diff options
Diffstat (limited to 'plugins/jetpack/modules/carousel/jetpack-carousel.php')
-rw-r--r-- | plugins/jetpack/modules/carousel/jetpack-carousel.php | 405 |
1 files changed, 289 insertions, 116 deletions
diff --git a/plugins/jetpack/modules/carousel/jetpack-carousel.php b/plugins/jetpack/modules/carousel/jetpack-carousel.php index 45ed2975..d357b946 100644 --- a/plugins/jetpack/modules/carousel/jetpack-carousel.php +++ b/plugins/jetpack/modules/carousel/jetpack-carousel.php @@ -1,39 +1,71 @@ -<?php +<?php // phpcs:ignore WordPress.Files.FileName.InvalidClassFileName +/** + * Module: Jetpack Carousel + * + * @package automattic/jetpack + */ + use Automattic\Jetpack\Assets; use Automattic\Jetpack\Status; -/* -Plugin Name: Jetpack Carousel -Plugin URL: https://wordpress.com/ -Description: Transform your standard image galleries into an immersive full-screen experience. -Version: 0.1 -Author: Automattic - -Released under the GPL v.2 license. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. -*/ +/** + * Jetpack_Carousel class. + */ class Jetpack_Carousel { - + /** + * Defines Carousel pre-built widths + * + * @var array + */ public $prebuilt_widths = array( 370, 700, 1000, 1200, 1400, 2000 ); + /** + * Represents whether or not this is the first load of Carousel on a page. Default is true. + * + * @var bool + */ public $first_run = true; + /** + * Determines whether or not to set in the gallery. Default is false. + * + * @deprecated since 10.8 + * + * @var bool + */ public $in_gallery = false; + /** + * Determines whether the Jetpack class and method exists. Default is true. + * + * @var bool + */ public $in_jetpack = true; + /** + * Determines whether or not a single image gallery is enabled. Default is false. + * + * @var bool + */ public $single_image_gallery_enabled = false; + /** + * Determines whether images that link to themselves should be replaced with a one image gallery. Default is false. + * + * @var bool + */ public $single_image_gallery_enabled_media_file = false; - function __construct() { + /** + * Constructor. + */ + public function __construct() { add_action( 'init', array( $this, 'init' ) ); } - function init() { + /** + * Initialize class + */ + public function init() { if ( $this->maybe_disable_jp_carousel() ) { return; } @@ -44,11 +76,11 @@ class Jetpack_Carousel { $this->single_image_gallery_enabled_media_file = $this->maybe_enable_jp_carousel_single_images_media_file(); if ( is_admin() ) { - // Register the Carousel-related related settings + // Register the Carousel-related related settings. add_action( 'admin_init', array( $this, 'register_settings' ), 5 ); if ( ! $this->in_jetpack ) { - if ( 0 == $this->test_1or0_option( get_option( 'carousel_enable_it' ), true ) ) { - return; // Carousel disabled, abort early, but still register setting so user can switch it back on + if ( 0 === $this->test_1or0_option( get_option( 'carousel_enable_it' ), true ) ) { + return; // Carousel disabled, abort early, but still register setting so user can switch it back on. } } // If in admin, register the ajax endpoints. @@ -58,8 +90,8 @@ class Jetpack_Carousel { add_action( 'wp_ajax_nopriv_post_attachment_comment', array( $this, 'post_attachment_comment' ) ); } else { if ( ! $this->in_jetpack ) { - if ( 0 == $this->test_1or0_option( get_option( 'carousel_enable_it' ), true ) ) { - return; // Carousel disabled, abort early + if ( 0 === $this->test_1or0_option( get_option( 'carousel_enable_it' ), true ) ) { + return; // Carousel disabled, abort early. } } // If on front-end, do the Carousel thang. @@ -73,7 +105,7 @@ class Jetpack_Carousel { * @param array $this->prebuilt_widths Array of default widths. */ $this->prebuilt_widths = apply_filters( 'jp_carousel_widths', $this->prebuilt_widths ); - // below: load later than other callbacks hooked it (e.g. 3rd party plugins handling gallery shortcode) + // below: load later than other callbacks hooked it (e.g. 3rd party plugins handling gallery shortcode). add_filter( 'post_gallery', array( $this, 'check_if_shortcode_processed_and_enqueue_assets' ), 1000, 2 ); add_filter( 'post_gallery', array( $this, 'set_in_gallery' ), -1000 ); add_filter( 'gallery_style', array( $this, 'add_data_to_container' ) ); @@ -86,11 +118,18 @@ class Jetpack_Carousel { } if ( $this->in_jetpack ) { - Jetpack::enable_module_configurable( dirname( dirname( __FILE__ ) ) . '/carousel.php' ); + Jetpack::enable_module_configurable( dirname( __DIR__ ) . '/carousel.php' ); } } - function maybe_disable_jp_carousel() { + /** + * Returns the value of the applied jp_carousel_maybe_disable filter + * + * @since 1.6.0 + * + * @return bool - Should Carousel be disabled? Default to false. + */ + public function maybe_disable_jp_carousel() { /** * Allow third-party plugins or themes to disable Carousel. * @@ -103,7 +142,14 @@ class Jetpack_Carousel { return apply_filters( 'jp_carousel_maybe_disable', false ); } - function maybe_disable_jp_carousel_single_images() { + /** + * Returns the value of the applied jp_carousel_maybe_disable_single_images filter + * + * @since 4.5.0 + * + * @return bool - Should Carousel be disabled for single images? Default to false. + */ + public function maybe_disable_jp_carousel_single_images() { /** * Allow third-party plugins or themes to disable Carousel for single images. * @@ -116,7 +162,14 @@ class Jetpack_Carousel { return apply_filters( 'jp_carousel_maybe_disable_single_images', false ); } - function maybe_enable_jp_carousel_single_images_media_file() { + /** + * Returns the value of the applied jp_carousel_load_for_images_linked_to_file filter + * + * @since 4.5.0 + * + * @return bool - Should Carousel be enabled for single images linking to 'Media File'? Default to false. + */ + public function maybe_enable_jp_carousel_single_images_media_file() { /** * Allow third-party plugins or themes to enable Carousel * for single images linking to 'Media File' (full size image). @@ -130,7 +183,16 @@ class Jetpack_Carousel { return apply_filters( 'jp_carousel_load_for_images_linked_to_file', false ); } - function asset_version( $version ) { + /** + * Returns the value of the applied jp_carousel_asset_version filter + * + * @since 1.6.0 + * + * @param string $version Asset version. + * + * @return string + */ + public function asset_version( $version ) { /** * Filter the version string used when enqueuing Carousel assets. * @@ -143,17 +205,36 @@ class Jetpack_Carousel { return apply_filters( 'jp_carousel_asset_version', $version ); } - function display_bail_message( $output = '' ) { - // Displays a message on top of gallery if carousel has bailed + /** + * Displays a message on top of gallery if carousel has bailed. + * + * @param string $output Gallery shortcode output. + * + * @return string Shortcode output with bail message prepended. + */ + public function display_bail_message( $output = '' ) { $message = '<div class="jp-carousel-msg"><p>'; $message .= __( 'Jetpack\'s Carousel has been disabled, because another plugin or your theme is overriding the [gallery] shortcode.', 'jetpack' ); $message .= '</p></div>'; - // put before gallery output + // put before gallery output. $output = $message . $output; return $output; } - function check_if_shortcode_processed_and_enqueue_assets( $output ) { + /** + * Determine whether Carousel is enabled, and adjust filters and enqueue assets accordingly. + * + * If no other filter hook produced output for the gallery shortcode or something returns true for + * the `jp_carousel_force_enable` filter, Carousel is enabled and we queue our assets. Otherwise + * it's disabled and we remove some of our subsequent filter hooks. + * + * @since 1.9.0 + * + * @param string $output Gallery shortcode output. + * + * @return string Gallery shortcode output. + */ + public function check_if_shortcode_processed_and_enqueue_assets( $output ) { if ( class_exists( 'Jetpack_AMP_Support' ) && Jetpack_AMP_Support::is_amp_request() @@ -194,7 +275,7 @@ class Jetpack_Carousel { * @module carousel * * @since 1.6.0 - **/ + */ do_action( 'jp_carousel_thumbnails_shown' ); $this->enqueue_assets(); @@ -211,7 +292,7 @@ class Jetpack_Carousel { * * @return string $content Post content. */ - function check_content_for_blocks( $content ) { + public function check_content_for_blocks( $content ) { if ( class_exists( 'Jetpack_AMP_Support' ) && Jetpack_AMP_Support::is_amp_request() @@ -226,7 +307,10 @@ class Jetpack_Carousel { return $content; } - function enqueue_assets() { + /** + * Enqueueing Carousel assets. + */ + public function enqueue_assets() { if ( $this->first_run ) { wp_enqueue_script( 'jetpack-carousel', @@ -247,7 +331,7 @@ class Jetpack_Carousel { ); wp_localize_script( 'jetpack-carousel', 'jetpackSwiperLibraryPath', $swiper_library_path ); - // Note: using home_url() instead of admin_url() for ajaxurl to be sure to get same domain on wpcom when using mapped domains (also works on self-hosted) + // Note: using home_url() instead of admin_url() for ajaxurl to be sure to get same domain on wpcom when using mapped domains (also works on self-hosted). // Also: not hardcoding path since there is no guarantee site is running on site root in self-hosted context. $is_logged_in = is_user_logged_in(); $comment_registration = (int) get_option( 'comment_registration' ); @@ -260,7 +344,6 @@ class Jetpack_Carousel { 'nonce' => wp_create_nonce( 'carousel_nonce' ), 'display_exif' => $this->test_1or0_option( Jetpack_Options::get_option_and_ensure_autoload( 'carousel_display_exif', true ) ), 'display_comments' => $this->test_1or0_option( Jetpack_Options::get_option_and_ensure_autoload( 'carousel_display_comments', true ) ), - 'display_geo' => $this->test_1or0_option( Jetpack_Options::get_option_and_ensure_autoload( 'carousel_display_geo', true ) ), 'single_image_gallery' => $this->single_image_gallery_enabled, 'single_image_gallery_media_file' => $this->single_image_gallery_enabled_media_file, 'background_color' => $this->carousel_background_color_sanitize( Jetpack_Options::get_option_and_ensure_autoload( 'carousel_background_color', '' ) ), @@ -268,7 +351,12 @@ class Jetpack_Carousel { 'post_comment' => __( 'Post Comment', 'jetpack' ), 'write_comment' => __( 'Write a Comment...', 'jetpack' ), 'loading_comments' => __( 'Loading Comments...', 'jetpack' ), - 'download_original' => sprintf( __( 'View full size <span class="photo-size">%1$s<span class="photo-size-times">×</span>%2$s</span>', 'jetpack' ), '{0}', '{1}' ), + 'download_original' => sprintf( + /* translators: %1s is the full-size image width, and %2s is the height. */ + __( 'View full size <span class="photo-size">%1$s<span class="photo-size-times">×</span>%2$s</span>', 'jetpack' ), + '{0}', + '{1}' + ), 'no_comment_text' => __( 'Please be sure to submit some text with your comment.', 'jetpack' ), 'no_comment_email' => __( 'Please provide an email address to comment.', 'jetpack' ), 'no_comment_author' => __( 'Please provide your name to comment.', 'jetpack' ), @@ -568,7 +656,16 @@ class Jetpack_Carousel { <?php } - function set_in_gallery( $output ) { + /** + * Sets the "in_gallery" flag when the first gallery is encountered (unless in AMP mode). + * + * @deprecated since 10.8 + * + * @param string $output Gallery shortcode output. Passed through unchanged. + * + * @return string + */ + public function set_in_gallery( $output ) { if ( class_exists( 'Jetpack_AMP_Support' ) && Jetpack_AMP_Support::is_amp_request() @@ -586,10 +683,10 @@ class Jetpack_Carousel { * @see add_data_to_images() * @see wp_make_content_images_responsive() in wp-includes/media.php * - * @param string $content HTML content of the post - * @return string Modified HTML content of the post + * @param string $content HTML content of the post. + * @return string */ - function add_data_img_tags_and_enqueue_assets( $content ) { + public function add_data_img_tags_and_enqueue_assets( $content ) { if ( class_exists( 'Jetpack_AMP_Support' ) && Jetpack_AMP_Support::is_amp_request() @@ -649,7 +746,18 @@ class Jetpack_Carousel { return $content; } - function add_data_to_images( $attr, $attachment = null ) { + /** + * Adds the data attributes themselves to img tags. + * + * @see add_data_img_tags_and_enqueue_assets() + * @see https://developer.wordpress.org/reference/functions/wp_get_attachment_image/ Documentation about wp_get_attachment_image + * + * @param string[] $attr Array of attribute values for the image markup, keyed by attribute name. + * @param WP_Post $attachment Image attachment post. + * + * @return string[] Modified image attributes. + */ + public function add_data_to_images( $attr, $attachment = null ) { if ( class_exists( 'Jetpack_AMP_Support' ) && Jetpack_AMP_Support::is_amp_request() @@ -695,21 +803,12 @@ class Jetpack_Carousel { $attachment_desc = ! empty( $attachment ) ? wpautop( wptexturize( $attachment->post_content ) ) : ''; $attachment_caption = ! empty( $attachment ) ? wpautop( wptexturize( $attachment->post_excerpt ) ) : ''; - // Not yet providing geo-data, need to "fuzzify" for privacy - if ( ! empty( $img_meta ) ) { - foreach ( $img_meta as $k => $v ) { - if ( 'latitude' == $k || 'longitude' == $k ) { - unset( $img_meta[ $k ] ); - } - } - } - - // See https://github.com/Automattic/jetpack/issues/2765 + // See https://github.com/Automattic/jetpack/issues/2765. if ( isset( $img_meta['keywords'] ) ) { unset( $img_meta['keywords'] ); } - $img_meta = json_encode( array_map( 'strval', array_filter( $img_meta, 'is_scalar' ) ) ); + $img_meta = wp_json_encode( array_map( 'strval', array_filter( $img_meta, 'is_scalar' ) ) ); $attr['data-attachment-id'] = $attachment_id; $attr['data-permalink'] = esc_attr( get_permalink( $attachment_id ) ); @@ -726,7 +825,14 @@ class Jetpack_Carousel { return $attr; } - function add_data_to_container( $html ) { + /** + * Add additional attributes to the Gallery container HTML. + * + * @param string $html The HTML to which the additional attributes are added. + * + * @return string + */ + public function add_data_to_container( $html ) { global $post; if ( class_exists( 'Jetpack_AMP_Support' ) @@ -791,7 +897,7 @@ class Jetpack_Carousel { return preg_replace_callback( '#(<a[^>]* href=(["\']?)(\S+)\2>)\s*(<img[^>]*)(class=(["\']?)[^>]*wp-image-[0-9]+[^>]*\6.*>)\s*</a>#is', - static function( $matches ) { + static function ( $matches ) { if ( ! preg_match( '#\.\w+$#', $matches[3] ) ) { // The a[href] doesn't end in a file extension like .jpeg, so this is not a link to the media file, and should get a lightbox. return $matches[4] . ' data-amp-lightbox="true" lightbox="true" ' . $matches[5]; // https://github.com/ampproject/amp-wp/blob/1094ea03bd5dc92889405a47a8c41de1a88908de/includes/sanitizers/class-amp-img-sanitizer.php#L419. @@ -803,7 +909,12 @@ class Jetpack_Carousel { ); } - function get_attachment_comments() { + /** + * Retrieves comment information + * + * @return string + */ + public function get_attachment_comments() { if ( ! headers_sent() ) { header( 'Content-type: text/javascript' ); } @@ -819,8 +930,10 @@ class Jetpack_Carousel { */ do_action( 'jp_carousel_check_blog_user_privileges' ); + // phpcs:disable WordPress.Security.NonceVerification.Recommended -- we do not need to verify the nonce for this public request for publicly accessible data (as checked below). $attachment_id = ( isset( $_REQUEST['id'] ) ) ? (int) $_REQUEST['id'] : 0; $offset = ( isset( $_REQUEST['offset'] ) ) ? (int) $_REQUEST['offset'] : 0; + // phpcs:enable if ( ! $attachment_id ) { wp_send_json_error( @@ -895,7 +1008,7 @@ class Jetpack_Carousel { $comments = get_comments( array( 'status' => 'approve', - 'order' => ( 'asc' == get_option( 'comment_order' ) ) ? 'ASC' : 'DESC', + 'order' => ( 'asc' === get_option( 'comment_order' ) ) ? 'ASC' : 'DESC', 'number' => 10, 'offset' => $offset, 'post_id' => $attachment_id, @@ -920,37 +1033,40 @@ class Jetpack_Carousel { ); } - die( json_encode( $out ) ); + die( wp_json_encode( $out ) ); } - function post_attachment_comment() { + /** + * Adds a new comment to the database + */ + public function post_attachment_comment() { if ( ! headers_sent() ) { header( 'Content-type: text/javascript' ); } - if ( empty( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'carousel_nonce' ) ) { - die( json_encode( array( 'error' => __( 'Nonce verification failed.', 'jetpack' ) ) ) ); + if ( empty( $_POST['nonce'] ) || ! wp_verify_nonce( $_POST['nonce'], 'carousel_nonce' ) ) { // phpcs:ignore WordPress.Security.ValidatedSanitizedInput -- WP Core doesn't unslash or sanitize nonces either + die( wp_json_encode( array( 'error' => __( 'Nonce verification failed.', 'jetpack' ) ) ) ); } - $_blog_id = (int) $_POST['blog_id']; - $_post_id = (int) $_POST['id']; - $comment = $_POST['comment']; + $_blog_id = isset( $_POST['blog_id'] ) ? (int) $_POST['blog_id'] : 0; + $_post_id = isset( $_POST['id'] ) ? (int) $_POST['id'] : 0; + $comment = isset( $_POST['comment'] ) ? filter_var( wp_unslash( $_POST['comment'] ) ) : null; if ( empty( $_blog_id ) ) { - die( json_encode( array( 'error' => __( 'Missing target blog ID.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Missing target blog ID.', 'jetpack' ) ) ) ); } if ( empty( $_post_id ) ) { - die( json_encode( array( 'error' => __( 'Missing target post ID.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Missing target post ID.', 'jetpack' ) ) ) ); } if ( empty( $comment ) ) { - die( json_encode( array( 'error' => __( 'No comment text was submitted.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'No comment text was submitted.', 'jetpack' ) ) ) ); } - // Used in context like NewDash + // Used in context like NewDash. $switched = false; - if ( is_multisite() && $_blog_id != get_current_blog_id() ) { + if ( is_multisite() && get_current_blog_id() !== $_blog_id ) { switch_to_blog( $_blog_id ); $switched = true; } @@ -962,7 +1078,7 @@ class Jetpack_Carousel { if ( $switched ) { restore_current_blog(); } - die( json_encode( array( 'error' => __( 'Comments on this post are closed.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Comments on this post are closed.', 'jetpack' ) ) ) ); } if ( is_user_logged_in() ) { @@ -976,35 +1092,37 @@ class Jetpack_Carousel { if ( $switched ) { restore_current_blog(); } - die( json_encode( array( 'error' => __( 'Sorry, but we could not authenticate your request.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Sorry, but we could not authenticate your request.', 'jetpack' ) ) ) ); } } else { $user_id = 0; - $display_name = $_POST['author']; - $email = $_POST['email']; - $url = $_POST['url']; + $display_name = isset( $_POST['author'] ) ? sanitize_text_field( wp_unslash( $_POST['author'] ) ) : null; + $email = isset( $_POST['email'] ) ? wp_unslash( $_POST['email'] ) : null; // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- Checked or sanitized below. + $url = isset( $_POST['url'] ) ? esc_url_raw( wp_unslash( $_POST['url'] ) ) : null; if ( get_option( 'require_name_email' ) ) { if ( empty( $display_name ) ) { if ( $switched ) { restore_current_blog(); } - die( json_encode( array( 'error' => __( 'Please provide your name.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Please provide your name.', 'jetpack' ) ) ) ); } if ( empty( $email ) ) { if ( $switched ) { restore_current_blog(); } - die( json_encode( array( 'error' => __( 'Please provide an email address.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Please provide an email address.', 'jetpack' ) ) ) ); } if ( ! is_email( $email ) ) { if ( $switched ) { restore_current_blog(); } - die( json_encode( array( 'error' => __( 'Please provide a valid email address.', 'jetpack' ) ) ) ); + die( wp_json_encode( array( 'error' => __( 'Please provide a valid email address.', 'jetpack' ) ) ) ); } + } else { + $email = $email !== null ? sanitize_email( $email ) : null; } } @@ -1035,12 +1153,12 @@ class Jetpack_Carousel { do_action( 'jp_carousel_post_attachment_comment' ); $comment_status = wp_get_comment_status( $comment_id ); - if ( true == $switched ) { + if ( $switched ) { restore_current_blog(); } die( - json_encode( + wp_json_encode( array( 'comment_id' => $comment_id, 'comment_status' => $comment_status, @@ -1049,7 +1167,10 @@ class Jetpack_Carousel { ); } - function register_settings() { + /** + * Register Carousel settings + */ + public function register_settings() { add_settings_section( 'carousel_section', __( 'Image Gallery Carousel', 'jetpack' ), array( $this, 'carousel_section_callback' ), 'media' ); if ( ! $this->in_jetpack ) { @@ -1066,31 +1187,53 @@ class Jetpack_Carousel { add_settings_field( 'carousel_display_comments', __( 'Comments', 'jetpack' ), array( $this, 'carousel_display_comments_callback' ), 'media', 'carousel_section' ); register_setting( 'media', 'carousel_display_comments', array( $this, 'carousel_display_comments_sanitize' ) ); - // No geo setting yet, need to "fuzzify" data first, for privacy - // add_settings_field('carousel_display_geo', __( 'Geolocation', 'jetpack' ), array( $this, 'carousel_display_geo_callback' ), 'media', 'carousel_section' ); - // register_setting( 'media', 'carousel_display_geo', array( $this, 'carousel_display_geo_sanitize' ) ); } - // Fulfill the settings section callback requirement by returning nothing - function carousel_section_callback() { - return; + /** + * Fulfill the settings section callback requirement by returning nothing. + */ + public function carousel_section_callback() { } - function test_1or0_option( $value, $default_to_1 = true ) { - if ( true == $default_to_1 ) { - // Binary false (===) of $value means it has not yet been set, in which case we do want to default sites to 1 + /** + * Tests if a value is set + * + * @param mixed $value The value passed into this function with which to test. + * @param bool $default_to_1 Default is true. + * + * @return bool + */ + public function test_1or0_option( $value, $default_to_1 = true ) { + if ( $default_to_1 ) { + // Boolean false (===) of $value means it has not yet been set, in which case we do want to default to 1. if ( false === $value ) { $value = 1; } } - return ( 1 == $value ) ? 1 : 0; + return ( 1 == $value ) ? 1 : 0; // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual } - function sanitize_1or0_option( $value ) { - return ( 1 == $value ) ? 1 : 0; + /** + * Ensures the value returned is in the correct format. + * + * @see test_1or0_option() + * @param mixed $value The value returned from the test_1or0_option function. + * + * @return int + */ + public function sanitize_1or0_option( $value ) { + return ( 1 == $value ) ? 1 : 0; // phpcs:ignore Universal.Operators.StrictComparisons.LooseEqual } - function settings_checkbox( $name, $label_text, $extra_text = '', $default_to_checked = true ) { + /** + * Outputs a settings checkbox. + * + * @param string $name - For name attribute. + * @param string $label_text - For label attribute. + * @param string $extra_text - Additional checkbox description text. Defaults to empty. + * @param bool $default_to_checked - If the checkbox is checked. Default is true. + */ + public function settings_checkbox( $name, $label_text, $extra_text = '', $default_to_checked = true ) { if ( empty( $name ) ) { return; } @@ -1098,14 +1241,21 @@ class Jetpack_Carousel { echo '<fieldset>'; echo '<input type="checkbox" name="' . esc_attr( $name ) . '" id="' . esc_attr( $name ) . '" value="1" '; checked( '1', $option ); - echo '/> <label for="' . esc_attr( $name ) . '">' . $label_text . '</label>'; + echo '/> <label for="' . esc_attr( $name ) . '">' . wp_kses_post( $label_text ) . '</label>'; if ( ! empty( $extra_text ) ) { - echo '<p class="description">' . $extra_text . '</p>'; + echo '<p class="description">' . wp_kses_post( $extra_text ) . '</p>'; } echo '</fieldset>'; } - function settings_select( $name, $values, $extra_text = '' ) { + /** + * Output a selection list options + * + * @param string $name - For name attribute. + * @param string $values - For the different option values. + * @param string $extra_text - Additional option section description text. Defaults to empty. + */ + public function settings_select( $name, $values, $extra_text = '' ) { if ( empty( $name ) || ! is_array( $values ) || empty( $values ) ) { return; } @@ -1119,12 +1269,15 @@ class Jetpack_Carousel { } echo '</select>'; if ( ! empty( $extra_text ) ) { - echo '<p class="description">' . $extra_text . '</p>'; + echo '<p class="description">' . wp_kses_post( $extra_text ) . '</p>'; } echo '</fieldset>'; } - function carousel_display_exif_callback() { + /** + * Callback for checkbox and label of field that allows to toggle exif display. + */ + public function carousel_display_exif_callback() { $this->settings_checkbox( 'carousel_display_exif', __( 'Show photo metadata (<a href="https://en.wikipedia.org/wiki/Exchangeable_image_file_format" rel="noopener noreferrer" target="_blank">Exif</a>) in carousel, when available.', 'jetpack' ) ); } @@ -1135,7 +1288,14 @@ class Jetpack_Carousel { $this->settings_checkbox( 'carousel_display_comments', esc_html__( 'Show comments area in carousel', 'jetpack' ) ); } - function carousel_display_exif_sanitize( $value ) { + /** + * Sanitize input for the `carousel_display_exif` setting. + * + * @param mixed $value User input setting value. + * + * @return number Sanitized value, only 1 or 0. + */ + public function carousel_display_exif_sanitize( $value ) { return $this->sanitize_1or0_option( $value ); } @@ -1150,34 +1310,47 @@ class Jetpack_Carousel { return $this->sanitize_1or0_option( $value ); } - function carousel_display_geo_callback() { - $this->settings_checkbox( 'carousel_display_geo', __( 'Show map of photo location in carousel, when available.', 'jetpack' ) ); - } - - function carousel_display_geo_sanitize( $value ) { - return $this->sanitize_1or0_option( $value ); - } - - function carousel_background_color_callback() { + /** + * Callback for the Carousel background color. + */ + public function carousel_background_color_callback() { $this->settings_select( - 'carousel_background_color', array( + 'carousel_background_color', + array( 'black' => __( 'Black', 'jetpack' ), 'white' => __( 'White', 'jetpack' ), ) ); } - function carousel_background_color_sanitize( $value ) { - return ( 'white' == $value ) ? 'white' : 'black'; + /** + * Sanitizing the Carousel backgound color selection. + * + * @param string $value The color string to sanitize. + * + * @return string Sanitized value, 'white' or 'black'. + */ + public function carousel_background_color_sanitize( $value ) { + return ( 'white' === $value ) ? 'white' : 'black'; } - function carousel_enable_it_callback() { + /** + * Callback to display text for the carousel_enable_it settings field. + */ + public function carousel_enable_it_callback() { $this->settings_checkbox( 'carousel_enable_it', __( 'Display images in full-size carousel slideshow.', 'jetpack' ) ); } - function carousel_enable_it_sanitize( $value ) { + /** + * Sanitize input for the `carousel_enable_it` setting. + * + * @param mixed $value User input. + * + * @return number Sanitized value, only 1 or 0. + */ + public function carousel_enable_it_sanitize( $value ) { return $this->sanitize_1or0_option( $value ); } } -new Jetpack_Carousel; +new Jetpack_Carousel(); |