Direct including of template files #82
Conversation
| $tokens = $phpcsFile->getTokens(); | ||
| $token = $tokens[ $stackPtr ]; | ||
| if ( false !== strpos( trim( $token['content'] . '\"\'' ), 'searchform.php' ) ) { | ||
| $phpcsFile->addError( 'Please use get_search_form()instead of including searchform.php directly.', $stackPtr, 'SanitizeCallbackChecks' ); |
There was a problem hiding this comment.
There should be space between the function name and instead. The error code needs to be updated too.
| @@ -0,0 +1,3 @@ | |||
| <?php | |||
| // bad | |||
| include( get_template_directory() . '/searchform.php' ); | |||
There was a problem hiding this comment.
Would include( get_template_directory() . "/searchform.php" ); and // searchform.php be caught too?
grappler
force-pushed
the
feature/theme-review-sniffs
branch
2 times, most recently
from
563cd1d
to
6671823
Compare
| */ | ||
| public function register() { | ||
| return array( | ||
| T_STRING, |
There was a problem hiding this comment.
Why are you sniffing for T_STRING ?
T_STRING parent, self, etc. identifiers, e.g. keywords like parent and self, function names, class names and more are matched.
See: http://php.net/manual/en/tokens.php
You probably want PHP_CodeSniffer_Tokens::$stringTokens instead of this array.
Or sniffing for include/require tokens, but then again, in that case we would not catch include $pathtosearchform; so even though it's quite heavy, sniffing for the string tokens is probably best.
| $tokens = $phpcsFile->getTokens(); | ||
| $token = $tokens[ $stackPtr ]; | ||
|
|
||
| if ( false !== strpos( trim( $token['content'] . '\"\'' ), 'searchform.php' ) ) { |
There was a problem hiding this comment.
Three things here:
trim( $token['content'] . '\"\'' )=>.(dot = concatenation) should be a,(comma = next parameter indicator).- Similar to the include/require sniff, it might be better to create a (array) class property to hold the
searchform.phpto allow for more files to be added in the future. As a value for the array I'd suggest using the alternativeget_search_form(). - In that case, this line will have to be revisited again depending on how the property is set up.
| $token = $tokens[ $stackPtr ]; | ||
|
|
||
| if ( false !== strpos( trim( $token['content'] . '\"\'' ), 'searchform.php' ) ) { | ||
| $phpcsFile->addError( 'Use get_search_form() instead of including searchform.php directly.', $stackPtr, 'IncludeSearchformFound' ); |
There was a problem hiding this comment.
The error sentence structure will probably need revisiting if the filename gets turned into a class property.
In that case, the sentence will need placeholders and the $data parameter will need to be passed to the function.
|
|
||
| include( get_template_directory() . '/searchform.php' ); // Error. | ||
| include( get_template_directory() . "/searchform.php" ); // Error. | ||
| // searchform.php OK |
There was a problem hiding this comment.
Please add some more examples of things which should be ok and which shouldn't. The current examples all use include while that is not what the sniff is sniffing for.
NB: Pseudo code:
$path = get_template_directory() . '/searchform.php' ); // Error.
include $path;
$path = get_childtheme_directory() . "/searchform.php" ); // Error.
$path = get_childtheme_directory() . "/my-completely-different-searchform.php" ); // OK (will currently throw an error though).
$dummy_text_on_example_page = ".... so if you want to add an extra search form, just use `include searchform.php` somewhere in the template code..."; // What to do about things like this ? Should the sniff trigger on it or not ?
|
@jrfnl I have changed the Sniff to be a bit more general and check that the template functions are used instead of directly including the files. I have added a check for With the new changes to the sniff the extra tests that you mentioned are being passed. I wonder if we should merge this sniff with @justintadlock Could you just check that the sniff is complete? |
|
Don't you mean |
|
Yes you are right, sorry, I will correct that. |
I'm in two minds about that. On the one hand, both sniffs look for the inclusion of files. I'm leaning towards leaving them as separate sniffs as the intend of the sniffs is different.
👍
That wouldn't be too hard to implement actually. Foreach loop combined with a regex pattern could solve that quite easily. |
|
I have added the additional tests, could use help with the regex. |
Initial Commit Issue #74
… be able to retrieve the alternative.
|
I have run the sniff on the some of the theme of the repo and got some false positives $page_template = get_page_template_slug( $page_id );
$id = 'container_sidebar_wrap';
if ( $page_template == 'sidebar-page.php' ) {
$id = 'no_sidebar_wrap';
}I was surprised that this was caught. After looking at the code it is shows another issue. if ( $name ) {
$templates[] = "header-{$name}.php";
$templates[] = "header/{$name}.php";
}
$templates[] = 'header.php';
$templates[] = 'header/header.php';
locate_template( $templates, true, false ); require_once( ATTITUDE_STRUCTURE_DIR . '/header-extensions.php' );
require_once( ATTITUDE_STRUCTURE_DIR . '/sidebar-extensions.php' );
require_once( ATTITUDE_STRUCTURE_DIR . '/footer-extensions.php' ); require_once( $hooks_path . 'header-hooks.php' );
require_once( $hooks_path . 'footer-hooks.php' I think we can prevent these if we only check the files in the root of the theme and exclude any folder and exclude |
I don't think limiting the sniff to certain files is the way to go per se. |
|
Closing this PR in favour of continuing the discussion in the original issue #74. Once that discussion has run its course, we can always reopen. |
Initial PR
Issue #74