NonceChecker::load() - Code Metrics - Inspection of "Handle nonce checks for bulk actions from bottom d..." - sudar/email-log - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — dev/2.3.2 ( 2b82da...e16304 )

by Sudar

created 2020-03-03 08:26 UTC

NonceChecker::load() A

↳ Parent: NonceChecker

Complexity

Conditions	1
Paths	1

Size

Total Lines	2
Code Lines	1

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	2

Importance

Changes

Metric	Value
cc	1
eloc	1
nc	1
nop	0
dl	0
loc	2
ccs	0
cts	2
cp	0
crap	2
rs	10
c	0
b	0
f	0

<?php namespace EmailLog\Core\Request;

use EmailLog\Core\Loadie;
use EmailLog\Core\UI\Page\LogListPage;

defined( 'ABSPATH' ) || exit; // Exit if accessed directly.

/**
 * Check nonce for all Email Log requests.
 *
 * @since 2.0.0
 */
class NonceChecker implements Loadie {

	/**
	 * Setup hooks.
	 *
	 * @inheritdoc
	 */
	public function load() {
		add_action( 'admin_init', array( $this, 'check_nonce' ) );
	}

	/**
	 * Check nonce for all Email Log Requests.
	 * All Email Log Requests will have the `el_` prefix and
	 * nonce would be available at `el_{action_name}_nonce`.
	 *
	 * Bulk Action keys.
	 * action => Bulk actions from the top dropdown.
	 * action2 => Bulk actions from the bottom dropdown.
	 */
	public function check_nonce() {
		if ( ! isset( $_POST['el-action'] ) && ! isset( $_REQUEST['action'] ) && ! isset( $_REQUEST['action2'] ) ) {
			return;
		}

		if ( isset( $_POST['el-action'] ) ) {
			$action = sanitize_text_field( $_POST['el-action'] );

			if ( ! isset( $_POST[ $action . '_nonce' ] ) ) {
				return;
			}

			if ( ! wp_verify_nonce( $_POST[ $action . '_nonce' ], $action ) ) {
				return;
			}
		}

		if ( isset( $_REQUEST['action'] ) || isset( $_REQUEST['action2'] ) ) {
			$action = sanitize_text_field( $_REQUEST['action'] );

			if ( '-1' === $action ) {
				if ( ! isset( $_REQUEST['action2'] ) ) {
					return;
				}

				$action = sanitize_text_field( $_REQUEST['action2'] );
			}

			if ( strpos( $action, 'el-log-list-' ) !== 0 ) {
				return;
			}

			if ( ! isset( $_REQUEST[ LogListPage::LOG_LIST_ACTION_NONCE_FIELD ] ) ) {
				return;
			}

			if ( ! wp_verify_nonce( $_REQUEST[ LogListPage::LOG_LIST_ACTION_NONCE_FIELD ], LogListPage::LOG_LIST_ACTION_NONCE ) ) {
				return;
			}
		}

		/**
		 * Perform `el` action.
		 * Nonce check has already happened at this point.
		 *
		 * @since 2.0.0
		 *
		 * @param string $action   Action name.
		 * @param array  $_REQUEST Request data.
		 */
		do_action( 'el_action', $action, $_REQUEST );


		/**
		 * Perform `el` action.
		 * Nonce check has already happened at this point.
		 *
		 * @since 2.0.0
		 *
		 * @param array $_REQUEST Request data.
		 */
		do_action( $action, $_REQUEST );
	}
}


1			<?php namespace EmailLog\Core\Request;
2
3			use EmailLog\Core\Loadie;
4			use EmailLog\Core\UI\Page\LogListPage;
5
6			defined( 'ABSPATH' ) \|\| exit; // Exit if accessed directly.
7
8			/**
9			* Check nonce for all Email Log requests.
10			*
11			* @since 2.0.0
12			*/
13			class NonceChecker implements Loadie {
14
15			/**
16			* Setup hooks.
17			*
18			* @inheritdoc
19			*/
20			public function load() {
21			add_action( 'admin_init', array( $this, 'check_nonce' ) );
22			}
23
24			/**
25			* Check nonce for all Email Log Requests.
26			* All Email Log Requests will have the `el_` prefix and
27			* nonce would be available at `el_{action_name}_nonce`.
28			*
29			* Bulk Action keys.
30			* action => Bulk actions from the top dropdown.
31			* action2 => Bulk actions from the bottom dropdown.
32			*/
33			public function check_nonce() {
34			if ( ! isset( $_POST['el-action'] ) && ! isset( $_REQUEST['action'] ) && ! isset( $_REQUEST['action2'] ) ) {
35			return;
36			}
37
38			if ( isset( $_POST['el-action'] ) ) {
39			$action = sanitize_text_field( $_POST['el-action'] );
40
41			if ( ! isset( $_POST[ $action . '_nonce' ] ) ) {
42			return;
43			}
44
45			if ( ! wp_verify_nonce( $_POST[ $action . '_nonce' ], $action ) ) {
46			return;
47			}
48			}
49
50			if ( isset( $_REQUEST['action'] ) \|\| isset( $_REQUEST['action2'] ) ) {
51			$action = sanitize_text_field( $_REQUEST['action'] );
52
53			if ( '-1' === $action ) {
54			if ( ! isset( $_REQUEST['action2'] ) ) {
55			return;
56			}
57
58			$action = sanitize_text_field( $_REQUEST['action2'] );
59			}
60
61			if ( strpos( $action, 'el-log-list-' ) !== 0 ) {
62			return;
63			}
64
65			if ( ! isset( $_REQUEST[ LogListPage::LOG_LIST_ACTION_NONCE_FIELD ] ) ) {
66			return;
67			}
68
69			if ( ! wp_verify_nonce( $_REQUEST[ LogListPage::LOG_LIST_ACTION_NONCE_FIELD ], LogListPage::LOG_LIST_ACTION_NONCE ) ) {
70			return;
71			}
72			}
73
74			/**
75			* Perform `el` action.
76			* Nonce check has already happened at this point.
77			*
78			* @since 2.0.0
79			*
80			* @param string $action Action name.
81			* @param array $_REQUEST Request data.
82			*/
83			do_action( 'el_action', $action, $_REQUEST );
			0 ignored issues – show Comprehensibility Best Practice introduced 2018-09-02 10:46 UTC by Report Bug Copy Issue Report The variable `$action` does not seem to be defined for all execution paths leading up to this point. Loading history...
84
85			/**
86			* Perform `el` action.
87			* Nonce check has already happened at this point.
88			*
89			* @since 2.0.0
90			*
91			* @param array $_REQUEST Request data.
92			*/
93			do_action( $action, $_REQUEST );
94			}
95			}
96

sudar / email-log

Push — dev/2.3.2 ( 2b82da...e16304 )

NonceChecker::load() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like