Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No php file functions #71

Open
4 tasks
khacoder opened this issue Aug 22, 2016 · 6 comments
Open
4 tasks

No php file functions #71

khacoder opened this issue Aug 22, 2016 · 6 comments
Assignees
@jrfnl
Labels
pr: wait for upstream

Comments

@khacoder
Copy link
Contributor

[Implement sniff] Look for list of php file functions using WordPress.Functions.FunctionRestrictionsSniff

Rule type:

Error

Rule:

Use WordPress functionality and features first, if available.

Ref: https://make.wordpress.org/themes/handbook/review/required/#core-functionality-and-features

ERROR| Verify that file system calls use the WP_Filesystem method and not PHP native functions. For a list of functions to trigger on, see Theme-Check plugin - /checks/malware.php

Theme check file covering this rule:

https://github.com/Otto42/theme-check/blob/master/checks/malware.php

Decision needed:

I have changed this from WARNING to ERROR. It is very easy to change back, but I thought it appropriate to be an ERROR. Are there any cases where use of these functions are acceptable?

To do:

  • Create unit tests
  • Create new sniff
  • Adjust existing WPCS / PHPCS sniff and send in PR upstream.
  • Add existing sniffname sniff to the ruleset.
@khacoder
Copy link
Contributor Author

I have this sniff ready to go and will upload after final testing.

@khacoder khacoder self-assigned this Aug 22, 2016
@khacoder khacoder mentioned this issue Aug 29, 2016
Closed
@grappler
Copy link
Member

If the check is failing which it was in the Theme Check it should have been Required instead of a Warning so an Error is OK.

@khacoder khacoder removed their assignment Sep 29, 2016
@grappler grappler mentioned this issue Dec 10, 2016
Closed
72 tasks
@jrfnl jrfnl self-assigned this Jun 5, 2018
@dd32
Copy link

dd32 commented Jul 5, 2018

Just throwing a note out there - WP_Filesystem shouldn't be used in the way we see it used in themes due to these rules. It's not a replacement for file_get_contents() and the like, and is only really supposed to be used when FTP/file-editing is needed interactively.

This TRT rule makes themes effectively hide what they're doing, when it's a completely legitimate use-case for the direct filesystem calls.

@justintadlock
Copy link

^ One of the reasons I've been pushing to get file_get_contents() OK'd.

@jrfnl
Copy link
Contributor

jrfnl commented Jul 5, 2018

@dd32 As these things are in WPCS as well, I'd love to hear your voice in the discussion being had here: WordPress/WordPress-Coding-Standards#1265.

(Merged) PR WordPress/WordPress-Coding-Standards#1374 in response to WordPress/WordPress-Coding-Standards#943 is hopefully a step in the right direction ?

@dingo-d
Copy link
Member

dingo-d commented May 18, 2019

What is the status of this issue?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jrfnl jrfnl

Labels
pr: wait for upstream
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@jrfnl @dd32 @grappler @justintadlock @khacoder @dingo-d