Issues in actions.php (master) - Issues in master - ravinderk/Give - Measure and Improve Code Quality continuously with Scrutinizer

Issues (4335)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/actions.php (1 issue)

Labels

Severity

Major 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * Front-end Actions
 *
 * @package     Give
 * @subpackage  Functions
 * @copyright   Copyright (c) 2016, GiveWP
 * @license     https://opensource.org/licenses/gpl-license GNU Public License
 * @since       1.0
 */

// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * Hooks Give actions, when present in the $_GET superglobal. Every give_action
 * present in $_GET is called using WordPress's do_action function. These
 * functions are called on init.
 *
 * @since  1.0
 *
 * @return void
 */
function give_get_actions() {

	$get_data = give_clean( $_GET ); // WPCS: input var ok, sanitization ok, CSRF ok.

	$_get_action = ! empty( $get_data['give_action'] ) ? $get_data['give_action'] : null;

	// Add backward compatibility to give-action param ( $_GET ).
	if ( empty( $_get_action ) ) {
		$_get_action = ! empty( $get_data['give-action'] ) ? $get_data['give-action'] : null;
	}

	if ( isset( $_get_action ) ) {
		/**
		 * Fires in WordPress init or admin init, when give_action is present in $_GET.
		 *
		 * @since 1.0
		 *
		 * @param array $_GET Array of HTTP GET variables.
		 */
		do_action( "give_{$_get_action}", $get_data );
	}

}

add_action( 'init', 'give_get_actions' );

/**
 * Hooks Give actions, when present in the $_POST super global. Every give_action
 * present in $_POST is called using WordPress's do_action function. These
 * functions are called on init.
 *
 * @since  1.0
 *
 * @return void
 */
function give_post_actions() {

	$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.

	$_post_action = ! empty( $post_data['give_action'] ) ? $post_data['give_action'] : null;

	// Add backward compatibility to give-action param ( $_POST ).
	if ( empty( $_post_action ) ) {
		$_post_action = ! empty( $post_data['give-action'] ) ? $post_data['give-action'] : null;
	}

	if ( isset( $_post_action ) ) {
		/**
		 * Fires in WordPress init or admin init, when give_action is present in $_POST.
		 *
		 * @since 1.0
		 *
		 * @param array $_POST Array of HTTP POST variables.
		 */
		do_action( "give_{$_post_action}", $post_data );
	}

}

add_action( 'init', 'give_post_actions' );

/**
 * Connect WordPress user with Donor.
 *
 * @param  int   $user_id   User ID.
 * @param  array $user_data User Data.
 *
 * @since  1.7
 *
 * @return void
 */
function give_connect_donor_to_wpuser( $user_id, $user_data ) {
	/* @var Give_Donor $donor */
	$donor = new Give_Donor( $user_data['user_email'] );

	// Validate donor id and check if do nor is already connect to wp user or not.
	if ( $donor->id && ! $donor->user_id ) {

		// Update donor user_id.
		if ( $donor->update( array( 'user_id' => $user_id ) ) ) {
			$donor_note = sprintf( esc_html__( 'WordPress user #%d is connected to #%d', 'give' ), $user_id, $donor->id );
			$donor->add_note( $donor_note );

			// Update user_id meta in payments.
			// if( ! empty( $donor->payment_ids ) && ( $donations = explode( ',', $donor->payment_ids ) ) ) {
			// 	foreach ( $donations as $donation  ) {
			// 		give_update_meta( $donation, '_give_payment_user_id', $user_id );
			// 	}
			// }
			// Do not need to update user_id in payment because we will get user id from donor id now.
		}
	}
}

add_action( 'give_insert_user', 'give_connect_donor_to_wpuser', 10, 2 );


/**
 * Processing after donor batch export complete
 *
 * @since 1.8
 *
 * @param $data
 */
function give_donor_batch_export_complete( $data ) {
	// Remove donor ids cache.
	if (
		isset( $data['class'] )
		&& 'Give_Batch_Donors_Export' === $data['class']
		&& ! empty( $data['forms'] )
		&& isset( $data['give_export_option']['query_id'] )
	) {
		Give_Cache::delete( Give_Cache::get_key( $data['give_export_option']['query_id'] ) );
	}
}

add_action( 'give_file_export_complete', 'give_donor_batch_export_complete' );

/**
 * Print css for wordpress setting pages.
 *
 * @since 1.8.7
 */
function give_admin_quick_css() {
	/* @var WP_Screen $screen */
	$screen = get_current_screen();

	if ( ! ( $screen instanceof WP_Screen ) ) {
if ($x instanceof DoesNotExist) {
    // Do something.
}
		return false;
	}

	switch ( true ) {
		case ( 'plugins' === $screen->base || 'plugins-network' === $screen->base ):
			?>
			<style>
				tr.active.update + tr.give-addon-notice-tr td {
					box-shadow: none;
					-webkit-box-shadow: none;
				}

				tr.active + tr.give-addon-notice-tr td {
					position: relative;
					top: -1px;
				}

				tr.active + tr.give-addon-notice-tr .notice {
					margin: 5px 20px 15px 40px;
				}

				tr.give-addon-notice-tr .dashicons {
					color: #f56e28;
				}

				tr.give-addon-notice-tr td {
					border-left: 4px solid #00a0d2;
				}

				tr.give-addon-notice-tr td {
					padding: 0 !important;
				}

				tr.active.update + tr.give-addon-notice-tr .notice {
					margin: 5px 20px 5px 40px;
				}
			</style>
			<?php
	}
}

add_action( 'admin_head', 'give_admin_quick_css' );


/**
 * Set Donation Amount for Multi Level Donation Forms
 *
 * @param int $form_id Donation Form ID.
 *
 * @since 1.8.9
 *
 * @return void
 */
function give_set_donation_levels_max_min_amount( $form_id ) {
	if (
		( 'set' === $_POST['_give_price_option'] ) ||
		( in_array( '_give_donation_levels', $_POST ) && count( $_POST['_give_donation_levels'] ) <= 0 ) ||
		! ( $donation_levels_amounts = wp_list_pluck( $_POST['_give_donation_levels'], '_give_amount' ) )
	) {
		// Delete old meta.
		give_delete_meta( $form_id, '_give_levels_minimum_amount' );
		give_delete_meta( $form_id, '_give_levels_maximum_amount' );

		return;
	}

	// Sanitize donation level amounts.
	$donation_levels_amounts = array_map( 'give_maybe_sanitize_amount', $donation_levels_amounts );

	$min_amount = min( $donation_levels_amounts );
	$max_amount = max( $donation_levels_amounts );

	// Set Minimum and Maximum amount for Multi Level Donation Forms.
	give_update_meta( $form_id, '_give_levels_minimum_amount', $min_amount ? give_sanitize_amount_for_db( $min_amount ) : 0 );
	give_update_meta( $form_id, '_give_levels_maximum_amount', $max_amount ? give_sanitize_amount_for_db( $max_amount ) : 0 );
}

add_action( 'give_pre_process_give_forms_meta', 'give_set_donation_levels_max_min_amount', 30 );


/**
 * Save donor address when donation complete
 *
 * @since 2.0
 *
 * @param int $payment_id
 */
function _give_save_donor_billing_address( $payment_id ) {
	$donor_id  = absint( give_get_payment_donor_id( $payment_id ));

	// Bailout
	if ( ! $donor_id ) {
		return;
	}


	/* @var Give_Donor $donor */
	$donor = new Give_Donor( $donor_id );

	// Save address.
	$donor->add_address( 'billing[]', give_get_donation_address( $payment_id ) );
}

add_action( 'give_complete_donation', '_give_save_donor_billing_address', 9999 );


/**
 * Update form id in payment logs
 *
 * @since 2.0
 *
 * @param array $args
 */
function give_update_log_form_id( $args ) {
	$new_form_id = absint( $args[0] );
	$payment_id  = absint( $args[1] );
	$logs        = Give()->logs->get_logs( $payment_id );

	// Bailout.
	if ( empty( $logs ) ) {
		return;
	}

	/* @var object $log */
	foreach ( $logs as $log ) {
		Give()->logs->logmeta_db->update_meta( $log->ID, '_give_log_form_id', $new_form_id );
	}

	// Delete cache.
	Give()->logs->delete_cache();
}

add_action( 'give_update_log_form_id', 'give_update_log_form_id' );

/**
 * Verify addon dependency before addon update
 *
 * @since 2.1.4
 *
 * @param $error
 * @param $hook_extra
 *
 * @return WP_Error
 */
function __give_verify_addon_dependency_before_update( $error, $hook_extra ) {
	// Bailout.
	if (
		is_wp_error( $error )
		|| ! array_key_exists( 'plugin', $hook_extra )
	) {
		return $error;
	}

	$plugin_base    = strtolower( $hook_extra['plugin'] );
	$licensed_addon = array_map( 'strtolower', Give_License::get_licensed_addons() );

	// Skip if not a Give addon.
	if ( ! in_array( $plugin_base, $licensed_addon ) ) {
		return $error;
	}

	// Load file.
	if( ! class_exists( 'Give_Readme_Parser' ) ) {
		require_once GIVE_PLUGIN_DIR . 'includes/class-give-readme-parser.php';
	}

	$plugin_base = strtolower( $plugin_base );
	$plugin_slug = str_replace( '.php', '', basename( $plugin_base ) );

	/**
	 * Filter the addon readme.txt url
	 *
	 * @since 2.1.4
	 */
	$url = apply_filters(
		'give_addon_readme_file_url',
		"https://givewp.com/downloads/plugins/{$plugin_slug}/readme.txt",
		$plugin_slug
	);

	$parser           = new Give_Readme_Parser( $url );
	$give_min_version = $parser->requires_at_least();


	if ( version_compare( GIVE_VERSION, $give_min_version, '<' ) ) {
		return new WP_Error(
			'Give_Addon_Update_Error',
			sprintf(
				__( 'Give version %s is required to update this add-on.', 'give' ),
				$give_min_version
			)
		);
	}

	return $error;
}

add_filter( 'upgrader_pre_install', '__give_verify_addon_dependency_before_update', 10, 2 );

/**
 * Function to add suppress_filters param if WPML add-on is activated.
 *
 * @since 2.1.4
 *
 * @param array WP query argument for Total Goal.
 *
 * @return array WP query argument for Total Goal.
 */
function __give_wpml_total_goal_shortcode_agrs( $args ) {
	$args['suppress_filters'] = true;

	return $args;
}

/**
 * Function to remove WPML post where filter in goal total amount shortcode.
 *
 * @since 2.1.4
 * @global SitePress $sitepress
 */
function __give_remove_wpml_parse_query_filter() {
	global $sitepress;
	remove_action('parse_query', array($sitepress, 'parse_query'));
}


/**
 * Function to add WPML post where filter in goal total amount shortcode.
 *
 * @since 2.1.4
 * @global SitePress $sitepress
 */
function __give_add_wpml_parse_query_filter() {
	global $sitepress;
	add_action('parse_query', array($sitepress, 'parse_query'));
}

/**
 * Action all the hook that add support for WPML.
 *
 * @since 2.1.4
 */
function give_add_support_for_wpml() {
	if ( ! function_exists( 'is_plugin_active' ) ) {
		include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
	}


	if ( is_plugin_active( 'sitepress-multilingual-cms/sitepress.php' ) ) {

		add_filter( 'give_totals_goal_shortcode_query_args', '__give_wpml_total_goal_shortcode_agrs' );

		// @see https://wpml.org/forums/topic/problem-with-query-filter-in-get_posts-function/#post-271309
		add_action( 'give_totals_goal_shortcode_before_render', '__give_remove_wpml_parse_query_filter', 99 );
		add_action( 'give_totals_goal_shortcode_after_render', '__give_add_wpml_parse_query_filter', 99 );
	}
}

add_action( 'give_init', 'give_add_support_for_wpml', 1000 );


Issues (4335)

Security Analysis not enabled

includes/actions.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Missing dependencies

2. Missing use statement

1		<?php
2		/**
3		* Front-end Actions
4		*
5		* @package Give
6		* @subpackage Functions
7		* @copyright Copyright (c) 2016, GiveWP
8		* @license https://opensource.org/licenses/gpl-license GNU Public License
9		* @since 1.0
10		*/
11
12		// Exit if accessed directly.
13		if ( ! defined( 'ABSPATH' ) ) {
14		exit;
15		}
16
17		/**
18		* Hooks Give actions, when present in the $_GET superglobal. Every give_action
19		* present in $_GET is called using WordPress's do_action function. These
20		* functions are called on init.
21		*
22		* @since 1.0
23		*
24		* @return void
25		*/
26	View Code Duplication	function give_get_actions() {
27
28		$get_data = give_clean( $_GET ); // WPCS: input var ok, sanitization ok, CSRF ok.
29
30		$_get_action = ! empty( $get_data['give_action'] ) ? $get_data['give_action'] : null;
31
32		// Add backward compatibility to give-action param ( $_GET ).
33		if ( empty( $_get_action ) ) {
34		$_get_action = ! empty( $get_data['give-action'] ) ? $get_data['give-action'] : null;
35		}
36
37		if ( isset( $_get_action ) ) {
38		/**
39		* Fires in WordPress init or admin init, when give_action is present in $_GET.
40		*
41		* @since 1.0
42		*
43		* @param array $_GET Array of HTTP GET variables.
44		*/
45		do_action( "give_{$_get_action}", $get_data );
46		}
47
48		}
49
50		add_action( 'init', 'give_get_actions' );
51
52		/**
53		* Hooks Give actions, when present in the $_POST super global. Every give_action
54		* present in $_POST is called using WordPress's do_action function. These
55		* functions are called on init.
56		*
57		* @since 1.0
58		*
59		* @return void
60		*/
61	View Code Duplication	function give_post_actions() {
62
63		$post_data = give_clean( $_POST ); // WPCS: input var ok, sanitization ok, CSRF ok.
64
65		$_post_action = ! empty( $post_data['give_action'] ) ? $post_data['give_action'] : null;
66
67		// Add backward compatibility to give-action param ( $_POST ).
68		if ( empty( $_post_action ) ) {
69		$_post_action = ! empty( $post_data['give-action'] ) ? $post_data['give-action'] : null;
70		}
71
72		if ( isset( $_post_action ) ) {
73		/**
74		* Fires in WordPress init or admin init, when give_action is present in $_POST.
75		*
76		* @since 1.0
77		*
78		* @param array $_POST Array of HTTP POST variables.
79		*/
80		do_action( "give_{$_post_action}", $post_data );
81		}
82
83		}
84
85		add_action( 'init', 'give_post_actions' );
86
87		/**
88		* Connect WordPress user with Donor.
89		*
90		* @param int $user_id User ID.
91		* @param array $user_data User Data.
92		*
93		* @since 1.7
94		*
95		* @return void
96		*/
97		function give_connect_donor_to_wpuser( $user_id, $user_data ) {
98		/* @var Give_Donor $donor */
99		$donor = new Give_Donor( $user_data['user_email'] );
100
101		// Validate donor id and check if do nor is already connect to wp user or not.
102		if ( $donor->id && ! $donor->user_id ) {
103
104		// Update donor user_id.
105		if ( $donor->update( array( 'user_id' => $user_id ) ) ) {
106		$donor_note = sprintf( esc_html__( 'WordPress user #%d is connected to #%d', 'give' ), $user_id, $donor->id );
107		$donor->add_note( $donor_note );
108
109		// Update user_id meta in payments.
110		// if( ! empty( $donor->payment_ids ) && ( $donations = explode( ',', $donor->payment_ids ) ) ) {
111		// foreach ( $donations as $donation ) {
112		// give_update_meta( $donation, '_give_payment_user_id', $user_id );
113		// }
114		// }
115		// Do not need to update user_id in payment because we will get user id from donor id now.
116		}
117		}
118		}
119
120		add_action( 'give_insert_user', 'give_connect_donor_to_wpuser', 10, 2 );
121
122
123		/**
124		* Processing after donor batch export complete
125		*
126		* @since 1.8
127		*
128		* @param $data
129		*/
130		function give_donor_batch_export_complete( $data ) {
131		// Remove donor ids cache.
132		if (
133		isset( $data['class'] )
134		&& 'Give_Batch_Donors_Export' === $data['class']
135		&& ! empty( $data['forms'] )
136		&& isset( $data['give_export_option']['query_id'] )
137		) {
138		Give_Cache::delete( Give_Cache::get_key( $data['give_export_option']['query_id'] ) );
139		}
140		}
141
142		add_action( 'give_file_export_complete', 'give_donor_batch_export_complete' );
143
144		/**
145		* Print css for wordpress setting pages.
146		*
147		* @since 1.8.7
148		*/
149		function give_admin_quick_css() {
150		/* @var WP_Screen $screen */
151		$screen = get_current_screen();
152
153		if ( ! ( $screen instanceof WP_Screen ) ) {
		0 ignored issues – show Bug introduced 2017-05-04 10:46 UTC by Report Bug Copy Issue Report Show Similar Issues like this The class `WP_Screen` does not exist. Did you forget a USE statement, or did you not list all dependencies? This error could be the result of: 1. Missing dependencies PHP Analyzer uses your `composer.json` file (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects the `composer.json` to be in the root folder of your repository. Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the `require` or `require-dev` section? 2. Missing use statement PHP does not complain about undefined classes in `ìnstanceof` checks. For example, the following PHP code will work perfectly fine: if ($x instanceof DoesNotExist) { // Do something. } If you have not tested against this specific condition, such errors might go unnoticed. Loading history...
154		return false;
155		}
156
157		switch ( true ) {
158		case ( 'plugins' === $screen->base \|\| 'plugins-network' === $screen->base ):
159		?>
160		<style>
161		tr.active.update + tr.give-addon-notice-tr td {
162		box-shadow: none;
163		-webkit-box-shadow: none;
164		}
165
166		tr.active + tr.give-addon-notice-tr td {
167		position: relative;
168		top: -1px;
169		}
170
171		tr.active + tr.give-addon-notice-tr .notice {
172		margin: 5px 20px 15px 40px;
173		}
174
175		tr.give-addon-notice-tr .dashicons {
176		color: #f56e28;
177		}
178
179		tr.give-addon-notice-tr td {
180		border-left: 4px solid #00a0d2;
181		}
182
183		tr.give-addon-notice-tr td {
184		padding: 0 !important;
185		}
186
187		tr.active.update + tr.give-addon-notice-tr .notice {
188		margin: 5px 20px 5px 40px;
189		}
190		</style>
191		<?php
192		}
193		}
194
195		add_action( 'admin_head', 'give_admin_quick_css' );
196
197
198		/**
199		* Set Donation Amount for Multi Level Donation Forms
200		*
201		* @param int $form_id Donation Form ID.
202		*
203		* @since 1.8.9
204		*
205		* @return void
206		*/
207		function give_set_donation_levels_max_min_amount( $form_id ) {
208		if (
209		( 'set' === $_POST['_give_price_option'] ) \|\|
210		( in_array( '_give_donation_levels', $_POST ) && count( $_POST['_give_donation_levels'] ) <= 0 ) \|\|
211		! ( $donation_levels_amounts = wp_list_pluck( $_POST['_give_donation_levels'], '_give_amount' ) )
212		) {
213		// Delete old meta.
214		give_delete_meta( $form_id, '_give_levels_minimum_amount' );
215		give_delete_meta( $form_id, '_give_levels_maximum_amount' );
216
217		return;
218		}
219
220		// Sanitize donation level amounts.
221		$donation_levels_amounts = array_map( 'give_maybe_sanitize_amount', $donation_levels_amounts );
222
223		$min_amount = min( $donation_levels_amounts );
224		$max_amount = max( $donation_levels_amounts );
225
226		// Set Minimum and Maximum amount for Multi Level Donation Forms.
227		give_update_meta( $form_id, '_give_levels_minimum_amount', $min_amount ? give_sanitize_amount_for_db( $min_amount ) : 0 );
228		give_update_meta( $form_id, '_give_levels_maximum_amount', $max_amount ? give_sanitize_amount_for_db( $max_amount ) : 0 );
229		}
230
231		add_action( 'give_pre_process_give_forms_meta', 'give_set_donation_levels_max_min_amount', 30 );
232
233
234		/**
235		* Save donor address when donation complete
236		*
237		* @since 2.0
238		*
239		* @param int $payment_id
240		*/
241		function _give_save_donor_billing_address( $payment_id ) {
242		$donor_id = absint( give_get_payment_donor_id( $payment_id ));
243
244		// Bailout
245		if ( ! $donor_id ) {
246		return;
247		}
248
249
250		/* @var Give_Donor $donor */
251		$donor = new Give_Donor( $donor_id );
252
253		// Save address.
254		$donor->add_address( 'billing[]', give_get_donation_address( $payment_id ) );
255		}
256
257		add_action( 'give_complete_donation', '_give_save_donor_billing_address', 9999 );
258
259
260		/**
261		* Update form id in payment logs
262		*
263		* @since 2.0
264		*
265		* @param array $args
266		*/
267		function give_update_log_form_id( $args ) {
268		$new_form_id = absint( $args[0] );
269		$payment_id = absint( $args[1] );
270		$logs = Give()->logs->get_logs( $payment_id );
271
272		// Bailout.
273		if ( empty( $logs ) ) {
274		return;
275		}
276
277		/* @var object $log */
278		foreach ( $logs as $log ) {
279		Give()->logs->logmeta_db->update_meta( $log->ID, '_give_log_form_id', $new_form_id );
280		}
281
282		// Delete cache.
283		Give()->logs->delete_cache();
284		}
285
286		add_action( 'give_update_log_form_id', 'give_update_log_form_id' );
287
288		/**
289		* Verify addon dependency before addon update
290		*
291		* @since 2.1.4
292		*
293		* @param $error
294		* @param $hook_extra
295		*
296		* @return WP_Error
297		*/
298		function __give_verify_addon_dependency_before_update( $error, $hook_extra ) {
299		// Bailout.
300		if (
301		is_wp_error( $error )
302		\|\| ! array_key_exists( 'plugin', $hook_extra )
303		) {
304		return $error;
305		}
306
307		$plugin_base = strtolower( $hook_extra['plugin'] );
308		$licensed_addon = array_map( 'strtolower', Give_License::get_licensed_addons() );
309
310		// Skip if not a Give addon.
311		if ( ! in_array( $plugin_base, $licensed_addon ) ) {
312		return $error;
313		}
314
315		// Load file.
316		if( ! class_exists( 'Give_Readme_Parser' ) ) {
317		require_once GIVE_PLUGIN_DIR . 'includes/class-give-readme-parser.php';
318		}
319
320		$plugin_base = strtolower( $plugin_base );
321		$plugin_slug = str_replace( '.php', '', basename( $plugin_base ) );
322
323		/**
324		* Filter the addon readme.txt url
325		*
326		* @since 2.1.4
327		*/
328		$url = apply_filters(
329		'give_addon_readme_file_url',
330		"https://givewp.com/downloads/plugins/{$plugin_slug}/readme.txt",
331		$plugin_slug
332		);
333
334		$parser = new Give_Readme_Parser( $url );
335		$give_min_version = $parser->requires_at_least();
336
337
338		if ( version_compare( GIVE_VERSION, $give_min_version, '<' ) ) {
339		return new WP_Error(
340		'Give_Addon_Update_Error',
341		sprintf(
342		__( 'Give version %s is required to update this add-on.', 'give' ),
343		$give_min_version
344		)
345		);
346		}
347
348		return $error;
349		}
350
351		add_filter( 'upgrader_pre_install', '__give_verify_addon_dependency_before_update', 10, 2 );
352
353		/**
354		* Function to add suppress_filters param if WPML add-on is activated.
355		*
356		* @since 2.1.4
357		*
358		* @param array WP query argument for Total Goal.
359		*
360		* @return array WP query argument for Total Goal.
361		*/
362		function __give_wpml_total_goal_shortcode_agrs( $args ) {
363		$args['suppress_filters'] = true;
364
365		return $args;
366		}
367
368		/**
369		* Function to remove WPML post where filter in goal total amount shortcode.
370		*
371		* @since 2.1.4
372		* @global SitePress $sitepress
373		*/
374		function __give_remove_wpml_parse_query_filter() {
375		global $sitepress;
376		remove_action('parse_query', array($sitepress, 'parse_query'));
377		}
378
379
380		/**
381		* Function to add WPML post where filter in goal total amount shortcode.
382		*
383		* @since 2.1.4
384		* @global SitePress $sitepress
385		*/
386		function __give_add_wpml_parse_query_filter() {
387		global $sitepress;
388		add_action('parse_query', array($sitepress, 'parse_query'));
389		}
390
391		/**
392		* Action all the hook that add support for WPML.
393		*
394		* @since 2.1.4
395		*/
396		function give_add_support_for_wpml() {
397		if ( ! function_exists( 'is_plugin_active' ) ) {
398		include_once( ABSPATH . 'wp-admin/includes/plugin.php' );
399		}
400
401
402		if ( is_plugin_active( 'sitepress-multilingual-cms/sitepress.php' ) ) {
403
404		add_filter( 'give_totals_goal_shortcode_query_args', '__give_wpml_total_goal_shortcode_agrs' );
405
406		// @see https://wpml.org/forums/topic/problem-with-query-filter-in-get_posts-function/#post-271309
407		add_action( 'give_totals_goal_shortcode_before_render', '__give_remove_wpml_parse_query_filter', 99 );
408		add_action( 'give_totals_goal_shortcode_after_render', '__give_add_wpml_parse_query_filter', 99 );
409		}
410		}
411
412		add_action( 'give_init', 'give_add_support_for_wpml', 1000 );
413

ravinderk / Give

Issues (4335)

Security Analysis not enabled

includes/actions.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Missing dependencies

2. Missing use statement

Duplication Side-by-Side

Filter issues like