Created
May 10, 2016 08:50
-
-
Save grappler/6b7ac6b1072233e252de90b1c2e6a5a5 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Checks for the Customizer. | |
| */ | |
| class CustomizerCheck implements themecheck { | |
| protected $error = array(); | |
| function check( $php_files, $css_files, $other_files) { | |
| $ret = true; | |
| checkcount(); | |
| /** | |
| * Check whether every Customizer setting has a sanitization callback set. | |
| */ | |
| foreach ( $php_files as $file_path => $file_content ) { | |
| // Get the arguments passed to the add_setting method | |
| if ( preg_match_all( '/\$wp_customize->add_setting\(([^;]+)/', $file_content, $matches ) ) { | |
| // The full match is in [0], the match group in [1] | |
| foreach ( $matches[1] as $match ) { | |
| $filename = tc_filename( $file_path ); | |
| preg_match( "/(?:\"|')(.*?)(?:\"|')/", $match, $setting ); | |
| // Check if we have sanitize_callback or sanitize_js_callback | |
| if ( false === strpos( $match, 'sanitize_callback' ) && false === strpos( $match, 'sanitize_js_callback' ) ) { | |
| $this->error[] = '<span class="tc-lead tc-required">' . __('REQUIRED','theme-check') . '</span>: ' . __( 'Found a Customizer setting that did not have a sanitization callback function. Every call to the <strong>add_setting()</strong> method needs to have a sanitization callback function passed.', 'theme-check' ) . sprintf( ' ' . __( 'Found %1$s in the file %2$s.', 'theme-check' ), '<strong>' . $setting[1] . '</strong>', '<strong>' . $filename . '</strong>' ); | |
| $ret = false; | |
| } else { | |
| // There's a callback, check that no empty parameter is passed. | |
| if ( preg_match( '/[\'"](?:sanitize_callback|sanitize_js_callback)[\'"]\s*=>\s*[\'"]\s*[\'"]/', $match ) ) { | |
| $this->error[] = '<span class="tc-lead tc-required">' . __('REQUIRED','theme-check') . '</span>: ' . __( 'Found a Customizer setting that had an empty value passed as sanitization callback. You need to pass a function name as sanitization callback.', 'theme-check' ) . sprintf( ' ' . __( 'Found %1$s in the file %2$s.', 'theme-check' ), '<strong>' . $setting[1] . '</strong>', '<strong>' . $filename . '</strong>'); | |
| $ret = false; | |
| } | |
| } | |
| } | |
| } | |
| } | |
| return $ret; | |
| } | |
| function getError() { return $this->error; } | |
| } | |
| $themechecks[] = new CustomizerCheck; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment