Fix PHPCS issues

Author: joemcgill

wp-admin/includes/class-wp-key-pair-list-table.php

@@ -73,12 +73,12 @@ protected function column_default( $item, $column_name ) {
 				if ( empty( $item['created'] ) ) {
 					return '—';
 				}
-				return date( 'F j, Y g:i a', $item['created'] );
+				return gmdate( 'F j, Y g:i a', $item['created'] );
 			case 'last_used':
 				if ( empty( $item['last_used'] ) ) {
 					return '—';
 				}
-				return date( 'F j, Y g:i a', $item['last_used'] );
+				return gmdate( 'F j, Y g:i a', $item['last_used'] );
 			case 'last_ip':
 				if ( empty( $item['last_ip'] ) ) {
 					return '—';

wp-includes/rest-api/auth/class-wp-rest-key-pair.php

@@ -96,14 +96,14 @@ public function register_routes() {
 			'callback'            => array( $this, 'generate_key_pair' ),
 			'permission_callback' => '__return_true',
 			'args'                => array(
-				'name'               => array(
+				'name'    => array(
 					'description'       => esc_html__( 'The name of the key-pair.', 'jwt-auth' ),
 					'type'              => 'string',
 					'required'          => true,
 					'sanitize_callback' => 'sanitize_text_field',
 					'validate_callback' => 'rest_validate_request_arg',
 				),
-				'user_id'            => array(
+				'user_id' => array(
 					'description'       => esc_html__( 'The ID of the user.', 'jwt-auth' ),
 					'type'              => 'integer',
 					'required'          => true,
@@ -120,7 +120,7 @@ public function register_routes() {
 			'callback'            => array( $this, 'delete_all_key_pairs' ),
 			'permission_callback' => '__return_true',
 			'args'                => array(
-				'user_id'            => array(
+				'user_id' => array(
 					'description'       => esc_html__( 'The ID of the user.', 'jwt-auth' ),
 					'type'              => 'integer',
 					'required'          => true,
@@ -136,14 +136,14 @@ public function register_routes() {
 			'callback'            => array( $this, 'delete_key_pair' ),
 			'permission_callback' => '__return_true',
 			'args'                => array(
-				'user_id'            => array(
+				'user_id' => array(
 					'description'       => esc_html__( 'The ID of the user.', 'jwt-auth' ),
 					'type'              => 'integer',
 					'required'          => true,
 					'sanitize_callback' => 'absint',
 					'validate_callback' => 'rest_validate_request_arg',
 				),
-				'api_key'            => array(
+				'api_key' => array(
 					'description'       => esc_html__( 'The API key being revoked.', 'jwt-auth' ),
 					'type'              => 'string',
 					'required'          => true,
@@ -517,7 +517,7 @@ public function generate_key_pair( WP_REST_Request $request ) {
 		$keypairs[] = $new_item;
 		$this->set_user_key_pairs( $user_id, $keypairs );
 
-		$new_item['created']   = date( 'F j, Y g:i a', $new_item['created'] );
+		$new_item['created']   = gmdate( 'F j, Y g:i a', $new_item['created'] );
 		$new_item['last_used'] = '—';
 		$new_item['last_ip']   = '—';
 

wp-includes/rest-api/auth/class-wp-rest-token.php

@@ -100,7 +100,7 @@ public function register_routes() {
 		$args = array(
 			'methods'             => WP_REST_Server::READABLE,
 			'callback'            => array( $this, 'validate' ),
-			'permission_callback' => '__return_true'
+			'permission_callback' => '__return_true',
 		);
 		register_rest_route( self::_NAMESPACE_, '/' . self::_REST_BASE_ . '/validate', $args );
 
@@ -109,13 +109,13 @@ public function register_routes() {
 			'callback'            => array( $this, 'generate_token' ),
 			'permission_callback' => '__return_true',
 			'args'                => array(
-				'api_key'            => array(
+				'api_key'    => array(
 					'description'       => __( 'The API key of the user; requires also setting the api_secret.', 'jwt-auth' ),
 					'type'              => 'string',
 					'sanitize_callback' => 'sanitize_text_field',
 					'validate_callback' => 'rest_validate_request_arg',
 				),
-				'api_secret'         => array(
+				'api_secret' => array(
 					'description'       => __( 'The API secret of the user; requires also setting the api_key.', 'jwt-auth' ),
 					'type'              => 'string',
 					'sanitize_callback' => 'sanitize_text_field',
@@ -382,8 +382,8 @@ public function authenticate_refresh_token( $user, WP_REST_Request $request ) {
 	 */
 	public function require_token() {
 		$require_token  = true;
-		$request_uri    = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( $_SERVER['REQUEST_URI'] ) : false;
-		$request_method = isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( $_SERVER['REQUEST_METHOD'] ) : false;
+		$request_uri    = isset( $_SERVER['REQUEST_URI'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : false;
+		$request_method = isset( $_SERVER['REQUEST_METHOD'] ) ? sanitize_text_field( wp_unslash( $_SERVER['REQUEST_METHOD'] ) ) : false;
 
 		// User is already authenticated.
 		$user = wp_get_current_user();
@@ -777,11 +777,11 @@ public function validate_token() {
 	public function get_auth_header() {
 
 		// Get HTTP Authorization Header.
-		$header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? sanitize_text_field( $_SERVER['HTTP_AUTHORIZATION'] ) : false;
+		$header = isset( $_SERVER['HTTP_AUTHORIZATION'] ) ? sanitize_text_field( wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ) ) : false;
 
 		// Check for alternative header.
 		if ( ! $header && isset( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) ) {
-			$header = sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] );
+			$header = sanitize_text_field( wp_unslash( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ) );
 		}
 
 		// The HTTP Authorization Header is missing, return an error.