Commit f1aa9050 authored by noplanman's avatar noplanman
Browse files

Merge branch 'php7.4-code-update' into 'develop'

Update code to PHP 7.4

See merge request !19
parents c1d5e371 4aacbd4a
Pipeline #5537 passed with stage
in 1 minute and 46 seconds
......@@ -30,7 +30,7 @@ class Wp_Otp_Admin {
*
* @param string $hook Page on which this hook is called.
*/
public function enqueue_styles( $hook ): void {
public function enqueue_styles( string $hook ): void {
if ( 'profile.php' === $hook ) {
wp_enqueue_style( WP_OTP_SLUG . '-admin', plugin_dir_url( __FILE__ ) . 'css/wp-otp-admin.css', [], WP_OTP_VERSION );
}
......@@ -43,7 +43,7 @@ class Wp_Otp_Admin {
*
* @param string $hook Page on which this hook is called.
*/
public function enqueue_scripts( $hook ): void {
public function enqueue_scripts( string $hook ): void {
if ( 'profile.php' === $hook ) {
$handle = WP_OTP_SLUG . '-admin';
......@@ -64,7 +64,7 @@ class Wp_Otp_Admin {
*
* @return void
*/
public function user_profile_updated( $user_id ): void {
public function user_profile_updated( int $user_id ): void {
if ( ! current_user_can( 'edit_user', $user_id ) ) {
return;
}
......@@ -81,7 +81,7 @@ class Wp_Otp_Admin {
$otp = TOTP::create( $secret );
$otp->setLabel( $user->user_login );
$otp_code = sanitize_key( $_POST['wp_otp_code'] ?? '' );
$otp_code = sanitize_key( $_POST['wp-otp-code'] ?? '' );
if ( $otp_code && ! $user_meta_data->get( 'enabled', false ) ) {
/** Filter documented in class-wp-otp-public.php */
$otp_window = (int) apply_filters( 'wp_otp_code_expiration_window', 2 );
......@@ -127,7 +127,7 @@ class Wp_Otp_Admin {
// phpcs:ignore WordPress.Security.NonceVerification.Recommended
if ( 'yes' === ( sanitize_key( $_GET['wp-otp-reconfigure'] ?? '' ) ) ) {
Wp_Otp_User_Meta::clear();
wp_safe_redirect( get_edit_profile_url() . '#wp_otp' );
wp_safe_redirect( get_edit_profile_url() . '#wp-otp' );
exit;
}
......@@ -250,7 +250,7 @@ class Wp_Otp_Admin {
*
* @param WP_User $user WordPress User Object.
*/
public function user_profile_render( $user ): void {
public function user_profile_render( WP_User $user ): void {
$user_meta_data = Wp_Otp_User_Meta::get_instance();
// Get and save the secret.
......
......@@ -9,13 +9,13 @@
?>
<a name="wp_otp"></a>
<a id="wp-otp"></a>
<h2><?php esc_html_e( 'Set up WP-OTP (WordPress One Time Password)', 'wp-otp' ); ?></h2>
<table class="form-table">
<tr>
<th scope="row">
<?php esc_html_e( 'OTP Secret', 'wp-otp' ); ?>:<br>
<?php echo esc_html( implode( ' ', str_split( $secret, 4 ) ) ); ?><br><br>
<?php echo esc_html( chunk_split( $secret, 4, ' ' ) ); ?><br><br>
<?php if ( $otp_enabled ) : ?>
<?php
printf(
......@@ -41,8 +41,8 @@
</div>
<?php else : ?>
<em><?php esc_html_e( 'To activate WP-OTP, enter the One Time Password from your authenticator app and save your profile.', 'wp-otp' ); ?></em><br><br>
<label for="wp_otp_code"><?php esc_html_e( 'One Time Password', 'wp-otp' ); ?></label><br>
<input type="text" class="input" name="wp_otp_code" id="wp_otp_code"/>
<label for="wp-otp-code"><?php esc_html_e( 'One Time Password', 'wp-otp' ); ?></label><br>
<input type="text" class="input" name="wp-otp-code" id="wp-otp-code"/>
<?php wp_nonce_field( 'wp_otp_nonce', 'wp_otp_nonce', false ); ?>
<?php endif; ?>
</th>
......
......@@ -24,7 +24,7 @@ class Wp_Otp_Loader {
* @access private
* @var array $actions
*/
private $actions;
private array $actions;
/**
* The filters registered with WordPress to fire when the plugin loads.
......@@ -33,7 +33,7 @@ class Wp_Otp_Loader {
* @access private
* @var array $filters
*/
private $filters;
private array $filters;
/**
* Initialize the collections used to maintain the actions and filters.
......@@ -56,7 +56,7 @@ class Wp_Otp_Loader {
* @param int $priority The priority at which the function should be fired. Default is 10.
* @param int $accepted_args The number of arguments that should be passed to the $callback. Default is 1.
*/
public function add_action( $hook, $component, $callback = null, $priority = 10, $accepted_args = 1 ): void {
public function add_action( string $hook, object $component, string $callback = '', $priority = 10, $accepted_args = 1 ): void {
$this->actions = $this->add( $this->actions, $hook, $component, $callback ?: $hook, $priority, $accepted_args );
}
......@@ -71,7 +71,7 @@ class Wp_Otp_Loader {
* @param int $priority The priority at which the function should be fired. Default is 10.
* @param int $accepted_args The number of arguments that should be passed to the $callback. Default is 1.
*/
public function add_filter( $hook, $component, $callback = null, $priority = 10, $accepted_args = 1 ): void {
public function add_filter( string $hook, object $component, string $callback = '', $priority = 10, $accepted_args = 1 ): void {
$this->filters = $this->add( $this->filters, $hook, $component, $callback ?: $hook, $priority, $accepted_args );
}
......@@ -91,7 +91,7 @@ class Wp_Otp_Loader {
*
* @return array The collection of actions and filters registered with WordPress.
*/
private function add( $hooks, $hook, $component, $callback, $priority, $accepted_args ): array {
private function add( array $hooks, string $hook, object $component, string $callback, int $priority, int $accepted_args ): array {
$hooks[] = [
'hook' => $hook,
'component' => $component,
......
......@@ -20,6 +20,9 @@ class Wp_Otp_Setup {
*
* @since 0.1.0
*
* @todo Type declaration blocked by:
* https://core.trac.wordpress.org/ticket/36406
*
* @param bool $network_wide TRUE if multisite/network and superadmin uses the "Network Activate" action.
* FALSE is no multisite install or plugin gets activated on a single blog.
*/
......@@ -44,7 +47,7 @@ class Wp_Otp_Setup {
* @param bool $network_wide TRUE if multisite/network and superadmin uses the "Network Deactivate" action.
* FALSE is no multisite install or plugin gets deactivated on a single blog.
*/
public static function deactivate( $network_wide ): void {
public static function deactivate( bool $network_wide ): void {
if ( $network_wide && is_multisite() ) {
foreach ( get_sites() as $site ) {
switch_to_blog( $site->blog_id );
......@@ -100,7 +103,7 @@ class Wp_Otp_Setup {
*
* @param string $file Path of uninstall.php.
*/
public static function uninstall( $file ): void {
public static function uninstall( string $file ): void {
if ( ! current_user_can( 'activate_plugins' ) ) {
return;
}
......
......@@ -19,9 +19,9 @@ class Wp_Otp_User_Meta {
* Instance of this class.
*
* @since 0.1.0
* @var Wp_Otp_User_Meta
* @var Wp_Otp_User_Meta|null
*/
private static $instance;
private static ?Wp_Otp_User_Meta $instance = null;
/**
* Meta key to save the data in the user options.
......@@ -29,7 +29,7 @@ class Wp_Otp_User_Meta {
* @since 0.1.0
* @var string
*/
private static $user_meta_key = WP_OTP_SLUG;
private static string $user_meta_key = WP_OTP_SLUG;
/**
* All default user meta.
......@@ -37,7 +37,7 @@ class Wp_Otp_User_Meta {
* @since 0.1.0
* @var array
*/
private static $default_user_meta = [
private static array $default_user_meta = [
'counter' => null,
'digest' => 'sha1',
'digits' => 6,
......@@ -54,7 +54,7 @@ class Wp_Otp_User_Meta {
* @since 0.1.0
* @var array
*/
private static $user_meta = [];
private static array $user_meta = [];
/**
* User ID of the user whose meta data is managed.
......@@ -62,7 +62,7 @@ class Wp_Otp_User_Meta {
* @since 0.1.0
* @var int
*/
private static $user_id = 0;
private static int $user_id = 0;
/**
* Preload the user metadata on initialisation.
......@@ -164,7 +164,7 @@ class Wp_Otp_User_Meta {
*
* @return Wp_Otp_User_Meta Instance of this class.
*/
public function set( $key, $value, $save = false ): Wp_Otp_User_Meta {
public function set( string $key, $value, bool $save = false ): Wp_Otp_User_Meta {
if ( null !== $key ) {
if ( null !== $value ) {
self::$user_meta[ $key ] = $value;
......@@ -188,7 +188,7 @@ class Wp_Otp_User_Meta {
*
* @return Wp_Otp_User_Meta Instance of this class.
*/
public function set_all( $metas, $save = false ): Wp_Otp_User_Meta {
public function set_all( array $metas, bool $save = false ): Wp_Otp_User_Meta {
foreach ( $metas as $key => $value ) {
$this->set( $key, $value );
}
......
......@@ -21,7 +21,7 @@ class Wp_Otp {
* @access private
* @var Wp_Otp_Loader $loader
*/
private $loader;
private Wp_Otp_Loader $loader;
/**
* Define the core functionality of the plugin.
......
<?xml version="1.0"?>
<ruleset name="WordPress Coding Standards based custom ruleset for your plugin">
<description>Generally-applicable sniffs for WordPress plugins.</description>
<?xml version="1.0" encoding="UTF-8"?>
<ruleset name="WordPress Coding Standards based custom ruleset for your plugin" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="./vendor/squizlabs/php_codesniffer/phpcs.xsd">
<description>Generally-applicable sniffs for WordPress plugins.</description>
<!-- What to scan -->
<file>.</file>
<exclude-pattern>/tests/</exclude-pattern>
<exclude-pattern>/vendor/</exclude-pattern>
<!-- What to scan -->
<file>.</file>
<exclude-pattern>/tests/</exclude-pattern>
<exclude-pattern>/vendor/</exclude-pattern>
<!-- How to scan -->
<!-- Usage instructions: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Usage -->
<!-- Annotated ruleset: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Annotated-ruleset.xml -->
<arg value="sp"/> <!-- Show sniff and progress -->
<arg name="basepath" value="./"/><!-- Strip the file paths down to the relevant bit -->
<arg name="colors"/>
<arg name="extensions" value="php"/>
<arg name="parallel" value="8"/><!-- Enables parallel processing when available for faster results. -->
<!-- How to scan -->
<!-- Usage instructions: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Usage -->
<!-- Annotated ruleset: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Annotated-ruleset.xml -->
<arg value="sp"/> <!-- Show sniff and progress -->
<arg name="basepath" value="./"/><!-- Strip the file paths down to the relevant bit -->
<arg name="colors"/>
<arg name="encoding" value="utf-8"/>
<arg name="extensions" value="php"/>
<arg name="parallel" value="8"/><!-- Enables parallel processing when available for faster results -->
<!-- Rules: Check PHP version compatibility -->
<!-- https://github.com/PHPCompatibility/PHPCompatibility#sniffing-your-code-for-compatibility-with-specific-php-versions -->
<config name="testVersion" value="7.4-"/>
<!-- https://github.com/PHPCompatibility/PHPCompatibilityWP -->
<rule ref="PHPCompatibilityWP"/>
<!-- Rules: Check PHP version compatibility -->
<!-- https://github.com/PHPCompatibility/PHPCompatibility#sniffing-your-code-for-compatibility-with-specific-php-versions -->
<config name="testVersion" value="7.4-"/>
<!-- https://github.com/PHPCompatibility/PHPCompatibilityWP -->
<rule ref="PHPCompatibilityWP"/>
<rule ref="Generic.Commenting.DocComment.MissingShort">
<!-- Temporarily disabled until https://github.com/WordPress/WordPress-Coding-Standards/issues/403 is fixed. -->
<severity>0</severity>
</rule>
<rule ref="Generic.Commenting.DocComment.MissingShort">
<!-- Temporarily disabled until https://github.com/WordPress/WordPress-Coding-Standards/issues/403 is fixed. -->
<severity>0</severity>
</rule>
<!-- Rules: WordPress Coding Standards -->
<!-- https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards -->
<!-- https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/wiki/Customizable-sniff-properties -->
<config name="minimum_supported_wp_version" value="4.6"/>
<rule ref="WordPress">
<exclude name="Generic.Arrays.DisallowShortArraySyntax.Found" />
<exclude name="PEAR.Functions.FunctionCallSignature.ContentAfterOpenBracket" />
<exclude name="PEAR.Functions.FunctionCallSignature.CloseBracketLine" />
<exclude name="PEAR.Functions.FunctionCallSignature.MultipleArguments" />
<exclude name="WordPress.PHP.DisallowShortTernary.Found" />
<exclude name="WordPress.WhiteSpace.PrecisionAlignment.Found" />
</rule>
<!-- Rules: WordPress Coding Standards -->
<!-- https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards -->
<!-- https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/wiki/Customizable-sniff-properties -->
<config name="minimum_supported_wp_version" value="4.6"/>
<rule ref="WordPress">
<exclude name="Generic.Arrays.DisallowShortArraySyntax.Found"/>
<exclude name="PEAR.Functions.FunctionCallSignature.ContentAfterOpenBracket"/>
<exclude name="PEAR.Functions.FunctionCallSignature.CloseBracketLine"/>
<exclude name="PEAR.Functions.FunctionCallSignature.MultipleArguments"/>
<exclude name="WordPress.PHP.DisallowShortTernary.Found"/>
<exclude name="WordPress.WhiteSpace.PrecisionAlignment.Found"/>
</rule>
<rule ref="WordPress.WP.I18n">
<properties>
<!-- Value: replace the text domain used. -->
<property name="text_domain" type="array" value="wp-otp"/>
</properties>
</rule>
<rule ref="WordPress.WhiteSpace.ControlStructureSpacing">
<properties>
<property name="blank_line_check" value="true"/>
</properties>
</rule>
<rule ref="WordPress.WP.I18n">
<properties>
<property name="text_domain" type="array" value="wp-otp"/>
</properties>
</rule>
<rule ref="WordPress.WhiteSpace.ControlStructureSpacing">
<properties>
<property name="blank_line_check" value="true"/>
</properties>
</rule>
</ruleset>
......@@ -53,9 +53,9 @@ class Wp_Otp_Public {
);
?>
<p>
<label for="wp_otp_code"><?php echo wp_kses_data( $otp_text ); ?></label><br/>
<label for="wp-otp-code"><?php echo wp_kses_data( $otp_text ); ?></label><br/>
<?php '' !== $otp_text_sub && print wp_kses_data( sprintf( '<em>%s</em>', $otp_text_sub ) ); ?>
<input type="text" class="input" name="wp_otp_code" id="wp_otp_code"/>
<input type="text" class="input" name="wp-otp-code" id="wp-otp-code"/>
</p>
<?php
}
......@@ -63,7 +63,7 @@ class Wp_Otp_Public {
/**
* Validation of the user login, to check if the OTP was correct.
*
* @param WP_User $user The user that's trying to log in.
* @param null|WP_User|WP_Error $user The user that's trying to log in.
*
* @return WP_Error|WP_User
*/
......@@ -81,7 +81,7 @@ class Wp_Otp_Public {
// We can safely ignore the PHPCS error here, as this gets handled by WP.
// phpcs:ignore WordPress.Security.NonceVerification.Missing
$otp_code = sanitize_key( $_POST['wp_otp_code'] ?? '' );
$otp_code = sanitize_key( $_POST['wp-otp-code'] ?? '' );
// If this is a valid OTP code, all good!
if ( $this->verify_otp( $otp, $otp_code ) ) {
......@@ -115,12 +115,12 @@ class Wp_Otp_Public {
/**
* Validation of the user login, to check if the stealth OTP was correct.
*
* @param string $username The username that's trying to log in.
* @param string $password The password being used to log in.
* @param string|null $username The username that's trying to log in.
* @param string|null $password The password being used to log in.
*
* @return void
*/
public function login_form_stealth_validate( &$username, &$password ): void {
public function login_form_stealth_validate( ?string $username, ?string &$password ): void {
$user = get_user_by( 'login', $username );
if ( ! $user ) {
return;
......@@ -144,7 +144,7 @@ class Wp_Otp_Public {
$otp_code = substr( $password, -6 );
$tmp_pass = substr( $password, 0, -6 );
if ( wp_check_password( $tmp_pass, $user->user_pass, $user->ID ) && $this->verify_otp( $otp, $otp_code ) ) {
$password = $tmp_pass;
$password = (string) $tmp_pass;
return;
}
......@@ -161,7 +161,7 @@ class Wp_Otp_Public {
// Unset the recovery code that has just been used.
$recovery_codes[ $otp_code ] = false;
$user_meta_data->set( 'recovery_codes', $recovery_codes, true );
$password = $tmp_pass;
$password = (string) $tmp_pass;
return;
}
}
......@@ -176,7 +176,7 @@ class Wp_Otp_Public {
*
* @return TOTPInterface|null
*/
private function get_otp_if_enabled( $user_meta_data ): ?TOTPInterface {
private function get_otp_if_enabled( Wp_Otp_User_Meta $user_meta_data ): ?TOTPInterface {
if ( $user_meta_data->get( 'enabled' ) && null !== $user_meta_data->get( 'secret' ) ) {
return TOTP::create( $user_meta_data->get( 'secret' ) );
}
......@@ -194,7 +194,7 @@ class Wp_Otp_Public {
*
* @return bool
*/
private function verify_otp( $otp, $otp_code ): bool {
private function verify_otp( TOTPInterface $otp, string $otp_code ): bool {
/**
* Filter for the OTP code expiration window.
*
......
......@@ -95,7 +95,8 @@ This means that you will need to add your OTP (or recovery) code at the end of y
== Changelog ==
= unreleased =
* Require at least PHP 7.4.
* Require at least PHP 7.4 and update all code.
* Allow for PHP 8.0.
* Bump dependencies.
= 0.5.1 =
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment