From 8471798c52e101d22d2a8099106bda680c403b7d Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Sun, 9 Apr 2023 15:14:57 +0500 Subject: [PATCH 1/6] Added verify_save method --- helpers/class-helpers.php | 47 +++++++++++++++++++++++++++++ includes/metaboxes/class-sample.php | 46 +++++++++------------------- 2 files changed, 61 insertions(+), 32 deletions(-) diff --git a/helpers/class-helpers.php b/helpers/class-helpers.php index d38bd31..207b513 100644 --- a/helpers/class-helpers.php +++ b/helpers/class-helpers.php @@ -248,4 +248,51 @@ public static function update_field($post_id, $name, $is_array, $validation, $me } + /** + * # Verify or check for nonce, auto save and post type. + * + * @param string $action Nonce action ID + * @param string $nonce Nonce ID + * @param string $post_type Post type for which saving is going to proceed + * @param string $post_id Current post ID + * + * @return bool true or false + */ + public static function verify_save( $action, $nonce, $post_type, $post_id ) { + + // Check if our nonce is set. + if ( ! isset( $_POST[$nonce] ) ) { + return false; + } + + // Verify that the nonce is valid. + if ( ! wp_verify_nonce( $_POST[$nonce], $action ) ) { + return false; + } + + // If this is an autosave, our form has not been submitted, + // so we don't want to do anything. + if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) { + return false; + } + + // Check the user's permissions. + if ( $post_type == $_POST['post_type'] ) { + + if ( ! current_user_can( 'edit_page', $post_id ) ) { + return false; + } + + } else { + + if ( ! current_user_can( 'edit_post', $post_id ) ) { + return false; + } + + } + + return true; + + } + } diff --git a/includes/metaboxes/class-sample.php b/includes/metaboxes/class-sample.php index 95083db..4928319 100644 --- a/includes/metaboxes/class-sample.php +++ b/includes/metaboxes/class-sample.php @@ -17,8 +17,8 @@ class Sample { function __construct() { - add_action('add_meta_boxes', [$this, 'add']); - add_action('save_post_'.$this->post_type(), [$this, 'save']); + add_action( 'add_meta_boxes', [ $this, 'add' ] ); + add_action( 'save_post_'.$this->post_type(), [ $this, 'save'] ); } @@ -33,23 +33,23 @@ protected function post_type() { * # Set up and add the meta box. */ public function add() { - add_meta_box('sample_meta_box', esc_html__('Sample Title', 'xem-pos'), [$this, 'html'], $this->post_type()); + add_meta_box( 'sample_meta_box', esc_html__( 'Sample Title', 'xem-pos' ), [ $this, 'html' ], $this->post_type() ); } /** * Display the meta box HTML to the user. */ - public function html($post) { + public function html( $post ) { // Add an nonce field so we can check for it later. - wp_nonce_field('xe_plugin_cpt_meta_box', 'xe_plugin_cpt_meta_box_nonce'); + wp_nonce_field( 'xep_cpt_meta_box', 'xep_cpt_meta_box_nonce' ); $sample = get_post_meta($post->ID, '_sample', true); ?>
- +
@@ -62,37 +62,19 @@ public function html($post) { /** * Save the meta box selections. */ - public function save(int $post_id) { + public function save( int $post_id ) { - // Check if our nonce is set. - if ( !isset($_POST['xe_plugin_cpt_meta_box_nonce']) ) { - return $post_id; - } - - $nonce = $_POST['xe_plugin_cpt_meta_box_nonce']; - - // Verify that the nonce is valid. - if ( !wp_verify_nonce($nonce, 'xe_plugin_cpt_meta_box') ) { - return $post_id; - } + $verify_save = Helper::verify_save( + 'xep_cpt_meta_box', + 'xep_cpt_meta_box_nonce', + $this->post_type(), + $post_id + ); - // If this is an autosave, our form has not been submitted, - // so we don't want to do anything. - if ( defined('DOING_AUTOSAVE') && DOING_AUTOSAVE ) { + if ( $verify_save == false ) { return $post_id; } - // Check the user's permissions. - if ( 'xe-plugin-cpt' == $_POST['post_type'] ) { - if ( !current_user_can('edit_page', $post_id) ) { - return $post_id; - } - } else { - if ( !current_user_can('edit_post', $post_id) ) { - return $post_id; - } - } - // Saving or Updating the data Helper::update_field($post_id, 'sample', false, 'text', '_sample'); // $post_id, $name, $is_array, $validation, $meta_key, $delete = false From a31465c3b92e2d6a11327f403d2704069d0b1d0f Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Tue, 11 Apr 2023 11:06:10 +0500 Subject: [PATCH 2/6] Closed #35 --- assets/css/admin.css | 64 ++++++++++++++++++++++---------------------- node_scripts/init.js | 6 +++-- 2 files changed, 36 insertions(+), 34 deletions(-) diff --git a/assets/css/admin.css b/assets/css/admin.css index b9f1635..71d2c0a 100644 --- a/assets/css/admin.css +++ b/assets/css/admin.css @@ -1,65 +1,65 @@ /*-------------------------------------------------------------- # Meta Boxes --------------------------------------------------------------*/ -.xe-plugin-field:not(:last-of-type) { +.xep-field:not(:last-of-type) { margin: 0 0 12px; } -.xe-plugin-label, -.xe-plugin-input { +.xep-label, +.xep-input { display: inline-block; } -.xe-plugin-label { +.xep-label { width: 30%; margin-bottom: 5px; } -.xe-plugin-label, .xe-plugin-input { +.xep-label, .xep-input { vertical-align: top; float: left; box-sizing: border-box; } -.xe-plugin-field:after { +.xep-field:after { content: " "; display: table; clear: both; } -.xe-plugin-field-sm { +.xep-field-sm { width: 65px; } -.xe-plugin-field-md { +.xep-field-md { width: 120px; } -.xe-plugin-field-full { +.xep-field-full { width: 100%; } -.xe-plugin-field .select2-container--default .select2-selection--single, -.xe-plugin-field .select2-container--default .select2-selection--multiple, -.xe-plugin-field input[type=color], -.xe-plugin-field input[type=date], -.xe-plugin-field input[type=datetime-local], -.xe-plugin-field input[type=datetime], -.xe-plugin-field input[type=email], -.xe-plugin-field input[type=month], -.xe-plugin-field input[type=number], -.xe-plugin-field input[type=password], -.xe-plugin-field input[type=search], -.xe-plugin-field input[type=tel], -.xe-plugin-field input[type=text], -.xe-plugin-field input[type=time], -.xe-plugin-field input[type=url], -.xe-plugin-field input[type=week], -.xe-plugin-field input[type=checkbox], -.wp-core-ui .xe-plugin-field select, -.xe-plugin-field textarea { +.xep-field .select2-container--default .select2-selection--single, +.xep-field .select2-container--default .select2-selection--multiple, +.xep-field input[type=color], +.xep-field input[type=date], +.xep-field input[type=datetime-local], +.xep-field input[type=datetime], +.xep-field input[type=email], +.xep-field input[type=month], +.xep-field input[type=number], +.xep-field input[type=password], +.xep-field input[type=search], +.xep-field input[type=tel], +.xep-field input[type=text], +.xep-field input[type=time], +.xep-field input[type=url], +.xep-field input[type=week], +.xep-field input[type=checkbox], +.wp-core-ui .xep-field select, +.xep-field textarea { border-radius: 0px; border: 1px solid #ccc; margin: 0; } -.xe-plugin-field .select2-container--default .select2-selection--multiple .select2-selection__choice { +.xep-field .select2-container--default .select2-selection--multiple .select2-selection__choice { margin-bottom: 0; } -.toplevel_page_xe-plugin-options .select2-container--default .select2-selection--single, -.xe-plugin-field .select2-container--default .select2-selection--single, -.wp-core-ui .xe-plugin-field select { +.toplevel_page_xep-options .select2-container--default .select2-selection--single, +.xep-field .select2-container--default .select2-selection--single, +.wp-core-ui .xep-field select { min-height: 30px; } /*-------------------------------------------------------------- diff --git a/node_scripts/init.js b/node_scripts/init.js index bebeb56..67500ad 100644 --- a/node_scripts/init.js +++ b/node_scripts/init.js @@ -19,6 +19,8 @@ var globalVars = "$"+global+"_opt"; var namespaces = name.replace(/ /g, '_')+"\\"; var folderNames = "/"+nameHyphen; var globalObj = "'"+global+"Obj'"; +var cssPrefixes = global+'-'; +var nonces = global+'_'; var currentPlugin = path.resolve(__dirname, '..'); @@ -29,8 +31,8 @@ var options = { currentPlugin+'/**/*.php', currentPlugin+'/readme.txt', ], - from: [/'xe-plugin'/g, /_xe_plugin_/g, /Text Domain: xe-plugin/g, / Xe Plugin/g, /xe-plugin-/g, /\$xep_opt/g, /Xe_Plugin\\/g, /\/xe-plugin/g, /'xepObj'/g], - to: [txtDomain, funcNames, styleCss, dockBlocks, preHandles, globalVars, namespaces, folderNames, globalObj], + from: [ /'xe-plugin'/g, /_xe_plugin_/g, /Text Domain: xe-plugin/g, / Xe Plugin/g, /xe-plugin-/g, /\$xep_opt/g, /Xe_Plugin\\/g, /\/xe-plugin/g, /'xepObj'/g, /xep-/g, /_xep_/g ], + to: [ txtDomain, funcNames, styleCss, dockBlocks, preHandles, globalVars, namespaces, folderNames, globalObj, cssPrefixes, nonces ], }; fs.rename(currentPlugin+'/xe-plugin.php', currentPlugin+'/'+nameHyphen+'.php', function(err) { From 50fb4b403d9d4ad8a5325daf560ea5e6e807c269 Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Tue, 11 Apr 2023 11:06:39 +0500 Subject: [PATCH 3/6] Spacing adjusted --- assets/js/admin.js | 4 ++-- assets/js/main.js | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/assets/js/admin.js b/assets/js/admin.js index 6878dc8..d9b87bf 100644 --- a/assets/js/admin.js +++ b/assets/js/admin.js @@ -1,8 +1,8 @@ /*-------------------------------------------------------------- # Admin Js Start --------------------------------------------------------------*/ -(function($) { +( function ($) { // .... -})( jQuery ); +} )( jQuery ); diff --git a/assets/js/main.js b/assets/js/main.js index 0754bf3..58dbe2c 100644 --- a/assets/js/main.js +++ b/assets/js/main.js @@ -1,8 +1,8 @@ /*-------------------------------------------------------------- # Main Js Start --------------------------------------------------------------*/ -(function($) { +( function ($) { // .... -})( jQuery ); \ No newline at end of file +} )( jQuery ); \ No newline at end of file From a2384894d10ffecc3ea39a832100021de57c3bc1 Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Tue, 11 Apr 2023 11:06:49 +0500 Subject: [PATCH 4/6] Fixed a minor bug --- includes/class-scripts.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/includes/class-scripts.php b/includes/class-scripts.php index 9105917..0b611bc 100644 --- a/includes/class-scripts.php +++ b/includes/class-scripts.php @@ -13,8 +13,8 @@ class Scripts { function __construct() { - add_action('wp_enqueue_scripts', [$this, 'frontend']); - add_action('admin_enqueue_scripts', [$this, 'admin'], 9999); + add_action( 'wp_enqueue_scripts', [ $this, 'frontend'] ); + add_action( 'admin_enqueue_scripts', [ $this, 'admin' ], 9999 ); } @@ -28,19 +28,19 @@ public function frontend() { /** * Styles */ - Helper::enqueue('style', 'xe-plugin-main', '/assets/css/main.css'); + Helper::enqueue( 'style', 'xe-plugin-main', '/assets/css/main.css' ); /** * Scripts */ - Helper::enqueue('script', 'xe-plugin-main', '/assets/js/main.js', ['jquery']); + Helper::enqueue( 'script', 'xe-plugin-main', '/assets/js/main.js', ['jquery'] ); - wp_localize_script('xe-plugin-main', 'xepObj', [ + wp_localize_script( 'xe-plugin-main', 'xepObj', [ 'ajaxUrl' => admin_url('admin-ajax.php'), 'pluginUrl' => _xe_plugin_directory_uri(), - 'nonce' => wp_create_nonce('_xe_plugin_ajax_nonce'), + 'nonce' => wp_create_nonce('_xep_ajax_nonce'), 'localhost' => $xep_opt->localhost - ]); + ] ); } @@ -54,20 +54,20 @@ public function admin() { /** * Styles */ - Helper::enqueue('style', 'xe-plugin-admin', '/assets/css/admin.css'); + Helper::enqueue( 'style', 'xe-plugin-admin', '/assets/css/admin.css' ); /** * Scripts */ - Helper::enqueue('script', 'xe-plugin-admin', '/assets/js/admin.js', ['jquery']); + Helper::enqueue( 'script', 'xe-plugin-admin', '/assets/js/admin.js', ['jquery'] ); - wp_localize_script('xe-plugin-admin', 'xepObj', [ + wp_localize_script( 'xe-plugin-admin', 'xepObj', [ 'pluginUrl' => _xe_plugin_directory_uri(), - 'nonce' => wp_create_nonce('_xe_plugin_ajax_nonce'), + 'nonce' => wp_create_nonce('_xep_ajax_nonce'), 'postType' => $current_screen->post_type, 'base' => $current_screen->base, 'localhost' => $xep_opt->localhost - ]); + ] ); } From e971a9822c0903b98ddecc436ad9096f62debc34 Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Tue, 11 Apr 2023 11:12:46 +0500 Subject: [PATCH 5/6] Updated README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index be3ffe7..0e0b01b 100644 --- a/README.md +++ b/README.md @@ -3,13 +3,13 @@ [![Issues](https://img.shields.io/github/issues/XeCreators/xe-plugin)](https://github.com/XeCreators/xe-plugin/issues) [![Release Latest](https://img.shields.io/github/v/release/XeCreators/xe-plugin?color=yellowgreen)](https://github.com/XeCreators/xe-plugin/releases/latest) -[![Downloads](https://img.shields.io/github/downloads/XeCreators/xe-plugin/total)](https://github.com/XeCreators/xe-plugin/releases/latest) +[![Downloads](https://img.shields.io/github/downloads/XeCreators/xe-plugin/total)](https://github.com/XeCreators/xe-plugin/releaseslatest/download/xe-plugin.zip) ![Repo Size](https://img.shields.io/github/repo-size/XeCreators/xe-plugin.svg) [![License](https://img.shields.io/github/license/XeCreators/xe-plugin)](https://github.com/XeCreators/xe-plugin/blob/master/LICENSE.md) Xe Plugin is a starter WordPress plugin which have built-in functionalities that are used in almost every plugin. So just focus on the main functionality that you want to built for WordPress. -[![Download Latest Release](https://img.shields.io/badge/Download_Latest_Release-blue?style=for-the-badge)](https://github.com/XeCreators/xe-plugin/releases/latest) +[![Download Latest Release](https://img.shields.io/badge/Download_Latest_Release-blue?style=for-the-badge)](https://github.com/XeCreators/xe-plugin/releaseslatest/download/xe-plugin.zip) [![Explore Documentation ยป](https://img.shields.io/badge/Explore_Documentation-282a2e?style=for-the-badge)](https://xecreators.github.io/xe-plugin) ## Requirements From 9e28e2acf0978294b985658e952f579589ad3af9 Mon Sep 17 00:00:00 2001 From: Muhammad Zohaib Date: Tue, 11 Apr 2023 11:13:00 +0500 Subject: [PATCH 6/6] Updated to 1.2.4 --- package-lock.json | 47 +++++++++++++++++++++++++---------------------- package.json | 2 +- readme.txt | 7 ++++++- 3 files changed, 32 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index c811af8..b18eb9d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "xe-plugin", - "version": "1.2.3", + "version": "1.2.4", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "xe-plugin", - "version": "1.2.3", + "version": "1.2.4", "license": "GPL-2.0-or-later", "devDependencies": { "copy-dir": "^1.3.0", @@ -155,23 +155,26 @@ "dev": true }, "node_modules/eslint-visitor-keys": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz", - "integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.0.tgz", + "integrity": "sha512-HPpKPUBQcAsZOsHAFwTtIKcYlCje62XB7SEAcxjtmW6TD1WVpkS6i6/hOVtTZIl4zGj/mBqpFVGvaDneik+VoQ==", "dev": true, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + }, + "funding": { + "url": "https://opencollective.com/eslint" } }, "node_modules/espree": { - "version": "9.5.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.5.0.tgz", - "integrity": "sha512-JPbJGhKc47++oo4JkEoTe2wjy4fmMwvFpgJT9cQzmfXKp22Dr6Hf1tdCteLz1h0P3t+mGvWZ+4Uankvh8+c6zw==", + "version": "9.5.1", + "resolved": "https://registry.npmjs.org/espree/-/espree-9.5.1.tgz", + "integrity": "sha512-5yxtHSZXRSW5pvv3hAlXM5+/Oswi1AUFqBmbibKb5s6bp3rGIDkyXU6xCoyuuLhijr4SFwPrXRoZjz0AZDN9tg==", "dev": true, "dependencies": { "acorn": "^8.8.0", "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.3.0" + "eslint-visitor-keys": "^3.4.0" }, "engines": { "node": "^12.22.0 || ^14.17.0 || >=16.0.0" @@ -372,9 +375,9 @@ "dev": true }, "node_modules/php-parser": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/php-parser/-/php-parser-3.1.3.tgz", - "integrity": "sha512-hPvBmnRYPqWEtMfIFOlyjQv1q75UUtxt4U+YscKIQViGmEE2Xa4BuS1B1/cZdjy7MVcwtnr0WkEsr915LgRKOw==", + "version": "3.1.4", + "resolved": "https://registry.npmjs.org/php-parser/-/php-parser-3.1.4.tgz", + "integrity": "sha512-WUEfH4FWsVItqgOknM67msDdcUAfgPJsHhPNl6EPXzWtX+PfdY282m4i8YIJ9ALUEhf+qGDajdmW+VYqSd7Deg==", "dev": true }, "node_modules/picomatch": { @@ -672,20 +675,20 @@ "dev": true }, "eslint-visitor-keys": { - "version": "3.3.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.3.0.tgz", - "integrity": "sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==", + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.0.tgz", + "integrity": "sha512-HPpKPUBQcAsZOsHAFwTtIKcYlCje62XB7SEAcxjtmW6TD1WVpkS6i6/hOVtTZIl4zGj/mBqpFVGvaDneik+VoQ==", "dev": true }, "espree": { - "version": "9.5.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.5.0.tgz", - "integrity": "sha512-JPbJGhKc47++oo4JkEoTe2wjy4fmMwvFpgJT9cQzmfXKp22Dr6Hf1tdCteLz1h0P3t+mGvWZ+4Uankvh8+c6zw==", + "version": "9.5.1", + "resolved": "https://registry.npmjs.org/espree/-/espree-9.5.1.tgz", + "integrity": "sha512-5yxtHSZXRSW5pvv3hAlXM5+/Oswi1AUFqBmbibKb5s6bp3rGIDkyXU6xCoyuuLhijr4SFwPrXRoZjz0AZDN9tg==", "dev": true, "requires": { "acorn": "^8.8.0", "acorn-jsx": "^5.3.2", - "eslint-visitor-keys": "^3.3.0" + "eslint-visitor-keys": "^3.4.0" } }, "find-up": { @@ -832,9 +835,9 @@ "dev": true }, "php-parser": { - "version": "3.1.3", - "resolved": "https://registry.npmjs.org/php-parser/-/php-parser-3.1.3.tgz", - "integrity": "sha512-hPvBmnRYPqWEtMfIFOlyjQv1q75UUtxt4U+YscKIQViGmEE2Xa4BuS1B1/cZdjy7MVcwtnr0WkEsr915LgRKOw==", + "version": "3.1.4", + "resolved": "https://registry.npmjs.org/php-parser/-/php-parser-3.1.4.tgz", + "integrity": "sha512-WUEfH4FWsVItqgOknM67msDdcUAfgPJsHhPNl6EPXzWtX+PfdY282m4i8YIJ9ALUEhf+qGDajdmW+VYqSd7Deg==", "dev": true }, "picomatch": { diff --git a/package.json b/package.json index 2de41cf..56e1850 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "xe-plugin", - "version": "1.2.3", + "version": "1.2.4", "description": "Just a starter WordPress plugin.", "scripts": { "init": "cd node_scripts && node init.js", diff --git a/readme.txt b/readme.txt index eb06416..92c947f 100644 --- a/readme.txt +++ b/readme.txt @@ -1,6 +1,6 @@ === Xe Plugin === Requires at least: 5.6 -Tested up to: 6.1 +Tested up to: 6.2 Requires PHP: 7.4 License: GPL2 License URI: http://www.gnu.org/licenses/gpl-2.0.html @@ -8,6 +8,11 @@ License URI: http://www.gnu.org/licenses/gpl-2.0.html Just a starter WordPress plugin. == Changelog == +----- v1.2.4 ------------ +New Added: verify_save method in helpers class. +Fixed: CSS & Nonce prefixes change on initialization. +Fixed: Some minor bugs. + ----- v1.2.3 ------------ Fixed: Some minor bugs.