Edit File by line
/home/zeestwma/richards.../wp-conte.../plugins/wpforms-.../src/Helpers
File: Templates.php
<?php
[0] Fix | Delete
[1] Fix | Delete
namespace WPForms\Helpers;
[2] Fix | Delete
[3] Fix | Delete
/**
[4] Fix | Delete
* Template related helper methods.
[5] Fix | Delete
*
[6] Fix | Delete
* @since 1.5.4
[7] Fix | Delete
*/
[8] Fix | Delete
class Templates {
[9] Fix | Delete
[10] Fix | Delete
/**
[11] Fix | Delete
* Return a list of paths to check for template locations
[12] Fix | Delete
*
[13] Fix | Delete
* @since 1.5.4
[14] Fix | Delete
*
[15] Fix | Delete
* @return array
[16] Fix | Delete
*/
[17] Fix | Delete
public static function get_theme_template_paths() {
[18] Fix | Delete
[19] Fix | Delete
$template_dir = 'wpforms';
[20] Fix | Delete
[21] Fix | Delete
$file_paths = [
[22] Fix | Delete
1 => trailingslashit( get_stylesheet_directory() ) . $template_dir,
[23] Fix | Delete
10 => trailingslashit( get_template_directory() ) . $template_dir,
[24] Fix | Delete
200 => trailingslashit( WPFORMS_PLUGIN_DIR ) . 'templates',
[25] Fix | Delete
];
[26] Fix | Delete
[27] Fix | Delete
$file_paths = \apply_filters( 'wpforms_helpers_templates_get_theme_template_paths', $file_paths );
[28] Fix | Delete
[29] Fix | Delete
// Sort the file paths based on priority.
[30] Fix | Delete
\ksort( $file_paths, SORT_NUMERIC );
[31] Fix | Delete
[32] Fix | Delete
return \array_map( 'trailingslashit', $file_paths );
[33] Fix | Delete
}
[34] Fix | Delete
[35] Fix | Delete
/**
[36] Fix | Delete
* Locate a template and return the path for inclusion.
[37] Fix | Delete
*
[38] Fix | Delete
* @since 1.5.4
[39] Fix | Delete
*
[40] Fix | Delete
* @param string $template_name Template name.
[41] Fix | Delete
*
[42] Fix | Delete
* @return string
[43] Fix | Delete
*/
[44] Fix | Delete
public static function locate( $template_name ) {
[45] Fix | Delete
[46] Fix | Delete
// Trim off any slashes from the template name.
[47] Fix | Delete
$template_name = \ltrim( $template_name, '/' );
[48] Fix | Delete
[49] Fix | Delete
if ( empty( $template_name ) ) {
[50] Fix | Delete
return \apply_filters( 'wpforms_helpers_templates_locate', '', $template_name );
[51] Fix | Delete
}
[52] Fix | Delete
[53] Fix | Delete
$located = '';
[54] Fix | Delete
[55] Fix | Delete
// Try locating this template file by looping through the template paths.
[56] Fix | Delete
foreach ( self::get_theme_template_paths() as $template_path ) {
[57] Fix | Delete
if ( \file_exists( $template_path . $template_name ) ) {
[58] Fix | Delete
$located = $template_path . $template_name;
[59] Fix | Delete
break;
[60] Fix | Delete
}
[61] Fix | Delete
}
[62] Fix | Delete
[63] Fix | Delete
return \apply_filters( 'wpforms_helpers_templates_locate', $located, $template_name );
[64] Fix | Delete
}
[65] Fix | Delete
[66] Fix | Delete
/**
[67] Fix | Delete
* Include a template.
[68] Fix | Delete
* Use 'require' if $args are passed or 'load_template' if not.
[69] Fix | Delete
*
[70] Fix | Delete
* @since 1.5.4
[71] Fix | Delete
*
[72] Fix | Delete
* @param string $template_name Template name.
[73] Fix | Delete
* @param array $args Arguments.
[74] Fix | Delete
* @param bool $extract Extract arguments.
[75] Fix | Delete
*
[76] Fix | Delete
* @throws \RuntimeException If extract() tries to modify the scope.
[77] Fix | Delete
*/
[78] Fix | Delete
public static function include_html( $template_name, $args = [], $extract = false ) {
[79] Fix | Delete
[80] Fix | Delete
$template_name .= '.php';
[81] Fix | Delete
[82] Fix | Delete
// Allow 3rd party plugins to filter template file from their plugin.
[83] Fix | Delete
$located = \apply_filters( 'wpforms_helpers_templates_include_html_located', self::locate( $template_name ), $template_name, $args, $extract );
[84] Fix | Delete
$args = \apply_filters( 'wpforms_helpers_templates_include_html_args', $args, $template_name, $extract );
[85] Fix | Delete
[86] Fix | Delete
if ( empty( $located ) || ! \is_readable( $located ) ) {
[87] Fix | Delete
return;
[88] Fix | Delete
}
[89] Fix | Delete
[90] Fix | Delete
// Load template WP way if no arguments were passed.
[91] Fix | Delete
if ( empty( $args ) ) {
[92] Fix | Delete
\load_template( $located, false );
[93] Fix | Delete
return;
[94] Fix | Delete
}
[95] Fix | Delete
[96] Fix | Delete
$extract = \apply_filters( 'wpforms_helpers_templates_include_html_extract_args', $extract, $template_name, $args );
[97] Fix | Delete
[98] Fix | Delete
if ( $extract && \is_array( $args ) ) {
[99] Fix | Delete
[100] Fix | Delete
$created_vars_count = extract( $args, EXTR_SKIP ); // phpcs:ignore WordPress.PHP.DontExtract
[101] Fix | Delete
[102] Fix | Delete
// Protecting existing scope from modification.
[103] Fix | Delete
if ( count( $args ) !== $created_vars_count ) {
[104] Fix | Delete
throw new \RuntimeException( 'Extraction failed: variable names are clashing with the existing ones.' );
[105] Fix | Delete
}
[106] Fix | Delete
}
[107] Fix | Delete
[108] Fix | Delete
require $located;
[109] Fix | Delete
}
[110] Fix | Delete
[111] Fix | Delete
/**
[112] Fix | Delete
* Like self::include_html, but returns the HTML instead of including.
[113] Fix | Delete
*
[114] Fix | Delete
* @since 1.5.4
[115] Fix | Delete
*
[116] Fix | Delete
* @param string $template_name Template name.
[117] Fix | Delete
* @param array $args Arguments.
[118] Fix | Delete
* @param bool $extract Extract arguments.
[119] Fix | Delete
*
[120] Fix | Delete
* @return string
[121] Fix | Delete
*/
[122] Fix | Delete
public static function get_html( $template_name, $args = [], $extract = false ) {
[123] Fix | Delete
[124] Fix | Delete
\ob_start();
[125] Fix | Delete
self::include_html( $template_name, $args, $extract );
[126] Fix | Delete
return \ob_get_clean();
[127] Fix | Delete
}
[128] Fix | Delete
[129] Fix | Delete
/**
[130] Fix | Delete
* Validate that a file path is safe and within the expected path(s).
[131] Fix | Delete
*
[132] Fix | Delete
* Author Scott Kingsley Clark, Pods Framework.
[133] Fix | Delete
* Refactored to reduce cyclomatic complexity.
[134] Fix | Delete
*
[135] Fix | Delete
* @since 1.7.5.5
[136] Fix | Delete
*
[137] Fix | Delete
* @link https://github.com/pods-framework/pods/commit/ea53471e58e638dec06957edc38f9fa86607652c
[138] Fix | Delete
*
[139] Fix | Delete
* @param string $path The file path.
[140] Fix | Delete
* @param null|array|string $paths_to_check The list of path types to check, defaults to just checking 'wpforms'.
[141] Fix | Delete
* Available: 'wpforms', 'plugins', 'theme',
[142] Fix | Delete
* or 'all' to check all supported paths.
[143] Fix | Delete
*
[144] Fix | Delete
* @return false|string False if the path was not allowed or did not exist, otherwise it returns the normalized path.
[145] Fix | Delete
*/
[146] Fix | Delete
public static function validate_safe_path( $path, $paths_to_check = null ) {
[147] Fix | Delete
[148] Fix | Delete
static $available_checks;
[149] Fix | Delete
[150] Fix | Delete
if ( ! $available_checks ) {
[151] Fix | Delete
$available_checks = [
[152] Fix | Delete
'wpforms' => realpath( WPFORMS_PLUGIN_DIR ),
[153] Fix | Delete
'plugins' => [
[154] Fix | Delete
realpath( WP_PLUGIN_DIR ),
[155] Fix | Delete
realpath( WPMU_PLUGIN_DIR ),
[156] Fix | Delete
],
[157] Fix | Delete
'theme' => [
[158] Fix | Delete
realpath( get_stylesheet_directory() ),
[159] Fix | Delete
realpath( get_template_directory() ),
[160] Fix | Delete
],
[161] Fix | Delete
];
[162] Fix | Delete
[163] Fix | Delete
$available_checks['plugins'] = array_unique( array_filter( $available_checks['plugins'] ) );
[164] Fix | Delete
$available_checks['theme'] = array_unique( array_filter( $available_checks['theme'] ) );
[165] Fix | Delete
$available_checks = array_filter( $available_checks );
[166] Fix | Delete
}
[167] Fix | Delete
[168] Fix | Delete
$paths_to_check = $paths_to_check === null ? [ 'wpforms' ] : $paths_to_check;
[169] Fix | Delete
$paths_to_check = $paths_to_check === 'all' ? array_keys( $available_checks ) : $paths_to_check;
[170] Fix | Delete
$paths_to_check = (array) $paths_to_check;
[171] Fix | Delete
[172] Fix | Delete
if ( empty( $paths_to_check ) ) {
[173] Fix | Delete
return false;
[174] Fix | Delete
}
[175] Fix | Delete
[176] Fix | Delete
$path = wp_normalize_path( trim( (string) $path ) );
[177] Fix | Delete
[178] Fix | Delete
$match_count = 1;
[179] Fix | Delete
[180] Fix | Delete
// Replace the ../ usage as many times as it may need to be replaced.
[181] Fix | Delete
while ( $match_count ) {
[182] Fix | Delete
$path = str_replace( '../', '', $path, $match_count );
[183] Fix | Delete
}
[184] Fix | Delete
[185] Fix | Delete
$path = realpath( $path );
[186] Fix | Delete
[187] Fix | Delete
foreach ( $paths_to_check as $check_type ) {
[188] Fix | Delete
if ( self::has_match( $path, $available_checks, $check_type ) ) {
[189] Fix | Delete
return $path;
[190] Fix | Delete
}
[191] Fix | Delete
}
[192] Fix | Delete
[193] Fix | Delete
return false;
[194] Fix | Delete
}
[195] Fix | Delete
[196] Fix | Delete
/**
[197] Fix | Delete
* Whether path matches.
[198] Fix | Delete
*
[199] Fix | Delete
* @since 1.7.5.5
[200] Fix | Delete
*
[201] Fix | Delete
* @param string|bool $path Path.
[202] Fix | Delete
* @param array $available_checks Available checks.
[203] Fix | Delete
* @param string $check_type Check type.
[204] Fix | Delete
*
[205] Fix | Delete
* @return bool
[206] Fix | Delete
*/
[207] Fix | Delete
private static function has_match( $path, $available_checks, $check_type ) {
[208] Fix | Delete
[209] Fix | Delete
if ( ! $path || ! isset( $available_checks[ $check_type ] ) ) {
[210] Fix | Delete
return false;
[211] Fix | Delete
}
[212] Fix | Delete
[213] Fix | Delete
$check_type_paths = (array) $available_checks[ $check_type ];
[214] Fix | Delete
[215] Fix | Delete
foreach ( $check_type_paths as $path_to_check ) {
[216] Fix | Delete
if ( 0 === strpos( $path, $path_to_check ) && file_exists( $path ) ) {
[217] Fix | Delete
return true;
[218] Fix | Delete
}
[219] Fix | Delete
}
[220] Fix | Delete
[221] Fix | Delete
return false;
[222] Fix | Delete
}
[223] Fix | Delete
}
[224] Fix | Delete
[225] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function