-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathHelpersEscapeUnitTest.5.inc
More file actions
162 lines (135 loc) · 6.95 KB
/
HelpersEscapeUnitTest.5.inc
File metadata and controls
162 lines (135 loc) · 6.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
<?php
/**
* Template for the Forms Block view.
*
* @package EightshiftForms
*/
// phpcs:set Eightshift.Security.HelpersEscape overriddenClass EightshiftForms\\Helpers\\Helpers
use EightshiftForms\AdminMenus\FormSettingsAdminSubMenu;
use EightshiftForms\CustomPostType\Forms;
use EightshiftForms\Geolocation\Geolocation;
use EightshiftForms\Geolocation\SettingsGeolocation;
use EightshiftForms\Helpers\Helpers;
use EightshiftForms\Helpers\Helper;
use EightshiftForms\Manifest\Manifest;
use EightshiftForms\Settings\Settings\SettingsGeneral;
$manifest = Helpers::getManifest(__DIR__);
$globalManifest = Helpers::getManifest(dirname(__DIR__, 2));
$manifestInvalid = Helpers::getManifest(dirname(__DIR__, 2) . '/components/invalid');
if (!$this->isCheckboxOptionChecked(SettingsGeneral::SETTINGS_GENERAL_DISABLE_DEFAULT_ENQUEUE_SCRIPT_KEY, SettingsGeneral::SETTINGS_GENERAL_DISABLE_DEFAULT_ENQUEUE_KEY)) {
echo Helpers::outputCssVariablesGlobal($globalManifest); // Bad.
}
$blockClass = $attributes['blockClass'] ?? '';
$invalidClass = $manifestInvalid['componentClass'] ?? '';
// Check formPost ID prop.
$formsFormPostId = Helpers::checkAttr('formsFormPostId', $attributes, $manifest);
$formsStyle = Helpers::checkAttr('formsStyle', $attributes, $manifest);
$formsServerSideRender = Helpers::checkAttr('formsServerSideRender', $attributes, $manifest);
$formsFormDataTypeSelector = Helpers::checkAttr('formsFormDataTypeSelector', $attributes, $manifest);
$formsFormGeolocation = Helpers::checkAttr('formsFormGeolocation', $attributes, $manifest);
$formsFormGeolocationAlternatives = Helpers::checkAttr('formsFormGeolocationAlternatives', $attributes, $manifest);
// Override form ID in case we use geolocation but use this feature only on frontend.
if (!$formsServerSideRender) {
$formsFormPostId = \apply_filters(Geolocation::GEOLOCATION_IS_USER_LOCATED, $formsFormPostId, $formsFormGeolocation, $formsFormGeolocationAlternatives);
}
$formsClass = Helpers::classnames([
Helpers::selector($blockClass, $blockClass),
Helpers::selector($formsStyle, $blockClass, '', $formsStyle),
$attributes['className'] ?? '',
]);
// Return nothing if it is on frontend.
if (!$formsServerSideRender && (!$formsFormPostId || get_post_status($formsFormPostId) !== 'publish')) {
return;
}
// Bailout if form post ID is missing.
if ($formsServerSideRender) {
// Missing form ID.
if (!$formsFormPostId) {
$formsClassNotSet = Helpers::selector($blockClass, $blockClass, '', 'not-set');
?>
<div class="<?php echo esc_attr($formsClass); ?> <?php echo esc_attr($formsClassNotSet); ?>">
<img class="<?php echo esc_attr("{$blockClass}__image") ?>" src="<?php echo esc_url(\apply_filters(Manifest::MANIFEST_ITEM, 'cover.png')); ?>" />
<div class="<?php echo esc_attr("{$blockClass}__text") ?>"><?php esc_html_e('Please select form to show from the blocks sidebar.', 'eightshift-forms'); ?></div>
</div>
<?php
return;
}
// Not published or removed at somepoint.
if (get_post_status($formsFormPostId) !== 'publish') {
$formsClassNotPublished = Helpers::selector($blockClass, $invalidClass);
?>
<div class="<?php echo esc_attr($formsClass); ?> <?php echo esc_attr($formsClassNotPublished); ?>">
<svg width="20" height="20" viewBox="0 0 20 20" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M4.71991 1.60974C3.11997 2.29956 2 3.89096 2 5.74394C2 7.70327 3.25221 9.37013 5 9.98788V17C5 17.8284 5.67157 18.5 6.5 18.5C7.32843 18.5 8 17.8284 8 17V9.98788C9.74779 9.37013 11 7.70327 11 5.74394C11 3.78461 9.74779 2.11775 8 1.5V5.74394C8 6.57237 7.32843 7.24394 6.5 7.24394C5.67157 7.24394 5 6.57237 5 5.74394V1.5C4.90514 1.53353 4.81173 1.57015 4.71991 1.60974Z" stroke="currentColor" stroke-width="1.5" stroke-linejoin="round"/>
<path d="M13 13V16C13 17.3807 14.1193 18.5 15.5 18.5V18.5C16.8807 18.5 18 17.3807 18 16V13M13 13V10.5H14M13 13H18M18 13V10.5H17M14 10.5V5.5L13.5 3.5L14 1.5H17L17.5 3.5L17 5.5V10.5M14 10.5H17" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"/>
</svg>
<br />
<b><?php esc_html_e('Form cannot be found', 'eightshift-forms'); ?></b>
<br />
<?php esc_html_e('It might not be published yet or it\'s not available anymore.', 'eightshift-forms'); ?>
</div>
<?php
return;
}
}
?>
<div class="<?php echo esc_attr($formsClass); ?>">
<?php if (is_user_logged_in() && !is_admin()) { ?>
<div class="<?php echo esc_attr("{$blockClass}__edit-wrap") ?>">
<?php if (current_user_can(Forms::POST_CAPABILITY_TYPE)) { ?>
<a class="<?php echo esc_attr("{$blockClass}__edit-link") ?>" href="<?php echo esc_url(Helper::getFormEditPageUrl($formsFormPostId)) ?>">
<span class="<?php echo \esc_attr("{$blockClass}__edit-link-icon dashicons dashicons-edit"); ?> "></span>
<?php esc_html_e('Edit form', 'eightshift-forms'); ?>
</a>
<?php } ?>
<?php if (current_user_can(FormSettingsAdminSubMenu::ADMIN_MENU_CAPABILITY)) { ?>
<a class="<?php echo esc_attr("{$blockClass}__edit-link") ?>" href="<?php echo esc_url(Helper::getSettingsPageUrl($formsFormPostId)) ?>">
<span class="<?php echo \esc_attr("{$blockClass}__edit-link-icon dashicons dashicons-admin-settings"); ?> "></span>
<?php esc_html_e('Edit settings', 'eightshift-forms'); ?>
</a>
<?php } ?>
</div>
<?php } ?>
<?php
// Convert blocks to array.
$blocks = parse_blocks(get_the_content(null, false, $formsFormPostId));
// Bailout if it fails for some reason.
if (!$blocks) {
return;
}
// Iterate blocks an children by passing them form ID.
foreach ($blocks as $key => $block) {
if ($block['blockName'] === $globalManifest['namespace'] . '/form-selector') {
$blocks[$key]['attrs']['formSelectorFormPostId'] = $formsFormPostId;
if (isset($block['innerBlocks'])) {
foreach ($block['innerBlocks'] as $innerKey => $innerBlock) {
$blockName = Helpers::kebabToCamelCase(explode('/', $innerBlock['blockName'])[1]);
$blocks[$key]['innerBlocks'][$innerKey]['attrs']["{$blockName}FormPostId"] = $formsFormPostId;
$blocks[$key]['innerBlocks'][$innerKey]['attrs']["{$blockName}FormDataTypeSelector"] = $formsFormDataTypeSelector;
$blocks[$key]['innerBlocks'][$innerKey]['attrs']["{$blockName}FormServerSideRender"] = $formsServerSideRender;
if (isset($innerBlock['innerBlocks'])) {
foreach ($innerBlock['innerBlocks'] as $inKey => $inBlock) {
$name = Helpers::kebabToCamelCase(explode('/', $inBlock['blockName'])[1]);
if ($name === 'submit') {
$blocks[$key]['innerBlocks'][$innerKey]['innerBlocks'][$inKey]['attrs']["{$name}SubmitServerSideRender"] = $formsServerSideRender;
}
}
}
}
}
}
}
// Render blocks.
foreach ($blocks as $block) {
echo \apply_filters('the_content', \render_block($block)); // Bad.
echo Helpers::render( // Ok.
'accordion',
Helpers::props('accordion', $attributes, [
'accordionContent' => $innerBlockContent
])
);
}
?>
</div>
<?php
// phpcs:set Eightshift.Security.HelpersEscape overriddenClass ''