Merge pull request #76 from Kit/updated-coding-standards

Use `WordPress` Coding Standards ruleset

Author: n7studios

LICENSE

@@ -489,7 +489,7 @@ private function get_referrer_url( $form_data ) {
 
 		// If the request includes the page_url, return that URL.
 		if ( array_key_exists( 'page_url', $_REQUEST ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
-			return esc_url( $_REQUEST['page_url'] ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended
+			return esc_url( sanitize_text_field( wp_unslash( $_REQUEST['page_url'] ) ) ); // phpcs:ignore WordPress.Security.NonceVerification.Recommended
 		}
 
 		// Return the AJAX URL.
@@ -715,7 +715,7 @@ public function maybe_display_notice() {
 				sprintf(
 					'%s %s',
 					esc_html__( 'Kit: ', 'integrate-convertkit-wpforms' ),
-					sanitize_text_field( $_REQUEST['error_description'] ) // phpcs:ignore WordPress.Security.NonceVerification
+					sanitize_text_field( wp_unslash( $_REQUEST['error_description'] ) ) // phpcs:ignore WordPress.Security.NonceVerification
 				)
 			);
 		}
@@ -733,7 +733,7 @@ public function maybe_get_and_store_access_token() {
 		if ( ! array_key_exists( 'page', $_REQUEST ) ) { // phpcs:ignore WordPress.Security.NonceVerification
 			return;
 		}
-		if ( $_REQUEST['page'] !== 'wpforms-settings' ) { // phpcs:ignore WordPress.Security.NonceVerification
+		if ( sanitize_text_field( wp_unslash( $_REQUEST['page'] ) ) !== 'wpforms-settings' ) { // phpcs:ignore WordPress.Security.NonceVerification
 			return;
 		}
 
@@ -750,7 +750,7 @@ public function maybe_get_and_store_access_token() {
 		}
 
 		// Sanitize token.
-		$authorization_code = sanitize_text_field( $_REQUEST['code'] ); // phpcs:ignore WordPress.Security.NonceVerification
+		$authorization_code = sanitize_text_field( wp_unslash( $_REQUEST['code'] ) ); // phpcs:ignore WordPress.Security.NonceVerification
 
 		// Exchange the authorization code and verifier for an access token.
 		$api    = new Integrate_ConvertKit_WPForms_API(
@@ -843,7 +843,7 @@ public function delete_resource_cache() {
 		}
 
 		// Sanitize data.
-		$account_id = sanitize_text_field( $_POST['key'] );
+		$account_id = sanitize_text_field( wp_unslash( $_POST['key'] ) );
 
 		// Get API instance.
 		$api = $this->get_api_instance( $account_id );

includes/class-integrate-convertkit-wpforms.php

@@ -1,5 +1,11 @@
 <?php
 /**
+ * Kit (formerly ConvertKit) for WPForms Plugin.
+ *
+ * @package ConvertKit
+ * @author ConvertKit
+ *
+ * @wordpress-plugin
  * Plugin Name: Kit (formerly ConvertKit) for WPForms
  * Plugin URI:  https://kit.com
  * Description: Create Kit signup forms using WPForms
@@ -8,22 +14,8 @@
  * Author URI:  https://kit.com
  * Text Domain: integrate-convertkit-wpforms
  * Domain Path: /languages
- * License:     GPLv2 or later
- * License URI: http://www.gnu.org/licenses/gpl-2.0.html
- *
- * This program is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License version 2, as published by the
- * Free Software Foundation.  You may NOT assume that you can use any other
- * version of the GPL.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE.
- *
- * @package    Integrate_ConvertKit_WPForms
- * @since      1.0.0
- * @copyright  Copyright (c) 2017, Bill Erickson
- * @license    GPL-2.0+
+ * License:     GPLv3 or later
+ * License URI: https://www.gnu.org/licenses/gpl-3.0.html
  */
 
 // Exit if accessed directly.

integrate-convertkit-wpforms.php

@@ -1,5 +1,5 @@
 # Copyright (C) 2025 Kit
-# This file is distributed under the GPLv2 or later.
+# This file is distributed under the GPLv3 or later.
 msgid ""
 msgstr ""
 "Project-Id-Version: Kit (formerly ConvertKit) for WPForms 1.7.9\n"
@@ -9,7 +9,7 @@ msgstr ""
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
-"POT-Creation-Date: 2025-01-23T02:49:51+00:00\n"
+"POT-Creation-Date: 2025-02-25T02:11:41+00:00\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "X-Generator: WP-CLI 2.10.0\n"
 "X-Domain: integrate-convertkit-wpforms\n"

languages/integrate-convertkit-wpforms.pot

@@ -10,8 +10,8 @@
 	<!-- Exclude minified Javascript files. -->
 	<exclude-pattern>*.min.js</exclude-pattern>
 
-	<!-- Check that code meets WordPress-Extra standards. -->
-	<rule ref="WordPress-Extra">
+	<!-- Check that code meets WordPress standards - this includes core, docs and extra. -->
+	<rule ref="WordPress">
 		<!--
 		We may want a middle ground though. The best way to do this is add the
 		entire ruleset, then rule by rule, remove ones that don't suit a project.
@@ -29,13 +29,11 @@
 		<exclude name="WordPress.Security.EscapeOutput"/>
 		-->
 		<exclude name="WordPress.PHP.YodaConditions" />
+		<exclude name="WordPress.DB.SlowDBQuery.slow_db_query_meta_query" />
 		<exclude name="PSR2.Methods.FunctionClosingBrace.SpacingBeforeClose" />
 		<exclude name="PSR2.Classes.ClassDeclaration.CloseBraceAfterBody" />
 	</rule>
 
-	<!-- Check that code is documented to WordPress Standards. -->
-	<rule ref="WordPress-Docs"/>
-
 	<!-- Add in some extra rules from other standards. -->
 	<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter"/>
 	<rule ref="Generic.Commenting.Todo"/>

phpcs.xml

@@ -5,8 +5,8 @@ Tags: form, wpforms, convertkit, email, marketing
 Requires at least: 5.0
 Tested up to: 6.7.1
 Stable tag: 1.7.9
-License: GPLv2 or later
-License URI: http://www.gnu.org/licenses/gpl-2.0.html
+License: GPLv3 or later
+License URI: https://www.gnu.org/licenses/gpl-3.0.html
 
 Create Kit signup forms using WPForms
 

readme.txt

@@ -205,7 +205,7 @@ public function testCreatorNetworkRecommendationsWithAJAXEnabled(AcceptanceTeste
 		// Wait for Creator Network Recommendations modal to display.
 		$I->waitForElementVisible('.formkit-modal');
 		$I->switchToIFrame('.formkit-modal iframe');
-		$I->waitForElementVisible('div[data-component="Page"]');
+		$I->waitForElementVisible('main[data-component="Page"]');
 		$I->switchToIFrame();
 
 		// Close the modal.