No Sanitize Callback #76
Conversation
| * @package PHP_CodeSniffer | ||
| * @author khacoder | ||
| */ | ||
| class WordPress_Sniffs_Theme_NoSanitizeCallBackSniff implements PHP_CodeSniffer_Sniff |
There was a problem hiding this comment.
As "callback" is one word I would make the B small.
| $tokens = $phpcsFile->getTokens(); | ||
| $token = $tokens[ $stackPtr ]; | ||
| $types = array( T_STRING, T_CONSTANT_ENCAPSED_STRING, T_VARIABLE, T_LNUMBER, T_SEMICOLON ); | ||
| if ( '$wp_customize' === $token['content'] ) { |
There was a problem hiding this comment.
This is not guaranteed. The developer does not need to use $wp_customize. The variable could be named anything. This has become a bit of a standard as that is what core used.
| $phpcsFile->addError( 'Neither sanitize_callback or sanitize_js_callback were found for this option.', $stackPtr, 'SanitizeCallbackChecks' ); | ||
| } | ||
| if ( false !== $sanitize_callback_found && false !== $empty_callback && true === $sanitize_js_callback_found && true === $empty_js_callback ) { | ||
| $phpcsFile->addError( 'Either sanitize_callback or sanitize_js_callback must not be empty.', $stackPtr, 'SanitizeCallbackChecks' ); |
There was a problem hiding this comment.
Do we need a separate error message depending if the variables exist or not? What about "'sanitize_callback or sanitize_js_callback do not have a valid sanitization callback defined.'"
grappler
force-pushed
the
feature/theme-review-sniffs
branch
2 times, most recently
from
563cd1d
to
6671823
Compare
|
I will be working to update the code for compatibility with PHPCS 3.x. Can use |
|
I will try and pick this up again, if that's OK with everyone. |
|
@khacoder I was just working on this. Let me commit my changes and then you can continue. |
- Extend WordPress\Sniff and use the utility functions from there
|
@khacoder I have added my changes which make the code PHPCS 3.x compatible and uses the new utility functions from the The tests are failing because of |
|
@khacoder Welcome back! I'm happy to let you continue, however, be aware that extensive changes are needed to this sniff. This sniff should extend the WPCS Once the basic principle of the sniff has been updated for the above, I will do a full review which will necessitate further changes. Will you have the time to make these changes and process any feedback you receive before the end of next week ? |
|
I will try. |
|
How can the AbstractFunctionParameters sniff be used if we are trying to get the parameters for the $wp_customize->add_setting method ? |
Fixed the undefined index bug, modified the logic a bit, to ensure sanitize_callback is included.
Override `is_targetted_token()` so to be able to check for the method `$wp_customize->add_setting()`
First commit
Issue #68