Issues in acf-pro.php (master) - Issues in master - rousnay/lighthouse - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1378)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/acf/pro/acf-pro.php (21 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php 

if( !class_exists('acf_pro') ):

class acf_pro {
	
	/*
	*  __construct
	*
	*  
	*
	*  @type	function
	*  @date	23/06/12
	*  @since	5.0.0
	*
	*  @param	N/A
	*  @return	N/A
	*/

	
	function __construct() {

		
		// update setting
		acf_update_setting( 'pro', true );
		acf_update_setting( 'name', __('Advanced Custom Fields PRO', 'acf') );
		

		// api
		acf_include('pro/api/api-pro.php');
		acf_include('pro/api/api-options-page.php');
		
		
		// updates
		acf_include('pro/core/updates.php');
			
			
		// admin
		if( is_admin() ) {
			
			// options page
			acf_include('pro/admin/options-page.php');
			
			// settings
			acf_include('pro/admin/settings-updates.php');
			
		}
		
		
		// actions
		add_action('init',										array($this, 'register_assets'));
		add_action('acf/include_field_types',					array($this, 'include_field_types'), 5);
		add_action('acf/input/admin_enqueue_scripts',			array($this, 'input_admin_enqueue_scripts'));
		add_action('acf/field_group/admin_enqueue_scripts',		array($this, 'field_group_admin_enqueue_scripts'));
		add_action('acf/field_group/admin_l10n',				array($this, 'field_group_admin_l10n'));
		
		
		// filters
		add_filter('acf/get_valid_field',						array($this, 'get_valid_field'), 11, 1);
		add_filter('acf/prepare_field_for_export', 				array($this, 'prepare_field_for_export'));
		add_filter('acf/prepare_field_for_import', 				array($this, 'prepare_field_for_import'));
		
	}
	
	
	/*
	*  include_field_types
	*
	*  description
	*
	*  @type	function
	*  @date	21/10/2015
	*  @since	5.2.3
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function include_field_types() {

		
		acf_include('pro/fields/repeater.php');
		acf_include('pro/fields/flexible-content.php');
		acf_include('pro/fields/gallery.php');
		
	}
	
	
	/*
	*  get_valid_field
	*
	*  This function will provide compatibility with ACF4 fields
	*
	*  @type	function
	*  @date	23/04/2014
	*  @since	5.0.0
	*
	*  @param	$field (array)
	*  @return	$field
	*/

	
	function get_valid_field( $field ) {

		
		// extract old width
		$width = acf_extract_var( $field, 'column_width' );
		
		
		// if old width, update the new width
		if( $width ) {
			
			$field['wrapper']['width'] = $width;
		}
		
		
		// return
		return $field;
		
	}
	
	
	/*
	*  register_assets
	*
	*  description
	*
	*  @type	function
	*  @date	4/11/2013
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function register_assets() {

		
		// min
		$min = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
		
		
		// register scripts
		wp_register_script( 'acf-pro-input', acf_get_dir( "pro/assets/js/acf-pro-input{$min}.js" ), false, acf_get_setting('version') );
		wp_register_script( 'acf-pro-field-group', acf_get_dir( "pro/assets/js/acf-pro-field-group{$min}.js" ), false, acf_get_setting('version') );
		
		
		// register styles
		wp_register_style( 'acf-pro-input', acf_get_dir( 'pro/assets/css/acf-pro-input.css' ), false, acf_get_setting('version') ); 
		wp_register_style( 'acf-pro-field-group', acf_get_dir( 'pro/assets/css/acf-pro-field-group.css' ), false, acf_get_setting('version') ); 
		
	}
	
	
	/*
	*  input_admin_enqueue_scripts
	*
	*  description
	*
	*  @type	function
	*  @date	4/11/2013
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function input_admin_enqueue_scripts() {

		
		// scripts
		wp_enqueue_script('acf-pro-input');
	
	
		// styles
		wp_enqueue_style('acf-pro-input');
		
	}
	
	
	/*
	*  field_group_admin_l10n
	*
	*  description
	*
	*  @type	function
	*  @date	1/05/2014
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function field_group_admin_l10n( $l10n ) {

		
		// append
		$l10n['flexible_content'] = array(
			'layout_warning' => __('Flexible Content requires at least 1 layout','acf')
		);
		
		
		// return
		return $l10n;
	}
	
	
	/*
	*  field_group_admin_enqueue_scripts
	*
	*  description
	*
	*  @type	function
	*  @date	4/11/2013
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function field_group_admin_enqueue_scripts() {

		
		// scripts
		wp_enqueue_script('acf-pro-field-group');
	
	
		// styles
		wp_enqueue_style('acf-pro-field-group');
		
	}
	
	
	
	/*
	*  prepare_field_for_export
	*
	*  description
	*
	*  @type	function
	*  @date	11/03/2014
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function prepare_field_for_export( $field ) {

		
		// sub field (parent_layout)
		acf_extract_var( $field, 'parent_layout');
		
		
		// repeater
		if( $field['type'] == 'repeater' ) {
			
			$field['sub_fields'] = acf_prepare_fields_for_export( $field['sub_fields'] );
		
		// flexible content
		} elseif( $field['type'] == 'flexible_content' ) {
			
			foreach( $field['layouts'] as $l => $layout ) {
				
				$field['layouts'][ $l ]['sub_fields'] = acf_prepare_fields_for_export( $layout['sub_fields'] );
			
			}

		}
		
		
		// return
		return $field;
		
	}
	
	
	/*
	*  prepare_field_for_import
	*
	*  description
	*
	*  @type	function
	*  @date	11/03/2014
	*  @since	5.0.0
	*
	*  @param	$post_id (int)
	*  @return	$post_id (int)
	*/

	
	function prepare_field_for_import( $field ) {

		
		// var
		$extra = array();
		
		
		// sub fields
		if( $field['type'] == 'repeater' ) {
			
			// extract sub fields
			$sub_fields = acf_extract_var( $field, 'sub_fields');
			
			
			// reset field setting
			$field['sub_fields'] = array();
			
			
			if( !empty($sub_fields) ) {

			
				foreach( array_keys($sub_fields) as $i ) {
					
					// extract sub field
					$sub_field = acf_extract_var( $sub_fields, $i );
							
					
					// attributes
					$sub_field['parent'] = $field['key'];
					
					
					// append to extra
					$extra[] = $sub_field;
					
				}
				
			}
			
		} elseif( $field['type'] == 'flexible_content' ) {
			
			// extract layouts
			$layouts = acf_extract_var( $field, 'layouts');
			
			
			// reset field setting
			$field['layouts'] = array();
			
			
			// validate layouts
			if( !empty($layouts) ) {
				
				// loop over layouts
				foreach( array_keys($layouts) as $i ) {
					
					// extract layout
					$layout = acf_extract_var( $layouts, $i );
					
					
					// get valid layout (fixes ACF4 export code bug undefined index 'key')
					if( empty($layout['key']) ) {
						
						$layout['key'] = uniqid();
						
					}
					
					
					// extract sub fields
					$sub_fields = acf_extract_var( $layout, 'sub_fields');
					
					
					// validate sub fields
					if( !empty($sub_fields) ) {

						
						// loop over sub fields
						foreach( array_keys($sub_fields) as $j ) {
							
							// extract sub field
							$sub_field = acf_extract_var( $sub_fields, $j );
							
							
							// attributes
							$sub_field['parent'] = $field['key'];
							$sub_field['parent_layout'] = $layout['key'];
							
							
							// append to extra
							$extra[] = $sub_field;
							
						}
						
					}
					
					
					// append to layout
					$field['layouts'][] = $layout;
				
				}
				
			}

		}
		
		
		// extra
		if( !empty($extra) ) {
			
			array_unshift($extra, $field);
			
			return $extra;
			
		}
		
		
		// return
		return $field;
		
	}
	 
}


// instantiate
new acf_pro();


// end class
endif;

?>



1		<?php
2
3		if( !class_exists('acf_pro') ):
4
5		class acf_pro {
6
7		/*
8		* __construct
9		*
10		*
11		*
12		* @type function
13		* @date 23/06/12
14		* @since 5.0.0
15		*
16		* @param N/A
17		* @return N/A
18		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `N/A` could not be parsed: Unknown type name "N/A" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
19
20		function __construct() {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
21
22		// update setting
23		acf_update_setting( 'pro', true );
24		acf_update_setting( 'name', __('Advanced Custom Fields PRO', 'acf') );
25
26
27		// api
28		acf_include('pro/api/api-pro.php');
29		acf_include('pro/api/api-options-page.php');
30
31
32		// updates
33		acf_include('pro/core/updates.php');
34
35
36		// admin
37		if( is_admin() ) {
38
39		// options page
40		acf_include('pro/admin/options-page.php');
41
42		// settings
43		acf_include('pro/admin/settings-updates.php');
44
45		}
46
47
48		// actions
49		add_action('init', array($this, 'register_assets'));
50		add_action('acf/include_field_types', array($this, 'include_field_types'), 5);
51		add_action('acf/input/admin_enqueue_scripts', array($this, 'input_admin_enqueue_scripts'));
52		add_action('acf/field_group/admin_enqueue_scripts', array($this, 'field_group_admin_enqueue_scripts'));
53		add_action('acf/field_group/admin_l10n', array($this, 'field_group_admin_l10n'));
54
55
56		// filters
57		add_filter('acf/get_valid_field', array($this, 'get_valid_field'), 11, 1);
58		add_filter('acf/prepare_field_for_export', array($this, 'prepare_field_for_export'));
59		add_filter('acf/prepare_field_for_import', array($this, 'prepare_field_for_import'));
60
61		}
62
63
64		/*
65		* include_field_types
66		*
67		* description
68		*
69		* @type function
70		* @date 21/10/2015
71		* @since 5.2.3
72		*
73		* @param $post_id (int)
74		* @return $post_id (int)
75		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
76
77		function include_field_types() {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
78
79		acf_include('pro/fields/repeater.php');
80		acf_include('pro/fields/flexible-content.php');
81		acf_include('pro/fields/gallery.php');
82
83		}
84
85
86		/*
87		* get_valid_field
88		*
89		* This function will provide compatibility with ACF4 fields
90		*
91		* @type function
92		* @date 23/04/2014
93		* @since 5.0.0
94		*
95		* @param $field (array)
96		* @return $field
97		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$field` could not be parsed: Unknown type name "$field" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
98
99		function get_valid_field( $field ) {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
100
101		// extract old width
102		$width = acf_extract_var( $field, 'column_width' );
103
104
105		// if old width, update the new width
106		if( $width ) {
107
108		$field['wrapper']['width'] = $width;
109		}
110
111
112		// return
113		return $field;
114
115		}
116
117
118		/*
119		* register_assets
120		*
121		* description
122		*
123		* @type function
124		* @date 4/11/2013
125		* @since 5.0.0
126		*
127		* @param $post_id (int)
128		* @return $post_id (int)
129		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
130
131		function register_assets() {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
132
133		// min
134		$min = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
135
136
137		// register scripts
138		wp_register_script( 'acf-pro-input', acf_get_dir( "pro/assets/js/acf-pro-input{$min}.js" ), false, acf_get_setting('version') );
139		wp_register_script( 'acf-pro-field-group', acf_get_dir( "pro/assets/js/acf-pro-field-group{$min}.js" ), false, acf_get_setting('version') );
140
141
142		// register styles
143		wp_register_style( 'acf-pro-input', acf_get_dir( 'pro/assets/css/acf-pro-input.css' ), false, acf_get_setting('version') );
144		wp_register_style( 'acf-pro-field-group', acf_get_dir( 'pro/assets/css/acf-pro-field-group.css' ), false, acf_get_setting('version') );
145
146		}
147
148
149		/*
150		* input_admin_enqueue_scripts
151		*
152		* description
153		*
154		* @type function
155		* @date 4/11/2013
156		* @since 5.0.0
157		*
158		* @param $post_id (int)
159		* @return $post_id (int)
160		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
161
162		function input_admin_enqueue_scripts() {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
163
164		// scripts
165		wp_enqueue_script('acf-pro-input');
166
167
168		// styles
169		wp_enqueue_style('acf-pro-input');
170
171		}
172
173
174		/*
175		* field_group_admin_l10n
176		*
177		* description
178		*
179		* @type function
180		* @date 1/05/2014
181		* @since 5.0.0
182		*
183		* @param $post_id (int)
184		* @return $post_id (int)
185		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
186
187		function field_group_admin_l10n( $l10n ) {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
188
189		// append
190		$l10n['flexible_content'] = array(
191		'layout_warning' => __('Flexible Content requires at least 1 layout','acf')
192		);
193
194
195		// return
196		return $l10n;
197		}
198
199
200		/*
201		* field_group_admin_enqueue_scripts
202		*
203		* description
204		*
205		* @type function
206		* @date 4/11/2013
207		* @since 5.0.0
208		*
209		* @param $post_id (int)
210		* @return $post_id (int)
211		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
212
213		function field_group_admin_enqueue_scripts() {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
214
215		// scripts
216		wp_enqueue_script('acf-pro-field-group');
217
218
219		// styles
220		wp_enqueue_style('acf-pro-field-group');
221
222		}
223
224
225
226		/*
227		* prepare_field_for_export
228		*
229		* description
230		*
231		* @type function
232		* @date 11/03/2014
233		* @since 5.0.0
234		*
235		* @param $post_id (int)
236		* @return $post_id (int)
237		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
238
239		function prepare_field_for_export( $field ) {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
240
241		// sub field (parent_layout)
242		acf_extract_var( $field, 'parent_layout');
243
244
245		// repeater
246		if( $field['type'] == 'repeater' ) {
247
248		$field['sub_fields'] = acf_prepare_fields_for_export( $field['sub_fields'] );
249
250		// flexible content
251		} elseif( $field['type'] == 'flexible_content' ) {
252
253		foreach( $field['layouts'] as $l => $layout ) {
254
255		$field['layouts'][ $l ]['sub_fields'] = acf_prepare_fields_for_export( $layout['sub_fields'] );
256
257		}
258
259		}
260
261
262		// return
263		return $field;
264
265		}
266
267
268		/*
269		* prepare_field_for_import
270		*
271		* description
272		*
273		* @type function
274		* @date 11/03/2014
275		* @since 5.0.0
276		*
277		* @param $post_id (int)
278		* @return $post_id (int)
279		*/
		0 ignored issues – show Documentation introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this The doc-type `$post_id` could not be parsed: Unknown type name "$post_id" at position 0. (view supported doc-types) This check marks PHPDoc comments that could not be parsed by our parser. To see which comment annotations we can parse, please refer to our documentation on supported doc-types. Loading history...
280
281		function prepare_field_for_import( $field ) {
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is generally recommended to explicitly declare the visibility for methods. Adding explicit visibility (`private`, `protected`, or `public`) is generally recommend to communicate to other developers how, and from where this method is intended to be used. Loading history...
282
283		// var
284		$extra = array();
285
286
287		// sub fields
288		if( $field['type'] == 'repeater' ) {
289
290		// extract sub fields
291		$sub_fields = acf_extract_var( $field, 'sub_fields');
292
293
294		// reset field setting
295		$field['sub_fields'] = array();
296
297
298	View Code Duplication	if( !empty($sub_fields) ) {
		0 ignored issues – show Duplication introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
299
300		foreach( array_keys($sub_fields) as $i ) {
301
302		// extract sub field
303		$sub_field = acf_extract_var( $sub_fields, $i );
304
305
306		// attributes
307		$sub_field['parent'] = $field['key'];
308
309
310		// append to extra
311		$extra[] = $sub_field;
312
313		}
314
315		}
316
317		} elseif( $field['type'] == 'flexible_content' ) {
318
319		// extract layouts
320		$layouts = acf_extract_var( $field, 'layouts');
321
322
323		// reset field setting
324		$field['layouts'] = array();
325
326
327		// validate layouts
328		if( !empty($layouts) ) {
329
330		// loop over layouts
331		foreach( array_keys($layouts) as $i ) {
332
333		// extract layout
334		$layout = acf_extract_var( $layouts, $i );
335
336
337		// get valid layout (fixes ACF4 export code bug undefined index 'key')
338		if( empty($layout['key']) ) {
339
340		$layout['key'] = uniqid();
341
342		}
343
344
345		// extract sub fields
346		$sub_fields = acf_extract_var( $layout, 'sub_fields');
347
348
349		// validate sub fields
350	View Code Duplication	if( !empty($sub_fields) ) {
		0 ignored issues – show Duplication introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
351
352		// loop over sub fields
353		foreach( array_keys($sub_fields) as $j ) {
354
355		// extract sub field
356		$sub_field = acf_extract_var( $sub_fields, $j );
357
358
359		// attributes
360		$sub_field['parent'] = $field['key'];
361		$sub_field['parent_layout'] = $layout['key'];
362
363
364		// append to extra
365		$extra[] = $sub_field;
366
367		}
368
369		}
370
371
372		// append to layout
373		$field['layouts'][] = $layout;
374
375		}
376
377		}
378
379		}
380
381
382		// extra
383		if( !empty($extra) ) {
384
385		array_unshift($extra, $field);
386
387		return $extra;
388
389		}
390
391
392		// return
393		return $field;
394
395		}
396
397		}
398
399
400		// instantiate
401		new acf_pro();
402
403
404		// end class
405		endif;
406
407		?>
		0 ignored issues – show Best Practice introduced 2016-02-10 19:57 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...
408

rousnay / lighthouse

Issues (1378)

Security Analysis not enabled

includes/acf/pro/acf-pro.php (21 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like