Skip to content

Commit

Permalink
Optimization and cleaning
Browse files Browse the repository at this point in the history 
Optimization and cleaning based on the recommendations of the WordPress Plugin Review Team
  • Loading branch information
@ham3da
ham3da committed Dec 16, 2022
1 parent 298cbbf commit 49a305a
Show file tree
Hide file tree
Showing 18 changed files with 181 additions and 197 deletions.
15 changes: 9 additions & 6 deletions inc/admin/add-word.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,11 @@ function mdict_add() {
<div class="mdict-lower">

<div class="mdict-alert mdict-critical mdict-text-center">
<h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . $title ?></h3>
<h3 class="mdict-key-status failed"><?php
_e('Moein Dictionary', 'mdict');
_e(' » ', 'mdict');
echo esc_html($title)
?></h3>
<p class="mdict-description">

</p>
Expand All @@ -59,18 +63,17 @@ function mdict_add() {
<div class="mdict-boxes">
<div class="mdict-box">
<form method="post">
<input type="hidden" name="item_id" value="<?php echo $item_id ?>">
<input type="hidden" name="item_id" value="<?php echo esc_attr($item_id) ?>">
<div class="wrap">
<table class="form-table" role="presentation">
<tr>
<th scope="row"><label for="word"><?php _e('Word', 'mdict'); ?></label></th>
<td><input name="word" type="text" id="word" value="<?php echo $word ?>" class="regular-text"></td>
<td><input name="word" type="text" id="word" value="<?php echo sanitize_text_field($word)?>" class="regular-text"></td>
</tr>
<tr>
<th scope="row"><label for="description"><?php _e('Description', 'mdict'); ?></label></th>
<td>
<textarea class="regular-text" id="description" name="description" rows="5" cols="10"><?php echo $des ?></textarea>

<textarea class="regular-text" id="description" name="description" rows="5" cols="10"><?php echo esc_textarea($des) ?></textarea>
</td>
</tr>
</table>
Expand Down Expand Up @@ -145,7 +148,7 @@ function save_func() {
$data_id = $wpdb->insert_id;
do_action('mdict_word_add', $data_id, $data_array);

$url = admin_url('admin.php?page=mdict-add&item_id=' . $data_id);
$url = esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $data_id));
wp_redirect($url);
exit();
}
Expand Down
6 changes: 3 additions & 3 deletions inc/admin/dashboard-template.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,14 @@
<ul>
<li>✔ <?php printf(__('Name: %s', 'mdict'), __('Moein Dictionary(free)', 'mdict')); ?></li>
<li>✔ <?php
echo sprintf(__('Number of available words: %s', 'mdict'), number_format($w_count));
printf(__('Number of available words: %s', 'mdict'), number_format($w_count));
if ($w_count < MDict_SearchTools::get_check_count())
{
echo ' 🔔 <a href="'. admin_url('admin.php?page=mdict-data-intall').'">'.__('Install the data', 'mdict') .'</a>';
?>🔔 <a href="<?php echo esc_url(admin_url('admin.php?page=mdict-data-intall')) ?>"><?php _e('Install the data', 'mdict') ?></a><?php
}
?>
</li>
<li>✔ <?php printf(__('Version: %s', 'mdict'), MDC_PLUGIN_VERSION).' - ' .__('free version', 'mdict'); ?></li>
<li>✔ <?php printf(__('Version: %s', 'mdict'), MDC_PLUGIN_VERSION) . ' - ' . __('free version', 'mdict'); ?></li>

</ul>

Expand Down
10 changes: 4 additions & 6 deletions inc/admin/data-template.php
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
<div id="mdict-plugin-container" class="mdict">
<div class="mdict-lower">

<div class="mdict-alert mdict-critical mdict-text-center">
<h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . __('Data installation', 'mdict') ?></h3>
<h3 class="mdict-key-status failed"><?php _e('Moein Dictionary', 'mdict'); _e(' » ', 'mdict') ; _e('Data installation', 'mdict') ?></h3>
<p class="mdict-description">

</p>
Expand All @@ -12,21 +11,20 @@
<div class="mdict-box">
<div class="wrap">
<table class="form-table" role="presentation">

<?php
for ($index = 1; $index <= 8; $index++)
{
$file_name = 'data_' . $index;
$is_installed = MDict_Import_Data::is_installed($file_name);
?>
<tr>
<th scope="row"><label for="data_<?php echo $index ?>"><?php printf(__('Step %d', 'mdict'), $index); ?></label></th>
<th scope="row"><label for="data_<?php echo esc_attr($index) ?>"><?php printf(__('Part %d', 'mdict'), $index); ?></label></th>
<td>
<?php
if ($index <= 4)
{
?>
<button <?php echo ($is_installed ? 'disabled="disabled"' : '') ?> name="data_<?php echo $index ?>" type="button" id="data_<?php echo $index ?>" data-file_name="<?php echo 'data_' . $index ?>" class="button button-primary mdict-install"><?php ($is_installed ? _e('Installed', 'mdict') : _e('Install', 'mdict')) ?></button>
<button <?php echo ($is_installed ? 'disabled="disabled"' : '') ?> name="data_<?php echo esc_attr($index) ?>" type="button" id="data_<?php echo esc_attr($index) ?>" data-file_name="<?php echo 'data_' . esc_attr($index) ?>" class="button button-primary mdict-install"><?php ($is_installed ? _e('Installed', 'mdict') : _e('Install', 'mdict')) ?></button>
&nbsp;
<progress class="progress_loading" style="display: none"
indeterminate
Expand All @@ -42,7 +40,7 @@
<p>
<?php
$pro_link = '<br><a href="https://www.zhaket.com/web/moien-farhang-plugin">'.__('Go to commercial version', 'mdict').'</a>';
printf(__('This step is only available on the commercial version. %s', 'mdict'), $pro_link);
printf(__('This part is only available on the commercial version. %s', 'mdict'), $pro_link);
?>
</p>
<?php
Expand Down
5 changes: 2 additions & 3 deletions inc/admin/import-data.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ function check_data_installed() {
if ($w_count < MDict_SearchTools::get_check_count())
{
$class = 'notice notice-error';
$message = __('Moein Dictionary data is not fully installed.', 'mdict') . ' 🔔 <a href="' . admin_url('admin.php?page=mdict-data-intall') . '">' . __('Install the data', 'mdict') . '</a>';
$message = __('Moein Dictionary data is not fully installed.', 'mdict') . ' 🔔 <a href="' . esc_url(admin_url('admin.php?page=mdict-data-intall')) . '">' . __('Install the data', 'mdict') . '</a>';
printf('<div class="%1$s"><p>%2$s</p></div>', esc_attr($class), $message);
}
}
Expand Down Expand Up @@ -106,8 +106,7 @@ public static function import($file_name) {

if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
exit();
die( "Failed to connect to MySQL: " . mysqli_connect_error());
}

$utf8 = mysqli_set_charset($con, "utf8");
Expand Down
6 changes: 3 additions & 3 deletions inc/admin/settings-template.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<div class="mdict-lower">

<div class="mdict-alert mdict-critical mdict-text-center">
<h3 class="mdict-key-status failed"><?php echo __('Moein Dictionary', 'mdict') . __(' » ', 'mdict') . __('Settings', 'mdict') ?></h3>
<h3 class="mdict-key-status failed"><?php _e('Moein Dictionary', 'mdict'); _e(' » ', 'mdict'); _e('Settings', 'mdict') ?></h3>
<p class="mdict-description">

</p>
Expand Down Expand Up @@ -59,7 +59,7 @@
foreach ($font_options as $key => $value)
{
?>
<option <?php selected($font_saved, $key) ?> value="<?php echo $key ?>" ><?php echo $value ?></option>
<option <?php selected($font_saved, $key) ?> value="<?php echo esc_attr($key) ?>" ><?php echo esc_html($value) ?></option>
<?php
}
?>
Expand All @@ -70,7 +70,7 @@
<tr>
<th scope="row"><label for="font_size"><?php _e('Font size', 'mdict'); ?></label></th>

<td><input name="font_size" type="number" id="font_size" value="<?php echo $font_size ?>" class="small-text"> px</td>
<td><input name="font_size" type="number" id="font_size" value="<?php echo sanitize_text_field($font_size) ?>" class="small-text"> px</td>

</tr>
</table>
Expand Down
4 changes: 2 additions & 2 deletions inc/admin/settings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ public static function custom_css() {
.mdict a.mdict-word-link,
.mdict h1.card-header
{
font-size: <?php echo $font_size ?>px;
font-size: <?php echo sanitize_text_field($font_size) ?>px;
}
<?php
return ob_get_clean();
Expand Down Expand Up @@ -97,7 +97,7 @@ function wcpl_admin_notice__success() {
function save_func() {

$page = filter_input(INPUT_GET, 'page');
if ('POST' != $_SERVER['REQUEST_METHOD'] || $page != 'mdict-settings')
if ('POST' != sanitize_text_field($_SERVER['REQUEST_METHOD']) || $page != 'mdict-settings')
{
return;
}
Expand Down
2 changes: 1 addition & 1 deletion inc/admin/words-list.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ function words_list() {
?>
<div class="wrap mdict">
<h1 class="wp-heading-inline"><?php _e('List of words', 'mdict'); ?></h1>
<a href="<?php echo admin_url('admin.php?page=mdict-add') ?>" class="page-title-action"><?php _e('Add Word', 'mdict') ?></a>
<a href="<?php echo esc_url(admin_url('admin.php?page=mdict-add')) ?>" class="page-title-action"><?php _e('Add Word', 'mdict') ?></a>
<hr class="wp-header-end">
<form method="post" action="">
<?php
Expand Down
60 changes: 37 additions & 23 deletions inc/admin/words-table.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,15 @@ function __construct() {

if (($action == 'delete') || ( $action2 == 'delete'))
{


$posted_data = filter_input_array(INPUT_POST);

if (isset($posted_data['id']))
{
$ids = implode(',', $posted_data['id']);
$wpdb->query("DELETE FROM $table WHERE `id` IN($ids)");

$wpdb->query($wpdb->prepare("DELETE FROM `$table` WHERE `id` IN(%s)", $ids));

$count = count($posted_data['id']);
add_action('admin_notices', function () use ($count) {
Expand Down Expand Up @@ -85,48 +86,63 @@ function prepare_items() {
$per_page = $this->get_items_per_page('mdict_wl_per_page', 20);
$current_page = $this->get_pagenum();

$offset = ($current_page - 1) * $per_page;

$table_name = $wpdb->prefix . "pn_mdict";
$query = "SELECT * FROM $table_name";
$s = $_REQUEST["s"] ?? '';

if (!empty($s))
{
$query = "SELECT * FROM `$table_name` Where `Word` LIKE '$s'";
}
$s = isset($_REQUEST["s"]) ? sanitize_text_field($_REQUEST["s"]) : '';

$orderby = filter_input(INPUT_GET, 'orderby');
$orderby = !empty($orderby) ? esc_sql($orderby) : 'id';

$order = filter_input(INPUT_GET, 'order');
$order = !empty($order) ? esc_sql($order) : 'ASC';

if (!empty($orderby) & !empty($order))
if (!empty($s))
{
$s = esc_sql($s);

$totalitems = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `$table_name` Where `Word` LIKE '%s'", $s));
$totalpages = ceil($totalitems / $per_page);

if (!empty($orderby) & !empty($order))
{
$this->items = $wpdb->get_results($wpdb->prepare("SELECT * FROM `$table_name` Where `Word` LIKE '%s' ORDER BY $orderby $order LIMIT $offset, $per_page", $s));
}
else
{
$this->items = $wpdb->get_results($wpdb->prepare("SELECT * FROM `$table_name` Where `Word` LIKE '%s' LIMIT $offset, $per_page", $s));
}
}
else
{
$query .= " ORDER BY $orderby $order";
$totalitems = $wpdb->get_var("SELECT COUNT(*) FROM `$table_name`");
$totalpages = ceil($totalitems / $per_page);

if (!empty($orderby) & !empty($order))
{
$this->items = $wpdb->get_results("SELECT * FROM `$table_name` ORDER BY $orderby $order LIMIT $offset, $per_page");
}
else
{
$this->items = $wpdb->get_results("SELECT * FROM `$table_name` LIMIT $offset, $per_page");
}
}


$totalitems = $wpdb->query($query);
$offset = ($current_page - 1) * $per_page;
$totalpages = ceil($totalitems / $per_page);
$query .= " LIMIT $offset, $per_page";
$this->set_pagination_args(array(
"total_items" => $totalitems,
"total_pages" => $totalpages,
"per_page" => $per_page,
));
$this->items = $wpdb->get_results($query);
}

function column_Word($item) {


$actions = array(
'edit' => '<a href="' . admin_url('admin.php?page=mdict-add&item_id=' . $item->id) . '">' . __('Edit', 'mdict') . '</a>',
'edit' => '<a href="' . esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $item->id)) . '">' . __('Edit', 'mdict') . '</a>',
);

$link = '<a href="' . admin_url('admin.php?page=mdict-add&item_id=' . $item->id) . '">' . $item->Word . '</a>';

$link = '<a href="' . esc_url(admin_url('admin.php?page=mdict-add&item_id=' . $item->id)) . '">' . esc_html($item->Word) . '</a>';
return sprintf('%1$s %2$s', '<strong>' . $link . '</strong>', $this->row_actions($actions));
}

Expand All @@ -135,8 +151,6 @@ protected function get_primary_column_name() {
}

function column_Description($item) {


return mdict_get_excerot($item->Description, 10);
}

Expand Down
12 changes: 5 additions & 7 deletions inc/ajax.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,27 +31,25 @@ public static function check_register()
}

public static function import_data() {
$data_file = $_POST['data_file'] ?? null;

$data_file = filter_input(INPUT_POST, 'data_file');
if (!$data_file)
{
return false;
}

$res = MDict_Import_Data::import($data_file);
echo wp_send_json($res);
wp_die();
wp_send_json($res);
}

public static function search_word() {

$word = $_POST['word'] ?? null;
$word = filter_input(INPUT_POST, 'word');
if (!$word)
{
return false;
}
$result = MDict_SearchTools::search_ajax($word);
echo wp_send_json(array('res' => 1, 'data' => $result));
wp_die();
wp_send_json(array('res' => 1, 'data' => $result));
}

}
Expand Down
39 changes: 0 additions & 39 deletions inc/pagination/Pagination.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,45 +2,6 @@

/**
* Pagination
*
* Supplies an API for setting pagination details, and renders the resulting
* pagination markup (html) through the included render.inc.php file.
*
* @note The SEO methods (canonical/rel) were written following Google's
* suggested patterns. Namely, the canoical url excludes any
* peripheral parameters that don't relate to the pagination
* series. Whereas the prev/next rel link tags include any params
* found in the request.
* @author Oliver Nassar <onassar@gmail.com>
* @todo add setter parameter type and range checks w/ exceptions
* @example
* <code>
* // source inclusion
* require_once APP . '/vendors/PHP-Pagination/Pagination.class.php';
*
* // determine page (based on <_GET>)
* $page = isset($_GET['page']) ? ((int) $_GET['page']) : 1;
*
* // instantiate with page and records as constructor parameters
* $pagination = (new Pagination($page, 200));
* $markup = $pagination->parse();
* </code>
* @example
* <code>
* // source inclusion
* require_once APP . '/vendors/PHP-Pagination/Pagination.class.php';
*
* // determine page (based on <_GET>)
* $page = isset($_GET['page']) ? ((int) $_GET['page']) : 1;
*
* // instantiate; set current page; set number of records
* $pagination = (new Pagination());
* $pagination->setCurrent($page);
* $pagination->setTotal(200);
*
* // grab rendered/parsed pagination markup
* $markup = $pagination->parse();
* </code>
*/
class Pagination
{
Expand Down
Loading

0 comments on commit 49a305a

Please sign in to comment.