podlove / podlove-subscribe-button-wp-plugin

widget.php

<?php

Class file names should be based on the class name with "class-" prepended. Expected class-podlove-subscribe-button-widget.php, but found widget.php.

namespace PodloveSubscribeButton;

include_once( ABSPATH . 'wp-admin/includes/plugin.php' );

class Podlove_Subscribe_Button_Widget extends \WP_Widget {

	public function __construct() {
		parent::__construct(
					'podlove_subscribe_button_wp_plugin_widget',
					( self::is_podlove_publisher_active() ? 'Podlove Subscribe Button (WordPress plugin)' : 'Podlove Subscribe Button' ),
					array( 'description' => __( 'Adds a Podlove Subscribe Button to your Sidebar', 'podlove-subscribe-button' ), )

Comma not allowed after last value in single-line array declaration

				);
	}

	public static $widget_settings = array('infotext', 'title', 'size', 'style', 'format', 'autowidth', 'button', 'color');

Missing space after array opener.

Missing space before array closer.

	public static function is_podlove_publisher_active() {
		if ( is_plugin_active("podlove-podcasting-plugin-for-wordpress/podlove.php") ) {
			return true;
		}

		return false;
	}

	public function widget( $args, $instance ) {
		// Fetch the (network)button by it's name
		if ( ! $button = \PodloveSubscribeButton\Model\Button::get_button_by_name($instance['button']) )

Variable assignment found within a condition. Did you mean to do a comparison?

			return sprintf( __('Oops. There is no button with the ID "%s".', 'podlove-subscribe-button'), $args['button'] );

A gettext call containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

		echo $args['before_widget'];

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args'.

		echo $args['before_title'] . apply_filters( 'widget_title', $instance['title'] ). $args['after_title'];

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'apply_filters'.

		echo $button->render(

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$button'.

				\PodloveSubscribeButton::get_array_value_with_fallback($instance, 'size'),
				\PodloveSubscribeButton::get_array_value_with_fallback($instance, 'autowidth'),

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'PodloveSubscribeButton'.

				\PodloveSubscribeButton::get_array_value_with_fallback($instance, 'style'),

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'PodloveSubscribeButton'.

				\PodloveSubscribeButton::get_array_value_with_fallback($instance, 'format'),

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'PodloveSubscribeButton'.

				\PodloveSubscribeButton::get_array_value_with_fallback($instance, 'color')

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'PodloveSubscribeButton'.

			);

		if ( strlen($instance['infotext']) )
			echo wpautop($instance['infotext']);

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'wpautop'.

		echo $args['after_widget'];

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$args'.

	}

	public function form( $instance ) {

        $title     = isset( $instance[ 'title' ] )     ? $instance[ 'title' ]     : '';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 5 found

Expected 1 space before ":"; 5 found

        $button = isset( $instance[ 'button' ] )    ? $instance[ 'button' ]    : '';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 4 found

Expected 1 space before ":"; 4 found

        $size      = isset( $instance[ 'size' ] )      ? $instance[ 'size' ]      : 'big';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 6 found

Expected 1 space before ":"; 6 found

        $style     = isset( $instance[ 'style' ] )     ? $instance[ 'style' ]     : 'filled';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 5 found

Expected 1 space before ":"; 5 found

        $format    = isset( $instance[ 'format' ] )    ? $instance[ 'format' ]    : 'cover';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 4 found

Expected 1 space before ":"; 4 found

        $autowidth = isset( $instance[ 'autowidth' ] ) ? $instance[ 'autowidth' ] : true;

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

        $infotext  = isset( $instance[ 'infotext' ] )  ? $instance[ 'infotext' ]  : '';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 2 found

Expected 1 space before ":"; 2 found

        $color     = isset( $instance[ 'color' ] )     ? $instance[ 'color' ]     : '#75ad91';

Array keys must NOT be surrounded by spaces if they only contain a string or an integer.

Expected 1 space before "?"; 5 found

Expected 1 space before ":"; 5 found

		$buttons = \PodloveSubscribeButton\Model\Button::all();
		if ( is_multisite() )
			$network_buttons = \PodloveSubscribeButton\Model\NetworkButton::all();
		?>
        <p>
            <label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title', 'podlove-subscribe-button' ); ?></label>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

            <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" value="<?php echo esc_attr($title); ?>" />

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

            <label for="<?php echo $this->get_field_id( 'color' ); ?>"><?php _e( 'Color', 'podlove-subscribe-button' ); ?></label>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

            <input class="podlove_subscribe_button_color" id="<?php echo $this->get_field_id( 'color' ); ?>" name="<?php echo $this->get_field_name( 'color' ); ?>" value="<?php echo esc_attr($color); ?>" />

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

            <style type="text/css">
                .sp-replacer {
                    display: flex;
                }
                .sp-preview {
                    flex-grow: 10;
                }
            </style>

            <label for="<?php echo $this->get_field_id( 'button' ); ?>"><?php _e( 'Button', 'podlove-subscribe-button' ); ?></label>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

            <select class="widefat" id="<?php echo $this->get_field_id( 'button' ); ?>"

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

                    name="<?php echo $this->get_field_name( 'button' ); ?>">

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

				<?php if ( isset($network_buttons) && count($network_buttons) > 0 ) : ?>
                    <optgroup label="<?php _e('Local', 'podlove'); ?>">

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

						<?php
						foreach ($buttons as $subscribebutton) {

No space after opening parenthesis is prohibited

No space before closing parenthesis is prohibited

							echo "<option value='" . sanitize_title($subscribebutton->name) . "' " . selected( sanitize_title($subscribebutton->name), $button ) . " >" . sanitize_title($subscribebutton->title) . " (" . sanitize_title($subscribebutton->name) . ")</option>";

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sanitize_title'.

						}
                        ?>
                    </optgroup>
                    <optgroup label="<?php _e('Network', 'podlove'); ?>">

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

						<?php
						foreach ($network_buttons as $subscribebutton) {

No space after opening parenthesis is prohibited

No space before closing parenthesis is prohibited

							echo "<option value='" . sanitize_title($subscribebutton->name) . "' " . selected( sanitize_title($subscribebutton->name), $button ) . " >" . sanitize_title($subscribebutton->title) . " (" . sanitize_title($subscribebutton->name) . ")</option>";

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sanitize_title'.

						}
                        ?>
                    </optgroup>
				<?php else :
					foreach ($buttons as $subscribebutton) {

No space after opening parenthesis is prohibited

No space before closing parenthesis is prohibited

						echo "<option value='" . sanitize_title($subscribebutton->name) . "' " . selected( sanitize_title($subscribebutton->name), $button ) . " >" . sanitize_title($subscribebutton->title) . " (" . sanitize_title($subscribebutton->name) . ")</option>";

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'sanitize_title'.

					}
				endif; ?>
            </select>

			<?php
			$customize_options = array(
				'size'      => array(
					'name'    => __( 'Size', 'podlove-subscribe-button' ),
					'options' => \PodloveSubscribeButton\Model\Button::$size

Each array item in a multi-line array declaration must end in a comma

				),
				'style'     => array(
					'name'    => __( 'Style', 'podlove-subscribe-button' ),
					'options' => \PodloveSubscribeButton\Model\Button::$style

Each array item in a multi-line array declaration must end in a comma

				),
				'format'    => array(
					'name'    => __( 'Format', 'podlove-subscribe-button' ),
					'options' => \PodloveSubscribeButton\Model\Button::$format

Each array item in a multi-line array declaration must end in a comma

				),
				'autowidth' => array(
					'name'    => __( 'Autowidth', 'podlove-subscribe-button' ),
					'options' => \PodloveSubscribeButton\Model\Button::$width

Each array item in a multi-line array declaration must end in a comma

				)

Each array item in a multi-line array declaration must end in a comma

			);

			foreach ($customize_options as $slug => $properties) : ?>

No space after opening parenthesis is prohibited

No space before closing parenthesis is prohibited

				<label for="<?php echo $this->get_field_id( $slug ); ?>"><?php echo $properties['name']; ?></label>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$properties'.

				<select class="widefat" id="<?php echo $this->get_field_id( $slug ); ?>" name="<?php echo $this->get_field_name( $slug ); ?>">

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

					<option value="default" <?php echo ( $$slug == 'default' ? 'selected="selected"' : '' ); ?>><?php printf( __( 'Default %s', 'podlove-subscribe-button' ), $properties['name'] ) ?></option>

Found: ==. Use strict comparisons (=== or !==).

Use Yoda Condition checks, you must.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.

A gettext call containing placeholders was found, but was not accompanied by a "translators:" comment on the line above to clarify the meaning of the placeholders.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$properties'.

					<optgroup>
						<?php foreach ( $properties['options'] as $property => $name ) : ?>
						<option value="<?php echo $property; ?>" <?php echo ( $$slug == $property ? 'selected="selected"' : '' ); ?>><?php echo $name; ?></option>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$property'.

Found: ==. Use strict comparisons (=== or !==).

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$name'.

						<?php endforeach; ?>
					</optgroup>
				</select>
			<?php endforeach; ?>

			<label for="<?php echo $this->get_field_id( 'infotext' ); ?>"><?php _e( 'Description', 'podlove-subscribe-button' ); ?></label>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.

			<textarea class="widefat" rows="10" id="<?php echo $this->get_field_id( 'infotext' ); ?>" name="<?php echo $this->get_field_name( 'infotext' ); ?>"><?php echo $infotext; ?></textarea>

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$this'.

All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$infotext'.

		</p>
		<?php
	}

	public function update( $new_instance, $old_instance ) {
		$instance = array();

		foreach (self::$widget_settings as $setting) {

No space after opening parenthesis is prohibited

No space before closing parenthesis is prohibited

			$instance[$setting]  = ( ! empty( $new_instance[$setting] ) ) ? strip_tags( $new_instance[$setting] ) : '';

strip_tags() is discouraged. Use the more comprehensive wp_strip_all_tags() instead.

Array keys must be surrounded by spaces unless they contain a string or an integer.

		}

		return $instance;
	}
}
add_action( 'widgets_init', function(){
     register_widget( '\PodloveSubscribeButton\Podlove_Subscribe_Button_Widget' );

Found precision alignment of 1 spaces.

});