Skip to content

Revert "Fix Sanitization issues " #2199

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
KMchaudhary merged 1 commit into from
Oct 20, 2025
Merged

Revert "Fix Sanitization issues " #2199

KMchaudhary merged 1 commit into from
Oct 20, 2025

Conversation

@KMchaudhary
Copy link
Contributor

@KMchaudhary KMchaudhary commented Oct 20, 2025
edited
Loading

Reverts #2191

Suspected that Global variable sanitization may affect the rtmedia attachment upload functionality.

@rtBot
Copy link
Contributor

rtBot commented Oct 20, 2025

Unable to PHPCS or SVG scan one or more files due to error running PHPCS/SVG scanner:

  • app/admin/RTMediaAdmin.php
  • app/helper/RTMediaSettings.php
  • app/helper/rtUploadAttachment.php
  • app/main/controllers/api/RTMediaJsonApi.php
  • app/main/controllers/group/RTMediaGroupExtension.php
  • app/main/controllers/template/RTMediaTemplate.php
  • app/main/controllers/template/rtmedia-functions.php
  • app/main/controllers/upload/processors/RTMediaUploadFile.php

The error may be temporary. If the error persists, please contact a human (commit-ID: a6191b7).

@KMchaudhary KMchaudhary marked this pull request as ready for review October 20, 2025 08:09
@KMchaudhary KMchaudhary merged commit 9161bae into fix/plugin-check-security Oct 20, 2025
2 checks passed
KMchaudhary added a commit that referenced this pull request Oct 23, 2025
@KMchaudhary @Vedant-Gandhi @mchirag2002
Fix/plugin check security (#2183)
ab382f3 
* Address the Direct database call queries, and no-caching security issues

app/importers/* ignore the phpcs errors, as app/importers directory contains data migration and import utilities which require direct DB calls and caching of queries should not be there for such operations

* Fix phpcs indentation fixes

* Fix the WordPress.DB.PreparedSQL.InterpolatedNotPrepared, WordPress.DB.PreparedSQL.NotPrepared PHPCS erros

* Fix the WordPress.Security.ValidatedSanitizedInput.InputNotValidated issue on RTMediaMigration.php file

* Fix mission validation, sanitization issues, and few nonce verification issues

* fix: add proper ignore comments for nonce verification

* Fixed Filesystem errors in rtUploadAttachment

* Fixed filesystem errors in RTMediaSupport

* Fixed filesystem errors in BPMediaImporter

* fix: missing nonce handle

* fix: update the nonce comment to explain more elaborately

* feat: add nonce for todos

* fix: repeated phpcs:ignore

* Resolve the all posible inline script related issues

* Add missing changes for godam notice dismisal

* Replace inline script form upload-file-types notices template

* Made filechanges fixes for RTMediaAdmin.php

* Made filechanges fixes for RTMediaSupport.php

* Made filechanges fixes for RTDBUpdate.php

* Made filechanges fixes for BPMediaImporter.php

* Made filechanges fixes for RTMediaMigration.php

* Made filechanges fixes for RTMediaMedia.php

* Made filechanges fixes for RTMediaUploadFile.php

* Move rtmedia-migration page inline script into migration.js

* Add localize variables with rtmedia-main.js for rtmedia-actions.php file

* Remove console logs

* fix: nonce action for convert_videos_mailchimp_send ajax call

* feat: hide global album function nonce error

* Code refactoring and add fix nonce input element selector

* Remove begug comments

* feat: update nonce comment for global album

* Revert "Fix Nonce Verification flags in the Codebase"

* Revert "Revert "Fix Nonce Verification flags in the Codebase""

* Add comments for unchanged <script> and <style> tags

* feat: add nonce for file upload

* Sanitization and Nonce changes

* Undo redundant nonce verification

* Fixed PHPCS Issues

* Add missing sanitization, and input validation functions

* Add phpcs:ignore comment for missing nonce verification

* Refactored the changes to sanitize individually

* Implemented PR feedback

* Implemented Feedback changes

* Add documentation related changes

* Implemented Copilot changes

* Remove unused variable

* Revert "Fix Sanitization issues " (#2199)

* Made bug fixes for nonce verification

* Removed nonce verification from places not required.

* Updated todo comment

* fix: remove nonce from mailchimp verification

* Re-added the sanitization changes

* Added documentation

* Bug fix for media not loading

* Bug Fix for filter

* Made bug fixes for group featureed media

---------

Co-authored-by: KMchaudhary <kuldipkumar.chaudhary@rtcamp.com>
Co-authored-by: Vedant Gandhi <vedantgandhipersonal@gmail.com>
Co-authored-by: Chirag Mathur <mchirag2002@gmail.com>
Co-authored-by: Chirag Mathur <71757438+mchirag2002@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mchirag2002 mchirag2002 Awaiting requested review from mchirag2002

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@KMchaudhary @rtBot