</div>
			<footer>
				<cite>';
		$contents       .= ( $link_testimonials )
			? '<a href="' . $testimonials[0]['testimonial_link'] . '">' . $testimonials[0]['testimonial_title'] . '</a>'
			: $testimonials[0]['testimonial_title'];
		$contents       .= '</cite>
			</footer>';
		$contents       .= ( strlen( $all_url ) > 1 ) ? '<p><a href="' . $all_url . '">' . $all_title . '</a></p>' : '';
		$contents       .= '</blockquote>';
		$contents       .= '</div>';

		return apply_filters( 'ic_testimonials_contents', $contents );
	}

	public function more_testimonials() {
		$quantity     = absint( $_POST['ict_quantity'] );
		$group        = $_POST['ict_group'];
		$num_words    = absint( $_POST['num_words'] );
		$more_tag     = $_POST['more_tag'];
		$testimonials = $this->get_testimonials( $quantity, $group, $num_words, $more_tag, 'yes', $_POST['link_testimonials'] );
		if ( $testimonials ) {
			echo json_encode( $testimonials );
		}
		wp_die();
	}

	public function get_testimonials( $quantity, $group, $num_words, $more_tag, $ajax_on, $link_testimonials ) {
		$args = array(
			'post_type'      => 'testimonials',
			'orderby'        => ( 'yes' == $ajax_on ) ? 'meta_value_num' : 'rand',
			'meta_key'       => 'ivycat_testimonial_order',
			'order'          => 'ASC',
			'posts_per_page' => $quantity,
		);

		if ( $group ) {
			$args['tax_query'] = array(
				array(
					'taxonomy' => 'testimonial-group',
					'field'    => is_numeric( $group ) ? 'id' : 'slug',
					'terms'    => $group
				)
			);
		}

		$more             = ( $more_tag ) ? $more_tag : 'Read More';
		$testimonials     = get_posts( $args );
		$testimonial_data = array();
		do_action( 'ica_pre_loop_testimonials', $testimonials );
		if ( $testimonials ) {
			foreach ( $testimonials as $row ) {

				$post_more    = ( $more_tag ) ? ' <a class="ict-rm-link" href="' . home_url( '/testimonials/' . $row->post_name . '/' ) . '">' . $more . '</a>' : '';
				$post_content = ( $num_words ) ?
					wp_trim_words( $row->post_content, $num_words, $post_more )
					: $row->post_content;

				$testimonial_data[] = array(
					'testimonial_id'      => $row->ID,
					'testimonial_title'   => $row->post_title,
					'testimonial_link'    => ( $link_testimonials ) ? get_permalink( $row->ID ) : false,
					'testimonial_content' => ( strlen( $row->post_excerpt ) > 1 )
						? $row->post_excerpt
						: apply_filters( 'the_content', $post_content )
				);
			}
		}

		return apply_filters( 'ic_testimonials_data_array', $testimonial_data );
	}

	public function ivycat_custom_excerpt_more( $more ) {

		$more_tag = $this->more_tag;

		return ' <a class="read-more" href="' . get_permalink( get_the_ID() ) . '">' . $more_tag . '</a>';
	}

	public function ivycat_custom_excerpt_length( $length ) {

		$num_words = $this->num_words;

		return $num_words;
	}
}


1			<?php
2			/**
3			* @package IvyCat AJAX Testimonials
4			* @author Eric Amundson <[email protected]>
5			* @copyright 2017 IvyCat, Inc.
6			* @license GPL-2.0+
7			*
8			* @wordpress-plugin
9			* Plugin Name: IvyCat AJAX Testimonials
10			* Plugin URI: https://ivycat.com/wordpress/wordpress-plugins/ivycat-ajax-testimonials/
11			* Description: Simply add dynamic testimonials to your site.
12			* Author: IvyCat, Inc.
13			* Author URI: https://ivycat.com
14			* Version: 1.5.2
15			* Text Domain: ivycat-ajax-testimonials
16			* Domain Path: /languages
17			* License: GPL-2.0+
18			* License URI: http://www.gnu.org/licenses/gpl-2.0.txt
19			*/
20
21			if ( ! defined( 'ICTESTI_DIR' ) ) {
22			define( 'ICTESTI_DIR', plugin_dir_path( __FILE__ ) );
23			}
24			if ( ! defined( 'ICTESTI_URL' ) ) {
25			define( 'ICTESTI_URL', plugin_dir_url( __FILE__ ) );
26			}
27
28			// Load the class for displaying testimonials_in_page
29			if ( ! class_exists( 'ICTestimonialPosts' ) ) {
30			require_once( 'lib/IvyCatTestimonialsPosts.php' );
31			}
32
33			$GLOBALS['ivycat_testimonials'] = new IvyCatTestimonials();
34			add_action( 'plugins_loaded', array( $GLOBALS['ivycat_testimonials'], 'start' ) );
35			load_plugin_textdomain( 'ivycat-ajax-testimonials', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
36
37			class IvyCatTestimonials {
38
39			public $more_tag;
40			public $num_words;
41
42			public function start() {
43			add_action( 'init', array( $this, 'init' ) );
44			add_action( 'widgets_init', array( $this, 'register_widgets' ) );
45			}
46
47			public function init() {
48			$labels = array(
49			'name' => _x( 'Testimonials', 'post format general name', 'ivycat-ajax-testimonials' ),
50			'singular_name' => _x( 'Testimonial', 'post format singular name', 'ivycat-ajax-testimonials' ),
51			'add_new' => _x( 'Add New', 'testimonials', 'ivycat-ajax-testimonials' ),
52			'add_new_item' => __( 'Add New Testimonial', 'ivycat-ajax-testimonials' ),
53			'edit_item' => __( 'Edit Testimonial', 'ivycat-ajax-testimonials' ),
54			'new_item' => __( 'New Testimonial', 'ivycat-ajax-testimonials' ),
55			'view_item' => __( 'View Testimonial', 'ivycat-ajax-testimonials' ),
56			'search_items' => __( 'Search Testimonials', 'ivycat-ajax-testimonials' ),
57			'not_found' => __( 'No testimonials found.', 'ivycat-ajax-testimonials' ),
58			'not_found_in_trash' => __( 'No testimonials found in Trash.', 'ivycat-ajax-testimonials' ),
59			'all_items' => __( 'All Testimonials', 'ivycat-ajax-testimonials' ),
60			'menu_name' => __( 'Testimonials', 'ivycat-ajax-testimonials' )
61			);
62
63			$args = apply_filters( 'ic_testimonials_post_type_args', array(
64			'labels' => $labels,
65			'public' => true,
66			'publicly_queryable' => true,
67			'show_ui' => true,
68			'query_var' => true,
69			'register_meta_box_cb' => array( $this, 'register_testimonial_meta_boxes' ),
70			'rewrite' => true,
71			'capability_type' => 'post',
72			'hierarchical' => false,
73			'menu_position' => 4,
74			'supports' => array( 'title', 'editor', 'excerpt', 'thumbnail' )
75			) );
76
77			register_post_type( 'testimonials', $args );
78
79			$tax_labels = array(
80			'name' => _x( 'Testimonial Groups', 'taxonomy general name', 'ivycat-ajax-testimonials' ),
81			'singular_name' => _x( 'Testimonial Group', 'taxonomy singular name', 'ivycat-ajax-testimonials' ),
82			'search_items' => __( 'Search Testimonial Groups', 'ivycat-ajax-testimonials' ),
83			'popular_items' => __( 'Popular Testimonial Groups', 'ivycat-ajax-testimonials' ),
84			'all_items' => __( 'All Testimonial Groups', 'ivycat-ajax-testimonials' ),
85			'parent_item' => __( 'Parent Testimonial Groups', 'ivycat-ajax-testimonials' ),
86			'parent_item_colon' => __( 'Parent Testimonial Group:', 'ivycat-ajax-testimonials' ),
87			'edit_item' => __( 'Edit Testimonial Group', 'ivycat-ajax-testimonials' ),
88			'view_item' => __( 'View Testimonial Group', 'ivycat-ajax-testimonials' ),
89			'update_item' => __( 'Update Testimonial Group', 'ivycat-ajax-testimonials' ),
90			'add_new_item' => __( 'Add New Testimonial Group', 'ivycat-ajax-testimonials' ),
91			'new_item_name' => __( 'New Testimonial Group Name', 'ivycat-ajax-testimonials' ),
92			'separate_items_with_commas' => __( 'Separate testimonial groups with commas', 'ivycat-ajax-testimonials' ),
93			'add_or_remove_items' => __( 'Add or remove testimonial groups', 'ivycat-ajax-testimonials' ),
94			'choose_from_most_used' => __( 'Choose from most used testimonial groups', 'ivycat-ajax-testimonials' )
95			);
96
97			$tax_args = apply_filters( 'ic_testimonials_register_tax_args', array(
98			'hierarchical' => true,
99			'labels' => $tax_labels,
100			'rewrite' => true,
101			'show_admin_column' => true,
102			) );
103
104			register_taxonomy( 'testimonial-group', 'testimonials', $tax_args );
105
106			add_action( 'wp_ajax_nopriv_get-testimonials', array( $this, 'more_testimonials' ) );
107			add_action( 'wp_ajax_get-testimonials', array( $this, 'more_testimonials' ) );
108			add_action( 'save_post', array( $this, 'save_testimonial_metadata' ), 10, 2 );
109			add_filter( 'post_updated_messages', array( $this, 'testimonial_update_messages' ) );
110
111			add_shortcode( 'ic_do_testimonials', array( $this, 'do_testimonials' ) );
112
113			wp_register_script( 'ict-ajax-scripts', ICTESTI_URL . 'assets/ivycat-testimonials-scripts.js', array(
114			'jquery',
115			'jquery-migrate'
116			) );
117			}
118
119			public function register_widgets() {
120			require_once( ICTESTI_DIR . 'lib/IvyCatTestimonialsWidget.php' );
121			register_widget( 'IvyCatTestimonialsWidget' );
122			}
123
124			public function testimonial_update_messages( $messages ) {
125			global $post;
126
127			$messages['testimonials'] = array(
128			0 => '', // Unused. Messages start at index 1.
129			1 => sprintf( __( 'Testimonial updated. <a href="%s">View Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( get_permalink( $post->ID ) ) ),
130			2 => __( 'Custom field updated.', 'ivycat-ajax-testimonials' ),
131			3 => __( 'Custom field deleted.', 'ivycat-ajax-testimonials' ),
132			4 => __( 'Testimonial updated.', 'ivycat-ajax-testimonials' ),
133			/* translators: %s: date and time of the revision */
134			5 => isset( $_GET['revision'] ) ? sprintf( __( 'Testimonial restored to revision from %s', 'ivycat-ajax-testimonials' ), wp_post_revision_title( (int) $_GET['revision'], false ) ) : false,
135			6 => sprintf( __( 'Testimonial published. <a href="%s">View Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( get_permalink( $post->ID ) ) ),
136			7 => __( 'Testimonial saved.', 'ivycat-ajax-testimonials' ),
137			8 => sprintf( __( 'Testimonial submitted. <a target="_blank" href="%s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) ) ),
138			9 => sprintf( __( 'Testimonial scheduled for: <strong>%1$s</strong>. <a target="_blank" href="%2$s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ),
139			// translators: Publish box date format, see http://php.net/date
140			date_i18n( __( 'M j, Y @ G:i', 'ivycat-ajax-testimonials' ), strtotime( $post->post_date ) ), esc_url( get_permalink( $post->ID ) ) ),
141			10 => sprintf( __( 'Testimonial draft updated. <a target="_blank" href="%s">Preview Testimonial</a>', 'ivycat-ajax-testimonials' ), esc_url( add_query_arg( 'preview', 'true', get_permalink( $post->ID ) ) ) ),
142			);
143
144			return apply_filters( 'ic_testimonials_update_messages', $messages );
145			}
146
147			public function register_testimonial_meta_boxes() {
148			add_meta_box(
149			'Testimonialinfo-meta',
150			__( 'Testimonial Data', 'ivycat-ajax-testimonials' ),
151			array( $this, 'testimonial_metabox' ),
152			'testimonials',
153			'side',
154			'high'
155			);
156			}
157
158			public function testimonial_metabox( $post ) {
159			$testimonial_order = get_post_meta( $post->ID, 'ivycat_testimonial_order', true );
160			wp_nonce_field( 'save-testimonial-order_' . $post->ID, 'ivycat_testimonial_order_nonce' );
161			?>
162			<p>
163			<label for="test-order"><?php _e( 'Order:', 'ivycat-ajax-testimonials' ); ?></label>
164			<input id="test-order" type="text" name="testimonial_order"
165			value="<?php echo absint( $testimonial_order ); ?>"/>
166			</p>
167			<?php
168			do_action( 'ic_testimonials_testimonial_metabox', $post );
169			}
170
171			public function save_testimonial_metadata( $post_id, $post ) {
172			if ( ! isset( $_POST['ivycat_testimonial_order_nonce'] ) \|\| ! wp_verify_nonce( $_POST['ivycat_testimonial_order_nonce'], 'save-testimonial-order_' . $post_id ) ) {
173			return;
174			}
175			do_action( 'ic_testimonials_save_metadata', $post_id, $post );
176			update_post_meta( $post_id, 'ivycat_testimonial_order', $_POST['testimonial_order'] );
177			}
178
179			public function do_testimonials( $args, $content = null ) {
			0 ignored issues – show Unused Code introduced 2017-12-01 22:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$content` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
180			// fix for camel case previous verions
181			if ( isset( $args['fadein'] ) ) {
182			$args['fade_in'] = $args['fadein'];
183			}
184			if ( isset( $args['fadeout'] ) ) {
185			$args['fade_out'] = $args['fadeout'];
186			}
187			$atts = wp_parse_args( $args, array(
188			'quantity' => 3,
189			'title' => false,
190			'link_testimonials' => false,
191			'group' => false,
192			'num_words' => false,
193			'more_tag' => false,
194			'ajax_on' => 'yes',
195			'all_title' => false,
196			'all_url' => false,
197			'fade_in' => 500,
198			'fade_out' => 300,
199			'speed' => 8000,
200			'display' => 'single'
201			) );
202			extract( apply_filters( 'ic_testimonials_args', $atts ) );
			0 ignored issues – show Bug introduced 2017-07-09 22:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this `apply_filters('ic_testimonials_args', $atts)` cannot be passed to `extract()` as the parameter `$var_array` expects a reference. Loading history...
203			$testimonials = apply_filters(
204			'ic_testimonials_data',
205			$this->get_testimonials( 1, $group, $num_words, $more_tag, $ajax_on, $link_testimonials )
206			);
207			$this->more_tag = $atts['more_tag'];
208			$this->num_words = $atts['num_words'];
209
210			if ( count( $testimonials ) == 0 ) {
211			return '';
212			}
213			// check for display option set to list
214			if ( 'list' == $display ) :
215			// turn off ajax
216			$ajax_on = 'no';
			0 ignored issues – show Unused Code introduced 2017-07-09 22:06 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$ajax_on` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
217			// pagination
218			$atts['paginate'] = true;
219			// if user set a number of posts to show pass it on
220			if ( '3' != $atts['quantity'] ) :
221			$atts['showposts'] = $atts['quantity'];
222			endif;
223
224			// if more tag is set add the filter
225			if ( false !== $more_tag ) :
226			add_filter( 'excerpt_more', array( $this, 'ivycat_custom_excerpt_more' ) );
227			endif;
228
229			// if num words is set add the filter
230			if ( false !== $num_words ) :
231			add_filter( 'excerpt_length', array( $this, 'ivycat_custom_excerpt_length' ), 999 );
232			endif;
233
234			// call the class
235			$new_output = new ICTestimonialPosts( $atts );
236
237			// display loop in our page/post
238			return $new_output->output_testimonials();
239			endif;
240
241			if ( 'yes' == $ajax_on ):
242			wp_enqueue_script( 'ict-ajax-scripts' );
243			wp_localize_script( 'ict-ajax-scripts', 'ICTaconn',
244			apply_filters( 'ICTaconn-variables', array(
245			'ajaxurl' => admin_url( 'admin-ajax.php' ),
246			'themeurl' => get_bloginfo( 'stylesheet_directory' ) . '/',
247			'pluginurl' => ICTESTI_URL,
248			'ict_quantity' => $quantity,
249			'ict_group' => $group,
250			'num_words' => $num_words,
251			'more_tag' => $more_tag,
252			'all_title' => $all_title,
253			'all_url' => $all_url,
254			'fade_in' => $fade_in,
255			'fade_out' => $fade_out,
256			'speed' => $speed,
257			'link_testimonials' => $link_testimonials,
258			) )
259			);
260			endif;
261			$testimonial_id = ( 'yes' == $ajax_on ) ? 'ivycat-testimonial' : 'ivycat-testimonial-static';
262			$contents = '<div id="' . $testimonial_id . '">';
263			$contents .= ( $title ) ? '<h3>' . $title . '</h3>' : '';
264			$contents .= '<blockquote class="testimonial-content">
265			<div class="ict-content">' . $testimonials[0]['testimonial_content'] . '</div>
266			<footer>
267			<cite>';
268			$contents .= ( $link_testimonials )
269			? '<a href="' . $testimonials[0]['testimonial_link'] . '">' . $testimonials[0]['testimonial_title'] . '</a>'
270			: $testimonials[0]['testimonial_title'];
271			$contents .= '</cite>
272			</footer>';
273			$contents .= ( strlen( $all_url ) > 1 ) ? '<p><a href="' . $all_url . '">' . $all_title . '</a></p>' : '';
274			$contents .= '</blockquote>';
275			$contents .= '</div>';
276
277			return apply_filters( 'ic_testimonials_contents', $contents );
278			}
279
280			public function more_testimonials() {
281			$quantity = absint( $_POST['ict_quantity'] );
282			$group = $_POST['ict_group'];
283			$num_words = absint( $_POST['num_words'] );
284			$more_tag = $_POST['more_tag'];
285			$testimonials = $this->get_testimonials( $quantity, $group, $num_words, $more_tag, 'yes', $_POST['link_testimonials'] );
286			if ( $testimonials ) {
287			echo json_encode( $testimonials );
288			}
289			wp_die();
290			}
291
292			public function get_testimonials( $quantity, $group, $num_words, $more_tag, $ajax_on, $link_testimonials ) {
293			$args = array(
294			'post_type' => 'testimonials',
295			'orderby' => ( 'yes' == $ajax_on ) ? 'meta_value_num' : 'rand',
296			'meta_key' => 'ivycat_testimonial_order',
297			'order' => 'ASC',
298			'posts_per_page' => $quantity,
299			);
300
301			if ( $group ) {
302			$args['tax_query'] = array(
303			array(
304			'taxonomy' => 'testimonial-group',
305			'field' => is_numeric( $group ) ? 'id' : 'slug',
306			'terms' => $group
307			)
308			);
309			}
310
311			$more = ( $more_tag ) ? $more_tag : 'Read More';
312			$testimonials = get_posts( $args );
313			$testimonial_data = array();
314			do_action( 'ica_pre_loop_testimonials', $testimonials );
315			if ( $testimonials ) {
316			foreach ( $testimonials as $row ) {
317
318			$post_more = ( $more_tag ) ? ' <a class="ict-rm-link" href="' . home_url( '/testimonials/' . $row->post_name . '/' ) . '">' . $more . '</a>' : '';
319			$post_content = ( $num_words ) ?
320			wp_trim_words( $row->post_content, $num_words, $post_more )
321			: $row->post_content;
322
323			$testimonial_data[] = array(
324			'testimonial_id' => $row->ID,
325			'testimonial_title' => $row->post_title,
326			'testimonial_link' => ( $link_testimonials ) ? get_permalink( $row->ID ) : false,
327			'testimonial_content' => ( strlen( $row->post_excerpt ) > 1 )
328			? $row->post_excerpt
329			: apply_filters( 'the_content', $post_content )
330			);
331			}
332			}
333
334			return apply_filters( 'ic_testimonials_data_array', $testimonial_data );
335			}
336
337			public function ivycat_custom_excerpt_more( $more ) {
			0 ignored issues – show Unused Code introduced 2017-12-01 22:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$more` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
338			$more_tag = $this->more_tag;
339
340			return ' <a class="read-more" href="' . get_permalink( get_the_ID() ) . '">' . $more_tag . '</a>';
341			}
342
343			public function ivycat_custom_excerpt_length( $length ) {
			0 ignored issues – show Unused Code introduced 2017-12-01 22:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$length` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
344			$num_words = $this->num_words;
345
346			return $num_words;
347			}
348			}
349

ivycat / ivycat-ajax-testimonials

Issues (10)

Security Analysis not enabled

ivycat-ajax-testimonials.php (5 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like