Merge pull request #12 from javiercasares/11-fix-some-operator-issues

11 fix some operator issues
javiercasares · Jan 9, 2023 · fd0ba5d · fd0ba5d
2 parents 82c6726 + f9efd6b
commit fd0ba5d
Show file tree

Hide file tree

Showing 13 changed files with 850 additions and 169 deletions.
diff --git a/includes/class-cli-wpvulnerability.php b/includes/class-cli-wpvulnerability.php
@@ -7,14 +7,13 @@
 
 // Make sure the file is not directly accessible.
 if ( ! defined( 'ABSPATH' ) ) {
-	die( 'We\'re sorry, but you can not directly access this file.' );
+	die( 'We\'re sorry, but you cannot directly access this file.' );
 }
 
 /**
  * Class CLI commands.
  */
 class CLI_WPVulnerability {
-
 	/**
 	 * CLI constructor.
 	 *
@@ -23,13 +22,12 @@ class CLI_WPVulnerability {
 	 */
 	public function __construct( $plugins_wpvulnerability ) {
 		$this->plugins = $plugins_wpvulnerability->get_installed_plugins();
-
 		if ( class_exists( 'WP_CLI' ) ) {
 			WP_CLI::add_command(
 				'wpvulnerability',
 				array( $this, 'cli_command' ),
 				array(
-					'shortdesc' => 'Prints a vulnerability',
+					'shortdesc' => 'Show the list of vulnerabilities detected in your site.',
 					'synopsis'  => array(
 						array(
 							'type'        => 'positional',
@@ -64,18 +62,17 @@ public function cli_command( $args ) {
 				$this->themes_subcommand();
 				break;
 			default:
-				WP_CLI::error( "'$args[0]' is not a registered subcommand of 'wpvulnerebality'.\nAvailable subcommands: core, plugins, themes" );
+				WP_CLI::error( "'$args[0]' is not a registered subcommand of 'wpvulnerability'.\nAvailable subcommands: core, plugins, themes" );
 				break;
 		}
 	}
 
-
 	/**
 	 * Themes section.
 	 */
 	public function core_subcommand() {
 		// TODO.
-		WP_CLI::error( 'Subcommand not implemented yet' );
+		WP_CLI::error( 'Command not implemented yet' );
 	}
 
 	/**
@@ -101,7 +98,6 @@ public function plugins_subcommand() {
 						)
 					);
 				}
-
 				WP_CLI\Utils\format_items(
 					'table',
 					$vulnerabilities,
@@ -117,6 +113,6 @@ public function plugins_subcommand() {
 	 */
 	public function themes_subcommand() {
 		// TODO.
-		WP_CLI::error( 'Subcommand not implemented yet' );
+		WP_CLI::error( 'Command not implemented yet' );
 	}
 }
diff --git a/includes/class-health-wpvulnerability.php b/includes/class-health-wpvulnerability.php
@@ -14,7 +14,6 @@
  * Class HealthCheck
  */
 class Health_WPVulnerability {
-
 	/**
 	 * Construct Class for Health Kit
 	 */
@@ -30,17 +29,17 @@ public function __construct() {
 	 */
 	public function add_vulnerability_tests( $tests ) {
 		$tests['direct']['wpvulnerability_core'] = array(
-			'label' => __( 'WP Vulnerability Core', 'wpvulnerability' ),
+			'label' => __( 'WPVulnerability Core', 'wpvulnerability' ),
 			'test'  => array( $this, 'test_vulnerability_core' ),
 		);
 
 		$tests['direct']['wpvulnerability_themes'] = array(
-			'label' => __( 'WP Vulnerability Themes', 'wpvulnerability' ),
+			'label' => __( 'WPVulnerability Themes', 'wpvulnerability' ),
 			'test'  => array( $this, 'test_vulnerability_themes' ),
 		);
 
 		$tests['direct']['wpvulnerability_plugins'] = array(
-			'label' => __( 'WP Vulnerability Plugins', 'wpvulnerability' ),
+			'label' => __( 'WPVulnerability Plugins', 'wpvulnerability' ),
 			'test'  => array( $this, 'test_vulnerability_plugins' ),
 		);
 
@@ -54,15 +53,15 @@ public function add_vulnerability_tests( $tests ) {
 	 */
 	public function test_vulnerability_core() {
 		$result = array(
-			'label'       => __( 'There are no vulnerabilities in WordPress Core.', 'wpvulnerability' ),
+			'label'       => __( 'There aren\'t WordPress vulnerabilities', 'wpvulnerability' ),
 			'status'      => 'good',
 			'badge'       => array(
 				'label' => __( 'Security', 'wpvulnerability' ),
-				'color' => 'red',
+				'color' => 'green',
 			),
 			'description' => sprintf(
 				'<p>%s</p>',
-				__( 'You can see the vulnerabilities found in your WordPress installation.', 'wpvulnerability' )
+				__( 'Shows possible vulnerabilities existing in the WordPress core.', 'wpvulnerability' )
 			),
 			'actions'     => '',
 			'test'        => 'wpvulnerability_core',
@@ -71,16 +70,17 @@ public function test_vulnerability_core() {
 		$core_vulnerabilities = wpvulnerability_get_core();
 		if ( ! empty( $core_vulnerabilities ) ) {
 			$result['status']      = 'critical';
-			$result['label']       = __( 'There are vulnerabilities in WordPress Core.', 'wpvulnerability' );
+			$result['label']       = __( 'There are WordPress Core vulnerabilities', 'wpvulnerability' );
+			$result['badge']['color'] = 'red';
 			$result['description'] = sprintf(
 				'<p>%1$s</p> %2$s',
-				__( 'We have found vulnerabilities in WordPress Core.', 'wpvulnerability' ),
+				__( 'We\'ve detected potential vulnerabilities in this WordPress installation. Please check them and keep your installation updated.', 'wpvulnerability' ),
 				wpvulnerability_get_html_vulnerabilities( $core_vulnerabilities )
 			);
 			$result['actions']    .= sprintf(
 				'<p><a href="%s">%s</a></p>',
 				esc_url( admin_url( 'update-core.php' ) ),
-				__( 'Update WordPress Core' )
+				__( 'Update WordPress' )
 			);
 		}
 
@@ -94,15 +94,15 @@ public function test_vulnerability_core() {
 	 */
 	public function test_vulnerability_themes() {
 		$result = array(
-			'label'       => __( 'There are no vulnerabilities in Themes.', 'wpvulnerability' ),
+			'label'       => __( 'There aren\'t themes vulnerabilities', 'wpvulnerability' ),
 			'status'      => 'good',
 			'badge'       => array(
 				'label' => __( 'Security', 'wpvulnerability' ),
-				'color' => 'red',
+				'color' => 'green',
 			),
 			'description' => sprintf(
 				'<p>%s</p>',
-				__( 'You can see the vulnerabilities found in your WordPress installation.', 'wpvulnerability' )
+				__( 'Shows possible vulnerabilities that exist in installed themes.', 'wpvulnerability' )
 			),
 			'actions'     => '',
 			'test'        => 'wpvulnerability_themes',
@@ -112,16 +112,17 @@ public function test_vulnerability_themes() {
 
 		if ( ! empty( $html_vuln ) ) {
 			$result['status']      = 'critical';
-			$result['label']       = __( 'There are vulnerabilities in Themes.', 'wpvulnerability' );
+			$result['label']       = __( 'There are themes vulnerabilities', 'wpvulnerability' );
+			$result['badge']['color'] = 'red';
 			$result['description'] = sprintf(
 				'<p>%1$s</p> %2$s',
-				__( 'We have found vulnerabilities in Themes.', 'wpvulnerability' ),
+				__( 'We\'ve detected potential vulnerabilities in installed themes. Please check them and keep them updated.', 'wpvulnerability' ),
 				$html_vuln
 			);
 			$result['actions']    .= sprintf(
 				'<p><a href="%s">%s</a></p>',
-				esc_url( admin_url( 'update-core.php' ) ),
-				__( 'Update Themes' )
+				esc_url( admin_url( 'themes.php' ) ),
+				__( 'Update themes' )
 			);
 		}
 
@@ -135,15 +136,15 @@ public function test_vulnerability_themes() {
 	 */
 	public function test_vulnerability_plugins() {
 		$result = array(
-			'label'       => __( 'There are no vulnerabilities in Plugins.', 'wpvulnerability' ),
+			'label'       => __( 'There aren\'t plugins vulnerabilities', 'wpvulnerability' ),
 			'status'      => 'good',
 			'badge'       => array(
 				'label' => __( 'Security', 'wpvulnerability' ),
-				'color' => 'red',
+				'color' => 'green',
 			),
 			'description' => sprintf(
 				'<p>%s</p>',
-				__( 'You can see the vulnerabilities found in your WordPress installation.', 'wpvulnerability' )
+				__( 'Shows possible vulnerabilities that exist in installed plugins.', 'wpvulnerability' )
 			),
 			'actions'     => '',
 			'test'        => 'wpvulnerability_plugins',
@@ -153,16 +154,17 @@ public function test_vulnerability_plugins() {
 
 		if ( ! empty( $html_vuln ) ) {
 			$result['status']      = 'critical';
-			$result['label']       = __( 'There are vulnerabilities in Plugins.', 'wpvulnerability' );
+			$result['label']       = __( 'There are plugins vulnerabilities', 'wpvulnerability' );
+			$result['badge']['color'] = 'red';
 			$result['description'] = sprintf(
 				'<p>%1$s</p> %2$s',
-				__( 'We have found vulnerabilities in Plugins. You cand find below.', 'wpvulnerability' ),
+				__( 'We\'ve detected potential vulnerabilities in installed plugins. Please check them and keep them updated.', 'wpvulnerability' ),
 				$html_vuln
 			);
 			$result['actions']    .= sprintf(
 				'<p><a href="%s">%s</a></p>',
-				esc_url( admin_url( 'update-core.php' ) ),
-				__( 'Update Plugins' )
+				esc_url( admin_url( 'plugins.php' ) ),
+				__( 'Update plugins' )
 			);
 		}
 

diff --git a/includes/class-plugins-wpvulnerability.php b/includes/class-plugins-wpvulnerability.php
@@ -259,7 +259,7 @@ public function after_row_text( $plugin_file, $plugin_data, $status ) {
 
 		$message = sprintf(
 			/* translators: 1: plugin name */
-			__( '%1$s has a known vulnerability that may be affecting this version. Please update this plugin.', 'wpvulnerability' ),
+			__( '%1$s has a known vulnerability that may be affecting this version.', 'wpvulnerability' ),
 			$plugin_data['Name']
 		);
 
@@ -271,10 +271,18 @@ public function after_row_text( $plugin_file, $plugin_data, $status ) {
 
 		$vulnerabilities = $this->get_cached_plugin_vulnerabilities( $wpvulnerability_data[ $plugin_file ], $plugin_file );
 		foreach ( $vulnerabilities['vulnerabilities'] as $vulnerability ) {
-			$source  = implode( ', ', array_column( $vulnerability['source'], 'name' ) );
+			$source  = implode( '<br>', array_column( $vulnerability['source'], 'name' ) );
 			$string .= '<tr>';
 			$string .= '<td><strong>' . esc_html( $vulnerability['name'] ) . '</strong></td>';
-			$string .= '<td><strong>' . esc_html( $source ) . '</strong></td>';
+
+			$string .= '<td>';
+			if( $vulnerability['closed'] ) {
+				$string .= '<span class="text-red">' . __( 'This plugin is closed. Please replace it with another.', 'wpvulnerability' ) . '</span><br>';
+			}
+			if( $vulnerability['unfixed'] ) {
+				$string .= '<span class="text-red">' . __( 'This vulnerability appears to be unpatched. Stay tuned for upcoming plugin updates.', 'wpvulnerability' ) . '</span><br>';
+			}
+			$string .= esc_html( $source ) . '</td>';
 			$string .= '</tr>';
 		}
 		$string .= '</table>';
@@ -289,13 +297,11 @@ public function after_row_text( $plugin_file, $plugin_data, $status ) {
 	 * prints out error message if plugin(s) is/are vulnerable
 	 */
 	public function vulnerable_admin_notice() {
-		$class   = 'notice notice-error is-dismissible';
-		$message = '<strong>WPVulnerability:</strong> ' . __( 'One or more plugins currently installed have known vulnerabilities with their current version. I suggest updating each vulnerable plugin if an update is available', 'wpvulnerability' );
-
-		printf(
-			'<div class="%1$s"><p>%2$s</p></div>',
-			esc_html( $class ),
-			$message //phpcs:ignore
+		sprintf(
+			// translators: Dismissible message.
+			'<div class="notice notice-error is-dismissible"><strong>%s</strong>: %s</div>',
+			'WPVulnerability',
+			__('There are possible vulnerabilities in your installation. Please, check your WordPress, plugins, and themes.', 'wpvulnerability' )
 		);
 	}
 }
diff --git a/includes/class-wpvul-admin-settings.php b/includes/class-wpvul-admin-settings.php
@@ -85,7 +85,7 @@ public function create_admin_page() {
 				<div class="header wpvulnerability-header">
 					<div class="logo">
 						<img src="<?php echo esc_url( WPVUL_PLUGIN_URL ) . 'includes/assets/logo.png'; ?>" width="50" height="47" />
-						<h2><?php esc_html_e( 'WPVulnerability Settings', 'wpvulnerability' ); ?></h2>
+						<h2><?php esc_html_e( 'WPVulnerability settings', 'wpvulnerability' ); ?></h2>
 					</div>
 				</div>
 			</div>
@@ -124,22 +124,22 @@ public function page_init() {
 
 		add_settings_section(
 			'admin_wpvulnerability_settings',
-			__( 'Settings for integration to WPVulnerability', 'wpvulnerability' ),
+			__( 'Receive notifications in your email', 'wpvulnerability' ),
 			array( $this, 'admin_section_api_info' ),
 			'wpvulnerability_settings'
 		);
 
 		add_settings_field(
 			'wpvulnerability_emails',
-			__( 'Emails to notify (separated by commas)', 'wpvulnerability' ),
+			__( 'Email address to notify (separated by commas)', 'wpvulnerability' ),
 			array( $this, 'emails_callback' ),
 			'wpvulnerability_settings',
 			'admin_wpvulnerability_settings'
 		);
 
 		add_settings_field(
 			'wpvulnerability_period',
-			__( 'Period to send notification emails', 'wpvulnerability' ),
+			__( 'How often you want to receive notifications', 'wpvulnerability' ),
 			array( $this, 'period_callback' ),
 			'wpvulnerability_settings',
 			'admin_wpvulnerability_settings'
@@ -180,7 +180,7 @@ public function sanitize_fields_api( $input ) {
 	 * @return void
 	 */
 	public function admin_section_api_info() {
-		esc_html_e( 'Add your settings for WPVulnerability.', 'wpvulnerability' );
+		esc_html_e( 'Configure and save these settings to receive email notifications.', 'wpvulnerability' );
 	}
 
 	/**
@@ -189,12 +189,10 @@ public function admin_section_api_info() {
 	 * @return void
 	 */
 	public function emails_callback() {
-		if ( empty( $this->wpvulnerability_settings['emails'] ) ) {
-			$this->wpvulnerability_settings['emails'] = get_bloginfo( 'admin_email' );
-		}
 		printf(
-			'<input class="regular-text" type="text" name="wpvulnerability_settings[emails]" id="wpvulnerability_emails" value="%s">',
-			isset( $this->wpvulnerability_settings['emails'] ) ? esc_attr( $this->wpvulnerability_settings['emails'] ) : ''
+			'<input class="regular-text" type="text" name="wpvulnerability_settings[emails]" id="wpvulnerability_emails" value="%s"><br><small>%s</small>',
+			isset( $this->wpvulnerability_settings['emails'] ) ? esc_attr( $this->wpvulnerability_settings['emails'] ) : '',
+			get_bloginfo( 'admin_email' )
 		);
 	}
 
@@ -217,5 +215,3 @@ public function period_callback() {
 }
 
 new WPVul_Admin_Settings();
-
-