5847

pending completion

Build # 5847

Build Type

push

travis-ci-com

Committed by

web-flow

Commit Message

Merge pull request #1432 from xwp/fix/cve-2022-43450

Check for caps before loading alert settings

Run Details

21 of 21 new or added lines in 2 files covered. (100.0%)

3929 of 8626 relevant lines covered (45.55%)

4.92 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

35.57

/classes/class-alerts-list.php

<?php
/**
 * Listing of Alerts in the WP Admin.
 *
 * @package WP_Stream
 */

namespace WP_Stream;

/**
 * Class Alerts_List
 *
 * @package WP_Stream
 */
class Alerts_List {
        /**
         * Holds instance of plugin object
         *
         * @var Plugin
         */
        public $plugin;

        /**
         * Class constructor.
         *
         * @param Plugin $plugin Instance of plugin object.
         */
        public function __construct( $plugin ) {
                $this->plugin = $plugin;

                add_filter( 'bulk_actions-edit-wp_stream_alerts', array( $this, 'suppress_bulk_actions' ), 10, 1 );
                add_filter( 'disable_months_dropdown', array( $this, 'suppress_months_dropdown' ), 10, 2 );
                add_filter( 'post_row_actions', array( $this, 'suppress_quick_edit' ), 10, 1 );

                // @todo Make more specific
                if ( is_admin() ) {
                        add_filter( 'request', array( $this, 'parse_request' ), 10, 2 );
                }
                add_filter( 'views_edit-wp_stream_alerts', array( $this, 'manage_views' ) );

                add_filter( 'manage_wp_stream_alerts_posts_columns', array( $this, 'manage_columns' ) );
                add_action( 'manage_wp_stream_alerts_posts_custom_column', array( $this, 'column_data' ), 10, 2 );

                add_action( 'quick_edit_custom_box', array( $this, 'display_custom_quick_edit' ), 10, 2 );
                add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );

                add_filter( 'wp_insert_post_data', array( $this, 'save_alert_inline_edit' ), 99, 2 );
        }

        /**
         * Default to wp_stream_enabled and wp_stream_disabled when querying for alerts
         *
         * @filter request
         *
         * @param array $query_vars Arguments for query to populate table.
         * @return array
         */
        public function parse_request( $query_vars ) {
                $screen = \get_current_screen();
                if ( 'edit-wp_stream_alerts' === $screen->id && Alerts::POST_TYPE === $query_vars['post_type'] && empty( $query_vars['post_status'] ) ) {
                        $query_vars['post_status'] = array( 'wp_stream_enabled', 'wp_stream_disabled' );
                }
                return $query_vars;
        }

        /**
         * Manage views on the alerts list view
         *
         * @filter views_edit-wp_stream_alerts
         *
         * @param array $views View links HTML.
         * @return array
         */
        public function manage_views( $views ) {

                if ( array_key_exists( 'trash', $views ) ) {
                        $trash = $views['trash'];
                        unset( $views['trash'] );
                        $views['trash'] = $trash;
                }

                return $views;
        }

        /**
         * Manages columns on the alerts list view
         *
         * @filter manage_wp_stream_alerts_posts_columns
         *
         * @param array $columns Column id -> title array.
         * @return array
         */
        public function manage_columns( $columns ) {
                $columns = array(
                        'cb'            => $columns['cb'],
                        'alert_trigger' => __( 'Trigger', 'stream' ),
                        'alert_type'    => __( 'Type', 'stream' ),
                        'alert_status'  => __( 'Status', 'stream' ),
                );
                return $columns;
        }

        /**
         * Fills in column data for custom columns.
         *
         * @action manage_wp_stream_alerts_posts_custom_column
         *
         * @param string $column_name Column name to show data for.
         * @param int    $post_id The post being processed.
         * @return mixed
         */
        public function column_data( $column_name, $post_id ) {

                $alert = $this->plugin->alerts->get_alert( $post_id );
                if ( false === $alert ) {
                        return;
                }

                switch ( $column_name ) {
                        case 'alert_trigger':
                                $values = array();
                                foreach ( $this->plugin->alerts->alert_triggers as $trigger_type => $trigger_obj ) {
                                        $value    = $trigger_obj->get_display_value( 'list_table', $alert );
                                        $values[] = '<span class="alert_trigger_value alert_trigger_' . esc_attr( $trigger_type ) . '">' . esc_html( $value ) . '</span>';
                                }
                                ?>
                                <div><?php echo wp_kses_post( join( '', $values ) ); ?></div>
                                <div class="row-actions wp-stream-show-mobile">
                                        <?php echo wp_kses_post( $this->custom_column_actions( $post_id ) ); ?>
                                        <button type="button" class="toggle-row"><span class="screen-reader-text"><?php echo esc_html__( 'Show more details', 'stream' ); ?></span></button>
                                </div>
                                <?php
                                if ( ! empty( $alert->alert_meta['trigger_connector'] ) ) {
                                        $trigger_connector = $alert->alert_meta['trigger_connector'];
                                } else {
                                        $trigger_connector = '';
                                }
                                if ( ! empty( $alert->alert_meta['trigger_context'] ) ) {
                                        $trigger_context = $alert->alert_meta['trigger_context'];
                                } else {
                                        $trigger_context = '';
                                }
                                if ( ! empty( $alert->alert_meta['trigger_action'] ) ) {
                                        $trigger_action = $alert->alert_meta['trigger_action'];
                                } else {
                                        $trigger_action = '';
                                }
                                ?>
                                <input type="hidden" name="wp_stream_trigger_connector" value="<?php echo esc_attr( $trigger_connector ); ?>" />
                                <input type="hidden" name="wp_stream_trigger_context" value="<?php echo esc_attr( $trigger_context ); ?>" />
                                <input type="hidden" name="wp_stream_trigger_action" value="<?php echo esc_attr( $trigger_action ); ?>" />
                                <?php
                                echo wp_kses_post( $this->custom_column_actions( $post_id ) );
                                break;
                        case 'alert_type':
                                $alert_type = $alert->alert_type;
                                if ( ! empty( $this->plugin->alerts->alert_types[ $alert_type ]->name ) ) {
                                        $alert_name = $this->plugin->alerts->alert_types[ $alert_type ]->name;
                                } else {
                                        $alert_name = 'Untitled Alert';
                                }
                                ?>
                                <input type="hidden" name="wp_stream_alert_type" value="<?php echo esc_attr( $alert->alert_type ); ?>" />
                                <strong class="row-title"><?php echo esc_html( $alert_name ); ?></strong>
                                <?php
                                if ( ! empty( $alert->alert_meta['color'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_highlight_color" value="<?php echo esc_attr( $alert->alert_meta['color'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['email_recipient'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_email_recipient" value="<?php echo esc_attr( $alert->alert_meta['email_recipient'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['email_subject'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_email_subject" value="<?php echo esc_attr( $alert->alert_meta['email_subject'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['event_name'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_ifttt_event_name" value="<?php echo esc_attr( $alert->alert_meta['event_name'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['maker_key'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_ifttt_maker_key" value="<?php echo esc_attr( $alert->alert_meta['maker_key'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['slack_webhook'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_slack_webhook" value="<?php echo esc_attr( $alert->alert_meta['slack_webhook'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['slack_channel'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_slack_channel" value="<?php echo esc_attr( $alert->alert_meta['slack_channel'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['slack_username'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_slack_username" value="<?php echo esc_attr( $alert->alert_meta['slack_username'] ); ?>" />
                                        <?php
                                }
                                if ( ! empty( $alert->alert_meta['slack_icon'] ) ) {
                                        ?>
                                        <input type="hidden" name="wp_stream_slack_icon" value="<?php echo esc_attr( $alert->alert_meta['slack_icon'] ); ?>" />
                                        <?php
                                }
                                break;
                        case 'alert_status':
                                $post_status_object = get_post_status_object( get_post_status( $post_id ) );
                                if ( ! empty( $post_status_object ) ) {
                                        echo esc_html( $post_status_object->label );
                                }
                                ?>
                                <input type="hidden" name="wp_stream_alert_status" value="<?php echo esc_attr( $post_status_object->name ); ?>" />
                                <?php
                                break;
                }
        }

        /**
         * Remove 'edit' action from bulk actions
         *
         * @filter bulk_actions-edit-wp_stream_alerts
         *
         * @param array $actions List of bulk actions available.
         * @return array
         */
        public function suppress_bulk_actions( $actions ) {
                unset( $actions['edit'] );
                return $actions;
        }

        /**
         * Remove quick edit action from inline edit actions
         *
         * @filter post_row_actions
         *
         * @param array $actions List of inline edit actions available.
         * @return array
         */
        public function suppress_quick_edit( $actions ) {
                if ( Alerts::POST_TYPE !== get_post_type() ) {
                        return $actions;
                }
                unset( $actions['edit'] );
                unset( $actions['view'] );
                unset( $actions['trash'] );
                unset( $actions['inline hide-if-no-js'] );
                return $actions;
        }

        /**
         * Remove months dropdown from Alerts list page
         *
         * @filter disable_months_dropdown
         *
         * @param bool   $status Status of months dropdown enabling.
         * @param string $post_type Post type status is related to.
         * @return bool
         */
        public function suppress_months_dropdown( $status, $post_type ) {
                if ( Alerts::POST_TYPE === $post_type ) {
                        $status = true;
                }
                return $status;
        }

        /**
         * Custom column actions for alerts main screen
         *
         * @param int $post_id The current post ID.
         *
         * @return string
         */
        public function custom_column_actions( $post_id ) {
                $post_status = wp_stream_filter_input( INPUT_GET, 'post_status' );
                ob_start();
                if ( 'trash' !== $post_status ) {
                        $bare_url  = admin_url( 'post.php?post=' . $post_id . '&action=trash' );
                        $nonce_url = wp_nonce_url( $bare_url, 'trash-post_' . $post_id );
                        ?>
                        <div class="row-actions">
                                <span class="inline hide-if-no-js"><a href="#" class="editinline" aria-label="Quick edit “Hello world!” inline"><?php esc_html_e( 'Edit' ); ?></a>&nbsp;|&nbsp;</span>
                                <span class="trash">
                                        <a href="<?php echo esc_url( $nonce_url ); ?>" class="submitdelete"><?php esc_html_e( 'Trash', 'stream' ); ?></a>
                                </span>
                        </div>
                        <?php
                }
                return ob_get_clean();
        }

        /**
         * Display a custom quick edit form.
         */
        public function display_custom_quick_edit() {
                static $fired = false;
                if ( false !== $fired ) {
                        return;
                }
                $screen = get_current_screen();
                if ( 'edit-wp_stream_alerts' !== $screen->id ) {
                        return;
                }
                wp_nonce_field( plugin_basename( __FILE__ ), Alerts::POST_TYPE . '_edit_nonce' );
                $box_type = array(
                        'triggers',
                        'notification',
                        'submit',
                );
                ?>
                <legend class="inline-edit-legend"><?php esc_html_e( 'Edit', 'stream' ); ?></legend>
                <?php
                foreach ( $box_type as $type ) : // @todo remove inline styles.
                        ?>
                        <fieldset class="inline-edit-col inline-edit-<?php echo esc_attr( Alerts::POST_TYPE ); ?>">
                                <?php
                                $function_name = 'display_' . $type . '_box';
                                $the_post      = get_post();
                                call_user_func( array( $this->plugin->alerts, $function_name ), $the_post );
                                ?>
                        </fieldset>
                        <?php
                endforeach;
                $fired = true;
        }

        /**
         * Enqueue scripts for the alerts list screen.
         *
         * @param string $page The current page name.
         */
        public function enqueue_scripts( $page ) {
                $screen = get_current_screen();
                if ( 'edit-wp_stream_alerts' !== $screen->id ) {
                        return;
                }

                $min = wp_stream_min_suffix();

                wp_register_script(
                        'wp-stream-alerts-list-js',
                        $this->plugin->locations['url'] . 'ui/js/alerts-list.' . $min . 'js',
                        array(
                                'wp-stream-alerts',
                                'jquery',
                        ),
                        $this->plugin->get_version(),
                        false
                );

                wp_register_style(
                        'wp-stream-alerts-list-css',
                        $this->plugin->locations['url'] . 'ui/css/alerts-list.' . $min . 'css',
                        array(),
                        $this->plugin->get_version()
                );

                wp_enqueue_script( 'wp-stream-alerts-list-js' );
                wp_enqueue_style( 'wp-stream-alerts-list-css' );
                wp_enqueue_style( 'wp-stream-select2' );
        }

        /**
         * Save alert meta after using the inline editor.
         *
         * @param array $data Filtered post data.
         * @param array $postarr Raw post data.
         *
         * @return array
         */
        public function save_alert_inline_edit( $data, $postarr ) {
                if ( did_action( 'customize_preview_init' ) || empty( $postarr['ID'] ) ) {
                        return $data;
                }

                $post_id   = $postarr['ID'];
                $post_type = wp_stream_filter_input( INPUT_POST, 'post_type' );
                if ( Alerts::POST_TYPE !== $post_type ) {
                        return $data;
                }
                if ( ! current_user_can( 'edit_post', $post_id ) ) {
                        return $data;
                }

                $nonce = wp_stream_filter_input( INPUT_POST, Alerts::POST_TYPE . '_edit_nonce' );
                if ( null === $nonce || ! wp_verify_nonce( $nonce, plugin_basename( __FILE__ ) ) ) {
                        return $data;
                }

                $trigger_author                      = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_author' );
                $trigger_connector_and_context       = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_connector_or_context' );
                $trigger_connector_and_context_split = explode( '-', $trigger_connector_and_context );
                $trigger_connector                   = $trigger_connector_and_context_split[0];
                $trigger_context                     = $trigger_connector_and_context_split[1];

                $trigger_action      = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_action' );
                $alert_type          = wp_stream_filter_input( INPUT_POST, 'wp_stream_alert_type' );
                $alert_status        = wp_stream_filter_input( INPUT_POST, 'wp_stream_alert_status' );
                $data['post_status'] = $alert_status;

                update_post_meta( $post_id, 'alert_type', $alert_type );

                $alert_meta = array(
                        'trigger_author'    => $trigger_author,
                        'trigger_connector' => $trigger_connector,
                        'trigger_action'    => $trigger_action,
                        'trigger_context'   => $trigger_context,
                );
                $alert_meta = apply_filters( 'wp_stream_alerts_save_meta', $alert_meta, $alert_type );
                update_post_meta( $post_id, 'alert_meta', $alert_meta );
                return $data;
        }
}

1	<?php
2	/**
3	* Listing of Alerts in the WP Admin.
4	*
5	* @package WP_Stream
6	*/
7
8	namespace WP_Stream;
9
10	/**
11	* Class Alerts_List
12	*
13	* @package WP_Stream
14	*/
15	class Alerts_List {
16	/**
17	* Holds instance of plugin object
18	*
19	* @var Plugin
20	*/
21	public $plugin;
22
23	/**
24	* Class constructor.
25	*
26	* @param Plugin $plugin Instance of plugin object.
27	*/
28	public function __construct( $plugin ) {
29	$this->plugin = $plugin;	7✔
30
31	add_filter( 'bulk_actions-edit-wp_stream_alerts', array( $this, 'suppress_bulk_actions' ), 10, 1 );	7✔
32	add_filter( 'disable_months_dropdown', array( $this, 'suppress_months_dropdown' ), 10, 2 );	7✔
33	add_filter( 'post_row_actions', array( $this, 'suppress_quick_edit' ), 10, 1 );	7✔
34
35	// @todo Make more specific
36	if ( is_admin() ) {	7✔
37	add_filter( 'request', array( $this, 'parse_request' ), 10, 2 );	7✔
38	}
39	add_filter( 'views_edit-wp_stream_alerts', array( $this, 'manage_views' ) );	7✔
40
41	add_filter( 'manage_wp_stream_alerts_posts_columns', array( $this, 'manage_columns' ) );	7✔
42	add_action( 'manage_wp_stream_alerts_posts_custom_column', array( $this, 'column_data' ), 10, 2 );	7✔
43
44	add_action( 'quick_edit_custom_box', array( $this, 'display_custom_quick_edit' ), 10, 2 );	7✔
45	add_action( 'admin_enqueue_scripts', array( $this, 'enqueue_scripts' ) );	7✔
46
47	add_filter( 'wp_insert_post_data', array( $this, 'save_alert_inline_edit' ), 99, 2 );	7✔
48	}	7✔
49
50	/**
51	* Default to wp_stream_enabled and wp_stream_disabled when querying for alerts
52	*
53	* @filter request
54	*
55	* @param array $query_vars Arguments for query to populate table.
56	* @return array
57	*/
58	public function parse_request( $query_vars ) {
59	$screen = \get_current_screen();	×
60	if ( 'edit-wp_stream_alerts' === $screen->id && Alerts::POST_TYPE === $query_vars['post_type'] && empty( $query_vars['post_status'] ) ) {	×
61	$query_vars['post_status'] = array( 'wp_stream_enabled', 'wp_stream_disabled' );	×
62	}
63	return $query_vars;	×
64	}
65
66	/**
67	* Manage views on the alerts list view
68	*
69	* @filter views_edit-wp_stream_alerts
70	*
71	* @param array $views View links HTML.
72	* @return array
73	*/
74	public function manage_views( $views ) {
75
76	if ( array_key_exists( 'trash', $views ) ) {	×
77	$trash = $views['trash'];	×
78	unset( $views['trash'] );	×
79	$views['trash'] = $trash;	×
80	}
81
82	return $views;	×
83	}
84
85	/**
86	* Manages columns on the alerts list view
87	*
88	* @filter manage_wp_stream_alerts_posts_columns
89	*
90	* @param array $columns Column id -> title array.
91	* @return array
92	*/
93	public function manage_columns( $columns ) {
94	$columns = array(
95	'cb' => $columns['cb'],	×
96	'alert_trigger' => __( 'Trigger', 'stream' ),	×
97	'alert_type' => __( 'Type', 'stream' ),	×
98	'alert_status' => __( 'Status', 'stream' ),	×
99	);
100	return $columns;	×
101	}
102
103	/**
104	* Fills in column data for custom columns.
105	*
106	* @action manage_wp_stream_alerts_posts_custom_column
107	*
108	* @param string $column_name Column name to show data for.
109	* @param int $post_id The post being processed.
110	* @return mixed
111	*/
112	public function column_data( $column_name, $post_id ) {
113
114	$alert = $this->plugin->alerts->get_alert( $post_id );	×
115	if ( false === $alert ) {	×
116	return;	×
117	}
118
119	switch ( $column_name ) {	×
120	case 'alert_trigger':	×
121	$values = array();	×
122	foreach ( $this->plugin->alerts->alert_triggers as $trigger_type => $trigger_obj ) {	×
123	$value = $trigger_obj->get_display_value( 'list_table', $alert );	×
124	$values[] = '<span class="alert_trigger_value alert_trigger_' . esc_attr( $trigger_type ) . '">' . esc_html( $value ) . '</span>';	×
125	}
126	?>
127	<div><?php echo wp_kses_post( join( '', $values ) ); ?></div>
128	<div class="row-actions wp-stream-show-mobile">
129	<?php echo wp_kses_post( $this->custom_column_actions( $post_id ) ); ?>
130	<button type="button" class="toggle-row"><span class="screen-reader-text"><?php echo esc_html__( 'Show more details', 'stream' ); ?></span></button>
131	</div>
132	<?php
133	if ( ! empty( $alert->alert_meta['trigger_connector'] ) ) {	×
134	$trigger_connector = $alert->alert_meta['trigger_connector'];	×
135	} else {
136	$trigger_connector = '';	×
137	}
138	if ( ! empty( $alert->alert_meta['trigger_context'] ) ) {	×
139	$trigger_context = $alert->alert_meta['trigger_context'];	×
140	} else {
141	$trigger_context = '';	×
142	}
143	if ( ! empty( $alert->alert_meta['trigger_action'] ) ) {	×
144	$trigger_action = $alert->alert_meta['trigger_action'];	×
145	} else {
146	$trigger_action = '';	×
147	}
148	?>
149	<input type="hidden" name="wp_stream_trigger_connector" value="<?php echo esc_attr( $trigger_connector ); ?>" />
150	<input type="hidden" name="wp_stream_trigger_context" value="<?php echo esc_attr( $trigger_context ); ?>" />
151	<input type="hidden" name="wp_stream_trigger_action" value="<?php echo esc_attr( $trigger_action ); ?>" />
152	<?php
153	echo wp_kses_post( $this->custom_column_actions( $post_id ) );	×
154	break;	×
155	case 'alert_type':	×
156	$alert_type = $alert->alert_type;	×
157	if ( ! empty( $this->plugin->alerts->alert_types[ $alert_type ]->name ) ) {	×
158	$alert_name = $this->plugin->alerts->alert_types[ $alert_type ]->name;	×
159	} else {
160	$alert_name = 'Untitled Alert';	×
161	}
162	?>
163	<input type="hidden" name="wp_stream_alert_type" value="<?php echo esc_attr( $alert->alert_type ); ?>" />
164	<strong class="row-title"><?php echo esc_html( $alert_name ); ?></strong>
165	<?php
166	if ( ! empty( $alert->alert_meta['color'] ) ) {	×
167	?>
168	<input type="hidden" name="wp_stream_highlight_color" value="<?php echo esc_attr( $alert->alert_meta['color'] ); ?>" />
169	<?php
170	}
171	if ( ! empty( $alert->alert_meta['email_recipient'] ) ) {	×
172	?>
173	<input type="hidden" name="wp_stream_email_recipient" value="<?php echo esc_attr( $alert->alert_meta['email_recipient'] ); ?>" />
174	<?php
175	}
176	if ( ! empty( $alert->alert_meta['email_subject'] ) ) {	×
177	?>
178	<input type="hidden" name="wp_stream_email_subject" value="<?php echo esc_attr( $alert->alert_meta['email_subject'] ); ?>" />
179	<?php
180	}
181	if ( ! empty( $alert->alert_meta['event_name'] ) ) {	×
182	?>
183	<input type="hidden" name="wp_stream_ifttt_event_name" value="<?php echo esc_attr( $alert->alert_meta['event_name'] ); ?>" />
184	<?php
185	}
186	if ( ! empty( $alert->alert_meta['maker_key'] ) ) {	×
187	?>
188	<input type="hidden" name="wp_stream_ifttt_maker_key" value="<?php echo esc_attr( $alert->alert_meta['maker_key'] ); ?>" />
189	<?php
190	}
191	if ( ! empty( $alert->alert_meta['slack_webhook'] ) ) {	×
192	?>
193	<input type="hidden" name="wp_stream_slack_webhook" value="<?php echo esc_attr( $alert->alert_meta['slack_webhook'] ); ?>" />
194	<?php
195	}
196	if ( ! empty( $alert->alert_meta['slack_channel'] ) ) {	×
197	?>
198	<input type="hidden" name="wp_stream_slack_channel" value="<?php echo esc_attr( $alert->alert_meta['slack_channel'] ); ?>" />
199	<?php
200	}
201	if ( ! empty( $alert->alert_meta['slack_username'] ) ) {	×
202	?>
203	<input type="hidden" name="wp_stream_slack_username" value="<?php echo esc_attr( $alert->alert_meta['slack_username'] ); ?>" />
204	<?php
205	}
206	if ( ! empty( $alert->alert_meta['slack_icon'] ) ) {	×
207	?>
208	<input type="hidden" name="wp_stream_slack_icon" value="<?php echo esc_attr( $alert->alert_meta['slack_icon'] ); ?>" />
209	<?php
210	}
211	break;	×
212	case 'alert_status':	×
213	$post_status_object = get_post_status_object( get_post_status( $post_id ) );	×
214	if ( ! empty( $post_status_object ) ) {	×
215	echo esc_html( $post_status_object->label );	×
216	}
217	?>
218	<input type="hidden" name="wp_stream_alert_status" value="<?php echo esc_attr( $post_status_object->name ); ?>" />
219	<?php
220	break;	×
221	}
222	}	×
223
224	/**
225	* Remove 'edit' action from bulk actions
226	*
227	* @filter bulk_actions-edit-wp_stream_alerts
228	*
229	* @param array $actions List of bulk actions available.
230	* @return array
231	*/
232	public function suppress_bulk_actions( $actions ) {
233	unset( $actions['edit'] );	1✔
234	return $actions;	1✔
235	}
236
237	/**
238	* Remove quick edit action from inline edit actions
239	*
240	* @filter post_row_actions
241	*
242	* @param array $actions List of inline edit actions available.
243	* @return array
244	*/
245	public function suppress_quick_edit( $actions ) {
246	if ( Alerts::POST_TYPE !== get_post_type() ) {	1✔
247	return $actions;	1✔
248	}
249	unset( $actions['edit'] );	×
250	unset( $actions['view'] );	×
251	unset( $actions['trash'] );	×
252	unset( $actions['inline hide-if-no-js'] );	×
253	return $actions;	×
254	}
255
256	/**
257	* Remove months dropdown from Alerts list page
258	*
259	* @filter disable_months_dropdown
260	*
261	* @param bool $status Status of months dropdown enabling.
262	* @param string $post_type Post type status is related to.
263	* @return bool
264	*/
265	public function suppress_months_dropdown( $status, $post_type ) {
266	if ( Alerts::POST_TYPE === $post_type ) {	×
267	$status = true;	×
268	}
269	return $status;	×
270	}
271
272	/**
273	* Custom column actions for alerts main screen
274	*
275	* @param int $post_id The current post ID.
276	*
277	* @return string
278	*/
279	public function custom_column_actions( $post_id ) {
280	$post_status = wp_stream_filter_input( INPUT_GET, 'post_status' );	1✔
281	ob_start();	1✔
282	if ( 'trash' !== $post_status ) {	1✔
283	$bare_url = admin_url( 'post.php?post=' . $post_id . '&action=trash' );	1✔
284	$nonce_url = wp_nonce_url( $bare_url, 'trash-post_' . $post_id );	1✔
285	?>
286	<div class="row-actions">	1✔
287	<span class="inline hide-if-no-js"><a href="#" class="editinline" aria-label="Quick edit “Hello world!” inline"><?php esc_html_e( 'Edit' ); ?></a> \| </span>
288	<span class="trash">
289	<a href="<?php echo esc_url( $nonce_url ); ?>" class="submitdelete"><?php esc_html_e( 'Trash', 'stream' ); ?></a>
290	</span>
291	</div>
292	<?php
293	}
294	return ob_get_clean();	1✔
295	}
296
297	/**
298	* Display a custom quick edit form.
299	*/
300	public function display_custom_quick_edit() {
301	static $fired = false;	1✔
302	if ( false !== $fired ) {	1✔
303	return;	×
304	}
305	$screen = get_current_screen();	1✔
306	if ( 'edit-wp_stream_alerts' !== $screen->id ) {	1✔
307	return;	1✔
308	}
309	wp_nonce_field( plugin_basename( __FILE__ ), Alerts::POST_TYPE . '_edit_nonce' );	×
310	$box_type = array(
311	'triggers',	×
312	'notification',
313	'submit',
314	);
315	?>
316	<legend class="inline-edit-legend"><?php esc_html_e( 'Edit', 'stream' ); ?></legend>
317	<?php
318	foreach ( $box_type as $type ) : // @todo remove inline styles.	×
319	?>
320	<fieldset class="inline-edit-col inline-edit-<?php echo esc_attr( Alerts::POST_TYPE ); ?>">
321	<?php
322	$function_name = 'display_' . $type . '_box';	×
323	$the_post = get_post();	×
324	call_user_func( array( $this->plugin->alerts, $function_name ), $the_post );	×
325	?>
326	</fieldset>	×
327	<?php
328	endforeach;
329	$fired = true;	×
330	}	×
331
332	/**
333	* Enqueue scripts for the alerts list screen.
334	*
335	* @param string $page The current page name.
336	*/
337	public function enqueue_scripts( $page ) {
338	$screen = get_current_screen();	1✔
339	if ( 'edit-wp_stream_alerts' !== $screen->id ) {	1✔
340	return;	×
341	}
342
343	$min = wp_stream_min_suffix();	1✔
344
345	wp_register_script(	1✔
346	'wp-stream-alerts-list-js',	1✔
347	$this->plugin->locations['url'] . 'ui/js/alerts-list.' . $min . 'js',	1✔
348	array(
349	'wp-stream-alerts',	1✔
350	'jquery',
351	),
352	$this->plugin->get_version(),	1✔
353	false	1✔
354	);
355
356	wp_register_style(	1✔
357	'wp-stream-alerts-list-css',	1✔
358	$this->plugin->locations['url'] . 'ui/css/alerts-list.' . $min . 'css',	1✔
359	array(),	1✔
360	$this->plugin->get_version()	1✔
361	);
362
363	wp_enqueue_script( 'wp-stream-alerts-list-js' );	1✔
364	wp_enqueue_style( 'wp-stream-alerts-list-css' );	1✔
365	wp_enqueue_style( 'wp-stream-select2' );	1✔
366	}	1✔
367
368	/**
369	* Save alert meta after using the inline editor.
370	*
371	* @param array $data Filtered post data.
372	* @param array $postarr Raw post data.
373	*
374	* @return array
375	*/
376	public function save_alert_inline_edit( $data, $postarr ) {
377	if ( did_action( 'customize_preview_init' ) \|\| empty( $postarr['ID'] ) ) {	30✔
378	return $data;	30✔
379	}
380
381	$post_id = $postarr['ID'];	4✔
382	$post_type = wp_stream_filter_input( INPUT_POST, 'post_type' );	4✔
383	if ( Alerts::POST_TYPE !== $post_type ) {	4✔
384	return $data;	4✔
385	}
386	if ( ! current_user_can( 'edit_post', $post_id ) ) {	×
387	return $data;	×
388	}
389
390	$nonce = wp_stream_filter_input( INPUT_POST, Alerts::POST_TYPE . '_edit_nonce' );	×
391	if ( null === $nonce \|\| ! wp_verify_nonce( $nonce, plugin_basename( __FILE__ ) ) ) {	×
392	return $data;	×
393	}
394
395	$trigger_author = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_author' );	×
396	$trigger_connector_and_context = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_connector_or_context' );	×
397	$trigger_connector_and_context_split = explode( '-', $trigger_connector_and_context );	×
398	$trigger_connector = $trigger_connector_and_context_split[0];	×
399	$trigger_context = $trigger_connector_and_context_split[1];	×
400
401	$trigger_action = wp_stream_filter_input( INPUT_POST, 'wp_stream_trigger_action' );	×
402	$alert_type = wp_stream_filter_input( INPUT_POST, 'wp_stream_alert_type' );	×
403	$alert_status = wp_stream_filter_input( INPUT_POST, 'wp_stream_alert_status' );	×
404	$data['post_status'] = $alert_status;	×
405
406	update_post_meta( $post_id, 'alert_type', $alert_type );	×
407
408	$alert_meta = array(
409	'trigger_author' => $trigger_author,	×
410	'trigger_connector' => $trigger_connector,	×
411	'trigger_action' => $trigger_action,	×
412	'trigger_context' => $trigger_context,	×
413	);
414	$alert_meta = apply_filters( 'wp_stream_alerts_save_meta', $alert_meta, $alert_type );	×
415	update_post_meta( $post_id, 'alert_meta', $alert_meta );	×
416	return $data;	×
417	}
418	}

xwp / stream / 5847

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous