6987097851

Committed 25 Nov 2023 04:49AM UTC coverage: 49.206% (-0.1%) from 49.302%

Build # 6987097851

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #20878 from Yoast/JRF/ghactions-minor-tweak

GH Actions: update a few links in inline comments

Run Details

15305 of 31104 relevant lines covered (49.21%)

4.03 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

34.62

/admin/class-yoast-input-validation.php

<?php
/**
 * WPSEO plugin file.
 *
 * @package WPSEO\Admin
 */

/**
 * Implements server-side user input validation.
 *
 * @since 12.0
 */
class Yoast_Input_Validation {

        /**
         * The error descriptions.
         *
         * @since 12.1
         *
         * @var array
         */
        private static $error_descriptions = [];

        /**
         * Check whether an option group is a Yoast SEO setting.
         *
         * The normal pattern is 'yoast' . $option_name . 'options'.
         *
         * @since 12.0
         *
         * @param string $group_name The option group name.
         *
         * @return bool Whether or not it's an Yoast SEO option group.
         */
        public static function is_yoast_option_group_name( $group_name ) {
                return ( strpos( $group_name, 'yoast' ) !== false );
        }

        /**
         * Adds an error message to the document title when submitting a settings
         * form and errors are returned.
         *
         * Uses the WordPress `admin_title` filter in the WPSEO_Option subclasses.
         *
         * @since 12.0
         *
         * @param string $admin_title The page title, with extra context added.
         *
         * @return string The modified or original admin title.
         */
        public static function add_yoast_admin_document_title_errors( $admin_title ) {
                $errors      = get_settings_errors();
                $error_count = 0;

                foreach ( $errors as $error ) {
                        // For now, filter the admin title only in the Yoast SEO settings pages.
                        if ( self::is_yoast_option_group_name( $error['setting'] ) && $error['code'] !== 'settings_updated' ) {
                                ++$error_count;
                        }
                }

                if ( $error_count > 0 ) {
                        return sprintf(
                                /* translators: %1$s: amount of errors, %2$s: the admin page title */
                                _n( 'The form contains %1$s error. %2$s', 'The form contains %1$s errors. %2$s', $error_count, 'wordpress-seo' ),
                                number_format_i18n( $error_count ),
                                $admin_title
                        );
                }

                return $admin_title;
        }

        /**
         * Checks whether a specific form input field was submitted with an invalid value.
         *
         * @since 12.1
         *
         * @param string $error_code Must be the same slug-name used for the field variable and for `add_settings_error()`.
         *
         * @return bool Whether or not the submitted input field contained an invalid value.
         */
        public static function yoast_form_control_has_error( $error_code ) {
                $errors = get_settings_errors();

                foreach ( $errors as $error ) {
                        if ( $error['code'] === $error_code ) {
                                return true;
                        }
                }

                return false;
        }

        /**
         * Sets the error descriptions.
         *
         * @since 12.1
         *
         * @param array $descriptions An associative array of error descriptions.
         *                            For each entry, the key must be the setting variable.
         */
        public static function set_error_descriptions( $descriptions = [] ) {
                $defaults = [
                        'baiduverify'     => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Baidu verification codes can only contain letters, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'baiduverify' )
                        ),
                        'facebook_site'   => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the Facebook Page URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'facebook_site' )
                        ),
                        'googleverify'    => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Google verification codes can only contain letters, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'googleverify' )
                        ),
                        'instagram_url'   => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the Instagram URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'instagram_url' )
                        ),
                        'linkedin_url'    => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the LinkedIn URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'linkedin_url' )
                        ),
                        'msverify'        => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Bing confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'msverify' )
                        ),
                        'myspace_url'     => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the MySpace URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'myspace_url' )
                        ),
                        'pinterest_url'   => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the Pinterest URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'pinterest_url' )
                        ),
                        'pinterestverify' => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Pinterest confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'pinterestverify' )
                        ),
                        'twitter_site'    => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Twitter usernames can only contain letters, numbers, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'twitter_site' )
                        ),
                        'wikipedia_url'   => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the Wikipedia URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'wikipedia_url' )
                        ),
                        'yandexverify'    => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Yandex confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'yandexverify' )
                        ),
                        'youtube_url'     => sprintf(
                                /* translators: %s: additional message with the submitted invalid value */
                                esc_html__( 'Please check the format of the YouTube URL you entered. %s', 'wordpress-seo' ),
                                self::get_dirty_value_message( 'youtube_url' )
                        ),
                ];

                $descriptions = wp_parse_args( $descriptions, $defaults );

                self::$error_descriptions = $descriptions;
        }

        /**
         * Gets all the error descriptions.
         *
         * @since 12.1
         *
         * @return array An associative array of error descriptions.
         */
        public static function get_error_descriptions() {
                return self::$error_descriptions;
        }

        /**
         * Gets a specific error description.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string|null The error description.
         */
        public static function get_error_description( $error_code ) {
                if ( ! isset( self::$error_descriptions[ $error_code ] ) ) {
                        return null;
                }

                return self::$error_descriptions[ $error_code ];
        }

        /**
         * Gets the aria-invalid HTML attribute based on the submitted invalid value.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string The aria-invalid HTML attribute or empty string.
         */
        public static function get_the_aria_invalid_attribute( $error_code ) {
                if ( self::yoast_form_control_has_error( $error_code ) ) {
                        return ' aria-invalid="true"';
                }

                return '';
        }

        /**
         * Gets the aria-describedby HTML attribute based on the submitted invalid value.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string The aria-describedby HTML attribute or empty string.
         */
        public static function get_the_aria_describedby_attribute( $error_code ) {
                if ( self::yoast_form_control_has_error( $error_code ) && self::get_error_description( $error_code ) ) {
                        return ' aria-describedby="' . esc_attr( $error_code ) . '-error-description"';
                }

                return '';
        }

        /**
         * Gets the error description wrapped in a HTML paragraph.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string The error description HTML or empty string.
         */
        public static function get_the_error_description( $error_code ) {
                $error_description = self::get_error_description( $error_code );

                if ( self::yoast_form_control_has_error( $error_code ) && $error_description ) {
                        return '<p id="' . esc_attr( $error_code ) . '-error-description" class="yoast-input-validation__error-description">' . $error_description . '</p>';
                }

                return '';
        }

        /**
         * Adds the submitted invalid value to the WordPress `$wp_settings_errors` global.
         *
         * @since 12.1
         *
         * @param string $error_code  Code of the error set via `add_settings_error()`, normally the variable name.
         * @param string $dirty_value The submitted invalid value.
         *
         * @return void
         */
        public static function add_dirty_value_to_settings_errors( $error_code, $dirty_value ) {
                global $wp_settings_errors;

                if ( ! is_array( $wp_settings_errors ) ) {
                        return;
                }

                foreach ( $wp_settings_errors as $index => $error ) {
                        if ( $error['code'] === $error_code ) {
                                // phpcs:ignore WordPress.WP.GlobalVariablesOverride -- This is a deliberate action.
                                $wp_settings_errors[ $index ]['yoast_dirty_value'] = $dirty_value;
                        }
                }
        }

        /**
         * Gets an invalid submitted value.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string The submitted invalid input field value.
         */
        public static function get_dirty_value( $error_code ) {
                $errors = get_settings_errors();

                foreach ( $errors as $error ) {
                        if ( $error['code'] === $error_code && isset( $error['yoast_dirty_value'] ) ) {
                                return $error['yoast_dirty_value'];
                        }
                }

                return '';
        }

        /**
         * Gets a specific invalid value message.
         *
         * @since 12.1
         *
         * @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
         *
         * @return string The error invalid value message or empty string.
         */
        public static function get_dirty_value_message( $error_code ) {
                $dirty_value = self::get_dirty_value( $error_code );

                if ( $dirty_value ) {
                        return sprintf(
                                /* translators: %s: form value as submitted. */
                                esc_html__( 'The submitted value was: %s', 'wordpress-seo' ),
                                esc_html( $dirty_value )
                        );
                }

                return '';
        }
}

1	<?php
2	/**
3	* WPSEO plugin file.
4	*
5	* @package WPSEO\Admin
6	*/
7
8	/**
9	* Implements server-side user input validation.
10	*
11	* @since 12.0
12	*/
13	class Yoast_Input_Validation {
14
15	/**
16	* The error descriptions.
17	*
18	* @since 12.1
19	*
20	* @var array
21	*/
22	private static $error_descriptions = [];
23
24	/**
25	* Check whether an option group is a Yoast SEO setting.
26	*
27	* The normal pattern is 'yoast' . $option_name . 'options'.
28	*
29	* @since 12.0
30	*
31	* @param string $group_name The option group name.
32	*
33	* @return bool Whether or not it's an Yoast SEO option group.
34	*/
35	public static function is_yoast_option_group_name( $group_name ) {	8✔
36	return ( strpos( $group_name, 'yoast' ) !== false );	8✔
37	}
38
39	/**
40	* Adds an error message to the document title when submitting a settings
41	* form and errors are returned.
42	*
43	* Uses the WordPress `admin_title` filter in the WPSEO_Option subclasses.
44	*
45	* @since 12.0
46	*
47	* @param string $admin_title The page title, with extra context added.
48	*
49	* @return string The modified or original admin title.
50	*/
51	public static function add_yoast_admin_document_title_errors( $admin_title ) {	8✔
52	$errors = get_settings_errors();	8✔
53	$error_count = 0;	8✔
54
55	foreach ( $errors as $error ) {	8✔
56	// For now, filter the admin title only in the Yoast SEO settings pages.
57	if ( self::is_yoast_option_group_name( $error['setting'] ) && $error['code'] !== 'settings_updated' ) {	8✔
58	++$error_count;	4✔
59	}
60	}
61
62	if ( $error_count > 0 ) {	8✔
63	return sprintf(	4✔
64	/* translators: %1$s: amount of errors, %2$s: the admin page title */
65	_n( 'The form contains %1$s error. %2$s', 'The form contains %1$s errors. %2$s', $error_count, 'wordpress-seo' ),	4✔
66	number_format_i18n( $error_count ),	4✔
67	$admin_title	4✔
68	);	2✔
69	}
70
71	return $admin_title;	4✔
72	}
73
74	/**
75	* Checks whether a specific form input field was submitted with an invalid value.
76	*
77	* @since 12.1
78	*
79	* @param string $error_code Must be the same slug-name used for the field variable and for `add_settings_error()`.
80	*
81	* @return bool Whether or not the submitted input field contained an invalid value.
82	*/
83	public static function yoast_form_control_has_error( $error_code ) {	×
84	$errors = get_settings_errors();	×
85
86	foreach ( $errors as $error ) {	×
87	if ( $error['code'] === $error_code ) {	×
88	return true;	×
89	}
90	}
91
92	return false;	×
93	}
94
95	/**
96	* Sets the error descriptions.
97	*
98	* @since 12.1
99	*
100	* @param array $descriptions An associative array of error descriptions.
101	* For each entry, the key must be the setting variable.
102	*/
103	public static function set_error_descriptions( $descriptions = [] ) {	×
104	$defaults = [
105	'baiduverify' => sprintf(	×
106	/* translators: %s: additional message with the submitted invalid value */
107	esc_html__( 'Baidu verification codes can only contain letters, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),	×
108	self::get_dirty_value_message( 'baiduverify' )	×
109	),
110	'facebook_site' => sprintf(	×
111	/* translators: %s: additional message with the submitted invalid value */
112	esc_html__( 'Please check the format of the Facebook Page URL you entered. %s', 'wordpress-seo' ),	×
113	self::get_dirty_value_message( 'facebook_site' )	×
114	),
115	'googleverify' => sprintf(	×
116	/* translators: %s: additional message with the submitted invalid value */
117	esc_html__( 'Google verification codes can only contain letters, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),	×
118	self::get_dirty_value_message( 'googleverify' )	×
119	),
120	'instagram_url' => sprintf(	×
121	/* translators: %s: additional message with the submitted invalid value */
122	esc_html__( 'Please check the format of the Instagram URL you entered. %s', 'wordpress-seo' ),	×
123	self::get_dirty_value_message( 'instagram_url' )	×
124	),
125	'linkedin_url' => sprintf(	×
126	/* translators: %s: additional message with the submitted invalid value */
127	esc_html__( 'Please check the format of the LinkedIn URL you entered. %s', 'wordpress-seo' ),	×
128	self::get_dirty_value_message( 'linkedin_url' )	×
129	),
130	'msverify' => sprintf(	×
131	/* translators: %s: additional message with the submitted invalid value */
132	esc_html__( 'Bing confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),	×
133	self::get_dirty_value_message( 'msverify' )	×
134	),
135	'myspace_url' => sprintf(	×
136	/* translators: %s: additional message with the submitted invalid value */
137	esc_html__( 'Please check the format of the MySpace URL you entered. %s', 'wordpress-seo' ),	×
138	self::get_dirty_value_message( 'myspace_url' )	×
139	),
140	'pinterest_url' => sprintf(	×
141	/* translators: %s: additional message with the submitted invalid value */
142	esc_html__( 'Please check the format of the Pinterest URL you entered. %s', 'wordpress-seo' ),	×
143	self::get_dirty_value_message( 'pinterest_url' )	×
144	),
145	'pinterestverify' => sprintf(	×
146	/* translators: %s: additional message with the submitted invalid value */
147	esc_html__( 'Pinterest confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),	×
148	self::get_dirty_value_message( 'pinterestverify' )	×
149	),
150	'twitter_site' => sprintf(	×
151	/* translators: %s: additional message with the submitted invalid value */
152	esc_html__( 'Twitter usernames can only contain letters, numbers, and underscores. %s', 'wordpress-seo' ),	×
153	self::get_dirty_value_message( 'twitter_site' )	×
154	),
155	'wikipedia_url' => sprintf(	×
156	/* translators: %s: additional message with the submitted invalid value */
157	esc_html__( 'Please check the format of the Wikipedia URL you entered. %s', 'wordpress-seo' ),	×
158	self::get_dirty_value_message( 'wikipedia_url' )	×
159	),
160	'yandexverify' => sprintf(	×
161	/* translators: %s: additional message with the submitted invalid value */
162	esc_html__( 'Yandex confirmation codes can only contain letters from A to F, numbers, hyphens, and underscores. %s', 'wordpress-seo' ),	×
163	self::get_dirty_value_message( 'yandexverify' )	×
164	),
165	'youtube_url' => sprintf(	×
166	/* translators: %s: additional message with the submitted invalid value */
167	esc_html__( 'Please check the format of the YouTube URL you entered. %s', 'wordpress-seo' ),	×
168	self::get_dirty_value_message( 'youtube_url' )	×
169	),
170	];
171
172	$descriptions = wp_parse_args( $descriptions, $defaults );	×
173
174	self::$error_descriptions = $descriptions;	×
175	}
176
177	/**
178	* Gets all the error descriptions.
179	*
180	* @since 12.1
181	*
182	* @return array An associative array of error descriptions.
183	*/
184	public static function get_error_descriptions() {	×
185	return self::$error_descriptions;	×
186	}
187
188	/**
189	* Gets a specific error description.
190	*
191	* @since 12.1
192	*
193	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
194	*
195	* @return string\|null The error description.
196	*/
197	public static function get_error_description( $error_code ) {	×
198	if ( ! isset( self::$error_descriptions[ $error_code ] ) ) {	×
199	return null;	×
200	}
201
202	return self::$error_descriptions[ $error_code ];	×
203	}
204
205	/**
206	* Gets the aria-invalid HTML attribute based on the submitted invalid value.
207	*
208	* @since 12.1
209	*
210	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
211	*
212	* @return string The aria-invalid HTML attribute or empty string.
213	*/
214	public static function get_the_aria_invalid_attribute( $error_code ) {	×
215	if ( self::yoast_form_control_has_error( $error_code ) ) {	×
216	return ' aria-invalid="true"';	×
217	}
218
219	return '';	×
220	}
221
222	/**
223	* Gets the aria-describedby HTML attribute based on the submitted invalid value.
224	*
225	* @since 12.1
226	*
227	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
228	*
229	* @return string The aria-describedby HTML attribute or empty string.
230	*/
231	public static function get_the_aria_describedby_attribute( $error_code ) {	×
232	if ( self::yoast_form_control_has_error( $error_code ) && self::get_error_description( $error_code ) ) {	×
233	return ' aria-describedby="' . esc_attr( $error_code ) . '-error-description"';	×
234	}
235
236	return '';	×
237	}
238
239	/**
240	* Gets the error description wrapped in a HTML paragraph.
241	*
242	* @since 12.1
243	*
244	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
245	*
246	* @return string The error description HTML or empty string.
247	*/
248	public static function get_the_error_description( $error_code ) {	×
249	$error_description = self::get_error_description( $error_code );	×
250
251	if ( self::yoast_form_control_has_error( $error_code ) && $error_description ) {	×
252	return '<p id="' . esc_attr( $error_code ) . '-error-description" class="yoast-input-validation__error-description">' . $error_description . '</p>';	×
253	}
254
255	return '';	×
256	}
257
258	/**
259	* Adds the submitted invalid value to the WordPress `$wp_settings_errors` global.
260	*
261	* @since 12.1
262	*
263	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
264	* @param string $dirty_value The submitted invalid value.
265	*
266	* @return void
267	*/
268	public static function add_dirty_value_to_settings_errors( $error_code, $dirty_value ) {	2✔
269	global $wp_settings_errors;	2✔
270
271	if ( ! is_array( $wp_settings_errors ) ) {	2✔
272	return;	×
273	}
274
275	foreach ( $wp_settings_errors as $index => $error ) {	2✔
276	if ( $error['code'] === $error_code ) {	2✔
277	// phpcs:ignore WordPress.WP.GlobalVariablesOverride -- This is a deliberate action.
278	$wp_settings_errors[ $index ]['yoast_dirty_value'] = $dirty_value;	2✔
279	}
280	}
281	}	1✔
282
283	/**
284	* Gets an invalid submitted value.
285	*
286	* @since 12.1
287	*
288	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
289	*
290	* @return string The submitted invalid input field value.
291	*/
292	public static function get_dirty_value( $error_code ) {	6✔
293	$errors = get_settings_errors();	6✔
294
295	foreach ( $errors as $error ) {	6✔
296	if ( $error['code'] === $error_code && isset( $error['yoast_dirty_value'] ) ) {	4✔
297	return $error['yoast_dirty_value'];	4✔
298	}
299	}
300
301	return '';	2✔
302	}
303
304	/**
305	* Gets a specific invalid value message.
306	*
307	* @since 12.1
308	*
309	* @param string $error_code Code of the error set via `add_settings_error()`, normally the variable name.
310	*
311	* @return string The error invalid value message or empty string.
312	*/
313	public static function get_dirty_value_message( $error_code ) {	4✔
314	$dirty_value = self::get_dirty_value( $error_code );	4✔
315
316	if ( $dirty_value ) {	4✔
317	return sprintf(	2✔
318	/* translators: %s: form value as submitted. */
319	esc_html__( 'The submitted value was: %s', 'wordpress-seo' ),	2✔
320	esc_html( $dirty_value )	2✔
321	);	1✔
322	}
323
324	return '';	2✔
325	}
326	}

Yoast / wordpress-seo / 6987097851

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous