Skip to content

Instantly share code, notes, and snippets.

Avatar
🐘
Herding 🐘

Juliette jrfnl

🐘
Herding 🐘
View GitHub Profile
@jrfnl
jrfnl / 20210917-notes-on-input-validation.md
Created Sep 17, 2021
Notes on input validation for WP Core
View 20210917-notes-on-input-validation.md

What is input validation ?

Checking for a variable/ array index:

  • Does it exist ?
  • Is it of the right type ?
  • Is the value usable for our purposes ?

Problem definition:

  • Lack of input validation throughout most of Core.
  • ... which is especially problematic in the context of filter hooks / callbacks.
@jrfnl
jrfnl / phpunit.bat
Created Aug 13, 2021
PHPUnit PHP/PHPUnit switching script example
View phpunit.bat
@echo off
::
:: PHP ??? have Xdebug + Blackfire.
:: PHP 7.4.14 has Xdebug with coverage
:: PHP 7.4.15 has Xdebug with develop + trace
::
:set PHPBIN=C:\wamp\bin\phpcli_x86\php5.2.17\php.exe
:set PHPBIN=C:\wamp\bin\phpcli_x86\php5.3.29\php.exe
:set PHPBIN=C:\wamp\bin\phpcli_x86\php5.4.45\php.exe
:set PHPBIN=C:\wamp\bin\php\php5.5.38\php.exe
@jrfnl
jrfnl / reservednames.txt
Last active Jun 18, 2021
Reserved names used as parameter names in WordPress
View reservednames.txt
Command used: `phpcs -ps . --sniffs=Universal.NamingConventions.NoReservedKeywordParameterNames --report=full,summary,source --extensions=php` (will not work by default)
Updated on June 18, 2021.
FILE: src\wp-admin\includes\class-custom-image-header.php
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
FOUND 0 ERRORS AND 2 WARNINGS AFFECTING 2 LINES
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1334 | WARNING | It is recommended not to use reserved keywords as function parameter names. Found: $object
@jrfnl
jrfnl / phpcs3.5-dev-upgrade-guide.md
Last active May 24, 2019
Draft: Upgrade guide to PHP_CodeSniffer 3.5.0 for sniff developers
View phpcs3.5-dev-upgrade-guide.md

Upgrade guide to PHP_CodeSniffer 3.5.0 for sniff developers

PHP_CodeSniffer 3.5.0 contains a lot of changes under the hood. For the most part these are non-breaking.

If you maintain an external standard, you have three options:

  • Maintain compatibility with older PHP_CodeSniffer versions [1]. In that case, there is probably nothing you need to do. Just make sure you check the BC-breaks section below just in case. All the "old" utility methods and properties will still work. They will however be removed in PHPCS 4.0.
  • Maintain compatibility with older PHP_CodeSniffer versions [2].
@jrfnl
jrfnl / phpcs3.5-changelog.txt
Last active Mar 23, 2019
Draft: PHP_CodeSniffer 3.5.0 changelog
View phpcs3.5-changelog.txt
- Squiz.Formatting.OperatorBracket.SpacingAfterMinus has been renamed to Squiz.Formatting.OperatorBracket.SpacingAfterSign
-- If you are referencing the old error code in a ruleset XML file, please use the new code instead
-- If you wish to maintain backwards compatibility, you can provide rules for both the old and new codes
- `Conditions::getCondition()` accepts both a single token type or an array of token types for the `$type` parameter, which has been renamed to `$types` to convey this. The parameter is also now optional.
Additionally, the new version of the method has an optional boolean `$reverse` parameter which allows to indicate whether to get the _first_ condition of a certain type or the _last_.
- `ObjectDeclarations::getClassProperties()` now has improved handling of class declaration code interlaced with comments and/or annotations
- `ObjectDeclarations::findExtendedClassName() and `ObjectDeclarations::findExtendedInterfaceNames()` will now return the class/interface names witho
@jrfnl
jrfnl / phpcs4-removals.md
Last active Mar 23, 2019
Draft: PHPCS 4.0 remove deprecated methods and properties
View phpcs4-removals.md

The following methods and properties have been deprecated in PHPCS 3.5.0 and should be removed in PHPCS 4.0.0:

Methods:

  • PHP_CodeSniffer\Files\File::hasCondition()
  • PHP_CodeSniffer\Files\File::getCondition()
  • PHP_CodeSniffer\Files\File::getClassProperties()
  • PHP_CodeSniffer\Files\File::findExtendedClassName()
  • PHP_CodeSniffer\Files\File::findImplementedInterfaceNames()
  • PHP_CodeSniffer\Files\File::getMethodParameters()
@jrfnl
jrfnl / 2018-WCEU-code-samples.php
Last active Jun 14, 2018
201805 WCEU Code samples
View 2018-WCEU-code-samples.php
<?php
/*
* Example of translators comment for a text string with a single placeholder.
*/
/* translators: %s: the version number of a WordPress release. */
esc_html_e( 'Wordpress %s is awesome!' );
/*
@jrfnl
jrfnl / 20180611-phpcs-run-src-only-i18n-NOT-translatorscomments.txt
Created Jun 14, 2018
201806 WCEU list of other I18n issues for review
View 20180611-phpcs-run-src-only-i18n-NOT-translatorscomments.txt
FILE: src\wp-admin\credits.php
--------------------------------------------------------------------------------------------------------------
FOUND 3 ERRORS AND 3 WARNINGS AFFECTING 3 LINES
--------------------------------------------------------------------------------------------------------------
68 | WARNING | Use of the "translate()" function is reserved for low-level API usage.
| | (WordPress.WP.I18n.LowLevelTranslationFunction)
68 | ERROR | The $text arg must be a single string literal, not "$group_data['name']".
| | (WordPress.WP.I18n.NonSingularStringLiteralText)
70 | WARNING | Use of the "translate()" function is reserved for low-level API usage.
| | (WordPress.WP.I18n.LowLevelTranslationFunction)
@jrfnl
jrfnl / 20180611-phpcs-run-src-only-i18n-translatorscomments.txt
Created Jun 13, 2018
201806 WCEU list of translator comments issues in WP Core
View 20180611-phpcs-run-src-only-i18n-translatorscomments.txt
FILE: src\wp-admin\about.php
--------------------------------------------------------------------------------------------------------------
FOUND 0 ERRORS AND 4 WARNINGS AFFECTING 4 LINES
--------------------------------------------------------------------------------------------------------------
21 | WARNING | A gettext call containing placeholders was found, but was not accompanied by a "translators:"
| | comment on the line above to clarify the meaning of the placeholders.
| | (WordPress.WP.I18n.MissingTranslatorsComment)
23 | WARNING | A gettext call containing placeholders was found, but was not accompanied by a "translators:"
| | comment on the line above to clarify the meaning of the placeholders.
| | (WordPress.WP.I18n.MissingTranslatorsComment)
View Theme-Sniff-Issue-Format
_____Issue Title____
[New sniff] Short rule description (for rules which have to be created from scratch)
[Implement sniff] Short rule description (for rules which exist in WPCS and need to be added to the ruleset)
_____Issue Content____
#### Rule type:
Error / Warning
#### Rule: