Issues in wp-rest-functions.php (master) - Issues in master - woothemes/woocommerce - Measure and Improve Code Quality continuously with Scrutinizer

Issues (1182)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

includes/vendor/wp-rest-functions.php (9 issues)

Labels

Duplication 9

Severity

Informational 9

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @version 2.0-beta12
 */

if ( ! defined( 'ABSPATH' ) ) {
	exit;
}

/**
 * core-integration.php
 */

if ( ! function_exists( 'wp_parse_slug_list' ) ) {
	/**
	 * Clean up an array, comma- or space-separated list of slugs.
	 *
	 * @since
	 *
	 * @param  array|string $list List of slugs.
	 * @return array Sanitized array of slugs.
	 */
	function wp_parse_slug_list( $list ) {
		if ( ! is_array( $list ) ) {
			$list = preg_split( '/[\s,]+/', $list );
		}

		foreach ( $list as $key => $value ) {
			$list[ $key ] = sanitize_title( $value );
		}

		return array_unique( $list );
	}
}

if ( ! function_exists( 'rest_get_server' ) ) {
	/**
	 * Retrieves the current REST server instance.
	 *
	 * Instantiates a new instance if none exists already.
	 *
	 * @since 4.5.0
	 *
	 * @global WP_REST_Server $wp_rest_server REST server instance.
	 *
	 * @return WP_REST_Server REST server instance.
	 */
	function rest_get_server() {
		/* @var WP_REST_Server $wp_rest_server */
		global $wp_rest_server;

		if ( empty( $wp_rest_server ) ) {
			/**
			 * Filter the REST Server Class.
			 *
			 * This filter allows you to adjust the server class used by the API, using a
			 * different class to handle requests.
			 *
			 * @since 4.4.0
			 *
			 * @param string $class_name The name of the server class. Default 'WP_REST_Server'.
			 */
			$wp_rest_server_class = apply_filters( 'wp_rest_server_class', 'WP_REST_Server' );
			$wp_rest_server = new $wp_rest_server_class;

			/**
			 * Fires when preparing to serve an API request.
			 *
			 * Endpoint objects should be created and register their hooks on this action rather
			 * than another action to ensure they're only loaded when needed.
			 *
			 * @since 4.4.0
			 *
			 * @param WP_REST_Server $wp_rest_server Server object.
			 */
			do_action( 'rest_api_init', $wp_rest_server );
		}

		return $wp_rest_server;
	}
}

/**
 * plugin.php
 */

if ( ! function_exists( 'rest_authorization_required_code' ) ) {
	/**
	 * Returns a contextual HTTP error code for authorization failure.
	 *
	 * @return integer
	 */
	function rest_authorization_required_code() {
		return is_user_logged_in() ? 403 : 401;
	}
}

if ( ! function_exists( 'register_rest_field' ) ) {
	/**
	 * Registers a new field on an existing WordPress object type.
	 *
	 * @global array $wp_rest_additional_fields Holds registered fields, organized
	 *                                          by object type.
	 *
	 * @param string|array $object_type Object(s) the field is being registered
	 *                                  to, "post"|"term"|"comment" etc.
	 * @param string $attribute         The attribute name.
	 * @param array  $args {
	 *     Optional. An array of arguments used to handle the registered field.
	 *
	 *     @type string|array|null $get_callback    Optional. The callback function used to retrieve the field
	 *                                              value. Default is 'null', the field will not be returned in
	 *                                              the response.
	 *     @type string|array|null $update_callback Optional. The callback function used to set and update the
	 *                                              field value. Default is 'null', the value cannot be set or
	 *                                              updated.
	 *     @type string|array|null $schema          Optional. The callback function used to create the schema for
	 *                                              this field. Default is 'null', no schema entry will be returned.
	 * }
	 */
	function register_rest_field( $object_type, $attribute, $args = array() ) {
		$defaults = array(
			'get_callback'    => null,
			'update_callback' => null,
			'schema'          => null,
		);

		$args = wp_parse_args( $args, $defaults );

		global $wp_rest_additional_fields;

		$object_types = (array) $object_type;

		foreach ( $object_types as $object_type ) {
			$wp_rest_additional_fields[ $object_type ][ $attribute ] = $args;
		}
	}
}

if ( ! function_exists( 'register_api_field' ) ) {
	/**
	 * Backwards compat shim
	 */
	function register_api_field( $object_type, $attributes, $args = array() ) {
		_deprecated_function( 'register_api_field', 'WPAPI-2.0', 'register_rest_field' );
		register_rest_field( $object_type, $attributes, $args );
	}
}

if ( ! function_exists( 'rest_validate_request_arg' ) ) {
	/**
	 * Validate a request argument based on details registered to the route.
	 *
	 * @param  mixed            $value
	 * @param  WP_REST_Request  $request
	 * @param  string           $param
	 * @return WP_Error|boolean
	 */
	function rest_validate_request_arg( $value, $request, $param ) {

		$attributes = $request->get_attributes();
		if ( ! isset( $attributes['args'][ $param ] ) || ! is_array( $attributes['args'][ $param ] ) ) {

			return true;
		}
		$args = $attributes['args'][ $param ];

		if ( ! empty( $args['enum'] ) ) {
			if ( ! in_array( $value, $args['enum'] ) ) {
				return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not one of %s', 'woocommerce' ), $param, implode( ', ', $args['enum'] ) ) );
			}
		}

		if ( 'integer' === $args['type'] && ! is_numeric( $value ) ) {
			return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not of type %s', 'woocommerce' ), $param, 'integer' ) );
		}

		if ( 'string' === $args['type'] && ! is_string( $value ) ) {

			return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not of type %s', 'woocommerce' ), $param, 'string' ) );
		}

		if ( isset( $args['format'] ) ) {
			switch ( $args['format'] ) {
				case 'date-time' :
					if ( ! rest_parse_date( $value ) ) {
						return new WP_Error( 'rest_invalid_date', __( 'The date you provided is invalid.', 'woocommerce' ) );
					}
					break;

				case 'email' :
					if ( ! is_email( $value ) ) {
						return new WP_Error( 'rest_invalid_email', __( 'The email address you provided is invalid.', 'woocommerce' ) );
					}
					break;
			}
		}

		if ( in_array( $args['type'], array( 'numeric', 'integer' ) ) && ( isset( $args['minimum'] ) || isset( $args['maximum'] ) ) ) {
			if ( isset( $args['minimum'] ) && ! isset( $args['maximum'] ) ) {
				if ( ! empty( $args['exclusiveMinimum'] ) && $value <= $args['minimum'] ) {

					return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be greater than %d (exclusive)', 'woocommerce' ), $param, $args['minimum'] ) );
				} else if ( empty( $args['exclusiveMinimum'] ) && $value < $args['minimum'] ) {
					return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be greater than %d (inclusive)', 'woocommerce' ), $param, $args['minimum'] ) );
				}
			} else if ( isset( $args['maximum'] ) && ! isset( $args['minimum'] ) ) {
				if ( ! empty( $args['exclusiveMaximum'] ) && $value >= $args['maximum'] ) {

					return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be less than %d (exclusive)', 'woocommerce' ), $param, $args['maximum'] ) );
				} else if ( empty( $args['exclusiveMaximum'] ) && $value > $args['maximum'] ) {
					return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be less than %d (inclusive)', 'woocommerce' ), $param, $args['maximum'] ) );
				}
			} else if ( isset( $args['maximum'] ) && isset( $args['minimum'] ) ) {
				if ( ! empty( $args['exclusiveMinimum'] ) && ! empty( $args['exclusiveMaximum'] ) ) {
					if ( $value >= $args['maximum'] || $value <= $args['minimum'] ) {

						return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (exclusive) and %d (exclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
					}
				} else if ( empty( $args['exclusiveMinimum'] ) && ! empty( $args['exclusiveMaximum'] ) ) {
					if ( $value >= $args['maximum'] || $value < $args['minimum'] ) {

						return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (inclusive) and %d (exclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
					}
				} else if ( ! empty( $args['exclusiveMinimum'] ) && empty( $args['exclusiveMaximum'] ) ) {
					if ( $value > $args['maximum'] || $value <= $args['minimum'] ) {

						return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (exclusive) and %d (inclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
					}
				} else if ( empty( $args['exclusiveMinimum'] ) && empty( $args['exclusiveMaximum'] ) ) {
					if ( $value > $args['maximum'] || $value < $args['minimum'] ) {

						return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (inclusive) and %d (inclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
					}
				}
			}
		}

		return true;
	}
}

if ( ! function_exists( 'rest_sanitize_request_arg' ) ) {
	/**
	 * Sanitize a request argument based on details registered to the route.
	 *
	 * @param  mixed            $value
	 * @param  WP_REST_Request  $request
	 * @param  string           $param
	 * @return mixed
	 */
	function rest_sanitize_request_arg( $value, $request, $param ) {

		$attributes = $request->get_attributes();
		if ( ! isset( $attributes['args'][ $param ] ) || ! is_array( $attributes['args'][ $param ] ) ) {

			return $value;
		}
		$args = $attributes['args'][ $param ];

		if ( 'integer' === $args['type'] ) {
			return (int) $value;
		}

		if ( isset( $args['format'] ) ) {
			switch ( $args['format'] ) {
				case 'date-time' :
					return sanitize_text_field( $value );

				case 'email' :
					/*
					 * sanitize_email() validates, which would be unexpected
					 */
					return sanitize_text_field( $value );

				case 'uri' :
					return esc_url_raw( $value );
			}
		}

		return $value;
	}

}


1		<?php
2		/**
3		* @version 2.0-beta12
4		*/
5
6		if ( ! defined( 'ABSPATH' ) ) {
7		exit;
8		}
9
10		/**
11		* core-integration.php
12		*/
13
14		if ( ! function_exists( 'wp_parse_slug_list' ) ) {
15		/**
16		* Clean up an array, comma- or space-separated list of slugs.
17		*
18		* @since
19		*
20		* @param array\|string $list List of slugs.
21		* @return array Sanitized array of slugs.
22		*/
23		function wp_parse_slug_list( $list ) {
24		if ( ! is_array( $list ) ) {
25		$list = preg_split( '/[\s,]+/', $list );
26		}
27
28		foreach ( $list as $key => $value ) {
29		$list[ $key ] = sanitize_title( $value );
30		}
31
32		return array_unique( $list );
33		}
34		}
35
36		if ( ! function_exists( 'rest_get_server' ) ) {
37		/**
38		* Retrieves the current REST server instance.
39		*
40		* Instantiates a new instance if none exists already.
41		*
42		* @since 4.5.0
43		*
44		* @global WP_REST_Server $wp_rest_server REST server instance.
45		*
46		* @return WP_REST_Server REST server instance.
47		*/
48		function rest_get_server() {
49		/* @var WP_REST_Server $wp_rest_server */
50		global $wp_rest_server;
51
52		if ( empty( $wp_rest_server ) ) {
53		/**
54		* Filter the REST Server Class.
55		*
56		* This filter allows you to adjust the server class used by the API, using a
57		* different class to handle requests.
58		*
59		* @since 4.4.0
60		*
61		* @param string $class_name The name of the server class. Default 'WP_REST_Server'.
62		*/
63		$wp_rest_server_class = apply_filters( 'wp_rest_server_class', 'WP_REST_Server' );
64		$wp_rest_server = new $wp_rest_server_class;
65
66		/**
67		* Fires when preparing to serve an API request.
68		*
69		* Endpoint objects should be created and register their hooks on this action rather
70		* than another action to ensure they're only loaded when needed.
71		*
72		* @since 4.4.0
73		*
74		* @param WP_REST_Server $wp_rest_server Server object.
75		*/
76		do_action( 'rest_api_init', $wp_rest_server );
77		}
78
79		return $wp_rest_server;
80		}
81		}
82
83		/**
84		* plugin.php
85		*/
86
87		if ( ! function_exists( 'rest_authorization_required_code' ) ) {
88		/**
89		* Returns a contextual HTTP error code for authorization failure.
90		*
91		* @return integer
92		*/
93		function rest_authorization_required_code() {
94		return is_user_logged_in() ? 403 : 401;
95		}
96		}
97
98		if ( ! function_exists( 'register_rest_field' ) ) {
99		/**
100		* Registers a new field on an existing WordPress object type.
101		*
102		* @global array $wp_rest_additional_fields Holds registered fields, organized
103		* by object type.
104		*
105		* @param string\|array $object_type Object(s) the field is being registered
106		* to, "post"\|"term"\|"comment" etc.
107		* @param string $attribute The attribute name.
108		* @param array $args {
109		* Optional. An array of arguments used to handle the registered field.
110		*
111		* @type string\|array\|null $get_callback Optional. The callback function used to retrieve the field
112		* value. Default is 'null', the field will not be returned in
113		* the response.
114		* @type string\|array\|null $update_callback Optional. The callback function used to set and update the
115		* field value. Default is 'null', the value cannot be set or
116		* updated.
117		* @type string\|array\|null $schema Optional. The callback function used to create the schema for
118		* this field. Default is 'null', no schema entry will be returned.
119		* }
120		*/
121		function register_rest_field( $object_type, $attribute, $args = array() ) {
122		$defaults = array(
123		'get_callback' => null,
124		'update_callback' => null,
125		'schema' => null,
126		);
127
128		$args = wp_parse_args( $args, $defaults );
129
130		global $wp_rest_additional_fields;
131
132		$object_types = (array) $object_type;
133
134		foreach ( $object_types as $object_type ) {
135		$wp_rest_additional_fields[ $object_type ][ $attribute ] = $args;
136		}
137		}
138		}
139
140		if ( ! function_exists( 'register_api_field' ) ) {
141		/**
142		* Backwards compat shim
143		*/
144		function register_api_field( $object_type, $attributes, $args = array() ) {
145		_deprecated_function( 'register_api_field', 'WPAPI-2.0', 'register_rest_field' );
146		register_rest_field( $object_type, $attributes, $args );
147		}
148		}
149
150		if ( ! function_exists( 'rest_validate_request_arg' ) ) {
151		/**
152		* Validate a request argument based on details registered to the route.
153		*
154		* @param mixed $value
155		* @param WP_REST_Request $request
156		* @param string $param
157		* @return WP_Error\|boolean
158		*/
159		function rest_validate_request_arg( $value, $request, $param ) {
160
161		$attributes = $request->get_attributes();
162	View Code Duplication	if ( ! isset( $attributes['args'][ $param ] ) \|\| ! is_array( $attributes['args'][ $param ] ) ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
163		return true;
164		}
165		$args = $attributes['args'][ $param ];
166
167		if ( ! empty( $args['enum'] ) ) {
168		if ( ! in_array( $value, $args['enum'] ) ) {
169		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not one of %s', 'woocommerce' ), $param, implode( ', ', $args['enum'] ) ) );
170		}
171		}
172
173		if ( 'integer' === $args['type'] && ! is_numeric( $value ) ) {
174		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not of type %s', 'woocommerce' ), $param, 'integer' ) );
175		}
176
177	View Code Duplication	if ( 'string' === $args['type'] && ! is_string( $value ) ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
178		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s is not of type %s', 'woocommerce' ), $param, 'string' ) );
179		}
180
181		if ( isset( $args['format'] ) ) {
182		switch ( $args['format'] ) {
183		case 'date-time' :
184		if ( ! rest_parse_date( $value ) ) {
185		return new WP_Error( 'rest_invalid_date', __( 'The date you provided is invalid.', 'woocommerce' ) );
186		}
187		break;
188
189		case 'email' :
190		if ( ! is_email( $value ) ) {
191		return new WP_Error( 'rest_invalid_email', __( 'The email address you provided is invalid.', 'woocommerce' ) );
192		}
193		break;
194		}
195		}
196
197		if ( in_array( $args['type'], array( 'numeric', 'integer' ) ) && ( isset( $args['minimum'] ) \|\| isset( $args['maximum'] ) ) ) {
198		if ( isset( $args['minimum'] ) && ! isset( $args['maximum'] ) ) {
199	View Code Duplication	if ( ! empty( $args['exclusiveMinimum'] ) && $value <= $args['minimum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
200		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be greater than %d (exclusive)', 'woocommerce' ), $param, $args['minimum'] ) );
201		} else if ( empty( $args['exclusiveMinimum'] ) && $value < $args['minimum'] ) {
202		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be greater than %d (inclusive)', 'woocommerce' ), $param, $args['minimum'] ) );
203		}
204		} else if ( isset( $args['maximum'] ) && ! isset( $args['minimum'] ) ) {
205	View Code Duplication	if ( ! empty( $args['exclusiveMaximum'] ) && $value >= $args['maximum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
206		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be less than %d (exclusive)', 'woocommerce' ), $param, $args['maximum'] ) );
207		} else if ( empty( $args['exclusiveMaximum'] ) && $value > $args['maximum'] ) {
208		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be less than %d (inclusive)', 'woocommerce' ), $param, $args['maximum'] ) );
209		}
210		} else if ( isset( $args['maximum'] ) && isset( $args['minimum'] ) ) {
211		if ( ! empty( $args['exclusiveMinimum'] ) && ! empty( $args['exclusiveMaximum'] ) ) {
212	View Code Duplication	if ( $value >= $args['maximum'] \|\| $value <= $args['minimum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
213		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (exclusive) and %d (exclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
214		}
215		} else if ( empty( $args['exclusiveMinimum'] ) && ! empty( $args['exclusiveMaximum'] ) ) {
216	View Code Duplication	if ( $value >= $args['maximum'] \|\| $value < $args['minimum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
217		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (inclusive) and %d (exclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
218		}
219		} else if ( ! empty( $args['exclusiveMinimum'] ) && empty( $args['exclusiveMaximum'] ) ) {
220	View Code Duplication	if ( $value > $args['maximum'] \|\| $value <= $args['minimum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
221		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (exclusive) and %d (inclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
222		}
223		} else if ( empty( $args['exclusiveMinimum'] ) && empty( $args['exclusiveMaximum'] ) ) {
224	View Code Duplication	if ( $value > $args['maximum'] \|\| $value < $args['minimum'] ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
225		return new WP_Error( 'rest_invalid_param', sprintf( __( '%s must be between %d (inclusive) and %d (inclusive)', 'woocommerce' ), $param, $args['minimum'], $args['maximum'] ) );
226		}
227		}
228		}
229		}
230
231		return true;
232		}
233		}
234
235		if ( ! function_exists( 'rest_sanitize_request_arg' ) ) {
236		/**
237		* Sanitize a request argument based on details registered to the route.
238		*
239		* @param mixed $value
240		* @param WP_REST_Request $request
241		* @param string $param
242		* @return mixed
243		*/
244		function rest_sanitize_request_arg( $value, $request, $param ) {
245
246		$attributes = $request->get_attributes();
247	View Code Duplication	if ( ! isset( $attributes['args'][ $param ] ) \|\| ! is_array( $attributes['args'][ $param ] ) ) {
		0 ignored issues – show Duplication introduced 2016-04-19 16:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
248		return $value;
249		}
250		$args = $attributes['args'][ $param ];
251
252		if ( 'integer' === $args['type'] ) {
253		return (int) $value;
254		}
255
256		if ( isset( $args['format'] ) ) {
257		switch ( $args['format'] ) {
258		case 'date-time' :
259		return sanitize_text_field( $value );
260
261		case 'email' :
262		/*
263		* sanitize_email() validates, which would be unexpected
264		*/
265		return sanitize_text_field( $value );
266
267		case 'uri' :
268		return esc_url_raw( $value );
269		}
270		}
271
272		return $value;
273		}
274
275		}
276

woothemes / woocommerce

Issues (1182)

Security Analysis not enabled

includes/vendor/wp-rest-functions.php (9 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like