Controller::verify_get_request_nonce() - Code Metrics - Inspection of "Refactor controller to support namespaces" - sudar/bulk-delete - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — dev/6.0.0 ( 23fee9...80f154 )

by Sudar

created 2018-03-20 18:41 UTC

Controller::verify_get_request_nonce() A

↳ Parent: Controller

Complexity

Conditions	2
Paths	2

Size

Total Lines	6
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	6

Importance

Changes

Metric	Value
cc	2
eloc	3
nc	2
nop	2
dl	0
loc	6
ccs	0
cts	4
cp	0
crap	6
rs	9.4285
c	0
b	0
f	0

<?php

namespace BulkWP\BulkDelete\Core;

defined( 'ABSPATH' ) || exit; // Exit if accessed directly.

/**
 * Bulk Delete Controller.
 *
 * Handle all requests and automatically perform nonce checks.
 *
 * @since 5.5.4
 * @since 6.0.0 Added namespace.
 */
class Controller {
	/**
	 * Controller constructor.
	 */
	public function __construct() {
		add_action( 'admin_init', array( $this, 'request_handler' ) );
		add_action( 'bd_pre_bulk_action', array( $this, 'increase_timeout' ), 9 );
		add_action( 'bd_before_scheduler', array( $this, 'increase_timeout' ), 9 );

		add_filter( 'bd_get_action_nonce_check', array( $this, 'verify_get_request_nonce' ), 10, 2 );
	}

	/**
	 * Handle both POST and GET requests.
	 * This method automatically triggers all the actions after checking the nonce.
	 */
	public function request_handler() {
		if ( isset( $_POST['bd_action'] ) ) {
			$bd_action   = sanitize_text_field( $_POST['bd_action'] );
			$nonce_valid = false;

			if ( 'delete_posts_' === substr( $bd_action, 0, strlen( 'delete_posts_' ) )
				&& check_admin_referer( 'sm-bulk-delete-posts', 'sm-bulk-delete-posts-nonce' ) ) {
				$nonce_valid = true;
			}

			if ( 'delete_meta_' === substr( $bd_action, 0, strlen( 'delete_meta_' ) )
				&& check_admin_referer( 'sm-bulk-delete-meta', 'sm-bulk-delete-meta-nonce' ) ) {
				$nonce_valid = true;
			}

			if ( 'delete_jetpack_messages' === $bd_action && wp_verify_nonce( $_POST['sm-bulk-delete-misc-nonce'], 'sm-bulk-delete-misc' ) ) {
				$nonce_valid = true;
			}

			/**
			 * Perform nonce check.
			 *
			 * @since 5.5
			 */
			if ( ! apply_filters( 'bd_action_nonce_check', $nonce_valid, $bd_action ) ) {
				return;
			}

			/**
			 * Before performing a bulk action.
			 * This hook is for doing actions just before performing any bulk operation.
			 *
			 * @since 5.4
			 */
			do_action( 'bd_pre_bulk_action', $bd_action );

			/**
			 * Perform the bulk operation.
			 * This hook is for doing the bulk operation. Nonce check has already happened by this point.
			 *
			 * @since 5.4
			 */
			do_action( 'bd_' . $bd_action, $_POST );
		}

		if ( isset( $_GET['bd_action'] ) ) {
			$bd_action   = sanitize_text_field( $_GET['bd_action'] );
			$nonce_valid = false;

			/**
			 * Perform nonce check.
			 *
			 * @since 5.5.4
			 */
			if ( ! apply_filters( 'bd_get_action_nonce_check', $nonce_valid, $bd_action ) ) {
				return;
			}

			/**
			 * Perform the bulk operation.
			 * This hook is for doing the bulk operation. Nonce check has already happened by this point.
			 *
			 * @since 5.5.4
			 */
			do_action( 'bd_' . $bd_action, $_GET );
		}
	}

	/**
	 * Verify if GET request has a valid nonce.
	 *
	 * @since  5.5.4
	 *
	 * @param bool   $result Whether nonce is valid.
	 * @param string $action Action name.
	 *
	 * @return bool True if nonce is valid, otherwise return $result.
	 */
	public function verify_get_request_nonce( $result, $action ) {
		if ( check_admin_referer( "bd-{$action}", "bd-{$action}-nonce" ) ) {
			return true;
		}

		return $result;
	}

	/**
	 * Increase PHP timeout.
	 *
	 * This is to prevent bulk operations from timing out
	 *
	 * @since 5.5.4
	 */
	public function increase_timeout() {
		// phpcs:ignore PHPCompatibility.PHP.DeprecatedIniDirectives.safe_modeDeprecatedRemoved
		if ( ! ini_get( 'safe_mode' ) ) {
			// phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged
			@set_time_limit( 0 );
		}
	}
}


1		<?php
2
3		namespace BulkWP\BulkDelete\Core;
4
5	1	defined( 'ABSPATH' ) \|\| exit; // Exit if accessed directly.
6
7		/**
8		* Bulk Delete Controller.
9		*
10		* Handle all requests and automatically perform nonce checks.
11		*
12		* @since 5.5.4
13		* @since 6.0.0 Added namespace.
14		*/
15		class Controller {
16		/**
17		* Controller constructor.
18		*/
19	1	public function __construct() {
20	1	add_action( 'admin_init', array( $this, 'request_handler' ) );
21	1	add_action( 'bd_pre_bulk_action', array( $this, 'increase_timeout' ), 9 );
22	1	add_action( 'bd_before_scheduler', array( $this, 'increase_timeout' ), 9 );
23
24	1	add_filter( 'bd_get_action_nonce_check', array( $this, 'verify_get_request_nonce' ), 10, 2 );
25	1	}
26
27		/**
28		* Handle both POST and GET requests.
29		* This method automatically triggers all the actions after checking the nonce.
30		*/
31		public function request_handler() {
32		if ( isset( $_POST['bd_action'] ) ) {
33		$bd_action = sanitize_text_field( $_POST['bd_action'] );
34		$nonce_valid = false;
35
36		if ( 'delete_posts_' === substr( $bd_action, 0, strlen( 'delete_posts_' ) )
37		&& check_admin_referer( 'sm-bulk-delete-posts', 'sm-bulk-delete-posts-nonce' ) ) {
38		$nonce_valid = true;
39		}
40
41		if ( 'delete_meta_' === substr( $bd_action, 0, strlen( 'delete_meta_' ) )
42		&& check_admin_referer( 'sm-bulk-delete-meta', 'sm-bulk-delete-meta-nonce' ) ) {
43		$nonce_valid = true;
44		}
45
46		if ( 'delete_jetpack_messages' === $bd_action && wp_verify_nonce( $_POST['sm-bulk-delete-misc-nonce'], 'sm-bulk-delete-misc' ) ) {
47		$nonce_valid = true;
48		}
49
50		/**
51		* Perform nonce check.
52		*
53		* @since 5.5
54		*/
55		if ( ! apply_filters( 'bd_action_nonce_check', $nonce_valid, $bd_action ) ) {
56		return;
57		}
58
59		/**
60		* Before performing a bulk action.
61		* This hook is for doing actions just before performing any bulk operation.
62		*
63		* @since 5.4
64		*/
65		do_action( 'bd_pre_bulk_action', $bd_action );
66
67		/**
68		* Perform the bulk operation.
69		* This hook is for doing the bulk operation. Nonce check has already happened by this point.
70		*
71		* @since 5.4
72		*/
73		do_action( 'bd_' . $bd_action, $_POST );
74		}
75
76		if ( isset( $_GET['bd_action'] ) ) {
77		$bd_action = sanitize_text_field( $_GET['bd_action'] );
78		$nonce_valid = false;
79
80		/**
81		* Perform nonce check.
82		*
83		* @since 5.5.4
84		*/
85		if ( ! apply_filters( 'bd_get_action_nonce_check', $nonce_valid, $bd_action ) ) {
86		return;
87		}
88
89		/**
90		* Perform the bulk operation.
91		* This hook is for doing the bulk operation. Nonce check has already happened by this point.
92		*
93		* @since 5.5.4
94		*/
95		do_action( 'bd_' . $bd_action, $_GET );
96		}
97		}
98
99		/**
100		* Verify if GET request has a valid nonce.
101		*
102		* @since 5.5.4
103		*
104		* @param bool $result Whether nonce is valid.
105		* @param string $action Action name.
106		*
107		* @return bool True if nonce is valid, otherwise return $result.
108		*/
109		public function verify_get_request_nonce( $result, $action ) {
110		if ( check_admin_referer( "bd-{$action}", "bd-{$action}-nonce" ) ) {
111		return true;
112		}
113
114		return $result;
115		}
116
117		/**
118		* Increase PHP timeout.
119		*
120		* This is to prevent bulk operations from timing out
121		*
122		* @since 5.5.4
123		*/
124		public function increase_timeout() {
125		// phpcs:ignore PHPCompatibility.PHP.DeprecatedIniDirectives.safe_modeDeprecatedRemoved
126		if ( ! ini_get( 'safe_mode' ) ) {
127		// phpcs:ignore Generic.PHP.NoSilencedErrors.Discouraged
128		@set_time_limit( 0 );
129		}
130		}
131		}
132

sudar / bulk-delete

Push — dev/6.0.0 ( 23fee9...80f154 )

Controller::verify_get_request_nonce() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like