Issues in welcome.php (master) - Issues in master - moonstonemedia/Simple-Calendar - Measure and Improve Code Quality continuously with Scrutinizer

Issues (234)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/admin/welcome.php (6 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Welcome Page Class
 *
 * Adapted from analogue code found in WoCommerce, EDD and WordPress itself.
 *
 * @package SimpleCalendar/Admin
 */
namespace SimpleCalendar\Admin;

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * Welcome page.
 *
 * Shows a feature overview for the new version (major) and credits.
 *
 * @since 3.0.0
 */
class Welcome {

	/**
	 * Install type.
	 *
	 * @access public
	 * @var array
	 */
	public $install = '';

	/**
	 * Hook in tabs.
	 *
	 * @since 3.0.0
	 */
	public function __construct() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}

		$this->install = isset( $_GET['simcal_install'] ) ? esc_attr( $_GET['simcal_install'] ) : '';

		add_action( 'admin_menu', array( $this, 'welcome_page_tabs' ) );
		add_action( 'admin_head', array( $this, 'remove_submenu_pages' ) );
	}

	/**
	 * Add page screens.
	 *
	 * @since 3.0.0
	 */
	public function welcome_page_tabs() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}

		$welcome_page_name  = __( 'About Simple Calendar', 'google-calendar-events' );
		$welcome_page_title = __( 'Welcome to Simple Calendar', 'google-calendar-events' );

		$page = isset( $_GET['page'] ) ? $_GET['page'] : 'simple-calendar_about';

		switch ( $page ) {

			case 'simple-calendar_about' :
				$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_about', array(
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
					$this,
					'about_screen',
				) );
				break;

			case 'simple-calendar_credits' :
				$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_credits', array(
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
					$this,
					'credits_screen',
				) );
				break;

			case 'simple-calendar_translators' :
				$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_translators', array(
$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}
					$this,
					'translators_screen',
				) );
				break;
		}
	}

	/**
	 * Remove dashboard page links.
	 *
	 * @since 3.0.0
	 */
	public function remove_submenu_pages() {
		remove_submenu_page( 'index.php', 'simple-calendar_about' );
		remove_submenu_page( 'index.php', 'simple-calendar_credits' );
		remove_submenu_page( 'index.php', 'simple-calendar_translators' );
	}

	/**
	 * Main nav links at top & bottom.
	 *
	 * @since 3.0.0
	 */
	public function main_nav_links() {

		?>
		<p>
			<a href="<?php echo admin_url( 'edit.php?post_type=calendar' ); ?>"
			   class="button button-primary"
				><?php _e( 'Calendars', 'google-calendar-events' ); ?></a>
			<a href="<?php echo esc_url( add_query_arg( 'page', 'simple-calendar_settings', admin_url( 'admin.php' ) ) ); ?>"
			   class="button button-primary"
				><?php _e( 'Settings', 'google-calendar-events' ); ?></a>
			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'addons' ), 'core-plugin', 'welcome-page' ); ?>"
			   class="docs button button-primary" target="_blank"
				><?php _e( 'Add-ons', 'google-calendar-events' ); ?></a>
			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'docs' ), 'core-plugin', 'welcome-page' ); ?>"
			   class="docs button button-primary" target="_blank"
				><?php _e( 'Documentation', 'google-calendar-events' ); ?></a>
		</p>
		<?php

	}

	/**
	 * Intro shown on every about page screen.
	 *
	 * @since 3.0.0
	 */
	private function intro() {
// Bad
class Router
{
    public function generate($path)
    {
        return $_SERVER['HOST'].$path;
    }
}

// Better
class Router
{
    private $host;

    public function __construct($host)
    {
        $this->host = $host;
    }

    public function generate($path)
    {
        return $this->host.$path;
    }
}

class Controller
{
    public function myAction(Request $request)
    {
        // Instead of
        $page = isset($_GET['page']) ? intval($_GET['page']) : 1;

        // Better (assuming you use the Symfony2 request)
        $page = $request->query->get('page', 1);
    }
}

		?>
		<h1>
			<?php
			/* translators: %s prints the current version of the plugin. */
			printf( __( 'Welcome to Simple Calendar %s', 'google-calendar-events' ), SIMPLE_CALENDAR_VERSION );
			?>
		</h1>

		<div class="about-text">
			<?php

			// Difference message if updating vs fresh install.
			if ( 'update' == $this->install ) {
				$message = __( 'Thanks for updating to the latest version!', 'google-calendar-events' );
			} else {
				$message = __( 'Thanks for installing!', 'google-calendar-events' );
			}

			echo $message;

			/* translators: %s prints the current version of the plugin. */
			printf( ' ' . __( "Simple Calendar %s has a few display options to configure. ", 'google-calendar-events' ), SIMPLE_CALENDAR_VERSION );
			?>
			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'docs' ), 'core-plugin', 'welcome-page' ); ?>"
			   target="_blank"
			><?php _e( 'Check out our documentation', 'google-calendar-events' ); ?></a>
			<?php _e( 'to get started now.', 'google-calendar-events' ); ?>
		</div>

		<div class="simcal-badge">&nbsp;</div>

		<?php $this->main_nav_links(); ?>

		<h2 class="nav-tab-wrapper">
			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_about' ) {
				echo 'nav-tab-active';
			} ?>"
			   href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_about' ), 'index.php' ) ) ); ?>"
				><?php _e( "What's New", 'google-calendar-events' ); ?></a>
			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_credits' ) {
				echo 'nav-tab-active';
			} ?>"
			   href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_credits' ), 'index.php' ) ) ); ?>"
				><?php _e( 'Credits', 'google-calendar-events' ); ?></a>
			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_translators' ) {
				echo 'nav-tab-active';
			} ?>"
			   href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_translators' ), 'index.php' ) ) ); ?>"
				><?php _e( 'Translators', 'google-calendar-events' ); ?></a>
		</h2>
		<?php

	}

	/**
	 * Output the about screen.
	 *
	 * @since 3.0.0
	 */
	public function about_screen() {
		$welcome_image_about_path = SIMPLE_CALENDAR_ASSETS . '/images/welcome';
		$welcome_addons_link = simcal_ga_campaign_url( simcal_get_url( 'addons' ), 'core-plugin', 'welcome-page' );

		?>
		<div id="simcal-welcome">
			<div class="wrap about-wrap whats-new-wrap">

				<?php $this->intro(); ?>

				<h3><?php _e( 'Configure event colors, number of events to display, grid or list style and more.', 'google-calendar-events' ); ?></h3>
				<img src="<?php echo $welcome_image_about_path . '/grid-view-basic.png'; ?>" />

				<h3><?php _e( 'Mobile responsive and widget ready.', 'google-calendar-events' ); ?></h3>
				<img src="<?php echo $welcome_image_about_path . '/list-view-widget.png'; ?>" />
				<img src="<?php echo $welcome_image_about_path . '/grid-view-widget-dark-theme.png'; ?>" />

				<h3>
					<?php _e( 'Add even more display options with add-ons like', 'google-calendar-events' ); ?>
					<a href="<?php echo $welcome_addons_link; ?>" target="_blank"><?php _e( 'FullCalendar and Google Calendar Pro', 'google-calendar-events' ); ?></a>.
				</h3>
				<a href="<?php echo $welcome_addons_link; ?>" target="_blank"><img src="<?php echo $welcome_image_about_path . '/fullcalendar-google-calendar-pro-grid-view.png'; ?>" /></a>

				<h3><a href="<?php echo $welcome_addons_link; ?>" target="_blank"><?php _e( 'View Pricing and Try a Demo of our Simple Calendar Pro Add-ons.', 'google-calendar-events' ); ?></a></h3>

				<hr/>

				<?php $this->main_nav_links(); ?>

			</div>
		</div>
		<?php

	}

	/**
	 * Output the credits screen.
	 *
	 * @since 3.0.0
	 */
	public function credits_screen() {

		?>
		<div id="simcal-welcome">
			<div class="wrap about-wrap credits-wrap">
				<?php $this->intro(); ?>
				<p class="about-description">
					<?php

					printf(
						__( "Simple Calendar is created by a worldwide team of developers. If you'd like to contribute please visit our <a href='%s' target='_blank'>GitHub repo</a>.", 'google-calendar-events' ),
						simcal_get_url( 'github' )
					);

					?>
				</p>
				<?php echo $this->contributors(); ?>
			</div>
		</div>
		<?php

	}

	/**
	 * Output the translators screen.
	 *
	 * @since 3.0.0
	 */
	public function translators_screen() {

		?>
		<div id="simcal-welcome">
			<div class="wrap about-wrap translators-wrap">
				<?php $this->intro(); ?>
				<p class="about-description">
					<?php _e( 'Simple Calendar has been kindly translated into several other languages by contributors from all over the world.', 'google-calendar-events' ); ?>
				</p>
				<p class="about-description">
					<a href="https://translate.wordpress.org/projects/wp-plugins/google-calendar-events" target="_blank"><?php _e( 'Click here to help translate', 'google-calendar-events' ); ?></a>
				</p>
				<?php

				// Transifex API is not open and requires authentication,
				// Otherwise something like this would be possible:
				// `json_decode( 'https://www.transifex.com/api/2/project/simple-calendar/languages/', true );`
				// Since this is not possible, this has to be done manually.

				// @TODO switch to WordPress language packs and try to pull list of translators from there

				?>
			</div>
		</div>
		<?php

	}

	/**
	 * Render Contributors List.
	 *
	 * @since  3.0.0
	 *
	 * @return string $contributor_list HTML formatted list of contributors.
	 */
	public function contributors() {

		$contributors = $this->get_contributors();

		if ( empty( $contributors ) ) {
			return '';
		}

		$contributor_list = '<ul class="wp-people-group">';

		foreach ( $contributors as $contributor ) {

			// Skip contributor bots
			$contributor_bots = array( 'gitter-badger' );
			if ( in_array( $contributor->login, $contributor_bots ) ) {
				continue;
			}

			$contributor_list .= '<li class="wp-person">';
			$contributor_list .= sprintf(
				'<a href="%s" title="%s" target="_blank">%s</a>',
				esc_url( 'https://github.com/' . $contributor->login ),
				esc_html( sprintf( __( 'View %s', 'google-calendar-events' ), $contributor->login ) ),
				sprintf( '<img src="%s" width="64" height="64" class="gravatar" alt="%s" />', esc_url( $contributor->avatar_url ), esc_html( $contributor->login ) )
			);
			$contributor_list .= sprintf(
				'<a class="web" href="%s" target="_blank">%s</a>',
				esc_url( 'https://github.com/' . $contributor->login ),
				esc_html( $contributor->login )
			);
			$contributor_list .= '</li>';

		}

		$contributor_list .= '</ul>';

		return $contributor_list;
	}

	/**
	 * Retrieve list of contributors from GitHub.
	 *
	 * @since  3.0.0
	 *
	 * @return mixed
	 */
	public function get_contributors() {

		$contributors = get_transient( '_simple-calendar_contributors' );
		if ( false !== $contributors ) {
			return $contributors;
		}

		$response = wp_safe_remote_get(
			'https://api.github.com/repos/moonstonemedia/Simple-Calendar/contributors'
		);
		if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) {
			return array();
		}

		$contributors = json_decode( wp_remote_retrieve_body( $response ) );
		if ( ! is_array( $contributors ) ) {
			return array();
		}

		set_transient( '_simple-calendar_contributors', $contributors, HOUR_IN_SECONDS );

		return $contributors;
	}

}


1			<?php
2			/**
3			* Welcome Page Class
4			*
5			* Adapted from analogue code found in WoCommerce, EDD and WordPress itself.
6			*
7			* @package SimpleCalendar/Admin
8			*/
9			namespace SimpleCalendar\Admin;
10
11			if ( ! defined( 'ABSPATH' ) ) {
12			exit;
13			}
14
15			/**
16			* Welcome page.
17			*
18			* Shows a feature overview for the new version (major) and credits.
19			*
20			* @since 3.0.0
21			*/
22			class Welcome {
23
24			/**
25			* Install type.
26			*
27			* @access public
28			* @var array
29			*/
30			public $install = '';
31
32			/**
33			* Hook in tabs.
34			*
35			* @since 3.0.0
36			*/
37			public function __construct() {
			0 ignored issues – show Coding Style introduced 2016-07-13 22:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this `__construct` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
38
39			$this->install = isset( $_GET['simcal_install'] ) ? esc_attr( $_GET['simcal_install'] ) : '';
40
41			add_action( 'admin_menu', array( $this, 'welcome_page_tabs' ) );
42			add_action( 'admin_head', array( $this, 'remove_submenu_pages' ) );
43			}
44
45			/**
46			* Add page screens.
47			*
48			* @since 3.0.0
49			*/
50			public function welcome_page_tabs() {
			0 ignored issues – show Coding Style introduced 2016-07-13 22:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this `welcome_page_tabs` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
51
52			$welcome_page_name = __( 'About Simple Calendar', 'google-calendar-events' );
53			$welcome_page_title = __( 'Welcome to Simple Calendar', 'google-calendar-events' );
54
55			$page = isset( $_GET['page'] ) ? $_GET['page'] : 'simple-calendar_about';
56
57			switch ( $page ) {
58
59			case 'simple-calendar_about' :
60			$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_about', array(
			0 ignored issues – show Unused Code introduced 2016-09-12 23:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$page` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
61			$this,
62			'about_screen',
63			) );
64			break;
65
66			case 'simple-calendar_credits' :
67			$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_credits', array(
			0 ignored issues – show Unused Code introduced 2016-09-12 23:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$page` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
68			$this,
69			'credits_screen',
70			) );
71			break;
72
73			case 'simple-calendar_translators' :
74			$page = add_dashboard_page( $welcome_page_title, $welcome_page_name, 'manage_options', 'simple-calendar_translators', array(
			0 ignored issues – show Unused Code introduced 2016-09-12 23:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `$page` is not used, you could remove the assignment. This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently. $myVar = 'Value'; $higher = false; if (rand(1, 6) > 3) { $higher = true; } else { $higher = false; } Both the `$myVar` assignment in line 1 and the `$higher` assignment in line 2 are dead. The first because `$myVar` is never used and the second because `$higher` is always overwritten for every possible time line. Loading history...
75			$this,
76			'translators_screen',
77			) );
78			break;
79			}
80			}
81
82			/**
83			* Remove dashboard page links.
84			*
85			* @since 3.0.0
86			*/
87			public function remove_submenu_pages() {
88			remove_submenu_page( 'index.php', 'simple-calendar_about' );
89			remove_submenu_page( 'index.php', 'simple-calendar_credits' );
90			remove_submenu_page( 'index.php', 'simple-calendar_translators' );
91			}
92
93			/**
94			* Main nav links at top & bottom.
95			*
96			* @since 3.0.0
97			*/
98			public function main_nav_links() {
99
100			?>
101			<p>
102			<a href="<?php echo admin_url( 'edit.php?post_type=calendar' ); ?>"
103			class="button button-primary"
104			><?php _e( 'Calendars', 'google-calendar-events' ); ?></a>
105			<a href="<?php echo esc_url( add_query_arg( 'page', 'simple-calendar_settings', admin_url( 'admin.php' ) ) ); ?>"
106			class="button button-primary"
107			><?php _e( 'Settings', 'google-calendar-events' ); ?></a>
108			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'addons' ), 'core-plugin', 'welcome-page' ); ?>"
109			class="docs button button-primary" target="_blank"
110			><?php _e( 'Add-ons', 'google-calendar-events' ); ?></a>
111			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'docs' ), 'core-plugin', 'welcome-page' ); ?>"
112			class="docs button button-primary" target="_blank"
113			><?php _e( 'Documentation', 'google-calendar-events' ); ?></a>
114			</p>
115			<?php
116
117			}
118
119			/**
120			* Intro shown on every about page screen.
121			*
122			* @since 3.0.0
123			*/
124			private function intro() {
			0 ignored issues – show Coding Style introduced 2016-07-13 22:12 UTC by Report Bug Copy Issue Report Show Similar Issues like this `intro` uses the super-global variable `$_GET` which is generally not recommended. Instead of super-globals, we recommend to explicitly inject the dependencies of your class. This makes your code less dependent on global state and it becomes generally more testable: // Bad class Router { public function generate($path) { return $_SERVER['HOST'].$path; } } // Better class Router { private $host; public function __construct($host) { $this->host = $host; } public function generate($path) { return $this->host.$path; } } class Controller { public function myAction(Request $request) { // Instead of $page = isset($_GET['page']) ? intval($_GET['page']) : 1; // Better (assuming you use the Symfony2 request) $page = $request->query->get('page', 1); } } Loading history...
125
126			?>
127			<h1>
128			<?php
129			/* translators: %s prints the current version of the plugin. */
130			printf( __( 'Welcome to Simple Calendar %s', 'google-calendar-events' ), SIMPLE_CALENDAR_VERSION );
131			?>
132			</h1>
133
134			<div class="about-text">
135			<?php
136
137			// Difference message if updating vs fresh install.
138			if ( 'update' == $this->install ) {
139			$message = __( 'Thanks for updating to the latest version!', 'google-calendar-events' );
140			} else {
141			$message = __( 'Thanks for installing!', 'google-calendar-events' );
142			}
143
144			echo $message;
145
146			/* translators: %s prints the current version of the plugin. */
147			printf( ' ' . __( "Simple Calendar %s has a few display options to configure. ", 'google-calendar-events' ), SIMPLE_CALENDAR_VERSION );
148			?>
149			<a href="<?php echo simcal_ga_campaign_url( simcal_get_url( 'docs' ), 'core-plugin', 'welcome-page' ); ?>"
150			target="_blank"
151			><?php _e( 'Check out our documentation', 'google-calendar-events' ); ?></a>
152			<?php _e( 'to get started now.', 'google-calendar-events' ); ?>
153			</div>
154
155			<div class="simcal-badge"> </div>
156
157			<?php $this->main_nav_links(); ?>
158
159			<h2 class="nav-tab-wrapper">
160			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_about' ) {
161			echo 'nav-tab-active';
162			} ?>"
163			href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_about' ), 'index.php' ) ) ); ?>"
164			><?php _e( "What's New", 'google-calendar-events' ); ?></a>
165			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_credits' ) {
166			echo 'nav-tab-active';
167			} ?>"
168			href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_credits' ), 'index.php' ) ) ); ?>"
169			><?php _e( 'Credits', 'google-calendar-events' ); ?></a>
170			<a class="nav-tab <?php if ( $_GET['page'] == 'simple-calendar_translators' ) {
171			echo 'nav-tab-active';
172			} ?>"
173			href="<?php echo esc_url( admin_url( add_query_arg( array( 'page' => 'simple-calendar_translators' ), 'index.php' ) ) ); ?>"
174			><?php _e( 'Translators', 'google-calendar-events' ); ?></a>
175			</h2>
176			<?php
177
178			}
179
180			/**
181			* Output the about screen.
182			*
183			* @since 3.0.0
184			*/
185			public function about_screen() {
186			$welcome_image_about_path = SIMPLE_CALENDAR_ASSETS . '/images/welcome';
187			$welcome_addons_link = simcal_ga_campaign_url( simcal_get_url( 'addons' ), 'core-plugin', 'welcome-page' );
188
189			?>
190			<div id="simcal-welcome">
191			<div class="wrap about-wrap whats-new-wrap">
192
193			<?php $this->intro(); ?>
194
195			<h3><?php _e( 'Configure event colors, number of events to display, grid or list style and more.', 'google-calendar-events' ); ?></h3>
196			<img src="<?php echo $welcome_image_about_path . '/grid-view-basic.png'; ?>" />
197
198			<h3><?php _e( 'Mobile responsive and widget ready.', 'google-calendar-events' ); ?></h3>
199			<img src="<?php echo $welcome_image_about_path . '/list-view-widget.png'; ?>" />
200			<img src="<?php echo $welcome_image_about_path . '/grid-view-widget-dark-theme.png'; ?>" />
201
202			<h3>
203			<?php _e( 'Add even more display options with add-ons like', 'google-calendar-events' ); ?>
204			<a href="<?php echo $welcome_addons_link; ?>" target="_blank"><?php _e( 'FullCalendar and Google Calendar Pro', 'google-calendar-events' ); ?></a>.
205			</h3>
206			<a href="<?php echo $welcome_addons_link; ?>" target="_blank"><img src="<?php echo $welcome_image_about_path . '/fullcalendar-google-calendar-pro-grid-view.png'; ?>" /></a>
207
208			<h3><a href="<?php echo $welcome_addons_link; ?>" target="_blank"><?php _e( 'View Pricing and Try a Demo of our Simple Calendar Pro Add-ons.', 'google-calendar-events' ); ?></a></h3>
209
210			<hr/>
211
212			<?php $this->main_nav_links(); ?>
213
214			</div>
215			</div>
216			<?php
217
218			}
219
220			/**
221			* Output the credits screen.
222			*
223			* @since 3.0.0
224			*/
225			public function credits_screen() {
226
227			?>
228			<div id="simcal-welcome">
229			<div class="wrap about-wrap credits-wrap">
230			<?php $this->intro(); ?>
231			<p class="about-description">
232			<?php
233
234			printf(
235			__( "Simple Calendar is created by a worldwide team of developers. If you'd like to contribute please visit our <a href='%s' target='_blank'>GitHub repo</a>.", 'google-calendar-events' ),
236			simcal_get_url( 'github' )
237			);
238
239			?>
240			</p>
241			<?php echo $this->contributors(); ?>
242			</div>
243			</div>
244			<?php
245
246			}
247
248			/**
249			* Output the translators screen.
250			*
251			* @since 3.0.0
252			*/
253			public function translators_screen() {
254
255			?>
256			<div id="simcal-welcome">
257			<div class="wrap about-wrap translators-wrap">
258			<?php $this->intro(); ?>
259			<p class="about-description">
260			<?php _e( 'Simple Calendar has been kindly translated into several other languages by contributors from all over the world.', 'google-calendar-events' ); ?>
261			</p>
262			<p class="about-description">
263			<a href="https://translate.wordpress.org/projects/wp-plugins/google-calendar-events" target="_blank"><?php _e( 'Click here to help translate', 'google-calendar-events' ); ?></a>
264			</p>
265			<?php
266
267			// Transifex API is not open and requires authentication,
268			// Otherwise something like this would be possible:
269			// `json_decode( 'https://www.transifex.com/api/2/project/simple-calendar/languages/', true );`
270			// Since this is not possible, this has to be done manually.
271
272			// @TODO switch to WordPress language packs and try to pull list of translators from there
273
274			?>
275			</div>
276			</div>
277			<?php
278
279			}
280
281			/**
282			* Render Contributors List.
283			*
284			* @since 3.0.0
285			*
286			* @return string $contributor_list HTML formatted list of contributors.
287			*/
288			public function contributors() {
289
290			$contributors = $this->get_contributors();
291
292			if ( empty( $contributors ) ) {
293			return '';
294			}
295
296			$contributor_list = '<ul class="wp-people-group">';
297
298			foreach ( $contributors as $contributor ) {
299
300			// Skip contributor bots
301			$contributor_bots = array( 'gitter-badger' );
302			if ( in_array( $contributor->login, $contributor_bots ) ) {
303			continue;
304			}
305
306			$contributor_list .= '<li class="wp-person">';
307			$contributor_list .= sprintf(
308			'<a href="%s" title="%s" target="_blank">%s</a>',
309			esc_url( 'https://github.com/' . $contributor->login ),
310			esc_html( sprintf( __( 'View %s', 'google-calendar-events' ), $contributor->login ) ),
311			sprintf( '<img src="%s" width="64" height="64" class="gravatar" alt="%s" />', esc_url( $contributor->avatar_url ), esc_html( $contributor->login ) )
312			);
313			$contributor_list .= sprintf(
314			'<a class="web" href="%s" target="_blank">%s</a>',
315			esc_url( 'https://github.com/' . $contributor->login ),
316			esc_html( $contributor->login )
317			);
318			$contributor_list .= '</li>';
319
320			}
321
322			$contributor_list .= '</ul>';
323
324			return $contributor_list;
325			}
326
327			/**
328			* Retrieve list of contributors from GitHub.
329			*
330			* @since 3.0.0
331			*
332			* @return mixed
333			*/
334			public function get_contributors() {
335
336			$contributors = get_transient( '_simple-calendar_contributors' );
337			if ( false !== $contributors ) {
338			return $contributors;
339			}
340
341			$response = wp_safe_remote_get(
342			'https://api.github.com/repos/moonstonemedia/Simple-Calendar/contributors'
343			);
344			if ( is_wp_error( $response ) \|\| 200 != wp_remote_retrieve_response_code( $response ) ) {
345			return array();
346			}
347
348			$contributors = json_decode( wp_remote_retrieve_body( $response ) );
349			if ( ! is_array( $contributors ) ) {
350			return array();
351			}
352
353			set_transient( '_simple-calendar_contributors', $contributors, HOUR_IN_SECONDS );
354
355			return $contributors;
356			}
357
358			}
359

moonstonemedia / Simple-Calendar

Issues (234)

Security Analysis not enabled

includes/admin/welcome.php (6 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like